spaceship 0.24.1 → 0.25.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 50850ceb32b1a3f3d079b3b9ea2fdbd51beadded
-  data.tar.gz: 4d629b20fd53a3e8738c50ec14c58058b62ac944
+  metadata.gz: c8b9baae7a579a3b8791d93715b93f4ab301bdbb
+  data.tar.gz: 846ed6e24a001c17d75a5fb7ec6c551a697927ee
 SHA512:
-  metadata.gz: 720445803f69421d4a57a4da5fc8fd45656e5bc78328df7fb0fe32ae5a651ff4415d6d0592e7cfa3af30734b29d2b8f23a7cd88be86d904128da6b6cfc8e7571
-  data.tar.gz: 0a0ab3274518cd139b1b7a9d675d91f6d9ef8e9d5d1175a9b70e03b0f968d0bc1454d78b36a1b244f486a7391822502db5a72551a5ef9611fac93f4216aa7b14
+  metadata.gz: b56a873a114281b421cc7032582e203097e50e41406699510a4593c941db4cc8e42c77942a402e6acff9a67ab9cea08094ad565931543123989d56d5fa699e44
+  data.tar.gz: db26d7aa79f1ea99432bc45d2c142eddc7a86bc43404fe858a068a5f7296b1094333ac058710b3806e5e29978375732cfb412b10f8507c3f13ec37be42390ddd

data/README.md

@@ -112,6 +112,24 @@ This requires you to install `pry` using `sudo gem install pry`. `pry` is not in
 
 ##### Open [iTunesConnect.md](docs/iTunesConnect.md) for code samples
 
+## 2 Step Verification
+
+When your Apple account has 2 step verification enabled, you'll automatically be asked to verify your identity using your phone. The resulting session will be stored in `~/.spaceship/[email]/cookie`. The session should be valid for about one month, however there is no way to test this without actually waiting for over a month.
+
+Since your CI system probably doesn't allow you to input values (like the verification code), you can use `spaceauth`:
+
+```sh
+spaceauth -u apple@krausefx.com
+```
+
+This will authenticate you and provide a string that can be transfered to your CI system:
+
+```
+export FASTLANE_SESSION='---\n- !ruby/object:HTTP::Cookie\n  name: DES5c148586dfd451e55afbaaa5f62418f91\n  value: HSARMTKNSRVTWFla1+yO4gVPowH17VaaaxPFnUdMUegQZxqy1Ie1c2v6bM1vSOzIbuOmrl/FNenlScsd/NbF7/Lw4cpnL15jsyg0TOJwP32tC/NguPiyOaaaU+jrj4tf4uKdIywVaaaFSRVT\n  domain: idmsa.apple.com\n  for_domain: true\n  path: "/"\n  secure: true\n  httponly: true\n  expires: 2016-04-27 23:55:56.000000000 Z\n  max_age: \n  created_at: 2016-03-28 16:55:57.032086000 -07:00\n  accessed_at: 2016-03-28 19:11:17.828141000 -07:00\n'
+```
+
+Copy everything from `---\n` to your CI server and provide it as environment variable named `FASTLANE_SESSION`. 
+
 ### Spaceship in use
 
 Most [fastlane tools](https://fastlane.tools) already use `spaceship`, like `sigh`, `cert`, `produce`, `pilot` and `boarding`.

data/bin/spaceship

@@ -42,7 +42,7 @@ begin
   puts "Successfully logged in to iTunes Connect".green
   puts ""
 rescue
-  puts "Could not login to iTunes Connect..."
+  puts "Could not login to iTunes Connect...".red
 end
 begin
   puts "Logging into the Developer Portal (#{username})..."
@@ -50,7 +50,7 @@ begin
   puts "Successfully logged in to the Developer Portal".green
   puts ""
 rescue
-  puts "Could not login to the Developer Portal..."
+  puts "Could not login to the Developer Portal...".red
 end
 
 puts "---------------------------------------".green

data/lib/spaceship/client.rb

@@ -148,6 +148,21 @@ module Spaceship
       @cookie.map(&:to_s).join(';')
     end
 
+    def store_cookie(path: nil)
+      path ||= persistent_cookie_path
+
+      # really important to specify the session to true
+      # otherwise myacinfo and more won't be stored
+      @cookie.save(path, :yaml, session: true)
+      return File.read(path)
+    end
+
+    def persistent_cookie_path
+      path = File.expand_path(File.join("~", ".spaceship", self.user, "cookie"))
+      FileUtils.mkdir_p(File.expand_path("..", path))
+      return path
+    end
+
     #####################################################
     # @!group Automatic Paging
     #####################################################
@@ -219,6 +234,90 @@ module Spaceship
       end
     end
 
+    # This method is used for both the Apple Dev Portal and iTunes Connect
+    # This will also handle 2 step verification
+    def send_shared_login_request(user, password)
+      # First we see if we have a stored cookie for 2 step enabled accounts
+      # this is needed as it stores the information on if this computer is a
+      # trusted one. In general I think spaceship clients should be trusted
+      load_session_from_file
+      # If this is a CI, the user can pass the session via environment variable
+      load_session_from_env
+
+      data = {
+        accountName: user,
+        password: password,
+        rememberMe: true
+      }
+
+      begin
+        # The below workaround is only needed for 2 step verified machines
+        # Due to escaping of cookie values we have a little workaround here
+        # By default the cookie jar would generate the following header
+        #   DES5c148...=HSARM.......xaA/O69Ws/CHfQ==SRVT
+        # However we need the following
+        #   DES5c148...="HSARM.......xaA/O69Ws/CHfQ==SRVT"
+        # There is no way to get the cookie jar value with " around the value
+        # so we manually modify the cookie (only this one) to be properly escaped
+        # Afterwards we pass this value manually as a header
+        # It's not enough to just modify @cookie, it needs to be done after self.cookie
+        # as a string operation
+        important_cookie = @cookie.store.entries.find { |a| a.name.include?("DES") }
+        if important_cookie
+          modified_cookie = self.cookie # returns a string of all cookies
+          unescaped_important_cookie = "#{important_cookie.name}=#{important_cookie.value}"
+          escaped_important_cookie = "#{important_cookie.name}=\"#{important_cookie.value}\""
+          modified_cookie.gsub!(unescaped_important_cookie, escaped_important_cookie)
+        end
+
+        response = request(:post) do |req|
+          req.url "https://idmsa.apple.com/appleauth/auth/signin?widgetKey=#{itc_service_key}"
+          req.body = data.to_json
+          req.headers['Content-Type'] = 'application/json'
+          req.headers['X-Requested-With'] = 'XMLHttpRequest'
+          req.headers['Accept'] = 'application/json, text/javascript'
+          req.headers["Cookie"] = modified_cookie if modified_cookie
+        end
+      rescue UnauthorizedAccessError
+        raise InvalidUserCredentialsError.new, "Invalid username and password combination. Used '#{user}' as the username."
+      end
+
+      # get woinst, wois, and itctx cookie values
+      request(:get, "https://itunesconnect.apple.com/WebObjects/iTunesConnect.woa/wa/route?noext")
+      request(:get, "https://itunesconnect.apple.com/WebObjects/iTunesConnect.woa")
+
+      case response.status
+      when 403
+        raise InvalidUserCredentialsError.new, "Invalid username and password combination. Used '#{user}' as the username."
+      when 200
+        return response
+      else
+        if response["Location"] == "/auth" # redirect to 2 step auth page
+          handle_two_step(response)
+          return true
+        elsif (response.body || "").include?('invalid="true"')
+          # User Credentials are wrong
+          raise InvalidUserCredentialsError.new, "Invalid username and password combination. Used '#{user}' as the username."
+        elsif (response['Set-Cookie'] || "").include?("itctx")
+          raise "Looks like your Apple ID is not enabled for iTunes Connect, make sure to be able to login online"
+        else
+          info = [response.body, response['Set-Cookie']]
+          raise ITunesConnectError.new, info.join("\n")
+        end
+      end
+    end
+
+    def itc_service_key
+      return @service_key if @service_key
+      # We need a service key from a JS file to properly auth
+      js = request(:get, "https://itunesconnect.apple.com/itc/static-resources/controllers/login_cntrl.js")
+      @service_key ||= js.body.match(/itcServiceKey = '(.*)'/)[1]
+    end
+
+    #####################################################
+    # @!group Helpers
+    #####################################################
+
     def with_retry(tries = 5, &_block)
       return yield
     rescue Faraday::Error::ConnectionFailed, Faraday::Error::TimeoutError, AppleTimeoutError, Errno::EPIPE => ex # New Faraday version: Faraday::TimeoutError => ex
@@ -339,3 +438,5 @@ module Spaceship
     end
   end
 end
+
+require 'spaceship/two_step_client'

data/lib/spaceship/du/du_client.rb

@@ -34,7 +34,7 @@ module Spaceship
       upload_file(app_version, upload_file, '/upload/purple-video', content_provider_id, sso_token_for_video)
     end
 
-    def upload_video_preview(app_version, upload_file, content_provider_id, sso_token_for_image)
+    def upload_trailer_preview(app_version, upload_file, content_provider_id, sso_token_for_image)
       upload_file(app_version, upload_file, '/upload/app-screenshot-image', content_provider_id, sso_token_for_image)
     end
 

data/lib/spaceship/du/upload_file.rb

@@ -12,12 +12,15 @@ module Spaceship
     class << self
       def from_path(path)
         raise "Image must exists at path: #{path}" unless File.exist?(path)
+
+        # md5 from original. keeping track of md5s allows to skip previously uploaded in deliver
+        content_md5 = Spaceship::Utilities.md5digest(path)
         path = remove_alpha_channel(path) if File.extname(path).casecmp('.png').zero?
 
         content_type = Utilities.content_type(path)
         self.new(
           file_path: path,
-          file_name: File.basename(path),
+          file_name: 'ftl_' + content_md5 + '_' + File.basename(path),
           file_size: File.size(path),
           content_type: content_type,
           bytes: File.read(path)

data/lib/spaceship/du/utilities.rb

@@ -70,6 +70,11 @@ module Spaceship
       [res[1].to_i, res[2].to_i]
     end
 
-    module_function :content_type, :grab_video_preview, :portrait?, :resolution, :video_resolution
+    # @return (String) md5 checksum of given file
+    def md5digest(file_path)
+      Digest::MD5.hexdigest(File.read(file_path))
+    end
+
+    module_function :content_type, :grab_video_preview, :portrait?, :resolution, :video_resolution, :md5digest
   end
 end

data/lib/spaceship/portal/portal_client.rb

@@ -32,29 +32,17 @@ module Spaceship
     end
 
     def send_login_request(user, password)
-      response = request(:post, "https://idmsa.apple.com/IDMSWebAuth/authenticate", {
-        appleId: user,
-        accountPassword: password,
-        appIdKey: api_key
-      })
-
-      if (response.body || "").include?("Your Apple ID or password was entered incorrectly")
-        # User Credentials are wrong
-        raise InvalidUserCredentialsError.new, "Invalid username and password combination. Used '#{user}' as the username."
-      elsif (response.body || "").include?("Verify your identity")
-        raise "spaceship / fastlane doesn't support 2 step enabled accounts yet. Please temporary disable 2 step verification until spaceship was updated."
-      end
-
-      case response.status
-      when 302
-        return response
-      when 200
-        raise InvalidUserCredentialsError.new, "Invalid username and password combination. Used '#{user}' as the username."
-      else
-        # Something went wrong. Was it invalid credentials or server issue
-        info = [response.body, response['Set-Cookie']]
-        raise UnexpectedResponse.new, info.join("\n")
-      end
+      response = send_shared_login_request(user, password)
+      return response if self.cookie.include?("myacinfo")
+
+      # When the user has 2 step enabled, we might have to call this method again
+      # This only occurs when the user doesn't have a team on iTunes Connect
+      # For 2 step verification we use the iTunes Connect back-end
+      # which is enough to get the DES... cookie, however we don't get a valid
+      # myacinfo cookie at that point. That means, after getting the DES... cookie
+      # we have to send the login request again. This will then get us a valid myacinfo
+      # cookie, additionally to the DES... cookie
+      return send_shared_login_request(user, password)
     end
 
     # @return (Array) A list of all available teams

data/lib/spaceship/tunes/app_version.rb

@@ -237,7 +237,7 @@ module Spaceship
       # })
       #
       # Available Values
-      # https://github.com/KrauseFx/deliver/blob/master/Reference.md
+      # https://github.com/fastlane/fastlane/blob/master/deliver/Reference.md
       def update_rating(hash)
         raise "Must be a hash" unless hash.kind_of?(Hash)
 
@@ -457,6 +457,18 @@ module Spaceship
         client.release!(self.application.apple_id, self.version_id)
       end
 
+      #####################################################
+      # @!group Promo codes
+      #####################################################
+      def generate_promocodes!(quantity)
+        data = client.generate_app_version_promocodes!(
+          app_id: self.application.apple_id,
+          version_id: self.version_id,
+          quantity: quantity
+        )
+        Tunes::AppVersionGeneratedPromocodes.factory(data)
+      end
+
       # These methods takes care of properly parsing values that
       # are not returned in the right format, e.g. boolean as string
       def release_on_approval

data/lib/spaceship/tunes/app_version_generated_promocodes.rb

@@ -0,0 +1,35 @@
+module Spaceship
+  module Tunes
+    # Represents the information about the generation of promocodes
+    class AppVersionGeneratedPromocodes < TunesBase
+      # @return
+      attr_reader :effective_date
+      attr_reader :expiration_date
+      attr_reader :username
+      # the AppVersionPromocodes this relates to
+      attr_reader :version
+      # Array of String
+      attr_reader :codes
+
+      attr_mapping({
+        'effectiveDate' => :effective_date,
+        'expirationDate' => :expiration_date,
+        'username' => :username
+      })
+
+      class << self
+        # Create a new object based on a hash.
+        # This is used to create a new object based on the server response.
+        def factory(attrs)
+          obj = self.new(attrs)
+          return obj
+        end
+      end
+
+      def setup
+        @version = Tunes::AppVersionPromocodes.factory(raw_data['version'])
+        @codes = raw_data['codes']
+      end
+    end
+  end
+end

data/lib/spaceship/tunes/app_version_promocodes.rb

@@ -0,0 +1,34 @@
+module Spaceship
+  module Tunes
+    # Represents the information about remaining number of promo codes for an app version
+    class AppVersionPromocodes < TunesBase
+      # @return
+      attr_reader :app_id
+      attr_reader :app_name
+      attr_reader :version
+      attr_reader :platform
+      attr_reader :number_of_codes
+      attr_reader :maximum_number_of_codes
+      attr_reader :contract_file_name
+
+      attr_mapping({
+        'id' => :app_id,
+        'appName' => :app_name,
+        'version' => :version,
+        'platform' => :platform,
+        'numberOfCodes' => :number_of_codes,
+        'maximumNumberOfCodes' => :maximum_number_of_codes,
+        'contractFileName' => :contract_file_name
+      })
+
+      class << self
+        # Create a new object based on a hash.
+        # This is used to create a new object based on the server response.
+        def factory(attrs)
+          obj = self.new(attrs)
+          return obj
+        end
+      end
+    end
+  end
+end

data/lib/spaceship/tunes/application.rb

@@ -376,6 +376,23 @@ module Spaceship
         tester.remove_from_app!(self.apple_id)
       end
 
+      #####################################################
+      # @!group Promo codes
+      #####################################################
+      def promocodes
+        data = client.app_promocodes(app_id: self.apple_id)
+        data.map do |attrs|
+          Tunes::AppVersionPromocodes.factory(attrs)
+        end
+      end
+
+      def promocodes_history
+        data = client.app_promocodes_history(app_id: self.apple_id)
+        data.map do |attrs|
+          Tunes::AppVersionGeneratedPromocodes.factory(attrs)
+        end
+      end
+
       # private to module
       def ensure_not_a_bundle
         # we only support applications

data/lib/spaceship/tunes/build.rb

@@ -162,6 +162,7 @@ module Spaceship
       #     last_name: "Krause",
       #     review_email: "Contact email address for Apple",
       #     phone_number: "0128383383",
+      #     review_notes: "Review notes"
       #
       #   # Optional Metadata:
       #     privacy_policy_url: nil,
@@ -170,36 +171,18 @@ module Spaceship
       #     review_password: nil,
       #     encryption: false
       #  }
+      # Note that iTC will pull a lot of this information from previous builds or the app store information,
+      # all of the required values must be set either in this hash or automatically for this to work
       def submit_for_beta_review!(metadata)
         parameters = {
           app_id: self.apple_id,
           train: self.train_version,
           build_number: self.build_version,
-          platform: self.platform,
-
-          # Required Metadata:
-          changelog: "No changelog provided",
-          description: "No app description provided",
-          feedback_email: "contact@company.com",
-          marketing_url: "http://marketing.com",
-          first_name: "Felix",
-          last_name: "Krause",
-          review_email: "contact@company.com",
-          phone_number: "0123456789",
-          significant_change: false,
-
-          # Optional Metadata:
-          privacy_policy_url: nil,
-          review_user_name: nil,
-          review_password: nil,
-          encryption: false
+          platform: self.platform
         }.merge(metadata)
 
         client.submit_testflight_build_for_review!(parameters)
 
-        # Last, enable beta testing for this train (per iTC requirement). This will fail until the app has been approved for beta testing
-        self.build_train.update_testing_status!(true, 'external', self)
-
         return parameters
       end
 

data/lib/spaceship/tunes/recovery_device.rb

@@ -0,0 +1,69 @@
+module Spaceship
+  module Tunes
+    class RecoveryDevice < TunesBase
+      # @return (String) ID provided by Apple
+      # @example
+      #   "1801231651"
+      attr_accessor :device_id
+
+      # @return (String) The name of the device
+      # @example
+      #   "Felix Krause's iPhone 6"
+      attr_accessor :name
+
+      # @return (Bool) This device looks suspicious [add emoji here]
+      #   this will probably always be true, otherwise the device
+      #   doesn't show up
+      # @example
+      #   true
+      attr_accessor :trusted
+
+      # @return (Bool)
+      # @example
+      #   true
+      attr_accessor :status
+
+      # @return (String) Remote URL to an image representing this device
+      #   This shows the attention to detail by Apple <3
+      # @example
+      #   "https://appleid.cdn-apple.com/static/deviceImages-5.0/iPhone/iPhone8,1-e4e7e8-dadcdb/online-sourcelist__3x.png"
+      # @example
+      #   "https://appleid.cdn-apple.com/appleauth/static/bin/cb2613252489/images/sms@3x.png"
+      attr_accessor :device_image
+
+      # @return (String)
+      # @example
+      #   "iPad Air"
+      # @example
+      #   nil # e.g. when it's a phone number
+      attr_accessor :model_name
+
+      # @return (String)
+      # @example
+      #   "79"
+      attr_accessor :last_two_digits
+
+      # @return (Number)
+      # @example
+      #   1446488271926
+      attr_accessor :update_date
+
+      attr_mapping(
+        'id' => :device_id,
+        'name' => :name,
+        'trusted' => :trusted,
+        'status' => :status,
+        'imageLocation3x' => :device_image,
+        'modelName' => :model_name,
+        'lastTwoDigits' => :last_two_digits,
+        'updateDate' => :update_date
+      )
+
+      class << self
+        def factory(attrs)
+          return self.new(attrs)
+        end
+      end
+    end
+  end
+end

data/lib/spaceship/tunes/tunes.rb

@@ -23,6 +23,10 @@ require 'spaceship/tunes/app_trailer'
 require 'spaceship/tunes/tester'
 require 'spaceship/tunes/app_details'
 require 'spaceship/tunes/pricing_tier'
+require 'spaceship/tunes/recovery_device'
+
+require 'spaceship/tunes/app_version_promocodes'
+require 'spaceship/tunes/app_version_generated_promocodes'
 
 # File Uploads
 require 'spaceship/du/utilities'

data/lib/spaceship/tunes/tunes_client.rb

@@ -116,56 +116,9 @@ module Spaceship
       end
     end
 
-    def service_key
-      return @service_key if @service_key
-      # We need a service key from a JS file to properly auth
-      js = request(:get, "https://itunesconnect.apple.com/itc/static-resources/controllers/login_cntrl.js")
-      @service_key ||= js.body.match(/itcServiceKey = '(.*)'/)[1]
-    end
-
     def send_login_request(user, password)
       clear_user_cached_data
-
-      data = {
-        accountName: user,
-        password: password,
-        rememberMe: true
-      }
-
-      begin
-        response = request(:post) do |req|
-          req.url "https://idmsa.apple.com/appleauth/auth/signin?widgetKey=#{service_key}"
-          req.body = data.to_json
-          req.headers['Content-Type'] = 'application/json'
-          req.headers['X-Requested-With'] = 'XMLHttpRequest'
-          req.headers['Accept'] = 'application/json, text/javascript'
-        end
-      rescue UnauthorizedAccessError
-        raise InvalidUserCredentialsError.new, "Invalid username and password combination. Used '#{user}' as the username."
-      end
-
-      # get woinst, wois, and itctx cookie values
-      request(:get, "https://itunesconnect.apple.com/WebObjects/iTunesConnect.woa/wa/route?noext")
-      request(:get, "https://itunesconnect.apple.com/WebObjects/iTunesConnect.woa")
-
-      case response.status
-      when 403
-        raise InvalidUserCredentialsError.new, "Invalid username and password combination. Used '#{user}' as the username."
-      when 200
-        return response
-      else
-        if response["Location"] == "/auth" # redirect to 2 step auth page
-          raise "spaceship / fastlane doesn't support 2 step enabled accounts yet. Please temporary disable 2 step verification until spaceship was updated."
-        elsif (response.body || "").include?('invalid="true"')
-          # User Credentials are wrong
-          raise InvalidUserCredentialsError.new, "Invalid username and password combination. Used '#{user}' as the username."
-        elsif (response['Set-Cookie'] || "").include?("itctx")
-          raise "Looks like your Apple ID is not enabled for iTunes Connect, make sure to be able to login online"
-        else
-          info = [response.body, response['Set-Cookie']]
-          raise ITunesConnectError.new, info.join("\n")
-        end
-      end
+      send_shared_login_request(user, password)
     end
 
     # rubocop:disable Metrics/CyclomaticComplexity
@@ -178,7 +131,8 @@ module Spaceship
 
       if data.fetch('sectionErrorKeys', []).count == 0 and
          data.fetch('sectionInfoKeys', []).count == 0 and
-         data.fetch('sectionWarningKeys', []).count == 0
+         data.fetch('sectionWarningKeys', []).count == 0 and
+         data.fetch('validationErrors', []).count == 0
 
         logger.debug("Request was successful")
       end
@@ -203,7 +157,8 @@ module Spaceship
       end
 
       errors = handle_response_hash.call(data)
-      errors += data.fetch('sectionErrorKeys') if data['sectionErrorKeys']
+      errors += data.fetch('sectionErrorKeys', [])
+      errors += data.fetch('validationErrors', [])
 
       # Sometimes there is a different kind of error in the JSON response
       # e.g. {"warn"=>nil, "error"=>["operation_failed"], "info"=>nil}
@@ -556,6 +511,9 @@ module Spaceship
     def update_build_trains!(app_id, testing_type, data)
       raise "app_id is required" unless app_id
 
+      # The request fails if this key is present in the data
+      data.delete("dailySubmissionCountByPlatform")
+
       r = request(:post) do |req|
         req.url "ra/apps/#{app_id}/testingTypes/#{testing_type}/trains/"
         req.body = data.to_json
@@ -622,6 +580,7 @@ module Spaceship
       handle_itc_response(r.body)
     end
 
+    # rubocop:disable Metrics/ParameterLists
     def submit_testflight_build_for_review!(app_id: nil, train: nil, build_number: nil, platform: 'ios',
                                             # Required Metadata:
                                             changelog: nil,
@@ -638,6 +597,7 @@ module Spaceship
                                             privacy_policy_url: nil,
                                             review_user_name: nil,
                                             review_password: nil,
+                                            review_notes: nil,
                                             encryption: false)
 
       build_info = get_build_info_for_review(app_id: app_id, train: train, build_number: build_number, platform: platform)
@@ -660,6 +620,7 @@ module Spaceship
       build_info['testInfo']['reviewEmail']['value'] = review_email if review_email
       build_info['testInfo']['reviewUserName']['value'] = review_user_name if review_user_name
       build_info['testInfo']['reviewPassword']['value'] = review_password if review_password
+      build_info['testInfo']['reviewNotes']['value'] = review_notes if review_notes
 
       r = request(:post) do |req| # same URL, but a POST request
         req.url "ra/apps/#{app_id}/platforms/#{platform}/trains/#{train}/builds/#{build_number}/submit/start"
@@ -677,6 +638,7 @@ module Spaceship
                                    encryption_info: encryption_info,
                                    encryption: encryption)
     end
+    # rubocop:enable Metrics/ParameterLists
 
     def get_build_info_for_review(app_id: nil, train: nil, build_number: nil, platform: 'ios')
       r = request(:get) do |req|
@@ -864,6 +826,33 @@ module Spaceship
       parse_response(r, 'data')
     end
 
+    #####################################################
+    # @!group Promo codes
+    #####################################################
+    def app_promocodes(app_id: nil)
+      r = request(:get, "ra/apps/#{app_id}/promocodes/versions")
+      parse_response(r, 'data')['versions']
+    end
+
+    def generate_app_version_promocodes!(app_id: nil, version_id: nil, quantity: nil)
+      data = {
+        numberOfCodes: { value: quantity },
+        agreedToContract: { value: true }
+      }
+      url = "ra/apps/#{app_id}/promocodes/versions/#{version_id}"
+      r = request(:post) do |req|
+        req.url url
+        req.body = data.to_json
+        req.headers['Content-Type'] = 'application/json'
+      end
+      parse_response(r, 'data')
+    end
+
+    def app_promocodes_history(app_id: nil)
+      r = request(:get, "ra/apps/#{app_id}/promocodes/history")
+      parse_response(r, 'data')['requests']
+    end
+
     private
 
     def with_tunes_retry(tries = 5, &_block)

data/lib/spaceship/two_step_client.rb

@@ -0,0 +1,155 @@
+module Spaceship
+  class Client
+    def handle_two_step(response)
+      @x_apple_web_session_token = response["x-apple-web-session-token"]
+      @scnt = response["scnt"]
+
+      r = request(:get) do |req|
+        req.url "https://idmsa.apple.com/appleauth/auth"
+        req.headers["scnt"] = @scnt
+        req.headers["X-Apple-Web-Session-Token"] = @x_apple_web_session_token
+        req.headers["Accept"] = "application/json"
+      end
+
+      if r.body.kind_of?(Hash) && r.body["trustedDevices"].kind_of?(Array)
+        if r.body.fetch("securityCode", {})["tooManyCodesLock"].to_s.length > 0
+          raise ITunesConnectError.new, "Too many verification codes have been sent. Enter the last code you received, use one of your devices, or try again later."
+        end
+
+        old_client = (begin
+                        Tunes::RecoveryDevice.client
+                      rescue
+                        nil # since client might be nil, which raises an exception
+                      end)
+        Tunes::RecoveryDevice.client = self # temporary set it as it's required by the factory method
+        devices = r.body["trustedDevices"].collect do |current|
+          Tunes::RecoveryDevice.factory(current)
+        end
+        Tunes::RecoveryDevice.client = old_client
+
+        puts "Two Step Verification for account '#{self.user}' is enabled"
+        puts "Please select a device to verify your identity"
+        available = devices.collect do |c|
+          "#{c.name}\t#{c.model_name || 'SMS'}\t(#{c.device_id})"
+        end
+        result = choose(*available)
+        device_id = result.match(/.*\t.*\t\((.*)\)/)[1]
+        select_device(r, device_id)
+      else
+        raise "Invalid 2 step response #{r.body}"
+      end
+    end
+
+    # Only needed for 2 step
+    def load_session_from_file
+      if File.exist?(persistent_cookie_path)
+        puts "Loading session from '#{persistent_cookie_path}'" if $verbose
+        @cookie.load(persistent_cookie_path)
+        return true
+      end
+      return false
+    end
+
+    def load_session_from_env
+      yaml_text = ENV["FASTLANE_SESSION"] || ENV["SPACESHIP_SESSION"]
+      return if yaml_text.to_s.length == 0
+      puts "Loading session from environment variable" if $verbose
+
+      file = Tempfile.new('cookie.yml')
+      file.write(yaml_text.gsub("\\n", "\n"))
+      file.close
+
+      begin
+        @cookie.load(file.path)
+      rescue => ex
+        puts "Error loading session from environment"
+        puts "Make sure to pass the session in a valid format"
+        raise ex
+      ensure
+        file.unlink
+      end
+    end
+
+    def select_device(r, device_id)
+      # Request Token
+      r = request(:put) do |req|
+        req.url "https://idmsa.apple.com/appleauth/auth/verify/device/#{device_id}/securitycode"
+        req.headers["Accept"] = "application/json"
+        req.headers["scnt"] = @scnt
+        req.headers["X-Apple-Web-Session-Token"] = @x_apple_web_session_token
+      end
+
+      # we use `Spaceship::TunesClient.new.handle_itc_response`
+      # since this might be from the Dev Portal, but for 2 step
+      Spaceship::TunesClient.new.handle_itc_response(r.body)
+
+      puts "Successfully requested notification"
+      code = ask("Please enter the 4 digit code: ")
+      puts "Requesting session..."
+
+      # Send token back to server to get a valid session
+      r = request(:post) do |req|
+        req.url "https://idmsa.apple.com/appleauth/auth/verify/device/#{device_id}/securitycode"
+        req.headers["Accept"] = "application/json"
+        req.headers["scnt"] = @scnt
+        req.headers["X-Apple-Web-Session-Token"] = @x_apple_web_session_token
+        req.body = { "code" => code.to_s }.to_json
+        req.headers['Content-Type'] = 'application/json'
+      end
+
+      begin
+        Spaceship::TunesClient.new.handle_itc_response(r.body) # this will fail if the code is invalid
+      rescue => ex
+        # If the code was entered wrong
+        # {
+        #   "securityCode": {
+        #     "code": "1234"
+        #   },
+        #   "securityCodeLocked": false,
+        #   "recoveryKeyLocked": false,
+        #   "recoveryKeySupported": true,
+        #   "manageTrustedDevicesLinkName": "appleid.apple.com",
+        #   "suppressResend": false,
+        #   "authType": "hsa",
+        #   "accountLocked": false,
+        #   "validationErrors": [{
+        #     "code": "-21669",
+        #     "title": "Incorrect Verification Code",
+        #     "message": "Incorrect verification code."
+        #   }]
+        # }
+        if ex.to_s.include?("verification code") # to have a nicer output
+          puts "Error: Incorrect verification code"
+          return select_device(r, device_id)
+        end
+
+        raise ex
+      end
+
+      # If the request was successful, r.body is actually nil
+      # The previous request will fail if the user isn't on a team
+      # on iTunes Connect, but it still works, so we're good
+
+      # Tell iTC that we are trustworthy (obviously)
+      # This will update our local cookies to something new
+      # They probably have a longer time to live than the other poor cookies
+      # Changed Keys
+      # - myacinfo
+      # - DES5c148586dfd451e55afb0175f62418f91
+      # We actually only care about the DES value
+
+      request(:get) do |req|
+        req.url "https://idmsa.apple.com/appleauth/auth/2sv/trust"
+        req.headers["scnt"] = @scnt
+        req.headers["X-Apple-Web-Session-Token"] = @x_apple_web_session_token
+      end
+      # This request will fail if the user isn't added to a team on iTC
+      # However we don't really care, this request will still return the
+      # correct DES... cookie
+
+      self.store_cookie
+
+      return true
+    end
+  end
+end

data/lib/spaceship/version.rb

@@ -1,3 +1,3 @@
 module Spaceship
-  VERSION = "0.24.1".freeze
+  VERSION = "0.25.0".freeze
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: spaceship
 version: !ruby/object:Gem::Version
-  version: 0.24.1
+  version: 0.25.0
 platform: ruby
 authors:
 - Felix Krause
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-03-24 00:00:00.000000000 Z
+date: 2016-04-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: credentials_manager
@@ -137,6 +137,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry-byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -193,6 +207,34 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: diff_matcher
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: multi_json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -306,7 +348,9 @@ files:
 - lib/spaceship/tunes/app_trailer.rb
 - lib/spaceship/tunes/app_version.rb
 - lib/spaceship/tunes/app_version_common.rb
+- lib/spaceship/tunes/app_version_generated_promocodes.rb
 - lib/spaceship/tunes/app_version_history.rb
+- lib/spaceship/tunes/app_version_promocodes.rb
 - lib/spaceship/tunes/app_version_ref.rb
 - lib/spaceship/tunes/app_version_states_history.rb
 - lib/spaceship/tunes/application.rb
@@ -318,6 +362,7 @@ files:
 - lib/spaceship/tunes/language_item.rb
 - lib/spaceship/tunes/pricing_tier.rb
 - lib/spaceship/tunes/processing_build.rb
+- lib/spaceship/tunes/recovery_device.rb
 - lib/spaceship/tunes/spaceship.rb
 - lib/spaceship/tunes/tester.rb
 - lib/spaceship/tunes/transit_app_file.rb
@@ -325,6 +370,7 @@ files:
 - lib/spaceship/tunes/tunes_base.rb
 - lib/spaceship/tunes/tunes_client.rb
 - lib/spaceship/tunes/user_detail.rb
+- lib/spaceship/two_step_client.rb
 - lib/spaceship/ui.rb
 - lib/spaceship/version.rb
 homepage: https://fastlane.tools
@@ -347,7 +393,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.4.0
 signing_key: 
 specification_version: 4
 summary: Because you would rather spend your time building stuff than fighting provisioning