-
Notifications
You must be signed in to change notification settings - Fork 175
/
Copy pathauthenticate.exp
94 lines (91 loc) · 4.71 KB
/
authenticate.exp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
#!/usr/bin/expect -f
# Enable debugging
#exp_internal 1
set force_conservative 0 ;# set to 1 to force conservative mode even if
;# script wasn't run conservatively originally
if {$force_conservative} {
set send_slow {1 .1}
proc send {ignore arg} {
sleep .1
exp_send -s -- $arg
}
}
set timeout -1
spawn -noecho /usr/local/bin/reauth.sh
log_user 0
match_max 100000
expect {
# Activates when account has no trusted numbers
"Please enter two-factor authentication code: " {
exec /usr/local/bin/sendmessage.sh mfacode
send_user "\nWaiting for MFA code...\n"
exec >@stdout 2>@stderr /usr/bin/inotifywait -qq -t 600 -e close_write /tmp/icloudpd/expect_input.txt
set MFACODE [exec cat /tmp/icloudpd/expect_input.txt]
set DATE [clock format [clock seconds] -format {%Y-%m-%d %H:%M:%S}]
send_user "${DATE} INFO MFA code received: ${MFACODE}\n"
send -- "${MFACODE}\r"
# Catches success/failure for received MFA code
expect {
"Failed to verify two-factor authentication code" {
set DATE [clock format [clock seconds] -format {%Y-%m-%d %H:%M:%S}]
send_user "${DATE} ERROR Authentication failed\n"
exec /usr/local/bin/sendmessage.sh failure
}
"The script can now be run without user interaction until 2FA expires" {
set DATE [clock format [clock seconds] -format {%Y-%m-%d %H:%M:%S}]
send_user "${DATE} INFO Authentication successful\n"
exec /usr/local/bin/sendmessage.sh success
}
}
}
"Please enter two-factor authentication code or device index " {
exec /usr/local/bin/sendmessage.sh smschoice
set DATE [clock format [clock seconds] -format {%Y-%m-%d %H:%M:%S}]
send_user "${DATE} INFO Waiting for SMS choice/MFA code...\n"
exec >@stdout 2>@stderr /usr/bin/inotifywait -qq -t 600 -e close_write /tmp/icloudpd/expect_input.txt
set MESSAGE [exec cat /tmp/icloudpd/expect_input.txt]
set DATE [clock format [clock seconds] -format {%Y-%m-%d %H:%M:%S}]
send_user "${DATE} INFO SMS choice/MFA code received: ${MESSAGE}\n"
send -- "${MESSAGE}\r"
expect {
# Catches failure when MFA code is sent immediately
"Failed to verify two-factor authentication code" {
set DATE [clock format [clock seconds] -format {%Y-%m-%d %H:%M:%S}]
send_user "${DATE} ERROR Authentication failed\n"
exec /usr/local/bin/sendmessage.sh failure
}
# Catches success when MFA code is sent immediately
"The script can now be run without user interaction until 2FA expires" {
set DATE [clock format [clock seconds] -format {%Y-%m-%d %H:%M:%S}]
send_user "${DATE} INFO Authentication successful\n"
exec /usr/local/bin/sendmessage.sh success
}
# Catches when index number received instead
"Please enter two-factor authentication code that you received over SMS: " {
exec /usr/local/bin/sendmessage.sh mfacode
set DATE [clock format [clock seconds] -format {%Y-%m-%d %H:%M:%S}]
send_user "${DATE} INFO Waiting for MFA code...\n"
exec >@stdout 2>@stderr /usr/bin/inotifywait -qq -t 600 -e close_write /tmp/icloudpd/expect_input.txt
set MFACODE [exec cat /tmp/icloudpd/expect_input.txt]
set DATE [clock format [clock seconds] -format {%Y-%m-%d %H:%M:%S}]
send_user "${DATE} INFO MFA code received: ${MFACODE}\n"
send -- "${MFACODE}\r"
expect {
# Catches failure for received MFA code
"Failed to verify two-factor authentication code" {
set DATE [clock format [clock seconds] -format {%Y-%m-%d %H:%M:%S}]
send_user "${DATE} ERROR Authentication failed\n"
exec /usr/local/bin/sendmessage.sh failure
}
# Catches success for received MFA code
"The script can now be run without user interaction until 2FA expires" {
set DATE [clock format [clock seconds] -format {%Y-%m-%d %H:%M:%S}]
send_user "${DATE} INFO Authentication successful\n"
exec /usr/local/bin/sendmessage.sh success
}
}
}
}
}
}
expect eof