CloudApp 2.0

[jakemauer]

Hey Martin!

So, Cloud updated their app to 2.0 which now points to https://api.getcloudapp.com for authentication.

I've adjusted my server and HAproxy configuration to serve https requests on 443 with a self-signed certificate, but CloudApp v2 errors out with a NSURLDomainError.

Can you think of any way around this or is CloudApp v1 as good as it's gonna get?

[posativ]

Hey,

yup, they now switched (finally) to SSL. I think you need to trust your self-signed certificate before you can continue to experience another error. Just open Safari and browse https://api.getcloudapp.com and trust the certificate permanently.

But unfortunately they also changed (some parts of?) their API. They no longer use HTTP Digest Auth but HTTP Basic Auth (because now they use a TLS connection). Also, the initial login no longer requests /account but /. Also, they did not update their API documentation.

Here's a quick tcpdump of the initial (failed) login process:

root@morloch ~# ngrep -q -d lo -W byline port 12345
interface: lo (127.0.0.0/255.0.0.0)
filter: (ip or ip6) and ( port 12345 )

T 127.0.0.1:55113 -> 127.0.0.1:12345 [AP]
GET / HTTP/1.0.
Host: localhost:12345.
Connection: close.
Accept: application/vnd.collection+json.
User-Agent: CloudApp/2.0 (155) (Mac OS X 10.9).
Accept-Language: de;q=1, en;q=0.9, ru;q=0.8, ja;q=0.7, fr;q=0.6, es;q=0.5.
Authorization: Basic Zm9vOmJhcg==.
Accept-Encoding: gzip, deflate.
.


T 127.0.0.1:12345 -> 127.0.0.1:55113 [AP]
HTTP/1.0 200 OK.
Content-Type: text/html.
Content-Length: 478.
.

I have no idea yet how to reverse-engineer the new API.