aperfect · May 26, 2023 09:14
diff --git a/CloudKit.rb b/CloudKit.rb
 #!/usr/bin/env ruby

 # CloudKit public database connection with server-to-server
 # See https://developer.apple.com/library/archive/documentation/DataManagement/Conceptual/CloudKitWebServicesReference/SettingUpWebServices.html#//apple_ref/doc/uid/TP40015240-CH24-SW6

 require 'time'
 require 'openssl'
 require 'digest'
 require 'json'
 require 'base64'
 require 'uri'
 require 'net/http'

 # class Cloudkit

 	CK_PEM_STRING = """
 -----BEGIN EC PRIVATE KEY-----
 YOUR PRIVATE KEY
 -----END EC PRIVATE KEY-----
 	"""
 	CK_SERVICE_BASE = "https://api.apple-cloudkit.com"
 	CK_KEY_ID = "YOUR_CLOUDKIT_KEY_ID"

 	def signature_for_request(body_json, url, iso8601_date)
 		puts "body_json: #{body_json}"
 		body_sha_hash = Digest::SHA256.digest body_json

 		payload_for_signature = [iso8601_date, Base64.strict_encode64(body_sha_hash), url].join(':')
 		puts "payload_for_signature: #{payload_for_signature}"

 		OpenSSL::PKey::EC.send(:alias_method, :private?, :private_key?)

 		ec = OpenSSL::PKey::EC.new(CK_PEM_STRING)
 		puts "ec: #{ec}"
 		digest = OpenSSL::Digest::SHA256.new
 		puts "digest: #{digest}"
 		signature = ec.sign(digest, payload_for_signature)
 		puts "signature: #{signature}"
 		base64_signature = Base64.strict_encode64(signature)
 		puts "base64_signature: #{base64_signature}"

 		return base64_signature
 	end

 	def perform_request_for(body, url, iso8601_date)
 		body = body.to_s
 		signature = self.signature_for_request(body, url, iso8601_date)

 		uri = URI.parse(CK_SERVICE_BASE + url)

 		header = {
 			"Content-Type": "text/plain",
 			"X-Apple-CloudKit-Request-KeyID": CK_KEY_ID,
 			"X-Apple-CloudKit-Request-ISO8601Date": iso8601_date,
 			"X-Apple-CloudKit-Request-SignatureV1": signature
 		}

 		# Create HTTP objects
 		http = Net::HTTP.new(uri.host, uri.port)
 		http.use_ssl = true

 		request = Net::HTTP::Post.new(uri.request_uri, header)
 		request.body = body

 		# Send the request
 		response = http.request(request)

 		return response
 	end

 # end


 t = Time.now.utc.iso8601

 # The path to the endpoint you want to query
 # YOUR_CONTAINER_NAME = e.g. iCloud.com.your_app
 # Swap development for production as needed
 url = "/database/1/YOUR_CONTAINER_NAME/development/public/records/query"
 body = """
 {
 	\"zoneID\": {
 		\"zoneName\": \"_defaultZone\"
 	},
 	\"query\": {
 		\"recordType\": \"CD_YourRecordType\"
 	}
 }
 """

 puts perform_request_for(body, url, t).body
	#!/usr/bin/env ruby

	# CloudKit public database connection with server-to-server
	# See https://developer.apple.com/library/archive/documentation/DataManagement/Conceptual/CloudKitWebServicesReference/SettingUpWebServices.html#//apple_ref/doc/uid/TP40015240-CH24-SW6

	require 'time'
	require 'openssl'
	require 'digest'
	require 'json'
	require 'base64'
	require 'uri'
	require 'net/http'

	# class Cloudkit

	CK_PEM_STRING = """
	-----BEGIN EC PRIVATE KEY-----
	YOUR PRIVATE KEY
	-----END EC PRIVATE KEY-----
	"""
	CK_SERVICE_BASE = "https://api.apple-cloudkit.com"
	CK_KEY_ID = "YOUR_CLOUDKIT_KEY_ID"

	def signature_for_request(body_json, url, iso8601_date)
	puts "body_json: #{body_json}"
	body_sha_hash = Digest::SHA256.digest body_json

	payload_for_signature = [iso8601_date, Base64.strict_encode64(body_sha_hash), url].join(':')
	puts "payload_for_signature: #{payload_for_signature}"

	OpenSSL::PKey::EC.send(:alias_method, :private?, :private_key?)

	ec = OpenSSL::PKey::EC.new(CK_PEM_STRING)
	puts "ec: #{ec}"
	digest = OpenSSL::Digest::SHA256.new
	puts "digest: #{digest}"
	signature = ec.sign(digest, payload_for_signature)
	puts "signature: #{signature}"
	base64_signature = Base64.strict_encode64(signature)
	puts "base64_signature: #{base64_signature}"

	return base64_signature
	end

	def perform_request_for(body, url, iso8601_date)
	body = body.to_s
	signature = self.signature_for_request(body, url, iso8601_date)

	uri = URI.parse(CK_SERVICE_BASE + url)

	header = {
	"Content-Type": "text/plain",
	"X-Apple-CloudKit-Request-KeyID": CK_KEY_ID,
	"X-Apple-CloudKit-Request-ISO8601Date": iso8601_date,
	"X-Apple-CloudKit-Request-SignatureV1": signature
	}

	# Create HTTP objects
	http = Net::HTTP.new(uri.host, uri.port)
	http.use_ssl = true

	request = Net::HTTP::Post.new(uri.request_uri, header)
	request.body = body

	# Send the request
	response = http.request(request)

	return response
	end

	# end


	t = Time.now.utc.iso8601

	# The path to the endpoint you want to query
	# YOUR_CONTAINER_NAME = e.g. iCloud.com.your_app
	# Swap development for production as needed
	url = "/database/1/YOUR_CONTAINER_NAME/development/public/records/query"
	body = """
	{
	\"zoneID\": {
	\"zoneName\": \"_defaultZone\"
	},
	\"query\": {
	\"recordType\": \"CD_YourRecordType\"
	}
	}
	"""

	puts perform_request_for(body, url, t).body