autoboya 0.1.0__tar.gz

autoboya-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 DeNeRATe-cool
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

autoboya-0.1.0/PKG-INFO

@@ -0,0 +1,186 @@
+Metadata-Version: 2.4
+Name: autoboya
+Version: 0.1.0
+Summary: BUAA Boya WebVPN CLI for course cache, autonomous-sign course automation, and check-in/out workflows
+Author: DeNeRATe-cool
+License-Expression: MIT
+Project-URL: Homepage, https://github.com/DeNeRATe-cool/AutoBoya
+Project-URL: Repository, https://github.com/DeNeRATe-cool/AutoBoya
+Project-URL: Issues, https://github.com/DeNeRATe-cool/AutoBoya/issues
+Keywords: buaa,boya,webvpn,cli,automation
+Classifier: Development Status :: 3 - Alpha
+Classifier: Environment :: Console
+Classifier: Intended Audience :: End Users/Desktop
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Utilities
+Requires-Python: >=3.11
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: cryptography>=42
+Requires-Dist: httpx>=0.27
+Requires-Dist: keyring>=25
+Requires-Dist: rich>=13
+Requires-Dist: typer>=0.12
+Provides-Extra: dev
+Requires-Dist: pytest>=8; extra == "dev"
+Dynamic: license-file
+
+# AutoBoya
+
+<p align="center">
+  <a href="https://pypi.org/project/autoboya/"><img alt="PyPI" src="https://img.shields.io/pypi/v/autoboya"></a>
+  <a href="https://pypi.org/project/autoboya/"><img alt="Python" src="https://img.shields.io/pypi/pyversions/autoboya"></a>
+  <a href="https://github.com/DeNeRATe-cool/AutoBoya/blob/main/LICENSE"><img alt="License" src="https://img.shields.io/github/license/DeNeRATe-cool/AutoBoya"></a>
+  <a href="https://github.com/DeNeRATe-cool/AutoBoya/stargazers"><img alt="Stars" src="https://img.shields.io/github/stars/DeNeRATe-cool/AutoBoya?style=flat"></a>
+  <a href="https://github.com/DeNeRATe-cool/AutoBoya/commits/main"><img alt="Last Commit" src="https://img.shields.io/github/last-commit/DeNeRATe-cool/AutoBoya/main"></a>
+</p>
+
+Python CLI for BUAA Boya course viewing and guarded automation through WebVPN.
+
+AutoBoya can cache Boya course data, display selected courses and statistics,
+preview autonomous-sign course candidates, and run a local scheduler for
+automatic course selection, check-in, and check-out.
+
+## Quickstart
+
+```bash
+# 1) Install from PyPI
+pip install autoboya
+
+# 2) Initialize local state under ~/.autoboya
+autoboya init
+
+# 3) Add a BUAA account. The password is stored in the system keyring when possible.
+autoboya user add 223xxxxx --password-stdin
+
+# 4) Login through WebVPN. Type the CAPTCHA shown by the CLI when prompted.
+autoboya login 223xxxxx
+
+# 5) Refresh course cache and inspect candidates.
+autoboya courses refresh
+autoboya courses list --only-selectable
+autoboya courses auto-preview
+
+# 6) Run one automation pass for debugging, or keep the scheduler running.
+autoboya run-once
+autoboya run
+autoboya stop
+```
+
+## PATH Notes
+
+If `autoboya` is not found after installation, use Python's module entry point
+first:
+
+```bash
+python -m autoboya --help
+```
+
+Then add the user script directory to your shell PATH.
+
+macOS / Linux:
+
+```bash
+python -m pip install --user autoboya
+echo 'export PATH="$(python3 -m site --user-base)/bin:$PATH"' >> ~/.zprofile
+```
+
+Windows PowerShell:
+
+```powershell
+py -m pip install --user autoboya
+$d = py -c "import sysconfig; print(sysconfig.get_path('scripts','nt_user'))"; [Environment]::SetEnvironmentVariable("Path", [Environment]::GetEnvironmentVariable("Path","User") + ";" + $d, "User")
+```
+
+## Command Reference
+
+General:
+
+```bash
+autoboya -h
+autoboya --help
+autoboya version
+autoboya init
+autoboya doctor
+```
+
+Users and login:
+
+```bash
+autoboya user add <username> --password-stdin
+autoboya user add <username> --unsafe-store-password
+autoboya user list
+autoboya user remove <username>
+autoboya login <username>
+```
+
+Courses and cache:
+
+```bash
+autoboya courses refresh
+autoboya courses refresh --user <username>
+autoboya courses list
+autoboya courses list --only-selectable
+autoboya courses list --json
+autoboya courses show <course_id>
+autoboya courses show <course_id> --json
+autoboya courses auto-preview
+autoboya courses auto-preview --json
+```
+
+`autoboya courses refresh` fetches the full paginated course list once and refreshes selected-course/statistics caches for every enabled user. Use `--user` to refresh selected-course/statistics caches for only one user.
+
+Selected courses and statistics:
+
+```bash
+autoboya selected
+autoboya selected --user <username>
+autoboya selected --json
+autoboya stats
+autoboya stats --user <username>
+autoboya stats --json
+```
+
+Automation:
+
+```bash
+autoboya run
+autoboya run-once
+autoboya stop
+```
+
+Manual operations:
+
+```bash
+autoboya select <course_id> --user <username> --yes
+autoboya select <course_id> --all-users --yes
+autoboya drop <course_id> --user <username> --yes
+autoboya drop <course_id> --all-users --yes
+autoboya sign <course_id> --user <username>
+autoboya sign <course_id> --all-users
+autoboya signout <course_id> --user <username>
+autoboya signout <course_id> --all-users
+```
+
+`sign` and `signout` require the course to already be selected. Use `select` first, then sign during the configured sign window. `drop` accepts a course ID and refreshes the selected-course cache after a successful drop.
+
+Diagnostics:
+
+```bash
+autoboya logs tail
+autoboya logs tail --lines 200
+```
+
+Every command and command group accepts both `-h` and `--help`.
+
+## Automation Policy
+
+AutoBoya does not select every selectable course. The daemon only auto-selects cached courses that are currently selectable, whose sign method is `自主签到`, derived from a non-empty `courseSignConfig.signPointList`, and whose category is not `其他方面`. Courses with `常规签到`, no location sign config, or category `其他方面` are skipped. Use `autoboya courses auto-preview` to inspect the courses that would be selected before running the daemon.
+
+CAPTCHA handling follows UBAA: the CLI fetches the SSO CAPTCHA image and asks the operator to type the code. It does not OCR or bypass CAPTCHA.
+
+State is stored under `~/.autoboya`: users, settings, cache, logs, run files, CAPTCHA images, and session metadata.

autoboya-0.1.0/README.md

@@ -0,0 +1,155 @@
+# AutoBoya
+
+<p align="center">
+  <a href="https://pypi.org/project/autoboya/"><img alt="PyPI" src="https://img.shields.io/pypi/v/autoboya"></a>
+  <a href="https://pypi.org/project/autoboya/"><img alt="Python" src="https://img.shields.io/pypi/pyversions/autoboya"></a>
+  <a href="https://github.com/DeNeRATe-cool/AutoBoya/blob/main/LICENSE"><img alt="License" src="https://img.shields.io/github/license/DeNeRATe-cool/AutoBoya"></a>
+  <a href="https://github.com/DeNeRATe-cool/AutoBoya/stargazers"><img alt="Stars" src="https://img.shields.io/github/stars/DeNeRATe-cool/AutoBoya?style=flat"></a>
+  <a href="https://github.com/DeNeRATe-cool/AutoBoya/commits/main"><img alt="Last Commit" src="https://img.shields.io/github/last-commit/DeNeRATe-cool/AutoBoya/main"></a>
+</p>
+
+Python CLI for BUAA Boya course viewing and guarded automation through WebVPN.
+
+AutoBoya can cache Boya course data, display selected courses and statistics,
+preview autonomous-sign course candidates, and run a local scheduler for
+automatic course selection, check-in, and check-out.
+
+## Quickstart
+
+```bash
+# 1) Install from PyPI
+pip install autoboya
+
+# 2) Initialize local state under ~/.autoboya
+autoboya init
+
+# 3) Add a BUAA account. The password is stored in the system keyring when possible.
+autoboya user add 223xxxxx --password-stdin
+
+# 4) Login through WebVPN. Type the CAPTCHA shown by the CLI when prompted.
+autoboya login 223xxxxx
+
+# 5) Refresh course cache and inspect candidates.
+autoboya courses refresh
+autoboya courses list --only-selectable
+autoboya courses auto-preview
+
+# 6) Run one automation pass for debugging, or keep the scheduler running.
+autoboya run-once
+autoboya run
+autoboya stop
+```
+
+## PATH Notes
+
+If `autoboya` is not found after installation, use Python's module entry point
+first:
+
+```bash
+python -m autoboya --help
+```
+
+Then add the user script directory to your shell PATH.
+
+macOS / Linux:
+
+```bash
+python -m pip install --user autoboya
+echo 'export PATH="$(python3 -m site --user-base)/bin:$PATH"' >> ~/.zprofile
+```
+
+Windows PowerShell:
+
+```powershell
+py -m pip install --user autoboya
+$d = py -c "import sysconfig; print(sysconfig.get_path('scripts','nt_user'))"; [Environment]::SetEnvironmentVariable("Path", [Environment]::GetEnvironmentVariable("Path","User") + ";" + $d, "User")
+```
+
+## Command Reference
+
+General:
+
+```bash
+autoboya -h
+autoboya --help
+autoboya version
+autoboya init
+autoboya doctor
+```
+
+Users and login:
+
+```bash
+autoboya user add <username> --password-stdin
+autoboya user add <username> --unsafe-store-password
+autoboya user list
+autoboya user remove <username>
+autoboya login <username>
+```
+
+Courses and cache:
+
+```bash
+autoboya courses refresh
+autoboya courses refresh --user <username>
+autoboya courses list
+autoboya courses list --only-selectable
+autoboya courses list --json
+autoboya courses show <course_id>
+autoboya courses show <course_id> --json
+autoboya courses auto-preview
+autoboya courses auto-preview --json
+```
+
+`autoboya courses refresh` fetches the full paginated course list once and refreshes selected-course/statistics caches for every enabled user. Use `--user` to refresh selected-course/statistics caches for only one user.
+
+Selected courses and statistics:
+
+```bash
+autoboya selected
+autoboya selected --user <username>
+autoboya selected --json
+autoboya stats
+autoboya stats --user <username>
+autoboya stats --json
+```
+
+Automation:
+
+```bash
+autoboya run
+autoboya run-once
+autoboya stop
+```
+
+Manual operations:
+
+```bash
+autoboya select <course_id> --user <username> --yes
+autoboya select <course_id> --all-users --yes
+autoboya drop <course_id> --user <username> --yes
+autoboya drop <course_id> --all-users --yes
+autoboya sign <course_id> --user <username>
+autoboya sign <course_id> --all-users
+autoboya signout <course_id> --user <username>
+autoboya signout <course_id> --all-users
+```
+
+`sign` and `signout` require the course to already be selected. Use `select` first, then sign during the configured sign window. `drop` accepts a course ID and refreshes the selected-course cache after a successful drop.
+
+Diagnostics:
+
+```bash
+autoboya logs tail
+autoboya logs tail --lines 200
+```
+
+Every command and command group accepts both `-h` and `--help`.
+
+## Automation Policy
+
+AutoBoya does not select every selectable course. The daemon only auto-selects cached courses that are currently selectable, whose sign method is `自主签到`, derived from a non-empty `courseSignConfig.signPointList`, and whose category is not `其他方面`. Courses with `常规签到`, no location sign config, or category `其他方面` are skipped. Use `autoboya courses auto-preview` to inspect the courses that would be selected before running the daemon.
+
+CAPTCHA handling follows UBAA: the CLI fetches the SSO CAPTCHA image and asks the operator to type the code. It does not OCR or bypass CAPTCHA.
+
+State is stored under `~/.autoboya`: users, settings, cache, logs, run files, CAPTCHA images, and session metadata.

autoboya-0.1.0/autoboya/__init__.py

@@ -0,0 +1 @@
+__version__ = "0.1.0"

autoboya-0.1.0/autoboya/__main__.py

@@ -0,0 +1,4 @@
+from .cli import main
+
+if __name__ == "__main__":
+    main()

autoboya-0.1.0/autoboya/auth.py

@@ -0,0 +1,251 @@
+from __future__ import annotations
+
+import html.parser
+import re
+from dataclasses import dataclass
+from pathlib import Path
+from urllib.parse import parse_qs, urljoin, urlparse
+
+import httpx
+
+from .exceptions import CaptchaRequired, LoginError
+from .storage import AutoBoyaStore
+from .webvpn import to_webvpn_url
+
+SSO_LOGIN = "https://sso.buaa.edu.cn/login"
+SSO_CAPTCHA = "https://sso.buaa.edu.cn/captcha"
+UC_ACTIVATE = "https://uc.buaa.edu.cn/api/login?target=https%3A%2F%2Fuc.buaa.edu.cn%2F%23%2Fuser%2Flogin"
+BYKC_CAS = "https://bykc.buaa.edu.cn/sscv/cas/login"
+BYKC_CAS_EMPTY_TOKEN = "https://bykc.buaa.edu.cn/cas-login?token="
+
+
+@dataclass
+class CaptchaChallenge:
+    captcha_id: str
+    captcha_type: str
+    image_path: Path
+    execution: str
+
+
+@dataclass
+class AuthSession:
+    username: str
+    bykc_token: str
+    cookies: list[dict[str, object]]
+
+
+class _FormParser(html.parser.HTMLParser):
+    def __init__(self) -> None:
+        super().__init__()
+        self.forms: list[dict[str, object]] = []
+        self.current: dict[str, object] | None = None
+
+    def handle_starttag(self, tag: str, attrs: list[tuple[str, str | None]]) -> None:
+        attrs_dict = {key: (value or "") for key, value in attrs}
+        if tag.lower() == "form":
+            self.current = {"attrs": attrs_dict, "inputs": []}
+            self.forms.append(self.current)
+        elif tag.lower() == "input" and self.current is not None:
+            self.current["inputs"].append(attrs_dict)  # type: ignore[index,union-attr]
+
+    def handle_endtag(self, tag: str) -> None:
+        if tag.lower() == "form":
+            self.current = None
+
+
+class AuthClient:
+    def __init__(
+        self,
+        store: AutoBoyaStore,
+        http_client: httpx.Client | None = None,
+        use_vpn: bool = True,
+    ) -> None:
+        self.store = store
+        self.client = http_client or httpx.Client(timeout=25, follow_redirects=False)
+        self.use_vpn = use_vpn
+        self._last_login_html: str | None = None
+
+    def upstream(self, url: str) -> str:
+        return to_webvpn_url(url) if self.use_vpn else url
+
+    def preflight_login(self) -> str:
+        response = self.client.get(self.upstream(SSO_LOGIN))
+        if response.status_code >= 400:
+            raise LoginError(f"SSO login page returned HTTP {response.status_code}")
+        html = response.text
+        self._last_login_html = html
+        captcha = detect_captcha(html)
+        if captcha:
+            image = self.fetch_captcha(captcha[1])
+            raise CaptchaRequired(
+                CaptchaChallenge(
+                    captcha_id=captcha[1],
+                    captcha_type=captcha[0],
+                    image_path=image,
+                    execution=extract_execution(html),
+                )
+            )
+        return extract_execution(html)
+
+    def fetch_captcha(self, captcha_id: str) -> Path:
+        response = self.client.get(self.upstream(f"{SSO_CAPTCHA}?captchaId={captcha_id}"))
+        response.raise_for_status()
+        suffix = ".png" if "png" in response.headers.get("content-type", "") else ".jpg"
+        path = self.store.path(f"captcha/{captcha_id}{suffix}")
+        path.parent.mkdir(parents=True, exist_ok=True)
+        path.write_bytes(response.content)
+        return path
+
+    def login(self, username: str, password: str, captcha: str | None = None) -> AuthSession:
+        html = self._last_login_html
+        if html is None:
+            try:
+                self.preflight_login()
+                html = self._last_login_html
+            except CaptchaRequired as exc:
+                if not captcha:
+                    raise
+                html = self._last_login_html
+        if html is None:
+            raise LoginError("Unable to load SSO login form")
+        params = build_login_params(html, username, password, captcha)
+        response = self.client.post(
+            self.upstream(SSO_LOGIN),
+            data=params,
+            headers={"Content-Type": "application/x-www-form-urlencoded"},
+        )
+        final = self.follow_redirects_and_password_expiry(response)
+        error = find_login_error(final.text)
+        if final.status_code >= 400 or error:
+            raise LoginError(error or f"SSO login failed with HTTP {final.status_code}")
+        self.activate_uc()
+        token = self.acquire_bykc_token()
+        if not token:
+            raise LoginError("Boya token was not returned after SSO login")
+        return AuthSession(username=username, bykc_token=token, cookies=serialize_cookies(self.client))
+
+    def follow_redirects_and_password_expiry(self, response: httpx.Response) -> httpx.Response:
+        current = response
+        ignored = False
+        while True:
+            while 300 <= current.status_code <= 399 and current.headers.get("location"):
+                current = self.client.get(urljoin(str(current.url), current.headers["location"]))
+            if ("continueForm" in current.text or "ignoreAndContinue" in current.text) and not ignored:
+                execution = extract_execution(current.text)
+                current = self.client.post(
+                    str(current.url).split("?", 1)[0],
+                    data={"execution": execution, "_eventId": "ignoreAndContinue"},
+                    headers={"Content-Type": "application/x-www-form-urlencoded"},
+                )
+                ignored = True
+                continue
+            return current
+
+    def activate_uc(self) -> None:
+        self.client.get(self.upstream(UC_ACTIVATE))
+
+    def acquire_bykc_token(self) -> str | None:
+        token = self._follow_for_token(self.upstream(BYKC_CAS))
+        if token:
+            return token
+        return self._follow_for_token(self.upstream(BYKC_CAS_EMPTY_TOKEN))
+
+    def _follow_for_token(self, url: str, max_redirects: int = 10) -> str | None:
+        current_url = url
+        for _ in range(max_redirects + 1):
+            response = self.client.get(current_url)
+            token = extract_token(str(response.url)) or extract_token(response.headers.get("location", ""))
+            if token:
+                return token
+            location = response.headers.get("location")
+            if not (300 <= response.status_code <= 399 and location):
+                return None
+            current_url = urljoin(str(response.url), location)
+        return None
+
+
+def detect_captcha(html: str) -> tuple[str, str] | None:
+    match = re.search(
+        r"config\.captcha\s*=\s*\{\s*type:\s*['\"]([^'\"]+)['\"],\s*id:\s*['\"]([^'\"]+)['\"]",
+        html,
+    )
+    return (match.group(1), match.group(2)) if match else None
+
+
+def extract_execution(html: str) -> str:
+    match = re.search(r'name=["\']execution["\'][^>]*value=["\']([^"\']+)["\']', html)
+    if not match:
+        match = re.search(r'value=["\']([^"\']+)["\'][^>]*name=["\']execution["\']', html)
+    return match.group(1) if match else ""
+
+
+def build_login_params(html: str, username: str, password: str, captcha: str | None = None) -> dict[str, str]:
+    parser = _FormParser()
+    parser.feed(html)
+    form = parser.forms[0] if parser.forms else {"inputs": []}
+    params: dict[str, str] = {}
+    present: set[str] = set()
+    for attrs in form.get("inputs", []):  # type: ignore[union-attr]
+        name = (attrs.get("name") or "").strip()
+        if not name:
+            continue
+        input_type = (attrs.get("type") or "").strip().lower()
+        value = attrs.get("value") or ""
+        if name in {"username", "password"}:
+            present.add(name)
+            continue
+        if input_type in {"submit", "button", "image"}:
+            continue
+        if value:
+            params[name] = value
+        present.add(name)
+    params["username"] = username
+    params["password"] = password
+    params["submit"] = "登录"
+    params.setdefault("type", "username_password")
+    params.setdefault("execution", extract_execution(html))
+    params.setdefault("_eventId", "submit")
+    if captcha:
+        params["captcha"] = captcha
+        params["captchaResponse"] = captcha
+    return params
+
+
+def find_login_error(html: str) -> str | None:
+    for pattern in [
+        r"Invalid credentials\.",
+        r"Access Denied[^<\"]*",
+        r"<div class=\"tip-text\">([^<]+)</div>",
+        r"<p[^>]*>([^<]*(?:错误|密码|验证码|失败)[^<]*)</p>",
+    ]:
+        match = re.search(pattern, html, flags=re.IGNORECASE)
+        if match:
+            return re.sub(r"\s+", " ", match.group(1) if match.groups() else match.group(0)).strip()
+    return None
+
+
+def extract_token(url: str) -> str | None:
+    if not url:
+        return None
+    parsed = urlparse(url)
+    token = parse_qs(parsed.query).get("token", [None])[0]
+    if token:
+        return token
+    match = re.search(r"[?&]token=([^&\s]+)", url)
+    return match.group(1) if match else None
+
+
+def serialize_cookies(client: httpx.Client) -> list[dict[str, object]]:
+    cookies: list[dict[str, object]] = []
+    for cookie in client.cookies.jar:
+        cookies.append(
+            {
+                "name": cookie.name,
+                "value": cookie.value,
+                "domain": cookie.domain,
+                "path": cookie.path,
+                "secure": bool(cookie.secure),
+                "expires": cookie.expires,
+            }
+        )
+    return cookies