ilidl 0.1.0__tar.gz

ilidl-0.1.0/.github/workflows/publish.yml

@@ -0,0 +1,24 @@
+name: Publish to PyPI
+
+on:
+  push:
+    tags: ["v*"]
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    environment: pypi
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd  # v6.0.2
+        with:
+          persist-credentials: false
+      - uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78  # v7.6.0
+        with:
+          enable-cache: false
+      - run: uv build
+      - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e  # v1.13.0
+        with:
+          packages-dir: dist/

ilidl-0.1.0/.gitignore

@@ -0,0 +1,35 @@
+# Python
+__pycache__/
+*.pyc
+*.pyo
+*.egg-info/
+dist/
+build/
+
+# Virtual environment
+.venv/
+
+# Testing / linting caches
+.pytest_cache/
+.ruff_cache/
+.coverage
+
+# Playwright
+.playwright-mcp/
+
+# IDE
+.idea/
+.vscode/
+*.swp
+
+# Debug artifacts
+*.png
+
+# Claude
+.claude/
+
+# OS
+.DS_Store
+
+# Local plans (not for remote)
+docs/superpowers/

ilidl-0.1.0/CONTRIBUTING.md

@@ -0,0 +1,43 @@
+# Contributing
+
+Thanks for your interest in contributing to iLidl!
+
+## Setup
+
+```bash
+git clone https://github.com/RoryDotGG/iLidl.git
+cd iLidl
+uv venv && source .venv/bin/activate
+uv pip install -e ".[dev,auth]"
+playwright install chromium
+```
+
+## Development
+
+Run tests:
+
+```bash
+uv run pytest tests/ -q
+```
+
+Lint and format:
+
+```bash
+uv run ruff check .
+uv run ruff format .
+```
+
+## Submitting changes
+
+1. Fork the repository
+2. Create a feature branch (`git checkout -b feat/my-feature`)
+3. Make your changes with tests
+4. Ensure `ruff check .` and `ruff format --check .` pass
+5. Commit using [conventional commits](https://www.conventionalcommits.org/) (e.g. `feat:`, `fix:`, `chore:`)
+6. Open a pull request against `main`
+
+## Notes
+
+- UK receipts are the primary focus. Other countries may work but are untested.
+- The Lidl Plus API is undocumented and may change without notice.
+- Keep the `App-Version` header realistic. The API rejects fake versions.

ilidl-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 RoryDotGG
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

ilidl-0.1.0/PKG-INFO

@@ -0,0 +1,112 @@
+Metadata-Version: 2.4
+Name: ilidl
+Version: 0.1.0
+Summary: Unofficial Lidl Plus API client
+Project-URL: Homepage, https://github.com/RoryDotGG/iLidl
+Project-URL: Repository, https://github.com/RoryDotGG/iLidl
+Project-URL: Issues, https://github.com/RoryDotGG/iLidl/issues
+Author: RoryDotGG
+License-Expression: MIT
+License-File: LICENSE
+Keywords: api-client,coupons,lidl,lidl-plus,receipts
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Topic :: Internet
+Classifier: Typing :: Typed
+Requires-Python: >=3.12
+Requires-Dist: click
+Requires-Dist: httpx
+Requires-Dist: tomli-w
+Provides-Extra: auth
+Requires-Dist: playwright; extra == 'auth'
+Provides-Extra: dev
+Requires-Dist: pytest; extra == 'dev'
+Requires-Dist: ruff; extra == 'dev'
+Description-Content-Type: text/markdown
+
+# iLidl
+
+Unofficial Python client and CLI for the Lidl Plus API. Fetch receipts, parse item details, and manage coupons.
+
+## Installation
+
+```bash
+pip install ilidl
+
+# Or with uv
+uv add ilidl
+
+# With auth support (requires Playwright for login)
+pip install "ilidl[auth]"
+playwright install chromium
+```
+
+## Authentication
+
+```bash
+ilidl login
+```
+
+Launches a headless browser to complete the Lidl Plus OAuth flow. You'll be prompted for your phone number and a verification code. A refresh token is saved to `~/.config/ilidl/config.toml` for future use.
+
+## CLI Usage
+
+```bash
+# Receipts
+ilidl receipt latest              # Most recent receipt
+ilidl receipt latest --json       # As JSON
+ilidl receipt <id>                # Specific receipt
+ilidl receipts                    # List all receipts
+ilidl receipts --from 2026-03-01  # Filter by date
+ilidl receipts --to 2026-03-18
+
+# Coupons
+ilidl coupons list                # List available coupons
+ilidl coupons activate <id>       # Activate a coupon
+ilidl coupons activate --all      # Activate all coupons
+ilidl coupons deactivate <id>     # Deactivate a coupon
+```
+
+All commands support `--json` for machine-readable output.
+
+## Library Usage
+
+```python
+from ilidl import LidlClient
+
+client = LidlClient(refresh_token="...", country="GB", language="en")
+
+# Get latest receipt with parsed items
+receipt = client.latest_receipt()
+for item in receipt.items:
+    print(f"{item.name}: {item.price}")
+
+# List coupons
+for coupon in client.coupons():
+    print(f"{coupon.title} (active: {coupon.is_activated})")
+```
+
+## Configuration
+
+Stored at `~/.config/ilidl/config.toml`:
+
+```toml
+[auth]
+refresh_token = "..."
+
+[account]
+language = "en"
+country = "GB"
+```
+
+## Notes
+
+- UK receipts are returned as HTML by the API and parsed into structured items using `data-*` attributes.
+- The `App-Version` header must be a realistic value (currently `16.45.5`). The API rejects fake versions.
+- API v2 is used for receipt lists, v3 for receipt detail.
+- This project replaces the upstream `lidl-plus` library which is broken on modern Python.

ilidl-0.1.0/README.md

@@ -0,0 +1,81 @@
+# iLidl
+
+Unofficial Python client and CLI for the Lidl Plus API. Fetch receipts, parse item details, and manage coupons.
+
+## Installation
+
+```bash
+pip install ilidl
+
+# Or with uv
+uv add ilidl
+
+# With auth support (requires Playwright for login)
+pip install "ilidl[auth]"
+playwright install chromium
+```
+
+## Authentication
+
+```bash
+ilidl login
+```
+
+Launches a headless browser to complete the Lidl Plus OAuth flow. You'll be prompted for your phone number and a verification code. A refresh token is saved to `~/.config/ilidl/config.toml` for future use.
+
+## CLI Usage
+
+```bash
+# Receipts
+ilidl receipt latest              # Most recent receipt
+ilidl receipt latest --json       # As JSON
+ilidl receipt <id>                # Specific receipt
+ilidl receipts                    # List all receipts
+ilidl receipts --from 2026-03-01  # Filter by date
+ilidl receipts --to 2026-03-18
+
+# Coupons
+ilidl coupons list                # List available coupons
+ilidl coupons activate <id>       # Activate a coupon
+ilidl coupons activate --all      # Activate all coupons
+ilidl coupons deactivate <id>     # Deactivate a coupon
+```
+
+All commands support `--json` for machine-readable output.
+
+## Library Usage
+
+```python
+from ilidl import LidlClient
+
+client = LidlClient(refresh_token="...", country="GB", language="en")
+
+# Get latest receipt with parsed items
+receipt = client.latest_receipt()
+for item in receipt.items:
+    print(f"{item.name}: {item.price}")
+
+# List coupons
+for coupon in client.coupons():
+    print(f"{coupon.title} (active: {coupon.is_activated})")
+```
+
+## Configuration
+
+Stored at `~/.config/ilidl/config.toml`:
+
+```toml
+[auth]
+refresh_token = "..."
+
+[account]
+language = "en"
+country = "GB"
+```
+
+## Notes
+
+- UK receipts are returned as HTML by the API and parsed into structured items using `data-*` attributes.
+- The `App-Version` header must be a realistic value (currently `16.45.5`). The API rejects fake versions.
+- API v2 is used for receipt lists, v3 for receipt detail.
+- This project replaces the upstream `lidl-plus` library which is broken on modern Python.

ilidl-0.1.0/ilidl/__init__.py

@@ -0,0 +1,9 @@
+"""Unofficial Lidl Plus API client."""
+
+from importlib.metadata import version
+
+from ilidl.client import LidlClient
+from ilidl.models import Coupon, Discount, Item, Receipt, Store
+
+__all__ = ["LidlClient", "Coupon", "Discount", "Item", "Receipt", "Store"]
+__version__ = version("ilidl")

ilidl-0.1.0/ilidl/auth.py

@@ -0,0 +1,219 @@
+"""Playwright-based OAuth2 PKCE authentication for Lidl Plus."""
+
+import base64
+import contextlib
+import getpass
+import hashlib
+import re
+import secrets
+from typing import Any
+
+import httpx
+
+from ilidl.config import Config
+from ilidl.exceptions import AuthError
+
+AUTH_API = "https://accounts.lidl.com"
+CLIENT_ID = "LidlPlusNativeClient"
+REDIRECT_URI = "com.lidlplus.app://callback"
+SCOPES = "openid profile offline_access lpprofile lpapis"
+
+
+def _generate_pkce() -> tuple[str, str]:
+    """Generate PKCE code_verifier and code_challenge."""
+    verifier = secrets.token_urlsafe(64)
+    digest = hashlib.sha256(verifier.encode()).digest()
+    challenge = base64.urlsafe_b64encode(digest).rstrip(b"=").decode()
+    return verifier, challenge
+
+
+def _build_auth_url(challenge: str, country: str, language: str) -> str:
+    """Build the OAuth authorization URL."""
+    params = (
+        f"client_id={CLIENT_ID}"
+        f"&response_type=code"
+        f"&scope={SCOPES.replace(' ', '+')}"
+        f"&redirect_uri={REDIRECT_URI.replace(':', '%3A').replace('/', '%2F')}"
+        f"&code_challenge={challenge}"
+        f"&code_challenge_method=S256"
+        f"&Country={country.upper()}"
+        f"&language={language.lower()}-{country.upper()}"
+    )
+    return f"{AUTH_API}/connect/authorize?{params}"
+
+
+def _exchange_code(code: str, verifier: str) -> dict[str, Any]:
+    """Exchange authorization code for tokens."""
+    secret = base64.b64encode(f"{CLIENT_ID}:secret".encode()).decode()
+    resp = httpx.post(
+        f"{AUTH_API}/connect/token",
+        headers={
+            "Authorization": f"Basic {secret}",
+            "Content-Type": "application/x-www-form-urlencoded",
+        },
+        data={
+            "grant_type": "authorization_code",
+            "code": code,
+            "redirect_uri": REDIRECT_URI,
+            "code_verifier": verifier,
+        },
+        timeout=30,
+    )
+    try:
+        resp.raise_for_status()
+    except httpx.HTTPStatusError as exc:
+        msg = f"Token exchange failed: {resp.status_code} {resp.text}"
+        raise AuthError(msg) from exc
+    return resp.json()
+
+
+def _dbg(debug: bool, page: Any, name: str, msg: str = "") -> None:
+    """Save a debug screenshot and optionally print a message."""
+    if not debug:
+        return
+    page.screenshot(path=f"/tmp/ilidl_{name}.png")
+    if msg:
+        print(f"DEBUG {msg}")
+
+
+def login(config: Config, *, debug: bool = False) -> str:
+    """Run interactive login via phone number. Returns refresh token."""
+    try:
+        from playwright.sync_api import sync_playwright
+    except ImportError as e:
+        msg = "Playwright is required for login. Install with: uv pip install 'ilidl[auth]'"
+        raise AuthError(msg) from e
+
+    verifier, challenge = _generate_pkce()
+    url = _build_auth_url(challenge, config.country, config.language)
+
+    phone = input("Phone number (local, e.g. 7415148717): ").strip()
+    password = getpass.getpass("Password: ")
+
+    with sync_playwright() as p:
+        browser = p.chromium.launch(headless=True)
+        page = browser.new_page()
+
+        code: str = ""
+
+        def handle_request(request):
+            nonlocal code
+            req_url = request.url
+            if debug:
+                print(f"DEBUG request: {req_url[:120]}")
+            if req_url.startswith("com.lidlplus.app://"):
+                match = re.search(r"code=([^&]+)", req_url)
+                if match:
+                    code = match.group(1)
+                    if debug:
+                        print(f"DEBUG got code: {code}")
+
+        def handle_response(response):
+            nonlocal code
+            # Check for 302 redirects to the app callback
+            if code:
+                return
+            location = response.headers.get("location", "")
+            if location.startswith("com.lidlplus.app://"):
+                match = re.search(r"code=([^&]+)", location)
+                if match:
+                    code = match.group(1)
+                    if debug:
+                        print(f"DEBUG got code from redirect: {code}")
+
+        page.on("request", handle_request)
+        page.on("response", handle_response)
+
+        page.goto(url)
+        page.wait_for_load_state("networkidle")
+        _dbg(debug, page, "01_welcome", f"url: {page.url}")
+
+        # Click "Log in" on the welcome page
+        page.locator("button:has-text('Log in'), a:has-text('Log in')").first.click(timeout=5000)
+        page.wait_for_load_state("networkidle")
+        _dbg(debug, page, "02_login_form", "on login form")
+
+        # Switch to phone number login
+        page.locator("button:has-text('phone number'), a:has-text('phone number')").first.click(
+            timeout=5000
+        )
+        page.wait_for_load_state("networkidle")
+        _dbg(debug, page, "03_phone_form", f"url: {page.url}")
+
+        # Fill local phone number (country code is pre-selected)
+        phone_field = page.locator(
+            "input[type='tel'], input[name='PhoneNumber'], input[name='phoneNumber']"
+        ).first
+        phone_field.fill(phone)
+
+        # Fill password
+        page.locator("input[type='password']").first.fill(password)
+        _dbg(debug, page, "04_filled")
+
+        # Submit and wait for navigation or page change
+        login_url = page.url
+        page.locator("button:has-text('Log in'), button[type='submit']").first.click()
+
+        # Wait for URL to change or for an error/verification
+        # element to appear
+        with contextlib.suppress(TimeoutError):
+            page.wait_for_function(
+                f"window.location.href !== '{login_url}' || "
+                "document.querySelector("
+                '  \'[name="VerificationCode"],'
+                "  .alert-danger,"
+                "  .error-message'"
+                ")",
+                timeout=15000,
+            )
+        page.wait_for_load_state("networkidle")
+        _dbg(debug, page, "05_after_submit", f"url: {page.url}")
+
+        # Check for error message
+        if not code:
+            error_el = page.locator(
+                ".alert-danger, .error-message, [class*='error'], [class*='Error']"
+            )
+            if error_el.first.is_visible(timeout=2000):
+                error_text = error_el.first.text_content()
+                _dbg(debug, page, "05b_error")
+                browser.close()
+                msg = f"Login failed: {error_text}"
+                raise AuthError(msg)
+
+        # Check for verification code prompt
+        if not code:
+            verify_field = page.locator(
+                "[name='VerificationCode'], input[name='code'], input[inputmode='numeric']"
+            )
+            try:
+                if verify_field.first.is_visible(timeout=10000):
+                    _dbg(debug, page, "06_verify_prompt")
+                    otp = input("Enter verification code: ").strip()
+                    verify_field.first.fill(otp)
+                    page.locator(
+                        "button[type='submit'], "
+                        "button:has-text('Submit'), "
+                        "button:has-text('Verify')"
+                    ).first.click()
+
+                    # Wait for redirect after verify
+                    with contextlib.suppress(TimeoutError):
+                        page.wait_for_url("**/callback*", timeout=15000)
+                    page.wait_for_timeout(3000)
+                    _dbg(debug, page, "07_after_verify", f"url: {page.url}")
+            except Exception as exc:
+                if debug:
+                    print(f"DEBUG verify error: {exc}")
+                _dbg(debug, page, "08_error")
+
+        browser.close()
+
+    if not code:
+        msg = "Login failed: could not extract authorization code"
+        raise AuthError(msg)
+
+    tokens = _exchange_code(code, verifier)
+    config.refresh_token = tokens["refresh_token"]
+    config.save()
+    return tokens["refresh_token"]