medicafe 0.251023.2__py3-none-any.whl → 0.251027.0__py3-none-any.whl

MediBot/__init__.py

@@ -19,7 +19,7 @@ Smart Import Integration:
         medibot_main = get_components('medibot_main')
 """
 
-__version__ = "0.251023.2"
+__version__ = "0.251027.0"
 __author__ = "Daniel Vidaud"
 __email__ = "daniel@personalizedtransformation.com"
 

MediCafe/MediLink_ConfigLoader.py

@@ -38,7 +38,14 @@ def get_default_config():
                 'endpoint_url': '',
                 'auth_token': '',
                 'insecure_http': False,
-                'max_bundle_bytes': 2097152
+                'max_bundle_bytes': 2097152,
+                'email': {
+                    'enabled': False,
+                    'to': '',
+                    'subject_prefix': 'MediCafe Error Report',
+                    'max_bundle_bytes': 1572864,
+                    'transport': 'gmail_api'
+                }
             },
             # STRATEGIC NOTE (COB Configuration): COB library is fully implemented and ready
             # To enable COB functionality, add the following configuration:

MediCafe/__init__.py

@@ -27,7 +27,7 @@ Smart Import System:
         api_suite = get_api_access()
 """
 
-__version__ = "0.251023.2"
+__version__ = "0.251027.0"
 __author__ = "Daniel Vidaud"
 __email__ = "daniel@personalizedtransformation.com"
 

MediCafe/error_reporter.py

@@ -1,17 +1,20 @@
-import os, sys, time, json, zipfile, hashlib, platform
+import base64
+import hashlib
+import json
+import os
+import platform
+import sys
+import time
+import zipfile
 
-try:
-	import requests
-except Exception:
-	requests = None
-
-from MediCafe.MediLink_ConfigLoader import load_configuration, log as mc_log
+import requests
 
+from email.mime.application import MIMEApplication
+from email.mime.multipart import MIMEMultipart
+from email.mime.text import MIMEText
 
-ASCII_SAFE_REPLACEMENTS = [
-	('"', '"'),
-	("'", "'"),
-]
+from MediCafe.MediLink_ConfigLoader import load_configuration, log as mc_log
+from MediLink.MediLink_Gmail import get_access_token
 
 
 def _safe_ascii(text):
@@ -58,21 +61,33 @@ def _get_latest_log_path(local_storage_path):
 
 
 def _redact(text):
-	# Best-effort ASCII redaction: mask obvious numeric IDs and bearer tokens
-	try:
-		text = _safe_ascii(text)
-		import re
-		patterns = [
-			(r'\b(\d{3}-?\d{2}-?\d{4})\b', '***-**-****'),
-			(r'\b(\d{9,11})\b', '*********'),
-			(r'Bearer\s+[A-Za-z0-9\-._~+/]+=*', 'Bearer ***'),
-			(r'Authorization:\s*[^\n\r]+', 'Authorization: ***'),
-		]
-		for pat, rep in patterns:
-			text = re.sub(pat, rep, text)
-		return text
-	except Exception:
-		return text
+    # Best-effort ASCII redaction: mask common secrets in logs and JSON
+    try:
+        text = _safe_ascii(text)
+        import re
+        patterns = [
+            # SSN-like
+            (r'\b(\d{3}-?\d{2}-?\d{4})\b', '***-**-****'),
+            # 9-11 digit numeric IDs
+            (r'\b(\d{9,11})\b', '*********'),
+            # Authorization headers
+            (r'Authorization:\s*Bearer\s+[A-Za-z0-9\-._~+/]+=*', 'Authorization: Bearer ***'),
+            (r'Authorization:\s*[^\n\r]+', 'Authorization: ***'),
+            # JSON token fields
+            (r'("access_token"\s*:\s*")([^"]+)(")', r'\1***\3'),
+            (r'("refresh_token"\s*:\s*")([^"]+)(")', r'\1***\3'),
+            (r'("id_token"\s*:\s*")([^"]+)(")', r'\1***\3'),
+            (r'("X-Auth-Token"\s*:\s*")([^"]+)(")', r'\1***\3'),
+            # URL query params: token=..., access_token=..., auth=...
+            (r'(token|access_token|auth|authorization)=([^&\s]+)', r'\1=***'),
+            # Bearer fragments in JSON or text
+            (r'Bearer\s+[A-Za-z0-9\-._~+/]+=*', 'Bearer ***'),
+        ]
+        for pat, rep in patterns:
+            text = re.sub(pat, rep, text)
+        return text
+    except Exception:
+        return text
 
 
 def _ensure_dir(path):
@@ -84,18 +99,10 @@ def _ensure_dir(path):
 		return False
 
 
-def _compute_report_id(zip_path):
-	try:
-		h = hashlib.sha256()
-		with open(zip_path, 'rb') as f:
-			chunk = f.read(256 * 1024)
-			h.update(chunk)
-		return 'mc-{}-{}'.format(int(time.time()), h.hexdigest()[:12])
-	except Exception:
-		return 'mc-{}-{}'.format(int(time.time()), '000000000000')
+# _compute_report_id removed (unused)
 
 
-def collect_support_bundle(include_traceback=True, max_log_lines=2000):
+def collect_support_bundle(include_traceback=True, max_log_lines=500):
 	config, _ = load_configuration()
 	medi = config.get('MediLink_Config', {})
 	local_storage_path = medi.get('local_storage_path', '.')
@@ -120,7 +127,7 @@ def collect_support_bundle(include_traceback=True, max_log_lines=2000):
 		except Exception:
 			traceback_txt = ''
 
-	meta = {
+meta = {
 		'app_version': _safe_ascii(_get_version()),
 		'python_version': _safe_ascii(sys.version.split(' ')[0]),
 		'platform': _safe_ascii(platform.platform()),
@@ -140,12 +147,25 @@ def collect_support_bundle(include_traceback=True, max_log_lines=2000):
 				z.writestr('log_tail.txt', log_tail)
 			if traceback_txt:
 				z.writestr('traceback.txt', traceback_txt)
-			z.writestr('README.txt', _readme_text())
-		return zip_path
+			# Get latest WinSCP log
+			upload_log = os.path.join(local_storage_path, 'winscp_upload.log')
+			download_log = os.path.join(local_storage_path, 'winscp_download.log')
+			winscp_logs = [(p, os.path.getmtime(p)) for p in [upload_log, download_log] if os.path.exists(p)]
+			if winscp_logs:
+				latest_winscp = max(winscp_logs, key=lambda x: x[1])[0]
+				winscp_tail = _tail_file(latest_winscp, max_log_lines) if latest_winscp else ''
+				winscp_tail = _redact(winscp_tail)
+			else:
+				winscp_tail = ''
+			if winscp_tail:
+				z.writestr('winscp_log_tail.txt', winscp_tail)
 	except Exception as e:
 		mc_log('Error creating support bundle: {}'.format(e), level='ERROR')
 		return None
 
+	# Do not delete oversize bundles here; sender will enforce size based on config
+	return zip_path
+
 
 def _first_line(text):
 	try:
@@ -158,14 +178,6 @@ def _first_line(text):
 		return ''
 
 
-def _readme_text():
-	return (
-		"MediCafe Support Bundle\n\n"
-		"This archive contains a redacted log tail, optional traceback, and metadata.\n"
-		"You may submit this bundle automatically from the app or send it manually to support.\n"
-	)
-
-
 def _get_version():
 	try:
 		from MediCafe import __version__
@@ -174,105 +186,6 @@ def _get_version():
 		return 'unknown'
 
 
-def submit_support_bundle(zip_path):
-	config, _ = load_configuration()
-	medi = config.get('MediLink_Config', {})
-	rep = medi.get('error_reporting', {}) if isinstance(medi, dict) else {}
-	endpoint_url = _safe_ascii(rep.get('endpoint_url', ''))
-	auth_token = _safe_ascii(rep.get('auth_token', ''))
-	insecure = bool(rep.get('insecure_http', False))
-	max_bytes = int(rep.get('max_bundle_bytes', 2097152))
-
-	if not requests:
-		print("[ERROR] requests module not available; cannot submit report.")
-		return False
-	if not endpoint_url:
-		print("[ERROR] error_reporting.endpoint_url not configured.")
-		return False
-	if not os.path.exists(zip_path):
-		print("[ERROR] Bundle not found: {}".format(zip_path))
-		return False
-	try:
-		size = os.path.getsize(zip_path)
-		if size > max_bytes:
-			print("[INFO] Bundle size {} exceeds cap {}; rebuilding smaller not implemented here.".format(size, max_bytes))
-	except Exception:
-		pass
-
-	report_id = _compute_report_id(zip_path)
-	headers = {
-		'X-Auth-Token': auth_token or '',
-		'X-Report-Id': report_id,
-		'User-Agent': 'MediCafe-Reporter/1.0'
-	}
-
-	# Prepare meta.json stream derived from inside the zip for server convenience
-	meta_json = '{}'
-	try:
-		with zipfile.ZipFile(zip_path, 'r') as z:
-			if 'meta.json' in z.namelist():
-				meta_json = z.read('meta.json')
-	except Exception:
-		meta_json = '{}'
-
-	try:
-		bundle_fh = open(zip_path, 'rb')
-		files = {
-			'meta': ('meta.json', meta_json, 'application/json'),
-			'bundle': (os.path.basename(zip_path), bundle_fh, 'application/zip')
-		}
-		r = requests.post(endpoint_url, headers=headers, files=files, timeout=(10, 20), verify=(not insecure))
-		code = getattr(r, 'status_code', None)
-		if code == 200:
-			print("[SUCCESS] Report submitted. ID: {}".format(report_id))
-			return True
-		elif code == 401:
-			print("[ERROR] Unauthorized (401). Check error_reporting.auth_token.")
-			return False
-		elif code == 403:
-			print("[ERROR] Forbidden (403). The receiver denied access. Verify REPORT_TOKEN and receiver permissions.")
-			return False
-		elif code == 413:
-			print("[ERROR] Too large (413). Consider reducing max log lines.")
-			return False
-		else:
-			print("[ERROR] Submission failed with status {}".format(code))
-			return False
-	except Exception as e:
-		print("[ERROR] Submission exception: {}".format(e))
-		return False
-	finally:
-		try:
-			bundle_fh.close()
-		except Exception:
-			pass
-
-
-def flush_queued_reports():
-	config, _ = load_configuration()
-	medi = config.get('MediLink_Config', {})
-	local_storage_path = medi.get('local_storage_path', '.')
-	queue_dir = os.path.join(local_storage_path, 'reports_queue')
-	if not os.path.isdir(queue_dir):
-		return 0, 0
-	count_ok = 0
-	count_total = 0
-	for name in sorted(os.listdir(queue_dir)):
-		if not name.endswith('.zip'):
-			continue
-		zip_path = os.path.join(queue_dir, name)
-		count_total += 1
-		print("Attempting upload of queued report: {}".format(name))
-		ok = submit_support_bundle(zip_path)
-		if ok:
-			try:
-				os.remove(zip_path)
-			except Exception:
-				pass
-			count_ok += 1
-	return count_ok, count_total
-
-
 def capture_unhandled_traceback(exc_type, exc_value, exc_traceback):
 	try:
 		config, _ = load_configuration()
@@ -284,7 +197,165 @@ def capture_unhandled_traceback(exc_type, exc_value, exc_traceback):
 		text = _redact(text)
 		with open(trace_path, 'w') as f:
 			f.write(text)
-		print("An error occurred. A traceback was saved to {}".format(trace_path))
+	print("An error occurred. A traceback was saved to {}".format(trace_path))
 	except Exception:
-		pass
+		try:
+			mc_log('Failed to capture traceback to file', level='WARNING')
+		except Exception:
+			pass
+
+def submit_support_bundle_email(zip_path=None, include_traceback=True):
+    if not zip_path:
+        zip_path = collect_support_bundle(include_traceback)
+        if not zip_path:
+            mc_log("Failed to create bundle.", level="ERROR")
+            return False
+    bundle_size = os.path.getsize(zip_path)
+    config, _ = load_configuration()
+    email_config = config.get('MediLink_Config', {}).get('error_reporting', {}).get('email', {})
+    # Determine max size from config with default 1.5MB
+    try:
+        max_bytes = int(email_config.get('max_bundle_bytes', 1572864))
+    except Exception:
+        max_bytes = 1572864
+    if bundle_size > max_bytes:
+        mc_log("Bundle too large ({} bytes > {} bytes) - leaving in queue.".format(bundle_size, max_bytes), level="WARNING")
+        return False
+    # Feature is always available; proceed if recipients and token are available
+    # Normalize and validate recipients
+    to_emails = _normalize_recipients(email_config.get('to', []))
+    if not to_emails:
+        mc_log("No valid recipients configured in error_reporting.email.to", level="ERROR")
+        return False
+    subject_prefix = email_config.get('subject_prefix', 'MediCafe Error Report')
+    access_token = get_access_token()
+    if not access_token:
+        mc_log("No access token - authenticate first.", level="ERROR")
+        return False
+    mc_log("Building email...", level="INFO")
+    msg = MIMEMultipart()
+    msg['To'] = ', '.join(to_emails)
+    msg['Subject'] = '{} - {}'.format(subject_prefix, time.strftime('%Y%m%d_%H%M%S'))
+    with open(zip_path, 'rb') as f:
+        attach = MIMEApplication(f.read(), _subtype='zip')
+        attach.add_header('Content-Disposition', 'attachment', filename=os.path.basename(zip_path))
+        msg.attach(attach)
+    body = "Error report attached."
+    msg.attach(MIMEText(body, 'plain'))
+    raw = base64.urlsafe_b64encode(msg.as_bytes()).decode()
+    mc_log("Sending report...", level="INFO")
+    headers = {'Authorization': 'Bearer {}'.format(access_token), 'Content-Type': 'application/json'}
+    data = {'raw': raw}
+    resp = requests.post('https://gmail.googleapis.com/gmail/v1/users/me/messages/send', headers=headers, json=data)
+    if resp.status_code == 200:
+        mc_log("Report sent successfully!", level="INFO")
+        try:
+            os.remove(zip_path)
+        except Exception:
+            pass
+        return True
+    else:
+        # Handle auth errors by prompting re-consent using existing OAuth helpers
+        if resp.status_code in (401, 403):
+            try:
+                from MediLink.MediLink_Gmail import get_authorization_url, open_browser_with_executable
+                auth_url = get_authorization_url()
+                mc_log("Gmail send unauthorized ({}). Opening browser for re-consent.".format(resp.status_code), level="WARNING")
+                try:
+                    print("Your Google session needs to be refreshed to gain gmail.send permission. A browser will open to re-authorize.")
+                except Exception:
+                    pass
+                open_browser_with_executable(auth_url)
+            except Exception:
+                pass
+        mc_log("Failed to send: {} - {}".format(resp.status_code, _redact(resp.text)), level="ERROR")
+        # Preserve bundle in queue for manual retry
+        return False
+
+
+def _normalize_recipients(to_field):
+    try:
+        # Flatten to a list of strings
+        if isinstance(to_field, str):
+            candidates = [p.strip() for p in to_field.split(',')]
+        elif isinstance(to_field, list):
+            candidates = [str(p).strip() for p in to_field]
+        else:
+            candidates = []
+        # Basic email regex: local@domain.tld
+        import re
+        email_re = re.compile(r'^[^@\s]+@[^@\s]+\.[^@\s]+$')
+        valid = []
+        for addr in candidates:
+            if not addr:
+                continue
+            if email_re.match(addr):
+                valid.append(addr)
+            else:
+                try:
+                    mc_log("Invalid email recipient skipped: {}".format(addr), level="WARNING")
+                except Exception:
+                    pass
+        return valid
+    except Exception:
+        return []
+
+
+def list_queued_bundles():
+    try:
+        config, _ = load_configuration()
+        medi = config.get('MediLink_Config', {})
+        local_storage_path = medi.get('local_storage_path', '.')
+        queue_dir = os.path.join(local_storage_path, 'reports_queue')
+        if not os.path.isdir(queue_dir):
+            return []
+        files = [os.path.join(queue_dir, f) for f in os.listdir(queue_dir) if f.endswith('.zip')]
+        files.sort()
+        return files
+    except Exception:
+        return []
+
+
+def submit_all_queued_bundles():
+    sent = 0
+    failed = 0
+    try:
+        queued = list_queued_bundles()
+        for z in queued:
+            try:
+                ok = submit_support_bundle_email(zip_path=z, include_traceback=False)
+                if ok:
+                    sent += 1
+                else:
+                    failed += 1
+            except Exception:
+                failed += 1
+    except Exception:
+        pass
+    return sent, failed
+
+
+def delete_all_queued_bundles():
+    deleted = 0
+    try:
+        for z in list_queued_bundles():
+            try:
+                os.remove(z)
+                deleted += 1
+            except Exception:
+                pass
+    except Exception:
+        pass
+    return deleted
+
+def email_error_report_flow():
+    try:
+        sent = submit_support_bundle_email(zip_path=None, include_traceback=True)
+        return 0 if sent else 1
+    except Exception as e:
+        mc_log("[ERROR] Exception during email report flow: {0}".format(e), level="ERROR")
+        return 1
+
+if __name__ == "__main__":
+    raise SystemExit(email_error_report_flow())
 

MediLink/MediLink_Gmail.py

@@ -84,6 +84,7 @@ SCOPES = ' '.join([
     'https://www.googleapis.com/auth/gmail.modify',
     'https://www.googleapis.com/auth/gmail.compose',
     'https://www.googleapis.com/auth/gmail.readonly',
+    'https://www.googleapis.com/auth/gmail.send',
     'https://www.googleapis.com/auth/script.external_request',
     'https://www.googleapis.com/auth/userinfo.email',
     'https://www.googleapis.com/auth/script.scriptapp',
@@ -114,11 +115,34 @@ def get_authorization_url():
 def exchange_code_for_token(auth_code, retries=3):
     return oauth_exchange_code_for_token(auth_code, CREDENTIALS_PATH, REDIRECT_URI, log, retries=retries)
 
+def _mask_token_value(value):
+    try:
+        s = str(value or '')
+        if len(s) <= 8:
+            return '***'
+        return s[:4] + '…' + s[-4:]
+    except Exception:
+        return '***'
+
+
+def _mask_token_payload(token_data):
+    try:
+        if not isinstance(token_data, dict):
+            return '{"token":"***"}'
+        masked = dict(token_data)
+        for k in ('access_token', 'refresh_token', 'id_token'):
+            if k in masked:
+                masked[k] = _mask_token_value(masked.get(k))
+        return masked
+    except Exception:
+        return '{"token":"***"}'
+
+
 def get_access_token():
     if os.path.exists(TOKEN_PATH):
         with open(TOKEN_PATH, 'r') as token_file:
             token_data = json.load(token_file)
-            log("Loaded token data:\n {}".format(token_data))
+            log("Loaded token data (masked):\n {}".format(_mask_token_payload(token_data)))
             if 'access_token' in token_data and 'expires_in' in token_data:
                 try:
                     token_time = token_data.get('token_time', time.time())
@@ -127,7 +151,7 @@ def get_access_token():
                     log("KeyError while accessing token data: {}".format(e))
                     return None
                 if token_expiry_time > time.time():
-                    log("Access token is still valid. Expires in {} seconds.".format(token_expiry_time - time.time()))
+                    log("Access token is still valid. Expires in {} seconds.".format(int(token_expiry_time - time.time())))
                     return token_data['access_token']
                 else:
                     log("Access token has expired. Current time: {}, Expiry time: {}".format(time.time(), token_expiry_time))
@@ -136,10 +160,10 @@ def get_access_token():
                         new_token_data['token_time'] = time.time()
                         with open(TOKEN_PATH, 'w') as token_file:
                             json.dump(new_token_data, token_file)
-                        log("Access token refreshed successfully. New token data: {}".format(new_token_data))
+                        log("Access token refreshed successfully. New token data (masked): {}".format(_mask_token_payload(new_token_data)))
                         return new_token_data['access_token']
                     else:
-                        log("Failed to refresh access token. New token data: {}".format(new_token_data))
+                        log("Failed to refresh access token. Response (masked): {}".format(_mask_token_payload(new_token_data)))
                         return None
     log("Access token not found. Please authenticate.")
     return None