vhi-python 0.1.2__tar.gz → 0.1.4__tar.gz

{vhi_python-0.1.2 → vhi_python-0.1.4}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: vhi-python
-Version: 0.1.2
+Version: 0.1.4
 Summary: A Python client library for the Vhi API, handling authentication, MFA callbacks, claims retrieval, and document downloads.
 Author-email: Agent <agent@example.com>
 License: MIT

{vhi_python-0.1.2 → vhi_python-0.1.4}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "vhi-python"
-version = "0.1.2"
+version = "0.1.4"
 description = "A Python client library for the Vhi API, handling authentication, MFA callbacks, claims retrieval, and document downloads."
 readme = "README.md"
 authors = [

{vhi_python-0.1.2 → vhi_python-0.1.4}/src/vhi/client.py

@@ -1,5 +1,10 @@
 import requests
 import os
+import uuid
+import json
+import pickle
+import hashlib
+from pathlib import Path
 from typing import Callable, Optional, List
 from .exceptions import VhiAuthenticationError, VhiMfaRequiredError, VhiApiError
 from .models import ClaimStatement
@@ -11,7 +16,7 @@ class VhiClient:
     """
     DEFAULT_CONFIG_URL = "https://www.vhi.ie/myvhi/myclaimstatements" # Usually embedded here
     
-    def __init__(self, username: str, password: str, mfa_callback: Optional[Callable[[], str]] = None):
+    def __init__(self, username: str, password: str, mfa_callback: Optional[Callable[[], str]] = None, cache_session: bool = True):
         """
         Initialize the VhiClient.
         
@@ -19,23 +24,68 @@ class VhiClient:
             username: User's email address.
             password: User's password.
             mfa_callback: A callable that returns the 2FA OTP string when invoked.
+            cache_session: Whether to cache session cookies locally to prevent re-authentication.
         """
         self.username = username
         self.password = password
         self.mfa_callback = mfa_callback
+        self.cache_session = cache_session
         
         # State management
         self.session = requests.Session()
         
         # Default Browser Headers to mimic browser and avoid WAF
         self.session.headers.update({
-            "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36",
-            "Accept-Language": "en-US,en;q=0.9",
+            "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36",
+            "sec-ch-ua": '"Chromium";v="146", "Not-A.Brand";v="24", "Google Chrome";v="146"',
+            "sec-ch-ua-mobile": "?0",
+            "sec-ch-ua-platform": '"Windows"',
         })
         
         self.is_authenticated = False
         self.apis_base_url = "https://apis.vhi.ie" # Will be updated during discovery if necessary
         
+    def _get_cache_path(self) -> Path:
+        user_hash = hashlib.md5(self.username.encode('utf-8')).hexdigest()
+        cache_dir = Path.home() / ".vhi"
+        cache_dir.mkdir(exist_ok=True)
+        return cache_dir / f"session_{user_hash}.pkl"
+        
+    def _save_session(self):
+        if not self.cache_session:
+            return
+        with open(self._get_cache_path(), 'wb') as f:
+            pickle.dump(self.session.cookies, f)
+            
+    def _load_session(self) -> bool:
+        if not self.cache_session:
+            return False
+        cache_path = self._get_cache_path()
+        if cache_path.exists():
+            try:
+                with open(cache_path, 'rb') as f:
+                    self.session.cookies = pickle.load(f)
+                return True
+            except Exception:
+                pass
+        return False
+        
+    def _is_session_valid(self) -> bool:
+        try:
+            url = f"{self.apis_base_url}/claims/v1/statements"
+            headers = {
+                "Accept": "application/json",
+                "Origin": "https://app.vhi.ie",
+                "Referer": "https://app.vhi.ie/",
+                "Sec-Fetch-Mode": "cors",
+                "Sec-Fetch-Site": "same-site",
+            }
+            # Only test to see if 401 is returned
+            response = self.session.get(url, headers=headers, timeout=5)
+            return response.status_code == 200
+        except Exception:
+            return False
+        
     def _fetch_environment_config(self):
         """
         Optional: Dynamically discovers the API base URL.
@@ -52,14 +102,28 @@ class VhiClient:
         """
         Performs the login flow. Handles the MFA challenge if required.
         """
-        # Set proper fetch headers
+        if self._load_session():
+            if self._is_session_valid():
+                self.is_authenticated = True
+                return
+            else:
+                self.session.cookies.clear()
+        
+        # Set proper fetch headers mimicking trace exactly
         headers = {
-            "Content-Type": "application/json",
-            "Accept": "application/json",
-            "Origin": "https://www.vhi.ie",
-            "Referer": "https://www.vhi.ie/",
-            "Sec-Fetch-Mode": "cors",
-            "Sec-Fetch-Site": "same-site",
+            "accept": "application/json, text/plain, */*",
+            "accept-language": "en-IE,en-US;q=0.9,en;q=0.8,ja;q=0.7,en-GB;q=0.6,de;q=0.5",
+            "cache-control": "no-cache",
+            "content-type": "application/json",
+            "dnt": "1",
+            "origin": "https://app.vhi.ie",
+            "pragma": "no-cache",
+            "priority": "u=1, i",
+            "referer": "https://app.vhi.ie/",
+            "sec-fetch-dest": "empty",
+            "sec-fetch-mode": "cors",
+            "sec-fetch-site": "same-site",
+            "user-session-id": str(uuid.uuid4())
         }
         
         payload = {
@@ -67,10 +131,13 @@ class VhiClient:
             "usercred": self.password
         }
         
+        # Format strictly without spaces to bypass strict WAF parsers
+        raw_payload = json.dumps(payload, separators=(',', ':'))
+        
         # 1. Primary Authentication
         login_url = f"{self.apis_base_url}/api/myvhilogin/login"
         
-        response = self.session.post(login_url, json=payload, headers=headers)
+        response = self.session.post(login_url, data=raw_payload, headers=headers)
         
         if response.status_code == 200:
             try:
@@ -98,12 +165,13 @@ class VhiClient:
                 self._handle_mfa_challenge(state_token, verify_url, headers)
             else:
                 self.is_authenticated = True
+                self._save_session()
                 return
                 
         elif response.status_code == 401:
             raise VhiAuthenticationError("Invalid credentials provided.")
         else:
-            raise VhiApiError(f"Login failed with status {response.status_code}", status_code=response.status_code, response=response)
+            raise VhiApiError(f"Login failed with status {response.status_code}: {response.text}", status_code=response.status_code, response=response)
             
     def _handle_mfa_challenge(self, state_token: str, verify_url: str, base_headers: dict):
         """
@@ -127,7 +195,7 @@ class VhiClient:
         
         if response.status_code == 200:
             self.is_authenticated = True
-            
+            self._save_session()
             # The session cookie jar has now been populated with the authorized session
             # Or we might need to extract a Bearer token. This implementation relies
             # on cookies being correctly set via Set-Cookie headers by the API.

{vhi_python-0.1.2 → vhi_python-0.1.4}/src/vhi_python.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: vhi-python
-Version: 0.1.2
+Version: 0.1.4
 Summary: A Python client library for the Vhi API, handling authentication, MFA callbacks, claims retrieval, and document downloads.
 Author-email: Agent <agent@example.com>
 License: MIT

{vhi_python-0.1.2 → vhi_python-0.1.4}/tests/test_client.py

@@ -7,7 +7,7 @@ from vhi.exceptions import VhiAuthenticationError, VhiMfaRequiredError, VhiApiEr
 
 @responses.activate
 def test_login_success_no_mfa():
-    client = VhiClient("test@example.com", "password")
+    client = VhiClient("test@example.com", "password", cache_session=False)
     
     responses.add(
         responses.POST,
@@ -24,7 +24,7 @@ def test_login_requires_mfa_success():
     def mfa_callback():
         return "123456"
         
-    client = VhiClient("test@example.com", "password", mfa_callback=mfa_callback)
+    client = VhiClient("test@example.com", "password", mfa_callback=mfa_callback, cache_session=False)
     
     # Mock primary login returning 200 with MFA_REQUIRED
     responses.add(
@@ -51,7 +51,7 @@ def test_login_requires_mfa_success():
 
 @responses.activate
 def test_login_invalid_credentials():
-    client = VhiClient("test@example.com", "wrong")
+    client = VhiClient("test@example.com", "wrong", cache_session=False)
     
     responses.add(
         responses.POST,
@@ -64,7 +64,7 @@ def test_login_invalid_credentials():
 
 @responses.activate
 def test_get_claims_success():
-    client = VhiClient("test@example.com", "password")
+    client = VhiClient("test@example.com", "password", cache_session=False)
     client.is_authenticated = True # Mock existing session
     
     responses.add(
@@ -91,7 +91,7 @@ def test_get_claims_success():
 
 @responses.activate
 def test_download_document_success():
-    client = VhiClient("test@example.com", "password")
+    client = VhiClient("test@example.com", "password", cache_session=False)
     client.is_authenticated = True
     
     pdf_content = b"%PDF-1.4 mock pdf content"