joao.herculano/Ruptura_Projetada
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Ruptura_Projetada/PEF/token_GI.py
João Herculano 7221f41ebb mudaças pré formatação do pc
2025-10-24 15:54:54 -03:00

258 lines
9.8 KiB
Python
Raw Blame History

import os
import hashlib
import base64
import requests
import re
import json
from datetime import datetime
import csv
dir = fr"C:\Users\caique.pereira\Downloads\PEF"
# Seu diretório
hoje_coluna = datetime.today() # Pegando a Data e Hora de hoje
hoje_formatado = hoje_coluna.strftime('%Y-%m-%d')
data_atual = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
def generate_code_verifier():
"""Gera um code_verifier aleatório."""
return base64.urlsafe_b64encode(os.urandom(32)).decode('utf-8').rstrip("=")
def generate_code_challenge(code_verifier):
"""Gera o code_challenge usando SHA-256."""
sha256_hash = hashlib.sha256(code_verifier.encode('utf-8')).digest()
return base64.urlsafe_b64encode(sha256_hash).decode('utf-8').rstrip("=")
def send_authorization_request(session, code_challenge):
"""Envia uma requisição GET para a página de login usando a sessão."""
url = "https://login.extranet.grupoboticario.com.br/1e6392bd-5377-48f0-9a8e-467f5b381b18/oauth2/v2.0/authorize"
params = {
"p": "B2C_1A_JIT_SIGNUPORSIGNIN_FEDCORP_APIGEE_PRD",
"client_id": "b3001e60-a8e0-4da8-82ba-c3a701405f08",
"redirect_uri": "https://extranet.grupoboticario.com.br/auth/callback",
"response_type": "code",
"scope": "openid email https://gboticariob2c.onmicrosoft.com/a6cd4fe6-3d71-455a-b99d-f458a07cc0d1/extranet.api offline_access",
"state": "15d9d7f95f8648d1941426f4665aa383",
"code_challenge": code_challenge,
"code_challenge_method": "S256",
"response_mode": "query"
}
response = session.get(url, params=params)
if response.status_code == 200:
print("Página de login carregada com sucesso.")
return response.text # Retorna o HTML
else:
print(f"Erro ao acessar a página de login: {response.status_code}")
print("Resposta de erro:", response.text)
return None
def extract_tokens(html_content):
"""Extrai o CSRF Token e StateProperties do conteúdo HTML."""
csrf_token = None
state_properties = None
if html_content:
csrf_match = re.search(r'"csrf":"(.*?)"', html_content)
csrf_token = csrf_match.group(1) if csrf_match else None
state_properties_match = re.search(r'"transId":"StateProperties=(.*?)"', html_content)
state_properties = state_properties_match.group(1) if state_properties_match else None
return csrf_token, state_properties
def send_login_request(session, csrf_token, state_properties, username, password):
"""Envia uma requisição POST para realizar o login usando a sessão."""
url = "https://login.extranet.grupoboticario.com.br/1e6392bd-5377-48f0-9a8e-467f5b381b18/B2C_1A_JIT_SignUpOrSignin_FedCorp_APIGEE_PRD/SelfAsserted"
params = {
"tx": f"StateProperties={state_properties}",
"p": "B2C_1A_JIT_SignUpOrSignin_FEDCorp_APIGEE_PRD"
}
headers = {
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
"X-CSRF-TOKEN": csrf_token,
"X-Requested-With": "XMLHttpRequest",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 Edg/132.0.0.0",
"Accept": "application/json, text/javascript, */*; q=0.01",
"Origin": "https://login.extranet.grupoboticario.com.br",
"Referer": "https://login.extranet.grupoboticario.com.br/1e6392bd-5377-48f0-9a8e-467f5b381b18/oauth2/v2.0/authorize"
}
data = {
"request_type": "RESPONSE",
"signInName": username,
"password": password
}
response = session.post(url, params=params, headers=headers, data=data)
if response.status_code == 200:
print("Login realizado com sucesso!")
return response.text
else:
print(f"Erro ao realizar login: {response.status_code}")
return None
def send_final_request(session, csrf_token, state_properties):
"""
Envia a última requisição GET para obter a página HTML.
"""
url = "https://login.extranet.grupoboticario.com.br/1e6392bd-5377-48f0-9a8e-467f5b381b18/B2C_1A_JIT_SignUpOrSignin_FedCorp_APIGEE_PRD/api/CombinedSigninAndSignup/confirmed"
params = {
"rememberMe": "false",
"csrf_token": csrf_token,
"tx": f"StateProperties={state_properties}",
"p": "B2C_1A_JIT_SignUpOrSignin_FedCorp_APIGEE_PRD"
}
headers = {
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 Edg/132.0.0.0",
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
"Referer": "https://login.extranet.grupoboticario.com.br/1e6392bd-5377-48f0-9a8e-467f5b381b18/oauth2/v2.0/authorize"
}
response = session.get(url, headers=headers, params=params, allow_redirects=False)
if response.status_code == 200:
print("Requisição final bem-sucedida!")
return response.text # Retorna o HTML
else:
print(f"Erro na requisição final: {response.status_code}")
return response.text
def extract_code_from_html(html_content):
"""
Extrai o valor do parâmetro `code` da URL no HTML fornecido.
:param html_content: O conteúdo HTML como string.
:return: O valor do código ou None, se não encontrado.
"""
# Regex para encontrar o parâmetro `code` na URL do atributo `href`
match = re.search(r'href="[^"]*?code=([^&"]+)', html_content)
if match:
return match.group(1) # Captura o valor do parâmetro `code`
return match
def send_token_request(code, code_verifier):
"""
Envia uma requisição POST para obter o token usando o código e o code_verifier.
:param code: O código extraído da etapa anterior.
:param code_verifier: O code_verifier usado no início do fluxo.
:return: A resposta do servidor.
"""
url = "https://login.extranet.grupoboticario.com.br/1e6392bd-5377-48f0-9a8e-467f5b381b18/oauth2/v2.0/token"
params = {
"p": "B2C_1A_JIT_SIGNUPORSIGNIN_FEDCORP_APIGEE_PRD"
}
headers = {
"Host": "login.extranet.grupoboticario.com.br",
"Connection": "keep-alive",
"Content-Type": "application/x-www-form-urlencoded",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 Edg/132.0.0.0",
"Accept": "*/*",
"Origin": "https://extranet.grupoboticario.com.br",
"Sec-Fetch-Site": "same-site",
"Sec-Fetch-Mode": "cors",
"Sec-Fetch-Dest": "empty",
"Referer": "https://extranet.grupoboticario.com.br/",
"Accept-Encoding": "gzip, deflate, br",
"Accept-Language": "pt-BR,pt;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6",
}
data = {
"client_id": "b3001e60-a8e0-4da8-82ba-c3a701405f08",
"code": code,
"redirect_uri": "https://extranet.grupoboticario.com.br/auth/callback",
"code_verifier": code_verifier,
"grant_type": "authorization_code"
}
response = requests.post(url, params=params, headers=headers, data=data)
return response.text
def extract_tokens_2(response_1):
response = json.loads(response_1)
try:
access_token = response.get("access_token")
id_token = response.get("id_token")
refresh_token = response.get("refresh_token")
return {
"access_token": access_token,
"id_token": id_token,
"refresh_token": refresh_token
}
except Exception as e:
print(f"Erro ao extrair tokens: {e}")
return None
# Processo principal
def main():
session = requests.Session() # Iniciar uma sessão persistente
code_verifier = generate_code_verifier()
code_challenge = generate_code_challenge(code_verifier)
print(f"Code Verifier: {code_verifier}")
print(f"Code Challenge: {code_challenge}")
# Enviar requisição GET para obter tokens
html_content = send_authorization_request(session, code_challenge)
csrf_token, state_properties = extract_tokens(html_content)
if not csrf_token or not state_properties:
print("Falha ao extrair CSRF Token ou StateProperties.")
else:
print("CSRF Token:", csrf_token)
print("StateProperties:", state_properties)
# Dados de login
username = "caique.santos1" # Colocar sua conta
password = "Peopleshit@55"
# Enviar requisição POST para login
login_response = send_login_request(session, csrf_token, state_properties, username, password)
if login_response:
print("Resposta do servidor:", login_response)
# Enviar requisição final
final_page_html = send_final_request(session, csrf_token, state_properties)
code = extract_code_from_html(final_page_html)
token = send_token_request(code, code_verifier)
# Carregar o JSON do arquivo texto
tokens = extract_tokens_2(token)
if tokens:
Access = tokens["access_token"]
csv_filename =fr"{dir}\token.csv"
# Escrever no arquivo CSV (criando se não existir)
with open(csv_filename,'r+') as file:
file.truncate(0)
with open(csv_filename, mode="a", newline="", encoding="utf-8") as file:
writer = csv.writer(file)
print('baixei o arquivo')
# Se o arquivo estiver vazio, escrever o cabeçalho
if file.tell() == 0:
writer.writerow(["token", "data"])
# Escrever os dados
writer.writerow([Access, data_atual])
#print("ID Token:", tokens["id_token"])
#print("Refresh Token:", tokens["refresh_token"])
else:
print("Falha ao carregar ou processar o JSON.")
if __name__ == "__main__":
main()
Reference in New Issue View Git Blame Copy Permalink