#!/usr/bin/env python3
"""Decode the Mandrill tracking-link base64 payload to recover the EXACT
change-password target URL (and thus the true token). Non-secret."""
import base64, json, re

# The 'Set a password' Mandrill href payload (p= query param), captured earlier.
P = ("eyJzIjoiVG5DRHNBaTdfd2w2bjJiNzk1YlF0TTR4RjEwIiwidiI6MiwicCI6IntcInVcIjozMDkwMDI5"
     "NSxcInZcIjoyLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2FwcC5jdXJvZ3JhbS5jb21cXFwvY2hhbmdl"
     "LXBhc3N3b3JkXFxcL0NIUFdELTQ2NTZjMDA2LWZlNzctNDcxNy04ZDA4LWEwNjdhNTE2MDJjNlwiLFwi"
     "aWRcIjpcIjA3MGRlYzhlMTJlODQ2YzViN2Q1M2VhOGU2NjRjYWFjXCIsXCJ1cmxfaWRzXCI6W1wiNmYx"
     "M2YzMTMyM2JmN2NlMzY3OWUwMjcyMmUwNDdjMjQ4M2UzZWI3YlwiXSxcIm1zZ190c1wiOjE3ODE3MjAz"
     "OTN9In0")
pad = P + "=" * (-len(P) % 4)
raw = base64.b64decode(pad).decode("utf-8", "replace")
print("OUTER:", raw[:300])
# outer JSON has p = a JSON-encoded string; extract the url field
try:
    outer = json.loads(raw)
    inner = json.loads(outer["p"])
    print("TARGET_URL:", inner.get("url"))
except Exception as e:
    print("parse err", e)
    m = re.search(r'change-password\\?/+([A-Za-z0-9-]+)', raw)
    print("REGEX_TOKEN:", m.group(1) if m else None)