#!/usr/bin/env python3
"""Probe how the agent Curogram session authenticates. Tries current-session
with: (a) cookie only, (b) cookie + Authorization: Bearer <CurogramPracticeToken>.
Prints status codes + response KEYS only, never token values."""
import json
import sys
import urllib.error
import urllib.request

from websocket import create_connection

PORT = 9223
SESSION_URL = "https://api-v2.curogram.com/authenticate/current-session"


def http_json(url):
    with urllib.request.urlopen(url, timeout=10) as r:
        return json.loads(r.read().decode())


def cdp_call(ws, method, params=None, _id=1):
    ws.send(json.dumps({"id": _id, "method": method, "params": params or {}}))
    while True:
        m = json.loads(ws.recv())
        if m.get("id") == _id:
            return m.get("result", {})


tabs = [t for t in http_json(f"http://localhost:{PORT}/json") if t.get("type") == "page"]
tab = next((t for t in tabs if "curogram.com" in (t.get("url") or "").lower()), tabs[0])
ws = create_connection(tab["webSocketDebuggerUrl"], timeout=10)
try:
    res = cdp_call(ws, "Network.getAllCookies")
finally:
    ws.close()

cookies = [c for c in res.get("cookies", []) if "curogram" in (c.get("domain") or "").lower()]
cookie_header = "; ".join(f"{c['name']}={c['value']}" for c in cookies)
practice_token = next((c["value"] for c in cookies if c["name"] == "CurogramPracticeToken"), "")


def get(url, headers):
    req = urllib.request.Request(url, headers=headers, method="GET")
    try:
        with urllib.request.urlopen(req, timeout=20) as resp:
            return resp.status, json.loads(resp.read().decode() or "{}")
    except urllib.error.HTTPError as e:
        raw = e.read().decode("replace")
        try:
            return e.code, json.loads(raw)
        except Exception:
            return e.code, {"raw": raw[:300]}


def summ(resp):
    if not isinstance(resp, dict):
        return str(resp)[:200]
    out = {"keys": list(resp.keys())}
    for k in ("email", "username", "id", "accountId", "name"):
        if k in resp:
            out[k] = resp[k]
    for nk in ("account", "user", "provider", "practice"):
        if isinstance(resp.get(nk), dict):
            out[nk + ".keys"] = list(resp[nk].keys())
            for k in ("email", "username", "name", "id"):
                if k in resp[nk]:
                    out[f"{nk}.{k}"] = resp[nk][k]
    if "errors" in resp:
        out["errors"] = resp["errors"]
    if "message" in resp:
        out["message"] = resp["message"]
    return out


base = {"X-Curogram-Frontend": "web", "Accept": "application/json",
        "Content-Type": "application/json"}

a = dict(base); a["Cookie"] = cookie_header
sa, ra = get(SESSION_URL, a)
print(json.dumps({"attempt": "cookie_only", "status": sa, "resp": summ(ra)}))

b = dict(a); b["Authorization"] = f"Bearer {practice_token}"
sb, rb = get(SESSION_URL, b)
print(json.dumps({"attempt": "cookie+bearer", "status": sb, "resp": summ(rb)}))