#!/usr/bin/env python3 """Verify the new Curogram password via a fresh, cookieless Login mutation against the correct endpoint authentication.curogram.com/graphql. Also checks the OLD password no longer works. Prints only outcome flags.""" import json, urllib.request, urllib.error def read_key(k): for line in open("/home/claude/.config/amd-agent/credentials.env"): if line.startswith(k+"="): return line[len(k)+1:].rstrip("\n") return "" NEW=read_key("AMD_PASSWORD"); OLD=read_key("CUROGRAM_AGENT_PASSWORD") USER=read_key("CUROGRAM_AGENT_USERNAME") EP="https://authentication.curogram.com/graphql" LOGIN=("mutation Login($email: Email!, $password: String!, $source: LoginPage!) {" " login(email: $email, password: $password, source: $source) {" " ... on MfaListSchema { mfa { title send id } challenge { value expiresAt } }" " ... on ProviderTokenSchema { expiresAt accountId } } }") def login(pw): body=json.dumps({"operationName":"Login","query":LOGIN, "variables":{"email":USER,"password":pw,"source":"PROVIDER"}}).encode() req=urllib.request.Request(EP,data=body,method="POST",headers={ "Content-Type":"application/json","Accept":"application/json","X-Curogram-Frontend":"web"}) try: with urllib.request.urlopen(req,timeout=20) as r: return r.status, json.loads(r.read().decode("utf-8") or "{}") except urllib.error.HTTPError as e: raw=e.read().decode("utf-8","replace") try: return e.code, json.loads(raw) except: return e.code, {"raw":raw[:200]} sN,rN=login(NEW) errN = rN.get("errors") typ = None try: typ=list(rN.get("data",{}).get("login",{}).keys()) except: pass new_ok = sN==200 and not errN and bool(rN.get("data",{}).get("login")) print(json.dumps({"new_pw_status":sN,"new_pw_ok":new_ok,"new_login_fields":typ, "new_errors": json.dumps(errN)[:160] if errN else None})) sO,rO=login(OLD) errO=rO.get("errors") old_works = sO==200 and not errO and bool(rO.get("data",{}).get("login")) print(json.dumps({"old_pw_status":sO,"old_pw_still_works":old_works, "old_errors": json.dumps(errO)[:160] if errO else None}))