[Bps-public-commit] rt-extension-assets-applegsx branch, uat, created. 1.0-11-g37af08d
Michel Rodriguez
michel at bestpractical.com
Thu Aug 29 08:37:23 EDT 2019
The branch, uat has been created
at 37af08dac427cf79b1b332e0a9da45fdf43e2e9e (commit)
- Log -----------------------------------------------------------------
commit 37af08dac427cf79b1b332e0a9da45fdf43e2e9e
Author: michel <michel at bestpractical.com>
Date: Wed Aug 21 19:35:17 2019 +0200
The module now uses the new JSON based Apple GSX API
diff --git a/Changes b/Changes
index b56052a..234fcf0 100644
--- a/Changes
+++ b/Changes
@@ -1,3 +1,8 @@
+2.0 1019-08-29
+
+ - Update to use Apple's GSX 2 system, with a different API and
+ authentication scheme
+
1.1 2016-06-30
- Update to accomodate changes to the Apple GSX authentication
diff --git a/README b/README
index 706ea38..9cada11 100644
--- a/README
+++ b/README
@@ -38,6 +38,21 @@ CONFIGURATION
account number, you must then get certificate and key files from Apple
and your server IP addresses must be whitelisted by Apple.
+ The configuration for the service uses the following variables:
+
+ # test server
+ Set( $AppleGSXApiBase, 'https://partner-connect-uat.apple.com/gsx/api');
+ Set( $AppleGSXGetToken, 'https://gsx2-uat.apple.com/gsx/api/login');
+
+ or
+
+ # production server
+ Set( $AppleGSXApiBase, 'https://partner-connect.apple.com/gsx/api');
+ Set( $AppleGSXGetToken, 'https://gsx2.apple.com/gsx/api/login');
+
+ plus the user ID that you use to get the initial activation token
+ Set( $AppleGSXUserId, '<Apple user ID, an email address');
+
Once you have done this, you can configure the authentication
information used to connect to GSX via the web UI, at Tools ->
Configuration -> Assets -> Apple GSX. This menu option is only available
diff --git a/html/Admin/Assets/GSX/index.html b/html/Admin/Assets/GSX/index.html
index 25d5ac7..df35816 100644
--- a/html/Admin/Assets/GSX/index.html
+++ b/html/Admin/Assets/GSX/index.html
@@ -32,6 +32,12 @@ Unable to connect to the Apple GSX services using the provided account informati
<tr><td class="label"><label for="KeyFilePath"><&|/l&>Key File Path</&></label></td>
<td><input name="KeyFilePath" id="KeyFilePath" value="<% $KeyFilePath %>" size="60" /></td>
</tr>
+<tr><td class="label"><label for="ActivationToken"><&|/l&>Activation Token</&></label></td>
+ <td><input name="ActivationToken" id="ActivationToken" value="<% $ActivationToken %>" size="60" /><br />
+ In case of problem get a new activation token from
+ <a href="<% $get_activation_token_url %>" onclick="return confirm('Are you sure?')"><% $get_activation_token_url %></a>.</td>
+</tr>
+
</table>
<& /Elements/Submit, Name => "Update", Label => loc('Update') &>
@@ -42,6 +48,10 @@ $m->clear_and_abort(403) unless $session{'CurrentUser'}->HasRight(
Right => 'SuperUser',
);
+my $show_token = RT->Config->Get('AppleGSXShowAuthenticationToken');
+
+my $get_activation_token_url = RT->Config->Get('AppleGSXGetToken');
+
my $config = RT->System->FirstAttribute('AppleGSXOptions');
$config = $config ? $config->Content : {};
if ($ARGS{Update}) {
@@ -51,6 +61,7 @@ if ($ARGS{Update}) {
$config->{LanguageCode} = $LanguageCode;
$config->{CertFilePath} = $CertFilePath;
$config->{KeyFilePath} = $KeyFilePath;
+ $config->{ActivationToken} = $ActivationToken;
RT->System->SetAttribute( Name => 'AppleGSXOptions', Content => $config );
}
@@ -61,6 +72,7 @@ my $ok = $config->{UserId}
&& $config->{LanguageCode}
&& $config->{CertFilePath}
&& $config->{KeyFilePath}
+ && $config->{ActivationToken}
&& $gsx->Authenticate;
$UserId = $config->{UserId};
@@ -69,6 +81,8 @@ $UserTimeZone = $config->{UserTimeZone} if $config->{UserTimeZone};
$LanguageCode = $config->{LanguageCode} if $config->{LanguageCode};
$CertFilePath = $config->{CertFilePath};
$KeyFilePath = $config->{KeyFilePath};
+$ActivationToken = $config->{ActivationToken};
+
</%init>
<%args>
$UserId => ""
@@ -77,4 +91,5 @@ $UserTimeZone => "PST"
$LanguageCode => "en"
$CertFilePath => ""
$KeyFilePath => ""
+$ActivationToken => ""
</%args>
diff --git a/lib/RT/Extension/Assets/AppleGSX.pm b/lib/RT/Extension/Assets/AppleGSX.pm
index 4007c04..4e1a20a 100644
--- a/lib/RT/Extension/Assets/AppleGSX.pm
+++ b/lib/RT/Extension/Assets/AppleGSX.pm
@@ -3,7 +3,7 @@ use warnings;
package RT::Extension::Assets::AppleGSX;
use RT::Extension::Assets::AppleGSX::Client;
-our $VERSION = '1.2';
+our $VERSION = '2.0';
my $CLIENT;
my $CLIENT_CACHE;
@@ -27,7 +27,7 @@ sub SerialCF {
sub Fields {
return RT->Config->Get('AppleGSXMap') || {
- 'Warranty Status' => 'warrantyStatus',
+ 'Warranty Status' => 'warrantyStatusCode',
'Warranty Start Date' => 'coverageStartDate',
'Warranty End Date' => 'coverageEndDate',
};
@@ -82,22 +82,18 @@ sub UpdateGSX {
return (0, "Apple GSX authentication failed; cannot import data")
unless $CLIENT->Authenticate;
- if ( my $serial = $self->FirstCustomFieldValue($serial_name) ) {
- my $info = $CLIENT->WarrantyStatus($serial);
- return (0, "GSX contains no information (check $serial_name?)")
- unless $info;
-
- # GSX returns everything in mm/dd/yy format. Sadly, local'ing
- # $RT::DateDayBeforeMonth is insufficient (?!). We set it back,
- # below; ensure that this function does not return between these
- # two statements!
- my $date_order = RT->Config->Get("DateDayBeforeMonth");
- RT->Config->Set("DateDayBeforeMonth" => 0);
+ if ( my $serial = $self->FirstCustomFieldValue( $serial_name ) ) {
+ my( $ret, $msg, $device ) = $CLIENT->GetDataForSerial( $serial );
+ if( ! $ret ) {
+ return (0, $msg)
+ }
my @results;
for my $field ( keys %$FIELDS_MAP ) {
my $old = $self->FirstCustomFieldValue($field);
- my $new = $info->{warrantyDetailInfo}{ $FIELDS_MAP->{$field} };
+ # data is either at device level or in $device->{warrantyInfo}
+ # the old mapping doesn't know about those 2 levels so we look in both places
+ my $new = $device->{ $FIELDS_MAP->{$field} } || $device->{warrantyInfo}{ $FIELDS_MAP->{$field} };
if ( defined $new ) {
# Canonicalize date and datetime CFs
if ($self->LoadCustomFieldByIdentifier($field)->Type =~ /^date(time)?/i) {
@@ -123,8 +119,6 @@ sub UpdateGSX {
}
}
- RT->Config->Set("DateDayBeforeMonth" => $date_order);
-
return (1, @results);
}
else {
diff --git a/lib/RT/Extension/Assets/AppleGSX/Client.pm b/lib/RT/Extension/Assets/AppleGSX/Client.pm
index c0e536a..85a45b2 100644
--- a/lib/RT/Extension/Assets/AppleGSX/Client.pm
+++ b/lib/RT/Extension/Assets/AppleGSX/Client.pm
@@ -6,52 +6,48 @@ package RT::Extension::Assets::AppleGSX::Client;
use Net::SSL;
use LWP::UserAgent;
-use XML::Simple;
-my $xs = XML::Simple->new;
+use JSON;
use base 'Class::Accessor::Fast';
__PACKAGE__->mk_accessors(
- qw/UserAgent UserSessionId UserSessionTimeout UserId UserTimeZone
- ServiceAccountNo LanguageCode CertFilePath KeyFilePath/
+ qw/UserAgent ActivationToken AuthenticationToken UserId UserTimeZone
+ ServiceAccountNo LanguageCode CertFilePath KeyFilePath AppleGSXApiBase/
);
sub new {
my $class = shift;
my $args = ref $_[0] eq 'HASH' ? shift @_ : {@_};
my $self = $class->SUPER::new($args);
+
$ENV{HTTPS_CERT_FILE} = $self->CertFilePath;
$ENV{HTTPS_KEY_FILE} = $self->KeyFilePath;
+ my $store_code = sprintf( "%010d", $self->ServiceAccountNo);
+
$self->UserAgent( LWP::UserAgent->new(ssl_opts => { verify_hostname => 0 }) ) unless $self->UserAgent;
+ my $default_headers = HTTP::Headers->new(
+ 'X-Apple-SoldTo' => $store_code,
+ 'X-Apple-ShipTo' => $store_code,
+ );
+ $self->UserAgent->default_headers( $default_headers );
+
+ # by default use the testing (-uat) URLs for both the API and getting the initial token
+ $self->{AppleGSXApiBase} ||= 'https://partner-connect-uat.apple.com/gsx/api';
+ $self->{AppleGSXGetToken} ||= 'https://gsx2-uat.apple.com/gsx/api/login';
+
return $self;
}
+# may need a name change, this does not authenticate, but just checks that the API is accessible
sub Authenticate {
my $self = shift;
- my $xml = $self->PrepareXML(
- 'Authenticate',
- {
- userId => $self->UserId,
- serviceAccountNo => $self->ServiceAccountNo,
- languageCode => $self->LanguageCode,
- userTimeZone => $self->UserTimeZone,
- }
- );
-
- my $res = $self->SendRequest($xml);
+ my %headers = ( Accept => 'text/plain' );
+ my $res = $self->UserAgent->get( $self->AppleGSXApiBase . "/authenticate/check", %headers );
if ( $res->is_success ) {
- my $ret =
- $self->ParseResponseXML( 'Authenticate', $res->decoded_content );
- $self->UserSessionId( $ret->{'userSessionId'} );
-
- # official timeout is 30 minutes, minus 5 is to avoid potential
- # out of sync time issue
- $self->UserSessionTimeout( time() + 25 * 60 );
- return $self->UserSessionId;
+ return 1;
}
else {
- warn "Failed to authenticate to Apple GSX: " . $res->status_line;
- warn "Full response: " . $res->content;
+ RT->Logger->error( "Failed to authenticate to Apple GSX: " . $res->status_line );
return;
}
}
@@ -60,91 +56,107 @@ sub WarrantyStatus {
my $self = shift;
my $serial = shift or return;
- $self->Authenticate
- unless $self->UserSessionId && time() < $self->UserSessionTimeout;
+ my( $ret, $msg, $device )= $self->GetDataForSerial( $serial );
+ if( ! $ret ) {
+ return( 0, $msg, undef);
+ }
+ if( ! $device->{warrantyInfo} ) {
+ RT->Logger->warning( "no warantyInfo returned (for sn $serial)" );
+ return( 0, "no warantyInfo returned" );
+ }
+ return ( 1, '', $device->{warrantyInfo});
+}
+
+sub GetDataForSerial {
+ my $self = shift;
+ my $serial = shift or return;
+
+ my $token = $self->AuthenticationToken;
- my $xml = $self->PrepareXML(
- 'WarrantyStatus',
- {
- 'userSession' => { userSessionId => $self->UserSessionId, },
- 'unitDetail' => { serialNumber => $serial,
- shipTo => $self->ServiceAccountNo }
- }
+ my %headers = (
+ 'X-Apple-Auth-Token' => $token,
+ 'Content-Type' => 'application/json',
+ 'Accept' => 'application/json',
);
- for my $try (1..5) {
- my $res = $self->SendRequest($xml);
- unless ($res->is_success) {
- my $data = eval {$xs->parse_string( $res->decoded_content, NoAttr => 1, SuppressEmpty => undef ) };
- my $fault = $data ? $data->{"S:Body"}{"S:Fault"}{"faultstring"} : $res->status_line;
- if ($fault =~ /^The serial number entered has been marked as obsolete/) {
- # no-op
- } elsif ($fault =~ /^The serial you entered is not valid/) {
- # no-op
- } else {
- warn "Failed to get Apple GSX warranty status of serial $serial: $fault";
- }
- return;
+ my $args = { "device" => { "id" => $serial } };
+ my $json = encode_json( $args );
+ my $response;
+
+ # only try if we have a token, otherwise we need to get one first
+ if( $token) {
+ $response = $self->UserAgent->post( $self->AppleGSXApiBase . "/repair/product/details", Content => $json, %headers );
+ }
+
+ if( ! $token || $response->code == 401 ) {
+ my( $ret, $msg, $new_token );
+ if( $token ) {
+ ( $ret, $msg, $new_token )= $self->get_new_authentication_token( $token );
+ }
+ if( ! $token || ! $ret) {
+ ( $ret, $msg, $new_token)= $self->get_new_authentication_token( $self->ActivationToken );
}
- my $ret = $self->ParseResponseXML( 'WarrantyStatus', $res->decoded_content );
- return $ret if $ret->{warrantyDetailInfo} and $ret->{warrantyDetailInfo}{serialNumber};
+ if( $ret) {
+ RT->Logger->debug( "got new authentication token");
+ $headers{'X-Apple-Auth-Token'} = $new_token;
+ $response = $self->UserAgent->post( $self->AppleGSXApiBase . "/repair/product/details", Content => $json, %headers);
+ }
+ else {
+ return ( 0, "error connecting to the GSX API: $msg", undef);
+ }
}
- warn "Repeatedly failed to get complete response from Apple GSX for serial $serial";
- return;
-}
-sub PrepareXML {
- my $self = shift;
- my $method = shift;
- my $args = shift || {};
-
- my $xml = $xs->XMLout(
- {
- 'soapenv:Body' =>
- { "glob:$method" => { "${method}Request" => $args, }, },
- },
- NoAttr => 1,
- KeyAttr => [],
- RootName => '',
- );
- return <<"EOF",
-<?xml version="1.0" encoding="UTF-8"?>
-<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
-xmlns:glob="http://gsxws.apple.com/elements/global">
-<soapenv:Header/>
-$xml
-</soapenv:Envelope>
-EOF
+ if( $response->is_success ) {
+ my $product_details = decode_json( $response->decoded_content );
+ my $device = $product_details->{device};
-}
+ # we set a couple of fields that were named differently in the old API, so old code still workd
+ # old warrantyStatus is new warrantyStatusDescription
+ $device->{warrantyInfo}->{warrantyStatus} = $device->{warrantyInfo}->{warrantyStatusDescription};
+ # old estimatedPurchaseDate is new purchaseDate (in warrantyInfo)
+ $device->{estimatedPurchaseDate} = $device->{warrantyInfo}->{purchaseDate};
-sub ParseResponseXML {
- my $self = shift;
- my $method = shift;
- my $xml = shift;
- my $ret = $xs->XMLin( $xml, NoAttr => 1, SuppressEmpty => undef, NSExpand => 1 );
- return $ret->{'{http://schemas.xmlsoap.org/soap/envelope/}Body'}
- ->{"{http://gsxws.apple.com/elements/global}${method}Response"}
- ->{"${method}Response"};
+ return( 1, '', $device);
+ }
+ else {
+ RT->Logger->warning( "Failed to get response from Apple GSX for serial $serial" );
+ return( 0, "Failed to get response from Apple GSX for serial $serial" );
+ }
}
-sub SendRequest {
+sub get_new_authentication_token {
my $self = shift;
- my $xml = shift;
+ my $old_token= shift;
+
+ my $data = { userAppleId => $self->UserId, authToken => $old_token };
+ my $json = encode_json( $data);
+ my %headers = (
+ 'Content-Type' => 'application/json',
+ Accept => 'application/json',
+ );
+ my $response = $self->UserAgent->post( $self->AppleGSXApiBase . "/authenticate/token", Content => $json, %headers );
+ if( $response->code == 200 ) {
+ my $json_string = $response->decoded_content;
+ my $response_json = decode_json( $json_string);
- my $domain = 'https://gsxapi.apple.com';
+ my $new_authentication_token = $response_json->{authToken};
- # Apple standard appears to be to use 'Test' for testing environment
- # certs.
- $domain = 'https://gsxapiut.apple.com' if $self->CertFilePath =~ /Test/;
+ $self->AuthenticationToken( $new_authentication_token);
- my $res = $self->UserAgent->post(
- "$domain/gsx-ws/services/am/asp",
- 'Content-Type' => 'text/xml; charset=utf-8',
- Content => $xml,
- );
- return $res;
+ # save the token in the AppleGSXOptions attribute
+ my $config= RT->System->FirstAttribute('AppleGSXOptions');
+ my $content = $config->Content;
+ $content->{AuthenticationToken} = $new_authentication_token;
+ # $config->SetContent( $content);
+ RT->System->SetAttribute( Name => 'AppleGSXOptions', Content => $content );
+
+ return ( 1, '', $new_authentication_token);
+ }
+ else {
+ RT->Logger->error( "Failed to get authentication token" );
+ return( 0, "cannot get authentication token: " . $response->code, undef);
+ }
}
1;
-----------------------------------------------------------------------
More information about the Bps-public-commit
mailing list