Investigación parcialmente completa. Varios endpoints funcionando y claves extraidas con GHIDRA.

2025-12-04 22:44:08 +01:00
parent ec57ac366d
commit aa02d7c896
22 changed files with 5644 additions and 1 deletions
--- a/debug_auth.py
+++ b/debug_auth.py
@@ -0,0 +1,93 @@
+#!/usr/bin/env python3
+"""
+Script de debug para ver el canonical request y string to sign
+"""
+
+from adif_auth import AdifAuthenticator
+import json
+
+ACCESS_KEY = "and20210615"
+SECRET_KEY = "Jthjtr946RTt"
+
+def debug_auth(url, payload, title):
+    """
+    Muestra el canonical request y string to sign para debug
+    """
+    print("\n" + "="*70)
+    print(title)
+    print("="*70)
+
+    auth = AdifAuthenticator(access_key=ACCESS_KEY, secret_key=SECRET_KEY)
+
+    # Usar el mismo user_id y timestamp para ambos
+    from datetime import datetime
+    import uuid
+
+    user_id = "test-user-123"
+    date = datetime(2025, 12, 4, 21, 0, 0)  # Fecha fija para debugging
+
+    from urllib.parse import urlparse
+    parsed = urlparse(url)
+    host = parsed.netloc
+    path = parsed.path
+    params = parsed.query or ""
+
+    client = "AndroidElcanoApp"
+    content_type = "application/json;charset=utf-8"
+
+    timestamp = auth.get_timestamp(date)
+    date_simple = auth.get_date(date)
+
+    # Preparar canonical request
+    canonical_request, signed_headers = auth.prepare_canonical_request(
+        "POST", path, params, payload, content_type, host, client, timestamp, user_id
+    )
+
+    # Preparar string to sign
+    string_to_sign = auth.prepare_string_to_sign(
+        timestamp, date_simple, client, user_id, canonical_request
+    )
+
+    # Calcular firma
+    signature = auth.calculate_signature(string_to_sign, date_simple, client)
+
+    print(f"\nURL: {url}")
+    print(f"Payload: {json.dumps(payload, separators=(',', ':'))}\n")
+
+    print("CANONICAL REQUEST:")
+    print("-" * 70)
+    print(canonical_request)
+    print("-" * 70)
+
+    print("\nSTRING TO SIGN:")
+    print("-" * 70)
+    print(string_to_sign)
+    print("-" * 70)
+
+    print(f"\nSIGNATURE: {signature}")
+
+
+# Test 1: Departures (funciona)
+url1 = "https://circulacion.api.adif.es/portroyalmanager/secure/circulationpaths/departures/traffictype/"
+payload1 = {
+    "commercialService": "BOTH",
+    "commercialStopType": "BOTH",
+    "page": {"pageNumber": 0},
+    "stationCode": "10200",
+    "trafficType": "ALL"
+}
+
+debug_auth(url1, payload1, "DEPARTURES (funciona ✅)")
+
+# Test 2: BetweenStations (no funciona)
+url2 = "https://circulacion.api.adif.es/portroyalmanager/secure/circulationpaths/betweenstations/traffictype/"
+payload2 = {
+    "commercialService": "BOTH",
+    "commercialStopType": "BOTH",
+    "originStationCode": "10200",
+    "destinationStationCode": "71801",
+    "page": {"pageNumber": 0},
+    "trafficType": "ALL"
+}
+
+debug_auth(url2, payload2, "BETWEENSTATIONS (no funciona ❌)")