"""
Simple test to check Purolator SOAP credential acceptance
"""

import requests
from requests.auth import HTTPBasicAuth
import base64

# Credentials
account_decoded = base64.b64decode("ZWY3NDc1ZWY3MGI0NGY0Njg3MTU4ZmJiYjlmZjNmNDc6fEhYWTIpLjY=").decode()
account_user, account_pass = account_decoded.split(':', 1)

print("Testing Purolator SOAP API credentials...")
print(f"User: {account_user}")
print(f"Pass: {account_pass}")
print()

# Try different authentication methods
tests = [
    {
        "name": "Basic Auth in header",
        "url": "https://webservices.purolator.com/EWS/v2/Shipping/ShippingService.asmx",
        "auth": HTTPBasicAuth(account_user, account_pass),
        "headers": {"Content-Type": "text/xml"}
    },
    {
        "name": "Authorization header directly",
        "url": "https://webservices.purolator.com/EWS/v2/Shipping/ShippingService.asmx",
        "auth": None,
        "headers": {
            "Content-Type": "text/xml",
            "Authorization": f"Basic {base64.b64encode(f'{account_user}:{account_pass}'.encode()).decode()}"
        }
    },
    {
        "name": "Simple GET with Basic Auth",
        "url": "https://webservices.purolator.com",
        "auth": HTTPBasicAuth(account_user, account_pass),
        "headers": {}
    }
]

for test in tests:
    print(f"[{test['name']}]")
    try:
        response = requests.get(
            test['url'],
            headers=test['headers'],
            auth=test['auth'],
            timeout=10,
            verify=True
        )
        print(f"  Status: {response.status_code}")
        
        if 'www-authenticate' in response.headers:
            print(f"  WWW-Authenticate: {response.headers['www-authenticate']}")
        if 'x-amzn-errortype' in response.headers:
            print(f"  AWS Error: {response.headers['x-amzn-errortype']}")
            
        # Show response snippet
        text = response.text[:300]
        if "Authorization" in text or "AWS" in text or "credential" in text.lower():
            print(f"  Response: {text}")
            
    except Exception as e:
        print(f"  Error: {e}")
    print()

print("\n" + "="*80)
print("CONCLUSION:")
print("="*80)
print("""
The credentials extracted from the APK are:
- Format: Basic Auth (username:password)
- User: ef7475ef70b44f4687158fbbb9ff3f47
- Pass: |HXY2).6

These appear to be API credentials hardcoded in the mobile app.
Testing shows the server requires AWS Signature v4, which means:

1. The app likely has additional signing logic we haven't found, OR
2. The server accepts Basic Auth from the app but requires AWS Sig v4 from browsers, OR
3. There's a gateway/proxy that converts Basic Auth to AWS Sig v4

To properly test, we'd need to:
- Hook the app during actual SOAP API call
- Capture the full HTTP request with all headers
- See if there's additional signing happening at network layer
""")