anny-booking-automation/kit.py

import os
import re
import html
import pytz
import requests
import datetime
import urllib.parse

from dotenv import load_dotenv


# === CONFIGURATION CONSTANTS === #
AUTH_BASE_URL = "https://auth.anny.eu"
ANNY_BASE_URL = "https://anny.eu"
BOOKING_API_BASE = "https://b.anny.eu/api/v1"
CHECKOUT_FORM_API = "https://b.anny.eu/api/ui/checkout-form"
RESOURCE_URL = f"{BOOKING_API_BASE}/resources/1-lehrbuchsammlung-eg-und-1-og/children"
SERVICE_ID = "449"

DEFAULT_HEADERS = {
    'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0',
    'accept': 'application/vnd.api+json',
    'accept-encoding': 'plain'
}


def get_future_datetime(days_ahead=3, hour="13:00:00"):
    dt = datetime.datetime.now(pytz.timezone('Europe/Berlin')) + datetime.timedelta(days=days_ahead)
    return dt.strftime(f"%Y-%m-%dT{hour}+02:00")


def extract_html_value(text, pattern):
    match = re.search(pattern, text)
    if not match:
        raise ValueError(f"Pattern not found: {pattern}")
    return html.unescape(match.group(1))


class AnnySession:
    def __init__(self, username, password):
        self.session = requests.Session()
        self.username = username
        self.password = password
        self.cookies = None

    def login(self):
        try:
            self._init_headers()
            self._sso_login()
            self._kit_auth()
            self._consume_saml()
            self.cookies = self.session.cookies
            print("✅ Login successful")
            return self.cookies
        except Exception as e:
            print(f"❌ Login failed: {e}")
            return None

    def _init_headers(self):
        self.session.headers.update({
            **DEFAULT_HEADERS,
            'accept': 'text/html, application/xhtml+xml',
            'referer': AUTH_BASE_URL + '/',
            'origin': AUTH_BASE_URL
        })

    def _sso_login(self):
        r1 = self.session.get(f"{AUTH_BASE_URL}/login/sso")
        self.session.headers['X-XSRF-TOKEN'] = urllib.parse.unquote(r1.cookies['XSRF-TOKEN'])

        page_data = extract_html_value(r1.text, r'data-page="(.*?)"')
        version = re.search(r'"version"\s*:\s*"([a-f0-9]{32})"', page_data)
        x_inertia_version = version.group(1) if version else '66b32acea13402d3aef4488ccd239c93'

        self.session.headers.update({
            'x-requested-with': 'XMLHttpRequest',
            'x-inertia': 'true',
            'x-inertia-version': x_inertia_version
        })

        r2 = self.session.post(f"{AUTH_BASE_URL}/login/sso", json={"domain": "kit.edu"})
        redirect_url = r2.headers['x-inertia-location']
        self.redirect_response = self.session.get(redirect_url)

    def _kit_auth(self):
        self.session.headers.pop('x-requested-with', None)
        self.session.headers.pop('x-inertia', None)
        self.session.headers.pop('x-inertia-version', None)

        csrf_token = extract_html_value(self.redirect_response.text, r'name="csrf_token" value="([^"]+)"')

        r4 = self.session.post(
            'https://idp.scc.kit.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1',
            data={
                'csrf_token': csrf_token,
                'j_username': self.username,
                'j_password': self.password,
                '_eventId_proceed': '',
                'fudis_web_authn_assertion_input': '',
            }
        )

        if "/consume" not in html.unescape(r4.text):
            raise Exception("KIT authentication failed")

        self.saml_response_html = r4.text

    def _consume_saml(self):
        consume_url = extract_html_value(self.saml_response_html, r'form action="([^"]+)"')
        relay_state = extract_html_value(self.saml_response_html, r'name="RelayState" value="([^"]+)"')
        saml_response = extract_html_value(self.saml_response_html, r'name="SAMLResponse" value="([^"]+)"')

        self.session.post(consume_url, data={
            'RelayState': relay_state,
            'SAMLResponse': saml_response
        })

        self.session.get(f"{ANNY_BASE_URL}/en-us/login?target=/en-us/home?withoutIntent=true")


class BookingClient:
    def __init__(self, cookies):
        self.session = requests.Session()
        self.session.cookies = cookies
        self.token = cookies.get('anny_shop_jwt')
        self.session.headers.update({
            **DEFAULT_HEADERS,
            'authorization': f'Bearer {self.token}',
            'content-type': 'application/vnd.api+json',
            'origin': ANNY_BASE_URL,
            'referer': ANNY_BASE_URL + '/'
        })

    def find_available_resource(self, start, end):
        response = self.session.get(RESOURCE_URL, params={
            'page[number]': 1,
            'page[size]': 250,
            'filter[available_from]': start,
            'filter[available_to]': end,
            'filter[availability_exact_match]': 1,
            'filter[exclude_hidden]': 0,
            'filter[exclude_child_resources]': 0,
            'filter[availability_service_id]': SERVICE_ID,
            'filter[include_unavailable]': 0,
            'filter[pre_order_ids]': '',
            'sort': 'name'
        })

        resources = response.json().get('data', [])
        return resources[0]['id'] if resources else None

    def reserve(self, resource_id, start, end):
        booking = self.session.post(
            f"{BOOKING_API_BASE}/order/bookings?include=customer&stateless=1",
            json={
                "resource_id": [resource_id],
                "service_id": {SERVICE_ID: 1},
                "start_date": start,
                "end_date": end,
                "description": "",
                "customer_note": "",
                "add_ons_by_service": {SERVICE_ID: [[]]},
                "sub_bookings_by_service": {},
                "strategy": "multi-resource"
            }
        )

        if not booking.ok:
            print("❌ Slot already taken.")
            return False

        data = booking.json().get("data", {})
        oid = data.get("id")
        oat = data.get("attributes", {}).get("access_token")

        checkout = self.session.get(f"{CHECKOUT_FORM_API}?oid={oid}&oat={oat}&stateless=1")
        customer = checkout.json().get("default", {}).get("customer", {})

        final = self.session.post(
            f"{BOOKING_API_BASE}/order?oid={oid}&oat={oat}&stateless=1",
            json={
                "customer": {
                    "given_name": customer.get("given_name"),
                    "family_name": customer.get("family_name"),
                    "email": customer.get("email")
                },
                "accept_terms": True,
                "payment_method": "",
                "success_url": f"{ANNY_BASE_URL}/checkout/success?oids={oid}&oats={oat}",
                "cancel_url": f"{ANNY_BASE_URL}/checkout?step=checkout&childResource={resource_id}",
                "meta": {"timezone": "Europe/Berlin"}
            }
        )

        if final.ok:
            print("✅ Reservation successful!")
            return True

        print("❌ Reservation failed.")
        return False


def main():
    load_dotenv('credentials.env', override=True)
    username = os.getenv("USERNAME")
    password = os.getenv("PASSWORD")

    if not username or not password:
        print("❌ Missing credentials in .env")
        return

    session = AnnySession(username, password)
    cookies = session.login()

    if not cookies:
        return

    booking = BookingClient(cookies)
    start = get_future_datetime(hour="13:00:00")
    end = get_future_datetime(hour="18:00:00")

    resource_id = booking.find_available_resource(start, end)

    if not resource_id:
        print("⚠️ No available resources found.")
        return

    booking.reserve(resource_id, start, end)


if __name__ == "__main__":
    main()
+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`import os`
Initial commit 2025-07-15 16:36:34 +02:00			`import re`
			`import html`
			`import pytz`
+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`import requests`
			`import datetime`
			`import urllib.parse`
Initial commit 2025-07-15 16:36:34 +02:00
			`from dotenv import load_dotenv`


+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`# === CONFIGURATION CONSTANTS === #`
			`AUTH_BASE_URL = "https://auth.anny.eu"`
			`ANNY_BASE_URL = "https://anny.eu"`
			`BOOKING_API_BASE = "https://b.anny.eu/api/v1"`
			`CHECKOUT_FORM_API = "https://b.anny.eu/api/ui/checkout-form"`
			`RESOURCE_URL = f"{BOOKING_API_BASE}/resources/1-lehrbuchsammlung-eg-und-1-og/children"`
			`SERVICE_ID = "449"`

			`DEFAULT_HEADERS = {`
			`'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0',`
			`'accept': 'application/vnd.api+json',`
			`'accept-encoding': 'plain'`
			`}`


			`def get_future_datetime(days_ahead=3, hour="13:00:00"):`
			`dt = datetime.datetime.now(pytz.timezone('Europe/Berlin')) + datetime.timedelta(days=days_ahead)`
			`return dt.strftime(f"%Y-%m-%dT{hour}+02:00")`


			`def extract_html_value(text, pattern):`
			`match = re.search(pattern, text)`
			`if not match:`
			`raise ValueError(f"Pattern not found: {pattern}")`
			`return html.unescape(match.group(1))`


			`class AnnySession:`
			`def __init__(self, username, password):`
			`self.session = requests.Session()`
			`self.username = username`
			`self.password = password`
			`self.cookies = None`

			`def login(self):`
			`try:`
			`self._init_headers()`
			`self._sso_login()`
			`self._kit_auth()`
			`self._consume_saml()`
			`self.cookies = self.session.cookies`
			`print("✅ Login successful")`
			`return self.cookies`
			`except Exception as e:`
			`print(f"❌ Login failed: {e}")`
			`return None`

			`def _init_headers(self):`
			`self.session.headers.update({`
			`**DEFAULT_HEADERS,`
			`'accept': 'text/html, application/xhtml+xml',`
			`'referer': AUTH_BASE_URL + '/',`
			`'origin': AUTH_BASE_URL`
			`})`

			`def _sso_login(self):`
			`r1 = self.session.get(f"{AUTH_BASE_URL}/login/sso")`
			`self.session.headers['X-XSRF-TOKEN'] = urllib.parse.unquote(r1.cookies['XSRF-TOKEN'])`

			`page_data = extract_html_value(r1.text, r'data-page="(.*?)"')`
			`version = re.search(r'"version"\s:\s"([a-f0-9]{32})"', page_data)`
			`x_inertia_version = version.group(1) if version else '66b32acea13402d3aef4488ccd239c93'`

			`self.session.headers.update({`
Fixed some issue because of "x-inertia-version" header change. Added dynamical fetching for this header to prevent recurrence of the error. 2025-07-23 22:23:47 +02:00			`'x-requested-with': 'XMLHttpRequest',`
			`'x-inertia': 'true',`
+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`'x-inertia-version': x_inertia_version`
			`})`

			`r2 = self.session.post(f"{AUTH_BASE_URL}/login/sso", json={"domain": "kit.edu"})`
			`redirect_url = r2.headers['x-inertia-location']`
			`self.redirect_response = self.session.get(redirect_url)`

			`def _kit_auth(self):`
			`self.session.headers.pop('x-requested-with', None)`
			`self.session.headers.pop('x-inertia', None)`
			`self.session.headers.pop('x-inertia-version', None)`

			`csrf_token = extract_html_value(self.redirect_response.text, r'name="csrf_token" value="([^"]+)"')`

			`r4 = self.session.post(`
			`'https://idp.scc.kit.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1',`
			`data={`
			`'csrf_token': csrf_token,`
			`'j_username': self.username,`
			`'j_password': self.password,`
			`'_eventId_proceed': '',`
			`'fudis_web_authn_assertion_input': '',`
			`}`
			`)`
Initial commit 2025-07-15 16:36:34 +02:00
+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`if "/consume" not in html.unescape(r4.text):`
			`raise Exception("KIT authentication failed")`
Initial commit 2025-07-15 16:36:34 +02:00
+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`self.saml_response_html = r4.text`
Initial commit 2025-07-15 16:36:34 +02:00
+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`def _consume_saml(self):`
			`consume_url = extract_html_value(self.saml_response_html, r'form action="([^"]+)"')`
			`relay_state = extract_html_value(self.saml_response_html, r'name="RelayState" value="([^"]+)"')`
			`saml_response = extract_html_value(self.saml_response_html, r'name="SAMLResponse" value="([^"]+)"')`
Initial commit 2025-07-15 16:36:34 +02:00
+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`self.session.post(consume_url, data={`
			`'RelayState': relay_state,`
			`'SAMLResponse': saml_response`
			`})`
Initial commit 2025-07-15 16:36:34 +02:00
+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`self.session.get(f"{ANNY_BASE_URL}/en-us/login?target=/en-us/home?withoutIntent=true")`
Initial commit 2025-07-15 16:36:34 +02:00

+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`class BookingClient:`
			`def __init__(self, cookies):`
			`self.session = requests.Session()`
			`self.session.cookies = cookies`
			`self.token = cookies.get('anny_shop_jwt')`
			`self.session.headers.update({`
			`**DEFAULT_HEADERS,`
			`'authorization': f'Bearer {self.token}',`
Initial commit 2025-07-15 16:36:34 +02:00			`'content-type': 'application/vnd.api+json',`
+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`'origin': ANNY_BASE_URL,`
			`'referer': ANNY_BASE_URL + '/'`
			`})`
Initial commit 2025-07-15 16:36:34 +02:00
+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`def find_available_resource(self, start, end):`
			`response = self.session.get(RESOURCE_URL, params={`
Added dynamic ressource id (seat) 2025-07-21 15:39:28 +02:00			`'page[number]': 1,`
			`'page[size]': 250,`
+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`'filter[available_from]': start,`
			`'filter[available_to]': end,`
Added dynamic ressource id (seat) 2025-07-21 15:39:28 +02:00			`'filter[availability_exact_match]': 1,`
			`'filter[exclude_hidden]': 0,`
			`'filter[exclude_child_resources]': 0,`
+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`'filter[availability_service_id]': SERVICE_ID,`
Added dynamic ressource id (seat) 2025-07-21 15:39:28 +02:00			`'filter[include_unavailable]': 0,`
			`'filter[pre_order_ids]': '',`
			`'sort': 'name'`
+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`})`

			`resources = response.json().get('data', [])`
			`return resources[0]['id'] if resources else None`

			`def reserve(self, resource_id, start, end):`
			`booking = self.session.post(`
			`f"{BOOKING_API_BASE}/order/bookings?include=customer&stateless=1",`
			`json={`
			`"resource_id": [resource_id],`
			`"service_id": {SERVICE_ID: 1},`
			`"start_date": start,`
			`"end_date": end,`
			`"description": "",`
			`"customer_note": "",`
			`"add_ons_by_service": {SERVICE_ID: [[]]},`
			`"sub_bookings_by_service": {},`
			`"strategy": "multi-resource"`
			`}`
			`)`

			`if not booking.ok:`
			`print("❌ Slot already taken.")`
			`return False`

			`data = booking.json().get("data", {})`
			`oid = data.get("id")`
			`oat = data.get("attributes", {}).get("access_token")`

			`checkout = self.session.get(f"{CHECKOUT_FORM_API}?oid={oid}&oat={oat}&stateless=1")`
			`customer = checkout.json().get("default", {}).get("customer", {})`

			`final = self.session.post(`
			`f"{BOOKING_API_BASE}/order?oid={oid}&oat={oat}&stateless=1",`
			`json={`
			`"customer": {`
			`"given_name": customer.get("given_name"),`
			`"family_name": customer.get("family_name"),`
			`"email": customer.get("email")`
			`},`
			`"accept_terms": True,`
			`"payment_method": "",`
			`"success_url": f"{ANNY_BASE_URL}/checkout/success?oids={oid}&oats={oat}",`
			`"cancel_url": f"{ANNY_BASE_URL}/checkout?step=checkout&childResource={resource_id}",`
			`"meta": {"timezone": "Europe/Berlin"}`
			`}`
			`)`
Added dynamic ressource id (seat) 2025-07-21 15:39:28 +02:00
+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`if final.ok:`
			`print("✅ Reservation successful!")`
			`return True`
Added error handling in case no slots are available anymore. 2025-07-23 22:24:41 +02:00
+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`print("❌ Reservation failed.")`
Added error handling in case no slots are available anymore. 2025-07-23 22:24:41 +02:00			`return False`

Initial commit 2025-07-15 16:36:34 +02:00
+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`def main():`
			`load_dotenv('credentials.env', override=True)`
			`username = os.getenv("USERNAME")`
			`password = os.getenv("PASSWORD")`

			`if not username or not password:`
			`print("❌ Missing credentials in .env")`
			`return`

			`session = AnnySession(username, password)`
			`cookies = session.login()`

			`if not cookies:`
			`return`

			`booking = BookingClient(cookies)`
			`start = get_future_datetime(hour="13:00:00")`
			`end = get_future_datetime(hour="18:00:00")`

			`resource_id = booking.find_available_resource(start, end)`

			`if not resource_id:`
			`print("⚠️ No available resources found.")`
			`return`
Initial commit 2025-07-15 16:36:34 +02:00
+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`booking.reserve(resource_id, start, end)`
Added some little error-handling. 2025-07-15 16:47:53 +02:00
Initial commit 2025-07-15 16:36:34 +02:00
+ Recoded entire codebase + Added proper README.md 2025-08-02 22:37:17 +02:00			`if __name__ == "__main__":`
			`main()`