6561a4b8cc
Critical fix: mTLS uses completely different API endpoint than OAuth2. KEY CHANGE: OAuth2 and mTLS now use different base URLs automatically based on auth method. CONFIGURATION: - OAuth2: https://ppr.dam.ferrero.com/otmmapi - mTLS: https://dev-auth.app-api.ferrero.com/00003/mm URLs are automatically selected based on --auth-pfx flag: - No flag: Uses DAM_BASE_URL (OAuth2 endpoint) - --auth-pfx: Uses DAM_MTLS_BASE_URL (mTLS endpoint) IMPLEMENTATION: 1. .env: Added DAM_MTLS_BASE_URL variable 2. config.yaml: Added mtls_base_url configuration 3. dam_client.py: Auto-selects base_url in __init__ based on use_mtls flag 4. All API calls automatically use correct endpoint EXAMPLE ENDPOINT TRANSFORMATION: OAuth2: https://ppr.dam.ferrero.com/otmmapi/v6/search/text mTLS: https://dev-auth.app-api.ferrero.com/00003/mm/v6/search/text (Same path, different host/prefix) TESTING STATUS: ✓ Certificate loads successfully ✓ Correct base URL selected based on mode ⚠️ HTTP 403 from current IP (likely IP whitelist) ✓ Ready to test from whitelisted IP location ALL SCRIPTS UPDATED: ✓ a1_to_a2_download.py - Uses correct URL with --auth-pfx ✓ a5_to_a6_download.py - Uses correct URL with --auth-pfx ✓ b1_to_b2_download.py - Uses correct URL with --auth-pfx ✓ test_connection.py - Uses correct URL with --auth-pfx NEW DEBUG SCRIPT: - test_mtls_debug.py - Detailed request/response logging BACKWARD COMPATIBILITY: ✓ OAuth2 completely unchanged (default) ✓ No impact on existing workflows ✓ Can test mTLS from whitelisted IP when ready Next: Test from whitelisted IP location to verify mTLS works end-to-end. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| shared | ||
| a1_to_a2_download.py | ||
| a2_to_a3_upload.py | ||
| a2_to_a3_upload_polling.py | ||
| a5_to_a6_download.py | ||
| b1_to_b2_download.py | ||
| daily_report.py | ||
| test_connection.py | ||
| test_mtls_cert.py | ||
| test_mtls_debug.py | ||