Oliver/ferrero-opentext
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ferrero-opentext/Python-Version/config/config.yaml
DJP 6561a4b8cc Add separate mTLS base URL configuration for certificate authentication 
Critical fix: mTLS uses completely different API endpoint than OAuth2.

KEY CHANGE:
OAuth2 and mTLS now use different base URLs automatically based on auth method.

CONFIGURATION:
- OAuth2: https://ppr.dam.ferrero.com/otmmapi
- mTLS:   https://dev-auth.app-api.ferrero.com/00003/mm

URLs are automatically selected based on --auth-pfx flag:
- No flag:     Uses DAM_BASE_URL (OAuth2 endpoint)
- --auth-pfx:  Uses DAM_MTLS_BASE_URL (mTLS endpoint)

IMPLEMENTATION:
1. .env: Added DAM_MTLS_BASE_URL variable
2. config.yaml: Added mtls_base_url configuration
3. dam_client.py: Auto-selects base_url in __init__ based on use_mtls flag
4. All API calls automatically use correct endpoint

EXAMPLE ENDPOINT TRANSFORMATION:
OAuth2:  https://ppr.dam.ferrero.com/otmmapi/v6/search/text
mTLS:    https://dev-auth.app-api.ferrero.com/00003/mm/v6/search/text
         (Same path, different host/prefix)

TESTING STATUS:
✓ Certificate loads successfully
✓ Correct base URL selected based on mode
⚠️  HTTP 403 from current IP (likely IP whitelist)
✓ Ready to test from whitelisted IP location

ALL SCRIPTS UPDATED:
✓ a1_to_a2_download.py - Uses correct URL with --auth-pfx
✓ a5_to_a6_download.py - Uses correct URL with --auth-pfx
✓ b1_to_b2_download.py - Uses correct URL with --auth-pfx
✓ test_connection.py - Uses correct URL with --auth-pfx

NEW DEBUG SCRIPT:
- test_mtls_debug.py - Detailed request/response logging

BACKWARD COMPATIBILITY:
✓ OAuth2 completely unchanged (default)
✓ No impact on existing workflows
✓ Can test mTLS from whitelisted IP when ready

Next: Test from whitelisted IP location to verify mTLS works end-to-end.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-05 08:25:31 -05:00

112 lines
2.9 KiB
YAML
Raw Blame History

# Ferrero Content Scaling - Main Configuration
# All settings can be overridden by environment-specific configs
# Environment selector (set via ENV environment variable)
environment: ${ENV:-staging}
# DAM Configuration
dam:
base_url: ${DAM_BASE_URL}
# OAuth2 Authentication (default - current working method)
auth_url: ${DAM_AUTH_URL}
client_id: ${DAM_CLIENT_ID}
client_secret: ${DAM_CLIENT_SECRET}
# mTLS Certificate Authentication (optional - use with --auth-pfx flag)
mtls_base_url: ${DAM_MTLS_BASE_URL:-}
mtls_cert_path: ${DAM_MTLS_CERT_PATH:-}
mtls_cert_password: ${DAM_MTLS_CERT_PASSWORD:-}
timeout_seconds: 120
# Box Configuration
box:
enterprise_id: ${BOX_ENTERPRISE_ID}
client_id: ${BOX_CLIENT_ID}
client_secret: ${BOX_CLIENT_SECRET}
jwt_key_id: ${BOX_JWT_KEY_ID}
rsa_private_key_path: ../Box-config.json
passphrase: ${BOX_PASSPHRASE}
# Separate folders for different workflows
root_folder_a1_a2: ${BOX_ROOT_FOLDER_A1_A2} # For downloaded Local master assets (348304357505)
root_folder_a2_a3: ${BOX_ROOT_FOLDER_A2_A3} # For agency uploads to process (348526703108)
root_folder_b1_b2: ${BOX_ROOT_FOLDER_B1_B2} # For downloaded Global master assets (349261192115)
webhook_signature_keys:
- ${BOX_WEBHOOK_PRIMARY_KEY:-}
- ${BOX_WEBHOOK_SECONDARY_KEY:-}
# Database Configuration
database:
host: ${DB_HOST:-localhost}
port: ${DB_PORT:-5433}
database: ferrero_tracking
user: ${DB_USER}
password: ${DB_PASSWORD}
# Polling Configuration (A1→A2)
polling:
enabled: true
interval_seconds: 300 # 5 minutes
max_campaigns_per_run: 10
# Webhook Configuration (A2→A3 receiver)
webhook_receiver:
enabled: true
host: 0.0.0.0
port: ${WEBHOOK_RECEIVER_PORT:-5555}
validate_signatures: true
# Outgoing Webhooks (we call these)
webhooks:
campaign_status_update:
enabled: true
url: ${CAMPAIGN_STATUS_WEBHOOK_URL}
timeout_seconds: 10
retry_on_failure: true
max_retries: 3
auth:
type: none # bearer, basic, or none
token: ${WEBHOOK_AUTH_TOKEN:-}
# Retry Configuration
retry:
max_attempts: 3
backoff: exponential # exponential, linear, fixed
initial_delay_seconds: 5
max_delay_seconds: 60
# Notification Configuration
notifications:
enabled: true
smtp:
server: ${SMTP_SERVER}
port: ${SMTP_PORT}
user: ${SMTP_USER}
password: ${SMTP_PASSWORD}
sender_email: ${SENDER_EMAIL}
recipients:
success:
- ${REPORT_EMAILS}
errors:
- ${ERROR_EMAIL}
critical:
- ${ERROR_EMAIL}
templates_path: config/email_templates.yaml
# Field Configuration
fields:
mappings_file: config/field_mappings.yaml
# Logging Configuration
logging:
level: INFO
format: "%(asctime)s - %(name)s - %(levelname)s - %(message)s"
file:
directory: logs
max_bytes: 10485760 # 10MB
backup_count: 5
console: true
# Temp File Configuration
temp:
directory: temp/downloads
cleanup_after_hours: 24
max_size_mb: 1000
Reference in a new issue View git blame Copy permalink