from __future__ import annotations import json import os import re import shutil import sys import zipfile from datetime import datetime from pathlib import Path from typing import Any from urllib.parse import parse_qsl, unquote, urlparse import click import requests SENSITIVE_HEADERS = {"cookie", "authorization", "x-csrf-token", "x-xsrf-token"} LIST_PATH_HINT = "/sz/api/selfHelpAnalysis/getReportList.ajax" EXPORT_PATH_HINT = "/sz/api/selfHelpAnalysis/exportPreviewList.ajax" DEFAULT_CREDENTIAL_DIR = Path("/Users/bot1/.hermes/profiles/it/secrets/jd-report-exporter") def _json_print(payload: Any) -> None: click.echo(json.dumps(payload, ensure_ascii=False, indent=2)) def _load_json(path: str | Path) -> Any: return json.loads(Path(path).expanduser().read_text(encoding="utf-8")) def _write_json(path: Path, payload: Any, mode: int | None = None) -> None: path.parent.mkdir(parents=True, exist_ok=True) path.write_text(json.dumps(payload, ensure_ascii=False, indent=2), encoding="utf-8") if mode is not None: os.chmod(path, mode) def _headers_dict(headers: list[dict[str, str]] | dict[str, str], *, include_sensitive: bool = False) -> dict[str, str]: if isinstance(headers, dict): pairs = headers.items() else: pairs = ((h.get("name", ""), h.get("value", "")) for h in headers) out: dict[str, str] = {} for key, value in pairs: if not key: continue lower = key.lower() if lower.startswith(":") or lower in {"content-length", "host", "accept-encoding"}: continue if not include_sensitive and lower in SENSITIVE_HEADERS: continue out[key] = value return out def _find_entry(entries: list[dict[str, Any]], path_hint: str, *, method: str | None = None) -> dict[str, Any] | None: for entry in entries: req = entry.get("request", {}) url = req.get("url", "") if path_hint in url and (method is None or (req.get("method") or "").upper() == method.upper()): return entry return None def _find_cookie_header(entry: dict[str, Any]) -> str | None: for h in entry.get("request", {}).get("headers", []): if h.get("name", "").lower() == "cookie" and h.get("value"): return h["value"] return None def _parse_form(text: str | None) -> dict[str, str]: if not text: return {} return dict(parse_qsl(text, keep_blank_values=True)) def _decode_response_text(content: dict[str, Any]) -> str: text = content.get("text") or "" if content.get("encoding") == "base64": import base64 return base64.b64decode(text).decode("utf-8", "replace") return text def _reports_from_list_payload(payload: Any, *, list_url: str | None = None, export_url: str | None = None) -> list[dict[str, Any]]: page = (payload or {}).get("content", {}).get("pageList", {}) if isinstance(payload, dict) else {} rows = page.get("data", []) meta = page.get("metaIndex", {}) reports = [] for row in rows: if not isinstance(row, list): continue def get(key: str, default: Any = None) -> Any: idx = meta.get(key) if isinstance(idx, int) and 0 <= idx < len(row): return row[idx] return default reports.append({ "report_name": get("ReportName", ""), "update_num": get("UpdateNum"), "create_time": get("CreateTime"), "report_dim": str(get("ReportDim", "")), "query_time": get("QueryTime"), "indicators": get("Indicators", []), "report_id": str(get("ReportId", "")), "start_date": str(get("StartDate", "")), "end_date": str(get("EndDate", "")), "sku_id": str(get("SkuId", "")), "attributions": get("Attributions", []), "list_url": list_url, "export_url": export_url or "https://sz.jd.com/sz/api/selfHelpAnalysis/exportPreviewList.ajax", }) return reports def _load_cookie_header(cookie_file: Path | None, credential_dir: Path | None) -> str | None: path = cookie_file or ((credential_dir or DEFAULT_CREDENTIAL_DIR) / "cookie.json") if not path.exists(): return None text = path.read_text(encoding="utf-8").strip() if not text: return None try: data = json.loads(text) except json.JSONDecodeError: return text if isinstance(data, dict): for key in ("Cookie", "cookie"): if isinstance(data.get(key), str): return data[key] if all(isinstance(v, str) for v in data.values()): return "; ".join(f"{k}={v}" for k, v in data.items()) if isinstance(data, list): return "; ".join(f"{x['name']}={x['value']}" for x in data if isinstance(x, dict) and x.get("name") and x.get("value") is not None) raise click.ClickException(f"Unsupported cookie file format: {path}") def _load_optional_json(path: Path | None, default_path: Path) -> dict[str, Any]: p = path or default_path if p.exists(): data = _load_json(p) if isinstance(data, dict): return data return {} def _safe_filename(name: str) -> str: return re.sub(r"[\\/:*?\"<>|]+", "_", name).strip()[:180] or "jd_report" def _decode_disposition_filename(dispo: str, fallback: str) -> str: match = re.search(r'filename\*?=(?:UTF-8\'\')?"?([^";]+)', dispo, re.I) if not match: return fallback raw = unquote(match.group(1)).strip().strip('"') if not raw: return fallback # JD often emits UTF-8 bytes interpreted as latin1 in Content-Disposition. for decoder in ( lambda s: s.encode("latin1").decode("utf-8"), lambda s: s.encode("latin1").decode("gbk"), lambda s: s, ): try: decoded = decoder(raw) if decoded: return _safe_filename(decoded) except Exception: pass return _safe_filename(raw) @click.group(context_settings={"help_option_names": ["-h", "--help"]}) def main() -> None: """京东/商智自助分析报表导出 CLI harness.""" @main.command() def doctor() -> None: """检查当前 CLI 运行环境。""" _json_print({"ok": True, "python": sys.version.split()[0], "requests": requests.__version__, "default_credential_dir": str(DEFAULT_CREDENTIAL_DIR)}) @main.command("scan-har") @click.argument("har", type=click.Path(exists=True, dir_okay=False, path_type=Path)) @click.option("--out", "out_path", type=click.Path(path_type=Path), help="输出不含 Cookie 的 manifest JSON。") def scan_har(har: Path, out_path: Path | None) -> None: """扫描京东 HAR,识别报表列表/导出接口和 HAR 内列表快照。""" payload = _load_json(har) entries = payload.get("log", {}).get("entries", []) list_entry = _find_entry(entries, LIST_PATH_HINT, method="GET") export_entry = _find_entry(entries, EXPORT_PATH_HINT, method="POST") reports = [] if list_entry: txt = _decode_response_text(list_entry.get("response", {}).get("content", {})) try: list_json = json.loads(txt) reports = _reports_from_list_payload(list_json, list_url=list_entry["request"].get("url"), export_url=export_entry["request"].get("url") if export_entry else None) except Exception: reports = [] export_form = _parse_form(export_entry.get("request", {}).get("postData", {}).get("text")) if export_entry else {} result = { "source_har": str(har), "total_entries": len(entries), "list_endpoint": list_entry["request"].get("url") if list_entry else None, "export_endpoint": export_entry["request"].get("url") if export_entry else None, "report_count_in_har_snapshot": len(reports), "reports": reports, "captured_export_sample": { "report_name": export_form.get("ReportName"), "start_date": export_form.get("startDate"), "end_date": export_form.get("endDate"), "report_dim": export_form.get("ReportDim"), "sku_id": export_form.get("SkuId"), "has_identity_fields": all(export_form.get(k) for k in ("User-mup", "User-mnp", "uuid")), }, "notes": ["Cookie/Authorization are not embedded; use extract-credentials to save them locally.", "Export endpoint returns a ZIP containing one XLS file in smoke tests."], } if out_path: _write_json(out_path, result) click.echo(str(out_path)) else: _json_print(result) @main.command("extract-credentials") @click.argument("har", type=click.Path(exists=True, dir_okay=False, path_type=Path)) @click.option("--out-dir", type=click.Path(path_type=Path), default=DEFAULT_CREDENTIAL_DIR, show_default=True) def extract_credentials(har: Path, out_dir: Path) -> None: """从 HAR 提取 Cookie、非敏感请求头、导出表单身份字段到本地 secrets 目录。""" payload = _load_json(har) entries = payload.get("log", {}).get("entries", []) list_entry = _find_entry(entries, LIST_PATH_HINT, method="GET") export_entry = _find_entry(entries, EXPORT_PATH_HINT, method="POST") if not export_entry: raise click.ClickException("HAR 中没有找到 exportPreviewList.ajax POST 请求;请重新采集包含一次导出的 HAR。") cookie = _find_cookie_header(export_entry) or (_find_cookie_header(list_entry) if list_entry else None) if not cookie: raise click.ClickException("HAR 中没有 Cookie;请导出包含请求头的 HAR。") out_dir.mkdir(parents=True, exist_ok=True) os.chmod(out_dir, 0o700) export_headers = _headers_dict(export_entry.get("request", {}).get("headers", []), include_sensitive=False) list_headers = _headers_dict(list_entry.get("request", {}).get("headers", []), include_sensitive=False) if list_entry else {} form = _parse_form(export_entry.get("request", {}).get("postData", {}).get("text")) identity = {k: form[k] for k in ("User-mup", "User-mnp", "uuid") if k in form} _write_json(out_dir / "cookie.json", {"Cookie": cookie}, 0o600) _write_json(out_dir / "export_headers.json", export_headers, 0o600) _write_json(out_dir / "list_headers.json", list_headers, 0o600) _write_json(out_dir / "form_identity.json", identity, 0o600) readme = out_dir / "README.md" readme.write_text("京东/商智 jd-export 本地登录态目录。不要提交、不要发聊天、不要同步到 NAS。Cookie 过期或风控时重新采集 HAR。\n", encoding="utf-8") os.chmod(readme, 0o600) _json_print({"out_dir": str(out_dir), "files": ["cookie.json", "export_headers.json", "list_headers.json", "form_identity.json", "README.md"], "cookie_chars": len(cookie), "identity_fields": sorted(identity)}) @main.command("fetch-list") @click.argument("manifest", type=click.Path(exists=True, dir_okay=False, path_type=Path)) @click.option("--credential-dir", type=click.Path(path_type=Path), default=DEFAULT_CREDENTIAL_DIR, show_default=True) @click.option("--cookie-file", type=click.Path(exists=True, dir_okay=False, path_type=Path)) @click.option("--headers-file", type=click.Path(exists=True, dir_okay=False, path_type=Path)) @click.option("--out", "out_path", type=click.Path(path_type=Path), required=True) def fetch_list(manifest: Path, credential_dir: Path, cookie_file: Path | None, headers_file: Path | None, out_path: Path) -> None: """用本地 Cookie 重放 getReportList.ajax,保存规范化报表列表。""" data = _load_json(manifest) list_url = data.get("list_endpoint") or f"https://sz.jd.com{LIST_PATH_HINT}" export_url = data.get("export_endpoint") or f"https://sz.jd.com{EXPORT_PATH_HINT}" headers = _load_optional_json(headers_file, credential_dir / "list_headers.json") cookie = _load_cookie_header(cookie_file, credential_dir) if cookie: headers["Cookie"] = cookie resp = requests.get(list_url, headers=headers, timeout=90) try: payload = resp.json() except Exception as exc: raise click.ClickException(f"列表接口没有返回 JSON:status={resp.status_code}, content-type={resp.headers.get('content-type')}, error={exc}") from exc reports = _reports_from_list_payload(payload, list_url=list_url, export_url=export_url) result = {"source": "jd_getReportList.ajax", "status_code": resp.status_code, "list_endpoint": list_url, "export_endpoint": export_url, "report_count": len(reports), "reports": reports} _write_json(out_path, result) _json_print({"out": str(out_path), "status": resp.status_code, "report_count": len(reports), "report_names": [r["report_name"] for r in reports]}) @main.command("export-all") @click.argument("report_list", type=click.Path(exists=True, dir_okay=False, path_type=Path)) @click.option("--credential-dir", type=click.Path(path_type=Path), default=DEFAULT_CREDENTIAL_DIR, show_default=True) @click.option("--cookie-file", type=click.Path(exists=True, dir_okay=False, path_type=Path)) @click.option("--headers-file", type=click.Path(exists=True, dir_okay=False, path_type=Path)) @click.option("--identity-file", type=click.Path(exists=True, dir_okay=False, path_type=Path)) @click.option("--out-dir", type=click.Path(path_type=Path), default=Path("exports"), show_default=True) @click.option("--dry-run", is_flag=True) @click.option("--limit", type=int, default=0, show_default=True) @click.option("--report-name", multiple=True, help="只导出指定报表名,可重复传。") @click.option("--extract/--no-extract", default=True, show_default=True, help="导出 ZIP 后是否解压其中 XLS 文件。") def export_all(report_list: Path, credential_dir: Path, cookie_file: Path | None, headers_file: Path | None, identity_file: Path | None, out_dir: Path, dry_run: bool, limit: int, report_name: tuple[str, ...], extract: bool) -> None: """按报表列表逐个 POST exportPreviewList.ajax,保存 ZIP/XLS。""" data = _load_json(report_list) reports = list(data.get("reports", [])) if report_name: names = set(report_name) reports = [r for r in reports if r.get("report_name") in names] if limit and limit > 0: reports = reports[:limit] plan = [{"index": i, "report_name": r.get("report_name"), "start_date": r.get("start_date"), "end_date": r.get("end_date"), "report_dim": r.get("report_dim")} for i, r in enumerate(reports, 1)] if dry_run: _json_print({"dry_run": True, "count": len(plan), "plan": plan}) return if not reports: raise click.ClickException("没有可导出的报表。") headers = _load_optional_json(headers_file, credential_dir / "export_headers.json") cookie = _load_cookie_header(cookie_file, credential_dir) if cookie: headers["Cookie"] = cookie identity = _load_optional_json(identity_file, credential_dir / "form_identity.json") missing = [k for k in ("User-mup", "User-mnp", "uuid") if not identity.get(k)] if missing: raise click.ClickException(f"缺少导出身份字段:{missing};请从包含一次导出的 HAR 运行 extract-credentials。") out_dir.mkdir(parents=True, exist_ok=True) zip_dir = out_dir / "zip" xls_dir = out_dir / "xls" zip_dir.mkdir(exist_ok=True) if extract: xls_dir.mkdir(exist_ok=True) saved = [] failed = [] for idx, r in enumerate(reports, 1): export_url = r.get("export_url") or data.get("export_endpoint") or f"https://sz.jd.com{EXPORT_PATH_HINT}" payload = { "SkuId": r.get("sku_id", ""), "ReportDim": r.get("report_dim", ""), "Indicators": json.dumps(r.get("indicators") or [], ensure_ascii=False, separators=(",", ":")), "Attributions": json.dumps(r.get("attributions") or [], ensure_ascii=False, separators=(",", ":")), "startDate": r.get("start_date", ""), "endDate": r.get("end_date", ""), "ReportName": r.get("report_name", f"report_{idx}"), **identity, } try: resp = requests.post(export_url, headers=headers, data=payload, timeout=120) ctype = resp.headers.get("content-type", "") if resp.status_code != 200 or not (resp.content[:2] == b"PK" or "zip" in ctype.lower()): failed.append({"index": idx, "report_name": r.get("report_name"), "status": resp.status_code, "content_type": ctype, "message": "response is not ZIP"}) continue fallback = f"{_safe_filename(str(r.get('report_name') or 'jd_report'))}_{r.get('start_date')}_{r.get('end_date')}.zip" filename = _decode_disposition_filename(resp.headers.get("content-disposition", ""), fallback) if not filename.lower().endswith(".zip"): filename += ".zip" zip_path = zip_dir / filename zip_path.write_bytes(resp.content) record = {"index": idx, "report_name": r.get("report_name"), "zip": str(zip_path), "zip_bytes": zip_path.stat().st_size, "extracted": []} if extract: try: with zipfile.ZipFile(zip_path) as z: for member in z.infolist(): if member.is_dir(): continue member_name = _safe_filename(Path(member.filename).name) target = xls_dir / member_name with z.open(member) as src, target.open("wb") as dst: shutil.copyfileobj(src, dst) record["extracted"].append(str(target)) except Exception as exc: failed.append({"index": idx, "report_name": r.get("report_name"), "zip": str(zip_path), "error": f"zip extract failed: {exc!r}"}) continue saved.append(record) except Exception as exc: failed.append({"index": idx, "report_name": r.get("report_name"), "error": repr(exc)}) _json_print({"saved_count": len(saved), "failed_count": len(failed), "saved": saved, "failed": failed}) if __name__ == "__main__": main()