not currently working v3 changes

bwang-icf · bwang-icf · commit 14d4195339cf · 2026-01-13T12:00:01.000-06:00
diff --git a/.gitignore b/.gitignore
@@ -169,3 +169,6 @@ bb2_venv/
 # BB2 ignores
 .bluebutton-config.json
 .bluebutton-config.yaml
+
+# Snyk Security Extension - AI Rules (auto-generated)
+.github/instructions/snyk_rules.instructions.md
diff --git a/bluebutton-sample-config.json b/bluebutton-sample-config.json
@@ -1,7 +1,7 @@
 {
     "environment": "SANDBOX",
-    "client_id": "<your BB2 client_id here>",
-    "client_secret": "<your BB2 client_secret here.>",
-    "callback_url": "https://www.fake.com/your/callback/here",
-    "version": 2
+    "client_id": "Lb0hAgLi7rtyZvJMucZDDj0i0IKQWqiQrWSVZCZ7",
+    "client_secret": "JsLVxfaugDqUgowsXNXgoHRroWakt9QFFzYVhaK7Db0aN6DegK9Kn4a56awCOLWkxGiq6dRqgSLX4jAzBFxZNk3XJFERUTHbH1TMvpEsNtP76nrF9ZdkyB3PZT9GFaxr",
+    "callback_url": "http://localhost:3001/api/bluebutton/callback/",
+    "version": 3
 }
diff --git a/cms_bluebutton/auth.py b/cms_bluebutton/auth.py
@@ -95,7 +95,7 @@ def generate_pkce_data() -> dict:
     code_challenge = base64.urlsafe_b64encode(
         hashlib.sha256(verifier.encode("ASCII")).digest()
     )
-    return {"code_challenge": code_challenge.decode("utf-8"), "verifier": verifier}
+    return {"code_challenge": code_challenge.decode("utf-8"), "code_challenge_method": "S256", "verifier": verifier}
 
 
 def generate_random_state(num) -> str:
@@ -108,7 +108,7 @@ def generate_auth_data() -> dict:
     return auth_data
 
 
-def get_access_token_from_code(bb, auth_data, callback_code) -> dict:
+def get_access_token_from_code(bb, auth_data, callback_code, callback_state) -> dict:
     data = {
         "client_id": bb.client_id,
         "client_secret": bb.client_secret,
@@ -117,10 +117,20 @@ def get_access_token_from_code(bb, auth_data, callback_code) -> dict:
         "redirect_uri": bb.callback_url,
         "code_verifier": auth_data["verifier"],
         "code_challenge": auth_data["code_challenge"],
+        "code_challenge_method": "S256",
+        "state": callback_state,
     }
 
     token_response = _do_post(data, bb, None)
-    token_response.raise_for_status()
+    try:
+        token_response.raise_for_status()
+    except requests.exceptions.HTTPError as e:
+        print(f'Error obtaining access token: {e}')
+        print(f'Response content: {token_response.text}')
+        print(f'Request data: {data}')
+        print(f'Request headers: {SDK_HEADERS}')
+        print(f'Request URL: {bb.auth_token_url}')
+        raise
     token_dict = token_response.json()
     token_dict["expires_at"] = datetime.datetime.now(
         datetime.timezone.utc
@@ -139,17 +149,22 @@ def get_authorization_token(bb, auth_data, callback_code, callback_state):
     if callback_state != auth_data["state"]:
         raise ValueError("Provided callback state does not match.")
 
-    return AuthorizationToken(get_access_token_from_code(bb, auth_data, callback_code))
+    return AuthorizationToken(get_access_token_from_code(bb, auth_data, callback_code, callback_state))
 
 
 def _do_post(data, bb, auth):
     mp_encoder = MultipartEncoder(data)
     headers = SDK_HEADERS
     headers["content-type"] = mp_encoder.content_type
+    print(f'headers: {headers}')
+    print(f'url: {bb.auth_token_url}')
+    print(f'data: {data}')
+    print(f'auth: {auth}')
+
     return requests.post(
         url=bb.auth_token_url,
         data=mp_encoder,
-        headers=headers
+        headers=headers,
     ) if not auth else requests.post(
         url=bb.auth_token_url,
         data=mp_encoder,
diff --git a/cms_bluebutton/cms_bluebutton.py b/cms_bluebutton/cms_bluebutton.py
@@ -18,7 +18,9 @@
 
 
 ROOT_DIR = os.path.abspath(os.curdir) + "/"
+print("ROOT_DIR:", ROOT_DIR)
 DEFAULT_CONFIG_FILE_LOCATION = ROOT_DIR + "./.bluebutton-config.json"
+print("DEFAULT_CONFIG_FILE_LOCATION:", DEFAULT_CONFIG_FILE_LOCATION)
 
 
 class BlueButton:
@@ -154,4 +156,8 @@ def generate_authorize_url(self, auth_data):
         return generate_authorize_url(self, auth_data)
 
     def get_authorization_token(self, auth_data, callback_code, callback_state):
+        print("Getting authorization token...")
+        print("Auth Data:", auth_data)
+        print("Callback Code:", callback_code)
+        print("Callback State:", callback_state)
         return get_authorization_token(self, auth_data, callback_code, callback_state)

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"environment": "SANDBOX",`
`3`		`- "client_id": "<your BB2 client_id here>",`
`4`		`- "client_secret": "<your BB2 client_secret here.>",`
`5`		`- "callback_url": "https://www.fake.com/your/callback/here",`
`6`		`- "version": 2`
	`3`	`+ "client_id": "Lb0hAgLi7rtyZvJMucZDDj0i0IKQWqiQrWSVZCZ7",`
	`4`	`+ "client_secret": "JsLVxfaugDqUgowsXNXgoHRroWakt9QFFzYVhaK7Db0aN6DegK9Kn4a56awCOLWkxGiq6dRqgSLX4jAzBFxZNk3XJFERUTHbH1TMvpEsNtP76nrF9ZdkyB3PZT9GFaxr",`
	`5`	`+ "callback_url": "http://localhost:3001/api/bluebutton/callback/",`
	`6`	`+ "version": 3`
`7`	`7`	`}`