From 7eb599d6ebc7abf1d9571d472c5df14f734dfcb1 Mon Sep 17 00:00:00 2001 From: Mauricio Baeza Date: Tue, 13 Jul 2021 20:24:27 -0500 Subject: [PATCH 01/13] Agregar licencia --- CHANGELOG.md | 5 + LICENSE | 674 +++++++++++++++++++++++++++++++++++++++++++++++ VERSION | 1 + requirements.txt | 3 + 4 files changed, 683 insertions(+) create mode 100644 CHANGELOG.md create mode 100644 LICENSE create mode 100644 VERSION create mode 100644 requirements.txt diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..8026fa9 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,5 @@ +# Lista de cambios + +## v 0.1.0 +--- +* Autenticación en el SAT diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..fd46155 --- /dev/null +++ b/LICENSE @@ -0,0 +1,674 @@ + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + admin-cfdi + Copyright (C) 2016 Mauricio Baeza + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + admin-cfdi Copyright (C) 2016 Mauricio Baeza + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +. diff --git a/VERSION b/VERSION new file mode 100644 index 0000000..6e8bf73 --- /dev/null +++ b/VERSION @@ -0,0 +1 @@ +0.1.0 diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..9e7e111 --- /dev/null +++ b/requirements.txt @@ -0,0 +1,3 @@ +httpx +peewee +cryptography From d8d9b8bab6143320db695334f72fc6a878c4c480 Mon Sep 17 00:00:00 2001 From: Mauricio Baeza Date: Wed, 14 Jul 2021 00:12:21 -0500 Subject: [PATCH 02/13] =?UTF-8?q?Obtener=20autorizaci=C3=B3n?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitignore | 3 + source/cfdi-descarga.py | 47 ++++++++ source/sat/cfdi_cert.py | 261 ++++++++++++++++++++++++++++++++++++++++ source/sat/sat_web.py | 171 ++++++++++++++++++++++++++ source/sat/util.py | 157 ++++++++++++++++++++++++ source/settings.py | 14 +++ 6 files changed, 653 insertions(+) create mode 100755 source/cfdi-descarga.py create mode 100644 source/sat/cfdi_cert.py create mode 100644 source/sat/sat_web.py create mode 100644 source/sat/util.py create mode 100644 source/settings.py diff --git a/.gitignore b/.gitignore index f8b73e7..87f0ff9 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,7 @@ # ---> Python + +conf.py + # Byte-compiled / optimized / DLL files __pycache__/ *.py[cod] diff --git a/source/cfdi-descarga.py b/source/cfdi-descarga.py new file mode 100755 index 0000000..1147ef2 --- /dev/null +++ b/source/cfdi-descarga.py @@ -0,0 +1,47 @@ +#!/usr/bin/env python3 + +import argparse +from sat import util + + +def main(args): + if args.fiel_validar: + util.fiel_validar(args) + return + + util.sat_download(args) + + return + + +def _process_command_line_arguments(): + now = util.today() + year = now.year + month = now.month + + parser = argparse.ArgumentParser(description='CFDI Descarga SAT') + + help = 'Valida la FIEL' + parser.add_argument('-fv', '--fiel-validar', help=help, + action='store_true', default=False, required=False) + help = 'Ruta al directorio con la FIEL' + parser.add_argument('-fd', '--fiel-dir', help=help, default='') + help = "Nombre de los archivos FIEL, el predeterminado es 'fiel'" + parser.add_argument('-fn', '--fiel-nombre', help=help, default='fiel') + + help = "Descargar por Tipo: t=todos(default), e=emitidas, r=recibidas" + parser.add_argument('-t', '--tipo', help=help, dest='type', default='t', choices=['t', 'e', 'r']) + help = "Año de la descarga entre 2014 y el año actual (predeterminado)." + parser.add_argument('-a', '--año', help=help, dest='year', default=year, type=int, choices=range(2014, year+1)) + help = "Mes de la descarga, el mes actual es el predeterminado" + parser.add_argument('-m', '--mes', help=help, dest='month', default=month, type=int, choices=range(13)) + help = "Día de la descarga, de forma predeterminada no se usa" + parser.add_argument('-d', '--dia', help=help, dest='day', default=0, type=int, choices=range(32)) + + args = parser.parse_args() + return args + + +if __name__ == '__main__': + args = _process_command_line_arguments() + main(args) diff --git a/source/sat/cfdi_cert.py b/source/sat/cfdi_cert.py new file mode 100644 index 0000000..725029c --- /dev/null +++ b/source/sat/cfdi_cert.py @@ -0,0 +1,261 @@ +#!/usr/bin/env python3 + +import argparse +import base64 +import datetime +import getpass +from pathlib import Path + +from cryptography.hazmat.backends import default_backend +from cryptography.hazmat.primitives import serialization +from cryptography import x509 +from cryptography.x509.oid import NameOID +from cryptography.x509.oid import ExtensionOID +from cryptography.hazmat.primitives import hashes +from cryptography.hazmat.primitives.asymmetric import padding + +from conf import TOKEN + + +class SATCertificate(object): + + def __init__(self, cer=b'', key=b'', password=''): + self._error = '' + self._init_values() + self._get_data_cer(cer) + self._get_data_key(key, password) + + def _init_values(self): + self._rfc = '' + self._serial_number = '' + self._not_before = None + self._not_after = None + self._is_fiel = False + self._are_couple = False + self._is_valid_time = False + self._cer_pem = '' + self._cer_txt = '' + self._key_enc = b'' + self._p12 = b'' + self._cer_modulus = 0 + self._key_modulus = 0 + return + + def __str__(self): + msg = '\tRFC: {}\n'.format(self.rfc) + msg += '\tNo de Serie: {}\n'.format(self.serial_number) + msg += '\tVálido desde: {}\n'.format(self.not_before) + msg += '\tVálido hasta: {}\n'.format(self.not_after) + msg += '\tEs vigente: {}\n'.format(self.is_valid_time) + msg += '\tSon pareja: {}\n'.format(self.are_couple) + msg += '\tEs FIEL: {}\n'.format(self.is_fiel) + return msg + + def __bool__(self): + return self.is_valid + + def _get_hash(self): + digest = hashes.Hash(hashes.SHA512(), default_backend()) + digest.update(self._rfc.encode()) + digest.update(self._serial_number.encode()) + digest.update(TOKEN.encode()) + return digest.finalize() + + def _get_data_cer(self, cer): + obj = x509.load_der_x509_certificate(cer, default_backend()) + self._rfc = obj.subject.get_attributes_for_oid( + NameOID.X500_UNIQUE_IDENTIFIER)[0].value.split(' ')[0] + self._serial_number = '{0:x}'.format(obj.serial_number)[1::2] + self._not_before = obj.not_valid_before + self._not_after = obj.not_valid_after + now = datetime.datetime.utcnow() + self._is_valid_time = (now > self.not_before) and (now < self.not_after) + if not self._is_valid_time: + msg = 'El certificado no es vigente' + self._error = msg + + self._is_fiel = obj.extensions.get_extension_for_oid( + ExtensionOID.KEY_USAGE).value.key_agreement + + self._cer_pem = obj.public_bytes(serialization.Encoding.PEM).decode() + self._cer_txt = ''.join(self._cer_pem.split('\n')[1:-2]) + self._cer_modulus = obj.public_key().public_numbers().n + return + + def _get_data_key(self, key, password): + self._key_enc = key + if not key or not password: + return + + try: + obj = serialization.load_der_private_key( + key, password.encode(), default_backend()) + except ValueError: + msg = 'La contraseña es incorrecta' + self._error = msg + return + + p = self._get_hash() + self._key_enc = obj.private_bytes( + encoding=serialization.Encoding.PEM, + format=serialization.PrivateFormat.PKCS8, + encryption_algorithm=serialization.BestAvailableEncryption(p) + ) + + self._key_modulus = obj.public_key().public_numbers().n + self._are_couple = self._cer_modulus == self._key_modulus + if not self._are_couple: + msg = 'El CER y el KEY no son pareja' + self._error = msg + return + + def _get_key(self, password): + if not password: + password = self._get_hash() + private_key = serialization.load_pem_private_key( + self._key_enc, password=password, backend=default_backend()) + return private_key + + def _get_key_pem(self): + obj = self._get_key('') + key_pem = obj.private_bytes( + encoding=serialization.Encoding.PEM, + format=serialization.PrivateFormat.PKCS8, + encryption_algorithm=serialization.NoEncryption() + ) + return key_pem + + # Not work + def _get_p12(self): + obj = serialization.pkcs12.serialize_key_and_certificates('test', + self.key_pem, self.cer_pem, None, + encryption_algorithm=serialization.NoEncryption() + ) + return obj + + def sign(self, data, password=''): + private_key = self._get_key(password) + firma = private_key.sign(data, padding.PKCS1v15(), hashes.SHA256()) + return base64.b64encode(firma).decode() + + def sign_sha1(self, data, password=''): + private_key = self._get_key(password) + firma = private_key.sign(data, padding.PKCS1v15(), hashes.SHA1()) + return base64.b64encode(firma).decode() + + def sign_xml(self, tree): + import xmlsec + + node = xmlsec.tree.find_node(tree, xmlsec.constants.NodeSignature) + ctx = xmlsec.SignatureContext() + key = xmlsec.Key.from_memory(self.key_pem, xmlsec.constants.KeyDataFormatPem) + ctx.key = key + ctx.sign(node) + node = xmlsec.tree.find_node(tree, 'X509Certificate') + node.text = self.cer_txt + return tree + + @property + def rfc(self): + return self._rfc + + @property + def serial_number(self): + return self._serial_number + + @property + def not_before(self): + return self._not_before + + @property + def not_after(self): + return self._not_after + + @property + def is_fiel(self): + return self._is_fiel + + @property + def are_couple(self): + return self._are_couple + + @property + def is_valid(self): + return not bool(self.error) + + @property + def is_valid_time(self): + return self._is_valid_time + + @property + def cer_pem(self): + return self._cer_pem.encode() + + @property + def cer_txt(self): + return self._cer_txt + + @property + def key_pem(self): + return self._get_key_pem() + + @property + def key_enc(self): + return self._key_enc + + @property + def p12(self): + return self._get_p12() + + @property + def error(self): + return self._error + + +def main(args): + contra = getpass.getpass('Introduce la contraseña del archivo KEY: ') + #contra = '12345678a' + if not contra.strip(): + msg = 'La contraseña es requerida' + print(msg) + return + + path_cer = Path(args.cer) + path_key = Path(args.key) + + if not path_cer.is_file(): + msg = 'El archivo CER es necesario' + print(msg) + return + + if not path_key.is_file(): + msg = 'El archivo KEY es necesario' + print(msg) + return + + cer = path_cer.read_bytes() + key = path_key.read_bytes() + cert = SATCertificate(cer, key, contra) + + if cert.error: + print(cert.error) + else: + print(cert) + return + + +def _process_command_line_arguments(): + parser = argparse.ArgumentParser(description='CFDI Certificados') + + help = 'Archivo CER' + parser.add_argument('-c', '--cer', help=help, default='') + help = 'Archivo KEY' + parser.add_argument('-k', '--key', help=help, default='') + + args = parser.parse_args() + return args + + +if __name__ == '__main__': + args = _process_command_line_arguments() + main(args) diff --git a/source/sat/sat_web.py b/source/sat/sat_web.py new file mode 100644 index 0000000..241f216 --- /dev/null +++ b/source/sat/sat_web.py @@ -0,0 +1,171 @@ +#!/usr/bin/env python3 + +import base64 +import hashlib +import uuid +from datetime import datetime, timedelta + +import httpx +import lxml.etree as ET + + +class SATWebService(): + BASE = 'https://cfdidescargamasivasolicitud.clouda.sat.gob.mx' + URL = { + 'AUTH': f'{BASE}/Autenticacion/Autenticacion.svc', + 'REQ': f'{BASE}/SolicitaDescargaService.svc', + } + XMLNS = 'http://DescargaMasivaTerceros.gob.mx' + ACTIONS = { + 'AUTH': f'{XMLNS}/IAutenticacion/Autentica', + 'REQ': f'{XMLNS}/ISolicitaDescargaService/SolicitaDescarga', + } + HEADERS = { + 'Content-type': 'text/xml;charset="utf-8"', + 'Accept': 'text/xml', + 'Cache-Control': 'no-cache', + } + NS = { + 's': 'http://schemas.xmlsoap.org/soap/envelope/', + 'u': 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd', + 'o': 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' + 'des': 'http://DescargaMasivaTerceros.sat.gob.mx', + 'xd': 'http://www.w3.org/2000/09/xmldsig#', + } + + def __init__(self, cert): + self._cert = cert + self._error = '' + self._token = self._get_token() + + @property + def is_authenticate(self): + return bool(self._token) + + @property + def error(self): + return self._error + + def _get_data_auth(self): + NSMAP = {'s': self.NS['s'], 'u': self.NS['u']} + FORMAT = '%Y-%m-%dT%H:%M:%S.%fZ' + UID = str(uuid.uuid4()) + + now = datetime.utcnow() + date_created = now.strftime(FORMAT) + date_expires = (now + timedelta(seconds=300)).strftime(FORMAT) + + node_name = f"{{{self.NS['s']}}}Envelope" + root = ET.Element(node_name, nsmap=NSMAP) + + node_name = f"{{{self.NS['s']}}}Header" + header = ET.SubElement(root, node_name) + + node_name = f"{{{self.NS['o']}}}Security" + nsmap = {'o': self.NS['o']} + attr_name = f"{{{self.NS['s']}}}mustUnderstand" + attr = {attr_name: '1'} + security = ET.SubElement(header, node_name, attr, nsmap=nsmap) + + node_name = f"{{{self.NS['u']}}}Timestamp" + attr_name = f"{{{self.NS['u']}}}Id" + attr = {attr_name: '_0'} + timestamp = ET.SubElement(security, node_name, attr) + node_name = f"{{{self.NS['u']}}}Created" + ET.SubElement(timestamp, node_name).text = date_created + node_name = f"{{{self.NS['u']}}}Expires" + ET.SubElement(timestamp, node_name).text = date_expires + + node_name = f"{{{self.NS['o']}}}BinarySecurityToken" + attr = { + f"{{{self.NS['u']}}}Id": UID, + 'ValueType': 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3', + 'EncodingType': 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary' + } + ET.SubElement(security, node_name, attr).text = self._cert.cer_txt + + nsmap = {None: 'http://www.w3.org/2000/09/xmldsig#'} + signature = ET.SubElement(security, 'Signature', nsmap=nsmap) + signedinfo = ET.SubElement(signature, 'SignedInfo') + attr1 = {'Algorithm': 'http://www.w3.org/2001/10/xml-exc-c14n#'} + ET.SubElement(signedinfo, 'CanonicalizationMethod', attr1) + attr = {'Algorithm': 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'} + ET.SubElement(signedinfo, 'SignatureMethod', attr) + + attr = {'URI': '#_0'} + reference = ET.SubElement(signedinfo, 'Reference', attr) + transforms = ET.SubElement(reference, 'Transforms') + ET.SubElement(transforms, 'Transform', attr1) + attr = {'Algorithm': 'http://www.w3.org/2000/09/xmldsig#sha1'} + ET.SubElement(reference, 'DigestMethod', attr) + + dvalue = ET.tostring(timestamp, method='c14n', exclusive=1) + dvalue = base64.b64encode(hashlib.new('sha1', dvalue).digest()) + ET.SubElement(reference, 'DigestValue').text = dvalue + + signature_value = ET.tostring(signedinfo, method='c14n', exclusive=1) + signature_value = self._cert.sign_sha1(signature_value) + ET.SubElement(signature, 'SignatureValue').text = signature_value + keyinfo = ET.SubElement(signature, 'KeyInfo') + + node_name = f"{{{self.NS['o']}}}SecurityTokenReference" + security_token = ET.SubElement(keyinfo, node_name) + + node_name = f"{{{self.NS['o']}}}Reference" + attr = { + 'ValueType': 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3', + 'URI': f'#{UID}', + } + ET.SubElement(security_token, node_name, attr) + + node_name = f"{{{self.NS['s']}}}Body" + body = ET.SubElement(root, node_name) + nsmap = {None: self.XMLNS} + ET.SubElement(body, 'Autentica', nsmap=nsmap) + + # ~ soap = ET.tostring(root, pretty_print=True, encoding='utf-8') + soap = ET.tostring(root) + + return soap + + def _get_token(self): + headers = self.HEADERS.copy() + headers['SOAPAction'] = self.ACTIONS['AUTH'] + data = self._get_data_auth() + + response = httpx.post(self.URL['AUTH'], data=data, headers=headers) + if response.status_code != httpx.codes.OK: + self._error = f'Status: {response.status_code} - {response.text}' + return + + result = ET.fromstring(response.text) + nsmap = {'s': self.NS['s'], None: self.XMLNS} + node_name = 's:Body/AutenticaResponse/AutenticaResult' + token = result.find(node_name, namespaces=nsmap).text + + return token + + def _get_data_req(self, args): + + return + + def _get_request(self, args): + headers = self.HEADERS.copy() + headers['SOAPAction'] = self.ACTIONS['REQ'] + headers['Authorization'] = f'WRAP access_token="{self._token}"' + data = self._get_data_req(args) + + response = httpx.post(self.URL['REQ'], data=data, headers=headers) + if response.status_code != httpx.codes.OK: + self._error = f'Status: {response.status_code} - {response.text}' + return + + print(response.text) + result = ET.fromstring(response.text) + + return + + def download(self, args): + request = self._get_request(args) + print(request) + return diff --git a/source/sat/util.py b/source/sat/util.py new file mode 100644 index 0000000..bbd984d --- /dev/null +++ b/source/sat/util.py @@ -0,0 +1,157 @@ +#!/usr/bin/env python3 + +import getpass +import uuid +from datetime import datetime +from pathlib import Path + +from .cfdi_cert import SATCertificate +from .sat_web import SATWebService +from settings import log + + +def today(): + return datetime.today() + + +def validate_date(year, month, day): + try: + datetime(year, month, day, 0, 0, 0) + result = True + except ValueError: + result = False + return result + + +def is_dir(path): + return Path(path).is_dir() + + +def join(*paths): + return Path(paths[0]).joinpath(*paths[1:]) + + +def _validate_fiel_args(args): + fiel_path = args.fiel_dir + fiel_name = args.fiel_nombre + + if not fiel_path: + msg = 'El directorio con la FIEL es requerido' + log.error(msg) + return False, {} + + if not is_dir(fiel_path): + msg = f'La ruta no existe o no es un directorio. \nRuta: {fiel_path}' + log.error(msg) + return False, {} + + path_cer = join(fiel_path, f'{fiel_name}.cer') + path_key = join(fiel_path, f'{fiel_name}.key') + path_enc = join(fiel_path, f'{fiel_name}.enc') + + if not path_cer.is_file(): + msg = f'No se encontró el archivo CER. \nRuta: {path_cer}' + log.error(msg) + return False, {} + + if not path_key.is_file(): + msg = f'No se encontró el archivo KEY. \nRuta: {path_cer}' + log.error(msg) + return False, {} + + data = { + 'path_cer': path_cer, + 'path_key': path_key, + 'path_enc': path_enc, + } + return True, data + + +def fiel_validar(args): + result, data = _validate_fiel_args(args) + if not result: + return + + password = getpass.getpass('Introduce la contraseña del archivo KEY: ') + if not password: + msg = 'La contraseña es requerida para validar la FIEL' + log.error(msg) + return + + cer = data['path_cer'].read_bytes() + key = data['path_key'].read_bytes() + cert = SATCertificate(cer, key, password) + + if cert.error: + msg = f'{cert.error}\n\nNo podrás conectarte el SAT.' + log.error(msg) + return + + if not cert.is_fiel: + msg = 'El certificado no es FIEL' + log.error(msg) + return + + data['path_enc'].write_bytes(cert.key_enc) + + msg = 'Los datos del certificado son:' + log.info(msg) + log.info(f'\n{cert}') + msg = 'Ya puedes descargar del SAT' + log.info(msg) + return + + +def base_datos(): + db.create_tables() + return + + +def _validate_download_args(args): + result, data = _validate_fiel_args(args) + if not result: + return False, {} + + if not data['path_enc'].is_file(): + msg = f"No se encontró la FIEL encriptada. \nRuta: {data['path_enc']}" + log.error(msg) + return False, {} + + cer = data['path_cer'].read_bytes() + key = data['path_enc'].read_bytes() + cert = SATCertificate(cer, key) + + if not cert.is_valid_time: + msg = 'La FIEL no es vigente' + log.error(msg) + return False, {} + + data['cert'] = cert + data['type'] = args.type + data['year'] = args.year + data['month'] = args.month + data['day'] = args.day + + if data['day']: + if not validate_date(data['year'], data['month'], data['day']): + msg = 'Fecha inválida' + log.error(msg) + return False, {} + + return True, data + + +def sat_download(args): + result, data = _validate_download_args(args) + if not result: + return + + sat = SATWebService(data['cert']) + + if sat.is_authenticate: + sat.download(data) + else: + log.error(sat.error) + + return + diff --git a/source/settings.py b/source/settings.py new file mode 100644 index 0000000..7b2d006 --- /dev/null +++ b/source/settings.py @@ -0,0 +1,14 @@ +#!/usr/bin/env python3 + +import logging +from conf import DEBUG + + +LOG_FORMAT = '%(asctime)s - %(levelname)s - %(message)s' +LOG_DATE = '%d/%m/%Y %H:%M:%S' +logging.addLevelName(logging.ERROR, '\033[1;41mERROR\033[1;0m') +logging.addLevelName(logging.DEBUG, '\x1b[33mDEBUG\033[1;0m') +logging.addLevelName(logging.INFO, '\x1b[32mINFO\033[1;0m') +logging.basicConfig(level=logging.DEBUG, format=LOG_FORMAT, datefmt=LOG_DATE) +log = logging.getLogger(__name__) + From 48155488c3a3c35579d175baa413cd1339f62fdb Mon Sep 17 00:00:00 2001 From: Mauricio Baeza Date: Wed, 14 Jul 2021 12:14:58 -0500 Subject: [PATCH 03/13] Solicitar descarga --- requirements.txt | 1 + source/cfdi-descarga.py | 3 +- source/sat/cfdi_cert.py | 57 ++++---------------------- source/sat/sat_web.py | 88 +++++++++++++++++++++++++++++++++++------ source/sat/util.py | 25 ++++++++++-- 5 files changed, 108 insertions(+), 66 deletions(-) diff --git a/requirements.txt b/requirements.txt index 9e7e111..68153fd 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,4 @@ httpx peewee cryptography +lxml diff --git a/source/cfdi-descarga.py b/source/cfdi-descarga.py index 1147ef2..8160689 100755 --- a/source/cfdi-descarga.py +++ b/source/cfdi-descarga.py @@ -17,7 +17,6 @@ def main(args): def _process_command_line_arguments(): now = util.today() year = now.year - month = now.month parser = argparse.ArgumentParser(description='CFDI Descarga SAT') @@ -34,7 +33,7 @@ def _process_command_line_arguments(): help = "Año de la descarga entre 2014 y el año actual (predeterminado)." parser.add_argument('-a', '--año', help=help, dest='year', default=year, type=int, choices=range(2014, year+1)) help = "Mes de la descarga, el mes actual es el predeterminado" - parser.add_argument('-m', '--mes', help=help, dest='month', default=month, type=int, choices=range(13)) + parser.add_argument('-m', '--mes', help=help, dest='month', default=0, type=int, choices=range(13)) help = "Día de la descarga, de forma predeterminada no se usa" parser.add_argument('-d', '--dia', help=help, dest='day', default=0, type=int, choices=range(32)) diff --git a/source/sat/cfdi_cert.py b/source/sat/cfdi_cert.py index 725029c..35fc048 100644 --- a/source/sat/cfdi_cert.py +++ b/source/sat/cfdi_cert.py @@ -39,6 +39,7 @@ class SATCertificate(object): self._p12 = b'' self._cer_modulus = 0 self._key_modulus = 0 + self._issuer = '' return def __str__(self): @@ -68,6 +69,8 @@ class SATCertificate(object): self._serial_number = '{0:x}'.format(obj.serial_number)[1::2] self._not_before = obj.not_valid_before self._not_after = obj.not_valid_after + self._issuer = ','.join([i.rfc4514_string() for i in obj.issuer]) + now = datetime.datetime.utcnow() self._is_valid_time = (now > self.not_before) and (now < self.not_after) if not self._is_valid_time: @@ -80,6 +83,7 @@ class SATCertificate(object): self._cer_pem = obj.public_bytes(serialization.Encoding.PEM).decode() self._cer_txt = ''.join(self._cer_pem.split('\n')[1:-2]) self._cer_modulus = obj.public_key().public_numbers().n + return def _get_data_key(self, key, password): @@ -203,6 +207,10 @@ class SATCertificate(object): def key_enc(self): return self._key_enc + @property + def issuer(self): + return self._issuer + @property def p12(self): return self._get_p12() @@ -210,52 +218,3 @@ class SATCertificate(object): @property def error(self): return self._error - - -def main(args): - contra = getpass.getpass('Introduce la contraseña del archivo KEY: ') - #contra = '12345678a' - if not contra.strip(): - msg = 'La contraseña es requerida' - print(msg) - return - - path_cer = Path(args.cer) - path_key = Path(args.key) - - if not path_cer.is_file(): - msg = 'El archivo CER es necesario' - print(msg) - return - - if not path_key.is_file(): - msg = 'El archivo KEY es necesario' - print(msg) - return - - cer = path_cer.read_bytes() - key = path_key.read_bytes() - cert = SATCertificate(cer, key, contra) - - if cert.error: - print(cert.error) - else: - print(cert) - return - - -def _process_command_line_arguments(): - parser = argparse.ArgumentParser(description='CFDI Certificados') - - help = 'Archivo CER' - parser.add_argument('-c', '--cer', help=help, default='') - help = 'Archivo KEY' - parser.add_argument('-k', '--key', help=help, default='') - - args = parser.parse_args() - return args - - -if __name__ == '__main__': - args = _process_command_line_arguments() - main(args) diff --git a/source/sat/sat_web.py b/source/sat/sat_web.py index 241f216..57cdf0c 100644 --- a/source/sat/sat_web.py +++ b/source/sat/sat_web.py @@ -28,10 +28,11 @@ class SATWebService(): NS = { 's': 'http://schemas.xmlsoap.org/soap/envelope/', 'u': 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd', - 'o': 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' + 'o': 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd', 'des': 'http://DescargaMasivaTerceros.sat.gob.mx', 'xd': 'http://www.w3.org/2000/09/xmldsig#', } + NS_RESULT = {'s': NS['s'], None: XMLNS} def __init__(self, cert): self._cert = cert @@ -120,8 +121,7 @@ class SATWebService(): node_name = f"{{{self.NS['s']}}}Body" body = ET.SubElement(root, node_name) - nsmap = {None: self.XMLNS} - ET.SubElement(body, 'Autentica', nsmap=nsmap) + ET.SubElement(body, 'Autentica', nsmap=self.NS_RESULT) # ~ soap = ET.tostring(root, pretty_print=True, encoding='utf-8') soap = ET.tostring(root) @@ -146,10 +146,77 @@ class SATWebService(): return token def _get_data_req(self, args): + NSMAP = {'s': self.NS['s'], 'des': self.NS['des'], 'xd': self.NS['xd']} + FORMAT = '%Y-%m-%dT%H:%M:%S' - return + date_start = args['date_start'] + date_end = args['date_end'] - def _get_request(self, args): + node_name = f"{{{self.NS['s']}}}Envelope" + root = ET.Element(node_name, nsmap=NSMAP) + + node_name = f"{{{self.NS['s']}}}Header" + body = ET.SubElement(root, node_name) + + node_name = f"{{{self.NS['s']}}}Body" + body = ET.SubElement(root, node_name) + + node_name = f"{{{self.NS['des']}}}SolicitaDescarga" + request_down = ET.SubElement(body, node_name) + + node_name = f"{{{self.NS['des']}}}solicitud" + attr = { + 'RfcSolicitante': self._cert.rfc, + 'FechaFinal': date_end.strftime(FORMAT), + 'FechaInicial': date_start.strftime(FORMAT), + 'TipoSolicitud': 'cfdi', + } + request = ET.SubElement(request_down, node_name, attr) + # ~ if rfc_emisor is not None: + # ~ solicitud.set('RfcEmisor', rfc_emisor) + # ~ if rfc_receptor is not None: + # ~ solicitud.set('RfcReceptor', rfc_receptor) + + nsmap = {None: self.NS['xd']} + signature = ET.SubElement(request, 'Signature', nsmap=nsmap) + signed_info = ET.SubElement(signature, 'SignedInfo', nsmap=nsmap) + + node_name = 'CanonicalizationMethod' + attr1 = {'Algorithm': 'http://www.w3.org/2001/10/xml-exc-c14n#'} + canonicalization = ET.SubElement(signed_info, node_name, attr) + + node_name = 'SignatureMethod' + attr = {'Algorithm': 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'} + signature_method = ET.SubElement(signed_info, node_name, attr) + + attr = {'URI': '#_0'} + reference = ET.SubElement(signed_info, 'Reference', attr) + transforms = ET.SubElement(reference, 'Transforms') + ET.SubElement(transforms, 'Transform') + attr = {'Algorithm': 'http://www.w3.org/2000/09/xmldsig#sha1'} + ET.SubElement(reference, 'DigestMethod', attr) + + dvalue = ET.tostring(request_down, method='c14n', exclusive=1) + dvalue = base64.b64encode(hashlib.new('sha1', dvalue).digest()) + ET.SubElement(reference, 'DigestValue').text = dvalue + + signature_value = ET.tostring(signed_info, method='c14n', exclusive=1) + signature_value = self._cert.sign_sha1(signature_value) + ET.SubElement(signature, 'SignatureValue').text = signature_value + + key_info = ET.SubElement(signature, 'KeyInfo') + x_data = ET.SubElement(key_info, 'X509Data') + x_issuer_serial = ET.SubElement(x_data, 'X509IssuerSerial') + ET.SubElement(x_issuer_serial, 'X509IssuerName').text = self._cert.issuer + ET.SubElement(x_issuer_serial, 'X509SerialNumber').text = self._cert.serial_number + ET.SubElement(x_data, 'X509Certificate').text = self._cert.cer_txt + + # ~ soap = ET.tostring(root, pretty_print=True, encoding='utf-8') + soap = ET.tostring(root) + + return soap + + def request_download(self, args): headers = self.HEADERS.copy() headers['SOAPAction'] = self.ACTIONS['REQ'] headers['Authorization'] = f'WRAP access_token="{self._token}"' @@ -160,12 +227,9 @@ class SATWebService(): self._error = f'Status: {response.status_code} - {response.text}' return - print(response.text) result = ET.fromstring(response.text) + node_name = 's:Body/SolicitaDescargaResponse/SolicitaDescargaResult' + node = result.find(node_name, namespaces=self.NS_RESULT) + data = dict(node.attrib) - return - - def download(self, args): - request = self._get_request(args) - print(request) - return + return data diff --git a/source/sat/util.py b/source/sat/util.py index bbd984d..4067519 100644 --- a/source/sat/util.py +++ b/source/sat/util.py @@ -2,6 +2,7 @@ import getpass import uuid +from calendar import monthrange from datetime import datetime from pathlib import Path @@ -138,6 +139,22 @@ def _validate_download_args(args): log.error(msg) return False, {} + now = today() + + month1 = month2 = data['month'] + if month1 == 0: + month1 = 1 + month2 = 12 + + if data['day']: + day1 = day2 = data['day'] + else: + day1 = 1 + day2 = monthrange(data['year'], month2)[1] + + data['date_start'] = datetime(data['year'], month1, day1) + data['date_end'] = datetime(data['year'], month2, day2, 23, 59, 59) + return True, data @@ -148,10 +165,12 @@ def sat_download(args): sat = SATWebService(data['cert']) - if sat.is_authenticate: - sat.download(data) - else: + if not sat.is_authenticate: log.error(sat.error) + return + + result = sat.request_download(data) + print(result) return From 82033da2073749d846c421b2e89cf7b5c8d35fd0 Mon Sep 17 00:00:00 2001 From: Mauricio Baeza Date: Wed, 14 Jul 2021 15:32:30 -0500 Subject: [PATCH 04/13] Solicitud de descarga correcta --- source/cfdi-descarga.py | 11 +++++++++++ source/sat/cfdi_cert.py | 6 ++++++ source/sat/sat_web.py | 41 +++++++++++++++++++++++++---------------- source/sat/util.py | 1 + 4 files changed, 43 insertions(+), 16 deletions(-) diff --git a/source/cfdi-descarga.py b/source/cfdi-descarga.py index 8160689..a05bb3c 100755 --- a/source/cfdi-descarga.py +++ b/source/cfdi-descarga.py @@ -37,6 +37,10 @@ def _process_command_line_arguments(): help = "Día de la descarga, de forma predeterminada no se usa" parser.add_argument('-d', '--dia', help=help, dest='day', default=0, type=int, choices=range(32)) + help = 'Verificar estatus de descarga' + parser.add_argument('-ve', '--fiel-validar', help=help, + action='store_true', default=False, required=False) + args = parser.parse_args() return args @@ -44,3 +48,10 @@ def _process_command_line_arguments(): if __name__ == '__main__': args = _process_command_line_arguments() main(args) + + +# ~ { + # ~ 'IdSolicitud': '307a22f0-1259-479c-96b1-2852f9072c58', + # ~ 'CodEstatus': '5000', + # ~ 'Mensaje': 'Solicitud Aceptada' +# ~ } diff --git a/source/sat/cfdi_cert.py b/source/sat/cfdi_cert.py index 35fc048..8623356 100644 --- a/source/sat/cfdi_cert.py +++ b/source/sat/cfdi_cert.py @@ -28,6 +28,7 @@ class SATCertificate(object): def _init_values(self): self._rfc = '' self._serial_number = '' + self._serial_number2 = '' self._not_before = None self._not_after = None self._is_fiel = False @@ -66,6 +67,7 @@ class SATCertificate(object): obj = x509.load_der_x509_certificate(cer, default_backend()) self._rfc = obj.subject.get_attributes_for_oid( NameOID.X500_UNIQUE_IDENTIFIER)[0].value.split(' ')[0] + self._serial_number2 = obj.serial_number self._serial_number = '{0:x}'.format(obj.serial_number)[1::2] self._not_before = obj.not_valid_before self._not_after = obj.not_valid_after @@ -167,6 +169,10 @@ class SATCertificate(object): def serial_number(self): return self._serial_number + @property + def serial_number2(self): + return self._serial_number2 + @property def not_before(self): return self._not_before diff --git a/source/sat/sat_web.py b/source/sat/sat_web.py index 57cdf0c..46bc447 100644 --- a/source/sat/sat_web.py +++ b/source/sat/sat_web.py @@ -16,9 +16,10 @@ class SATWebService(): 'REQ': f'{BASE}/SolicitaDescargaService.svc', } XMLNS = 'http://DescargaMasivaTerceros.gob.mx' + XMLNS2 = 'http://DescargaMasivaTerceros.sat.gob.mx' ACTIONS = { 'AUTH': f'{XMLNS}/IAutenticacion/Autentica', - 'REQ': f'{XMLNS}/ISolicitaDescargaService/SolicitaDescarga', + 'REQ': f'{XMLNS2}/ISolicitaDescargaService/SolicitaDescarga', } HEADERS = { 'Content-type': 'text/xml;charset="utf-8"', @@ -33,6 +34,7 @@ class SATWebService(): 'xd': 'http://www.w3.org/2000/09/xmldsig#', } NS_RESULT = {'s': NS['s'], None: XMLNS} + NS_RESULT2 = {'s': NS['s'], None: XMLNS2} def __init__(self, cert): self._cert = cert @@ -169,7 +171,8 @@ class SATWebService(): 'RfcSolicitante': self._cert.rfc, 'FechaFinal': date_end.strftime(FORMAT), 'FechaInicial': date_start.strftime(FORMAT), - 'TipoSolicitud': 'cfdi', + 'TipoSolicitud': 'CFDI', + 'RfcEmisor': self._cert.rfc, } request = ET.SubElement(request_down, node_name, attr) # ~ if rfc_emisor is not None: @@ -183,7 +186,7 @@ class SATWebService(): node_name = 'CanonicalizationMethod' attr1 = {'Algorithm': 'http://www.w3.org/2001/10/xml-exc-c14n#'} - canonicalization = ET.SubElement(signed_info, node_name, attr) + canonicalization = ET.SubElement(signed_info, node_name, attr1) node_name = 'SignatureMethod' attr = {'Algorithm': 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'} @@ -192,24 +195,30 @@ class SATWebService(): attr = {'URI': '#_0'} reference = ET.SubElement(signed_info, 'Reference', attr) transforms = ET.SubElement(reference, 'Transforms') - ET.SubElement(transforms, 'Transform') + ET.SubElement(transforms, 'Transform', attr1) attr = {'Algorithm': 'http://www.w3.org/2000/09/xmldsig#sha1'} ET.SubElement(reference, 'DigestMethod', attr) - - dvalue = ET.tostring(request_down, method='c14n', exclusive=1) - dvalue = base64.b64encode(hashlib.new('sha1', dvalue).digest()) - ET.SubElement(reference, 'DigestValue').text = dvalue - - signature_value = ET.tostring(signed_info, method='c14n', exclusive=1) - signature_value = self._cert.sign_sha1(signature_value) - ET.SubElement(signature, 'SignatureValue').text = signature_value + digest_value = ET.SubElement(reference, 'DigestValue') + signature_value = ET.SubElement(signature, 'SignatureValue') key_info = ET.SubElement(signature, 'KeyInfo') x_data = ET.SubElement(key_info, 'X509Data') x_issuer_serial = ET.SubElement(x_data, 'X509IssuerSerial') - ET.SubElement(x_issuer_serial, 'X509IssuerName').text = self._cert.issuer - ET.SubElement(x_issuer_serial, 'X509SerialNumber').text = self._cert.serial_number - ET.SubElement(x_data, 'X509Certificate').text = self._cert.cer_txt + x_issuer = ET.SubElement(x_issuer_serial, 'X509IssuerName') + x_serial_number = ET.SubElement(x_issuer_serial, 'X509SerialNumber') + x_cert = ET.SubElement(x_data, 'X509Certificate') + + dvalue = ET.tostring(request_down, method='c14n', exclusive=1) + dvalue = base64.b64encode(hashlib.new('sha1', dvalue).digest()) + digest_value.text = dvalue + + sign = ET.tostring(signed_info, method='c14n', exclusive=1) + sign = self._cert.sign_sha1(sign) + signature_value.text = sign + + x_issuer.text = self._cert.issuer + x_serial_number.text = str(self._cert.serial_number2) + x_cert.text = self._cert.cer_txt # ~ soap = ET.tostring(root, pretty_print=True, encoding='utf-8') soap = ET.tostring(root) @@ -229,7 +238,7 @@ class SATWebService(): result = ET.fromstring(response.text) node_name = 's:Body/SolicitaDescargaResponse/SolicitaDescargaResult' - node = result.find(node_name, namespaces=self.NS_RESULT) + node = result.find(node_name, namespaces=self.NS_RESULT2) data = dict(node.attrib) return data diff --git a/source/sat/util.py b/source/sat/util.py index 4067519..8c78a90 100644 --- a/source/sat/util.py +++ b/source/sat/util.py @@ -100,6 +100,7 @@ def fiel_validar(args): log.info(f'\n{cert}') msg = 'Ya puedes descargar del SAT' log.info(msg) + return From 98ba0df3afbfd9c6d7eb191731eb7e61fd2bcf84 Mon Sep 17 00:00:00 2001 From: Mauricio Baeza Date: Wed, 14 Jul 2021 21:20:57 -0500 Subject: [PATCH 05/13] Descarga de archivo correcta --- source/cfdi-descarga.py | 29 ++++++- source/conf.py.ejemplo | 7 ++ source/sat/sat_web.py | 184 ++++++++++++++++++++++++++++++++++++++++ source/sat/util.py | 118 +++++++++++++++++++++++++- 4 files changed, 332 insertions(+), 6 deletions(-) create mode 100644 source/conf.py.ejemplo diff --git a/source/cfdi-descarga.py b/source/cfdi-descarga.py index a05bb3c..2606839 100755 --- a/source/cfdi-descarga.py +++ b/source/cfdi-descarga.py @@ -9,7 +9,17 @@ def main(args): util.fiel_validar(args) return - util.sat_download(args) + if args.solicitar_descarga: + util.solicitar_descarga(args) + return + + if args.verificar_descarga: + util.verificar_descarga(args) + return + + if args.descargar_archivos: + util.descargar_archivos(args) + return return @@ -37,9 +47,22 @@ def _process_command_line_arguments(): help = "Día de la descarga, de forma predeterminada no se usa" parser.add_argument('-d', '--dia', help=help, dest='day', default=0, type=int, choices=range(32)) - help = 'Verificar estatus de descarga' - parser.add_argument('-ve', '--fiel-validar', help=help, + help = 'Solicitar descarga' + parser.add_argument('-sd', '--solicitar-descarga', help=help, action='store_true', default=False, required=False) + help = 'Verificar estatus de descarga' + parser.add_argument('-vd', '--verificar-descarga', help=help, + action='store_true', default=False, required=False) + help = 'Descargar archivos' + parser.add_argument('-da', '--descargar-archivos', help=help, + action='store_true', default=False, required=False) + help = 'ID de solicitud' + parser.add_argument('-id', '--id-solicitud', dest='id_request', help=help, default='') + help = 'ID archivo' + parser.add_argument('-ida', '--id-archivo', dest='id_file', help=help, default='') + help = 'Ruta de descarga de archivos' + parser.add_argument('-dd', '--directorio-descargas', dest='path_download', + help=help, default='') args = parser.parse_args() return args diff --git a/source/conf.py.ejemplo b/source/conf.py.ejemplo new file mode 100644 index 0000000..8f1fe03 --- /dev/null +++ b/source/conf.py.ejemplo @@ -0,0 +1,7 @@ +#!/usr/bin/env python + +DEBUG = False + +# ~ Este valor se usa para cifrar la FIEL +# ~ Si la cambias en producción, debes de validar de nuevo las FIELs +TOKEN = '' diff --git a/source/sat/sat_web.py b/source/sat/sat_web.py index 46bc447..a032478 100644 --- a/source/sat/sat_web.py +++ b/source/sat/sat_web.py @@ -14,12 +14,16 @@ class SATWebService(): URL = { 'AUTH': f'{BASE}/Autenticacion/Autenticacion.svc', 'REQ': f'{BASE}/SolicitaDescargaService.svc', + 'VSD': f'{BASE}/VerificaSolicitudDescargaService.svc', + 'DOWN': 'https://cfdidescargamasiva.clouda.sat.gob.mx/DescargaMasivaService.svc', } XMLNS = 'http://DescargaMasivaTerceros.gob.mx' XMLNS2 = 'http://DescargaMasivaTerceros.sat.gob.mx' ACTIONS = { 'AUTH': f'{XMLNS}/IAutenticacion/Autentica', 'REQ': f'{XMLNS2}/ISolicitaDescargaService/SolicitaDescarga', + 'VSD': f'{XMLNS2}/IVerificaSolicitudDescargaService/VerificaSolicitudDescarga', + 'DOWN': f'{XMLNS2}/IDescargaMasivaTercerosService/Descargar', } HEADERS = { 'Content-type': 'text/xml;charset="utf-8"', @@ -242,3 +246,183 @@ class SATWebService(): data = dict(node.attrib) return data + + def _get_data_verify(self, args): + NSMAP = {'s': self.NS['s'], 'des': self.NS['des'], 'xd': self.NS['xd']} + + node_name = f"{{{self.NS['s']}}}Envelope" + root = ET.Element(node_name, nsmap=NSMAP) + + node_name = f"{{{self.NS['s']}}}Header" + body = ET.SubElement(root, node_name) + + node_name = f"{{{self.NS['s']}}}Body" + body = ET.SubElement(root, node_name) + + node_name = f"{{{self.NS['des']}}}VerificaSolicitudDescarga" + verify_download = ET.SubElement(body, node_name) + + node_name = f"{{{self.NS['des']}}}solicitud" + attr = { + 'IdSolicitud': args['id'], + 'RfcSolicitante': self._cert.rfc, + } + request = ET.SubElement(verify_download, node_name, attr) + + nsmap = {None: self.NS['xd']} + signature = ET.SubElement(request, 'Signature', nsmap=nsmap) + signed_info = ET.SubElement(signature, 'SignedInfo', nsmap=nsmap) + + node_name = 'CanonicalizationMethod' + attr1 = {'Algorithm': 'http://www.w3.org/2001/10/xml-exc-c14n#'} + canonicalization = ET.SubElement(signed_info, node_name, attr1) + + node_name = 'SignatureMethod' + attr = {'Algorithm': 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'} + signature_method = ET.SubElement(signed_info, node_name, attr) + + attr = {'URI': '#_0'} + reference = ET.SubElement(signed_info, 'Reference', attr) + transforms = ET.SubElement(reference, 'Transforms') + ET.SubElement(transforms, 'Transform', attr1) + attr = {'Algorithm': 'http://www.w3.org/2000/09/xmldsig#sha1'} + ET.SubElement(reference, 'DigestMethod', attr) + digest_value = ET.SubElement(reference, 'DigestValue') + signature_value = ET.SubElement(signature, 'SignatureValue') + + key_info = ET.SubElement(signature, 'KeyInfo') + x_data = ET.SubElement(key_info, 'X509Data') + x_issuer_serial = ET.SubElement(x_data, 'X509IssuerSerial') + x_issuer = ET.SubElement(x_issuer_serial, 'X509IssuerName') + x_serial_number = ET.SubElement(x_issuer_serial, 'X509SerialNumber') + x_cert = ET.SubElement(x_data, 'X509Certificate') + + dvalue = ET.tostring(verify_download, method='c14n', exclusive=1) + dvalue = base64.b64encode(hashlib.new('sha1', dvalue).digest()) + digest_value.text = dvalue + + sign = ET.tostring(signed_info, method='c14n', exclusive=1) + sign = self._cert.sign_sha1(sign) + signature_value.text = sign + + x_issuer.text = self._cert.issuer + x_serial_number.text = str(self._cert.serial_number2) + x_cert.text = self._cert.cer_txt + + # ~ soap = ET.tostring(root, pretty_print=True, encoding='utf-8') + soap = ET.tostring(root) + + return soap + + def verify(self, args): + headers = self.HEADERS.copy() + headers['SOAPAction'] = self.ACTIONS['VSD'] + headers['Authorization'] = f'WRAP access_token="{self._token}"' + data = self._get_data_verify(args) + + response = httpx.post(self.URL['VSD'], data=data, headers=headers) + if response.status_code != httpx.codes.OK: + self._error = f'Status: {response.status_code} - {response.text}' + return + + result = ET.fromstring(response.text) + node_name = 's:Body/VerificaSolicitudDescargaResponse/VerificaSolicitudDescargaResult' + node = result.find(node_name, namespaces=self.NS_RESULT2) + data = dict(node.attrib) + data['files'] = [n.text for n in node] + + return data + + def _get_data_download(self, args): + NSMAP = {'s': self.NS['s'], 'des': self.NS['des'], 'xd': self.NS['xd']} + + node_name = f"{{{self.NS['s']}}}Envelope" + root = ET.Element(node_name, nsmap=NSMAP) + + node_name = f"{{{self.NS['s']}}}Header" + body = ET.SubElement(root, node_name) + + node_name = f"{{{self.NS['s']}}}Body" + body = ET.SubElement(root, node_name) + + node_name = f"{{{self.NS['des']}}}PeticionDescargaMasivaTercerosEntrada" + request_download = ET.SubElement(body, node_name) + + node_name = f"{{{self.NS['des']}}}peticionDescarga" + attr = { + 'IdPaquete': args['id_file'], + 'RfcSolicitante': self._cert.rfc, + } + request = ET.SubElement(request_download, node_name, attr) + + nsmap = {None: self.NS['xd']} + signature = ET.SubElement(request, 'Signature', nsmap=nsmap) + signed_info = ET.SubElement(signature, 'SignedInfo', nsmap=nsmap) + + node_name = 'CanonicalizationMethod' + attr1 = {'Algorithm': 'http://www.w3.org/2001/10/xml-exc-c14n#'} + canonicalization = ET.SubElement(signed_info, node_name, attr1) + + node_name = 'SignatureMethod' + attr = {'Algorithm': 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'} + signature_method = ET.SubElement(signed_info, node_name, attr) + + attr = {'URI': '#_0'} + reference = ET.SubElement(signed_info, 'Reference', attr) + transforms = ET.SubElement(reference, 'Transforms') + ET.SubElement(transforms, 'Transform', attr1) + attr = {'Algorithm': 'http://www.w3.org/2000/09/xmldsig#sha1'} + ET.SubElement(reference, 'DigestMethod', attr) + digest_value = ET.SubElement(reference, 'DigestValue') + signature_value = ET.SubElement(signature, 'SignatureValue') + + key_info = ET.SubElement(signature, 'KeyInfo') + x_data = ET.SubElement(key_info, 'X509Data') + x_issuer_serial = ET.SubElement(x_data, 'X509IssuerSerial') + x_issuer = ET.SubElement(x_issuer_serial, 'X509IssuerName') + x_serial_number = ET.SubElement(x_issuer_serial, 'X509SerialNumber') + x_cert = ET.SubElement(x_data, 'X509Certificate') + + dvalue = ET.tostring(request_download, method='c14n', exclusive=1) + dvalue = base64.b64encode(hashlib.new('sha1', dvalue).digest()) + digest_value.text = dvalue + + sign = ET.tostring(request_download, method='c14n', exclusive=1) + sign = self._cert.sign_sha1(sign) + signature_value.text = sign + + x_issuer.text = self._cert.issuer + x_serial_number.text = str(self._cert.serial_number2) + x_cert.text = self._cert.cer_txt + + # ~ soap = ET.tostring(root, pretty_print=True, encoding='utf-8') + soap = ET.tostring(root) + + return soap + + def download(self, args): + headers = self.HEADERS.copy() + headers['SOAPAction'] = self.ACTIONS['DOWN'] + headers['Authorization'] = f'WRAP access_token="{self._token}"' + data = self._get_data_download(args) + + response = httpx.post(self.URL['DOWN'], data=data, headers=headers) + if response.status_code != httpx.codes.OK: + self._error = f'Status: {response.status_code} - {response.text}' + return + + result = ET.fromstring(response.text) + namespaces = self.NS_RESULT2.copy() + namespaces['h'] = 'http://DescargaMasivaTerceros.sat.gob.mx' + + respuesta = result.find('s:Header/h:respuesta', namespaces=namespaces) + data = dict(respuesta.attrib) + + node_name = 's:Body/RespuestaDescargaMasivaTercerosSalida/Paquete' + node = result.find(node_name, namespaces=self.NS_RESULT2) + archivo = None + if not node.text is None: + archivo = base64.b64decode(node.text) + + return data, archivo + diff --git a/source/sat/util.py b/source/sat/util.py index 8c78a90..8b93dbb 100644 --- a/source/sat/util.py +++ b/source/sat/util.py @@ -109,7 +109,7 @@ def base_datos(): return -def _validate_download_args(args): +def _validate_requests_args(args): result, data = _validate_fiel_args(args) if not result: return False, {} @@ -159,8 +159,69 @@ def _validate_download_args(args): return True, data -def sat_download(args): - result, data = _validate_download_args(args) +def _validate_verificar_args(args): + result, data = _validate_fiel_args(args) + if not result: + return False, {} + + if not data['path_enc'].is_file(): + msg = f"No se encontró la FIEL encriptada. \nRuta: {data['path_enc']}" + log.error(msg) + return False, {} + + cer = data['path_cer'].read_bytes() + key = data['path_enc'].read_bytes() + cert = SATCertificate(cer, key) + + if not cert.is_valid_time: + msg = 'La FIEL no es vigente' + log.error(msg) + return False, {} + + if not args.id_request: + msg = 'El ID de solicitud de descarga es requerido' + log.error(msg) + return False, {} + + data['cert'] = cert + data['id'] = args.id_request + + return True, data + + +def _validate_download_args(args): + result, data = _validate_fiel_args(args) + if not result: + return False, {} + + if not data['path_enc'].is_file(): + msg = f"No se encontró la FIEL encriptada. \nRuta: {data['path_enc']}" + log.error(msg) + return False, {} + + cer = data['path_cer'].read_bytes() + key = data['path_enc'].read_bytes() + cert = SATCertificate(cer, key) + + if not cert.is_valid_time: + msg = 'La FIEL no es vigente' + log.error(msg) + return False, {} + + if not args.id_request and not args.id_file: + msg = 'El ID de solicitud o ID de archivo de descarga es requerido' + log.error(msg) + return False, {} + + data['cert'] = cert + data['id'] = args.id_request + data['id_file'] = args.id_file + + return True, data + + +def solicitar_descarga(args): + result, data = _validate_requests_args(args) if not result: return @@ -175,3 +236,54 @@ def sat_download(args): return + +def verificar_descarga(args): + result, data = _validate_verificar_args(args) + if not result: + return + + sat = SATWebService(data['cert']) + + if not sat.is_authenticate: + log.error(sat.error) + return + + result = sat.verify(data) + print(result) + + return + + +def descargar_archivos(args): + result, data = _validate_download_args(args) + if not result: + return + + sat = SATWebService(data['cert']) + + if not sat.is_authenticate: + log.error(sat.error) + return + + if args.id_file: + files = (args.id_file,) + else: + result = sat.verify(data) + files = result['files'] + + for f in files: + data['id_file'] = f + result, file_data = sat.download(data) + if file_data is None: + log.debug(result) + else: + msg = f'Guardando: {f}.zip' + log.info(msg) + with open(f"{f}.zip", 'wb') as f: + f.write(file_data) + msg = f'\tArchivo guardado correctamente' + log.info(msg) + return + + + From ae146927c26c8cd05f04aaf6e75b1c8fa449aa1e Mon Sep 17 00:00:00 2001 From: Mauricio Baeza Date: Wed, 14 Jul 2021 21:32:11 -0500 Subject: [PATCH 06/13] Actualizar README --- CHANGELOG.md | 2 +- README.md | 27 ++++++++++++++++++++++++++- 2 files changed, 27 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8026fa9..e15da1f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,4 +2,4 @@ ## v 0.1.0 --- -* Autenticación en el SAT +* Primera versión funcional de la descarga masiva diff --git a/README.md b/README.md index e0e0470..a5b458f 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,28 @@ # cfdi-descarga -Descarga masiva del SAT \ No newline at end of file +Descarga masiva del SAT + +## Software libre, no software "gratis" + +Esta librería tiene un costo simbólico de $100 MXN anuales + +En orden de preferencia + +Mauricio Baeza +``` +Euros +IBAN: BE60 9671 0556 5870 +SWIFT / BIC: TRWIBEB1XXX +``` + +* BCH: `qztd3l00xle5tffdqvh2snvadkuau2ml0uqm4n875d` +* FairCoin: `fJ7emvtyGfvcMuxk1nHSnS7gmeScdcZXL5` +* Monero: `43H43TpQKYdYcw2ZCnn2nbjDh3imNQg8RGYS4oP4p7Z8aeBHg6VpeaFfBoMzDTUUDdQBiGkiQUSydJB96m6MqiEuEeyoopQ` + +* ETH: `0x61a4f614a30ff686445751ed8328b82b77ecfc69` +* XRP: `rLSn6Z3T8uCxbcd1oxwfGQN1Fdn5CyGujK` Tag: `6643162` +* LTC: `MBcgQ3LQJA4W2wsXknTdm2fxRSysLaBJHS` +* BTC: `3FhiXcXmAesmQzrNEngjHFnvaJRhU1AGWV` + + +Mira la [documentación](wiki/Inicio) From 56ac8e20b8a38a882b4a19b309a76e1eeddf7594 Mon Sep 17 00:00:00 2001 From: Mauricio Baeza Date: Wed, 14 Jul 2021 21:33:36 -0500 Subject: [PATCH 07/13] Actualizar README --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a5b458f..4d850b6 100644 --- a/README.md +++ b/README.md @@ -25,4 +25,4 @@ SWIFT / BIC: TRWIBEB1XXX * BTC: `3FhiXcXmAesmQzrNEngjHFnvaJRhU1AGWV` -Mira la [documentación](wiki/Inicio) +Mira la [documentación](https://git.cuates.net/elmau/cfdi-descarga/wiki/Inicio) From 00b077fc5b340a054db11155ff4a48421bc32c3c Mon Sep 17 00:00:00 2001 From: Mauricio Baeza Date: Wed, 14 Jul 2021 23:06:48 -0500 Subject: [PATCH 08/13] =?UTF-8?q?Consulta,=20verificaci=C3=B3n=20y=20desca?= =?UTF-8?q?rga?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- source/cfdi-descarga.py | 9 ++--- source/sat/util.py | 73 +++++++++++++++++++++++++++++++++++++++-- 2 files changed, 73 insertions(+), 9 deletions(-) diff --git a/source/cfdi-descarga.py b/source/cfdi-descarga.py index 2606839..2c5d48c 100755 --- a/source/cfdi-descarga.py +++ b/source/cfdi-descarga.py @@ -21,6 +21,8 @@ def main(args): util.descargar_archivos(args) return + util.descargar(args) + return @@ -71,10 +73,3 @@ def _process_command_line_arguments(): if __name__ == '__main__': args = _process_command_line_arguments() main(args) - - -# ~ { - # ~ 'IdSolicitud': '307a22f0-1259-479c-96b1-2852f9072c58', - # ~ 'CodEstatus': '5000', - # ~ 'Mensaje': 'Solicitud Aceptada' -# ~ } diff --git a/source/sat/util.py b/source/sat/util.py index 8b93dbb..14b84d1 100644 --- a/source/sat/util.py +++ b/source/sat/util.py @@ -5,6 +5,7 @@ import uuid from calendar import monthrange from datetime import datetime from pathlib import Path +from time import sleep from .cfdi_cert import SATCertificate from .sat_web import SATWebService @@ -213,9 +214,15 @@ def _validate_download_args(args): log.error(msg) return False, {} + if not args.path_download: + msg = 'La ruta de descarga es requerida [-dd]' + log.error(msg) + return False, {} + data['cert'] = cert data['id'] = args.id_request data['id_file'] = args.id_file + data['path'] = args.path_download return True, data @@ -277,13 +284,75 @@ def descargar_archivos(args): if file_data is None: log.debug(result) else: - msg = f'Guardando: {f}.zip' + path_zip = join(data['path'], f'{f}.zip') + msg = f'Guardando: {path_zip}' log.info(msg) - with open(f"{f}.zip", 'wb') as f: + with open(path_zip, 'wb') as f: f.write(file_data) msg = f'\tArchivo guardado correctamente' log.info(msg) return +def _validate_args(args): + result, data = _validate_requests_args(args) + if not result: + return False, {} + + if not args.path_download: + msg = 'La ruta de descarga es requerida [-dd]' + log.error(msg) + return False, {} + + data['path'] = args.path_download + + return True, data + + +def descargar(args): + OK = '5000' + + result, data = _validate_args(args) + if not result: + return + + sat = SATWebService(data['cert']) + + if not sat.is_authenticate: + log.error(sat.error) + return + + result = sat.request_download(data) + if result['CodEstatus'] != OK: + log.error(result) + return + + data['id'] = result['IdSolicitud'] + while True: + result = sat.verify(data) + if result['EstadoSolicitud'] in ('1', '2'): + msg = 'Esperando un minuto para volver a verificar...' + log.info(msg) + sleep(60) + continue + + if result['EstadoSolicitud'] == '3': + for f in result['files']: + data['id_file'] = f + result, file_data = sat.download(data) + if file_data is None: + log.debug(result) + else: + path_zip = join(data['path'], f'{f}.zip') + msg = f'Guardando: {path_zip}' + log.info(msg) + with open(path_zip, 'wb') as f: + f.write(file_data) + msg = f'\tArchivo guardado correctamente' + log.info(msg) + break + + log.error(result) + + return From 32c6843dd59fe04e389b37b308feaf9f4f7ed0ac Mon Sep 17 00:00:00 2001 From: Mauricio Baeza Date: Wed, 14 Jul 2021 23:12:42 -0500 Subject: [PATCH 09/13] =?UTF-8?q?Consulta,=20verificaci=C3=B3n=20y=20desca?= =?UTF-8?q?rga?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- source/sat/util.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/source/sat/util.py b/source/sat/util.py index 14b84d1..53bb647 100644 --- a/source/sat/util.py +++ b/source/sat/util.py @@ -348,11 +348,12 @@ def descargar(args): log.info(msg) with open(path_zip, 'wb') as f: f.write(file_data) - msg = f'\tArchivo guardado correctamente' - log.info(msg) + msg = f'\tArchivo guardado correctamente' + log.info(msg) break log.error(result) + break return From 9fc5a5783487ad890ea7e0d4004174e58a59aa98 Mon Sep 17 00:00:00 2001 From: Mauricio Baeza Date: Wed, 14 Jul 2021 23:15:38 -0500 Subject: [PATCH 10/13] =?UTF-8?q?Esperar=20un=20minuto=20antes=20de=20la?= =?UTF-8?q?=20primera=20verificaci=C3=B3n?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- source/sat/util.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/source/sat/util.py b/source/sat/util.py index 53bb647..d6dab57 100644 --- a/source/sat/util.py +++ b/source/sat/util.py @@ -327,11 +327,15 @@ def descargar(args): log.error(result) return + msg = 'Esperando un minuto para verificar la descarga...' + log.info(msg) + sleep(60) + data['id'] = result['IdSolicitud'] while True: result = sat.verify(data) if result['EstadoSolicitud'] in ('1', '2'): - msg = 'Esperando un minuto para volver a verificar...' + msg = 'Esperando un minuto más para volver a verificar...' log.info(msg) sleep(60) continue From 978eb19862d1a73a2bdf538b5ccadeecf936b73a Mon Sep 17 00:00:00 2001 From: Mauricio Baeza Date: Thu, 15 Jul 2021 13:14:14 -0500 Subject: [PATCH 11/13] Descarga por tipo, emitidas o recibidas --- README.md | 1 - source/sat/sat_web.py | 6 +--- source/sat/util.py | 64 ++++++++++++++++++++++++++++++------------- 3 files changed, 46 insertions(+), 25 deletions(-) diff --git a/README.md b/README.md index 4d850b6..8e4d4ce 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,6 @@ Descarga masiva del SAT ## Software libre, no software "gratis" -Esta librería tiene un costo simbólico de $100 MXN anuales En orden de preferencia diff --git a/source/sat/sat_web.py b/source/sat/sat_web.py index a032478..50e2208 100644 --- a/source/sat/sat_web.py +++ b/source/sat/sat_web.py @@ -176,13 +176,9 @@ class SATWebService(): 'FechaFinal': date_end.strftime(FORMAT), 'FechaInicial': date_start.strftime(FORMAT), 'TipoSolicitud': 'CFDI', - 'RfcEmisor': self._cert.rfc, + args['rfc']: self._cert.rfc, } request = ET.SubElement(request_down, node_name, attr) - # ~ if rfc_emisor is not None: - # ~ solicitud.set('RfcEmisor', rfc_emisor) - # ~ if rfc_receptor is not None: - # ~ solicitud.set('RfcReceptor', rfc_receptor) nsmap = {None: self.NS['xd']} signature = ET.SubElement(request, 'Signature', nsmap=nsmap) diff --git a/source/sat/util.py b/source/sat/util.py index d6dab57..1dd2511 100644 --- a/source/sat/util.py +++ b/source/sat/util.py @@ -227,19 +227,31 @@ def _validate_download_args(args): return True, data +def _request_download(sat, data, key): + data['rfc'] = key + result = sat.request_download(data) + # ~ Usando un simple print, permite capturarlo desde cualquier lenguaje + print(result) + return result + + def solicitar_descarga(args): result, data = _validate_requests_args(args) if not result: return sat = SATWebService(data['cert']) - if not sat.is_authenticate: log.error(sat.error) return - result = sat.request_download(data) - print(result) + if data['type'] == 'e': + _request_download(sat, data, 'RfcEmisor') + elif data['type'] == 'r': + _request_download(sat, data, 'RfcReceptor') + else: + _request_download(sat, data, 'RfcEmisor') + _request_download(sat, data, 'RfcReceptor') return @@ -256,6 +268,7 @@ def verificar_descarga(args): return result = sat.verify(data) + # ~ Usando un simple print, permite capturarlo desde cualquier lenguaje print(result) return @@ -289,8 +302,8 @@ def descargar_archivos(args): log.info(msg) with open(path_zip, 'wb') as f: f.write(file_data) - msg = f'\tArchivo guardado correctamente' - log.info(msg) + msg = f's\tArchivo guardado correctamente' + log.info(msg) return @@ -309,29 +322,20 @@ def _validate_args(args): return True, data -def descargar(args): +def _download(sat, data, key): OK = '5000' - result, data = _validate_args(args) - if not result: - return - - sat = SATWebService(data['cert']) - - if not sat.is_authenticate: - log.error(sat.error) - return - - result = sat.request_download(data) + result = _request_download(sat, data, key) if result['CodEstatus'] != OK: log.error(result) return - msg = 'Esperando un minuto para verificar la descarga...' + data['id'] = result['IdSolicitud'] + + msg = f"Descarga aceptada con el ID: {data['id']}\nEsperando un minuto para verificar la descarga..." log.info(msg) sleep(60) - data['id'] = result['IdSolicitud'] while True: result = sat.verify(data) if result['EstadoSolicitud'] in ('1', '2'): @@ -361,3 +365,25 @@ def descargar(args): return + +def descargar(args): + result, data = _validate_args(args) + if not result: + return + + sat = SATWebService(data['cert']) + + if not sat.is_authenticate: + log.error(sat.error) + return + + if data['type'] == 'e': + _download(sat, data, 'RfcEmisor') + elif data['type'] == 'r': + _download(sat, data, 'RfcReceptor') + else: + _download(sat, data, 'RfcEmisor') + _download(sat, data, 'RfcReceptor') + + return + From 8bfda59542a2faccacd1904a7f78798c542ae7d5 Mon Sep 17 00:00:00 2001 From: Mauricio Baeza Date: Thu, 15 Jul 2021 14:08:02 -0500 Subject: [PATCH 12/13] Agregar contador para verificar descarga --- source/sat/sat_web.py | 2 +- source/sat/util.py | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/source/sat/sat_web.py b/source/sat/sat_web.py index 50e2208..2df7737 100644 --- a/source/sat/sat_web.py +++ b/source/sat/sat_web.py @@ -407,7 +407,7 @@ class SATWebService(): self._error = f'Status: {response.status_code} - {response.text}' return - result = ET.fromstring(response.text) + result = ET.fromstring(response.text, parser=ET.XMLParser(huge_tree=True)) namespaces = self.NS_RESULT2.copy() namespaces['h'] = 'http://DescargaMasivaTerceros.sat.gob.mx' diff --git a/source/sat/util.py b/source/sat/util.py index 1dd2511..187c2a9 100644 --- a/source/sat/util.py +++ b/source/sat/util.py @@ -334,7 +334,9 @@ def _download(sat, data, key): msg = f"Descarga aceptada con el ID: {data['id']}\nEsperando un minuto para verificar la descarga..." log.info(msg) - sleep(60) + for i in range(60, 0, -1): + print(f'\r{i}', end=' ') + sleep(1) while True: result = sat.verify(data) From 572638fa3aa5468b3e535e3c7cb562799225093b Mon Sep 17 00:00:00 2001 From: Mauricio Baeza Date: Thu, 15 Jul 2021 14:11:10 -0500 Subject: [PATCH 13/13] Agregar contador para verificar descarga --- source/sat/util.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/source/sat/util.py b/source/sat/util.py index 187c2a9..40e4464 100644 --- a/source/sat/util.py +++ b/source/sat/util.py @@ -332,7 +332,7 @@ def _download(sat, data, key): data['id'] = result['IdSolicitud'] - msg = f"Descarga aceptada con el ID: {data['id']}\nEsperando un minuto para verificar la descarga..." + msg = f"Descarga aceptada con el ID: {data['id']}\n\nEsperando un minuto para verificar la descarga..." log.info(msg) for i in range(60, 0, -1): print(f'\r{i}', end=' ') @@ -343,7 +343,9 @@ def _download(sat, data, key): if result['EstadoSolicitud'] in ('1', '2'): msg = 'Esperando un minuto más para volver a verificar...' log.info(msg) - sleep(60) + for i in range(60, 0, -1): + print(f'\r{i}', end=' ') + sleep(1) continue if result['EstadoSolicitud'] == '3':