First success with firestore library

Author: R-Rudolf

README.md

@@ -17,25 +17,15 @@ No guarantees are provided here. If you wanna use it, go for it, but do know tha
 To set up a development environment:
 
 1. Ensure you have Python 3.7+ installed.
-2. Create a virtual environment:
+2. setup the virtual environment:
     ```bash
+    # Create a virtual environment
     python3 -m venv .venv
-    ```
-3. Activate the virtual environment:
-    - On Linux/macOS:
-      ```bash
-      source .venv/bin/activate
-      ```
-    - On Windows:
-      ```cmd
-      .venv\Scripts\activate
-      ```
-4. Install dependencies:
-    ```bash
+    # Activate the virtual environment
+    source .venv/bin/activate
+    # Install dependencies
     pip install -r requirements.txt
-    ```
-5. Install the package in editable (dev) mode:
-    ```bash
+    # Install the package in editable (dev) mode
     pip install -e .
     ```
 

requirements.txt

@@ -1,2 +1,6 @@
-requests==2.32.4
+requests
 python-dotenv
+#pyrebase4
+#urllib3
+google-cloud-firestore
+google-auth

run.py

@@ -1,6 +1,7 @@
 import os
 from dotenv import load_dotenv
-from spendee import Spendee
+from spendee import SpendeeApi
+from spendee import SpendeeFirestore
 
 # Load environment variables from .env file
 load_dotenv()
@@ -12,13 +13,17 @@
     print('Please set EMAIL and PASSWORD in your .env file.')
     exit(1)
 
-spendee = Spendee(EMAIL, PASSWORD)
+# spendee = SpendeeApi(EMAIL, PASSWORD)
 
 
-accounts = spendee.wallet_get_all()
-print('Available accounts:')
-for acc in accounts:
-    print(f"- {acc.get('name', 'Unnamed')} (ID: {acc.get('id')}, Balance: {acc.get('balance')} {acc.get('currency')})")
+# accounts = spendee.wallet_get_all()
+# print('Available accounts:')
+# for acc in accounts:
+#     print(f"- {acc.get('name', 'Unnamed')} (ID: {acc.get('id')}, Balance: {acc.get('balance')} {acc.get('currency')})")
+
+spendee = SpendeeFirestore(EMAIL, PASSWORD)
+
+print(spendee.example_call())
 
 # type = 'bank_account'
 # banks_get_all

spendee/__init__.py

@@ -1 +1,2 @@
-from .spendee import Spendee
+from .spendee_api import SpendeeApi
+from .spendee_firestore import SpendeeFirestore

spendee/firebase_client.py

@@ -0,0 +1,62 @@
+import requests
+from requests import Session
+
+class FirebaseClient(Session):
+    def __init__(self, email, password, google_client_id: str = 'AIzaSyCCJPDxVNVFEARQ-LxH7q2aZtdQJGGFO84'):
+        self.email = email
+        self.password = password
+        self.google_client_id = google_client_id
+        self._access_token = None
+        self._refresh_token = None
+        self._device_uuid = None
+        super().__init__()
+
+    def authenticate(self):
+        """
+        Handles the full authentication flow: gets refresh token, access token, and device UUID.
+        """
+        self._refresh_token = self.get_refresh_token()
+        self._access_token = self.get_access_token()
+        self._device_uuid = self.get_device_uuid_from_login()
+
+    def get_refresh_token(self):
+        url = f'https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyPassword?key={self.google_client_id}'
+        payload = {
+            'email': self.email,
+            'password': self.password,
+            'returnSecureToken': True,
+        }
+        response = requests.post(url, json=payload)
+        response.raise_for_status()
+        data = response.json()
+        return data['refreshToken']
+
+    def get_access_token(self):
+        url = f'https://securetoken.googleapis.com/v1/token?key={self.google_client_id}'
+        payload = {
+            'refresh_token': self._refresh_token,
+            'grant_type': 'refresh_token',
+        }
+        response = requests.post(url, json=payload)
+        response.raise_for_status()
+        data = response.json()
+        #print("Access Token:", data['access_token'])  # Debugging line to check the access token
+        return data['access_token']
+
+    def get_device_uuid_from_login(self):
+        # This should be implemented in the child class if needed, as it may require a specific API call
+        return None
+
+    @property
+    def access_token(self):
+        if not self._access_token:
+            self.authenticate()
+        return self._access_token
+
+    @property
+    def device_uuid(self):
+        return self._device_uuid
+
+    @device_uuid.setter
+    def device_uuid(self, value):
+        self._device_uuid = value

spendee/prompts.md

@@ -0,0 +1,87 @@
+# discussions
+
+firebase SDK authentication:
+ - https://claude.ai/share/74c50295-ffad-4659-bd21-0c5b3810b9d6
+
+# Context cache
+---
+I am a Spendee user, which is a webpage and app on mobile, to track financial transactions gathered from multiple bank accounts.
+They do not support a documented API, but I want to implement an MCP server to enable an AI agent to work collaboratively fetching data or refining transaction categories or descriptions.
+For that I explored an old github repo, which implemented authentication and REST API calls available back then.
+Unfortunately those API calls return outdated data somewhy, like bank account data is 1 week older, than what is available on the webpage.
+So I started to investigate the web traffic of the webpage and explored that it uses firestore.
+I never used firestore before, so I need explanations and guidance throghout our work.
+The client I write will be implemented in python.
+---
+Here are some key code snippets to understand some aspects of it:
+
+Config identified from web traffic:
+```json
+"google_client_id": "AIzaSyCCJPDxVNVFEARQ-LxH7q2aZtdQJGGFO84",
+"config": {
+    "apiKey": "AIzaSyCCJPDxVNVFEARQ-LxH7q2aZtdQJGGFO84",
+    "authDomain": "spendee-app.firebaseapp.com",
+    "databaseURL": "https://spendee-app.firebaseio.com",
+    "projectId": "spendee-app",
+    "storageBucket": "spendee-app.appspot.com",
+    "messagingSenderId": "320191066468",
+    "appId": "1:320191066468:web:b91a0a66620b3912",
+    "measurementId": "G-6XWQZRWRLK"
+}
+```
+
+Working authentication layer extracted from former open source project:
+```python
+from requests import Session
+
+class FirebaseClient(Session):
+    def __init__(self, email, password, google_client_id: str = 'AIzaSyCCJPDxVNVFEARQ-LxH7q2aZtdQJGGFO84'):
+        self.email = email
+        self.password = password
+        self.google_client_id = google_client_id
+        self._access_token = None
+        self._refresh_token = None
+        self._device_uuid = None
+        super().__init__()
+
+    def authenticate(self):
+        """
+        Handles the full authentication flow: gets refresh token, access token, and device UUID.
+        """
+        self._refresh_token = self.get_refresh_token()
+        self._access_token = self.get_access_token()
+        self._device_uuid = self.get_device_uuid_from_login()
+
+    def get_refresh_token(self):
+        url = f'https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyPassword?key={self.google_client_id}'
+        payload = {
+            'email': self.email,
+            'password': self.password,
+            'returnSecureToken': True,
+        }
+        response = requests.post(url, json=payload)
+        response.raise_for_status()
+        data = response.json()
+        return data['refreshToken']
+
+    def get_access_token(self):
+        url = f'https://securetoken.googleapis.com/v1/token?key={self.google_client_id}'
+        payload = {
+            'refresh_token': self._refresh_token,
+            'grant_type': 'refresh_token',
+        }
+        response = requests.post(url, json=payload)
+        response.raise_for_status()
+        data = response.json()
+        print("Access Token:", data['access_token'])  # Debugging line to check the access token
+        return data['access_token']
+
+    def get_device_uuid_from_login(self):
+        # This should be implemented in the child class if needed, as it may require a specific API call
+        return None
+```
+
+Example firestore path extracted from web traffic:
+
+projects/spendee-app/databases/(default)/documents/users/af150597-5b96-4f8b-9eb3-0b2e0aa72a81/wallets/b368c5c2-68fe-4f98-9d4f-08e0cdca57a7/transactions/26624eef-6956-4cbc-8aee-68e4fb97396b
+

spendee/spendee.py spendee/spendee_api.pyspendee/spendee.py renamed to spendee/spendee_api.py

@@ -1,28 +1,15 @@
 from uuid import uuid4
 import datetime
-
-import requests
-from requests import Session
+from .firebase_client import FirebaseClient
 from requests.exceptions import RequestException
 
 from .exceptions import SpendeeError
 
 
-class Spendee(Session):
+class SpendeeApi(FirebaseClient):
     def __init__(self, email: str, password: str, base_url: str = 'https://api.spendee.com/', google_client_id: str = 'AIzaSyCCJPDxVNVFEARQ-LxH7q2aZtdQJGGFO84'):
-        """
-        :param email: user email to use for login
-        :param password: user password to use for login
-        :param base_url: base URL of the API
-        """
         self.base_url = base_url
-        self._email = email
-        self._password = password
-        self._google_client_id = google_client_id
-
-        self._access_token = None
-        self._device_uuid = None
-        super(Spendee, self).__init__()
+        super().__init__(email, password, google_client_id)
 
     def _build_url(self, version: str, url: str):
         """
@@ -75,19 +62,20 @@ def request(self, method, url, version: str = 'v1', headers=None, params=None, *
                 'Spendee-Version': 'master'
             }
 
+        # Ensure authentication
         if not self._access_token and not any(i in url for i in ('user-registration', 'googleapis')):
-            self.user_login()
+            self.authenticate()
 
         if self._access_token:
-            headers['Authorization'] = 'Bearer {}'.format(self._access_token)
+            headers['Authorization'] = f'Bearer {self._access_token}'
         if self._device_uuid:
             headers['Device-Uuid'] = self._device_uuid
 
         url = self._build_url(version, url)
 
         response = None
         try:
-            response = super(Spendee, self).request(method=method, url=url, headers=headers, params=params, **kwargs)
+            response = super(SpendeeApi, self).request(method=method, url=url, headers=headers, params=params, **kwargs)
             response.raise_for_status()
         except RequestException as e:
             raise SpendeeError("Spendee returned a non-200 HTTP code.", response=response) from e
@@ -106,6 +94,20 @@ def request(self, method, url, version: str = 'v1', headers=None, params=None, *
         else:
             return result
 
+    def get_device_uuid_from_login(self):
+        # Actually perform the login to get device_uuid
+        url = self._build_url('v3', 'auth/login')
+        payload = {
+            "global_currency": "USD",
+            "default_wallet_name": "Cash Wallet",
+            "timezone": 'Asia/Jakarta',
+            "platform": "web",
+            "version": "master",
+            "credential": None
+        }
+        response = super().post(url=url, json=payload)
+        return response.get('device_uuid')
+
     ###
 
     def user_registration(self, email: str = None, password: str = None, device_uuid: str = None,
@@ -172,26 +174,9 @@ def user_registration(self, email: str = None, password: str = None, device_uuid
             "device_uuid": device_uuid
         }
 
-        return super(Spendee, self).post(url=url, version=version, **kwargs)
+        return super(SpendeeApi, self).post(url=url, version=version, **kwargs)
 
-    def _get_refresh_token(self, email: str = None, password: str = None, **kwargs):
-        kwargs['json'] = {
-            'email': email,
-            'password': password,
-            'returnSecureToken': True,
-        }
-        url = 'https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyPassword?key={}'.format(self._google_client_id)
-        response = super(Spendee, self).post(url=url, **kwargs)
-        return response['refreshToken']
-
-    def _get_access_token(self, refresh_token: str, **kwargs):
-        kwargs['json'] = {
-            'refresh_token': refresh_token,
-            'grant_type': 'refresh_token',
-        }
-        url = 'https://securetoken.googleapis.com/v1/token?key={}'.format(self._google_client_id)
-        response = super(Spendee, self).post(url=url, **kwargs)
-        return response['access_token']
+    ###
 
     def user_login(self, version: str = 'v3', url: str = 'auth/login', **kwargs):
         """
@@ -211,7 +196,7 @@ def user_login(self, version: str = 'v3', url: str = 'auth/login', **kwargs):
             "version": "master",
             "credential": None
         }
-        result = super(Spendee, self).post(url=url, version=version, **kwargs)
+        result = super(SpendeeApi, self).post(url=url, version=version, **kwargs)
         self._device_uuid = result['device_uuid']
 
     def user_logout(self, version: str = 'v1.4', url: str = 'user-logout', **kwargs):
@@ -221,7 +206,7 @@ def user_logout(self, version: str = 'v1.4', url: str = 'user-logout', **kwargs)
         :rtype: bool
         :return: returns True if logout was successful
         """
-        return super(Spendee, self).post(url=url, version=version, **kwargs)
+        return super(SpendeeApi, self).post(url=url, version=version, **kwargs)
 
     def user_get_profile(self, version: str = 'v1.4', url: str = 'user-get-profile', **kwargs):
         """

spendee/spendee_firestore.py

@@ -0,0 +1,37 @@
+from google.auth.credentials import Credentials
+from google.cloud import firestore
+from .firebase_client import FirebaseClient
+
+class CustomFirebaseCredentials(Credentials):
+    """Custom credentials that use existing Firebase access token"""
+    
+    def __init__(self, access_token):
+        super().__init__()
+        self.token = access_token
+        
+    def refresh(self, request):
+        # todo
+        pass
+    
+    def expired(self):
+        # Check if token is expired
+        pass
+
+class SpendeeFirestore(FirebaseClient):
+    def __init__(self, email: str, password: str, base_url: str = 'https://api.spendee.com/', google_client_id: str = 'AIzaSyCCJPDxVNVFEARQ-LxH7q2aZtdQJGGFO84'):
+        self.base_url = base_url
+        super().__init__(email, password, google_client_id)
+        self.authenticate()
+        self.credentials = CustomFirebaseCredentials(self.get_access_token())
+        self.client = firestore.Client(project="spendee-app", credentials=self.credentials)
+
+    def example_call(self):
+        # example = self.client\
+        #     .collection('users')\
+        #     .document('af150597-5b96-4f8b-9eb3-0b2e0aa72a81')\
+        #     .collection('wallets')\
+        #     .document('b368c5c2-68fe-4f98-9d4f-08e0cdca57a7')\
+        #     .collection('transactions')\
+        #     .document('26624eef-6956-4cbc-8aee-68e4fb97396b')
+        example = self.client.document('users/af150597-5b96-4f8b-9eb3-0b2e0aa72a81/wallets/b368c5c2-68fe-4f98-9d4f-08e0cdca57a7/transactions/26624eef-6956-4cbc-8aee-68e4fb97396b')
+        return example.get().to_dict()