I’ve almost got this, but figured I might as well ask, since I still have a few steps left to figure out. (Also because
identity.trimble.com is down right now, so I’m twiddling my thumbs…)
I’m trying to automate the extension signing process for our plugin, so I can integrate it into other scripts we use to build plugins for several platforms. Manual extension signing represents a break in the chain before we build our multiple-platform installers, so I’m trying to get a script for it that we can integrate.
We’re using Python and the Requests library, hoping to avoid having to do something like using Selenium (headless browser) to fill out forms.
Dealing with the .zip/.rbz/.hash file operations is no problem. The tough thing is making the http requests and getting through all the redirects and forms successfully, through the Trimble authorization service.
The process starts with
https://extensions.sketchup.com/en/user/login, which also takes a
https://extensions.sketchup.com/developer_center/extension_signature (where we ultimately want to end up). We use a GET request to get a hidden token from the page, and then make a POST with this token and our login data. This all seems ok so far, and we successfully follow a few redirects from here, but we don’t seem to get all the way through to being signed in—checking log in status by another GET request to the destination page (from a saved session object that stores cookies etc.) indicates that we aren’t signed in there.
I have a feeling we are missing something, indicated by the
action tag associated with the sign in form. On that page, the action for the sign in form is given as
../../commonauth. Modeling from a successful manual sign in indicates that this expands to
https://identity.trimble.com/commonauth. One confusing thing is that normally, using Requests for sign ins via POST means you feed the action as part of the request url, but in this case we already have a url,
https://extensions.sketchup.com/en/user/login, so I’m not sure how to handle this.
At any rate, at this point I wondered whether anyone out there has tried something similar with the Trimble authorization. Thanks in advance for any thoughts you might have about this!