#!/usr/bin/env python3 """ GHL Sub-Account API Key Generator Automates: Login -> Switch to sub-account -> Settings -> Integrations -> Generate API key Uses Playwright headless browser automation. If Cloudflare blocks login, reports back for Collaborative Browser Handoff. """ import os import sys import time import json # GHL Credentials GHL_EMAIL = "kinan@agileadapt.com" GHL_PASSWORD = "SystemBird505*" # Target sub-account TARGET_LOCATION_ID = "7UExU3gWmZqJEKbAeAq4" TARGET_SUBACCOUNT_NAME = "[MASTER] MCTB + DB Reactivation" INTEGRATION_NAME = "Genesis-SA008-API" # Screenshot directory SCREENSHOT_DIR = "/mnt/e/genesis-system/scripts/screenshots" os.makedirs(SCREENSHOT_DIR, exist_ok=True) def screenshot(page, name): """Save a screenshot for debugging.""" path = os.path.join(SCREENSHOT_DIR, f"{name}.png") page.screenshot(path=path) print(f"[SCREENSHOT] {path}") return path def main(): from playwright.sync_api import sync_playwright with sync_playwright() as p: # Launch headless Chromium browser = p.chromium.launch( headless=True, args=[ '--no-sandbox', '--disable-blink-features=AutomationControlled', '--disable-dev-shm-usage', ] ) context = browser.new_context( viewport={'width': 1920, 'height': 1080}, user_agent='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36', ) page = context.new_page() # ===== STEP 1: Navigate to GHL login ===== print("[STEP 1] Navigating to GHL login page...") page.goto("https://app.gohighlevel.com/", wait_until="networkidle", timeout=30000) time.sleep(2) screenshot(page, "01_initial_page") # Check for Cloudflare challenge page_content = page.content() if "challenge" in page_content.lower() and ("cloudflare" in page_content.lower() or "turnstile" in page_content.lower()): print("[BLOCKED] Cloudflare Turnstile detected!") print("[ACTION REQUIRED] Collaborative Browser Handoff needed:") print(" 1. Human logs in at https://app.gohighlevel.com/") print(" 2. Then AI takes over the authenticated session") screenshot(page, "cloudflare_block") browser.close() return {"status": "blocked", "reason": "cloudflare_turnstile"} # ===== STEP 2: Login ===== print("[STEP 2] Attempting login...") # Wait for login form try: # Look for email input email_input = page.wait_for_selector('input[type="email"], input[name="email"], input[placeholder*="email" i], #email', timeout=10000) if email_input: email_input.fill(GHL_EMAIL) print(f" Filled email: {GHL_EMAIL}") time.sleep(0.5) # Look for password input password_input = page.query_selector('input[type="password"], input[name="password"], #password') if password_input: password_input.fill(GHL_PASSWORD) print(" Filled password") time.sleep(0.5) screenshot(page, "02_login_filled") # Click sign in button sign_in_btn = page.query_selector('button[type="submit"], button:has-text("Sign In"), button:has-text("Log In"), button:has-text("Sign in")') if sign_in_btn: sign_in_btn.click() print(" Clicked Sign In") # Wait for navigation time.sleep(5) screenshot(page, "03_after_login") # Check for 2FA prompt page_text = page.inner_text('body') if 'verification' in page_text.lower() or 'two-factor' in page_text.lower() or '2fa' in page_text.lower() or 'code' in page_text.lower(): print("[BLOCKED] 2FA verification required!") print("[ACTION REQUIRED] Kinan must complete 2FA on his phone") screenshot(page, "2fa_block") browser.close() return {"status": "blocked", "reason": "2fa_required"} else: print("[ERROR] Could not find Sign In button") screenshot(page, "error_no_signin_button") browser.close() return {"status": "error", "reason": "no_signin_button"} else: print("[ERROR] Could not find password field") screenshot(page, "error_no_password_field") browser.close() return {"status": "error", "reason": "no_password_field"} else: print("[INFO] No login form found - might be already logged in") screenshot(page, "02_no_login_form") except Exception as e: print(f"[INFO] Login form wait timed out: {e}") print("[INFO] Checking if already at dashboard...") screenshot(page, "02_timeout") # ===== STEP 3: Check current state ===== current_url = page.url print(f"[STEP 3] Current URL: {current_url}") screenshot(page, "04_current_state") # Check if we're in the dashboard if '/dashboard' in current_url or '/v2/' in current_url: print(" Successfully logged in!") elif 'login' in current_url.lower(): print("[ERROR] Still on login page after attempt") page_text = page.inner_text('body') if 'invalid' in page_text.lower() or 'incorrect' in page_text.lower(): print("[ERROR] Invalid credentials") screenshot(page, "error_still_login") browser.close() return {"status": "error", "reason": "login_failed", "url": current_url} # ===== STEP 4: Navigate directly to sub-account settings ===== print("[STEP 4] Navigating to sub-account settings...") # Direct URL to the sub-account's API settings # GHL URL pattern: /v2/location/{location_id}/settings/integrations settings_url = f"https://app.gohighlevel.com/v2/location/{TARGET_LOCATION_ID}/settings/integrations" print(f" Navigating to: {settings_url}") page.goto(settings_url, wait_until="networkidle", timeout=30000) time.sleep(3) screenshot(page, "05_settings_page") current_url = page.url print(f" Current URL: {current_url}") # If redirected to login, we weren't actually authenticated if 'login' in current_url.lower(): print("[BLOCKED] Redirected to login - authentication failed") print("[ACTION REQUIRED] Collaborative Browser Handoff needed") screenshot(page, "error_auth_redirect") browser.close() return {"status": "blocked", "reason": "auth_failed_redirect"} # ===== STEP 5: Look for API section ===== print("[STEP 5] Looking for API/Integration section...") page_text = page.inner_text('body') screenshot(page, "06_looking_for_api") # Try to find API Key tab or link api_elements = page.query_selector_all('a:has-text("API"), button:has-text("API"), [href*="api"], div:has-text("API Key")') print(f" Found {len(api_elements)} API-related elements") if api_elements: for el in api_elements: text = el.inner_text().strip() if 'api' in text.lower() and len(text) < 30: print(f" Clicking: {text}") el.click() time.sleep(2) screenshot(page, "07_api_tab_clicked") break # ===== STEP 6: Generate API Key ===== print("[STEP 6] Looking for Create/Generate API Key button...") time.sleep(2) screenshot(page, "08_pre_generate") # Look for create button create_btns = page.query_selector_all('button:has-text("Create"), button:has-text("Generate"), button:has-text("Add"), button:has-text("New")') print(f" Found {len(create_btns)} create/generate buttons") for btn in create_btns: text = btn.inner_text().strip() if any(kw in text.lower() for kw in ['create', 'generate', 'add', 'new']): print(f" Clicking: {text}") btn.click() time.sleep(2) screenshot(page, "09_create_clicked") break # Look for name input and fill it name_inputs = page.query_selector_all('input[type="text"], input[placeholder*="name" i]') for inp in name_inputs: placeholder = inp.get_attribute('placeholder') or '' if 'name' in placeholder.lower() or not placeholder: inp.fill(INTEGRATION_NAME) print(f" Filled integration name: {INTEGRATION_NAME}") time.sleep(0.5) screenshot(page, "10_name_filled") break # Click save/create/submit save_btns = page.query_selector_all('button:has-text("Save"), button:has-text("Create"), button:has-text("Submit"), button:has-text("Generate")') for btn in save_btns: text = btn.inner_text().strip() if any(kw in text.lower() for kw in ['save', 'create', 'submit', 'generate']): print(f" Clicking save: {text}") btn.click() time.sleep(3) screenshot(page, "11_saved") break # ===== STEP 7: Extract API Key ===== print("[STEP 7] Extracting API key...") time.sleep(2) screenshot(page, "12_extract_key") # Look for the key display page_text = page.inner_text('body') # Try to find key in various formats import re # GHL API keys typically start with 'pit-' followed by UUID pit_match = re.search(r'pit-[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}', page_text) if pit_match: api_key = pit_match.group(0) print(f"[SUCCESS] API Key found: {api_key}") browser.close() return {"status": "success", "api_key": api_key} # Check for any key-like values in inputs key_inputs = page.query_selector_all('input[readonly], input[disabled], input.api-key, code, pre, .key-display') for el in key_inputs: val = el.input_value() if el.evaluate('el => el.tagName') == 'INPUT' else el.inner_text() if val and len(val) > 20 and ('pit-' in val or '-' in val): print(f"[SUCCESS] API Key found: {val}") browser.close() return {"status": "success", "api_key": val.strip()} # If we got this far, dump the page state print("[INFO] Could not extract API key automatically") print(f"[INFO] Current URL: {page.url}") print(f"[INFO] Page title: {page.title()}") # Dump visible text for debugging (first 3000 chars) body_text = page.inner_text('body')[:3000] print(f"[DEBUG] Page text (truncated):\n{body_text}") screenshot(page, "13_final_state") browser.close() return {"status": "incomplete", "reason": "could_not_extract_key", "url": page.url} if __name__ == "__main__": result = main() print(f"\n[RESULT] {json.dumps(result, indent=2)}")