dravr-browser 0.1.0

Headless-Chrome automation primitives: launch, persistent profiles, stealth, CDP input, and streaming network capture
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146

// ABOUTME: Cookie-based browser session capture/injection and the AuthSession data model
// ABOUTME: Lets a profile's authenticated cookies be snapshotted and replayed across browsers
//
// SPDX-License-Identifier: MIT OR Apache-2.0
// Copyright (c) 2026 dravr.ai

use std::time::SystemTime;

use chromiumoxide::cdp::browser_protocol::network::CookieParam;
use chromiumoxide::Page;
use chrono::{DateTime, Utc};
use serde::{Deserialize, Serialize};
use tracing::debug;

use crate::error::{BrowserError, BrowserResult};

/// A captured browser session: an identifier plus the cookies that authenticate it.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct AuthSession {
    /// Session identifier (for cache keying / profile naming).
    pub session_id: String,
    /// Captured browser cookies.
    pub cookies: Vec<CookieData>,
    /// When this session was created.
    pub created_at: DateTime<Utc>,
    /// When this session expires, if known.
    #[serde(skip_serializing_if = "Option::is_none")]
    pub expires_at: Option<DateTime<Utc>>,
}

/// A single browser cookie.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct CookieData {
    /// Cookie name.
    pub name: String,
    /// Cookie value.
    pub value: String,
    /// Cookie domain.
    pub domain: String,
    /// Cookie path.
    pub path: String,
    /// Whether the cookie is secure-only.
    pub secure: bool,
    /// Whether the cookie is HTTP-only.
    pub http_only: bool,
}

/// Inject session cookies into a page before navigation.
pub async fn inject_cookies(page: &Page, session: &AuthSession) -> BrowserResult<()> {
    for cookie in &session.cookies {
        let mut param = CookieParam::new(&cookie.name, &cookie.value);
        param.domain = Some(cookie.domain.clone());
        param.path = Some(cookie.path.clone());
        param.secure = Some(cookie.secure);
        param.http_only = Some(cookie.http_only);

        page.set_cookie(param)
            .await
            .map_err(|e| BrowserError::Browser {
                reason: format!("Failed to set cookie {}: {e}", cookie.name),
            })?;
    }

    debug!(count = session.cookies.len(), "Injected session cookies");
    Ok(())
}

/// Capture all cookies from the current page into an [`AuthSession`].
///
/// Returns [`BrowserError::Auth`] if no cookies are present (login likely failed).
pub async fn capture_session(page: &Page) -> BrowserResult<AuthSession> {
    let cookies = page
        .get_cookies()
        .await
        .map_err(|e| BrowserError::Browser {
            reason: format!("Failed to get cookies: {e}"),
        })?;

    let cookie_data: Vec<CookieData> = cookies
        .iter()
        .map(|c| CookieData {
            name: c.name.clone(),
            value: c.value.clone(),
            domain: c.domain.clone(),
            path: c.path.clone(),
            secure: c.secure,
            http_only: c.http_only,
        })
        .collect();

    if cookie_data.is_empty() {
        return Err(BrowserError::Auth {
            reason: "No cookies captured after login".to_owned(),
        });
    }

    Ok(AuthSession {
        session_id: generate_session_id(),
        cookies: cookie_data,
        created_at: Utc::now(),
        expires_at: None,
    })
}

/// Generate a unique session identifier from the current system time.
#[must_use]
pub fn generate_session_id() -> String {
    let d = SystemTime::now()
        .duration_since(SystemTime::UNIX_EPOCH)
        .unwrap_or_default();
    format!("{:x}-{:x}", d.as_secs(), d.subsec_nanos())
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn session_id_is_nonempty_and_hyphenated() {
        let id = generate_session_id();
        assert!(id.contains('-'));
        assert!(!id.starts_with('-'));
    }

    #[test]
    fn auth_session_roundtrips_json() {
        let session = AuthSession {
            session_id: "abc".to_owned(),
            cookies: vec![CookieData {
                name: "sessionKey".to_owned(),
                value: "v".to_owned(),
                domain: ".claude.ai".to_owned(),
                path: "/".to_owned(),
                secure: true,
                http_only: true,
            }],
            created_at: Utc::now(),
            expires_at: None,
        };
        let json = serde_json::to_string(&session).unwrap();
        let back: AuthSession = serde_json::from_str(&json).unwrap();
        assert_eq!(back.session_id, "abc");
        assert_eq!(back.cookies.len(), 1);
        assert_eq!(back.cookies[0].domain, ".claude.ai");
    }
}