import requests, json, re

session = requests.Session()
session.headers.update({'User-Agent': 'Mozilla/5.0'})

# Use ORY session token as bearer AND cookie to try OAuth
ory_token = "ory_st_2q4lupYQyiEPjXKYJbS2WR6h5dUcMlo2"
session.headers.update({'Authorization': f'Bearer {ory_token}'})

# Try to get ORY Kratos self-service login flow via api-core
# But use the session token to bypass login
resp = session.post(
    'https://api-core.deriv.com/v1/identity/oauth2/login/accept',
    json={'login_challenge': 'TEST'},
    allow_redirects=False
)
print(f"login/accept: {resp.status_code}")
print(resp.text[:200])

print("---")

# Try the consent endpoint to get it to redirect with token
resp2 = session.post(
    'https://api-core.deriv.com/v1/identity/oauth2/consent',
    json={'consent_challenge': 'TEST', 'grant_scope': ['read']},
    allow_redirects=False
)
print(f"consent: {resp2.status_code}")
print(resp2.text[:200])