fix: include response body in publish_collectible auth error

pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "rbx-upload"
-version = "0.2.1"
+version = "0.2.9"
 description = "Roblox asset upload client"
 requires-python = ">=3.13"
 dependencies = [

src/rbx_upload/client.py

@@ -253,37 +253,78 @@ class RobloxClient:
         await asyncio.gather(*[_upload_one(item) for item in items])
         return result
 
-    async def onsale_asset(
+    async def publish_collectible(
         self,
         asset_id: int,
+        group_id: int,
         name: str,
         description: str,
-        group_id: int,
+        price: int = 5,
+    ) -> str:
+        """Publish an asset as a Limited collectible. Returns the collectibleItemId."""
+        csrf = await self._get_csrf_token()
+        response = await self._http.post(
+            "https://itemconfiguration.roblox.com/v1/collectibles",
+            json={
+                "isRentalOptIn": False,
+                "idempotencyToken": str(uuid.uuid4()),
+                "targetId": asset_id,
+                "targetType": 0,
+                "publishingType": 2,
+                "agreedPublishingFee": 10,
+                "creatorGroupId": group_id,
+                "publisherUserId": self._publisher_user_id,
+                "quantity": 0,
+                "quantityLimitPerUser": 0,
+                "resaleRestriction": 2,
+                "priceInRobux": price,
+                "priceOffset": 0,
+                "optOutFromRegionalPricing": False,
+                "isFree": False,
+                "saleLocationConfiguration": {"saleLocationType": 1, "places": []},
+                "name": name,
+                "description": description,
+            },
+            headers={
+                "X-CSRF-TOKEN": csrf,
+                "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:145.0) Gecko/20100101 Firefox/145.0",
+                "Referer": "https://create.roblox.com/",
+                "Origin": "https://create.roblox.com",
+            },
+            cookies=self._csrf_cookies,
+        )
+
+        if response.status_code == 429:
+            raise RateLimitError("Rate limit hit during collectible publish.")
+        if response.status_code in (401, 403):
+            raise AuthError(f"Not authorized to publish this collectible ({response.status_code}): {response.text}")
+
+        response.raise_for_status()
+        data = response.json()
+        collectible_item_id = data.get("collectibleItemId")
+        if not collectible_item_id:
+            raise UploadError(f"publish_collectible did not return a collectibleItemId: {data}")
+        return collectible_item_id
+
+    async def onsale_asset(
+        self,
+        collectible_item_id: str,
         price: int = 5,
     ) -> dict:
         """Put an asset on sale."""
         csrf = await self._get_csrf_token()
-        data = {
-            "saleLocationConfiguration": {"saleLocationType": 1, "places": []},
-            "targetId": asset_id,
-            "priceInRobux": price,
-            "publishingType": 2,
-            "idempotencyToken": str(uuid.uuid4()),
-            "publisherUserId": self._publisher_user_id,
-            "creatorGroupId": group_id,
-            "name": name,
-            "description": description,
-            "isFree": False,
-            "agreedPublishingFee": 0,
-            "priceOffset": 0,
-            "quantity": 0,
-            "quantityLimitPerUser": 0,
-            "resaleRestriction": 2,
-            "targetType": 0,
-        }
-        response = await self._http.post(
-            self._proxy_url("https://itemconfiguration.roblox.com/v1/collectibles", force_direct=True),
-            json=data,
+        response = await self._http.patch(
+            f"https://itemconfiguration.roblox.com/v1/collectibles/{collectible_item_id}",
+            json={
+                "saleLocationConfiguration": {"saleLocationType": 1, "places": []},
+                "saleStatus": 0,
+                "quantityLimitPerUser": 0,
+                "resaleRestriction": 2,
+                "priceInRobux": price,
+                "priceOffset": 0,
+                "optOutFromRegionalPricing": False,
+                "isFree": False,
+            },
             headers={
                 "X-CSRF-TOKEN": csrf,
                 "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:145.0) Gecko/20100101 Firefox/145.0",
@@ -299,7 +340,21 @@ class RobloxClient:
             raise AuthError("Not authorized to put this asset on sale.")
 
         response.raise_for_status()
-        return response.json()
+        return response.json() if response.text else {}
+
+    async def get_collectible_item_id(self, asset_id: int, max_attempts: int = 10, poll_interval: float = 3.0) -> str:
+        """Look up the collectible item ID (UUID) for a given asset ID, retrying until available."""
+        for _ in range(max_attempts):
+            response = await self._http.get(
+                f"https://itemconfiguration.roblox.com/v1/collectibles/0/{asset_id}",
+                cookies=self._csrf_cookies,
+            )
+            response.raise_for_status()
+            collectible_item_id = response.json().get("collectibleItemId")
+            if collectible_item_id:
+                return collectible_item_id
+            await asyncio.sleep(poll_interval)
+        raise UploadError(f"collectibleItemId not available for asset {asset_id} after {max_attempts} attempts.")
 
     async def close(self):
         """Close the underlying HTTP client."""