V1.6-beta4
Pre-release
Pre-release
Improve Authentication Reliability and Config Flow Validation
Summary
This PR resolves authentication issues that were causing token timeouts and Google security alerts. It also fixes config flow validation to allow adding entries when others exist, and improves token handling throughout the integration.
What's Fixed
Per-User Android ID Support
- Background: The integration was using a shared Android ID for all users, which could trigger Google's protection system when many users authenticated from different locations
- Change: Each user now gets a unique Android ID extracted from their FCM credentials (or generates a unique random ID)
- Benefit: More reliable authentication, fewer token timeouts, better alignment with Google's security expectations
Config Flow Validation with Existing Entries
- Background: Adding an entry would fail validation if another entry already existed due to cache ambiguity errors
- Change: Config flow now properly handles ephemeral cache registration during validation, even when other entries are active
- Benefit: Users can add entries without needing to remove existing ones first
- Note: Runtime multi-account support is not included in this PR - only one account will function at a time
Improved Token Handling
- Background: Token types (OAuth, AAS, ADM) weren't consistently tracked through the validation and runtime flow
- Change: Proper token type awareness and exchange flow throughout the codebase
- Benefit: Cleaner token lifecycle, better error messages, proper AAS→ADM token exchange
Changes Made
Authentication (Auth/)
Token Retrieval Files (adm_token_retrieval.py, aas_token_retrieval.py, token_retrieval.py)
- Extract unique Android ID from FCM credentials per user
- Added graceful fallback to random Android ID generation when FCM credentials unavailable
- Improved exception handling for config flow validation scenarios
- Better cache access patterns with proper error handling
Token Cache (token_cache.py)
- Added validation mode support for temporary cache override during config flow
API Layer
Nova API (nova_request.py)
- Safe cache wrapper functions for validation scenarios
- Improved error handling in token retrieval
API Wrapper (api.py)
- Enhanced ephemeral cache to support full TokenCache interface
- Added support for FCM credentials and token type tracking
- Cleaner separation between validation-time and runtime cache usage
Configuration
Config Flow (config_flow.py)
- Extract FCM credentials (including Android ID) from secrets.json
- Track token source through validation flow
- Temporary cache registration for validation with existing entries
- Store complete credentials bundle for runtime access
Integration Setup (init.py)
- Proactive ADM token generation at startup
- Improved token storage based on type