Skip to content

V1.6-beta4

Pre-release
Pre-release

Choose a tag to compare

@BSkando BSkando released this 08 Nov 18:54
6bf6290

Improve Authentication Reliability and Config Flow Validation

Summary

This PR resolves authentication issues that were causing token timeouts and Google security alerts. It also fixes config flow validation to allow adding entries when others exist, and improves token handling throughout the integration.

What's Fixed

Per-User Android ID Support

  • Background: The integration was using a shared Android ID for all users, which could trigger Google's protection system when many users authenticated from different locations
  • Change: Each user now gets a unique Android ID extracted from their FCM credentials (or generates a unique random ID)
  • Benefit: More reliable authentication, fewer token timeouts, better alignment with Google's security expectations

Config Flow Validation with Existing Entries

  • Background: Adding an entry would fail validation if another entry already existed due to cache ambiguity errors
  • Change: Config flow now properly handles ephemeral cache registration during validation, even when other entries are active
  • Benefit: Users can add entries without needing to remove existing ones first
  • Note: Runtime multi-account support is not included in this PR - only one account will function at a time

Improved Token Handling

  • Background: Token types (OAuth, AAS, ADM) weren't consistently tracked through the validation and runtime flow
  • Change: Proper token type awareness and exchange flow throughout the codebase
  • Benefit: Cleaner token lifecycle, better error messages, proper AAS→ADM token exchange

Changes Made

Authentication (Auth/)

Token Retrieval Files (adm_token_retrieval.py, aas_token_retrieval.py, token_retrieval.py)

  • Extract unique Android ID from FCM credentials per user
  • Added graceful fallback to random Android ID generation when FCM credentials unavailable
  • Improved exception handling for config flow validation scenarios
  • Better cache access patterns with proper error handling

Token Cache (token_cache.py)

  • Added validation mode support for temporary cache override during config flow

API Layer

Nova API (nova_request.py)

  • Safe cache wrapper functions for validation scenarios
  • Improved error handling in token retrieval

API Wrapper (api.py)

  • Enhanced ephemeral cache to support full TokenCache interface
  • Added support for FCM credentials and token type tracking
  • Cleaner separation between validation-time and runtime cache usage

Configuration

Config Flow (config_flow.py)

  • Extract FCM credentials (including Android ID) from secrets.json
  • Track token source through validation flow
  • Temporary cache registration for validation with existing entries
  • Store complete credentials bundle for runtime access

Integration Setup (init.py)

  • Proactive ADM token generation at startup
  • Improved token storage based on type