New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upcoming API Changes Effective December 1, 2020 #9
Comments
Did a quick code review. No obvious issues with the token format changes or the PIN length. |
Possibly related topic: https://forums.indigodomo.com/viewtopic.php?f=295&t=24686 |
I removed the plugin app from my Ecobee account & added it back in, the process appeared to be successful . I then issued a set point change from my mobile device. The following is the logger text that pertains to “Ecobee 2”, I stripped out all other lines such as Z-Wave & general stuff like Indigo triggers, Action Groups, Schedule, etc. |
That is so strange. Nothing I do recreates the error. I want you to try an experiment. Go through the authentication process again, until you get the line that starts with:
Then do NOTHING for an hour. You should see a group of lines that start with this every 15 minutes:
Then about 45 minutes after the first authentication message, you should get:
I need to make sure that the scheduled updates work before I can concentrate on the commands failing. After you get the stuff above, then go ahead and try sending a command. Send the log. Please don't use Word or Pages or anything else that adds formatting. Best would be a plain text document using TextWrangler or BBEdit, but TextEdit will do. Just don't save it as RTF or anything with formatting. Just a .txt extension. |
Never mind getting more logs. I was finally able to reproduce this and capture my own. Somehow the wrong refresh token is getting saved when there's a specific sequence of events around authentication. Turning off the account device, then turning it back on seemed to fix it. |
I was just finishing up the txt file when I noticed your update. I have attached it anyhow. I am not sure what you mean by "turning off the account device", but each time I have re-authenticated I have deleted the app in Ecobee & re-added using the new PIN generated by the plugin in Indigo. |
Well that did change something and it seems like it should be working, but data is NOT updating in Indigo. There are errors in log for the remote sensors and I would expect that those values would remain stale, however NONE of the data is updating (not even the thermostat). Log attached. |
Turn off Detailed Debugging. I'm not going to wade through all that. Then restart the plugin, and if you're still getting errors, post them. I've got a possible fix I'm testing now. |
Try pre-release https://github.com/FlyingDiver/Indigo-Ecobee-2/releases/tag/2.2.6 You will probably need to re-authorize at least one more time. |
Fixed in current releases. |
The following changes will go into effect on December 1, 2020. If you are unsure whether these changes will have an impact on your solution today, we encourage you to discuss it with your technology team, program manager, other stakeholders and ecobee partners.
Access/Refresh Token Format Changes
Starting from December 1, 2020, ecobee access tokens will no longer be returned as opaque 32-character strings. Access tokens will now be JWTs, which are considerably longer and uses a wider character set. Our JWTs follow the RFC7575 standard for JSON Web Signature tokens.
To ensure your application will continue to work, you will need to ensure that your application supports the following changes:
Access tokens will be up to 7KB in length, and includes upper/lower case alphanumeric characters, hyphens, underscores, and periods.Refresh tokens can be of varying lengths and can contain non-alphanumeric characters.
Authorization Code Changes
The Redirect URI associated with your registered application should be a semi-colon separated list of absolute URLs that start with https://. We do not accept http:// protocol links.
PIN Authorization Changes
PINs will become 10 character alphanumeric strings.This flow is only recommended in situations where a user is interacting with a device that cannot easily use a web-based login form; we recommend migrating to the Authorization Code strategy for a better user experience.
The text was updated successfully, but these errors were encountered: