New auth (#48)

This release adds support for the new Hilo authentication flow. You will need to reconfigure your plugin in Homebridge UI to retrieve your refresh token for authentication with Hilo

.devcontainer.json

@@ -1,5 +1,5 @@
 {
-	"image": "mcr.microsoft.com/vscode/devcontainers/typescript-node:16-bullseye",
+	"image": "mcr.microsoft.com/vscode/devcontainers/typescript-node:20-bookworm",
 	"mounts": [
 		"source=homebridge-hilo-extensions,target=/root/.vscode-server/extensions,type=volume"
 	],

README.md

@@ -1,7 +1,6 @@
-⚠️ Hilo a retiré la méthode de connexion par nom d'utilisateur et mot de passe à partir du 10 avril 2024. Le plugin ne fonctionnera plus jusqu'à ce qu'une nouvelle version soit publiée ⚠️
-
-⚠️ Hilo deprecated the username/password login method as of April 10th 2024. The plugin will no longer work until a new version is released ⚠️
+⚠️ Hilo a retiré la méthode de connexion par nom d'utilisateur et mot de passe à partir du 10 avril 2024. Les versions 1.X.X ne fonctionnent plus. Veuillez installer la version 2.0.0 ou supérieur ⚠️
 
+⚠️ Hilo deprecated the username/password login method as of April 10th 2024. Versions 1.X.X no longer work. You must install version 2.0.0 or higher. ⚠️
 
 # homebridge-hilo
 [![verified-by-homebridge](https://badgen.net/badge/homebridge/verified/purple)](https://github.com/homebridge/homebridge/wiki/Verified-Plugins)
@@ -19,29 +18,22 @@ Note: Ceci n'est pas un plugin officiel, le plugin n'est pas affilié avec Hilo
 ## Installation
 1. Installer Homebridge en suivant
    [les instructions](https://github.com/homebridge/homebridge/wiki).
-2. Installer le plugin en utilisant [Homebridge Config UI X (RECOMMANDÉ)](https://github.com/oznu/homebridge-config-ui-x), ou en exécutant `npm install -g homebridge-hilo`.
+2. Installer le plugin en utilisant [Homebridge Config UI X (REQUIS)](https://github.com/oznu/homebridge-config-ui-x), ou en exécutant `npm install -g homebridge-hilo`.
 
 ## Configuration
 Pour que le plugin soit fonctionnel, il doit avoir accès à votre compte Hilo
 
-Vous pouvez fournir votre nom d'utilisateur / mot de passe lors du processus d'installation fournit par [Homebridge Config UI X (RECOMMANDÉ)](https://github.com/oznu/homebridge-config-ui-x),
-ou en ajoutant la configuration suivante à HomeBridge [homebridge](https://github.com/homebridge/homebridge/wiki/Homebridge-Config-JSON-Explained)
-
-Ce plugin fonctionne avec Allia par Stelpro, utilisez `"vendor": "allia"` dans la configuration
-
-```json
-{
-  "platforms": [
-    {
-        "platform": "Hilo",
-        "username": "monemail@exemple.com",
-        "password": "***************",
-        "vendor": "hilo",
-        "noChallengeSensor": false
-    }
-  ]
-}
-```
+Vous devrez vous connecter à votre compte Hilo lors du processus d'installation fournit par [Homebridge Config UI X (REQUIS)](https://github.com/oznu/homebridge-config-ui-x)
+
+### Dans la page de configuration du plugin
+
+1. Vous devrez connaître l'adresse IP ou le nom de domaine que vous utilisez pour vous connecter à homebridge. Habituellement, ce sera l'adresse dans votre navigateur
+1. Cliquez sur le bouton "Login with Hilo" pour démarrer le processus d'authentification
+1. Connectez-vous à votre compte hilo
+1. Entrez l'adresse ip ou le nom de domaine que vous avez pris à l'étape 1 et ajoutez le port 8880 à la fin. Exemples: http://192.1680.10:8880 http://homebridge.local:8880
+    * Attention: Selon la façon dont vous avez configuré votre serveur homebridge, vous devrez vous assurer que le port 8880 est acheminé jusqu'à votre serveur homebridge. Par exemple pour une configuration docker il faudra ajouter `-p 8880:8880` à votre commande docker. Si vous utilisez un reverse proxy, vous devrez ajouter le port 8880 à votre configuration
+1. Cliquez sur le bouton "Save", puis cliquez sur le bouton "Link account"
+1. Vous pouvez sauvegarder votre configuration et redémarrer votre serveur homebridge
 
 ## Défi Hilo
 Un capteur de contact vous permet de déterminer si un défi est actif ou non. Cela peut être utile pour déterminer si vos automatisations doivent être mis en pause.
@@ -63,7 +55,6 @@ Si l'un de vos appareils n'est pas encore pris en charge par le plugin, les cont
 ---------------------------------
 
 
-
 # homebridge-hilo
 
 [Homebridge](https://homebridge.io) plugin for [Hilo](https://www.hiloenergie.com/) par [Hydro-Québec](https://www.hydroquebec.com/),
@@ -74,29 +65,23 @@ Note: This is not an official plugin, this plugin is not affiliated with Hilo no
 ## Installation
 1. Install Homebridge by following
    [the instructions](https://github.com/homebridge/homebridge/wiki).
-2. Install this plugin using [Homebridge Config UI X (RECOMMENDED)](https://github.com/oznu/homebridge-config-ui-x), or by running `npm install -g homebridge-hilo`.
+2. Install this plugin using [Homebridge Config UI X (REQUIRED)](https://github.com/oznu/homebridge-config-ui-x), or by running `npm install -g homebridge-hilo`.
 
 ## Configuration
 For the plugin to work, it needs access to your Hilo account
 
-You can provide your username/password via the installation process provided by [Homebridge Config UI X (RECOMMENDED)](https://github.com/oznu/homebridge-config-ui-x),
+You will need to login to your Hilo account during the installation process provided by [Homebridge Config UI X (REQUIRED)](https://github.com/oznu/homebridge-config-ui-x),
 or by adding the following configuration to [homebridge](https://github.com/homebridge/homebridge/wiki/Homebridge-Config-JSON-Explained)
 
-This plugin works with Allia by Stelpro, you can make it work by using `"vendor": "allia"` in the config.
-
-```json
-{
-  "platforms": [
-    {
-        "platform": "Hilo",
-        "username": "myemail@example.com",
-        "password": "***************",
-        "vendor": "hilo",
-        "noChallengeSensor": false
-    }
-  ]
-}
-```
+### In the plugin configuration page
+
+1. You will need to know the IP address or the domain name you use to connect to homebridge. Usually it will be theaddress in your browser
+1. Click on the "Login with Hilo" button to start the authentication process
+1. Login to your hilo account
+1. Enter the ip address or domain name you took not at step 1 and add the port 8880 at the end. Examples: http://192.1680.10:8880 http://homebridge.local:8880
+    * Note: Depending on how you have configured your homebridge server, you will need to ensure that port 8880 is routed to your homebridge server. For example for a docker configuration you will need to add `-p 8880:8880` to your docker command. If you are using a reverse proxy, you will need to add port 8880 to your configuration
+1. Click on the "Save" button, then click on the "Link account" button
+1. You can save your config and restart your homebridge server
 
 ## Hilo Events (Challenges)
 A contact sensor allows you to determine whether a challenge is active or not. This can be useful in determining if your automations should be paused.

config.schema.json

@@ -2,29 +2,10 @@
 	"pluginAlias": "Hilo",
 	"pluginType": "platform",
 	"singular": true,
+	"customUi": true,
 	"schema": {
 		"type": "object",
 		"properties": {
-			"username": {
-				"title": "Username",
-				"type": "string",
-				"required": true
-			},
-			"password": {
-				"title": "Password",
-				"type": "string",
-				"required": true
-			},
-			"vendor": {
-				"title": "Vendor",
-				"type": "string",
-				"default": "hilo",
-				"oneOf": [
-					{ "title": "Hilo", "enum": ["hilo"] },
-					{ "title": "Allia by Stelpro", "enum": ["allia"] }
-				],
-				"required": true
-			},
 			"noChallengeSensor": {
 				"title": "No Challenge Sensor",
 				"type": "boolean",
@@ -38,6 +19,11 @@
 				"minimum": 1,
 				"maximum": 12,
 				"required": false
+			},
+			"refreshToken": {
+				"title": "Refresh Token - This field is automatically populated by the 'Login with Hilo' button",
+				"type": "string",
+				"required": true
 			}
 		}
 	},

homebridge-ui/public/index.html

@@ -0,0 +1,36 @@
+<div class="card">
+	<ol>
+		<li>You will need to know the IP address or the domain name you use to connect to homebridge. Usually it will be the address in your browser</li>
+		<li>Click on the button below to start the authentication process</li>
+		<li>Login to your hilo account</li>
+		<li>Enter the ip address or domain name you took not at step 1 and add the port 8880 at the end. Examples: http://192.168.0.10:8880 http://homebridge.local:8880
+			<ul>
+				<li>Note: Depending on how you have configured your homebridge server, you will need to ensure that port 8880 is routed to your homebridge server. For example for a docker configuration you will need to add `-p 8880:8880` to your docker command. If you are using a reverse proxy, you will need to add port 8880 to your configuration</li>
+			</ul>
+		</li>
+		<li>Click on the "Save" button, then click on the "Link account" button</li>
+		<li>You can save your config and restart your homebridge server</li>
+	</ol>
+	<button type="button" class="btn btn-primary" onclick="initiateAuth()">
+		Login with Hilo
+	</button>
+</div>
+<script>
+	homebridge.showSchemaForm();
+	async function initiateAuth() {
+		const { authorizationURL } = await homebridge.request('/autorizationUrl');
+		const callback = homebridge.request('/callback');
+
+		window.open(authorizationURL, "_blank");
+
+		const { accessToken, refreshToken, expiresIn } = await callback;
+		let pluginConfigBlocks = await homebridge.getPluginConfig();
+		pluginConfigBlocks = pluginConfigBlocks.map((block) => {
+			block.refreshToken = refreshToken;
+			return block;
+		});
+		await homebridge.updatePluginConfig(pluginConfigBlocks);
+		await homebridge.savePluginConfig();
+		homebridge.toast.success("Successfully authenticated with Hilo");
+	}
+</script>

homebridge-ui/server.js

@@ -0,0 +1,79 @@
+const { HomebridgePluginUiServer } = require("@homebridge/plugin-ui-utils");
+const express = require("express");
+const crypto = require("crypto");
+
+const port = 8880;
+
+class UiServer extends HomebridgePluginUiServer {
+	constructor() {
+		super();
+		this.verifier = this.base64URLEncode(crypto.randomBytes(32));
+		this.app = express();
+		this.app.listen(port, () => {
+			console.log(`Auth server listening on port ${port}`);
+		});
+		this.onRequest("/callback", this.handleCallback.bind(this));
+		this.onRequest("/autorizationUrl", this.handleAuthorizationUrl.bind(this));
+		this.ready();
+	}
+
+	async handleAuthorizationUrl() {
+		const challenge = this.base64URLEncode(this.sha256(this.verifier));
+		const clientId = "1ca9f585-4a55-4085-8e30-9746a65fa561";
+		const redirectUri = "https://my.home-assistant.io/redirect/oauth";
+		const scope = [
+			"openid",
+			"https://HiloDirectoryB2C.onmicrosoft.com/hiloapis/user_impersonation",
+			"offline_access",
+		].join(" ");
+		const state = Math.random().toString(36).substring(7);
+		const authorizationURL = `https://connexion.hiloenergie.com/HiloDirectoryB2C.onmicrosoft.com/B2C_1A_SIGN_IN/oauth2/v2.0/authorize?response_type=code&code_challenge=${challenge}&code_challenge_method=S256&client_id=${clientId}&redirect_uri=${redirectUri}&scope=${scope}&state=${state}`;
+		return {
+			authorizationURL,
+		};
+	}
+
+	base64URLEncode(str) {
+		return str
+			.toString("base64")
+			.replace(/\+/g, "-")
+			.replace(/\//g, "_")
+			.replace(/=/g, "");
+	}
+
+	sha256(buffer) {
+		return crypto.createHash("sha256").update(buffer).digest();
+	}
+
+	async handleCallback() {
+		return new Promise((resolve) => {
+			this.app.get("/auth/external/callback", async (req, res) => {
+				const code = req.query.code;
+				const tokenResponse = await fetch(
+					"https://connexion.hiloenergie.com/hilodirectoryb2c.onmicrosoft.com/oauth2/v2.0/token?p=b2c_1a_sign_in",
+					{
+						method: "POST",
+						headers: {
+							"Content-Type": "application/x-www-form-urlencoded",
+						},
+						body: new URLSearchParams({
+							client_id: "1ca9f585-4a55-4085-8e30-9746a65fa561",
+							code,
+							code_verifier: this.verifier,
+							grant_type: "authorization_code",
+							redirect_uri: "https://my.home-assistant.io/redirect/oauth",
+						}),
+					}
+				);
+				const body = await tokenResponse.json();
+				const refreshToken = body.refresh_token;
+				res.send("Success - you can now close this window");
+				resolve({
+					refreshToken,
+				});
+			});
+		});
+	}
+}
+
+(() => new UiServer())();