Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Alternative authorisation #114

Open
MikeyMan83 opened this issue Oct 17, 2023 · 16 comments
Open

Alternative authorisation #114

MikeyMan83 opened this issue Oct 17, 2023 · 16 comments
Labels
enhancement New feature or request

Comments

@MikeyMan83
Copy link

MikeyMan83 commented Oct 17, 2023
edited
Loading

Hi all,

I'm using node red in combination with this developer API.
This works fine. For a while that is.
At intermittent periods, the token seems to get invalid. And i'm confronted with sunscreens that are not working.
This is driving me absolutely mad tbh.
Generating and activating a new token, and keeping track of the old ones is too much maintenance for something running on my own network.

I really need a simpler autorisation for local access. Is there any way we can look into this?

Even creating an indefinite token would be better than this.
@bjorn085
Copy link

On my side it seems that token never expire... I use one that is ok since at least 6 month.
what information let you think your token get invalid due to expiration ?

@MikeyMan83
Copy link
Author

It gives an authorisation error after a couple of weeks. Creating a new token solves it. So it must me expiring.

This experience is also built into for instance the domoticz plugin.

@iMicknl
Copy link

iMicknl commented Oct 18, 2023
edited
Loading

For me it doesn't expire as well, so not sure what goes wrong in your way. Can you share the link to the specific code / retry logic in the Domoticz plugin?

@MikeyMan83
Copy link
Author

That is very weird... Can I ask you guys for the API call you're using to create the token?

@flhoest
Copy link

flhoest commented Oct 20, 2023

Creating the token is not a API as such, more a http request capturing a SESSION COOKIE. This is what I'm doing : https://github.com/flhoest/somfy/blob/main/syFramework.php check the first function (function syGetToken), this is a 3 steps mechanism.

@MikeyMan83
Copy link
Author

That seems to be the API I'm using as well.

I was curious if that was also using the devmode parameter. And it seems to be. No difference there

@bjorn085
Copy link

Don't you talk about 2 different things ?

@MikeyMan83, are you indeed talking about the second one ?

@bjorn085
Copy link

And to add some elements, I call generate a token API through PostMan, that translates my call this way :

curl --location 'https://ha101-1.overkiz.com/enduser-mobile-web/enduserAPI/config/xxxxxx/local/tokens/'
--header 'Content-Type: application/json'
--header 'Cookie: JSESSIONID=xxxxxx

and i get a token that never expires.
Same when calling this through GuzzleHttp:

$this->authClient = new Client([

		'base_uri' => 'https://ha101-1.overkiz.com/enduser-mobile-web/enduserAPI/'
	]);

[...]

$activateTknResponse = $this->authClient->request(
'POST',
'config/'.$this->POD.'/local/tokens',
[
'headers' => [
'Content-Type' => 'application/json'
],
'cookies' => $this->jar,
'body' => json_encode([
'label'=>$tokenLabel,
'token'=>$tokenCreated,
'scope'=>'devmode'
])

		]
	);

@MikeyMan83
Copy link
Author

Thanks for the feedback. I'm manually using postman to do a login, generate and activate call.
Haven't automated it (yet). Might be useful to do.

GET /enduser-mobile-web/enduserAPI/config/2017-8871-5701/local/tokens/generate HTTP/1.1
Content-Type: application/json
User-Agent: PostmanRuntime/7.33.0
Accept: */*
Cache-Control: no-cache
Postman-Token: bc7e5210-953d-456b-820c-e0eee2779f8d
Host: ha101-1.overkiz.com
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: JSESSIONID=E1~F417FB3E094CEEAD10F80D5FA8670851
 
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Cache-Control: no-store, must-revalidate, no-cache, max-age=0
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Thu, 26 Oct 2023 09:03:18 GMT
Server: overkiz

@bjorn085
Copy link

bjorn085 commented Oct 26, 2023
edited
Loading

The JSESSIONID will expirate. This is not the token.
You have to use the JSESSIONID to call immediately the generate a token, and to activate it. This token normally never expires, and you don't have the need to keep and reuse JSESSIONID.

@flhoest
Copy link

flhoest commented Oct 26, 2023

This is exactly what I described and do in my function mentioned above ... #114 (comment)

@MikeyMan83
Copy link
Author

MikeyMan83 commented Oct 26, 2023
edited
Loading

ent-Type: application/json
User-Agent: PostmanRuntime/7.33.0
Accept: /
Cache-Control: no-cache
Postman-Token: bc7e5210-953d-456b-820c-e0eee2779f8d
Host: ha101-1.overkiz.com
Accept-Encoding: gzip, deflate, br
Connection: keep-alive

So just take that out of the standard API when creating?

image

image

tick box is off though.

@bjorn085
Copy link

bjorn085 commented Oct 26, 2023
edited
Loading

Sorry but I don't understand your problem indeed.

Let's sum up again.
You call https://github.com/Somfy-Developer/Somfy-TaHoma-Developer-Mode#login to get a JSESSIONID.
For the moment there seems to be an error on the JSESSIONID, see #113 so just remove the "E1~" from response you get and paste it in your generate a token as you seem to do. So no, don't uncheck cookie box.

In answer to this request, you get a token in the body Activate it by putting in body of POST request https://github.com/Somfy-Developer/Somfy-TaHoma-Developer-Mode#generate-a-token

This token, once activated, can be use in local calls to your thaoma and never expires.

@MikeyMan83
Copy link
Author

So; based on the hints here, i tried to create and activate a token without the E1~ prefix.
This was again working for a while, although this morning i got an 'error undefined'.
Created a new one, and it was also working. Not the same error as before, but also not what i was hoping for yet

@bjorn085
Copy link

bjorn085 commented Dec 7, 2023

Hi,
can you explain when and how you get an "error undefined" ? When doing what, which API, called how?

And you say when creating a new token, you don't get this error anymore ?

Again, I don't think its a matter of token expiration, token never expires.

@llavorel-somfy llavorel-somfy added the enhancement New feature or request label Feb 12, 2024
@androTS
Copy link

androTS commented Feb 21, 2024

Hi,
i'm also struggleing with this "token scenario". I'm using POSTMAN and reach the point when I POST the request with the generated token, the response is 400 :(
I also removed this prefix value "E2" in session ID to generated token as was mentioned in previous posts....
The result i get is error...
What am I doing wrong?

<!doctype html><title>HTTP Status 400 – Bad Request</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style>

HTTP Status 400 – Bad Request

Regards Andro

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@iMicknl @MikeyMan83 @flhoest @llavorel-somfy @androTS @bjorn085