# Fitbit Auth Access

### Helpful links
* https://python-fitbit.readthedocs.io/en/latest/#fitbit.Fitbit
* https://dev.fitbit.com/build/reference/web-api/developer-guide/authorization/
* https://studio.fitbit.com/projects/nRpqGX/editor
* https://dev.fitbit.com/apps/details/239666
* https://dev.fitbit.com/build/reference/web-api/troubleshooting-guide/oauth2-tutorial/?clientEncodedId=239666&redirectUri=https://httpbin.org/anything&applicationType=PERSONAL

### Load

In [33]:
import requests
import os
from urllib.parse import urlencode
import webbrowser
import ast
import fitbit

### Declared Details
* **client_id**: Unique to the app.
* **client_secret**: Unique to the app.
* **redirect_url**: Using janky httpbin, as there's no functioning website.

In [4]:
client_id = 239666
client_secret = '76d7502bb5ae9719ff806a6d664bcb61'
redirect_uri = "https://httpbin.org/anything"

### Run code block below, sign in. 

In [8]:
params = {
    "client_id": client_id,
    "redirect_uri": redirect_uri,
    "scope": "activity heartrate location nutrition oxygen_saturation profile respiratory_rate settings sleep social temperature weight",
    "response_type": "code"
}

endpoint = "https://www.fitbit.com/oauth2/authorize"
endpoint = endpoint + '?' + urlencode(params)
webbrowser.open(endpoint)

True

##### Example output:
* Required info: args -> code -> [code]

In [2]:
# {
#   "args": {
#     "code": "63e1a4a9d6eae6f857a37e65a4093b75af4f68e5"
#   }, 
#   "data": "", 
#   "files": {}, 
#   "form": {}, 
#   "headers": {
#     "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9", 
#     "Accept-Encoding": "gzip, deflate, br", 
#     "Accept-Language": "en-US,en;q=0.9", 
#     "Cache-Control": "max-age=0", 
#     "Host": "httpbin.org", 
#     "Referer": "https://www.fitbit.com/", 
#     "Sec-Ch-Ua": "\"Chromium\";v=\"108\", \"Not?A_Brand\";v=\"8\"", 
#     "Sec-Ch-Ua-Mobile": "?0", 
#     "Sec-Ch-Ua-Platform": "\"Windows\"", 
#     "Sec-Fetch-Dest": "document", 
#     "Sec-Fetch-Mode": "navigate", 
#     "Sec-Fetch-Site": "cross-site", 
#     "Sec-Fetch-User": "?1", 
#     "Upgrade-Insecure-Requests": "1", 
#     "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36", 
#     "X-Amzn-Trace-Id": "Root=1-63e6dee1-7f462936782bf4dd56aefcd7"
#   }, 
#   "json": null, 
#   "method": "GET", 
#   "origin": "50.68.241.59", 
#   "url": "https://httpbin.org/anything?code=dec8b0ab0482260f8570ff2fbf80464c0c9b66ac"
# }

### Generate authentification code.
* code_verifier via https://dev.fitbit.com/build/reference/web-api/troubleshooting-guide/oauth2-tutorial/?clientEncodedId=239666&redirectUri=https://httpbin.org/anything&applicationType=PERSONAL

In [19]:
params2 = {
    "client_id": client_id,
    "grant_type": "authorization_code",
    "redirect_uri": redirect_uri,
    
    "code": "0b3792e7a4e47865a017f94604e0ac57680b7422",
    "code_verifier": "3i414o241z283f6z5w3d59521156710k0m2x4w3y482w2c4p10110t5m274c3r2e4i2p372m0n27571t5f3n235z2u0i1x5q2q5g0c1h6s1c2a4t665d524n6e660e1f",
    "code_challenge": "Bzw8Yw05Nk9aa9DOPH5Ze42QXAXpHEh5WODcsg_AFf8"
}

endpoint2 = "https://api.fitbit.com/oauth2/token"
endpoint2 = endpoint2 + '?' + urlencode(params2)

headers = {'Content-Type':'application/x-www-form-urlencoded', }

r = requests.post(endpoint2, headers = headers)
r.text

'{"access_token":"eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiIyMzk2NjYiLCJzdWIiOiI5MzhYOEciLCJpc3MiOiJGaXRiaXQiLCJ0eXAiOiJhY2Nlc3NfdG9rZW4iLCJzY29wZXMiOiJyc29jIHJlY2cgcnNldCByb3h5IHJudXQgcnBybyByc2xlIHJjZiByYWN0IHJsb2MgcnJlcyByd2VpIHJociBydGVtIiwiZXhwIjoxNjc2MTEwNjkxLCJpYXQiOjE2NzYwODE4OTF9.AtPCHQrEdDBotsQGBwoeD0V_oI_c6PZmFyCw1LYfUWo","expires_in":28800,"refresh_token":"995ec6cedfb3246c42e3fc8600310e5254d2af5b11b4d8756d6e78286d69bb64","scope":"nutrition location heartrate cardio_fitness respiratory_rate electrocardiogram oxygen_saturation activity weight settings social profile sleep temperature","token_type":"Bearer","user_id":"938X8G"}'

In [46]:
r_dict = ast.literal_eval(r.text)
access_token = r_dict.get("access_token")
expires_at = r_dict.get("expires_in")

In [51]:
authd_client = fitbit.Fitbit(client_id, client_secret, access_token=access_token, refresh_token='https://api.fitbit.com/oauth2/token')
authd_client.sleep()

{'sleep': [],
 'summary': {'totalMinutesAsleep': 0,
  'totalSleepRecords': 0,
  'totalTimeInBed': 0}}