search

Somfy-Developer / Somfy-TaHoma-Developer-Mode

A collection of requests to use a local API with Somfy TaHoma gateways
136 stars 12 forks source link

Manage active tokens #14

Closed AdyRock closed 2 years ago

AdyRock commented 2 years ago

Will there be a way to view and mange (e.g. delete) tokens via the user account page? I presume the tokens obtained via the API don't expire, so it would be nice if tokens could be manually deleted.

an-mediola commented 2 years ago

@vhenriet-sfy, you made the documentation label for this issue. Would you please tell us the functionality is there already and you are just going to write a document for it or it should also be implemented in API? Right now, I am doing some development and I am creating a token each time, I would like to know how can I invalidate others? How can I get the list? I am providing a label foreach and I want to know is it possible to manage tokens or not?

iMicknl commented 2 years ago

@an-mediola if you save the uuid, you can remove the token. I haven't checked if it is possible to get this uuid via a request, but I save them and just remove the token when I am done.

an-mediola commented 2 years ago

@iMicknl thank you for reply, but how do you remove it? which endpoint? how?

iMicknl commented 2 years ago

@an-mediola it seems this is only documented on tahomalink.com... See our Python implementation for the API endpoints: https://github.com/iMicknl/python-overkiz-api/blob/e2ca75f23389e92e2dbcd9c10c6c475ebcbc1ace/pyoverkiz/client.py#L700-L725.

There is a way to list the local tokens and a way to delete a local token.

an-mediola commented 2 years ago

@AdyRock it is documented in README now. You can close this if you want.

llavorel-somfy commented 2 years ago

We have completed the documentation: https://github.com/Somfy-Developer/Somfy-TaHoma-Developer-Mode#get-available-tokens

fetzerch commented 2 years ago

@an-mediola if you save the uuid, you can remove the token. I haven't checked if it is possible to get this uuid via a request, but I save them and just remove the token when I am done.

@iMicknl Do I get you right, that you mean save the uuid that is contained in requestId in the reply to the activation API call? Because that doesn't seem to work for me. That uuid is different than any of the uuids from get all tokens.

Since I couldn't get it to work in my project, I tried your python-overkiz-api, but I had no luck either:

token = await client.generate_local_token(GATEWAY)
uuid = await client.activate_local_token(GATEWAY, token, "mynewtoken")
print(await client.get_local_tokens(GATEWAY))
await client.delete_local_token(GATEWAY, uuid)

-> NotSuchTokenException: Not such token with UUID: ...

The documentation is a bit sparse here, could anyone please explain how the token deletion is meant to be used? Should the uuid from the activation work? The only other way I could imagine is to choose a unique label on creation, then get all tokens including their uuids and filter the uuid by label.

AdyRock commented 2 years ago

I pass in the uuid returned by get(/config/${devicePin}/local/tokens/devmode

AdyRock commented 2 years ago

Unfortunately, there doesn't seem to be any way to tie up the token uuid returned by get local tokens and the values return by either generate or activate. The only common data is the name that you provide. So what I do, before creating a new token is delete all the tokens that have my specified name. I'm not sure if expired tokens are automatically removed or if they are just marked as expired by the expirationTime.

fetzerch commented 2 years ago

Thanks! Yeah I guess that sounds reasonable. I guess for the expiration, we'll only know in 6 months.