search

Somfy-Developer / Somfy-TaHoma-Developer-Mode

A collection of requests to use a local API with Somfy TaHoma gateways
147 stars 12 forks source link

Token generation issue #32

Closed sdumorti closed 2 years ago

sdumorti commented 2 years ago

Hello All,

I wanted to try this new local API in Python but I have issues getting a token (dev mode activated and visible in mDNS). I'm no token expert and any help is appreciated. Even if the token generation query is successful, it returns an empty structure:

>>> r_gen.json()
[]

Here's the full anonymized transcript:

Python 3.9.4 (tags/v3.9.4:1f2e308, Apr  6 2021, 13:40:21) [MSC v.1928 64 bit (AMD64)] on win32
Type "help", "copyright", "credits" or "license" for more information.
>>>
>>> import requests
>>> import json
>>>
>>> s = requests.Session()
>>>
>>> ## Login
>>> headers = {"Content-Type": "application/x-www-form-urlencoded"}
>>> data = {"userId": MY_EMAIL, "userPassword": MY_PASSWORD}
>>> url = "https://ha101-1.overkiz.com/enduser-mobile-web/enduserAPI/login"
>>> r = s.post(url, headers=headers, data=data)
>>>
>>> r.text
'{"success":true,"roles":[{"name":"ENDUSER"}]}'
>>>
>>> r.status_code
200
>>>
>>> ## Generate a token
>>> url_gen = "https://ha101-1.overkiz.com/enduser-mobile-web/enduserAPI/config/MY_PIN/local/tokens/devmode"
>>> headers_gen = {"Content-Type": "application/json", "Cookie": r.headers['Set-Cookie'].split(";")[0]}
>>> r_gen = s.get(url_gen, headers=headers_gen)
>>>
>>> r_gen.headers
{'Date': 'Fri, 17 Jun 2022 06:02:48 GMT', 'Server': 'overkiz', 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains, max-age=31536000 ; includeSubDomains', 'Cache-Control': 'no-store, must-revalidate, no-cache, max-age=0', 'Expires': 'Mon, 01 Jan 1990 00:00:00 GMT', 'X-XSS-Protection': '1; mode=block', 'X-Frame-Options': 'DENY', 'X-Content-Type-Options': 'nosniff', 'Content-Type': 'application/json;charset=UTF-8', 'Keep-Alive': 'timeout=5, max=50', 'Connection': 'Keep-Alive', 'Transfer-Encoding': 'chunked'}
>>>
>>> r_gen.status_code
200
>>>
>>> r_gen.json()
[]
>>>

Thank you, Simon

sdumorti commented 2 years ago

Hello All,

The main issue was "devmode" instead of "generate" in url_gen... If it could help somebody, here's the working transcript using a Requests Session to automatically carry the cookie around

>>> import requests
>>> import json
>>>
>>> s = requests.Session()
>>>
>>> ## Login
>>> headers = {"Content-Type": "application/x-www-form-urlencoded"}
>>> data = {"userId": MY_EMAIL, "userPassword": MY_PASSWORD}
>>> url = "https://ha101-1.overkiz.com/enduser-mobile-web/enduserAPI/login"
>>> r = s.post(url, headers=headers, data=data)
>>>
>>> r.status_code
200
>>>
>>> ## Generate a token
>>> url_gen = "https://ha101-1.overkiz.com/enduser-mobile-web/enduserAPI/config/MY_PIN/local/tokens/generate"
>>> headers_gen = {"Content-Type": "application/json"}
>>> r_gen = s.get(url_gen, headers=headers_gen)
>>>
>>> r_gen.status_code
200
>>> r_gen.text
'{"token":"XXXXXXXXXXXXXXXX"}'
>>>
>>> ## Activate your token
>>> url_act = "https://ha101-1.overkiz.com/enduser-mobile-web/enduserAPI/config/MY_PIN/local/tokens"
>>> headers_act = {"Content-Type": "application/json"}
>>> data_act = {"label": "My token", "token": r_gen.json()['token'], "scope": "devmode"}
>>> r_act = s.post(url_act, headers=headers_act, json=data_act)
>>>
>>> r_act.status_code
200
>>>

If you are not using a session, you have to pass the cookie

r_gen = requests.get(url_gen, headers=headers_gen, cookies=r.cookies)

Simon