search

Somfy-Developer / Somfy-TaHoma-Developer-Mode

A collection of requests to use a local API with Somfy TaHoma gateways
133 stars 12 forks source link

Problem generating token #95

Open LukeIsBusy opened 1 year ago

LukeIsBusy commented 1 year ago

Hello guys,

I am using a somfy switch. I successfully authenticated using: curl -X POST https://ha101-1.overkiz.com/enduser-mobile-web/enduserAPI/login -d "userId=myemail@gmail.com&userPassword=myPassword" -H "Content-Type: application/x-www-form-urlencoded" -c ./cookie

I got a Session ID back:

 # Netscape HTTP Cookie File
# https://curl.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.
#HttpOnly_ha101-1.overkiz.com   FALSE   /enduser-mobile-web TRUE    0   JSESSIONID  7C49EBCE8E3F0C3D75A195BB020xxxx

but then when generating a token curl https://ha101-1.overkiz.com/enduser-mobile-web/enduserAPI/config/xxxx-xxxx-xxxx/local/tokens/generate -b "JSESSIONID=7C49EBCE8E3F0C3D75A195BB020xxxx” -H "Accept:application/json”

I just get the response: {"errorCode":"RESOURCE_ACCESS_DENIED","error":"Not authenticated"}%

What am I doing wrong? Is there something broke on server side?

Thanks in advance! Lukas

mguellsegarra commented 1 year ago

Same here.

markus-ta commented 1 year ago

@mguellsegarra @LukeIsBusy I have the same issue. Did you solve it?

mguellsegarra commented 1 year ago

@mguellsegarra @LukeIsBusy I have the same issue. Did you solve it?

Nope, I ended up using HomeKit local control instead. This API seems unstable.

markus-ta commented 1 year ago

@mguellsegarra @LukeIsBusy I have the same issue. Did you solve it?

Nope, I ended up using HomeKit local control instead. This API seems unstable.

Ok, thanks for your response 🥇

mguellsegarra commented 1 year ago

@mguellsegarra @LukeIsBusy I have the same issue. Did you solve it?

Nope, I ended up using HomeKit local control instead. This API seems unstable.

Ok, thanks for your response 🥇

You're welcome! I don't know your use case, but from my pov, you should check out other alternatives, sadly.

bjorn085 commented 1 year ago

I don't use cURL but I found some people using --header to pass the cookie instead of -b

curl "https://ha101-1.overkiz.com/enduser-mobile-web/enduserAPI/config/1234-5678-9012/local/tokens/generate" --header "Cookie: JSESSIONID=XXXXXXXXX"

And indeed, I have a working request in Postman, and Postman translates it to this curl syntax curl --location 'https://ha101-1.overkiz.com/enduser-mobile-web/enduserAPI/config/XXXX-XXXX/local/tokens/' \ --header 'Content-Type: application/json' \ --header 'Cookie: JSESSIONID=XXXXXX'

Maybe you can try this.

j1schmid commented 1 year ago

In my case the -b resp. --cookie flag works. Given a cookie retrived by

MAILADDRESS="name@domain.com"
PASSWORD="mysecret"

curl -X POST --cookie-jar cookie -H "Content-Type: application/x-www-form-urlencoded; charset=utf-8" --data-ascii "userId=${MAILADDRESS}&userPassword=${PASSWORD}" https://ha101-1.overkiz.com/enduser-mobile-web/enduserAPI/login

I can list the tokens by

POD="XXXX-XXXX-XXXX"
curl -X GET --cookie cookie -H "Content-Type: application/json" "https://ha101-1.overkiz.com/enduser-mobile-web/enduserAPI/config/${POD}/local/tokens/devmode"

and also generate and activate a token.