search

Supereg / homebridge-http-switch

Powerful http switch for Homebridge: https://github.com/homebridge/homebridge
ISC License
219 stars 36 forks source link

auth problem #60

Closed mbierman closed 1 year ago

mbierman commented 4 years ago

Describe the bug I'm having no luck with auth in a URL object.

To Reproduce Steps to reproduce the behavior:

  1. Create the config file as shown below

The auth fails with 401

Version (output of npm list -g homebridge homebridge-http-switch)

Configuration

    {
        "bridge": {
            "name": "Homebridge Synology",
            "username" : "*****",
            "port": *****
            "pin" : "*****"
        },
        "accessories": [
            {
                "accessory": "PowerlossIFTTTNotifier",
                "name": "PowerlossIFTTTNotifier",
                "IFTTTkey : "*****",
                "IFTTTservice: "*****",
                "IFTTTvalue2": "Homebridge started at",
                "IFTTTvalue3": false
            },
            {
                "accessory": "Synology",
                "name": "Pigpen",
                "ip" : "*****",
                "mac" : "*****",
                "port": "5001",
                "secure": true,
                "account" : "*****",
                "password" : "*****",
                "version": 6,
                "timeout": *****
                "disabled": [
                    ""
                ],
                "doPolling": true,
                "pollingInterval": 120
            },
            {
                "accessory": "neurio",
                "name": "neurio",
                "location" : "*****",
                "username" : "*****",
                "password" : "*****",
                "options": {
                    "ttl": 30,
                    "verboseP": false
                }
            },
            {
                "name": "Garage Door",
                "username" : "*****",
                "password" : "*****",
                "accessory": "Chamberlain"
            },
            {
                "accessory": "HTTP-SWITCH",
                "name": "Flo",
                "switchType": "stateful",
                "pullInterval": 5000,
                "debug": true,
                "statusPattern": "true",
                "onUrl" : "*****",
                    "url" : "https://...",
                    "method": "POST",
                    "auth": {
                        "username": "myUsername",
                     "password": "myPassword"
                     },

                    "headers": {
                        "Content-Type": "application/json"
                    },
                    "body": {
                        "target": "home"
                    }
                },
                "offUrl": {
                    "url" : "https://...",
                    "method": "POST"
                    "auth": {
                        "username": "myUsername",
                     "password": myPassword"
                     },
                    "headers": {
                        "Content-Type": "application/json"
                    },
                    "body": {
                        "target": "away"
                    }
                },
                "statusUrl": {
                    "url" : "https://...",
                    "method": "GET",
                    "auth": {
                        "username": "myUsername",
                     "password": "myPassword"
                     },
                    "headers": {

                        "Content-Type": "application/json"
                    },

                }
            },
            {
                "accessory": "HTTP-SWITCH",
                "name": "pigpen temp warning",
                "switchType": "stateless",
                "timeout": 1000,
                "onUrl" : "*****",
                "method": "POST",
                "debug": false
            },
            {
                "accessory": "HTTP-SWITCH",
                "name": "Arming error",
                "switchType": "stateless",
                "timeout": 1000,
                "onUrl" : "*****",
                "method": "POST",
                "debug": false
            },
            {
                "accessory": "DummySwitch",
                "name": "iPad charged",
                "stateful": true
            },
            {
                "accessory": "DummySwitch",
                "name": "iPhone charged",
                "stateful": true
            },
            {
                "accessory": "AutomationCalendar",
                "name": "AutomationCalendar",
                "latitude" :   ***,
                "longitude" :   ***,
            },
            {
                "accessory": "Schedule",
                "name": "Hourly",
                "cron": "*/90 0-8,21-23 * * *"
            }
        ],
        "platforms": [
            {
                "name": "Config",
                "port": 8581,
                "auth": "form",
                "theme": "navi-blue",
                "tempUnits": "f",
                "lang": "auto",
                "sessionTimeout": *****
                "log": {
                    "method": "null"
                },
                "accessoryControl": {
                    "debug": true
                },
                "platform": "config"
            },
            {
                "platform": "Nest",
                "name": "Nest",
                "access_token" : "****",
                "fanDurationMinutes": 15
            },
            {
                "platform": "TuyaWebPlatform",
                "name": "Smart Life",
                "options": {
                    "username" : "*****",
                    "password" : "*****",
                    "countryCode": "1",
                    "platform": "smart_life",
                    "pollingInterval": 120
                }
            },
            {
                "platform": "WeatherPlus",
                "units": "us",
                "interval": 5,
                "stations": [
                    {
                        "nameNow": "Current",
                        "service": "openweathermap",
                        "key": "******",
                        "locationGeo": [
                            *****
                            -121.96
                        ],
                        "locationCity" : "*****",
                        "language": "en",
                        "compatibility": "both",
                        "forecast": [
                            0
                        ],
                        "conditionCategory": "detailed",
                        "now": true,
                        "extraHumidity": false,
                        "hidden": [
                            "Air Pressure",
                            "Observation Station",
                            "Observation Time",
                            "Snow"
                        ],
                        "tresholdCloudCover": 30,
                        "tresholdUvIndex": 4,
                        "tresholdWindSpeed": 10
                    }
                ]
            }
        ]

Additional context

Supereg commented 4 years ago

What authentication mechanism does you http server use? If it is digest authentication (my assumption) you need to specify sendImmediately: false in the auth object.

Quote from the request library:

Digest authentication is supported, but it only works with sendImmediately set to false; otherwise request will send basic authentication on the initial request, which will probably cause the request to fail.

mbierman commented 4 years ago

I don't know the details of the http server. I don't run it and the API is not documented.

I don't see a WWW-Authenticate header in the server's response which looks like this:

* Connected to api.meetflo.com (34.210.57.11) port 443 (#0)
* ALPN, offering http/1.1
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* ALPN, server did not agree to a protocol
* Server certificate: *.flosecurecloud.com
* Server certificate: Amazon
* Server certificate: Amazon Root CA 1
> POST /api/v1/users/auth HTTP/1.1
> Host: api.meetflo.com
> User-Agent: curl/7.71.1
> Accept: */*
> Content-Type: application/json
> Content-Length: 100
> 
} [100 bytes data]
* upload completely sent off: 100 out of 100 bytes
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Access-Control-Allow-Credentials: true
< Access-Control-Allow-Origin: *
< Content-Type: application/json; charset=utf-8
< Date: Sat, 18 Jul 2020 01:24:52 GMT
< ETag: W/"1d4-l4an7APDY3EGnVyxJkOy7+b2nLA"
< Server: nginx/1.17.8
< Server-Timing: intid;desc=93b0b804ca7695dd
< Strict-Transport-Security: max-age=31536000; includeSubDomains
< X-Content-Type-Options: nosniff
< X-DNS-Prefetch-Control: off
< X-Download-Options: noopen
< X-Frame-Options: SAMEORIGIN
< x-request-id: 1c9b49a9-3ba6-4b7a-a661-c1a61cf95d83
< X-XSS-Protection: 1; mode=block
< Content-Length: 468
< Connection: keep-alive
< 
{ [468 bytes data]
100   568  100   468  100   100    587    125 --:--:-- --:--:-- --:--:--   711
* Connection #0 to host api.meetflo.com left intact
eG3M

Does that mean that this plugin can't support this auth?

Supereg commented 3 years ago

Sorry for the long response time. I didn't really have a clue with your auth problems. Did you find any solution to this?