New API Question

[ZeliardM]

This is just a question, but I received a notification that at the end of January, Genie will be changing the app and backend API.

Do you know if any of this will affect the plugin and if it will still work after this change? I know that MyQ just made big changes that broke all plugins and third-party access and if that is going to be the case here I'm trying to look ahead.

Thanks!

[ZeliardM]

I have noticed as of yesterday and updating to their latest app that the plugin no longer reports open or closed status through notifications in HomeKit.

[ZeliardM]

After investigating further, it seems that integrations with Home Assistant also stopped working as of January 23, 2024 but Genie was promising and updated official integration with Home Assistant in the future with no information as to when.

[derek-miller]

Yeah I have a few ideas and will investigate and report back.

[ZeliardM]

No problem, I appreciate your work and I've been using this plugin for over a year now and it's been fantastic!

[jnubz]

I'll second that. Thank you for your work on this plugin. I've been using it since I moved in to this house in Sept 2021.

This new app version has more issues than features. It seems suspicious since they touted new features and reliability, and all I see in the app are glitches and nothing new after the update.

If there is anything I can do to help, let me know. I've never worked on APIs, but I'm super techy, and am able to figure things out when needed.

[cosceola94]

Do we have any updates on this? I'm not sure what we'll do if Derek ever gets a different garage door opener lol

[derek-miller]

I spent a little bit of time trying to figure out the new api but was having issues intercepting the requests. Not sure if they are cert pinning or not. I’m kind of hoping Genie gets the official home assistant integration working and I can follow that. I have one other option that I need to test but haven’t had time.

[cosceola94]

Let me know if there's anything I can do to help! Not the most experienced with APIs but happy to assist any way I can

[ryanpesek]

I was able to capture the api calls the iOS app makes using fiddler. I can see the door status updates and open/close commands. This is of course full of secrets so I won't be posting it directly here but happy to provide any useful details. For the door status, a GET call is made to https://api.smartgarage.systems/deep-refresh with a Bearer Authorization header. The response looks something like this: { "devices": [ { "id": "redacted_serial", "serial_number": "redacted_serial", "name": "redacted_serial", "is_locked": false, "ssid": "redacted", "user_id": "redacted", "rssi": -42, "status": 1, "is_enabled": true, "created_at": "1701486643", "updated_at": "1706405964", "model": "01", "family": 1, "vendor": "GENIE", "timezone": "America/Chicago", "zipcode": "", "is_expired": false, "is_updating_firmware": false, "doors": [ { "id": "redacted_serial", "battery_level": 100, "created_at": "1701486643", "updated_at": "1707003841", "is_enabled": true, "status": 4, "vehicle_type": "CAR", "vehicle_color": "RED", "link_status": 3, "name": "Garage Door", "ble_strength": -57, "door_index": 1 } ], "software_version": "0.2.2-rc0", "ownership": "owned" } ], "invites": { }, "rules": [], "partners": [ ] }

The door status of 1 seems to indicate open while 4 equals closed.

[derek-miller]

Seems like the tricky part with the new API is getting the oauth token. Its not as simple as it was before, but I do have full network packet capture for all the new endpoints. I just haven't been able to make sense of the login just yet.

[derek-miller]

As far as when this stopped working, if you downloaded the updated app and logged into it you get opted into the new API. Then the old API will report stale status from what I can tell.

But if anyone knows how to get a token using a username/password then it would save me some time and I could get this updated pretty quickly.

[ryanpesek]

I think I've got it figured out. Here is an example using curl: curl -X POST --data @auth.json -H 'X-Amz-Target: AWSCognitoIdentityProviderService.InitiateAuth' -H 'Content-Type: application/x-amz-json-1.1' https://cognito-idp.us-east-2.amazonaws.com

Where auth.json contains:

{
    "ClientId": "27iic8c3bvslqngl3hso83t74b",
    "AuthFlow": "USER_PASSWORD_AUTH",
    "AuthParameters": {
        "USERNAME": "<email>",
        "PASSWORD": "<password>",
        "SECRET_HASH": "<hmac of email, client_id, and client_secret>"
    }
}

The value of the secret hash appears to be a standard hmac where you will need the user's email, the client_id: 27iic8c3bvslqngl3hso83t74b and the client_secret: 7bokto0ep96055k42fnrmuth84k7jdcjablestb7j53o8lp63v5. This was a good reference for calculating the hmac (python) using these values: https://repost.aws/knowledge-center/cognito-unable-to-verify-secret-hash. The client_id and client_secret are hard coded into the Aladdin Connect app so hopefully won't change frequently.

Once you make the above request, the response will contain an AccessToken which can then be used directly to get the status of the door, open/close etc.

Hope all of this helps!

[derek-miller]

@ryanpesek @cosceola94 @jnubz @ZeliardM I have published v4.0.0 of this plugin that switches to the new API. Give it a try and let me know if that fixes your issues. If not, please reopen this bug.

[ryanpesek]

Its working great for me! Thanks for the quick fix!

[jnubz]

It's working perfectly! Didn't even have to mess with the config on my end. If only Aladdin could migrate a server more reliably next time... lol. Thank you for fixing it!

[ZeliardM]

Everything is working great on my end too! Thanks so much!

[derek-miller]

Just wanted to follow up regarding the future of this plugin, it turns out Genie is looking to collaborate and make an official driver (see #42)! Seems they are much more committed to their users than say some other popular garage door opener company...