search

frank-lie / DaikinCloud

Es handelt sich um ein Modul für FHEM, um Klimageräte von Daikin über die Daikin-Cloud zu steuern.
https://forum.fhem.de/index.php?msg=1271178
GNU General Public License v2.0
4 stars 0 forks source link

Creating a Openhab AddOn connecting to Daikin Cloud Onecta. #1

Closed adr001db closed 1 year ago

adr001db commented 1 year ago

Hello Frank-Lie

I'am building a AddOn for OpenHAB (A Domotica system) so that connecting with Daikin Onecta is possible. Currently I generated a accesstoken with work of Apollon77 daikin-controller-cloud and that works for now With this token its now posible to read data of all connected units into OpenHAB.

I'm just having some trouble figuring out how the code works to retrieve the token using login details. I never worked with Purl Can you help me getting some documentation or give me some hints how this login proces works? What are the steps from userid/password to the accessToken.

thanks in advance for your help.

Alexander Drent https://github.com/adr001db/openhab-addons/tree/onecta

frank-lie commented 1 year ago

Hello,

I don't know about openhab, but I think it will be easier to implement the tokensaver of Apollon77 instead of recompiling or backtranslating the code from perl to java. I also just compare the engine of Apollon77 (https://github.com/Apollon77/daikin-controller-cloud) and Rospogrigio (https://github.com/rospogrigio/daikin_residential/blob/master/custom_components/daikin_residential/daikin_api.py) and translate it to perl. It uses a OPENID-CLIENT connection.

In my module, the authorization process is implemented in the sub "DaikinCloud_BlockAuth" (https://github.com/frank-lie/DaikinCloud/blob/2658275518aef7ee60dd25b6aae7e5d65f309ab8/58_DaikinCloud.pm?plain=1#L1044-L1192), where I also use some special FHEM-functions (HttpUtils_BlockingGet) for the HTTP calls. The individual steps are explained by comments (##) in the source code.

The following points are called for:

  1. Get the authorization-endpoint-url and the token-endpoint-url from the ISSUER-URL
  2. Call the authorization-endpoint-url and share a client secret -> extract crsf-cookies and forward-url from request
  3. Call the forward-url -> extract samlContext from request
  4. Call "https://cdns.gigya.com/js/gigya.js.." -> extract Api-Version from request
  5. Call "https://cdc.daikin.eu/accounts.webSdkBootstrap.." -> extract single-sign-on-cookies (sso-cookies) from request
  6. Call "https://cdc.daikin.eu/accounts.login" with sso-cookies, samlContext , username, password -> extract one-time-login-token from request
  7. Call "https://cdc.daikin.eu/saml/.." with samlContext, sso-cookies & one-time-login-token -> extract SAMLResponse, relayState from request
  8. Call saml_endpoint_url with SAMLResponse, relayState, crsf-cookies -> extract authorization-code
  9. Call token-endpoint-url with shared client secret, authorization-code, crsf-cookies -> extract the token-Set

That's it ;-)

Greatings Frank

adr001db commented 1 year ago

Hello Frank, Thanks for extensive response. I'm going to test it right now.

Great :)

Alexander

adr001db commented 1 year ago

Hi Frank, After two days of searching and trying, I managed to create the process in Java. The help you provided has helped me a lot with this.

Again, thank you very much. Greatings Alexander