search

gagata / ha-smarthub-energy-sensor

This is a custom integration used to scrape data from a smarthub portal (used by different energy providers), and create an energy usage sensor in Home Assistant. The sensor can then be used with the Energy dashboard.
5 stars 1 forks source link

Unable to authenticate #5

Closed Valdorama closed 4 days ago

Valdorama commented 1 week ago

First of all, many thanks for packaging this as a HACS integration - I've been wanting to try out the original project for a while but hasn't got round to it until you made it easier to deploy.

So I've installed it and entered the required config data but cannot seem to be able to authenticate. I see this in the logs:

Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/helpers/update_coordinator.py", line 382, in _async_refresh
    self.data = await self._async_update_data()
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/helpers/update_coordinator.py", line 279, in _async_update_data
    return await self.update_method()
           ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/config/custom_components/smarthub/api.py", line 83, in get_energy_data
    await self.get_token()
  File "/config/custom_components/smarthub/api.py", line 71, in get_token
    raise RuntimeError(
RuntimeError: Failed to retrieve authorization token. HTTP Status: 400

Wondering if you've seen this before. Note that I currently do NOT have two-factor authentication enable on my SmartHub account.

Valdorama commented 1 week ago

Enabled debug logging and tried to configure it again:

2024-12-02 10:15:52.940 DEBUG (MainThread) [custom_components.smarthub.config_flow] Successfully validated credentials in config_flow.
2024-12-02 10:15:52.941 DEBUG (MainThread) [custom_components.smarthub] Stored API instance in hass.data: <class 'dict'>
2024-12-02 10:15:52.942 DEBUG (MainThread) [custom_components.smarthub.api] Sending asynchronous authentication request to: https://pec.smarthub.coop/services/oauth/auth/v2
2024-12-02 10:15:52.942 DEBUG (MainThread) [custom_components.smarthub.api] Headers: {'Authority': 'pec.smarthub.coop', 'Content-Type': 'application/x-www-form-urlencoded'}
2024-12-02 10:15:52.942 DEBUG (MainThread) [custom_components.smarthub.api] Payload: password=**REDACTED**&userId=**REDACTED**
2024-12-02 10:15:52.948 WARNING (MainThread) [py.warnings] /usr/local/lib/python3.12/asyncio/base_events.py:1991: RuntimeWarning: coroutine 'SmartHubAPI.get_token' was never awaited
  handle = None  # Needed to break cycles when an exception occurs.

2024-12-02 10:15:53.191 DEBUG (MainThread) [custom_components.smarthub.api] Response status: 400
2024-12-02 10:15:53.191 DEBUG (MainThread) [custom_components.smarthub.api] Response body: 
2024-12-02 10:15:53.194 ERROR (MainThread) [custom_components.smarthub.sensor] Unexpected error fetching SmartHub Energy data
Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/helpers/update_coordinator.py", line 382, in _async_refresh
    self.data = await self._async_update_data()
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/helpers/update_coordinator.py", line 279, in _async_update_data
    return await self.update_method()
           ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/config/custom_components/smarthub/api.py", line 83, in get_energy_data
    await self.get_token()
  File "/config/custom_components/smarthub/api.py", line 71, in get_token
    raise RuntimeError(
RuntimeError: Failed to retrieve authorization token. HTTP Status: 400
2024-12-02 10:15:53.196 DEBUG (MainThread) [custom_components.smarthub.sensor] Finished fetching SmartHub Energy data in 0.254 seconds (success: False)
gagata commented 6 days ago

hey! it seems that your authentication info is incorrect...

mind running the following script first? it should return a json with status: SUCCESS and authorizationToken. seems like it's failing to use your credentials to obtain the token...

#!/bin/bash 
email="YOUR_EMAIL"
passwd="YOUR_PASSWORD"                                                                                                 
host="YOUR_HOST" 

auth_url="https://$host/services/oauth/auth/v2"

curl -X 'POST' "$auth_url" -H "Authority: $host" -d "password=$passwd&userId=$email"  -vvv

bash token.sh

Valdorama commented 5 days ago

Thanks for helping out! I tried the script and this is what it returns (on the console):

Note: Unnecessary use of -X or --request, POST is already inferred.
*   Trying 15.197.224.196:443...
* Connected to pec.smarthub.coop (15.197.224.196) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=US; ST=North Dakota; L=Mandan; O=National Information Solutions Cooperative, Inc.; CN=*.smarthub.coop
*  start date: Oct 22 00:00:00 2024 GMT
*  expire date: Nov 12 23:59:59 2025 GMT
*  subjectAltName: host "pec.smarthub.coop" matched cert's "*.smarthub.coop"
*  issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=Thawte TLS RSA CA G1
*  SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* Using Stream ID: 1 (easy handle 0x563c6acc7990)
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> POST /services/oauth/auth/v2 HTTP/2
> Host: pec.smarthub.coop
> user-agent: curl/7.81.0
> accept: */*
> authority: pec.smarthub.coop
> content-length: 47
> content-type: application/x-www-form-urlencoded
> 
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* We are completely uploaded and fine
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Connection state changed (MAX_CONCURRENT_STREAMS == 20)!
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
< HTTP/2 400 
< date: Thu, 05 Dec 2024 15:47:05 GMT
< content-length: 0
< content-security-policy: frame-ancestors 'self' https://pec.coop https://*.pec.coop
< set-cookie: JSESSIONID-consumer_1.0=073e6c9e-278b-4b92-aeb3-71b78c376e08; Path=/; Secure; HttpOnly; SameSite=None
< set-cookie: XSRF-TOKEN=4j530ytNse8fV2oWRn+bmA==; Path=/; Secure; SameSite=None
< expires: Thu, 28 Nov 2024 15:47:05 GMT
< pragma: no-cache
< cache-control: no-cache, no-store, must-revalidate
< vary: Accept-Encoding
< strict-transport-security: max-age=31536000; includeSubDomains
< x-content-type-options: nosniff
< 
* Connection #0 to host pec.smarthub.coop left intact
gagata commented 5 days ago

hm, you're getting a 400 error back even with a simple curl... I tried running the same code as above using your host, just to see if it generally works:

#!/bin/bash
email="abc@test.com"
passwd="test"
host="pec.smarthub.coop"
auth_url="https://$host/services/oauth/auth/v2"
curl -X 'POST' "$auth_url" -H "Authority: $host" -d "password=$passwd&userId=$email"  -vvv

and i successfully received 200, and {"status": "FAILURE"} response body (expected since credentials are not real).

do you by any chance have some special (non latin) characters in your password that could mess up the encoding and potentially cause bad request error (400)? if you run the exact code as above (with the values I shared) do you get 200?

Valdorama commented 4 days ago

I tried dummy credentials and did get the 200 response. So I updated my password to use a more benign special character (mandatory) and sure enough the integration works. Thanks again!

gagata commented 4 days ago

oh, awesome, glad that worked!