Open robbiet480 opened 4 years ago
Some notes on this:
enable_encryption
on HA Core 0.106+, receive a JSON body with secret
as the response. HA version can be derived via get_config
webhook action. The logic in app should look like this (psuedocode):
if app_has_no_encryption_key and ha_version > 0.106:
attempt_to_enable_encryption()
Do we know the HA version that we talk to ? Seems like something we should know in the app to be able to enable/disable functionality.
@balloob We can get that info from the get_config
webhook action.
Initial work https://github.com/home-assistant/home-assistant-android/tree/feature/webhookEncryption
I am running into issues with HA decrypting my requests... If anyone wants to take a crack at it please do! I have the sodium library pulled and the ability to easily encrypt/decrypt done. But I must be doing something incorrectly...
Just for that extra bit of security, we should implement encrypted communication with HA over the webhook like iOS supports.