balloob
commented
4 years ago Did you try it with a wss URL?
Open qJake opened 4 years ago
balloob
commented
4 years ago Did you try it with a wss URL?
qJake
commented
4 years ago @balloob Yes - please refer to this issue wherein I try to wrap my head around this 🙂 https://github.com/home-assistant/core/issues/31668
That issue doesn't quite have the right screenshots, but here is what I'm trying:
Likely because, from where this request is made (Chrome on my workstation, outside the Supervisor environment), the supervisor hostname is not known.
qJake
commented
4 years ago Here is some additional experimentation I'm doing - these requests are originating server-side from within an add-on (so supervisor is a known hostname). I achieved this by writing in a small HTTP client into my add-on and deploying it into my HA instance.
Okay... so then we add some WebSocket upgrade headers:
Hmm... but there is a Connection upgrade header. Strange.
Even if we remove everything and just attempt a base websocket connection, it's still the same, so it doesn't seem to care about auth:
According to the WebSocket article on Wikipedia, these headers should be correct.
balloob
commented
4 years ago You can't hit supervisor from a browser. You only do it in processes running on your addon container.
balloob
commented
4 years ago For your frontend, you need ingress.
qJake
commented
4 years ago My frontend is intended to be used from web browsers outside of the context of Home Assistant (i.e. a tablet) but from within the same network. (Also, my app is not compatible with Ingress due to the way that Ingress rewrites HTML to "fit" inside HA, but that's a separate issue and I'm OK with not using Ingress since this isn't the type of app you would sit down and use from HA anyway.)
So that's where I'm struggling to understand the architecture here. I need to be able to obtain a token from within the Supervisor that I can pass to my Javascript frontend, that will "just work" from a browser (be it inside or outside a Supervisor context). Forcing my users to manually generate a LLAT will work, but is cumbersome.
Right now, it seems like my best option would be to call the Token API endpoint and automatically generate a LLAT (if that's even possible) and save it within my app's config. Aside from those two solutions, I'm not sure how else to hook up to the WebSocket endpoint.
ludeeus
commented
3 years ago For authentication have a look here https://developers.home-assistant.io/docs/add-ons/communication#home-assistant-core
Refer to: https://github.com/home-assistant/developers.home-assistant/blob/master/docs/hassio_addon_communication.md under section Home Assistant Core.
The line regarding the Websocket API proxy is extremely unclear and does not align with standard websocket usage.
Typically, a websocket URL begins with
ws://orwss://. Since the proxy mentioned here begins withhttp://, the actual connection and authentication are (supposedly?) completely different.Please add additional verbiage to this section explaining how someone would actually use this proxy, and how a pure websocket call may differ from the same call passed in via the proxy endpoint.