Oauth Authorization Fails with most recent code

[daytonturner]

Hi Matt,

Ive been trying to get this installed, and was having no luck getting the SmartThings developer interface to authorize my OAuth request - it kept failing with "Authorizing the selected devices failed; please try again later or contact support" until I commented out the subscribe(panel) in the updated() definition:

https://github.com/oehokie/SmartDSC/blob/master/smartapp/dscAlarmIntegrationSmarththingsApp.groovy#L109

I presume that by commenting this out, it will break something, but by commenting it out it allows the authorization to happen and I can proceed.

This URL came up when searching, leading me to attempt commenting out various subscribe/unsubscribe combos: http://community.smartthings.com/t/is-oauth-broken/13284/6

So far this is the minimum amount of code altering Ive found that produces a successful authorization, would love to hear your feedback!

Dayton

[martzmakes]

I'm in Jamaica on vacation. Do you have the panel device in smartthings installed and linked to the smartapp?

Only thing that comes to mind while sitting on the beach On Apr 13, 2015 1:30 PM, "daytonturner" notifications@github.com wrote:

Hi Matt,

Ive been trying to get this installed, and was having no luck getting the SmartThings developer interface to authorize my OAuth request - it kept failing with "Authorizing the selected devices failed; please try again later or contact support" until I commented out the subscribe(panel) in the updated() definition:

https://github.com/oehokie/SmartDSC/blob/master/smartapp/dscAlarmIntegrationSmarththingsApp.groovy#L109

I presume that by commenting this out, it will break something, but by commenting it out it allows the authorization to happen and I can proceed.

This URL came up when searching, leading me to attempt commenting out various subscribe/unsubscribe combos: http://community.smartthings.com/t/is-oauth-broken/13284/6

So far this is the minimum amount of code altering Ive found that produces a successful authorization, would love to hear your feedback!

Dayton

— Reply to this email directly or view it on GitHub https://github.com/oehokie/SmartDSC/issues/1.

[daytonturner]

Indeed I do. Even with this one line commented out, I was able to fire up the node application, and it appears to have received information back from the panel - a big dump of keypad/partition/zone data dumped out in my node console. Although, its mis-reporting at least one zone, and the panel commands I'm sending for arm/disarm appear not to work.

I'll keep tinkering unless you have any other suggestions, otherwise I can certainly wait until you're back from vacation!

Matt Martz mailto:notifications@github.com April 13, 2015 at 12:12 PM I'm in Jamaica on vacation. Do you have the panel device in smartthings installed and linked to the smartapp?

Only thing that comes to mind while sitting on the beach On Apr 13, 2015 1:30 PM, "daytonturner" notifications@github.com wrote:

Hi Matt,

Ive been trying to get this installed, and was having no luck getting the SmartThings developer interface to authorize my OAuth request - it kept failing with "Authorizing the selected devices failed; please try again later or contact support" until I commented out the subscribe(panel) in the updated() definition:

https://github.com/oehokie/SmartDSC/blob/master/smartapp/dscAlarmIntegrationSmarththingsApp.groovy#L109

I presume that by commenting this out, it will break something, but by commenting it out it allows the authorization to happen and I can proceed.

This URL came up when searching, leading me to attempt commenting out various subscribe/unsubscribe combos: http://community.smartthings.com/t/is-oauth-broken/13284/6

So far this is the minimum amount of code altering Ive found that produces a successful authorization, would love to hear your feedback!

Dayton

— Reply to this email directly or view it on GitHub https://github.com/oehokie/SmartDSC/issues/1.

— Reply to this email directly or view it on GitHub https://github.com/oehokie/SmartDSC/issues/1#issuecomment-92466265.

Sent with Postbox http://www.getpostbox.com

[daytonturner]

I do notice that I'm getting one error in my node output, as well as in the log for smartthings.

Node output:

Partition 10 is Armed data: { partition: 1, code: '652', mode: '0' } statusCode: 500 <Buffer 7b 22 65 72 72 6f 72 22 3a 74 72 75 65 2c 22 74 79 70 65 22 3a 22 6a 61 76 61 2e 6c 61 6e 67 2e 4e 75 6c 6c 50 6f 69 6e 74 65 72 45 78 63 65 70 74 69 ... >

ST Output:

9808b4d8-eb95-4858-a476-24c7de932eXX 12:28:50 PM: debug It was a partition... armed... 0 9808b4d8-eb95-4858-a476-24c7de932eXX 12:28:50 PM: debug updatePartition: 652, eventMode: 0 9808b4d8-eb95-4858-a476-24c7de932eXX 12:28:50 PM: debug Json: [partition:1, code:652, mode:0] 9808b4d8-eb95-4858-a476-24c7de932eXX 12:28:47 PM: debug Executing GET /jsonrpc?request={"jsonrpc":"2.0","method":"GUI.ShowNotification","params":{"title":"2nd%20Floor%20Hallway%20Motion","message":"closed"},"id":1} HTTP/1.1 HOST: null:null

on Home Hub via sendHubCommand

[daytonturner]

Forgot the important line in the ST output, whoops! Its marked as a red error.

9808b4d8-eb95-4858-a476-24c7de932eXX 12:28:50 PM: error java.lang.NullPointerException: Cannot invoke method latestValue() on null object @ line 270

[javier-jm]

Any fixes for this? I'm having the same error "Authorizing the selected devices failed; please try again later or contact support" after creating the smart app. After selecting a location no devices show up to authorize..

Note: Seems like "panel" variable is null in installed() suscribe(panel).. where is that supposed to come from?

[martzmakes]

@javier-jimenez I just updated the repo, try that and let me know if it works

[javier-jm]

Seems like nulls are not the reason for this (already added those null checks too).. I'm getting this error in the live log after clicking "Authorize" along with the "Please select at least one device to authorize" since no devices show after selecting a location:

grails.validation.ValidationException: Validation error whilst flushing entity [physicalgraph.app.InstalledSmartApp]:

• Field error in object 'physicalgraph.app.InstalledSmartApp' on field 'state': rejected value [COMPLETE]; codes [physicalgraph.app.InstalledSmartApp.state.validator.error.physicalgraph.app.InstalledSmartApp.state,physicalgraph.app.InstalledSmartApp.state.validator.error.state,physicalgraph.app.InstalledSmartApp.state.validator.error.physicalgraph.app.InstallationState,physicalgraph.app.InstalledSmartAp...[TRUNCATED]

Update: After adding an extra section clause in the preferences (outside the page clause) to bypass the "Please select at least one device to authorize" error I now see the devices but when clicking Authorize I get this, I'm new with this.. how can we request the stack traces for this error? I see nothing in the live logs:

Oh No! Something Went Wrong! Error 500: Internal Server Error URI /oauth/authorize Reference Id 118856f7-d737-4521-aebf-f12d42eb24cc Date Sat Nov 28 18:05:53 UTC 2015

[martzmakes]

@javier-jimenez Sorry for the delay... To this point I haven't modified my own configuration (since it's working) but I understand they may have changed things since I did my initial setup. I see exactly what you're talking about now.

• It took some figuring out... but what you need to do is you need to Install the app from the code, enable Oauth... save the app and publish it ("For Me") all in the web interface...
• THEN Create the Alarm Thing SmartDevice and install it in your mobile app
• THEN Open up web logging in the Web IDE (keep this in the background)
• THEN go to the app, go to the marketplace, and install the SmartApp from MyApps (you did publish it, right?)
• Then setup the smartapp on your mobile device. This will have you add your devices (including the required DSCAlarmThing).

Once you finish adding your devices in the mobile app, in the live log it should spit out something like this: Home Data URL: https://graph.api.smartthings.com/api/smartapps/installations/5xxxa7-42da-4xx8-ba9f-fe4xxxxxxxxd6d/data?access_token=08cff65x82ce

That's your app id (the part after /installations/ and before /data) and access token, so no further steps are necessary, you can use those in the alarm proxy server and you should be good to go.

I'll update the readme in the next couple of days

[javier-jm]

@oehokie I already tried that app id/token combination, it gives a 500 status error in the AlarmServer. Also using that URL directly in the browser gives this:

Doing a GET or POST request to https://graph.api.smartthings.com/api/smartapps/installations/APP_ID/panel/zoneupdate?access_token=APP_TOKEN (where APP_ID and APP_TOKEN are the ones I got from the log) gives me:

HTTP 500 - Cannot get property 'authentication' on null object java.lang.NullPointerException: Cannot get property 'authentication' on null object org.codehaus.groovy.runtime.NullObject.getProperty(NullObject.java:56) org.codehaus.groovy.runtime.InvokerHelper.getProperty(InvokerHelper.java:169) org.codehaus.groovy.runtime.ScriptBytecodeAdapter.getProperty(ScriptBytecodeAdapter.java:452) grails.plugin.springsecurity.oauthprovider.GormTokenStoreService.readAuthentication(GormTokenStoreService.groovy:46) physicalgraph.oauth2.RemoteTokenStoreService.super$2$readAuthentication(RemoteTokenStoreService.groovy) sun.reflect.GeneratedMethodAccessor4110.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) java.lang.reflect.Method.invoke(Method.java:606) org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:90) groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:233) groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1086) groovy.lang.ExpandoMetaClass.invokeMethod(ExpandoMetaClass.java:1110) org.codehaus.groovy.runtime.ScriptBytecodeAdapter.invokeMethodOnSuperN(ScriptBytecodeAdapter.java:128) physicalgraph.oauth2.RemoteTokenStoreService.loadAuthentication(RemoteTokenStoreService.groovy:116) physicalgraph.oauth2.RemoteTokenStoreService$$FastClassBySpringCGLIB$$f6d72ceb.invoke() org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:700) org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) org.aopalliance.intercept.Joinpoint$proceed.call(Unknown Source) physicalgraph.logging.TimerLoggingInterceptor.invoke(TimerLoggingInterceptor.groovy:54) org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:91) org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:633) physicalgraph.oauth2.RemoteTokenStoreService$$EnhancerBySpringCGLIB$$6aaa17f6.loadAuthentication() org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationManager.authenticate(OAuth2AuthenticationManager.java:83) org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter.doFilter(OAuth2AuthenticationProcessingFilter.java:137) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:65) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343) org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260) org.codehaus.groovy.grails.web.servlet.mvc.GrailsWebRequestFilter.doFilterInternal(GrailsWebRequestFilter.java:69) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:106) org.codehaus.groovy.grails.web.filters.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:67) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:106) org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:106) org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343) org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260)

[martzmakes]

Hmm... when I do a GET to the home url, I get this as a response:

{"error":true,"type":"SmartAppException","message":"Not Found"}

[martzmakes]

Clarification, that was just pasting the URL into the browser. I get the same message with my working version, so that's a good sign at least

[martzmakes]

@javier-jimenez do you get the same? maybe it's more of an issue with your node setup?

[javier-jm]

The app.js application throws that same 500 error too, is your node app doing this same kind of requests?

This is the request URL that the app.js is doing: https://graph.api.smartthings.com/api/smartapps/installations/APP_ID/panel/zoneupdate?access_token=APP_TOKEN

Try that in the browser (or POST with POSTMAN) replacing APP_ID and APP_TOKEN with your ID and token, do you get the same 500 error? If you do, why is your node app not complaining?

[javier-jm]

Ok I finally fixed it, I forced a createAccessToken() to generate a new access token and that seems to be working fine, no more 500 status errors! I would recommend adding a section in the preferences so we can authorize this using the /oauth URL and then copy the ACCESS TOKEN from the live log as you mentioned:

preferences { section("Alarm Thing:") { input "dscthing", "capability.polling", title: "Alarm Thing", multiple: false, required: true } }

Thanks!

[martzmakes]

@javier-jimenez The original intention was to get rid of the OAuth process. One of the SmartThings Dashboard projects uses a similar method, where you install the SmartApp and it handles everything / spits out the code for you to use with your own server. I'll see if it can be an either / or deal.