Recreating the web requests

[ohayon]

Hi @nebulous -

First of all, thanks so much for all the work on this. I have started hacking with it a bit and its pretty awesome everything that you have working in here.

I am currently working on writing a bridge between infinitude and homebridge and was interested in bypassing the cache and Mojolicious app and just rewrite the requests that infinitude is currently making in Javascript, or even another language.

I am new to Perl and Mojolicious and am struggling a bit to figure out from where you are getting values like the consumer key and some other values for authorization.

Could you help me find where this and the oauth secret live?

Thanks! 🚀 🌡

[nebulous]

Hi @ohayon, infinitude acts as a proxy man in the middle. As such it does not require oauth keys or secrets. The thermostat signs requests, and passes them on to infinitude.

Carrier's webservice uses xml/atom requests. Infinitude acts as a translation layer between json requests, which are easier for a browser to handle, and the xml requests that the thermostat and carrier's webservice use. Communication with Carrier's rather terrible webservice is a secondary goal for me in the development of Infinitude. I don't keep them in the loop, opting to control everything from Infinitude with lower latency. If you would like to obtain oauth keys, my guess would be that they are available if you decompile the flash application, but I never needed to pursue that.

[ohayon]

Thanks for the response @nebulous! So, I think I'm a bit confused here, if infinitude is just operating as a MITM, how do they API calls work to set temps and other values? Those requests are getting posted to https://api.carrier... no? From the bit of traffic sniffing I've done from infinitude, I thought that was the case, but maybe not?

Thanks again for your help!

[nebulous]

(thermostat) -> (infinitude) -> (Carrier service)

infinitude is set as the thermostat's proxy server, so all requests are sent to it. Infinitude then interprets those requests and responds as needed. It does optionally pass those requests on to the Carrier service, but my primary goal - and thus the thrust of effort so far - is to replace the Carrier service with infinitude.

[ohayon]

Got it. Thanks for the explanation, so if I understand correctly, infinitude is caching the settings when set via the API, and then when the thermostat queries the Carrier service, infinitude returns the cached data?

[nebulous]

Not quite. Infinitude stores all request data from the thermostat and all response data from Carrier's service(if enabled). The terminology gets slightly confusing because Infinitude will not forward requests to Carrier unless a timeout has expired for that request, for which we use a cache. Infinitude never returns cached data back to the thermostat.

[ohayon]

Ah, got it. Okay, thanks! I am currently working on decompiling the flash app to see if I can get what i need out of there, but might fall back on this and use infinitude to setup something like thermostat -> homebridge -> infinitude -> carrier.