Webview won't load with basic authentication

[Confectrician]

Expected Behavior

Basic UI should work flawless with an openHAB environment that has a basic auth protection.

Current Behavior

BasicUI window opens but shows a blank tab.

Possible Solution

No known solution yet

Steps to Reproduce (for Bugs)

1. Set up the extension with user ceredentials
2. Try to open a sitemap with basic ui

Context

Debugger notice:

[Embedded Page] Subresource requests whose URLs contain embedded credentials (e.g. `https://user:pass@host/`) are blocked.
See https://www.chromestatus.com/feature/5669008342777856 for more details.

Community reference: https://community.openhab.org/t/visual-studio-code-error-connecting-to-server-integrated-basic-ui/84277

Your Environment

• Version used: OH2.4, VSCode 1.39.x, Extension 0.5.6 (latest repo master)
• Operating System and version (desktop or mobile, Windows 10, Raspbian Jessie, ...): Win10/64

[mhilbush]

@Confectrician If you have the ability to set headers in the HTTP request, perhaps you can set the Authorization: header using the Basic authentication scheme.

https://en.wikipedia.org/wiki/Basic_access_authentication

For example

Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l

Where QWxhZGRpbjpPcGVuU2VzYW1l is the base64 encoding of the user id and password. I've done this in Java like this. Unfortunately, I don't know how to do this in VS Code.

new String(Base64.getEncoder().encode(("userId" + ":" + "userPassword").getBytes()),
                StandardCharsets.UTF_8);

[Confectrician]

Hey @mhilbush,

Thanks for jumping in.

I know those auth headers, but theres one problem for now. Currently we are not making any http call ourselfs.

See: https://github.com/openhab/openhab-vscode/blob/master/client/src/WebView/PreviewPanel.ts#L207

Its just an iframe with a generated url in its attribute.

Anyways this is a valid approach we should check, Maybe we could load the empty view and make some call through javascript afterwards, including such a auth header.

We have choosen an iframe on purpose to deliver the whole BasiUI as is and get a dynamic usable UI into vscode. This is especially important, when one wants a previw for some nested Sitemap elements, so i would call the dynamic stuff necessary. Any solution we try should fulfill this requirement.

[mhilbush]

Currently we are not making any http call ourselfs.

Ah, yes, I see. I was worried there might be some obstacles to using auth headers...

[Confectrician]

I will definitely look into this, but as you see that will be no oneliner. I was also already thinking about additional possibilities for those webviews.

[PatrickGlatz]

Hey @Confectrician, did you had a chance to have a look into this issue. Also facing this problem. When commenting out openhab.username and openhab.password, then it is completely working fine. Would be great to hear good news. Thanks in advance, Patrick

[Confectrician]

Nope. I was busy with binding development last time.

[Confectrician]

I have checked some more options for implementing a workaround, but i have found none.

1. I tried to load the page via javscript in background -> For security blocked via same origin poilicy.
2. I tried to just leave out the basic auth to maybe get it to show a login form, but vscode cant handle that too.

So there is no simple solution from my side. Sorry. I am thinking about deactivating the basic ui webview when basic ui is configured or show something like a "sorry doesn't work" page.

Things one could do: Configure a special reverse proxy route for configuration in openHAB

[Confectrician]

Another thing that would be possible, is to introduce a new setting, which will open basic ui preview in browser too.

[JAMESBOWLER]

So to do a preview I use another extention

vscode-browser-preview

Start URI is http://openhabianpi:8080/basicui/app

It runs chrome in a container