[netatmo] Make OAuth2 token refresh RFC compliant #14548
Conversation
clinique
added
enhancement
|
Thanks, I will give it a test run. Has textual configuration been considered? |
You're correct. Textual configuration could be a real challenge because we can't override the stored configuration - so I think I should move the refreshToken to properties instead of configuration. |
Can you always reauthenticate from clientId and clientSecret to get new access and refresh token? I'm wondering if we even need a property. I guess the advantage is that we don't need to get new token when restarting openHAB/binding, but besides that we could just keep the refresh token in memory? |
That would mean we have to re-authenticate each time we restart OH ! |
|
The best solution would be really to use the oAuth2 client implementation from the core framework. |
|
If you can't use the OH oAuth2 client, I would then like that you store your token data in a file in folder userdata/netatmo. |
Ok but why not in properties ? |
|
Because thing properties are lost when you restart OH when your thing is defined in a things file. If you need to persist something (a token( in a file to survive and be re-used after a OH restart or upgrade, do not consider the thing properties option. |
Valid. Did not think to that. Thanks, you're there ! |
|
@clinique : there is a conflict to fix before the merge. |
|
I have resolved the conflict directly online. This conflict is weird, but git may have some mysteries. |
Conflict still mentioned on file ApiBridgeHandler.java. |
Understood why in the meantime, it's due to the merge of CO detector, I need to rebase and force push |
If these two PR's conflict, we cannot cherry-pick into the 3.4.x branch, but will instead have to create a new branch tailored for that, i.e. at PR targeting 3.4.x. |
Signed-off-by: clinique <gael@lhopital.org>
Signed-off-by: clinique <gael@lhopital.org>
…file based configuration). Differed activation of the grantServlet only when refresh token is needed. Signed-off-by: clinique <gael@lhopital.org>
Signed-off-by: clinique <gael@lhopital.org>
Signed-off-by: clinique <gael@lhopital.org>
clinique
force-pushed
the
netatmo_oauth_14546
branch
from
c11b8d7 to
15479cb
Compare
|
@clinique: tests are OK for me. |
lolodomo
removed
the
additional testing preferred
|
This change also simplified the process for users using config files. I am asking myself if we should document where are stored the token files ? |
|
And thank you @clinique for providing that change so quickly. |
|
You're welcome. I'll add a note in the README |
|
Just to understand, does it mean that if you stop your OH server more than 3 hours, you will have to go through the authorization process when restarting OH ? |
|
Hopefully not - I wondered the same reading the oAuth documentation. I hope they refresh with the last provided token, or else, it is the end of this binding. It's a bit hard to predict because the new refreshing refresh token is not in place currently. |
|
I had this fear and you reactivated it. I opened a question on the Netatmo forum. Everything lies in the way to understand this : When refreshing tokens, Access Token and Refresh Token will be automatically renewed and former tokens invalidated. |
|
I assume you are storing the updated refresh token in the new file. |
|
You assume correctly, and I read it also the way you do. |
|
Yes, a distinct PR has to be created for 3.4.x - I will try to find time to produce it. |
Signed-off-by: clinique <gael@lhopital.org>
jlaur
changed the title
* Cherry picking PR #14548 in branch 3.4.x * Correcting wrong syntax Signed-off-by: clinique <gael@lhopital.org>
kaikreuzer
added
patch
…14548) * Modification of the tokenRefresh handling process * Storing refreshToken in userdata/netatmo --------- Signed-off-by: clinique <gael@lhopital.org>
…14548) * Modification of the tokenRefresh handling process * Storing refreshToken in userdata/netatmo --------- Signed-off-by: clinique <gael@lhopital.org>
Resolves #14546