Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[boschindego] Implement OAuth2 authorization #14745

Merged
merged 7 commits into from
Apr 15, 2023

Conversation

jlaur
Copy link
Contributor

@jlaur jlaur commented Apr 4, 2023

On March 1st 2023 Bosch migrated to central Bosch ID accounts. This has two direct consequences for the binding:

  • The previous authentication mechanism has been replaced by OAuth2.
  • Multiple mowers can now be assigned to the same Bosch ID account.

This pull request:

  • Partially implements the OAuth2 authorization flow.
  • Introduces a bridge to represent the API account holding OAuth2.
  • Introduces discovery of devices.
  • Requires each device to carry serial number configuration, where previously each device would have its own account.

Some manual steps are needed for upgrading:

  • A bridge thing must be created.
  • The device thing must have this bridge assigned and a serial number configured (already available as property).
  • A console command must be executed to complete the OAuth authorization flow.

Keep in mind though that the binding has been fully broken since March 1st.

I'm still trying to find a (user-friendly) way to retrieve the OAuth2 authorization code. This seems difficult, at least for me. Therefore I'm publishing this PR as a first step to get the binding to work again.

The problem yet unresolved is the use of a client id extracted from the Android app with a hardcoded redirect URL "com.bosch.indegoconnect://login/?code=XXXXXXXX".

Testing:

Fixes #14536

@jlaur jlaur force-pushed the 14536-boschindego-oauth2 branch from 709671a to 9acd276 Compare April 4, 2023 13:56
@jlaur jlaur added the enhancement An enhancement or new feature for an existing add-on label Apr 4, 2023
@jlaur jlaur force-pushed the 14536-boschindego-oauth2 branch from 9acd276 to f00020f Compare April 4, 2023 19:40
Signed-off-by: Jacob Laursen <jacob-github@vindvejr.dk>
@jlaur jlaur force-pushed the 14536-boschindego-oauth2 branch 2 times, most recently from 4c064d3 to e3f8062 Compare April 6, 2023 19:28
@jlaur jlaur marked this pull request as ready for review April 6, 2023 19:45
@jlaur jlaur requested a review from jofleck as a code owner April 6, 2023 19:45
@jlaur jlaur force-pushed the 14536-boschindego-oauth2 branch 3 times, most recently from db85956 to fe96ed6 Compare April 6, 2023 20:13
@jlaur jlaur requested a review from a team April 7, 2023 09:16
@jlaur
Copy link
Contributor Author

jlaur commented Apr 7, 2023

@openhab/add-ons-maintainers, if this PR would be reviewed and completed during the Easter, I should be able to quickly backport it to 3.4.x so it could be included in 3.4.3.

Signed-off-by: Jacob Laursen <jacob-github@vindvejr.dk>
@jlaur jlaur force-pushed the 14536-boschindego-oauth2 branch from fe96ed6 to d4e9968 Compare April 8, 2023 18:52
Signed-off-by: Jacob Laursen <jacob-github@vindvejr.dk>
@jlaur
Copy link
Contributor Author

jlaur commented Apr 14, 2023

My mower has been authenticated for more than a week now without any issues. I don't have any plans for the near future to improve the cumbersome authorization flow described in the README.

@jlaur
Copy link
Contributor Author

jlaur commented Apr 14, 2023

@openhab/add-ons-maintainers - since the binding is currently broken by cloud changes, please consider this PR for the upcoming milestone.

Copy link
Member

@wborn wborn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for making it working again! I only have a few minor comments.

jlaur added 4 commits April 15, 2023 09:22
Signed-off-by: Jacob Laursen <jacob-github@vindvejr.dk>
Signed-off-by: Jacob Laursen <jacob-github@vindvejr.dk>
Signed-off-by: Jacob Laursen <jacob-github@vindvejr.dk>
Signed-off-by: Jacob Laursen <jacob-github@vindvejr.dk>
@jlaur
Copy link
Contributor Author

jlaur commented Apr 15, 2023

@wborn - thanks for reviewing this. I have addressed your comments.

Copy link
Member

@wborn wborn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very good! 👍

@wborn wborn merged commit 20f306f into openhab:main Apr 15, 2023
@wborn wborn added this to the 4.0 milestone Apr 15, 2023
@wborn
Copy link
Member

wborn commented Apr 15, 2023

Now you can also create a PR to add an upgrade notice. 😉

@BillGOH
Copy link

BillGOH commented Apr 15, 2023

@jlaur Thank you for your great work! First tests look very good.

FordPrfkt pushed a commit to FordPrfkt/openhab-addons that referenced this pull request Apr 20, 2023
Signed-off-by: Jacob Laursen <jacob-github@vindvejr.dk>
@jlaur jlaur deleted the 14536-boschindego-oauth2 branch April 29, 2023 09:39
@jlaur jlaur added the critical label May 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
critical enhancement An enhancement or new feature for an existing add-on (potentially) not backward compatible
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[boschindego] Broken since cloud upgrade
3 participants