oAuth Redirect


#1

Ok i will bite, i have been looking at porting some smartapps from smartthings.

But i am failing after i have built the URL for example for Netatmo using the Cloud API i build the URL below, (I have removed all the keys/guids etc)

https://auth.netatmo.com/checklogin//read_station?client_id=&response_type=code&redirect_uri=https%3A%2F%2Fcloud.hubitat.com%2Fapi%%2Fapps%2F53%3Faccess_token%&state=&scope=read_station&next_url=https%3A%2F%2Fapp.netatmo.net%2Foauth2%2Fauthorize%3Fclient_id%%26response_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fcloud.hubitat.com%252Fapi%252F%252Fapps%252F53%253Faccess_token%253D%26state%3Df%26scope%3Dread_station

the issue is specifically around the Redirect Function that used to exist within smartthings. this would display the Netatmo site and ask for authentication and ask permission for the Application we are sending the client Id for has permissions to access the weatherstation.

now if i copy and paste the url manually into a browser i get the following page displayed

and when i accept it hits the callback page successfully and we can retrieve the token and refreshtoken.

but i can’t see a way to emulate the redirect so i can see the page within the frame of the installation Page. I could rewrite and have the end users write their username and password and force the auth etc… but that’s not the point of oAuth, the we are not supposed see or process the users passwords etc…

so how do we do this when using the Cloud API? what am i missing? there’s no documentation at all about this and cannot figure it out.


CarbonDioxide capability
Netatmo Connect (ported from ST)
Hubitat ST Integration ... request(s) pretty please
#2

bump… anyone?


#3

I don’t think HE can accommodate… radio silence on this is no bueno.


#4

@JDogg016 ah well, fast approaching an unplug and sell on. there’s a few too many issues rearing their heads. although the lack of debugging just like SmartThings will be the death of this platform. i am surprised @patrick has let this issue ride on as this was his biggest complaint with ST Development.

really need a way to attach an active debugger to a smartapps process and allow break points etc…


#5

Netatmo is on our list of integrations, so it will be a built in app as soon as we can get to it. That being said I can offer some suggestions for you.

The redirected page needs to have an endpoint mapped in the app to callback. In the link you have above it doesn’t show a specific location for the redirect to reach within the app itself. You may need to setup a “/callback” mapping that calls a method within the app to receive the tokens.

Also it looks like things are being url-encoded multiple times, which may be perfectly normal in the Netatmo oauth flow, but its something to keep tabs on durning each step.

We are working diligently to create as many integrations as possible.


#6

@coreylista i already have the call back and redirect working from netatmo side back when i take the url. the issue is very specific (its not a url encoding issue). SmartThings have a redirect function for showing this auth page during a smartapps setup. however the Redirect function does not exist on Hubitat.

so what are you supposed to use instead? without equivalent functionality reciprocal oAuth is just not possible.

This one issue is more important IMHO to solve than waiting for you guys to create netatmo functionality as i already have working code bar this single issue. and i have another few integration that also need this to port successfully.


#7

I am not quite sure I understand where the problem is.

Since ST handled almost everything via their mobile app, they needed to direct you to a “fake” (built within the app) mobile webpage to initiate the authentication process. Which in turn would redirect you back to another fake mobile page to collect the tokens, and all that was left was to basically press a “done” button.

If you are already receiving the tokens correctly in the app, then you are being redirected properly and the flow has successfully completed. ST simply faked an HTML page at this point, you can do the same and just have the users go back into their hub to complete the setup process, or have the fake HTML page redirect them to their hub.


#8

@coreylista that wasn’t the case for reciprocal oauth, using the Redirect function you were redirected to the Netatmo page as shown in page above on netatmo and accept the authentication prompt. this was not a fake web page. you guys however have no way to redirect to the actual page which makes reciprocal oauth an issue.


#9

YAY!!! Someone that can express what I am feeling!


#10

I assume you are trying to port over the ST Netatmo Connect app.

ST needed to make a call to the local app first via the “/oauth/initialize” page to then redirect to the oauthInitUrl() method. You do not need to do this part. You can simply call the oauthInitUrl() link directly as the first part of the flow.

href url:oauthInitUrl(), style:"embedded", required:false, title:"Connect to Netatmo", description:description

This should send you directly to the Netatmo login page and let you authenticate. Then redirect you to the “/oauth/callback” link in your app. This is where you will receive the code needed to make the last “authorization_code” call to Netatmo to receive the tokens.

Also the “redirect” function is not needed. Simply return the string value of the URL

return "${getVendorAuthPath()}${toQueryString(oauthParams)}"

#11

ok i will take a look tomorrow. thanks for your feedback


#12

Any sort of luck?


#13

Not yet. Work and then life got in the way. Haven't had a chance to relook at it yet


#14

@JDogg016 ok i have a working setup, but its still clunky as hell.

so first off when you are entering the Client ID and Client Secret, after entering the client secret, you need to click away from the box before clicking the Connect to Netatmo section to authorize. the screen will flicker as soon as you do this, then you can click the section otherwise you will receive an invalid_client error

The other main issue is that i run through the oauth successfully, but Hubitat only support the style:embedded for the page and not external. and i also cannot feed back into another dynamic page as it only shows as text. so at this moment if you close the Netatmo is connected to Hubitat webpage and go back into hubitat and choose to install the application again it will now show it has authorisation and can then list devices.

once installed everything looks to work fine, i just need to work more and figure out how best to improve the flow. but the main thing is that it works.

remember first to register an app with netatmo on your account under https://dev.netatmo.com to get a client id and secret

the app is here:

all the device handlers are here:

this version includes also the wind sensor.

let me know how you get on.


#15

You did it! Installation was a breeze... I would make sure the HE team knows of this integration.


#16

@mike.maxwell @Fuzzyligic did a phenomenal job and integrated Netatmo into HE.

Question: The devices such as wind and rain have differing attributes. Is there a way to enable them in RM


#17

differing from what?


#18

@mike.maxwell i think he means that they have custom attributes, SmartThings didn't introduce official capabilities for Rain or Wind Sensors. so maybe if Hubitat is eventually going to diverge from the ST maybe these could be added in the future.

but i suppose that is a larger architectural decision for the platform.


#19

Yes, capability/attribute extensions are simple for us to accommodate, there's a pile of them we could use, it's more of a resource constraint vs a technical one...


#20

Any help you can offer would be great!