[RELEASE] Google SDM API - Nest integration

Google SDM API is an app with coordinating drivers for monitoring and controlling Nest devices from Hubitat Elevation.

GitHub repo:

CHANGES.md file lists changes in each release

Some discussion of initial issues in early development is in this thread: Nest Developer access now live

Upgrades from v0.x.y to version 1.0.0 and above:

43 Likes

@lpakula I added a Force Refresh Token button on the App page, and a corresponding log to confirm the authorized scopes. Maybe this will help shed light on your 403 error for the event subscription?

@Royski managed to resolve his problem -- maybe he can shed some light on the specific knobs he wiggled? :joystick:

1 Like

Hmmm.. Refresh token works fine, subscribe still tosses the no data error.

Does the new Authorization scopes: debug log confirm both scopes are assigned to the token?

When I click the button I only see this:
DEBUG: Authorized scopes: https://www.googleapis.com/auth/sdm.service

Ok -- looks like the pubsub scope got left off when you did the initial OAuth2 with google.

Try it again, making sure that the URL you put in your browser matches this:

https://nestservices.google.com/partnerconnections/{{projectId}}/auth?redirect_uri=https://www.google.com&access_type=offline&prompt=consent&client_id={{client_id}}&response_type=code&scope=https://www.googleapis.com/auth/sdm.service https://www.googleapis.com/auth/pubsub

Note the sdm.service and pubsub urls at the end, separated by a space.

Thanks for starting this!

A suggestion...for the less technical amongst us (i.e., moi) could you include something about "Nest integration" in your thread title...will help folks searching for info on Google/Nest integration to find this important option.

4 Likes

Yeah, this is what got me I think. Not sure about the space, so I set to one line, made sure the space between https://nestservices.google.com/partnerconnections/{{projectId}}/auth?redirect_uri=https://www.google.com&access_type=offline&prompt=consent&client_id={{client_id}}&response_type=code&scope=https://www.googleapis.com/auth/sdm.service and https://www.googleapis.com/auth/pubsub existed.
Then got the Code again.

I did delete the app and device too, and re-installed those too. Not sure if this helped or not, but just wanted a clean start.

Ok, I see what happened. I clearly read "there is two links" in the readme, but when I copied it into notepad++ to add in the IDs, the "double click" misses the second.

I deleted the app, devices, and re-did the authorization, and now it shows properly as two links.

Now it's not a 403 error, it's a 409 error. This sounds more like google needs to sync in the background now. I'll let it "rest" overnight and check in the morning.

I do appreciate all the help!

2 Likes

Yeah, would be nice if google accepted a comma-delimited list or something... I guess it would probably work with %20 to make it a continuous string.

The 409 is a conflict with an existing subscription. May need to delete the app (which will delete the subscription) and re-install once more.

1 Like

Just to clarify, is it possible to click the "subscribe to events" more than once? When I removed/reinstalled, I received no errors. Only when I manually triggered the button do I see that.

Aha. The subscription is automatically triggered when you click Authorize (and it logs in successfully). It isn't required as a separate step unless something fails. But when you clicked the button, it probably overwrote the HE accessToken that is in the current subscription (need to fix that part). The alternative would be to delete the subscription using a client like postman - then re-trigger it in HE

1 Like

Yes, that makes 110% sense now. I deleted the app, re-installed it (and didn't click the subscribe) and it works perfect. Thanks for the insight!

Now if I fiddle with the temp on my nest display, I see the state variable instantly change in the thermostat device screen.

2 Likes

I think I'm missing something, I think I got it setup correctly and got the correct code but it's not finding any devices still at all.

Excited to get this working, but technically challenged ! When I'm GCP and creating a OAuth client ID, it asks me for an Application Type. What should I be using?

@bfara83 The logs you posted indicate Authorization failed -- hopefully your deleted post is an indication that things are now working?

@karnik.abhijeet You want to select "Web application" for this field.

Thanks. Got past that. What did I miss here
image

What should the redirect URI be? Is this when we are creating the OAuth?

HI- I know the process is a little confusing, and it seems like there are multiple ways to accomplish this, but I think the simplest way is after you register for device access, go back to Get Started  |  Device Access  |  Google Developers and click on the blue "Enable the API and get an OAuth 2.0 Client ID" and follow the directions immediately above that blue button... Get Started  |  Device Access  |  Google Developers

Access to the SDM API is provided through GCP. To enable the API and authorize a Google account with a supported Nest device, you'll need a GCP project.

Use the Enable the API and get an OAuth 2.0 Client ID button below to enable the Smart Device Management API and get an OAuth 2.0 Client ID:

  1. If you have an existing GCP project that you would like to use for Device Access, make sure you are logged into the admin account for that project first. Then select the existing project from the list of available projects after clicking the button. Otherwise, create a new project.
  2. Select Web Server when it asks "Where are you calling from?".
  3. Enter https://www.google.com as the value for Authorized redirect URIs . A redirect URI is required to obtain an Authorization Code using Partner Connections Manager (PCM).
  4. Once setup is complete, copy the OAuth 2.0 Client ID and Client Secret values, and download the Credentials JSON to your local machine .
6 Likes

Not yet, not too sure what I did wrong still. Won't be home till later to try again.

Got a Bad Request (400) on the token request -- I'm guessing one or more characters got missed in the copy/paste of the authorization code from the google redirect url.

I'm still thinking on how to make this more seamless -- e.g. link from App to Google, allow access, then redirect back to App (providing the code directly) - but haven't found the right sequence/set of attributes to make that work yet.