homebridge-melcloud-control 4.0.0-beta.374 → 4.0.0-beta.375

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "displayName": "MELCloud Control",
3
3
  "name": "homebridge-melcloud-control",
4
- "version": "4.0.0-beta.374",
4
+ "version": "4.0.0-beta.375",
5
5
  "description": "Homebridge plugin to control Mitsubishi Air Conditioner, Heat Pump and Energy Recovery Ventilation.",
6
6
  "license": "MIT",
7
7
  "author": "grzegorz914",
@@ -1,6 +1,8 @@
1
1
  import axios from 'axios';
2
2
  import crypto from 'crypto';
3
3
  import { JSDOM } from 'jsdom';
4
+ import { wrapper } from 'axios-cookiejar-support';
5
+ import { CookieJar } from 'tough-cookie';
4
6
  import EventEmitter from 'events';
5
7
 
6
8
  const MOBILE_USER_AGENT = 'MonitorAndControl.App.Mobile/35 CFNetwork/3860.100.1 Darwin/25.0.0';
@@ -17,7 +19,14 @@ class MelCloudHomeToken extends EventEmitter {
17
19
  this.passwd = config.passwd;
18
20
  this.logWarn = config.logWarn;
19
21
  this.logError = config.logError;
20
- this.axiosInstance = axios.create({ headers: { 'User-Agent': MOBILE_USER_AGENT } });
22
+
23
+ const jar = new CookieJar();
24
+ this.axiosInstance = wrapper(axios.create({
25
+ headers: { 'User-Agent': MOBILE_USER_AGENT },
26
+ jar,
27
+ withCredentials: true,
28
+ maxRedirects: 0,
29
+ }));
21
30
  }
22
31
 
23
32
  generatePKCE() {
@@ -27,190 +36,80 @@ class MelCloudHomeToken extends EventEmitter {
27
36
  }
28
37
 
29
38
  generateState() {
30
- return crypto.randomBytes(32).toString('hex');
39
+ return crypto.randomBytes(16).toString('hex');
31
40
  }
32
41
 
33
42
  async getLoginPage(authUrl) {
34
- const res = await this.axiosInstance.get(authUrl, { maxRedirects: 10 });
43
+ const res = await this.axiosInstance.get(authUrl);
35
44
  return { url: res.request.res.responseUrl };
36
45
  }
37
46
 
38
- async extractCodeFromHtml(html, cookies = '') {
39
- try {
40
- // Code w URL
41
- const urlMatch = html.match(/[?&]code=([^&]+)/);
42
- if (urlMatch) {
43
- return urlMatch[1];
44
- }
45
-
46
- // Hidden form (form_post)
47
- const formCodeMatch = html.match(/name="code"\s+value="([^"]+)"/);
48
- const formStateMatch = html.match(/name="state"\s+value="([^"]+)"/);
49
- const formActionMatch = html.match(/action="([^"]+)"/);
50
-
51
- if (formCodeMatch && formStateMatch && formActionMatch) {
52
- const code = await this.submitFormPost(
53
- formActionMatch[1],
54
- formCodeMatch[1],
55
- formStateMatch[1],
56
- cookies
57
- );
58
- return code;
59
- }
60
-
61
- // melcloudhome:// w body
62
- const bodyCodeMatch = html.match(/melcloudhome:\/\/[^"'\s]*[?&]code=([^&"'\s]+)/);
63
- if (bodyCodeMatch) {
64
- return bodyCodeMatch[1];
65
- }
66
-
67
- // data-url (np. z błędnej strony 500)
68
- const dataUrlMatch = html.match(/data-url="[^"]*code=([^&"']+)/);
69
- if (dataUrlMatch) {
70
- return dataUrlMatch[1];
71
- }
72
-
73
- console.warn('Authorization code not found in HTML response');
74
- return null;
75
- } catch (err) {
76
- console.error('extractCodeFromHtml error:', err);
77
- return null;
78
- }
79
- }
80
-
81
47
  async getTokens(code, codeVerifier) {
82
- try {
83
- const tokenData = new URLSearchParams({
84
- grant_type: 'authorization_code',
85
- code,
86
- redirect_uri: REDIRECT_URI,
87
- client_id: CLIENT_ID,
88
- code_verifier: codeVerifier,
89
- });
48
+ const tokenData = new URLSearchParams({
49
+ grant_type: 'authorization_code',
50
+ code,
51
+ redirect_uri: REDIRECT_URI,
52
+ client_id: CLIENT_ID,
53
+ code_verifier: codeVerifier,
54
+ });
90
55
 
91
- const response = await this.axiosInstance.post(
56
+ try {
57
+ const res = await this.axiosInstance.post(
92
58
  TOKEN_ENDPOINT,
93
59
  tokenData.toString(),
94
- {
95
- headers: {
96
- 'Content-Type': 'application/x-www-form-urlencoded',
97
- 'Authorization': 'Basic aG9tZW1vYmlsZTo=', // optional, Cognito may ignore
98
- },
99
- }
60
+ { headers: { 'Content-Type': 'application/x-www-form-urlencoded' } }
100
61
  );
101
62
 
102
- this.emit('warn', `Token response: ${JSON.stringify(response.data)}`);
103
- return response.data;
104
-
63
+ this.emit('warn', `Tokens: ${JSON.stringify(res.data)}`);
64
+ return res.data;
105
65
  } catch (error) {
106
- throw new Error(`Failed to obtain OAuth token: ${error.response?.data || error.message}`);
66
+ throw new Error(`Token request failed: ${error.response?.data || error.message}`);
107
67
  }
108
68
  }
109
69
 
110
-
111
70
  async loginToMelCloudHome(url) {
112
- try {
113
- // Step 1: Pobierz stronę logowania
114
- const getResp = await this.axiosInstance.get(url, {
115
- headers: { 'Accept': 'text/html' },
116
- withCredentials: true,
117
- });
118
-
119
- const cookies = (getResp.headers['set-cookie'] || []).map(c => c.split(';')[0]).join('; ');
120
- const dom = new JSDOM(getResp.data);
121
- const csrf = dom.window.document.querySelector('input[name="_csrf"]')?.value;
122
-
123
- if (!csrf) {
124
- this.emit('warn', `CSRF token not found`);
125
- return null;
126
- }
127
-
128
- // Step 2: Przygotuj dane logowania
129
- const formData = new URLSearchParams({
130
- _csrf: csrf,
131
- username: this.user,
132
- password: this.passwd,
71
+ const resp = await this.axiosInstance.get(url);
72
+ const dom = new JSDOM(resp.data);
73
+ const csrf = dom.window.document.querySelector('input[name="_csrf"]')?.value;
74
+ if (!csrf) throw new Error('No CSRF token found');
75
+
76
+ const formData = new URLSearchParams({
77
+ _csrf: csrf,
78
+ username: this.user,
79
+ password: this.passwd,
80
+ });
81
+
82
+ let next = url;
83
+ for (let i = 0; i < 10 && next; i++) {
84
+ const res = await this.axiosInstance.post(next, formData.toString(), {
85
+ headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
86
+ validateStatus: s => [200, 302].includes(s),
133
87
  });
134
88
 
135
- // Step 3: Wyślij login POST
136
- const postResp = await this.axiosInstance.post(
137
- url,
138
- formData.toString(),
139
- {
140
- headers: {
141
- 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
142
- 'Content-Type': 'application/x-www-form-urlencoded',
143
- 'Cookie': cookies,
144
- 'Origin': 'https://live-melcloudhome.auth.eu-west-1.amazoncognito.com',
145
- 'Referer': url,
146
- },
147
- maxRedirects: 0, // kontrolujmy redirecty ręcznie
148
- validateStatus: s => [200, 302, 400].includes(s),
149
- }
150
- );
151
-
152
- if (postResp.status === 400) {
153
- this.emit('warn', `Login failed: ${postResp.data}`);
154
- return null;
155
- }
156
-
157
- let redirectUrl = postResp.headers.location;
158
- let cookieChain = cookies;
159
-
160
- // Step 4: Podążaj za przekierowaniami
161
- for (let i = 0; i < 5 && redirectUrl; i++) {
162
- const redirectResp = await this.axiosInstance.get(redirectUrl, {
163
- headers: { 'Cookie': cookieChain },
164
- maxRedirects: 0,
165
- validateStatus: s => [200, 302].includes(s),
166
- });
167
-
168
- // aktualizuj cookies
169
- const newCookies = redirectResp.headers['set-cookie'] || [];
170
- if (newCookies.length) {
171
- cookieChain += '; ' + newCookies.map(c => c.split(';')[0]).join('; ');
172
- }
173
-
174
- redirectUrl = redirectResp.headers.location;
175
-
176
- if (redirectUrl && redirectUrl.includes('code=')) {
177
- const match = redirectUrl.match(/[?&]code=([^&]+)/);
178
- if (match) {
179
- const code = match[1];
180
- this.emit('warn', `Authorization code obtained: ${code}`);
181
- return code;
182
- }
183
- }
89
+ next = res.headers.location;
90
+ if (next && next.includes('code=')) {
91
+ const code = new URL(next).searchParams.get('code');
92
+ this.emit('warn', `Code found: ${code}`);
93
+ return code;
184
94
  }
185
-
186
- this.emit('warn', 'Login flow finished, but no code found');
187
- return null;
188
-
189
- } catch (error) {
190
- throw new Error(`Login to MELCloud Home error: ${error.message}`);
191
95
  }
96
+ throw new Error('Authorization code not found');
192
97
  }
193
98
 
194
-
195
99
  async buildAuthorizeUrl() {
196
- try {
197
- const pkce = this.generatePKCE();
198
- const state = this.generateState();
199
- const authUrl = new URL(AUTHORIZE_ENDPOINT);
200
- authUrl.searchParams.set('client_id', CLIENT_ID);
201
- authUrl.searchParams.set('redirect_uri', REDIRECT_URI);
202
- authUrl.searchParams.set('response_type', 'code');
203
- authUrl.searchParams.set('scope', SCOPE);
204
- authUrl.searchParams.set('code_challenge', pkce.challenge);
205
- authUrl.searchParams.set('code_challenge_method', 'S256');
206
- authUrl.searchParams.set('state', state);
207
-
208
- const loginPage = await this.getLoginPage(authUrl.toString());
209
- const data = { codeVerifier: pkce.verifier, url: loginPage.url }
210
- return data;
211
- } catch (error) {
212
- throw new Error(`Failed to obtain OAuth link: ${error}`);
213
- }
100
+ const pkce = this.generatePKCE();
101
+ const state = this.generateState();
102
+ const authUrl = new URL(AUTHORIZE_ENDPOINT);
103
+ authUrl.searchParams.set('client_id', CLIENT_ID);
104
+ authUrl.searchParams.set('redirect_uri', REDIRECT_URI);
105
+ authUrl.searchParams.set('response_type', 'code');
106
+ authUrl.searchParams.set('scope', SCOPE);
107
+ authUrl.searchParams.set('code_challenge', pkce.challenge);
108
+ authUrl.searchParams.set('code_challenge_method', 'S256');
109
+ authUrl.searchParams.set('state', state);
110
+
111
+ const loginPage = await this.getLoginPage(authUrl.toString());
112
+ return { codeVerifier: pkce.verifier, url: loginPage.url };
214
113
  }
215
114
  }
216
115
 
@@ -220,3 +119,4 @@ export default MelCloudHomeToken;
220
119
 
221
120
 
222
121
 
122
+