homebridge-melcloud-control 4.0.0-beta.407 → 4.0.0-beta.409
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/melcloud.js +6 -6
- package/src/melcloudhometoken.js +179 -155
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"displayName": "MELCloud Control",
|
|
3
3
|
"name": "homebridge-melcloud-control",
|
|
4
|
-
"version": "4.0.0-beta.
|
|
4
|
+
"version": "4.0.0-beta.409",
|
|
5
5
|
"description": "Homebridge plugin to control Mitsubishi Air Conditioner, Heat Pump and Energy Recovery Ventilation.",
|
|
6
6
|
"license": "MIT",
|
|
7
7
|
"author": "grzegorz914",
|
package/src/melcloud.js
CHANGED
|
@@ -277,7 +277,7 @@ class MelCloud extends EventEmitter {
|
|
|
277
277
|
}
|
|
278
278
|
}
|
|
279
279
|
|
|
280
|
-
async
|
|
280
|
+
async connectToMelCloudHome1() {
|
|
281
281
|
try {
|
|
282
282
|
const melCloudHomeToken = new MelCloudHomeToken({
|
|
283
283
|
user: this.user,
|
|
@@ -289,11 +289,11 @@ class MelCloud extends EventEmitter {
|
|
|
289
289
|
.on('warn', warn => this.emit('warn', warn))
|
|
290
290
|
.on('error', error => this.emit('error', error));
|
|
291
291
|
|
|
292
|
-
|
|
293
|
-
|
|
294
|
-
const token = await melCloudHomeToken.getTokens(
|
|
292
|
+
const { codeVerifier, url } = await melCloudHomeToken.buildAuthorizeUrl();
|
|
293
|
+
const code = await melCloudHomeToken.loginToMelCloudHome(url);
|
|
294
|
+
const token = await melCloudHomeToken.getTokens(code, codeVerifier);
|
|
295
295
|
|
|
296
|
-
const accountInfo = { ContextKey:
|
|
296
|
+
const accountInfo = { ContextKey: code, UseFahrenheit: false };
|
|
297
297
|
this.contextKey = code;
|
|
298
298
|
|
|
299
299
|
return accountInfo
|
|
@@ -302,7 +302,7 @@ class MelCloud extends EventEmitter {
|
|
|
302
302
|
}
|
|
303
303
|
}
|
|
304
304
|
|
|
305
|
-
async
|
|
305
|
+
async connectToMelCloudHome(refresh = false) {
|
|
306
306
|
if (this.logDebug) this.emit('debug', `Connecting to MELCloud Home`);
|
|
307
307
|
|
|
308
308
|
let browser;
|
package/src/melcloudhometoken.js
CHANGED
|
@@ -1,203 +1,227 @@
|
|
|
1
1
|
import axios from 'axios';
|
|
2
2
|
import crypto from 'crypto';
|
|
3
|
-
import { CookieJar } from 'tough-cookie';
|
|
4
3
|
import { wrapper } from 'axios-cookiejar-support';
|
|
4
|
+
import { CookieJar } from 'tough-cookie';
|
|
5
|
+
import { JSDOM } from 'jsdom';
|
|
5
6
|
import EventEmitter from 'events';
|
|
6
7
|
|
|
7
8
|
const MOBILE_USER_AGENT = 'MonitorAndControl.App.Mobile/35 CFNetwork/3860.100.1 Darwin/25.0.0';
|
|
8
9
|
const CLIENT_ID = 'homemobile';
|
|
9
10
|
const REDIRECT_URI = 'melcloudhome://';
|
|
10
|
-
const SCOPE = 'openid profile email';
|
|
11
|
-
const
|
|
12
|
-
const
|
|
13
|
-
const AUTHORIZE_URL = `${AUTH_BASE}/login?`;
|
|
11
|
+
const SCOPE = 'openid profile email offline_access IdentityServerApi';
|
|
12
|
+
const TOKEN_ENDPOINT = 'https://auth.melcloudhome.com/connect/token';
|
|
13
|
+
const AUTHORIZE_ENDPOINT = 'https://auth.melcloudhome.com/connect/authorize';
|
|
14
14
|
|
|
15
15
|
class MelCloudHomeToken extends EventEmitter {
|
|
16
|
-
constructor() {
|
|
16
|
+
constructor(config) {
|
|
17
17
|
super();
|
|
18
|
-
this.
|
|
19
|
-
this.
|
|
18
|
+
this.user = config.user;
|
|
19
|
+
this.passwd = config.passwd;
|
|
20
|
+
this.logWarn = config.logWarn;
|
|
21
|
+
this.logError = config.logError;
|
|
22
|
+
|
|
23
|
+
const jar = new CookieJar();
|
|
24
|
+
this.client = wrapper(axios.create({ jar, withCredentials: true }));
|
|
25
|
+
this.client.defaults.headers['User-Agent'] = MOBILE_USER_AGENT;
|
|
20
26
|
}
|
|
21
27
|
|
|
22
|
-
|
|
23
|
-
_generatePkcePair() {
|
|
28
|
+
generatePKCE() {
|
|
24
29
|
const verifier = crypto.randomBytes(32).toString('base64url');
|
|
25
|
-
const challenge = crypto
|
|
26
|
-
.createHash('sha256')
|
|
27
|
-
.update(verifier)
|
|
28
|
-
.digest('base64url');
|
|
30
|
+
const challenge = crypto.createHash('sha256').update(verifier).digest('base64url');
|
|
29
31
|
return { verifier, challenge };
|
|
30
32
|
}
|
|
31
33
|
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
if (typeof html !== 'string') return null;
|
|
35
|
-
const match = html.match(/name=['"]_csrf['"][^>]*value=['"]([^'"]+)['"]/i);
|
|
36
|
-
return match ? match[1] : null;
|
|
34
|
+
generateState() {
|
|
35
|
+
return crypto.randomBytes(32).toString('hex');
|
|
37
36
|
}
|
|
38
37
|
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
const
|
|
42
|
-
const resp = await this.http.get(url, {
|
|
43
|
-
headers: {
|
|
44
|
-
'User-Agent': MOBILE_USER_AGENT,
|
|
45
|
-
Accept:
|
|
46
|
-
'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
|
|
47
|
-
Cookie: cookies,
|
|
48
|
-
},
|
|
49
|
-
maxRedirects: 0,
|
|
50
|
-
validateStatus: () => true,
|
|
51
|
-
responseType: 'text',
|
|
52
|
-
transformResponse: [(d) => d],
|
|
53
|
-
});
|
|
38
|
+
async buildAuthorizeUrl() {
|
|
39
|
+
const pkce = this.generatePKCE();
|
|
40
|
+
const state = this.generateState();
|
|
54
41
|
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
// Follow redirect manually
|
|
65
|
-
if (
|
|
66
|
-
resp.status >= 300 &&
|
|
67
|
-
resp.status < 400 &&
|
|
68
|
-
resp.headers.location &&
|
|
69
|
-
depth < 5
|
|
70
|
-
) {
|
|
71
|
-
const nextUrl = new URL(resp.headers.location, url).href;
|
|
72
|
-
console.log(`[OAuth] Redirect → ${nextUrl}`);
|
|
73
|
-
return this._get(nextUrl, depth + 1);
|
|
74
|
-
}
|
|
42
|
+
const authUrl = new URL(AUTHORIZE_ENDPOINT);
|
|
43
|
+
authUrl.searchParams.set('client_id', CLIENT_ID);
|
|
44
|
+
authUrl.searchParams.set('redirect_uri', REDIRECT_URI);
|
|
45
|
+
authUrl.searchParams.set('response_type', 'code');
|
|
46
|
+
authUrl.searchParams.set('scope', SCOPE);
|
|
47
|
+
authUrl.searchParams.set('code_challenge', pkce.challenge);
|
|
48
|
+
authUrl.searchParams.set('code_challenge_method', 'S256');
|
|
49
|
+
authUrl.searchParams.set('state', state);
|
|
75
50
|
|
|
76
|
-
return
|
|
51
|
+
return { url: authUrl.toString(), codeVerifier: pkce.verifier };
|
|
77
52
|
}
|
|
78
53
|
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
await Promise.all(
|
|
97
|
-
resp.headers['set-cookie'].map((c) =>
|
|
98
|
-
this.cookieJar.setCookie(c, url)
|
|
99
|
-
)
|
|
100
|
-
);
|
|
101
|
-
}
|
|
102
|
-
|
|
103
|
-
return resp;
|
|
104
|
-
}
|
|
54
|
+
async loginToMelCloudHome(authUrl) {
|
|
55
|
+
try {
|
|
56
|
+
const getResp = await this.client.get(authUrl, { headers: { 'Accept': 'text/html' } });
|
|
57
|
+
const cookies = getResp.headers['set-cookie'] || [];
|
|
58
|
+
const dom = new JSDOM(getResp.data);
|
|
59
|
+
const csrf = dom.window.document.querySelector('input[name="_csrf"]')?.value;
|
|
60
|
+
|
|
61
|
+
if (!csrf) {
|
|
62
|
+
this.emit('warn', 'CSRF token not found');
|
|
63
|
+
return null;
|
|
64
|
+
}
|
|
65
|
+
|
|
66
|
+
const formData = new URLSearchParams({
|
|
67
|
+
_csrf: csrf,
|
|
68
|
+
username: this.user,
|
|
69
|
+
password: this.passwd
|
|
70
|
+
});
|
|
105
71
|
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
code_challenge_method: 'S256',
|
|
72
|
+
const response = await this.client.post(authUrl, formData.toString(), {
|
|
73
|
+
headers: {
|
|
74
|
+
'User-Agent': MOBILE_USER_AGENT,
|
|
75
|
+
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
|
|
76
|
+
'Accept-Language': 'en-US,en;q=0.9',
|
|
77
|
+
'Content-Type': 'application/x-www-form-urlencoded',
|
|
78
|
+
'Content-Length': formData.toString().length,
|
|
79
|
+
'Cookie': cookies.join('; '),
|
|
80
|
+
'Origin': 'https://live-melcloudhome.auth.eu-west-1.amazoncognito.com',
|
|
81
|
+
'Referer': authUrl
|
|
82
|
+
},
|
|
83
|
+
maxRedirects: 0,
|
|
84
|
+
validateStatus: status => [200, 302, 400].includes(status)
|
|
120
85
|
});
|
|
121
86
|
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
87
|
+
if (response.status === 400) {
|
|
88
|
+
this.emit('warn', `Login failed: ${response.data}`);
|
|
89
|
+
return null;
|
|
90
|
+
}
|
|
91
|
+
|
|
92
|
+
// Extract authorization code
|
|
93
|
+
const code = await this.extractCodeFromResponse(
|
|
94
|
+
response.data,
|
|
95
|
+
response.headers,
|
|
96
|
+
async (url) => {
|
|
97
|
+
const r = await this.client.get(url, {
|
|
98
|
+
maxRedirects: 0,
|
|
99
|
+
validateStatus: status => [200, 302, 303].includes(status)
|
|
100
|
+
});
|
|
101
|
+
return this.extractCodeFromResponse(r.data, r.headers, async u => this.extractCodeFromResponse(r.data, r.headers, u));
|
|
102
|
+
}
|
|
103
|
+
);
|
|
129
104
|
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
if (!csrf) {
|
|
133
|
-
console.error('[OAuth] ❌ Cannot find CSRF token!');
|
|
134
|
-
console.log(resp.data.substring(0, 400));
|
|
135
|
-
throw new Error('Cannot find CSRF token');
|
|
136
|
-
}
|
|
105
|
+
if (code) this.emit('warn', `Authorization code obtained: ${code}`);
|
|
106
|
+
return code || null;
|
|
137
107
|
|
|
138
|
-
|
|
108
|
+
} catch (err) {
|
|
109
|
+
this.emit('warn', `loginToMelCloudHome error: ${err}`);
|
|
110
|
+
return null;
|
|
111
|
+
}
|
|
112
|
+
}
|
|
139
113
|
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
114
|
+
async extractCodeFromResponse(data, headers, followRedirect) {
|
|
115
|
+
return new Promise(async (resolve, reject) => {
|
|
116
|
+
try {
|
|
117
|
+
const locationHeader = headers['location'] || headers['Location'];
|
|
118
|
+
|
|
119
|
+
// 1️⃣ Location header
|
|
120
|
+
if (locationHeader && locationHeader.startsWith('melcloudhome://')) {
|
|
121
|
+
const match = locationHeader.match(/[?&]code=([^&]+)/);
|
|
122
|
+
if (match) {
|
|
123
|
+
this.emit('warn', `Found code in Location header: ${match[1]}`);
|
|
124
|
+
resolve(match[1]);
|
|
125
|
+
return;
|
|
126
|
+
}
|
|
127
|
+
}
|
|
128
|
+
|
|
129
|
+
// 2️⃣ form_post HTML
|
|
130
|
+
const formCodeMatch = data.match(/name="code"\s+value="([^"]+)"/);
|
|
131
|
+
const formStateMatch = data.match(/name="state"\s+value="([^"]+)"/);
|
|
132
|
+
const formActionMatch = data.match(/action="([^"]+)"/);
|
|
133
|
+
|
|
134
|
+
if (formCodeMatch && formStateMatch && formActionMatch) {
|
|
135
|
+
this.emit('warn', 'Found form_post, submitting...');
|
|
136
|
+
try {
|
|
137
|
+
const code = await this.submitFormPost(formActionMatch[1], formCodeMatch[1], formStateMatch[1]);
|
|
138
|
+
this.emit('warn', `submitFormPost returned code: ${code}`);
|
|
139
|
+
resolve(code);
|
|
140
|
+
return;
|
|
141
|
+
} catch (err) {
|
|
142
|
+
this.emit('warn', `submitFormPost failed: ${err}`);
|
|
143
|
+
reject(err);
|
|
144
|
+
return;
|
|
145
|
+
}
|
|
146
|
+
}
|
|
147
|
+
|
|
148
|
+
// 3️⃣ JS redirect in body
|
|
149
|
+
const bodyCodeMatch = data.match(/melcloudhome:\/\/[^"'\s]*[?&]code=([^&"'\s]+)/);
|
|
150
|
+
if (bodyCodeMatch) {
|
|
151
|
+
this.emit('warn', `Found code in body: ${bodyCodeMatch[1]}`);
|
|
152
|
+
resolve(bodyCodeMatch[1]);
|
|
153
|
+
return;
|
|
154
|
+
}
|
|
155
|
+
|
|
156
|
+
// 4️⃣ Follow redirect
|
|
157
|
+
if (locationHeader && ['301', '302', '303'].includes(headers['status'] || '')) {
|
|
158
|
+
this.emit('warn', `Following redirect to ${locationHeader}`);
|
|
159
|
+
try {
|
|
160
|
+
const code = await followRedirect(locationHeader);
|
|
161
|
+
resolve(code);
|
|
162
|
+
return;
|
|
163
|
+
} catch (err) {
|
|
164
|
+
this.emit('warn', `Follow redirect failed: ${err}`);
|
|
165
|
+
reject(err);
|
|
166
|
+
return;
|
|
167
|
+
}
|
|
168
|
+
}
|
|
169
|
+
|
|
170
|
+
this.emit('warn', 'Authorization code not found in response');
|
|
171
|
+
reject(new Error('Authorization code not found'));
|
|
172
|
+
} catch (err) {
|
|
173
|
+
this.emit('warn', `extractCodeFromResponse error: ${err}`);
|
|
174
|
+
reject(err);
|
|
175
|
+
}
|
|
146
176
|
});
|
|
177
|
+
}
|
|
147
178
|
|
|
148
|
-
|
|
149
|
-
const
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
const codeMatch = redirectUrl.match(/[?&]code=([^&]+)/);
|
|
157
|
-
if (!codeMatch) throw new Error('No code found after login redirect');
|
|
158
|
-
const code = codeMatch[1];
|
|
159
|
-
console.log(`[OAuth] ✅ Got authorization code: ${code}`);
|
|
179
|
+
async submitFormPost(actionUrl, code, state) {
|
|
180
|
+
const formData = new URLSearchParams({ code, state });
|
|
181
|
+
this.emit('warn', `Submitting form_post to ${actionUrl}`);
|
|
182
|
+
const res = await this.client.post(actionUrl, formData.toString(), {
|
|
183
|
+
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
|
184
|
+
maxRedirects: 0,
|
|
185
|
+
validateStatus: status => [200, 302, 303].includes(status)
|
|
186
|
+
});
|
|
160
187
|
|
|
161
|
-
|
|
162
|
-
|
|
188
|
+
const location = res.headers['location'];
|
|
189
|
+
if (location) {
|
|
190
|
+
const match = location.match(/[?&]code=([^&]+)/);
|
|
191
|
+
if (match) return match[1];
|
|
163
192
|
}
|
|
164
193
|
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
throw new Error('Unexpected status on login page');
|
|
194
|
+
this.emit('warn', 'Code not found after form_post submission');
|
|
195
|
+
throw new Error('Code not found after form_post submission');
|
|
168
196
|
}
|
|
169
197
|
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
console.log('[OAuth] Exchanging code for token...');
|
|
173
|
-
|
|
174
|
-
const body = new URLSearchParams({
|
|
198
|
+
async getTokens(code, codeVerifier) {
|
|
199
|
+
const tokenData = new URLSearchParams({
|
|
175
200
|
grant_type: 'authorization_code',
|
|
176
|
-
|
|
201
|
+
code: code,
|
|
177
202
|
redirect_uri: REDIRECT_URI,
|
|
178
|
-
|
|
179
|
-
code_verifier:
|
|
203
|
+
client_id: CLIENT_ID,
|
|
204
|
+
code_verifier: codeVerifier
|
|
180
205
|
});
|
|
181
206
|
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
207
|
+
try {
|
|
208
|
+
const tokenResponse = await this.client.post(TOKEN_ENDPOINT, tokenData.toString(), {
|
|
209
|
+
headers: {
|
|
210
|
+
'Content-Type': 'application/x-www-form-urlencoded',
|
|
211
|
+
'Authorization': 'Basic aG9tZW1vYmlsZTo='
|
|
212
|
+
}
|
|
213
|
+
});
|
|
188
214
|
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
throw new Error('Token exchange failed');
|
|
193
|
-
}
|
|
215
|
+
const tokens = tokenResponse.data;
|
|
216
|
+
this.emit('warn', `Token obtained: ${JSON.stringify(tokens)}`);
|
|
217
|
+
return tokens;
|
|
194
218
|
|
|
195
|
-
|
|
196
|
-
|
|
219
|
+
} catch (err) {
|
|
220
|
+
throw new Error(`Failed to obtain OAuth token: ${err}`);
|
|
221
|
+
}
|
|
197
222
|
}
|
|
198
223
|
}
|
|
199
224
|
|
|
200
|
-
|
|
201
225
|
export default MelCloudHomeToken;
|
|
202
226
|
|
|
203
227
|
|