homebridge-melcloud-control 4.0.0-beta.43 → 4.0.0-beta.430
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +12 -11
- package/config.schema.json +272 -314
- package/homebridge-ui/public/index.html +104 -64
- package/homebridge-ui/server.js +5 -9
- package/index.js +38 -20
- package/package.json +6 -3
- package/src/constants.js +15 -22
- package/src/deviceata.js +199 -188
- package/src/deviceatw.js +7 -5
- package/src/deviceerv.js +28 -26
- package/src/functions.js +124 -3
- package/src/melcloud.js +312 -131
- package/src/melcloudata.js +139 -308
- package/src/melcloudatw.js +3 -228
- package/src/melclouderv.js +5 -162
- package/src/melcloudhometoken.js +231 -0
- package/src/restful.js +1 -1
|
@@ -0,0 +1,231 @@
|
|
|
1
|
+
import axios from 'axios';
|
|
2
|
+
import crypto from 'crypto';
|
|
3
|
+
import { wrapper } from 'axios-cookiejar-support';
|
|
4
|
+
import { CookieJar } from 'tough-cookie';
|
|
5
|
+
import { JSDOM } from 'jsdom';
|
|
6
|
+
import EventEmitter from 'events';
|
|
7
|
+
|
|
8
|
+
const MOBILE_USER_AGENT = 'MonitorAndControl.App.Mobile/35 CFNetwork/3860.100.1 Darwin/25.0.0';
|
|
9
|
+
const CLIENT_ID = 'homemobile';
|
|
10
|
+
const REDIRECT_URI = 'melcloudhome://';
|
|
11
|
+
const SCOPE = 'openid profile email offline_access IdentityServerApi';
|
|
12
|
+
const TOKEN_ENDPOINT = 'https://auth.melcloudhome.com/connect/token';
|
|
13
|
+
const AUTHORIZE_ENDPOINT = 'https://auth.melcloudhome.com/connect/authorize';
|
|
14
|
+
|
|
15
|
+
class MelCloudHomeToken extends EventEmitter {
|
|
16
|
+
constructor(config) {
|
|
17
|
+
super();
|
|
18
|
+
this.user = config.user;
|
|
19
|
+
this.passwd = config.passwd;
|
|
20
|
+
this.logWarn = config.logWarn;
|
|
21
|
+
this.logError = config.logError;
|
|
22
|
+
|
|
23
|
+
const jar = new CookieJar();
|
|
24
|
+
this.client = wrapper(axios.create({ jar, withCredentials: true }));
|
|
25
|
+
this.client.defaults.headers['User-Agent'] = MOBILE_USER_AGENT;
|
|
26
|
+
}
|
|
27
|
+
|
|
28
|
+
generatePKCE() {
|
|
29
|
+
const verifier = crypto.randomBytes(32).toString('base64url');
|
|
30
|
+
const challenge = crypto.createHash('sha256').update(verifier).digest('base64url');
|
|
31
|
+
return { verifier, challenge };
|
|
32
|
+
}
|
|
33
|
+
|
|
34
|
+
generateState() {
|
|
35
|
+
return crypto.randomBytes(32).toString('hex');
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
async buildAuthorizeUrl() {
|
|
39
|
+
const pkce = this.generatePKCE();
|
|
40
|
+
const state = this.generateState();
|
|
41
|
+
|
|
42
|
+
const authUrl = new URL(AUTHORIZE_ENDPOINT);
|
|
43
|
+
authUrl.searchParams.set('client_id', CLIENT_ID);
|
|
44
|
+
authUrl.searchParams.set('redirect_uri', REDIRECT_URI);
|
|
45
|
+
authUrl.searchParams.set('response_type', 'code');
|
|
46
|
+
authUrl.searchParams.set('scope', SCOPE);
|
|
47
|
+
authUrl.searchParams.set('code_challenge', pkce.challenge);
|
|
48
|
+
authUrl.searchParams.set('code_challenge_method', 'S256');
|
|
49
|
+
authUrl.searchParams.set('state', state);
|
|
50
|
+
|
|
51
|
+
return { url: authUrl.toString(), codeVerifier: pkce.verifier };
|
|
52
|
+
}
|
|
53
|
+
|
|
54
|
+
async loginToMelCloudHome(authUrl) {
|
|
55
|
+
try {
|
|
56
|
+
const getResp = await this.client.get(authUrl, { headers: { 'Accept': 'text/html' } });
|
|
57
|
+
const cookies = getResp.headers['set-cookie'] || [];
|
|
58
|
+
const dom = new JSDOM(getResp.data);
|
|
59
|
+
const csrf = dom.window.document.querySelector('input[name="_csrf"]')?.value;
|
|
60
|
+
|
|
61
|
+
if (!csrf) {
|
|
62
|
+
if (this.logWarn) this.emit('warn', 'CSRF token not found');
|
|
63
|
+
return null;
|
|
64
|
+
}
|
|
65
|
+
|
|
66
|
+
const formData = new URLSearchParams({
|
|
67
|
+
_csrf: csrf,
|
|
68
|
+
username: this.user,
|
|
69
|
+
password: this.passwd
|
|
70
|
+
});
|
|
71
|
+
|
|
72
|
+
const response = await this.client.post(authUrl, formData.toString(), {
|
|
73
|
+
headers: {
|
|
74
|
+
'User-Agent': MOBILE_USER_AGENT,
|
|
75
|
+
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
|
|
76
|
+
'Accept-Language': 'en-US,en;q=0.9',
|
|
77
|
+
'Content-Type': 'application/x-www-form-urlencoded',
|
|
78
|
+
'Content-Length': formData.toString().length,
|
|
79
|
+
'Cookie': cookies.join('; '),
|
|
80
|
+
'Origin': 'https://live-melcloudhome.auth.eu-west-1.amazoncognito.com',
|
|
81
|
+
'Referer': authUrl
|
|
82
|
+
},
|
|
83
|
+
maxRedirects: 0,
|
|
84
|
+
validateStatus: status => [200, 302, 400].includes(status)
|
|
85
|
+
});
|
|
86
|
+
|
|
87
|
+
if (response.status === 400) {
|
|
88
|
+
if (this.logWarn) this.emit('warn', `Login failed: ${response.data}`);
|
|
89
|
+
return null;
|
|
90
|
+
}
|
|
91
|
+
|
|
92
|
+
// Extract authorization code
|
|
93
|
+
const code = await this.extractCodeFromResponse(
|
|
94
|
+
response.data,
|
|
95
|
+
response.headers,
|
|
96
|
+
async (url) => {
|
|
97
|
+
const r = await this.client.get(url, {
|
|
98
|
+
maxRedirects: 0,
|
|
99
|
+
validateStatus: status => [200, 302, 303].includes(status)
|
|
100
|
+
});
|
|
101
|
+
return this.extractCodeFromResponse(r.data, r.headers, async u => this.extractCodeFromResponse(r.data, r.headers, u));
|
|
102
|
+
}
|
|
103
|
+
);
|
|
104
|
+
|
|
105
|
+
if (code) this.emit('warn', `Authorization code obtained: ${code}`);
|
|
106
|
+
return code || null;
|
|
107
|
+
|
|
108
|
+
} catch (err) {
|
|
109
|
+
if (this.logWarn) this.emit('warn', `loginToMelCloudHome error: ${err}`);
|
|
110
|
+
return null;
|
|
111
|
+
}
|
|
112
|
+
}
|
|
113
|
+
|
|
114
|
+
async extractCodeFromResponse(data, headers, followRedirect) {
|
|
115
|
+
return new Promise(async (resolve, reject) => {
|
|
116
|
+
try {
|
|
117
|
+
const locationHeader = headers['location'] || headers['Location'];
|
|
118
|
+
|
|
119
|
+
// 1️⃣ Location header
|
|
120
|
+
if (locationHeader && locationHeader.startsWith('melcloudhome://')) {
|
|
121
|
+
const match = locationHeader.match(/[?&]code=([^&]+)/);
|
|
122
|
+
if (match) {
|
|
123
|
+
if (this.logWarn) this.emit('warn', `Found code in Location header: ${match[1]}`);
|
|
124
|
+
resolve(match[1]);
|
|
125
|
+
return;
|
|
126
|
+
}
|
|
127
|
+
}
|
|
128
|
+
|
|
129
|
+
// 2️⃣ form_post HTML
|
|
130
|
+
const formCodeMatch = data.match(/name="code"\s+value="([^"]+)"/);
|
|
131
|
+
const formStateMatch = data.match(/name="state"\s+value="([^"]+)"/);
|
|
132
|
+
const formActionMatch = data.match(/action="([^"]+)"/);
|
|
133
|
+
|
|
134
|
+
if (formCodeMatch && formStateMatch && formActionMatch) {
|
|
135
|
+
if (this.logWarn) this.emit('warn', 'Found form_post, submitting...');
|
|
136
|
+
try {
|
|
137
|
+
const code = await this.submitFormPost(formActionMatch[1], formCodeMatch[1], formStateMatch[1]);
|
|
138
|
+
if (this.logWarn) this.emit('warn', `submitFormPost returned code: ${code}`);
|
|
139
|
+
resolve(code);
|
|
140
|
+
return;
|
|
141
|
+
} catch (err) {
|
|
142
|
+
if (this.logWarn) this.emit('warn', `submitFormPost failed: ${err}`);
|
|
143
|
+
reject(err);
|
|
144
|
+
return;
|
|
145
|
+
}
|
|
146
|
+
}
|
|
147
|
+
|
|
148
|
+
// 3️⃣ JS redirect in body
|
|
149
|
+
const bodyCodeMatch = data.match(/melcloudhome:\/\/[^"'\s]*[?&]code=([^&"'\s]+)/);
|
|
150
|
+
if (bodyCodeMatch) {
|
|
151
|
+
if (this.logWarn) this.emit('warn', `Found code in body: ${bodyCodeMatch[1]}`);
|
|
152
|
+
resolve(bodyCodeMatch[1]);
|
|
153
|
+
return;
|
|
154
|
+
}
|
|
155
|
+
|
|
156
|
+
// 4️⃣ Follow redirect
|
|
157
|
+
if (locationHeader && ['301', '302', '303'].includes(headers['status'] || '')) {
|
|
158
|
+
if (this.logWarn) this.emit('warn', `Following redirect to ${locationHeader}`);
|
|
159
|
+
try {
|
|
160
|
+
const code = await followRedirect(locationHeader);
|
|
161
|
+
resolve(code);
|
|
162
|
+
return;
|
|
163
|
+
} catch (err) {
|
|
164
|
+
if (this.logWarn) this.emit('warn', `Follow redirect failed: ${err}`);
|
|
165
|
+
reject(err);
|
|
166
|
+
return;
|
|
167
|
+
}
|
|
168
|
+
}
|
|
169
|
+
|
|
170
|
+
if (this.logWarn) this.emit('warn', 'Authorization code not found in response');
|
|
171
|
+
reject(new Error('Authorization code not found'));
|
|
172
|
+
} catch (err) {
|
|
173
|
+
if (this.logWarn) this.emit('warn', `extractCodeFromResponse error: ${err}`);
|
|
174
|
+
reject(err);
|
|
175
|
+
}
|
|
176
|
+
});
|
|
177
|
+
}
|
|
178
|
+
|
|
179
|
+
async submitFormPost(actionUrl, code, state) {
|
|
180
|
+
const formData = new URLSearchParams({ code, state });
|
|
181
|
+
if (this.logWarn) this.emit('warn', `Submitting form_post to ${actionUrl}`);
|
|
182
|
+
const res = await this.client.post(actionUrl, formData.toString(), {
|
|
183
|
+
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
|
184
|
+
maxRedirects: 0,
|
|
185
|
+
validateStatus: status => [200, 302, 303].includes(status)
|
|
186
|
+
});
|
|
187
|
+
|
|
188
|
+
const location = res.headers['location'];
|
|
189
|
+
if (location) {
|
|
190
|
+
const match = location.match(/[?&]code=([^&]+)/);
|
|
191
|
+
if (match) return match[1];
|
|
192
|
+
}
|
|
193
|
+
|
|
194
|
+
if (this.logWarn) this.emit('warn', 'Code not found after form_post submission');
|
|
195
|
+
throw new Error('Code not found after form_post submission');
|
|
196
|
+
}
|
|
197
|
+
|
|
198
|
+
async getTokens(code, codeVerifier) {
|
|
199
|
+
const tokenData = new URLSearchParams({
|
|
200
|
+
grant_type: 'authorization_code',
|
|
201
|
+
code: code,
|
|
202
|
+
redirect_uri: REDIRECT_URI,
|
|
203
|
+
client_id: CLIENT_ID,
|
|
204
|
+
code_verifier: codeVerifier
|
|
205
|
+
});
|
|
206
|
+
|
|
207
|
+
try {
|
|
208
|
+
const tokenResponse = await this.client.post(TOKEN_ENDPOINT, tokenData.toString(), {
|
|
209
|
+
headers: {
|
|
210
|
+
'Content-Type': 'application/x-www-form-urlencoded',
|
|
211
|
+
'Authorization': 'Basic aG9tZW1vYmlsZTo='
|
|
212
|
+
}
|
|
213
|
+
});
|
|
214
|
+
|
|
215
|
+
const tokens = tokenResponse.data;
|
|
216
|
+
if (this.logWarn) this.emit('warn', `Token obtained: ${JSON.stringify(tokens)}`);
|
|
217
|
+
return tokens;
|
|
218
|
+
|
|
219
|
+
} catch (err) {
|
|
220
|
+
throw new Error(`Failed to obtain OAuth token: ${err}`);
|
|
221
|
+
}
|
|
222
|
+
}
|
|
223
|
+
}
|
|
224
|
+
|
|
225
|
+
export default MelCloudHomeToken;
|
|
226
|
+
|
|
227
|
+
|
|
228
|
+
|
|
229
|
+
|
|
230
|
+
|
|
231
|
+
|
package/src/restful.js
CHANGED
|
@@ -65,7 +65,7 @@ class RestFul extends EventEmitter {
|
|
|
65
65
|
|
|
66
66
|
// Start the server
|
|
67
67
|
app.listen(this.port, () => {
|
|
68
|
-
this.emit('connected', `RESTful started on port: ${this.
|
|
68
|
+
this.emit('connected', `RESTful started on port: ${this.port}`);
|
|
69
69
|
});
|
|
70
70
|
} catch (error) {
|
|
71
71
|
if (this.logWarn) this.emit('warn', `RESTful Connect error: ${error}`);
|