npm - homebridge-melcloud-control - Versions diffs - 4.3.11-beta.17 → 4.3.11-beta.19 - Mend

homebridge-melcloud-control 4.3.11-beta.17 → 4.3.11-beta.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/index.js CHANGED Viewed

@@ -105,8 +105,8 @@ class MelCloudPlatform {
 								//connect
 								const accountInfo = await melcloud.connect();
-								if (!accountInfo.State) {
-									if (logLevel.warn) log.warn(`${accountName}, ${accountInfo.Info}`);
+								if (!accountInfo?.State) {
+									if (logLevel.warn) log.warn(`${accountName}, ${accountInfo?.Info}`);
 									return;
 								}
 								if (logLevel.success) log.success(`${accountName}, ${accountInfo.Info}`);

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "displayName": "MELCloud Control",
   "name": "homebridge-melcloud-control",
-  "version": "4.3.11-beta.17",
+  "version": "4.3.11-beta.19",
   "description": "Homebridge plugin to control Mitsubishi Air Conditioner, Heat Pump and Energy Recovery Ventilation.",
   "license": "MIT",
   "author": "grzegorz914",

package/src/melcloudhomeauth.js CHANGED Viewed

@@ -104,7 +104,7 @@ class MELCloudHomeAuth {
             _csrf: csrf,
             username,
             password,
-            cognitoAsfData: "", // placeholder; may be required if Cognito enforces advanced security
+            cognitoAsfData: "",
         });
         const resp = await this.axios.post(loginUrl, payload.toString(), {
@@ -113,39 +113,48 @@ class MELCloudHomeAuth {
                 Origin: COGNITO_BASE,
                 Referer: loginUrl,
             },
-            maxRedirects: 10,
             validateStatus: () => true,
+            maxRedirects: 0
         });
-        const finalUrl =
-            resp.request?.res?.responseUrl || resp.config?.url || "unknown";
-        this.log("Post-login final URL:", finalUrl, "status:", resp.status);
+        const redirectUrl =
+            resp.headers.location ||
+            resp.request?.res?.responseUrl ||
+            resp.config.url;
-        // Common failure patterns
-        if (finalUrl.includes("/error") || resp.status >= 400) {
-            // try extract error message
-            const errMsg = this.extractErrorMessage(resp.data) || "Unknown error from Cognito";
-            throw new Error(`Authentication failed: ${errMsg}`);
+        if (!redirectUrl.includes("signin-oidc")) {
+            throw new Error("Authentication failed: signin-oidc callback not received");
         }
-        // If still on Cognito domain -> bad credentials or MFA required
-        if (finalUrl.includes("amazoncognito.com")) {
-            throw new Error("Authentication failed: invalid username/password or additional challenge required");
-        }
+        this.log("Calling signin-oidc:", redirectUrl);
-        // Success: redirected back to melcloudhome domain
-        if (finalUrl.includes("melcloudhome.com")) {
-            this.authenticated = true;
-            this.log("Successfully authenticated, session cookies stored.");
-            // Wait a short time for Blazor / client initialization (server may set additional cookies)
-            await this._delay(2500);
-            return true;
+        // --- MEGA WAŻNE: wywołać callback ---
+        const callback = await this.axios.get(redirectUrl, {
+            headers: {
+                Referer: loginUrl,
+                "User-Agent": USER_AGENT,
+                Accept: "text/html",
+            },
+            validateStatus: () => true
+        });
+        this.log("signin-oidc status:", callback.status);
+        // Status 500 JEST NORMALNY – liczą się cookies!
+        const cookies = await this.jar.getCookies(redirectUrl);
+        this.log("After signin-oidc cookies:", cookies.map(c => c.key));
+        // Jeżeli pojawił się cookie `meu.identity` – logowanie jest zakończone
+        const hasIdentity = cookies.some(c => c.key.includes("meu.identity"));
+        if (!hasIdentity) {
+            throw new Error("openid callback did not produce a session cookie");
         }
-        throw new Error(`Unexpected redirect after login: ${finalUrl}`);
+        this.authenticated = true;
+        return true;
     }
     // Public login method
     async login(username, password) {
         try {