npm - homebridge-melcloud-control - Versions diffs - 4.3.11-beta.20 → 4.3.11-beta.21 - Mend

homebridge-melcloud-control 4.3.11-beta.20 → 4.3.11-beta.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/package.json +1 -1
package/src/melcloudhome.js +7 -14
package/src/melcloudhomeauth.js +71 -187

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "displayName": "MELCloud Control",
   "name": "homebridge-melcloud-control",
-  "version": "4.3.11-beta.20",
+  "version": "4.3.11-beta.21",
   "description": "Homebridge plugin to control Mitsubishi Air Conditioner, Heat Pump and Energy Recovery Ventilation.",
   "license": "MIT",
   "author": "grzegorz914",

package/src/melcloudhome.js CHANGED Viewed

@@ -457,24 +457,17 @@ class MelCloudHome extends EventEmitter {
     async connect() {
         if (this.logDebug) this.emit('debug', 'Connecting to MELCloud Home');
-        const client = new MELCloudHomeAuth({ debug: true });
+        const auth = new MELCloudHomeAuth();
         try {
-            await client.login(this.user, this.passwd);
-            console.log("Logged in!");
+            await auth.login(this.user, this.passwd);
+            console.log('Logged in!');
-            const ctx = await client.getUserContext();
-            console.log("User context:", JSON.stringify(ctx, null, 2));
+            const valid = await auth.checkSession();
+            console.log('Session valid:', valid);
-            const devices = await client.getDevices();
-            console.log("Devices:", JSON.stringify(devices, null, 2));
-            // If you need a token-like object:
-            const tokens = await client.getAuthTokenCandidates();
-            console.log("Token candidates:", tokens);
+            console.log('Cookies:', auth.getCookies());
         } catch (err) {
-            console.error("Error:", err.message || err);
-        } finally {
-            await client.logout();
+            console.error(err.message);
         }
     }
 }

package/src/melcloudhomeauth.js CHANGED Viewed

@@ -1,228 +1,112 @@
-import axios from "axios";
-import { wrapper } from "axios-cookiejar-support";
-import { CookieJar } from "tough-cookie";
-import { JSDOM } from "jsdom";
+import axios from 'axios';
+import { CookieJar } from 'tough-cookie';
+import { wrapper } from 'axios-cookiejar-support';
+import { JSDOM } from 'jsdom';
+import qs from 'qs';
-// Constants
+const BASE_URL = 'https://melcloudhome.com'; // lub właściwe dla Home
 const USER_AGENT =
-  "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36";
+  'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36';
-const BASE_URL = "https://melcloudhome.com";
-const COGNITO_BASE =
-  "https://live-melcloudhome.auth.eu-west-1.amazoncognito.com";
-class MELCloudHomeAuth {
-  constructor({ debug = false } = {}) {
-    this.debug = debug;
+export class MELCloudHomeAuth {
+  constructor() {
     this.jar = new CookieJar();
-    this.axios = wrapper(
+    this.client = wrapper(
       axios.create({
         jar: this.jar,
         withCredentials: true,
-        maxRedirects: 10,
         headers: {
-          "User-Agent": USER_AGENT,
+          'User-Agent': USER_AGENT,
           Accept:
-            "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8",
-          "Accept-Language": "en-US,en;q=0.9",
+            'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8',
+          'Accept-Language': 'en-US,en;q=0.9',
         },
+        maxRedirects: 0,
+        validateStatus: (status) => status >= 200 && status < 400,
       })
     );
     this.authenticated = false;
   }
-  log(...args) {
-    if (this.debug) console.log("[MelcloudHomeClient]", ...args);
-  }
-  _delay(ms) {
-    return new Promise((r) => setTimeout(r, ms));
-  }
-  // --- Helper: generate cognitoAsfData (simplified) ---
-  generateAsfData() {
-    const data = {
-      deviceName: "Chrome",
-      osName: "Macintosh",
-      osVersion: "14_5",
-      timezoneOffset: new Date().getTimezoneOffset(),
-      userAgent: USER_AGENT,
-      screen: { width: 1440, height: 900 },
-      language: "en-US",
-      plugins: [],
-      fonts: [],
-      canvasFingerprint: "simplified", // placeholder
-    };
-    const json = JSON.stringify(data);
-    return Buffer.from(json).toString("base64");
-  }
-  // --- Extract CSRF token from HTML ---
-  extractCsrf(html) {
-    if (!html) return null;
+  async login(username, password) {
     try {
-      const dom = new JSDOM(html);
-      const el = dom.window.document.querySelector('input[name="_csrf"]');
-      if (el && el.value) return el.value;
-    } catch {}
-    const m = html.match(/<input[^>]+name="_csrf"[^>]+value="([^"]+)"/i);
-    if (m) return m[1];
-    return null;
-  }
-  findCognitoLoginUrl(html) {
-    if (!html) return null;
-    const m = html.match(/action="([^"]*amazoncognito\.com[^"]*)"/i);
-    if (m) return m[1];
-    return null;
-  }
-  extractErrorMessage(html) {
-    if (!html) return null;
-    const patterns = [
-      /<div[^>]*class="[^"]*error[^"]*"[^>]*>([^<]+)<\/div>/i,
-      /<span[^>]*class="[^"]*error[^"]*"[^>]*>([^<]+)<\/span>/i,
-      /<p[^>]*class="[^"]*error[^"]*"[^>]*>([^<]+)<\/p>/i,
-    ];
-    for (const p of patterns) {
-      const m = html.match(p);
-      if (m) return m[1].trim();
-    }
-    return null;
-  }
-  async startLoginFlow() {
-    this.log("Starting login flow: GET /bff/login");
-    const resp = await this.axios.get(`${BASE_URL}/bff/login`, {
-      params: { returnUrl: "/dashboard" },
-      validateStatus: () => true,
-    });
-    const finalUrl =
-      resp.request?.res?.responseUrl || resp.config?.url || "";
-    this.log("Received final redirect URL:", finalUrl);
-    const csrf = this.extractCsrf(resp.data);
-    if (!csrf) throw new Error("Failed to extract CSRF token");
+      // 1. GET login page to get CSRF token
+      let resp = await this.client.get(`${BASE_URL}/bff/login`, {
+        params: { returnUrl: '/dashboard' },
+      });
-    const loginUrl = this.findCognitoLoginUrl(resp.data) || finalUrl;
-    return { loginUrl, csrf };
-  }
+      // Follow redirect to Cognito
+      let finalUrl = resp.request.res.responseUrl;
+      if (!finalUrl.includes('.amazoncognito.com')) {
+        throw new Error('Unexpected redirect URL: ' + finalUrl);
+      }
+      // Extract CSRF token from HTML
+      const csrfToken = this.extractCsrfToken(resp.data);
+      if (!csrfToken) throw new Error('CSRF token not found');
+      // 2. POST credentials to Cognito
+      const loginData = qs.stringify({
+        _csrf: csrfToken,
+        username,
+        password,
+        cognitoAsfData: '', // minimal value, może być potrzebne pełne ASF
+      });
-  async submitCredentials(loginUrl, csrf, username, password) {
-    this.log("Submitting credentials to Cognito...");
-    const payload = new URLSearchParams({
-      _csrf: csrf,
-      username,
-      password,
-      cognitoAsfData: this.generateAsfData(),
-    });
-    // Step 1: POST credentials
-    const resp = await this.axios.post(loginUrl, payload.toString(), {
-      headers: {
-        "Content-Type": "application/x-www-form-urlencoded",
-        Origin: COGNITO_BASE,
-        Referer: loginUrl,
-      },
-      validateStatus: () => true,
-      maxRedirects: 0,
-    });
-    const redirectUrl = resp.headers.location || resp.request?.res?.responseUrl;
-    if (!redirectUrl.includes("signin-oidc")) {
-      throw new Error(
-        "Authentication failed: signin-oidc callback not received"
-      );
-    }
+      resp = await this.client.post(finalUrl, loginData, {
+        headers: {
+          'Content-Type': 'application/x-www-form-urlencoded',
+          Origin: 'https://live-melcloudhome.auth.eu-west-1.amazoncognito.com',
+          Referer: finalUrl,
+        },
+        maxRedirects: 5,
+      });
-    this.log("Calling signin-oidc callback:", redirectUrl);
-    // Step 2: GET callback to set cookies
-    const callback = await this.axios.get(redirectUrl, {
-      headers: {
-        Referer: loginUrl,
-        "User-Agent": USER_AGENT,
-        Accept: "text/html",
-      },
-      validateStatus: () => true,
-    });
-    this.log("signin-oidc status:", callback.status);
-    // Check if cookie meu.identity is set
-    const cookies = await this.jar.getCookies(BASE_URL);
-    const hasIdentity = cookies.some((c) => c.key.includes("meu.identity"));
-    if (!hasIdentity) {
-      throw new Error(
-        "OpenID callback did not produce session cookie (cognitoAsfData missing or rejected)"
-      );
+      finalUrl = resp.request.res.responseUrl;
+      // Sprawdzenie czy udało się zalogować
+      if (
+        finalUrl.includes('melcloudhome.com/dashboard') &&
+        resp.status < 400
+      ) {
+        console.log('Authentication successful');
+        this.authenticated = true;
+        return true;
+      }
+      throw new Error('Authentication failed, final URL: ' + finalUrl);
+    } catch (err) {
+      throw new Error('Login error: ' + err.message);
     }
-    this.authenticated = true;
-    this.log("Login successful, session cookie meu.identity is present");
-    await this._delay(1000); // short wait for Blazor initialization
-    return true;
   }
-  async login(username, password) {
-    const { loginUrl, csrf } = await this.startLoginFlow();
-    await this.submitCredentials(loginUrl, csrf, username, password);
-    const valid = await this.checkSession();
-    if (!valid) throw new Error("Session not valid after login");
-    this.log("Login flow complete");
-    return true;
+  extractCsrfToken(html) {
+    const dom = new JSDOM(html);
+    const input = dom.window.document.querySelector('input[name="_csrf"]');
+    return input?.value || null;
   }
   async checkSession() {
     if (!this.authenticated) return false;
     try {
-      const resp = await this.axios.get(`${BASE_URL}/api/user/context`, {
-        headers: {
-          Accept: "application/json",
-          "x-csrf": "1",
-          Referer: `${BASE_URL}/dashboard`,
-        },
-        validateStatus: () => true,
+      const resp = await this.client.get(`${BASE_URL}/api/user/context`, {
+        headers: { 'x-csrf': '1', Referer: `${BASE_URL}/dashboard` },
       });
       return resp.status === 200;
     } catch {
+      this.authenticated = false;
       return false;
     }
   }
-  async getUserContext() {
-    if (!this.authenticated) throw new Error("Not authenticated");
-    const resp = await this.axios.get(`${BASE_URL}/api/user/context`, {
-      headers: { Accept: "application/json", "x-csrf": "1", Referer: `${BASE_URL}/dashboard` },
-    });
-    return resp.data;
-  }
-  async getDevices() {
-    if (!this.authenticated) throw new Error("Not authenticated");
-    const resp = await this.axios.get(`${BASE_URL}/api/devices/devices`, {
-      headers: { Accept: "application/json", "x-csrf": "1", Referer: `${BASE_URL}/dashboard` },
-      validateStatus: () => true,
-    });
-    if (resp.status !== 200) throw new Error(`Failed to get devices: ${resp.status}`);
-    return resp.data;
-  }
-  async logout() {
-    try {
-      await this.axios.get(`${BASE_URL}/bff/logout`, { validateStatus: () => true });
-    } finally {
-      this.authenticated = false;
-    }
+  getCookies() {
+    return this.jar.toJSON();
   }
 }
 export default MELCloudHomeAuth;