homebridge-melcloud-control 4.9.0-beta.7 → 4.9.0-beta.9

package/package.json

@@ -1,7 +1,7 @@
 {
   "displayName": "MELCloud Control",
   "name": "homebridge-melcloud-control",
-  "version": "4.9.0-beta.7",
+  "version": "4.9.0-beta.9",
   "description": "Homebridge plugin to control Mitsubishi Air Conditioner, Heat Pump and Energy Recovery Ventilation.",
   "license": "MIT",
   "author": "grzegorz914",

package/src/melcloudhome.js

@@ -34,7 +34,7 @@ class MelCloudHome extends EventEmitter {
 
         // axios auth client and token state
         this.authClient = null;
-        this._accessToken = null;
+        this._accessToken = null;   // podkreślnik — unika konfliktu z getterami
         this._refreshToken = null;
         this._tokenExpiry = 0;      // Unix timestamp (sekundy)
         this._authenticated = false;
@@ -412,15 +412,23 @@ class MelCloudHome extends EventEmitter {
 
             if (this.logDebug) this.emit('debug', `Step 4 location: ${cognitoRedirectLocation}`);
 
-            const signinUrl = cognitoRedirectLocation.startsWith('http')
-                ? cognitoRedirectLocation
-                : `https://${cognitoHostname}${cognitoRedirectLocation}`;
+            // signin-oidc-meu to endpoint IdentityServera obsługujący callback z Cognito.
+            // Cognito normalnie robi tam form_post (POST z code i state w body),
+            // ale my dostaliśmy 302 z parametrami w query stringu — wysyłamy więc POST
+            // z tymi samymi parametrami w body (tak jak zrobiłoby to Cognito).
+            const signinParsed = new URL(cognitoRedirectLocation);
+            const signinBase = `${signinParsed.protocol}//${signinParsed.host}${signinParsed.pathname}`;
+            const signinParams = new URLSearchParams(signinParsed.search);
+
+            if (this.logDebug) this.emit('debug', `Step 4 POST to: ${signinBase} params: ${[...signinParams.keys()].join(', ')}`);
 
-            // GET na signin-oidc-meu — IdentityServer przetworzy i przekieruje do melcloudhome://
             const signinResp = await this.pace(() =>
-                client.get(signinUrl, {
-                    headers: { 'User-Agent': ApiUrls.Home.UserAgent },
-                    maxRedirects: 0, // przechwytujemy redirect do melcloudhome://
+                client.post(signinBase, signinParams, {
+                    headers: {
+                        'User-Agent': ApiUrls.Home.UserAgent,
+                        'Content-Type': 'application/x-www-form-urlencoded',
+                    },
+                    maxRedirects: 0,
                 })
             );
 
@@ -436,11 +444,11 @@ class MelCloudHome extends EventEmitter {
             const signinBody = typeof signinResp.data === 'string' ? signinResp.data : '';
 
             // Przypadek A: bezpośredni redirect na melcloudhome://
-            let codeMatch = /code=([^&"' ]+)/.exec(cognitoRedirectLocation);
+            let codeMatch = /code=([^&"' ]+)/.exec(signinLocation);
 
             // Przypadek B: IdentityServer przekierowuje do /connect/authorize/callback
             if (!codeMatch) {
-                const callbackMatch = /\/connect\/authorize\/callback\?([^"' ]+)/.exec(cognitoRedirectLocation)
+                const callbackMatch = /\/connect\/authorize\/callback\?([^"' ]+)/.exec(signinLocation)
                     || /\/connect\/authorize\/callback\?([^"' ]+)/.exec(signinBody);
 
                 if (callbackMatch) {
@@ -449,7 +457,7 @@ class MelCloudHome extends EventEmitter {
                 } else {
                     // Przypadek C: kod bezpośrednio w body (np. form hidden field)
                     codeMatch = /code=([^&"' ]+)/.exec(signinBody);
-                    if (!codeMatch) throw new Error(`Failed to extract auth code. signin status=${signinResp.status}, location=${cognitoRedirectLocation}`);
+                    if (!codeMatch) throw new Error(`Failed to extract auth code. signin status=${signinResp.status}, location=${signinLocation}`);
                     authCode = codeMatch[1];
                 }
             } else {