Persistence of Swagger tokens?

Question

Persistence of Swagger tokens?

Closed this issue 4 days ago · 12 comments

Current Situation

Hello

It appears that Swagger tokens expire after 15[?] days. Is there any way to control/extend this, e.g. make the tokens persistent?

I use a GET /api/accessories/{unique} request in a (php) script with the Swagger token, which expires and breaks the script. This is to access certain Carrier heat pump parameters (temperatures) through the Homebridge Carrier-Infinity plugin that are otherwise nearly impossible to access because of Carrier policies. Security is not an issue as the script is only accessible on the local net behind a firewall.

Thanks

Logs

No response

Config

No response

Homebridge UI Version

v4.56.1

Homebridge Version

v1.7.0

Node.js Version

18.5.0

Operating System

Official Homebridge Raspberry Pi Image

Environment Info

None

Raspberry Pi Model

Raspberry Pi 4 B

Answer 1 · 2024-04-17T12:49:11.000Z

Shouldn't your script handle this scenario and just automatically login again ?

Answer 2 · 2024-04-18T18:54:06.000Z

Yes, but... I have implemented a Swagger login to get a token in each php script and it works, but it adds delays that are less than ideal and causes not infrequent incorrect results because of collisions during busy states. Checking to see if an existing token is still valid would add similar delays. Best would be an optional ability to extend token timeouts. I believe that would be a homebridge feature request.

In case anyone is interested, these php scripts are to compare inside and outside temperatures to set switches in homebridge so that HomeKit/Pushcut can trigger notifications. For whatever reasons Apple does not allow temperature sensor compares in HomeKit, even via shortcuts. Of course, they do enable comparing a sensor to a fixed temperature value.

It would be nice if there were a homebridge plugin that set switches based on temperature sensor compares. Since that doesn't exist the only solution I can see is via php scripts, which is heroic and inelegant. Seems like this is a common need and Apple's restriction may be due to concerns about safety or equipment damage if temperature compares are used indiscriminately.

Answer 3 · 2024-04-19T00:41:12.000Z

A slightly different approach, but with a similar result is to leverage node-red for your rules engine, and the homebridge-automation flow access and control homebridge devices. This would remove the swagger requirement.

Answer 4 · 2024-04-19T18:19:40.000Z

could you not just set auth to none?

https://github.com/homebridge/homebridge-config-ui-x/wiki/Config-Options#auth

Answer 5 · 2024-04-19T19:12:50.000Z

auth is set to none. That does not seem to apply to Swagger.

Answer 6 · 2024-04-19T19:23:12.000Z

node-red looks like an interesting approach. I may yet try that. If I had been aware of it, I might have spent the effort to learn node-red rather than ever-finicky php script. (I am not a coder by trade, just a retired particle/astro-physicist trying to get some basic home automation to work.)

Answer 7 · 2024-04-19T19:27:25.000Z

node-red is simple and well worth the learning curve. It is based on a Graphical design model, backed by javascript

And with the existing integration to homebridge, it is pretty straight forward

Answer 8 · 2024-04-19T20:45:29.000Z

In June (traveling in May) will do homebridge maintenance (upgrade Raspberry Pi OS, node.js,...) After that stabilizes I will will look into node-red. Do I understand correctly that node-red integration with homebridge goes through the cloud and requires an account subscription with homebridge.ca for communication? I am concerned that delays due to cloud transactions could cause similar problems as I am finding with multiple php scripts?

The optional control of Swagger token timeouts would still be very desirable as that is all local.

Answer 9 · 2024-04-20T22:02:13.000Z

@etomnash the node-red integration with homebridge go direct and does not use cloud or need a homebridge.ca account and is 100% local. Under the covers it leverages the HomeKIt api to control the homebridge devices.

Answer 10 · 2024-04-22T00:55:34.000Z

OK. Was confused by the setup instructions link to your Alexa plugin instructions regarding insecure mode and that when on to how to setup the cloud communication.

Answer 11 · 2024-05-22T11:48:04.000Z

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

Answer 12 · 2024-05-28T11:47:57.000Z

This issue has been closed as no further activity has occurred.