Skip to content

feat: device-auth #119

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 12 commits into from
Mar 14, 2025
Merged

feat: device-auth #119

merged 12 commits into from
Mar 14, 2025

Conversation

mattdavis90
Copy link
Owner

No description provided.

@mattdavis90 mattdavis90 mentioned this pull request Mar 8, 2025
Closed
@pkg-pr-new pkg.pr.new
Copy link

pkg-pr-new bot commented Mar 8, 2025
edited
Loading

Open in Stackblitz

npm i https://pkg.pr.new/mattdavis90/node-tado-client@119

commit: d62eded

@mattdavis90

This comment was marked as outdated.

Sign in to view
slcp
slcp reviewed Mar 8, 2025
View reviewed changes
slcp
slcp reviewed Mar 8, 2025
View reviewed changes
slcp
slcp reviewed Mar 8, 2025
View reviewed changes
slcp
slcp reviewed Mar 8, 2025
View reviewed changes
@mattdavis90
Copy link
Owner Author

mattdavis90 commented Mar 8, 2025
edited
Loading

I've tweaked it so that

async authenticate(
    refreshToken?: string,
    timeout?: number,
  ): Promise<[DeviceVerification | undefined, Promise<Token>]> {

must be called first before anything else. Semantics are;

  • Refresh token is provided
    • Try to use it, otherwise revert to device auth flow
    • If it works then return [undefined, Promise<Token>] - where the Promise will immediately resolve
  • No refresh token
    • Start a device auth flow

Device auth flow will return the DeviceVerification object that has the relevant URL, and a Promise<Token> that will resolve on successful authentication. It uses a timeout of Math.min(timeout, tado.expires_in).

Also, all auth errors should be identifiable now;

  • NotAuthenticated - if the authenticate method call wasn't made yet
  • InvalidRefreshToken - either supplied refresh token has expired, was incorrectly typed, or you haven't made an API call in the last 30 days (see note 1 below)
  • AuthTimeout - you didn't hit the URL quick enough

There's also now an example in examples/auth.ts because it may be a little fiddly for people not following this thread.

  1. I haven't implemented any background polling to refresh the refresh token - you'll need to call the API once every 30 days

@mattdavis90
Copy link
Owner Author

@abn Did you see this? Not sure how it affects your work?

@mattdavis90 mattdavis90 requested a review from slcp March 9, 2025 19:13
@mattdavis90 mattdavis90 marked this pull request as ready for review March 9, 2025 19:14
@nanoamp
Copy link

nanoamp commented Mar 11, 2025

I've tested the PR code in my app, and it works perfectly 🌟

nanoamp
nanoamp approved these changes Mar 11, 2025
View reviewed changes
@mattdavis90 mattdavis90 merged commit 7132bd6 into master Mar 14, 2025
9 checks passed
@mattdavis90 mattdavis90 deleted the device-auth branch March 14, 2025 10:55
@mattdavis90 mattdavis90 mentioned this pull request Mar 14, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nanoamp nanoamp nanoamp approved these changes

@slcp slcp Awaiting requested review from slcp

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mattdavis90 @nanoamp @slcp