core: Neato/Vorwerk Integration fails with "Invalid Credentials"
The old Vorwerk app is being phased for a new 2FA based app (MyKobold) from Vorwerk. The Neato/Vorwerk integration is failing with “Invalid Credentials”, I assume because of this new requirement.
Environment
- Home Assistant Core release with the issue:
- Last working Home Assistant Core release (if known):
- Operating environment (OS/Container/Supervised/Core):
- Integration causing this issue: Neato
- Link to integration documentation on our website: https://www.home-assistant.io/integrations/neato/
Problem-relevant configuration.yaml
Traceback/Error logs
2020-08-29 14:30:43 ERROR (SyncWorker_19) [homeassistant.components.neato] Invalid credentials
Additional information
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Reactions: 1
- Comments: 31 (16 by maintainers)
Hope it is okay to link this here but I think a lot of people might find this here:
https://community.home-assistant.io/t/creation-of-vorwerk-kobold-component/253166
Upvote this for new Vorwerk Integration.
I have been playing around with fiddler to see how the app authenticates and get the credentials.
The app makes a POST call to https://mykobold.eu.auth0.com/passwordless/start with a body that contains
{"client_id":"xxxxxx","email":"xx@xx.xx","connection":"email","send":"code"}
This will make the server send the user a code to the email used.
When that code is entered the app makes another POST to https://mykobold.eu.auth0.com/oauth/token with body
{"source":"vorwerk_auth0_international","audience":"https:\/\/mykobold.eu.auth0.com\/userinfo","grant_type":"http:\/\/auth0.com\/oauth\/grant-type\/passwordless\/otp","scope":"openid email profile read:current_user","client_id":"xxx","otp":"CODE RECIVED IN MAIL","country_code":"XX","locale":"xx","username":"xx@xx.xx","prompt":"login","realm":"email","platform":"ios"}
This will return a token that is used for.
https://beehive.ksecosys.com/ and https://nucleo.ksecosys.com:4443/vendors/vorwerk/robots/
I have a Vorwerk vacuum! Unfortunately don’t know how to code! It’s sad to loose the integration since I have several automations running on it…😤
Update: The current implementation of pybotvac works so far for Neato and Vorwerk. Furthermore the old authentication via username and password is still possible next to modern OAuth2 (neato) and Passwordless Auth (vorwerk) mechanics. All these features will be available within on of the next releases of pybotvac.
I can’t keep working on this issue because I don’t know enough about the Auth-Flows of HA and I don’t have a Vorwerk robot to do tests. But I offer every possible help for someone who wants to jump in. Since pybotvac works so far with both vendors, it’s only the HA integration that is missing.
I’ve talked to Balloob on Discord. We came to the conclusion that it would be easier to separate Neato and Vorwerk in the future. As a result, Vorwerk would get its own integration to support its own
config_flow
. A good starting point for a developer would be this documentation: https://developers.home-assistant.io/docs/creating_component_index Furthermore, the Neato integration will no longer support Vorwerk robots in the future (since this is broken anyways). This is necessary so that we can use the new OAuth2 mechanics for Neato robots.It’s kind of hard for me to work on it because I don’t have a Vorwerk bot. If someone else wants to help, don’t hesitate.
Things to know:
Things to do:
The current situation is as follows:
client_id
andclient_secret
) as well. We can’t log into a Webservice to create them and Neatosclient_id
andclient_secret
do not work with Vorwerk.Tbh, I do not know how to proceed here without further knowledge or documentation.