improved password handling

password store now into uniqueID define now only with username and homeID requred
2019-10-23 14:00:06 +02:00 · 2019-10-23 14:00:06 +02:00 · eb39c00f49
parent e5ddc12027
commit eb39c00f49
1 changed files with 103 additions and 25 deletions
--- a/98_TadoAPI.pm
+++ b/98_TadoAPI.pm
@ -59,6 +59,7 @@ my $UserAgent = undef;
 my %sets = ( 
  "getTemperature" => "noArg", 
  "refreshToken" => "noArg",
+  "password"     => "",
  "setGeo" => "on,off"
 );

@ -89,7 +90,7 @@ TadoAPI_Initialize($)
 sub TadoAPI_Init($$)
 {
  my ($hash,$args) = @_;
-  my $u = "wrong syntax: define <name> TadoAPI <username> <password> [<homeID>] [<mobileID>]";
+  my $u = "wrong syntax: define <name> TadoAPI <username> <homeID> [<mobileID>]";
   
  return $u if(int(@$args) < 2);

@ -106,52 +107,49 @@ sub TadoAPI_Define($$)
  my $type = shift @a;

  return "Invalid number of arguments: "
-      . "define <name> TadoAPI <username> <password> [<homeID>] [<mobileID>]"
+      . "define <name> TadoAPI <username> <homeID> [<mobileID>]"
  if ( int(@a) < 2 );

-  my ( $user, $passwd, $homeID, $mobileID ) = @a;
+  my ( $user, $homeID, $mobileID ) = @a;
  Log3 $name, 3, "TadoAPI_Define $name: called ";
  $hash->{STATE}="defined";

-# Initialize the device
-        return $@ unless ( FHEM::Meta::SetInternals($hash) );
+  # Initialize the device
+  return $@ unless ( FHEM::Meta::SetInternals($hash) );

-        $hash->{TADO_USER} = $user;
-        $hash->{USER_PASSWORD}  = $passwd;
+  $hash->{TADO_USER} = $user;

-        if ( defined($homeID) && $homeID ne "" ) {
-            $attr{$name}{"homeID"} = $homeID;
-        }
+  if ( defined($homeID) && $homeID ne "" ) {
+      $attr{$name}{"homeID"} = $homeID;
+  }

-        if ( defined($mobileID) && $mobileID ne "" ) {            
-            $attr{$name}{"mobileID"} = $mobileID;
-        }
-
-  $main::attr{$a[0]}{"homeID"}= $homeID;
-  $main::attr{$a[0]}{"mobileID"}= $mobileID;
+  if ( defined($mobileID) && $mobileID ne "" ) {            
+      $attr{$name}{"mobileID"} = $mobileID;
+  }

  my @args = ($homeID, $mobileID);

  if ($main::init_done) {
-    eval {      
-      # start timer
-      TadoAPI_Update($hash);
-    };

+    $main::attr{$a[0]}{"homeID"}= $homeID;
+    $main::attr{$a[0]}{"mobileID"}= $mobileID;
+    
    return TadoAPI_Catch($@) if $@;
  }

+  # start the status update timer
+  TadoAPI_Update($hash);
+
  return undef;
-
 }

-
 sub TadoAPI_Set(@) {
  my ($hash, @a) = @_;
  return "Need at least one parameters" if(@a < 2);
  my $cmd = $a[1];
  my $value = $a[2];
  my $name = $hash->{NAME};
+  my $subcmd;

  #debug
  $debug = $attr{$name}{debug};
@ -188,6 +186,18 @@ sub TadoAPI_Set(@) {
        Log3 $name, 3, "TadoAPI $name" . ": " . "$cmd finished\n";

      return undef;
+      
+
+    } elsif( $cmd eq 'password' ) {
+        Log3 $name, 3, "TadoAPI $name" . ": " . "processing ($cmd)" if $debug;
+        # name und cmd überspringen
+        shift @a;
+        shift @a;
+        # den Rest der das passwort enthält, als ein String
+        $subcmd = join(" ",@a);        
+        return TadoAPI_storePassword($name,$subcmd);
+        #Log3 $name, 3, "TadoAPI $name" . ": " . "$cmd finished\n";
+      return undef;
      }

    return TadoAPI_Catch($@) if $@;
@ -235,13 +245,11 @@ sub TadoAPI_Get(@) {
        Log3 $name, 3, "TadoAPI $name" . ": " . "$cmd finished\n";
        last;
      };
-
    }
  };
    return TadoAPI_Catch($@) if $@;
    return undef;
  }
-
 }

 sub TadoAPI_Catch($) {
@ -263,6 +271,76 @@ sub TadoAPI_Undefine($$) {
    return undef;
 }

+######################################################
+# storePW & readPW Code geklaut aus 96_SIP.pm :)
+######################################################
+sub TadoAPI_storePassword($$)
+{
+    my ($name, $password) = @_;
+    my $index = "TadoAPI_".$name."_passwd";
+    my $key   = getUniqueId().$index;
+    my $e_pwd = "";
+    
+    if (eval "use Digest::MD5;1")
+    {
+        $key  = Digest::MD5::md5_hex(unpack "H*", $key);
+        $key .= Digest::MD5::md5_hex($key);
+    }
+    
+    for my $char (split //, $password)
+    {
+        my $encode=chop($key);
+        $e_pwd.=sprintf("%.2x",ord($char)^ord($encode));
+        $key=$encode.$key;
+    }
+
+    my $error = setKeyValue($index, $e_pwd);
+    return "error while saving TadoAPI password : $error" if(defined($error));
+    return "TadoAPI password successfully saved in FhemUtils/uniqueID Key $index";
+}
+
+sub TadoAPI_readPassword($)
+{
+   my ($name) = @_;
+   my $index  = "TadoAPI_".$name."_passwd";
+   my $key    = getUniqueId().$index;
+
+   my ($password, $error);
+
+   #Log3 $name,5,"$name, read user password from FhemUtils/uniqueID Key $key";
+   ($error, $password) = getKeyValue($index);
+
+   if ( defined($error) ) 
+   {
+      Log3 $name,3, "$name, cant't read Tado password from FhemUtils/uniqueID: $error";
+      return undef;
+   }  
+    
+   if ( defined($password) ) 
+   {
+      if (eval "use Digest::MD5;1") 
+      {
+         $key  = Digest::MD5::md5_hex(unpack "H*", $key);
+         $key .= Digest::MD5::md5_hex($key);
+      }
+
+      my $dec_pwd = '';
+     
+      for my $char (map { pack('C', hex($_)) } ($password =~ /(..)/g)) 
+      {
+         my $decode=chop($key);
+         $dec_pwd.=chr(ord($char)^ord($decode));
+         $key=$decode.$key;
+      }
+      return $dec_pwd;
+   }
+   else 
+   {
+      Log3 $name,3,"$name, no Tado password found in FhemUtils/uniqueID";
+      return undef;
+   }
+}
+
 sub TadoAPI_callback($$$){
  my ($param, $err, $data) = @_;
  my $hash = $param->{hash};
@ -349,7 +427,7 @@ sub TadoAPI_requestNewToken(@) {
    my ($hash) = @_;
    my $name = $hash->{NAME};
    my $username = $hash->{TADO_USER};
-    my $password = $hash->{USER_PASSWORD};
+    my $password = TadoAPI_readPassword($name);
    my $tokenFileName = $tokenFile."_".$name;

    Log3 $name, 3, "TadoAPI $name" . ": " . "Requesting new Token (TadoAPI_requestNewToken)" if $debug;