Indigo Domotics

thanks for that.
its starting to look like the device may be misbehaving.

problem solved: it appears the later DoorBird device is now only supporting digest authentication (whereas they formerly didn't). I have the newer intercom calling an action group directly from Indigo web server without the httpd plugin.

agame wrote:

problem solved: it appears the later DoorBird device is now only supporting digest authentication (whereas they formerly didn't). I have the newer intercom calling an action group directly from Indigo web server without the httpd plugin.

That makes sense. The HTTPd plugin was developed specifically for those services (like IFTTT) that only do Basic, since Indigo's web interface requires Digest.

I might just go ahead and add digest to the plugin so users don't have to mix and match, in cases like yours.

FlyingDiver wrote:

agame wrote:

I might just go ahead and add digest to the plugin so users don't have to mix and match, in cases like yours.

I'm sure that would solve a lot of mucking around. Your plugin also works around the need to store the main indigo credentials in random IoT devices.

Yeah, maybe not. It's a lot more complicated than doing Basic. Not sure when I'll have time. If you think it'll really be useful, create an issue at https://github.com/FlyingDiver/Indigo-HTTPd/issues

Thanks!

FlyingDiver wrote:

Yeah, maybe not. It's a lot more complicated than doing Basic. Not sure when I'll have time. If you think it'll really be useful, create an issue at https://github.com/FlyingDiver/Indigo-HTTPd/issues

Thanks!

No worries. Given indigo supports digest, its a nice-to-have really. hopefully multiple indigo user logins will appear one day.... I don't suppose as an alternative your plugin could more precisely identify the error...ie detect attempted digest authentication in order to produce a more descriptive error message than 'no authentication header' ?

agame wrote:

No worries. Given indigo supports digest, its a nice-to-have really. hopefully multiple indigo user logins will appear one day.... I don't suppose as an alternative your plugin could more precisely identify the error...ie detect attempted digest authentication in order to produce a more descriptive error message than 'no authentication header' ?

From the plugin's point of view, there is no error. It gets a request without a header and reports that. It then tells the client (DoorBird) that Basic Authentication is required. That's the standard HTTP flow. The client can't do an unsolicited request with Digest Authentication, the protocol doesn't allow for that. So there's no way to tell (as far as I know) that it really wants to do Digest.

The client never does another request, and there's no way to know it's not doing so because the plugin only does Basic Auth.

FlyingDiver wrote:

From the plugin's point of view, there is no error. It gets a request without a header and reports that. It then tells the client (DoorBird) that Basic Authentication is required. That's the standard HTTP flow. The client can't do an unsolicited request with Digest Authentication, the protocol doesn't allow for that. So there's no way to tell (as far as I know) that it really wants to do Digest.

The client never does another request, and there's no way to know it's not doing so because the plugin only does Basic Auth.

I feared as much!

Here's something that I noticed in my Event Log. Looks like someone was trying to get in. They tried a bunch of usernames and passwords. My passwords were set to guest:password. They didn't guess that and I changed my username and password making each much more robust. These queries went on hundreds of times-- many pages. I copied a small chunk to share. Just thought everyone should know--


HTTPd Debug AuthHandler: GET from 107.173.219.173:57451 for /
HTTPd Debug AuthHandler: Request has no Authorization header
HTTPd Debug AuthHandler: GET from 107.173.219.173:57502 for /
HTTPd Debug AuthHandler: Request with invalid Authorization header
HTTPd Debug Theirs: 'Basic YWRtaW46' -> 'admin:'
HTTPd Debug Ours: 'Basic Z3Vlc3Q6cGFzc3dvcmQ=' -> 'guest:password'
HTTPd Debug AuthHandler: GET from 107.173.219.173:57542 for /
HTTPd Debug AuthHandler: Request with invalid Authorization header
HTTPd Debug Theirs: 'Basic YWRtaW46' -> 'admin:'
HTTPd Debug Ours: 'Basic Z3Vlc3Q6cGFzc3dvcmQ=' -> 'guest:password'
HTTPd Debug AuthHandler: GET from 107.173.219.173:57577 for /
HTTPd Debug AuthHandler: Request with invalid Authorization header
HTTPd Debug Theirs: 'Basic YWRtaW46YWRtaW4=' -> 'admin:admin'
HTTPd Debug Ours: 'Basic Z3Vlc3Q6cGFzc3dvcmQ=' -> 'guest:password'
HTTPd Debug AuthHandler: GET from 107.173.219.173:57600 for /
HTTPd Debug AuthHandler: Request with invalid Authorization header
HTTPd Debug Theirs: 'Basic YWRtaW46YWRtaW4=' -> 'admin:admin'
HTTPd Debug Ours: 'Basic Z3Vlc3Q6cGFzc3dvcmQ=' -> 'guest:password'
HTTPd Debug AuthHandler: GET from 107.173.219.173:57631 for /
HTTPd Debug AuthHandler: Request with invalid Authorization header
HTTPd Debug Theirs: 'Basic YWRtaW46MTIzNA==' -> 'admin:1234'
HTTPd Debug Ours: 'Basic Z3Vlc3Q6cGFzc3dvcmQ=' -> 'guest:password'

I've seen that happen too. Not much you can do about it, except maybe blacklist that IP in your router.

Also, turn off Debug logging.

Hello.
With this plugin, I can now use Siri for anything. Just with a bit of work.
This is in Beta in iOS 12 and with test flight for now. But you can create Siri Shortcuts with the phrase you want, and it will execute almost anything.

You can include an URL (so you use the standard for this plugin), and after you call the page with "Get Contents of URL" (and not Safari).
For now (probably beta limits), I can't make it work as is while screen is locked. It seems Authentication is making some trouble.
Workaround was to create a web page in a server, where I just call two variables and this php page will execute the necessary call.
Of course, it needs a web server so this is bad, but I'm sure the problem will be solved once not in beta anymore.

So I just use variables for each command I want to handle, and when this variable becomes true, I set it back to false, and do things I want. There is many way to manage this, some will not use a true/false content, but even if it's more variables and triggers, it's at the end very easy to read.

With plugin for Harmony, I can now say : "Hey Siri, turn on the TV". It can change the lights (I don't need), it will send the "Apple TV" scene in Harmony and so turn on my TV and my Onkyo. I can do the opposite, "Hey Siri, turn off the TV" and tadaaa!

This is really cool. Very easy to implement and again, Siri Shortcuts are like automator (Apple bought the great Workflow app if you knew it) so they can do a lot of action with one call. Like changing lights, turning TV on, turn on fan (you can use Indigo things like Apple Home thing), and so on.

You setup the catchphrase you want. So you can make it easy to not interfere with something else.

Thanks for this plugin, it's a good point to go further with Indigo and Apple ecosystem.

cjp767 wrote:

Here's something that I noticed in my Event Log. Looks like someone was trying to get in.

If you have your router tunnel the HTTP port to a non-standard one, you can avoid a lot of these automated attacks.

Pick a random number between 8000-32000 and configure your router to use that as the "public" port.

You can then still connect with http://your.url.com:#### where #### is the port number.

rustyhodge wrote:

If you have your router tunnel the HTTP port to a non-standard one, you can avoid a lot of these automated attacks.

Pick a random number between 8000-32000 and configure your router to use that as the "public" port.

You can then still connect with http://your.url.com:#### where #### is the port number.

This plugin doesn't use the standard port. It's always a non-standard port, but the default isn't as high as that range. I don't think it would matter anyway, since those bots are probing all ports on every IP address they can.

This is my favorite and most useful plugin. I use it for home/away logic for my cars and phones using IFTTT. BRILLIANT.

Unfortunately every few days, the plugin fails so none of my home logic works. I simply reload it and everything works again. During reload, it gives me the “failed to quit after polite request — forcing it to quit” message.

Is there a way to have it restart itself every once in a while? It might prevent it from locking up. Any suggestions? And thank you.

Thank you for pointing me to that thread. Based on the example in that thread, I came up with similar python code that I execute once a day. So, if the plugin locks up for whatever reason, it will be reset and start the new day fresh. Here's the code, and thank you for pointing me in the right direction.

Code: Select all

HTTPdId = "com.flyingdiver.indigoplugin.httpd"
HTTPdPlugin = indigo.server.getPlugin(HTTPdId)
if HTTPdPlugin.isEnabled():
   HTTPdPlugin.restart(waitUntilDone=True)

Update: Although this code works fine, plugin restart is an action built into Indigo 7.2.