We (or at least I) got the official skill working a few days ago with the myopenhab cloud. I did it by modifying the request so it is properly received by myopenhab. Then pairing was successful.
Could you elaborate exactly what you did and where?
Please elaborate. How did you modify the scope with the official GH app and myopenhab considering that you don’t control any of those apps ?
GH is being executed as an App on my phone, so saying i don’t control it is just wrong. Actually i have full control over it, because it is executed on my phone. So all that needs to be done is modifying the request before it’s being sent (or modify the request after it’s been sent but before it reaches the server). However, Google uses certificate pinning. So just intercepting the traffic won’t work that easy.
Just wait until it’s ready, unless you have experience (or there is a simpler way than what I did) you will not be able to do this. All that has to be done is replacing the URL, so it is simple when you have reverse engineering experience. If you don’t then it’s nothing you will learn in a day or two. For those who have experience I have outlined at least 2 methods where you could “attack” in the above text, so you can use those. If there is an easier way, then i wasted 30 minutes doing this overly complicated thing.
Can you send us the modified APK?
The APK is not modified, this is all happening “in memory”.
I used Charles Proxy (https://www.charlesproxy.com). Get it on a computer, redirect your phone’s traffic through it, and try to add Myopenhab service. You will get the full URL sent to Myopenhab in the proxy session. Simply copy this URL, change the scope in it and paste it in your phone’s browser again.
If you’re less comfortable in intercepting your traffic with a proxy, wait for the official fix
How will that work with Google’s certificate pinning? It shouldn’t connect at all because the certificate is invalid if you intercept the traffic?
Here are my detailed steps to get it working (again, do not do this unless you’re comfortable with the process).
- Try to add Openhab from Google Home App. Get authenticated and you’ll have the scope error.
- Test that the authentication (including the certificate pinning) is OK by adding Openhab again. You’ll get straight to the “scope error” page, and do not need to login again.
- On your phone, change your connection settings to use Charles Proxy (set up on a computer). This will allow you to sniff requests sent via your phone
- Redo step 2. You’ll get a warning / security error on your phone. No worries about it, you can now close the Google Home App.
- On the proxy session of your computer, you should see the connection to Openhab and the requests the phone tried to send. Copy the whole URL (it’s a long URL cause it has a security token included), and you’ll see the scope “Google+google-assistant” in it. Simply remove the “+google-assistant” and send the URL to your email.
- On your phone again, deactivate the proxy to get back to a “normal connection”. Go to your email and click on the URL. Since all the authentication procedure is already done, and you’re playing the URL from the same device, everything goes through and you’ll be asked to allow Google to access your items…
A few notes :
- I’m using an Android device, so I don’t know if this is working for an Apple device (it should tough).
- Charles Proxy is a tool used for app developpment and debug network requests sent from an actual devices. It has a friendly UI to check the requests content.
Thanks a lot for the very hard work of @MARZIMA and everyone who contributed !!!
Ok, so modified url is used only to do authentication procedure manually via browser, as I guess google home uses browser internally anyway. It should not interfere with anything after they fix it from the google home itself ?
Thanks, I think I will try this method
Then I did things overly complicated
Its weird that the request can be interrupted in this way, because i would expect the callback to require the google home app again. Anyway, great it works this way, that’s definitely easier than using xposed to hook methods or to do modifications of variables during runtime.
but this would mean I could log my traffic and anlyze with wireshark?
OK, got the oauth to authenticate my OpenHAB against Google Assistant Voice Control.
I can also see Google Assistant Voice Control application in OpenHAB applications.
I am not sure how to proceed now with getting items to be controlled with Google Assistant. With IFTTT I would go into the IFTTT web portal and configure the voice prompts and items.
Where do I go for Google Assistant?
can we please agree to wait for an official fix?
We are really working close with Google for this and want to have a clean solution.
There are quick fixes for this at myopenhab which I already prooved to work, but we didnt want to go that way and keep things clean. Also the official action is for the time being unpublished in Google Assistant app. We will closely change things and this might even effect e.g. scopes if needed.
So please dont guide people to quick fixes, which will not work later on. Instead please wait that things get resolved for the official action. If you still want to do a dirty hack for your system - feel free. But dont point the community there, since people will get frustrated after things will be touched.
This brings more confusion and frustration afterwards…and I really want to avoid that.
Thanks for your understanding.
Understood. No problem with that, thanks for clarification.
No, we are talking about HTTPS here, that’s to prevent sniffing traffic. As marzima has unpublished the action for now, there’s nothing that can be done at the moment.
@Marzima: I just wanted to point out the little issue I am having with the percentage being (not) read out. To prevent the question how I was able to get it working I added a quick explanation. I believe that is someone does the it way I did it (using xposed and a debugger) that person won’t be complaining in here. Is the problem with the percentage known? Maybe you can see more information, i guess you will probably get a whole bunch of logs during the first days assuming that the stack traces are being collected by google when a problem occurs.
yep, got it when I tried it out yesterday.
That’s why I love this project as one learns something thank you all
I’ll wait for an official fix, but I hate waiting… haha
Great description Gaël, many thanks!
Why not working on workarounds while the official solution takes time to get rolled out.
One won’t become dumber when working on alternatives and this way, we are prepared for further issues.
Digging into the details and learning how things work under the hood is not for everybody but for those willing to, there should be no objection.
It is also nice to see that people are willing to share their findings and knowledge and don’t hide behind buzzwords so others can improve their knowledge - and share it again with others.
Of course, for those who are using workarounds and later have issues with the final solution, they would either need to revert back to the original solution or solve further issues on their own - but that’s imperative and not worth to mention - I thought.
Iam not sure how you read things,
but „feel free“ is a clear statement and means …whoever is capable can do it make dirtyhacks to their system.
So the whole idea in this community is about sharing knowledge Marcus. And trust me I ve invested a lot to share my knowledge. Read my docu on github, drink warm milk…go to github of Google Assistant official smarthome action nodejs example. You will see how minimal the docu is there and that a lot lot lot people stuck there cause they followed another deployment approach (Google way) without Google Cloud Functions. No big help, slow reaction to issues cause complicated.
I am not sure from which community you came here to openHAB but you need to learn alot of things. I am also quite unsure what the actual value of your posts is. For me it feels like trolling around
You repeated what I wrote (no added value), you try to point out things in a negative way (no respect) and I cant see what your contribution was here at all. You can develop a better, issue free version…and we can learn „how to do it right“.
But it is still funny to read what you write
Can you elaborate a little bit what and who you mean with „hide behind buzzwords“?
I am curious to learn which buzzwords beside oauth, google asssistant and scopes fly around in this topic.
Again, feel free to learn and to hack whatever system you want. Thats your decision. But stay polite and nice in this community. Remember to much anger makes your hairs grey and we dont want that.
All the best. You can always PM me, if you have topics.