KLAFS sauna binding

Hi,
I’m considering writing a binding for KLAFS saunas. They offer a Wi-Fi module that connects to the manufacturers clould service. One can then us a mobile app or https://sauna-app.klafs.com to control the sauna.

Clients use a simple REST API to interact with the service. You first need to login to obtain a token (cookie) and then can query the current status with:

curl -vL https://sauna-app.klafs.com/Account/Login -H "Content-Type: application/x-www-form-urlencoded" --data "UserName=userid&Password=secret" --cookie-jar cookie.txt

curl -v --cookie cookie.txt https://sauna-app.klafs.com/Control/GetSaunaStatus -H "Content-Type: application/json" --data '{"saunaId":"364cc9db-86f1-49d1-86cd-f6ef9b20a490"}'

{
    "saunaId": "364cc9db-86f1-49d1-86cd-f6ef9b20a490",
    "saunaSelected": false,
    "sanariumSelected": true,
    "irSelected": false,
    "selectedSaunaTemperature": 90,
    "selectedSanariumTemperature": 70,
    "selectedIrTemperature": 100,
    "selectedHumLevel": 7,
    "selectedIrLevel": 3,
    "selectedHour": 12,
    "selectedMinute": 40,
    "isConnected": false,
    "isPoweredOn": false,
    "isReadyForUse": false,
    "currentTemperature": 18,
    "currentHumidity": 0,
    "statusCode": 2,
    "statusMessage": null,
    "showBathingHour": false,
    "bathingHours": 0,
    "bathingMinutes": 0,
    "currentHumidityStatus": 0,
    "currentTemperatureStatus": 0
}

So I probably need a bridge for storing the account credentials and a thing for the sauna itself.

Which exsiting binding would be a good template that I could clone and adapt?

Norbert

No, even a Thing can store the account credentials, don’t need to be a bridge.

I wouldn’t implement a binding but use the HTTP binding.

How would you handle the authentication scheme with the HTTP binding?

You can substitute any curl command with an http item or you can write a rule, that’ll give you more choices. I have implemented control of my lawn mower using the Web/JSON API and commands like sendHttpPostRequest(URL, "application/x-www-form-urlencoded", jsondata).

There can be multiple saunas attached to a single account. That’s why I thought of having a bridge.

Ah, I see. In that case, a Bridge is indeed needed.

According to the JavaDoc for sendHttpPostRequest this method only returns the response body as a string. To get the access token, I need access to the response headers for the cookie (and the Location header for automatic thing discovery).

Hi nklasen,

I am at the same point, with curl in a rule. curl delivering expected json in command shell, but full download header ("% Total % Received…") when used in executeCommandLine.
Btw. same for curl requesting session cookie. Workarounded this by requesting cookie once via shell command to /tmp/cookie.txt for being used during json request. Could be placed elsewhere to survive a reboot or clean-cache. Not nice, yet working.
Should work to use same concept for json query, with curl-command in script file to be triggered by executeCommandLine, relaying the curl command from the executeCommandLine, but would be workaround squared and not sure how to read output file for json transformation.
Found myself locked out of manufacturer’s webservice after I tried to request cookie with any json query. Needed to contact their customer support to get accout reset.
Was there any further findings on your end since end May?
sendHttpPostRequest doesn’t allow cookie.txt input, correct?

Hi Carl,
Yes, sendHttpPostRequest not providing access to header prevents the HTTP action from being used.

I’ve looked at a few other bindings that implement a bridge which connects to a cloud service but other than that, I haven’t spend much time on the subject since. Do you have any suggestions which binding to use as a blue print?

Norbert

Hi Norbert,

bindings “tankerkönig” or “gardena” might make some sense. Both use bridges, connect to a web/cloud service and I see that at least tankerkönig takes json response after sending a token “apikey”. Yet, this is an agreed and constant value. KLAFS cookie needs renewal after unsuccessful query. But not too often, for not getting blocked as I was. And cookie is not a token.
openweathermap should be comparable to the above.
Gardena binding might also be helpful as I read (and see myself) that its usage kicks out mobile app. A temporary client-based token or cookie seems to be taken by the binding, not allowing the mobile app to enter without login credentials.

Carl.