Neato Botvac Binding

Welcome to OpenHab!
I filed a bug and a fix has been merged and might be included in the next release: https://github.com/openhab/openhab-addons/pull/8931

Awesome! Thanks a bunch for the info!
So… a noob question: to get this change should I start using OpenHab 3? Or is there a way to upgrade just the openhab-addons only (or just the binding maybe)?

See this announcement: openHAB 2.5.x Patch Releases
I expect that the fix will be included.

Edit: Tested OH3M4 - Scan now runs without crashing, however doesn’t detect any bot (probably some relevant data are not found in the account). Did Neato change anything so this no longer works?

I have exactly the same problem with oh3 M5. After the scan…no results and I have no secret to add the cleaner manually.
In earlier version (oh2) I made a scan for the thing to read the cleaner thing and after some days the cleaner thing changed to offline with the error message: Status: OFFLINE - COMMUNICATION_ERROR Could not find robot_serial for specified vendor_name. Tried the same steps with no success for Oh3, can not find the cleaner thing with a scan.

Hello dear Neato owners.
I was maintaining a fork of this binding, supporting Vorwerk vendor.
This year Vorwerk switched to OAuth with a email confirmation, which broke my fork. As I see, Neato binding in its latest OH3 version offer no support for OAuth.
Do you know whether this binding is still maintained actively or are you having same issues?
BR Pav

Same problem with authentification, see

@johannesbonn

and I have no secret to add the cleaner manually.

Use an external script to obtain the secret. This one works for me

I’ve updated my Vorwerk/Neato fork to OH3.0 and want to thank this binding’s developer and maintainer. I’d also like to share my thoughts on this binding (based on Vorwerk fork but assumingly applying to Neato):

• Vacuum Things must have both secret and serial specified. In that case no Bridge is needed and Things can be created directly (via .things or UI). No further authentication is required.
• Because of this, the Bridge is strictly spoken unnecessary and is used for automatic detection only. In my fork I’ve implemented an automatic discovery using oAuth token. It must be entered instead of email / password and is used for obtaining vacuum list and getting their secret and serial
• For Vorwerk two simple curl commands are necessary to obtain the token. I assume similar script could be composed for Neato vacuums (https://developers.neatorobotics.com/guides/oauth-flow). This could be noted in readme for new users.
• Both Vorwerk and Neato are using the same API but different server. What are your thoughts on supporting Vorwerk?

You can find further info and full fork diff in my release notes here.

@Pavion - Please consider contributing your work to support Vorwerk to the Neato binding. I’m happy to work with you on verifying its works equally well for Neato and Vorwerk.

Thanks for your reply @jjlauterbach

Until now I’ve tried to stay low with my fork as I don’t have much time for a full-scale support. If I’m to contribute I do need a contact person on Neato side. I also have some questions you could perhaps help me with:

• this binding is Neato-centered, in an unofficial fork I’ve ignored it, but if merging “officially” many labels, descriptions and readme would have to be rewritten [e.g. Neato/Vorwerk Binding]. Would it pose a problem?
• I don’t think I can implement 2-factor-authentication myself and I’m not sure it’s really necessary. My proposal is using autodetection with provided oAuth token. I’d like some feedback on that.
• I would need some support with Neato testing and - if possible - with supplying and testing a routine for obtaining oAuth Token from Neato.
• In any case I’d like just an additional pair of eyes to look (or frown) upon my changes and to dispute them.
• Can I contribute as @Pavion or is the real name policy still active? I’m rather fond of my alias .

BR Pav

I’ve now checked some Neato API and came to following solution for someone daring to test:

• call this URL:

https://apps.neatorobotics.com/oauth2/authorize?response_type=token&client_id=da77e826f90d2aaf5a5f008e988d6acd1f6bf4d9d770f745aeb079a706a6045d&redirect_uri=https://myapp.example.com/callback&scope=control_robots+maps&state=3fa5d15a3389c9ecc1da623ffb0c61c3

Note, this is a test app I’ve created with no action and dummy callback (you can also change it if you wish). Upon calling this URL you will have to authenticate yourself with Neato and allow this app to access your robots.

• a new browser window pointing at dummy URL

https://myapp.example.com/callback

will be opened. This URL will contain similar string:

access_token=123456789012345678901234567890123456789012345678901234567890123

Note this token.

• You can now call following curl command:

curl --location --request GET 'https://beehive.neatocloud.com/users/me/robots' \
--header 'Authorization: Bearer 123456789012345678901234567890123456789012345678901234567890123'

and you should see all your robots with their serial and secret.

Edit: you can also use curl for Windows 10, please note its full path

C:\Windows\SysWOW64\curl.exe --silent --request "GET" "https://beehive.neatocloud.com/users/me/robots" --header "Authorization: Bearer 123456789012345678901234567890123456789012345678901234567890123"

Note: this access can be revoked later and I’m not becoming any of your data (thus dummy callback). Still it’s up to you to try it out.
Source documentation: Neato oAuth, Neato Beehive.

Hope to have helped!

@Pavion - What is the expiration period for the tokens you are retrieving? If they expire too quickly, it will be tedious for users to continually have to grab a new token through through one of the user auth grant types. Ideally Neato would provide a grant type that is more suitable for machine to machine usage such as client credentials.

I have not seen any issues yet with the current auth mechanisms in the neato binding which uses a sessions url that I believe the neato UIs use as well.

As already stated here: you only need a token once for autodiscovery (for obtaining serial and secret). After that it is not needed anymore (ever). My proposal was addressing following issue:

Got it. Thanks Pavion.

I have not yet seen any issues with the auth mechanism to retrieve the token. Perhaps they have forced oauth for some accounts but not all or perhaps its only enforced with Vorwerk accounts right now.

I just upgraded to OH3 and I did hit one issue with account discovery but I’ve fixed it and created a PR to incorporate into OH. See [neato] NPE on discovery · Issue #9561 · openhab/openhab-addons · GitHub

If Neato does in fact force users to use oauth authentication, then I think your method of retrieving a token and manually configuring that with the bridge to allow discovery seems good enough. Ideally Neato would better support machine to machine use cases. I did have a email discussion with Neato Developers on this a few years ago. They did not seem to have any interest in support this but they did mention they may eventually support longer lived tokens but this was far down on their roadmap.

I have a problem with the neato binding.If I program the robot to start at a given time with the Neato Android Mobile Application and the Openhab Neato binding is active, then the start message is well received by the robot (little ring), but the cleaning stops instantly.
If I deactivate the neato binding, everything goes normally and the robot starts and clean the house
Am I the only one to have this problem?
I also confirm that the binding is correctly configured and allows me to control my Botvac D3 robot from Openhab (which is now my only way to control it when the binding is active).

I use successfully the Neato binding, but have troubles getting the map.
See here please:

I tried to move to OAuth, but don’t know what to set as Redirect URI

Did anyone make the map download work?
Wouldn’t it be awesome to integrate this feature into the binding

Thanks in advance

EDIT:
Never mind - I solved it myself (see other thread).

Hi, I’m asking, this issue isn’t fixed until now - right?

I have the same issue with OH 2.5:

• Version: openHAB 2.5.12-1
• Neato Account is “online”
• Searching for things: [Nothing] (the Robot Botvac D6 is not found)
• Add Manually: … I don’t have a secret

Log Outputs:

org.openhab.binding.neato.internal.discovery.NeatoAccountDiscoveryService.addThing(NeatoAccountDiscoveryService.java:90) ~[?:?]

org.openhab.binding.neato.internal.discovery.NeatoAccountDiscoveryService.findRobots(NeatoAccountDiscoveryService.java:59) ~[?:?]

org.openhab.binding.neato.internal.discovery.NeatoAccountDiscoveryService.lambda$0(NeatoAccountDiscoveryService.java:73) ~[?:?]

I know, that this was working in early version of OH 2.5. So, how is this issue going on. Does anyone has information about that?

Thanks

Hi Sten and welcome to this forum! If you still haven’t found a solution, you may want to try my proposal from Neato Botvac Binding - #50 by Pavion for obtaining your secret.
If you have already resolved your issue, please consider to share your solution.
(if you’ve tried my solution already and received an ‘invalid scope’ error, i’ve fixed it above)
BR Pav

Hi, I’m not sure if I want to put in my authentication credentials in a non-offical Web-Page.

Can you please explain, what will be the difference between the Link posted on Neato Botvac Binding - #50 by Pavion and a Phishing-Page?

Hi @Sten, I appreciate your healthy skepticism
You can reproduce it by yourself:

• create a dev account https://developers.neatorobotics.com/
• create a dummy app with [control_robots] + [maps] scope
• voilà

BR Pav

Hi Pavion,
thanks a lot for your dedication. But this solution doesn’t convince me. The steps you’ve described is no evidence, that the app you’ve created wouldn’t save my authentication credentials.

I’m sorry, I will not try your suggestion.
KR Sten