Forum

Browse topics, discover Works With Legrand community!

Again on Oauth2: python

Hello,

I am struggling in getting the oauth2 working on python. I created an Application on Legrand, so I have the ID and Secrets. Because App, I do not have a redirection uri.

According to the tutorial, using a get request I can complete the Step1. The request returns “OK 200”, but I cannot find the Code. From I can see it seems that the request return contains a sort of webpage (or the code of an HTML page); what does it means? I mean after the completition of the request I was supposing to have the code, according to your tutorial.

Please give me some more directions. Thank you very much for your support.

Lorenzo

Hi Lorenzo,

It’s mandatory to provide a redirect_uri endpoint where users can authenticate

Once done : copy/paste your request in a web browser. You will be redirected to an authentication page. Enter your credentials and validate. You are redirected to a blank page. The “code” value is in the URL bar

Your request should look like the following :

https://partners-login.eliotbylegrand.com/authorize?response_type=code&redirect_uri=https://yourURL.com&client_id=7366fd4e-XXXXXXXXXXXX

 

Have a good day,

Leslie – Community Manager

Hi Leslie,

if you define your application as Application, you do not have a redirection uri (I mean something like a web address).

What I am doin is a python application that is running on a raspberryPi. The application will connect to the Legrand system to activate or deactivate a light. So I do not have a user interface.

So how the oauth2 works in such a case?

Lorenzo

Lorenzo,

Even for a mobile app a redirect uri is required. It can be the address of your server (localhost or other). You can define up to 10 reply urls in your application’s interface

I also forward you a documentation about Oauth2 on Raspberry which could be useful for you : https://pypi.org/project/python-oauth2/

Have a good day,

Leslie – Community Manager

Hi Leslie,

it is not a mobile app, as I said it is a python script running on raspberryPi. The example you provided is related to the developement of a server, while I am implementing a client. Moreover the redirecting URI must be the sme URI provided by Legrand during the definition of the app.

Do you have some more info?

Lorenzo

Hi Lorenzo,

I think I misunderstood your issue :

You want to automatically connect to your app without login/password. Our policies don’t allow it but there is a workaround : you need to “manually” collect an access_token and a refresh_token to use them in your application and access to the API. You need to refresh your access_token with the refresh_token

While choosing “Application”, a “special” redirect_uri is created. In practice, you will never use this redirect_uri

Have a good day,

Leslie – Community Manager

Hi Leslie,
in fact at the time I defined the application I choosed the “Appllication”. After your validation you returned a special URI.

As I said at the beggining of this post, following your tutorial I did the GET request https://partners-login.eliotbylegrand.com/authorize where I put as “redirect_uri” the special URI. The get returned me a message like “OK 200”. But I cannot find the “code”.

Could you provide me some examples?

Thank you for your support.
Lorenzo

Hi Lorenzo,

Copy/paste this URL in a web browser : https://partners-login.eliotbylegrand.com/authorize?response_type=code&redirect_uri=https://login.microsoftonline.com/tfp/oauth2/nativeclient&client_id=7366fd4e-b078-XXXXXXXX

Where client_id is the one provided by your application

You are redirected to an authentication page and then to a page to accept user’s consent

You should arrive at a blank page with in URL bar : https://login.microsoftonline.com/tfp/oauth2/nativeclient?code=eyJraWQiOiJjcGltY29yZV8wOTXXXXXXXX

This is the code you need. It’s not provided in the Body of the request but in the URL once redirected

Once this step done, you should not have to do this process in the future unless you change the scopes of your app

Have a good day,

Leslie – Community Manager

Hi Leslie, thank you very much.

I will try this and I will let you know.

Lorenzo

Hi Leslie,
I have two questions.

1) during the retrival of token (POST), I am receiving error 500. From the documentation is related to an internal server error.

2) how long is the string with the code? The code I received is a very long string. Is it right?

Thank you again for your support.
Lorenzo

Hi Lorenzo,

Yes, the code is long (1076 characters)

Concerning your POST /token request : did you put the needed information in the Body of the request (and not in URL parameters as needed for /authorize request) ? Not putting it in Body could generate a 500 error

Have a good day,

Leslie – Community Manager

Hi Leslie,

I am your nightmare…. I know.

Following your suggestion and your tutorial I prepared the post request (address https://partners-login.eliotbylegrand.com/token) and I put the parameter into the body.

I received the following response:

<Response [400]>
{
“error”: “invalid_grant”,
“error_description”: “AADB2C90080: The provided grant has expired. Please re-authenticate and try again. Current time: 1603393355, Grant issued time: 1603392703, Grant expiration time: 1603393003\r\nCorrelation ID: 7e4577a2-c953-4b22-ab1a-ea9219b47ae2\r\nTimestamp: 2020-10-22 19:02:35Z\r\n”
}

It seems that the code is expired, am I wrong?

Please give me your directions.

Lorenzo

Hello Lorenzo,

No issue, I’m here to help 😉

The code provided during /authorize process is only valid a few minutes (10 minutes as far as I remember). So what you need to do :

  • Proceed to /authorize request to retrieve your code
  • Make your /token request with this code and other needed parameters in Body

Once you obtained your access_token (and refresh it each hour with the refresh_token), no need any more to do the /authorize process and to deal with this code

Have a good day,

Leslie – Community Manager

Hi Leslie! Thank you for your support. I am able to get the token and I am able to refresh the token using the refreshtoken.

Now I am trying to gain access to my plant, I am trying to turn on/off lights. One of the parameters I need to pass to the request is the Ocp-Apim-Subscription-Key that is contained into the subscription.

All the time I a trying to access to the my subscription page I am receiving the following message:
“User already registered
It seems a user with this email is already registered in the system. If you forgot your password, please try to restore it or contact our support team.”

Could you help me?

Lorenzo

Hi Lorenzo,

It seems to be a known (but rare) bug on our side. We fixed it for your account, it should work correctly now

Have a good day,

Leslie – Community Manager

Viewing 15 posts - 1 through 15 (of 17 total)

You must be logged in to reply to this topic.

Information

message16 replies
people2 participants