wip login stuff

Author: felix-barz-brickmakers

doc/.pubignore

@@ -0,0 +1 @@
+*

example/aha_client_example.dart

@@ -24,8 +24,12 @@ Future<void> main() async {
  final client = AhaClient();
 
  final response = await client.login.getLoginStatus();
-
  print(response.body);
 
+ final response2 = await client.aha.get('getdevicelistinfos');
+ print(response2.statusCode);
+ print(response2.headers);
+ print(response2.bodyString);
+
  client.dispose();
 }

lib/src/.pubignore

@@ -0,0 +1,3 @@
+# Generated files
+!*.chopper.dart
+!*.freezed.dart

lib/src/api/aha_client.dart

@@ -1,8 +1,10 @@
-import 'package:aha_client/src/api/login_service.dart';
-import 'package:aha_client/src/api/models/session_info.dart';
-import 'package:aha_client/src/api/xml_typed_converter.dart';
 import 'package:chopper/chopper.dart';
 
+import 'aha_service.dart';
+import 'login/login_service.dart';
+import 'login/models/session_info.dart';
+import 'xml_typed_converter.dart';
+
 class AhaClient {
  static const defaultHostName = 'fritz.box';
 
@@ -21,10 +23,13 @@ class AhaClient {
  ..registerConverter<SessionInfo>(SessionInfo.converter),
  services: [
  LoginService.create(),
+ AhaService.create(),
  ],
  );
 
  void dispose() => _client.dispose();
 
  LoginService get login => _client.getService();
+
+ AhaService get aha => _client.getService();
 }

lib/src/api/aha_service.dart

@@ -0,0 +1,13 @@
+import 'package:chopper/chopper.dart';
+
+part 'aha_service.chopper.dart';
+
+@ChopperApi(baseUrl: '/webservices/homeautoswitch.lua')
+abstract class AhaService extends ChopperService {
+ static AhaService create([ChopperClient? client]) => _$AhaService(client);
+
+ @Get()
+ Future<Response> get(
+ @Query('switchcmd') String switchCmd,
+ );
+}

lib/src/api/login/authentication_exception.dart

@@ -0,0 +1,18 @@
+import 'package:freezed_annotation/freezed_annotation.dart';
+
+part 'authentication_exception.freezed.dart';
+
+@freezed
+class AuthenticationException
+ with _$AuthenticationException
+ implements Exception {
+ factory AuthenticationException.invalidStatus(
+ int statusCode, [
+ Object? error,
+ ]) = _Status;
+
+ factory AuthenticationException.invalidChallangeFormat() =
+ _InvalidChallangeFormat;
+
+ factory AuthenticationException.invalidCredentials() = _InvalidCredentials;
+}

lib/src/api/login/login_manager.dart

@@ -0,0 +1,152 @@
+import 'dart:async';
+import 'dart:convert';
+
+import 'package:chopper/chopper.dart';
+import 'package:convert/convert.dart';
+import 'package:cryptography/cryptography.dart';
+import 'package:meta/meta.dart';
+
+import 'authentication_exception.dart';
+import 'login_service.dart';
+import 'models/right.dart';
+import 'models/session_info.dart';
+import 'models/user.dart';
+import 'user_credentials.dart';
+
+// ignore: must_be_immutable
+abstract class LoginManager implements RequestInterceptor, Authenticator {
+ static const _pbkd2Bits = 256;
+ static final _challangeRegexp = RegExp(
+ r'^2\$(\d+)\$([0-9a-f]+)\$(\d+)\$([0-9a-f]+)$',
+ caseSensitive: false,
+ );
+
+ var _sid = SessionInfo.invalidSid;
+ var _rights = const <Right>[];
+
+ late final ChopperClient _client;
+
+ List<Right> get rights => _rights;
+
+ // ignore: use_setters_to_change_properties
+ @internal
+ void linkToClient(ChopperClient client) {
+ _client = client;
+ }
+
+ @override
+ FutureOr<Request> onRequest(Request request) async {
+ if (request.isLogin) {
+ return request;
+ }
+
+ if (_sid == SessionInfo.invalidSid) {
+ await _performLogin();
+ }
+
+ return _copyRequestWithSid(request);
+ }
+
+ @override
+ FutureOr<Request?> authenticate(Request request, Response response) async {
+ if (response.statusCode != 403 || request.isLogin) {
+ return null;
+ }
+
+ await _performLogin();
+ return _copyRequestWithSid(request);
+ }
+
+ @protected
+ FutureOr<UserCredentials> obtainCredentials(List<User> knownUsers);
+
+ Request _copyRequestWithSid(Request request) => request.copyWith(parameters: {
+ ...request.parameters,
+ 'sid': _sid,
+ });
+
+ Future<void> _performLogin() async {
+ final loginService = _client.getService<LoginService>();
+
+ final sessionInfo = _extractSessionInfo(
+ _sid == SessionInfo.invalidSid
+ ? await loginService.getLoginStatus()
+ : await loginService.checkSessionValid(sid: _sid),
+ );
+
+ final blockTimeout = Future.delayed(
+ Duration(seconds: sessionInfo.blockTime),
+ );
+
+ final credentials = await obtainCredentials(sessionInfo.users);
+
+ final response = await _solveVersion2Challange(sessionInfo, credentials);
+
+ await blockTimeout;
+ final loginResult = _extractSessionInfo(
+ await loginService.login(
+ username: credentials.username,
+ response: response,
+ ),
+ );
+
+ if (loginResult.sid == SessionInfo.invalidSid) {
+ throw AuthenticationException.invalidCredentials();
+ }
+
+ _sid = loginResult.sid;
+ _rights = loginResult.rights;
+ }
+
+ Future<String> _solveVersion2Challange(
+ SessionInfo sessionInfo,
+ UserCredentials credentials,
+ ) async {
+ final challangeMatch = _challangeRegexp.firstMatch(sessionInfo.challange);
+ if (challangeMatch == null) {
+ throw AuthenticationException.invalidChallangeFormat();
+ }
+
+ final iter1 = int.parse(challangeMatch[1]!);
+ final salt1 = hex.decode(challangeMatch[2]!);
+ final iter2 = int.parse(challangeMatch[3]!);
+ final salt2 = hex.decode(challangeMatch[4]!);
+
+ final pbkdfRound1 = Pbkdf2(
+ macAlgorithm: Hmac.sha256(),
+ iterations: iter1,
+ bits: _pbkd2Bits,
+ );
+ final pbkdfRound2 = Pbkdf2(
+ macAlgorithm: Hmac.sha256(),
+ iterations: iter2,
+ bits: _pbkd2Bits,
+ );
+
+ final hash1 = await pbkdfRound1.deriveKey(
+ secretKey: SecretKey(utf8.encode(credentials.password)),
+ nonce: salt1,
+ );
+ final hash2 = await pbkdfRound2.deriveKey(
+ secretKey: hash1,
+ nonce: salt2,
+ );
+
+ return '${hex.encode(salt2)}\$${hex.encode(await hash2.extractBytes())}';
+ }
+
+ SessionInfo _extractSessionInfo(Response<SessionInfo> response) {
+ if (!response.isSuccessful || response.body == null) {
+ throw AuthenticationException.invalidStatus(
+ response.statusCode,
+ response.error ?? response.bodyString,
+ );
+ }
+
+ return response.body!;
+ }
+}
+
+extension _RequestX on Request {
+ bool get isLogin => url.contains('/login_sid.lua');
+}

lib/src/api/login/login_service.dart

@@ -0,0 +1,39 @@
+import 'package:chopper/chopper.dart';
+
+import 'models/session_info.dart';
+
+part 'login_service.chopper.dart';
+
+@ChopperApi(baseUrl: '/login_sid.lua?version=2')
+abstract class LoginService extends ChopperService {
+ static LoginService create([ChopperClient? client]) => _$LoginService(client);
+
+ @Get()
+ Future<Response<SessionInfo>> getLoginStatus();
+
+ @Post()
+ @FactoryConverter(
+ request: FormUrlEncodedConverter.requestFactory,
+ )
+ Future<Response<SessionInfo>> login({
+ @Field() required String username,
+ @Field() required String response,
+ });
+
+ @Post()
+ @FactoryConverter(
+ request: FormUrlEncodedConverter.requestFactory,
+ )
+ Future<Response<SessionInfo>> checkSessionValid({
+ @Field() required String sid,
+ });
+
+ @Post()
+ @FactoryConverter(
+ request: FormUrlEncodedConverter.requestFactory,
+ )
+ Future<Response<SessionInfo>> logout({
+ @Field() required String sid,
+ @Field() bool logout = true,
+ });
+}

lib/src/api/login/models/right.dart

@@ -0,0 +1,64 @@
+import 'package:freezed_annotation/freezed_annotation.dart';
+import 'package:xml/xml.dart';
+
+part 'right.freezed.dart';
+
+enum AccessLevel {
+ none,
+ read,
+ write,
+}
+
+@freezed
+class Right with _$Right {
+ const Right._();
+
+ const factory Right.nas(AccessLevel access) = _Nas;
+ const factory Right.app(AccessLevel access) = _App;
+ const factory Right.homeAuto(AccessLevel access) = _HomeAuto;
+ const factory Right.boxAdmin(AccessLevel access) = _BoxAdmin;
+ const factory Right.phone(AccessLevel access) = _Phone;
+
+ const factory Right.unknown({
+ required String name,
+ required AccessLevel access,
+ }) = _Right;
+
+ factory Right.fromXml(XmlElement nameElement, XmlElement accessElement) {
+ assert(nameElement.name.toString() == 'Name');
+ assert(accessElement.name.toString() == 'Access');
+
+ final access = AccessLevel.values[int.parse(accessElement.text)];
+
+ switch (nameElement.text) {
+ case 'NAS':
+ return Right.nas(access);
+ case 'App':
+ return Right.app(access);
+ case 'HomeAuto':
+ return Right.homeAuto(access);
+ case 'BoxAdmin':
+ return Right.boxAdmin(access);
+ case 'Phone':
+ return Right.phone(access);
+ default:
+ return Right.unknown(
+ name: nameElement.text,
+ access: access,
+ );
+ }
+ }
+
+ String get name => when(
+ nas: (_) => 'NAS',
+ app: (_) => 'App',
+ homeAuto: (_) => 'HomeAuto',
+ boxAdmin: (_) => 'BoxAdmin',
+ phone: (_) => 'Phone',
+ unknown: (name, _) => name,
+ );
+
+ void toXml(XmlBuilder builder) => builder
+ ..element('Name', nest: name)
+ ..element('Access', nest: access.index);
+}