Enable the use of non-encrypted token in Nuki (#104007)

2023-11-27 17:28:13 +01:00 · 2023-11-27 17:28:13 +01:00 · 239d7c9d80
commit 239d7c9d80
parent 664aca2c68
4 changed files with 28 additions and 9 deletions
--- a/homeassistant/components/nuki/init.py
+++ b/homeassistant/components/nuki/init.py
@ -39,7 +39,7 @@ from homeassistant.helpers.update_coordinator import (
    UpdateFailed,
 )

-from .const import DEFAULT_TIMEOUT, DOMAIN, ERROR_STATES
+from .const import CONF_ENCRYPT_TOKEN, DEFAULT_TIMEOUT, DOMAIN, ERROR_STATES
 from .helpers import NukiWebhookException, parse_id

 _NukiDeviceT = TypeVar("_NukiDeviceT", bound=NukiDevice)
@ -188,7 +188,7 @@ async def async_setup_entry(hass: HomeAssistant, entry: ConfigEntry) -> bool:
            entry.data[CONF_HOST],
            entry.data[CONF_TOKEN],
            entry.data[CONF_PORT],
-            True,
+            entry.data.get(CONF_ENCRYPT_TOKEN, True),
            DEFAULT_TIMEOUT,
        )

--- a/homeassistant/components/nuki/config_flow.py
+++ b/homeassistant/components/nuki/config_flow.py
@ -13,7 +13,7 @@ from homeassistant.components import dhcp
 from homeassistant.const import CONF_HOST, CONF_PORT, CONF_TOKEN
 from homeassistant.data_entry_flow import FlowResult

-from .const import DEFAULT_PORT, DEFAULT_TIMEOUT, DOMAIN
+from .const import CONF_ENCRYPT_TOKEN, DEFAULT_PORT, DEFAULT_TIMEOUT, DOMAIN
 from .helpers import CannotConnect, InvalidAuth, parse_id

 _LOGGER = logging.getLogger(__name__)
@ -26,7 +26,12 @@ USER_SCHEMA = vol.Schema(
    }
 )

-REAUTH_SCHEMA = vol.Schema({vol.Required(CONF_TOKEN): str})
+REAUTH_SCHEMA = vol.Schema(
+    {
+        vol.Required(CONF_TOKEN): str,
+        vol.Optional(CONF_ENCRYPT_TOKEN, default=True): bool,
+    }
+)


 async def validate_input(hass, data):
@ -41,7 +46,7 @@ async def validate_input(hass, data):
            data[CONF_HOST],
            data[CONF_TOKEN],
            data[CONF_PORT],
-            True,
+            data.get(CONF_ENCRYPT_TOKEN, True),
            DEFAULT_TIMEOUT,
        )

@ -100,6 +105,7 @@ class NukiConfigFlow(config_entries.ConfigFlow, domain=DOMAIN):
            CONF_HOST: self._data[CONF_HOST],
            CONF_PORT: self._data[CONF_PORT],
            CONF_TOKEN: user_input[CONF_TOKEN],
+            CONF_ENCRYPT_TOKEN: user_input[CONF_ENCRYPT_TOKEN],
        }

        try:
@ -131,8 +137,15 @@ class NukiConfigFlow(config_entries.ConfigFlow, domain=DOMAIN):
    async def async_step_validate(self, user_input=None):
        """Handle init step of a flow."""

+        data_schema = self.discovery_schema or USER_SCHEMA
+
        errors = {}
        if user_input is not None:
+            data_schema = USER_SCHEMA.extend(
+                {
+                    vol.Optional(CONF_ENCRYPT_TOKEN, default=True): bool,
+                }
+            )
            try:
                info = await validate_input(self.hass, user_input)
            except CannotConnect:
@ -149,7 +162,8 @@ class NukiConfigFlow(config_entries.ConfigFlow, domain=DOMAIN):
                self._abort_if_unique_id_configured()
                return self.async_create_entry(title=bridge_id, data=user_input)

-        data_schema = self.discovery_schema or USER_SCHEMA
        return self.async_show_form(
-            step_id="user", data_schema=data_schema, errors=errors
+            step_id="user",
+            data_schema=self.add_suggested_values_to_schema(data_schema, user_input),
+            errors=errors,
        )
--- a/homeassistant/components/nuki/const.py
+++ b/homeassistant/components/nuki/const.py
@ -12,3 +12,6 @@ DEFAULT_PORT = 8080
 DEFAULT_TIMEOUT = 20

 ERROR_STATES = (0, 254, 255)
+
+# Encrypt token, instead of using a plaintext token
+CONF_ENCRYPT_TOKEN = "encrypt_token"
--- a/homeassistant/components/nuki/strings.json
+++ b/homeassistant/components/nuki/strings.json
@ -5,14 +5,16 @@
        "data": {
          "host": "[%key:common::config_flow::data::host%]",
          "port": "[%key:common::config_flow::data::port%]",
-          "token": "[%key:common::config_flow::data::access_token%]"
+          "token": "[%key:common::config_flow::data::access_token%]",
+          "encrypt_token": "Use an encrypted token for authentication."
        }
      },
      "reauth_confirm": {
        "title": "[%key:common::config_flow::title::reauth%]",
        "description": "The Nuki integration needs to re-authenticate with your bridge.",
        "data": {
-          "token": "[%key:common::config_flow::data::access_token%]"
+          "token": "[%key:common::config_flow::data::access_token%]",
+          "encrypt_token": "[%key:component::nuki::config::step::user::data::encrypt_token%]"
        }
      }
    },