WienerNetzeSmartmeter icon indicating copy to clipboard operation
WienerNetzeSmartmeter copied to clipboard

Published 20 hours ago verified publisher icon DarwinsBuddy

Investigate alternative API

Open DarwinsBuddy opened this issue 1 year ago • 14 comments

Continuing the discussion about alternative API approaches from #273

https://api-portal.wienerstadtwerke.at/portal/apis/7f8a1cce-2a7e-4b18-840b-b0387ed9a3fc/apiinfo

@W-M-B @tschoerk @reox

DarwinsBuddy avatar Nov 16 '24 10:11 DarwinsBuddy

Hello @DarwinsBuddy I did not catch the issue you had with authentication. and proxy infrastructure. I can try to investigate about the authentication, as I have some experience experience with other API portals, but most likely you do as well ..but happy to spend some time to validate using postman etc..

W-M-B avatar Nov 16 '24 11:11 W-M-B

I might be missing something, but I didn't find a way of giving this API a go without exposing the App's credentials to the integration, which is then publicly sharing it.

If you want to fiddle around, just register in the portal and send me your username/email so I can add you to the app I created.

DarwinsBuddy avatar Nov 16 '24 11:11 DarwinsBuddy

send an email to gmail. happy to test.

What I assume is that you might need to do the same as for example when you integrate Spotify in home assistant. Use need to register in WSTW API Portal, get api user and secret and need to provide this as part of the hacs integration installation and have their own API access. This might be difficult for some people, but with a good how-to guide this should be possible as homeassistant users are not completely new to the computer world

W-M-B avatar Nov 16 '24 14:11 W-M-B

Send me an email: https://github.com/DarwinsBuddy for access

The issue hereby is, that it's a) authentication with extra steps and b) not the intended usage. The APIs offered by the portal are B2B, unless you specify an OAuth 2.0 flow, which we can't because every home assistant installation will have a different url they're running under and we would have to keep the allowed redirectURIs in sync with all of the user's setups (which is unfeasible).

So I fear our use case doesn't fit this API offered. But if you want to give it a try feel free to fiddle around with it, just send me an email.

DarwinsBuddy avatar Nov 16 '24 14:11 DarwinsBuddy

Findings so far why this smartmeter portal from Wiener Stadtwerke is unusable.

It seems that they do not offer a password oauth flow, but merely an oauth2.0 token authentication flow. Which implies that we would have to have a valid proxy tucking away our credentials, whilst serving everything under a well-known url to handle a proper redirect-url from WSTW.

All of this is not possible without providing infrastructure, which I don't intend to do as of costs+maintenance.

Additionally, they also lack proper security of their API credentials handling. I didn't even get the flow to work even when providing everything according to their documentation (which is ambiguous and flaky, at least for the authentication part).

I fear all in all, this is not an option we can look at in terms of replacement of the current api approach.

DarwinsBuddy avatar Nov 17 '24 12:11 DarwinsBuddy

Just to chime in: I actually created an App there in May and have regularly tried to get it to work, but I could never even got the authentication flow to work. Requesting an oauth2 token, got me an error message that make my head scratch (e.g. "The supplied scope (profile) is not associated with the client Home Assistant Integration" - but in my application the scope is clearly set to profile.) - so that's where I'm always stuck, so maybe there is just some information I'm missing.

Anyway what is something we could do in the future is make an API documentation of all the calls in the smart meter we found, so maybe the entry level is easier for others and also for us to figure out quicker what API changes were done (so we would have seen immediatly how the old verbrauch call worked and what the differences were to the bewegungsdaten call). This requires some work and more importantly maintenance to be useful. Are there some best practice use cases for git to document something like that? Maybe if we have some downtime in the next weeks, when Wien Energie doesn't change the API, we could start with it.

tschoerk avatar Nov 19 '24 11:11 tschoerk

I also had a look at the API and requested access. I have no idea how to even start and looked at the documentation and tried some oauth clients - but also the same here, it does not work (and I'm probably doing something wrong). What I understood from that (and I could be wrong) is the following:

  • You have to request to link your WN smartmeterweb Account to your requested API Key
  • Afterwards, you can access the API with the Token
  • there is no documentation how to ask log.wien for a token

So even if we would setup our own authentification service, they would have to link log.wien accounts to the API first - which is nonsense. Or how is this supposed to work?

reox avatar Feb 01 '25 15:02 reox

I spent some time figuring everything out. It's simpler than it looks, but it's described overly complicated and you have to piece together information from different documentation sources of the dev portal.

Basically what you said is correct @reox. You create an application for the smart meter API. You wait for it to be approved and get the API key. You write an email requesting to linking your application with your smart meter account. You get a client-id and client-secret. With those 3 parts you can request a token and call the API. I'm not sure about it, but I think you have to make your own application, ideally with the same e-mail as the smart meter user, but that's not really a hurdle and everyone is then responsible for their own data.

I have built a Python wrapper for the official API: https://github.com/tschoerk/Wiener-Netze-Smart-Meter-API where there's also instructions how to get all the needed data.

So the next step would be to update the integration to be able to choose from different login options, or maybe it's just easier to fork it and change the config_flow and api and then users have two options in HACS.

tschoerk avatar Feb 03 '25 15:02 tschoerk

I have built a Python wrapper for the official API: https://github.com/tschoerk/Wiener-Netze-Smart-Meter-API where there's also instructions how to get all the needed data.

Nice!

Have someone already investigated in the direction that they would offer an API for log.wien to gather the token from there?

The other option would probably be, everyone requests the API access, they finally get annoyed and open the API for us 😂 or lock it down completely 😅

reox avatar Feb 03 '25 15:02 reox

I have built a Python wrapper for the official API: https://github.com/tschoerk/Wiener-Netze-Smart-Meter-API where there's also instructions how to get all the needed data.

The other option would probably be, everyone requests the API access, they finally get annoyed and open the API for us 😂 or lock it down completely 😅

I think this is the realistic way to go. Everyone creates their own API application and links their own account to it.

tschoerk avatar Feb 03 '25 16:02 tschoerk

I think this is the realistic way to go. Everyone creates their own API application and links their own account to it.

Do we have any stats how many people use this extension in their home assistant? I guess if now 100 people start to register applications .... ;) Any ways, I now send a mail and requested to add my account to the application.

I think having the option in HA to either enter log.wien credentials and hope for the best or be a "registered user" is probably the best!

reox avatar Feb 03 '25 17:02 reox

@tschoerk the issue with this public API is, it (acccording to the docs) only supports B2B integrations. i.e. only if you have your own proxy implementing oauth.

there is no single api-key that you can use in favor of your own log.wien credentials. I reached out on two different sides to Wiener Netze. till today I've got no response.

@reox you can check yourself with this integration https://www.home-assistant.io/integrations/analytics_insights/ this is just an estimate, since it only shows the number of active installations of an integration on systems that have analytics turned on. so it's a lower bound. currently it shows 245 for me

if you want to have access to the api app to look for yourself and file a join request: https://api-portal.wienerstadtwerke.at/portal/applications/c44f557e-244f-4683-bb6a-30ac7bbb5b3c

DarwinsBuddy avatar Feb 14 '25 08:02 DarwinsBuddy

I got the API access and I got the information that it is also linked to my account - but I haven't tested it so far... I believe the way to add two login methods is probably the best: Next to the wonky log.wien approach, there can be a way to use API Keys.

reox avatar Feb 14 '25 09:02 reox

@tschoerk the issue with this public API is, it (acccording to the docs) only supports B2B integrations. i.e. only if you have your own proxy implementing oauth.

there is no single api-key that you can use in favor of your own log.wien credentials. I reached out on two different sides to Wiener Netze. till today I've got no response.

That can be circumvented by creating an application yourself and link that to your smart meter account (see my repo for the instructions). Then the authentication runs over wiener netze. Everyone has their own API-Key.

I got the API access and I got the information that it is also linked to my account - but I haven't tested it so far... I believe the way to add two login methods is probably the best: Next to the wonky log.wien approach, there can be a way to use API Keys.

Nice let us know if it works for you. Then we can start working on implementing the second way.

tschoerk avatar Feb 14 '25 09:02 tschoerk