frigate-hass-integration
frigate-hass-integration copied to clipboard
blakeblackshear
Media browser does not work when accessing frigate with authentication.
Describe the bug
When browsing media via HA the proxied URLs for snapshots / clips / recordings all return 401 errors. At the same time I see the resolved URL in the frigate container:
2024-12-15 19:27:13.663300410 192.168.18.3 - - [15/Dec/2024:19:27:13 +0100] "GET /api/events/1734285996.292472-4ggity/snapshot.jpg HTTP/1.1" 401 179 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0" "192.168.18.5"
I altered the nginx config inside the container to do a bit more logging, inside auth_request.conf I added:
add_header X-Requested-Uri $request_uri always;
add_header X-Requested-Auth $http_authorization always;
This helps me in seeing what the frigate request looks like through HA's internal proxy.
The resulting response headers from the 401 I get from HA, which is forwarded from frigate:
X-Requested-Uri: /api/events/1734270241.350298-6easg5/thumbnail.jpg
This means that there is no authorization header in the request from HA to Frigate.
I'm not sure how the unauthenticated request is possible since in https://github.com/blakeblackshear/frigate-hass-integration/blob/master/custom_components/frigate/api.py#L155 it uses the api wrapper which should be adding headers.
Debug logs
These show nothing interesting, which is weird.
2024-12-15 21:11:35.200 DEBUG (MainThread) [custom_components.frigate] Finished fetching frigate data in 0.010 seconds (success: True)
2024-12-15 21:11:40.196 DEBUG (MainThread) [custom_components.frigate] Finished fetching frigate data in 0.005 seconds (success: True)
2024-12-15 21:11:45.198 DEBUG (MainThread) [custom_components.frigate] Finished fetching frigate data in 0.008 seconds (success: True)
Version of the custom_component
5.6.0
For now this is all the time I can spend on this, I'll do more research and come back with more info if I have it. If anyone else using the authenticated port 8197 to connect from this integration to frigate hosted on a different machine could confirm that their media browser works properly that'd be great.
