xled icon indicating copy to clipboard operation
xled copied to clipboard

Published 20 hours ago • verified publisher icon scrool

High interface fetches hw address

Open scrool opened this issue 2 years ago • 2 comments

I'm not sure about this approach especially because of API breakage. I'm marking this PR as draft one for now.

scrool avatar Mar 08 '22 20:03 scrool

Hi @scrool

Nice functionality of course. But are you not complicating things a little? The low-level ControlInterface is perfectly capable of retrieveing the hardware address (and the "gestalt" endpoint formally does not require authentication, so it is formally ok according to the protocol to make this call before the hw address is known). Adding that capability somewhere else (in auth.py) is code duplication and makes it less modular, in case the interface changes. So what I do in my version of HighControlInterface is to instead add a few lines to the init method:

    def __init__(self, host, hw_address=None):
        super(HighControlInterface, self).__init__(host, hw_address)
        info = self.get_device_info()
        if not self.hw_address:
            self.hw_address = info["mac"]
        ...

Problem solved. (And then I read out a couple of other things from info, needed to make the interface device independent, like number of leds, led profile, family, etc. Just in case you wonder why info is not set within the if statement.)

Anders

Anders-Holst avatar Mar 26 '22 12:03 Anders-Holst

@Anders-Holst long story short I would like to provide authentication for API calls where one doesn't need to care about HW address and challenge-response is still validated on the background.

For a context, see a documentation in PR #134, rendered here: https://xled--134.org.readthedocs.build/en/134/auth.html . And then here is a snippet of doc that would exist for this (#130) PR:

BaseUrlChallengeResponseAuthHwAddressFetchingSession
----------------------------------------------------

Third approach uses `BaseUrlChallengeResponseAuthHwAddressFetchingSession`
which automatically fetches HW address if it is not passed so
challenge-response could be validated::

    >>> from xled.auth import BaseUrlChallengeResponseAuthHwAddressFetchingSession
    >>> from xled.response import ApplicationResponse
    >>>
    >>> base_url = "http://{}/xled/v1/".format(hostname)
    >>>
    >>> session = BaseUrlChallengeResponseAuthHwAddressFetchingSession(
    >>>     base_url=base_url
    >>> )
    >>>
    >>> response = session.get("summary")
    >>> ApplicationResponse(response)
    <Response [200]>

scrool avatar Mar 26 '22 17:03 scrool