2

I'm having issues using the Basic Authentication method for the Hue remote API. When POSTing to https://api.meethue.com/oauth2/token?code={code}&grant_type=authorization_code with the built Authorization-header I get this response:

{
  "fault": {
    "faultstring": "Invalid client identifier {0}",
    "detail": {
      "errorcode": "oauth.v2.InvalidClientIdentifier"
    }
  }
}

I assume then that I am building the token in the wrong way, but the docs (see Basic Authentication) is a bit vague on what to actually do.

The docs says that I should send a header via this format: Authorization: Basic <base64(clientid:clientsecret)> and that it should be encoded in base-64:

you would need to send a Basic authorization header that includes a base64 encrypted hash of your clientid and clientsecret.

And from the Digest-method, I assume MD5 is used and then digested to base-64.

Here's what I've tried, all with the same error-code:

'Basic ' + crypto.createHash('md5').update(clientId + clientSecret).digest('base64')

'Basic ' + crypto.createHash('md5').update(clientId + ':' + clientSecret).digest('base64')

'Basic ' + (clientId + ':' + clientSecret).toString('base64')

'Basic ' + (clientId + clientSecret).toString('base64')

What more is there to try?

Tokfrans
  • 1,939
  • 2
  • 24
  • 56
  • There are discrepancies indeed between the different pages on the meethue.com site. From the little I found, Basic Authentication seems no longer encouraged or even accepted. See here: https://developers.meethue.com/documentation/remote-hue-api (you need to be logged in to see the page), where it says: "[...] basic authentication documentation can be ignored." – jfix Jun 16 '18 at 22:31
  • @jfix Yup. I ended up going with the digest method. Kinda sucks that the docs are so outdated. – Tokfrans Jun 18 '18 at 13:48
  • Tokfrans did you use a library or did you write the code from scratch? I'm also looking into controlling some Hue bulbs remotely, but can't be bothered to write the authentication code myself ... :-/ – jfix Jun 18 '18 at 20:21
  • @jfix I followed the source from the Q42 C# library. Take a look at it here https://github.com/Q42/Q42.HueApi/blob/master/src/Q42.HueApi/RemoteAuthenticationClient.cs – Tokfrans Jun 19 '18 at 16:29
  • @Tokfrans did you ever manage to get an auth token via Digest Auth? – Hannes Oct 10 '18 at 06:27
  • @Hannes Yup I did. I followed the code in link in the above comment :) – Tokfrans Oct 10 '18 at 16:09

1 Answers1

0

@Tokfrans

you can create a test token with clientid:secret by using the site https://www.base64encode.org/

it will give you a valid token that you can use with Basic authentication

keep in mind that you first need to get a code which you can then use to get a accesstoken https://api.meethue.com/oauth2/auth?clientid=xxxxxx&appid=xxxxx&deviceid=xxxx&devicename=xxxx&state=xxxx&response_type=code

Hamid el Abassi
  • 21
  • 1