0

We implemented a Smart Home Action for our cloud solution which allows us to control our thermostats. Also, the Report State feature was implemented, but we have trouble in the next case:

Case:

UserA which is signed in to Google Home app with Google account userA@gmail.com does a linking process (authorizes) via our Smart Action with account user@ourcompany.com -> All devices are synced to him correctly

UserB which is signed in to Google Home app with Google account anotherUserB@gmail.com does a linking process (authorizes) via our Smart Action with the same account as UserA did: user@ourcompany.com -> All devices are also are synced to him correctly.

On our backend, two times is triggered SYNC request for user user@ourcompany.com as both of them used the same account for linking. After SYNC request was triggered, we started to send Google Report State events. At the current step, everything is ok.

But, if for example, UserA unlinks his account -> Google sends a DISCONNECT intent and as it is said in the documentation we should stop sending Report State events. And here goes an issue: UserB still has linked account for user@ourcompany.com and if we stop sending Report State events, userB will receive incorrect data.

What should we do in the case? How to handle this right? When do we should stop send a Report State events?

groomy
  • 5
  • 4

1 Answers1

0

When each Google user connects to an OurCompany account, you should assign them a unique access token and refresh token. As needed you should update your access token using the refresh token, as per the OAuth standard flow.

When a DISCONNECT intent is sent, you should use the request's access token from that request to remove that access token and refresh token.

You may think of it as arrays with a series of valid refresh and access tokens. When you remove one, there may still be a second in the array. Once there are no tokens left, that's when you can stop reporting state.

Nick Felker
  • 11,536
  • 1
  • 21
  • 35
  • thanks, can we rely on 404 error which should be sent if user is unlinked or this error may be sent not only in case user account is unlinked? Current solution is using Identity Server for OAuth, so it may be a bit complicated to use your solution. – groomy Aug 01 '19 at 18:51
  • 1
    If you get a 404 error, you can reasonably assume that your agent user ID no longer exists in the Home Graph – Nick Felker Aug 01 '19 at 20:57
  • A 404 can mean that the device doesn't exist in Homegraph either - is that right? AFAIK, you can't tell if you got a 404 is for the user not existing or the device. A workaround (to verify it is the user that doesn't exist), could be to call the [SYNC endpoint](https://developers.google.com/actions/smarthome/reference/rest/v1/devices/sync) - if you get 404 here, you know it's the user. – chearmstrong Aug 02 '19 at 14:21
  • Sure, although you should regularly be in a state where all devices are synced in the home graph. – Nick Felker Aug 02 '19 at 15:36
  • What about situation when userA turn device on, should we send report for userB also, or only for userA? – Andrey Nikishaev Aug 22 '22 at 13:20