Ondilo spa/pool monitor - Printable Version

Code:
function getAuth()
  local url = apiHost .. endpointAuth .. '?client_id=customer_api&response_type=code&redirect_uri=' .. uri .. '&scope=api&state=' .. state
  local resp, code, hdrs, stat = socket.http.request(url)

  local formtoken = resp:match('name="_token" value="([^"]+)">')
  local cookies = hdrs['set-cookie'] or ''
  local cookietoken = cookies:match('XSRF%-TOKEN=[^;]+') or ''
  local cookiesession = cookies:match('interop_new_api_session=[^;]+') or ''

  local escape = require('socket.url').escape
  local data = {
    '_token=' .. formtoken,
    'email=' .. escape(usr),
    'password=' .. escape(pwd),
    'locale=en',
    'proceed=Authorize'
  }
  local body = table.concat(data, '&')

  local resp, code, hdrs, stat = socket.http.request({
    url = url,
    method = 'POST',
    headers = {
      ['Content-Type'] = 'application/x-www-form-urlencoded',
      ['Content-Length'] = #body,
      ['Referer'] = url,
      ['Cookie'] = cookietoken .. '; ' .. cookiesession,
    },
    body = body
  })

  local location = hdrs.location
  local auth_code = location:match('code=(%w+)')

  if not auth_code then
    return
  end

  local data = {
    'code=' .. escape(auth_code),
    'grant_type=authorization_code',
    'client_id=customer_api',
    'redirect_uri=' .. escape(uri),
  }
  local body = table.concat(data, '&')

  local resp, code, hdrs, stat = socket.http.request({
    url = apiHost .. endpointToken,
    method = 'POST',
    headers = {
      ['Content-Type'] = 'application/x-www-form-urlencoded',
      ['Content-Length'] = #body,
      ['Referer'] = url,
      ['Cookie'] = cookietoken .. '; ' .. cookiesession,
    },
    body = body
  })

  if code == 200 then
    local data = json.decode(resp)
    return data.access_token
  end
end