This forum uses cookies

ralwet · (This post was last modified: 05.10.2019, 10:26 by ralwet.)

Hi

I own a Philips TV wich is supporting jointSPACE Rest-Calls. And I can do rest-calls to my Philips-TV with Curl without problems:
The folowing Curl-Example is successfully returning the "Powerstate" of my TV ("tv on" or "tv off").

The Call is using digest authorization
The Call is using https
Insecure server connections has to be allowed ("-k" - because the TV is using a self signed certificate)
Beside SSL, it connects to Port 1926 where the jointSPACE API is answering the requests.

Code:
1
curl -XGET -u <user>:<password> https://192.168.3.123:1926/powerstate -k--digest -v

Now I try to do this curl-call on my SpaceLynk with Lua. So far it is not working. It returns code 404.
I also tried to use the Erwin's digest-example: https://forum.logicmachine.net/showthrea...mpm_digest 3
But no luck so far Sad

Can somebody help me by providing a valid lua code which is doing this curl-call?

Thanks!

Habib · 05.10.2019, 12:21

Hi,

I've no experiance with your problem, but what I've seen is, that you need an HTTPS connection and Erwin Solution use only http?
You've seen that?

ralwet · 05.10.2019, 13:29

(05.10.2019, 12:21)Habib Wrote: Hi,

I've no experiance with your problem, but what I've seen is, that you need an HTTPS connection and Erwin Solution use only http?
You've seen that?

Hi Habib

Oh, yes. I forget to mention, that i adaptet Erwin's Solution to https (line 366). But this is not working Sad

Code:
12
locals_http = require'ssl.https'--local s_http = require "socket.http"

***admin*** · 08.10.2019, 07:02

Try digest code from this post:
https://forum.logicmachine.net/showthrea...64#pid9364

Replace

Code:
1
localskthttp = require('socket.http')

with

Code:
1
localskthttp = require('ssl.https')

ralwet · 08.10.2019, 15:33

Thanks for you help! Unfortunately using this script I get again a 404.

Code:
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135
localskthttp = require('ssl.https')
--local skthttp = require('socket.http')localskturl = require('socket.url')
localltn12 = require('ltn12')
localmd5sum = require('encdec').md5localhash = function(...)
  returnmd5sum(table.concat({...}, ':'))
endlocalparse_header = function(header)
  localresult = {}
  forkey, valuein (header .. ','):gmatch('(%w+)=(.-),') doifvalue:sub(1, 1) == '"'then-- strip quotesresult[ key:lower() ] = value:sub(2, -2)
    elseresult[ key:lower() ] = valueendendreturnresultendlocalmake_digest_header = function(headers)
  localdigest = {}
  for_, headerinipairs(headers) doifnotheader.unquotethenheader[ 2 ] = '"' .. header[ 2 ] .. '"'enddigest[ #digest + 1 ] = header[ 1 ] .. '=' .. header[ 2 ]
  endreturn'Digest ' .. table.concat(digest, ', ')
endlocal_request = function(req)
  ifnotreq.urlthenreturnnil, 'missing url'endlocalurl = skturl.parse(req.url)
  localuser, password = url.user, url.passwordifnotuserornotpasswordthenreturnnil, 'missing credentials in url'endurl.user, url.password, url.authority, url.userinfo = nil, nil, nil, nilreq.url = skturl.build(url)
  localsourceifreq.sourcethenlocalchunks = {}
    localcapture = function(chunk)
      ifchunkthenchunks[ #chunks + 1 ] = chunkendreturnchunkendlocalchunk_id = 0source = function()
      chunk_id = chunk_id + 1returnchunks[ chunk_id ]
    endreq.source = ltn12.source.chain(req.source, capture)
  endlocalbody, code, hdrs = skthttp.request(req)
  ifcode == 401andhdrs['www-authenticate'] thenlocalht = parse_header(hdrs['www-authenticate'])
    ifnotht.realmornotht.noncethenreturnnil, 'missing realm/nonce from response'endifht.qop ~= 'auth'thenreturnnil, 'unsupported qop ' .. tostring(ht.qop)
    endifht.algorithmandht.algorithm:lower() ~= 'md5'thenreturnnil, 'unsupported algo ' .. tostring(ht.algorithm)
    endlocalnc = '00000001'localcnonce = string.format('%08x', os.time())
    localuri = skturl.build({ path = url.path, query = url.query })
    localmethod = req.methodor'GET'localresponse = hash(
      hash(user, ht.realm, password),
      ht.nonce,
      nc,
      cnonce,
      'auth',
      hash(method, uri)
    )
    req.headers = req.headersor {}
    localauth = {
      { 'username', user },
      { 'realm', ht.realm },
      { 'nonce', ht.nonce },
      { 'uri', uri },
      { 'cnonce', cnonce },
      { 'nc', nc, unquote = true },
      { 'qop', 'auth' },
      { 'algorithm', 'MD5' },
      { 'response', response },
    }
    ifht.opaquethentable.insert(auth, { 'opaque', ht.opaque })
    endreq.headers.authorization = make_digest_header(auth)
    ifnotreq.headers.cookieandhdrs['set-cookie'] then-- not really correct but enough for httpbinlocalcookie = (hdrs['set-cookie'] .. ';'):match('(.-=.-)[;,]')
      ifcookiethenreq.headers.cookie = '$Version: 0; ' .. cookie .. ';'endendifreq.sourcethenreq.source = sourceendbody, code, hdrs = skthttp.request(req)
  endreturnbody, code, hdrsendlocalrequest = function(url)
  localt = type(url)
  ift == 'table'thenreturn_request(table.clone(url))
  elseift == 'string'thenlocalreq = {}
    local_, code, headers = _request({ url = url, sink = ltn12.sink.table(req) })
    returntable.concat(req), code, headersendendurl = 'https://<USER>:<PASSWORD>@192.168.3.123:1926/powerstate'image, err, hdrs = request(url)
log (image)
log (err)
log (hdrs)

The url works in a Web-Browser. But not in this Script Sad

This Curl-Call does the Job too (-k Param is necessery. This allows self signed certificate):

Code:
1
curl -XGET -u <user>:<password> https://192.168.3.123:1926/powerstate -k--digest -v

Any further Ideas?

***admin*** · 08.10.2019, 15:55

Can you run curl in verbose mode (-v) and post the output?

ralwet · (This post was last modified: 08.10.2019, 16:14 by ralwet.)

Curl-Request with verbose:

Code:
1
curl -XGET -u <user>:<password> https://192.168.3.151:1926/powerstate -k--digest -v

Response:

Code:
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263
Note: Unnecessaryuseof -Xor--request, GET is already inferred.
*   Trying192.168.3.151...
* TCP_NODELAYset
* Connectedto192.168.3.151 (192.168.3.151) port1926 (#0)
* ALPN, offeringh2
* ALPN, offeringhttp/1.1
* successfullysetcertificateverifylocations:
*   CAfile: /etc/ssl/certs/ca-certificates.crtCApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLShandshake, Clienthello (1):
* TLSv1.3 (IN), TLShandshake, Serverhello (2):
* TLSv1.2 (IN), TLShandshake, Certificate (11):
* TLSv1.2 (IN), TLShandshake, Serverkeyexchange (12):
* TLSv1.2 (IN), TLShandshake, Serverfinished (14):
* TLSv1.2 (OUT), TLShandshake, Clientkeyexchange (16):
* TLSv1.2 (OUT), TLSchangecipher, Clienthello (1):
* TLSv1.2 (OUT), TLShandshake, Finished (20):
* TLSv1.2 (IN), TLShandshake, Finished (20):
* SSLconnectionusingTLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305
* ALPN, serverdidnotagreetoaprotocol
* Servercertificate:
*  subject: C=IN; ST=Karnataka; L=Bengaluru; O=TPVISIONIndiaPvt.Ltd.; OU=SmartTV; CN=restfultv.tpvision.com
*  startdate: May1910:51:532015GMT
*  expiredate: Oct410:51:532042GMT
*  issuer: C=IN; ST=Karnataka; L=Bengaluru; O=TPVISIONIndiaPvt.Ltd.; OU=SmartTV; CN=ca.tpvision.com
*  SSLcertificateverifyresult: selfsignedcertificateincertificatechain (19), continuinganyway.
* ServerauthusingDigestwithuser'<user>'
> GET /powerstateHTTP/1.1
> Host: 192.168.3.151:1926
> User-Agent: curl/7.58.0
> Accept: */*
> 
< HTTP/1.1401Unauthorized
< Date: Tue, 08Oct201916:11:17GMT+00:00
< Accept-Ranges: bytes
< Server: Restlet-Framework/2.3.12
< WWW-Authenticate: Digestrealm="XTV", domain="/", nonce="MTU3MDU1MTA3NzcyNTplZGFiYzY4NWNmMDAzNTM2YjRiMzJjYmQxMGM1YzY0OA==", algorithm=MD5, qop="auth"
< Content-Length: 424
< Content-Type: text/html; charset=UTF-8
< 
* Ignoringtheresponse-body
* Connection #0tohost192.168.3.151leftintact
* IssueanotherrequesttothisURL: 'https://192.168.3.151:1926/powerstate'
* Foundbundleforhost192.168.3.151: 0x55f0b0f70a50 [canpipeline]
* Re-usingexistingconnection! (#0) withhost192.168.3.151
* Connectedto192.168.3.151 (192.168.3.151) port1926 (#0)
* ServerauthusingDigestwithuser'<user>'
> GET /powerstateHTTP/1.1
> Host: 192.168.3.151:1926
> Authorization: Digestusername="<user>", realm="XTV", nonce="MTU3MDU1MTA3NzcyNTplZGFiYzY4NWNmMDAzNTM2YjRiMzJjYmQxMGM1YzY0OA==", uri="/powerstate", cnonce="NzVmNDdjYzYwMDBiYjU0Y2FmMjFjNmM5ZjA4MWE1NDE=", nc=00000001, qop=auth, response="ad84deaff1b8f9cf07c651a689543991", algorithm="MD5"
> User-Agent: curl/7.58.0
> Accept: */*
> 
< HTTP/1.1200OK
< Date: Tue, 08Oct201916:11:17GMT+00:00
< Accept-Ranges: bytes
< Server: Restlet-Framework/2.3.12
< Access-Control-Allow-Origin: *
< Content-Length: 19
< Content-Type: application/json; charset=UTF-8
< 
* Connection #0tohost192.168.3.151leftintact
{"powerstate":"On"}

***admin*** · 09.10.2019, 08:46

Looks correct. Do you get error 401 with your script if you specify incorrect password? Can you provide remote access to your device?

ralwet · 09.10.2019, 09:17

I get e 404

Script:

Code:
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134
localskthttp = require('ssl.https')
localskturl = require('socket.url')
localltn12 = require('ltn12')
localmd5sum = require('encdec').md5localhash = function(...)
  returnmd5sum(table.concat({...}, ':'))
endlocalparse_header = function(header)
  localresult = {}
  forkey, valuein (header .. ','):gmatch('(%w+)=(.-),') doifvalue:sub(1, 1) == '"'then-- strip quotesresult[ key:lower() ] = value:sub(2, -2)
    elseresult[ key:lower() ] = valueendendreturnresultendlocalmake_digest_header = function(headers)
  localdigest = {}
  for_, headerinipairs(headers) doifnotheader.unquotethenheader[ 2 ] = '"' .. header[ 2 ] .. '"'enddigest[ #digest + 1 ] = header[ 1 ] .. '=' .. header[ 2 ]
  endreturn'Digest ' .. table.concat(digest, ', ')
endlocal_request = function(req)
  ifnotreq.urlthenreturnnil, 'missing url'endlocalurl = skturl.parse(req.url)
  localuser, password = url.user, url.passwordifnotuserornotpasswordthenreturnnil, 'missing credentials in url'endurl.user, url.password, url.authority, url.userinfo = nil, nil, nil, nilreq.url = skturl.build(url)
  localsourceifreq.sourcethenlocalchunks = {}
    localcapture = function(chunk)
      ifchunkthenchunks[ #chunks + 1 ] = chunkendreturnchunkendlocalchunk_id = 0source = function()
      chunk_id = chunk_id + 1returnchunks[ chunk_id ]
    endreq.source = ltn12.source.chain(req.source, capture)
  endlocalbody, code, hdrs = skthttp.request(req)
  ifcode == 401andhdrs['www-authenticate'] thenlocalht = parse_header(hdrs['www-authenticate'])
    ifnotht.realmornotht.noncethenreturnnil, 'missing realm/nonce from response'endifht.qop ~= 'auth'thenreturnnil, 'unsupported qop ' .. tostring(ht.qop)
    endifht.algorithmandht.algorithm:lower() ~= 'md5'thenreturnnil, 'unsupported algo ' .. tostring(ht.algorithm)
    endlocalnc = '00000001'localcnonce = string.format('%08x', os.time())
    localuri = skturl.build({ path = url.path, query = url.query })
    localmethod = req.methodor'GET'localresponse = hash(
      hash(user, ht.realm, password),
      ht.nonce,
      nc,
      cnonce,
      'auth',
      hash(method, uri)
    )
    req.headers = req.headersor {}
    localauth = {
      { 'username', user },
      { 'realm', ht.realm },
      { 'nonce', ht.nonce },
      { 'uri', uri },
      { 'cnonce', cnonce },
      { 'nc', nc, unquote = true },
      { 'qop', 'auth' },
      { 'algorithm', 'MD5' },
      { 'response', response },
    }
    ifht.opaquethentable.insert(auth, { 'opaque', ht.opaque })
    endreq.headers.authorization = make_digest_header(auth)
    ifnotreq.headers.cookieandhdrs['set-cookie'] then-- not really correct but enough for httpbinlocalcookie = (hdrs['set-cookie'] .. ';'):match('(.-=.-)[;,]')
      ifcookiethenreq.headers.cookie = '$Version: 0; ' .. cookie .. ';'endendifreq.sourcethenreq.source = sourceendbody, code, hdrs = skthttp.request(req)
  endreturnbody, code, hdrsendlocalrequest = function(url)
  localt = type(url)
  ift == 'table'thenreturn_request(table.clone(url))
  elseift == 'string'thenlocalreq = {}
    local_, code, headers = _request({ url = url, sink = ltn12.sink.table(req) })
    returntable.concat(req), code, headersendendurl = 'https://<user>:<password>@192.168.3.151:1926/powerstate'image, err, hdrs = request(url)
log (image)
log (err)
log (hdrs)

SpaceLynk Log:

Code:
1234567891011121314151617181920212223242526
GetStatePhilipsTV09.10.201911:12:37
* string: <html>
<head>
   <title>Statuspage</title>
</head>
<bodystyle="font-family: sans-serif;">
<pstyle="font-size: 1.2em;font-weight: bold;margin: 1em 0px;">NotFound</p>
<p>TheserverhasnotfoundanythingmatchingtherequestURI</p>
<p>Youcangettechnicaldetails <ahref="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.5">here</a>.<br>
Pleasecontinueyourvisitatour <ahref="/">homepage</a>.
</p>
</body>
</html>

GetStatePhilipsTV09.10.201911:12:37
* number: 404GetStatePhilipsTV09.10.201911:12:37
* table:
 ["date"]
  * string: Wed, 09Oct201909:12:37GMT+00:00
 ["content-length"]
  * string: 439
 ["content-type"]
  * string: text/html; charset=UTF-8
 ["server"]
  * string: Restlet-Framework/2.3.12

Thank you very much for your Support Smile

But a Remote-Session is not necessary. If we don't find a quick solution on the SpaceLynk I will go for a workaraound (using a Linux-Device for calling the TV).

***admin*** · 09.10.2019, 09:47

This issue might appear due to missing port part in HTTP host header.

Try replacing line 125:

Code:
1
local_, code, headers = _request({ url = url, sink = ltn12.sink.table(req), headers = { host = '192.168.3.151:1926' } })

ralwet · 09.10.2019, 16:06

Yes, now it works! Thank you very much!! Smile

Login
Username:
Password:	Lost Password?
	Remember me