Announcement

Collapse
No announcement yet.

Authentication with hs.getURL

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Authentication with hs.getURL

    I want to change Dahua IPC camera profiles from Homeseer. The http command is:

    userassword@192.168.0.x/cgi-bin/configManager.cgi?action=setConfig&VideoInOptions[0].NightOptions.SwitchMode=1

    When I execute this command from a browser, the profiles do change with the caveat that there is an additional step asking me to confirm that "user" is trying to log in.

    In HS, I am doing this in an event by running a script. I've been unable to get the profiles to change. I'm using hs.getURL and have tried it 2 different ways:

    hs.getURL("userassword@192.168.0.x","/cgi-bin.../,FALSE,80)

    hs.getURL("userassword@192.168.0.x/cgi-bin/xxx","",FALSE,80)

    I suspect that the additional confirmation step may be the issue.

    If anyone has any ideas for me to try, please let me know.

    #2
    I see the word Dahua and start to have nightmares (I was fighting three Dahua DVR's at 2AM this morning) but I'll give this a go...

    In terms of your issue then the authentication should be looked at - when you say it prompts you for a login are you presented with a traditional HTTP basic authentication login box or is a box on a web page that you have to log into and press a button? If the former then easier if the latter then harder, if the former then there are .net solutions to add an authentication header to a HTTP call (I don't believe embedding in the url is encouraged or potentially still supported?) if the latter then it may be one that you have to use something like the Chrome developer console to log into the page and see what it is doing to get access.

    Comment


      #3
      Originally posted by mrhappy View Post
      In terms of your issue then the authentication should be looked at - when you say it prompts you for a login are you presented with a traditional HTTP basic authentication login box or is a box on a web page that you have to log into and press a button?
      After I enter the command in the browser, an addition dialog box pops up

      You are about to log into 192.168.0.x with the username "user"

      It's either "OK" or "Cancel"

      Comment


        #4
        Are you able to take a screenshot of this? I'm just trying to figure out if this is a prompt that Dahua have coded or is a standard thing that may be able to got around.

        Comment


          #5
          Attached is the dialog that pops up after the URL is entered into Firefox
          Attached Files

          Comment


            #6
            FWIW, I also tried hs.URLaction:

            hs.URLAction("http://192.168.0.60/cgi-bin/configManager.cgi?action=setConfig&VideoInMode[0].Config[0]=0", POST, "", "Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQK")

            I get the following error in the log:

            In URLAction POST: The remote server returned an error: (401) Unauthorized

            My thinking was since the camera supposedly accepts Basic authentication, I would put the authorization in the header field. Here's what it says in a Dahua IPC manual I found online regarding authentication:


            The IP Camera supplies two authentication ways: basic authentication and digest authentication. Client can login through: http://<ip>/cgi-bin/global.login?userName=admin. The IP camera returns 401. Then the client inputs a username and password to authorize.

            For example:
            1. When basic authentication, the IP camera response:

            401 Unauthorized:
            WWW-Authenticate: Basic realm =" XXXXXX"

            Then the client encode the username and password with base64, send the following request:

            Authorization: Basic VXZVXZ

            Comment


              #7
              Originally posted by art_vandelay View Post
              FWIW, I also tried hs.URLaction:

              hs.URLAction("http://192.168.0.60/cgi-bin/configManager.cgi?action=setConfig&VideoInMode[0].Config[0]=0", POST, "", "Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQK")

              I get the following error in the log:

              In URLAction POST: The remote server returned an error: (401) Unauthorized

              My thinking was since the camera supposedly accepts Basic authentication, I would put the authorization in the header field. Here's what it says in a Dahua IPC manual I found online regarding authentication:


              The IP Camera supplies two authentication ways: basic authentication and digest authentication. Client can login through: http://<ip>/cgi-bin/global.login?userName=admin. The IP camera returns 401. Then the client inputs a username and password to authorize.

              For example:
              1. When basic authentication, the IP camera response:

              401 Unauthorized:
              WWW-Authenticate: Basic realm =" XXXXXX"

              Then the client encode the username and password with base64, send the following request:

              Authorization: Basic VXZVXZ
              Seems like your on the right track with URLaction. Make sure your encoded username/password is correct -- its base64_encode("username:password"), although I don't know how to code that in VB.
              Here is a site that will generate a header for you:
              http://www.blitter.se/utils/basic-au...der-generator/

              Comment


                #8
                I've not been too convinced that the hs.urlaction headers actually work on the basis of recent postings, I know I've tried (don't think it was an auth header though) and couldn't get it working.

                art_vandelay - I think I would try myself making sure that the commands work as at the minute you might have both the HS side wrong and the command structure wrong. I'd suggest if you use Chrome taking a look at the addon called Postman and that will allow you to test, include basic authentication and it'll generate your Base64 string for you. You can take a look at the output and find out whether it is working - once you know it works adding it to the header then I'm sure I or someone else can dig out some .net code using the WebClient that should enable you to download a file and provide an authentication header.

                Comment


                  #9
                  Thanks to both for your replies

                  I was using the following encoder tool:

                  http://webnet77.com/cgi-bin/helpers/base-64.pl

                  which gave me a slightly different result (the last character) than the one suggested by @zwolfpack which got rid of the the error in the log.

                  @mrhappy - I was able to get the profiles to change using the authorization and header from Postman. It also shows the correct return value.

                  So it seems the command structure and the authentication is ok but the hs.URLAction structure is the problem?

                  Comment


                    #10
                    Originally posted by art_vandelay View Post
                    Thanks to both for your replies

                    I was using the following encoder tool:

                    http://webnet77.com/cgi-bin/helpers/base-64.pl

                    which gave me a slightly different result (the last character) than the one suggested by @zwolfpack which got rid of the the error in the log.

                    @mrhappy - I was able to get the profiles to change using the authorization and header from Postman. It also shows the correct return value.

                    So it seems the command structure and the authentication is ok but the hs.URLAction structure is the problem?
                    Good progress. I just noticed that on your 1st post you were trying to do a GET, but when you changed to URLAction you're doing a POST action. Perhaps try changing "POST" to "GET" ?

                    Comment


                      #11
                      Originally posted by art_vandelay View Post
                      Thanks to both for your replies

                      I was using the following encoder tool:

                      http://webnet77.com/cgi-bin/helpers/base-64.pl

                      which gave me a slightly different result (the last character) than the one suggested by @zwolfpack which got rid of the the error in the log.

                      @mrhappy - I was able to get the profiles to change using the authorization and header from Postman. It also shows the correct return value.

                      So it seems the command structure and the authentication is ok but the hs.URLAction structure is the problem?
                      Ok well this is encouraging and like I say, I'm not convinced that URLAction actually works correctly. This is part of some plugin code (so it's not a direct script drop in) that might be able to get you started to post some data to a web address with an authentication header.

                      Code:
                                  Dim request As WebRequest = WebRequest.Create(WebAddress) 'this is the same for post or get
                      
                                  request.Timeout = 3000
                                  request.Headers.Add("Authorization", "Basic " & AuthHeader) 'this si the same for post or get
                      
                                  Dim bAr() As Byte = Encoding.UTF8.GetBytes(JSONData)
                      
                                  request.ContentLength = bAr.Length
                                  request.Method = "POST"
                                  request.ContentType = "application/json"
                      
                                  Dim rStream As Stream = request.GetRequestStream
                      
                                  rStream.Write(bAr, 0, bAr.Length)
                                  rStream.Close()

                      Comment


                        #12
                        I know this is an old thread, but it may help someone else in same position.

                        I'm new with Homeseer and I just got 2 Dahua IP PTZ cameras, and was trying make them switch to day/night mode via Homeseer. In my opinion, the core of the problem is that Dahua's implementation of URL decoding is faulty. I don't think they properly interpret encoding for [ and ] (Hex %5B and %5D). Because of that you get HTTP response code 200 (OK) and response stream contains one word "Error", instead of "OK". Authentication works just fine.

                        Here is cURL example that works in Windows command line
                        Code:
                        curl -g -u userName:pwd -X GET http://dahuaCameraAddress/cgi-bin/configManager.cgi?action=setConfig^&VideoInMode
                        ^[0^].Config^[0^]=1
                        Note the use of -g option, that tells cURL not to interpret [] as numerical range, but rather to leave it alone. Using fiddler or Wireshark to sniff traffic, you will see that URL is being shown as

                        Code:
                        http://dahuaCameraAddress/cgi-bin/configManager.cgi?action=setConfig&VideoInMode[0].Config[0]=1
                        That very same URL is shown if used from browser (IE, Firefox, etc.)

                        Now, if you use any of mentioned methods in HS3 script (GetURL, URLAction, WebRequest, WebClient, etc.), URL shown in Fiddler is already encoded to

                        Code:
                        http://dahuaCameraAddress/cgi-bin/configManager.cgi?action=setConfig&VideoInMode%5B0%5D.Config%5B0%5D=1
                        and Dahua chokes on it.

                        There is really only one way to prove that, and that's not to use HTTP clients, but rather raw socket. I'm pretty good at C#, but VB.Net I can read only. Never written anything serious in it. HS3 is suppose to support C# in scripts, but I did not want to fight that too at the moment. This script uses raw socket and it works, which means my theory may stand a chance

                        Code:
                        IMPORTS System.IO
                        IMPORTS System.Net
                        IMPORTS System.Net.Sockets
                        IMPORTS System.Text
                        
                        Sub Main(Parm As Object)
                        Dim hostName As String
                            Dim hostPort As Integer
                            Dim response As Integer
                            Dim iphe As IPHostEntry = Dns.GetHostEntry("dahuaCameraAddress")
                            hostName = iphe.AddressList(0).ToString()
                            hostPort = 80
                            response = 0
                        
                            Dim host As IPAddress = IPAddress.Parse(hostName)
                            Dim hostep As New IPEndPoint(host, hostPort)
                            Dim sock As New Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp)
                            sock.Connect(hostep)
                        
                            Dim request = "GET /cgi-bin/configManager.cgi?action=setConfig&VideoInMode[0].Config[0]=1 HTTP/1.1" & Environment.Newline &
                                          "Host: dahuaCameraAddress" & Environment.Newline &
                                          "Authorization: Basic YourBase64EncodedInfoHere" & Environment.Newline &
                                          "Connection: keep-alive" & Environment.Newline &
                                          "Content-Length: 0" & Environment.Newline &
                                           Environment.Newline
                        
                            response = sock.Send(Encoding.UTF8.GetBytes(request))
                        
                            Dim inStream(10240) As Byte
                            sock.Receive(inStream, 0, 10240, SocketFlags.None)
                            Dim s As String = Encoding.UTF8.GetString(inStream)
                        
                            sock.Close()
                        
                            hs.WriteLog("Info", s)
                        End Sub

                        Comment

                        Working...
                        X