www.homeseer.com    
 

Go Back   HomeSeer Message Board > Developer Support > Scripts & Plug-Ins:Development and Libraries > HS3 Scripting

HS3 Scripting Discussions related to the scripting under HS3.

Reply
 
Thread Tools Display Modes
  #1  
Old March 20th, 2017, 01:23 AM
art_vandelay art_vandelay is offline
Seer
 
Join Date: Jan 2017
Location: California
Posts: 10
Authentication with hs.getURL

I want to change Dahua IPC camera profiles from Homeseer. The http command is:

user:password@192.168.0.x/cgi-bin/configManager.cgi?action=setConfig&VideoInOptions[0].NightOptions.SwitchMode=1

When I execute this command from a browser, the profiles do change with the caveat that there is an additional step asking me to confirm that "user" is trying to log in.

In HS, I am doing this in an event by running a script. I've been unable to get the profiles to change. I'm using hs.getURL and have tried it 2 different ways:

hs.getURL("user:password@192.168.0.x","/cgi-bin.../,FALSE,80)

hs.getURL("user:password@192.168.0.x/cgi-bin/xxx","",FALSE,80)

I suspect that the additional confirmation step may be the issue.

If anyone has any ideas for me to try, please let me know.
Reply With Quote
  #2  
Old March 20th, 2017, 08:28 AM
mrhappy mrhappy is offline
OverSeer
 
Join Date: Nov 2007
Location: W.Mids, UK
Posts: 6,910
I see the word Dahua and start to have nightmares (I was fighting three Dahua DVR's at 2AM this morning) but I'll give this a go...

In terms of your issue then the authentication should be looked at - when you say it prompts you for a login are you presented with a traditional HTTP basic authentication login box or is a box on a web page that you have to log into and press a button? If the former then easier if the latter then harder, if the former then there are .net solutions to add an authentication header to a HTTP call (I don't believe embedding in the url is encouraged or potentially still supported?) if the latter then it may be one that you have to use something like the Chrome developer console to log into the page and see what it is doing to get access.
Reply With Quote
  #3  
Old March 20th, 2017, 06:58 PM
art_vandelay art_vandelay is offline
Seer
 
Join Date: Jan 2017
Location: California
Posts: 10
Quote:
Originally Posted by mrhappy View Post
In terms of your issue then the authentication should be looked at - when you say it prompts you for a login are you presented with a traditional HTTP basic authentication login box or is a box on a web page that you have to log into and press a button?
After I enter the command in the browser, an addition dialog box pops up

You are about to log into 192.168.0.x with the username "user"

It's either "OK" or "Cancel"
Reply With Quote
  #4  
Old March 21st, 2017, 05:31 AM
mrhappy mrhappy is offline
OverSeer
 
Join Date: Nov 2007
Location: W.Mids, UK
Posts: 6,910
Are you able to take a screenshot of this? I'm just trying to figure out if this is a prompt that Dahua have coded or is a standard thing that may be able to got around.
Reply With Quote
  #5  
Old March 23rd, 2017, 06:08 PM
art_vandelay art_vandelay is offline
Seer
 
Join Date: Jan 2017
Location: California
Posts: 10
Attached is the dialog that pops up after the URL is entered into Firefox
Attached Images
 
Reply With Quote
  #6  
Old March 25th, 2017, 02:48 PM
art_vandelay art_vandelay is offline
Seer
 
Join Date: Jan 2017
Location: California
Posts: 10
FWIW, I also tried hs.URLaction:

hs.URLAction("http://192.168.0.60/cgi-bin/configManager.cgi?action=setConfig&VideoInMode[0].Config[0]=0", POST, "", "Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQK")

I get the following error in the log:

In URLAction POST: The remote server returned an error: (401) Unauthorized

My thinking was since the camera supposedly accepts Basic authentication, I would put the authorization in the header field. Here's what it says in a Dahua IPC manual I found online regarding authentication:


The IP Camera supplies two authentication ways: basic authentication and digest authentication. Client can login through: http://<ip>/cgi-bin/global.login?userName=admin. The IP camera returns 401. Then the client inputs a username and password to authorize.

For example:
1. When basic authentication, the IP camera response:

401 Unauthorized:
WWW-Authenticate: Basic realm =" XXXXXX"

Then the client encode the username and password with base64, send the following request:

Authorization: Basic VXZVXZ
Reply With Quote
  #7  
Old March 25th, 2017, 04:28 PM
zwolfpack zwolfpack is offline
Seer Master
 
Join Date: Sep 2015
Location: Orange County, California, USA
Posts: 667
Quote:
Originally Posted by art_vandelay View Post
FWIW, I also tried hs.URLaction:

hs.URLAction("http://192.168.0.60/cgi-bin/configManager.cgi?action=setConfig&VideoInMode[0].Config[0]=0", POST, "", "Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQK")

I get the following error in the log:

In URLAction POST: The remote server returned an error: (401) Unauthorized

My thinking was since the camera supposedly accepts Basic authentication, I would put the authorization in the header field. Here's what it says in a Dahua IPC manual I found online regarding authentication:


The IP Camera supplies two authentication ways: basic authentication and digest authentication. Client can login through: http://<ip>/cgi-bin/global.login?userName=admin. The IP camera returns 401. Then the client inputs a username and password to authorize.

For example:
1. When basic authentication, the IP camera response:

401 Unauthorized:
WWW-Authenticate: Basic realm =" XXXXXX"

Then the client encode the username and password with base64, send the following request:

Authorization: Basic VXZVXZ
Seems like your on the right track with URLaction. Make sure your encoded username/password is correct -- its base64_encode("username:password"), although I don't know how to code that in VB.
Here is a site that will generate a header for you:
http://www.blitter.se/utils/basic-au...der-generator/
Reply With Quote
  #8  
Old March 25th, 2017, 06:05 PM
mrhappy mrhappy is offline
OverSeer
 
Join Date: Nov 2007
Location: W.Mids, UK
Posts: 6,910
I've not been too convinced that the hs.urlaction headers actually work on the basis of recent postings, I know I've tried (don't think it was an auth header though) and couldn't get it working.

art_vandelay - I think I would try myself making sure that the commands work as at the minute you might have both the HS side wrong and the command structure wrong. I'd suggest if you use Chrome taking a look at the addon called Postman and that will allow you to test, include basic authentication and it'll generate your Base64 string for you. You can take a look at the output and find out whether it is working - once you know it works adding it to the header then I'm sure I or someone else can dig out some .net code using the WebClient that should enable you to download a file and provide an authentication header.
Reply With Quote
  #9  
Old March 25th, 2017, 08:55 PM
art_vandelay art_vandelay is offline
Seer
 
Join Date: Jan 2017
Location: California
Posts: 10
Thanks to both for your replies

I was using the following encoder tool:

http://webnet77.com/cgi-bin/helpers/base-64.pl

which gave me a slightly different result (the last character) than the one suggested by @zwolfpack which got rid of the the error in the log.

@mrhappy - I was able to get the profiles to change using the authorization and header from Postman. It also shows the correct return value.

So it seems the command structure and the authentication is ok but the hs.URLAction structure is the problem?
Reply With Quote
  #10  
Old March 25th, 2017, 09:30 PM
zwolfpack zwolfpack is offline
Seer Master
 
Join Date: Sep 2015
Location: Orange County, California, USA
Posts: 667
Quote:
Originally Posted by art_vandelay View Post
Thanks to both for your replies

I was using the following encoder tool:

http://webnet77.com/cgi-bin/helpers/base-64.pl

which gave me a slightly different result (the last character) than the one suggested by @zwolfpack which got rid of the the error in the log.

@mrhappy - I was able to get the profiles to change using the authorization and header from Postman. It also shows the correct return value.

So it seems the command structure and the authentication is ok but the hs.URLAction structure is the problem?
Good progress. I just noticed that on your 1st post you were trying to do a GET, but when you changed to URLAction you're doing a POST action. Perhaps try changing "POST" to "GET" ?
Reply With Quote
  #11  
Old March 26th, 2017, 06:04 AM
mrhappy mrhappy is offline
OverSeer
 
Join Date: Nov 2007
Location: W.Mids, UK
Posts: 6,910
Quote:
Originally Posted by art_vandelay View Post
Thanks to both for your replies

I was using the following encoder tool:

http://webnet77.com/cgi-bin/helpers/base-64.pl

which gave me a slightly different result (the last character) than the one suggested by @zwolfpack which got rid of the the error in the log.

@mrhappy - I was able to get the profiles to change using the authorization and header from Postman. It also shows the correct return value.

So it seems the command structure and the authentication is ok but the hs.URLAction structure is the problem?
Ok well this is encouraging and like I say, I'm not convinced that URLAction actually works correctly. This is part of some plugin code (so it's not a direct script drop in) that might be able to get you started to post some data to a web address with an authentication header.

Code:
            Dim request As WebRequest = WebRequest.Create(WebAddress) 'this is the same for post or get

            request.Timeout = 3000
            request.Headers.Add("Authorization", "Basic " & AuthHeader) 'this si the same for post or get

            Dim bAr() As Byte = Encoding.UTF8.GetBytes(JSONData)

            request.ContentLength = bAr.Length
            request.Method = "POST"
            request.ContentType = "application/json"

            Dim rStream As Stream = request.GetRequestStream

            rStream.Write(bAr, 0, bAr.Length)
            rStream.Close()
Reply With Quote
  #12  
Old August 19th, 2017, 05:33 PM
crab987 crab987 is offline
Viewer
 
Join Date: Nov 2016
Location: Australia
Posts: 1
I know this is an old thread, but it may help someone else in same position.

I'm new with Homeseer and I just got 2 Dahua IP PTZ cameras, and was trying make them switch to day/night mode via Homeseer. In my opinion, the core of the problem is that Dahua's implementation of URL decoding is faulty. I don't think they properly interpret encoding for [ and ] (Hex %5B and %5D). Because of that you get HTTP response code 200 (OK) and response stream contains one word "Error", instead of "OK". Authentication works just fine.

Here is cURL example that works in Windows command line
Code:
curl -g -u userName:pwd -X GET http://dahuaCameraAddress/cgi-bin/configManager.cgi?action=setConfig^&VideoInMode
^[0^].Config^[0^]=1
Note the use of -g option, that tells cURL not to interpret [] as numerical range, but rather to leave it alone. Using fiddler or Wireshark to sniff traffic, you will see that URL is being shown as

Code:
http://dahuaCameraAddress/cgi-bin/configManager.cgi?action=setConfig&VideoInMode[0].Config[0]=1
That very same URL is shown if used from browser (IE, Firefox, etc.)

Now, if you use any of mentioned methods in HS3 script (GetURL, URLAction, WebRequest, WebClient, etc.), URL shown in Fiddler is already encoded to

Code:
http://dahuaCameraAddress/cgi-bin/configManager.cgi?action=setConfig&VideoInMode%5B0%5D.Config%5B0%5D=1
and Dahua chokes on it.

There is really only one way to prove that, and that's not to use HTTP clients, but rather raw socket. I'm pretty good at C#, but VB.Net I can read only. Never written anything serious in it. HS3 is suppose to support C# in scripts, but I did not want to fight that too at the moment. This script uses raw socket and it works, which means my theory may stand a chance

Code:
IMPORTS System.IO
IMPORTS System.Net
IMPORTS System.Net.Sockets
IMPORTS System.Text

Sub Main(Parm As Object)
Dim hostName As String
    Dim hostPort As Integer
    Dim response As Integer
    Dim iphe As IPHostEntry = Dns.GetHostEntry("dahuaCameraAddress")
    hostName = iphe.AddressList(0).ToString()
    hostPort = 80
    response = 0

    Dim host As IPAddress = IPAddress.Parse(hostName)
    Dim hostep As New IPEndPoint(host, hostPort)
    Dim sock As New Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp)
    sock.Connect(hostep)

    Dim request = "GET /cgi-bin/configManager.cgi?action=setConfig&VideoInMode[0].Config[0]=1 HTTP/1.1" & Environment.Newline &
                  "Host: dahuaCameraAddress" & Environment.Newline &
                  "Authorization: Basic YourBase64EncodedInfoHere" & Environment.Newline &
                  "Connection: keep-alive" & Environment.Newline &
                  "Content-Length: 0" & Environment.Newline &
                   Environment.Newline

    response = sock.Send(Encoding.UTF8.GetBytes(request))

    Dim inStream(10240) As Byte
    sock.Receive(inStream, 0, 10240, SocketFlags.None)
    Dim s As String = Encoding.UTF8.GetString(inStream)

    sock.Close()

    hs.WriteLog("Info", s)
End Sub
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Two-Factor Authentication? macrho MyHS Remote Access Service 3 April 21st, 2017 12:27 AM
HS3 authentication arthurmnev HS3 / HS3PRO Discussion 0 January 10th, 2016 02:47 AM
How to call a URL with authentication? Alzi HomeTroller Zee 2 April 11th, 2015 06:25 PM
SMTP Authentication jon00 HomeSeer General Discussion Area 2 June 16th, 2004 04:46 PM


All times are GMT -4. The time now is 02:47 AM.


Copyright HomeSeer Technologies, LLC