[mercedesme] Improve HTTP 429 handling and implement new authorization flow #19099
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR implements HTTP 429 handling and a new authorization flow for the MercedesMe binding to address throttling issues that cause accounts to go offline. The changes include a dynamic update strategy that switches between REST API polling and websocket connections based on vehicle activity, plus a completely new authorization flow using user credentials instead of refresh tokens.
Key changes:
- Replaced refresh token authentication with email/password login flow
- Implemented adaptive update strategy (REST polling vs websocket based on vehicle activity)
- Restructured API architecture with separate Authorization, RestApi, and Websocket classes
Reviewed Changes
Copilot reviewed 18 out of 18 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| bridge-config.xml | Replaced refreshToken parameter with password parameter |
| AccountConfiguration.java | Updated configuration to use password instead of refreshToken |
| AccountHandler.java | Refactored to use new API structure and adaptive update strategy |
| Authorization.java | New class implementing OAuth2 login flow with email/password |
| RestApi.java | New class for REST API calls separated from websocket functionality |
| Websocket.java | Refactored websocket handling extending RestApi |
| Utils.java | Added query parameter parsing and updated server selection logic |
| Test files | Updated to work with new authentication flow and API structure |
Comments suppressed due to low confidence (1)
bundles/org.openhab.binding.mercedesme/src/main/java/org/openhab/binding/mercedesme/internal/utils/Utils.java:616
- [nitpick] The parameter name 'query' is ambiguous. Consider renaming it to 'queryString' to clearly indicate it represents the query portion of a URL.
public static Map<String, String> getQueryParams(String query) {
...ab.binding.mercedesme/src/main/java/org/openhab/binding/mercedesme/internal/utils/Utils.java
Outdated
Show resolved
Hide resolved
...ding.mercedesme/src/main/java/org/openhab/binding/mercedesme/internal/api/Authorization.java
Outdated
Show resolved
Hide resolved
...ding.mercedesme/src/main/java/org/openhab/binding/mercedesme/internal/api/Authorization.java
Outdated
Show resolved
Hide resolved
....binding.mercedesme/src/main/java/org/openhab/binding/mercedesme/internal/api/Websocket.java
Outdated
Show resolved
Hide resolved
....binding.mercedesme/src/main/java/org/openhab/binding/mercedesme/internal/api/Websocket.java
Outdated
Show resolved
Hide resolved
jlaur
left a comment
There was a problem hiding this comment.
Many thanks for the extensive fix. I have added a few comments.
I don't know if this was brought up before, but have you investigated if it might be possible to use the standard OAuth2 implementation in core? See https://www.openhab.org/javadoc/latest/org/openhab/core/auth/client/oauth2/package-summary
...ab.binding.mercedesme/src/main/java/org/openhab/binding/mercedesme/internal/utils/Utils.java
Outdated
Show resolved
Hide resolved
...ab.binding.mercedesme/src/main/java/org/openhab/binding/mercedesme/internal/utils/Utils.java
Outdated
Show resolved
Hide resolved
...ab.binding.mercedesme/src/main/java/org/openhab/binding/mercedesme/internal/utils/Utils.java
Outdated
Show resolved
Hide resolved
...ab.binding.mercedesme/src/main/java/org/openhab/binding/mercedesme/internal/utils/Utils.java
Outdated
Show resolved
Hide resolved
...ab.binding.mercedesme/src/main/java/org/openhab/binding/mercedesme/internal/utils/Utils.java
Outdated
Show resolved
Hide resolved
...ding.mercedesme/src/main/java/org/openhab/binding/mercedesme/internal/api/Authorization.java
Outdated
Show resolved
Hide resolved
...ding.mercedesme/src/main/java/org/openhab/binding/mercedesme/internal/api/Authorization.java
Outdated
Show resolved
Hide resolved
| listener.onAccessTokenResponse(token); | ||
| } catch (InterruptedException | TimeoutException | ExecutionException | UnsupportedEncodingException | ||
| | JsonSyntaxException e) { | ||
| logger.info("Failed to refresh token {}", e.getMessage()); |
There was a problem hiding this comment.
Should this be propagated to the user as a Thing status description?
There was a problem hiding this comment.
I wouldn't do at this location. If a data call or websocket start fails with invalid token AccountHandler tries to recover the situation with a new login. If this fails then it's time to present OFFLINE status.
There was a problem hiding this comment.
I guess it will be offline until it successfully recovers then? It could be offline with text "Refresh token expired, attempting relogin" or similar. This would make it more visible for users not checking logs, especially in cases where it doesn't succeed. Anyway, this is minor and you can also choose to leave it as is.
...ding.mercedesme/src/main/java/org/openhab/binding/mercedesme/internal/api/Authorization.java
Outdated
Show resolved
Hide resolved
Yes, it was used in early versions before Mercedes presented more and more fancy auth methods. Look into |
e6e489a to
65424b0
Compare
Signed-off-by: Bernd Weymann <[email protected]> 429 recovery initial version Signed-off-by: Bernd Weymann <[email protected]> switch to pull requests Signed-off-by: Bernd Weymann <[email protected]> new update strategy Signed-off-by: Bernd Weymann <[email protected]> new update strategy Signed-off-by: Bernd Weymann <[email protected]> community test version Signed-off-by: Bernd Weymann <[email protected]> fix copilot findings AccountHandler Signed-off-by: Bernd Weymann <[email protected]>
Signed-off-by: Bernd Weymann <[email protected]>
Signed-off-by: Bernd Weymann <[email protected]>
Signed-off-by: Bernd Weymann <[email protected]> catch JSON Exception decoding stored toekn Signed-off-by: Bernd Weymann <[email protected]>
Signed-off-by: Bernd Weymann <[email protected]>
Signed-off-by: Bernd Weymann <[email protected]>
Signed-off-by: Bernd Weymann <[email protected]> junit test adaptions Signed-off-by: Bernd Weymann <[email protected]> junit test adaptions Signed-off-by: Bernd Weymann <[email protected]>
Signed-off-by: Bernd Weymann <[email protected]>
65424b0 to
caf174e
Compare
|
@jlaur just check the last open comment and if you're fine with that let's merge. |
bundles/org.openhab.binding.mercedesme/src/main/resources/OH-INF/i18n/mercedesme.properties
Outdated
Show resolved
Hide resolved
....binding.mercedesme/src/main/java/org/openhab/binding/mercedesme/internal/api/Websocket.java
Outdated
Show resolved
Hide resolved
Signed-off-by: Jacob Laursen <[email protected]>
jlaur
left a comment
There was a problem hiding this comment.
LGTM, thanks. I resolved two very minor comments so this can make it into the upcoming 5.0.1 patch release.
…n flow (#19099) Signed-off-by: Bernd Weymann <[email protected]>
…n flow (openhab#19099) Signed-off-by: Bernd Weymann <[email protected]>
…n flow (openhab#19099) Signed-off-by: Bernd Weymann <[email protected]>
…n flow (openhab#19099) Signed-off-by: Bernd Weymann <[email protected]> Signed-off-by: Ciprian Pascu <[email protected]>
Beginning of July forum members reports issue that MercedesMe Account is going
OFFLINEwith HTTP 429 response for websocket. Issue doesn't recover by itsself! User needs to disbale Account for several hours to get it running again!Since approx 2 weeks I recieved positive results, with some fixing of minor issues.
I vote to bring this PR into the next patch release to resolve this blockage
Root cause:
Mercedes introduced some throttling mechanism which prevents opening the websocket druing the day. Mechanism isn't clear but together with HA Mercedes developer we came with the following idea:
New authorizaion flow
On top of the throttling Mercedes introduced again a new quite complicated authorization method.
These two changes
are inside this PR. Other changes are refactoring to structure api in authorization, REST API and websocket.