Smartthings ip range blocked from oAuth?

Developer Programs Writing SmartApps
1

I am using a custom smart app that is a cloud to cloud integration that uses oAuth. Last night the oAuth login stopped working. It now returns a response message of “Unauthorized”. I have confirmed that using a curl command from http://reqbin.com/curl has no problem getting a response with the token info. It would appear that the Smartthings ip range may have been blocked by the oAuth owner. The smartapp is using asynchttp_v1.post to make the oAuth request.

Is there any other explanation for the sudden failure?

Can anyone recommend another way to get the oAuth token? Could I set up a reverse proxy? Would a different method to post the request help?

Thanks.

2

Update: The smart app started working late last night… I assume the oAuth requests started working again. However, this morning it is not working again. Could the requests sent last night have been using a different IP range?

Is there a way to log what IP address the asynchttp_v1.post is originating from?

3

Hi there! asynchttp_v1 is a beta feature, so you could experience inconsistencies.
Can you share your SmartApp source code and the error you receive, please? I’d like to know more about it to help you out.
I was able to get the Access Token using my OAuth SmartApp using Node JS in my use case.

4

Here is the first function that is failing. This has worked for almost 2 years and suddenly stopped working 2 weeks ago.

I have confirmed the username/password data is correct. I can see them being passed in the live logging.

I can perform a curl command with this same data and I get the correct response instead of an unauthorized response.

def logInToMySmartBlinds(cmdData) {

log.debug "logInToMySmartBlinds"

def params = [
        uri    : 'https://mysmartblinds.auth0.com',
        path   : '/oauth/ro',
        headers: [
                'Content-Type': 'application/json',
                'User-Agent'  : 'Luna/2.3.6 (iPhone; iOS 11.4; Scale/3.00)',
                'method'      : 'post',
                'body'        : body,

        ],
        body   : ["username"  : mySmartBlindsEmail,
                  "password"  : mySmartBlindsPassword,
                  "device"    : "Johns Iphone",
                  "scope"     : "openid offline_access",
                  "grant_type": "password",
                  "client_id" : "1d1c3vuqWtpUt1U577QX5gzCJZzm8WOB",
                  "connection": "Username-Password-Authentication",
        ]
]

log.debug "Update Token Params $params"

asynchttp_v1.post(authTokenHandler, params, cmdData)

}

5

I have talked about this situation with our engineering department. Up to now, there have been no changes for asynchttp_v1, so it should be working as usual.
Based on your description, the problem could be related with the rate limits in the third-party cloud (https://mysmartblinds.auth0.com).
This request originates in the Amazon EC2 instances where the SmartApp runs in, if there is a rate limit with the requests number from an IP address, it could cause the rejection.
If your SmartApp will only send commands from SmartThings to the third-party cloud, then, you could migrate your Groovy SmartApp using the SmartApp SDK. This tutorial is a good starting point, and I can help with this process if you share more details about it.

1 Like