Home-Assistant
/
core
mirror of https://github.com/home-assistant/core.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Limit OAuth scopes for Netatmo and Home Assistant Cloud (#31538) 

* Limit OAuth scopes for Netatmo and Home Assistant Cloud

* Fix tests by making order of scopes predictable
pull/31544/head
Franck Nijhof 2020-02-06 17:00:27 +01:00 committed by GitHub
parent 24e9a638d5
commit 7233048fea
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 20 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
homeassistant/components/netatmo/config_flow.py
View File

@ -25,24 +25,22 @@ class NetatmoFlowHandler(
@property
def extra_authorize_data(self) -> dict:
"""Extra data that needs to be appended to the authorize url."""
return {
"scope": (
" ".join(
[
"read_station",
"read_camera",
"access_camera",
"write_camera",
"read_presence",
"access_presence",
"read_homecoach",
"read_smokedetector",
"read_thermostat",
"write_thermostat",
]
)
)
}
scopes = [
"read_camera",
"read_homecoach",
"read_presence",
"read_smokedetector",
"read_station",
"read_thermostat",
"write_camera",
"write_thermostat",
]
if self.flow_impl.name != "Home Assistant Cloud":
scopes.extend(["access_camera", "access_presence"])
scopes.sort()
return {"scope": " ".join(scopes)}
async def async_step_user(self, user_input=None):
"""Handle a flow start."""

8
tests/components/netatmo/test_config_flow.py
View File

@ -54,15 +54,15 @@ async def test_full_flow(hass, aiohttp_client, aioclient_mock):
scope = "+".join(
[
"read_station",
"read_camera",
"access_camera",
"write_camera",
"read_presence",
"access_presence",
"read_camera",
"read_homecoach",
"read_presence",
"read_smokedetector",
"read_station",
"read_thermostat",
"write_camera",
"write_thermostat",
]
)