Add Somfy multi-account (multi-site) authentication#2168
Conversation
Add Server.SOMFY with a region-agnostic multi-site auth strategy that lets a single Somfy account authenticate and control each of its sites through pyoverkiz, reusing every existing Overkiz endpoint call. - Password grant + Keycloak (Ginaite) token exchange, no browser/PKCE - Site discovery via the BOB directory; region resolved from a static country->region map mirroring the TaHoma app, with EMEA fallback - Per-site token minting and re-scoping on relogin - Warm-start credentials to skip rediscovery when the site is known
…tart to resume/fresh Replace the hand-walked triple-nested dict traversal in discover_gateways with typed BobSite/BobSubSite/BobGateway models parsed by a dedicated BOB cattrs converter, flattened via BobSitesResponse.gateway_candidates(). Carry each site's country on GatewayCandidate, dropping the parallel _site_country side-channel that discover_gateways and select_gateway shared. Also rename the warm/cold-start terminology to the industry-standard resume/fresh-login: SomfyTokenCredentials now yields a resumed session, _warm_start -> _resume_session, warm_start_credentials() -> to_credentials().
…rim docstrings Add SupportsSessionResume + OverkizClient.to_credentials() so the Somfy resume flow works through the public API instead of reaching into the private auth strategy. Document multi-account login and session resume in the getting-started guide. Condense the verbose docstrings/comments added earlier in this branch to one-liners.
Integration feedback — wiring this branch into Home AssistantI built the Home Assistant 1.
|
A revoked refresh token (e.g. after a password change) returns a 400 invalid_grant on the site-scoped refresh grant. Classify it as bad credentials, mirroring the password grant and CozyTouch strategy, so callers trigger reauth instead of surfacing an unexpected error.
Summary
Adds Somfy multi-account (multi-site) support — the "multi account sign-in" feature in the current TaHoma app — letting a single Somfy account authenticate and control each of its sites (homes) through pyoverkiz, reusing every existing Overkiz endpoint call unchanged.
Introduces a new region-agnostic
Server.SOMFYbacked by aSomfyAccountAuthStrategy. Legacy per-region servers (SOMFY_EUROPE/AMERICA/OCEANIA) remain for classic single-site password login and the local API.How it works
SOMFY_CLIENT_IDpyoverkiz already stores.country → regionmap mirroring the TaHoma app'sBusinessArea.fromCountry(EMEA/APAC/SNABA). No API field carries the region. Any unresolvable country falls back to EMEA (identical to the app) and logs a warning so the map can be updated.Invitations are intentionally deferred (YAGNI — no HA consumer yet).
Testing
uv run pytest— 579 passed (99 intests/test_auth.py, extensively covering the new strategy).