New Neato Integration Installation Guide (OAuth2 for HA version 2021.1)

Genius - I’ve been going in circles with this and your tip was spot on!
Thank you!

I’ve been watching this thread over the last couple fo days … Am I right in thinking that without Nabu Casa, or SSL I won’t be able to use the neato component?

Thanks.

Without SSL it is now unfortunately a no go :frowning:

Yes, you are right. But if you are looking a quick fix, generating SSL certificate (and placing the files to right directory) for your local network and installing / configuring NGINX Home Assistant SSL proxy to ports 8123/443 whatever from the addon-store is not that difficult.

I have to admit that this is frustrating me! I have had a nice and working integration that I loved that I can no longer easily use? My setup is:

  • No public exposure
  • I have connected through http://192.168.x.y:8123 on the internal network
  • I do not use Nabu-casa
  • I do not have a domain-name for my internal network
  • For some reason, https://192.168.x.y:8123 does not work, and I don’t know how to make it world.

Can someone make a step-by-step guide on how to make Neato working again? I don’t understand this comment about my instance not having to be exposed to the internet. Sorry @nullnullnul what you are proposing is something I don’t understand.

I am pondering if I have to:

  1. get a domain name
  2. use let’s encrypt
  3. expose it externally
  4. setup neato
  5. revert the exposure from step 3)
    That is however quite some work for someone who have kids and are on a strict time limit when it comes to HA… :S

https://192.168.x.y:8123/ is only available of you set up SSL either with letsencrypt or with self signed certificates. Be aware that lets encrypt needs an public accessible URL to complete the acme challenge and self signed certificates cannot be created without some knowledge about SSL. But there is an step-by-step guide: Certificate Authority and self-signed certificate for SSL/TLS

The probably easiest solution is to use nabu casa. SSL comes out of the box here. Just set up your internal and external URL accordingly afterwards and your good to go.

1 Like

Thank you very much for the video! This helped me a lot and fixed my connection problem.

1 Like

Thanks for the video. You mention twice that your home assistant requires SSL. But if you use Nabu Casa, then you don’t need SSL on your local setup. Was a bit confusing.

I wonder what would happen if you have more then one vacuum cleaner linked :thinking:

Lets find out! :grin:

2 Likes

The latest security issues are one more reason why storing credentials in an application is a bad idea and why OAuth2 is great. Now that we are relying on client_id and client_secret instead of username and password, someone with access to our files cannot use the stored information to log into the account. So I am happy to use OAuth2 now, even if it is a bit more complicated to set up now.

1 Like

I’m still getting nowhere with this, can anyone give me some pointers?

I’ve got a Neato dev account set up, I’m successfully taken to the page to press “authorise” when I configure the integration, press the button, the tab closes and I’m back in HA with nothing occurring

Seems like this log is relevant. What would give a 401 unauthorised?

Logger: aiohttp.server
Source: helpers/config_entry_oauth2_flow.py:201
First occurred: 09:09:17 (2 occurrences)
Last logged: 09:10:38
Error handling request

Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/aiohttp/web_protocol.py", line 422, in _handle_request
    resp = await self._request_handler(request)
  File "/usr/local/lib/python3.8/site-packages/aiohttp/web_app.py", line 499, in _handle
    resp = await handler(request)
  File "/usr/local/lib/python3.8/site-packages/aiohttp/web_middlewares.py", line 118, in impl
    return await handler(request)
  File "/usr/src/homeassistant/homeassistant/components/http/security_filter.py", line 56, in security_filter_middleware
    return await handler(request)
  File "/usr/src/homeassistant/homeassistant/components/http/request_context.py", line 18, in request_context_middleware
    return await handler(request)
  File "/usr/src/homeassistant/homeassistant/components/http/ban.py", line 72, in ban_middleware
    return await handler(request)
  File "/usr/src/homeassistant/homeassistant/components/http/auth.py", line 127, in auth_middleware
    return await handler(request)
  File "/usr/src/homeassistant/homeassistant/components/http/view.py", line 129, in handle
    result = await result
  File "/usr/src/homeassistant/homeassistant/components/config/config_entries.py", line 160, in get
    return await super().get(request, flow_id)
  File "/usr/src/homeassistant/homeassistant/helpers/data_entry_flow.py", line 92, in get
    result = await self._flow_mgr.async_configure(flow_id)
  File "/usr/src/homeassistant/homeassistant/data_entry_flow.py", line 155, in async_configure
    result = await self._async_handle_step(flow, cur_step["step_id"], user_input)
  File "/usr/src/homeassistant/homeassistant/data_entry_flow.py", line 213, in _async_handle_step
    result: Dict = await getattr(flow, method)(user_input)
  File "/usr/src/homeassistant/homeassistant/helpers/config_entry_oauth2_flow.py", line 293, in async_step_creation
    token = await self.flow_impl.async_resolve_external_data(self.external_data)
  File "/usr/src/homeassistant/homeassistant/helpers/config_entry_oauth2_flow.py", line 165, in async_resolve_external_data
    return await self._token_request(
  File "/usr/src/homeassistant/homeassistant/helpers/config_entry_oauth2_flow.py", line 201, in _token_request
    resp.raise_for_status()
  File "/usr/local/lib/python3.8/site-packages/aiohttp/client_reqrep.py", line 1000, in raise_for_status
    raise ClientResponseError(
aiohttp.client_exceptions.ClientResponseError: 401, message='Unauthorized', url=URL('https://beehive.neatocloud.com/oauth2/token')

Heya. Are you pressing authorise whilst logged into your https enabled HA instance? (Not your local one).

You need to be logged into your https enabled instance to authorise. Once authorised your free to login via local and the integration will work.

I am, yep. I almost always access through my nabucasa URL even when at home, so when I’m hitting the button to configure the integration I’m doing it from the https enabled public instance

Your instance is not authorized to fetch a valid token. Did you select all scopes when you created the application at developers.neato.com?

Reasonable assumption and I was hopeful that I’d maybe not ticked something, but nope, just logged in and confirmed I have all scope:

image

That’s too bad. Tbh I’ve never seen this type of error. I guess you’ve already double checked your client id and secret?

Can you reproduce this error? Maybe delete your application at developers.neato.com and add it again. Then reconfigure Homea Assistant using the newly created id and secret. Just wild guessing here :smiley:

@Santobert I get the same error
i just tried to remove and re-create the app from dev neato site,but nothing changes

Having issues as well with Neato integration. When I follow the guide https://www.home-assistant.io/integrations/neato/ two things happen:

  • when I try to add the integration and I click the blue button to open the external site I get an Internal server error window and the integration seems to be created with two configuration.yaml references (?)
  • when I try to add the integration and wait without clicking the blue button the process ‘finishes’ and the integration seems to be created with one configuration.yaml reference (?)

I removed and readded the Home Assistant app in Neato Dev website, I use my Nabu Casa https url to setup the integration and made sure no former references to Neato vacuums are present in Home Assistant.

Tried one more time and this is the response in HA log:

Logger: pybotvac.robot
Source: /usr/local/lib/python3.8/site-packages/pybotvac/robot.py:190
First occurred: 5:53:22 PM (4 occurrences)
Last logged: 5:53:25 PM

Invalid response from https://nucleo.neatocloud.com/vendors/neato/robots/XXXXXXXX-XXXXXXXDXXXX/messages: required key not provided @ data[‘availableServices’]. Got: {‘version’: 1, ‘reqId’: ‘1’, ‘result’: ‘ko’, ‘data’: {}}

(I replaced my robot ID with X’s)