Securitas Direct (Verisure EU) Custom Component [TESTERS WANTED]

diego06 · May 14, 2019, 6:49am

Any suggestion on how to use it in hassio? Thanks

diego06 · July 4, 2019, 8:30pm

Any updates?

Cebeerre · September 17, 2019, 7:08pm

I’m not using hassio, but I ended in this post time ago looking for a python script or something to integrate Verisure, IFTTT and Alexa everything together.

At the end I wrote the script myself:

https://github.com/Cebeerre/VerisureAPIClient

This uses the Mobile App API, so it’s quite fast (it actually has a limit rate of 1 second between calls, as the API complains if you throw too much requests).

It might be pretty simple to adapt to hassio:

https://www.home-assistant.io/components/python_script/

Hope that helps !
Xavi

segalion · September 17, 2019, 10:14pm

Uaaauuuuh Xavi, best new about this… now it’s too late. Tomorrow I write ideas about. The mobile api is faster and probably better than my reverse engeniereD Web script .
I think we could build an alarm custom component around this.

Have you tried get the log from mobile api? As securitas hasn’t websoctets services, polling needs to be implemented to sync HA alarm and securitas alarm… so probably log access is faster than ask for state (I.e. every minute ).

Cebeerre · September 18, 2019, 8:39am

Hi @segalion, I’ve added a new function called log() and modified all the outputs so it actually dumps a full json of the API response instead of just the status codes.

Cebeerre · September 18, 2019, 2:23pm

@segalion Well, the ID is tagged as “iPhone” as it seems Securitas is doing some kind of “check” on the beginning of the string, as I’m just adding at the end the date and time whilst the App does some kind of hash. I guess you can just swap iPhone for Android in the ID string it will work anyway.

I got the API reverse engineering the Mobile App, just proxying the requests and doing a man in the middle SSL attack. In this way, I’ve been able to just press buttons in the App and see what the App was doing. All the rest has been trial and error, as the App sends other stuff (I guess for logging and debugging) like the App version, iPhone Version … but that it doesn’t seem “mandatory” to make the API answer the requests.

I guess Securitas will keep this working with maybe minor changes, as the mobile apps need the API anyway, and doing major changes would require refactoring both the mobile apps and the API itself. I would expect less changes than in the webpage, so seems easier to maintain compared with your screen scrapping script (I tried at first your approach as well, but using Selenium, and it was ridiculously slow).

A completely different story is that maybe they detect that we’re using the API directly, making them harden the log-in process with two factor authentications and the likes. This would obviously kill any integration option.

Just for reference, I got as well the list of available API methods decompiling the Android APK. Unfortunately I just managed to get the strings, as the code is obfuscated and therefore quite tricky to figure out the actual code for the API interaction.

I haven’t debugged all of them to see the required parameters and expected outputs, but you can get an idea of the potential.

LOGIN
CLS
INS
SRV
ARM
ARMDAY
ARMNIGHT
ARMANNEX
DARMANNEX
PERI
DARM
IMG
EST
CAMLOG
CAMS
VIDS
VID
UPDCAM
CAMPSRS
INSTWORDS
INSTWORDSUPD
INSTWORDSUPD2
BILLS
IDENT
SECONDUSERS
PLAN
CONTACT
PLANUPD
CONTACTUPD
CONTACTADD
CONTACTDEL
SCHCDDEL
KEY
KEYUPD
ACT_V2
PANELCONF
PANELCONFUPD
MYINSTALLATION
DEVUPD
ATC
SECRETWORD
SRVDOMO
DOMO
DOOR
INF
CALLRING
SCHCDLIST
SCHCDADD
SCHCDUPD
SCHCDDISABLE
REMEMBERUSER
MYSD
MYSDCREATE
ALLINONE
SRVCOMMDATA
SRVCOMMDATAUPD
SRVCOMMDATAUPD2
SECONDUSERADD
SECONDUSERADD2
SECONDUSERDEL
SCHCDPROTECT
CONFIG
SOMFYSTATUS
CAMPAING
CRIALUPD
UPDPUSHSTATUS
SECONDINSTALLADD
SECONDINSTALLADD2
THUMBNAIL
UPDPROMPT
DIYRECEIVED
DIYRESEND
DIYCALLME
DIYINIT
DIYGETTAMPERS
DIYCHECK
DIYCONTINGENCIA
DIYEXTENDTIME
GETCAPMANT
SCHMANT
SENDOTPS
SENDOTP
SECUREACTIONS
SECUREACTION
GCMANT
GCCAPACITY
GCCANCELMANT
GCSCHMANT
CTCMFM
CONFORT
TEMP
HUM
AIRQ
GETCONFIGDDI
SETCONFIGDDI
SCHLIST
SCHADD
SCHUPD
SCHDEL
SCHLEGAL
SCHNOT
SCHUPDONFLY
GETASI
ASILEGAL
BAJAASI
ALTAASI
ASIRES
ASISOS
ACOMPGETTIMERS
ACOMPTRACKING
ACOMPCANCEL
GETTRACKERDATA
UPDORTRACK
GETONROADKEYDATA
UPDORKEY
NSR
GDPRPOPUP
GDPR
UPDGDPR
FIRSTCHGPASS
RESETPASS
RESETPASS2
SENDINST
ALTAWEB
ALTAWEB2
LOCKSMITH
ACCEPTLEGALSLOCKSMITH
ASKLOCKSMITH
CANCELLOCKSMITH
GETALLLOCKSMITHS
GETSECURITYINFO
CHECKOTP
PENDINGBILLSLIST
PAYMENTDATA
PAYMENTEMAIL

segalion · September 18, 2019, 3:47pm

@Cebeerre
If you “RE” the Mobile App, more incredible and valuable work!!! (not everyone appreciates the great work that reverse engineering takes).

I think the first step could be create a custom component based on alarm panel enity, I thing the first aprox is to replicate the verisure (USA version) component here

just create a directory
/home/homeassistant/.homeassistant/custom_components/verisure_spain/alarm_control_panel/

and create 3 files inside:

manifest.json
__ini__.py
verisure.py

the manifest could be:

{
  "domain": "verisure_spain",
  "name": "Verisure Spain",
  "documentation": "https://github.com/home-assistant/example-custom-config/tree/master/custom_components/example_sensor/",
  "dependencies": [],
  "codeowners": ["Cebeerre"],
  "requirements": ["xmltodict"]
}

The verisure.py need to change proper calls for yours, and init the component with proper reading config yaml parameters (username, password, installation, country_code). You can see an example in my custom_component (as sensor) here

diego06 · October 3, 2019, 6:25pm

Does anyone try with this script in Italy? I can’t find a way to make it work (maybe login problems)
thanks

diego06 · October 11, 2019, 9:34pm

I got this error in raspian (both RPy 3 and 4)

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/urllib3/contrib/pyopenssl.py", line 453, in wrap_socket
    cnx.do_handshake()
  File "/usr/local/lib/python3.7/dist-packages/OpenSSL/SSL.py", line 1915, in do_handshake
    self._raise_ssl_error(self._ssl, result)
  File "/usr/local/lib/python3.7/dist-packages/OpenSSL/SSL.py", line 1647, in _raise_ssl_error
    _raise_current_error()
  File "/usr/local/lib/python3.7/dist-packages/OpenSSL/_util.py", line 54, in exception_from_error_queue
    raise exception_type(errors)
OpenSSL.SSL.Error: [('SSL routines', 'tls_process_ske_dhe', 'dh key too small')]

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 600, in urlopen
    chunked=chunked)
  File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 343, in _make_request
    self._validate_conn(conn)
  File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 841, in _validate_conn
    conn.connect()
  File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 344, in connect
    ssl_context=context)
  File "/usr/lib/python3/dist-packages/urllib3/util/ssl_.py", line 344, in ssl_wrap_socket
    return context.wrap_socket(sock, server_hostname=server_hostname)
  File "/usr/lib/python3/dist-packages/urllib3/contrib/pyopenssl.py", line 459, in wrap_socket
    raise ssl.SSLError('bad handshake: %r' % e)
ssl.SSLError: ("bad handshake: Error([('SSL routines', 'tls_process_ske_dhe', 'dh key too small')])",)
[....]

Any ideas?
Thanks

segalion · October 15, 2019, 2:52pm

Try to add:

requests.packages.urllib3.contrib.pyopenssl.DEFAULT_SSL_CIPHER_LIST += 'HIGH:!DH:!aNULL'

just beffore the class definition

segalion · October 18, 2019, 7:45pm

I’m going to try to develope a component based on mobile api from cebeerre

segalion · October 21, 2019, 11:36am

Published the first python version based on the great cebeerre work…

javy97 · October 27, 2019, 3:34pm

So, is it possible to add it to Hassio?

segalion · October 27, 2019, 4:03pm

I am working on it.

javy97 · October 29, 2019, 9:52pm

Tested the Python script for Spain and worked

If someone can add it to Home Assistant in the future it will be very useful for some automations

segalion · October 30, 2019, 3:59pm

I am proud to anounce a first version of a custom component for securitas direct alarm.

Just copy custom_components folder inside your homeassistant config folder, configure your configuration.yalm with config below, and restart HA.

# Include this part in your configuration.yaml changing username, password and code.
# Remember to mark all your controls (remotes and keys) to be tracked, in order to 
# ensure synchronization between this alarm_control_panel and real securitas alarm


securitas_direct:
  username: your_securitas_username
  password: your_securitas_password
  code: 1234
  country: ES

Please, could be great request for people in other countries and/or with more than one alarm, and other elements like perimeter etc., to improve this integration.

Thanks for all (specially to @Cebeerre)

jimenbar · October 30, 2019, 5:50pm

Outstanding job. Great contribution. I am already adding this to my HA.

azrod · October 30, 2019, 7:53pm

Hello,

Tanks for you contribution.

I’m a problem on start my homeassistant

Traceback (most recent call last):
  File "/homeassistant/homeassistant/lib/python3.7/site-packages/homeassistant/helpers/entity_platform.py", line 150, in _async_setup_platform
    await asyncio.wait_for(asyncio.shield(task), SLOW_SETUP_MAX_WAIT)
  File "/usr/lib/python3.7/asyncio/tasks.py", line 409, in wait_for
  File "/homeassistant/homeassistant/lib/python3.7/site-packages/homeassistant/setup.py", line 171, in _async_setup_component
    component.setup, hass, processed_config  # type: ignore
  File "/usr/lib/python3.7/concurrent/futures/thread.py", line 57, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/homeassistant/homeassistant/.homeassistant/custom_components/securitas_direct/__init__.py", line 65, in setup
    HUB.update_overview()
  File "/homeassistant/homeassistant/lib/python3.7/site-packages/homeassistant/util/__init__.py", line 240, in wrapper
    result = method(*args, **kwargs)
  File "/homeassistant/homeassistant/.homeassistant/custom_components/securitas_direct/__init__.py", line 109, in update_overview
    self.overview = self.session.last_state()
  File "/homeassistant/homeassistant/.homeassistant/custom_components/securitas_direct/securitas.py", line 107, in last_state
    res = self._api_requests('ACT_V2',timefilter=2,activityfilter=0)
  File "/homeassistant/homeassistant/.homeassistant/custom_components/securitas_direct/securitas.py", line 57, in _api_requests
    sys.exit(json.dumps(res,indent=2))
SystemExit: {
  "PET": {
    "RES": "KO",
    "ERR": "60057",
    "MSG": "El usuario introducido no existe",
    "BLOQ": {
      "@remotereqactive": "1",
      "#text": "Estamos mejorando nuestros servicios. Por favor intentelo de nuevo mas tarde. Gracias por confiar en Securitas Direct"
    }
  }
}

segalion · October 30, 2019, 7:57pm

See the message
“El usuario introducido no existe”,

You have to set your proper username and password

azrod · October 30, 2019, 8:01pm

Thanks for reply.

My username and password is valid.

I am french user.
https://customers.securitasdirect.fr/