Fix provisioning for new Dataplicity device-gateway API#50
Merged
Conversation
Dataplicity migrated to a new provisioning stack: - Endpoint moved from https://www.dataplicity.com/install/ to https://app-api.dataplicity.com/device-gateway/provision/ - Install URL extension changed from .py to .sh (the .sh wraps the legacy .py with a new required `device_class_hash` query parameter that is per-organization) - POST field renames: token -> provisioning_key, with new required device_class_hash field - Response renames: serial -> hash_id, auth -> device_secret (64-hex, previously UUID and ~20-char alnum) Without this, v1.2.2 fails to register new tokens ("Wrong URL or Token") and devices provisioned via the official installer cannot be authorized by `device.check_auth` (m2m returns -32602 "unknown device"), spamming the HA log ~9 errors/second. Changes: - config_flow.py: regex accepts .sh and .py, www-optional; the isalnum() check is dropped (new tokens contain "-" and uppercase); added a recovery-input mode that accepts `serial:auth` of an already-provisioned device, to skip the HTTP round trip when the install token has already been consumed by the official installer - utils.py: register_device POSTs the new endpoint with the new field names; new fetch_device_class_hash GETs the .sh wrapper and extracts the 64-hex hash; response parsed with hash_id->serial and device_secret->auth fallbacks for back-compat - translations/{en,ru}.json: update the hint to show the .sh URL shape and document the optional `serial:auth` recovery format The pinned dataplicity==0.4.40 agent is unchanged - its Client(serial, auth_token) signature is API-compatible with the new 64-hex credentials. Closes AlexxIT#49.
AlexxIT
approved these changes
May 20, 2026
Owner
|
Thanks! I made some changes. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Dataplicity migrated their provisioning to
app-api.dataplicity.com/device-gateway/provision/and switched install URLs from.pyto.sh. v1.2.2 still POSTs to the old endpoint and the regex rejects the new URL shape, so any token issued after the migration fails with "Wrong URL or Token". Devices kept around from before the migration also stop authorizing in m2m ("unknown device" errors spamming the log).The fix rewrites
register_deviceand the config_flow regex for the new endpoint. The per-organizationdevice_class_hash(now required) is only exposed via the.shwrapper, so a small helper fetches the wrapper and parses it out. Response keys are also renamed (hash_id,device_secret) — parsed with fallbacks for back-compat.Also adds a
serial:authrecovery input mode for users whose install token was already consumed by the official installer — they can paste existing credentials directly without burning a fresh token.__init__.pyand the pinneddataplicity==0.4.40agent are unchanged —Client(serial, auth_token)works fine with the new 64-hex credentials.Tested end-to-end on HAOS Supervised: device provisioned, agent reconnected within ~30s, wormhole URL serves HA, log clean.
Closes #49.