Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication Type for Access Event #71

Closed
jblattel opened this issue Sep 6, 2024 · 6 comments
Closed

Authentication Type for Access Event #71

jblattel opened this issue Sep 6, 2024 · 6 comments
Labels
enhancement New feature or request

Comments

@jblattel
Copy link
Contributor

jblattel commented Sep 6, 2024

Hello and thanks for all of your work. I was wondering if you could expose the authentication_type to the Access Event. I believe the API supports this here:

    "actor": {
        "id": "d62e92fd-91aa-44c2-9b36-6d674a4b74d0",
        "name": "Hon***",
        "type": "user"
    },
    "object": {
        "authentication_type": "CALL", //Door opening method, NFC/PIN_CODE/Call For a DoorBell
        "authentication_value": "",
        "policy_id": "",
        "policy_name": "",
        "reader_id": "",
        "result": "Access Granted"
    }

This way we can determine how access was granted and e.g. take action for remotely authorized access vs say a phone tap. Or better way to look at it an unknown user that has been granted access via the actor or the actor him/herself tapping in.

I thought I'd take a stab at working on this myself but my level of understanding of HA is basically NILL.

Thanks again.
@jblattel
Copy link
Contributor Author

jblattel commented Sep 8, 2024
edited
Loading

Update:
I looked at your code again - and realize (or think rather) you're getting actor info from the add log event and not the access.unlock.door webhook. Therefore, I amend above to utilize:

"data": {
        "hits": [
            {
                "@timestamp": "2023-07-11T12:11:27Z",
                "_id": "",
                "_source": {
                    "actor": {
                        "alternate_id": "",
                        "alternate_name": "",
                        "display_name": "N/A",
                        "id": "",
                        "type": "user"
                    },
                    "authentication": {
                        "credential_provider": "NFC",
                        "issuer": "6FC02554"
                    },

I'm not sure what "credential_provider" all entails but may be able to get the same information from there? Maybe something like:

if door_id in self.doors:
                            existing_door = self.doors[door_id]
                            actor = update["data"]["_source"]["actor"]["display_name"]
                            authentication = update["data"]["_source"]["authentication"]["credential_provider"]
                            device_config = next(
                                (
                                    target
                                    for target in update["data"]["_source"]["target"]
                                    if target["type"] == "device_config"
                                ),
                                None,
                            )
                            if device_config is not None:
                                access_type = device_config["display_name"]
                                event = "access"
                                event_attributes = {
                                    "door_name": existing_door.name,
                                    "door_id": door_id,
                                    "actor": actor,
                                    "authentication": authentication,
                                    "type": ACCESS_EVENT.format(type=access_type),
                                }

Thanks!

@imhotep
Copy link
Owner

imhotep commented Sep 9, 2024

@jblattel this integration uses websockets for status updates as you came to find out. The problem is supporting this across multiple UA hubs as they all have different (and undocumented) messages.

@jblattel
Copy link
Contributor Author

jblattel commented Sep 9, 2024

I'm guessing they are the 3 they indicated (NFC, CALL and PIN_CODE) at least for the door[id] ... authentication.credential_provider - but yeah there is no mention of that really anywhere in the doc. I may go ahead and take a stab at implementing this. Least take a look at the raw logging coming out of the event and test those 3 parameters. Less there's some other hidden code it looks like those event objects and associated attributes just get put up onto the HA bus, so fairly straightforward.

@imhotep
Copy link
Owner

imhotep commented Sep 9, 2024

@jblattel yeah if it's just about adding a property to the event. It should be as simple as getting the property from the "access.logs.add" websocket message and adding it to the event attributes

@jblattel
Copy link
Contributor Author

jblattel commented Sep 10, 2024
edited
Loading

@imhotep OK - here is the PR - I'm not sure I've covered all cases but certainly enough to make the attribute actionable on .... :) -- Let me know if you want me to update the Readme too - I forgot about that ....

@imhotep imhotep added the enhancement New feature or request label Sep 23, 2024
@jblattel
Copy link
Contributor Author

jblattel commented Oct 2, 2024
edited
Loading

@imhotep - I see you merged the change awesome - will close this.

@jblattel jblattel closed this as completed Oct 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@imhotep @jblattel