From 35c60bae40a8611ae7dc483a4e567ea05c086606 Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Thu, 19 Aug 2021 15:03:57 +0900
Subject: [PATCH 01/19] =?UTF-8?q?Feat:=20Cognito=20login=20=EA=B8=B0?=
 =?UTF-8?q?=EB=8A=A5=20=EA=B5=AC=ED=98=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tasmota/xdrv_01_webserver.ino | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/tasmota/xdrv_01_webserver.ino b/tasmota/xdrv_01_webserver.ino
index de759fe99d89..1432c551f903 100644
--- a/tasmota/xdrv_01_webserver.ino
+++ b/tasmota/xdrv_01_webserver.ino
@@ -427,17 +427,17 @@ const char HTTP_DEVICE_STATE[] PROGMEM = "<td style='width:%d%%;text-align:cente
 
 enum ButtonTitle {
   BUTTON_RESTART, BUTTON_RESET_CONFIGURATION, BUTTON_FACTORY_RESET,
-  BUTTON_MAIN, BUTTON_CONFIGURATION, BUTTON_INFORMATION, BUTTON_FIRMWARE_UPGRADE, BUTTON_MANAGEMENT,
+  BUTTON_MAIN, BUTTON_COGNITO_LOGIN, BUTTON_CONFIGURATION, BUTTON_INFORMATION, BUTTON_FIRMWARE_UPGRADE, BUTTON_MANAGEMENT,
   BUTTON_MODULE, BUTTON_WIFI, BUTTON_LOGGING, BUTTON_OTHER, BUTTON_TEMPLATE, BUTTON_BACKUP, BUTTON_RESTORE,
   BUTTON_CONSOLE };
 const char kButtonTitle[] PROGMEM =
   D_RESTART "|" D_RESET_CONFIGURATION "|" "공장 초기화" "|"
-  D_MAIN_MENU "|" D_CONFIGURATION "|" D_INFORMATION "|" D_FIRMWARE_UPGRADE "|" D_MANAGEMENT "|"
+  D_MAIN_MENU "|" "로그인" "|" D_CONFIGURATION "|" D_INFORMATION "|" D_FIRMWARE_UPGRADE "|" D_MANAGEMENT "|"
   D_CONFIGURE_MODULE "|" D_CONFIGURE_WIFI"|" D_CONFIGURE_LOGGING "|" D_CONFIGURE_OTHER "|" D_CONFIGURE_TEMPLATE "|" D_BACKUP_CONFIGURATION "|" D_RESTORE_CONFIGURATION "|"
   D_CONSOLE;
 const char kButtonAction[] PROGMEM =
   ".|rt|frt|"
-  ".|cn|in|up|mn|"
+  ".|lo|cn|in|up|mn|"
   "md|wi|lg|co|tp|dl|rs|"
   "cs";
 const char kButtonConfirm[] PROGMEM = D_CONFIRM_RESTART "|" D_CONFIRM_RESET_CONFIGURATION "|" "공장 초기화 확인";
@@ -604,6 +604,7 @@ void StartWebserver(int type, IPAddress ipweb)
       Webserver->on(F("/certs"), HTTP_GET, HandleCertsInfo);
       Webserver->on(F("/certs"), HTTP_POST, HandleCertsConfiguration);
       Webserver->on(F("/frt"), HTTP_GET, HandleFactoryResetConfiguration);
+      Webserver->on(F("/lo"), HTTP_GET, HandleCognitoLogin);
       Webserver->onNotFound(HandleNotFound);
 //      Webserver->on(F("/u2"), HTTP_POST, HandleUploadDone, HandleUploadLoop);  // this call requires 2 functions so we keep a direct call
 #ifndef FIRMWARE_MINIMAL
@@ -1023,6 +1024,12 @@ void WebRestart(uint32_t type)
 
 /*********************************************************************************************/
 
+void HandleCognitoLogin(void)
+{
+  Webserver->sendHeader(F("Location"), String(F("https://ziot-sonoff-auth.auth.ap-northeast-2.amazoncognito.com/login?client_id=3ambmcokjea85jv4ff2hmkb0un&response_type=code&scope=openid&redirect_uri=https://nb0pw9tdj5.execute-api.ap-northeast-2.amazonaws.com/2021-08-16/login")), true);
+  WSSend(302, CT_PLAIN, "");  // Empty content inhibits Content-length header so we have to close the socket ourselves.
+}
+
 void HandleWifiLogin(void)
 {
   WSContentStart_P(PSTR(D_CONFIGURE_WIFI), false);  // false means show page no matter if the client has or has not credentials
@@ -1127,6 +1134,7 @@ void HandleRoot(void)
 #endif  // Not FIRMWARE_MINIMAL
 
   if (HTTP_ADMIN == Web.state) {
+    WSContentSpaceButton(BUTTON_COGNITO_LOGIN);
     WSContentSpaceButton(BUTTON_CONFIGURATION);
     WSContentButton(BUTTON_INFORMATION);
     WSContentButton(BUTTON_RESTART);

From 31437f35d140ba1fc07951d5993154826fdeddde Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Thu, 19 Aug 2021 16:46:41 +0900
Subject: [PATCH 02/19] =?UTF-8?q?Feat:=20Cognito=20code=20api=20=EA=B5=AC?=
 =?UTF-8?q?=ED=98=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tasmota/xdrv_01_webserver.ino | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/tasmota/xdrv_01_webserver.ino b/tasmota/xdrv_01_webserver.ino
index 1432c551f903..a01069a50948 100644
--- a/tasmota/xdrv_01_webserver.ino
+++ b/tasmota/xdrv_01_webserver.ino
@@ -605,6 +605,7 @@ void StartWebserver(int type, IPAddress ipweb)
       Webserver->on(F("/certs"), HTTP_POST, HandleCertsConfiguration);
       Webserver->on(F("/frt"), HTTP_GET, HandleFactoryResetConfiguration);
       Webserver->on(F("/lo"), HTTP_GET, HandleCognitoLogin);
+      Webserver->on(F("/lc"), HTTP_GET, HandleCognitoLoginCode);
       Webserver->onNotFound(HandleNotFound);
 //      Webserver->on(F("/u2"), HTTP_POST, HandleUploadDone, HandleUploadLoop);  // this call requires 2 functions so we keep a direct call
 #ifndef FIRMWARE_MINIMAL
@@ -1030,6 +1031,11 @@ void HandleCognitoLogin(void)
   WSSend(302, CT_PLAIN, "");  // Empty content inhibits Content-length header so we have to close the socket ourselves.
 }
 
+void HandleCognitoLoginCode(void)
+{
+  
+}
+
 void HandleWifiLogin(void)
 {
   WSContentStart_P(PSTR(D_CONFIGURE_WIFI), false);  // false means show page no matter if the client has or has not credentials

From 90c53d653947615cb48a0ca55be2f1dfe3824abf Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Thu, 19 Aug 2021 17:35:19 +0900
Subject: [PATCH 03/19] =?UTF-8?q?Feat:=20HTTPS=20=EC=9B=B9=EC=84=9C?=
 =?UTF-8?q?=EB=B2=84=20=EA=B5=AC=ED=98=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tasmota/xdrv_01_webserver.ino  |  5 +++-
 tasmota/xdrv_21_wemo_multi.ino | 54 +++++++++++++++++-----------------
 2 files changed, 31 insertions(+), 28 deletions(-)

diff --git a/tasmota/xdrv_01_webserver.ino b/tasmota/xdrv_01_webserver.ino
index de759fe99d89..32f2eb19ee33 100644
--- a/tasmota/xdrv_01_webserver.ino
+++ b/tasmota/xdrv_01_webserver.ino
@@ -60,6 +60,7 @@ const uint16_t HTTP_OTA_RESTART_RECONNECT_TIME = 10000;  // milliseconds - Allow
 
 #include <ESP8266WebServer.h>
 #include <DNSServer.h>
+#include <ESP8266WebServerSecure.h>
 
 const char HTTP_SCRIPT_ROOT2[] PROGMEM =
   "var rfsh=1,ft;"
@@ -459,6 +460,7 @@ enum WifiTestOptions {WIFI_NOT_TESTING, WIFI_TESTING, WIFI_TEST_FINISHED_SUCCESS
 
 DNSServer *DnsServer;
 ESP8266WebServer *Webserver;
+BearSSL::ESP8266WebServerSecure *Webserver;
 
 struct WEB {
   String chunk_buffer = "";                         // Could be max 2 * CHUNKED_BUFFER_SIZE
@@ -587,7 +589,8 @@ void StartWebserver(int type, IPAddress ipweb)
   Settings->web_refresh = HTTP_REFRESH_TIME;
   if (!Web.state) {
     if (!Webserver) {
-      Webserver = new ESP8266WebServer((HTTP_MANAGER == type || HTTP_MANAGER_RESET_ONLY == type) ? 80 : WEB_PORT);
+      //Webserver = new ESP8266WebServer((HTTP_MANAGER == type || HTTP_MANAGER_RESET_ONLY == type) ? 80 : WEB_PORT);
+      Webserver = new ESP8266WebServerSecure(443);
       // call `Webserver->on()` on each entry
       for (uint32_t i=0; i<nitems(WebServerDispatch); i++) {
         const WebServerDispatch_t & line = WebServerDispatch[i];
diff --git a/tasmota/xdrv_21_wemo_multi.ino b/tasmota/xdrv_21_wemo_multi.ino
index e2e12c6b30b1..280770d8bb2f 100644
--- a/tasmota/xdrv_21_wemo_multi.ino
+++ b/tasmota/xdrv_21_wemo_multi.ino
@@ -429,33 +429,33 @@ void WemoRespondToMSearch(int echo_type) {
 
 bool Xdrv21(uint8_t function)
 {
-  bool result = false;
-
-  if (TasmotaGlobal.devices_present && (EMUL_WEMO == Settings->flag2.emulation)) {
-    switch (function) {
-      case FUNC_LOOP:
-        for (uint32_t i = 1; i < numOfWemoSwitch; i++) { // Handle devices web server
-          wemoDevice[i]->HandleServerLoop();
-        }
-        break;
-      case FUNC_WEB_ADD_HANDLER:
-#ifdef USE_EMULATION_WEMO_DEBUG
-        AddLog(LOG_LEVEL_DEBUG, PSTR("WMO: Adding handlers for %d devices"), TasmotaGlobal.devices_present);
-#endif
-        // For the first device use the current webserver, for the others.. create a new one listening on a different PortUdp
-        wemoDevice[numOfWemoSwitch] = new WemoSwitch(1, Webserver);
-        wemoDevice[numOfWemoSwitch]->RegisterHandlers();
-        numOfWemoSwitch++;
-
-        for (uint32_t i = 1; i < TasmotaGlobal.devices_present; i++) {
-          wemoDevice[numOfWemoSwitch] = new WemoSwitch(i + 1, 8080 + i);
-          wemoDevice[numOfWemoSwitch]->RegisterHandlers();
-          numOfWemoSwitch++;
-        }
-        break;
-    }
-  }
-  return result;
+//   bool result = false;
+
+//   if (TasmotaGlobal.devices_present && (EMUL_WEMO == Settings->flag2.emulation)) {
+//     switch (function) {
+//       case FUNC_LOOP:
+//         for (uint32_t i = 1; i < numOfWemoSwitch; i++) { // Handle devices web server
+//           wemoDevice[i]->HandleServerLoop();
+//         }
+//         break;
+//       case FUNC_WEB_ADD_HANDLER:
+// #ifdef USE_EMULATION_WEMO_DEBUG
+//         AddLog(LOG_LEVEL_DEBUG, PSTR("WMO: Adding handlers for %d devices"), TasmotaGlobal.devices_present);
+// #endif
+//         // For the first device use the current webserver, for the others.. create a new one listening on a different PortUdp
+//         wemoDevice[numOfWemoSwitch] = new WemoSwitch(1, Webserver);
+//         wemoDevice[numOfWemoSwitch]->RegisterHandlers();
+//         numOfWemoSwitch++;
+
+//         for (uint32_t i = 1; i < TasmotaGlobal.devices_present; i++) {
+//           wemoDevice[numOfWemoSwitch] = new WemoSwitch(i + 1, 8080 + i);
+//           wemoDevice[numOfWemoSwitch]->RegisterHandlers();
+//           numOfWemoSwitch++;
+//         }
+//         break;
+//     }
+//   }
+//   return result;
 }
 
 #endif // USE_WEBSERVER && USE_EMULATION && USE_EMULATION_WEMO
\ No newline at end of file

From d161166eb32128958fe0f812e027ddd258ab2433 Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Fri, 20 Aug 2021 15:36:36 +0900
Subject: [PATCH 04/19] =?UTF-8?q?Feat:=20HTTPS=20=EC=9B=B9=EC=84=9C?=
 =?UTF-8?q?=EB=B2=84=20=EA=B5=AC=ED=98=84=20=EB=B0=8F=20=ED=95=84=EC=9A=94?=
 =?UTF-8?q?=EC=97=86=EB=8A=94=20=EC=9B=B9=EC=84=9C=EB=B2=84=20=EA=B8=B0?=
 =?UTF-8?q?=EB=8A=A5=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 platformio_override.ini        |   2 +-
 tasmota/support_tasmota.ino    |   2 +-
 tasmota/tasmota.h              |   4 +-
 tasmota/tasmota.ino            |   3 +
 tasmota/tasmota_cert.h         |  54 +++
 tasmota/user_config_override.h | 133 ++++++
 tasmota/xdrv_01_webserver.ino  | 784 +--------------------------------
 tasmota/xdrv_02_9_mqtt.ino     |   4 +-
 8 files changed, 215 insertions(+), 771 deletions(-)

diff --git a/platformio_override.ini b/platformio_override.ini
index f113692a5dc4..26dc4dfe0f5c 100644
--- a/platformio_override.ini
+++ b/platformio_override.ini
@@ -71,7 +71,7 @@ build_flags                 = ${core.build_flags}
 ;board_build.f_flash         = 80000000L
 
 ; *** Upload Serial reset method for Wemos and NodeMCU
-upload_port                 = /dev/tty.usbserial-1420
+upload_port                 = /dev/tty.usbserial-21420
 
 extra_scripts               = ${scripts_defaults.extra_scripts}
 ;                              pio-tools/obj-dump.py
diff --git a/tasmota/support_tasmota.ino b/tasmota/support_tasmota.ino
index 80d41aef8ccf..ceea8d4833b3 100644
--- a/tasmota/support_tasmota.ino
+++ b/tasmota/support_tasmota.ino
@@ -1345,7 +1345,7 @@ void Every250mSeconds(void)
       }
 #endif  // USE_KNX
 
-      MqttCheck();
+      //MqttCheck();
     } else {
 #ifdef USE_EMULATION
       UdpDisconnect();
diff --git a/tasmota/tasmota.h b/tasmota/tasmota.h
index 1d2a92d547cc..b0dde1876b92 100644
--- a/tasmota/tasmota.h
+++ b/tasmota/tasmota.h
@@ -399,10 +399,10 @@ enum DevGroupItemFlag { DGR_ITEM_FLAG_NO_SHARE = 1 };
 enum DevGroupShareItem { DGR_SHARE_POWER = 1, DGR_SHARE_LIGHT_BRI = 2, DGR_SHARE_LIGHT_FADE = 4, DGR_SHARE_LIGHT_SCHEME = 8,
                          DGR_SHARE_LIGHT_COLOR = 16, DGR_SHARE_DIMMER_SETTINGS = 32, DGR_SHARE_EVENT = 64 };
 
-enum CommandSource { SRC_IGNORE, SRC_MQTT, SRC_RESTART, SRC_BUTTON, SRC_SWITCH, SRC_BACKLOG, SRC_SERIAL, SRC_WEBGUI, SRC_WEBCOMMAND, SRC_WEBCONSOLE, SRC_PULSETIMER,
+enum CommandSource { SRC_IGNORE, SRC_MQTT, SRC_RESTART, SRC_BUTTON, SRC_SWITCH, SRC_BACKLOG, SRC_SERIAL, SRC_WEBGUI, SRC_WEBCOMMAND, SRC_PULSETIMER,
                      SRC_TIMER, SRC_RULE, SRC_MAXPOWER, SRC_MAXENERGY, SRC_OVERTEMP, SRC_LIGHT, SRC_KNX, SRC_DISPLAY, SRC_WEMO, SRC_HUE, SRC_RETRY, SRC_REMOTE, SRC_SHUTTER,
                      SRC_THERMOSTAT, SRC_CHAT, SRC_TCL, SRC_BERRY, SRC_FILE, SRC_MAX };
-const char kCommandSource[] PROGMEM = "I|MQTT|Restart|Button|Switch|Backlog|Serial|WebGui|WebCommand|WebConsole|PulseTimer|"
+const char kCommandSource[] PROGMEM = "I|MQTT|Restart|Button|Switch|Backlog|Serial|WebGui|WebCommand|PulseTimer|"
                                       "Timer|Rule|MaxPower|MaxEnergy|Overtemp|Light|Knx|Display|Wemo|Hue|Retry|Remote|Shutter|"
                                       "Thermostat|Chat|TCL|Berry|File";
 
diff --git a/tasmota/tasmota.ino b/tasmota/tasmota.ino
index 97a9af63f5a3..d729aec906f2 100644
--- a/tasmota/tasmota.ino
+++ b/tasmota/tasmota.ino
@@ -393,6 +393,9 @@ void setup(void) {
     SettingsUpdateText(SET_HOSTNAME, TasmotaGlobal.hostname);
   }
 
+  mac_address.~String();
+  mac_part.~String();
+
   RtcInit();
   GpioInit();
   ButtonInit();
diff --git a/tasmota/tasmota_cert.h b/tasmota/tasmota_cert.h
index 9e75532d3eef..b08e4c61932d 100644
--- a/tasmota/tasmota_cert.h
+++ b/tasmota/tasmota_cert.h
@@ -3,4 +3,58 @@
 char AmazonClientCert[857];
 char AmazonPrivateKey[45];
 
+static const char serverCert[] PROGMEM = R"EOF(
+-----BEGIN CERTIFICATE-----
+MIIDSzCCAjMCCQD2ahcfZAwXxDANBgkqhkiG9w0BAQsFADCBiTELMAkGA1UEBhMC
+VVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDU9yYW5nZSBDb3VudHkx
+EDAOBgNVBAoMB1ByaXZhZG8xGjAYBgNVBAMMEXNlcnZlci56bGFiZWwuY29tMR8w
+HQYJKoZIhvcNAQkBFhBlYXJsZUB6bGFiZWwuY29tMB4XDTE4MDMwNjA1NDg0NFoX
+DTE5MDMwNjA1NDg0NFowRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3Rh
+dGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAPVKBwbZ+KDSl40YCDkP6y8Sv4iNGvEOZg8Y
+X7sGvf/xZH7UiCBWPFIRpNmDSaZ3yjsmFqm6sLiYSGSdrBCFqdt9NTp2r7hga6Sj
+oASSZY4B9pf+GblDy5m10KDx90BFKXdPMCLT+o76Nx9PpCvw13A848wHNG3bpBgI
+t+w/vJCX3bkRn8yEYAU6GdMbYe7v446hX3kY5UmgeJFr9xz1kq6AzYrMt/UHhNzO
+S+QckJaY0OGWvmTNspY3xCbbFtIDkCdBS8CZAw+itnofvnWWKQEXlt6otPh5njwy
++O1t/Q+Z7OMDYQaH02IQx3188/kW3FzOY32knER1uzjmRO+jhA8CAwEAATANBgkq
+hkiG9w0BAQsFAAOCAQEAnDrROGRETB0woIcI1+acY1yRq4yAcH2/hdq2MoM+DCyM
+E8CJaOznGR9ND0ImWpTZqomHOUkOBpvu7u315blQZcLbL1LfHJGRTCHVhvVrcyEb
+fWTnRtAQdlirUm/obwXIitoz64VSbIVzcqqfg9C6ZREB9JbEX98/9Wp2gVY+31oC
+JfUvYadSYxh3nblvA4OL+iEZiW8NE3hbW6WPXxvS7Euge0uWMPc4uEcnsE0ZVG3m
++TGimzSdeWDvGBRWZHXczC2zD4aoE5vrl+GD2i++c6yjL/otHfYyUpzUfbI2hMAA
+5tAF1D5vAAwA8nfPysumlLsIjohJZo4lgnhB++AlOg==
+-----END CERTIFICATE-----
+)EOF";
+
+static const char serverKey[] PROGMEM =  R"EOF(
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEA9UoHBtn4oNKXjRgIOQ/rLxK/iI0a8Q5mDxhfuwa9//FkftSI
+IFY8UhGk2YNJpnfKOyYWqbqwuJhIZJ2sEIWp2301OnavuGBrpKOgBJJljgH2l/4Z
+uUPLmbXQoPH3QEUpd08wItP6jvo3H0+kK/DXcDzjzAc0bdukGAi37D+8kJfduRGf
+zIRgBToZ0xth7u/jjqFfeRjlSaB4kWv3HPWSroDNisy39QeE3M5L5ByQlpjQ4Za+
+ZM2yljfEJtsW0gOQJ0FLwJkDD6K2eh++dZYpAReW3qi0+HmePDL47W39D5ns4wNh
+BofTYhDHfXzz+RbcXM5jfaScRHW7OOZE76OEDwIDAQABAoIBAQDKov5NFbNFQNR8
+djcM1O7Is6dRaqiwLeH4ZH1pZ3d9QnFwKanPdQ5eCj9yhfhJMrr5xEyCqT0nMn7T
+yEIGYDXjontfsf8WxWkH2TjvrfWBrHOIOx4LJEvFzyLsYxiMmtZXvy6YByD+Dw2M
+q2GH/24rRdI2klkozIOyazluTXU8yOsSGxHr/aOa9/sZISgLmaGOOuKI/3Zqjdhr
+eHeSqoQFt3xXa8jw01YubQUDw/4cv9rk2ytTdAoQUimiKtgtjsggpP1LTq4xcuqN
+d4jWhTcnorWpbD2cVLxrEbnSR3VuBCJEZv5axg5ZPxLEnlcId8vMtvTRb5nzzszn
+geYUWDPhAoGBAPyKVNqqwQl44oIeiuRM2FYenMt4voVaz3ExJX2JysrG0jtCPv+Y
+84R6Cv3nfITz3EZDWp5sW3OwoGr77lF7Tv9tD6BptEmgBeuca3SHIdhG2MR+tLyx
+/tkIAarxQcTGsZaSqra3gXOJCMz9h2P5dxpdU+0yeMmOEnAqgQ8qtNBfAoGBAPim
+RAtnrd0WSlCgqVGYFCvDh1kD5QTNbZc+1PcBHbVV45EmJ2fLXnlDeplIZJdYxmzu
+DMOxZBYgfeLY9exje00eZJNSj/csjJQqiRftrbvYY7m5njX1kM5K8x4HlynQTDkg
+rtKO0YZJxxmjRTbFGMegh1SLlFLRIMtehNhOgipRAoGBAPnEEpJGCS9GGLfaX0HW
+YqwiEK8Il12q57mqgsq7ag7NPwWOymHesxHV5mMh/Dw+NyBi4xAGWRh9mtrUmeqK
+iyICik773Gxo0RIqnPgd4jJWN3N3YWeynzulOIkJnSNx5BforOCTc3uCD2s2YB5X
+jx1LKoNQxLeLRN8cmpIWicf/AoGBANjRSsZTKwV9WWIDJoHyxav/vPb+8WYFp8lZ
+zaRxQbGM6nn4NiZI7OF62N3uhWB/1c7IqTK/bVHqFTuJCrCNcsgld3gLZ2QWYaMV
+kCPgaj1BjHw4AmB0+EcajfKilcqtSroJ6MfMJ6IclVOizkjbByeTsE4lxDmPCDSt
+/9MKanBxAoGAY9xo741Pn9WUxDyRplww606ccdNf/ksHWNc/Y2B5SPwxxSnIq8nO
+j01SmsCUYVFAgZVOTiiycakjYLzxlc6p8BxSVqy6LlJqn95N8OXoQ+bkwUux/ekg
+gz5JWYhbD6c38khSzJb0pNXCo3EuYAVa36kDM96k1BtWuhRS10Q1VXk=
+-----END RSA PRIVATE KEY-----
+)EOF";
+
+
 #endif // defined(USE_TLS) && defined(USE_MQTT_TLS_CA_CERT)
diff --git a/tasmota/user_config_override.h b/tasmota/user_config_override.h
index bf9e5873169a..3d9ca0fc6494 100644
--- a/tasmota/user_config_override.h
+++ b/tasmota/user_config_override.h
@@ -78,6 +78,139 @@
 
 #define DEVICE_TYPE            "Light"
 
+// -- MQTT - Domoticz -----------------------------
+#undef USE_DOMOTICZ                                         // Enable Domoticz (+6k code, +0.3k mem)
+  #undef DOMOTICZ_IN_TOPIC                                  // Domoticz Input Topic
+  #undef DOMOTICZ_OUT_TOPIC                                 // Domoticz Output Topic
+
+// -- MQTT - Home Assistant Discovery -------------
+#undef USE_HOME_ASSISTANT                                   // Enable Home Assistant Discovery Support (+12k code, +6 bytes mem)
+  #undef HOME_ASSISTANT_DISCOVERY_PREFIX                    // Home Assistant discovery prefix
+  #undef HOME_ASSISTANT_LWT_TOPIC                           // home Assistant Birth and Last Will Topic (default = homeassistant/status)
+  #undef HOME_ASSISTANT_LWT_SUBSCRIBE                       // Subscribe to Home Assistant Birth and Last Will Topic (default = true)
+
+// -- Telegram Protocol ---------------------------
+  #undef USE_TELEGRAM_FINGERPRINT                           // Telegram api.telegram.org TLS public key fingerpring
+
+// -- KNX IP Protocol -----------------------------
+  #undef USE_KNX_WEB_MENU                                   // Enable KNX WEB MENU (+8.3k code, +144 mem)
+
+// -- HTTP ----------------------------------------
+#undef USE_EMULATION_HUE                                    // Enable Hue Bridge emulation for Alexa (+14k code, +2k mem common)
+  #undef USE_EMULATION_WEMO                                 // Enable Belkin WeMo emulation for Alexa (+6k code, +2k mem common)
+
+// -- Time ----------------------------------------
+#undef USE_TIMERS                                           // Add support for up to 16 timers (+2k2 code)
+  #undef USE_TIMERS_WEB                                     // Add timer webpage support (+4k5 code)
+  #undef USE_SUNRISE                                        // Add support for Sunrise and sunset tools (+16k)
+    #undef SUNRISE_DAWN_ANGLE                               // Select desired Dawn Angle from (DAWN_NORMAL, DAWN_CIVIL, DAWN_NAUTIC, DAWN_ASTRONOMIC)
+
+// -- Optional modules ----------------------------
+#undef ROTARY_V1                                            // Add support for Rotary Encoder as used in MI Desk Lamp (+0k8 code)
+  #undef ROTARY_MAX_STEPS                                   // Rotary step boundary
+#undef USE_SONOFF_RF                                        // Add support for Sonoff Rf Bridge (+3k2 code)
+  #undef USE_RF_FLASH                                       // Add support for flashing the EFM8BB1 chip on the Sonoff RF Bridge. C2CK must be connected to GPIO4, C2D to GPIO5 on the PCB (+2k7 code)
+#undef USE_SONOFF_SC                                        // Add support for Sonoff Sc (+1k1 code)
+#undef USE_TUYA_MCU                                         // Add support for Tuya Serial MCU
+  #undef TUYA_DIMMER_ID                                     // Default dimmer Id
+  #undef USE_TUYA_TIME                                      // Add support for Set Time in Tuya MCU
+#undef USE_ARMTRONIX_DIMMERS                                // Add support for Armtronix Dimmers (+1k4 code)
+#undef USE_PS_16_DZ                                         // Add support for PS-16-DZ Dimmer (+2k code)
+#undef USE_SONOFF_IFAN                                      // Add support for Sonoff iFan02 and iFan03 (+2k code)
+#undef USE_BUZZER                                           // Add support for a buzzer (+0k6 code)
+#undef USE_ARILUX_RF                                        // Add support for Arilux RF remote controller (+0k8 code, 252 iram (non 2.3.0))
+#undef USE_SHUTTER                                          // Add Shutter support for up to 4 shutter with different motortypes (+11k code)
+#undef USE_EXS_DIMMER                                       // Add support for ES-Store Wi-Fi Dimmer (+1k5 code)
+#undef USE_PWM_DIMMER                                       // Add support for MJ-SD01/acenx/NTONPOWER PWM dimmers (+2k3 code, DGR=0k7)
+  #undef USE_PWM_DIMMER_REMOTE                              // Add support for remote switches to PWM Dimmer (requires USE_DEVICE_GROUPS) (+0k6 code)
+#undef USE_SONOFF_D1                                        // Add support for Sonoff D1 Dimmer (+0k7 code)
+#undef USE_SHELLY_DIMMER                                    // Add support for Shelly Dimmer (+3k code)
+  #undef SHELLY_CMDS                                        // Add command to send co-processor commands (+0k3 code)
+  #undef SHELLY_FW_UPGRADE                                  // Add firmware upgrade option for co-processor (+3k4 code)
+
+// -- Optional light modules ----------------------
+#undef USE_LIGHT                                            // Add support for light control
+#undef USE_WS2812                                           // WS2812 Led string using library NeoPixelBus (+5k code, +1k mem, 232 iram) - Disable by //
+  #undef USE_WS2812_RMT                                     // ESP32 only, hardware RMT support (default). Specify the RMT channel 0..7. This should be preferred to software bit bang.
+
+  #undef USE_WS2812_HARDWARE                                // Hardware type (NEO_HW_WS2812, NEO_HW_WS2812X, NEO_HW_WS2813, NEO_HW_SK6812, NEO_HW_LC8812, NEO_HW_APA106, NEO_HW_P9813)
+  #undef USE_WS2812_CTYPE                                   // Color type (NEO_RGB, NEO_GRB, NEO_BRG, NEO_RBG, NEO_RGBW, NEO_GRBW)
+#undef USE_MY92X1                                           // Add support for MY92X1 RGBCW led controller as used in Sonoff B1, Ailight and Lohas
+#undef USE_SM16716                                          // Add support for SM16716 RGB LED controller (+0k7 code)
+#undef USE_SM2135                                           // Add support for SM2135 RGBCW led control as used in Action LSC (+0k6 code)
+#undef USE_SONOFF_L1                                        // Add support for Sonoff L1 led control
+#undef USE_ELECTRIQ_MOODL                                   // Add support for ElectriQ iQ-wifiMOODL RGBW LED controller (+0k3 code)
+#undef USE_LIGHT_PALETTE                                    // Add support for color palette (+0k7 code)
+#undef USE_LIGHT_VIRTUAL_CT                                 // Add support for Virtual White Color Temperature (+1.1k code)
+#undef USE_DGR_LIGHT_SEQUENCE                               // Add support for device group light sequencing (requires USE_DEVICE_GROUPS) (+0k2 code)
+
+// -- Counter input -------------------------------
+#undef USE_COUNTER                                          // Enable inputs as counter (+0k8 code)
+
+// -- One wire sensors ----------------------------
+#undef USE_DS18x20                                          // Add support for DS18x20 sensors with id sort, single scan and read retry (+2k6 code)
+
+// -- I2C sensors ---------------------------------
+    #undef USE_VEML6070_RSET                                // VEML6070, Rset in Ohm used on PCB board, default 270K = 270000ohm, range for this sensor: 220K ... 1Meg
+    #undef USE_VEML6070_SHOW_RAW                            // VEML6070, shows the raw value of UV-A
+    #undef MGS_SENSOR_ADDR                                  // Default Mutichannel Gas sensor i2c address
+    #undef USE_APDS9960_GESTURE                             // Enable APDS9960 Gesture feature (+2k code)
+    #undef USE_APDS9960_PROXIMITY                           // Enable APDS9960 Proximity feature (>50 code)
+    #undef USE_APDS9960_COLOR                               // Enable APDS9960 Color feature (+0.8k code)
+    #undef USE_APDS9960_STARTMODE                           // Default to enable Gesture mode
+  #undef USE_ADE7953                                        // [I2cDriver7] Enable ADE7953 Energy monitor as used on Shelly 2.5 (I2C address 0x38) (+1k5)
+
+// -- SPI sensors ---------------------------------
+    #undef USE_MIBLE                                        // BLE-bridge for some Mijia-BLE-sensors (+4k7 code)
+    #undef USE_DISPLAY_ILI9341                              // [DisplayModel 4] Enable ILI9341 Tft 480x320 display (+19k code)
+
+// -- Power monitoring sensors --------------------
+#undef USE_ENERGY_SENSOR                                    // Add support for Energy Monitors (+14k code)
+#undef USE_ENERGY_MARGIN_DETECTION                          // Add support for Energy Margin detection (+1k6 code)
+  #undef USE_ENERGY_POWER_LIMIT                             // Add additional support for Energy Power Limit detection (+1k2 code)
+#undef USE_ENERGY_DUMMY                                     // Add support for dummy Energy monitor allowing user values (+0k7 code)
+#undef USE_HLW8012                                          // Add support for HLW8012, BL0937 or HJL-01 Energy Monitor for Sonoff Pow and WolfBlitz
+#undef USE_CSE7766                                          // Add support for CSE7766 Energy Monitor for Sonoff S31 and Pow R2
+#undef USE_PZEM004T                                         // Add support for PZEM004T Energy monitor (+2k code)
+#undef USE_PZEM_AC                                          // Add support for PZEM014,016 Energy monitor (+1k1 code)
+#undef USE_PZEM_DC                                          // Add support for PZEM003,017 Energy monitor (+1k1 code)
+#undef USE_MCP39F501                                        // Add support for MCP39F501 Energy monitor as used in Shelly 2 (+3k1 code)
+  #undef SDM72_SPEED                                        // SDM72-Modbus RS485 serial speed (default: 9600 baud)
+  #undef SDM120_SPEED                                       // SDM120-Modbus RS485 serial speed (default: 2400 baud)
+  #undef SDM630_SPEED                                       // SDM630-Modbus RS485 serial speed (default: 9600 baud)
+  #undef DDS2382_SPEED                                      // Hiking DDS2382 Modbus RS485 serial speed (default: 9600 baud)
+  #undef DDSU666_SPEED                                      // Chint DDSU666 Modbus RS485 serial speed (default: 9600 baud)
+  #undef SOLAXX1_SPEED                                      // Solax X1 Modbus RS485 serial speed (default: 9600 baud)
+  #undef SOLAXX1_PV2                                        // Solax X1 using second PV
+  #undef LE01MR_SPEED                                       // LE-01MR modbus baudrate (default: 9600)
+  #undef LE01MR_ADDR                                        // LE-01MR modbus address (default: 0x01)
+#undef USE_BL0940                                           // Add support for BL0940 Energy monitor as used in Blitzwolf SHP-10 (+1k6 code)
+  #undef IEM3000_SPEED                                      // iEM3000-Modbus RS485 serial speed (default: 19200 baud)
+  #undef IEM3000_ADDR                                       // iEM3000-Modbus modbus address (default: 0x01)
+
+// -- Low level interface devices -----------------
+#undef USE_DHT                                              // Add support for DHT11, AM2301 (DHT21, DHT22, AM2302, AM2321) and SI7021 Temperature and Humidity sensor (1k6 code)
+  #undef MAX31865_PTD_WIRES                                 // PTDs come in several flavors, pick yours. Specific settings per sensor possible with MAX31865_PTD_WIRES1..MAX31865_PTD_WIRES6
+  #undef MAX31865_PTD_RES                                   // Nominal PTD resistance at 0°C (100Ω for a PT100, 1000Ω for a PT1000, YMMV!). Specific settings per sensor possible with MAX31865_PTD_RES1..MAX31865_PTD_RES6
+  #undef MAX31865_REF_RES                                   // Reference resistor (Usually 430Ω for a PT100, 4300Ω for a PT1000). Specific settings per sensor possible with MAX31865_REF_RES1..MAX31865_REF_RES6
+  #undef MAX31865_PTD_BIAS                                  // To calibrate your not-so-good PTD. Specific settings per sensor possible with MAX31865_PTD_BIAS1..MAX31865_PTD_BIAS6
+
+// -- IR Remote features - subset of IR protocols --------------------------
+#undef USE_IR_REMOTE                                        // Send IR remote commands using library IRremoteESP8266 and ArduinoJson (+4k3 code, 0k3 mem, 48 iram)
+  #undef IR_SEND_INVERTED                                   // Invert the output. (default = false) e.g. LED is illuminated when GPIO is LOW rather than HIGH.
+                                                            // Setting inverted to something other than the default could easily destroy your IR LED if you are overdriving it.
+                                                            // Unless you REALLY know what you are doing, don't change this.
+  #undef IR_SEND_USE_MODULATION                             // Do we do frequency modulation during transmission? i.e. If not, assume a 100% duty cycle.
+  #undef USE_IR_SEND_NEC                                    // Support IRsend NEC protocol
+  #undef USE_IR_SEND_RC5                                    // Support IRsend Philips RC5 protocol
+  #undef USE_IR_SEND_RC6                                    // Support IRsend Philips RC6 protocol
+
+  #undef USE_IR_RECEIVE                                     // Support for IR receiver (+7k2 code, 264 iram)
+    #undef IR_RCV_BUFFER_SIZE                               // Max number of packets allowed in capture buffer (default 100 (*2 bytes ram))
+    #undef IR_RCV_TIMEOUT                                   // Number of milli-Seconds of no-more-data before we consider a message ended (default 15)
+    #undef IR_RCV_MIN_UNKNOWN_SIZE                          // Set the smallest sized "UNKNOWN" message packets we actually care about (default 6, max 255)
+    #undef IR_RCV_WHILE_SENDING                             // Turns on receiver while sending messages, i.e. receive your own. This is unreliable and can cause IR timing issues    
+
 // -- HTTP GUI Colors -----------------------------
 // HTML hex color codes. Only 3 and 6 digit hex string values are supported!! See https://www.w3schools.com/colors/colors_hex.asp
 // Light theme - pre v7
diff --git a/tasmota/xdrv_01_webserver.ino b/tasmota/xdrv_01_webserver.ino
index 32f2eb19ee33..78652b584bd5 100644
--- a/tasmota/xdrv_01_webserver.ino
+++ b/tasmota/xdrv_01_webserver.ino
@@ -184,63 +184,6 @@ const char HTTP_SCRIPT_RELOAD_TIME[] PROGMEM =
   #include "./html_uncompressed/HTTP_SCRIPT_CONSOL.h"
 #endif
 
-const char HTTP_MODULE_TEMPLATE_REPLACE_INDEX[] PROGMEM =
-  "}2%d'>%s (%d)}3";                       // }2 and }3 are used in below os.replace
-const char HTTP_MODULE_TEMPLATE_REPLACE_NO_INDEX[] PROGMEM =
-  "}2%d'>%s}3";                           // }2 and }3 are used in below os.replace
-
-#ifdef USE_UNISHOX_COMPRESSION
-  #include "./html_compressed/HTTP_SCRIPT_MODULE_TEMPLATE.h"
-  #include "./html_compressed/HTTP_SCRIPT_TEMPLATE.h"
-#else
-  #include "./html_uncompressed/HTTP_SCRIPT_MODULE_TEMPLATE.h"
-  #include "./html_uncompressed/HTTP_SCRIPT_TEMPLATE.h"
-#endif
-
-#if defined(ESP32) && CONFIG_IDF_TARGET_ESP32C3
-const char HTTP_SCRIPT_TEMPLATE2[] PROGMEM =
-    "for(i=0;i<" STR(MAX_USER_PINS) ";i++){"
-      "sk(g[i],i);"                       // Set GPIO
-    "}";
-#else // Now ESP32 and ESP8266
-const char HTTP_SCRIPT_TEMPLATE2[] PROGMEM =
-    "j=0;"
-    "for(i=0;i<" STR(MAX_USER_PINS) ";i++){"  // Supports 13 GPIOs
-      "if(6==i){j=9;}"
-      "if(8==i){j=12;}"
-      "sk(g[i],j);"                       // Set GPIO
-      "j++;"
-    "}";
-#endif
-const char HTTP_SCRIPT_TEMPLATE3[] PROGMEM =
-    "\";"
-    "sk(g[13]," STR(ADC0_PIN) ");";       // Set ADC0
-
-const char HTTP_SCRIPT_TEMPLATE4[] PROGMEM =
-    "g=o.shift();"                        // FLAG
-    "for(i=0;i<" STR(GPIO_FLAG_USED) ";i++){"
-      "p=(g>>i)&1;"
-      "eb('c'+i).checked=p;"              // Set FLAG checkboxes
-    "}"
-    "if(" STR(USER_MODULE) "==c){"
-      "g=o.shift();"
-      "eb('g99').value=g;"                // Set BASE for initial select
-    "}"
-  "}"
-  "function st(t){"
-    "c=t;"                                // Needed for initial BASE select
-    "var a='tp?t='+t;"
-    "ld(a,x1);"                           // ?t related to WebGetArg("t", stemp, sizeof(stemp));
-  "}"
-  "function sl(){"
-    "os=\"";                              // }2'0'>Sonoff Basic (1)}3...
-const char HTTP_SCRIPT_TEMPLATE5[] PROGMEM =
-    "\";"
-    "sk(" STR(WEMOS_MODULE) ",99);"       // 17 = WEMOS
-    "st(" STR(USER_MODULE) ");"
-  "}"
-  "wl(sl);";
-
 const char HTTP_SCRIPT_INFO_BEGIN[] PROGMEM =
   "function i(){"
     "var s,o=\"";
@@ -329,21 +272,6 @@ const char HTTP_FORM_LOGIN[] PROGMEM =
   "<button>" D_OK "</button>"
   "</form></fieldset>";
 
-const char HTTP_FORM_TEMPLATE[] PROGMEM =
-  "<fieldset><legend><b>&nbsp;" D_TEMPLATE_PARAMETERS "&nbsp;</b></legend>"
-  "<form method='get' action='tp'>";
-const char HTTP_FORM_TEMPLATE_FLAG[] PROGMEM =
-  "<p></p>"  // Keep close so do not use <br>
-  "<fieldset><legend><b>&nbsp;" D_TEMPLATE_FLAGS "&nbsp;</b></legend><p>"
-//  "<label><input id='c0' name='c0' type='checkbox'><b>" D_OPTION_TEXT "</b></label><br>"
-  "</p></fieldset>";
-
-const char HTTP_FORM_MODULE[] PROGMEM =
-  "<fieldset><legend><b>&nbsp;" D_MODULE_PARAMETERS "&nbsp;</b></legend>"
-  "<form method='get' action='md'>"
-  "<p></p><b>" D_MODULE_TYPE "</b> (%s)<br><select id='g99'></select><br>"
-  "<br><table>";
-
 const char HTTP_FORM_WIFI_PART1[] PROGMEM =
   "<fieldset><legend><b>&nbsp;" D_WIFI_PARAMETERS "&nbsp;</b></legend>"
   "<form method='get' action='wi'>"
@@ -357,30 +285,6 @@ const char HTTP_FORM_WIFI_PART2[] PROGMEM =
   "<p><b>" D_HOSTNAME "</b> (%s)<br><input id='h' placeholder=\"%s\" value=\"%s\"></p>"
   "<p><b>" D_CORS_DOMAIN "</b><input id='c' placeholder=\"" CORS_DOMAIN "\" value=\"%s\"></p>";
 
-const char HTTP_FORM_LOG1[] PROGMEM =
-  "<fieldset><legend><b>&nbsp;" D_LOGGING_PARAMETERS "&nbsp;</b>"
-  "</legend><form method='get' action='lg'>";
-const char HTTP_FORM_LOG2[] PROGMEM =
-  "<p><b>" D_SYSLOG_HOST "</b> (" SYS_LOG_HOST ")<br><input id='lh' placeholder=\"" SYS_LOG_HOST "\" value=\"%s\"></p>"
-  "<p><b>" D_SYSLOG_PORT "</b> (" STR(SYS_LOG_PORT) ")<br><input id='lp' placeholder='" STR(SYS_LOG_PORT) "' value='%d'></p>"
-  "<p><b>" D_TELEMETRY_PERIOD "</b> (" STR(TELE_PERIOD) ")<br><input id='lt' placeholder='" STR(TELE_PERIOD) "' value='%d'></p>";
-
-const char HTTP_FORM_OTHER[] PROGMEM =
-  "<fieldset><legend><b>&nbsp;" D_OTHER_PARAMETERS "&nbsp;</b></legend>"
-  "<form method='get' action='co'>"
-  "<p></p>"
-  "<fieldset><legend><b>&nbsp;" D_TEMPLATE "&nbsp;</b></legend>"
-  "<p><input id='t1' placeholder=\"" D_TEMPLATE "\" value='%s'></p>"  // We need ' apostrophe here as the template contains " quotation mark
-  "<p><label><input id='t2' type='checkbox'%s><b>" D_ACTIVATE "</b></label></p>"
-  "</fieldset>"
-  "<br>"
-  "<label><b>" D_WEB_ADMIN_PASSWORD "</b><input type='checkbox' onclick='sp(\"wp\")'></label><br><input id='wp' type='password' placeholder=\"" D_WEB_ADMIN_PASSWORD "\" value=\"" D_ASTERISK_PWD "\"><br>"
-  "<br>"
-  "<label><input id='b1' type='checkbox'%s><b>" D_MQTT_ENABLE "</b></label><br>"
-  "<br>"
-  "<label><b>" D_DEVICE_NAME "</b> (%s)</label><br><input id='dn' placeholder=\"\" value=\"%s\"><br>"
-  "<br>";
-
 const char HTTP_FORM_END[] PROGMEM =
   "<br>"
   "<button name='save' type='submit' class='button bgrn'>" D_SAVE "</button>"
@@ -428,27 +332,20 @@ const char HTTP_DEVICE_STATE[] PROGMEM = "<td style='width:%d%%;text-align:cente
 
 enum ButtonTitle {
   BUTTON_RESTART, BUTTON_RESET_CONFIGURATION, BUTTON_FACTORY_RESET,
-  BUTTON_MAIN, BUTTON_CONFIGURATION, BUTTON_INFORMATION, BUTTON_FIRMWARE_UPGRADE, BUTTON_MANAGEMENT,
-  BUTTON_MODULE, BUTTON_WIFI, BUTTON_LOGGING, BUTTON_OTHER, BUTTON_TEMPLATE, BUTTON_BACKUP, BUTTON_RESTORE,
-  BUTTON_CONSOLE };
+  BUTTON_MAIN, BUTTON_CONFIGURATION, BUTTON_INFORMATION, BUTTON_FIRMWARE_UPGRADE, BUTTON_WIFI, BUTTON_BACKUP, BUTTON_RESTORE };
 const char kButtonTitle[] PROGMEM =
   D_RESTART "|" D_RESET_CONFIGURATION "|" "공장 초기화" "|"
-  D_MAIN_MENU "|" D_CONFIGURATION "|" D_INFORMATION "|" D_FIRMWARE_UPGRADE "|" D_MANAGEMENT "|"
-  D_CONFIGURE_MODULE "|" D_CONFIGURE_WIFI"|" D_CONFIGURE_LOGGING "|" D_CONFIGURE_OTHER "|" D_CONFIGURE_TEMPLATE "|" D_BACKUP_CONFIGURATION "|" D_RESTORE_CONFIGURATION "|"
-  D_CONSOLE;
+  D_MAIN_MENU "|" D_CONFIGURATION "|" D_INFORMATION "|" D_FIRMWARE_UPGRADE "|"
+  D_CONFIGURE_WIFI "|" D_BACKUP_CONFIGURATION "|" D_RESTORE_CONFIGURATION "|";
 const char kButtonAction[] PROGMEM =
   ".|rt|frt|"
-  ".|cn|in|up|mn|"
-  "md|wi|lg|co|tp|dl|rs|"
-  "cs";
+  ".|cn|in|up|"
+  "wi|dl|rs|";
 const char kButtonConfirm[] PROGMEM = D_CONFIRM_RESTART "|" D_CONFIRM_RESET_CONFIGURATION "|" "공장 초기화 확인";
 
 enum CTypes { CT_HTML, CT_PLAIN, CT_XML, CT_STREAM, CT_APP_JSON, CT_APP_STREAM };
 const char kContentTypes[] PROGMEM = "text/html|text/plain|text/xml|text/event-stream|application/json|application/octet-stream";
 
-const char kLoggingOptions[] PROGMEM = D_SERIAL_LOG_LEVEL "|" D_WEB_LOG_LEVEL "|" D_MQTT_LOG_LEVEL "|" D_SYS_LOG_LEVEL;
-const char kLoggingLevels[] PROGMEM = D_NONE "|" D_ERROR "|" D_INFO "|" D_DEBUG "|" D_MORE_DEBUG;
-
 const char kEmulationOptions[] PROGMEM = D_NONE "|" D_BELKIN_WEMO "|" D_HUE_BRIDGE;
 
 const char kUploadErrors[] PROGMEM =
@@ -459,7 +356,7 @@ enum HttpOptions {HTTP_OFF, HTTP_USER, HTTP_ADMIN, HTTP_MANAGER, HTTP_MANAGER_RE
 enum WifiTestOptions {WIFI_NOT_TESTING, WIFI_TESTING, WIFI_TEST_FINISHED_SUCCESSFUL, WIFI_TEST_FINISHED_BAD};
 
 DNSServer *DnsServer;
-ESP8266WebServer *Webserver;
+//ESP8266WebServer *Webserver;
 BearSSL::ESP8266WebServerSecure *Webserver;
 
 struct WEB {
@@ -469,7 +366,6 @@ struct WEB {
   uint8_t upload_file_type;
   uint8_t config_block_count = 0;
   bool upload_services_stopped = false;
-  bool reset_web_log_flag = false;                  // Reset web console log
   bool initial_config = false;
   uint8_t wifiTest = WIFI_NOT_TESTING;
   uint8_t wifi_test_counter = 0;
@@ -563,7 +459,6 @@ typedef struct WebServerDispatch_t {
 const WebServerDispatch_t WebServerDispatch[] PROGMEM = {
   { "",   HTTP_ANY, HandleRoot },
   { "u2", HTTP_OPTIONS, HandlePreflightRequest },
-  { "mn", HTTP_GET, HandleManagement },
   { "cs", HTTP_OPTIONS, HandlePreflightRequest },
   { "cm", HTTP_ANY, HandleHttpCommand },
 #ifndef FIRMWARE_MINIMAL
@@ -591,6 +486,7 @@ void StartWebserver(int type, IPAddress ipweb)
     if (!Webserver) {
       //Webserver = new ESP8266WebServer((HTTP_MANAGER == type || HTTP_MANAGER_RESET_ONLY == type) ? 80 : WEB_PORT);
       Webserver = new ESP8266WebServerSecure(443);
+      Webserver->getServer().setRSACert(new BearSSL::X509List(serverCert), new BearSSL::PrivateKey(serverKey));
       // call `Webserver->on()` on each entry
       for (uint32_t i=0; i<nitems(WebServerDispatch); i++) {
         const WebServerDispatch_t & line = WebServerDispatch[i];
@@ -607,6 +503,7 @@ void StartWebserver(int type, IPAddress ipweb)
       Webserver->on(F("/certs"), HTTP_GET, HandleCertsInfo);
       Webserver->on(F("/certs"), HTTP_POST, HandleCertsConfiguration);
       Webserver->on(F("/frt"), HTTP_GET, HandleFactoryResetConfiguration);
+      Webserver->on(F("/test"), HTTP_GET, HandleTest);
       Webserver->onNotFound(HandleNotFound);
 //      Webserver->on(F("/u2"), HTTP_POST, HandleUploadDone, HandleUploadLoop);  // this call requires 2 functions so we keep a direct call
 #ifndef FIRMWARE_MINIMAL
@@ -614,7 +511,6 @@ void StartWebserver(int type, IPAddress ipweb)
       XsnsCall(FUNC_WEB_ADD_HANDLER);
 #endif  // Not FIRMWARE_MINIMAL
     }
-    Web.reset_web_log_flag = false;
 
     Webserver->begin(); // Web server start
   }
@@ -680,32 +576,11 @@ void WifiManagerBegin(bool reset_only)
 void PollDnsWebserver(void)
 {
   if (DnsServer) { DnsServer->processNextRequest(); }
-  if (Webserver) { Webserver->handleClient(); }
-}
-
-/*********************************************************************************************/
-
-bool WebAuthenticate(void)
-{
-  if (strlen(SettingsText(SET_WEBPWD)) && (HTTP_MANAGER_RESET_ONLY != Web.state)) {
-    return Webserver->authenticate(WEB_USERNAME, SettingsText(SET_WEBPWD));
-  } else {
-    return true;
+  if (Webserver) { Webserver->handleClient(); 
   }
 }
 
-bool HttpCheckPriviledgedAccess(bool autorequestauth = true)
-{
-  if (HTTP_USER == Web.state) {
-    HandleRoot();
-    return false;
-  }
-  if (autorequestauth && !WebAuthenticate()) {
-    Webserver->requestAuthentication();
-    return false;
-  }
-  return true;
-}
+/*********************************************************************************************/
 
 void HttpHeaderCors(void)
 {
@@ -821,10 +696,6 @@ void WSContentSend_PD(const char* formatP, ...) {  // Content send snprintf_P ch
 
 void WSContentStart_P(const char* title, bool auth)
 {
-  if (auth && !WebAuthenticate()) {
-    return Webserver->requestAuthentication();
-  }
-
   WSContentBegin(200, CT_HTML);
 
   if (title != nullptr) {
@@ -848,7 +719,7 @@ void WSContentSendStyle_P(const char* formatP, ...)
   WSContentSend_P(HTTP_HEAD_LAST_SCRIPT);
 
   WSContentSend_P(HTTP_HEAD_STYLE1, WebColor(COL_FORM), WebColor(COL_INPUT), WebColor(COL_INPUT_TEXT), WebColor(COL_INPUT),
-                  WebColor(COL_INPUT_TEXT), WebColor(COL_CONSOLE), WebColor(COL_CONSOLE_TEXT), WebColor(COL_BACKGROUND));
+                  WebColor(COL_INPUT_TEXT), PSTR(""), PSTR(""), WebColor(COL_BACKGROUND));
   WSContentSend_P(HTTP_HEAD_STYLE2, WebColor(COL_BUTTON), WebColor(COL_BUTTON_TEXT), WebColor(COL_BUTTON_HOVER),
                   WebColor(COL_BUTTON_RESET), WebColor(COL_BUTTON_RESET_HOVER), WebColor(COL_BUTTON_SAVE), WebColor(COL_BUTTON_SAVE_HOVER),
                   WebColor(COL_BUTTON));
@@ -1042,19 +913,6 @@ void HandleWifiLogin(void)
   WSContentStop();
 }
 
-uint32_t WebUseManagementSubmenu(void) {
-  static uint32_t management_count = 0;
-
-  if (!management_count) {
-    XdrvMailbox.index = 1;
-    XdrvCall(FUNC_WEB_ADD_CONSOLE_BUTTON);
-    XsnsCall(FUNC_WEB_ADD_CONSOLE_BUTTON);
-    XdrvCall(FUNC_WEB_ADD_MANAGEMENT_BUTTON);
-    management_count = XdrvMailbox.index;
-  }
-  return management_count -1;
-}
-
 uint32_t WebDeviceColumns(void) {
   const uint32_t max_columns = 8;
 
@@ -1119,8 +977,8 @@ void HandleRoot(void)
   WSContentSend_P(HTTP_SCRIPT_ROOT_PART2);
 
   WSContentSendStyle();
-  WSContentSend_P("<div id=\"loader\" style='padding:0'></div>");
-  WSContentSend_P("</br>");
+  WSContentSend_P(PSTR("<div id=\"loader\" style='padding:0'></div>"));
+  WSContentSend_P(PSTR("</br>"));
 
   WSContentSend_P(PSTR("<div style='padding:0;' id='l1' name='l1'></div>"));
 
@@ -1139,11 +997,6 @@ void HandleRoot(void)
 
 bool HandleRootStatusRefresh(void)
 {
-  if (!WebAuthenticate()) {
-    Webserver->requestAuthentication();
-    return true;
-  }
-
   if (!Webserver->hasArg("m")) {     // Status refresh requested
     return false;
   }
@@ -1157,7 +1010,7 @@ bool HandleRootStatusRefresh(void)
   WSContentSend_P(PSTR("</tr></table></br>"));
   WSContentSend_P(PSTR("\n\n"));  // Prep for SSE
   if (!TasmotaGlobal.mqtt_connected) {
-    WSContentSend_P("<div style='display:none'>{loader}</div>");
+    WSContentSend_P(PSTR("<div style='display:none'>{loader}</div>"));
   }
   WSContentEnd();
 
@@ -1186,8 +1039,6 @@ int32_t IsShutterWebButton(uint32_t idx) {
 
 void HandleConfiguration(void)
 {
-  if (!HttpCheckPriviledgedAccess()) { return; }
-
   AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_CONFIGURATION));
 
   WSContentStart_P(PSTR(D_CONFIGURATION));
@@ -1204,299 +1055,8 @@ void HandleConfiguration(void)
 
 /*-------------------------------------------------------------------------------------------*/
 
-void WSContentSendNiceLists(uint32_t option) {
-  char stemp[30];                                             // Template number and Sensor name
-  for (uint32_t i = 0; i < nitems(kGpioNiceList); i++) {  // GPIO: }2'0'>None (0)}3}2'17'>Button1 (17)}3...
-    if (option && (1 == i)) {
-      WSContentSend_P(HTTP_MODULE_TEMPLATE_REPLACE_NO_INDEX, AGPIO(GPIO_USER), PSTR(D_SENSOR_USER));  // }2'255'>User}3
-    }
-    uint32_t ridx = pgm_read_word(kGpioNiceList + i) & 0xFFE0;
-    uint32_t midx = BGPIO(ridx);
-    WSContentSend_P(HTTP_MODULE_TEMPLATE_REPLACE_NO_INDEX, ridx, GetTextIndexed(stemp, sizeof(stemp), midx, kSensorNames));
-  }
-  WSContentSend_P(PSTR("\";"));
-
-  WSContentSend_P(PSTR("hs=["));
-  uint32_t midx;
-  bool first_done = false;
-  for (uint32_t i = 0; i < nitems(kGpioNiceList); i++) {  // hs=[36,68,100,132,168,200,232,264,292,324,356,388,421,453];
-    midx = pgm_read_word(kGpioNiceList + i);
-    if (midx & 0x001F) {
-      if (first_done) { WSContentSend_P(PSTR(",")); }
-      WSContentSend_P(PSTR("%d"), midx);
-      first_done = true;
-    }
-  }
-#ifdef ESP8266
-#ifdef USE_ADC
-  for (uint32_t i = 0; i < nitems(kAdcNiceList); i++) {   // hs=[36,68,100,132,168,200,232,264,292,324,356,388,421,453];
-    midx = pgm_read_word(kAdcNiceList + i);
-    if (midx & 0x001F) {
-      if (first_done) { WSContentSend_P(PSTR(",")); }
-      WSContentSend_P(PSTR("%d"), midx);
-      first_done = true;
-    }
-  }
-#endif  // USE_ADC
-#endif  // ESP8266
-  WSContentSend_P(PSTR("];"));
-}
-
-#ifdef ESP8266
-#ifdef USE_ADC
-void WSContentSendAdcNiceList(uint32_t option) {
-  char stemp[30];                                             // Template number and Sensor name
-  WSContentSend_P(PSTR("os=\""));
-  for (uint32_t i = 0; i < nitems(kAdcNiceList); i++) {   // GPIO: }2'0'>None}3}2'17'>Analog}3...
-    if (option && (1 == i)) {
-      WSContentSend_P(HTTP_MODULE_TEMPLATE_REPLACE_NO_INDEX, AGPIO(GPIO_USER), PSTR(D_SENSOR_USER));  // }2'15'>User}3
-    }
-    uint32_t ridx = pgm_read_word(kAdcNiceList + i) & 0xFFE0;
-    uint32_t midx = BGPIO(ridx);
-    WSContentSend_P(HTTP_MODULE_TEMPLATE_REPLACE_NO_INDEX, ridx, GetTextIndexed(stemp, sizeof(stemp), midx, kSensorNames));
-  }
-}
-#endif  // USE_ADC
-#endif  // ESP8266
-
-/*-------------------------------------------------------------------------------------------*/
-
-void HandleTemplateConfiguration(void) {
-  if (!HttpCheckPriviledgedAccess()) { return; }
-
-  if (Webserver->hasArg(F("save"))) {
-    TemplateSaveSettings();
-    WebRestart(1);
-    return;
-  }
-
-  char stemp[30];                                           // Template number and Sensor name
-
-  WebGetArg(PSTR("t"), stemp, sizeof(stemp));                     // 0 - 69 Template number
-  if (strlen(stemp)) {
-    uint32_t module = atoi(stemp);
-    uint32_t module_save = Settings->module;
-    Settings->module = module;
-    myio template_gp;
-    TemplateGpios(&template_gp);
-    gpio_flag flag = ModuleFlag();
-    Settings->module = module_save;
-
-    WSContentBegin(200, CT_PLAIN);
-    WSContentSend_P(PSTR("%s}1"), AnyModuleName(module).c_str());  // NAME: Generic
-    for (uint32_t i = 0; i < nitems(template_gp.io); i++) {        // 17,148,29,149,7,255,255,255,138,255,139,255,255
-#if defined(ESP32) && CONFIG_IDF_TARGET_ESP32C3
-      // ESP32C3 we always send all GPIOs, Flash are just hidden
-      WSContentSend_P(PSTR("%s%d"), (i>0)?",":"", template_gp.io[i]);
-#else
-      if (!FlashPin(i)) {
-        WSContentSend_P(PSTR("%s%d"), (i>0)?",":"", template_gp.io[i]);
-      }
-#endif
-    }
-    WSContentSend_P(PSTR("}1%d}1%d"), flag, Settings->user_template_base);  // FLAG: 1  BASE: 17
-    WSContentEnd();
-    return;
-  }
-
-  AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_CONFIGURE_TEMPLATE));
-
-  WSContentStart_P(PSTR(D_CONFIGURE_TEMPLATE));
-  WSContentSend_P(HTTP_SCRIPT_MODULE_TEMPLATE);
-
-  WSContentSend_P(HTTP_SCRIPT_TEMPLATE);
-
-  WSContentSendNiceLists(1);
-
-  WSContentSend_P(HTTP_SCRIPT_TEMPLATE2);
-
-#ifdef ESP8266
-#ifdef USE_ADC
-  WSContentSendAdcNiceList(1);
-  WSContentSend_P(HTTP_SCRIPT_TEMPLATE3);
-#endif  // USE_ADC
-#endif  // ESP8266
-
-  WSContentSend_P(HTTP_SCRIPT_TEMPLATE4);
-  for (uint32_t i = 0; i < sizeof(kModuleNiceList); i++) {  // "}2'%d'>%s (%d)}3" - "}2'0'>Sonoff Basic (1)}3"
-    uint32_t midx = pgm_read_byte(kModuleNiceList + i);
-    WSContentSend_P(HTTP_MODULE_TEMPLATE_REPLACE_INDEX, midx, AnyModuleName(midx).c_str(), midx +1);
-  }
-  WSContentSend_P(HTTP_SCRIPT_TEMPLATE5);
-
-  WSContentSendStyle();
-  WSContentSend_P(HTTP_FORM_TEMPLATE);
-  WSContentSend_P(HTTP_TABLE100);
-  WSContentSend_P(PSTR("<tr><td><b>" D_TEMPLATE_NAME "</b></td><td style='width:200px'><input id='s1' placeholder='" D_TEMPLATE_NAME "'></td></tr>"
-                       "<tr><td><b>" D_BASE_TYPE "</b></td><td><select id='g99' onchange='st(this.value)'></select></td></tr>"
-                       "</table>"
-                       "<hr/>"));
-  WSContentSend_P(HTTP_TABLE100);
-  for (uint32_t i = 0; i < MAX_GPIO_PIN; i++) {
-#if defined(ESP32) && CONFIG_IDF_TARGET_ESP32C3
-    // ESP32C3 all gpios are in the template, flash are hidden
-    bool hidden = FlashPin(i);
-    WSContentSend_P(PSTR("<tr%s><td><b><font color='#%06x'>" D_GPIO "%d</font></b></td><td%s><select id='g%d' onchange='ot(%d,this.value)'></select></td>"),
-      hidden ? PSTR(" hidden") : "",
-      RedPin(i) ? WebColor(COL_TEXT_WARNING) : WebColor(COL_TEXT), i, (0==i) ? PSTR(" style='width:146px'") : "", i, i);
-    WSContentSend_P(PSTR("<td style='width:54px'><select id='h%d'></select></td></tr>"), i);
-#else
-    if (!FlashPin(i)) {
-      WSContentSend_P(PSTR("<tr><td><b><font color='#%06x'>" D_GPIO "%d</font></b></td><td%s><select id='g%d' onchange='ot(%d,this.value)'></select></td>"),
-        RedPin(i) ? WebColor(COL_TEXT_WARNING) : WebColor(COL_TEXT), i, (0==i) ? PSTR(" style='width:146px'") : "", i, i);
-      WSContentSend_P(PSTR("<td style='width:54px'><select id='h%d'></select></td></tr>"), i);
-    }
-#endif
-  }
-  WSContentSend_P(PSTR("</table>"));
-
-  gpio_flag flag = ModuleFlag();
-  if (flag.data) {
-    WSContentSend_P(HTTP_FORM_TEMPLATE_FLAG);
-  }
-
-  WSContentSend_P(HTTP_FORM_END);
-  WSContentSpaceButton(BUTTON_CONFIGURATION);
-  WSContentStop();
-}
-
-uint16_t WebGetGpioArg(uint32_t i) {
-  char webindex[5];                                         // WebGetArg name
-  snprintf_P(webindex, sizeof(webindex), PSTR("g%d"), i);
-  char tmp[8];                                              // WebGetArg numbers only
-  WebGetArg(webindex, tmp, sizeof(tmp));                    // GPIO
-  uint32_t gpio = (!strlen(tmp)) ? 0 : atoi(tmp);
-  char webindex2[5];                                        // WebGetArg name
-  snprintf_P(webindex2, sizeof(webindex2), PSTR("h%d"), i);
-  char tmp2[8];                                             // WebGetArg numbers only
-  WebGetArg(webindex2, tmp2, sizeof(tmp2));
-  uint32_t value2 = (!strlen(tmp2)) ? 0 : atoi(tmp2) -1;
-  gpio += value2;
-  return gpio;
-}
-
-void TemplateSaveSettings(void) {
-  char tmp[TOPSZ];                                      // WebGetArg NAME and GPIO/BASE/FLAG byte value
-  char command[300];                                    // Template command string
-
-  WebGetArg(PSTR("s1"), tmp, sizeof(tmp));              // NAME
-  snprintf_P(command, sizeof(command), PSTR(D_CMND_TEMPLATE " {\"" D_JSON_NAME "\":\"%s\",\"" D_JSON_GPIO "\":["), tmp);
-
-  uint32_t j = 0;
-  for (uint32_t i = 0; i < nitems(Settings->user_template.gp.io); i++) {
-#if defined(ESP32) && CONFIG_IDF_TARGET_ESP32C3
-    snprintf_P(command, sizeof(command), PSTR("%s%s%d"), command, (i>0)?",":"", WebGetGpioArg(i));
-#else
-    if (6 == i) { j = 9; }
-    if (8 == i) { j = 12; }
-    snprintf_P(command, sizeof(command), PSTR("%s%s%d"), command, (i>0)?",":"", WebGetGpioArg(j));
-    j++;
-#endif
-  }
-
-  uint32_t flag = 0;
-  char webindex[5];                                     // WebGetArg name
-  for (uint32_t i = 0; i < GPIO_FLAG_USED; i++) {
-    snprintf_P(webindex, sizeof(webindex), PSTR("c%d"), i);
-    uint32_t state = Webserver->hasArg(webindex) << i;  // FLAG
-    flag += state;
-  }
-  WebGetArg(PSTR("g99"), tmp, sizeof(tmp));             // BASE
-  uint32_t base = atoi(tmp) +1;
-
-  snprintf_P(command, sizeof(command), PSTR("%s],\"" D_JSON_FLAG "\":%d,\"" D_JSON_BASE "\":%d}"), command, flag, base);
-  ExecuteWebCommand(command);
-}
-
-/*-------------------------------------------------------------------------------------------*/
-
-void HandleModuleConfiguration(void) {
-  if (!HttpCheckPriviledgedAccess()) { return; }
-
-  if (Webserver->hasArg(F("save"))) {
-    ModuleSaveSettings();
-    WebRestart(1);
-    return;
-  }
-
-  AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_CONFIGURE_MODULE));
-
-  char stemp[30];  // Sensor name
-  uint32_t midx;
-  myio template_gp;
-  TemplateGpios(&template_gp);
-
-  WSContentStart_P(PSTR(D_CONFIGURE_MODULE));
-  WSContentSend_P(HTTP_SCRIPT_MODULE_TEMPLATE);
-
-  WSContentSend_P(PSTR("function sl(){os=\""));
-  uint32_t vidx = 0;
-  for (uint32_t i = 0; i <= sizeof(kModuleNiceList); i++) {  // "}2'%d'>%s (%d)}3" - "}2'255'>UserTemplate (0)}3" - "}2'0'>Sonoff Basic (1)}3"
-    if (0 == i) {
-      midx = USER_MODULE;
-      vidx = 0;
-    } else {
-      midx = pgm_read_byte(kModuleNiceList + i -1);
-      vidx = midx +1;
-    }
-    WSContentSend_P(HTTP_MODULE_TEMPLATE_REPLACE_INDEX, midx, AnyModuleName(midx).c_str(), vidx);
-  }
-  WSContentSend_P(PSTR("\";sk(%d,99);os=\""), Settings->module);
-
-  WSContentSendNiceLists(0);
-
-  for (uint32_t i = 0; i < nitems(template_gp.io); i++) {
-    if (ValidGPIO(i, template_gp.io[i])) {
-      WSContentSend_P(PSTR("sk(%d,%d);"), TasmotaGlobal.my_module.io[i], i);  // g0 - g17
-    }
-  }
-
-#ifdef ESP8266
-#ifdef USE_ADC
-  WSContentSendAdcNiceList(0);
-  WSContentSend_P(PSTR("\";sk(%d," STR(ADC0_PIN) ");"), Settings->my_gp.io[(sizeof(myio) / 2) -1]);
-#endif  // USE_ADC
-#endif  // ESP8266
-
-  WSContentSend_P(PSTR("}wl(sl);"));
-
-  WSContentSendStyle();
-  WSContentSend_P(HTTP_FORM_MODULE, AnyModuleName(MODULE).c_str());
-  for (uint32_t i = 0; i < nitems(template_gp.io); i++) {
-    if (ValidGPIO(i, template_gp.io[i])) {
-      snprintf_P(stemp, 3, PINS_WEMOS +i*2);
-      WSContentSend_P(PSTR("<tr><td style='width:116px'>%s <b>" D_GPIO "%d</b></td><td style='width:146px'><select id='g%d' onchange='ot(%d,this.value)'></select></td>"),
-        (WEMOS==TasmotaGlobal.module_type)?stemp:"", i, i, i);
-      WSContentSend_P(PSTR("<td style='width:54px'><select id='h%d'></select></td></tr>"), i);
-    }
-  }
-  WSContentSend_P(PSTR("</table>"));
-  WSContentSend_P(HTTP_FORM_END);
-  WSContentSpaceButton(BUTTON_CONFIGURATION);
-  WSContentStop();
-}
-
-void ModuleSaveSettings(void) {
-  char tmp[8];         // WebGetArg numbers only
-  WebGetArg(PSTR("g99"), tmp, sizeof(tmp));  // Module
-  uint32_t new_module = (!strlen(tmp)) ? MODULE : atoi(tmp);
-  Settings->last_module = Settings->module;
-  Settings->module = new_module;
-  SetModuleType();
-  myio template_gp;
-  TemplateGpios(&template_gp);
-  for (uint32_t i = 0; i < nitems(template_gp.io); i++) {
-    if (Settings->last_module != new_module) {
-      Settings->my_gp.io[i] = GPIO_NONE;
-    } else {
-      if (ValidGPIO(i, template_gp.io[i])) {
-        Settings->my_gp.io[i] = WebGetGpioArg(i);  // Gpio
-      }
-    }
-  }
-  char command[32];
-  snprintf_P(command, sizeof(command), PSTR(D_CMND_BACKLOG "0 " D_CMND_MODULE ";" D_CMND_GPIO));
-  ExecuteWebCommand(command);
+void HandleTest(void) {
+  Webserver->send(200, "text/plain", "Hello from esp8266 over HTTPS!");
 }
 
 /*-------------------------------------------------------------------------------------------*/
@@ -1523,8 +1083,6 @@ String HtmlEscape(const String unescaped) {
 void HandleWifiConfiguration(void) {
   char tmp[TOPSZ];  // Max length is currently 150
 
-  if (!HttpCheckPriviledgedAccess(!WifiIsInManagerMode())) { return; }
-
   AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_CONFIGURE_WIFI));
 
   if (Webserver->hasArg(F("save")) && HTTP_MANAGER_RESET_ONLY != Web.state) {
@@ -1773,156 +1331,8 @@ void WifiSaveSettings(void) {
 
 /*-------------------------------------------------------------------------------------------*/
 
-void HandleLoggingConfiguration(void) {
-  if (!HttpCheckPriviledgedAccess()) { return; }
-
-  AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_CONFIGURE_LOGGING));
-
-  if (Webserver->hasArg("save")) {
-    LoggingSaveSettings();
-    HandleConfiguration();
-    return;
-  }
-
-  WSContentStart_P(PSTR(D_CONFIGURE_LOGGING));
-  WSContentSendStyle();
-  WSContentSend_P(HTTP_FORM_LOG1);
-  char stemp1[45];
-  char stemp2[32];
-  uint8_t dlevel[4] = { LOG_LEVEL_INFO, LOG_LEVEL_INFO, LOG_LEVEL_NONE, LOG_LEVEL_NONE };
-  for (uint32_t idx = 0; idx < 4; idx++) {
-    if ((2==idx) && !Settings->flag.mqtt_enabled) { continue; }  // SetOption3 - Enable MQTT
-    uint32_t llevel = (0==idx)?Settings->seriallog_level:(1==idx)?Settings->weblog_level:(2==idx)?Settings->mqttlog_level:Settings->syslog_level;
-    WSContentSend_P(PSTR("<p><b>%s</b> (%s)<br><select id='l%d'>"),
-      GetTextIndexed(stemp1, sizeof(stemp1), idx, kLoggingOptions),
-      GetTextIndexed(stemp2, sizeof(stemp2), dlevel[idx], kLoggingLevels),
-      idx);
-    for (uint32_t i = LOG_LEVEL_NONE; i <= LOG_LEVEL_DEBUG_MORE; i++) {
-      WSContentSend_P(PSTR("<option%s value='%d'>%d %s</option>"),
-        (i == llevel) ? PSTR(" selected") : "", i, i,
-        GetTextIndexed(stemp1, sizeof(stemp1), i, kLoggingLevels));
-    }
-    WSContentSend_P(PSTR("</select></p>"));
-  }
-  WSContentSend_P(HTTP_FORM_LOG2, SettingsText(SET_SYSLOG_HOST), Settings->syslog_port, Settings->tele_period);
-  WSContentSend_P(HTTP_FORM_END);
-  WSContentSpaceButton(BUTTON_CONFIGURATION);
-  WSContentStop();
-}
-
-void LoggingSaveSettings(void) {
-  String cmnd = F(D_CMND_BACKLOG "0 ");
-  cmnd += AddWebCommand(PSTR(D_CMND_SERIALLOG), PSTR("l0"), STR(SERIAL_LOG_LEVEL));
-  cmnd += AddWebCommand(PSTR(D_CMND_WEBLOG), PSTR("l1"), STR(WEB_LOG_LEVEL));
-  cmnd += AddWebCommand(PSTR(D_CMND_MQTTLOG), PSTR("l2"), STR(MQTT_LOG_LEVEL));
-  cmnd += AddWebCommand(PSTR(D_CMND_SYSLOG), PSTR("l3"), STR(SYS_LOG_LEVEL));
-  cmnd += AddWebCommand(PSTR(D_CMND_LOGHOST), PSTR("lh"), PSTR("1"));
-  cmnd += AddWebCommand(PSTR(D_CMND_LOGPORT), PSTR("lp"), PSTR("1"));
-  cmnd += AddWebCommand(PSTR(D_CMND_TELEPERIOD), PSTR("lt"), PSTR("1"));
-  ExecuteWebCommand((char*)cmnd.c_str());
-}
-
-/*-------------------------------------------------------------------------------------------*/
-
-void HandleOtherConfiguration(void) {
-  if (!HttpCheckPriviledgedAccess()) { return; }
-
-  AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_CONFIGURE_OTHER));
-
-  if (Webserver->hasArg(F("save"))) {
-    OtherSaveSettings();
-    WebRestart(1);
-    return;
-  }
-
-  WSContentStart_P(PSTR(D_CONFIGURE_OTHER));
-  WSContentSendStyle();
-
-  TemplateJson();
-#ifdef MQTT_DATA_STRING
-  WSContentSend_P(HTTP_FORM_OTHER, TasmotaGlobal.mqtt_data.c_str(), (USER_MODULE == Settings->module) ? PSTR(" checked disabled") : "",
-#else
-  WSContentSend_P(HTTP_FORM_OTHER, TasmotaGlobal.mqtt_data, (USER_MODULE == Settings->module) ? PSTR(" checked disabled") : "",
-#endif
-    (Settings->flag.mqtt_enabled) ? PSTR(" checked") : "",   // SetOption3 - Enable MQTT
-    SettingsText(SET_FRIENDLYNAME1), SettingsText(SET_DEVICENAME));
-
-  char stemp[32];
-  uint32_t maxfn = (TasmotaGlobal.devices_present > MAX_FRIENDLYNAMES) ? MAX_FRIENDLYNAMES : (!TasmotaGlobal.devices_present) ? 1 : TasmotaGlobal.devices_present;
-#ifdef USE_SONOFF_IFAN
-  if (IsModuleIfan()) { maxfn = 1; }
-#endif  // USE_SONOFF_IFAN
-  for (uint32_t i = 0; i < maxfn; i++) {
-    snprintf_P(stemp, sizeof(stemp), PSTR("%d"), i +1);
-    WSContentSend_P(PSTR("<b>" D_FRIENDLY_NAME " %d</b> (" FRIENDLY_NAME "%s)<br><input id='a%d' placeholder=\"" FRIENDLY_NAME "%s\" value=\"%s\"><p></p>"),
-      i +1,
-      (i) ? stemp : "",
-      i,
-      (i) ? stemp : "",
-      SettingsText(SET_FRIENDLYNAME1 + i));
-  }
-
-#ifdef USE_EMULATION
-#if defined(USE_EMULATION_WEMO) || defined(USE_EMULATION_HUE)
-  WSContentSend_P(PSTR("<p></p><fieldset><legend><b>&nbsp;" D_EMULATION "&nbsp;</b></legend><p>"));  // Keep close to Friendlynames so do not use <br>
-  for (uint32_t i = 0; i < EMUL_MAX; i++) {
-#ifndef USE_EMULATION_WEMO
-    if (i == EMUL_WEMO) { i++; }
-#endif
-#ifndef USE_EMULATION_HUE
-    if (i == EMUL_HUE) { i++; }
-#endif
-    if (i < EMUL_MAX) {
-      WSContentSend_P(PSTR("<input id='r%d' name='b2' type='radio' value='%d'%s><b>%s</b> %s<br>"),  // Different id only used for labels
-        i, i,
-        (i == Settings->flag2.emulation) ? PSTR(" checked") : "",
-        GetTextIndexed(stemp, sizeof(stemp), i, kEmulationOptions),
-        (i == EMUL_NONE) ? "" : (i == EMUL_WEMO) ? PSTR(D_SINGLE_DEVICE) : PSTR(D_MULTI_DEVICE));
-    }
-  }
-  WSContentSend_P(PSTR("</p></fieldset>"));
-#endif  // USE_EMULATION_WEMO || USE_EMULATION_HUE
-#endif  // USE_EMULATION
-
-  WSContentSend_P(HTTP_FORM_END);
-  WSContentSpaceButton(BUTTON_CONFIGURATION);
-  WSContentStop();
-}
-
-void OtherSaveSettings(void) {
-  String cmnd = F(D_CMND_BACKLOG "0 ");
-  cmnd += AddWebCommand(PSTR(D_CMND_WEBPASSWORD "2"), PSTR("wp"), PSTR("\""));
-  cmnd += F(";" D_CMND_SO "3 ");
-  cmnd += Webserver->hasArg(F("b1"));
-  cmnd += AddWebCommand(PSTR(D_CMND_DEVICENAME), PSTR("dn"), PSTR("\""));
-  char webindex[5];
-  char cmnd2[24];                             // ";Module 0;Template "
-  for (uint32_t i = 0; i < MAX_FRIENDLYNAMES; i++) {
-    snprintf_P(webindex, sizeof(webindex), PSTR("a%d"), i);
-    snprintf_P(cmnd2, sizeof(cmnd2), PSTR(D_CMND_FN "%d"), i +1);
-    cmnd += AddWebCommand(cmnd2, webindex, PSTR("\""));
-  }
-
-#ifdef USE_EMULATION
-#if defined(USE_EMULATION_WEMO) || defined(USE_EMULATION_HUE)
-  cmnd += AddWebCommand(PSTR(D_CMND_EMULATION), PSTR("b2"), PSTR("0"));
-#endif  // USE_EMULATION_WEMO || USE_EMULATION_HUE
-#endif  // USE_EMULATION
-
-  String tmpl = Webserver->arg(F("t1"));    // {"NAME":"12345678901234","GPIO":[255,255,255,255,255,255,255,255,255,255,255,255,255],"FLAG":255,"BASE":255,"CMND":"SO123 1;SO99 0"}
-  if (tmpl.length() && (tmpl.length() < MQTT_MAX_PACKET_SIZE)) {
-    snprintf_P(cmnd2, sizeof(cmnd2), PSTR(";%s" D_CMND_TEMPLATE " "), (Webserver->hasArg(F("t2"))) ? PSTR(D_CMND_MODULE " 0;") : "");
-    cmnd += cmnd2 + tmpl;
-  }
-  ExecuteWebCommand((char*)cmnd.c_str());
-}
-
-/*-------------------------------------------------------------------------------------------*/
-
 void HandleBackupConfiguration(void)
 {
-  if (!HttpCheckPriviledgedAccess()) { return; }
-
   AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_BACKUP_CONFIGURATION));
 
   uint32_t config_len = SettingsConfigBackup();
@@ -1945,8 +1355,6 @@ void HandleBackupConfiguration(void)
 
 void HandleResetConfiguration(void)
 {
-  if (!HttpCheckPriviledgedAccess(!WifiIsInManagerMode())) { return; }
-
   AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_RESET_CONFIGURATION));
 
   WSContentStart_P(PSTR(D_RESET_CONFIGURATION), !WifiIsInManagerMode());
@@ -1963,8 +1371,6 @@ void HandleResetConfiguration(void)
 
 void HandleFactoryResetConfiguration(void)
 {
-  if (!HttpCheckPriviledgedAccess(!WifiIsInManagerMode())) { return; }
-
   AddLog(LOG_LEVEL_DEBUG, PSTR("공장 초기화 중..."));
 
   WSContentStart_P(PSTR("공장 초기화"), !WifiIsInManagerMode());
@@ -1981,8 +1387,6 @@ void HandleFactoryResetConfiguration(void)
 
 void HandleRestoreConfiguration(void)
 {
-  if (!HttpCheckPriviledgedAccess()) { return; }
-
   AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_RESTORE_CONFIGURATION));
 
   WSContentStart_P(PSTR(D_RESTORE_CONFIGURATION));
@@ -2003,8 +1407,6 @@ void HandleRestoreConfiguration(void)
 
 void HandleInformation(void)
 {
-  if (!HttpCheckPriviledgedAccess()) { return; }
-
   float freemem = ((float)ESP_getFreeHeap()) / 1024;
   AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_INFORMATION));
 
@@ -2138,8 +1540,8 @@ void HandleInformation(void)
   WSContentSend_PD(PSTR("}1" D_FREE_MEMORY "}2%1_f kB"), &freemem);
 #endif // ESP32
   WSContentSend_P(PSTR("</td></tr></table>"));
-  WSContentSend_P("\";s=o.replace(/}1/g,\"</td></tr><tr><th>\").replace(/}2/g,\"</th><td>\");eb('hide').innerHTML=s;}wl(hide);</script>");
-  WSContentSend_P("<div id='hide' name='hide'></div>");
+  WSContentSend_P(PSTR("\";s=o.replace(/}1/g,\"</td></tr><tr><th>\").replace(/}2/g,\"</th><td>\");eb('hide').innerHTML=s;}wl(hide);</script>"));
+  WSContentSend_P(PSTR("<div id='hide' name='hide'></div>"));
   WSContentSend_P(PSTR("</div>"));
 
   WSContentSpaceButton(BUTTON_MAIN);
@@ -2196,8 +1598,6 @@ uint32_t BUploadWriteBuffer(uint8_t *buf, size_t size) {
 #endif  // USE_WEB_FW_UPGRADE
 
 void HandleUpgradeFirmware(void) {
-  if (!HttpCheckPriviledgedAccess()) { return; }
-
   AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_FIRMWARE_UPGRADE));
 
   WSContentStart_P(PSTR(D_FIRMWARE_UPGRADE));
@@ -2211,8 +1611,6 @@ void HandleUpgradeFirmware(void) {
 }
 
 void HandleUpgradeFirmwareStart(void) {
-  if (!HttpCheckPriviledgedAccess()) { return; }
-
   char command[TOPSZ + 10];  // OtaUrl
 
   AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_UPGRADE_STARTED));
@@ -2238,8 +1636,6 @@ void HandleUpgradeFirmwareStart(void) {
 }
 
 void HandleUploadDone(void) {
-  if (!HttpCheckPriviledgedAccess()) { return; }
-
 #if defined(USE_ZIGBEE_EZSP)
   if ((UPL_EFR32 == Web.upload_file_type) && !Web.upload_error && BUpload.ready) {
     BUpload.ready = false;  //  Make sure not to follow thru again
@@ -2578,25 +1974,8 @@ void HandlePreflightRequest(void)
 
 void HandleHttpCommand(void)
 {
-  if (!HttpCheckPriviledgedAccess(false)) { return; }
-
   AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_COMMAND));
 
-  if (!WebAuthenticate()) {
-    // Prefer authorization via HTTP header (Basic auth), if it fails, use legacy method via GET parameters
-    char tmp1[33];
-    WebGetArg(PSTR("user"), tmp1, sizeof(tmp1));
-    char tmp2[strlen(SettingsText(SET_WEBPWD)) + 2];  // Need space for an entered password longer than set password
-    WebGetArg(PSTR("password"), tmp2, sizeof(tmp2));
-
-    if (!(!strcmp(tmp1, WEB_USERNAME) && !strcmp(tmp2, SettingsText(SET_WEBPWD)))) {
-      WSContentBegin(401, CT_APP_JSON);
-      WSContentSend_P(PSTR("{\"" D_RSLT_WARNING "\":\"" D_NEED_USER_AND_PASSWORD "\"}"));
-      WSContentEnd();
-      return;
-    }
-  }
-
   WSContentBegin(200, CT_APP_JSON);
   String svalue = Webserver->arg(F("cmnd"));
   if (svalue.length() && (svalue.length() < MQTT_MAX_PACKET_SIZE)) {
@@ -2626,80 +2005,6 @@ void HandleHttpCommand(void)
   WSContentEnd();
 }
 
-/*-------------------------------------------------------------------------------------------*/
-
-void HandleManagement(void)
-{
-  if (!HttpCheckPriviledgedAccess()) { return; }
-
-  AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_MANAGEMENT));
-
-  WSContentStart_P(PSTR(D_MANAGEMENT));
-  WSContentSendStyle();
-
-  WSContentButton(BUTTON_CONSOLE);
-
-  XdrvMailbox.index = 0;
-  XdrvCall(FUNC_WEB_ADD_CONSOLE_BUTTON);
-  XsnsCall(FUNC_WEB_ADD_CONSOLE_BUTTON);
-
-  WSContentSend_P(PSTR("<div></div>"));            // 5px padding
-  XdrvCall(FUNC_WEB_ADD_MANAGEMENT_BUTTON);
-
-  WSContentSpaceButton(BUTTON_MAIN);
-  WSContentStop();
-}
-
-void HandleConsole(void)
-{
-  if (!HttpCheckPriviledgedAccess()) { return; }
-
-  if (Webserver->hasArg(F("c2"))) {      // Console refresh requested
-    HandleConsoleRefresh();
-    return;
-  }
-
-  AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_CONSOLE));
-
-  WSContentStart_P(PSTR(D_CONSOLE));
-  WSContentSend_P(HTTP_SCRIPT_CONSOL, Settings->web_refresh);
-  WSContentSendStyle();
-  WSContentSend_P(HTTP_FORM_CMND);
-  WSContentSpaceButton((WebUseManagementSubmenu()) ? BUTTON_MANAGEMENT : BUTTON_MAIN);
-  WSContentStop();
-}
-
-void HandleConsoleRefresh(void)
-{
-  String svalue = Webserver->arg(F("c1"));
-  if (svalue.length() && (svalue.length() < MQTT_MAX_PACKET_SIZE)) {
-    AddLog(LOG_LEVEL_INFO, PSTR(D_LOG_COMMAND "%s"), svalue.c_str());
-    ExecuteWebCommand((char*)svalue.c_str(), SRC_WEBCONSOLE);
-  }
-
-  char stmp[8];
-  WebGetArg(PSTR("c2"), stmp, sizeof(stmp));
-  uint32_t index = 0;                // Initial start, dump all
-  if (strlen(stmp)) { index = atoi(stmp); }
-
-  WSContentBegin(200, CT_PLAIN);
-  WSContentSend_P(PSTR("%d}1%d}1"), TasmotaGlobal.log_buffer_pointer, Web.reset_web_log_flag);
-  if (!Web.reset_web_log_flag) {
-    index = 0;
-    Web.reset_web_log_flag = true;
-  }
-  bool cflg = (index);
-  char* line;
-  size_t len;
-  while (GetLog(Settings->weblog_level, &index, &line, &len)) {
-    if (cflg) { WSContentSend_P(PSTR("\n")); }
-    WSContentSend(line, len -1);
-    cflg = true;
-  }
-  WSContentSend_P(PSTR("}1"));
-  WSContentEnd();
-}
-
 /********************************************************************************************/
 
 void HandleNotFound(void)
@@ -2909,7 +2214,7 @@ const char kWebCommands[] PROGMEM = "|"  // No prefix
 #if defined(USE_SENDMAIL) || defined(USE_ESP32MAIL)
   D_CMND_SENDMAIL "|"
 #endif
-  D_CMND_WEBSERVER "|" D_CMND_WEBPASSWORD "|" D_CMND_WEBLOG "|" D_CMND_WEBREFRESH "|" D_CMND_WEBSEND "|" D_CMND_WEBCOLOR "|"
+  D_CMND_WEBSERVER "|" D_CMND_WEBREFRESH "|" D_CMND_WEBSEND "|"
   D_CMND_WEBSENSOR "|" D_CMND_WEBBUTTON "|" D_CMND_CORS;
 
 void (* const WebCommand[])(void) PROGMEM = {
@@ -2919,7 +2224,7 @@ void (* const WebCommand[])(void) PROGMEM = {
 #if defined(USE_SENDMAIL) || defined(USE_ESP32MAIL)
   &CmndSendmail,
 #endif
-  &CmndWebServer, &CmndWebPassword, &CmndWeblog, &CmndWebRefresh, &CmndWebSend, &CmndWebColor,
+  &CmndWebServer, &CmndWebRefresh, &CmndWebSend,
   &CmndWebSensor, &CmndWebButton, &CmndCors };
 
 /*********************************************************************************************\
@@ -2973,30 +2278,6 @@ void CmndWebServer(void)
   }
 }
 
-void CmndWebPassword(void)
-{
-  bool show_asterisk = (2 == XdrvMailbox.index);
-  if (XdrvMailbox.data_len > 0) {
-    SettingsUpdateText(SET_WEBPWD, (SC_CLEAR == Shortcut()) ? "" : (SC_DEFAULT == Shortcut()) ? WEB_PASSWORD : XdrvMailbox.data);
-    if (!show_asterisk) {
-      ResponseCmndChar(SettingsText(SET_WEBPWD));
-    }
-  } else {
-    show_asterisk = true;
-  }
-  if (show_asterisk) {
-    Response_P(S_JSON_COMMAND_ASTERISK, XdrvMailbox.command);
-  }
-}
-
-void CmndWeblog(void)
-{
-  if ((XdrvMailbox.payload >= LOG_LEVEL_NONE) && (XdrvMailbox.payload <= LOG_LEVEL_DEBUG_MORE)) {
-    Settings->weblog_level = XdrvMailbox.payload;
-  }
-  ResponseCmndNumber(Settings->weblog_level);
-}
-
 void CmndWebRefresh(void)
 {
   if ((XdrvMailbox.payload > 999) && (XdrvMailbox.payload <= 65000)) {
@@ -3014,31 +2295,6 @@ void CmndWebSend(void)
   }
 }
 
-void CmndWebColor(void)
-{
-  if (XdrvMailbox.data_len > 0) {
-    if (strchr(XdrvMailbox.data, '{') == nullptr) {  // If no JSON it must be parameter
-      if ((XdrvMailbox.data_len > 3) && (XdrvMailbox.index > 0) && (XdrvMailbox.index <= COL_LAST)) {
-        WebHexCode(XdrvMailbox.index -1, XdrvMailbox.data);
-      }
-      else if (0 == XdrvMailbox.payload) {
-        SettingsDefaultWebColor();
-      }
-    }
-    else {
-#ifndef FIRMWARE_MINIMAL      // if tasmota-minimal, read only and don't parse JSON
-      JsonWebColor(XdrvMailbox.data);
-#endif // FIRMWARE_MINIMAL
-    }
-  }
-  Response_P(PSTR("{\"" D_CMND_WEBCOLOR "\":["));
-  for (uint32_t i = 0; i < COL_LAST; i++) {
-    if (i) { ResponseAppend_P(PSTR(",")); }
-    ResponseAppend_P(PSTR("\"#%06x\""), WebColor(i));
-  }
-  ResponseAppend_P(PSTR("]}"));
-}
-
 void CmndWebSensor(void)
 {
   if (XdrvMailbox.index < MAX_XSNS_DRIVERS) {
diff --git a/tasmota/xdrv_02_9_mqtt.ino b/tasmota/xdrv_02_9_mqtt.ino
index 70f830f7c6b4..4200ce47d591 100644
--- a/tasmota/xdrv_02_9_mqtt.ino
+++ b/tasmota/xdrv_02_9_mqtt.ino
@@ -1852,8 +1852,6 @@ const char HTTP_FORM_MQTT2[] PROGMEM =
 
 void HandleMqttConfiguration(void)
 {
-  if (!HttpCheckPriviledgedAccess()) { return; }
-
   AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_CONFIGURE_MQTT));
 
   if (Webserver->hasArg(F("save"))) {
@@ -1924,7 +1922,7 @@ bool Xdrv02(uint8_t function)
         result = DecodeCommand(kMqttCommands, MqttCommand, kMqttSynonyms);
         break;
       case FUNC_PRE_INIT:
-        MqttInit();
+        //MqttInit();
         break;
     }
   }

From c0bf28477181d957064d54b5dd4eb6f8851ecf86 Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Sun, 22 Aug 2021 22:45:03 +0900
Subject: [PATCH 05/19] =?UTF-8?q?refactor:=20=ED=95=84=EC=9A=94=EC=97=86?=
 =?UTF-8?q?=EB=8A=94=20=EA=B8=B0=EB=8A=A5=20=EC=A0=9C=EA=B1=B0=20=EB=B0=8F?=
 =?UTF-8?q?=20=EB=B2=84=ED=8D=BC=20=EC=82=AC=EC=9D=B4=EC=A6=88=20=EC=B6=95?=
 =?UTF-8?q?=EC=86=8C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tasmota/settings.h          |  3 +--
 tasmota/settings.ino        |  2 --
 tasmota/support.ino         |  3 +--
 tasmota/support_command.ino | 32 +++-----------------------------
 tasmota/support_tasmota.ino |  3 ---
 tasmota/tasmota.h           | 21 +++++++++++----------
 tasmota/tasmota_globals.h   |  2 +-
 7 files changed, 17 insertions(+), 49 deletions(-)

diff --git a/tasmota/settings.h b/tasmota/settings.h
index 075759b716b3..7a9a50367de4 100644
--- a/tasmota/settings.h
+++ b/tasmota/settings.h
@@ -436,7 +436,7 @@ typedef union {
 } DisplayOptions;
 
 const uint32_t settings_text_size = 699;   // Settings->text_pool[size] = Settings->display_model (2D2) - Settings->text_pool (017)
-const uint8_t MAX_TUYA_FUNCTIONS = 16;
+const uint8_t MAX_TUYA_FUNCTIONS = 1;
 
 typedef struct {
   uint16_t      cfg_holder;                // 000  v6 header
@@ -689,7 +689,6 @@ typedef struct {
   uint16_t      syslog_port;               // ECA
   uint8_t       syslog_level;              // ECC
   uint8_t       webserver;                 // ECD
-  uint8_t       weblog_level;              // ECE
   uint8_t       mqtt_fingerprint[2][20];   // ECF
 
   uint8_t       ex_adc_param_type;         // EF7  Free since 9.0.0.1
diff --git a/tasmota/settings.ino b/tasmota/settings.ino
index 5569f2debf37..2820c6ba1d86 100644
--- a/tasmota/settings.ino
+++ b/tasmota/settings.ino
@@ -877,8 +877,6 @@ void SettingsDefaultSet2(void) {
   flag3.gui_hostname_ip |= GUI_SHOW_HOSTNAME;
   flag3.mdns_enabled |= MDNS_ENABLED;
   Settings->webserver = WEB_SERVER;
-  Settings->weblog_level = WEB_LOG_LEVEL;
-  SettingsUpdateText(SET_WEBPWD, PSTR(WEB_PASSWORD));
   SettingsUpdateText(SET_CORS, PSTR(CORS_DOMAIN));
 
   // Button
diff --git a/tasmota/support.ino b/tasmota/support.ino
index 16852a5657bf..5c513a232b16 100644
--- a/tasmota/support.ino
+++ b/tasmota/support.ino
@@ -2360,8 +2360,7 @@ void AddLogData(uint32_t loglevel, const char* log_data, const char* log_data_pa
 
   if (!TasmotaGlobal.log_buffer) { return; }  // Leave now if there is no buffer available
 
-  uint32_t highest_loglevel = Settings->weblog_level;
-  if (Settings->mqttlog_level > highest_loglevel) { highest_loglevel = Settings->mqttlog_level; }
+  uint32_t highest_loglevel = Settings->mqttlog_level;
   if (TasmotaGlobal.syslog_level > highest_loglevel) { highest_loglevel = TasmotaGlobal.syslog_level; }
   if (TasmotaGlobal.templog_level > highest_loglevel) { highest_loglevel = TasmotaGlobal.templog_level; }
   if (TasmotaGlobal.uptime < 3) { highest_loglevel = LOG_LEVEL_DEBUG_MORE; }  // Log all before setup correct log level
diff --git a/tasmota/support_command.ino b/tasmota/support_command.ino
index 0fa0370d664b..409b7d51fc6c 100644
--- a/tasmota/support_command.ino
+++ b/tasmota/support_command.ino
@@ -52,7 +52,7 @@ void (* const TasmotaCommand[])(void) PROGMEM = {
   &CmndVoltageResolution, &CmndFrequencyResolution, &CmndCurrentResolution, &CmndEnergyResolution, &CmndWeightResolution,
   &CmndModule, &CmndModules, &CmndGpio, &CmndGpios, &CmndTemplate, &CmndPwm, &CmndPwmfrequency, &CmndPwmrange,
   &CmndButtonDebounce, &CmndSwitchDebounce, &CmndSyslog, &CmndLoghost, &CmndLogport,
-  &CmndSerialBuffer, &CmndSerialSend, &CmndBaudrate, &CmndSerialConfig, &CmndSerialDelimiter,
+  &CmndSerialSend, &CmndBaudrate, &CmndSerialConfig, &CmndSerialDelimiter,
   &CmndIpAddress, &CmndNtpServer, &CmndAp, &CmndSsid, &CmndPassword, &CmndHostname, &CmndWifiConfig, &CmndWifi,
   &CmndDevicename, &CmndFriendlyname, &CmndFriendlyname, &CmndSwitchMode, &CmndInterlock, &CmndTeleperiod, &CmndReset, &CmndTime, &CmndTimezone, &CmndTimeStd,
   &CmndTimeDst, &CmndAltitude, &CmndLedPower, &CmndLedState, &CmndLedMask, &CmndLedPwmOn, &CmndLedPwmOff, &CmndLedPwmMode,
@@ -525,10 +525,10 @@ void CmndStatus(void)
   }
 
   if ((0 == payload) || (3 == payload)) {
-    Response_P(PSTR("{\"" D_CMND_STATUS D_STATUS3_LOGGING "\":{\"" D_CMND_SERIALLOG "\":%d,\"" D_CMND_WEBLOG "\":%d,\"" D_CMND_MQTTLOG "\":%d,\"" D_CMND_SYSLOG "\":%d,\""
+    Response_P(PSTR("{\"" D_CMND_STATUS D_STATUS3_LOGGING "\":{\"" D_CMND_SERIALLOG "\":%d,\"" D_CMND_MQTTLOG "\":%d,\"" D_CMND_SYSLOG "\":%d,\""
                           D_CMND_LOGHOST "\":\"%s\",\"" D_CMND_LOGPORT "\":%d,\"" D_CMND_SSID "\":[\"%s\",\"%s\"],\"" D_CMND_TELEPERIOD "\":%d,\""
                           D_JSON_RESOLUTION "\":\"%08X\",\"" D_CMND_SETOPTION "\":[\"%08X\",\"%s\",\"%08X\",\"%08X\",\"%08X\"]}}"),
-                          Settings->seriallog_level, Settings->weblog_level, Settings->mqttlog_level, Settings->syslog_level,
+                          Settings->seriallog_level, Settings->mqttlog_level, Settings->syslog_level,
                           SettingsText(SET_SYSLOG_HOST), Settings->syslog_port, EscapeJSONString(SettingsText(SET_STASSID1)).c_str(), EscapeJSONString(SettingsText(SET_STASSID2)).c_str(), Settings->tele_period,
                           Settings->flag2.data, Settings->flag.data, ToHex_P((unsigned char*)Settings->param, PARAM8_SIZE, stemp2, sizeof(stemp2)),
                           Settings->flag3.data, Settings->flag4.data, Settings->flag5.data);
@@ -1543,32 +1543,6 @@ void CmndSerialConfig(void)
   ResponseCmndChar(GetSerialConfig().c_str());
 }
 
-void CmndSerialBuffer(void) {
-  // Allow non-pesistent serial receive buffer size change
-  //   between 256 (default) and 520 (INPUT_BUFFER_SIZE) characters
-  size_t size = 0;
-  if (XdrvMailbox.data_len > 0) {
-    size = XdrvMailbox.payload;
-    if (XdrvMailbox.payload < 256) {
-      size = 256;
-    }
-    if ((1 == XdrvMailbox.payload) || (XdrvMailbox.payload > INPUT_BUFFER_SIZE)) {
-      size = INPUT_BUFFER_SIZE;
-    }
-    Serial.setRxBufferSize(size);
-  }
-#ifdef ESP8266
-  ResponseCmndNumber(Serial.getRxBufferSize());
-#endif
-#ifdef ESP32
-  if (size) {
-    ResponseCmndNumber(size);
-  } else {
-    ResponseCmndDone();
-  }
-#endif
-}
-
 void CmndSerialSend(void)
 {
   if ((XdrvMailbox.index > 0) && (XdrvMailbox.index <= 6)) {
diff --git a/tasmota/support_tasmota.ino b/tasmota/support_tasmota.ino
index ceea8d4833b3..0c7fdd453eea 100644
--- a/tasmota/support_tasmota.ino
+++ b/tasmota/support_tasmota.ino
@@ -1378,9 +1378,6 @@ void ArduinoOTAInit(void)
 {
   ArduinoOTA.setPort(8266);
   ArduinoOTA.setHostname(NetworkHostname());
-  if (strlen(SettingsText(SET_WEBPWD))) {
-    ArduinoOTA.setPassword(SettingsText(SET_WEBPWD));
-  }
 
   ArduinoOTA.onStart([]()
   {
diff --git a/tasmota/tasmota.h b/tasmota/tasmota.h
index b0dde1876b92..8c22c25c1972 100644
--- a/tasmota/tasmota.h
+++ b/tasmota/tasmota.h
@@ -64,10 +64,10 @@ const uint8_t MAX_PWMS = 5;                 // Max number of PWM channels
 const uint8_t MAX_COUNTERS = 4;             // Max number of counter sensors
 const uint8_t MAX_TIMERS = 16;              // Max number of Timers
 const uint8_t MAX_PULSETIMERS = 8;          // Max number of supported pulse timers
-const uint8_t MAX_DOMOTICZ_IDX = 4;         // Max number of Domoticz device, key and switch indices
-const uint8_t MAX_DOMOTICZ_SNS_IDX = 12;    // Max number of Domoticz sensors indices
-const uint8_t MAX_KNX_GA = 10;              // Max number of KNX Group Addresses to read that can be set
-const uint8_t MAX_KNX_CB = 10;              // Max number of KNX Group Addresses to write that can be set
+const uint8_t MAX_DOMOTICZ_IDX = 1;         // Max number of Domoticz device, key and switch indices
+const uint8_t MAX_DOMOTICZ_SNS_IDX = 1;    // Max number of Domoticz sensors indices
+const uint8_t MAX_KNX_GA = 1;              // Max number of KNX Group Addresses to read that can be set
+const uint8_t MAX_KNX_CB = 1;              // Max number of KNX Group Addresses to write that can be set
 const uint8_t MAX_XNRG_DRIVERS = 32;        // Max number of allowed energy drivers
 const uint8_t MAX_XDSP_DRIVERS = 32;        // Max number of allowed display drivers
 const uint8_t MAX_XDRV_DRIVERS = 96;        // Max number of allowed driver drivers
@@ -78,7 +78,7 @@ const uint8_t MAX_SHUTTER_RELAYS = 8;       // Max number of shutter relays
 const uint8_t MAX_SHUTTER_KEYS = 4;         // Max number of shutter keys or buttons
 const uint8_t MAX_PCF8574 = 4;              // Max number of PCF8574 devices
 const uint8_t MAX_RULE_SETS = 3;            // Max number of rule sets of size 512 characters
-const uint16_t MAX_RULE_SIZE = 512;         // Max number of characters in rules
+const uint16_t MAX_RULE_SIZE = 1;         // Max number of characters in rules
 const uint16_t VL53L0X_MAX_SENSORS = 8;     // Max number of VL53L0X sensors
 
 #ifdef ESP32
@@ -123,6 +123,8 @@ const char WIFI_HOSTNAME[] = "ZIGBANG";     // Expands to <MQTT_TOPIC>-<last 4 d
 const uint8_t CONFIG_FILE_SIGN = 0xA5;      // Configuration file signature
 const uint8_t CONFIG_FILE_XOR = 0x5A;       // Configuration file xor (0 = No Xor)
 
+const uint8_t INPUT_BUFFER_SIZE = 100;     // Max number of characters in serial command buffer
+
 const uint32_t HLW_PREF_PULSE = 12530;      // was 4975us = 201Hz = 1000W
 const uint32_t HLW_UREF_PULSE = 1950;       // was 1666us = 600Hz = 220V
 const uint32_t HLW_IREF_PULSE = 3500;       // was 1666us = 600Hz = 4.545A
@@ -163,17 +165,16 @@ const uint8_t OTA_ATTEMPTS = 10;            // Number of times to try fetching t
 const uint8_t OTA_ATTEMPTS = 5;             // Number of times to try fetching the new firmware
 #endif  // ESP8266
 
-const uint16_t INPUT_BUFFER_SIZE = 520;     // Max number of characters in serial command buffer
 const uint16_t FLOATSZ = 16;                // Max number of characters in float result from dtostrfd (max 32)
 const uint16_t CMDSZ = 24;                  // Max number of characters in command
-const uint16_t TOPSZ = 151;                 // Max number of characters in topic string
+const uint16_t TOPSZ = 100;                 // Max number of characters in topic string
 
 #ifdef ESP8266
 #ifdef PIO_FRAMEWORK_ARDUINO_MMU_CACHE16_IRAM48_SECHEAP_SHARED
 const uint16_t LOG_BUFFER_SIZE = 4096;      // Max number of characters in logbuffer used by weblog, syslog and mqttlog
 //const uint16_t LOG_BUFFER_SIZE = 6144;      // Max number of characters in logbuffer used by weblog, syslog and mqttlog
 #else
-const uint16_t LOG_BUFFER_SIZE = 4096;      // Max number of characters in logbuffer used by weblog, syslog and mqttlog
+const uint16_t LOG_BUFFER_SIZE = 1024;      // Max number of characters in logbuffer used by weblog, syslog and mqttlog
 #endif  // PIO_FRAMEWORK_ARDUINO_MMU_CACHE16_IRAM48_SECHEAP_SHARED
 #else   // Not ESP8266
 const uint16_t LOG_BUFFER_SIZE = 6144;      // Max number of characters in logbuffer used by weblog, syslog and mqttlog
@@ -187,7 +188,7 @@ const uint16_t MAX_LOGSZ = 700;             // Max number of characters in log l
 
 const uint8_t SENSOR_MAX_MISS = 5;          // Max number of missed sensor reads before deciding it's offline
 
-const uint8_t MAX_BACKLOG = 30;             // Max number of commands in backlog
+const uint8_t MAX_BACKLOG = 10;             // Max number of commands in backlog
 const uint32_t MIN_BACKLOG_DELAY = 200;     // Minimal backlog delay in mSeconds
 
 const uint32_t SOFT_BAUDRATE = 9600;        // Default software serial baudrate
@@ -329,7 +330,7 @@ enum XsnsFunctions {FUNC_SETTINGS_OVERRIDE, FUNC_PIN_STATE, FUNC_MODULE_INIT, FU
                     FUNC_SET_POWER, FUNC_SET_DEVICE_POWER, FUNC_SHOW_SENSOR, FUNC_ANY_KEY,
                     FUNC_ENERGY_EVERY_SECOND, FUNC_ENERGY_RESET,
                     FUNC_RULES_PROCESS, FUNC_TELEPERIOD_RULES_PROCESS, FUNC_SERIAL, FUNC_FREE_MEM, FUNC_BUTTON_PRESSED,
-                    FUNC_WEB_ADD_BUTTON, FUNC_WEB_ADD_CONSOLE_BUTTON, FUNC_WEB_ADD_MANAGEMENT_BUTTON, FUNC_WEB_ADD_MAIN_BUTTON,
+                    FUNC_WEB_ADD_BUTTON, FUNC_WEB_ADD_MANAGEMENT_BUTTON, FUNC_WEB_ADD_MAIN_BUTTON,
                     FUNC_WEB_ADD_HANDLER, FUNC_SET_CHANNELS, FUNC_SET_SCHEME, FUNC_HOTPLUG_SCAN,
                     FUNC_DEVICE_GROUP_ITEM };
 
diff --git a/tasmota/tasmota_globals.h b/tasmota/tasmota_globals.h
index abb925aee6e8..9bc6d0ed007e 100644
--- a/tasmota/tasmota_globals.h
+++ b/tasmota/tasmota_globals.h
@@ -438,7 +438,7 @@ String EthernetMacAddress(void);
 
 enum WebColors {
   COL_TEXT, COL_BACKGROUND, COL_FORM,
-  COL_INPUT_TEXT, COL_INPUT, COL_CONSOLE_TEXT, COL_CONSOLE,
+  COL_INPUT_TEXT, COL_INPUT,
   COL_TEXT_WARNING, COL_TEXT_SUCCESS,
   COL_BUTTON_TEXT, COL_BUTTON, COL_BUTTON_HOVER, COL_BUTTON_RESET, COL_BUTTON_RESET_HOVER, COL_BUTTON_SAVE, COL_BUTTON_SAVE_HOVER,
   COL_TIMER_TAB_TEXT, COL_TIMER_TAB_BACKGROUND, COL_TITLE,

From 8a1714d9cf2666c681f3209c7e404e669ef3d832 Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Mon, 23 Aug 2021 06:46:47 +0900
Subject: [PATCH 06/19] =?UTF-8?q?chore:=20HTTP=20=EC=84=9C=EB=B2=84=20?=
 =?UTF-8?q?=EB=B0=8F=20HTTPS=20=EC=84=9C=EB=B2=84=20begin=20=20=ED=95=A8?=
 =?UTF-8?q?=EC=88=98=20=EB=B6=84=EB=A6=AC?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 platformio_override.ini       |  2 +-
 tasmota/xdrv_01_webserver.ino | 35 +++++++++++++++++++++++++++--------
 2 files changed, 28 insertions(+), 9 deletions(-)

diff --git a/platformio_override.ini b/platformio_override.ini
index 26dc4dfe0f5c..f113692a5dc4 100644
--- a/platformio_override.ini
+++ b/platformio_override.ini
@@ -71,7 +71,7 @@ build_flags                 = ${core.build_flags}
 ;board_build.f_flash         = 80000000L
 
 ; *** Upload Serial reset method for Wemos and NodeMCU
-upload_port                 = /dev/tty.usbserial-21420
+upload_port                 = /dev/tty.usbserial-1420
 
 extra_scripts               = ${scripts_defaults.extra_scripts}
 ;                              pio-tools/obj-dump.py
diff --git a/tasmota/xdrv_01_webserver.ino b/tasmota/xdrv_01_webserver.ino
index f9a017bfde1b..f5d183d7f9a5 100644
--- a/tasmota/xdrv_01_webserver.ino
+++ b/tasmota/xdrv_01_webserver.ino
@@ -357,8 +357,8 @@ enum HttpOptions {HTTP_OFF, HTTP_USER, HTTP_ADMIN, HTTP_MANAGER, HTTP_MANAGER_RE
 enum WifiTestOptions {WIFI_NOT_TESTING, WIFI_TESTING, WIFI_TEST_FINISHED_SUCCESSFUL, WIFI_TEST_FINISHED_BAD};
 
 DNSServer *DnsServer;
-//ESP8266WebServer *Webserver;
-BearSSL::ESP8266WebServerSecure *Webserver;
+ESP8266WebServer *Webserver;
+BearSSL::ESP8266WebServerSecure *WebserverSecure;
 
 struct WEB {
   String chunk_buffer = "";                         // Could be max 2 * CHUNKED_BUFFER_SIZE
@@ -368,6 +368,7 @@ struct WEB {
   uint8_t config_block_count = 0;
   bool upload_services_stopped = false;
   bool initial_config = false;
+  bool state_HTTPS = false;
   uint8_t wifiTest = WIFI_NOT_TESTING;
   uint8_t wifi_test_counter = 0;
   uint16_t save_data_counter = 0;
@@ -450,6 +451,25 @@ void ExecuteWebCommand(char* svalue) {
   ExecuteWebCommand(svalue, SRC_WEBGUI);
 }
 
+void StartWebserverSecure(void)
+{
+  if (!Web.state_HTTPS) {
+    if (!WebserverSecure) {
+      WebserverSecure = new ESP8266WebServerSecure(443);
+      WebserverSecure->getServer().setRSACert(new BearSSL::X509List(serverCert), new BearSSL::PrivateKey(serverKey));
+      WebserverSecure->getServer().setBufferSizes(1024, 1024);
+      WebserverSecure->on(F("/lc"), HTTP_GET, HandleCognitoLoginCode);
+    }
+
+    WebserverSecure->begin(); // Web server start
+  }
+  if (!Web.state_HTTPS) {
+    AddLog(LOG_LEVEL_INFO, PSTR(D_LOG_HTTP D_WEBSERVER_ACTIVE_ON " %s%s " D_WITH_IP_ADDRESS " %_I"),
+      NetworkHostname(), (Mdns.begun) ? PSTR(".local") : "", (uint32_t)WiFi.localIP());
+    Web.state_HTTPS = true;
+  }
+}
+
 // replace the series of `Webserver->on()` with a table in PROGMEM
 typedef struct WebServerDispatch_t {
   char uri[3];   // the prefix "/" is added automatically
@@ -485,9 +505,7 @@ void StartWebserver(int type, IPAddress ipweb)
   Settings->web_refresh = HTTP_REFRESH_TIME;
   if (!Web.state) {
     if (!Webserver) {
-      //Webserver = new ESP8266WebServer((HTTP_MANAGER == type || HTTP_MANAGER_RESET_ONLY == type) ? 80 : WEB_PORT);
-      Webserver = new ESP8266WebServerSecure(443);
-      Webserver->getServer().setRSACert(new BearSSL::X509List(serverCert), new BearSSL::PrivateKey(serverKey));
+      Webserver = new ESP8266WebServer((HTTP_MANAGER == type || HTTP_MANAGER_RESET_ONLY == type) ? 80 : WEB_PORT);
       // call `Webserver->on()` on each entry
       for (uint32_t i=0; i<nitems(WebServerDispatch); i++) {
         const WebServerDispatch_t & line = WebServerDispatch[i];
@@ -505,8 +523,6 @@ void StartWebserver(int type, IPAddress ipweb)
       Webserver->on(F("/certs"), HTTP_POST, HandleCertsConfiguration);
       Webserver->on(F("/frt"), HTTP_GET, HandleFactoryResetConfiguration);
       Webserver->on(F("/lo"), HTTP_GET, HandleCognitoLogin);
-      Webserver->on(F("/lc"), HTTP_GET, HandleCognitoLoginCode);
-      Webserver->on(F("/test"), HTTP_GET, HandleTest);
       Webserver->onNotFound(HandleNotFound);
 //      Webserver->on(F("/u2"), HTTP_POST, HandleUploadDone, HandleUploadLoop);  // this call requires 2 functions so we keep a direct call
 #ifndef FIRMWARE_MINIMAL
@@ -534,6 +550,8 @@ void StartWebserver(int type, IPAddress ipweb)
     TasmotaGlobal.rules_flag.http_init = 1;
     Web.state = type;
   }
+
+  StartWebserverSecure();
 }
 
 void StopWebserver(void)
@@ -580,6 +598,7 @@ void PollDnsWebserver(void)
 {
   if (DnsServer) { DnsServer->processNextRequest(); }
   if (Webserver) { Webserver->handleClient(); }
+  if (WebserverSecure) { WebserverSecure->handleClient(); }
 }
 
 /*********************************************************************************************/
@@ -907,7 +926,7 @@ void HandleCognitoLogin(void)
 
 void HandleCognitoLoginCode(void)
 {
-  
+  WebserverSecure->send(200, "text/plain", "Hello from esp8266 over HTTPS!");  
 }
 
 void HandleWifiLogin(void)

From 3e312c293116b7937d5ed5bd8a9a159fd5b85e67 Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Mon, 23 Aug 2021 06:48:55 +0900
Subject: [PATCH 07/19] =?UTF-8?q?Feat:=20HTTPS=20=EC=9B=B9=EC=84=9C?=
 =?UTF-8?q?=EB=B2=84=20=EC=A4=91=EC=A7=80=20=EA=B8=B0=EB=8A=A5=20=EA=B5=AC?=
 =?UTF-8?q?=ED=98=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tasmota/xdrv_01_webserver.ino | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/tasmota/xdrv_01_webserver.ino b/tasmota/xdrv_01_webserver.ino
index f5d183d7f9a5..397e293a2a05 100644
--- a/tasmota/xdrv_01_webserver.ino
+++ b/tasmota/xdrv_01_webserver.ino
@@ -470,6 +470,15 @@ void StartWebserverSecure(void)
   }
 }
 
+void StopWebserverSecure(void)
+{
+  if (Web.state_HTTPS) {
+    WebserverSecure->close();
+    Web.state_HTTPS = false;
+    AddLog(LOG_LEVEL_INFO, F("HTTPS 웹서버 종료"));
+  }
+}
+
 // replace the series of `Webserver->on()` with a table in PROGMEM
 typedef struct WebServerDispatch_t {
   char uri[3];   // the prefix "/" is added automatically

From 9b4eb75d1d1bf90dedef9ccaa0c0152094bff969 Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Mon, 23 Aug 2021 07:31:56 +0900
Subject: [PATCH 08/19] =?UTF-8?q?Feat:=20Cognito=20AUTHORIZATION=20?=
 =?UTF-8?q?=EC=97=94=EB=93=9C=ED=8F=AC=EC=9D=B8=ED=8A=B8=20response=20?=
 =?UTF-8?q?=ED=8C=8C=EC=8B=B1=20=EA=B8=B0=EB=8A=A5=20=EB=B0=8F=20=ED=8C=8C?=
 =?UTF-8?q?=EC=8B=B1=20=EC=9D=B4=ED=9B=84=20=EB=A9=94=EC=9D=B8=20=ED=8E=98?=
 =?UTF-8?q?=EC=9D=B4=EC=A7=80=20=EC=9D=B4=EB=8F=99=20=EA=B5=AC=ED=98=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tasmota/xdrv_01_webserver.ino | 20 +++++++++-----------
 1 file changed, 9 insertions(+), 11 deletions(-)

diff --git a/tasmota/xdrv_01_webserver.ino b/tasmota/xdrv_01_webserver.ino
index 397e293a2a05..7a189f525418 100644
--- a/tasmota/xdrv_01_webserver.ino
+++ b/tasmota/xdrv_01_webserver.ino
@@ -470,12 +470,13 @@ void StartWebserverSecure(void)
   }
 }
 
+// TODO: 메모리 회수 코드 추가
 void StopWebserverSecure(void)
 {
   if (Web.state_HTTPS) {
     WebserverSecure->close();
     Web.state_HTTPS = false;
-    AddLog(LOG_LEVEL_INFO, F("HTTPS 웹서버 종료"));
+    AddLog(LOG_LEVEL_INFO, PSTR("HTTPS 웹서버 종료"));
   }
 }
 
@@ -559,8 +560,6 @@ void StartWebserver(int type, IPAddress ipweb)
     TasmotaGlobal.rules_flag.http_init = 1;
     Web.state = type;
   }
-
-  StartWebserverSecure();
 }
 
 void StopWebserver(void)
@@ -929,13 +928,18 @@ void WebRestart(uint32_t type)
 
 void HandleCognitoLogin(void)
 {
-  Webserver->sendHeader(F("Location"), String(F("https://ziot-sonoff-auth.auth.ap-northeast-2.amazoncognito.com/login?client_id=3ambmcokjea85jv4ff2hmkb0un&response_type=code&scope=openid&redirect_uri=https://nb0pw9tdj5.execute-api.ap-northeast-2.amazonaws.com/2021-08-16/login")), true);
+  Webserver->sendHeader(F("Location"), String(F("https://ziot-sonoff-auth.auth.ap-northeast-2.amazoncognito.com/login?client_id=3ambmcokjea85jv4ff2hmkb0un&response_type=code&scope=openid&redirect_uri=https://192.168.219.105/lc")), true);
   WSSend(302, CT_PLAIN, "");  // Empty content inhibits Content-length header so we have to close the socket ourselves.
+  StartWebserverSecure();
 }
 
 void HandleCognitoLoginCode(void)
 {
-  WebserverSecure->send(200, "text/plain", "Hello from esp8266 over HTTPS!");  
+  Serial.print("========================= Cognito code is ");
+  Serial.println(WebserverSecure->arg("code"));
+  WebserverSecure->sendHeader(F("Location"), String(F("http://")) + WebserverSecure->client().localIP().toString(), true);
+  WebserverSecure->send(302, "text/plain", "");
+  StopWebserverSecure();
 }
 
 void HandleWifiLogin(void)
@@ -1097,12 +1101,6 @@ void HandleConfiguration(void)
 
 /*-------------------------------------------------------------------------------------------*/
 
-void HandleTest(void) {
-  Webserver->send(200, "text/plain", "Hello from esp8266 over HTTPS!");
-}
-
-/*-------------------------------------------------------------------------------------------*/
-
 const char kUnescapeCode[] = "&><\"\'\\";
 const char kEscapeCode[] PROGMEM = "&amp;|&gt;|&lt;|&quot;|&apos;|&#92;";
 

From 00cc306f3439e8ec814eb7a2c2419c8e5ce60085 Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Mon, 23 Aug 2021 07:47:01 +0900
Subject: [PATCH 09/19] =?UTF-8?q?Feat:=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20?=
 =?UTF-8?q?=EC=83=81=ED=83=9C=EC=97=90=20=EB=94=B0=EB=A5=B8=20WebUI=20?=
 =?UTF-8?q?=EB=A1=9C=EA=B7=B8=EC=9D=B8/=EB=A1=9C=EA=B7=B8=EC=95=84?=
 =?UTF-8?q?=EC=9B=83=20=EB=B2=84=ED=8A=BC=20=EB=AC=B8=EA=B5=AC=20=EB=B3=80?=
 =?UTF-8?q?=ED=99=94?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tasmota/xdrv_01_webserver.ino | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/tasmota/xdrv_01_webserver.ino b/tasmota/xdrv_01_webserver.ino
index 7a189f525418..800961516bfe 100644
--- a/tasmota/xdrv_01_webserver.ino
+++ b/tasmota/xdrv_01_webserver.ino
@@ -332,14 +332,14 @@ const char HTTP_DEVICE_STATE[] PROGMEM = "<td style='width:%d%%;text-align:cente
 
 enum ButtonTitle {
   BUTTON_RESTART, BUTTON_RESET_CONFIGURATION, BUTTON_FACTORY_RESET,
-  BUTTON_MAIN, BUTTON_COGNITO_LOGIN, BUTTON_CONFIGURATION, BUTTON_INFORMATION, BUTTON_FIRMWARE_UPGRADE, BUTTON_WIFI, BUTTON_BACKUP, BUTTON_RESTORE };
+  BUTTON_MAIN, BUTTON_COGNITO_LOGIN, BUTTON_COGNITO_LOGOUT, BUTTON_CONFIGURATION, BUTTON_INFORMATION, BUTTON_FIRMWARE_UPGRADE, BUTTON_WIFI, BUTTON_BACKUP, BUTTON_RESTORE };
 const char kButtonTitle[] PROGMEM =
   D_RESTART "|" D_RESET_CONFIGURATION "|" "공장 초기화" "|"
-  D_MAIN_MENU "|" "로그인" "|" D_CONFIGURATION "|" D_INFORMATION "|" D_FIRMWARE_UPGRADE "|"
+  D_MAIN_MENU "|" "로그인" "|" "로그아웃" "|" D_CONFIGURATION "|" D_INFORMATION "|" D_FIRMWARE_UPGRADE "|"
   D_CONFIGURE_WIFI "|" D_BACKUP_CONFIGURATION "|" D_RESTORE_CONFIGURATION "|";
 const char kButtonAction[] PROGMEM =
   ".|rt|frt|"
-  ".|lo|cn|in|up|"
+  ".|li|lo|cn|in|up|"
   "wi|dl|rs|";
 
 const char kButtonConfirm[] PROGMEM = D_CONFIRM_RESTART "|" D_CONFIRM_RESET_CONFIGURATION "|" "공장 초기화 확인";
@@ -369,6 +369,7 @@ struct WEB {
   bool upload_services_stopped = false;
   bool initial_config = false;
   bool state_HTTPS = false;
+  bool state_login = false;
   uint8_t wifiTest = WIFI_NOT_TESTING;
   uint8_t wifi_test_counter = 0;
   uint16_t save_data_counter = 0;
@@ -532,7 +533,7 @@ void StartWebserver(int type, IPAddress ipweb)
       Webserver->on(F("/certs"), HTTP_GET, HandleCertsInfo);
       Webserver->on(F("/certs"), HTTP_POST, HandleCertsConfiguration);
       Webserver->on(F("/frt"), HTTP_GET, HandleFactoryResetConfiguration);
-      Webserver->on(F("/lo"), HTTP_GET, HandleCognitoLogin);
+      Webserver->on(F("/li"), HTTP_GET, HandleCognitoLogin);
       Webserver->onNotFound(HandleNotFound);
 //      Webserver->on(F("/u2"), HTTP_POST, HandleUploadDone, HandleUploadLoop);  // this call requires 2 functions so we keep a direct call
 #ifndef FIRMWARE_MINIMAL
@@ -935,6 +936,7 @@ void HandleCognitoLogin(void)
 
 void HandleCognitoLoginCode(void)
 {
+  Web.state_login = true;
   Serial.print("========================= Cognito code is ");
   Serial.println(WebserverSecure->arg("code"));
   WebserverSecure->sendHeader(F("Location"), String(F("http://")) + WebserverSecure->client().localIP().toString(), true);
@@ -1033,7 +1035,8 @@ void HandleRoot(void)
 #endif  // Not FIRMWARE_MINIMAL
 
   if (HTTP_ADMIN == Web.state) {
-    WSContentSpaceButton(BUTTON_COGNITO_LOGIN);
+    if (!Web.state_login) { WSContentSpaceButton(BUTTON_COGNITO_LOGIN); }
+    else { WSContentSpaceButton(BUTTON_COGNITO_LOGOUT); }
     WSContentSpaceButton(BUTTON_CONFIGURATION);
     WSContentButton(BUTTON_INFORMATION);
     WSContentButton(BUTTON_RESTART);

From 7116deb891440edad9b78ffc0d4de44990eb0313 Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Mon, 23 Aug 2021 09:46:32 +0900
Subject: [PATCH 10/19] =?UTF-8?q?Fix:=20WebUI=20=EC=83=89=EC=83=81=20?=
 =?UTF-8?q?=EB=B2=84=EA=B7=B8=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tasmota/tasmota_globals.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasmota/tasmota_globals.h b/tasmota/tasmota_globals.h
index 9bc6d0ed007e..abb925aee6e8 100644
--- a/tasmota/tasmota_globals.h
+++ b/tasmota/tasmota_globals.h
@@ -438,7 +438,7 @@ String EthernetMacAddress(void);
 
 enum WebColors {
   COL_TEXT, COL_BACKGROUND, COL_FORM,
-  COL_INPUT_TEXT, COL_INPUT,
+  COL_INPUT_TEXT, COL_INPUT, COL_CONSOLE_TEXT, COL_CONSOLE,
   COL_TEXT_WARNING, COL_TEXT_SUCCESS,
   COL_BUTTON_TEXT, COL_BUTTON, COL_BUTTON_HOVER, COL_BUTTON_RESET, COL_BUTTON_RESET_HOVER, COL_BUTTON_SAVE, COL_BUTTON_SAVE_HOVER,
   COL_TIMER_TAB_TEXT, COL_TIMER_TAB_BACKGROUND, COL_TITLE,

From 4127e17e0eb55ea3e3d1986bfe820f7b556510f6 Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Tue, 24 Aug 2021 17:30:35 +0900
Subject: [PATCH 11/19] =?UTF-8?q?Fix:=20=EC=84=A4=EC=A0=95=20=EC=B4=88?=
 =?UTF-8?q?=EA=B8=B0=ED=99=94=20=EB=B0=8F=20=EA=B3=B5=EC=9E=A5=20=EC=B4=88?=
 =?UTF-8?q?=EA=B8=B0=ED=99=94=20=20=EB=8F=99=EC=9E=91=20=EC=95=88=EB=90=98?=
 =?UTF-8?q?=EB=8A=94=20=EB=AC=B8=EC=A0=9C=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tasmota/support_command.ino | 28 +++++++++++++++++++++++++++-
 1 file changed, 27 insertions(+), 1 deletion(-)

diff --git a/tasmota/support_command.ino b/tasmota/support_command.ino
index 409b7d51fc6c..8c437911ac76 100644
--- a/tasmota/support_command.ino
+++ b/tasmota/support_command.ino
@@ -52,7 +52,7 @@ void (* const TasmotaCommand[])(void) PROGMEM = {
   &CmndVoltageResolution, &CmndFrequencyResolution, &CmndCurrentResolution, &CmndEnergyResolution, &CmndWeightResolution,
   &CmndModule, &CmndModules, &CmndGpio, &CmndGpios, &CmndTemplate, &CmndPwm, &CmndPwmfrequency, &CmndPwmrange,
   &CmndButtonDebounce, &CmndSwitchDebounce, &CmndSyslog, &CmndLoghost, &CmndLogport,
-  &CmndSerialSend, &CmndBaudrate, &CmndSerialConfig, &CmndSerialDelimiter,
+  &CmndSerialBuffer, &CmndSerialSend, &CmndBaudrate, &CmndSerialConfig, &CmndSerialDelimiter,
   &CmndIpAddress, &CmndNtpServer, &CmndAp, &CmndSsid, &CmndPassword, &CmndHostname, &CmndWifiConfig, &CmndWifi,
   &CmndDevicename, &CmndFriendlyname, &CmndFriendlyname, &CmndSwitchMode, &CmndInterlock, &CmndTeleperiod, &CmndReset, &CmndTime, &CmndTimezone, &CmndTimeStd,
   &CmndTimeDst, &CmndAltitude, &CmndLedPower, &CmndLedState, &CmndLedMask, &CmndLedPwmOn, &CmndLedPwmOff, &CmndLedPwmMode,
@@ -1543,6 +1543,32 @@ void CmndSerialConfig(void)
   ResponseCmndChar(GetSerialConfig().c_str());
 }
 
+void CmndSerialBuffer(void) {
+  // Allow non-pesistent serial receive buffer size change
+  //   between 256 (default) and 520 (INPUT_BUFFER_SIZE) characters
+  size_t size = 0;
+  if (XdrvMailbox.data_len > 0) {
+    size = XdrvMailbox.payload;
+    if (XdrvMailbox.payload < 256) {
+      size = 256;
+    }
+    if ((1 == XdrvMailbox.payload) || (XdrvMailbox.payload > INPUT_BUFFER_SIZE)) {
+      size = INPUT_BUFFER_SIZE;
+    }
+    Serial.setRxBufferSize(size);
+  }
+#ifdef ESP8266
+  ResponseCmndNumber(Serial.getRxBufferSize());
+#endif
+#ifdef ESP32
+  if (size) {
+    ResponseCmndNumber(size);
+  } else {
+    ResponseCmndDone();
+  }
+#endif
+}
+
 void CmndSerialSend(void)
 {
   if ((XdrvMailbox.index > 0) && (XdrvMailbox.index <= 6)) {

From c985faf18f282a0bcf07fa27d67626c639216c86 Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Tue, 24 Aug 2021 17:31:47 +0900
Subject: [PATCH 12/19] =?UTF-8?q?refactor:=20HTTPS=20=EC=9B=B9=EC=84=9C?=
 =?UTF-8?q?=EB=B2=84=20=EB=B0=8F=20HTTP=20=EC=84=9C=EB=B2=84=20=EC=BD=94?=
 =?UTF-8?q?=EB=93=9C=20=EB=B6=84=EB=A6=AC?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tasmota/support_tasmota.ino          |   8 +-
 tasmota/xdrv_01_webserver.ino        | 101 +-------
 tasmota/xdrv_01_webserver_secure.ino | 351 +++++++++++++++++++++++++++
 3 files changed, 360 insertions(+), 100 deletions(-)
 create mode 100644 tasmota/xdrv_01_webserver_secure.ino

diff --git a/tasmota/support_tasmota.ino b/tasmota/support_tasmota.ino
index 0c7fdd453eea..aefcb4ff5357 100644
--- a/tasmota/support_tasmota.ino
+++ b/tasmota/support_tasmota.ino
@@ -1315,7 +1315,10 @@ void Every250mSeconds(void)
       if (Settings->webserver) {
 
 #ifdef ESP8266
-        if (!WifiIsInManagerMode()) { StartWebserver(Settings->webserver, WiFi.localIP()); }
+        if (!WifiIsInManagerMode()) {
+          StartWebserver(Settings->webserver, WiFi.localIP());
+          StartWebserverSecure();
+        }
 #endif  // ESP8266
 #ifdef ESP32
 #ifdef USE_ETHERNET
@@ -1328,6 +1331,7 @@ void Every250mSeconds(void)
         MdnsAddServiceHttp();
       } else {
         StopWebserver();
+        StopWebserverSecure();
       }
 #ifdef USE_EMULATION
       if (Settings->flag2.emulation) { UdpConnect(); }
@@ -1345,7 +1349,7 @@ void Every250mSeconds(void)
       }
 #endif  // USE_KNX
 
-      //MqttCheck();
+      MqttCheck();
     } else {
 #ifdef USE_EMULATION
       UdpDisconnect();
diff --git a/tasmota/xdrv_01_webserver.ino b/tasmota/xdrv_01_webserver.ino
index 800961516bfe..290b1addc947 100644
--- a/tasmota/xdrv_01_webserver.ino
+++ b/tasmota/xdrv_01_webserver.ino
@@ -61,6 +61,7 @@ const uint16_t HTTP_OTA_RESTART_RECONNECT_TIME = 10000;  // milliseconds - Allow
 #include <ESP8266WebServer.h>
 #include <DNSServer.h>
 #include <ESP8266WebServerSecure.h>
+#include <base64.hpp>
 
 const char HTTP_SCRIPT_ROOT2[] PROGMEM =
   "var rfsh=1,ft;"
@@ -452,35 +453,6 @@ void ExecuteWebCommand(char* svalue) {
   ExecuteWebCommand(svalue, SRC_WEBGUI);
 }
 
-void StartWebserverSecure(void)
-{
-  if (!Web.state_HTTPS) {
-    if (!WebserverSecure) {
-      WebserverSecure = new ESP8266WebServerSecure(443);
-      WebserverSecure->getServer().setRSACert(new BearSSL::X509List(serverCert), new BearSSL::PrivateKey(serverKey));
-      WebserverSecure->getServer().setBufferSizes(1024, 1024);
-      WebserverSecure->on(F("/lc"), HTTP_GET, HandleCognitoLoginCode);
-    }
-
-    WebserverSecure->begin(); // Web server start
-  }
-  if (!Web.state_HTTPS) {
-    AddLog(LOG_LEVEL_INFO, PSTR(D_LOG_HTTP D_WEBSERVER_ACTIVE_ON " %s%s " D_WITH_IP_ADDRESS " %_I"),
-      NetworkHostname(), (Mdns.begun) ? PSTR(".local") : "", (uint32_t)WiFi.localIP());
-    Web.state_HTTPS = true;
-  }
-}
-
-// TODO: 메모리 회수 코드 추가
-void StopWebserverSecure(void)
-{
-  if (Web.state_HTTPS) {
-    WebserverSecure->close();
-    Web.state_HTTPS = false;
-    AddLog(LOG_LEVEL_INFO, PSTR("HTTPS 웹서버 종료"));
-  }
-}
-
 // replace the series of `Webserver->on()` with a table in PROGMEM
 typedef struct WebServerDispatch_t {
   char uri[3];   // the prefix "/" is added automatically
@@ -529,9 +501,6 @@ void StartWebserver(int type, IPAddress ipweb)
         // register
         WebServer_on(uri, line.handler, pgm_read_byte(&line.method));
       }
-      Webserver->on(F("/info"), HTTP_GET, HandleDeviceInfo);
-      Webserver->on(F("/certs"), HTTP_GET, HandleCertsInfo);
-      Webserver->on(F("/certs"), HTTP_POST, HandleCertsConfiguration);
       Webserver->on(F("/frt"), HTTP_GET, HandleFactoryResetConfiguration);
       Webserver->on(F("/li"), HTTP_GET, HandleCognitoLogin);
       Webserver->onNotFound(HandleNotFound);
@@ -929,19 +898,8 @@ void WebRestart(uint32_t type)
 
 void HandleCognitoLogin(void)
 {
-  Webserver->sendHeader(F("Location"), String(F("https://ziot-sonoff-auth.auth.ap-northeast-2.amazoncognito.com/login?client_id=3ambmcokjea85jv4ff2hmkb0un&response_type=code&scope=openid&redirect_uri=https://192.168.219.105/lc")), true);
+  Webserver->sendHeader(F("Location"), String(F("https://ziot-sonoff-auth.auth.ap-northeast-2.amazoncognito.com/login?client_id=3ambmcokjea85jv4ff2hmkb0un&response_type=code&scope=aws.cognito.signin.user.admin+openid&redirect_uri=https://192.168.219.105/lc")), true);
   WSSend(302, CT_PLAIN, "");  // Empty content inhibits Content-length header so we have to close the socket ourselves.
-  StartWebserverSecure();
-}
-
-void HandleCognitoLoginCode(void)
-{
-  Web.state_login = true;
-  Serial.print("========================= Cognito code is ");
-  Serial.println(WebserverSecure->arg("code"));
-  WebserverSecure->sendHeader(F("Location"), String(F("http://")) + WebserverSecure->client().localIP().toString(), true);
-  WebserverSecure->send(302, "text/plain", "");
-  StopWebserverSecure();
 }
 
 void HandleWifiLogin(void)
@@ -1418,7 +1376,7 @@ void HandleFactoryResetConfiguration(void)
 
   WSContentStart_P(PSTR("공장 초기화"), !WifiIsInManagerMode());
   WSContentSendStyle();
-  WSContentSend_P(PSTR("<div style='text-align:center;'>" D_CONFIGURATION_RESET "</div>"));
+  WSContentSend_P(PSTR("<div style='text-align:center;'>공장 초기화</div>"));
   WSContentSend_P(HTTP_MSG_RSTRT);
   WSContentSpaceButton(BUTTON_MAIN);
   WSContentStop();
@@ -2094,59 +2052,6 @@ bool CaptivePortal(void)
 
 /*********************************************************************************************/
 
-void HandleDeviceInfo(void) {
-  WSContentBegin(200, CT_APP_JSON);
-  WSContentSend_P(PSTR("{\"message\":\"Success\", \"data\":{\"nickname\":\"%s\", \"mac\":\"%s\", \"type\":\"%s\"}}"), SettingsText(SET_FRIENDLYNAME1), WiFi.macAddress().c_str(), DEVICE_TYPE);
-  WSContentEnd();
-}
-
-void HandleCertsInfo(void) {
-  if ((strlen(AmazonClientCert) == 0) || strlen(AmazonPrivateKey) == 0) {
-    WSContentBegin(500, CT_APP_JSON);
-    WSContentSend_P(PSTR("{\"message\":\"Fail\"}"));
-    WSContentEnd();
-    return;
-  }
-
-  WSContentBegin(200, CT_APP_JSON);
-  WSContentSend_P(PSTR("{\"message\":\"Success\", \"data\":{\"cert\":\"%s\", \"key\":\"%s\"}}"), AmazonClientCert, AmazonPrivateKey);
-  WSContentEnd();
-}
-
-void HandleCertsConfiguration(void) {
-  if(!Webserver->hasArg(F("plain"))) {
-    WSContentBegin(500, CT_APP_JSON);
-    WSContentSend_P(PSTR("{\"message\":\"Fail\"}"));
-    WSContentEnd();
-    return;
-  }
-
-  JsonParser parser((char*) Webserver->arg("plain").c_str());
-  JsonParserObject stateObject = parser.getRootObject();
-  String cert = stateObject["cert"].getStr();
-  String key = stateObject["key"].getStr();
-  char* certCharType = (char*)cert.c_str();
-  char* keyCharType = (char*)key.c_str();
-
-/* TODO: 인증서 사이즈 체크 예외코드 작성
-  if(cert.length() != 256 || key.length() < 10) {
-    WSContentBegin(500, CT_APP_JSON);
-    WSContentSend_P(PSTR("{\"message\":\"Fail\"}"));
-    WSContentEnd();
-    return;
-  }
-*/
-  memcpy(AmazonClientCert, certCharType, strlen(certCharType));
-  memcpy(AmazonPrivateKey, keyCharType, strlen(keyCharType));
-  MqttDisconnect();
-  ConvertTlsFile(0);
-  ConvertTlsFile(1);
-
-  WSContentBegin(200, CT_APP_JSON);
-  WSContentSend_P(PSTR("{\"message\":\"Success\"}"));
-  WSContentEnd();
-}
-
 int WebSend(char *buffer)
 {
   // [tasmota] POWER1 ON                                               --> Sends http://tasmota/cm?cmnd=POWER1 ON
diff --git a/tasmota/xdrv_01_webserver_secure.ino b/tasmota/xdrv_01_webserver_secure.ino
new file mode 100644
index 000000000000..dd4c8cb66ab8
--- /dev/null
+++ b/tasmota/xdrv_01_webserver_secure.ino
@@ -0,0 +1,351 @@
+struct WEBSECURE {
+  bool state_HTTPS = false;
+  bool state_login = false;
+} WebSecure;
+
+void StartWebserverSecure(void)
+{
+  if (!WebSecure.state_HTTPS) {
+    if (!WebserverSecure) {
+      WebserverSecure = new ESP8266WebServerSecure(443);
+      WebserverSecure->getServer().setRSACert(new BearSSL::X509List(serverCert), new BearSSL::PrivateKey(serverKey));
+      WebserverSecure->getServer().setBufferSizes(1024, 1024);
+      WebserverSecure->on(F("/lc"), HTTP_GET, HandleCognitoLoginCode);
+      WebserverSecure->on(F("/certs"), HTTP_POST, HandleCertsConfiguration);
+      WebserverSecure->on(F("/info"), HTTP_GET, HandleDeviceInfo);
+    }
+
+    WebserverSecure->begin(); // Web server start
+  }
+  if (!WebSecure.state_HTTPS) {
+    AddLog(LOG_LEVEL_INFO, PSTR(D_LOG_HTTP "HTTPS" D_WEBSERVER_ACTIVE_ON " %s%s " D_WITH_IP_ADDRESS " %_I"),
+      NetworkHostname(), (Mdns.begun) ? PSTR(".local") : "", (uint32_t)WiFi.localIP());
+    WebSecure.state_HTTPS = true;
+  }
+}
+
+// TODO: 메모리 회수 코드 추가
+void StopWebserverSecure(void)
+{
+  if (WebSecure.state_HTTPS) {
+    WebserverSecure->close();
+    WebSecure.state_HTTPS = false;
+    AddLog(LOG_LEVEL_INFO, PSTR("HTTPS 웹서버 종료"));
+  }
+}
+
+/*********************************************************************************************/
+
+void HttpHeaderCorsSecure(void)
+{
+  if (strlen(SettingsText(SET_CORS))) {
+    WebserverSecure->sendHeader(F("Access-Control-Allow-Origin"), SettingsText(SET_CORS));
+  }
+}
+
+void WSHeaderSendSecure(void)
+{
+  char server[32];
+  // TODO: ZIoT 버전 변경
+  snprintf_P(server, sizeof(server), PSTR("Tasmota/%s (%s)"), TasmotaGlobal.version, GetDeviceHardware().c_str());
+  WebserverSecure->sendHeader(F("Server"), server);
+  WebserverSecure->sendHeader(F("Cache-Control"), F("no-cache, no-store, must-revalidate"));
+  WebserverSecure->sendHeader(F("Pragma"), F("no-cache"));
+  WebserverSecure->sendHeader(F("Expires"), F("-1"));
+  HttpHeaderCorsSecure();
+}
+
+/**********************************************************************************************
+* HTTP Content Page handler
+**********************************************************************************************/
+
+void WSSendSecure(int code, int ctype, const String& content)
+{
+  char ct[25];  // strlen("application/octet-stream") +1 = Longest Content type string
+  WebserverSecure->send(code, GetTextIndexed(ct, sizeof(ct), ctype, kContentTypes), content);
+}
+
+/**********************************************************************************************
+* HTTP Content Chunk handler
+**********************************************************************************************/
+
+void WSContentBeginSecure(int code, int ctype) {
+  WebserverSecure->client().flush();
+  WSHeaderSendSecure();
+  WebserverSecure->setContentLength(CONTENT_LENGTH_UNKNOWN);
+  WSSendSecure(code, ctype, "");                         // Signal start of chunked content
+  Web.chunk_buffer = "";
+}
+
+void _WSContentSendSecure(const char* content, size_t size) {  // Lowest level sendContent for all core versions
+  WebserverSecure->sendContent(content, size);
+
+#ifdef USE_DEBUG_DRIVER
+  ShowFreeMem(PSTR("WSContentSend"));
+#endif
+  DEBUG_CORE_LOG(PSTR("WEB: Chunk size %d"), size);
+}
+
+void _WSContentSendSecure(const String& content) {       // Low level sendContent for all core versions
+  _WSContentSendSecure(content.c_str(), content.length());
+}
+
+void WSContentFlushSecure(void) {
+  if (Web.chunk_buffer.length() > 0) {
+    _WSContentSendSecure(Web.chunk_buffer);              // Flush chunk buffer
+    Web.chunk_buffer = "";
+  }
+}
+
+void WSContentSendSecure(const char* content, size_t size) {
+  WSContentFlushSecure();
+  _WSContentSendSecure(content, size);
+}
+
+void _WSContentSendBufferSecure(bool decimal, const char * formatP, va_list arg) {
+  char* content = ext_vsnprintf_malloc_P(formatP, arg);
+  if (content == nullptr) { return; }              // Avoid crash
+
+  int len = strlen(content);
+  if (0 == len) { return; }                        // No content
+
+  if (decimal && (D_DECIMAL_SEPARATOR[0] != '.')) {
+    for (uint32_t i = 0; i < len; i++) {
+      if ('.' == content[i]) {
+        content[i] = D_DECIMAL_SEPARATOR[0];
+      }
+    }
+  }
+
+  if (len < CHUNKED_BUFFER_SIZE) {                 // Append chunk buffer with small content
+    Web.chunk_buffer += content;
+    len = Web.chunk_buffer.length();
+  }
+
+  if (len >= CHUNKED_BUFFER_SIZE) {                // Either content or chunk buffer is oversize
+    WSContentFlushSecure();                              // Send chunk buffer before possible content oversize
+  }
+  if (strlen(content) >= CHUNKED_BUFFER_SIZE) {    // Content is oversize
+    _WSContentSendSecure(content);                       // Send content
+  }
+
+  free(content);
+}
+
+void WSContentSend_PSecure(const char* formatP, ...) {   // Content send snprintf_P char data
+  // This uses char strings. Be aware of sending %% if % is needed
+  va_list arg;
+  va_start(arg, formatP);
+  _WSContentSendBufferSecure(false, formatP, arg);
+  va_end(arg);
+}
+
+void WSContentSend_PDSecure(const char* formatP, ...) {  // Content send snprintf_P char data checked for decimal separator
+  // This uses char strings. Be aware of sending %% if % is needed
+  va_list arg;
+  va_start(arg, formatP);
+  _WSContentSendBufferSecure(true, formatP, arg);
+  va_end(arg);
+}
+
+void WSContentStart_PSecure(const char* title, bool auth)
+{
+  WSContentBeginSecure(200, CT_HTML);
+
+  if (title != nullptr) {
+    WSContentSend_PSecure(HTTP_HEADER1, PSTR(D_HTML_LANGUAGE), SettingsText(SET_DEVICENAME), title);
+  }
+}
+
+void WSContentStart_PSecure(const char* title)
+{
+  WSContentStart_PSecure(title, true);
+}
+
+void WSContentSendStyle_PSecure(const char* formatP, ...)
+{
+  if ( WifiIsInManagerMode() && (!Web.initial_config) ) {
+    if (WifiConfigCounter()) {
+      WSContentSend_PSecure(HTTP_SCRIPT_COUNTER);
+    }
+  }
+  //WSContentSend_P(HTTP_SCRIPT_LOADER);
+  WSContentSend_PSecure(HTTP_HEAD_LAST_SCRIPT);
+
+  WSContentSend_PSecure(HTTP_HEAD_STYLE1, WebColor(COL_FORM), WebColor(COL_INPUT), WebColor(COL_INPUT_TEXT), WebColor(COL_INPUT),
+                  WebColor(COL_INPUT_TEXT), PSTR(""), PSTR(""), WebColor(COL_BACKGROUND));
+  WSContentSend_PSecure(HTTP_HEAD_STYLE2, WebColor(COL_BUTTON), WebColor(COL_BUTTON_TEXT), WebColor(COL_BUTTON_HOVER),
+                  WebColor(COL_BUTTON_RESET), WebColor(COL_BUTTON_RESET_HOVER), WebColor(COL_BUTTON_SAVE), WebColor(COL_BUTTON_SAVE_HOVER),
+                  WebColor(COL_BUTTON));
+#ifdef USE_ZIGBEE
+  WSContentSend_PSecure(HTTP_HEAD_STYLE_ZIGBEE);
+#endif // USE_ZIGBEE
+  if (formatP != nullptr) {
+    // This uses char strings. Be aware of sending %% if % is needed
+    va_list arg;
+    va_start(arg, formatP);
+    _WSContentSendBufferSecure(false, formatP, arg);
+    va_end(arg);
+  }
+  WSContentSend_PSecure(HTTP_HEAD_STYLE_LOADER);
+  WSContentSend_PSecure(HTTP_HEAD_STYLE3, WebColor(COL_TEXT),
+#ifdef FIRMWARE_MINIMAL
+  WebColor(COL_TEXT_WARNING),
+#endif
+  WebColor(COL_TITLE),
+  "", SettingsText(SET_DEVICENAME));
+
+  // SetOption53 - Show hostname and IP address in GUI main menu
+#if (RESTART_AFTER_INITIAL_WIFI_CONFIG)
+  if (Settings->flag3.gui_hostname_ip) {
+#else
+  if ( Settings->flag3.gui_hostname_ip || ( (WiFi.getMode() == WIFI_AP_STA) && (!Web.initial_config) )  ) {
+#endif
+    bool lip = (static_cast<uint32_t>(WiFi.localIP()) != 0);
+    bool sip = (static_cast<uint32_t>(WiFi.softAPIP()) != 0);
+    WSContentSend_PSecure(PSTR("<h4>%s%s (%s%s%s)</h4>"),    // tasmota.local (192.168.2.12, 192.168.4.1)
+      NetworkHostname(),
+      (Mdns.begun) ? PSTR(".local") : "",
+      (lip) ? WiFi.localIP().toString().c_str() : "",
+      (lip && sip) ? ", " : "",
+      (sip) ? WiFi.softAPIP().toString().c_str() : "");
+  }
+  WSContentSend_PSecure(PSTR("</div>"));
+}
+
+void WSContentSendStyleSecure(void)
+{
+  WSContentSendStyle_PSecure(nullptr);
+}
+
+void WSContentTextCenterStartSecure(uint32_t color) {
+  WSContentSend_PSecure(PSTR("<div style='text-align:center;color:#%06x;'>"), color);
+}
+
+void WSContentButtonSecure(uint32_t title_index, bool show=true)
+{
+  char action[4];
+  char title[100];  // Large to accomodate UTF-16 as used by Russian
+
+  WSContentSend_PSecure(PSTR("<p><form id=but%d style=\"display: %s;\" action='%s' method='get'"),
+    title_index,
+    show ? "block":"none",
+    GetTextIndexed(action, sizeof(action), title_index, kButtonAction));
+  if (title_index <= BUTTON_FACTORY_RESET) {
+    char confirm[100];
+    WSContentSend_PSecure(PSTR(" onsubmit='return confirm(\"%s\");'><button name='%s' class='button bred'>%s</button></form></p>"),
+      GetTextIndexed(confirm, sizeof(confirm), title_index, kButtonConfirm),
+      (!title_index) ? PSTR("rst") : PSTR("non"),
+      GetTextIndexed(title, sizeof(title), title_index, kButtonTitle));
+  } else {
+    WSContentSend_PSecure(PSTR("><button>%s</button></form></p>"),
+      GetTextIndexed(title, sizeof(title), title_index, kButtonTitle));
+  }
+}
+
+void WSContentSpaceButtonSecure(uint32_t title_index, bool show=true)
+{
+  WSContentSend_PSecure(PSTR("<div id=but%dd style=\"display: %s;\"></div>"),title_index, show ? "block":"none");            // 5px padding
+  WSContentButtonSecure(title_index, show);
+}
+
+void WSContentSend_TempSecure(const char *types, float f_temperature) {
+  WSContentSend_PDSecure(HTTP_SNS_F_TEMP, types, Settings->flag2.temperature_resolution, &f_temperature, TempUnit());
+}
+
+void WSContentSend_VoltageSecure(const char *types, float f_voltage) {
+  WSContentSend_PDSecure(HTTP_SNS_F_VOLTAGE, types, Settings->flag2.voltage_resolution, &f_voltage);
+}
+
+void WSContentSend_CurrentMASecure(const char *types, float f_current) {
+  WSContentSend_PDSecure(HTTP_SNS_F_CURRENT_MA, types, Settings->flag2.current_resolution, &f_current);
+}
+
+void WSContentSend_THDSecure(const char *types, float f_temperature, float f_humidity)
+{
+  WSContentSend_TempSecure(types, f_temperature);
+
+  char parameter[FLOATSZ];
+  dtostrfd(f_humidity, Settings->flag2.humidity_resolution, parameter);
+  WSContentSend_PDSecure(HTTP_SNS_HUM, types, parameter);
+  dtostrfd(CalcTempHumToDew(f_temperature, f_humidity), Settings->flag2.temperature_resolution, parameter);
+  WSContentSend_PDSecure(HTTP_SNS_DEW, types, parameter, TempUnit());
+}
+
+void WSContentEndSecure(void)
+{
+  WSContentSendSecure("", 0);                            // Signal end of chunked content
+  WebserverSecure->client().stop();
+}
+
+void WSContentStopSecure(void)
+{
+  if ( WifiIsInManagerMode() && (!Web.initial_config) ) {
+    if (WifiConfigCounter()) {
+      WSContentSend_PSecure(HTTP_COUNTER);
+    }
+  }
+  // TODO: ZIoT 버전 변경
+  WSContentSend_PSecure(HTTP_END, WiFi.macAddress().c_str(), TasmotaGlobal.version);
+  WSContentEndSecure();
+}
+
+/*********************************************************************************************/
+
+void HandleCognitoLoginCode(void)
+{
+  unsigned char authorization_output[TOPSZ] = "";
+  unsigned char* authorization_input = (unsigned char*)"3ambmcokjea85jv4ff2hmkb0un:disli84aaq2ggcul27u5334e5pp74v9gu2mp0h4t4pj1ac1c7g9";
+  WebSecure.state_login = true;
+  Serial.print("========================= Cognito code is ");
+  Serial.println(WebserverSecure->arg("code"));
+  WebserverSecure->sendHeader(F("Location"), String(F("http://")) + WebserverSecure->client().localIP().toString(), true);
+  WebserverSecure->send(302, "text/plain", "");
+
+  //encode_base64(authorization_input,strlen(String((char*)authorization_input).c_str()),authorization_output);
+  
+  //WebserverSecure->sendHeader(F("Authorization", String(F("Basic ")) + String((char*)authorization_output).c_str()), true);
+  //WebserverSecure->sendHeader(F("Content-Type", String(F("application/x-www-form-urlencoded")), true);
+
+  //WebserverSecure->sendHeader(F("Location"), String(F("https://ziot-sonoff-auth.auth.ap-northeast-2.amazoncognito.com/oauth2/token")), true);
+}
+
+void HandleDeviceInfo(void) {
+  WSContentBeginSecure(200, CT_APP_JSON);
+  WSContentSend_PSecure(PSTR("{\"message\":\"Success\", \"data\":{\"nickname\":\"%s\", \"mac\":\"%s\", \"type\":\"%s\"}}"), SettingsText(SET_FRIENDLYNAME1), WiFi.macAddress().c_str(), DEVICE_TYPE);
+  WSContentEndSecure();
+}
+
+void HandleCertsConfiguration(void) {
+  if(!WebserverSecure->hasArg(F("plain"))) {
+    WSContentBeginSecure(500, CT_APP_JSON);
+    WSContentSend_PSecure(PSTR("{\"message\":\"Fail\"}"));
+    WSContentEndSecure();
+    return;
+  }
+
+  JsonParser parser((char*) WebserverSecure->arg("plain").c_str());
+  JsonParserObject stateObject = parser.getRootObject();
+  String cert = stateObject["cert"].getStr();
+  String key = stateObject["key"].getStr();
+  char* certCharType = (char*)cert.c_str();
+  char* keyCharType = (char*)key.c_str();
+
+/* TODO: 인증서 사이즈 체크 예외코드 작성
+  if(cert.length() != 256 || key.length() < 10) {
+    WSContentBegin(500, CT_APP_JSON);
+    WSContentSend_P(PSTR("{\"message\":\"Fail\"}"));
+    WSContentEnd();
+    return;
+  }
+*/
+  memcpy(AmazonClientCert, certCharType, strlen(certCharType));
+  memcpy(AmazonPrivateKey, keyCharType, strlen(keyCharType));
+  MqttDisconnect();
+  ConvertTlsFile(0);
+  ConvertTlsFile(1);
+
+  WSContentBeginSecure(200, CT_APP_JSON);
+  WSContentSend_PSecure(PSTR("{\"message\":\"Success\"}"));
+  WSContentEndSecure();
+}
\ No newline at end of file

From b94cc639f3e8428a549525809a2dd583430773d6 Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Tue, 24 Aug 2021 17:32:13 +0900
Subject: [PATCH 13/19] =?UTF-8?q?chore:=20=EA=B8=B0=EB=8A=A5=20=ED=85=8C?=
 =?UTF-8?q?=EC=8A=A4=ED=8A=B8=EC=9A=A9=20=EC=A3=BC=EC=84=9D=20=ED=95=B4?=
 =?UTF-8?q?=EC=A0=9C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tasmota/xdrv_02_9_mqtt.ino | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasmota/xdrv_02_9_mqtt.ino b/tasmota/xdrv_02_9_mqtt.ino
index 4200ce47d591..5ace464b35d4 100644
--- a/tasmota/xdrv_02_9_mqtt.ino
+++ b/tasmota/xdrv_02_9_mqtt.ino
@@ -1922,7 +1922,7 @@ bool Xdrv02(uint8_t function)
         result = DecodeCommand(kMqttCommands, MqttCommand, kMqttSynonyms);
         break;
       case FUNC_PRE_INIT:
-        //MqttInit();
+        MqttInit();
         break;
     }
   }

From 8dca93d34b4a1d8bc335af9c600cee49266b7136 Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Tue, 24 Aug 2021 18:18:55 +0900
Subject: [PATCH 14/19] =?UTF-8?q?Feat:=20WiFi=20=EC=84=A4=EC=A0=95=20API?=
 =?UTF-8?q?=20=EA=B5=AC=ED=98=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tasmota/xdrv_01_webserver_secure.ino | 31 ++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/tasmota/xdrv_01_webserver_secure.ino b/tasmota/xdrv_01_webserver_secure.ino
index dd4c8cb66ab8..607c23ad3d81 100644
--- a/tasmota/xdrv_01_webserver_secure.ino
+++ b/tasmota/xdrv_01_webserver_secure.ino
@@ -13,6 +13,7 @@ void StartWebserverSecure(void)
       WebserverSecure->on(F("/lc"), HTTP_GET, HandleCognitoLoginCode);
       WebserverSecure->on(F("/certs"), HTTP_POST, HandleCertsConfiguration);
       WebserverSecure->on(F("/info"), HTTP_GET, HandleDeviceInfo);
+      WebserverSecure->on(F("/wifi"), HTTP_POST, HandleWifiConfigurationWithApp);
     }
 
     WebserverSecure->begin(); // Web server start
@@ -345,6 +346,36 @@ void HandleCertsConfiguration(void) {
   ConvertTlsFile(0);
   ConvertTlsFile(1);
 
+  WSContentBeginSecure(200, CT_APP_JSON);
+  WSContentSend_PSecure(PSTR("{\"message\":\"Success\"}"));
+  WSContentEndSecure();
+}
+
+void HandleWifiConfigurationWithApp(void) {
+  if(!WebserverSecure->hasArg(F("plain"))) {
+    WSContentBeginSecure(500, CT_APP_JSON);
+    WSContentSend_PSecure(PSTR("{\"message\":\"Failed\" \"resason\":\"1\" \"data\":\"Server received empty request message\"}"));
+    WSContentEndSecure();
+    return;
+  }
+
+  JsonParser parser((char*) WebserverSecure->arg("plain").c_str());
+  JsonParserObject stateObject = parser.getRootObject();
+
+  String ssid = stateObject["ssid1"].getStr();
+  String pwd = stateObject["pwd1"].getStr();
+  if (ssid.length() || pwd.length()) {
+    SettingsUpdateText(SET_STASSID1, (char*)ssid.c_str());
+    SettingsUpdateText(SET_STAPWD1, (char*)pwd.c_str());
+  }
+
+  ssid = stateObject["ssid2"].getStr();
+  pwd = stateObject["pwd2"].getStr();
+  if (ssid.length() || pwd.length()) {
+    SettingsUpdateText(SET_STASSID2, (char*)ssid.c_str());
+    SettingsUpdateText(SET_STAPWD2, (char*)pwd.c_str());
+  }
+
   WSContentBeginSecure(200, CT_APP_JSON);
   WSContentSend_PSecure(PSTR("{\"message\":\"Success\"}"));
   WSContentEndSecure();

From b5a9aff4eb5f618445dc015965a2c8500f01ba20 Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Mon, 17 Jan 2022 14:29:07 +0900
Subject: [PATCH 15/19] =?UTF-8?q?feat:=20ap=20=EB=AA=A8=EB=93=9C=20?=
 =?UTF-8?q?=EB=A1=9C=EC=A7=81=20=EA=B5=AC=ED=98=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tasmota/language/ko_KO.h             |  4 +-
 tasmota/support_tasmota.ino          | 28 ++++---------
 tasmota/tasmota.h                    |  2 +-
 tasmota/tasmota.ino                  |  5 +++
 tasmota/tasmota_cert.h               | 61 ++++++++--------------------
 tasmota/user_config_override.h       |  2 +-
 tasmota/xdrv_01_webserver.ino        | 45 ++++++++++++--------
 tasmota/xdrv_01_webserver_secure.ino | 30 ++++++--------
 8 files changed, 74 insertions(+), 103 deletions(-)

diff --git a/tasmota/language/ko_KO.h b/tasmota/language/ko_KO.h
index 90e3e35936bc..698f76ccfbee 100644
--- a/tasmota/language/ko_KO.h
+++ b/tasmota/language/ko_KO.h
@@ -302,7 +302,7 @@
 #define D_SELECT_YOUR_WIFI_NETWORK "아래에서 WiFi를 선택하세요"
 #define D_SHOW_MORE_WIFI_NETWORKS "다른 WiFi 탐색"
 #define D_SHOW_MORE_OPTIONS "더보기"
-#define D_CHECK_CREDENTIALS "Please, check your credentials"
+#define D_CHECK_CREDENTIALS "올바른 WiFi 네트워크인지 확인해주세요"
 #define D_SUCCESSFUL_WIFI_CONNECTION "Successful WiFi Connection"
 #define D_NOW_YOU_CAN_CLOSE_THIS_WINDOW "Now you can close this window"
 #define D_REDIRECTING_TO_NEW_IP "새로운 네트워크로 이동 중입니다. 잠시만 기다려주세요"
@@ -393,6 +393,8 @@
 #define D_ENABLE_WEBLOG_FOR_RESPONSE "응답이 있다면 Weblog 2를 사용"
 #define D_NEED_USER_AND_PASSWORD "user=<아이디>&password=<비밀번호> 필요"
 
+#define D_CHECK_CERTIFICATION "인증서 정보가 없습니다. 직방 앱을 사용해 기기를 등록해주세요."
+
 // xdrv_01_mqtt.ino
 #define D_FINGERPRINT "TLS 지문 확인..."
 #define D_TLS_CONNECT_FAILED_TO "TLS 연결 실패"
diff --git a/tasmota/support_tasmota.ino b/tasmota/support_tasmota.ino
index aefcb4ff5357..b2b3ae94f0b7 100644
--- a/tasmota/support_tasmota.ino
+++ b/tasmota/support_tasmota.ino
@@ -1087,7 +1087,7 @@ void Every250mSeconds(void)
 
   switch (TasmotaGlobal.state_250mS) {
   case 0:                                                 // Every x.0 second
-    if (TasmotaGlobal.ota_state_flag && CommandsReady()) {
+    if (TasmotaGlobal.ota_state_flag && CommandsReady()) { // TODO: Flash에 저장된 OTA 설정 값을 읽는 것으로 변경, OTA 모드, 프로비저닝 모드에서 동작하지 않도록 체크 로직 필요
       TasmotaGlobal.ota_state_flag--;
       if (2 == TasmotaGlobal.ota_state_flag) {
         RtcSettings.ota_loader = 0;                       // Try requested image first
@@ -1312,24 +1312,7 @@ void Every250mSeconds(void)
       StartMdns();
 
 #ifdef USE_WEBSERVER
-      if (Settings->webserver) {
-
-#ifdef ESP8266
-        if (!WifiIsInManagerMode()) {
-          StartWebserver(Settings->webserver, WiFi.localIP());
-          StartWebserverSecure();
-        }
-#endif  // ESP8266
-#ifdef ESP32
-#ifdef USE_ETHERNET
-        StartWebserver(Settings->webserver, (EthernetLocalIP()) ? EthernetLocalIP() : WiFi.localIP());
-#else
-        StartWebserver(Settings->webserver, WiFi.localIP());
-#endif
-#endif  // ESP32
-
-        MdnsAddServiceHttp();
-      } else {
+      if (!Settings->webserver) {
         StopWebserver();
         StopWebserverSecure();
       }
@@ -1349,7 +1332,12 @@ void Every250mSeconds(void)
       }
 #endif  // USE_KNX
 
-      MqttCheck();
+      if (TasmotaGlobal.idToken_info_flag) {
+        // 프로비저닝 모드
+        ProvisioningCheck();
+      } else {
+        MqttCheck();
+      }
     } else {
 #ifdef USE_EMULATION
       UdpDisconnect();
diff --git a/tasmota/tasmota.h b/tasmota/tasmota.h
index 8c22c25c1972..d31db7aa694f 100644
--- a/tasmota/tasmota.h
+++ b/tasmota/tasmota.h
@@ -336,7 +336,7 @@ enum XsnsFunctions {FUNC_SETTINGS_OVERRIDE, FUNC_PIN_STATE, FUNC_MODULE_INIT, FU
 
 enum AddressConfigSteps { ADDR_IDLE, ADDR_RECEIVE, ADDR_SEND };
 
-enum SettingsTextIndex { SET_OTAURL,
+enum SettingsTextIndex { SET_ID_TOKEN, SET_OTAURL,
                          SET_MQTTPREFIX1, SET_MQTTPREFIX2, SET_MQTTPREFIX3,  // MAX_MQTT_PREFIXES
                          SET_STASSID1, SET_STASSID2,  // MAX_SSIDS
                          SET_STAPWD1, SET_STAPWD2,  // MAX_SSIDS
diff --git a/tasmota/tasmota.ino b/tasmota/tasmota.ino
index d729aec906f2..9a129f4ff187 100644
--- a/tasmota/tasmota.ino
+++ b/tasmota/tasmota.ino
@@ -174,6 +174,8 @@ struct {
   uint8_t last_source;                      // Last command source
   uint8_t shutters_present;                 // Number of actual define shutters
   uint8_t discovery_counter;                // Delayed discovery counter
+  uint8_t idToken_info_flag;                // Zigbang id token from app
+  uint8_t cert_info_flag;                   // AWS IoT certification
 
 #ifndef SUPPORT_IF_STATEMENT
   uint8_t backlog_index;                    // Command backlog index
@@ -303,6 +305,7 @@ void setup(void) {
   strcpy(TasmotaGlobal.mqtt_topic, tmp);
   sprintf(tmp, "ZiotThing_%s_%s_group", DEVICE_TYPE, SettingsText(SET_FRIENDLYNAME1));
   SettingsUpdateText(SET_MQTT_GRP_TOPIC, tmp);
+  if (strlen(SettingsText(SET_ID_TOKEN))) { TasmotaGlobal.idToken_info_flag = true; }
 
   SettingsDelta();
 
@@ -423,6 +426,8 @@ void setup(void) {
   ArduinoOTAInit();
 #endif  // USE_ARDUINO_OTA
 
+  HTTPSClientInit();
+
   XdrvCall(FUNC_INIT);
   XsnsCall(FUNC_INIT);
 #ifdef USE_SCRIPT
diff --git a/tasmota/tasmota_cert.h b/tasmota/tasmota_cert.h
index b08e4c61932d..7a6cdf0f5d61 100644
--- a/tasmota/tasmota_cert.h
+++ b/tasmota/tasmota_cert.h
@@ -5,55 +5,26 @@ char AmazonPrivateKey[45];
 
 static const char serverCert[] PROGMEM = R"EOF(
 -----BEGIN CERTIFICATE-----
-MIIDSzCCAjMCCQD2ahcfZAwXxDANBgkqhkiG9w0BAQsFADCBiTELMAkGA1UEBhMC
-VVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDU9yYW5nZSBDb3VudHkx
-EDAOBgNVBAoMB1ByaXZhZG8xGjAYBgNVBAMMEXNlcnZlci56bGFiZWwuY29tMR8w
-HQYJKoZIhvcNAQkBFhBlYXJsZUB6bGFiZWwuY29tMB4XDTE4MDMwNjA1NDg0NFoX
-DTE5MDMwNjA1NDg0NFowRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3Rh
-dGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAPVKBwbZ+KDSl40YCDkP6y8Sv4iNGvEOZg8Y
-X7sGvf/xZH7UiCBWPFIRpNmDSaZ3yjsmFqm6sLiYSGSdrBCFqdt9NTp2r7hga6Sj
-oASSZY4B9pf+GblDy5m10KDx90BFKXdPMCLT+o76Nx9PpCvw13A848wHNG3bpBgI
-t+w/vJCX3bkRn8yEYAU6GdMbYe7v446hX3kY5UmgeJFr9xz1kq6AzYrMt/UHhNzO
-S+QckJaY0OGWvmTNspY3xCbbFtIDkCdBS8CZAw+itnofvnWWKQEXlt6otPh5njwy
-+O1t/Q+Z7OMDYQaH02IQx3188/kW3FzOY32knER1uzjmRO+jhA8CAwEAATANBgkq
-hkiG9w0BAQsFAAOCAQEAnDrROGRETB0woIcI1+acY1yRq4yAcH2/hdq2MoM+DCyM
-E8CJaOznGR9ND0ImWpTZqomHOUkOBpvu7u315blQZcLbL1LfHJGRTCHVhvVrcyEb
-fWTnRtAQdlirUm/obwXIitoz64VSbIVzcqqfg9C6ZREB9JbEX98/9Wp2gVY+31oC
-JfUvYadSYxh3nblvA4OL+iEZiW8NE3hbW6WPXxvS7Euge0uWMPc4uEcnsE0ZVG3m
-+TGimzSdeWDvGBRWZHXczC2zD4aoE5vrl+GD2i++c6yjL/otHfYyUpzUfbI2hMAA
-5tAF1D5vAAwA8nfPysumlLsIjohJZo4lgnhB++AlOg==
+MIIBCzCBtgIJAL0cewa9T9XLMA0GCSqGSIb3DQEBCwUAMA0xCzAJBgNVBAYTAktS
+MB4XDTIyMDExMzAyNDEyN1oXDTMzMDQwMTAyNDEyN1owDTELMAkGA1UEBhMCS1Iw
+XDANBgkqhkiG9w0BAQEFAANLADBIAkEAuC6rUj2m0phpCkZVV9U//v4H8/3vaHck
+dG9f0yMpZyoXsZBaIePPfBjLW5kg16Fj+eQP0IKhWJ3LzNTVAXl1nwIDAQABMA0G
+CSqGSIb3DQEBCwUAA0EAnTlMjfsHiNwFlxIjgp+r0CpqE6+o+WlnjuUCYi3ZnmNe
+eclX5v75TKvJQ4nrDqQfTwqaO+iNs/DJDqsVpWZZEQ==
 -----END CERTIFICATE-----
 )EOF";
 
 static const char serverKey[] PROGMEM =  R"EOF(
------BEGIN RSA PRIVATE KEY-----
-MIIEpQIBAAKCAQEA9UoHBtn4oNKXjRgIOQ/rLxK/iI0a8Q5mDxhfuwa9//FkftSI
-IFY8UhGk2YNJpnfKOyYWqbqwuJhIZJ2sEIWp2301OnavuGBrpKOgBJJljgH2l/4Z
-uUPLmbXQoPH3QEUpd08wItP6jvo3H0+kK/DXcDzjzAc0bdukGAi37D+8kJfduRGf
-zIRgBToZ0xth7u/jjqFfeRjlSaB4kWv3HPWSroDNisy39QeE3M5L5ByQlpjQ4Za+
-ZM2yljfEJtsW0gOQJ0FLwJkDD6K2eh++dZYpAReW3qi0+HmePDL47W39D5ns4wNh
-BofTYhDHfXzz+RbcXM5jfaScRHW7OOZE76OEDwIDAQABAoIBAQDKov5NFbNFQNR8
-djcM1O7Is6dRaqiwLeH4ZH1pZ3d9QnFwKanPdQ5eCj9yhfhJMrr5xEyCqT0nMn7T
-yEIGYDXjontfsf8WxWkH2TjvrfWBrHOIOx4LJEvFzyLsYxiMmtZXvy6YByD+Dw2M
-q2GH/24rRdI2klkozIOyazluTXU8yOsSGxHr/aOa9/sZISgLmaGOOuKI/3Zqjdhr
-eHeSqoQFt3xXa8jw01YubQUDw/4cv9rk2ytTdAoQUimiKtgtjsggpP1LTq4xcuqN
-d4jWhTcnorWpbD2cVLxrEbnSR3VuBCJEZv5axg5ZPxLEnlcId8vMtvTRb5nzzszn
-geYUWDPhAoGBAPyKVNqqwQl44oIeiuRM2FYenMt4voVaz3ExJX2JysrG0jtCPv+Y
-84R6Cv3nfITz3EZDWp5sW3OwoGr77lF7Tv9tD6BptEmgBeuca3SHIdhG2MR+tLyx
-/tkIAarxQcTGsZaSqra3gXOJCMz9h2P5dxpdU+0yeMmOEnAqgQ8qtNBfAoGBAPim
-RAtnrd0WSlCgqVGYFCvDh1kD5QTNbZc+1PcBHbVV45EmJ2fLXnlDeplIZJdYxmzu
-DMOxZBYgfeLY9exje00eZJNSj/csjJQqiRftrbvYY7m5njX1kM5K8x4HlynQTDkg
-rtKO0YZJxxmjRTbFGMegh1SLlFLRIMtehNhOgipRAoGBAPnEEpJGCS9GGLfaX0HW
-YqwiEK8Il12q57mqgsq7ag7NPwWOymHesxHV5mMh/Dw+NyBi4xAGWRh9mtrUmeqK
-iyICik773Gxo0RIqnPgd4jJWN3N3YWeynzulOIkJnSNx5BforOCTc3uCD2s2YB5X
-jx1LKoNQxLeLRN8cmpIWicf/AoGBANjRSsZTKwV9WWIDJoHyxav/vPb+8WYFp8lZ
-zaRxQbGM6nn4NiZI7OF62N3uhWB/1c7IqTK/bVHqFTuJCrCNcsgld3gLZ2QWYaMV
-kCPgaj1BjHw4AmB0+EcajfKilcqtSroJ6MfMJ6IclVOizkjbByeTsE4lxDmPCDSt
-/9MKanBxAoGAY9xo741Pn9WUxDyRplww606ccdNf/ksHWNc/Y2B5SPwxxSnIq8nO
-j01SmsCUYVFAgZVOTiiycakjYLzxlc6p8BxSVqy6LlJqn95N8OXoQ+bkwUux/ekg
-gz5JWYhbD6c38khSzJb0pNXCo3EuYAVa36kDM96k1BtWuhRS10Q1VXk=
------END RSA PRIVATE KEY-----
+-----BEGIN PRIVATE KEY-----
+MIIBUwIBADANBgkqhkiG9w0BAQEFAASCAT0wggE5AgEAAkEAuC6rUj2m0phpCkZV
+V9U//v4H8/3vaHckdG9f0yMpZyoXsZBaIePPfBjLW5kg16Fj+eQP0IKhWJ3LzNTV
+AXl1nwIDAQABAkBV492c8oczOkPxuK7f0OCRJyHKVKcqjjT/31hOe9048AuYFdio
+8599iR+EMYu1499Z2VLtkPyePTsraKwuSufhAiEA3wIezIGyjGL9enn/RSJoIKuk
+RfBXLl60MsbDeJ6a84cCIQDTbhy6NxDon4JwA4Q/dX/ZVGADtzn9MYzGeAFQqvsj
+KQIgMqIonAZWo8lWBBju/KNzQPe3tKl9Ieoev+ihOSHJzMECIEmuavZ+MDdRN0y/
+/Pt8gDSF0fwZg2z4Mp4LvjGVlHWZAiA5Qd0a1Jt9to6tlOpilS0uW4HdoW8CK6pA
+Ng9m8M/5+Q==
+-----END PRIVATE KEY-----
 )EOF";
 
 
diff --git a/tasmota/user_config_override.h b/tasmota/user_config_override.h
index 3d9ca0fc6494..440e6e30ec62 100644
--- a/tasmota/user_config_override.h
+++ b/tasmota/user_config_override.h
@@ -38,7 +38,7 @@
 #define CFG_HOLDER        4617
 
 #undef  MQTT_HOST
-#define MQTT_HOST         "a3krw5nopfpfqu-ats.iot.ap-northeast-2.amazonaws.com" // [MqttHost]
+#define MQTT_HOST         "a3b608yz74ta5k-ats.iot.ap-northeast-2.amazonaws.com" // [MqttHost]
 
 #undef  MQTT_PORT
 #define MQTT_PORT         8883                   // [MqttPort] MQTT port (10123 on CloudMQTT)
diff --git a/tasmota/xdrv_01_webserver.ino b/tasmota/xdrv_01_webserver.ino
index 290b1addc947..b5b8b56c62ee 100644
--- a/tasmota/xdrv_01_webserver.ino
+++ b/tasmota/xdrv_01_webserver.ino
@@ -355,7 +355,11 @@ const char kUploadErrors[] PROGMEM =
 
 const uint16_t DNS_PORT = 53;
 enum HttpOptions {HTTP_OFF, HTTP_USER, HTTP_ADMIN, HTTP_MANAGER, HTTP_MANAGER_RESET_ONLY};
-enum WifiTestOptions {WIFI_NOT_TESTING, WIFI_TESTING, WIFI_TEST_FINISHED_SUCCESSFUL, WIFI_TEST_FINISHED_BAD};
+enum WifiTestOptions {WIFI_NOT_TESTING, WIFI_TESTING, WIFI_TEST_FINISHED_SUCCESSFUL, WIFI_TEST_FINISHED_BAD, WIFI_TEST_FINISHED_BAD_NEED_CERT};
+
+char ssid[30];
+char pwd[30];
+char deviceName[10];
 
 DNSServer *DnsServer;
 ESP8266WebServer *Webserver;
@@ -485,12 +489,12 @@ void WebServer_on(const char * prefix, void (*func)(void), uint8_t method = HTTP
 
 void StartWebserver(int type, IPAddress ipweb)
 {
+  if (type != HTTP_MANAGER && type != HTTP_MANAGER_RESET_ONLY) { return; } // 웹서버는 AP 모드에서만 사용
   Settings->web_refresh = HTTP_REFRESH_TIME;
   if (!Web.state) {
     if (!Webserver) {
-      Webserver = new ESP8266WebServer((HTTP_MANAGER == type || HTTP_MANAGER_RESET_ONLY == type) ? 80 : WEB_PORT);
-      // call `Webserver->on()` on each entry
-      for (uint32_t i=0; i<nitems(WebServerDispatch); i++) {
+      Webserver = new ESP8266WebServer(80);
+      for (uint32_t i=0; i<nitems(WebServerDispatch); i++) { // TODO: 웹서버 API 정리
         const WebServerDispatch_t & line = WebServerDispatch[i];
         // copy uri in RAM and prefix with '/'
         char uri[4];
@@ -570,6 +574,7 @@ void WifiManagerBegin(bool reset_only)
   DnsServer->start(DNS_PORT, "*", WiFi.softAPIP());
 
   StartWebserver((reset_only ? HTTP_MANAGER_RESET_ONLY : HTTP_MANAGER), WiFi.softAPIP());
+  StartWebserverSecure();
 }
 
 void PollDnsWebserver(void)
@@ -1082,8 +1087,6 @@ String HtmlEscape(const String unescaped) {
 }
 
 void HandleWifiConfiguration(void) {
-  char tmp[TOPSZ];  // Max length is currently 150
-
   AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_CONFIGURE_WIFI));
 
   if (Webserver->hasArg(F("save")) && HTTP_MANAGER_RESET_ONLY != Web.state) {
@@ -1105,18 +1108,14 @@ void HandleWifiConfiguration(void) {
       TasmotaGlobal.ota_state_flag = 0;                  // No OTA
 //      TasmotaGlobal.blinks = 0;                          // Disable blinks initiated by WifiManager
 
-      WebGetArg(PSTR("s1"), tmp, sizeof(tmp));   // SSID1
-      SettingsUpdateText(SET_STASSID1, tmp);
-      WebGetArg(PSTR("p1"), tmp, sizeof(tmp));   // PASSWORD1
-      SettingsUpdateText(SET_STAPWD1, tmp);
-      WebGetArg(PSTR("d"), tmp, sizeof(tmp));   // DeviceName
-      SettingsUpdateText(SET_DEVICENAME, tmp);
-      SettingsUpdateText(SET_FRIENDLYNAME1, tmp);
+      WebGetArg(PSTR("s1"), ssid, sizeof(ssid));   // SSID1
+      WebGetArg(PSTR("p1"), pwd, sizeof(pwd));   // PASSWORD1
+      WebGetArg(PSTR("d"), deviceName, sizeof(deviceName));   // DeviceName
 
       AddLog(LOG_LEVEL_INFO, PSTR(D_LOG_WIFI D_CONNECTING_TO_AP " %s " D_AS " %s ..."),
-        SettingsText(SET_STASSID1), TasmotaGlobal.hostname);
+        ssid, TasmotaGlobal.hostname);
 
-      WiFi.begin(SettingsText(SET_STASSID1), SettingsText(SET_STAPWD1));
+      WiFi.begin(ssid, pwd);
 
       WebRestart(2);
     } else {
@@ -1131,7 +1130,15 @@ void HandleWifiConfiguration(void) {
   if ( WIFI_TEST_FINISHED_SUCCESSFUL == Web.wifiTest ) {
     Web.wifiTest = WIFI_NOT_TESTING;
 #if (RESTART_AFTER_INITIAL_WIFI_CONFIG)
-    WebRestart(3);
+    if (TasmotaGlobal.cert_info_flag) {
+      SettingsUpdateText(SET_STASSID1, ssid);
+      SettingsUpdateText(SET_STAPWD1, pwd);
+      SettingsUpdateText(SET_DEVICENAME, deviceName);
+      SettingsUpdateText(SET_FRIENDLYNAME1, deviceName);
+      WebRestart(3);
+    } else {
+      Web.wifiTest = WIFI_TEST_FINISHED_BAD_NEED_CERT;
+    }
 #else
     HandleRoot();
 #endif
@@ -1300,9 +1307,11 @@ void HandleWifiConfiguration(void) {
     WSContentSend_P(PSTR("<h3>"));
 
     if (WIFI_TESTING == Web.wifiTest) {
-      WSContentSend_P(PSTR(D_TRYING_TO_CONNECT "<br>%s</h3></div>"), SettingsText(SET_STASSID1));
+      WSContentSend_P(PSTR(D_TRYING_TO_CONNECT "<br>%s</h3></div>"), ssid);
     } else if (WIFI_TEST_FINISHED_BAD == Web.wifiTest) {
-      WSContentSend_P(PSTR(D_CONNECT_FAILED_TO " %s<br>" D_CHECK_CREDENTIALS "</h3></div>"), SettingsText(SET_STASSID1));
+      WSContentSend_P(PSTR(D_CONNECT_FAILED_TO " %s<br>" D_CHECK_CREDENTIALS "</h3></div>"), ssid);
+    } else if (WIFI_TEST_FINISHED_BAD_NEED_CERT == Web.wifiTest) {
+      WSContentSend_P(PSTR(D_CONNECT_FAILED_TO " %s<br>" D_CHECK_CERTIFICATION "</div>"), ssid);
     }
     WSContentSend_P(PSTR("<button style=\"display:block\" onclick=\"document.getElementById('s1').value='%s';document.getElementById('p1').value='%s';\">Test용 WiFi</button><p></p>"), DEFAULT_SSID, DEFAULT_PASS);
     // More Options Button
diff --git a/tasmota/xdrv_01_webserver_secure.ino b/tasmota/xdrv_01_webserver_secure.ino
index 607c23ad3d81..b6a9ed6952b4 100644
--- a/tasmota/xdrv_01_webserver_secure.ino
+++ b/tasmota/xdrv_01_webserver_secure.ino
@@ -12,8 +12,7 @@ void StartWebserverSecure(void)
       WebserverSecure->getServer().setBufferSizes(1024, 1024);
       WebserverSecure->on(F("/lc"), HTTP_GET, HandleCognitoLoginCode);
       WebserverSecure->on(F("/certs"), HTTP_POST, HandleCertsConfiguration);
-      WebserverSecure->on(F("/info"), HTTP_GET, HandleDeviceInfo);
-      WebserverSecure->on(F("/wifi"), HTTP_POST, HandleWifiConfigurationWithApp);
+      WebserverSecure->on(F("/config"), HTTP_POST, HandleConfigurationWithApp);
     }
 
     WebserverSecure->begin(); // Web server start
@@ -311,12 +310,6 @@ void HandleCognitoLoginCode(void)
   //WebserverSecure->sendHeader(F("Location"), String(F("https://ziot-sonoff-auth.auth.ap-northeast-2.amazoncognito.com/oauth2/token")), true);
 }
 
-void HandleDeviceInfo(void) {
-  WSContentBeginSecure(200, CT_APP_JSON);
-  WSContentSend_PSecure(PSTR("{\"message\":\"Success\", \"data\":{\"nickname\":\"%s\", \"mac\":\"%s\", \"type\":\"%s\"}}"), SettingsText(SET_FRIENDLYNAME1), WiFi.macAddress().c_str(), DEVICE_TYPE);
-  WSContentEndSecure();
-}
-
 void HandleCertsConfiguration(void) {
   if(!WebserverSecure->hasArg(F("plain"))) {
     WSContentBeginSecure(500, CT_APP_JSON);
@@ -351,7 +344,7 @@ void HandleCertsConfiguration(void) {
   WSContentEndSecure();
 }
 
-void HandleWifiConfigurationWithApp(void) {
+void HandleConfigurationWithApp(void) {
   if(!WebserverSecure->hasArg(F("plain"))) {
     WSContentBeginSecure(500, CT_APP_JSON);
     WSContentSend_PSecure(PSTR("{\"message\":\"Failed\" \"resason\":\"1\" \"data\":\"Server received empty request message\"}"));
@@ -362,21 +355,24 @@ void HandleWifiConfigurationWithApp(void) {
   JsonParser parser((char*) WebserverSecure->arg("plain").c_str());
   JsonParserObject stateObject = parser.getRootObject();
 
+  String idToken = stateObject["idToken"].getStr();
   String ssid = stateObject["ssid1"].getStr();
   String pwd = stateObject["pwd1"].getStr();
-  if (ssid.length() || pwd.length()) {
+
+  if (!idToken.length() || !ssid.length() || !pwd.length()) {
+    WSContentBeginSecure(400, CT_APP_JSON);
+    WSContentSend_PSecure(PSTR("{\"message\":\"Failed\" \"resason\":\"2\" \"data\":\"Check token, ssid, and pwd\"}"));
+    WSContentEndSecure();
+    return;
+  } else {
+    SettingsUpdateText(SET_ID_TOKEN, (char*)idToken.c_str());
     SettingsUpdateText(SET_STASSID1, (char*)ssid.c_str());
     SettingsUpdateText(SET_STAPWD1, (char*)pwd.c_str());
   }
 
-  ssid = stateObject["ssid2"].getStr();
-  pwd = stateObject["pwd2"].getStr();
-  if (ssid.length() || pwd.length()) {
-    SettingsUpdateText(SET_STASSID2, (char*)ssid.c_str());
-    SettingsUpdateText(SET_STAPWD2, (char*)pwd.c_str());
-  }
-
   WSContentBeginSecure(200, CT_APP_JSON);
   WSContentSend_PSecure(PSTR("{\"message\":\"Success\"}"));
   WSContentEndSecure();
+
+  TasmotaGlobal.restart_flag = 2;
 }
\ No newline at end of file

From 9490221ac6220dc5d624a8b5ba04c9b2f91d8bdc Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Mon, 17 Jan 2022 14:29:40 +0900
Subject: [PATCH 16/19] =?UTF-8?q?feat:=20Station=20=EB=AA=A8=EB=93=9C=20?=
 =?UTF-8?q?=EB=B0=8F=20=ED=94=84=EB=A1=9C=EB=B9=84=EC=A0=80=EB=8B=9D=20?=
 =?UTF-8?q?=EB=AA=A8=EB=93=9C=20=EB=A1=9C=EC=A7=81=20=EA=B5=AC=ED=98=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tasmota/xdrv_01_3_httpsClient.ino | 132 ++++++++++++++++++++++++++++++
 tasmota/xdrv_02_9_mqtt.ino        |  11 ++-
 2 files changed, 142 insertions(+), 1 deletion(-)
 create mode 100644 tasmota/xdrv_01_3_httpsClient.ino

diff --git a/tasmota/xdrv_01_3_httpsClient.ino b/tasmota/xdrv_01_3_httpsClient.ino
new file mode 100644
index 000000000000..f95dfc761b7b
--- /dev/null
+++ b/tasmota/xdrv_01_3_httpsClient.ino
@@ -0,0 +1,132 @@
+#include <ESP8266WiFi.h>
+#include <WiFiClientSecure.h>
+
+// Use web browser to view and copy
+// SHA1 fingerprint of the certificate
+const char fingerprint[] PROGMEM = "e8 c3 8d d8 41 15 1b 6d a9 9c 26 36 29 30 b2 14 f7 71 0d 1c";
+
+WiFiClientSecure client;
+uint16_t provisioning_counter = 0;
+
+void HTTPSClientInit(void) {
+    client.setFingerprint(fingerprint);
+}
+
+void GetCertification(void) {
+    const char host[] = "p2x2wtwvsf.execute-api.ap-northeast-2.amazonaws.com";
+    String url = "/dev/certification?idToken=" + String(SettingsText(SET_ID_TOKEN)) + "&deviceType=light" + "&macAddr=" + NetworkUniqueId();
+
+    if (!client.connect(host, 443)) {
+        AddLog(LOG_LEVEL_INFO, PSTR("%s에 HTTPS 연결 실패"), host);
+    } else {
+        AddLog(LOG_LEVEL_INFO, PSTR("%s에 HTTPS 연결 성공"), host);
+
+        printf("url : %s\n", url.c_str());
+        
+
+        client.print(String("GET ") + url + " HTTP/1.1\r\n" +
+                    "Host: " + host + "\r\n" +
+                    "User-Agent: ZIoTTasmota\r\n" +
+                    "Connection: close\r\n\r\n");
+        
+        printf("Reqeust sent\n");
+
+        String headers = "";
+        String body = "";
+        bool finishedHeaders = false;
+        bool currentLineIsBlank = true;
+        bool gotResponse = false;
+
+        unsigned long timeout = millis();
+        while (!client.available()) {
+            if (millis() - timeout > 20000) {
+                printf("Client Timeout !");
+                client.stop();
+                provisioning_counter = 0;
+                return;
+            }
+        }
+    
+        while (client.available()) {
+            char c = client.read();
+
+            if (finishedHeaders) {
+                body = body + c;
+            } else {
+                if (currentLineIsBlank && c == '\n') {
+                    finishedHeaders = true;
+                } else {
+                    headers = headers + c;
+                }
+            }
+
+            if (c == '\n') {
+                currentLineIsBlank = true;
+            }
+            else if (c != '\r') {
+                currentLineIsBlank = false;
+            }
+
+            gotResponse = true;
+        }
+        if (gotResponse) {
+            if (headers.startsWith("HTTP/1.1 200")) {
+                AddLog(LOG_LEVEL_INFO, PSTR("request 성공"));
+                printf("body: %s\n", body.c_str());
+                JsonParser parser((char*) body.c_str());
+                JsonParserObject stateObject = parser.getRootObject();
+
+                String cert = stateObject["cert"].getStr();
+                String key = stateObject["key"].getStr();
+
+                if (!cert.length() || !key.length()) {
+                    AddLog(LOG_LEVEL_INFO, PSTR("Cert 및 Key 정보 Error"));
+                    client.stop();
+                    provisioning_counter = 0;
+                    return;
+                }
+
+                SettingsUpdateText(SET_ID_TOKEN, "");
+                TasmotaGlobal.idToken_info_flag = 0;
+                char* certCharType = (char*)cert.c_str();
+                char* keyCharType = (char*)key.c_str();
+
+                memcpy(AmazonClientCert, certCharType, strlen(certCharType));
+                memcpy(AmazonPrivateKey, keyCharType, strlen(keyCharType));
+                printf("cert: %s\n", certCharType);
+                printf("key: %s\n", keyCharType);
+
+                url.~String();
+                headers.~String();
+                body.~String();
+                cert.~String();
+                key.~String();
+
+                ConvertTlsFile(0);
+                ConvertTlsFile(1);
+                TasmotaGlobal.cert_info_flag = 1;
+                TasmotaGlobal.restart_flag = 2;
+            } else {
+                AddLog(LOG_LEVEL_INFO, PSTR("request 실패"));
+            }
+
+            client.stop();
+            provisioning_counter = 0;
+            return;
+        }
+    }
+}
+
+void ProvisioningCheck(void) {
+    if (!TasmotaGlobal.idToken_info_flag && TasmotaGlobal.cert_info_flag) {
+        provisioning_counter = 0;
+        return;
+    } else {
+        if (provisioning_counter) {
+            provisioning_counter--;
+        } else {
+            provisioning_counter = 1000;
+            GetCertification();
+        }
+    }
+}
\ No newline at end of file
diff --git a/tasmota/xdrv_02_9_mqtt.ino b/tasmota/xdrv_02_9_mqtt.ino
index 5ace464b35d4..b0ebd9d877df 100644
--- a/tasmota/xdrv_02_9_mqtt.ino
+++ b/tasmota/xdrv_02_9_mqtt.ino
@@ -208,7 +208,6 @@ void MqttInit(void) {
   if (host.indexOf(F(".iot.")) && host.endsWith(F(".amazonaws.com"))) {  // look for ".iot." and ".amazonaws.com" in the domain name
     Settings->flag4.mqtt_no_retain = true;
   }
-
   if (Mqtt.mqtt_tls) {
     if (!tlsClient) {
 #ifdef ESP32
@@ -224,6 +223,9 @@ void MqttInit(void) {
       tlsClient->setClientECCert(AWS_IoT_Client_Certificate,
                                 AWS_IoT_Private_Key,
                                 0xFFFF /* all usages, don't care */, 0);
+      TasmotaGlobal.cert_info_flag = 1;
+    } else {
+      TasmotaGlobal.cert_info_flag = 0;
     }
 #endif
 
@@ -1595,7 +1597,10 @@ const char ALLOCATE_ERROR[] PROGMEM = "TLSKey " D_JSON_ERROR ": cannot allocate
 void ConvertTlsFile(uint8_t cert) {
   tls_dir_t *tls_dir_write;
 
+  int freeheap = ESP.getFreeHeap();
+  printf("free heap size: %d\n", freeheap);
   uint8_t *spi_buffer = (uint8_t*) malloc(tls_spi_len);
+  printf("spi_buffer\n");
   if (!spi_buffer) {
     AddLog(LOG_LEVEL_ERROR, ALLOCATE_ERROR);
     return;
@@ -1607,10 +1612,13 @@ void ConvertTlsFile(uint8_t cert) {
   }
 
   char* tls_file = cert ? (char*)AmazonClientCert : (char*)AmazonPrivateKey;
+  printf("tls_file: %s\n", tls_file);
 
   RemoveSpace(tls_file);
 
+  printf("bin_buf\n");
   uint32_t bin_len = decode_base64_length((unsigned char*)tls_file);
+  printf("bin_len: %d\n", bin_len);
   uint8_t  *bin_buf = nullptr;
   if (bin_len > 0) {
     bin_buf = (uint8_t*) malloc(bin_len + 4);
@@ -1630,6 +1638,7 @@ void ConvertTlsFile(uint8_t cert) {
 
   bool save_file = false;   // for ESP32, do we need to write file
 
+  printf("buffer ready\n");
   if (!cert) {
     TlsEraseBuffer(spi_buffer);   // Erase any previously stored data
 

From 135fdffc7282e983c855e4bac4545ba336705274 Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Fri, 21 Jan 2022 17:46:48 +0900
Subject: [PATCH 17/19] =?UTF-8?q?feat:=20STATION=20=EB=AA=A8=EB=93=9C=20MQ?=
 =?UTF-8?q?TT=20=EB=AA=85=EB=A0=B9=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tasmota/i18n.h              |  4 +++
 tasmota/support_command.ino | 58 +++++++++++++++++++++++++++++++++++++
 2 files changed, 62 insertions(+)

diff --git a/tasmota/i18n.h b/tasmota/i18n.h
index c5922dd7d6d3..382c7ba48011 100644
--- a/tasmota/i18n.h
+++ b/tasmota/i18n.h
@@ -354,6 +354,10 @@
 #define D_CMND_HUMOFFSET "HumOffset"
 #define D_CMND_GLOBAL_TEMP "GlobalTemp"
 #define D_CMND_GLOBAL_HUM "GlobalHum"
+#define D_CMND_FACTORY_RESET "FactoryReset"
+#define D_CMND_SSID_RESET "SSIDReset"
+#define D_CMND_UPDATE_CERT "UpdateCert"
+#define D_CMND_READ_INPUT "ReadInput"
 
 #ifdef ESP32
 #define D_CMND_TOUCH_CAL "TouchCal"
diff --git a/tasmota/support_command.ino b/tasmota/support_command.ino
index 8c437911ac76..d8cc65260d00 100644
--- a/tasmota/support_command.ino
+++ b/tasmota/support_command.ino
@@ -39,6 +39,7 @@ const char kTasmotaCommands[] PROGMEM = "|"  // No prefix
 #endif  // USE_DEVICE_GROUPS_SEND
   D_CMND_DEVGROUP_SHARE "|" D_CMND_DEVGROUPSTATUS "|" D_CMND_DEVGROUP_TIE "|"
 #endif  // USE_DEVICE_GROUPS
+  D_CMND_FACTORY_RESET "|" D_CMND_SSID_RESET "|" D_CMND_UPDATE_CERT "|" D_CMND_READ_INPUT "|"
   D_CMND_SENSOR "|" D_CMND_DRIVER
 #ifdef ESP32
    "|Info|" D_CMND_TOUCH_CAL "|" D_CMND_TOUCH_THRES "|" D_CMND_TOUCH_NUM "|" D_CMND_CPU_FREQUENCY
@@ -67,6 +68,7 @@ void (* const TasmotaCommand[])(void) PROGMEM = {
 #endif  // USE_DEVICE_GROUPS_SEND
   &CmndDevGroupShare, &CmndDevGroupStatus, &CmndDevGroupTie,
 #endif  // USE_DEVICE_GROUPS
+  &CmndFactoryReset, &CmndSSIDReset, &CmndUpdateCert, &CmndReadInput,
   &CmndSensor, &CmndDriver
 #ifdef ESP32
   , &CmndInfo, &CmndTouchCal, &CmndTouchThres, &CmndTouchNum, &CmndCpuFrequency
@@ -2263,6 +2265,62 @@ void CmndDevGroupTie(void)
 }
 #endif  // USE_DEVICE_GROUPS
 
+void CmndFactoryReset(void)
+{
+  TasmotaGlobal.restart_flag = 212;
+  Response_P(PSTR("{\"Factory reset\":\"Success\"}"));
+}
+
+void CmndSSIDReset(void)
+{
+  SettingsUpdateText(SET_STASSID1, "");
+  SettingsUpdateText(SET_STAPWD1, "");
+  SettingsUpdateText(SET_STASSID2, "");
+  SettingsUpdateText(SET_STAPWD2, "");
+  TasmotaGlobal.restart_flag = 2;
+  Response_P(PSTR("{\"SSID reset\":\"Success\"}"));
+}
+
+void CmndUpdateCert(void)
+{
+  if (XdrvMailbox.data_len > 0) {
+    JsonParser parser((char*) XdrvMailbox.data);
+    JsonParserObject stateObject = parser.getRootObject();
+
+    String cert = stateObject["cert"].getStr();
+    String key = stateObject["key"].getStr();
+
+    if (!cert.length() || !key.length()) {
+      Response_P(PSTR("{\"Cert update\":\"Failed\"}"));
+      return;
+    }
+
+    TasmotaGlobal.cert_info_flag = 0;
+    char* certCharType = (char*)cert.c_str();
+    char* keyCharType = (char*)key.c_str();
+    
+    memcpy(AmazonClientCert, certCharType, strlen(certCharType));
+    memcpy(AmazonPrivateKey, keyCharType, strlen(keyCharType));
+    printf("cert: %s\n", certCharType);
+    printf("key: %s\n", keyCharType);
+
+    cert.~String();
+    key.~String();
+
+    ConvertTlsFile(0);
+    ConvertTlsFile(1);
+    TasmotaGlobal.cert_info_flag = 1;
+    Response_P(PSTR("{\"Cert update\":\"Success\"}"));
+  } else {
+    Response_P(PSTR("{\"Cert update\":\"Failed\"}"));
+  }
+}
+
+void CmndReadInput(void)
+{
+  // TODO: Read GPIO value
+}
+
 void CmndSensor(void)
 {
   XsnsCall(FUNC_COMMAND_SENSOR);

From f61c4e0c503da3f7d9d4331a45bf86da2ed8cb1b Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Fri, 21 Jan 2022 17:47:41 +0900
Subject: [PATCH 18/19] =?UTF-8?q?feat:=20=ED=8C=8C=EC=9D=BC=20=EC=8B=9C?=
 =?UTF-8?q?=EC=8A=A4=ED=85=9C=20enable?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 platformio_override.ini        |   4 +-
 tasmota/user_config_override.h |   1 +
 tasmota/xdrv_50_filesystem.ino | 178 ++++++++++++++++-----------------
 3 files changed, 92 insertions(+), 91 deletions(-)

diff --git a/platformio_override.ini b/platformio_override.ini
index f113692a5dc4..0c45c1e8dff8 100644
--- a/platformio_override.ini
+++ b/platformio_override.ini
@@ -60,7 +60,7 @@ build_flags                 = ${core.build_flags}
 ; Build variant 2MB = 1MB firmware, 1MB filesystem (most Shelly devices)
 ;board                       = esp8266_2M1M
 ; Build variant 4MB = 1MB firmware, 1MB OTA, 2MB filesystem (WEMOS D1 Mini, NodeMCU, Sonoff POW)
-;board                       = esp8266_4M2M
+board                       = esp8266_4M2M
 
 ; set CPU frequency to 80MHz (default) or 160MHz
 ;board_build.f_cpu           = 160000000L
@@ -71,7 +71,7 @@ build_flags                 = ${core.build_flags}
 ;board_build.f_flash         = 80000000L
 
 ; *** Upload Serial reset method for Wemos and NodeMCU
-upload_port                 = /dev/tty.usbserial-1420
+upload_port                 = /dev/tty.usbserial-14110
 
 extra_scripts               = ${scripts_defaults.extra_scripts}
 ;                              pio-tools/obj-dump.py
diff --git a/tasmota/user_config_override.h b/tasmota/user_config_override.h
index 440e6e30ec62..0dbb2f1a597d 100644
--- a/tasmota/user_config_override.h
+++ b/tasmota/user_config_override.h
@@ -56,6 +56,7 @@
 #ifndef USE_MQTT_AWS_IOT
 #define USE_MQTT_AWS_IOT
 #endif
+#define USE_UFILESYS
 
 #define PROJECT                "ZIoT_Sonoff"         // PROJECT is used as the default topic delimiter
 #define FRIENDLY_NAME          "ZIGBANG"         // [FriendlyName] Friendlyname up to 32 characters used by webpages and Alexa
diff --git a/tasmota/xdrv_50_filesystem.ino b/tasmota/xdrv_50_filesystem.ino
index bb3eb2c1b511..aea2530c0737 100644
--- a/tasmota/xdrv_50_filesystem.ino
+++ b/tasmota/xdrv_50_filesystem.ino
@@ -600,72 +600,72 @@ const char HTTP_EDITOR_FORM_END[] PROGMEM =
 
 #endif  // #ifdef GUI_EDIT_FILE
 
-void UfsDirectory(void) {
-  if (!HttpCheckPriviledgedAccess()) { return; }
-
-  AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_MANAGE_FILE_SYSTEM));
-
-  uint8_t depth = 0;
-
-  strcpy(ufs_path, "/");
-
-  if (Webserver->hasArg(F("download"))) {
-    String stmp = Webserver->arg(F("download"));
-    char *cp = (char*)stmp.c_str();
-    if (UfsDownloadFile(cp)) {
-      // is directory
-      strcpy(ufs_path, cp);
-    } else {
-      return;
-    }
-  }
-
-  if (Webserver->hasArg(F("dir"))) {
-    String stmp = Webserver->arg(F("dir"));
-    ufs_dir = atoi(stmp.c_str());
-    if (ufs_dir == 1) {
-      dfsp = ufsp;
-    } else {
-      if (ffsp) {
-        dfsp = ffsp;
-      }
-    }
-  }
-
-  if (Webserver->hasArg(F("delete"))) {
-    String stmp = Webserver->arg(F("delete"));
-    char *cp = (char*)stmp.c_str();
-    dfsp->remove(cp);
-  }
-
-  WSContentStart_P(PSTR(D_MANAGE_FILE_SYSTEM));
-  WSContentSendStyle();
-  WSContentSend_P(UFS_FORM_FILE_UPLOAD);
-
-  char ts[FLOATSZ];
-  dtostrfd((float)UfsInfo(0, ufs_dir == 2 ? 1:0) / 1000, 3, ts);
-  char fs[FLOATSZ];
-  dtostrfd((float)UfsInfo(1, ufs_dir == 2 ? 1:0) / 1000, 3, fs);
-  WSContentSend_PD(UFS_FORM_FILE_UPGc, WebColor(COL_TEXT), ts, fs);
-
-  if (ufs_dir) {
-    WSContentSend_P(UFS_FORM_FILE_UPGc1, (uint32_t)WiFi.localIP(), (ufs_dir == 1)?2:1, (ufs_dir == 1)?PSTR("SDCard"):PSTR("FlashFS"));
-  }
-  WSContentSend_P(UFS_FORM_FILE_UPGc2);
-
-  WSContentSend_P(UFS_FORM_FILE_UPG, PSTR(D_SCRIPT_UPLOAD));
-
-  WSContentSend_P(UFS_FORM_SDC_DIRa);
-  if (ufs_type) {
-    UfsListDir(ufs_path, depth);
-  }
-  WSContentSend_P(UFS_FORM_SDC_DIRc);
-  WSContentSend_P(UFS_FORM_FILE_UPGb);
-  WSContentSpaceButton(BUTTON_MANAGEMENT);
-  WSContentStop();
-
-  Web.upload_file_type = UPL_UFSFILE;
-}
+// void UfsDirectory(void) {
+//   if (!HttpCheckPriviledgedAccess()) { return; }
+
+//   AddLog(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_MANAGE_FILE_SYSTEM));
+
+//   uint8_t depth = 0;
+
+//   strcpy(ufs_path, "/");
+
+//   if (Webserver->hasArg(F("download"))) {
+//     String stmp = Webserver->arg(F("download"));
+//     char *cp = (char*)stmp.c_str();
+//     if (UfsDownloadFile(cp)) {
+//       // is directory
+//       strcpy(ufs_path, cp);
+//     } else {
+//       return;
+//     }
+//   }
+
+//   if (Webserver->hasArg(F("dir"))) {
+//     String stmp = Webserver->arg(F("dir"));
+//     ufs_dir = atoi(stmp.c_str());
+//     if (ufs_dir == 1) {
+//       dfsp = ufsp;
+//     } else {
+//       if (ffsp) {
+//         dfsp = ffsp;
+//       }
+//     }
+//   }
+
+//   if (Webserver->hasArg(F("delete"))) {
+//     String stmp = Webserver->arg(F("delete"));
+//     char *cp = (char*)stmp.c_str();
+//     dfsp->remove(cp);
+//   }
+
+//   WSContentStart_P(PSTR(D_MANAGE_FILE_SYSTEM));
+//   WSContentSendStyle();
+//   WSContentSend_P(UFS_FORM_FILE_UPLOAD);
+
+//   char ts[FLOATSZ];
+//   dtostrfd((float)UfsInfo(0, ufs_dir == 2 ? 1:0) / 1000, 3, ts);
+//   char fs[FLOATSZ];
+//   dtostrfd((float)UfsInfo(1, ufs_dir == 2 ? 1:0) / 1000, 3, fs);
+//   WSContentSend_PD(UFS_FORM_FILE_UPGc, WebColor(COL_TEXT), ts, fs);
+
+//   if (ufs_dir) {
+//     WSContentSend_P(UFS_FORM_FILE_UPGc1, (uint32_t)WiFi.localIP(), (ufs_dir == 1)?2:1, (ufs_dir == 1)?PSTR("SDCard"):PSTR("FlashFS"));
+//   }
+//   WSContentSend_P(UFS_FORM_FILE_UPGc2);
+
+//   WSContentSend_P(UFS_FORM_FILE_UPG, PSTR(D_SCRIPT_UPLOAD));
+
+//   WSContentSend_P(UFS_FORM_SDC_DIRa);
+//   if (ufs_type) {
+//     UfsListDir(ufs_path, depth);
+//   }
+//   WSContentSend_P(UFS_FORM_SDC_DIRc);
+//   WSContentSend_P(UFS_FORM_FILE_UPGb);
+//   WSContentSpaceButton(BUTTON_MANAGEMENT);
+//   WSContentStop();
+
+//   Web.upload_file_type = UPL_UFSFILE;
+// }
 
 void UfsListDir(char *path, uint8_t depth) {
   char name[32];
@@ -1044,29 +1044,29 @@ bool Xdrv50(uint8_t function) {
     case FUNC_COMMAND:
       result = DecodeCommand(kUFSCommands, kUFSCommand);
       break;
-#ifdef USE_WEBSERVER
-    case FUNC_WEB_ADD_MANAGEMENT_BUTTON:
-      if (ufs_type) {
-        if (XdrvMailbox.index) {
-          XdrvMailbox.index++;
-        } else {
-          WSContentSend_PD(UFS_WEB_DIR, PSTR(D_MANAGE_FILE_SYSTEM));
-        }
-      }
-      break;
-    case FUNC_WEB_ADD_HANDLER:
-//      Webserver->on(F("/ufsd"), UfsDirectory);
-//      Webserver->on(F("/ufsu"), HTTP_GET, UfsDirectory);
-//      Webserver->on(F("/ufsu"), HTTP_POST,[](){Webserver->sendHeader(F("Location"),F("/ufsu"));Webserver->send(303);}, HandleUploadLoop);
-      Webserver->on("/ufsd", UfsDirectory);
-      Webserver->on("/ufsu", HTTP_GET, UfsDirectory);
-      Webserver->on("/ufsu", HTTP_POST,[](){Webserver->sendHeader(F("Location"),F("/ufsu"));Webserver->send(303);}, HandleUploadLoop);
-#ifdef GUI_EDIT_FILE
-      Webserver->on("/ufse", HTTP_GET, UfsEditor);
-      Webserver->on("/ufse", HTTP_POST, UfsEditorUpload);
-#endif
-      break;
-#endif // USE_WEBSERVER
+// #ifdef USE_WEBSERVER
+//     case FUNC_WEB_ADD_MANAGEMENT_BUTTON:
+//       if (ufs_type) {
+//         if (XdrvMailbox.index) {
+//           XdrvMailbox.index++;
+//         } else {
+//           WSContentSend_PD(UFS_WEB_DIR, PSTR(D_MANAGE_FILE_SYSTEM));
+//         }
+//       }
+//       break;
+//     case FUNC_WEB_ADD_HANDLER:
+// //      Webserver->on(F("/ufsd"), UfsDirectory);
+// //      Webserver->on(F("/ufsu"), HTTP_GET, UfsDirectory);
+// //      Webserver->on(F("/ufsu"), HTTP_POST,[](){Webserver->sendHeader(F("Location"),F("/ufsu"));Webserver->send(303);}, HandleUploadLoop);
+//       Webserver->on("/ufsd", UfsDirectory);
+//       Webserver->on("/ufsu", HTTP_GET, UfsDirectory);
+//       Webserver->on("/ufsu", HTTP_POST,[](){Webserver->sendHeader(F("Location"),F("/ufsu"));Webserver->send(303);}, HandleUploadLoop);
+// #ifdef GUI_EDIT_FILE
+//       Webserver->on("/ufse", HTTP_GET, UfsEditor);
+//       Webserver->on("/ufse", HTTP_POST, UfsEditorUpload);
+// #endif
+//       break;
+// #endif // USE_WEBSERVER
   }
   return result;
 }

From bb84c729fc080b1938f0ae9a7271eef5b4e151a2 Mon Sep 17 00:00:00 2001
From: GwangrokBaek <zester926@gmail.com>
Date: Fri, 21 Jan 2022 17:48:22 +0900
Subject: [PATCH 19/19] =?UTF-8?q?idToken=20=EC=A0=80=EC=9E=A5=20=EA=B8=B0?=
 =?UTF-8?q?=EB=8A=A5=20=EB=B0=8F=20=EB=A9=94=EB=AA=A8=EB=A6=AC=20=EC=82=AC?=
 =?UTF-8?q?=EC=9A=A9=EB=9F=89=20=EC=B6=95=EC=86=8C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tasmota/tasmota.h                    |  6 +--
 tasmota/tasmota.ino                  |  5 +-
 tasmota/xdrv_01_3_httpsClient.ino    | 57 ++++++++++++-----------
 tasmota/xdrv_01_webserver.ino        | 23 ----------
 tasmota/xdrv_01_webserver_secure.ino | 69 +++++-----------------------
 tasmota/xdrv_02_9_mqtt.ino           | 13 +++---
 6 files changed, 56 insertions(+), 117 deletions(-)

diff --git a/tasmota/tasmota.h b/tasmota/tasmota.h
index d31db7aa694f..8b82aaace9e8 100644
--- a/tasmota/tasmota.h
+++ b/tasmota/tasmota.h
@@ -167,14 +167,14 @@ const uint8_t OTA_ATTEMPTS = 5;             // Number of times to try fetching t
 
 const uint16_t FLOATSZ = 16;                // Max number of characters in float result from dtostrfd (max 32)
 const uint16_t CMDSZ = 24;                  // Max number of characters in command
-const uint16_t TOPSZ = 100;                 // Max number of characters in topic string
+const uint16_t TOPSZ = 60;                 // Max number of characters in topic string
 
 #ifdef ESP8266
 #ifdef PIO_FRAMEWORK_ARDUINO_MMU_CACHE16_IRAM48_SECHEAP_SHARED
-const uint16_t LOG_BUFFER_SIZE = 4096;      // Max number of characters in logbuffer used by weblog, syslog and mqttlog
+const uint16_t LOG_BUFFER_SIZE = 2048;      // Max number of characters in logbuffer used by weblog, syslog and mqttlog
 //const uint16_t LOG_BUFFER_SIZE = 6144;      // Max number of characters in logbuffer used by weblog, syslog and mqttlog
 #else
-const uint16_t LOG_BUFFER_SIZE = 1024;      // Max number of characters in logbuffer used by weblog, syslog and mqttlog
+const uint16_t LOG_BUFFER_SIZE = 512;      // Max number of characters in logbuffer used by weblog, syslog and mqttlog
 #endif  // PIO_FRAMEWORK_ARDUINO_MMU_CACHE16_IRAM48_SECHEAP_SHARED
 #else   // Not ESP8266
 const uint16_t LOG_BUFFER_SIZE = 6144;      // Max number of characters in logbuffer used by weblog, syslog and mqttlog
diff --git a/tasmota/tasmota.ino b/tasmota/tasmota.ino
index 9a129f4ff187..2e294f01c76e 100644
--- a/tasmota/tasmota.ino
+++ b/tasmota/tasmota.ino
@@ -305,7 +305,10 @@ void setup(void) {
   strcpy(TasmotaGlobal.mqtt_topic, tmp);
   sprintf(tmp, "ZiotThing_%s_%s_group", DEVICE_TYPE, SettingsText(SET_FRIENDLYNAME1));
   SettingsUpdateText(SET_MQTT_GRP_TOPIC, tmp);
-  if (strlen(SettingsText(SET_ID_TOKEN))) { TasmotaGlobal.idToken_info_flag = true; }
+  if (strlen(SettingsText(SET_ID_TOKEN))) {
+    TasmotaGlobal.idToken_info_flag = true;
+  }
+  printf("MQTT_TOPIC: %s\n", SettingsText(SET_MQTT_TOPIC));
 
   SettingsDelta();
 
diff --git a/tasmota/xdrv_01_3_httpsClient.ino b/tasmota/xdrv_01_3_httpsClient.ino
index f95dfc761b7b..fcf5928a61c4 100644
--- a/tasmota/xdrv_01_3_httpsClient.ino
+++ b/tasmota/xdrv_01_3_httpsClient.ino
@@ -14,22 +14,22 @@ void HTTPSClientInit(void) {
 
 void GetCertification(void) {
     const char host[] = "p2x2wtwvsf.execute-api.ap-northeast-2.amazonaws.com";
-    String url = "/dev/certification?idToken=" + String(SettingsText(SET_ID_TOKEN)) + "&deviceType=light" + "&macAddr=" + NetworkUniqueId();
+    String url = "/dev/certification?deviceType=DEV-TASMOTA-LIGHT&macAddr=" + NetworkUniqueId();
 
-    if (!client.connect(host, 443)) {
-        AddLog(LOG_LEVEL_INFO, PSTR("%s에 HTTPS 연결 실패"), host);
-    } else {
-        AddLog(LOG_LEVEL_INFO, PSTR("%s에 HTTPS 연결 성공"), host);
+    char* idToken = (char*)malloc(1024);
+
+    bool load_result = TfsLoadFile("/idToken.txt", (uint8_t*)idToken, 1024);
 
-        printf("url : %s\n", url.c_str());
-        
+    if (!load_result || !client.connect(host, 443)) {
+        AddLog(LOG_LEVEL_INFO, PSTR("%s에 연결 실패"), host);
+    } else {
+        AddLog(LOG_LEVEL_INFO, PSTR("%s에 연결 성공"), host);
 
         client.print(String("GET ") + url + " HTTP/1.1\r\n" +
                     "Host: " + host + "\r\n" +
-                    "User-Agent: ZIoTTasmota\r\n" +
+                    "User-Agent: Zigbang\r\n" +
+                    "Authorization: " + idToken +"\r\n" +
                     "Connection: close\r\n\r\n");
-        
-        printf("Reqeust sent\n");
 
         String headers = "";
         String body = "";
@@ -37,10 +37,12 @@ void GetCertification(void) {
         bool currentLineIsBlank = true;
         bool gotResponse = false;
 
+        free(idToken);
+
         unsigned long timeout = millis();
         while (!client.available()) {
             if (millis() - timeout > 20000) {
-                printf("Client Timeout !");
+                printf("시간초과!\n");
                 client.stop();
                 provisioning_counter = 0;
                 return;
@@ -71,8 +73,7 @@ void GetCertification(void) {
         }
         if (gotResponse) {
             if (headers.startsWith("HTTP/1.1 200")) {
-                AddLog(LOG_LEVEL_INFO, PSTR("request 성공"));
-                printf("body: %s\n", body.c_str());
+                AddLog(LOG_LEVEL_INFO, PSTR("요청 성공"));
                 JsonParser parser((char*) body.c_str());
                 JsonParserObject stateObject = parser.getRootObject();
 
@@ -80,21 +81,17 @@ void GetCertification(void) {
                 String key = stateObject["key"].getStr();
 
                 if (!cert.length() || !key.length()) {
-                    AddLog(LOG_LEVEL_INFO, PSTR("Cert 및 Key 정보 Error"));
+                    AddLog(LOG_LEVEL_INFO, PSTR("Cert 정보 Error"));
                     client.stop();
                     provisioning_counter = 0;
                     return;
                 }
 
-                SettingsUpdateText(SET_ID_TOKEN, "");
-                TasmotaGlobal.idToken_info_flag = 0;
                 char* certCharType = (char*)cert.c_str();
                 char* keyCharType = (char*)key.c_str();
 
                 memcpy(AmazonClientCert, certCharType, strlen(certCharType));
                 memcpy(AmazonPrivateKey, keyCharType, strlen(keyCharType));
-                printf("cert: %s\n", certCharType);
-                printf("key: %s\n", keyCharType);
 
                 url.~String();
                 headers.~String();
@@ -102,12 +99,20 @@ void GetCertification(void) {
                 cert.~String();
                 key.~String();
 
-                ConvertTlsFile(0);
-                ConvertTlsFile(1);
+                if (!ConvertTlsFile(0) || !ConvertTlsFile(1)) {
+                    AddLog(LOG_LEVEL_INFO, PSTR("Cert 저장 실패"));
+                    client.stop();
+                    provisioning_counter = 0;
+                    return;
+                }
+
+                SettingsUpdateText(SET_ID_TOKEN, "");
+                TasmotaGlobal.idToken_info_flag = 0;
                 TasmotaGlobal.cert_info_flag = 1;
                 TasmotaGlobal.restart_flag = 2;
+                AddLog(LOG_LEVEL_INFO, PSTR("Cert 저장 성공"));
             } else {
-                AddLog(LOG_LEVEL_INFO, PSTR("request 실패"));
+                AddLog(LOG_LEVEL_INFO, PSTR("요청 실패"));
             }
 
             client.stop();
@@ -119,14 +124,12 @@ void GetCertification(void) {
 
 void ProvisioningCheck(void) {
     if (!TasmotaGlobal.idToken_info_flag && TasmotaGlobal.cert_info_flag) {
-        provisioning_counter = 0;
         return;
     } else {
-        if (provisioning_counter) {
-            provisioning_counter--;
-        } else {
-            provisioning_counter = 1000;
-            GetCertification();
+        provisioning_counter++;
+        if (provisioning_counter == 5) {
+            TasmotaGlobal.restart_flag = 2;
         }
+        GetCertification();
     }
 }
\ No newline at end of file
diff --git a/tasmota/xdrv_01_webserver.ino b/tasmota/xdrv_01_webserver.ino
index b5b8b56c62ee..f0b59f0788b5 100644
--- a/tasmota/xdrv_01_webserver.ino
+++ b/tasmota/xdrv_01_webserver.ino
@@ -506,7 +506,6 @@ void StartWebserver(int type, IPAddress ipweb)
         WebServer_on(uri, line.handler, pgm_read_byte(&line.method));
       }
       Webserver->on(F("/frt"), HTTP_GET, HandleFactoryResetConfiguration);
-      Webserver->on(F("/li"), HTTP_GET, HandleCognitoLogin);
       Webserver->onNotFound(HandleNotFound);
 //      Webserver->on(F("/u2"), HTTP_POST, HandleUploadDone, HandleUploadLoop);  // this call requires 2 functions so we keep a direct call
 #ifndef FIRMWARE_MINIMAL
@@ -901,28 +900,6 @@ void WebRestart(uint32_t type)
 
 /*********************************************************************************************/
 
-void HandleCognitoLogin(void)
-{
-  Webserver->sendHeader(F("Location"), String(F("https://ziot-sonoff-auth.auth.ap-northeast-2.amazoncognito.com/login?client_id=3ambmcokjea85jv4ff2hmkb0un&response_type=code&scope=aws.cognito.signin.user.admin+openid&redirect_uri=https://192.168.219.105/lc")), true);
-  WSSend(302, CT_PLAIN, "");  // Empty content inhibits Content-length header so we have to close the socket ourselves.
-}
-
-void HandleWifiLogin(void)
-{
-  WSContentStart_P(PSTR(D_CONFIGURE_WIFI), false);  // false means show page no matter if the client has or has not credentials
-  WSContentSendStyle();
-  WSContentSend_P(HTTP_FORM_LOGIN);
-
-  if (HTTP_MANAGER_RESET_ONLY == Web.state) {
-    WSContentSpaceButton(BUTTON_RESTART);
-#ifndef FIRMWARE_MINIMAL
-    WSContentSpaceButton(BUTTON_RESET_CONFIGURATION);
-#endif  // FIRMWARE_MINIMAL
-  }
-
-  WSContentStop();
-}
-
 uint32_t WebDeviceColumns(void) {
   const uint32_t max_columns = 8;
 
diff --git a/tasmota/xdrv_01_webserver_secure.ino b/tasmota/xdrv_01_webserver_secure.ino
index b6a9ed6952b4..5e8795fa0709 100644
--- a/tasmota/xdrv_01_webserver_secure.ino
+++ b/tasmota/xdrv_01_webserver_secure.ino
@@ -1,3 +1,5 @@
+#include "FS.h"
+
 struct WEBSECURE {
   bool state_HTTPS = false;
   bool state_login = false;
@@ -9,9 +11,8 @@ void StartWebserverSecure(void)
     if (!WebserverSecure) {
       WebserverSecure = new ESP8266WebServerSecure(443);
       WebserverSecure->getServer().setRSACert(new BearSSL::X509List(serverCert), new BearSSL::PrivateKey(serverKey));
-      WebserverSecure->getServer().setBufferSizes(1024, 1024);
-      WebserverSecure->on(F("/lc"), HTTP_GET, HandleCognitoLoginCode);
-      WebserverSecure->on(F("/certs"), HTTP_POST, HandleCertsConfiguration);
+      // WebserverSecure->getServer().setBufferSizes(1024, 1024);
+      WebserverSecure->getServer().setBufferSizes(2048, 1024);
       WebserverSecure->on(F("/config"), HTTP_POST, HandleConfigurationWithApp);
     }
 
@@ -292,59 +293,8 @@ void WSContentStopSecure(void)
 
 /*********************************************************************************************/
 
-void HandleCognitoLoginCode(void)
-{
-  unsigned char authorization_output[TOPSZ] = "";
-  unsigned char* authorization_input = (unsigned char*)"3ambmcokjea85jv4ff2hmkb0un:disli84aaq2ggcul27u5334e5pp74v9gu2mp0h4t4pj1ac1c7g9";
-  WebSecure.state_login = true;
-  Serial.print("========================= Cognito code is ");
-  Serial.println(WebserverSecure->arg("code"));
-  WebserverSecure->sendHeader(F("Location"), String(F("http://")) + WebserverSecure->client().localIP().toString(), true);
-  WebserverSecure->send(302, "text/plain", "");
-
-  //encode_base64(authorization_input,strlen(String((char*)authorization_input).c_str()),authorization_output);
-  
-  //WebserverSecure->sendHeader(F("Authorization", String(F("Basic ")) + String((char*)authorization_output).c_str()), true);
-  //WebserverSecure->sendHeader(F("Content-Type", String(F("application/x-www-form-urlencoded")), true);
-
-  //WebserverSecure->sendHeader(F("Location"), String(F("https://ziot-sonoff-auth.auth.ap-northeast-2.amazoncognito.com/oauth2/token")), true);
-}
-
-void HandleCertsConfiguration(void) {
-  if(!WebserverSecure->hasArg(F("plain"))) {
-    WSContentBeginSecure(500, CT_APP_JSON);
-    WSContentSend_PSecure(PSTR("{\"message\":\"Fail\"}"));
-    WSContentEndSecure();
-    return;
-  }
-
-  JsonParser parser((char*) WebserverSecure->arg("plain").c_str());
-  JsonParserObject stateObject = parser.getRootObject();
-  String cert = stateObject["cert"].getStr();
-  String key = stateObject["key"].getStr();
-  char* certCharType = (char*)cert.c_str();
-  char* keyCharType = (char*)key.c_str();
-
-/* TODO: 인증서 사이즈 체크 예외코드 작성
-  if(cert.length() != 256 || key.length() < 10) {
-    WSContentBegin(500, CT_APP_JSON);
-    WSContentSend_P(PSTR("{\"message\":\"Fail\"}"));
-    WSContentEnd();
-    return;
-  }
-*/
-  memcpy(AmazonClientCert, certCharType, strlen(certCharType));
-  memcpy(AmazonPrivateKey, keyCharType, strlen(keyCharType));
-  MqttDisconnect();
-  ConvertTlsFile(0);
-  ConvertTlsFile(1);
-
-  WSContentBeginSecure(200, CT_APP_JSON);
-  WSContentSend_PSecure(PSTR("{\"message\":\"Success\"}"));
-  WSContentEndSecure();
-}
-
 void HandleConfigurationWithApp(void) {
+  bool save_result = false;
   if(!WebserverSecure->hasArg(F("plain"))) {
     WSContentBeginSecure(500, CT_APP_JSON);
     WSContentSend_PSecure(PSTR("{\"message\":\"Failed\" \"resason\":\"1\" \"data\":\"Server received empty request message\"}"));
@@ -359,13 +309,18 @@ void HandleConfigurationWithApp(void) {
   String ssid = stateObject["ssid1"].getStr();
   String pwd = stateObject["pwd1"].getStr();
 
-  if (!idToken.length() || !ssid.length() || !pwd.length()) {
+  if (idToken.length()) {
+    char* temp = (char*)idToken.c_str();
+    save_result = TfsSaveFile("/idToken.txt", (uint8_t*)temp, 1024);
+  }
+
+  if (!save_result || !ssid.length() || !pwd.length()) {
     WSContentBeginSecure(400, CT_APP_JSON);
     WSContentSend_PSecure(PSTR("{\"message\":\"Failed\" \"resason\":\"2\" \"data\":\"Check token, ssid, and pwd\"}"));
     WSContentEndSecure();
     return;
   } else {
-    SettingsUpdateText(SET_ID_TOKEN, (char*)idToken.c_str());
+    SettingsUpdateText(SET_ID_TOKEN, "TRUE");
     SettingsUpdateText(SET_STASSID1, (char*)ssid.c_str());
     SettingsUpdateText(SET_STAPWD1, (char*)pwd.c_str());
   }
diff --git a/tasmota/xdrv_02_9_mqtt.ino b/tasmota/xdrv_02_9_mqtt.ino
index b0ebd9d877df..9eaf144b88a7 100644
--- a/tasmota/xdrv_02_9_mqtt.ino
+++ b/tasmota/xdrv_02_9_mqtt.ino
@@ -1594,7 +1594,7 @@ void loadTlsDir(void) {
 
 const char ALLOCATE_ERROR[] PROGMEM = "TLSKey " D_JSON_ERROR ": cannot allocate buffer.";
 
-void ConvertTlsFile(uint8_t cert) {
+bool ConvertTlsFile(uint8_t cert) {
   tls_dir_t *tls_dir_write;
 
   int freeheap = ESP.getFreeHeap();
@@ -1603,7 +1603,7 @@ void ConvertTlsFile(uint8_t cert) {
   printf("spi_buffer\n");
   if (!spi_buffer) {
     AddLog(LOG_LEVEL_ERROR, ALLOCATE_ERROR);
-    return;
+    return false;
   }
   if (tls_spi_start != nullptr) {  // safeguard for ESP32
     memcpy_P(spi_buffer, tls_spi_start, tls_spi_len);
@@ -1625,7 +1625,7 @@ void ConvertTlsFile(uint8_t cert) {
     if (!bin_buf) {
       AddLog(LOG_LEVEL_ERROR, ALLOCATE_ERROR);
       free(spi_buffer);
-      return;
+      return false;
     }
   }
 
@@ -1648,7 +1648,7 @@ void ConvertTlsFile(uint8_t cert) {
         AddLog(LOG_LEVEL_INFO, PSTR("TLSKey: Certificate must be 32 bytes: %d."), bin_len);
         free(spi_buffer);
         free(bin_buf);
-        return;
+        return false;
       }
       tls_entry_t *entry = &tls_dir_write->entry[0];
       entry->name = TLS_NAME_SKEY;
@@ -1666,14 +1666,14 @@ void ConvertTlsFile(uint8_t cert) {
       AddLog(LOG_LEVEL_INFO, PSTR("TLSKey: cannot store Cert if no Key previously stored."));
       free(spi_buffer);
       free(bin_buf);
-      return;
+      return false;
     }
     if (bin_len <= 256) {
       // Certificate lenght too short
       AddLog(LOG_LEVEL_INFO, PSTR("TLSKey: Certificate length too short: %d."), bin_len);
       free(spi_buffer);
       free(bin_buf);
-      return;
+      return false;
     }
 
     tls_entry_t *entry = &tls_dir_write->entry[1];
@@ -1692,6 +1692,7 @@ void ConvertTlsFile(uint8_t cert) {
   free(bin_buf);
 
   loadTlsDir();   // reload into memory any potential change
+  return true;
 }
 
 void CmndTlsKey(void) {