Handle new Blink login flow (home-assistant#154632)

Co-authored-by: Joostlek <[email protected]>

Author: KiraPC

homeassistant/components/blink/__init__.py

@@ -4,7 +4,6 @@
 import logging
 from typing import Any
 
-from aiohttp import ClientError
 from blinkpy.auth import Auth
 from blinkpy.blinkpy import Blink
 import voluptuous as vol
@@ -18,7 +17,6 @@
     CONF_SCAN_INTERVAL,
 )
 from homeassistant.core import HomeAssistant, callback
-from homeassistant.exceptions import ConfigEntryAuthFailed, ConfigEntryNotReady
 from homeassistant.helpers import config_validation as cv
 from homeassistant.helpers.aiohttp_client import async_get_clientsession
 from homeassistant.helpers.typing import ConfigType
@@ -83,22 +81,15 @@ async def async_setup_entry(hass: HomeAssistant, entry: BlinkConfigEntry) -> boo
     session = async_get_clientsession(hass)
     blink = Blink(session=session)
     auth_data = deepcopy(dict(entry.data))
-    blink.auth = Auth(auth_data, no_prompt=True, session=session)
+    blink.auth = Auth(
+        auth_data,
+        no_prompt=True,
+        session=session,
+        callback=lambda: _async_update_entry_data(hass, entry, blink),
+    )
     blink.refresh_rate = entry.options.get(CONF_SCAN_INTERVAL, DEFAULT_SCAN_INTERVAL)
     coordinator = BlinkUpdateCoordinator(hass, entry, blink)
 
-    try:
-        await blink.start()
-    except (ClientError, TimeoutError) as ex:
-        raise ConfigEntryNotReady("Can not connect to host") from ex
-
-    if blink.auth.check_key_required():
-        _LOGGER.debug("Attempting a reauth flow")
-        raise ConfigEntryAuthFailed("Need 2FA for Blink")
-
-    if not blink.available:
-        raise ConfigEntryNotReady
-
     await coordinator.async_config_entry_first_refresh()
 
     entry.runtime_data = coordinator
@@ -108,6 +99,14 @@ async def async_setup_entry(hass: HomeAssistant, entry: BlinkConfigEntry) -> boo
     return True
 
 
+@callback
+def _async_update_entry_data(
+    hass: HomeAssistant, entry: BlinkConfigEntry, blink: Blink
+) -> None:
+    """Update the config entry data after token refresh."""
+    hass.config_entries.async_update_entry(entry, data=blink.auth.login_attributes)
+
+
 @callback
 def _async_import_options_from_data_if_missing(
     hass: HomeAssistant, entry: BlinkConfigEntry

homeassistant/components/blink/alarm_control_panel.py

@@ -4,6 +4,7 @@
 
 import logging
 
+from blinkpy.auth import UnauthorizedError
 from blinkpy.blinkpy import Blink, BlinkSyncModule
 
 from homeassistant.components.alarm_control_panel import (
@@ -13,7 +14,7 @@
 )
 from homeassistant.const import ATTR_ATTRIBUTION
 from homeassistant.core import HomeAssistant, callback
-from homeassistant.exceptions import HomeAssistantError
+from homeassistant.exceptions import ConfigEntryAuthFailed, HomeAssistantError
 from homeassistant.helpers.device_registry import DeviceInfo
 from homeassistant.helpers.entity_platform import AddConfigEntryEntitiesCallback
 from homeassistant.helpers.update_coordinator import CoordinatorEntity
@@ -91,6 +92,9 @@ async def async_alarm_disarm(self, code: str | None = None) -> None:
 
         except TimeoutError as er:
             raise HomeAssistantError("Blink failed to disarm camera") from er
+        except UnauthorizedError as er:
+            self.coordinator.config_entry.async_start_reauth(self.hass)
+            raise ConfigEntryAuthFailed("Blink authorization failed") from er
 
         await self.coordinator.async_refresh()
 
@@ -101,5 +105,8 @@ async def async_alarm_arm_away(self, code: str | None = None) -> None:
 
         except TimeoutError as er:
             raise HomeAssistantError("Blink failed to arm camera away") from er
+        except UnauthorizedError as er:
+            self.coordinator.config_entry.async_start_reauth(self.hass)
+            raise ConfigEntryAuthFailed("Blink authorization failed") from er
 
         await self.coordinator.async_refresh()

homeassistant/components/blink/camera.py

@@ -6,13 +6,19 @@
 import logging
 from typing import Any
 
+from blinkpy.auth import UnauthorizedError
+from blinkpy.camera import BlinkCamera as BlinkCameraAPI
 from requests.exceptions import ChunkedEncodingError
 import voluptuous as vol
 
 from homeassistant.components.camera import Camera
 from homeassistant.const import CONF_FILE_PATH, CONF_FILENAME
 from homeassistant.core import HomeAssistant
-from homeassistant.exceptions import HomeAssistantError, ServiceValidationError
+from homeassistant.exceptions import (
+    ConfigEntryAuthFailed,
+    HomeAssistantError,
+    ServiceValidationError,
+)
 from homeassistant.helpers import config_validation as cv, entity_platform
 from homeassistant.helpers.device_registry import DeviceInfo
 from homeassistant.helpers.entity_platform import AddConfigEntryEntitiesCallback
@@ -71,7 +77,9 @@ class BlinkCamera(CoordinatorEntity[BlinkUpdateCoordinator], Camera):
     _attr_has_entity_name = True
     _attr_name = None
 
-    def __init__(self, coordinator: BlinkUpdateCoordinator, name, camera) -> None:
+    def __init__(
+        self, coordinator: BlinkUpdateCoordinator, name, camera: BlinkCameraAPI
+    ) -> None:
         """Initialize a camera."""
         super().__init__(coordinator)
         Camera.__init__(self)
@@ -101,6 +109,9 @@ async def async_enable_motion_detection(self) -> None:
                 translation_domain=DOMAIN,
                 translation_key="failed_arm",
             ) from er
+        except UnauthorizedError as er:
+            self.coordinator.config_entry.async_start_reauth(self.hass)
+            raise ConfigEntryAuthFailed("Blink authorization failed") from er
 
         self._camera.motion_enabled = True
         await self.coordinator.async_refresh()
@@ -114,6 +125,9 @@ async def async_disable_motion_detection(self) -> None:
                 translation_domain=DOMAIN,
                 translation_key="failed_disarm",
             ) from er
+        except UnauthorizedError as er:
+            self.coordinator.config_entry.async_start_reauth(self.hass)
+            raise ConfigEntryAuthFailed("Blink authorization failed") from er
 
         self._camera.motion_enabled = False
         await self.coordinator.async_refresh()
@@ -137,6 +151,9 @@ async def record(self) -> None:
                 translation_domain=DOMAIN,
                 translation_key="failed_clip",
             ) from er
+        except UnauthorizedError as er:
+            self.coordinator.config_entry.async_start_reauth(self.hass)
+            raise ConfigEntryAuthFailed("Blink authorization failed") from er
 
         self.async_write_ha_state()
 
@@ -149,6 +166,9 @@ async def trigger_camera(self) -> None:
                 translation_domain=DOMAIN,
                 translation_key="failed_snap",
             ) from er
+        except UnauthorizedError as er:
+            self.coordinator.config_entry.async_start_reauth(self.hass)
+            raise ConfigEntryAuthFailed("Blink authorization failed") from er
 
         self.async_write_ha_state()
 
@@ -182,6 +202,9 @@ async def save_recent_clips(self, file_path) -> None:
                 translation_domain=DOMAIN,
                 translation_key="cant_write",
             ) from err
+        except UnauthorizedError as er:
+            self.coordinator.config_entry.async_start_reauth(self.hass)
+            raise ConfigEntryAuthFailed("Blink authorization failed") from er
 
     async def save_video(self, filename) -> None:
         """Handle save video service calls."""
@@ -200,3 +223,6 @@ async def save_video(self, filename) -> None:
                 translation_domain=DOMAIN,
                 translation_key="cant_write",
             ) from err
+        except UnauthorizedError as er:
+            self.coordinator.config_entry.async_start_reauth(self.hass)
+            raise ConfigEntryAuthFailed("Blink authorization failed") from er

homeassistant/components/blink/config_flow.py

@@ -6,13 +6,18 @@
 import logging
 from typing import Any
 
-from blinkpy.auth import Auth, LoginError, TokenRefreshFailed
+from blinkpy.auth import Auth, BlinkTwoFARequiredError, LoginError, TokenRefreshFailed
 from blinkpy.blinkpy import Blink, BlinkSetupError
 import voluptuous as vol
 
-from homeassistant.config_entries import SOURCE_REAUTH, ConfigFlow, ConfigFlowResult
+from homeassistant.config_entries import (
+    SOURCE_REAUTH,
+    SOURCE_RECONFIGURE,
+    ConfigFlow,
+    ConfigFlowResult,
+)
 from homeassistant.const import CONF_PASSWORD, CONF_PIN, CONF_USERNAME
-from homeassistant.core import HomeAssistant, callback
+from homeassistant.core import callback
 from homeassistant.exceptions import HomeAssistantError
 from homeassistant.helpers.aiohttp_client import async_get_clientsession
 
@@ -21,23 +26,18 @@
 _LOGGER = logging.getLogger(__name__)
 
 
-async def validate_input(auth: Auth) -> None:
+async def validate_input(blink: Blink) -> None:
     """Validate the user input allows us to connect."""
     try:
-        await auth.startup()
+        await blink.start()
     except (LoginError, TokenRefreshFailed) as err:
         raise InvalidAuth from err
-    if auth.check_key_required():
-        raise Require2FA
 
 
-async def _send_blink_2fa_pin(hass: HomeAssistant, auth: Auth, pin: str | None) -> bool:
+async def _send_blink_2fa_pin(blink: Blink, pin: str | None) -> bool:
     """Send 2FA pin to blink servers."""
-    blink = Blink(session=async_get_clientsession(hass))
-    blink.auth = auth
-    blink.setup_login_ids()
-    blink.setup_urls()
-    return await auth.send_auth_key(blink, pin)
+    await blink.send_2fa_code(pin)
+    return True
 
 
 class BlinkConfigFlow(ConfigFlow, domain=DOMAIN):
@@ -48,26 +48,33 @@ class BlinkConfigFlow(ConfigFlow, domain=DOMAIN):
     def __init__(self) -> None:
         """Initialize the blink flow."""
         self.auth: Auth | None = None
+        self.blink: Blink | None = None
+
+    async def _handle_user_input(self, user_input: dict[str, Any]):
+        """Handle user input."""
+        self.auth = Auth(
+            {**user_input, "device_id": DEVICE_ID},
+            no_prompt=True,
+            session=async_get_clientsession(self.hass),
+        )
+        self.blink = Blink(session=async_get_clientsession(self.hass))
+        self.blink.auth = self.auth
+        await self.async_set_unique_id(user_input[CONF_USERNAME])
+        if self.source not in (SOURCE_REAUTH, SOURCE_RECONFIGURE):
+            self._abort_if_unique_id_configured()
+
+        await validate_input(self.blink)
+        return self._async_finish_flow()
 
     async def async_step_user(
         self, user_input: dict[str, Any] | None = None
     ) -> ConfigFlowResult:
         """Handle a flow initiated by the user."""
         errors = {}
         if user_input is not None:
-            self.auth = Auth(
-                {**user_input, "device_id": DEVICE_ID},
-                no_prompt=True,
-                session=async_get_clientsession(self.hass),
-            )
-            await self.async_set_unique_id(user_input[CONF_USERNAME])
-            if self.source != SOURCE_REAUTH:
-                self._abort_if_unique_id_configured()
-
             try:
-                await validate_input(self.auth)
-                return self._async_finish_flow()
-            except Require2FA:
+                return await self._handle_user_input(user_input)
+            except BlinkTwoFARequiredError:
                 return await self.async_step_2fa()
             except InvalidAuth:
                 errors["base"] = "invalid_auth"
@@ -93,19 +100,16 @@ async def async_step_2fa(
         errors = {}
         if user_input is not None:
             try:
-                valid_token = await _send_blink_2fa_pin(
-                    self.hass, self.auth, user_input.get(CONF_PIN)
-                )
+                await _send_blink_2fa_pin(self.blink, user_input.get(CONF_PIN))
             except BlinkSetupError:
                 errors["base"] = "cannot_connect"
+            except TokenRefreshFailed:
+                errors["base"] = "invalid_access_token"
             except Exception:
                 _LOGGER.exception("Unexpected exception")
                 errors["base"] = "unknown"
-
             else:
-                if valid_token:
-                    return self._async_finish_flow()
-                errors["base"] = "invalid_access_token"
+                return self._async_finish_flow()
 
         return self.async_show_form(
             step_id="2fa",
@@ -118,18 +122,88 @@ async def async_step_2fa(
     async def async_step_reauth(
         self, entry_data: Mapping[str, Any]
     ) -> ConfigFlowResult:
-        """Perform reauth upon migration of old entries."""
-        return await self.async_step_user(dict(entry_data))
+        """Perform reauth after an authentication error."""
+        return await self.async_step_reauth_confirm(None)
+
+    async def async_step_reauth_confirm(
+        self, user_input: dict[str, Any] | None = None
+    ) -> ConfigFlowResult:
+        """Handle reauth confirmation."""
+        errors = {}
+        if user_input is not None:
+            try:
+                return await self._handle_user_input(user_input)
+            except BlinkTwoFARequiredError:
+                return await self.async_step_2fa()
+            except InvalidAuth:
+                errors["base"] = "invalid_auth"
+            except Exception:
+                _LOGGER.exception("Unexpected exception")
+                errors["base"] = "unknown"
+
+        config_entry = self._get_reauth_entry()
+        return self.async_show_form(
+            step_id="reauth_confirm",
+            data_schema=vol.Schema(
+                {
+                    vol.Required(
+                        CONF_USERNAME, default=config_entry.data[CONF_USERNAME]
+                    ): str,
+                    vol.Required(
+                        CONF_PASSWORD, default=config_entry.data[CONF_PASSWORD]
+                    ): str,
+                }
+            ),
+            errors=errors,
+            description_placeholders={"username": config_entry.data[CONF_USERNAME]},
+        )
+
+    async def async_step_reconfigure(
+        self, user_input: dict[str, Any] | None = None
+    ) -> ConfigFlowResult:
+        """Handle reconfiguration initiated by the user."""
+        errors = {}
+        if user_input is not None:
+            try:
+                return await self._handle_user_input(user_input)
+            except BlinkTwoFARequiredError:
+                return await self.async_step_2fa()
+            except InvalidAuth:
+                errors["base"] = "invalid_auth"
+            except Exception:
+                _LOGGER.exception("Unexpected exception")
+                errors["base"] = "unknown"
+
+        config_entry = self._get_reconfigure_entry()
+        return self.async_show_form(
+            step_id="reconfigure",
+            data_schema=vol.Schema(
+                {
+                    vol.Required(
+                        CONF_USERNAME, default=config_entry.data[CONF_USERNAME]
+                    ): str,
+                    vol.Required(
+                        CONF_PASSWORD, default=config_entry.data[CONF_PASSWORD]
+                    ): str,
+                }
+            ),
+            errors=errors,
+        )
 
     @callback
     def _async_finish_flow(self) -> ConfigFlowResult:
         """Finish with setup."""
         assert self.auth
-        return self.async_create_entry(title=DOMAIN, data=self.auth.login_attributes)
 
+        if self.source in (SOURCE_REAUTH, SOURCE_RECONFIGURE):
+            return self.async_update_reload_and_abort(
+                self._get_reauth_entry()
+                if self.source == SOURCE_REAUTH
+                else self._get_reconfigure_entry(),
+                data_updates=self.auth.login_attributes,
+            )
 
-class Require2FA(HomeAssistantError):
-    """Error to indicate we require 2FA."""
+        return self.async_create_entry(title=DOMAIN, data=self.auth.login_attributes)
 
 
 class InvalidAuth(HomeAssistantError):