by ezs | Oct 17, 2023 | evilzenscientist
Zoom have deprecated their JWT authentication against the backend API, and moved to OAuth.
Happily – Joseph McEvoy has updated the PSZoom module for PowerShell – and it’s working just great.
Create a new Server-to-Server OAuth through the Zoom App Marketplace, and you’re set:
Your usage will vary, but there is a really nice role based model (or “Scope”) for the API – I gave this just read access to meetings – and it’s been fine.
import-module PSZoom
# get the values from the Zoom Marketplace
# Develop –> Build App –> Server-to-Server OAuth
$AccID = ‘from Zoom’
$ClientID = ‘from Zoom’
$ClientSecret = ‘from Zoom’
Connect-PSZoom -AccountID $AccID -ClientID $ClientID -ClientSecret $ClientSecret
$MeetingID = ‘meetingID’
$ZoomRegistrants = Get-ZoomMeetingRegistrants $MeetingID -pagesize 300
$reghashtable = $zoomregistrants.registrants
write-host $reghashtable.count
$outputs = $reghashtable |foreach-object {
return [pscustomobject]@{
fname = “$($_.first_name)”
lname = “$($_.last_name)”
email = “$($_.email)”
regtime = “$($_.create_time)”
}
}
$outputs | sort-object regtime | export-csv “zoom-meeting.csv” -notypeinformation
by ezs | May 1, 2022 | Solar
Introduction
In April 2022 I had a PV system installed, with a local Enphase Envoy as part of the configuration.
The Enphase Envoy acts as a management gateway for the Enphase system. Collecting, storing and forwarding data to Enphase for the consumer Enlighten datapool and application.
My installation consists of an IQ Combiner; but I believe these instructions are valid for any Envoy running software greater than version 7. At the time of writing my Envoy is running D7.0.85.
Some history
I was interested in the raw data coming from the PV system. During vendor selection I reviewed the access and APIs available; and Enphase seemed to have a good mix of capabilities.
At some point in late 2021/early 2022 access to a local Envoy gateway was changed to require a JWT access token. This caused many home automation and data logging integrations to break. The documentation from Enphase showed how to interactively get the token and login. I found no documentation on doing this automatically through code.
After much reading, reviewing multiple blogs and github repos, and trial and error – I have this now working.
Authentication flow
Firstly, there’s a lot of head scratching on this approach from Enphase. Yes – it protects access behind a token, but it’s all intended for interactive work. I can only surmise that the market for this is not the home integrator or API data scraper. I see Enphase pushing that persona towards the Enlighten API v4 – which has a different set of issues (which I’ll write about in the future).
So the flow:
- login, using Enphase username/password, to the Enphase Entrez token service
- get a JWT access token
- post this JWT to the local envoy
- get data
The third step of this, posting the JWT to /auth/check_jwt, does not seem to be documented anywhere.
Also, and most troubling, the JWT itself is returned as part of the body of a html page. Some regex is needed to extract the specific text string. This has risk in the event that the html document structure changes in the future.
I posted a sample PowerShell script here.
Using this approach, I now have data being pulled from the local IQ Combiner, parsed, posted to a NoSQL database, and then graphed.
Recent Comments