Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

v3: non https connection to Hue bridge

See original GitHub issue

Can it be that non-https connection to port 80 is no longer possible to the Hue Bridge? It seems like it is always using https

  connect(username, clientkey, timeout) {
    const self = this
      , hostname = self.hostname
      , baseUrl = self.baseUrl
    ;

    return axios.get(`${baseUrl}/api/config`, {httpsAgent: new https.Agent({rejectUnauthorized: false})})

Issue Analytics

State:
Created 4 years ago
Comments:6 (3 by maintainers)

Top GitHub Comments

1reaction

foxriver76commented, Oct 21, 2019

Thanks, works.

0reactions

peter-murraycommented, Oct 21, 2019

I have released version 3.4.0 to the npm registry with an insecure connection option.

It will print a warning indicating that you are using an insecure method for establishing a connection to the Hue Bridge. Consumers of the library should be using https, which is the default for the library, and this is here only to satisfy the software emulation solutions that appear to exist.

I will not support issues that arise from this library being used against emulated bridges. The Bridge API changes and has plenty of minor quirks in it which come and go as the bridge firmware is updated. Most emulated solutions will introduce other quirks or failures to match the Hue Bridge in certain edge cases.

To use the new connection method, use code like the following:

const v3Api = require('node-hue-api').v3.api;
const api = await v3Api.createInsecureLocal(ipAddress).connect('username');

To really get the point across about this not being something I want used it will report a warning to the user on console.error. This can be suppressed using the presence of an environment variable NODE_HUE_API_USE_INSECURE_CONNECTION as there may be valid situations that may require this, although I cannot think of any as disabling security for users is far from ideal.