Clarify that only HTTPS can be used in fitbit (#57116)

2025-07-23 13:17:32 +00:00 · 2021-10-14 00:45:59 +09:00 · 2021-10-14 00:45:59 +09:00 · 628e59ff11
commit 628e59ff11
parent b86e19143d
1 changed files with 12 additions and 7 deletions
--- a/homeassistant/components/fitbit/sensor.py
+++ b/homeassistant/components/fitbit/sensor.py
@ -29,7 +29,7 @@ from homeassistant.core import HomeAssistant, callback
 import homeassistant.helpers.config_validation as cv
 from homeassistant.helpers.entity_platform import AddEntitiesCallback
 from homeassistant.helpers.icon import icon_for_battery_level
-from homeassistant.helpers.network import get_url
+from homeassistant.helpers.network import NoURLAvailableError, get_url
 from homeassistant.helpers.typing import ConfigType, DiscoveryInfoType
 from homeassistant.util.json import load_json, save_json

@ -101,16 +101,21 @@ def request_app_setup(
        else:
            setup_platform(hass, config, add_entities, discovery_info)

-    start_url = f"{get_url(hass)}{FITBIT_AUTH_CALLBACK_PATH}"
-
-    description = f"""Please create a Fitbit developer app at
+    try:
+        description = f"""Please create a Fitbit developer app at
                       https://dev.fitbit.com/apps/new.
                       For the OAuth 2.0 Application Type choose Personal.
-                       Set the Callback URL to {start_url}.
+                       Set the Callback URL to {get_url(hass, require_ssl=True)}{FITBIT_AUTH_CALLBACK_PATH}.
+                       (Note: Your Home Assistant instance must be accessible via HTTPS.)
                       They will provide you a Client ID and secret.
                       These need to be saved into the file located at: {config_path}.
                       Then come back here and hit the below button.
                       """
+    except NoURLAvailableError:
+        error_msg = """Could not find a SSL enabled URL for your Home Assistant instance.
+                     Fitbit requires that your Home Assistant instance is accessible via HTTPS.
+                     """
+        configurator.notify_errors(_CONFIGURING["fitbit"], error_msg)

    submit = "I have saved my Client ID and Client Secret into fitbit.conf."

@ -136,7 +141,7 @@ def request_oauth_completion(hass: HomeAssistant) -> None:
    def fitbit_configuration_callback(fields: list[dict[str, str]]) -> None:
        """Handle configuration updates."""

-    start_url = f"{get_url(hass)}{FITBIT_AUTH_START}"
+    start_url = f"{get_url(hass, require_ssl=True)}{FITBIT_AUTH_START}"

    description = f"Please authorize Fitbit by visiting {start_url}"

@ -236,7 +241,7 @@ def setup_platform(
            config_file.get(CONF_CLIENT_ID), config_file.get(CONF_CLIENT_SECRET)
        )

-        redirect_uri = f"{get_url(hass)}{FITBIT_AUTH_CALLBACK_PATH}"
+        redirect_uri = f"{get_url(hass, require_ssl=True)}{FITBIT_AUTH_CALLBACK_PATH}"

        fitbit_auth_start_url, _ = oauth.authorize_token_url(
            redirect_uri=redirect_uri,