Skip to content

fix: update Winix mobile auth flow for validateMobileInfo changes#130

Open
iboolka wants to merge 1 commit intoiprak:mainfrom
iboolka:fix-winix-validatemobileinfo
Open

fix: update Winix mobile auth flow for validateMobileInfo changes#130
iboolka wants to merge 1 commit intoiprak:mainfrom
iboolka:fix-winix-validatemobileinfo

Conversation

@iboolka
Copy link

@iboolka iboolka commented Mar 14, 2026

Summary

This PR updates the Winix cloud auth/device discovery flow to match the current mobile app behavior.

Problem

Starting around March 12-13, 2026, Winix cloud requests began failing for some users with:

  • 400: The user is not valid. - validateMobileInfo

For my account/device, login itself still succeeds, but device discovery fails afterward.

What changed

This PR:

  • adds updated Android client metadata to Winix mobile API payloads
  • restores registerUser, but sends it with the updated payload format
  • keeps checkAccessToken aligned with the current mobile app payload
  • updates getDeviceInfoList to use the same mobile metadata
  • fixes reauth validation to check the refreshed access token

Why registerUser is still needed

I tested the calls manually against the Winix cloud endpoints.

Observed behavior on my account/device:

  • checkAccessToken(updated metadata) -> SUCCESS
  • getDeviceInfoList(updated metadata) -> 400 validateMobileInfo
  • registerUser(old payload) -> FAIL
  • registerUser(updated metadata + email) -> SUCCESS
  • getDeviceInfoList(updated metadata) -> SUCCESS

Because of that, simply removing registerUser was not sufficient in my case.

Code changes

custom_components/winix/helpers.py

  • added a shared mobile app metadata payload helper
  • updated login flow to:
    • derive UUID from access token
    • call registerUser with updated metadata and email
    • call checkAccessToken with updated metadata
  • added _register_user(...)
  • updated _check_access_token(...)
  • updated get_device_stubs(...)
  • fixed reauth validation to use the refreshed access token

Result

After this patch:

  • the integration loads again
  • Winix entities are recreated
  • the device becomes available again in Home Assistant

Notes

Tested with:

  • Winix AM90
  • Home Assistant 2026.2.3

@iboolka
fix: update Winix mobile auth flow for validateMobileInfo changes
ad30c89 
Update Winix mobile API payloads, keep registerUser with the new metadata, and fix reauth token validation.
@iboolka iboolka mentioned this pull request Mar 14, 2026
Open
@iprak
Copy link
Owner

iprak commented Mar 14, 2026

I agree with your finding about registerUser still being needed. That is what I too experienced. I had some test code going very close to what you have here.

@iprak iprak self-assigned this Mar 14, 2026
@iprak iprak self-requested a review March 14, 2026 11:38
iprak
iprak requested changes Mar 14, 2026
View reviewed changes
Copy link
Owner

@iprak iprak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few suggestions to helper with linter warnings and potentially help me down the road.

custom_components/winix/helpers.py
timeout=DEFAULT_POST_TIMEOUT,
)

if resp.status_code != HTTPStatus.OK:
Copy link
Owner

@iprak iprak Mar 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we do this instead?

    if resp.status_code != HTTPStatus.OK:
        err_data = resp.json()
        raise WinixException(
            {
                "message": "Error while performing RPC checkAccessToken",
                "result_code": err_data.get("resultCode"),
                "result_message": err_data.get("resultMessage"),
            }
        )

custom_components/winix/helpers.py
)

if resp.status_code != HTTPStatus.OK:
raise Exception(
Copy link
Owner

@iprak iprak Mar 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And here too

    if resp.status_code != HTTPStatus.OK:
        err_data = resp.json()
        raise WinixException(
            {
                "message": "Error while performing RPC registerUser",
                "result_code": err_data.get("resultCode"),
                "result_message": err_data.get("resultMessage"),
            }
        )

custom_components/winix/helpers.py
try:
account.check_access_token()
Helpers._check_access_token(reponse.access_token, uuid)
except Exception as err: # pylint: disable=broad-except
Copy link
Owner

@iprak iprak Mar 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And let WinixException pass

        except WinixException:
            pass

custom_components/winix/helpers.py
account.check_access_token()
Helpers._register_user(access_token, uuid, username)
Helpers._check_access_token(access_token, uuid)
except Exception as err: # pylint: disable=broad-except
Copy link
Owner

@iprak iprak Mar 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And let WinixException pass

        except WinixException:
            pass

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@iprak iprak iprak requested changes

Assignees

@iprak iprak

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@iboolka @iprak