Commit 74d627e
fix(ui-api): send correct instanceId so JWTs pass UI auth on v5.24.0+
homebridge-config-ui-x v5.24.0 added an `instanceId` check to its JWT
strategy that rejects any token whose `instanceId` doesn't match the
server's own (sha256 of the UI `secretKey`). The plugin was signing its
self-minted token with a sentinel `instanceId: 'xxxxxxx'`, so every API
call returned 401, surfacing as "undefined error connecting to ..." in
the logs.
Compute the same `sha256(secretKey)` value the server derives. Older UI
versions ignore `instanceId`, so this is safe across all versions.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>1 parent bdce640 commit 74d627e
1 file changed
Lines changed: 3 additions & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
9 | 9 | | |
10 | 10 | | |
11 | 11 | | |
| 12 | + | |
12 | 13 | | |
13 | 14 | | |
14 | 15 | | |
| |||
68 | 69 | | |
69 | 70 | | |
70 | 71 | | |
71 | | - | |
| 72 | + | |
72 | 73 | | |
73 | 74 | | |
74 | 75 | | |
| |||
589 | 590 | | |
590 | 591 | | |
591 | 592 | | |
592 | | - | |
| 593 | + | |
593 | 594 | | |
594 | 595 | | |
595 | 596 | | |
| |||
0 commit comments