npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

homebridge-plugin-anova-toast

v1.1.4

Published

A plugin that allows you to control your Anova Precision Oven from Homebridge. Right now, it just lets you make toast.

Downloads

11

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

jonbelljonbell

Keywords

homebridge-plugin

Readme

Anova Precision Oven Homebridge Plugin

What if making toast were as easy as pushing a single button, or, that failing, a siri command away?

This Homebridge plugin implements the Anova Precision Oven API to interface with the Anova cloud service (it does not locally connect to the oven - nobody has reverse-engineered a solution for that yet).

For each oven in your account, it exposes a device with multiple switches - one that toggles power on/off, and one for each of a list of favorite recipes. Toggling a recipe on starts that recipe.

To install: see the config.json.example file. Copy/paste the "AnovaToast" platform definision into your platforms array. To customize the favorite recipes that show up in HomeKit, tweak the recipes block.

Default recipes:

  • Make toast (from the recipe in the Anova app)
  • Bake (350F, bottom heater, low fan)
  • Sous-Vide (130F, sous-video mode)
  • Air Fry (425F, rear heater)

This plugin was created based on the code in create new repository from template

Release notes

  • Release 1.1.4: Adds a retry/reconnect loop to the websocket connection to the Anova cloud service
  • Release 1.1.2: Improves latency of power on/off switch updating
  • Release 1.1.1: Pushes status updates to HomeKit API as oven status changes, fixes null dereference on wet bulb temperature status
  • Release 1.1.0: Support for Anova Oven Protocol Version 2
  • Release 1.0.0: Initial release (supports Anova Oven Protocol Version 1 only)

Local dev

npm run build && npm link && DEBUG=* homebridge -D -C -U . (uses config.json in cwd)

Protocol notes

Inspiration from mcolyer's oven API V1 reverse engineering results.

Procedure:

We can man-in-the-middle the HTTPS traffic from the Anova Oven app to find out how the app communicates with the cloud service.

Service domains:

  • wss://app.oven.anovaculinary.io/ - Oven Control API (V1)
  • wss://devices.anovaculinary.io/ - Oven Control API (V2)
  • https://uh9n6t5uyo-3.algolianet.com/ - Community Recipes
  • https://firestore.googleapis.com/ - Oven activity history, saved recipes

Running a man-in-the-middle against the firebase APIs is outside of the scope of my abilities, but here is how to do it for the Anova service:

Deploy proxy

  1. Set up mitmproxy or Proxyman
  2. Start an Android emulator (any device, tested on API34)
  3. In emulator, set proxy: Settings -> Wifi -> Select network/edit -> Advanced -> Proxy
  4. In emulator, install proxy's SSL root CA (navigate to the install URL in browser, then Settings -> Trusted credentials -> Install a certificate -> CA Certificate -> Select the downloaded CA)

Repackage app to trust user CAs

Android apps can specify whether or not to trust user-installed root certificate CA's. To snoop the SSL traffic, we need to edit the app to allow this.

  1. Download the most recent Anova Oven App APK (e.g. from apkpure)
  2. Use apktool to unwrap the apk
  3. Edit the file res/xml/network_security_config.xml:

Before:

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <domain-config cleartextTrafficPermitted="true">
        <domain includeSubdomains="true">10.0.2.2</domain>
        <domain includeSubdomains="true">192.168.4.1</domain>
        <domain includeSubdomains="true">localhost</domain>
    </domain-config>
</network-security-config>

After:

    <?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <domain-config cleartextTrafficPermitted="true">
        <domain includeSubdomains="true">10.0.2.2</domain>
        <domain includeSubdomains="true">192.168.4.1</domain>
        <domain includeSubdomains="true">localhost</domain>
    </domain-config>
     <base-config>
            <trust-anchors>
                <!-- Trust preinstalled CAs -->
                <certificates src="system" />
                <!-- Additionally trust user added CAs -->
                <certificates src="user" />
           </trust-anchors>
      </base-config>
</network-security-config>
  1. Recompile the APK: apktool b . (outputs to APKName/dist/)
  2. Sign the APK.
    1. If you do not already have a keystore setup for this: keytool -genkey -v -keystore key.jks -keyalg RSA -keysize 2048 -validity 10000 -alias apkfun (the cannonical default keystore password to use is changeit)
    2. Sign it: jarsigner -keystore key.jks APKName/dist/APKName.apk apkfun
    3. Align the native libraries (you'll get some error if not): zipalign -v 4 APKName/dist/APKName.apk
  3. Install the APK on your emulator (drag and drop the APK to the emulator)

©2023 Jonathan Bell, released under the Apache License 2.0