Skip to content

Instantly share code, notes, and snippets.

@lpomfrey
Last active December 19, 2023 03:22
Show Gist options
  • Star 5 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save lpomfrey/97381cf4316553b03622c665ae3a47da to your computer and use it in GitHub Desktop.
Save lpomfrey/97381cf4316553b03622c665ae3a47da to your computer and use it in GitHub Desktop.
AWS Lambda function for forwarding Alexa Intent requests to Home Assistant
# -*- coding: utf-8 -*-
import os
import json
import logging
import urllib3
_debug = os.environ.get('DEBUG', '').lower() in ('1', 'y', 'yes', 'true', 'on')
_logger = logging.getLogger('HomeAssistant-Intents')
_logger.setLevel(logging.DEBUG if _debug else logging.INFO)
def lambda_handler(event, context):
"""Handle incoming Alexa directive."""
_logger.debug('Event: %s', event)
base_url = os.environ.get('BASE_URL')
assert base_url is not None, 'Please set BASE_URL environment variable'
try:
token = event.get('session', {}).get('user', {}).get('accessToken')
except AttributeError:
token = None
if token is None and _debug:
token = os.environ.get('LONG_LIVED_ACCESS_TOKEN')
assert token, 'Could not get access token'
verify_ssl = os.environ.get('NOT_VERIFY_SSL', '').lower() not in ('1', 'y', 'yes', 'true', 'on')
http = urllib3.PoolManager(
cert_reqs='CERT_REQUIRED' if verify_ssl else 'CERT_NONE',
timeout=urllib3.Timeout(connect=2.0, read=10.0)
)
response = http.request(
'POST',
'{}/api/alexa'.format(base_url),
headers={
'Authorization': 'Bearer {}'.format(token),
'Content-Type': 'application/json',
},
body=json.dumps(event).encode('utf-8'),
)
if response.status >= 400:
return {
'event': {
'payload': {
'type': 'INVALID_AUTHORIZATION_CREDENTIAL'
if response.status in (401, 403) else 'INTERNAL_ERROR',
'message': response.data.decode("utf-8"),
}
}
}
return json.loads(response.data.decode('utf-8'))
@Writtscher
Copy link

@lpomfrey Hi, I'm using your script and it is working fine in debug with a long live access token, tanks. But as soon as I remove the debug flag I get an ssl error

SSLError(CertificateError("hostname 'www.XXX.duckdns.org' doesn't match 'XXX.duckdns.org'"))': /api/alexa/smart_home

I have no idea how to fix this. I am using the generated duckdns addon certificate of my home assistant.

Could you please help?

@lpomfrey
Copy link
Author

@lpomfrey Hi, I'm using your script and it is working fine in debug with a long live access token, tanks. But as soon as I remove the debug flag I get an ssl error

SSLError(CertificateError("hostname 'www.XXX.duckdns.org' doesn't match 'XXX.duckdns.org'"))': /api/alexa/smart_home

I have no idea how to fix this. I am using the generated duckdns addon certificate of my home assistant.

Could you please help?

It looks like you either need to set the NOT_VERIFY_SSL environment variable to 1 or use a domain that you actually have a certificate for (e.g. XXX.duckdns.org instead of www.XXX.duckdns.org)

@Writtscher
Copy link

Writtscher commented Mar 22, 2023

@lpomfrey Thank you for your quick response. Now I am getting

{
  "errorMessage": "Could not get access token",
  "errorType": "AssertionError",
  "requestId": "63bf8698-793d-4cda-b812-8ca42095cdc1",
  "stackTrace": [
    "  File \"/var/task/lambda_function.py\", line 29, in lambda_handler\n    assert token, 'Could not get access token'\n"
  ]
}

My home assistant is accessible via https and port 443.


I figured it out. There is no user / token in the event. I am not sure why. I will see what is wrong because I am sure I've added account linking in my alexa skil.


@lpomfrey

I have kinda figured it out. The script is different for me. My token is not in token = event.get('session', {}).get('user', {}).get('accessToken'). For me it is in token = event.get('directive', {}).get('payload', {}).get('scope', {}).get('token').

But I could not find a solution for the verify ssl error. Even if I disable verify ssl...

Unverified HTTPS request is being made to host 'www.XXX.duckdns.org'. Adding certificate verification is strongly advised.

@lpomfrey
Copy link
Author

@lpomfrey Thank you for your quick response. Now I am getting

{
  "errorMessage": "Could not get access token",
  "errorType": "AssertionError",
  "requestId": "63bf8698-793d-4cda-b812-8ca42095cdc1",
  "stackTrace": [
    "  File \"/var/task/lambda_function.py\", line 29, in lambda_handler\n    assert token, 'Could not get access token'\n"
  ]
}

My home assistant is accessible via https and port 443.

I figured it out. There is no user / token in the event. I am not sure why. I will see what is wrong because I am sure I've added account linking in my alexa skil.

@lpomfrey

I have kinda figured it out. The script is different for me. My token is not in token = event.get('session', {}).get('user', {}).get('accessToken'). For me it is in token = event.get('directive', {}).get('payload', {}).get('scope', {}).get('token').

But I could not find a solution for the verify ssl error. Even if I disable verify ssl...

Unverified HTTPS request is being made to host 'www.XXX.duckdns.org'. Adding certificate verification is strongly advised.

It sounds like you might want to modify this script instead from the Home Assistant docs here

The SSL issue is just a warning that you're insecure because you turned off certificate verification.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment