From 46387d1620f03c567bc72646529c38648dabba1e Mon Sep 17 00:00:00 2001
From: Marco Kirchner <kirchnermarco@gmail.com>
Date: Tue, 6 Dec 2022 16:33:53 +0000
Subject: [PATCH] initial commit

---
 .devcontainer/README.md                    |  60 +++++
 .devcontainer/configuration.yaml           |   9 +
 .devcontainer/devcontainer.json            |  30 +++
 .gitattributes                             |   1 +
 .github/ISSUE_TEMPLATE/feature_request.md  |  17 ++
 .github/ISSUE_TEMPLATE/issue.md            |  42 ++++
 .github/workflows/cron.yaml                |  21 ++
 .github/workflows/pull.yml                 |  55 +++++
 .github/workflows/push.yml                 |  58 +++++
 .gitignore                                 |   6 +
 .vscode/launch.json                        |  35 +++
 .vscode/settings.json                      |   8 +
 .vscode/tasks.json                         |  29 +++
 CONTRIBUTING.md                            |  61 ++++++
 LICENSE                                    |  21 ++
 README.md                                  | 115 ++++++++++
 custom_components/jwt_cookie/__init__.py   | 243 +++++++++++++++++++++
 custom_components/jwt_cookie/manifest.json |  18 ++
 hacs.json                                  |   5 +
 integrations/caddy.md                      |  82 +++++++
 jwt.png                                    | Bin 0 -> 12136 bytes
 requirements_dev.txt                       |   1 +
 requirements_test.txt                      |   1 +
 setup.cfg                                  |  35 +++
 tests/README.md                            |  24 ++
 tests/__init__.py                          |   1 +
 26 files changed, 978 insertions(+)
 create mode 100644 .devcontainer/README.md
 create mode 100644 .devcontainer/configuration.yaml
 create mode 100644 .devcontainer/devcontainer.json
 create mode 100644 .gitattributes
 create mode 100644 .github/ISSUE_TEMPLATE/feature_request.md
 create mode 100644 .github/ISSUE_TEMPLATE/issue.md
 create mode 100644 .github/workflows/cron.yaml
 create mode 100644 .github/workflows/pull.yml
 create mode 100644 .github/workflows/push.yml
 create mode 100644 .gitignore
 create mode 100644 .vscode/launch.json
 create mode 100644 .vscode/settings.json
 create mode 100644 .vscode/tasks.json
 create mode 100644 CONTRIBUTING.md
 create mode 100644 LICENSE
 create mode 100644 README.md
 create mode 100644 custom_components/jwt_cookie/__init__.py
 create mode 100644 custom_components/jwt_cookie/manifest.json
 create mode 100644 hacs.json
 create mode 100644 integrations/caddy.md
 create mode 100644 jwt.png
 create mode 100644 requirements_dev.txt
 create mode 100644 requirements_test.txt
 create mode 100644 setup.cfg
 create mode 100644 tests/README.md
 create mode 100644 tests/__init__.py

diff --git a/.devcontainer/README.md b/.devcontainer/README.md
new file mode 100644
index 0000000..e304a9a
--- /dev/null
+++ b/.devcontainer/README.md
@@ -0,0 +1,60 @@
+## Developing with Visual Studio Code + devcontainer
+
+The easiest way to get started with custom integration development is to use Visual Studio Code with devcontainers. This approach will create a preconfigured development environment with all the tools you need.
+
+In the container you will have a dedicated Home Assistant core instance running with your custom component code. You can configure this instance by updating the `./devcontainer/configuration.yaml` file.
+
+**Prerequisites**
+
+- [git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git)
+- Docker
+  -  For Linux, macOS, or Windows 10 Pro/Enterprise/Education use the [current release version of Docker](https://docs.docker.com/install/)
+  -   Windows 10 Home requires [WSL 2](https://docs.microsoft.com/windows/wsl/wsl2-install) and the current Edge version of Docker Desktop (see instructions [here](https://docs.docker.com/docker-for-windows/wsl-tech-preview/)). This can also be used for Windows Pro/Enterprise/Education.
+- [Visual Studio code](https://code.visualstudio.com/)
+- [Remote - Containers (VSC Extension)][extension-link]
+
+[More info about requirements and devcontainer in general](https://code.visualstudio.com/docs/remote/containers#_getting-started)
+
+[extension-link]: https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers
+
+**Getting started:**
+
+1. Fork the repository.
+2. Clone the repository to your computer.
+3. Open the repository using Visual Studio code.
+
+When you open this repository with Visual Studio code you are asked to "Reopen in Container", this will start the build of the container.
+
+_If you don't see this notification, open the command palette and select `Remote-Containers: Reopen Folder in Container`._
+
+### Tasks
+
+The devcontainer comes with some useful tasks to help you with development, you can start these tasks by opening the command palette and select `Tasks: Run Task` then select the task you want to run.
+
+When a task is currently running (like `Run Home Assistant on port 9123` for the docs), it can be restarted by opening the command palette and selecting `Tasks: Restart Running Task`, then select the task you want to restart.
+
+The available tasks are:
+
+Task | Description
+-- | --
+Run Home Assistant on port 9123 | Launch Home Assistant with your custom component code and the configuration defined in `.devcontainer/configuration.yaml`.
+Run Home Assistant configuration against /config | Check the configuration.
+Upgrade Home Assistant to latest dev | Upgrade the Home Assistant core version in the container to the latest version of the `dev` branch.
+Install a specific version of Home Assistant | Install a specific version of Home Assistant core in the container.
+
+### Step by Step debugging
+
+With the development container,
+you can test your custom component in Home Assistant with step by step debugging.
+
+You need to modify the `configuration.yaml` file in `.devcontainer` folder
+by uncommenting the line:
+
+```yaml
+# debugpy:
+```
+
+Then launch the task `Run Home Assistant on port 9123`, and launch the debugger
+with the existing debugging configuration `Python: Attach Local`.
+
+For more information, look at [the Remote Python Debugger integration documentation](https://www.home-assistant.io/integrations/debugpy/).
diff --git a/.devcontainer/configuration.yaml b/.devcontainer/configuration.yaml
new file mode 100644
index 0000000..53b8c09
--- /dev/null
+++ b/.devcontainer/configuration.yaml
@@ -0,0 +1,9 @@
+default_config:
+
+logger:
+  default: info
+  logs:
+    custom_components.integration_blueprint: debug
+
+# If you need to debug uncomment the line below (doc: https://www.home-assistant.io/integrations/debugpy/)
+# debugpy:
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
new file mode 100644
index 0000000..0761dae
--- /dev/null
+++ b/.devcontainer/devcontainer.json
@@ -0,0 +1,30 @@
+// See https://aka.ms/vscode-remote/devcontainer.json for format details.
+{
+	"image": "ghcr.io/ludeeus/devcontainer/integration:stable",
+	"name": "Blueprint integration development",
+	"context": "..",
+	"appPort": [
+		"9123:8123"
+	],
+	"postCreateCommand": "container install",
+	"extensions": [
+		"ms-python.python",
+		"github.vscode-pull-request-github",
+		"ryanluker.vscode-coverage-gutters",
+		"ms-python.vscode-pylance"
+	],
+	"settings": {
+		"files.eol": "\n",
+		"editor.tabSize": 4,
+		"terminal.integrated.shell.linux": "/bin/bash",
+		"python.pythonPath": "/usr/bin/python3",
+		"python.analysis.autoSearchPaths": false,
+		"python.linting.pylintEnabled": true,
+		"python.linting.enabled": true,
+		"python.formatting.provider": "black",
+		"editor.formatOnPaste": false,
+		"editor.formatOnSave": true,
+		"editor.formatOnType": true,
+		"files.trimTrailingWhitespace": true
+	}
+}
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..94f480d
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1 @@
+* text=auto eol=lf
\ No newline at end of file
diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md
new file mode 100644
index 0000000..6bcce42
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -0,0 +1,17 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.
\ No newline at end of file
diff --git a/.github/ISSUE_TEMPLATE/issue.md b/.github/ISSUE_TEMPLATE/issue.md
new file mode 100644
index 0000000..bbd0345
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/issue.md
@@ -0,0 +1,42 @@
+---
+name: Issue
+about: Create a report to help us improve
+
+---
+
+<!-- Before you open a new issue, search through the existing issues to see if others have had the same problem.
+
+Issues not containing the minimum requirements will be closed:
+
+- Issues without a description (using the header is not good enough) will be closed.
+- Issues without debug logging will be closed.
+- Issues without configuration will be closed
+
+-->
+
+## Version of the custom_component
+<!-- If you are not using the newest version, download and try that before opening an issue
+If you are unsure about the version check the const.py file.
+-->
+
+## Configuration
+
+```yaml
+
+Add your logs here.
+
+```
+
+## Describe the bug
+A clear and concise description of what the bug is.
+
+
+## Debug log
+
+<!-- To enable debug logs check this https://www.home-assistant.io/components/logger/ -->
+
+```text
+
+Add your logs here.
+
+```
\ No newline at end of file
diff --git a/.github/workflows/cron.yaml b/.github/workflows/cron.yaml
new file mode 100644
index 0000000..8d51d0f
--- /dev/null
+++ b/.github/workflows/cron.yaml
@@ -0,0 +1,21 @@
+name: Cron actions
+
+on:
+  schedule:
+    - cron:  '0 0 * * *'
+
+jobs:
+  validate:
+    runs-on: "ubuntu-latest"
+    name: Validate
+    steps:
+        - uses: "actions/checkout@v2"
+
+        - name: HACS validation
+          uses: "hacs/action@main"
+          with:
+            category: "integration"
+            ignore: brands
+
+        - name: Hassfest validation
+          uses: "home-assistant/actions/hassfest@master"
\ No newline at end of file
diff --git a/.github/workflows/pull.yml b/.github/workflows/pull.yml
new file mode 100644
index 0000000..d895c86
--- /dev/null
+++ b/.github/workflows/pull.yml
@@ -0,0 +1,55 @@
+name: Pull actions
+
+on:
+  pull_request:
+
+jobs:
+  validate:
+    runs-on: "ubuntu-latest"
+    name: Validate
+    steps:
+        - uses: "actions/checkout@v2"
+
+        - name: HACS validation
+          uses: "hacs/action@main"
+          with:
+            category: "integration"
+            ignore: brands
+
+        - name: Hassfest validation
+          uses: "home-assistant/actions/hassfest@master"
+
+  style:
+    runs-on: "ubuntu-latest"
+    name: Check style formatting
+    steps:
+        - uses: "actions/checkout@v2"
+        - uses: "actions/setup-python@v1"
+          with:
+            python-version: "3.x"
+        - run: python3 -m pip install black
+        - run: black .
+
+  tests:
+    runs-on: "ubuntu-latest"
+    name: Run tests
+    steps:
+      - name: Check out code from GitHub
+        uses: "actions/checkout@v2"
+      - name: Setup Python
+        uses: "actions/setup-python@v1"
+        with:
+          python-version: "3.8"
+      - name: Install requirements
+        run: python3 -m pip install -r requirements_test.txt
+      - name: Run tests
+        run: |
+          pytest \
+            -qq \
+            --timeout=9 \
+            --durations=10 \
+            -n auto \
+            --cov custom_components.integration_blueprint \
+            -o console_output_style=count \
+            -p no:sugar \
+            tests
diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
new file mode 100644
index 0000000..d0ff7bf
--- /dev/null
+++ b/.github/workflows/push.yml
@@ -0,0 +1,58 @@
+name: Push actions
+
+on:
+  push:
+    branches:
+      - master
+      - dev
+
+jobs:
+  validate:
+    runs-on: "ubuntu-latest"
+    name: Validate
+    steps:
+        - uses: "actions/checkout@v2"
+
+        - name: HACS validation
+          uses: "hacs/action@main"
+          with:
+            category: "integration"
+            ignore: brands
+
+        - name: Hassfest validation
+          uses: "home-assistant/actions/hassfest@master"
+
+  style:
+    runs-on: "ubuntu-latest"
+    name: Check style formatting
+    steps:
+        - uses: "actions/checkout@v2"
+        - uses: "actions/setup-python@v1"
+          with:
+            python-version: "3.x"
+        - run: python3 -m pip install black
+        - run: black .
+
+  tests:
+    runs-on: "ubuntu-latest"
+    name: Run tests
+    steps:
+      - name: Check out code from GitHub
+        uses: "actions/checkout@v2"
+      - name: Setup Python
+        uses: "actions/setup-python@v1"
+        with:
+          python-version: "3.8"
+      - name: Install requirements
+        run: python3 -m pip install -r requirements_test.txt
+      - name: Run tests
+        run: |
+          pytest \
+            -qq \
+            --timeout=9 \
+            --durations=10 \
+            -n auto \
+            --cov custom_components.integration_blueprint \
+            -o console_output_style=count \
+            -p no:sugar \
+            tests
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..492cda3
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,6 @@
+__pycache__
+pythonenv*
+venv
+.venv
+.coverage
+.idea
diff --git a/.vscode/launch.json b/.vscode/launch.json
new file mode 100644
index 0000000..555a62b
--- /dev/null
+++ b/.vscode/launch.json
@@ -0,0 +1,35 @@
+{
+    // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
+    "version": "0.2.0",
+    "configurations": [
+      {
+        // Example of attaching to local debug server
+        "name": "Python: Attach Local",
+        "type": "python",
+        "request": "attach",
+        "port": 5678,
+        "host": "localhost",
+        "pathMappings": [
+          {
+            "localRoot": "${workspaceFolder}",
+            "remoteRoot": "."
+          }
+        ]
+      },
+      {
+        // Example of attaching to my production server
+        "name": "Python: Attach Remote",
+        "type": "python",
+        "request": "attach",
+        "port": 5678,
+        "host": "homeassistant.local",
+        "pathMappings": [
+          {
+            "localRoot": "${workspaceFolder}",
+            "remoteRoot": "/usr/src/homeassistant"
+          }
+        ]
+      }
+    ]
+  }
+  
\ No newline at end of file
diff --git a/.vscode/settings.json b/.vscode/settings.json
new file mode 100644
index 0000000..a3d535d
--- /dev/null
+++ b/.vscode/settings.json
@@ -0,0 +1,8 @@
+{
+    "python.linting.pylintEnabled": true,
+    "python.linting.enabled": true,
+    "python.pythonPath": "/usr/local/bin/python",
+    "files.associations": {
+        "*.yaml": "home-assistant"
+    }
+}
\ No newline at end of file
diff --git a/.vscode/tasks.json b/.vscode/tasks.json
new file mode 100644
index 0000000..7ab4ba8
--- /dev/null
+++ b/.vscode/tasks.json
@@ -0,0 +1,29 @@
+{
+    "version": "2.0.0",
+    "tasks": [
+        {
+            "label": "Run Home Assistant on port 9123",
+            "type": "shell",
+            "command": "container start",
+            "problemMatcher": []
+        },
+        {
+            "label": "Run Home Assistant configuration against /config",
+            "type": "shell",
+            "command": "container check",
+            "problemMatcher": []
+        },
+        {
+            "label": "Upgrade Home Assistant to latest dev",
+            "type": "shell",
+            "command": "container install",
+            "problemMatcher": []
+        },
+        {
+            "label": "Install a specific version of Home Assistant",
+            "type": "shell",
+            "command": "container set-version",
+            "problemMatcher": []
+        }
+    ]
+}
\ No newline at end of file
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
new file mode 100644
index 0000000..d85a589
--- /dev/null
+++ b/CONTRIBUTING.md
@@ -0,0 +1,61 @@
+# Contribution guidelines
+
+Contributing to this project should be as easy and transparent as possible, whether it's:
+
+- Reporting a bug
+- Discussing the current state of the code
+- Submitting a fix
+- Proposing new features
+
+## Github is used for everything
+
+Github is used to host code, to track issues and feature requests, as well as accept pull requests.
+
+Pull requests are the best way to propose changes to the codebase.
+
+1. Fork the repo and create your branch from `master`.
+2. If you've changed something, update the documentation.
+3. Make sure your code lints (using black).
+4. Test you contribution.
+5. Issue that pull request!
+
+## Any contributions you make will be under the MIT Software License
+
+In short, when you submit code changes, your submissions are understood to be under the same [MIT License](http://choosealicense.com/licenses/mit/) that covers the project. Feel free to contact the maintainers if that's a concern.
+
+## Report bugs using Github's [issues](../../issues)
+
+GitHub issues are used to track public bugs.
+Report a bug by [opening a new issue](../../issues/new/choose); it's that easy!
+
+## Write bug reports with detail, background, and sample code
+
+**Great Bug Reports** tend to have:
+
+- A quick summary and/or background
+- Steps to reproduce
+  - Be specific!
+  - Give sample code if you can.
+- What you expected would happen
+- What actually happens
+- Notes (possibly including why you think this might be happening, or stuff you tried that didn't work)
+
+People *love* thorough bug reports. I'm not even kidding.
+
+## Use a Consistent Coding Style
+
+Use [black](https://github.com/ambv/black) to make sure the code follows the style.
+
+## Test your code modification
+
+This custom component is based on [integration_blueprint template](https://github.com/custom-components/integration_blueprint).
+
+It comes with development environment in a container, easy to launch
+if you use Visual Studio Code. With this container you will have a stand alone
+Home Assistant instance running and already configured with the included
+[`.devcontainer/configuration.yaml`](./.devcontainer/configuration.yaml)
+file.
+
+## License
+
+By contributing, you agree that your contributions will be licensed under its MIT License.
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..ee2aa67
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2022 Marco Kirchner @BigBoot
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
\ No newline at end of file
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..9201406
--- /dev/null
+++ b/README.md
@@ -0,0 +1,115 @@
+# hass-jwt_cookie
+
+[![GitHub Release][releases-shield]][releases]
+[![License][license-shield]](LICENSE)
+[![hacs][hacsbadge]][hacs]
+![Project Maintenance][maintenance-shield]
+
+Create JWT Cookies every time you log in to your HomeAssistant instance.
+
+![jwt][jwtimg]
+
+## Why?
+
+I wanted to reverse proxy a few of my internally reachable services and make them available through my publicly accessible HomeAssistant installation.
+After looking at the available solutions I was not satisfied with any of them, here's some of the solutions I evaluated and why I disliked them.
+
+- BasicAuth using user:password in the url  
+   ❌ Doesn't work in the Android/iOS App  
+   ❌ Makes the login details available in cleartext in the url
+
+- Authelia  
+   ❌ User Management Separate from HomeAssistant  
+   ❌ No SSO  
+   ❌ Doesn't work in the Android/iOS App?
+
+- LDAP+Authelia+HomeAssistant LDAP+Some LDAP GUI  
+   ❌ Very Complex  
+   ❌ No True SSO (You'll have to log in to Home Assistant **AND** Authelia separately)  
+   ❌ Doesn't work in the Android/iOS App?
+
+- Various other similar combination of solutions like Authentik/Keycloak/... all suffer from the same fundamental problems as Authelia
+
+So I decided to create this intergration and combine it with a reverse proxy supporting jwt auth. This ticks all of my requirements:
+- ✅ Works everywhere (including the iOS/Android apps)
+- ✅ True SSO
+- ✅ Users are managed in HomeAssistant
+- ✅ No cleartext login/passwords
+- ✅ Is easily extensible to new services
+- ✅ Reasonably safe
+
+**NOTE:** By itself this integration only provides the creation of a json cookie, the actual authentication will still need to be configured in the reverse proxy, see [intergrations](#intergrations) for more details.
+
+## Installation
+
+### HACS (Recommended)
+
+Installation is via the [Home Assistant Community Store
+(HACS)](https://hacs.xyz/), which is the best place to get third-party
+integrations for Home Assistant. Once you have HACS set up, simply click the button below or
+follow the [instructions for adding a custom
+repository](https://hacs.xyz/docs/faq/custom_repositories) and then
+the integration will be available to install like any other.
+
+[![Open your Home Assistant instance and open a repository inside the Home Assistant Community Store.](https://my.home-assistant.io/badges/hacs_repository.svg)](https://my.home-assistant.io/redirect/hacs_repository/?owner=bigboot&repository=hass-jwt_cookie&category=integration)
+
+### Manual
+
+1. Using the tool of choice open the directory (folder) for your HA configuration (where you find `configuration.yaml`).
+2. If you do not have a `custom_components` directory (folder) there, you need to create it.
+3. In the `custom_components` directory (folder) create a new folder called `jwt_cookie`.
+4. Download _all_ the files from the `custom_components/jwt_cookie/` directory (folder) in this repository.
+5. Place the files you downloaded in the new directory (folder) you created.
+6. Restart Home Assistant
+
+Using your HA configuration directory (folder) as a starting point you should now also have this:
+
+```text
+custom_components/jwt_cookie/__init__.py
+custom_components/jwt_cookie/manifest.json
+```
+
+## Configuration
+
+To use this component in your installation, add the following to your configuration.yaml file:
+
+### Example configuration.yaml entry (uncomment and change if needed)
+
+```yaml
+jwt_cookie:
+    # cookie_name: <cookie name> # defaults to jwt_access_token
+    # audience: <jwt aud claim> # defaults to homeassistant
+    # issuer: <jwt issuer> # defaults to homeassistant
+    # http_only: <true/false> # defaults to true
+    # secure: <true/false> # defaults to false
+    # domain: <cookie domain> # defaults to the current domain, to include subdomains
+                              # set this to the domain name with a leading `.`
+                              # i.e. .my.hass.domain
+    # public_key_file: <location to public key> # defaults to /config/jwt_cookie.pem
+    # private_key_file: <location to private key> # defaults to null
+                                                  # if not set no private key will be stored
+                                                  # this means a new private/public key pair
+                                                  # will be generated every time ha restarts
+```
+
+## Intergrations
+
+- [Caddy](/integrations/caddy.md)
+- Traefik (Open for contributions, probably requires commercial edition)
+- Nginx (Open for contributions, probably requires commercial edition)
+- HAProxy (Open for contributions)
+
+## Contributions are welcome!
+
+If you want to contribute to this please read the [Contribution guidelines](CONTRIBUTING.md)
+
+***
+
+[integration_blueprint]: https://github.com/custom-components/integration_blueprint
+[hacs]: https://github.com/custom-components/hacs
+[hacsbadge]: https://img.shields.io/badge/HACS-Custom-orange.svg?style=for-the-badge
+[jwtimg]: jwt.png
+[license-shield]: https://img.shields.io/github/license/custom-components/blueprint.svg?style=for-the-badge
+[maintenance-shield]: https://img.shields.io/badge/maintainer-%40BigBoot-blue.svg?style=for-the-badge
+[releases-shield]: https://img.shields.io/github/release/custom-components/blueprint.svg?style=for-the-badge
+[releases]: https://github.com/custom-components/integration_blueprint/releases
diff --git a/custom_components/jwt_cookie/__init__.py b/custom_components/jwt_cookie/__init__.py
new file mode 100644
index 0000000..3ddc7a1
--- /dev/null
+++ b/custom_components/jwt_cookie/__init__.py
@@ -0,0 +1,243 @@
+import gc
+import jwt
+import logging
+from http import HTTPStatus
+from os import path
+from typing import Union
+from multidict import MultiDictProxy
+from yarl import URL
+from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives import serialization
+from cryptography.hazmat.primitives.asymmetric import ec
+from cryptography.hazmat.primitives.serialization import load_pem_private_key
+
+import voluptuous as vol
+
+from aiohttp import web
+from homeassistant.components.http.view import HomeAssistantView
+
+from homeassistant.helpers import config_validation as cv
+from homeassistant.auth.models import User
+from homeassistant.auth.const import ACCESS_TOKEN_EXPIRATION
+from homeassistant.util import dt
+from homeassistant.data_entry_flow import FlowResultType, FlowResult
+from homeassistant.components.auth import (
+    DOMAIN as AUTH_DOMAIN,
+    RetrieveResultType,
+    TokenView,
+)
+from homeassistant.components.auth.login_flow import LoginFlowResourceView
+from homeassistant.core import HomeAssistant
+
+
+DOMAIN = "jwt_cookie"
+_LOGGER = logging.getLogger(__name__)
+CONFIG_SCHEMA = vol.Schema(
+    {
+        DOMAIN: vol.Schema(
+            {
+                vol.Optional("cookie_name", default="jwt_access_token"): cv.string,
+                vol.Optional("audience", default="homeassistant"): cv.string,
+                vol.Optional("issuer", default="homeassistant"): cv.string,
+                vol.Optional("http_only", default=True): cv.boolean,
+                vol.Optional("secure", default=True): cv.boolean,
+                vol.Optional("domain"): cv.string,
+                vol.Optional("public_key_file"): cv.path,
+                vol.Optional("private_key_file"): cv.path,
+            }
+        )
+    },
+    extra=vol.ALLOW_EXTRA,
+)
+
+
+async def async_setup(hass: HomeAssistant, config):
+    """Load configuration and register custom views"""
+    domain_config = config[DOMAIN]
+
+    # Because we start after auth, we have access to store_result
+    store_result = hass.data[AUTH_DOMAIN]
+    retrieve_auth = next(
+        filter(lambda obj: isinstance(obj, TokenView), gc.get_objects())
+    )._retrieve_auth
+
+    # Remove old Views
+    for route in hass.http.app.router._resources:
+        if route.canonical == "/auth/login_flow/{flow_id}":
+            _LOGGER.debug("Removed original login_flow route")
+            hass.http.app.router._resources.remove(route)
+        elif route.canonical == "/auth/token":
+            _LOGGER.debug("Removed original token route")
+            hass.http.app.router._resources.remove(route)
+
+    private_key_path = domain_config.get("private_key_file", None)
+    if private_key_path and path.isfile(private_key_path):
+        _LOGGER.debug(f"Loading signing key from {private_key_path}")
+        with open(private_key_path, "rb") as pem_file:
+            private_key = load_pem_private_key(pem_file.read(), password=None)
+    else:
+        _LOGGER.debug("Generating signing key")
+        private_key = ec.generate_private_key(ec.SECP256R1(), default_backend())
+
+    public_key = private_key.public_key()
+
+    domain_config["private_key"] = private_key.private_bytes(
+        encoding=serialization.Encoding.PEM,
+        format=serialization.PrivateFormat.PKCS8,
+        encryption_algorithm=serialization.NoEncryption(),
+    )
+
+    domain_config["public_key"] = public_key.public_bytes(
+        encoding=serialization.Encoding.PEM,
+        format=serialization.PublicFormat.SubjectPublicKeyInfo,
+    )
+
+    public_key_path_default = path.join(hass.config.config_dir, "jwt_cookie.pem")
+    public_key_path = domain_config.get("public_key_file", public_key_path_default)
+
+    with open(public_key_path, "wb") as pem_file:
+        pem_file.write(domain_config["public_key"])
+
+    if private_key_path:
+        with open(private_key_path, "wb") as pem_file:
+            pem_file.write(domain_config["private_key"])
+
+    _LOGGER.debug("Add new routes")
+    hass.http.register_view(
+        JWTCookieLoginFlowResourceView(
+            hass.auth.login_flow, store_result, domain_config
+        )
+    )
+    hass.http.register_view(JWTCookieTokenView(retrieve_auth, domain_config))
+    hass.http.register_view(JWTCookieRedirectView)
+
+    return True
+
+
+def create_jwt_cookie(response: web.Response, user: User, config):
+    """Create a new JWT Cookie and append it to the response"""
+    now = dt.utcnow()
+    token = jwt.encode(
+        {
+            "sub": user.id,
+            "name": user.name,
+            "roles": [
+                *(["admin"] if user.is_admin else []),
+                "user",
+            ],
+            "aud": [config["audience"]],
+            "iss": config["issuer"],
+            "exp": now + ACCESS_TOKEN_EXPIRATION,
+            "iat": now,
+        },
+        config["private_key"],
+        algorithm="ES256",
+    )
+
+    response.set_cookie(
+        config["cookie_name"],
+        token,
+        httponly=config["http_only"],
+        max_age=ACCESS_TOKEN_EXPIRATION.total_seconds(),
+        secure=config["secure"],
+        domain=config.get("domain"),
+    )
+
+
+class JWTCookieRedirectView(HomeAssistantView):
+    """Helper view for redirecting after oauth2"""
+
+    url = "/auth/jwt_cookie"
+    name = "api:auth:redirect"
+    requires_auth = False
+
+    async def get(self, request: web.Request) -> web.Response:
+        """Redirect based on query parameters"""
+
+        if "state" in request.query and "code" in request.query:
+            url = URL.build(
+                scheme=request.url.scheme,
+                authority=request.url.authority,
+                path="/auth/jwt_cookie",
+            )
+            return web.HTTPTemporaryRedirect(request.query.getone("state"))
+
+        if "redirect_url" in request.query:
+            return_url = URL.build(
+                scheme=request.url.scheme,
+                authority=request.url.authority,
+                path="/auth/jwt_cookie",
+            )
+            url = URL.build(
+                scheme=request.url.scheme,
+                authority=request.url.authority,
+                path="/auth/authorize",
+            ).with_query(
+                redirect_uri=str(return_url),
+                state=request.query.getone("redirect_url"),
+                client_id=str(
+                    URL.build(
+                        scheme=request.url.scheme, authority=request.url.authority
+                    )
+                ),
+            )
+            return web.HTTPTemporaryRedirect(url)
+
+        return self.json(
+            {
+                "error": "invalid_request",
+                "error_description": "either redirect_url or state and code is required",
+            },
+            status_code=HTTPStatus.BAD_REQUEST,
+        )
+
+
+class JWTCookieLoginFlowResourceView(LoginFlowResourceView):
+    """Wrapper around LoginFlowResourceView to create a JWT Cookie after successful login"""
+
+    def __init__(self, flow_mgr, store_result, config) -> None:
+        super().__init__(flow_mgr, store_result)
+        self.config = config
+
+    async def _async_flow_result_to_response(
+        self,
+        request: web.Request,
+        client_id: str,
+        result: FlowResult,
+    ) -> web.Response:
+        response = await super()._async_flow_result_to_response(
+            request, client_id, dict(result)
+        )
+
+        if result["type"] == FlowResultType.CREATE_ENTRY and response.status == 200:
+            hass: HomeAssistant = request.app["hass"]
+            user = await hass.auth.async_get_user_by_credentials(result.pop("result"))
+
+            if user is not None:
+                create_jwt_cookie(response, user, self.config)
+
+        return response
+
+
+class JWTCookieTokenView(TokenView):
+    """Wrapper around TokenView to create a JWT Cookie after refreshing a token"""
+
+    def __init__(self, retrieve_auth: RetrieveResultType, config) -> None:
+        super().__init__(retrieve_auth)
+        self.config = config
+
+    async def _async_handle_refresh_token(
+        self,
+        hass: HomeAssistant,
+        data: MultiDictProxy[str],
+        remote_addr: Union[str, None],
+    ) -> web.Response:
+        response = await super()._async_handle_refresh_token(hass, data, remote_addr)
+
+        if response.status == 200:
+            token = await hass.auth.async_get_refresh_token_by_token(
+                data.get("refresh_token")
+            )
+            create_jwt_cookie(response, token.user, self.config)
+
+        return response
diff --git a/custom_components/jwt_cookie/manifest.json b/custom_components/jwt_cookie/manifest.json
new file mode 100644
index 0000000..473ffce
--- /dev/null
+++ b/custom_components/jwt_cookie/manifest.json
@@ -0,0 +1,18 @@
+{
+    "domain": "jwt_cookie",
+    "name": "jwt_cookie",
+    "documentation": "",
+    "ssdp": [],
+    "zeroconf": [],
+    "homekit": {},
+    "dependencies": [
+        "auth"
+    ],
+    "requirements": [
+        "python-jose==3.3.0"
+    ],
+    "codeowners": [
+        "BigBoot"
+    ],
+    "version": "0.1"
+}
\ No newline at end of file
diff --git a/hacs.json b/hacs.json
new file mode 100644
index 0000000..60f1a38
--- /dev/null
+++ b/hacs.json
@@ -0,0 +1,5 @@
+{
+    "name": "jwt_cookie",
+    "hacs": "0.0.1",
+    "render_readme": true
+}
\ No newline at end of file
diff --git a/integrations/caddy.md b/integrations/caddy.md
new file mode 100644
index 0000000..660d68c
--- /dev/null
+++ b/integrations/caddy.md
@@ -0,0 +1,82 @@
+# Set Up SSO using Caddy and jwt_cookie
+
+Note: In the following guide `my.home.assistant` will be used for demonstrative purposes, replace this with your own domain.
+
+What you will end up after following this guide
+- HomeAssistant reachable on `my.home.assistant` with automatic HTTPS certificates managed by Caddy
+- Internal services reachable on `svc1.my.home.assistant` etc.
+- Seamless SSO for HomeAssistant and services
+
+## Assumptions & Requirements
+This guide assumes the following:
+- You do have access to manage the DNS entries for `my.home.assistant` (i.e. you own the domain)
+- You are using HassOS or Supervised (to install the caddy addon)
+- You already set up your DNS so `my.home.assistants` points to your HomeAssitant instance
+- You already set up your DNS so `*.my.home.assistants` points to your HomeAssitant instance
+- Your HomeAssistant is publicly reachable on Port 80 & 443
+- You already have HACS running
+
+Note that none of those are hard requirements but for the sake of simplicity this is the only setup we will be looking at.
+
+## 1. Install jwt_cookie:
+- Add the jwt_cookie HACS repository: [![Open your Home Assistant instance and open a repository inside the Home Assistant Community Store.](https://my.home-assistant.io/badges/hacs_repository.svg)](https://my.home-assistant.io/redirect/hacs_repository/?owner=bigboot&repository=hass-jwt_cookie&category=integration)
+- Install the jwt_cookie intergration in HACS
+
+## 2. Install Caddy2
+- Add the Caddy2 addon repository:
+ [![Add Caddy2 addon repository](https://my.home-assistant.io/badges/supervisor_add_addon_repository.svg)](https://my.home-assistant.io/redirect/supervisor_add_addon_repository/?repository_url=https%3A%2F%2Fgithub.com%2Feinschmidt%2Fhassio-addons)
+- Install the Caddy2 addon: [![Install the Caddy2 addon](https://my.home-assistant.io/badges/supervisor_store.svg)](https://my.home-assistant.io/redirect/supervisor_store/)
+- Enable AutoStart & Watchdog  for the Caddy2 addon
+- Configure the Caddy2 addon:
+  set `config_path` to `/config/Caddyfile`
+  set `custom_binary_path` to `/config/caddy`
+- [Download Caddy with the caddy-security plugin](https://caddyserver.com/download?package=github.com%2Fgreenpau%2Fcaddy-security) and save it as `/config/caddy`
+
+
+## 3. Configure Caddy, and HomeAssistant
+- Create the file `/config/Caddyfile` with the following content:
+```Caddyfile
+{
+	security {
+        # Set up a policy called homeassistant
+		authorization policy homeassistant {
+			set token sources cookie
+			crypto key verify from file /config/jwt_cookie.pem
+			set auth url https://my.home.assistant/auth/jwt_cookie
+			crypto key token name jwt_access_token
+			allow roles user
+		}
+	}
+}
+
+# reverse proxy to home assistant without authentication
+my.home.assistant {
+	reverse_proxy localhost:8123
+}
+
+# reverse proxy svc1 with enabled authentication
+svc1.my.home.assistant {
+	route {
+		authorize with homeassistant
+		reverse_proxy <your_local_service_ip/domain:port>
+	}
+}
+```
+- Create or edit your `/config/configuration.yaml`:
+```yaml
+http:
+  use_x_forwarded_for: true
+  trusted_proxies:
+    - 127.0.0.1
+    - ::1
+  cors_allowed_origins:
+    - https://my.home.assistant
+
+jwt_cookie:
+  domain: ".my.home.assistant"
+  private_key_file: /config/jwt_cookie.key
+```
+
+## 4. Restart HomeAssistant
+That's it, everything should be working now, if something is not working as expected check your HomeAssistant and Caddy2 logs.
+
diff --git a/jwt.png b/jwt.png
new file mode 100644
index 0000000000000000000000000000000000000000..0ab60de5205dc3db8059fb87b604f80d1fd07cf8
GIT binary patch
literal 12136
zcmeHsQ*>p)*6xmN+qP|V*s<+&cF?hH?KtV!wvCQ$qtmg~F*><9=jYS;?-=*t-iKSY
z)>vcJH)_?lX4R~k_*nh;4M3HXmX!v8fdK$upB3=20SEy=eikT5C}?OX7}(DW4-W?i
z508p~_*qeLQP5C6FI+4<ER4^aniwCSn3|D_f{Kxgg@sE(L_$l;73}}?10VeWG+3}A
zh+_yaasW6Q7z7&F#~^^`lOQ-a#6P(HM}dKbhJ%2F0t5eS{0H*iATaPx02&7NV;z79
z@rj~Bpnmo$HLH*LkIw)9`F~jgUKP(uO4A~CGoD`QoWEbETJ2$2(7{Ci_gQfOr)up&
zY~Q8@iuEK*>1}&wF7KX5)D|G)cCEa7-EQ}Es2Q_~+3Igt0VD+zGu%pBM@Gs-uMX!{
zpit9wTdOcvbbidS5{4C;6FoV<uajK4jd1I*8`-FTr8g8Dt8FH(HmNZ0zlRFxlPNjs
zt^Lsz-%Bv7i3R_c6v5R&4lGt<3xtVlrg~j`6V+%3n;!rueowE*+peqQT8+ck*W4OY
z;-$b*p`(6=ODH>=aF)P+!QM2mv5`^x(xpG$hQe~i0Y^(lPMsQWei?4_z2y|IzWlZm
zCzHL=#ammaEcR`dCtTl}o@k5DmXIt*_H|EfS8O;yO%FPy7Jha7H7P{{v}g8RS(YCE
zT9|j1qX?JV+(!p49hMJ*=^2@F@o56Z2XS=EW9QW-xqnO5$Vd2gkZaymu<v_3{EVI3
zfAjG^BQ3u4XjP7msW;!(8MrzuxNVIZTF-T(j20p03M$;(1=hSNMx1q;a><Q8Jgx}f
zA%jv|(kp}_UbxRJT6C&~Qk^fC+!kF8Xn7rG|201p-LWNa`AgrKrh)G)N+$<i_c^z3
z8><68k1)C6&ppuf&XB&xJ!E|~s^Q)u-Cvn5nD)H3!_TH)YsbI$)BkMe{Znp_vb49q
zZ(gB$x{BTF#o4{0ru8bi)WUb_zG{WONIb|@*=ewC?5AE?YOBWh{D3(ey1ITapJx%x
z)G+n!yfN3UvZb)%L~Ot>;9pbaYf}^9Py$z7d4)NfxElJ=6WwmeyrQM`=K?t0d{Bq-
z<vOEP*Ui5+OLzhG4A=K`RPz~w@Zzz0?t#yf!6lu%3YC%G*Xro^so7(zSP@bOP*(|G
zbLB!LWfxS;azD5XnrNzeegq%jFB<yV!kUu0X8AeWGo2b6DoZYTJH4X+njPS;Wt(_U
zF!gW`erCn#5{THJJ8TvI?``>HQ?q}>FxDwpx^9NdhyeL1FhBNNC5}!8_)u_dRE@)K
zM!68EJ(V3nPa!!oGhhWuEESMoE5&Y>nW<CP6m<PR3=0(%VspI=Tr66`u?KdEF@)=x
zgi|v|Vl@(WsDPQt?cWtQpgZX}HPFZ!HY#F|6OrGK_UG#n=4RDD>mfhTl`;5gU*I0M
zHQaQg1+@JSV*$W!uLkV6riWD(5e!ck%-?JjS$mpxea6tJ5|-?@lMG5$ziJhvPO>+t
zdE|8pEn_Xr;2Mq;D0QS3uACtZ)WnlLhcg#|CekmV64~Jxs2;vgw*kAx5buCMhvifr
zl1eUWhUkY-a|i<q`B-%v*r|nT%fcn^t*CtvBKYR$k5WzN$5NX8h>TRburM8Pq>6xl
zNm$7##iaS=*1q}nHH3lNZB^5VKIXx1(Js1?z7?yYuK%E~htt(<jsC#>L<Mp3dc@tP
zvw1npS?RvIQ_;iAwS<5!JWoe`sJQF}t6|@q)jv>LOuk!$!-gPkA+&w4)?0Xq*`Mxm
zO%wk<%q}ZI<~o`i2HE6$WPRHowj1lmza0yw7SXvXuPQd*!5WqSCDZ>8{=X^#h)=VK
z4;26g2@VbbhXaR%g!zXB1odh9K!d>mU{QI{&@nKvaJe;&Ny(_$*g3Gt#WZkeS-I4{
z=hb~0MzEg-6Br!e190`aD)Iq{W)z9>a@sxu3&P|QDl^+nM;7IyL#1wryQBz&j#V~U
zn`9XMIaadT7-92X?8IqR)Rmece=ax>Ww+?}O`^Ehjwga?yh2S(lhl;;={3#J_^B%~
zWZp50Kg$a11F(rZZP@GO8Xk3bU^C1M&?Fmqh#tJDw`@J_NMyx<{;I3`0XViH?wDzh
z6LU(UzDJMQ*DqmHOsNJb$C>-Q+ia;i8>c!6N;NLZF_U|Nur~2|TYB|W*AsR$OLgqj
z{!X&4bab~6M5j5zu2KL-`5?1ckc0}y&#^k0)>!V5L2c>sR1Pm*bIOeas3m7xBHvb#
zcrAzicxt_7?*FNM<QY3Kx^zey@7>&{N%3#*QDPu**7J(E6SE%!cRb9tSiyHBiG*h3
zWs_;#X;*0e*%$;87xwIMJ?fYFy$KEUZv)fs^1DZXVd(F!JWD?HPze5RT0Z1>l;ye9
zw%e<#7Ftd>LzjRXs|`CLbL6nY+Tp>+r=&WEg1@VpIl?0YiNEZoy{05G_5Nc)-I_~|
zwyc_KdU`G&uRw+|jJN6qBkNWk&?f{mh)i}m57^%2*R<TbuY9)3bl>dVb?w{|LC2|(
zOM<`*MxRitDsayABC2w5Sez+kw&V<>tXr6DQ*dEtrIbuwF7FI$T+Yx}xCG8dHS=3i
zSu~Ns_A93mN?5C|Bo1l`8#;rKtBA<5ykVtiF^0pvfDIyQBEK9`Z2eKfuP?S|O`jJA
zRwXA$UE9YJ=Eym!nYh{Pql7gfBJ*KXGK>A7F^G!T#|ggj*&qkq7eXwJAy!ACa8_v!
z(-wzF5*pj8ONA1JJh^pj@gtR#V`D~*e1|FmDrUjmdWwDktXA~iE8XjSXnjx+dd+OO
z5GeZ=zWDr77FoMAXp4Gk-CL0qyshoptEs&Ki#N!Trj))xXHYS%C+f1oo#u%7-Hl(P
z1^*a00B;!v!_*#-$(;O+IAZAja57h-XCmvDo91w?cl&<yTB5m&kAL<P))lDFZVjGD
z6H)~Cfwexy40nV^O0vyiM3b_v?T?{_$6v+|fM<_J{hKh!K&!u4^pT;Gx$rVfRwc<q
z`jMHqx#22TmRY574@Kj8O0tL5v$GTU6ZK@nV87QP3RFv*gN`u4-2;-H#AUuAk=m`q
zfZ(}%W~o0Wx~g^oqGD|PYwe4&f`@mvacd!3gc<L&5bwl^g+eup=_xUwaHbX7C{$7(
z?_firb>qRW;5*1dc36mSjKLc1SC$ZK>YSl3T`;oC$l-*S{C0Wn70-B!Ncg~$+to3f
z54zaSkg+0=th7$XoGzv^yB{uWOmjS+NC+lua5b8R5XDonI?=23%()fNh<!?1g0?X0
zssBpmvlmuM4Je<#O<Y)(EPAe-30Hrcy`B*uIy~7PQchvgmQ&?UGs#UpKw|)aBKn<n
zHiV3CY^!DY^*MLY>jsNFv?`@gCe%G>E6+^LoI=M1tXCu>Urr-jdb*pV?;FmcsALS4
zo8C+OySC|9-$_t*HhS}ho?OpA0K;6`SQh#hGWs*iDC6?J-VpIGRTwrBQT?dJRvD-F
zX`OWZ_6A4xV$>Rho|t=;#&rVPY&5(_#&JF*n#7I_!)%{(cXOJXL5z1~*0m+@lt*nM
zY)GJb13>)&J4_*Q&217Wv6Xm45@OpmVj;NQXw*F6F{tezlQpQ|sLmAmm2wPv1e^o6
zZP}u6SF;9C!JZyG-3nI7kr^5{Kl7MzV03c*PSp8=suliqdgr^X*m93SWkkJ(Je(E)
zQM9ixpC%Lc1JGB_4X!;39*0zin3EFoV{;YFyfwSmVC=7_3I4k4aSTk6R-RYZCET{M
zl!v(U-jWEXAjkBGXNUWZWF?)dMobv}WZfK9b-z}{9f_Rp@32YAmu?w0vl{QJVl{KC
zY}-W<G^$J;>(^}+bD=JSJav~3fVih$P2vx-HL_g1cDW&E#$;j=^Tn|j^z@bi+qf#U
zjE(kbjjT#xSn=hid^o5TyE0RFsut>l>Pwd+v|#aenVPBk4TzYiMcmO?v@o@uO}grW
zdV}blWwkY&W>U74r-!=7Heign_-))*4v=-y2Y_H{>4d@1@#K*0`1%5EJJR;ZwAfGR
zzt%R^WICS(<H40Q+xTql0n_4jKBbr${DEv3ZdI6F$>k4+H+nlA2cs==-Jb<=f;_2R
zk5(Ec#509>M?DIUJ|mBD$TcfrX{+O2W_}<XSjs9Ga?}W=iuHc|=8kdNjEodHxkXa{
z@NZ0$8NJ-X0$G*V-=&fT?`VBW4hG}Mx}MygE{z(3&_ZuZkN!6M9H&(NJlH{E(mB}w
z^;JJE>F()XX$l4Lw*HrW_M5gK<Wxp7ldPO-77ecN;p#Vg7D}3Seye6J1`#E=gM|}}
zxBSh6B}UmFF(5M37~DU*oy?4$jya%LZ}hS)(;0dMrKi)0jm79>^d~9HN%TItAPQ=~
z*p&{bc}W3mhWTQdG^%HIqC>~5J>C({>~I*@Y&S!#oz5BKU$gbHa?eY_&jgKZC=A!@
z;eIf+RY}*qbN_8cm@`>xVur#sP#IRL-kLC7F~345=bnD~PijW@wHaz=c?wyfR1~HT
zj5Hg_HRX@L;&0;wkB&>XFPffnu5nWw+LXv(#m3M5)`8&|Cr+HdHfMFj8wo8Yn%&7S
z_y`4MlPso^&(l=}T^)=Olz~@p)?cRSdYiK@@rJmoOzYX@6N|^<k3v-ksN2nO4f)wN
z)%<}zyP2<g7H*8)zpAb^!v5lqn8@a@`7sZYWc?G&c-1r3&uv>T$@F5`!~NTkb**K4
z$~r6_Q+MQTq(Y9GObIjXORwqwSkiSCn{l8kR)ryCK#Tg;H@{xtYWiYH;8ZFru$b9J
zJK+YVib@U2BqtoE&GzcmGi~NT`g(Ga(zd1#q?!)?RuVrb!OCTsR&UGV<wcpDU3Q-F
zVD6%1fSjm#VjhJL{?L-mSF;_QuKFx-W>>PIWjim6i^0qHt<aJOqBfJ;)s-5LAT@iS
z9Y~wLG?AqnHEAB!Jj=Z?+m&dkH8ywEVN0aYgowrtglR4*ZrDDOH}|SvsKhD1SIn)<
zMCFtkjoPc`pQyAOBtvkt7H8!s$DxZSAN&3|cF=lhd-t&M$W>D(S8JR@>?g=+8BOFz
zAecZd;BL4Z?&u*$<;PijGQ(+=yadwvDay3I@cxip?#QBCCdbID=+K5_#!ULxtLj{+
zx@Rqu9DA@sykMaO*NKUwd6;Hx=O-(T(_+|K^G+%y&mu`4!Yy#NV2f^Hh=s^Hm>&AK
zzO3RS%E{?Uxc2m$nnu5g&Zf&!=PETB`vzmv1noCC2I&vLkC>nVZ{uAtU^M2ol0jE?
zrL)z8_<~wz3KA+`&9b3PWI7W0i}&lYt<4Ni$#vZ<BLpc*U@13a=Y>4w0q6n{IM5P&
z8nKSu#Ka&i?Y4Y^4yipIQHk#}WX=bp0=!Tx;)-uu4$^4e+IC)p%SpWCcY{FmdoZXh
zIA4UM*4;YgN!#aJ|KU_(=Xg`d&QdnhsWn)B#L(0U6*d-NRtS5t>EI$QyVjzlHLV#c
ztStFgs4{0Y6%W<-K}*Tv_lC9UpnvJ8t#=JfT>=TK?Xz-m<5Oa9so-3WnkJuT``1!8
z%(b$%61xndehgsH*NZ}~iwc2XvzkdI=p|Q21Bx@>1Pe3ATNi(}JHCkjoG$naX%*N)
z09=QuP)+T2h#)AyDnSq$c=2l9S=f8eN5FM$w<vs*uv>^TDbVT~+B5<3I@wV$oWtHe
zTeXx5O-BjZXs!6uRBUoqn<Xl}DG6XrF+{0s>j??I7!FOS;UBD3?cbUhLLYCdGjwiZ
z4O%>yE#tJmw;i^>K-W(t<w`wFP4QFHPFd+%gpIi|KMk+AVc4Gs&LIF_5v}GHjaWt<
z|N5YvE!&}^t!B?~m(BD+aV_j9&?DtlMy~C;oj=DXs4_zZO;isUUwR#K<!1uTC4fXx
zYc2S^Wd1PI$(<N&XU9}Bdkxn=qFbU4iry&-Tv4~eBui*!8t)-1;AnnJm)|ebFR=xw
zzIkQ&ws+c&n!3i7b4RGfUwBLx)aacxJ>+ReZeISBbkpo;?rc0h?ovGp9gKp}VrJAM
z8{@xRYY?qH+xt`0z9_;naqCTzYqX7=64D`*169+&J1F&taq_YfZZu=gy#(G>`Ecj7
z?J+ayBu_Tnun{T0dSo}fYp|(3cvSPQr19M3wPM*~2%iz9pQ~DnMk*6OC!9yaw8B_j
zo4GB$>d=CgH1c(hKV-NYq(%wv4qF5xvrL-r^8wIz*8dBkeK<B!@@jdQ&Vky}Slu-c
z(y`*~ZPOuzY};QK3_L?jM|Q=T_(Rxg|NTBT1iqOr_O?o|b5Z?V^Cie4Os5ITTR<55
zmui7biBbql<FshvTVb~D4{6JxZV?fo;SWIb65mqQ9)1*!fYjmS%wRcBCKl_sENr4k
z+r$9w;Av0)`BclS(9W#sV)clP6)rusOwI1NJls$Ep`_OE;z7swzEQL+X`jf3ePwR}
z$7(T4FxWqxQ8RU)A)FTCg%-oZ{P{#K>F4ZPFnRn@p*Rn}3)^JJRox`dtd**<upi#;
zPRXkcq{XB91VT51CR0{?mv}La$);uE&bKlOKbny*PJYCbe=*Q~bVze(M&%*PHd$qm
zLe-QiAerWKXo7!u7@&1YrO>=D*=|&pRZN1zz5HxOayz_W3grQa1ydoRCkV#$!av%=
zg+a60*ep}PbGjr@aa27bRRofG1ZTP9v()`P?G$m<t$mh2udi_5-134J9Tu}=ilzQ*
zZrxeO;M-Ua2Lle7N6pQ-!eXy0E(x<qt|%p8QQ302wi=1zN9u@QYOA<1G(IDG(b`dB
zt6i|>!QFJO{=%gZAFK6XaB((Oyzuqs2jJT6A8sug01N^g0vZAm2JYY7@6RAU+Gk9k
zj13wU9fMqqR9O`U(<Bg!UEDN2As?H9Lq*NZv0?6?ZtZ6(Km_mxVfdhCmh%YR1V{M;
zKrIw!W;g=F)rTq_g4JI(U#VM3xA2L!aaCI<%FaTmX3J?1j>k9~&P!xSqJA+IymH8l
z1j&c0+D=Oq()$0>Lu*2nCi?yscTMQO;NEZ%e^B2xwI$pN+w$#PpxayD4|2WbZcVHd
zjrFLzT}q_)ZR|P#(=vh}A2mP{3QSZP6NP@=$7T-&dn)fYJ#QKw#yrl2MfX9oysh}O
z_QOCd$IDNR?;9QVu0S{Sa;dnJs^zRgHnx0CNa5l#H>Xo)p#xI_`Or1xO6lch{1wL1
z*AB$*Y<S4DFZt?gm6@;OD;}{szPh!{{xE+TzI~6vMrn10PEfoc9m~nz;lI3UA1ga9
z%8N=m(0Y;zeRDp(;e|zp42Seh*-bOhl$vsQ9D#jXCaA}qo@u|g&t>!o!lg>u5Lza1
z4*HGgOHkt4HWAI?KR_u|ZsP9Ctxq=cG7|DG_lnii1M)RJ3?|DHCB~?^JT5H2r?I!;
z_cR>t+00B8&g6>?Zytn;h3^=t>vZl1hWCmNyQV)=pF=p>XfD+gL@kzIhkG{yATiF|
zJS%^WKY~c=M@Xog<9wN4-3(NV<;nyFZ%D=Nq1+pvnyb<_(s&l9>tC3nEXGQmRqlzu
z1>r6y8WSmnoQ7p)cb&DDog5e^u*#&IcbaE<I^H!eh!slRh~-oSUyuZAZeIYuGxDT}
z?QPqGVTR|qdwxC3VLZ~gVzBv+W8&VW{`1kRD8p*ryV>@u;8}(6o_3OEl4WMM0#T0)
zSAj7Y6$*koCg(L5kzk|MLnc;VO?yj<m+V>5`RdIL0>Ll~TZ~-y#YFKvvP2_3r}YyQ
znW=|e4~3QLdfkazc&E&4XsGc6uLZI}H!sbZ;Ng*fQjdBrWcGZ~Rf@14jEhHJ89nl`
zz~01+-GF!yKJyTgyEXiI=OryxxiXFgxH=>t<Vy;yWN2avDcu-G>aGgC__%tAGA-d^
zC?6fXcvb?RA6)OJ(r}^y!2gl>`b>&}L;O=~KHmUnkmzJks2FU}9OB9<swR$s<m_UY
zq!js-@uopP|EVvZ`7@EvFp$^>pkn3xYL)$LPi<tKgj4t`BjuGmf9mE{*Asz&Knt%8
zuUD{wZ=1KhZSyI0(kaj;O5w~aM?A8WLuH1PKXWd}h|96~Rtw*V3+{lZ0{S=c$r>(f
zJ+&Gsl_<bFBh5J8S%POkeNK=iQOvTLP~=Z83;)_H2VPv36r_2keo`KIoiBVH3`WE!
z50t-L^9Bjf;0k<!GO>%n&i-Y712U}xteZwpjs7EUn5X^qUrtp{v@N=F`a#4j5NhOw
zs~+mGHTxv+xE_HATiUkv3@AlkMQPGlftD>xLwej$LC^1Ve^+G4hRKnc5i2UcF<pvO
zZ{dx!;B$)wG1jbn6RUqe`{oi&gfxhY;UGY`J-;kqvv)J-c*qFWW+>`6plx5dzkt9-
z3?2Oeh=HlD;G86xRfnFhR&Zd@#PUlOs26e=GVvO?*z!g4VdG8qScqt`Fon7pU1ljF
zU_ki38Zaq9caOjEm)y6QzRE@ub01~@DFcHpnaY^$3#_)ysJAe5-ns`}la8n`Qhs&M
z9CW0H78_I~gq}Te$SP}rEsse@zIJF+>2i&o%>c`+Qe?Hp-&hQ1WdzC2{~X#RqB|0&
zJZFHmY=P}A|IuerDc#q``rH|wG9w;621Y<LZ!Tf9-b}7I0zAQ~3@ge2^D@#7KTd8C
zLC)72A)Xciz+>vQ9o2syzR`&Xf%HwCwk{vBy=P%MAu3)<ppnSEOJ;M(FM~x_U230)
zy%GUUAGWJAgVU@mAJI4n$6GSSUW(DW<hQ%AD`kKy)^OCrBwf0?eufTOJC~KhnnSgf
z{!fQ$j*93csbnxGx@^rA!Q&}hZYFVc(yVoO3`uVZcVZSU#)wVO4tW}buXhit{5XsN
zzJAc@vG1uoo*7Xld^#2p{E4dN9v?}t7c#Mna7u*UpfBBOM;=LNfkzzb9hNJ4_wq}I
zX$f|N#i9zs00eap7l~%aw%lL=tsVmKt0pCsDC7#dxy7VC5)Pa|h7KhfN9&N|J~m(A
zU1_2OvxeZ11Vx&;nYX)o(Dz3}4MJ5~XK%I=1&M$n6fX~4NP1WBHmA|wJpro2n^vZr
z<cZKaf#(Yd<;3Lqp~)>Kle+n#OP5mL4|VX8k*tem2%wwqn!n#bv1{uVDnvk;Qdl9F
zs16#k!m#P{Wv8*$VHz_rpmTE8%O=GCdBfK(#y2<e+UX_aYAT8yoE)@vcu(^GRBTz)
zPsN4+KtUnEK|?|QL$&{**pO(SCm|Ud6uFp`3MQ$zv5BdpQ(#g(1-qoGT5v)`BNm55
zP(eSdb7FEnH096v{|frT|3lla-aY`KJUgG84o4Q0%D}iH?onvnzz2Y$3IBR!Pjlm<
zaBPjnLNADqeLsj?CAi!Wt*XADiXR13-&fJ`hlALy_6NTr6eUtosZSya@9f`v>yUWf
zDcoJ!AVP2fSgt#ncdVr}k;K-s+*qHcVE+sO27d`;@?iT>iZ`74{UaJvG-t-8anz~U
zd3!JPFQhB2ZAO{&%0csp1es~S1MZNQYg9aYmSc~o<X)or^abr!Uo1M(`j<A#&)7EU
z*EY^W^0?%IPFZI0X6pjdNmgUZJ%!WI2HOp6`UOd5kIh@+FQTa&U;0f)z<grWzBrA;
zf!3+am4GXB-Vv3_-GdtAhP(6!ERI-CX>C#M@|#ksn=|;>sQS|7wV+T2DFfU}I$Tl^
z=~IcS2O)dTHrXG1Ktd&_FWV?@a3Qukdd(J2h-%XH=Wq64Ewz%Qwntr*34C?2XrsO0
zN;OOL@7o-NxX4Q=rO`7+hF}ZMvok%w2I~r?wNs*3pn9M`o+wV5!M)wVGr$u9PgdfD
z6IyH=5E$jib9bjkBTaT>^Dz4YmI42FoHA*A9(^6dnorvAi0L6y<XU><p=fm^N(GKu
zwI2_Rpo7&$xo|+GruRm{wv>$7>`A0ZwM&)M-0^4f6?90vT&RJPOqIN)cZP@Tg!GBn
zQIB+UYXH&ZJfhVsEj<XJi6t#tSjI!Xn9*wxR`vnNkoLHjjfIv*!N~al3>d|_`qrKx
z5n23A2{^$Tl(;<}=f^VH=akqmn7|_r*6jyAxrYC!LeRv*q`jjZj$Lt66T8B}3Ilx+
z7gCFwaWVXfb|(-3%*2$%eHX<M0|BvkMhE)RsH6<sm6eI*ZP|NwrJQ<SFg^fYy<v7C
ziDwEGIB>^irO6gKh(J!6P!ZM|t<NZz|CJWn=4hzoBQLlJEg*x1qTbT1E73<~Vv0WR
zVHurv3DXn10R>G3Mwrmd(!Zppwq2NxofnU3_DwTi2R=9H$9e9xja5U&&ip0VPKiex
zZ9!@|t-OpEMFdG?F%2P3mW?*4b9^xVba&~P${7mWaQg=!n{ds{TzD>OK>9%D&ixnu
z8?f@iU&i{3<-Ce&4fy5tf>*vT&Fl(DXY!5m*Dc%QkC<Pa2`_Ovpha1MSIodtHt`d1
z-}QiXuZ|<7wWqQI>r93!c7_E?npYbk=Qo~1A#gf3+agwbNMh2%!c^#^l0x&5T*wp2
zNY)|k-|ffXVP&|uJEE#M#Nf^u^{an!FY=obnlm9FgdW3s@lRik=JEL_UK!B!HouVP
z^p`YZUQ<T-#Blokq05VZ`LR@e`!)6C6f7x^c(1-S+ds>>$%Mt$Rj5vLA0(jhuyY3>
zZAn$SqvJ|#Z%;LQtkP4`(m#0>!II}O#^W?os-@vB{Vo!GTlij)9{7$J@_8OZ6>CvY
zAR<dAGZyMZv*Kd0LBy~*#JyCQ!-TMOh@6z9vh57bkOXW?X*;U2dVc_r{J54LdW$$+
z(;loR*7KVj+76G$>N=wKW&==xDEvYbzBennzv12(_W9&44_7Y33^*;$Yg1%zsrIxJ
zUru%OW<x5Dmr^~JVY`{Vr)%059{lJrAV#t39ES^(nA!a?N+}V^T{?-uBfb$(_WXu1
zE|{tgfRU}%p-eZ$-$EQAI62S;Da88}V4WaEk+Kft?}B*C7a*S3JBqxuFr^w4CWya&
zh4I~~9q#B^xeEg|yibv^TVGO;WQq=L5(vG=1Jmt*m=u>QSiyE?45igk{MUv<WDcZ`
z83cU!AeG|;33zB(JLJ;Z1l=%Vr2yXBdubPkoSjR(In>1~{(sJSc@Qjlio_rSx+qvU
z{s!;0DPB=D4OnK*;(~(bh+fb$bj<ny9X4Ap97&1XP|6DJ&n?GV*kYF3zet9#Pb#ek
zxE$m*_84G8gsL*iDNb1<ke&=CWY^UAB?<L#+H2ax-j{}0U5QGqVwPqBdFF{;0L(h+
zvt*2(d=u5axLaz%<BfGr9M76UMi@yOr~OxkbWB<N7gU?$qlt0k_r44^qBnFso>TW9
z-mjwz^O3h_5mg<cCjRYIFrGio?Z_j%F1la;UGQU#gc#bV@Ax7UFnf78mSET^6neaM
z6|B&w(u?)!i@b<jDNaaGZ4u{}<S#KI*Dj_syj@ZxTs=LJZj?c0EBxuiinP1Kvs36i
z;75{Ls4}qD`^tUqT%NW?`y-g?MrV0RyaStjEEL{f<7fYv6Hu&L_&Lr6J9r}`9i9QU
zZ*)M~iBk9aKqP@`J6$(o9T2BOO9w`2*>5C)profy@8xZtr9#PbX@%c!X2=-Ly)|u2
z8(<9IUp7{~K91>zxH7x@q@|_rr^{r2sk+M?F78Jj60eBsVlt1!m>?HQ1UqW{%{<_C
zmvq0PHRzYhFPs2Nfrt_8$VYt8?k{yH9VHa9E3?d0tC$EA7y-s72Sv&SnR%Iup>&We
zKTm>=iCu%g0*zIvE@#{7$Z6hONN-~TN(rg{w<V7%%C(n$`>TK31F9sDAvICJXvFST
z#>jqs2?6#S#rh(%gu1$p9MmH9aAJ?E>cSCTM!pI`H@H`&h3^n?CJLZmjxY}1C3>%s
zj!g{R7WnHR@9FLX5L;?*Q1lCN;`6x1wUG8<n^CAG`(kTnGKw-h33T=oqB)4?l{}&L
z6`d@k6Qxzt3F&9H$25%-Mr`kAGOQB1nTMKS66bfQV823y^3ls2b6H*OSBm&k>8(>H
zNnVl5Ov=P{gH9gMr5fGnS?~WHr0U!>W6P&R^l0o0)*2iDr!s<RYfdFq5_8no&K>*!
z+!j|Sa{%4><zg;Kbw2=It!=CgGy+VAOSRMtF%gGQ`wyX&2!{}lq?`)AwMs~X=$NTI
zxE2<>NKz(Nq~nUtLnGF5^{GZ>rjCkm4qKyqb7QA<Wp=g~+bT!N*icWW0D8KM8jkvo
z2-KJ_VlaVa^Ewh7G9LggG-+8bq^0InyR13zJa$J_<Y;-xEDSr$ipgmx8~yd^Il1nb
zX5z7(^&)CfDwn<ZCdt5i_#Cpv7>)ckc{71E<8XLrndM3#1N(tl;&<)QFN9E)B#u-%
z`psQRWFeBr+Efydnr$01+;U`GCbjR9DZp`==u~a?xO1(NFVghm1CVI5QWoh!Wf#=#
z{LraX&S+86bQ$|Ij!aHgZK-J;Oy*0bT?FHtn_>=#8@P#xKn|CrYDGaL)C?RSm_?x;
zW?!NY0AI0dljo%hib7-n-PK`iybUru+)v9=wcp+KGj;j-SVaqVzfjnT@u~|%(RuR?
zt*x9ZqBX~?Tv;Oo1v1DN!?c--+5&HSctUV$I+E@Z!?v}6wtwl^uM3iXIye)Sua15i
zWaTcF@^JetA~~&2#Zy&#<JxE4fU<mbH>gbp)QJh}fwz()P53oVvjv{9<-Z|ok29L{
z1Gaq(-8viTJJvCI=;}fag87;YR6~Vw!@8HUg<1W5K4YvLRZWpw+{%jdwd>qYK*S;}
zp%9IjDa>zpNrASig<HB(9Q4;v!;YHvsjaG#HF^;eD!LmJd>aOshr##cavkh@5unt^
zB%*t$aprRAbJv=N)Eu4S{e77|vBXL9LKu2ZXvL@!v$!d)=C1Vyo<&88ph<5izO0z!
zAV&I?3j%AgZ>DtR^i&9X-atprKQ?FFaDDJ}U#KxBWNs{tzZG?8P?=^3&8tN1!s+s%
z-XQkS|5M!6W-zpMiNcW-f|~glykOOq-xJFPr3qrCtlaui+FMiz!Y+)3U7<Z}E$B#h
zC~c*Qd$NJgL%!TBQwBQjFVY>CM)PtSi2~NljBmgD&Z@zn4zlJ90)JY<ih8}Mcksw!
zx}(Jj1Z$10u5aOy%#5n%H@5Gmo4cMTz}Y;bje-!&p2mSlzCIA3)maRqpSkxr?Epio
z1A+V<^bY`c`;`B}K_^HBwUxE0Q{S0OTuWPvoFEWyEpq|Y*NEraoTj23v4%i;N`b`M
zWO0sOj}J!4@jBU0t);nnhDxS)tYwaO8-P2!z_U(Uk}^m>I@LS6-Az6*$RNSa3yCl*
zo9vFz9RG|D2=pc@3jz!<piavYt9?y-R0ax-5w7kzl&>#khP6k5k?ktiv{xb!xF}36
zP&aliqHj0XfsO~+2-t8<p}+`f$Ajy=OA0}!5AFn3qC40kWJNgAvZnEQeP(#W)<{h%
za=)_7hUko28bIut=#Vw$WjSL{k4jf&)h>;#@a6&y9`*SS<_lANY0<c|fuUt3(Jfl5
za>*>r%a*i#XXm@eiuM^&k`36cs&05;sv+$1<&^9<V0(PJ%|ZS1j%2Lkl%CDBNZx!V
zF)odh9RcuX>He~`RS)$#qfLnJtYM@cC_h(LfhVfR{RRTMt=pIQY*?-IKkbgC233`h
zXi4vWUsW%2^ZD!g2>C<%FMBma5u`y<lxS;&4h)74%5@Z<A!ikdVSPi_Tj%^rRg`@>
zzKi>ZLNvML5VwZda8Zi_pI^$=qPM?e*ndiNcgi%W*?>1#v$vt>!0(bHUAhfgv0PCO
zjAH*8%Xx>J6;RWd`orDEQa<r}Juq7xv$yG7rKH)vhBvt&O?;Pb&~A_(NxG6WAAZVC
z7&GZUSc_6m79U&2v6&?b`sM;GcLn3Bc5icKf%yX<<crRN8RE33DQS|N;Ek)y{xHNw
zy6BVsjXov0FfCQ8I%U$6U|3`EMw5tio-@F~!?KKtC=BvXdqVgh^(6f%vP4<!gLKea
zlFFarDmiQpisTfW<pPV_!@fMym?Wes?*dR>m(CUb@6Jgx3VIyO)LKrJk}<+I0)F`o
zxLp1IOXcCMG8+MT0nuSzjpi}S-ANZyJ<oad`}lp0GX5V(TT0rgp8M%>W->#uy5lCH
zsH67!*o(!HmvXyYcE(Y`00?Cx?QkYSCq4;cZzP=$K!;aTONPvN)rOl>3f7>OU9}@*
zXE3+yD3{gy$?5QD4m!FO7uC?>R9eEc>;jN}UGEF5vr}K492!Aoc=9l^_*vE-XVRL?
z`uw`w_mGG3W6oDw-&XF#<$j)Jc^QzHP>q)j!cV3N#hTk6qf=Cw#dRTH2t%I;k0{|=
zyHkIWhV2}gvn%gMw>nZ#s^W+r9TCS)&C}BrLqKa&GE~2%Ac2<PGsB%J1MuZfSn{;9
yWa$)8Uk)k=g!dAqp{Ut`XNx#8N%EvAN9H25&ayT$=+vLWI{W}U348!P*8UgP^~ga0

literal 0
HcmV?d00001

diff --git a/requirements_dev.txt b/requirements_dev.txt
new file mode 100644
index 0000000..7d78f01
--- /dev/null
+++ b/requirements_dev.txt
@@ -0,0 +1 @@
+homeassistant
diff --git a/requirements_test.txt b/requirements_test.txt
new file mode 100644
index 0000000..ee5e049
--- /dev/null
+++ b/requirements_test.txt
@@ -0,0 +1 @@
+pytest-homeassistant-custom-component==0.4.0
diff --git a/setup.cfg b/setup.cfg
new file mode 100644
index 0000000..4ee3655
--- /dev/null
+++ b/setup.cfg
@@ -0,0 +1,35 @@
+[flake8]
+exclude = .venv,.git,.tox,docs,venv,bin,lib,deps,build
+doctests = True
+# To work with Black
+max-line-length = 88
+# E501: line too long
+# W503: Line break occurred before a binary operator
+# E203: Whitespace before ':'
+# D202 No blank lines allowed after function docstring
+# W504 line break after binary operator
+ignore =
+    E501,
+    W503,
+    E203,
+    D202,
+    W504
+
+[isort]
+# https://github.com/timothycrosley/isort
+# https://github.com/timothycrosley/isort/wiki/isort-Settings
+# splits long import on multiple lines indented by 4 spaces
+multi_line_output = 3
+include_trailing_comma=True
+force_grid_wrap=0
+use_parentheses=True
+line_length=88
+indent = "    "
+# by default isort don't check module indexes
+not_skip = __init__.py
+# will group `import x` and `from x import` of the same module.
+force_sort_within_sections = true
+sections = FUTURE,STDLIB,INBETWEENS,THIRDPARTY,FIRSTPARTY,LOCALFOLDER
+default_section = THIRDPARTY
+known_first_party = custom_components.integration_blueprint, tests
+combine_as_imports = true
diff --git a/tests/README.md b/tests/README.md
new file mode 100644
index 0000000..90017d4
--- /dev/null
+++ b/tests/README.md
@@ -0,0 +1,24 @@
+# Why?
+
+While tests aren't required to publish a custom component for Home Assistant, they will generally make development easier because good tests will expose when changes you want to make to the component logic will break expected functionality. Home Assistant uses [`pytest`](https://docs.pytest.org/en/latest/) for its tests, and the tests that have been included are modeled after tests that are written for core Home Assistant integrations. These tests pass with 100% coverage (unless something has changed ;) ) and have comments to help you understand the purpose of different parts of the test.
+
+# Getting Started
+
+To begin, it is recommended to create a virtual environment to install dependencies:
+```bash
+python3 -m venv venv
+source venv/bin/activate
+```
+
+You can then install the dependencies that will allow you to run tests:
+`pip3 install -r requirements_test.txt.`
+
+This will install `homeassistant`, `pytest`, and `pytest-homeassistant-custom-component`, a plugin which allows you to leverage helpers that are available in Home Assistant for core integration tests.
+
+# Useful commands
+
+Command | Description
+------- | -----------
+`pytest tests/` | This will run all tests in `tests/` and tell you how many passed/failed
+`pytest --durations=10 --cov-report term-missing --cov=custom_components.integration_blueprint tests` | This tells `pytest` that your target module to test is `custom_components.integration_blueprint` so that it can give you a [code coverage](https://en.wikipedia.org/wiki/Code_coverage) summary, including % of code that was executed and the line numbers of missed executions.
+`pytest tests/test_init.py -k test_setup_unload_and_reload_entry` | Runs the `test_setup_unload_and_reload_entry` test function located in `tests/test_init.py`
diff --git a/tests/__init__.py b/tests/__init__.py
new file mode 100644
index 0000000..0ba5e33
--- /dev/null
+++ b/tests/__init__.py
@@ -0,0 +1 @@
+"""Tests for integration_blueprint integration."""