🇺🇸Integration with PG&E (Pacific Gas and Electric Company)

[martincollignon]

WHY
PG&E is the electricity & gas monopoly in NorCal with 5MM+ customers, covering SF and Silicon Valley (and thus many developers). Could be a good way to get developers from this area hooked and show how it works
HOW
https://pgesupport.zendesk.com/hc/en-us/articles/115006411387-How-do-I-view-daily-and-hourly-usage-information-Residential-customers-

[stin7]

Green Button may help, see #80

[martincollignon]

https://github.com/mcolyer/smartermeter could be interesting to look at!

[steren]

Note that there is a dedicated API with a JavaScript SDK

[sorensvejstrup]

Reference from @steren for conceptualisation

[steren]

I agree with @stin7 that a Green Button integration is probably preferred, as it is a standard and would unlock many providers, including PG&E (#80)

For example, https://www.ohmconnect.com/ is using Green Button to access my PG&E data,

[tyleralves]

The PG&E SDK still goes through the Green Button system.

However, they don't fit the standard mold for North integrations:
TLDR; PG&E requires mutual TLS for all data requests, which means that all requests need to come from the server-side.

More in-depth:
Mutual TLS means the client must provide their TLS public key certificate ahead of time (on the registration form), then pass their SSL .p12 and password with each data request. Obviously we can't store the password (or even the .p12) within the react-native app or someone could easily disassemble the app and steal them.

Options:

1. Don't implement PG&E at all
2. Force users to use "Download my Data" manually and import into North App
3. (Not Acceptable) Use api as "Personal User" which uses username and password instead of oAuth
   • We would likely run into trouble with PG&E very quickly doing this, since we are clearly a "Standard User" (3rd party app).
4. Create an api to make requests with the following endpoints:
   All of this is implemented in the PG&E SDK, so basically just need to host it.
   1. GET /pge_oauth_callback: Similar to our existing /oauth_callback but it also needs to obtain access_token before resolving
      • Receives authorization_code
      • Requests POST /token to obtain access_token (attaches TLS .p12 + password to POST request)
      • Resolves access_token to mobile app
   2. User facing get_data endpoint would accept access_token from client and make request to PG&E for usage data
      • Attaches server TLS .p12 + password to POST request

I am familiar with AWS and am willing to spin up an api. It looks like North already uses Firebase (at least for magic link) which would also work.

Important: These considerations only apply to PG&E. As far as I've seen, SDG&E and SCE don't ALSO require mutual TLS for their Green Button api.

[martincollignon]

@FelixDQ don't we use a similar strategy for Bankin?