The author didn't look very hard. Their API is documented (more or less) at http://musicpartners.sonos.com/. It's more descriptive via language than laying out all end points. Registration is required.
After initial UPnP search, you get a URL for a descriptive xml file. Sonos operates over the SOAP protocol.
If you want your client to be notified of changes, you have to subscribe to each event type with a max of 3600 second timeout, then resubscribe. It's not necessary but the system supports unsubscribing too.
One specific thing you have to hack is this. If you want to switch to a different music service, you have to include the user id used to sign into that service (Pandora, Rdio, etc). This data is returned in a base64 encoded, encrypted blob. There's no way to decrypt it unless you can figure out how to crack the key out of the device.
Fortunately you only need the user id. There's another undocumented endpoint that returns some info that includes all the usernames, just no passwords. But it doesn't match the them to their services. You then have to send requests with all combinations of usernames and services and get the responses. Once these are returned, just store the relationships.
I'm writing this from memory, sorry for the specific details. If anyone is interested, contact me through my email in my profile and I'll get the info from some code I wrote recently.
After initial UPnP search, you get a URL for a descriptive xml file. Sonos operates over the SOAP protocol.
If you want your client to be notified of changes, you have to subscribe to each event type with a max of 3600 second timeout, then resubscribe. It's not necessary but the system supports unsubscribing too.
One specific thing you have to hack is this. If you want to switch to a different music service, you have to include the user id used to sign into that service (Pandora, Rdio, etc). This data is returned in a base64 encoded, encrypted blob. There's no way to decrypt it unless you can figure out how to crack the key out of the device.
Fortunately you only need the user id. There's another undocumented endpoint that returns some info that includes all the usernames, just no passwords. But it doesn't match the them to their services. You then have to send requests with all combinations of usernames and services and get the responses. Once these are returned, just store the relationships.
I'm writing this from memory, sorry for the specific details. If anyone is interested, contact me through my email in my profile and I'll get the info from some code I wrote recently.