AudiAPI
AudiAPI copied to clipboard
davidgiga1993
API changed to https://identity.vwgroup.io/signin-service/v1
After receiving
Konto gesperrt wegen Überschreitung fehlerhafter Logins
errors for some time I've noticed that- when logging into my.audi.com- that the signin flow now uses https://identity.vwgroup.io/signin-service/v1. Can anyone confirm if the app is doing the same and help reworking the login?
For a few days now, the messagae has changed when getting the token from https://msg.audi.de/fs-car/core/auth/v1/Audi/DE/token:
{
"error":"invalid_grant",
"error_description":
"Bitte überprüfen Sie Ihre eingegebenen Daten."
}
I've been getting the same. The last time it worked for me was the 9th August
On 16 Aug 2020, at 11:38, andig [email protected] wrote:
For a few days now, the messagae has changed when getting the token from https://msg.audi.de/fs-car/core/auth/v1/Audi/DE/token:
{ "error":"invalid_grant", "error_description": "Bitte überprüfen Sie Ihre eingegebenen Daten." } — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or unsubscribe.
If anyone could use something like mitmproxy on Android that would help. The iOS Audi app uses certificate pinning which didn't allow me to debug any further.
The android app also uses certificate pinning, you need to unpack the app, replace the certificate, pack the app and install it again. Or simple decompile it. I'll take a look at it later to see if I find something
The android app also uses certificate pinning, you need to unpack the app, replace the certificate, pack the app and install it again. Or simple decompile it. I'll take a look at it later to see if I find something
Found this on a forum:
{ "issuer": "https://identity.vwgroup.io", "authorization_endpoint": "https://identity.vwgroup.io/oidc/v1/authorize", "token_endpoint": "https://app-api.my.audi.com/myaudiappidk/v1/token", "revocation_endpoint": "https://app-api.my.audi.com/myaudiappidk/v1/revoke", "end_session_endpoint": "https://identity.vwgroup.io/oidc/v1/logout", "jwks_uri": "https://identity.vwgroup.io/oidc/v1/keys", "userinfo_endpoint": "https://identity-userinfo.vwgroup.io/oidc/userinfo", "response_types_supported": ["code", "token", "id_token", "code token", "code id_token", "token id_token", "code token id_token"], "subject_types_supported": ["public"], "id_token_signing_alg_values_supported": ["RS256"], "code_challenge_methods_supported": ["S256"], "scopes_supported": ["aboutMe", "address", "affinity", "badge", "battery", "birthdate", "birthplace", "carConfigurations", "carMeasurements", "cars", "charging", "climatisation", "dealers", "doors_windows", "driversLicense", "ecus", "email", "errors", "fuelLevels", "gallery", "intExtTemperature", "lock_unlock", "manageCharging", "manageClimatisation", "manageDestinations", "mbb", "mileage", "name", "nationalIdentifier", "nationality", "navigation", "nickname", "openid", "parking_position", "phone", "picture", "preferred_language", "profession", "profile", "range", "vehicleLights", "vehicleOnlineCapabilities", "vin", "warning_lights", "we_connect_vehicles", "wl_raw"], "claims_supported": ["iss", "sub", "aud", "iat", "exp", "nonce", "name", "email", "email_verified", "phone_number", "phone_number_verified", "updated_at"], "grant_types_supported": ["access_token", "refresh_token", "authorization_code", "client_credentials"], "ui_locales_supported": ["bg", "bs", "cs", "cs-CZ", "da", "da-DK", "da-GL", "de", "de-AT", "de-BG", "de-CH", "de-DE", "de-LI", "de-LU", "de-PL", "el", "el-CY", "el-GR", "en", "en-AE", "en-AL", "en-AM", "en-AU", "en-AZ", "en-BA", "en-BG", "en-BH", "en-BN", "en-BW", "en-CA", "en-CL", "en-CN", "en-CY", "en-DK", "en-FI", "en-GB", "en-GE", "en-GI", "en-GL", "en-GR", "en-HU", "en-ID", "en-IE", "en-IL", "en-IN", "en-IS", "en-JO", "en-KW", "en-KZ", "en-LS", "en-LT", "en-LV", "en-MD", "en-ME", "en-MK", "en-MT", "en-MY", "en-MZ", "en-NA", "en-NO", "en-NZ", "en-OM", "en-PH", "en-QA", "en-RO", "en-RS", "en-SA", "en-SE", "en-SG", "en-SG", "en-SK", "en-TH", "en-TW", "en-UA", "en-US", "en-UZ", "en-ZA", "es", "es-AD", "es-AR", "es-CL", "es-ES", "es-IC", "es-MX", "es-MX", "et", "et-EE", "fi", "fi-FI", "fr", "fr-AD", "fr-BE", "fr-CA", "fr-CH", "fr-FR", "fr-LU", "fr-MC", "hr", "hr-HR", "hu", "hu-HU", "is", "it", "it-CH", "it-IT", "it-SM", "it-VA", "ja", "ja-JP", "ko-KR", "lt", "lt-LT", "lv", "lv-LV", "mk", "nl", "nl-BE", "nl-NL", "no", "no-NO", "pl", "pl-PL", "pt", "pt-BR", "pt-BR", "pt-PT", "ro", "ru", "ru-BY", "ru-BY", "ru-RU", "ru-UA", "sk", "sk-SK", "sl", "sl-SI", "sq", "sr", "sv", "sv-SE", "tr", "tr-TR", "uk", "zh", "zh-CN", "zh-TW"], "acr_values_supported": ["https://identity.vwgroup.io/assurance/loa-2", "https://identity.vwgroup.io/assurance/loa-3"], "token_endpoint_auth_methods_supported": ["client_secret_post", "client_secret_basic"] }
@Mr-Staffman is there a link to the discussion, too? This looks like a jwt token?
@Mr-Staffman is there a link to the discussion, too? This looks like a jwt token?
I think it is taken from https://community.home-assistant.io/t/audi-mmi-support/46543/250
Ping @davidgiga1993 any news? I'd be happy to update the flow but would need input from the app side. Thanks!
Is this helping? I've seen and read about quite some smiliarities between VW and Audi. With regards to the server change, it seems even more similar at the time. This page is documenting the VW API: https://productdata.vwgroup.com/quick-start.html
We‘re lacking client credentials, id and secret. We also don‘t know any of the api endpoints. These are all pieces of the puzzle but not a solution :(
I tried to recompile the app with the CA from mitmproxy (as I did the last time) but apparently there are some other checks I can't seem to find at the moment. Also recompiling is a giant pain since they switched to kotlin,
Here is some detail from the Audi website login. I couldn't find out yet where the JWT token comes from:
Entering email:
Summary
URL: https://identity.vwgroup.io/signin-service/v1/c7c15e7f-135c-4bd3-9875-63838616509f@apps_vw-dilab_com/login/identifier
URL: https://identity.vwgroup.io/signin-service/v1/c7c15e7f-135c-4bd3-9875-63838616509f@apps_vw-dilab_com/login/authenticate?relayState=a80d15d83806832e7156ae0148a32e00ba12a0cc&email=cpuidle%40gmx.de
Status: 200 OK
Source: Network
Address: 127.0.0.1:9000
Request
GET /signin-service/v1/c7c15e7f-135c-4bd3-9875-63838616509f@apps_vw-dilab_com/login/identifier
Referer: https://identity.vwgroup.io/signin-service/v1/signin/c7c15e7f-135c-4bd3-9875-63838616509f@apps_vw-dilab_com?relayState=a80d15d83806832e7156ae0148a32e00ba12a0cc
Origin: https://identity.vwgroup.io
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.2 Safari/605.1.15
Redirect Response
303 See Other
Pragma: no-cache
Expires: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Location: /signin-service/v1/c7c15e7f-135c-4bd3-9875-63838616509f@apps_vw-dilab_com/login/authenticate?relayState=a80d15d83806832e7156ae0148a32e00ba12a0cc&email=cpuidle%40gmx.de
Date: Wed, 02 Sep 2020 06:55:50 GMT
Request
POST /signin-service/v1/c7c15e7f-135c-4bd3-9875-63838616509f@apps_vw-dilab_com/login/authenticate HTTP/1.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Origin: https://identity.vwgroup.io
Cookie: SESSION=ZmNlM2Y0NjctMGEyZS00MzQxLWEwZWMtYTkyNzUyZTVkNDI4; vcap_journey=54dd3294-02ae-46e2-a010-7ddfbc5546cf
Accept-Encoding: gzip, deflate, br
Host: identity.vwgroup.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.2 Safari/605.1.15
Accept-Language: en-us
Referer: https://identity.vwgroup.io/signin-service/v1/signin/c7c15e7f-135c-4bd3-9875-63838616509f@apps_vw-dilab_com?relayState=a80d15d83806832e7156ae0148a32e00ba12a0cc
Connection: keep-alive
Response
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
Pragma: no-cache
X-XSS-Protection: 1; mode=block
Content-Language: de-DE
Expires: 0
Transfer-Encoding: Identity
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Date: Wed, 02 Sep 2020 06:55:50 GMT
Connection: keep-alive
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Vcap-Request-Id: 74bd32a9-0610-43f0-7d9f-9fcbf3db4f39
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Query String Parameters
relayState: a80d15d83806832e7156ae0148a32e00ba12a0cc
email: XXX
Request Data
MIME Type
Request Data:
Entering password:
Summary
URL: https://userinfo.my.audi.com/login/redirect?state=PlbQXPCWHcDi7ruQatoVRCVnG3c&code=eyJraWQiOiJkMzg2NWIxNzMwZDliMmQzIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiI0MTg3ODJjMS1lZGM5LTQ0ZWQtODg5ZC05MjA3ODJjMDA3NjQiLCJhdWQiOiJjN2MxNWU3Zi0xMzVjLTRiZDMtOTg3NS02MzgzODYxNjUwOWZAYXBwc192dy1kaWxhYl9jb20iLCJhY3IiOiJodHRwczpcL1wvaWRlbnRpdHkudndncm91cC5pb1wvYXNzdXJhbmNlXC9sb2EtMiIsInNjcCI6Im9wZW5pZCBwcm9maWxlIGFkZHJlc3MgYmlydGhkYXRlIGJpcnRocGxhY2UgcGhvbmUgYmFkZ2UgdmluIG5hdGlvbmFsSWRlbnRpZmllciBuYXRpb25hbGl0eSBwcm9mZXNzaW9uIiwiYWF0IjoiaWRlbnRpdHlraXQiLCJpc3MiOiJodHRwczpcL1wvaWRlbnRpdHkudndncm91cC5pbyIsImp0dCI6ImF1dGhvcml6YXRpb25fY29kZSIsImV4cCI6MTU5OTAyOTcyNiwiaWF0IjoxNTk5MDI5NDI2LCJub25jZSI6IktvYklEN1VLZWd2eTlQbDc5VzItY0JCSERXaGFleHFrb2sweGNycTU0UEEiLCJqdGkiOiIxZjIzYzc5MC02MDJiLTQwMDMtODU4Mi05ZDc4MDg3YzY1MzUifQ.dwxfbBb7nIc8B47Fn3-B_TwtWqLXp3V1daUwGHTDAAlD3Fk3QGDPLyZ824N1ZXsBfEXiyibkot6YYE29YvToRtwbOrvYY8n9_8_mvumDm986m-oScLOH43mB1VdCLZ62ZrQmOOpHAHORerESFCehIVnL3yMLFfe78Ts2afmMIAmqe11uHu0o9t6KpcgH2hUWhRHCX-P7IJJNoTTRDpo0eceai2yVhcxCDoCNaXlnVzf3kbD-bZmPjj8fcgg1A8jJkzIDqW1SXu0VXnqRRMK8LgfbFvew9P9VQ7DTBb_pMsY3XJFuuGwex96Iiy2udtzSVDWh-5FxZ6dUqS9Iyvgb_ykLM1hipRlFgXKk9rCQo5HJWGExfy6abeGvAKodHPSyqZd8bJN6Cw6i0jv3-l-9NL9tXKOllebdE8xbLOwZlF1cs9DWRvnX7zX7trT9umjrZ8H6oD0iNmkazD5tAwhdbtk2J9bpRwHc5cKENbz9rOl0j39VovYbrFjQuuwe88Wwvt7z3O5jPKpXQ_QlhJdjKrCQ3TNaSF-wQs058FUpnLJiU4e4LKpHLWJUuobXeZBiI_TamKcJ8A5ppon_V8HFyg1lV_vCK-yxDWlNJytBXifLgQH22kADKI6V0zjaixuZFgSeuJNpkv7cWhGUxcZ3mYPRuD41Sj1DlbORPcRT7sQ
URL: https://userinfo.my.audi.com/login/idk?ui_locales=de-DE
URL: https://my.audi.com/
Status: 200 OK
Source: Network
Address: 127.0.0.1:9000
Request
GET /login/redirect
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us
Referer: https://identity.vwgroup.io/
Accept-Encoding: gzip, deflate, br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.2 Safari/605.1.15
Redirect Response
302 Moved Temporarily
Location: https://userinfo.my.audi.com:443/login/idk?ui_locales=de-DE
Date: Wed, 02 Sep 2020 06:50:27 GMT
Vary: x-forwarded-host, Accept-Encoding
Request
GET /login/idk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.2 Safari/605.1.15
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us
Referer: https://identity.vwgroup.io/
Accept-Encoding: gzip, deflate, br
Redirect Response
302 Moved Temporarily
Location: https://my.audi.com/
Date: Wed, 02 Sep 2020 06:50:27 GMT
Vary: x-forwarded-host, Accept-Encoding
Request
GET / HTTP/1.1
Cookie: mod_auth_openidc_session_live=037d50e1-caeb-4a2b-be72-feb903662a52; _ens_perf=W10=; _ens_prev=eyJlVmFyNSI6ImxhbmRpbmdwYWdlfG5vIGxldmVsfG5vIGxldmVsfG5vIGxldmVsIiwiZVZhcjM3IjoibGFuZGluZ3BhZ2UiLCJlVmFyODkiOiJsYW5kaW5ncGFnZSIsInBhZ2VVUkwiOiJodHRwczovL215LmF1ZGkuY29tLyJ9; _ens_sid=azgyNnRrV1k3TER4; _ens_vn=eyJjYSI6Im15QXVkaSAyLjAiLCJjcyI6Im15QXVkaSAyLjAiLCJpZCI6ImszbmN0bUlHMWZ4biIsInBhIjoibm9uZSIsInBzIjoibm9uZSIsImx1IjoxNTk5MDI5NDE0NDE3LCJvbGQiOnRydWUsImFwcHMiOnsibXlBdWRpIDIuMCI6eyJlcCI6ImxhbmRpbmdwYWdlIiwidm4iOjMsImx2IjoyMSwiaWQiOiJrODI2dGtXWTdMRHgiLCJsdSI6MTU5OTAyOTQxMTA3OH19LCJzaXRlcyI6eyJteUF1ZGkgMi4wIjp7ImVwIjoibGFuZGluZ3BhZ2UiLCJ2biI6MywibHYiOjIxLCJpZCI6Ims4MjZ0a1dZN0xEeCIsImx1IjoxNTk5MDI5NDExMDc4fX19; AMCV_097B467352782F130A490D45%40AdobeOrg=1585540135%7CMCIDTS%7C18508%7CMCMID%7C49925485180746582551935600341652537949%7CMCAAMLH-1599634210%7C6%7CMCAAMB-1599634210%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1599036610s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.4.0%7CMCSYNCSOP%7C411-18272; s_cc=true; s_ecid=MCMID%7C49925485180746582551935600341652537949; AMCVS_097B467352782F130A490D45%40AdobeOrg=1; myaudi-csrf-token=9279a434-6f2f-477c-b1d7-c007b05b8b52; myaudi-teaser-hide-destination-inject=true; myaudi-session-data={}; myaudi-locale=de-DE; myaudi-cookie-policy=accepted
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Host: my.audi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.2 Safari/605.1.15
Accept-Language: en-us
Referer: https://identity.vwgroup.io/
Connection: keep-alive
Response
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://pre-myaudi-service-appointment.audi.com,https://pre-myaudi-service-appointment1.audi.com
Content-Type: text/html;charset=utf-8
Content-Security-Policy: frame-ancestors 'none'
Content-Encoding: gzip
Set-Cookie: SMSESSION=eyJraWQiOiJkMzg2NWIxNzMwZDliMmQzIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiI0MTg3ODJjMS1lZGM5LTQ0ZWQtODg5ZC05MjA3ODJjMDA3NjQiLCJhdWQiOiJjN2MxNWU3Zi0xMzVjLTRiZDMtOTg3NS02MzgzODYxNjUwOWZAYXBwc192dy1kaWxhYl9jb20iLCJzY3AiOiJvcGVuaWQgcHJvZmlsZSBhZGRyZXNzIGJpcnRoZGF0ZSBiaXJ0aHBsYWNlIHBob25lIGJhZGdlIHZpbiBuYXRpb25hbElkZW50aWZpZXIgbmF0aW9uYWxpdHkgcHJvZmVzc2lvbiIsImFhdCI6ImlkZW50aXR5a2l0IiwiaXNzIjoiaHR0cHM6XC9cL2lkZW50aXR5LnZ3Z3JvdXAuaW8iLCJqdHQiOiJhY2Nlc3NfdG9rZW4iLCJleHAiOjE1OTkwMzMwMjcsImlhdCI6MTU5OTAyOTQyNywibGVlIjpbIkFVREkiXSwianRpIjoiYmMyNmUzNDMtMDgwYi00YzI1LTk0NzktOTM2OTMyYmMyY2U5In0.C72ThS-1I8uRzlmcHA8pGHHihcVyMzm3e0Ro5AwHXsAUmr_m0YyAiDnfARExKBfH9XCLSA1bb8zz0aZ09AYaZxdP8XnOqL8gzZIyf9GJBuKPjNJG_j9uGvw6BIHOucz35ka3nEbV8uODP2VNCZf29UeQX4o42WRu7i-Ck--zYoZsWPdu0h2lU70hpjAtjy8WgsSBteFTZhACYB8SwolYmfNAv8dk625Te7qlZop2wZL5AlfPqooH7kGf3382uEomS-jxcxXm_0W4DAM0n_AhuUcP5lV61GYGpwDDSyx1IXSKqL5a-PhEksWAnfTx4Kih0GKHyD-ekh32lfJHyWlPi5ZeNTW1Krk61qbAsLAK0nMEcdYP1x8s8vykwG5AekXheg6JOl2UQ41XM0jbVcqUXXkfVvL3uWQXGF1E7LsjxVAgvg_8FSKNxK7u2kwT6jrDnXVEzigSGDKOPcB8sIOg_S6fUFazBEkkG_LWeD0C54IO1TO8viHNrvnfM6ajC_-brHiXG2dqx-BGOPUCQYD-iwLK7AYDYElpVlF5oqKLQKqAbyOlY3t38t4eN1NzQfXYPzEDpD0suhx8oDc4dyyDqnzuRKqtEBw4-ODg-mZ3_WniY-iGOQUsnm_XHGFgF78sx2MbBQ09BgDQuddC6N0V4Cnk_NCKFdx9ZpXMziS2HNk; Domain=.audi.com; Path=/; HttpOnly; Secure
Set-Cookie: AKA_A2=A; expires=Wed, 02-Sep-2020 07:50:30 GMT; path=/; domain=audi.com; secure; HttpOnly
Transfer-Encoding: Identity
Link: <https://tms.audi.com>;rel="preconnect",<https://browser.my.audi.com>;rel="preconnect",<https://featureapps.audi.com>;rel="preconnect"
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Cache-Control: no-store, no-cache, must-revalidate
Date: Wed, 02 Sep 2020 06:50:30 GMT
Connection: keep-alive, Transfer-Encoding
ETag: W/"c4f5c-IM9BM4BfB/kRI1AK2b/3Gh7QR+Q"
Vary: Accept-Encoding
X-Frame-Options: deny
x-powered-by: Express
Server: Apache-Coyote/1.1
x-myaudi: m1
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 3196
I don't think this UI flow would help us much though.
I’ve been banging my head against this with recompiling the APK after attempting to stub out the pinning in the okhttp client but so far no luck.
I did find the encrypted client Id and whatnot so I’ll be attempting to see if I can decrypt those
@sandermvanvliet could you share client credentials, id and secret with [email protected]? I've also tried proxying the web application but no luck. It seems to use some type of embedded server component and does requests to localhost:port?
Once I have them I'll share them.
As far as MTIM'ing goes, I've tried with Fiddler but it seems to be doing HTTP CONNECTs and I haven't been able to successfully intercept the verification checks.
I've taken water over my head right here i believe. I've managed to recompile the app, and set up an proxy, but can't figure out the certificate issues. It's using pinned certificate? Doesn't manage to login with proxy in place. And I don't know enough about http traffic, jons, tokens and id's :-S But it seems the login is completely the same in app and on website, though.
But it seems the login is completely the same in app and on website, though.
Doh: I've cut the website login flow now and its a horrible endless chain of redirects.
- redirect flow starting at GET https://userinfo.my.audi.com/login/idk?ui_locales=de-DE
- login flow starting at POST https://identity.vwgroup.io/signin-service/v1/c7c15e7f-135c-4bd3-9875-63838616509f@apps_vw-dilab_com/login/identifier with the email. It is using _csrf, relayState and hmac - not sure where these are coming from?
- the flow from 2. redirects to https://userinfo.my.audi.com/login/redirect?state which returns a jwt token
- following the redirects returns another jwt token with unknown encoding:
{
"alg": "dir",
"enc": "A256GCM"
}
I'm stumped...
UPDATE Seems that A256GCM requires a shared key to decode (https://github.com/dvsekhvalnov/jose2go#verifying-decoding-and-decompressing-tokens).
I've got a gist ready that can decrypt the values out of smali\de\audi\onetouch\backend\Secrets.smali.smali (after unpacking with apktool), you can find it here: https://gist.github.com/sandermvanvliet/1e5c0143d5a7272105030139e927811f
@sandermvanvliet the keyBytes is from the source or one of the API responses?
One of the (intermediate) keys I'm receiving looks like eyJhbGciOiAiZGlyIiwgImVuYyI6ICJBMjU2R0NNIn0..UYVc-SIAHefJpf3E.h09S2MbP0_3HFa7NPmX4jrcuNr8R2avSKzI-. The .. looks strange for a jwt token?
The actual content api seems to have changed to an ugly json-based query language:
POST https://userinfo.my.audi.com/bvh/v1
{
"query": "\n query ($id: String!, $country: String!, $language: String!, $requestId: String!) {\n vehicleStatusReportWithWarnings (id: $id, country: $country, language: $language, requestId: $requestId){\n vin\n
vehicleType\n lastUpdated\n engines {\n type\n range {\n value\n unit\n }\n filling {\n value\n unit\n }\n adBlueRange {\n
value\n unit\n }\n electric {\n chargingState\n chargingTime\n }\n }\n totalRange {\n value\n unit\n }\n mileage {\n
value\n unit\n }\n oilLevel {\n value\n unit\n }\n service {\n oilChange {\n time {\n value\n unit\n }\n
distance {\n value\n unit\n }\n }\n inspection {\n time {\n value\n unit\n }\n distance {\n value\n
unit\n }\n }\n }\n messages {\n key\n value\n }\n vsrWarnings {\n textId\n pictureId\n timestamp\n }\n stoWarnings {\n
eventId\n txtId\n picId\n criticality\n timeOfOccurence\n }\n }\n }\n ",
"variables": {
"country": "DE",
"id": "VmVo...",
"language": "de",
"requestId": "86931324"
}
}
The id in this case is base64-encoded Vehicle:VIN
The request uses
x-myaudi-request-id: 47aa3eb9-...
x-csrf-token: a698de7d-...
...but apparently no auth token.
Supposedly the client id for the IDK endpoint should be NdeSOLIavPcLo520L1mg but doing a /token POST doesn't work yet...
Ok it turns out that this is a key to a keychain in the app. Digging further
Ok so I’ve finally gotten past the certificate pinning. I’ll trace the logon stuff tomorrow, I’m getting there 👍
I've created a postman collection that has the full authentication flow working. You can find it here
One thing I noticed is that at step 7 it sometimes already returns the callback URI for the app as myaudi:///, in that case continue with step 9 instead of 8.
I noticed that the authentication flow is pretty similar to the one on the myAudi website (should have known while looking at the IDKWebViewClient class in the decompiled sources but oh well...), the only difference is in the client id's and the callback URI.
Interestingly this matches the VW app really closely so that should make some other folks happy I think.
Note: in step 2 the order or the query parameters seems to matter, so no way of doing this nicely :(.
Another note: step 8 also sometimes seems to return Location: myaudi:///?stat as token url.
Note: in step 2 the order or the query parameters seems to matter, so no way of doing this nicely :(.
@sandermvanvliet what I meant is that I can't use url.Values.Encode() in go as it generates the string in alphabetical order. Hope my comment didn't imply any criticism, I'm very thankful for your excellent work!