Is the description still up do date?

[JimKnopf1503]

Hi! Thanks for the nice description of the login procedure. I am writing in C++ and have trouble after step 3. In the response, location don't contain a state or code value, it is like this: location: https://identity.vwgroup.io/signin-service/v1/consent/users/96166937-2a26-45e8-850f-235008906b70/9496332b-ea03-4091-a224-8c746b885068@apps_vw-dilab_com?scopes=openid%20profile%20mbb%20email%20cars%20birthdate%20badge%20address%20vin&relayState=0dd1cd00d8b0ada9fde15408b624a0ffc3e3e12f&callback=https://identity.vwgroup.io/oidc/v1/oauth/client/callback&hmac=bc3e4b1ba29e38d18fed266abd3a79723b221c22d648001595e2366ff624df1e Did the procedure change again or may I have made a mistake?

Burkhard

[JimKnopf1503]

Hi! I made it! I was capturing the wrong "location" from the first responseheader, but it has to be from the last one. And it is not only the page can not be loaded, curl gives an error (1 unsupported Format) but thats right. I finaly got the token.

[lordlala]

Hey Jim, it seems like the instructions provided aren't very accurate anymore.

Would you mind providing the steps you used to get your token? What do you mean when you refer to location? It looks like you mean the Uri. But, what tool did you use to make the post requests?

[JimKnopf1503]

Hi! Yes I can and will do. I am going to post the new working Code as soon as possible.

[thomasesmith]

It looks like VW changed some things yet again. My instance of https://github.com/thomasesmith/php-vw-car-net hasn't stopped working, but I realize that's because it hasn't had to execute the authorization steps on account of having automatic token refreshes. And the auth steos are what seems to have changed. I will try to figure out what exactly that was and update this document asap.

[JimKnopf1503]

Hi! The last days, the server hangs a lot. My code ist still working. Burkhard

[JimKnopf1503]

You can find my code in c++ under: https://github.com/JimKnopf1503/We-connect.cpp/tree/master It is only tested for eGolf, still waiting for my ID.4 Burkhard

[deep-daya]

Following up on this, I was able to reach step 3 as well and obtain the code, but when I try to get the tokens for step 4, I get met with an 400 error on both your code in PHP and a version I created in Python. Let me know if I can help in any way! I'm not familiar in trying to figure out what changed.

[JimKnopf1503]

This Error is ok! You need to take the values from the responseheader for the next step.

[deep-daya]

I'm talking about auth step 4, to get the tokens I end up getting this error:

Response Code 400
b'{"error":{"errorCode":"INVALID_REQUEST","timestamp":1628789737620,"errorDescription":"Invalid Request","requestId":"e616e927-182c-4f04-9b42-b6f8b1704fe5","origin":"CarnetSPAuthorizationServer","status":"BAD_REQUEST","path":"/azs","reason":"Internal Service validation failure"}}'

Rather than a response 200, with the tokens

[JimKnopf1503]

I'm on holiday right now, so just a quick answer: Take a look at https://github.com/trocotronic/weconnect Pick "NativeAPI.py". This code is still working! You can check your code-challenge under: https://referbruv.com/utilities/pkce-generator-online I made my C++ code based upon that Code under "NativeAPI.py". The webAPI ist not working! If more help is needed I can show my steps when I am back home. Burkhard

[deep-daya]

I had a look at it and it seems like it's focused on working in Germany. WeConnect isn't offered in the US at all... so now I'm stuck on what to do since the webapi is down as you said. My account is on carnet and not weconnect

Also thank you for your help Burkhard!

[deep-daya]

@thomasesmith following up on this. Any updates?

[lordlala]

Not that I’ve made personally. I’m struggling to get it to authenticate still.

Thanks,

Jason Adams

On Oct 6, 2021, at 2:49 PM, Deep Dayaramani @.***> wrote:

 @thomasesmith following up on this. Any updates?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or unsubscribe.

[rlueder]

@deep-daya after spending quite a few hours today trying to get the steps from README to work I'm happy to report I finally got the tokens response consistently. What seems to have worked for was the following:

• on Step 1 make sure code_challenge has = (or %3D) at the end (needed for padding base64 encoding, see below)

[thomasesmith]

@deep-daya

make sure code_challenge has %3D at the end (no idea why it's necessary)

This caught me up too, that's why included that note in the README "leave the %3D at the end of this value, like it is in the example." I'm glad it's working out. I can't work on this anymore, but consider forking.

[rlueder]

@thomasesmith thanks for the reply! And yes, I appreciate all the work you've put on it. I'm working on a node wrapper as we speak.

Also, here's a good explanation of why %3D (an equal sign) is needed, it's so that the string has the correct length of a base64 encoding: https://stackoverflow.com/a/36571117/2668093

So, for example, a code challenge of 47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU has to be split into groups of four digits: 47DE Qpj8 HBSa -_TI mW-5 JCeu QeRk m5NM pJWZ G3hS uFU <- only 3 digits at the end, hence the equal sign. :+1:

[rlueder]

All, I put together a wrapper for Node.js that returns the auth tokens, it's published here: node-car-net

I can successfully request tokens and get my account information, including vehicle id, but the car status and health status endpoints return 403 forbidden, looks like my account doesn't have the rights to those calls.

Thanks!