timdorr
authorize endpoints now require reCAPTCHA for generating new access/refresh tokens
It seems that for some users (or at least for me), trying to POST to /oauth2/v3/authorize using the documented approaches here results in the user being forwarded back to the sign-in page with this error message:
Recaptcha is required.
This differs from the SVG-based CAPTCHA login flow that others have documented previously.
It doesn't seem like there's a workaround to this unless you use a webdriver and track redirects.
The documentation needs to be updated to reflect this if anyone else is experiencing the same behavior.
My findings regarding this topic. reCaptcha initial loading checks are: Exact headers with exact user-agent minTLS 1.2 keep-alive:true
reCaptcha login submission. Exact headers 5 cookies you will receive 4 after initial loading and the last one after loading i18n text files In the bottom of the login page is a random script tag what needs to be executed in a browser before submit the login information. This script will submit information "sensor_data" like timestamp cookies and useragent
Site key is key to solving the problem and then outsourcing site key to captcha solving service using recaptcha :
https://github.com/fkhera/powerwallCloud/commit/d731951c746d44b25dc3905bacb0f8aba7e1d87a
But the user have to pay for this and register a API_KEY? Why don't let the user login manually and copy paste the auth_code after login to receive the auth_token. This login is once a lifetime action for new installations. This is the way how it is done in the ioBroker Adapter to have full control over tesla and powerwalls. Owner Accesstoken is refreshed automatically every 45days no new login necessary
Or just kinda brute-force it, like I'm doing: https://github.com/timdorr/tesla-api/discussions/501#discussioncomment-1829937
Eventually, Tesla gets in the middle of everything and resets the CAPTCHA, and then you can login without it.
Site key is key to solving the problem and then outsourcing site key to captcha solving service using recaptcha :
Wow.... their workers are only paid ~$1.01/21000sec or ~$0.17/hr. I wonder how many are just ML bots.
Always get the 403 as well - any solution for that?
@MobAbi Did you solve the 403 error for step 2? Any experience could share?
I haven't had any issue getting refresh tokens, but it seems that you need to regenerate your access token every few months. (I think I've had to do it twice, but been using this API for over a year or so)
I'm not able to get through the current issue where either reCaptcha or other user-agent issues are preventing me from getting the initial token. Even if it takes some manual work to get the access token then automate the refresh token, has anybody found any way to workaround this? (This is mostly a bump and subscribe to any updates. 😅)
EDIT: Seems like this site https://tesla-info.com/tesla-token.php is able to generate the token with a manual visit, which you can then use. Adding this for anybody that might come across this vs the more current thread here
