Add "Start/Stop Charge" for US electric vehicles

[PierreLevres]

For what region do you ask it? For Europe it exists since a few days?

[doguitar]

US. I wasn't aware it was implemented at all.

[Hacksore]

@doguitar I'd be happy to try and implement this for the US but I don't have an EV. So with that, I'd need to know what the request looks like.

Do you know how to reverse engineer the network requests?

[doguitar]

No I don't. I'd be happy to help if you want to show me how.

[Hacksore]

So I wrote this as my way of doing it but there are surely other ways.

https://docs.google.com/document/d/1q0Pz2t5Gmt-vv8z-2Yswhvg2x9B2f3d1vjpkIjt9EfQ/edit?usp=sharing

[doguitar]

Thanks! I'll run through this later today. I'll let you know if I have an issues.

[doguitar]

I haven't forgotten about this, just haven't had enough time to get everything rolling. I'm almost there but ran into trouble loading the US app into bytecode viewer (it appears to be working but never finishes loading) and haven't had time to get back to it.

[Hacksore]

This is something I’ve seen with bytecode viewer where it can hang for a long time.

I’d just try again and see if it works after a considerable amount of time.

On Tue, Sep 29, 2020 at 11:04 PM Sean Seymour notifications@github.com wrote:

I haven't forgotten about this, just haven't had enough time to get everything rolling. I'm almost there but ran into trouble loading the US app into bytecode viewer (it appears to be working but never finishes loading) and haven't had time to get back to it.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/Hacksore/bluelinky/issues/69#issuecomment-701143974, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAHTGJUXU2N3JIGKIWHLXJ3SIKU6DANCNFSM4RK7U66Q .

[Hacksore]

@doguitar Did you make any progress on this effort?

[doguitar]

I let bytecode viewer try to open the apk for an extended period but was never able to get it open. I tried hiding root from the app by various methods but wasn't able to get that working either. Actually, now that I'm typing this, if I remove root after the certificate for the MITM is installed, will it still work?

[Hacksore]

@doguitar Well, you don't have to have a rooted phone. As long as you can disable SSL pinning you are able to MITM traffic.

[mhirsch]

I just got an Hyundai EV with bluelink. I see that when I go to the owners.hyundaiusa.com website I can make bluelink API requests through the website. I see the API requests in the browser network traffic. For example, I unlocked the doors and I see this (copied as a fetch):

await fetch("https://owners.hyundaiusa.com/bin/common/remoteAction", {
    "credentials": "include",
    "headers": {
        "User-Agent": "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:82.0) Gecko/20100101 Firefox/82.0",
        "Accept": "*/*",
        "Accept-Language": "en-US,en;q=0.5",
        "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
        "X-Requested-With": "XMLHttpRequest",
        "CSRF-Token": "undefined",
        "Sec-GPC": "1",
        "Pragma": "no-cache",
        "Cache-Control": "no-cache"
    },
    "referrer": "https://owners.hyundaiusa.com/content/myhyundai/us/en/page/dashboard.html",
    "body": "vin=XXXXXXXX&username=XXXXXXXX&token=XXXXXXXX&pin=XXXX&url=https%3A%2F%2Fowners.hyundaiusa.com%2Fcontent%2Fmyhyundai%2Fus%2Fen%2Fpage%2Fdashboard.html&gen=2&regId=XXXXXXXX&service=remoteunlock",
    "method": "POST",
    "mode": "cors"
});

I don't have the car plugged in right now, so I can't call the start/stop charge service, but if this is useful to you in implementing the service in this library I'd be happy to capture that as well.

Is there a reason you're going to all the trouble of MITM the android app instead of pulling the api from the browser on the web version of the page?

[Hacksore]

@mhirsch So back in the day https://github.com/Hacksore/bluelinky/tree/0.0.8 I was using the web API endpoints. As the library matured I found that some things were not available (location).

So I made the decision to just get the endpoints from the mobile app 😎.

[mhirsch]

So would it be helpful here to get the start/stop charge request from the web?

[Hacksore]

you can share the request but I don't won't to use them in the library.

I'd like to use the apps API calls so we are consistent.

On Tue, Nov 10, 2020 at 8:31 AM Matt Hirsch notifications@github.com wrote:

So would it be helpful here to get the start/stop charge request from the web?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/Hacksore/bluelinky/issues/69#issuecomment-724738635, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAHTGJQISXNPR2FI6QKFQFDSPFFFHANCNFSM4RK7U66Q .

[Hacksore]

I'm going to close this issue due to age but if we want to revisit it can be reopened.