Login failed for china

[lwy197809]

Describe the issue

Can't login MyBMW account.

Expected behavior

seems the authentication scheme changed by BMW?

Which Home Assistant version are you using?

2023.1.0.dev20221205

What was the last working version of Home Assistant Core?

No response

What is your region?

China

MyBMW website

• [X] I can still successfully login to the BMW MyBMW website and the car status is available there.
• [X] I have MyBMW enabled for my vehicle.

Number of cars

• [ ] I have 2 or more cars linked to the MyBMW account.
• [ ] I have a Mini vehicle linked to my account.

Output of bimmer_connected fingerprint

No response

Anything in the logs that might be useful for us?

root@raspberrypi:~# bimmerconnected fingerprint 86xxxxxxxxxxx xxxxxxxx china
DEBUG:asyncio:Using selector: EpollSelector
DEBUG:bimmer_connected.account:Getting vehicle list
DEBUG:bimmer_connected.account:Getting vehicle list
DEBUG:bimmer_connected.api.authentication:Authenticating with MyBMW flow for China.
DEBUG:httpx._client:HTTP Request: GET https://myprofile.bmw.com.cn/eadrax-coas/v1/cop/publickey "HTTP/1.1 200 OK"
DEBUG:httpx._client:HTTP Request: POST https://myprofile.bmw.com.cn/eadrax-coas/v2/login/pwd "HTTP/1.1 422 Unprocessable Entity"
ERROR:bimmer_connected.api.authentication:Authentication error: {"data":null,"code":499100,"error":true,"msgType":"toast","description":"请前往应用市场获取最新版本"}
Traceback (most recent call last):
  File "/usr/local/bin/bimmerconnected", line 8, in <module>
    sys.exit(main())
  File "/usr/local/lib/python3.9/dist-packages/bimmer_connected/cli.py", line 302, in main
    loop.run_until_complete(args.func(args))
  File "/usr/lib/python3.9/asyncio/base_events.py", line 642, in run_until_complete
    return future.result()
  File "/usr/local/lib/python3.9/dist-packages/bimmer_connected/cli.py", line 147, in fingerprint
    await account.get_vehicles()
  File "/usr/local/lib/python3.9/dist-packages/bimmer_connected/account.py", line 88, in get_vehicles
    await self._init_vehicles()
  File "/usr/local/lib/python3.9/dist-packages/bimmer_connected/account.py", line 66, in _init_vehicles
    vehicles_responses: List[httpx.Response] = [
  File "/usr/local/lib/python3.9/dist-packages/bimmer_connected/account.py", line 67, in <listcomp>
    await client.get(
  File "/usr/local/lib/python3.9/dist-packages/httpx/_client.py", line 1757, in get
    return await self.request(
  File "/usr/local/lib/python3.9/dist-packages/httpx/_client.py", line 1533, in request
    return await self.send(request, auth=auth, follow_redirects=follow_redirects)
  File "/usr/local/lib/python3.9/dist-packages/httpx/_client.py", line 1620, in send
    response = await self._send_handling_auth(
  File "/usr/local/lib/python3.9/dist-packages/httpx/_client.py", line 1645, in _send_handling_auth
    request = await auth_flow.__anext__()
  File "/usr/local/lib/python3.9/dist-packages/bimmer_connected/api/authentication.py", line 76, in async_auth_flow
    await self.login()
  File "/usr/local/lib/python3.9/dist-packages/bimmer_connected/api/authentication.py", line 119, in login
    token_data = await self._login_china()
  File "/usr/local/lib/python3.9/dist-packages/bimmer_connected/api/authentication.py", line 286, in _login_china
    handle_http_status_error(ex, "Authentication", _LOGGER)
  File "/usr/local/lib/python3.9/dist-packages/bimmer_connected/api/utils.py", line 60, in handle_http_status_error
    raise ex
  File "/usr/local/lib/python3.9/dist-packages/bimmer_connected/api/authentication.py", line 274, in _login_china
    response = await client.post(
  File "/usr/local/lib/python3.9/dist-packages/httpx/_client.py", line 1848, in post
    return await self.request(
  File "/usr/local/lib/python3.9/dist-packages/httpx/_client.py", line 1533, in request
    return await self.send(request, auth=auth, follow_redirects=follow_redirects)
  File "/usr/local/lib/python3.9/dist-packages/httpx/_client.py", line 1620, in send
    response = await self._send_handling_auth(
  File "/usr/local/lib/python3.9/dist-packages/httpx/_client.py", line 1648, in _send_handling_auth
    response = await self._send_handling_redirects(
  File "/usr/local/lib/python3.9/dist-packages/httpx/_client.py", line 1706, in _send_handling_redirects
    raise exc
  File "/usr/local/lib/python3.9/dist-packages/httpx/_client.py", line 1688, in _send_handling_redirects
    await hook(response)
  File "/usr/local/lib/python3.9/dist-packages/bimmer_connected/api/authentication.py", line 354, in raise_for_status_event_handler
    response.raise_for_status()
  File "/usr/local/lib/python3.9/dist-packages/httpx/_models.py", line 745, in raise_for_status
    raise HTTPStatusError(message, request=request, response=self)
httpx.HTTPStatusError: Client error '422 Unprocessable Entity' for url 'https://myprofile.bmw.com.cn/eadrax-coas/v2/login/pwd'
For more information check: https://httpstatuses.com/422

Additional information

No response

[lanceliao]

It seems that the version defination on const.py is outdated, the latest version of MyBMW app is 2.12.0 while the defination is Regions.CHINA: "2.3.0(13603)".

I tried to change 2.3.0 to 2.12.0 on the code and the error shows login verification failed. I guess the error was due to wrong changelist number, obvious it is not 13603 on 2.12.0.

DEBUG:asyncio:Using selector: EpollSelector
DEBUG:bimmer_connected.account:Getting vehicle list
DEBUG:bimmer_connected.api.authentication:Authenticating with MyBMW flow for China.
DEBUG:httpx._client:HTTP Request: GET https://myprofile.bmw.com.cn/eadrax-coas/v1/cop/publickey "HTTP/1.1 200 OK"
DEBUG:httpx._client:HTTP Request: POST https://myprofile.bmw.com.cn/eadrax-coas/v2/login/pwd "HTTP/1.1 422 Unprocessable Entity"
ERROR:bimmer_connected.api.authentication:Authentication error: {"data":null,"code":499200,"error":true,"msgType":"toast","description":"登录校验异常，请使用正常渠道下载的应用程序！"}
Traceback (most recent call last):

MyBMW app uses SSL pinning to avoid mitm, any suggestions on how to mitm the API?

[rikroe]

We are still on the very old version for china due to BMW changing the login secrets in both 2.7.0 and 2.9.0 leading to not being able to login anymore. See https://github.com/bimmerconnected/bimmer_connected/discussions/488 for more info.

I was not able to figure out the new login yet (and don't have much time right now). So any support there is appreciated.

@lanceliao check this https://blog.nviso.eu/2022/08/18/intercept-flutter-traffic-on-ios-and-android-http-https-dio-pinning/ This works for me for the rest of world version if the apk is patched with objection and using mitmproxy in wireguard mode.

[github-actions[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[Yixi]

@rikroe I found a way to capture the mybmw network traffic, but I can't write the Python code. How can I help?

I found some URLs have changed. For example, the refresh token URL has changed from /eadrax-coas/v1/oauth/token to /eadrax-coas/v2/oauth/token

I've also captured some requests as cURL commands. If needed, I can send them to you via email, as they contain private information.

[rikroe]

Thats great! It would be great if you can send me some infos on the login flow to rikro@gmx.net?

• How to log in first time (i.e. after reset of MyBMW app)
  • Is the only option SMS + captcha by now? So no option to login with Password only?
  • Please be as precise as possible, i.e. which URLs are called after each other. I'm probably going to need to have both request & response as they usually build on each other.
  • If you remove your password, SMS token + refresh token with some placeholder text I cannot login to your account but will see how the flow executes
• The token flow using the refresh token (i.e. you closed the app after logging in and then return after >60 minutes)

[Yixi]

Thats great! It would be great if you can send me some infos on the login flow to rikro@gmx.net?

• How to log in first time (i.e. after reset of MyBMW app)

  • Is the only option SMS + captcha by now? So no option to login with Password only?
  • Please be as precise as possible, i.e. which URLs are called after each other. I'm probably going to need to have both request & response as they usually build on each other.
  • If you remove your password, SMS token + refresh token with some placeholder text I cannot login to your account but will see how the flow executes
• The token flow using the refresh token (i.e. you closed the app after logging in and then return after >60 minutes)

I send some message in our china-login private discussions

[muxiachuixue]

The encryption algorithm of the nonce in the newest version of MyBMW app in China (v3.3.1) has been reversed by @erxiaowang417. So is @rikroe or @erxiaowang417 willing to make an update of bimmer_connected (also the HA integration) to support Chinese users?

Please see: https://github.com/erxiaowang417/Mybmw-Script/tree/main/Reverse https://gitee.com/cvnc/BMW/blob/master/lib/BMWLogin.js https://gitee.com/cvnc/BMW/blob/master/lib/GetNonce.js

[rikroe]

Very cool! Sure, as it is open sourced on github I can integrate that!

But even password login still requires solving the captcha, right?

[erxiaowang417]

In the request body for login, there are many ways to implement sliding verification. The author CVNC implements an achievable acquisition method.This author also explains that the SMS login method and password login method.

[Yixi]

Very cool! Sure, as it is open sourced on github I can integrate that!

But even password login still requires solving the captcha, right?

In my multiple attempts, I found that captcha may not be necessary in the login process. In fact, I was able to log in to my Chinese BMW account through a modified source code in the authentication.py file of bimmer_connected in HA, which allowed me to generate a nonce in a different way.

I also submitted a PR that the user_agent in version 3.3.1 will prompt an error in the API in the China region, and we need to revert to version 3.1.0 of the user_agent.

[muxiachuixue]

Very cool! Sure, as it is open sourced on github I can integrate that! But even password login still requires solving the captcha, right?

In my multiple attempts, I found that captcha may not be necessary in the login process. In fact, I was able to log in to my Chinese BMW account through a modified source code in the authentication.py file of bimmer_connected in HA, which allowed me to generate a nonce in a different way.

I also submitted a PR that the user_agent in version 3.3.1 will prompt an error in the API in the China region, and we need to revert to version 3.1.0 of the user_agent.

The captcha is necessary after the last update of MyBMW in China several days ago. You may refer to this (from CVNC and erxiaowang417) to use the latest MyBMW API (v3.3.1). In order not to upload any user information, please do not use any third-part API (like yixi.pro/api ) in the PR. Thx. @rikroe @Yixi @erxiaowang417 Anyone have time to make a new update?

[Yixi]

I have submitted a pull request and am waiting for it to be merged. https://github.com/bimmerconnected/bimmer_connected/pull/534

[rikroe]

Thanks @Yixi!! With https://github.com/home-assistant/core/pull/93180 merged this is included in HA 2023.5.4 or latest 2023.5.

[muxiachuixue]

Thanks @Yixi!! With home-assistant/core#93180 merged this is included in HA 2023.5.4 or latest 2023.5.

Thanks @Yixi and @rikroe . Will the HA custom component also be updated so we do not need to update to the latest version of HA?

[rikroe]

Thanks for the reminder, please see https://github.com/bimmerconnected/ha_custom_component/releases/tag/20230517.1