Gateway down?

[Howjadoo]

Is the gateway down?

https://wsbvw.hughestelematics.com/HTIWebGateway/

My connections to this URL time out.

Error: HTTPSConnectionPool(host='wsbvw.hughestelematics.com', port=443): Max retries exceeded with url: /HTIWebGateway/EnterpriseGatewayServices/SecurityServiceV2_1 (Caused by NewConnectionError('<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x000002548942DD68>: Failed to establish a new connection: [WinError 10060] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond',))

[dimaj]

no. they have switched their servers around and, possibly changed the API. They have also forced everyone to update mobile apps

[Howjadoo]

Got it.

Is there an alternative connection method or are programmers now cut off from carnet updates?

On Tue, Feb 21, 2017 at 10:25 AM Dmitry Jerusalimsky < notifications@github.com> wrote:

no. they have switched their servers around and, possibly changed the API. They have also forced everyone to update mobile apps

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/bisho/carnet/issues/2#issuecomment-281395148, or mute the thread https://github.com/notifications/unsubscribe-auth/AYuzJoI5MT3sofKdfMHHzkH0K6utW5hwks5rew_ggaJpZM4MHgQ8 .

[dimaj]

i'm sure that if there's a will, there's a way... it just needs to be found :)

[bisho]

Yeah, they changed the API and I'm not subscribed anymore. If anyone is willing to send me valid credentials in private I could try to find the new API.

The old one was really ugly and open & insecure... I hope this time they did a bit better.

[dimaj]

yeah, and they fixed couple of issues where they gave you free access to things that required a paying subscription.

what about using something like requests to emulate user punching in credentials and then accessing data that way?

[bisho]

I am using requests in this project. I'm just not subscribed any more to the service, so I can't try to reverse engineer the new API after the changes. If somebody doesn't mind sending me valid credentials, I can try to fix this.

[Aciid]

You can use JADX to decompile the android application, that really gives you an insight on the current state of the portal, methods and it's endpoints. Some client-based functionalities look really botched and rushed.

It's "evolving", to a more well robust implementation. Still a ton of requests. I was looking for "special-functionalities" mentioned in Erwin Remote startup / Remote shutoff.. eg, no sight in the apps even though enabled in BCM. Probable listed in the service portal index functionalities.

[Howjadoo]

To be quite blunt, I want a way to record mileage in my 2017 Passat daily. Goal is a google spreadsheet or database. No reasonable OBD tools exist for this function. I figured carnet would work for this.

As of right now I am dictating mileage to Siri and routing to google spreadsheet but would love to instead pull automatically.

Any ideas?

On Thu, Feb 23, 2017 at 1:53 PM L->Firstname notifications@github.com wrote:

You can use JADX to decompile the android application, that really gives you an insight on the current state of the portal and it's endpoints. coughh

It's "evolving", to a pure SOAP implementation. I was looking for "special-functionalities" mentioned in Erwin Remote startup / Remote shutoff.. eg, no sight in the apps even though enabled in BCM. Probable listed in the service portal index functionalities.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/bisho/carnet/issues/2#issuecomment-282101430, or mute the thread https://github.com/notifications/unsubscribe-auth/AYuzJiomKMaBjl75XhV1__hl0fYSaXYAks5rfeOggaJpZM4MHgQ8 .

[bisho]

Yes, that should be very possible. I was using this to record the gps coordinates and put them on a map. Getting the mileage was also simple. Not sure about the new api after the changes, but I'm sure it should not be very complicated.

[Aciid]

@bisho pls refollow me on twatter there is cake to be had, need to establish some sorta DM or email.

[Howjadoo]

I would like to think through the safety implications of sharing my carnet account info. If I can get comfortable with doing this, I might release to one of you willing to muddle to through it. I appreciate your work on this project. We stand on the shoulders of giants.

On Fri, Feb 24, 2017 at 4:18 AM L->Firstname notifications@github.com wrote:

@bisho https://github.com/bisho pls refollow me on twatter there is cake to be had.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/bisho/carnet/issues/2#issuecomment-282256208, or mute the thread https://github.com/notifications/unsubscribe-auth/AYuzJkBkg0R831HO7A_cOeXTIHCGsgF_ks5rfq5-gaJpZM4MHgQ8 .

[Howjadoo]

FYI, I am leasing my car, so my goal is to build a mileage forecasting tool based on current usage. A way to suggest driving habits that could minimize the mileage you have to buy upfront or pay when you turn the car in.

I think so many people just buy 12k miles a year for a lease and don't think through whether that is too many or too few. Much like mint helps to suggest spending habits, i would like to suggest driving habits.

I've done an initial buildout, but the forecasting tools I have become a lot cooler, if you will, when I get more frequent data points. That is where this project comes in handy... pushing daily odometer readings to my tool.

Thank you again.

On Fri, Feb 24, 2017 at 10:08 AM Daniel Shanklin signup@danielshanklin.com wrote:

I would like to think through the safety implications of sharing my carnet account info. If I can get comfortable with doing this, I might release to one of you willing to muddle to through it. I appreciate your work on this project. We stand on the shoulders of giants.

On Fri, Feb 24, 2017 at 4:18 AM L->Firstname notifications@github.com wrote:

@bisho https://github.com/bisho pls refollow me on twatter there is cake to be had.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/bisho/carnet/issues/2#issuecomment-282256208, or mute the thread https://github.com/notifications/unsubscribe-auth/AYuzJkBkg0R831HO7A_cOeXTIHCGsgF_ks5rfq5-gaJpZM4MHgQ8 .

[Aciid]

@bisho where can i contact you?

[sajjadsa84]

Will this work in EU?

[bisho]

@Aciid Can you send me a private message via twitter? I'm https://twitter.com/bisho

[bisho]

Or also to bisho@freedreams.org

[bisho]

EU prod url is now https://app.volkswagen-car-net.com/hr2. Requests don't look that different, still looking...

[sajjadsa84]

If you need tester for Smartthings, let me know :)

[bisho]

I might need credentials for someone in EU to test the api.

[sajjadsa84]

Sent you an email

[bisho]

I haven't managed to find how the mobile api works, this time it's less obvious to see what is going on and how requests are built. I get a 451, unauthorized due to legal reasons :(

On the other hand, the web api looks simple enough:

import re
import requests
import base64

def get_location(email, password):

    csfr_re = re.compile('<meta name="_csrf" content="([^"]*)"/>')
    base = "https://www.volkswagen-car-net.com/portal"

    def b64(text):
        return requests.utils.quote(base64.b64encode(text.encode('utf-8')))

    def extract_csfr(r):
        return csfr_re.search(r.text).group(1)

    def headers(csfr):
        return {'X-CSRF-Token': csfr}

    # headers = {}
    s = requests.Session()
    s.cookies.set('CARNET_AUTH', b64(email))

    # Request login form and get CSFR:
    r = s.get(base + '/en_GB/web/guest/login')
    csfr = extract_csfr(r)

    # Login:
    app = '17_WAR_cored5portlet'
    url = base + (
        "/en_GB/web/guest/login?"
        "p_auth=" + csfr + "&"
        "p_p_id=" + app + "&"
        "p_p_lifecycle=1&"
        "p_p_state=normal&"
        "_" + app + "_javax.portlet.action=login"
        )
    post_data = {
        '_' + app + '_login': email,
        '_' + app + '_password': password,
    }
    r = s.post(url, data=post_data)
    if 'guest/login' in r.url:
        raise Exception('Unable to login :(')

    logged_url = r.url
    csfr = extract_csfr(r)

    # Get location:
    q = s.post(
        logged_url + "/-/cf/get-location",
        {},
        headers=headers(csfr),
    )
    print(q.text)

Prints: {"errorCode":"0","position":{"lat":XXXX,"lng":YYYY}}

There are other methods too:

• emanager/get-emanager: battery, range, charging status, ... heating too (not sure why here, maybe because consumes power?)
• vsr/get-vsr: status of the locks, lights, windows...
• vehicle-info/get-vehicle-details: mileage, last connection to the car, next service inspection...
• rts/get-latest-trip-statistics: as the name suggests
• mainnavigation/load-car-details/<< VIN >> model details, status of the car-net subscription... ...

I'll try to wrap this into a more useable API. If anyone has any findings on the mobile api please let me know.

[sajjadsa84]

Have you looked at this?

https://www.npmjs.com/package/vw-carnet

On Wed, Mar 22, 2017 at 5:40 AM, bisho notifications@github.com wrote:

I haven't managed to find how the mobile api works, this time it's less obvious to see what is going on and how requests are built. I get a 451, unauthorized due to legal reasons :(

On the other hand, the web api looks simple enough:

import re import requests import base64

def get_location(email, password):

csfr_re = re.compile('<meta name="_csrf" content="([^"]*)"/>')
base = "https://www.volkswagen-car-net.com/portal"

def b64(text):
    return requests.utils.quote(base64.b64encode(text.encode('utf-8')))

def extract_csfr(r):
    return csfr_re.search(r.text).group(1)

def headers(csfr):
    return {'X-CSRF-Token': csfr}

# headers = {}
s = requests.Session()
s.cookies.set('CARNET_AUTH', b64(email))

# Request login form and get CSFR:
r = s.get(base + '/en_GB/web/guest/login')
csfr = extract_csfr(r)

# Login:
app = '17_WAR_cored5portlet'
url = base + (
    "/en_GB/web/guest/login?"
    "p_auth=" + csfr + "&"
    "p_p_id=" + app + "&"
    "p_p_lifecycle=1&"
    "p_p_state=normal&"
    "_" + app + "_javax.portlet.action=login"
    )
post_data = {
    '_' + app + '_login': email,
    '_' + app + '_password': password,
}
r = s.post(url, data=post_data)
if 'guest/login' in r.url:
    raise Exception('Unable to login :(')

logged_url = r.url
csfr = extract_csfr(r)

# Get location:
q = s.post(
    logged_url + "/-/cf/get-location",
    {},
    headers=headers(csfr),
)
print(q.text)

Prints: {"errorCode":"0","position":{"lat":XXXX,"lng":YYYY}}

There are other methods too:

• emanager/get-emanager: battery, range, charging status, ... heating too (not sure why here, maybe because consumes power?)
• vsr/get-vsr: status of the locks, lights, windows...
• vehicle-info/get-vehicle-details: mileage, last connection to the car, next service inspection...
• rts/get-latest-trip-statistics: as the name suggests
• mainnavigation/load-car-details/ model details, status of the car-net subscription... ...

I'll try to wrap this into a more useable API. If anyone has any findings on the mobile api please let me know.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/bisho/carnet/issues/2#issuecomment-288211520, or mute the thread https://github.com/notifications/unsubscribe-auth/AY62RwX5nsPOP_yP0o9htL41r0TddT1eks5roDXDgaJpZM4MHgQ8 .

[bisho]

I think it is for the old version of the API

[Aciid]

@bisho email sent, could not direct message you on twitter without you following me some sort of restriction there, aciidxor on twitter

[Maverick78de]

Any news to get it working again?

[videopix]

The python script bisho posted on Mar 21 works fine for me. Thanks for this! Only mainnavigation/load-car-Details did not work. Did someone find out any additional methods?

[Maverick78de]

You are right. I'm sorry I haven't read the whole thread. Shame on me ;)

[Javata]

@videopix @bisho can you please let me know how I get the code from 21st of March to work?! I have the "old" carnet code running. How do I modify it with the new one...

Thanks!

[bullfinsh]

Hi! Any news here? :)

[BerndGewehr]

Has anyone had success in activating the heater by a remote call? I‘d like to have a better way to start my heater with Siri or Alexa...

[reneboer]

@bisho It seems VW changed the API again. I cannot reverse engineer this due to lack of knowledge. But I have an account. Can I help get this working?

[Maverick78de]

The API seems to be unchanged, but the login doesn't work anymore. I'm not able to get it working. @bisho are you able to help? I'm also interressted to get it working again.

[reneboer]

Hi, I did manage to figure this out. The version found here https://github.com/reneboer/python-carnet-client should be working at least for the EU portal. I cannot test any other.

[Maverick78de]

Thx for the hint, I hmade some modification but got it working again with python-carnet-client Thx a lot.

[hlitz]

@Maverick78de Did you get it to work with EU or also US ?

[Maverick78de]

I got it working for EU but I don't use it anymore because of the newest change at CarNet. Battery charge is now reported at full 10% values. So you never know if you have 52 or 62% it will reported as 60%. CarNet is completely useless for scripting now.

[ShifengHuGit]

Does anyone know that if we send the getUnifiedVehicleStatusDetails request to Endpoint Server， Will Server send request to car then response to Client or Server just return its local data？ I am afraid that sending frequently requests to Server will speed up the Car battery to death