Closed karora closed 6 years ago
As I understand it, -region NE
is what you need in Europe. Do you get the same INVALID PARAMS
error with that?
Another possibility: you may want to try your username (rather than your email address) despite the -email
flag -- I have read that for some people they are different things?
Thanks for your response. Yes, I've tried using "NE" for the region, as well as using my username instead of the email address: I get the same INVALID PARAMS
response regardless.
Could you try changing the baseURL
in the code to https://gdcportalgw.its-mo.com/gworchest_160803A/gdc/
and https://gdcportalgw.its-mo.com/gworchest_160803EC/gdc/
and let me know if either works?
The first of those URLs gives a 404, the second gives the same INVALID PARAMS
response. I have tried using the https://github.com/gboudreau/nissan-connect-php project to connect and that was initially also returning INVALID PARAMS
until I switched to using a username rather than an email address, but now that it is working I see that it is using https://gdcportalgw.its-mo.com/gworchest_160803EC/gdc/
for it's base URL.
I can also see that when it makes the login request it sends a different encrypted password:
****J94ByT1QL04P52m33Q==
(nissan-connect-php) vs ****J94ByT0=
(carwings.go) (first four characters replaced for security reasons, but they're the same in both strings).
The PHP code also seems to be sending some additional params, (it outputs params in JSON for debugging) i.e.:
{
"UserId":"karora",
"Password":"****J94ByT1QL04P52m33Q==",
"custom_sessionid":"",
"initial_app_strings":"geORNtsZe5I4lRGjG9GZiA",
"RegionCode":"NE",
"lg":"en-US",
"DCMID":"",
"VIN":"",
"tz":"Europe\/Dublin"
}
OK, the issue seems to be with the encryption of the password. My password was 8 characters - exactly the same size as a Blowfish chunk - but when I changed it to a 10 character password the encrypted values match between the two libraries and I am now able to get past the login :-)
So I shall retitle this issue to indicate the underlying problem with the password encryption.
Wow! Thank you for the excellent detective work. I will look into fixing this.
Just thought I'd see what happened if padding was always applied, and it matches what the PHP code does in that case.
This comment might indicate the thinking behind OpenSSL's behaviour on this one: https://stackoverflow.com/questions/41181905/php-mcrypt-encrypt-to-openssl-encrypt-and-openssl-zero-padding-problems
Presumably the server-side PHP is also using openssl libraries, so it gets this behaviour too.
I'm trying to use this from Ireland, where I see the following response:
Aside from the bug in their JSON response where they return a string "-2010" rather than a number, I'm not sure what the valid parms might be.
I've also tried using
-region EU
or-region NE
(after I looked at the code a bit :-)I'm keen to help out where I can.
Thanks, Andrew.