Error: Login credentials rejected

[joepalexander]

An error when attempting to log into the TeslaJS framework. I have tried it both locally on my Linux machine, as well as through codespaces to no avail. I was last able to successfully use the system a matter of days ago.

Steps to recreate: Attempt to log in through the sample Login.js file.

output:

Error: Login credentials rejected at /workspaces/TeslaJS/src/auth.js:95:19 at tryCallOne (/workspaces/TeslaJS/node_modules/promise/lib/core.js:37:12) at /workspaces/TeslaJS/node_modules/promise/lib/core.js:123:15 at flush (/workspaces/TeslaJS/node_modules/asap/raw.js:50:29) at processTicksAndRejections (internal/process/task_queues.js:75:11)

[mseminatore]

Tesla has once again broken 3rd party logins. In the last day they installed a Captcha step as part of authentication on Tesla.com. The community has yet to find a way to work with/through/around that. If this is not an error on Tesla's part it will shut off 3rd party applications until/unless they create a developer program.

I will keep this open for a little longer to see where this goes.

[joepalexander]

@mseminatore thank you for the prompt response! Hoping for some good news!

Update:

However, they seem to have implemented it on the applications too... which doesn't seem promising...

[joepalexander]

Could the CLI version just point to the webview of the tesla login, then catch the tokens?

[ChutneyMary]

For info, I'm using the Tesla Control app for Windows. That contines to work where I am and I believe it is using the TeslaJS library.

However my node-red-contrib-tesla function block ceased to work about 2 days ago. That is also based on the TeslaJS library.

I don't know why I'm having two different experiences with software that incorporates the TeslaJS library. Perhaps there's a way forward here?

[joepalexander]

https://github.com/adriankumpf/teslamate/issues/1651#issuecomment-851977751

They managed to integrate the captcha into their software. Surely it's work-around able :)

[kotran88]

i'm also having trouble in it! hope it solved soon!

[joepalexander]

Tesla seem to have removed the captcha from their site. This is likely to be temporary however I shall embrace it whilst still possible.

It will be up to the repository owner as to whether to close this issue

[mseminatore]

Tesla was having fun breaking everyone with the Captcha. As you've seen they've now removed it. Who knows where they go next. :) For now the library is working again.

@ChutneyMary I am the author of both TeslaJS and the Tesla Control app. They are similar but not identical code bases. That is both a blessing and a curse for me. The Captcha should have broken both libraries, but I suspect you may have had a cached token for the app.

[soheil]

Wait, why are you closing this issue? Captcha is still showing up, the fact that some users may have an auth token cached does not really solve this problem.

[mseminatore]

The issue is not still showing up. It just showed up again in the last few days. It appears Tesla is again playing around with their login flow. It is not clear that it will stay.

[joepalexander]

@mseminatore we can only hope it's temporary!

[soheil]

@mseminatore we can only hope it's temporary!

Actually I got it working. All you have to do add a step to input the captcha code manually during login. To see the captcha just load the image from auth.tesla.com/captcha with something like wget and save it as a svg file.

[joepalexander]

@soheil

Kindly pull request this; would save six months of coding going to waste 🥺 ( or DM me on Twitter I'd be eternally greatful) @joeppalexander

[mseminatore]

@soheil is the Captcha static in the sense that the same captcha is available at auth.tesla.com/captcha until it globally rotates? Or does every call to that endpoint generate a new captcha?

[joepalexander]

@mseminatore it seems that every call generates a new code

[soheil]

Yes but no additional parameters are sent with that call. So my guess is that the generated code works for any user for a period of time (similar to 2fa) or it logs the client IP address and checks that server side on login.

[joepalexander]

And they've disabled it again...

[soheil]

Are you sure this is not just you? It could be an automated detection based on your IP/browser risk level.

[joepalexander]

I have tried it on my work network, Mobile Network; as well as through a VPN; as well as different devices. They seem to have disabled it for me for some reason... do you still have it asking for the captcha @soheil ?

[soheil]

No. That's interesting, not sure how they are determining to turn it on/off.

[joepalexander]

It may be when their servers are detecting anomolous patterns?

[mseminatore]

I've been told (and observed) that from time to time they block calls from AWS, Azure and G-Cloud when they feel that the traffic has been too high. Perhaps rather than just blocking traffic they throw up the Captcha for those endpoints. I know that some users have had their home IP's blocked for overuse.

I remain hopeful that Tesla will some day open up a developer program so they can block by client app key instead of just IP ranges.

[soheil]

Makes sense. I wasn't caching the oauth token and my app was logging in every time. I think that triggered their captcha for my home IP. Now I don't see it anymore. I was able to change the code though to manually input the displayed captcha using readline-prompt lib and wget'ing /captcha into an svg file. Maybe it's worthwhile adding that functionality if more people are running into this issue.

[mseminatore]

@soheil feel free to work up a PR and send it. That said, this library is intended to be headless so I am reluctant to include support for an interactive component.

[soheil]

No worries. Hopefully at least people will find this issue helpful in someone else runs across it. I think their captcha is also pretty easy to solve in an automated way...

[soheil]

No worries. Hopefully at least people will find this issue helpful in someone else runs across it. I think their captcha is also pretty easy to solve in an automated way...