Login fails at step 6: "code" and "state" cannot be extraced from response

birgersp commented 4 years ago

Hi,

It seems VW changed something regarding login step 5/6.

In step 6, the application fails to extract "state" and "code" from the response url.

    login_action2_url = auth_base_url + '/signin-service/v1/' + client_id + '/login/authenticate'
    login_post_response = session.post(login_action2_url, data=login_data, headers=auth_request_headers, allow_redirects=True, verify=certverify)
    if login_post_response.status_code != 200:
        return '', 'Failed to process login sequence.'
    ref2_url = login_post_response.url                      
    portlet_code = extract_url_parameter(ref2_url, 'code')
    state = extract_url_parameter(ref2_url, 'state')

In my most recent attempt, the response URL looked like this:

https://identity.vwgroup.io/signin-service/v1/consent/users/f7427f16-d0d3-4bdc-b46d-ba8bc2be9be5/b7a5bb47-f875-47cf-ab83-2ba3bf6bb738@apps_vw-dilab_com?scopes=openid%20profile%20birthdate%20nickname%20address%20email%20phone%20cars%20dealers%20mbb&relayState=028081fad32f5f9e65542f6f8c5421a0e2cd3855&callback=https://identity.vwgroup.io/oidc/v1/oauth/client/callback&hmac=a5a379dbc3eaca571a6d6c641d431d416802b20fc5180dd78edcb9385182b490

bgewehr commented 4 years ago

I had to repeat my grants on manual web login, since then the script worked again. Give it a try!

birgersp commented 4 years ago

Ah, yes you're right. I should have checked this, but I was lead to believe it was actually a API change this time. Thanks @bgewehr !

reneboer / python-carnet-client

Login fails at step 6: "code" and "state" cannot be extraced from response #30