C# stuck on step 2

[salvesen]

Getting quite frustrated testing this new oAuth thing.

I got the first step, I now have the "hidden" inputs and cookie.

But when trying to post(step 2) I only get the same HTML code as in step 1. Not sure what I am doing wrong, this is the code I am testing. Sorry for the mess... just testing at the moment :P

        public static string postInterface(string code_challenge, Dictionary<string, string> fromHtml, string userName, string password)
        {
            try
            {
                //Data
                string data = "identity=" + userName + "&credential=" + password;
                foreach(KeyValuePair<string, string> inputNames in fromHtml)
                {
                    data += "&" + inputNames.Key + "=" + inputNames.Value;
                }
                //Console.WriteLine("Posting data: " + data);
                //encode string
                data = HttpUtility.UrlEncode(data);

                WebClient webClient = new WebClient();
                //header
                webClient.Headers[HttpRequestHeader.ContentType] = "application/x-www-form-urlencoded";
                //query
                webClient.QueryString.Add("client_id", "ownerapi");
                webClient.QueryString.Add("code_challenge", code_challenge);
                webClient.QueryString.Add("code_challenge_method", "S256");
                webClient.QueryString.Add("redirect_uri", "https://auth.tesla.com/void/callback");
                webClient.QueryString.Add("response_type", "code");
                webClient.QueryString.Add("scope", "openid email offline_access");
                webClient.QueryString.Add("state", "123");
                //header
                webClient.Headers.Set("Cookie",cookie);
                //Body
                string upload = webClient.UploadString("https://auth.tesla.com/oauth2/v3/authorize", data);
                WebHeaderCollection headers = webClient.ResponseHeaders;
                for (int i = 0; i < headers.Count; i++)
                {
                    Console.WriteLine("\t" + headers.GetKey(i) + " = " + headers.Get(i));
                }
                return upload;
            }
            catch (WebException error)
            {
                HttpWebResponse response = (HttpWebResponse)error.Response;
                return "Error: failed to post to interface. " + response.StatusCode;
            }
        }

[timdorr]

Where are you generating the cookie value from? It appears to be outside the scope of this function. The easiest way to generate it is to just take the set-cookie header, split the string on a space (.split(' ')), and then that gives you the cookie value. The rest of the contents of that header are for the user agent to set the cookie properly, but not for the cookie value itself.

[salvesen]

I am parsing it from my get call, so that is ok. Just saving it outside this function for ease while testing.

[wyk111wyk]

Hi, may I ask how should I use those hidden like "_csrf", do I wrap them in an array or just named by each key?
I just keep getting Location as the same url I request, not sure what's wrong.

[BenjiFTL]

Hi, may I ask how should I use those hidden like "_csrf", do I wrap them in an array or just named by each key?
I just keep getting Location as the same url I request, not sure what's wrong.

Did you ever find out about this?

[tomhollander]

The form data just needs to be posted as application/x-www-form-urlencoded which is what the browser does. In my testing I did run into the problem where I was redirected to the same page rather than the one with the code. In my case I had a typo in the name of the password field. So it does seem to be fairly finnicky that you have the exact right set of fields, plus I'm sure you do need to use the correct encoding.

[bassmaster187]

The c# WebClient receives a redirect and automatically redirects the WebClient. You have to turn off this behaivor:

using (HttpClientHandler ch = new HttpClientHandler())
                {
                    ch.AllowAutoRedirect = false;
                    ch.UseCookies = false;
                    using (HttpClient client = new HttpClient(ch))
                    {

you can find a working c# login in Teslalogger. Take a look at Method GetToken()

https://github.com/bassmaster187/TeslaLogger/blob/master/TeslaLogger/WebHelper.cs

[salvesen]

Thanks! Doing the autoredirect change did stop me from re-directing! Thats great. But I am not really seeing the "code" in the location adress.

Location = /oauth2/v3/authorize?client_id=ownerapi&code_challenge=AqmK9kpHyf+DmT1FztBZAzsUy468Dq36jIusyzrp1t8=&code_challenge_method=S256&redirect_uri=https://auth.tesla.com/void/callback&response_type=code&scope=openid%20email%20offline_access&state=123

[salvesen]

figured it out! This was causing my issue:

data = HttpUtility.UrlEncode(data);

[wyk111wyk]

Thanks! Doing the autoredirect change did stop me from re-directing! Thats great. But I am not really seeing the "code" in the location adress.

Location = /oauth2/v3/authorize?client_id=ownerapi&code_challenge=AqmK9kpHyf+DmT1FztBZAzsUy468Dq36jIusyzrp1t8=&code_challenge_method=S256&redirect_uri=https://auth.tesla.com/void/callback&response_type=code&scope=openid%20email%20offline_access&state=123

Hi, I had the same Location back without "code" in it, would you like to tell me what did I miss?

[salvesen]

My problem was the mentioned encoding over. It did not work.

[vercorsio]

Hi, I was stuck last sunday on this too... Don't forget to url encode your POST payload in php: curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($fields)); where fields contains the hidden fields from step 1 ("_csrf", "_phase", "_process", "transaction_id", and "cancel") plus "identity" and "credential" Now it works well on my tool (jeedom tesla plugin) Nicolas

…

On Thu, Feb 4, 2021 at 2:23 AM AmosFitness ***@***.***> wrote: Thanks! Doing the autoredirect change did stop me from re-directing! Thats great. But I am not really seeing the "code" in the location adress. Location = /oauth2/v3/authorize?client_id=ownerapi&code_challenge=AqmK9kpHyf+DmT1FztBZAzsUy468Dq36jIusyzrp1t8=&code_challenge_method=S256&redirect_uri= https://auth.tesla.com/void/callback&response_type=code&scope=openid%20email%20offline_access&state=123 Hi, I had the same Location back without "code" in it, would you like to tell me what did I miss? — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#269 (reply in thread)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AKZEEOKC7FNDC5AU6FAPLR3S5HZKRANCNFSM4W3VGUDQ> .

[BenjiFTL]

When you POST the fields of the URL body does it have to be in an array format? I noticed on the timdor docs that the requirement is String[]. I keep getting redirected back to the original request so I know something is wrong and that's the only part I'm having trouble sussing out.

[tomhollander]

The form fields need to be posted with the application/x-www-form-urlencoded content type, in a format that's basically a URL-encoded query string (but in the body, not the URL).

Example:

_csrf=7rogP9eb-pYNgxEYv_fu4KKnQ5U-n4A8abEU&_phase=authenticate&_process=1&transaction_id=D7aWeNeJ&cancel=&identity=myemail%40example.com&credential=mypassword

[tomhollander]

@salvesen Are you building a reusable C# library for the new Tesla auth system? I need this too, and will gladly help. It sounds like you've already made progress so it would be a shame for me to start from scratch.

[tomhollander]

Actually @bassmaster187 I see you already have working code... well done! I didn't see a licence in your repo... Is it ok to reuse your auth code?

[bassmaster187]

You can use it. It would be nice, if you mention me.
MFA also working with my code.

[tomhollander]

Awesome, thanks. Will definitely acknowledge you if I get something working.

[tomhollander]

OK, here's my first attempt at a reusable C# library. Thanks to @bassmaster187 for letting me lift so much of his code. It was very hastily put together so most likely has some issues, but let me know if it's of any use.

https://github.com/tomhollander/TeslaAuth/