KIA USA Support #88
Comments
|
I put the mock responses file at |
|
That should be helpful down the road. Looks like it is missing what header values to pass in to get the responses. Could you try this to get more details on how it works? https://github.com/fuatakgun/kia_uvo/wiki/How-to-reverse-engineer-app-traffic-on-Android-phone |
|
So here's what I've got so far from the web app: POST https://owners.kia.com/apps/services/owners/apiGateway with request body: Returns a body with some data including an array of vehicle objects under When I use That cookie is then sent in subsequent requests to authenticate. |
|
I can see a request to Still TODO:
How similar or dissimilar does this sound to the way it works in CA or EU? I haven't read the existing source code yet; I should probably do that... |
|
ok, so this api is funky. To login, you have to make a POST request, with a JSON body, but set the content type to Anyways, this works, and returns a body and a session cookie. Still working on the subsequent requests. |
|
It may be worth comparing to what the android app does. It looks like this is front ended by aws amazon gateway. If we can crack the key like the Hyundai usa integration I bet it will be easier in the long haul.
It seems like two apis exist. The website and the app.
… On Oct 17, 2021, at 5:49 PM, Matthew Bush ***@***.***> wrote:
ok, so this api is funky.
To login, you have to make a POST request, with a JSON body, but set the content type to application/x-www-form-urlencoded. All other combinations of sending the data I've tried (form data sent with the content type for form data, json with json content type), you don't get a response body, but you still get the session cookie. The one other thing that worked was sending form data with a single key consisting of the url-encoded json body, and no value. Yuck.
Anyways, this works, and returns a body and a session cookie. Still working on the subsequent requests.
import requests
import json
payload = {
"userId": "user",
"password": "PASSWORD",
"userType": "1",
"vin": "",
"action": "authenticateUser"
}
r = requests.post('https://owners.kia.com/apps/services/owners/apiGateway', data=json.dumps(payload), headers={'Content-Type': 'application/x-www-form-urlencoded'})
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
|
I'll get started on spying on the app, then. It's been a long time since I've dealt with intercepting SSL traffic, so I'm not sure how long it'll take me. I did see a couple properties in the manifest file that looked like they could be flipped to allow insecure requests/easy debugging, so maybe I'll try that first. Why do you say you think this is "front ended by aws amazon gateway"? I definitely got the impression that this was not using some of the aws-managed products like Api Gateway or Cognito, simply because it uses a funky non-standard auth mechanism, and the aws-managed products generally do a pretty good job of conforming to standards. I also didn't see any aws-like response headers. |
|
You're right. The app uses a completely different api that is going to be far easier to use. I spent entirely too long fumbling around with various methods until I found HTTP Toolkit, which basically takes care of everything when I run it with an android emulator. The endpoints look like this: The authUser endpoint returns a session id in the They also have many custom headers, plus the date, were required; if I omitted them the request returned an error response saying "missing required headers". Details are in #90 |
|
I have merged this to the main branch. If others want to test please give it a try. At this point it looks to just get the basic data at this point. |
|
I loaded the latest version to test this. I have a Kia Niro EV in USA. I am getting this error in the log
|
|
@mbbush this something you could look at? I assume it's still working for you for basic data? |
|
Yes, I'll take a look. Thanks for including the stacktrace.
…On Wed, Oct 27, 2021, 8:23 PM cdnninja ***@***.***> wrote:
@mbbush <https://github.com/mbbush> this something you could look at? I
assume it's still working for you for basic data?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#88 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAH2UAPN6AJFRSKAWO35VU3UJC643ANCNFSM5GEGBXRA>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
|
|
I seem to get past login, but then I see the same as above.
_ |
|
@mbbush have you had a chance to look at this? |
|
No, not yet. I've been busy with other things. If someone else wants to
look they are welcome to do so.
…On Thu, Nov 4, 2021 at 12:12 PM cdnninja ***@***.***> wrote:
@mbbush <https://github.com/mbbush> have you had a chance to look at this?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#88 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAH2UAJXCJODMU2S5BT6U53UKLSL3ANCNFSM5GEGBXRA>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
|
|
Commits have been done to get this closer to functional. Please provide feedback and future PRs. Thanks to everyone involved getting it this far. |
|
I put in PRs for what I think is everything populating except temperature, which I'm working on but will take me a few days (first F in code base of C) |
|
Huge thank you @dahlb this has really pushed the USA Kia support forward. Great to see! |
|
@mbbush I don't know how to get the Uvo USA apk, but from the previous comments I'm guessing you found it. Can you point me to where you got it or throw your copy up somewhere for me to grab which would be even better as I assume it was already modified by apk-mitm |
|
Since I'm in the USA, I just downloaded it from google play and then used ADB to pull it off the phone. I remember that I tried several different tools and really struggled with them, before finding the one I mentioned in a comment above, which made it really easy. I don't remember whether I needed some of the partial work I'd done with the other tools to work with the good one. The apk itself is also packaged in several layers. There are actually four apks, each containing different components, but it looks like the most relevant parts are in the base.apk It looks like I have several versions, some of which are for x86 (to use on the emulator) and some of which are for arm. Some are quite possibly patched by something, some are zipped, some are extracted. It's a mess. But I'm happy to share the mess with you! https://mega.nz/file/TR5ERATL#oIPtw-89kWz0ZoYTPE0WN5F9YJammdOd4OJbffHhPKg |
|
@mbbush thanks base.apk worked great and helped me finish force update hoping to populate these methods next one at a time |
|
Thanks for the work on this so far. My setup is working pretty good now. One thing I noticed was every time there is an update all the sensors switch to Unavailable for about 4 seconds. Is this a known issue? If not I will add some logs. |
|
I haven't played with it enough to notice that. I know the auth sessions
need better error handling, ie if I log in on my phone then use the HA, HA
has an invalid session and doesn't recover without restarting or waiting an
hour. But I'm focusing on some of the service actions next and will
revisit the auth issues after that.
…On Wed, Nov 10, 2021 at 8:46 PM Jim ***@***.***> wrote:
Thanks for the work on this so far. My setup is working pretty good now.
One thing I noticed was every time there is an update all the sensors
switch to Unavailable for about 4 seconds. Is this a known issue? If not I
will add some logs.
[image: image]
<https://user-images.githubusercontent.com/16777301/141222158-11376f22-e253-479a-a084-82ca9e55b531.png>
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#88 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAANGZJUI5MGHDKIHSHRXI3ULMOA3ANCNFSM5GEGBXRA>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
|
|
Thanks for all the work on this... What I am seeing:
|
|
|
added the other actions in a pr, has every other action; once I figured out the offset being -5.0 instead of -5 was the problem for a while the rest was very fast still want to fix
|
|
@cdnninja I think this is fully implemented now, unless I missed something? |
To continue the conversation on #80 specific for Kia. @mbbush.
The text was updated successfully, but these errors were encountered: