Refreshing an access token using sso refresh token (Not working?) #503
Comments
|
I did see #431 but that was with regards to auth token and the recaptcha at that stage.
|
|
I have noticed in the past that an access/refresh tokens pair inked to an
account cannot be used by several apps : each refresh procedure invalidated
all the other access and (more certainly) refresh tokens.
The only solution I have then found (and still using) is to use several
accounts (one per application). This works for more than 2 years now. But
it limits the number of applications to the maximum number of accounts
linked to a car.
Le sam. 25 déc. 2021 à 04:38, TeslaOwner.tips ***@***.***> a
écrit :
… I did see #431 <#431> but that
was with regards to auth token and the recaptcha at that stage.
—
Reply to this email directly, view it on GitHub
<#503 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ADUNWNIZUJY3VHZW3Q634TDUSU4CBANCNFSM5KXMB5IA>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
|
What? No, just create a brand new token, using the same credentials. Each set of token/refresh token will live independently. |
|
Would it not be a security risk if mutliple refresh token were allowed to exist? I guess changing the account password would solve that. |
|
I generated a new SSO Refresh Token using my wife's account. Same error. |
|
Can I hit any of the apis listed here https://tesla-api.timdorr.com/miscellaneous/endpoints with the refresh_token and the access_token from the app - https://apps.apple.com/us/app/auth-app-for-tesla/id1552058613? if Yes can someone PLEASE provide me the curl command as the above website doesn't explain what the request params/ how to pass the auth token while hitting the vehicle apis. Any help is really appreciated. Thanks in advance. |
|
@nickjava create a separate issue. Never hijack a thread on github. Don’t add to it by responding. Just do it and don’t add anything irrelevant to this thread even if it is an apology. |
|
Same issue here accessing per the docs: |
Did you find a solution? Running into the same issue here. |
|
No :( |
|
I didn't, no, sorry
…On Wed, May 11, 2022 at 22:44:39, faekz0r < ***@***.*** > wrote:
>
>
> Same issue here accessing per the docs:
>
> curl -X POST -A "Powerwall" -H 'Content-Type: application/json' -d
> '{"grant_type": "refresh_token", "client_id": "ownerapi", "scope": "openid
> email offline_access", "refresh_token": "my_refresh_token_removed"}' https:/
> / auth. tesla. com/ oauth2/ v3/ token (
> https://auth.tesla.com/oauth2/v3/token )
>
> <HTML><HEAD>
> <TITLE>Access
> Denied</TITLE>
> </HEAD><BODY>
> <H1>Access Denied</H1>
>
> You don't have
> permission to access
> "http://auth.tesla.com/oauth2/v3/token" on
> this server.<P>
> Reference #18.97997a5c.1648392267.175f1465
> </BODY>
> </HTML>
>
Did you find a solution? Running into the same issue here.
—
Reply to this email directly, view it on GitHub (
#503 (comment) ) ,
or unsubscribe (
https://github.com/notifications/unsubscribe-auth/AB7CEDAOIH24VSXJAJHQPOLVJQS4PANCNFSM5KXMB5IA
).
You are receiving this because you commented. Message ID: <timdorr/tesla-api/issues/503/1124322326
@ github. com>
|
https://auth.tesla.com/oauth2/v3/token
The SSO refresh token I'm using is valid based on it being used by two homebridge plugins and TeslaFi.
It was generated using the AuthforTesla ios app.
The error is
I tested what was being received using httpbin running locally in docker.
Note: The key I show below is not an actual key.
Note: NOT the actual key.
The command used was
curl -X POST -H 'Content-Type: application/json' -d "{\"grant_type\": \"refresh_token\", \"client_id\": \"ownerapi\", \"refresh_token\": \"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ilg0RmNua0RCUVBUTnBrZTZiMnNsdgdsgtL29hdXRoMi92MyIsImF1ZCI6Imh0dHBzOi8vYXV0aC50ZXNsYS5jb20vb2F1dGgyL3YzL3Rva2VuIiwiaWF0IjoxNjM1OdfgzdgIjoiMSIsImF1ZCI6Imh0dHBzOi8vb3duZXItYXBpLnRlc2xhbWzdfgzgZWUtOTBhYS02MzUzNWFjMmY2ZDkiLCJzY3AiOlsib3BlbmlkIiwiZW1haWwiLCJvZmZsaW5lX2FjY2VzcyJdLCJhenAiOiJvd25lcmFwaSIsImFtciI6WyJwd2QiXSwiYXV0aF90aW1lIjoxNjM1ODk2ODUwfX0.Q_6IBtXPzRojESWY28mq4tmhzo8q60gHDGn4UnhH32_Pt-2Ejz6d3gCZEQYgokw9D9mbBUEASCdkbUmyRFm3xcvseGigOqPm2diAdu8v4CwRPwtNlRsfWXqawl3M7Sajba8hVwiV2P6Pca_mwNb4U58NXP5VylYnjcOLMwOM2O9dikDxUgH24Zi4UvapDMJq-oIY1p8gD8yLhqVMpw67ckNsq2nGiC3BYL2ZxzVUOzZgQiygjtbNMRuoilFCHMsu4JViLhW_b2Eav3w8V2ZZcu21PvKALzSS0y3g_XFyVu4O1CgQPzxvbzxvTjiWQChU7zdk1eZcTJ-Gy_7g_H7cqPrhy3EG-vhgbqxS_hn_Im1gqR9ln1zuTV_OwPJyZMxvM52_TBmOIGt7aOfKR6kZlzUefbLYCEPcCfqggoX69WUIGQXG1wliaai2bRRfESDcc8OFO03xxOInxQBj6RCA1v-YcN8tO9TDejsSWh6EKk4AUG77iD4A5eNtmcMP-F3vWcwlXYFs3tVtPrCyz3psvmCCFN1KM7Vbgjm9P4in_Yx_hpqm-Ttlluql7bkTjYXt1VT7UUQnGrS6n97de47uXgnXIjrw5WMsLhQq3wOLLjoilBk7GDjao9j2UxtbhI\", \"scope\": \"openid email offline_access\"}" "http://192.168.1.11/post"& replaced URL with "https://auth.tesla.com/oauth2/v3/token"
The text was updated successfully, but these errors were encountered: