weconnect 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: b46aa0f0215101e02ed972ad36c7a1a9a67fb08d67944d8c080b3eb10b85c2c4
+  data.tar.gz: 48e88d187dea1793ba0fe3293acb83c02ad614ac32c890da085fa8b9948f3ef0
+SHA512:
+  metadata.gz: 257b77464932e392d531d71f1786a63e612fe92b056d999d814b81f06389abc7c4c9c0bbb9f0a6426c8a95d6df87f8df42732748ccffe683c39a91c4c10bc734
+  data.tar.gz: 75d62c8d770ce7f0655e36e996bdbdbac2c204d04a2a412694fc987921c45ce470ae1951e64376340636c2987ce64e535d8951ec0f9d76a42677cbf5e5f84a72

data/.gitignore

@@ -0,0 +1,45 @@
+*.gem
+*.rbc
+/.config
+/coverage/
+/InstalledFiles
+/pkg/
+/spec/reports/
+/spec/examples.txt
+/test/tmp/
+/test/version_tmp/
+/tmp/
+/data/
+*.log
+*.txt
+*.json
+*.yml
+.DS_Store
+
+# Used by dotenv library to load environment variables.
+.env
+
+
+## Documentation cache and generated files:
+/.yardoc/
+/_yardoc/
+/doc/
+/rdoc/
+
+## Environment normalization:
+/.bundle/
+/vendor/bundle
+/lib/bundler/man/
+
+# for a library or gem, you might want to ignore these files since the code is
+# intended to run in multiple environments; otherwise, check them in:
+# Gemfile.lock
+# .ruby-version
+# .ruby-gemset
+
+# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
+.rvmrc
+
+# Used by RuboCop. Remote config files pulled in from inherit_from directive.
+# .rubocop-https?--*
+Gemfile.lock

data/CHANGELOG.md

@@ -0,0 +1,4 @@
+## [Unreleased]
+
+## [0.1.0] - 2024-02-25
+- Initial release

data/Gemfile

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in hudu.gemspec
+gemspec

data/Rakefile

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+require 'bundler/gem_tasks'
+require 'dotenv'
+require 'rake/testtask'
+
+Dotenv.load
+
+#system './bin/cc-test-reporter before-build'
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'test'
+  t.libs << 'lib'
+  t.test_files = FileList['test/**/*_test.rb']
+end
+
+require 'rubocop/rake_task'
+RuboCop::RakeTask.new
+task default: %i[test rubocop]
+#system './bin/cc-test-reporter after-build'

data/lib/weconnect/api.rb

@@ -0,0 +1,36 @@
+require "wrapi"
+require File.expand_path('connection', __dir__)
+require File.expand_path('request', __dir__)
+require File.expand_path('authorization', __dir__)
+
+module WeConnect
+  # @private
+  class API
+
+    # @private
+    attr_accessor *WrAPI::Configuration::VALID_OPTIONS_KEYS
+
+    # Creates a new API and copies settings from singleton
+    def initialize(options = {})
+      options = WeConnect.options.merge(options)
+      WrAPI::Configuration::VALID_OPTIONS_KEYS.each do |key|
+        send("#{key}=", options[key])
+      end
+    end
+
+    def config
+      conf = {}
+      WrAPI::Configuration::VALID_OPTIONS_KEYS.each do |key|
+        conf[key] = send key
+      end
+      conf
+    end
+
+    include WrAPI::Connection
+    include Connection
+    include WrAPI::Request
+    include WrAPI::Authentication
+    include Authentication
+
+  end
+end

data/lib/weconnect/authorization.rb

@@ -0,0 +1,232 @@
+require 'uri'
+require 'yaml'
+require 'nokogiri'
+require File.expand_path('error', __dir__)
+
+module WeConnect
+  # Deals with authentication flow and stores it within global configuration
+  module Authentication
+    TOKENS = %w(state id_token access_token code)
+    TOKEN_URL   = 'https://emea.bff.cariad.digital/user-login/login/v1'.freeze
+    REFRESH_URL = 'https://emea.bff.cariad.digital/user-login/refresh/v1'.freeze
+
+    # Authorize to the WeConnect portal
+    def login(options = {})
+      raise ConfigurationError, "username/password not set" unless username && password
+      # only bearer token needed
+      car = CarConnectInfo.new
+
+      @tokens = WebLogin.new(self,car).login
+      api_process_token(@tokens)
+      reauth_connection(self.access_token)
+      self.access_token
+    end
+    def auth_tokens
+      @tokens
+    end
+    def api_process_token(tokens)
+      self.access_token  = tokens['access_token']
+      self.token_type    = tokens['token_type']
+      self.refresh_token = tokens['refresh_token']
+      self.token_expires = tokens['expires_at'] if tokens['expires_at']
+    end
+
+    def refresh_token
+      raise Error.new 'not implemented'
+    end
+
+#  private
+    class CarConnectInfo
+    attr_reader :type, :country, :xrequest, :xclient_id, :client_id, :scope, :response_type, :redirect, :refresh_url
+    	def initialize
+    		@type = "Id";
+    		@country = "DE";
+    		@xrequest = "com.volkswagen.weconnect";
+    		@xclientId = "";
+        @client_id = "a24fba63-34b3-4d43-b181-942111e6bda8@apps_vw-dilab_com";
+
+    		@scope = "openid profile badge cars dealers vin";
+    		@response_type = "code id_token token";
+        @redirect = "weconnect://authenticated";
+        @refresh_url='https://identity.vwgroup.io/oidc/v1/token'
+    	end
+    end
+    class WebLogin
+      def initialize(connection,car_info)
+        @connection = connection
+        @car_info = car_info
+      end
+      def login
+        @connection.format = 'x-www-form-urlencoded'
+        page = login_page_step
+        form = PasswordFormParser.new(page.body)
+        page = email_page_step(form)
+        idk = IDKParser.new(page.body)
+        page = password_page_step(idk)
+
+        raise IncompatibleAPIError.new( "#{@car_info.redirect} redirect not found" )
+      rescue WeconnectAuthenticated => authenticated
+        # weconnect://authenticatied#... extpected
+
+        @tokens = query_parameters(URI.parse(authenticated.redirect).fragment)
+        # fetch final tokens from login
+        @tokens = fetch_tokens(@tokens)
+      end
+    private
+      def login_page_step
+        params = {
+          nonce: nonce(),
+          redirect_uri: @car_info.redirect
+        }
+        r = @connection.get('https://emea.bff.cariad.digital/user-login/v1/authorize',params,true)
+        @login_url = r.env.url
+        r
+      end
+
+      def email_page_step(form)
+        fields = form.fields
+        fields['email'] = @connection.username
+        # update to login form
+        @login_url = URI.join(@login_url, form.action)
+        r = @connection.post(@login_url.to_s,fields,true) do |request|
+              request.headers=request.headers.merge({
+                'x-requested-with': @car_info.xrequest,
+                'upgrade-insecure-requests': "1"
+              })
+        end
+      end
+      def password_page_step(idk)
+        params = {
+          :email => @connection.username,
+          :password => @connection.password,
+          idk.idk['csrf_parameterName'] => idk.idk['csrf_token'],
+          :hmac => idk.template_model['hmac'],
+          'relayState' => idk.template_model['relayState']
+        }
+
+        rpw = @connection.post(idk.post_action_uri(@login_url),params,true) do |request|
+              request.headers=request.headers.merge({
+                'x-requested-with': @car_info.xrequest,
+                'upgrade-insecure-requests': "1"
+              })
+        end
+        # should not come here, exception raised by auth redirect
+        if rpw.env.url.query['login.error']
+          params  = query_parameters(rpw.env.url.query)
+          description = {
+            'login.errors.password_invalid': 'Password is invalid',
+            'login.error.throttled': 'Login throttled, probably too many wrong logins. You have to wait some minutes until a new login attempt is possible'
+          }
+          error = params['error']
+          error = description[error] if description[error]
+          raise AuthenticationError.new( "Login error #{error}" )
+        end
+      end
+
+      def fetch_tokens(tokens)
+        # check if all keys exist
+        if TOKENS.all? { |s| tokens.key? s }
+          params = {
+            'state': tokens['state'],
+            'id_token': tokens['id_token'],
+            'redirect_uri': @car_info.redirect,
+            'region': 'emea',
+            'access_token': tokens['access_token'],
+            'authorizationCode': tokens['code'],
+          }
+
+          @connection.format = :json
+          @connection.reauth_connection(tokens['id_token'])
+          # complete set tokens
+          token_response = @connection.post(TOKEN_URL, params)
+          # translate token names to _token suffix
+          token_response = translate_tokens(token_response.body, %w(accessToken idToken refreshToken))
+          token_response = parse_token_response(token_response)
+          token_response
+        else
+          raise IncompatibleAPIError.new( 'Expected tokens: #{TOKENS}, but found: #{tokens}' )
+        end
+      end
+
+      def translate_tokens(tokens, keys)
+        keys.each do |name|
+          if tokens[name]
+            tokens[name.gsub('Token', '_token')] = tokens.delete(name)
+          end
+        end
+        tokens
+      end
+      # oauthlib/oauth2/rfc6749/parameters.py
+      def parse_token_response(tokens)
+puts "\n\nEXPIRE #{tokens['expires_in']}\n\n"
+        tokens['expires_at'] = Time.new() + tokens['expires_in'] if tokens['expires_in']
+        # validate
+        raise AuthenticationError.new(tokens['error']) if tokens['error']
+        #raise AuthenticationError.new('Missing access token error') if tokens['access_token']
+
+        tokens
+      end
+
+      def query_parameters(query_fragment)
+        parameters = query_fragment.split('&').inject({}) do |result,param|
+          k,v = param.split('=');
+          result.merge({k => v })
+        end
+      end
+
+      def nonce
+       rand(10 ** 30).to_s.rjust(30,'0')
+      end
+
+    end
+
+    class PasswordFormParser
+      attr_reader :action, :method, :fields
+      def initialize(html)
+        doc = Nokogiri::HTML( html )
+        # 1 loginform username
+        form = doc/'form[name="emailPasswordForm"]'
+        if form
+          @action = form.attribute('action').to_s
+          @method = form.attribute('method').to_s
+          # get hidden fields
+
+          @fields = {}
+          (form/'input').each do |input|
+            @fields[input.attribute('name').to_s] = input.attribute('value').to_s
+          end
+        else
+          raise IncompatibleAPIError.new( 'emailPasswordForm not found' )
+        end
+      end
+    end
+
+    class IDKParser
+      attr_reader :idk, :template_model, :post_action, :identifier, :error
+      def initialize(html)
+        doc = Nokogiri::HTML( html )
+        # get script with IDK
+        scripts = doc./'script:contains("_IDK")'
+        # extract json part by greedy match till last '}'
+        m = scripts.text.gsub("\n",'').gsub(/([\w]+):/, '"\1":').match('({.*})')
+        @idk = {}
+        if m.size > 1
+          # load with yam due to single quotes
+          @idk = YAML.load(m[1])
+          raise IncompatibleAPIError.new( "_IDK.templateModel not found #{@idk}" ) unless @idk['templateModel']
+        else
+          raise IncompatibleAPIError.new( "_IDK not found" )
+        end
+        # r = self.__get_url(upr.scheme+'://'+upr.netloc+form_url.replace(idk['templateModel']['identifierUrl'],idk['templateModel']['postAction']), post=post)
+        @template_model = @idk['templateModel']
+        @post_action = @template_model['postAction']
+        @identifier = @template_model['identifierUrl']
+        @error = @template_model['error']
+      end
+
+      def post_action_uri(base_uri)
+        base_uri.to_s.gsub(@identifier,@post_action)
+      end
+    end
+  end
+end

data/lib/weconnect/client.rb

@@ -0,0 +1,60 @@
+require File.expand_path('api', __dir__)
+require File.expand_path('const', __dir__)
+require File.expand_path('error', __dir__)
+
+module WeConnect
+  # Wrapper for the WeConnect REST API
+  #
+  # @see no docs, reversed engineered
+  class Client < API
+    attr_accessor :openid_config
+
+    def initialize(options = {})
+      super(options)
+
+      @openid_config = openid_configuration
+    end
+
+    def vehicles(params={})
+      self.get(vehicle_api,params)
+    end
+    def vehicle_status(vin, jobs=['all'])
+      jobs = jobs.join(',') if jobs.is_a? Array
+      self.get(vehicle_api(vin,"/selectivestatus?jobs=#{jobs}"))
+    end
+
+    def parking(vin)
+      self.get(vehicle_api(vin,'/parkingposition'))
+    end
+
+    def trips(vin,trip_type=TripType::SHORT_TERM,period)
+      sef.get('/vehicle/v1/trips/#{vin}/#{trip_type.downcase}/last',params)
+    end
+
+    def images(vin)
+      self.get("/media/v2/vehicle-images/{self.vin.value}?resolution=2x")
+    end
+
+    def control(vin, operation, value)
+      self.post(vehicle_api(vin,"/#{operation}/#{value}"))
+    end
+    def control_charging(vin, value)
+      if ControlOperation.allowed_values.includes? value
+        control(vin,'charging',value)
+      end
+    end
+  private
+    def openid_configuration
+      get(self.endpoint)
+    end
+
+    PATH = "/vehicle/v1/vehicles".freeze
+    def vehicle_api(vin=nil,path=nil)
+      if vin
+        File.join PATH, vin, path
+       else
+        PATH
+       end
+    end
+  end
+end

data/lib/weconnect/connection.rb

@@ -0,0 +1,55 @@
+require 'faraday'
+require 'faraday/follow_redirects'
+require 'faraday-cookie_jar'
+require File.expand_path('error', __dir__)
+
+module WeConnect
+  class WeconnectAuthenticated < WeConnectError
+    attr_reader :redirect
+    def initialize(location)
+      @redirect = location
+    end
+  end
+  # Create connection including authorization parameters with default Accept format and User-Agent
+  # By default
+  # - Bearer authorization is access_token is not nil override with @setup_authorization
+  # - Headers setup for client-id and client-secret when client_id and client_secret are not nil @setup_headers
+  # @private
+  module Connection
+    class WeConnectMiddleware < Faraday::Middleware
+      def call(env)
+        response = @app.call(env)
+        if location = response['location']
+          raise WeconnectAuthenticated.new(location) if location['weconnect:']
+        end
+        response
+      end
+    end
+    def reauth_connection(token)
+      self.access_token = token
+      setup_authorization(@connection)
+    end
+    private
+    def connection
+      raise ConfigurationError, "Option for endpoint is not defined" unless endpoint
+
+      options = setup_options
+      @connection ||= Faraday::Connection.new(options) do |connection|
+        connection.use Faraday::FollowRedirects::Middleware, limit: 10
+
+        connection.use WeConnectMiddleware
+        connection.use :cookie_jar
+
+        connection.use Faraday::Response::RaiseError
+        connection.adapter Faraday.default_adapter
+        setup_authorization(connection)
+        setup_headers(connection)
+        connection.response :json, content_type: /\bjson$/
+        connection.use Faraday::Request::UrlEncoded
+
+        setup_logger_filtering(connection, logger) if logger
+      end
+    end
+
+  end
+end

data/lib/weconnect/const.rb

@@ -0,0 +1,116 @@
+class String
+  def underscore
+    gsub(/::/, '/').
+    gsub(/([A-Z]+)([A-Z][a-z])/,'\1_\2').
+    gsub(/([a-z\d])([A-Z])/,'\1_\2').
+    tr("-", "_").
+    downcase
+  end
+end
+module WeConnect
+  class Enum
+      def self.enum(array, proc=:to_s)
+        array.each do |c|
+          const_set c.underscore.upcase,c.send(proc)
+        end
+      end
+  end
+  class Role < Enum
+    enum %w[PRIMARY_USER SECONDARY_USER GUEST_USER CDIS_UNKNOWN_USER UNKNOWN]
+  end
+
+  class EnrollmentStatus < Enum
+    enum %w[STARTED NOT_STARTED COMPLETED GDC_MISSING INACTIVE UNKNOWN]
+  end
+  class UserRoleStatus < Enum
+    enum %w[ENABLED DISABLED_HMI DISABLED_SPIN DISABLED_PU_SPIN_RESET CDIS_UNKNOWN_USER UNKNOWN]
+  end
+  class Status
+    UNKNOWN = 0
+
+    DEACTIVATED = 1001
+    INITIALLY_DISABLED = 1003
+    DISABLED_BY_USER = 1004
+    OFFLINE_MODE = 1005
+    WORKSHOP_MODE = 1006
+    MISSING_OPERATION = 1007
+    MISSING_SERVICE = 1008
+    PLAY_PROTECTION = 1009
+    POWER_BUDGET_REACHED = 1010
+    DEEP_SLEEP = 1011
+    LOCATION_DATA_DISABLED = 1013
+
+    LICENSE_INACTIVE = 2001
+    LICENSE_EXPIRED = 2002
+    MISSING_LICENSE = 2003
+
+    USER_NOT_VERIFIED = 3001
+    TERMS_AND_CONDITIONS_NOT_ACCEPTED = 3002
+    INSUFFICIENT_RIGHTS = 3003
+    CONSENT_MISSING = 3004
+    LIMITED_FEATURE = 3005
+    AUTH_APP_CERT_ERROR = 3006
+
+    STATUS_UNSUPPORTED = 4001
+
+    KNOWN_STATUS = self.constants.inject([]){|result,const| result << self.const_get(const)}
+    def self.known_status? status
+      KNOWN_STATUS.include? status
+    end
+  end
+
+  class Badge < Enum
+    enum %w[charging connected cooling heating locked parking unlocked ventilating warning]
+  end
+
+  class DevicePlatform < Enum
+    enum %w[MBB MBB_ODP MBB_OFFLINE WCAR UNKNOWN]
+  end
+
+  class BrandCode
+    N = 'N'
+    V = 'V'
+    UNKNOWN = 'unknown brand code'
+  end
+  class JobDomain < Enum
+    enum %w[
+      access activeVentilation automation auxiliaryHeating
+      userCapabilities charging chargingProfiles batteryChargingCare
+      climatisation climatisationTimers departureTimers
+      fuelStatus vehicleLights lvBattery readiness
+      vehicleHealthInspection vehicleHealthWarnings oilLevel
+      measurements batterySupport
+    ]
+    JOB_DOMAINS = self.constants.inject([]){|result,const| result << self.const_get(const)}
+  end
+  class AllDomains < JobDomain
+    enum %w[
+      all allCapable parking trips
+    ]
+  end
+
+  class TripType < Enum
+    enum %w[shortTerm longTerm cyclic]
+    UNKNOWN = 'unkown trip type'
+  end
+
+  class PlugConnectionState < Enum
+    enum %w[connected disconnected invalid unsupported]
+    UNKNOWN = 'unknown unlock plug state'
+  end
+
+  class PlugLockState < Enum
+    enum %w[locked unlocked invalid unsupported]
+    UNKNOWN = 'unknown unlock plug state'
+  end
+
+  class ExternalPower < Enum
+    enum %w[ready active unavailable invalid unsupported]
+    UNKNOWN = 'unknown external power'
+  end
+
+  class LedColor < Enum
+    enum %w[nune green red]
+    UNKNOWN = 'unknown plug led color'
+  end
+end

data/lib/weconnect/control_operation.rb

@@ -0,0 +1,26 @@
+require File.expand_path('const', __dir__)
+
+module WeConnect
+  module Control
+    # all possible operations
+    class Operation < Enum
+      enum %w[start stop settings lock unlock flash, honkandflash, timers mode profiles unknown]
+    end
+
+    class ControlOperation < Enum
+      enum %w[start stop none settings unknown]
+     
+      def self.allowed_values
+        [START, STOP]
+      end
+    end
+
+    class AccessControlOperation < Enum
+      enum %w[lock unlock none unknown]
+    end
+
+    class HonkAndFlashControlOperation < Enum
+      enum %w[flash honkandflash none unknown]
+    end
+  end
+end

data/lib/weconnect/error.rb

@@ -0,0 +1,15 @@
+module WeConnect
+
+  # Generic error to be able to rescue all WeConnect errors
+  class WeConnectError < StandardError; end
+
+  # configuration returns error
+  class IncompatibleAPIError < WeConnectError; end
+
+  # configuration returns error
+  class ConfigurationError < WeConnectError; end
+
+  # Issue authenticting
+  class AuthenticationError < WeConnectError; end
+
+end

data/lib/weconnect/pagination.rb

@@ -0,0 +1,22 @@
+require 'uri'
+require 'json'
+
+module WeConnect
+  # Defines HTTP request methods
+  # required attributes format
+  module RequestPagination
+
+    # Defaut pages assumes all data retrieved in a single go.
+    class DefaultPager < WrAPI::RequestPagination::DefaultPager
+
+      def self.data(body)
+        if body['data']
+          body['data']
+        else
+          body
+        end
+      end
+    end
+
+  end
+end

data/lib/weconnect/request.rb

@@ -0,0 +1,8 @@
+require 'faraday'
+
+module WeConnect
+  # Deals with requests
+  module Request
+
+  end
+end

data/lib/weconnect/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module WeConnect
+  VERSION = '0.1.0'
+end