carconnectivity-connector-skoda 0.1a1__py3-none-any.whl

carconnectivity_connector_skoda-0.1a1.dist-info/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2021 Till Steinbach
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

carconnectivity_connector_skoda-0.1a1.dist-info/METADATA

@@ -0,0 +1,120 @@
+Metadata-Version: 2.1
+Name: carconnectivity-connector-skoda
+Version: 0.1a1
+Summary: CarConnectivity connector for Skoda services
+Author: Till Steinbach
+License: MIT License
+        
+        Copyright (c) 2021 Till Steinbach
+        
+        Permission is hereby granted, free of charge, to any person obtaining a copy
+        of this software and associated documentation files (the "Software"), to deal
+        in the Software without restriction, including without limitation the rights
+        to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+        copies of the Software, and to permit persons to whom the Software is
+        furnished to do so, subject to the following conditions:
+        
+        The above copyright notice and this permission notice shall be included in all
+        copies or substantial portions of the Software.
+        
+        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+        SOFTWARE.
+        
+Classifier: Development Status :: 3 - Alpha
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Intended Audience :: Developers
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Topic :: Software Development :: Libraries
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: carconnectivity
+
+
+
+# CarConnectivity Connector for Volkswagen Vehicles
+[![GitHub sourcecode](https://img.shields.io/badge/Source-GitHub-green)](https://github.com/tillsteinbach/CarConnectivity-connector-skoda/)
+[![GitHub release (latest by date)](https://img.shields.io/github/v/release/tillsteinbach/CarConnectivity-connector-skoda)](https://github.com/tillsteinbach/CarConnectivity-connector-skoda/releases/latest)
+[![GitHub](https://img.shields.io/github/license/tillsteinbach/CarConnectivity-connector-skoda)](https://github.com/tillsteinbach/CarConnectivity-connector-skoda/blob/master/LICENSE)
+[![GitHub issues](https://img.shields.io/github/issues/tillsteinbach/CarConnectivity-connector-skoda)](https://github.com/tillsteinbach/CarConnectivity-connector-skoda/issues)
+[![PyPI - Downloads](https://img.shields.io/pypi/dm/carconnectivity-connector-skoda?label=PyPI%20Downloads)](https://pypi.org/project/carconnectivity-connector-skoda/)
+[![PyPI - Python Version](https://img.shields.io/pypi/pyversions/carconnectivity-connector-skoda)](https://pypi.org/project/carconnectivity-connector-skoda/)
+[![Donate at PayPal](https://img.shields.io/badge/Donate-PayPal-2997d8)](https://www.paypal.com/donate?hosted_button_id=2BVFF5GJ9SXAJ)
+[![Sponsor at Github](https://img.shields.io/badge/Sponsor-GitHub-28a745)](https://github.com/sponsors/tillsteinbach)
+
+## CarConnectivity will become the successor of [WeConnect-python](https://github.com/tillsteinbach/WeConnect-python) in 2025 with similar functionality but support for other brands beyond Volkswagen!
+
+[CarConnectivity](https://github.com/tillsteinbach/CarConnectivity) is a python API to connect to various car services. This connector enables the integration of skoda vehicles through the WeConnect API. Look at [CarConnectivity](https://github.com/tillsteinbach/CarConnectivity) for other supported brands.
+
+## Configuration
+In your carconnectivity.json configuration add a section for the skoda connector like this:
+```
+{
+    "carConnectivity": {
+        "connectors": [
+            {
+                "type": "skoda",
+                "config": {
+                    "username": "test@test.de",
+                    "password": "testpassword123"
+                }
+            }
+        ]
+    }
+}
+```
+### Credentials
+If you do not want to provide your username or password inside the configuration you have to create a ".netrc" file at the appropriate location (usually this is your home folder):
+```
+# For WeConnect
+machine skoda
+login test@test.de
+password testpassword123
+```
+In this case the configuration needs to look like this:
+```
+{
+    "carConnectivity": {
+        "connectors": [
+            {
+                "type": "skoda",
+                "config": {
+                }
+            }
+        ]
+    }
+}
+```
+
+You can also provide the location of the netrc file in the configuration.
+```
+{
+    "carConnectivity": {
+        "connectors": [
+            {
+                "type": "skoda",
+                "config": {
+                    "netrc": "/some/path/on/your/filesystem"
+                }
+            }
+        ]
+    }
+}
+```
+The optional S-PIN needed for some commands can be provided in the account section of the netrc:
+```
+# For WeConnect
+machine skoda
+login test@test.de
+password testpassword123
+account 1234
+```

carconnectivity_connector_skoda-0.1a1.dist-info/RECORD

@@ -0,0 +1,17 @@
+carconnectivity_connectors/skoda/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+carconnectivity_connectors/skoda/_version.py,sha256=ZWJN-Hz-vyH2zvnF8EJz3K-yUyljRo9TBKr3g0d3oik,408
+carconnectivity_connectors/skoda/capability.py,sha256=JlNEaisVYF8qWv0wNDHTaas36uIpTIQ3NVR69wesiYQ,4513
+carconnectivity_connectors/skoda/connector.py,sha256=QSOPmTuT_G4AQRnPvUZY1ZgcDdp-rz5YAZ1Mfi8jnmc,40597
+carconnectivity_connectors/skoda/vehicle.py,sha256=H3GRDNimMghFwFi--y9BsgoSK3pMibNf_l6SsDN6gvQ,2759
+carconnectivity_connectors/skoda/auth/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+carconnectivity_connectors/skoda/auth/auth_util.py,sha256=dGLUbUre0HBsTg_Ii5vW34f8DLrCykYJYCyzEvUBBEE,4434
+carconnectivity_connectors/skoda/auth/my_skoda_session.py,sha256=UhCHpJqrTPa81Y2eQlWevr8NKRse207cboF7zqyH30w,10205
+carconnectivity_connectors/skoda/auth/openid_session.py,sha256=U4LucKWNDZtPtWfiKV7mdSI4y_s5lTNzt6QZT_lZka4,15886
+carconnectivity_connectors/skoda/auth/session_manager.py,sha256=Kk2QoN7IeqBhkWlvIX_1SKMZuFn9VXwtEO2Yxj2uDaA,2807
+carconnectivity_connectors/skoda/auth/skoda_web_session.py,sha256=cjzMkzx473Sh-4RgZAQULeRRcxB1MboddldCVM_y5LE,10640
+carconnectivity_connectors/skoda/auth/helpers/blacklist_retry.py,sha256=f3wsiY5bpHDBxp7Va1Mv9nKJ4u3qnCHZZmDu78_AhMk,1251
+carconnectivity_connector_skoda-0.1a1.dist-info/LICENSE,sha256=PIwI1alwDyOfvEQHdGCm2u9uf_mGE8030xZDfun0xTo,1071
+carconnectivity_connector_skoda-0.1a1.dist-info/METADATA,sha256=Z7SBwmeigu7X-FlomG5L3wpypFnRB_W10LxhvasNqsc,5237
+carconnectivity_connector_skoda-0.1a1.dist-info/WHEEL,sha256=PZUExdf71Ui_so67QXpySuHtCi3-J3wvF4ORK6k_S8U,91
+carconnectivity_connector_skoda-0.1a1.dist-info/top_level.txt,sha256=KqA8GviZsDH4PtmnwSQsz0HB_w-TWkeEHLIRNo5dTaI,27
+carconnectivity_connector_skoda-0.1a1.dist-info/RECORD,,

carconnectivity_connector_skoda-0.1a1.dist-info/WHEEL

@@ -0,0 +1,5 @@
+Wheel-Version: 1.0
+Generator: setuptools (75.6.0)
+Root-Is-Purelib: true
+Tag: py3-none-any
+

carconnectivity_connector_skoda-0.1a1.dist-info/top_level.txt

@@ -0,0 +1 @@
+carconnectivity_connectors

carconnectivity_connectors/skoda/_version.py

@@ -0,0 +1,16 @@
+# file generated by setuptools_scm
+# don't change, don't track in version control
+TYPE_CHECKING = False
+if TYPE_CHECKING:
+    from typing import Tuple, Union
+    VERSION_TUPLE = Tuple[Union[int, str], ...]
+else:
+    VERSION_TUPLE = object
+
+version: str
+__version__: str
+__version_tuple__: VERSION_TUPLE
+version_tuple: VERSION_TUPLE
+
+__version__ = version = '0.1a1'
+__version_tuple__ = version_tuple = (0, 1)

carconnectivity_connectors/skoda/auth/auth_util.py

@@ -0,0 +1,141 @@
+
+"""
+This module provides utility functions and classes for handling authentication and parsing HTML forms
+and scripts for the Volkswagen car connectivity connector.
+"""
+from __future__ import annotations
+from typing import TYPE_CHECKING
+
+import json
+import re
+from html.parser import HTMLParser
+
+if TYPE_CHECKING:
+    from typing import Optional, Dict
+
+
+def add_bearer_auth_header(token, headers: Optional[Dict[str, str]] = None) -> Dict[str, str]:
+    """
+    Adds a Bearer token to the Authorization header.
+
+    Args:
+        token (str): The Bearer token to be added to the headers.
+        headers (Optional[Dict[str, str]]): An optional dictionary of headers to which the Authorization header will be added.
+                                            If not provided, a new dictionary will be created.
+
+    Returns:
+        Dict[str, str]: The headers dictionary with the added Authorization header.
+    """
+    headers = headers or {}
+    headers['Authorization'] = f'Bearer {token}'
+    return headers
+
+
+class HTMLFormParser(HTMLParser):
+    """
+    A custom HTML parser to extract form data from HTML content.
+    """
+    def __init__(self, form_id) -> None:
+        super().__init__()
+        self._form_id = form_id
+        self._inside_form: bool = False
+        self.target = None
+        self.data = {}
+
+    def _get_attr(self, attrs, name):
+        for attr in attrs:
+            if attr[0] == name:
+                return attr[1]
+        return None
+
+    def handle_starttag(self, tag, attrs) -> None:
+        if self._inside_form and tag == 'input':
+            self.handle_input(attrs)
+            return
+
+        if tag == 'form' and self._get_attr(attrs, 'id') == self._form_id:
+            self._inside_form = True
+            self.target = self._get_attr(attrs, 'action')
+
+    def handle_endtag(self, tag) -> None:
+        if tag == 'form' and self._inside_form:
+            self._inside_form = False
+
+    def handle_input(self, attrs) -> None:
+        if not self._inside_form:
+            return
+
+        name = self._get_attr(attrs, 'name')
+        value = self._get_attr(attrs, 'value')
+
+        if name:
+            self.data[name] = value
+
+
+class ScriptFormParser(HTMLParser):
+    fields: list[str] = []
+    targetField: str = ''
+
+    def __init__(self):
+        super().__init__()
+        self._inside_script = False
+        self.data = {}
+        self.target = None
+
+    def handle_starttag(self, tag, attrs) -> None:
+        if not self._inside_script and tag == 'script':
+            self._inside_script = True
+
+    def handle_endtag(self, tag) -> None:
+        if self._inside_script and tag == 'script':
+            self._inside_script = False
+
+    def handle_data(self, data) -> None:
+        if not self._inside_script:
+            return
+
+        match: re.Match[str] | None = re.search(r'templateModel: (.*?),\n', data)
+        if not match:
+            return
+
+        result = json.loads(match.group(1))
+        self.target = result.get(self.targetField, None)
+        self.data = {k: v for k, v in result.items() if k in self.fields}
+
+        match2 = re.search(r'csrf_token: \'(.*?)\'', data)
+        if match2:
+            self.data['_csrf'] = match2.group(1)
+
+
+class CredentialsFormParser(ScriptFormParser):
+    fields: list[str] = ['relayState', 'hmac', 'registerCredentialsPath', 'error', 'errorCode']
+    targetField: str = 'postAction'
+
+
+class TermsAndConditionsFormParser(ScriptFormParser):
+    fields: list[str] = ['relayState', 'hmac', 'countryOfResidence', 'legalDocuments']
+    targetField: str = 'loginUrl'
+
+    def handle_data(self, data) -> None:
+        if not self._inside_script:
+            return
+
+        super().handle_data(data)
+
+        if 'countryOfResidence' in self.data:
+            self.data['countryOfResidence'] = self.data['countryOfResidence'].upper()
+
+        if 'legalDocuments' not in self.data:
+            return
+
+        for key in self.data['legalDocuments'][0]:
+            # Skip unnecessary keys
+            if key in ('skipLink', 'declineLink', 'majorVersion', 'minorVersion', 'changeSummary'):
+                continue
+
+            # Move values under a new key while converting boolean values to 'yes' or 'no'
+            v = self.data['legalDocuments'][0][key]
+            self.data[f'legalDocuments[0].{key}'] = ('yes' if v else 'no') if isinstance(v, bool) else v
+
+        # Remove the original object
+        del self.data['legalDocuments']

carconnectivity_connectors/skoda/auth/helpers/blacklist_retry.py

@@ -0,0 +1,29 @@
+"""Implements a custom Retry class that allows for blacklisting certain status codes that will not retry."""
+from urllib3.util.retry import Retry
+
+
+class BlacklistRetry(Retry):
+    """
+    BlacklistRetry class extends the Retry class to include a blacklist of status codes that should not be retried.
+    """
+    def __init__(self, status_blacklist=None, **kwargs) -> None:
+        self.status_blacklist = status_blacklist
+        super().__init__(**kwargs)
+
+    def is_retry(self, method, status_code, has_retry_after=False) -> bool:
+        """
+        Determines if a request should be retried based on the HTTP method, status code,
+        and the presence of a 'Retry-After' header.
+
+        Args:
+            method (str): The HTTP method of the request (e.g., 'GET', 'POST').
+            status_code (int): The HTTP status code of the response.
+            has_retry_after (bool): Indicates if the response contains a 'Retry-After' header.
+
+        Returns:
+            bool: True if the request should be retried, False otherwise.
+        """
+        if self.status_blacklist is not None and status_code in self.status_blacklist:
+            return False
+        else:
+            return super().is_retry(method, status_code, has_retry_after)

carconnectivity_connectors/skoda/auth/my_skoda_session.py

@@ -0,0 +1,217 @@
+"""
+Module implements the WeConnect Session handling.
+"""
+from __future__ import annotations
+from typing import TYPE_CHECKING
+
+import json
+import logging
+import base64
+import hashlib
+import random
+import string
+
+from urllib.parse import parse_qsl, urlparse
+
+import requests
+from requests.models import CaseInsensitiveDict
+
+from oauthlib.common import add_params_to_uri, generate_nonce, to_unicode
+from oauthlib.oauth2 import InsecureTransportError
+from oauthlib.oauth2 import is_secure_transport
+
+from carconnectivity.errors import AuthenticationError, RetrievalError, TemporaryAuthenticationError
+
+from carconnectivity_connectors.skoda.auth.openid_session import AccessType
+from carconnectivity_connectors.skoda.auth.skoda_web_session import SkodaWebSession
+
+if TYPE_CHECKING:
+    from typing import Tuple, Dict
+
+
+LOG: logging.Logger = logging.getLogger("carconnectivity-connector-skoda")
+
+
+class MySkodaSession(SkodaWebSession):
+    """
+    MySkodaSession class handles the authentication and session management for Volkswagen's WeConnect service.
+    """
+    def __init__(self, session_user, **kwargs) -> None:
+        super(MySkodaSession, self).__init__(client_id='7f045eee-7003-4379-9968-9355ed2adb06@apps_vw-dilab_com',
+                                             refresh_url='https://tokenrefreshservice.apps.emea.vwapps.io/refreshTokens',
+                                             scope='address badge birthdate cars driversLicense dealers email mileage mbb nationalIdentifier openid phone profession profile vin',
+                                             redirect_uri='myskoda://redirect/login/',
+                                             session_user=session_user,
+                                             **kwargs)
+
+        self.headers = CaseInsensitiveDict({
+            'user-agent': 'Mozilla/5.0 (Linux; Android 10) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 '
+                          'Chrome/74.0.3729.185 Mobile Safari/537.36',
+            'accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,'
+                      'application/signed-exchange;v=b3',
+            'accept-language': 'en-US,en;q=0.9',
+            'accept-encoding': 'gzip, deflate',
+            'x-requested-with': 'cz.skodaauto.connect',
+            'upgrade-insecure-requests': '1',
+        })
+
+    def login(self):
+        super(MySkodaSession, self).login()
+
+        verifier = "".join(random.choices(string.ascii_uppercase + string.digits, k=16))
+        verifier_hash = hashlib.sha256(verifier.encode("utf-8")).digest()
+        code_challenge = base64.b64encode(verifier_hash).decode("utf-8").replace("+", "-").replace("/", "_").rstrip("=")
+        # retrieve authorization URL
+        authorization_url = self.authorization_url(url='https://identity.vwgroup.io/oidc/v1/authorize', prompt='login', code_challenge=code_challenge,
+                                                   code_challenge_method='s256')
+        # perform web authentication
+        response = self.do_web_auth(authorization_url)
+        # fetch tokens from web authentication response
+        self.fetch_tokens('https://mysmob.api.connect.skoda-auto.cz/api/v1/authentication/exchange-authorization-code?tokenType=CONNECT',
+                          authorization_response=response, verifier=verifier)
+
+    def refresh(self) -> None:
+        # refresh tokens from refresh endpoint
+        self.refresh_tokens(
+            'https://emea.bff.cariad.digital/user-login/refresh/v1',
+        )
+
+    def fetch_tokens(
+        self,
+        token_url,
+        authorization_response,
+        verifier,
+        **_
+    ):
+        """
+        Fetches tokens using the given token URL using the tokens from authorization response.
+
+        Args:
+            token_url (str): The URL to request the tokens from.
+            authorization_response (str, optional): The authorization response containing the tokens. Defaults to None.
+            **_ : Additional keyword arguments.
+
+        Returns:
+            dict: A dictionary containing the fetched tokens if successful.
+            None: If the tokens could not be fetched.
+
+        Raises:
+            TemporaryAuthenticationError: If the token request fails due to a temporary WeConnect failure.
+        """
+        # take token from authorization response (those are stored in self.token now!)
+        self.parse_from_fragment(authorization_response)
+        
+        if self.token is not None and all(key in self.token for key in ('code', 'id_token')):
+            # Generate json body for token request
+            body: str = json.dumps(
+                {
+                    'redirectUri': 'myskoda://redirect/login/',
+                    'code': self.token['code'],
+                    'verifier': verifier
+                })
+
+            request_headers: CaseInsensitiveDict = self.headers  # pyright: ignore reportAssignmentType
+            request_headers['accept'] = 'application/json'
+            request_headers['content-type'] = 'application/json'
+
+            # request tokens from token_url
+            token_response = self.post(token_url, headers=request_headers, data=body, allow_redirects=False,
+                                            access_type=AccessType.NONE)  # pyright: ignore reportCallIssue
+            if token_response.status_code != requests.codes['ok']:
+                raise TemporaryAuthenticationError(f'Token could not be fetched due to temporary WeConnect failure: {token_response.status_code}')
+            # parse token from response body
+            token = self.parse_from_body(token_response.text)
+            return token
+        return None
+
+    def parse_from_body(self, token_response, state=None):
+        """
+            Fix strange token naming before parsing it with OAuthlib.
+        """
+        try:
+            # Tokens are in body of response in json format
+            token = json.loads(token_response)
+        except json.decoder.JSONDecodeError as err:
+            raise TemporaryAuthenticationError('Token could not be refreshed due to temporary WeConnect failure: json could not be decoded') from err
+        # Fix token keys, we want access_token instead of accessToken
+        if 'accessToken' in token:
+            token['access_token'] = token.pop('accessToken')
+        # Fix token keys, we want id_token instead of idToken
+        if 'idToken' in token:
+            token['id_token'] = token.pop('idToken')
+        # Fix token keys, we want refresh_token instead of refreshToken
+        if 'refreshToken' in token:
+            token['refresh_token'] = token.pop('refreshToken')
+        # generate json from fixed dict
+        fixed_token_response = to_unicode(json.dumps(token)).encode("utf-8")
+        # Let OAuthlib parse the token
+        return super(MySkodaSession, self).parse_from_body(token_response=fixed_token_response)
+
+    def refresh_tokens(
+        self,
+        token_url,
+        refresh_token=None,
+        auth=None,
+        timeout=None,
+        headers=None,
+        verify=True,
+        proxies=None,
+        **_
+    ):
+        """
+        Refreshes the authentication tokens using the provided refresh token.
+        Args:
+            token_url (str): The URL to request new tokens from.
+            refresh_token (str, optional): The refresh token to use. Defaults to None.
+            auth (tuple, optional): Authentication credentials. Defaults to None.
+            timeout (float or tuple, optional): How long to wait for the server to send data before giving up. Defaults to None.
+            headers (dict, optional): Headers to include in the request. Defaults to None.
+            verify (bool, optional): Whether to verify the server's TLS certificate. Defaults to True.
+            proxies (dict, optional): Proxies to use for the request. Defaults to None.
+            **_ (dict): Additional arguments.
+        Raises:
+            ValueError: If no token endpoint is set for auto_refresh.
+            InsecureTransportError: If the token URL is not secure.
+            AuthenticationError: If the server requests new authorization.
+            TemporaryAuthenticationError: If the token could not be refreshed due to a temporary server failure.
+            RetrievalError: If the status code from the server is not recognized.
+        Returns:
+            dict: The new tokens.
+        """
+        LOG.info('Refreshing tokens')
+        if not token_url:
+            raise ValueError("No token endpoint set for auto_refresh.")
+
+        if not is_secure_transport(token_url):
+            raise InsecureTransportError()
+
+        # Store old refresh token in case no new one is given
+        refresh_token = refresh_token or self.refresh_token
+
+        if headers is None:
+            headers = self.headers
+
+        # Request new tokens using the refresh token
+        token_response = self.get(
+            token_url,
+            auth=auth,
+            timeout=timeout,
+            headers=headers,
+            verify=verify,
+            withhold_token=False,  # pyright: ignore reportCallIssue
+            proxies=proxies,
+            access_type=AccessType.REFRESH  # pyright: ignore reportCallIssue
+        )
+        if token_response.status_code == requests.codes['unauthorized']:
+            raise AuthenticationError('Refreshing tokens failed: Server requests new authorization')
+        elif token_response.status_code in (requests.codes['internal_server_error'], requests.codes['service_unavailable'], requests.codes['gateway_timeout']):
+            raise TemporaryAuthenticationError('Token could not be refreshed due to temporary WeConnect failure: {tokenResponse.status_code}')
+        elif token_response.status_code == requests.codes['ok']:
+            # parse new tokens from response
+            self.parse_from_body(token_response.text)
+            if self.token is not None and "refresh_token" not in self.token:
+                LOG.debug("No new refresh token given. Re-using old.")
+                self.token["refresh_token"] = refresh_token
+            return self.token
+        else:
+            raise RetrievalError(f'Status Code from WeConnect while refreshing tokens was: {token_response.status_code}')