For Tesla Drivers here

Hi, if there are any Tesla Drivers here .... some piece of code to access your car ... read data, with a bitb few more code the logfiles and errors, and honk the horn .... this is the result of a lazy evening ....

////////////////////////////////////////////////////////////////////////////////////
//1St Step: Get an access Token using the credentials from the original Tesla App
////////////////////////////////////////////////////////////////////////////////////

//VARIABLES USED:
vLogin 				is Variant		//Variant holding the parameters to pass to tesla server to get a token:
RequestLogin	 	is httpRequest 	// HTTP request var against the tesla serber 
LoginResponse		is httpResponse	//Response from tesla server
sAcessToken			is string		//After authentification we need this token. It is valid for 45days
sRefreshToken		is string		//We can use this token, to get an new token after 45 days ..... 
vLoginResponse		is	Variant		//Variant holding the content of loginrespoinse

vLogin.grant_type		= "password"
vLogin.client_id		= "MyClientID"
vLogin.client_secret	= "MySecretCode"
vLogin.email			= "MyEmailAddress"
vLogin.password			= "MyPassword"

//Now we are doing a HTTP POST to Tesla Server to get the token
RequestLogin.URL 			= "[owner-api.teslamotors.com];
RequestLogin.Content		=	VariantToJSON(vLogin)
RequestLogin..ContentType	=	typeMimeJSON

LoginResponse				 = HTTPSend(RequestLogin)
vLoginResponse				 = JSONToVariant(LoginResponse.Content)

//VERY BASIC ERROR HANDLING
IF ErrorOccurred THEN
	Error(ErrorInfo(errFullDetails))
END

IF LoginResponse.StatusCode	<> 200 THEN
	Info("Fehler, invalid credentials")
	RETURN
END

sAcessToken		=	"Bearer " + vLoginResponse.access_token
sRefreshToken	=	"Bearer " + vLoginResponse.refres_token


///////////////////////////////////////////////////////////////////////////////
//AFTER LOGIN WE CAN ASK THE TESLA SERVER FOR ALL CARS LINKED TO THE ACCOUNT.
//We need to get the car id we want to work with. I have only one tesla, so
//this code can handle only one.
//////////////////////////////////////////////////////////////////////////////

//Variables uses:
CarListRequest		is	httpRequest()
CarListRespose		is	httpResponse
vCarListResponse	is	Variant
sVehicleID			is	string		//The vehicle we want to handle



//Ask Tesla Server for car list and put it into the vCarListReponse Variables
CarListRequest.URL 						= "[owner-api.teslamotors.com];
CarListRequest..ContentType				= typeMimeJSON
CarListRequest.Header["Authorization"] 	= sAcessToken
CarListRespose 							= HTTPSend(CarListRequest)
vCarListResponse 						= JSONToVariant(CarListRespose.Content)


sVehicleID  = vCarListResponse.response[1].id_s	//Lucky people owning more than one tesla need to code a bit more 
//=> vCarLIstResponse shows data like: Name of the car, options, colour, total milage and much more

///////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// Now we can to some things, like reading the car state:
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////

//Variables uses:
requestcarstate 	is 		httpRequest
ResponseCarState 	is		httpResponse
vResponseCarState 	is 		Variant

//Get infos like: 
requestcarstate.URL 					= "[owner-api.teslamotors.com];
requestcarstate.Header["Authorization"] = sAcessToken
ResponseCarState 				 		= HTTPSend(requestcarstate)

vResponseCarState 						=JSONToVariant(ResponseCarState.Content)

//Shows a lot of car information


///////////////////////////////////////////////////////////////////////////////
// lets hunk the horn
// you can also start climate control, open or lock the doors and a lot more
///////////////////////////////////////////////////////////////////////////////

//Var used:
RequestHonkHorn			is	httpRequest
ResponseHonkHorn		is	httpResponse
vResponseHonkHorn		is	Variant


//HONK the horn
////[owner-api.teslamotors.com]
RequestHonkHorn.URL						=	 "[owner-api.teslamotors.com];
RequestHonkHorn.Header["Authorization"] = sAcessToken
RequestHonkHorn.Method=httpPost
ResponseHonkHorn						=	HTTPSend(RequestHonkHorn)
vResponseHonkHorn						=	JSONToVariant(ResponseHonkHorn.Content)

IF vResponseHonkHorn.response.result = True THEN
	Info("Honk")
ELSE
	Info("Error")	
END

Edited 1 time(s). Last edit at 12/02/2019 12:14AM by Al.

Big mistake,

I did not delete the credentials in this piece of code ... but already changed

Hi Stefan

Thanks for sharing. I can see great opportunities for criminals with the ability to access functions in a motor vehicle. When it goes pear shaped it is really going to go pear shaped.

Cheers
André

Hi Andre,

yes, this might be a big security issue .... the only thing you need to access the car is username and Password.
All the other Things are available in Internet.

But I think this concerns all "smart" Things, smart homes, cars etc.
Even the Refrigerator is connected to Internet ......

I do not now if this is a good Evolution.

Regards


Stefan.

Hi Stefan

That is true - the internet of things. A huge problem for security. Heart pacemaker has an IP address - easy to commit murder via the internet - hack it and stop the pacemaker. The list goes on and on and on...

Not good. Not good. All social media is equally bad. We are living in ominous times.

Cheers
André