Update to new carwings URL and API#58
Conversation
This comment was marked as off-topic.
This comment was marked as off-topic.
d154d6f to
6e6bfe2
Compare
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
| BatteryRemainingAmount string | ||
| BatteryRemainingAmountWH string | ||
| BatteryRemainingAmountKWH string | ||
| BatteryRemainingAmountKWH []string |
There was a problem hiding this comment.
Can you give some more context for this change?
There was a problem hiding this comment.
Without this change I get:
ERROR: json: cannot unmarshal array into Go struct field .BatteryStatus.BatteryRemainingAmountKWH of type string
There was a problem hiding this comment.
What is contained in the array value in the JSON?
There was a problem hiding this comment.
I get: "BatteryRemainingAmountkWH":[]
There was a problem hiding this comment.
I am on the fence about whether to switch to []string or just make it json.RawMessage. @andig do you use this field at all in evcc?
It's been my experience that the Nissan API is very sloppy especially around empty values, so I don't have confidence that this will always been an array. Using json.RawMessage would make this degrade gracefully but not be particularly useful to consumers of the API.
6e6bfe2 to
5f47894
Compare
|
I addressed your feedback. But the bigger problem is, I found out that it only works if you have an existing So there is still something missing. It works, however, if there is a session file. |
|
When using Blowfish, the password was encrypted with the baseprm, that was received in session init from carwings API. |
I removed the code around the baseprm value because that value can neither be used as a key nor as an IV. AES returns: or Also, I am relatively sure it worked yesterday. Not completely sure, however. I also took a look at the other implementations in Java and Python and non of those implementations seem to use the baseprm value anymore. It is replaced by this key: From what I saw they AES key needs to be 32 bytes and the initialization vector 16 bytes. Maybe there is a new API to get one of those values. |
|
I am struggeling with the carwings implementation in perl for FHEM. So I tested and learned a lot today. Finally I was able to get data by using Here is how you can get carwings data from Nissan by using Sample password used here is If you encrypt the sample password correctly (for example use https://www.devglan.com/online-tools/aes-encryption-decryption), Now you can use curl (replace password with your encrypted password and use your Nissan user name ): curl -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36" -H "Content-Type: application/x-www-form-urlencoded" -d "Password=yzRXyArQz3lfNVxno+9KAw==&RegionCode=NE&initial_app_str=9s5rfKVuMrT03RtzajWNcA&UserId=carwings@github.com&custom_sessionid=" -X POST https://gdcportalgw.its-mo.com/api_v250205_NE/gdc/UserLoginRequest.phpFYI: Here is the perl code for password encryption. Note: padding the password was no longer necessary. package main;
use strict;
use warnings;
use POSIX;
use Crypt::CBC;
use MIME::Base64;
print STDERR "Start AES enryption\n";
my $CW_IV = "xaX4ui2PLnwqcc74";
my $CW_PS = "H9YsaE6mr3jBEsAaLC4EJRjn9VXEtTzV";
my $test_pw = "1234567890";
# PW 1234567890 -> (AES256) -> yzRXyArQz3lfNVxno+9KAw==
# Encrypted PW for comparision derived from https://www.devglan.com/online-tools/aes-encryption-decryption
my $txt = $test_pw;
my $enc = "";
my $cipher = Crypt::CBC->new(
-cipher => 'Crypt::Rijndael',
-header => 'none',
-key => $CW_PS,
-iv => $CW_IV,
-padding => 'standard',
-keysize => 32, # 256-Bit-Schlüssel
-pbkdf => 'none', # no usage of PBKDF !
);
$enc = $cipher->encrypt($txt);
my $encpw = MIME::Base64::encode_base64($enc, '');
print STDERR "Encoded: " . $encpw . "\n"; |
|
@adrianreber Thank you for doing the updates, the code itself looks good to me now. (With the one possible tweak on As I've mentioned elsewhere, I live in the US and this API is no longer available here so I've gotta rely on y'all to test changes and I appreciate that you do so. |
I believe the implementation you're using is doing the padding for you: Regarding your |
|
@docolli Thanks for your example. But I cannot make it work on my side. Not sure. I can still login in the official web interface. Using different user agents also doesn't change anything. I will do some more experiments, but I am not sure why it doesn't work any more. @joeshaw Concerning |
|
I was just copying the user agent, that your are using. 😉 @adrianreber where does this If your are brave you might want to use the AES256 webservice I have linked to encrypt your personal Nissan password. Then you can use curl with this encrypted password and your user name to test if Nissan API gives you reasonable data back. I used this Web service to implement AES256 in this little perl program, that is shown in my previous post. After I managed to get my code to output the same encrypted value for 1234567890, then I used my real password to encrypt it with my perl code. Then I tested this with curl. Note: I needed to deactive the use of Does your go code encrypts |
Yes, it is created by this Go application: https://github.com/joeshaw/carwings/blob/master/carwings.go#L530
Yes: I will retry it next week again. Hopefully it will work again. |
|
When that has happened to me in the past, I used the Nissan App on my mobile to grab battery SOC, it always said my login has ended and I need to log in again. After sucessfull login from the APP, most of the time the connection from my code was working again. Give it try! 😉 |
|
Comparing the output of your dev-branch in debug-mode to the parameters of my successful curl request (see above) shows me, that you are missing parameters carwings -username carwings@github.com -password 1234567890 -region NE -debug battery
Logging into Carwings...
Error loading session from /.carwings-session: open /.carwings-session: The system cannot find the file specified.
POST /api_v250205_NE/gdc/UserLoginRequest.php HTTP/1.1
Host: gdcportalgw.its-mo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36
Content-Length: 139
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip
Password=yzRXyArQz3lfNVxno%2B9KAw%3D%3D&RegionCode=NE&UserId=carwings%40github.com&custom_sessionid=&initial_app_str=9s5rfKVuMrT03RtzajWNcA
HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Date: Thu, 03 Jul 2025 18:46:28 GMT
Server: Apache
2d
{"status":"-2010","message":"INVALID PARAMS"}
0
ERROR: received status code -2010 (INVALID PARAMS)But I see that there might be an encoding problem. encPassword = I don't know currently how to fix this encodig problem, but maybe somebody can help. |
|
Further testing with curl I realized that it must be the URL encoding. If I use curl to send data in verbose mode it tells me it has sent 131 bytes of data, however the current carwings exe tell me it has sent 139 bytes of data (content-length). But I still don't know what to do in go code to prevent that URL encoding. Need to do testing in debug mode with original "blowfish" carwings.exe, if this also sends URL encoded data... But I am busy this weekend! |
This includes a new backend URL and a new encryption algorithm. Signed-off-by: Adrian Reber <adrian@lisas.de>
|
@docolli Thanks once more for your feedback. Now the curl command finally works. Using the app didn't help immediately, but right now I was able to finally log back into the API using curl and my changes. The encoding part is correct (see https://en.wikipedia.org/wiki/Percent-encoding#Reserved_characters for a possible explanation). |
5f47894 to
535d8c3
Compare
|
@joeshaw Ready for review. Let me know if I should change the |
|
SORRY!!! It works. My mistake, I've used the wrong email address 🙈🙈🙈🤣 Please accept the pull request, so we can get this issue fixed in evcc. Old: |
89a6639 to
a0e44c1
Compare
|
@adrianreber We can leave the |
|
Sorry to step in again! However, after checking more detailed today, I am realizing, that despite I am getting now a JSON data response with -debug activated, it seems that I am gettting more or less always the same JSON structure, no matter if I use If I use carwings.exe without -debug, I am getting no value answer, but |
|
Okay, I see in the code, that session file is located at |
|
@docolli Please open a separate issue (or pull request) for the Windows file name thing. It would be appreciated to track that as a bug. |


This includes a new backend URL and a new encryption algorithm.
Possibly fixes #57