Is login.js returning incorrect refresh token?

[IMgoRt]

When I execute lgoin.js on my windows PC on my account with MFA enabled I get a .token returned.
However, the refresh_token within appears to be from "step 4" https://tesla-api.timdorr.com/api-basics/authentication#step-4-exchange-bearer-token-for-access-token which the API documentation indicates is of no value (in the token refresh section https://tesla-api.timdorr.com/api-basics/authentication#refreshing-an-access-token):
"This uses the SSO refresh_token from Step 3 above to do an OAuth 2.0 Refresh Token Grant. This does not work with the refresh_token provided by the Owner API. Those have no use currently and should be discarded."

and that the correct refresh_token is that from "step 3" https://tesla-api.timdorr.com/api-basics/authentication#step-3-exchange-authorization-code-for-bearer-token

The refresh_token should be in the form "refresh_token": "eyJrefresh"

Thanks

[mseminatore]

@IMgoRt Yes, you are correct. With the auth changes that Tesla made I have not yet fixed up the refresh token handling. There is a PR for this that I need to review and merge if it works. I will try to get to this soon.

[IMgoRt]

Thanks, that PR works for me

[mseminatore]

I'll close this when I complete the merge. @IMgoRt can you confirm that you test merged in the PR or did you just inspect the diff?

[IMgoRt]

I ran the code in the PR and it returned a valid refresh_token (and all other items remained correct)

[Morgulisan]

Anything new? When will the npm be updated?

[GaPhi]

Another way to be compatible of many user interfaces is to add in teslaja/src/auth.js, just as the first lines of login function:

(...)
exports.login = function login(credentials, callback) {
    // Tokens as username/password when username does not contain @
    if (!credentials.identity.includes('@')) {
        callback(null, {}, { access_token: credentials.identity, refresh_token: credentials.credential });
        return;
    }

    var codeVerifier = generateCodeVerifier();
(...)

Then, provide access and refresh tokens as username/password in your preferred UI.

I also found that id_s seems to have changed; using the new one, everything is now working for me!

But the username/password is not possible yet and it would be great as getting token/refresh tokens with an external app is not very easy...

Pull request #268 created

[mluggy]

brilliant, but I would support access/refresh token natively instead of hacking them through username/password.

[mseminatore]

I am considering adding 2captcha support. Thoughts on that as a solution to keep the library headless and avoid the need to show a webview? I don't like taking a dependency on a paid service. OTOH I am struggling to find another solution that keeps this library working.