Api Coverage for Dacia Spring

[afaucogney]

Thanks for all this project, this is amazing !

I just get my fresh new Dacia Spring !

Thanks to the Api (cli), I succeed to do auth, and then here are my tests. Basic status is OK, but nothing about schedules on Hvac as well as Charge.

The mobile seems to be able to start/stop charge and hvac, but the api seems to do not work. Anyone get an idea ? Does any Spring user get the same payload / behaviour ?

renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v2/cars/{vin}/battery-status" 
 => OK

renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v2/cars/{vin}/cockpit"
 => OK

renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v1/cars/{vin}/location"
 => OK

renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v1/cars/{vin}/notification-settings"
 => Error: ('err.tech.501', 'This feature is not technically supported by "AVN", vehicleID: "xxxxx"')

renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v1/cars/{vin}/lock-status"
 => Error: ('err.tech.502', 'VNEXT an internal error occured while processing request : 403 FORBIDDEN')

// HVAC

renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v1/cars/{vin}/hvac-history"
 => Error: ('err.func.400', "Required TargetPeriodType parameter 'type' is not present type is missing")

renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v1/cars/{vin}/hvac-status"
 => OK

renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v1/cars/{vin}/hvac-settings"
 => Error: ('err.tech.502', 'VNEXT an internal error occured while processing request : 403 FORBIDDEN')

renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v1/cars/{vin}/hvac-sessions"
 => Error: ('err.func.400', 'must not be null, must not be null')

// CHARGE

renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v1/cars/{vin}/charges"
=> Error: ('err.func.400', "Required LocalDate parameter 'start' is not present start is missing")

renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v1/cars/{vin}/charge-mode"
 => Error: ('err.func.403', 'Access is denied for this resource')

renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v1/cars/{vin}/charge-history"
=> Error: ('err.func.400', 'must not be null, must not be null, must not be null')

renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v1/cars/{vin}/charge-settings"
=> Error: ('err.func.403', 'Access is denied for this resource')

Is there a way to know what is supported or not ? by the car or the api ?

Thanks for all !

[epenet]

Sadly there is no official documentation - you have to unpack the apk manually!
When you have must not be null, must not be null it is because you are missing some parameters in the URL (for example startDate/endDate).

I have recently merged #479 but I do not have a sample carGateway information for the Dacia Spring.
Can you maybe create a PR with your result?
renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v2/cars/{vin}"

[afaucogney]

@epenet I will have a look at he apk. I tried to sniff the code with MITM, by updating the apk with a new cert, but they use TrustKit that lock my investigation ...

the api about hvac start seems to work, but cancel return a huge amount of data without any effect on the car.
In the app, this is not working as well !

yes I can do PR, where should I put that file, that my second hour in this project ....

[epenet]

tests/fixtures/kamereon/vehicle_gateway/spring.1.json

[epenet]

Look at the files already in the folder

[afaucogney]

@epenet done ! Hope I didn't push sensible data ...

[epenet]

Please take a look at PR #459 for the charge start/stop

[epenet]

I was previously able to use fiddler on my machine - but I haven't tested it recently.
I also know that IOS and Android have different protection mechanism...

[slater0013]

Hello, Spring owner here !
Big thanks for your work here ! would be glad to help with Spring custom configuration !
HVAC and Charge can be launched through the mobile app. But there is no scheduling.

GS

[jumpjack]

renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v1/cars/{vin}/lock-status"
=> Error: ('err.tech.502', 'VNEXT an internal error occured while processing request : 403 FORBIDDEN')

I think this works only on Nissan cars, as many others endpoints (horn-lights, engine-start, door-lock,...).

// HVAC

renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v1/cars/{vin}/hvac-history"
=> Error: ('err.func.400', "Required TargetPeriodType parameter 'type' is not present type is missing")

The format for charges-history is:

charge-history?start=STARTDATE&end=ENDDATE&type=TYPE

See here for details: https://github.com/jumpjack/myRenaultLC/wiki/Syntax-of-%22charge-history%22,-and-related-errors

Possibly it's the same for hvac-history.... but I can't get it working anyway on Renault Capur and Renault Zoe50:

{
    "status": "Not Implemented",
    "code": "501",
    "title": "Not supported Feature",
    "detail": "This feature is not technically supported by this gateway"
}

renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v1/cars/{vin}/hvac-sessions"
=> Error: ('err.func.400', 'must not be null, must not be null')

Full error message:

{
    "errors": [
        {
            "status": "400",
            "code": "NotNull",
            "detail": "must not be null",
            "source": {
                "parameter": "end"
            }
        },
        {
            "status": "400",
            "code": "NotNull",
            "detail": "must not be null",
            "source": {
                "parameter": "start"
            }
        }
    ]
}

This means it has same syntax of charges-history ; but on Captur and Zoe50 I get:

{
    "status": "Not Implemented",
    "code": "501",
    "title": "Not supported Feature",
    "detail": "This feature is not technically supported by this gateway"
}

// CHARGE

renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v1/cars/{vin}/charges"
=> Error: ('err.func.400', "Required LocalDate parameter 'start' is not present start is missing")

Same syntax of charges-history; output format:

{
    "id": "xxx MY VIN xxx",
    "charges": [
        {
            "chargeStartDate": "2022-01-27T02:00:10Z",
            "chargeEndDate": "2022-01-27T03:56:24Z",
            "chargeStartBatteryLevel": 71,
            "chargeEndInstantaneousPower": 0
        },
        {
            "chargeStartDate": "2022-01-28T02:01:17Z",
            "chargeEndDate": "2022-01-28T05:45:30Z",
            "chargeStartBatteryLevel": 8,
            "chargeEndInstantaneousPower": 0
        },
        {
            "chargeStartDate": "2022-01-29T22:17:06Z",
            "chargeEndDate": "2022-01-30T01:52:08Z",
            "chargeStartBatteryLevel": 11,
            "chargeEndInstantaneousPower": 0
        }
    ]
}

renault-api --json http get "/commerce/v1/accounts/{account_id}/kamereon/kca/car-adapter/v1/cars/{vin}/charge-history"
=> Error: ('err.func.400', 'must not be null, must not be null, must not be null')

Syntax of charges-history

[epenet]

@jumpjack why don't you provide a documentation PR here instead of linking to your repository?

[jumpjack]

You welcome.

[epenet]

@jumpjack please take a look at #603 as a sample on how to contribute to the documentation

[andig]

I can only partially confirm this. With the Dacia I have here for testing I'm getting:

battery-status: Access is denied for this resource
charge-mode: Access is denied for this resource
cockpit: Access is denied for this resource
location: Access is denied for this resource
lock status: Access is denied for this resource
res state: Access is denied for this resource
hvac-status: Access is denied for this resource

Maybe there are differences between the cars?

[andig]

Funny. Running this once more an hour later it looks like this:

charge-mode: Access is denied for this resource
lock status: VNEXT an internal error occured while processing request : 403 FORBIDDEN
res state: Access is denied for this resource

Same car, nothing changed...

[eltoro0815]

@epenet I will have a look at he apk. I tried to sniff the code with MITM, by updating the apk with a new cert, but they use TrustKit that lock my investigation ...

the api about hvac start seems to work, but cancel return a huge amount of data without any effect on the car. In the app, this is not working as well !

yes I can do PR, where should I put that file, that my second hour in this project ....

You can use FRIDA to do what you want:
https://httptoolkit.com/blog/frida-certificate-pinning/