Help with Tesla Powerwall API V3

[admin]

This should get you a request token and refresh token which can be used for further API calls. But this can stop working anytime if the login page structure changes since this example emulates user interaction with the login page.

Code:

username = 'user@domain.com' password = 'password' client_id = 'ID' client_secret = 'SECRET' encdec = require('encdec') http = require('socket.http') mime = require('mime') ltn12 = require('ltn12') json = require('json') function mt()   local ts, tu = os.microtime()   return ts .. '.' .. tu end function b64url(str)   return mime.b64(str):gsub('.', {     ['+'] = '-',     ['/'] = '_',     ['='] = '',   }) end function encodeargs(t)   local res = {}   local esc = require('socket.url').escape   for k, v in pairs(t) do     res[ #res + 1 ] = esc(k) .. '=' .. esc(v)   end   return table.concat(res, '&') end code_verifier = encdec.sha512(mt()):sub(1, 86) state = b64url(encdec.sha256(mt()):sub(1, 12)) code_challenge = b64url(code_verifier) args = encodeargs({   client_id = 'ownerapi',   code_challenge = code_challenge,   code_challenge_method = 'S256',   redirect_uri = 'https://auth.tesla.com/void/callback',   response_type = 'code',   scope = 'openid email offline_access',   state = state, }) url = 'https://auth.tesla.com/oauth2/v3/authorize?' .. args res, code, headers = http.request(url) if not res or code ~= 200 then   log('request 1 failed', res, code)   return end postdata = {} regexp = '<input type="hidden" name="([^"]+)" value="([^"]*)"' for name, value in res:gmatch(regexp) do   postdata[ name ] = value end postdata.identity = username postdata.credential = password cookie = headers['Set-Cookie'] or headers['set-cookie'] or '' body = encodeargs(postdata) res, code, headers = http.request({   url = url,   method = 'POST',   source = ltn12.source.string(body),   headers = {     ['Content-Type'] = 'application/x-www-form-urlencoded',     ['Content-Length'] = #body,     ['Cookie'] = cookie,   } }) if not res or code ~= 302 then   log('request 2 failed', res, code)   return end hdr = headers.Location or headers.location resp_code = hdr:match('code=([^&]+)') body = json.encode({   grant_type = 'authorization_code',   client_id = 'ownerapi',   code = resp_code,   code_verifier = code_verifier,   redirect_uri = 'https://auth.tesla.com/void/callback', }) resp = {} res, code, headers = http.request({   url = 'https://auth.tesla.com/oauth2/v3/token',   method = 'POST',   source = ltn12.source.string(body),   sink = ltn12.sink.table(resp),   headers = {     ['Content-Type'] = 'application/json',     ['Accept'] = 'application/json',     ['Content-Length'] = #body,     ['User-Agent'] = 'Mozilla/5.0 (Linux; Android 9.0.0; VS985 4G Build/LRX21Y; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/58.0.3029.83 Mobile Safari/537.36',     ['X-Tesla-User-Agent'] = 'TeslaApp/3.4.4-350/fad4a582e/android/9.0.0',   } }) if not res or code ~= 200 then   log('request 3 failed', res, code)   return end resp = table.concat(resp) resp = json.pdecode(resp) bearer_token = resp.access_token refresh_token = resp.refresh_token body = json.encode({   grant_type = 'urn:ietf:params:oauth:grant-type:jwt-bearer',   client_id = client_id,   client_secret = client_secret, }) resp = {} res, code, headers = http.request({   url = 'https://owner-api.teslamotors.com/oauth/token',   method = 'POST',   source = ltn12.source.string(body),   sink = ltn12.sink.table(resp),   headers = {     ['Content-Type'] = 'application/json',     ['Authorization'] = 'Bearer ' .. bearer_token,     ['Content-Length'] = #body,   } }) print(res, code) if not res or code ~= 200 then   log('request 4 failed', res, code)   return end resp = table.concat(resp) resp = json.pdecode(resp) access_token = resp.access_token log(access_token)