Hi guys,
I am (admittedly) a noob to HomeAssistant, and followed the implementation instructions to the letter. The manual Call is failing, and I am getting the following Auth error:
Hi @vlacey, the log you posted is just the request, can you post the reply and what happens after? there are multiple entries in the log. Take everything that contains “tesla_gateway” and check that there are is sensitive information (user/password), replace sensitive information with X.
<HTML><HEAD>
<TITLE>Access Denied</TITLE>
</HEAD><BODY>
<H1>Access Denied</H1>
You don't have permission to access "http://auth.tesla.com/oauth2/v3/authorize?" on this server.<P>
Reference #18.252d2d17.1618714961.10ff40fa
</BODY>
</HTML>
Yes, still broken.
The Tesla integration (Tesla - Home Assistant) is also broken. Looking at the logs, it seems to be the same authentication problem.
I just disabled the Tesla integration and the tesla_gateway one… will leave it disabled for a couple of days and then re-enable
Have you had any luck getting yours working again? My configuration was working fine on Wednesday, but not working. The error I am getting when issuing a change in mode or reserve to my powerwall is an Error 403. I have tried changing my password to my Tesla account and config and I am still getting the same error. My Powerwall is on version 20.49.0.
Same problem here, tried similar things, I logged out of all the devices, changed password, etc… still no luck…
This is being blocked by a “WAF” (Web Application Firewall). Is up to the implementation of it how it is banning. It doesn’t seem to be exclusively IP based, my iPhone through Wifi on the same house (with same public IP) is able to logout and login fine, same with an Android tablet.
My hunch is that my IP reserved a certain amount of tokens and they wont give me new ones until they expire… supposedly they expire after 45 days, so I may be have to wait some more days…
@nathanielh I will check it out, sadly is in C# so I will have to setup a windows machine to test it out (or deal with the mono headache) Looking at the code main difference seems to be a cancellation token, but that is retrieved on the first request. The first failure is where we get the failure, so I dont think is going to work out. Crossing fingers, if this works I can likely add it to our implementation.
For the time being will switching back to logging in just using the token work? Will have to deal with refreshing or getting the new token every 45 days from teslafi or similar. But at least I can set a reminder for that.
Does just using a token to authenticate and forgetting about this implementation fetching its own token each time still work?
If so would anyone be kind enough to post up the code?
I can confirm that I can change modes and reserves on my iPhone too which is on WiFi using the same public IP address. I have run up another Home Assistant setup with a different IP and the problem still occurs on that. My second instance is on my NAS running in docker, where my main instance is running on a virtual machine off my NAS, but that shouldn’t matter as the VM is running a different IP. I could setup a VM on my computer if you think its worth trying? Also I guess if someone has a dynamic IP with their ISP then they could just try resetting their router and see if they get a new public IP and then see if it works after that? Unfortunately I have a static IP so cannot test this.
Same here, my Tesla integration on the dashboard is working as expected, showing all values & states.
However trying to set the backup percentage gives ‘Access Denied’:
2021-04-26 04:20:21 ERROR (MainThread) [homeassistant.core] Error executing service: <ServiceCall tesla_gateway.set_reserve (c:1345d?????????cabca4f619eb2eae2a): backup_reserve_percent=5>
Traceback (most recent call last):
File "/usr/src/homeassistant/homeassistant/core.py", line 1496, in catch_exceptions
await coro_or_task
File "/usr/src/homeassistant/homeassistant/core.py", line 1515, in _execute_service
await handler.job.target(service_call)
File "/config/custom_components/tesla_gateway/__init__.py", line 393, in async_set_reserve
owner_token = yield from get_owner_api_token()
File "/config/custom_components/tesla_gateway/__init__.py", line 340, in get_owner_api_token
access_token = yield from SSO_login()
File "/config/custom_components/tesla_gateway/__init__.py", line 109, in SSO_login
raise ValueError('Step 1: failed after %d attempts, last response %s:\n%s', step_max_attempts, response.status, returned_text)
ValueError: ('Step 1: failed after %d attempts, last response %s:\n%s', 7, 403, '<HTML><HEAD>\n<TITLE>Access Denied</TITLE>\n</HEAD><BODY>\n<H1>Access Denied</H1>\n \nYou don\'t have permission to access "http://auth.tesla.com/oauth2/v3/authorize?" on this server.<P>\nReference #18.4c0f0317.169407181a715771\n</BODY>\n</HTML>\n')
Good news, I found that TeslaPy version 1.1.0 works to get the token (GitHub - tdorssers/TeslaPy: A Python module to use the Tesla Motors Owner API), it also has the commands for setting the powerwall operation mode and reserve. On top of that, it stores the tokens and expirations so it will reuse them across calls.
The HA Tesla integration is using teslajsonpy 0.11.5 and the last version is 0.17.1. That could explain why is failing, is quite behind.
I am going to update the integration to work with TeslaPy instead of doing the login ourselves. This should not only address the issue of getting the token but should also keep tokens between HA restarts.
