Smart EQ Connect

ReneNulschDE · December 17, 2021, 9:14am

Hi,

few days after I published this integration, Smart activated the CAPTCHA protection (Google Captcha v3 Enterprise) to the login screen. Looks like that do not like that Car Owners use the data of their own car.

I have no plans to work on this component further.

Sorry
Rene

maciii · December 21, 2021, 9:01am

Hi Rene, I just bought Smart EQ ForTwo 2019. Maybe we can try to contact Mercedes Benz developers and ask for some API? What do you think?

ReneNulschDE · December 21, 2021, 9:49am

You can try it. Not sure if the Smart cars are available via the normal bring your own car api from MB. See https://developer.mercedes-benz.com/

maciii · December 27, 2021, 2:22pm

Hi Rene, can I somehow “see” Captcha and overcome this login page? I suppose then you great work will still be able to work?

ReneNulschDE · December 27, 2021, 4:31pm

Hi,
There are multiple ways. But each of them needs some IT knowledge and the code of the integration needs some changes

Idea 1:
You can “steal” the refresh_token from the IOS/Android App.

Install a reverse proxy like Burp (community edition is enough)
Install the root certificate from Burp into IOS and trust the the certificate
Change the code of the config_flow.py and remove the Auth-Checks
3a. Add the integration without any login
3b. Stop HA
3c. Create a .smarteqconnect-token-cache file (see content below)
Add the Burp Proxy Address as manual proxy in your IOS
Look for the refresh token in the Burp Logs (is requested every two hours)
Add the refresh token in to your smarteqconnect-token-cache file.
Make sure the “expires_at” is in the past
Start HA

Sample file content:
{“access_token”: “XXX”, “refresh_token”: “XX”, “token_type”: “Bearer”, “expires_in”: 7199, “expires_at”: 1638715280}

maciii · December 28, 2021, 1:41pm

Hi René,

thank you very much. This is my progress:

installed Burp on my PC (win10)
installed on iPhone, proxy etc.

This looks like refresh token: (I modified some characters in token manually - so this is SAMPLE)

grant_type=refresh_token&refresh_token=XHEawMmJ1klLtGntnTMzZZVyejwJQGoH24BOq7oXK1&redirect_uri=https%3A%2F%2Foneapp.microservice.smart.com&client_id=70d84301-938c-4bec-82d0-6abb550b0815

Then I can see Bearer

GET /seqc/v0/users/current HTTP/2
Host: oneapp.microservice.smart.com
Accept: */*
Accept-Language: cs-CZ;q=1.0, en-US;q=0.9
Authorization: Bearer eyJhbGciOiJkaXIiLCJlbmMiOiJ......shortcuted by me ;-)
X-Applicationname: 70d89501-938c-4bec-82d0-6abb550b0825
User-Agent: Device: iPhone14,2; OS-version: iOS_15.2; App-Name: smart EQ control; App-Version: 3.1.0; Build: 202112091304; Language: en_US
Guid: 26DBBA46-6293-4D44-AFD5-F6A0952F8E4C
Accept-Encoding: gzip, deflate

So I suppose Bearer is AccessToken.

What is expires_in : 7199 (what this number means?) seconds? 120 mins?
expires_at - timestamp format as I suppose - should be let say 1.1.2026 ???

A file .smarteqconnect-token-cache should be placed in HA config root or in custom_components/smarteqconnect directory? Should file include . (dot) in his name?

But I’m lost in “Change the code of the config_flow.py and remove the Auth-Checks”. I can modify these files but what to remove???

Thank you very much!!!

ReneNulschDE · December 30, 2021, 11:45am

Hi,

You should add behind line 102 of the config_flow.py
except TypeError as terror:
errors = None
result = “{}”

Should look like this afterward:

Restart HA.
Add the integration and put any value into username and pin.

This will add the integration without a valid auth. please ignore the errors and ignore the reauth task.

Then

stop HA
Copy the result of the request “grant_type=refresh_token” into your .smarteqconnect-token-cache file
Add the attribute , "expires_at": 1640871271 to it (this means the access token is not valid anymore and the integration will request a new access_token with the refresh token
Save the file into your HA-Config root folder
Start HA (The integration will request a new access token and it should work) - at least in my test this was successful

THIS is a ugly hack…

BR
Rene

maciii · January 3, 2022, 12:26pm

Thank you Rene VERY MUCH.

After a few hours of trying/testing I finally found correct tokens - could be helpful to others maybe.

My steps to find correct tokens in Burp are those:

delete SmartEQConnect APP from iPhone and install it again - this will activate new tokens and you do not to wait 2 hours for refresh token
Start Burp on PC (do not forget to disable PC firewall/anitivirus firewall or open correct ports on PC internal firewall
Log into IOS Smart EQ Connect app
In Burp you will see this message (aprox. 100 log rows down in my case)

image_2022-01-03_125453784×163 74.1 KB

In Burp Logger - Response Window you will see access_token and refresh_token. Put them in .smarteqconnect-token-cache FILE

Then I stopped Home Assistant Core using SSH command: ha core stop
Copy .smarteqconnect-token-cache to HA Config Root directory using Samba
Start HA Core using SSH command: ha core start

WORKING!

I also changed line 47 in const.py to this:

DEVICE_USER_AGENT = "Device: iPhone14,2; OS-version: iOS_15.2; App-Name: smart EQ control; App-Version: 3.1.0; Build: 202112091304; Language: en_US"

Because I found there is a new version of app - I do not know if this matters or not???

So I can finally show car battery also on my Apple Watch

Rene do you think that there is some possibility to star Pre-Conditioning? Can I help somehow with that? With some logs or access to my car? Your code showed to me how terrible programmer I am

Whatsek · January 4, 2022, 4:24pm

This is really a nice new feature! Will test this tommorow morning!

gliena · February 7, 2022, 2:57pm

I was able to add the integration without the hassle of using burp.

I added the EQ integration, when asked for the pin I went on the smart website to login. I chose to login with the PIN and the PIN I received worked for HA. I did this in the same browser.

ReneNulschDE · February 7, 2022, 5:16pm

Sometimes the unbelievable easy things just work…

gliena · February 7, 2022, 6:25pm

For sure, I was also thinking the same browser would have little impact as the request would come from the HA host and the other from my browser… So their security is not so strong. Lucky us

Dadone66 · February 23, 2022, 12:40pm

Beautiful, I followed your advice and I did too, the only thing I miss is the tire pressure. can you help me?

Maurizio_Andreotti · April 9, 2022, 11:48am

Can you tell me the url of the Smart website?

ReneNulschDE · April 9, 2022, 12:04pm

https://www.smart.mercedes-benz.com/de/de/connected-portal

Maurizio_Andreotti · April 9, 2022, 4:58pm

Thanks a lot, now I have integrated my Smart EQ

shell1 · June 5, 2022, 8:08am

I am just trying to get this to run using the PIN/TAN created from the mercedes website.
Do I have to repeat this procedure each time I restart HASS, since the integration has to login again?

Another thing I do not understand: the mercedes website asks for password AND pin.
The smarteq integration only asks for the pin, how can this work?

drd4x · June 13, 2022, 2:24pm

Hi, I can confirm that even in Italy this Custom Component works perfectly.
I also received the same sensors using the MercedesMe2020 component and using my Mercedes Me account.
Using MercedesMe2020 it is possible to have more information, for example the charge_power attribute in kW visible in the image.
Apologies for my google translate english.

maciii · November 23, 2022, 10:34am

Hi drd4x,

very nice card! What did you used?

You also mention Mercedes Me 2020 - do you see Smart EQ also in Mercedes Me app? Because I can’t see my ForTwo there

Dreamoffice · January 7, 2023, 7:58am

Thanks for this hint. in Mercedes Me 2020 Integration i can also see all the values of my Smart EQ.