I’m trying convert a bash script that uses curl into a scriptable script but for the life of me I can’t get cookies working in scriptable.
Here’s the bash script that works:
response=$(curl -v -X POST \
-H "Cookie: GCDMSSO=${authorization}" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "client_id=54394a4b-b6c1-45fe-b7b2-8fd3aa9253aa" \
-d "response_type=code" \
-d "redirect_uri=com.bmw.connected://oauth" \
-d "state=rgastJbZsMtup49-Lp0FMQ" \
-d "nonce=login_nonce" \
-d "scope=openid+profile+email+offline_access+smacc+vehicle_data+perseus+dlm+svds+cesim+vsapi+remote_services+fupo+authenticate_user" \
-d "authorization=${authorization}" \
-w "\nredirect: %{redirect_url}\n" \
"https://${url}/gcdm/oauth/authenticate?" | tail -1)
echo "reponse=${response}"
The cookie (authorization) looks like this: qy9sbBUu9lftDl14Vc567a2wbGU.*AAJTSQACMDIAAlNLABxLL29CWC9uTzJFN05XTlkwK0t2ZmU1RUVWdzQ9AAR0eXBlAANDVFMAAlMxAAIwMQ..*
Here’s what the post data looks like using curl -v
> POST /gcdm/oauth/authenticate? HTTP/1.1
> Host: login.bmwusa.com
> User-Agent: curl/7.64.0
> Accept: */*
> Cookie: GCDMSSO=WAg4adOCJ1yPa1AdhLP-sNEkxGs.*AAJTSQACMDIAAlNLABxFbWkxeTJZeGtUdkxvSmJmSG5oNW9qZzVhemc9AAR0eXBlAANDVFMAAlMxAAIwMQ..*
> Content-Type: application/x-www-form-urlencoded
> Content-Length: 409
Here’s my scriptable bit that fails the authorization:
// We successfully get the cookie from a previous post request that uses the same format as below, token.body, etc.
auth.response.cookies.forEach(cookie => {
if (cookie.name == 'GCDMSSO') {cname = cookie.name; sessionid = cookie.value}
});
const AUTHURL = "https://login.bmwusa.com/gcdm/oauth/authenticate?"
let tokendata = [
"client_id=54394a4b-b6c1-45fe-b7b2-8fd3aa9253aa",
"response_type=code",
"redirect_uri=com.bmw.connected://oauth",
"state=rgastJbZsMtup49-Lp0FMQ",
"nonce=login_nonce",
"scope=openid+profile+email+offline_access+smacc+vehicle_data+perseus+dlm+svds+cesim+vsapi+ remote_services+fupo+authenticate_user",
"authorization=" + sessionid,
];
token = new Request(AUTHURL);
token.method = "POST";
token.headers = {
Accept: "*/*",
"Content-Type": "application/x-www-form-urlencoded",
"Cookie": cname + "=" + encodeURIComponent(sessionid),
};
token.body = tokendata.join("&");
let tokenresult = await token.loadJSON()
So far, no matter what I’ve tried with the headers and/or post data, I always get this response
{"error":"invalid_token","error_description":"The presented token is invalid or expired."}
I’ve tried using both the cookie and authorization bits with and without encodeURIComponent
, but it makes no difference. Does anyone have any idea what I’m doing wrong? For the record, I’m not a javascript developer. Most of what I’ve been able to do so far has been via google searches and reading other peoples code
Also, here’s a java script implementation that I’m trying to implement via scriptable, if it helps:
Another implementation
Thanks in advance!