Looks like I may not be able to release the new version of Tesla Companion for keyless driving and full calendar integration since the current beta is using the new authentication mechanism that requires a client id key and secret key that are not publicly available.
The way to obtain that keys is decompiling the official app or decrypt the HTTPs requests, decompiling the App violates the software license, I’m not sure what the current implication of sniffing the HTTPs request are yet.
I contacted Tesla and they are not providing keys for third party apps.
Using Tesla proprietary client and secret key to authenticate a third party app might have legal consequences.
This is different to the previous authentication mechanism where authentication requires only email/password provided by the user.
The Beta program will continue working for some time however it may be closed as well.
The released version of Tesla Companion will stay on the store using previous authentication mechanism, however it won’t provide any new functionality released on Firmware 6.0 and will stay operational until Tesla decides to retire the old protocol.
As sad as it may sound I need to protect myself from possible lawsuits.
For example in the following link it exposes what certain risks are when developing a third party app for Tesla using their secrets.
https://www.eff.org/issues/coders/reverse-engineering-faq
“It is legally risky to bypass any “technical protection measures” (e.g., authentication handshakes, protocol encryption, password authentication, code obfuscation, code signing) that control access to the code or any specific functionality.”
Castor
The way to obtain that keys is decompiling the official app or decrypt the HTTPs requests, decompiling the App violates the software license, I’m not sure what the current implication of sniffing the HTTPs request are yet.
I contacted Tesla and they are not providing keys for third party apps.
Using Tesla proprietary client and secret key to authenticate a third party app might have legal consequences.
This is different to the previous authentication mechanism where authentication requires only email/password provided by the user.
The Beta program will continue working for some time however it may be closed as well.
The released version of Tesla Companion will stay on the store using previous authentication mechanism, however it won’t provide any new functionality released on Firmware 6.0 and will stay operational until Tesla decides to retire the old protocol.
As sad as it may sound I need to protect myself from possible lawsuits.
For example in the following link it exposes what certain risks are when developing a third party app for Tesla using their secrets.
https://www.eff.org/issues/coders/reverse-engineering-faq
“It is legally risky to bypass any “technical protection measures” (e.g., authentication handshakes, protocol encryption, password authentication, code obfuscation, code signing) that control access to the code or any specific functionality.”
Castor