Homey Community Forum

APP: My New Motion app now available

Thanks for trying. But i only use the credentials when i try to get the device list, so its that step. I will see if i can learn something from the report thanks for sending it

I am not seeing a report in the dashboard. Ill go find out how that works

Sorry it went to the previous build version. Strange since that one never got approved. But it logs that we get a token so indeed its using the token to call the api that fails.

So based on the log you send and the description you provided its clear its failing on calling the API with the token when it attempts to list your assets (charge points). The F in JSON error suggests indeed that the token is rejected.
So we are not getting a valid token even though the code think we do.
What I do there is I load the root page my.newmotion.com to get the names of the form elements (they generate those dynamically).
That together with the credentials you provide I than post to the backend service to get the token. I kind of assume I get a token and do not really validate if the result includes a proper token. So either the credentials are rejected or something goes wrong with the parsing in your scenario or I am not handling one of your secrets well when it comes to encoding so it gets changed in transit.

But it is a bit hard to test any of these.
I do want to ask you to visit that root page yourself without login in (private session) and send me the source html you receive. So I can validate that I should be able to get the form elements properly.

The second test you can do is change your password to something that does not include any characters that might cause encoding problems (’ " & @ and other characters like that), can including any normal special characters like ! - _ etc

Or if you are trusting enough send me some temp credentials I can replay the issue with using private messages.

I do however validate the credentials in that add devices step. So if that would return an empty token than you should get a proper wizard error or if an exception happens during that validation than it should return that exception. But you say you see the next step starting. So that suggests you get passed that. Very strange indeed. So that would suggest you do get a proper login and token resulted. Than why is the list than giving a forbidden if you have a token.

Can you validate that in the app -> My new motion app -> configure ap -> the provided config page shows your username you provided during the wizard?

I can send you the source html of course, but how can I do that via the forum?
I use a password with a “-” but that should not be this issue.

I cannot share my (temp) credentials as all of my payment details are in there. Sorry.

Yes, my username and password provided during the wizard are updated and stored in the “app -> My new motion app -> configure ap ->”.

NewMotion Login Source
I uploaded the sources elsewhere and was able to share the source this way. Hopefully it will be available for a couple of days at least.

Thanks for trying, but I am not able to download the file. Gives me a file not available error :frowning:

Next to trying this, do you have outbound firewall rules in the network you Homey is located?

I wonder if any of the other people that installed the app got the same issues, or can confirm if it is working for them.

I have now uploaded the file to GoogleDrive. Hopefully you will be able to download it.
NewMotion Source

Homey is not restricted to any outbound firewall rules.

Thanks, that works. I can see its the source as I assume and the parser should work on it the same as it does for me. The way i locate the dynamic form elements should work so posting to get the cookie should also work.

If you are handy with a browser and REST services your could try the next step in the process your self;

The first step is to get a list of all your registered chargepoints.
1- Login the browser and once reloaded find the cookie named ‘tnm_api’ and get the {token} from its value.
2- Use a REST service client (like Postman) and let it do a GET request from https://ui-chargepoints.newmotion.com/api/facade/v1/me/asset-overview
use the headers:
content-type’: ‘application/octet-stream’,
‘Cookie’: 'language.code.selection=en; tnm_api="{token}"

And see what response you get. You can PM me the result.

After this step I try to get details of each charge point by their ID.
In Postman a new GET from this address
https://ui-chargepoints.newmotion.com/api/facade/v1/charge-points/{chargepointid from previous call}
Same headers as the listing in the previous step.

The combined end result should give you the selection of the points to choose from. So in your case either of these steps fail.

Or are there any older chargepoint previously registered to your account that you no longer own? May be the listing call lists a chargepoint you can not access any more and get the forbidden on that get details step? Or any other charepoint that is ‘strange’?

Great initiative Kaoh!
Based upon the conversation in this thread I could find some new-motion API end-points. In the ‘limits’ section you mention that you determined that i’t possible to retreive session power usage. Can you reveil the end-point you are using for that?
I cannot find any documentation / swagger from new-motion unfortunatly.
thanks!
bram