mirror/GM-Vehicle-API
1
0
Fork 0
mirror of https://github.com/q39JzrRa/GM-Vehicle-API.git synced 2025-12-23 23:38:45 -05:00
Code Issues Packages Projects Releases Wiki Activity
13 Commits 3 Branches 0 Tags
92e13475773f315da0b370f155bdb5af046f521c
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Random Person 92e1347577 Update README.md
2019-08-11 16:18:20 -04:00
GM.Api
Converted to base class and implementation for command methods
2019-08-10 17:32:41 -04:00
GM.WindowsUI
Converted to base class and implementation for command methods
2019-08-10 17:32:41 -04:00
.gitignore
Initial commit
2019-08-08 19:20:08 -04:00
GM.sln
Added obfuscated settings extraction capability
2019-08-10 15:30:04 -04:00
LICENSE
Initial commit
2019-08-08 19:20:08 -04:00
README.md
Update README.md
2019-08-11 16:18:20 -04:00

README.md

GM-Vehicle-API

Remote API for supported General Motors vehicles in C#, .NET Standard Includes a WPF demo app.

This is the API used by the myChevrolet, myBuick, myGMC, myCadillac, My Vauxhall and myOpel apps.

Reverse engineered C# API for accessing General Motors vehicles supporting OnStar connected services. Obviously this is unsanctioned. Use at your own risk.

GM announced that they would be releasing the API in 2013. 6 years later they still refuse to respond to developer requests. The API has been reverse engineered via decompilation and protocol interception in order to facilitate interoperability. No copywritten works have been duplicated.

You are accepting all responsibility and liability for the use of this content.

Client Credentials

To use this API you will require a valid client id and client secret. The correct approach would be to request access from GM at https://developer.gm.com/ or by emailing them at developer.gm.com.

Alternatively (and because GM refuses to respond to developer requests) you can extract the credentials from the Android app's .apk file. I am NOT including the source code for this process, but I have included the capability. GM.SettingsReader.dll can do this. I have obfuscated the process.

IMPORTANT: The demo app requires a copy of the Android app's .apk file to be copied to the "apk" folder. It has been tested with the myChevrolet app, version 3.21.0. VERY IMPORTANT: Unless you want an international incident on your hands DO NOT SHARE ANY OF THE CONTENTS OF THE SETTINGS FILE ANYWHERE EVER!!!!

TODO

This is very early, unpolished, incomplete code. No judgement please.

TODO: implement lots more actions

TODO: Complete updating JSON model property names

Note: the android app saves the onstar pin using biometrics to unlock - no difference in the api calls Note: the android app does not use a different token refresh mechanism after elevating permissions, but the elevation persists across a refresh. The upgrade request does not specify an expiration. Testing will be required to determine the lifespan of token upgrades.

TODO: Implement secure means of saving onstar pin. If possible. TODO: recognize response from calling priv'd command without upgrade and trigger upgrade using saved pin.

TODO: consider using MS JWT implementation

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme GPL-2.0 157 KiB
Languages
C# 100%