Stuck on step 2 with Akka + Scala

[jordyperlee]

Hi all,

I'm getting stuck at step 2, and I think it might (?) be a header problem. For step 1 I'm correctly getting the HTML and parsing the hidden fields, for step 2 this is what my request looks like:

The headers:
List(Cookie: tesla-auth.sid=s%3AiJzH_LySpAwoXyR2nfKLMWb6XBFhMoN0.VBuSQm3VTL7jsEBDRRJQGHCzgtdKJNDH6BPyGyuvT0A;, content-type: application/x-www-form-urlencoded)

The full request URI:
https://auth.tesla.com/oauth2/v3/authorize?state=thisisarandomstring&scope=openid+email+offline_access&redirect_uri=https://auth.tesla.com/void/callback&client_id=ownerapi&code_challenge=bDljVWU4Skhrd1lCc0k0UVhxQWh1Rm1pOHFXajJDekZiN21Sakw2SWdORzJvcEhOcmx3b2JTdmpvOWNxd1lleEVqQnZQWnJ4ejJucXM0MUdmYTNIU3U%3D&code_challenge_method=S256&response_type=code

The request entity (actual credentials removed...):
entity: _csrf=n90ucMlD-AKXnhZXFDepIRqHtXHBqXioqhfg&_phase=authenticate&_process=1&transaction_id=cye9LK2L&cancel=&identity=some%40email.com&credential=somepassword

The response seems to include some javascript, and does not include the Location header I was expecting:
HttpResponse(302 Found,List(Server: nginx, X-DNS-Prefetch-Control: off, X-Frame-Options: DENY, Strict-Transport-Security: max-age=15552000; includeSubDomains, X-Download-Options: noopen, X-Content-Type-Options: nosniff, X-XSS-Protection: 1; mode=block, X-Request-ID: 7acdcd02-0fc5-47ea-a379-f8684526ae97, X-Correlation-ID: 7acdcd02-0fc5-47ea-a379-f8684526ae97, Content-Security-Policy: connect-src 'self'; default-src 'none'; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.google.com www.recaptcha.net; img-src 'self' data:; script-src www.recaptcha.net 'self' 'nonce-693722634ac4df7f2e1d'; style-src 'unsafe-inline' 'self', X-Content-Security-Policy: connect-src 'self'; default-src 'none'; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.google.com www.recaptcha.net; img-src 'self' data:; script-src www.recaptcha.net 'self' 'nonce-693722634ac4df7f2e1d'; style-src 'unsafe-inline' 'self', X-WebKit-CSP: connect-src 'self'; default-src 'none'; font-src 'self' data: fonts.gstatic.com; frame-src 'self' www.google.com www.recaptcha.net; img-src 'self' data:; script-src www.recaptcha.net 'self' 'nonce-693722634ac4df7f2e1d'; style-src 'unsafe-inline' 'self', Location: https://auth.tesla.com/oauth2/v3/authorize?state=thisisarandomstring&scope=openid+email+offline_access&redirect_uri=https%3A%2F%2Fauth.tesla.com%2Fvoid%2Fcallback&client_id=ownerapi&code_challenge=bDljVWU4Skhrd1lCc0k0UVhxQWh1Rm1pOHFXajJDekZiN21Sakw2SWdORzJvcEhOcmx3b2JTdmpvOWNxd1lleEVqQnZQWnJ4ejJucXM0MUdmYTNIU3U%3D&code_challenge_method=S256&response_type=code, X-Response-Time: 2.816ms, Date: Fri, 12 Feb 2021 09:14:10 GMT, Connection: keep-alive, Set-Cookie: tesla-auth.sid=s%3Aqgl6hrNIssIbnBeAFJuvjRLCnKo1cmv9.fx2JVe8dqii9keOmgi05qJA6U99PUbiZ47xv9ebz3Fc; Expires=Mon, 15 Feb 2021 09:14:10 GMT; Path=/; Secure; HttpOnly; SameSite=Lax),HttpEntity.Strict(text/plain; charset=UTF-8,383 bytes total),HttpProtocol(HTTP/1.1))

If anyone has an idea for what's going wrong that would be amazing!