Fix Hyundai Europe commands on legacy (non-CCS2) vehicles

[dz0ny]

Problem

Sending commands (lock/unlock/charge) to legacy, non-CCS2 Hyundai Europe vehicles (e.g. a gen2 Bayon) fails with "Failed to get command token" / Lock … failed.

Root cause

EU commands authenticate differently depending on vehicle generation, per the authoritative hyundai_kia_connect_api (ApiImplType1.lock_action / start_charge / …):

	Legacy (non-CCS2)	CCS2 (Gen5W)
URL	POST /api/v1/spa/…/control/door	POST /api/v2/spa/…/ccs2/control/door
Body	{action, deviceId}	{command}
Auth	normal access token	PIN-derived control token

sendCommand called setCommandToken() (the PUT /api/v1/user/pin step) unconditionally, but legacy cars have no PIN/control-token step — so that fetch is what threw "Failed to get command token". It also built a malformed path because commandPathAndBody() defaulted to ccs2: true while the URL was built as v1.

This is the "wrong token usage on legacy command path" anomaly noted in #8.

Changes

• sendCommand: branch on ccs2 — control token + commandHeaders for CCS2; plain authorizedHeaders (no PIN) for legacy. Pass the real ccs2 flag into commandPathAndBody.
• commandPathAndBody: drop the stray leading slash in the legacy door path ("/control/door" → "control/door") that produced a double slash.
• setCommandToken: route through performJSONRequest so the PIN request is captured in HTTP logs and status-validated (previously a raw URLSession call, invisible to diagnostics), with a clearer PIN-failure message.

Testing

• swift build passes.
• Verified the legacy lock/unlock/charge paths, bodies, and header choice against hyundai_kia_connect_api ApiImplType1.
• Live verification needs a real EU vehicle: lock should now POST to /api/v1/spa/…/control/door and return 200.

Known remaining gap (not addressed here)

startClimate still always returns the ccs2/control/temperature path regardless of the flag; legacy climate-start needs a dedicated control/temperature branch with the reference's hvac payload.

Refs #8

🤖 Generated with Claude Code

[Copilot]

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

This PR updates the Hyundai Europe command flow to properly distinguish CCS2 (PIN/control-token) vehicles from legacy vehicles, and improves diagnostics by routing PIN verification through the shared request pipeline.

Changes:

• Route the PIN/control-token request through performJSONRequest for consistent logging/status validation.
• Only fetch a PIN-derived control token for CCS2 vehicles; use normal auth headers for legacy vehicles.
• Fix legacy command paths to avoid double slashes in constructed URLs.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File	Description
Sources/BetterBlueKit/API/HyundaiEurope/HyundaiEuropeAPIClient.swift	Reworks PIN/control-token fetching and command header selection based on CCS2 support; improves error messaging and logging consistency.
Sources/BetterBlueKit/API/HyundaiEurope/HyundaiEuropeAPIClient+Commands.swift	Normalizes legacy command paths (removes leading /) to build correct request URLs.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[schmidtwmark]

This looks okay to me -- the AI comments are pretty sensible and should be addressed.

Have you confirmed this using bbcli on your own vehicle?