2

So I'm trying to build an authorization flow with with the Spotify Web API. So the first call is just a GET against a URL and I'm passing the credentials and other stuff necessary to authorize my app as parameters. After that the user is prompted to authorize my app then is redirected to a callback URL.

The url I'm redirected to contains some response data as parameters and I need that data to then POST against the API and retrieve the token.

How do I retrieve the response URL and access those parameters? Sorry for the naive question. Thanks in advance.

Improve this question
6
  • Do you have a webserver listening at the callback URL? Commented Nov 4, 2014 at 1:15
  • Hmmm. Well I'm not sure what do you mean with "webserver listening". The callback url is my personal website domain linked to my own server. Is there a way to setup my server to capture that data so I can retrieve it? Commented Nov 4, 2014 at 1:20
  • Yes so what's probably happening is that the API service is POST-ing the information back to your callback URL. What service are you trying to authenticate with? Commented Nov 4, 2014 at 1:22
  • 1
    Spotify. I'm trying to build the authorization flow as described here: developer.spotify.com/web-api/authorization-guide Do you see another way to make this easier? I'm just avoiding the available API wrappers because the documentation is horrible. Commented Nov 4, 2014 at 1:24
  • 1
    Right so step 3 will require you to have a server listening to get the "code" portion in able to make requests on behalf of a user. This is the standard OAuth workflow outlined here: requests-oauthlib.readthedocs.org/en/latest/… I'll update my answer to work for spotify Commented Nov 4, 2014 at 1:29

2 Answers 2

Reset to default
5

I don't believe you can do this with just requests.

I would check out a package like: https://flask-oauthlib.readthedocs.org/en/latest/

from flask import Flask, redirect, url_for, session, request
from flask_oauthlib.client import OAuth, OAuthException


SPOTIFY_APP_ID = 'REGULAR_CODE'
SPOTIFY_APP_SECRET = 'SECRET_CODE'


app = Flask(__name__)
app.debug = True
app.secret_key = 'development'
oauth = OAuth(app)

spotify = oauth.remote_app(
    'spotify',
    consumer_key=SPOTIFY_APP_ID,
    consumer_secret=SPOTIFY_APP_SECRET,
    # Change the scope to match whatever it us you need
    # list of scopes can be found in the url below
    # https://developer.spotify.com/web-api/using-scopes/
    request_token_params={'scope': 'user-read-email'},
    base_url='https://accounts.spotify.com',
    request_token_url=None,
    access_token_url='/api/token',
    authorize_url='https://accounts.spotify.com/authorize'
)


@app.route('/')
def index():
    return redirect(url_for('login'))


@app.route('/login')
def login():
    callback = url_for(
        'spotify_authorized',
        next=request.args.get('next') or request.referrer or None,
        _external=True
    )
    return spotify.authorize(callback=callback)


@app.route('/login/authorized')
def spotify_authorized():
    resp = spotify.authorized_response()
    if resp is None:
        return 'Access denied: reason={0} error={1}'.format(
            request.args['error_reason'],
            request.args['error_description']
        )
    if isinstance(resp, OAuthException):
        return 'Access denied: {0}'.format(resp.message)

    session['oauth_token'] = (resp['access_token'], '')
    me = spotify.get('/me')
    return 'Logged in as id={0} name={1} redirect={2}'.format(
        me.data['id'],
        me.data['name'],
        request.args.get('next')
    )


@spotify.tokengetter
def get_spotify_oauth_token():
    return session.get('oauth_token')


if __name__ == '__main__':
    app.run()
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Hey @ranman thanks for the solution. I was implementing it but I got this error in flask: "ValueError: No JSON object could be decoded". So I'm kind of stucked with that exception. I was expecting to see a rendered page telling me "Logged in as id**** name***** etc..." so I don't know if I'm effectively getting the token. I'm also not so sure how I can pass that token to my other script. Any help would be treasured. Greetings.
I know it's been a few years, but maybe it will be helpful for someone else. Instead of me = spotify.get('/me') should be me = spotify.get('https://api.spotify.com/v1/me'). And instead of me.data['name'] should be me.data['display_name']
0

You can GET a JSON response with all parameters that you need, example.

You login to a www.example.com/login/

GET http://www.example.com/login/ (With header and Basic access authentication or the auth process that you use) and this URL return a JSON Response with the data:

{
  'status': 'OK',
  'token': {
    'public_token': 'blabla',
    'private_token': 'blabla'},
  'created_at': '2014-11-03'
}

That data you can save in database for future use.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.