Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication page pops up every time spotipy.oauth2.SpotifyPKCE() is called #864

Open
TheMayhem6328 opened this issue Oct 5, 2022 · 4 comments
Open

Authentication page pops up every time spotipy.oauth2.SpotifyPKCE() is called #864

TheMayhem6328 opened this issue Oct 5, 2022 · 4 comments
Labels
question

Comments

@TheMayhem6328
Copy link

Hello! I can't seem to figure out why oauth page pops up every time I call spotify - trying to use PKCE method to prevent client_secret leak. Here's an example code that I'm running

import spotipy
secret = spotipy.oauth2.SpotifyPKCE("<clientid>", "http://127.0.0.1:8000/spotify/callback/", cache_handler= spotipy.CacheFileHandler(".cache_sp"))
spotify   = spotipy.Spotify(auth_manager=secret)


# Build result
query             = "This is a test"
result            = spotify.search(q=query,type="track")
resultTrack       = spotify.track(track_id=result["tracks"]["items"][0]["id"])
resultAlbum       = spotify.album(album_id=resultTrack["album"]["id"])
resultFeatures    = spotify.audio_features(resultTrack["id"])[0]


# Printout - not actually there in my implementation
print(str(result))
print(str(resultTrack))
print(str(resultAlbum))
print(str(resultFeatures))

This code asks for authentication 4 times - I can see that the token is being cached, but why is the script not using cache and re-authenticating every time? I'm new to Spotipy, Spotify API and anything API really, by the way.
@Peter-Schorn
Copy link
Contributor

Peter-Schorn commented Oct 6, 2022
edited
Loading

It looks like there is a bug in which the token info is rejected as invalid if it is not authorized for any scopes. As a workaround, for these endpoints, you can use the SpotifyClientCredentials authorization manager, or authorize for at least one scope.

@TheMayhem6328
Copy link
Author

Kinda relieved to know that I haven't been doing anything wrong. This is the workaround I found for now:

secret = spotipy.oauth2.SpotifyPKCE("<clientID>", "http://127.0.0.1:8000/spotify/callback/", cache_handler= spotipy.CacheFileHandler(".cache_sp"))
spotify   = spotipy.Spotify(auth=auth_mgr.get_access_token())

restOfMyCode()

Still asks for authorization, but now it at least asks for authentication only once per code run instead of every time spotipy.Spotify() is called

@TheMayhem6328
Copy link
Author

authorize for at least one scope

I overlooked that initially - that works just fine. Thanks for suggesting that!

@TheCheddarCheese
Copy link

It looks like there is a bug in which the token info is rejected as invalid if it is not authorized for any scopes. As a workaround, for these endpoints, you can use the SpotifyClientCredentials authorization manager, or authorize for at least one scope.

Are there plans for this to be fixed? Is it an issue on Spotify's end?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@TheMayhem6328 @Peter-Schorn @TheCheddarCheese