# **Spotify Web API Task 2: Obtaining an Spotify OAuth Refresh Token**
### **Background** ###
This notebook will guide you through obtaining a new OAuth token from the Spotify Web API using a Refresh token, as OAuth Tokens expire after an hour.

This program will use the first refresh token we first retrieved when making our first request in Task 1. We will then use it to obtain a new access token, which will overwrite the OAuth token in the .env file. 

For future refresh token requests we still use the initial refresh token which will then produce a new access token. 
<br>

### **Prerequisites**
Before proceeding, this will require you to have previously obtained the following : 

- **OAuth Token**: Grants access to the Spotify Web API, expires after an hour.

- **Refresh Token**: Used to obtain a new OAuth Token when the current one has expired. 

you can repeatedly use refresh tokens to obtain new OAuth Tokens. 
You will also need to set up a Spotify Developer App and obtain the following details:

- **Client ID**: Your application's unique identifier.

- **Client Secret** : A secret key for your application, used to authenticate your requests.
<br>

 Make sure to never hardcode these details directly in your scripts due to security risks. Instead, store them securely, such as in an environment file (.env), and load them into your program as needed. 


 ### **Step by Step Guide** ###

 1) **Import Libraries :** Import the relevant libraries.
 2) **Import Secrets :** Access the Client ID, Client Secret, OAuth Token, and Refresh Token from within the .env file 
 3) **Make HTTPP Request :** Exchange these details with the Spotify Web API and obtain a new Refresh Token 
 4) **Export New Tokens :** Save this new information inside your .env file 

In [16]:
# Imports 
from dotenv import load_dotenv
import os
import requests
import base64

In [17]:
# Initialise the secrets within .env file 
load_dotenv()
client_id = os.getenv('CLIENT_ID')
access_token = os.getenv('OAUTH_TOKEN')
client_secret = os.getenv('CLIENT_SECRET')
refresh_token = os.getenv('REFRESH_TOKEN')
spotify_id = os.getenv('USER_ID')
youtube_api = os.getenv('YOUTUBE_API_KEY')

In [21]:
# Exchange details for new OAuth Token 

# URL of the Spotify API endpoint which issues OAuth tokens
token_url = 'https://accounts.spotify.com/api/token'

# Encode client credentials (Base64 encoding), Spotify's token endpoint expects this in the 'Authorization' header
client_credentials = f"{client_id}:{client_secret}"
encoded_credentials = base64.b64encode(client_credentials.encode()).decode()

# HTTP Headers are neccessary to authenicate and specify the request 
# Content type specifies the format of the data being sent to the API
headers = {
    'Authorization': f'Basic {encoded_credentials}',
    'Content-Type': 'application/x-www-form-urlencoded'
}
# Specifies the method we are using to obtain the OAuth token  
data = {
    'grant_type': 'refresh_token',
    'refresh_token': refresh_token
}

# Make the POST request to get the new access token
response = requests.post(token_url, headers=headers, data=data)

# Checking if the request was successful and obtain the access and refresh tokens
if response.status_code == 200:
    token_info = response.json()
    new_access_token = token_info['access_token']
    print("New Access Token:", new_access_token)
    
    # Optionally, update the refresh token if it was returned
    if 'refresh_token' in token_info:
        new_refresh_token = token_info['refresh_token']

else:
    print("Failed to refresh access token:", response.status_code, response.text)

New Access Token: BQDhyavJZAVKO8OFJYuKOldkYphLDFsYaYLjBeVZ5hnYk0u-lD6I3PBoEdPS5caDyO8edMyddbBjyyuZcCf4f7M3mXfIizPaHq8tIXYCZcJrMM_5PAk5kKZNv1rrxf_SbYznNoBrzemdJdQxnikEGjyKIGKjTLDlFOjjwkpq42meSqGdsdGiSqmLfgXdxF9rqRctGj8Mlz_EpIkT2LXyZ0CgM0eOHCshd9oYDLkBUHzYsKKKn5jsJeX70BmMCg_2wR_L


In [13]:
new_access_token

'BQDH-2FOijitgwXYqiPZw61gDnGaQTQpf_BNXgGAg9WsfZUXqhQNFjy1ZzXUti48hQgQfT9QN_PArhv6o8M1APdGIkToSkCwxfIGNiwpqxcqj2S_HXQc0kwmnxhH9ez3U1fLqfnndkWFkDPT0bZnyF46B1jd_gCaOxrL9ka8rXvmJfnLsaTpSlaiAONepGDdKAwc42kQrGvelZur7YyD-zIFrLUJlVFLMG3cbJoJ3qT7Heu-WrfdZ5H_n8u7HSw_ZGrz'

In [6]:
token_info

{'access_token': 'BQAbFdiuaaIls9t9oqKlivWe91v4JB3R19DMFR6jD2ySF3nXT2blb3KGr8pkXVAJ0a6O30ZjXo9LajldRCi84tueupo3LIzxpB-S4Zaq0kReEHcXJqM2tpV_awS84UiIev7Gwpbgcv9aWQL_9NVSG75hh9WfQXFcBocx0YGEoB3wuuZBvA8W69MLq1KTxWyOi9H-ufIwPoiph_wi2bMNMpu4vdo5j8buyWtJ7pGW-ZWccO1h7Og505xBgdHSX54Xrl_k',
 'token_type': 'Bearer',
 'expires_in': 3600,
 'scope': 'playlist-modify-private playlist-modify-public user-read-email user-read-private'}

In [14]:
# Path to your .env file
env_file_path = ".env"

In [15]:
# Write the token to the .env file
with open(env_file_path, "w") as env_file:
    env_file.write(f"OAUTH_TOKEN='{new_access_token}'\nREFRESH_TOKEN='{refresh_token}'\nCLIENT_ID='{client_id}'\nCLIENT_SECRET='{client_secret}'\nUSER_ID ='{spotify_id}'\nYOUTUBE_API_KEY='{youtube_api}'")
    