# Notes
## Authorization
* Need to use `client_id` and `client_secret` to retrieve a auth token that will allow us to interact with the Spotify API service.
* Typically authenticate once, retrieve a token which is then attached to your session. During your current session you'll be able to interact/make multiple requests with the service. This allows you to not have to login every time to access your session.
* Handy [Authorization Flow Guide](https://developer.spotify.com/documentation/general/guides/authorization-guide/) from Spotify. We are buidling a **client** to interact with Spotify's API. You have to authenticate how a *user* authenticates with your *client* **and** Spotify at the same time (advanced - not covered fully in this tutorial). We're only using the **Client Credentials** flow, which requires a `Client ID` and `Secret Key` and we'll get in return an `Access Token`. This approach won't give give access to manage private user data, just general data only.
* Our **client** is the application we're building and it (the app) needs to request authorization by sending a `POST` request.
* `base64` is a more secure string format. For non-Base 64 encoded strings, you generally can build something like `client_creds = f"{client_id}:{client_secret}"`. You can encode/decode `str` to bytes using `str.encode()` and `str.encode().decode()`. The Spotify backend API is going to take our base64 encoded `str` (not `bytes`) we pass and then `base64.base64decode()` to verify credentials. Steps to do this:
    1. First take `str` and encode to `bytes` using `str.encode()`
    2. Then encode this bytestring to base64 using `base64.b64encode(bytestring)`
    3. Next, decode this base64 `bytes` so it's back to `str` using `client_creds_b64.decode()` (**not** `b64decode()`).
* The token response data we get after making the `POST` request to authorize our client has the `access_token` and the `expires_in` (seconds) details. We can use `datetime` and the `timedelta(seconds=expires_in)` to create an easy `expires` `datetime.datetime` object for tracking. We can check whether our token expired and to fetch a new one: `did_expire: bool = expires < now`.
* Once we have our `access_token` then we can use it. However, the `expires` and `access_tokens` are **state-like** items, so they will change over time. So, better would be to create a `BaseClient` **class** that can adjust/respond to these state changes in order to make our API calls through the class (and its methods) rather than just through simple functions like we did in `Auth.ipynb`.

In [4]:
import typing as t
import requests
import base64
import datetime

# from 19-spotify-api import settings

SyntaxError: invalid syntax (<ipython-input-4-27688cd0ead7>, line 6)

In [1]:
# Snag creds from developer.spotify.com dashboard
client_id: str = settings.CLIENT_ID
client_secret: str = settings.CLIENT_SECRET
print(client_id)

NameError: name 'settings' is not defined

In [27]:
# Let's convert out client credentials into base64 encoded string since
# it's required by Spotify
client_creds: str = f"{client_id}:{client_secret}"
client_creds_bytestr: bytes = client_creds.encode()
client_creds_b64: bytes = base64.b64encode(client_creds_bytestr)
print(client_creds_b64, type(client_creds_b64))  # <class 'bytes'>

b'ZTk5YWMwYWQyYjVjNGUzMjk1NDJjMjM2MWUyOGFlNDA6Y2U3Y2NhNjlhYzkzNGE4NjhjZGNkZWRmNzMxMDdjYjY=' <class 'bytes'>


In [28]:
# If we wanted to decode a b64 it's easy and this is what happens with the API
base64.b64decode(client_creds_b64)

b'e99ac0ad2b5c4e329542c2361e28ae40:ce7cca69ac934a868cdcdedf73107cb6'

In [29]:
# Decoding a b64 bytes with 'regular' decode() to get back to a string
client_creds_b64.decode()
print(type(client_creds_b64.decode()))  # str

<class 'str'>


In [30]:
# Let's authenticate with the API
# Do a lookup for a token so we can use for future requests
# Request auth for our client app using POST request
token_url: str = "https://accounts.spotify.com/api/token"
method: str = "POST"
token_data: t.Dict = {
    "grant_type": "client_credentials",
}
# Pass 'Authorization' header with b64 encoded creds
# Authorization": "Basic <base64 encoded client_id:client_secret>"
# NOTE We must .decode() back to 'str' type instead of 'bytes'
token_headers: t.Dict = {
    "Content-Type": "application/x-www-form-urlencoded",
    "Authorization": f"Basic {client_creds_b64.decode()}"
}
# print(token_headers)
# {'Authorization': 'Basic ZTk5YWMwYWQyYjVjNGUzMjk1NDJjMjM2MWUyOGFlNDA6Y2U3Y2NhNjlhYzkzNGE4NjhjZGNkZWRmNzMxMDdjYjY='}


In [31]:
# Now we have everything for authentication so it's time to make the POST request
# Can use CURL or requests library
r = requests.post(token_url, data=token_data, headers=token_headers)
# print(r.json())  # Dict
# Confirm that our request was successful
valid_request: bool = r.status_code in range(200, 299)



In [33]:
# Let's store the access token, expires in (seconds), etc.
# Now we can store this response data (ie. the 'access_token' etc.)
if valid_request:
    token_response_data: t.Dict = r.json()
    print(token_response_data)
    now = datetime.datetime.now()
    access_token: str = token_response_data['access_token']
    expires_in: float = token_response_data['expires_in']
    expires = now + datetime.timedelta(seconds=expires_in)
    # print(type(expires))  # datetime.datetime
    did_expire: bool = expires < now  # refetch the token if True

{'access_token': 'BQC4N02oLs2hWCFrtfmgQu5n4TGbTUBn8RgCQK9Y_ZLavaQHO4c8S2nnxLcmYdz72gLQNrMeoPXwX4U9RzU', 'token_type': 'Bearer', 'expires_in': 3600, 'scope': ''}
