# __Spotify API__ - Variables

In [28]:
# Importa librerie necessarie per parsing di vari formati (HTML, XML, JSON), gestione richieste HTTP e manipolazione di dataframes
import requests
from bs4 import BeautifulSoup

import pandas as pd
import base64
import json
from tabulate import tabulate

import secrets
import urllib.parse

import os
from dotenv import load_dotenv

load_dotenv()

client_id = os.getenv('SPOTIFY_CLIENT_ID')
client_secret = os.getenv('SPOTIFY_CLIENT_SECRET')
username = os.getenv('USERNAME')
password = os.getenv('PASSWORD')
redirect_uri = os.getenv('REDIRECT_URI')
scope = os.getenv('SCOPE')

auth_endpoint = os.getenv('AUTH_ENDPOINT')
token_endpoint = os.getenv('TOKEN_ENDPOINT')
login_endpoint = os.getenv('LOGIN_ENDPOINT')
artist_endpoint = os.getenv('ARTIST_ENDPOINT')

state = secrets.token_hex(8)

master_vars_table = {
    'client_id': client_id[0:3] + '*' * (len(client_id) - 3),
    'client_secret': client_secret[0:3] + '*' * (len(client_secret) - 3),
    'username': username.split('@')[0],
    'password': password[0:3] + '*' * (len(password) - 3),
    'redirect_uri': redirect_uri,
    'scope': scope,
    'state': state
    }

master_vars_table = tabulate(master_vars_table.items(), tablefmt='grid')
print('Master variables', master_vars_table, sep='\n')


endpoint_table = {
    'auth_endpoint': auth_endpoint,
    'token_endpoint': token_endpoint,
    'login_endpoint': login_endpoint,
    'artist_endpoint': artist_endpoint
    }

endpoint_table = tabulate(endpoint_table.items(), tablefmt='grid')
print('\nEndpoints', endpoint_table, sep='\n')

assert all([client_id, client_secret, username, password, redirect_uri, scope]), 'Errore: variabili d\'ambiente non impostate'

Master variables
+---------------+----------------------------------+
| client_id     | 63f***************************** |
+---------------+----------------------------------+
| client_secret | e58***************************** |
+---------------+----------------------------------+
| username      | mar_contini                      |
+---------------+----------------------------------+
| password      | Ken********                      |
+---------------+----------------------------------+
| redirect_uri  | http://localhost:8888/callback   |
+---------------+----------------------------------+
| scope         | user-follow-read                 |
+---------------+----------------------------------+
| state         | 76f73f6ec63e6620                 |
+---------------+----------------------------------+

Endpoints
+-----------------+-----------------------------------------------------+
| auth_endpoint   | https://accounts.spotify.com/authorize              |
+-----------------+----------

In [3]:
flag_get_code = 0
query_params = {
    'response_type': 'code',
    'client_id': client_id,
    'scope': scope,
    'redirect_uri': redirect_uri,
    'state': state,
    }

auth_url = auth_endpoint + '?' + urllib.parse.urlencode(query_params)

In [4]:
flag_get_access_token = 0
access_token_headers = {
    'Authorization': 'Basic ' + base64.b64encode((client_id + ':' + client_secret).encode()).decode(),
    'Content-Type': 'application/x-www-form-urlencoded'
    }

code = ''
access_token_payload = {
    'grant_type': 'authorization_code',
    'code': code,
    'redirect_uri': redirect_uri
    }

get_access_token_response = {}

In [5]:
flag_refresh_token = 0
refresh_token_headers = {
    'Content-Type': 'application/x-www-form-urlencoded',
    'Authorization': 'Basic ' + base64.b64encode((client_id + ':' + client_secret).encode()).decode()
    }

refresh_token = ''
refresh_token_payload = {
    'grant_type': 'refresh_token',
    'refresh_token': refresh_token,
}

get_refresh_token_response = {}

# Authorization

The first step is to request authorization from the user so that our app can access to the Spotify resources on the user's behalf.  
To do this, our application must build and __send a GET request__ to the `/authorize` endpoint with the following parameters:

<table data-encore-id="table" class="Table__TableElement-sc-evwssh-0 fPsMQq"><thead><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><th scope="col" class="TableHeaderCell__TableHeaderCellElement-sc-16kf5kl-0 gfUuhl encore-text-body-small-bold" data-encore-id="tableHeaderCell">Query Parameter</th><th scope="col" class="TableHeaderCell__TableHeaderCellElement-sc-16kf5kl-0 gfUuhl encore-text-body-small-bold" data-encore-id="tableHeaderCell">Relevance</th><th scope="col" class="TableHeaderCell__TableHeaderCellElement-sc-16kf5kl-0 gfUuhl encore-text-body-small-bold" data-encore-id="tableHeaderCell">Value</th></tr></thead><tbody><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">client_id</span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM"><em>Required</em></span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">The Client ID generated after registering your application.</span></td></tr><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">response_type</span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM"><em>Required</em></span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">Set to <code>code</code>.</span></td></tr><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">redirect_uri</span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM"><em>Required</em></span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">The URI to redirect to after the user grants or denies permission. This URI needs to have been entered in the Redirect URI allowlist that you specified when you registered your application (See the <a data-encore-id="textLink" class="Link-sc-k8gsk-0 hkKYOq" href="https://developer.spotify.com/documentation/web-api/concepts/apps">app guide</a>). The value of <code>redirect_uri</code> here must exactly match one of the values you entered when you registered your application, including upper or lowercase, terminating slashes, and such.</span></td></tr><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">state</span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM"><em>Optional, but strongly recommended</em></span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">This provides protection against attacks such as cross-site request forgery. See <a data-encore-id="textLink" class="Link-sc-k8gsk-0 hkKYOq" href="https://datatracker.ietf.org/doc/html/rfc6749#section-4.1">RFC-6749</a>.</span></td></tr><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">scope</span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM"><em>Optional</em></span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">A space-separated list of <a data-encore-id="textLink" class="Link-sc-k8gsk-0 hkKYOq" href="https://developer.spotify.com/documentation/web-api/concepts/scopes">scopes</a>.If no scopes are specified, authorization will be granted only to access publicly available information: that is, only information normally visible in the Spotify desktop, web, and mobile players.</span></td></tr><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">show_dialog</span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM"><em>Optional</em></span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">Whether or not to force the user to approve the app again if they’ve already done so. If <code>false</code> (default), a user who has already approved the application may be automatically redirected to the URI specified by <code>redirect_uri</code>. If <code>true</code>, the user will not be automatically redirected and will have to approve the app again.</span></td></tr></tbody></table>

# Tokens

## Access

If the user accepted your request, then your app is ready to exchange the authorization code for an access token.  
It can do this by __sending a POST request__ to the `/api/token` endpoint.  

The following headers must be included in the request:

<table data-encore-id="table" class="Table__TableElement-sc-evwssh-0 fPsMQq"><thead><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><th scope="col" class="TableHeaderCell__TableHeaderCellElement-sc-16kf5kl-0 gfUuhl encore-text-body-small-bold" data-encore-id="tableHeaderCell">Header Parameter</th><th scope="col" class="TableHeaderCell__TableHeaderCellElement-sc-16kf5kl-0 gfUuhl encore-text-body-small-bold" data-encore-id="tableHeaderCell">Relevance</th><th scope="col" class="TableHeaderCell__TableHeaderCellElement-sc-16kf5kl-0 gfUuhl encore-text-body-small-bold" data-encore-id="tableHeaderCell">Value</th></tr></thead><tbody><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">Authorization</span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM"><em>Required</em></span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">Base 64 encoded string that contains the client ID and client secret key. The field must have the format: <code>Authorization: Basic &lt;base64 encoded client_id:client_secret&gt;</code></span></td></tr><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">Content-Type</span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM"><em>Required</em></span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">Set to <code>application/x-www-form-urlencoded</code>.</span></td></tr></tbody></table>

The body of this POST request must contain these parameters encoded in `application/x-www-form-urlencoded`:

<table data-encore-id="table" class="Table__TableElement-sc-evwssh-0 fPsMQq"><thead><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><th scope="col" class="TableHeaderCell__TableHeaderCellElement-sc-16kf5kl-0 gfUuhl encore-text-body-small-bold" data-encore-id="tableHeaderCell">Body Parameters</th><th scope="col" class="TableHeaderCell__TableHeaderCellElement-sc-16kf5kl-0 gfUuhl encore-text-body-small-bold" data-encore-id="tableHeaderCell">Relevance</th><th scope="col" class="TableHeaderCell__TableHeaderCellElement-sc-16kf5kl-0 gfUuhl encore-text-body-small-bold" data-encore-id="tableHeaderCell">Value</th></tr></thead><tbody><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">grant_type</span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM"><em>Required</em></span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">This field must contain the value <code>"authorization_code"</code>.</span></td></tr><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">code</span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM"><em>Required</em></span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">The authorization code returned from the previous request.</span></td></tr><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">redirect_uri</span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM"><em>Required</em></span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">This parameter is used for validation only (there is no actual redirection). The value of this parameter must exactly match the value of <code>redirect_uri</code> supplied when requesting the authorization code.</span></td></tr></tbody></table>

## Refresh

To refresh an access token, we must __send a POST request__ to the `/api/token` endpoint with the following headers:

<table data-encore-id="table" class="Table__TableElement-sc-evwssh-0 fPsMQq"><thead><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><th scope="col" class="TableHeaderCell__TableHeaderCellElement-sc-16kf5kl-0 gfUuhl encore-text-body-small-bold" data-encore-id="tableHeaderCell">Header Parameter</th><th scope="col" class="TableHeaderCell__TableHeaderCellElement-sc-16kf5kl-0 gfUuhl encore-text-body-small-bold" data-encore-id="tableHeaderCell">Relevance</th><th scope="col" class="TableHeaderCell__TableHeaderCellElement-sc-16kf5kl-0 gfUuhl encore-text-body-small-bold" data-encore-id="tableHeaderCell">Value</th></tr></thead><tbody><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">Content-Type</span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM"><em>Required</em></span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">Always set to <code>application/x-www-form-urlencoded</code>.</span></td></tr><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">Authorization</span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM"><strong>Only required for the</strong> <a data-encore-id="textLink" class="Link-sc-k8gsk-0 hkKYOq" href="https://developer.spotify.com/documentation/web-api/tutorials/code-flow">Authorization Code</a></span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">Base 64 encoded string that contains the client ID and client secret key. The field must have the format: <code>Authorization: Basic &lt;base64 encoded client_id:client_secret&gt;</code></span></td></tr></tbody></table>

and the following body:

<table data-encore-id="table" class="Table__TableElement-sc-evwssh-0 fPsMQq"><thead><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><th scope="col" class="TableHeaderCell__TableHeaderCellElement-sc-16kf5kl-0 gfUuhl encore-text-body-small-bold" data-encore-id="tableHeaderCell">Body Parameter</th><th scope="col" class="TableHeaderCell__TableHeaderCellElement-sc-16kf5kl-0 gfUuhl encore-text-body-small-bold" data-encore-id="tableHeaderCell">Relevance</th><th scope="col" class="TableHeaderCell__TableHeaderCellElement-sc-16kf5kl-0 gfUuhl encore-text-body-small-bold" data-encore-id="tableHeaderCell">Value</th></tr></thead><tbody><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">grant_type</span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM"><em>Required</em></span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">Set it to <code>refresh_token</code>.</span></td></tr><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">refresh_token</span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM"><em>Required</em></span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">The refresh token returned from the authorization token request.</span></td></tr><tr data-encore-id="tableRow" class="TableRow__TableRowElement-sc-1kuhzdh-0 hoXXxN"><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">client_id</span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM"><strong>Only required for the</strong> <a data-encore-id="textLink" class="Link-sc-k8gsk-0 hkKYOq" href="https://developer.spotify.com/documentation/web-api/tutorials/code-flow">PKCE extension</a></span></td><td class="TableCell__TableCellElement-sc-1nn7cfv-0 gOsDpy encore-text-body-small" data-encore-id="tableCell"><span data-encore-id="type" class="Type__TypeElement-sc-goli3j-0 kqItdM">The client ID for your app, available from the developer dashboard.</span></td></tr></tbody></table>

In [6]:
def get_code_url():

    global flag_get_code, auth_url, continue_login
    print('Flag =', flag_get_code)
    
    if flag_get_code == 0 or not continue_login:
        flag_get_code = 1

        global auth_endpoint, query_params
        params = urllib.parse.urlencode(query_params)
        auth_url = auth_endpoint + '?' + params

        response = requests.get(auth_url)
        status = response.status_code

        if status == 200:
            print('\tCode obtained successfully!')
            continue_login = response.url
            print('\tGet the whole URL in the browser and past it \'code_url below\':', f'\t{continue_login}', sep='\n')
            print(f'\tNote: substring \'code=\' will be between \'{redirect_uri}?code=\' and \'&state=\'')

    else:
        print('Code already obtained?', continue_login, sep='\n')
    
    return continue_login 


def get_access_token():
    
    global flag_get_access_token, get_access_token_response
    print('Flag =', flag_get_access_token)

    if flag_get_access_token == 0 or not get_access_token_response:
        flag_get_access_token = 1

        global access_token_headers, access_token_payload
        
        response = requests.post(token_endpoint, headers=access_token_headers, data=access_token_payload)
        status = response.status_code

        if status == 200:
            print('\nAccess token obtained successfully!')
            access_token = response.json().get('access_token')
            token_type = response.json().get('token_type')
            expires_in = response.json().get('expires_in')
            refresh_token = response.json().get('refresh_token')
            
            response = {
                'access_token': access_token,
                'token_type': token_type,
                'expires_in': expires_in,
                'refresh_token': refresh_token,
                'status': status
            }
    
    else:
        response = get_access_token_response
        print('Access token request already sent? Status:', response['status'])
    
    return response


def get_refresh_token():

    global flag_refresh_token, get_access_token_response, get_refresh_token_response
    print('Flag =', flag_refresh_token)

    if flag_refresh_token == 0 or not get_access_token_response['refresh_token']:
        flag_refresh_token = 1

        global refresh_token_headers, refresh_token_payload

        response = requests.post(token_endpoint, headers=refresh_token_headers, data=refresh_token_payload)
        status = response.status_code
        
        if status == 200:
            print('\nRefresh token obtained successfully!')
            access_token = response.json().get('access_token')
            token_type = response.json().get('token_type')
            expires_in = response.json().get('expires_in')
            #refresh_token = response.json().get('refresh_token')
            
            response = {
                'access_token': access_token,
                'token_type': token_type,
                'expires_in': expires_in,
                #'refresh_token': refresh_token,
                'status': status
            }

    else:
        response = get_refresh_token_response
        print('Refresh token request already sent? Status:', response['status'])

    return response


def get_flowCtx():

    global continue_login
    url = continue_login

    response = requests.request("GET", url)

    if response.status_code == 200:
        soup = BeautifulSoup(response.text, 'html.parser')
        json_content = soup.find('meta', id='bootstrap-data').get('sp-bootstrap-data')
        flowCtx = json.loads(json_content)['flowCtx']
    else:
        flowCtx = None

    return flowCtx


#flowCtx = get_flowCtx()
#print('flowCtx =', flowCtx)

#assert get_flowCtx(), f'Errore durante la richiesta GET a login. flowCtx = {flowCtx}'

## Code URL

In [7]:
continue_login = get_code_url()
assert len(continue_login) > 1, 'Errore: codice di autorizzazione non impostato'

Flag = 0
	Code obtained successfully!
	Get the whole URL in the browser and past it 'code_url below':
	https://accounts.spotify.com/it/login?continue=https%3A%2F%2Faccounts.spotify.com%2Fauthorize%3Fscope%3Duser-follow-read%26response_type%3Dcode%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A8888%252Fcallback%26state%3D509191e3df4ba84f%26client_id%3D63ff05747c964b36b7464af88058c1e1
	Note: substring 'code=' will be between 'http://localhost:8888/callback?code=' and '&state='


In [8]:
code_url = 'http://localhost:8888/callback?code=AQBsyFTTwcrnj338_IdAp2AgR-T1i8ZD7MUnBv4eKguiejfj_2S6uQG0KowOuGTaivhoCcx5bMPdXsb744wQDyB6mgpHbZzH-Z5i1HYcqdTinvjDTtTH9JA0-4WRmJv3gZ6P9eSoSYxUFx1kkeGT9Cnh6BLYXqz7Kd2bzpdF7wdzOrKtat7UPQSR-oJzKfBxHkHTaw&state=509191e3df4ba84f'

code = code_url.split('code=')[1].split('&state=')[0]

access_token_payload['code'] = code

In [9]:
get_access_token_response = get_access_token()
if get_access_token_response and get_access_token_response['status'] == 200:
    print(tabulate(get_access_token_response.items(), tablefmt='grid'))
else:
    print('Errore durante la richiesta POST all\'endpoint /api/token')
    print('\nCodice:', get_access_token_response.status_code)
    print('\nTesto:\n', json.dumps(get_access_token_response.json(), indent=2), sep='')

Flag = 0

Access token obtained successfully!
+---------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| access_token  | BQBL-nDOhDsztDrptWH9CGCgNmznfprUleDo4i69e9S9C-G8hauiontYeon1zT3cnd9BpnhORcs-0pdoEku4SD0MF1D7QlmC-Yyjb8qtRaTTixr0IGgOjYDkn2WWVG5ezFbZ21H0gOCL56k3bLvyu0WkiZnsjLzJ3Fjk1GBYnrYKeeCOBXMJGtt_bR6riD4hJQU |
+---------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| token_type    | Bearer                                                                                                                                                                                              |
+---------------+-------------------------------------------------------------------------

In [10]:
refresh_token_payload['refresh_token'] = get_access_token_response['refresh_token']

get_refresh_token_response = get_refresh_token()
if get_refresh_token_response and get_refresh_token_response['status'] == 200:
    print(tabulate(get_refresh_token_response.items(), tablefmt='grid'))
else:
    print('Errore durante la richiesta POST all\'endpoint /api/token')
    print('\nCodice:', get_refresh_token_response.status_code)
    print('\nTesto:', get_refresh_token_response.text)
    print(tabulate(get_refresh_token_response.items(), tablefmt='grid'))

Flag = 0

Refresh token obtained successfully!
+--------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| access_token | BQBxDZw2MMv6FLJgDd8vAaif5yNXbLfEUNBV_5U5tdRJ3Xr2Xgqr0xZ5VpYqtJMXelBtEnP5zIaLrkjYgH9xshhy2LAHYxfBBt2-dgDxBPsXBBqqdw2ecLfFYo2Lis_rRXVyHByv_aN4U7U2e4jEqP15GLrdHrOHFQc-2aWjQdKhgwnbBnlKGO9Fk6epT7H2vAU |
+--------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| token_type   | Bearer                                                                                                                                                                                              |
+--------------+-----------------------------------------------------------------------------

# API Calls

## Variables

In [77]:
artists_follow_headers = {
    'Authorization': f'Bearer {get_refresh_token_response['access_token']}'
}

artists_followlist = {}
def get_artists(headers):

    global get_access_token_response, artists_followlist

    if artists_followlist:
        return artists_followlist['artists']
    
    if not get_access_token_response['access_token']:
        get_access_token_response = get_refresh_token()
        if not get_access_token_response['access_token']:
            print('Access token failed (get_artists function)')
            return

    url = artist_endpoint + '&limit=50'
    artists_endpoint = requests.get(url, headers=headers)

    if artists_endpoint.status_code == 200:
        artists_followlist = artists_endpoint.json()
        #print('Artists:', json.dumps(artists_followlist, indent=4))
    else:
        get_access_token_response = get_refresh_token()
        artists_endpoint = requests.get(url, headers=headers)
        if artists_endpoint.status_code == 200:
            artists_followlist = artists_endpoint.json()
            #print('Artists:', json.dumps(artists_followlist, indent=4))
        else:
            print('Errore durante la richiesta degli artisti seguiti:', json.dumps(artists_endpoint.json(), indent=4), sep='\n')

    return artists_followlist['artists']

---

## Followed Artists

In [59]:
def fast_dataframe(dict_X):

    if isinstance(dict_X, pd.DataFrame):
        print('Already a dataframe! -> ', type(dict_X))
        print(dict_X.head(), '...', dict_X.tail())
        return dict_X

    if not isinstance(dict_X, dict):
        print('Not a dictionary! -> ', type(dict_X))
        return None

    data_X = []
    for key in dict_X.keys():
        value = dict_X[key]
        value_type = type(value).__name__
        length = len(value) if isinstance(value, (dict, list)) else 0
        
        if isinstance(value, (dict, list)):
            first_element = next(iter(value))
        else:
            first_element = value
        
        data_X.append({
            'Key': key,
            'Val type': value_type,
            'Len': length,
            'First Val': first_element
        })

    return pd.DataFrame(data_X, index=list(range(1,len(data_X)+1)))


artists = get_artists(artists_follow_headers)

### __artists__ (dict)

`artists` has type `dict` and has `6` keys: __['items', 'next', 'total', 'cursors', 'limit', 'href']__

| i | Key     | Val type   |   Len | First Val
|---:|:--------|:-----------|:------|:----------
|  1 | __items__   | list       |    50 | Array of artist objects. (see below)|
|  2 | __next__    | str        |   | URL to the next page of items. ( null if none) |
|  3 | __total__   | int        |   | The total number of items available to return. |                                                                                                                                                                                                                    
|  4 | __cursors__ | dict       |     1 | 'after': the cursor to use as key to find the next page of items; 'before': the cursor to use as key to find the previous page of items.  |
|  5 | __limit__   | int        |   | The maximum number of items in the response (as set in the query or by default: 20). |
|  6 | __href__    | str        |   | A link to the Web API endpoint returning the full result of the request. |     

In [60]:
total = artists['total']
artists_items = artists['items']

print('Total artists in followlist:', total)
for k, v in artists.items():
    print(f'\'{k}\' is ', type(v).__name__, f': \'{v}\'' if type(v).__name__ not in ['dict', 'list'] else '...', sep='')

Total artists in followlist: 250
'items' is list...
'next' is str: 'https://api.spotify.com/v1/me/following?type=artist&limit=50&after=1JSPpoXFLcEG2WhYlvmHPJ'
'total' is int: '250'
'cursors' is dict...
'limit' is int: '50'
'href' is str: 'https://api.spotify.com/v1/me/following?type=artist&limit=50'


In [61]:
assert artists['next'].split('after=')[1] == artists_items[-1]['id']

# 'next' è l'id dell'ultimo artista raccolto

### __items__ (dict)

`items` values have type  `dict` and have `10` keys: __['__external_urls__', '__followers__', '__genres__', 'href', '__id__', 'images', '__name__', 'popularity', '__type__', 'uri']__

| i | Key           | Val type   |   Len | First Val    |  What is? |
|----|---------------|------------|-------|------------------| ----------------- | 
|  1 | external_urls    |   dict    |    1  |   spotify |   key: 'spotify', value: 'the Spotify URL for the object'|
|  2 | followers    | dict       |  2    |  href | key: 'total', value: 'the total integer of followers' |
|  3 | __genres__   | list       |  6    |  c64 | list of genres the artist is associated with: ["Prog rock","Grunge"] |
|  4 | href | str   |   | /v1/artists/{artist_id} |     |
|  5 | __id__   | str   |   |   00Uv0804nrBM2RxUBTkyHj  |   Spotify ID for the artist   |
|  6 | images   |   list    |   3   |   {'height': '', 'url': '', 'width': ''}   |      |
|  7 | __name__ |   str |   |   Wobbler |   Name of the artist |
|  8 | popularity    | int        | | 17  |  |
|  9 | __type__          | str        | | artist  | "artist" |
| 10 | uri           | str        | | spotify:artist:00Uv0804nrBM2RxUBTkyHj   |  |

In [62]:
list(artists_items[0].keys())

for i, item in enumerate(artists_items[0]):
    item_key = item
    item = artists_items[0][item]
    print(f'\'{item_key}\' is {type(item).__name__}', f': \'{item}\'' if type(item).__name__ not in ['dict', 'list'] else '...', sep='')


'external_urls' is dict...
'followers' is dict...
'genres' is list...
'href' is str: 'https://api.spotify.com/v1/artists/00Uv0804nrBM2RxUBTkyHj'
'id' is str: '00Uv0804nrBM2RxUBTkyHj'
'images' is list...
'name' is str: 'Wobbler'
'popularity' is int: '17'
'type' is str: 'artist'
'uri' is str: 'spotify:artist:00Uv0804nrBM2RxUBTkyHj'


In [63]:
print('Corpo della risposta all\'endpoint /me/following?type=artist&limit=50:\n(solo i primi 5 artisti)')
print(tabulate(artists_items[:5], headers='keys', tablefmt='grid'))

Corpo della risposta all'endpoint /me/following?type=artist&limit=50:
(solo i primi 5 artisti)
+-----------------------------------------------------------------------+---------------------------------+--------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------+------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------+--------------+--------+---------------------------------------+
| external_urls                                                         | followers                       | genres                                                                                     

In [81]:
# New add_artists() is appended to a new api call of get_artists()
def add_artists(artists_items):

    global artists_follow_headers

    if not artists_items:
        print('No artists... calling once get_artists()...')
        return  
    
    next_id = artists_items[-1]['id']

    add_artists_headers = artists_follow_headers.copy()
    add_artists_headers['after'] = next_id
    assert len(add_artists_headers) == len(artists_follow_headers) + 1
    
    data_append = get_artists(add_artists_headers)

    if not data_append:
        print('Call not successful... Check tokens (expired?)')

    else:
        df_append = fast_dataframe(data_append)

        if not df_append.empty:
            df = pd.concat([df, df_append], ignore_index=True)
            return df

print('Total:', total)
L = len(artists_items)
print('Artists:', L)

Total: 250
Artists: 50


### artist_data (dataframe)

In [57]:
# Inizializza df artist_data con i primi 50 trovati dalla chiamata get_artists()
artist_df = pd.DataFrame(artists_items)

# Colonna 'follower' (dict) è un dizionario con chiave 'total' che è il numero di followers
artist_df['followers'] = artist_df['followers'].apply(lambda x: x['total'])

# Colonna 'count of genres' è il numero di 'genres' di quell'artista
artist_df['count of genres'] = artist_df['genres'].apply(lambda x: len(x))

# Colonne rilevanti
relevant_columns = ['id', 'name', 'genres', 'count of genres', 'followers', 'popularity']
artist_data = artist_df[relevant_columns]


artist_data.head()

Unnamed: 0,id,name,genres,count of genres,followers,popularity
0,00Uv0804nrBM2RxUBTkyHj,Wobbler,"[c64, italian progressive rock, neo-progressiv...",6,18473,17
1,02fDf7HEPtBZLtPzCyxSR2,Lanark Artefax,"[deconstructed club, fluxwork, mandible, scott...",5,17324,20
2,058thnz6odaxoAN4n3cMBN,Verdena,"[bergamo indie, italian alternative]",2,145584,42
3,05MlomiA9La0OiNIAGqECk,Delta Sleep,"[brighton indie, british math rock, math pop, ...",4,92334,45
4,05tfXy5v0DpYvuy4Sot4Nu,Whourkr,"[breakcore, cybergrind]",2,10438,12


In [55]:
print(L, 'artisti seguiti:')

50 artisti seguiti:


# Querying