New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Auto-refresh AuthCode flow token. #435
Auto-refresh AuthCode flow token. #435
Conversation
Hey, thanks for that. I will review and respond properly later, but for now to fix the lint you can just do:
It's missing from the README Edit: cool, you already fixed it |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is looking great! I'm still trying to think of a scenario where being forced to be prompted for the token could be an issue. Could it be a problem when trying to use spotipy in an API? #287 (comment). In this case we would need something like prompt=True
What do you think @ritiek?
Looks cool! I'll hopefully be able to review by evening. |
Implements the capability of trying to fetch the following parameters from the environment, when they're not directly passed to the authorization handler. The affected parameters are: client_id, client_secret, redirect_uri. An SpotifyOauthError is raised if no value gets found.
@stephanebruckert in my opinion the best way to handle the authorization flow independently is using an authorization manager independently too, and just use the |
Hey @ritiek, do you have any updates on this? |
Oops, sorry. It seems like review comments need to be submitted twice? Anyway, this looks good to me. Seems to automatically refresh token nicely as well. I've left a few trivial review comments. |
Cool! I pushed the updates, can't wait to have this merged 🥳 |
Hey, sorry I was ill for most of the week, unable to do much. I just had a better look at how SpotifyOAuth works, I really want to merge the PR but there is still something backward-incompatible in it.
Please confirm if I understand correctly. You would make the previous So I see two possible solutions to fix this PR:
Let me know if we are both understanding it correctly? Thanks again for the work you put in this PR, can't wait to see it merged! |
Hey @stephanebruckert , good to have you back, sorry you was ill! For now, the main compatibility issue after the changes I made, is that If instead, the problem is on the prompting part, could you please try to explain that to me again? import spotipy
import os
from pprint import pprint
def main():
spotify = spotipy.Spotify(auth_manager=spotipy.SpotifyOAuth())
me = spotify.me()
pprint(me)
if __name__ == "__main__":
main() The first time I run this script it will tell me to login to spotify, gave my permission for the scopes, and will send me back to a url that I have to paste in the console to get the ** SCENARIO 2 **: So could you explain me again the issue please? Thank you :) |
Hey @stefanondisponibile! I agree with scenario 1 👍 In the scenario 2,
instead it should be called on an object of that class:
So even if you get the code independently, the prompt would open before. There must be ways to adapt the way it works, but we cannot change it because it might already be used (for example in something that would look like #287 (comment)) Do you see what I mean? Could I be missing something? |
Sorry @stephanebruckert , but I still don't really get the problem.
why can't avoid it? You shouldn't receive any prompts by doing this. In fact, one should actually reflect what's in @MaZderMind comment. Try this and see if that's the expected behaviour: """
Of course:
0. pip install spotipy (from this branch or from my fork)
1. pip install flask
2. Export needed env variables:
export SPOTIPY_CLIENT_ID=yourclientid
export SPOTIPY_CLIENT_SECRET=yourclientsecret
export SPOTIPY_CLIENT_USERNAME=yourusername
3. Add "http://localhost:5000" to your app's redirect uris.
4. Copy-paste this into an "app.py" file.
5. Run "flask run" and go to http://localhost:5000
"""
from flask import Flask, request, jsonify
import spotipy
app = Flask(__name__)
auth_manager = spotipy.oauth2.SpotifyOAuth()
spotify = spotipy.Spotify(auth_manager=auth_manager)
@app.route("/")
def index():
if request.args.get("code"):
auth_manager.get_access_token(request.args["code"])
if not auth_manager.get_cached_token():
auth_url = auth_manager.get_authorize_url()
return f'<h2><a href="{auth_url}">Authorize this application.</a></h2>'
return spotify.me() |
Indeed, that's my bad! For some reason I was thinking that
About this change, I think it's a good idea initially because ClientCredentials.get_access_token is returning a string too. But it looks like the dict returned by Also feel free to add a changelog and we should be good to merge! Cheers |
No worries @stephanebruckert , always better overchecking than the opposite 😉 Good catch! On other's code we might break if we return a string instead of a dictionary! I'm pushing these changes, so you can have a look. |
@stefanondisponibile sounds perfect! |
Very nice, merging, thank you @stefanondisponibile |
Thank you all for following up on this 👍 |
Just wanted to say, I was tweaking an old project that was leveraging this client and auth_manager let me get rid of so much code. Thanks for the contribution! |
I loved @stephanebruckert 's idea of having similar handlers for the two different authorization flows.
I think it would be even better having one one unique
auth_manager
inside theSpotify
client, and infer it from the parameters. This also would allow a smooth and backward compatible pass to this.What do you think?