Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to refresh access token? #108

Closed
Nikos410 opened this issue Dec 9, 2019 · 5 comments
Closed

How to refresh access token? #108

Nikos410 opened this issue Dec 9, 2019 · 5 comments

Comments

@Nikos410
Copy link
Contributor

Nikos410 commented Dec 9, 2019

Hi there and thanks for this great library, it saved us a lot of work :)

I do have one problem though - an access token expires after 1 hour, but can be refreshed using the refresh token:

Access tokens are deliberately set to expire after a short time, after which new tokens may be granted by supplying the refresh token originally obtained during the authorization code exchange.

(https://developer.spotify.com/documentation/general/guides/authorization-guide#4-requesting-a-refreshed-access-token-spotify-returns-a-new-access-token-to-your-app)

Is there a way to do this using this library?

Thanks in advance!
@zmb3
Copy link
Owner

zmb3 commented Dec 10, 2019

See also #7. If you're using the authorization code flow, the library should refresh the token for you automatically.

If you're using the client credentials flow folks have just been recreating the client. Definitely open to ideas for making that workflow easier.

@chew-z
Copy link

chew-z commented Dec 25, 2019
edited

As per this discussion newToken, err := src.Token() // this actually goes and renews the tokens which implies, I think, that zmb3/spotify/auth.go client.Token() should also refresh token.

Now, this is just sidenote but you rarely need spotify token to last beyond default 60 minutes.

  1. If you store spotify cookies you would be re-authorized transparently in the background
  2. oauth2 token had been designed to be stateful not stateless (hence variable called state). Many people for simplicity code per app token (like const state=abc123) but it is not as intended.

@Nikos410
Copy link
Contributor Author

Nikos410 commented Jan 3, 2020

Hi, sorry for taking a while to respond.

I think I'm using the authorization code flow, like in the example in README.md.

So that means, if I create a client with Authenticator.NewClient(token) and then perform actions using that client, the token will be updated automatically?

@chew-z
Copy link

chew-z commented Jan 3, 2020

Yes. Your client should be authorized even if more then an hour passed.

Do log.Println(token.Expiry.Sub(time.Now())) to make sure.
And newToken, _ := client.Token() to obtain new token implicit.

If you would like to store new token (to file or database) this pseudocode might help.

		tok, err := getTokenFromDB()
		if err == nil {
			client := auth.NewClient(tok)

				if m, _ := time.ParseDuration("5m30s"); time.Until(tok.Expiry) < m {
					newToken, _ := client.Token()
					updateTokenInDB(newToken)
				}
			return &client
		}

@Nikos410
Copy link
Contributor Author

Nikos410 commented Jan 5, 2020

Alright, thank you very much, that does help me a lot

@Nikos410 Nikos410 closed this as completed Jan 5, 2020
@p1ass p1ass mentioned this issue Apr 16, 2020
Closed
@fabstu fabstu mentioned this issue Oct 13, 2020
Closed
schicho added a commit to schicho/spotiyou that referenced this issue Jan 9, 2023
@schicho
add cookiejar to reauthorize after 60 minutes
c098b20 
as mentioned here zmb3/spotify#108 (comment)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@chew-z @zmb3 @Nikos410