Reputation: 10926
So I am tapping into the spotilocal.com:4380 server that runs under spotify and that facebook uses to update / interface with the clients desktop app.
through some sniffing in the network panel I found how to get a JSON string back
http://8440.spotilocal.com:4380/remote/status.json?cors=&csrf=____&oauth=____
The question that i have is – how can I get the csrf and oauth tokens without manually inspecting my network panel when on facebook.
Upvotes: 0
Views: 4119
Reputation: 101
If you issue a GET from your client to https://open.spotify.com/token then the response JSON object will have an oAuth token inside it.
Upvotes: 0
Reputation: 4007
For the oAuth, you have to get them from Facebook or Spotify.
As for the CSRF token, you have to make a request to "spotilocal:xxxx/simplecsrf/token.json", this will return a {token:...}.
However, this token can only be returned if it comes from a specific set of referrers. This is obviously done to prevent people from starting any music on any people's computer.
You can have a look on this thing I found online: http://code.google.com/p/spotify-local-api/source/browse/trunk/SpotifyLocalAPI/SpotifyAPI.cs?r=2
Upvotes: 1