spotify web api authorization code grant thelinmichael/spotify-web-api-java android

Question

I have problems to authorize the spotify web api using the authorization code grant. I know that I have to fill in my client id, client secret and redirect uri to the strings, but I don't know how to get the string called code which is necessary to get an access token.

final String clientId = "<your_client_id>";
final String clientSecret = "<your_client_secret>";
final String redirectURI = "<your_redirect_uri>";

final Api api = Api.builder()
    .clientId(clientId)
    .clientSecret(clientSecret)
    .redirectURI(redirectURI)
    .build();

/* Set the necessary scopes that the application will need from the user */
final List<String> scopes = Arrays.asList("user-read-private", "user-read-email");

/* Set a state. This is used to prevent cross site request forgeries. */
final String state = "someExpectedStateString";

String authorizeURL = api.createAuthorizeURL(scopes, state);

/* Continue by sending the user to the authorizeURL, which will look something like
https://accounts.spotify.com:443/authorize?client_id=5fe01282e44241328a84e7c5cc169165&response_type=code&redirect_uri=https://example.com/callback&scope=user-read-private%20user-read-email&state=some-state-of-my-choice
*/

and then

/* Application details necessary to get an access token */
final String code = "<insert code>"; //I don't know where I get the value for this string from

/* Make a token request. Asynchronous requests are made with the .getAsync method and synchronous requests
* are made with the .get method. This holds for all type of requests. */
final SettableFuture<AuthorizationCodeCredentials> authorizationCodeCredentialsFuture = api.authorizationCodeGrant(code).build().getAsync();

/* Add callbacks to handle success and failure */
Futures.addCallback(authorizationCodeCredentialsFuture, new FutureCallback<AuthorizationCodeCredentials>() {

@Override
public void onSuccess(AuthorizationCodeCredentials authorizationCodeCredentials) {
    /* The tokens were retrieved successfully! */

    /* Set the access token and refresh token so that they are used whenever needed */
    api.setAccessToken(authorizationCodeCredentials.getAccessToken());
    api.setRefreshToken(authorizationCodeCredentials.getRefreshToken());
}

@Override
public void onFailure(Throwable throwable) {
     /* Let's say that the client id is invalid, or the code has been used more than once,
     * the request will fail. Why it fails is written in the throwable's message. */

      }
});

Do you know how to get this code and successfully get the access token?

Thanks!

Answer 1

I have solved the problem now.

You don´t have to make a Web Service! The solution is actually really simple. You just have to create an Intent with

Intent.ACTION_VIEW

as the first parameter and with your url as the second one and to call startActivity with the Intent as the parameter. Then you have to add this

<intent-filter>
    <action android:name="android.intent.action.VIEW" />
    <category android:name="android.intent.category.DEFAULT" />
    <category android:name="android.intent.category.BROWSABLE" />

    <data
         android:host="callback"
         android:scheme="yourcustomprotocol" />
</intent-filter>

to your activity tag in manifest and last but not least catch the callback in

onNewIntent(final Intent intent)

and here you can get the url of the intent where you can extract the code from.

Answer 2

As you can read in the description of Authorization Code Flow, you need to send the User to a Spotify URL. This URL is given in the authorizeURL String:

/* Continue by sending the user to the authorizeURL, which will look 
something like
https://accounts.spotify.com:443/authorize?client_id=5fe01282e44241328a84e7c5cc169165&response_type=code&redirect_uri=https://example.com/callback&scope=user-read-private%20user-read-email&state=some-state-of-my-choice
*/

After the user logged in and the Application permission to access the given scopes, Spotify will redirect the User to a callback url. This is the point where it is getting complicated. You need to receive the code parameter Spotify provides in the callback url. This code parameter is the value needed for the ongoing process. The spotify-web-api-java that you are using, does not provide anything to receive this request. You need to find a solution by using e.g. a Spring RESTful Web Service.