B4J Question [SOLVED] Spotify {"error":"invalid_client"}

pierrem

Member
Licensed User
Longtime User
Hi,

Trying to adapt : https://www.b4x.com/android/forum/t...y-authorisation-requirement.81048/post-513901
with (for Base64Encode) : https://www.b4x.com/android/forum/threads/xui-sd-base64-encode-decode.105755/post-662153

I get for authentication (job1) : {"error":"invalid_client"}
I can't find lot of help on G nor on spotify docs

Someone has advice or can point where the error is ?
Or a running example ...

Maybe while encoding in base64 ... I didn't find such function in standard jLibs ....

Thanks in advance


here is the code
B4X:
Private Sub btnTest01_Click
    
    SpotGrant1        = "client_credentials"
    SpotClientID1     = "checked twice on spotify console"  'Use your own Spotify Client ID!
    SpotClientSecret1 = "checked twice on spotify console"  'Use your own Spotify Client Secret key!
    SourceWeb1        = "https://accounts.spotify.com/api/token"
    
    Private s1 As String = Base64Encode(SpotClientID1)
    Private s2 As String = Base64Encode(SpotClientSecret1)
    SpotBase64 = s1&":"&s2
    'SpotBase64 = B64.EncodeStoS(SpotClientID1 & ":" & SpotClientSecret1,"UTF8")
    Log(SpotBase64)

    Job1.Initialize("Job1", Me)
    Job1.PostString(SourceWeb1, "grant_type=" & SpotGrant1)
    Job1.GetRequest.SetContentType("application/x-www-form-urlencoded")
    Job1.GetRequest.SetHeader("Authorization", "Basic " & SpotBase64)

    
End Sub


Sub JobDone (Job As HttpJob)      'Event
    Dim n As Long
    Dim m As Long
    If Job.Success = True Then
        Select Job.JobName
            Case "Job1"
                SourceText1 = Job.GetString2("ISO-8859-1")
                n=SourceText1.IndexOf2(":",0)+2            'Dubbele punt en aanhalingsteken moeten weg!
                m=SourceText1.IndexOf2(Chr(34),n+8)
                SpotToken1=SourceText1.SubString2(n,m)
                Log("Token=" & SpotToken1)
                SpotQuery1 = "frank+sinatra+my+way"
                SourceWeb1 = "https://api.spotify.com/v1/search?query=" & SpotQuery1 & "&type=track&access_token=" & SpotToken1 & "&token_type=Bearer&expires_in=3600"    '&limit=1
                Job2.Initialize("Job2", Me)
                Job2.Download(SourceWeb1)
                Job.release
                Return

            Case "Job2"
                SourceText1 = Job.GetString2("ISO-8859-1")
                n=0
                n=SourceText1.IndexOf2("spotify:track:",0)+14    'With multiple results this might not always be the desired song and thus deeper analysis of the JSON will be needed.
                m=SourceText1.IndexOf2(Chr(34),n)
                If n<14 Or m<=n Then Return
                SpotTrack1=SourceText1.SubString2(n,m)
                Log(SpotTrack1)

                'Dim Intent1 As Intent
                'Intent1.Initialize(Intent1.ACTION_VIEW, "spotify:track:" & SpotTrack1)
                'Intent1.SetComponent("com.spotify.music")
                'StartActivity(Intent1)

                Job.Release
                Return
        End Select
    Else
        Log("Error in " & Job.JobName & ": " & Job.ErrorMessage)
    End If
End Sub
 

DonManfred

Expert
Licensed User
Longtime User
Upvote 0

pierrem

Member
Licensed User
Longtime User
@Erel :
Seems like you are trying to parse a json response without a json parser. This is a big mistake.

I agreee ... response will be json parsed when I get a usable response
:)
not the case as there is an error (in json format, don't need a parser to understand the error)

@DonManfred :
I've read the docs
https://developer.spotify.com/documentation/web-api/reference/#objects-index
leading to
https://developer.spotify.com/documentation/web-api/#response-status-codes
leading to
https://tools.ietf.org/html/rfc6749#section-4.1.2.1

where it is mentionned :
invalid_client
Client authentication failed (e.g., unknown client, no
client authentication included, or unsupported
authentication method). The authorization server MAY
return an HTTP 401 (Unauthorized) status code to indicate
which HTTP authentication schemes are supported. If the
client attempted to authenticate via the "Authorization"
request header field, the authorization server MUST
respond with an HTTP 401 (Unauthorized) status code and
include the "WWW-Authenticate" response header field
matching the authentication scheme used by the client
.

not really helpfull for me ...
I'm possibly stupid (yes, yes ...) but I can't point out where is my mistake.


p.
 
Upvote 0

pierrem

Member
Licensed User
Longtime User
@Erel :
removing header sounds not a good idea ...

from spotify docs :

The request is sent to the /api/token endpoint of the Accounts service:

POST https://accounts.spotify.com/api/token

The body of this POST request must contain the following parameters encoded in application/x-www-form-urlencoded as defined in the OAuth 2.0 specification:

REQUEST BODY PARAMETERVALUE
grant_typeRequired.
Set it to client_credentials.
The header of this POST request must contain the following parameter:

HEADER PARAMETERVALUE
AuthorizationRequired.
Base 64 encoded string that contains the client ID and client secret key. The field must have the format: Authorization: Basic <base64 encoded client_id:client_secret>
 
Upvote 0

pierrem

Member
Licensed User
Longtime User
Hi @All

the mistake was mine !

The trick is to encode in base64 and at the same time both 'client_ID' and 'secret_ID' separated by ':'

I was encoding
1°) client_ID,
2°) secret_ID

and then inserting the 1°) encoded +':'+2°) encoded

bad idea
:)
 
Upvote 0
Top