2014-05-14 10:27:27 +02:00
|
|
|
/**
|
|
|
|
* This is an example of a basic node.js script that performs
|
|
|
|
* the Authorization Code oAuth2 flow to authenticate against
|
|
|
|
* the Spotify Accounts.
|
|
|
|
*
|
|
|
|
* For more information, read
|
2014-06-17 10:25:03 +02:00
|
|
|
* https://developer.spotify.com/web-api/authorization-guide/#authorization_code_flow
|
2014-05-14 10:27:27 +02:00
|
|
|
*/
|
|
|
|
|
|
|
|
var express = require('express'); // Express web server framework
|
|
|
|
var request = require('request'); // "Request" library
|
|
|
|
var querystring = require('querystring');
|
2014-06-30 10:11:04 +02:00
|
|
|
var cookieParser = require('cookie-parser');
|
2014-05-14 10:27:27 +02:00
|
|
|
|
|
|
|
var client_id = '03ffe0cac0a0401aa6673c3cf6d02ced'; // Your client id
|
2014-06-03 13:26:18 +02:00
|
|
|
var client_secret = 'a57c43efb9644574a96d6623fb8bfbc2'; // Your client secret
|
2014-05-14 10:27:27 +02:00
|
|
|
var redirect_uri = 'http://localhost:8888/callback'; // Your redirect uri
|
|
|
|
|
2014-06-30 10:11:04 +02:00
|
|
|
/**
|
|
|
|
* Generates a random string containing numbers and letters
|
|
|
|
* @param {number} length The length of the string
|
|
|
|
* @return {string} The generated string
|
|
|
|
*/
|
|
|
|
var generateRandomString = function(length) {
|
|
|
|
var text = '';
|
|
|
|
var possible = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
|
|
|
|
|
|
|
|
for (var i = 0; i < length; i++) {
|
|
|
|
text += possible.charAt(Math.floor(Math.random() * possible.length));
|
|
|
|
}
|
|
|
|
return text;
|
|
|
|
};
|
|
|
|
|
|
|
|
var stateKey = 'spotify_auth_state';
|
|
|
|
|
2014-05-14 10:27:27 +02:00
|
|
|
var app = express();
|
|
|
|
|
2014-06-30 10:11:04 +02:00
|
|
|
app.use(express.static(__dirname + '/public'))
|
|
|
|
.use(cookieParser());
|
2014-05-14 10:27:27 +02:00
|
|
|
|
|
|
|
app.get('/login', function(req, res) {
|
|
|
|
|
2014-06-30 10:11:04 +02:00
|
|
|
var state = generateRandomString(16);
|
|
|
|
res.cookie(stateKey, state);
|
|
|
|
|
2014-05-14 10:27:27 +02:00
|
|
|
// your application requests authorization
|
|
|
|
var scope = 'user-read-private user-read-email';
|
|
|
|
res.redirect('https://accounts.spotify.com/authorize?' +
|
|
|
|
querystring.stringify({
|
|
|
|
response_type: 'code',
|
|
|
|
client_id: client_id,
|
|
|
|
scope: scope,
|
2014-06-30 10:11:04 +02:00
|
|
|
redirect_uri: redirect_uri,
|
|
|
|
state: state
|
2014-05-14 10:27:27 +02:00
|
|
|
}));
|
|
|
|
});
|
|
|
|
|
|
|
|
app.get('/callback', function(req, res) {
|
|
|
|
|
|
|
|
// your application requests refresh and access tokens
|
2014-06-30 10:11:04 +02:00
|
|
|
// after checking the state parameter
|
|
|
|
|
|
|
|
var code = req.query.code || null;
|
|
|
|
var state = req.query.state || null;
|
|
|
|
var storedState = req.cookies ? req.cookies[stateKey] : null;
|
|
|
|
|
|
|
|
if (state === null || state !== storedState) {
|
|
|
|
res.redirect('/#' +
|
|
|
|
querystring.stringify({
|
|
|
|
error: 'state_mismatch'
|
|
|
|
}));
|
|
|
|
} else {
|
|
|
|
res.clearCookie(stateKey);
|
|
|
|
var authOptions = {
|
|
|
|
url: 'https://accounts.spotify.com/api/token',
|
|
|
|
form: {
|
|
|
|
code: code,
|
|
|
|
redirect_uri: redirect_uri,
|
|
|
|
grant_type: 'authorization_code',
|
|
|
|
client_id: client_id,
|
|
|
|
client_secret: client_secret
|
|
|
|
},
|
|
|
|
json: true
|
|
|
|
};
|
|
|
|
|
|
|
|
request.post(authOptions, function(error, response, body) {
|
|
|
|
if (!error && response.statusCode === 200) {
|
|
|
|
|
|
|
|
var access_token = body.access_token,
|
|
|
|
refresh_token = body.refresh_token;
|
|
|
|
|
|
|
|
var options = {
|
|
|
|
url: 'https://api.spotify.com/v1/me',
|
|
|
|
headers: { 'Authorization': 'Bearer ' + access_token },
|
|
|
|
json: true
|
|
|
|
};
|
|
|
|
|
|
|
|
// use the access token to access the Spotify Web API
|
|
|
|
request.get(options, function(error, response, body) {
|
|
|
|
console.log(body);
|
|
|
|
});
|
|
|
|
|
|
|
|
// we can also pass the token to the browser to make requests from there
|
|
|
|
res.redirect('/#' +
|
|
|
|
querystring.stringify({
|
|
|
|
access_token: access_token,
|
|
|
|
refresh_token: refresh_token
|
|
|
|
}));
|
|
|
|
} else {
|
|
|
|
res.redirect('/#' +
|
|
|
|
querystring.stringify({
|
|
|
|
error: 'invalid_token'
|
|
|
|
}));
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}
|
2014-05-14 10:27:27 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
app.get('/refresh_token', function(req, res) {
|
|
|
|
|
|
|
|
// requesting access token from refresh token
|
|
|
|
var refresh_token = req.query.refresh_token;
|
|
|
|
var authOptions = {
|
|
|
|
url: 'https://accounts.spotify.com/api/token',
|
2014-06-03 13:26:18 +02:00
|
|
|
headers: { 'Authorization': 'Basic ' + (new Buffer(client_id + ':' + client_secret).toString('base64')) },
|
2014-05-14 10:27:27 +02:00
|
|
|
form: {
|
|
|
|
grant_type: 'refresh_token',
|
|
|
|
refresh_token: refresh_token
|
|
|
|
},
|
|
|
|
json: true
|
|
|
|
};
|
|
|
|
|
|
|
|
request.post(authOptions, function(error, response, body) {
|
|
|
|
if (!error && response.statusCode === 200) {
|
|
|
|
var access_token = body.access_token;
|
|
|
|
res.send({
|
|
|
|
'access_token': access_token
|
|
|
|
});
|
|
|
|
}
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
2014-06-03 13:26:18 +02:00
|
|
|
console.log('Listening on 8888');
|
2014-05-14 10:27:27 +02:00
|
|
|
app.listen(8888);
|