没有重定向URI的Spotify?
[英]Spotify without Redirect URI?
问题描述
I'm using Spotipy to get some spotify data from an authorized user but I can't understand how to authorize my account. 
我正在使用Spotipy从授权用户那里获取一些Spotify数据,但是我不知道如何授权我的帐户。
Am I correct in thinking that a server is required that hosts something at http://www.myapp.com/callback ? 我是否认为需要在http://www.myapp.com/callback上托管某些内容的服务器是否正确? What needs to be returned? 需要退还什么? Maybe I'm completely missing something here... I'm very confused by the whole required redirect URI thing... 也许我在这里完全错过了一些东西...我对整个必需的重定向URI感到非常困惑...
I am trying to make a program, without website, so how should I handle authorization? 我正在尝试制作一个没有网站的程序,那么我应该如何处理授权? What exactly should the redirect URI do? 重定向URI到底应该做什么?
Thanks 谢谢
Edit: 编辑:
Using http://localhost:8888/callback as my redirect URI now and that works. 现在使用http:// localhost:8888 / callback作为我的重定向URI即可。 I'm not even sure why since nothing is running on that port. 我什至不知道为什么,因为该端口上没有任何运行。
1 个解决方案
解决方案1
1 2015-01-14 15:30:53
Disclaimer: I know nothing about Spotify's API. 免责声明:我对Spotify的API一无所知。 But I have worked with similar APIs in the past (or even designed them). 但是我过去曾使用过类似的API(甚至设计过它们)。 What I assume is that they use some kind of OpenID/OAuth authorization mechanism. 我假设他们使用某种OpenID / OAuth授权机制。
The very nature of these APIs is that they work through the browser! 这些API的本质是它们通过浏览器工作! The idea is that MyApp doesn't have your actual Spotify credentials, but instead some signed token it can use. 这个想法是MyApp没有实际的 Spotify凭据,但是可以使用一些签名的令牌。
To communicate this token to the MyApp, there are the server-callbacks, outlined in your question. 要将此令牌传达给MyApp,请在您的问题中概述服务器回调。 Because all the browser can do is to redirect to a special URL you provide, with some info added. 因为浏览器所能做的就是重定向到您提供的特殊URL,并添加了一些信息。
So there are conceptually two ways to deal with this: 因此,从概念上讲,有两种方法可以解决此问题:
the easy, server-based one: you in fact register a myapp.com.
简单的基于服务器的服务器:您实际上注册了一个myapp.com。 When your app tries to authorize with spotify, it first creates a unique resource (myapp.com/authrequests/HASH-NUMBER), and communicates this as callback. 当您的应用尝试通过Spotify授权时,它首先创建一个唯一资源(myapp.com/authrequests/HASH-NUMBER),并将其作为回调进行通信。 Then it goes through the motions of making spotify authorize it, and once these are finished, there will have been a call to myapp.com/authrequests/HASH-NUMBER/ADDITIONAL-INFO. 然后,它进行使Spotify授权的动作,完成这些动作后,将调用myapp.com/authrequests/HASH-NUMBER/ADDITIONAL-INFO。 So while your app is waiting for this to happen, it has to poll (or open a websocket and listen to that) myapp.com. 因此,当您的应用程序等待发生这种情况时,它必须轮询myapp.com(或打开一个websocket并收听)。 Complicated? 复杂? Wait, it gets better! 等一下,情况会变好! the harder, OS-dependent one: you write an application that registers itself as protocol-provider with your browsers.
较难的,依赖于OS的应用程序:您编写了一个将自己注册为浏览器协议提供者的应用程序。 Eg my company does that with the protocol "ableton". 例如,我的公司使用协议“ ableton”来做到这一点。 Thus we can make the browser generate "ableton://AUTHORIZATION-REQUEST-RESULT" URLs which will then be communicated through Browser and OS to the running application, and thus you receive the necessary secret. 因此,我们可以使浏览器生成“ ableton:// AUTHORIZATION-REQUEST-RESULT” URL,然后将这些URL通过浏览器和OS传达给正在运行的应用程序,从而为您提供必要的密码。
HTH HTH
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.