stackoom
  简体   繁体   中英

Spotify oauth2 with PHP curl. How to get authorization code?

 原文  2021-01-24 02:31:12       php/ oauth-2.0/ spotify

Question

I have tried following the spotify authorization code flow, and have fallen at the first hurdle of getting user authorization.

I have tried doing this using PHP curl.

If you take a look at my code, what am I doing wrong?

$url           = 'https://accounts.spotify.com/authorize';
$redirect_uri  = urlencode( site_url() );
$curl = curl_init();
 
curl_setopt( $curl, CURLOPT_URL, $url);
curl_setopt( $curl, CURLOPT_FOLLOWLOCATION, true );
curl_setopt( $curl, CURLOPT_HTTPGET, true );
curl_setopt( $curl, CURLOPT_POSTFIELDS, 'state=' );
curl_setopt( $curl, CURLOPT_POSTFIELDS, 'response_type=code' );
curl_setopt( $curl, CURLOPT_POSTFIELDS, 'scope=playlist-read-private%20playlist-modify-private' );
curl_setopt( $curl, CURLOPT_POSTFIELDS, 'client_id=' . $this->client_id );
curl_setopt( $curl, CURLOPT_POSTFIELDS, 'redirect_uri=' . $redirect_uri );
 
curl_exec( $curl );
curl_close( $curl );
 
$fullquery     = 'https://accounts.spotify.com/authorize?response_type=code&state=&client_id=CLIENT_ID&scope=playlist-read-private%20playlist-modify-private&redirect_uri=http%3A%2F%2Flocalhost%3A8888%2Fspotifyapi';

Running this returns a block of html from spotify, embedded into my page, with the text: "Error Oops, Something went wrong. please try again or check out our help area."

What's interesting however, is that if I put the full query into my search bar, it works exactly as I expect, by taking me to an authorization page, and after acceptance, redirecting back to my callback url, with my access code as a parameter in the url.

Why can't I get the desired effect in my PHP function?

Any hints would be greatly appreciated. I know there is a php spotify api wrapper on GitHub I could use, but I want to do this myself as a learning project.

spotify error response

1 answers

solution1
 0  2022-01-01 13:46:12

You have to follow a 3 step process.

I managed to get the first step which is outlined above to work by simply building the query out of the data above, and appending that to the authorization url - and adding a link on the page. Like this:

$data = array(
    'client_id'     => $client_id,
    'redirect_uri'  => $redirect_url,
    'scope'         => $scope,
    'response_type' => $response_type,
);

$oauth_url = 'https://accounts.spotify.com/authorize?' . http_build_query( $data );
?>

<a href="<?php echo $oauth_url; ?>">Login</a>

Once the link is clicked, you are returned to the redirect url, where you can get the authorization code from the url, and continue with the authorization flow using curl.

<?php if ( isset( $_GET['code'] ) && ! isset( $_SESSION['spotify_access'] ) ) {

    $data = array(
        'redirect_uri' => $redirect_url,
        'grant_type'   => 'authorization_code',
        'code'         => $_GET['code'],
    );
    $ch            = curl_init();
    curl_setopt( $ch, CURLOPT_URL, 'https://accounts.spotify.com/api/token' );
    curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1 );
    curl_setopt( $ch, CURLOPT_POST, 1 );
    curl_setopt( $ch, CURLOPT_POSTFIELDS, http_build_query( $data ) );
    curl_setopt( $ch, CURLOPT_HTTPHEADER, array( 'Authorization: Basic ' . base64_encode( $client_id . ':' . $client_secret ) ) );

    $result = json_decode( curl_exec( $ch ) );


    curl_close( $ch );

    if ( isset( $result->access_token ) ) {
        header( 'Location: http://localhost:8888/spotify/getprofile.php?access=' . $result->access_token );
    }
}

Finally, you can fetch user data:

<?php if ( isset( $_GET['access'] ) ) {
    $ch = curl_init();
    curl_setopt( $ch, CURLOPT_URL, 'https://api.spotify.com/v1/me' );
    curl_setopt( $ch, CURLOPT_HTTPHEADER, array( 'Content-Type:application/json', 'Authorization: Bearer ' . $_GET['access'] ) );
    curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
    $userprofile = json_decode( curl_exec( $ch ) );
    curl_close( $ch );

    echo '<pre>';
    var_dump( $userprofile );
    echo '</pre>';

    if ( $userprofile->id ) {
        $ch = curl_init();
        curl_setopt( $ch, CURLOPT_URL, 'https://api.spotify.com/v1/users/' . $userprofile->id . '/playlists' );
        curl_setopt( $ch, CURLOPT_HTTPGET, 1 );
        curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
        curl_setopt( $ch, CURLOPT_HTTPHEADER, array( 'Authorization: Bearer ' . $_GET['access'] ) );
        $playlists = json_decode( curl_exec( $ch ) );
        curl_close( $ch );
        echo '<pre>';
        var_dump( $playlists );
        echo '</pre>';
    }
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question php oauth2 server Authorization Code Grant Cant get the html dom by php curl. Fileupload with curl. Php How to use OAuth2 using PHP cURL How to convert Postman Authorization OAuth2 request to code PHP or compresible process Central OAuth2.0 Authorization on the Backend-Side using PHP and curl for Spotify Web API oauth2 in php - specified in curl Oauth2 Vs meetup using php and curl, fails to get token using POST JSON data with PHP cURL. Cannot get response Curl GET Request to the spotify Authorization API
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM