问题
So all of a sudden they decide I need an authorization header for Spotify Search API.
My application runs in C++ using Poco Net libraries and I can't get it to work.
I went through all that process of getting the "code" that I am supposed to exchange for the token. I assume this code is valid, even though I used just a totally unrelated domain then copied it of the variable that was sent to that page.
See https://developer.spotify.com/web-api/authorization-guide/
This is my code that isn't working:
bool getToken()
{
Poco::URI loginURI( "https://accounts.spotify.com" );
Poco::Net::HTTPSClientSession loginSession( loginURI.getHost(), loginURI.getPort(), context );
// Poco::Net::HTTPBasicCredentials credentials( clientId, clientSecret );
std::ostringstream requestOStr;
requestOStr << "https://accounts.spotify.com/api/token?grant_type=authorization_code&code="
<< (m_refreshToken.empty() ? code : m_refreshToken)
<< "&redirect_uri=" << redirectURI
<< "&client_id=" << clientId << "&client_secret=" << clientSecret;
std::string requestStr( requestOStr.str() );
Poco::Net::HTTPRequest loginRequest( Poco::Net::HTTPRequest::HTTP_POST, requestStr,
Poco::Net::HTTPMessage::HTTP_1_1 );
// credentials.authenticate( loginRequest );
loginSession.sendRequest( loginRequest );
Poco::Net::HTTPResponse response;
std::istream& rs = loginSession.receiveResponse( response );
std::cout << "Login request " << requestStr << std::endl;
std::cout << "Login response status " << static_cast<int>(response.getStatus()) << ", "
<< response.getReason() << std::endl;
std::string rsStr(std::istreambuf_iterator<char>(rs), {});
if( rsStr.empty() )
{
std::cout << "No results" << std::endl;
return false;
}
else
{
std::cout << "Logon response:\n" << rsStr << std::endl;
}
Parser parser;
Var result;
result = parser.parse(rsStr);
Object::Ptr obj = result.extract<Object::Ptr>();
try
{
Var tokenVar = obj->get( "access_token ");
if( tokenVar.isString() )
{
m_token = tokenVar.convert< std::string >();
}
else
{
std::cerr << "Could not get access token" << std::endl;
return false;
}
Var refreshTokenVar = obj->get( "refresh_token" );
if( refreshTokenVar.isString() )
{
m_refreshToken = refreshTokenVar.convert< std::string >();
}
return true;
}
catch( const std::exception& err )
{
std::cerr << "Error getting login token" << err.what() << std::endl;
return false;
}
}
I tried the BasicCredentials instead of putting client id and clientSecret into the request but that got the same result.
This is how the HTTP request looks with the values modified:
https://accounts.spotify.com/api/token?grant_type=authorization_code&code=THE_CODE&redirect_uri=THE_REDIRECT_URI&client_id=THE_CLIENT_ID&client_secret=THE_CLIENT_SECRET
The response I am getting is:
Login response status 400, Bad Request
{"error":"server_error","error_description":"Unexpected status: 400"}
回答1:
Ok I will answer my own question now having found out the answer. My error was mis-use of POST.
This works, once I have the original authorization_code. The code will no longer be valid once "swapped" but that's a different issue.
bool getToken()
{
Poco::URI loginURI( "https://accounts.spotify.com" );
Poco::Net::HTTPSClientSession loginSession( loginURI.getHost(), loginURI.getPort(), context );
Poco::Net::HTTPBasicCredentials credentials( clientId, clientSecret );
loginSession.setKeepAlive( true );
std::string requestStr( "https://accounts.spotify.com/api/token" );
Poco::Net::HTTPRequest loginRequest( Poco::Net::HTTPRequest::HTTP_POST,
requestStr,
Poco::Net::HTTPMessage::HTTP_1_1 );
loginRequest.setContentType("application/x-www-form-urlencoded");
loginRequest.setKeepAlive( true );
std::string grantType;
std::string authCode;
if( m_refreshToken.empty() )
{
grantType = "authorization_code";
authCode = code;
}
else
{
grantType = "refresh_token";
authCode = m_refreshToken;
}
std::ostringstream contentOStr;
contentOStr << "grant_type=" << grantType <<
"&code=" << authCode
<< "&redirect_uri=" << redirectURI;
std::string contentStr = contentOStr.str();
loginRequest.setContentLength( contentStr.size() );
credentials.authenticate( loginRequest );
std::ostream& requestOStr = loginSession.sendRequest( loginRequest );
requestOStr << contentStr;
requestOStr.flush();
Poco::Net::HTTPResponse response;
std::istream& rs = loginSession.receiveResponse( response );
std::cout << "Login request ";
loginRequest.write(std::cout);
std::cout << std::endl;
std::cout << "Login response status " << static_cast<int>(response.getStatus()) << ", "
<< response.getReason() << std::endl;
std::string rsStr(std::istreambuf_iterator<char>(rs), {});
if( rsStr.empty() )
{
std::cout << "No results" << std::endl;
return false;
}
else
{
std::cout << "Logon response:\n" << rsStr << std::endl;
}
Parser parser;
Var result;
result = parser.parse(rsStr);
Object::Ptr obj = result.extract<Object::Ptr>();
try
{
Var tokenVar = obj->get( "access_token" );
if( tokenVar.isString() )
{
m_token = tokenVar.convert< std::string >();
}
else
{
std::cerr << "Could not get access token" << std::endl;
return false;
}
Var refreshTokenVar = obj->get( "refresh_token" );
if( refreshTokenVar.isString() )
{
m_refreshToken = refreshTokenVar.convert< std::string >();
}
return true;
}
catch( const std::exception& err )
{
std::cerr << "Error getting login token" << err.what() << std::endl;
return false;
}
}
来源:https://stackoverflow.com/questions/44333630/how-to-exchange-code-for-token-in-spotify-using-poco-net-library