Skip to content

OAuth

oauth #

build_auth_token #

build_auth_token(client_id: str, client_secret: str) -> str

Build an authorization token from the client ID and secret.

Parameters:

  • client_id (str) –

    The client's ID.

  • client_secret (str) –

    The client's secret.

Returns:

  • str

    The authorization token.

AuthorizationCodeFlow #

Implementation to help with the Authorization Code Flow by storing and refreshing access tokens.

Spotify Reference: https://developer.spotify.com/documentation/web-api/tutorials/code-flow

Parameters:

  • access_token (str) –

    An access token that can be used in API calls.

  • token_type (str) –

    How the access token may be used.

  • expires_in (timedelta) –

    The time period for which the access token is valid.

  • scopes (list[Scope]) –

    A list of scopes which have been granted for the access token.

  • refresh_token (str) –

    Used to refresh the access token once it has expired.

  • client_id (str) –

    The client's ID.

  • client_secret (str, default: None ) –

    The client's secret. Only required for NON-PKCE.

build_url #

build_url(client_id: str, redirect_uri: str, *, state: str | None = None, scopes: list[Scope] | None = None, show_dialog: bool | None = None, code_challenge: str | None = None) -> str

Build an authorization code flow url from the given parameters.

Parameters:

  • client_id (str) –

    The Client ID of your application.

  • redirect_uri (str) –

    The URI to redirect to after the user grants or denies permission.

  • state (str, default: None ) –

    This provides protection against attacks such as cross-site request forgery.

  • scopes (list[Scope], default: None ) –

    The scopes to request.

  • show_dialog (bool, default: None ) –

    Whether or not to force the user to approve the app again if they've already done so.

  • code_challenge (str, default: None ) –

    Code challenge. Only required for PKCE.

Returns:

  • str

    The authorization code flow url.

build_from_access_token #

build_from_access_token(code: str, redirect_uri: str, *, client_id: str, client_secret: str | None = None, code_verifier: str | None = None) -> Self

Request an access token from Spotify.

Parameters:

  • code (str) –

    The authorization code returned by Spotify after the user granted permission to access their account.

  • redirect_uri (str) –

    The URI Spotify redirected to in the previous request.

  • client_id (str) –

    The client's ID.

  • client_secret (str, default: None ) –

    The client's secret. Only required for NON-PKCE.

  • code_verifier (str, default: None ) –

    Must match the code_challenge passed to oauth.AuthorizationCodeFlow.build_url. Only required for PKCE.

ClientCredentialsFlow #

Implementation to help with the Client Credentials Flow by storing and refreshing access tokens.

Spotify Reference: https://developer.spotify.com/documentation/web-api/tutorials/client-credentials-flow

Parameters:

  • access_token (str) –

    An access token that can be used in API calls.

  • token_type (str) –

    How the access token may be used.

  • expires_in (timedelta) –

    The time period for which the access token is valid.

  • client_id (str) –

    The client's ID.

  • client_secret (str) –

    The client's secret.

build_from_access_token #

build_from_access_token(client_id: str, client_secret: str) -> Self

Request an access token using the code returned by Spotify

Parameters:

  • client_id (str) –

    The client's ID.

  • client_secret (str) –

    The client's secret.