Announcements

Help Wizard

Step 1

NEXT STEP

Able to obtain access token without providing the necessary headers

Able to obtain access token without providing the necessary headers

Device

Redmi Note 7 Pro

 

Operating System

Android 10

 

My Issue

The request access token section of the Authorization Code Flow mentions that Authorization and Content-Type headers are required. However, even if I don't include these headers in my Flutter app, I still get access and refresh tokens, and I can make API calls using the obtained access token.

My Code:

// At this step, authorization code has been obtained
final Uri uri = Uri.parse('https://accounts.spotify.com/api/token/');
final response = await http.post(
  uri,
  body: {
    "grant_type": "authorization_code",
    "code": code,
    "redirect_uri": "com.analysis.spotify://login-callback",
    "client_id": clientId,
    "code_verifier": codeVerifier,
  },
  // Note that I haven't passed headers.
);

// The following if block is executed which means I was able to get the access tokens without specifying the required headers.
if (response.statusCode == 200) {
  final map = jsonDecode(response.body);
  final String accessToken = map["access_token"];
  final String refreshToken = map["refresh_token"];

// Finally, I try to make an API call to obtain top artists and I am able to do so.
final Uri uri = Uri.parse('https://api.spotify.com/v1/me/top/artists?time_range=short_term');
  final response = await http.get(
uri,
  headers: {"Authorization": "Bearer $accessToken"},
);
if (response.statusCode == 200) {
  // The following API call works.
  print(response.body);
}
}

Reply
0 Replies

Suggested posts