Error with authorization using PHP Curl
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Plan
Free
Country
Spain
Device
PC
Operating System
Ubuntu 20.04
My Question or Issue
Im trying to make an application web for eductional purpose.
So far i tried this:
<?php
//$client_id = '<insert your spotify app client id>';
$client_id = 'da145e8c4b304dc3875a8e79a062c927';
//$client_secret = '<insert your spotify app client secret>';
$client_secret = '480dd953494c477c9a0c97c4fdcc459b';
$headers = ['Authorization: Basic '.base64_encode($client_id.':'.$client_secret)];
//https://accounts.spotify.com/authorize/?client_id=CLIENT_ID&response_type=token&redirect_uri=http%3A%2F%2Flocalhost%3A8888%2Fcallback&scope=user-read-private%20playlist-modify-public&state=34fFs29kd09
$url= 'https://accounts.spotify.com/authorize';
$redirect_uri = urlencode( 'http://localhost:8080/callback/loginspotify.php');
$statedado ='Hola';
$ch0 = curl_init();
curl_setopt( $ch0 , CURLOPT_URL, $url);
curl_setopt( $ch0, CURLOPT_FOLLOWLOCATION, true );
curl_setopt( $ch0, CURLOPT_HTTPGET, true );
curl_setopt( $ch0, CURLOPT_POSTFIELDS, 'state=' . $statedado );
curl_setopt( $ch0, CURLOPT_POSTFIELDS, 'response_type=code' );
curl_setopt( $ch0, CURLOPT_POSTFIELDS, 'scope=playlist-read-private%20playlist-modify-private' );
curl_setopt( $ch0, CURLOPT_POSTFIELDS, 'client_id=' . $client_id );
curl_setopt( $ch0, CURLOPT_POSTFIELDS, 'redirect_uri=' . $redirect_uri );
//curl_setopt( $ch0, CURLOPT_HTTPHEADER , $headers);
curl_exec($ch0);
$resultauth=curl_exec($ch0);
curl_close($ch0);
echo $resultauth;
$fullquery = 'https://accounts.spotify.com/authorize?response_type=code&state=' . $statedado. '&client_id='.$client_id.'&scope=playlist-read-private%20playlist-modify-private&redirect_uri='. $redirect_uri;
echo $fullquery;
When i execute my script:
http://localhost:8080/provaspotify.php
I found the error attached in the image...
The strange thing is that if i got the fullquery and put it directly in the navitagtion bar of my browser... i got something
The fullquery: https://accounts.spotify.com/authorize?response_type=code&state=Hola&client_id=da145e8c4b304dc3875a8...
I got this response:
So seems that somehow was authorized or something happened there.
Any help would be apreciated..this is the error im facing in the request
<?xml version="1.0" encoding="UTF-8"?>
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>3Q87VNPZ813KR750</RequestId>
<HostId>Yy1nwW8u/aYLJyqjOwoZODuY+1g04nSA01avRuo5B+AfEQ1kNjeliEasOlyMduEwUAsNBdk2Vns=</HostId>
</Error>
Id like to access some personal data of the user, like playlist, but first of all the user have to give permissions...
By the way im the only user my account mail is **bleep**, and im the only user authorised in my app. Also seems redirect uri is ok, because is the same as in the app.
Update 1:
Ive been making some tests. Seems a bug in spotify web api.
Also noticed that code in format:
curl_setopt( $ch0, CURLOPT_URL, $url);
curl_setopt( $ch0, CURLOPT_FOLLOWLOCATION, true );
curl_setopt( $ch0, CURLOPT_HTTPGET, true );
curl_setopt( $ch0, CURLOPT_POSTFIELDS, 'response_type=code' );
curl_setopt( $ch0, CURLOPT_POSTFIELDS, 'client_id=' . $client_id );
curl_setopt( $ch0, CURLOPT_POSTFIELDS, 'scope=' . $scope);
curl_setopt( $ch0, CURLOPT_POSTFIELDS, 'redirect_uri=' . $redirect_uri );
curl_setopt( $ch0, CURLOPT_POSTFIELDS, 'state=' . $state );
curl_setopt( $ch0, CURLOPT_POSTFIELDS, 'show_dialog=' . 'true' );
doesnt like to spotify web api...But this one it seems to work
//////////Request User Authorization
$params = array('state' => $state,'response_type' => 'code', 'scope' => $scope, 'client_id' => $client_id, 'redirect_uri' => $redirect_uri, 'show_dialog' => 'true' );
$url = $endpoint . '?' . http_build_query($params);
curl_setopt($ch0, CURLOPT_URL, $url);
curl_setopt($ch0, CURLOPT_RETURNTRANSFER, true);
Seems a nonsense.
Seems important thing here is http_build_query instruction, for this reason i think it could be a bug, or it shold be documented...
$fullquery = 'https://accounts.spotify.com/authorize?response_type=code&state=' . $state. '&client_id='.$client_id.'&scope='. $scope.'&redirect_uri='. $redirect_uri;
echo $fullquery;
header('Location: '.$fullquery);
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
