0

I have some stuff working with the spotify API for a mini project, but can't understand / get an implementation of the user login and authentication in Clojure.

I have the following code snippet to try and open the user auth:

(ns app-fig.spotify
  (:require [clj-http.client :as client]))

(defn auth-user
  [client-id]
  (client/get "https://accounts.spotify.com/authorize" {:query-params 
                                                        {"client_id" client-id
                                                         "response_type" "code"
                                                         "redirect_url" "http://localhost:3449/callback"
                                                         "scope" "playlist-modify-private"}}))

I get the following error in calva:

; Execution error (MalformedCookieException) at org.apache.http.impl.cookie.BasicExpiresHandler/parse (BasicExpiresHandler.java:64).
; Invalid 'expires' attribute: 2022-10-9 08:50:33.742

and the following warning in the terminal:

WARNING: Invalid cookie header: "set-cookie: __Host-sp_csrf_sid=360afea54e9aeacfa17925dcf1b3b2aae0ba4734b9b838751a450a6f32458da5; Path=/; HttpOnly; Secure; Expires=2022-10-9 08:32:57.829; Max-Age=3600; SameSite=Lax". Invalid 'expires' attribute: 2022-10-9 08:32:57.829

The spotify auth workflow is listed here.

Any assistance would be wonderful!

Jack Gee
  • 136
  • 6
  • The authorization code flow compromises server + browser client actions. The set-cookie header is not implemented in the http client. If you don't require access to user related information via the Spotify APO, you can use the client credential flow instead. It's strictly server-to-server. – Oluwafemi Sule Oct 09 '22 at 08:20
  • @OluwafemiSule I do require user related user related information, unfortunately. I have implemented the client credential flow for other stuff, and got stuck when I needed user information. Do you know any options for packages that could make this work? – Jack Gee Oct 09 '22 at 08:30
  • None that I'm aware of. It seems that you're building an API. For the authorization code flow, you need to perform the authorization request in the browser. You must expose however a public endpoint to be calledback after the user logs in to Spotify. You must have configure this callback in the application settings in the Spotify dev dashboard. – Oluwafemi Sule Oct 09 '22 at 09:34
  • Check out this [sample project](https://github.com/osule/demo-spotify-auth-code-flow/blob/master/src/spotify_auth/core.clj) that gives an idea how to get an access token through the authorization code flow – Oluwafemi Sule Oct 09 '22 at 11:55

0 Answers0