android-sdk icon indicating copy to clipboard operation
android-sdk copied to clipboard

Published 20 hours ago verified publisher icon spotify

Provide a way to refresh token

Open dimitris-athanasiou opened this issue 4 years ago • 10 comments

There is no way to refresh the authentication token via the SDK. This seems to be an omission that really hinders good user experience, as can be seen in https://github.com/spotify/android-sdk/issues/12#issuecomment-544844910.

This issue is a request to provide a way to refresh the authentication token so that an app can keep working without requesting the user to login over and over again.

dimitris-athanasiou avatar May 25 '20 07:05 dimitris-athanasiou

@mdelolmo Hi, I am not sure who to tag, but does this feature have any priority? Or is it not gonna happen in the near future? Be being able to refresh the token silently, would have a lot of benefits for apps which mainly run in the background, without much user interaction.

snappdevelopment avatar Jun 11 '20 15:06 snappdevelopment

Hi @snappdevelopment I'm not currently working on the SDK, but to the best of my knowledge, this feature is not currently in the product backlog.

mdelolmo avatar Jun 12 '20 07:06 mdelolmo

I've also faced the same problem and it's quite frustrating.

What I ended up doing is handling the auth with AppAuth, it's quite similar to the implementation of the Spotify SDK, the main difference is that instead of using a "login activity" the library uses custom tabs.

Using AppAuth you can retrieve both access and refresh token and refresh them as needed also it supports PKCE for extra security.

GhimpuLucianEduard avatar Jul 03 '20 21:07 GhimpuLucianEduard

@GhimpuLucianEduard does the access token retrieved with app-auth work with the SpotifyRemoteSDK?

rohit-ganapathy avatar Jul 09 '20 14:07 rohit-ganapathy

@rohit-ganapathy

I've not tried the SpotifyRemoteSDK but as long as it needs a regular Spotify token, yes it will work. AppAuth it's basically it's just an alternative to the Spotify auth library. In theory, you could handle the auth flow even without any libraries.

GhimpuLucianEduard avatar Jul 13 '20 19:07 GhimpuLucianEduard

As @GhimpuLucianEduard suggested, I ended up implementing AppAuth and I've made it a library to make it easy to integrate in apps. The project is a fork from spotify-web-api-android.

Check the needed auth dependency and this section to get access token and silently refresh token in your app.

Hope I'm allowed to share here and hope this helps.

pghazal avatar Nov 08 '20 11:11 pghazal

I've also faced the same problem and it's quite frustrating.

What I ended up doing is handling the auth with AppAuth, it's quite similar to the implementation of the Spotify SDK, the main difference is that instead of using a "login activity" the library uses custom tabs.

Using AppAuth you can retrieve both access and refresh token and refresh them as needed also it supports PKCE for extra security.

Does this mean that the user should fill in their username and password in order to authenticate? even if they have Spotify app installed with the logged-in user

tinder-levonpetrosyan avatar Oct 10 '21 22:10 tinder-levonpetrosyan

Is there a way to auto-sign the user if they have Spotify installed and get the refresh token?

tbassani avatar Jan 13 '23 21:01 tbassani

Anyone have find a solution for this issue?

Sbolder avatar Nov 24 '23 10:11 Sbolder

Not sure if I understood correctly the question here but I'm using the Spotify Auth SDK to get authorization via the app, without entering the password. The important part is to use CODE Response type and not TOKEN (can't be refreshed) https://spotify.github.io/android-sdk/auth-lib/docs/com/spotify/sdk/android/auth/AuthorizationResponse.Type.html

Once you have the CODE you can transform it to an access and refresh token via the spotify api: https://accounts.spotify.com/api/token

Example of such a token exchange server: https://github.com/Festify/cordova-spotify-oauth/blob/develop/oauth-token-api/spotifyTokenService.js

tobika avatar Nov 24 '23 15:11 tobika