OAuth support for accessing Web API endpoints #143
Conversation
mopidy_spotify/web.py
Outdated
| kwargs.setdefault('headers', {}).update(self._headers) | ||
| response = self._request('GET', url, **kwargs) | ||
| result = self._decode(response) | ||
| except Error as e: |
There was a problem hiding this comment.
We should probably catch a more specific error? Also do we want to log this just as debug?
There was a problem hiding this comment.
I was thinking could raise and catch OAuthTokenRefreshError and a OAuthClientError exceptions. And I agree, these want more visibility, error level doesn't seem unreasonable to me.
kingosticks
force-pushed
the
feature/oauth
branch
from
b7d95be
to
8168f21
Compare
|
I'm done here, any comments on the latest commits @mopidy/mopidy? Happy to remove/edit the warning message if anyone has a better idea. |
|
Not sure if caring about the credentials between the versions is the same makes any sense? Other wise this looks fine :-) |
|
I don't follow, between versions of mopidy-spotify? Which credentials? I was thinking maybe it should check the credentials provide the particular scopes we need? Did mopidy-spotify-web previously request whatever scope is needed for search and images or did you have to add that? |
|
As in For the scopes we currently request enough, but as soon as we start moving away from libspotify more whole sale this will start to matter more. And since there are already a bunch of tokens in use we just have to figure out how to migrate people somewhat nicely when the time comes. |
|
EDIT: reworded I thought it was necessary for both extensions to use the same set of credentials. If the auth bridge is used multiple times, I thought different credentials were obtained each time but only the last ones obtained are valid. If this is incorrect then I'll just revert that last commit. |
|
You can have as many tokens a you like, and it makes no difference if there are separate ones for the two plugins. What could work is having |
|
Other thing we could do is look over the scopes and reconfigure the defaults the oauthclientbridge requests, potentially reducing the migration required later? |
OK. I'm going to revert that last commit and squash the rest.
Agreed.
I think this would be worthwhile. Getting playlists through the Web API is probably the next most pressing thing to fix so making sure we have all the EDIT:
|
Use specific OAuth exceptions, handle them and json parsing in one place. Add new web API authorisation steps to the README.
kingosticks
force-pushed
the
feature/oauth
branch
from
de91721
to
e9fb82f
Compare
|
Ready to go! Do we need @jodal to make and upload a release? |
|
I should have access at least, but haven't done this in ages. I'm kinda liking the idea of automating away all of this for everything in the mopidy org, but that is well beyond the scope of this PR. I'll go ahead and merge this as step one at least, and I might have time/energy to look at doing a release this evening. |
|
Good job on this PR. 👏 I'd love to see a release today! 😄 |
Fixes and tests for @adamcik's original branch.
Still need to consider (from #130):