starred/Spotify-Canvas-API
1
0
Fork 0
mirror of https://github.com/Paxsenix0/Spotify-Canvas-API.git synced 2026-04-27 00:05:56 +03:00
Code Issues 1 Projects Releases 3 Packages Wiki Activity

[GH-ISSUE #5] Secrets Repository taken down #4

New issue
Open
opened 2026-02-27 20:21:30 +03:00 by kerem · 13 comments
kerem commented 2026-02-27 20:21:30 +03:00
Owner
Copy link

Originally created by @Inzaniity on GitHub (Oct 11, 2025).
Original GitHub issue: https://github.com/Paxsenix0/Spotify-Canvas-API/issues/5

The secrets repository that was used to fetch the TOTP secrets has been taken down by Spotify, therefore the TOTP is not accessible anymore. There is, however, a python script which can be found here

https://github.com/misiektoja/spotify_monitor/issues/26#issuecomment-3393391332

Originally created by @Inzaniity on GitHub (Oct 11, 2025). Original GitHub issue: https://github.com/Paxsenix0/Spotify-Canvas-API/issues/5 The secrets repository that was used to fetch the TOTP secrets has been taken down by Spotify, therefore the TOTP is not accessible anymore. There is, however, a python script which can be found here https://github.com/misiektoja/spotify_monitor/issues/26#issuecomment-3393391332
kerem commented 2026-02-27 20:21:31 +03:00
Author
Owner
Copy link

@Paxsenix0 commented on GitHub (Oct 11, 2025):

Hello, There are a few alternatives.

xyloflake/spot-secrets-go
Also, I found an old source code on github and decided to create a new repo with it: Paxsenix0/something-useless-cuz-of-sp

<!-- gh-comment-id:3393699001 --> @Paxsenix0 commented on GitHub (Oct 11, 2025): Hello, There are a few alternatives. [xyloflake/spot-secrets-go](https://github.com/xyloflake/spot-secrets-go) Also, I found an old source code on github and decided to create a new repo with it: [Paxsenix0/something-useless-cuz-of-sp](https://github.com/Paxsenix0/something-useless-cuz-of-sp)
kerem commented 2026-02-27 20:21:31 +03:00
Author
Owner
Copy link

@Inzaniity commented on GitHub (Oct 11, 2025):

I used the python code and it runs in a docker container now saving the TOTP secrets to my database. Just wanted to raise awareness that the current method will break.

There is also this repo having the secrets but who knows for how long this will stay up: https://raw.githubusercontent.com/xyloflake/spot-secrets-go/refs/heads/main/secrets/secretDict.json

<!-- gh-comment-id:3393703760 --> @Inzaniity commented on GitHub (Oct 11, 2025): I used the python code and it runs in a docker container now saving the TOTP secrets to my database. Just wanted to raise awareness that the current method will break. There is also this repo having the secrets but who knows for how long this will stay up: https://raw.githubusercontent.com/xyloflake/spot-secrets-go/refs/heads/main/secrets/secretDict.json
kerem commented 2026-02-27 20:21:31 +03:00
Author
Owner
Copy link

@Paxsenix0 commented on GitHub (Oct 11, 2025):

It's better to pin this issue.

By the way, I also found this repo on git.gay by the same person. thereallo/totp-secrets

<!-- gh-comment-id:3393723956 --> @Paxsenix0 commented on GitHub (Oct 11, 2025): It's better to pin this issue. By the way, I also found this repo on git.gay by the same person. [thereallo/totp-secrets](https://git.gay/thereallo/totp-secrets)
kerem commented 2026-02-27 20:21:31 +03:00
Author
Owner
Copy link

@Inzaniity commented on GitHub (Oct 11, 2025):

It's better to pin this issue.

By the way, I also found this repo on git.gay by the same person. thereallo/totp-secrets

Then I think the easiest solution for now is to replace the link to the secrets with this one: https://git.gay/thereallo/totp-secrets/raw/branch/main/secrets/secretDict.json

lets see how long this stays...

<!-- gh-comment-id:3393731417 --> @Inzaniity commented on GitHub (Oct 11, 2025): > It's better to pin this issue. > > By the way, I also found this repo on git.gay by the same person. [thereallo/totp-secrets](https://git.gay/thereallo/totp-secrets) ~~Then I think the easiest solution for now is to replace the link to the secrets with this one: https://git.gay/thereallo/totp-secrets/raw/branch/main/secrets/secretDict.json~~ lets see how long this stays...
kerem commented 2026-02-27 20:21:31 +03:00
Author
Owner
Copy link

@commitSpectral commented on GitHub (Oct 13, 2025):

The secrets repository that was used to fetch the TOTP secrets has been taken down by Spotify, therefore the TOTP is not accessible anymore. There is, however, a python script which can be found here

misiektoja/spotify_monitor#26 (comment)

All those repositories pulling secrets are actually from that dev's original code you shared, he automated the whole flow and now released a Docker image. We can run his image on a schedule locally, save the output file and point our jobs at it, same trick he used for spotify_monitor. This way we are not dependent on remote sources.

https://github.com/misiektoja/spotify_monitor#-secret-key-extraction-via-docker-recommended-easiest-way

<!-- gh-comment-id:3397621575 --> @commitSpectral commented on GitHub (Oct 13, 2025): > The secrets repository that was used to fetch the TOTP secrets has been taken down by Spotify, therefore the TOTP is not accessible anymore. There is, however, a python script which can be found here > > [misiektoja/spotify_monitor#26 (comment)](https://github.com/misiektoja/spotify_monitor/issues/26#issuecomment-3393391332) All those repositories pulling secrets are actually from that dev's original code you shared, he automated the whole flow and now released a Docker image. We can run his image on a schedule locally, save the output file and point our jobs at it, same trick he used for spotify_monitor. This way we are not dependent on remote sources. [https://github.com/misiektoja/spotify_monitor#-secret-key-extraction-via-docker-recommended-easiest-way](https://github.com/misiektoja/spotify_monitor#-secret-key-extraction-via-docker-recommended-easiest-way)
kerem commented 2026-02-27 20:21:31 +03:00
Author
Owner
Copy link

@commitSpectral commented on GitHub (Oct 13, 2025):

Hello, There are a few alternatives.

xyloflake/spot-secrets-go Also, I found an old source code on github and decided to create a new repo with it: Paxsenix0/something-useless-cuz-of-sp

I would create a new user and repository there to not risk having your main project being deleted as well!

<!-- gh-comment-id:3397677535 --> @commitSpectral commented on GitHub (Oct 13, 2025): > Hello, There are a few alternatives. > > [xyloflake/spot-secrets-go](https://github.com/xyloflake/spot-secrets-go) Also, I found an old source code on github and decided to create a new repo with it: [Paxsenix0/something-useless-cuz-of-sp](https://github.com/Paxsenix0/something-useless-cuz-of-sp) I would create a new user and repository there to not risk having your main project being deleted as well!
kerem commented 2026-02-27 20:21:31 +03:00
Author
Owner
Copy link

@Paxsenix0 commented on GitHub (Oct 13, 2025):

I would create a new user and repository there to not risk having your main project being deleted as well!

Thanks for pointing that out! I'll create a new user and do that! :)

<!-- gh-comment-id:3399207040 --> @Paxsenix0 commented on GitHub (Oct 13, 2025): > I would create a new user and repository there to not risk having your main project being deleted as well! Thanks for pointing that out! I'll create a new user and do that! :)
kerem commented 2026-02-27 20:21:31 +03:00
Author
Owner
Copy link

@ALMIGHTY-VC commented on GitHub (Nov 23, 2025):

Well, it has stopped working, I recently tried it on paxmusic but it never worked on any song.

<!-- gh-comment-id:3568173886 --> @ALMIGHTY-VC commented on GitHub (Nov 23, 2025): Well, it has stopped working, I recently tried it on paxmusic but it never worked on any song.
kerem commented 2026-02-27 20:21:31 +03:00
Author
Owner
Copy link

@Inzaniity commented on GitHub (Nov 29, 2025):

Well, it has stopped working, I recently tried it on paxmusic but it never worked on any song.

Still works like a charm on my end. Granted I'm now generating my own TOTP. The latest is from end of October, still works though.

<!-- gh-comment-id:3590949387 --> @Inzaniity commented on GitHub (Nov 29, 2025): > Well, it has stopped working, I recently tried it on paxmusic but it never worked on any song. Still works like a charm on my end. Granted I'm now generating my own TOTP. The latest is from end of October, still works though.
kerem commented 2026-02-27 20:21:31 +03:00
Author
Owner
Copy link

@ALMIGHTY-VC commented on GitHub (Nov 29, 2025):

Well, it has stopped working, I recently tried it on paxmusic but it never worked on any song.

Still works like a charm on my end. Granted I'm now generating my own TOTP. The latest is from end of October, still works though.

Well then any way to fix it on paxmusic? Cus its a paxmusic userbase issue afaik.You are using the TOTP noice but have you modified paxmusic to send the one time security code through your requests or are you using it in a completely different way

<!-- gh-comment-id:3591545760 --> @ALMIGHTY-VC commented on GitHub (Nov 29, 2025): > > Well, it has stopped working, I recently tried it on paxmusic but it never worked on any song. > > Still works like a charm on my end. Granted I'm now generating my own TOTP. The latest is from end of October, still works though. Well then any way to fix it on paxmusic? Cus its a paxmusic userbase issue afaik.You are using the TOTP noice but have you modified paxmusic to send the one time security code through your requests or are you using it in a completely different way
kerem commented 2026-02-27 20:21:31 +03:00
Author
Owner
Copy link

@Paxsenix0 commented on GitHub (Nov 30, 2025):

@ALMIGHTY-VC Hello! I think you are out of topic, the issue on PaxMusic is on my backend, I am not able to fix it at the moment.

<!-- gh-comment-id:3592371012 --> @Paxsenix0 commented on GitHub (Nov 30, 2025): @ALMIGHTY-VC Hello! I think you are out of topic, the issue on PaxMusic is on my backend, I am not able to fix it at the moment.
kerem commented 2026-02-27 20:21:31 +03:00
Author
Owner
Copy link

@ALMIGHTY-VC commented on GitHub (Nov 30, 2025):

@ALMIGHTY-VC Hello! I think you are out of topic, the issue on PaxMusic is on my backend, I am not able to fix it at the moment.

Well him(Insaziity) was a contributor so I thought he might know something. Well I know you do have a handful of projects so you might forget it but can you please fix this when you feel like doing it.Thanks and can you create a issue/feature repo on github regarding paxmusic because I don't want to add telegram on my already installed hoard of apps. ;}

Thanks to Inzaniity too I won't tag you for a Issue which doesn't require your attention because I think your response spotted the issue related with Alex's backend.

<!-- gh-comment-id:3592571366 --> @ALMIGHTY-VC commented on GitHub (Nov 30, 2025): > [@ALMIGHTY-VC](https://github.com/ALMIGHTY-VC) Hello! I think you are out of topic, the issue on PaxMusic is on my backend, I am not able to fix it at the moment. Well him(Insaziity) was a contributor so I thought he might know something. Well I know you do have a handful of projects so you might forget it but can you please fix this when you feel like doing it.Thanks and can you create a issue/feature repo on github regarding paxmusic because I don't want to add telegram on my already installed hoard of apps. ;} Thanks to Inzaniity too I won't tag you for a Issue which doesn't require your attention because I think your response spotted the issue related with Alex's backend.
kerem commented 2026-02-27 20:21:31 +03:00
Author
Owner
Copy link

@Inzaniity commented on GitHub (Nov 30, 2025):

@ALMIGHTY-VC Hello! I think you are out of topic, the issue on PaxMusic is on my backend, I am not able to fix it at the moment.

Well him(Insaziity) was a contributor so I thought he might know something. Well I know you do have a handful of projects so you might forget it but can you please fix this when you feel like doing it.Thanks and can you create a issue/feature repo on github regarding paxmusic because I don't want to add telegram on my already installed hoard of apps. ;}

Thanks to Inzaniity too I won't tag you for a Issue which doesn't require your attention because I think your response spotted the issue related with Alex's backend.

All good! I thought it was only related to the TOTP. I only contributed a small code snippet and don't know any of the other repositories/projects.

<!-- gh-comment-id:3593469857 --> @Inzaniity commented on GitHub (Nov 30, 2025): > > [@ALMIGHTY-VC](https://github.com/ALMIGHTY-VC) Hello! I think you are out of topic, the issue on PaxMusic is on my backend, I am not able to fix it at the moment. > > Well him(Insaziity) was a contributor so I thought he might know something. Well I know you do have a handful of projects so you might forget it but can you please fix this when you feel like doing it.Thanks and can you create a issue/feature repo on github regarding paxmusic because I don't want to add telegram on my already installed hoard of apps. ;} > > Thanks to Inzaniity too I won't tag you for a Issue which doesn't require your attention because I think your response spotted the issue related with Alex's backend. All good! I thought it was only related to the TOTP. I only contributed a small code snippet and don't know any of the other repositories/projects.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
2.0.5
2.0.0
1.0.0
Labels
Clear labels   
pull-request

Mirrored from GitHub Pull Request

No labels
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/Spotify-Canvas-API#4
No description provided.