starred/rspotify
1
0
Fork 0
mirror of https://github.com/ramsayleung/rspotify.git synced 2026-04-25 23:45:52 +03:00
Code Issues 15 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #358] prompt_for_token returns error if token refresh fails #109

New issue
Closed
opened 2026-02-27 20:23:10 +03:00 by kerem · 2 comments
kerem commented 2026-02-27 20:23:10 +03:00
Owner
Copy link

Originally created by @jacobmichels on GitHub (Aug 14, 2022).
Original GitHub issue: https://github.com/ramsayleung/rspotify/issues/358

Describe the bug
Using the AuthCodePkceSpotify client with token cache enabled, if the cached refresh token expires or is invalid, prompt_for_token returns an error http error: status code 400 Bad Request instead of opening the browser to get a new access/refresh token pair. To work around this I've had to delete the token cache and re-run prompt_for_token:

let url = self.client.get_authorize_url(None)?;
let response = self.client.prompt_for_token(&url).await;
if response.is_err() {
    fs::remove_file(&self.client.config.cache_path)?;
    self.client.prompt_for_token(&url).await?;
}

To Reproduce
Steps to reproduce the behavior:

Using an AuthCodePkceSpotify client configured with token_cache and token_refreshing enabled:

  1. Get credentials cached by calling prompt_for_token and following the instructions
  2. Open the json cache file, change the expiration timestamp to a time in the past, and change the refresh token so it's in a valid format but is not a valid token.
  3. Call prompt_for_token on the client and observe the returned error instead of the expected behavior of re-prompting the user for the redirect URI

Expected behavior
As the method description states, I expect prompt_for_token to open the web browser and re-prompt the user for the redirect URI

Log/Output data

[2022-08-14T19:44:03Z INFO  rspotify::auth_code_pkce] Building auth URL
[2022-08-14T19:44:03Z INFO  rspotify::auth_code_pkce] Generating PKCE codes
[2022-08-14T19:44:03Z INFO  rspotify::clients::oauth] Reading auth token cache
[2022-08-14T19:44:03Z INFO  rspotify_http::reqwest] Making request RequestBuilder { method: POST, url: Url { scheme: "https", cannot_be_a_base: false, username: "", password: None, host: Some(Domain("accounts.spotify.com")), port: None, path: "/api/token", query: None, fragment: None }, headers: {"content-type": "application/x-www-form-urlencoded"} }
Error: http error: status code 400 Bad Request

Additional context
I'm unsure if this issue happens with any other auth clients, I've only used the PKCE flow. Happy to provide more info or an example program showcasing the issue.

Originally created by @jacobmichels on GitHub (Aug 14, 2022). Original GitHub issue: https://github.com/ramsayleung/rspotify/issues/358 **Describe the bug** Using the `AuthCodePkceSpotify` client with token cache enabled, if the cached refresh token expires or is invalid, prompt_for_token returns an error `http error: status code 400 Bad Request` instead of opening the browser to get a new access/refresh token pair. To work around this I've had to delete the token cache and re-run prompt_for_token: ``` let url = self.client.get_authorize_url(None)?; let response = self.client.prompt_for_token(&url).await; if response.is_err() { fs::remove_file(&self.client.config.cache_path)?; self.client.prompt_for_token(&url).await?; } ``` **To Reproduce** Steps to reproduce the behavior: Using an `AuthCodePkceSpotify` client configured with `token_cache` and `token_refreshing` enabled: 1. Get credentials cached by calling `prompt_for_token` and following the instructions 2. Open the json cache file, change the expiration timestamp to a time in the past, and change the refresh token so it's in a valid format but is not a valid token. 3. Call `prompt_for_token` on the client and observe the returned error instead of the expected behavior of re-prompting the user for the redirect URI **Expected behavior** As the method description states, I expect prompt_for_token to open the web browser and re-prompt the user for the redirect URI **Log/Output data** ``` [2022-08-14T19:44:03Z INFO rspotify::auth_code_pkce] Building auth URL [2022-08-14T19:44:03Z INFO rspotify::auth_code_pkce] Generating PKCE codes [2022-08-14T19:44:03Z INFO rspotify::clients::oauth] Reading auth token cache [2022-08-14T19:44:03Z INFO rspotify_http::reqwest] Making request RequestBuilder { method: POST, url: Url { scheme: "https", cannot_be_a_base: false, username: "", password: None, host: Some(Domain("accounts.spotify.com")), port: None, path: "/api/token", query: None, fragment: None }, headers: {"content-type": "application/x-www-form-urlencoded"} } Error: http error: status code 400 Bad Request ``` **Additional context** I'm unsure if this issue happens with any other auth clients, I've only used the PKCE flow. Happy to provide more info or an example program showcasing the issue.
kerem 2026-02-27 20:23:10 +03:00
kerem commented 2026-02-27 20:23:11 +03:00
Author
Owner
Copy link

@ramsayleung commented on GitHub (Sep 2, 2022):

Hi @jacobmichels, thanks for your report, I think it's an issue that we need to fix, the prompt_for_token doesn't handle the exception case well.

To work around this I've had to delete the token cache and re-run prompt_for_token:

prompt_for_token should handle it more elegantly, just refetch the token and the update the cache.

github.com/ramsayleung/rspotify@2aca7c67ff/src/clients/oauth.rs (L156)

<!-- gh-comment-id:1235269562 --> @ramsayleung commented on GitHub (Sep 2, 2022): Hi @jacobmichels, thanks for your report, I think it's an issue that we need to fix, the `prompt_for_token ` doesn't handle the exception case well. > To work around this I've had to delete the token cache and re-run prompt_for_token: `prompt_for_token` should handle it more elegantly, just refetch the token and the update the cache. https://github.com/ramsayleung/rspotify/blob/2aca7c67ff94da3ffc3fb346d93b7c9ebc911cc3/src/clients/oauth.rs#L156
kerem commented 2026-02-27 20:23:11 +03:00
Author
Owner
Copy link

@github-actions[bot] commented on GitHub (Jun 24, 2023):

Message to comment on stale issues. If none provided, will not mark issues stale

<!-- gh-comment-id:1605241326 --> @github-actions[bot] commented on GitHub (Jun 24, 2023): Message to comment on stale issues. If none provided, will not mark issues stale
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
ramsay/upgrade-0.16.1
dependabot/cargo/sha2-0.11.0
ramsay/upgrade-to-v0.16
ramsay/deprecate-removed-renamed-field
ramsay/migrate-to-new-endpoint
ramsay/deprecate-removed-endpoints
dependabot/cargo/strum-0.28.0
dependabot/cargo/reqwest-middleware-0.5.1
dependabot/cargo/reqwest-0.13.1
ramsay/upgrade-to-0.15.3
ramsay/upgrade-to-0.15.2
dependabot/cargo/ureq-3.1.2
ramsay/upgrade-dependencies
ramsay/upgrade-to-0.15.1
ramsay/fix-malformed-json
ramsay/upgrade-to-v0.15.0
ramsay/allow-enum-unknown-variant
ramsay/upgrade-to-0.14
ramsay/add_tcplistern_for_callback
ramsay/fix-clippy-error
ramsay/update-doc
ramsay/fix-endless-sequence
ramsay/publish-crate-workflow-test
ramsay/fix-pkce-refresh-token
ramsay/pkce_auth_refresh_token
ramsay_add_test_for_collectionyourepisodes
better-webapp
ramsay_fix_token_expired
percent-search
refresh_token_rwlock
ramsay_convert_result_inside_endpoint
streaming
v0.16.1
v0.16.0
v0.15.3
v0.15.2
v0.15.1
v0.15.0
v0.14.0
v0.13.3
v0.13.2
v0.13.1
v0.13.0
v0.12.0
v0.11.7
v0.11.6
v0.10.0
v0.11.5
v0.11.5.0
v0.11.4
v0.11.3
v0.11.2
v0.11.1
v0.11.0
v0.11.5.1
v0.9
v0.9-alpha
Labels
Clear labels   
Stale

   
bug

   
discussion

   
enhancement

   
good first issue

   
good first issue

   
help wanted

   
pull-request

Mirrored from GitHub Pull Request

  
question
No labels
Stale
bug
discussion
enhancement
good first issue
good first issue
help wanted
pull-request
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/rspotify#109
No description provided.