mirror of
https://github.com/misiektoja/spotify_monitor.git
synced 2026-04-25 22:55:52 +03:00
[GH-ISSUE #26] Spotify-Secrets has been taken down #13
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @tomballgithub on GitHub (Oct 11, 2025).
Original GitHub issue: https://github.com/misiektoja/spotify_monitor/issues/26
As documented here, the spotify_secrets repository was removed due to a cease & desist.
https://github.com/librespot-org/librespot/discussions/1562
The tools are going to stop working, such as:
fetch_and_update_secrets(): Failed to get new secrets: 404 Client Error: Not Found for url: https://github.com/Thereallo1026/spotify-secrets/blob/main/secrets/secretDict.json?raw=true@tomballgithub commented on GitHub (Oct 11, 2025):
As a temporary fix, edit this line in your configuration file. This is not my repository, and I don't know how long it will remain.
SECRET_CIPHER_DICT_URL = "https://github.com/xyloflake/spot-secrets-go/blob/main/secrets/secretDict.json?raw=true"
@tomballgithub commented on GitHub (Oct 11, 2025):
The more robust solution is to generate the keys yourself using the script already in this repository:
https://github.com/misiektoja/spotify_monitor/blob/dev/debug/spotify_monitor_secret_grabber.py
@Vitalka90 commented on GitHub (Oct 11, 2025):
Can I run this in a Docker? Is there a Template or Docker compose? Would be Really nice
@tomballgithub commented on GitHub (Oct 11, 2025):
@Vitalka90 A docker container is not provided as part of this repository
@tomballgithub commented on GitHub (Oct 12, 2025):
Addressed in new release
@tomballgithub commented on GitHub (Oct 12, 2025):
For reference, here's another working repository:
https://git.gay/thereallo/totp-secrets/src/branch/main/secrets/secretDict.json
And specific URL:
https://git.gay/thereallo/totp-secrets/raw/branch/main/secrets/secretDict.json
@tomballgithub commented on GitHub (Oct 12, 2025):
@Vitalka90 Docker support was added in current release, but only for the Spotify-Secrets fetched mentioned here
@misiektoja commented on GitHub (Oct 12, 2025):
Hi there!
To add to what @tomballgithub mentioned, we've just rolled out some fresh updates for
spotify_monitor(version 2.5) andspotify_profile_monitor(version 2.8).Despite many improvements mainly done by @tomballgithub, we've also tweaked the SECRET_CIPHER_DICT_URL to the working one. Plus, there's a new feature: the tool now lets you load TOTP secrets from local files using file:// URLs.
Given the inevitable takedown of repos that scrape for secrets (it's just a matter of time as Thereallo1026's example showed), I've also teamed up with @tomballgithub to enhance the
spotify_monitor_secret_grabber. You can now dump secrets in different formats. Choose what you need with the --secret, --secretbytes and --secretdict CLI flags, or go all out with the --all mode to write all secret formats to files likesecrets.json,secretBytes.jsonandsecretDict.json.For more details, check out Secret Key Extraction from Spotify Web Player Bundles.
To make life easier when running the tool on different environments, I've also created a multi-arch Docker image as suggested by @Vitalka90. You can check out the 🐳 Secret Key Extraction via Docker for more info.
So, if you're looking to avoid scraping remote repos for data, you can run
spotify_monitor_secret_grabberlocally on your own setup at regular intervals (let's say every 24 hours or so via cron/plist/task scheduler etc., depending on the OS) via one of the methods:Regular approach:
or via Docker:
Then, you just need to configure
spotify_monitororspotify_profile_monitorwithSECRET_CIPHER_DICT_URLpointing to a file:The tool will automatically notice when
secretDict.jsongets updated with new secrets and will use it.Have fun! 😎
@Vitalka90 commented on GitHub (Oct 12, 2025):
Really much Thank you