starred/spotipy
1
0
Fork 0
mirror of https://github.com/spotipy-dev/spotipy.git synced 2026-04-27 00:25:54 +03:00
Code Issues 62 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #87] Support refreshing token #42

New issue
Closed
opened 2026-02-27 23:20:32 +03:00 by kerem · 6 comments
kerem commented 2026-02-27 23:20:32 +03:00
Owner
Copy link

Originally created by @wannabeCitizen on GitHub (Apr 4, 2016).
Original GitHub issue: https://github.com/spotipy-dev/spotipy/issues/87

What is the recommendation of this team for how people should refresh tokens? As it stands all examples are written as though you've just gotten your tokens from a prompt. If I go deep into oauth2.py I can find a private method to refresh tokens however, that requires a whole different object that the standard spotipy instance does not need.

This is a critical part of the library. How do you anticipate this flow working?

Originally created by @wannabeCitizen on GitHub (Apr 4, 2016). Original GitHub issue: https://github.com/spotipy-dev/spotipy/issues/87 What is the recommendation of this team for how people should refresh tokens? As it stands all examples are written as though you've just gotten your tokens from a prompt. If I go deep into oauth2.py I can find a private method to refresh tokens however, that requires a whole different object that the standard spotipy instance does not need. This is a critical part of the library. How do you anticipate this flow working?
kerem 2026-02-27 23:20:32 +03:00
kerem commented 2026-02-27 23:20:33 +03:00
Author
Owner
Copy link

@eugenio412 commented on GitHub (Apr 8, 2016):

pulled a request for that

<!-- gh-comment-id:207471341 --> @eugenio412 commented on GitHub (Apr 8, 2016): pulled a request for that
kerem commented 2026-02-27 23:20:33 +03:00
Author
Owner
Copy link

@JeremyGrieshop commented on GitHub (Aug 30, 2016):

I'd like to know this as well. I have a long-running app, it needs to refresh the tokens periodically, and I'd like to know how that should be handled in the main control loop. Try/Catch/login? Timer-based? This isn't very clear.

<!-- gh-comment-id:243487062 --> @JeremyGrieshop commented on GitHub (Aug 30, 2016): I'd like to know this as well. I have a long-running app, it needs to refresh the tokens periodically, and I'd like to know how that should be handled in the main control loop. Try/Catch/login? Timer-based? This isn't very clear.
kerem commented 2026-02-27 23:20:33 +03:00
Author
Owner
Copy link

@eugenio412 commented on GitHub (Aug 30, 2016):

Usually Whwnever I need a token I first check if it's not expired (I saved the expire time together with the token and refresh token), if it's expired I proceed to renew it using the refresh function. You can find it in my fork of Spotipy http://GitHub.com/eugenio412/Spotipy

<!-- gh-comment-id:243617616 --> @eugenio412 commented on GitHub (Aug 30, 2016): Usually Whwnever I need a token I first check if it's not expired (I saved the expire time together with the token and refresh token), if it's expired I proceed to renew it using the refresh function. You can find it in my fork of Spotipy http://GitHub.com/eugenio412/Spotipy
kerem commented 2026-02-27 23:20:33 +03:00
Author
Owner
Copy link

@JeremyGrieshop commented on GitHub (Sep 4, 2016):

Thanks for the followup.

Are you referring to: https://github.com/eugenio412/spotipy/blob/master/examples/client_credentials_flow.py

Where you use the SpotifyClientCredentials object to manage this? If so, that looks like it manages unauthorized logins. If I want to make authorized API calls, I need a way to pass in the redirect url for authentication.

<!-- gh-comment-id:244619048 --> @JeremyGrieshop commented on GitHub (Sep 4, 2016): Thanks for the followup. Are you referring to: https://github.com/eugenio412/spotipy/blob/master/examples/client_credentials_flow.py Where you use the SpotifyClientCredentials object to manage this? If so, that looks like it manages unauthorized logins. If I want to make authorized API calls, I need a way to pass in the redirect url for authentication.
kerem commented 2026-02-27 23:20:33 +03:00
Author
Owner
Copy link

@eugenio412 commented on GitHub (Sep 4, 2016):

Nope, i war referring to the file https://github.com/eugenio412/spotipy/blob/master/spotipy/oauth2.py where refresh_access_token is declared, you can then use it, but there is no example, just read the code and try to make it work, I use it for my project, so it's working

<!-- gh-comment-id:244624607 --> @eugenio412 commented on GitHub (Sep 4, 2016): Nope, i war referring to the file https://github.com/eugenio412/spotipy/blob/master/spotipy/oauth2.py where refresh_access_token is declared, you can then use it, but there is no example, just read the code and try to make it work, I use it for my project, so it's working
kerem commented 2026-02-27 23:20:33 +03:00
Author
Owner
Copy link

@stephanebruckert commented on GitHub (Jan 26, 2020):

This is how we can currently refresh the token:

token = util.prompt_for_user_token(os.getenv('SPOTIPY_USERNAME'), scope=SCOPE)
sp_oauth = oauth2.SpotifyOAuth(
    os.getenv('SPOTIPY_CLIENT_ID'),
    os.getenv('SPOTIPY_CLIENT_SECRET'),
    os.getenv('SPOTIPY_REDIRECT_URI'),
    scope=SCOPE,
    cache_path='.cache-'+os.getenv('SPOTIPY_USERNAME')
)
token_info = sp_oauth.get_cached_token()

sp = spotipy.Spotify(auth=token_info['access_token'])

while True:
    if sp_oauth.is_token_expired:
        token_info = sp_oauth.get_cached_token()
        sp = spotipy.Spotify(auth=token_info['access_token'])
    sp.do_something()
    time.sleep(60)

However this looks very messy and we are discussing about a way to improve it here https://github.com/plamere/spotipy/issues/263#issuecomment-578539713. I'm closing this issue in favor of the other one. Please let us know what you think of the suggested improvement

<!-- gh-comment-id:578539933 --> @stephanebruckert commented on GitHub (Jan 26, 2020): This is how we can currently refresh the token: ``` token = util.prompt_for_user_token(os.getenv('SPOTIPY_USERNAME'), scope=SCOPE) sp_oauth = oauth2.SpotifyOAuth( os.getenv('SPOTIPY_CLIENT_ID'), os.getenv('SPOTIPY_CLIENT_SECRET'), os.getenv('SPOTIPY_REDIRECT_URI'), scope=SCOPE, cache_path='.cache-'+os.getenv('SPOTIPY_USERNAME') ) token_info = sp_oauth.get_cached_token() sp = spotipy.Spotify(auth=token_info['access_token']) while True: if sp_oauth.is_token_expired: token_info = sp_oauth.get_cached_token() sp = spotipy.Spotify(auth=token_info['access_token']) sp.do_something() time.sleep(60) ``` However this looks very messy and we are discussing about a way to improve it here https://github.com/plamere/spotipy/issues/263#issuecomment-578539713. I'm closing this issue in favor of the other one. Please let us know what you think of the suggested improvement
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
feature/2026-02-changes
feature/invalid-uri-warning
feature/refresh-endpoints
doc-deprecations
revert-synchronize
v3
run-tests
bugfix/1149-change-cache-name
2.23.0
v3_oldprsonly
2.26.0
2.25.2
2.25.1
2.25.0
2.24.0
2.23.0
2.22.1
2.22.0
2.21.0
2.20.0
2.19.0
2.18.0
2.17.1
2.17.0
2.16.1
2.16.0
2.15.0
2.14.0
2.13.0
2.12.0
2.11.2
2.11.1
2.11.0
2.10.0
2.9.0
2.8.0
2.7.1
2.7.0
2.6.3
2.6.2
2.6.1
2.6.0
2.5.0
Labels
Clear labels   
api-bug

   
bug

   
dependencies

   
documentation

   
duplicate

   
enhancement

   
external-ide

   
headless-mode

   
implicit-grant-flow

   
invalid

   
missing-endpoint

   
pr-welcome

   
private-api

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
spotipy3

   
wontfix
No labels
api-bug
bug
dependencies
documentation
duplicate
enhancement
external-ide
headless-mode
implicit-grant-flow
invalid
missing-endpoint
pr-welcome
private-api
pull-request
question
spotipy3
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/spotipy#42
No description provided.