[PR #566] [MERGED] Refinement of PKCE #944

New issue

Closed

opened 2026-02-28 00:02:47 +03:00 by kerem · 0 comments

kerem commented

2026-02-28 00:02:47 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/spotipy-dev/spotipy/pull/566
Author: @IdmFoundInHim
Created: 8/29/2020
Status: ✅ Merged
Merged: 8/30/2020
Merged by: @stephanebruckert

Base: master ← Head: pkce-refinement

📝 Commits (5)

8f03ff7 Improve SpotifyPKCE.get_authorization_url
197cd81 Clean up namespace in SpotifyPKCE._get_auth_response_interactive
4c246c0 Duplicate parse_auth_response_url into SpotifyPKCE
4a16190 Update SpotifyPKCE security advisory
503a9da Update changelog for PKCE refinements

📊 Changes

2 files changed (+41 additions, -14 deletions)

View changed files

📝 CHANGELOG.md (+9 -1)
📝 spotipy/oauth2.py (+32 -13)

📄 Description

The only effective change is that PKCE handshake tokens will have been generated if an authorization URL is constructed. This is important because it avoids an unexpected error from Spotify.

Other changes include:

New public method SpotifyPKCE.parse_auth_response_url, simply executes the parallel method from SpotifyOAuth
SpotifyPKCE._get_auth_response_interactive now calls a static method from self rather than SpotifyOAuth
The SpotifyImplicitGrant security advisory now reflects the addition of SpotifyPKCE

@stephanebruckert I am prepared to add a warning to the initialization function of SpotifyImplicitGrant. Do we want to put it in, or just leave the advisory in the docstr?

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/spotipy-dev/spotipy/pull/566 **Author:** [@IdmFoundInHim](https://github.com/IdmFoundInHim) **Created:** 8/29/2020 **Status:** ✅ Merged **Merged:** 8/30/2020 **Merged by:** [@stephanebruckert](https://github.com/stephanebruckert) **Base:** `master` ← **Head:** `pkce-refinement` --- ### 📝 Commits (5) - [`8f03ff7`](https://github.com/spotipy-dev/spotipy/commit/8f03ff7a6b14d32a017d5bd8498921ebc0d3b975) Improve SpotifyPKCE.get_authorization_url - [`197cd81`](https://github.com/spotipy-dev/spotipy/commit/197cd81c797e1c23794c2773a88a0d6821418365) Clean up namespace in SpotifyPKCE._get_auth_response_interactive - [`4c246c0`](https://github.com/spotipy-dev/spotipy/commit/4c246c0f7cfbe47bba8e1179a8ea130a603f1fd3) Duplicate parse_auth_response_url into SpotifyPKCE - [`4a16190`](https://github.com/spotipy-dev/spotipy/commit/4a16190f67e3d890b044707ffecdbff8d0b95e95) Update SpotifyPKCE security advisory - [`503a9da`](https://github.com/spotipy-dev/spotipy/commit/503a9dad0663ba228772f3fad959e44f0ba2bc31) Update changelog for PKCE refinements ### 📊 Changes **2 files changed** (+41 additions, -14 deletions) <details> <summary>View changed files</summary> 📝 `CHANGELOG.md` (+9 -1) 📝 `spotipy/oauth2.py` (+32 -13) </details> ### 📄 Description The only effective change is that **PKCE handshake tokens will have been generated if an authorization URL is constructed**. This is important because it avoids an unexpected error from Spotify. Other changes include: * New public method `SpotifyPKCE.parse_auth_response_url`, simply executes the parallel method from `SpotifyOAuth` * `SpotifyPKCE._get_auth_response_interactive` now calls a static method from `self` rather than `SpotifyOAuth` * The `SpotifyImplicitGrant` security advisory now reflects the addition of `SpotifyPKCE` @stephanebruckert I am [prepared to add a warning](https://github.com/IdmFoundInHim/spotipy/pull/27) to the initialization function of `SpotifyImplicitGrant`. Do we want to put it in, or just leave the advisory in the docstr? --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>