Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

cordova-spotify-oauth

Package Overview
Dependencies
Maintainers
1
Versions
13
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

cordova-spotify-oauth

Cordova plugin for authenticating with Spotify

  • 0.1.6
  • Source
  • npm
  • Socket score

Version published
Maintainers
1
Created
Source

Cordova Spotify OAuth Plugin

Greenkeeper badge Travis

Easy Spotify authentication for Apache Cordova / PhoneGap apps

API Documentation

Features

This plugin provides a simple way of authenticating a user with the Spotify API using the authorization code flow.

The plugin uses SFSafariViewController and Chrome Custom Tabs, if available. This also means it will only work on iOS 9 and above (but this shouldn't be a problem anymore).

Installation

cordova plugin add cordova-spotify-oauth

Usage

The plugin implements the OAuth Authorization Code flow for the Spotify API. This allows you to obtain access and refresh tokens for user related-actions (such as viewing and modifying their library, streaming tracks via the SDKs, etc.). Therefore, additional preparation in addition to installing the plugin is required.

The JS interface is described below at API Documentation.

Protocol registration

The plugin uses custom URL schemes (universal links support will follow) to redirect back from the browser into the app.

You need to register the callback protocol inside the App Info.plist so that iOS knows which app to start when it is redirected when the authentication is done. If you want to use Chrome Custom Tabs (optional, but 110% nice), you must also register the URL scheme and path you will be redirected to within the AndroidManifest.xml file.

Take a look at this repository to see how it's done for both cases.

Spotify Developer Registration

You need to register your custom redirect URL within the Spotify Developer console. Make sure you register the exact value you use within your code (including trailing slashes, etc.).

Token Exchange Service

The authorization code flow requires server code for security. These come in the form of two HTTP endpoints, one for the auth code exchange, and the other one for access token refresh. The SDK will POST application/x-www-form-urlencoded data and expects JSON back.

To easily implement them, we built a Serverless service for AWS Lambda over in the oauth-token-api folder. Make sure you install the Serverless Framework properly!

For the execution of the functions to work you need to set some environmental configuration in the file oauth-token-api/.env

CLIENT_ID="<Your Spotify Client ID>"
CLIENT_SECRET="<Your Spotify Client Secret>"
CLIENT_CALLBACK_URL="<The callback url of your app>" # e.g. "festify-spotify://callback"
ENCRYPTION_SECRET="<Secret used to encrypt the refresh token - please generate>"

You can then deploy the functions like this:

cd oauth-token-api
serverless deploy

The serverless CLI will then print the URL where the functions can be reached. These are the values needed for tokenExchangeUrl and tokenRefreshUrl.

JavaScript usage

Head over to the API Documentation.

Contributing

Pull requests are very welcome! Please use the gitmoji style for commit messages.

Keywords

FAQs

Package last updated on 24 Oct 2017

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc