spotcast: wp_access_token error
I cannot play music anymore. I’m using version v2.2 of Spotcast and Home Assistent 0.99.3.
I get the following error using services under developertools in Home Assistent and using spotify-card.
Log Details (ERROR) Sun Sep 29 2019 17:33:52 GMT+0200 (centraleuropeisk sommartid) "name='wp_access_token', domain=None, path=None" Traceback (most recent call last): File "/usr/src/homeassistant/homeassistant/components/websocket_api/commands.py", line 130, in handle_call_service connection.context(msg), File "/usr/src/homeassistant/homeassistant/core.py", line 1234, in async_call await asyncio.shield(self._execute_service(handler, service_call)) File "/usr/src/homeassistant/homeassistant/core.py", line 1261, in _execute_service await self._hass.async_add_executor_job(handler.func, service_call) File "/usr/local/lib/python3.7/concurrent/futures/thread.py", line 57, in run result = self.fn(*self.args, **self.kwargs) File "/config/custom_components/spotcast/__init__.py", line 162, in start_casting access_token, expires = get_spotify_token(username=user, password=pwd) File "/config/custom_components/spotcast/__init__.py", line 85, in get_spotify_token data = st.start_session(username, password) File "/usr/local/lib/python3.7/site-packages/spotify_token.py", line 70, in start_session access_token, expiration_date = _get_access_token(session, cookies) File "/usr/local/lib/python3.7/site-packages/spotify_token.py", line 42, in _get_access_token access_token = response.cookies['wp_access_token'] File "/usr/local/lib/python3.7/site-packages/requests/cookies.py", line 328, in __getitem__ return self._find_no_duplicates(name) File "/usr/local/lib/python3.7/site-packages/requests/cookies.py", line 399, in _find_no_duplicates raise KeyError('name=%r, domain=%r, path=%r' % (name, domain, path)) KeyError: "name='wp_access_token', domain=None, path=None"
This is added to configuration.yaml
spotcast:
username: myusername password: mypassword accounts: fredrik: username: myusername password: mypassword philip: username: myusername2 password: mypassword2
custom-cards:spotify-card
client_id: mycliendid limit: 25 random_song: true transfer_playback: true type: ‘custom:spotify-card’
About this issue
- Original URL
- State: closed
- Created 5 years ago
- Reactions: 3
- Comments: 31 (6 by maintainers)
Commits related to this issue
- Adds and imports a modified version of the spotify_token library (quick-fix for #34) — committed to bendikrb/spotcast by bendikrb 5 years ago
Looks like Spotify has changed their authentication so
wp_access_tokenno longer is return as a cookie after logging in as defined in https://github.com/enriquegh/spotify-webplayer-token/blob/c8ebf5811640cc78eb560ac725cb7d944c63f400/spotify_token.py#L42 which spotcast depends on. Confirmed that by sniffing looking at the traffic when logging into https://accounts.spotify.com/login It looks like they instead use a bunch of cookies (sp_ac, sp_key and sp_dc). I’m not sure if they existed before too and if any of them has the value of the access token. This will have to be investigated more. I can try to find time in a few days if @fondberg doesnt beat me to it.I assume its not possible to obtain a full access token using any official APIs, @fondberg?
Oh no! If I am correct this means Spotify changed the way a browser token is retrieved. That is bad as this library uses the unofficial way to get a token because it is required for chromecast devices. I will need to investigate this…
Thanks, it works! Here is the file:
init.zip
That is correct. The access token from the normal web oath api is too weak for this (lacks scope).
Unless they have changed the way a token is sent to a chromecast device as well the only thing to do is to do what @petergp says… reverse engineer the new login and either update the spotify-token library or create a new one. Right now my newborn baby and my work pretty much occupies me fulltime I wont have time until the weekend for this. So if someone figures out the call flow to get the token it would be very appreciated
Just released v2.3. Thanks @AlexLadd and @bendikrb for your efforts!
@AlexLadd that’s awesome, thanks. Indeed a more sane approach.
@fondberg I’d suggest integrating his code onto spotcast
Here is a modification of spotify_token that has worked for me. I am not sure if this is the proper way to access the token but this version has been working consistently for the past few days. Hope it can be of some help. I am using it in an Appdaemon app that is inspired by spotcast that makes recommendations and plays music to a Spotify connected device if anyone is interested in trying it out.
Thank you for the great project!
I had a quick look and it seems the access_token is generated in the javascript, somewhere in https://open.scdn.co/static/vendor.a8787467.js I wasn’t able to find how the cookie vars are used for that, there’s
sp_acwhich looks similar to how lengthy a token would be.Anyway, I was able to create a workaround so I avoid going through the JS code, but its not really efficient:
https://accounts.spotify.com/loginhttps://open.spotify.com/browsewith the cookies injectedAuthorizationheaderexpiresInI just use 3600, since that’s not in the SPA requests.I’m cool with sharing this solution, but I’d really appreciate a proper fix by finding the right way to generate the access_token from the given cookies.
I also have the same issue.