gpt4 book ai didi

objective-c - Spotify 请求 Web API 删除未经身份验证的调用

转载 作者:搜寻专家 更新时间:2023-10-30 20:08:33 24 4
gpt4 key购买 nike

删除对 Web API 的未经身份验证的调用后,我在获取 token 时遇到了问题。我在 developer.spotify 上发现我需要制作授权代码流。最大的问题是:

It provides an access token that can be refreshed. Since the token exchange involves sending your secret key, this should happen on a secure location, like a backend service, not from a client like a browser or mobile apps.

是否有其他一些方法可以在没有授权代码流的情况下使用 web api,如“获取跟踪”或“搜索项目”?

最佳答案

是的,您需要阅读有关客户端凭证流的内容。

The method makes it possible to authenticate your requests to the Spotify Web API and to obtain a higher rate limit than you would get without authentication.

您需要使用在 developer.spotify 上注册应用后获得的 client_id 和 client_secret。

请求将在请求正文中包含值为“client_credentials”的 grant_type 参数,并且 header 必须包含 Authorization

Required. Base 64 encoded string that contains the client ID and client secret key. The field must have the format: Authorization: Basic base64 encoded client_id:client_secret

您可以在 Web API Authorization Guide 中找到所有这些信息

如何获取 token 的示例:

- (void)spotifyToken {
NSString *body = @"grant_type=client_credentials";
NSData *postData = [body dataUsingEncoding:NSASCIIStringEncoding allowLossyConversion:YES];
NSString *prepareHeader = [NSString stringWithFormat:@"%@:%@",clientId, clientSecret];
NSData *data = [prepareHeader dataUsingEncoding:NSUTF8StringEncoding];
NSString *base64encoded = [data base64EncodedStringWithOptions:0];
NSString *header = [NSString stringWithFormat:@"Basic %@", base64encoded];

NSMutableURLRequest *request = [[NSMutableURLRequest alloc]init];
[request setURL:[NSURL URLWithString:@"https://accounts.spotify.com/api/token"]];
[request setHTTPBody:postData];
[request setHTTPMethod:@"POST"];
[request setValue:header forHTTPHeaderField:@"Authorization"];

NSURLSession *session = [NSURLSession sessionWithConfiguration:[NSURLSessionConfiguration defaultSessionConfiguration]];
[[session dataTaskWithRequest:request completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) {
if (!error) {
dispatch_async(dispatch_get_main_queue(), ^{
// saving somewhere token for further using
});
}
}] resume];
}

然后您发出几乎相同的请求以搜索一个项目。但是 POST 你在标题中发送带有你的 token 的 GET。看起来像:

NSString *token = [tokenData objectForKey:@"access_token"];
NSString *tokenType = [tokenData objectForKey:@"token_type"];

NSString *header = [NSString stringWithFormat:@"%@ %@", tokenType, token];
NSMutableURLRequest *request = [[NSMutableURLRequest alloc] init];

NSURL *url = [NSURL URLWithString:[NSString stringWithFormat:@"https://api.spotify.com/v1/search?%@",trackId]];

[request setValue:header forHTTPHeaderField:@"Authorization"];
[request setURL:url];

NSURLSession *session = [NSURLSession sessionWithConfiguration:[NSURLSessionConfiguration defaultSessionConfiguration]];
[[session dataTaskWithRequest:request completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) {
if (!error) {
NSDictionary *json = [NSJSONSerialization JSONObjectWithData:data options:0 error:nil];
// JSON with song is here
}
}] resume];

关于objective-c - Spotify 请求 Web API 删除未经身份验证的调用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/44270717/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com