Skip to content

Instantly share code, notes, and snippets.

@ahallora
Last active November 18, 2015 09:43
Show Gist options
  • Save ahallora/f2d9c4c2a883977313ae to your computer and use it in GitHub Desktop.
Save ahallora/f2d9c4c2a883977313ae to your computer and use it in GitHub Desktop.
Spotify Token Exchange (written in node.js)
// Node.js version of the Spotify Token Exchange originally scripted in ruby (based on beta 6 release candidate)
// https://github.com/spotify/ios-sdk/blob/master/Demo%20Projects/spotify_token_swap.rb
var express = require('express');
var bodyParser = require('body-parser');
var request = require('request');
var app = express();
var http = require('http').Server(app);
var config = {}
//INPUT YOUR OWN CREDENTIALS AND SETUP HERE
config.spotify_crypto_password = 'your_own_special_password';
config.k_client_id = "your_spotify_clientid";
config.k_client_secret = "your_spotify_secret";
config.server_port = 3000;
config.server_ip_address = '127.0.0.1';
//------------------------------
config.spotify_crypto_algorithm = 'des-ede3-cbc',
config.k_client_oauth_url = 'https://accounts.spotify.com/api/token';
config.k_client_profile_url = 'https://api.spotify.com/v1/me';
config.k_client_refresh_url = 'https://accounts.spotify.com/api/token';
var crypto = require('crypto'),
algorithm = config.spotify_crypto_algorithm,
password = config.spotify_crypto_password;
var authHeader = 'Basic ' + new Buffer(config.k_client_id + ':' + config.k_client_secret).toString('base64');
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.post('/token', function (req, res) {
var code = req.body.code;
var formObject = {
grant_type: "authorization_code",
redirect_uri: config.k_client_callback_url,
code: code
}
var options = {
form: formObject,
headers: { 'Authorization': authHeader },
url: config.k_client_oauth_url
}
console.log('Spotify Token request received (code):' + code);
request.post(options, function (err, resp, body) {
if (err) {
console.log("Error : " + err);
} else {
token_data = JSON.parse(body);
if (token_data['error'] != null) {
console.log('Error in token data:\n' + body);
} else {
refresh_token = token_data['refresh_token'];
encrypted_token = encrypt(refresh_token);
token_data['refresh_token'] = encrypted_token;
refresh_token = encrypted_token;
console.log('Spotify Token served for ' + token_data['id']);
res.send(token_data);
}
}
});
});
app.post('/refresh', function (req, res) {
var encrypted_token = req.body.refresh_token;
console.log('Spotify Token request received (encrypted_token):' + encrypted_token);
var refresh_token = decrypt(encrypted_token);
var formObject = {
grant_type: 'refresh_token',
refresh_token: refresh_token
}
var options = {
form: formObject,
headers: { 'Authorization': authHeader },
url: config.k_client_refresh_url
}
request.post(options, function (err, resp, body) {
if (err) {
console.log('Error : ' + err);
} else {
console.log('Spotify Token refreshed.');
res.send(body);
}
});
});
http.listen(config.server_port, config.server_ip_address, function () {
console.log('Spotify Token Exchange started on port ' + config.server_port);
});
// Encryption scripts
// Copyright (c) 20014 http://lollyrock.com/articles/nodejs-encryption/
function encrypt(text){
var cipher = crypto.createCipher(algorithm,password)
var crypted = cipher.update(text,'utf8','hex')
crypted += cipher.final('hex');
return crypted;
}
function decrypt(text){
var decipher = crypto.createDecipher(algorithm, password);
try {
var dec = decipher.update(text,'hex','utf8');
dec += decipher.final('utf8');
return dec;
} catch (ex) {
console.log(ex);
return;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment