Variables can be passed through a Spotify account and redirected to a specified URL.

[Coreycoder]

I encountered an issue while programming a bot.
Summary and function

When a user types !add spotify:track:someHash in a chat-application, I invoke a java-function which then triggers a PHP-script.

I have been using this git-project, following the instructions in the documentation for authorization, and I am able to add my tracks to the source by manually inputting the code.

Allow me to demonstrate the essential elements.

HTML Code:

if (spotifyTrack.startsWith("spotify")) {

    // this might be important, maybe need to change this?
    URL url = new URL("http://www.example.com/spot/index.php");

    URLConnection con = url.openConnection();
    con.setDoOutput(true);
    PrintStream ps = new PrintStream(con.getOutputStream());
    ps.print("track=" + spotifyTrack);
    con.getInputStream();
    ps.close();
    sendMessage.setText("Song added");
}

My variable spotifyTrack holds something like this.

HTML Code:

spotify:track:06faVvKZVHivuKgL8NUMQr

So, I'm calling my index.php

HTML Code:

require 'vendor/autoload.php';

// I'm calling another script here, add.php, you see why down below
$session = new SpotifyWebAPI\Session('My ID','My Secret','http://www.example.com./spot/add.php');
$api = new SpotifyWebAPI\SpotifyWebAPI();

$scopes = array(
    'playlist-read-private',
    'user-read-private',
    'playlist-modify-public'
);

$authorizeUrl = $session->getAuthorizeUrl(array(
    'scope' => $scopes
));

header('Location: ' . $authorizeUrl);
die();   
// Start using the API!

This here is the 2nd Script: add.php

HTML Code:

require 'vendor/autoload.php';

$session = new SpotifyWebAPI\Session('My Id', 'MY Secret','http://www.example.com/spot/add.php');
$api = new SpotifyWebAPI\SpotifyWebAPI();

$scopes = array(
    'playlist-read-private',
    'user-read-private',
    'playlist-modify-public'
);

$authorizeUrl = $session->getAuthorizeUrl(array(
    'scope' => $scopes
));

// Request a access token using the code from Spotify
$session->requestAccessToken($_GET['code']);
$accessToken = $session->getAccessToken();

// Set the access token on the API wrapper
$api->setAccessToken($accessToken);

$track = explode(":", $_POST['track']);

// Start using the API!
$api->addUserPlaylistTracks('my user', 'my playlist id', array(
$track[2],
));

It seems that I have been using unnecessary and inelegant methods, and I am at a loss for how to proceed. The redirect URI's must be specified, so I have included index.php and add.php.

The issue is that when calling index.php from a Java program and changing the URL to index.php, it will cause an infinite redirect loop. When calling add.php, the POST data is lost.

From what I understand, I need to make a call to the index.php file and use the redirect to get the code parameter. (I'm assuming this is related to OAuth?)

My question is What is the best way to maintain POST data after redirecting with the header() function?

[andbin]

First of all, I don't know anything about the Spotify API, I don't know how it works and so I am sorry because I cannot help at that level. However I have some doubts about the requests you are doing.

The Location header is typically used with HTTP status codes 3xx (redirections) or 201 ("created"). When a client (e.g. a browser) receives a 3xx/201 status and a Location header, it knows it has to make a new request at that location.

Thus, the first question is: what status code is returned by the index.php?

The second question is related to Location header: since you made the request to index.php with Java code, then the "client" is your Java application. And so it is the Java application that should read the Location header and do ... something else ... In other words: what do you do with the Location header on the Java side?

[salem_c]

There's no point bothering to help.

It's just a stupid repost bot that takes random SO topics, copy/pastes them on other forums and adds on a random line containing a URL to the same scammy site over and over.