From 364065a50dd042bde114ab9e8455bd26b3d5b5db Mon Sep 17 00:00:00 2001 From: Travis-CI Date: Sun, 31 Jul 2016 14:51:58 +0000 Subject: [PATCH] Built mkdocs | Travis Build 26 --- SpotifyWebAPI/auth/index.html | 28 ++++++++++++++++++++++++++++ mkdocs/search_index.json | 4 ++-- sitemap.xml | 30 +++++++++++++++--------------- 3 files changed, 45 insertions(+), 17 deletions(-) diff --git a/SpotifyWebAPI/auth/index.html b/SpotifyWebAPI/auth/index.html index 85c0d877..17f3ff74 100644 --- a/SpotifyWebAPI/auth/index.html +++ b/SpotifyWebAPI/auth/index.html @@ -210,6 +210,34 @@ When using ImplicitGrantAuth, another user could abuse the "localhost" RedirectU

This way is recommended and the only auth-process, which does not need a server-side exchange of keys. With this approach, you directly get a Token object after the user authed your application. You won't be able to refresh the token. If you want to use the internal Http server, please add "http://localhost" to your application redirects.

More info: here

+

For this kind of authentication, there is also a WebAPIFactory, it's easier to use and uses an async method:

+
static async void Main(string[] args)
+{
+  WebAPIFactory webApiFactory = new WebAPIFactory(
+       "http://localhost",
+       8000,
+       "XXXXXXXXXXXXXXXX",
+       Scope.UserReadPrivate,
+       TimeSpan.FromSeconds(20)
+  );
+
+  try
+  {
+    //This will open the user's browser and returns once
+    //the user is authorized.
+    _spotify = await webApiFactory.GetWebApi();
+  }
+  catch (Exception ex)
+  {
+     MessageBox.Show(ex.Message);
+  }
+
+  if (_spotify == null)
+     return;
+}
+
+ +

The old way:

static ImplicitGrantAuth auth;
 static void Main(string[] args)
 {
diff --git a/mkdocs/search_index.json b/mkdocs/search_index.json
index 554246df..5ce983b2 100644
--- a/mkdocs/search_index.json
+++ b/mkdocs/search_index.json
@@ -127,7 +127,7 @@
         },
         {
             "location": "/SpotifyWebAPI/auth/",
-            "text": "Auth-Methods\n\n\nBefore you can use the Web API full functional, you need the user to authenticate your Application.\n\nIf you want to know more, you can read to the whole auth-process \nhere\n.\n\n\nBefore you start, you need to create a Application at Spotify: \nYour Applications\n\n\n\n\nAfter you created your Application, you will have following important values:  \n\n\n\n\nClient_Id\n This is your client_id, you don't have to hide it\n\n\nClient_Secret\n Never use this in one of your client-side apps!! Keep it secret!\n\n\nRedirect URIs\n Add \"http://localhost\", if you want full support for this API  \n\n\n\n\nNow you can start with the User-authentication, Spotify provides 3 ways:\n\n\n\n\n\n\nImplicitGrantAuth\n (\nRecommended\n, no server-side code needed)  \n\n\n\n\n\n\nAutorizationCodeAuth\n (Not Recommended, Server-side code needed, else it's unsecure)\n\n\n\n\n\n\nClientCredentialsAuth\n (Not Recommended, Server-side code needed, else it's unsecure)  \n\n\n\n\n\n\nNote:\n I would recommend a little PHP Script, which will exchange the Keys using AutorizationCodeAuth.\nWhen using ImplicitGrantAuth, another user could abuse the \"localhost\" RedirectUri by creating a \"fake\"-app which uses your ClientId.\n\n\nOverview:\n\n\n\nAfter implementing one of the provided auth-methods, you can start doing requests with the token you get from one of the auth-methods\n\n\nImplicitGrantAuth\n\n\nThis way is \nrecommended\n and the only auth-process, which does not need a server-side exchange of keys. With this approach, you directly get a Token object after the user authed your application.\nYou won't be able to refresh the token. If you want to use the internal Http server, please add \"http://localhost\" to your application redirects.\n\n\nMore info: \nhere\n\n\nstatic ImplicitGrantAuth auth;\nstatic void Main(string[] args)\n{\n    //Create the auth object\n    auth = new ImplicitGrantAuth()\n    {\n        //Your client Id\n        ClientId = \nXXXXXXXXXXXXXXXX\n,\n        //Set this to localhost if you want to use the built-in HTTP Server\n        RedirectUri = \nhttp://localhost\n,\n        //How many permissions we need?\n        Scope = Scope.USER_READ_PRIVATE,\n    };\n    //Start the internal http server\n    auth.StartHttpServer();\n    //When we got our response\n    auth.OnResponseReceivedEvent += auth_OnResponseReceivedEvent;\n    //Start\n    auth.DoAuth();\n}\n\nstatic void auth_OnResponseReceivedEvent(Token token, string state, string error)\n{\n    //stop the http server\n    auth.StopHttpServer();\n\n    var spotify = new SpotifyWebApiClass()\n    {\n        TokenType = token.TokenType,\n        AccessToken = token.AccessToken\n    };\n    //We can now make calls with the token object\n}\n\n\n\n\nAutorizationCodeAuth\n\n\nThis way is \nnot recommended\n and requires server-side code to run securely.\n\nWith this approach, you first get a code which you need to trade against the access-token.\n\nIn this exchange you need to provide your Client-Secret and because of that it's not recommended.\n\n(But you can e.g exchange to codes via a PHP Script)\n\nA good thing about this method: You can always refresh your token, without having the user to auth it again\n\n\nMore info: \nhere\n\n\nstatic AutorizationCodeAuth auth;\nstatic void Main(string[] args)\n{\n    //Create the auth object\n    auth = new AutorizationCodeAuth()\n    {\n        //Your client Id\n        ClientId = \nXXXXXXXXXXXXXXX\n,\n        //Set this to localhost if you want to use the built-in HTTP Server\n        RedirectUri = \nhttp://localhost\n,\n        //How many permissions we need?\n        Scope = Scope.USER_READ_PRIVATE,\n    };\n    //This will be called, if the user cancled/accept the auth-request\n    auth.OnResponseReceivedEvent += auth_OnResponseReceivedEvent;\n    //a local HTTP Server will be started (Needed for the response)\n    auth.StartHttpServer();\n    //This will open the spotify auth-page. The user can decline/accept the request\n    auth.DoAuth();\n\n    Thread.Sleep(60000);\n    auth.StopHttpServer();\n    Console.WriteLine(\nToo long, didnt respond, exiting now...\n);\n}\n\nprivate static void auth_OnResponseReceivedEvent(AutorizationCodeAuthResponse response)\n{\n    //Stop the HTTP Server, done.\n    auth.StopHttpServer();\n\n    //NEVER DO THIS! You would need to provide the ClientSecret.\n    //You would need to do it e.g via a PHP-Script.\n    Token token = auth.ExchangeAuthCode(response.Code, \nXXXXXXXXXXX\n);\n\n    var spotify = new SpotifyWebApiClass()\n    {\n        TokenType = token.TokenType,\n        AccessToken = token.AccessToken\n    };\n\n    //With the token object, you can now make API calls\n}\n\n\n\n\nClientCredentialsAuth\n\n\nThis way is \nnot recommended\n and requires server-side code to run securely.\n\nWith this approach, you make a POST Request with a base64 encoded string (consists of ClientId + ClientSecret). You will directly get the token (Without a local HTTP Server), but it will expire and can't be refreshed.\n\nIf you want to use it securely, you would need to do it all server-side.\n\n\nNOTE:\n You will only be able to query non-user-related information e.g search for a Track.\n\n\nMore info: \nhere\n\n\nstatic ClientCredentialsAuth auth;\nstatic void Main(string[] args)\n{\n    //Create the auth object\n    auth = new ClientCredentialsAuth()\n    {\n        //Your client Id\n        ClientId = \nXXXXXXXXXXXXXXX\n,\n        //Your client secret UNSECURE!!\n        ClientSecret = \nXXXXXXXXXXXX\n,\n        //How many permissions we need?\n        Scope = Scope.USER_READ_PRIVATE,\n    };\n    //With this token object, we now can make calls\n    Token token = auth.DoAuth();\n    var spotify = new SpotifyWebApiClass()\n    {\n        TokenType = token.TokenType,\n        AccessToken = token.AccessToken,\n        UseAuth = false\n    };\n}\n\n\n\n\nScopes",
+            "text": "Auth-Methods\n\n\nBefore you can use the Web API full functional, you need the user to authenticate your Application.\n\nIf you want to know more, you can read to the whole auth-process \nhere\n.\n\n\nBefore you start, you need to create a Application at Spotify: \nYour Applications\n\n\n\n\nAfter you created your Application, you will have following important values:  \n\n\n\n\nClient_Id\n This is your client_id, you don't have to hide it\n\n\nClient_Secret\n Never use this in one of your client-side apps!! Keep it secret!\n\n\nRedirect URIs\n Add \"http://localhost\", if you want full support for this API  \n\n\n\n\nNow you can start with the User-authentication, Spotify provides 3 ways:\n\n\n\n\n\n\nImplicitGrantAuth\n (\nRecommended\n, no server-side code needed)  \n\n\n\n\n\n\nAutorizationCodeAuth\n (Not Recommended, Server-side code needed, else it's unsecure)\n\n\n\n\n\n\nClientCredentialsAuth\n (Not Recommended, Server-side code needed, else it's unsecure)  \n\n\n\n\n\n\nNote:\n I would recommend a little PHP Script, which will exchange the Keys using AutorizationCodeAuth.\nWhen using ImplicitGrantAuth, another user could abuse the \"localhost\" RedirectUri by creating a \"fake\"-app which uses your ClientId.\n\n\nOverview:\n\n\n\nAfter implementing one of the provided auth-methods, you can start doing requests with the token you get from one of the auth-methods\n\n\nImplicitGrantAuth\n\n\nThis way is \nrecommended\n and the only auth-process, which does not need a server-side exchange of keys. With this approach, you directly get a Token object after the user authed your application.\nYou won't be able to refresh the token. If you want to use the internal Http server, please add \"http://localhost\" to your application redirects.\n\n\nMore info: \nhere\n\n\nFor this kind of authentication, there is also a \nWebAPIFactory\n, it's easier to use and uses an async method:\n\n\nstatic async void Main(string[] args)\n{\n  WebAPIFactory webApiFactory = new WebAPIFactory(\n       \nhttp://localhost\n,\n       8000,\n       \nXXXXXXXXXXXXXXXX\n,\n       Scope.UserReadPrivate,\n       TimeSpan.FromSeconds(20)\n  );\n\n  try\n  {\n    //This will open the user's browser and returns once\n    //the user is authorized.\n    _spotify = await webApiFactory.GetWebApi();\n  }\n  catch (Exception ex)\n  {\n     MessageBox.Show(ex.Message);\n  }\n\n  if (_spotify == null)\n     return;\n}\n\n\n\n\nThe old way:\n\n\nstatic ImplicitGrantAuth auth;\nstatic void Main(string[] args)\n{\n    //Create the auth object\n    auth = new ImplicitGrantAuth()\n    {\n        //Your client Id\n        ClientId = \nXXXXXXXXXXXXXXXX\n,\n        //Set this to localhost if you want to use the built-in HTTP Server\n        RedirectUri = \nhttp://localhost\n,\n        //How many permissions we need?\n        Scope = Scope.USER_READ_PRIVATE,\n    };\n    //Start the internal http server\n    auth.StartHttpServer();\n    //When we got our response\n    auth.OnResponseReceivedEvent += auth_OnResponseReceivedEvent;\n    //Start\n    auth.DoAuth();\n}\n\nstatic void auth_OnResponseReceivedEvent(Token token, string state, string error)\n{\n    //stop the http server\n    auth.StopHttpServer();\n\n    var spotify = new SpotifyWebApiClass()\n    {\n        TokenType = token.TokenType,\n        AccessToken = token.AccessToken\n    };\n    //We can now make calls with the token object\n}\n\n\n\n\nAutorizationCodeAuth\n\n\nThis way is \nnot recommended\n and requires server-side code to run securely.\n\nWith this approach, you first get a code which you need to trade against the access-token.\n\nIn this exchange you need to provide your Client-Secret and because of that it's not recommended.\n\n(But you can e.g exchange to codes via a PHP Script)\n\nA good thing about this method: You can always refresh your token, without having the user to auth it again\n\n\nMore info: \nhere\n\n\nstatic AutorizationCodeAuth auth;\nstatic void Main(string[] args)\n{\n    //Create the auth object\n    auth = new AutorizationCodeAuth()\n    {\n        //Your client Id\n        ClientId = \nXXXXXXXXXXXXXXX\n,\n        //Set this to localhost if you want to use the built-in HTTP Server\n        RedirectUri = \nhttp://localhost\n,\n        //How many permissions we need?\n        Scope = Scope.USER_READ_PRIVATE,\n    };\n    //This will be called, if the user cancled/accept the auth-request\n    auth.OnResponseReceivedEvent += auth_OnResponseReceivedEvent;\n    //a local HTTP Server will be started (Needed for the response)\n    auth.StartHttpServer();\n    //This will open the spotify auth-page. The user can decline/accept the request\n    auth.DoAuth();\n\n    Thread.Sleep(60000);\n    auth.StopHttpServer();\n    Console.WriteLine(\nToo long, didnt respond, exiting now...\n);\n}\n\nprivate static void auth_OnResponseReceivedEvent(AutorizationCodeAuthResponse response)\n{\n    //Stop the HTTP Server, done.\n    auth.StopHttpServer();\n\n    //NEVER DO THIS! You would need to provide the ClientSecret.\n    //You would need to do it e.g via a PHP-Script.\n    Token token = auth.ExchangeAuthCode(response.Code, \nXXXXXXXXXXX\n);\n\n    var spotify = new SpotifyWebApiClass()\n    {\n        TokenType = token.TokenType,\n        AccessToken = token.AccessToken\n    };\n\n    //With the token object, you can now make API calls\n}\n\n\n\n\nClientCredentialsAuth\n\n\nThis way is \nnot recommended\n and requires server-side code to run securely.\n\nWith this approach, you make a POST Request with a base64 encoded string (consists of ClientId + ClientSecret). You will directly get the token (Without a local HTTP Server), but it will expire and can't be refreshed.\n\nIf you want to use it securely, you would need to do it all server-side.\n\n\nNOTE:\n You will only be able to query non-user-related information e.g search for a Track.\n\n\nMore info: \nhere\n\n\nstatic ClientCredentialsAuth auth;\nstatic void Main(string[] args)\n{\n    //Create the auth object\n    auth = new ClientCredentialsAuth()\n    {\n        //Your client Id\n        ClientId = \nXXXXXXXXXXXXXXX\n,\n        //Your client secret UNSECURE!!\n        ClientSecret = \nXXXXXXXXXXXX\n,\n        //How many permissions we need?\n        Scope = Scope.USER_READ_PRIVATE,\n    };\n    //With this token object, we now can make calls\n    Token token = auth.DoAuth();\n    var spotify = new SpotifyWebApiClass()\n    {\n        TokenType = token.TokenType,\n        AccessToken = token.AccessToken,\n        UseAuth = false\n    };\n}\n\n\n\n\nScopes",
             "title": "Authentication"
         },
         {
@@ -137,7 +137,7 @@
         },
         {
             "location": "/SpotifyWebAPI/auth/#implicitgrantauth",
-            "text": "This way is  recommended  and the only auth-process, which does not need a server-side exchange of keys. With this approach, you directly get a Token object after the user authed your application.\nYou won't be able to refresh the token. If you want to use the internal Http server, please add \"http://localhost\" to your application redirects.  More info:  here  static ImplicitGrantAuth auth;\nstatic void Main(string[] args)\n{\n    //Create the auth object\n    auth = new ImplicitGrantAuth()\n    {\n        //Your client Id\n        ClientId =  XXXXXXXXXXXXXXXX ,\n        //Set this to localhost if you want to use the built-in HTTP Server\n        RedirectUri =  http://localhost ,\n        //How many permissions we need?\n        Scope = Scope.USER_READ_PRIVATE,\n    };\n    //Start the internal http server\n    auth.StartHttpServer();\n    //When we got our response\n    auth.OnResponseReceivedEvent += auth_OnResponseReceivedEvent;\n    //Start\n    auth.DoAuth();\n}\n\nstatic void auth_OnResponseReceivedEvent(Token token, string state, string error)\n{\n    //stop the http server\n    auth.StopHttpServer();\n\n    var spotify = new SpotifyWebApiClass()\n    {\n        TokenType = token.TokenType,\n        AccessToken = token.AccessToken\n    };\n    //We can now make calls with the token object\n}",
+            "text": "This way is  recommended  and the only auth-process, which does not need a server-side exchange of keys. With this approach, you directly get a Token object after the user authed your application.\nYou won't be able to refresh the token. If you want to use the internal Http server, please add \"http://localhost\" to your application redirects.  More info:  here  For this kind of authentication, there is also a  WebAPIFactory , it's easier to use and uses an async method:  static async void Main(string[] args)\n{\n  WebAPIFactory webApiFactory = new WebAPIFactory(\n        http://localhost ,\n       8000,\n        XXXXXXXXXXXXXXXX ,\n       Scope.UserReadPrivate,\n       TimeSpan.FromSeconds(20)\n  );\n\n  try\n  {\n    //This will open the user's browser and returns once\n    //the user is authorized.\n    _spotify = await webApiFactory.GetWebApi();\n  }\n  catch (Exception ex)\n  {\n     MessageBox.Show(ex.Message);\n  }\n\n  if (_spotify == null)\n     return;\n}  The old way:  static ImplicitGrantAuth auth;\nstatic void Main(string[] args)\n{\n    //Create the auth object\n    auth = new ImplicitGrantAuth()\n    {\n        //Your client Id\n        ClientId =  XXXXXXXXXXXXXXXX ,\n        //Set this to localhost if you want to use the built-in HTTP Server\n        RedirectUri =  http://localhost ,\n        //How many permissions we need?\n        Scope = Scope.USER_READ_PRIVATE,\n    };\n    //Start the internal http server\n    auth.StartHttpServer();\n    //When we got our response\n    auth.OnResponseReceivedEvent += auth_OnResponseReceivedEvent;\n    //Start\n    auth.DoAuth();\n}\n\nstatic void auth_OnResponseReceivedEvent(Token token, string state, string error)\n{\n    //stop the http server\n    auth.StopHttpServer();\n\n    var spotify = new SpotifyWebApiClass()\n    {\n        TokenType = token.TokenType,\n        AccessToken = token.AccessToken\n    };\n    //We can now make calls with the token object\n}",
             "title": "ImplicitGrantAuth"
         },
         {
diff --git a/sitemap.xml b/sitemap.xml
index a8325060..0ba875fa 100644
--- a/sitemap.xml
+++ b/sitemap.xml
@@ -4,7 +4,7 @@
     
     
      None/
-     2016-04-04
+     2016-07-31
      daily
     
     
@@ -13,79 +13,79 @@
         
     
      None/SpotifyWebAPI/gettingstarted/
-     2016-04-04
+     2016-07-31
      daily
     
         
     
      None/SpotifyWebAPI/examples/
-     2016-04-04
+     2016-07-31
      daily
     
         
     
      None/SpotifyWebAPI/auth/
-     2016-04-04
+     2016-07-31
      daily
     
         
     
      None/SpotifyWebAPI/albums/
-     2016-04-04
+     2016-07-31
      daily
     
         
     
      None/SpotifyWebAPI/artists/
-     2016-04-04
+     2016-07-31
      daily
     
         
     
      None/SpotifyWebAPI/browse/
-     2016-04-04
+     2016-07-31
      daily
     
         
     
      None/SpotifyWebAPI/follow/
-     2016-04-04
+     2016-07-31
      daily
     
         
     
      None/SpotifyWebAPI/library/
-     2016-04-04
+     2016-07-31
      daily
     
         
     
      None/SpotifyWebAPI/playlists/
-     2016-04-04
+     2016-07-31
      daily
     
         
     
      None/SpotifyWebAPI/profiles/
-     2016-04-04
+     2016-07-31
      daily
     
         
     
      None/SpotifyWebAPI/search/
-     2016-04-04
+     2016-07-31
      daily
     
         
     
      None/SpotifyWebAPI/tracks/
-     2016-04-04
+     2016-07-31
      daily
     
         
     
      None/SpotifyWebAPI/util/
-     2016-04-04
+     2016-07-31
      daily
     
         
@@ -95,7 +95,7 @@
         
     
      None/SpotifyLocalAPI/
-     2016-04-04
+     2016-07-31
      daily