Warning: Undefined variable $storedState in C:\xampp\htdocs\apis2\callback.php on line 15 State mismatch

[mroscar20192020]

Hello,how can i solve this problem ?

[bmartus]

Can you provide more of your code? It's hard to tell with just the warning.

[mroscar20192020]

@bluemath

auth.php require 'vendor/autoload.php';

$session = new SpotifyWebAPI\Session( 'client id', '', // Normally the client secret, but this value can be omitted when using the PKCE flow 'https://localhost/apis2/callback.php' );

$verifier = $session->generateCodeVerifier(); // Store this value somewhere, a session for example $challenge = $session->generateCodeChallenge($verifier); $state = $session->generateState();

$options = [ 'code_challenge' => $challenge, 'scope' => [ 'playlist-read-private', 'user-read-private', ], 'state' => $state, ];

header('Location: ' . $session->getAuthorizeUrl($options)); die();

callback.php

require 'vendor/autoload.php';

$session = new SpotifyWebAPI\Session( 'client id', 'client secret', 'https://localhost/apis2/app.php' );

$state = $_GET['state']; // Fetch the stored state value from somewhere. A session for example

if ($state !== $storedState) { // The state returned isn't the same as the one we've stored, we shouldn't continue die('State mismatch'); }

// Request a access token using the code from Spotify and the previously created code verifier $session->requestAccessToken($_GET['code'], $verifier);

$accessToken = $session->getAccessToken(); $refreshToken = $session->getRefreshToken();

// Store the access and refresh tokens somewhere. In a session for example

// Send the user along and fetch some data! header('Location: app.php'); die();

app.php require 'vendor/autoload.php';

$api = new SpotifyWebAPI\SpotifyWebAPI();

// Fetch the saved access token from somewhere. A session for example. $api->setAccessToken($accessToken);

// It's now possible to request data about the currently authenticated user print_r( $api->me() );

// Getting Spotify catalog data is of course also possible print_r( $api->getTrack('7EjyzZcbLxW7PaaLua9Ksb') );

[mroscar20192020]

the problem with callback.php can't find variable $storedState

[jwilsson]

Hey! I'm guessing you're following the examples from Authorization Using the Proof Key for Code Exchange (PKCE) Flow ?

The $storedState variable is something you'll need to set yourself, based on a state value you've set somewhere in the first step (a PHP session for example). I've purposefully not included that logic in the example since I don't want ro recommend one approach over another, but leave that up to the user. You could also simply remove that if statement if you're just playing around but it's highly recommended to perform that kind of check in a real application.

Hope this solves your issue!

[mroscar20192020]

thank you sir it's work