Closed mroscar20192020 closed 1 year ago
Can you provide more of your code? It's hard to tell with just the warning.
@bluemath
auth.php require 'vendor/autoload.php';
$session = new SpotifyWebAPI\Session( 'client id', '', // Normally the client secret, but this value can be omitted when using the PKCE flow 'https://localhost/apis2/callback.php' );
$verifier = $session->generateCodeVerifier(); // Store this value somewhere, a session for example $challenge = $session->generateCodeChallenge($verifier); $state = $session->generateState();
$options = [ 'code_challenge' => $challenge, 'scope' => [ 'playlist-read-private', 'user-read-private', ], 'state' => $state, ];
header('Location: ' . $session->getAuthorizeUrl($options)); die();
callback.php
require 'vendor/autoload.php';
$session = new SpotifyWebAPI\Session( 'client id', 'client secret', 'https://localhost/apis2/app.php' );
$state = $_GET['state']; // Fetch the stored state value from somewhere. A session for example
if ($state !== $storedState) { // The state returned isn't the same as the one we've stored, we shouldn't continue die('State mismatch'); }
// Request a access token using the code from Spotify and the previously created code verifier $session->requestAccessToken($_GET['code'], $verifier);
$accessToken = $session->getAccessToken(); $refreshToken = $session->getRefreshToken();
// Store the access and refresh tokens somewhere. In a session for example
// Send the user along and fetch some data! header('Location: app.php'); die();
app.php require 'vendor/autoload.php';
$api = new SpotifyWebAPI\SpotifyWebAPI();
// Fetch the saved access token from somewhere. A session for example. $api->setAccessToken($accessToken);
// It's now possible to request data about the currently authenticated user print_r( $api->me() );
// Getting Spotify catalog data is of course also possible print_r( $api->getTrack('7EjyzZcbLxW7PaaLua9Ksb') );
the problem with callback.php can't find variable $storedState
Hey! I'm guessing you're following the examples from Authorization Using the Proof Key for Code Exchange (PKCE) Flow ?
The $storedState
variable is something you'll need to set yourself, based on a state value you've set somewhere in the first step (a PHP session for example). I've purposefully not included that logic in the example since I don't want ro recommend one approach over another, but leave that up to the user. You could also simply remove that if
statement if you're just playing around but it's highly recommended to perform that kind of check in a real application.
Hope this solves your issue!
thank you sir it's work
Hello,how can i solve this problem ?