ClientCredsSpotify doesn't re-authenticate

[kangalio]

Describe the bug An hour after after authenticating for the first time, every API call seems to fail

Http(StatusCode(Response { url: Url { scheme: "https", cannot_be_a_base: false, username: "", password: None, host: Some(Domain("api.spotify.com")), port: None, path: "/v1/playlists/2gvPYPSGi6Eo0BWCauxOxp", query: None, fragment: None }, status: 401, headers: {"www-authenticate": "Bearer realm=\"spotify\", error=\"invalid_token\", error_description=\"The access token expired\"", "access-control-allow-origin": "*", "access-control-allow-headers": "Accept, App-Platform, Authorization, Content-Type, Origin, Retry-After, Spotify-App-Version, X-Cloud-Trace-Context, client-token, content-access-token", "access-control-allow-methods": "GET, POST, OPTIONS, PUT, DELETE, PATCH", "access-control-allow-credentials": "true", "access-control-max-age": "604800", "content-type": "application/json", "content-length": "81", "strict-transport-security": "max-age=31536000", "x-content-type-options": "nosniff", "vary": "Accept-Encoding", "date": "Sun, 21 May 2023 12:22:26 GMT", "server": "envoy", "via": "HTTP/2 edgeproxy, 1.1 google", "alt-svc": "h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000"} }))

To Reproduce Steps to reproduce the behavior:

1. Authenticate with ClientCredsSpotify
2. Sleep an hour, then execute an API call

Expected behavior I expected RSpotify to re-authenticate automatically. That's how other API wrapper do it and is also how I would expect any high-level API wrapper to handle authentication. After all, it should abstract over the API, including authentication specifics.

[ramsayleung]

RSpotify is able to automatically refresh the token if it's expired, but this facility is disabled by default:

https://github.com/ramsayleung/rspotify/blob/master/src/lib.rs#L265

/// Struct to configure the Spotify client.
#[derive(Debug, Clone)]
pub struct Config {
    ...
    /// Whether or not to check if the token has expired when sending a
    /// request with credentials, and in that case, automatically refresh it.
    pub token_refreshing: bool,
}

If you want to enable token_refreshing, set token_refreshing to true:

    // Enabling automatic token refreshing in the config
    let config = Config {
        token_refreshing: true,
        ..Default::default()
    };

[kangalio]

Interesting, why is it disabled by default?

[ramsayleung]

Initially, RSpotify did not have auto-refreshing functionality. This feature was introduced three years after the creation of RSpotify. To maintain compatibility and consistency with previous versions, we utilized a field to control this behavior and set it to false by default.

You could check these issues and pull request for more details:

• https://github.com/ramsayleung/rspotify/issues/223
• https://github.com/ramsayleung/rspotify/pull/262

PS:

I think it's a better option to enable auto refreshing by default.

[ramsayleung]

I think it's a good point, I would like to create a PR to set the token_refreshing to true by default.

[gdesmott]

https://github.com/ramsayleung/rspotify/pull/429 has been merged. Can we close this?

[ramsayleung]

Yes, I think we could close this now.