search

soundcloud / api

A public repo for our Developer Community to engage about bugs and feature requests on our Public API
149 stars 24 forks source link

401 error for stream_url links #157

Closed mayallst closed 3 years ago

mayallst commented 3 years ago

Using the stream_url for public tracks returned in a search, attempting to play the link in my own player in the last couple of days now returns a 401 error: "A request must contain the Authorization header. For details please refer to https://developers.soundcloud.com/blog/security-updates-api"

Even if I apply the Oauth access token in the authorisation header (same as used for track search which still works) I still get the same error. And the Streaming Tracks documentation doesn't make any mention of needing to use an authorisation header. So what is the correct way to stream a link now?

annamalaicoderays commented 3 years ago

I'm having the same problem with stream url links. URL: https://api.soundcloud.com/tracks/881102623/stream?client_id=fbb40e3265987631328efb400b071122h

Browser Response : 

{
  "code": 401,
  "message": "A request must contain the Authorization header. For details please refer to https://developers.soundcloud.com/blog/security-updates-api.",
  "link": "https://developers.soundcloud.com/docs/api/explorer/open-api",
  "status": "401     - Unauthorized",
  "errors": [
    {
      "error_message": "A request must contain the Authorization header. For details please refer to https://developers.soundcloud.com/blog/security-updates-api."
    }
  ],
  "error": null
}
dasha-kobzeva commented 3 years ago

Hello @mayallst, @annamalaicoderays,

To access /stream endpoint you must use the logged-in user token as it is not a public resource. It is acquired through Soundcloud connect + authorization_code flow.

In your case, I would suggest calling this endpoint: https://developers.soundcloud.com/docs/api/explorer/open-api#/tracks/get_tracks__track_id__streams. That way providing the same means of auth as you do for /search should be sufficient.

annamalaicoderays commented 3 years ago

Hi Soundcloud/Api

What is the method for increasing my maximum rate of access token creation limit?

I am getting this response :

{ "code": 429, "message": "rate_limit_exceeded", "link": "https://developers.soundcloud.com/docs/api/rate-limits#errors", "status": "429 - Too Many Requests", "errors": [ { "error_message": "rate_limit_exceeded" } ], "error": null, "error_code": "rate_limit_exceeded"}

On Mon, Oct 18, 2021 at 2:54 PM Dasha Kobzeva @.***> wrote:

Hello @mayallst https://github.com/mayallst, @annamalaicoderays https://github.com/annamalaicoderays,

To access /stream endpoint you must use the logged-in user token as it is not a public resource. It is acquired through Soundcloud connect + authorization_code flow.

In your case, I would suggest calling this endpoint: https://developers.soundcloud.com/docs/api/explorer/open-api#/tracks/get_tracks__track_id__streams . That way providing the same means of auth as you do for /search should be sufficient.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/soundcloud/api/issues/157#issuecomment-945577795, or unsubscribe https://github.com/notifications/unsubscribe-auth/AK2CV6MJXNREEDZ3OK2XUH3UHPRWFANCNFSM5GDGQADA .

dasha-kobzeva commented 3 years ago

@annamalaicoderays, there is no procedure for increasing the rate limit.

If you are hitting it, then you are not using the authentication correctly. Could you provide some information on your auth implementation please?

annamalaicoderays commented 3 years ago

Here's my code now that I've fixed the Soundcloud Stream URL returning an error code 401. It is now fully operational.

<?php
        /* SOUNDCLOUD CREDENTIALS */
        $CLIENT_ID = 'YOUR_CLIENT_ID';
        $CLIENT_SECRET = 'YOUR_CLIENT_SECRET';

        $trackId = 1142143435; /*Your Track Id*/

        $ACCESS_TOKEN = getOAuth($CLIENT_ID,$CLIENT_SECRET);

        $stream = streamURL($trackId, $ACCESS_TOKEN);

        $track_request = trackDetails($trackId, $ACCESS_TOKEN);

        function getOAuth($CLIENT_ID,$CLIENT_SECRET)
        {
            $url = "https://api.soundcloud.com/oauth2/token";

            $curl = curl_init($url);
            curl_setopt($curl, CURLOPT_URL, $url);
            curl_setopt($curl, CURLOPT_POST, true);
            curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);

            $headers = array(
                "Content-Type: application/x-www-form-urlencoded",
            );
            curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);

            $data = "grant_type=client_credentials&client_id=".$CLIENT_ID."&client_secret=".$CLIENT_SECRET;

            curl_setopt($curl, CURLOPT_POSTFIELDS, $data);

            //for debug only!
            curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);

            $response = curl_exec($curl);
            curl_close($curl);
            return $response;
        }

        function trackDetails($trackId, $ACCESS_TOKEN)
        {
            $url = "https://api.soundcloud.com/tracks/" . $trackId;

            $curl = curl_init($url);
            curl_setopt($curl, CURLOPT_URL, $url);
            curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);

            $headers = array(
                "accept: application/json; charset=utf-8",
                "Authorization: OAuth " . $ACCESS_TOKEN,
            );
            curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
            //for debug only!
            curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);

            $response = curl_exec($curl);
            curl_close($curl);
            return $response;
        }

        function streamURL($trackId, $ACCESS_TOKEN)
        {
            $url = "https://api.soundcloud.com/tracks/".$trackId."/stream";

            $curl = curl_init($url);
            curl_setopt($curl, CURLOPT_URL, $url);
            curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);

            $headers = array(
                "accept: application/json; charset=utf-8",
                "Authorization: OAuth ".$ACCESS_TOKEN,
            );
            curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
            //for debug only!
            curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);

            $response = curl_exec($curl);
            curl_close($curl);
            return $response;
        }
    ?>

I've included the curl responses from the preceding code here.

For OAuth Token:

{
  "access_token": "2-141361--bj15bZfizomSpwcfA5JX2ND",
  "expires_in": 3599,
  "refresh_token": "eP8P6FENUZ7WSGDIf3i1wvwGSwhHCfdx",
  "scope": "",
  "token_type": "bearer"
}

For Stream URL:

Note: The generated Stream URL is only valid for one time; if you want another, you must generate a new one with an unexpired OAuth Token.

location - The Stream URL is the one you're looking for.

{
  "status": "302 - Found",
  "location": "https://cf-media.sndcdn.com/GTbktMIdZVGG.128.mp3?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiKjovL2NmLW1lZGlhLnNuZGNkbi5jb20vR1Ria3RNSWRaVkdHLjEyOC5tcDMqIiwiQ29uZGl0aW9uIjp7IkRhdGVMZXNzVGhhbiI6eyJBV1M6RXBvY2hUaW1lIjoxNjM0ODg3MjU3fX19XX0_&Signature=OMu7AQogYzdQpi0O0gLYvgn9IFvS5yPzRPxjYafLDDdEyKNvUxS3~TIZPC7IKOnBs~TPubz7DT~DDXkOKEVlkBDy0TxHD1LLKD3DIhE6ze8dHYXCGzlaqPCvkQ-51kDIwu8EeUFi5byK0X3UJqZ057AXhxX~qF9f5h~~5~LRbPR6ARcyWV97A-SeqZYugU6QA2T9G~JWF3fO3gLETWwplPuF0QhDARz~AIZ0AEG6xGWo6FhOPEMiBHJFa8IHCVgz2pzb-7Vvx4A1Wci2h2Nw4v6oT0Ao0WaF6-2gOOH67zl6So2vtdsMQEmvZjzaD~r5qaBkGJVWsSehBofiAUm2hg__&Key-Pair-Id=APKAI6TU7MMXM5DG6EPQ"
}

For Track Details:

{
  "kind": "track",
  "id": 1142143435,
  "created_at": "2021/10/15 07:30:27 +0000",
  "duration": 182831,
  "commentable": true,
  "comment_count": 0,
  "sharing": "public",
  "tag_list": " ",
  "streamable": true,
  "embeddable_by": "all",
  "purchase_url": null,
  "purchase_title": null,
  "genre": "",
  "title": "Track Name",
  "description": "",
  "label_name": null,
  "release": null,
  "key_signature": null,
  "isrc": null,
  "bpm": null,
  "release_year": null,
  "release_month": null,
  "release_day": null,
  "license": "all-rights-reserved",
  "uri": "https://api.soundcloud.com/tracks/114214343435",
  "user": {
    "avatar_url": "https://i1.sndcdn.com/avatars-00014682366551-2cgqxk-large.jpg",
    "id": 154405051,
    "kind": "user",
    "permalink_url": "https://soundcloud.com/account_name",
    "uri": "https://api.soundcloud.com/users/15440503451",
    "username": "User Name",
    "permalink": "User Name",
    "created_at": "2015/05/23 06:34:12 +0000",
    "last_modified": "2018/11/21 10:41:15 +0000",
    "first_name": null,
    "last_name": null,
    "full_name": "",
    "city": null,
    "description": "Om Tamil Calendar for your Android device! \nThis is the perfect and useful application to all Tamil speaking people & Tamil lovers!",
    "country": null,
    "track_count": 1030,
    "public_favorites_count": 0,
    "reposts_count": 0,
    "followers_count": 0,
    "followings_count": 0,
    "plan": "Pro Unlimited",
    "myspace_name": null,
    "discogs_name": null,
    "website_title": null,
    "website": null,
    "comments_count": 0,
    "online": false,
    "likes_count": 0,
    "playlist_count": 25,
    "subscriptions": [
      {
        "product": {
          "id": "creator-pro-unlimited",
          "name": "Pro Unlimited"
        }
      }
    ]
  },
  "permalink_url": "https://soundcloud.com/account_name/track_name",
  "artwork_url": "https://i1.sndcdn.com/artworks-mMD5y9whMs3dyjarz-pTLUjw-lsarge.jpg",
  "stream_url": "https://api.soundcloud.com/tracks/11421843435/stream",
  "download_url": null,
  "waveform_url": "https://wave.sndcdn.com/GTbktMdfIdZVGG_m.png",
  "available_country_codes": null,
  "secret_uri": null,
  "user_favorite": null,
  "user_playback_count": null,
  "playback_count": 30,
  "download_count": 0,
  "favoritings_count": 0,
  "reposts_count": 0,
  "downloadable": false,
  "access": "playable",
  "policy": null,
  "monetization_model": null
}