Python spotipy refresh token invalid grant type - refresh_token

spotify / web-api

This issue tracker is no longer used. Join us in the Spotify for Developers forum for support with the Spotify Web API ➡️ https://community.spotify.com/t5/Spotify-for-Developers/bd-p/Spotify_Developer

982 stars 79 forks source link

Python spotipy refresh token invalid grant type - refresh_token #1202

Open rishikeshkchapekar opened 5 years ago

rishikeshkchapekar commented 5 years ago

Issue found on March 19th 2019.

Endpoint(s):

POST https://accounts.spotify.com/api/token

Scope(s):

This is the python code:

 client_id = '<client id>'
client_secret = '<client secret>'
refresh_token = '<refresh token>'
refresh_url = "https://accounts.spotify.com/api/token"
payload = {
    'refresh_token': refresh_token,
    'grant_type': 'refresh_token'
}
auth_header = base64.b64encode((client_id + ':' + client_secret).encode('ascii'))
headers = {'Authorization': 'Basic %s' % auth_header.decode('ascii')}

 response = requests.post(refresh_url, data=payload, headers=headers)
token = response.json()
print(token)

Expected behaviour:

{ 'access_token':'BQE...kp' ,'token_type':'Bearer' , 'expires_in':3600, 'scope':' ' }`.

Actual behaviour:

{'error': 'invalid_grant', 'error_description': 'Invalid refresh token'}

SHxKM commented 5 years ago

You don't have to encode the header. You can include client_id and client_secret in the payload, and define headers as such:

headers = {
        'Content-Type': 'application/x-www-form-urlencoded',
}

And params will be: grant_type, refresh_token, client_id, and client_secret

Assuming your refresh_token is valid, this should return a reply with an access_token and possibly a new refresh_token. I'm using Spotipy successfully so I think something is going on with the encoding part.

rishikeshkchapekar commented 5 years ago

@SHxKM I changed my code to this:

client_id='<CLIENT ID>'
client_secret = '<CLIENT SECRET>'
refresh_token = '<TOKEN>'
refresh_url = "https://accounts.spotify.com/api/token"
payload = {

    'client_id':client_id,
    'client_secret': client_secret
}

headers = {
    'Content-Type': 'application/x-www-form-urlencoded',
      'grant_type': 'refresh_token',
    'refresh_token': refresh_token    
}

response = requests.post(refresh_url, data=payload, headers=headers)
token = response.json()
print(token)

And now I am getting this error message:

{'error': 'unsupported_grant_type', 'error_description': 'grant_type must be client_credentials, authorization_code or refresh_token'}

SHxKM commented 5 years ago

Because you’re not supplying it in the payload.

rishikeshkchapekar commented 5 years ago

I moved the grant_type and refresh_token into the payload and now this is the error:

{'error': 'invalid_grant', 'error_description': 'Invalid refresh token'}

SHxKM commented 5 years ago

I don’t know what to say then. Are you sure you’re passing the refresh token an not the access token? I have identical code that works just fine.

rishikeshkchapekar commented 5 years ago

Yes, I am using the refresh token

Kruszylo commented 5 years ago

@RishikeshChapekar did you find solution?