Enable support for OAuth

[1ukastesar]

Raspotify is just a package

• I know Raspotify is just a package

Due Diligence

• I have done my due diligence

What can we do to make Raspotify more awesome?

As of librespot-org/librespot#1308 and subsequent PR librespot-org/librespot#1309, Spotify has apparently disabled password auth altogether and forces OAuth for everyone. Please add an option to authenticate with OAuth through librespot. Upstream librespot already supports OAuth with -j option, somehow I can't figure out which cache dir to use to get it working with Raspotify after successful auth.

[TagorePde]

Same issue i get :

Password authentication no longer supported, use OAuth

any way to solve this?
Regards.

[krzyssiek]

i also have this problem.

[sanjibm]

Same problem, got the auth token via librespot, but not sure where to put it so that Raspotify can see it

[kimtore]

I suspect this can be solved by not using a dynamic user through systemd. This way, you will be able to write to raspotify's directory. I won't be able to test this until next week, however. Perhaps you could try it out.

Change /lib/systemd/system/raspotify.service from

[Service]
DynamicUser=yes

to

[Service]
DynamicUser=no

Then run systemctl daemon-reload && systemctl restart raspotify.

[sanjibm]

Thanks @kimtore, that worked perfectly!

For anyone landing here, below is a summary of the steps I followed to get this working on a Raspberry Pi 4 running Bullseye with Librespot v0.4.2. Note that although I had to compile librespot from source to run it and get the authentication token, I did not need to actually install it again overwriting the release version.

1. Stopped the raspotify service with systemctl stop raspotify after noticing errors on the librespot logs: Connection failed: Login failed with reason: Bad credentials

2. Cloned the tip of the librespot repository to get the fix (no new release available at the time of writing, v0.4.2 was last release) and built it locally on the Raspberry Pi following instructions here:
   https://github.com/librespot-org/librespot/blob/master/COMPILING.md

Might need to install Rust if you didn't have it already. Make sure you select the right backend, in my case had to specify alsa using: cargo build --no-default-features --features "alsa-backend"

4. Followed the advice in this comment to authenticate using OAuth: Credentials with access token (oauth) librespot-org/librespot#1309 (comment)

After running the librespot --cache <YOUR_CONFIGURATION_PATH> -j command on the Pi, I noted the listener port number

5. Then copied the full output URL on to a laptop browser, which had port-forwarding setup via ssh to point back to the Raspberry Pi IP address and port.

6. That then authenticated to Spotify on the laptop browser (needed to enter Spotify username/password), which sent the authentication response back to the Raspberry Pi (via port-forwarding), writing the authentication token to the path specified when running librespot with the -j option

7. Changed /lib/systemd/system/raspotify.service as advised above to specify

[Service]
DynamicUser=no

Then run systemctl daemon-reload && systemctl restart raspotify.

After this, noticed below new lines in the librespot logs:
Found pre-existing private CacheDirectory= directory /var/cache/private/raspotify, migrating to /var/cache/raspotify.
Apparently, service previously had DynamicUser= turned on, and has now turned it off.

Was also still seeing the Bad Credentials failure message too at this point, as it was still using username/password

8. The authentication token was still in the folder specified and the token file is called credentials.json. I copied that now to the cache folder mentioned in the logs: cp credentials.json /var/cache/raspotify/

9. Updated the raspotify config file sudo vi /etc/raspotify/conf to comment out below items to enable 0Auth instead of username/password

#LIBRESPOT_DISABLE_CREDENTIAL_CACHE=
#LIBRESPOT_DISABLE_DISCOVERY=
#LIBRESPOT_USERNAME="mysecretusername"
#LIBRESPOT_PASSWORD="mysecretpassword"

10. Restarted raspotify with systemctl restart raspotify and everything worked, clean librespot logs no more errors

[kimtore]

Great, thanks for detailing the steps!

Here are my thoughts.

• Manual building steps should not be needed for Raspotify 0.44.1, because it already has the oauth feature merged in.
• Everyone agrees the OAuth flow user experience is suboptimal, but the conversation on librespot's side is not resolved yet.
• In the meantime, I suggest changes to the systemd service, configuration file and documentation.

[github-actions]

More info has been requested. The issue will be closed shortly if it's not provided.

[ACalleM]

Just wanted to comment that you dont need port forwarding for the OAuth flow. You can copy the callback URL returned by spotify (with a 127.0.0.1 address) and use curl to invoke it from the raspberrypi where you executed "librespot --cache <YOUR_CONFIGURATION_PATH> -j"