github-mirrors/librespot
1
0
Fork 0
mirror of https://github.com/librespot-org/librespot.git synced 2024-09-19 16:08:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Remove non-working Facebook authentication

Browse source
This commit is contained in:
Roderick van Domburg 2021-07-09 22:30:49 +02:00
parent 2541f123bc
commit bd350c5aa0
No known key found for this signature in database
GPG key ID: FE2585E713F9F30A
1 changed files with 1 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
docs/authentication.md
View file

@ -57,20 +57,4 @@ login_data = AES192-DECRYPT(key, data)
```
## Facebook based Authentication
The client starts an HTTPS server, and makes the user visit
`https://login.spotify.com/login-facebook-sso/?csrf=CSRF&port=PORT`
in their browser, where CSRF is a random token, and PORT is the HTTPS server's port.
This will redirect to Facebook, where the user must login and authorize Spotify, and
finally make a GET request to
`https://login.spotilocal.com:PORT/login/facebook_login_sso.json?csrf=CSRF&access_token=TOKEN`,
where PORT and CSRF are the same as sent earlier, and TOKEN is the facebook authentication token.
Since `login.spotilocal.com` resolves the 127.0.0.1, the request is received by the client.
The client must then contact Facebook's API at
`https://graph.facebook.com/me?fields=id&access_token=TOKEN`
in order to retrieve the user's Facebook ID.
The Facebook ID is the `username`, the TOKEN the `auth_data`, and `auth_type` is set to `AUTHENTICATION_FACEBOOK_TOKEN`.
Facebook authentication is currently broken due to Spotify changing the authentication flow. The details of how the new flow works are detailed in https://github.com/librespot-org/librespot/issues/244 and will be implemented at some point in the future.