spotted 0.32.0 → 0.33.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5a543070c1c0ef74514cbd6cde809153c4e1df8088291e9213c99f04e6fdb63e
-  data.tar.gz: 9f1f5aa4c514419418dd55aef926b1a164c9edefd0249acb8ed77d126de32e6f
+  metadata.gz: 6b3243cac7dcf0803cbd0bff07b62b0394ac29dfd62c143bc7c1334157f7f9a9
+  data.tar.gz: b59e7369c5fe8604894b0995a0dbdd2ff26d7392d04ca8373ab6b4c1d73e6a4c
 SHA512:
-  metadata.gz: b48973410e9ee24cda90e014db519cf64ede913c62ec32f62ee8f8e283749253c9eb1a054bb3a401c85d3a39fbe0118c859595448b6d64c7430bd04c81e9d5e7
-  data.tar.gz: '089e889095747aa0d54fd06b9b2d5e973b81b5e157b7de9ff142f967b61359c71d57e5ca962778b1bd2fa9d224d7733fdfd4b2bb3100c9b5b2e925061c23757f'
+  metadata.gz: bf009a7418ffbe4bbcbc04eb49c2fc60916b0d0d45013e134673a146852b79d77aad84e79e9a500c8383e3d6ccae1cd5f0ff35a650d39573871854067c07ff18
+  data.tar.gz: 38c5fe4312c8b96e2125aa365064f18580fd144874c0c19b7114d8cea47b1cde3ed501046c963042f89bdd627a6c423646b9b2a4fc879857cfa380fc8160107f

data/CHANGELOG.md

@@ -1,5 +1,15 @@
 # Changelog
 
+## 0.33.0 (2026-01-15)
+
+Full Changelog: [v0.32.0...v0.33.0](https://github.com/cjavdev/spotted/compare/v0.32.0...v0.33.0)
+
+### Features
+
+* **api:** manual updates ([4a0240e](https://github.com/cjavdev/spotted/commit/4a0240e10435cc9af7425885c72fa9e361d29613))
+* **api:** manual updates ([c937e8f](https://github.com/cjavdev/spotted/commit/c937e8f8f5ac33270ae32920640f28706df98965))
+* **api:** turn off oauth ([88abcd6](https://github.com/cjavdev/spotted/commit/88abcd62763cadfd6036026af2efd7ee0f2de678))
+
 ## 0.32.0 (2026-01-14)
 
 Full Changelog: [v0.31.1...v0.32.0](https://github.com/cjavdev/spotted/compare/v0.31.1...v0.32.0)

data/README.md

@@ -17,7 +17,7 @@ Use the Spotted MCP Server to enable AI assistants to interact with this API, al
 
 Documentation for releases of this gem can be found [on RubyDoc](https://gemdocs.org/gems/spotted).
 
-The REST API documentation can be found on [spotted.stldocs.com](https://spotted.stldocs.com?docs).
+The REST API documentation can be found on [spotted.cjav.dev](https://spotted.cjav.dev).
 
 ## Installation
 
@@ -26,7 +26,7 @@ To use this gem, install via Bundler by adding the following to your application
 <!-- x-release-please-start-version -->
 
 ```ruby
-gem "spotted", "~> 0.32.0"
+gem "spotted", "~> 0.33.0"
 ```
 
 <!-- x-release-please-end -->
@@ -38,8 +38,7 @@ require "bundler/setup"
 require "spotted"
 
 spotted = Spotted::Client.new(
-  client_id: ENV["SPOTIFY_CLIENT_ID"], # This is the default and can be omitted
-  client_secret: ENV["SPOTIFY_CLIENT_SECRET"] # This is the default and can be omitted
+  access_token: ENV["SPOTIFY_ACCESS_TOKEN"] # This is the default and can be omitted
 )
 
 album = spotted.albums.retrieve("4aawyAB9vmqN3uQ7FjRGTy")

data/lib/spotted/client.rb

@@ -15,13 +15,7 @@ module Spotted
     # Default max retry delay in seconds.
     DEFAULT_MAX_RETRY_DELAY = 8.0
 
-    # @return [String, nil]
-    attr_reader :client_id
-
-    # @return [String, nil]
-    attr_reader :client_secret
-
-    # @return [String, nil]
+    # @return [String]
     attr_reader :access_token
 
     # @return [Spotted::Resources::Albums]
@@ -76,63 +70,13 @@ module Spotted
     #
     # @return [Hash{String=>String}]
     private def auth_headers
-      unless @access_token.nil?
-        return {**bearer_auth}
-      end
-
-      if @client_id && @client_secret
-        return {**oauth_2_0}
-      end
-
-      {}
-    end
-
-    # @api private
-    #
-    # @return [Hash{String=>String}]
-    private def bearer_auth
       return {} if @access_token.nil?
 
       {"authorization" => "Bearer #{@access_token}"}
     end
 
-    # @api private
-    # @return [Spotted::Internal::OAuth2ClientCredentials]
-    attr_reader :oauth_2_0_state
-
-    # @api private
-    #
-    # @return [Hash{String=>String}]
-    private def oauth_2_0
-      return @oauth_2_0_state.auth_headers if @oauth_2_0_state
-
-      return {} unless @client_id && @client_secret
-
-      path = Spotted::Internal::Util.interpolate_path("https://accounts.spotify.com/api/token")
-      token_url = Spotted::Internal::Util.join_parsed_uri(
-        @base_url_components,
-        {
-          path: path,
-          query: {grant_type: "client_credentials"}
-        }
-      )
-
-      @oauth_2_0_state = Spotted::Internal::OAuth2ClientCredentials.new(
-        token_url: token_url.to_s,
-        client_id: @client_id,
-        client_secret: @client_secret,
-        timeout: @timeout,
-        client: self
-      )
-      @oauth_2_0_state.auth_headers
-    end
-
     # Creates and returns a new client for interacting with the API.
     #
-    # @param client_id [String, nil] Defaults to `ENV["SPOTIFY_CLIENT_ID"]`
-    #
-    # @param client_secret [String, nil] Defaults to `ENV["SPOTIFY_CLIENT_SECRET"]`
-    #
     # @param access_token [String, nil] Defaults to `ENV["SPOTIFY_ACCESS_TOKEN"]`
     #
     # @param base_url [String, nil] Override the default base URL for the API, e.g.,
@@ -146,8 +90,6 @@ module Spotted
     #
     # @param max_retry_delay [Float]
     def initialize(
-      client_id: ENV["SPOTIFY_CLIENT_ID"],
-      client_secret: ENV["SPOTIFY_CLIENT_SECRET"],
       access_token: ENV["SPOTIFY_ACCESS_TOKEN"],
       base_url: ENV["SPOTTED_BASE_URL"],
       max_retries: self.class::DEFAULT_MAX_RETRIES,
@@ -157,9 +99,11 @@ module Spotted
     )
       base_url ||= "https://api.spotify.com/v1"
 
-      @client_id = client_id&.to_s
-      @client_secret = client_secret&.to_s
-      @access_token = access_token&.to_s
+      if access_token.nil?
+        raise ArgumentError.new("access_token is required, and can be set via environ: \"SPOTIFY_ACCESS_TOKEN\"")
+      end
+
+      @access_token = access_token.to_s
 
       super(
         base_url: base_url,

data/lib/spotted/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Spotted
-  VERSION = "0.32.0"
+  VERSION = "0.33.0"
 end

data/lib/spotted.rb

@@ -16,7 +16,6 @@ require "rbconfig"
 require "securerandom"
 require "set"
 require "stringio"
-require "thread"
 require "time"
 require "uri"
 # rubocop:enable Lint/RedundantRequireStatement
@@ -53,7 +52,6 @@ require_relative "spotted/errors"
 require_relative "spotted/internal/transport/base_client"
 require_relative "spotted/internal/transport/pooled_net_requester"
 require_relative "spotted/client"
-require_relative "spotted/internal/oauth2"
 require_relative "spotted/internal/cursor_url_page"
 require_relative "spotted/models/audiobook_base"
 require_relative "spotted/models/playlist_user_object"

data/rbi/spotted/client.rbi

@@ -10,13 +10,7 @@ module Spotted
 
     DEFAULT_MAX_RETRY_DELAY = T.let(8.0, Float)
 
-    sig { returns(T.nilable(String)) }
-    attr_reader :client_id
-
-    sig { returns(T.nilable(String)) }
-    attr_reader :client_secret
-
-    sig { returns(T.nilable(String)) }
+    sig { returns(String) }
     attr_reader :access_token
 
     sig { returns(Spotted::Resources::Albums) }
@@ -72,25 +66,9 @@ module Spotted
     private def auth_headers
     end
 
-    # @api private
-    sig { returns(T::Hash[String, String]) }
-    private def bearer_auth
-    end
-
-    # @api private
-    sig { returns(Spotted::Internal::OAuth2ClientCredentials) }
-    attr_reader :oauth_2_0_state
-
-    # @api private
-    sig { returns(T::Hash[String, String]) }
-    private def oauth_2_0
-    end
-
     # Creates and returns a new client for interacting with the API.
     sig do
       params(
-        client_id: T.nilable(String),
-        client_secret: T.nilable(String),
         access_token: T.nilable(String),
         base_url: T.nilable(String),
         max_retries: Integer,
@@ -100,10 +78,6 @@ module Spotted
       ).returns(T.attached_class)
     end
     def self.new(
-      # Defaults to `ENV["SPOTIFY_CLIENT_ID"]`
-      client_id: ENV["SPOTIFY_CLIENT_ID"],
-      # Defaults to `ENV["SPOTIFY_CLIENT_SECRET"]`
-      client_secret: ENV["SPOTIFY_CLIENT_SECRET"],
       # Defaults to `ENV["SPOTIFY_ACCESS_TOKEN"]`
       access_token: ENV["SPOTIFY_ACCESS_TOKEN"],
       # Override the default base URL for the API, e.g.,

data/sig/spotted/client.rbs

@@ -8,11 +8,7 @@ module Spotted
 
     DEFAULT_MAX_RETRY_DELAY: Float
 
-    attr_reader client_id: String?
-
-    attr_reader client_secret: String?
-
-    attr_reader access_token: String?
+    attr_reader access_token: String
 
     attr_reader albums: Spotted::Resources::Albums
 
@@ -48,16 +44,7 @@ module Spotted
 
     private def auth_headers: -> ::Hash[String, String]
 
-    private def bearer_auth: -> ::Hash[String, String]
-
-    # @api private
-    attr_reader oauth_2_0_state: Spotted::Internal::OAuth2ClientCredentials
-
-    private def oauth_2_0: -> ::Hash[String, String]
-
     def initialize: (
-      ?client_id: String?,
-      ?client_secret: String?,
       ?access_token: String?,
       ?base_url: String?,
       ?max_retries: Integer,

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: spotted
 version: !ruby/object:Gem::Version
-  version: 0.32.0
+  version: 0.33.0
 platform: ruby
 authors:
 - Spotted
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2026-01-14 00:00:00.000000000 Z
+date: 2026-01-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cgi
@@ -55,7 +55,6 @@ files:
 - lib/spotted/file_part.rb
 - lib/spotted/internal.rb
 - lib/spotted/internal/cursor_url_page.rb
-- lib/spotted/internal/oauth2.rb
 - lib/spotted/internal/transport/base_client.rb
 - lib/spotted/internal/transport/pooled_net_requester.rb
 - lib/spotted/internal/type/array_of.rb
@@ -281,7 +280,6 @@ files:
 - rbi/spotted/file_part.rbi
 - rbi/spotted/internal.rbi
 - rbi/spotted/internal/cursor_url_page.rbi
-- rbi/spotted/internal/oauth2.rbi
 - rbi/spotted/internal/transport/base_client.rbi
 - rbi/spotted/internal/transport/pooled_net_requester.rbi
 - rbi/spotted/internal/type/array_of.rbi
@@ -506,7 +504,6 @@ files:
 - sig/spotted/file_part.rbs
 - sig/spotted/internal.rbs
 - sig/spotted/internal/cursor_url_page.rbs
-- sig/spotted/internal/oauth2.rbs
 - sig/spotted/internal/transport/base_client.rbs
 - sig/spotted/internal/transport/pooled_net_requester.rbs
 - sig/spotted/internal/type/array_of.rbs

data/lib/spotted/internal/oauth2.rb

@@ -1,87 +0,0 @@
-# frozen_string_literal: true
-
-module Spotted
-  module Internal
-    class OAuth2ClientCredentials
-      # @param token_url [String]
-      # @param client_id [String]
-      # @param client_secret [String]
-      # @param timeout [Integer]
-      # @param client [Object]
-      def initialize(token_url:, client_id:, client_secret:, timeout:, client:)
-        @token_url = token_url
-        @client_id = client_id
-        @client_secret = client_secret
-        @client = client
-        @timeout = timeout
-        @token = nil
-        @token_expires_at = nil
-        @mutex = Thread::Mutex.new
-      end
-
-      # @api private
-      #
-      # @return [Hash{String=>String}]
-      def auth_headers
-        @mutex.synchronize do
-          if @token && !token_expired?
-            return {"Authorization" => "Bearer #{@token}"}
-          end
-
-          @token = nil
-          @token_expires_at = nil
-
-          token_response = fetch_token
-          if token_response
-            @token = token_response[:access_token]
-            @token_expires_at = Time.now + token_response[:expires_in]
-
-            return {"Authorization" => "Bearer #{@token}"}
-          end
-
-          {}
-        end
-      end
-
-      # @api private
-      #
-      # @return [Boolean]
-      private def token_expired?
-        return true if @token_expires_at.nil? || @token.nil?
-
-        # Consider token expired if it expires within 10 seconds
-        Time.now > (@token_expires_at - 10)
-      end
-
-      # @api private
-      #
-      # @return [Object]
-      private def fetch_token
-        body = URI.encode_www_form(
-          {
-            grant_type: "client_credentials",
-            client_id: @client_id,
-            client_secret: @client_secret
-          }
-        )
-        request = {
-          method: :post,
-          url: URI(@token_url),
-          headers: {
-            "Content-Type" => "application/x-www-form-urlencoded"
-          },
-          body: body,
-          max_retries: @client.max_retries,
-          timeout: @timeout
-        }
-        _status, response, stream = @client.send_request(
-          request,
-          redirect_count: 0,
-          retry_count: 0,
-          send_retry_header: true
-        )
-        Spotted::Internal::Util.decode_content(response, stream: stream)
-      end
-    end
-  end
-end

data/rbi/spotted/internal/oauth2.rbi

@@ -1,34 +0,0 @@
-# typed: strong
-
-module Spotted
-  module Internal
-    class OAuth2ClientCredentials
-      sig do
-        params(
-          token_url: String,
-          client_id: String,
-          client_secret: String,
-          timeout: Integer,
-          client: T.anything
-        ).void
-      end
-      def initialize(token_url:, client_id:, client_secret:, timeout:, client:)
-      end
-
-      # @api private
-      sig { returns(T::Hash[String, String]) }
-      def auth_headers
-      end
-
-      # @api private
-      sig { returns(T::Boolean) }
-      private def token_expired?
-      end
-
-      # @api private
-      sig { returns(T.anything) }
-      private def fetch_token
-      end
-    end
-  end
-end

data/sig/spotted/internal/oauth2.rbs

@@ -1,19 +0,0 @@
-module Spotted
-  module Internal
-    class OAuth2ClientCredentials
-      def initialize: (
-        token_url: String,
-        client_id: String,
-        client_secret: String,
-        timeout: Integer,
-        client: top
-      ) -> void
-
-      def auth_headers: -> ::Hash[String, String]
-
-      private def token_expired?: -> bool
-
-      private def fetch_token: -> top
-    end
-  end
-end