spotify-monitor 2.1__tar.gz → 2.1.2__tar.gz

{spotify_monitor-2.1 → spotify_monitor-2.1.2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: spotify_monitor
-Version: 2.1
+Version: 2.1.2
 Summary: Tool implementing real-time tracking of Spotify friends music activity
 Author-email: Michal Szymanski <misiektoja-pypi@rm-rf.ninja>
 License-Expression: GPL-3.0-or-later
@@ -200,9 +200,9 @@ To use credentials captured from the Spotify desktop client to obtain an access
 
 Run an intercepting proxy of your choice (like [Proxyman](https://proxyman.com)).
 
-Launch the Spotify desktop client and look for requests to `https://login{n}.spotify.com/v3/login`
+Launch the Spotify desktop client and look for POST requests to `https://login{n}.spotify.com/v3/login`
 
-Note: The `login` part is suffixed with one or more digits (e.g. `login5.spotify.com`).
+Note: The `login` part is suffixed with one or more digits (e.g. `login5`).
 
 If you don't see this request, log out from the client and log back in.
 

{spotify_monitor-2.1 → spotify_monitor-2.1.2}/README.md

@@ -175,9 +175,9 @@ To use credentials captured from the Spotify desktop client to obtain an access
 
 Run an intercepting proxy of your choice (like [Proxyman](https://proxyman.com)).
 
-Launch the Spotify desktop client and look for requests to `https://login{n}.spotify.com/v3/login`
+Launch the Spotify desktop client and look for POST requests to `https://login{n}.spotify.com/v3/login`
 
-Note: The `login` part is suffixed with one or more digits (e.g. `login5.spotify.com`).
+Note: The `login` part is suffixed with one or more digits (e.g. `login5`).
 
 If you don't see this request, log out from the client and log back in.
 

{spotify_monitor-2.1 → spotify_monitor-2.1.2}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "spotify_monitor"
-version = "2.1"
+version = "2.1.2"
 description = "Tool implementing real-time tracking of Spotify friends music activity"
 readme = "README.md"
 license = "GPL-3.0-or-later"

{spotify_monitor-2.1 → spotify_monitor-2.1.2}/spotify_monitor.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: spotify_monitor
-Version: 2.1
+Version: 2.1.2
 Summary: Tool implementing real-time tracking of Spotify friends music activity
 Author-email: Michal Szymanski <misiektoja-pypi@rm-rf.ninja>
 License-Expression: GPL-3.0-or-later
@@ -200,9 +200,9 @@ To use credentials captured from the Spotify desktop client to obtain an access
 
 Run an intercepting proxy of your choice (like [Proxyman](https://proxyman.com)).
 
-Launch the Spotify desktop client and look for requests to `https://login{n}.spotify.com/v3/login`
+Launch the Spotify desktop client and look for POST requests to `https://login{n}.spotify.com/v3/login`
 
-Note: The `login` part is suffixed with one or more digits (e.g. `login5.spotify.com`).
+Note: The `login` part is suffixed with one or more digits (e.g. `login5`).
 
 If you don't see this request, log out from the client and log back in.
 

{spotify_monitor-2.1 → spotify_monitor-2.1.2}/spotify_monitor.py

@@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 """
 Author: Michal Szymanski <misiektoja-github@rm-rf.ninja>
-v2.1
+v2.1.2
 
 Tool implementing real-time tracking of Spotify friends music activity:
 https://github.com/misiektoja/spotify_monitor/
@@ -15,7 +15,7 @@ pyotp (needed when the token source is set to cookie)
 python-dotenv (optional)
 """
 
-VERSION = "2.1"
+VERSION = "2.1.2"
 
 # ---------------------------
 # CONFIGURATION SECTION START
@@ -109,7 +109,7 @@ SPOTIFY_INACTIVITY_CHECK = 660  # 11 mins
 # Can also be set using the -m flag
 SPOTIFY_DISAPPEARED_CHECK_INTERVAL = 180  # 3 mins
 
-# Whether to auto‑play each listened song in your Spotify client
+# Whether to auto-play each listened song in your Spotify client
 # Can also be set using the -g flag
 TRACK_SONGS = False
 
@@ -202,7 +202,7 @@ SP_LOGFILE = "spotify_monitor"
 # Can also be disabled via the -d flag
 DISABLE_LOGGING = False
 
-# Width of horizontal line (─)
+# Width of horizontal line
 HORIZONTAL_LINE = 113
 
 # Whether to clear the terminal screen after starting the tool
@@ -396,10 +396,7 @@ SP_CACHED_CLIENT_ID = ""
 SP_CACHED_USER_AGENT = ""
 
 # URL of the Spotify Web Player endpoint to get access token
-TOKEN_URL = "https://open.spotify.com/get_access_token"
-
-# URL of the endpoint to get server time needed to create TOTP object
-SERVER_TIME_URL = "https://open.spotify.com/server-time"
+TOKEN_URL = "https://open.spotify.com/api/token"
 
 # Variables for caching functionality of the Spotify client token to avoid unnecessary refreshing
 SP_CACHED_CLIENT_TOKEN = None
@@ -451,6 +448,7 @@ import shutil
 from pathlib import Path
 import secrets
 from typing import Optional
+from email.utils import parsedate_to_datetime
 
 import urllib3
 if not VERIFY_SSL:
@@ -512,7 +510,7 @@ def signal_handler(sig, frame):
 # Checks internet connectivity
 def check_internet(url=CHECK_INTERNET_URL, timeout=CHECK_INTERNET_TIMEOUT, verify=VERIFY_SSL):
     try:
-        _ = req.get(url, timeout=timeout, verify=verify)
+        _ = req.get(url, headers={'User-Agent': get_random_user_agent() if TOKEN_SOURCE == 'cookie' else get_random_spotify_user_agent()}, timeout=timeout, verify=verify)
         return True
     except req.RequestException as e:
         print(f"* No connectivity, please check your network:\n\n{e}")
@@ -982,10 +980,14 @@ def check_token_validity(access_token: str, client_id: Optional[str] = None, use
     url = "https://api.spotify.com/v1/me"
     headers = {"Authorization": f"Bearer {access_token}"}
 
-    if TOKEN_SOURCE == "cookie" and client_id is not None and user_agent is not None:
+    if user_agent is not None:
         headers.update({
-            "Client-Id": client_id,
-            "User-Agent": user_agent,
+            "User-Agent": user_agent
+        })
+
+    if TOKEN_SOURCE == "cookie" and client_id is not None:
+        headers.update({
+            "Client-Id": client_id
         })
 
     if platform.system() != 'Windows':
@@ -1087,30 +1089,10 @@ def get_random_user_agent() -> str:
         return ""
 
 
-# Removes spaces from a hex string and converts it into a corresponding bytes object
-def hex_to_bytes(data: str) -> bytes:
-    data = data.replace(" ", "")
-    return bytes.fromhex(data)
-
-
-# Creates a TOTP object using a secret derived from transformed cipher bytes
-def generate_totp(ua: str):
-    import pyotp
-
-    secret_cipher_bytes = [
-        12, 56, 76, 33, 88, 44, 88, 33,
-        78, 78, 11, 66, 22, 22, 55, 69, 54,
-    ]
-
-    transformed = [e ^ ((t % 33) + 9) for t, e in enumerate(secret_cipher_bytes)]
-    joined = "".join(str(num) for num in transformed)
-    utf8_bytes = joined.encode("utf-8")
-    hex_str = "".join(format(b, 'x') for b in utf8_bytes)
-    secret_bytes = hex_to_bytes(hex_str)
-    secret = base64.b32encode(secret_bytes).decode().rstrip('=')
+# Returns Spotify edge-server Unix time
+def fetch_server_time(session: req.Session, ua: str) -> int:
 
     headers = {
-        "Host": "open.spotify.com",
         "User-Agent": ua,
         "Accept": "*/*",
     }
@@ -1119,24 +1101,34 @@ def generate_totp(ua: str):
         if platform.system() != 'Windows':
             signal.signal(signal.SIGALRM, timeout_handler)
             signal.alarm(FUNCTION_TIMEOUT + 2)
-        resp = req.get(SERVER_TIME_URL, headers=headers, timeout=FUNCTION_TIMEOUT, verify=VERIFY_SSL)
-    except (req.RequestException, TimeoutException) as e:
-        raise Exception(f"generate_totp() network request timeout after {display_time(FUNCTION_TIMEOUT + 2)}: {e}")
+        response = session.head("https://open.spotify.com/", headers=headers, timeout=FUNCTION_TIMEOUT, verify=VERIFY_SSL)
+        response.raise_for_status()
+    except TimeoutException as e:
+        raise Exception(f"fetch_server_time() head network request timeout after {display_time(FUNCTION_TIMEOUT + 2)}: {e}")
+    except Exception as e:
+        raise Exception(f"fetch_server_time() head network request error: {e}")
     finally:
         if platform.system() != 'Windows':
             signal.alarm(0)
 
-    resp.raise_for_status()
+    return int(parsedate_to_datetime(response.headers["Date"]).timestamp())
 
-    json_data = resp.json()
-    server_time = json_data.get("serverTime")
 
-    if server_time is None:
-        raise Exception("Failed to get server time")
+# Creates a TOTP object using a secret derived from transformed cipher bytes
+def generate_totp():
+    import pyotp
+
+    secret_cipher_bytes = [
+        12, 56, 76, 33, 88, 44, 88, 33,
+        78, 78, 11, 66, 22, 22, 55, 69, 54,
+    ]
 
-    totp_obj = pyotp.TOTP(secret, digits=6, interval=30)
+    transformed = [e ^ ((t % 33) + 9) for t, e in enumerate(secret_cipher_bytes)]
+    joined = "".join(str(num) for num in transformed)
+    hex_str = joined.encode().hex()
+    secret = base64.b32encode(bytes.fromhex(hex_str)).decode().rstrip("=")
 
-    return totp_obj, server_time
+    return pyotp.TOTP(secret, digits=6, interval=30)
 
 
 # Retrieves a new Spotify access token using the sp_dc cookie, tries first with mode "transport" and if needed with "init"
@@ -1149,7 +1141,8 @@ def refresh_token(sp_dc: str) -> dict:
     token = ""
 
     ua = get_random_user_agent()
-    totp_obj, server_time = generate_totp(ua)
+    server_time = fetch_server_time(session, ua)
+    totp_obj = generate_totp()
     client_time = int(time_ns() / 1000 / 1000)
     otp_value = totp_obj.at(server_time)
 
@@ -1161,11 +1154,15 @@ def refresh_token(sp_dc: str) -> dict:
         "totpVer": 5,
         "sTime": server_time,
         "cTime": client_time,
+        "buildDate": time.strftime("%Y-%m-%d", time.gmtime(server_time)),
+        "buildVer": f"web-player_{time.strftime('%Y-%m-%d', time.gmtime(server_time))}_{server_time * 1000}_{secrets.token_hex(4)}",
     }
 
     headers = {
         "User-Agent": ua,
         "Accept": "application/json",
+        "Referer": "https://open.spotify.com/",
+        "App-Platform": "WebPlayer",
         "Cookie": f"sp_dc={sp_dc}",
     }
 
@@ -1358,12 +1355,6 @@ def read_varint(data, index):
 
 # Parses Spotify Protobuf login response
 def parse_protobuf_message(data):
-    """
-    Recursively parses a Protobuf message, returns a dictionary mapping tags to values
-
-    If a length-delimited field's first byte is a control character (i.e. < 0x20), we assume it is a nested message
-    and parse it recursively, otherwise we decode it as UTF-8
-    """
     index = 0
     result = {}
     while index < len(data):
@@ -1401,7 +1392,6 @@ def parse_protobuf_message(data):
 # (device_id, system_id, user_uri_id, refresh_token)
 def parse_request_body_file(file_path):
     """
-    Expected structure:
     {
       1: {
            1: "device_id",
@@ -1566,7 +1556,7 @@ def build_clienttoken_request_protobuf(app_version, device_id, system_id, cpu_ar
 def spotify_get_access_token_from_client(device_id, system_id, user_uri_id, refresh_token, client_token):
     global SP_CACHED_ACCESS_TOKEN, SP_CACHED_REFRESH_TOKEN, SP_ACCESS_TOKEN_EXPIRES_AT
 
-    if SP_CACHED_ACCESS_TOKEN and time.time() < SP_ACCESS_TOKEN_EXPIRES_AT and check_token_validity(SP_CACHED_ACCESS_TOKEN):
+    if SP_CACHED_ACCESS_TOKEN and time.time() < SP_ACCESS_TOKEN_EXPIRES_AT and check_token_validity(SP_CACHED_ACCESS_TOKEN, user_agent=USER_AGENT):
         return SP_CACHED_ACCESS_TOKEN
 
     if not client_token:
@@ -1578,8 +1568,8 @@ def spotify_get_access_token_from_client(device_id, system_id, user_uri_id, refr
     protobuf_body = build_spotify_auth_protobuf(device_id, system_id, user_uri_id, refresh_token)
 
     parsed_url = urlparse(LOGIN_URL)
-    host = parsed_url.netloc  # e.g., "login5.spotify.com"
-    origin = f"{parsed_url.scheme}://{parsed_url.netloc}"  # e.g., "https://login5.spotify.com"
+    host = parsed_url.netloc
+    origin = f"{parsed_url.scheme}://{parsed_url.netloc}"
 
     headers = {
         "Host": host,
@@ -1601,8 +1591,10 @@ def spotify_get_access_token_from_client(device_id, system_id, user_uri_id, refr
             signal.signal(signal.SIGALRM, timeout_handler)
             signal.alarm(FUNCTION_TIMEOUT + 2)
         response = req.post(LOGIN_URL, headers=headers, data=protobuf_body, timeout=FUNCTION_TIMEOUT, verify=VERIFY_SSL)
-    except (req.RequestException, TimeoutException) as e:
+    except TimeoutException as e:
         raise Exception(f"spotify_get_access_token_from_client() network request timeout after {display_time(FUNCTION_TIMEOUT + 2)}: {e}")
+    except Exception as e:
+        raise Exception(f"spotify_get_access_token_from_client() network request error: {e}")
     finally:
         if platform.system() != 'Windows':
             signal.alarm(0)
@@ -1673,8 +1665,10 @@ def spotify_get_client_token(app_version, device_id, system_id, **device_overrid
             signal.signal(signal.SIGALRM, timeout_handler)
             signal.alarm(FUNCTION_TIMEOUT + 2)
         response = req.post(CLIENTTOKEN_URL, headers=headers, data=body, timeout=FUNCTION_TIMEOUT, verify=VERIFY_SSL)
-    except (req.RequestException, TimeoutException) as e:
+    except TimeoutException as e:
         raise Exception(f"spotify_get_client_token() network request timeout after {display_time(FUNCTION_TIMEOUT + 2)}: {e}")
+    except Exception as e:
+        raise Exception(f"spotify_get_client_token() network request error: {e}")
     finally:
         if platform.system() != 'Windows':
             signal.alarm(0)
@@ -1685,7 +1679,7 @@ def spotify_get_client_token(app_version, device_id, system_id, **device_overrid
     parsed = parse_protobuf_message(response.content)
     inner = parsed.get(2, {})
     client_token = deep_flatten(inner.get(1)) if inner.get(1) else None
-    ttl = int(inner.get(3, 0)) or 1209600   # ≈ 2 weeks fallback
+    ttl = int(inner.get(3, 0)) or 1209600
 
     if not client_token:
         raise Exception("clienttoken response did not contain a token")
@@ -1748,6 +1742,10 @@ def spotify_get_friends_json(access_token):
             "Client-Id": SP_CACHED_CLIENT_ID,
             "User-Agent": SP_CACHED_USER_AGENT,
         })
+    elif TOKEN_SOURCE == "client":
+        headers.update({
+            "User-Agent": USER_AGENT
+        })
 
     response = SESSION.get(url, headers=headers, timeout=FUNCTION_TIMEOUT, verify=VERIFY_SSL)
     if response.status_code == 401:
@@ -1807,8 +1805,6 @@ def spotify_list_friends(friend_activity):
         sp_playlist_uri = friend["track"]["context"].get("uri")
         sp_track_uri = friend["track"].get("uri")
 
-        # if index > 0:
-        #    print("─" * HORIZONTAL_LINE)
         print("─" * HORIZONTAL_LINE)
         print(f"Username:\t\t\t{sp_username}")
         print(f"User URI ID:\t\t\t{sp_uri}")
@@ -1877,6 +1873,10 @@ def spotify_get_track_info(access_token, track_uri):
             "Client-Id": SP_CACHED_CLIENT_ID,
             "User-Agent": SP_CACHED_USER_AGENT,
         })
+    elif TOKEN_SOURCE == "client":
+        headers.update({
+            "User-Agent": USER_AGENT
+        })
     # add si parameter so link opens in native Spotify app after clicking
     si = "?si=1"
 
@@ -1907,6 +1907,10 @@ def spotify_get_playlist_info(access_token, playlist_uri):
             "Client-Id": SP_CACHED_CLIENT_ID,
             "User-Agent": SP_CACHED_USER_AGENT,
         })
+    elif TOKEN_SOURCE == "client":
+        headers.update({
+            "User-Agent": USER_AGENT
+        })
     # add si parameter so link opens in native Spotify app after clicking
     si = "?si=1"
 
@@ -1934,6 +1938,10 @@ def spotify_get_current_user(access_token) -> dict | None:
             "Client-Id": SP_CACHED_CLIENT_ID,
             "User-Agent": SP_CACHED_USER_AGENT,
         })
+    elif TOKEN_SOURCE == "client":
+        headers.update({
+            "User-Agent": USER_AGENT
+        })
 
     if platform.system() != 'Windows':
         signal.signal(signal.SIGALRM, timeout_handler)
@@ -2916,7 +2924,7 @@ def main():
         dest="track_in_spotify",
         action="store_true",
         default=None,
-        help="Auto‑play each listened song in your Spotify client"
+        help="Auto-play each listened song in your Spotify client"
     )
     opts.add_argument(
         "-b", "--csv-file",