spotify-monitor 2.3.1__py3-none-any.whl → 2.4__py3-none-any.whl

{spotify_monitor-2.3.1.dist-info → spotify_monitor-2.4.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: spotify_monitor
-Version: 2.3.1
+Version: 2.4
 Summary: Tool implementing real-time tracking of Spotify friends music activity
 Author-email: Michal Szymanski <misiektoja-pypi@rm-rf.ninja>
 License-Expression: GPL-3.0-or-later
@@ -26,7 +26,7 @@ Dynamic: license-file
 
 # spotify_monitor
 
-Tool for real-time monitoring of Spotify friends' music activity feed.
+Tool for real-time monitoring of **Spotify friends' music activity feed**.
 
 ✨ If you're interested in tracking changes to Spotify users' profiles including their playlists, take a look at another tool I've developed: [spotify_profile_monitor](https://github.com/misiektoja/spotify_profile_monitor).
 
@@ -77,6 +77,8 @@ Tool for real-time monitoring of Spotify friends' music activity feed.
    * [Signal Controls (macOS/Linux/Unix)](#signal-controls-macoslinuxunix)
    * [Coloring Log Output with GRC](#coloring-log-output-with-grc)
 6. [Debugging Tools](#debugging-tools)
+   * [Access Token Retrieval via sp_dc Cookie and TOTP](#access-token-retrieval-via-sp_dc-cookie-and-totp)
+   * [Secret Key Extraction from Spotify Web Player Bundles](#secret-key-extraction-from-spotify-web-player-bundles)
 7. [Change Log](#change-log)
 8. [License](#license)
 
@@ -112,7 +114,7 @@ Download the *[spotify_monitor.py](https://raw.githubusercontent.com/misiektoja/
 Install dependencies via pip:
 
 ```sh
-pip install requests python-dateutil urllib3 pyotp python-dotenv
+pip install requests python-dateutil urllib3 pyotp python-dotenv wcwidth
 ```
 
 Alternatively, from the downloaded *[requirements.txt](https://raw.githubusercontent.com/misiektoja/spotify_monitor/refs/heads/main/requirements.txt)*:
@@ -199,7 +201,7 @@ If your `sp_dc` cookie expires, the tool will notify you via the console and ema
 
 If you store the `SP_DC_COOKIE` in a dotenv file you can update its value and send a `SIGHUP` signal to reload the file with the new `sp_dc` cookie without restarting the tool. More info in [Storing Secrets](#storing-secrets) and [Signal Controls (macOS/Linux/Unix)](#signal-controls-macoslinuxunix).
 
-`Note`: encrypted byte sequences used for TOTP secret generation tend to expire every now and then; you can either check the [issues](https://github.com/misiektoja/spotify_monitor/issues) section of the project to see if there are any new secrets published or you can run the [spotify_monitor_secret_grabber.py](https://github.com/misiektoja/spotify_monitor/blob/dev/debug/spotify_monitor_secret_grabber.py) and extract it by yourself (see [Debugging Tools](https://github.com/misiektoja/spotify_monitor#debugging-tools) for more info).
+> **NOTE:** secrets used for TOTP generation (`SECRET_CIPHER_DICT`) expire every two days, that's why since v2.4 the tool fetches it from remote URL (see `SECRET_CIPHER_DICT_URL`); you can also run the [spotify_monitor_secret_grabber](https://github.com/misiektoja/spotify_monitor/blob/dev/debug/spotify_monitor_secret_grabber.py) and extract it by yourself (see [Secret Key Extraction from Spotify Web Player Bundles](#secret-key-extraction-from-spotify-web-player-bundles) for more info).
 
 <a id="spotify-desktop-client"></a>
 #### Spotify Desktop Client
@@ -572,27 +574,73 @@ grc tail -F -n 100 spotify_monitor_<user_uri_id/file_suffix>.log
 <a id="debugging-tools"></a>
 ## Debugging Tools
 
-To help with troubleshooting and development, two debug utilities are available in the `debug` directory:
+To help with troubleshooting and development, two debug utilities are available in the [debug](https://github.com/misiektoja/spotify_monitor/tree/dev/debug) directory.
 
-- [spotify_monitor_totp_test.py](https://github.com/misiektoja/spotify_monitor/blob/dev/debug/spotify_monitor_totp_test.py): fetching of Spotify access token based on a Spotify Web Player `sp_dc` cookie value:
+<a id="access-token-retrieval-via-sp_dc-cookie-and-totp"></a>
+### Access Token Retrieval via sp_dc Cookie and TOTP
+
+The [spotify_monitor_totp_test](https://github.com/misiektoja/spotify_monitor/blob/dev/debug/spotify_monitor_totp_test.py) tool retrieves a Spotify access token using a Web Player `sp_dc` cookie and TOTP parameters. 
+
+Download from [here](https://github.com/misiektoja/spotify_monitor/blob/dev/debug/spotify_monitor_totp_test.py) or:
+
+```sh
+wget https://raw.githubusercontent.com/misiektoja/spotify_monitor/refs/heads/dev/debug/spotify_monitor_totp_test.py
+```
+
+Install requirements:
 
 ```sh
 pip install requests python-dateutil pyotp
+```
+
+Run:
+
+```sh
 python3 spotify_monitor_totp_test.py --sp-dc "your_sp_dc_cookie_value"
 ```
 
-- [spotify_monitor_secret_grabber.py](https://github.com/misiektoja/spotify_monitor/blob/dev/debug/spotify_monitor_secret_grabber.py): automatic extractor for secret keys used for TOTP generation in Spotify Web Player JavaScript bundles:
+You should get a valid Spotify access token, example output:
+
+<p align="center">
+   <img src="https://raw.githubusercontent.com/misiektoja/spotify_monitor/refs/heads/main/assets/spotify_monitor_totp_test.png" alt="spotify_monitor_totp_test" width="100%"/>
+</p>
+
+> **NOTE:** secrets used for TOTP generation (`SECRET_CIPHER_DICT`) expire every two days; you can either run the [spotify_monitor_secret_grabber](https://github.com/misiektoja/spotify_monitor/blob/dev/debug/spotify_monitor_secret_grabber.py) and extract it by yourself (see [here](#secret-key-extraction-from-spotify-web-player-bundles) for more info) or you can pass `--fetch-secrets` flag in [spotify_monitor_totp_test](https://github.com/misiektoja/spotify_monitor/blob/dev/debug/spotify_monitor_totp_test.py) (available since v1.6). There is also a [Thereallo1026/spotify-secrets](https://github.com/Thereallo1026/spotify-secrets) repo which offers JSON files that are automatically updated with current secrets.
+
+<a id="secret-key-extraction-from-spotify-web-player-bundles"></a>
+### Secret Key Extraction from Spotify Web Player Bundles
+
+The [spotify_monitor_secret_grabber](https://github.com/misiektoja/spotify_monitor/blob/dev/debug/spotify_monitor_secret_grabber.py) tool automatically extracts secret keys used for TOTP generation in Spotify Web Player JavaScript bundles. 
+
+Download from [here](https://github.com/misiektoja/spotify_monitor/blob/dev/debug/spotify_monitor_secret_grabber.py) or:
+
+```sh
+wget https://raw.githubusercontent.com/misiektoja/spotify_monitor/refs/heads/dev/debug/spotify_monitor_secret_grabber.py
+```
+
+Install requirements:
 
 ```sh
 pip install playwright
 playwright install
+```
+
+Run:
+
+```sh
 python3 spotify_monitor_secret_grabber.py
 ```
 
+You should get output similar to below:
+
 <p align="center">
    <img src="https://raw.githubusercontent.com/misiektoja/spotify_monitor/refs/heads/main/assets/spotify_monitor_secret_grabber.png" alt="spotify_monitor_secret_grabber" width="100%"/>
 </p>
 
+You can now update the secrets used for TOTP generation (for example `SECRET_CIPHER_DICT` in `spotify_monitor_totp_test`, `spotify_monitor` and `spotify_profile_monitor`).
+
+> **NOTE:** you can also use [Thereallo1026/spotify-secrets](https://github.com/Thereallo1026/spotify-secrets) repo which offers JSON files that are automatically updated with current secrets (its secret extraction code is based on `spotify_monitor_secret_grabber`).
+
 <a id="change-log"></a>
 ## Change Log
 

spotify_monitor-2.4.dist-info/RECORD

@@ -0,0 +1,7 @@
+spotify_monitor.py,sha256=TtB0dWvl5Yn1ti4y8VFk61V8rqXEZfnLY2PJZ26hVsw,161638
+spotify_monitor-2.4.dist-info/licenses/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
+spotify_monitor-2.4.dist-info/METADATA,sha256=rcnYf1XgMu4k55OO0m1yfP61TXRA_CkZLLDXUzDLHLM,27747
+spotify_monitor-2.4.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+spotify_monitor-2.4.dist-info/entry_points.txt,sha256=8HzePfUcCSXrYaXOwLbNNYO8GJcnhgCSl4wcDNECht8,57
+spotify_monitor-2.4.dist-info/top_level.txt,sha256=EP6IPD4vHT12rLM5b_jo2i3nrfOuwk3ehhr2gWdQx9Y,16
+spotify_monitor-2.4.dist-info/RECORD,,

spotify_monitor.py

@@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 """
 Author: Michal Szymanski <misiektoja-github@rm-rf.ninja>
-v2.3.1
+v2.4
 
 Tool implementing real-time tracking of Spotify friends music activity:
 https://github.com/misiektoja/spotify_monitor/
@@ -16,7 +16,7 @@ python-dotenv (optional)
 wcwidth (optional, needed by TRUNCATE_CHARS feature)
 """
 
-VERSION = "2.3.1"
+VERSION = "2.4"
 
 # ---------------------------
 # CONFIGURATION SECTION START
@@ -244,13 +244,14 @@ SPOTIFY_INACTIVITY_CHECK_SIGNAL_VALUE = 30  # 30 seconds
 # The section below is used when the token source is set to 'cookie'
 
 # Maximum number of attempts to get a valid access token in a single run of the spotify_get_access_token_from_sp_dc() function
-TOKEN_MAX_RETRIES = 10
+TOKEN_MAX_RETRIES = 3
 
 # Interval between access token retry attempts; in seconds
 TOKEN_RETRY_TIMEOUT = 0.5  # 0.5 second
 
-# Mapping of TOTP version identifiers to the encrypted byte sequence for TOTP secret generation
-# Newest TOTP secrets can be fetched via spotify_monitor_secret_grabber.py (see debug dir)
+# Mapping of TOTP version identifiers to the secrets needed for TOTP generation
+# Newest secrets are downloaded automatically from SECRET_CIPHER_DICT_URL (see below)
+# Can also be fetched via spotify_monitor_secret_grabber.py utility - see debug dir
 SECRET_CIPHER_DICT = {
     "12": [107, 81, 49, 57, 67, 93, 87, 81, 69, 67, 40, 93, 48, 50, 46, 91, 94, 113, 41, 108, 77, 107, 34],
     "11": [111, 45, 40, 73, 95, 74, 35, 85, 105, 107, 60, 110, 55, 72, 69, 70, 114, 83, 63, 88, 91],
@@ -262,7 +263,11 @@ SECRET_CIPHER_DICT = {
     "5": [12, 56, 76, 33, 88, 44, 88, 33, 78, 78, 11, 66, 22, 22, 55, 69, 54],
 }
 
-# Identifier used to select the appropriate encrypted secret from SECRET_CIPHER_DICT when generating a TOTP token
+# Remote URL used to fetch updated secrets needed for TOTP generation
+# Set to empty string to disable
+SECRET_CIPHER_DICT_URL = "https://github.com/Thereallo1026/spotify-secrets/blob/main/secrets/secretDict.json?raw=true"
+
+# Identifier used to select the appropriate secret from SECRET_CIPHER_DICT when generating a TOTP token
 # Set to 0 to auto-select the highest available version
 TOTP_VER = 0
 
@@ -467,6 +472,7 @@ SPOTIFY_INACTIVITY_CHECK_SIGNAL_VALUE = 0
 TOKEN_MAX_RETRIES = 0
 TOKEN_RETRY_TIMEOUT = 0.0
 SECRET_CIPHER_DICT = {}
+SECRET_CIPHER_DICT_URL = ""
 TOTP_VER = 0
 FLAG_FILE = ""
 TRUNCATE_CHARS = 0
@@ -1276,7 +1282,10 @@ def fetch_server_time(session: req.Session, ua: str) -> int:
 def generate_totp():
     import pyotp
 
-    secret_cipher_bytes = SECRET_CIPHER_DICT[str((ver := TOTP_VER or max(map(int, SECRET_CIPHER_DICT))))]
+    if str((ver := TOTP_VER or max(map(int, SECRET_CIPHER_DICT)))) not in SECRET_CIPHER_DICT:
+        raise Exception(f"generate_totp(): Defined TOTP_VER ({ver}) is missing in SECRET_CIPHER_DICT")
+
+    secret_cipher_bytes = SECRET_CIPHER_DICT[str(ver)]
 
     transformed = [e ^ ((t % 33) + 9) for t, e in enumerate(secret_cipher_bytes)]
     joined = "".join(str(num) for num in transformed)
@@ -1286,6 +1295,34 @@ def generate_totp():
     return pyotp.TOTP(secret, digits=6, interval=30)
 
 
+def fetch_and_update_secrets():
+    global SECRET_CIPHER_DICT
+
+    if not SECRET_CIPHER_DICT_URL:
+        return False
+
+    try:
+        response = req.get(SECRET_CIPHER_DICT_URL, timeout=FUNCTION_TIMEOUT, verify=VERIFY_SSL)
+        response.raise_for_status()
+        secrets = response.json()
+
+        if not isinstance(secrets, dict) or not secrets:
+            raise ValueError("fetch_and_update_secrets(): Fetched payload not a non‑empty dict")
+
+        for key, value in secrets.items():
+            if not isinstance(key, str) or not key.isdigit():
+                raise ValueError(f"fetch_and_update_secrets(): Invalid key format: {key}")
+            if not isinstance(value, list) or not all(isinstance(x, int) for x in value):
+                raise ValueError(f"fetch_and_update_secrets(): Invalid value format for key {key}")
+
+        SECRET_CIPHER_DICT = secrets
+        return True
+
+    except Exception as e:
+        print(f"fetch_and_update_secrets(): Failed to get new secrets: {e}")
+        return False
+
+
 # Refreshes the Spotify access token using the sp_dc cookie, tries first with mode "transport" and if needed with "init"
 def refresh_access_token_from_sp_dc(sp_dc: str) -> dict:
     transport = True
@@ -1385,29 +1422,52 @@ def spotify_get_access_token_from_sp_dc(sp_dc: str):
     max_retries = TOKEN_MAX_RETRIES
     retry = 0
 
-    while retry < max_retries:
-        token_data = refresh_access_token_from_sp_dc(sp_dc)
-        token = token_data["access_token"]
-        client_id = token_data.get("client_id", "")
-        length = token_data["length"]
+    last_error = ""
 
-        SP_CACHED_ACCESS_TOKEN = token
-        SP_ACCESS_TOKEN_EXPIRES_AT = token_data["expires_at"]
-        SP_CACHED_CLIENT_ID = client_id
-
-        if SP_CACHED_ACCESS_TOKEN is None or not check_token_validity(SP_CACHED_ACCESS_TOKEN, SP_CACHED_CLIENT_ID, USER_AGENT):
+    while retry < max_retries:
+        try:
+            token_data = refresh_access_token_from_sp_dc(sp_dc)
+            token = token_data["access_token"]
+            client_id = token_data.get("client_id", "")
+            length = token_data["length"]
+
+            SP_CACHED_ACCESS_TOKEN = token
+            SP_ACCESS_TOKEN_EXPIRES_AT = token_data["expires_at"]
+            SP_CACHED_CLIENT_ID = client_id
+
+            if SP_CACHED_ACCESS_TOKEN is None or not check_token_validity(SP_CACHED_ACCESS_TOKEN, SP_CACHED_CLIENT_ID, USER_AGENT):
+                retry += 1
+                time.sleep(TOKEN_RETRY_TIMEOUT)
+            else:
+                break
+        except Exception as e:
+            last_error = str(e)
             retry += 1
-            time.sleep(TOKEN_RETRY_TIMEOUT)
-        else:
-            break
+            if retry < max_retries:
+                time.sleep(TOKEN_RETRY_TIMEOUT)
 
     if retry == max_retries:
-        if SP_CACHED_ACCESS_TOKEN is not None:
-            print(f"* Token appears to be still invalid after {max_retries} attempts, returning token anyway")
-            print_cur_ts("Timestamp:\t\t\t")
-            return SP_CACHED_ACCESS_TOKEN
-        else:
-            raise RuntimeError(f"Failed to obtain a valid Spotify access token after {max_retries} attempts")
+
+        if fetch_and_update_secrets():
+            try:
+                token_data = refresh_access_token_from_sp_dc(sp_dc)
+                token = token_data["access_token"]
+                client_id = token_data.get("client_id", "")
+                length = token_data["length"]
+
+                SP_CACHED_ACCESS_TOKEN = token
+                SP_ACCESS_TOKEN_EXPIRES_AT = token_data["expires_at"]
+                SP_CACHED_CLIENT_ID = client_id
+
+                if SP_CACHED_ACCESS_TOKEN and check_token_validity(SP_CACHED_ACCESS_TOKEN, SP_CACHED_CLIENT_ID, USER_AGENT):
+                    return SP_CACHED_ACCESS_TOKEN
+            except Exception as e:
+                last_error = str(e)
+
+        error_msg = f"Failed to obtain a valid Spotify access token after {max_retries} attempts"
+        if last_error:
+            error_msg += f": {last_error}"
+        raise RuntimeError(error_msg)
 
     return SP_CACHED_ACCESS_TOKEN
 

spotify_monitor-2.3.1.dist-info/RECORD

@@ -1,7 +0,0 @@
-spotify_monitor.py,sha256=msF-xUpmB_dch3C1dtA31mvU0OgtRUgUeOtXh20xDLw,159386
-spotify_monitor-2.3.1.dist-info/licenses/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
-spotify_monitor-2.3.1.dist-info/METADATA,sha256=z37aFQ2NUa5jYzU5pF6ru5UXmu65Ctee8J_EDvjG1iI,25204
-spotify_monitor-2.3.1.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-spotify_monitor-2.3.1.dist-info/entry_points.txt,sha256=8HzePfUcCSXrYaXOwLbNNYO8GJcnhgCSl4wcDNECht8,57
-spotify_monitor-2.3.1.dist-info/top_level.txt,sha256=EP6IPD4vHT12rLM5b_jo2i3nrfOuwk3ehhr2gWdQx9Y,16
-spotify_monitor-2.3.1.dist-info/RECORD,,