python - Last.fm API invalid method signature but valid when getting session key -
i wanna make python client last.fm api. wanna build kind of library.
i managed , set session getting session key. afterwards, try call post method requires api_key, api_signature , session key. use api key have, same api_signature used session key , session key itself.
but "invalid method signature" though use same api_signature post calls.
import json import webbrowser hashlib import md5 import urllib3 class pylast(): def __init__(self, api_key, secret, session_key=none): self.__api_key__ = api_key self.__secret__ = secret self.__session_key__ = session_key self.__api_signature__ = none if session_key none: self.__is_authorized__ = false else: self.__is_authorized__ = true self.__http__ = urllib3.poolmanager() def request_token(self): print("getting token...") url = 'http://ws.audioscrobbler.com/2.0/?method=auth.gettoken&api_key={}&format=json'.format(self.__api_key__) req_response = self.__http__.request('get', url, headers={'user-agent' : 'mozilla/5.0'}) if req_response.status == 200: json_data = json.loads(req_response.data.decode('utf-8')) token = json_data['token'] self.__token__ = token return token else: print("error code " + req_response.status) def authorize(self): if not self.__is_authorized__: url = 'http://www.last.fm/api/auth/?api_key={}&token={}'.format(self.__api_key__, self.__token__) # open browser authorize app webbrowser.open(url, new=0, autoraise=true) # make sure authorized self.__is_authorized__ = true def start_session(self): if self.__is_authorized__: data = "api_key{}methodauth.getsessiontoken{}{}" \ .format(self.__api_key__, self.__token__, self.__secret__).encode( encoding='utf-8') self.__api_signature__ = md5(data).hexdigest() url = 'http://ws.audioscrobbler.com/2.0/?method=auth.getsession&api_key={}&token={}&api_sig={}&format=json'.format( self.__api_key__, self.__token__, self.__api_signature__) req_response = self.__http__.request('get', url) if req_response.status == 200: json_data = json.loads(req_response.data.decode('utf-8')) session_key = json_data['session']['key'] self.__session_key__ = session_key url = 'http://ws.audioscrobbler.com/2.0/?method=track.love&api_key={}&api_sig={}&sk={}&artist=cher&track=believe&format=json'.format( self.__api_key__, self.__api_signature__, self.__session_key__) req_response = self.__http__.request('post', url) return self.__session_key__ else: print("error code " + str(req_response.status)) else: print("not authorized!")
i found solution. problem was using same parameters used generate session key make post call. right way sign method last.fm api build api_sig post method want use. example, generate api_sig track.love use these parameters:
data = {"api_key": api_key, "method": "track.love", "track" : "yellow", "artist" :"coldplay", "sk" : session_key } keys = sorted(data.keys()) param = [k+data[k] k in keys] param = "".join(param) + secret api_sig = md5(param.encode()).hexdigest() # api_sig used sign track.love call.
Comments
Post a Comment