Got some time to figure this out… The back-and-forth authorization between Spotify and MacroDroid is vanilla OAuth 2.0 -- you send some info to a Spotify webpage, it sends back an authorization code to a webpage, you send that back to another Spotify web URL with more info, it responds with an authorization token, and you then use that token in calls to do things like start playlists, control playback volume, etc…
The only MacroDroid-specific wrinkle is getting that initial authorization code into MacroDroid from the website to which Spotify sends the code. For this, I used
MacroDroid's Webhook scheme, passing the code as a parameter on the MacroDroid webhook call. If you haven't used that feature in MacroDroid, you should read up on it and play with it for a while, to understand how one can use Webhooks to trigger (and send data to) MacroDroid macros by opening a MacroDroid web address.
Tthe attached Spotify OAuth token macro handles that whole Spotify OAuth scheme within MacroDroid and sets (and updates) an authorization token global variable, for use in calls to
Spotify's API .
Steps
1) Register on Spotify developer site
Register your new integration with Spotify online. This entails setting up a "developer" account at
https://developer.spotify.com/dashboard with your existing Spotify user ID and password.
Create a new "app". Give it a name.
Enter the URL of the redirect URI web page. You're welcome to use the one I set up, which should work with Spotify and other services as long as the MacroDroid webhook scheme below is followed. Its address is
https://rpub109.s3.amazonaws.com/MD-OAuth-Redirect.html. Or you can take that page and host it yourself if you prefer.
Make note of the client ID, and client secret, that Spotify will give you.
2) Import and configure the Spotify token-management macro
Back in MacroDroid, import the attached macro.
Update these local variables in the macro:
- _client_id - the client ID for your app, provided by Spotify above
- _client_secret - the client secret for your app, provided by Spotify
- _desired_scopes - this will depend on how much you want to control Spotify. I used user-read-playback-state+user-modify-playback-state+user-read-currently-playing which covers most playback control operations. If you wanted to update playlists, you’d need to add other scopes (all separated by plus signs); see Spotify's API for details.
(The local variables that need to be configured have names beginning with an underscore; all other local variables in the macro are set by the actions in the macro as it executes)
(If you want to host your own redirect URI, update the redirect_URI local variable as well)
Save the macro. Re-open the macro and make sure the webhook trigger looks good – MacroDroid should automatically update it to your installation-specific webhook ID.
3) Trigger Spotify’s login/authorization flow
The first action in the macro is an Open Website action. It’s disabled since you only run this once, manually. Tap the action to open MacroDroid’s action popup); then tap “Test action”.
4) Log in to Spotify
Spotify should present a login page to you in your phone’s browser, in response. Log in to Spotify using your standard credentials–as if you were logging into its web music player.
Spotify should then show you the "scopes" you defined above and ask if you want to allow those scopes. Tap “OK” or “Yes”.
5) Send authorization into MacroDroid from redirect page
Spotify should then send your authorization code to the redirect URI page, which will display in your browser. That page should display the information from Spotify (long strings of numbers and letters), and then after a moment will ask if you want to “Send to MD?” (MacroDroid). Tap “OK”.
The page then converts the data to a MacroDroid webhook call, and you should then see just a white page with “Ok” displayed (the standard MacroDroid webhook confirmation).
6) Macro asks for and gets authorization token
Everything after that happens automatically in the macro. The MacroDroid macro should respond to the webhook, send the authorization code it receives back to Spotify, asking for an authorization token; it should then save the timeout and refresh token values it receives into local variables in the macro, as well as save the authorization token into a global variable (the authorization token is a global variable to allow access from other macros and action blocks).
7) Call Spotify to do things…
Now that the authorization token exists in MacroDroid, you can issue HTTP Request MacroDroid actions to Spotify to control playback.
Macros and action blocks to control Spotify should look like so:
- Add a Macro Run action as the first action, pointing to the imported macro, checking the "Block next actions until complete" action
- Test the value of the global authorization token variable to ensure it's not empty after that call (if it is, something went wrong with the authorization flow, and you should stop this macro's execution)
- Iinclude the token in the Header tab of all HTTP Request actions: Parameter name = “Authorization” (without quotation marks); value = {the global variable you defined for the authorization token}
For example, Spotify’s “Pause playback” command
[@MacroDroidDev - hope this info may help at some point. You'd probably be able to streamline a lot of this building w/in MacroDrolid]
Using this scheme with another service other than Spotify
To clone the macro with a different service (e.g. Sonos), change all references in the macro from "Spotify” to the service you're interested in:
- the macro name
- the MacroDroid Webhook trigger ID (the "webhook_trigger" local variable, plus the macro’s trigger)
- the global variable holding the authorization token
- the stopwatch ID (both in the macro’s stopwatch trigger, and the macro’s actions)
- the get_code_URL variable to be the "Get Code" URL of that service
- the get_token_URL variable to be the "Get Token" URL of that service
