From: marcelveldt <marcelvanderveldt@MacBook-Silvia.local>
Date: Thu, 3 Oct 2019 07:59:49 +0000 (+0200)
Subject: no api keys in code
X-Git-Url: https://git.kitaultman.com/?a=commitdiff_plain;h=6cfd3be92d6ed4782f615d126f76f0f24f923c5c;p=music-assistant-server.git

no api keys in code
---

diff --git a/music_assistant/modules/musicproviders/qobuz.py b/music_assistant/modules/musicproviders/qobuz.py
index ffb97ee3..a473eaa3 100644
--- a/music_assistant/modules/musicproviders/qobuz.py
+++ b/music_assistant/modules/musicproviders/qobuz.py
@@ -5,6 +5,7 @@ import asyncio
 import os
 from typing import List
 from utils import run_periodic, LOGGER, parse_track_title
+from secrets import QOBUZ_APP_ID, QOBUZ_APP_SECRET
 from models import MusicProvider, MediaType, TrackQuality, AlbumType, Artist, Album, Track, Playlist
 from constants import CONF_USERNAME, CONF_PASSWORD, CONF_ENABLED
 import json
@@ -22,8 +23,8 @@ def setup(mass):
     username = mass.config["musicproviders"]['qobuz'].get(CONF_USERNAME)
     password = mass.config["musicproviders"]['qobuz'].get(CONF_PASSWORD)
     if enabled and username and password:
-        spotify_provider = QobuzProvider(mass, username, password)
-        return spotify_provider
+        provider = QobuzProvider(mass, username, password)
+        return provider
     return False
 
 def config_entries():
@@ -46,8 +47,6 @@ class QobuzProvider(MusicProvider):
         self.__username = username
         self.__password = password
         self.__user_auth_info = None
-        self.__app_id = "285473059" # TEMP! Own key requested
-        self.__app_secret = "47249d0eaefa6bf43a959c09aacdbce8" # TEMP! Own key requested
         self.__logged_in = False
         self.throttler = Throttler(rate_limit=2, period=1)
         mass.add_event_listener(self.mass_event, 'streaming_started')
@@ -515,7 +514,7 @@ class QobuzProvider(MusicProvider):
     async def __get_data(self, endpoint, params={}, sign_request=False, ignore_cache=False, cache_checksum=None):
         ''' get data from api'''
         url = "http://www.qobuz.com/api.json/0.2/%s" % endpoint
-        headers = {"X-App-Id": self.__app_id}
+        headers = {"X-App-Id": QOBUZ_APP_ID}
         if endpoint != 'user/login':
             headers["X-User-Auth-Token"] = await self.__auth_token()
         if sign_request:
@@ -525,11 +524,11 @@ class QobuzProvider(MusicProvider):
             for key in keys:
                 signing_data += "%s%s" %(key, params[key])
             request_ts = str(time.time())
-            request_sig = signing_data + request_ts + self.__app_secret
+            request_sig = signing_data + request_ts + QOBUZ_APP_SECRET
             request_sig = str(hashlib.md5(request_sig.encode()).hexdigest())
             params["request_ts"] = request_ts
             params["request_sig"] = request_sig
-            params["app_id"] = self.__app_id
+            params["app_id"] = QOBUZ_APP_ID
             params["user_auth_token"] = await self.__auth_token()
         try:
             async with self.throttler:
@@ -548,7 +547,7 @@ class QobuzProvider(MusicProvider):
     async def __post_data(self, endpoint, params={}, data={}):
         ''' post data to api'''
         url = "http://www.qobuz.com/api.json/0.2/%s" % endpoint
-        params["app_id"] = self.__app_id
+        params["app_id"] = QOBUZ_APP_ID
         params["user_auth_token"] = await self.__auth_token()
         async with self.http_session.post(url, params=params, json=data) as response:
             result = await response.json()
diff --git a/music_assistant/modules/musicproviders/spotify.py b/music_assistant/modules/musicproviders/spotify.py
index c0c1cfd3..f732d43f 100644
--- a/music_assistant/modules/musicproviders/spotify.py
+++ b/music_assistant/modules/musicproviders/spotify.py
@@ -7,6 +7,7 @@ from typing import List
 import sys
 import time
 from utils import run_periodic, LOGGER, parse_track_title
+from secrets import SPOTIFY_CLIENT_ID
 from models import MusicProvider, MediaType, TrackQuality, AlbumType, Artist, Album, Track, Playlist
 from constants import CONF_USERNAME, CONF_PASSWORD, CONF_ENABLED
 from asyncio_throttle import Throttler
@@ -414,8 +415,7 @@ class SpotifyProvider(MusicProvider):
                 "user-read-birthdate",
                 "user-top-read"]
             scope = ",".join(scopes)
-            clientid = '2eb96f9b37494be1824999d58028a305'
-            args = [self.get_spotty_binary(), "-t", "--client-id", clientid, "--scope", scope, "-n", "temp-spotty", "-u", self._username, "-p", self._password, "--disable-discovery"]
+            args = [self.get_spotty_binary(), "-t", "--client-id", SPOTIFY_CLIENT_ID, "--scope", scope, "-n", "temp-spotty", "-u", self._username, "-p", self._password, "--disable-discovery"]
             spotty = subprocess.Popen(args, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
             stdout, stderr = spotty.communicate()
             result = json.loads(stdout)
diff --git a/music_assistant/secrets.py b/music_assistant/secrets.py
new file mode 100755
index 00000000..397f808c
--- /dev/null
+++ b/music_assistant/secrets.py
@@ -0,0 +1,6 @@
+#!/usr/bin/env python3
+# -*- coding:utf-8 -*-
+
+QOBUZ_APP_ID = ""
+QOBUZ_APP_SECRET = ""
+SPOTIFY_CLIENT_ID = ""
\ No newline at end of file