Clementine’s way of implementing Spotify ! Getting rid of the API key ?

[bergalath]

Hi @akezeke,

I think you should check how the clementine-player’s team handle the Spotify API key :

http://code.google.com/p/clementine-player/source/browse/ext/clementine-spotifyblob/spotifykey.h

More details/discussions on this with @tompen- here ? : http://openelec.tv/forum/13-miscellaneous/7010-spotify?limit=20&start=80#26307

[akezeke]

Hi,

And check in http://code.google.com/p/clementine-player/source/browse/ext/clementine-spotifyblob/spotifyclient.cpp at row 42, there they are showing how to use their key so anyone interested can just take it and use it.

The problem here is that since libspotify needs the key in a specific format, it cant be encrypted or whatever and used without decrypted before being passed to libspotify.

[avbk]

Hey guys,

I think decoupling the API key from the source code is an important issue, because normal users should not be forced to get their own API key, edit source code an then compile it. I just thought of two ideas:

1. Encrypt the API Key, and put the encrypted key into the source. Provide the decryption method as an closed source external library. By this method you can provide the API key in a secure way. The only problem I can think of is that the xbmc license (GNU GPL afaik) would clash with such an closed source Library. But since this fork is already using a closed source lib by accesing libspotify, this solution would not cause any new problems.

2. Read the license from the Filesystem on demand. Using this solution you (or at least someone ;-) ) could provide binary packages. The user would 'only' need to apply for a dev account and an API key. Then he could put that key to a specific location, like ~/.xbmc/spotify-api.key

[dtony]

Providing an external way to get the key could be a good idea IMHO but the main issue is that libspotify licence does not allow to provide binaries linked to libspotify if I remember well.

[escoand]

If you tell me what's wrong with #55 I could fix it!