Skip to content

Add OAuth authentication support#331

Open
paulborile wants to merge 8 commits intovitiko98:masterfrom
paulborile:bug/newauth
Open

Add OAuth authentication support#331
paulborile wants to merge 8 commits intovitiko98:masterfrom
paulborile:bug/newauth

Conversation

@paulborile
Copy link
Copy Markdown

@paulborile paulborile commented Apr 5, 2026
edited
Loading

Summary

  • Add OAuth authentication support since Qobuz deprecated basic auth
  • Extract private_key from Qobuz bundle for OAuth flow
  • Add login_with_oauth_code() method to Client
  • Add oauth subcommand with local server to capture auth code automatically
  • Store private_key in config file

Changes

  • qobuz_dl/bundle.py: Add get_private_key() method
  • qobuz_dl/qopy.py: Add login_with_oauth_code() method
  • qobuz_dl/cli.py: Handle OAuth command and store private_key in config
  • qobuz_dl/commands.py: Add oauth subcommand
  • qobuz_dl/core.py: Add handle_oauth_login() and initialize_client_with_oauth()

Usage

qobuz-dl oauth
# Opens browser for login, captures code automatically

Fixes #330 , could fix #329

@paulborile
docs: update auth issue with investigation results
3fcd895 
- Tested POST vs GET for /user/login - both fail with 401
- Tested signature-based auth - still fails
- qobuz-api-rust also can't login with email/password
- Token-based auth may be the only working method now
@paulborile
docs: update auth issue with extended investigation findings
33014eb 
- Tested GET/POST, device_manufacturer_id, password formats - all fail
- Discovered new signature mechanism in web player bundle.js
- Email/password login appears to be completely broken
- Need to reverse-engineer new auth or use token-based login
@paulborile
Implement token-based authentication as workaround
56171ce 
- Add auth_with_token() method to qopy.Client
- Add initialize_client_with_token() to QobuzDL core
- Update CLI to read user_id and user_auth_token from config
- Update _reset_config to support token-based setup
- Add instructions in QOBUZ_AUTH_ISSUE_REPORT.md
@paulborile
Implement token-based authentication (partial fix)
76b56df 
Token auth works for login but download signatures need updating.

Changes:
- Add skip_auth parameter to qopy.Client.__init__
- Add auth_with_token() method for user_id + user_auth_token login
- Update initialize_client_with_token() in core.py
- CLI now reads user_id and user_auth_token from config

Status:
- Login: WORKS (verified with Paul's account)
- Downloads: FAILS (signature algorithm changed by Qobuz)

See QOBUZ_AUTH_ISSUE_REPORT.md for full details.
@paulborile
docs: update auth report with complete technical summary
b38e758
@paulborile
Add OAuth authentication support
cc5ed0c 
- Extract private_key from Qobuz bundle for OAuth flow
- Add login_with_oauth_code() method to Client
- Add oauth subcommand with local server to capture auth code
- Automatically parse code from redirect URL
- Store private_key in config file
@paulborile
saving token
56a4caf
@paulborile
add venv to gitignore
bafc61e
juandmi added a commit to juandmi/qobuz-dl that referenced this pull request Apr 5, 2026
@juandmi
fix: save OAuth token to config.ini after successful authentication
8fe0b8c 
The OAuth flow from PR vitiko98#331 works but doesn't persist the token.
Subsequent dl/fun/lucky commands still read old email/password and fail.

Changes:
- initialize_client_with_oauth() now returns usr_info
- handle_oauth_login() returns user_id + user_auth_token
- cli.py oauth block saves token to config.ini and clears email/password
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

plz fix this,thx! Credentials reported invalid although they work fine on regular player

1 participant

@paulborile