I'm not a developer, but I'm trying desperately to use the Last.fm web service, since their new website design doesn't provide some special informations anymore, which I've got a little bit addicted to over the years.
Problem: I'm not able to authenticate; some error message appears ("Invalid authentication token supplied") when I try to fetch a web service session.
I'm generally trying the authentication for desktop applications (http://www.last.fm/api/desktopauth). Below are the steps I perform. Any help would be very much appreciated!
Step 1: Get an API Key
I got one and check if it generally works with example method "artist.getSimilar" (www.last.fm/api/show/artist.getSimilar) and the follwing call:
ws.audioscrobbler.com/2.0/?method=artist.getSimilar&artist=Haggard&api_key=[my api key]
Result: it works.
Step 2: Fetch a request token
This is done with method "auth.getToken" (www.last.fm/api/show/auth.getToken)
api_key[my api key]methodauth.getToken[my secret]
ws.audioscrobbler.com/2.0/?method=auth.getToken&api_key=[my api key]&api_sig=[my MD5 ouput]
Result: the token.
Step 3: Request authorization from the user
Call:
www.last.fm/api/auth/?api_key=[my Api Key]&token=[my token]
Result: My example user grants my application permission to use his account.
Step 4: Fetch A Web Service Session
This is done with method "auth.getSession" (http://www.last.fm/api/show/auth.getSession)
api_key[my Api Key]methodauth.getSessiontoken[my token][my secret]
Web call:
ws.audioscrobbler.com/2.0/?method=auth.getSession&token=[my token]&api_key=[my api key]&api_sig=[my new MD5 output]
Result:
status = "failed"
error code = "4" Invalid authentication token supplied
:-(
It turned out that the problem was that the token expired to soon; it lasts only a minute or so and gets then invalid; if you don't use an automated process and operate manually you have to be swift between getting the token and fetching the web service session.