Add SecretSerializer for TOTP secret serialization

Author: LabyStudio

src/main/java/de/labystudio/spotifyapi/open/OpenSpotifyAPI.java

@@ -9,6 +9,7 @@
 import de.labystudio.spotifyapi.open.model.track.OpenTrack;
 import de.labystudio.spotifyapi.open.totp.TOTP;
 import de.labystudio.spotifyapi.open.totp.gson.SecretDeserializer;
+import de.labystudio.spotifyapi.open.totp.gson.SecretSerializer;
 import de.labystudio.spotifyapi.open.totp.model.Secret;
 import de.labystudio.spotifyapi.open.totp.provider.SecretProvider;
 
@@ -36,6 +37,7 @@ public class OpenSpotifyAPI {
 
     public static final Gson GSON = new GsonBuilder()
             .registerTypeAdapter(Secret.class, new SecretDeserializer())
+            .registerTypeAdapter(Secret.class, new SecretSerializer())
             .create();
 
     public static final String USER_AGENT = "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537." + (int) (Math.random() * 90);
@@ -103,7 +105,7 @@ private AccessTokenResponse generateAccessToken() throws IOException {
         }
 
         long serverTime = this.requestServerTime();
-        String totp = TOTP.generateOtp(secret.toBytes(), serverTime, 30, 6);
+        String totp = TOTP.generateOtp(secret.getSecretAsBytes(), serverTime, 30, 6);
 
         AccessTokenResponse response = this.getToken("transport", totp, secret.getVersion());
 

src/main/java/de/labystudio/spotifyapi/open/totp/gson/SecretSerializer.java

@@ -0,0 +1,25 @@
+package de.labystudio.spotifyapi.open.totp.gson;
+
+import com.google.gson.JsonElement;
+import com.google.gson.JsonObject;
+import com.google.gson.JsonSerializationContext;
+import com.google.gson.JsonSerializer;
+import de.labystudio.spotifyapi.open.totp.model.Secret;
+
+import java.lang.reflect.Type;
+
+/**
+ * This class is used to serialize the TOTP secret to Spotify's TOTP storage format.
+ *
+ * @author LabyStudio
+ */
+public class SecretSerializer implements JsonSerializer<Secret> {
+
+    @Override
+    public JsonElement serialize(Secret secret, Type type, JsonSerializationContext context) {
+        JsonObject obj = new JsonObject();
+        obj.addProperty("version", secret.getVersion());
+        obj.addProperty("secret", secret.getSecretAsString());
+        return obj;
+    }
+}

src/main/java/de/labystudio/spotifyapi/open/totp/model/Secret.java

@@ -17,12 +17,25 @@ private Secret(int[] secret, int version) {
         this.version = version;
     }
 
+    /**
+     * Converts the secret into a string representation.
+     *
+     * @return A string representation of the secret, where each character corresponds to an integer in the secret array.
+     */
+    public String getSecretAsString() {
+        StringBuilder sb = new StringBuilder();
+        for (int i : this.secret) {
+            sb.append((char) i);
+        }
+        return sb.toString();
+    }
+
     /**
      * Converts the secret into a byte array for TOTP generation in java.
      *
      * @return A byte array representing the secret, suitable for use in TOTP generation.
      */
-    public byte[] toBytes() {
+    public byte[] getSecretAsBytes() {
         // Convert secret numbers to xor results
         StringBuilder xorResults = new StringBuilder();
         for (int i = 0; i < this.secret.length; i++) {

src/main/resources/secrets.json

@@ -1,53 +1,13 @@
 {
-  "validUntil": "2025-07-04T13:00:00.000Z",
-  "secrets": [
-    {
-      "secret": "meZcB\\tlUFV1D6W2Hy4@9+$QaH5)N8",
-      "version": 9
-    },
-    {
-      "secret": [
-        37,
-        84,
-        32,
-        76,
-        87,
-        90,
-        87,
-        47,
-        13,
-        75,
-        48,
-        54,
-        44,
-        28,
-        19,
-        21,
-        22
-      ],
-      "version": 8
-    },
-    {
-      "secret": [
-        59,
-        91,
-        66,
-        74,
-        30,
-        66,
-        74,
-        38,
-        46,
-        50,
-        72,
-        61,
-        44,
-        71,
-        86,
-        39,
-        89
-      ],
-      "version": 7
-    }
-  ]
+  "validUntil": "2025-07-07T09:00:00.000Z",
+  "secrets": [{
+    "secret": "=n:b#OuEfH\\fE])e*K",
+    "version": 10
+  }, {
+    "secret": "meZcB\\tlUFV1D6W2Hy4@9+$QaH5)N8",
+    "version": 9
+  }, {
+    "secret": [37, 84, 32, 76, 87, 90, 87, 47, 13, 75, 48, 54, 44, 28, 19, 21, 22],
+    "version": 8
+  }]
 }

src/test/java/OpenSpotifyApiTest.java

@@ -5,11 +5,10 @@
 import de.labystudio.spotifyapi.open.totp.provider.SecretProvider;
 
 public class OpenSpotifyApiTest {
-
     public static void main(String[] args) throws Exception {
         SecretProvider secretProvider = new DefaultSecretProvider(
                 // Note: You have to update the secret with the latest TOTP secret from open.spotify.com
-                Secret.fromString("meZcB\\tlUFV1D6W2Hy4@9+$QaH5)N8", 9)
+                Secret.fromString("=n:b#OuEfH\\fE])e*K", 10)
         );
         OpenSpotifyAPI openSpotifyAPI = new OpenSpotifyAPI(secretProvider);
         OpenTrack openTrack = openSpotifyAPI.requestOpenTrack("38T0tPVZHcPZyhtOcCP7pF");