You have 2 options... 1 do as @
subjoel said and use a paid solving service, or you can use something like what this guy did (This is not my work).
Code:
def bypassChallenge(self, session: httpx.Client, client_token: str, client_id: str, session_id: str, proxy: str = None):
while True:
try:
payload = {'session_id': session_id}
headers = {
'accept': 'application/json',
'accept-encoding': 'gzip',
'accept-language': 'en-US',
'app-platform': 'Android',
'client-token': client_token,
'connection': 'Keep-Alive',
'content-type': 'application/json',
'host': 'spclient.wg.spotify.com',
'spotify-app-version': '8.8.56.538',
'user-agent': 'Spotify/8.8.56.538 Android/28 (SM-S908E)',
'x-client-id': client_id
}
r = session.post('https://spclient.wg.spotify.com/challenge-orchestrator/v1/get-session',headers=headers, json=payload)
if r.status_code == 200:
url = str(r.url)
challenge_url: str = r.json()['in_progress']['challenge_details']['web_challenge_launcher']['url']
challenge_id = challenge_url.split('/')[-2]
headers = {
'authority': 'challenge.spotify.com',
'accept': 'application/json',
'accept-language': 'en-US,en;q=0.9',
'content-type': 'application/json',
'origin': 'https://challenge.spotify.com',
'referer': url,
'sec-ch-ua': '"Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"',
'sec-ch-ua-mobile': '?0',
'sec-ch-ua-platform': '"Windows"',
'sec-fetch-dest': 'empty',
'sec-fetch-mode': 'cors',
'sec-fetch-site': 'same-origin',
}
if challenge_url.endswith('recaptcha'):
self.console.printe(f'Account not created. Recaptcha challenges cannot be solved at this time. If you are constantly getting this error, try again with quality proxies.')
break
elif challenge_url.endswith('dummy'):
payload = {
'session_id': session_id,
'challenge_id': challenge_id,
'dummy_challenge_v1': {'noop': {}}
}
else:
self.console.printe(f'Account not created. Error: {r.text}')
r = session.post('https://challenge.spotify.com/api/v1/invoke-challenge-command', headers=headers, json=payload)
if r.status_code == 200:
r = httpx.post('https://spclient.wg.spotify.com/signup/public/v2/account/complete-creation', headers=headers, json={'session_id': session_id})
if r.status_code == 200 and 'success' in r.text:
return r.json()['success']
else:
self.console.printe('Failed bypassing challenge. Retrying...')
if self.settings['Debug_Mode'] == 'y':
self.debugMode(r.text, r.status_code)
except Exception as e:
self.console.printe('Error bypassing, retrying...')
if self.settings['Debug_Mode'] == 'y':
self.debugMode(str(e))
continue
I have some previous experience working with Spotify, from the way this looks, his bypass is strictly based off reputation of ip. As you can see he sends another request after to the challenge invoke api with the request params in the payload. Im not sure if this still works or if it ever did but it might help you have a basic concept of what your needing to do.
![[Image: 4v63n7I.gif]](https://i.imgur.com/4v63n7I.gif)
