OK, it works now (with or without precomposed URLs) but it doesn’t indicate if the job succeeded or failed. I had to check the edit history on each release to make sure the ISRCs were successfully submitted.
Due to this migration, the confirmation message “submit successfully” has been deleted?
Edit: corrected, now with status Submit, In progress and Submitted. Thanks 
1 Like
When I send a link from Spotify, nothing happens, everything looks like this on the screen. Something has changed? When will the result display work?
2 Likes
A few new things were added recently.
- Barcode retrieval: if there as MusicBrainz release with the barcode of the Spotify release, it will display it as a candidate automatically. If there is only one match, it will also load it automatically. If there is more than one, it will show all, but not select any by default.
- Heuristic matching of releases if there’s no barcode match. This is a simple MB search by artist name, track count etc., which I plan to try to optimise a bit.
- Kind of single-page app for the artist explorer. Selecting an album will load it on the same page, keeping the other releases still shown in the slot below.
6 Likes
In the next few hours(ish – could be tomorrow) I’ll be moving the app to a new location.
It’s also been rewritten, the core features are all still there, and any others that aren’t are probably work in progress (so don’t ask). The new version is entirely client side. As a result you’ll need a Spotify account to use it (not Premium, just any Spotify account).
The reason for this is that it can’t keep secrets being 100% client side and the PKCE flow for Spotify requires login even if you don’t request any special access scope (or at least it seems to – if someone knows better please let me know). There’s no logging of any of the data, including who logged in beyond what Spotify’s API will log when you authenticate – feel free to inspect the network tabs etc.
Auth flows now happen in a separate tab (or window) which will close when it completes, so you don’t lose where you were or end up with a new tab focused.
Old links will be redirected temporarily, until the old app expires in about three months.
10 Likes
Thanks for your continued work!
Hopefully, we can get atisket updated for the new location. 
1 Like
It’s up in the air whether a-tisket will ever be updated.
Edit to avoid double-posting: For those who can’t or don’t want to use the new tool, it should still be possible to view the ISRCs in the results page of a-tisket and submit them via @kepstin’s MagicISRC.
5 Likes
I don’t know how atisket ISRC listing looks like but you may want to use MASS ISRC to copy/paste all ISRC at once in Magic ISRC.
2 Likes
I’ve updated my userscript to use the new URL. I’ve also started hosting a mirror of atisket and I’ve updated the URL there too.
Thanks for continuing to support this useful tool @tatsumo!
6 Likes
Please, bring back the search for ISRC on each ISRC that you had on the previous version. Believe it or not, I used it a lot because I have a script to open links in new windows and it made searching for them a lot easier than doing each one by one. Thanks for the hard work. It’s an awesome tool.
2 Likes
Done. It can also load them inline as well.
2 Likes
Is there any way to ‘cache’ my credentials/cookies for Spotify, to later be used by this app? Each time I go to submit, I’m asked to sign into Spotify and MusicBrainz again. Even just refreshing a page after I just signed in.
2 Likes
Spotify yes — if that’s not working there must be something wrong. This does work for me (and obviously I don’t have weird logic in place for my own accounts). But it doesn’t last forever.
For MusicBrainz it’s a bit trickier but it is something I was looking at. It kind of works now. ish. In order to refresh the credentials it needs to open a new tab/window – it will try to do this at immediately at page load if you’ve logged in before. However, because this spawns a new tab/window without user interaction (click/etc.) browser pop-up blockers will intercept it.
So if you want it to automatically log back into MusicBrainz, when you see a “pop-up blocked” notice at page load, just set it to “Always allow”. Otherwise you can just ignore it and click the button as before.
1 Like
Wow! Looks great and I have had no issues. Of course, I got used to the Spotify login situation with their API interface. Not a big deal to me, it’s a click. I guess it would be annoying if I was using MB on a phone or tablet though. Awesome job.
Actually I think there was an issue in the refresh of Spotify credentials. I believe it was a race condition which I’ve now identified. I could reproduce it only on my phone (usually, but not 100%, which is why I think it was a race condition) so I assume it was about the order of execution in concurrent tabs.
I’m pretty sure it’s fixed now as I can’t reproduce it anymore.
5 Likes
Yep, Spotify stays logged in now, thanks!
There’s also currently an issue authenticating with MusicBrainz. I’m very certain the issue is on the MusicBrainz side as I rolled back several revisions (to versions where I’m 100% certain the was no problem) and it still receives a 400 from MusicBrainz.
Hopefully it will resolve itself shortly because there’s nothing I can do on my end that I can see.
It appears the issue is the MusicBrainz PKCE OAuth flow is broken (I assume – as I said, I haven’t changed anything on my side). So I’ve temporarily disabled it
4 Likes
Could you re-add the links back to the Spotify releases. When I add a release, I use your tool to see all the releases have around the world. Which is awesome, but currently I have to copy and paste the release ID, when I use to just make a click. I like the new layout.
2 Likes
@tatsumo, I encountered an issue when enabling PKCE on MB OAuth recently and it worked fine once resolved. I don’t think it is related to what you’re experiencing given your site was previously working but here’s the issue I had just in case it’s helpful.
The PKCE RFC states that when the code challenge method is “S256” the server verifies the “code_verifier” token as follows:
BASE64URL-ENCODE(SHA256(ASCII(code_verifier))) == code_challenge
The following line from the MB server code that performs the verification:
$code_challenge eq encode_base64url(sha256(decode_base64url($code_verifier))))
Note the call to decode_base64url here. The library I was using for OAuth was not base64 encoding the verifier before hashing it with SHA256 (it was already a valid ASCII string), which meant the PKCE validation failed. Once I base64 encoded the verifier before hashing it worked. I’m not 100% but based on my interpretation of the RFC I think the MB code isn’t compliant 