Forum Discussion

Dame1701's avatar
Dame1701
New member | Level 2
4 years ago

Dropbox .net SDK, automatic refresh of access token not working

Hi there,   I'm using the latest (6.22.0) version of the .net API. However it seems that the access token is not being automatically refreshed causing a bad request error to be thrown when I try ...
API
Dame1701's avatar
Dame1701
New member | Level 2
4 years ago

I've managed to sort the issue. Debugging through the SDK source code, I could see that I wasn't setting the AppSecret, though from the comments in the SDK, it appears that this is not critical. However when I changed the code I use to create the Dropbox client and used the overload that includes the AppSecret, the SDK was able to retrieve a refresh token.

 

It would be useful if the proper error messages received from the server is returned from the API call. For example when the RefreshAccessToken method is called in the DropboxRequestHandler, the call to response.EnsureSuccessStatusCode() (on line 288) throws an exception which causes the method to only return the basic information, in this case BadRequest provided by that exception. Instead, what you really should be doing is creating some custom code to handle a non Success status code then if possible, you need to be parsing the Content of the response like you do for a successful request i.e.  var json = JObject.Parse(await response.Content.ReadAsStringAsync()) which will then provide you with additional error information that you can pass on to the user which will at least give them a clue, in my case it was the "No auth function available for given request" message which provided a bit of a clue.

 

For example, something a bit like this.....

 

string Error = null;

try
{
response.EnsureSuccessStatusCode();
}
catch (Exception ex)
{
Error = ex.Message
}

var json = JObject.Parse(await response.Content.ReadAsStringAsync());

if (!string.IsNullOrEmpty(Error)
{
// Do something with the decoded json data and then maybe throw a new exception with this data
}


            if (response.IsSuccessStatusCode)
            {
                var json = JObject.Parse(await response.Content.ReadAsStringAsync());
                string accessToken = json["access_token"].ToString();
                DateTime tokenExpiration = DateTime.Now.AddSeconds(json["expires_in"].ToObject<int>());
                this.options.OAuth2AccessToken = accessToken;
                this.options.OAuth2AccessTokenExpiresAt = tokenExpiration;
                return true;
            }

            return false;

 

 

Also, since in this case it was the lack of AppSecret that was causing the issue, an error reflecting this would be very useful.

Greg-DB's avatar
Greg-DB
Icon for Dropbox Community Moderator rankDropbox Community Moderator
4 years ago

Thanks for writing this up. I'm glad to hear you already sorted this out. I'll ask the team to improve the error reporting.

 

For reference, there are two ways to request offline access. One requires the app secret when performing a refresh, and one does not:

  • using PKCE: This is meant for client-side apps and does not require the app secret. There's an example here.
  • not using PKCE: This is meant for server-side apps and does require the app secret. There's an example here.

About Dropbox API Support & Feedback

Node avatar for Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.

The Dropbox Community team is active from Monday to Friday. We try to respond to you as soon as we can, usually within 2 hours.

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X, Facebook or Instagram.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!