Forum Discussion

YOUNGGON K.'s avatar
YOUNGGON K.
New member | Level 1
10 years ago

get_current_account API is strange and does not work with common-sense.

1. Content-Type header
Why does get_current_account API require 'application/json' as Content-Type header?
Even if there is no body to deliver.

As document mention that, get_current_account does not have any parameters.
https://www.dropbox.com/developers/documentation/http#documentation-users-get_current_account

Moreover, POST method could configure Content-Type 'application/x-www-form-urlencoded' or else.
Thus, Dropbox does not return 400 status code and can handle Content-Type header depending on Content-Length header.

2. null value of content body
Why does get_current_account API work with body contains "null" string value?
I don't understand why clients MUST deliver "null" value to call the API.

In the bottom line, Dropbox APIs have some points to improve.
First of all, APIs can accept any Content-Type values if the APIs do not require any contents.
Lastly, APIs do not require null value explicitly.


Here is debugging history in details.
================================================================================
POST https://api.dropboxapi.com/2/users/get_current_account
Accept-Encoding:identity
Authorization:Bearer <REDACTED>
Connection:Keep-Alive
Content-Type: application/x-www-form-urlencoded
User-Agent:LibHttp/1.3.8

HTTP/1.1 400 Bad Request
Connection:keep-alive
Content-Type:text/plain; charset=utf-8
Date:Mon, 16 Nov 2015 01:23:18 GMT
Server:nginx
Transfer-Encoding:chunked
X-Android-Received-Millis:1447636998418
X-Android-Response-Source:NETWORK 400
X-Android-Selected-Protocol:http/1.1
X-Android-Sent-Millis:1447636998116
X-Dropbox-Request-Id:d18609a437a9d89674953936446277e5

Error in call to API function "users/get_current_account": Bad HTTP "Content-Type" header: "application/x-www-form-urlencoded". Expecting one of "application/json", "application/json; charset=utf-8", "text/plain; charset=dropbox-cors-hack".
================================================================================

Even though I request API with 'application/json' Content-Type, Dropbox returns 400 Bad request.
================================================================================
POST https://api.dropboxapi.com/2/users/get_current_account
Accept-Encoding:identity
Authorization:Bearer <REDACTED>
Connection:Keep-Alive
Content-Type:application/json
User-Agent:LibHttp/1.3.8

HTTP/1.1 400 Bad Request
Connection:keep-alive
Content-Type:text/plain; charset=utf-8
Date:Mon, 16 Nov 2015 01:30:38 GMT
Server:nginx
Transfer-Encoding:chunked
X-Android-Received-Millis:1447637438736
X-Android-Response-Source:NETWORK 400
X-Android-Selected-Protocol:http/1.1
X-Android-Sent-Millis:1447637438504
X-Dropbox-Request-Id:9ff31041c35dadf8a9a5014ed5dd810f

Error in call to API function "users/get_current_account": request body: could not decode input as JSON
================================================================================

So, I tried to request API with empty JSON data.

================================================================================
POST https://api.dropboxapi.com/2/users/get_current_account
Accept-Encoding:identity
Authorization:Bearer <REDACTED>
Connection:Keep-Alive
Content-Type:application/json
User-Agent:LibHttp/1.3.8

{}

HTTP/1.1 400 Bad Request
Connection:keep-alive
Content-Type:text/plain; charset=utf-8
Date:Mon, 16 Nov 2015 01:33:54 GMT
Server:nginx
Transfer-Encoding:chunked
X-Android-Received-Millis:1447637634795
X-Android-Response-Source:NETWORK 400
X-Android-Selected-Protocol:http/1.1
X-Android-Sent-Millis:1447637634534
X-Dropbox-Request-Id:b218c48199affb8c3a5484a88f01480f

Error in call to API function "users/get_current_account": request body: expected null, got value
================================================================================
I got 400 response again.
So, I tried to request the API with null string.

================================================================================
POST https://api.dropboxapi.com/2/users/get_current_account
Accept-Encoding:identity
Authorization:Bearer <REDACTED>
Connection:Keep-Alive
Content-Type:application/json
User-Agent:LibHttp/1.3.8

null

HTTP/1.1 200 OK
cache-control:no-cache
Connection:keep-alive
Content-Type:application/json
Date:Mon, 16 Nov 2015 01:36:40 GMT
pragma:no-cache
Server:nginx
set-cookie:gvc=MzA3NTE2Nzg4NjAzMTUyODM0MzA1NTI2NDUyMDI2NzI3MTMxMzU2; expires=Sat, 14 Nov 2020 01:36:40 GMT; httponly; Path=/; secure
Transfer-Encoding:chunked
X-Android-Received-Millis:1447637800790
X-Android-Response-Source:NETWORK 200
X-Android-Selected-Protocol:http/1.1
X-Android-Sent-Millis:1447637800419
x-content-type-options:nosniff
x-dropbox-http-protocol:None
X-Dropbox-Request-Id:bb495c26ac4186da8b454b96dceb5303
x-frame-options:SAMEORIGIN
X-Server-Response-Time:103

{"account_id": "dbid:AADd6v6-ots3IQ0xwrXWnZF1-HQtqflX5Lw", "name": {"given_name": "David", "surname": "Kim", "familiar_name": "Kim David", "display_name": "Kim David"}, "email": "cloud.dev.gg@gmail.com", "country": "US", "locale": "ko", "referral_link": "https://db.tt/5sD5TOL6", "is_paired": false, "account_type": {".tag": "basic"}}
================================================================================
Finally, I got a response about get_current_account API.
I found that get_space_usage API works same.
I think all of APIs do not require parameters might work same.

Thanks for your support in advance.

  • You can omit both the Content-Type header and the body when a method takes no argument. I just tested it:

    $ curl -v -X POST https://api.dropboxapi.com/2/users/get_current_account -H "Authorization:Bearer <REDACTED>"
    * Trying 108.160.172.205...
    * Connected to api.dropboxapi.com (108.160.172.205) port 443 (#0)
    * TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
    * Server certificate: api.dropboxapi.com
    * Server certificate: Go Daddy Secure Certificate Authority - G2
    * Server certificate: Go Daddy Root Certificate Authority - G2
    > POST /2/users/get_current_account HTTP/1.1
    > Host: api.dropboxapi.com
    > User-Agent: curl/7.43.0
    > Accept: */*
    > Authorization:Bearer <REDACTED>
    >
    < HTTP/1.1 200 OK
    < ...

    My guess would be that whatever tool/code you're using to make the request is attaching a non-empty body. If a body is present, it must be valid JSON (with a correct Content-Type header).

  • YOUNGGON K.'s avatar
    YOUNGGON K.
    New member | Level 1

    Dear Steve,

    Thanks for your quick reply!

    And I think it is more compatible with RESTful concept that get_current_account and get_space_usage APIs support GET method, not POST.

     

    Best regards

     

  • Gajanan G.'s avatar
    Gajanan G.
    New member | Level 1
    curl -v -X POST https://api.dropboxapi.com/2/users/get_current_account

    what is users in this url??? i have dropbox account what shall i replace in user???
    and also what is 2?? in url

  • Jan N.8's avatar
    Jan N.8
    New member | Level 1

    Really, why it does not support GET method?

    It does not make any real sense to POST nothing.

  • Jan N.8's avatar
    Jan N.8
    New member | Level 1

    This is not about REST. Someone writes about "principle of least astonishment" in the blog but your new API was worst pain ever.

    It is like if you went to a post office to GET a package but you were requested to POST some empty package to receive one.

  • Alvaro R.2's avatar
    Alvaro R.2
    New member | Level 2
    I had the same problem, I ended up setting ContentType to json and body to "null" and it worked. Strangely the same "netstandard" code was working on UWP and failing in Android, it looks the underlying http client is making something different.

About Dropbox API Support & Feedback

Node avatar for Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.5,951 PostsLatest Activity: 3 minutes ago
352 Following

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!