Cut the Clutter: Test Ignore Files Feature - sign up to become a beta tester  here!

Forum Discussion

Orgbrat's avatar
Orgbrat
Explorer | Level 3
4 years ago

How to fix the short-lived access token issue?

I have a Desktop/Mobile Xamarin application that reads and writes to the Apps folder in a users Dropbox. It has been working fine for a long time but now that Dropbox has moved to short-lived access tokens my application is having issues. It used to be when the application got the Dropbox token that was it unless the user uninstalled my application. I am using the Dropbox.Sdk .NET and C#.

 

My authentication code was like this:

this.oauth2State = Guid.NewGuid().ToString("N");
var authorizeUri = DropboxOAuth2Helper.GetAuthorizeUri(OAuthResponseType.Token, Constants.DropboxClientId, new Uri(Constants.DropboxRedirectUri), this.oauth2State);
var webView = new WebView { Source = new UrlWebViewSource { Url = authorizeUri.AbsoluteUri } };
webView.Navigating += this.WebViewOnNavigating;
var contentPage = new ContentPage { Content = webView };
await Shell.Current.Navigation.PushModalAsync(contentPage);

So how do I fix this so that it works with Dropbox's new process. 

Do I need to start using both an AccessToken and a RefreshToken?

How do I change the above code to get both tokens?

And then how do I use those tokens so that the user does not need to keep logging into Dropbox from my application?

Has anyone got a .NET C# sample of how to read and write a file to a users Apps folder for an application since all this has changed?

 

Orgbrat

API

3 Replies

  • kylea's avatar
    kylea
    Icon for Dropbox Staff rankDropbox Staff
    4 years ago

    The latest .NET SDK has a good example of using refresh tokens in the OauthBasic example.  Be sure to pass the tokenAccessType: TokenAccessType.Offline parameter when constructing your url with GetAuthorizeUri in order to get a refresh token.   The refresh token can then be passed DropboxClient, which is also shown in the example.

     

     

    Using refresh tokens should only be necessary if your application requires background access.  For typical web applications, simply prompting the user to re-authenticate is recommended. The flow will typically auto-redirect if the user is logged in and has previously authorized the app.

     

    This is described in more detail in our Oauth Guide.

     

  • Orgbrat's avatar
    Orgbrat
    Explorer | Level 3
    4 years ago

    Thanks for the quick reply, it is very much appreciated. 

    I am failing to authorize with the error "scope: must be at most 0 characters, got 97"

     

    I modified the original code to be:

    string[] scopeList = new string[5] { "files.metadata.write""files.metadata.read""files.content.write""files.content.read""account_info.read" };
 
this.oauth2State = Guid.NewGuid().ToString("N");
var authorizeUri = DropboxOAuth2Helper.GetAuthorizeUri(OAuthResponseType.Code, Constants.DropboxClientId, new Uri(Constants.DropboxRedirectUri), state: this.oauth2State, tokenAccessType: TokenAccessType.Offline, scopeList: scopeList, includeGrantedScopes: IncludeGrantedScopes.None);
var webView = new WebView { Source = new UrlWebViewSource { Url = authorizeUri.AbsoluteUri } };

    Update:

    I went into the App Console and opened the Permissions tab. The Console ask me to Migrate my requested permissions, which I did do. Went back into the app and tried to authorize again and this time I am getting the  Login page from Dropbox. Step closer maybe.

     

    Now when it authorizes thru the Login page and transfers to my WebViewOnNavigating event it returns the following URL;

    https://localhost/authorize?code=xxx-Returned-Code-xxx

     

    At this point I make a call to:

    var result = await DropboxOAuth2Helper.ProcessCodeFlowAsync(new Uri(Constants.DropboxRedirectUri), Constants.DropboxClientId, Constants.DropboxClientSecret, new Uri(Constants.DropboxRedirectUri).ToString(), this.oauth2State);

    This call crashes with the error : "The redirect uri is missing expected query arguments. (Parameter 'responseUri')"

     

    Orgbrat

  • Greg-DB's avatar
    Greg-DB
    Icon for Dropbox Community Moderator rankDropbox Community Moderator
    4 years ago

    After the user authorizes the app, the resulting response URI will contain the information needed for completing the process on the query portion of the URI. You need to pass that response URI into ProcessCodeFlowAsync, as the 'responseUri' parameter, to complete the flow.

     

    This error message is indicating that the responseUri value you are passing in does not contain that information on the query portion however. In this case, that appears to be because you're passing back in the original redirect URI constant ('new Uri(Constants.DropboxRedirectUri)'), not the actual result of the authorization. You should change that to the response URI (the "https://localhost/authorize?code=xxx-Returned-Code-xxx" you mentioned.) You can find an example of that here.

     

    By the way, I notice from your code that you're processing this in a web view. The OAuth app authorization flow should be processed in the user's system browser, not a web view. See here for more information.

About Dropbox API Support & Feedback

Node avatar for Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.6,037 PostsLatest Activity: 16 hours ago
413 Following

The Dropbox Community team is active from Monday to Friday. We try to respond to you as soon as we can, usually within 2 hours.

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!