Start 2025 on time and up to date. Seamlessly integrate your calendars into Dropbox with these simple steps.

Forum Discussion

FrustratedUser3's avatar
FrustratedUser3
Collaborator | Level 8
2 years ago

Mismatched redirect URI

I am using the following link to generate an authorization code for the code flow process:

 

https://www.dropbox.com/oauth2/authorize?client_id=CLIENT_ID&response_type=code&token_access_type=offline&redirect_uri=https://dev.crm.DOMAIN.com/api/v1/Dropbox/Oauth2

 

I replaced the client ID and domain due to privacy. The process works as expected without the redirect URI. In addition, I can successfully generate an access token using Postman by connecting to my API through the redirect URI with the code as one of the parameters, which validates my API's behavior.

 

After granting access to the app, here is what is shown in the browser's address bar:

 

 

https://dev.crm.DOMAIN.com/api/v1/Dropbox/Oauth2?code=EIk...vr0

 

 

 

Here is what my API receives:

 

[2023-02-19 16:32:44] DEBUG:  [{"code":"EIk...vr0"}] []

 

 

Using the code, I create a request as follows:

 

  private function generateAccessToken($code) {
    $data = array(
      "client_id=<CLIENT_ID>",
      "client_secret=<CLIENT_SECRET>",
      "grant_type=authorization_code",
      "code={$code}",
    );

    $data = implode("&", $data);
    $headers = array('Content-Type: application/x-www-form-urlencoded');
    $url = "https://api.dropboxapi.com/oauth2/token";

    $response = $this->curl->post($url, $headers, $data);
    if($response["code"] != 200) {
      $GLOBALS["log"]->error("access token error", $response);
      throw new Error("Error while retrieving access token");
    }

    return $response["data"];
  }

 

 

Here is the response:

 

 

[2023-02-19 16:30:13] ERROR: access token error {400, "error":"invalid_grant", "error_description":"redirect_uri mismatch"}

 

 

 

Here is what is registered in the Dropbox app console:

 

I can't figure out what the problem is.

  • FrustratedUser3, When you use redirect URI to receive a code, you have to use the same URI as a parameter in the call to /oauth2/token (the 'redirect_uri' parameter). 🙂 In spite this parameter is optional in general, it becomes mandatory with code received through redirect URI and the value should match this URI. As can be seen, it's skipped in your code. 😉 That's where your issue comes from. Here "mismatch" probably means empty/missing doesn't match to the actual.

    Good luck.

  • FrustratedUser3, When you use redirect URI to receive a code, you have to use the same URI as a parameter in the call to /oauth2/token (the 'redirect_uri' parameter). 🙂 In spite this parameter is optional in general, it becomes mandatory with code received through redirect URI and the value should match this URI. As can be seen, it's skipped in your code. 😉 That's where your issue comes from. Here "mismatch" probably means empty/missing doesn't match to the actual.

    Good luck.

    • FrustratedUser3's avatar
      FrustratedUser3
      Collaborator | Level 8

      The oauth2 guide does not make that clear, but you're right. I added redirect_uri to the parameters as follows:

       

      if(isset($code)) {
        $data[] = "grant_type=authorization_code";
        $data[] = "code={$code}";
        $data[] = "redirect_uri={$this->cfg->get("siteUrl")}/api/v1/Dropbox/Oauth2";
      } else {
        $data[] = "grant_type=refresh_token";
        $data[] = "refresh_token={$this->cfg->get("dropboxRefreshToken")}";
      }

      It works. Thanks.

       

      For anyone else who gets stuck on this, here is the relevant documentation: