Forum Discussion

SteveCr's avatar
SteveCr
Explorer | Level 4
7 years ago
Solved

Oauth and Curl

Hello all,

 

I'm developing a backup application which should have a degree of autonomy - configure once and run in the background kind of thing.  This is all in C++ with libcurl to do the network side of things.  I've been prototyping curl requests using the curl itself (following the examples in https://www.dropbox.com/developers/documentation/http/overview).

 

So far, everything looks good except for the initial https://www.dropbox.com/oauth2/authorize

At the moment, I'm stuck with pasting URLs into a browser to get the initial authorisation token.

 

However, once I have that, then I can manage to get an access token and then upload a file.

How long do access tokens last?  Is there an expiry time associated with them?

 

Does the redirect_uri mean I have to provide a functional myapp.com where oauth2/authorize sends the browser (with parameters state=abc&code=xyz).

- Some code on myapp.com then sends a request to https://www.dropbox.com/oauth2/token

- My application on the users' machine then queries myapp.com with state=abc to find out what the access token should be for further api.dropboxapi.com methods.

 

If this is so, does this mean that if myapp.com is down, then users cannot use my application?

 

I was hoping to implement something which only required dropbox to be online.

 

Thanks for any information,

Steve

  • Hey SteveCr,

     

    Have you looked over the information in the Oauth guide here:
    https://www.dropbox.com/developers/reference/oauth-guide

    You're not required to have a redirect URL, but it will change the Oauth flow for your users (they'll get a code they need to pass to your app). This is typically done for desktop or CLI apps - it sounds like from your post of your application runs locally (primarily?) so take a look at the guide and determine which flow is the best for your use case.

     

    Tokens, once acquired, won't expire unless you explicitly revoke them. So after a user completes the flow, and you securely store their token, you would not need to worry about reauthentication. If your intention is to store the tokens in a central location and have your local app query it for the token on startup, your domain would need to be up and active. If you store the token locally, and use the desktop/CLI auth flow then that would not be required.

     

    Hope that helps,

     

    -Chuck

     

  • Hey SteveCr,

     

    Have you looked over the information in the Oauth guide here:
    https://www.dropbox.com/developers/reference/oauth-guide

    You're not required to have a redirect URL, but it will change the Oauth flow for your users (they'll get a code they need to pass to your app). This is typically done for desktop or CLI apps - it sounds like from your post of your application runs locally (primarily?) so take a look at the guide and determine which flow is the best for your use case.

     

    Tokens, once acquired, won't expire unless you explicitly revoke them. So after a user completes the flow, and you securely store their token, you would not need to worry about reauthentication. If your intention is to store the tokens in a central location and have your local app query it for the token on startup, your domain would need to be up and active. If you store the token locally, and use the desktop/CLI auth flow then that would not be required.

     

    Hope that helps,

     

    -Chuck

     

    • SteveCr's avatar
      SteveCr
      Explorer | Level 4

      Hi Chuck,

       

      Dropping the redirect_uri looks like something I can live with for now.

       

      Knowing that the received token is permanent until revoked is a big help, since it's just a one-time setup thing.

       

      Thanks,

      Steve

       

About Dropbox API Support & Feedback

Node avatar for Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.5,950 PostsLatest Activity: 2 days ago
351 Following

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!