Forum Discussion

PSMDanny's avatar
PSMDanny
Explorer | Level 3
7 years ago

php Authentication issues

Hi, Hoping to get a helping hand here. So this is the story. I try to authenticate from localhost (MAMP)

1. trouble when the user allows access and I look in the connected apps of that user I see "No access - App folder deleted (Pending)" on access type. Wondering if this has something to do with the next issue
2. when trying to get the user token it says: {"error_description": "No auth function available for given request", "error": "invalid_request"}

So this is my (testing code):

<p><a href="https://www.dropbox.com/oauth2/authorize?client_id=MY_APPS__APP-KEY&response_type=code&state=12345&redirect_uri=http://localhost:8888/dropbox/dropbox.php">Click here to grant access to our application</a></p>

<?php
$auth = 'MY_ACCESS_TOKEN';
    if (isset($_GET['code']) && $_GET['code'] != '' ) {
        $user_code = $_GET['code'];
    }
    echo "User code = " .$user_code . "<br />";
    if (isset($user_code)) {
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
        curl_setopt($ch, CURLOPT_HTTPHEADER, array('Authorization: Bearer ' . $auth, 'Content-Type: application/x-www-form-urlencoded'));
        curl_setopt($ch, CURLOPT_URL, "https://api.dropboxapi.com/oauth2/token");
        curl_setopt($ch, CURLOPT_POSTFIELDS, array('code'=> $user_code, 'client_id' => "MY_APPS_APP_KEY", 'client_secret' => "MY_APPS_APP_SECRET", 'grant_type' => $user_code, 'redirect_uri' => 'http://localhost:8888/dropbox/dropbox.php'));
        $response = curl_exec($ch);
        
        echo $response;
        curl_close($ch);
        fclose($fp);
        echo "<br /><br /><br />";
    }
?>

Hope someone can shed a light on this. Thanks in advance

  • Greg-DB's avatar
    Greg-DB
    Icon for Dropbox Staff rankDropbox Staff

    Looking at your code, I notice a few things that need to be fixed:

     

    - The /oauth2/token endpoint is how you exchange an authorization code for an access token, so you shouldn't be supplying an access token to it. You are sending an access token in the Authorization header though. (If you already have an access token for the user, you don't need to process the authorization flow again.)

    - The 'grant_type' is supposed to be 'authorization_code'.

    - You need to encode your parameters, e.g., using `http_build_query` like:

     

    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query(array(...

     

    • PSMDanny's avatar
      PSMDanny
      Explorer | Level 3

      Hi Greg,

      Thanks for taking the time to try to help me out. If I follow this url:

      <a href="https://www.dropbox.com/oauth2/authorize?client_id=MY_APPS__APP-KEY&response_type=code&state=12345&redirect_uri=http://localhost:8888/dropbox/dropbox.php">

      I get back a code (that's the $user_code I'm refering to in my further code) to obtain an access token

      If I change the curl code to this (according to your suggestion):

      $ch = curl_init();
              curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
              curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
              curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
              curl_setopt($ch, CURLOPT_URL, "https://api.dropboxapi.com/oauth2/token");
              curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query(array('code'=> $user_code, 'client_id' => "MY_APPS_APP_KEY", 'client_secret' => "MY_APPS_APP_SECRET", 'authorization_code' => $user_code, 'redirect_uri' => 'http://localhost:8888/dropbox/dropbox.php')));
              $response = curl_exec($ch);

      I get the response:
      {"error": "invalid_client: Invalid client_id or client_secret"}

      The client_id and client_secret are taken from https://www.dropbox.com/developers/apps/info my aps page. Is there still something wrong in the curl code or am I missing something else?

      BTW If I use the url  from above to get access to the app, the app can bee seen in the personal account -> connected apps with message:
      Access Type - No access - App folder deleted (Pending)

      Is there also something wrong with auth url or is this normal behavior.

      Thanks again.

      Best Regards,
      Danny

       

       

      • PSMDanny's avatar
        PSMDanny
        Explorer | Level 3

        Some more information:

        I downloaded a php library called DropPHP entered my app key and app secret and I got the same error:
        "invalid_client: Invalid client_id or client_secret

        that made me think to create another app and try again with the new credentials. Guess what: it worked. So with the creation of my first app something must have gone wrong on dropbox's end with creating the right credentials (key and secret).

        So now I can continue my further development. Thanks for your time...!!!

About Dropbox API Support & Feedback

Node avatar for Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.5,950 PostsLatest Activity: 10 hours ago
351 Following

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!