Need to see if your shared folder is taking up space on your dropbox 👨💻? Find out how to check here.
Forum Discussion
Resfresh Token using c# code for Oauth2.0
Hi,
I need assisstance in Oauth2.0 usage.
After I generated token I have following properties
The moment that I do not understand is how to refresh token. Here I got ExpiredAt property that shows that this token will be expired.
Assuming that it is already expired, how I must refresh it ?
I checked provided samples of code
Will be correct if I make such verification for expiration of token
and if it expried I add this code ?
var client = new DropboxClient(Settings.Default.AccessToken, Settings.Default.RefreshToken, ApiKey, ApiSecret, config);await client.RefreshAccessToken(newScopes);var clientNew = new DropboxClient(Settings.Default.AccessToken, Settings.Default.RefreshToken, ApiKey, ApiSecret, config);
Thanks in advance
8 Replies
Hi Ivan_,
You don't have to perform any of the actions shown. Whenever such action has shown in some example, it's just to show how the refresh works (not that you have to use it)! Once you initialize/construct a client object using the credentials provided, the object itself will take care to refresh whenever needed. 😉 You don't need to do anything explicitly by yourself (other than just properly construct client object, together with the refresh token, and use it).
Hope this clarifies matter.
Ivan_ wrote:...
Currently I transfer only access token and it works
🤓 Really?! If it works, what actually you are asking for?! 🧐😁
You cannot expect when object is initialized with just access token it be able refresh somehow. 🤷 How such thing can happen? Impossible of course - the refresh token is required, at least! Even more, once refresh token is provided, the access token and expiration date become optional. Take a look here for instance. 😉 Depending on how exactly you have performed authentication flow (PKCE or not), you may need to add the application secret too.
Hope this helps.
Thanks
So, basically I need to this, am I right ?
var config = new DropboxClientConfig("SimplePKCEOAuthApp") { HttpClient = httpClient
};
var client = new DropboxClient(Settings.Default.RefreshToken, ApiKey, config);
I have performed authentication flow without PKCE.
I need to clarify 2 moments :
1) What is that parameter for config object : "SimplePKCEOAuthApp"?
Is that application console name ?
2)Is it enough to transfer only refresh token ? It looks strange, because we do not use access token with such approach
That is the way how I get access token
It is same way how I described it in that topic https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/How-to-programmatically-get-the-Authorization-code-without/td-p/626621 with which you helped me
Ivan_ wrote:...
var client = new DropboxClient(Settings.Default.RefreshToken, ApiKey, config);
I have performed authentication flow without PKCE.
...
Nope, skipping application secret is only possible while PKCE is in use.
Ivan_ wrote:...
1) What is that parameter for config object : "SimplePKCEOAuthApp"?
Is that application console name ?
...
No, it's just a free name (even non mandatory - i.e. you can skip it) describing somehow your application. You can put there "ARTY1", for instance, it normally match the application name. Follow this rule.
Ivan_ wrote:...
2)Is it enough to transfer only refresh token ? It looks strange, because we do not use access token with such approach
...
You are mixing different things! In previous discussion the topic was the code, not the token! (take care, in your code you are still mixing the names - might be that's why you got in confusion) Access token is enough by self to authenticate regular API call (or equivalent using any SDK), refrsh token on other side needs additional confirmations (least application' key, but in your case application' secret too) to be validated the usage.
ЗдравкоI am sorry for being not clear in my questions as you said the following : "You are mixing different things! In previous discussion the topic was the code, not the token! (take care, in your code you are still mixing the names - might be that's why you got in confusion)"
currently I successfully get token and the code.
Now I need to clarify this moment about refreshing the token. As you told in first reply, DropBox does everything without me. So, for uploading files, how I need to constrct the client object in authentication flow without PKCE ?
Hmm... 🤔 I don't know what more to say.
Ok, let's take a look how the things happen on lower (API) level, when you need to do everything yourself. Take a look on this thread. Yes, the client object can do everything mentioned there for you, but it needs the same info (the one you would need)! What info is needed for performing refresh, as described in referred thread? 🙂 Take a look back in your code and keep in mind that the same algorithm is 'embedded' there.
Hope this sheds some light.
- Greg-DB
Dropbox Community Moderator
Ivan_ Здравко is correct; as long as you provide the necessary credentials (refresh token, app key, and app secret if you didn't use PKCE, or just refresh token and app key if you did use PKCE), then the Dropbox .NET SDK client will handle the refresh process for you automatically (that is, it will automatically retrieve and use a new short-lived access token whenever needed). You should store and re-use the refresh token (it doesn't expire automatically), and construct the client as shown in the examples, e.g., here in this example for the non-PKCE scenario. You don't actually need to call RefreshAccessToken yourself.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
