I'm building an app in .net and accessing the app's folder for resources. So far everything is going smoothly, but i have no idea how to refresh the token in my app. I tried using the example code from OauthBasic from github, but i have a vague understanding of it and doesn't work for me. Would appreciate some help and guidance with it as i have no idea how to set it up. Thanks in advance.

Melisek wrote:... So far everything is going smoothly, but i have no idea how to refresh the token in my app. ...Hi Melisek,As far as you have set/constructed your Dropbox client object properly (as shown in all examples - including basic), you wont need to refresh any token explicitly. The client object does take care and refresh whenever need without your explicit action/instruction. 😉 That's it. Do you provide the refresh token every time new client object brings up or... not exactly? 🧐Hope this gives direction.

As Здравко said, as long as you provide the required credentials, the Dropbox .NET SDK will handle the refresh process for you automatically. I see you've already mentioned the example of getting and using a refresh token in the OauthBasic example (non-PKCE, meant for server-side apps); there's also the OAuthPKCE example (PKCE, meant for client-side apps). Can you elaborate on what you mean when you say it "doesn't work" for you? What have you done so far, and what specifically isn't working and how?

When i run my app, the Run task is probably stopping at some point as when i try to acces dropbox files it throws out a NullReferenceException of the DropboxClient and i have no clue on how to get the refresh token. Also the ApiKey and ApiSecret are replaced in my code.Here is what i have inside my app so far:public partial class RWindow : Form { //Dropbox stuff private const string ApiKey = ""; private const string ApiSecret = ""; private const string LoopbackHost = "http://127.0.0.1:52475/"; // URL to receive OAuth 2 redirect from Dropbox server. // You also need to register this redirect URL on https://www.dropbox.com/developers/apps. private static readonly Uri RedirectUri = new Uri(LoopbackHost + "authorize"); // URL to receive access token from JS. private static readonly Uri JSRedirectUri = new Uri(LoopbackHost + "token"); static DropboxClient dbx; private List<string> fileNames = new List<string>(); private string folder; public RWindow() { InitializeComponent(); var task = Task.Run((Func<Task>)Run); task.Wait(); } static async Task Run() { DropboxCertHelper.InitializeCertPinning(); string[] scopeList = new string[3] { "files.metadata.read", "files.content.read", "account_info.read" }; var uid = await AcquireAccessToken(scopeList, IncludeGrantedScopes.None); if (string.IsNullOrEmpty(uid)) { return; } var httpClient = new HttpClient(new WebRequestHandler { ReadWriteTimeout = 10 * 1000 }) { Timeout = TimeSpan.FromMinutes(20) }; try { var config = new DropboxClientConfig("SimplePKCEOAuthApp") { HttpClient = httpClient }; dbx = new DropboxClient(Settings.Default.RefreshToken, ApiKey, config); await dbx.RefreshAccessToken(scopeList); await AcquireAccessToken(scopeList, IncludeGrantedScopes.User); dbx = new DropboxClient(Settings.Default.AccessToken, Settings.Default.RefreshToken, ApiKey, ApiSecret, config); } catch (HttpException e) { Debug.WriteLine("Exception reported from RPC layer"); Debug.WriteLine(" Status code: {0}", e.StatusCode); Debug.WriteLine(" Message : {0}", e.Message); if (e.RequestUri != null) { Debug.WriteLine(" Request uri: {0}", e.RequestUri); } } } private static async Task HandleOAuth2Redirect(HttpListener http) { var context = await http.GetContextAsync(); // We only care about request to RedirectUri endpoint. while (context.Request.Url.AbsolutePath != RedirectUri.AbsolutePath) { context = await http.GetContextAsync(); } context.Response.ContentType = "text/html"; // Respond with a page which runs JS and sends URL fragment as query string // to TokenRedirectUri. using (var file = File.OpenRead("index.html")) { file.CopyTo(context.Response.OutputStream); } context.Response.OutputStream.Close(); } private static async Task<Uri> HandleJSRedirect(HttpListener http) { var context = await http.GetContextAsync(); // We only care about request to TokenRedirectUri endpoint. while (context.Request.Url.AbsolutePath != JSRedirectUri.AbsolutePath) { context = await http.GetContextAsync(); } var redirectUri = new Uri(context.Request.QueryString["url_with_fragment"]); return redirectUri; } private static async Task<string> AcquireAccessToken(string[] scopeList, IncludeGrantedScopes includeGrantedScopes) { Settings.Default.Reset(); var accessToken = Settings.Default.AccessToken; var refreshToken = Settings.Default.RefreshToken; if (string.IsNullOrEmpty(accessToken)) { try { Debug.WriteLine("Waiting for credentials."); var state = Guid.NewGuid().ToString("N"); var authorizeUri = DropboxOAuth2Helper.GetAuthorizeUri(OAuthResponseType.Code, ApiKey, RedirectUri, state: state, tokenAccessType: TokenAccessType.Offline, scopeList: scopeList, includeGrantedScopes: includeGrantedScopes); var http = new HttpListener(); http.Prefixes.Add(LoopbackHost); http.Start(); System.Diagnostics.Process.Start(authorizeUri.ToString()); // Handle OAuth redirect and send URL fragment to local server using JS. await HandleOAuth2Redirect(http); // Handle redirect from JS and process OAuth response. var redirectUri = await HandleJSRedirect(http); var tokenResult = await DropboxOAuth2Helper.ProcessCodeFlowAsync(redirectUri, ApiKey, ApiSecret, RedirectUri.ToString(), state); accessToken = tokenResult.AccessToken; refreshToken = tokenResult.RefreshToken; var uid = tokenResult.Uid; Debug.WriteLine("Uid: {0}", uid); Debug.WriteLine("AccessToken: {0}", accessToken); if (tokenResult.RefreshToken != null) { Debug.WriteLine("RefreshToken: {0}", refreshToken); Settings.Default.RefreshToken = refreshToken; } if (tokenResult.ExpiresAt != null) { Debug.WriteLine("ExpiresAt: {0}", tokenResult.ExpiresAt); } if (tokenResult.ScopeList != null) { Debug.WriteLine("Scopes: {0}", String.Join(" ", tokenResult.ScopeList)); } Settings.Default.AccessToken = accessToken; Settings.Default.Uid = uid; Settings.Default.Save(); http.Stop(); return uid; } catch (Exception e) { Debug.WriteLine("Error: {0}", e.Message); return null; } } return null; } //Rest of my code that handles requesting and downloading files stored in the application. Works properly when using the generated short-lived token in app console. }

Also found this errorAn error occurred trying to start process 'https://www.dropbox.com/oauth2/authorize?response_type=code&client_id=XXXXXXXXXXXXXXX&redirect_uri=http%3A%2F%2F127.0.0.1%3A52475%2Fauthorize&state=a6a4da2fe0f44dfe91c14f6a0917c8ac&token_access_type=offline&scope=files.metadata.read files.content.read account_info.read' with working directory 'C:\Programming\C#\MelisekGameManager\MelisekGameManager\bin\Debug\net6.0-windows'. Can't find specified file.: Error: {0}

To clarify, are you seeing the NullReferenceException in addition to the "Can't find specified file" error, or are you no longer getting a NullReferenceException? Either way, is that the entirety of the error/output you're getting? Please be sure to share the whole error/output and whatever details you can if not, as it's not quite clear here. For example, if your IDE shows which line something is failing on, please show that. Anyway, it sounds like that "Can't find specified file" error is occurring when attempting to launch the authorization URL in the system browser, on the System.Diagnostics.Process.Start line, but is the authorization page actually launching in the browser or not? It's unclear why that would fail but it may depend on your particular environment. For example, it sounds similar to this issue.

Token refreshing C# | The Dropbox Community

35 Replies

Replies have been turned off for this discussion

Melisek
Explorer | Level 3
4 years ago
Replaced it and it's still the same (i added the path to the browser). Checked it on another browser just in case, and it persists on there too.
Здравко
Legendary | Level 20
4 years ago
If you mean the missing file, are you certain 'C:\Programming\C#\MelisekGameManager\MelisekGameManager\bin\Debug\net6.0-windows\index.html' exists? 🤔 Take a look.
Melisek
Explorer | Level 3
4 years ago
it doesn't exist there.
Melisek
Explorer | Level 3
4 years ago
Ok so i created the index.html in the project and included it into the build folder, and as of now opening still opens that 2 additional tabs for no reason, after completing oauth it opens the site, but the app window doesn't open.
I set up some breakpoints to test where the code stops, and it gets stuck on the AcquireAccessToken Task.
Melisek
Explorer | Level 3
4 years ago
Realized there was and index.html in the github repo so copied the code from it and now i get this exception on task.Wait:
System.AggregateException: „One or more errors occurred. (Method not found: 'Void System.Net.Http.HttpClientHandler.CheckDisposedOrStarted()'.)”
InternalException
MissingMethodException: Method not found: 'Void System.Net.Http.HttpClientHandler.CheckDisposedOrStarted()'.
Melisek
Explorer | Level 3
4 years ago
After some tinkering around i finally managed to get everything working! I removed the HttpClient and some lines that were not needed/unwanted and the app is running without any problems. I got the refresh token from the returned message and everything works fine without needing to authorize in the browser. Thank you for your time helping me.

Melisek

Explorer | Level 3

4 years ago

Actually i have one (probably) last question. Why does it throw out a AuthException: missing_scope/.. exception when downloading a file using dbx.Files.DownloadAsync. I'm refreshing for a new token with file.content.read permission as shown below, yet i can't download it. The result of RefreshAccessToken returns true.

I can also read file info like its name.

static async Task Run()
        {
            DropboxCertHelper.InitializeCertPinning();

            Settings.Default.RefreshToken = refreshToken;

            string[] scopeList = new string[3] { "files.metadata.read", "files.content.read", "account_info.read" };

            var config = new DropboxClientConfig("SimplePKCEOAuthApp");

            dbx = new DropboxClient(Settings.Default.AccessToken, Settings.Default.RefreshToken, ApiKey, ApiSecret, config);
            Debug.WriteLine(await dbx.RefreshAccessToken(scopeList));
        }

Greg-DB
Dropbox Community Moderator
4 years ago
A 'missing_scope' error indicates that while the app is permitted to use that scope, the particular access token you're using to make the API call does not have that scope granted. Also, be aware that just adding a scope to your app via the App Console does not retroactively grant that scope to existing access tokens.

That being the case, to make any API calls that require that scope, you'll need to get a new access token/refresh token with that scope. That is, you'll need to process the app authorization flow again, starting from GetAuthorizeUri, with the necessary scope specified. Just calling RefreshAccessToken with the added scope won't grant that scope, since you can't automatically get an access token with a scope not actually authorized by the user when creating that refresh token originally.

Refer to the OAuth Guide and authorization documentation for more information.
Melisek
Explorer | Level 3
4 years ago
Now i found out why two additional tabs were opening.
https://www.dropbox.com/oauth2/authorize?response_type=code&client_id=XXXXXXXX&redirect_uri=http%3A%2F%2F127.0.0.1%3A52475%2Fauthorize&state=XXXXX&token_access_type=offline&scope=files.metadata.read files.content.read account_info.read&code_challenge_method=S256&code_challenge=XXXX

The OauthFlow.GetauthorizeUri returned the url with spaces instead of + in the scopes.
Greg-DB
Dropbox Community Moderator
4 years ago
Melisek Thanks for pointing that out! I'll ask the team to fix that up.

Forum Discussion

Token refreshing C#

35 Replies

About Dropbox API Support & Feedback

Related Content

Get refresh token from access token?

Refresh Token Url

refresh token is malformed

Powershell Oauth2 Refresh Token

Refresh token generates an invalid access token?

Recent Discussions

/oauth2/authorize (code flow) redirects to http://www.dropbox.com/home instead of redirect_uri

Add id and .tag fields to DeletedMetadata in the API

Shared Link - Download in .NET

Dropbox API server root certificate changes for .Net

GetCurrentAccountAsync API Failing for some Team Members while using Impersonation