Forum Discussion

martinkleinaustria's avatar
martinkleinaustria
Explorer | Level 4
5 years ago

OAuth Updates for an App for just One Single User (Developer is only user) required ?

I received a mail from Dropbox announcing the Oauth updates by Sept 2021. I have a very simple Single Page Java Script application - which runs in the browser not in node - and I use the Dropbox-sd...
Developers
martinkleinaustria's avatar
martinkleinaustria
Explorer | Level 4
5 years ago

Thanks for your reply.

If I understand you correctly in the future it would not be possible to generate access tokens in the App console ?

So I would be on the save side to switch to OAuth flow and in my case the PKCE method.

Could you please provide a PKCE example for my simple case.

The "download" example that is provided in the Javascript SDK would then also not work in the future because it also uses the pre-generated access-token so it must be reworked anyhow and I could then use this reworked "download" example for my app.

Unfortunatly the provided PKCE example in the SDK is based on node.js but my app runs just in the Browser. No server. No re-direct URL.

Many thanks for your support. Martin Klein

Greg-DB's avatar
Greg-DB
Icon for Dropbox Community Moderator rankDropbox Community Moderator
5 years ago

The App Console will continue to offer the ability to generate access tokens. (Currently, that includes both long-lived and short-lived access tokens. After the change, it will no longer offer long-lived access tokens.) It does not currently offer the ability to additionally generate refresh tokens though. We may add that in the future, but I can't guarantee that.

 

I don't believe we currently have an example of processing the PKCE flow in browser JavaScript, but I'll pass this along as a request for one. I can't promise if/when that might be implemented though. There is unfortunately currently an open bug with that though anyway.

    • martinkleinaustria's avatar
      martinkleinaustria
      Explorer | Level 4
      5 years ago

      Many thanks for the example. Unfortunatly I only now had time to try it.

      My problem is that this example works with a redirect-url 'http://localhost:8080/pkce-browser".

      Since I dont work with npm I dont have a local server with this url.

       

      I run my single-page app simply in the browser without any npm installation.

      So I would expect the example to do the authorisation with a "Code Verifier" that is generated in the app and not

      returned via a redirect-url.

       
      But maybe I still do not understand the whole concept.
       
      I have a simple one-page html App and I am and well be the only user of this app.
       
      Many thanks for your help
      With kind regards
      Martin Klein
      • Greg-DB's avatar
        Greg-DB
        Icon for Dropbox Community Moderator rankDropbox Community Moderator
        5 years ago

        I'm not sure I totally understand your latest message. Can you elaborate on what you currently need help with? What exactly are you currently trying to do and what are you stuck on? (Even if you can't run the new example via a local server, it can still serve as a reference for the JavaScript code you would need to run to implement the new OAuth flow.)

About Discuss Dropbox Developer & API

Node avatar for Discuss Dropbox Developer & API
Make connections with other developers

The Dropbox Community team is active from Monday to Friday. We try to respond to you as soon as we can, usually within 2 hours.

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X, Facebook or Instagram.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!