Forum Discussion

martinkleinaustria's avatar
martinkleinaustria
Explorer | Level 4
5 years ago

OAuth Updates for an App for just One Single User (Developer is only user) required ?

I received a mail from Dropbox announcing the Oauth updates by Sept 2021. I have a very simple Single Page Java Script application - which runs in the browser not in node - and I use the Dropbox-sd...
Developers
martinkleinaustria's avatar
martinkleinaustria
Explorer | Level 4
5 years ago

Many thanks for the example. Unfortunatly I only now had time to try it.

My problem is that this example works with a redirect-url 'http://localhost:8080/pkce-browser".

Since I dont work with npm I dont have a local server with this url.

 

I run my single-page app simply in the browser without any npm installation.

So I would expect the example to do the authorisation with a "Code Verifier" that is generated in the app and not

returned via a redirect-url.

 
But maybe I still do not understand the whole concept.
 
I have a simple one-page html App and I am and well be the only user of this app.
 
Many thanks for your help
With kind regards
Martin Klein
Greg-DB's avatar
Greg-DB
Icon for Dropbox Community Moderator rankDropbox Community Moderator
5 years ago

I'm not sure I totally understand your latest message. Can you elaborate on what you currently need help with? What exactly are you currently trying to do and what are you stuck on? (Even if you can't run the new example via a local server, it can still serve as a reference for the JavaScript code you would need to run to implement the new OAuth flow.)

  • martinkleinaustria's avatar
    martinkleinaustria
    Explorer | Level 4
    5 years ago

    I want to rework my existing very simple App that was based on the provided download example of the SDK to use the new authentication.

    The provided new example that you suggested to me uses a local
    server at the localhost domain listening to process messages on port 8080.

    The whole code is written around this functionality. It receives the access token via this callback.

    So my problem is that I cannot use this example since I have no local host because I dont use npm.


    Might be that there is no solution for my simple case. Propably I would need a local server for the new authentication and therefore would need a npm environment.
    But then dropbox in the future is no solution for a pure browser environment without npm.
    But this should then be clearly stated in the documentation.
    With kind regards
    Martin Klein

    • Greg-DB's avatar
      Greg-DB
      Icon for Dropbox Community Moderator rankDropbox Community Moderator
      5 years ago

      While our sample does run a local server using npm/node, npm/node is not the only option. You have your choice of server for your own app. You don't need to use npm/node in particle to integrate with the Dropbox API using the JavaScript SDK in the browser.

       

      Also, the new authorization system does not actually change the requirements on authorization flow itself, such as redirect URIs. You still have the same options as before. For instance:

      • if this is only for your own use, you can still manually input your own access token and now optionally refresh token without processing the OAuth flow each time
      • if you do implement the OAuth flow, you still are not required to use a redirect URI. With the "code" flow, a redirect URI is still optional; if you don't use one the user just has to manually copy and paste the returned authorization code into the app

      It sounds like in your case you probably just want to process the OAuth flow manually once for your own account to get a refresh token (redirect URI not required) and then plug the resulting refresh token in to the Dropbox constructor, along with the other parameters.

      • martinkleinaustria's avatar
        martinkleinaustria
        Explorer | Level 4
        5 years ago

        I tried now your first suggestion:

        • if this is only for your own use, you can still manually input your own access token and now optionally refresh token without processing the OAuth flow each time

        So in the Dropbox App Console I requested a Short Term Access Token (Short Term because the never ending one will disappear in the future). I inserted this manually in your sample code and of course that worked - but only for around 10 hours. Then I received a 401 error on the file list call.

         

        So this means that I would have to do this manual request of a new access token basically every new day I use the app. Not really a solution !

         

        But during the next days I will try your second suggestion and come back to you.

        With kind regards

        Martin Klein

About Discuss Dropbox Developer & API

Node avatar for Discuss Dropbox Developer & API
Make connections with other developers

The Dropbox Community team is active from Monday to Friday. We try to respond to you as soon as we can, usually within 2 hours.

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X, Facebook or Instagram.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!