<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic OAuth authentication for offline application using .NET SDK in Discuss Dropbox Developer &amp; API</title>
    <link>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/OAuth-authentication-for-offline-application-using-NET-SDK/m-p/543870#M2141</link>
    <description>&lt;P&gt;Hi Guys,&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;I've been reading a lot of the Dropbox API documents to get OAuth2 authentication working for my offline Windows application using the .NET SDK. The 'OAuth Guide' was a great starting point and very helpful!&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;I've looked at the code from both these example projects: &lt;STRONG&gt;OAuth Basic&lt;/STRONG&gt; and &lt;STRONG&gt;OAuth PKCE&lt;/STRONG&gt;&lt;/P&gt;&lt;P&gt;These really helped me to understand it programmatically.&lt;/P&gt;&lt;P&gt;&lt;BR /&gt;&lt;U&gt;My snippet of code&lt;/U&gt;&lt;/P&gt;&lt;P&gt;&lt;EM&gt;Uri authorizeUri = DropboxOAuth2Helper.GetAuthorizeUri(OAuthResponseType.Code, ApiKey, redirectUri: (string) null, tokenAccessType: TokenAccessType.Offline);&lt;/EM&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;EM&gt;OAuth2Response tokenResult = await DropboxOAuth2Helper.ProcessCodeFlowAsync(authorizationCode, ApiKey, ApiSecret);&lt;/EM&gt;&lt;/P&gt;&lt;P&gt;&lt;BR /&gt;I noticed the returned value (a URI) didn't have an Authorization Code, but a URL (and other related items) to redirect to Dropbox to authenticate manually, i.e. non-offline.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;I then tried the non-overloaded method specifically for no-redirect authentication:&lt;/P&gt;&lt;P&gt;&lt;EM&gt;DropboxOAuth2Helper.GetAuthorizeUri(ApiKey)&lt;/EM&gt;&lt;/P&gt;&lt;P&gt;Again it returned a URI containing a URL (and other related items) for redirect (i.e. non-offline) authentication.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Now, I'm thinking this method DropboxOAuth2Helper.GetAuthorizeUri() doesn't handle offline authentication. Or I must be doing something very wrong.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Going back to the documentation, and re-reading the 'OAuth Guide' (&lt;A href="https://developers.dropbox.com/oauth-guide" target="_blank" rel="noopener"&gt;https://developers.dropbox.com/oauth-guide&lt;/A&gt;), I came across the following paragraph:&lt;/P&gt;&lt;P&gt;&lt;EM&gt;Applications that require offline access to the API - meaning using the API when the end user is not actively interacting through your app - will not be able to prompt for re-authorization. These apps may instead use long-lived refresh tokens can be used to obtain new access tokens.&lt;/EM&gt;&lt;/P&gt;&lt;P&gt;&lt;BR /&gt;So this document tells me I am able to fetch a long-lived &lt;EM&gt;refresh token&lt;/EM&gt;, then fetch consecutive short-lived (sl-) &lt;EM&gt;access tokens&lt;/EM&gt; as I go.&lt;/P&gt;&lt;P&gt;But I am now unsure how to do this using the .NET SDK? (I'd rather not use HTTP calls and stick to the .NET SDK).&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Can someone please provide a snippet of code to show how this can be done, please. Or point me in the right direction. I have spent 3 days on this, which isn't too frustrating as I have learnt a lot about the Dropbox API.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Thanks.&lt;/P&gt;</description>
    <pubDate>Thu, 09 Sep 2021 03:13:24 GMT</pubDate>
    <dc:creator>dotNET_Guy</dc:creator>
    <dc:date>2021-09-09T03:13:24Z</dc:date>
    <item>
      <title>OAuth authentication for offline application using .NET SDK</title>
      <link>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/OAuth-authentication-for-offline-application-using-NET-SDK/m-p/543870#M2141</link>
      <description>&lt;P&gt;Hi Guys,&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;I've been reading a lot of the Dropbox API documents to get OAuth2 authentication working for my offline Windows application using the .NET SDK. The 'OAuth Guide' was a great starting point and very helpful!&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;I've looked at the code from both these example projects: &lt;STRONG&gt;OAuth Basic&lt;/STRONG&gt; and &lt;STRONG&gt;OAuth PKCE&lt;/STRONG&gt;&lt;/P&gt;&lt;P&gt;These really helped me to understand it programmatically.&lt;/P&gt;&lt;P&gt;&lt;BR /&gt;&lt;U&gt;My snippet of code&lt;/U&gt;&lt;/P&gt;&lt;P&gt;&lt;EM&gt;Uri authorizeUri = DropboxOAuth2Helper.GetAuthorizeUri(OAuthResponseType.Code, ApiKey, redirectUri: (string) null, tokenAccessType: TokenAccessType.Offline);&lt;/EM&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;EM&gt;OAuth2Response tokenResult = await DropboxOAuth2Helper.ProcessCodeFlowAsync(authorizationCode, ApiKey, ApiSecret);&lt;/EM&gt;&lt;/P&gt;&lt;P&gt;&lt;BR /&gt;I noticed the returned value (a URI) didn't have an Authorization Code, but a URL (and other related items) to redirect to Dropbox to authenticate manually, i.e. non-offline.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;I then tried the non-overloaded method specifically for no-redirect authentication:&lt;/P&gt;&lt;P&gt;&lt;EM&gt;DropboxOAuth2Helper.GetAuthorizeUri(ApiKey)&lt;/EM&gt;&lt;/P&gt;&lt;P&gt;Again it returned a URI containing a URL (and other related items) for redirect (i.e. non-offline) authentication.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Now, I'm thinking this method DropboxOAuth2Helper.GetAuthorizeUri() doesn't handle offline authentication. Or I must be doing something very wrong.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Going back to the documentation, and re-reading the 'OAuth Guide' (&lt;A href="https://developers.dropbox.com/oauth-guide" target="_blank" rel="noopener"&gt;https://developers.dropbox.com/oauth-guide&lt;/A&gt;), I came across the following paragraph:&lt;/P&gt;&lt;P&gt;&lt;EM&gt;Applications that require offline access to the API - meaning using the API when the end user is not actively interacting through your app - will not be able to prompt for re-authorization. These apps may instead use long-lived refresh tokens can be used to obtain new access tokens.&lt;/EM&gt;&lt;/P&gt;&lt;P&gt;&lt;BR /&gt;So this document tells me I am able to fetch a long-lived &lt;EM&gt;refresh token&lt;/EM&gt;, then fetch consecutive short-lived (sl-) &lt;EM&gt;access tokens&lt;/EM&gt; as I go.&lt;/P&gt;&lt;P&gt;But I am now unsure how to do this using the .NET SDK? (I'd rather not use HTTP calls and stick to the .NET SDK).&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Can someone please provide a snippet of code to show how this can be done, please. Or point me in the right direction. I have spent 3 days on this, which isn't too frustrating as I have learnt a lot about the Dropbox API.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Thanks.&lt;/P&gt;</description>
      <pubDate>Thu, 09 Sep 2021 03:13:24 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/OAuth-authentication-for-offline-application-using-NET-SDK/m-p/543870#M2141</guid>
      <dc:creator>dotNET_Guy</dc:creator>
      <dc:date>2021-09-09T03:13:24Z</dc:date>
    </item>
    <item>
      <title>Re: OAuth authentication for offline application using .NET SDK</title>
      <link>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/OAuth-authentication-for-offline-application-using-NET-SDK/m-p/543955#M2142</link>
      <description>&lt;P&gt;Use of a redirect URI is optional, and you can still request offline access to get a refresh token back without using a redirect URI. When not using a redirect URI, the user would just need to manually copy/paste the authorization code into the app.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;You can do that like this:&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;First, get the authorization URL, requesting offline access, like:&lt;/P&gt;
&lt;LI-CODE lang="csharp"&gt;var authorizeUri = DropboxOAuth2Helper.GetAuthorizeUri(oauthResponseType:OAuthResponseType.Code,
													   clientId: AppKey,
													   redirectUri: (String)null,
													   state: state,
													   tokenAccessType: TokenAccessType.Offline,
													   scopeList: null,
													   includeGrantedScopes: IncludeGrantedScopes.None);&lt;/LI-CODE&gt;
&lt;P&gt;&amp;nbsp;Open that in the user's browser, such as like in the example:&lt;/P&gt;
&lt;LI-CODE lang="csharp"&gt;System.Diagnostics.Process.Start(authorizeUri.ToString());&lt;/LI-CODE&gt;
&lt;P&gt;Have the user copy/paste the code into your app. This can be via your UI, but for the sake of example, this is how a console app might do this:&lt;/P&gt;
&lt;LI-CODE lang="csharp"&gt;var code = Console.ReadLine();&lt;/LI-CODE&gt;
&lt;P&gt;Finish the process by exchanging the authorization code:&lt;/P&gt;
&lt;LI-CODE lang="csharp"&gt;var tokenResult = await DropboxOAuth2Helper.ProcessCodeFlowAsync(code: code, appKey: AppKey, appSecret: AppSecret, redirectUri: null);&lt;/LI-CODE&gt;
&lt;P&gt;(Note that this is the non-PKCE flow, for server-side apps. For the PKCE flow, for client-side apps, a code challenge/verifier is used instead of the app secret.)&lt;/P&gt;
&lt;P&gt;Then you can make a client using the resulting credentials:&lt;/P&gt;
&lt;LI-CODE lang="csharp"&gt;var client = new DropboxClient(appKey: AppKey,
                      appSecret: AppSecret,
                      oauth2AccessToken: tokenResult.AccessToken,
                      oauth2RefreshToken: tokenResult.RefreshToken,
                      oauth2AccessTokenExpiresAt: tokenResult.ExpiresAt.Value);&lt;/LI-CODE&gt;
&lt;P&gt;The SDK will automatically perform the refresh process for you when needed when using a client with the necessary credentials like this.&lt;/P&gt;</description>
      <pubDate>Thu, 09 Sep 2021 13:56:05 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/OAuth-authentication-for-offline-application-using-NET-SDK/m-p/543955#M2142</guid>
      <dc:creator>Greg-DB</dc:creator>
      <dc:date>2021-09-09T13:56:05Z</dc:date>
    </item>
    <item>
      <title>Re: OAuth authentication for offline application using .NET SDK</title>
      <link>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/OAuth-authentication-for-offline-application-using-NET-SDK/m-p/544053#M2144</link>
      <description>&lt;P&gt;Thank you very much Greg. It now works for my Windows console app!&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;(The redirect code snippets in the OauthBasic and OAuthPKCE examples had thrown me off).&lt;/P&gt;&lt;P&gt;&lt;BR /&gt;So there is some level of manual intervention still required during the authentication process, i.e. Visit a Dropbox web page, then copy &amp;amp; paste the authentication code.&lt;/P&gt;&lt;P&gt;&lt;BR /&gt;After this it should all the automated, e.g. the refresh token should last forever (unless revoked), and the .NET SDK would automatically fetch subsequent short-lived (sl-) access tokens behind-the-scenes.&lt;/P&gt;&lt;P&gt;&lt;BR /&gt;For anyone programming with .NET (I'm using the most recent version .NET 5), I found the following line gave an exception (file specified could not be found):&lt;/P&gt;&lt;LI-CODE lang="csharp"&gt;System.Diagnostics.Process.Start(authorizeUri.ToString());
&lt;/LI-CODE&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;I had to include the executable WITH a fully qualified path to launched a browser:&lt;/P&gt;&lt;LI-CODE lang="csharp"&gt;System.Diagnostics.Process.Start(@"C:\Program Files\Mozilla Firefox\firefox.exe", authorizeUri.ToString());&lt;/LI-CODE&gt;&lt;P&gt;&lt;BR /&gt;And Greg, I knew you would be answering this thread. Thanks for all the hard work you do in answering posts, it is much appreciated!&lt;/P&gt;</description>
      <pubDate>Fri, 10 Sep 2021 01:44:45 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/OAuth-authentication-for-offline-application-using-NET-SDK/m-p/544053#M2144</guid>
      <dc:creator>dotNET_Guy</dc:creator>
      <dc:date>2021-09-10T01:44:45Z</dc:date>
    </item>
  </channel>
</rss>

