<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: OAuth options for Windows desktop apps in Dropbox API Support &amp; Feedback</title>
    <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/OAuth-options-for-Windows-desktop-apps/m-p/489206#M24494</link>
    <description>&lt;P&gt;Thanks for the feedback! I'll pass this along to the team to see if we can offer a simpler and more lightweight option in the future.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;As it stands, the only official resources I can offer are &lt;A href="https://dropbox.github.io/dropbox-sdk-dotnet/html/T_Dropbox_Api_DropboxOAuth2Helper.htm" target="_self"&gt;the .NET SDK documentation&lt;/A&gt; and &lt;A href="https://github.com/dropbox/dropbox-sdk-dotnet/tree/main/dropbox-sdk-dotnet/Examples" target="_self"&gt;examples&lt;/A&gt;.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Alternatively, note that a redirect_uri isn't strictly required by &lt;A href="https://www.dropbox.com/developers/documentation/http/documentation#authorization" target="_self"&gt;the OAuth 2 flow&lt;/A&gt; when using 'response_type=code', so one option would be to omit that in which case the user would copy/paste the authorization code manually.&lt;/P&gt;</description>
    <pubDate>Thu, 21 Jan 2021 16:07:20 GMT</pubDate>
    <dc:creator>Greg-DB</dc:creator>
    <dc:date>2021-01-21T16:07:20Z</dc:date>
    <item>
      <title>OAuth options for Windows desktop apps</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/OAuth-options-for-Windows-desktop-apps/m-p/489026#M24492</link>
      <description>&lt;P&gt;I notice that the Dropbox API has now officially dropped support for Internet Explorer, which means that any Windows desktop application that integrates with Dropbox is now faced with an uphill battle:&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Previously, we could just use the Internet Explorer-based WebBrowser ActiveX control, which allowed us to hook into navigation events and parse the access token after the user completed the authentication/authorization process.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;It looks like the only option available to us now is for our desktop applications to host an entire HTTP server and listen for requests to the redirect URI. The Dropbox API includes a C# example that does this using the &lt;STRONG&gt;HttpListener&lt;/STRONG&gt; class. This uses &lt;STRONG&gt;http.sys&lt;/STRONG&gt;, which (since Windows Vista) requires either an elevated process, or for a URL reservation to be made by an elevated user. Does the Dropbox team seriously expect desktop apps to require admin privileges in order to handle the OAuth flow?&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Realistically, what are the options for handling OAuth in Windows desktop apps now? Hosting an HTTP server locally is hugely inefficient and resource-intensive, particularly if additional third-party dependencies are needed in order to avoid using http.sys. Is there perhaps a way to use a custom URI scheme to handle the redirect URI from the user's web browser? Or any other&amp;nbsp;&lt;STRONG&gt;lightweight&lt;/STRONG&gt; alternative?&lt;/P&gt;</description>
      <pubDate>Thu, 21 Jan 2021 14:04:01 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/OAuth-options-for-Windows-desktop-apps/m-p/489026#M24492</guid>
      <dc:creator>Bradley_Smith</dc:creator>
      <dc:date>2021-01-21T14:04:01Z</dc:date>
    </item>
    <item>
      <title>Re: OAuth options for Windows desktop apps</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/OAuth-options-for-Windows-desktop-apps/m-p/489206#M24494</link>
      <description>&lt;P&gt;Thanks for the feedback! I'll pass this along to the team to see if we can offer a simpler and more lightweight option in the future.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;As it stands, the only official resources I can offer are &lt;A href="https://dropbox.github.io/dropbox-sdk-dotnet/html/T_Dropbox_Api_DropboxOAuth2Helper.htm" target="_self"&gt;the .NET SDK documentation&lt;/A&gt; and &lt;A href="https://github.com/dropbox/dropbox-sdk-dotnet/tree/main/dropbox-sdk-dotnet/Examples" target="_self"&gt;examples&lt;/A&gt;.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Alternatively, note that a redirect_uri isn't strictly required by &lt;A href="https://www.dropbox.com/developers/documentation/http/documentation#authorization" target="_self"&gt;the OAuth 2 flow&lt;/A&gt; when using 'response_type=code', so one option would be to omit that in which case the user would copy/paste the authorization code manually.&lt;/P&gt;</description>
      <pubDate>Thu, 21 Jan 2021 16:07:20 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/OAuth-options-for-Windows-desktop-apps/m-p/489206#M24494</guid>
      <dc:creator>Greg-DB</dc:creator>
      <dc:date>2021-01-21T16:07:20Z</dc:date>
    </item>
  </channel>
</rss>

