<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: Short lived Tokens for Swift SDK in Dropbox API Support &amp; Feedback</title>
    <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Short-lived-Tokens-for-Swift-SDK/m-p/528879#M25609</link>
    <description>&lt;P&gt;Many thanks for the clarification!&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
    <pubDate>Thu, 24 Jun 2021 12:23:04 GMT</pubDate>
    <dc:creator>kungfuslippers</dc:creator>
    <dc:date>2021-06-24T12:23:04Z</dc:date>
    <item>
      <title>Short lived Tokens for Swift SDK</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Short-lived-Tokens-for-Swift-SDK/m-p/528642#M25604</link>
      <description>&lt;P&gt;Hi,&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;I've seen a few posts on short-lived tokens but wanted to be totally clear upon how they work.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;On my app settings page, I have Access Token Expiration set to 'Short Lived'. When I click on the more info button I see a pop-up with the following:&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;-"Short-lived access tokens will expire after 4 hours. A new short-lived access token will be issued when a user re-authenticates or you can request one by using your refresh token.&lt;/P&gt;&lt;P&gt;If you default to use short-lived tokens, the token generated on this page will also be short-lived.&lt;/P&gt;&lt;P&gt;Long-lived tokens are less secure and will be deprecated in the future."-&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;So after running:&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P class="p1"&gt;&lt;SPAN class="s1"&gt;let&lt;/SPAN&gt; scopeRequest = &lt;SPAN class="s2"&gt;ScopeRequest&lt;/SPAN&gt;(scopeType: .&lt;SPAN class="s3"&gt;user&lt;/SPAN&gt;, scopes: [&lt;SPAN class="s4"&gt;"files.metadata.read"&lt;/SPAN&gt;, &lt;SPAN class="s4"&gt;"files.metadata.write"&lt;/SPAN&gt;], includeGrantedScopes: &lt;SPAN class="s1"&gt;false&lt;/SPAN&gt;)&lt;/P&gt;&lt;P class="p2"&gt;&lt;SPAN class="s2"&gt;DropboxClientsManager&lt;/SPAN&gt;&lt;SPAN class="s5"&gt;.&lt;/SPAN&gt;authorizeFromControllerV2&lt;SPAN class="s5"&gt;(&lt;/SPAN&gt;&lt;/P&gt;&lt;P class="p3"&gt;UIApplication&lt;SPAN class="s5"&gt;.&lt;/SPAN&gt;shared&lt;SPAN class="s5"&gt;,&lt;/SPAN&gt;&lt;/P&gt;&lt;P class="p1"&gt;controller: &lt;SPAN class="s1"&gt;self&lt;/SPAN&gt;,&lt;/P&gt;&lt;P class="p1"&gt;loadingStatusDelegate: &lt;SPAN class="s1"&gt;nil&lt;/SPAN&gt;,&lt;/P&gt;&lt;P class="p1"&gt;openURL: { (url: &lt;SPAN class="s6"&gt;URL&lt;/SPAN&gt;) -&amp;gt; &lt;SPAN class="s6"&gt;Void&lt;/SPAN&gt; &lt;SPAN class="s1"&gt;in&lt;/SPAN&gt; &lt;SPAN class="s6"&gt;UIApplication&lt;/SPAN&gt;.&lt;SPAN class="s6"&gt;shared&lt;/SPAN&gt;.&lt;SPAN class="s7"&gt;open&lt;/SPAN&gt;( url, options: [:])},&lt;/P&gt;&lt;P class="p1"&gt;scopeRequest: scopeRequest&lt;/P&gt;&lt;P class="p1"&gt;)&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;The user will be prompted to login in / authorise via the Dropbox webview and if successful, the code flow returns via:&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P class="p1"&gt;&lt;SPAN class="s1"&gt;func&lt;/SPAN&gt; &lt;SPAN class="s2"&gt;scene&lt;/SPAN&gt;(&lt;SPAN class="s1"&gt;_&lt;/SPAN&gt; scene: &lt;SPAN class="s3"&gt;UIScene&lt;/SPAN&gt;, openURLContexts URLContexts: &lt;SPAN class="s3"&gt;Set&lt;/SPAN&gt;&amp;lt;&lt;SPAN class="s3"&gt;UIOpenURLContext&lt;/SPAN&gt;&amp;gt;) {&lt;/P&gt;&lt;P class="p1"&gt;&lt;SPAN class="s1"&gt;if&lt;/SPAN&gt; &lt;SPAN class="s1"&gt;let&lt;/SPAN&gt; url = URLContexts.&lt;SPAN class="s3"&gt;first&lt;/SPAN&gt;?.&lt;SPAN class="s3"&gt;url&lt;/SPAN&gt; {&lt;/P&gt;&lt;P class="p2"&gt;&amp;nbsp;&lt;/P&gt;&lt;P class="p1"&gt;&lt;SPAN class="s1"&gt;let&lt;/SPAN&gt; oauthCompletion: &lt;SPAN class="s4"&gt;DropboxOAuthCompletion&lt;/SPAN&gt; = {&lt;/P&gt;&lt;P class="p1"&gt;&lt;SPAN class="Apple-converted-space"&gt;&amp;nbsp; &lt;/SPAN&gt;&lt;SPAN class="s1"&gt;if&lt;/SPAN&gt; &lt;SPAN class="s1"&gt;let&lt;/SPAN&gt; authResult = $0 {&lt;/P&gt;&lt;P class="p1"&gt;&lt;SPAN class="Apple-converted-space"&gt;&amp;nbsp; &lt;/SPAN&gt;&lt;SPAN class="s1"&gt;switch&lt;/SPAN&gt; authResult {&lt;/P&gt;&lt;P class="p1"&gt;&lt;SPAN class="Apple-converted-space"&gt;&amp;nbsp; &lt;/SPAN&gt;&lt;SPAN class="s1"&gt;case&lt;/SPAN&gt; .&lt;SPAN class="s5"&gt;success&lt;/SPAN&gt;:&lt;/P&gt;&lt;P class="p3"&gt;&lt;SPAN class="s6"&gt;&lt;SPAN class="Apple-converted-space"&gt;&amp;nbsp; &lt;/SPAN&gt;&lt;/SPAN&gt;&lt;SPAN class="s7"&gt;print&lt;/SPAN&gt;&lt;SPAN class="s6"&gt;(&lt;/SPAN&gt;"Success! User is logged into DropboxClientsManager."&lt;SPAN class="s6"&gt;)&lt;/SPAN&gt;&lt;/P&gt;&lt;P class="p1"&gt;&lt;SPAN class="Apple-converted-space"&gt;&amp;nbsp; &lt;/SPAN&gt;&lt;SPAN class="s1"&gt;case&lt;/SPAN&gt; .&lt;SPAN class="s5"&gt;cancel&lt;/SPAN&gt;:&lt;/P&gt;&lt;P class="p3"&gt;&lt;SPAN class="s6"&gt;&lt;SPAN class="Apple-converted-space"&gt;&amp;nbsp; &lt;/SPAN&gt;&lt;/SPAN&gt;&lt;SPAN class="s7"&gt;print&lt;/SPAN&gt;&lt;SPAN class="s6"&gt;(&lt;/SPAN&gt;"Authorization flow was manually canceled by user!"&lt;SPAN class="s6"&gt;)&lt;/SPAN&gt;&lt;/P&gt;&lt;P class="p1"&gt;&lt;SPAN class="Apple-converted-space"&gt;&amp;nbsp; &lt;/SPAN&gt;&lt;SPAN class="s1"&gt;case&lt;/SPAN&gt; .&lt;SPAN class="s5"&gt;error&lt;/SPAN&gt;(&lt;SPAN class="s1"&gt;_&lt;/SPAN&gt;, &lt;SPAN class="s1"&gt;let&lt;/SPAN&gt; description):&lt;/P&gt;&lt;P class="p1"&gt;&lt;SPAN class="Apple-converted-space"&gt;&amp;nbsp; &lt;/SPAN&gt;&lt;SPAN class="s7"&gt;print&lt;/SPAN&gt;(&lt;SPAN class="s8"&gt;"Error: &lt;/SPAN&gt;\(&lt;SPAN class="s3"&gt;String&lt;/SPAN&gt;(describing: description))&lt;SPAN class="s8"&gt;"&lt;/SPAN&gt;)&lt;/P&gt;&lt;P class="p1"&gt;&lt;SPAN class="Apple-converted-space"&gt;&amp;nbsp; &lt;/SPAN&gt;}&lt;/P&gt;&lt;P class="p1"&gt;&lt;SPAN class="Apple-converted-space"&gt;&amp;nbsp; &lt;/SPAN&gt;}&lt;/P&gt;&lt;P class="p1"&gt;}&lt;/P&gt;&lt;P class="p1"&gt;&lt;SPAN class="s4"&gt;DropboxClientsManager&lt;/SPAN&gt;.&lt;SPAN class="s5"&gt;handleRedirectURL&lt;/SPAN&gt;(url, completion: oauthCompletion)&lt;/P&gt;&lt;P class="p2"&gt;&amp;nbsp;&lt;/P&gt;&lt;P class="p1"&gt;}&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;My questions are...&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;1. Does the token actually expire after 4 hours?&lt;/P&gt;&lt;P&gt;2. If it does - what APIs should I use to refresh?&lt;/P&gt;&lt;P&gt;3. If the short-lived tokens don't expire then can I assume that no further user interaction will be required to re-authorize / generate a new token - unless a call to DropboxClientsManager.unlinkClients() is made?&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Wed, 23 Jun 2021 10:37:41 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Short-lived-Tokens-for-Swift-SDK/m-p/528642#M25604</guid>
      <dc:creator>kungfuslippers</dc:creator>
      <dc:date>2021-06-23T10:37:41Z</dc:date>
    </item>
    <item>
      <title>Re: Short lived Tokens for Swift SDK</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Short-lived-Tokens-for-Swift-SDK/m-p/528724#M25606</link>
      <description>&lt;P&gt;1. Short-lived access tokens, such as retrieved by authorizeFromControllerV2, do expire after four hours. The authorizeFromControllerV2 method actually requests "offline" access though, so it receives a refresh token in addition to the short-lived access token.&lt;/P&gt;
&lt;P&gt;2. If you use authorizeFromControllerV2 &lt;A href="https://github.com/dropbox/SwiftyDropbox#begin-the-authorization-flow" target="_blank"&gt;as documented&lt;/A&gt;, the SDK will automatically perform the refresh process for you. It will get a new short-lived access token when needed; you don't need to implement anything for that yourself.&lt;/P&gt;
&lt;P&gt;3. While the short-lived access tokens themselves do expire, you are correct that, when implemented as above, no further user interaction is required (unless the access is explicitly disabled in some way, such as via unlinkClients) since the SDK will automatically perform a refresh when needed.&lt;/P&gt;</description>
      <pubDate>Wed, 23 Jun 2021 17:37:48 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Short-lived-Tokens-for-Swift-SDK/m-p/528724#M25606</guid>
      <dc:creator>Greg-DB</dc:creator>
      <dc:date>2021-06-23T17:37:48Z</dc:date>
    </item>
    <item>
      <title>Re: Short lived Tokens for Swift SDK</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Short-lived-Tokens-for-Swift-SDK/m-p/528879#M25609</link>
      <description>&lt;P&gt;Many thanks for the clarification!&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Thu, 24 Jun 2021 12:23:04 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Short-lived-Tokens-for-Swift-SDK/m-p/528879#M25609</guid>
      <dc:creator>kungfuslippers</dc:creator>
      <dc:date>2021-06-24T12:23:04Z</dc:date>
    </item>
  </channel>
</rss>

