cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community
English
Announcements
Want to learn some quick and useful tips to make your day easier? Check out how Calvin uses Replay to get feedback from other teams at Dropbox here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

OAuth2 access token request - Basic authentication not working

Labels:

OAuth2 access token request - Basic authentication not working

pineapps
Helpful | Level 5
‎01-05-2018 12:08 PM
Go to solution

I am trying to integrate Dropbox in my webservice. However I decided to use a direct integration instead of any APIs as I need a limited number of functions only and not used to code object orientated in PHP.

 

For any reason my authentication token handling is not working. I figured out, something is wrong with the basic authentifiation, as some other functions which should work with basic as well as bearer authentification do only work with the last one mentioned.

 

function dropboxAuthentication($code){

    global $authToken;
    $parameters['code']=$code;
    $parameters['grant_type']="authorization_code";
    $parameters['redirect_uri']="https://myurl.com/file.php";

    // Create the context for the request
    $context = stream_context_create(array(
        'http' => array(
            'method' => 'POST',
            'header' => 'Authorization: {Basic '.base64_encode("my app id:my app secret").'}\r\n'.
                'Content-Type: application/json\r\n',
            'content' => json_encode($parameters)
       )
    ));

    // Send the request
    $response = file_get_contents('https://api.dropboxapi.com/oauth2/token', FALSE, $context);

    // Check for errors
    if($response === FALSE){
        die('Error');
    }

    // Decode the response
    $result=json_decode($response, TRUE);
    return $result['code'];

}

 

The file accessed after the login calls the function with the temporary code given. The temporary code is received well.

 

The result is always 

Error

I checked the response code which is a HTTP Error 400.

 

 

Thank you very much for your support!

Labels:
  • 0 Likes
  • 6 Replies
  • 6,569 Views
0 Likes
1 Accepted Solution

Accepted Solutions

Greg-DB
Dropbox Staff
‎01-05-2018 01:36 PM
Go to solution

Thanks! The API is indicating that the request wasn't valid. This particular error message isn't too specific, but it seems to be indicating that the necessary information wasn't given.

 

Looking through your code, you appear to be sending the parameters as JSON. The /oauth2/token endpoint expects application/x-www-form-urlencoded POST parameters though (with the app key and secret in particular optionally sent in the Authorization header instead).

 

Please update your code to send the rest of the parameters as application/x-www-form-urlencoded POST parameters instead.

View solution in original post

6 Replies 6

Greg-DB
Dropbox Staff
‎01-05-2018 12:29 PM
Go to solution
What is the content of the body for 400 HTTP response? It should contain a more useful error message.
0 Likes

pineapps
Helpful | Level 5
‎01-05-2018 12:37 PM
Go to solution
Greg K. schrieb:
What is the content of the body for 400 HTTP response? It should contain a more useful error message.

For me however, this is not really useful:

 

I did a 

echo implode($http_response_header);

 

Returns

HTTP/1.1 400 Bad RequestServer: nginxDate: Fri, 05 Jan 2018 20:33:52 GMTContent-Type: application/jsonConnection: closeX-Dropbox-Request-Id: 864d06461b2bc9f132a4cfa44ca9f2a5X-Frame-Options: DENYContent-Security-Policy: sandbox; frame-ancestors 'none'X-Content-Type-Options: nosniffContent-Disposition: attachment; filename='error'

Maybe, this is more usefull for you 🙂 Thank you in advance!

0 Likes

Greg-DB
Dropbox Staff
‎01-05-2018 12:45 PM
Go to solution
That appears to be the response headers only. Can you print the response body?
0 Likes

pineapps
Helpful | Level 5
‎01-05-2018 12:52 PM
Go to solution
Greg K. schrieb:
That appears to be the response headers only. Can you print the response body?

I managed to get additional information from the HTTP request:

 

{"url":"https:\/\/api.dropboxapi.com\/oauth2\/token","content_type":"application\/json","http_code":400,"header_size":385,"request_size":350,"filetime":-1,"ssl_verify_result":0,"redirect_count":0,"total_time":0.287188,"namelookup_time":0.004172,"connect_time":0.018384,"pretransfer_time":0.053378,"size_upload":23,"size_download":97,"speed_download":337,"speed_upload":80,"download_content_length":-1,"upload_content_length":23,"starttransfer_time":0.287049,"redirect_time":0,"redirect_url":"","primary_ip":"162.125.66.7","certinfo":[],"primary_port":443,"local_ip":"85.13.153.199","local_port":45981}

Last data received

{"error_description": "No auth function available for given request", "error": "invalid_request"}

 

0 Likes

Greg-DB
Dropbox Staff
‎01-05-2018 01:36 PM
Go to solution

Thanks! The API is indicating that the request wasn't valid. This particular error message isn't too specific, but it seems to be indicating that the necessary information wasn't given.

 

Looking through your code, you appear to be sending the parameters as JSON. The /oauth2/token endpoint expects application/x-www-form-urlencoded POST parameters though (with the app key and secret in particular optionally sent in the Authorization header instead).

 

Please update your code to send the rest of the parameters as application/x-www-form-urlencoded POST parameters instead.

pineapps
Helpful | Level 5
‎01-05-2018 02:12 PM
Go to solution
Greg K. schrieb:

Thanks! The API is indicating that the request wasn't valid. This particular error message isn't too specific, but it seems to be indicating that the necessary information wasn't given.

 

Looking through your code, you appear to be sending the parameters as JSON. The /oauth2/token endpoint expects application/x-www-form-urlencoded POST parameters though (with the app key and secret in particular optionally sent in the Authorization header instead).

 

Please update your code to send the rest of the parameters as application/x-www-form-urlencoded POST parameters instead.

This helps me very much!

 

I tried to fix this with a simple but dirty solution

$response = file_get_contents('https://my_app_id:my_app_key@api.dropboxapi.com/oauth2/token', FALSE, http_build_query($parameters));

Which seems to be almost working (at least detects if I am missing parameters, so the authentication seems to work).

 

The result of the function http_build_query is 

code=authcodegoeshere&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fmydomain.com%2Ffile.php

and should be in the correct format.

 

The updated error says this:

:{"error_description": "unknown field \"var1\"", "error": "invalid_request"}

Thank you very much for your help!

 

Edit: Got it! Created a new complex function accessing the data with curl. Thank you very much for your help, this helped me very much!

0 Likes
Need more support?
Who's talking

Top contributors to this post

  • User avatar
    pineapps Helpful | Level 5
  • User avatar
    Greg-DB Dropbox Staff
What do Dropbox user levels mean?