cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Want to learn some quick and useful tips to make your day easier? Check out how Calvin uses Replay to get feedback from other teams at Dropbox here.

Discuss Dropbox Developer & API

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: Gettng a refresh token from GetAuthorizeUri

Gettng a refresh token from GetAuthorizeUri

phunction
Explorer | Level 4
Go to solution

Hi, I am trying to convert my .net code (used for the old non expiring tokens) to get a refresh token.

In this part:

var authorizeUri = DropboxOAuth2Helper.GetAuthorizeUri(OAuthResponseType.Token, appKey, new Uri(RedirectUri), this.oauth2State);

 

Where do I specify looking for an offline request? (token_access_type=offline)

 

Thanks

1 Accepted Solution

Accepted Solutions

Здравко
Legendary | Level 20
Go to solution

@phunction wrote:

...  Is there a way they can just authorize my app so I don't have to deal with the login part? ...


@phunction  take a look on the line where refresh token is referred to. Once you got to this token, next time you can skip actual login part and process directly the client creation. Owning the token keeps you (your application actually) logged in corresponding account, where you have logged in already before. 😉

 

@Greg-DB  may be a good idea new feature providing serialization/deserialization of current client tokens status. This would provide an easier way for managing most recent state (keep/restore). Is .NET SDK the only kit that missing this feature? 🤔

View solution in original post

10 Replies 10

Здравко
Legendary | Level 20
Go to solution

Hi @phunction,

Good reference point could be one of the examples. On the enlightened line take a look at "tokenAccessType: TokenAccessType.Offline". 😉

Hope this helps.

phunction
Explorer | Level 4
Go to solution

Thanks, I am trying to use this in Xamarin.iOS using a webview. I am unable to find any examples of this when it comes to getting a refresh token (offline access type), it works fine the older way but that of course only gives the very temporary token.

Any hints would be appreciated.

 

I guess my main goal is how do I present a login screen in my app so the user can login to dropbox and I can then use that to get the refresh token.  Is there a way they can just authorize my app so I don't have to deal with the login part? Since they already logged into the actual drop box app.

Greg-DB
Dropbox Staff
Go to solution

@phunction As Здравко indicated, setting tokenAccessType: TokenAccessType.Offline on GetAuthorizeUri is the right way to request offline access in order to get a refresh token, as shown in the example they linked to. You can find the full options for GetAuthorizeUri in the documentation.

 

Also, please note that unfortunately the Dropbox .NET SDK isn't officially supported for Xamarin, but I'll pass this along as a feature request. I can't promise if or when that might be implemented though.

 

In any case, the OAuth app authorization flow should be processed in the user's system browser, not a web view. See here for more information: https://www.dropbox.com/developers/documentation/http/documentation#oauth2-authorize

Здравко
Legendary | Level 20
Go to solution

@phunction wrote:

...  Is there a way they can just authorize my app so I don't have to deal with the login part? ...


@phunction  take a look on the line where refresh token is referred to. Once you got to this token, next time you can skip actual login part and process directly the client creation. Owning the token keeps you (your application actually) logged in corresponding account, where you have logged in already before. 😉

 

@Greg-DB  may be a good idea new feature providing serialization/deserialization of current client tokens status. This would provide an easier way for managing most recent state (keep/restore). Is .NET SDK the only kit that missing this feature? 🤔

phunction
Explorer | Level 4
Go to solution

Thanks for the help, I am now able to get the refresh token, but I am unable to list files.

 

I normally listed the files like this:

DropboxClient dbx = new DropboxClient(szToken);  <-  previous just using access token

var list = await dbx.Files.ListFolderAsync(string.Empty);

 

I changed this part:

DropboxClient dbx = new DropboxClient(szRefreshToken,appKey);

but when I try the dbx.Files I get an exception of: "Response status code does not indicate success: 400 (Bad Request)."

 

What am I missing?

Здравко
Legendary | Level 20
Go to solution

@phunction wrote:

...

I changed this part:

DropboxClient dbx = new DropboxClient(szRefreshToken,appKey);

...


Hi @phunction,

What type of authentication flow have you selected in your application? 🤔 Take in mind that constructor overriding, used by you, is applicable only with PKCE flow! If you are using something else, on access token request Dropbox expects the application secret too. 😉

Does this fix your last issue?

phunction
Explorer | Level 4
Go to solution

Thanks, adding the app secret to the client request worked.

When you say what authentication flow I have selected, do you mean in the dropbox app console?

I am unable to find a setting for that.

Здравко
Legendary | Level 20
Go to solution

No, no,... That's not a setting either on your application in console or anything else. It's the workflow on authorization supported by Dropbox and selected by you eventually. As an example, again on the same file, take a look here. You can see example of PKCE usage. You have used something similar on initial authentication. 🤔 What actually? 🧐 That's it. 😉

Hope this clarifies matter.

phunction
Explorer | Level 4
Go to solution

Interesting, I don't actually specify that, I am using whatever this uses:

DropboxOAuth2Helper.GetAuthorizeUri

But I have not been able to find what that is defaulting to.

 

Also, just to double check, once I have the refresh token, I just need to keep reusing that and it will not expire for a while?

Need more support?