RefreshToken is always expired android java Api

YousefElsayed · ‎09-03-2022

Hello ,
I am trying to save an Refreshtoken so I don't request from the user to login again , But every time i use the saved refreshtoken i get token expired error

Start Auth Code:

DbxRequestConfig config = DbxRequestConfig.newBuilder("AppName").build();

Auth.startOAuth2PKCE(this, DROPBOX_ACCOUNT_KEY,config);

How i retrieve the tokens:

@Override
protected void onResume() {
    super.onResume();
    if (Auth.getDbxCredential() != null){
        //DROPBOX_AUTH_KEY = Auth.getOAuth2Token();
        DROPBOX_AUTH_KEY = Auth.getDbxCredential().getRefreshToken();
        Log.d("Debug","ResultAuth Key: "+Auth.getOAuth2Token());
        Log.d("Debug","ResultAuth Refresh Key: "+Auth.getDbxCredential().getRefreshToken());
        sharedPreferences.edit().putString("dropBoxToken",Auth.getDbxCredential().getRefreshToken().toString()).apply();
    }
}

UploadCode:

DbxClientV2 client = new DbxClientV2(config,DROPBOX_AUTH_KEY);
//Upload Image
AsyncTask.execute(new Runnable() {
    @Override
    public void run() {
        try (InputStream in = new FileInputStream(filePath)) {
            FileMetadata metadata = client.files().uploadBuilder(PATH).withMode(WriteMode.OVERWRITE).uploadAndFinish(in);
        } catch (DbxException | IOException e) {
            Log.d("Debug", "DropBox Upload Error: " + e.getMessage());
            e.printStackTrace();
        }
    }

Error:
DropBox Upload Error: {"error_summary": "expired_access_token/

But always get Expired Token Error , Thanks

Здравко · ‎09-04-2022

Hmm... The examples could be better structured (sometime they're even confusing).

Ok... as a walk through: You can get the credential info in the same way you have done already, but store it as whole like here (or just get the idea from there about stringification and it's not mandatory to do direct write into a file). You can see all available constructors following the link I posted in my previous post. Good choice could be this one. Different examples for destringification are spread across all examples but you can take a look here (for instance). Again, you can use any supported source of information, not mandatory direct read from a file. Possible options to read start from here and possible options to write start here. I believe you can select whatever best match your application design and stick selected together. For some Android specific solutions (authentication through eventually installed Dropbox application) take a look on the corresponding example. 😉

Hope this helps.

View solution in original post

Здравко · ‎09-03-2022

Hmm...🤔 So, where you instantiated your client object, actually. Such an error should be on instantiation, but that part of the code is missing (it's not in the post)!

Whatever you have done, seems it's far from the optimal. The main part should be DbxCredential class object (without focus on its parts - they can change over time). That what you have done is opposite. Instead stringify only refresh token only (which itself is a string), you can stringify entire credentials object (in such a way including contained refresh token together with everything else). When you need to instantiate a client object, just do the opposite - instantiate back DbxCredential class object from saved string and use it on client instantiation. In such a way you code wont depend on changes in the implementation (like now). 😉 Be more object oriented (🙂 make your code actually).

Hope this gives direction.

YousefElsayed · ‎09-03-2022

Sorry, I didn't add the full upload code please check it now, The way the app works is after the first Auth i locally save the refreshtoken string i get from here

Auth.getDbxCredential().getRefreshToken();

After that in any other runs I get the token i saved locally and pass it to the client like this

DbxClientV2 client = new DbxClientV2(config,DROPBOX_AUTH_KEY);

But if i try to upload files i always get token expired error but if i understand well then the refresh token should never expire unless the user revoke the account access

Sorry but this is my first time dealing with Dropbox Api and the documentation does not explain well for android apps

Здравко · ‎09-04-2022

Hi again @YousefElsayed,

I would suggest usage of more descriptive var names to avoid different types of confusion. What actually means "DROPBOX_AUTH_KEY" here (for instance)? 🧐 Is it access token or refresh token??? 🤔

According to:

@YousefElsayed wrote:
...
Auth.getDbxCredential().getRefreshToken();
...

It should be refresh token, but if we take a look on:

@YousefElsayed wrote:

...

DbxClientV2 client = new DbxClientV2(config,DROPBOX_AUTH_KEY);

...

And taking into account the used constructor, it seems to be access token. 🤦🙋 Hope you understand what's wrong now. both access token and refresh token are strings, but they represent different things. From Java language point of view the construction is correct, but it's a logical error (refresh token is NOT valid access token)! You should use appropriate constructor, accepting refresh token, not something else. Or... as I mentioned before, don't cope into details, but use entire credentials object. The choice is yours. 😉 In any case/choice keep reading the documentation careful to avoid such errors.

Good luck.

YousefElsayed · ‎09-04-2022

Sorry but can you link the correct usage of refresh token in java ? Because i am using the refresh token as access token and you're right , the documentation does not include java auth and refresh token and the github java sample got removed so i am just trying and searching for old posts on the internet

Thanks anyway

Здравко · ‎09-04-2022

Hmm... The examples could be better structured (sometime they're even confusing).

Ok... as a walk through: You can get the credential info in the same way you have done already, but store it as whole like here (or just get the idea from there about stringification and it's not mandatory to do direct write into a file). You can see all available constructors following the link I posted in my previous post. Good choice could be this one. Different examples for destringification are spread across all examples but you can take a look here (for instance). Again, you can use any supported source of information, not mandatory direct read from a file. Possible options to read start from here and possible options to write start here. I believe you can select whatever best match your application design and stick selected together. For some Android specific solutions (authentication through eventually installed Dropbox application) take a look on the corresponding example. 😉

Hope this helps.

YousefElsayed · ‎09-05-2022

Thanks for the help ! the links you attached are helpful !

RefreshToken is always expired android java Api

RefreshToken is always expired android java Api

Top contributors to this post