cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Update: Find information on Dropbox support during COVID-19 here
Close
cancel
Showing results for 
Search instead for 
Did you mean: 

Access token is not being accepted from local server

Explorer | Level 3

After successfully receiving an access token from the `oauth2/authorize` endpoint, I have attempted to submit the access token to `sharing/get_shared_link_metadata` along with the URL of a shared link. Several attempts have returned me with a 401 error. So I tried submitting an access token, which was generated from the app page, but with no success. However, when I copied/pasted my code to phpfiddle.com, the request returned successfully. So the issue seems to exist only in the request from my virtual server.

 

I have no clue what issue could exist in a request from a virtual server, so any help would be greatly appreciated.

 

12 Replies 12
Highlighted

Re: Access token is not being accepted from local server

Dropboxer
Dropboxer
Can you share your code and the full error response? Thanks in advance!
Highlighted

Re: Access token is not being accepted from local server

Explorer | Level 3

request:

public function getDropboxMetadata($url, $token)
{
	$ch = curl_init();

	curl_setopt($ch, CURLOPT_URL, 'https://api.dropboxapi.com/2/sharing/get_shared_link_metadata');
	curl_setopt($ch, CURLOPT_HTTPHEADER, [
		'Authorization: Bearer ' . $token,
		'Content-Type: application/json']);
	curl_setopt($ch, CURLOPT_POST, true);
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
	curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode(['url' => $url]));

	$result = curl_exec($ch);

	curl_close($ch);

	return $result;
}

 

response:

error: {
	code: 401,
	errors: {
		0: {
			domain: "global",
			location: "Authorization",
			locationType: "header",
			message: "Invalid Credentials",
			reason: "authError"
		}
	},
	message: "Invalid Credentials"
}
Highlighted

Re: Access token is not being accepted from local server

Dropboxer
Dropboxer
Thanks! I just tried this out, and it's working for me.

Are you sure you're passing in a valid access token? I recommend printing out the $token just before you set the headers. It should be a 64 character string consisting of letters, numbers, and some symbols.
Highlighted

Re: Access token is not being accepted from local server

Explorer | Level 3

My issue is not with the code itself, because I've received a successful response when I've used it on phpfiddle.com. My issue is that I'm getting an error response on my local virtual server, and I have no clue why. I am hoping you may have some insight.

Highlighted

Re: Access token is not being accepted from local server

Dropboxer
Dropboxer
That indicates that something is wrong with the API request when made from your server. You'll need to inspect the request being made on your server. Since you're getting a 401, it seems likely that there is an issue with the access token. More generally, if you can print out the actual HTTP request that would likely be helpful.

I'd be happy to take a look, but please don't post any output that contains an actual access token of course.
Highlighted

Re: Access token is not being accepted from local server

Explorer | Level 3

My process starts with a request for authorization:

 

function requestDropboxAuth()
{
    $url = 'https://www.dropbox.com/oauth2/authorize';
    $data = [
	'client_id' => '<client_id>',
	'redirect_uri' => 'https://domain.com/validate/dropbox',
	'response_type' => 'code'
    ];

    header('Location: ' . $url . '?' . http_build_query($data));
    die();
}

 

This redirects me to the provided URI, with the following in the URL's parameters: '?code=<code>'

 

I then grab the <code> and submit a request via JavaScript&colon;

 

function exchangeCodeForToken(code)
{
    if (code)
    {
	var xhr 	    = new XMLHttpRequest(),
	    oauth2Endpoint  = 'https://api.dropboxapi.com/oauth2/token',
	    clientId 	    = '<client_id>',
	    clientSecret    = '<client_secret>',
	    grantType 	    = 'authorization_code',
	    redirectUri     = location.origin + location.pathname;

	xhr.open('POST', oauth2Endpoint + '?code=' + code +
	    '&grant_type=' + grantType + '&redirect_uri=' + redirectUri +
	    '&client_id=' + clientId + '&client_secret=' + clientSecret);

	xhr.onreadystatechange = function(e)
	{
	    var response = JSON.parse(xhr.response);

	    if (xhr.readyState)
	    {
		if (xhr.status == 200 && response.access_token)
		{
		    localStorage.setItem('dropbox-auth', JSON.stringify(response));
		}
		else
		{
		    console.log('There was an error processing the token, another response was returned, or the token was invalid.');
		}
	    }
	};

	    xhr.send(null);
	}
}

 

The request headers from this are:

 

Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding:gzip, deflate, br
Accept-Language:en-US,en;q=0.9
Cache-Control:no-cache
Connection:keep-alive
Cookie: [long string]
Host:domain.com
Pragma:no-cache
Referer:https://domain.com
Upgrade-Insecure-Requests:1
User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36

 

I save the access token, and then submit it with:

 

function getDropboxMetadata($url, $token)
{
    $ch = curl_init();

    curl_setopt($ch, CURLOPT_URL, 'https://api.dropboxapi.com/2/sharing/get_shared_link_metadata');
    curl_setopt($ch, CURLOPT_HTTPHEADER, [
	'Authorization: Bearer ' . $token,
	'Content-Type: application/json']);
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode(['url' => $url]));

    $result = curl_exec($ch);

    curl_close($ch);

    return $result;
}

 

The request headers from this are:

 

Accept:application/json, text/javascript, */*; q=0.01
Accept-Encoding:gzip, deflate, br
Accept-Language:en-US,en;q=0.9
Cache-Control:no-cache
Connection:keep-alive
Content-Length:310
Content-Type:application/x-www-form-urlencoded; charset=UTF-8
Cookie: [long string]
Host:domain.com
Origin:https://domain.com
Pragma:no-cache
Referer:https://domain.com
User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36
X-Requested-WithMLHttpRequest
Highlighted

Re: Access token is not being accepted from local server

Dropboxer
Dropboxer
Can you print out the request, or at least the token, to see what's getting sent by this code?
Highlighted

Re: Access token is not being accepted from local server

Explorer | Level 3

I added request headers to my previous post, which follow each respective request.

 

Thanks for your help. Let me know if you need more info.

Highlighted

Re: Access token is not being accepted from local server

Dropboxer
Dropboxer
Thanks. That appears to the be headers for a web request though (to your own app?) and not for the API call itself.

Work Smarter with Dropbox

The way we work is changing. Share and discover new ways to work smarter with Dropbox in our community.

Sound good? Let's get started.
Who's talking

Top contributors to this post

What do Dropbox user levels mean?
Need more support?