cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Back again with another edition of 'How we use Dropbox', so find out how Emma uses to-do lists to get it all done here!

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Access token is not being accepted from local server

Access token is not being accepted from local server

njclonch
Explorer | Level 3

After successfully receiving an access token from the `oauth2/authorize` endpoint, I have attempted to submit the access token to `sharing/get_shared_link_metadata` along with the URL of a shared link. Several attempts have returned me with a 401 error. So I tried submitting an access token, which was generated from the app page, but with no success. However, when I copied/pasted my code to phpfiddle.com, the request returned successfully. So the issue seems to exist only in the request from my virtual server.

 

I have no clue what issue could exist in a request from a virtual server, so any help would be greatly appreciated.

 

12 Replies 12

Re: Access token is not being accepted from local server

Greg-DB
Dropboxer
Can you share your code and the full error response? Thanks in advance!

Re: Access token is not being accepted from local server

njclonch
Explorer | Level 3

request:

public function getDropboxMetadata($url, $token)
{
	$ch = curl_init();

	curl_setopt($ch, CURLOPT_URL, 'https://api.dropboxapi.com/2/sharing/get_shared_link_metadata');
	curl_setopt($ch, CURLOPT_HTTPHEADER, [
		'Authorization: Bearer ' . $token,
		'Content-Type: application/json']);
	curl_setopt($ch, CURLOPT_POST, true);
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
	curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode(['url' => $url]));

	$result = curl_exec($ch);

	curl_close($ch);

	return $result;
}

 

response:

error: {
	code: 401,
	errors: {
		0: {
			domain: "global",
			location: "Authorization",
			locationType: "header",
			message: "Invalid Credentials",
			reason: "authError"
		}
	},
	message: "Invalid Credentials"
}

Re: Access token is not being accepted from local server

Greg-DB
Dropboxer
Thanks! I just tried this out, and it's working for me.

Are you sure you're passing in a valid access token? I recommend printing out the $token just before you set the headers. It should be a 64 character string consisting of letters, numbers, and some symbols.

Re: Access token is not being accepted from local server

njclonch
Explorer | Level 3

My issue is not with the code itself, because I've received a successful response when I've used it on phpfiddle.com. My issue is that I'm getting an error response on my local virtual server, and I have no clue why. I am hoping you may have some insight.

Re: Access token is not being accepted from local server

Greg-DB
Dropboxer
That indicates that something is wrong with the API request when made from your server. You'll need to inspect the request being made on your server. Since you're getting a 401, it seems likely that there is an issue with the access token. More generally, if you can print out the actual HTTP request that would likely be helpful.

I'd be happy to take a look, but please don't post any output that contains an actual access token of course.

Re: Access token is not being accepted from local server

njclonch
Explorer | Level 3

My process starts with a request for authorization:

 

function requestDropboxAuth()
{
    $url = 'https://www.dropbox.com/oauth2/authorize';
    $data = [
	'client_id' => '<client_id>',
	'redirect_uri' => 'https://domain.com/validate/dropbox',
	'response_type' => 'code'
    ];

    header('Location: ' . $url . '?' . http_build_query($data));
    die();
}

 

This redirects me to the provided URI, with the following in the URL's parameters: '?code=<code>'

 

I then grab the <code> and submit a request via JavaScript&colon;

 

function exchangeCodeForToken(code)
{
    if (code)
    {
	var xhr 	    = new XMLHttpRequest(),
	    oauth2Endpoint  = 'https://api.dropboxapi.com/oauth2/token',
	    clientId 	    = '<client_id>',
	    clientSecret    = '<client_secret>',
	    grantType 	    = 'authorization_code',
	    redirectUri     = location.origin + location.pathname;

	xhr.open('POST', oauth2Endpoint + '?code=' + code +
	    '&grant_type=' + grantType + '&redirect_uri=' + redirectUri +
	    '&client_id=' + clientId + '&client_secret=' + clientSecret);

	xhr.onreadystatechange = function(e)
	{
	    var response = JSON.parse(xhr.response);

	    if (xhr.readyState)
	    {
		if (xhr.status == 200 && response.access_token)
		{
		    localStorage.setItem('dropbox-auth', JSON.stringify(response));
		}
		else
		{
		    console.log('There was an error processing the token, another response was returned, or the token was invalid.');
		}
	    }
	};

	    xhr.send(null);
	}
}

 

The request headers from this are:

 

Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding:gzip, deflate, br
Accept-Language:en-US,en;q=0.9
Cache-Control:no-cache
Connection:keep-alive
Cookie: [long string]
Host:domain.com
Pragma:no-cache
Referer:https://domain.com
Upgrade-Insecure-Requests:1
User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36

 

I save the access token, and then submit it with:

 

function getDropboxMetadata($url, $token)
{
    $ch = curl_init();

    curl_setopt($ch, CURLOPT_URL, 'https://api.dropboxapi.com/2/sharing/get_shared_link_metadata');
    curl_setopt($ch, CURLOPT_HTTPHEADER, [
	'Authorization: Bearer ' . $token,
	'Content-Type: application/json']);
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode(['url' => $url]));

    $result = curl_exec($ch);

    curl_close($ch);

    return $result;
}

 

The request headers from this are:

 

Accept:application/json, text/javascript, */*; q=0.01
Accept-Encoding:gzip, deflate, br
Accept-Language:en-US,en;q=0.9
Cache-Control:no-cache
Connection:keep-alive
Content-Length:310
Content-Type:application/x-www-form-urlencoded; charset=UTF-8
Cookie: [long string]
Host:domain.com
Origin:https://domain.com
Pragma:no-cache
Referer:https://domain.com
User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36
X-Requested-With:XMLHttpRequest

Re: Access token is not being accepted from local server

Greg-DB
Dropboxer
Can you print out the request, or at least the token, to see what's getting sent by this code?

Re: Access token is not being accepted from local server

njclonch
Explorer | Level 3

I added request headers to my previous post, which follow each respective request.

 

Thanks for your help. Let me know if you need more info.

Re: Access token is not being accepted from local server

Greg-DB
Dropboxer
Thanks. That appears to the be headers for a web request though (to your own app?) and not for the API call itself.
Poll
We love to learn from the educators who use Dropbox. Whether you teach kids, teens, adults or a combination of all three, we want to know what apps and integrations you use with Dropbox to help with teaching. Which of the ones below is your favorite, or most used tool?
Who's talking

Top contributors to this post

  • User avatar
    njclonch Explorer | Level 3
  • User avatar
    Greg-DB Dropboxer
What do Dropbox user levels mean?
Need more support?