cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Update: Find information on Dropbox support during COVID-19 here
Close
cancel
Showing results for 
Search instead for 
Did you mean: 

Distinction between Oauth 2 and PHP Core API (PHP SDK)

Priya M.
Explorer | Level 4

Hi,

 

I'm from Softaculous Ltd and we are now starting to integrate with Dropbox for Backups upload and download.

 

I want to know the difference between your PHP Core API or PHP SDK and OAUTH 2.

 

Also, do you have something as FTP stream to upload a tar.gz file in parts?

1 Accepted Solution

Accepted Solutions

Re: Distinction between Oauth 2 and PHP Core API (PHP SDK)

Dropboxer
Dropboxer
28 Replies 28

Re: Distinction between Oauth 2 and PHP Core API (PHP SDK)

Dropboxer
Dropboxer

The PHP Core SDK is a PHP SDK for accessing Dropbox API v1, a.k.a. the Dropbox Core API. API v1 is deprecated though, so you should no longer use that. 

 

You should use API v2 instead. We don't have an official PHP SDK for API v2, so you can either use a third party library or call the HTTPS endpoints directly.

 

OAuth is an authorization protocol, used by the Dropbox API. API v1 supports OAuth 1 and OAuth 2. API v2 supports OAuth 2.

Re: Distinction between Oauth 2 and PHP Core API (PHP SDK)

Priya M.
Explorer | Level 4

Hi Greg,

 
If I make use of HTTPS endpoints directly to use API v2, do I have to include some Dropbox classes or direct curl call will work?
 
Also, I'm not able to understand how to use these endpoint URLs using PHP. Can you please give me an example?
 
I want to generate the auth token of the user's account, how can I do so and using which endpoint?

Re: Distinction between Oauth 2 and PHP Core API (PHP SDK)

Dropboxer
Dropboxer

Re: Distinction between Oauth 2 and PHP Core API (PHP SDK)

Priya M.
Explorer | Level 4

Hi,

 

Thank you for your reply.

 

I'm not able to understand how to make the PHP curl call, what all curl parameters are to be set, etc. I'm not able to understand how to fetch the user auth token using the authorization API:

https://www.dropbox.com/developers/documentation/http/documentation#authorization

 

I'm using it like this. Please correct me:

 

$post['response_type'] = 'token';
$post['client_id'] = '6i45k3fi9a1i9an';
$post['redirect_uri'] = get_current_url().'&auth_callback=1';
$url = 'https://www.dropbox.com/oauth2/authorize';
// Set the curl parameters.
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
//Set proxy 
//curl_proxy($ch);
// Turn off the server and peer verification (TrustManager Concept).
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post));

curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_NOBODY, true);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1');

curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// Get response from the server.
$resp = curl_exec($ch); 
r_print($resp);

 

Re: Distinction between Oauth 2 and PHP Core API (PHP SDK)

Priya M.
Explorer | Level 4

Hi,

 

I made the following changes:

 

 

function get_current_url() {
$url = @($_SERVER["HTTPS"] != 'on') ? 'http://'.$_SERVER["SERVER_NAME"] : 'https://'.$_SERVER["SERVER_NAME"];
$url .= ($_SERVER["SERVER_PORT"] != 80) ? ":".$_SERVER["SERVER_PORT"] : "";
$url .= $_SERVER["REQUEST_URI"];
return $url;
}
$url = 'https://www.dropbox.com/oauth2/authorize?response_type=token&client_id=6i45k3fi9a1i9an&redirect_uri='.get_current_url();
// Set the curl parameters.
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
// Turn off the server and peer verification (TrustManager Concept).
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); 

curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// Get response from the server.
$resp = curl_exec($ch);
echo '<br />Curl Error: '.curl_error($ch);
echo '<br />Curl Response: ';
r_print($resp);

 

Using this I get:

Invalid redirect_uri: "https://cpanel.nuftp.com:2083/cpsess5895978520/frontend/paper_lantern/softaculous/index.live.php": It must exactly match one of the redirect URIs you've pre-configured for your app (including the path).

How do I specify the redirect URL?

 

Also, I want to redirect this auth process in a separate window, which when accepted by the user should return back to the current window. How do I do that?

Re: Distinction between Oauth 2 and PHP Core API (PHP SDK)

Dropboxer
Dropboxer

You're attempting to access /authorize by submitting an HTTP request to it via curl like you would for an API call, but /authorize is actually a web page the user should interact with in their browser, and not an API endpoint.

 

You should construct the /authorize URL and then direct the user there in their browser. (Exactly how you do that will depend on your setup, e.g., your web framework.)

 

The redirect_uri value should be the URL of the page where you want the user sent back to after they authorize your app. As a security measure, it needs to exactly match a redirect URI registered for your app via your app's page on the App Console. If it doesn't you'll get that error you posted.

Re: Distinction between Oauth 2 and PHP Core API (PHP SDK)

Priya M.
Explorer | Level 4
Hi,

>>The redirect_uri value should be the URL of the page where you want the user sent back to after they authorize your app. As a security measure, it needs to exactly match a redirect URI registered for your app via your app's page on the App Console. If it doesn't you'll get that error you posted.
The Redirect URI in our case may vary as we provide user the utility to authorize to our Dropbox APP from various pages. We probably cannot set all those URIs in the APP settings via our APP's page. How to handle this?

Re: Distinction between Oauth 2 and PHP Core API (PHP SDK)

Dropboxer
Dropboxer
I'm afraid I don't have a great solution for you, as OAuth 2 redirect URIs for the Dropbox API are required to be pre-registered exactly. I'll be sure to pass this along as feedback though.

One thing you may be able to do instead is to use one static redirect URI but encode the necessary information in the 'state' parameter, and decode it as necessary after the redirect back to your app, to handle it as necessary:

https://www.dropbox.com/developers/documentation/http/documentation#authorization

Alternatively, you could forgo using a redirect URI entirely. With the "code" flow, you can omit redirect_uri and have the user copy and paste the code manually. (Or, for the "token" flow, you can use https://www.dropbox.com/1/oauth2/display_token as the redirect URI and have the user copy and paste the access token.)

Re: Distinction between Oauth 2 and PHP Core API (PHP SDK)

Priya M.
Explorer | Level 4
Hi,
 
Can you please tell me some examples of usage of this API? How will I fetch the access token when the authorization is successfull and the user is redirected back to the uri as specified in tge redirect uri?
Also, when I'm using this API, I'm getting the error of 'invalid response type code'.

Work Smarter with Dropbox

The way we work is changing. Share and discover new ways to work smarter with Dropbox in our community.

Sound good? Let's get started.
Who's talking

Top contributors to this post

What do Dropbox user levels mean?
Need more support?