cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Share your feedback on the Document Scanning Experience in the Dropbox App right here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How can i get lifetime Access Token

How can i get lifetime Access Token

Ghost Mjrm
Explorer | Level 4

i have android app connected to my Dropbox folder using access token but every 4 hour should i edit my code and input the new access token is there any method to make the app working 24h without any interact from me

and fix the message that show access token error uploading to Dropbox: expired access token

 

 

private void uploadToDropbox(File photoFile) {
if (photoFile == null || !photoFile.exists()) {
runOnUiThread(() -> Toast.makeText(MainActivity.this, "Error: Photo file does not exist", Toast.LENGTH_SHORT).show());
return;
}

DbxRequestConfig config = DbxRequestConfig.newBuilder("Decamera").build();
DbxClientV2 client = new DbxClientV2(config, DROPBOX_ACCESS_TOKEN);

try {
String remotePath = "/Decamera/" + photoFile.getName();

try (InputStream in = new FileInputStream(photoFile)) {
client.files().uploadBuilder(remotePath)
.withMode(WriteMode.ADD)
.uploadAndFinish(in);

runOnUiThread(() -> Toast.makeText(MainActivity.this, "Photo uploaded to Dropbox", Toast.LENGTH_SHORT).show());
}

} catch (Exception e) {
e.printStackTrace();
runOnUiThread(() -> Toast.makeText(MainActivity.this, "Error uploading to Dropbox: " + e.getMessage(), Toast.LENGTH_SHORT).show());
}
}
private static final String DROPBOX_ACCESS_TOKEN = my access token

 

41 Replies 41

Ghost Mjrm
Explorer | Level 4

i understand you but where is the point of my app key and app secret in my code if the photo uploaded goes to the user dropbox account not my dropbox account

did you understand me the photo goes to the dropbox account that the user signed with it

during the oauth 2 process

you know in the authorized request it request from the user to sign in in dropbox 'in the browser'

Ghost Mjrm
Explorer | Level 4

look what chat gpt answere me and i find this very logical:

in step number 3 During the user authentication process is the user should sign in using my dropbox account
 
ChatGPT

No, the user should not sign in with your Dropbox account during the authentication process. Instead, the authentication process involves the user signing in with their own Dropbox account. Here's how it typically works:

  1. User Initiates Authentication:

    • The user interacts with your app, and your app initiates the Dropbox authentication process.
  2. Redirect to Dropbox for Authorization:

    • Your app constructs an authorization URL using your app's key and secret and redirects the user to the Dropbox website.
    • The user signs in with their own Dropbox account on the Dropbox website.

Здравко
Legendary | Level 20

Hm..:thinking_face: Ok, how the user would know whether the access to their own data is correctly providing to selected code (your application) and not some fake or malicious code? 🧐 On other side, how Dropbox API would ensure the token is provided to correct user and not to some "men in middle"?

 

PS: OMG...🤦 Is your brain dysfunctional? By the way, your AI (ChatGPT) answer is NOT entirely correct (again), something that should not surprise you, but...

Ghost Mjrm
Explorer | Level 4

ok then for security reason should the user sign with my own account to i get the photo

Ghost Mjrm
Explorer | Level 4

how to i know this stuff about man in the middle and that things without any background on it no my brain work fine but chatgpt give me answer and you give me different one

and of my small knowledge im here to ask and learn not to proof myself

Ghost Mjrm
Explorer | Level 4
+ this app i don't want to publish it to the public
And I don’t want unknown user to use it so no one said about the security and this stuff
You can simplify the discussion by saying it’s protocol from the dropbox sdk to protect the user and not using „mindless“ word

Здравко
Legendary | Level 20

@Ghost Mjrm wrote:

... im here to ask and learn not to proof myself


Ok, then it's easy :winking_face:, just learn and not try to put non-trusted knowledge (something against TOS of this forum by the way). In this context let see:


@Ghost Mjrm wrote:
  • Redirect to Dropbox for Authorization:

    • Your app constructs an authorization URL using your app's key and secret and redirects the user to the Dropbox website.

Do you use any secret in your authorization URL? 🧐 How many you should know to figure out it's incorrect? 🤷 - just an example. Where app secret is used in? Just take a look in your code - you don't need to proof yourself or something similar. Again, what you'll believe in? :slightly_smiling_face:🤫

Ghost Mjrm
Explorer | Level 4

i have noticed to this before that there is no app secret in the authorization URL but in the next step in exchange authorization code for token my app secret IT HAS ALREADY BEEN USED

private void exchangeAuthorizationCodeForTokens(String code) {
new AsyncTask<String, Void, Void>() {
@Override
protected Void doInBackground(String... params) {
try {
String url = "https://api.dropbox.com/oauth2/token";
String requestBody = "code=" + params[0] +
"&grant_type=authorization_code" +
"&client_id=" + DROPBOX_APP_KEY +
"&client_secret=" + DROPBOX_APP_SECRET +
"&redirect_uri=" + DROPBOX_REDIRECT_URI;

 

Здравко
Legendary | Level 20

Would you like to learn or to proof... not very clear what? :thinking_face: Might be current ChatGPT stupidity...

 


@Ghost Mjrm wrote:

i have noticed to this before that there is no app secret in the authorization URL but in the next step in exchange authorization code for token my app secret IT HAS ALREADY BEEN USED ...


And.. what? Is app secret used in URL or not? 🧐 Yes it's used, of course. What would it exist for otherwise? :slightly_smiling_face: By the way, as already mentioned in current discussion, secret is optional in some cases (when correct token receiving can be guaranteed in other way).

Ghost Mjrm
Explorer | Level 4

i don't want to prove something i admit that i got incorrect information from chatgpt but my brain is not dysfunctional i just got confused because the different answers
you were able to help without using hurtful words to the other party

Need more support?
Who's talking

Top contributors to this post

  • User avatar
    Ghost Mjrm Explorer | Level 4
  • User avatar
    Здравко Legendary | Level 20
What do Dropbox user levels mean?