Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
i have android app connected to my Dropbox folder using access token but every 4 hour should i edit my code and input the new access token is there any method to make the app working 24h without any interact from me
and fix the message that show access token error uploading to Dropbox: expired access token
private void uploadToDropbox(File photoFile) {
if (photoFile == null || !photoFile.exists()) {
runOnUiThread(() -> Toast.makeText(MainActivity.this, "Error: Photo file does not exist", Toast.LENGTH_SHORT).show());
return;
}
DbxRequestConfig config = DbxRequestConfig.newBuilder("Decamera").build();
DbxClientV2 client = new DbxClientV2(config, DROPBOX_ACCESS_TOKEN);
try {
String remotePath = "/Decamera/" + photoFile.getName();
try (InputStream in = new FileInputStream(photoFile)) {
client.files().uploadBuilder(remotePath)
.withMode(WriteMode.ADD)
.uploadAndFinish(in);
runOnUiThread(() -> Toast.makeText(MainActivity.this, "Photo uploaded to Dropbox", Toast.LENGTH_SHORT).show());
}
} catch (Exception e) {
e.printStackTrace();
runOnUiThread(() -> Toast.makeText(MainActivity.this, "Error uploading to Dropbox: " + e.getMessage(), Toast.LENGTH_SHORT).show());
}
}
private static final String DROPBOX_ACCESS_TOKEN = my access token
i understand you but where is the point of my app key and app secret in my code if the photo uploaded goes to the user dropbox account not my dropbox account
did you understand me the photo goes to the dropbox account that the user signed with it
during the oauth 2 process
you know in the authorized request it request from the user to sign in in dropbox 'in the browser'
look what chat gpt answere me and i find this very logical:
No, the user should not sign in with your Dropbox account during the authentication process. Instead, the authentication process involves the user signing in with their own Dropbox account. Here's how it typically works:
User Initiates Authentication:
Redirect to Dropbox for Authorization:
Hm..
Ok, how the user would know whether the access to their own data is correctly providing to selected code (your application) and not some fake or malicious code? 🧐 On other side, how Dropbox API would ensure the token is provided to correct user and not to some "men in middle"?
PS: OMG...🤦 Is your brain dysfunctional? By the way, your AI (ChatGPT) answer is NOT entirely correct (again), something that should not surprise you, but...
ok then for security reason should the user sign with my own account to i get the photo
how to i know this stuff about man in the middle and that things without any background on it no my brain work fine but chatgpt give me answer and you give me different one
and of my small knowledge im here to ask and learn not to proof myself
@Ghost Mjrm wrote:... im here to ask and learn not to proof myself
Ok, then it's easy
, just learn and not try to put non-trusted knowledge (something against TOS of this forum by the way). In this context let see:
@Ghost Mjrm wrote:
Redirect to Dropbox for Authorization:
- Your app constructs an authorization URL using your app's key and secret and redirects the user to the Dropbox website.
Do you use any secret in your authorization URL? 🧐 How many you should know to figure out it's incorrect? 🤷 - just an example. Where app secret is used in? Just take a look in your code - you don't need to proof yourself or something similar. Again, what you'll believe in?
🤫
i have noticed to this before that there is no app secret in the authorization URL but in the next step in exchange authorization code for token my app secret IT HAS ALREADY BEEN USED
private void exchangeAuthorizationCodeForTokens(String code) {
new AsyncTask<String, Void, Void>() {
@Override
protected Void doInBackground(String... params) {
try {
String url = "https://api.dropbox.com/oauth2/token";
String requestBody = "code=" + params[0] +
"&grant_type=authorization_code" +
"&client_id=" + DROPBOX_APP_KEY +
"&client_secret=" + DROPBOX_APP_SECRET +
"&redirect_uri=" + DROPBOX_REDIRECT_URI;
Would you like to learn or to proof... not very clear what?
Might be current ChatGPT stupidity...
@Ghost Mjrm wrote:i have noticed to this before that there is no app secret in the authorization URL but in the next step in exchange authorization code for token my app secret IT HAS ALREADY BEEN USED ...
And.. what? Is app secret used in URL or not? 🧐 Yes it's used, of course. What would it exist for otherwise?
By the way, as already mentioned in current discussion, secret is optional in some cases (when correct token receiving can be guaranteed in other way).
i don't want to prove something i admit that i got incorrect information from chatgpt but my brain is not dysfunctional i just got confused because the different answers
you were able to help without using hurtful words to the other party
Hi there!
If you need more help you can view your support options (expected response time for a ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!