cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Want to learn some quick and useful tips to make your day easier? Check out how Calvin uses Replay to get feedback from other teams at Dropbox here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to migrate previous API v1 authentication to APIv2?

How to migrate previous API v1 authentication to APIv2?

MateusP
Helpful | Level 6
Go to solution

Hi All,

 

So I've successfully migrated my Android app to Dbx API v2 (hooray!) but there's one bit missing.  I need to tranfer previous APIv1 authentication to APIv2 otherwise everyone will be forced to re-authenticate, which is annoying.

 

Looking online, I've seen various guides that look simple but they all reference AndroidAuthSession which is a APIv1 call (com.dropbox.client2.android.AndroidAuthSession).  So I don't understand how I do this in APIv2 or is that the point - we have to use old API1 calls to get the old tokens and then migrate them into APIv2? :thinking:

 

A summary of one example I found is below...

String allTokens = getApplicationContext().getSharedPreferences("dropbox-credentials", Context.MODE_PRIVATE).getString("accounts", null);
...
JSONArray jsonAccounts = new JSONArray(allTokens);
tmpToken = jsonAccounts.getJSONObject(0).getString("userToken");
...
if (tmpToken.startsWith("|oa2|")) token = tmpToken.substring(5);
...
if (token.trim().length() == 0) {
  Auth.startOAuth2Authentication(this, APP_KEY);
} else { 
  AppKeyPair appKeyPair = new AppKeyPair(APP_KEY, APP_SECRET);
  AndroidAuthSession session = new AndroidAuthSession(appKeyPair);
  session.setOAuth2AccessToken(token);
  session.finishAuthentication();
}

Many thanks,

M.

 

1 Accepted Solution

Accepted Solutions

Greg-DB
Dropbox Staff
Go to solution
Yes, OAuth 2 access tokens only have one piece. That is, each OAuth 2 access token is just one long string.

In your API v1 code, you're storing that via the access_token variable under DROPBOX_PREFS_SECRET.

In your API v2 code, you're storing that via the access_token variable under DROPBOX_PREFS_TOKEN.

(Part of the confusion may be that API v1 supported both OAuth 1 and OAuth 2. OAuth 1 access tokens are comprised of two pieces, a key and secret. API v2 only supports OAuth 2. OAuth 2 access tokens only have the one piece.)

View solution in original post

4 Replies 4

Greg-DB
Dropbox Staff
Go to solution

Exactly how this works will depend on what SDK and SDK version you were using for API v1, if any.

 

E.g., if you were using the Android Core SDK, you likely have OAuth 2 access tokens. The SDK itself didn't handle access token storage for you, but most developers store them in SharedPreferences. 

 

As long as you're using the full Dropbox or app folder permission, you can use the same OAuth 2 access tokens with API v2.

 

Like the v1 SDK, the v2 SDK leaves access token storage up to you, so you would just need to retrieve the existing access tokens from storage and plug them in to get a v2 client as shown in the Android example here.

MateusP
Helpful | Level 6
Go to solution

Thanks Greg, sounds simple.  I was using OAuth2 and storing the token in SharedPrefs with API v1 (see below)

String access_token = session.getOAuth2AccessToken();
SharedPreferences prefs = getSharedPreferences(DROPBOX_PREFS, MODE_PRIVATE);
prefs.edit.putString(DROPBOX_PREFS_KEY, "oauth2:").commit();
prefs.edit.putString(DROPBOX_PREFS_SECRET, access_token).commit();

and in API v2 I'm using...

 

String access_token = Auth.getOAuth2Token();
SharedPreferences prefs = getSharedPreferences(DROPBOX_PREFS, MODE_PRIVATE); prefs.edit().putString(DROPBOX_PREFS_TOKEN, access_token).apply();

So to get the token from API v1, I should be able to simply use the following .ine below?  Sorry I'm getting a bit confused - is the APIv1 "secret" the same as APIv2 "token"?

 

String api1_token = prefs.getString(DROPBOX_PREFS_SECRET, null);

 

Many thanks,

M.

 

 

Greg-DB
Dropbox Staff
Go to solution
Yes, OAuth 2 access tokens only have one piece. That is, each OAuth 2 access token is just one long string.

In your API v1 code, you're storing that via the access_token variable under DROPBOX_PREFS_SECRET.

In your API v2 code, you're storing that via the access_token variable under DROPBOX_PREFS_TOKEN.

(Part of the confusion may be that API v1 supported both OAuth 1 and OAuth 2. OAuth 1 access tokens are comprised of two pieces, a key and secret. API v2 only supports OAuth 2. OAuth 2 access tokens only have the one piece.)

MateusP
Helpful | Level 6
Go to solution

Thanks dude, that worked! :grinning:

Need more support?
Who's talking

Top contributors to this post

  • User avatar
    MateusP Helpful | Level 6
  • User avatar
    Greg-DB Dropbox Staff
What do Dropbox user levels mean?