cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Back again with another edition of 'How we use Dropbox', so find out how Emma uses to-do lists to get it all done here!

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Problem and 2 possible solutions for Cordova-PhoneGap OAuth

Problem and 2 possible solutions for Cordova-PhoneGap OAuth

randynwalsh
New member | Level 2

 

The problem with Cordova / PhoneGap is that is isn't really a browser nor is it a server and to get a user oauth-authenticated requires browsing to the dropbox choser url.  So, a dropbox app must initiate an external browser (a browser on the device, but outside of phonegap, so no cross communication is possible).  The problem is that oauth authentication requires a redirect-url.  However, there is no simple redirect-url that dropbox can go back to since PhoneGap isn't a browser nor a server (ie, has no url to get back to).

 

 

Two possible solutions to this problem. One could possibly use a localhost redirect-url  and setup a static set of html files on the mobile device.  These static html files (outside of cordova) could store the access key somewhere that cordova app could pick up later.  However, this is getting increasing difficult for phonegap applications are being sandboxed, and these static files don't live in the same domain as the as the cordova app. (They live in the localhost domain not the named app domain)

 

The other solution, which I took, was to have the url-redirect go to a know internet surrogate-server.  I pass a "state" parameter in the choser request with a unique-guid.  The  surrogate server simple saves the granted access key under the unique-guid.  The Phone Gap application in the mean time is simply waiting for the user to be done with the external browser.  When done, the phonegap makes an ajax call to the surrogate-server passing the unique-guid, and getting the access key back in return.

 

Both of these solutions seam rather complicated, but I've gotten the second solution to work.  My question is, does anybody have a better answer?

 

Thanks, Randy.

2 Replies 2

Re: Problem and 2 possible solutions for Cordova-PhoneGap OAuth

Greg-DB
Dropboxer
Thanks for the post Randy! I'm not too familiar with Cordova/PhoneGap, and this is a bit outside the scope of Dropbox support, so I'm afraid I can't be of much help myself, but hopefully someone else here can chime in.

One thing I can note though, is that another possible (albeit non-ideal) solution is to use the "code" flow without specifying a redirect URI, in which case the user would need to copy and paste the authorization code from the Dropbox web site into your app:

https://www.dropbox.com/developers/documentation/http/documentation#authorization

Re: Problem and 2 possible solutions for Cordova-PhoneGap OAuth

Steve M.
Dropboxer

You might want to take a look at https://github.com/dropbox/dropbox-js/blob/0af3014a14771f951d533d812001efb04bf68978/src/auth_driver/.... That's from the old deprecated JS SDK, but it hopefully shows the pattern for using Cordova's InAppBrowser control.

Who's talking

Top contributors to this post

  • User avatar
    Steve M. Dropboxer
  • User avatar
    Greg-DB Dropboxer
What do Dropbox user levels mean?
Need more support?