cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Are you interested in learning how media industry leaders use Dropbox Replay? Register for our webinar here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Trouble Obtaining Refresh Token Alongside Access Token from Dropbox OAuth2 in Local Environment

Trouble Obtaining Refresh Token Alongside Access Token from Dropbox OAuth2 in Local Environment

belt_basya
Explorer | Level 3

I'm trying to integrate Dropbox into my web application using OAuth2. My code seems to be working correctly, but I'm only receiving the access token and not the refresh token upon successful login. I'm developing in a local environment and using ngrok for a callback URL.

Code Snippets:

- Front-end code (relevant part):


const handleConnect = (service) => {
    const connectionUrl = `${process.env.REACT_APP_HOST_URL}/auth/${service}`;
    const authWindow = window.open(connectionUrl, "_blank");
    window.addEventListener('message', event => {
      if (event.data.message === 'Success') {
        sendTokensToServer({ ...event.data, path: connectedServices[service].path });
          authWindow.close();
      }
    });
};

- Back-end code (relevant part):


const DropboxOAuth2Strategy = require('passport-dropbox-oauth2').Strategy;

passport.use(
    new DropboxOAuth2Strategy(
        {
            apiVersion: "2",
            callbackURL: `${process.env.CALLBACK_URL}/oauth/dropbox/callback`,
            clientID: process.env.DROPBOX_CLIENT_ID,
            clientSecret: process.env.DROPBOX_CLIENT_SECRET,
            // Missing option?
        },
        (accessToken, refreshToken, profile, cb) => {
            console.log(accessToken, refreshToken)
            cb(null, profile);
        }
    )
);

router.get("/auth/dropbox", passport.authenticate("dropbox-oauth2"));

router.get("/oauth/dropbox/callback",
    passport.authenticate("dropbox-oauth2", { failureRedirect: "/" }),
    (req, res) => {
        res.redirect("/success?service=Dropbox");
    }
);


- Question:

* Is using ngrok as a callback URL in my local environment preventing me from receiving the refresh token?
* If not, what could be causing the missing refresh token?
* Are there any additional configuration options needed for the `DropboxOAuth2Strategy` to obtain the refresh token?

- Additional Information:

* I've checked the Dropbox API documentation for OAuth2 and ensured my code is following the steps correctly.

Thanks in advance for any help!

1 Reply 1

Greg-DB
Dropbox Staff

[Cross-linking for reference: https://stackoverflow.com/questions/78479669/trouble-obtaining-refresh-token-alongside-access-token-... ]

 

Whether or not you use a redirect URI, as well as where/how the redirect URI is hosted, doesn't affect whether or not a refresh token is returned.

 

In order to get a refresh token from Dropbox, you need to set token_access_type=offline on /oauth2/authorize. I don't see that in your code, so you'll need to check on whether your OAuth library automatically does that for you, and if not, how you can set it.

 

W can't offer support for the DropboxOAuth2Strategy class as that's not written by Dropbox. I suggest referring to the documentation for it.

Need more support?
Who's talking

Top contributors to this post

  • User avatar
    Greg-DB Dropbox Staff
What do Dropbox user levels mean?