You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.

Forum Discussion

seenigel's avatar
seenigel
Explorer | Level 3
4 years ago

Need help generating a pkce refresh token in a javascript PWA

Hi folks, I'm running into some trouble with the new authentication flow.

I've got a single page, severless JS PWA and I want to use Dropbox to store the user's data without forcing them to authenticate every four hours or each time they re-open the app. I've been using the old oauth flow and storing the long-lived token in localstorage and it's been fine, but I'm unclear about what to store from the pkce flow.

I'd ideally like to store the refresh token in localstorage and use that to generate short-lived tokens as needed, but the documentation isn't quite clear. I'm trying to follow the example in the js sdk for generating a token (https://github.com/dropbox/dropbox-sdk-js/blob/main/examples/javascript/pkce-browser/index.html), but this example only shows the initial authentication: sending the user to the authentication page, and retrieving the first short-lived token (line 97). It doesn't show how to use the refresh token to generate subsequent tokens.

I know that in the response from dbxAuth.getAccessTokenFromCode includes the refresh token (line 96 and line 97), but I'm not quite sure how to generate short-lived tokens with it. I see in the sdk there's a function called checkAndRefreshAccessToken() that returns a promise, but it's returning empty when I call it.

TLDR: How do I alter this example (https://github.com/dropbox/dropbox-sdk-js/blob/main/examples/javascript/pkce-browser/index.html) to store the refresh token and use it to generate short-lived tokens down the road?