You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
dotNET_Guy
4 years agoExplorer | Level 3
OAuth authentication for offline application using .NET SDK
Hi Guys, I've been reading a lot of the Dropbox API documents to get OAuth2 authentication working for my offline Windows application using the .NET SDK. The 'OAuth Guide' was a great starting po...
- 4 years ago
Use of a redirect URI is optional, and you can still request offline access to get a refresh token back without using a redirect URI. When not using a redirect URI, the user would just need to manually copy/paste the authorization code into the app.
You can do that like this:
First, get the authorization URL, requesting offline access, like:
var authorizeUri = DropboxOAuth2Helper.GetAuthorizeUri(oauthResponseType:OAuthResponseType.Code, clientId: AppKey, redirectUri: (String)null, state: state, tokenAccessType: TokenAccessType.Offline, scopeList: null, includeGrantedScopes: IncludeGrantedScopes.None);
Open that in the user's browser, such as like in the example:
System.Diagnostics.Process.Start(authorizeUri.ToString());
Have the user copy/paste the code into your app. This can be via your UI, but for the sake of example, this is how a console app might do this:
var code = Console.ReadLine();
Finish the process by exchanging the authorization code:
var tokenResult = await DropboxOAuth2Helper.ProcessCodeFlowAsync(code: code, appKey: AppKey, appSecret: AppSecret, redirectUri: null);
(Note that this is the non-PKCE flow, for server-side apps. For the PKCE flow, for client-side apps, a code challenge/verifier is used instead of the app secret.)
Then you can make a client using the resulting credentials:
var client = new DropboxClient(appKey: AppKey, appSecret: AppSecret, oauth2AccessToken: tokenResult.AccessToken, oauth2RefreshToken: tokenResult.RefreshToken, oauth2AccessTokenExpiresAt: tokenResult.ExpiresAt.Value);
The SDK will automatically perform the refresh process for you when needed when using a client with the necessary credentials like this.
Greg-DB
Dropbox Staff
Use of a redirect URI is optional, and you can still request offline access to get a refresh token back without using a redirect URI. When not using a redirect URI, the user would just need to manually copy/paste the authorization code into the app.
You can do that like this:
First, get the authorization URL, requesting offline access, like:
var authorizeUri = DropboxOAuth2Helper.GetAuthorizeUri(oauthResponseType:OAuthResponseType.Code,
clientId: AppKey,
redirectUri: (String)null,
state: state,
tokenAccessType: TokenAccessType.Offline,
scopeList: null,
includeGrantedScopes: IncludeGrantedScopes.None);
Open that in the user's browser, such as like in the example:
System.Diagnostics.Process.Start(authorizeUri.ToString());
Have the user copy/paste the code into your app. This can be via your UI, but for the sake of example, this is how a console app might do this:
var code = Console.ReadLine();
Finish the process by exchanging the authorization code:
var tokenResult = await DropboxOAuth2Helper.ProcessCodeFlowAsync(code: code, appKey: AppKey, appSecret: AppSecret, redirectUri: null);
(Note that this is the non-PKCE flow, for server-side apps. For the PKCE flow, for client-side apps, a code challenge/verifier is used instead of the app secret.)
Then you can make a client using the resulting credentials:
var client = new DropboxClient(appKey: AppKey,
appSecret: AppSecret,
oauth2AccessToken: tokenResult.AccessToken,
oauth2RefreshToken: tokenResult.RefreshToken,
oauth2AccessTokenExpiresAt: tokenResult.ExpiresAt.Value);
The SDK will automatically perform the refresh process for you when needed when using a client with the necessary credentials like this.
dotNET_Guy
4 years agoExplorer | Level 3
Thank you very much Greg. It now works for my Windows console app!
(The redirect code snippets in the OauthBasic and OAuthPKCE examples had thrown me off).
So there is some level of manual intervention still required during the authentication process, i.e. Visit a Dropbox web page, then copy & paste the authentication code.
After this it should all the automated, e.g. the refresh token should last forever (unless revoked), and the .NET SDK would automatically fetch subsequent short-lived (sl-) access tokens behind-the-scenes.
For anyone programming with .NET (I'm using the most recent version .NET 5), I found the following line gave an exception (file specified could not be found):
System.Diagnostics.Process.Start(authorizeUri.ToString());
I had to include the executable WITH a fully qualified path to launched a browser:
System.Diagnostics.Process.Start(@"C:\Program Files\Mozilla Firefox\firefox.exe", authorizeUri.ToString());
And Greg, I knew you would be answering this thread. Thanks for all the hard work you do in answering posts, it is much appreciated!
About Discuss Dropbox Developer & API
Make connections with other developers
797 PostsLatest Activity: 6 days agoIf you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!