You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
Powershell Oauth2 Refresh Token
Hey all! Thanks in advanced.
I am trying to write a powershell script to get an offline refresh token so I can do unattended uploads.
The problem is that I have to authenticate for an authorization code manually each time it is ran. How do I make it unattended? Here is the code:
$client_id = "CLIENTID"
$client_secret = "CLIENTSECRET"
# Set up the OAuth2 authorization URL
#$scope = "offline"
#$auth_url = "{0}?response_type=code&client_id={1}&scope={2}" -f $auth_url, $client_id, $scope
$auth_url = "https://www.dropbox.com/oauth2/authorize?client_id=CLIENTIDHERE&response_type=code&redirect_uri=$redirectUri&token_access_type=offline"
# Open the authorization URL in the default web browser and prompt the user to sign in and authorize your app
Start-Process $auth_url
Write-Host "Please sign in and authorize your app in the browser window that just opened."
# Prompt the user to enter the authorization code provided by Dropbox after they have authorized your app
$authorization_code = Read-Host "Enter the authorization code provided by Dropbox"
# Set up the access token request parameters
$body = @{
code = $authorization_code
grant_type = "authorization_code"
client_id = $client_id
redirect_uri = $redirectUri
client_secret = $client_secret
}
# Send the access token request and parse the response for the access token and refresh token
$response = Invoke-RestMethod -Method Post -Uri $token_url -Body $body
$access_token = $response.access_token
$refresh_token = $response.refresh_token
# Use the access token to make API calls to Dropbox
# For example, you can list the contents of the root folder like this:
$headers = @{
"Authorization" = "Bearer $access_token"
}
$list_body = @{
path = ""
recursive = $false
}
$list_response = Invoke-RestMethod -Method Post -Uri $list_url -Headers $headers -Body ($list_body | ConvertTo-Json)
$list_response.entries | Select-Object name, path_display
# Output the access token and refresh token to the console
Write-Host "Your access token is: $access_token"
Write-Host "Your refresh token is: $refresh_token"
I'm not sure what you mean when you say you are "not getting any type of response from the curl command". For reference, if you need to debug something with curl, you can use the "-v" flag to enable verbose mode.
In any case, I haven't tested your new code, but the parameters look right. I also don't see where you retrieve the access token from the new /oauth2/token call, but assuming you do either manually or in code not shown, it seems right. Does it work for you when you run it?
- Greg-DB
Dropbox Staff
It is not possible to fully automate the OAuth process where the user chooses to authorize the app and the app then receives the resulting access token and optional refresh token. This needs to be done manually by the user at least once.
If your app needs to maintain long-term access without the user manually re-authorizing it repeatedly, the app should request "offline" access so that it gets a refresh token. The refresh token doesn't expire and can be stored and used repeatedly to get new short-lived access tokens whenever needed, without the user manually reauthorizing the app.
You can find more information in the OAuth Guide and authorization documentation. There's a basic outline of processing this flow in this blog post which may serve as a useful example of how to use a refresh token to maintain long-term unattended access.Thanks for the reply Greg -
The script above does request offline access. If you see line 10, the authentication url has "token_access_type=offline".
I get the refresh token once, and I plug it in, but it doesn't last more than a couple of hours before it expires.
- Greg-DB
I see you are requesting the refresh token, but you don't seem to actually be using it anywhere in the code you shared.
Whenever you need a new short-lived access token, you should call /oauth2/token with grant_type=refresh_token, as shown in step 5 of the offline example in this post.
So I used this code to upload files. I tried using the refresh token and it doesn't work...
$refresh_token = "hssEaww....REFRESHTOKENWENTHERE"$headers = @{Authorization = "Bearer $refresh_token""Content-Type" = "application/octet-stream"}# Read the file as a byte array and upload it to Dropbox$file_bytes = [System.IO.File]::ReadAllBytes($file_path)$outputFile = Split-Path "C:\FILEHERE.TXT" -leaf$TargetFilePath = "/$outputFile"$arg = '{ "path": "' + $TargetFilePath + '", "mode": "add", "autorename": true, "mute": false }'$authorization = "Bearer " + $refresh_token$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"$headers.Add("Authorization", $authorization)$headers.Add("Dropbox-API-Arg", $arg)$headers.Add("Content-Type", 'application/octet-stream')$response = Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers- Greg-DB
Access tokens and refresh tokens are different objects and are not interchangeable, so you can't use a refresh token as an access token like that. Instead, whenever you need a new short-lived access token you should call /oauth2/token with grant_type=refresh_token and refresh_token set to the refresh token, like in step 5 of this example. That call will return a new short-lived access token which you can then use to make further API calls, such as /2/files/upload.
About Discuss Dropbox Developer & API
Make connections with other developers
