We're making changes to the Community, so you may have received some notifications - thanks for your patience and welcome back. Learn more here.
Forum Discussion
C# Dropbox.API File Upload Errors
I'm using the most recent NuGet package for my VS 2019 project. My app has worked consistently for several years now. But recently I have logged errors when invoking the client.Files.UploadAsync() me...
Yes, for the official Dropbox API v2 .NET SDK, you can find an example of using the new authorization functionality in the OauthBasic example (non-PKCE, meant for server-side apps) as well as in the OAuthPKCE example (PKCE, meant for client-side apps).
Greg-DB
Dropbox Staff
Dropbox StaffYes, for the official Dropbox API v2 .NET SDK, you can find an example of using the new authorization functionality in the OauthBasic example (non-PKCE, meant for server-side apps) as well as in the OAuthPKCE example (PKCE, meant for client-side apps).
I downloaded the SDK and compiled the OAuthPKCE project. Apparently invoking the HttpListener.Start() method requires elevated privileges. Getting an Error Code: 5 - Access Denied. I'll try to ferret out the logic behind the sample code and implement it outside of the mechanism used in the sample project. Since my client-side app is a basic Click Once deployment that runs at the user level. And our endusers definitely don't have local admin rights to their PC's. 😀
Also, reviewing the sample projects, it appears as if when a token has expired the routine to acquire a new one is invoking a web browser window in order to complete the OAuth process? So every 4 hours an enduser would be guided through that process, correct? The app I have is used for uploading scanned documents from dedicated endusers. These endusers have the app up all of the workday and are scanning multiple documents. So worst-case a few times a day they would have to run through the OAuth process again? I realize if I just work with the raw API I could likely use static App Authentication (https://www.dropbox.com/developers/reference/auth-types) and forego the entire OAuth process if push came to shove...
- Greg-DB
No, when requesting "offline" access, the app receives a "refresh token" that can be used to retrieve new short-lived access tokens whenever, without manual user interaction (that is, the user doesn't need to repeatedly re-authorize the app once the app has the refresh token). The .NET SDK will perform that refresh process (getting new short-lived access tokens) automatically for you.
Okay, I'm making headway recoding my project to account for the new mechanism. I'm hitting a stumbling block trying to perform the second half of the initial OAuth2 process. Taking the code that's supplied in the URI and getting the refresh token. Below is a code snippet. I'm using a WebView2 form to run through the process, since it can run as user-level and doesn't require local admin rights.
The choke point is when my routine hits the ProcessCodeFlowAsync() step. It consistently comes back with an invalid_grant exception. I've run across other posts on here where there were multiple calls going on, and the duplication was leading to this. But I'm only initially hitting this step once, when I first launch my app.
Any suggestions on where to go from here? I do appreciate all of your timely assistance. It's been very helpful!
private async void Start(string appKey, string appPwd)
{
this.ApiKey = appKey;
this.ApiPwd = appPwd;
this.oauth2State = Guid.NewGuid().ToString("N");
var authorizeUri = DropboxOAuth2Helper.GetAuthorizeUri(OAuthResponseType.Code, appKey, new Uri(RedirectUri), state: oauth2State, tokenAccessType: TokenAccessType.Offline);
await this.Browser.EnsureCoreWebView2Async(null);
this.Browser.CoreWebView2.Navigate(authorizeUri.ToString());
this.Visibility = Visibility.Visible;
this.Focus();
}private void BrowserNavigating(object sender, CoreWebView2NavigationStartingEventArgs e)
{
if (!e.Uri.ToString().StartsWith(RedirectUri, StringComparison.OrdinalIgnoreCase))
{
// we need to ignore all navigation that isn't to the redirect uri.
return;
}try
{
var uri = new Uri(e.Uri, UriKind.Absolute);
var queryParm = uri.Query;
var code = queryParm.Split('=')[1];
var tokenResult = Task.Run(() => DropboxOAuth2Helper.ProcessCodeFlowAsync(responseUri: uri, appKey: this.ApiKey, appSecret: this.ApiPwd, state: this.oauth2State)).Result;
this.AccessToken = tokenResult.AccessToken;
this.RefreshToken = tokenResult.RefreshToken;
this.UserId = tokenResult.Uid;
this.Result = true;
}
catch (ArgumentException)
{
// There was an error in the code being processed.
}
finally
{
e.Cancel = true;
this.Close();
}
}- Greg-DB
An 'invalid_grant' error can indicate that the values you're supplying to ProcessCodeFlowAsync don't match the configuration used with GetAuthorizeUri to get that particular authorization. For instance, I see you're using a redirect URI ('new Uri(RedirectUri)') with GetAuthorizeUri. In that case, you need to supply that same redirect URI to ProcessCodeFlowAsync to validate that request.
That is, in addition to setting the 'responseUri' parameter on ProcessCodeFlowAsync, you should set 'redirectUri' as well (matching the 'redirectUri' value you gave to GetAuthorizeUri).
By the way, I should mention that we don't officially support processing the OAuth app authorization flow in a web view. The OAuth app authorization flow should be processed in the user's system browser. See here for more information. It sounds like we don't have a full sample app that meets your use case exactly, but I have a post here with some information that may be helpful.
