cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community
English
Announcements
Want to know what we learned at IBC? Check out our learnings on media, remote working and more right here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to fix the short-lived access token issue?

Labels:

How to fix the short-lived access token issue?

Orgbrat
Explorer | Level 3
‎04-01-2022 12:55 PM

I have a Desktop/Mobile Xamarin application that reads and writes to the Apps folder in a users Dropbox. It has been working fine for a long time but now that Dropbox has moved to short-lived access tokens my application is having issues. It used to be when the application got the Dropbox token that was it unless the user uninstalled my application. I am using the Dropbox.Sdk .NET and C#.

 

My authentication code was like this:

this.oauth2State = Guid.NewGuid().ToString("N");
var authorizeUri = DropboxOAuth2Helper.GetAuthorizeUri(OAuthResponseType.Token, Constants.DropboxClientId, new Uri(Constants.DropboxRedirectUri), this.oauth2State);
var webView = new WebView { Source = new UrlWebViewSource { Url = authorizeUri.AbsoluteUri } };
webView.Navigating += this.WebViewOnNavigating;
var contentPage = new ContentPage { Content = webView };
await Shell.Current.Navigation.PushModalAsync(contentPage);

So how do I fix this so that it works with Dropbox's new process. 

Do I need to start using both an AccessToken and a RefreshToken?

How do I change the above code to get both tokens?

And then how do I use those tokens so that the user does not need to keep logging into Dropbox from my application?

Has anyone got a .NET C# sample of how to read and write a file to a users Apps folder for an application since all this has changed?

 

Orgbrat

Labels:
  • 0 Likes
  • 3 Replies
  • 1,551 Views
0 Likes
3 Replies 3

kylea
Dropbox Staff
‎04-01-2022 04:00 PM

The latest .NET SDK has a good example of using refresh tokens in the OauthBasic example.  Be sure to pass the tokenAccessType: TokenAccessType.Offline parameter when constructing your url with GetAuthorizeUri in order to get a refresh token.   The refresh token can then be passed DropboxClient, which is also shown in the example.

 

 

Using refresh tokens should only be necessary if your application requires background access.  For typical web applications, simply prompting the user to re-authenticate is recommended. The flow will typically auto-redirect if the user is logged in and has previously authorized the app.

 

This is described in more detail in our Oauth Guide.

 

0 Likes

Orgbrat
Explorer | Level 3
‎04-02-2022 06:57 AM

Thanks for the quick reply, it is very much appreciated. 

I am failing to authorize with the error "scope: must be at most 0 characters, got 97"

 

I modified the original code to be:

string[] scopeList = new string[5] { "files.metadata.write""files.metadata.read""files.content.write""files.content.read""account_info.read" };
 
this.oauth2State = Guid.NewGuid().ToString("N");
var authorizeUri = DropboxOAuth2Helper.GetAuthorizeUri(OAuthResponseType.Code, Constants.DropboxClientId, new Uri(Constants.DropboxRedirectUri), state: this.oauth2State, tokenAccessType: TokenAccessType.Offline, scopeList: scopeList, includeGrantedScopes: IncludeGrantedScopes.None);
var webView = new WebView { Source = new UrlWebViewSource { Url = authorizeUri.AbsoluteUri } };

Update:

I went into the App Console and opened the Permissions tab. The Console ask me to Migrate my requested permissions, which I did do. Went back into the app and tried to authorize again and this time I am getting the  Login page from Dropbox. Step closer maybe.

 

Now when it authorizes thru the Login page and transfers to my WebViewOnNavigating event it returns the following URL;

https://localhost/authorize?code=xxx-Returned-Code-xxx

 

At this point I make a call to:

var result = await DropboxOAuth2Helper.ProcessCodeFlowAsync(new Uri(Constants.DropboxRedirectUri), Constants.DropboxClientId, Constants.DropboxClientSecret, new Uri(Constants.DropboxRedirectUri).ToString(), this.oauth2State);

This call crashes with the error : "The redirect uri is missing expected query arguments. (Parameter 'responseUri')"

 

Orgbrat

0 Likes

Greg-DB
Dropbox Staff
‎04-04-2022 09:29 AM

After the user authorizes the app, the resulting response URI will contain the information needed for completing the process on the query portion of the URI. You need to pass that response URI into ProcessCodeFlowAsync, as the 'responseUri' parameter, to complete the flow.

 

This error message is indicating that the responseUri value you are passing in does not contain that information on the query portion however. In this case, that appears to be because you're passing back in the original redirect URI constant ('new Uri(Constants.DropboxRedirectUri)'), not the actual result of the authorization. You should change that to the response URI (the "https://localhost/authorize?code=xxx-Returned-Code-xxx" you mentioned.) You can find an example of that here.

 

By the way, I notice from your code that you're processing this in a web view. The OAuth app authorization flow should be processed in the user's system browser, not a web view. See here for more information.

0 Likes
Need more support?
Who's talking

Top contributors to this post

  • User avatar
    Greg-DB Dropbox Staff
  • User avatar
    Orgbrat Explorer | Level 3
  • User avatar
    kylea Dropbox Staff
What do Dropbox user levels mean?