cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community
English
Announcements
Want to know what we learned at IBC? Check out our learnings on media, remote working and more right here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Resfresh Token using c# code for Oauth2.0

Labels:

Resfresh Token using c# code for Oauth2.0

Ivan_
Helpful | Level 6
‎10-31-2022 05:35 AM

Hi,

I need assisstance in Oauth2.0 usage.

After I generated token I have following properties

Ivan__0-1667216257713.png

The moment that I do not understand is how to refresh token. Here I got ExpiredAt property that shows that this token will be expired.

Assuming that it is already expired, how I must refresh it ?

 

I checked provided samples of code

Ivan__1-1667219628928.png

Will be correct if I make such verification for expiration of token

Ivan__2-1667219802198.png

and if it expried I add this code ?

var client = new DropboxClient(Settings.Default.AccessToken, Settings.Default.RefreshToken, ApiKey, ApiSecret, config);await client.RefreshAccessToken(newScopes);var clientNew = new DropboxClient(Settings.Default.AccessToken, Settings.Default.RefreshToken, ApiKey, ApiSecret, config);

 

Thanks in advance

Labels:
  • 1 Likes
  • 8 Replies
  • 2,275 Views
8 Replies 8

Здравко
Legendary | Level 20
‎10-31-2022 06:22 AM

Hi @Ivan_,

You don't have to perform any of the actions shown. Whenever such action has shown in some example, it's just to show how the refresh works (not that you have to use it)! Once you initialize/construct a client object using the credentials provided, the object itself will take care to refresh whenever needed. 😉 You don't need to do anything explicitly by yourself (other than just properly construct client object, together with the refresh token, and use it).

Hope this clarifies matter.

Ivan_
Helpful | Level 6
‎10-31-2022 06:29 AM

Hi @Здравко 

Thank you for the quick response

Can you suggest how properly construct client object with refresh token ?

Currently I transfer only access token and it works

Ivan__0-1667223196156.png

 

0 Likes

Здравко
Legendary | Level 20
‎10-31-2022 06:47 AM
@Ivan_ wrote:

...

Currently I transfer only access token and it works

Ivan__0-1667223196156.png

🤓 Really?! If it works, what actually you are asking for?! 🧐😁

You cannot expect when object is initialized with just access token it be able refresh somehow. 🤷 How such thing can happen? Impossible of course - the refresh token is required, at least! Even more, once refresh token is provided, the access token and expiration date become optional. Take a look here for instance. 😉 Depending on how exactly you have performed authentication flow (PKCE or not), you may need to add the application secret too.

Hope this helps.

Ivan_
Helpful | Level 6
‎10-31-2022 07:00 AM

Thanks

So, basically I need to this, am I right ?

var config = new DropboxClientConfig("SimplePKCEOAuthApp") { HttpClient = httpClient

};

var client = new DropboxClient(Settings.Default.RefreshToken, ApiKey, config);

 

I have performed authentication flow  without PKCE.

I need to clarify 2 moments :

1) What is that parameter for config object : "SimplePKCEOAuthApp"?

Is that application console name ?

Ivan__1-1667225048444.png

 

2)Is it enough to transfer only refresh token ? It looks strange, because we do not use access token with such approach

That is the way how I get access token

Ivan__0-1667224945405.png

It is same way how I described it in that topic https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/How-to-programmatically-get-the-Authori... with which you helped me

0 Likes

Здравко
Legendary | Level 20
‎10-31-2022 07:22 AM
@Ivan_ wrote:

...

var client = new DropboxClient(Settings.Default.RefreshToken, ApiKey, config);

 

I have performed authentication flow  without PKCE.

...

Nope, skipping application secret is only possible while PKCE is in use.

 

@Ivan_ wrote:

...

1) What is that parameter for config object : "SimplePKCEOAuthApp"?

Is that application console name ?

Ivan__1-1667225048444.png

...

No, it's just a free name (even non mandatory - i.e. you can skip it) describing somehow your application. You can put there "ARTY1", for instance, it normally match the application name. Follow this rule.

 

@Ivan_ wrote:

...

2)Is it enough to transfer only refresh token ? It looks strange, because we do not use access token with such approach

...

You are mixing different things! In previous discussion the topic was the code, not the token! (take care, in your code you are still mixing the names - might be that's why you got in confusion) Access token is enough by self  to authenticate regular API call (or equivalent using any SDK), refrsh token on other side needs additional confirmations (least application' key, but in your case application' secret too) to be validated the usage.

0 Likes

Ivan_
Helpful | Level 6
‎10-31-2022 07:37 AM

@ЗдравкоI am sorry for being not clear in my questions as you said the following : "You are mixing different things! In previous discussion the topic was the code, not the token! (take care, in your code you are still mixing the names - might be that's why you got in confusion)"

 

currently I successfully get token and the code.

Now I need to clarify this moment about refreshing the token. As you told in first reply, DropBox does everything  without me. So, for uploading files, how I need to constrct the client object in authentication flow  without PKCE ?

 

 

 

0 Likes

Здравко
Legendary | Level 20
‎10-31-2022 07:51 AM

Hmm... 🤔 I don't know what more to say.

Ok, let's take a look how the things happen on lower (API) level, when you need to do everything yourself. Take a look on this thread. Yes, the client object can do everything mentioned there for you, but it needs the same info (the one you would need)! What info is needed for performing refresh, as described in referred thread? 🙂 Take a look back in your code and keep in mind that the same algorithm is 'embedded' there.

Hope this sheds some light.

0 Likes

Greg-DB
Dropbox Staff
‎10-31-2022 08:50 AM

@Ivan_ Здравко is correct; as long as you provide the necessary credentials (refresh token, app key, and app secret if you didn't use PKCE, or just refresh token and app key if you did use PKCE), then the Dropbox .NET SDK client will handle the refresh process for you automatically (that is, it will automatically retrieve and use a new short-lived access token whenever needed). You should store and re-use the refresh token (it doesn't expire automatically), and construct the client as shown in the examples, e.g., here in this example for the non-PKCE scenario. You don't actually need to call RefreshAccessToken yourself.

0 Likes
Need more support?
Who's talking

Top contributors to this post

  • User avatar
    Greg-DB Dropbox Staff
  • User avatar
    Здравко Legendary | Level 20
  • User avatar
    Ivan_ Helpful | Level 6
What do Dropbox user levels mean?