Use short live access token - with SwiftyDropbox

Ditza · ‎08-29-2021

Hi,

I just move my app to use a short live access token.

There are some points I am not sure about

1. If I am using the SwiftyDropbox SDK, It handles the refresh token process. I just need to use this function

authorizeFromControllerV2

instead of this

authorizeFromController

2. Do I need to set the token to a short one in the app console? or does this "authorizeFromControllerV2" get only short tokens?
3. The access token spouse to be of 4 hours, but the "tokenExpirationTimestamp" is set to "1630253071.708452".
In which units is the timestamp?

Greg-DB · ‎08-30-2021

1. Yes, using the authorizeFromControllerV2 method in the SwiftyDropbox SDK will handle this automatically for you. It will make the SDK request, store, and use a refresh token for the client automatically.

2. You are not required to change the "Access token expiration" setting for the app on the app's page on the App Console. That only controls the default token type that gets returned for the app when the app does not specifically request a particular type. When using the authorizeFromControllerV2 method in the SDK, it specifically requests short-lived access tokens and a refresh token, so that setting won't affect it. (It would affect any clients for that app that are still using authorizeFromController.)

3. The tokenExpirationTimestamp value is a Unix timestamp, that is, the number of seconds after epoch, identifying the time when the short-lived access token expires (which would be four hours after it was issued).

View solution in original post

Greg-DB · ‎08-30-2021

1. Yes, using the authorizeFromControllerV2 method in the SwiftyDropbox SDK will handle this automatically for you. It will make the SDK request, store, and use a refresh token for the client automatically.

2. You are not required to change the "Access token expiration" setting for the app on the app's page on the App Console. That only controls the default token type that gets returned for the app when the app does not specifically request a particular type. When using the authorizeFromControllerV2 method in the SDK, it specifically requests short-lived access tokens and a refresh token, so that setting won't affect it. (It would affect any clients for that app that are still using authorizeFromController.)

3. The tokenExpirationTimestamp value is a Unix timestamp, that is, the number of seconds after epoch, identifying the time when the short-lived access token expires (which would be four hours after it was issued).

FrustratedUser3 · ‎02-03-2023

It's not clear from your response if the sdk stores the token in CoreData, memory, or somewhere else. The documentation does not mention the storage location either. Please explain how the token storage works and how the app gains access to the token if the app has been killed, removed, reinstalled, etc. These details should be explained in the documentation.

Greg-DB · ‎02-06-2023

@FrustratedUser3 Thanks for the feedback! As long as you use the provided authorizeFromControllerV2 functionality, the SwiftyDropbox SDK will automatically store and retrieve the access/refresh token using Keychain. Apps can regain access to the authorized client for the stored access/refresh token using the provided authorizedClient.

Use short live access token - with SwiftyDropbox

Use short live access token - with SwiftyDropbox

Top contributors to this post