Child Item

How to create refresh token automatically?

Hi All,

I am using the refresh token for my web application and it works fine. However, the process of generating a refresh token offline that the user has to run the java app is not user friendly; the user has to run the app, clicks the output link, and then hits an Allow button; after that the user needs to copy the Authorization Code back to the program and enter is too much work. In addition, the users mostly are not developers so they do not have Java SDK or Maven to run the Java program. Is there anyway that I can provide the App key and the Secret Key and then generate the Refresh Key automatically? The following code is the one that I use to create a refresh key.

DbxAppInfo appInfo;

appInfo = DbxAppInfo.Reader.readFromFile(argAppInfoFile);
DbxAuthFinish authFinish = null;
authFinish = new PkceAuthorize().authorize(appInfo);

DbxCredential credential = new DbxCredential(authFinish.getAccessToken(),
authFinish.getExpiresAt(),
authFinish.getRefreshToken(),
appInfo.getKey(),
appInfo.getSecret());
File output = new File(argAuthFileOutput);
try {
DbxCredential.Writer.writeToFile(credential, output);

}
catch (IOException ex) {
return;
}

Find more posts tagged with

API

Abuse

Comments

Greg-DB

No, it is not possible to fully automate the process of getting a refresh token. The user must authorize the app using the OAuth app authorization flow built into your app in order for the app to receive the resulting access token and optional refresh token. This needs to be done manually by the user at least once per Dropbox account.

If your app needs to maintain long-term access without the user manually re-authorizing it repeatedly, the app should request "offline" access so that it gets a refresh token. The refresh token doesn't expire and can be stored and used repeatedly to get new short-lived access tokens whenever needed, without the user manually reauthorizing the app.

tritnguyen

authFinish = new PkceAuthorize().authorize(appInfo);

Right now I have a separate Java program to generate a refresh token. The function above will show this instruction on the command line.

1. Go to https://www.dropbox.com/oauth2/authorize?token_access_type=offline&response_type=code&code_challenge_method=S256&client_id=
2. Click "Allow" (you might have to log in first).
3. Copy the authorization code.

If I call that function in my Java web app, then what is the result? If I cannot call that line above in my web application, what is the other option for me to try. I understand that the user needs to go thru all the steps, I just want to have it working with my web app.

Greg-DB

Check out the web_file_browser example for a sample of handling the authorization flow directly in a web app. That example doesn't happen to request offline access (to get a refresh token) but you can do so the same way if needed, using withTokenAccessType.