Child Item

Java SDK issues with short lived token

Hi there, I need some help to migrate to the short lived token.

Normally I check if I have the token, then call or execute the other doprobx APIs (e.g. file upload):

Auth.startOAuth2Authentication(getActivity(), db_k);

While now I call:

Auth.startOAuth2PKCE(context, db_k, DbxRequestConfig.newBuilder("app")
        .withHttpRequestor(new OkHttp3Requestor(OkHttp3Requestor.defaultOkHttpClient()))
        .build(), Collections.singleton("files.content.write"));

Which gives me a token, that then I store, and re-use the following time and also for the actual operation:

DropboxClientFactory.init(accessToken);
PicassoClient.init(context, DropboxClientFactory.getClient());
DbxClientV2 mDbxClient = DropboxClientFactory.getClient();

mDbxClient.files().uploadBuilder("/"+recordingToExport.getName()+"_Features.csv")
            .withMode(WriteMode.OVERWRITE)
            .uploadAndFinish(inputStream);

How does this code change when using short lived access tokens?

Your documentation on github doesn't seem to use any of this, but obviously at the next call I get an error because the token expired.

Please help

Find more posts tagged with

API

Abuse

Comments

Greg-DB

The startOAuth2PKCE method will automatically use short-lived access tokens and refresh tokens for you. You can find an example of using that method here.

When using that, you should save the "credential" (which contains both the access token and refresh token) instead of just the access token. You can see an example of handling that here.

vewert

Hi, I am also looking to migrate to short-lived token. Thank-you for posting the usage examples.

One question I have is, if I update my code, using startOAuth2PKCE method, will that affect my Access Token Expiration setting in appConsole (currently set to No Expiration) for other apps accessing Dropbox? Basically I just want to make sure that if I start testing with startOAuth2PKCE method, that it won't affect my current apps and users in production, as, in addition to an Android app, I have an iOS app and a Java Desktop app as well (which I plan to migrate later).

Greg-DB

@vewert No, just using the startOAuth2PKCE method will not change the "Access token expiration" setting in the App Console for any of your apps.

vewert

Thanks for your quick response, so using startOAuth2PKCE method with give a Short Term Token, even if my app console is set to No Expiration?

Greg-DB

@vewert Yes, that's correct. The the "Access token expiration" setting in the App Console is essentially a setting that controls the default behavior when token_access_type is not specifically set by the app during the authorization flow. The startOAuth2PKCE does set that though, so it will still return a short-lived access token/refresh token.

vewert

Ah, that clarifies things. Thank-you for your help, it is very appreciated.