-
Notifications
You must be signed in to change notification settings - Fork 25
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"expired_access_token" error messages #1185
Comments
Since recent changes to the Dropbox API, we should probably go through OAuth flow to tackle that. Great reading on the topic (flow described) - please get familiar with this: https://developers.dropbox.com/pl-pl/oauth-guide (especially The new package version has been released (
Hopefully, that answers your question. |
I have already tried this. However, I get the error that "code" is not defined. What exactly is the function of the variable "code"? And what does the variable do? Unfortunately the code doesn't work |
Unfortunately, another test still gives the error
|
The Here's a full example of how to go throughout the OAuth process: |
Do I also have to write the example code in my source code or is the hapi server created automatically here? To be honest, I don't quite understand oauth2 |
Unfortunately this method does not work. the variable "code" is still not passed and it seems to me that Dropbox has changed something in general. |
Here is the current error log `
|
I think the problem is somewhere with opn dropbox-v2-api/example/oauth2-flow.js Line 63 in 2f2bde4
If I manually fetch the code from the browser and put it in the "code" variable, it loops through and updates the token. Can you look there again? ... unfortunately I don't really understand the code and can't find the error. I only copied the example code in our code and adjusted the variables with the account data Would it be possible to read out the URL with the code with axios? |
Hey @simatec OAuth flow implies authenticating via your browser. You can't automate it. Once you open the URL ( |
Thanks for the explanation ... iobroker mostly runs on Linux machines that have no GUI and no browser. Is there a way to query the code via request or axios? Currently, the Dropbox documentation still says "no expiration" tokens, but the dropdown can no longer be found in the app console. Our backup plugin works independently in the background. In the end, the tokens would have to be updated in order to be able to use the Dropbox. As a developer myself, I have several apps in Dropbox. If I want to create a new app, I only get "short-live". Unfortunately, this is a very bad situation for all new users at the moment, as this token expires after 4 hours. Maybe you have an idea how to get around that topic. |
I see your point now. As described here:
you can still "refresh" a short-living token (the one that expires every 4h) by using
The problem is your users need to walk through OAuth flow, but only once - to generate |
I think it's a shame that the integration has changed so drastically here. With a good 45,000 users of our plugin, this probably means a huge amount of support if suddenly saving to Dropbox no longer works. I'll try to add authorization to our configuration menu. If you have a link to the server side implementation for me that would be cool. I find it very unfortunate how to use redirect URL to get access code. I don't think this can be solved really well in the GUI. With localhost as the redirect url, you don't get a reasonable output of the code for the user, but it is only displayed very unhappily in the browser's address line. This is certainly a very big hurdle for some users. But thanks in advance for your help. If you still need information about the integration from me, let me know. Here is the link to our project. |
Totally agree. Certainly, they have some strong arguments (probably security considerations) to ditch an old way of creating long-living tokens
Sorry, I don't. I've seen this in action while using CLI (I recall Heroku CLI does it).
Great job on your project. I can see you have UI for it so you could leverage it to implement OAuth flow. Even more details on the OAuth flow from Dropbox: |
I've made quite a bit of progress now and have added authorization to our configuration menu. Now Dropbox has approved an app for productive use. I want to make this app available to the users. However, the authorization should be done via PKCE. Can you please add the PKCE option for getToken and refreshToken. I'm currently doing this with request, but it would be great if you could do it all from your library. Here are examples of how to do this with PKCE: getToken: refreshToken: |
it will be actually good if your examples worked in documentation you say Redirection URI is optional but cant seem to run anything without it . |
you can avoid implementing your own validity check of the access token according to the 4h expiration, by switching to the other official Dropbox JavaScript NPM package https://www.npmjs.com/package/dropbox which handles refreshing itself (you just need set |
We use your Libary in our backup project for iobroker
https://github.com/simatec/ioBroker.backitup
Dropbox currently seems to have changes that only have a token validity of 4 hours for newly created apps.
This is a problem for our plugin because we use the token to upload the backups to Dropbox.
How to work around the "expired_access_token" issue?
The text was updated successfully, but these errors were encountered: