CODEWITHSUNDEEP
javascriptauthenticationoauth-2.0dropbox-api
Romeo
Romeo

Reputation: 788

How do I recieve dropbox authorization code?

I'm stuck trying to get a client-side authorization token from Dropbox, I've followed the instructions here and here, but still not getting authorized. As stated in the links provided above I'm suppose to make a request to an end-point as this: https//www.dropbox.com/oauth2/authorize?response_type=...&client_id=...&redirect_uri=..., which I did, but still not getting redirected back with authorization code (based on the authorization flow chosen) that would then be exchange for a bearer access token using this call. The bearer access token is then supposed to be used for all subsequent call.

What I'm I doing wrong here? Also is the way I can provide a permanent authentication without having to call the authorization URL for very request to the API? I've been stuck for this. help please.

Source code

 if (process.env) {
      const appKey = process.env.REACT_APP_KYUNISTUDIO_APP_KEY;
      const appSecretKey = process.env.REACT_APP_KYUNISTUDIO_SECRET_KEY;

      const authToken = () => {
        const headers = {'Content-Type': 'application/json;charset=utf-8'};

        fetch(`https//www.dropbox.com/oauth2/authorize?response_type=token&client_id=<${appKey}>&redirect_uri=http://localhost:3000`, {
          method: 'GET',
          headers:headers,
        })
        .then(res => res.json)
        .then(data => console.log(data))
        .catch(err => console.log(err))
      }
      authToken();
    }

Upvotes: 2

Views: 2020

Answers (1)

Greg
Greg

Reputation: 16930

The /oauth2/authorize endpoint is a web page that you should direct the end-user to, not an API endpoint to access programmatically, as you're attempting to do here with your fetch call. For example, you can redirect the user there by setting window.location to the /oauth2/authorize URL.

Since you're using the 'token' flow, you'll get the access token back on the URL fragment on the redirect URI. You can read that back using window.location.hash.

Once you have the access token, you can use that for future calls without going through the authorization flow again.

Upvotes: 1

Related Questions