Does Xamarin.Auth work with Dropbox OAuth2?

I have Xamarin.Auth working with Google drive on Android/iOS/UWP, and I want to add support into my app for Dropbox. I've run into an issue with the redirect_uri. For Google Drive, the google webpage creates a redirect like "com.googleusercontent.apps...". The deep link allows my app to wake up when the redirect occurs.

[note: the links below are goofy because the forums don't allow me to use addresses that look like links]

Dropbox allows you to specify a Redirect URI of either "https and then ://something.here" or a loopback like "http followed by ://127.0.0.1/authorize". I can also enter "anything: with //anything_else" into the website. But I can't enter a deep link address, like "com.something/oauth2redirect". If I use https followeb by ://something.here, the redirect attempts to load a webpage, which of course doesn't exist. If I use a deep link, dropbox API complains that it's not valid and must start with https. If I use a loopback address, my app doesn't wake up automatically, though I'm not sure how it would.

Does anybody have some advice on how to make Dropbox work with Xamarin.Auth, is this possible?

If that is not possible, does anybody have advice on how to support dropbox? Should I use the loopback and create something that listens to loopback? Is that even a viable on mobile? Or do I have to create a unique solution for iOS and Android?

Thanks - Paul

Best Answer

  • PaulELongPaulELong ✭✭
    Accepted Answer

    I found the issue. Here's a explanation I posted in another forum. Not allowed to post links yet, so I'll just copy and paste as it might help somebody else.

    I found the solution, but to answer your question first, the text is output from a sniffer trace showing the HTTP Get request.

    And you are right, in that the second response_type and client_id are a duplication. It confused me and at first I thought it was the HTTP body. One thing I didn't understand is that GetAuthorizeUri returns the URL plus the params. Xamarin.Auth requires just the URL, so I can just send "https:// www.dropbox.com/oauth2/authorize", and I won't call GetAuthorizeUri at all, since OAuth2Authenticator takes care of building the request.

    The reason there were two response_types where one was code type rather than token type was because I supplied the AccessTokenURL to OAuth2Authenticator, which is not needed in the case of token flow, as I understand. Since I started with a dropbox API example for .NET and then plugged in each into the OAuth2Authenticator call, I mistakenly sent an AccessTokenUrl. I found out from looking at the Xamarin code, if AccessTokenUrl==NULL will assume the implict flow (token flow). Interestingly, and as a note to help others, I tried setting the AccessTokenUrl to null, which caused an exception. Instead I found this version worked and now I'm authenticating.

    authenticator = new Xamarin.Auth.OAuth2Authenticator(
    clientId: ApiKey,
    scope: "",
    authorizeUrl: new Uri("https: //www.dropbox.com/oauth2/authorize"),
    redirectUrl: new Uri(RedirectUri),
    isUsingNativeUI: false) ;
    Hope this information helps somebody else trying to get Xamarin.Auth working with Dropbox.

Answers

  • JarvanJarvan Member, Xamarin Team Xamurai
    edited November 7

    Dropbox got a new fancy API (v2) which has an .NET SDK that supports PCL profiles and Mono alike, making Dropbox compatible with Xamarin Droid / iOS / Forms.

    • Add Dropbox to your Xamarin project
      Install the package Dropbox.Api (version 3.5.0 a.t.m) in your XF and platform projects

    • Authenticate users against Dropbox
      Create an app in the Dropbox Developer Console and copy the exact values from your app page

    • Get the logged in user’s dropbox token
      Save the token in app settings to use it for future requests

    For more details, check the Tutorial;
    https://medium.com/crossplatform/xamarin-forms-dropbox-integration-e51d9ae0b350

  • PaulELongPaulELong Member ✭✭

    Thanks, that seems like a good option. However, it would be less cost/overhead for me if I could use xamarin.auth. Based on my thread with dropbox, it states I should try the token flow. When I inspect the HTTP header and payload I see a discrepancy.

    GET /oauth2/authorize?response_type=token&client_id=ommited&redirect_uri=com.paulyshotel.testcloud%3A%2F%2Foauth2rediect%2F&state=c4045458ac394ad78752fad786151f5e?client_id=b2w6zorouokifto&redirect_uri=com.paulyshotel.testcloud%3A%2F%2Foauth2rediect&scope=&response_type=code

    The response_type is different in the header compared to the payload. Do I need to call Xamarin.Auth.OAuth2Authenticator in some special way, or use another method to make the payload show the correct response_type?

  • PaulELongPaulELong Member ✭✭
    Accepted Answer

    I found the issue. Here's a explanation I posted in another forum. Not allowed to post links yet, so I'll just copy and paste as it might help somebody else.

    I found the solution, but to answer your question first, the text is output from a sniffer trace showing the HTTP Get request.

    And you are right, in that the second response_type and client_id are a duplication. It confused me and at first I thought it was the HTTP body. One thing I didn't understand is that GetAuthorizeUri returns the URL plus the params. Xamarin.Auth requires just the URL, so I can just send "https:// www.dropbox.com/oauth2/authorize", and I won't call GetAuthorizeUri at all, since OAuth2Authenticator takes care of building the request.

    The reason there were two response_types where one was code type rather than token type was because I supplied the AccessTokenURL to OAuth2Authenticator, which is not needed in the case of token flow, as I understand. Since I started with a dropbox API example for .NET and then plugged in each into the OAuth2Authenticator call, I mistakenly sent an AccessTokenUrl. I found out from looking at the Xamarin code, if AccessTokenUrl==NULL will assume the implict flow (token flow). Interestingly, and as a note to help others, I tried setting the AccessTokenUrl to null, which caused an exception. Instead I found this version worked and now I'm authenticating.

    authenticator = new Xamarin.Auth.OAuth2Authenticator(
    clientId: ApiKey,
    scope: "",
    authorizeUrl: new Uri("https: //www.dropbox.com/oauth2/authorize"),
    redirectUrl: new Uri(RedirectUri),
    isUsingNativeUI: false) ;
    Hope this information helps somebody else trying to get Xamarin.Auth working with Dropbox.

  • LuuperLuuper Member
    edited November 25

    Hi @PaulELong,

    the last days I tried to get authentication working for Dropbox with Xamarin.Auth. Until now without success. :/ I was glad to read that you were able to authenticate. At the moment I am stucking at the point after pushing the allow button in browser tab to relaunch my app. I think the reason is the incorrect intent filter, which is necessary that Android system starts correct activity with the redirect URL.
    Can you provide some additional information, how you configured the redirect URL in Dropbox App Console and how you configured the intent filter of the activity, which should be launched after authentication?

    This is my current configuration:
    Redirect URL: something://de.name.appname/redirect
    Intent filter:
    [Activity(Label = "CustomUrlSchemeInterceptorActivity", NoHistory = true, LaunchMode = LaunchMode.SingleTop)]
    [IntentFilter(
    new[] { Intent.ActionView },
    DataSchemes = new[] { "something" },
    DataHost = "de.name.appname",
    DataPaths = new[] { "/redirect" },
    Categories = new[] { Intent.CategoryDefault, Intent.CategoryBrowsable })]

    With this configuration it does not work and the activity isn't called!

    Thanks in advance!

  • PaulELongPaulELong Member ✭✭

    On dropbox I've registered "com.paulyshotel.mymixes:/oauth2redirect" and my intent filter is:

    [IntentFilter(
        new[] { Intent.ActionView },
        Categories = new[] { Intent.CategoryDefault, Intent.CategoryBrowsable },
        DataSchemes = new[] { "com.googleusercontent.apps.xxxxx",
                                "com.paulyshotel.mymixes" },
        DataPath = "/oauth2redirect")]
    

    Maybe all the extra slashes are affecting how it tells the first part from the URL path? -Paul

Sign In or Register to comment.