node.js - Dropbox api V2, get access token in query param instead of url hash (#) (Nodejs) -


i'm using official dropbox api (v2) on nodejs app. sounds dumb question can't find out how given access token callback url. actually, supposed in the hash (#) part of url (according documentation , javascript client-side exemple), not visible server side...

i can't find exemple authentication nodejs app, using basic api.

here authentication code:

my express app:

//entry point, dc dropboxconnector object app.get('/connect/dropbox', function(req, res) {    console.log('/connect/dropbox called');    res.redirect(dc.getconnexionurl()); });  // callback authentication app.get('/authdropbox', function(req, res) {    console.log("/authdropbox called");     console.log(url.format(req.protocol + '://' + req.get('host') + req.originalurl));    // above log is: 'http://localhost:8080/authdropbox'    // here problem, access token unreachable express    dc.gettoken(req.query.code, res);    connectorlist.push(dc); }); 

dropboxconnector.js, dropbox api wrapper:

var redirect_uri = 'http://localhost:8080/authdropbox';  //the authentication url given dropbox api getconnexionurl() {     dbx = new dropbox({ clientid: client_id});     var authurl = dbx.getauthenticationurl(redirect_uri);     console.log("authurl: " + authurl);     return authurl; }  // @param code supposed access token... gettoken(code, res) {     if (!!code) {         dbx = new dropbox({ accesstoken: code });         console.log("authenticated!");         res.redirect(callback_url);     } else {         console.log("no code here");     } } 

thanks !

that's correct, contents of fragment a.k.a. hash not visible server, client (browser). oauth 2 "token" flow sends access token on fragment, , meant client-side apps, e.g., javascript in browser. oauth 2 "code" flow instead sends authorization code url parameter, server-side apps.

if you're interested, can find more information on 2 different flows in dropbox /oauth2/authorize documentation.

the dropbox api v2 javascript sdk unfortunately supports "token" flow, we're tracking feature request support "code" flow.


Comments

Popular posts from this blog

android - InAppBilling registering BroadcastReceiver in AndroidManifest -

python Tkinter Capturing keyboard events save as one single string -

sql server - Why does Linq-to-SQL add unnecessary COUNT()? -