public class DbxWebAuth extends Object
Eventually yields an access token, which
can be used with DbxClient to make Dropbox API calls. You typically only need
to do this for a user when they first use your application. Once you have an access token
for that user, it remains valid for years.
Setup:
String userLocale = ...DbxRequestConfigrequestConfig = new DbxRequestConfig("text-edit/0.1", userLocale);DbxAppInfoappInfo = DbxAppInfo.Reader.readFromFile("api.app"); // Select a spot in the session for DbxWebAuth to store the CSRF token. javax.servlet.http.HttpServletRequest request = ... javax.servlet.http.HttpSession session = request.getSession(true); String sessionKey = "dropbox-auth-csrf-token"; DbxSessionStore csrfTokenStore = new DbxStandardSessionStore(session, sessionKey); String redirectUri = "http://my-server.com/dropbox-auth-finish" DbxWebAuth auth = new DbxWebAuth(requestConfig, appInfo, redirectUri, csrfTokenStore);
Part 1 (handler for "http://my-server.com/dropbox-auth-start").
javax.servlet.http.HttpServletResponse response = ...
// Start authorization.
String authorizePageUrl = auth.start();
// Redirect the user to the Dropbox website so they can approve our application.
// The Dropbox website will send them back to "http://my-server.com/dropbox-auth-finish"
// when they're done.
response.sendRedirect(authorizePageUrl);
Part 2 (handler for "http://my-server.com/dropbox-auth-finish").
javax.servlet.http.HttpServletResponse response = ...DbxAuthFinishauthFinish; try { authFinish = auth.finish(request.getParameterMap()); } catch (DbxWebAuth.BadRequestException ex) { log("On /dropbox-auth-finish: Bad request: " + ex.getMessage()); response.sendError(400); return; } catch (DbxWebAuth.BadStateException ex) { // Send them back to the start of the auth flow. response.sendRedirect("http://my-server.com/dropbox-auth-start"); return; } catch (DbxWebAuth.CsrfException ex) { log("On /dropbox-auth-finish: CSRF mismatch: " + ex.getMessage()); return; } catch (DbxWebAuth.NotApprovedException ex) { // When Dropbox asked "Do you want to allow this app to access your // Dropbox account?", the user clicked "No". ... return; } catch (DbxWebAuth.ProviderException ex) { log("On /dropbox-auth-finish: Auth failed: " + ex.getMessage()); response.sendError(503, "Error communicating with Dropbox."); return; } catch (DbxException ex) { log("On /dropbox-auth-finish: Error getting token: " + ex.getMessage()); response.sendError(503, "Error communicating with Dropbox."); return; } String accessToken = authResponse.accessToken; // Save the access token somewhere (probably in your database) so you // don't need to send the user through the authorization process again. ... // Now use the access token to make Dropbox API calls.DbxClientclient = new DbxClient(requestConfig, accessToken); ...
| Modifier and Type | Class and Description |
|---|---|
static class |
DbxWebAuth.BadRequestException
Thrown when the parameters passed to your redirect URI are not well-formed.
|
static class |
DbxWebAuth.BadStateException
Thrown if all the parameters to your redirect URI are well-formed, but there's no CSRF token
in the session.
|
static class |
DbxWebAuth.CsrfException
Thrown if the given 'state' parameter doesn't contain the expected CSRF token.
|
static class |
DbxWebAuth.Exception
The base class for authorization redirect errors.
|
static class |
DbxWebAuth.NotApprovedException
Thrown when Dropbox tells us that the user chose not to grant your app access to their
Dropbox account (i.e.
|
static class |
DbxWebAuth.ProviderException
Thrown when Dropbox tells us that some other error occurred in the authorization process.
|
| Constructor and Description |
|---|
DbxWebAuth(DbxRequestConfig requestConfig,
DbxAppInfo appInfo,
String redirectUri,
DbxSessionStore csrfTokenStore) |
| Modifier and Type | Method and Description |
|---|---|
DbxAuthFinish |
finish(Map<String,String[]> queryParams)
Call this after the user has visited the authorizaton URL and Dropbox has redirected them
back to you (using the
redirectUri you passed in to start(java.lang.String). |
String |
start()
Start authorization.
|
String |
start(String urlState)
Start authorization.
|
public DbxWebAuth(DbxRequestConfig requestConfig, DbxAppInfo appInfo, String redirectUri, DbxSessionStore csrfTokenStore)
appInfo - Your application's Dropbox API information (the app key and secret).public String start(String urlState)
If they choose to grant access, they will be shown an "authorization code", which they
need to copy/paste back into your app, at which point you can call finish(java.util.Map<java.lang.String, java.lang.String[]>) to get an
access token.
public String start()
If they choose to grant access, they will be shown an "authorization code", which they
need to copy/paste back into your app, at which point you can call finish(java.util.Map<java.lang.String, java.lang.String[]>) to get an
access token.
public DbxAuthFinish finish(Map<String,String[]> queryParams) throws DbxException, DbxWebAuth.BadRequestException, DbxWebAuth.BadStateException, DbxWebAuth.CsrfException, DbxWebAuth.NotApprovedException, DbxWebAuth.ProviderException
redirectUri you passed in to start(java.lang.String).queryParams - The query parameters on the GET request to your redirectUri.DbxExceptionDbxWebAuth.BadRequestExceptionDbxWebAuth.BadStateExceptionDbxWebAuth.CsrfExceptionDbxWebAuth.NotApprovedExceptionDbxWebAuth.ProviderExceptionCopyright © 2014. All rights reserved.