greg-db
commented
1 year ago Unfortunately I don't believe we have an official sample for using DropboxOAuth2Flow, but I'll pass this along as a request for that. I can't promise if or when that might be implemented though.
There wouldn't be a single correct example however, as this is meant for use in web apps and would depend on the web framework you're using (such as Flask in your case), the version of the framework, etc.
You can find the documentation for DropboxOAuth2Flow here for reference. The session parameter is:
A dict-like object that represents the current user’s web session (Will be used to save the CSRF token).
That is, it should be the web session object for the current user from your web framework, so that the Dropbox SDK can store a CSRF token (using whatever key name you supply in the following parameter csrf_token_session_key), in order to protect against CSRF attacks. For example, it looks like Flask has some documentation for its session here. Please note that we can't provide support for Flask itself as that's not made by Dropbox.
Here's a very basic/generic example though:
import dropbox
def get_dropbox_auth_flow(web_app_session):
# this should refer to a page on your web app to handle the result:
redirect_uri = "https://example.com/dropbox-auth-finish"
return dropbox.oauth.DropboxOAuth2Flow(
consumer_key=APP_KEY,
consumer_secret=APP_SECRET,
redirect_uri=redirect_uri,
session=web_app_session,
csrf_token_session_key="dropbox-auth-csrf-token")
# URL handler for /dropbox-auth-start
def dropbox_auth_start(web_app_session, request):
authorize_url = get_dropbox_auth_flow(web_app_session).start()
redirect_to(authorize_url)
# URL handler for /dropbox-auth-finish
def dropbox_auth_finish(web_app_session, request):
try:
oauth_result = \
get_dropbox_auth_flow(web_app_session).finish(
query_params=request.query_params)
# access oauth_result as needed
except dropbox.oauth.BadRequestException as e:
http_status(400)
except dropbox.oauth.BadStateException as e:
# Start the auth flow again:
redirect_to("/dropbox-auth-start")
except dropbox.oauth.CsrfException as e:
http_status(403)
except dropbox.oauth.NotApprovedException as e:
# whatever error handling you want:
return redirect_to("/dropbox-auth-failed")
except dropbox.oauth.ProviderException as e:
log("Auth error: %s" % (e,))
http_status(403)Please note that this is just a simple outline, and is not tested and does not show how to actually interact with the web framework itself.
zainmfjavaid
sugarjohnny
Hey! I'm a total noob when it comes to OAuth and I was wondering if anyone could share a quick code snippet of how to use the DropboxOAuth2Flow class. I'm using v11.36.0 of the python SDK and am trying to build a flask application around it. I noticed all the OAuth examples in the examples folder were about a no-redirect OAuth flow, so I'm a bit stuck
If nothing else, the biggest thing I'm hung up on is that I don't understand the structure of the 'session' argument in DropboxOAuth2Flow and what the key/value pair of that should be. If needed I'll include what I've written so far, but I don't know how useful it'd be.
Thanks!