Closed rSSi closed 5 years ago
daed
commented
5 years ago I got an email about that a day or two ago. I think they were grumpy that I'd hadn't applied for production status yet, for obvious reasons.
I will see what I can do to sort it out.
daed
commented
5 years ago I just applied for production status, so hopefully we'll get this resolved right away. I really don't want to think of us as 'production status'. We're not there yet, but I guess they make you do that after you hit 50 users.
I guess we hit a milestone! :)
rSSi
commented
5 years ago Nice! :) I'm looking forward to testing encryptic
daed
commented
5 years ago Looks like it's never that simple. Here's the response I got back from them. I need to read that over and see what I can do about it tonight.
Your production key request was declined for the following reason:
Your desktop app currently processes the OAuth app authorization flow inside a web view, instead of the system browser. In order to support the Google Sign In flow when signing in to authorize the Dropbox app, your app will need to be updated to use the system browser, in order to comply with Google's policy: https://developers.googleblog.com/2016/08/modernizing-oauth-interactions-in-native-apps.html
Maks-s
commented
5 years ago Maybe we could use https://github.com/openid/AppAuth-JS ?
hyatt-e
commented
5 years ago Any news on this?
daed
commented
5 years ago I started work on it last week but I haven't had time to finish it yet. I'm not entirely sure I understand the solution fully, but I think I can devote some more time to it tonight.
daed
commented
5 years ago I haven't forgotten about this. I finally managed to find an example of someone implementing what they want in another note-taking app called Joplin:
return (
<View style={this.styles().screen}>
<ScreenHeader title={_('Login with Dropbox')}/>
<ScrollView style={this.styles().container}>
<Text style={this.styles().stepText}>{_('To allow Joplin to synchronise with Dropbox, please follow the steps below:')}</Text>
<Text style={this.styles().stepText}>{_('Step 1: Open this URL in your browser to authorise the application:')}</Text>
<View>
<TouchableOpacity onPress={this.shared_.loginUrl_click}>
<Text style={this.styles().urlText}>{this.state.loginUrl}</Text>
</TouchableOpacity>
</View>
<Text style={this.styles().stepText}>{_('Step 2: Enter the code provided by Dropbox:')}</Text>
<TextInput placeholder={_('Enter code here')} placeholderTextColor={theme.colorFaded} selectionColor={theme.textSelectionColor} value={this.state.authCode} onChangeText={this.shared_.authCodeInput_change} style={theme.lineInput}/>
<View style={{height:10}}></View>
<Button disabled={this.state.checkingAuthToken} title={_("Submit")} onPress={this.shared_.submit_click}></Button>
{/* Add this extra padding to make sure the view is scrollable when the keyboard is visible on small screens (iPhone SE) */}
<View style={{ height: 200 }}></View>
</ScrollView>
<DialogBox ref={dialogbox => { this.dialogbox = dialogbox }}/>
</View>
);That at least is a step in the right direction. Of all the other examples I looked at, this was the only one that used the API rather than wanting you to just put the notes directory somewhere in the local dropbox folder itself. Obviously that one would be much simpler to achieve, but probably isn't great for our userbase.
This is release week for me at my day job, so I am not sure how much time I'm going to have, but I'm going to strive to get something moving on this asap.
daed
commented
5 years ago I put this in the PR notes, but I'll repost because it's more likely to get read here:
I had to do some rewriting on the way that we handle dropbox authorization per their requirements. Hopefully the method I've gone to will suffice. We have a kind of strange relationship with Electron, so it's not really straightforward for us to do things the way they want us to, but I think I found a compromise that I think will satisfy them as well as not require an entire overhaul on our part.
This should hopefully solve #63. I'll report back when I heard from Dropbox.
Dropbox development status allows for 200 users to be connected at once, however, once you go over 50 users a countdown starts after which your ability to link new users becomes frozen until you apply for production status. We hit that and so no new users have been able to link to Dropbox for a couple weeks now.
I applied for status shortly after this was brought to my attention, however we were rejected on account of the way that the encryptic electron app handles Dropbox authentication. We opened it up in a web view in the electron window rather than via the default browser, the latter of which is the preferred method for handling oauth2 interactions.
This has resulted in a weird situation to be in because we don't actually use electron (or node even) as anything except a web server that just points a static page and an over-glorified web browser. The only reason we do that instead of simply pointing at the file is because "file://" URLs don't provide a LocalStorage space, which is sort of a hard requirement as we store everything there. I also think that Dropbox doesn't care much for redirect URLs beginning with "file://".
I'm not sure of any way to have done what they wanted other than to bring the Dropbox authorization over into the electron code, which would have broken our app flow. We would have to have diverging code in that case for handling electron Dropbox interactions in the app as opposed to hosted at https://app.encryptic.org (or anywhere else for that matter).
The settings -> sync page now looks like the following:
Opening that url in your browser will take you to the dropbox authorization page. After you put your username/password in and grant permission to encryptic, you will be redirected to a page hosted as part of encryptic that looks as follows:
This requires some manual effort, but on the other hand, it follows the letter of the law on their requirements, so I'm hoping it will be sufficient.
Needless to say, this is going to result in a new release after I'm done with testing.
auth.html needs to be themed. I'll do that unless someone else gets to it first. I don't want it to actually be "part" of encryptic, but looking similar would probably at least make it feel less weird.
daed
commented
5 years ago We got a green light from Dropbox. You should be able to link your accounts to Encryptic again!
I've used Laverna more or less over the past years and I'm pretty happy about a new team working on an improved version. I tried to take a look at the app and got rejected when i tried to add the app to my dropbox:
that's the error I get This app is unable to link additional users because it has been frozen pending review.
So, I'm guessing there is a problem with your dropbox account?