KoboCloud
KoboCloud copied to clipboard
fsantini
Dropbox app tokens expire
The OAuth tokens that are supposed not to expire do expire. See https://dropbox.tech/developers/migrating-app-permissions-and-access-tokens
I need to implement a fix that stores a refresh token instead.
I investigated the issue.
Basically, now we need 3 steps:
- Request a PKCE code
https://www.dropbox.com/oauth2/authorize?client_id=5oyw72cfwcp352f&response_type=code&code_challenge_method=plain&code_challenge=0000000000000000000000000000000000000000000&redirect_uri=https://louisabraham.github.io/KoboCloud&token_access_type=offline - Use that code to get a refresh token
curl https://api.dropbox.com/oauth2/token \
-d code=<code> \
-d grant_type=authorization_code \
-d code_verifier=0000000000000000000000000000000000000000000 \
-d redirect_uri=https://louisabraham.github.io/KoboCloud \
-d client_id=5oyw72cfwcp352f
- Get an access token with the refresh_token
curl https://api.dropbox.com/oauth2/token \
-d grant_type=refresh_token \
-d refresh_token=<refresh_token> \
-d client_id=5oyw72cfwcp352f
The goal is to store the refresh token in the kobocloudrc file and execute the 3rd step before any sync.
However, the problem is that the 2nd step cannot be done in the browser because of CORS reasons.
We could ask the users to get the refresh token from the command line, what do you think?
I just deleted my old kobocloud install from my Kobo Aura One (after backuping my library of course) and installed the new version to get access to the private DropBox option, but I got the same 400 error as in #135.
So I decided to try the steps above, but I never got to the curl stage because the first link gives a 400 too. The (same) error is:
Invalid redirect_uri: "https://louisabraham.github.io/KoboCloud": It must exactly match one of the redirect URIs you've pre-configured for your app (including the path).
Running the command on https://louisabraham.github.io/KoboCloud/ also gives an error that maybe indicates that the KoboCloud DropBox app has expired? I don't know :)
Now the first step worked and redirected to https://louisabraham.github.io/KoboCloud/?code=my_code_here.
I copied the generated curl command and ran it, but got {"error": "invalid_grant", "error_description": "redirect_uri mismatch"} back.
Hmm I see that @grewgirl was successful in #135 (at least with this part) so it may be that I missed something.
I think I know why I got that error. When I checked my connected apps it said your app had lost its access since the folder had been deleted. But I never had that folder. (Edit: this was not so. When it started working, see my next comment, a new folder with the ugly name Kobo Cloud Sync (1) was created, probably since my own folder was in the way. Oh well :) )
Now I deleted your app, created the folder and tried again, but now I only get {"error": "invalid_grant", "error_description": "redirect_uri mismatch"}. I got that error when retrying before deleting the app too, so I don't think it's connected with the now existing folder.
I'll try some more.
Yay, I followed the link on https://github.com/louisabraham/KoboCloud#dropbox-private-folder and now it worked!
Edit: and syncing works! (I installed the release from your fork.)
Thanks for the work on the code and for helping me out here!