Authorization via web based url (DropBox Only)

Availability: SharpBox 1.1

The following example shows how to implement an authorization workflows which is more common in web app scenarios. This example uses the implemented drop box storage provider, so it needs also a valid dropbox configuration. To get the sample up and running an own dropbox account is neccessary. Additionally a valid application key and secret is needed. If you don't have one, use our test-application.
  static void LoginViaAuthURLForWebApps()
            // enter the comsumer key and secret
            String ConsumerKey = YOURKEY;
            String ComsumerSecret = YOURSECRET;

            // 0. load the config
            DropBoxConfiguration config = StorageProvider.DropBox.DropBoxConfiguration.GetStandardConfiguration();

            // 1. get the request token from dropbox
            DropBoxRequestToken requestToken = DropBoxStorageProviderTools.GetDropBoxRequestToken(config, ConsumerKey, ComsumerSecret);

            // 2. build the authorization url based on request token                        
            String url = DropBoxStorageProviderTools.GetDropBoxAuthorizationUrl(config, requestToken);

            // 3. Redirect the user to the website of dropbox
            // ---> DO IT <--
            // ---> if not, you will get an unauthorized exception <--

            // 4. Exchange the request token into access token
            ICloudStorageAccessToken accessToken = DropBoxStorageProviderTools.ExchangeDropBoxRequestTokenIntoAccessToken(config, ConsumerKey, ComsumerSecret, requestToken);

            // 5. Opent the storage with the generated access token            
            CloudStorage storageNew = new CloudStorage();
            storageNew.Open(config, accessToken);

            // 6. Try to do something
            ICloudDirectoryEntry r = storageNew.GetRoot();

Last edited Aug 27, 2011 at 11:34 AM by dei79, version 3


sty21um Apr 10, 2014 at 10:19 PM 

step 2 gives me an error "Object reference not set to an instance of an object." I use .NET 4.0, VS 2010, I have valid KEY and SECRET. Any idea? Please help.


JuniorMayhe Nov 21, 2012 at 12:34 PM 
After struggling with fragmented documentation I found a way to bypass the authorize process every time. Of course that means save obtain the accesstoken string and save it or put it in a global variable for further runs.

ICloudStorageAccessToken accessToken = null;
string accessTokenString = @"a big 64 string which will be generated in accessTokenString variable below, after ExchangeDropBoxRequestTokenIntoAccessToken";

CloudStorage dropBoxStorage = new CloudStorage();
DropBoxConfiguration config = CloudStorage.GetCloudConfigurationEasy(nSupportedCloudConfigurations.DropBox) as DropBoxConfiguration;
if (accessTokenString == null)
const string ConsumerKey = "your consumer/app key";
const string ComsumerSecret = "your consumer/app secret key";

config.AuthorizationCallBack = new Uri("");

DropBoxRequestToken requestToken = DropBoxStorageProviderTools.GetDropBoxRequestToken(config, ConsumerKey, ComsumerSecret);
String authorizationUrl = DropBoxStorageProviderTools.GetDropBoxAuthorizationUrl(config, requestToken);

// put a breakpoint below and visit the authorizationUrl above (manually) in order to approve your app like a Real Human being
accessToken = DropBoxStorageProviderTools.ExchangeDropBoxRequestTokenIntoAccessToken(config, ConsumerKey, ComsumerSecret, requestToken);

//debug until after accessTokenString, copy its value and paste it into the variable in the beginning of this code
//this accessTokenString will avoid the manual authorization process everytime
accessTokenString = dropBoxStorage.SerializeSecurityTokenToBase64Ex(accessToken, typeof(ICloudStorageAccessToken), null);
accessToken = dropBoxStorage.DeserializeSecurityTokenFromBase64(accessTokenString);

var storageToken = dropBoxStorage.Open(config, accessToken);
var publicFolder = dropBoxStorage.GetFolder("/");
foreach (var fof in publicFolder)
// check if we have a directory
Boolean bIsDirectory = fof is ICloudDirectoryEntry;
System.Diagnostics.Trace.WriteLine(string.Format("{0}: {1}", bIsDirectory ? "DIR" : "FIL", fof.Name));

JuniorMayhe Nov 21, 2012 at 11:58 AM 
Horacio, I am facing the same problem (1 year later). This is really annoying. I cannot bypass the step "visit the website". It seems it is not possible to avoid it. It is funny, since twitter allow this one time authorization, but with Sharpbox/Dropbox, you have to authorize the access all the time.

Pilatus Jun 27, 2012 at 2:32 PM 

You can save the requestToken in a Session:
Session["requestToken"] = requestToken;

After this you can once call the requestToken again by doing this:
(DropBoxRequestToken) Session["requestToken"]

I hope this helps.

Rookeward Jun 27, 2012 at 5:42 AM 
Has anyone managed to get this to work on a web application? As with tsides, I'm having the issue were I can't store the requestToken between browser calls so can't keep it for step 4. (I can't seem to store the requestToken in a session variable, or serialise it or even view it in Debug)

Any help would be appreciated. A web application example would be great!

tsides Apr 13, 2012 at 2:39 PM 
So, I've set the AuthorizationCallBackUrl, I've got my RequestToken and I got the DropBoxAuthorizationUrl. I then redirect the user to the DropBoxAuthorizationUrl where the user signs into their drop box account and grants access to the application. DropBox redirects the user back to the web applicaton via the AuthorizationCallBackUrl. The page loads...... I NEED THE PREVIOUSLY CREATED REQUEST TOKEN so that I can exchange it into an access token and thereby save the access token. The Request Token is not Serializable so I can't save it to session, I can't save it to a cookie or to a database. I tried using CloudStorage.SerializeSecurityToken(requestToken), but you have to have an open CloudStorage connection, and to have an open connection you have to have an AccessToken, to get the AccessToken you have to have the original RequestToken...... caught in a bad loop.... don't know what to do.... I must not be understanding something correctly.... Please help!!!

cap7 Jan 28, 2012 at 11:43 AM 
It would be nice a new tutorial of this to the version 1.2 of SharpBox. It works fine until the 4 step, there i get an unauthorized access exception.

alexrus Dec 8, 2011 at 11:02 AM 
You should store access token

tillias Nov 11, 2011 at 12:30 PM 
Please response to previous comment. I'm also interested in answer

horacioj Aug 11, 2011 at 3:40 AM 
I think I'm missing something obvious...
Debugging this sample code, I've run (1) and (2), and then I've manually browsed to the 'url' generated on step (2). In this URL, DropBox, as expected asked if I authorize the app. I've said "yes" and the App is now listed on the tab.
Then I've resumed the execution from the breakpoint set before (4), and (4), (5) and (6) worked fine. All right.
What I do not understand is how I use this already granted access the next time I want to do something. Should I always, every time, do (1) to (5)? It cannot be this way, it makes non sense.
Or given that the App is already listed in the user's DropBox's "Applications" tab, I can work with the user's data (how?) without requiring again his intervention? Should I store and use somehow the generated Tokenkey and Tokensecret? (This would identify the user)?