Join Joseph LeBlanc for an in-depth discussion in this video Configuring OAuth requests, part of Up and Running with Cloud Storage APIs.
Authentication for drop box core API requests, is handled through off. This involves obtaining a request token, having the end user visit dropbox.com to authorize your application, then generating an access token. Lets have a look at this step by step. Attempting to do http requests with ohauf by hand is very difficult. To help us out with this, I'm going to use the no dash d box module for no j s. This module will allow us to make http requests with ohauf through methods. Now lets set up the server.
Go to the exercise files, and go to chapter 4. Video 2. Go to the Start folder, and then copy the App folder. And then paste it into the Server folder. Now, let's do some configuration. Open off.json. You'll notice there are place holders here for App key, and App secret. We can get these from the drop box application we created earlier. I'm going to back to dropbox.com and then open up the Developer portal. Go to the Apps console. Once you're at the Apps console, find the application created earlier and then click Options.
Now, copy the app key into off.jason. Then do the same for app secret. Now, let's install the dependencies for this application. Open terminal and change directory to desktop/server. Then type npm install. If you see any warnings during the insulation process, ignore them. Now, lets start the server. Type in node index.js. Before we load this site in the browser, let's have a look at what the application is doing.
I'm opening up app index.J S. On lines one through four, we're requiring no J S modules. On line six and seven, we're pulling in the configuration from off.json, and then we're storing this configuration in config. On line 8 we are taking the configuration and passing it in to dbox.app. On lines 9 and 10 we're setting token and client to false. We'll be getting a token from the dropbox API in a moment. Once we have that token, we'll want to create a client.
On lines 14 through 15, we're defining some middle wear for express. On line 15, we're checking to see where or not a client or token has been set. If either one of these has been set, we proceed with the rest of the application. If neither a client nor a token has been set, we proceed with getting a token. On line 18 we're calling the request token method that's provided by dbox. This method receives a function as a callback. The request token method accepts a callback function as an argument.
The callback function as two arguments, one for the status and one for the request token. This request token is coming back from the dropbox API. Once we have the request token, We store it in the token variable on line 19. This way it will be available for multiple requests. On line 20, we're using the authorized URL property of the request token. On line 21 we're upending a callback URL. When the authorization process is complete the user will be redirected back to this callback URL.
Finally, we're redirecting the user to the oAuthURL. This will take the user to dropbox .com to authorize our application. Once the user has authorized the application, they'll be redirected to the access route. At the access route, we can then generate an access token on line 28. This is another method that's being provided by dbox. We take the request token that we've received before and pass it as the first argument. Then the second argument is a callback function. The callback function accepts status and access token as two arguments.
With the access token, we can create a client. This client can make further requests against the dropbox API. And once we have the client on line 30, were direct the user back to the album. For now on line 35 we're just going to display the message done. Now, let's watch this process in action. I'm going to go to local host at port 3000. Now, I will click Allow. It went by a bit quickly, but we were redirected to the axis route and then the axis route redirected us to album.
Our web application is now authorized to work with the Dropbox API. Using a software development kit makes it easier to work with the Dropbox API, especially when it comes to (UNKNOWN) . After having the end user authenticate your application with Dropbox, you can then make API calls to their account.
- Why use cloud storage?
- Granting access to Amazon S3 buckets
- Displaying bucket contents
- Downloading files immediately
- Creating a Dropbox application
- Finding, downloading, and uploading files