I am developing an app to download all the images from Dropbox. I am using Dropbox Core API and have followed this example: Android Dropbox Core API official documentation
I would like to check if there are an account already opened on the device. In this case I want to get this session, otherwise I will build a new session with the Dropbox Core API. Is it that possible?
Thanks!
As noted in the tutorial you linked to, when using the Android Dropbox Core API, you can and should store and re-use the resulting access token for a user after they first authorize the app. (This is typically done using SharedPreferences.)
On later runs of your app, your app should check wherever it stored the token to see if it has one. If it does, it can try to use that.
If you do have an access token, you can construct an AndroidAuthSession, e.g., using this constructor:
https://www.dropboxstatic.com/static/developers/dropbox-android-sdk-1.6.3-docs/com/dropbox/client2/android/AndroidAuthSession.html#AndroidAuthSession(com.dropbox.client2.session.AppKeyPair,%20java.lang.String)
Related
I'am using the Google Drive Android API. My application is synchronizing files to a google drive folder. This is working properly.
Additionally, I want to share those folders and files with other users. Unfortunately from another device and account in the same app I can only access files/folders which I have picked through the Files/Folder pickers (see https://github.com/googledrive/android-demos/tree/master/app/src/main/java/com/google/android/gms/drive/sample/demo)
My GoogleApiClient is getting the scope: Drive.SCOPE_FILE. So description says:
Per-file access to files created or opened by the app
Since I am using the same app on another device with a different account shouldn't I be able to access those files? Btw with the same account on another device this is working.
Is there any other solution? I've already checked the REST API but I am afraid this would make the whole code much more complex.
For everyone who is interested in a solution:
I found no way to sync shared files with the google android native API. (besides the file picker)
In case you want to do so you have to use the google drive rest API.
A little advantage for this solution. I think the java rest API is anyway much more suited for this kind of work. Code gets in that way much more readable.
You just need to authorized the user. Take note that in every request your application sends to the Drive API must include an authorization token. The token also identifies your application to Google. You must impliment OAuth 2.0 to authorize requests. No other authorization protocols are supported.
All requests to the Drive API must be authorized by an authenticated user.
The details of the authorization process, or "flow," for OAuth 2.0 vary somewhat depending on what kind of application you're writing. The following general process applies to all application types:
When you create your application, you register it using the Google API Console. Google then provides information you'll need later, such as a client ID and a client secret.
Activate the Drive API in the Google API Console. (If the API isn't listed in the API Console, then skip this step.)
When your application needs access to user data, it asks Google for a particular scope of access.
Google displays a consent screen to the user, asking them to authorize your application to request some of their data.
If the user approves, then Google gives your application a short-lived access token.
Your application requests user data, attaching the access token to the request.
If Google determines that your request and the token are valid, it returns the requested data.
Some flows include additional steps, such as using refresh tokens to acquire new access tokens. For detailed information about flows for various types of applications, see Google's OAuth 2.0 documentation.
Scope:
https://www.googleapis.com/auth/drive.file - Per-file access to files created or opened by the app
Full access to all files in the user's Drive (https://www.googleapis.com/auth/drive) may be necessary for some apps. An app designed to sync files, for instance, needs this level of access to Drive. Apps with special needs related to listing or reorganizing files might need full scope.
I am writing an app where one user will write a file through this app and share it with other users using a link. Other users will read the file using same mobile app. I am using 'Drive API for Android' to use the offline writing and incremental updates feature so that readers will be able to download only that part of file which is newly added or updated instead of full file download every time.
But unfortunately the file/folder created by this app by one user is not accessible through the same app on other devices. I am using method Drive.DriveApi.fetchDriveId with the folder id and getting following error message.
"Drive item not found, or you are not authorized to access it."
File/folder is accessible on same device with same id, but not accessible on other device, which indicates that second part of error message is the real reason.
With the current scope (Drive.SCOPE_FILE), I was hoping that file will be accessible as it is created by the same app, but it is not working.
So my question is "does Google Drive store device information also while creating files/folders and doesn't allow the same app on different devices to use it?" If not, it must be my mistake in the implementation, which I can debug further.
I had a similar issue but not with an android app but a JavaScript app (should not matter IMO) and I wanted to access a shared file not a folder. However, I guess my workaround could help you as well.
The first approach is using the full auth scope (see https://developers.google.com/drive/web/scopes)
https://www.googleapis.com/auth/drive
But that is not really desired since you should request as few rights as possible from your users. My work-around was therefore as follows:
I used the Drive UI Integration
Goto https://console.developers.google.com/apis/api/drive/drive_sdk
select the "Drive UI Integration" tab
fill out the form, I have used the following:
"Application Name"
The mandatory "Application icons"
activated "Automatically show OAuth 2.0 consent screen when users open my application from Google Drive" and entered my "CLIENT ID"
used a dummy url for "Open Url" (e.g., http://example.com)
provided a default file extension (this way your app will be suggested afterwards when the user opens a file)
save your changes
Add the following scope to your app
https://www.googleapis.com/auth/drive.install
The users will install your app when approving the requested rights
Request your users to open the shared files with your "dummy" app in the google drive folder, which will grant your app access to the file (as stated here: https://developers.google.com/drive/web/scopes -- https://www.googleapis.com/auth/drive.file = Per-file access to files created or opened by the app) -- notice that the user will see an error message when opening your dummy app. You should probably implement an open url with something saying "thank's for granting access to the file xYZ".
your app is now able to access the shared file.
I know, it is not very user-friendly but it works (at least now, might be that this is not intentional)
If you know a way to automatically open a file with an app by invoking some URL, then please let me know. (yet, that would kind of be a security issue in the Google API, so I guess it is not possible).
Since it is somewhat cumbersome, I will propose the following two options to the user (so she/he can decide on her/his own):
Give the app full access and don't be concerned about this issue at the cost of privacy (I am certainly not evil and would not do anything with the files, but might be that someone can hack my app and get access to the accounts and then... well, then the user would have wished to give my app less rights.)
Give only install rights in addition but with the pain to open every single file which the app needs access to. In my case this is relatively rare so it should not really bother the user.
I hope that helps.
Assuming this as a limitation of Drive API for Android, I am switching to Drive REST API. I found the functionality I was looking for in the Drive REST API i.e. incremental updates to the file and resumable downloads. Just that I need to manage some of the things on my own.
In that way, Drive REST API is complete and it can provide all the functionalities whereas Drive API for Android is constrained with lot of limitations. With no answers to my questions, I am assuming that it is not possible to share files with other users through Google Drive using Drive API for Android.
You can add full permissive drive scope -
https://www.googleapis.com/auth/drive
request scope using -
.requestScopes(new Scope("https://www.googleapis.com/auth/drive"))
instead of
.resuestScopes(Drive.SCOPE_FILE)
I'm working on an android application that allows user to link multiple dropbox accounts (personal, business from one or more accounts).
I'm using Dropbox Core SDK for Android v 1.6.3.
From time to time I'm experiencing the problem when it's not possible to link the second dropbox account if I link the first one through "Use different account" -> chrome login and then try to immediately link the second one through the dropbox app directly (or through web browser again, probably). Dropbox SDK simply never returns auth tokens to my app.
I've made a small investigation on internals of the process and it appears that the problem is current version's of android dropbox application fault.
Basically, I can see that SDK internally generates a random nonce value used to authenticate callbacks from the dropbox app. And this value is somehow gets cached in the dropbox app: when I try to link the second account my app receives valid credentials from the dropbox app but the nonce is not correct - it's the one from the previous link process, so the SDK discards credentials.
I can also see that when I try to link the second account through the "Use different account" the dropbox app fires VIEW intent with wrong nonce value the URL. So seems like this is the dropbox app's fault rather than some system behavior.
The issue is reproducible for me on android 4.4 and 5.0.
Maybe someone from the dropbox team can advise me something? I'm ready to provide additional details if they are required.
I am building an Android App using the Dropbox Core API.Every time the app tries to retrieve the data from Dropbox, he is presented with the Consent Screen.I want this Consent Screen to appear only once during the login.
Please Help!
It sounds like your app is programmed to call startOAuth2Authentication (or the like) every time it tries to retrieve the data from Dropbox. Instead, you should have your app call it once, and then save and re-use the access token that you get back. The tutorial for the Dropbox Android Core SDK says:
You'll need this token again after your app closes, so it's important
to save it for future access (though it's not shown here). If you
don't, the user will have to re-authenticate every time they use your
app. A common way to implement storing keys is through Android's
SharedPreferences API.
Is it possible to build app whit integrated dropbox acc, and use this account for all clients? I want to upload images to dropbox, and all client apps can download it, or upload to this acc from my app?
I have read all dropbox sdk tutorial from there site, but steal not sure if this is possible.
Not really. DropBox uses OAuth for authorization to allow users to login with their own accounts. Even assuming you figured out how to log in on their behalf with your own credentials you would be handing out your credentials to anyone who wants them, allowing someone to change the password on the account, etc.
Alternatively I suppose you could generate tokens and hand those out instead, however you'd have to setup some sort of web service for this, and you'd still have problems with people being able to do stuff to your account that no doubt you don't want them to do. E.g. I could create an app that just instantly deletes everything that anyone uploads, or I could create an app that fills up your quota with files filled with zeroes.
This is not what DropBox intends you to use the API for (and in fact it may be against the ToS, you should probably read to make sure if you're going down this route despite my discouragement). You should use a more appropriate storage method.