asp.net core MVC BoxClient instantiate across requests
First time poster, so please bear with me.
My organisation has recently moved to Box (yay!) and now they're looking to integrate the platform with several of our existing web applications. All of which run on asp.net, and mostly on asp.net core.
I'm building a preliminary demo app using asp.net core MVC and have integrated Box using OAuth2. and I'd like to use the SDKs as much as I can so 2 questions:
1. Is there a Dependancy Injection approach that can be used with Box? I've investigated using Singleton instances once I've exchanged for a AT/RT but the session looks as though it needs to be passed in order to instantiate the BoxClient object.
2. Does the user need to always grant access to Box? When the application session is terminated (I'm using Session to store the Box Session obj as Cookies are useless due to being unavailable in a controller constructor) the user needs to pass through the Box OAuth grant screen each time. Is this always the case?
Thanks!
-
Hi ,
While I'm not a asp.net expert (and our docs are not all that great for the ASP side of .Net), let me see if I can provide some guidance based on what you're asking:
- I haven't seen a specific method for this within the Windows SDK, but the Github repo will probably have the best information on this.
- I'd recommend checking out our JWT flow. The standard OAuth 2 flow will require a user to log in to their Box account, but then that access token you get back can be perpetually refreshed using the refresh token without the user logging in again. The difference in the JWT flow is that you're replacing the act of the user logging in with JWT, which takes your own identity management system and injects it into the auth process. This allows you to build apps that can interact with users behind the scenes without the user needing to log in to their Box account.
- Jon
Please sign in to leave a comment.
Comments
1 comment