How do I create INITIAL OAuth2 tokens?
Answered
Hi!
So, I've tried to find this and haven't come across anything specific that has been able to help me. It may be out there, so if it is, please forgive me for posting this question again.
I'm trying to use BoxSDK for Python for OAuth2 identification.
I've come across 2 URLs to obtain initial authentication tokens:
a) box-token-generator.herokuapp.com
b) https://app.box.com/api/oauth2/authorize?response_type=code&client_id= CLIENT_ID --- this goes to the URL in a)
At box-token-generator.herokuapp.com, there is a warning "Warning! Only use this tool with test client credentials/test Box accounts"
So, I can't use that URL.
Any tokens that do come from this seem to expire very quickly and regardless of whether the tokens are used within that short time, it doesn't look like either the refresh or access token get replenished because I end up getting that the refresh token has become invalid (hence the warning)
There was enough documentation to be able to write something using Python and the Box SDK to re-authenticate and store the new tokens, but I can't figure out how to get the INITIAL tokens.
Please help! Thanks!
-
Hi rollo100,
This guide should help you go through the OAuth 2 process with Python: https://developer.box.com/docs/authenticate-with-oauth-2
That should allow you to get the original access token. If you see under step 3 in the Python example that access_token is one of the set variables. That may be extracted if you need it.
I'd recommend using the Python SDK directly, as opposed to making the direct API calls yourself, as it'll be easier to update the SDK if changes are made rather than your underlying direct API code.
Let me know if you have any other questions,
Jon
-
Hi,
When i tried to run the Step 1 code in python, it gave me an error -
No module named 'config_oauth'
I also tried to install config_oauth but it says 'could not find a version which satisfies the requirement config_oauth'.
I am relatively new to python and box api so have very limited knowledge on where i am doing wrong.
Thanks!
-
Hi , you'll need to create the config file yourself, as outlined here: https://developer.box.com/docs/authenticate-with-oauth-2#section-step-1-add-config-and-dependencies
-
No, you can either use a config file (as shown in the docs) or simply embed those three variables directly in your code and remove the line for:
import config_oauth
What the Python code would look like with that removed would be something like:
from boxsdk import Client from boxsdk import OAuth2 # Auth config client_id = 'YOUR CLIENT ID' client_secret='YOUR CLIENT SECRET' redirect_uri = 'http://127.0.0.1:5000/return' # Create new OAuth client & csrf token oauth = OAuth2( client_id=client_id, client_secret=client_secret ) csrf_token = '' global csrf_token auth_url, csrf_token = oauth.get_authorization_url(redirect_uri) return redirect(auth_url)
-
I have create file called renewToken.py and write following code to it
from boxsdk import Client
from boxsdk import OAuth2def renewToken():
# Auth config
client_id = 'YOUR CLIENT ID'
client_secret='YOUR CLIENT SECRET'
redirect_uri = 'http://127.0.0.1:5000/return'# Create new OAuth client & csrf token
oauth = OAuth2(
client_id=client_id,
client_secret=client_secret
)
csrf_token = ''global csrf_token
auth_url, csrf_token = oauth.get_authorization_url(redirect_uri)return redirect(auth_url)
My question is how do i use following code:
# Fetch access token and make authenticated request
.route('/return')
def capture():
# Capture auth code and csrf token via state
code = request.args.get('code')
state = request.args.get('state')# If csrf token matches, fetch tokens
assert state == csrf_token
access_token, refresh_token = oauth.authenticate(code)# PERFORM API ACTIONS WITH ACCESS TOKEN
Please sign in to leave a comment.
Comments
10 comments