Struggling with OAuth
Hi. I'm an amateur working on a macro style script usig VB.net to provide access to some basic Box functions within a secondary program. I keep running into the error "BoxException: The API returned an error [BadRequest] invalid_grant - Auth code doesn't exist or is invalid for the client"
I have the app created/configured in Box. I'm using a Webbrowser control to route the user to:
https://account.box.com/api/oauth2/authorize?client_id=[client ID redacted]&redirect_uri=https://[company name redacted].app.box.com/&response_type=code.
This brings up a login dialog box. We use SSO, so the user then clicks the link to sign on via SSO. The user is then prompted for an email address and is linked to a new screen that displays the name of the app and the permissions being requested. User grants access and then from the body of the resulting redirect I parse what I believe to be the correct token after "Box.config.requestToken =".
Passing the request token on as the variable "Oauthcode" I use:
Dim Myconfig = New Box.V2.Config.BoxConfig(clientID, clientsecret, redirUri)
Dim myBoxClient = New Box.V2.BoxClient(Myconfig)
Dim testtoken As Box.V2.Auth.OAuthSession
testtoken = Await myBoxClient.Auth.AuthenticateAsync(Oauthcode)
And the last line errors as described above. I've also tried redefining Oauthcode with a developer token (taken from the app's configuration page), with the same result. Sorry if the solution should be obvious...this is my first venture into dealing with any sort of authentication so any help and learning opportunities are appreciated. Thanks!
-
Update: I've been able to get the Developer Token to work by passing it to the following:
Dim testtoken = New Box.V2.Auth.OAuthSession([Dev Token Redacted], [Dev Token Redacted], 3600, "bearer")
myBoxClient = New Box.V2.BoxClient(Myconfig, testtoken)
I can upload and download files now using Box.V2.Managers.BoxFilesManager with the auth session generated by the Dev token in myBoxClient. I believe I still have to use Await myBoxClient.Auth.AuthenticateAsync(Oauthcode) to get a token from the authorization code in order to graduate on to using the user interface to login rather than a temp code? Should I be looking elsewhere in the redirect URL for the auth code? "Box.config.requestToken =" seems like it should be the right thing...but then again maybe this is the token for the browser session rather than what I need for my app to login?
Please sign in to leave a comment.
Comments
1 comment