Hi garethlittlewood,
I guess when you send the /authorize request you set the parameter "response_type=token" as a fragment of the request uri, which is "token flow" defined in Dropbox documentation.
After you login and authorize, the IE redirects back to the listener "http://localhost:17776/authed" with "access_token" followed by the symbol "#". Unfortunately, our listener cannot parse this uri, I cannot even catch this "access_token" value in fiddler. We are working on OAuth library, definitely we will support this in future.
Currently, the solution is change to code flow as setting "response_type=code".
for example:
https://www.dropbox.com/1/oauth2/authorize?client_id=xyxpex9uch7elum&response_type=code&redirect_uri=http://localhost:17776/authed
After the IE redirects back to your listener "http://localhost:17776/authed" with the "?code=" fragment, you can easily parse this code and send /token post request to exchange the "access_token".
Here is the test code.
I guess when you send the /authorize request you set the parameter "response_type=token" as a fragment of the request uri, which is "token flow" defined in Dropbox documentation.
After you login and authorize, the IE redirects back to the listener "http://localhost:17776/authed" with "access_token" followed by the symbol "#". Unfortunately, our listener cannot parse this uri, I cannot even catch this "access_token" value in fiddler. We are working on OAuth library, definitely we will support this in future.
Currently, the solution is change to code flow as setting "response_type=code".
for example:
https://www.dropbox.com/1/oauth2/authorize?client_id=xyxpex9uch7elum&response_type=code&redirect_uri=http://localhost:17776/authed
After the IE redirects back to your listener "http://localhost:17776/authed" with the "?code=" fragment, you can easily parse this code and send /token post request to exchange the "access_token".
Here is the test code.
#include "cpprest\http_client.h"
#include "cpprest\http_listener.h"
#include "cpprest\asyncrt_utils.h"
using namespace web::http;
using namespace web::json;
using namespace web::http::client;
using namespace utility;
int _tmain(int argc, _TCHAR* argv [])
{
web::http::experimental::listener::http_listener listener(L"http://localhost:17776/authed");
listener.open().wait();
listener.support([](http_request request){
auto result = request.relative_uri().query();
string_t code;
if (result.find(L"="))
{
code = result.substr(result.find(L"=") + 1, result.size() - 1);
}
http_client client(L"https://www.dropbox.com/1/oauth2/token?client_id={Your Client ID}&client_secret={Your Client Secret, you must include this}&redirect_uri=http://localhost:17776/authed&grant_type=authorization_code&code=" + code);
string_t body = L"grant_type=authorization_code&code=" + code;
http_request msg(methods::POST);
msg.set_body(body);
client.request(msg).then([&](http_response response){
request.reply(200, response.extract_string().get());
}).wait();
});
std::string line;
std::wcout << U("Hit Enter to close the listener.");
std::getline(std::cin, line);
listener.close().wait();
return 0;
}
This "code flow" will increase one more network communication, I hope this can help you.