Dropbox Core API and OAuth 2 "the hard way"

Posted by Steve Marx on August 16, 2013

Most developers use the Dropbox Core API through one of many existing SDKs, including third-party libraries supported by the community. But there's often something to be learned by peeling back a layer of abstraction and looking at what's underneath. In the case of the Core API, what's underneath is a simple web API built on HTTP, OAuth 2.0, and JSON.

Last month, I published a blog post about how to use OAuth 2.0 with the Core API. In that post, I used curl to show you the raw HTTP requests involved in authorizing an app and then making calls to the API. I've recently published a project on GitHub called "OAuth 2 the Hard Way," which goes a step further and shows full working examples of web apps in a variety of languages. Each example demonstrates the following functionality:

  1. Running a web server.
  2. Redirecting the user to authenticate with Dropbox.
  3. Acquiring an access token to make API calls on behalf of the user.
  4. Making a simple API call to get the user's account info.

I used friendly web frameworks (like Sinatra and Flask) where possible but avoided the use of any OAuth or Dropbox libraries. My goal was to keep each example as simple as possible while still showing exactly how the interaction with the Dropbox API works.

Take a look

So far, code examples are available for nine platforms: C#, Go, Java, browser JavaScript, Node.js, PHP, Perl, Python, and Ruby. Please check out the repository on GitHub and let me know what you think!

Please do use existing SDKs

As a final note, I do advise that you use the best available library for your chosen platform, rather than implementing your own. Hopefully, this project will give you a better understanding of how that library works and how to debug any issues that arise.