Dropbox OAuth in Flask
Yesterday I was trying to add a Dropbox related functionality to my home-brew project http://rss-aguzun.rhcloud.com/, which is build using a great and lightweight Python framework Flask, and I had some issues, solution to which will be described in this blog post.
As I have already added Twitter integration using Flask-OAuth extension, I thought it will be relatively easy to do the same for the Dropbox Core API Authentication Method. I was wrong :). You see, after some debugging, I have decided to do a rather unusual thing for me: read very carefully the documentation. And then I have found out that the Drobpox API´s are based on OAuth 1.0 specification, when the Flask-OAuth supports only the 1.0a version. What is the difference? A very substantial one, in my opinion, for a "a" version.
In 1.0a version, the oauth_callback parameter is passed in the first step of the flow, Consumer Obtains a Request Token. The Service Provider will redirect the User back when the Obtaining User Authorization step is completed. On the opposite, in the 1.0 version, the same parameter is passed only in the second step of the flow, Consumer Directs the User to the Service Provider .
So, when I have found out that the Flask-OAuth extension is not going to work with the Dropbox implementation of OAuth, I had decided to implement a simple solution, using the official Dropbox SDK for Python.
In the first place you need to configure, in your application, the Dropbox SDK. Of course you have to install it and import the session module. To avoid the conflict with Flask session module import, give it another name. Then create a new DropboxSession global object, that will be used in our functions.
Next, we need to create a function, that will initiate the authentication process. User will be redirected to the Dropbox.
After successful (or not) authentication, the browser will be redirected to the callback url, that was specified in the previous function. If the user did approved your app, get the access tokens and save them somewhere.
The only thing missing is the link on any page, that the user will click on when he will decide to give your app the permission to use his Dropbox account.
And that's it! Happy dropboxing :)