Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Working with the Box.com SDK for Python

I am trying to get started with the Box.com SDK and I have a few questions.

from boxsdk import OAuth2

oauth = OAuth2(
    client_id='YOUR_CLIENT_ID',
    client_secret='YOUR_CLIENT_SECRET',
    store_tokens=your_store_tokens_callback_method,
)

auth_url, csrf_token = oauth.get_authorization_url('http://YOUR_REDIRECT_URL')

def store_tokens(access_token, refresh_token):
    # store the tokens at secure storage (e.g. Keychain)

1)What is the redirect URL and how do I use it? Do I need to have a server running to use this?

2)What sort of code to I need in the store_tokens method?

like image 610
Steve-O Avatar asked Apr 12 '15 22:04

Steve-O


2 Answers

  1. The redirect URL is only required if you're runng a Web application that needs to respond to user's requests to authenticate. If you're programtically authenticating, you can simply set this as http://localhost. In a scenario where you require the user to manually authenticate, the redirect URL should invoke some function in your web app to store and process the authentication code returned. Do you need a server running? Well, if you want to do something with the authentication code returned, the URL you specify should be under your control and invoke code to do something useful.

  2. Here's an example of what the store_tokens function should look like. It should accept two parameters, access_token and refresh_token. In the example below, the function will commit these to a local store for use when the API needs to re-authenticate:

From here:

"""An example of Box authentication with external store"""

import keyring
from boxsdk import OAuth2
from boxsdk import Client

CLIENT_ID = 'specify your Box client_id here'
CLIENT_SECRET = 'specify your Box client_secret here'


def read_tokens():
    """Reads authorisation tokens from keyring"""
    # Use keyring to read the tokens
    auth_token = keyring.get_password('Box_Auth', '[email protected]')
    refresh_token = keyring.get_password('Box_Refresh', '[email protected]')
    return auth_token, refresh_token


def store_tokens(access_token, refresh_token):
    """Callback function when Box SDK refreshes tokens"""
    # Use keyring to store the tokens
    keyring.set_password('Box_Auth', '[email protected]', access_token)
    keyring.set_password('Box_Refresh', '[email protected]', refresh_token)


def main():
    """Authentication against Box Example"""

    # Retrieve tokens from secure store
    access_token, refresh_token = read_tokens()

    # Set up authorisation using the tokens we've retrieved
    oauth = OAuth2(
    client_id=CLIENT_ID,
    client_secret=CLIENT_SECRET,
    access_token=access_token,
    refresh_token=refresh_token,
    store_tokens=store_tokens,
    )

    # Create the SDK client
    client = Client(oauth)
    # Get current user details and display
    current_user = client.user(user_id='me').get()
    print('Box User:', current_user.name)

if __name__ == '__main__':
    main()
like image 170
mroshaw Avatar answered Oct 03 '22 23:10

mroshaw


I suggest taking a look at the OAuth 2 tutorial. It will help give a better understanding of how OAuth works and what the various parameters are used for.

  1. The redirect URL is set in your Box application's settings:

    screenshot of Box application settings

    This is the URL where Box will send an auth code that can be used to obtain an access token. For example, if your redirect URL is set to https://myhost.com, then your server will receive a request with a URL that looks something like https://myhost.com?code=123456abcdef.

    Note that your redirect URI doesn't need to be a real server. For example, apps that use a WebView will sometimes enter a fake redirect URL and then extract the auth code directly from the URL in the WebView.

  2. The store_tokens callback is optional, but it can be used to save the access and refresh tokens in case your application needs to shutdown. It will be invoked every time the access token and refresh token changes, giving you an opportunity to save them somewhere (to disk, a DB, etc.).

    You can then pass in these tokens to your OAuth2 constructor at a later time so that your users don't need to login again.

like image 41
Greg Avatar answered Oct 03 '22 22:10

Greg