Problem with oAuth2 flow in v5.4.0
LosDanieloss opened this issue · 5 comments
I'm trying to update dependency from v5.3.0 to v5.4.0. But I'm getting runtime exception.
Namely
java.lang.IllegalStateException: Extra Query Param should only be used in short live token flow.
at com.dropbox.core.android.internal.QueryParamsUtil.createExtraQueryParams$dropbox_sdk_java(QueryParamsUtil.kt:16)
at com.dropbox.core.android.AuthActivity.onTopResumedActivityChanged(AuthActivity.kt:122)
at android.app.Activity.performTopResumedActivityChanged(Activity.java:1973)
at android.app.ActivityThread.reportTopResumedActivityChanged(ActivityThread.java:4633)
at android.app.ActivityThread.handleTopResumedActivityChanged(ActivityThread.java:4617)
at android.app.servertransaction.TopResumedActivityChangeItem.execute(TopResumedActivityChangeItem.java:39)
at android.app.servertransaction.TransactionExecutor.executeCallbacks(TransactionExecutor.java:135)
at android.app.servertransaction.TransactionExecutor.execute(TransactionExecutor.java:95)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:2066)
at android.os.Handler.dispatchMessage(Handler.java:106)
at android.os.Looper.loop(Looper.java:223)
at android.app.ActivityThread.main(ActivityThread.java:7656)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:592)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:947)
after starting auth proces with Auth.startOAuth2Authentication(applicationContext, BuildConfig.DROPBOX_APP_KEY)
Did a bit of digging and found that it's because tokenAccessType is passed as null to QueryParamsUtil. After following callstack I found that my startOAuth2Authentication() call ends up calling same function but with null as tokenAccessType (line 227 in Auth.kt file) so it sounds like a valid use case that seems to got broken during kotlin migration if you compare AuthActivity.onTopResumedActivityChanged between v5.3.0 with v5.4.0.
The big questions here are:
- is it valid bug?
- am I doing something wrong? How it should be done then?
Thanks for reporting. It looks like 5.4.0 was mistakenly released early 😨 . We are wrapping up the final changes today (and hopefully they will all be finished today).
I was super surprised when you said that it was released, but have confirmed: https://repo1.maven.org/maven2/com/dropbox/core/dropbox-core-sdk/5.4.0/
I'll try to look and see how 5.4.0 got published (not seeing how based on the merges https://github.com/dropbox/dropbox-sdk-java/commits/main). I'll investigate how that got in there, and also look into this issue.
Stay on 5.3.0 for the time being, and I'll take a look at this. Thanks for letting us know!
Looks like it happened in a branch we have to bump the version: 7a3cda5. We were queuing up a PR so we could merge it when ready.
👀 into it. Sorry! Please use 5.3.0 until it's updated. I have updated a ReadMe.md to call this out to others.
Thanks for reporting it!
5.4.1 (re-publish of 5.3.0) is now on Maven Central: https://repo1.maven.org/maven2/com/dropbox/core/dropbox-core-sdk/5.4.1/
Please use it until we've finished our work with 5.4.x.
Thank you for the bug report, we'll ensure it gets in during the version getting released later this week. Additionally we'll be updating our publishing scripts to avoid this in the future.
Thank you! I'm able to reproduce.
Our sample app was only testing the PKCE flow, so this flow had not been tested after our Kotlin conversion.
We're trying to wrap up things for a 5.4.2 release which will have this fix. I'll update this ticket when the bug is fixed.
Thanks again for reporting this because:
- We were unaware it had been released (fixed our github action to prevent that in future) #458
- Our sample app didn't have a path for the OAuth method you called out. (will be fixed with this ticket)
Fixed with this PR #462