save and use auth data in box android API

Question

I am creating an box android app that allows user to upload media files on their account. I have set up my client id and client secret,it is authenticating my app too. Uploading part is also done,but the problem i am facing is to save the auth data [which is obviously needed so user is not needed to login again and again]

Load, save and use of authentication data in Box Android API the solution given above is not working [may b they have removed 'Utils.parseJSONStringIntoObject' method]

i can store the access token and refresh token but whats the point of saving when i cant use them to re authenticate a user

    switch (requestCode) 
    {
        case AUTHENTICATE_REQUEST:
            if (resultCode == Activity.RESULT_CANCELED) 
            {
                String failMessage = data.getStringExtra(OAuthActivity.ERROR_MESSAGE);
                Toast.makeText(this, "Auth fail:" + failMessage, Toast.LENGTH_LONG).show();
            //    finish();
            }
            else 
            {
                BoxAndroidOAuthData oauth = data.getParcelableExtra(OAuthActivity.BOX_CLIENT_OAUTH);
                BoxAndroidClient client = new BoxAndroidClient(BoxSDKSampleApplication.CLIENT_ID, BoxSDKSampleApplication.CLIENT_SECRET, null, null);
                client.authenticate(oauth);
                String ACCESS_TOKEN=oauth.getAccessToken();
                String REFRESH_TOKEN=oauth.getRefreshToken();
                Editor editor = prefs.edit();
                editor.putString("ACCESS_TOKEN", ACCESS_TOKEN);
                editor.putString("REFRESH_TOKEN", REFRESH_TOKEN);
                editor.commit(); 


                BoxSDKSampleApplication app = (BoxSDKSampleApplication) getApplication();
                client.addOAuthRefreshListener(new OAuthRefreshListener() 
                {
                    @Override
                    public void onRefresh(IAuthData newAuthData) 
                    {
                        Log.d("OAuth", "oauth refreshed, new oauth access token is:" + newAuthData.getAccessToken());
                        //---------------------------------
                        BoxOAuthToken oauthObj=null;
                        try 
                        {
                             oauthObj=getClient().getAuthData(); 
                        }
                        catch (AuthFatalFailureException e) 
                {
                e.printStackTrace();
                }
                        //saving refreshed oauth object in client
                        BoxAndroidOAuthData newAuthDataObj=new BoxAndroidOAuthData(oauthObj);
                        getClient().authenticate(newAuthDataObj);

                    }

                });
                app.setClient(client);
            }

i have referred https://github.com/box/box-android-sdk-v2/tree/master/BoxSDKSample example

can any one tell me what i am doing wrong or any alternative to authenticate user using authdata,access token,refresh token?

UPDATE

refreshing token as they have said 'Our sdk auto refreshes OAuth access token when it expires. You will want to listen to the refresh events and update your stored token after refreshing.'

mClient.addOAuthRefreshListener(new OAuthRefreshListener() 
                {
                    @Override
                    public void onRefresh(IAuthData newAuthData) 
                    {


                        Log.d("OAuth", "oauth refreshed, new oauth access token is:" + newAuthData.getAccessToken());
                        try 
                        {

                             oauthObj=mClient.getAuthData();
                             mClient.authenticate(newAuthData);

                             String authToken=null;
                                //Storing oauth object in json string format
                             try 
                             {
                                 authToken = new BoxJSONParser(new AndroidBoxResourceHub()).convertBoxObjectToJSONString(newAuthData);
                                 prefs.edit().putString("BOX_TOKEN", authToken).commit();
                                 //saving authToken in shared Preferences
                                 mClient.authenticate(newAuthData);
                                String ACCESS_TOKEN=newAuthData.getAccessToken();
                                String REFRESH_TOKEN=newAuthData.getRefreshToken();

                                Log.v("New Access token ", oauthObj.getAccessToken());
                                Log.v("New Refresh token ", oauthObj.getRefreshToken());

                                editor.putString("ACCESS_TOKEN", ACCESS_TOKEN);
                                editor.putString("REFRESH_TOKEN", REFRESH_TOKEN);
                                prefs.edit().putString("BOX_TOKEN", authToken).commit();
                                editor.commit();

                             }
                             catch (BoxJSONException e1) 
                             {
                                    e1.printStackTrace();
                             }
                            Log.v("Token Refreshed", " ");
                        }
                        catch (AuthFatalFailureException e) 
                        {
                            e.printStackTrace();
                        }
                    }
                });
                app.setClient(mClient);
            }

            onClientAuthenticated();

In main activity,fetching stored token

                try 
            {
 stored_oauth_token=prefs.getString("BOX_TOKEN", null);
                authData = new BoxJSONParser(new AndroidBoxResourceHub()).parseIntoBoxObject(stored_oauth_token, BoxAndroidOAuthData.class);
            }
            catch (BoxJSONException e) 
            {
                e.printStackTrace();
            }
                mClient = new BoxAndroidClient(BoxSDKSampleApplication.CLIENT_ID, BoxSDKSampleApplication.CLIENT_SECRET, null, null);
                mClient.authenticate(authData);
                BoxSDKSampleApplication app = (BoxSDKSampleApplication) getApplication();
                app.setClient(mClient);

i tried this app to upload a file after existing ,it did work but after 60-70 odd minutes i couldn't upload file.
is there anything wrong in my code ?

Answer 1

This is how I initialize my Box client:

mClient = new BoxClient(BOX_CLIENT_ID, BOX_CLIENT_SECRET, null, null);
mClient.addOAuthRefreshListener(new OAuthRefreshListener() {
  @Override
  public void onRefresh(IAuthData newAuthData) {
    try {
      String authToken = new BoxJSONParser(new AndroidBoxResourceHub()).convertBoxObjectToJSONString(newAuthData);
      SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(context);
      prefs.edit().putString("box_token", authToken).commit();
    } catch (BoxJSONException e) { }
  }
});

mAuthToken = prefs.getString("box_token", null);
if (mAuthToken != null) {
  BoxAndroidOAuthData authData = new BoxJSONParser(
    new AndroidBoxResourceHub()
  ).parseIntoBoxObject(mAuthToken, BoxAndroidOAuthData.class);
  mClient.authenticate(authData);
}

if (!mClient.isAuthenticated()) {
  Intent intent = OAuthActivity.createOAuthActivityIntent(context, BOX_CLIENT_ID, BOX_CLIENT_SECRET, false, "https://yoururl.com/");
  ((Activity) context).startActivityForResult(intent, BOX_AUTH_REQUEST_CODE);
}

Answer 2

So for the auth refresh there are a couple of things to be considered:

1. box client automatically refreshes OAuth tokens, you'll want to attach a OAuthRefreshListener to listen to the refresh, if you want to persist, persist the oauth data passed into the refresh listener. The listener only update your persisted oauth data, you don't need to re-authenticate in the refresh listener, sdk does the re-authenticate automatically.

2. When you first initiate box client, you need to authenticate either by persisted auth, or the OAuth UI. The logic should be:

   check client.isAuthenticated();

   2.1 If authenticated, do nothing.

   2.2 if not authenticated, try to check whether there's persisted auth data. If so, authenticate by client.authenticate(oauthdata);

   2.3 if 2.2 failed, start OAuth UI flow.

   2.4 at last, in case of OAuthFatalFailureException, start OAuth UI flow.