0

I have a rails app running on heroku from where I need to create Box.com! folder on an item creation callback using gem for the Box Content API!

The Standard OAuth 2.0 (User Authentication) of box api providing token which last an hour. I need the token alive for all the time so that the app can create box folder anytime from the app.

Recently, implemented box webhook feature as well.

I have tried couple of ways below but nothing help:

  1. Token refresh callback as suggested the boxr gem!
    token_refresh_callback = lambda {|access, refresh, identifier|
      Setting.box_access_token     = access
      Setting.box_refresh_token    = refresh
    }

    @client = Boxr::Client.new(
        Setting.box_access_token,
        refresh_token: Setting.box_refresh_token,
        client_id:     Setting.box_client_id,
        client_secret: Setting.box_client_secret, &token_refresh_callback
    )
  1. Called a method before initialisation to update token
unless (Time.now.to_i >= Setting.box_token_expires_in.to_i - 300)
      token                        = Boxr::refresh_tokens(Setting.box_refresh_token, client_id: Setting.box_client_id, client_secret: Setting.box_client_secret)
      Setting.box_access_token     = token.access_token
      Setting.box_refresh_token    = token.refresh_token
      Setting.box_token_expires_in = Time.now.to_i + token.expires_in.to_i
    end
  1. Used scheduler which basically call a method to perform what did in previous step.

Step 2 were working before but sometimes have got refresh token expired exception. suddenly it does not work, require to manually reset token in every hour. Not sure but it might started after implementing box webhook feature.

Would be happy to have suggestion/solution to keep the token alive...

morshed
  • 21
  • 1
  • 6
  • 2
    In general the refresh token should remain valid until it's used. The fact that you get these expiration notices might mean that it has already been used. What I've seen in the past especially is that a token is used in parallel processes, where one process updates the access token and the other remains using the old token. I'm not sure if this might be going on here, it really depends on how and when you are refreshing the token. If you were doing this within a Rails controller, this might well be the case. – Cristiano Betta May 13 '19 at 10:29
  • @CristianoBetta Thank you for your comment. Not sure but might be the case what you mean in here which i figure out yesterday after implementing scheduler to keep the token alive. Removing that and using delayed job, hope it will fix then. let's see what happen. – morshed May 17 '19 at 19:13

0 Answers0