How to copy files using DropBox REST API in Delphi

22
votes

I do not seem to manage the file copy operating using the dropbox api. I can successfully authorize my client, download and upload files. The copy operation needs POST method to be used and I think this is where I produce wrong request. I am defining the POST Method for OAuth Authentication and use Indy TIdHTTP to Post the request, but I always receive the error code 403 - Permission denied.

Here is the dropbox api description: https://www.dropbox.com/developers/reference/api#fileops-copy

Here is part of my code:

 ParamStr := Format('root=%s&from_path=%s&to_path=%s', [Root, EncodeFileName(FromPath), EncodeFileName(ToPath)]);
 URL := 'https://api.dropbox.com/1/fileops/copy' + '?' + ParamStr;

 Consumer := TOAuthConsumer.Create(Key, Secret);
 AToken := TOAuthToken.Create(fToken, fTokenSecret);
 HMAC := TOAuthSignatureMethod_HMAC_SHA1.Create;
 ARequest := TOAuthRequest.Create('');
 try
  ARequest.HTTPURL := URL;
  ARequest.Method := 'POST';
  ARequest := ARequest.FromConsumerAndToken(Consumer, AToken, '');
  ARequest.Sign_Request(HMAC, Consumer, AToken);


  Params := TStringList.Create;
  try
   Params.Text := ParamStr + '&' + ARequest.GetString;
   HTTP.Post(URL, Params);
  finally
   Params.Free;
  end;
2
delphioauthindydropbox-api
Try to look around how to use Indy with SSL. I bet you are missing the OpenSSL libraries. - TLama
What makes you think the error means anything other than the documented meaning? "403: An invalid copy operation was attempted (e.g. there is already a file at the given destination, or copying a shared folder into a shared folder)." - Rob Kennedy
@Tlama, wouldn't missing SSL libraries also interfere with authorize, upload, and download operations, which are supposedly working? - Rob Kennedy
I definitely have the SSL libraries. As I said it works with all GET and PUT method APIs. - Nostradamus
There is no file or folder with the same name and I have checked the paths to be correct many times. I am only trying to copy a single file. The target folder exists and the source file exists as well. - Nostradamus

2 Answers

1
votes

As far as I know when using with indy the params are copied in the body of the message and not in the url try using something like:

http:Post(URL+encodeparams(params));

I'm not sure that this is the right syntax but that's the idea.

1
votes

I think i might discovered whats wrong here. I am unaware of the TOAuthRequest class but I will guess that the GetString method gives the standart OAuth header 'Authorization Bearer {KEY}'. See that is header and the right way to add it to the http request is

HTTP.Request.CustomHeaders.AddValue('Authorization', <the rest of the string here>)

You on the other hand add that string to the body which may work for Get requests because the body(the authorization string) is mistaken for a header but with the POST method you have actual body before the authorization string and thus the OAuth string is ignored.

And lastly I don't think you need the parameters string in the body as well. An empty body should work just fine. The query string seems OK.

Example code:

  ParamStr := Format('root=%s&from_path=%s&to_path=%s', [Root, EncodeFileName(FromPath), EncodeFileName(ToPath)]);
 URL := 'https://api.dropbox.com/1/fileops/copy' + '?' + ParamStr;

 Consumer := TOAuthConsumer.Create(Key, Secret);
 AToken := TOAuthToken.Create(fToken, fTokenSecret);
 HMAC := TOAuthSignatureMethod_HMAC_SHA1.Create;
 ARequest := TOAuthRequest.Create('');
 try
  ARequest.HTTPURL := URL;
  ARequest.Method := 'POST';
  ARequest := ARequest.FromConsumerAndToken(Consumer, AToken, '');
  ARequest.Sign_Request(HMAC, Consumer, AToken);



  HTTP.Request.CustomHeaders.AddValue('Authorization', <parsed ARequest.GetString>)
  HTTP.Post(URL);

Hope that this helps.