Java Dropbox HttpServletRequest（java.lang.UnsupportedOperationException：尚不支持。）

Question

in my java SWING app, the user can transfer files to his DropBox space, I have successfully implemented the library and I'm trying to get the user's access token without having to copy and paste it into my app. According to the documentation , I have to use HttpServletRequest to get what I want, but I get an exception, as written in the title.

public class LoginServlet implements HttpServletRequest {

protected void doGet(HttpServletRequest request,
        HttpServletResponse response) throws ServletException, IOException {

    // read form fields
    String token = request.getParameter("data-token");
 
 
    // get response writer
    PrintWriter writer = response.getWriter();

    // build HTML code
    String htmlRespone = "<html>";
    htmlRespone += "<h2>token: " + token + "<br/>";
    htmlRespone += "</html>";

    // return response
    writer.println(htmlRespone);

    response.sendRedirect(Main.redirectUri);
    

}
 @Override
public HttpSession getSession(boolean bln) {      
    throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}

@Override
public HttpSession getSession() {
    throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}

and in Main class

 LoginServlet request = new LoginServlet();
       
        // Fetch the session to verify our CSRF token
        HttpSession session = request.getSession(true);
        String sessionKey = "dropbox-auth-csrf-token";
        DbxSessionStore csrfTokenStore = new DbxStandardSessionStore(session, sessionKey);

        DbxRequestConfig config = new DbxRequestConfig("User"); //Client name can be whatever you like
        DbxAppInfo appInfo = new DbxAppInfo(App key, App secret);
        DbxWebAuth webAuth = new DbxWebAuth(config, appInfo);
        DbxWebAuth.Request authRequest = DbxWebAuth.newRequestBuilder()
                .withRedirectUri(redirectUri, csrfTokenStore)
                .build();

        String url = webAuth.authorize(authRequest);

        Desktop.getDesktop().browse(new URL(url).toURI());

        DbxAuthFinish authFinish;
        try {
            authFinish = webAuth.finishFromRedirect(redirectUri, csrfTokenStore, request.getParameterMap());
        } catch (DbxWebAuth.BadRequestException ex) {
            //log("On /dropbox-auth-finish: Bad request: " + ex.getMessage());
            //response.sendError(400);
            return;
        } catch (DbxWebAuth.BadStateException ex) {
            // Send them back to the start of the auth flow.
            //response.sendRedirect(redirectUri);
            return;
        } catch (DbxWebAuth.CsrfException ex) {
            //log("On /dropbox-auth-finish: CSRF mismatch: " + ex.getMessage());
            //response.sendError(403, "Forbidden.");
            return;
        } catch (DbxWebAuth.NotApprovedException ex) {
            // When Dropbox asked "Do you want to allow this app to access your
            // Dropbox account?", the user clicked "No".

            return;
        } catch (DbxWebAuth.ProviderException ex) {
            //log("On /dropbox-auth-finish: Auth failed: " + ex.getMessage());
            //response.sendError(503, "Error communicating with Dropbox.");
            return;
        } catch (DbxException ex) {
            //log("On /dropbox-auth-finish: Error getting token: " + ex.getMessage());
            //response.sendError(503, "Error communicating with Dropbox.");
            return;
        }
        String accessToken = authFinish.getAccessToken();

        // Save the access token somewhere (probably in your database) so you
        // don't need to send the user through the authorization process again.
        // Now use the access token to make Dropbox API calls.
        DbxClientV2 client = new DbxClientV2(config, accessToken);
        //...

full stack

    java.lang.reflect.InvocationTargetException
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at com.sun.javafx.application.LauncherImpl.launchApplicationWithArgs(LauncherImpl.java:389)
    at com.sun.javafx.application.LauncherImpl.launchApplication(LauncherImpl.java:328)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at sun.launcher.LauncherHelper$FXHelper.main(LauncherHelper.java:873)
Caused by: java.lang.UnsupportedOperationException: Not supported yet.
    at cloud.LoginServlet.getSession(LoginServlet.java:404)
    at cloud_new.Main.main(Main.java:103)

the row at cloud_new.Main.main(Main.java:103) is this HttpSession session = request.getSession(true);

Answer 1

Note

This is not a solution for the main java question relate to some http error.

This is a proposed approach based or inspired in how heroku auth and google container registry auth works.

Also dropbox and other platforms does not offer a kind of special admin api_key to consume the final user resources. Due to that a web login in a real browser is required and this cannot be easily replaced or emulated with web_views or internal browsers in android or ios. Source

Basic idea

Develop a web application which exposes two functionalities: receive the redirect from dropbox authorization platform and a rest endpoint to query if user is authenticated.

Assumptions

• web called my-oauth2-helper.com

Flow

• user starts the desktop application.
• desktop application queries to my-oauth2-helper.com/validate/auth sending user email.
• my-oauth2-helper.com/validate/auth returns a field which indicate that user does not have a valid authentication and other field with the dropbox login url.
• dropbox login url which has the classic oauth2 fields previously configured in dropbox developer console: client_id, redirect_uri , etc.
• desktop application uses this login url to open a browser tab.
• User is prompted with a valid dropbox web login, enter its credentials and accept the consent page.
• Dropbox following the oauth2 protocol, redirects the user to a my-oauth2-helper.com/redirect which is the classic field called redirect_uri
• my-oauth2-helper.com/redirect receive the auth_code and exchange it for a valid access_token for this user and store it in a kind of database. After that could shows a message like: "Now, you can close this page and returns to the desktop application"
• Since user was prompted with dropbox web login, the desktop application started to queries at regular intervals if user has a valid authentication to the endpoint my-oauth2-helper.com/token sending the email as request parameter
• After valid access_token generation , the my-oauth2-helper.com/token endpoint returns a valid access_token for this user.
• This access_token is ready to use in order to consume any dropbox api feature, which user accepted in consent page.