Authenticate with a developer token

[danielruss]

Can you authenticate with either box_auth() or box_auth_service() using a developer token?

Our use case is we want to develop a application (that runs on GCP) and writes files in box. Our enterprise wont give us approve an application until we show a proof of concept. We don't have a JSON token file and they suggested we test with a developer token; however, neither box_auth() or box_auth_service() can handle a developer token (or I am using them improperly).

[nathancday]

So those functions are both aimed at using some form of clientID and clientSecret to generate a new token, which then gets stored in your active .Renviron file.

I've never used the developer token with an app before I'm not sure how you would do about that the Box docs don't lay out a clear path. Can you test if it would work by manually crafting a httr::GET() request, something like this:

req <- httr::RETRY(
      "GET",
      "https://api.box.com/2.0/folders/0",
      #get_token(),
     httr::config(token = "paste-your-token-here")
    ) 
resp <- httr::content(req)
resp

[danielruss]

That does not work. But this does:

req = httr::GET("https://api.box.com/2.0/folders/0", httr::add_headers(Authorization = paste0("Bearer ",dev_token)))
resp <- httr::content(req)
resp

and this does

dev_token <- "<MY DEV TOKEN>"
cred <- list(access_token=dev_token,token_type="bearer")
token <- httr::oauth2.0_token(box_endpoint,app = box_app,credentials = cred)
options(boxr.token = token)
box_ls()

[danielruss]

actually. Maybe no code change is needed:

from a fresh R session after I delete the cached key:

box_ls() ### <-Error in checkAuth() 
box_auth(credentials = list(access_token=dev_token,token_type="bearer"))
box_ls()  ## works (note: I set my client ID/secret in .Renviron

[danielruss]

see PR #239