Clawdbot Skill Dropbox
by @thekie
Upload, download, and manage files in Dropbox with automatic OAuth token refresh.
clawhub install dropbox-liteπ About This Skill
name: dropbox-lite description: Upload, download, and manage files in Dropbox with automatic OAuth token refresh. homepage: https://www.dropbox.com/developers
Dropbox
Upload, download, list, and search files in Dropbox. Supports automatic token refresh.
Required Credentials
| Variable | Required | Description |
|----------|----------|-------------|
| DROPBOX_APP_KEY | β
Yes | Your Dropbox app key |
| DROPBOX_APP_SECRET | β
Yes | Your Dropbox app secret |
| DROPBOX_REFRESH_TOKEN | β
Yes | OAuth refresh token (long-lived) |
| DROPBOX_ACCESS_TOKEN | Optional | Short-lived access token (auto-refreshed) |
Store in ~/.config/atlas/dropbox.env:
DROPBOX_APP_KEY=your_app_key
DROPBOX_APP_SECRET=your_app_secret
DROPBOX_REFRESH_TOKEN=xxx...
DROPBOX_ACCESS_TOKEN=sl.u.xxx...
Initial Setup (One-Time)
1. Create a Dropbox App
1. Go to https://www.dropbox.com/developers/apps 2. Click "Create app" 3. Choose "Scoped access" 4. Choose "Full Dropbox" (or "App folder" for limited access) 5. Name your app 6. Note the App key and App secret
2. Set Permissions
In the app settings under "Permissions", enable:
files.metadata.readfiles.metadata.writefiles.content.readfiles.content.writeaccount_info.readClick "Submit" to save.
3. Run OAuth Flow
Generate the authorization URL:
import urllib.parseAPP_KEY = "your_app_key"
params = {
"client_id": APP_KEY,
"response_type": "code",
"token_access_type": "offline" # This gets you a refresh token!
}
auth_url = "https://www.dropbox.com/oauth2/authorize?" + urllib.parse.urlencode(params)
print(auth_url)
Give the URL to the user. They will: 1. Open it in a browser 2. Authorize the app 3. Receive an authorization code
4. Exchange Code for Tokens
curl -X POST "https://api.dropboxapi.com/oauth2/token" \
-d "code=AUTHORIZATION_CODE" \
-d "grant_type=authorization_code" \
-d "client_id=APP_KEY" \
-d "client_secret=APP_SECRET"
Response includes:
access_token β Short-lived (~4 hours)refresh_token β Long-lived (never expires unless revoked)Usage
# Account info
dropbox.py accountList folder
dropbox.py ls "/path/to/folder"Search files
dropbox.py search "query"Download file
dropbox.py download "/path/to/file.pdf"Upload file
dropbox.py upload local_file.pdf "/Dropbox/path/remote_file.pdf"
Token Refresh
The script automatically handles token refresh:
1. On 401 Unauthorized, it uses the refresh token to get a new access token
2. Updates dropbox.env with the new access token
3. Retries the original request
Token Lifecycle
| Token | Lifetime | Storage | |-------|----------|---------| | Access Token | ~4 hours | Updated automatically | | Refresh Token | Never expires* | Keep secure, don't share |
*Refresh tokens only expire if explicitly revoked or app access is removed.
Troubleshooting
401 Unauthorized on refresh:
403 Forbidden:
Path errors:
/ and are case-insensitiveAPI Reference
π‘ Examples
# Account info
dropbox.py accountList folder
dropbox.py ls "/path/to/folder"Search files
dropbox.py search "query"Download file
dropbox.py download "/path/to/file.pdf"Upload file
dropbox.py upload local_file.pdf "/Dropbox/path/remote_file.pdf"
π Tips & Best Practices
401 Unauthorized on refresh:
403 Forbidden:
Path errors:
/ and are case-insensitive