A mini app intended to illustrate incorporating Box.com into a Flutter app -- using the Oauth2 REST API from Box.com.

You will want to create an account and an app at developer.box.com. The app should be a "custom app" intended for individuals and potentially affording any/all possible scopes.

To employ in Flutter, we relied on a custom url sceheme that did not have http or https at the front. Instead, our redirect URL looks like hrp01://redirect.

This is how we implement the Oauth2 Authorization Code flow. We also employ a "custom URL scheme" to support our redirect URI.

For more, visit: https://pub.dev/packages/flutter_web_auth

This is how we store access and refresh tokens locally and securelly.

for more, visit: https://pub.dev/packages/flutter_secure_storage

See the publspec.yaml file for other less crucial dependencies.

We use a git-ignored secrets.dart in lib/auth/secrets.dart to store the API client ID and secret ID. Anyone employing this will want to create their own lib/auth/secrets.dart.

This way of keeping needed API keys secret was based off a post found on Medium.com: https://medium.com/podiihq/keeping-secret-keys-out-of-version-control-in-flutter-bcd2b1eb9c1b

Any ideas on how to improve this? I am all ears.