RStudio Server, httr, and OAuth - found a "gotcha"

Hi all,

This is a follow-on to @nathan's excellent post, "Generating OAuth tokens from a server".

tl;dr: If you copy a token from a local machine to a remote machine, make sure that both machines are using the same version of httr

This is my use case: I want to use RStudio Server on a cloud computer, whereI want to use one of my OAuth tokens. The web-service that I am using (box.com, using Brendan Rocks' boxr package) does not let me do out-of-band authentication.

Instead (as both Nathan and Brendan suggest) I generate an OAuth token locally, using the usual "dance", then use the Upload button on (the remote) RStudio Server to upload my newly-generated token, and authorize on the remote machine as usual.

This solution has worked well for quite a while, until it didn't. Recently, sometimes it worked, sometimes it did not. I had no idea why.

The past week or so, I have been working with my colleague @berrye to get her set up on a virtual machine - and we ran into this problem with her tokens. Every day, we would spend about an hour alternating between staring at the wall and trying the same token copying technique, without success. Finally, we forked the boxr and httr repositories, putting in print statements, until we discovered that there was a difference between the local hash and remote hash of the token object. We think httr uses this hash to organize different tokens in a single list wihtin the .httr-oauth object.

What we think was happening was that we were using an older version of httr on the local machine, and it was naming the newly-generated token using a hash. When we tried to use the copied token to the remote machine, it was looking for a token with a different hash, so it was as if we had never uploaded the token.

Solution: use the same version of httr on both local and remote machines.

Of course, keeping versions current and consistent is good practice; this is yet another motivating example.

Anyhow, this has been frustrating for to close to three weeks (until today!), so writing this up here is a form of therapy. Hopefully it can be useful to others.

If you wrote this up as a Q&A, this would be an excellent post for StackOverflow (though I'm not complaining about it being here!). I think a wider audience could appreciate it.

@nick: Thanks - I will poke around Stack Overflow to find the "right" way to post it.

@ijlyttle I can confirm the behavior on Box. Thanks for pinpointing it to the differences in httr versions. I have made a note of it at the bottom of this page: https://support.rstudio.com/hc/en-us/articles/217952868.