SOLVED How to set up cloud sync with box.com?

DA-Heath

Cadet
Joined
Feb 4, 2014
Messages
4
I'd like to use cloud sync on 11.2 U1 to sync data to box.com.

In my Box.com account, I created an application, and an application can either use "Standard OAuth 2.0" or "OAuth 2.0 with JWT". With "Standard" OAuth you get a Client ID and a Client Secret; and with the JWT mode you also need an RSA keypair.

But in the FreeNAS Cloud Credentials UI for Box, it only prompts for one "Access Token" which doesn't match up at all with what Box seems to need.

Is FreeNAS' box.com implementation out-of-date? If not, which authentication method should I select (in the Box dev console) and how do I format the various IDs/keys into the one "Access Token" field in FreeNAS?
 

DA-Heath

Cadet
Joined
Feb 4, 2014
Messages
4
Here's what I've found out so far. FreeNAS uses rclone for its cloud sync functionality. The rclone docs have a lot more info about how it's set up.

rclone's box implementation uses "Standard OAuth 2.0". To get the appropriate authentication string you have to run rclone on a desktop computer ("rclone authorize box") at a command line prompt where it can open a URL to box.com in a browser, then in that browser you log in to your box.com account and click the button to allow rclone to access your account, then the browser redirects to a local port on which rclone is listening and feeds it the authentication tokens, which then get printed out in the terminal.

What gets printed looks like this:
Code:
{"access_token":"xxxredactedxxx","token_type":"bearer","refresh_token":"xxxredactedxxx","expiry":"2019-02-07T19:41:21.529139-06:00"}

You paste that whole string including the curly brackets into FreeNAS' "Access Token" field. But notice the expiry: the token only lasts an hour.

So it'll work until that token expires. But there's a refresh_token too. So if the access_token expires rclone will know to use the refresh token to get a new access_token, and then it re-writes its config file to contain the updated tokens.

But here's the problem: the refresh_token is good for one use only. You'll get a new one after you use it to refresh, which rclone writes back into the config file. But FreeNAS' implementation creates an rclone config file on the fly each time a scheduled sync starts, and then throws it away after. So it does not capture any changes to the access token due to a refresh.

So it seems that box.com support is fundamentally broken until this problem is fixed.
 
Last edited:

DA-Heath

Cadet
Joined
Feb 4, 2014
Messages
4
FWIW, I was able to get it working by not using the GUI.

Create an rclone config file in persistent storage that looks like this:
Code:
[remote]
token = {"access_token":"REDACTED","token_type":"bearer","refresh_token":"REDACTED","expiry":"2019-02-08T13:03:21.922289159-06:00"}
type = box
folder = sync_test

(Create the token using "rclone authorize box" on a PC)

Then create a cron job using the GUI that runs this command at the interval you want:
Code:
rclone --config /mnt/pool0/scripts/box-rclone.config sync /mnt/pool0/MyDataSet/sync_test remote:sync_test
 

ChrisRBX

Cadet
Joined
Oct 31, 2019
Messages
7
Hi , I've hit on the same issue, just wondering if this has been addressed such that we can actually use the Cloud sync via the GUI?
 
Top