Update the Django example for token rotation

seratch · seratch · commit 7920f3923a39 · 2021-07-16T10:04:34.000+09:00
diff --git a/examples/django/myslackapp/urls.py b/examples/django/myslackapp/urls.py
@@ -16,6 +16,7 @@
 from django.contrib import admin
 from django.urls import path
 
+# Set this flag to False if you want to enable oauth_app instead
 is_simple_app = True
 
 if is_simple_app:
diff --git a/examples/django/oauth_app/migrations/0002_token_rotation.py b/examples/django/oauth_app/migrations/0002_token_rotation.py
@@ -0,0 +1,34 @@
+# Generated by Django 3.2.3 on 2021-07-15 23:44
+
+from django.db import migrations
+from django.db import models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("oauth_app", "0001_initial"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            "SlackBot", "bot_refresh_token", models.TextField(null=True)
+        ),
+        migrations.AddField(
+            "SlackBot", "bot_token_expires_at", models.DateTimeField(null=True)
+        ),
+        migrations.AddField(
+            "SlackInstallation", "bot_refresh_token", models.TextField(null=True)
+        ),
+        migrations.AddField(
+            "SlackInstallation", "bot_token_expires_at", models.DateTimeField(null=True)
+        ),
+        migrations.AddField(
+            "SlackInstallation", "user_refresh_token", models.TextField(null=True)
+        ),
+        migrations.AddField(
+            "SlackInstallation",
+            "user_token_expires_at",
+            models.DateTimeField(null=True),
+        ),
+    ]
diff --git a/examples/django/oauth_app/models.py b/examples/django/oauth_app/models.py
@@ -13,6 +13,8 @@ class SlackBot(models.Model):
     team_id = models.CharField(null=True, max_length=32)
     team_name = models.TextField(null=True)
     bot_token = models.TextField(null=True)
+    bot_refresh_token = models.TextField(null=True)
+    bot_token_expires_at = models.DateTimeField(null=True)
     bot_id = models.CharField(null=True, max_length=32)
     bot_user_id = models.CharField(null=True, max_length=32)
     bot_scopes = models.TextField(null=True)
@@ -36,11 +38,15 @@ class SlackInstallation(models.Model):
     team_id = models.CharField(null=True, max_length=32)
     team_name = models.TextField(null=True)
     bot_token = models.TextField(null=True)
+    bot_refresh_token = models.TextField(null=True)
+    bot_token_expires_at = models.DateTimeField(null=True)
     bot_id = models.CharField(null=True, max_length=32)
     bot_user_id = models.TextField(null=True)
     bot_scopes = models.TextField(null=True)
     user_id = models.CharField(null=False, max_length=32)
     user_token = models.TextField(null=True)
+    user_refresh_token = models.TextField(null=True)
+    user_token_expires_at = models.DateTimeField(null=True)
     user_scopes = models.TextField(null=True)
     incoming_webhook_url = models.TextField(null=True)
     incoming_webhook_channel = models.TextField(null=True)
diff --git a/examples/django/oauth_app/slack_datastores.py b/examples/django/oauth_app/slack_datastores.py
@@ -33,13 +33,50 @@ def save(self, installation: Installation):
         i = installation.to_dict()
         if is_naive(i["installed_at"]):
             i["installed_at"] = make_aware(i["installed_at"])
+        if "bot_token_expires_at" in i and is_naive(i["bot_token_expires_at"]):
+            i["bot_token_expires_at"] = make_aware(i["bot_token_expires_at"])
+        if "user_token_expires_at" in i and is_naive(i["user_token_expires_at"]):
+            i["user_token_expires_at"] = make_aware(i["user_token_expires_at"])
         i["client_id"] = self.client_id
-        SlackInstallation(**i).save()
-        b = installation.to_bot().to_dict()
+        row_to_update = (
+            SlackInstallation.objects.filter(client_id=self.client_id)
+            .filter(enterprise_id=installation.enterprise_id)
+            .filter(team_id=installation.team_id)
+            .filter(installed_at=i["installed_at"])
+            .first()
+        )
+        if row_to_update is not None:
+            for key, value in i.items():
+                setattr(row_to_update, key, value)
+            row_to_update.save()
+        else:
+            SlackInstallation(**i).save()
+
+        self.save_bot(installation.to_bot())
+
+    def save_bot(self, bot: Bot):
+        b = bot.to_dict()
         if is_naive(b["installed_at"]):
             b["installed_at"] = make_aware(b["installed_at"])
+        if "bot_token_expires_at" in b is not None and is_naive(
+            b["bot_token_expires_at"]
+        ):
+            b["bot_token_expires_at"] = make_aware(b["bot_token_expires_at"])
         b["client_id"] = self.client_id
-        SlackBot(**b).save()
+
+        row_to_update = (
+            SlackBot.objects.filter(client_id=self.client_id)
+            .filter(enterprise_id=bot.enterprise_id)
+            .filter(team_id=bot.team_id)
+            .filter(installed_at=b["installed_at"])
+            .first()
+        )
+        if row_to_update is not None:
+            for key, value in b.items():
+                setattr(row_to_update, key, value)
+            row_to_update.save()
+        else:
+            SlackBot(**b).save()
 
     def find_bot(
         self,
@@ -53,7 +90,8 @@ def find_bot(
         if is_enterprise_install:
             t_id = None
         rows = (
-            SlackBot.objects.filter(enterprise_id=e_id)
+            SlackBot.objects.filter(client_id=self.client_id)
+            .filter(enterprise_id=e_id)
             .filter(team_id=t_id)
             .order_by(F("installed_at").desc())[:1]
         )
@@ -64,10 +102,12 @@ def find_bot(
                 enterprise_id=b.enterprise_id,
                 team_id=b.team_id,
                 bot_token=b.bot_token,
+                bot_refresh_token=b.bot_refresh_token,
+                bot_token_expires_at=b.bot_token_expires_at,
                 bot_id=b.bot_id,
                 bot_user_id=b.bot_user_id,
                 bot_scopes=b.bot_scopes,
-                installed_at=b.installed_at.timestamp(),
+                installed_at=b.installed_at,
             )
         return None
 
@@ -85,13 +125,15 @@ def find_installation(
             t_id = None
         if user_id is None:
             rows = (
-                SlackInstallation.objects.filter(enterprise_id=e_id)
+                SlackInstallation.objects.filter(client_id=self.client_id)
+                .filter(enterprise_id=e_id)
                 .filter(team_id=t_id)
                 .order_by(F("installed_at").desc())[:1]
             )
         else:
             rows = (
-                SlackInstallation.objects.filter(enterprise_id=e_id)
+                SlackInstallation.objects.filter(client_id=self.client_id)
+                .filter(enterprise_id=e_id)
                 .filter(team_id=t_id)
                 .filter(user_id=user_id)
                 .order_by(F("installed_at").desc())[:1]
@@ -104,16 +146,20 @@ def find_installation(
                 enterprise_id=i.enterprise_id,
                 team_id=i.team_id,
                 bot_token=i.bot_token,
+                bot_refresh_token=i.bot_refresh_token,
+                bot_token_expires_at=i.bot_token_expires_at,
                 bot_id=i.bot_id,
                 bot_user_id=i.bot_user_id,
                 bot_scopes=i.bot_scopes,
                 user_id=i.user_id,
                 user_token=i.user_token,
+                user_refresh_token=i.user_refresh_token,
+                user_token_expires_at=i.user_token_expires_at,
                 user_scopes=i.user_scopes,
                 incoming_webhook_url=i.incoming_webhook_url,
                 incoming_webhook_channel_id=i.incoming_webhook_channel_id,
                 incoming_webhook_configuration_url=i.incoming_webhook_configuration_url,
-                installed_at=i.installed_at.timestamp(),
+                installed_at=i.installed_at,
             )
         return None
 
diff --git a/examples/django/oauth_app/slack_listeners.py b/examples/django/oauth_app/slack_listeners.py
@@ -22,14 +22,16 @@
 
 app = App(
     signing_secret=signing_secret,
-    installation_store=DjangoInstallationStore(
-        client_id=client_id,
-        logger=logger,
-    ),
     oauth_settings=OAuthSettings(
         client_id=client_id,
         client_secret=client_secret,
         scopes=scopes,
+        # If you want to test token rotation, enabling the following line will make it easy
+        # token_rotation_expiration_minutes=1000000,
+        installation_store=DjangoInstallationStore(
+            client_id=client_id,
+            logger=logger,
+        ),
         state_store=DjangoOAuthStateStore(
             expiration_seconds=120,
             logger=logger,
diff --git a/examples/django/requirements.txt b/examples/django/requirements.txt
@@ -1,2 +1,2 @@
 Django>=3.2,<4
-slack-bolt>=1.6,<2
+slack-bolt>=1.7,<2

Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,2 @@`
`1`	`1`	`Django>=3.2,<4`
`2`		`-slack-bolt>=1.6,<2`
	`2`	`+slack-bolt>=1.7,<2`