Skip to content

Commit

Permalink
Update the Django example for token rotation
Browse files Browse the repository at this point in the history
  • Loading branch information
@seratch
seratch committed Jul 16, 2021
1 parent cf322cf commit 7920f39
Show file tree
Hide file tree
Showing 6 changed files with 102 additions and 13 deletions.
1 change: 1 addition & 0 deletions examples/django/myslackapp/urls.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
from django.contrib import admin
from django.urls import path

# Set this flag to False if you want to enable oauth_app instead
is_simple_app = True

if is_simple_app:
Expand Down
34 changes: 34 additions & 0 deletions examples/django/oauth_app/migrations/0002_token_rotation.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# Generated by Django 3.2.3 on 2021-07-15 23:44

from django.db import migrations
from django.db import models


class Migration(migrations.Migration):

dependencies = [
("oauth_app", "0001_initial"),
]

operations = [
migrations.AddField(
"SlackBot", "bot_refresh_token", models.TextField(null=True)
),
migrations.AddField(
"SlackBot", "bot_token_expires_at", models.DateTimeField(null=True)
),
migrations.AddField(
"SlackInstallation", "bot_refresh_token", models.TextField(null=True)
),
migrations.AddField(
"SlackInstallation", "bot_token_expires_at", models.DateTimeField(null=True)
),
migrations.AddField(
"SlackInstallation", "user_refresh_token", models.TextField(null=True)
),
migrations.AddField(
"SlackInstallation",
"user_token_expires_at",
models.DateTimeField(null=True),
),
]
6 changes: 6 additions & 0 deletions examples/django/oauth_app/models.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@ class SlackBot(models.Model):
team_id = models.CharField(null=True, max_length=32)
team_name = models.TextField(null=True)
bot_token = models.TextField(null=True)
bot_refresh_token = models.TextField(null=True)
bot_token_expires_at = models.DateTimeField(null=True)
bot_id = models.CharField(null=True, max_length=32)
bot_user_id = models.CharField(null=True, max_length=32)
bot_scopes = models.TextField(null=True)
Expand All @@ -36,11 +38,15 @@ class SlackInstallation(models.Model):
team_id = models.CharField(null=True, max_length=32)
team_name = models.TextField(null=True)
bot_token = models.TextField(null=True)
bot_refresh_token = models.TextField(null=True)
bot_token_expires_at = models.DateTimeField(null=True)
bot_id = models.CharField(null=True, max_length=32)
bot_user_id = models.TextField(null=True)
bot_scopes = models.TextField(null=True)
user_id = models.CharField(null=False, max_length=32)
user_token = models.TextField(null=True)
user_refresh_token = models.TextField(null=True)
user_token_expires_at = models.DateTimeField(null=True)
user_scopes = models.TextField(null=True)
incoming_webhook_url = models.TextField(null=True)
incoming_webhook_channel = models.TextField(null=True)
Expand Down
62 changes: 54 additions & 8 deletions examples/django/oauth_app/slack_datastores.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,13 +33,50 @@ def save(self, installation: Installation):
i = installation.to_dict()
if is_naive(i["installed_at"]):
i["installed_at"] = make_aware(i["installed_at"])
if "bot_token_expires_at" in i and is_naive(i["bot_token_expires_at"]):
i["bot_token_expires_at"] = make_aware(i["bot_token_expires_at"])
if "user_token_expires_at" in i and is_naive(i["user_token_expires_at"]):
i["user_token_expires_at"] = make_aware(i["user_token_expires_at"])
i["client_id"] = self.client_id
SlackInstallation(**i).save()
b = installation.to_bot().to_dict()
row_to_update = (
SlackInstallation.objects.filter(client_id=self.client_id)
.filter(enterprise_id=installation.enterprise_id)
.filter(team_id=installation.team_id)
.filter(installed_at=i["installed_at"])
.first()
)
if row_to_update is not None:
for key, value in i.items():
setattr(row_to_update, key, value)
row_to_update.save()
else:
SlackInstallation(**i).save()

self.save_bot(installation.to_bot())

def save_bot(self, bot: Bot):
b = bot.to_dict()
if is_naive(b["installed_at"]):
b["installed_at"] = make_aware(b["installed_at"])
if "bot_token_expires_at" in b is not None and is_naive(
b["bot_token_expires_at"]
):
b["bot_token_expires_at"] = make_aware(b["bot_token_expires_at"])
b["client_id"] = self.client_id
SlackBot(**b).save()

row_to_update = (
SlackBot.objects.filter(client_id=self.client_id)
.filter(enterprise_id=bot.enterprise_id)
.filter(team_id=bot.team_id)
.filter(installed_at=b["installed_at"])
.first()
)
if row_to_update is not None:
for key, value in b.items():
setattr(row_to_update, key, value)
row_to_update.save()
else:
SlackBot(**b).save()

def find_bot(
self,
Expand All @@ -53,7 +90,8 @@ def find_bot(
if is_enterprise_install:
t_id = None
rows = (
SlackBot.objects.filter(enterprise_id=e_id)
SlackBot.objects.filter(client_id=self.client_id)
.filter(enterprise_id=e_id)
.filter(team_id=t_id)
.order_by(F("installed_at").desc())[:1]
)
Expand All @@ -64,10 +102,12 @@ def find_bot(
enterprise_id=b.enterprise_id,
team_id=b.team_id,
bot_token=b.bot_token,
bot_refresh_token=b.bot_refresh_token,
bot_token_expires_at=b.bot_token_expires_at,
bot_id=b.bot_id,
bot_user_id=b.bot_user_id,
bot_scopes=b.bot_scopes,
installed_at=b.installed_at.timestamp(),
installed_at=b.installed_at,
)
return None

Expand All @@ -85,13 +125,15 @@ def find_installation(
t_id = None
if user_id is None:
rows = (
SlackInstallation.objects.filter(enterprise_id=e_id)
SlackInstallation.objects.filter(client_id=self.client_id)
.filter(enterprise_id=e_id)
.filter(team_id=t_id)
.order_by(F("installed_at").desc())[:1]
)
else:
rows = (
SlackInstallation.objects.filter(enterprise_id=e_id)
SlackInstallation.objects.filter(client_id=self.client_id)
.filter(enterprise_id=e_id)
.filter(team_id=t_id)
.filter(user_id=user_id)
.order_by(F("installed_at").desc())[:1]
Expand All @@ -104,16 +146,20 @@ def find_installation(
enterprise_id=i.enterprise_id,
team_id=i.team_id,
bot_token=i.bot_token,
bot_refresh_token=i.bot_refresh_token,
bot_token_expires_at=i.bot_token_expires_at,
bot_id=i.bot_id,
bot_user_id=i.bot_user_id,
bot_scopes=i.bot_scopes,
user_id=i.user_id,
user_token=i.user_token,
user_refresh_token=i.user_refresh_token,
user_token_expires_at=i.user_token_expires_at,
user_scopes=i.user_scopes,
incoming_webhook_url=i.incoming_webhook_url,
incoming_webhook_channel_id=i.incoming_webhook_channel_id,
incoming_webhook_configuration_url=i.incoming_webhook_configuration_url,
installed_at=i.installed_at.timestamp(),
installed_at=i.installed_at,
)
return None

Expand Down
10 changes: 6 additions & 4 deletions examples/django/oauth_app/slack_listeners.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,14 +22,16 @@

app = App(
signing_secret=signing_secret,
installation_store=DjangoInstallationStore(
client_id=client_id,
logger=logger,
),
oauth_settings=OAuthSettings(
client_id=client_id,
client_secret=client_secret,
scopes=scopes,
# If you want to test token rotation, enabling the following line will make it easy
# token_rotation_expiration_minutes=1000000,
installation_store=DjangoInstallationStore(
client_id=client_id,
logger=logger,
),
state_store=DjangoOAuthStateStore(
expiration_seconds=120,
logger=logger,
Expand Down
2 changes: 1 addition & 1 deletion examples/django/requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
Django>=3.2,<4
slack-bolt>=1.6,<2
slack-bolt>=1.7,<2

0 comments on commit 7920f39

Please sign in to comment.