Skip to content

Commit

Permalink
Fix #960 The bot refresh token is overriden with the user refresh tok…
Browse files Browse the repository at this point in the history 
…en in OAuthV2DefaultSuccessHandler.java (#961)
  • Loading branch information
@seratch
seratch authored Apr 6, 2022
1 parent 8c03217 commit d4d8156
Showing 1 changed file with 6 additions and 4 deletions.
10 changes: 6 additions & 4 deletions ...a/com/slack/api/bolt/service/builtin/oauth/default_impl/OAuthV2DefaultSuccessHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,11 +75,13 @@ public Response handle(OAuthCallbackRequest request, Response response, OAuthV2A
if (o.getAuthedUser() != null) {
// we can assume authed_user should exist but just in case
i = i.installerUserId(o.getAuthedUser().getId())
// These properties can exist only when a user token is requested
.installerUserAccessToken(o.getAuthedUser().getAccessToken())
.botRefreshToken(o.getAuthedUser().getRefreshToken())
.botTokenExpiresAt(o.getAuthedUser().getExpiresIn() == null ?
null : System.currentTimeMillis() + (o.getAuthedUser().getExpiresIn() * 1000))
.installerUserScope(o.getAuthedUser().getScope());
.installerUserScope(o.getAuthedUser().getScope())
// These token-rotation-related properties can be absent
.installerUserRefreshToken(o.getAuthedUser().getRefreshToken())
.installerUserTokenExpiresAt(o.getAuthedUser().getExpiresIn() == null ?
null : System.currentTimeMillis() + (o.getAuthedUser().getExpiresIn() * 1000));
}

if (o.getBotUserId() != null) {
Expand Down

0 comments on commit d4d8156

Please sign in to comment.