Add token rotation feature support #1059
Description
To support a new feature that enables apps to rotate OAuth tokens using a refresh token, we can enhance the OAuth flow by:
- Add grant_type and refresh_token to oauth_v2_access API method arguments
- Update the built-in installation store to save refresh_token, expires_in
- Add oauth.v2.exchange API endpoint support
- Add the following properties in AuthorizeResult
- bot refresh token
- bot token expires at
- user refresh token
- user token expires at
- Update bolt-python's authorize middleware Add token rotation feature support bolt-python#400
To learn more details about the implementation, refer to the Node SDK issue and code:
- Add Support for Token Rotation node-slack-sdk#1241
- Add Support for Token Rotation node-slack-sdk#1244
Category (place an x in each of the [ ])
- slack_sdk.web.WebClient (sync/async) (Web API client)
- slack_sdk.webhook.WebhookClient (sync/async) (Incoming Webhook, response_url sender)
- slack_sdk.models (UI component builders)
- slack_sdk.oauth (OAuth Flow Utilities)
- slack_sdk.socket_mode (Socket Mode client)
- slack_sdk.audit_logs (Audit Logs API client)
- slack_sdk.scim (SCIM API client)
- slack_sdk.rtm (RTM client)
- slack_sdk.signature (Request Signature Verifier)
Requirements
Please read the Contributing guidelines and Code of Conduct before creating this issue or pull request. By submitting, you are agreeing to those rules.