slackapi
[BUG] Bot Token Expires and Doesn't Reset on Re-Auth
Describe the bug
Hello, I've been chasing this one down for a bit, and think I found out what's going on.
When the underlying bot token for the triage bot expires (for whatever reason, it's still not entirely clear to me why Slack bot tokens go to account_inactive despite nobody doing anything or being deactivated), the solution is to re-auth. However, it looks like the new token doesn't save in MongoDB, and we still persist the other one.
Requirements (place an x in each of the [ ])**
- [x] I've read and understood the Contributing guidelines and have done my best effort to follow them.
- [x] I've read and agree to the Code of Conduct.
- [x] I've searched for any related issues and avoided creating a duplicate issue.
To Reproduce
Steps to reproduce the behavior:
- Install the triage bot, persisting token
xoxb-{...} - Have the token go to
account_inactive– presumably you can deactivate the first user that installed the bot, or in my case it was just a time-based thing I believe - Re-install the bot
- See how the old token is still stored in the database, resulting in a persistent broken integration
Expected behavior
The new token should replace the old one in the database
Screenshots
After re-auth:
ERROR processing {redacted}...
Error: An API error occurred: account_inactive
Reproducible in:
package version: 1.0.1 node version: v20.10.0 OS version(s): Mac OS, Heroku
Additional context
N/A
The workaround is to manually delete the entry in MongoDB Atlas, but ideally would happen without human intervention