From adeeb7e52ca151ed4e1445159e3fc8a1476140d2 Mon Sep 17 00:00:00 2001
From: Sundeep Gupta <sundeep@sundeepgupta.ca>
Date: Mon, 8 Aug 2016 16:41:27 -0400
Subject: [PATCH] Going through Slack OAuth flow should update the user's token
 and scopes.

This is necessary because the OAuth access token could become invalid or revoked. Also the application's required scopes could change. If these things happen and we need to have the user auth again, the new tokens/scopes should be updated on that user.
---
 lib/SlackBot.js | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/lib/SlackBot.js b/lib/SlackBot.js
index 0019d257d..5f474a4e0 100755
--- a/lib/SlackBot.js
+++ b/lib/SlackBot.js
@@ -484,12 +484,16 @@ function Slackbot(configuration) {
                                                 isnew = true;
                                                 user = {
                                                     id: identity.user_id,
-                                                    access_token: auth.access_token,
-                                                    scopes: scopes,
                                                     team_id: identity.team_id,
                                                     user: identity.user,
                                                 };
                                             }
+
+                                            // Always update these because the token could become invalid
+                                            // and scopes could change.
+                                            user.access_token = auth.access_token;
+                                            user.scopes = scopes;
+
                                             slack_botkit.storage.users.save(user, function(err, id) {
 
                                                 if (err) {