gratipay · chadwhitacre · Oct 17, 2014 · Oct 13, 2014 · Oct 14, 2014 · Oct 14, 2014
diff --git a/branch.sql b/branch.sql
@@ -0,0 +1,46 @@
+BEGIN;
+    ALTER TABLE elsewhere DROP COLUMN access_token,
+                          DROP COLUMN refresh_token,
+                          DROP COLUMN expires;
+    ALTER TABLE elsewhere ADD COLUMN token json;
+
+    DROP TYPE elsewhere_with_participant CASCADE;
+    CREATE TYPE elsewhere_with_participant AS
+    ( id            integer
+    , platform      text
+    , user_id       text
+    , user_name     text
+    , display_name  text
+    , email         text
+    , avatar_url    text
+    , extra_info    json
+    , is_locked     boolean
+    , is_team       boolean
+    , token         json
+    , participant   participants
+     ); -- If Postgres had type inheritance this would be even awesomer.
+
+    CREATE OR REPLACE FUNCTION load_participant_for_elsewhere (elsewhere)
+    RETURNS elsewhere_with_participant
+    AS $$
+        SELECT $1.id
+             , $1.platform
+             , $1.user_id
+             , $1.user_name
+             , $1.display_name
+             , $1.email
+             , $1.avatar_url
+             , $1.extra_info
+             , $1.is_locked
+             , $1.is_team
+             , $1.token
+             , participants.*::participants
+          FROM participants
+         WHERE participants.username = $1.participant
+              ;
+    $$ LANGUAGE SQL;
+
+    CREATE CAST (elsewhere AS elsewhere_with_participant)
+        WITH FUNCTION load_participant_for_elsewhere(elsewhere);
+
+END;
diff --git a/defaults.env b/defaults.env
@@ -39,9 +39,9 @@ BOUNTYSOURCE_CALLBACK=http://127.0.0.1:8537/on/bountysource/associate
 BOUNTYSOURCE_API_HOST=https://staging-api.bountysource.com
 BOUNTYSOURCE_WWW_HOST=https://staging.bountysource.com
 
-VENMO_CLIENT_ID=1534
-VENMO_CLIENT_SECRET=55ckgsguYC3cj7xWW5c95PHvUzrwgZMA
-VENMO_CALLBACK=http://127.0.0.1:8537/on/venmo/associate
+VENMO_CLIENT_ID=2031
+VENMO_CLIENT_SECRET=YaBbmZQVmQjfgL7NFekpyJv4PayUhwhb
+VENMO_CALLBACK=http://localhost:8537/on/venmo/associate
 
 OPENSTREETMAP_CONSUMER_KEY=J2SS5GM0A7tM1CIBjAHXUTMeCEkRBMYsTJzGONxe
 OPENSTREETMAP_CONSUMER_SECRET=hgvZkbtWVOEoaJV5AzQPcBI9m8f7BylkpT0cP7wS

diff --git a/gratipay/elsewhere/__init__.py b/gratipay/elsewhere/__init__.py
@@ -5,6 +5,7 @@
 from collections import OrderedDict
 from datetime import datetime
 import hashlib
+import json
 import logging
 from urllib import quote
 import xml.etree.ElementTree as ET
@@ -207,7 +208,11 @@ def get_user_self_info(self, sess):
         """Get the authenticated user's info from the API.
         """
         r = self.api_get(self.api_user_self_info_path, sess=sess)
-        return self.extract_user_info(self.api_parser(r))
+        info = self.extract_user_info(self.api_parser(r))
+        token = getattr(sess, 'token', None)
+        if token:
+            info.token = json.dumps(token)
+        return info
 
 
 class PlatformOAuth1(Platform):
@@ -216,8 +221,11 @@ class PlatformOAuth1(Platform):
     authorize_path = '/oauth/authorize'
     access_token_path = '/oauth/access_token'
 
-    def get_auth_session(self, token=None, token_secret=None):
-        return OAuth1Session(self.api_key, self.api_secret, token, token_secret,
+    def get_auth_session(self, token=None):
+        args = ()
+        if token:
+            args = (token['token'], token['token_secret'])
+        return OAuth1Session(self.api_key, self.api_secret, *args,
                              callback_uri=self.callback_url)
 
     def get_auth_url(self, **kw):
@@ -230,9 +238,11 @@ def get_query_id(self, querystring):
         return querystring['oauth_token']
 
     def handle_auth_callback(self, url, token, token_secret):
-        sess = self.get_auth_session(token=token, token_secret=token_secret)
+        sess = self.get_auth_session(dict(token=token, token_secret=token_secret))
         sess.parse_authorization_response(url)
-        sess.fetch_access_token(self.auth_url+self.access_token_path)
+        r = sess.fetch_access_token(self.auth_url+self.access_token_path)
+        sess.token = dict(token=r['oauth_token'],
+                          token_secret=r['oauth_token_secret'])
         return sess
 
 
@@ -242,8 +252,9 @@ class PlatformOAuth2(Platform):
     oauth_email_scope = None
     oauth_payment_scope = None
 
-    def get_auth_session(self, state=None, token=None):
+    def get_auth_session(self, state=None, token=None, token_updater=None):
         return OAuth2Session(self.api_key, state=state, token=token,
+                             token_updater=token_updater,
                              redirect_uri=self.callback_url,
                              scope=self.oauth_default_scope)
 

diff --git a/gratipay/models/account_elsewhere.py b/gratipay/models/account_elsewhere.py
@@ -129,6 +129,14 @@ def upsert(cls, i):
     # Random Stuff
     # ============
 
+    def get_auth_session(self):
+        if not self.token:
+            return
+        params = dict(token=self.token)
+        if 'refresh_token' in self.token:
+            params['token_updater'] = self.save_token
+        return self.platform_data.get_auth_session(**params)
+
     @property
     def html_url(self):
         return self.platform_data.account_url.format(
@@ -157,18 +165,15 @@ def opt_in(self, desired_username):
             user.participant.update_is_closed(False)
         return user, newly_claimed
 
-    def save_token(self, token, refresh_token=None, expires=None):
+    def save_token(self, token):
         """Saves the given access token in the database.
         """
         self.db.run("""
             UPDATE elsewhere
-               SET (access_token, refresh_token, expires) = (%s, %s, %s)
+               SET token = %s
              WHERE id=%s
-        """, (token, refresh_token, expires, self.id))
-        self.set_attributes( access_token=token
-                           , refresh_token=refresh_token
-                           , expires=expires
-                           )
+        """, (token, self.id))
+        self.set_attributes(token=token)
 
     def set_is_locked(self, is_locked):
         self.db.run( 'UPDATE elsewhere SET is_locked=%s WHERE id=%s'

diff --git a/www/%username/elsewhere/refresh.spt b/www/%username/elsewhere/refresh.spt
@@ -0,0 +1,21 @@
+from aspen import Response
+from gratipay.models.account_elsewhere import AccountElsewhere
+from gratipay.utils import get_participant
+
+[---]
+
+if not user.ADMIN:
+    raise Response(403)
+
+participant = get_participant(request, restrict=True)
+accounts = participant.get_accounts_elsewhere()
+i = 0
+for account in accounts.values():
+    sess = account.get_auth_session()
+    if not sess:
+        continue
+    AccountElsewhere.upsert(account.platform_data.get_user_self_info(sess))
+    i += 1
+
+[---] text/html
+Updated {{i}} accounts.