Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add OAuth exchange capability #104

Open
wants to merge 7 commits into
base: master
Choose a base branch
from
Open

Add OAuth exchange capability #104

wants to merge 7 commits into from

Conversation

yasunariw
Copy link
Collaborator

@yasunariw yasunariw commented Dec 31, 2020
edited
Loading

Description of the task

Add OAuth exchange functionality to the bot server, to allow distribution of the app.

For a single-workspace use case, the Slack access token used in #94 can be obtained manually through the app dashboard. But if there is a need to distribute monorobot to multiple users who don't have access to the app or its credentials, the server must be able to engage in an OAuth exchange.

This PR exposes an endpoint /slack/oauth, which Slack will query when a user initiates the OAuth workflow by authorizing the app to access their workspace.

For more information, refer to the comments for process_slack_oauth in file lib/action.ml.

How to test

In addition to the slack payload tests, new tests have been defined in slack_oauth_test.ml for the oauth exchange.

make test

References

@yasunariw yasunariw mentioned this pull request Dec 31, 2020
Merged
@yasunariw yasunariw force-pushed the yasu/slack-webhook-to-api branch from 6e18496 to 7404d4a Compare January 4, 2021 02:51
@yasunariw yasunariw changed the base branch from yasu/slack-webhook-to-api to master January 4, 2021 06:54
@yasunariw
add functions to query the Slack API for oauth exchange
a2cbaa7
@yasunariw
implement slack oauth exchange
b9bd9d4 
This exposes a `/slack/oauth` route that Slack can query to trigger an
OAuth exchange, culminating in the generation of an access token
authorizing the bot to post messages to a workspace.

When just working with one bot app per workspace, the token can be
generated from the app dashboard and copy-pasted into the secrets file.
But if the app is distributed, and a user who isn’t a bot server admin
wants to install the bot into their workspace, the server needs to
handle OAuth.
@yasunariw
don't overwrite access token in secrets file; use state instead
987f50d 
If access token is provided in secrets file at startup time, should
copy into runtime state.
@yasunariw
fix bug in context where make didn't generate a fresh state
bbe736b
@yasunariw
tests: add oauth tests
bf56b4a
@yasunariw
update documentation and comments with oauth information
831a332
@yasunariw yasunariw requested review from ygrek and Khady January 5, 2021 05:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ygrek ygrek Awaiting requested review from ygrek

@Khady Khady Awaiting requested review from Khady

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@yasunariw