def test_no_request_signature_header():
assert (VerifyRequest(signing_secret=signing_secret).execute(
raw_body=raw_body,
headers={
"X-Slack-Request-Timestamp": str(int(time())),
},
) == False)
def test_no_request_timestamp_header():
assert (VerifyRequest(signing_secret=signing_secret).execute(
raw_body,
headers={
"X-Slack-Signature":
event_signature(signing_secret, str(int(time())), raw_body)
},
) == False)
def test_verify_request_returns_false_if_timestamp_is_from_the_future():
headers = {
"X-Slack-Request-Timestamp":
str(int(time() - (time() + 1))),
"X-Slack-Signature":
event_signature(signing_secret, int(time()), raw_body),
}
assert (VerifyRequest(signing_secret=signing_secret).execute(
raw_body, headers) == False)
def test_verify_request_returns_true_if_timestamp_is_within_5_min():
timestamp = int(time() - (60 * 3))
headers = {
"X-Slack-Signature": event_signature(signing_secret, timestamp,
raw_body),
"X-Slack-Request-Timestamp": str(timestamp),
}
assert (VerifyRequest(signing_secret=signing_secret).execute(
raw_body, headers) == True)
def test_verify_signature():
raw_body = "foobar"
headers = {
"X-Slack-Request-Timestamp":
str(int(time())),
"X-Slack-Signature":
event_signature(signing_secret, int(time()), raw_body),
}
assert (VerifyRequest(signing_secret=signing_secret).execute(
raw_body, headers) == True)
def test_verify_signature_fails():
raw_body = "foobar"
headers = {
"X-Slack-Request-Timestamp":
str(int(time())),
"X-Slack-Signature":
event_signature("the wrong secret", int(time()), raw_body),
}
assert (VerifyRequest(signing_secret=signing_secret).execute(
raw_body, headers) == False)
headers = {
"X-Slack-Request-Timestamp":
str(int(time())),
"X-Slack-Signature":
event_signature(signing_secret, int(time()), "wrong body"),
}
assert (VerifyRequest(signing_secret=signing_secret).execute(
raw_body, headers) == False)
def execute(self):
response = ApiGatewayResponse()
if not VerifyRequest(signing_secret=self.signing_secret).execute(
self.raw_body, self.headers):
response.auth_error()
return response
body = json.loads(self.raw_body)
type = body.get("type")
if type == "url_verification":
response_body = UrlVerification().execute(body)
response.ok(response_body)
elif type == "event_callback":
event = body["event"]
logging.info(f"Received event: {event['type']}")
if event["type"] == "user_change":
UpdateAllProfiles(
user_link_store=self.user_link_store,
user_token_store=self.user_token_store,
).execute(body)
response.ok()
elif event["type"] == "tokens_revoked":
UserUninstall(
user_link_store=self.user_link_store,
user_token_store=self.user_token_store,
).execute(body)
response.ok()
else:
logging.error("unsupported event_callback %s", event)
response.ok()
else:
logging.error("event not supported %s", body)
response.ok()
return response