def test_valid_multi_auth_oauth_flow(self): oauth_flow = AsyncOAuthFlow( settings=AsyncOAuthSettings( client_id="111.222", client_secret="valid", installation_store=FileInstallationStore(), state_store=FileOAuthStateStore(expiration_seconds=120), ) ) app = AsyncApp(signing_secret="valid", oauth_flow=oauth_flow) assert app != None
async def test_instantiation(self): oauth_flow = AsyncOAuthFlow(settings=AsyncOAuthSettings( client_id="111.222", client_secret="xxx", scopes=["chat:write", "commands"], user_scopes=["search:read"], installation_store=FileInstallationStore(), state_store=FileOAuthStateStore(expiration_seconds=120), )) assert oauth_flow is not None assert oauth_flow.logger is not None assert oauth_flow.client is not None
async def test_handle_installation_default(self): oauth_flow = AsyncOAuthFlow(settings=AsyncOAuthSettings( client_id="111.222", client_secret="xxx", scopes=["chat:write", "commands"], installation_store=FileInstallationStore(), state_store=FileOAuthStateStore(expiration_seconds=120), )) req = AsyncBoltRequest(body="") resp = await oauth_flow.handle_installation(req) assert resp.status == 200 assert resp.headers.get("content-type") == ["text/html; charset=utf-8"] assert "https://slack.com/oauth/v2/authorize?state=" in resp.body
def test_installation_store_conflicts(self): store1 = FileInstallationStore() store2 = FileInstallationStore() app = AsyncApp( signing_secret="valid", oauth_settings=AsyncOAuthSettings( client_id="111.222", client_secret="valid", installation_store=store1, ), installation_store=store2, ) assert app.installation_store is store1 app = AsyncApp( signing_secret="valid", oauth_flow=AsyncOAuthFlow( settings=AsyncOAuthSettings( client_id="111.222", client_secret="valid", installation_store=store1, ) ), installation_store=store2, ) assert app.installation_store is store1 app = AsyncApp( signing_secret="valid", oauth_flow=AsyncOAuthFlow( settings=AsyncOAuthSettings( client_id="111.222", client_secret="valid", ) ), installation_store=store1, ) assert app.installation_store is store1
async def test_bot_only_oauth_flow(self): app = AsyncApp( client=self.web_client, signing_secret=self.signing_secret, oauth_flow=AsyncOAuthFlow(settings=oauth_settings_bot_only), ) app.event("app_mention")(whats_up) request = self.build_valid_app_mention_request() response = await app.async_dispatch(request) assert response.status == 200 await assert_auth_test_count_async(self, 1) await asyncio.sleep(1) # wait a bit after auto ack() assert self.mock_received_requests["/chat.postMessage"] == 1
async def test_handle_installation_no_rendering(self): oauth_flow = AsyncOAuthFlow(settings=AsyncOAuthSettings( client_id="111.222", client_secret="xxx", scopes=["chat:write", "commands"], installation_store=FileInstallationStore(), install_page_rendering_enabled=False, # disabled state_store=FileOAuthStateStore(expiration_seconds=120), )) req = AsyncBoltRequest(body="") resp = await oauth_flow.handle_installation(req) assert resp.status == 302 location_header = resp.headers.get("location")[0] assert "https://slack.com/oauth/v2/authorize?state=" in location_header
async def test_handle_callback_using_options(self): async def success(args: AsyncSuccessArgs) -> BoltResponse: assert args.request is not None return BoltResponse(status=200, body="customized") async def failure(args: AsyncFailureArgs) -> BoltResponse: assert args.request is not None assert args.reason is not None return BoltResponse(status=502, body="customized") oauth_flow = AsyncOAuthFlow( client=AsyncWebClient(base_url=self.mock_api_server_base_url), settings=AsyncOAuthSettings( client_id="111.222", client_secret="xxx", scopes=["chat:write", "commands"], installation_store=FileInstallationStore(), state_store=FileOAuthStateStore(expiration_seconds=120), callback_options=AsyncCallbackOptions( success=success, failure=failure, ), ), ) state = await oauth_flow.issue_new_state(None) req = AsyncBoltRequest( body="", query=f"code=foo&state={state}", headers={ "cookie": [f"{oauth_flow.settings.state_cookie_name}={state}"] }, ) resp = await oauth_flow.handle_callback(req) assert resp.status == 200 assert resp.body == "customized" req = AsyncBoltRequest( body="", query=f"code=foo&state=invalid", headers={ "cookie": [f"{oauth_flow.settings.state_cookie_name}={state}"] }, ) resp = await oauth_flow.handle_callback(req) assert resp.status == 502 assert resp.body == "customized"
async def test_handle_callback_invalid_state(self): oauth_flow = AsyncOAuthFlow(settings=AsyncOAuthSettings( client_id="111.222", client_secret="xxx", scopes=["chat:write", "commands"], installation_store=FileInstallationStore(), state_store=FileOAuthStateStore(expiration_seconds=120), )) state = await oauth_flow.issue_new_state(None) req = AsyncBoltRequest( body="", query=f"code=foo&state=invalid", headers={ "cookie": [f"{oauth_flow.settings.state_cookie_name}={state}"] }, ) resp = await oauth_flow.handle_callback(req) assert resp.status == 400
def __init__( self, *, logger: Optional[logging.Logger] = None, # Used in logger name: Optional[str] = None, # Set True when you run this app on a FaaS platform process_before_response: bool = False, # Basic Information > Credentials > Signing Secret signing_secret: Optional[str] = None, # for single-workspace apps token: Optional[str] = None, client: Optional[AsyncWebClient] = None, # for multi-workspace apps installation_store: Optional[AsyncInstallationStore] = None, authorize: Optional[Callable[..., Awaitable[AuthorizeResult]]] = None, # for the OAuth flow oauth_settings: Optional[AsyncOAuthSettings] = None, oauth_flow: Optional[AsyncOAuthFlow] = None, # No need to set (the value is used only in response to ssl_check requests) verification_token: Optional[str] = None, ): """Bolt App that provides functionalities to register middleware/listeners :param name: The application name that will be used in logging. If absent, the source file name will be used instead. :param process_before_response: True if this app runs on Function as a Service. (Default: False) :param signing_secret: The Signing Secret value used for verifying requests from Slack. :param token: The bot access token required only for single-workspace app. :param client: The singleton slack_sdk.web.async_client.AsyncWebClient instance for this app. :param installation_store: The module offering save/find operations of installation data :param authorize: The function to authorize an incoming request from Slack by checking if there is a team/user in the installation data. :param oauth_settings: The settings related to Slack app installation flow (OAuth flow) :param oauth_flow: Manually instantiated slack_bolt.oauth.async_oauth_flow.AsyncOAuthFlow. This is always prioritized over oauth_settings. :param verification_token: Deprecated verification mechanism. This can used only for ssl_check requests. """ signing_secret = signing_secret or os.environ.get( "SLACK_SIGNING_SECRET") token = token or os.environ.get("SLACK_BOT_TOKEN") self._name: str = name or inspect.stack()[1].filename.split( os.path.sep)[-1] self._signing_secret: str = signing_secret self._verification_token: Optional[ str] = verification_token or os.environ.get( "SLACK_VERIFICATION_TOKEN", None) self._framework_logger = logger or get_bolt_logger(AsyncApp) self._token: Optional[str] = token if client is not None: if not isinstance(client, AsyncWebClient): raise BoltError(error_client_invalid_type_async()) self._async_client = client self._token = client.token if token is not None: self._framework_logger.warning( warning_client_prioritized_and_token_skipped()) else: # NOTE: the token here can be None self._async_client = create_async_web_client(token) self._async_authorize: Optional[AsyncAuthorize] = None if authorize is not None: if oauth_settings is not None or oauth_flow is not None: raise BoltError(error_authorize_conflicts()) self._async_authorize = AsyncCallableAuthorize( logger=self._framework_logger, func=authorize) self._async_installation_store: Optional[ AsyncInstallationStore] = installation_store if self._async_installation_store is not None and self._async_authorize is None: self._async_authorize = AsyncInstallationStoreAuthorize( installation_store=self._async_installation_store, logger=self._framework_logger, ) self._async_oauth_flow: Optional[AsyncOAuthFlow] = None if (oauth_settings is None and os.environ.get("SLACK_CLIENT_ID") is not None and os.environ.get("SLACK_CLIENT_SECRET") is not None): # initialize with the default settings oauth_settings = AsyncOAuthSettings() if oauth_flow: if not isinstance(oauth_flow, AsyncOAuthFlow): raise BoltError(error_oauth_flow_invalid_type_async()) self._async_oauth_flow = oauth_flow installation_store = select_consistent_installation_store( client_id=self._async_oauth_flow.client_id, app_store=self._async_installation_store, oauth_flow_store=self._async_oauth_flow.settings. installation_store, logger=self._framework_logger, ) self._async_installation_store = installation_store self._async_oauth_flow.settings.installation_store = installation_store if self._async_oauth_flow._async_client is None: self._async_oauth_flow._async_client = self._async_client if self._async_authorize is None: self._async_authorize = self._async_oauth_flow.settings.authorize elif oauth_settings is not None: if not isinstance(oauth_settings, AsyncOAuthSettings): raise BoltError(error_oauth_settings_invalid_type_async()) installation_store = select_consistent_installation_store( client_id=oauth_settings.client_id, app_store=self._async_installation_store, oauth_flow_store=oauth_settings.installation_store, logger=self._framework_logger, ) self._async_installation_store = installation_store oauth_settings.installation_store = installation_store self._async_oauth_flow = AsyncOAuthFlow(client=self._async_client, logger=self.logger, settings=oauth_settings) if self._async_authorize is None: self._async_authorize = self._async_oauth_flow.settings.authorize if (self._async_installation_store is not None or self._async_authorize is not None) and self._token is not None: self._token = None self._framework_logger.warning(warning_token_skipped()) self._async_middleware_list: List[Union[Callable, AsyncMiddleware]] = [] self._async_listeners: List[AsyncListener] = [] self._async_listener_runner = AsyncioListenerRunner( logger=self._framework_logger, process_before_response=process_before_response, listener_error_handler=AsyncDefaultListenerErrorHandler( logger=self._framework_logger), lazy_listener_runner=AsyncioLazyListenerRunner( logger=self._framework_logger, ), ) self._init_middleware_list_done = False self._init_async_middleware_list() self._server: Optional[AsyncSlackAppServer] = None
def __init__( self, *, # Used in logger name: Optional[str] = None, # Set True when you run this app on a FaaS platform process_before_response: bool = False, # Basic Information > Credentials > Signing Secret signing_secret: Optional[str] = None, # for single-workspace apps token: Optional[str] = None, client: Optional[AsyncWebClient] = None, # for multi-workspace apps installation_store: Optional[AsyncInstallationStore] = None, oauth_state_store: Optional[AsyncOAuthStateStore] = None, oauth_state_cookie_name: str = OAuthStateUtils.default_cookie_name, oauth_state_expiration_seconds: int = OAuthStateUtils. default_expiration_seconds, # for the OAuth flow oauth_flow: Optional[AsyncOAuthFlow] = None, client_id: Optional[str] = None, client_secret: Optional[str] = None, scopes: Optional[List[str]] = None, user_scopes: Optional[List[str]] = None, redirect_uri: Optional[str] = None, oauth_install_path: Optional[str] = None, oauth_redirect_uri_path: Optional[str] = None, oauth_success_url: Optional[str] = None, oauth_failure_url: Optional[str] = None, # No need to set (the value is used only in response to ssl_check requests) verification_token: Optional[str] = None, ): signing_secret = signing_secret or os.environ.get( "SLACK_SIGNING_SECRET", None) token = token or os.environ.get("SLACK_BOT_TOKEN", None) if signing_secret is None or signing_secret == "": raise BoltError( "Signing secret not found, so could not initialize the Bolt app." ) self._name: str = name or inspect.stack()[1].filename.split( os.path.sep)[-1] self._signing_secret: str = signing_secret client_id = client_id or os.environ.get("SLACK_CLIENT_ID", None) client_secret = client_secret or os.environ.get( "SLACK_CLIENT_SECRET", None) scopes = scopes or os.environ.get("SLACK_SCOPES", "").split(",") user_scopes = user_scopes or os.environ.get("SLACK_USER_SCOPES", "").split(",") redirect_uri = redirect_uri or os.environ.get("SLACK_REDIRECT_URI", None) oauth_install_path = oauth_install_path or os.environ.get( "SLACK_INSTALL_PATH", "/slack/install") oauth_redirect_uri_path = oauth_redirect_uri_path or os.environ.get( "SLACK_REDIRECT_URI_PATH", "/slack/oauth_redirect") self._verification_token: Optional[ str] = verification_token or os.environ.get( "SLACK_VERIFICATION_TOKEN", None) self._framework_logger = get_bolt_logger(AsyncApp) self._token: Optional[str] = token if client is not None: self._async_client = client self._token = client.token if token is not None: self._framework_logger.warning( "As you gave client as well, the bot token will be unused." ) else: # NOTE: the token here can be None self._async_client = create_async_web_client(token) self._async_installation_store: Optional[ AsyncInstallationStore] = installation_store self._async_oauth_state_store: Optional[ AsyncOAuthStateStore] = oauth_state_store self._oauth_state_cookie_name = oauth_state_cookie_name self._oauth_state_expiration_seconds = oauth_state_expiration_seconds self._async_oauth_flow: Optional[AsyncOAuthFlow] = None if oauth_flow: self._async_oauth_flow = oauth_flow if self._async_installation_store is None: self._async_installation_store = ( self._async_oauth_flow.installation_store) if self._async_oauth_state_store is None: self._async_oauth_state_store = self._async_oauth_flow.oauth_state_store if self._async_oauth_flow._async_client is None: self._async_oauth_flow._async_client = self._async_client else: if client_id is not None and client_secret is not None: # The OAuth flow support is enabled if (self._async_installation_store is None and self._async_oauth_state_store is None): # use the default ones self._async_installation_store = FileInstallationStore( client_id=client_id, ) self._async_oauth_state_store = FileOAuthStateStore( expiration_seconds=self. _oauth_state_expiration_seconds, client_id=client_id, ) if (self._async_installation_store is not None and self._async_oauth_state_store is None): raise ValueError( f"Configure an appropriate OAuthStateStore for {self._async_installation_store}" ) self._async_oauth_flow = AsyncOAuthFlow( client=create_async_web_client(), logger=self._framework_logger, # required storage implementations installation_store=self._async_installation_store, oauth_state_store=self._async_oauth_state_store, oauth_state_cookie_name=self._oauth_state_cookie_name, oauth_state_expiration_seconds=self. _oauth_state_expiration_seconds, # used for oauth.v2.access calls client_id=client_id, client_secret=client_secret, # installation url parameters scopes=scopes, user_scopes=user_scopes, redirect_uri=redirect_uri, # path in this app install_path=oauth_install_path, redirect_uri_path=oauth_redirect_uri_path, # urls after callback success_url=oauth_success_url, failure_url=oauth_failure_url, ) if self._async_installation_store is not None and self._token is not None: self._token = None self._framework_logger.warning( "As you gave installation_store as well, the bot token will be unused." ) self._async_middleware_list: List[Union[Callable, AsyncMiddleware]] = [] self._async_listeners: List[AsyncListener] = [] self._process_before_response = process_before_response self._init_middleware_list_done = False self._init_async_middleware_list()