如何解决使用Oauth进行松弛螺栓验证
我已经尝试了几天了。我有一个使用Slack / Bolt和内置Express Server开发的Slack应用程序。在开发中,我可以成功完成安装过程,该过程完成后将返回用户凭据(身份验证令牌,teamId等),并将我重定向到成功页面。此外,我的斜杠命令按预期工作。
但是,在生产中,斜杠命令和安装过程均无效。斜杠命令在Slack中返回“ dispatch_Failed”错误,并在我的日志中返回以下验证错误:
开发中的安装过程从我的登录页面开始,并带有添加到松弛按钮,该按钮将我带到授权所需范围的松弛页面。提交此表单是我的应用因503错误而超时的地方。我可以在URL中看到“代码”,但尚未处理。在将应用程序分解以尝试其他身份验证方法之前,我希望有人可以识别出我出了错的地方。
重要的是auth令牌。在开发中,我在声明应用程序时声明了xbot令牌。我将其删除以进行生产,并从事件侦听器(斜杠命令等)的上下文变量中传递机器人令牌。这就是我从文档中了解流程的方式,但可能是错误的...
const { App,ExpressReceiver } = require('@slack/bolt');
require('dotenv').config({ path: __dirname + '/.env' })
const axios = require('axios')
const request = require('request')
const bodyParser = require('body-parser')
const path = require('path')
const firebase = require("firebase");
//database config here (removed to de-clutter)
const fetchTeam = async (teamId) => {
try {
const ref = await database.ref('workspaces')
ref.orderByChild('team_id').equalTo(teamId).once('value',function (snapshot) {
return snapshot.val()
})
} catch (e) {
console.log(e);
}
}
// Create a Bolt Receiver
const receiver = new ExpressReceiver({ signingSecret: process.env.SLACK_SIGNING_SECRET });
const app = new App({
signingSecret: process.env.SLACK_SIGNING_SECRET,clientId: process.env.SLACK_CLIENT_ID,clientSecret: process.env.SLACK_CLIENT_SECRET,stateSecret: process.env.STATE_SECRET,scopes: ['chat:write','chat:write:bot','im:write','commands','incoming-webhook','users:read','users:read.email'],// scopes: ['chat:write','channels:history','groups:history','im:history',installationStore: {
storeInstallation: async (installation) => {
return await database.ref('workspaces').push({ team_id: installation.team.id,installation })
},fetchInstallation: async (InstallQuery) => {
return await fetchTeam(InstallationQuery.teamId)
},},//removed token for production
//token: process.env.SLACK_BOT_TOKEN,receiver
});
//a bunch of stuff my slack app does here (removed)
receiver.router.get('/slack/oauth_redirect',async (req,res) => {
var options = {
uri: 'https://slack.com/apI/Oauth.v2.access?code='
+ req.query.code +
'&client_id=' + process.env.SLACK_CLIENT_ID +
'&client_secret=' + process.env.SLACK_CLIENT_SECRET,method: 'GET'
}
request(options,async (error,response,body) => {
var JSONresponse = JSON.parse(body)
if (!JSONresponse.ok) {
res.status(500).send("Error: ",JSONresponse)
} else {
const newOBJ = {
team_id: JSONresponse.team.id,...JSONresponse
}
console.log(newOBJ);
await database.ref('workspaces').push(newOBJ)
}
})
})
receiver.router.post('/',(req,res) => {
const payload = JSON.parse(req.body.payload)
res.send(req.data);
});
receiver.router.post('/slack/events',res) => {
res.send(req.data);
});
receiver.router.post('/actions',res) => {
res.send(req.data);
});
// Listen for a slash command invocation
app.command('/commandName',async ({ command,ack,say,context }) => {
await ack();
try {
// Call the users.info method using the built-in WebClient
const result = await app.client.users.info({
token: context.bottoken,//in development i use the code below
// token: process.env.SLACK_BOT_TOKEN,user: user
});
}
catch (error) {
console.error(error);
}
await say({
"blocks": [
{
"type": "section","text": {
"type": "plain_text","text": `Hi there ?,! Here are some ways you can use Slack to get things done with Webstacks:`,"emoji": true
}
},{
"type": "actions","elements": [
{
"type": "button","text": {
"type": "plain_text","text": "Raise a Request"
},"value": "create_request","action_id": "create_request"
},{
"type": "button","text": "Leave a Review","url": "https://kittycats.com"
}
]
}
]
})
});
(async () => {
// Start your app
await app.start(process.env.PORT || 3000);
console.log('⚡️ Bolt app is running!');
})();
解决方法
仔细检查您的heroku变量! :) 我忽略了具有输入signingSecret的clientSecret
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。