Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix a #855 bug where user_scopes exist even when user token is absent #858

Merged
merged 1 commit into from
Mar 13, 2023
Merged

Fix a #855 bug where user_scopes exist even when user token is absent #858

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Fix a #855 bug where user_scopes exist even when user token is absent
  • Loading branch information
@seratch
seratch committed Mar 13, 2023
commit 94421da51273e70074bc042fd18ffc689d92b120
3 changes: 2 additions & 1 deletion slack_bolt/authorization/async_authorize.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -207,10 +207,11 @@ async def __call__(
if latest_bot_installation.user_id != user_id:
# First off, remove the user token as the installer is a different user
user_token = None
user_scopes = None
latest_bot_installation.user_token = None
latest_bot_installation.user_refresh_token = None
latest_bot_installation.user_token_expires_at = None
latest_bot_installation.user_scopes = []
latest_bot_installation.user_scopes = None

# try to fetch the request user's installation
# to reflect the user's access token if exists
Expand Down
3 changes: 2 additions & 1 deletion slack_bolt/authorization/authorize.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -206,10 +206,11 @@ def __call__(
if latest_bot_installation.user_id != user_id:
# First off, remove the user token as the installer is a different user
user_token = None
user_scopes = None
latest_bot_installation.user_token = None
latest_bot_installation.user_refresh_token = None
latest_bot_installation.user_token_expires_at = None
latest_bot_installation.user_scopes = []
latest_bot_installation.user_scopes = None

# try to fetch the request user's installation
# to reflect the user's access token if exists
Expand Down
43 changes: 39 additions & 4 deletions tests/scenario_tests/test_app_actor_user_token.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -109,12 +109,12 @@ def build_headers(self, timestamp: str, body: str):
"x-slack-request-timestamp": [timestamp],
}

def build_request(self):
def build_request(self, team_id: str = "T014GJXU940"):
timestamp, body = str(int(time())), json.dumps(
{
"team_id": "T014GJXU940",
"team_id": team_id,
"enterprise_id": "E013Y3SHLAY",
"context_team_id": "T014GJXU940",
"context_team_id": team_id,
"context_enterprise_id": "E013Y3SHLAY",
"api_app_id": "A04TEM7H4S0",
"event": {
Expand All @@ -123,7 +123,7 @@ def build_request(self):
"upload": False,
"user": "W013QGS7BPF",
"display_as_bot": False,
"team": "T014GJXU940",
"team": team_id,
"channel": "C04T3ACM40K",
"subtype": "file_share",
},
Expand Down Expand Up @@ -176,3 +176,38 @@ def handle_events(context: BoltContext, say: Say):
assert_auth_test_count(self, 1)
sleep(1) # wait a bit after auto ack()
assert self.mock_received_requests["/chat.postMessage"] == 1

def test_authorize_result_no_user_token(self):
app = App(
client=self.web_client,
signing_secret=self.signing_secret,
oauth_settings=OAuthSettings(
client_id="111.222",
client_secret="secret",
scopes=["commands", "chat:write"],
user_scopes=["search:read", "chat:write"],
installation_store=MemoryInstallationStore(),
user_token_resolution="actor",
),
)

@app.event("message")
def handle_events(context: BoltContext, say: Say):
assert context.actor_enterprise_id == "E013Y3SHLAY"
assert context.actor_team_id == "T111111"
assert context.actor_user_id == "W013QGS7BPF"

assert context.authorize_result.bot_id == "BZYBOTHED"
assert context.authorize_result.bot_user_id == "W23456789"
assert context.authorize_result.bot_token == "xoxb-valid-2"
assert context.authorize_result.bot_scopes == ["commands", "chat:write"]
assert context.authorize_result.user_id is None
assert context.authorize_result.user_token is None
assert context.authorize_result.user_scopes is None
say("What's up?")

response = app.dispatch(self.build_request(team_id="T111111"))
assert response.status == 200
assert_auth_test_count(self, 1)
sleep(1) # wait a bit after auto ack()
assert self.mock_received_requests["/chat.postMessage"] == 1
43 changes: 39 additions & 4 deletions tests/scenario_tests_async/test_app_actor_user_token.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,12 +61,12 @@ def build_headers(self, timestamp: str, body: str):
"x-slack-request-timestamp": [timestamp],
}

def build_request(self) -> AsyncBoltRequest:
def build_request(self, team_id: str = "T014GJXU940") -> AsyncBoltRequest:
timestamp, body = str(int(time())), json.dumps(
{
"team_id": "T014GJXU940",
"team_id": team_id,
"enterprise_id": "E013Y3SHLAY",
"context_team_id": "T014GJXU940",
"context_team_id": team_id,
"context_enterprise_id": "E013Y3SHLAY",
"api_app_id": "A04TEM7H4S0",
"event": {
Expand All @@ -75,7 +75,7 @@ def build_request(self) -> AsyncBoltRequest:
"upload": False,
"user": "W013QGS7BPF",
"display_as_bot": False,
"team": "T014GJXU940",
"team": team_id,
"channel": "C04T3ACM40K",
"subtype": "file_share",
},
Expand Down Expand Up @@ -129,6 +129,41 @@ async def handle_events(context: AsyncBoltContext, say: AsyncSay):
await asyncio.sleep(1) # wait a bit after auto ack()
assert self.mock_received_requests["/chat.postMessage"] == 1

@pytest.mark.asyncio
async def test_authorize_result_no_user_token(self):
app = AsyncApp(
client=self.web_client,
signing_secret=self.signing_secret,
oauth_settings=AsyncOAuthSettings(
client_id="111.222",
client_secret="secret",
installation_store=MemoryInstallationStore(),
user_token_resolution="actor",
),
)

@app.event("message")
async def handle_events(context: AsyncBoltContext, say: AsyncSay):
assert context.actor_enterprise_id == "E013Y3SHLAY"
assert context.actor_team_id == "T11111"
assert context.actor_user_id == "W013QGS7BPF"

assert context.authorize_result.bot_id == "BZYBOTHED"
assert context.authorize_result.bot_user_id == "W23456789"
assert context.authorize_result.bot_token == "xoxb-valid-2"
assert context.authorize_result.bot_scopes == ["commands", "chat:write"]
assert context.authorize_result.user_id is None
assert context.authorize_result.user_token is None
assert context.authorize_result.user_scopes is None
await say("What's up?")

request = self.build_request(team_id="T11111")
response = await app.async_dispatch(request)
assert response.status == 200
await assert_auth_test_count_async(self, 1)
await asyncio.sleep(1) # wait a bit after auto ack()
assert self.mock_received_requests["/chat.postMessage"] == 1


class MemoryInstallationStore(AsyncInstallationStore):
@property
Expand Down