slack-ruby-bot-server 1.0.0 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3999b9e5a783666fcf1cebfe6d07d50e0228d7a1e3c17ca52217c7677705a1c2
-  data.tar.gz: 6294712aae7ca330fa3c13764e369084ed7f097772e22b54e5a8c1964ec2e130
+  metadata.gz: d96988aebe8c1dadd75c95e086ad63f5aaa81a8c93ecb1a92ae2f6a1908f6b6d
+  data.tar.gz: a1519cf75e0afadc610fc92b975613d7817c5a8cf243f849c6ecb9587e504df0
 SHA512:
-  metadata.gz: 17c1e6474f1a45c964d67210d96669dc4bbb5910c3571d1720916f9a13b469741d08462e6feb57185a9745ffb373164f68c88f91bbf71691313215a23264a0a5
-  data.tar.gz: 43c5fde5d25f993be6da99758303026ff2870b26e50435cda7bc10218ae0fea1c7a9ab321d946f62485fc59f37da845ee425804327b1a5c7a4c2575d1f9ccfd3
+  metadata.gz: e52881e9b3faa4754a4c582eb9269a6b9eacf0f3f80f4dc20d7332e0d9304d2580b47185409ace983422f6e800bd2ae9bed00d3829eb457c4299eee5294630c3
+  data.tar.gz: 91a903e372af38353a914d61f04d1e7016e1e25edf3f9b41afeee523279c1b5c29fefb23ec8d1acc1bb6fdaaf8b6cd0ef4d1c6a2b2f1ac9707ac036a22f4881e

data/.rubocop_todo.yml

@@ -1,6 +1,6 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config`
-# on 2020-11-15 11:38:22 -0500 using RuboCop version 0.81.0.
+# on 2020-11-16 09:56:54 -0500 using RuboCop version 0.81.0.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new

data/CHANGELOG.md

@@ -1,5 +1,9 @@
 ### Changelog
 
+#### 1.1.0 (2020/11/17)
+
+* [#132](https://github.com/slack-ruby/slack-ruby-bot-server/pull/132): Add support for OAuth v2 - [@dblock](https://github.com/dblock).
+
 #### 1.0.0 (2020/11/15)
 
 * [#129](https://github.com/slack-ruby/slack-ruby-bot-server/pull/129): Extracted RealTime components into [slack-ruby-bot-server-rtm](https://github.com/slack-ruby/slack-ruby-bot-server-rtm) - [@dblock](https://github.com/dblock).

data/README.md

@@ -7,46 +7,50 @@ Slack Ruby Bot Server
 
 Build a complete Slack bot service with Slack button integration, in Ruby.
 
-# Table of Contents
+## Table of Contents
 
 - [What is this?](#what-is-this)
 - [Stable Release](#stable-release)
 - [Make Your Own](#make-your-own)
-- [Storage](#storage)
-- [MongoDB](#mongodb)
-- [ActiveRecord](#activerecord)
 - [Usage](#usage)
-- [API](#api)
-  - [App](#app)
-  - [Service Manager](#service-manager)
-    - [Lifecycle Callbacks](#lifecycle-callbacks)
-    - [Service Timers](#service-timers)
-    - [Extensions](#extensions)
-  - [Service Class](#service-class)
-- [HTML Templates](#html-templates)
-- [Access Tokens](#access-tokens)
+  - [Storage](#storage)
+    - [MongoDB](#mongodb)
+    - [ActiveRecord](#activerecord)
+  - [OAuth Version and Scopes](#oauth-version-and-scopes)
+  - [Slack App](#slack-app)
+  - [API](#api)
+    - [App](#app)
+    - [Service Manager](#service-manager)
+      - [Lifecycle Callbacks](#lifecycle-callbacks)
+      - [Service Timers](#service-timers)
+      - [Extensions](#extensions)
+    - [Service Class](#service-class)
+  - [HTML Templates](#html-templates)
+  - [Access Tokens](#access-tokens)
 - [Sample Bots Using Slack Ruby Bot Server](#sample-bots-using-slack-ruby-bot-server)
   - [Slack Bots with Granular Permissions](#slack-bots-with-granular-permissions)
   - [Legacy Slack Bots](#legacy-slack-bots)
 - [Copyright & License](#copyright--license)
 
-### What is this?
+## What is this?
 
 A library that contains a web server and a RESTful [Grape](http://github.com/ruby-grape/grape) API serving a Slack bot to multiple teams. Use in conjunction with [slack-ruby-bot-server-events](https://github.com/slack-ruby/slack-ruby-bot-server-events) to build a complete Slack bot service, or [slack-ruby-bot-server-rtm](https://github.com/slack-ruby/slack-ruby-bot-server-rtm) to build a Class RealTime Slack bot. Your customers can use a Slack button to install the bot.
 
-### Stable Release
+## Stable Release
 
-You're reading the documentation for the **stable** release of slack-ruby-bot-server, v1.0.0. See [UPGRADING](UPGRADING.md) when upgrading from an older version.
+You're reading the documentation for the **stable** release of slack-ruby-bot-server. See [UPGRADING](UPGRADING.md) when upgrading from an older version.
 
-### Make Your Own
+## Make Your Own
 
-We recommend you get started from a [slack-ruby-bot-events-sample](https://github.com/slack-ruby/slack-ruby-bot-server-events-sample) app to bootstrap your project.
+This library alone will only register a new bot, but will not include any bot functionality. To make something useful, we recommend you get started from a [slack-ruby-bot-events-sample](https://github.com/slack-ruby/slack-ruby-bot-server-events-sample) app to bootstrap your project.
+
+## Usage
 
 ### Storage
 
 A database is required to store teams.
 
-### MongoDB
+#### MongoDB
 
 Use MongoDB with [Mongoid](https://github.com/mongodb/mongoid) as ODM. Configure the database connection in `mongoid.yml`. Add the `mongoid` gem in your Gemfile.
 
@@ -57,7 +61,7 @@ gem 'mongoid-scroll'
 gem 'slack-ruby-bot-server'
 ```
 
-### ActiveRecord
+#### ActiveRecord
 
 Use ActiveRecord with, for example, PostgreSQL via [pg](https://github.com/ged/ruby-pg). Configure the database connection in `postgresql.yml`. Add the `activerecord`, `pg`, `otr-activerecord` and `cursor_pagination` gems to your Gemfile.
 
@@ -69,27 +73,45 @@ gem 'otr-activerecord'
 gem 'cursor_pagination'
 ```
 
-### Usage
+### OAuth Version and Scopes
+
+Configure your app's [OAuth version](https://api.slack.com/authentication/oauth-v2) and [scopes](https://api.slack.com/legacy/oauth-scopes) as needed by your application.
+
+```ruby
+SlackRubyBotServer.configure do |config|
+  config.oauth_version = :v2
+  config.oauth_scope = ['channels:read', 'chat:write']
+end
+```
+
+The "Add to Slack" button uses the standard OAuth code grant flow as described in the [Slack docs](https://api.slack.com/docs/oauth#flow). Once clicked, the user is taken through the authorization process at Slack's site. Upon successful completion, a callback containing a temporary code is sent to the redirect URL you specified. The endpoint at that URL contains code that persists the bot token each time a Slack client is instantiated for the specific team.
+
+### Slack App
 
-Start with the [slack-ruby-bot-events-sample](https://github.com/slack-ruby/slack-ruby-bot-server-events-sample) sample, which contain a couple of custom commands, necessary dependencies and tests, then [create a new Slack App](https://api.slack.com/applications/new).
+Create a new Slack App [here](https://api.slack.com/applications/new).
 
 ![](images/create-app.png)
 
-Follow Slack's instructions, note the app client ID and secret, give the bot a default name, etc. The redirect URL should be the location of your app. For local testing purposes use a public tunneling service such as [ngrok](https://ngrok.com/) to expose local port 9292.
+Follow Slack's instructions, note the app client ID and secret, give the bot a default name, etc.
 
 Within your application, edit your `.env` file and add `SLACK_CLIENT_ID=...` and `SLACK_CLIENT_SECRET=...` in it.
 
-Configure your app's [OAuth scopes](https://api.slack.com/legacy/oauth-scopes) as needed by your application.
+Run `bundle install` and `foreman start` to boot the app.
 
-```ruby
-SlackRubyBotServer.configure do |config|
-  config.oauth_scope = ['channels:read', 'chat:write:user']
-end
+```
+$ foreman start
+07:44:47 web.1  | started with pid 59258
+07:44:50 web.1  | * Listening on tcp://0.0.0.0:5000
 ```
 
-The "Add to Slack" button uses the standard OAuth code grant flow as described in the [Slack docs](https://api.slack.com/docs/oauth#flow). Once clicked, the user is taken through the authorization process at Slack's site. Upon successful completion, a callback containing a temporary code is sent to the redirect URL you specified. The endpoint at that URL contains code that persists the bot token each time a Slack client is instantiated for the specific team.
+Set the redirect URL in "OAuth & Permissions" be the location of your app. Since you cannot receive notifications on localhost from Slack use a public tunneling service such as [ngrok](https://ngrok.com/) to expose local port 9292 for testing.
+
+```
+$ ngrok http 5000
+Forwarding https://ddfd97f80615.ngrok.io -> http://localhost:5000
+```
 
-Run `bundle install` and `foreman start` to boot the app. Navigate to [localhost:9292](http://localhost:9292). You should see an "Add to Slack" button. Use it to install the app into your own Slack team.
+Navigate to either [localhost:9292](http://localhost:9292) or the ngrok URL above. You should see an "Add to Slack" button. Use it to install the app into your own Slack team.
 
 ### API
 
@@ -168,7 +190,7 @@ The [Add to Slack button](https://api.slack.com/docs/slack-button) also allows f
 auth = OpenSSL::HMAC.hexdigest("SHA256", "key", "data")
 ```
 ```html
-<a href="https://slack.com/oauth/authorize?scope=<%= SlackRubyBotServer::Config.oauth_scope_s %>&client_id=<%= ENV['SLACK_CLIENT_ID'] %>&state=#{auth)"> ... </a>
+<a href="<%= SlackRubyBotServer::Config.oauth_authorize_url %>?scope=<%= SlackRubyBotServer::Config.oauth_scope_s %>&client_id=<%= ENV['SLACK_CLIENT_ID'] %>&state=#{auth)"> ... </a>
 ```
 ```ruby
 instance = SlackRubyBotServer::Service.instance
@@ -252,14 +274,14 @@ end
 
 By default the implementation of [Team](lib/slack-ruby-bot-server/models/team) stores the value of the token with all the requested OAuth scopes in both `token` and `activated_user_access_token` (for backwards compatibility). If a legacy Slack bot integration `bot_access_token` is present, it is stored as `token`, and `activated_user_access_token`is the token that has all the requested OAuth scopes.
 
-### Sample Bots Using Slack Ruby Bot Server
+## Sample Bots Using Slack Ruby Bot Server
 
-#### Slack Bots with Granular Permissions
+### Slack Bots with Granular Permissions
 
 * [slack-ruby-bot-server-events-sample](https://github.com/slack-ruby/slack-ruby-bot-server-events-sample), a generic sample
 * [slack-rails-bot-starter](https://github.com/CrazyOptimist/slack-rails-bot-starter), an all-in-one Rails starter kit
 
-#### Legacy Slack Bots
+### Legacy Slack Bots
 
 * [slack-ruby-bot-server-sample](https://github.com/slack-ruby/slack-ruby-bot-server-sample), a generic sample
 * [slack-sup](https://github.com/dblock/slack-sup), see [sup.playplay.io](https://sup.playplay.io)
@@ -270,7 +292,7 @@ By default the implementation of [Team](lib/slack-ruby-bot-server/models/team) s
 * [slack-strava](https://github.com/dblock/slack-strava), see [slava.playplay.io](https://slava.playplay.io)
 * [slack-arena](https://github.com/dblock/slack-arena), see [arena.playplay.io](https://arena.playplay.io)
 
-### Copyright & License
+## Copyright & License
 
 Copyright [Daniel Doubrovkine](http://code.dblock.org) and Contributors, 2015-2020
 

data/UPGRADING.md

@@ -1,7 +1,7 @@
 Upgrading Slack-Ruby-Bot-Server
 ===============================
 
-### Upgrading to >= 1.0.0
+### Upgrading to >= 1.1.0
 
 #### Extracted RealTime (Legacy) Support
 
@@ -12,6 +12,13 @@ To upgrade an existing classic Slack app that uses slack-ruby-bot-server do the
 1. Add `slack-ruby-bot-server-rtm` as an additional dependency.
 2. Replace any reference to `SlackRubyBotServer::Server` to `SlackRubyBotServer::RealTime::Server`.
 3. Replace any `require 'slack-ruby-bot-server/rspec'` with `require 'slack-ruby-bot-server-rtm/rspec'`.
+4. Use Slack OAuth 1.0 and configure scopes.
+   ```ruby
+   SlackRubyBotServer.configure do |config|
+     config.oauth_version = :v1
+     config.oauth_scope = ['bot']
+   end
+   ```
 
 Existing RTM Slack bots will continue working and be listed in the Slack App Directory. On December 4th, 2020 Slack will no longer accept resubmissions from apps that are not using granular permissions. On November 18, 2021 Slack will start delisting apps that have not migrated to use granular permissions. Use [slack-ruby-bot-server-events](https://github.com/slack-ruby/slack-ruby-bot-server-events) to create a Slack bot with granular permissions. See [migration](https://api.slack.com/authentication/migration) for more details.
 

data/lib/slack-ruby-bot-server/api/endpoints/teams_endpoint.rb

@@ -40,22 +40,41 @@ module SlackRubyBotServer
 
             raise 'Missing SLACK_CLIENT_ID or SLACK_CLIENT_SECRET.' unless ENV.key?('SLACK_CLIENT_ID') && ENV.key?('SLACK_CLIENT_SECRET')
 
-            rc = client.oauth_access(
+            options = {
               client_id: ENV['SLACK_CLIENT_ID'],
               client_secret: ENV['SLACK_CLIENT_SECRET'],
               code: params[:code]
-            )
+            }
 
-            access_token = rc['access_token']
-            user_id = rc['user_id']
+            rc = client.send(SlackRubyBotServer.config.oauth_access_method, options)
 
-            bot = rc['bot']
+            token = nil
+            access_token = nil
+            user_id = nil
+            bot_user_id = nil
+            team_id = nil
+            team_name = nil
 
-            token = bot ? bot['bot_access_token'] : access_token
-            bot_user_id = bot['bot_user_id'] if bot
+            case SlackRubyBotServer::Config.oauth_version
+            when :v2
+              access_token = rc.access_token
+              token = rc.access_token
+              user_id = rc.authed_user&.id
+              bot_user_id = rc.bot_user_id
+              team_id = rc.team&.id
+              team_name = rc.team&.name
+            when :v1
+              access_token = rc.access_token
+              bot = rc.bot if rc.key?(:bot)
+              token = bot ? bot.bot_access_token : access_token
+              user_id = rc.user_id
+              bot_user_id = bot ? bot.bot_user_id : nil
+              team_id = rc.team_id
+              team_name = rc.team_name
+            end
 
             team = Team.where(token: token).first
-            team ||= Team.where(team_id: rc['team_id']).first
+            team ||= Team.where(team_id: team_id).first
 
             if team
               team.ping_if_active!
@@ -72,8 +91,8 @@ module SlackRubyBotServer
             else
               team = Team.create!(
                 token: token,
-                team_id: rc['team_id'],
-                name: rc['team_name'],
+                team_id: team_id,
+                name: team_name,
                 activated_user_id: user_id,
                 activated_user_access_token: access_token,
                 bot_user_id: bot_user_id

data/lib/slack-ruby-bot-server/app.rb

@@ -1,10 +1,11 @@
 module SlackRubyBotServer
   class App
+    include SlackRubyBotServer::Loggable
+
     def prepare!
       check_database!
       init_database!
       purge_inactive_teams!
-      configure_global_aliases!
     end
 
     def self.instance
@@ -13,13 +14,6 @@ module SlackRubyBotServer
 
     private
 
-    def logger
-      @logger ||= begin
-        STDOUT.sync = true
-        Logger.new(STDOUT)
-      end
-    end
-
     def check_database!
       SlackRubyBotServer::DatabaseAdapter.check!
     end
@@ -31,11 +25,5 @@ module SlackRubyBotServer
     def purge_inactive_teams!
       Team.purge!
     end
-
-    def configure_global_aliases!
-      SlackRubyBot.configure do |config|
-        config.aliases = ENV['SLACK_RUBY_BOT_ALIASES'].split(' ') if ENV['SLACK_RUBY_BOT_ALIASES']
-      end
-    end
   end
 end

data/lib/slack-ruby-bot-server/config.rb

@@ -7,11 +7,13 @@ module SlackRubyBotServer
     attr_accessor :database_adapter
     attr_accessor :view_paths
     attr_accessor :oauth_scope
+    attr_accessor :oauth_version
 
     def reset!
       self.logger = nil
       self.service_class = SlackRubyBotServer::Service
       self.oauth_scope = nil
+      self.oauth_version = :v2
 
       self.view_paths = [
         'views',
@@ -28,6 +30,28 @@ module SlackRubyBotServer
                               end
     end
 
+    def oauth_authorize_url
+      case oauth_version
+      when :v2
+        'https://slack.com/oauth/v2/authorize'
+      when :v1
+        'https://slack.com/oauth/authorize'
+      else
+        raise ArgumentError, 'Invalid oauth_version, must be one of :v1 or v2.'
+      end
+    end
+
+    def oauth_access_method
+      case oauth_version
+      when :v2
+        :oauth_v2_access
+      when :v1
+        :oauth_access
+      else
+        raise ArgumentError, 'Invalid oauth_version, must be one of :v1 or v2.'
+      end
+    end
+
     def oauth_scope_s
       oauth_scope&.join('+')
     end

data/lib/slack-ruby-bot-server/models/team/methods.rb

@@ -32,10 +32,18 @@ module Methods
 
     def ping!
       client = Slack::Web::Client.new(token: token)
+
       auth = client.auth_test
+
+      presence = begin
+        client.users_getPresence(user: auth['user_id'])
+                 rescue Slack::Web::Api::Errors::MissingScope
+                   nil
+      end
+
       {
         auth: auth,
-        presence: client.users_getPresence(user: auth['user_id'])
+        presence: presence
       }
     end
 

data/lib/slack-ruby-bot-server/version.rb

@@ -1,3 +1,3 @@
 module SlackRubyBotServer
-  VERSION = '1.0.0'.freeze
+  VERSION = '1.1.0'.freeze
 end

data/public/index.html.erb

@@ -16,7 +16,7 @@
   </p>
   <p id='messages' />
   <p id='register'>
-    <a href="https://slack.com/oauth/authorize?scope=<%= SlackRubyBotServer::Config.oauth_scope_s %>&client_id=<%= ENV['SLACK_CLIENT_ID'] %>"><img alt="Add to Slack" height="40" width="139" src="https://platform.slack-edge.com/img/add_to_slack.png" srcset="https://platform.slack-edge.com/img/add_to_slack.png 1x, https://platform.slack-edge.com/img/add_to_slack@2x.png 2x"></a>
+    <a href="<%= SlackRubyBotServer::Config.oauth_authorize_url %>?scope=<%= SlackRubyBotServer::Config.oauth_scope_s %>&client_id=<%= ENV['SLACK_CLIENT_ID'] %>"><img alt="Add to Slack" height="40" width="139" src="https://platform.slack-edge.com/img/add_to_slack.png" srcset="https://platform.slack-edge.com/img/add_to_slack.png 1x, https://platform.slack-edge.com/img/add_to_slack@2x.png 2x"></a>
   </p>
   <p id='active_teams_count'>&nbsp;</p>
   <p>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: slack-ruby-bot-server
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.0
 platform: ruby
 authors:
 - Daniel Doubrovkine
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-11-15 00:00:00.000000000 Z
+date: 2020-11-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: async