@pipedream/slack 0.4.10 → 0.4.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
import slack from "../../slack.app.mjs";
|
|
2
|
+
import crypto from "crypto";
|
|
3
|
+
|
|
4
|
+
export default {
|
|
5
|
+
key: "slack-verify-slack-signature",
|
|
6
|
+
name: "Verify Slack Signature",
|
|
7
|
+
description: "Verifying requests from Slack, slack signs its requests using a secret that's unique to your app. [See docs here](https://api.slack.com/authentication/verifying-requests-from-slack)",
|
|
8
|
+
version: "0.0.1",
|
|
9
|
+
type: "action",
|
|
10
|
+
props: {
|
|
11
|
+
slack,
|
|
12
|
+
slackSigningSecret: {
|
|
13
|
+
type: "string",
|
|
14
|
+
label: "Signing Secret",
|
|
15
|
+
description: "Slack [Signing Secret](https://api.slack.com/authentication/verifying-requests-from-slack#:~:text=Slack%20Signing%20Secret%2C%20available%20in%20the%20app%20admin%20panel%20under%20Basic%20Info.), available in the app admin panel under Basic Info.",
|
|
16
|
+
secret: true,
|
|
17
|
+
},
|
|
18
|
+
slackSignature: {
|
|
19
|
+
type: "string",
|
|
20
|
+
label: "X-Slack-Signature",
|
|
21
|
+
description: "Slack signature (from X-Slack-Signature header).",
|
|
22
|
+
},
|
|
23
|
+
slackRequestTimestamp: {
|
|
24
|
+
type: "string",
|
|
25
|
+
label: "X-Slack-Request-Timestamp",
|
|
26
|
+
description: "Slack request timestamp (from X-Slack-Request-Timestamp header).",
|
|
27
|
+
},
|
|
28
|
+
requestBody: {
|
|
29
|
+
type: "any",
|
|
30
|
+
label: "Request Body",
|
|
31
|
+
description: "The body of the request to be verified.",
|
|
32
|
+
},
|
|
33
|
+
},
|
|
34
|
+
async run({ $ }) {
|
|
35
|
+
const {
|
|
36
|
+
slackSignature,
|
|
37
|
+
slackRequestTimestamp,
|
|
38
|
+
requestBody,
|
|
39
|
+
slackSigningSecret,
|
|
40
|
+
} = this;
|
|
41
|
+
const requestBodyStr = typeof (requestBody) === "string" ?
|
|
42
|
+
requestBody :
|
|
43
|
+
JSON.stringify(requestBody);
|
|
44
|
+
const sigBaseString = `v0:${slackRequestTimestamp}:${requestBodyStr}`;
|
|
45
|
+
const sha256Hex = crypto.createHmac("sha256", slackSigningSecret)
|
|
46
|
+
.update(sigBaseString, "utf8")
|
|
47
|
+
.digest("hex");
|
|
48
|
+
const mySignature = `v0=${sha256Hex}`;
|
|
49
|
+
if (crypto.timingSafeEqual(Buffer.from(mySignature, "utf8"), Buffer.from(slackSignature, "utf8"))) {
|
|
50
|
+
$.export("$summary", `Successfully verified the request with "${slackSignature}" signature`);
|
|
51
|
+
return {
|
|
52
|
+
success: true,
|
|
53
|
+
};
|
|
54
|
+
}
|
|
55
|
+
$.export("$summary", "Slack signature mismatch with provided properties, it may be a configuration issue.");
|
|
56
|
+
return {
|
|
57
|
+
success: false,
|
|
58
|
+
};
|
|
59
|
+
},
|
|
60
|
+
};
|