From ab9ae8b3ed5df1fffe23d5d9a59f6f0ee92ef2ba Mon Sep 17 00:00:00 2001 From: Sundeep Gupta Date: Mon, 25 Jul 2016 10:51:11 -0400 Subject: [PATCH] Custom Slack auth flows via redirect params. Allow passing of custom params into the Slack auth flow. The custom params are passed through the flow and are passed back into the `create_user` and `update_user` events. https://github.com/howdyai/botkit/issues/329 --- lib/SlackBot.js | 29 +++++++++++++++++++++++------ readme-slack.md | 18 ++++++++++++++++++ 2 files changed, 41 insertions(+), 6 deletions(-) diff --git a/lib/SlackBot.js b/lib/SlackBot.js index 281c40835..02e5488bc 100755 --- a/lib/SlackBot.js +++ b/lib/SlackBot.js @@ -2,6 +2,7 @@ var Botkit = require(__dirname + '/CoreBot.js'); var request = require('request'); var express = require('express'); var bodyParser = require('body-parser'); +var querystring = require('querystring'); function Slackbot(configuration) { @@ -303,7 +304,7 @@ function Slackbot(configuration) { }; // get a team url to redirect the user through oauth process - slack_botkit.getAuthorizeURL = function(team_id) { + slack_botkit.getAuthorizeURL = function(team_id, redirect_params) { var scopes = slack_botkit.config.scopes; var url = 'https://slack.com/oauth/authorize' + '?client_id=' + @@ -312,8 +313,14 @@ function Slackbot(configuration) { if (team_id) url += '&team=' + team_id; - if (slack_botkit.config.redirectUri) - url += '&redirect_uri=' + slack_botkit.config.redirectUri; + if (slack_botkit.config.redirectUri) { + var redirect_query = ''; + if (redirect_params) + redirect_query += encodeURIComponent(querystring.stringify(redirect_params)); + + var redirect_uri = slack_botkit.config.redirectUri + '?' + redirect_query; + url += '&redirect_uri=' + redirect_uri; + } return url; @@ -382,7 +389,17 @@ function Slackbot(configuration) { code: code }; - if (slack_botkit.config.redirectUri) opts.redirect_uri = slack_botkit.config.redirectUri; + var redirect_params = {}; + if (slack_botkit.config.redirectUri) { + Object.assign(redirect_params, req.query); + delete redirect_params.code; + delete redirect_params.state; + + var redirect_query = querystring.stringify(redirect_params); + var redirect_uri = slack_botkit.config.redirectUri + '?' + redirect_query; + + opts.redirect_uri = redirect_uri; + } oauth_access(opts, function(err, auth) { @@ -507,9 +524,9 @@ function Slackbot(configuration) { slack_botkit.trigger('error', [err]); } else { if (isnew) { - slack_botkit.trigger('create_user', [bot, user]); + slack_botkit.trigger('create_user', [bot, user, redirect_params]); } else { - slack_botkit.trigger('update_user', [bot, user]); + slack_botkit.trigger('update_user', [bot, user, redirect_params]); } if (callback) { callback(null, req, res); diff --git a/readme-slack.md b/readme-slack.md index a07a8b4a2..eb568270a 100644 --- a/readme-slack.md +++ b/readme-slack.md @@ -606,6 +606,24 @@ controller.setupWebserver(process.env.port,function(err,webserver) { ``` +#### Custom auth flows +In addition to the Slack Button, you can send users through an auth flow via a Slack interaction. +The `getAuthorizeURL` provides the url. It requires the `team_id` and accepts an optional `redirect_params` argument. +```javascript +controller.getAuthorizeURL(team_id, redirect_params); +``` + +The `redirect_params` argument is passed back into the `create_user` and `update_user` events so you can handle +auth flows in different ways. For example: +```javascript +controller.on('create_user', function(bot, user, redirect_params) { + if (redirect_params.slash_command_id) { + // continue processing the slash command for the user + } +} +``` + + ### How to identify what team your message came from ```javascript var team = bot.identifyTeam() // returns team id