-
Notifications
You must be signed in to change notification settings - Fork 288
Expand file tree
/
Copy pathtest_app_custom_authorize.py
More file actions
262 lines (234 loc) · 9.22 KB
/
test_app_custom_authorize.py
File metadata and controls
262 lines (234 loc) · 9.22 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
import datetime
import json
import logging
from time import time
from typing import Optional
import pytest
from slack_sdk.errors import SlackApiError
from slack_sdk.oauth.installation_store import Installation, Bot
from slack_sdk.oauth.installation_store.async_installation_store import (
AsyncInstallationStore,
)
from slack_sdk.signature import SignatureVerifier
from slack_sdk.web.async_client import AsyncWebClient
from slack_bolt.app.async_app import AsyncApp
from slack_bolt.authorization import AuthorizeResult
from slack_bolt.authorization.async_authorize import AsyncAuthorize
from slack_bolt.context.async_context import AsyncBoltContext
from slack_bolt.error import BoltError
from slack_bolt.oauth.async_oauth_settings import AsyncOAuthSettings
from slack_bolt.request.async_request import AsyncBoltRequest
from tests.mock_web_api_server import (
assert_received_request_count_async,
cleanup_mock_web_api_server_async,
assert_auth_test_count_async,
setup_mock_web_api_server_async,
)
from tests.utils import remove_os_env_temporarily, restore_os_env
class TestAppCustomAuthorize:
signing_secret = "secret"
valid_token = "xoxb-valid"
mock_api_server_base_url = "http://localhost:8888"
signature_verifier = SignatureVerifier(signing_secret)
web_client = AsyncWebClient(
token=valid_token,
base_url=mock_api_server_base_url,
)
@pytest.fixture(scope="function", autouse=True)
def setup_teardown(self):
old_os_env = remove_os_env_temporarily()
setup_mock_web_api_server_async(self)
try:
yield # run the test here
finally:
cleanup_mock_web_api_server_async(self)
restore_os_env(old_os_env)
def generate_signature(self, body: str, timestamp: str):
return self.signature_verifier.generate_signature(
body=body,
timestamp=timestamp,
)
def build_headers(self, timestamp: str, body: str):
return {
"content-type": ["application/json"],
"x-slack-signature": [self.generate_signature(body, timestamp)],
"x-slack-request-timestamp": [timestamp],
}
def build_valid_app_mention_request(self) -> AsyncBoltRequest:
timestamp, body = str(int(time())), json.dumps(app_mention_body)
return AsyncBoltRequest(body=body, headers=self.build_headers(timestamp, body))
@pytest.mark.asyncio
async def test_installation_store_only(self):
app = AsyncApp(
client=self.web_client,
signing_secret=self.signing_secret,
oauth_settings=AsyncOAuthSettings(
client_id="111.222",
client_secret="secret",
installation_store=MemoryInstallationStore(),
),
)
app.event("app_mention")(whats_up)
request = self.build_valid_app_mention_request()
response = await app.async_dispatch(request)
assert response.status == 200
await assert_auth_test_count_async(self, 2)
await assert_received_request_count_async(self, "/chat.postMessage", 1)
@pytest.mark.asyncio
async def test_installation_store_and_authorize(self):
installation_store = MemoryInstallationStore()
app = AsyncApp(
client=self.web_client,
signing_secret=self.signing_secret,
authorize=CustomAuthorize(installation_store),
oauth_settings=AsyncOAuthSettings(
client_id="111.222",
client_secret="secret",
installation_store=installation_store,
),
)
app.event("app_mention")(whats_up)
request = self.build_valid_app_mention_request()
response = await app.async_dispatch(request)
assert response.status == 200
await assert_auth_test_count_async(self, 1)
await assert_received_request_count_async(self, "/chat.postMessage", 1)
@pytest.mark.asyncio
async def test_installation_store_and_func_authorize(self):
installation_store = MemoryInstallationStore()
async def authorize():
pass
with pytest.raises(BoltError):
AsyncApp(
client=self.web_client,
signing_secret=self.signing_secret,
authorize=authorize,
oauth_settings=AsyncOAuthSettings(
client_id="111.222",
client_secret="secret",
installation_store=installation_store,
),
)
app_mention_body = {
"token": "verification_token",
"team_id": "T111",
"enterprise_id": "E111",
"api_app_id": "A111",
"event": {
"client_msg_id": "9cbd4c5b-7ddf-4ede-b479-ad21fca66d63",
"type": "app_mention",
"text": "<@W111> Hi there!",
"user": "W222",
"ts": "1595926230.009600",
"team": "T111",
"channel": "C111",
"event_ts": "1595926230.009600",
},
"type": "event_callback",
"event_id": "Ev111",
"event_time": 1595926230,
"authed_users": ["W111"],
}
async def whats_up(body, say, payload, event):
assert body["event"] == payload
assert payload == event
await say("What's up?")
class MemoryInstallationStore(AsyncInstallationStore):
@property
def logger(self) -> logging.Logger:
return logging.getLogger(__name__)
async def async_save(self, installation: Installation):
pass
async def async_find_bot(
self,
*,
enterprise_id: Optional[str],
team_id: Optional[str],
is_enterprise_install: Optional[bool] = False,
) -> Optional[Bot]:
return Bot(
app_id="A111",
enterprise_id="E111",
team_id="T0G9PQBBK",
bot_token="xoxb-valid",
bot_id="B",
bot_user_id="W",
bot_scopes=["commands", "chat:write"],
installed_at=datetime.datetime.now().timestamp(),
)
async def async_find_installation(
self,
*,
enterprise_id: Optional[str],
team_id: Optional[str],
user_id: Optional[str] = None,
is_enterprise_install: Optional[bool] = False,
) -> Optional[Installation]:
return Installation(
app_id="A111",
enterprise_id="E111",
team_id="T0G9PQBBK",
bot_token="xoxb-valid-2",
bot_id="B",
bot_user_id="W",
bot_scopes=["commands", "chat:write"],
user_id="W11111",
user_token="xoxp-valid",
user_scopes=["search:read"],
installed_at=datetime.datetime.now().timestamp(),
)
class CustomAuthorize(AsyncAuthorize):
def __init__(self, installation_store: AsyncInstallationStore):
self.installation_store = installation_store
async def __call__(
self,
*,
context: AsyncBoltContext,
enterprise_id: Optional[str],
team_id: Optional[str],
user_id: Optional[str],
) -> Optional[AuthorizeResult]:
bot_token: Optional[str] = None
user_token: Optional[str] = None
latest_installation: Optional[Installation] = await self.installation_store.async_find_installation(
enterprise_id=enterprise_id,
team_id=team_id,
is_enterprise_install=context.is_enterprise_install,
)
this_user_installation: Optional[Installation] = None
if latest_installation is not None:
bot_token = latest_installation.bot_token # this still can be None
user_token = latest_installation.user_token # this still can be None
if latest_installation.user_id != user_id:
# First off, remove the user token as the installer is a different user
user_token = None
latest_installation.user_token = None
latest_installation.user_refresh_token = None
latest_installation.user_token_expires_at = None
latest_installation.user_scopes = []
# try to fetch the request user's installation
# to reflect the user's access token if exists
this_user_installation = await self.installation_store.async_find_installation(
enterprise_id=enterprise_id,
team_id=team_id,
user_id=user_id,
is_enterprise_install=context.is_enterprise_install,
)
if this_user_installation is not None:
user_token = this_user_installation.user_token
if latest_installation.bot_token is None:
# If latest_installation has a bot token, we never overwrite the value
bot_token = this_user_installation.bot_token
token: Optional[str] = bot_token or user_token
if token is None:
return None
try:
auth_test_api_response = await context.client.auth_test(token=token)
authorize_result = AuthorizeResult.from_auth_test_response(
auth_test_response=auth_test_api_response,
bot_token=bot_token,
user_token=user_token,
)
return authorize_result
except SlackApiError:
return None