Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use bot & user token for full functionality with newer bots #211

Open
wants to merge 8 commits into
base: master
Choose a base branch
from
Open

Use bot & user token for full functionality with newer bots #211

wants to merge 8 commits into from

Conversation

christofdamian
Copy link

Allow passing both the bot and user token to the scripts via the environment
variables DESTALINATOR_API_BOT_TOKEN and DESTALINATOR_API_USER_TOKEN. They have
different permissions and the bot token is only used to post messages, all other
calls use the user token. Fixes #194.

This also includes #210 and fixes #209 by moving the tokens into the header
instead of using query parameters.

Don't pass as_user to Slack, as this has been removed.

Removed encoding option for current Python versions, fixes #161

Look into the bot_profile for ignored users too
It wouldn't ignore my destalinator bot otherwise, which was preventing the archiver from doing the archiving.

Sorry for including all of this, but destalinator wasn't working at all for me without these changes.

@christofdamian
Move token from the query strings to the session
b82de9e 
Slack stopped allowing tokens in query strings.
See
https://api.slack.com/changelog/2020-11-no-more-tokens-in-querystrings-for-newly-created-apps

This moves the token handling into the request sessions object, which also
cleans up the code a bit.

Fixes randsleadershipslack#209
@christofdamian
Use announce channel name from the configuration
e7b53d0 
This makes it a bit easier if you have a modified configuration in the workspace
your are testing.
@christofdamian
Make the message more general, as it depends on the configuration
c68937a
@christofdamian
Look into the bot_profile for ignored users too
1dd6d29 
It wouldn't ignore my destalinator bot otherwise, which was preventing the
archiver from doing the archiving.
@christofdamian
Removed encoding option for current Python versions.
77fe3dc
@christofdamian
Use bot & user token for full functionality with newer bots
3e0f48a 
Allow passing both the bot and user token to the scripts via the environment
variables DESTALINATOR_API_BOT_TOKEN and DESTALINATOR_API_USER_TOKEN. They have
different permissions and the bot token is only used to post messags, all other
calls use the user token. Fixes randsleadershipslack#194.

This also includes randsleadershipslack#210 and fixes randsleadershipslack#209 by moving the tokens into the header
instead of using query parameters.

Don't pass `as_user` to Slack, as this has been removed.
@coveralls
Copy link

coveralls commented Apr 14, 2021
edited
Loading

Coverage Status

Coverage increased (+0.1%) to 75.883% when pulling 44c0f5a on christofdamian:bot-user-token into d9c2cf8 on randsleadershipslack:master.

@christofdamian
Changing Dockerfile to Python 3.9
44c0f5a 
This is the version I am testing locally with.
@christofdamian christofdamian mentioned this pull request Sep 28, 2021
Open
@wparad
Copy link
Contributor

wparad commented Jan 31, 2022

From Slack's expectations, user API tokens shouldn't be generated for the use by the bot, they should be collected as part of user logged in. As I understand it dstalinator has no db, which means adding this in doesn't really make sense. The fixes to the other issues is great, I recommend splitting those off into their own PR, so that debate on whether "this" is the right approach doesn't block the improvement on closing those issues.

@christofdamian
Copy link
Author

@wparad That makes sense, but the permissions required for destalinator currently require a bot and a user account.
I just hacked this together to get it to work for myself. I'll see if I find time to split the useful bits.

@wparad
Copy link
Contributor

wparad commented Jan 31, 2022

@wparad That makes sense, but the permissions required for destalinator currently require a bot and a user account. I just hacked this together to get it to work for myself. I'll see if I find time to split the useful bits.

If it really is the case that a dev needs to fork over their personal access token, then I think it makes sense to make that functionality optional based on it, rather than required. Having built a bunch of these, in most cases a user PAT isn't necessary, maybe we are just going about that functionality in the wrong way. Explicitly calling out what doesn't work based on it, is probably the better approach.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@christofdamian @coveralls @wparad