Skip to content

Commit

Permalink
ref(slack): Remove slack-v2 creds and usage
Browse files Browse the repository at this point in the history
  • Loading branch information
@MeredithAnya
MeredithAnya committed Feb 3, 2021
1 parent 94a6bc7 commit e4b90bf
Show file tree
Hide file tree
Showing 6 changed files with 9 additions and 36 deletions.
4 changes: 2 additions & 2 deletions src/sentry/identity/slack/provider.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,10 +26,10 @@ def get_oauth_access_token_url(self):
return "https://slack.com/api/oauth.v2.access"

def get_oauth_client_id(self):
return options.get("slack-v2.client-id") or options.get("slack.client-id")
return options.get("slack.client-id")

def get_oauth_client_secret(self):
return options.get("slack-v2.client-secret") or options.get("slack.client-secret")
return options.get("slack.client-secret")

def get_user_scopes(self):
return self.config.get("user_scopes", self.user_scopes)
Expand Down
11 changes: 5 additions & 6 deletions src/sentry/integrations/slack/requests.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,19 +93,18 @@ def _validate_data(self):
raise SlackRequestError(status=400)

def _authorize(self):
# check v1 then v2
# XXX(meredith): Signing secrets are the prefered way
# but self-hosted could still have an older slack bot
# app that just has the verification token.
signing_secret = options.get("slack.signing-secret")
verification_token = options.get("slack.verification-token")
# for v1, only check the verification_token if we don't have a signing_secret

if signing_secret:
if self._check_signing_secret(signing_secret):
return
elif verification_token and self._check_verification_token(verification_token):
return
# for v2, only check signing secret
signing_secret = options.get("slack-v2.signing-secret")
if signing_secret and self._check_signing_secret(signing_secret):
return

# unfortunately, we can't know which auth was supposed to succeed
self._error("slack.action.auth")
raise SlackRequestError(status=401)
Expand Down
7 changes: 1 addition & 6 deletions src/sentry/options/defaults.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,14 +119,9 @@
# Slack Integration
register("slack.client-id", flags=FLAG_PRIORITIZE_DISK)
register("slack.client-secret", flags=FLAG_PRIORITIZE_DISK)
# signing-secret is preferred, but need to keep verification-token for apps that use it
register("slack.verification-token", flags=FLAG_PRIORITIZE_DISK)
register("slack.signing-secret", flags=FLAG_PRIORITIZE_DISK)
register("slack.legacy-app", flags=FLAG_PRIORITIZE_DISK, type=Bool, default=True)

# Slack V2 Integration
register("slack-v2.client-id", flags=FLAG_PRIORITIZE_DISK)
register("slack-v2.client-secret", flags=FLAG_PRIORITIZE_DISK)
register("slack-v2.signing-secret", flags=FLAG_PRIORITIZE_DISK)

# GitHub Integration
register("github-app.id", default=0)
Expand Down
2 changes: 1 addition & 1 deletion src/sentry/utils/pytest/sentry.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,7 @@ def pytest_configure(config):
"slack.client-id": "slack-client-id",
"slack.client-secret": "slack-client-secret",
"slack.verification-token": "slack-verification-token",
"slack.legacy-app": True,
"slack.signing-secret": "slack-signing-secret",
"github-app.name": "sentry-test-app",
"github-app.client-id": "github-client-id",
"github-app.client-secret": "github-client-secret",
Expand Down
11 changes: 0 additions & 11 deletions tests/sentry/integrations/slack/test_integration.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@
OrganizationIntegration,
)
from sentry.testutils import IntegrationTestCase, TestCase
from sentry.testutils.helpers import override_options


class SlackIntegrationTest(IntegrationTestCase):
Expand Down Expand Up @@ -149,16 +148,6 @@ def test_reassign_user(self):
identity = Identity.objects.get()
assert identity.external_id == "UXXXXXXX2"

@responses.activate
def test_install_v2(self):
with override_options(
{"slack-v2.client-id": "other-id", "slack-v2.client-secret": "other-secret"}
):
self.assert_setup_flow(
expected_client_id="other-id",
expected_client_secret="other-secret",
)


class SlackIntegrationConfigTest(TestCase):
def setUp(self):
Expand Down
10 changes: 0 additions & 10 deletions tests/sentry/integrations/slack/test_requests.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -163,16 +163,6 @@ def test_signing_secret(self):
self.set_signature(options.get("slack.signing-secret"), self.request.body)
self.slack_request.validate()

def test_signing_secret_v2(self):
with override_options({"slack-v2.signing-secret": "secret-v2"}):
self.request.data = {"challenge": "abc123", "type": "url_verification"}

# we get a url encoded body with Slack
self.request.body = urlencode(self.request.data).encode("utf-8")

self.set_signature(options.get("slack-v2.signing-secret"), self.request.body)
self.slack_request.validate()

def test_signing_secret_bad(self):
with override_options({"slack.signing-secret": "secret"}):
# even though we provide the token, should still fail
Expand Down

0 comments on commit e4b90bf

Please sign in to comment.