Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

#228 - Basic Hello World Slack Command Bot #236

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
130 changes: 130 additions & 0 deletions node/slack-command-bot/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,130 @@
# Logs
logs
*.log
npm-debug.log*
yarn-debug.log*
yarn-error.log*
lerna-debug.log*
.pnpm-debug.log*

# Diagnostic reports (https://nodejs.org/api/report.html)
report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json

# Runtime data
pids
*.pid
*.seed
*.pid.lock

# Directory for instrumented libs generated by jscoverage/JSCover
lib-cov

# Coverage directory used by tools like istanbul
coverage
*.lcov

# nyc test coverage
.nyc_output

# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
.grunt

# Bower dependency directory (https://bower.io/)
bower_components

# node-waf configuration
.lock-wscript

# Compiled binary addons (https://nodejs.org/api/addons.html)
build/Release

# Dependency directories
node_modules/
jspm_packages/

# Snowpack dependency directory (https://snowpack.dev/)
web_modules/

# TypeScript cache
*.tsbuildinfo

# Optional npm cache directory
.npm

# Optional eslint cache
.eslintcache

# Optional stylelint cache
.stylelintcache

# Microbundle cache
.rpt2_cache/
.rts2_cache_cjs/
.rts2_cache_es/
.rts2_cache_umd/

# Optional REPL history
.node_repl_history

# Output of 'npm pack'
*.tgz

# Yarn Integrity file
.yarn-integrity

# dotenv environment variable files
.env
.env.development.local
.env.test.local
.env.production.local
.env.local

# parcel-bundler cache (https://parceljs.org/)
.cache
.parcel-cache

# Next.js build output
.next
out

# Nuxt.js build / generate output
.nuxt
dist

# Gatsby files
.cache/
# Comment in the public line in if your project uses Gatsby and not Next.js
# https://nextjs.org/blog/next-9-1#public-directory-support
# public

# vuepress build output
.vuepress/dist

# vuepress v2.x temp and cache directory
.temp
.cache

# Docusaurus cache and generated files
.docusaurus

# Serverless directories
.serverless/

# FuseBox cache
.fusebox/

# DynamoDB Local files
.dynamodb/

# TernJS port file
.tern-port

# Stores VSCode versions used for testing VSCode extensions
.vscode-test

# yarn v2
.yarn/cache
.yarn/unplugged
.yarn/build-state.yml
.yarn/install-state.gz
.pnp.*
6 changes: 6 additions & 0 deletions node/slack-command-bot/.prettierrc.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"trailingComma": "es5",
"tabWidth": 2,
"semi": true,
"singleQuote": true
}
56 changes: 56 additions & 0 deletions node/slack-command-bot/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
# 🤖 Node.js Slack Command Bot Function

Simple command bot using Slack API

## 🧰 Usage

### POST /

A endpoint for you slack command that returns a hello world! message as response.

#### Parameters

| Name | Description | Location | Type | Sample Value |
| ------------------------- | -------------------------------- | -------- | ------ | ----------------------------------------------------------------------------------------- |
| x-slack-signature | Signature of the request payload | Header | string | `v0=a...3` |
| x-slack-request-timestamp | Timestamp of the request payload | Header | string | `1531420618` |
| JSON Body | Request payload | Body | Object | See [Slack docs](https://api.slack.com/interactivity/slash-commands#app_command_handling) |

**Response**

Sample `200` Response:

```text
Hello, World!
```

Sample `400` Response:

```json
{
"ok": false,
"error": "Missing required fields: x-slack-signature"
}
```

## ⚙️ Configuration

| Setting | Value |
| ----------------- | ------------- |
| Runtime | Node (18.0) |
| Entrypoint | `src/main.js` |
| Build Commands | `npm install` |
| Permissions | `any` |
| Timeout (Seconds) | 15 |

## 🔒 Environment Variables

### SLACK_SIGNING_SECRET

Signing secret of you slack app.

| Question | Answer |
| ------------- | ---------------------------------------------------------------------------------- |
| Required | Yes |
| Sample Value | `b33...156` |
| Documentation | [Slack Docs](https://api.slack.com/interactivity/slash-commands#creating_commands) |
39 changes: 39 additions & 0 deletions node/slack-command-bot/package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

16 changes: 16 additions & 0 deletions node/slack-command-bot/package.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
{
"name": "slack-command-bot",
"version": "1.0.0",
"description": "",
"main": "src/main.js",
"type": "module",
"scripts": {
"format": "prettier --write ."
},
"dependencies": {
"crypto": "^1.0.1"
},
"devDependencies": {
"prettier": "^3.0.0"
}
}
19 changes: 19 additions & 0 deletions node/slack-command-bot/src/main.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
import { throwIfMissing, throwIfRequestNotValid } from './utils.js';

export default async ({ req, res, log, error }) => {
throwIfMissing(process.env, ['SLACK_SIGNING_SECRET']);

try {
throwIfMissing(req.headers, [
'x-slack-request-timestamp',
'x-slack-signature',
]);
throwIfRequestNotValid(req);
} catch (err) {
error(err.message);
return res.send({ ok: false, error: err.message }, 400);
}

log('Valid Request');
return res.send('Hello World!');
};
42 changes: 42 additions & 0 deletions node/slack-command-bot/src/utils.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
import crypto from 'crypto';

/**
* Throws an error if any of the keys are missing from the object
* @param {*} obj
* @param {string[]} keys
* @throws {Error}
*/
export function throwIfMissing(obj, keys) {
const missing = [];
for (let key of keys) {
if (!(key in obj) || !obj[key]) {
missing.push(key);
}
}
if (missing.length > 0) {
throw new Error(`Missing required fields: ${missing.join(', ')}`);
}
}

/**
* Throws an error if incoming request is not valid
* @param {*} req
* @throws {Error}
*/
export function throwIfRequestNotValid(req) {
const timestamp = req.headers['x-slack-request-timestamp'];
const signature = req.headers['x-slack-signature'];

if (Math.abs(Date.now() / 1000 - timestamp) > 60 * 5) {
throw new Error('Invalid request: replay attack');
}

const signatureBaseString = `v0:${timestamp}:${req.bodyRaw}`;
const hmac = crypto.createHmac('sha256', process.env['SLACK_SIGNING_SECRET']);
hmac.update(signatureBaseString);
ManasMadan marked this conversation as resolved.
Show resolved Hide resolved

const expectedSignature = `v0=${hmac.digest('hex')}`;
if (expectedSignature !== signature) {
throw new Error('Invalid request: incorrect signature');
}
}