Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
from logging import Logger
from typing import Callable, Dict, Any, Optional
from typing import Any, Callable, Dict, Optional

from slack_sdk.signature import SignatureVerifier

Expand All @@ -20,9 +20,17 @@ def __init__(self, signing_secret: str, base_logger: Optional[Logger] = None):
signing_secret: The signing secret
base_logger: The base logger
"""
self.verifier = SignatureVerifier(signing_secret=signing_secret)
self._signing_secret = signing_secret
self._verifier: Optional[SignatureVerifier] = None
self.logger = get_bolt_logger(RequestVerification, base_logger=base_logger)

@property
def verifier(self) -> SignatureVerifier:
# Defer initialization to avoid errors during start up
if self._verifier is None:
self._verifier = SignatureVerifier(signing_secret=self._signing_secret)
return self._verifier

def process(
self,
*,
Expand Down
7 changes: 7 additions & 0 deletions tests/scenario_tests/test_app.py
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,13 @@ def test_token_verification_enabled_False(self):

assert self.received_requests.get("/auth.test") is None

def test_socket_mode_app_without_signing_secret(self):
app = App(
client=self.web_client,
token_verification_enabled=False,
)
assert app is not None

# --------------------------
# multi teams auth
# --------------------------
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
from time import time

import pytest
from slack_sdk.signature import SignatureVerifier

from slack_bolt.middleware import RequestVerification
Expand Down Expand Up @@ -60,3 +61,21 @@ def test_ssl_check_param_requires_valid_signature(self):
resp = middleware.process(req=req, resp=resp, next=next)
assert resp.status == 401
assert resp.body == """{"error": "invalid request"}"""

def test_empty_signing_secret_does_not_raise_on_init(self):
RequestVerification(signing_secret="")

def test_socket_mode_request_skips_verification_without_signing_secret(self):
middleware = RequestVerification(signing_secret="")
req = BoltRequest(mode="socket_mode", body="payload={}", headers={})
resp = BoltResponse(status=404, body="default")
resp = middleware.process(req=req, resp=resp, next=next)
assert resp.status == 200
assert resp.body == "next"
Comment on lines +68 to +74

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Praise 🚀


def test_http_request_with_empty_signing_secret_raises(self):
middleware = RequestVerification(signing_secret="")
req = BoltRequest(body="payload={}", headers={})
resp = BoltResponse(status=404)
with pytest.raises(ValueError):
middleware.process(req=req, resp=resp, next=next)
Comment on lines +76 to +81

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice 💯

Original file line number Diff line number Diff line change
Expand Up @@ -66,3 +66,23 @@ async def test_ssl_check_param_requires_valid_signature(self):
resp = await middleware.async_process(req=req, resp=resp, next=next)
assert resp.status == 401
assert resp.body == """{"error": "invalid request"}"""

def test_empty_signing_secret_does_not_raise_on_init(self):
AsyncRequestVerification(signing_secret="")

@pytest.mark.asyncio
async def test_socket_mode_request_skips_verification_without_signing_secret(self):
middleware = AsyncRequestVerification(signing_secret="")
req = AsyncBoltRequest(mode="socket_mode", body="payload={}", headers={})
resp = BoltResponse(status=404, body="default")
resp = await middleware.async_process(req=req, resp=resp, next=next)
assert resp.status == 200
assert resp.body == "next"

@pytest.mark.asyncio
async def test_http_request_with_empty_signing_secret_raises(self):
middleware = AsyncRequestVerification(signing_secret="")
req = AsyncBoltRequest(body="payload={}", headers={})
resp = BoltResponse(status=404)
with pytest.raises(ValueError):
await middleware.async_process(req=req, resp=resp, next=next)