Skip to content

Slack Spike

Jump to bottom
Leon Matthes edited this page Nov 23, 2018 · 2 revisions

Goal

We want to send messages to a Slack channel to notify admins and users of updated on their requests (#17)

Authentication

We want to use OAuth in order to use slacks "one-button-solution" for installing HART into a slack channel. This requires the following things:

  1. Creating a Slack app in the Slack API (HART Slack app is currently owned by Leon Matthes, please ask for shared ownership)
  2. Adding a page with slacks "Add to slack" button (can be created in the Slack API)
    The button must be modified to add the redirect_uri (see 3.) as a GET parameter
    For additional security, the button should generate a random state token every time
  3. Adding a redirect_uri in the Slack API\
    • This is the uri slack redirects to after Oauth authentication
    • Must be a publicly accessible address (http or https)
    • Must (partially match) the redirect_uri in the "add to slack" button
  4. The redirect_uri page must read the verification token and state that is sent by slack
    • The state must match the the randomly generated state earlier, this must be checked, otherwise the authentication may be fraudulent
  5. Send the verification token back to slack to acquire the Access token and Webhooks URL
    • The server must use this slack API message to send the verification token back to slack
    • Slack will respond with an JSON object containing the access information for the Slack channel (further referred to as slack_authentication)
    • This call may fail and appropriate error handling is required

Sending messages to Slack

We use incoming webhooks to post messages to slack. This can be achieved using rails with the following commands:

Net::HTTP.post URI.parse(incoming_webhook_address), {text: message}.to_json, 'Content-Type': 'application/json'

Where incoming_webhook_address is JSON.parse(slack_authentication)['incoming_webhook']['url'] and message is the text to display.

Challenges

Slack requires that the server is accessable from the internet by the means of the redirect_uri to authenticate.

Incoming webhooks can however be sent from any computer once the appropriate incoming_webhook_address is created.
We recommend to once authenticate the swt2 Slack in a testing channel and then use this webhook for testing purposes.

Working mockup

a small demo of the Slack integration can be found in the #17/scaffold/slack-spike branch

Clone this wiki locally