Back to Bolt Python

slack_bolt.middleware.request_verification API documentation

docs/reference/middleware/request_verification/index.html

1.29.03.8 KB
Original Source

Sub-modules

slack_bolt.middleware.request_verification.async_request_verification

slack_bolt.middleware.request_verification.request_verification

Classes

class RequestVerification (signing_secret: str, base_logger: logging.Logger | None = None)#Expand source code

class RequestVerification(Middleware):
    def __init__ (self, signing_secret: str, base_logger: Optional[Logger] = None):
        """Verifies an incoming request by checking the validity of
        `x-slack-signature`, `x-slack-request-timestamp`, and its body data.

        Refer to https://docs.slack.dev/authentication/verifying-requests-from-slack/ for details.

        Args:
            signing_secret: The signing secret
            base_logger: The base logger
        """
        self._signing_secret = signing_secret
        self._verifier: Optional[SignatureVerifier] = None
        self.logger = get_bolt_logger(RequestVerification, base_logger=base_logger)

    @property
    def verifier(self) -> SignatureVerifier:
        # Defer initialization to avoid errors during start up
        if self._verifier is None:
            self._verifier = SignatureVerifier(signing_secret=self._signing_secret)
        return self._verifier

    def process(
        self,
        *,
        req: BoltRequest,
        resp: BoltResponse,
        # As this method is not supposed to be invoked by bolt-python users,
        # the naming conflict with the built-in one affects
        # only the internals of this method
        next: Callable[[], BoltResponse],
    ) -> BoltResponse:
        if self._can_skip(req.mode, req.body):
            return next()

        body = req.raw_body
        timestamp = req.headers.get("x-slack-request-timestamp", ["0"])[0]
        signature = req.headers.get("x-slack-signature", [""])[0]
        if self.verifier.is_valid(body, timestamp, signature):
            return next()
        else:
            self._debug_log_error(signature, timestamp, body)
            return self._build_error_response()

    # -----------------------------------------

    @staticmethod
    def _can_skip(mode: str, body: Dict[str, Any]) -> bool:
        return mode == "socket_mode"

    @staticmethod
    def _build_error_response() -> BoltResponse:
        return BoltResponse(status=401, body={"error": "invalid request"})

    def _debug_log_error(self, signature, timestamp, body) -> None:
        self.logger.info(
            "Invalid request signature detected " f"(signature: {signature}, timestamp: {timestamp}, body: {body})"
        )

A middleware can process request data before other middleware and listener functions.

Verifies an incoming request by checking the validity of x-slack-signature, x-slack-request-timestamp, and its body data.

Refer to https://docs.slack.dev/authentication/verifying-requests-from-slack/ for details.

Args

signing_secret The signing secret base_logger The base logger

Ancestors

Subclasses

Instance variables

prop verifier : slack_sdk.signature.SignatureVerifier#Expand source code

@property
def verifier(self) -> SignatureVerifier:
    # Defer initialization to avoid errors during start up
    if self._verifier is None:
        self._verifier = SignatureVerifier(signing_secret=self._signing_secret)
    return self._verifier

Inherited members

  • Middleware:
    • name
    • process