console.log hoge

packages/slack/src/utils/verifying-is-slack-request.ts

@@ -1,38 +1,42 @@
-import crypto from 'crypto';
-import qs from 'qs';
+// import crypto from 'crypto';
+// import qs from 'qs';
 
-/**
-   * Verify if the request came from slack
-   * See: https://api.slack.com/authentication/verifying-requests-from-slack
-   */
-// TODO GW-5628 move this to slack package
-export const verifyingIsSlackRequest = (req, res, next):string => {
-  console.log(req);
-  // Temporary
-  // req.signingSecret = crowi.configManager.getConfig('crowi', 'slackbot:signingSecret');
-  req.signingSecret = 'dummy';
+// /**
+//    * Verify if the request came from slack
+//    * See: https://api.slack.com/authentication/verifying-requests-from-slack
+//    */
+// // TODO GW-5628 move this to slack package
+// export const verifyingIsSlackRequest = (req, res, next):string => {
+//   console.log("hogematus");
+//   // Temporary
+//   // req.signingSecret = crowi.configManager.getConfig('crowi', 'slackbot:signingSecret');
+//   req.signingSecret = 'dummy';
 
-  // take out slackSignature and timestamp from header
-  const slackSignature = req.headers['x-slack-signature'];
-  const timestamp = req.headers['x-slack-request-timestamp'];
+//   // take out slackSignature and timestamp from header
+//   const slackSignature = req.headers['x-slack-signature'];
+//   const timestamp = req.headers['x-slack-request-timestamp'];
 
-  // protect against replay attacks
-  const time = Math.floor(new Date().getTime() / 1000);
-  if (Math.abs(time - timestamp) > 300) {
-    return res.send('Verification failed.');
-  }
+//   // protect against replay attacks
+//   const time = Math.floor(new Date().getTime() / 1000);
+//   if (Math.abs(time - timestamp) > 300) {
+//     return res.send('Verification failed.');
+//   }
 
-  // generate growi signature
-  const sigBaseString = `v0:${timestamp}:${qs.stringify(req.body, { format: 'RFC1738' })}`;
-  const hasher = crypto.createHmac('sha256', req.signingSecret);
-  hasher.update(sigBaseString, 'utf8');
-  const hashedSigningSecret = hasher.digest('hex');
-  const growiSignature = `v0=${hashedSigningSecret}`;
+//   // generate growi signature
+//   const sigBaseString = `v0:${timestamp}:${qs.stringify(req.body, { format: 'RFC1738' })}`;
+//   const hasher = crypto.createHmac('sha256', req.signingSecret);
+//   hasher.update(sigBaseString, 'utf8');
+//   const hashedSigningSecret = hasher.digest('hex');
+//   const growiSignature = `v0=${hashedSigningSecret}`;
 
-  // compare growiSignature and slackSignature
-  if (crypto.timingSafeEqual(Buffer.from(growiSignature, 'utf8'), Buffer.from(slackSignature, 'utf8'))) {
-    return next();
-  }
+//   // compare growiSignature and slackSignature
+//   if (crypto.timingSafeEqual(Buffer.from(growiSignature, 'utf8'), Buffer.from(slackSignature, 'utf8'))) {
+//     return next();
+//   }
 
-  return res.send('Verification failed');
-};
+//   return res.send('Verification failed');
+// };
+
+export const verifyingIsSlackRequest = (req, res, next) => {
+return console.log("wimatu")
+}

src/server/routes/apiv3/slack-bot.js

@@ -69,8 +69,10 @@ module.exports = (crowi) => {
   //   return res.send('Verification failed');
   // }
 
-  router.post('/', verificationRequestUrl, verifyingIsSlackRequest, verificationAccessToken, async(req, res) => {
+  router.post('/', /* verificationRequestUrl, */ verifyingIsSlackRequest, /* verificationAccessToken, */ async(req, res) => {
 
+    // const hoge = verifyingIsSlackRequest();
+    // console.log(hoge);
     // Send response immediately to avoid opelation_timeout error
     // See https://api.slack.com/apis/connections/events-api#the-events-api__responding-to-events
     res.send();