Почетна Преглед Помоћ
Пријавите се
wiki
/
weseek__growi
огледало од https://github.com/weseek/growi
2
0
Креирај огранак 0
Датотеке Дискусије 0 Вики
Преглед изворни кода

delete commentout

zahmis пре 5 година
родитељ
f70d13a1b2
комит
b1e3b1c53a
2 измењених фајлова са 2 додато и 39 уклоњено
Подељен поглед Покажи статистику Diff
  1. 2 2
      packages/slack/src/utils/verifying-is-slack-request.ts
  2. 0 37
      src/server/routes/apiv3/slack-bot.js

+ 2 - 2
packages/slack/src/utils/verifying-is-slack-request.ts
Прегледај датотеку 

@@ -8,7 +8,6 @@ import { stringify } from 'qs';
 
 // TODO GW-5628 move this to slack package
 
 export const verifyingIsSlackRequest = (req, res, signingSecret):string => {
 
   // Temporary
 
-  // req.signingSecret = crowi.configManager.getConfig('crowi', 'slackbot:signingSecret');
 
   req.signingSecret = signingSecret;
 
 
   // take out slackSignature and timestamp from header
 
@@ -30,7 +29,8 @@ export const verifyingIsSlackRequest = (req, res, signingSecret):string => {
 
 
   // compare growiSignature and slackSignature
 
   if (timingSafeEqual(Buffer.from(growiSignature, 'utf8'), Buffer.from(slackSignature, 'utf8'))) {
 
-    return res.send('いけてるよ');
 
+    return;
 
+
 
   }
 
 
   return res.send('Verification failed');

+ 0 - 37
src/server/routes/apiv3/slack-bot.js
Прегледај датотеку 

@@ -1,9 +1,6 @@
 
 
 const express = require('express');
 
 
-// const crypto = require('crypto');
 
-// const qs = require('qs');
 
-
 
 const loggerFactory = require('@alias/logger');
 
 
 const logger = loggerFactory('growi:routes:apiv3:slack-bot');
 
@@ -35,40 +32,6 @@ module.exports = (crowi) => {
 
     return next();
 
   }
 
 
-  /**
 
-   * Verify if the request came from slack
 
-   * See: https://api.slack.com/authentication/verifying-requests-from-slack
 
-   */
 
-  // TODO GW-5628 move this to slack package
 
-  // function verifyingIsSlackRequest(req, res, next) {
 
-  //   // Temporary
 
-  //   req.signingSecret = crowi.configManager.getConfig('crowi', 'slackbot:signingSecret');
 
-
 
-  //   // take out slackSignature and timestamp from header
 
-  //   const slackSignature = req.headers['x-slack-signature'];
 
-  //   const timestamp = req.headers['x-slack-request-timestamp'];
 
-
 
-  //   // protect against replay attacks
 
-  //   const time = Math.floor(new Date().getTime() / 1000);
 
-  //   if (Math.abs(time - timestamp) > 300) {
 
-  //     return res.send('Verification failed.');
 
-  //   }
 
-
 
-  //   // generate growi signature
 
-  //   const sigBaseString = `v0:${timestamp}:${qs.stringify(req.body, { format: 'RFC1738' })}`;
 
-  //   const hasher = crypto.createHmac('sha256', req.signingSecret);
 
-  //   hasher.update(sigBaseString, 'utf8');
 
-  //   const hashedSigningSecret = hasher.digest('hex');
 
-  //   const growiSignature = `v0=${hashedSigningSecret}`;
 
-
 
-  //   // compare growiSignature and slackSignature
 
-  //   if (crypto.timingSafeEqual(Buffer.from(growiSignature, 'utf8'), Buffer.from(slackSignature, 'utf8'))) {
 
-  //     return next();
 
-  //   }
 
-
 
-  //   return res.send('Verification failed');
 
-  // }
 
-
 
   router.post('/', /* verificationRequestUrl, /* verificationAccessToken, */ async(req, res) => {
 
 
     verifyingIsSlackRequest(req, res, crowi.configManager.getConfig('crowi', 'slackbot:signingSecret'));