0.3.3 • Published 3 years ago
@juris710/passport-slack v0.3.3
passport-slack
Passport strategy for authenticating with Slack using the OAuth 2.0 API.
Updated to support Sign in with Slack by default.
Configured to use v2 of the Slack OAuth API.
Install
$ npm install @juris710/passport-slackExpress Example
const {CLIENT_ID, CLIENT_SECRET, PORT} = process.env,
SlackStrategy = require('@juris710/passport-slack').Strategy,
passport = require('passport'),
express = require('express'),
app = express();
// example with Slack OAuth v2 signin with slack
passport.use(new SlackStrategy({
clientID: CLIENT_ID,
clientSecret: CLIENT_SECRET
user_scope: [
'identity.basic',
'identity.team',
'identity.email',
'identity.avatar',
],
}, (accessToken, refreshToken, profile, done) => {
// optionally persist profile data
done(null, profile);
}
));
app.use(passport.initialize());
app.use(require('body-parser').urlencoded({ extended: true }));
// path to start the OAuth flow
app.get('/auth/slack', passport.authorize('slack'));
// OAuth callback url
app.get('/auth/slack/callback',
passport.authorize('slack', { failureRedirect: '/login' }),
(req, res) => res.redirect('/')
);
app.listen(PORT);Sample Profile
{
"provider": "Slack",
"id": "U123XXXXX",
"displayName": "John Agan",
"user": {
"name": "John Agan",
"id": "U123XXXXX",
"email": "johnagan@testing.com",
"image_24": "https://secure.gravatar.com/avatar/123abcd123bc12b3c.jpg?s=24&d=https%3A%2F%2Fa.slack-edge.com%2F66f9%2Fimg%2Favatars%2Fava_0000-24.png",
"image_32": "https://secure.gravatar.com/avatar/123abcd123bc12b3c.jpg?s=32&d=https%3A%2F%2Fa.slack-edge.com%2F66f9%2Fimg%2Favatars%2Fava_0000-32.png",
"image_48": "https://secure.gravatar.com/avatar/123abcd123bc12b3c.jpg?s=48&d=https%3A%2F%2Fa.slack-edge.com%2F66f9%2Fimg%2Favatars%2Fava_0000-48.png",
"image_72": "https://secure.gravatar.com/avatar/123abcd123bc12b3c.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2F66f9%2Fimg%2Favatars%2Fava_0000-72.png",
"image_192": "https://secure.gravatar.com/avatar/123abcd123bc12b3c.jpg?s=192&d=https%3A%2F%2Fa.slack-edge.com%2F7fa9%2Fimg%2Favatars%2Fava_0000-192.png",
"image_512": "https://secure.gravatar.com/avatar/123abcd123bc12b3c.jpg?s=512&d=https%3A%2F%2Fa.slack-edge.com%2F7fa9%2Fimg%2Favatars%2Fava_0000-512.png"
},
"team": {
"id": "T123XXXX",
"name": "My Awesome Team",
"domain": "my-awesome-team",
"image_34": "https://a.slack-edge.com/0000/img/avatars-teams/ava_0000-00.png",
"image_44": "https://a.slack-edge.com/00a0/img/avatars-teams/ava_0000-00.png",
"image_68": "https://a.slack-edge.com/00a0/img/avatars-teams/ava_0000-00.png",
"image_88": "https://a.slack-edge.com/00a0/img/avatars-teams/ava_0000-00.png",
"image_102": "https://a.slack-edge.com/00a0/img/avatars-teams/ava_0000-000.png",
"image_132": "https://a.slack-edge.com/00a0/img/avatars-teams/ava_0000-000.png",
"image_230": "https://a.slack-edge.com/0a0a0/img/avatars-teams/ava_0000-000.png",
"image_default": true
}
}Usage
Configure Strategy
The Slack authentication strategy authenticates users using a Slack
account and OAuth 2.0 tokens. The strategy requires a verify callback, which
accepts these credentials and calls done providing a user, as well as
options specifying a client ID, client secret, and callback URL.
passport.use(new SlackStrategy({
clientID: CLIENT_ID,
clientSecret: CLIENT_SECRET,
skipUserProfile: false, // default
scope: ['identity.basic', 'identity.email', 'identity.avatar', 'identity.team'] // default
},
(accessToken, refreshToken, profile, done) => {
// optionally persist user data into a database
done(null, profile);
}
));Authenticate Requests
Use passport.authorize() (or passport.authenticate() if you want to authenticate with Slack and affect req.user and user session), specifying the 'slack' strategy, to
authenticate requests.
For example, as route middleware in an Express application:
app.get('/auth/slack', passport.authorize('slack'));
app.get('/auth/slack/callback',
passport.authorize('slack', { failureRedirect: '/login' }),
(req, res) => res.redirect('/') // Successful authentication, redirect home.
);Custom Scopes
passport.use(new SlackStrategy({
clientID: CLIENT_ID,
clientSecret: CLIENT_SECRET,
scope: ['identity.basic', 'channels:read', 'chat:write:user']
}, () => { });Slack OAuth v2 install using granular scopes
passport.use(new SlackStrategy({
clientID: CLIENT_ID,
clientSecret: CLIENT_SECRET
authorizationURL: 'https://slack.com/oauth/v2/authorize',
tokenURL: 'https://slack.com/api/oauth.v2.access',
scope: [
'chat:write'
],
}, (accessToken, refreshToken, profile, done) => {
// optionally persist profile data
done(null, profile);
}
));Slack OAuth v2 signin with slack
passport.use(new SlackStrategy({
clientID: CLIENT_ID,
clientSecret: CLIENT_SECRET
authorizationURL: 'https://slack.com/oauth/v2/authorize',
tokenURL: 'https://slack.com/api/oauth.v2.access',
user_scope: [
'identity.basic',
'identity.team',
'identity.email',
'identity.avatar',
],
}, (accessToken, refreshToken, profile, done) => {
// optionally persist profile data
done(null, profile);
}
));Ignore Profile Info
Slack's v2 OAuth response does not follow the existing standards, so passport is unable to find the auth token and unable to retrieve the profile. You will need to manually
extract the auth token from the params parameter in the callback.
Or, if you just need an access token and not user profile data, you can avoid getting profile info by setting skipUserProfile to true.
passport.use(new SlackStrategy({
user_scope: [
'identity.basic',
'identity.team',
'identity.email',
'identity.avatar',
],
passReqToCallback: true,
authorizationURL: 'https://slack.com/oauth/v2/authorize',
tokenURL: 'https://slack.com/api/oauth.v2.access',
skipUserProfile: true,
}, (req, accessToken, refreshToken, params, profile, done) => { });Thanks
License
Copyright (c) 2014 Michael Pearson