From 779510a6057be7ae08ba2636608aeaf3a456c7e1 Mon Sep 17 00:00:00 2001 From: Chirag Aggarwal Date: Wed, 15 Jan 2025 14:49:26 +0000 Subject: [PATCH 1/9] fix: scopes, and updated to v2 --- src/Appwrite/Auth/OAuth2/Slack.php | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/src/Appwrite/Auth/OAuth2/Slack.php b/src/Appwrite/Auth/OAuth2/Slack.php index 8898f4d1f7..e290d315d1 100644 --- a/src/Appwrite/Auth/OAuth2/Slack.php +++ b/src/Appwrite/Auth/OAuth2/Slack.php @@ -39,10 +39,10 @@ class Slack extends OAuth2 */ public function getLoginURL(): string { - // https://api.slack.com/docs/oauth#step_1_-_sending_users_to_authorize_and_or_install - return 'https://slack.com/oauth/authorize?' . \http_build_query([ + // https://api.slack.com/authentication/oauth-v2 + return 'https://slack.com/oauth/v2/authorize?' . \http_build_query([ 'client_id' => $this->appID, - 'scope' => \implode(' ', $this->getScopes()), + 'scope' => \implode(',', $this->getScopes()), 'redirect_uri' => $this->callback, 'state' => \json_encode($this->state) ]); @@ -56,10 +56,9 @@ class Slack extends OAuth2 protected function getTokens(string $code): array { if (empty($this->tokens)) { - // https://api.slack.com/docs/oauth#step_3_-_exchanging_a_verification_code_for_an_access_token $this->tokens = \json_decode($this->request( 'GET', - 'https://slack.com/api/oauth.access?' . \http_build_query([ + 'https://slack.com/api/oauth.v2.access?' . \http_build_query([ 'client_id' => $this->appID, 'client_secret' => $this->appSecret, 'code' => $code, @@ -80,7 +79,7 @@ class Slack extends OAuth2 { $this->tokens = \json_decode($this->request( 'GET', - 'https://slack.com/api/oauth.access?' . \http_build_query([ + 'https://slack.com/api/oauth.v2.access?' . \http_build_query([ 'client_id' => $this->appID, 'client_secret' => $this->appSecret, 'refresh_token' => $refreshToken, From 5d3071e084ab8de8d20a0cb82ef352ea91d91373 Mon Sep 17 00:00:00 2001 From: Chirag Aggarwal Date: Fri, 17 Jan 2025 07:05:31 +0000 Subject: [PATCH 2/9] fix: scopes --- src/Appwrite/Auth/OAuth2/Slack.php | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/src/Appwrite/Auth/OAuth2/Slack.php b/src/Appwrite/Auth/OAuth2/Slack.php index e290d315d1..a022f31347 100644 --- a/src/Appwrite/Auth/OAuth2/Slack.php +++ b/src/Appwrite/Auth/OAuth2/Slack.php @@ -20,10 +20,9 @@ class Slack extends OAuth2 * @var array */ protected array $scopes = [ - 'identity.avatar', - 'identity.basic', - 'identity.email', - 'identity.team' + 'openid', + 'email', + 'profile', ]; /** @@ -42,7 +41,7 @@ class Slack extends OAuth2 // https://api.slack.com/authentication/oauth-v2 return 'https://slack.com/oauth/v2/authorize?' . \http_build_query([ 'client_id' => $this->appID, - 'scope' => \implode(',', $this->getScopes()), + 'user_scope' => \implode(',', $this->getScopes()), 'redirect_uri' => $this->callback, 'state' => \json_encode($this->state) ]); @@ -65,6 +64,10 @@ class Slack extends OAuth2 'redirect_uri' => $this->callback ]) ), true); + + if (!$this->tokens['ok']) { + throw new \Exception('Error in fetching access token.'); + } } return $this->tokens; @@ -160,7 +163,12 @@ class Slack extends OAuth2 if (empty($this->user)) { $user = $this->request( 'GET', - 'https://slack.com/api/users.identity?token=' . \urlencode($accessToken) + 'https://slack.com/api/users.identity', + [ + 'headers' => [ + 'Authorization' => 'Bearer ' . $accessToken + ] + ] ); $this->user = \json_decode($user, true); From 983eee92666e5320bd0c0f3728627a928aeee0c6 Mon Sep 17 00:00:00 2001 From: Chirag Aggarwal Date: Fri, 17 Jan 2025 07:14:48 +0000 Subject: [PATCH 3/9] chore: added error handling to user --- src/Appwrite/Auth/OAuth2/Slack.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/Appwrite/Auth/OAuth2/Slack.php b/src/Appwrite/Auth/OAuth2/Slack.php index a022f31347..6f59e416d8 100644 --- a/src/Appwrite/Auth/OAuth2/Slack.php +++ b/src/Appwrite/Auth/OAuth2/Slack.php @@ -172,6 +172,10 @@ class Slack extends OAuth2 ); $this->user = \json_decode($user, true); + + if (!$this->user['ok']) { + throw new \Exception('Error in fetching user.'); + } } return $this->user; From 55360c3af0ba9972412f0b4155b193571d14c49e Mon Sep 17 00:00:00 2001 From: Chirag Aggarwal Date: Fri, 17 Jan 2025 07:43:50 +0000 Subject: [PATCH 4/9] debugging --- app/controllers/api/account.php | 11 ++++++++++- src/Appwrite/Auth/OAuth2/Slack.php | 6 ++++-- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php index 6935029450..74b9bc1868 100644 --- a/app/controllers/api/account.php +++ b/app/controllers/api/account.php @@ -1346,7 +1346,16 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect') ); } - $oauth2ID = $oauth2->getUserID($accessToken); + $oauth2ID = ''; + try { + $oauth2ID = $oauth2->getUserID($accessToken); + } catch (Exception $ex) { + $failureRedirect( + $ex->getType(), + 'Failed to obtain user ID. The ' . $providerName . ' OAuth2 provider returned an error: ' . $ex->getMessage(), + ); + } + if (empty($oauth2ID)) { $failureRedirect(Exception::USER_MISSING_ID); } diff --git a/src/Appwrite/Auth/OAuth2/Slack.php b/src/Appwrite/Auth/OAuth2/Slack.php index 6f59e416d8..1d6ba17a46 100644 --- a/src/Appwrite/Auth/OAuth2/Slack.php +++ b/src/Appwrite/Auth/OAuth2/Slack.php @@ -66,8 +66,10 @@ class Slack extends OAuth2 ), true); if (!$this->tokens['ok']) { - throw new \Exception('Error in fetching access token.'); + throw new \Exception('Error in fetching access token: ' . $this->tokens['error']); } + + $this->tokens['access_token'] = $this->tokens['authed_user']['access_token']; } return $this->tokens; @@ -174,7 +176,7 @@ class Slack extends OAuth2 $this->user = \json_decode($user, true); if (!$this->user['ok']) { - throw new \Exception('Error in fetching user.'); + throw new \Exception('Error in fetching user: ' . $this->user['error']); } } From 0517ebfb4e8e20ab309f9be9782a03f593300a66 Mon Sep 17 00:00:00 2001 From: Chirag Aggarwal Date: Fri, 17 Jan 2025 16:19:14 +0000 Subject: [PATCH 5/9] fix: auth user --- app/controllers/api/account.php | 11 +---------- src/Appwrite/Auth/OAuth2/Slack.php | 16 ++-------------- 2 files changed, 3 insertions(+), 24 deletions(-) diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php index 74b9bc1868..6935029450 100644 --- a/app/controllers/api/account.php +++ b/app/controllers/api/account.php @@ -1346,16 +1346,7 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect') ); } - $oauth2ID = ''; - try { - $oauth2ID = $oauth2->getUserID($accessToken); - } catch (Exception $ex) { - $failureRedirect( - $ex->getType(), - 'Failed to obtain user ID. The ' . $providerName . ' OAuth2 provider returned an error: ' . $ex->getMessage(), - ); - } - + $oauth2ID = $oauth2->getUserID($accessToken); if (empty($oauth2ID)) { $failureRedirect(Exception::USER_MISSING_ID); } diff --git a/src/Appwrite/Auth/OAuth2/Slack.php b/src/Appwrite/Auth/OAuth2/Slack.php index 1d6ba17a46..88d5b6a3a4 100644 --- a/src/Appwrite/Auth/OAuth2/Slack.php +++ b/src/Appwrite/Auth/OAuth2/Slack.php @@ -20,9 +20,7 @@ class Slack extends OAuth2 * @var array */ protected array $scopes = [ - 'openid', - 'email', - 'profile', + 'users:read', ]; /** @@ -63,13 +61,7 @@ class Slack extends OAuth2 'code' => $code, 'redirect_uri' => $this->callback ]) - ), true); - - if (!$this->tokens['ok']) { - throw new \Exception('Error in fetching access token: ' . $this->tokens['error']); - } - - $this->tokens['access_token'] = $this->tokens['authed_user']['access_token']; + ), true)['authed_user']; } return $this->tokens; @@ -174,10 +166,6 @@ class Slack extends OAuth2 ); $this->user = \json_decode($user, true); - - if (!$this->user['ok']) { - throw new \Exception('Error in fetching user: ' . $this->user['error']); - } } return $this->user; From be5c4b753ad5ac0a2dd5940ffe3cbb44e91a6812 Mon Sep 17 00:00:00 2001 From: Chirag Aggarwal Date: Fri, 17 Jan 2025 19:40:33 +0000 Subject: [PATCH 6/9] fix: syntax --- src/Appwrite/Auth/OAuth2/Slack.php | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/src/Appwrite/Auth/OAuth2/Slack.php b/src/Appwrite/Auth/OAuth2/Slack.php index 88d5b6a3a4..dd35a590b1 100644 --- a/src/Appwrite/Auth/OAuth2/Slack.php +++ b/src/Appwrite/Auth/OAuth2/Slack.php @@ -32,11 +32,12 @@ class Slack extends OAuth2 } /** + * @link https://api.slack.com/authentication/oauth-v2 + * * @return string */ public function getLoginURL(): string { - // https://api.slack.com/authentication/oauth-v2 return 'https://slack.com/oauth/v2/authorize?' . \http_build_query([ 'client_id' => $this->appID, 'user_scope' => \implode(',', $this->getScopes()), @@ -82,7 +83,7 @@ class Slack extends OAuth2 'refresh_token' => $refreshToken, 'grant_type' => 'refresh_token' ]) - ), true); + ), true)['authed_user']; if (empty($this->tokens['refresh_token'])) { $this->tokens['refresh_token'] = $refreshToken; @@ -158,13 +159,8 @@ class Slack extends OAuth2 $user = $this->request( 'GET', 'https://slack.com/api/users.identity', - [ - 'headers' => [ - 'Authorization' => 'Bearer ' . $accessToken - ] - ] + ['Authorization: Bearer ' . \urlencode($accessToken)] ); - $this->user = \json_decode($user, true); } From ead7a176451e2ccbe57b09d6fc2c9087b86be351 Mon Sep 17 00:00:00 2001 From: Chirag Aggarwal Date: Tue, 21 Jan 2025 13:34:45 +0000 Subject: [PATCH 7/9] chore: remove comma --- src/Appwrite/Auth/OAuth2/Slack.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Appwrite/Auth/OAuth2/Slack.php b/src/Appwrite/Auth/OAuth2/Slack.php index dd35a590b1..056648d34b 100644 --- a/src/Appwrite/Auth/OAuth2/Slack.php +++ b/src/Appwrite/Auth/OAuth2/Slack.php @@ -40,7 +40,7 @@ class Slack extends OAuth2 { return 'https://slack.com/oauth/v2/authorize?' . \http_build_query([ 'client_id' => $this->appID, - 'user_scope' => \implode(',', $this->getScopes()), + 'user_scope' => \implode(' ', $this->getScopes()), 'redirect_uri' => $this->callback, 'state' => \json_encode($this->state) ]); From 6d404ada74482e1f07ce4a4e28f160fba4190c08 Mon Sep 17 00:00:00 2001 From: Chirag Aggarwal Date: Thu, 23 Jan 2025 05:36:12 +0000 Subject: [PATCH 8/9] chore: update scopes --- src/Appwrite/Auth/OAuth2/Slack.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/Appwrite/Auth/OAuth2/Slack.php b/src/Appwrite/Auth/OAuth2/Slack.php index 056648d34b..aff89bbd32 100644 --- a/src/Appwrite/Auth/OAuth2/Slack.php +++ b/src/Appwrite/Auth/OAuth2/Slack.php @@ -20,7 +20,9 @@ class Slack extends OAuth2 * @var array */ protected array $scopes = [ - 'users:read', + 'openid', + 'email', + 'profile' ]; /** From e4122e236c47a16898dec819091f7c56e6c4b3fa Mon Sep 17 00:00:00 2001 From: Chirag Aggarwal Date: Tue, 4 Feb 2025 04:56:33 +0000 Subject: [PATCH 9/9] chore: added null coalescing operator --- src/Appwrite/Auth/OAuth2/Slack.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Appwrite/Auth/OAuth2/Slack.php b/src/Appwrite/Auth/OAuth2/Slack.php index aff89bbd32..9c87e45ed6 100644 --- a/src/Appwrite/Auth/OAuth2/Slack.php +++ b/src/Appwrite/Auth/OAuth2/Slack.php @@ -64,7 +64,7 @@ class Slack extends OAuth2 'code' => $code, 'redirect_uri' => $this->callback ]) - ), true)['authed_user']; + ), true)['authed_user'] ?? []; } return $this->tokens; @@ -85,7 +85,7 @@ class Slack extends OAuth2 'refresh_token' => $refreshToken, 'grant_type' => 'refresh_token' ]) - ), true)['authed_user']; + ), true)['authed_user'] ?? []; if (empty($this->tokens['refresh_token'])) { $this->tokens['refresh_token'] = $refreshToken;