New applications aren't allowed to send token in query parameters any more #107
Comments
|
Below is a dirty hack that rips out /// Work-around for <https://github.com/slack-rs/slack-rs-api/issues/107>.
struct AuthClient {
inner: Client,
}
impl AuthClient {
pub fn new() -> Result<Self, reqwest::Error> {
Ok(Self {
inner: slack_api::default_client()?,
})
}
}
#[async_trait::async_trait]
impl SlackWebRequestSender for AuthClient {
type Error = <Client as SlackWebRequestSender>::Error;
async fn send<I, K, V, S>(&self, method: S, params: I) -> Result<String, Self::Error>
where
I: IntoIterator + Send,
K: AsRef<str>,
V: AsRef<str>,
I::Item: std::borrow::Borrow<(K, V)>,
S: AsRef<str> + Send,
{
let mut url = reqwest::Url::parse(method.as_ref()).expect("Unable to parse url");
let mut token = None;
{
let mut qp = url.query_pairs_mut();
for param in params {
let (k, v) = param.borrow();
if k.as_ref() == "token" {
token = Some(v.as_ref().to_owned());
continue;
}
qp.append_pair(k.as_ref(), v.as_ref());
}
}
let mut req = self.inner.get(url);
if let Some(token) = token {
req = req.bearer_auth(token);
};
Ok(req.send().await?.text().await?)
}
} |
ceejbot
added a commit
to ceejbot/slack-rs-api
that referenced
this issue
Apr 18, 2022
The Slack API has moved on, while this crate has not. Adapted the approach from slack-rs#107 to pluck the auth token out of the parameter body and send it as a bearer auth header instead. It is rather surprising to realize that Slack ever accepted this as a body param, but hey.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
https://api.slack.com/changelog/2020-11-no-more-tokens-in-querystrings-for-newly-created-apps
Indeed, I can use the same token to send a message if I put the token in the header but this crate wants to put it in the query itself.
This gives a confusing
invalid_authmessage.The text was updated successfully, but these errors were encountered: