oauth_authorization_url_mismatch error

[naomichi-y]

When sending POST /api/teams will cause an oauth_authorization_url_mismatch error. May be because default auth of Slack app has been changed to OAuth v2.

Error occurs on this line.

slack-ruby-bot-server/lib/slack-ruby-bot-server/api/endpoints/teams_endpoint.rb

Line 43 in 0b8bbbb

rc = client.oauth_access(

Perhaps, instead of oauth_access, it can be avoided by using oauth_v2_access.

https://github.com/slack-ruby/slack-ruby-client/blob/master/lib/slack/web/api/endpoints/oauth_v2.rb#L22

[dblock]

I don't know anything about these changes, but would appreciate a PR that fixes this.

[naomichi-y]

This problem has also occurred in other libraries, and is due to a change in Slack specifications.

• https://stackoverflow.com/questions/60114321/installing-dialogflow-bot-in-slack-fails-due-to-oath-authorisation-url-mismatch
• Add support for new Slack granular permission oauth endpoint howdyai/botkit#1892

I changed to use oauth_v2_access, but response parameter seems to be different...

• https://api.slack.com/methods/oauth.access
• https://api.slack.com/methods/oauth.v2.access

[crazyoptimist]

Oh, snap!
Until when would be the classic bot supported?
Did you figure out the solution @naomichi-y ?
Guess this gem also will have to have v2 which might be totally rewritten.

[crazyoptimist]

https://github.com/slack-ruby/slack-ruby-bot-server#html-templates
There is no 'bot' scope and the permission has been fine-grained in the new slack api, what is your opinion in modifying the static files template in public directory @dblock ?

<a href="https://slack.com/oauth/authorize?scope=bot&client_id=<%= ENV['SLACK_CLIENT_ID'] %>"><img alt="Add to Slack" height="40" width="139" src="https://platform.slack-edge.com/img/add_to_slack.png" srcset="https://platform.slack-edge.com/img/add_to_slack.png 1x, https://platform.slack-edge.com/img/[email protected] 2x"></a>

I've tried to use <%= ENV['SLACK_CLIENT_SCOPE'] %> but weirdly, it didn't work despite of that the client_id was working well.
Note that I'm preparing to resolve #125, I need your input here.

[dblock]

Yes, we need to allow users to customize this and remove the scope per whatever the newer correct way of doing this is.

[crazyoptimist]

I've already built a docker image with ruby v2.7, firefox v81.0, geckodriver v0.27.0 for building this gem and the tests were all green, everything was just fine except for a few warnings just like in TravisCI log.
Here is my trying for upgrading to use oauth_v2_access:

########    For slack button(worked as expected)    ########
"https://slack.com/oauth/v2/authorize?client_id=<%= ENV['SLACK_CLIENT_ID'] %>&scope=<%= ENV['SLACK_OAUTH_SCOPE'] %>"
########    Test Summary    ########
60 examples, 9 failures

Failed examples:

rspec ./spec/api/endpoints/teams_endpoint_spec.rb:76 # SlackRubyBotServer::Api::Endpoints::TeamsEndpoint team register creates a team                                                                                                                               
rspec ./spec/api/endpoints/teams_endpoint_spec.rb:90 # SlackRubyBotServer::Api::Endpoints::TeamsEndpoint team register includes optional state parameter                                                                                                            
rspec ./spec/api/endpoints/teams_endpoint_spec.rb:95 # SlackRubyBotServer::Api::Endpoints::TeamsEndpoint team register reactivates a deactivated team                                                                                                               
rspec ./spec/api/endpoints/teams_endpoint_spec.rb:111 # SlackRubyBotServer::Api::Endpoints::TeamsEndpoint team register reactivates a team deactivated on slack                                                                                                     
rspec ./spec/api/endpoints/teams_endpoint_spec.rb:127 # SlackRubyBotServer::Api::Endpoints::TeamsEndpoint team register returns a useful error when team already exists                                                                                             
rspec ./spec/api/endpoints/teams_endpoint_spec.rb:135 # SlackRubyBotServer::Api::Endpoints::TeamsEndpoint team register reactivates a deactivated team with a different code                                                                                        
rspec ./spec/integration/teams_spec.rb:17 # Teams oauth registers a team
rspec ./spec/integration/teams_spec.rb:25 # Teams oauth includes optional parameter
rspec ./spec/integration/teams_spec.rb:37 # Teams homepage includes a link to add to slack with the client id

########    Test Log    ########
Failures:

  1) SlackRubyBotServer::Api::Endpoints::TeamsEndpoint team register creates a team
     Failure/Error: team = client.teams._post(code: 'code')
     
     Faraday::ClientError:
       the server responded with status 400
########    Modified teams_endpoint.rb    ########
                                                                                                                 
~  43             rc = client.oauth_v2_access(                                                                                    
   44               client_id: ENV['SLACK_CLIENT_ID'],                                                                            
   45               client_secret: ENV['SLACK_CLIENT_SECRET'],                                                                    
   46               code: params[:code]                                                                                           
   47             )                                                                                                               
   48                                                                                                                             
~  49             token = rc['access_token']                                                                                      
~  50             bot_user_id = rc['bot_user_id']                                                                                 
~  51             user_id = rc['authed_user']['id']                                                                               
~  52             access_token = rc['authed_user']['access_token']                                                                
   53             team = Team.where(token: token).first                                                                           
~  54             team ||= Team.where(team_id: rc['team']['id']).first                                                            
   55                                                                       
... ...
~  71                 team_id: rc['team']['id'],                                                                                  
~  72                 name: rc['team']['name'],            
########    App log ########
root@6faeda5e8f97:/app/sample_apps/sample_app_mongoid# bundle exec rackup -o 0.0.0.0
W, [2020-10-05T07:07:57.012012 #11076]  WARN -- : MONGODB | Unsupported client option 'roles'. It will be ignored.
[2020-10-05 07:07:57] INFO  WEBrick 1.6.0
[2020-10-05 07:07:57] INFO  ruby 2.7.2 (2020-10-01) [x86_64-linux]
[2020-10-05 07:07:57] INFO  WEBrick::HTTPServer#start: pid=11076 port=9292
I, [2020-10-05T07:08:23.924832 #11076]  INFO -- : Starting team name=react-workspace, id=TVAPQ7FQQ.
E, [2020-10-05T07:08:24.163162 #11076] ERROR -- : react-workspace: not_allowed_token_type, restarting in 1 second(s).
caught error of type Slack::Web::Api::Errors::MissingScope in after callback inside Grape::Middleware::Formatter : missing_scope
E, [2020-10-05T07:08:24.563915 #11076] ERROR -- : Slack::Web::Api::Errors::MissingScope: missing_scope
  /usr/local/bundle/gems/slack-ruby-client-0.15.1/lib/slack/web/faraday/response/raise_error.rb:16:in `on_complete'
  /usr/local/bundle/gems/faraday-1.0.1/lib/faraday/response.rb:12:in `block in call'
  /usr/local/bundle/gems/faraday-1.0.1/lib/faraday/response.rb:65:in `on_complete'
  /usr/local/bundle/gems/faraday-1.0.1/lib/faraday/response.rb:11:in `call'
  /usr/local/bundle/gems/faraday-1.0.1/lib/faraday/response.rb:11:in `call'
  /usr/local/bundle/gems/faraday-1.0.1/lib/faraday/request/url_encoded.rb:25:in `call'
E, [2020-10-05T07:08:25.381702 #11076] ERROR -- : react-workspace: not_allowed_token_type, restarting in 2 second(s).
E, [2020-10-05T07:08:27.598623 #11076] ERROR -- : react-workspace: not_allowed_token_type, restarting in 4 second(s).
E, [2020-10-05T07:08:31.824059 #11076] ERROR -- : react-workspace: not_allowed_token_type, restarting in 8 second(s).
E, [2020-10-05T07:08:40.039769 #11076] ERROR -- : react-workspace: not_allowed_token_type, restarting in 16 second(s).
... ... ...

[crazyoptimist]

I barely guess we need much works in all the libraries under "slack-ruby" to make it all work with the new slack api.
A bit frustrating 🤔

[dblock]

Looks like you are getting not_allowed_token_type, I really haven't spent any time on this, hope you can figure it all out soon!

[crazyoptimist]

Basically I got the direction where we should head to.
SlackRubyBot::Client uses(inherits) Slack::Realtime::Client
That's the problem causing all those noisy issues.
I know Slack::Realtime::Client contains @web_client but I think we only need the Slack::Web::Client now.
Once we exchange it with Slack::Web::Client in slack-ruby-bot, we can get back vitality to the gems(slack-ruby-bot, slack-ruby-bot-server, slack-ruby-bot-events) and move forward. Even the libraries managed by slack itself didn't patched this issue yet, so I think we are not too late.
But we need to hurry, slack will stop to support RTM in Feb, 2021 eventually.
We will end up with removing all the legacy functionalities after all, including RTM, right?
I need your advices(even better instructions) as much as possible, @dblock, will save my time a lot.
Anyhow, slack-ruby-client is so great, I really appreciate your and all the contributors' hard work!

[dblock]

But we need to hurry, slack will stop to support RTM in Feb, 2021 eventually.

Yes, correct. You can make backwards incompatible changes since it's on its way out, no need to support legacy.

[crazyoptimist]

Thank you for encouragement and more.
Changes we are going to have is too destructive for existing repos. I have been looking around the repos for a few days now.
Under slack-ruby, we have
slack-ruby-bot
slack-ruby-bot-server
slack-ruby-bot-server-events
IMHO, we'd rather archive them all and create a new gem(or continue on slack-ruby-bot, I think the name slack-ruby-bot-server is the best among three) implementing all the functionalities in one place.
The reason makes me think so is that conversations endpoint does almost everything what was being done by RTM before, so the new gem should become much simpler, removing the whole RTM part which was so great (I'm so sad slack abandoned it).
And I want the gem to be developed under slack-ruby, but it turns out I can't commit full time to opensource, I really hope you @dblock step forward leading the breaking changes.
It should be much simpler than someone might think, to proceed for you. And we already have the great slack-ruby-client.
I will of course get involved actively in the development. I believe that other Rubyists are also waiting for your stepping forward not only me.

[crazyoptimist]

/close
😄
Thanks for your dedicated work @dblock 👍

[crazyoptimist]

This issue can be closed now.