Node-slack-sdk: @slack/oauth fails when no bot scopes (only user scopes) are requested

Created on 15 Jan 2021  路  1Comment  路  Source: slackapi/node-slack-sdk

Description

Requesting only user scopes with @slack/oauth fails with stateSecret invalid even when it is valid.

[ERROR]  OAuth:InstallProvider:0 Error: The response from the authorization URL contained inconsistent information. Please file a bug.
    at InstallProvider.<anonymous> (MYPROJECT/node_modules/@slack/oauth/dist/index.js:333:27)
    at step (MYPROJECT/node_modules/@slack/oauth/dist/index.js:44:23)
    at Object.next (MYPROJECT/node_modules/@slack/oauth/dist/index.js:25:53)
    at fulfilled (MYPROJECT/node_modules/@slack/oauth/dist/index.js:16:58)
    at processTicksAndRejections (node:internal/process/task_queues:93:5)

This fails (I tried everything here, even implementing my own state store before finding this bug)

server.get('/', async (req, res) => {
    const url = await installer.generateInstallUrl({
        scopes: [ ],
        userScopes: ['channels:history', 'groups:history', 'mpim:history', 'im:history', 'chat:write'],
    })
    res.redirect(url)
})

while this succeeds

server.get('/', async (req, res) => {
    const url = await installer.generateInstallUrl({
        scopes: ["chat:write"],
        userScopes: ['channels:history', 'groups:history', 'mpim:history', 'im:history', 'chat:write'],
    })
    res.redirect(url)
})

What type of issue is this? (place an x in one of the [ ])

  • [x] bug
  • [ ] enhancement (feature request)
  • [ ] question
  • [ ] documentation related
  • [ ] testing related
  • [ ] discussion

Requirements (place an x in each of the [ ])

  • [x] I've read and understood the Contributing guidelines and have done my best effort to follow them.
  • [x] I've read and agree to the Code of Conduct.
  • [x] I've searched for any related issues and avoided creating a duplicate issue.

Bug Report

Filling out the following details about bugs will help us solve your issue sooner.

Packages:

Select all that apply:

  • [ ] @slack/web-api
  • [ ] @slack/events-api
  • [ ] @slack/interactive-messages
  • [ ] @slack/rtm-api
  • [ ] @slack/webhooks
  • [x] @slack/oauth
  • [ ] I don't know

Reproducible in:

package version: ^2.0.0

node version: v15.0.1

OS version(s): macOS 11.1

Steps to reproduce:

  1. Write minimal @slack/oauth code and request only user scopes
  2. See error

Expected result:

Authorisation succeeds

Actual result:

[ERROR]  OAuth:InstallProvider:0 Error: The response from the authorization URL contained inconsistent information. Please file a bug.
    at InstallProvider.<anonymous> (MYPROJECT/node_modules/@slack/oauth/dist/index.js:333:27)
    at step (MYPROJECT/node_modules/@slack/oauth/dist/index.js:44:23)
    at Object.next (MYPROJECT/node_modules/@slack/oauth/dist/index.js:25:53)
    at fulfilled (MYPROJECT/node_modules/@slack/oauth/dist/index.js:16:58)
    at processTicksAndRejections (node:internal/process/task_queues:93:5)
bug

Most helpful comment

Thanks for submitting this! I sent a fix in. Will do a release on Monday which includes it.

>All comments

Thanks for submitting this! I sent a fix in. Will do a release on Monday which includes it.

Was this page helpful?
0 / 5 - 0 ratings