Secretless Broker Connector for Slack

I am currently working on creating a Secretless Server Connector for Slack’s Web Events API.

Without Secretless [WORKING]
When not using Secretless, my curl request would look like this:

curl -X POST -H 'Authorization: Bearer <token-id>' -H 'Content-type: application/json' \
--data '{"channel": "#general", "text": "Hello from the other side"}' \
https://slack.com/api/chat.postMessage

{"ok":true,"channel":"C015614UXE3","ts":"1592495749.001800","message":{"bot_id":"B016CA2R86L","type":"message","text":"Hello from the other side","user":"U015FNRSZEJ","ts":"1592495749.001800","team":"T015LV3USTV","bot_profile":{"id":"B016CA2R86L","deleted":false,"name":"secretless-test","updated":1592493746,"app_id":"A015ZFU9PCZ","icons":{"image_36":"https:\/\/a.slack-edge.com\/80588\/img\/plugins\/app\/bot_36.png","image_48":"https:\/\/a.slack-edge.com\/80588\/img\/plugins\/app\/bot_48.png","image_72":"https:\/\/a.slack-edge.com\/80588\/img\/plugins\/app\/service_72.png"},"team_id":"T015LV3USTV"}},"warning":"missing_charset","response_metadata":{"warnings":["missing_charset"]}}%

As we can see, I get a valid response from Slack.

With Secretless [NOT WORKING]
My slack_secretless.yml file currently looks like this:

version: 2
services:
  slack:
    connector: generic_http
    listenOn: tcp://0.0.0.0:8081
    credentials:
      token:
        from: keychain
        get: summon#slack/temp-token
    config:
      headers:
        Authorization: Bearer {{ .token }}
        Content-type: application/json
      forceSSL: true
      authenticateURLsMatching:
        - ^http[s]*

I run secretes locally, and add my token to the keychain. When I try to make a new request, I get the following error from the Slack API.

http_proxy=localhost:8081 curl -k -X POST \
--data '{"channel": "#general", "text": "Hello from the other side"}' \
https://slack.com/api/chat.postMessage

{"ok":false,"error":"invalid_form_data"}%

I tried removing the token and added the Authorization header manually which did not work. I did the same for the Content-type header, but left the token, which also did not work.

Here is the log that secretes is currently running:

 ./dist/darwin/amd64/secretless-broker \
-f examples/generic_connector_configs/slack_secretless.yml
2020/06/18 09:01:27 Secretless v1.6.0-dev starting up...
2020/06/18 09:01:27 Initializing health check on :5335...
2020/06/18 09:01:27 Initialization of health check done. You can access the endpoint at `/live` and `/ready`.
2020/06/18 09:01:27 [WARN]  Plugin directory '/usr/local/lib/secretless' not found. Ignoring external plugins...
2020/06/18 09:01:27 Trying to load configuration file: examples/generic_connector_configs/slack_secretless.yml
2020/06/18 09:01:27 Registering reload signal listeners...
2020/06/18 09:01:27 [INFO]  Configuration found. Loading...
2020/06/18 09:01:27 [INFO]  Validating config against available plugins: ssh,ssh-agent,pg,mysql,mssql,conjur,generic_http,aws,basic_auth
2020/06/18 09:01:27 [INFO]  Starting HTTP listener on 0.0.0.0:8081...
2020/06/18 09:01:27 [INFO]  Starting HTTP subservice generic_http...
2020/06/18 09:01:27 [INFO]  HTTP Proxy on tcp://0.0.0.0:8081: Starting service

Does anyone here have any advice?

Your URL for slack is https://slack.com/api/chat.postMessage - but Secretless will upgrade the connection to HTTPS for you. Does it work if your query URL is just slack.com/api/chat.postMessage?

That was it! Thank you so much!

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.