Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Using the built-in OAuth, how can I access the rest of the fetched Installation from a listener?
See original GitHub issueDescription
The built in OAuth is super convenient and great! It fetches the appropriate Installation from my InstallationStore and uses the tokens in that installation to authorize the incoming events. It also puts the relevant User ID and Bot User ID in context so I can access it from middleware and listeners.
But the Installation has so much more in it than just those properties. For example, the installed scopes are stored, an incoming webhook may be stored, etc. If I wanted to access these, I’d currently have to perform installationStore.fetchInstallation() again inside my listener. The framework did that already though, so that’s a waste.
This could be solved in probably a few different ways, but I think one of the simplest would just be to add a new (optional) property called installation on AuthorizeResult. The implementation of authorize() that the built-in OAuth library uses would set that property to the whole Installation it got from fetchInstallation(). Any custom authorize() implementations could also set this value. That installation property would then be added to the context, just like botToken, userToken, etc. Then listeners and middleware could use any installation data.
Requirements (place an x in each of the [ ])
- I’ve read and understood the Contributing guidelines and have done my best effort to follow them.
- I’ve read and agree to the Code of Conduct.
- I’ve searched for any related issues and avoided creating a duplicate issue.
Issue Analytics
- State:
- Created 3 years ago
- Reactions:3
- Comments:11 (5 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@willyxiao
This is only for the case where you pass a token in
Appconstructor. In this case, your app works only for a single workspace , so that it usessingleAuthorizationfor itsauthorize. This is not the case you mentioned here. https://github.com/slackapi/bolt-js/blob/9867e382e94646b518d05c3e71d7947aad699692/src/App.ts#L359-L367If your app enables OAuth and its installation store functions, Bolt uses the HTTPReceiver’s default authorize function for OAuth: https://github.com/slackapi/bolt-js/blob/9867e382e94646b518d05c3e71d7947aad699692/src/App.ts#L375 This
authorizefunction callsfetchInstallationinternally.tokenVerificationEnabledis a flag option for turning the eager verification of the given token value inAppconstructor on/off. Therefore, this is not an option for you. This option works only with the bult-insingleAuthorization.Although it’s not active recently, this is an issue for bolt-js’s enhancement discussion. If you have followup questions or related ones, would you mind creating a new issue for your question or asking them in the Slack Platform Community workspace? In the community workspace, #lang-javascript #tools-bolt would be good places to have this type of Q&A. I would appreciate it if you could understand this!
is there an estimated release date for 4.x?