Authenticating an Internal Service inside Slack

So, let's say I have the following use case - I have service A and I want to perform a certain action associated with service A in slack. But for that, I must first log in to service A and bound the accounts of slack and of service A.
Following is the basic documentation I found out about it.
https://api.slack.com/best-practices/blueprints/account-binding


We will have the following components -

1. User
2. Intermediate service - X
3. Slack 
4. Service A

So, the following steps should be followed when this is done.

1. The user invokes an action related to service A.
2. If logged in and authenticated already, alright.
3. If not, It will need to do so again. For that, it goes to intermediate service, check if binding exists. If yes, good to go. 
4. If not, it will create a token, send it to service A along with a request to authenticate.
5. User logs in to service A and return user id for service A user along with the token. 
6. Then this token will be looked up and then user id for service A will be stored against slack user id.
7. Binding is successful.

Now, some points to consider, This makes the assumption that it is okay to just authenticate once and to invoke any action service A, we will not need to authenticate again and again.

Now, let's consider scenario 2.

We have service A and Service B and slack admin can choose which service should be used to do so. and once chosen it is fixed and all users from that workspace will automatically use that service to authenticate. Except for the addition to the previous scenario is, we always need to have a session to invoke action to service B.


At first, let's see how to fix which service will be authenticated for which workspace.
Let's say in service A and service B we can provide a way to give the option to install the app.
Since the request will be coming from each individual service, We can add a parameter state with values 'A' or 'B' with it. And this can be returned to the oauth2 URL. There, along with team id and workspace, you can read value State as well.

So, in summary,
1. State (optional) parameter while making this call.
2. use 'A' or 'B' as value there.

We will have the following components - 

1. User
2. Intermediate service - X
3. Slack 
4. Service A
5. Service B

Now, this should follow the same flow. Except we need to do either of the following steps for service B.

1. We add an extra way to make a session persisted in service B and use that way.
2. We store user password in service X upon authentication
3. Since, 2 will need extra space, instead of checking if the slack user has community id, it should authenticate and check-in service B if we have a slack user ID. Assuming you can store that info there. But this will still anyways need a way to log in, have user id and password stored already and check for that particular user, right? So, to really avoid doing so, we can use the admin user or create one role on the community side and use it so we can lookup user id and then associated slack user with it.
4. So, we need to store only admin credentials in service X and then make calls using that. No need to store all user id and slack id in service X. just store service X in community side.

So, finally proposed solution -

1. Use the 'state' parameter while installing to know which service is used.

2. Store admin credentials of service A and service B to know about whether the user has logged in at least once when a request comes from slack.

3. When you want to post things from community, you can just check if community user has associated slack id. If yes, then make an associated calls and post the notification.

Create, Install and Manage a slack app - OAUTH2 Flow

Hey,

So, here we will go into details about creating, installing and distributing a slack app.

https://api.slack.com/start

This is where you start.

I created an App to send random cat emojis. I used AWS to host a service used for this app. So yeah, building a slack app is free but will cost you something eventually if you want to distribute it too.

First, create one app. 

Create a bot user. You can assign permission to it. So, unless you give the bot permission for doing something, it can't do it. You always have to give permission and scope and reinstall if your permission is changed.

Normally by default, each slack app is installed just in its own developing workspace.

To install it to another workspace, you need to build an oauth2 flow. 

Oauth2 is basically a service that will exchange temporary token and after installing, return a bot user oauth token for that particular workspace. Now, you can save that token for that particular workspace and use it to post a message as bot token.

Read more about oauth2 here - https://api.slack.com/legacy/oauth

So, nonetheless, I created a free AWS account. It is free for one year. Yay!!

I used the serverless framework to deploy the service and see logs. Google up about this to find how to set it up. https://serverless.com/framework/docs/providers/aws/guide/credentials/

sls deploy --------> to deploy the service

sls -f <function name> -t    -------> to see logs

So, now coming more to oauth2 flow,

This is what will happen.

1.  There is a button where the user can click. It will ask the user to sign into to workspace in which they want to install. 'Add to Slack' button. Instead of a button, there can be a link as well to click on. Following is the link of my helloKitty app - https://slack.com/oauth/v2/authorize?client_id=1043883525779.1063323392868&scope=commands,incoming-webhook
2. If already signed into multiple orgs, you can choose which one to install to.
3. After reviewing the scope, the user hits the allow button. Then it is redirected to the URL provided when creating an app. -  Redirect URL. 
4. On this URL, you will receive the temporary token.
5. You are supposed to return it.
6. In response, you will receive a bot token. These tokens don't change unless this revoked.
7. You can use this bot token for posting a message.

Important points to keep in mind - 

• Since this redirect URL is one for all, we indeed need to have one unchanging endpoint. This creates a need to have extra service. 
• You will also need to store the token against workspace name/id to post a message there.
• Client ID and Client Secret will be known to you once you create the app.

Following is the snippet of code written for oauth2.

To debug - if your logs say, not able to find a particular module. Add it to your package.json and do npm install.

With this, we are done with oauth2 flow.

Anyone should be able to install your app now.

I created one slash command too just to explore the whole stuff. 

It also takes one constant URL. Each time that command is called, it gets triggered by the URL provided while creating one. So, for each slash command, we need one constant URL as well.
If you install this app, do /helloKitty
It will pop up one random cat image for you.

I have obviously followed a lot of bits and pieces from the internet. and some by asking slack experts.
I had the following detailed chat with another user but implementing it definitely cleared all the doubts. Adding it here, just in case if someone has similar doubts. Although, I have tried to clarify as much as possible in this blog.

Peace, Slumber and Dreams

Hey,
I have been having difficulty sleeping for the last two weeks. And let me remind you, usually I sleep like Kumbha karna. Night especially. Never been a fan of all-nighters. Slept on time and woke up on time. But then lockdown happened and Now, I am home. And I could barely sleep from the past two weeks. My brain started throbbing inside for not allowing it to rest. Whenever I slept even for a short time, I had vivid dreams. I have been highly focused on my work and even that has not helped me to get to sleep. So, I put Whatsapp status asking for tips.
As we all know, these are difficult times. A lot of us are agitated over something, let it be job, lockdown, COVID'19, loved ones at the front line, college, money, food, WFH, increasing communal riots, etc. So, whatever your reason for being uncomfortable and being stressed is, one needs peaceful sleep to deal with life.
So, here is a compiled version of the suggestions I got. I hope one of them will suit you. Honestly, I have not tried all of them. The ones I think are important or have tried, I have made them bold.

1. HeadSpace
2. Wash hands, face and feet before going to bed.
3. Have a bath before going to bed. (If 2nd point doesn't help)
4. Have a workout routine in the evening. If it pains or is intense, better.
5. If you are religious, try listening to something you like in low volume.
6. Try white noise.
7. Try ocean, tree leaves noise. If you are hyper-aware, sometimes this can backfire. XD.
8. Try sniffing Lavender essential oil. Eat 1 tablespoon of khus khus before going to sleep. (Did not try this but one friend did).
9.  Try reading a book. Now, I would not suggest grabbing Sherlock or something. You want to sleep, not stay awake in suspense. If you are a student, try reading your textbook. Nothing is better to induce sleep sometimes. Don't read it on a phone or tablet. Use a hard copy.
10. Stay away from the screen. Put your phone away. Put the laptop away too. Don't text or watch random videos.
11. Try meditating to relax. Try to focus on your breath. If that doesn't work for you, try counting in a rhythm. 
12. Don't think much. Keep your head as empty as possible. If you can't put issues to the side, then just deal with them already instead of wasting your time being anxious about them. And if things like worrying about your grades or kids or India's economy are making you anxious,  I would suggest being anxious the next day when you can do something about it. Put it on hold. Like okay, here is a thought and I will come back to it tomorrow. It is like a reprioritizing list in your head.
13. Put a pillow to support your legs. 
14. Keep your room temperature according to your liking. I like cold rooms with warm blankets sometimes, Sometimes avg temp.
15. Stay hydrated throughout the day. If you forgot, drink water before going to sleep.
16. Try going to sleep on scheduled time each day.
17. Hot milk before sleep.
18. Have a head massage with some oil. You can use slightly warm oil too. Ask someone else to do it for you. After that, maybe massaging shoulders will help a lot. Especially if you have neck and shoulder pains. 

The intention is to sleep. You guys must know the importance of sleep. Life is short and staying awake unnecessarily is not the way to live it efficiently. Have a nice sleep. Night night.

PS - Stay hydrated.
PPS - Add comments if you have more ideas. XD