]> git.cworth.org Git - turbot/blobdiff - turbot_lambda/turbot_lambda.py
projects / turbot / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Move some slack utility code into turbot/slack.py
[turbot] / turbot_lambda / turbot_lambda.py
diff --git a/turbot_lambda/turbot_lambda.py b/turbot_lambda/turbot_lambda.py
index fc047e3408d894d87cb2c3a2812d9400296d620b..ece58d62f577ee3553926115e79f146adcd3dbd6 100644 (file)
--- a/turbot_lambda/turbot_lambda.py
+++ b/turbot_lambda/turbot_lambda.py
@@ -1,18 +1,21 @@
 from urllib.parse import parse_qs
-from turbot.rot import rot
-import turbot.views
-import turbot.actions
 from slack import WebClient
 import boto3
 import requests
-import hashlib
-import hmac
 import json
+import os
+from turbot.rot import rot
+import turbot.views
+import turbot.actions
 
 ssm = boto3.client('ssm')
 
 response = ssm.get_parameter(Name='SLACK_SIGNING_SECRET', WithDecryption=True)
-slack_signing_secret = bytes(response['Parameter']['Value'], 'utf-8')
+slack_signing_secret = response['Parameter']['Value']
+os.environ['SLACK_SIGNING_SECRET'] = slack_signing_secret
+
+# Note: Late import here to have the environment variable above available
+from turbot.slack import slack_is_valid_request # noqa
 
 response = ssm.get_parameter(Name='SLACK_BOT_TOKEN', WithDecryption=True)
 slack_bot_token = response['Parameter']['Value']
@@ -32,24 +35,6 @@ def error(message):
         'body': ''
     }
 
-def slack_is_valid_request(slack_signature, timestamp, body):
-    """Returns True if the timestamp and body correspond to signature.
-
-    This implements the Slack signature verification using the slack
-    signing secret (obtained via an SSM parameter in code above)."""
-
-    content = "v0:{}:{}".format(timestamp, body).encode('utf-8')
-
-    signature = 'v0=' + hmac.new(slack_signing_secret,
-                                 content,
-                                 hashlib.sha256).hexdigest()
-
-    if hmac.compare_digest(signature, slack_signature):
-        return True
-    else:
-        print("Bad signature: {} != {}".format(signature, slack_signature))
-        return False
-
 def turbot_lambda(event, context):
     """Top-level entry point for our lambda function.
 
A Slack app for Halibut That Bass