--- /dev/null
+import hashlib
+import hmac
+import os
+
+slack_signing_secret = bytes(os.environ['SLACK_SIGNING_SECRET'], 'utf-8')
+
+def slack_is_valid_request(slack_signature, timestamp, body):
+ """Returns True if the timestamp and body correspond to signature.
+
+ This implements the Slack signature verification using the slack
+ signing secret (obtained via an SSM parameter in code above)."""
+
+ content = "v0:{}:{}".format(timestamp, body).encode('utf-8')
+
+ signature = 'v0=' + hmac.new(slack_signing_secret,
+ content,
+ hashlib.sha256).hexdigest()
+
+ if hmac.compare_digest(signature, slack_signature):
+ return True
+ else:
+ print("Bad signature: {} != {}".format(signature, slack_signature))
+ return False
from urllib.parse import parse_qs
-from turbot.rot import rot
-import turbot.views
-import turbot.actions
from slack import WebClient
import boto3
import requests
-import hashlib
-import hmac
import json
+import os
+from turbot.rot import rot
+import turbot.views
+import turbot.actions
ssm = boto3.client('ssm')
response = ssm.get_parameter(Name='SLACK_SIGNING_SECRET', WithDecryption=True)
-slack_signing_secret = bytes(response['Parameter']['Value'], 'utf-8')
+slack_signing_secret = response['Parameter']['Value']
+os.environ['SLACK_SIGNING_SECRET'] = slack_signing_secret
+
+# Note: Late import here to have the environment variable above available
+from turbot.slack import slack_is_valid_request # noqa
response = ssm.get_parameter(Name='SLACK_BOT_TOKEN', WithDecryption=True)
slack_bot_token = response['Parameter']['Value']
'body': ''
}
-def slack_is_valid_request(slack_signature, timestamp, body):
- """Returns True if the timestamp and body correspond to signature.
-
- This implements the Slack signature verification using the slack
- signing secret (obtained via an SSM parameter in code above)."""
-
- content = "v0:{}:{}".format(timestamp, body).encode('utf-8')
-
- signature = 'v0=' + hmac.new(slack_signing_secret,
- content,
- hashlib.sha256).hexdigest()
-
- if hmac.compare_digest(signature, slack_signature):
- return True
- else:
- print("Bad signature: {} != {}".format(signature, slack_signature))
- return False
-
def turbot_lambda(event, context):
"""Top-level entry point for our lambda function.