Move some slack utility code into turbot/slack.py

Specifically, the Slack verification code. Just trying to keep
turbot_lambda.py a bit more tidy.

diff --git a/turbot/slack.py b/turbot/slack.py
new file mode 100644 (file)
index 0000000..d2d683d
--- /dev/null
+++ b/turbot/slack.py
@@ -0,0 +1,23 @@
+import hashlib
+import hmac
+import os
+
+slack_signing_secret = bytes(os.environ['SLACK_SIGNING_SECRET'], 'utf-8')
+
+def slack_is_valid_request(slack_signature, timestamp, body):
+    """Returns True if the timestamp and body correspond to signature.
+
+    This implements the Slack signature verification using the slack
+    signing secret (obtained via an SSM parameter in code above)."""
+
+    content = "v0:{}:{}".format(timestamp, body).encode('utf-8')
+
+    signature = 'v0=' + hmac.new(slack_signing_secret,
+                                 content,
+                                 hashlib.sha256).hexdigest()
+
+    if hmac.compare_digest(signature, slack_signature):
+        return True
+    else:
+        print("Bad signature: {} != {}".format(signature, slack_signature))
+        return False

diff --git a/turbot_lambda/turbot_lambda.py b/turbot_lambda/turbot_lambda.py
index fc047e3408d894d87cb2c3a2812d9400296d620b..ece58d62f577ee3553926115e79f146adcd3dbd6 100644 (file)
--- a/turbot_lambda/turbot_lambda.py
+++ b/turbot_lambda/turbot_lambda.py
@@ -1,18 +1,21 @@
 from urllib.parse import parse_qs
-from turbot.rot import rot
-import turbot.views
-import turbot.actions
 from slack import WebClient
 import boto3
 import requests
-import hashlib
-import hmac
 import json
+import os
+from turbot.rot import rot
+import turbot.views
+import turbot.actions
 
 ssm = boto3.client('ssm')
 
 response = ssm.get_parameter(Name='SLACK_SIGNING_SECRET', WithDecryption=True)
-slack_signing_secret = bytes(response['Parameter']['Value'], 'utf-8')
+slack_signing_secret = response['Parameter']['Value']
+os.environ['SLACK_SIGNING_SECRET'] = slack_signing_secret
+
+# Note: Late import here to have the environment variable above available
+from turbot.slack import slack_is_valid_request # noqa
 
 response = ssm.get_parameter(Name='SLACK_BOT_TOKEN', WithDecryption=True)
 slack_bot_token = response['Parameter']['Value']
@@ -32,24 +35,6 @@ def error(message):
         'body': ''
     }
 
-def slack_is_valid_request(slack_signature, timestamp, body):
-    """Returns True if the timestamp and body correspond to signature.
-
-    This implements the Slack signature verification using the slack
-    signing secret (obtained via an SSM parameter in code above)."""
-
-    content = "v0:{}:{}".format(timestamp, body).encode('utf-8')
-
-    signature = 'v0=' + hmac.new(slack_signing_secret,
-                                 content,
-                                 hashlib.sha256).hexdigest()
-
-    if hmac.compare_digest(signature, slack_signature):
-        return True
-    else:
-        print("Bad signature: {} != {}".format(signature, slack_signature))
-        return False
-
 def turbot_lambda(event, context):
     """Top-level entry point for our lambda function.