BotUsers from new Slack apps not supported (API v2 auth)

[queen-of-code]

Hi, I spent about an hour chasing down this issue - it looks like Slack is moving all new Apps created onto their new Bot beta (with detailed scopes) and there's a limitation that means the instructions in the README will no longer work.

If you create a new app (you should be able to test this yourself) and try to use the bot token to authenticate wget "https://slack.com/api/rtm.start?token=xoxb-mynew-app-token"

you get the response {"ok":false,"error":"not_allowed_token_type"}

Existing/legacy apps are working fine with the existing instructions, but if people opt-into the new beta, they will not be able to use this integration. I don't know when the beta is going to be full production.

[alexkvak]

@queen-of-code I've just created a new App with bot user and bot oauth scope and everything works fine.

Only one new step I met — when I install app into workspace it asks me about app permission, but default permissions are enough.

[queen-of-code]

You need to opt into the new beta permissions.

On Dec 10, 2019, at 23:31, Alex Kvak notifications@github.com wrote:

 @queen-of-code I've just created a new App with bot user and bot oauth scope and everything works fine.

Only one new step I met — when I install app into workspace it asks me about app permission, but default permissions are enough.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or unsubscribe.

[alexkvak]

do you mean this?

[queen-of-code]

That's the one. Click the 'Update Scopes' button. Once you've got updated scopes, you'll find you have to set bot scopes individually. I tried a big combination but was unable to find the combination that let the new bot token work correctly. BTW - you can't go backwards, so don't do this in an app you care about!

On Wed, Dec 11, 2019 at 9:23 AM Alex Kvak notifications@github.com wrote:

do you mean this?

[image: изображение] https://user-images.githubusercontent.com/1052418/70644435-0da57800-1c54-11ea-9709-8ea1970eff4f.png

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/alexkvak/teamcity-slack/issues/85?email_source=notifications&email_token=AEIOSMK4BXYXICSIU247FRDQYEOYVA5CNFSM4JZC3JE2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEGT5NAI#issuecomment-564647553, or unsubscribe https://github.com/notifications/unsubscribe-auth/AEIOSMPI46J6RPW3YYLQ5Y3QYEOYVANCNFSM4JZC3JEQ .

[alexkvak]

Oh, I see. Thank you for the report!

It seems that currently used Slack API client https://github.com/Itiviti/simple-slack-api does not support v2 authorization.

On the other hand do you have any information is v2 (Granular scopes) will replace the existing v1 scopes? If not, so we should only update README and use old way.

[queen-of-code]

I don’t know much beyond they claim it’s in beta for ‘a few months’. The most info I’ve been able to find is here, and it’s sparse: https://api.slack.com/authentication/basics

Maybe they will leave the existing bot system up for a while during a sunset period? I couldn’t say, but definitely wanted to raise this now so nobody else spent time trying to get it working.

On Dec 11, 2019, at 22:50, Alex Kvak notifications@github.com wrote:

 Oh, I see. Thank you for the report!

It seems that currently used Slack API client https://github.com/Itiviti/simple-slack-api does not support v2 authorization.

On the other hand do you have any information is v2 (Granular scopes) will replace the existing v1 scopes? If not, so we should only update README and use old way.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or unsubscribe.

[alexkvak]

Yes, Slack does not recommend to use legacy tokens.

https://api.slack.com/docs/token-types#legacy

[alexkvak]

Could you make a PR into README.md? I guess your English is better than mine 😃 Please just add notice about legacy tokens into Install plugin section.

[queen-of-code]

Yeah, I’ll open one no problem.

On Dec 12, 2019, at 02:06, Alex Kvak notifications@github.com wrote:

 Could you make a PR into README.md? I guess your English is better than mine 😃 Please just add notice about legacy tokens into Install plugin section.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or unsubscribe.

[lightheaded]

New Slack apps don't add bot scope by default. Does this render this integration unusable or is there a workaround?

[mterstyanszky]

New Slack apps don't add bot scope by default. Does this render this integration unusable or is there a workaround?

The workaround does not work anymore. When you install the app the new OAuth Scopes will be used. I hope the simple-slack-api will be updated someday.

[srolskyi]

New Slack apps don't add bot scope by default. Does this render this integration unusable or is there a workaround?

The workaround does not work anymore. When you install the app the new OAuth Scopes will be used. I hope the simple-slack-api will be updated someday.

me to.

[bigadz]

New Slack apps don't add bot scope by default. Does this render this integration unusable or is there a workaround?

The workaround does not work anymore. When you install the app the new OAuth Scopes will be used. I hope the simple-slack-api will be updated someday.

me to.

me also

[JustinGol]

Im unable to use this plugin too since Slack isnt showing the opt in option anymore and it looks like new apps are created with the new scopes.

[alexkvak]

I just tried this link https://api.slack.com/apps?new_classic_app=1 and it works!

Please take a look at actual just updated README https://github.com/alexkvak/teamcity-slack/#install-plugin

Let's try to live with an old API for a while!

[JustinGol]

I just tried this link https://api.slack.com/apps?new_classic_app=1 and it works!

Please take a look at actual just updated README https://github.com/alexkvak/teamcity-slack/#install-plugin

Let's try to live with an old API for a while!

Awesome, I can configure it now. Thanks for the quick response and the update to the docs. Its much appreciated.

[bigadz]

Thanks Alex,

There is a message on the slack AP page saying:

Beginning February 21, all new app submissions to the App Directory must use granular permissions. Read our blog post.

So I expect this is very much an interim solution. I best go configure my app right now!.

[alexkvak]

I guess you have no plan to make your bot a public application and publish it to App Directory 🙂

Anyway this solution is temporary and I’m working on simple-slack-api modernization.

[bigadz]

Thanks Alex. Love your work.

[alexkvak]

Unfortunately my PR is still open https://github.com/Itiviti/simple-slack-api/pull/274

[chris1248]

I tried to get this plugin to work, and was unsuccessful. The documentation is worthless with teamcity version 2020.1

[JustinGol]

I tried to get this plugin to work, and was unsuccessful. The documentation is worthless with teamcity version 2020.1

Thats not a very helpful comment, @alexkvak has done a great job of supporting users. You may prefer to investigate further yourself or request his assistance instead of saying the docs are "worthless" in that version

[JuhaMF]

Created a slack app with following bot scopes, but the token is not accepted by the plugin. I get following error on the plugin admin page, when trying to enable the plugin: "Unable to create session by config: not_allowed_token_type". Any tips? I am running TeamCity version 2020.2.1.

[alexkvak]

@JuhaMF could you read https://github.com/alexkvak/teamcity-slack#install-plugin- and https://github.com/alexkvak/teamcity-slack/issues/85#issuecomment-586647963 carefully?

You should create legacy app not bot user.

[JuhaMF]

Yes you need use that specific URL (link in the instructions) to create the now-deprecated "classic" app that has the right kind of bot scope that this plugin needs. It is there but well hidden, even in TeamCity version 2020.2.1 Thank you for your assistance @alexkvak !

[alexkvak]

Fixed in 2.0.0