search

slack-go / slack

Slack API in Go, originally by @nlopes; Maintainers needed, contact @parsley42
https://pkg.go.dev/github.com/slack-go/slack
BSD 2-Clause "Simplified" License
4.7k stars 1.14k forks source link

Checking Access Token Scopes #1076

Open 7ail opened 2 years ago

7ail commented 2 years ago

We have a use-case where we would like to query for the access scopes that are tied to an access token.

Slack does not currently provide any endpoints to service this need, instead they've included the scopes in the response header of every request made to slack under the X-Oauth-Scopes banner

Looking through the code, we seem to be only utilising header in the response here.

Do we have any strong opinions against returning the header for consumers further up the chain?

Having an opinionated approach on which endpoint we should use to service this use-case does not seem like the best thing to do since this requirement can be serviced by any Slack API endpoint.

However, thoughts on exposing this in a generic Do method to allow for customisation? (Haven't looked further in the code to see if this is possible, just spitballing.)

kanata2 commented 2 years ago

It would be nice to be able to check X-Oauth-Scopes in some way. I would like to study how to provide this as a slack-go.

Note:

When using the Slack API you can check the HTTP headers to see what OAuth scopes you have, and what the API method accepts. https://api.slack.com/legacy/oauth-scopes