search

slack-go / slack

Slack API in Go, originally by @nlopes; Maintainers needed, contact @parsley42
https://pkg.go.dev/github.com/slack-go/slack
BSD 2-Clause "Simplified" License
4.64k stars 1.13k forks source link

"has_2FA" defaults to "false" when missing from API response #1121

Open rmaalouf opened 1 year ago

rmaalouf commented 1 year ago

What happened

Supplying a bot token xoxb- has the side effect that "has_2fa" is not included in the response from Slack's users.listAPI. Though this is not documented, it has been confirmed by slack support

has_2fa parameter only shows if the person calling that endpoint is an Admin or Owner, and using a user token(starting with xoxp), and not a bot token(starting with xoxb).

In cases where has_2fa is missing from the response, GetUsersContext returns false for all users even though it may be enabled for some.

Expected behavior

has_2fa shouldn't default to false

Steps to reproduce

Configure the SDK with a bot token with the users:read scope. GetUsersContext will default to false for has_2fa.

Versions

mnafees commented 2 weeks ago

I can confirm that I see the same behavior when querying the Slack API. The easiest fix would be to follow what the go-github community SDK follows and use pointers with omitempty for all JSON tags of response bodies.