search

slackapi / bolt-python

A framework to build Slack apps using Python
https://slack.dev/bolt-python/
MIT License
1.02k stars 236 forks source link

Redirect after Request to Install submission for Slack App #1081

Closed kennym closed 1 month ago

kennym commented 1 month ago

After a Slack user submits a Slack app for review to install to the Slack workspace admins, that user gets redirected to the Slack App Directory page, instead of the specified redirect_uri in the OAuthSettings.

How can we fix that?

Reproducible in:

django-slack==5.19.0
slack-bolt==1.18.1
slack-sdk==3.26.1
Python 3.11.6
ProductName:            macOS
ProductVersion:         14.4.1
BuildVersion:           23E224
Darwin Kernel Version 23.4.0: Fri Mar 15 00:10:42 PDT 2024; root:xnu-10063.101.17~1/RELEASE_ARM64_T6000

The slack_bolt version

slack-bolt==1.18.1

Python runtime version

Python 3.11.6

OS info

ProductName: macOS ProductVersion: 14.4.1 BuildVersion: 23E224 Darwin Kernel Version 23.4.0: Fri Mar 15 00:10:42 PDT 2024; root:xnu-10063.101.17~1/RELEASE_ARM64_T6000

Steps to reproduce:

(Share the commands to run, source code, and project settings (e.g., setup.py))

Slack OAuth configuration in our backend:

class SlackOAuthHandlerAPI(APIView):
    """API to handle slack oauth"""

    def get(self, request: HttpRequest) -> HttpResponse:
        """HTTP GET method"""
        success_url = f"{settings.FRONTEND_BASE_URI}/admin?slack_installation=success"
        failure_url = f"{settings.FRONTEND_BASE_URI}/auth/login"
        app = App(
            signing_secret=signing_secret,
            logger=log,
            oauth_settings=OAuthSettings(
                success_url=success_url,
                failure_url=failure_url,
                install_page_rendering_enabled=False,
                install_path="/api/oauth/slack/install/",
                redirect_uri_path="/api/oauth/slack/oauth_redirect/",
                client_id=client_id,
                client_secret=client_secret,
                scopes=scopes,
                user_scopes=user_scopes,
                # If you want to test token rotation, enabling the following line will
                # make it easy:
                # token_rotation_expiration_minutes=1000000,
                installation_store=DjangoInstallationStore(
                    client_id=client_id,
                    logger=log,
                ),
                state_store=DjangoOAuthStateStore(
                    expiration_seconds=120,
                    logger=log,
                ),
            ),
        )

        handler = SlackRequestHandler(
            app=app,
        )

        return handler.handle(request)
  1. Configure a Slack workspace to require admin approval for installing a Slack app
  2. Visit the App installation page: install-page.ngrok.app/api/oauth/slack/install/ image
  3. Press "Submit"

Expected result:

Use the specific redirect_uri_path for redirecting the user.

Actual result:

User gets navigated to the Slack App Directory page for the Slack app.

Requirements

Please read the Contributing guidelines and Code of Conduct before creating this issue or pull request. By submitting, you are agreeing to those rules.

seratch commented 1 month ago

Hi @kennym, thanks for submitting this question, and we're sorry about our slow response here.

Unfortunately, there is no way to customize the behavior in this scenario. We can bring your feedback internally to the product management team, but I cannot tell whether and when some enhancement will come for this use case.

I understand this is not a satisfactory answer, but I hope this helps clarify.