Using this without legacy tokens? #136
Comments
|
+1 for this feature. Using an oauth robot token doesn't allow me to reply and send messages as 'me' |
|
This depends on whether the slack api will allow additional methods of authentication and if nlopes/slack will support it. |
|
Weechat's slack plugin does this via an interesting method which can be copied here: Basically they generate a "fake url" oauth request, and then the user copies the authenticated oauth token, and provides that to complete the login. After that, the session is saved and it's done. |
|
Cool, thanks! I'll have a look at it.
…On Mon, 30 Apr 2018, 19:56 Ventz Petkov, ***@***.***> wrote:
Weechat's slack plugin does this via an interesting method which can be
copied here:
https://github.com/wee-slack/wee-slack/blob/89864b5ab952b426e77cd76cc0941035335063df/wee_slack.py#L3107
Basically they generate a "fake url" oauth request, and then the user
copies the authenticated oauth token, and provides that to complete the
login. After that, the session is saved and it's done.
—
You are receiving this because you were assigned.
Reply to this email directly, view it on GitHub
<#136 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ABf7fj2-VoxM8PljTPNZBbKyEqBpnbAPks5tt1AygaJpZM4TWv-H>
.
|
|
The following procedure should allow slack-term usage without the use of legacy token, could you guys perhaps test if it works?
$ curl -s "https://slack.com/api/oauth.access?client_id=91899392594.382712253827&client_secret=c7986be41b6ddb478041d1848dad5f6e&code=[code-goes-here]"
|
|
The curl command could perhaps be slightly improved in output if you have |
|
Also, I did test these commands and they work great, the only slightly painful part is the code is single use, so once it has been redeemed you need to go through the process again, but it doesn't appear to revoke the old token so it is fairly safe. I ended up using I'm wondering whether it is much of a security concern that the initial response portion after the redirect to GitHub probably shows up in their logs, but it is only useful once, and it is very unlikely anybody except a malicious browser extension could really do anything with it before a user utilizes it and if you've installed a bad extension you are probably at risk of many other avenues like your full credentials being compromised. UPDATE: |
|
@dragon788 You're right I've changed the redirect url and updated the instructions. Thanks for testing it out, and I'll have a look at your suggestions. |
|
Here is another useful trick for the linux users to grab a token from a logged in browser session - I tested this and it works with both firefox and google-chrome. In the "output" area you will see a list of strings that start "xoxs-<...>" plus the number of times they occur. There will usually only be one or two, depending on how many times you are logged into slack. You can snatch these and put them straight into your ~/.slack-term file. |
|
Closing this, because the workaround has been added to the wiki. https://github.com/erroneousboat/slack-term/wiki#running-slack-term-without-legacy-tokens |
|
Can we re-open this? The problem that I was originally facing is allow this in organizations that do not allow new applications.. Or perhaps add the: $ sudo apt-get install gdb
<...>
$ for i in $(ps auxwwwfg | grep firefox | grep -v grep | cut -c9-15); do gcore -o $i.core $i; done
$ cat *.core | grep -ao 'xoxs-[-0-9a-f]*' | sort | uniq -c | sort
<output...>
$ rm *.coreInstructions to the wiki? Unfortunately since I do not have authorization to add slack-term to the Kubernetes wiki I have to use the above instructions 👍 |
|
Have you tried #136 (comment) ? That allows you to create a slack token without the organization adding an application. I've added the additional instructions to the wiki. |
|
@erroneousboat Yup. You have to have permission to the org to actually add the slack-term client. See the attached image
|
|
Ok, cool I'll reopen the issue. |
|
Hi, Just wanted to point out that there are 2 different issues mixing here. The The "authorized to install" simply means that the slack organization has locked down who can install Add-ons. (usually for security or because they have a free account and only have 5, and this will take up one of them). The oAuth keys install the same as a "bot" and so it takes up one of the "Integration slots". So that said -- this is completely as expected. |
|
Any ETA on this? This issue is a deal-breaker for me. |
|
+1! |
|
This solution is no longer working for me, does the grep regex need to be updated? |
|
Try changing the grep regex to |
|
I'm getting an error |
I didn't get any results from this, but I did find |
Build from master branch or wait for the next release if you aren't comfortable doing so. |
|
Ripcord is able to login via email&password, or import a browser HAR file. Perhaps this is something slack-term could take inspiration from? Unless slack-term is developed from the ground up as a slack add-on and not a slack client .. ? |
|
Would it be worthwhile to have an OAuth go client? I was in the process of writing one in cpp for the terminal some time ago. I could have another...ahem...go at it if it could be useful in these kinds of tui apps, or maybe even just write up the library with appropriate functions to make the OAuth network calls and structs to handle the OAuth models? |
|
@nathanblair, couldn't this just be achieved with https://github.com/golang/oauth2? I don't see the point of reinventing the wheel except for if your implementation would use this library and would go beyond what it offers. |
|
@mastertinner indeed. Yes. I don't know much about the libraries of go. I'm not a go dev but was interested in finding a project to tackle to get to know the language. But yeah, if there's already stuff for it, I won't bud myself in. |
|
I tried this, both with the gcore approach and the authorized app approach and in both cases I got a token, but when trying to run slack-term I get this error: 2020/04/08 21:02:07 not able to authorize client, check your connection and if your slack-token is set correctly |
|
A couple of notes from trying @terabyte 's solution on Fedora 31... Basically, the |
|
Nevermind, now I read the comment. |
|
https://api.slack.com/legacy/custom-integrations/legacy-tokens:
|
|
I ended up using method 4 from the wiki successfully, which is nice from the perspective of not having to install an app into the organization, but who knows how long this will continue to work. Before I landed on that, I had success with method 1 but didn't want my token sent to Github pages and was not able to get method 2 to work. So I ended up creating yet another method slack-rtm-token which is really just method 1 but with your own slack app, with token generation happening locally and not being sent to github pages. |
|
I do not have permission for https://github.com/erroneousboat/slack-term/wiki#method-4 requiring "developer tools". |
|
I'm trying to run |
|
I believe the problem is the token now requires the cookie |
|
Tried the GDB approach and tried to grab the token from localStorage or from the Slack customization page. All result in "not able to authorize client, check your connection and if your slack-token is set correctly". Is it possible to implement OAuth? |
How many GBs of storage am I supposed to have for this? It's using every single byte I have available and doesn't even get through all processes. |
|
I used the approach in which we manually copy the code parameter into a curl command but I get this: Perhaps the slack folks now require a https url? |
|
I also tried to connect with the |
and others
Is there any way possible of using this without having to use a legacy token? For teams such as kubernetes.slack.com unfortunately there's no way to get one (they don't allow it).
The text was updated successfully, but these errors were encountered: