A framework to build Slack apps using Python
MIT License
Bot releases are visible (Hide)
Published by seratch almost 3 years ago
Since this release, the Django adapter has been improved to properly manage the thread-local database connections bound to the threads managed by Bolt framework. If you use the Django adapter, we highly recommend upgrading to this version or newer.
Please refer to #514 #512 #509 for more details.
Published by seratch almost 3 years ago
Published by seratch about 3 years ago
Published by seratch about 3 years ago
Published by seratch about 3 years ago
Published by seratch about 3 years ago
Since this release, developers can customize listener_executor
in apps. Also, to support the use case where Enterprise Grid Org admins install apps from their app management page, we've added a new option to disable state parameter validation in the OAuth flow. Please note that we still don't recommend disabling the state validation for usual OAuth apps.
listener_executor
in App
- Thanks @chrisbouchardoauth_settings.state_validation_enabled
to customize the OAuth flow - Thanks @seratchPublished by seratch about 3 years ago
App
/ AsyncApp
comments and API documents - Thanks @objectfoxPublished by seratch about 3 years ago
Published by seratch about 3 years ago
Refer to the v1.8.0 release note
Published by seratch over 3 years ago
This version includes the support for the apps enabling the newly released token rotation for better security. Refer to the API document for the general information about the feature.
If you use any of the built-in InstallationStore
, there is nothing else to change on your application code side. If you use the relational database tables along with a built-in InstallationStore
, refer to the latest table schema here.
If you use your own custom authorize
, not the built-in InstallationStoreAuthorize
, the authorize
function needs to be updated to run the token rotation. Refer to the InstallationStoreAuthorize
's code to learn what to do for it.
If you operate Django apps based on the example app in this repository and would like to enable token rotation for the apps, check this commit to learn the required changes for it.
SQLAlchemyInstallationStore
usersIf your app uses the built-in SQLAlchemyInstallationStore
for managing Slack app installations, adding the following database columns is required for this version upgrade. Refer to the code to check the complete ones.
Also, since this version, all the table columns for string data have their max length for better compatibility with MySQL. We recommend setting the same ones for your models.
Column("bot_refresh_token", String(200)),
Column("bot_token_expires_at", DateTime),
Column("user_refresh_token", String(200)),
Column("user_token_expires_at", DateTime),
Column("bot_refresh_token", String(200)),
Column("bot_token_expires_at", DateTime),
Published by seratch over 3 years ago
Published by seratch over 3 years ago
Since this version, the warning message for unhandled requests is even more helpful!
Let's say you've configured the "message" event subscription in the Slack App configuration page, and the Slack server-side started sending message events to your app. However, your app does not have the corresponding event listener yet. In this case, Bolt suggests the missing listener with a working code snippet.
WARNING:slack_bolt.App:Unhandled request ({'type': 'event_callback', 'event': {'type': 'message'}})
---
[Suggestion] You can handle this type of event with the following listener function:
@app.event("message")
def handle_message_events(body, logger):
logger.info(body)
The new suggestion logging should be helpful for the developers who are new to Bolt and the Slack platform.
Developers can turn any of the built-in middleware off if they would like to do so for some reason.
app = App(
token=os.environ["SLACK_BOT_TOKEN"],
signing_secret=os.environ["SLACK_SIGNING_SECRET"],
# Verify request signature
request_verification_enabled = False, # default: True
# Skip processing the events generated by this app's bot user itself
ignoring_self_events_enabled = False, # default: True
# Respond to ssl_check requests
ssl_check_enabled = False, # default: True
# Respond to url_verification requests in the Events API configuration steps
url_verification_enabled = False, # default: True
)
Please make sure if it's safe enough when you turn a built-in middleware off. We strongly recommend using RequestVerification
for better security. If you have a proxy that verifies request signature in front of the Bolt app, it's totally fine to disable RequestVerification
to avoid duplication of work. Don't turn it off just for easiness of development.
Published by seratch over 3 years ago
This release upgrades the underlying slack-sdk
package from 3.4 to 3.5 (or higher). Refer to the package's release note for more details: https://github.com/slackapi/python-slack-sdk/releases/tag/v3.5.0
Since this version, the out-of-the-box support for the following events is available:
To use this feature, all you need to do are:
installation_store
of the OAuth settings (see the document)enable_token_revocation_listeners()
method of the App
/ AsyncApp
instanceapp = App(
# Enabling installation_store required
)
app.enable_token_revocation_listeners()
This is equivalent to the following code:
app = App() # installation_store required
app.event("tokens_revoked")(app.default_tokens_revoked_event_listener)
app.event("app_uninstalled")(app.default_app_uninstalled_event_listener)
These event listeners properly utilize the data deletion methods in the InstallationStore
you use. If you have your own InstallationStore
implementation, please implement deletion methods in the classes. Refer to https://github.com/slackapi/python-slack-sdk/pull/995 for more details.
Handling unmatched request patterns had not been customizable in the past versions. The pull request #290 introduced a new option to enable using @app.error
handlers for unmatched requests. The default is set to False, which is fully backward compatible. If the option is True, Bolt raises a BoltUnhandledRequestError
with sufficient information. @app.error
handler can customize the behavior for the patterns (e.g., having custom logging, changing HTTP status from 404 to something else).
app = App(
token=os.environ["SLACK_BOT_TOKEN"],
signing_secret=os.environ["SLACK_SIGNING_SECRET"],
# enable @app.error handler to catch the patterns
raise_error_for_unhandled_request=True,
)
@app.error
def handle_errors(error):
if isinstance(error, BoltUnhandledRequestError):
# You may want to have debug/info logging here
return BoltResponse(status=200, body="")
else:
# other error patterns
return BoltResponse(status=500, body="Something wrong")
respond
to app.view
ListenersWhen an input block in your modal has response_url_enabled: true
, view_submission
payloads can have response_urls
. Since this version, you can use respond
utility to use the primary element in the array.
@app.view("view-id")
def check(ack, respond):
# if there is an input block with response_url_enabled: true
respond("This message will be posted in the selected channel")
ack()
see also:
ListenerCompletionHandler
is a new addition, which enables developers to customize callbacks for listener runner completion. The callbacks can be useful, especially when you use a library/framework that utilizes thread-local variables (e.g., Django ORM, thread-local sessions in SQLAlchemy) along with Bolt for Python.
If you're interested in how it works, check the updated Django adapter implementation for details: https://github.com/slackapi/bolt-python/blob/v1.5.0/slack_bolt/adapter/django/handler.py
from django.db import connections
class DjangoListenerCompletionHandler(ListenerCompletionHandler):
def handle(self, request: BoltRequest, response: Optional[BoltResponse]) -> None:
# closes all the thread-local connections in the current thread
connections.close_all()
Published by seratch over 3 years ago
Published by seratch over 3 years ago
Published by seratch over 3 years ago
slack_sdk
to v3.4.1 - Thanks @seratchPublished by seratch over 3 years ago
Published by seratch over 3 years ago
This release upgrades the underlying slack-sdk
package from 3.3 to 3.4 (or higher). Refer to the package's release note for more details: https://github.com/slackapi/python-slack-sdk/releases/tag/v3.4.0
Published by seratch over 3 years ago
This patch version upgrades the minimum slack-sdk version from 3.3.1 to 3.3.2 for proxy issue in the built-in SocketModeClient. Also, Socket Mode adapter supports newly added proxy_headers
argument in its constructor. Refer to https://github.com/slackapi/python-slack-sdk/releases/tag/v3.3.2 for the underlying changes.
Published by seratch over 3 years ago