Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove quotes from cookie value in OAuthStateUtils #1648

Merged
merged 3 commits into from
Feb 4, 2025
Merged

Remove quotes from cookie value in OAuthStateUtils #1648

merged 3 commits into from
Feb 4, 2025

Conversation

memben
Copy link
Contributor

@memben memben commented Feb 1, 2025

Summary

Fixes #1647.

Note that the second replace("'", "") was not needed in my case - but to future proof for any quoting issues

Testing

Follow the flow in #1647

Category

  • slack_sdk.web.WebClient (sync/async) (Web API client)
  • slack_sdk.webhook.WebhookClient (sync/async) (Incoming Webhook, response_url sender)
  • slack_sdk.socket_mode (Socket Mode client)
  • slack_sdk.signature (Request Signature Verifier)
  • slack_sdk.oauth (OAuth Flow Utilities)
  • slack_sdk.models (UI component builders)
  • slack_sdk.scim (SCIM API client)
  • slack_sdk.audit_logs (Audit Logs API client)
  • slack_sdk.rtm_v2 (RTM client)
  • /docs (Documents)
  • /tutorial (PythOnBoardingBot tutorial)
  • tests/integration_tests (Automated tests for this library)

Requirements

  • I've read and understood the Contributing Guidelines and have done my best effort to follow them.
  • I've read and agree to the Code of Conduct.
  • I've run python3 -m venv .venv && source .venv/bin/activate && ./scripts/run_validation.sh after making the changes.

@salesforce-cla Salesforce CLA
Copy link

salesforce-cla bot commented Feb 1, 2025

Thanks for the contribution! Before we can merge this, we need @memben to sign the Salesforce Inc. Contributor License Agreement.

@seratch seratch closed this Feb 3, 2025
@seratch seratch reopened this Feb 3, 2025
@seratch seratch added bug M-T: A confirmed bug report. Issues are confirmed when the reproduction steps are documented Version: 3x oauth labels Feb 3, 2025
@seratch seratch added this to the 3.34.1 milestone Feb 3, 2025
@seratch
Copy link
Member

seratch commented Feb 3, 2025

@memben Could you run black (the code formatter) for the changes you've made?

Run black --check slack/ slack_sdk/ tests/ integration_tests/
would reformat slack_sdk/oauth/state_utils/__init__.py

Oh no! 💥 💔 💥
1 file would be reformatted, 437 files would be left unchanged.
Error: Process completed with exit code 1.

@memben
Copy link
Contributor Author

memben commented Feb 3, 2025

@seratch done - sorry didn't recheck after signing the CLA

@codecov Codecov
Copy link

codecov bot commented Feb 3, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 85.33%. Comparing base (f0ae8c3) to head (d3853e8).
Report is 1 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #1648   +/-   ##
=======================================
  Coverage   85.33%   85.33%           
=======================================
  Files         113      113           
  Lines       12802    12802           
=======================================
  Hits        10924    10924           
  Misses       1878     1878

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@seratch seratch merged commit f3be63f into slackapi:main Feb 4, 2025
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@seratch seratch seratch approved these changes

Assignees
No one assigned
Labels
bug M-T: A confirmed bug report. Issues are confirmed when the reproduction steps are documented cla:signed oauth Version: 3x
Projects
None yet
Milestone
3.35.0
Development

Successfully merging this pull request may close these issues.

Cookie Value Quotation Breaking OAuth Flow with Base64 Padded State
2 participants
@memben @seratch