diff --git a/lib/omniauth/strategies/slack.rb b/lib/omniauth/strategies/slack.rb index 3d5a2d6..51a7aab 100644 --- a/lib/omniauth/strategies/slack.rb +++ b/lib/omniauth/strategies/slack.rb @@ -7,7 +7,7 @@ module Strategies class Slack < OmniAuth::Strategies::OAuth2 option :name, 'slack' - option :authorize_options, [:scope, :team] + option :authorize_options, [:scope, :team, :redirect_uri] option :client_options, { site: 'https://slack.com', @@ -22,28 +22,26 @@ class Slack < OmniAuth::Strategies::OAuth2 # User ID is not guaranteed to be globally unique across all Slack users. # The combination of user ID and team ID, on the other hand, is guaranteed # to be globally unique. - uid { "#{user_identity['id']}-#{team_identity['id']}" } + uid do + if authorize_params.scope.include?('identity.basic') + "#{user_identity['id']}-#{team_identity['id']}" + else + user_info_and_team_info_to_uid + end + end info do - hash = { - name: user_identity['name'], - email: user_identity['email'], # Requires the identity.email scope - image: user_identity['image_48'], # Requires the identity.avatar scope - team_name: team_identity['name'] # Requires the identity.team scope - } - - unless skip_info? - [:first_name, :last_name, :phone].each do |key| - hash[key] = user_info['user'].to_h['profile'].to_h[key.to_s] - end + if authorize_params.scope.include?('identity.basic') + identity_to_info + else + user_info_to_info end - - hash end extra do { raw_info: { + auth_test: auth_test, team_identity: team_identity, # Requires identify:basic scope user_identity: user_identity, # Requires identify:basic scope user_info: user_info, # Requires the users:read scope @@ -64,21 +62,39 @@ def authorize_params end end + def auth_test + @auth_test ||= access_token.get('/api/auth.test').parsed + end + def identity @identity ||= access_token.get('/api/users.identity').parsed end def user_identity - @user_identity ||= identity['user'].to_h + @user_identity ||= if authorize_params.scope.include?('identity.basic') + identity['user'].to_h + else + {} + end end def team_identity - @team_identity ||= identity['team'].to_h + @team_identity ||= if authorize_params.scope.include?('identity.basic') + identity['team'].to_h + else + {} + end end def user_info + user_id = if authorize_params.scope.include?('identity.basic') + user_identity['id'] + else + auth_test['user_id'] + end + url = URI.parse('/api/users.info') - url.query = Rack::Utils.build_query(user: user_identity['id']) + url.query = Rack::Utils.build_query(user: user_id) url = url.to_s @user_info ||= access_token.get(url).parsed @@ -100,9 +116,53 @@ def bot_info private + # def callback_url + # full_host + script_name + callback_path + # end def callback_url - full_host + script_name + callback_path + authorize_params.redirect_uri + end + + def identity_to_info + hash = { + name: user_identity['name'], + username: user_identity['username'], + email: user_identity['email'], # Requires the identity.email scope + image: user_identity['image_48'], # Requires the identity.avatar scope + team_name: team_identity['name'] # Requires the identity.team scope + } + + unless skip_info? + [:first_name, :last_name, :phone].each do |key| + hash[key] = user_info['user'].to_h['profile'].to_h[key.to_s] + end + end + + hash + end + + def user_info_and_team_info_to_uid + "#{user_info['user']['id']}-#{team_info['team']['id']}" end + + def user_info_to_info + hash = { + name: user_info['user']['real_name'], + username: user_info['user']['name'], + email: user_info['user']['profile']['email'], # Requires the users:read scope + image: user_info['user']['profile']['image_48'], # Requires the users:read scope + team_name: team_info['team']['name'] # Requires the users:read scope + } + + unless skip_info? + [:first_name, :last_name, :phone].each do |key| + hash[key] = user_info['user'].to_h['profile'].to_h[key.to_s] + end + end + + hash + end + end end end