Python Flask adapter for verifying Slack signatures

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for aoberoi from gravatar.com aoberoi Avatar for eaescob from gravatar.com eaescob Avatar for seratch from gravatar.com seratch

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics
Meta

License: GNU

Author: Emilio Escobar

Project description

https://github.com/eaescob/flask-slacksigauth/actions/workflows/build.yml/badge.svg https://codecov.io/gh/eaescob/flask-slacksigauth/branch/master/graph/badge.svg?token=WPOI4PT5ZU https://badge.fury.io/py/flask-slacksigauth.png

The Slack Signature Authentication module is a Python-based solution for Flask applications to be able to authenticate POST requests coming in from Slack. The module returns HTTP code 403 for those requests that fail Slack’s signature validation. The module adds a decorator that can be used for Flask routes.

Integrity

Added SLSA provenance checks to every release starting with v1.0.9

You will need to install slsa-verifier first

Provenance verification

python -m pip download --only-binary=:all: flask-slacksigauth #Downloads flask_slacksigauth-1.0.9-py3-none-any.whl
curl --location -O https://github.com/eaescob/flask-slacksigauth/releases/download/v1.0.9/multiple.intoto.jsonl
slsa-verifier verify-artifact                             \
  --provenance-path multiple.intoto.jsonl                 \
  --source-uri github.com/eaescob/flask-slacksigauth      \
  flask_slacksigauth-1.0.9-py3-none-any.whl

Check for - PASSED: Verified SLSA Provenance

After successful verification, package is safe to be installed.

Installation

pip install flask-slacksigauth

App Setup

After declaring your Flask API endpoints, you can decorate them to for authentication checks:

@app.route('/api', methods=['POST', 'GET'])
@slack_sig_auth
def api():
  return jsonify(message='OK'), 200

This will force slack signature authentication for you ‘/api’ endoint.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for aoberoi from gravatar.com aoberoi Avatar for eaescob from gravatar.com eaescob Avatar for seratch from gravatar.com seratch

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics
Meta

License: GNU

Author: Emilio Escobar


Release history Release notifications | RSS feed

This version

1.0.10

1.0.9

1.0.8

1.0.7

1.0.6

1.0.5

1.0.4

1.0.3

1.0.2

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

flask_slacksigauth-1.0.10.tar.gz (15.9 kB view hashes)

Uploaded Source

Built Distribution

flask_slacksigauth-1.0.10-py3-none-any.whl (15.5 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page