Python Flask adapter for verifying Slack signatures

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for aoberoi from gravatar.com aoberoi Avatar for eaescob from gravatar.com eaescob Avatar for seratch from gravatar.com seratch

Unverified details

These details have not been verified by PyPI
Project links
Meta
Report project as malware

Project description

https://github.com/eaescob/flask-slacksigauth/actions/workflows/build.yml/badge.svg https://codecov.io/gh/eaescob/flask-slacksigauth/branch/master/graph/badge.svg?token=WPOI4PT5ZU https://badge.fury.io/py/flask-slacksigauth.png

The Slack Signature Authentication module is a Python-based solution for Flask applications to be able to authenticate POST requests coming in from Slack. The module returns HTTP code 403 for those requests that fail Slack’s signature validation. The module adds a decorator that can be used for Flask routes.

Integrity

Added SLSA provenance checks to every release starting with v1.0.9

You will need to install slsa-verifier first

Provenance verification

python -m pip download --only-binary=:all: flask-slacksigauth #Downloads flask_slacksigauth-1.0.9-py3-none-any.whl
curl --location -O https://github.com/eaescob/flask-slacksigauth/releases/download/v1.0.9/multiple.intoto.jsonl
slsa-verifier verify-artifact                             \
  --provenance-path multiple.intoto.jsonl                 \
  --source-uri github.com/eaescob/flask-slacksigauth      \
  flask_slacksigauth-1.0.9-py3-none-any.whl

Check for - PASSED: Verified SLSA Provenance

After successful verification, package is safe to be installed.

Installation

pip install flask-slacksigauth

App Setup

After declaring your Flask API endpoints, you can decorate them to for authentication checks:

@app.route('/api', methods=['POST', 'GET'])
@slack_sig_auth
def api():
  return jsonify(message='OK'), 200

This will force slack signature authentication for you ‘/api’ endoint.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for aoberoi from gravatar.com aoberoi Avatar for eaescob from gravatar.com eaescob Avatar for seratch from gravatar.com seratch

Unverified details

These details have not been verified by PyPI
Project links
Meta

Release history Release notifications | RSS feed

This version

1.0.10

1.0.9

1.0.8

1.0.7

1.0.6

1.0.5

1.0.4

1.0.3

1.0.2

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

flask_slacksigauth-1.0.10.tar.gz (15.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

flask_slacksigauth-1.0.10-py3-none-any.whl (15.5 kB view details)

Uploaded Python 3

File details

Details for the file flask_slacksigauth-1.0.10.tar.gz.

File metadata

  • Download URL: flask_slacksigauth-1.0.10.tar.gz
  • Upload date:
  • Size: 15.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.0 CPython/3.12.4

File hashes

Hashes for flask_slacksigauth-1.0.10.tar.gz
Algorithm Hash digest
SHA256 7504e40d76ffee44e19311e8f35e6097546aec44fc97e2275b5c8462e2e2f657
MD5 bd4ba9bd8ffc99e449951081fc0da059
BLAKE2b-256 cc007a9884324bd98ab7bc5e93e69a7983c28f317d22c8bd9f73580d23929554

See more details on using hashes here.

File details

Details for the file flask_slacksigauth-1.0.10-py3-none-any.whl.

File metadata

File hashes

Hashes for flask_slacksigauth-1.0.10-py3-none-any.whl
Algorithm Hash digest
SHA256 f24a384d8b4ce52453c0160c6f3958fb4c5b0db26d754b7b1a3f8b8cddec078e
MD5 9e0787c002469d92f66e9c69ee60f7ec
BLAKE2b-256 51e51edb34c9e48439781d07c5fb81313454c479d62e531abdbc220b745b6745

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page