Unable to delete a message sent via Incoming Webhooks - slack

I am using Slack Incoming Webhooks requests to post messages to a Slack channel from an app. I love it since I can send messages directly from shell scripts.
However going further I stumble into the problem that I seem to be unable to delete messages.
The app has two access tokens:
An OAuth access token xoxp-012345678901-012345678901-012345678901-0123456789abcdef0123456789abcdef (this is a fictitious token but the length is the same as the actual token).
Bot User OAuth access token xoxb-012345678901-012345678901-0123456789abcdef01234567.
Using the xoxp- OAuth access token I can retrieve channel history.
curl "https://slack.com/api/channels.history?token=xoxp-012345678901-012345678901-012345678901-0123456789abcdef0123456789abcdef&channel=CABCDABCD&count=20&pretty=1"
With the xoxb- token the channels.history request fails with
{
"ok": false,
"error": "not_in_channel"
}
In chat history I have a message that I would like to delete. The message was posted using Incoming Webhooks associated with the App.
{
"type": "message",
"subtype": "bot_message",
"text": ":heavy_check_mark:",
"ts": "1580968882.000800",
"bot_id": "BABCDABCD",
"blocks": [
{
"type": "section",
"block_id": "5Ov",
"text": {
"type": "mrkdwn",
"text": "text of the message to delete",
"verbatim": false
}
}
]
}
However neither token works with chat.delete. Both
curl "https://slack.com/api/chat.delete?token=xoxb-012345678901-012345678901-0123456789abcdef01234567&channel=CABCDABCD&ts=1580968882.000800&pretty=1"
and
curl "https://slack.com/api/chat.delete?token=xoxp-012345678901-012345678901-012345678901-0123456789abcdef0123456789abcdef&channel=CABCDABCD&ts=1580968882.000800&pretty=1"
fail with
{
"ok": false,
"error": "cant_delete_message"
}
And the question is: Is there a way to delete a message posted by an app via Incoming Webhooks requests?
PS. Both chat:write:bot and chat:write:user permissions are granted.

Yes, but the token owner needs to be admin in order to have the right to delete message of other users / apps.
To clarify: This has nothing to do with OAuth scopes, but with the Slack role of the user who owns the token.

Related

Slack API: Unable to get Chat:Write:Bot to send message as custom username

I'm trying to integrate Slack with our application using their web API. I need to use the chat.postMessage endpoint with a custom username and setting as_user = false. I'm able to post messages but when I set as_user=false it doesn't work.
Example:
{
"channel" : "1234689",
"text" : "Hello, It's me.",
"username": "DJDEPOLO",
"as_user" : false
}
Every time I make that call I'm getting back an error saying I'm missing chat:write:bot. But I can not figure out how to get that scope. I've tried everything I could think of and went over their documentation several times.
I tried requesting the scope using the OAuth route and when I add chat:write:bot to the scopes I get an error saying
Invalid permissions requested
Example:
https://slack.com/oauth/v2/authorize?scope=chat:write:bot&client_id=1234&redire....
It appears that I need to use the user token to perform this action but when I request my access token I'm getting back a bot token.
Has anyone ever had to work with chat:write:bot or any scope that ends with :bot? Or am I missing something here?
First, select your app at your apps for slack and navigate to 'OAuth & Permissions' page.
Then, click 'Update Scopes' in 'Scopes' section, scroll down, press 'Continue' and add chat:write to User Token Scopes. Then scroll down again and finish the process.
In order to get a user token, add user_scope param to your query instead of scope so that it looks like this https://slack.com/oauth/v2/authorize?user_scope=chat:write&redirect_uri=.... When you exchange the code for access token, you will receive something like this:
{
"ok": true,
"app_id": "A0KRD7HC3",
"team": {
"name": "Slack Softball Team",
"id": "T9TK3CUKW"
},
"authed_user": {
"id": "U1234",
"scope": "chat:write",
"access_token": "xoxp-1234",
"token_type": "user"
}
}
Pay attention to authed_user.access_token, as this is the token you need to send in your Authorization header.
Here is an example of POST body:
{
"channel": "Your channel id",
"as_user": true,
"text": "hi there",
"attachments": []
}
Hope it helps you.

How to send a proactive message from a bot to a user

I am trying to send a message from a bot to a teams user who hasn't already installed the bot and doesn't need to install the bot via REST API.
I have tried following this document.
It clearly states:
"Sending a message to start a new conversation thread is different than sending a message in response to an existing conversation: when your bot starts a new a conversation, there is no pre-existing conversation to post the message to. In order to send a proactive message you need to:"
As far as I understand, this means that what I am trying to do is possible. I have tried to run this sample.
However, as far as I can tell it needs a conversation id. Without a conversation id it doesn't work.
I have tried to send a request like this with a bot network token ( which is normally used to respond to an activity request by the user):
POST /v3/conversations
{
"bot": {
"id": "28:10j12ou0d812-2o1098-c1mjojzldxcj-1098028n ",
"name": "The Bot"
},
"members": [
{
"id": "29:012d20j1cjo20211"
}
],
"channelData": {
"tenant": {
"id": "197231joe-1209j01821-012kdjoj"
}
}
}
However, it fails with the following message:
Send Message to https://graph.microsoft.com/v3/conversations failed: (401) {
"error": {
"code": "InvalidAuthenticationToken",
"message": "Access token validation failure. Invalid audience.",
"innerError": {
"request-id": "92922235-8c87-47ed-92bc-4ba17469611a",
"date": "2019-09-24T14:43:59"
}
}
}
I am guessing that this maybe because I didn't send MicrosoftAppCredentials.TrustServiceUrl first. But this is a c# call. How do I make the same call in REST API?
Please take a look at Bot Framework REST APIs documentation.
Here are steps to generate the access token which you could use to call Create Conversation APIs.
POST https://login.microsoftonline.com/botframework.com/oauth2/v2.0/token
Host: login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials&client_id=MICROSOFT-APP-ID&client_secret=MICROSOFT-APP-PASSWORD&scope=https%3A%2F%2Fapi.botframework.com%2F.default

Outlook REST API - Send As

I am currently using the Outlook REST API to send email. This is working fine when sending from a user mailbox such as:
https://outlook.office.com/api/v2.0/users/user#domain.com/sendMail
'user#domain.com' is the UPN of a valid user account in Azure AD.
What I need to do is 'send as' a shared mailbox. According to the documentation this can be achieved by changing the 'From' property in the JSON request body. An example would be:
{
"Message": {
"Subject": "Email Unit Test",
"Body": {
"ContentType": "HTML",
"Content": "Message body"
},
"ToRecipients": [
{
"EmailAddress": {
"Address": "recipient#somehost.com"
}
}
],
"Attachments": [
],
"From": {
"EmailAddress": {
"Address": "shared_mailbox#domain.com"
}
},
"Sender": {
"EmailAddress": {
"Address": "user#domain.com"
}
}
},
"SaveToSentItems": "false"
}
Now, when I give user#domain.com 'Send As' and 'Send On Behalf Of' access to the shared mailbox this works. The recipient gets an email with the from field saying 'user#domain.com On Behalf Of shared_mailbox#domain.com'. What I want however is for the email to appear as being sent from shared_mailbox only without the on behalf of user. To test this out further I removed the 'Send On Behalf Of' access and left 'Send As' access only. In the API I now get an error:
{
"error": {
"code": "ErrorSendAsDenied",
"message": "The user account which was used to submit this request does not have the right to send mail on behalf of the specified sending account., Cannot submit message."
}
}
Interestingly though, in my Outlook client I can still send an email from the shared mailbox and it works as expected with no 'on behalf of' in the From field. I'm starting to wonder whether this is a limitation of the REST API however there is nothing in the Microsoft docs to suggest this.
Has anyone had similar experiences with the REST API?
I tried to do the same thing and it seems the REST API allows you to implement "send on behalf of" but not "send as" feature.

Microsoft botframework and slack channel

How do I get the url/team name from a bot framework activity/context? Currently I can get the TeamId but can that be translated into the text string for the teams name?
For example testteam.slack.com, how can I extract the "testteam" part from bot framework messages?
As already mentioned you can call the Slack API method team.info to get the domain name for a team. However, that requires your token to have specific scopes, which you might not have.
It's therefore better to call auth.test, because it does not require any special scopes (except the bot scope for a bot token, but that is implicit). This API method will return the full URL of the Slack team along with other basic info for the provided Slack token.
Note that you need a Slack token corresponding with the team you want to get the info for. The team ID alone is not sufficient to get info about a team. (same for team.info btw). I am not familiar with the botframework, but since it works with Slack it must have a method to retrieve the current Slack token.
Example output:
{
"ok": true,
"url": "https:\/\/subarachnoid.slack.com\/",
"team": "Subarachnoid Workspace",
"user": "grace",
"team_id": "T12345678",
"user_id": "W12345678"
}
You are looking for team.info method in Slack API, that you can query with your Bot User OAuth Access Token (visible in OAuth & Permissions menu, and also available in each bot message in the ChannelData, property named ApiToken).
You can get details about this method here: https://api.slack.com/methods/team.info
In particular, have a look to domain field in the response sample:
{
"ok": true,
"team": {
"id": "Txxxxxx",
"name": "BotDemoCompany",
"domain": "botdemocompany",
"email_domain": "xxxxxxx.com",
"icon": {
"image_34": "https:\/\/a.slack-edge.com\/xxx.png",
"image_44": "https:\/\/a.slack-edge.com\/xxx.png",
"image_68": "https:\/\/a.slack-edge.com\xxx.png",
"image_88": "https:\/\/a.slack-edge.com\/xxx.png",
"image_102": "https:\/\/a.slack-edge.com\/xxx.png",
"image_132": "https:\/\/a.slack-edge.com\/xxx.png",
"image_230": "https:\/\/a.slack-edge.com\/xxx.png",
"image_default": true
}
}
}

Send message from Postman to Microsoft Bot

I am trying to send a message to a bot I created and published to azure services so that the bot can then start messaging some of its users.
I am trying to make the requests on Postman first so that then I can build a controller for that interaction.
I am doing the following request:
POST https://login.microsoftonline.com/botframework.com/oauth2/v2.0/token
Content-Type: application/x-www-form-urlencoded
Body:
grant_type:client_credentials
client_id: my_ms_app_id
client_secret: my_ms_app_secret
scope: https://api.botframework.com/.default
from this I get in the response the Bearer Authorization:
{
"token_type": "Bearer",
"expires_in": 3599,
"ext_expires_in": 0,
"access_token": "eyJ0eXA..."
}
Then I proceed with the following request:
POST https://skype.botframework.com/v3/conversations
Content-Type: application/json
Authorization: Bearer eyJ0eXAi....
{
"bot": {
"id": "i don't have this id so i pass some string",
"name": "connector controller"
},
"isGroup": false,
"members": [
{
"id": "28:...", //ID of the bot I want to send the message to
"name": "Sp Bot"//Name of the bot I want to talk to
},
{
"id": "i don't have this id so i pass some string",
"name": "connector controller"
}
],
"topicName": "News Alert"
}
in response i get the conversation id which matches "id": "i don't have this id so i pass some string":
{
"id": "i don't have this id so i pass some string"
}
Then I proceed with the following POST request:
POST. https://skype.botframework.com/v3/conversations/i don't have this id so i pass some string/activities
Authorization: Bearer eyJ0...
Content-Type:application/json
I get the following response:
400 Bad Request
{
"error": {
"code": "ServiceError",
"message": "The conversationId 29... and bot .... doesn't match a known conversation"
}
}
It looks like the problem occurs between the second and the 3 post method. It looks like that the https://skype.botframework.com/v3/conversations does not generate a conversation with the bot with Id I entered.
So when I make the final call to the bot: https://skype.botframework.com/v3/conversations/.../activities I always get the serviceError message.
Based on your comments you are trying to create a custom "channel/client" to talk with the bot.
For doing that, I would recommend taking a look to Direct Line which seems the way to go for achieving your requirement.
I'm not sure which language are you using, so I will send you pointers to both C# and Node.
These are samples that will show you how to create custom client using Direct Line to interact with your bot:
C#
Basic Direct Line sample
Direct Line sample using Web Sockets
Node.js
Basic Direct Line sample
Direct Line sample using Web Sockets
All the samples are using a console app as the "custom channel".
Since you're going to make an app talk to your bot and most likely be using DirectLine after you and Ezequiel chatted, I created a series of screencaps on connecting to the DirectLine endpoint through Potsman. I'm going to assume that you know how to use environmental and global variables in Postman, here are Postman's documentation for other people's benefit. Also, the DirectLine v3.0 docs are here.
Below is a capture of the directline endpoint you would request a token from, {{DLsecret}}'s guts looks like this, Bearer <your-dl-secret>:
Here is an example of the response body you would receive on a valid call:
You may have noticed that I have some test results, in the screenshow below it has five (vs four) tests because I added the test verifying that the conversationId was set in the environment variables:
Here's the second query sent, which contains an actual message:
This is the request body which has the message:
And here is the response body:

Resources