Interact with slack bot without a public accessible server - slack

For some security reasons that I can't have a public accessible server to receive data from slack.
So, this is what I'm planning to do:
Inbound message from slack: using RTM API
Outbound message to slack: using RTM API or Web API
Questions:
Any better alternatives?
Any restrictions? (AFAIK, buttons and drop downs can't work)
If Web API reach rate limit, can I use incoming webhook as a backup plan?

RTM only approach
Yes, that would work. With only the RTM API you are limited to:
receiving and responding to messages
Other RTM events.
You can't use any interactive functionality like:
Interactive components (buttons, menus, datepickers)
Dialogs
Rate limit on message posting
Using the webhook as "backup" to circumvent the rate limit is not an option, since the rate limit of posting max 1 message per second applies to all form of message posting.
From the documentation:
In general, apps may post no more than one message per second per
channel, whether a message is posted via chat.postMessage, an incoming
webhook, or one of the many other ways to send messages in to Slack.
Alternatives
You did not give any details about the reasons why your app can't expose an endpoint to the public Internet. But you might want to consider using a VPN tunnel like ngrok.

Yes! Socket Mode
There is a new alternative from slack, Socket Mode, which doesn't require a publicly accessible server.
Note: this is only for private apps.
With Socket Mode you have an API token and your server uses it to communicate with Slack's servers and create a two way socket connection. This means your Slack Bot's code can run on a machine behind a firewall and not require any inbound ports to be opened.
Slack message delivery requires an acknowledgement once you get the message, or else they may retry to deliver it.
Limitations
Socket Mode has two main limitations:
Apps using Socket Mode are not currently allowed in the public Slack App Directory.
Socket Mode is only available for apps using new, granular permissions. If you created your app on or after December of 2019, good news: your app already uses the new permissions. Otherwise, you may have to migrate your classic Slack app to use granular permissions before turning on Socket Mode.

Related

Sonos control api: polling rate & subscription

We are controlling the sonos via a small IOT device. This device will be placed at the homes of our customers.
In our home automation system we need to know the playbackstate + volume of the players/groups.
At which polling rate can we ask these parameters ?
We cannot use a cloud server to handle the subscription events.
I tried to put a https webservice in the IOT device with a self signed certificate but this doesn't work.
After I have posted the subscription I get a request in my webservice but the cloud sonos server disconnects immediately.
Probably because of the certificate is self signed - Or can there be another reason ?
Is there another way to recieve status events ?
During discovery In the players Json object there is a key 'websocketUrl'.
The documentation says "The secure WebSocket URL for the device. See Connect for details".
But I cannot find more info about this.
Can this be used ?
At which polling rate can we ask these parameters?
Consider using subscriptions instead of polling. See this answer for more: https://stackoverflow.com/a/60893119/4902948
We cannot use a cloud server to handle the subscription events...
Or can there be another reason?
Is there another way to [receive] status events?
You must host a service that satisfies a set of requirements to receive events. See this answer for more: https://stackoverflow.com/a/57189717/4902948
Also see Details on API credentials and events in New features in versions 11.1, 11.2 (S1), & 12.0 (S2).
Can [the 'websocketUrl'] be used?
This is not publicly available for use.
It would be a lot easier to use the (undocumented but more useful) UPnP APIs. You could simply Subscribe to the UPnP RenderingControl endpoint, then you will get an event every time the volume changes. To find when the track changes, subscribe to AVTransport endpoint.
You can do this with a local server (this is how every Sonos app works after all) and no special cert requirements either.
UPnP events are described in the UPnP spec.
Your question doesn't provide details about the language you're using, but if the device is powerfull enough to run node, you have a good change with my sonos library.
You can just pull the required information from the device as often as you like. Or use the build-in event subscriptions. If you use the events, it will automatically setup an http listener and automatically subscribe to all the events you're listening for.
Events are instant (as in 50ms-100ms after the event took place on the device).
If you request information it is send directly to the device and the device will respond with the answer. Pulling multiple data points per second has never been a problem to me.
Warning as stated above, this uses the undocumented local UPNP api, but since their own app also uses it, I'm guessing that won't change soon.

Interactive messages on slack without external service

I'm working on a simple slack bot which is supposed to ask simple questions (yes/no) and based on answers perform some actions. AFAIU I should be using interactive messages for this. The problem is that it's supposed that slack will then call some external URL with the result, but for security reasons, I can't expose any service externally.
I was hoping I can just receive some event (using Events API) from Slack that user choose one of the options and simply read it directly using API. Unfortunately I can't find anything like that.
Is possible to use interactive messages without exposing external service to the world?
Yes. If you build a bot with the Real Time Messaging API you do not need to expose an endpoint to the public Internet.
With the RTM API you open a connection to Slack (which can be from behind a firewall) and maintain that connection. There is no call-back from Slack.
However, the RTM API will only enable you to create a chat bot that can react to events and message posts. The interactive message features like buttons and drop-down menus still require you to provide an endpoint.

Using SignalR to push to clients from a long running process

Firstly, here is state of my application:
I have a request coming in from a client (angularjs app) into my API (web api 2). This request is processed and a record is stored in a database. A response is then sent back to the client.
Currently, I have a windows service polling and processing this record(s).
Processing this record can be long running. As a side effect to processing this record, there might be notifications generated to be sent back to one or more clients.
My question is how do I architect this, such that I can utilise SignalR to be able to push the notifications back to the client.
My stumbling block:
I can register and store (in-memory backed by a db) the client's SignalR connectionid along with the application's own user identifier. This way I can match a generated notification with a signalr client.
At the moment, I'm hosting the SignalR hubs within the IIS process. So how do I get back from the Windows Service to IIS to notify the client when a notification is generated?
Furthermore, I should say I am already using SignalR elsewhere in the application and am using a SQL Server backplane.
The issue's with the current architecture:
Any processing is done in the same web request, and notifications are sent out via SignalR before a response to the client is returned. Luckily, the processing is minimal and very quick.
I think this is not very good in terms of performance or maintenance in the long run.
Potential solutions:
Remove SignalR hubs from IIS and host them somewhere else - windows service?
Expose an endpoint on the API to for the windows service to call to push the notification once a notification is generated?
Finally, to add more ingredients to the mix: Use a service bus to remove the polling component of the windows service, and move to a pub/sub architecture. Although this is more work than I want to chew off right now.
Any ideas/recommendations/constructive criticisms are welcome.
Thanks.
Take a look at this sample for starters
Another more advanced solution can be using a backplane to manage the communications between the front end and the backend...
HTH

Slack - behind a “firewall“

I've try to create a slackbot. Works fine, but my problems are calls from slack to my rest api. My app is an internal service, so it's not available from the internet. I have seen that outgoing webhooks is possible to set, but I have to forward the request back to the internal service which I don't like very much. As far as I know slack is based on websockets, so is it possible to write a bot which run behind my “firewall“ and get it's commands via websocket?
Greetings
Tonka
You can use services like Localtunnel for receiving webhooks behind a firewall.
We use it with a docker container to develop our slack bot in local env.
Webhooks, slash commands, interactive messages, events etc. are based on HTTP.
Only bots use websockets.
But even this bot websocket session still needs to be initiated with an HTTP call.
Not entirely sure how your firewall is set up, but you may want to make your endpoint public to make things easier.

XMPP Multiple tabs synchronize sent message

I am implementing an Openfire chat client in a web site with Strophe.js. I managed to get multiple sessions and multiple windows reloading page and reconnecting back. Now I have challenge in restoring the chat history.
But the first issue I am stuck at when a user opens two tabs of our site it creates two xmpp sessions with different resource ID's but now say
a#example.com/tab1 sent a message to friend this should be synchronized in tab2
Example if you send chat message from gtalk user sent message will be updated and showin in gmail chat window.
Any one has any idea.
Thanks you very much for the time and help.
The routing logic for multiple resources is up to the server implementation. The GTalk server routes messages sent to bare Jids to all connected resources. Many other servers (also Openfire) send messages to bare Jids to the most available resource, which is the one with the highest priority.
If each of your tabs has its own resource then I suggest to send the messages to each resource (full jid) manual. You get all connected resources of your subscribed contacts with the presence.
Yes, there is. Have a look at XEP-0280: Message Carbons ( http://xmpp.org/extensions/xep-0280.html )
Both your client as well as your server have to support it in order to fully work.
Source : https://superuser.com/questions/866785/is-there-a-way-to-sync-xmpp-messages-across-different-devices-with-standard-xmp

Resources