#slack #middleware #axum #tower

slack-auth-middleware

A middleware layer for Axum to authenticate requests from Slack using HMAC signatures

4 releases

0.1.3 Nov 4, 2024
0.1.2 Nov 4, 2024
0.1.1 Nov 4, 2024
0.1.0 Nov 2, 2024

#382 in Authentication

MIT license

17KB
324 lines

slack-auth-middleware

A middleware layer for Axum to authenticate requests from Slack using HMAC signatures.

Features

  • Verifies Slack requests using HMAC signatures.
  • Configurable version number and Slack signing secret.
  • Middleware layer for Axum.

Installation

cargo add slack-auth-middleware

Usage

use axum::{routing::get, Router};
use slack_auth_middleware::{SlackAuthConfig, SlackAuthLayer};
use tracing_subscriber;

#[tokio::main]
async fn main() {
    tracing_subscriber::fmt::init();

    let config = SlackAuthConfig {
        version_number: "v0".to_string(),
        slack_signing_secret: "123".to_string(),
    };


    let app = Router::new().route("/", get(root).layer(SlackAuthLayer::new(config)));
    let listener = tokio::net::TcpListener::bind("0.0.0.0:3000").await.unwrap();
    axum::serve(listener, app).await.unwrap();
}

async fn root() -> &'static str {
    "Hello, World!"
}

Minimum supported Rust version

Rust 1.79


lib.rs:

A layer that authenticates requests from Slack.

This layer will check the x-slack-signature header and the x-slack-request-timestamp header to ensure that the request is coming from Slack. If the request is not coming from Slack, this layer will return a 401 Unauthorized response.

Example

use axum::{routing::get, Router};
use slack_auth_middleware::{SlackAuthConfig, SlackAuthLayer};
use tracing_subscriber;

#[tokio::main]
async fn main() {
    tracing_subscriber::fmt::init();

    let config = SlackAuthConfig {
        version_number: "v0".to_string(),
        slack_signing_secret: "123".to_string(),
    };

    let app = Router::new().route("/", get(root).layer(SlackAuthLayer::new(config)));
    let listener = tokio::net::TcpListener::bind("0.0.0.0:3000").await.unwrap();
    axum::serve(listener, app).await.unwrap();
}

async fn root() -> &'static str {
    "Hello, World!"
}

Dependencies

~6–13MB
~152K SLoC