#slack #middleware #axum #tower

slack-auth-middleware

A middleware layer for Axum to authenticate requests from Slack using HMAC signatures

5 releases

0.1.4 Jan 19, 2025
0.1.3 Nov 4, 2024
0.1.2 Nov 4, 2024
0.1.1 Nov 4, 2024
0.1.0 Nov 2, 2024

#410 in Authentication

Download history 271/week @ 2024-10-29 150/week @ 2024-11-05 9/week @ 2024-11-12 2/week @ 2024-11-19 1/week @ 2024-12-10 91/week @ 2025-01-14 22/week @ 2025-01-21 9/week @ 2025-02-04

122 downloads per month

MIT license

17KB
324 lines

slack-auth-middleware

A middleware layer for Axum to authenticate requests from Slack using HMAC signatures.

Features

  • Verifies Slack requests using HMAC signatures.
  • Configurable version number and Slack signing secret.
  • Middleware layer for Axum.

Installation

cargo add slack-auth-middleware

Usage

use axum::{routing::get, Router};
use slack_auth_middleware::{SlackAuthConfig, SlackAuthLayer};
use tracing_subscriber;

#[tokio::main]
async fn main() {
    tracing_subscriber::fmt::init();

    let config = SlackAuthConfig {
        version_number: "v0".to_string(),
        slack_signing_secret: "123".to_string(),
    };


    let app = Router::new().route("/", get(root).layer(SlackAuthLayer::new(config)));
    let listener = tokio::net::TcpListener::bind("0.0.0.0:3000").await.unwrap();
    axum::serve(listener, app).await.unwrap();
}

async fn root() -> &'static str {
    "Hello, World!"
}

Minimum supported Rust version

Rust 1.79


lib.rs:

A layer that authenticates requests from Slack.

This layer will check the x-slack-signature header and the x-slack-request-timestamp header to ensure that the request is coming from Slack. If the request is not coming from Slack, this layer will return a 401 Unauthorized response.

Example

use axum::{routing::get, Router};
use slack_auth_middleware::{SlackAuthConfig, SlackAuthLayer};
use tracing_subscriber;

#[tokio::main]
async fn main() {
    tracing_subscriber::fmt::init();

    let config = SlackAuthConfig {
        version_number: "v0".to_string(),
        slack_signing_secret: "123".to_string(),
    };

    let app = Router::new().route("/", get(root).layer(SlackAuthLayer::new(config)));
    let listener = tokio::net::TcpListener::bind("0.0.0.0:3000").await.unwrap();
    axum::serve(listener, app).await.unwrap();
}

async fn root() -> &'static str {
    "Hello, World!"
}

Dependencies

~6–13MB
~139K SLoC