https://github.com/tappleby/slack_auth_proxy

A reverse proxy that provides authentication via your Slack.com Team (Based on https://github.com/bitly/google_auth_proxy)
https://github.com/tappleby/slack_auth_proxy

Last synced: about 2 months ago
JSON representation

A reverse proxy that provides authentication via your Slack.com Team (Based on https://github.com/bitly/google_auth_proxy)

• Host: GitHub
• URL: https://github.com/tappleby/slack_auth_proxy
• Owner: tappleby
• License: mit
• Created: 2014-03-31T01:56:41.000Z (about 11 years ago)
• Default Branch: master
• Last Pushed: 2015-02-20T02:20:53.000Z (over 10 years ago)
• Last Synced: 2024-12-30T12:45:45.542Z (5 months ago)
• Language: Go
• Homepage:
• Size: 492 KB
• Stars: 17
• Watchers: 4
• Forks: 4
• Open Issues: 2
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
slack_auth_proxy

=================

A reverse proxy that provides authentication via your Slack.com Team (Based on [google_auth_proxy](https://github.com/bitly/google_auth_proxy))

[![Build Status](https://travis-ci.org/tappleby/slack_auth_proxy.svg?branch=master)](https://travis-ci.org/tappleby/slack_auth_proxy)

## Architecture

```

    _____________         ________________         ______________

    |Nginx/Apache| ----> |slack_auth_proxy| ----> |upstream 1...N| 

    -------------         ----------------         --------------

                                ||

                                \/

                         [slack oauth2 api]

```

## Installation

1. [Install Go](http://golang.org/doc/install)

2. Clone the project

3. Build: `go get . && go build`

4. Run the executable: `./slack_auth_proxy`

## OAuth Configuration

You will need to register an OAuth application with slack, and configure it with Redirect URI(s) for the domain you

intend to run slack_auth_proxy on.

1. Visit Slack's API portal https://api.slack.com/applications

2. Select an existing application or choose "Create a new application"

3. Edit the application settings, and list the Redirect URI(s) where you will run your application. For example: 

`https://internalapp.yourcompany.com/oauth2/callback`

4. Make a note of the Client ID, and Client Secret and specify those in the configuration file.

Currently Slack does not have an easy way to retrieve the Team ID. For now:

1. Visit `auth.test` testing page https://api.slack.com/methods/auth.test/test

2. Select the token for team you wish to authenticate against. And Hit "Go"

3. In the JSON response box, find `team_id`. Add this value to the configuration file. eg: T12345

## Configuration

Configuration for slack_auth_proxy is specified via a yaml configuration file, the default path is `config.yml`

Example config file:

	# Slack settings

	client_id: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

	client_secret: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

	slack_team: XXXXXXXXX

	# These keys can be generated by using: ./slack_auth_proxy --keys

	cookie_hash_key:

	cookie_block_key:

	upstreams:

	  - host: "http://127.0.0.1:8080/"

	  # Uncomment to restrict users that have access.

	  #  users:

	  #    - johndoe

## Endpoint Documentation

Slack auth proxy responds directly to the following endpoints. All other endpoints will be authenticated.

* /oauth2/sign_in - the login page, which also doubles as a sign out page (it clears cookies)

* /oauth2/start - a URL that will redirect to start the oauth cycle

* /oauth2/callback - the URL used at the end of the oauth cycle

## Future plans

- Add support for groups.

- Manage the proxy via slack commands.

## Preview

![Preview](docs/preview.png)