我使用 block-kit UI 创建了一个机器人响应。消息中包含一条文本消息和按钮元素。对于文本,我使用 * 应用了粗体格式。因此,slack 频道中显示的带有粗体字符的消息到目前为止是可以的。但是当用户执行按钮操作时,请求验证失败。
这是代码:控制器中的此方法接受来自 Slack 的消息并将消息发送回 slack
@PostMapping(path = "/slack")
@ResponseBody
public void handleSlackRequest(
@RequestBody String requestBody) throws URISyntaxException
{
RestTemplate restTemplate = new RestTemplate();
HttpHeaders headers = new HttpHeaders();
Map<Object, Object> mainMap = new HashMap<>();
mainMap.put("channel", "DXXXXXXXXX");
mainMap.put("blocks",
"[{\"type\":\"section\",\"text\":{\"type\":\"mrkdwn\",\"text\":\"*Text message with bold characters.*\"}},{\"type\":\"section\",\"text\":{\"type\":\"mrkdwn\",\"text\":\"This is a section block with a button.\"},\"accessory\":{\"type\":\"button\",\"text\":{\"type\":\"plain_text\",\"text\":\"Click Me\",\"emoji\":true},\"value\":\"click_me_123\"}}]");
URI uri = new URI("https://slack.com/api/chat.postMessage");
headers.add("Content-Type", "application/json");
headers.set("Authorization", "Bearer xoxb-11XXXXXXXX-13XXXXXXXXXX-Q2XXXXXXXXXXXXXXXXX");
HttpEntity<Object> restrequest = new HttpEntity<>(mainMap, headers);
ResponseEntity<String> result = restTemplate.exchange(uri, HttpMethod.POST, restrequest,
String.class);
return;
}
如果我们在块中看到添加了这条短信 带有粗体字符的短信。
显示图像中的响应 https://i.stack.imgur.com/m0PCc.png
单击按钮时,以下方法会触发
@PostMapping(path = "/slackaction", consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
@ResponseBody
public void handleSlackActionsConversationEvent(
@RequestHeader HttpHeaders headers,
@ModelAttribute("payload") String requestPayload, @RequestBody String slackRequestActionMessage)
{
String slackRequestTimeStamp = headers.getFirst(SlackRequestHeaders.X_SLACK_REQUEST_TIMESTAMP.getHeader());
String slackSignature = headers.getFirst(SlackRequestHeaders.X_SLACK_SIGNATURE.getHeader());
boolean isValid = verifyIncomingSlackRequest(slackRequestActionMessage, slackRequestTimeStamp, slackSignature);
return;
}
我正在使用下面的代码来验证遵循此 [链接] 的请求:https ://api.slack.com/authentication/verifying-requests-from-slack
public boolean verifyIncomingSlackRequest(String requestBody, String slackRequestTimeStamp, String slackSignature)
{
try
{
String signing_secret = "dXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
String[] split = slackSignature.split("=");
String versionNumber = split[0];
String requestKey = versionNumber + ":" + slackRequestTimeStamp + ":" + requestBody;
String siginingKey = encode(signing_secret, requestKey, versionNumber);
return siginingKey.equals(slackSignature);
}
catch (Exception e)
{
}
return false;
}
public String encode(String key, String data, String versionNumber) throws Exception
{
SecretKeySpec secret_key = new SecretKeySpec(key.getBytes(), "HmacSHA256");
Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
sha256_HMAC.init(secret_key);
byte[] macBytes = sha256_HMAC.doFinal(data.getBytes());
StringBuilder hashValue = new StringBuilder(2 * macBytes.length);
for (byte macByte : macBytes)
{
hashValue.append(String.format("%02x", macByte & 0xff));
}
return versionNumber + "=" + hashValue.toString();
}
当按钮操作和消息在 Slack 请求中包含 * 时,验证失败而 * 验证工作正常。我错过了什么或方法不同吗?请问我对此有何想法。