initial commit

Author: m1keil

.gitignore

@@ -0,0 +1,4 @@
+__pycache__
+.aws-sam
+packaged.yaml
+envars.json

README.md

@@ -0,0 +1,45 @@
+# slack-slash-lambda
+This repo holds code and configuration for lambda based [slash commands](https://api.slack.com/slash-commands) for Slack.
+
+# Pre-Requirements
+To deploy this you will need the following
+
+1. AWS credentails
+2. aws cli
+3. aws-sam-cli
+4. S3 bucket
+5. Access in slack to create your own App
+
+# Secrets
+Secrets are passed to the lambda via environment variables. These are set by CloudFormation
+via parameters. Add secrets to `envars.sample.json` file and rename it to `envars.json`.
+
+The keys:
+* SESSIONISE_KEY: the API id you can generate in sessionize.com under API/Embed section
+* TITO_KEY: v3 API key generated in the user profile
+* SLACK_KEY: Slack's app signing secret key generated in the App credentails section
+
+# Local testing
+Testing behaviour of the lambda can be done locally:
+
+    $ sam local invoke -n envars.json -e event_cfp.json
+
+# Build and Deploy
+First build and package:
+
+    $ sam build
+    $ sam package --s3-bucket <bucket> --output-template-file packaged.yaml
+
+Now deploy with awscli:
+
+    $ cloudformation deploy --template-file packaged.yaml --stack-name <name> --capabilities CAPABILITY_IAM --parameter-overrides $(jq -r '.Function | to_entries | .[] | .key +"="+ .value ' envars.json)
+
+If deployed successfully, you can list outputs with:
+
+    $ aws cloudformation describe-stacks --stack-name <name> --query "Stacks[0].Outputs"
+
+# Configuring Slack
+
+Create a new App in Slack. Under the Slash Command section add your commands.
+Set `Request URL` to point at the `OutputValue` of *Api* `OutputKey`.
+

envars.sample.json

@@ -0,0 +1,7 @@
+{
+  "Function": {
+    "SESSIONISE_KEY": "CHANGE ME",
+    "TITO_KEY": "CHANGE ME",
+    "SLACK_KEY": "CHANGE ME"
+  }
+}

event_cfp.json

@@ -0,0 +1,3 @@
+{
+  "payload": "command=/cfp&response_url=local"
+}

event_tickets.json

@@ -0,0 +1,3 @@
+{
+  "payload": "command=/tickets&response_url=local"
+}

slack_slash/__init__.py

@@ -0,0 +1,115 @@
+import os
+import hmac
+from urllib.parse import parse_qs
+from functools import partial
+import json
+
+import requests
+
+
+def lambda_handler(event, context):
+    """
+    lambda entry point
+    """
+    print(f"event: {event}")
+
+    # verify request is from slack (skip when local)
+    if "AWS_SAM_LOCAL" not in os.environ and not verify(
+        key=os.environ["SLACK_KEY"].encode(),
+        version="v0",
+        timestamp=event["params"]["header"]["X-Slack-Request-Timestamp"],
+        payload=event["payload"],
+        signature=event["params"]["header"]["X-Slack-Signature"].split("=")[1],
+    ):
+        print("failed to verify Slack's message signature")
+        return
+
+    # parse payload params (url query style)
+    params = parse_qs(event["payload"])
+    response_url = params["response_url"][0]
+    command = params["command"][0]
+
+    callback = partial(send, response_url)
+
+    # handle commands
+    if command == "/cfp":
+        get_sessions(callback, secret=os.environ["SESSIONISE_KEY"])
+    elif command == "/tickets":
+        get_tickets(
+            callback,
+            secret=os.environ["TITO_KEY"],
+            org=os.environ["TITO_ORG"],
+            slug=os.environ["TITO_EVENT"],
+        )
+    else:
+        print("no command found")
+
+
+def get_sessions(callback, secret):
+    """
+    get total submissions number and last 10 submissions titles
+    """
+    try:
+        r = requests.get(f"https://sessionize.com/api/v2/{secret}/view/sessions")
+    except Exception as e:
+        print("sessionize didn't respond correctly")
+        raise e
+
+    sessions = r.json()[0]["sessions"]
+    content = f":star2: Number of talk submissions: *{len(sessions)}*\n"
+    content += "\n"
+    content += "recent submissions:\n"
+
+    sorted_sess = sorted(sessions, key=lambda i: i["id"], reverse=True)
+    for i, s in enumerate(sorted_sess[:5]):
+        content += f"{i+1}. {s['title']}\n"
+
+    callback(content)
+
+
+def get_tickets(callback, secret, org, slug):
+    """
+    get number of tickets sold
+    """
+    try:
+        r = requests.get(
+            f"https://api.tito.io/v3/{org}/{slug}/tickets",
+            headers={
+                "Accept": "application/json",
+                "Authorization": f"Token token={secret}",
+            },
+        )
+    except Exception as e:
+        print("ti.to chocked")
+        raise e
+
+    tickets = r.json()["tickets"]
+    content = f"tickets sold: {len(tickets)}"
+
+    callback(content)
+
+
+def send(url, content):
+    payload = {"text": content}
+    if url == "local":
+        print(payload)
+        return
+
+    try:
+        r = requests.post(url, json=payload)
+    except Exception as e:
+        print("slack didn't like that")
+        raise e
+
+    r.raise_for_status()
+
+
+def verify(*, key, version, timestamp, payload, signature):
+    """
+    verify slack message.
+    info: https://api.slack.com/docs/verifying-requests-from-slack#a_recipe_for_security
+    """
+    msg = f"{version}:{timestamp}:{payload}".encode()
+    h = hmac.new(key, msg, "sha256")
+
+    return hmac.compare_digest(h.hexdigest(), signature)

slack_slash/app.py

@@ -0,0 +1 @@
+requests

slack_slash/requirements.txt

@@ -0,0 +1,71 @@
+---
+swagger: "2.0"
+info:
+  version: "v1.0"
+  title: "Slack API Gateway"
+basePath: "/prd"
+schemes:
+- "https"
+paths:
+  /:
+    post:
+      consumes:
+      - "application/x-www-form-urlencoded"
+      produces:
+      - "application/json"
+      parameters:
+      - name: "InvocationType"
+        in: "header"
+        required: false
+        type: "string"
+      - in: "body"
+        name: "Empty"
+        required: true
+        schema:
+          $ref: "#/definitions/Empty"
+      responses:
+        200:
+          description: "200 response"
+          schema:
+            $ref: "#/definitions/Empty"
+      x-amazon-apigateway-integration:
+        uri: "arn:aws:apigateway:ap-southeast-2:lambda:path/2015-03-31/functions/arn:aws:lambda:ap-southeast-2:814957326217:function:SlackSlash/invocations"
+        responses:
+          default:
+            statusCode: "200"
+        requestParameters:
+          integration.request.header.X-Amz-Invocation-Type: "'Event'"
+        passthroughBehavior: "when_no_templates"
+        httpMethod: "POST"
+        requestTemplates:
+          application/x-www-form-urlencoded: "##  See http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html\n\
+            ##  This template will pass through all parameters including path, querystring,\
+            \ header, stage variables, and context through to the integration endpoint\
+            \ via the body/payload\n#set($allParams = $input.params())\n{\n\"payload\"\
+            \ : $input.json('$'),\n\"params\" : {\n#foreach($type in $allParams.keySet())\n\
+            \    #set($params = $allParams.get($type))\n\"$type\" : {\n    #foreach($paramName\
+            \ in $params.keySet())\n    \"$paramName\" : \"$util.escapeJavaScript($params.get($paramName))\"\
+            \n        #if($foreach.hasNext),#end\n    #end\n}\n    #if($foreach.hasNext),#end\n\
+            #end\n},\n\"stage-variables\" : {\n#foreach($key in $stageVariables.keySet())\n\
+            \"$key\" : \"$util.escapeJavaScript($stageVariables.get($key))\"\n   \
+            \ #if($foreach.hasNext),#end\n#end\n},\n\"context\" : {\n    \"account-id\"\
+            \ : \"$context.identity.accountId\",\n    \"api-id\" : \"$context.apiId\"\
+            ,\n    \"api-key\" : \"$context.identity.apiKey\",\n    \"authorizer-principal-id\"\
+            \ : \"$context.authorizer.principalId\",\n    \"caller\" : \"$context.identity.caller\"\
+            ,\n    \"cognito-authentication-provider\" : \"$context.identity.cognitoAuthenticationProvider\"\
+            ,\n    \"cognito-authentication-type\" : \"$context.identity.cognitoAuthenticationType\"\
+            ,\n    \"cognito-identity-id\" : \"$context.identity.cognitoIdentityId\"\
+            ,\n    \"cognito-identity-pool-id\" : \"$context.identity.cognitoIdentityPoolId\"\
+            ,\n    \"http-method\" : \"$context.httpMethod\",\n    \"stage\" : \"\
+            $context.stage\",\n    \"source-ip\" : \"$context.identity.sourceIp\"\
+            ,\n    \"user\" : \"$context.identity.user\",\n    \"user-agent\" : \"\
+            $context.identity.userAgent\",\n    \"user-arn\" : \"$context.identity.userArn\"\
+            ,\n    \"request-id\" : \"$context.requestId\",\n    \"resource-id\" :\
+            \ \"$context.resourceId\",\n    \"resource-path\" : \"$context.resourcePath\"\
+            \n    }\n}\n"
+        contentHandling: "CONVERT_TO_TEXT"
+        type: "aws"
+definitions:
+  Empty:
+    type: "object"
+    title: "Empty Schema"

swagger.yaml

@@ -0,0 +1,56 @@
+AWSTemplateFormatVersion: '2010-09-09'
+Transform: AWS::Serverless-2016-10-31
+Description: lambdas for slack
+
+Parameters:
+  SessioniseKey:
+    Type: String
+    NoEcho: true
+  TitoKey:
+    Type: String
+    NoEcho: true
+  SlackKey:
+    Type: String
+    NoEcho: true
+
+Resources:
+  APIGateway:
+    Type: AWS::Serverless::Api
+    Properties:
+      StageName: prd
+      DefinitionUri: ./swagger.yaml
+
+  Function:
+    Type: AWS::Serverless::Function
+    Properties:
+      FunctionName: SlackSlash
+      CodeUri: slack_slash/
+      Handler: app.lambda_handler
+      Runtime: python3.7
+      Timeout: 5
+      Environment:
+        Variables:
+          SESSIONISE_KEY: !Ref SessioniseKey
+          TITO_ORG: devopsaustralia
+          TITO_EVENT: sydney-2019
+          TITO_KEY: !Ref TitoKey
+          SLACK_KEY: !Ref SlackKey
+
+      Events:
+        PostPetApi:
+          Type: Api
+          Properties:
+            RestApiId: !Ref "APIGateway"
+            Path: /
+            Method: POST
+      Policies:
+      - AWSLambdaBasicExecutionRole
+
+Outputs:
+  Api:
+    Description: "API Gateway endpoint URL for prd stage for Hello World function"
+    Value: !Sub "https://${APIGateway}.execute-api.${AWS::Region}.amazonaws.com/prd/"
+  Function:
+    Description: "Hello World Lambda Function ARN"
+    Value: !GetAtt Function.Arn
+