81 lines
2.5 KiB
PHP
81 lines
2.5 KiB
PHP
<?php
|
|
|
|
namespace Slack\Http\Middleware;
|
|
|
|
use Closure;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Log;
|
|
|
|
use Slack\Client\Payload;
|
|
use Slack\Event\Factory as EventFactory;
|
|
use Slack\Interactive\Factory as InteractiveFactory;
|
|
use Slack\Options\Factory as OptionsFactory;
|
|
|
|
class CheckRequest
|
|
{
|
|
private const LOGKEY = 'MCR';
|
|
|
|
/**
|
|
* Ensure that we have the right token before proceeding.
|
|
* We should only have 1 message (since the token is an object in the message.)
|
|
*
|
|
* @param Request $request
|
|
* @param Closure $next
|
|
* @return mixed
|
|
*/
|
|
public function handle(Request $request,Closure $next)
|
|
{
|
|
Log::info(sprintf('%s:Incoming request to [%s]',static::LOGKEY,$request->path()),['m'=>__METHOD__]);
|
|
|
|
// For app installs, we have nothing to check.
|
|
if (in_array($request->path(),config('slack.bypass_routes')))
|
|
return $next($request);
|
|
|
|
switch ($request->path()) {
|
|
// For slashcmd full validation is done in the controller
|
|
case 'api/slack/slashcmd':
|
|
return $next($request);
|
|
|
|
case 'api/slack/event':
|
|
// URL Verification
|
|
if ($request->input('type') === 'url_verification') {
|
|
Log::debug(sprintf('%s:Responding directly to URL Verification',static::LOGKEY),['m'=>__METHOD__,'r'=>$request->all()]);
|
|
return response($request->input('challenge'),200);
|
|
}
|
|
|
|
$event = EventFactory::make(new Payload($request->all(),TRUE));
|
|
break;
|
|
|
|
case 'api/slack/imsgopt':
|
|
$event = OptionsFactory::make(new Payload(json_decode($request->payload,TRUE),TRUE));
|
|
break;
|
|
|
|
case 'api/slack/imsg':
|
|
$event = InteractiveFactory::make(new Payload(json_decode($request->payload,TRUE),TRUE));
|
|
break;
|
|
|
|
default:
|
|
// Quietly die if we got here.
|
|
return response('',444);
|
|
}
|
|
|
|
// Ignore events for inactive workspaces
|
|
if ($event->enterprise_id AND (! $event->enterprise()->active)) {
|
|
Log::notice(sprintf('%s:IGNORING post, Enterprise INACTIVE [%s]',static::LOGKEY,$event->enterprise_id),['m'=>__METHOD__]);
|
|
|
|
// Quietly die if the team is not active
|
|
return response('',200);
|
|
|
|
} elseif ((! $event->enterprise_id) AND ((! $event->team()) OR (! $event->team()->active))) {
|
|
Log::notice(sprintf('%s:IGNORING post, Team INACTIVE [%s]',static::LOGKEY,$event->team_id),['m'=>__METHOD__]);
|
|
|
|
// Quietly die if the team is not active
|
|
return response('',200);
|
|
|
|
} else {
|
|
Log::debug(sprintf('%s:Incoming Request Allowed',static::LOGKEY),['m'=>__METHOD__,'e'=>$event->enterprise_id,'t'=>$event->team_id,'eo'=>$event->enterprise()->id,'to'=>$event->team()]);
|
|
|
|
return $next($request);
|
|
}
|
|
}
|
|
} |