ERROR : Please try again or contact the app owner (reason: slack_oauth_missing_code) about bolt-js HOT 15 CLOSED

Hi @ropiudindev, thanks for trying out the example app! To complete the OAuth flow, you'll need to start it at https://{your domain}/slack/install instead of directly accessing /slack/oauth_redirect.

from bolt-js.

And how to acces the event to my app, when trying to add event url, i got error : Your URL didn't respond with the value of the challenge parameter.

from bolt-js.

previously im using glitch and work well, but i want to move to local and my self hosting

from bolt-js.

As the readme suggests, you can use ngrok or other similar services to forward public URL accesses to your local app.

from bolt-js.

i got this error : [INFO] An unhandled HTTP request (POST) made to /slack/events was ignored

from bolt-js.

It seems you're passing either socketMode: true or developerMode: true when initializing an App instance. If you set developerMode: true, change it to developerMode: true, socketMode: false to turn Socket Mode off.

If you're trying to use Socket Mode, turn it on at https://api.slack.com/apps and issue an app-level token. You don't need to set Request URL in this case.

from bolt-js.

thanks now i can access, but got new error :

[WARN]  bolt-app Authorization of incoming event did not succeed. No listeners will be called.
[ERROR]  bolt-app Error: Failed fetching data from the Installation Store (source: {"userId":"xxxx","isEnterpriseInstall":false,"teamId":"xxxx","conversationId":"xxxx"})
    at new AuthorizationError (/Users/mbp2018/development/jago/prod-ops/prodops-app/node_modules/@slack/oauth/dist/errors.js:95:28)
    at InstallProvider.<anonymous> (/Users/mbp2018/development/jago/prod-ops/prodops-app/node_modules/@slack/oauth/dist/install-provider.js:240:31)
    at step (/Users/mbp2018/development/jago/prod-ops/prodops-app/node_modules/@slack/oauth/dist/install-provider.js:44:23)
    at Object.next (/Users/mbp2018/development/jago/prod-ops/prodops-app/node_modules/@slack/oauth/dist/install-provider.js:25:53)
    at fulfilled (/Users/mbp2018/development/jago/prod-ops/prodops-app/node_modules/@slack/oauth/dist/install-provider.js:16:58)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5) {
  code: 'slack_bolt_authorization_error'
}
[DEBUG]  OAuth:InstallProvider:0 Starting authorize() execution (source: {"userId":"xxxx","isEnterpriseInstall":false,"teamId":"xxxx","conversationId":"xxxx"})
[DEBUG]  OAuth:InstallProvider:0 Completed authorize() execution (source: {"userId":"xxxx","isEnterpriseInstall":false,"teamId":"xxxx","conversationId":"xxxx"})

from bolt-js.

This situation means that your app is installed into the workspace, but your InstallationStore does not store the installation data. This is why the authorize function fails to return the corresponding installation data for an incoming request. The default implementation for local development is the built-in MemoryInstallationStore, which does not persist the data after you restart the app. You can try FileInstallationStore or your own implementation instead. Refer to https://slack.dev/node-slack-sdk/oauth#storing-installations-in-a-database for more details. Also, there are a few past questions about this: https://github.com/slackapi/bolt-js/issues?q=is%3Aissue+slack_bolt_authorization_error+is%3Aclosed Checking them may help too.

from bolt-js.

Thanks, now i can access, but why always need domain.com/slack/install after restart the app? or rerun

from bolt-js.

why always need domain.com/slack/install after restart the app? or rerun

As I mentioned above, the default implementation stores the installation data on the app's memory. Therefore, I recommend using FileInstallationStore for easier local development and your own implementation for production-grade operations. Hope this clarifies.

from bolt-js.

Thank's for the explanation, everityng work well on my loacal, when im trying to install to kubernetes cluster on GCP, i got this error when add the app to workspace, any advice ?

│ [DEBUG]  OAuth:InstallProvider:0 Running handleInstallPath() with {"scopes":["commands","chat:write","chat:write.public","channels:read","channels:history","groups:history","im:history",
│││ [DEBUG]  OAuth:InstallProvider:0 Generated authorize URL: https://slack.com/oauth/v2/authorize?scope=commands%2Cchat%3Awrite%2Cchat%3Awrite.public%2Cchannels%3Aread%2Cchannels%3Ahistory%
│││ [ERROR]  OAuth:InstallProvider:0 Error: The state parameter is not for this browser session.
│││     at new InvalidStateError (/usr/src/app/node_modules/@slack/oauth/dist/errors.js:65:47)
│││     at InstallProvider.<anonymous> (/usr/src/app/node_modules/@slack/oauth/dist/install-provider.js:498:39)
│││     at step (/usr/src/app/node_modules/@slack/oauth/dist/install-provider.js:44:23)
│││     at Object.next (/usr/src/app/node_modules/@slack/oauth/dist/install-provider.js:25:53)
│││     at /usr/src/app/node_modules/@slack/oauth/dist/install-provider.js:19:71
│││     at new Promise (<anonymous>)                                                                                                                                             │││     at __awaiter (/usr/src/app/node_modules/@slack/oauth/dist/install-provider.js:15:12)
│││     at InstallProvider.handleCallback (/usr/src/app/node_modules/@slack/oauth/dist/install-provider.js:462:16)
│││     at HTTPReceiver.handleInstallRedirectRequest (/usr/src/app/node_modules/@slack/bolt/dist/receivers/HTTPReceiver.js:370:23)
│││     at HTTPReceiver.unboundRequestListener (/usr/src/app/node_modules/@slack/bolt/dist/receivers/HTTPReceiver.js:225:29) {
│││   code: 'slack_oauth_invalid_state'
│││ }

from bolt-js.

This error indicates that the state parameter used for OAuth flow security does not match the state value in browser cookies (/slack/install URL sets both query param and cookie value and /slack/oauth_redirect verifies if they match). Ensuring this is crucial to protect your end-users from CSRF attacks. For a more detailed explanation, refer to https://auth0.com/docs/secure/attack-protection/state-parameters

To effectively prevent this issue, ensure that the /slack/install and /slack/oauth_redirect URLs are under the same domain, and double-check that your infrastructure (e.g., load balancer) allows setting and receiving browser cookies. This issue might be due to either your production settings or infrastructure restrictions.

Hope you'll identify the cause soon.

from bolt-js.

thanks, btw how to fetch data from API, using node fetch, i got this error

Error [ERR_REQUIRE_ESM]: require() of ES Module /Users/mbp2018/development/x/prod-ops/prodops-app/node_modules/node-fetch/src/index.js from /Users/mbp2018/development/x/prod-ops/prodops-app/listeners/commands/sample-command.js not supported. Instead change the require of index.js in /Users/mbp2018/development/x/prod-ops/prodops-app/listeners/commands/sample-command.js to a dynamic import() which is available in all CommonJS modules. at Object.<anonymous> (/Users/mbp2018/development/x/prod-ops/prodops-app/listeners/commands/sample-command.js:1:19) { code: 'ERR_REQUIRE_ESM'

from bolt-js.

You can find many Q&A pages on this topic by searching for the error code or message. Here is an example: https://stackoverflow.com/questions/57169793/error-err-require-esm-how-to-use-es6-modules-in-node-12

It seems that all your questions about bolt-js are clear now. Would you mind closing this issue? Whenever you have questions related to the Slack SDK, we are here to help you. Please feel free to open a new issue then!

from bolt-js.

thanks

from bolt-js.