Skip to content

version 1.12.0
Compare
Choose a tag to compare
@seratch seratch released this 07 Sep 05:43
· 1096 commits to main since this release
v1.12.0
b1fc528

New Features

Turning off state parameter validation in the OAuth flow

Enterprise Grid org admins can start org-wide app installations from their app management page. In this situation, no state parameter will be attached to the query string value througout the OAuth flow.

Since this version, we've added a new option to customize this behavior for this use case. You can set the stateValidationEnabled flag in AppConfig to false if you turn the validation off.

var config = new AppConfig();
// set client_id etc.
config.setStateValidationEnabled(false);
var app = new App(config).asOAuthApp(true);
app.start();

Please note that we still don't recommend disabling the state parameter validation for usual OAuth flow apps.

Changes

  • [bolt] #829 Fix #828 Add stateValidationEnabled option to AppConfig - Thanks @seratch
  • [bolt] #832 Remove cached slack, client in App to reflect changes in AppConfig - Thanks @seratch
  • [bolt] #839 Fix #836 NPE in bolt-google-cloud-functions when the response body coming from Bolt app is null - Thanks @Arxing @seratch
  • [slack-api-client] #838 Fix #837 oauth.v2.exchange API call fails due to lack of token parameter - Thanks @thomasylee @seratch
  • [all] #840 Update dependencies for v1.12 release - Thanks @seratch

Contributors

seratch, thomasylee, and Arxing
Assets 2
Loading