Class: ClearStateStore
Defined in: packages/oauth/src/state-stores/clear-state-store.ts:8
Generates state parameter value in the OAuth flow. While the state parameter value works for the CSRF protection purpose, it can transfer the given InstallURLOptions value to the Redirect URL handler (Redirect URL: the default path is "/slack/oauth_redirect")
Implements
Constructors
new ClearStateStore()
new ClearStateStore(stateSecret, stateExpirationSeconds): ClearStateStore
Defined in: packages/oauth/src/state-stores/clear-state-store.ts:13
Parameters
stateSecret
string
stateExpirationSeconds
number = 600
Returns
Methods
generateStateParam()
generateStateParam(installOptions, now): Promise<string>
Defined in: packages/oauth/src/state-stores/clear-state-store.ts:18
Generates a valid state parameter value, which can be decoded as a StateObj object by the verifyStateParam() method. This value may be stored on the server-side with expiration. The InstallProvider verifies if this value is set in the installer's browser session.
Parameters
installOptions
now
Date
Returns
Promise<string>
Implementation of
verifyStateParam()
verifyStateParam(now, state): Promise<InstallURLOptions>
Defined in: packages/oauth/src/state-stores/clear-state-store.ts:27
Verifies the given state string value by trying to decode the value and build the passed InstallURLOptions object from the data. This method verifies if the state value is not too old to detect replay attacks. If the value is invalid, this method can throw InvalidStateError exception.
Parameters
now
Date
state
string
Returns
Promise<InstallURLOptions>