mirror of https://github.com/zulip/zulip.git
data_import: Protect better against bad Slack tokens.
An invalid token would be treated the same as a token with no scopes; differentiate these better.
This commit is contained in:
parent
94e4f33b29
commit
ff9126ac1e
|
@ -1362,6 +1362,8 @@ def check_token_access(token: str) -> None:
|
|||
data = requests.get(
|
||||
"https://slack.com/api/team.info", headers={"Authorization": "Bearer {}".format(token)}
|
||||
)
|
||||
if data.status_code != 200 or not data.json()["ok"]:
|
||||
raise ValueError("Invalid Slack token: {}".format(token))
|
||||
has_scopes = set(data.headers.get("x-oauth-scopes", "").split(","))
|
||||
required_scopes = set(["emoji:read", "users:read", "users:read.email", "team:read"])
|
||||
missing_scopes = required_scopes - has_scopes
|
||||
|
|
Loading…
Reference in New Issue