Encrypting state for authorization url

CodeForAfrica · Oct 5, 2017 · d5429c7 · d5429c7
1 parent 9b5c21a
commit d5429c7
Showing 1 changed file with 31 additions and 0 deletions.
diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb
@@ -1,3 +1,6 @@
+require 'addressable/uri'
+require 'openssl'
+
 class HomeController < ApplicationController
   include DC::Access
 
@@ -61,6 +64,34 @@ def faq
   end
 
   def quackbot
+    if current_account
+      user_data = {email: current_account.email, slug: current_organization.slug}
+      # user_data = {email: 'ted@knowtheory.net', slug: 'biffud'}
+      cipher = OpenSSL::Cipher::AES.new(256, :CBC)
+      cipher.encrypt
+      key = Base64.decode64(DC::SECRETS["quackbot_cipher_key"])
+      iv  = cipher.random_iv
+
+      encrypted = cipher.update(user_data.to_json) + cipher.final
+
+      state_data = "#{Base64.encode64(encrypted).chomp}--#{Base64.encode64(iv).chomp}"
+
+      decipher = OpenSSL::Cipher::AES.new(256, :CBC)
+      decipher.decrypt
+      decipher.key = key
+      decipher.iv = iv
+
+      #plain = decipher.update(encrypted) + decipher.final
+
+      @slack_url = Addressable::URI.parse("https://slack.com/oauth/authorize")
+      @slack_url.query_values = {
+        client_id: "2309601577.242920041892",
+        scope: "bot,chat:write:bot,emoji:read,files:read,links:write,im:read,im:write,incoming-webhook,commands",
+        state: state_data
+      }
+
+    end
+
     render layout: 'new'
   end