Sample Slack App for testing Mutual TLS with BIG-IP

Problem this snippet solves:

This Slack App was used with the following Code Snippet to test Mutual TLS.


This code was adapted from: https://api.slack.com/tutorials/tunneling-with-ngrok 

How to use this snippet:

npm install express

npm install request

node index.js (or whatever you name it)


Create a pool that points to the IP:Port where it is running (defaults to listening on 4390).


Once you add the app (follow the tutorial from above, but use a different command name like /mtls). Unlike the tutorial you will cover a "real" SSL certificate on the BIG-IP (must be publicly accessible from Slack's servers). Follow-up article with more details will be posted in the future.

Code :

// Import express and request modules
require('dotenv').config()
var express = require('express');
var request = require('request');
var querystring = require('querystring');

// Instantiates Express and assigns our app variable to it
var app = express();
//app.use(express.json());
app.use(express.urlencoded({ extended: true }));


// Again, we define a port we want to listen to
const PORT=4390;

// Lets start our server
app.listen(PORT, function () {
    //Callback triggered when server is successfully listening. Hurray!
    console.log("Example app listening on port " + PORT);
});


// This route handles GET requests to our root demo address and responds with the same "Demo is working message" we used before
app.get('/', function(req, res) {
    res.send('Demo is working! Path Hit: ' + req.url);
});

// This route handles get request to a /oauth endpoint. We'll use this endpoint for handling the logic of the Slack oAuth process behind our app.
app.get('/oauth', function(req, res) {
    // When a user authorizes an app, a code query parameter is passed on the oAuth endpoint. If that code is not there, we respond with an error message
    if (!req.query.code) {
        res.status(500);
        res.send({"Error": "Looks like we're not getting code."});
        console.log("Looks like we're not getting code.");
    } else {
        // If it's there...

        // We'll do a GET call to Slack's `oauth.access` endpoint, passing our app's client ID, client secret, and the code we just got as query parameters.
        request({
            url: 'https://slack.com/api/oauth.access', //URL to hit
            qs: {code: req.query.code, client_id: process.env.CLIENT_ID, client_secret: process.env.CLIENT_SECRET}, //Query string data
            method: 'GET', //Specify the method

        }, function (error, response, body) {
            if (error) {
                console.log(error);
            } else {
                res.json(body);

            }
        })
    }
});

// Route the endpoint that our slash command will point to and send back a simple response to indicate that ngrok is working
app.post('/command', function(req, res) {
    var certSan = req.get('X-Client-Certificate-SAN');
    if(certSan) {
        var cert = req.get('X-Client-Certificate');

        var formattedCert = '';
        for(i=0;i

Tested this on version:

13.0
Published Aug 29, 2019
Version 1.0
No CommentsBe the first to comment