hermes-agent/tests/gateway/test_slack_user_token_warning.py
Ben 184c10cf97 fix(slack): warn when configured token is a user token, not a bot token
A Slack user/legacy token (xoxp-...) makes auth.test resolve to the
installing human's member ID with no bot_id, so the adapter binds its
identity (_bot_user_id / _team_bot_user_ids) to that human. Every
"is this the bot?" check then misfires: that person's <@...> mentions
wake the bot and are stripped as the bot's own mention, so the agent is
genuinely told it was @mentioned and replies to messages merely
addressed to that human (symptom: bot responds to "@trevor ..." and
insists it was explicitly mentioned).

There is no runtime API error to catch — a user token still
sends/receives — so the only detectable moment is connect time. Add a
warning-only nudge (_warn_if_not_bot_token) alongside the existing
group-DM scope nudge: when auth.test resolves a user_id but no bot_id,
log that the token is a user token and to use the xoxb-... Bot User
OAuth Token. Warning-only: does not block a working-but-misconfigured
install. Fires once per workspace per process.
2026-06-29 20:57:43 -07:00

120 lines
4.6 KiB
Python

"""
Tests for the connect-time user-token (vs bot-token) nudge.
``auth.test`` returns the ``user_id`` of whatever principal owns the configured
token. A real bot token (``xoxb-…``) resolves to the app's bot user and the
response carries a ``bot_id``; a user/legacy token (``xoxp-…``) resolves to the
installing *human's* member ID with **no** ``bot_id``. In the latter case the
adapter binds its identity to a human's member ID, so that person's ``<@…>``
mentions are misrouted as mentions of the bot. ``_warn_if_not_bot_token``
detects the missing ``bot_id`` at connect time — the only point where this is
observable, since a user token still sends/receives without any runtime error —
and logs an actionable, warning-only nudge.
"""
import logging
import sys
from unittest.mock import MagicMock
# ---------------------------------------------------------------------------
# Mock slack-bolt if not installed (same pattern as test_slack_mention.py)
# ---------------------------------------------------------------------------
def _ensure_slack_mock():
if "slack_bolt" in sys.modules and hasattr(sys.modules["slack_bolt"], "__file__"):
return
slack_bolt = MagicMock()
slack_bolt.async_app.AsyncApp = MagicMock
slack_bolt.adapter.socket_mode.async_handler.AsyncSocketModeHandler = MagicMock
slack_sdk = MagicMock()
slack_sdk.web.async_client.AsyncWebClient = MagicMock
for name, mod in [
("slack_bolt", slack_bolt),
("slack_bolt.async_app", slack_bolt.async_app),
("slack_bolt.adapter", slack_bolt.adapter),
("slack_bolt.adapter.socket_mode", slack_bolt.adapter.socket_mode),
("slack_bolt.adapter.socket_mode.async_handler",
slack_bolt.adapter.socket_mode.async_handler),
("slack_sdk", slack_sdk),
("slack_sdk.web", slack_sdk.web),
("slack_sdk.web.async_client", slack_sdk.web.async_client),
]:
sys.modules.setdefault(name, mod)
_ensure_slack_mock()
import plugins.platforms.slack.adapter as _slack_mod # noqa: E402
_slack_mod.SLACK_AVAILABLE = True
from plugins.platforms.slack.adapter import SlackAdapter # noqa: E402
class _DictAuthResponse(dict):
"""Mimics slack_sdk's AsyncSlackResponse — dict-like with .get(), like the
real object the adapter already calls ``.get()`` on in ``connect``."""
class _AttrAuthResponse:
"""A response shape that is NOT dict-like; values live on ``.data``."""
def __init__(self, data):
self.data = data
def _make_adapter():
# object.__new__ skips __init__ (heavy setup) — established slack-test pattern.
return object.__new__(SlackAdapter)
def test_warns_when_bot_id_absent(caplog):
# User token: auth.test resolves a human member but carries no bot_id.
adapter = _make_adapter()
resp = _DictAuthResponse(team_id="T1", user_id="U_HUMAN", user="trevor")
with caplog.at_level(logging.WARNING):
adapter._warn_if_not_bot_token(resp, "Acme")
matched = [r for r in caplog.records
if "authenticated as a USER" in r.message and "U_HUMAN" in r.message]
assert matched
def test_no_warning_when_bot_id_present(caplog):
# Real bot token: auth.test carries a bot_id.
adapter = _make_adapter()
resp = _DictAuthResponse(team_id="T1", user_id="U_BOT", bot_id="B123", user="hermes")
with caplog.at_level(logging.WARNING):
adapter._warn_if_not_bot_token(resp, "Acme")
assert not any("authenticated as a USER" in r.message for r in caplog.records)
def test_no_warning_when_user_id_unresolved(caplog):
# Nothing resolved (e.g. odd/empty response) — don't guess, stay silent.
adapter = _make_adapter()
resp = _DictAuthResponse(team_id="T1")
with caplog.at_level(logging.WARNING):
adapter._warn_if_not_bot_token(resp, "Acme")
assert not any("authenticated as a USER" in r.message for r in caplog.records)
def test_warns_only_once_per_workspace(caplog):
adapter = _make_adapter()
resp = _DictAuthResponse(user_id="U_HUMAN")
with caplog.at_level(logging.WARNING):
adapter._warn_if_not_bot_token(resp, "Acme")
adapter._warn_if_not_bot_token(resp, "Acme")
warnings = [r for r in caplog.records if "authenticated as a USER" in r.message]
assert len(warnings) == 1
def test_handles_attribute_only_response_shape(caplog):
# Response without dict .get(): values must be read off .data.
adapter = _make_adapter()
resp = _AttrAuthResponse({"user_id": "U_HUMAN", "user": "trevor"})
with caplog.at_level(logging.WARNING):
adapter._warn_if_not_bot_token(resp, "Acme")
assert any("authenticated as a USER" in r.message and "U_HUMAN" in r.message
for r in caplog.records)