Unhandled error log when user is not authorized

[mcarrf90-bz]

I am receiving requests from the user_change event for users that I do not acknowledged as authorized teams or users on my database. Whenever this happens I get a

[ERROR] An unhandled error occurred while Bolt processed an event

This is flooding my logs on production and I can't seem to find a solution to it. Please help!

I have this authorize in place:

import axiosInstance from "./axios.config";

export default async function authorize({teamId}){ 
  const axios = axiosInstance(process.env.SLACK_TOKEN);
  try {
    const response = await axios.get('/api/slack/installations');

    if(response.status === 200){
      const installations = response.data
      for (const team of installations) {
          // Check for matching teamId and enterpriseId in the installations array
          if (team.teamId === teamId) {
            // This is a match. Use these installation credentials.
            return {
              // You could also set userToken instead
              botToken: team.botToken,
              botId: team.botId,
              botUserId: team.botUserId
            };
          }
        }
      
     throw new Error('No matching authorization')
  }
  throw new Error('Could not fetch installations to match authorization correctly')
  } catch (error) {
    console.error('Error making request:', error);
  } 
}

Reproducible in:

The Slack SDK version

3.17.1

Node.js runtime version

21.6.1

Steps to reproduce:

(Share the commands to run, source code, and project settings)

1. Receive a user_change event from a team or user that is not authorized on your database

Expected result:

Get a 401 status not a 500

Actual result:

Got the [ERROR] An unhandled error occurred while Bolt processed an event as a 500 status error

Requirements

For general questions/issues about Slack API platform or its server-side, could you submit questions at https://my.slack.com/help/requests/new instead. 🙇

Please read the Contributing guidelines and Code of Conduct before creating this issue or pull request. By submitting, you are agreeing to those rules.

[filmaj]

How are you configuring your App? What receiver are you using?

[mcarrf90-bz]

This is my App configuration:

const app = new App({
   signingSecret: process.env.SLACK_SIGNING_SECRET || '',   
   authorize,
  receiver,
  logger: {
    debug: (msg, ...args) => logger.debug(msg, ...args),
    info: (msg, ...args) => logger.info(msg, ...args),
    warn: (msg, ...args) => logger.warn(msg, ...args),
    error: (msg, ...args) => logger.error(msg, ...args),
    setLevel: (level) => logger.level = level,
    getLevel: () => logger.level as LogLevel, // Explicitly cast logger.level to LogLevel
    setName: (name) => { /* optional, implement if needed */ },
  },
  logLevel: process.env.LOGGER_LEVEL as LogLevel || 'info' as LogLevel,
});

Where authorize is the function on my original post. Here is my receiver:

const receiver = new ExpressReceiver({
  signingSecret: process.env.SLACK_SIGNING_SECRET || '',   
   authorize,
});

[filmaj]

What log level do you have set in production? Will you get WARN level events in your logs?

I ask because if your authorize function raises an exception, that should be visible in the logs (see the code here). I am wondering if that is what is happening in this situation (but we don't know because perhaps the log level is only set to ERROR).

If you're not seeing this warning, then that means the exception may not be coming from your authorize function but from somewhere else.

[mcarrf90-bz]

I have setup info on my log level for production. What I managed to realized locally is that the error is coming from the user_change event. It happens when there is not a matching authorization, the user_change event is being triggered anyway if this context is usefull. This is an example of a debug log I get:

{
  "token": "hGu1oUNhhu8oq3XFo5v773Pz",
  "team_id": "T0209NJETN0",
  "api_app_id": "A01KJ042JS3",
  "event": {
    "user": {
      "id": "U02EFD8C810",
      "team_id": "T02ECCVARLM",
      "name": "akhil",
      "color": "9f69e7",
      "is_bot": false,
      "is_app_user": false,
      "profile": {
        "avatar_hash": "5feac9543e5d",
        "image_original": "https://avatars.slack-edge.com/2022-10-20/4277252194432_5feac9543e5d6344db57_original.jpg",
        "image_24": "https://avatars.slack-edge.com/2022-10-20/4277252194432_5feac9543e5d6344db57_24.jpg",
        "image_32": "https://avatars.slack-edge.com/2022-10-20/4277252194432_5feac9543e5d6344db57_32.jpg",
        "image_48": "https://avatars.slack-edge.com/2022-10-20/4277252194432_5feac9543e5d6344db57_48.jpg",
        "image_72": "https://avatars.slack-edge.com/2022-10-20/4277252194432_5feac9543e5d6344db57_72.jpg",
        "image_192": "https://avatars.slack-edge.com/2022-10-20/4277252194432_5feac9543e5d6344db57_192.jpg",
        "image_512": "https://avatars.slack-edge.com/2022-10-20/4277252194432_5feac9543e5d6344db57_512.jpg",
        "image_1024": "https://avatars.slack-edge.com/2022-10-20/4277252194432_5feac9543e5d6344db57_1024.jpg",
        "first_name": "Akhil",
        "last_name": "",
        "real_name": "Akhil",
        "display_name": "",
        "real_name_normalized": "Akhil",
        "display_name_normalized": "",
        "email": "akhil@getthera.com",
        "team": "T02ECCVARLM"
      },
      "updated": 1713452477,
      "who_can_share_contact_card": "EVERYONE"
    },
    "cache_ts": 1713452477,
    "type": "user_change",
    "event_ts": "1713452501.284700"
  },
  "type": "event_callback",
  "event_id": "Ev0707SUEK7S",
  "event_time": 1713452501,
  "authorizations": [
    {
      "enterprise_id": null,
      "team_id": "T0209NJETN0",
      "user_id": "U056B2Q37R8",
      "is_bot": true,
      "is_enterprise_install": false
    }
  ],
  "is_ext_shared_channel": false
}

[filmaj]

Can you set log level to DEBUG to help us figure out where the error is coming from?

[filmaj]

I'm also confused: if your authorize function is raising an exception when the user_change event comes in, I would expect that to create a WARN log in your logs (as per this line). If that's not happening, then that means your authorize function is NOT raising an exception in this situation.

[github-actions]

👋 It looks like this issue has been open for 30 days with no activity. We'll mark this as stale for now, and wait 10 days for an update or for further comment before closing this issue out. If you think this issue needs to be prioritized, please comment to get the thread going again! Maintainers also review issues marked as stale on a regular basis and comment or adjust status if the issue needs to be reprioritized.

[github-actions]

As this issue has been inactive for more than one month, we will be closing it. Thank you to all the participants! If you would like to raise a related issue, please create a new issue which includes your specific details and references this issue number.