version 1.16.0

Changes

• [slack-api-client] Add newly added properties in Events API payloads / Web API responses - Thanks @seratch
• [bolt-micronaut] #903 Fix #891 Migrate Micronaut version to 3.2 - Thanks @seratch @volgin
• [all] #905 Upgrade optional module dependencies' minor/patch versions - Thanks @seratch
• [all] #898 Add GitHub stale action for better triaging issues - Thanks @srajiang @seratch
• [docs] #902 Replace instances of "event" with "request" in docs - Thanks @wongjas

---

• All issues/pull requests: https://github.com/slackapi/java-slack-sdk/milestone/44?closed=1
• All changes: v1.15.0...v1.16.0

version 1.15.0

Changes

• [slack-api-model] #893 Add focus_on_load support in Block Kit element classes - Thanks @seratch
• [slack-api-client] #895 #896 Calling chat.unfurl with user_auth_blocks resulting in error invalid_arguments - Thanks @erathorus @seratch
• [all] #897 Bump dependency versions for v1.15 release - Thanks @seratch

---

• All issues/pull requests: https://github.com/slackapi/java-slack-sdk/milestone/42?closed=1
• All changes: v1.14.0...v1.15.0

version 1.14.0

New Features

OAuth flow persistence callbacks

In the past, if a developer desires to customize the parts equivalent to callback_options in bolt-js/bolt-python in the OAuth flow, the developer has to implement the whole OAuthV2SuccessHandler with mostly the same code with DefaultOAuthV2SuccessHandler.

app.oauthCallback(new OAuthV2SuccessHandler() {
  @Override
  public Response handle(OAuthCallbackRequest request, Response response, OAuthV2AccessResponse apiResponse) {
    // Implement your own logic here
    return null;
  }
});

Since v1.14, bolt-java provides App#oauthPersistenceCallback and App#oauthPersistenceErrorCallback methods to accept more granular callbacks. These callbacks can be used for customizing the way your app behaves right after saving (or failing to save) issued tokens and their metadata in your database.

var oauthApp = new App(config);

// To customize the behavior after the installation persistence:
// The default behavior is to display the default completion web page
// or to redirect the installer to the pre-given completion URL.
oauthApp.oauthPersistenceCallback(arguments -> {
  var response = arguments.getResponse();
  response.setStatusCode(200);
  response.setContentType("text/plain; charset=utf-8");
  response.setBody("OK!");
});

// To customize the behavior when the installation persistence fails:
// The default behavior is to display the default error web page
// or to redirect the installer to the pre-given failure URL.
oauthApp.oauthPersistenceErrorCallback(arguments -> {
  var response = arguments.getResponse();
  response.setStatusCode(500);
  response.setContentType("text/plain; charset=utf-8");
  response.setBody("Something wrong! (" + arguments.getError().getMessage() + ")");
});

apps.put("/slack/oauth/", oauthApp.asOAuthApp(true));
var server = new SlackAppServer(apps);
server.start();

Apart from the two we added in this version, the following callbacks have been also available for customizing some parts of your app's OAuth flow:

// in the case where the "error" parameter is passed from the Slack OAuth flow
oauthApp.oauthCallbackError((request, response) -> {
  response.setStatusCode(401);
  response.setContentType("text/plain; charset=utf-8");
  response.setBody("Something wrong! (" + request.getPayload().getError() + ")");
  return response;
});

// in the case where the "state" parameter is invalid
oauthApp.oauthCallbackStateError((request, response) -> {
  response.setStatusCode(401);
  response.setContentType("text/plain; charset=utf-8");
  response.setBody("Something wrong! (state is invalid)");
  return response;
});

// in the case where an error code is returned from the oauth.v2.access API
oauthApp.oauthCallbackAccessError((OAuthV2AccessErrorHandler) (request, response, apiResponse) -> {
  response.setStatusCode(401);
  response.setContentType("text/plain; charset=utf-8");
  response.setBody("Something wrong! (" + apiResponse.getError() + ")");
  return response;
});

With that, bolt-java's OAuth flow module now provides even greater flexibility for developers. If you still see missing pieces in the module, please let us know in the GitHub issue tracker 🙇

Slack guest configuration in SCIM APIs

The SCIM API client now supports "urn:scim:schemas:extension:slack:guest:1.0" schema. In your Java code, you can attach the Slack guest specific attributes in a simple way:

var newGuestUser = new User();
newGuestUser.setName(new User.Name());
newGuestUser.getName().setGivenName("Kazuhiro");
newGuestUser.getName().setFamilyName("Sera");
newGuestUser.setUserName("seratch");
var email = new User.Email();
email.setValue("seratch@example.com");
newGuestUser.setEmails(Arrays.asList(email));

// ISO 8601 date time string
var df = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssXXX");
var expiration = df.format(Date.from(ZonedDateTime.now().plusDays(14).toInstant()));
var slackGuest = User.SlackGuest.builder().type(User.SlackGuest.Types.MULTI).expiration(expiration).build();
newGuestUser.setSlackGuest(slackGuest);

var response = slack.scim(orgAdminToken).createUser(req -> req.user(newGuestUser));

To learn more about the schema itself, please refer to the SCIM API document: https://api.slack.com/scim#post-multi-channel-guest

Changes

• [bolt] #875 #883 Add callback_options equivalent to Bolt for Java - Thanks @seratch
• [slack-api-client] #886 #862 Add "urn:scim:schemas:extension:slack:guest:1.0" schema support in the SCIM API client - Thanks @seratch
• [slack-api-client] #887 #888 auth.revoke API call with a "Sign in with Slack" causes an "invalid_auth" error - Thanks @erathorus @seratch
• [slack-api-client] #882 Add admin.users.session.resetBulk API support - Thanks @seratch
• [docs] #881 Document fix: Code snippet error in the OAuth document section - Thanks @jaebradley

---

• All issues/pull requests: https://github.com/slackapi/java-slack-sdk/milestone/41?closed=1
• All changes: v1.13.0...v1.14.0

version 1.13.0

New Features

HTTP headers in Web API responses

Since this version, all the Web API responses return not only parsed response body data but also its response headers. Particularly, the x-oauth-scopes value should be helpful to easily know the list of granted scopes for the token used for the API call.

Changes

• [slack-api-client] #850 Add getHttpResponseHeaders() method to Web API responses - Thanks @seratch
• [slack-api-client] #877 Fix race conditions in the Slack API Client by adding atomicity - Thanks @daelynj
• [slack-api-client] #868 Mark rtm.start as deprecated - Thanks @seratch
• [slack-api-client] #878 Add team.billing.info and team.preferences.list APIs - Thanks @seratch
• [slack-api-client] #841 #634 Add admin.conversations.{get|set|remove}CustomRetention API support - Thanks @seratch
• [slack-app-model] #859 Fix #857 Add the missing "pronouns" field to User.Profile data class - Thanks @seratch @petehannam
• [slack-api-model] #864 #863 Support TimePickerElement in Block Kit Kotlin DSL - Thanks @ikolomiets
• [bolt] #851 Fix an error in Socket Mode document - Thanks @bcarter97
• [all] #866 #865 Fix to parent pom.xml that allows submodules override default language level in IntelliJ IDEA - Thanks @ikolomiets
• [all] #880 Upgrade patch/minor versions of dependencies for v1.13 release - Thanks @seratch

---

• All issues/pull requests: https://github.com/slackapi/java-slack-sdk/milestone/39?closed=1
• All changes: v1.12.1...v1.13.0

version 1.12.1

Changes

• [slack-api-client] #843 #832 Add source parameter to chat.unfurl API method - Thanks @ribsalad

---

• All issues/pull requests: https://github.com/slackapi/java-slack-sdk/milestone/40?closed=1
• All changes: v1.12.0...v1.12.1

version 1.12.0

New Features

Turning off state parameter validation in the OAuth flow

Enterprise Grid org admins can start org-wide app installations from their app management page. In this situation, no state parameter will be attached to the query string value througout the OAuth flow.

Since this version, we've added a new option to customize this behavior for this use case. You can set the stateValidationEnabled flag in AppConfig to false if you turn the validation off.

var config = new AppConfig();
// set client_id etc.
config.setStateValidationEnabled(false);
var app = new App(config).asOAuthApp(true);
app.start();

Please note that we still don't recommend disabling the state parameter validation for usual OAuth flow apps.

Changes

• [bolt] #829 Fix #828 Add stateValidationEnabled option to AppConfig - Thanks @seratch
• [bolt] #832 Remove cached slack, client in App to reflect changes in AppConfig - Thanks @seratch
• [bolt] #839 Fix #836 NPE in bolt-google-cloud-functions when the response body coming from Bolt app is null - Thanks @Arxing @seratch
• [slack-api-client] #838 Fix #837 oauth.v2.exchange API call fails due to lack of token parameter - Thanks @thomasylee @seratch
• [all] #840 Update dependencies for v1.12 release - Thanks @seratch

---

• All issues/pull requests: https://github.com/slackapi/java-slack-sdk/milestone/38?closed=1
• All changes: v1.11.0...v1.12.0

version 1.11.0

New Features

New options to auto-ack Events API requests

Since this version, your Bolt apps can easily acknowledge Events API requests without having listener functions.

Here are the two options available in AppConfig:

• AppConfig#allEventsApiAutoAckEnabled: Boolean: If true, Bolt enables auto-acknowledging for all Events API requests even when corresponding listeners are missing.
• AppConfig#subtypedMessageEventsAutoAckEnabled: Boolean: If true, Bolt enables auto-acknowledging for message + subtype Events API requests even when corresponding listeners are missing.

var config = new AppConfig();
config.setSubtypedMessageEventsAutoAckEnabled(true);

var app = new App(config);

// Add your listeners here

app.start();

These options does not prevent your listener execution. With these options, Bolt can acknowledge Events API requests only when corresponding listeners are not registered.

New properties in link_shared event

On September 1, 2021, the link_shared event is changing. The change will happen for free teams on September 1, and will roll out to paid teams over the following weeks. The chat.unfurl method will also accept new arguments.

Since this version, the updates in the Events API payload and chat.unfurl parameters are available. Refer to the pull request #817 and [the changelog](Refer to the changelog for more details: https://api.slack.com/changelog/2021-08-changes-to-unfurls) for more details.

Changes

• [bolt] #812 #769 Add new options to auto-acknowledge Events API requests - Thanks @seratch
• [slack-api-client][bolt] #773 #813 Slack Connect API / Events support - Thanks @seratch
• [slack-api-client][bolt] #817 Update link_shared event payload for the changes starting on September 1 - Thanks @seratch
• [slack-api-client] #819 Add missing optional arguments - Thanks @seratch

---

• All issues/pull requests: https://github.com/slackapi/java-slack-sdk/milestone/37?closed=1
• All changes: v1.10.0...v1.11.0

version 1.11.0-RC1

Refer to v1.11.0 release notes

version 1.10.0

New Features

Sign in with Slack (OpenID Connect)

Sign in with Slack helps users log into your service using their Slack profile. The platform feature was recently upgraded to be compatible with the standard OpenID Connect specification. With Bolt for Java v1.10 or higher, implementing the auth flow is much easier.

The following app is a simple example demonstrating how to handle the OpenID Connect flow with Bolt in Kotlin:

import com.auth0.jwt.JWT
import com.slack.api.bolt.App
import com.slack.api.bolt.jetty.SlackAppServer

fun main() {
  val app = App().asOpenIDConnectApp(true)

  app.openIDConnectSuccess { request, response, token ->
    val claims = JWT.decode(token.idToken).claims
    request.context.logger.info("id_token claims: {}", claims)

    // Store the data in your database

    // Redirect the user to the next step
    response.statusCode = 302
    response.headers["Location"] = listOf("https://slack.com/")
    response
  }

  val apps = mutableMapOf("/slack/" to app)
  val server = SlackAppServer(apps)
  server.start() // http://localhost:3000/slack/install

  // export SLACK_CLIENT_ID=
  // export SLACK_CLIENT_SECRET=
  // export SLACK_USER_SCOPES=openid,email,profile
  // export SLACK_INSTALL_PATH=install
  // export SLACK_REDIRECT_URI_PATH=oauth_redirect
  // export SLACK_REDIRECT_URI=https://{your-domain-here}/slack/oauth_redirect
  // gradle run
}

Refer to the document for more details.

Changes

• [bolt] #795 #796 Add "Sign in with Slack (OpenID Connect)" support - Thanks @seratch
• [slack-api-model] #801 Fix #759 by adding common fields in Block Kit model interfaces - Thanks @janjanneck @seratch
• [slack-api-client] #790 #785 A video link posted in a channel, causes a IllegalStateException for Conversation history API call - Thanks @sitamarn @seratch
• [slack-api-client] #784 #791 MessageDeletedEvent Java bug when a threaded message with Tombstone us deleted - Thanks @EnricoVoss @seratch
• [slack-api-client] #807 Improve the error caused in the #792 scenario - Thanks @seratch
• [slack-api-client] #794 Add email_password_policy_enabled to admin.users.invite API arguments - Thanks @seratch
• [all] #797 #770 Bump external dependency versions in v1.9 - Thanks @seratch
• [project] #793 Link to contributing and maintainer guides from README - Thanks @filmaj
• [tests] #800 Significantly improve the stability of the unit tests in CI builds - Thanks @filmaj

---

• All issues/pull requests: https://github.com/slackapi/java-slack-sdk/milestone/36?closed=1
• All changes: v1.9.0...v1.10.0

version 1.10.0-RC2

Refer to the v1.10.0 release note