Opportunistic Token Encryption for Slack Actions

[jeffrey-martinez]

PR 723: [feat/slack-token-encryption]:

This PR extends the Action Hub OAuth token encryption framework to the Slack action to mitigate data-at-rest exposure vulnerabilities in Looker's database.

Context and Vulnerability Addressed

While the Slack action utilizes an integration proxy (mitigating callback URL hijacking attacks described in ), its user tokens are still stored in plain-text within the state_json parameter.

To align with security best practices and ensure defense-in-depth, this PR implements opportunistic encryption for Slack tokens at rest.

Changes

🔐 Opportunistic Encryption Logic

Modifies SlackAction and SlackClientManager to handle tokens securely without breaking legacy states:

Write Path (Encryption):

If the feature flag ENCRYPT_PAYLOAD_SLACK_APP is enabled, Action Hub encrypts plain-text tokens using transit keys (AESTransitCrypto) before returning them to Looker as state data.

Read Path (Decryption):

Action Hub attempts to decrypt incoming state_json. If it's encrypted (verified by standard prefix matching), it is decrypted. If not, it falls back gracefully to plain text for backwards compatibility.

📝 Key Files Modified

slack.ts: Introduced private helper methods decryptStateIfNeeded and encryptStateJson toggled by feature flags.
slack_client_manager.ts: Updated client initialization to expect and utilize the decrypted payloads.
test_slack.ts: Added specific unit assertions verifying that plain-state translates to encrypted state accurately, and that encrypted states feed cleanly into downstream clients.

Verification & Impact

Backward Compatibility Check: Passive behaviors preserved; legacy plain-text state parameters resolve successfully.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly improves the security posture of the Slack action by introducing opportunistic encryption for OAuth tokens. Previously, sensitive Slack user tokens were stored in plain text, posing a data-at-rest exposure risk. The implemented changes encrypt these tokens when the ENCRYPT_PAYLOAD_SLACK_APP feature flag is enabled, both when they are saved and retrieved. This ensures that even if the underlying database is compromised, the tokens remain protected, while maintaining full backward compatibility for existing unencrypted states.

Highlights

• Enhanced Security: Implemented opportunistic encryption for Slack action OAuth tokens to mitigate data-at-rest exposure vulnerabilities in Looker's database.
• Opportunistic Encryption Logic: Introduced encryption on the write path and decryption on the read path, controlled by the ENCRYPT_PAYLOAD_SLACK_APP feature flag, using AESTransitCrypto.
• Backward Compatibility: Ensured graceful fallback to plain-text processing if decryption fails or the state is unencrypted, preserving functionality for legacy states.
• Core Logic Integration: Modified SlackAction to handle encryption/decryption within its execute, form, and oauthCheck methods, and updated SlackClientManager to accept decrypted states.
• Testing: Added comprehensive unit tests to verify the correct handling of both encrypted and unencrypted states, ensuring robust security implementation.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces opportunistic encryption for Slack action tokens, which is a great security enhancement. The implementation correctly handles both encrypted and plaintext states for backward compatibility. The new encryption and decryption logic is well-contained.

I've identified a critical issue in the new tests where the state_json format is incorrect, which could mask bugs in the single-workspace scenario. Additionally, I've suggested a few refactoring opportunities to reduce code duplication and improve efficiency.

[ehdunbar]

what is this checking for?

[jeffrey-martinez]

Fixed, this was an outdated way of determining if the payload was encrypted (the cid would start with "1").

[ehdunbar]

if we decrypted the state then checked against request.params.state_json isn't that going to be encrypted?

[jeffrey-martinez]

Yes we check if it matches the original (unencrypted case) then we know to migrate them to use encryption.