0

I have a c#-based program that can send messages and files to our SlackWorkspace via my SlackApp (I'm using HttpClient to communicate with Slack).

Now, to distribute this program in my workspace and to make it so that every user will have his own identity, it says that I have to use OAuth and create verification-tokens, specific for each user. It says in the Slack-documentation I have to use a redirect-URL (as per docs) to my own server.

We have a server that I potentially could use for this. But I have never done anything like this before and I am unclear on what "answer" I have to provide from our server. I thought the verification-process would be handled by Slack.

Anyone has an idea on how to approach this?

And before anyone asks - yes we need to install it for everyone and make them identifiable as themselves. We can't use the "SlackApp" as user. :)

I would be very grateful for code examples(in c#) and explanations on how this whole redirect-thing is working.

Erik Kalkoken
  • 30,467
  • 8
  • 79
  • 114
Fabian Held
  • 373
  • 1
  • 6
  • 17

1 Answers1

1

Slack uses the standard Oauth 2.0 protocol to authenticate apps, similar to Google and Facebook.

So the "verification-process" is indeed mostly handled by Slack (as outlined here), but your Slack app needs to initiate it and handle the responses properly. Also its a multi-step process and includes the user having to login into Slack with their credentials. This why you need a web app to handle the whole process.

To enable a Slack app to generate tokens via Oauth a web app is needed:

  • can be reached from the Internet
  • able to handle HTTP requests like a web server
  • has persistent storage for the newly generated tokens

This is probably easier to implement with ASP.NET Web Pages, which can utilize many functions from an existing web server.

But for this answer, lets look on an implementation in .NET Core. For that we need to create our own web server and some rudimentary session handling. Main concepts include:

The details go a bit beyond the scope of one answer. But I am happy to share a working example implementation on this GitHubGist.

Btw: For the local development of such a web app its recommend to use a VPN tunnel like ngrok, that allows one to expose a local machine securely to the Internet and Slack.

Community
  • 1
  • 1
Erik Kalkoken
  • 30,467
  • 8
  • 79
  • 114
  • Thanks for the example on GitHub. I'm having a look at it right now and am tryin to figure out how all this is working. This is a lot of code, with all new stuff for me to learn and figure out. What a task, my boss gave me there :D Thank you good sir, you are of great help! – Fabian Held Nov 20 '18 at 07:32
  • Okay, first questions have arisen. Why are you using a VPN tunnel? Doesn't that mean every other user has to be part of that VPN to be able to reach the server? And is the SLACK_REDIRECT_URL the one you also gave your SlackAPP? And what is the URL-PREFIX for? Also, I can not just "come up" with any URL I want, right? A URL has to be registered somehow somwhere - or am I totally wrong? Seems I still can not totally grasp the concept of servers, URLs and how it all works... – Fabian Held Nov 20 '18 at 07:47
  • I only use a VPN tunnel for my development. As it enables me to let the app run on my local PC and Slack can still connect to it. When the app is finished it should run on a server that can be reached from the Internet. – Erik Kalkoken Nov 20 '18 at 11:27
  • yes, the SLACK_REDIRECT URL is the same as you define for your Slack app on the management page. Next to client ID and client secret. – Erik Kalkoken Nov 20 '18 at 11:31
  • The URL_PREFIX allows you to define a port and path on your server that your app will listen too. Check out the HttpListener link for details on how that works. – Erik Kalkoken Nov 20 '18 at 11:33