Skip to content

Configuration of Tokens after IServiceProvider is created #257

New issue
New issue
Open
Open
Configuration of Tokens after IServiceProvider is created#257
@Dionisos94

Description

@Dionisos94
Dionisos94
opened on Mar 16, 2026

Hello,

I think my issue is more or less the same thing than: #202

My company migrated to HashiCorp Vault to store our applications secrets and that causes me some issues.

I am currently using the IOptions pattern to get the slack secrets in my Startup.cs, exactly like the AspNetCore example you have:

public void ConfigureService(IServiceCollection services)
{
       var slackSettings = Configuration.GetSection("Slack").Get<SlackSettings>();
       services.AddSlackNet(c => c
                 .UseApiToken(slackSettings.ApiToken)
                 .UseAppLevelToken(slackSettings.AppLevelToken)
                 .UseSigningSecret(slackSettings.SigningSecret)
                 .RegisterEventHandler<MessageEvent, SlackMessageEventHandler>());
}

However, with Vault, the secrets are no more stored in the appsettings and can only be accessed once the IServiceProvider is created.

So I had to change the "AddSlackNet" configuration to be something like:

services.AddSingleton<ISlackRequestValidationConfiguration, SlackEndpointConfiguration>(_ =>
          return new SlackEndpointConfiguration().UseSigningSecret(Configuration.GetVaultSecret("slack.signingsecret"));
});


services.AddSlackNet(c => c
          .UseApiClient(sp =>new SlackApiClient(
                    sp.GetRequiredService<IHttp>(),
                    sp.GetRequiredService<ISlackUrlBuilder>(),
                    sp.GetRequiredService<SlackJsonSettings>(),
                    Configuration.GetVaultSecret("slack.apitoken")))
          .UseSocketModeClient(ssp => new SlackSocketModeClient(
                    new CoreSocketModeClient(
                    ssp.GetApiClient().WithAccessToken(Configuration.GetVaultSecret("slack.appleveltoken")),
                    ssp.GetWebSocketFactory(),
                    ssp.GetJsonSettings(),
                    Default.Scheduler,
                    ssp.GetLogger()),
                    ssp.GetJsonSettings(),
                    ssp.GetRequestListeners(),
                    ssp.GetHandlerFactory(),
                    ssp.GetLogger()))
          .RegisterEventHandler<MessageEvent, SlackMessageEventHandler>();

The Configuration.GetVaultSecret(string secretKey) is unhappily an extension from my company so I can't share how it it constructed more than that. I just know that it works only once the IServiceProvider is built.

Is technically impossible to have an extension of

.UseApiToken()
.UseAppLevelToken()
.UseSigningSecret()

accepting a Func<IServiceProvider, string> ?

Tbh, my code works. I was just wondering if there was something cleaner to do.
Building an intermediate IServiceProvider or setting the tokens in the code are not really much cleaner to me.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions