I am currently trying to develop an application in C# using the SlackConnector library. SlackConnector
The application would receive and send messages to slack channels and DM. (I am successfully able to send and receive messages from my slack using the test token generator.) TEST TOKEN GENERATOR
The thing I dont understand is how is it possible for the user who will use the app to give full authorization to access their Slack account and so from there on they can send and receive messages likewise.
Is OAuth 2.0 something that I need to use ? I created a slack app and followed steps to get access token from users but the access tokens for some reason do not establish a connection, like the test tokens do ? I suppose with that token you can post messages on behalf of user only not receive messages have only limited access, not sure !!
Is there a way to programmatically get a signed-in users generated test-token? or a way that the user can give my desktop application full access to the slack account without having to generate a test token manually?
Even if I were to go to production with only me as a user what access token would I use the same Test Token ? Isn't it only for testing where is the actual token ?
To answer a few of your questions here:
Yes, you'll need to use OAuth 2.0 and a Slack app to offer your integration for installation on other Slack teams.
Yes, test tokens are just meant for developing against one team. They represent the full capabilities of whichever account created it, within the context of the team it was created on.
To connect to the RTM API and to read and write DMs, you'll need to make a few decisions about which OAuth scopes you'll want to request, and whether you're wanting to operate from the perspective of your application as a kind of "bot user" within a channel, or from the perspective of the user using your app. Generally, apps operate from their own perspective.
The most common way an app like this is built is by asking for the bot OAuth scope, which grants a package of permissions. The tricky part is that the bot permissions aren't granted to the top-level token at the end of the OAuth flow -- they're granted to the bot_user_token you'll find under the bot part of the response hash. Using that token will let you connect to the RTM API and interact via direct messages with team members. (See the bot user docs for info about "Tokens and scopes".
If your intent is to operate directly on behalf of a user (posting and responding to messages as if you were the user authorizing your app), then you need to ask for very distinct OAuth scopes that will be applied to the top-level user token in the final OAuth response.