microsoft
/
botbuilder-java
зеркало из https://github.com/microsoft/botbuilder-java.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
botbuilder-java/samples/24.bot-authentication-msgraph
История
tracyboehrer 896181fa34
Version bump (#1000) 		2021-02-17 14:00:03 -06:00
..
deploymentTemplates Sample: 24.bot-authentication-msgraph (#977) 2021-02-12 11:16:22 -06:00
src Sample: 24.bot-authentication-msgraph (#977) 2021-02-12 11:16:22 -06:00
LICENSE Sample: 24.bot-authentication-msgraph (#977) 2021-02-12 11:16:22 -06:00
README.md Sample: 24.bot-authentication-msgraph (#977) 2021-02-12 11:16:22 -06:00
pom.xml Version bump (#1000) 2021-02-17 14:00:03 -06:00

README.md

Authentication Bot Utilizing MS Graph

Bot Framework v4 bot authentication using Microsoft Graph sample

This bot has been created using Bot Framework, is shows how to use the bot authentication capabilities of Azure Bot Service. In this sample we are assuming the OAuth 2 provider is Azure Active Directory v2 (AADv2) and are utilizing the Microsoft Graph API to retrieve data about the user. Check here for information about getting an AADv2 application setup for use in Azure Bot Service. The scopes used in this sample are the following:

  • openid
  • profile
  • User.Read

NOTE: Microsoft Teams currently differs slightly in the way auth is integrated with the bot. Refer to sample 46.teams-auth.

Prerequisites

  • Java 1.8+
  • Install Maven
  • An account on Azure if you want to deploy to Azure.

To try this sample locally

  • From the root of this project folder:

    • Build the sample using mvn package
    • Run it by using java -jar .\target\bot-authentication-msgraph-sample.jar

  • Test the bot using Bot Framework Emulator

    Bot Framework Emulator is a desktop application that allows bot developers to test and debug their bots on localhost or running remotely through a tunnel.

    • Install the Bot Framework Emulator version 4.3.0 or greater from here

    • Connect to the bot using Bot Framework Emulator

      • Launch Bot Framework Emulator
      • File -> Open Bot
      • Enter a Bot URL of http://localhost:3978/api/messages

Deploy the bot to Azure

As described on Deploy your bot, you will perform the first 4 steps to setup the Azure app, then deploy the code using the azure-webapp Maven plugin.

1. Login to Azure

From a command (or PowerShell) prompt in the root of the bot folder, execute:
az login

2. Set the subscription

az account set --subscription "<azure-subscription>"

If you aren't sure which subscription to use for deploying the bot, you can view the list of subscriptions for your account by using az account list command.

3. Create an App registration

az ad app create --display-name "<botname>" --password "<appsecret>" --available-to-other-tenants

Replace <botname> and <appsecret> with your own values.

<botname> is the unique name of your bot.
<appsecret> is a minimum 16 character password for your bot.

Record the appid from the returned JSON

4. Create the Azure resources

Replace the values for <appid>, <appsecret>, <botname>, and <groupname> in the following commands:

To a new Resource Group

az deployment sub create --name "authenticationBotDeploy" --location "westus" --template-file ".\deploymentTemplates\template-with-new-rg.json" --parameters appId="<appid>" appSecret="<appsecret>" botId="<botname>" botSku=S1 newAppServicePlanName="authenticationGraphBotPlan" newWebAppName="authenticationGraphBot" groupLocation="westus" newAppServicePlanLocation="westus"

To an existing Resource Group

az deployment group create --resource-group "<groupname>" --template-file ".\deploymentTemplates\template-with-preexisting-rg.json" --parameters appId="<appid>" appSecret="<appsecret>" botId="<botname>" newWebAppName="authenticationGraphBot" newAppServicePlanName="authenticationGraphBotPlan" appServicePlanLocation="westus" --name "authenticationGraphBot"

5. Update app id and password

In src/main/resources/application.properties update

  • MicrosoftAppPassword with the botsecret value
  • MicrosoftAppId with the appid from the first step

6. Deploy the code

  • Execute mvn clean package
  • Execute mvn azure-webapp:deploy -Dgroupname="<groupname>" -Dbotname="<botname>"

If the deployment is successful, you will be able to test it via "Test in Web Chat" from the Azure Portal using the "Bot Channel Registration" for the bot.

After the bot is deployed, you only need to execute #6 if you make changes to the bot.

Interacting with the bot

This sample uses the bot authentication capabilities of Azure Bot Service, providing features to make it easier to develop a bot that authenticates users to various identity providers such as Azure AD (Azure Active Directory), GitHub, Uber, and so on. These updates also take steps towards an improved user experience by eliminating the magic code verification for some clients and channels. It is important to note that the user's token does not need to be stored in the bot. When the bot needs to use or verify the user has a valid token at any point the OAuth prompt may be sent. If the token is not valid they will be prompted to login.

Microsoft Graph API

This sample demonstrates using Azure Active Directory v2 as the OAuth2 provider and utilizes the Microsoft Graph API. Microsoft Graph is a Microsoft developer platform that connects multiple services and devices. Initially released in 2015, the Microsoft Graph builds on Office 365 APIs and allows developers to integrate their services with Microsoft products including Windows, Office 365, and Azure.

GraphError 404: ResourceNotFound, Resource could not be discovered

This error may confusingly present itself if either of the following are true:

  • You're using an email ending in @microsoft.com, and/or
  • Your OAuth AAD tenant is microsoft.onmicrosoft.com.

Further reading