Client permissions on serverless Azure Web PubSub - azure

I've successfully followed the Tutorial - Create a serverless chat using the Azure Web PubSub service.
Now I require giving the clients different permissions based on their ID. Also, add them to different groups.
The documentation on this matter is using a NodeJs server, but it says nothing about how to accomplish this using serverless Functions.
Is there a piece of documentation I am missing? Do you have any lead or example to share on how to manipulate permission on the negotiate function?

After a lot of digging around, I finally found this repository with examples on what I wanted to accomplish:
https://github.com/Azure/azure-webpubsub/blob/main/samples/functions/js/simplechat-wpscontext/connected/index.js

Related

How is it different between Console.Cloud and Console.Developer

I think it's not a good questions, but I have been instructed to use Console.Cloud to create a Service Accounts to access Google Sheet from Python3. Now, I'm trying to use Resumable Upload to upload large Video to Google Drive. I have done some research and found that I need to create an OAuth 2.0 under Console.Developers.
I'm not too sure what is the different between those 2 platforms, even though they are showing the same credentials that I have created.
Those two platforms are different ways to visualize Google resources. The Developers console lets you view your app's credentials with Google, while the Cloud Console allows for visibility into Google Cloud resources as well as into the API credentials shown on the Developers console. I believe that now you can only see your credentials through the APIs & Services section of the Cloud console, since that is what I see when I type https://console.developers.google.com.
For more detail into the many consoles provided by Google and the different type of resources in Google's ecosystem, checkout this other Stackoverflow thread.

Is it possible to use the Direct Line API protocol that is through an azure bot service for an on-premise environment?

The question I have is can you use the Microsoft Bot Framework service via an on-premise solution through, ideally a docker container, ~~or at least an Azure Stack installation~~ (not available currently through azure stack)? We need a 100% on premise solution that will utilize LUIS and other Azure services but still be on-premise when utilizing the chat bot.
The problem is the bot almost requires a solution that is through the direct line api which authenticates through a token. This token is generated through an azure service, if it's not the secret, and the direct line api is through a registered bot application through an azure service.
Although there is LUIS container support, meaning a localized docker container that can pull down azure cognitive services and use them through that container, there doesn't seem to be any support for the bot framework service. Which just seems bizarre to not have one without the other.
https://learn.microsoft.com/en-us/azure/cognitive-services/cognitive-services-container-support
But, that's ok if utilizing an Azure stack that would perhaps solve a lot of on premise solutions. It could even be the hybrid variation where lLis and other aspects are through traditional cloud services but the bot service has to be on premise and able to utilize the direct Line api. If possible. Or what is another solution?
Would it have to be traditional restful api calls and what would be missing from a deployed nodejs or C# bot to the cloud. Perhaps I am missing something in the architecture but the need described is 100% off premise
You will want to look into offline DirectLine. This is an unoffical package, but it is open source.

How to deploy chatbot (NodeJS) In Azure without Bitbucket connection

I want to display a chatbot on Microsoft Azure. I've looked at the different alternatives and I can't find a way to do what I want. It's the first time I've ever used Azure and it's probably simple.
The code for this bot is in an organization's Bitbucket repository. I mean, I can't use the continuous deployment that Azure offers because I can't access the organization's Bitbucket. Is there an API I can call or a method for displaying my code without Azure needing to connect to my repository? Well, publishing the bot in a Bitbucket on the Internet (outside the organization) is restricted.
The bot is in NodeJS and I have seen the npm run azure-publish command which may be the way.
Thank you very much for your time.
PS1: Ideally, we should push, not Azure pull.
Finally I have solved my problem by using the command:
npm run azure-publish
Which internally makes a node of a publish.js file in which I specify the necessary parameters for the connection, the path to the ZIP, etc.
What I can't do is a callback to let me know if the deployment was successful, but that's already a straightforward question and I'm with it.
I hope I can be of help to other people. Any additional questions, do not hesitate to ask.

Howto add Azure AD as AWS Cognito Federated IdP

G'day Everyone.
I have a Web application running with AWS S3, RDS, Lambda and API Gateway using an AWS Cognito user pool as login service. This is working good so far. But now i would like to integrate it with Azure ID.
Does someone has a good documentation about it. I can only find documentation for the other way round or for integration Azure AD into the AWS Console.
The reason could be that this feature just went from beta to production a few weeks ago.
The steps are quite long, but I've created a tutorial on setting this up.
There is a current bug within the AzureAD web console that prevents changing the App ID to a URN, but it can be worked around by modifying the parameter with AzureAD powershell.
See the following blog post here:
https://www.idea11.com.au/how-to-set-up-aws-cognito-federation-office365/
I ran into some troubles while logging in via personal live/hotmail accounts using SAML, turns out there's no proper support for that yet, try OIDC.
Follow:
https://www.terminalbytes.com/azure-ad-integration-as-an-idp-with-aws-cognito/

frontend and backend separation in azure

I'm developing a simple site consisting of an Angular frontend and a simple NodeJS backend. I currently see 3 ways to setup the project:
have 1 Web App to serve the static HTML and 1 Web App for the NodeJS backend
serve both REST API and static files using the same NodeJS instance
I read about virtual directories for Azure Web Apps, but wasn't able to find appropriate documentation. Is that even a viable solution?
What's the standard setup to use for Azure? Is there any in-depth documentation I missed?
I would say that this is a type of question for which it is difficult to get an answer, because someone could write an entire book on this topic and a lot of aspects are a matter of personal preferences, approaches and so on.
Before I try to attempt a first answer I would like to point out that I am not familiar with Node.js at all, but I am fairly familiar with Azure AppService and ASP.Net Core MVC.
There is no standard setup in Azure AppService (websites in this case) and in fact all the 3 options that you mentioned are valid. Based on my expperience with Azure AppService I would say that option one is suitable when you have a publicly available API. In that case you could also register your API with Azure Management API.
The second option is, in my opinion, best suitable when your frontend is the only consumer of your API.
The third option is not that common, but 100% possible. Here is a very good article on how to set virtual directories up and how to deploy an application to them using Visual Studio. I am not sure how this would be done exactly with the tooling at your disposal, but conceptually it should be possible. However, deploying NODE.js projects in virtual directories could cause some problems you should be prepared for. More information here.
I would however stick with what I said in the start: I would deploy both backend and frontend to the same web app if my Angular application is the only consumer of the API and I would deploy to 2 different web apps if my API was public.
I'm curious what other might think in this regard.

Resources