Unable to Deploy Microsoft Team application to Azure - node.js

Summary:
When attempting to deploy a Microsoft Teams Node.JS project written in typescript to Azure servers the Teams application throws an error "There was a problem reaching this app." The application works fine when opening in a browser but is not recognized in Teams. It appears that all the manifest is setup correctly and when run in the verification of App Studio no errors are returned.
Attempted Solutions:
Attempted to match the manifest with examples given by Microsoft. Attempted to get a Microsoft teams application deployed to Azure using the examples shared by Microsoft.
Code:
Teams App Manifest:
{
"$schema": "https://developer.microsoft.com/en-us/json-schemas/teams/v1.7/MicrosoftTeams.schema.json",
"manifestVersion": "1.7",
"id": "dfe1fc96-d4db-4ed4-b76a-c26194928313",
"version": "1.0.0",
"packageName": "messageleapteams",
"developer": {
"name": "Real Data Consulting",
"websiteUrl": "https://messageleapteams.azurewebsites.net",
"privacyUrl": "https://messageleapteams.azurewebsites.net/privacy.html",
"termsOfUseUrl": "https://messageleapteams.azurewebsites.net/tou.html"
},
"name": {
"short": "messageLeapTeams",
"full": "messageLeapTeams"
},
"description": {
"short": "TODO: add short description here",
"full": "TODO: add full description here"
},
"icons": {
"outline": "icon-outline.png",
"color": "icon-color.png"
},
"accentColor": "#D85028",
"configurableTabs": [
{
"configurationUrl": "https://messageleapteams.azurewebsites.net/messageLeapTeamsTab/config.html?name={loginHint}&tenant={tid}&group={groupId}&theme={theme}",
"canUpdateConfiguration": true,
"scopes": [
"team"
]
}
],
"staticTabs": [],
"bots": [],
"connectors": [],
"composeExtensions": [],
"permissions": [
"identity",
"messageTeamMembers"
],
"validDomains": [
"messageleapteams.azurewebsites.net"
],
"showLoadingIndicator": true,
"isFullScreen": false,
"webApplicationInfo": {
"id": "dfe1fc96-d4db-4ed4-b76a-c26194928313",
"resource": "api://messageleapteams.azurewebsites.net/dfe1fc96-d4db-4ed4-b76a-c26194928313"
}
}

It turns out the web application was properly deployed and the manifest built correctly, however with teams tab applications hosted in Azure the loading indicator must be disabled.
I fixed this issue by setting "showLoadingIndicator": false in the manifest.json

In my opinion, if you can ensure there is no error with your code, you can check your configuration.
Next description are based on the c# sample (conversation bot)that Ms provided. And I think nodejs is similar.You can click the link and see the detail.
you have to create an Azure Ad app with client secret, and modify the 'appsetting' file to make sure the code can run in local.
ngrok is needed so you can visit your code running in local.
pls create a bot on Azure portal, enter correct appId, client secret(created in setp 1) and Messaging endpoint(get the https url after starting the ngrok,and don't forget to append '/api/messages' after the url)
now you can test your code running in local environment in web chat.
if you want to test in Teams client, you need to modify 'manifest.json' and create a ZIP file and upload your bot to Teams. Then you have to add the Teams channel in the bot created in step 3.
enter image description here
Please note if the Azure AD application created in step 1 belongs to a tenant which is different from your Teams login account's tenant, you should set the app as a multi-tenant app(when you create an app, it will ask you to choose whom are allowed to visit this app).
If there is no problem running the program locally, it will be fine after deploying to azure app service.

Related

How to consume Azure Health Bot Skills by skill manifest/endpoint?

I have created the scenarios in Azure HealthBot Management Portal and want to expose the skill to be consumed by other bot/rootbot. I have configured the skill exposure and got the skill manifest including the endpoint.When we are making the call to the api endpoint it is giving 404 error.
Manifest:
{
"$schema": "https://schemas.botframework.com/schemas/skills/v2.1/skill-manifest.json",
"$id": "testhealthbot",
"name": "testhealthbot",
"version": "1.0",
"description": "test",
"publisherName": "test",
"tags": [],
"endpoints": [
{
"name": "default",
"protocol": "BotFrameworkV3",
"description": "Production endpoint for HealthBot Skill testhealthbot",
"endpointUrl": "https://bot-api-us.healthbot.microsoft.com/bot/dynabot/testhealthbot-hpmn88l/skill/consume",
"msAppId": "3dc55673-cdd5-4e4d-8838-d51d2exxxxx"
}
],
"activities": {
"message": {
"type": "message",
"description": "Receives the user's' utterance and attempts to resolve it using the skill's LU models"
}
}
}
can someone please guide me how to make api calls to the skill or to consume the skill in rootbot?
To add your new Skill to your assistant/Bot you can use botskills command line tool to automate the process of adding the Skill to your dispatch model and creating authentication connections where needed.
Run the following command from a command prompt within the directory of your assistant/Bot.
botskills connect --remoteManifest "https://<YOUR_SKILL_NAME>.azurewebsites.net/manifest/manifest-1.1.json" --cs --luisFolder "<PATH_TO_LU_FOLDER>"
see adding skills for more details.
I have created a forwarding url with ngrok. And followed these steps,docs
still I was unable to connect to Azure Health Bot,I was getting error.
Adding the qna forum for reference
microsoft_qna
it would be very helpful, if someone would guide on adding azure health bot as a skill in rootBot. Thanks in advance.

How to make Microsoft Teams home site app work across different tenants

I have created a home site app for Microsoft Teams that renders a SharePoint communication site (sharepoint) in a personal tab by following the article Teams App with SharePoint. When I install the app in Teams desktop within the same tenant, it is working fine.
When installing the app in another tenant (fabrikam.sharepoint), where the user is added as a guest to the tenant having the SharePoint site (contoso.sharepoint), the site content does not load in Teams desktop. When accessing in a browser tab, the app starts working once I manually open the SharePoint site in a new tab.
The manifest I'm using for the app:
{
"$schema": "https://developer.microsoft.com/en-us/json-schemas/teams/v1.8/MicrosoftTeams.schema.json",
"manifestVersion": "1.8",
"id": "80322562-deed-42fa-88e7-373884e370f2",
"version": "1.0.0",
"packageName": "MyTeamsApp",
"developer": {
"name": "microsoft.com",
"websiteUrl": "https://MyTeamsApp",
"privacyUrl": "https://MyTeamsApp/privacy.html",
"termsOfUseUrl": "https://MyTeamsApp/tou.html"
},
"name": {
"short": "MyTeamsApp Home Site",
"full": "MyTeamsApp Home Site App for Teams"
},
"description": {
"short": "This is Tone Training Home Site app for Teams",
"full": "This is the Tone Training Home Site app packaged for Teams"
},
"icons": {
"outline": "TeamsOutline.png",
"color": "TeamsColor.png"
},
"accentColor": "#D85028",
"configurableTabs": [],
"staticTabs": [
{
"entityId": "MyTeamsAppHome",
"name": "My Teams App Home",
"contentUrl": "https://contoso.sharepoint.com/_layouts/15/teamslogon.aspx?SPFX=true&dest=/sites/MyTeamsApp",
"websiteUrl": "https://contoso.sharepoint.com/sites/MyTeamsApp",
"scopes": [
"personal"
]
}
],
"webApplicationInfo": {
"id": "00000003-0000-0ff1-ce00-000000000000",
"resource": "https://contoso.sharepoint.com"
},
"bots": [],
"connectors": [],
"composeExtensions": [],
"permissions": [
"identity",
"messageTeamMembers"
],
"validDomains": [
"*.login.microsoftonline.com",
"*.sharepoint.com",
"*.sharepoint-df.com",
"spoppe-a.akamaihd.net",
"spoprod-a.akamaihd.net",
"resourceseng.blob.core.windows.net",
"msft.spoppe.com"
],
"isFullScreen": true
}
What you're trying to do in concept is basically the same as the new "Viva Connections" capability from Microsoft, so you should consider going that route instead as it offers what you're doing plus a whole lot more. I just blogged about the background of that, with links to relevant Microsoft content, so have a look at https://hilton.giesenow.com/2021-03-31-understanding-viva-connections-app-package
In terms of the actual problem you're having though, I don't think you'll be able to get this to work on the desktop because of how the Teams app manages the current login context, but perhaps someone else will have another solution.
Currently Teams don't support the option to view a SharePoint page/site across tenants. Guest users are not supported yet either.

Azure AD integration with Bot Framework / teams

Last week I've been looking at Bot framework Samples, honestly BotFx isn't my area of expertise.
I was playing with these samples from the sample library:
18.bot-authentication
24.bot-authentication-msgraph
46.teams-auth
The required steps for making work each of them are almost the same, for #18 and make it work in the emulator this include:
Register the BotApp in Azure AD
Generate a Secret
Add the Redirect URI (as documented it should be: https://token.botframework.com/.auth/web/redirect)
Create an azure bot service
Customize the OAuth Connection Settings
Then in the solution Modify appsettings.json (sample values below)
{
"ConnectionName": "juank",
"MicrosoftAppId": "cee1234562074c-1b3e-49b4-9e76-b727d73453454e018d",
"MicrosoftAppPassword": "uxPdfgwo.JAYmgrtU]w5I7KdgxLZSJ.a[qtgtrFxYZ02"
}
After that It's required to run the emulator and configure the
following settings
Up to this point the bot works as expected
Then I type any... and it just doesn't work. I receive this answer
from the bot :
And this data from the trace Operation returned an invalid status
code 'Unauthorized'
{
"channelId": "emulator",
"conversation": {
"id": "77631280-22e8-11ea-93e0-6dc9b0b41a7c|livechat"
},
"from": {
"id": "61bab030-214b-11ea-9cf4-193735472c4b",
"name": "Bot",
"role": "bot"
},
"id": "ae429e60-22e8-11ea-9786-a543cb22378b",
"label": "TurnError",
"localTimestamp": "2019-12-20T00:22:13-05:00",
"locale": "en-US",
"name": "OnTurnError Trace",
"recipient": {
"id": "f6982626-923e-4fd3-b930-eabf095e96df",
"role": "user"
},
"replyToId": "aacb51f0-22e8-11ea-9786-a543cb22378b",
"serviceUrl": "https://7eec83e4.ngrok.io",
"timestamp": "2019-12-20T05:22:13.958Z",
"type": "trace",
"value": "Operation returned an invalid status code 'Unauthorized'",
"valueType": "https://www.botframework.com/schemas/error"
}
And that's all.
I've successfully acquired the token from the OAuth setting Test tool in azure portal and also using Postman, but i haven't been able to make these Demos work properly once OAuthCard should be presented for login. Debugging hasn't been helpful since there isn't other information apart from JSON exposed above.
Any guidance or orientation about how to fix this will be appreciated.
There is no need to configure Azure Bot Service configurations in emulator. The Application Id and Application Password should be the same as those in appsettings.
And you should got these values from Azure portal under Configuration part.
Before doing this, please make sure the auth connection works.
Update:
You can change the Microsoft APPId here:

How to Develop Office 365 Custom File Handler

I heard Microsoft provides file handler add-in for custom (non-Microsoft) file types in Office 365.
I tried to do this following the tutorial found here, however it seems a bit outdated (although it was last updated in Jan 2017) because several things mentioned there are different from my environment - I use Visual Studio 2015 on Windows 10.
So basically here's what I'm trying to achieve.
I have a custom file type with .encx extension, which is simply a encrypted docx file using our own cryptography algorithm. I can access to Office 365 tenant admin account. I want to allow our users to be able to open this encrypted file in OneDrive web interface.
Here's my environment:
Microsoft Visual Studio Enterprise 2015 Version 14.0.25123.00 Update 2
Microsoft .NET Framework Version 4.6.01586
Azure SDK v2.9.6
I created a new Visual C# project based on File Handler Application template in Office category from VS 2015.
And I added connected service for Office 365 API.
Since I have a free trial subscription on Azure account, I added all the required stuff like SQL database server, SQL db, Azure Active Directory - basically all the things explained in the above tutorial. And then I published and publishing was successful. I can see it live on the *.azurewebsites.net in my browser and sign in even works.
I used Addin manager sample Azure app as described in the tutorial to update add-in settings like file icon, preview/open/new endpoint link etc, and hit Update button. Now I uploaded some .encx files to OneDrive account but it still doesn't show custom icon nor open it in custom file handler (it just triggers browser file download).
I've been pulling my hair with this issue because I couldn't find any helpful/detailed answers anywhere online.
I seriously need help from Microsoft people.
UPDATE:
Now I have some progress - I can see custom file icon, .encx file now tries to show something as a preview when I select it, and opens in new tab if I click it.
The problem is Preview, Open works with my localhost URL, but not with published Azure web service URL. It says Sorry, something went wrong along with Invalid URL: |0..
UPDATE 2:
Here's a manifest file for Azure web service app:
{
"appId": "0afc5455-a05b-4cc1-b241-89c717d9bce4",
"appRoles": [],
"availableToOtherTenants": false,
"displayName": "MyFileHandler",
"errorUrl": null,
"groupMembershipClaims": null,
"homepage": "http://my***.azurewebsites.net/",
"identifierUris": [
"https://filevisor.net/MyFileHandler"
],
"keyCredentials": [],
"knownClientApplications": [],
"logoutUrl": null,
"oauth2AllowImplicitFlow": false,
"oauth2AllowUrlPathMatching": false,
"oauth2Permissions": [
{
"adminConsentDescription": "Allow the application to access MyFileHandler on behalf of the signed-in user.",
"adminConsentDisplayName": "Access MyFileHandler",
"id": "5b21f973-edd5-4ace-a369-cfff0ed3b8fa",
"isEnabled": true,
"type": "User",
"userConsentDescription": "Allow the application to access MyFileHandler on your behalf.",
"userConsentDisplayName": "Access MyFileHandler",
"value": "user_impersonation"
}
],
"oauth2RequirePostResponse": false,
"passwordCredentials": [
{
"customKeyIdentifier": null,
"endDate": "2018-02-02T05:22:35.7514025Z",
"keyId": "b19de090-a661-402f-8ae2-624f148ff6fd",
"startDate": "2017-02-02T05:22:35.7509019Z",
"value": null
}
],
"publicClient": false,
"replyUrls": [
"http://my***.azurewebsites.net/"
],
"requiredResourceAccess": [
{
"resourceAppId": "00000002-0000-0000-c000-000000000000",
"resourceAccess": [
{
"id": "311a71cc-e848-46a1-bdf8-97ff7156d8e6",
"type": "Scope"
}
]
},
{
"resourceAppId": "00000003-0000-0000-c000-000000000000",
"resourceAccess": [
{
"id": "17dde5bd-8c17-420f-a486-969730c1b827",
"type": "Scope"
}
]
}
],
"samlMetadataUrl": null,
"extensionProperties": [],
"objectType": "Application",
"objectId": "0bdea3fb-5ff7-4b8c-aa2c-6556a4c2ce46",
"deletionTimestamp": null,
"createdOnBehalfOf": null,
"createdObjects": [],
"manager": null,
"directReports": [],
"members": [],
"memberOf": [],
"owners": [],
"ownedObjects": []
}
I don't see an "addIns" property in your manifest, as described here: Configure and update file handlers in Office 365. It might be that this property is just suppressed from the downloaded copy of the manifest, but if you haven't added this property to the manifest, please add it and see if that helps.

Can't find AppPermissons in app manifest (Azure Active directory)

As of yesterday I added a webapi and a native app to my Azure AD.
Yesterday I was able to download the WEBAPI's manifest file to add appPermissions (for delegating permissions to the native app).
Not there's no longer any appPermissions located in the manifest file, it has changed. I have tried to add new apps, and even a new AD.
Now theres only appRoles there.
Does anyone know why this is, and how I could solve this so i still can delegate permissions?
Might this be the new thing to use?
oauth2Permissions": [
{
"adminConsentDescription": "Allow the application full access to the service on behalf of the signed-in user",
"adminConsentDisplayName": "Have full access to the service",
"id": "23906603-82b7-4471-afbd-b6bcf2fe7b1a",
"isEnabled": true,
"origin": "Application",
"type": "User",
"userConsentDescription": "Allow the application full access to the service on your behalf",
"userConsentDisplayName": "Have full access to the service",
"value": "user_impersonation"
}
],
#Simon Agren is right, and that new oauth2Permissions worked for me. Just download an old existing Maninifest and you will see how it now uses the oauth2Permissions instead of the appPermissions. Remember to create a new GUID for the id attribute.
I also turned surprised when I saw that this morning :)
Cheers.

Resources