While logging into the bot, using Botframework OAuthPrompt function, user is required to log in on Microsoft page and then asked to copy magic code and paste it in the conversation with bot. Is there a way to automatically pass it without user input ?
Docs says that it should be solved in v4 but in both emulator and my mobile app it is still required.
https://learn.microsoft.com/en-us/azure/bot-service/bot-builder-authentication?view=azure-bot-service-4.0&tabs=aadv1%2Ccsharp%2Cbot-oauth
I would like to make log in process easier for my users.
There have been improvements to the channels to support new authentication features, such as new WebChat and DirectLineJS libraries to eliminate the need for the 6-digit magic code verification. You can follow these links to prevent the magic code from showing up:
https://github.com/Microsoft/BotBuilder/issues/4632#issuecomment-441957719( refer to #compulim's comment here, who is the developer of Web Chat and has specified the steps to eliminate the magic code flow).
https://github.com/Microsoft/BotFramework-WebChat/pull/1218( pull request for the token server sample).
Also, note that if your browser is set to block 3rd party cookies, it will fallback to magic code flow.
Hope this helps.
For your bot emulator, you can disable this from your bot settings.
Go to bot emulator settings and uncheck the "use sign-in verification code .." option.
Related
I am not sure if what I am trying to do is even possible. I have a Slack App and via that SlackApp I want to control another Slack App which is not mine.
That's probably too abstract, so let's get into detail:
There is the SlackApp Foodtrain. If you are a user you just type "/lunchtrain Location Time" and it does it's job. I want my App to activate a Lunchtrain but if I just send a Message via Webhook thats '/lunchtrain Location Time' it doesn't activate the command. You can see it in plaintext. Is there any way to do this properly?
Thanks everybody for the help!
The official Slack API does not allow you to issue slash commands, but there is an undocumented API method called chat.command that has this functionality.
Usage example:
https://slack.com/api/chat.command?token=TOKEN&channel=C123456789&command=/who
Check out the documentation for the method on this github for details.
The issue originates from the bot framework itself, when I add a new Facebook channel for the first time everything works as expected, what I am trying to do is connecting multiple FB pages to the same bot, I read somewhere that you can do this by re-entering the page info and clicking "resubmit", the problem is when the "resubmit" button is clicked without first clicking "Deauthorize" first causes a problem, when I analyzed the request with the browser's inspector it seems that EnableChannelForBot method throws an error.
Also we are developing a service where users can register and link their FB pages to the bot just like ChatFuel or any other famous bot platform, the main problem is that bot framework is asking for a specific page id and access token per FB bot and you must do it manually through the bot framework dashboard, can we have an easy way to register the bot to multiple FB pages and without having to do so manually through an API or something Similar? Please work with us to provide a solution for this as soon as you can, Bot Framework is vital to our work and migrating to another SDK is going to be very costly and time-consuming.
I don't think that connecting multiple Facebook pages to the same bot is supported. Where did you read that?
Also, there is no API currently you can leverage on to register your bot/enable Facebook channel.
I'm a newb with Google OAuth and am trying to understand the different business/application models and which API credential types go with my particular situation.
I am creating a Chrome extension for someone for their own private use which accesses their Google Sheets docs using their personal Sheets account. So, I will not own the code or extension once I deliver it to them and end the contract. So, I do not want to have to maintain any authorization/API ID's or credentials after I deliver the extension and its source code. But, obviously, the extension must continue to work for them indefinitely.
The only way I can see how to accomplish this is to instruct the employer (who has no developer or development skills) on how to create the OAuth Client ID with their own Google API developer console. Then, they can enter the client ID and other codes if necessary into the extension config screen so the extension can use this information for authorizing API calls. This seems like a huge hassle for someone who just wants to buy an extension to do something simple.
Am I missing something? Is there an easier way?
P.S. I know this question doesn't follow the proper format for SO, but this is the only place Google has provided for asking API OAuth 2.0 questions.
Hi I got my bot approved and the app is live to the public, but it only sends responses to me. Please help. Im a beginner and not sure what's wrong
Update: Please see Messenger Bot Fails to Respond
Perhaps a bit late but perhaps this will help. I just got my bot approved today. In the App Review panel, I now see that 'pages_messaging' is enabled. Also, under the 'Messenger->Setting' I see 'Bot Ratings'. The bot appears to be open to the world as several people have accessed it.
http://messenger/t/dynamicmemorysolutions
please verify if your app is available to the general public.
Follow these steps:
Login to your facebook developer console.
In Basic settings provide an email.
In App Review switch to YES (general public)
In Roles section you can also define test users in order to verify that your Bot is working as expected.
Regards
We use OWIN middleware to log people in to our cloud application using OpenId Connect.
The issue is, we also want to access their Office 365 data through the new APIs.
Using OWIN to log in doesn't return us to our website with a CODE, and so using ADAL we send them right back to consent a second time and then get our tokens, etc...
Can we do this in one swoop?
Here is what Fiddler says OWIN uses to authenticate:
https://login.windows.net/common/oauth2/
authorize?
client_id=ourguid
&nonce=random characters
&response_mode=form_post
&response_type=code+id_token
&scope=openid+profile
&state=OpenIdConnect.AuthenticationProperties*more random characters*
&redirect_uri=http%3a%2f%2flocalhost%3a8683
&post_logout_redirect_uri=http%3a%2f%2flocalhost%3a8683
I see code+id_token in the Query String, but when it sends me back there is nothing in the URL at all.
You can do everything in a single leg in OpenId Connect via our OWIN components, there is a specific notification that is triggered when you get a code back and that you can handle to redeem that code.
See the sample at https://github.com/AzureADSamples/WebApp-WebAPI-OpenIDConnect-DotNet and specifically Startup.auth.cs for a demonstration of how it works.
Note: the RC we just released will make the code much simpler. I am still working on updating the sample to thate ffect, you can take a look at the RCUpdate branch to see the work in progress. However what is in the master branch is functional hence that should unblock you.
HTH!
Cheers,
V.