This is a Bot Framework v4 bot authentication sample, shows how to enable Bot App to use certificate to perform bot auth, check token claims in bot cummunication,also includes multiple turns prompts working in WebBot channel, Teams Channel, Bot Emulator.
Cert Bot Auth logic is in https://github.com/freistli/CertAuthJSBot/blob/main/MyServiceClientCredentialsFactory.js,
To verify claims from clients check https://github.com/freistli/CertAuthJSBot/blob/main/MyBotFrameworkAuthentication.js
The bot app use Certificate to do Bot App Auth. The test certificate can be self-signed. To create self-signed certificate:
$cert=New-SelfSignedCertificate -Subject "CN=flbutauth" -CertStoreLocation "Cert:\CurrentUser\My" -KeyExportPolicy Exportable -KeySpec Signature
Export-Certificate -Cert $cert -FilePath "C:\temp\selfsign.cer"
$mypwd = ConvertTo-SecureString -String "<your password>" -Force -AsPlainText
Export-PfxCertificate -Cert $cert -FilePath "C:\temp\selfsign.pfx" -Password $mypwdAnd then follow this article to get private key file to use in https://github.com/freistli/CertAuthJSBot/blob/main/MyServiceClientCredentialsFactory.js
Don'f forget to upload the self signed certificate to the AAD registered app.
This bot has been created using Bot Framework, it shows how to use authentication in your bot using OAuth too. To set it up, check https://github.com/microsoft/BotBuilder-Samples/tree/main/samples/javascript_nodejs/46.teams-auth
The sample uses the bot authentication capabilities in Azure Bot Service, providing features to make it easier to develop a bot that authenticates users to various identity providers such as Azure AD (Azure Active Directory), GitHub, Uber, etc.
-
Node.js version 10.14 or higher
# determine node version node --version
-
Clone the repository
git clone https://github.com/freistli/CertAuthJSBot.git
-
In a console, navigate to
CertAuthJSBotcd CertAuthJSBot -
Install modules
npm install
-
Deploy your bot to Azure, see Deploy your bot to Azure
After Authentication has been configured via Azure Bot Service, you can test the bot.
Bot Framework Emulator is a desktop application that allows bot developers to test and debug their bots on localhost or running remotely through a tunnel.
- Install the latest Bot Framework Emulator from here
- Launch Bot Framework Emulator
- File -> Open Bot
- Enter a Bot URL of
http://localhost:3978/api/messages
This sample uses bot authentication capabilities in Azure Bot Service, providing features to make it easier to develop a bot that authenticates users to various identity providers such as Azure AD (Azure Active Directory), GitHub, Uber, etc. These updates also take steps towards an improved user experience by eliminating the magic code verification for some clients.
To learn more about deploying a bot to Azure, see Deploy your bot to Azure for a complete list of deployment instructions.
- Bot Framework Documentation
- Bot Basics
- Azure Portal
- Add Authentication to Your Bot Via Azure Bot Service
- Activity processing
- Azure Bot Service Introduction
- Azure Bot Service Documentation
- .NET Core CLI tools
- Azure CLI
- Azure Portal
- Language Understanding using LUIS
- Channels and Bot Connector Service
- Restify
- dotenv