Problem:
Error: POST to 'https://CortanaBFChannelWestUS.azurewebsites.net/v3/conversations/../activities/6TZfwIQ7Fqv' failed: [500] Internal Server Error at Request._callback (D:\home\site\wwwroot\node_modules\botbuilder\lib\bots\ChatConnector.js:675:46) at Request.self.callback (D:\home\site\wwwroot\node_modules\request\request.js:185:22) at emitTwo (events.js:106:13) at Request.emit (events.js:191:7) at Request. (D:\home\site\wwwroot\node_modules\request\request.js:1161:10) at emitOne (events.js:96:13) at Request.emit (events.js:188:7) at IncomingMessage. (D:\home\site\wwwroot\node_modules\request\request.js:1083:12) at IncomingMessage.g (events.js:291:16) at emitNone (events.js:91:20)
Architecture: Aure Web-Bot : NodeJS SDKv3 Microsoft App Dev Luis Channels : Web/Cortana/Skype OAuth
Scenario: Upon hitting an intent based on an utterance the app successfully displays a "sign-in" card to the user and asks the user to sign in
After that the user is able to successfully log in using credentials that are authenticated using OAuth for access to Office 365
TestCase: Channel Skype: Successful display and login Channel Web: Successful display and login Channel Cortana: Fail ( No display of "sign-in"card)
Channel Cortana: Fail ( No display of "sign-in"card) Now i am using the Cortana app on an iphone and for the same utterance-intent-action this is what happens
Screen Shot Channel Cortana Invocation
And the error that shows up on the console is as shown above
Notes:
Within the Web-Bot framework When it is Skype or Web as a channel the callback for the OAuth is mapped to
server.get('/api/OAuthCallback',
passport.authenticate('azuread-openidconnect', { failureRedirect: '/'}),
(req, res) => {
const address = JSON.parse(req.query.state);
const messageData = { accessToken: req.user.accessToken, refreshToken: req.user.refreshToken, userId: address.user.id, name: req.user.displayName};
var continueMsg = new builder.Message().address(address).text(JSON.stringify(messageData));
bot.receive(continueMsg.toMessage());
res.send('Welcome ' + req.user.displayName + '. Login successful. You can close this browser window')
});
The basic idea for the OAuth as implemented being that the URl maps to a call back as defined in the Web-App-Platform.
But Cortana does say Cortana MSA Authentication and that didnt work
Can anyone shed some light as to what exactly is the problem i know i am missing something important as far as understanding is concerned.
Thank you
thanks for this.
Cortana's OAuth works differently from botframework.
Starting with the app registration; IF you turn on Cortana's "manage identity for you", Cortana will send the login card IF you turn on "sign in at invocation". Your bot never needs to send the login card as an attachment if Cortana is the channel. You register Microsoft AAD oauth endpoints on the Cortana channel config page, and then your app registration has the redirect url to https://www.bing.com/agents/oauth to let Cortana know what the auth token is.
Next, using Cortana's auth token, you will get it on the activity (message) after log in. With botframework, it is kept in keystore so you need to go get it.
If you do not have "sign in at invocation" on, you send an oauth card as an attachment and then Cortana will start the oauth flow, but only title is used in render of the login request by Cortana.
Note that the app registration; the redirect url has to be from the same domain as the initiator of the oauth flow. (And for Cortana, that is bing.)
If you do not want to use Cortana's OAuth, you leave the "Cortana will manage my identity" off. Use a sign in card and manage the oauth yourself. But then, don't forget you need to manage refresh tokens too (that Cortana will do for you if you use offline_access scope).
You can find more about Cortana oauth here; https://learn.microsoft.com/en-us/cortana/skills/authentication
I have some draft documentation on differences here; https://github.com/bw-kforce-ms/CortanaSkillsWIP/blob/master/Support/OAuth.md
Let me know if this helps.