search

OfficeDev / microsoft-teams-sample-meetings-token

Microsoft Teams meeting extensibility sample: token passing
MIT License
13 stars 10 forks source link

Token validation failed #4

Closed fmExcense closed 3 years ago

fmExcense commented 3 years ago

Hi guys, thank you for your sample!

Unfortunately, I encounter some difficulties running it. I have built the app, and installed it on Teams. When I try to send a message to my bot (running locally, tunnelled with ngrok), a SecurityTokenSignatureKeyNotFoundException is raised. Here is the detailed exception:

Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler: Information: Failed to validate the token.

Microsoft.IdentityModel.Tokens.SecurityTokenSignatureKeyNotFoundException: IDX10501: Signature validation failed. Unable to match key: 
kid: 'Su-pdZys9LJGhDVgah3UjfPouuc'.
Exceptions caught:
 ''. 
token: '{"alg":"RS256","kid":"Su-pdZys9LJGhDVgah3UjfPouuc","typ":"JWT","x5t":"Su-pdZys9LJGhDVgah3UjfPouuc"}.{"serviceurl":"https://smba.trafficmanager.net/emea/","nbf":1603194699,"exp":1603198299,"iss":"https://api.botframework.com","aud":"3d5b82c3-911f-46a1-8993-5d89e664980c"}'.
   at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateSignature(String token, TokenValidationParameters validationParameters)
   at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken)
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler: Information: Bearer was not authenticated. Failure message: IDX10501: Signature validation failed. Unable to match key: 
kid: 'Su-pdZys9LJGhDVgah3UjfPouuc'.
Exceptions caught:
 ''. 
token: '{"alg":"RS256","kid":"Su-pdZys9LJGhDVgah3UjfPouuc","typ":"JWT","x5t":"Su-pdZys9LJGhDVgah3UjfPouuc"}.{"serviceurl":"https://smba.trafficmanager.net/emea/","nbf":1603194699,"exp":1603198299,"iss":"https://api.botframework.com","aud":"3d5b82c3-911f-46a1-8993-5d89e664980c"}'.

When I try to communicate with my bot using the Bot Framework Emulator, everything is working. If I try to communicate with it using the Web Chat, I also receive a SecurityTokenSignatureKeyNotFoundException :

Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler: Information: Failed to validate the token.

Microsoft.IdentityModel.Tokens.SecurityTokenSignatureKeyNotFoundException: IDX10501: Signature validation failed. Unable to match key: 
kid: 'yAVt9Pqi6ErxveBKNVwsmDgVC0k'.
Exceptions caught:
 ''. 
token: '{"alg":"RS256","kid":"yAVt9Pqi6ErxveBKNVwsmDgVC0k","x5t":"yAVt9Pqi6ErxveBKNVwsmDgVC0k","typ":"JWT"}.{"serviceurl":"https://webchat.botframework.com/","nbf":1603195195,"exp":1603195795,"iss":"https://api.botframework.com","aud":"3d5b82c3-911f-46a1-8993-5d89e664980c"}'.
   at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateSignature(String token, TokenValidationParameters validationParameters)
   at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken)
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler: Information: Bearer was not authenticated. Failure message: IDX10501: Signature validation failed. Unable to match key: 
kid: 'yAVt9Pqi6ErxveBKNVwsmDgVC0k'.
Exceptions caught:
 ''. 
token: '{"alg":"RS256","kid":"yAVt9Pqi6ErxveBKNVwsmDgVC0k","x5t":"yAVt9Pqi6ErxveBKNVwsmDgVC0k","typ":"JWT"}.{"serviceurl":"https://webchat.botframework.com/","nbf":1603195195,"exp":1603195795,"iss":"https://api.botframework.com","aud":"3d5b82c3-911f-46a1-8993-5d89e664980c"}'.

I have followed this tutorial to set up my bot auth.

Any clue on this issue?

Thanks a lot,

François

tinsheep commented 3 years ago

I have the same exact issue. François - did you get this to work?

fmExcense commented 3 years ago

Nope.

cristianoag commented 3 years ago

Recheck the values you have on appsettings.json file. Make sure ApplicationIdUri is equal to MicrosoftAppId. Also verify if your secret is correct on MicrosoftAppPassword. I got that error when my ApplicationIdUri was copied from the Application ID URI in the Azure App registration, it needs to be equal to MicrosoftAppId on the file.

fmExcense commented 3 years ago

Thank you, it is working now.