search

microsoft / BotFramework-Hubot

Hubot adapter for botframework
MIT License
111 stars 40 forks source link

Hubot does not respond to Azure #25

Closed ryanwwt closed 5 years ago

ryanwwt commented 6 years ago

Hi,

I'm attempting to setup a connection between Azure -> EC2 -> botframework-hubot. I've managed to get a response(error 401) from hubot when sending via POSTMAN.

After setting up, the appId and appPassword in botframework, I tried to send a message to hubot via Azure but there's not response.

Any help/advice is greatly appreciated.

MatSFT commented 6 years ago

I think we need a lot more details here. Does the azure portal report any errors?

ryanwwt commented 6 years ago

Hi Matt,

Thanks for the reply. Azure is only showing something generic like “There was an error sending this message to your bot.”

tom-halpin commented 6 years ago

@MattSF I am encountering a similar issue having followed the instructions in the readme. What I think would help is a link to worked example which included a Hubot script that has the end point exposed at api/messages as I suspect the issue is being caused by something small in my interpretation of the instructions provided in said readme.md.

MatSFT commented 6 years ago

Here is what I did:

  1. yo hubot (yeoman generator for a hubot) and choose botframework as the adapter
  2. Configure a bot channel registration in azure skipping the endpoint (we don't have one yet)
  3. Getting the MS App Id and Secret from Azure after registration
  4. Setting the BOTBUILDER_APP_ID and BOTBUILDER_APP_PASSWORD to the correct values you got in #3
  5. ./bin/hubot -a botframework should get you a bot running on port 8080
  6. ngrok or some other tunneling service to expose the localhost on the internet
  7. Configure azure bot channel registration to your internet accessible messaging endpoint.
  8. I uncommented the first script in scripts/example.coffee (the one that responds to hearing 'badger')
  9. Seems to work in azure

image

mattsf commented 6 years ago

Hello matt. I believe you have the wrong matt. Please check the source of the question carefully. Thanks.

matt

On Jun 29, 2018, at 10:07 AM, Matt Stankiewicz notifications@github.com wrote:

Here is what I did:

yo hubot (yeoman generator for a hubot) and choose botframework as the adapter Configure a bot channel registration in azure skipping the endpoint (we don't have one yet) Getting the MS App Id and Secret from Azure after registration Setting the BOTBUILDER_APP_ID and BOTBUILDER_APP_PASSWORD to the correct values you got in #3 ./bin/hubot -a botframework should get you a bot running on port 8080 ngrok or some other tunneling service to expose the localhost on the internet Configure azure bot channel registration to your internet accessible messaging endpoint. I uncommented the first script in scripts/example.coffee (the one that responds to hearing 'badger') Seems to work in azure

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.

tom-halpin commented 6 years ago

@MattSFT thanks,

followed those steps and got it working from the test feature end point that worked for me was

https://_nnnnnn_.ngrok.io/api/messages

MatSFT commented 6 years ago

@ryanwwt were you able to get yours working?

ryanwwt commented 6 years ago

Hi Matt,

After installing ngrok, I was able to send messages to hubot. From hubot's response, it seems like it was able to receive the message and send the reply out.

[Tue Jul 03 2018 03:31:40 GMT+0000 (Coordinated Universal Time)] DEBUG Message 'badger' matched regex //badger/i/; listener.options = { id: null } [Tue Jul 03 2018 03:31:40 GMT+0000 (Coordinated Universal Time)] DEBUG Executing listener callback for Message 'badger' [Tue Jul 03 2018 03:31:40 GMT+0000 (Coordinated Universal Time)] INFO hubot-botframework-adapter: send [Tue Jul 03 2018 03:31:40 GMT+0000 (Coordinated Universal Time)] INFO hubot-botframework-adapter: reply [Tue Jul 03 2018 03:31:40 GMT+0000 (Coordinated Universal Time)] INFO hubot-botframework-middleware: creating middleware... [Tue Jul 03 2018 03:31:40 GMT+0000 (Coordinated Universal Time)] INFO hubot-botframework-middleware: TextMiddleware toSendable

I was not able to view the response in Azure though. Is there something that I left out?

Thanks.

paulsancer commented 6 years ago

@ryanwwt I think it listens but it can't reply back due to either wrong environment variables (app id and key) or some kind of network issue (like porxy, but if ngrok works it should not be a proxy issue I guess).

Also, I noticed a different behavior when using azure test chat vs using teams: sometimes you need to mention the bot's alias (ie hubot badger).

ryanwwt commented 6 years ago

@Polkien thanks for the feedback.

Correct me if I'm wrong but if I'm able to send the message over from Azure to Hubot, then I think the "wrong AppId and Key" theory should be invalid as well.

I tested with hubot badger etc, it shows the same response as above.

I did test with something that was not in the script (eg. Test) and this is what I see [Tue Jul 03 2018 05:58:13 GMT+0000 (Coordinated Universal Time)] INFO hubot-botframework-adapter: onBotEvents [Tue Jul 03 2018 05:58:13 GMT+0000 (Coordinated Universal Time)] INFO hubot-botframework-adapter: Handling activity Channel: webchat; type: message [Tue Jul 03 2018 05:58:13 GMT+0000 (Coordinated Universal Time)] INFO hubot-botframework-middleware: creating middleware... [Tue Jul 03 2018 05:58:13 GMT+0000 (Coordinated Universal Time)] INFO hubot-botframework-middleware: TextMiddleware toReceivable [Tue Jul 03 2018 05:58:13 GMT+0000 (Coordinated Universal Time)] DEBUG No listeners executed; falling back to catch-all

paulsancer commented 6 years ago

The fact that Azure can post messages to your bot only means you successfully exposed your bot to internet and configured the endpoint in azure to point to it (ie https://yourRandomID.ngrok.io/api/messages), but anyone with the endpoint address could post messages to your bot even if they don't have the app id and key as far as I know.

So, Azure can talk to your bot, but for some reason your bot cannot reply back... Even when you see it trying in the logs. Which still could be due to wrong id and key. Is it showing the correct ID when it first boots?

tom-halpin commented 6 years ago

@ryanwwt how are you trying to reply to the room, msg.send worked for me having followed the instructions above re the setup of the Bot?

MatSFT commented 6 years ago

If you are getting this far: [Tue Jul 03 2018 03:31:40 GMT+0000 (Coordinated Universal Time)] INFO hubot-botframework-middleware: TextMiddleware toSendable

Then the bot is responding properly and you should see the response in the web chat in azure. Not sure what is failing for you =(. Anything interesting in the logs?

@Polkien while anyone can technically post to your api/messages endpoint, the message coming in has a JWT token signed by AAD to verify that it came from a proper source. The botbuilder SDK (package that this adapter relies on) does this check for every message. Every response is also authorized with a JWT token that your bot retrieves from AAD for us to verify as well.

ryanwwt commented 6 years ago

@MattSFT I tried looking for something in the logs but can't find anything. If hubot is working fine, then the response might be stuck at EC2. Not sure what could be the issue and any help/suggestions are appreciated.

On a different note, ngrok refreshes every 8 hours, and I'll have to configure Azure's endpoint again. Is there a long-term solution for this instead of ngrok? A static address maybe?

MatSFT commented 6 years ago

There are long term solutions.

  1. Run hubot on a public cloud such as Azure. This will give you a public web URL. This might not be an option if your hubot needs access to local resources.
  2. Configure your network and firewalls to expose your local hubot on the internet.
  3. Register for ngrok with a free account. This will give you a static endpoint that does not expire
  4. Try an alternative to ngrok. I've enjoyed using serveo in the past.
ryanwwt commented 6 years ago

Thanks @MattSFT

I'm still looking for the issue but no progress as of yet.

ryanwwt commented 6 years ago

Hi @MattSFT,

I managed to get hubot to work using ngrok. Now I found that I need a valid SSL cert so that I can stop using ngrok and use AWS as a connector between Azure and Botframework.

The specifications I found is as below: The Bot Framework requires that the x.509v3 certificate exposed by your endpoint be current and valid. Most of the checks for "current and valid" are standard checks for server certs: the CN must match the hostname, it must not be expired, it must not be listed in a CRL, it must have the correct set of EKUs, etc.

Can you give me a sample on what kind of CN I need?

MatSFT commented 6 years ago

You just need a standard SSL cert. Botframework makes calls to your bot using HTTPS so as long as you have a valid signed and trusted certificate for your endpoint domain, you should be good.

MatSFT commented 6 years ago

Alternatively azure provides an SSL cert for most azure based services like app service instances so you can just use the Azure SSL cert if you stick to the .azurewebsites,net domain

ryanwwt commented 6 years ago

@MattSFT, since I'm using AWS's EC2 for this and botframework requires an SSL recognized by Microsoft. Does this mean I'd need to register a domain name in order to obtain an external CA signed cert?

MatSFT commented 6 years ago

Botframework requires an HTTPS connection to your bot using an SSL certificate signed by a valid certificate signing authority. I'm not sure how EC2 generates their SSL certificates.

MatSFT commented 5 years ago

Closing due to inactivity