Open Loprock opened 1 month ago
@Loprock That error indicates the token the bot received does not contain the correct audience claim. The expectation is that the audience claim matches the bots AppId. Is 4.11.0 correct? That was released in Nov 2020. If accurate, this is ually because the config for the bot is wrong.
The config was correct.. i verified it multiple times. but the issue persists
As a start, I would recommend updating to the latest released version, and review what changed around March. But if you've been using this bot without changes, and it started happening in March, this would lead to some other change outside the bot happening.
Tried doing it on multiple bots, each with a different AppId, getting the same error every time, with the new AppId in the logs.
getting the exact same error - > [Errno Unauthorized. Invalid AppId passed on token: ]
The exact cause is the 'aud' claim in the token the bot received doesn't match the bots appId in config. This is part of token validation. If your bot hasn't changed then this is a config issue elsewhere. Did your Azure resources change? If you run the bot in debug, and break in your app.py, 'messages' function. Take the token in the 'Authorization' header and decode it (search for 'JWT token decoder'). You'll be able to see what 'aud' claim is being sent.
I actually run the bot from within a script that runs on a VM I use (as part of a bigger product), when I do that I can't really break the code in that exact spot since it's a production environment so I can only throw logs outside while it's active. is there any way to see this 'aud' claim without a breakpoint? can I get it through a field within the class? or add it to the exception data somehow?
You could log it. I would recommend removing that log message when done though.
Actually... the error message should have the appId it received in it.
The AppID I got matches exactly to the one I have in my Azure app and the same one I set over the .conf file over the machine
@tracyboehrer I also saw this thread, which was magically solved one day, I think the issue isn't on my end, is it possible that it's on Microsoft's end? https://github.com/microsoft/botbuilder-python/issues/1983
Github issues should be used for bugs and feature requests. Use Stack Overflow for general "how-to" questions.
Version
botbuilder-schema==4.11.0 botframework-connector==4.11.0
Describe the bug
Using python. After using the following request 'JwtTokenValidation.authenticate_request' we started getting the error: [Errno Unauthorized. Invalid AppId passed on token: ] b****-4-4-8-a*** this issue started occurring from ~March 2024
To Reproduce
Steps to reproduce the behavior: the whole flow is represented in the code snippet. after the main init we try to setup a webhook which is failing
Expected behavior
we want the auth to get approved and manage to communicate
Screenshots
If applicable, add screenshots to help explain your problem.
Additional context
adding a code snippet to show the flow (only relevant for this issue)