search

microsoftarchive / botauth

Authentication middleware for the botframework
MIT License
73 stars 78 forks source link

What should be value of YOUR_DOMAIN_GOES_HERE ? #41

Open rjgmail88 opened 6 years ago

rjgmail88 commented 6 years ago

This might feel like very basic question but I'm confused on what exactly the value of this variable would be. Will it be azure app service or some Sprint boot localhost ? According to the documentation here I used azure endpoint of bot service in AADv2 apps.dev portal as well as in apps.js but I get following error.

{"code":"ResourceNotFound","message":"/botauth/aadv2 does not exist"}

rjgmail88 commented 6 years ago

Also, on apps.dev.microsoft.com in need following url's Redirect URLs = https://{**???????????**}/botauth/aadv2/callback Home page URL = https://{**???????**}/botauth/aadv2

  1. I tried azure bot service endpoint but it didn't work.
  2. I ran localhost:port using sprint boot and used localhost:port as MY_domain but did not work.
  3. My ngrok have same issue

I doubt if it has to be host part of Bot endpoint http://{**?????**}:3979/api/messages

rjgmail88 commented 6 years ago

@EricDahlvang Please let me know if you could answer. I would appreciate.

rjgmail88 commented 6 years ago

I'm getting following error in the browser.

Sign in Sorry, but we’re having trouble signing you in.

AADSTS50011: The reply address 'https://localhost:3979/botauth/aadv2/callback' does not match the reply addresses configured for the application: '6a582*****e449b613f0'. More details: not specified

iMicknl commented 6 years ago

@rjgmail88 you can't use a localhost domain for Azure AD authentication. It has to be a public facing URL, like a webapp you have deployed on Azure. If you want to expose your localhost for development, have a look at ngrok.

rjgmail88 commented 6 years ago

I hosted my bot in azure so I have https public endpoint as my domain. I am able to see Microsoft login page, once entered my AAD account and password it takes me to my Corp specific login page. Once I re-enter credentials I get 403 error. This is weird because I'm using same app and same user to generate token to hit MS graph API's from Postman. But, I validated my credentials to be correct 100% correct. In fact use same corp account through CORTANA skill where I use AAdv1 for authentication.

rjgmail88 commented 6 years ago

Sometimes error says

"failed to get bot state"