search

watson-developer-cloud / botkit-middleware

A middleware to connect Watson Conversation Service to different chat channels using Botkit
https://www.npmjs.com/package/botkit-middleware-watson
Apache License 2.0
207 stars 257 forks source link

Which version of watson-developer-cloud is safe to upgrade to, if using middleware version 1.8.2? #205

Open pgoldweic opened 4 years ago

pgoldweic commented 4 years ago

I recently upgraded my bot code to botkit-middleware-watson version 1.8.2 (as I was migrating out of Cloud Foundry authentication). Yesterday we received an authorization error from Watson indicating that the refresh token in use had expired: Error: { .... removed attributes here... ,"errorCode":"BXNIM0408E","errorMessage":"Provided refresh token is expired"} {"cause":{"code":400},"isOperational":true,"code":400} This suggests to me that the watson-developer-cloud sdk (used by the middleware) is not appropriately handling token refreshes. Am I right? If so, knowing that the version (of watson-developer-cloud) used by botkit-middleware-watson is 3.18.4, and assuming that later versions of the same module might correct the problem, which version should I upgrade to that is compatible with the middleware? Or, I'll be glad to hear other advise too, of course.

Naktibalda commented 4 years ago

I have no idea what the refresh token is.

There is no version of Watson middleware which supports Botkit 0.7 and node SDK 4 (new name of the package is ibm-watson).

If you want to keep using Botkit 0.7, it is up to you to update v1 of the middleware to support newer versions.

pgoldweic commented 4 years ago

Thanks for replying!. The refresh token is supposed to be managed by the IBM sdk and is used for authorization (in a manner similar or analogous to OAuth2 tokens apparently). Apparently the IBM sdk is buggy as it respects to managing these tokens in earlier versions (as I'm only now finding this out, as it became apparent only after my recent adoption of IAM for authentication within Watson Assistant, when I recently migrated the code out of Cloud Foundry authentication ), and they told me that later versions of the sdk (4 and 5) don't even use refresh tokens, so this should resolve the problem. I understand (and agree with) your point about the responsibility for updating to newer versions of the Watson sdk. I guess I'm just wondering if you know a bit more about the relationship between the two (middleware vs watson sdk), that would hint at the difficulty level of this task. After all, I'd have to somehow evaluate the difficulty of this task vs. that of upgrading to a current version of botkit (with all that that entails, of course). As I'm writing this, I'm realizing that I should ask this specific question possibly in the other project too.