如何让Azure的Active Directory的B2C运用BOT框架的工作? [英] how to get Azure Active Directory B2C working with Bot Framework?
问题描述
到目前为止我没有能够得到这个工作与机器人框架。我花了一整天,但只走完.NET API的例子(<一个href=\"https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet\">https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet)与AD B2C合作。我不知道它抓住,我想传递给BotUserData ...
so far I've not been able to get this working with the bot framework. I spent all day but only managed to get .net api example (https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet) working with AD B2C. I'm not sure where it grabs the bearer token that I want to pass to BotUserData...
我试过以下<一个href=\"https://azure.microsoft.com/en-us/blog/bot-framework-made-better-with-azure/\">https://azure.microsoft.com/en-us/blog/bot-framework-made-better-with-azure/
但在现实中的解决方案并不成功打造,我已经使出只是把code从那里进入我的机器人框架示例模板....但是,当它要求我通过MS登录而我呢,我不能够继续和它似乎并不像博客使用AD B2C策略。
but in reality the solution does not build successfully and I've resorted to just taking code from there and into my bot framework sample template....however, when it asks me to login through MS and I do, I am not able to proceed and it doesn't seem like that blog is using the AD B2C policies.
你怎么这么集成AD B2C与博特框架?是否有可能调用/帐号/签到网址从BOT框架来对用户进行认证?之后,你会如何捕捉令牌,并将其传递给BotUserData?
so how do you integrate AD B2C with Bot Framework? Is it possible to call /Account/SignIn URL from bot framework to authenticate the user? Afterwards, how would you capture the token and pass it to BotUserData?
推荐答案
您可能想看看到的 Facebook的身份验证样本得到了验证方案的潜在流动的想法。对于Azure的AD,你需要做一个类似的流程。
You might want to take a look to the Facebook Auth sample to get an idea of a potential flow for the Auth scenario. For Azure AD, you need to do a similar flow.
让我们假设你的用户发送一个登录的消息到你的机器人。机器人应该具有权威性的网址回应,并要求用户使用URL登录到服务。您可以使用 GetAuthorizationRequestURL 为ADAL的方法。
Let's say your user send a "Login" message to your bot. The bot should respond with an auth URL and ask the user to login to the service using that URL. You can use the GetAuthorizationRequestURL method of ADAL for that.
然后,你将有一个Web API,它基本上会暴露一个端点,这将是天青AD的答复URL。一旦用户完成登录,消息将被张贴到你的Web API,您将能获得授权code和执行调用,以获得访问令牌。在此之后,你可以做他们的<一个在做同样的href=\"https://github.com/Microsoft/BotBuilder/blob/master/CSharp/Samples/SimpleFacebookAuthBot/Controllers/OAuthCallbackController.cs\"相对=nofollow> Facebook的示例Web API 涉及恢复与机器人交谈,与访问令牌发送消息(这样它可以在PerUserInConversationData袋被持久化(检查<一href=\"https://github.com/Microsoft/BotBuilder/blob/master/CSharp/Samples/SimpleFacebookAuthBot/SimpleFacebookAuthDialog.cs#L125\"相对=nofollow> code这个线)。
Then you will have a Web API which will basically expose an endpoint that will be the reply URL of Azure AD. Once the users completes the login, a message will be posted to your Web API where you will be able to get the authorization code and perform the calls to get the Access Token. After that, you can just do the same they are doing in the Facebook Sample Web API which involves resuming the conversation with the Bot, sending a message with the access token (so it can be persisted in the PerUserInConversationData bag (check this line of code).
之后,你有可供执行需要一个访问令牌的任何电话访问令牌。
After that you have the access token available to perform any call that requires an access token.
的更新的
有,你可能想看一看,因为他们正在实施的工作流程正在讨论两个新的样本。
There are two new samples that you might want to take a look since they are implementing the workflow being discussed.
- 从BotBuilder回购GraphBot 。
- AuthBot 从垫韦洛索
- GraphBot from the BotBuilder repo.
- AuthBot from Mat Velloso
希望这有助于。
这篇关于如何让Azure的Active Directory的B2C运用BOT框架的工作?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
