什么是botframework安全模型? [英] What is the botframework security model?

问题描述

我正在探索Microsoft Bot Builder SDK，以创建一个与MS Teams集成的聊天机器人.提供的大多数示例没有任何身份验证机制，并且引用OAuth的示例似乎这样做是为了允许漫游器使用代表流"访问资源.认为安全模型的正确方法是应该将僵尸程序视为公开的，并且所访问的任何非公开信息都是从主叫用户的上下文中完成的吗?

I am exploring the Microsoft Bot Builder SDK to create a chat bot that integrates with MS Teams. Most of the provided samples do not have any authentication mechanisms and the samples that reference OAuth seem to do so for allowing the bot to access a resource using the on-behalf-of flow. Is correct way to think of the security model is that the bot should be considered public and any non-public information accessed is done from the context of the calling user?

推荐答案

Bot框架需要考虑三种身份验证/授权:

The Bot Framework has three kinds of authentication/authorization to consider:

1. 启动auth -Microsoft应用ID和密码
2. 客户端身份验证-直线机密/令牌或其他渠道的各种机制

1. Bot auth - Microsoft app ID and password
2. Client auth - Direct Line secret/token, or various mechanisms for other channels
3. User auth - OAuth cards/prompts/tokens

不幸的是，有关哪个文档的文档存在一些不一致之处，但是我在这里提出了一个问题: https://github.com/MicrosoftDocs/bot-docs/issues/1745

Unfortunately there's some inconsistency in the documentation about which is which, but I've just raised an issue about that here: https://github.com/MicrosoftDocs/bot-docs/issues/1745

在任何情况下，都无需将所有机器人都视为公共".Bot Builder SDK使用其应用程序ID和密码对传入消息和传出消息进行身份验证.这意味着任何未经授权的发送到bot端点的消息都将被拒绝，并且其他任何bot都不能假冒您的僵尸.

In any case, there's no need to think of all bots as "public." The Bot Builder SDK authenticates both incoming messages and outgoing messages using its app ID and password. This means any unauthorized messages sent to the bot's endpoint will be rejected, and no other bot can impersonate yours.

通常，如果您希望漫游器代表用户访问安全信息，则应该让用户登录.但是，由于您提到要限制机器人对特定租户的访问，因此我可以简要解释如何做到这一点.您可以找到中间件

In general you should have the user sign in if you want the bot to access secure information on the user's behalf. But since you mentioned wanting to restrict bot access to specific tenants, I can briefly explain how to do that. You can find middleware here that does it in C#, and here's a modified version of the code that I think improves on it by using a hash set instead of a dictionary:

public class TeamsTenantFilteringMiddleware : IMiddleware
{
    private readonly HashSet<string> tenantMap;
 
    public TeamsTenantFilteringMiddleware(IEnumerable<string> allowedTenantIds)
    {
        if (allowedTenantIds == null)
        {
            throw new ArgumentNullException(nameof(allowedTenantIds));
        }
 
        this.tenantMap = new HashSet<string>(allowedTenantIds);
    }
 
    public async Task OnTurnAsync(ITurnContext turnContext, NextDelegate next, CancellationToken cancellationToken = default(CancellationToken))
    {
        if (!turnContext.Activity.ChannelId.Equals(Channels.Msteams, StringComparison.OrdinalIgnoreCase))
        {
            await next(cancellationToken).ConfigureAwait(false);
            return;
        }
 
        TeamsChannelData teamsChannelData = turnContext.Activity.GetChannelData<TeamsChannelData>();
        string tenantId = teamsChannelData?.Tenant?.Id;
 
        if (string.IsNullOrEmpty(tenantId))
        {
            throw new UnauthorizedAccessException("Tenant Id is missing.");
        }
 
        if (!this.tenantMap.Contains(tenantId))
        {
            throw new UnauthorizedAccessException("Tenant Id '" + tenantId + "' is not allowed access.");
        }
 
        await next(cancellationToken).ConfigureAwait(false);
    }
}

这篇关于什么是botframework安全模型?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！