Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Azure Gov WebChat: DirectLine Enhanced Authentication resulted in magic number authentication
See original GitHub issueScreenshots
Bot channel registration directline settings
Load bot from trusted URL
OAuthPrompt card displayed in webchat
Error in F12 after clicking on the button
A new tab for magic code was opened
Version
4.7.1 through NPM
Describe the bug
v4.7.2 .NET Core Bot is hosted in Microsoft Azure Government (MAG). DirectLine Enhanced Authentication does not work in trusted urls and resulted in magic code authentication instead of the expected behavior (new tab open and close automatically without user having to do manual input). F12 on browser displayed the following error
GET https://directline.botframework.azure.us/v3/directline/session/getsessionid 500
The error
Steps to reproduce
-
Setup a sample auth bot in Azure MAG.
-
Use the following values in appsettings.json
{ "BotEnv": "usgovprd", "ChannelService": "https://botframework.azure.us", "MicrosoftAppId": "[Omited]", "MicrosoftAppPassword": "[Omitted]", "ScmType": "None", "isAzureGovernment": true, "OAuthConnectionName": "aadv2" } -
Use the following codes before prompting the OAuthPrompt card.
OAuthClientConfig.OAuthEndpoint = "https://token.botframework.azure.us"; MicrosoftAppCredentials.TrustServiceUrl("https://token.botframework.azure.us"); -
Configure directline channel on the bot channel registration. Enable Enhanced Authentication and add a trusted url.
-
Configure an OAuth authentication connection with AADV2 as provider. The service principal used is from a GCC tenant.
-
Get a token from https://directline.botframework.azure.us/v3/directline/tokens/generate with a user id ‘dl_[new guid]’
-
Add a webchat control to the home page of the trusted url with code similar to below
let directLineConnection = window.WebChat.createDirectLine({ token: accessToken, domain: 'https://directline.botframework.azure.us/v3/directline' }); ..... window.WebChat.renderWebChat({ directLine: directLineConnection, store, styleOptions }, document.getElementById('webchat')); -
Go to the trusted url to launch the homepage and webchat.
-
Interact with the bot to get an OAuthPrompt card back.
-
Click on the OAuthPrompt card.
-
Magic code authentication screen is displayed instead of the expected behavior
Expected behavior
The OAuthPrompt card should open up a new browser tab, close it, and auth token is received automatically in webchat as on the Azure commercial side.
Note
The magic code can be used to successfully authenticate the user.
Issue Analytics
- State:
- Created 4 years ago
- Comments:12 (5 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@p-nagpal I confirm that the issue has been resolved in both Arlington and Fairfax datacenters. Please proceed with closing the ticket. Thank you fort he quick responses.
@p-nagpal you are right. My mistake. I turned off Enhanced Authentication during testing. It is working in the Fairfax datacenter now. I will test the other us gov bot that is in the Arlington datacenter on Monday.