Search code examples
c#oauth-2.0.net-corebotframeworkgithub-api

Bot Framework SDK v4 OAuth with Github

I want to create a bot that can be authenticated with GitHub and the access the users repositories and notify the users with any PRs etc. I have tried the authentication sample given by Microsoft listed here. But I do not understand how to change it to suit my need.

I have implemented OAuth in my application as follows, since it is a dotnet core application.

public void ConfigureServices(IServiceCollection services)
    {

        // Set up the service configuration
        var builder = new ConfigurationBuilder()
            .SetBasePath(ContentRootPath)
            .AddJsonFile("appsettings.json")
            .AddEnvironmentVariables();


        services.AddAuthentication(options =>
        {
            options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
            options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
            options.DefaultChallengeScheme = "GitHub";
        })
        .AddCookie()
        .AddOAuth("GitHub", options =>
        {
            options.ClientId = Configuration["GitHub:ClientId"];
            options.ClientSecret = Configuration["GitHub:ClientSecret"];
            options.CallbackPath = new PathString("/signin_github");

            options.AuthorizationEndpoint = "https://github.com/login/oauth/authorize";
            options.TokenEndpoint = "https://github.com/login/oauth/access_token";
            options.UserInformationEndpoint = "https://api.github.com/user";

            options.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "id");
            options.ClaimActions.MapJsonKey(ClaimTypes.Name, "name");
            options.ClaimActions.MapJsonKey("urn:github:login", "login");
            options.ClaimActions.MapJsonKey("urn:github:url", "html_url");
            options.ClaimActions.MapJsonKey("urn:github:avatar", "avatar_url");

            options.Events = new OAuthEvents
            {
                OnCreatingTicket = async context =>
                {
                    var request = new HttpRequestMessage(HttpMethod.Get, context.Options.UserInformationEndpoint);
                    request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
                    request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", context.AccessToken);

                    var response = await context.Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, context.HttpContext.RequestAborted);
                    response.EnsureSuccessStatusCode();

                    var user = JObject.Parse(await response.Content.ReadAsStringAsync());

                    context.RunClaimActions(user);
                }
            };
        });

        var configuration = builder.Build();
        services.AddSingleton(configuration);
        // Add your SimpleBot to your application
        services.AddBot<RichCardsBot>(options =>
        {
            options.CredentialProvider = new ConfigurationCredentialProvider(configuration);
        });


    }

I do not understand how to invoke this from my bot UI. Any help will be appreciated. Thank you.

Solution

  • Looks like you are going about this the wrong way to work in bot framework. You should follow this guide. The guide covers how to set up AAD, but still covers the basics of how to setup an OAuth connection in the Azure portal.

    To set up github you will click on the add connection button in the settings tab of your bot channels registration and fill out the info needed, it will look like this:

    GitHub Connection

    In your bot, you will have to send the user an OAuth card as you see in the example and the rest of the OAuth flow will be handled by the framework assuming your connection has been setup correctly in the Azure portal.