Search code examples
c#authenticationactive-directorybotframeworkweb-chat

AD authentication token is not getting same for every user in bot framework V4 web chat

I am using Bot Framework V4, AD Authentication for our bot is working fine.But when ever i am trying to user new session it is taking the same Token by which it is logged previously. So I am getting the same data in all the sessions. I am using AuthenticationDialog provided by Enterprise Bot Template

Actual: I am getting logged in once and it is staying logged in all sessions(even in other machines) Expected: I expect every session should take me to the sign in card(OAurth card)

public class AuthenticationDialog : ComponentDialog
{
    private static AuthenticationResponses _responder = new AuthenticationResponses();

    public AuthenticationDialog(string connectionName)
        : base(nameof(AuthenticationDialog))
    {
        InitialDialogId = nameof(AuthenticationDialog);
        ConnectionName = connectionName;

        var authenticate = new WaterfallStep[]
        {
            PromptToLogin,
            FinishLoginDialog,
        };

        AddDialog(new WaterfallDialog(InitialDialogId, authenticate));
        AddDialog(new OAuthPrompt(DialogIds.LoginPrompt, new OAuthPromptSettings()
        {
            ConnectionName = ConnectionName,
            Title = AuthenticationStrings.TITLE,
            Text = AuthenticationStrings.PROMPT,
        }));
    }

    private string ConnectionName { get; set; }

    private async Task<DialogTurnResult> PromptToLogin(WaterfallStepContext sc, CancellationToken cancellationToken)
    {
        return await sc.PromptAsync(AuthenticationResponses.ResponseIds.LoginPrompt, new PromptOptions());
    }

    private async Task<DialogTurnResult> FinishLoginDialog(WaterfallStepContext sc, CancellationToken cancellationToken)
    {
        var activity = sc.Context.Activity;
        if (sc.Result != null)
        {
            var tokenResponse = sc.Result as TokenResponse;

            if (tokenResponse?.Token != null)
            {
                var user = await GetProfile(sc.Context, tokenResponse);
                await _responder.ReplyWith(sc.Context, AuthenticationResponses.ResponseIds.SucceededMessage, new { name = user.DisplayName });
                return await sc.EndDialogAsync(tokenResponse);
            }
        }
        else
        {
            await _responder.ReplyWith(sc.Context, AuthenticationResponses.ResponseIds.FailedMessage);
        }

        return await sc.EndDialogAsync();
    }

    private async Task<User> GetProfile(ITurnContext context, TokenResponse tokenResponse)
    {
        var token = tokenResponse;
        var client = new GraphClient(token.Token);

        return await client.GetMe();
    }

    private class DialogIds
    {
        public const string LoginPrompt = "loginPrompt";
    }
}
Solution

  • This is a known issue in WebChat. When you use the same user id for every conversation, the conversation will reference the same data stores. To resolve this issue, I would recommend generating random user ids for each conversation.

    Hope this helps.