Search code examples
azure-active-directorymicrosoft-graph-apibotframeworkmicrosoft-teams

Why does authentication not go through in MS Teams Bot app?

Cannot authenticate user in MS Teams Bot. enter image description here

Same works in "Test in webchat" properly: enter image description here

Domain added to Teams manifest properly:

{
    "$schema": "https://developer.microsoft.com/en-us/json-schemas/teams/v1.15/MicrosoftTeams.schema.json",
    "version": "1.0.0",
    "manifestVersion": "1.15",
    "id": "a0d93a07-2f63-4569-a651-cf3761859b28",
    "packageName": "com.package.name",
    "name": {
        "short": "NewTest",
        "full": ""
    },
    "developer": {
        "name": "KUKA",
        "mpnId": "",
        "websiteUrl": "https://supportbotkuka.z6.web.core.windows.net/teams_ITSupport_about.html",
        "privacyUrl": "https://supportbotkuka.z6.web.core.windows.net/teams_ITSupport_priv.html",
        "termsOfUseUrl": "https://supportbotkuka.z6.web.core.windows.net/teams_ITSupport_terms.html"
    },
    "description": {
        "short": "CS Logistics TEST app",
        "full": "test app for CS Logistics"
    },
    "icons": {
        "outline": "outline.png",
        "color": "color.png"
    },
    "accentColor": "#FFFFFF",
    "staticTabs": [
        {
            "entityId": "conversations",
            "scopes": [
                "personal"
            ]
        },
        {
            "entityId": "about",
            "scopes": [
                "personal"
            ]
        }
    ],
    "bots": [
        {
            "botId": "99e82921-96c9-4ec1-83ab-bd05382abc96",
            "scopes": [
                "personal"
            ],
            "isNotificationOnly": false,
            "supportsCalling": false,
            "supportsVideo": false,
            "supportsFiles": true
        }
    ],
    "validDomains": [
        "token.botframework.com"
    ],
    "webApplicationInfo": {
        "id": "1e04e5cd-88e1-4522-984d-2bba5e2d37eb",
        "resource": "https://graph.microsoft.com/"
    }
}

Also recreated AppService, AzureBot in Azure, and setup new Teams app with new manifest version via Developer Portal. Installed the Teams app directly just form myself, as a personal app.

App registration redirect URIs: enter image description here

Also the app registration works fine for other chatbots in our domain. Why not for this one?

Solution

  • Actually the only thing that needed to be changed was to add this line of code to the error handler adapter to the bot code: base.Use(new TeamsSSOTokenExchangeMiddleware(storage, configuration["ConnectionName"]));Add code to handle an access token. And also to add method OnTeamsSigninVerifyStateAsync to Bot like in sso-quickstart sample.