Reputation: 1924
New Bot Framework 403 Forbidden (.NET Core 2.1)
I have in an Azure a Bot Channels Registration with AppId and AppPass
I have deploy a Bot from Visual Studio to App Service and add MicrosoftAppId and MicrosoftAppPassword
I try test in "Test in Web Chat"
And have a 403 Forbidden
With telegram client i have same error POST to xxx failed: POST to the bot's endpoint failed with HTTP status 403
In "Log stream" i see
Startup.cs
public void ConfigureServices(IServiceCollection services)
{
services.AddBot<IAssistantBot>(options =>
{
var secretKey = Configuration.GetSection("botFileSecret")?.Value;
// Loads .bot configuration file and adds a singleton that your Bot can access through dependency injection.
var botConfig = BotConfiguration.Load(@".\IAssistant.Bot.bot", secretKey);
services.AddSingleton(sp => botConfig);
// Retrieve current endpoint.
var service = botConfig.Services.Where(s => s.Type == "endpoint" && s.Name == "development").FirstOrDefault();
if (!(service is EndpointService endpointService))
{
throw new InvalidOperationException($"The .bot file does not contain a development endpoint.");
}
options.CredentialProvider = new SimpleCredentialProvider(endpointService.AppId, endpointService.AppPassword);
// Catches any errors that occur during a conversation turn and logs them.
options.OnTurnError = async (context, exception) =>
{
await context.SendActivityAsync("Sorry, it looks like something went wrong.");
};
});
}
What cause is?
Upvotes: 1
Views: 1116
Answers (1)
Reputation: 33379
Ok, so, welcome to V4 and .bot files! You were (rightly) showing us screenshots of your secrets being configured correctly via the app settings, but your startup code is not relying on app settings... instead it is utilizing the new .bot file to load the credentials for an endpoint.
Let me start by saying this is a completely new, optional technology. I know the samples tend to shove it in your face, but you do not have to adopt it if you already have DevOps practices that work fine for maintaining and deploying your keys/secrets via existing mechanisms like environment variables/app settings.
For example, you could cut the .bot file out and change your startup to use the app settings by just changing your bot registration to this:
public class Startup
{
private readonly IConfiguration _configuration;
public Startup(IConfiguration configuration)
{
// Ask for the configuration service to be injected so you can access config values (standard .NET Core 101 stuff)
_configuration = configuration ?? throw new ArgumentNullException(nameof(configuration));
}
public void ConfigureServices(IServiceCollection services)
{
services.AddBot<IAssistantBot>(options =>
{
// Load the values right out of configuration
options.CredentialProvider = new SimpleCredentialProvider(
_configuration.GetSection("MicrosoftAppId").Value,
_configuration.GetSection("MicrosoftAppPassword").Value);
// Catches any errors that occur during a conversation turn and logs them.
options.OnTurnError = async (context, exception) =>
{
await context.SendActivityAsync("Sorry, it looks like something went wrong.");
};
});
}
}
As you can see, it's a lot less code for starters and just utilizes the existing configuration system .NET Core provides. You could be loading it from an appsettings.json file, environment variables, whatever other configuration stores you might be used to utilizing in .NET Core.
Upvotes: 4
Related Questions
- Bot Framework portal - "Test connection to your bot" 401 Unauthorized
- Bot Framework Composer Skill Host Endpoint 401 Unauthorized
- Unauthorized Error Bot framework
- Error for python bot-framework: Unauthorized Access. Request is not authorized
- 403 Forbidden Error when attempting to authenticate
- Bot connector returns Forbidden (403) with Microsoft.Bot.Connector.ErrorResponseException
- Bot Framework Unauthorized when creating a conversation
- botframework 401 Unauthorized
- Bot Framework Authentication not working
- Authorization failed for Microsoft App Id