fix(core.gbapp): Security enhancements and fixes.

boot.js

@@ -24,7 +24,7 @@ var now = () => {
 try {
 
     var run = () => {
-        console.log(`[GB Runtime] Now starting General Bots Server...`);
+        console.log(`[GB Runtime] Initializing General Bots Server...`);
         const GBServer = require("./dist/src/app").GBServer
         console.log(`[GB Runtime] ${now()} - Running '${GBServer.name}' on '${__dirname}' directory`);
         process.env.PWD = __dirname;

package.json

@@ -106,7 +106,6 @@
     "@types/winston": "2.4.4",
     "ban-sensitive-files": "1.9.2",
     "commitizen": "^4.0.3",
-    "coveralls": "^3.0.9",
     "cz-conventional-changelog": "^3.0.2",
     "dependency-check": "^4.1.0",
     "git-issues": "1.3.1",

packages/azuredeployer.gbapp/services/AzureDeployerService.ts

@@ -332,12 +332,21 @@ export class AzureDeployerService implements IGBInstallationDeployer {
     const storageClient = new SqlManagementClient(credentials, subscriptionId);
 
     const ip = await publicIp.v4();
-    const params = {
+    let params = {
       startIpAddress: ip,
       endIpAddress: ip
     };
-
     await storageClient.firewallRules.createOrUpdate(groupName, serverName, 'gb', params);
+
+    // AllowAllWindowsAzureIps must be created that way, so the Azure Search can 
+    // access SQL Database to index its contents.
+
+    params = {
+      startIpAddress: '0.0.0.0',
+      endIpAddress: '0.0.0.0'
+    };
+    await storageClient.firewallRules.createOrUpdate(groupName, serverName, 'AllowAllWindowsAzureIps', params);
+
   }
 
   public async deployFarm(
@@ -358,6 +367,15 @@ export class AzureDeployerService implements IGBInstallationDeployer {
     GBLog.info(`Deploying Deploy Group (It may take a few minutes)...`);
     await this.createDeployGroup(name, instance.cloudLocation);
 
+    GBLog.info(`Deploying NLP...`);
+    const nlp = await this.createNLP(name, `${name}-nlp`, instance.cloudLocation);
+    keys = await this.cognitiveClient.accounts.listKeys(name, nlp.name);
+    const nlpAppId = await this.createNLPService(name, name, instance.cloudLocation, culture, instance.nlpAuthoringKey);
+
+    instance.nlpEndpoint =  urlJoin(nlp.endpoint, 'apps');
+    instance.nlpKey = keys.key1;
+    instance.nlpAppId = nlpAppId;
+
     GBLog.info(`Deploying Bot Server...`);
     const serverFarm = await this.createHostingPlan(name, `${name}-server-plan`, instance.cloudLocation);
     const serverName = `${name}-server`;
@@ -406,17 +424,9 @@ export class AzureDeployerService implements IGBInstallationDeployer {
 
     instance.textAnalyticsEndpoint = textAnalytics.endpoint.replace(`/text/analytics/v2.0`, '');
     instance.textAnalyticsKey = keys.key1;
-    if (false) {
 
-      GBLog.info(`Deploying NLP...`);
-      const nlp = await this.createNLP(name, `${name}-nlp`, instance.cloudLocation);
-      keys = await this.cognitiveClient.accounts.listKeys(name, nlp.name);
-      const nlpAppId = await this.createNLPService(name, name, instance.cloudLocation, culture, instance.nlpAuthoringKey);
+    // NLP
 
-      instance.nlpEndpoint = nlp.endpoint; // TODO: Add this final URL /apps/a149dae1-5134-4624-96b5-885e9e674c9e
-      instance.nlpKey = keys.key1;
-      instance.nlpAppId = nlpAppId;
-    }
     GBLog.info(`Deploying Bot...`);
     instance.botEndpoint = this.defaultEndPoint;
 

packages/core.gbapp/services/GBMinService.ts

@@ -297,7 +297,7 @@ export class GBMinService {
           instanceId: instance.instanceId,
           botId: botId,
           theme: theme,
-          secret: instance.webchatKey,
+          webchatToken: webchatToken,
           speechToken: speechToken,
           conversationId: webchatToken.conversationId,
           authenticatorTenant: instance.authenticatorTenant,

packages/default.gbui/src/GBUIApp.js

@@ -173,7 +173,7 @@ class GBUIApp extends React.Component {
     window['botchatDebug'] = true;
 
     const line = new DirectLine({
-      secret: this.state.instanceClient.secret
+      token: this.state.instanceClient.token
     });
 
     line.connectionStatus$.subscribe(connectionStatus => {