Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Teams Bot Auth: oAuth Card with AADV2 returns expired tokens #2530

Closed
bravokeyl opened this issue Jun 23, 2020 · 6 comments
Closed

Teams Bot Auth: oAuth Card with AADV2 returns expired tokens #2530

bravokeyl opened this issue Jun 23, 2020 · 6 comments
Assignees
@jwiley84
Labels
Bot Services Required for internal Azure reporting. Do not delete. Do not change color. customer-replied-to Indicates that the team has replied to the issue reported by the customer. Do not delete. customer-reported Issue is created by anyone that is not a collaborator in the repository.

Comments

@bravokeyl
Copy link

bravokeyl commented Jun 23, 2020
edited

Sample information

  1. Sample type: samples
  2. Sample language: nodejs
  3. Sample name: 46.teams-auth

Describe the bug

I'm using sample auth with AADV2 connection and custom scope. The token is not renewed and receiving the expired token.

To Reproduce

Steps to reproduce the behavior:

  1. Use the 46 sample with AADV2 connection type
  2. Set the scopes to be "offline_access" and custom scope like "api://appid/myscope"
  3. Try the sample now the token is received
  4. After an hour we also receive the same even though the token is expired

Expected behavior

  1. We should receive the new token after the previous token is expired.

Additional context

https://stackoverflow.com/questions/62527519/teams-bot-auth-oauth-card-prompts-for-login-every-hour-with-aadv2

[bug]
@v-kydela v-kydela added Bot Services Required for internal Azure reporting. Do not delete. Do not change color. customer-reported Issue is created by anyone that is not a collaborator in the repository. labels Jun 23, 2020
@jwiley84
Copy link
Contributor

Hi @bravokeyl

Token handling is not something the bot does; it does not automatically refresh. The OAuth samples are meant to show simple implementation of sign-in and sign-out logic. As you've already asked this question on stackoverflow, I'm going to close this issue, and answer further queries there.

@jwiley84 jwiley84 added the customer-replied-to Indicates that the team has replied to the issue reported by the customer. Do not delete. label Jun 23, 2020
@bravokeyl
Copy link
Author

@jwiley84 Thanks for the quick response.

I'm confused from the comments in the code. I thought when we call the prompt it returns the new token if the previous token is expired, is my assumption wrong here?

@pujita9610
Copy link

@jwiley84 Stumbled upon on the same thing today, I'm wondering how we can retreive a new token.
It would be great to add some notes on how to do that. Currently I can see that there is no way
to renew the token as we just get a hold on accestoken and no refresh token is received.

What are the possible ways to retreive a new token without re-prompting the user with sign-in card?

@bravokeyl
Copy link
Author

@jwiley84 @pujita9610 Yes, it would be very helpful if there are notes/guidance on how to retrieve a new token with oAuthCard

@bravokeyl
Copy link
Author

@jwiley84 Any further input on this would be great to retrieve the valid token. Thanks

@nayanaramakanth
Copy link

Any updates on this issue ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jwiley84 jwiley84

Labels
Bot Services Required for internal Azure reporting. Do not delete. Do not change color. customer-replied-to Indicates that the team has replied to the issue reported by the customer. Do not delete. customer-reported Issue is created by anyone that is not a collaborator in the repository.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@bravokeyl @jwiley84 @nayanaramakanth @v-kydela @pujita9610