New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sign In Card Does Not Render in Web Chat #100
Comments
Thanks for reporting this, we will look into it. |
Reproducible for AADv1 authentication sample code also. Any update? |
I have let our WebChat team know about this issue, but no update at this time. |
This seemed to work with the emulator still so I would think this is purely an issue with the webchat rendering. I created an issue in that repo because this is a major blocker for testing any other bot functionality if you can't authenticate a user. |
I will touch base with the WebChat team today to check on progress |
@abhatt29 @kashifkhan I am investigating this on Web Chat side, with this issue. @JasonSowers and @ukphillips thanks for alerting me on this one. |
We will be monitoring this on the issue that @compulim linked, please post in there if you have any questions or comments. |
Hi All, |
Hi All, |
@souuuf and @manoj1201 I guess the problem you are hitting might be different than the top one. The top one is because OAuth is a new feature, it was recently added to microsoft/BotFramework-WebChat#954. For some reasons, the new card is not on If you are using Web Chat via CDN or NPM, you should see the OAuth sign in button. Can you give more information about your scenarios?
|
@jonathanhotono did u find any fix ? |
One alternative way is to use ordinary cards with link action to login URL. This will open in new window |
OAuth card does not work in Azure yet, Web Chat on Azure is ~6 months lagging behind the CDN/NPM release. We have a plan to bump it to latest. Please use OAuth card via CDN or NPM. And as a side note, please make sure you don't leak Direct Line secret in the browser, always use a token server. |
OAuth card is not just a link. Direct Line service will help the bot to negotiate for a token and send it to the bot directly, without passing it thru the browser. When the user click on the link, it will send to the OAuth provider, with a redirect URL set to token.botframework.com, which we receive the token, and send to the bot behind the curtain. |
@compulim If I use DirectLine , then its generating magic numbers that needs to be verified against my code and I don't to know how to handle the verification on the code side. But the previous one for webchat secrets is working on the emulator. It seems under the curtain everything is done by GetTokenDialog. Do we have any samples to the solution you are suggesting. Any link. ? highly appreciate |
i am also facing the same issue in azure web chat but it is working fine in emulator please let me know the solution |
Same issue |
This bug stops my whole project. Need at least working work around to use Web Chat and to authenticate, at least how can I handle verification code? |
2 options to work around this:
MS TEAMS
I would recommend to spin up a new Bot Channels Registration instead of using your existing bot service. |
@naguluvemula @msekkappan @David201406
I do have a sample setup to make it work. I agree it requires deeper understanding of OAuth. I read IETF RFC to fully understand how it works and why we need those extra security measures. Since I am currently tightened up for something more urgent, I can only help by writing steps (out of my memory). Let's work from here to diagnose the issue. I can point you to correct person once we identify the problematic area. Prerequisites
Steps
Up to this point, your bot should works with OAuth. It should authenticate the user via GitHub, without the need to type in "magic code". If it doesn't,
Please let me know how it works. I am happy to help. (Reopening the issue so we can track the response.) (Updated to add IE11 troubleshooting guide.) |
@compulim thanks for the thorough explanation 👍 For this bit here:
Is there any good sample of a token REST server to perform token exchange ? |
@jonathanhotono steal my Node.js token server here. This is a pull request in-the-work. It got a very comprehensive README.md, which primarily talks about two things:
I am not Kubernetes expert, if you found any mistakes in the branch, please point them out. I will fix it. 💪 |
@compulim I tried your MockBot, it works. Our scenario is more on .NET, is there an .NET example for gracefully handling the magic code? Thanks. |
Hi, In MS Team OAuth Card is coming but not action is happening after clicking Sign In button. |
Hi, Anyone else have found any workaround for this issue? |
@bhushang19 Did you enable the Teams channel in bot channel registration? My bot is working fine in Teams (still need the magic code though). It seems like SigninCard card button is now OpenUrl type when the channelId is msteams. |
I also encountered the original problem "Sign In Card Does Not Render in Web Chat" - no problems with Direct Line integrations and also not when using the Web Chat integrated in the Azure Portal. Example: https://webchat.botframework.com/embed/bot-name?s=SECRET&v=0.15.0 |
This problem has been going on for something like a year or more from what I can see from the numerous threads about it. Is there really no better answer than: Step 1: Reinvent the Universe in 5000 complex steps. I just tried my bot on the Azure portal Web Chat and this problem still exists. Works fine in the emulator. I see so many references to "we're putting out a fix on this day or that" and yet a year later it is still broken. Is there a credible plan to fix this or should I just jump to Step 2 above? |
Any update on this? I am having same issue |
I believe the feature we are using are not popular or MS does not think it to be relevant. There are alternative Chat SDK available from competing vendors, that might be worth a look. |
My heartburn is the repeated promises throughout this thread and elsewhere
of fixes being planned to be rolled out over a year ago. Don't promise
things you don't plan to do. Or offer overly complicated solutions to
something that you can and should easily fix. If it isn't an important
feature, take it down entirely. Apparently it *is* important enough to
make work in their emulator and in other versions of the Web Chat. Why not
fix it on their main Azure Portal? I'm not interested in excuses, just
resolution of the issue as repeatedly promised.
…On Thu, Jun 20, 2019 at 12:04 AM babaibhat ***@***.***> wrote:
I believe the feature we are using are not popular or MS does not think it
to be relevant.
Maybe our use case only covers 0.5% of all usage of the SDK, hence low on
priority.
There are alternative Chat SDK available from competing vendors, that
might be worth a look.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<https://github.com/microsoft/botframework-sdk/issues/4632?email_source=notifications&email_token=AIZRMQP4BDCEKTBQT64RE6DP3MTV7A5CNFSM4FATZX52YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODYEPNRA#issuecomment-503903940>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AIZRMQKIBJVTK3TXHHKOT7TP3MTV7ANCNFSM4FATZX5Q>
.
|
@mingweiw any idea on timeline for WebChat embed supporting oath cards (upgrade to webchat v4)? |
We don't want to update webchat at the existing embed url because we don't know who's relying on its existing behavior. The new webchat (4.4) embed is available at https://webchat.botframework.com/embed/b/gemini?s=YOUR_SECRET&b=YOUR_BOT_ID. |
Bot Info
Issue Description
When running the sample code for Oath login https://github.com/Microsoft/BotBuilder/tree/master/CSharp/Samples/AadV2Bot the bot is able to render a sign card in the emulator but not in web chat. Running the web chat in Edge or Chrome renders the following when sign in is requested "[File of type 'application/vnd.microsoft.card.oauth']"
Code Example
https://github.com/Microsoft/BotBuilder/tree/master/CSharp/Samples/AadV2Bot
Reproduction Steps
Expected Behavior
Expect to see the Sign in card which allows a user to authenticate against the graph API
Actual Results
Since the card is rendered an attachment the browser (Edge, Chrome) display "[File of type 'application/vnd.microsoft.card.oauth']" . In the emulator it works as intended.
The text was updated successfully, but these errors were encountered: