Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implements auth changes required to handle skills #2755

Merged
merged 3 commits into from
Oct 16, 2019
Merged

Implements auth changes required to handle skills #2755

merged 3 commits into from
Oct 16, 2019

Conversation

gabog
Copy link
Contributor

@gabog gabog commented Oct 16, 2019

Relates to #2743

Added constructor overload to AppCredentials and MicrosoftAppCredentals that allow the developer to set a custom OAuthScope (this helps with skill authentication where the audience will be the calling bot).
Added code to validate skill request tokens
Adds missing (c) to OAuthConfiguration, Retry and TimeSpanaExtensios.
Added InternalsVisibleTo to facilitate unit testing.

@gabog
Added constructor overload to AppCredentials and MicrosoftAppCredenti…
3262cab 
…als that allow the developer to set a custom OAuthScope (this helps with skill authentication where the audience will be the calling bot).

Added code to validate skill request tokens
Adds missing (c) to OAuthConfiguration, Retry and TimeSpanaExtensios.
Added InternalsVisibleTo to facilitate unit tesing.
@coveralls
Copy link
Collaborator

coveralls commented Oct 16, 2019
edited

Pull Request Test Coverage Report for Build 83844

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • 6 unchanged lines in 4 files lost coverage.
  • Overall coverage remained the same at 78.82%
Files with Coverage Reduction New Missed Lines %
/libraries/Microsoft.Bot.Builder.Dialogs/ObjectPath.cs 1 75.14%
/libraries/Microsoft.Bot.Builder.Dialogs/Prompts/OAuthPrompt.cs 1 57.23%
/libraries/Microsoft.Bot.Builder.Azure/CosmosDbStorageOptions.cs 2 50.0%
/libraries/Microsoft.Bot.Builder/MemoryTranscriptStore.cs 2 86.09%
Totals Coverage Status
Change from base Build 83722: 0.0%
Covered Lines: 5422
Relevant Lines: 6879
💛 - Coveralls

@fuselabs
Copy link
Collaborator

✔️ No Binary Compatibility issues for Microsoft.Bot.Builder.dll compared against version 4.5.3
✔️ No Binary Compatibility issues for Microsoft.Bot.Builder.AI.Luis.dll compared against version 4.5.3
✔️ No Binary Compatibility issues for Microsoft.Bot.Builder.AI.QnA.dll compared against version 4.5.3
✔️ No Binary Compatibility issues for Microsoft.Bot.Builder.ApplicationInsights.dll compared against version 4.5.3
✔️ No Binary Compatibility issues for Microsoft.Bot.Builder.Azure.dll compared against version 4.5.3
✔️ No Binary Compatibility issues for Microsoft.Bot.Builder.Dialogs.dll compared against version 4.5.3
✔️ No Binary Compatibility issues for Microsoft.Bot.Builder.TemplateManager.dll compared against version 4.5.3
✔️ No Binary Compatibility issues for Microsoft.Bot.Configuration.dll compared against version 4.5.3
✔️ No Binary Compatibility issues for Microsoft.Bot.Connector.dll compared against version 4.5.3
✔️ No Binary Compatibility issues for Microsoft.Bot.Schema.dll compared against version 4.5.3

carlosscastro
carlosscastro reviewed Oct 16, 2019
View reviewed changes
Copy link
Member

@carlosscastro carlosscastro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are some auth tests around AppCredentials in the FunctionalTests project, would be worth to have some end to end test there

libraries/Microsoft.Bot.Connector/Authentication/AppCredentials.cs
/// <param name="customHttpClient">Optional <see cref="HttpClient"/> to be used when acquiring tokens.</param>
/// <param name="logger">Optional <see cref="ILogger"/> to gather telemetry data while acquiring and managing credentials.</param>
/// <param name="oAuthScope">The scope for the token.</param>
public AppCredentials(string channelAuthTenant = null, HttpClient customHttpClient = null, ILogger logger = null, string oAuthScope = null)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm wondering if we should flow the authentication configuration here, so we can support not only custom OAuthScope, but all auth parameters. Then we could have this constructor receiving

public AppCredentials(AuthenticationConfiguration authConfig, HttpClient httpClient, ILogger logger)

which is extensible through adding optional fields to AuthenticationConfiguration.

Thoughts?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe, let's chat when you have a min, I'll leave this one open for now.

libraries/Microsoft.Bot.Connector/Authentication/JwtTokenValidation.cs Show resolved Hide resolved
libraries/Microsoft.Bot.Connector/Authentication/JwtTokenValidation.cs Show resolved Hide resolved
libraries/Microsoft.Bot.Connector/Authentication/JwtTokenValidation.cs Outdated Show resolved Hide resolved
libraries/Microsoft.Bot.Connector/Authentication/JwtTokenValidation.cs Show resolved Hide resolved
libraries/Microsoft.Bot.Connector/Authentication/JwtTokenValidation.cs Outdated Show resolved Hide resolved
libraries/Microsoft.Bot.Connector/Authentication/SkillValidation.cs Outdated Show resolved Hide resolved
libraries/Microsoft.Bot.Connector/Authentication/SkillValidation.cs Outdated Show resolved Hide resolved
libraries/Microsoft.Bot.Connector/Authentication/SkillValidation.cs Show resolved Hide resolved
libraries/Microsoft.Bot.Connector/Authentication/SkillValidation.cs Outdated Show resolved Hide resolved
@fuselabs
Copy link
Collaborator

✔️ No Binary Compatibility issues for Microsoft.Bot.Builder.dll compared against version 4.5.3
✔️ No Binary Compatibility issues for Microsoft.Bot.Builder.AI.Luis.dll compared against version 4.5.3
✔️ No Binary Compatibility issues for Microsoft.Bot.Builder.AI.QnA.dll compared against version 4.5.3
✔️ No Binary Compatibility issues for Microsoft.Bot.Builder.ApplicationInsights.dll compared against version 4.5.3
✔️ No Binary Compatibility issues for Microsoft.Bot.Builder.Azure.dll compared against version 4.5.3
✔️ No Binary Compatibility issues for Microsoft.Bot.Builder.Dialogs.dll compared against version 4.5.3
✔️ No Binary Compatibility issues for Microsoft.Bot.Builder.TemplateManager.dll compared against version 4.5.3
✔️ No Binary Compatibility issues for Microsoft.Bot.Configuration.dll compared against version 4.5.3
✔️ No Binary Compatibility issues for Microsoft.Bot.Connector.dll compared against version 4.5.3
✔️ No Binary Compatibility issues for Microsoft.Bot.Schema.dll compared against version 4.5.3

@carlosscastro
Copy link
Member

Approved with the promise of resolving the authentication configuration parameter only to app credential constructor.

@tomlm tomlm merged commit 461df3c into master Oct 16, 2019
@tomlm tomlm deleted the gabog/SkillAuthUpdates branch October 16, 2019 23:32
@sgellock sgellock mentioned this pull request Oct 23, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@carlosscastro carlosscastro carlosscastro approved these changes

@cleemullins cleemullins Awaiting requested review from cleemullins

@johnataylor johnataylor Awaiting requested review from johnataylor

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@gabog @coveralls @fuselabs @carlosscastro @tomlm