authentication fails for newly created bots

[DanielLevy0705]

Version

4.11.0

Describe the bug

Hi guys, I'm creating a new bot using the Developer portal on ms-teams web app. (which by the way has a bug on Desktop client).
I'm getting the bot id, and the client secret (also known as app password) as I've done many times before.
I didn't make any code changes and my bot worked fine with other credentials just a couple of weeks ago, but in the last few days I'm getting
[Errno Unauthorized. Invalid AppId passed on token: ] <bot-id>.
when sending a post request using postman to: https://login.microsoftonline.com/botframework.com/oauth2/v2.0/token
with the same credentials it works fine I'm getting status code 200 and a token.

To Reproduce

in my code I'm creating a SimpleCredentialProvider with the bot-id and app password and an Activity from botbuilder.schema and the Authorization header from a flask Request
and sending it like this:

JwtTokenValidation.authenticate_request(
                    activity,    # Activity
                    current_request.headers.get("Authorization"),    # Request
                    self.credential_provider,    # SimpleCredentialProvider
                )

Expected behavior

expecting to be authenticated and get the token as usual

[munozemilio]

@DanielLevy0705 thanks for reporting this: Could you please provide a step-by-step of the repro, including the link to the ms-teams web app you are using?

[DanielLevy0705]

Thanks for responding :)
not sure what you mean by ms-teams web app link, I'm using microsoft teams https://teams.microsoft.com/ and I've added a personal custom app, with a bot that was generated using "Developer Portal: https://teams.microsoft.com/_#/apps/14072831-8a2a-4f76-9294-057bf0b42a68/sections/57bb717d-fddc-4b1d-9bfd-3cb4ef4952a4?slug=28:0c5cfdbb-596f-4d39-b557-5d9516c94107

regarding repro steps:

1. create new bot using developer portal.
2. get the client secret and bot-id of the newly created bot
3. use the credentials to create a SimpleCredentialProvider
4. send this SimpleCredentialProvider to authenticate using JwtTokenValidation.authenticate_request

please note that I've sent also parameters that are coming from Flask
the Activity object was created from deserialized Request and the auth headers were also coming from the Request object.

[DanielLevy0705]

Update: it's happening also on bots that were created and worked before.

[InfinytRam]

Hi @DanielLevy0705, I'm investigating.

[DanielLevy0705]

Hi guys, is there any progress with this? we're having many clients complaining about this issue.

[DanielLevy0705]

update: tested today on a newly created bot and it looks like the issue is resolved!

[NisargKarun]

@DanielLevy0705 Did you have to do something else to fix the issue? I am facing the same issue in my bots.

[flpms]

There's some update ou tips regards this?

I've similar issue on my server execution with JS SDK, while run normally executing on my machine with exactly the same configuration.

EDIT: I open here, even it's for Python SDK, because it's exactly same error message and some kind related with authentication, so it's good to know how the problem was fixed.

[Loprock]

I'm facing the same issue on my part as well ? is there any update regarding it?

[flpms]

I'm facing the same issue on my part as well ? is there any update regarding it?

The problem we face was related to auth env not be properly passed to BotBuilder instance.

[Loprock]

@flpms do you have a solution for our issue? is it something that we need to be doing on our part ?

I'm facing the same issue on my part as well ? is there any update regarding it?

The problem we face was related to auth env not be properly passed to BotBuilder instance.

[flpms]

Yes, the check the state of your .env when start botbuilder