Skip to content

Fix Agent-To-Agent communication by retrieving claims from JWT token in ChannelApiController #335

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jul 1, 2025
Merged

Fix Agent-To-Agent communication by retrieving claims from JWT token in ChannelApiController #335

merged 3 commits into from
Jul 1, 2025

Conversation

ceciliaavila
Copy link
Collaborator

Description

This PR fixes an issue in Agent-To-Agent communication. Agent1 found an HTTP 401 error while attempting to forward Agent2's message to the channel, as the Authorization header was not populated correctly.

Detailed Changes

  • Added a GetClaimsIdentity method in HttpHelper class to retrieve the claimsIdentity from the JWT token when Auth is not configured.
  • Call the new method in ChannelApiController methods.
  • Replace the code in CloudAdapter's ProcessAsync to call the new method instead.

Testing

These images show the Agent-To-Agent sample working with anonymous authentication as well as using credentials.
image

@ceciliaavila ceciliaavila requested a review from a team as a code owner June 23, 2025 15:59
@github-actions github-actions bot added the ML: Core Tags changes to core libraries label Jun 23, 2025
@tracyboehrer
Copy link
Member

@ceciliaavila This is for when AspNet auth has not been enabled, correct? In which case, incoming responses should follow the same logic as on /api/messages.

Test the anonymous route. That is, hit Agent1 with Emulator (with no appId or secret).

Funny thing is I did the same thing in another branch just with a different name in HttpHelper. It's fine, I can resolve the other branch later.

@tracyboehrer
Copy link
Member

@ceciliaavila Or, I should say... test from "Test In WebChat" (which will arrive with a JWT token, and test from Emulator (which is anonymous because no token).

@ceciliaavila
Copy link
Collaborator Author

ame logic as on /api/messages.

Test the anonymous route. That is, hit Agent1 with Emulator (with no appId or secret).

Hi Tracy,
Anonymous was working. The fix is for communication using credentials. We tested both scenarios after applying this fix.

@tracyboehrer tracyboehrer merged commit 535d6e6 into main Jul 1, 2025
8 checks passed
@tracyboehrer tracyboehrer deleted the southworks/fix/agent-to-agent-communication branch July 1, 2025 15:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tracyboehrer tracyboehrer tracyboehrer approved these changes

Assignees
No one assigned
Labels
ML: Core Tags changes to core libraries
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ceciliaavila @tracyboehrer