/// <summary>
/// Determines if a given Auth header is from the Bot Framework Emulator.
/// </summary>
/// <param name="authHeader">Bearer Token, in the "Bearer [Long String]" Format.</param>
/// <returns>True, if the token was issued by the Emulator. Otherwise, false.</returns>
public static bool IsTokenFromEmulator(string authHeader)
{
if (!JwtTokenValidation.IsValidTokenFormat(authHeader))
{
return(false);
}
// We know is a valid token, split it and work with it:
// [0] = "Bearer"
// [1] = "[Big Long String]"
var bearerToken = authHeader.Split(' ')[1];
// Parse the Big Long String into an actual token.
var token = new JwtSecurityToken(bearerToken);
// Is there an Issuer?
if (string.IsNullOrWhiteSpace(token.Issuer))
{
// No Issuer, means it's not from the Emulator.
return(false);
}
// Is the token issues by a source we consider to be the emulator?
if (!ToBotFromEmulatorTokenValidationParameters.ValidIssuers.Contains(token.Issuer))
{
// Not a Valid Issuer. This is NOT a Bot Framework Emulator Token.
return(false);
}
// The Token is from the Bot Framework Emulator. Success!
return(true);
}
/// <summary>
/// Determines if a given Auth header is from from a skill to bot or bot to skill request.
/// </summary>
/// <param name="authHeader">Bearer Token, in the "Bearer [Long String]" Format.</param>
/// <returns>True, if the token was issued for a skill to bot communication. Otherwise, false.</returns>
public static bool IsSkillToken(string authHeader)
{
if (!JwtTokenValidation.IsValidTokenFormat(authHeader))
{
return(false);
}
// We know is a valid token, split it and work with it:
// [0] = "Bearer"
// [1] = "[Big Long String]"
var bearerToken = authHeader.Split(' ')[1];
// Parse the Big Long String into an actual token.
var token = new JwtSecurityToken(bearerToken);
return(IsSkillClaim(token.Claims));
}