private async Task <bool> InterceptOAuthCards(ClaimsIdentity claimsIdentity, Activity activity)
        {
            var oauthCardAttachment = activity.Attachments?.FirstOrDefault(a => a?.ContentType == OAuthCard.ContentType);

            if (oauthCardAttachment != null)
            {
                var targetSkill = GetCallingSkill(claimsIdentity);
                if (targetSkill != null)
                {
                    var oauthCard = ((JObject)oauthCardAttachment.Content).ToObject <OAuthCard>();

                    if (!string.IsNullOrWhiteSpace(oauthCard?.TokenExchangeResource?.Uri))
                    {
                        using (var context = new TurnContext(_adapter, activity))
                        {
                            context.TurnState.Add <IIdentity>("BotIdentity", claimsIdentity);

                            // We need to know what connection name to use for the token exchange so we figure that out here
                            var connectionName = targetSkill.Id.Contains(WaterfallSkillBot) ? _configuration.GetSection("SsoConnectionName").Value : _configuration.GetSection("SsoConnectionNameTeams").Value;

                            if (string.IsNullOrEmpty(connectionName))
                            {
                                throw new ArgumentNullException("The connection name cannot be null.");
                            }

                            // AAD token exchange
                            try
                            {
                                var result = await _tokenExchangeProvider.ExchangeTokenAsync(
                                    context,
                                    connectionName,
                                    activity.Recipient.Id,
                                    new TokenExchangeRequest()
                                {
                                    Uri = oauthCard.TokenExchangeResource.Uri
                                }).ConfigureAwait(false);

                                if (!string.IsNullOrEmpty(result?.Token))
                                {
                                    // If token above is null, then SSO has failed and hence we return false.
                                    // If not, send an invoke to the skill with the token.
                                    return(await SendTokenExchangeInvokeToSkillAsync(activity, oauthCard.TokenExchangeResource.Id, result.Token, oauthCard.ConnectionName, targetSkill, default).ConfigureAwait(false));
                                }
                            }
                            catch (Exception ex)
                            {
                                // Show oauth card if token exchange fails.
                                _logger.LogWarning("Unable to exchange token.", ex);
                                return(false);
                            }

                            return(false);
                        }
                    }
                }
            }

            return(false);
        }
        private async Task <bool> InterceptOAuthCards(ClaimsIdentity claimsIdentity, Activity activity)
        {
            if (activity.Attachments != null)
            {
                foreach (var attachment in activity.Attachments.Where(a => a?.ContentType == OAuthCard.ContentType))
                {
                    var targetSkill = GetCallingSkill(claimsIdentity);

                    if (targetSkill != null)
                    {
                        var oauthCard = ((JObject)attachment.Content).ToObject <OAuthCard>();

                        if (oauthCard.TokenExchangeResource != null /*&& _tokenExchangeConfig.ProviderId == oauthCard.TokenExchangeResource.ProviderId*/)
                        {
                            using (var context = new TurnContext(_adapter, activity))
                            {
                                context.TurnState.Add <IIdentity>("BotIdentity", claimsIdentity);

                                // AAD token exchange
                                try
                                {
                                    var result = await _tokenExchangeProvider.ExchangeTokenAsync(
                                        context,
                                        _connectionName,
                                        activity.Recipient.Id,
                                        new TokenExchangeRequest()
                                    {
                                        Uri = oauthCard.TokenExchangeResource.Uri
                                    }).ConfigureAwait(false);

                                    if (!string.IsNullOrEmpty(result.Token))
                                    {
                                        // Send an Invoke back to the Skill
                                        return(await SendTokenExchangeInvokeToSkill(activity, oauthCard.TokenExchangeResource.Id, result.Token, oauthCard.ConnectionName, targetSkill, default(CancellationToken)).ConfigureAwait(false));
                                    }
                                }
                                catch
                                {
                                    // Show oauth card if token exchange fails.
                                    return(false);
                                }

                                return(false);
                            }
                        }
                    }
                }
            }
            return(false);
        }
        private async Task <bool> InterceptOAuthCards(ClaimsIdentity claimsIdentity, Activity activity)
        {
            var oauthCardAttachment = activity.Attachments?.FirstOrDefault(a => a?.ContentType == OAuthCard.ContentType);

            if (oauthCardAttachment != null)
            {
                var targetSkill = GetCallingSkill(claimsIdentity);
                if (targetSkill != null)
                {
                    var oauthCard = ((JObject)oauthCardAttachment.Content).ToObject <OAuthCard>();

                    if (!string.IsNullOrWhiteSpace(oauthCard?.TokenExchangeResource?.Uri))
                    {
                        using (var context = new TurnContext(_adapter, activity))
                        {
                            context.TurnState.Add <IIdentity>("BotIdentity", claimsIdentity);

                            // AAD token exchange
                            try
                            {
                                var result = await _tokenExchangeProvider.ExchangeTokenAsync(
                                    context,
                                    _connectionName,
                                    activity.Recipient.Id,
                                    new TokenExchangeRequest()
                                {
                                    Uri = oauthCard.TokenExchangeResource.Uri
                                }).ConfigureAwait(false);

                                if (!string.IsNullOrEmpty(result?.Token))
                                {
                                    // If token above is null, then SSO has failed and hence we return false.
                                    // If not, send an invoke to the skill with the token.
                                    return(await SendTokenExchangeInvokeToSkill(activity, oauthCard.TokenExchangeResource.Id, result.Token, oauthCard.ConnectionName, targetSkill, default).ConfigureAwait(false));
                                }
                            }
                            catch
                            {
                                // Show oauth card if token exchange fails.
                                return(false);
                            }

                            return(false);
                        }
                    }
                }
            }

            return(false);
        }
Esempio n. 4
0
        private async Task <bool> InterceptOAuthCardsAsync(ClaimsIdentity claimsIdentity, Activity activity)
        {
            if (activity.Attachments != null)
            {
                BotFrameworkSkill targetSkill = null;
                foreach (var attachment in activity.Attachments.Where(a => a?.ContentType == OAuthCard.ContentType))
                {
                    if (targetSkill == null)
                    {
                        targetSkill = GetCallingSkill(claimsIdentity);
                    }

                    if (targetSkill != null)
                    {
                        var oauthCard = ((JObject)attachment.Content).ToObject <OAuthCard>();

                        if (oauthCard != null && oauthCard.TokenExchangeResource != null &&
                            _tokenExchangeConfig != null && !string.IsNullOrWhiteSpace(_tokenExchangeConfig.Provider) &&
                            _tokenExchangeConfig.Provider == oauthCard.TokenExchangeResource.ProviderId)
                        {
                            using (var context = new TurnContext(_adapter, activity))
                            {
                                context.TurnState.Add <IIdentity>(BotAdapter.BotIdentityKey, claimsIdentity);

                                // AAD token exchange
                                var result = await _tokenExchangeProvider.ExchangeTokenAsync(
                                    context,
                                    activity.Recipient?.Id,
                                    _tokenExchangeConfig.ConnectionName,
                                    new TokenExchangeRequest()
                                {
                                    Uri = oauthCard.TokenExchangeResource.Uri
                                }).ConfigureAwait(false);

                                if (!string.IsNullOrEmpty(result.Token))
                                {
                                    // Send an Invoke back to the Skill
                                    return(await SendTokenExchangeInvokeToSkill(activity, oauthCard.TokenExchangeResource.Id, result.Token, oauthCard.ConnectionName, targetSkill, default).ConfigureAwait(false));
                                }

                                return(false);
                            }
                        }
                    }
                }
            }

            return(false);
        }