/// <summary> /// Determines if a given Auth header is from the Bot Framework Emulator. /// </summary> /// <param name="authHeader">Bearer Token, in the "Bearer [Long String]" Format.</param> /// <returns>True, if the token was issued by the Emulator. Otherwise, false.</returns> public static bool IsTokenFromEmulator(string authHeader) { if (!JwtTokenValidation.IsValidTokenFormat(authHeader)) { return(false); } // We know is a valid token, split it and work with it: // [0] = "Bearer" // [1] = "[Big Long String]" var bearerToken = authHeader.Split(' ')[1]; // Parse the Big Long String into an actual token. var token = new JwtSecurityToken(bearerToken); // Is there an Issuer? if (string.IsNullOrWhiteSpace(token.Issuer)) { // No Issuer, means it's not from the Emulator. return(false); } // Is the token issues by a source we consider to be the emulator? if (!ToBotFromEmulatorTokenValidationParameters.ValidIssuers.Contains(token.Issuer)) { // Not a Valid Issuer. This is NOT a Bot Framework Emulator Token. return(false); } // The Token is from the Bot Framework Emulator. Success! return(true); }
/// <summary> /// Determines if a given Auth header is from from a skill to bot or bot to skill request. /// </summary> /// <param name="authHeader">Bearer Token, in the "Bearer [Long String]" Format.</param> /// <returns>True, if the token was issued for a skill to bot communication. Otherwise, false.</returns> public static bool IsSkillToken(string authHeader) { if (!JwtTokenValidation.IsValidTokenFormat(authHeader)) { return(false); } // We know is a valid token, split it and work with it: // [0] = "Bearer" // [1] = "[Big Long String]" var bearerToken = authHeader.Split(' ')[1]; // Parse the Big Long String into an actual token. var token = new JwtSecurityToken(bearerToken); return(IsSkillClaim(token.Claims)); }