-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[JavaScript] Add Bot Authentication SNI sample bot #414
Conversation
README.md
Outdated
@@ -185,6 +186,7 @@ A [collection of **experimental** samples](./experimental) exist, intended to pr | |||
[js#81]:samples/javascript_nodejs/81.skills-skilldialog | |||
[js#82]:samples/javascript_nodejs/82.skills-sso-cloudadapter | |||
[js#84]:samples/javascript_nodejs/84.bot-authentication-certificate | |||
[js#85]:samples/javascript_nodejs/84.bot-authentication-sni |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Change this to the right sample number.
``` | ||
|
||
1. Then, type _Manage User Certificates_ in the Windows search bar and hit enter | ||
2. The certificate will be in the _user certificates_ folder, under _personal_. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
2. The certificate will be in the _user certificates_ folder, under _personal_. | |
2. The certificate will be located in the _user certificates_ folder, under _personal_ directory. |
1. Run the following command in a local PowerShell | ||
|
||
``` | ||
$cert = New-SelfSignedCertificate -CertStoreLocation "Cert:\CurrentUser\My" -Subject "CN=sampleAppCert" -KeySpec KeyExchange |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here we should use tags to let the users know which values they need to provide. For example:
$cert = New-SelfSignedCertificate -CertStoreLocation "Cert:\CurrentUser\My" -Subject "CN=sampleAppCert" -KeySpec KeyExchange | |
$cert = New-SelfSignedCertificate -CertStoreLocation "<directory-to-store-certificate>" -Subject "CN=<certificate-name>" -KeySpec KeyExchange |
4. Go to the certificate location and run the following command to generate a _pem_ file: | ||
|
||
``` | ||
OpenSSL pkcs12 -in sampleAppCert.pfx -out c:\sampleAppCert.pem –nodes |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The same here with the tags.
2. Under the Certificates section, hit on Generate/Import, complete the form, and create the certificate in PEM format. | ||
3. Go to the details of the certificate that you created and enable it. | ||
4. Download the certificate in CER format and then upload it to the Azure app registration. | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should add a section indicating which values to set in the bot's .env file.
"@azure/identity": "^3.3.0", | ||
"@azure/keyvault-certificates": "^4.7.0", | ||
"@azure/keyvault-secrets": "^4.7.0", | ||
"botbuilder": "~4.20.0", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we target version 4.21.0? It's not published yet, but version 4.20 doesn't contain the MSAL support this sample needs.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Or maybe we should use the ^
symbol.
|
||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this space is too much.
@@ -1,6 +1,4 @@ | |||
MicrosoftAppType= |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should keep the AppType at least. This should work for singletenant.
Promoted to 3914 |
#minor
Description
This PR adds a new sample for Javascript_nodejs that shows how to authenticate the Azure bot using the Subject Name/Issuer from MSAL.
Proposed Changes
Testing
This image shows the new bot-authentication-sni sample working.