App Complete Auth - Teams OAUTH Prompt not showing

[hansliebenberg]

Hi

I have really been struggling to get SSO Auth working in my teams bot using the nodejs sample. The provisioning creates an Azure Bot Resource with its linked App Registration and all relevant settings.

The .env and .env.local files get populated with the provisioned resources. I noticed that even though the README states that you need to create an additional app registration and set the MicrosoftAppId, MicrosoftAppPassword etc , the provisioning step has already populated these with the same resources as the e..g AAD_APP_CLIENT_ID == MicrosoftAppId

I therefore just went with this setup where a single app registration is used. I assume that is correct and can work?

Now the results:

In teams itself (Debugging from VS Studio) , the 'login' request is sent and the MainDialog responds with buttons , one being 'AAD SSO authentication' , clicking send the 'sso' command....

At this point I would expect the SsoOAuthPrompt to show a sign in button or validate by current creds.

But nothing happens, tracing to MainDIalogue..promptStep --> stepContext.beginDialog(SSOAUTH);

But at this point a callback seems to be made back into the bot, where the context.TurnContext.activity name is 'signin/tokenExchange'

But then it all dies from there and no further activity or responses.

Interesting to note that the Test in web chat seems to work

Any help will be appreciated, I have tries many posts and combos without luck.

Thanks

[hansliebenberg]

I think the issue is that the 'signin/tokenExchange' , activity is comes in with the token value set, TeamsBot.onTokenResponseEvent is never executed.

I tried adding to my index.js
const tokenExchangeMiddleware = new TeamsSSOTokenExchangeMiddleware(memoryStorage, process.env.connectionName);
adapter.use(tokenExchangeMiddleware);

no luck....

[Nivedipa-MSFT]

@hansliebenberg - Thanks for reporting your issue. Could you please share the sample you are trying out so that we can try it on our end?

[hansliebenberg]

Hi,

It is literally the /Microsoft-Teams-Samples/samples/app-complete-auth/nodejs

Thanks

[hansliebenberg]

I added soe debug info to index.js:

async function handleBotLogic(context) {
await bot.run(context);
}
// Listen for incoming requests.
server.post('/api/messages', async (req, res) => {
//check if req.body json has a name of "signin/tokenExchange", and clog accoringly
if (req.body.name === "signin/tokenExchange") {
console.log("Token exchange request received");
}
await adapter.process(req, res, handleBotLogic);

});

In the case of a "signin/tokenExchange" , the adapter.process never invokes the logic function handleBotLogic

[Nivedipa-MSFT]

@hansliebenberg - Thanks for the update. We are able to repro your issue. We have informed sample team to investigate further. We will let you know once we get any updates from them.

[Nivedipa-MSFT]

@hansliebenberg - The sample team is working on the App Complete Auth sample to fix the issue. Meanwhile, could you please try this similar sample?
Microsoft-Teams-Samples/samples/bot-conversation-sso-quickstart/js at main · OfficeDev/Microsoft-Teams-Samples