Final Node support for OAuthCards (#4553)

* Final support for OAuthCards

* Typo!

Author: Jeffders

Node/core/lib/botbuilder.d.ts

@@ -1372,6 +1372,9 @@ export interface IChatConnectorEndpoint {
 
     /** Default value is https://state.botframework.com. Configurable via IChatConnectorSettings.stateEndpoint. */
     stateEndpoint: string;
+
+    /** Default value is https://api.botframework.com. Configurable via IChatConnectorSettings.oAuthEndpoint. */
+    oAuthEndpoint: string;
 }
 
 /** Options used to initialize a UniversalBot instance. */
@@ -2701,16 +2704,19 @@ export class OAuthCard implements IIsAttachment {
     constructor(session?: Session);
 
     /** The name of the OAuth connection to use. */
-    connectionName(name: string): SigninCard;
+    connectionName(name: string): OAuthCard;
 
     /** Title of the Card. */
-    text(prompts: TextType, ...args: any[]): SigninCard;
+    text(prompts: TextType, ...args: any[]): OAuthCard;
 
     /** Signin button label. */
-    button(title: TextType): SigninCard;
+    button(title: TextType): OAuthCard;
 
     /** Returns the JSON for the card, */
     toAttachment(): IAttachment;
+
+    /** Factory method for returning a message with the proper signin attachment */
+    static create(connector: ChatConnector, session: Session, connectionName: string, text: string, buttonTitle: string, done: (err: Error, message: Message) => void): void;
 }
 
 /** Card builder class that simplifies building receipt cards. */
@@ -4292,7 +4298,7 @@ export class ChatConnector implements IConnector, IBotStorage {
      * @param connectionName Name of the auth connection to use.
      * @param done Callback to retrieve the users token.
      */
-    signOutUser(address: IChatConnectorAddress, connectionName: string, magicCode: string|undefined, done: (err: Error, results: ITokenResponse) => void): void;
+    signOutUser(address: IChatConnectorAddress, connectionName: string, done: (err: Error, results: ITokenResponse) => void): void;
 
     /**
      * Gets a signin link from the token server that can be sent as part of a SigninCard. 

Node/core/lib/bots/ChatConnector.js

@@ -31,7 +31,8 @@ var ChatConnector = (function () {
                 emulatorAuthV31IssuerV2: 'https://login.microsoftonline.com/d6d49420-f39b-4df7-a1dc-d59a935871db/v2.0',
                 emulatorAuthV32IssuerV1: 'https://sts.windows.net/f8cdef31-a31e-4b4a-93e4-5f571e91255a/',
                 emulatorAuthV32IssuerV2: 'https://login.microsoftonline.com/f8cdef31-a31e-4b4a-93e4-5f571e91255a/v2.0',
-                stateEndpoint: this.settings.stateEndpoint || 'https://state.botframework.com'
+                stateEndpoint: this.settings.stateEndpoint || 'https://state.botframework.com',
+                oAuthEndpoint: this.settings.oAuthEndpoint || 'https://api.botframework.com',
             };
         }
         this.botConnectorOpenIdMetadata = new OpenIdMetadata_1.OpenIdMetadata(this.settings.endpoint.botConnectorOpenIdMetadata);
@@ -323,7 +324,7 @@ var ChatConnector = (function () {
         }
         var options = {
             method: 'GET',
-            url: urlJoin(address.serviceUrl, path),
+            url: urlJoin(this.getOAuthPath(address), path),
             json: true
         };
         this.authenticatedRequest(options, function (err, response, body) { return done(err, body); });
@@ -333,7 +334,7 @@ var ChatConnector = (function () {
         path += '&connectionName=' + encodeURIComponent(connectionName);
         var options = {
             method: 'DELETE',
-            url: urlJoin(address.serviceUrl, path),
+            url: urlJoin(this.getOAuthPath(address), path),
             json: true
         };
         this.authenticatedRequest(options, function (err, response, body) { return done(err); });
@@ -355,7 +356,7 @@ var ChatConnector = (function () {
         var path = 'api/botsignin/getsigninurl?state=' + encodeURIComponent(finalState);
         var options = {
             method: 'GET',
-            url: urlJoin(address.serviceUrl, path)
+            url: urlJoin(this.getOAuthPath(address), path)
         };
         this.authenticatedRequest(options, function (err, response, body) { return done(err, body); });
     };
@@ -768,6 +769,9 @@ var ChatConnector = (function () {
         }
         return path + '/v3/botstate/' + encodeURIComponent(address.channelId);
     };
+    ChatConnector.prototype.getOAuthPath = function (address) {
+        return this.settings.endpoint.oAuthEndpoint;
+    };
     ChatConnector.prototype.prepIncomingMessage = function (msg) {
         utils.moveFieldsTo(msg, msg, {
             'locale': 'textLocale',

Node/core/lib/cards/OAuthCard.js

@@ -1,6 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 var Message_1 = require("../Message");
+var SigninCard_1 = require("./SigninCard");
 var OAuthCard = (function () {
     function OAuthCard(session) {
         this.session = session;
@@ -38,6 +39,42 @@ var OAuthCard = (function () {
     OAuthCard.prototype.toAttachment = function () {
         return this.data;
     };
+    OAuthCard.create = function (connector, session, connectionName, text, buttonTitle, done) {
+        var msg = new Message_1.Message(session);
+        var asSignInCard = false;
+        switch (session.message.address.channelId) {
+            case 'msteams':
+            case 'cortana':
+            case 'skype':
+            case 'skypeforbusiness':
+                asSignInCard = true;
+                break;
+        }
+        if (asSignInCard) {
+            connector.getSignInLink(session.message.address, connectionName, function (getSignInLinkErr, link) {
+                if (getSignInLinkErr) {
+                    done(getSignInLinkErr, undefined);
+                }
+                else {
+                    msg.attachments([
+                        new SigninCard_1.SigninCard(session)
+                            .text(text)
+                            .button(buttonTitle, link)
+                    ]);
+                    done(undefined, msg);
+                }
+            });
+        }
+        else {
+            msg.attachments([
+                new OAuthCard(session)
+                    .text(text)
+                    .connectionName(connectionName)
+                    .button(buttonTitle)
+            ]);
+            done(undefined, msg);
+        }
+    };
     return OAuthCard;
 }());
 exports.OAuthCard = OAuthCard;

Node/core/src/bots/ChatConnector.ts

@@ -61,6 +61,7 @@ export interface IChatConnectorSettings {
     gzipData?: boolean;
     endpoint?: IChatConnectorEndpoint;
     stateEndpoint?: string;
+    oAuthEndpoint?: string;
     openIdMetadata?: string;
 }
 
@@ -77,6 +78,7 @@ export interface IChatConnectorEndpoint {
     emulatorAuthV32IssuerV2: string;
     emulatorAudience: string;
     stateEndpoint: string;
+    oAuthEndpoint: string;
 }
 
 export interface IChatConnectorAddress extends IAddress {
@@ -115,7 +117,8 @@ export class ChatConnector implements IConnector, IBotStorage {
                 emulatorAuthV31IssuerV2: 'https://login.microsoftonline.com/d6d49420-f39b-4df7-a1dc-d59a935871db/v2.0',
                 emulatorAuthV32IssuerV1: 'https://sts.windows.net/f8cdef31-a31e-4b4a-93e4-5f571e91255a/',
                 emulatorAuthV32IssuerV2: 'https://login.microsoftonline.com/f8cdef31-a31e-4b4a-93e4-5f571e91255a/v2.0',
-                stateEndpoint: this.settings.stateEndpoint || 'https://state.botframework.com'
+                stateEndpoint: this.settings.stateEndpoint || 'https://state.botframework.com',
+                oAuthEndpoint: this.settings.oAuthEndpoint || 'https://api.botframework.com',
             }
         }
 
@@ -443,7 +446,7 @@ export class ChatConnector implements IConnector, IBotStorage {
             // We use urlJoin to concatenate urls. url.resolve should not be used here,
             // since it resolves urls as hrefs are resolved, which could result in losing
             // the last fragment of the serviceUrl
-            url: urlJoin(address.serviceUrl, path),
+            url: urlJoin(this.getOAuthPath(address), path),
             json: true
         };
         this.authenticatedRequest(options, (err, response, body) => done(err, body));
@@ -460,7 +463,7 @@ export class ChatConnector implements IConnector, IBotStorage {
             // We use urlJoin to concatenate urls. url.resolve should not be used here,
             // since it resolves urls as hrefs are resolved, which could result in losing
             // the last fragment of the serviceUrl
-            url: urlJoin(address.serviceUrl, path),
+            url: urlJoin(this.getOAuthPath(address), path),
             json: true
         };
         this.authenticatedRequest(options, (err, response, body) => done(err));
@@ -491,7 +494,7 @@ export class ChatConnector implements IConnector, IBotStorage {
             // We use urlJoin to concatenate urls. url.resolve should not be used here,
             // since it resolves urls as hrefs are resolved, which could result in losing
             // the last fragment of the serviceUrl
-            url: urlJoin(address.serviceUrl, path)
+            url: urlJoin(this.getOAuthPath(address), path)
         };
         this.authenticatedRequest(options, (err, response, body) => done(err, body));
     }
@@ -933,6 +936,10 @@ export class ChatConnector implements IConnector, IBotStorage {
         return path + '/v3/botstate/' + encodeURIComponent(address.channelId);
     }
 
+    private getOAuthPath(address: IChatConnectorAddress): string {
+        return this.settings.endpoint.oAuthEndpoint;
+    }
+
     private prepIncomingMessage(msg: IMessage): void {
         // Patch locale and channelData
         utils.moveFieldsTo(msg, msg, {

Node/core/src/cards/OAuthCard.ts

@@ -32,7 +32,9 @@
 //
 
 import { Session } from '../Session';
-import { fmtText } from '../Message';
+import { ChatConnector } from '../bots/ChatConnector';
+import { fmtText, Message } from '../Message';
+import { SigninCard } from './SigninCard';
 
 export class OAuthCard implements IIsAttachment {
     private data = {
@@ -71,4 +73,41 @@ export class OAuthCard implements IIsAttachment {
     public toAttachment(): IAttachment {
         return this.data;
     }
+
+    public static create(connector: ChatConnector, session: Session, connectionName: string, text: string, buttonTitle: string, done: (err: Error, message: Message) => void): void {
+        var msg = new Message(session);
+
+        var asSignInCard: boolean = false;
+        switch (session.message.address.channelId) {
+            case 'msteams':
+            case 'cortana':
+            case 'skype':
+            case 'skypeforbusiness':
+                asSignInCard = true;
+                break;
+        }
+
+        if (asSignInCard) {
+            connector.getSignInLink(session.message.address, connectionName, (getSignInLinkErr: Error, link: string) => {
+                if (getSignInLinkErr) {
+                    done(getSignInLinkErr, undefined);
+                } else {
+                    msg.attachments([
+                        new SigninCard(session)
+                        .text(text)
+                        .button(buttonTitle, link)
+                    ]);
+                    done(undefined, msg);
+                }
+            });
+        } else {
+            msg.attachments([ 
+                new OAuthCard(session) 
+                    .text(text) 
+                    .connectionName(connectionName)
+                    .button(buttonTitle) 
+            ]);
+            done(undefined, msg);
+        }
+    }
 }

Node/examples/basics-oauth/app.js

@@ -0,0 +1,104 @@
+/*-----------------------------------------------------------------------------
+A simple OAuthCard bot for the Microsoft Bot Framework. 
+-----------------------------------------------------------------------------*/
+
+var restify = require('restify');
+var builder = require('../../core/');
+
+// Setup Restify Server
+var server = restify.createServer();
+server.listen(process.env.port || process.env.PORT || 4000, function () {
+   console.log('%s listening to %s', server.name, server.url); 
+});
+  
+// Bot Storage: Here we register the state storage for your bot. 
+// Default store: volatile in-memory store - Only for prototyping!
+// We provide adapters for Azure Table, CosmosDb, SQL Azure, or you can implement your own!
+// For samples and documentation, see: https://github.com/Microsoft/BotBuilder-Azure
+var inMemoryStorage = new builder.MemoryBotStorage();
+
+// Create chat connector for communicating with the Bot Framework Service
+var connector = new builder.ChatConnector({
+    appId: process.env.MICROSOFT_APP_ID,
+    appPassword: process.env.MICROSOFT_APP_PASSWORD
+});
+
+var connectionName = process.env.CONNECTION_NAME;
+
+// Listen for messages from users 
+server.post('/api/messages', connector.listen());
+
+// Create your bot with a function to receive messages from the user
+var bot = new builder.UniversalBot(connector, function (session) {
+    if (session.message.text == 'signout') {
+        // It is important to have a SignOut intent
+        connector.signOutUser(session.message.address, connectionName,  (err, result) => {
+            if (!err) {
+                session.send('You are signed out.');
+            } else {
+                session.send('There was a problem signing you out.');                
+            }
+        });
+    } else {
+        // First check whether the Azure Bot Service already has a token for this user
+        connector.getUserToken(session.message.address, connectionName, undefined, (err, result) => {
+            if (result) {
+                // If there is already a token, the bot can use it directly
+                session.send('You are already signed in with token: ' + result.token);
+            } else {
+                // If there not is already a token, the bot can send an OAuthCard to have the user log in
+                if (!session.userData.activeSignIn) {
+                    session.send("Hello! Let's get you signed in!");
+                    builder.OAuthCard.create(connector, session, connectionName, "Please sign in", "Sign in", (createSignInErr, signInMessage) =>
+                    {
+                        if (signInMessage) {
+                            session.send(signInMessage);
+                            session.userData.activeSignIn = true;
+                        } else {
+                            session.send("Something went wrong trying to sign you in.");
+                        }     
+                    });
+                } else {
+                    // Some clients require a 6 digit code validation so we can check that here
+                    session.send("Let's see if that code works...");
+                    connector.getUserToken(session.message.address, connectionName, session.message.text, (err2, tokenResponse) => {
+                        if (tokenResponse) {
+                            session.send('It worked! You are now signed in with token: ' + tokenResponse.token);
+                            session.userData.activeSignIn = false;
+                        } else {
+                            session.send("Hmm, that code wasn't right");
+                        }
+                    });
+                }
+            }
+        });
+    }
+})
+.set('storage', inMemoryStorage) // Register in memory storage
+.on("event", (event) => {         // Handle 'event' activities
+    if (event.name == 'tokens/response') {
+        // received a TokenResponse, which is how the Azure Bot Service responds with the user token after an OAuthCard
+        bot.loadSession(event.address, (err, session) => {
+            let tokenResponse = event.value;
+            session.send('You are now signed in with token: ' + tokenResponse.token);
+            session.userData.activeSignIn = false;
+        });
+    }
+});
+
+connector.onInvoke((event, cb) => {
+    if (event.name == 'signin/verifyState') {
+        // received a MS Team's code verification Invoke Activity
+        bot.loadSession(event.address, (err, session) => {
+            let verificationCode = event.value.state;
+            // Get the user token using the verification code sent by MS Teams
+            connector.getUserToken(session.message.address, connectionName, verificationCode, (err, result) => {
+                session.send('You are now signed in with token: ' + result.token);
+                session.userData.activeSignIn = false;
+                cb(undefined, {}, 200);
+            });
+        });
+    } else {
+        cb(undefined, {}, 200);
+    }
+});