async def callback(context: TurnContext):
TestBotFrameworkAdapter.get_creds_and_assert_values(
context, skill_1_app_id, skill_2_app_id, 1,
)
TestBotFrameworkAdapter.get_client_and_assert_values(
context, skill_1_app_id, skill_2_app_id, skill_2_service_url, 1,
)
# pylint: disable=protected-access
client_cache = context.adapter._connector_client_cache
client = client_cache.get(
BotFrameworkAdapter.key_for_connector_client(
skill_2_service_url, skill_1_app_id, skill_2_app_id,
)
)
assert client
turn_state_client = context.turn_state.get(
BotFrameworkAdapter.BOT_CONNECTOR_CLIENT_KEY
)
assert turn_state_client
client_creds = turn_state_client.config.credentials
assert skill_1_app_id == client_creds.microsoft_app_id
assert skill_2_app_id == client_creds.oauth_scope
assert client.config.base_url == turn_state_client.config.base_url
scope = context.turn_state[BotFrameworkAdapter.BOT_OAUTH_SCOPE_KEY]
assert skill_2_app_id == scope
# Ensure the serviceUrl was added to the trusted hosts
assert AppCredentials.is_trusted_service(skill_2_service_url)
async def test_channel_msa_header_valid_service_url_should_be_trusted(
self):
activity = Activity(
service_url="https://smba.trafficmanager.net/amer-client-ss.msg/")
header = (
"Bearer " +
MicrosoftAppCredentials("2cd87869-38a0-4182-9251-d056e8f0ac24",
"2.30Vs3VQLKt974F").get_access_token())
credentials = SimpleCredentialProvider(
"2cd87869-38a0-4182-9251-d056e8f0ac24", "")
await JwtTokenValidation.authenticate_request(activity, header,
credentials)
assert AppCredentials.is_trusted_service(
"https://smba.trafficmanager.net/amer-client-ss.msg/")
async def test_continue_conversation_with_audience(self):
mock_credential_provider = unittest.mock.create_autospec(CredentialProvider)
settings = BotFrameworkAdapterSettings(
app_id="bot_id", credential_provider=mock_credential_provider
)
adapter = BotFrameworkAdapter(settings)
skill_1_app_id = "00000000-0000-0000-0000-000000skill1"
skill_2_app_id = "00000000-0000-0000-0000-000000skill2"
skills_identity = ClaimsIdentity(
claims={
AuthenticationConstants.AUDIENCE_CLAIM: skill_1_app_id,
AuthenticationConstants.APP_ID_CLAIM: skill_2_app_id,
AuthenticationConstants.VERSION_CLAIM: "1.0",
},
is_authenticated=True,
)
skill_2_service_url = "https://skill2.com/api/skills/"
async def callback(context: TurnContext):
TestBotFrameworkAdapter.get_creds_and_assert_values(
context, skill_1_app_id, skill_2_app_id, 1,
)
TestBotFrameworkAdapter.get_client_and_assert_values(
context, skill_1_app_id, skill_2_app_id, skill_2_service_url, 1,
)
# pylint: disable=protected-access
client_cache = context.adapter._connector_client_cache
client = client_cache.get(
BotFrameworkAdapter.key_for_connector_client(
skill_2_service_url, skill_1_app_id, skill_2_app_id,
)
)
assert client
turn_state_client = context.turn_state.get(
BotFrameworkAdapter.BOT_CONNECTOR_CLIENT_KEY
)
assert turn_state_client
client_creds = turn_state_client.config.credentials
assert skill_1_app_id == client_creds.microsoft_app_id
assert skill_2_app_id == client_creds.oauth_scope
assert client.config.base_url == turn_state_client.config.base_url
scope = context.turn_state[BotFrameworkAdapter.BOT_OAUTH_SCOPE_KEY]
assert skill_2_app_id == scope
# Ensure the serviceUrl was added to the trusted hosts
assert AppCredentials.is_trusted_service(skill_2_service_url)
refs = ConversationReference(service_url=skill_2_service_url)
# Ensure the serviceUrl is NOT in the trusted hosts
assert not AppCredentials.is_trusted_service(skill_2_service_url)
await adapter.continue_conversation(
refs, callback, claims_identity=skills_identity, audience=skill_2_app_id
)