将Azure Bot集成到Web应用程序中
我们有一种方案,用户在与Azure Bot进行对话之前先登录Web应用程序.
We have a scenario where a user would first login to web application before starting a conversation with Azure Bot.
我的问题是,考虑到该漫游器能够回答与登录用户的财务状况有关的问题,我们如何确保该漫游器仅允许用户提出与自己账户有关的财务问题.
My question is how do we ensure bot will only allow user to ask financial questions related to his own accounts considering the bot is capable of answer questions related to financial holding of the person logged in.
基本上,有一种方法可以在对话开始之前将主体对象传递给机器人.如果是,我们如何传递这些细节.
Basically is there a way to pass principal object to the bot before the conversation starts. If yes how do we pass those details.
BotFramework当前不支持单点登录.但是,BotFramework网络聊天开发团队建议使用不同的方法来创建单一登录体验,并且目前正在开发示例.
The BotFramework currently does not support single sign-on; however, the BotFramework Web Chat Development team has recommended different approaches to create a single sign-on experience and is currently working on developing a sample.
主要方法建议通过将每个身份验证令牌添加到活动的通道数据中,以在每个外发消息上附加身份验证令牌.为此,您可以创建一个附加了附加数据的自定义中间件.看看下面的代码片段.
The main approach recommends piggybacking the authentication token on every outgoing message by adding it to the activity's channel data. To do this, you can create a custom middleware that appends the additional data. Take a look at the code snippet below.
const store = window.WebChat.createStore(
{},
({ dispatch }) => next => action => {
if (action.type === 'DIRECT_LINE/POST_ACTIVITY') {
// The channelData submitted here is very similar to HTTP cookies and vulnerable to forgery attack.
// Make sure you use signature to protect it and verify the signature on the bot side.
// To minimize unexpected behaviors, we recommend to treat the "action" object as if it is immutable.
// We use simple-update-in package to update "action" with partial deep cloning.
action = window.simpleUpdateIn(action, ['payload', 'activity', 'channelData', 'token'], () => token);
}
return next(action);
}
);
window.WebChat.renderWebChat({
directLine: window.WebChat.createDirectLine({ token }),
// We will use a custom version of Redux store, which we added middleware to handle backchannel messages.
store
}, document.getElementById('webchat'));
在漫游器端,您可以从通道数据中检索令牌并使用它发出各种请求.有关将数据添加到外发活动的更多详细信息,请查看此样本.
On the bot side, you can retrieve the token from the channel data and use it to make various requests. For more details on adding data to outgoing activities, take a look at this sample.
有关推荐方法的更多详细信息,请查看此问题在GitHub上.网络聊天开发团队还使用它来跟踪示例的进度.
For more details regarding recommended approaches, take a look at this issue on GitHub. The Web Chat Development team is also using it to track the progress of the sample.
希望这会有所帮助.