-
Notifications
You must be signed in to change notification settings - Fork 282
/
Copy pathchannelServiceHandler.ts
68 lines (61 loc) · 2.47 KB
/
channelServiceHandler.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT License.
import { ChannelServiceHandlerBase } from './channelServiceHandlerBase';
import { StatusCodeError } from './statusCodeError';
import { StatusCodes } from 'botbuilder-core';
import {
AuthenticationConfiguration,
AuthenticationConstants,
ClaimsIdentity,
ICredentialProvider,
JwtTokenValidation,
SkillValidation,
} from 'botframework-connector';
/**
* @deprecated Use `CloudChannelServiceHandler` instead.
* The ChannelServiceHandler implements API to forward activity to a skill and
* implements routing ChannelAPI calls from the Skill up through the bot/adapter.
*/
export class ChannelServiceHandler extends ChannelServiceHandlerBase {
/**
* Initializes a new instance of the ChannelServiceHandler class, using a credential provider.
*
* @param credentialProvider The credential provider.
* @param authConfig The authentication configuration.
* @param channelService A string representing the channel provider.
*/
constructor(
private readonly credentialProvider: ICredentialProvider,
private readonly authConfig: AuthenticationConfiguration,
protected readonly channelService = process.env[AuthenticationConstants.ChannelService],
) {
super();
if (!credentialProvider) {
throw new Error('ChannelServiceHandler(): missing credentialProvider');
}
if (!authConfig) {
throw new Error('ChannelServiceHandler(): missing authConfig');
}
}
protected async authenticate(authHeader: string): Promise<ClaimsIdentity> {
if (!authHeader) {
const isAuthDisabled = await this.credentialProvider.isAuthenticationDisabled();
if (!isAuthDisabled) {
throw new StatusCodeError(StatusCodes.UNAUTHORIZED);
}
// In the scenario where Auth is disabled, we still want to have the
// IsAuthenticated flag set in the ClaimsIdentity. To do this requires
// adding in an empty claim.
// Since ChannelServiceHandler calls are always a skill callback call, we set the skill claim too.
return SkillValidation.createAnonymousSkillClaim();
}
return JwtTokenValidation.validateAuthHeader(
authHeader,
this.credentialProvider,
this.channelService,
'unknown',
undefined,
this.authConfig,
);
}
}