简体繁体 English

我想知道botbuilder的收听方式以及在哪里收听？

[英]I want to know how the botbuilder listen,and where it listen?

原文 2018-08-13 08:35:10 2 1 hubot

We have created Robot on hipchat and yammer with hubot, and they worked very well. 我们在带有hubot的hipchat和yammer上创建了Robot，它们运行良好。 Recently, our team want to create a bot using hubot on Microsoft Teams, but met some problems. 最近，我们的团队希望使用Microsoft Teams上的hubot创建一个机器人，但遇到了一些问题。

I read the guide document and find that we should first allow external apps in Microsoft Teams .We should ask our Microsoft Admin team to help to open this on. 我阅读了指南文档，发现应该首先允许Microsoft Teams中的外部应用程序。我们应该请Microsoft Admin团队帮助打开它。 Now, we are review this with our security team about this. 现在，我们正在与安全团队一起对此进行审查。

There is something I want to get from you: 1.I find if I want to active the hubot, I should first set an endpoint, what is this used for? 我想从您那里得到一些好处：1.我发现如果我想激活Hubot，我应该先设置一个端点，这是做什么用的？ Why should we set this? 我们为什么要设置这个？ When we enterprise hubot with hipchat and yammer, we just need an account, set the user name and password, tell hubot the group Name we want hubot join, and it worked like a normal user. 当我们使用hipchat和yammer对hubot进行企业化时，我们只需要一个帐户，设置用户名和密码，告诉hubot我们希望Hubot加入的组Name，它就可以像普通用户一样工作。

2.I found “@robot.router.post @endpoint, @connector.listen()” in the code, So, how the botbuilder listen,and where it listen? 2.我在代码中找到了“ @ robot.router.post @endpoint，@ connector.listen（）”，那么，botbuilder的监听方式以及监听的位置？

3.Are messages all transport by http? 3.消息是否全部通过http传输？ Is it safe enough? 它足够安全吗？

1 个解决方案

I just went through setting up our Hubot in teams as we will be moving from Hipchat and thought I could answer some of these questions. 我刚开始以团队的形式建立Hubot，因为我们将离开Hipchat，并认为我可以回答其中的一些问题。

The endpoint is used to send messages to your bot since it does not join as a user like Hipchat. 端点用于将消息发送到您的机器人，因为它没有像Hipchat这样的用户身份加入。 When run with the botframework adapter /api/messages is used for communicating with your bot by Microsoft. 与botframework适配器一起运行时， /api/messages用于Microsoft与您的bot通信。
I'm not certain where in the code it listens but you have to @ mention the bot in order for the app in teams to send the message to the bot's endpoint 我不确定代码在哪里侦听，但是您必须@提及机器人，以便团队中的应用将消息发送到机器人的端点
The endpoint has to be HTTPS, meaning you have to proxy Hubot. 端点必须是HTTPS，这意味着您必须代理Hubot。 The endpoint also has to be publicly available, or at least available to the Microsoft IP range. 端点还必须是公开可用的，或者至少对于Microsoft IP范围可用。 However, I found there is authentication that happens: 但是，我发现发生了身份验证：

while anyone can technically post to your api/messages endpoint, the message coming in has a JWT token signed by AAD to verify that it came from a proper source. 虽然任何人都可以从技术上将其发布到您的api / messages端点，但是传入的消息具有AAD签名的JWT令牌，以验证该消息来自正确的来源。 The botbuilder SDK (package that this adapter relies on) does this check for every message. botbuilder SDK（此适配器依赖的软件包）会对每条消息进行此检查。 Every response is also authorized with a JWT token that your bot retrieves from AAD for us to verify as well. 机器人还会从AAD检索到的JWT令牌对每个响应进行授权，以供我们进行验证。