stackoom
  简体   繁体   中英

I want to know how the botbuilder listen,and where it listen?

 原文  2018-08-13 08:35:10       hubot

Question

We have created Robot on hipchat and yammer with hubot, and they worked very well. Recently, our team want to create a bot using hubot on Microsoft Teams, but met some problems.

I read the guide document and find that we should first allow external apps in Microsoft Teams .We should ask our Microsoft Admin team to help to open this on. Now, we are review this with our security team about this.

There is something I want to get from you: 1.I find if I want to active the hubot, I should first set an endpoint, what is this used for? Why should we set this? When we enterprise hubot with hipchat and yammer, we just need an account, set the user name and password, tell hubot the group Name we want hubot join, and it worked like a normal user.

2.I found “@robot.router.post @endpoint, @connector.listen()” in the code, So, how the botbuilder listen,and where it listen?

3.Are messages all transport by http? Is it safe enough?

1 answers

solution1
 0  2018-11-14 17:19:36

I just went through setting up our Hubot in teams as we will be moving from Hipchat and thought I could answer some of these questions.

  1. The endpoint is used to send messages to your bot since it does not join as a user like Hipchat. When run with the botframework adapter /api/messages is used for communicating with your bot by Microsoft.

  2. I'm not certain where in the code it listens but you have to @ mention the bot in order for the app in teams to send the message to the bot's endpoint

  3. The endpoint has to be HTTPS, meaning you have to proxy Hubot. The endpoint also has to be publicly available, or at least available to the Microsoft IP range. However, I found there is authentication that happens:

    while anyone can technically post to your api/messages endpoint, the message coming in has a JWT token signed by AAD to verify that it came from a proper source. The botbuilder SDK (package that this adapter relies on) does this check for every message. Every response is also authorized with a JWT token that your bot retrieves from AAD for us to verify as well.

Reference: https://github.com/Microsoft/BotFramework-Hubot/issues/25#issuecomment-402223551

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question What is the ideal way to listen for messages from Hubot scripts? Where can i see hubot logger messages? How to make Hubot know he/she is receiving the message in a private chat? How do I fix this code to allow it to compile? How can I remove the “<pre>” tags in Hubot httpd script? How can I access hubot without adding hubot with each message? How can I use my free allowance on Heroku? How do I dynamically define help for a hubot command? How do I find the name of the room Hubot is responding to? How do I integrate wit.ai and hubot?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM