You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"""Determines if a given Auth header is from the Bot Framework Emulator
33
+
authHeader Bearer Token, in the "Bearer [Long String]" Format.
34
+
returns True, if the token was issued by the Emulator. Otherwise, false.
35
+
"""
36
+
37
+
# The Auth Header generally looks like this:
38
+
# "Bearer eyJ0e[...Big Long String...]XAiO"
39
+
if (notauthHeader):
40
+
# No token. Can't be an emulator token.
41
+
returnFalse
42
+
43
+
parts=authHeader.split(' ')
44
+
if (parts.length!=2):
45
+
# Emulator tokens MUST have exactly 2 parts. If we don't have 2 parts, it's not an emulator token
46
+
returnFalse
47
+
48
+
authScheme=parts[0]
49
+
bearerToken=parts[1]
50
+
51
+
# We now have an array that should be:
52
+
# [0] = "Bearer"
53
+
# [1] = "[Big Long String]"
54
+
if (authScheme!='Bearer'):
55
+
# The scheme from the emulator MUST be "Bearer"
56
+
returnFalse
57
+
58
+
# Parse the Big Long String into an actual token.
59
+
token=jwt.decode(bearerToken, verify=False)
60
+
if (nottoken):
61
+
returnFalse
62
+
63
+
# Is there an Issuer?
64
+
issuer=token.payload.iss
65
+
if (notissuer):
66
+
# No Issuer, means it's not from the Emulator.
67
+
returnFalse
4
68
5
-
@staticmethod
6
-
defis_from_emulator(header):
7
-
returnTrue
69
+
# Is the token issues by a source we consider to be the emulator?
70
+
if (EmulatorValidation.TO_BOT_FROM_EMULATOR_TOKEN_VALIDATION_PARAMETERS.issuerandEmulatorValidation.TO_BOT_FROM_EMULATOR_TOKEN_VALIDATION_PARAMETERS.issuer.find(issuer) ==-1):
71
+
# Not a Valid Issuer. This is NOT a Bot Framework Emulator Token.
72
+
returnFalse
8
73
9
-
@staticmethod
10
-
defauthenticate_token(header, credentials):
11
-
pass
74
+
# The Token is from the Bot Framework Emulator. Success!
0 commit comments