4.2.1
Bot Framework emulator is throwing a 500 InternalServerError when posting to /v3/conversations, despite the same code works in a deployed bot with Microsoft Teams.
(1) The error message is Cannot read property 'appid' of undefined, when the request contains a valid JWT Bearer token in the Authorization header. (The JWT payload DOES contain a property called appid btw.)
(2) If I leave the Authorization header empty, I get another 500 InternalServerError and the error message is Cannot read property 'payload' of undefined.
(3) If I send some random text as the Bearer token in the Authorization header - as suggested here - I get a 401 Unauthorized (at least not another 500 InternalServerError 🙄).
serviceUrl's /v3/conversations endpoint (it should look like this: http://localhost:PORT/v3/conversations) with the request body included below and (1) a JWT generated by the .NET Bot Builder SDK v4 / (2) nothing / (3) some random text in the Authorization header.500 InternalServerErrors with JavaScript error messages on the API endpoints. Handle the errors and send back a 400 BadRequest or even an 500 InternalServerError but with a meaningful error message.200 OK and send the conversationId in the body of the response.401 Unauthorized IMHO, but clearly not with 500 InternalServerError.401 Unauthorized is correct IMHO, but if we take @tonyanziano's comment into account, then it should respond correctly with 200 OK and a conversationId.I was able trace the issue back to this line in the Bot Framework Emulator: https://github.com/Microsoft/BotFramework-Emulator/blob/4b620e3367938243a70fada026654280727b7beb/packages/emulator/core/src/conversations/middleware/getBotEndpoint.ts#L64
But I'm not totally sure what is causing the issue here. Maybe something is broken in JWT parsing.
Request body:
{
"bot": {
"id": "3",
"name": "Bot",
"role": "bot"
},
"members": [
{
"id": "3570b2c3-9377-4880-87a1-666bba16d0bb",
"name": "User",
"role": "user"
}
],
"channelData": {
"clientActivityId": "1545857215036.8654911430483678.2"
}
}
Parsed JWT token:
{
"typ": "JWT",
"alg": "RS256",
"x5t": "nbCwW56w3KsB-xUaPlLOSLjODGQ",
"kid": "nbCwW56w3KsB-xUaPlLOSLjODGQ"
}.{
"aud": "https://api.botframework.com",
"iss": "https://sts.windows.net/d6d49420-****-****-****-************/",
"iat": 1545856906,
"nbf": 1545856906,
"exp": 1545860806,
"aio": "42RgPOsZXnazy/hiHcpsJAVW1petAA==",
"appid": "3e58d71d-****-****-****-************",
"appidacr": "1",
"idp": "https://sts.windows.net/d6d49420-****-****-****-************/",
"tid": "d6d49420-****-****-****-************",
"uti": "pL3r9YTz7EuFksrQefLsAA",
"ver": "1.0"
}.[Signature]
Code used to make the request originally with the .NET Bot Builder SDK v4:
await _botFrameworkAdapter.CreateConversationAsync(
"emulator",
"http://localhost:31973",
new MicrosoftAppCredentials(**appId**, **appPassword**),
new ConversationParameters(bot: **botChannelAccount**, members: new List<ChannelAccount> { **userChannelAccount** }, channelData: **channelData**),
Callback(),
cancellationToken);
[bug]
@mark-szabo -
To clarify, you are posting to the Emulator via Postman a request that was originally generated via a locally running bot as a response to an activity from the user?
Hi @justinwilaby, almost correct. The original request was generated by the botbuilder-dotnet SDK v4 with the code above. But not as a response to an activity from a user, but a proactive message - a conversation initiated from the bot (createConversation).
Happy New Year! 🎉🎆
@mark-szabo - Happy new year to you too!
I can't seem to repro this issue. All proactive messaging from my test bot seem to work as expected :(
If you have a free moment, I'd like to walk you through debugging on the Emulator to hunt down the culprit on a screen share or teams call. Feel free to reach out to me anytime and I look forward to talking with you!
So while debugging with @justinwilaby, we discovered the following bugs/question marks:
payload property of jwt is not necessary, appid is directly contained in jwt.- (req as any).botEndpoint = botEmulator.facilities.endpoints.getByAppId((req as any).jwt.payload.appid);
+ (req as any).botEndpoint = botEmulator.facilities.endpoints.getByAppId((req as any).jwt.appid);
createConversations.ts there is a check whether conversationParameters.activity is null. But it should rather check whether it is undefined...- if (conversationParameters.activity !== null)
+ if (conversationParameters.activity)
createConversations.ts: this does not have a property called botid. What is 'security bot id' by the way?if (conversationParameters.bot.id !== this.botId) {
throw createAPIException(HttpStatus.BAD_REQUEST, ErrorCodes.BadArgument,
'conversationParameters.bot.id doesn\'t match security bot id');
}
When we fixed (1), (2), commented out the whole check in (3), we were able to get the 200 OK back with the conversation id. 🥳

POSTed to /v3/conversations/:conversationId/activities happened anything at all on the emulator UI. What should happen in theory? A new tab should open in the emulator? The activity should appear in the current, open conversation in the emulator?
Beginning work on this now.
Awesome, thank you @justinwilaby for fixing this! 🙌