Botframework-sdk: Unauthorized error while sending message back to FB Messenger
I have a bot I've connected to FB Messenger. It was working for a while. I've since upgraded to BotBuilder 3.3.1 and re-deployed the application. I can use the bot with the emulator no problem. On the bot page, the Test Connection to Bot button works fine. Says bot is authorized. My bot receives messages from FB Messenger without a problem. But when i send the message back , I get this error:
Warning: 0 : Service url facebook.botframework.com is not trusted and JwtToken cannot be sent to it.
Application Insights Telemetry: {"name":"Microsoft.ApplicationInsights.bc7d40e7b50c401891fddb26bb3a0c41.RemoteDependency","time":"2016-11-11T23:38:42.3591555Z","iKey":"bc7d40e7-b50c-4018-91fd-db26bb3a0c41","tags":{"ai.operation.id":"2C6I4qV40f8=","ai.operation.name":"POST Messages/Post","ai.location.ip":"40.121.92.251","ai.user.userAgent":"BF-Facebook (Microsoft-BotFramework/3.1 +https://botframework.com/ua)","ai.device.roleInstance":"USYNCNB39355","ai.internal.sdkVersion":"rddf: 2.1.0.363"},"data":{"baseType":"RemoteDependencyData","baseData":{"ver":2,"name":"https://facebook.botframework.com/v3/conversations/1199955020074474-1757015214565977/activities/mid.1478907516997%3A7cc61b7f86","id":"Kx/dKMzCYg4=","value":445.2651,"resultCode":"403","dependencyKind":1,"success":false}}}
System.UnauthorizedAccessException: Authorization for Microsoft App ID 6f82b1da-7eb2-4870-b78f-5401d97dfcd3 failed with status code Forbidden
Any thoughts as to what may be occuring?
srozga
All 12 comments
I can confirm this is only an issue with BotBuilder 3.3.1. I downgraded to 3.3.0 and everything works fine.
srozga
on 12 Nov 2016
Adding
MicrosoftAppCredentials.TrustServiceUrl(@"https://facebook.botframework.com", DateTime.MaxValue);
upon startup solved it for me. Can anybody else try it?
vossccp
on 17 Nov 2016
@Stevenic @maxpert is this resolved in 3.5?
chrimc62
on 28 Nov 2016
Still a problem for me in Bot Builder v3.3.3.
Same warning, same error. Also right after upgrading from 3.3.1 to 3.3.3
willemodendaal
on 12 Dec 2016
@vossccp, your suggestion worked for me, thanks.
willemodendaal
on 12 Dec 2016
@vossccp's suggestion worked for me as well as a workaround.
srozga
on 16 Dec 2016
This is an issue in the C# SDK not the Node SDK.
Stevenic
on 17 Dec 2016
Similar to #1729. This is not an issue with the SDK. By desing, MicrosoftAppCredentials only sets the JwtToken of the bot for the post requests to trusted host names. For regular incoming messages to bot, BotAuthenticator adds the service urls to the trusted set if the incoming request to bot is authenticated.
For proactive messages or for the calls to connector that happens in a process that haven't seen the incoming request, your implementation needs to add the service url to the set of trusted host names using the TrustServiceUrl.
The ResumeAsync(...) implementation shows how bot builder trusts the service url if resumption cookie has the IsTrustedServiceUrl flag set to true: https://github.com/Microsoft/BotBuilder/blob/master/CSharp/Library/Dialogs/Conversation.cs#L97
msft-shahins
on 20 Dec 2016
@vossccp, @srozga where did you insert that code ?
ghost
on 24 Feb 2017
just run into this issue
Guys, you definitely have to put info about the problem here https://docs.microsoft.com/en-us/bot-framework/troubleshoot-authentication-problems
@lonche you can put straight to your Startup.Configuration method
viktor-nikolaev
on 10 Aug 2017
When my HttpClient make the request.
HttpResponseMessage response = await client.GetAsync(uri);
Show me this message in output window:
iisexpress.exe Warning: 0 : Service url localhost:19564 is not trusted and JwtToken cannot be sent to it.
rbolanoherrera
on 7 Nov 2017
@rbolanoherrrera This issue is closed. Please create a new issue, or ask your question on Stack Overflow.
EricDahlvang
on 7 Nov 2017
Related issues
Vigneshramkumar
路
3Comments
akakoychenko
路
3Comments
peterbozso
路
3Comments
RaoVenka
路
3Comments
stijnherreman
路
3Comments