Bot Framework Token Service - Error building redirect URI with query params

Question

Hi,&nbsp;I am currently using the&nbsp;Token Service with my bot for OAuth authentication with no problems so far, but there was a recent need to add a query parameter into my&nbsp;Authorization URL in the bot OAuth Connection Settings that seems to be breaking my application.Checking some logs on my authentication service end I notice that the final redirect URI is being wrongly build.&nbsp;&nbsp;This is my url in the&nbsp;Authorization URL field at the&nbsp;OAuth Connection Settings, with a fictional domain:https://www.authservicehere.com/oauth2/v0/authorize?siwc=true&nbsp;This is the redirect being generate by the Token Service:https://https://www.authservicehere.com/oauth2/v0/authorize?siwc=true/oauth2/v0/authorize?redirect_uri=https://token.botframework.com/.auth/web/redirect&amp;siwc=true?client_id=xxxxxx&nbsp;Notice that it should be&nbsp;a &amp; after the siwc param, the correct redirect URI would be:https://https://www.authservicehere.com/oauth2/v0/authorize?siwc=true/oauth2/v0/authorize?redirect_uri=https://token.botframework.com/.auth/web/redirect&amp;siwc=true&amp;client_id=xxxxxx&nbsp;It could also be without the siwc param, since its only used in the authorization url like so:https://https://www.authservicehere.com/oauth2/v0/authorize?siwc=true/oauth2/v0/authorize?redirect_uri=https://token.botframework.com/.auth/web/redirect&amp;client_id=xxxxxx&nbsp;Is this an expected behavior? How can I deal with params in my authorization URL?&nbsp;Thanks.

sayali-msft · Answer

PedroKlein - Thanks for reporting your issue.We will check this at our end and will get back to you.

chetansharma-msft · Answer

Hello PedroKlein - Could you please share your code snippets so that we can try it from our end?

pedroklein · Answer

ChetanSharma-msft&nbsp;Sure, I am using a very similar login process as this https://github.com/OfficeDev/Microsoft-Teams-Samples/blob/main/samples/app-complete-auth/nodejs/bots/teamsBot.js&nbsp;using the Bot Framework https://learn.microsoft.com/en-us/azure/bot-service/bot-builder-concept-authentication?view=azure-bot-service-4.0#about-the-bot-framework-token-service to manage my OAuth flow, my bot oauth config looks like this:Without the query param siwc=true, the token service is working as expected.

chetansharma-msft · Answer

Hello PedroKlein - We haven't implemented any sample which is passing parameters in Redirect URL.
https://github.com/OfficeDev/Microsoft-Teams-Samples/tree/main/samples

We will check with engineering team once whether it is supported or not and let you know the updates.

Meanwhile, could you please also share the exact use case that you are trying to achieve via passing parameter?

pedroklein · Answer

Actually the problem is that it is building the redirect_uri (wrongly) with a parameter that it is only supposed to be used in the authorization url so that our auth service can show a different UI for login.

Forum Discussion

Bot Framework Token Service - Error building redirect URI with query params

8 Replies

Resources