尝试将消息从 azure Bot 通道发送到 api 时出现未经授权的错误。我已经使用 pulumi 部署了 azure app 和 Bot 频道。在 azure 应用程序中,我注意到身份验证部分中有关于Implicit Grant的警告。
如果我从 azure 门户禁用隐式授予设置,则 Bot 通道可以正常工作。我正在根据 pulumi 文档使用默认设置创建 azure 应用程序,但没有选项可以删除此隐式授予设置
我使用此链接使用 pulumi 创建了 Azure 应用程序和 Bot 通道
public static AzureAD.Application Create()
{
var name = "app-name";
var azureApp = new AzureAD.Application(name, new AzureAD.ApplicationArgs
{
Name = name
// Tried combinations of the following lines, but it makes no difference
//, Type = "native"
//, Oauth2AllowImplicitFlow = false
});
CreatePrincipal(azureApp);
return azureApp;
}
private static void CreatePrincipal(AzureAD.Application azureApp)
{
var name = "app-principal";
new AzureAD.ServicePrincipal(name, new AzureAD.ServicePrincipalArgs
{
ApplicationId = azureApp.ApplicationId
});
}
public static ChannelsRegistration Create(ResourceGroup resourceGroup, AzureAD.Application teamsBotAzureApp)
{
var channelName = "Channel";
var channel = new ChannelsRegistration(channelName, new ChannelsRegistrationArgs
{
Location = "global",
ResourceGroupName = resourceGroup.Name,
Sku = "F0",
MicrosoftAppId = teamsBotAzureApp.ApplicationId,
Endpoint = "https://azurefunction.com/api/BotMessagesHandler"
});
CreateChannel(resourceGroup, channel);
return channel;
}