有 Azure Bot 服务的管理 API 吗?

问题描述 投票:0回答:1

我已经拥有客户提供的 Facebook 页面 ID 和令牌。如何使用 POST 请求以编程方式将它们添加到 Microsoft Bot Framework 中的 Facebook 频道?

我已经用红色标记了添加Facebook页面的位置。我尝试使用 Management API,但收到 403 错误,这让我觉得这不是正确的解决方案。我按照文档进行操作,但没有得到预期的结果

shwocase where i need to add it

这是我当前的代码,导致 403,正如我所说,我不相信它是解决方案

import { HttpService } from '@nestjs/axios';
import { Injectable } from '@nestjs/common';
import { ConfigService } from '@nestjs/config';
import { ClientSecretCredential } from '@azure/identity';

@Injectable()
export class AzureService {
  constructor(
    private configService: ConfigService,
    private httpService: HttpService
  ) {}

  async addFacebookPage(pageAccessToken: string, pageId: string) {
    const botEndpoint = 'https://management.azure.com';
    const botResourcePath = `/subscriptions/${this.configService.get('AZURE_SUBSCRIPTION_ID')}/resourceGroups/${this.configService.get('AZURE_RESOURCE_GROUP')}/providers/Microsoft.BotService/botServices/${this.configService.get('AZURE_BOT_NAME')}/channels/FacebookChannel`;

    const payload = {
      properties: {
        pageAccessToken: pageAccessToken,
        pageId,
      },
    };

    const url = `${botEndpoint}${botResourcePath}?api-version=2018-07-12`;

    // Get the Azure Bot token using ClientSecretCredential
    const token = await this.getBotToken();
    const headers = {
      Authorization: `Bearer ${token}`,
    };

    try {
      const response = await this.httpService.axiosRef.put(url, payload, { headers });
      return response.data;
    } catch (error) {
      throw new Error(`Failed to add page to azure : ${error.message}`);
    }
  }

  private async getBotToken(): Promise<string> {
    // Using ClientSecretCredential from @azure/identity to get the access token
    const tenantId = this.configService.get<string>('AZURE_TENANT_ID');
    const clientId = this.configService.get<string>('MICROSOFT_APP_ID');
    const clientSecret = this.configService.get<string>('MICROSOFT_APP_PASSWORD');

    const credential = new ClientSecretCredential(tenantId, clientId, clientSecret);

    try {
      const tokenResponse = await credential.getToken('https://management.azure.com/.default');
      console.log('Token successfully retrieved:', tokenResponse.token); // Debugging only

      return tokenResponse.token; // Return the access token
    } catch (error) {
      throw new Error(`Failed to get bot token for azure: ${error.message}`);
    }
  }
}
azure permissions botframework
1个回答
0
投票

我已经用红色标记了添加Facebook页面的位置。我尝试使用 Management API,但收到 403 错误。

由于尝试将 

 Faceboo
k 页面添加到您的 
Azure Bot Service
时出现 403 错误,表示权限问题或配置不正确。检查应用程序是否有适当的权限来添加带有页面 ID 的 Facebook 频道。

要添加 Facebook 频道,应用程序需要资源组级别的 

Contributor
角色。

您可以使用以下命令列出应用程序注册的角色,并将

contributor
角色添加到资源组中。

命令:

# Check current roles
az role assignment list --assignee <CLIENT_ID> -all

# Assign Contributor role if missing
az role assignment create \
  --assignee <CLIENT_ID> \
  --role Contributor \
  --scope /subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<RESOURCE_GROUP>

输出:

zzzz [ ~ ]$ az role assignment list --assignee 'clientid' --all
[
  {
    "condition": null,
    "conditionVersion": null,
    "createdBy": "6xxx",
    "createdOn": "xxx",
    "delegatedManagedIdentityResourceId": null,
    "description": null,
    "id": "/subscriptions/xxx/resourceGroups/xx/providers/Microsoft.Storage/storageAccounts/venkat326123/providers/Microsoft.Authorization/roleAssignments/fd56747e-1470-4433-a242-33acfbb78edc",
    "name": "xxxx",
    "principalId": "xxx",
    "principalName": "xxx",
    "principalType": "ServicePrincipal",
    "resourceGroup": "xxx",
    "roleDefinitionId": "/subscriptions/xxxxx/providers/Microsoft.Authorization/roleDefinitions/xxxx",
    "roleDefinitionName": "Storage Blob Data Contributor",
    "scope": "/subscriptions/xxx/resourceGroups/xxxx/providers/Microsoft.Storage/storageAccounts/venkat326123",
    "type": "Microsoft.Authorization/roleAssignments",
    "updatedBy": "63682e3e-bbd6-444f-9d84-6f4d45d59218",
    "updatedOn": "2024-12-02T07:38:50.043262+00:00"
  }
]
venkatesan [ ~ ]$ az role assignment create --assignee <CLIENT_ID> --role Contributor --scope /subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<RESOURCE_GROUP>
{
  "condition": null,
  "conditionVersion": null,
  "createdBy": null,
  "createdOn": "2024-12-02T07:42:40.962255+00:00",
  "delegatedManagedIdentityResourceId": null,
  "description": null,
  "id": "/subscriptions/xxx/resourceGroups/xxx/providers/Microsoft.Authorization/roleAssignments/61045da3-fd76-4fef-8670-fe74bd620ab5",
  "name": "xxxx",
  "principalId": "375760b6-497c-4606-b0fe-98eeb25af615",
  "principalType": "xxx",
  "resourceGroup": "xxx",
  "roleDefinitionId": "/subscriptions/bxxxx/providers/Microsoft.Authorization/roleDefinitions/xxxxc",
  "scope": "/subscriptions/xx/resourceGroupsxxxg",
  "type": "Microsoft.Authorization/roleAssignments",
  "updatedBy": "63682e3e-bbd6-444f-9d84-6f4d45d59218",
  "updatedOn": "2024-12-02T07:42:42.547743+00:00"
}

传送门: enter image description here

传送门: enter image description here

现在,您可以使用相同的代码通过 

pageId
使用 Microsoft Bot Framework 使用 POST 请求添加 Facebook 频道。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.