问题
I'm using the MSFT Bot Framework to build a team bot but my bot is only relevant to my organization. Actually I don't want anyone outside my organization to be able to talk to it.
I've been looking how to limit my bot to a specific Office 365 organization but can't find how to do it. The only thing I can find is using the other party userstring to see in which org they live.
My question: Is ther a way to limit my bot to a single O365 organization?
Thanks
Bram
回答1:
Its been 2 years but there's no real answer and it popped up in my related list tho...
These days you can write an easy simple middleware that does the tenant filtering like here:
public static string TenantFilterSettingAny = "#ANY#";
/// <summary>
/// Here are below scenarios -
/// #Scenario 1 - Reject the Bot If Tenant is configured in web.config and doesn't match with Incoming request tenant
/// #Scenario 2 - Allow Bot for every Tenant if Tenant is not configured in web.config file and default value is #ANY#
/// </summary>
/// <param name="activity"></param>
/// <param name="currentTenant"></param>
/// <returns></returns>
public static bool RejectMessageBasedOnTenant(IMessageActivity activity, string currentTenant)
{
if (!String.Equals(ConfigurationManager.AppSettings["OFFICE_365_TENANT_FILTER"], TenantFilterSettingAny))
{
//#Scenario 1
return !string.Equals(ConfigurationManager.AppSettings["OFFICE_365_TENANT_FILTER"], currentTenant);
}
else
{
//Scenario 2
return false;
}
}
Its taken from this sample
回答2:
The most reliable way right now is to implement authentication of users, as demonstrated in AuthBot, and then check the tenant-id of the logged-in user.
来源:https://stackoverflow.com/questions/40702666/limit-a-teams-bot-to-my-organization