Improve Health Probe to Verify APP_SECRET

Question

Improve Health Probe to Verify APP_SECRET

Closed this issue 4 years ago · 3 comments

ericmaino-automation commented 4 years ago

The health probe confirms the WEBCHAT_SECRET is valid by obtaining a direct line token however it does not verify the APP_SECRET.

It could send a simple INIT/END conversation as part of the probe when it is in an unhealthy state

Answer 1 · 2020-03-31T19:16:40.000Z

Hi @ericmaino, by design, the server doesn't communicate with the bot, and only generate tokens.
It will be pretty complicated to have it send the event to the bot, and more than that, actually verify that the the JWT was valid.
And on the other hand, if the bot is configured to enable "end user authentication", it will surface immediately in the client.

I suggest to leave it as it is for now.
Thanks!

Answer 2 · 2020-04-02T01:15:37.000Z

@amir-microsoft understood. I took a moment to explore this today and submit a PR that will address it. Understood if it doesn't meet the bar at the moment.

Answer 3 · 2020-04-04T12:56:21.000Z

Thanks @ericmaino !
It looks like it will work, but for now I don't think this functionality is required in the server side, and I wish to keep it as simple as possible.
I will close the PR now, we can revisit this in the future.

Thank again