问题描述
我们使用机器人框架运行机器人,并使用JS中的直线从我们的网站连接到它。我们从自定义API端点获取令牌,并将令牌存储在sessionStorage中。然后我们使用
连接到机器人directLine = await window.WebChat.createDirectLine({
token,conversationId,watermark: "0"
});
一切正常,但是当我将页面保持打开状态太长时间时,sessionStorage中的令牌就会过期。页面刷新或导航到其他页面会在createDirectLine方法内部导致403错误。结果导致聊天机器人无法连接,只要sessionStorage持有该令牌。这种行为对我来说并不奇怪,但是我不知道该如何处理。
我想要的只是清除sessionStorge,请求新令牌并在发生这种情况时开始新的对话。但是我不知道该怎么做。如何从createDirectLine方法获得403错误?还是有一种方法可以预先验证令牌?
我已经尝试过在createDirectLine方法周围放置一个try / catch块,但是403错误没有出现在catch中。
谢谢!
解决方法
此解决方案仅用于解决由于令牌过期(我认为在30分钟内)之后发生的403错误。更好的解决方案是将对话ID与令牌一起存储,并使用令牌获得新的令牌。检查official bot service documentation。
// to shorten code,we store in sessionStorage as separate items.
const expirationDuration = 1000 * 60 * 30; // 30 minutes
const currentTime = new Date().getTime();
const timeTokenStored = sessionStorage.getItem("timeTokenStored") || currentTime;
// if token is stored over 30 minutes ago,ignore it and get a new one. Otherwise,use it.
if ((currentTime - timeTokenStored) > expirationDuration) {
const res = await fetch('https://<yourTokenEndpoint>',{ method: 'POST' });
const { token } = await res.json();}
const currentTime = new Date().getTime();
sessionStorage.setItem("timeTokenStored",currentTime);
sessionStorage.setItem('token',token);
else {
const token = sessionStorage.getItem("token")
}
在处理时,最好将其存储在localStorage中。这样,您的漫游器就会跟随用户。
,我找到了解决方案。我们可以通过刷新令牌来检查令牌是否有效。如果刷新导致错误,则令牌不再有效。如果刷新成功,则令牌将再有效一个小时。
因此,我们在后端添加了(可重复使用的)函数,以使用https://directline.botframework.com/v3/directline/tokens/refresh刷新令牌。
然后我们更改了前端代码,以调用新的刷新功能。
前端代码:
// Gets a new token from the cloud.
async function requestToken() {
if (!sessionStorage['webchatToken']) {
const res = await fetch('https://' + serviceName + '.azurewebsites.net/api/token');
// If the request was succesfull,store the token and userId.
if (res.status == 200) {
const jsonResult = await res.json();
sessionStorage['webchatToken'] = jsonResult.token;
sessionStorage['webchatUserId'] = jsonResult.userId;
console.log(`Got token from cloud`);
// refresh the token every 15 minutes.
setTimeout(() => {
refreshToken();
},60000 * 15); // 15 minutes
}
// If the request was not succesfull,retry.
else {
console.log(`Tried to get token,but goterror ` + res.status + `. Retrying.`);
await requestToken();
}
}
// If there is already a token in storage,refresh the existing one instead of requesting a new one.
else {
console.log(`Got token from sessionStorage`);
await refreshToken();
}
}
// Refreshes an existing token so it doesn't expire.
async function refreshToken() {
// Refresh the token if it exists in storage.
if (sessionStorage['webchatToken']) {
const res = await fetch('https://' + serviceName + '.azurewebsites.net/api/token/refresh?token=' + sessionStorage['webchatToken'],{
method: 'POST'
});
// If refresh was succesfull we are done.
if (res.status == 200) {
console.log(`Refreshed token`);
}
// If refresh was not succesfull,clear the token from storage and request a new one. The token is probably expired.
else {
console.log(`Tried to refresh token,but got error ` + res.status + `. Requesting new token.`);
sessionStorage.clear();
await requestToken();
}
}
// If there is no token in storage,request a new token.
else {
console.log(`Tried to refresh token,but token is not defined. Requesting new token.`);
sessionStorage.clear();
await requestToken();
}
}
后端代码:
[HttpGet]
[Route("api/token")]
public async Task<ObjectResult> GetToken()
{
HttpClient client = new HttpClient();
HttpRequestMessage request = new HttpRequestMessage(
HttpMethod.Post,$"https://directline.botframework.com/v3/directline/tokens/generate");
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer",_configuration.DirectLineKey);
var userId = $"dl_{Guid.NewGuid()}";
request.Content = new StringContent(
JsonConvert.SerializeObject(new { User = new { Id = userId } }),Encoding.UTF8,"application/json");
var response = await client.SendAsync(request);
string token = String.Empty;
int expiresIn = 0;
if (response.IsSuccessStatusCode)
{
var body = await response.Content.ReadAsStringAsync();
token = JsonConvert.DeserializeObject<DirectLineToken>(body).token;
expiresIn = JsonConvert.DeserializeObject<DirectLineToken>(body).expires_in;
}
return Ok(new { token,userId,expiresIn });
}
[HttpPost]
[Route("api/token/refresh/")]
public async Task<ObjectResult> RefreshToken(string token)
{
HttpClient client = new HttpClient();
HttpRequestMessage request = new HttpRequestMessage(
HttpMethod.Post,$"https://directline.botframework.com/v3/directline/tokens/refresh");
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer",token);
var response = await client.SendAsync(request);
token = String.Empty;
int expiresIn = 0;
if (response.IsSuccessStatusCode)
{
var body = await response.Content.ReadAsStringAsync();
token = JsonConvert.DeserializeObject<DirectLineToken>(body).token;
expiresIn = JsonConvert.DeserializeObject<DirectLineToken>(body).expires_in;
}
if (string.IsNullOrEmpty(token))
return Problem("Token incorrect");
return Ok(new { token,expiresIn });
}
我希望发布此信息可能对某人有用。