Update botservice swagger to perform crud operations on connection settings #3071
Conversation
AutoRest linter results for ARM Related Validation Errors/WarningsThese errors are reported by the ARM team's validation tools, reachout to ARM RP API Review directly for any questions or concerns. File: specification/botservice/resource-manager/readme.md
|
AutoRest linter results for SDK Related Validation Errors/WarningsThese errors are reported by the SDK team's validation tools, reachout to ADX Swagger Reviewers directly for any questions or concerns. File: specification/botservice/resource-manager/readme.md
|
| @@ -0,0 +1,36 @@ | |||
| { | |||
| "parameters": { | |||
There was a problem hiding this comment.
The file name says ListTokensByBotService...shouldn't it be ListConnectionsByBotService?
ravbhatnagar
left a comment
ravbhatnagar
left a comment
There was a problem hiding this comment.
Please take a look at the comments.
| "type": "string", | ||
| "description": "Scopes associated with the Connection Setting" | ||
| }, | ||
| "id": { |
There was a problem hiding this comment.
top level properties should not be repeated inside the properties envelope. Id is a top level property which implies the resource id for the connectionSetting resource. If this is the same id, you can remove it from here.
| "type": "string", | ||
| "description": "Client Secret associated with the Connection Setting" | ||
| }, | ||
| "scopes": { |
There was a problem hiding this comment.
what can the scopes be?
There was a problem hiding this comment.
scopes are serviceprovider dependent and are comma-separated or whitespace separated.
for example, an example scope string for aad is "email.read email.write profile.read" the specific service provider logic knows how to handle this.
| "type": "string", | ||
| "description": "Client Id associated with the Connection Setting." | ||
| }, | ||
| "clientSecret": { |
There was a problem hiding this comment.
should not returned in the response of GET, PUT, PATCH. just confirming.
There was a problem hiding this comment.
Yes. Also, i added a new listwithsecrets path, similar to how we have channel/listwithkeys method. On doing a post to this url, the caller can get a particular connectionname with the secrets present.
Otherwise, the clientsecret will not be returned in a normal get,put, patch
| }, | ||
| "ConnectionSettingProperties": { | ||
| "properties": { | ||
| "clientId": { |
There was a problem hiding this comment.
how do customers get this?
There was a problem hiding this comment.
this is service provider specific and will be covered in the documentation.
| "type": "string", | ||
| "description": "Id associated with the Connection Setting" | ||
| }, | ||
| "name": { |
There was a problem hiding this comment.
this should be a top level property, which comes when you do a allOf on a "resource"
| "type": "string", | ||
| "description": "Service Provider Id associated with the Connection Setting" | ||
| }, | ||
| "serviceProviderDisplayName": { |
There was a problem hiding this comment.
Why do you need both serviceProviderId and serviceProviderDisplayname to be provided? serviceProviderId should be sufficient.
There was a problem hiding this comment.
The serviceproviderdisplayname is needed by the botservice azure portal blade to display the service providers available as a dropdown, when they add a connection. it makes better ui experience to have the display name than to have just the id.
| } | ||
| } | ||
| }, | ||
| "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.BotService/botServices/{resourceName}/listServiceProviders": { |
There was a problem hiding this comment.
Why is this an action on the botService resource instead of an action on the provider itself? Are providers specific to an instance of the botService resource, likely not?
There was a problem hiding this comment.
made this an action on the botservice provider itself, since it's not specific to an instance of the resource
ravbhatnagar
added
the
WaitForARMFeedback
|
Has this service gone through the API Review board? Given @ravbhatnagar's comments, it seems like it has not. |
Automation for azure-libraries-for-javaNothing to generate for azure-libraries-for-java |
Automation for azure-sdk-for-nodeNothing to generate for azure-sdk-for-node |
Automation for azure-sdk-for-pythonThe initial PR has been merged into your service PR: |
Automation for azure-sdk-for-goThe initial PR has been merged into your service PR: |
ravbhatnagar
added
ARMSignedOff
|
Looks good. |
|
@marstr we have the arm review signoff now. Can you please take a look and merge if it looks good? |
| "maxLength": 64, | ||
| "minLength": 2, | ||
| "pattern": "^[a-zA-Z0-9][a-zA-Z0-9_.-]*$", | ||
| "description": "The name of the Bot Connection Setting resource." |
There was a problem hiding this comment.
With the defintions like resourceName, resourceGroupName, and connectionName which seem to be repeated, I'd move them to the "definitions"/"parameters" section in order to make this Swagger more maintainable moving forward.
There was a problem hiding this comment.
added these to be parameter definitions which are now referenced through out the swagger
| "operationId": "BotConnection_ListWithSecrets", | ||
| "parameters": [ | ||
| { | ||
| "name": "resourceGroupName", |
There was a problem hiding this comment.
An empty resourceGroupName being sent over the wire can result in really obfuscated errors being returned to the client. Please add some validation to the definition of resourceGroupName to prevent this.
There was a problem hiding this comment.
added validation similar to resource name
| "ListServiceProviders" | ||
| ], | ||
| "description": "Lists the available Service Providers for creating Connection Settings", | ||
| "operationId": "BotConnections_ListServiceProviders", |
There was a problem hiding this comment.
It looks like there are two Operation Group names present here: "BotConnections" and "BotConnection" this will result in two separate client types being generated. Is this the intended behavior?
There was a problem hiding this comment.
I found another one "BotToken", should that be dangled off of a separate client?
There was a problem hiding this comment.
removed all "connections" and token references and updated them to be connection to keep things consistent
| "Connections" | ||
| ], | ||
| "description": "Returns all the Connection Settings registered to a particular BotService resource", | ||
| "operationId": "Connections_ListByBotService", |
There was a problem hiding this comment.
Is this supposed to be `BotConnections_ListByBotService"?
There was a problem hiding this comment.
yes. changed it to botconnections
There was a problem hiding this comment.
changed it to botconnection_listbybotservice to keep it consistent.
Automation for azure-sdk-for-rubyNothing to generate for azure-sdk-for-ruby |
| } | ||
| }, | ||
| "parameters": { | ||
| "resourceGroupNameParameter": { |
There was a problem hiding this comment.
resourceGroupNameParameter and resourceNameParameter are missing the x-ms-parameter-location property, which can have some sorta gnarly code-gen repercussions.
I'd add "x-ms-parameter-location":"method", to both parameter definitions.
|
Ready for me to merge, @swagatmishra2007? |
|
@marstr thanks for the review! all done from my end. Please merge :) |
6 participants
This changelist updates the swagger to be able to add/remote/update conneciton settings in botservice.
connection settings (called "connections" in the swagger) are a new feature in botservice related to authentication. Using this, a bot developer can select a service provider (like pinterest, aad, github etc) and then add a connection setting pertaining to this service. This lets his bot authenticate a user to a service provider and fetch a token on his behalf. Eg: you can add a github connection as a bot developer.Now a user of your bot can authenticate into github using your bot and access his git repositories.