Thursday, 12 September 2019

When CERTS expire...

Today I noticed my SSL cert expired. I received notice mid-July, but as with everything, I checked if everything still worked at that time - it did - so conveniently forgot.

This meant likely yesterday, my webs server anounced it was not secured, and all my Cortana skills stopped working with an obscure error message stopped working. (The error message buried at the bottom of the message was [bot service response null].)

So I fixed it by

  • downloading my new cert
  • figuring out how to use psftp to upload them to my server given I'd obfuscated sshd configuration
  • uploading my new crt files and moving them to /etc/ssl/certs
  • updating the various entries in /etc/apache2/sites-available conf files that pointed at the cert
So all the Cortana skills are running again.  I am surprised that the automated tests Microsoft runs didn't send me a nasty email saying I was down.  Ah....

Monday, 9 September 2019

Debug C# Cortana Skill Locally

I added a video on how to create a Skill in the cloud, compile it there, then suck it back to a desktop, set debug break points, and continue to debug locally.It doesn't have commentary yet, but I'll get to it.

Thursday, 29 August 2019

Teach Your Kids to Code

Today at work we had Bring Your Kids who got an Hour of Code.... Teaching your kids to code! Super cool. They started here... Minecraft . And now I get to send them here... Robot Odyssey . Right on.

Tuesday, 23 July 2019

Well Gosh. I changed employers.

I will still be blogging about and making chatbots. But I don't work indirectly at Microsoft anymore!

And I might blog about using the Groupon API too! And making a Groupon skill...

Wednesday, 19 June 2019

Decoding JWTs and Bot Service Auth tokens

Ever wonder how to decode a JWT token to get at the email address and user name?  Given that you have the openid, email, and profile scopes granted.

Visit for decoder and doc.

Of if you love (trust?) Microsoft, ADFS JWT Decoder.

And the full blown specifation on RFC7519...

And then the openid documentation on how to get name and email.

     // header, payload, signature
     function parseJwt (token) {
            let ary = token.split('.');
            if( ary.len != 3)
                console.log( "not a JWT: " + token );
                return undefined;
            // assume it IS urlEncoded
            let base64Url = ary[1];
            let base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/');
            let txt = Buffer.from(base64, 'base64').toString();
            return JSON.parse( txt ); 

And then

let jwt = parseJwt(tokenStr);
let email = || jwt.upn || 'unknown';
let name =;
console.log( `You are ${name} at ${email}` );

But there is more cool stuff you can do via Bot Framework! For example, want to re-use an Auth Token? Use this class to send off requests piggy-backing (using on-behalf-of) on the Bot's app registration.

Then, you can also use Bot Framework's JWT decoder in C#. Use this class to decode the properties into a hashmap.

Saturday, 30 March 2019


Hi. Seems since I put up my server I get a swarm of hits on my Apache server trying to exploit WordPress, or pounding on my FTP and SSH services...