Refer to image below for high level architecture.
The following are the main components:
The Backend service is an ASP.NET Core 3.1 application for housing all the business logic for the QBot implementation. It acts as the message handler for the bot (under the /bot/message path) as well as the backend for the React application for the personal and shared app experiences (tabs, task modules).
Client application that powers personal, shared tab and task module experiences.
Bot channel registration. The messaging endpoint is set to QBot Backend service to handle bot interactions in Teams.
Azure Cognitive service to help intelligently answer questions. The backend service posts QnA Pairs in this service (KnowledgeBase) and queries it for answers when a new question is posted.
The solution creates 1 Knowledge Base resource and a unique metadata pair for every logical knowledge base that users creates in the application. Learn more.
Stores course, course members, knowledge base, tutorial group, question and answer data entities. You will find all the data entities here.
QBot uses certificate credentials to authenticate to Azure AD. The certificates are stored in Key Vault.
Telemetry is sent to application insights service. This makes it easier to monitor application health and debug issues.
The backend service consumes Graph services to read User profile, read Teams data (messages in a channel) and send notifications to users.
- The application contains 3 projects
Web- Exposes REST APIs (including Bot messaging endpoint) for clients to integrate. Also contains React application logic.Domain- Contains the core business logic to setup a course, QnA workflow, user roles etc.Infrastructure- FulfillsDomain's dependencies. Example - Connects to QnA Maker service, Teams and Graph services, Key Vault and R/W data from/to SQL Server. Each dependency can be replaced without affecting Domain logic.
You may refer to the following image that covers all the APIs in this web application.
We have integrated Swagger UI in the project, once your deployment is completed, you can go to https://qbot-<unique-name>-webapp.azurewebsites.net/swagger/index.html to explore them.
The application authenticates all the incoming requests, and it allows communication from one tenant only. (configurable via the AzureAd::TenantId app setting)
The following table describes user level control based on their role in a course:
| User Role | Ask Question | Answer Question | Select an Answer | Manage user roles, tutorial groups | Initial set-up |
|---|---|---|---|---|---|
| Student | Y | Y | Y* | N | N |
| Tutor | Y | Y | Y | N | N |
| Educator | Y | Y | Y | Y | Y |
*only for questions posted by the student.
There are several authorization policies in the web application to implement this, important ones are noted below:
| Policy Name | Description |
|---|---|
| CourseManagerPolicy | Authorization policy to authorize users who can manage a course. |
| CourseMemberPolicy | Authorization policy to authorize all members of a course. This makes sure that only members of a course have access to course data. |
| PostAnswerPolicy | Authorization policy to restrict who can post an answer to a question. This includes user who posted the original question, Educators and Tutors. |
You may view all the authorization policies here
The application consumes the following Graph and Resource Specific Consent permissions.
| Permission Name | Permission Type | Use case |
|---|---|---|
| TeamsActivity.Send | Application | Send activity feed notifications to users. API |
| User.Read.All | Application | Read user's profile. API |
| Permission Name | Permission Type | Use case |
|---|---|---|
| ChannelMessage.Read.Group | Application | Read all the replies to a question/conversation. |
| TeamMember.Read.Group | Application | Read a team member's profile |
| TeamSettings.Read.Group | Application | Read a team's profile picture |
The following image captures the events when a user posts a new question.
Note: The application responds with an intelligent answer only when a knowledge base is configured for a course.
The following image captures the events when a user selects an anwer.
