对用户进行身份验证

除了用户在对话中提供的信息之外，代理通常几乎无法了解他们交流的用户。但是，代理可以使用 OAuth 对用户进行身份验证，从而确认用户身份、对对话进行个性化处理以及代表用户执行操作。

在此对话流程中，用户选择向自己的帐号添加赠金，并且代理会提示用户登录以验证用户身份，获取关于用户的已知信息并下达赠金订单。

1. 用户发起与代理的对话。

2. 用户开始输入回复后，会向代理发送输入事件。

   {
     "agent": "brands/1111/agents/2222",
     "conversationId": "3333",
     "customAgentId": "oauth",
     "requestId": "1234567890",
     "userStatus": {
       "isTyping": "true",
       "createTime": "2020-10-02T15:01:23.045123456Z",
     },
     "sendTime": "2020-10-02T15:01:24.045123456Z",
   }
   

3. 用户发送“嗨，我想向我的帐号中添加 5 个积分”消息。

   {
     "agent": "brands/1111/agents/2222",
     "conversationId": "3333",
     "customAgentId": "oauth",
     "requestId": "123123123",
     "message": {
       "messageId": "4444",
       "name": "conversations/12345/messages/67890",
       "text": "Hi, I'd like to add 5 credits to my account",
       "createTime": "2020-10-02T15:05:23.045123456Z",
     },
     "context": {
       "entryPoint": "PLACESHEET",
       "userInfo": {
         "displayName": "Michael",
         "userDeviceLocale": "en",
       },
       "resolvedLocale": "en",
     }
     "sendTime": "2020-10-02T15:05:24.045123456Z",
   }
   

4. 客服人员发送“我可以帮你这样做。请登录您的帐号以继续，并收到 Authentication 请求建议。

   clientId 和 scopes 由 OAuth 提供程序定义。代理根据 OAuth 提供方的要求生成 codeChallenge 值。

   curl -X POST "https://businessmessages.googleapis.com/v1/conversations/3333/messages" \
   -H "Content-Type: application/json" \
   -H "`oauth2l header --json path/to/service/account/key.json businessmessages`" \
   -d "{
     'messageId': '5555',
     'text': 'I can help you with that. Sign into your account to continue.',
     'suggestions': [
       {
         'AuthenticationRequest': {
           'clientId': 'oauth_client_id_1234567890',
           'codeChallenge': 'code_challenge',
           'scopes': [
             'account',
             'billing',
           ],
         },
       },
     ],
     'representative': {
       'avatarImage': 'https://oauth.agent/bot-avatar.jpg',
       'displayName': 'OAuth Agent',
       'representativeType': 'BOT'
     }
   }"
   

5. 用户收到消息，点按身份验证请求建议，然后登录其帐号。

6. 代理会在 authenticationResponse.code 字段中收到包含 OAuth 授权代码的消息。

   {
     "agent": "brands/1111/agents/2222",
     "conversationId": "3333",
     "customAgentId": "oauth",
     "requestId": "1234567895",
     "authenticationResponse": {
       "code": "fkhoe541658sfk684d135j186mngkjdrt5425415a2s1dfa68s4edf",
       },
     }
     "sendTime": "2020-10-02T15:01:24.045123456Z",
   }
   

7. 代理会与 OAuth 提供方进行通信，用授权代码换取访问令牌，并获取用户的帐号信息。

8. 客服人员发送“谢谢您登录。您目前有 2 笔赠送金额。为了确认这一点，您需要我向您的帐号添加 5 个积分，并用默认付款方式“默认”和“否”提示您的默认付款方式。

   curl -X POST "https://businessmessages.googleapis.com/v1/conversations/3333/messages" \
   -H "Content-Type: application/json" \
   -H "`oauth2l header --json path/to/service/account/key.json businessmessages`" \
   -d "{
     'messageId': '7777',
     'text': 'Thanks for signing in. You currently have 2 credits. To confirm, you'd like to me to add 5 credits to your account and bill your default payment method?',
     'suggestions': [
       {
         'reply': {
           'text': 'Yes',
           'postbackData': 'process-transaction',
         },
       },
       {
         'reply': {
           'text': 'No',
           'postbackData': 'cancel-transaction',
         },
       },
     ],
     'representative': {
       'avatarImage': 'https://oauth.agent/bot-avatar.jpg',
       'displayName': 'OAuth Agent',
       'representativeType': 'BOT'
     }
   }"
   

9. 用户点按建议的回复。

   {
     "agent": "brands/1111/agents/2222",
     "conversationId": "3333",
     "customAgentId": "oauth",
     "requestId": "1234567898",
     "suggestionResponse": {
       "message": "conversations/333/messages/8888",
       "postbackData": "process-transaction",
       "createTime": "2020-10-02T15:01:26.045123456Z",
       "text": "Yes",
       "suggestionType": "REPLY",
     }
     "sendTime": "2020-10-02T15:01:27.045123456Z",
   }
   

10. 代理使用 OAuth 访问令牌处理事务，然后发送消息“Great. 我刚刚向您的帐号添加了 5 个积分。还有什么我可以帮到你的吗？

    curl -X POST "https://businessmessages.googleapis.com/v1/conversations/3333/messages" \
    -H "Content-Type: application/json" \
    -H "`oauth2l header --json path/to/service/account/key.json businessmessages`" \
    -d "{
      'messageId': '9999',
      'text': 'Great. I just added 5 credits to your account. Is there anything else I can help you with?',
      'representative': {
        'avatarImage': 'https://oauth.agent/bot-avatar.jpg',
        'displayName': 'OAuth Agent',
        'representativeType': 'BOT'
      }
    }"
    

11. 用户发送“不用了”。

    {
      "agent": "brands/1111/agents/2222",
      "conversationId": "3333",
      "customAgentId": "oauth",
      "requestId": "123123133",
      "message": {
        "messageId": "4444",
        "name": "conversations/12345/messages/101010",
        "text": "No, thanks",
        "createTime": "2020-10-02T15:05:23.045123456Z",
      },
      "context": {
        "entryPoint": "PLACESHEET",
        "userInfo": {
          "displayName": "Michael",
          "userDeviceLocale": "en",
        },
        "resolvedLocale": "en",
      }
      "sendTime": "2020-10-02T15:05:28.045123456Z",
    }
    

12. 客服人员发送“谢谢您与我们联系。祝您一切顺利！”

    curl -X POST "https://businessmessages.googleapis.com/v1/conversations/3333/messages" \
    -H "Content-Type: application/json" \
    -H "`oauth2l header --json path/to/service/account/key.json businessmessages`" \
    -d "{
      'messageId': '11111111',
      'text': 'Thanks for contacting us. Have a great day!',
      'representative': {
        'avatarImage': 'https://oauth.agent/bot-avatar.jpg',
        'displayName': 'OAuth Agent',
        'representativeType': 'BOT'
      }
    }"