lex-microsoft_teams 0.5.0

data/lib/legion/extensions/microsoft_teams/helpers/client.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+require 'faraday'
+
+module Legion
+  module Extensions
+    module MicrosoftTeams
+      module Helpers
+        module Client
+          def graph_connection(token: nil, api_url: 'https://graph.microsoft.com/v1.0', **_opts)
+            Faraday.new(url: api_url) do |conn|
+              conn.request :json
+              conn.response :json, content_type: /\bjson$/
+              conn.headers['Authorization'] = "Bearer #{token}" if token
+              conn.headers['Content-Type'] = 'application/json'
+            end
+          end
+
+          def bot_connection(token: nil, service_url: 'https://smba.trafficmanager.net/teams/', **_opts)
+            Faraday.new(url: service_url) do |conn|
+              conn.request :json
+              conn.response :json, content_type: /\bjson$/
+              conn.headers['Authorization'] = "Bearer #{token}" if token
+              conn.headers['Content-Type'] = 'application/json'
+            end
+          end
+
+          def oauth_connection(tenant_id: 'common', **_opts)
+            Faraday.new(url: "https://login.microsoftonline.com/#{tenant_id}") do |conn|
+              conn.request :url_encoded
+              conn.response :json, content_type: /\bjson$/
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/legion/extensions/microsoft_teams/helpers/high_water_mark.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+
+module Legion
+  module Extensions
+    module MicrosoftTeams
+      module Helpers
+        module HighWaterMark
+          HWM_TTL = 86_400 # 24 hours
+
+          def hwm_key(chat_id:)
+            "teams:hwm:#{chat_id}"
+          end
+
+          def get_hwm(chat_id:)
+            key = hwm_key(chat_id: chat_id)
+            if cache_available?
+              Legion::Cache.get(key)
+            else
+              @hwm_fallback ||= {}
+              @hwm_fallback[key]
+            end
+          end
+
+          def set_hwm(chat_id:, timestamp:)
+            key = hwm_key(chat_id: chat_id)
+            if cache_available?
+              Legion::Cache.set(key, timestamp, HWM_TTL)
+            else
+              @hwm_fallback ||= {}
+              @hwm_fallback[key] = timestamp
+            end
+          end
+
+          def new_messages(chat_id:, messages:)
+            hwm = get_hwm(chat_id: chat_id)
+            return messages if hwm.nil?
+
+            messages.select { |m| m[:createdDateTime] > hwm }
+          end
+
+          def update_hwm_from_messages(chat_id:, messages:)
+            return if messages.empty?
+
+            latest = messages.map { |m| m[:createdDateTime] }.max
+            set_hwm(chat_id: chat_id, timestamp: latest)
+          end
+
+          private
+
+          def cache_available?
+            defined?(Legion::Cache) &&
+              Legion::Cache.respond_to?(:connected?) &&
+              Legion::Cache.connected?
+          end
+        end
+      end
+    end
+  end
+end

data/lib/legion/extensions/microsoft_teams/helpers/prompt_resolver.rb

@@ -0,0 +1,64 @@
+# frozen_string_literal: true
+
+module Legion
+  module Extensions
+    module MicrosoftTeams
+      module Helpers
+        module PromptResolver
+          def resolve_prompt(mode:, conversation_id:, owner_id: nil)
+            settings = teams_settings
+            base = settings.dig(:bot, :system_prompt) || ''
+
+            mode_prompt = settings.dig(:bot, mode, :system_prompt)
+            prompt = mode_prompt || base
+
+            overrides = conversation_overrides(conversation_id: conversation_id)
+            prompt = "#{prompt}\n\n#{overrides[:system_prompt_append]}" if overrides && overrides[:system_prompt_append]
+
+            pref_instructions = preference_instructions_for(owner_id: owner_id)
+            prompt = "#{prompt}\n\n#{pref_instructions}" if pref_instructions
+
+            prompt
+          end
+
+          def resolve_llm_config(conversation_id:, mode: nil, owner_id: nil) # rubocop:disable Lint/UnusedMethodArgument
+            settings = teams_settings
+            base_llm = settings.dig(:bot, :llm) || {}
+
+            overrides = conversation_overrides(conversation_id: conversation_id)
+            override_llm = overrides&.dig(:llm) || {}
+
+            base_llm.merge(override_llm)
+          end
+
+          private
+
+          def teams_settings
+            if defined?(Legion::Settings) && Legion::Settings[:microsoft_teams]
+              Legion::Settings[:microsoft_teams]
+            else
+              { bot: {} }
+            end
+          end
+
+          def conversation_overrides(conversation_id: nil)
+            return nil unless conversation_id
+            return nil unless defined?(Legion::Extensions::Memory::Runners::Traces)
+
+            nil # TODO: query lex-memory for conversation_config by conversation_id
+          end
+
+          def preference_instructions_for(owner_id:)
+            return nil unless owner_id
+            return nil unless defined?(Legion::Extensions::Mesh::Helpers::PreferenceProfile)
+
+            profile = Legion::Extensions::Mesh::Helpers::PreferenceProfile.resolve(owner_id: owner_id)
+            Legion::Extensions::Mesh::Helpers::PreferenceProfile.preference_instructions(profile: profile)
+          rescue StandardError
+            nil
+          end
+        end
+      end
+    end
+  end
+end

data/lib/legion/extensions/microsoft_teams/helpers/session_manager.rb

@@ -0,0 +1,150 @@
+# frozen_string_literal: true
+
+require_relative 'prompt_resolver'
+
+module Legion
+  module Extensions
+    module MicrosoftTeams
+      module Helpers
+        class SessionManager
+          include PromptResolver
+
+          DEFAULT_FLUSH_THRESHOLD = 20
+          DEFAULT_IDLE_TIMEOUT = 900
+          DEFAULT_MAX_RECENT = 5
+
+          def initialize(flush_threshold: nil, idle_timeout: nil, max_recent: nil)
+            @sessions = {}
+            @flush_threshold = flush_threshold || settings_val(:flush_threshold, DEFAULT_FLUSH_THRESHOLD)
+            @idle_timeout = idle_timeout || settings_val(:idle_timeout, DEFAULT_IDLE_TIMEOUT)
+            @max_recent = max_recent || settings_val(:max_recent_messages, DEFAULT_MAX_RECENT)
+          end
+
+          def get_or_create(conversation_id:, owner_id:, mode:)
+            return @sessions[conversation_id] if @sessions.key?(conversation_id)
+
+            session = {
+              owner_id:      owner_id,
+              mode:          mode,
+              message_count: 0,
+              last_active:   Time.now,
+              messages:      [],
+              system_prompt: resolve_prompt(mode: mode, conversation_id: conversation_id, owner_id: owner_id),
+              llm_config:    resolve_llm_config(mode: mode, conversation_id: conversation_id, owner_id: owner_id)
+            }
+
+            @sessions[conversation_id] = session
+          end
+
+          def refresh_prompt(conversation_id:)
+            return nil unless @sessions.key?(conversation_id)
+
+            session = @sessions[conversation_id]
+            session[:system_prompt] = resolve_prompt(
+              mode: session[:mode], conversation_id: conversation_id, owner_id: session[:owner_id]
+            )
+            session[:system_prompt]
+          end
+
+          def touch(conversation_id:)
+            return unless @sessions.key?(conversation_id)
+
+            @sessions[conversation_id][:message_count] += 1
+            @sessions[conversation_id][:last_active] = Time.now
+          end
+
+          def add_message(conversation_id:, role:, content:)
+            return unless @sessions.key?(conversation_id)
+
+            @sessions[conversation_id][:messages] << { role: role, content: content, at: Time.now }
+          end
+
+          def recent_messages(conversation_id:, count: nil)
+            return [] unless @sessions.key?(conversation_id)
+
+            msgs = @sessions[conversation_id][:messages]
+            msgs.last(count || @max_recent)
+          end
+
+          def should_flush?(conversation_id:)
+            return false unless @sessions.key?(conversation_id)
+
+            @sessions[conversation_id][:message_count] >= @flush_threshold
+          end
+
+          def persist(conversation_id:)
+            return unless @sessions.key?(conversation_id)
+
+            session = @sessions[conversation_id]
+            store_session_to_memory(conversation_id: conversation_id, session: session)
+            session[:message_count] = 0
+          end
+
+          def flush_idle(timeout: nil)
+            timeout ||= @idle_timeout
+            cutoff = Time.now - timeout
+            flushed = []
+
+            @sessions.each do |conv_id, session|
+              next unless session[:last_active] < cutoff
+
+              persist(conversation_id: conv_id)
+              flushed << conv_id
+            end
+
+            flushed.each { |conv_id| @sessions.delete(conv_id) }
+            flushed
+          end
+
+          def shutdown
+            @sessions.each_key { |conv_id| persist(conversation_id: conv_id) }
+            @sessions.clear
+          end
+
+          def active_sessions
+            @sessions.size
+          end
+
+          private
+
+          def store_session_to_memory(conversation_id:, session:)
+            return unless defined?(Legion::Extensions::Memory::Runners::Traces)
+
+            memory_runner.store_trace(
+              type:            :episodic,
+              content_payload: {
+                type:            :bot_session,
+                conversation_id: conversation_id,
+                owner_id:        session[:owner_id],
+                recent_messages: session[:messages].last(@max_recent),
+                message_count:   session[:message_count],
+                last_active:     session[:last_active].iso8601
+              }.to_s,
+              domain_tags:     ['teams', 'bot-session', "conv:#{conversation_id}"],
+              origin:          :direct_experience,
+              confidence:      0.8
+            )
+          rescue StandardError => e
+            log_error("SessionManager persist failed: #{e.message}")
+          end
+
+          def memory_runner
+            @memory_runner ||= Object.new.extend(Legion::Extensions::Memory::Runners::Traces)
+          end
+
+          def settings_val(key, default)
+            if defined?(Legion::Settings) && Legion::Settings.dig(:microsoft_teams, :bot, :session, key)
+              Legion::Settings[:microsoft_teams][:bot][:session][key]
+            else
+              default
+            end
+          end
+
+          def log_error(msg)
+            Legion::Logging.error(msg) if defined?(Legion::Logging)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/legion/extensions/microsoft_teams/helpers/subscription_registry.rb

@@ -0,0 +1,140 @@
+# frozen_string_literal: true
+
+require 'json'
+
+module Legion
+  module Extensions
+    module MicrosoftTeams
+      module Helpers
+        class SubscriptionRegistry
+          MEMORY_KEY = 'teams_bot_subscriptions'
+
+          def initialize
+            @subscriptions = {}
+            @mutex = Mutex.new
+          end
+
+          def subscribe(owner_id:, chat_id:, peer_name:)
+            @mutex.synchronize do
+              return if @subscriptions.key?(chat_id)
+
+              @subscriptions[chat_id] = {
+                owner_id:   owner_id,
+                peer_name:  peer_name,
+                enabled:    true,
+                notify:     true,
+                created_at: Time.now
+              }
+            end
+            persist
+          end
+
+          def unsubscribe(owner_id:, chat_id:) # rubocop:disable Lint/UnusedMethodArgument
+            @mutex.synchronize { @subscriptions.delete(chat_id) }
+            persist
+          end
+
+          def list(owner_id:)
+            @mutex.synchronize do
+              @subscriptions.select { |_, v| v[:owner_id] == owner_id }
+                            .map { |chat_id, v| v.merge(chat_id: chat_id) }
+            end
+          end
+
+          def pause(owner_id:, chat_id:) # rubocop:disable Lint/UnusedMethodArgument
+            @mutex.synchronize do
+              @subscriptions[chat_id][:enabled] = false if @subscriptions.key?(chat_id)
+            end
+            persist
+          end
+
+          def resume(owner_id:, chat_id:) # rubocop:disable Lint/UnusedMethodArgument
+            @mutex.synchronize do
+              @subscriptions[chat_id][:enabled] = true if @subscriptions.key?(chat_id)
+            end
+            persist
+          end
+
+          def active_subscriptions
+            @mutex.synchronize do
+              @subscriptions.select { |_, v| v[:enabled] }
+                            .map { |chat_id, v| v.merge(chat_id: chat_id) }
+            end
+          end
+
+          def find_by_peer_name(owner_id:, peer_name:)
+            @mutex.synchronize do
+              @subscriptions.each do |chat_id, v|
+                next unless v[:owner_id] == owner_id
+                next unless v[:peer_name].downcase == peer_name.downcase
+
+                return v.merge(chat_id: chat_id)
+              end
+              nil
+            end
+          end
+
+          def load
+            return unless memory_available?
+
+            stored = memory_runner.recall_trace(domain_tags: [MEMORY_KEY])
+            return unless stored&.dig(:content_payload)
+
+            parsed = parse_stored(stored[:content_payload])
+            @mutex.synchronize { @subscriptions = parsed } if parsed.is_a?(Hash)
+          rescue StandardError => e
+            log_error("SubscriptionRegistry load failed: #{e.message}")
+          end
+
+          def persist
+            return unless memory_available?
+
+            memory_runner.store_trace(
+              type:            :semantic,
+              content_payload: serialize_subscriptions,
+              domain_tags:     [MEMORY_KEY],
+              origin:          :system,
+              confidence:      1.0
+            )
+          rescue StandardError => e
+            log_error("SubscriptionRegistry persist failed: #{e.message}")
+          end
+
+          private
+
+          def serialize_subscriptions
+            serializable = @subscriptions.transform_values do |v|
+              v.merge(created_at: v[:created_at]&.iso8601)
+            end
+            ::JSON.generate(serializable)
+          end
+
+          def parse_stored(payload)
+            return payload if payload.is_a?(Hash)
+            return {} unless payload.is_a?(String)
+
+            parsed = ::JSON.parse(payload, symbolize_names: true)
+            parsed.transform_values do |v|
+              v[:created_at] = Time.parse(v[:created_at]) if v[:created_at].is_a?(String)
+              v
+            end
+          rescue ::JSON::ParserError
+            {}
+          end
+
+          def memory_available?
+            defined?(Legion::Extensions::Memory::Runners::Traces)
+          end
+
+          def memory_runner
+            @memory_runner ||= Object.new.extend(Legion::Extensions::Memory::Runners::Traces)
+          end
+
+          def log_error(msg)
+            Legion::Logging.error(msg) if defined?(Legion::Logging)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/legion/extensions/microsoft_teams/helpers/token_cache.rb

@@ -0,0 +1,209 @@
+# frozen_string_literal: true
+
+require 'time'
+require 'legion/extensions/microsoft_teams/runners/auth'
+
+module Legion
+  module Extensions
+    module MicrosoftTeams
+      module Helpers
+        class TokenCache
+          REFRESH_BUFFER = 60
+          DEFAULT_VAULT_PATH = 'legionio/microsoft_teams/delegated_token'
+
+          def initialize
+            @token_cache = nil
+            @delegated_cache = nil
+            @mutex = Mutex.new
+          end
+
+          # --- Application token (client_credentials) ---
+
+          def cached_graph_token
+            @mutex.synchronize do
+              return @token_cache[:token] if @token_cache && !token_expired?(@token_cache)
+
+              refresh_app_token
+            end
+          end
+
+          def clear_token_cache!
+            @mutex.synchronize { @token_cache = nil }
+          end
+
+          # --- Delegated token (user auth) ---
+
+          def cached_delegated_token
+            @mutex.synchronize do
+              return nil unless @delegated_cache
+
+              return @delegated_cache[:token] unless token_expired?(@delegated_cache)
+
+              refresh_delegated
+            end
+          end
+
+          def store_delegated_token(access_token:, refresh_token:, expires_in:, scopes:)
+            @mutex.synchronize do
+              @delegated_cache = {
+                token:         access_token,
+                refresh_token: refresh_token,
+                expires_at:    Time.now + expires_in.to_i,
+                scopes:        scopes
+              }
+            end
+          end
+
+          def clear_delegated_token!
+            @mutex.synchronize { @delegated_cache = nil }
+          end
+
+          def load_from_vault
+            return false unless defined?(Legion::Crypt)
+
+            data = Legion::Crypt.get(vault_path)
+            return false unless data && data[:access_token]
+
+            @mutex.synchronize do
+              @delegated_cache = {
+                token:         data[:access_token],
+                refresh_token: data[:refresh_token],
+                expires_at:    Time.parse(data[:expires_at]),
+                scopes:        data[:scopes]
+              }
+            end
+            true
+          rescue StandardError => e
+            log_error("Failed to load delegated token from Vault: #{e.message}")
+            false
+          end
+
+          def save_to_vault
+            return false unless defined?(Legion::Crypt)
+
+            data = @mutex.synchronize { @delegated_cache&.dup }
+            return false unless data
+
+            Legion::Crypt.write(vault_path,
+                                access_token:  data[:token],
+                                refresh_token: data[:refresh_token],
+                                expires_at:    data[:expires_at].utc.iso8601,
+                                scopes:        data[:scopes])
+            true
+          rescue StandardError => e
+            log_error("Failed to save delegated token to Vault: #{e.message}")
+            false
+          end
+
+          private
+
+          def token_expired?(cache_entry)
+            return true unless cache_entry
+
+            buffer = delegated_refresh_buffer
+            Time.now >= (cache_entry[:expires_at] - buffer)
+          end
+
+          def delegated_refresh_buffer
+            settings = teams_auth_settings
+            delegated = settings[:delegated]
+            return REFRESH_BUFFER unless delegated.is_a?(Hash)
+
+            delegated[:refresh_buffer] || REFRESH_BUFFER
+          end
+
+          def vault_path
+            settings = teams_auth_settings
+            delegated = settings[:delegated]
+            return DEFAULT_VAULT_PATH unless delegated.is_a?(Hash)
+
+            delegated[:vault_path] || DEFAULT_VAULT_PATH
+          end
+
+          def refresh_app_token
+            result = acquire_fresh_token
+            return nil unless result
+
+            access_token = result.dig(:result, 'access_token')
+            expires_in = result.dig(:result, 'expires_in') || 3600
+
+            @token_cache = {
+              token:      access_token,
+              expires_at: Time.now + expires_in
+            }
+
+            access_token
+          rescue StandardError => e
+            log_error("TokenCache app refresh failed: #{e.message}")
+            nil
+          end
+
+          def refresh_delegated
+            return nil unless @delegated_cache&.dig(:refresh_token)
+
+            settings = teams_auth_settings
+            return nil unless settings[:tenant_id] && settings[:client_id]
+
+            auth = Object.new.extend(Legion::Extensions::MicrosoftTeams::Runners::Auth)
+            result = auth.refresh_delegated_token(
+              tenant_id:     settings[:tenant_id],
+              client_id:     settings[:client_id],
+              refresh_token: @delegated_cache[:refresh_token],
+              scope:         @delegated_cache[:scopes]
+            )
+
+            body = result[:result]
+            return handle_refresh_failure(result) unless body&.dig('access_token')
+
+            @delegated_cache = {
+              token:         body['access_token'],
+              refresh_token: body['refresh_token'] || @delegated_cache[:refresh_token],
+              expires_at:    Time.now + (body['expires_in'] || 3600).to_i,
+              scopes:        @delegated_cache[:scopes]
+            }
+
+            save_to_vault
+            @delegated_cache[:token]
+          rescue StandardError => e
+            log_error("TokenCache delegated refresh failed: #{e.message}")
+            nil
+          end
+
+          def handle_refresh_failure(result)
+            if result[:error] == 'invalid_grant'
+              @delegated_cache = nil
+              emit_expired_event
+            end
+            nil
+          end
+
+          def emit_expired_event
+            Legion::Events.emit('microsoft_teams.auth.expired') if defined?(Legion::Events)
+          end
+
+          def acquire_fresh_token
+            settings = teams_auth_settings
+            return nil unless settings[:tenant_id] && settings[:client_id] && settings[:client_secret]
+
+            auth = Object.new.extend(Legion::Extensions::MicrosoftTeams::Runners::Auth)
+            auth.acquire_token(
+              tenant_id:     settings[:tenant_id],
+              client_id:     settings[:client_id],
+              client_secret: settings[:client_secret]
+            )
+          end
+
+          def teams_auth_settings
+            return {} unless defined?(Legion::Settings)
+
+            Legion::Settings.dig(:microsoft_teams, :auth) || {}
+          end
+
+          def log_error(msg)
+            Legion::Logging.error(msg) if defined?(Legion::Logging)
+          end
+        end
+      end
+    end
+  end
+end