lex-microsoft_teams 0.6.24 → 0.6.26
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +12 -0
- data/CLAUDE.md +3 -3
- data/lib/legion/extensions/microsoft_teams/actors/auth_validator.rb +2 -1
- data/lib/legion/extensions/microsoft_teams/actors/token_refresher.rb +2 -1
- data/lib/legion/extensions/microsoft_teams/helpers/browser_auth.rb +3 -3
- data/lib/legion/extensions/microsoft_teams/helpers/token_cache.rb +5 -3
- data/lib/legion/extensions/microsoft_teams/hooks/auth.rb +1 -5
- data/lib/legion/extensions/microsoft_teams/runners/auth.rb +1 -0
- data/lib/legion/extensions/microsoft_teams/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: fb7445b3bb8025805c3d81e13d2b45a2739d364ae566e722699b200648d2b29b
|
|
4
|
+
data.tar.gz: 6915059592314205c3d4bbac82188dfe980fa8fc294c14dbc6de30e583c65065
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 33ce7326e6fd50fe558b43dacaa5808448074901e96d144af1f3ccc28a847d23e9c8c18e82152b3b1874bcf622fa8d6171c5c1bce951663d67e229eb758ec039
|
|
7
|
+
data.tar.gz: 5cdf2b3081b0c40d59cbc199808ff5bcbd4ae9d0f64cff5365e07c3428621c341c33813db0cbcf396c71034e6356dcf3295efbb0b8fbbc47de2f654f0d581fb2
|
data/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,18 @@
|
|
|
2
2
|
|
|
3
3
|
## [Unreleased]
|
|
4
4
|
|
|
5
|
+
## [0.6.26] - 2026-03-29
|
|
6
|
+
|
|
7
|
+
### Fixed
|
|
8
|
+
- `Helpers::TokenCache` — replaced direct `Legion::Crypt.get(path)` call with `vault_get` from `Legion::Crypt::Helper` (included via `include Legion::Crypt::Helper`); `vault_path` accepts an optional `_suffix` argument so the helper's delegation pattern is compatible
|
|
9
|
+
|
|
10
|
+
## [0.6.25] - 2026-03-28
|
|
11
|
+
|
|
12
|
+
### Fixed
|
|
13
|
+
- `Hooks::Auth` — migrated from v2.0 `Routes::Hooks` pattern to v3.0 `LexDispatch` pattern: replaced instance `route`/`runner_class` overrides with a class-level `self.runner_class`; hook now registers as `POST /api/extensions/microsoft_teams/hooks/auth/handle` (was `/api/hooks/lex/microsoft_teams/auth/callback`)
|
|
14
|
+
- `Runners::Auth` — added `handle` alias for `auth_callback` so LexDispatch's default `:handle` routing resolves correctly
|
|
15
|
+
- `Helpers::BrowserAuth` — updated all three references to the hook redirect URI and probe path from the stale v2.0 path to `/api/extensions/microsoft_teams/hooks/auth/handle`
|
|
16
|
+
|
|
5
17
|
## [0.6.24] - 2026-03-28
|
|
6
18
|
|
|
7
19
|
### Added
|
data/CLAUDE.md
CHANGED
|
@@ -64,7 +64,7 @@ Legion::Extensions::MicrosoftTeams
|
|
|
64
64
|
│ ├── TraceRetriever # Retrieves memory traces from the shared store for bot context (2000-token budget, strength-ranked dedup)
|
|
65
65
|
│ └── TransformDefinitions # lex-transformer definitions for conversation extraction and person summary
|
|
66
66
|
├── Hooks/
|
|
67
|
-
│ └── Auth # OAuth callback hook (mount '/callback') → /api/
|
|
67
|
+
│ └── Auth # OAuth callback hook (mount '/callback') → /api/extensions/microsoft_teams/hooks/auth/handle
|
|
68
68
|
├── CLI/
|
|
69
69
|
│ └── Auth # CLI module for `legion lex exec teams auth login/status`
|
|
70
70
|
└── Client # Standalone client (includes all runners)
|
|
@@ -74,10 +74,10 @@ Legion::Extensions::MicrosoftTeams
|
|
|
74
74
|
|
|
75
75
|
Opt-in browser-based OAuth for delegated Microsoft Graph permissions. Two flows:
|
|
76
76
|
|
|
77
|
-
- **Authorization Code + PKCE** (primary): Opens browser for Entra ID login. When the Legion API is running, uses the hook URL (`/api/
|
|
77
|
+
- **Authorization Code + PKCE** (primary): Opens browser for Entra ID login. When the Legion API is running, uses the hook URL (`/api/extensions/microsoft_teams/hooks/auth/handle`) with `Legion::Events` for callback notification; otherwise falls back to an ephemeral local port via `CallbackServer`
|
|
78
78
|
- **Device Code** (fallback): Auto-selected in headless/SSH environments (no `DISPLAY`/`WAYLAND_DISPLAY`)
|
|
79
79
|
|
|
80
|
-
Tokens stored in Vault at a per-user path (`{USER}/microsoft_teams/delegated_token`, where `{USER}` is the system username) with configurable pre-expiry silent refresh. CLI command: `legion auth teams`. Hook route: `
|
|
80
|
+
Tokens stored in Vault at a per-user path (`{USER}/microsoft_teams/delegated_token`, where `{USER}` is the system username) with configurable pre-expiry silent refresh. CLI command: `legion auth teams`. Hook route: `POST /api/extensions/microsoft_teams/hooks/auth/handle` for daemon re-auth (routed through LexDispatch for RBAC/audit).
|
|
81
81
|
|
|
82
82
|
Key files: `Helpers::BrowserAuth` (orchestrator), `Helpers::CallbackServer` (ephemeral TCP), `Runners::Auth` (authorize_url, exchange_code, refresh_delegated_token, auth_callback), `Helpers::TokenCache` (delegated slot), `Hooks::Auth` (hook class with mount path).
|
|
83
83
|
|
|
@@ -72,7 +72,7 @@ module Legion
|
|
|
72
72
|
else
|
|
73
73
|
4567
|
|
74
74
|
end
|
|
75
|
-
"http://127.0.0.1:#{port}/api/
|
|
75
|
+
"http://127.0.0.1:#{port}/api/extensions/microsoft_teams/hooks/auth/handle"
|
|
76
76
|
end
|
|
77
77
|
|
|
78
78
|
def generate_pkce
|
|
@@ -121,9 +121,9 @@ module Legion
|
|
|
121
121
|
def hook_route_registered?
|
|
122
122
|
return false unless defined?(Legion::API)
|
|
123
123
|
|
|
124
|
-
log.debug("Probing hook route at http://127.0.0.1:#{api_port}/api/
|
|
124
|
+
log.debug("Probing hook route at http://127.0.0.1:#{api_port}/api/extensions/microsoft_teams/hooks/auth/handle")
|
|
125
125
|
conn = Faraday.new(url: "http://127.0.0.1:#{api_port}")
|
|
126
|
-
resp = conn.head('/api/
|
|
126
|
+
resp = conn.head('/api/extensions/microsoft_teams/hooks/auth/handle')
|
|
127
127
|
registered = resp.status != 404
|
|
128
128
|
log.debug("Hook route probe returned #{resp.status} (registered=#{registered})")
|
|
129
129
|
registered
|
|
@@ -12,6 +12,7 @@ module Legion
|
|
|
12
12
|
class TokenCache
|
|
13
13
|
include Legion::Extensions::Helpers::Lex if Legion::Extensions.const_defined?(:Helpers, false) &&
|
|
14
14
|
Legion::Extensions::Helpers.const_defined?(:Lex, false)
|
|
15
|
+
include Legion::Crypt::Helper if defined?(Legion::Crypt::Helper)
|
|
15
16
|
|
|
16
17
|
REFRESH_BUFFER = 60
|
|
17
18
|
DEFAULT_LOCAL_DIR = File.join(Dir.home, '.legionio', 'tokens')
|
|
@@ -133,7 +134,7 @@ module Legion
|
|
|
133
134
|
def load_from_vault
|
|
134
135
|
if vault_available?
|
|
135
136
|
log.info("Loading delegated token from Vault (#{vault_path})")
|
|
136
|
-
data =
|
|
137
|
+
data = vault_get
|
|
137
138
|
if data && data[:access_token]
|
|
138
139
|
@mutex.synchronize do
|
|
139
140
|
@delegated_cache = {
|
|
@@ -270,7 +271,7 @@ module Legion
|
|
|
270
271
|
delegated[:refresh_buffer] || REFRESH_BUFFER
|
|
271
272
|
end
|
|
272
273
|
|
|
273
|
-
def vault_path
|
|
274
|
+
def vault_path(_suffix = nil)
|
|
274
275
|
settings = teams_auth_settings
|
|
275
276
|
delegated = settings[:delegated]
|
|
276
277
|
custom = delegated[:vault_path] if delegated.is_a?(Hash)
|
|
@@ -385,7 +386,8 @@ module Legion
|
|
|
385
386
|
def teams_auth_settings
|
|
386
387
|
return {} unless defined?(Legion::Settings)
|
|
387
388
|
|
|
388
|
-
Legion::Settings
|
|
389
|
+
ms = Legion::Settings[:microsoft_teams]
|
|
390
|
+
(ms && ms[:auth]) || {}
|
|
389
391
|
end
|
|
390
392
|
end
|
|
391
393
|
end
|
|
@@ -7,11 +7,7 @@ module Legion
|
|
|
7
7
|
class Auth < Legion::Extensions::Hooks::Base
|
|
8
8
|
mount '/callback'
|
|
9
9
|
|
|
10
|
-
def
|
|
11
|
-
:auth_callback
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
def runner_class
|
|
10
|
+
def self.runner_class
|
|
15
11
|
'Legion::Extensions::MicrosoftTeams::Runners::Auth'
|
|
16
12
|
end
|
|
17
13
|
end
|