lex-microsoft_teams 0.6.40 → 0.6.43
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: bb45b23e2ed5d3a627ff36c180ca4de1b760780281a7b9e3ced3700926295b00
|
|
4
|
+
data.tar.gz: 7cf60a638335e21601ccf7f5e7ca972dc5786e466dbd8c7826311e8efcacf9c6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c8f00e377cd7434969144294d19bece1adb691ac72ffd757f635098bb3eff8074c07507a338d8fcb1a228700fcf10a528236e7cac09972867690826f951aaab3
|
|
7
|
+
data.tar.gz: 6392e91d554d507df66ade582982a2ffb491be6ec270276e13e3e6c05cfb581f5b1cbfbddaf5445bec3fbe962b73a41bc529f5aa2bb7fdc6a3ba7e7346cb6ae3
|
data/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,28 @@
|
|
|
2
2
|
|
|
3
3
|
## [Unreleased]
|
|
4
4
|
|
|
5
|
+
## [0.6.43] - 2026-04-23
|
|
6
|
+
|
|
7
|
+
### Fixed
|
|
8
|
+
- `Helpers::Client#graph_connection` — added `TokenCache.instance.cached_delegated_token` fallback when no `token:` kwarg is passed and settings has no static token. Fixes "Access token is empty" errors when runners are invoked via LLM tool dispatch without an explicit token argument
|
|
9
|
+
- `Helpers::Client#bot_connection` — same fix using `TokenCache.instance.cached_app_token`
|
|
10
|
+
|
|
11
|
+
## [0.6.42] - 2026-04-23
|
|
12
|
+
|
|
13
|
+
### Fixed
|
|
14
|
+
- `Helpers::TokenCache#vault_path` — replaced `ENV.fetch('USER', 'default')` with `Legion::Identity::Process.canonical_name` (the resolved Kerberos/LDAP identity), matching the pattern used in `legion-llm` PR #80. Falls back to `ENV['USER'].split('@').first` (email domain stripped) if Identity is not yet resolved
|
|
15
|
+
- Also removed the `microsoft_teams` namespace segment from the returned suffix — `Crypt::Helper#vault_write` wraps the path in its own `vault_path(suffix)` which already prepends the lex namespace, so including it again caused double-prefixed Vault paths (`microsoft_teams/users/.../microsoft_teams/delegated_token`).
|
|
16
|
+
- Final Vault path is now: `microsoft_teams/users/{canonical_name}/delegated_token`
|
|
17
|
+
- Configurable via `settings[:auth][:delegated][:vault_path]` if a custom path is needed
|
|
18
|
+
|
|
19
|
+
## [0.6.41] - 2026-04-23
|
|
20
|
+
|
|
21
|
+
### Fixed
|
|
22
|
+
- `Helpers::Client#graph_connection` and `#bot_connection` — replaced `Legion::Settings[:microsoft_teams]` with `settings` (provided by `Legion::Settings::Helper` via `Helpers::Lex`), which correctly scopes to the lex key automatically and is the approved pattern inside a lex
|
|
23
|
+
- `Helpers::TokenCache#teams_auth_settings` — same fix; replaced `Legion::Settings[:microsoft_teams]` with `settings`, removed the now-redundant `defined?(Legion::Settings)` guard and `if ms` nil guards (settings always returns a Hash)
|
|
24
|
+
- The only remaining `Legion::Settings` references in `token_cache.rb` are for cross-lex lookups (`:crypt, :vault, :connected`) which are intentional and correct
|
|
25
|
+
- Token write paths (`save_to_local`, `save_to_vault`) confirmed clean — write to `local_token_path` (defaulting to `~/.legionio/tokens/`) and Vault respectively, not into settings
|
|
26
|
+
|
|
5
27
|
## [0.6.40] - 2026-04-23
|
|
6
28
|
|
|
7
29
|
### Fixed
|
|
@@ -7,8 +7,12 @@ module Legion
|
|
|
7
7
|
module MicrosoftTeams
|
|
8
8
|
module Helpers
|
|
9
9
|
module Client
|
|
10
|
+
include Legion::Extensions::Helpers::Lex if Legion::Extensions.const_defined?(:Helpers, false) &&
|
|
11
|
+
Legion::Extensions::Helpers.const_defined?(:Lex, false)
|
|
12
|
+
|
|
10
13
|
def graph_connection(token: nil, api_url: 'https://graph.microsoft.com/v1.0', **_opts)
|
|
11
|
-
token ||=
|
|
14
|
+
token ||= settings&.dig(:auth, :delegated, :token)
|
|
15
|
+
token ||= TokenCache.instance.cached_delegated_token if defined?(TokenCache)
|
|
12
16
|
Faraday.new(url: api_url) do |conn|
|
|
13
17
|
conn.request :json
|
|
14
18
|
conn.response :json, content_type: /\bjson$/
|
|
@@ -18,7 +22,8 @@ module Legion
|
|
|
18
22
|
end
|
|
19
23
|
|
|
20
24
|
def bot_connection(token: nil, service_url: 'https://smba.trafficmanager.net/teams/', **_opts)
|
|
21
|
-
token ||=
|
|
25
|
+
token ||= settings&.dig(:auth, :bot, :token)
|
|
26
|
+
token ||= TokenCache.instance.cached_app_token if defined?(TokenCache)
|
|
22
27
|
Faraday.new(url: service_url) do |conn|
|
|
23
28
|
conn.request :json
|
|
24
29
|
conn.response :json, content_type: /\bjson$/
|
|
@@ -277,8 +277,14 @@ module Legion
|
|
|
277
277
|
def vault_path(_suffix = nil)
|
|
278
278
|
settings = teams_auth_settings
|
|
279
279
|
delegated = settings[:delegated]
|
|
280
|
-
|
|
281
|
-
|
|
280
|
+
return delegated[:vault_path] if delegated.is_a?(Hash) && delegated[:vault_path]
|
|
281
|
+
|
|
282
|
+
identity = if defined?(Legion::Identity::Process) && Legion::Identity::Process.resolved?
|
|
283
|
+
Legion::Identity::Process.canonical_name
|
|
284
|
+
else
|
|
285
|
+
ENV.fetch('USER', 'default').split('@').first
|
|
286
|
+
end
|
|
287
|
+
"users/#{identity}/delegated_token"
|
|
282
288
|
end
|
|
283
289
|
|
|
284
290
|
def local_token_path
|
|
@@ -387,13 +393,11 @@ module Legion
|
|
|
387
393
|
end
|
|
388
394
|
|
|
389
395
|
def teams_auth_settings
|
|
390
|
-
|
|
391
|
-
|
|
392
|
-
|
|
393
|
-
auth
|
|
394
|
-
auth[:
|
|
395
|
-
auth[:client_id] ||= ms[:client_id] if ms
|
|
396
|
-
auth[:client_secret] ||= ms[:client_secret] if ms
|
|
396
|
+
ms = settings
|
|
397
|
+
auth = ms[:auth].is_a?(Hash) ? ms[:auth].dup : {}
|
|
398
|
+
auth[:tenant_id] ||= ms[:tenant_id]
|
|
399
|
+
auth[:client_id] ||= ms[:client_id]
|
|
400
|
+
auth[:client_secret] ||= ms[:client_secret]
|
|
397
401
|
auth[:tenant_id] ||= ENV.fetch('AZURE_TENANT_ID', nil)
|
|
398
402
|
auth[:client_id] ||= ENV.fetch('AZURE_CLIENT_ID', nil)
|
|
399
403
|
auth[:client_secret] ||= ENV.fetch('AZURE_CLIENT_SECRET', nil)
|