npm - @microsoft/teamsfx - Versions diffs - 1.1.2-alpha.fe09f4739.0 → 1.2.0-rc.0 - Mend

@microsoft/teamsfx 1.1.2-alpha.fe09f4739.0 → 1.2.0-rc.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/dist/index.esm2017.js +218 -16
package/dist/index.esm2017.js.map +1 -1
package/dist/index.esm2017.mjs +729 -32
package/dist/index.esm2017.mjs.map +1 -1
package/dist/index.esm5.js +234 -16
package/dist/index.esm5.js.map +1 -1
package/dist/index.node.cjs.js +764 -29
package/dist/index.node.cjs.js.map +1 -1
package/package.json +7 -5
package/types/teamsfx.d.ts +383 -28

package/dist/index.esm2017.mjs CHANGED Viewed

@@ -3,13 +3,14 @@ import { ConfidentialClientApplication } from '@azure/msal-node';
 import { createHash } from 'crypto';
 import { Client } from '@microsoft/microsoft-graph-client';
 import { ManagedIdentityCredential } from '@azure/identity';
-import { ActivityTypes, Channels, TeamsInfo, CardFactory, ActionTypes, MessageFactory, StatusCodes, verifyStateOperationName, tokenExchangeOperationName, TurnContext, BotFrameworkAdapter } from 'botbuilder';
-import { Dialog } from 'botbuilder-dialogs';
+import { ActivityTypes, Channels, TeamsInfo, CardFactory, ActionTypes, MessageFactory, StatusCodes, verifyStateOperationName, tokenExchangeOperationName, TurnContext, TeamsActivityHandler, MemoryStorage, UserState, ConversationState, BotFrameworkAdapter } from 'botbuilder';
+import { Dialog, ComponentDialog, WaterfallDialog, DialogSet, DialogTurnStatus } from 'botbuilder-dialogs';
 import { v4 } from 'uuid';
 import axios from 'axios';
 import { Agent } from 'https';
 import * as path from 'path';
 import * as fs from 'fs';
+import { __rest } from 'tslib';
 import { AdaptiveCards } from '@microsoft/adaptivecards-tools';
 // Copyright (c) Microsoft Corporation.
@@ -39,6 +40,30 @@ var ErrorCode;
      * Channel is not supported error.
      */
     ErrorCode["ChannelNotSupported"] = "ChannelNotSupported";
+    /**
+     * Failed to retrieve sso token
+     */
+    ErrorCode["FailedToRetrieveSsoToken"] = "FailedToRetrieveSsoToken";
+    /**
+     * Failed to process sso handler
+     */
+    ErrorCode["FailedToProcessSsoHandler"] = "FailedToProcessSsoHandler";
+    /**
+     * Cannot find command
+     */
+    ErrorCode["CannotFindCommand"] = "CannotFindCommand";
+    /**
+     * Failed to run sso step
+     */
+    ErrorCode["FailedToRunSsoStep"] = "FailedToRunSsoStep";
+    /**
+     * Failed to run dedup step
+     */
+    ErrorCode["FailedToRunDedupStep"] = "FailedToRunDedupStep";
+    /**
+     * Sso activity handler is undefined
+     */
+    ErrorCode["SsoActivityHandlerIsUndefined"] = "SsoActivityHandlerIsUndefined";
     /**
      * Runtime is not supported error.
      */
@@ -94,6 +119,15 @@ ErrorMessage.NodejsRuntimeNotSupported = "{0} is not supported in Node.";
 ErrorMessage.FailToAcquireTokenOnBehalfOfUser = "Failed to acquire access token on behalf of user: {0}";
 // ChannelNotSupported Error
 ErrorMessage.OnlyMSTeamsChannelSupported = "{0} is only supported in MS Teams Channel";
+ErrorMessage.FailedToProcessSsoHandler = "Failed to process sso handler: {0}";
+// FailedToRetrieveSsoToken Error
+ErrorMessage.FailedToRetrieveSsoToken = "Failed to retrieve sso token, user failed to finish the AAD consent flow.";
+// CannotFindCommand Error
+ErrorMessage.CannotFindCommand = "Cannot find command: {0}";
+ErrorMessage.FailedToRunSsoStep = "Failed to run dialog to retrieve sso token: {0}";
+ErrorMessage.FailedToRunDedupStep = "Failed to run dialog to remove duplicated messages: {0}";
+// SsoActivityHandlerIsUndefined Error
+ErrorMessage.SsoActivityHandlerIsNull = "Sso command can only be used or added when sso activity handler is not undefined";
 // IdentityTypeNotSupported Error
 ErrorMessage.IdentityTypeNotSupported = "{0} identity is not supported in {1}";
 // AuthorizationInfoError
@@ -104,6 +138,7 @@ ErrorMessage.EmptyParameter = "Parameter {0} is empty";
 ErrorMessage.DuplicateHttpsOptionProperty = "Axios HTTPS agent already defined value for property {0}";
 ErrorMessage.DuplicateApiKeyInHeader = "The request already defined api key in request header with name {0}.";
 ErrorMessage.DuplicateApiKeyInQueryParam = "The request already defined api key in query parameter with name {0}.";
+ErrorMessage.OnlySupportInQueryActivity = "The handleMessageExtensionQueryWithToken only support in handleTeamsMessagingExtensionQuery with composeExtension/query type.";
 /**
  * Error class with code and message thrown by the SDK.
  */
@@ -694,10 +729,13 @@ class TeamsUserCredential {
     }
     /**
      * Popup login page to get user's access token with specific scopes.
+     *
+     * @param {string[]} resources - The optional list of resources for full trust Teams apps.
+     *
      * @remarks
      * Can only be used within Teams.
      */
-    async login(scopes) {
+    async login(scopes, resources) {
         throw new ErrorWithCode(formatString(ErrorMessage.NodejsRuntimeNotSupported, "TeamsUserCredential"), ErrorCode.RuntimeNotSupported);
     }
     /**
@@ -710,10 +748,13 @@ class TeamsUserCredential {
     }
     /**
      * Get basic user info from SSO token
+     *
+     * @param {string[]} resources - The optional list of resources for full trust Teams apps.
+     *
      * @remarks
      * Can only be used within Teams.
      */
-    getUserInfo() {
+    getUserInfo(resources) {
         throw new ErrorWithCode(formatString(ErrorMessage.NodejsRuntimeNotSupported, "TeamsUserCredential"), ErrorCode.RuntimeNotSupported);
     }
 }
@@ -1705,9 +1746,10 @@ class TeamsFx {
     }
     /**
      * Get user information.
+     * @param {string[]} resources - The optional list of resources for full trust Teams apps.
      * @returns UserInfo object.
      */
-    async getUserInfo() {
+    async getUserInfo(resources) {
         if (this.identityType !== IdentityType.User) {
             const errorMsg = formatString(ErrorMessage.IdentityTypeNotSupported, this.identityType.toString(), "TeamsFx");
             internalLogger.error(errorMsg);
@@ -1729,13 +1771,14 @@ class TeamsFx {
      * await teamsfx.login("https://graph.microsoft.com/User.Read Calendars.Read"); // multiple scopes using string
      * ```
      * @param scopes - The list of scopes for which the token will have access, before that, we will request user to consent.
+     * @param {string[]} resources - The optional list of resources for full trust Teams apps.
      *
      * @throws {@link ErrorCode|InternalError} when failed to login with unknown error.
      * @throws {@link ErrorCode|ConsentFailed} when user canceled or failed to consent.
      * @throws {@link ErrorCode|InvalidParameter} when scopes is not a valid string or string array.
      * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is nodeJS.
      */
-    async login(scopes) {
+    async login(scopes, resources) {
         throw new ErrorWithCode(formatString(ErrorMessage.NodejsRuntimeNotSupported, "login"), ErrorCode.RuntimeNotSupported);
     }
     /**
@@ -2114,41 +2157,82 @@ class CardActionBot {
  * @internal
  */
 class CommandResponseMiddleware {
-    constructor(handlers) {
+    constructor(handlers, ssoHandlers, activityHandler) {
         this.commandHandlers = [];
-        if (handlers && handlers.length > 0) {
-            this.commandHandlers.push(...handlers);
+        this.ssoCommandHandlers = [];
+        handlers = handlers !== null && handlers !== void 0 ? handlers : [];
+        ssoHandlers = ssoHandlers !== null && ssoHandlers !== void 0 ? ssoHandlers : [];
+        this.hasSsoCommand = ssoHandlers.length > 0;
+        this.ssoActivityHandler = activityHandler;
+        if (this.hasSsoCommand && !this.ssoActivityHandler) {
+            internalLogger.error(ErrorMessage.SsoActivityHandlerIsNull);
+            throw new ErrorWithCode(ErrorMessage.SsoActivityHandlerIsNull, ErrorCode.SsoActivityHandlerIsUndefined);
         }
+        this.commandHandlers.push(...handlers);
+        for (const ssoHandler of ssoHandlers) {
+            this.addSsoCommand(ssoHandler);
+        }
+    }
+    addSsoCommand(ssoHandler) {
+        var _a;
+        (_a = this.ssoActivityHandler) === null || _a === void 0 ? void 0 : _a.addCommand(async (context, tokenResponse, message) => {
+            const matchResult = this.shouldTrigger(ssoHandler.triggerPatterns, message.text);
+            message.matches = Array.isArray(matchResult) ? matchResult : void 0;
+            const response = await ssoHandler.handleCommandReceived(context, message, tokenResponse);
+            await this.processResponse(context, response);
+        }, ssoHandler.triggerPatterns);
+        this.ssoCommandHandlers.push(ssoHandler);
+        this.hasSsoCommand = true;
     }
     async onTurn(context, next) {
+        var _a, _b;
         if (context.activity.type === ActivityTypes.Message) {
             // Invoke corresponding command handler for the command response
             const commandText = this.getActivityText(context.activity);
-            const message = {
-                text: commandText,
-            };
+            let alreadyProcessed = false;
             for (const handler of this.commandHandlers) {
                 const matchResult = this.shouldTrigger(handler.triggerPatterns, commandText);
                 // It is important to note that the command bot will stop processing handlers
                 // when the first command handler is matched.
                 if (!!matchResult) {
+                    const message = {
+                        text: commandText,
+                    };
                     message.matches = Array.isArray(matchResult) ? matchResult : void 0;
                     const response = await handler.handleCommandReceived(context, message);
-                    if (typeof response === "string") {
-                        await context.sendActivity(response);
-                    }
-                    else {
-                        const replyActivity = response;
-                        if (replyActivity) {
-                            await context.sendActivity(replyActivity);
-                        }
-                    }
+                    await this.processResponse(context, response);
+                    alreadyProcessed = true;
                     break;
                 }
             }
+            if (!alreadyProcessed) {
+                for (const handler of this.ssoCommandHandlers) {
+                    const matchResult = this.shouldTrigger(handler.triggerPatterns, commandText);
+                    if (!!matchResult) {
+                        await ((_a = this.ssoActivityHandler) === null || _a === void 0 ? void 0 : _a.run(context));
+                        break;
+                    }
+                }
+            }
+        }
+        else {
+            if (this.hasSsoCommand) {
+                await ((_b = this.ssoActivityHandler) === null || _b === void 0 ? void 0 : _b.run(context));
+            }
         }
         await next();
     }
+    async processResponse(context, response) {
+        if (typeof response === "string") {
+            await context.sendActivity(response);
+        }
+        else {
+            const replyActivity = response;
+            if (replyActivity) {
+                await context.sendActivity(replyActivity);
+            }
+        }
+    }
     matchPattern(pattern, text) {
         if (text) {
             if (typeof pattern === "string") {
@@ -2198,14 +2282,15 @@ class CommandBot {
      * @param adapter The bound `BotFrameworkAdapter`.
      * @param options - initialize options
      */
-    constructor(adapter, options) {
-        this.middleware = new CommandResponseMiddleware(options === null || options === void 0 ? void 0 : options.commands);
+    constructor(adapter, options, ssoCommandActivityHandler, ssoConfig) {
+        this.ssoConfig = ssoConfig;
+        this.middleware = new CommandResponseMiddleware(options === null || options === void 0 ? void 0 : options.commands, options === null || options === void 0 ? void 0 : options.ssoCommands, ssoCommandActivityHandler);
         this.adapter = adapter.use(this.middleware);
     }
     /**
      * Registers a command into the command bot.
      *
-     * @param command The command to registered.
+     * @param command The command to register.
      */
     registerCommand(command) {
         if (command) {
@@ -2215,13 +2300,41 @@ class CommandBot {
     /**
      * Registers commands into the command bot.
      *
-     * @param commands The command to registered.
+     * @param commands The commands to register.
      */
     registerCommands(commands) {
         if (commands) {
             this.middleware.commandHandlers.push(...commands);
         }
     }
+    /**
+     * Registers a sso command into the command bot.
+     *
+     * @param command The command to register.
+     */
+    registerSsoCommand(ssoCommand) {
+        this.validateSsoActivityHandler();
+        this.middleware.addSsoCommand(ssoCommand);
+    }
+    /**
+     * Registers commands into the command bot.
+     *
+     * @param commands The commands to register.
+     */
+    registerSsoCommands(ssoCommands) {
+        if (ssoCommands.length > 0) {
+            this.validateSsoActivityHandler();
+            for (const ssoCommand of ssoCommands) {
+                this.middleware.addSsoCommand(ssoCommand);
+            }
+        }
+    }
+    validateSsoActivityHandler() {
+        if (!this.middleware.ssoActivityHandler) {
+            internalLogger.error(ErrorMessage.SsoActivityHandlerIsNull);
+            throw new ErrorWithCode(ErrorMessage.SsoActivityHandlerIsNull, ErrorCode.SsoActivityHandlerIsUndefined);
+        }
+    }
 }
 // Copyright (c) Microsoft Corporation.
@@ -2696,6 +2809,10 @@ class TeamsBotInstallation {
      * @returns an array of channels if bot is installed into a team, otherwise returns an empty array.
      */
     async channels() {
+        const channels = [];
+        if (this.type !== NotificationTargetType.Channel) {
+            return channels;
+        }
         let teamsChannels = [];
         await this.adapter.continueConversation(this.conversationReference, async (context) => {
             const teamId = getTeamsBotInstallationId(context);
@@ -2703,7 +2820,6 @@ class TeamsBotInstallation {
                 teamsChannels = await TeamsInfo.getTeamChannels(context, teamId);
             }
         });
-        const channels = [];
         for (const channel of teamsChannels) {
             channels.push(new Channel(this, channel));
         }
@@ -2728,6 +2844,24 @@ class TeamsBotInstallation {
         });
         return members;
     }
+    /**
+     * Get team details from this bot installation
+     *
+     * @returns the team details if bot is installed into a team, otherwise returns undefined.
+     */
+    async getTeamDetails() {
+        if (this.type !== NotificationTargetType.Channel) {
+            return undefined;
+        }
+        let teamDetails;
+        await this.adapter.continueConversation(this.conversationReference, async (context) => {
+            const teamId = getTeamsBotInstallationId(context);
+            if (teamId !== undefined) {
+                teamDetails = await TeamsInfo.getTeamDetails(context, teamId);
+            }
+        });
+        return teamDetails;
+    }
 }
 /**
  * Provide utilities to send notification to varies targets (e.g., member, group, channel).
@@ -2787,6 +2921,459 @@ class NotificationBot {
         }
         return targets;
     }
+    /**
+     * Returns the first {@link Member} where predicate is true, and undefined otherwise.
+     *
+     * @param predicate find calls predicate once for each member of the installation,
+     * until it finds one where predicate returns true. If such a member is found, find
+     * immediately returns that member. Otherwise, find returns undefined.
+     * @param scope the scope to find members from the installations
+     * (personal chat, group chat, Teams channel).
+     * @returns the first {@link Member} where predicate is true, and undefined otherwise.
+     */
+    async findMember(predicate, scope) {
+        for (const target of await this.installations()) {
+            if (this.matchSearchScope(target, scope)) {
+                for (const member of await target.members()) {
+                    if (await predicate(member)) {
+                        return member;
+                    }
+                }
+            }
+        }
+        return;
+    }
+    /**
+     * Returns the first {@link Channel} where predicate is true, and undefined otherwise.
+     *
+     * @param predicate find calls predicate once for each channel of the installation,
+     * until it finds one where predicate returns true. If such a channel is found, find
+     * immediately returns that channel. Otherwise, find returns undefined.
+     * @returns the first {@link Channel} where predicate is true, and undefined otherwise.
+     */
+    async findChannel(predicate) {
+        for (const target of await this.installations()) {
+            if (target.type === NotificationTargetType.Channel) {
+                const teamDetails = await target.getTeamDetails();
+                for (const channel of await target.channels()) {
+                    if (await predicate(channel, teamDetails)) {
+                        return channel;
+                    }
+                }
+            }
+        }
+        return;
+    }
+    /**
+     * Returns all {@link Member} where predicate is true, and empty array otherwise.
+     *
+     * @param predicate find calls predicate for each member of the installation.
+     * @param scope the scope to find members from the installations
+     * (personal chat, group chat, Teams channel).
+     * @returns an array of {@link Member} where predicate is true, and empty array otherwise.
+     */
+    async findAllMembers(predicate, scope) {
+        const members = [];
+        for (const target of await this.installations()) {
+            if (this.matchSearchScope(target, scope)) {
+                for (const member of await target.members()) {
+                    if (await predicate(member)) {
+                        members.push(member);
+                    }
+                }
+            }
+        }
+        return members;
+    }
+    /**
+     * Returns all {@link Channel} where predicate is true, and empty array otherwise.
+     *
+     * @param predicate find calls predicate for each channel of the installation.
+     * @returns an array of {@link Channel} where predicate is true, and empty array otherwise.
+     */
+    async findAllChannels(predicate) {
+        const channels = [];
+        for (const target of await this.installations()) {
+            if (target.type === NotificationTargetType.Channel) {
+                const teamDetails = await target.getTeamDetails();
+                for (const channel of await target.channels()) {
+                    if (await predicate(channel, teamDetails)) {
+                        channels.push(channel);
+                    }
+                }
+            }
+        }
+        return channels;
+    }
+    matchSearchScope(target, scope) {
+        scope = scope !== null && scope !== void 0 ? scope : SearchScope.All;
+        return ((target.type === NotificationTargetType.Channel && (scope & SearchScope.Channel) !== 0) ||
+            (target.type === NotificationTargetType.Group && (scope & SearchScope.Group) !== 0) ||
+            (target.type === NotificationTargetType.Person && (scope & SearchScope.Person) !== 0));
+    }
+}
+/**
+ * The search scope when calling {@link NotificationBot.findMember} and {@link NotificationBot.findAllMembers}.
+ * The search scope is a flagged enum and it can be combined with `|`.
+ * For example, to search from personal chat and group chat, use `SearchScope.Person | SearchScope.Group`.
+ */
+var SearchScope;
+(function (SearchScope) {
+    /**
+     * Search members from the installations in personal chat only.
+     */
+    SearchScope[SearchScope["Person"] = 1] = "Person";
+    /**
+     * Search members from the installations in group chat only.
+     */
+    SearchScope[SearchScope["Group"] = 2] = "Group";
+    /**
+     * Search members from the installations in Teams channel only.
+     */
+    SearchScope[SearchScope["Channel"] = 4] = "Channel";
+    /**
+     * Search members from all installations including personal chat, group chat and Teams channel.
+     */
+    SearchScope[SearchScope["All"] = 7] = "All";
+})(SearchScope || (SearchScope = {}));
+// Copyright (c) Microsoft Corporation.
+let DIALOG_NAME = "BotSsoExecutionDialog";
+let TEAMS_SSO_PROMPT_ID = "TeamsFxSsoPrompt";
+let COMMAND_ROUTE_DIALOG = "CommandRouteDialog";
+/**
+ * Sso execution dialog, use to handle sso command
+ */
+class BotSsoExecutionDialog extends ComponentDialog {
+    /**
+     * Creates a new instance of the BotSsoExecutionDialog.
+     * @param dedupStorage Helper storage to remove duplicated messages
+     * @param settings The list of scopes for which the token will have access
+     * @param teamsfx {@link TeamsFx} instance for authentication
+     */
+    constructor(dedupStorage, ssoPromptSettings, teamsfx, dialogName) {
+        super(dialogName !== null && dialogName !== void 0 ? dialogName : DIALOG_NAME);
+        this.dedupStorageKeys = [];
+        // Map to store the commandId and triggerPatterns, key: commandId, value: triggerPatterns
+        this.commandMapping = new Map();
+        if (dialogName) {
+            DIALOG_NAME = dialogName;
+            TEAMS_SSO_PROMPT_ID = dialogName + TEAMS_SSO_PROMPT_ID;
+            COMMAND_ROUTE_DIALOG = dialogName + COMMAND_ROUTE_DIALOG;
+        }
+        this.initialDialogId = COMMAND_ROUTE_DIALOG;
+        this.dedupStorage = dedupStorage;
+        this.dedupStorageKeys = [];
+        const ssoDialog = new TeamsBotSsoPrompt(teamsfx, TEAMS_SSO_PROMPT_ID, ssoPromptSettings);
+        this.addDialog(ssoDialog);
+        const commandRouteDialog = new WaterfallDialog(COMMAND_ROUTE_DIALOG, [
+            this.commandRouteStep.bind(this),
+        ]);
+        this.addDialog(commandRouteDialog);
+    }
+    /**
+     * Add TeamsFxBotSsoCommandHandler instance
+     * @param handler {@link BotSsoExecutionDialogHandler} callback function
+     * @param triggerPatterns The trigger pattern
+     */
+    addCommand(handler, triggerPatterns) {
+        const commandId = this.getCommandHash(triggerPatterns);
+        const dialog = new WaterfallDialog(commandId, [
+            this.ssoStep.bind(this),
+            this.dedupStep.bind(this),
+            async (stepContext) => {
+                const tokenResponse = stepContext.result.tokenResponse;
+                const context = stepContext.context;
+                const message = stepContext.result.message;
+                try {
+                    if (tokenResponse) {
+                        await handler(context, tokenResponse, message);
+                    }
+                    else {
+                        throw new Error(ErrorMessage.FailedToRetrieveSsoToken);
+                    }
+                    return await stepContext.endDialog();
+                }
+                catch (error) {
+                    const errorMsg = formatString(ErrorMessage.FailedToProcessSsoHandler, error.message);
+                    internalLogger.error(errorMsg);
+                    return await stepContext.endDialog(new ErrorWithCode(errorMsg, ErrorCode.FailedToProcessSsoHandler));
+                }
+            },
+        ]);
+        this.commandMapping.set(commandId, triggerPatterns);
+        this.addDialog(dialog);
+    }
+    getCommandHash(patterns) {
+        const expressions = Array.isArray(patterns) ? patterns : [patterns];
+        const patternStr = expressions.join();
+        const patternStrWithoutSpecialChar = patternStr.replace(/[^a-zA-Z0-9]/g, "");
+        const hash = createHash("sha256").update(patternStr).digest("hex").toLowerCase();
+        return patternStrWithoutSpecialChar + hash;
+    }
+    /**
+     * The run method handles the incoming activity (in the form of a DialogContext) and passes it through the dialog system.
+     *
+     * @param context The context object for the current turn.
+     * @param accessor The instance of StatePropertyAccessor for dialog system.
+     */
+    async run(context, accessor) {
+        const dialogSet = new DialogSet(accessor);
+        dialogSet.add(this);
+        const dialogContext = await dialogSet.createContext(context);
+        this.ensureMsTeamsChannel(dialogContext);
+        const results = await dialogContext.continueDialog();
+        if (results && results.status === DialogTurnStatus.empty) {
+            await dialogContext.beginDialog(this.id);
+        }
+        else if (results &&
+            results.status === DialogTurnStatus.complete &&
+            results.result instanceof Error) {
+            throw results.result;
+        }
+    }
+    getActivityText(activity) {
+        let text = activity.text;
+        const removedMentionText = TurnContext.removeRecipientMention(activity);
+        if (removedMentionText) {
+            text = removedMentionText
+                .toLowerCase()
+                .replace(/\n|\r\n/g, "")
+                .trim();
+        }
+        return text;
+    }
+    async commandRouteStep(stepContext) {
+        const turnContext = stepContext.context;
+        const text = this.getActivityText(turnContext.activity);
+        const commandId = this.getMatchesCommandId(text);
+        if (commandId) {
+            return await stepContext.beginDialog(commandId);
+        }
+        const errorMsg = formatString(ErrorMessage.CannotFindCommand, turnContext.activity.text);
+        internalLogger.error(errorMsg);
+        throw new ErrorWithCode(errorMsg, ErrorCode.CannotFindCommand);
+    }
+    async ssoStep(stepContext) {
+        try {
+            const turnContext = stepContext.context;
+            const text = this.getActivityText(turnContext.activity);
+            const message = {
+                text,
+            };
+            stepContext.options.commandMessage = message;
+            return await stepContext.beginDialog(TEAMS_SSO_PROMPT_ID);
+        }
+        catch (error) {
+            const errorMsg = formatString(ErrorMessage.FailedToRunSsoStep, error.message);
+            internalLogger.error(errorMsg);
+            return await stepContext.endDialog(new ErrorWithCode(errorMsg, ErrorCode.FailedToRunSsoStep));
+        }
+    }
+    async dedupStep(stepContext) {
+        const tokenResponse = stepContext.result;
+        if (!tokenResponse) {
+            internalLogger.error(ErrorMessage.FailedToRetrieveSsoToken);
+            return await stepContext.endDialog(new ErrorWithCode(ErrorMessage.FailedToRetrieveSsoToken, ErrorCode.FailedToRunSsoStep));
+        }
+        try {
+            // Only dedup after ssoStep to make sure that all Teams client would receive the login request
+            if (tokenResponse && (await this.shouldDedup(stepContext.context))) {
+                return Dialog.EndOfTurn;
+            }
+            return await stepContext.next({
+                tokenResponse,
+                message: stepContext.options.commandMessage,
+            });
+        }
+        catch (error) {
+            const errorMsg = formatString(ErrorMessage.FailedToRunDedupStep, error.message);
+            internalLogger.error(errorMsg);
+            return await stepContext.endDialog(new ErrorWithCode(errorMsg, ErrorCode.FailedToRunDedupStep));
+        }
+    }
+    /**
+     * Called when the component is ending.
+     *
+     * @param context Context for the current turn of conversation.
+     */
+    async onEndDialog(context) {
+        const conversationId = context.activity.conversation.id;
+        const currentDedupKeys = this.dedupStorageKeys.filter((key) => key.indexOf(conversationId) > 0);
+        await this.dedupStorage.delete(currentDedupKeys);
+        this.dedupStorageKeys = this.dedupStorageKeys.filter((key) => key.indexOf(conversationId) < 0);
+    }
+    /**
+     * If a user is signed into multiple Teams clients, the Bot might receive a "signin/tokenExchange" from each client.
+     * Each token exchange request for a specific user login will have an identical activity.value.Id.
+     * Only one of these token exchange requests should be processed by the bot. For a distributed bot in production,
+     * this requires a distributed storage to ensure only one token exchange is processed.
+     * @param context Context for the current turn of conversation.
+     * @returns boolean value indicate whether the message should be removed
+     */
+    async shouldDedup(context) {
+        const storeItem = {
+            eTag: context.activity.value.id,
+        };
+        const key = this.getStorageKey(context);
+        const storeItems = { [key]: storeItem };
+        try {
+            await this.dedupStorage.write(storeItems);
+            this.dedupStorageKeys.push(key);
+        }
+        catch (err) {
+            if (err instanceof Error && err.message.indexOf("eTag conflict")) {
+                return true;
+            }
+            throw err;
+        }
+        return false;
+    }
+    getStorageKey(context) {
+        if (!context || !context.activity || !context.activity.conversation) {
+            throw new Error("Invalid context, can not get storage key!");
+        }
+        const activity = context.activity;
+        const channelId = activity.channelId;
+        const conversationId = activity.conversation.id;
+        if (activity.type !== ActivityTypes.Invoke || activity.name !== tokenExchangeOperationName) {
+            throw new Error("TokenExchangeState can only be used with Invokes of signin/tokenExchange.");
+        }
+        const value = activity.value;
+        if (!value || !value.id) {
+            throw new Error("Invalid signin/tokenExchange. Missing activity.value.id.");
+        }
+        return `${channelId}/${conversationId}/${value.id}`;
+    }
+    matchPattern(pattern, text) {
+        if (text) {
+            if (typeof pattern === "string") {
+                const regExp = new RegExp(pattern, "i");
+                return regExp.test(text);
+            }
+            if (pattern instanceof RegExp) {
+                const matches = text.match(pattern);
+                return matches !== null && matches !== void 0 ? matches : false;
+            }
+        }
+        return false;
+    }
+    isPatternMatched(patterns, text) {
+        const expressions = Array.isArray(patterns) ? patterns : [patterns];
+        for (const ex of expressions) {
+            const matches = this.matchPattern(ex, text);
+            return !!matches;
+        }
+        return false;
+    }
+    getMatchesCommandId(text) {
+        for (const command of this.commandMapping) {
+            const pattern = command[1];
+            if (this.isPatternMatched(pattern, text)) {
+                return command[0];
+            }
+        }
+        return undefined;
+    }
+    /**
+     * Ensure bot is running in MS Teams since TeamsBotSsoPrompt is only supported in MS Teams channel.
+     * @param dc dialog context
+     * @throws {@link ErrorCode|ChannelNotSupported} if bot channel is not MS Teams
+     * @internal
+     */
+    ensureMsTeamsChannel(dc) {
+        if (dc.context.activity.channelId != Channels.Msteams) {
+            const errorMsg = formatString(ErrorMessage.OnlyMSTeamsChannelSupported, "SSO execution dialog");
+            internalLogger.error(errorMsg);
+            throw new ErrorWithCode(errorMsg, ErrorCode.ChannelNotSupported);
+        }
+    }
+}
+// Copyright (c) Microsoft Corporation.
+/**
+ * Default SSO execution activity handler
+ */
+class DefaultBotSsoExecutionActivityHandler extends TeamsActivityHandler {
+    /**
+     * Creates a new instance of the DefaultBotSsoExecutionActivityHandler.
+     * @param ssoConfig configuration for SSO command bot
+     *
+     * @remarks
+     * In the constructor, it uses BotSsoConfig parameter which from {@link ConversationBot} options to initialize {@link BotSsoExecutionDialog}.
+     * It also need to register an event handler for the message event which trigger {@link BotSsoExecutionDialog} instance.
+     */
+    constructor(ssoConfig) {
+        var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k;
+        super();
+        const memoryStorage = new MemoryStorage();
+        const userState = (_b = (_a = ssoConfig.dialog) === null || _a === void 0 ? void 0 : _a.userState) !== null && _b !== void 0 ? _b : new UserState(memoryStorage);
+        const conversationState = (_d = (_c = ssoConfig.dialog) === null || _c === void 0 ? void 0 : _c.conversationState) !== null && _d !== void 0 ? _d : new ConversationState(memoryStorage);
+        const dedupStorage = (_f = (_e = ssoConfig.dialog) === null || _e === void 0 ? void 0 : _e.dedupStorage) !== null && _f !== void 0 ? _f : memoryStorage;
+        const _l = ssoConfig.aad, { scopes } = _l, customConfig = __rest(_l, ["scopes"]);
+        const settings = {
+            scopes: scopes,
+            timeout: (_h = (_g = ssoConfig.dialog) === null || _g === void 0 ? void 0 : _g.ssoPromptConfig) === null || _h === void 0 ? void 0 : _h.timeout,
+            endOnInvalidMessage: (_k = (_j = ssoConfig.dialog) === null || _j === void 0 ? void 0 : _j.ssoPromptConfig) === null || _k === void 0 ? void 0 : _k.endOnInvalidMessage,
+        };
+        const teamsfx = new TeamsFx(IdentityType.User, Object.assign({}, customConfig));
+        this.ssoExecutionDialog = new BotSsoExecutionDialog(dedupStorage, settings, teamsfx);
+        this.conversationState = conversationState;
+        this.dialogState = conversationState.createProperty("DialogState");
+        this.userState = userState;
+        this.onMessage(async (context, next) => {
+            await this.ssoExecutionDialog.run(context, this.dialogState);
+            await next();
+        });
+    }
+    /**
+     * Add TeamsFxBotSsoCommandHandler instance to SSO execution dialog
+     * @param handler {@link BotSsoExecutionDialogHandler} callback function
+     * @param triggerPatterns The trigger pattern
+     *
+     * @remarks
+     * This function is used to add SSO command to {@link BotSsoExecutionDialog} instance.
+     */
+    addCommand(handler, triggerPatterns) {
+        this.ssoExecutionDialog.addCommand(handler, triggerPatterns);
+    }
+    /**
+     * Called to initiate the event emission process.
+     * @param context The context object for the current turn.
+     */
+    async run(context) {
+        try {
+            await super.run(context);
+        }
+        finally {
+            await this.conversationState.saveChanges(context, false);
+            await this.userState.saveChanges(context, false);
+        }
+    }
+    /**
+     * Receives invoke activities with Activity name of 'signin/verifyState'.
+     * @param context A context object for this turn.
+     * @param query Signin state (part of signin action auth flow) verification invoke query.
+     * @returns A promise that represents the work queued.
+     *
+     * @remarks
+     * It should trigger {@link BotSsoExecutionDialog} instance to handle signin process
+     */
+    async handleTeamsSigninVerifyState(context, query) {
+        await this.ssoExecutionDialog.run(context, this.dialogState);
+    }
+    /**
+     * Receives invoke activities with Activity name of 'signin/tokenExchange'
+     * @param context A context object for this turn.
+     * @param query Signin state (part of signin action auth flow) verification invoke query
+     * @returns A promise that represents the work queued.
+     *
+     * @remark
+     * It should trigger {@link BotSsoExecutionDialog} instance to handle signin process
+     */
+    async handleTeamsSigninTokenExchange(context, query) {
+        await this.ssoExecutionDialog.run(context, this.dialogState);
+    }
 }
 // Copyright (c) Microsoft Corporation.
@@ -2851,20 +3438,30 @@ class ConversationBot {
      * @param options - initialize options
      */
     constructor(options) {
-        var _a, _b, _c;
+        var _a, _b, _c, _d;
         if (options.adapter) {
             this.adapter = options.adapter;
         }
         else {
             this.adapter = this.createDefaultAdapter(options.adapterConfig);
         }
-        if ((_a = options.command) === null || _a === void 0 ? void 0 : _a.enabled) {
-            this.command = new CommandBot(this.adapter, options.command);
+        let ssoCommandActivityHandler;
+        if (options === null || options === void 0 ? void 0 : options.ssoConfig) {
+            if ((_a = options.ssoConfig.dialog) === null || _a === void 0 ? void 0 : _a.CustomBotSsoExecutionActivityHandler) {
+                ssoCommandActivityHandler =
+                    new options.ssoConfig.dialog.CustomBotSsoExecutionActivityHandler(options.ssoConfig);
+            }
+            else {
+                ssoCommandActivityHandler = new DefaultBotSsoExecutionActivityHandler(options.ssoConfig);
+            }
         }
-        if ((_b = options.notification) === null || _b === void 0 ? void 0 : _b.enabled) {
+        if ((_b = options.command) === null || _b === void 0 ? void 0 : _b.enabled) {
+            this.command = new CommandBot(this.adapter, options.command, ssoCommandActivityHandler, options.ssoConfig);
+        }
+        if ((_c = options.notification) === null || _c === void 0 ? void 0 : _c.enabled) {
             this.notification = new NotificationBot(this.adapter, options.notification);
         }
-        if ((_c = options.cardAction) === null || _c === void 0 ? void 0 : _c.enabled) {
+        if ((_d = options.cardAction) === null || _d === void 0 ? void 0 : _d.enabled) {
             this.cardAction = new CardActionBot(this.adapter, options.cardAction);
         }
     }
@@ -3053,5 +3650,105 @@ class MessageBuilder {
     }
 }
-export { AdaptiveCardResponse, ApiKeyLocation, ApiKeyProvider, AppCredential, BasicAuthProvider, BearerTokenAuthProvider, CardActionBot, CertificateAuthProvider, Channel, CommandBot, ConversationBot, ErrorCode, ErrorWithCode, IdentityType, InvokeResponseErrorCode, InvokeResponseFactory, LogLevel, Member, MessageBuilder, MsGraphAuthProvider, NotificationBot, NotificationTargetType, OnBehalfOfUserCredential, TeamsBotInstallation, TeamsBotSsoPrompt, TeamsFx, TeamsUserCredential, createApiClient, createMicrosoftGraphClient, createPemCertOption, createPfxCertOption, getLogLevel, getTediousConnectionConfig, sendAdaptiveCard, sendMessage, setLogFunction, setLogLevel, setLogger };
+// Copyright (c) Microsoft Corporation.
+/**
+ * Retrieve the OAuth Sign in Link to use in the MessagingExtensionResult Suggested Actions.
+ * This method only work on MessageExtension with Query now.
+ *
+ * @param {TeamsFx} teamsfx - Used to provide configuration and auth.
+ * @param {string | string[]} scopes - The list of scopes for which the token will have access.
+ *
+ * @returns SignIn link CardAction with 200 status code.
+ */
+function getSignInResponseForMessageExtension(teamsfx, scopes) {
+    const scopesArray = getScopesArray(scopes);
+    const signInLink = `${teamsfx.getConfig("initiateLoginEndpoint")}?scope=${encodeURI(scopesArray.join(" "))}&clientId=${teamsfx.getConfig("clientId")}&tenantId=${teamsfx.getConfig("tenantId")}`;
+    return {
+        composeExtension: {
+            type: "silentAuth",
+            suggestedActions: {
+                actions: [
+                    {
+                        type: "openUrl",
+                        value: signInLink,
+                        title: "Message Extension OAuth",
+                    },
+                ],
+            },
+        },
+    };
+}
+/**
+ * execution in message extension with SSO token.
+ *
+ * @param {TurnContext} context - The context object for the current turn.
+ * @param {AuthenticationConfiguration} config - User custom the message extension authentication configuration.
+ * @param {string[]} scopes - The list of scopes for which the token will have access.
+ * @param {function} logic - Business logic when executing the query in message extension with SSO or access token.
+ *
+ * @throws {@link ErrorCode|InternalError} when failed to get access token with unknown error.
+ * @throws {@link ErrorCode|TokenExpiredError} when SSO token has already expired.
+ * @throws {@link ErrorCode|ServiceError} when failed to get access token from simple auth server.
+ * @throws {@link ErrorCode|InvalidParameter} when scopes is not a valid string or string array.
+ * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is nodeJS.
+ *
+ * @returns A MessageExtension Response for the activity. If the logic not return any, return void instead.
+ */
+async function executionWithToken(context, config, scopes, logic) {
+    const valueObj = context.activity.value;
+    if (!valueObj.authentication || !valueObj.authentication.token) {
+        internalLogger.verbose("No AccessToken in request, return silentAuth for AccessToken");
+        return getSignInResponseForMessageExtension(new TeamsFx(IdentityType.User, config), scopes);
+    }
+    try {
+        const teamsfx = new TeamsFx(IdentityType.User, config).setSsoToken(valueObj.authentication.token);
+        const token = await teamsfx.getCredential().getToken(scopes);
+        const ssoTokenExpiration = parseJwt(valueObj.authentication.token).exp;
+        const tokenRes = {
+            ssoToken: valueObj.authentication.token,
+            ssoTokenExpiration: new Date(ssoTokenExpiration * 1000).toISOString(),
+            token: token.token,
+            expiration: token.expiresOnTimestamp.toString(),
+            connectionName: "",
+        };
+        if (logic) {
+            return await logic(tokenRes);
+        }
+    }
+    catch (err) {
+        if (err instanceof ErrorWithCode && err.code === ErrorCode.UiRequiredError) {
+            internalLogger.verbose("User not consent yet, return 412 to user consent first.");
+            const response = { status: 412 };
+            await context.sendActivity({ value: response, type: ActivityTypes.InvokeResponse });
+            return;
+        }
+        throw err;
+    }
+}
+/**
+ * Users execute query in message extension with SSO or access token.
+ *
+ * @param {TurnContext} context - The context object for the current turn.
+ * @param {AuthenticationConfiguration} config - User custom the message extension authentication configuration.
+ * @param {string| string[]} scopes - The list of scopes for which the token will have access.
+ * @param {function} logic - Business logic when executing the query in message extension with SSO or access token.
+ *
+ * @throws {@link ErrorCode|InternalError} when User invoke not response to message extension query.
+ * @throws {@link ErrorCode|InternalError} when failed to get access token with unknown error.
+ * @throws {@link ErrorCode|TokenExpiredError} when SSO token has already expired.
+ * @throws {@link ErrorCode|ServiceError} when failed to get access token from simple auth server.
+ * @throws {@link ErrorCode|InvalidParameter} when scopes is not a valid string or string array.
+ * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is nodeJS.
+ *
+ * @returns A MessageExtension Response for the activity. If the logic not return any, return void instead.
+ */
+async function handleMessageExtensionQueryWithToken(context, config, scopes, logic) {
+    if (context.activity.name != "composeExtension/query") {
+        internalLogger.error(ErrorMessage.OnlySupportInQueryActivity);
+        throw new ErrorWithCode(formatString(ErrorMessage.OnlySupportInQueryActivity), ErrorCode.FailedOperation);
+    }
+    return await executionWithToken(context, config !== null && config !== void 0 ? config : {}, scopes, logic);
+}
+export { AdaptiveCardResponse, ApiKeyLocation, ApiKeyProvider, AppCredential, BasicAuthProvider, BearerTokenAuthProvider, BotSsoExecutionDialog, CardActionBot, CertificateAuthProvider, Channel, CommandBot, ConversationBot, ErrorCode, ErrorWithCode, IdentityType, InvokeResponseErrorCode, InvokeResponseFactory, LogLevel, Member, MessageBuilder, MsGraphAuthProvider, NotificationBot, NotificationTargetType, OnBehalfOfUserCredential, SearchScope, TeamsBotInstallation, TeamsBotSsoPrompt, TeamsFx, TeamsUserCredential, createApiClient, createMicrosoftGraphClient, createPemCertOption, createPfxCertOption, getLogLevel, getTediousConnectionConfig, handleMessageExtensionQueryWithToken, sendAdaptiveCard, sendMessage, setLogFunction, setLogLevel, setLogger };
 //# sourceMappingURL=index.esm2017.mjs.map