npm - @microsoft/teamsfx - Versions diffs - 1.2.1-rc.1 → 2.0.0-alpha.585cd02ba.0 - Mend

@microsoft/teamsfx 1.2.1-rc.1 → 2.0.0-alpha.585cd02ba.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/dist/index.esm2017.js +168 -159
package/dist/index.esm2017.js.map +1 -1
package/dist/index.esm2017.mjs +229 -79
package/dist/index.esm2017.mjs.map +1 -1
package/dist/index.esm5.js +163 -150
package/dist/index.esm5.js.map +1 -1
package/dist/index.node.cjs.js +234 -78
package/dist/index.node.cjs.js.map +1 -1
package/package.json +5 -5
package/types/teamsfx.d.ts +2119 -1928

package/dist/index.esm2017.mjs CHANGED Viewed

@@ -454,17 +454,6 @@ function parseCertificate(certificateContent) {
  * Only works in in server side.
  */
 class AppCredential {
-    /**
-     * Constructor of AppCredential.
-     *
-     * @remarks
-     * Only works in in server side.
-     *
-     * @param {AuthenticationConfiguration} authConfig - The authentication configuration. Use environment variables if not provided.
-     *
-     * @throws {@link ErrorCode|InvalidConfiguration} when client id, client secret or tenant id is not found in config.
-     * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is nodeJS.
-     */
     constructor(authConfig) {
         internalLogger.info("Create M365 tenant credential");
         const config = this.loadAndValidateConfig(authConfig);
@@ -570,19 +559,6 @@ class AppCredential {
  * Can only be used in server side.
  */
 class OnBehalfOfUserCredential {
-    /**
-     * Constructor of OnBehalfOfUserCredential
-     *
-     * @remarks
-     * Only works in in server side.
-     *
-     * @param {string} ssoToken - User token provided by Teams SSO feature.
-     * @param {AuthenticationConfiguration} config - The authentication configuration. Use environment variables if not provided.
-     *
-     * @throws {@link ErrorCode|InvalidConfiguration} when client id, client secret, certificate content, authority host or tenant id is not found in config.
-     * @throws {@link ErrorCode|InternalError} when SSO token is not valid.
-     * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is browser.
-     */
     constructor(ssoToken, config) {
         internalLogger.info("Get on behalf of user credential");
         const missingConfigurations = [];
@@ -725,11 +701,6 @@ class OnBehalfOfUserCredential {
  * Can only be used within Teams.
  */
 class TeamsUserCredential {
-    /**
-     * Constructor of TeamsUserCredential.
-     * @remarks
-     * Can only be used within Teams.
-     */
     constructor(authConfig) {
         throw new ErrorWithCode(formatString(ErrorMessage.NodejsRuntimeNotSupported, "TeamsUserCredential"), ErrorCode.RuntimeNotSupported);
     }
@@ -771,18 +742,8 @@ const defaultScope = "https://graph.microsoft.com/.default";
  * Microsoft Graph auth provider for Teams Framework
  */
 class MsGraphAuthProvider {
-    /**
-     * Constructor of MsGraphAuthProvider.
-     *
-     * @param {TeamsFx} teamsfx - Used to provide configuration and auth.
-     * @param {string | string[]} scopes - The list of scopes for which the token will have access.
-     *
-     * @throws {@link ErrorCode|InvalidParameter} when scopes is not a valid string or string array.
-     *
-     * @returns An instance of MsGraphAuthProvider.
-     */
-    constructor(teamsfx, scopes) {
-        this.teamsfx = teamsfx;
+    constructor(credentialOrTeamsFx, scopes) {
+        this.credentialOrTeamsFx = credentialOrTeamsFx;
         let scopesStr = defaultScope;
         if (scopes) {
             validateScopesType(scopes);
@@ -808,7 +769,15 @@ class MsGraphAuthProvider {
      */
     async getAccessToken() {
         internalLogger.info(`Get Graph Access token with scopes: '${this.scopes}'`);
-        const accessToken = await this.teamsfx.getCredential().getToken(this.scopes);
+        let accessToken;
+        if (this.credentialOrTeamsFx.getCredential) {
+            accessToken = await this.credentialOrTeamsFx
+                .getCredential()
+                .getToken(this.scopes);
+        }
+        else {
+            accessToken = await this.credentialOrTeamsFx.getToken(this.scopes);
+        }
         return new Promise((resolve, reject) => {
             if (accessToken) {
                 resolve(accessToken.token);
@@ -825,7 +794,6 @@ class MsGraphAuthProvider {
 // Copyright (c) Microsoft Corporation.
 /**
  * Get Microsoft graph client.
- *
  * @example
  * Get Microsoft graph client by TokenCredential
  * ```typescript
@@ -879,6 +847,66 @@ function createMicrosoftGraphClient(teamsfx, scopes) {
         authProvider,
     });
     return graphClient;
+}
+// eslint-disable-next-line no-secrets/no-secrets
+/**
+ * Get Microsoft graph client.
+ * @example
+ * Get Microsoft graph client by TokenCredential
+ * ```typescript
+ * // In browser: TeamsUserCredential
+ * const authConfig: TeamsUserCredentialAuthConfig = {
+ *   clientId: "xxx",
+    initiateLoginEndpoint: "https://xxx/auth-start.html",
+ * };
+ * const credential = new TeamsUserCredential(authConfig);
+ * const scope = "User.Read";
+ * await credential.login(scope);
+ * const client = createMicrosoftGraphClientWithCredential(credential, scope);
+ * // In node: OnBehalfOfUserCredential
+ * const oboAuthConfig: OnBehalfOfCredentialAuthConfig = {
+ *   authorityHost: "xxx",
+ *   clientId: "xxx",
+ *   tenantId: "xxx",
+ *   clientSecret: "xxx",
+ * };
+ * const oboCredential = new OnBehalfOfUserCredential(ssoToken, oboAuthConfig);
+ * const scope = "User.Read";
+ * const client = createMicrosoftGraphClientWithCredential(oboCredential, scope);
+ * // In node: AppCredential
+ * const appAuthConfig: AppCredentialAuthConfig = {
+ *   authorityHost: "xxx",
+ *   clientId: "xxx",
+ *   tenantId: "xxx",
+ *   clientSecret: "xxx",
+ * };
+ * const appCredential = new AppCredential(appAuthConfig);
+ * const scope = "User.Read";
+ * const client = createMicrosoftGraphClientWithCredential(appCredential, scope);
+ *
+ * const profile = await client.api("/me").get();
+ * ```
+ *
+ * @param {TokenCredential} credential - Used to provide configuration and auth.
+ * @param scopes - The array of Microsoft Token scope of access. Default value is `[.default]`.
+ *
+ * @throws {@link ErrorCode|InvalidParameter} when scopes is not a valid string or string array.
+ *
+ * @returns Graph client with specified scopes.
+ */
+function createMicrosoftGraphClientWithCredential(credential, scopes) {
+    internalLogger.info("Create Microsoft Graph Client");
+    const authProvider = new MsGraphAuthProvider(credential, scopes);
+    const graphClient = Client.initWithMiddleware({
+        authProvider,
+    });
+    return graphClient;
 }
 // Copyright (c) Microsoft Corporation.
@@ -890,6 +918,8 @@ const defaultSQLScope = "https://database.windows.net/";
 /**
  * Generate connection configuration consumed by tedious.
  *
+ * @deprecated we recommend you compose your own Tedious configuration for better flexibility.
+ *
  * @param {TeamsFx} teamsfx - Used to provide configuration and auth
  * @param { string? } databaseName - specify database name to override default one if there are multiple databases.
  *
@@ -1125,22 +1155,20 @@ class TokenExchangeInvokeResponse {
  * ```
  */
 class TeamsBotSsoPrompt extends Dialog {
-    /**
-     * Constructor of TeamsBotSsoPrompt.
-     *
-     * @param {TeamsFx} teamsfx - Used to provide configuration and auth
-     * @param dialogId Unique ID of the dialog within its parent `DialogSet` or `ComponentDialog`.
-     * @param settings Settings used to configure the prompt.
-     *
-     * @throws {@link ErrorCode|InvalidParameter} when scopes is not a valid string or string array.
-     * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is browser.
-     */
-    constructor(teamsfx, dialogId, settings) {
-        super(dialogId);
-        this.teamsfx = teamsfx;
-        this.settings = settings;
-        validateScopesType(settings.scopes);
-        this.loadAndValidateConfig();
+    constructor(authConfig, ...args) {
+        super(arguments.length === 3 ? args[0] : args[1]);
+        if (authConfig.getCredential) {
+            const teamsfx = authConfig;
+            this.authConfig = this.loadAndValidateConfig(teamsfx);
+            this.initiateLoginEndpoint = teamsfx.getConfig("initiateLoginEndpoint");
+            this.settings = args[1];
+        }
+        else {
+            this.initiateLoginEndpoint = args[0];
+            this.authConfig = authConfig;
+            this.settings = args[2];
+        }
+        validateScopesType(this.settings.scopes);
         internalLogger.info("Create a new Teams Bot SSO Prompt");
     }
     /**
@@ -1237,20 +1265,20 @@ class TeamsBotSsoPrompt extends Dialog {
             return Dialog.EndOfTurn;
         }
     }
-    loadAndValidateConfig() {
-        if (this.teamsfx.getIdentityType() !== IdentityType.User) {
-            const errorMsg = formatString(ErrorMessage.IdentityTypeNotSupported, this.teamsfx.getIdentityType().toString(), "TeamsBotSsoPrompt");
+    loadAndValidateConfig(teamsfx) {
+        if (teamsfx.getIdentityType() !== IdentityType.User) {
+            const errorMsg = formatString(ErrorMessage.IdentityTypeNotSupported, teamsfx.getIdentityType().toString(), "TeamsBotSsoPrompt");
             internalLogger.error(errorMsg);
             throw new ErrorWithCode(errorMsg, ErrorCode.IdentityTypeNotSupported);
         }
         const missingConfigurations = [];
-        if (!this.teamsfx.hasConfig("initiateLoginEndpoint")) {
+        if (!teamsfx.hasConfig("initiateLoginEndpoint")) {
             missingConfigurations.push("initiateLoginEndpoint");
         }
-        if (!this.teamsfx.hasConfig("clientId")) {
+        if (!teamsfx.hasConfig("clientId")) {
             missingConfigurations.push("clientId");
         }
-        if (!this.teamsfx.hasConfig("tenantId")) {
+        if (!teamsfx.hasConfig("tenantId")) {
             missingConfigurations.push("tenantId");
         }
         if (missingConfigurations.length != 0) {
@@ -1258,6 +1286,24 @@ class TeamsBotSsoPrompt extends Dialog {
             internalLogger.error(errorMsg);
             throw new ErrorWithCode(errorMsg, ErrorCode.InvalidConfiguration);
         }
+        let authConfig;
+        if (teamsfx.getConfig("clientSecret")) {
+            authConfig = {
+                authorityHost: teamsfx.getConfig("authorityHost"),
+                clientId: teamsfx.getConfig("clientId"),
+                tenantId: teamsfx.getConfig("tenantId"),
+                clientSecret: teamsfx.getConfig("clientSecret"),
+            };
+        }
+        else {
+            authConfig = {
+                authorityHost: teamsfx.getConfig("authorityHost"),
+                clientId: teamsfx.getConfig("clientId"),
+                tenantId: teamsfx.getConfig("tenantId"),
+                certificateContent: teamsfx.getConfig("certificateContent"),
+            };
+        }
+        return authConfig;
     }
     /**
      * Ensure bot is running in MS Teams since TeamsBotSsoPrompt is only supported in MS Teams channel.
@@ -1299,7 +1345,7 @@ class TeamsBotSsoPrompt extends Dialog {
      */
     getSignInResource(loginHint) {
         internalLogger.verbose("Get sign in authentication configuration");
-        const signInLink = `${this.teamsfx.getConfig("initiateLoginEndpoint")}?scope=${encodeURI(this.settings.scopes.join(" "))}&clientId=${this.teamsfx.getConfig("clientId")}&tenantId=${this.teamsfx.getConfig("tenantId")}&loginHint=${loginHint}`;
+        const signInLink = `${this.initiateLoginEndpoint}?scope=${encodeURI(this.settings.scopes.join(" "))}&clientId=${this.authConfig.clientId}&tenantId=${this.authConfig.tenantId}&loginHint=${loginHint}`;
         internalLogger.verbose("Sign in link: " + signInLink);
         const tokenExchangeResource = {
             id: v4(),
@@ -1325,8 +1371,7 @@ class TeamsBotSsoPrompt extends Dialog {
             }
             else {
                 const ssoToken = context.activity.value.token;
-                this.teamsfx.setSsoToken(ssoToken);
-                const credential = this.teamsfx.getCredential();
+                const credential = new OnBehalfOfUserCredential(ssoToken, this.authConfig);
                 let exchangedToken;
                 try {
                     exchangedToken = await credential.getToken(this.settings.scopes);
@@ -3133,27 +3178,29 @@ let COMMAND_ROUTE_DIALOG = "CommandRouteDialog";
  * Sso execution dialog, use to handle sso command
  */
 class BotSsoExecutionDialog extends ComponentDialog {
-    /**
-     * Creates a new instance of the BotSsoExecutionDialog.
-     * @param dedupStorage Helper storage to remove duplicated messages
-     * @param settings The list of scopes for which the token will have access
-     * @param teamsfx {@link TeamsFx} instance for authentication
-     */
-    constructor(dedupStorage, ssoPromptSettings, teamsfx, dialogName) {
-        super(dialogName !== null && dialogName !== void 0 ? dialogName : DIALOG_NAME);
+    constructor(dedupStorage, ssoPromptSettings, authConfig, ...args) {
+        var _a;
+        super((_a = (authConfig.getCredential ? args[0] : args[1])) !== null && _a !== void 0 ? _a : DIALOG_NAME);
         this.dedupStorageKeys = [];
         // Map to store the commandId and triggerPatterns, key: commandId, value: triggerPatterns
         this.commandMapping = new Map();
+        const dialogName = authConfig.getCredential ? args[0] : args[1];
         if (dialogName) {
             DIALOG_NAME = dialogName;
             TEAMS_SSO_PROMPT_ID = dialogName + TEAMS_SSO_PROMPT_ID;
             COMMAND_ROUTE_DIALOG = dialogName + COMMAND_ROUTE_DIALOG;
         }
+        let ssoDialog;
+        if (authConfig.getCredential) {
+            ssoDialog = new TeamsBotSsoPrompt(authConfig, TEAMS_SSO_PROMPT_ID, ssoPromptSettings);
+        }
+        else {
+            ssoDialog = new TeamsBotSsoPrompt(authConfig, args[0], TEAMS_SSO_PROMPT_ID, ssoPromptSettings);
+        }
+        this.addDialog(ssoDialog);
         this.initialDialogId = COMMAND_ROUTE_DIALOG;
         this.dedupStorage = dedupStorage;
         this.dedupStorageKeys = [];
-        const ssoDialog = new TeamsBotSsoPrompt(teamsfx, TEAMS_SSO_PROMPT_ID, ssoPromptSettings);
-        this.addDialog(ssoDialog);
         const commandRouteDialog = new WaterfallDialog(COMMAND_ROUTE_DIALOG, [
             this.commandRouteStep.bind(this),
         ]);
@@ -3739,6 +3786,34 @@ class MessageBuilder {
 }
 // Copyright (c) Microsoft Corporation.
+/**
+ * Retrieve the OAuth Sign in Link to use in the MessagingExtensionResult Suggested Actions.
+ * This method only work on MessageExtension with Query now.
+ *
+ * @param {OnBehalfOfCredentialAuthConfig} authConfig - User custom the message extension authentication configuration.
+ * @param {initiateLoginEndpoint} initiateLoginEndpoint - Login page for Teams to redirect to.
+ * @param {string | string[]} scopes - The list of scopes for which the token will have access.
+ *
+ * @returns SignIn link CardAction with 200 status code.
+ */
+function getSignInResponseForMessageExtensionWithAuthConfig(authConfig, initiateLoginEndpoint, scopes) {
+    const scopesArray = getScopesArray(scopes);
+    const signInLink = `${initiateLoginEndpoint}?scope=${encodeURI(scopesArray.join(" "))}&clientId=${authConfig.clientId}&tenantId=${authConfig.tenantId}`;
+    return {
+        composeExtension: {
+            type: "silentAuth",
+            suggestedActions: {
+                actions: [
+                    {
+                        type: "openUrl",
+                        value: signInLink,
+                        title: "Message Extension OAuth",
+                    },
+                ],
+            },
+        },
+    };
+}
 /**
  * Retrieve the OAuth Sign in Link to use in the MessagingExtensionResult Suggested Actions.
  * This method only work on MessageExtension with Query now.
@@ -3766,6 +3841,54 @@ function getSignInResponseForMessageExtension(teamsfx, scopes) {
         },
     };
 }
+/**
+ * execution in message extension with SSO token.
+ *
+ * @param {TurnContext} context - The context object for the current turn.
+ * @param {OnBehalfOfCredentialAuthConfig} authConfig - User custom the message extension authentication configuration.
+ * @param {initiateLoginEndpoint} initiateLoginEndpoint - Login page for Teams to redirect to.
+ * @param {string[]} scopes - The list of scopes for which the token will have access.
+ * @param {function} logic - Business logic when executing the query in message extension with SSO or access token.
+ *
+ * @throws {@link ErrorCode|InternalError} when failed to get access token with unknown error.
+ * @throws {@link ErrorCode|TokenExpiredError} when SSO token has already expired.
+ * @throws {@link ErrorCode|ServiceError} when failed to get access token from simple auth server.
+ * @throws {@link ErrorCode|InvalidParameter} when scopes is not a valid string or string array.
+ * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is nodeJS.
+ *
+ * @returns A MessageExtension Response for the activity. If the logic not return any, return void instead.
+ */
+async function executionWithTokenAndConfig(context, authConfig, initiateLoginEndpoint, scopes, logic) {
+    const valueObj = context.activity.value;
+    if (!valueObj.authentication || !valueObj.authentication.token) {
+        internalLogger.verbose("No AccessToken in request, return silentAuth for AccessToken");
+        return getSignInResponseForMessageExtensionWithAuthConfig(authConfig, initiateLoginEndpoint, scopes);
+    }
+    try {
+        const credential = new OnBehalfOfUserCredential(valueObj.authentication.token, authConfig);
+        const token = await credential.getToken(scopes);
+        const ssoTokenExpiration = parseJwt(valueObj.authentication.token).exp;
+        const tokenRes = {
+            ssoToken: valueObj.authentication.token,
+            ssoTokenExpiration: new Date(ssoTokenExpiration * 1000).toISOString(),
+            token: token.token,
+            expiration: token.expiresOnTimestamp.toString(),
+            connectionName: "",
+        };
+        if (logic) {
+            return await logic(tokenRes);
+        }
+    }
+    catch (err) {
+        if (err instanceof ErrorWithCode && err.code === ErrorCode.UiRequiredError) {
+            internalLogger.verbose("User not consent yet, return 412 to user consent first.");
+            const response = { status: 412 };
+            await context.sendActivity({ value: response, type: ActivityTypes.InvokeResponse });
+            return;
+        }
+        throw err;
+    }
+}
 /**
  * execution in message extension with SSO token.
  *
@@ -3813,9 +3936,11 @@ async function executionWithToken(context, config, scopes, logic) {
         throw err;
     }
 }
+// eslint-disable-next-line no-secrets/no-secrets
 /**
  * Users execute query in message extension with SSO or access token.
  *
+ *
  * @param {TurnContext} context - The context object for the current turn.
  * @param {AuthenticationConfiguration} config - User custom the message extension authentication configuration.
  * @param {string| string[]} scopes - The list of scopes for which the token will have access.
@@ -3836,7 +3961,32 @@ async function handleMessageExtensionQueryWithToken(context, config, scopes, log
         throw new ErrorWithCode(formatString(ErrorMessage.OnlySupportInQueryActivity), ErrorCode.FailedOperation);
     }
     return await executionWithToken(context, config !== null && config !== void 0 ? config : {}, scopes, logic);
+}
+/**
+ * Users execute query in message extension with SSO or access token.
+ *
+ * @param {TurnContext} context - The context object for the current turn.
+ * @param {OnBehalfOfCredentialAuthConfig} config - User custom the message extension authentication configuration.
+ * @param {initiateLoginEndpoint} initiateLoginEndpoint - Login page for Teams to redirect to.
+ * @param {string| string[]} scopes - The list of scopes for which the token will have access.
+ * @param {function} logic - Business logic when executing the query in message extension with SSO or access token.
+ *
+ * @throws {@link ErrorCode|InternalError} when User invoke not response to message extension query.
+ * @throws {@link ErrorCode|InternalError} when failed to get access token with unknown error.
+ * @throws {@link ErrorCode|TokenExpiredError} when SSO token has already expired.
+ * @throws {@link ErrorCode|ServiceError} when failed to get access token from simple auth server.
+ * @throws {@link ErrorCode|InvalidParameter} when scopes is not a valid string or string array.
+ * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is nodeJS.
+ *
+ * @returns A MessageExtension Response for the activity. If the logic not return any, return void instead.
+ */
+async function handleMessageExtensionQueryWithSSO(context, config, initiateLoginEndpoint, scopes, logic) {
+    if (context.activity.name != "composeExtension/query") {
+        internalLogger.error(ErrorMessage.OnlySupportInQueryActivity);
+        throw new ErrorWithCode(formatString(ErrorMessage.OnlySupportInQueryActivity), ErrorCode.FailedOperation);
+    }
+    return await executionWithTokenAndConfig(context, config !== null && config !== void 0 ? config : {}, initiateLoginEndpoint, scopes, logic);
 }
-export { AdaptiveCardResponse, ApiKeyLocation, ApiKeyProvider, AppCredential, BasicAuthProvider, BearerTokenAuthProvider, BotSsoExecutionDialog, CardActionBot, CertificateAuthProvider, Channel, CommandBot, ConversationBot, ErrorCode, ErrorWithCode, IdentityType, InvokeResponseErrorCode, InvokeResponseFactory, LogLevel, Member, MessageBuilder, MsGraphAuthProvider, NotificationBot, NotificationTargetType, OnBehalfOfUserCredential, SearchScope, TeamsBotInstallation, TeamsBotSsoPrompt, TeamsFx, TeamsUserCredential, createApiClient, createMicrosoftGraphClient, createPemCertOption, createPfxCertOption, getLogLevel, getTediousConnectionConfig, handleMessageExtensionQueryWithToken, sendAdaptiveCard, sendMessage, setLogFunction, setLogLevel, setLogger };
+export { AdaptiveCardResponse, ApiKeyLocation, ApiKeyProvider, AppCredential, BasicAuthProvider, BearerTokenAuthProvider, BotSsoExecutionDialog, CardActionBot, CertificateAuthProvider, Channel, CommandBot, ConversationBot, ErrorCode, ErrorWithCode, IdentityType, InvokeResponseErrorCode, InvokeResponseFactory, LogLevel, Member, MessageBuilder, MsGraphAuthProvider, NotificationBot, NotificationTargetType, OnBehalfOfUserCredential, SearchScope, TeamsBotInstallation, TeamsBotSsoPrompt, TeamsFx, TeamsUserCredential, createApiClient, createMicrosoftGraphClient, createMicrosoftGraphClientWithCredential, createPemCertOption, createPfxCertOption, getLogLevel, getTediousConnectionConfig, handleMessageExtensionQueryWithSSO, handleMessageExtensionQueryWithToken, sendAdaptiveCard, sendMessage, setLogFunction, setLogLevel, setLogger };
 //# sourceMappingURL=index.esm2017.mjs.map