@openclaw/msteams 2026.2.21 → 2026.2.22

package/src/attachments/shared.ts

@@ -1,3 +1,5 @@
+import { lookup } from "node:dns/promises";
+import { isPrivateIpAddress } from "openclaw/plugin-sdk";
 import type { MSTeamsAttachmentLike } from "./types.js";
 
 type InlineImageCandidate =
@@ -63,6 +65,19 @@ export function isRecord(value: unknown): value is Record<string, unknown> {
   return Boolean(value) && typeof value === "object" && !Array.isArray(value);
 }
 
+export function resolveRequestUrl(input: RequestInfo | URL): string {
+  if (typeof input === "string") {
+    return input;
+  }
+  if (input instanceof URL) {
+    return input.toString();
+  }
+  if (typeof input === "object" && input && "url" in input && typeof input.url === "string") {
+    return input.url;
+  }
+  return String(input);
+}
+
 export function normalizeContentType(value: unknown): string | undefined {
   if (typeof value !== "string") {
     return undefined;
@@ -289,3 +304,101 @@ export function isUrlAllowed(url: string, allowlist: string[]): boolean {
     return false;
   }
 }
+
+/**
+ * Returns true if the given IPv4 or IPv6 address is in a private, loopback,
+ * or link-local range that must never be reached from media downloads.
+ *
+ * Delegates to the SDK's `isPrivateIpAddress` which handles IPv4-mapped IPv6,
+ * expanded notation, NAT64, 6to4, Teredo, octal IPv4, and fails closed on
+ * parse errors.
+ */
+export const isPrivateOrReservedIP: (ip: string) => boolean = isPrivateIpAddress;
+
+/**
+ * Resolve a hostname via DNS and reject private/reserved IPs.
+ * Throws if the resolved IP is private or resolution fails.
+ */
+export async function resolveAndValidateIP(
+  hostname: string,
+  resolveFn?: (hostname: string) => Promise<{ address: string }>,
+): Promise<string> {
+  const resolve = resolveFn ?? lookup;
+  let resolved: { address: string };
+  try {
+    resolved = await resolve(hostname);
+  } catch {
+    throw new Error(`DNS resolution failed for "${hostname}"`);
+  }
+  if (isPrivateOrReservedIP(resolved.address)) {
+    throw new Error(`Hostname "${hostname}" resolves to private/reserved IP (${resolved.address})`);
+  }
+  return resolved.address;
+}
+
+/** Maximum number of redirects to follow in safeFetch. */
+const MAX_SAFE_REDIRECTS = 5;
+
+/**
+ * Fetch a URL with redirect: "manual", validating each redirect target
+ * against the hostname allowlist and DNS-resolved IP (anti-SSRF).
+ *
+ * This prevents:
+ * - Auto-following redirects to non-allowlisted hosts
+ * - DNS rebinding attacks where an allowlisted domain resolves to a private IP
+ */
+export async function safeFetch(params: {
+  url: string;
+  allowHosts: string[];
+  fetchFn?: typeof fetch;
+  requestInit?: RequestInit;
+  resolveFn?: (hostname: string) => Promise<{ address: string }>;
+}): Promise<Response> {
+  const fetchFn = params.fetchFn ?? fetch;
+  const resolveFn = params.resolveFn;
+  let currentUrl = params.url;
+
+  // Validate the initial URL's resolved IP
+  try {
+    const initialHost = new URL(currentUrl).hostname;
+    await resolveAndValidateIP(initialHost, resolveFn);
+  } catch {
+    throw new Error(`Initial download URL blocked: ${currentUrl}`);
+  }
+
+  for (let i = 0; i <= MAX_SAFE_REDIRECTS; i++) {
+    const res = await fetchFn(currentUrl, {
+      ...params.requestInit,
+      redirect: "manual",
+    });
+
+    if (![301, 302, 303, 307, 308].includes(res.status)) {
+      return res;
+    }
+
+    const location = res.headers.get("location");
+    if (!location) {
+      return res;
+    }
+
+    let redirectUrl: string;
+    try {
+      redirectUrl = new URL(location, currentUrl).toString();
+    } catch {
+      throw new Error(`Invalid redirect URL: ${location}`);
+    }
+
+    // Validate redirect target against hostname allowlist
+    if (!isUrlAllowed(redirectUrl, params.allowHosts)) {
+      throw new Error(`Media redirect target blocked by allowlist: ${redirectUrl}`);
+    }
+
+    // Validate redirect target's resolved IP
+    const redirectHost = new URL(redirectUrl).hostname;
+    await resolveAndValidateIP(redirectHost, resolveFn);
+
+    currentUrl = redirectUrl;
+  }
+
+  throw new Error(`Too many redirects (>${MAX_SAFE_REDIRECTS})`);
+}

package/src/attachments.test.ts

@@ -2,11 +2,37 @@ import type { PluginRuntime } from "openclaw/plugin-sdk";
 import { beforeEach, describe, expect, it, vi } from "vitest";
 import { setMSTeamsRuntime } from "./runtime.js";
 
+/** Mock DNS resolver that always returns a public IP (for anti-SSRF validation in tests). */
+const publicResolveFn = async () => ({ address: "13.107.136.10" });
+
 const detectMimeMock = vi.fn(async () => "image/png");
 const saveMediaBufferMock = vi.fn(async () => ({
   path: "/tmp/saved.png",
   contentType: "image/png",
 }));
+const fetchRemoteMediaMock = vi.fn(
+  async (params: {
+    url: string;
+    maxBytes?: number;
+    filePathHint?: string;
+    fetchImpl?: (input: RequestInfo | URL, init?: RequestInit) => Promise<Response>;
+  }) => {
+    const fetchFn = params.fetchImpl ?? fetch;
+    const res = await fetchFn(params.url);
+    if (!res.ok) {
+      throw new Error(`HTTP ${res.status}`);
+    }
+    const buffer = Buffer.from(await res.arrayBuffer());
+    if (typeof params.maxBytes === "number" && buffer.byteLength > params.maxBytes) {
+      throw new Error(`payload exceeds maxBytes ${params.maxBytes}`);
+    }
+    return {
+      buffer,
+      contentType: res.headers.get("content-type") ?? undefined,
+      fileName: params.filePathHint,
+    };
+  },
+);
 
 const runtimeStub = {
   media: {
@@ -14,6 +40,8 @@ const runtimeStub = {
   },
   channel: {
     media: {
+      fetchRemoteMedia:
+        fetchRemoteMediaMock as unknown as PluginRuntime["channel"]["media"]["fetchRemoteMedia"],
       saveMediaBuffer:
         saveMediaBufferMock as unknown as PluginRuntime["channel"]["media"]["saveMediaBuffer"],
     },
@@ -28,6 +56,7 @@ describe("msteams attachments", () => {
   beforeEach(() => {
     detectMimeMock.mockClear();
     saveMediaBufferMock.mockClear();
+    fetchRemoteMediaMock.mockClear();
     setMSTeamsRuntime(runtimeStub);
   });
 
@@ -116,9 +145,10 @@ describe("msteams attachments", () => {
         maxBytes: 1024 * 1024,
         allowHosts: ["x"],
         fetchFn: fetchMock as unknown as typeof fetch,
+        resolveFn: publicResolveFn,
       });
 
-      expect(fetchMock).toHaveBeenCalledWith("https://x/img");
+      expect(fetchMock).toHaveBeenCalled();
       expect(saveMediaBufferMock).toHaveBeenCalled();
       expect(media).toHaveLength(1);
       expect(media[0]?.path).toBe("/tmp/saved.png");
@@ -143,9 +173,10 @@ describe("msteams attachments", () => {
         maxBytes: 1024 * 1024,
         allowHosts: ["x"],
         fetchFn: fetchMock as unknown as typeof fetch,
+        resolveFn: publicResolveFn,
       });
 
-      expect(fetchMock).toHaveBeenCalledWith("https://x/dl");
+      expect(fetchMock).toHaveBeenCalled();
       expect(media).toHaveLength(1);
     });
 
@@ -168,9 +199,10 @@ describe("msteams attachments", () => {
         maxBytes: 1024 * 1024,
         allowHosts: ["x"],
         fetchFn: fetchMock as unknown as typeof fetch,
+        resolveFn: publicResolveFn,
       });
 
-      expect(fetchMock).toHaveBeenCalledWith("https://x/doc.pdf");
+      expect(fetchMock).toHaveBeenCalled();
       expect(media).toHaveLength(1);
       expect(media[0]?.path).toBe("/tmp/saved.pdf");
       expect(media[0]?.placeholder).toBe("<media:document>");
@@ -195,10 +227,11 @@ describe("msteams attachments", () => {
         maxBytes: 1024 * 1024,
         allowHosts: ["x"],
         fetchFn: fetchMock as unknown as typeof fetch,
+        resolveFn: publicResolveFn,
       });
 
       expect(media).toHaveLength(1);
-      expect(fetchMock).toHaveBeenCalledWith("https://x/inline.png");
+      expect(fetchMock).toHaveBeenCalled();
     });
 
     it("stores inline data:image base64 payloads", async () => {
@@ -222,12 +255,8 @@ describe("msteams attachments", () => {
     it("retries with auth when the first request is unauthorized", async () => {
       const { downloadMSTeamsAttachments } = await load();
       const fetchMock = vi.fn(async (_url: string, opts?: RequestInit) => {
-        const hasAuth = Boolean(
-          opts &&
-          typeof opts === "object" &&
-          "headers" in opts &&
-          (opts.headers as Record<string, string>)?.Authorization,
-        );
+        const headers = new Headers(opts?.headers);
+        const hasAuth = Boolean(headers.get("Authorization"));
         if (!hasAuth) {
           return new Response("unauthorized", { status: 401 });
         }
@@ -244,23 +273,19 @@ describe("msteams attachments", () => {
         allowHosts: ["x"],
         authAllowHosts: ["x"],
         fetchFn: fetchMock as unknown as typeof fetch,
+        resolveFn: publicResolveFn,
       });
 
       expect(fetchMock).toHaveBeenCalled();
       expect(media).toHaveLength(1);
-      expect(fetchMock).toHaveBeenCalledTimes(2);
     });
 
     it("skips auth retries when the host is not in auth allowlist", async () => {
       const { downloadMSTeamsAttachments } = await load();
       const tokenProvider = { getAccessToken: vi.fn(async () => "token") };
       const fetchMock = vi.fn(async (_url: string, opts?: RequestInit) => {
-        const hasAuth = Boolean(
-          opts &&
-          typeof opts === "object" &&
-          "headers" in opts &&
-          (opts.headers as Record<string, string>)?.Authorization,
-        );
+        const headers = new Headers(opts?.headers);
+        const hasAuth = Boolean(headers.get("Authorization"));
         if (!hasAuth) {
           return new Response("forbidden", { status: 403 });
         }
@@ -279,10 +304,11 @@ describe("msteams attachments", () => {
         allowHosts: ["azureedge.net"],
         authAllowHosts: ["graph.microsoft.com"],
         fetchFn: fetchMock as unknown as typeof fetch,
+        resolveFn: publicResolveFn,
       });
 
       expect(media).toHaveLength(0);
-      expect(fetchMock).toHaveBeenCalledTimes(1);
+      expect(fetchMock).toHaveBeenCalled();
       expect(tokenProvider.getAccessToken).not.toHaveBeenCalled();
     });
 
@@ -441,6 +467,88 @@ describe("msteams attachments", () => {
 
       expect(media.media).toHaveLength(2);
     });
+
+    it("blocks SharePoint redirects to hosts outside allowHosts", async () => {
+      const { downloadMSTeamsGraphMedia } = await load();
+      const shareUrl = "https://contoso.sharepoint.com/site/file";
+      const escapedUrl = "https://evil.example/internal.pdf";
+      fetchRemoteMediaMock.mockImplementationOnce(async (params) => {
+        const fetchFn = params.fetchImpl ?? fetch;
+        let currentUrl = params.url;
+        for (let i = 0; i < 5; i += 1) {
+          const res = await fetchFn(currentUrl, { redirect: "manual" });
+          if ([301, 302, 303, 307, 308].includes(res.status)) {
+            const location = res.headers.get("location");
+            if (!location) {
+              throw new Error("redirect missing location");
+            }
+            currentUrl = new URL(location, currentUrl).toString();
+            continue;
+          }
+          if (!res.ok) {
+            throw new Error(`HTTP ${res.status}`);
+          }
+          return {
+            buffer: Buffer.from(await res.arrayBuffer()),
+            contentType: res.headers.get("content-type") ?? undefined,
+            fileName: params.filePathHint,
+          };
+        }
+        throw new Error("too many redirects");
+      });
+
+      const fetchMock = vi.fn(async (url: string) => {
+        if (url.endsWith("/hostedContents")) {
+          return new Response(JSON.stringify({ value: [] }), { status: 200 });
+        }
+        if (url.endsWith("/attachments")) {
+          return new Response(JSON.stringify({ value: [] }), { status: 200 });
+        }
+        if (url.endsWith("/messages/123")) {
+          return new Response(
+            JSON.stringify({
+              attachments: [
+                {
+                  id: "ref-1",
+                  contentType: "reference",
+                  contentUrl: shareUrl,
+                  name: "report.pdf",
+                },
+              ],
+            }),
+            { status: 200 },
+          );
+        }
+        if (url.startsWith("https://graph.microsoft.com/v1.0/shares/")) {
+          return new Response(null, {
+            status: 302,
+            headers: { location: escapedUrl },
+          });
+        }
+        if (url === escapedUrl) {
+          return new Response(Buffer.from("should-not-be-fetched"), {
+            status: 200,
+            headers: { "content-type": "application/pdf" },
+          });
+        }
+        return new Response("not found", { status: 404 });
+      });
+
+      const media = await downloadMSTeamsGraphMedia({
+        messageUrl: "https://graph.microsoft.com/v1.0/chats/19%3Achat/messages/123",
+        tokenProvider: { getAccessToken: vi.fn(async () => "token") },
+        maxBytes: 1024 * 1024,
+        allowHosts: ["graph.microsoft.com", "contoso.sharepoint.com"],
+        fetchFn: fetchMock as unknown as typeof fetch,
+      });
+
+      expect(media.media).toHaveLength(0);
+      const calledUrls = fetchMock.mock.calls.map((call) => String(call[0]));
+      expect(
+        calledUrls.some((url) => url.startsWith("https://graph.microsoft.com/v1.0/shares/")),
+      ).toBe(true);
+      expect(calledUrls).not.toContain(escapedUrl);
+    });
   });
 
   describe("buildMSTeamsMediaPayload", () => {

package/src/channel.ts

@@ -6,6 +6,8 @@ import {
   DEFAULT_ACCOUNT_ID,
   MSTeamsConfigSchema,
   PAIRING_APPROVED_MESSAGE,
+  resolveAllowlistProviderRuntimeGroupPolicy,
+  resolveDefaultGroupPolicy,
 } from "openclaw/plugin-sdk";
 import { listMSTeamsDirectoryGroupsLive, listMSTeamsDirectoryPeersLive } from "./directory-live.js";
 import { msteamsOnboardingAdapter } from "./onboarding.js";
@@ -127,8 +129,12 @@ export const msteamsPlugin: ChannelPlugin<ResolvedMSTeamsAccount> = {
   },
   security: {
     collectWarnings: ({ cfg }) => {
-      const defaultGroupPolicy = cfg.channels?.defaults?.groupPolicy;
-      const groupPolicy = cfg.channels?.msteams?.groupPolicy ?? defaultGroupPolicy ?? "allowlist";
+      const defaultGroupPolicy = resolveDefaultGroupPolicy(cfg);
+      const { groupPolicy } = resolveAllowlistProviderRuntimeGroupPolicy({
+        providerConfigPresent: cfg.channels?.msteams !== undefined,
+        groupPolicy: cfg.channels?.msteams?.groupPolicy,
+        defaultGroupPolicy,
+      });
       if (groupPolicy !== "open") {
         return [];
       }

package/src/directory-live.ts

@@ -1,11 +1,8 @@
 import type { ChannelDirectoryEntry } from "openclaw/plugin-sdk";
+import { searchGraphUsers } from "./graph-users.js";
 import {
-  escapeOData,
-  fetchGraphJson,
   type GraphChannel,
   type GraphGroup,
-  type GraphResponse,
-  type GraphUser,
   listChannelsForTeam,
   listTeamsByName,
   normalizeQuery,
@@ -24,22 +21,7 @@ export async function listMSTeamsDirectoryPeersLive(params: {
   const token = await resolveGraphToken(params.cfg);
   const limit = typeof params.limit === "number" && params.limit > 0 ? params.limit : 20;
 
-  let users: GraphUser[] = [];
-  if (query.includes("@")) {
-    const escaped = escapeOData(query);
-    const filter = `(mail eq '${escaped}' or userPrincipalName eq '${escaped}')`;
-    const path = `/users?$filter=${encodeURIComponent(filter)}&$select=id,displayName,mail,userPrincipalName`;
-    const res = await fetchGraphJson<GraphResponse<GraphUser>>({ token, path });
-    users = res.value ?? [];
-  } else {
-    const path = `/users?$search=${encodeURIComponent(`"displayName:${query}"`)}&$select=id,displayName,mail,userPrincipalName&$top=${limit}`;
-    const res = await fetchGraphJson<GraphResponse<GraphUser>>({
-      token,
-      path,
-      headers: { ConsistencyLevel: "eventual" },
-    });
-    users = res.value ?? [];
-  }
+  const users = await searchGraphUsers({ token, query, top: limit });
 
   return users
     .map((user) => {

package/src/graph-users.test.ts

@@ -0,0 +1,66 @@
+import { beforeEach, describe, expect, it, vi } from "vitest";
+import { searchGraphUsers } from "./graph-users.js";
+import { fetchGraphJson } from "./graph.js";
+
+vi.mock("./graph.js", () => ({
+  escapeOData: vi.fn((value: string) => value.replace(/'/g, "''")),
+  fetchGraphJson: vi.fn(),
+}));
+
+describe("searchGraphUsers", () => {
+  beforeEach(() => {
+    vi.mocked(fetchGraphJson).mockReset();
+  });
+
+  it("returns empty array for blank queries", async () => {
+    await expect(searchGraphUsers({ token: "token-1", query: "   " })).resolves.toEqual([]);
+    expect(fetchGraphJson).not.toHaveBeenCalled();
+  });
+
+  it("uses exact mail/upn filter lookup for email-like queries", async () => {
+    vi.mocked(fetchGraphJson).mockResolvedValueOnce({
+      value: [{ id: "user-1", displayName: "User One" }],
+    } as never);
+
+    const result = await searchGraphUsers({
+      token: "token-2",
+      query: "alice.o'hara@example.com",
+    });
+
+    expect(fetchGraphJson).toHaveBeenCalledWith({
+      token: "token-2",
+      path: "/users?$filter=(mail%20eq%20'alice.o''hara%40example.com'%20or%20userPrincipalName%20eq%20'alice.o''hara%40example.com')&$select=id,displayName,mail,userPrincipalName",
+    });
+    expect(result).toEqual([{ id: "user-1", displayName: "User One" }]);
+  });
+
+  it("uses displayName search with eventual consistency and custom top", async () => {
+    vi.mocked(fetchGraphJson).mockResolvedValueOnce({
+      value: [{ id: "user-2", displayName: "Bob" }],
+    } as never);
+
+    const result = await searchGraphUsers({
+      token: "token-3",
+      query: "bob",
+      top: 25,
+    });
+
+    expect(fetchGraphJson).toHaveBeenCalledWith({
+      token: "token-3",
+      path: "/users?$search=%22displayName%3Abob%22&$select=id,displayName,mail,userPrincipalName&$top=25",
+      headers: { ConsistencyLevel: "eventual" },
+    });
+    expect(result).toEqual([{ id: "user-2", displayName: "Bob" }]);
+  });
+
+  it("falls back to default top and empty value handling", async () => {
+    vi.mocked(fetchGraphJson).mockResolvedValueOnce({} as never);
+
+    await expect(searchGraphUsers({ token: "token-4", query: "carol" })).resolves.toEqual([]);
+    expect(fetchGraphJson).toHaveBeenCalledWith({
+      token: "token-4",
+      path: "/users?$search=%22displayName%3Acarol%22&$select=id,displayName,mail,userPrincipalName&$top=10",
+      headers: { ConsistencyLevel: "eventual" },
+    });
+  });
+});

package/src/graph-users.ts

@@ -0,0 +1,29 @@
+import { escapeOData, fetchGraphJson, type GraphResponse, type GraphUser } from "./graph.js";
+
+export async function searchGraphUsers(params: {
+  token: string;
+  query: string;
+  top?: number;
+}): Promise<GraphUser[]> {
+  const query = params.query.trim();
+  if (!query) {
+    return [];
+  }
+
+  if (query.includes("@")) {
+    const escaped = escapeOData(query);
+    const filter = `(mail eq '${escaped}' or userPrincipalName eq '${escaped}')`;
+    const path = `/users?$filter=${encodeURIComponent(filter)}&$select=id,displayName,mail,userPrincipalName`;
+    const res = await fetchGraphJson<GraphResponse<GraphUser>>({ token: params.token, path });
+    return res.value ?? [];
+  }
+
+  const top = typeof params.top === "number" && params.top > 0 ? params.top : 10;
+  const path = `/users?$search=${encodeURIComponent(`"displayName:${query}"`)}&$select=id,displayName,mail,userPrincipalName&$top=${top}`;
+  const res = await fetchGraphJson<GraphResponse<GraphUser>>({
+    token: params.token,
+    path,
+    headers: { ConsistencyLevel: "eventual" },
+  });
+  return res.value ?? [];
+}

package/src/graph.ts

@@ -1,6 +1,7 @@
 import type { MSTeamsConfig } from "openclaw/plugin-sdk";
 import { GRAPH_ROOT } from "./attachments/shared.js";
 import { loadMSTeamsSdkWithAuth } from "./sdk.js";
+import { readAccessToken } from "./token-response.js";
 import { resolveMSTeamsCredentials } from "./token.js";
 
 export type GraphUser = {
@@ -22,18 +23,6 @@ export type GraphChannel = {
 
 export type GraphResponse<T> = { value?: T[] };
 
-function readAccessToken(value: unknown): string | null {
-  if (typeof value === "string") {
-    return value;
-  }
-  if (value && typeof value === "object") {
-    const token =
-      (value as { accessToken?: unknown }).accessToken ?? (value as { token?: unknown }).token;
-    return typeof token === "string" ? token : null;
-  }
-  return null;
-}
-
 export function normalizeQuery(value?: string | null): string {
   return value?.trim() ?? "";
 }

package/src/messenger.ts

@@ -441,11 +441,7 @@ export async function sendMSTeamsMessages(params: {
     }
   };
 
-  if (params.replyStyle === "thread") {
-    const ctx = params.context;
-    if (!ctx) {
-      throw new Error("Missing context for replyStyle=thread");
-    }
+  const sendMessagesInContext = async (ctx: SendContext): Promise<string[]> => {
     const messageIds: string[] = [];
     for (const [idx, message] of messages.entries()) {
       const response = await sendWithRetry(
@@ -464,6 +460,14 @@ export async function sendMSTeamsMessages(params: {
       messageIds.push(extractMessageId(response) ?? "unknown");
     }
     return messageIds;
+  };
+
+  if (params.replyStyle === "thread") {
+    const ctx = params.context;
+    if (!ctx) {
+      throw new Error("Missing context for replyStyle=thread");
+    }
+    return await sendMessagesInContext(ctx);
   }
 
   const baseRef = buildConversationReference(params.conversationRef);
@@ -474,22 +478,7 @@ export async function sendMSTeamsMessages(params: {
 
   const messageIds: string[] = [];
   await params.adapter.continueConversation(params.appId, proactiveRef, async (ctx) => {
-    for (const [idx, message] of messages.entries()) {
-      const response = await sendWithRetry(
-        async () =>
-          await ctx.sendActivity(
-            await buildActivity(
-              message,
-              params.conversationRef,
-              params.tokenProvider,
-              params.sharePointSiteId,
-              params.mediaMaxBytes,
-            ),
-          ),
-        { messageIndex: idx, messageCount: messages.length },
-      );
-      messageIds.push(extractMessageId(response) ?? "unknown");
-    }
+    messageIds.push(...(await sendMessagesInContext(ctx)));
   });
   return messageIds;
 }

package/src/monitor-handler/message-handler.ts

@@ -5,6 +5,7 @@ import {
   logInboundDrop,
   recordPendingHistoryEntryIfEnabled,
   resolveControlCommandGate,
+  resolveDefaultGroupPolicy,
   resolveMentionGating,
   formatAllowlistMatchMeta,
   type HistoryEntry,
@@ -124,16 +125,17 @@ export function createMSTeamsMessageHandler(deps: MSTeamsMessageHandlerDeps) {
 
     const senderName = from.name ?? from.id;
     const senderId = from.aadObjectId ?? from.id;
-    const storedAllowFrom = await core.channel.pairing
-      .readAllowFromStore("msteams")
-      .catch(() => []);
+    const dmPolicy = msteamsCfg?.dmPolicy ?? "pairing";
+    const storedAllowFrom =
+      dmPolicy === "allowlist"
+        ? []
+        : await core.channel.pairing.readAllowFromStore("msteams").catch(() => []);
     const useAccessGroups = cfg.commands?.useAccessGroups !== false;
 
     // Check DM policy for direct messages.
     const dmAllowFrom = msteamsCfg?.allowFrom ?? [];
     const effectiveDmAllowFrom = [...dmAllowFrom.map((v) => String(v)), ...storedAllowFrom];
     if (isDirectMessage && msteamsCfg) {
-      const dmPolicy = msteamsCfg.dmPolicy ?? "pairing";
       const allowFrom = dmAllowFrom;
 
       if (dmPolicy === "disabled") {
@@ -173,7 +175,7 @@ export function createMSTeamsMessageHandler(deps: MSTeamsMessageHandlerDeps) {
       }
     }
 
-    const defaultGroupPolicy = cfg.channels?.defaults?.groupPolicy;
+    const defaultGroupPolicy = resolveDefaultGroupPolicy(cfg);
     const groupPolicy =
       !isDirectMessage && msteamsCfg
         ? (msteamsCfg.groupPolicy ?? defaultGroupPolicy ?? "allowlist")

package/src/probe.ts

@@ -1,6 +1,7 @@
 import type { BaseProbeResult, MSTeamsConfig } from "openclaw/plugin-sdk";
 import { formatUnknownError } from "./errors.js";
 import { loadMSTeamsSdkWithAuth } from "./sdk.js";
+import { readAccessToken } from "./token-response.js";
 import { resolveMSTeamsCredentials } from "./token.js";
 
 export type ProbeMSTeamsResult = BaseProbeResult<string> & {
@@ -13,18 +14,6 @@ export type ProbeMSTeamsResult = BaseProbeResult<string> & {
   };
 };
 
-function readAccessToken(value: unknown): string | null {
-  if (typeof value === "string") {
-    return value;
-  }
-  if (value && typeof value === "object") {
-    const token =
-      (value as { accessToken?: unknown }).accessToken ?? (value as { token?: unknown }).token;
-    return typeof token === "string" ? token : null;
-  }
-  return null;
-}
-
 function decodeJwtPayload(token: string): Record<string, unknown> | null {
   const parts = token.split(".");
   if (parts.length < 2) {