@openclaw/msteams 2026.3.13 → 2026.5.2-beta.1

package/src/messenger.ts

@@ -1,13 +1,15 @@
 import {
-  type ChunkMode,
   isSilentReplyText,
-  loadWebMedia,
-  type MarkdownTableMode,
-  type MSTeamsReplyStyle,
-  type ReplyPayload,
   SILENT_REPLY_TOKEN,
-  sleep,
-} from "openclaw/plugin-sdk/msteams";
+  type ChunkMode,
+} from "openclaw/plugin-sdk/reply-chunking";
+import {
+  resolveSendableOutboundReplyParts,
+  type ReplyPayload,
+} from "openclaw/plugin-sdk/reply-payload";
+import { normalizeOptionalLowercaseString, sleep } from "openclaw/plugin-sdk/text-runtime";
+import { loadWebMedia } from "openclaw/plugin-sdk/web-media";
+import type { MarkdownTableMode, MSTeamsReplyStyle, OpenClawConfig } from "../runtime-api.js";
 import type { MSTeamsAccessTokenProvider } from "./attachments/types.js";
 import type { StoredConversationReference } from "./conversation-store.js";
 import { classifyMSTeamsSendError } from "./errors.js";
@@ -20,6 +22,7 @@ import {
 } from "./graph-upload.js";
 import { extractFilename, extractMessageId, getMimeType, isLocalPath } from "./media-helpers.js";
 import { parseMentions } from "./mentions.js";
+import { setPendingUploadActivityId } from "./pending-uploads.js";
 import { withRevokedProxyFallback } from "./revoked-context.js";
 import { getMSTeamsRuntime } from "./runtime.js";
 
@@ -37,9 +40,11 @@ const FILE_CONSENT_THRESHOLD_BYTES = 4 * 1024 * 1024;
 
 type SendContext = {
   sendActivity: (textOrActivity: string | object) => Promise<unknown>;
+  updateActivity: (activity: object) => Promise<{ id?: string } | void>;
+  deleteActivity: (activityId: string) => Promise<void>;
 };
 
-export type MSTeamsConversationReference = {
+type MSTeamsConversationReference = {
   activityId?: string;
   user?: { id?: string; name?: string; aadObjectId?: string };
   agent?: { id?: string; name?: string; aadObjectId?: string } | null;
@@ -47,6 +52,18 @@ export type MSTeamsConversationReference = {
   channelId: string;
   serviceUrl?: string;
   locale?: string;
+  /**
+   * Top-level tenant ID echoed onto the Bot Framework connector request. Included
+   * alongside `conversation.tenantId` so the connector can route proactive sends
+   * to the correct Azure AD tenant. Missing it causes HTTP 403 on proactive
+   * (bot-initiated) messages.
+   */
+  tenantId?: string;
+  /**
+   * Azure AD object ID of the target user, forwarded on proactive sends so
+   * Bot Framework can resolve the personal DM recipient on the connector side.
+   */
+  aadObjectId?: string;
 };
 
 export type MSTeamsAdapter = {
@@ -60,9 +77,11 @@ export type MSTeamsAdapter = {
     res: unknown,
     logic: (context: unknown) => Promise<void>,
   ) => Promise<void>;
+  updateActivity: (context: unknown, activity: object) => Promise<void>;
+  deleteActivity: (context: unknown, reference: { activityId?: string }) => Promise<void>;
 };
 
-export type MSTeamsReplyRenderOptions = {
+type MSTeamsReplyRenderOptions = {
   textChunkLimit: number;
   chunkText?: boolean;
   mediaMode?: "split" | "inline";
@@ -79,13 +98,13 @@ export type MSTeamsRenderedMessage = {
   mediaUrl?: string;
 };
 
-export type MSTeamsSendRetryOptions = {
+type MSTeamsSendRetryOptions = {
   maxAttempts?: number;
   baseDelayMs?: number;
   maxDelayMs?: number;
 };
 
-export type MSTeamsSendRetryEvent = {
+type MSTeamsSendRetryEvent = {
   messageIndex: number;
   messageCount: number;
   nextAttempt: number;
@@ -113,18 +132,26 @@ export function buildConversationReference(
   if (!user?.id) {
     throw new Error("Invalid stored reference: missing user.id");
   }
+  // Bot Framework proactive sends require `tenantId` on the outbound activity
+  // so the connector routes to the correct Azure AD tenant; otherwise it rejects
+  // with HTTP 403. Prefer the explicit top-level `ref.tenantId` (captured from
+  // `channelData.tenant.id` inbound) and fall back to `conversation.tenantId`.
+  const tenantId = ref.tenantId ?? ref.conversation?.tenantId;
+  const aadObjectId = ref.aadObjectId ?? user.aadObjectId;
   return {
     activityId: ref.activityId,
-    user,
+    user: aadObjectId ? { ...user, aadObjectId } : user,
     agent,
     conversation: {
       id: normalizeConversationId(conversationId),
       conversationType: ref.conversation?.conversationType,
-      tenantId: ref.conversation?.tenantId,
+      tenantId,
     },
     channelId: ref.channelId ?? "msteams",
     serviceUrl: ref.serviceUrl,
     locale: ref.locale,
+    ...(tenantId ? { tenantId } : {}),
+    ...(aadObjectId ? { aadObjectId } : {}),
   };
 }
 
@@ -211,46 +238,44 @@ export function renderReplyPayloadsToMessages(
   const tableMode =
     options.tableMode ??
     getMSTeamsRuntime().channel.text.resolveMarkdownTableMode({
-      cfg: getMSTeamsRuntime().config.loadConfig(),
+      cfg: getMSTeamsRuntime().config.current() as OpenClawConfig,
       channel: "msteams",
     });
 
   for (const payload of replies) {
-    const mediaList = payload.mediaUrls ?? (payload.mediaUrl ? [payload.mediaUrl] : []);
-    const text = getMSTeamsRuntime().channel.text.convertMarkdownTables(
-      payload.text ?? "",
-      tableMode,
-    );
+    const reply = resolveSendableOutboundReplyParts(payload, {
+      text: getMSTeamsRuntime().channel.text.convertMarkdownTables(payload.text ?? "", tableMode),
+    });
 
-    if (!text && mediaList.length === 0) {
+    if (!reply.hasContent) {
       continue;
     }
 
-    if (mediaList.length === 0) {
-      pushTextMessages(out, text, { chunkText, chunkLimit, chunkMode });
+    if (!reply.hasMedia) {
+      pushTextMessages(out, reply.text, { chunkText, chunkLimit, chunkMode });
       continue;
     }
 
     if (mediaMode === "inline") {
       // For inline mode, combine text with first media as attachment
-      const firstMedia = mediaList[0];
+      const firstMedia = reply.mediaUrls[0];
       if (firstMedia) {
-        out.push({ text: text || undefined, mediaUrl: firstMedia });
+        out.push({ text: reply.text || undefined, mediaUrl: firstMedia });
         // Additional media URLs as separate messages
-        for (let i = 1; i < mediaList.length; i++) {
-          if (mediaList[i]) {
-            out.push({ mediaUrl: mediaList[i] });
+        for (let i = 1; i < reply.mediaUrls.length; i++) {
+          if (reply.mediaUrls[i]) {
+            out.push({ mediaUrl: reply.mediaUrls[i] });
           }
         }
       } else {
-        pushTextMessages(out, text, { chunkText, chunkLimit, chunkMode });
+        pushTextMessages(out, reply.text, { chunkText, chunkLimit, chunkMode });
       }
       continue;
     }
 
     // mediaMode === "split"
-    pushTextMessages(out, text, { chunkText, chunkLimit, chunkMode });
-    for (const mediaUrl of mediaList) {
+    pushTextMessages(out, reply.text, { chunkText, chunkLimit, chunkMode });
+    for (const mediaUrl of reply.mediaUrls) {
       if (!mediaUrl) {
         continue;
       }
@@ -261,24 +286,32 @@ export function renderReplyPayloadsToMessages(
   return out;
 }
 
-async function buildActivity(
+import { AI_GENERATED_ENTITY } from "./ai-entity.js";
+
+export async function buildActivity(
   msg: MSTeamsRenderedMessage,
   conversationRef: StoredConversationReference,
   tokenProvider?: MSTeamsAccessTokenProvider,
   sharePointSiteId?: string,
   mediaMaxBytes?: number,
+  options?: { feedbackLoopEnabled?: boolean },
 ): Promise<Record<string, unknown>> {
   const activity: Record<string, unknown> = { type: "message" };
 
+  // Mark as AI-generated so Teams renders the "AI generated" badge.
+  activity.channelData = {
+    feedbackLoopEnabled: options?.feedbackLoopEnabled ?? false,
+  };
+
   if (msg.text) {
     // Parse mentions from text (format: @[Name](id))
     const { text: formattedText, entities } = parseMentions(msg.text);
     activity.text = formattedText;
 
-    // Add mention entities if any mentions were found
-    if (entities.length > 0) {
-      activity.entities = entities;
-    }
+    // Start with mention entities (if any) + AI-generated entity
+    activity.entities = [...(entities.length > 0 ? entities : []), AI_GENERATED_ENTITY];
+  } else {
+    activity.entities = [AI_GENERATED_ENTITY];
   }
 
   if (msg.mediaUrl) {
@@ -294,7 +327,9 @@ async function buildActivity(
 
       // Determine conversation type and file type
       // Teams only accepts base64 data URLs for images
-      const conversationType = conversationRef.conversation?.conversationType?.toLowerCase();
+      const conversationType = normalizeOptionalLowercaseString(
+        conversationRef.conversation?.conversationType,
+      );
       const isPersonal = conversationType === "personal";
       const isImage = media.kind === "image";
 
@@ -308,20 +343,25 @@ async function buildActivity(
       ) {
         // Large file or non-image in personal chat: use FileConsentCard flow
         const conversationId = conversationRef.conversation?.id ?? "unknown";
-        const { activity: consentActivity } = prepareFileConsentActivity({
+        const { activity: consentActivity, uploadId } = prepareFileConsentActivity({
           media: { buffer: media.buffer, filename: fileName, contentType },
           conversationId,
           description: msg.text || undefined,
         });
 
+        // Tag the activity so the caller can store the activity ID after sending
+        consentActivity._pendingUploadId = uploadId;
+
         // Return the consent activity (caller sends it)
         return consentActivity;
       }
 
       if (!isPersonal && !isImage && tokenProvider && sharePointSiteId) {
         // Non-image in group chat/channel with SharePoint site configured:
-        // Upload to SharePoint and use native file card attachment
-        const chatId = conversationRef.conversation?.id;
+        // Upload to SharePoint and use native file card attachment.
+        // Use the cached Graph-native chat ID when available — Bot Framework conversation IDs
+        // for personal DMs use a format (e.g. `a:1xxx`) that Graph API rejects.
+        const chatId = conversationRef.graphChatId ?? conversationRef.conversation?.id;
 
         // Upload to SharePoint
         const uploaded = await uploadAndShareSharePoint({
@@ -396,6 +436,8 @@ export async function sendMSTeamsMessages(params: {
   sharePointSiteId?: string;
   /** Max media size in bytes. Default: 100MB. */
   mediaMaxBytes?: number;
+  /** Enable the Teams feedback loop (thumbs up/down) on sent messages. */
+  feedbackLoopEnabled?: boolean;
 }): Promise<string[]> {
   const messages = params.messages.filter(
     (m) => (m.text && m.text.trim().length > 0) || m.mediaUrl,
@@ -447,20 +489,40 @@ export async function sendMSTeamsMessages(params: {
     message: MSTeamsRenderedMessage,
     messageIndex: number,
   ): Promise<string> => {
+    let pendingUploadId: string | undefined;
     const response = await sendWithRetry(
-      async () =>
-        await ctx.sendActivity(
-          await buildActivity(
-            message,
-            params.conversationRef,
-            params.tokenProvider,
-            params.sharePointSiteId,
-            params.mediaMaxBytes,
-          ),
-        ),
-      { messageIndex, messageCount: messages.length },
+      async () => {
+        const activity = await buildActivity(
+          message,
+          params.conversationRef,
+          params.tokenProvider,
+          params.sharePointSiteId,
+          params.mediaMaxBytes,
+          { feedbackLoopEnabled: params.feedbackLoopEnabled },
+        );
+
+        // Extract and strip the internal-only pending upload tag before sending.
+        pendingUploadId =
+          typeof activity._pendingUploadId === "string" ? activity._pendingUploadId : undefined;
+        if (pendingUploadId) {
+          delete activity._pendingUploadId;
+        }
+
+        return await ctx.sendActivity(activity);
+      },
+      {
+        messageIndex,
+        messageCount: messages.length,
+      },
     );
-    return extractMessageId(response) ?? "unknown";
+    const messageId = extractMessageId(response) ?? "unknown";
+
+    // Store the activity ID so the accept handler can replace the consent card in-place
+    if (pendingUploadId && messageId !== "unknown") {
+      setPendingUploadActivityId(pendingUploadId, messageId);
+    }
+
+    return messageId;
   };
 
   const sendMessageBatchInContext = async (
@@ -478,11 +540,21 @@ export async function sendMSTeamsMessages(params: {
   const sendProactively = async (
     batch: MSTeamsRenderedMessage[],
     startIndex: number,
+    threadActivityId?: string,
   ): Promise<string[]> => {
     const baseRef = buildConversationReference(params.conversationRef);
+    const isChannel = params.conversationRef.conversation?.conversationType === "channel";
+    // For Teams channels, reconstruct the threaded conversation ID so the
+    // proactive message lands in the correct thread instead of creating a
+    // new top-level post in the channel.
+    const conversationId =
+      isChannel && threadActivityId
+        ? `${baseRef.conversation.id};messageid=${threadActivityId}`
+        : baseRef.conversation.id;
     const proactiveRef: MSTeamsConversationReference = {
       ...baseRef,
       activityId: undefined,
+      conversation: { ...baseRef.conversation, id: conversationId },
     };
 
     const messageIds: string[] = [];
@@ -492,6 +564,11 @@ export async function sendMSTeamsMessages(params: {
     return messageIds;
   };
 
+  // Resolve the thread root message ID for channel thread routing.
+  // `threadId` is the canonical thread root (set on inbound for channel threads);
+  // fall back to `activityId` for backward compatibility with older stored refs.
+  const resolvedThreadId = params.conversationRef.threadId ?? params.conversationRef.activityId;
+
   if (params.replyStyle === "thread") {
     const ctx = params.context;
     if (!ctx) {
@@ -505,9 +582,13 @@ export async function sendMSTeamsMessages(params: {
           fellBack: false,
         }),
         onRevoked: async () => {
+          // When the live turn context is revoked (e.g. debounced messages),
+          // reconstruct the threaded conversation ID so the proactive
+          // fallback delivers the reply into the correct channel thread.
           const remaining = messages.slice(idx);
           return {
-            ids: remaining.length > 0 ? await sendProactively(remaining, idx) : [],
+            ids:
+              remaining.length > 0 ? await sendProactively(remaining, idx, resolvedThreadId) : [],
             fellBack: true,
           };
         },

package/src/monitor-handler/access.ts

@@ -0,0 +1,125 @@
+import { normalizeOptionalLowercaseString } from "openclaw/plugin-sdk/text-runtime";
+import {
+  DEFAULT_ACCOUNT_ID,
+  createChannelPairingController,
+  evaluateSenderGroupAccessForPolicy,
+  isDangerousNameMatchingEnabled,
+  readStoreAllowFromForDmPolicy,
+  resolveDefaultGroupPolicy,
+  resolveDmGroupAccessWithLists,
+  resolveEffectiveAllowFromLists,
+  resolveSenderScopedGroupPolicy,
+  type OpenClawConfig,
+} from "../../runtime-api.js";
+import { normalizeMSTeamsConversationId } from "../inbound.js";
+import { resolveMSTeamsAllowlistMatch, resolveMSTeamsRouteConfig } from "../policy.js";
+import { getMSTeamsRuntime } from "../runtime.js";
+import type { MSTeamsTurnContext } from "../sdk-types.js";
+
+export async function resolveMSTeamsSenderAccess(params: {
+  cfg: OpenClawConfig;
+  activity: MSTeamsTurnContext["activity"];
+}) {
+  const activity = params.activity;
+  const msteamsCfg = params.cfg.channels?.msteams;
+  const conversationId = normalizeMSTeamsConversationId(activity.conversation?.id ?? "unknown");
+  const convType = normalizeOptionalLowercaseString(activity.conversation?.conversationType);
+  const isDirectMessage = convType === "personal" || (!convType && !activity.conversation?.isGroup);
+  const senderId = activity.from?.aadObjectId ?? activity.from?.id ?? "unknown";
+  const senderName = activity.from?.name ?? activity.from?.id ?? senderId;
+
+  const core = getMSTeamsRuntime();
+  const pairing = createChannelPairingController({
+    core,
+    channel: "msteams",
+    accountId: DEFAULT_ACCOUNT_ID,
+  });
+  const dmPolicy = msteamsCfg?.dmPolicy ?? "pairing";
+  const storedAllowFrom = await readStoreAllowFromForDmPolicy({
+    provider: "msteams",
+    accountId: pairing.accountId,
+    dmPolicy,
+    readStore: pairing.readStoreForDmPolicy,
+  });
+  const configuredDmAllowFrom = msteamsCfg?.allowFrom ?? [];
+  const groupAllowFrom = msteamsCfg?.groupAllowFrom;
+  const resolvedAllowFromLists = resolveEffectiveAllowFromLists({
+    allowFrom: configuredDmAllowFrom,
+    groupAllowFrom,
+    storeAllowFrom: storedAllowFrom,
+    dmPolicy,
+  });
+  const defaultGroupPolicy = resolveDefaultGroupPolicy(params.cfg);
+  const groupPolicy =
+    !isDirectMessage && msteamsCfg
+      ? (msteamsCfg.groupPolicy ?? defaultGroupPolicy ?? "allowlist")
+      : "disabled";
+  const effectiveGroupAllowFrom = resolvedAllowFromLists.effectiveGroupAllowFrom;
+  const allowNameMatching = isDangerousNameMatchingEnabled(msteamsCfg);
+  const channelGate = resolveMSTeamsRouteConfig({
+    cfg: msteamsCfg,
+    teamId: activity.channelData?.team?.id,
+    teamName: activity.channelData?.team?.name,
+    conversationId,
+    channelName: activity.channelData?.channel?.name,
+    allowNameMatching,
+  });
+
+  // When a route-level (team/channel) allowlist is configured but the sender allowlist is
+  // empty, resolveSenderScopedGroupPolicy would otherwise downgrade the policy to "open",
+  // allowing any sender. To close this bypass (GHSA-g7cr-9h7q-4qxq), treat an empty sender
+  // allowlist as deny-all whenever the route allowlist is active.
+  const senderGroupPolicy =
+    channelGate.allowlistConfigured && effectiveGroupAllowFrom.length === 0
+      ? groupPolicy
+      : resolveSenderScopedGroupPolicy({
+          groupPolicy,
+          groupAllowFrom: effectiveGroupAllowFrom,
+        });
+  const access = resolveDmGroupAccessWithLists({
+    isGroup: !isDirectMessage,
+    dmPolicy,
+    groupPolicy: senderGroupPolicy,
+    allowFrom: configuredDmAllowFrom,
+    groupAllowFrom,
+    storeAllowFrom: storedAllowFrom,
+    groupAllowFromFallbackToAllowFrom: false,
+    isSenderAllowed: (allowFrom) =>
+      resolveMSTeamsAllowlistMatch({
+        allowFrom,
+        senderId,
+        senderName,
+        allowNameMatching,
+      }).allowed,
+  });
+  const senderGroupAccess = evaluateSenderGroupAccessForPolicy({
+    groupPolicy,
+    groupAllowFrom: effectiveGroupAllowFrom,
+    senderId,
+    isSenderAllowed: (_senderId, allowFrom) =>
+      resolveMSTeamsAllowlistMatch({
+        allowFrom,
+        senderId,
+        senderName,
+        allowNameMatching,
+      }).allowed,
+  });
+
+  return {
+    msteamsCfg,
+    pairing,
+    isDirectMessage,
+    conversationId,
+    senderId,
+    senderName,
+    dmPolicy,
+    channelGate,
+    access,
+    senderGroupAccess,
+    configuredDmAllowFrom,
+    effectiveDmAllowFrom: access.effectiveAllowFrom,
+    effectiveGroupAllowFrom,
+    allowNameMatching,
+    groupPolicy,
+  };
+}