UNPKG

@microsoft/teams-ai

Version:

SDK focused on building AI based applications for Microsoft Teams.

93 lines 4.09 kB
"use strict"; // Copyright (c) Microsoft Corporation. // Licensed under the MIT License. Object.defineProperty(exports, "__esModule", { value: true }); exports.TeamsSsoMessageExtensionAuthentication = void 0; const MessageExtensionAuthenticationBase_1 = require("./MessageExtensionAuthenticationBase"); const MessageExtensions_1 = require("../MessageExtensions"); /** * @internal * * Handles authentication for Teams Message Extension using Single Sign-On (SSO). */ class TeamsSsoMessageExtensionAuthentication extends MessageExtensionAuthenticationBase_1.MessageExtensionAuthenticationBase { settings; msal; /** * Creates a new instance of TeamsSsoMessageExtensionAuthentication. * @param {TeamsSsoSettings} settings The Teams SSO settings. * @param {ConfidentialClientApplication} msal The MSAL (Microsoft Authentication Library) instance. */ constructor(settings, msal) { super(); this.settings = settings; this.msal = msal; } /** * Checks if the activity is a valid Message Extension activity that supports SSO * @param {TurnContext} context The turn context. * @returns {boolean} A boolean indicating if the activity is valid. */ isValidActivity(context) { // Currently only search based message extensions has SSO return super.isValidActivity(context) && context.activity.name == MessageExtensions_1.MessageExtensionsInvokeNames.QUERY_INVOKE; } /** * Handles the SSO token exchange. * @param {TurnContext} context The turn context. * @returns {Promise<TokenResponse | undefined>} A promise that resolves to the token response or undefined if token exchange failed. */ async handleSsoTokenExchange(context) { const tokenExchangeRequest = context.activity.value.authentication; if (!tokenExchangeRequest || !tokenExchangeRequest.token) { return; } const result = await this.msal.acquireTokenOnBehalfOf({ oboAssertion: tokenExchangeRequest.token, // The parent class ensures that this is not undefined scopes: this.settings.scopes }); if (result) { return { connectionName: '', token: result.accessToken, expiration: result.expiresOn?.toISOString() ?? '' }; } return undefined; } /** * Handles the signin/verifyState activity. * @param {TurnContext} context The turn context. * @param {string} magicCode The magic code from sign-in. * @returns {Promise<TokenResponse|undefined>} A promise that resolves to undefined. The parent class will trigger silentAuth again. */ async handleUserSignIn(context, magicCode) { return undefined; // Let parent class trigger silentAuth again } /** * Gets the sign-in link for the user. * @param {TurnContext} context The turn context. * @returns {Promise<string>} A promise that resolves to the sign-in link. */ async getSignInLink(context) { const clientId = this.settings.msalConfig.auth.clientId; const scope = encodeURI(this.settings.scopes.join(' ')); const authority = this.settings.msalConfig.auth.authority ?? 'https://login.microsoftonline.com/common/'; const tenantId = authority.match(/https:\/\/[^\/]+\/([^\/]+)\/?/)?.[1]; const signInLink = `${this.settings.signInLink}?scope=${scope}&clientId=${clientId}&tenantId=${tenantId}`; return signInLink; } /** * Should sign in using SSO flow. * @param {TurnContext} context - The turn context. * @returns {boolean} - A boolean indicating if the sign-in should use SSO flow. */ isSsoSignIn(context) { if (context.activity.name === MessageExtensions_1.MessageExtensionsInvokeNames.QUERY_INVOKE) { return true; } return false; } } exports.TeamsSsoMessageExtensionAuthentication = TeamsSsoMessageExtensionAuthentication; //# sourceMappingURL=TeamsSsoMessageExtensionAuthentication.js.map