|
26 | 26 |
|
27 | 27 | from .begin_skill_dialog_options import BeginSkillDialogOptions |
28 | 28 | from .skill_dialog_options import SkillDialogOptions |
| 29 | +from botbuilder.dialogs.prompts import OAuthPromptSettings |
| 30 | +from .._user_token_access import _UserTokenAccess |
29 | 31 |
|
30 | 32 |
|
31 | 33 | class SkillDialog(Dialog): |
@@ -275,50 +277,55 @@ async def _intercept_oauth_cards( |
275 | 277 | """ |
276 | 278 | Tells is if we should intercept the OAuthCard message. |
277 | 279 | """ |
278 | | - if not connection_name or not isinstance( |
279 | | - context.adapter, ExtendedUserTokenProvider |
280 | | - ): |
| 280 | + if not connection_name or connection_name.isspace(): |
281 | 281 | # The adapter may choose not to support token exchange, in which case we fallback to |
282 | 282 | # showing an oauth card to the user. |
283 | 283 | return False |
284 | 284 |
|
285 | 285 | oauth_card_attachment = next( |
286 | | - attachment |
287 | | - for attachment in activity.attachments |
288 | | - if attachment.content_type == ContentTypes.oauth_card |
| 286 | + ( |
| 287 | + attachment |
| 288 | + for attachment in activity.attachments |
| 289 | + if attachment.content_type == ContentTypes.oauth_card |
| 290 | + ), |
| 291 | + None, |
289 | 292 | ) |
290 | | - if oauth_card_attachment: |
291 | | - oauth_card = oauth_card_attachment.content |
292 | | - if ( |
293 | | - oauth_card |
294 | | - and oauth_card.token_exchange_resource |
295 | | - and oauth_card.token_exchange_resource.uri |
296 | | - ): |
297 | | - try: |
298 | | - result = await context.adapter.exchange_token( |
299 | | - turn_context=context, |
300 | | - connection_name=connection_name, |
301 | | - user_id=context.activity.from_property.id, |
302 | | - exchange_request=TokenExchangeRequest( |
303 | | - uri=oauth_card.token_exchange_resource.uri |
304 | | - ), |
305 | | - ) |
| 293 | + if oauth_card_attachment is None: |
| 294 | + return False |
306 | 295 |
|
307 | | - if result and result.token: |
308 | | - # If token above is null, then SSO has failed and hence we return false. |
309 | | - # If not, send an invoke to the skill with the token. |
310 | | - return await self._send_token_exchange_invoke_to_skill( |
311 | | - activity, |
312 | | - oauth_card.token_exchange_resource.id, |
313 | | - oauth_card.connection_name, |
314 | | - result.token, |
315 | | - ) |
316 | | - except: |
317 | | - # Failures in token exchange are not fatal. They simply mean that the user needs |
318 | | - # to be shown the OAuth card. |
319 | | - return False |
320 | | - |
321 | | - return False |
| 296 | + oauth_card = oauth_card_attachment.content |
| 297 | + if ( |
| 298 | + not oauth_card |
| 299 | + or not oauth_card.token_exchange_resource |
| 300 | + or not oauth_card.token_exchange_resource.uri |
| 301 | + ): |
| 302 | + return False |
| 303 | + |
| 304 | + try: |
| 305 | + settings = OAuthPromptSettings( |
| 306 | + connection_name=connection_name, title="Sign In" |
| 307 | + ) |
| 308 | + result = await _UserTokenAccess.exchange_token( |
| 309 | + context, |
| 310 | + settings, |
| 311 | + TokenExchangeRequest(uri=oauth_card.token_exchange_resource.uri), |
| 312 | + ) |
| 313 | + |
| 314 | + if not result or not result.token: |
| 315 | + # If token above is null, then SSO has failed and hence we return false. |
| 316 | + return False |
| 317 | + |
| 318 | + # If not, send an invoke to the skill with the token. |
| 319 | + return await self._send_token_exchange_invoke_to_skill( |
| 320 | + activity, |
| 321 | + oauth_card.token_exchange_resource.id, |
| 322 | + oauth_card.connection_name, |
| 323 | + result.token, |
| 324 | + ) |
| 325 | + except: |
| 326 | + # Failures in token exchange are not fatal. They simply mean that the user needs |
| 327 | + # to be shown the OAuth card. |
| 328 | + return False |
322 | 329 |
|
323 | 330 | async def _send_token_exchange_invoke_to_skill( |
324 | 331 | self, |
|
0 commit comments