Reputation: 1434
Get refresh tokens of Microsoft Graph API with OAuthPrompt
I'm creating a MS Teams bot which periodically checks the users' Outlook calendar by background threads spawned after the user logs in via OAuthPrompt.
To implement the feature, it seems that I have to configure an OAuth connection setting and an app registration supporting offline_access. Then, get a refresh token when getting an access token, according to Get access on behalf of a user.
But as long as I tried the example bot, the result of OAuthPrompt doesn't contain a refresh token. And I couldn't find the documented way to get it.
How can I achieve the goal? Do I need some hack on OAuthPrompt or some related classes? Do I have to build cards from scratch?
Upvotes: 2
Views: 1073
Answers (5)
Reputation: 141
In my case, I needed the refresh_token to get access tokens for other Microsoft resources like Exchange, the solution was to use
const tokenResponses = await context.adapter.getAadTokens(context, this.connectionName, [
"https://outlook.office365.com",
"https://graph.microsoft.com",
]);
Upvotes: 0
Reputation: 1434
Another idea has flashed into my mind while writing this comment: running a dialog including OAuthPrompt in a TurnContext made with a ConversationRefrence, which is saved and passed to the background thread, may work. (But I have no time and no motive to try!)
Upvotes: 0
Reputation: 163
alwaysPrompt flag should be false. Then OAuth prompt will get refresh tokens silently without prompting login card. Please refer the answer on github about this isse.
Bot composer OAuth refresh token
Upvotes: 0
Reputation: 1434
I concluded that we can't get refresh_token with OAuthPrompt from investigation. So I made up with a different way to achieve the goal.
The key idea is creating a tiny web app just for the "Sign in with Microsoft account" feature, which can easily get refresh_token as ordinary web apps.
Here is the example app: https://github.com/igrep/example-teams-bot-with-ms-account-refresh-token
Upvotes: 2
Reputation: 1854
The sample which you are using is for most of the channels, but Teams behaves differently. An Invoke Activity is sent to the bot rather than the Event Activity used by other channels. This Invoke Activity must be forwarded to the dialog if the OAuthPrompt is being used.
- Refer to this documentation for adding authentication to your MS Teams bot, which makes use of Teams-auth sample.
- For a better understanding of how OAuth works in MS Teams, you can refer to this documentation which explains the authentication flow.
Hope this helps!!
Upvotes: 1
Related Questions
- Microsoft Graph API not returning refresh token
- Refresh Token with Microsoft Graph claims it is expired even when being used
- Not getting a refresh token https://login.microsoftonline.com/common/oauth2/v2.0/token
- To get refreshtoken, accesstoken in Microsoft Graph API
- Get an access token for a bot with Microsoft Teams for use with graph API
- Microsoft Graph API - not receiving refresh token
- How to refresh a token for Microsoft Graph
- Adding MS Graph API Oauth in Azure Bot Services using REST API
- Re-Generate Access Token From Refresh Token
- OAuth refresh token from Azure Bot Service