Skip to content

Thread BotRequestContext through Apps API clients and OAuth flows#589

Open
heyitsaamir wants to merge 10 commits into
heyitsaamir-agentic-identity-defaultsfrom
heyitsaamir-usertoken-agentic-defaults
Open

Thread BotRequestContext through Apps API clients and OAuth flows#589
heyitsaamir wants to merge 10 commits into
heyitsaamir-agentic-identity-defaultsfrom
heyitsaamir-usertoken-agentic-defaults

Conversation

@heyitsaamir

@heyitsaamir heyitsaamir commented Jul 3, 2026

Copy link
Copy Markdown
Collaborator

Summary

Stacked on #587. Where #587 fixes the low-level inbound identity (recipient agentic identity + bot app ID), this PR threads that per-request auth context (BotRequestContext) up through the higher-level Apps API surface so callers can scope or override it.

  • UserTokenClient (core): add BotRequestContext? overloads for every operation (token status, get token, sign-in URL/resource, exchange, sign out, AAD tokens), keeping the existing AgenticIdentity? overloads as convenience wrappers. Request options now carry the passed request context directly.
  • ApiClient: store a default BotRequestContext? and split scoping concerns:
    • ForServiceUrl(Uri) now only rebinds the service URL (no request-context parameter).
    • ForRequestContext(BotRequestContext?) scopes/merges the default request context.
    • ForActivity(TeamsActivity) scopes to an inbound activity (service URL + BotRequestContext.FromInboundActivity).
  • Sub-clients (Conversation, Activity, Meeting, Member, Reaction, Team, UserToken) accept and forward the scoped default request context, with request-context override overloads on the non-targeted activity/conversation APIs.
  • Context.Api now uses ApiClient.ForActivity(Activity) so the inbound request context flows automatically.
  • OAuthFlow forwards the inbound request context to the underlying user-token calls.

Open question

Should the public APIs accept BotRequestContext directly instead of AgenticIdentity, even though replacing the existing AgenticIdentity parameters would be a breaking change? BotRequestContext is the newer abstraction and carries both agentic identity and bot app ID, but keeping the AgenticIdentity overloads is less disruptive.

Validation

  • dotnet test core/test/Microsoft.Teams.Core.UnitTests/Microsoft.Teams.Core.UnitTests.csproj --verbosity minimal
  • dotnet test core/test/Microsoft.Teams.Apps.UnitTests/Microsoft.Teams.Apps.UnitTests.csproj --verbosity minimal
  • dotnet build core/test/IntegrationTests/IntegrationTests.csproj --verbosity minimal

heyitsaamir and others added 10 commits July 2, 2026 16:55
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@heyitsaamir heyitsaamir requested a review from MehakBindra July 3, 2026 01:14
@heyitsaamir heyitsaamir changed the title Add user token agentic identity defaults Thread BotRequestContext through Apps API clients and OAuth flows Jul 3, 2026
@heyitsaamir heyitsaamir requested a review from Copilot July 3, 2026 01:17
@heyitsaamir heyitsaamir requested a review from singhk97 July 3, 2026 01:17

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR propagates BotRequestContext (agentic identity + bot app id) from inbound activities through the Microsoft.Teams.Apps API surface down into core UserTokenClient and OAuth flows, enabling per-request authentication scoping/overrides without relying on ambient state.

Changes:

  • Add BotRequestContext? overloads across Microsoft.Teams.Core.UserTokenClient operations and stamp the request context into BotRequestOptions.
  • Extend ApiClient with default request-context scoping (ForRequestContext, ForActivity) and thread that context through Apps sub-clients.
  • Update OAuth flow and tests/integration tests to use the new request-context threading and revised method signatures.

Reviewed changes

Copilot reviewed 18 out of 18 changed files in this pull request and generated no comments.

Show a summary per file
File Description
core/src/Microsoft.Teams.Core/UserTokenClient.cs Adds BotRequestContext? overloads and passes request context into request options for token/sign-in operations.
core/src/Microsoft.Teams.Apps/Api/Clients/ApiClient.cs Introduces default request context on ApiClient and adds ForRequestContext / ForActivity scoping.
core/src/Microsoft.Teams.Apps/Api/Clients/ConversationApiClient.cs Threads a scoped default request context into conversation sub-clients and adds a BotRequestContext? create overload.
core/src/Microsoft.Teams.Apps/Api/Clients/ActivityClient.cs Adds request-context override overloads for non-targeted activity create/update/reply and merges scoped context into calls.
core/src/Microsoft.Teams.Apps/Api/Clients/MemberClient.cs Threads scoped request context into member operations by merging with per-call agentic identity.
core/src/Microsoft.Teams.Apps/Api/Clients/ReactionClient.cs Threads scoped request context into reaction operations by merging with per-call agentic identity.
core/src/Microsoft.Teams.Apps/Api/Clients/TeamClient.cs Stores scoped default request context and merges it into per-call options.
core/src/Microsoft.Teams.Apps/Api/Clients/MeetingClient.cs Stores scoped default request context and merges it into per-call options.
core/src/Microsoft.Teams.Apps/Api/Clients/UserTokenApiClient.cs Stores scoped default request context and merges it with per-call agentic identity for user-token calls.
core/src/Microsoft.Teams.Apps/OAuth/OAuthFlow.cs Derives inbound BotRequestContext from the activity and forwards it to underlying user-token calls.
core/src/Microsoft.Teams.Apps/Context.cs Switches Context.Api to scope via ApiClient.ForActivity(Activity) to flow inbound request context automatically.
core/src/Microsoft.Teams.Apps/Schema/TeamsChannelAccount.cs Preserves BotId when converting from ChannelAccount.
core/test/Microsoft.Teams.Core.UnitTests/UserTokenClientTests.cs Adds a unit test validating that agentic identity is stamped into HttpRequestMessage.Options.
core/test/Microsoft.Teams.Apps.UnitTests/OAuthFlowTests.cs Updates mocks to match new user-token client signatures that accept BotRequestContext?.
core/test/Microsoft.Teams.Apps.UnitTests/OAuthFlowTelemetryTests.cs Updates telemetry tests’ mocks for the new BotRequestContext? signatures.
core/test/Microsoft.Teams.Apps.UnitTests/ApiClientAgenticIdentityTests.cs Adds coverage for context-scoped user-token calls and BotId preservation.
core/test/IntegrationTests/IntegrationTestFixture.cs Scopes integration ApiClient with request context derived from fixture AgenticIdentity.
core/test/IntegrationTests/ApiClientTests.cs Removes skips for user-token scenarios now that agentic identity/request context is supported.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants