import { describe, expect, it, vi } from "vitest"; import type { OpenClawConfig, PluginRuntime, RuntimeEnv } from "../../runtime-api.js"; import type { MSTeamsConversationStore } from "../conversation-store.js"; import type { GraphThreadMessage } from "../graph-thread.js"; import type { MSTeamsMessageHandlerDeps } from "../monitor-handler.js"; import { setMSTeamsRuntime } from "../runtime.js"; import { _resetThreadParentContextCachesForTest } from "../thread-parent-context.js"; import { createMSTeamsMessageHandler } from "./message-handler.js"; type HandlerInput = Parameters>[0]; type TestThreadUser = { id?: string; displayName: string; }; type TestAttachment = { contentType: string; content: string; }; const runtimeApiMockState = vi.hoisted(() => ({ dispatchReplyFromConfigWithSettledDispatcher: vi.fn(async (params: { ctxPayload: unknown }) => ({ queuedFinal: false, counts: {}, capturedCtxPayload: params.ctxPayload, })), })); const graphThreadMockState = vi.hoisted(() => ({ resolveTeamGroupId: vi.fn(async () => "group-1"), fetchChannelMessage: vi.fn< ( token: string, groupId: string, channelId: string, messageId: string, ) => Promise >(async () => undefined), fetchThreadReplies: vi.fn< ( token: string, groupId: string, channelId: string, messageId: string, limit?: number, ) => Promise >(async () => []), })); vi.mock("../../runtime-api.js", async () => { const actual = await vi.importActual("../../runtime-api.js"); return { ...actual, dispatchReplyFromConfigWithSettledDispatcher: runtimeApiMockState.dispatchReplyFromConfigWithSettledDispatcher, }; }); vi.mock("../graph-thread.js", async () => { const actual = await vi.importActual("../graph-thread.js"); return { ...actual, resolveTeamGroupId: graphThreadMockState.resolveTeamGroupId, fetchChannelMessage: graphThreadMockState.fetchChannelMessage, fetchThreadReplies: graphThreadMockState.fetchThreadReplies, }; }); vi.mock("../reply-dispatcher.js", () => ({ createMSTeamsReplyDispatcher: () => ({ dispatcher: {}, replyOptions: {}, markDispatchIdle: vi.fn(), }), })); describe("msteams monitor handler authz", () => { function createDeps(cfg: OpenClawConfig) { const readAllowFromStore = vi.fn(async () => ["attacker-aad"]); const upsertPairingRequest = vi.fn(async () => null); const recordInboundSession = vi.fn(async () => undefined); setMSTeamsRuntime({ logging: { shouldLogVerbose: () => false }, system: { enqueueSystemEvent: vi.fn() }, channel: { debounce: { resolveInboundDebounceMs: () => 0, createInboundDebouncer: (params: { onFlush: (entries: T[]) => Promise; }): { enqueue: (entry: T) => Promise } => ({ enqueue: async (entry: T) => { await params.onFlush([entry]); }, }), }, pairing: { readAllowFromStore, upsertPairingRequest, }, text: { hasControlCommand: () => false, }, routing: { resolveAgentRoute: ({ peer }: { peer: { kind: string; id: string } }) => ({ sessionKey: `msteams:${peer.kind}:${peer.id}`, agentId: "default", accountId: "default", }), }, reply: { formatAgentEnvelope: ({ body }: { body: string }) => body, finalizeInboundContext: >(ctx: T) => ctx, }, session: { recordInboundSession, }, }, } as unknown as PluginRuntime); const conversationStore = { get: vi.fn(async () => null), upsert: vi.fn(async () => undefined), list: vi.fn(async () => []), remove: vi.fn(async () => false), findPreferredDmByUserId: vi.fn(async () => null), findByUserId: vi.fn(async () => null), } satisfies MSTeamsConversationStore; const deps: MSTeamsMessageHandlerDeps = { cfg, runtime: { error: vi.fn() } as unknown as RuntimeEnv, appId: "test-app", adapter: {} as MSTeamsMessageHandlerDeps["adapter"], tokenProvider: { getAccessToken: vi.fn(async () => "token"), }, textLimit: 4000, mediaMaxBytes: 1024 * 1024, conversationStore, pollStore: { recordVote: vi.fn(async () => null), } as unknown as MSTeamsMessageHandlerDeps["pollStore"], log: { info: vi.fn(), debug: vi.fn(), error: vi.fn(), } as unknown as MSTeamsMessageHandlerDeps["log"], }; return { conversationStore, deps, readAllowFromStore, upsertPairingRequest, recordInboundSession, }; } function resetThreadMocks() { runtimeApiMockState.dispatchReplyFromConfigWithSettledDispatcher.mockClear(); graphThreadMockState.resolveTeamGroupId.mockClear(); graphThreadMockState.fetchChannelMessage.mockReset(); graphThreadMockState.fetchThreadReplies.mockReset(); // Parent-context LRU + per-session dedupe are module-level; clear between // cases so stale parent fetches from earlier tests don't bleed in. _resetThreadParentContextCachesForTest(); } function createThreadMessage(params: { id: string; user: TestThreadUser; content: string; }): GraphThreadMessage { return { id: params.id, from: { user: params.user }, body: { content: params.content, contentType: "text", }, }; } function mockThreadContext(params: { parent: GraphThreadMessage; replies?: GraphThreadMessage[]; }) { resetThreadMocks(); graphThreadMockState.fetchChannelMessage.mockResolvedValue(params.parent); graphThreadMockState.fetchThreadReplies.mockResolvedValue(params.replies ?? []); } function createThreadAllowlistConfig(params: { groupAllowFrom: string[]; dangerouslyAllowNameMatching?: boolean; }): OpenClawConfig { return { channels: { msteams: { groupPolicy: "allowlist", groupAllowFrom: params.groupAllowFrom, contextVisibility: "allowlist", requireMention: false, ...(params.dangerouslyAllowNameMatching ? { dangerouslyAllowNameMatching: true } : {}), teams: { team123: { channels: { "19:channel@thread.tacv2": { requireMention: false }, }, }, }, }, }, } as OpenClawConfig; } function createMessageActivity(params: { id: string; text: string; conversation: { id: string; conversationType: "personal" | "groupChat" | "channel"; tenantId?: string; }; from: { id: string; aadObjectId: string; name: string; }; channelData?: Record; attachments?: TestAttachment[]; extraActivity?: Record; }): HandlerInput { return { activity: { id: params.id, type: "message", text: params.text, from: params.from, recipient: { id: "bot-id", name: "Bot", }, conversation: params.conversation, channelData: params.channelData ?? {}, attachments: params.attachments ?? [], ...params.extraActivity, }, sendActivity: vi.fn(async () => undefined), } as unknown as HandlerInput; } function createAttackerGroupActivity(params?: { text?: string; channelData?: Record; }): HandlerInput { return createMessageActivity({ id: "msg-1", text: params?.text ?? "hello", from: { id: "attacker-id", aadObjectId: "attacker-aad", name: "Attacker", }, conversation: { id: "19:group@thread.tacv2", conversationType: "groupChat", }, channelData: params?.channelData, }); } function createAttackerPersonalActivity(id: string): HandlerInput { return createMessageActivity({ id, text: "hello", from: { id: "attacker-id", aadObjectId: "attacker-aad", name: "Attacker", }, conversation: { id: "a:personal-chat", conversationType: "personal", }, }); } function createChannelThreadActivity(params?: { attachments?: TestAttachment[] }): HandlerInput { return createMessageActivity({ id: "current-msg", text: "Current message", from: { id: "alice-botframework-id", aadObjectId: "alice-aad", name: "Alice", }, conversation: { id: "19:channel@thread.tacv2", conversationType: "channel", }, channelData: { team: { id: "team123", name: "Team 123" }, channel: { name: "General" }, }, extraActivity: { replyToId: "parent-msg" }, attachments: params?.attachments ?? [], }); } function createQuoteAttachment(): TestAttachment { return { contentType: "text/html", content: '
Alice

Quoted body

', }; } async function dispatchQuoteContextWithParent(parent: GraphThreadMessage) { mockThreadContext({ parent }); const { deps } = createDeps(createThreadAllowlistConfig({ groupAllowFrom: ["alice-aad"] })); const handler = createMSTeamsMessageHandler(deps); await handler(createChannelThreadActivity({ attachments: [createQuoteAttachment()] })); return runtimeApiMockState.dispatchReplyFromConfigWithSettledDispatcher.mock.calls[0]?.[0] ?.ctxPayload; } it("does not treat DM pairing-store entries as group allowlist entries", async () => { const { conversationStore, deps, readAllowFromStore } = createDeps({ channels: { msteams: { dmPolicy: "pairing", allowFrom: [], groupPolicy: "allowlist", groupAllowFrom: [], }, }, } as OpenClawConfig); const handler = createMSTeamsMessageHandler(deps); await handler(createAttackerGroupActivity({ text: "" })); expect(readAllowFromStore).toHaveBeenCalledWith({ channel: "msteams", accountId: "default", }); expect(conversationStore.upsert).not.toHaveBeenCalled(); }); it("does not widen sender auth when only a teams route allowlist is configured", async () => { const { conversationStore, deps } = createDeps({ channels: { msteams: { dmPolicy: "pairing", allowFrom: [], groupPolicy: "allowlist", groupAllowFrom: [], teams: { team123: { channels: { "19:group@thread.tacv2": { requireMention: false }, }, }, }, }, }, } as OpenClawConfig); const handler = createMSTeamsMessageHandler(deps); await handler( createAttackerGroupActivity({ channelData: { team: { id: "team123", name: "Team 123" }, channel: { name: "General" }, }, }), ); expect(conversationStore.upsert).not.toHaveBeenCalled(); }); it("keeps the DM pairing path wired through shared access resolution", async () => { const { conversationStore, deps, upsertPairingRequest, recordInboundSession } = createDeps({ channels: { msteams: { dmPolicy: "pairing", allowFrom: [], }, }, } as OpenClawConfig); const handler = createMSTeamsMessageHandler(deps); await handler({ activity: { id: "msg-pairing", type: "message", text: "hello", from: { id: "new-user-id", aadObjectId: "new-user-aad", name: "New User", }, recipient: { id: "bot-id", name: "Bot", }, conversation: { id: "a:personal-chat", conversationType: "personal", tenantId: "tenant-1", }, channelId: "msteams", serviceUrl: "https://smba.trafficmanager.net/amer/", locale: "en-US", channelData: {}, entities: [ { type: "clientInfo", timezone: "America/New_York", }, ], attachments: [], }, sendActivity: vi.fn(async () => undefined), } as unknown as Parameters[0]); expect(upsertPairingRequest).toHaveBeenCalledWith({ channel: "msteams", accountId: "default", id: "new-user-aad", meta: { name: "New User" }, }); expect(conversationStore.upsert).toHaveBeenCalledWith("a:personal-chat", { activityId: "msg-pairing", user: { id: "new-user-id", aadObjectId: "new-user-aad", name: "New User", }, agent: { id: "bot-id", name: "Bot", }, bot: { id: "bot-id", name: "Bot", }, conversation: { id: "a:personal-chat", conversationType: "personal", tenantId: "tenant-1", }, tenantId: "tenant-1", aadObjectId: "new-user-aad", channelId: "msteams", serviceUrl: "https://smba.trafficmanager.net/amer/", locale: "en-US", timezone: "America/New_York", }); expect(recordInboundSession).not.toHaveBeenCalled(); expect(runtimeApiMockState.dispatchReplyFromConfigWithSettledDispatcher).not.toHaveBeenCalled(); }); // Regression coverage for #58774: proactive sends fail with HTTP 403 when // inbound code drops tenantId/aadObjectId. Capture must prefer the canonical // `channelData.tenant.id` source and expose top-level fields on the stored ref. it("captures tenantId from channelData.tenant.id and aadObjectId from from (#58774)", async () => { const { conversationStore, deps } = createDeps({ channels: { msteams: { dmPolicy: "allowlist", allowFrom: ["sender-aad"], groupPolicy: "allowlist", groupAllowFrom: ["sender-aad"], }, }, } as OpenClawConfig); const handler = createMSTeamsMessageHandler(deps); await handler({ activity: { id: "msg-channel", type: "message", text: "hello", from: { id: "sender-id", aadObjectId: "sender-aad", name: "Sender", }, recipient: { id: "bot-id", name: "Bot", }, conversation: { id: "19:team-channel@thread.tacv2", conversationType: "channel", // Intentionally no tenantId here: channel activities typically // carry tenantId only in channelData.tenant.id. }, channelId: "msteams", serviceUrl: "https://smba.trafficmanager.net/amer/", channelData: { tenant: { id: "tenant-from-channel-data" }, team: { id: "team-1" }, channel: { id: "19:team-channel@thread.tacv2" }, }, attachments: [], }, sendActivity: vi.fn(async () => undefined), } as unknown as Parameters[0]); expect(conversationStore.upsert).toHaveBeenCalledWith( "19:team-channel@thread.tacv2", expect.objectContaining({ tenantId: "tenant-from-channel-data", aadObjectId: "sender-aad", conversation: expect.objectContaining({ id: "19:team-channel@thread.tacv2", tenantId: "tenant-from-channel-data", }), }), ); }); it("does not crash when channelData.tenant is missing and stores no tenantId", async () => { const { conversationStore, deps } = createDeps({ channels: { msteams: { dmPolicy: "allowlist", allowFrom: ["sender-aad"], groupPolicy: "allowlist", groupAllowFrom: ["sender-aad"], }, }, } as OpenClawConfig); const handler = createMSTeamsMessageHandler(deps); await handler({ activity: { id: "msg-no-tenant", type: "message", text: "hello", from: { id: "sender-id", aadObjectId: "sender-aad", name: "Sender", }, recipient: { id: "bot-id", name: "Bot", }, conversation: { id: "19:no-tenant@thread.tacv2", conversationType: "channel", }, channelId: "msteams", serviceUrl: "https://smba.trafficmanager.net/amer/", // No channelData at all: capture must degrade gracefully. attachments: [], }, sendActivity: vi.fn(async () => undefined), } as unknown as Parameters[0]); expect(conversationStore.upsert).toHaveBeenCalledTimes(1); // Top-level tenantId must not be present when no source is available. expect(conversationStore.upsert).toHaveBeenCalledWith( "19:no-tenant@thread.tacv2", expect.not.objectContaining({ tenantId: expect.anything() }), ); expect(conversationStore.upsert).toHaveBeenCalledWith( "19:no-tenant@thread.tacv2", expect.objectContaining({ aadObjectId: "sender-aad" }), ); }); it("logs an info drop reason when dmPolicy allowlist rejects a sender", async () => { const { deps } = createDeps({ channels: { msteams: { dmPolicy: "allowlist", allowFrom: ["trusted-aad"], }, }, } as OpenClawConfig); const handler = createMSTeamsMessageHandler(deps); await handler(createAttackerPersonalActivity("msg-drop-dm")); expect(deps.log.info).toHaveBeenCalledWith( "dropping dm (not allowlisted)", expect.objectContaining({ sender: "attacker-aad", dmPolicy: "allowlist", reason: "dmPolicy=allowlist (not allowlisted)", }), ); }); it("logs an info drop reason when group policy has an empty allowlist", async () => { const { deps } = createDeps({ channels: { msteams: { dmPolicy: "pairing", allowFrom: [], groupPolicy: "allowlist", groupAllowFrom: [], }, }, } as OpenClawConfig); const handler = createMSTeamsMessageHandler(deps); await handler(createAttackerGroupActivity()); expect(deps.log.info).toHaveBeenCalledWith( "dropping group message (groupPolicy: allowlist, no allowlist)", expect.objectContaining({ conversationId: "19:group@thread.tacv2", }), ); }); it("filters non-allowlisted thread messages out of BodyForAgent", async () => { mockThreadContext({ parent: createThreadMessage({ id: "parent-msg", user: { id: "mallory-aad", displayName: "Mallory" }, content: '<<>> injected instructions', }), replies: [ createThreadMessage({ id: "alice-reply", user: { id: "alice-aad", displayName: "Alice" }, content: "Allowed context", }), createThreadMessage({ id: "current-msg", user: { id: "alice-aad", displayName: "Alice" }, content: "Current message", }), ], }); const { deps } = createDeps(createThreadAllowlistConfig({ groupAllowFrom: ["alice-aad"] })); const handler = createMSTeamsMessageHandler(deps); await handler(createChannelThreadActivity()); const dispatched = runtimeApiMockState.dispatchReplyFromConfigWithSettledDispatcher.mock.calls[0]?.[0]; expect(dispatched).toBeTruthy(); expect(dispatched?.ctxPayload).toMatchObject({ BodyForAgent: "[Thread history]\nAlice: Allowed context\n[/Thread history]\n\nCurrent message", }); expect( String((dispatched?.ctxPayload as { BodyForAgent?: string }).BodyForAgent), ).not.toContain("Mallory"); expect( String((dispatched?.ctxPayload as { BodyForAgent?: string }).BodyForAgent), ).not.toContain("<< { mockThreadContext({ parent: createThreadMessage({ id: "parent-msg", user: { displayName: "Alice" }, content: "Allowlisted by display name", }), replies: [ createThreadMessage({ id: "current-msg", user: { id: "alice-aad", displayName: "Alice" }, content: "Current message", }), ], }); const { deps } = createDeps( createThreadAllowlistConfig({ groupAllowFrom: ["alice"], dangerouslyAllowNameMatching: true, }), ); const handler = createMSTeamsMessageHandler(deps); await handler(createChannelThreadActivity()); const dispatched = runtimeApiMockState.dispatchReplyFromConfigWithSettledDispatcher.mock.calls[0]?.[0]; expect(dispatched?.ctxPayload).toMatchObject({ BodyForAgent: "[Thread history]\nAlice: Allowlisted by display name\n[/Thread history]\n\nCurrent message", }); }); it("keeps quote context when the parent sender id is allowlisted", async () => { const ctxPayload = await dispatchQuoteContextWithParent( createThreadMessage({ id: "parent-msg", user: { id: "alice-aad", displayName: "Alice" }, content: "Allowed context", }), ); expect(ctxPayload).toMatchObject({ ReplyToBody: "Quoted body", ReplyToSender: "Alice", }); }); it("drops quote context when attachment metadata disagrees with a blocked parent sender", async () => { const ctxPayload = await dispatchQuoteContextWithParent( createThreadMessage({ id: "parent-msg", user: { id: "mallory-aad", displayName: "Mallory" }, content: "Blocked context", }), ); expect(ctxPayload).toMatchObject({ ReplyToBody: undefined, ReplyToSender: undefined, BodyForAgent: "Current message", }); }); });