Release 2.0.10#557
Merged
Merged
Conversation
This pull request migrates and refactors the MCP (Model Context Protocol) Teams bot example from `@examples/mcp` to `@examples/mcp-server`, significantly expanding its functionality and improving its documentation and code structure. The new implementation provides a robust MCP server that exposes human-in-the-loop tools for Teams, including notification, question/answer, and approval flows. **Key changes include:** ### 1. Migration and Renaming - The example is moved from `@examples/mcp` to `@examples/mcp-server`, with all related files and documentation updated to reflect the new name. (`README.md`, `CHANGELOG.md`, `package.json`, directory and file renames) ### 2. Major Feature Expansion - Implements a full-featured MCP server for Teams, supporting five tools: `notify`, `ask`, `getReply`, `requestApproval`, and `getApproval`. These tools allow agents or clients to interact with real users via Teams for notifications, Q&A, and approval workflows. ### 4. Removal of Old Implementation - Deletes the previous minimal MCP bot implementation and its associated files, including the old `README.md`, `manifest.json`, and TypeScript entry point, which are replaced with the new, more capable server.
…erride in final message (#553) Fixes #549 ## Summary Fixes two bugs in HttpStream: ### Bug 1: streamType overwritten to informative in final message close() calls .addStreamFinal().withChannelData(this.channelData). Since this.channelData contains streamType: informative from typing updates, it overwrites the final value. ### Bug 2: Race condition in close() The while loop checks queue.length and this.id but not this._flushing. If flush() drained the queue but is still awaiting pushStreamChunk() calls, close() proceeds immediately. ### Fixes 1. Swap .withChannelData() and .addStreamFinal() order 2. Add || this._flushing to the while condition" --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
equivalent to these 2 python PRs: microsoft/teams.py#340 (not all applicable bc TS doesnt have defined inbound/outbound interfaces) microsoft/teams.py#336 This pull request adds deprecation warnings to several activity-related interfaces and types to clarify that certain properties and activities are no longer recognized or returned by the service backend. This improves the clarity of the API and helps developers avoid using obsolete features. Verified with APX repo and manual testing. **Deprecation of properties and activities:** * Marked the `relatesTo` property as deprecated in the base `IActivity` interface, the `Activity` class, and in all derived activity interfaces where it appears, indicating it is no longer returned by the backend. * Added `@deprecated` annotations to the `withRelatesTo` method in the `Activity` class for consistency. **Deprecation of activity types not recognized by the backend:** * Marked the `IHandoffActivity` and `ITraceActivity` interfaces as deprecated * Marked the `IEndOfConversationActivity` interface and `EndOfConversationCode` type as deprecated --------- Co-authored-by: lilydu <lilydu+odspmdb@microsoft.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
## Summary Adds Azure AD v1 issuer support to inbound Entra token validation in `@microsoft/teams.apps`. Specifically, tenant-based issuer validation now accepts both: - `https://login.microsoftonline.com/{tenantId}/...` - `https://sts.windows.net/{tenantId}/` ## Motivation Some valid Microsoft Entra tokens are issued with the Azure AD v1 issuer format (`sts.windows.net`) instead of the v2-style `login.microsoftonline.com/.../v2.0` issuer. Related external issue: - openclaw/openclaw#64270 This PR keeps the change narrowly scoped to issuer validation only. ## Changes - Extend tenant-based issuer validation in `JwtValidator` to also accept: - `https://sts.windows.net/{tenantId}/` - Add tests covering v1 issuer acceptance for: - single-tenant apps - multi-tenant apps ## Tests Added/updated tests for: - v1 `sts.windows.net` issuer acceptance - existing tenant-based issuer validation behavior - end-to-end validation of Microsoft Entra v1 and v2 access tokens, modeled on the published sample tokens at https://learn.microsoft.com/en-us/entra/identity-platform/access-tokens (same `iss`, `aud`, `tid`, `azp`/`appid`, `scp`, `ver` shape) — both pass through the full `JwtValidator.validateAccessToken` pipeline (signature + expiry + audience + issuer + scope)
# Conflicts: # version.json
lilyydu
approved these changes
May 6, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Merges main into release and sets version to 2.0.10.
Commits since last release