microsoft/teams.net
Publicmirrored fromhttps://github.com/microsoft/teams.netAvailable
Samples/Samples.Graph/README.md
129lines · modecode
| 1 | # Graph Sample |
| 2 | |
| 3 | This sample demonstrates how to implement OAuth authentication and Microsoft Graph integration in a Teams bot using the Teams SDK for .NET. |
| 4 | |
| 5 | ## Features |
| 6 | |
| 7 | - OAuth authentication with Microsoft Graph |
| 8 | - User sign-in/sign-out functionality |
| 9 | - Access to Microsoft Graph API (user profile information) |
| 10 | - Custom sign-in UI with configurable text |
| 11 | - Token display after successful authentication |
| 12 | |
| 13 | ## Prerequisites |
| 14 | |
| 15 | - .NET 9.0 |
| 16 | - Azure Bot Service registration |
| 17 | - Microsoft Graph OAuth connection configured in Azure Bot Service |
| 18 | - Dev tunnels or ngrok for local development |
| 19 | |
| 20 | ## Project Structure |
| 21 | |
| 22 | ``` |
| 23 | Samples.Graph/ |
| 24 | ├── Program.cs # Main bot logic and OAuth handlers |
| 25 | ├── Samples.Graph.csproj # Project file with SDK dependencies |
| 26 | ├── appsettings.json # Bot credentials configuration |
| 27 | ├── Properties/launchSettings.json # Launch configuration (port 3978) |
| 28 | └── README.md # This file |
| 29 | ``` |
| 30 | |
| 31 | ## Setup |
| 32 | |
| 33 | ### 1. Azure Bot Registration |
| 34 | |
| 35 | 1. Create an Azure Bot resource in the Azure Portal |
| 36 | 2. Configure the messaging endpoint: `https://your-tunnel-url/api/messages` |
| 37 | 3. Note the Application (Client) ID and create a Client Secret |
| 38 | |
| 39 | ### 2. OAuth Connection Setup |
| 40 | |
| 41 | 1. In your Azure Bot resource, go to **Configuration** → **OAuth Connection Settings** |
| 42 | 2. Add new OAuth connection: |
| 43 | - **Name**: `graph` (must match the code) |
| 44 | - **Service Provider**: `Generic Oauth 2` or `Azure Active Directory v2` |
| 45 | - **Client ID**: Your bot's Application (Client) ID |
| 46 | - **Client Secret**: Your bot's client secret |
| 47 | - **Authorization URL**: `https://login.microsoftonline.com/common/oauth2/v2.0/authorize` |
| 48 | - **Token URL**: `https://login.microsoftonline.com/common/oauth2/v2.0/token` |
| 49 | - **Refresh URL**: `https://login.microsoftonline.com/common/oauth2/v2.0/token` |
| 50 | - **Scopes**: `User.Read` |
| 51 | |
| 52 | ### 3. Update Configuration |
| 53 | |
| 54 | Update `appsettings.json` with your bot credentials: |
| 55 | |
| 56 | ```json |
| 57 | { |
| 58 | "Teams": { |
| 59 | "ClientId": "your-bot-application-id", |
| 60 | "ClientSecret": "your-bot-client-secret" |
| 61 | } |
| 62 | } |
| 63 | ``` |
| 64 | |
| 65 | ### 4. Local Development Setup |
| 66 | |
| 67 | 1. Install dev tunnels: `winget install Microsoft.DevTunnels` |
| 68 | 2. Create tunnel: `devtunnel create -a` |
| 69 | 3. Host tunnel: `devtunnel host <tunnel-id> -p 3978` |
| 70 | 4. Update Azure Bot messaging endpoint with the tunnel URL |
| 71 | |
| 72 | ## Running the Sample |
| 73 | |
| 74 | ```bash |
| 75 | # Navigate to the project directory |
| 76 | cd Samples/Samples.Graph |
| 77 | |
| 78 | # Run the bot |
| 79 | dotnet run |
| 80 | ``` |
| 81 | |
| 82 | The bot will start on `http://localhost:3978` by default. |
| 83 | |
| 84 | ## Usage |
| 85 | |
| 86 | ### Authentication Flow |
| 87 | |
| 88 | 1. **Initial Message**: Send any message to the bot to trigger sign-in |
| 89 | 2. **Sign-in Card**: Bot presents OAuth sign-in card with custom text |
| 90 | 3. **Authentication**: Complete OAuth flow with Microsoft Graph |
| 91 | 4. **Success Response**: Bot displays user's display name and access token |
| 92 | |
| 93 | ### Commands |
| 94 | |
| 95 | - **Any message**: Triggers sign-in flow if not authenticated, shows user info if authenticated |
| 96 | - **`/signout`**: Signs out the current user and clears authentication |
| 97 | |
| 98 | ### Expected Responses |
| 99 | |
| 100 | - **Not signed in**: "Sign in to your account" OAuth card |
| 101 | - **Already signed in**: "user 'DisplayName' is already signed in!" |
| 102 | - **After sign-in**: "user \"DisplayName\" signed in. Here's the token: [token]" |
| 103 | - **Sign-out**: "you have been signed out!" |
| 104 | |
| 105 | ## Key Components |
| 106 | |
| 107 | - **OAuth Integration**: Configured with `.AddOAuth("graph")` (Program.cs:13) |
| 108 | - **Sign-in Handler**: Main message handler with `SignInOptions` (Program.cs:32-48) |
| 109 | - **Sign-out Handler**: Dedicated `/signout` command handler (Program.cs:20-30) |
| 110 | - **Sign-in Event**: Handles successful authentication and token display (Program.cs:50-57) |
| 111 | - **Graph API Access**: Uses `context.UserGraph.Me.GetAsync()` for user profile (Program.cs:46, 55) |
| 112 | |
| 113 | ## Dependencies |
| 114 | |
| 115 | The project references the following Teams SDK libraries: |
| 116 | |
| 117 | - `Microsoft.Teams.Apps` - Core Teams bot functionality |
| 118 | - `Microsoft.Teams.Api` - Teams API models and clients |
| 119 | - `Microsoft.Teams.Common` - Common utilities and logging |
| 120 | - `Microsoft.Teams.Cards` - Adaptive Cards support |
| 121 | - `Microsoft.Teams.Extensions.Hosting` - ASP.NET Core integration |
| 122 | - `Microsoft.Teams.Plugins.AspNetCore` - ASP.NET Core plugin support |
| 123 | |
| 124 | ## Troubleshooting |
| 125 | |
| 126 | - **Authentication fails**: Verify OAuth connection name matches "graph" in code |
| 127 | - **Bot not reachable**: Ensure dev tunnel is running and messaging endpoint is correct |
| 128 | - **Permission errors**: Check Azure Bot and App Registration have correct permissions |
| 129 | - **Token issues**: Verify OAuth scopes include `User.Read` for Microsoft Graph access |
| 130 | |