Closed stevebeauge closed 9 months ago
Thank you for contacting us! Any issue or feedback from you is quite important to us. We will do our best to fully respond to your issue as soon as possible. Sometimes additional investigations may be needed, we will usually get back to you within 2 days by adding comments to this issue. Please stay tuned.
Hi @stevebeauge, thanks for your feedback!
I checked the doc you shared and also found official doc pointing out that *.microsoft.com
is not allowed: https://learn.microsoft.com/en-us/microsoftteams/platform/concepts/deploy-and-publish/appsource/prepare/teams-store-validation-guidelines#external-domains. Seems this part of content was updated at end of last year.
We're constructing the template aligining with SPFx. In their side, *.microsoft.com
is still in official doc https://learn.microsoft.com/en-us/sharepoint/dev/spfx/build-for-teams-meeting-app#create-the-microsoft-teams-app-manifest. I'll try and double confirm whether this is necessary. Also will update with SPFx side later.
In the meanwhile, maybe you can also raise the question to marketplace validation team to see whether they have the context of better practice to avoid your problem.
Thanks for your feed back
In the meanwhile, maybe you can also raise the question to marketplace validation team to see whether they have the context of better practice to avoid your problem.
They asked us to raise issues, because it seems to be out of their scope. We'll share feedback with the validation team because the submission is blocked by this gray area.
Hi @stevebeauge, although SPFx projects with compose extension is out of our scope (Teams Toolkit only support SPFx solution with web part component exposed as Teams tab or personal app yet), I spend efforts to try to help you resolve the problem.
I created a SPFx project with compose extension in which web part is exposed as taskInfo.url
. Then provision and deploy the app. After I sideload in Teams, it works well even if I replace *.sharepoint.com
to {teamSiteDomain}
in validDomains
field. So I think the requirement from marketplace team is valid. Can you help double confirm whether it works for you if you change to {teamSiteDomain}
?
Hello @HuihuiWu-Microsoft. Thanks for your feedback.
I checked again. What I observe is that the error appears on some apps. I have apps where validDomains
set to {teamSiteDomain}
is enough. Other apps where it is not (even if I swap the componentId from working package to not working package). The later issue can be worked around by adding *.sharepoint.com
in valid domains.
This is puzzling me, I spent hours trying to figure out what's different between working and not working apps
OK, I finally managed to spot what is different between working and non-working apps.
If the manifest contains the compose extension AND at least one staticTab
or configurableTab
, it is working ✅
If there's no staticTab
or configurableTab
at all, it is not working 🟥
(assuming in both cases that the tabs are pointing to something under https://{teamSiteDomain}
.
My analysis is that MS Teams is internally building a list of dynamically white listed domain (resolving the {teamSiteDomain}
) only for specific nodes in the manifest (staticTabs and configurableTabs, not composeExtension's task url).
Understanding this difference make the repro easy. Simply remove any staticTab
or configurableTab
and keep only composeExtension
in the manifest, and it will starts to fail.
When *.sharepoint.com
is in the validDomains
the error does not appears becasue the actual url is whitelisted through the wildcard.
For convenience, I updated my repro repository.
Working branch: https://github.com/stevebeauge/repro-sp-dev-docs-issues-9018/blob/094a674a0cb8e4de5ce5d722cfb4adf246a15bf3/teams/manifest.json#L40-L59
Non working branch : https://github.com/stevebeauge/repro-sp-dev-docs-issues-9018/blob/7b0116a20210e5d77ab8da5b55c86ed2de2ffbbe/teams/manifest.json#L40
Diff : https://github.com/stevebeauge/repro-sp-dev-docs-issues-9018/pull/1/files
I also attached the two resulting manifests:
@stevebeauge That's quite weird since in my testing I'm not including any staticTab
or configurableTab
. I attached the testing manifest.json I'm using.
I'm not sure whether any other fields are having effects on the result. I see the issue you opened to Teams side. Maybe they can provide more information.
The issue I opened on teams side (if you are talking about https://github.com/OfficeDev/microsoft-teams-library-js/issues/1830) is related to an issue with android and IOS version of teams that are not loading compose extension at all. This is not related to the validDomains
issue.
The original statement of the issue, which mention that a boostrapped project does not pass marketplace validation, is still accurate and present, even if we consider the issue with {teamSiteDomain} appart.
If you believe this should lead to a dedicated issue, let me know in which repo I should post the issue (quite confusing where to submit issue when SFPX, TeamsJS and Teams SFX are used in the project)
Hi @stevebeauge, I see you mentioned the validDomains
issue in the one on SPFx side https://github.com/SharePoint/sp-dev-docs/issues/9018. Since the project you provided is actually a SPFx solution instead of a TeamsFx project, that should be more accurate to track this issue.
Again, from my testing I think the suggestion from marketplace team is valid to fix this original issue that a boostrapped project does not pass marketplace validation:
composeExtension
in manifest without staticTab
or configurableTab
. The SPFx solution works well.notworking
version of manifest you provided. With changing validDomains
to following value, everything works well:
"{teamSiteDomain}",
".login.microsoftonline.com",
".sharepoint-df.com",
"spoppe-a.akamaihd.net",
"spoprod-a.akamaihd.net",
"resourceseng.blob.core.windows.net",
"msft.spoppe.com"
So I guess the fix of this issue is just to change *.sharepoint.com
to {teamSiteDomain}
in validDomains
field to pass marketplace validation. Besides, SPFx side and our side should also update the template.Hi @stevebeauge, as SPFx side mentioned at https://github.com/SharePoint/sp-dev-docs/issues/9018#issuecomment-1642073302, it's not a valid scenario as of now. So at least for now, we'll keep our template as it is to align with SPFx side. If you have more questions, I think it's more accurate to raise issue there (at SharePoint/sp-dev-docs repo).
This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 7 days. It will be closed if no further activity occurs within 3 days of this comment. If it is closed, feel free to comment when you are able to provide the additional information and we will re-investigate.
This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 7 days. It will be closed if no further activity occurs within 3 days of this comment. If it is closed, feel free to comment when you are able to provide the additional information and we will re-investigate.
Hello,
There's still the issue related to non working compose extension if there's no static tab (https://github.com/OfficeDev/TeamsFx/issues/9241#issuecomment-1634187050).
What should I do with this remaining issue ?
thx
Hi @stevebeauge, as SPFx team mentioned(https://github.com/SharePoint/sp-dev-docs/issues/9018#issuecomment-1642073302), this is not a valid scenario. But for now, you can still publish to marketplace if you follow the suggestion from marketplace team since it works as I mentioned (https://github.com/OfficeDev/TeamsFx/issues/9241#issuecomment-1639568619) also verified by SPFx team (https://github.com/SharePoint/sp-dev-docs/issues/9018#issuecomment-1643836156). So we should close this issue if you don't have more questions.
Describe the bug We are building a product which should be published to the Teams Marketplace. Our product is built using SPFX.
The validation team did not validate the submitted because of the
validDomains
attribute in the manifest.The bootstrapped manifest contains:
We added a new entry that targets
https://somebot.azurewebsites.net
because our application has a compose extension and requires a bot to receive and transform submissions.The marketplace validation teams raised an issue regarding this config:
Ref : https://learn.microsoft.com/en-us/legal/marketplace/certification-policies#1140.3.3.1
They asked us to use exclusively
{teamSiteDomain}
and our custom bot hosting.If we follow the requirement, the application does not work anymore. It seems that
"*.sharepoint.com"
is required to have the compose extension working.Please provide official guidelines regarding SFPX based apps that could be submitted in the marketplace. From our perspective, there's something missing, either technically (should works) or declaratively (functionnal sample should be provided).
To Reproduce Bootstrap any SFPX project using
teamsfx new
.Submit the app following official guidance.
Expected behavior SFPX based apps should be publishable. Requirements and restrictions should be documented somewhere explicitly (not found any documentation regarding
validDomains
for SPFX projects.Screenshots If applicable, add screenshots to help explain your problem.
VS Code Extension Information (please complete the following information):
CLI Information (please complete the following information):
Additional context Add any other context about the problem here.