[Dev support]: Failed to start sso sign in flow in action based message extension

[yungfu]

Please be sure to check the Discussions Q&A section before filing a new question.

How to add SSO to action based message extension, TeamsSsoAuthentication failed to sing user in with error (composeExtension/fetchTask)

Incoming activity is not a valid activity to initiate authentication flow.

Following is my code:

    IConfidentialClientApplication msal= ConfidentialClientApplicationBuilder.Create(config.AppId)
                                        .WithClientSecret(config.AppPassword)
                                        .WithTenantId(config.AppTenantId)
                                        .WithLegacyCacheCompatibility(false)
                                        .Build();

    string signInLink = $"{baseUrl}/auth-start.html";
    AuthenticationOptions<AppState> options = new();
    options.AddAuthentication("graph", new TeamsSsoSettings(new string[] { "User.Read" }, signInLink, msal));

    var appBuilder = new ApplicationBuilder<AppState>()
        .WithAIOptions(new(planner))
        .WithStorage(storage)
        .WithLoggerFactory(loggerFactory)
        .WithTurnStateFactory(() => new AppState())
        .WithAuthentication(adapter, options);

    Application<AppState> app = appBuilder.Build();
    app.MessageExtensions.OnFetchTask("myaction", fetchTaskHandler);

When click action to fetch task, cannot start sign in flow, and an AuthException can be found when debug in Microsoft.Teams.AI.Application. If I tried to send an OauthCard or SignInLink in fetchTaskHandler, it seems that is incorrect because they cannot be include in task module. How to trigger SSO sign in and consent flow when task fetch?

[aacebo]

following this general example https://github.com/microsoft/teams-ai/blob/main/dotnet/samples/06.auth.teamsSSO.messageExtension/Program.cs#L162, you should be able to call app.Authentication.SignIn from your handler which would send the card for you.