diff --git a/developer-assist-dashboard/.vscode/tasks.json b/developer-assist-dashboard/.vscode/tasks.json index 4759694a..cf8361e0 100644 --- a/developer-assist-dashboard/.vscode/tasks.json +++ b/developer-assist-dashboard/.vscode/tasks.json @@ -118,7 +118,7 @@ { "label": "Watch backend", "type": "shell", - "command": "npm run watch", + "command": "npm run watch:teamsfx", "isBackground": true, "options": { "cwd": "${workspaceFolder}/api" diff --git a/developer-assist-dashboard/api/package.json b/developer-assist-dashboard/api/package.json index d10ed4dd..747018ed 100644 --- a/developer-assist-dashboard/api/package.json +++ b/developer-assist-dashboard/api/package.json @@ -5,7 +5,7 @@ "dev:teamsfx": "env-cmd --silent -f .localConfigs npm run dev", "dev": "func start --typescript --language-worker=\"--inspect=9229\" --port \"7071\" --cors \"*\"", "build": "tsc", - "watch": "tsc -w", + "watch:teamsfx": "tsc -w", "prestart": "npm run build", "start": "npx func start", "test": "echo \"Error: no test specified\" && exit 1" diff --git a/developer-assist-dashboard/infra/azure.bicep b/developer-assist-dashboard/infra/azure.bicep index 20d1d263..4001c689 100644 --- a/developer-assist-dashboard/infra/azure.bicep +++ b/developer-assist-dashboard/infra/azure.bicep @@ -39,6 +39,7 @@ var officeWebAppClientId2 = '4765445b-32c6-49b0-83e6-1d93765276ca' var outlookDesktopAppClientId = 'd3590ed6-52b3-4102-aeff-aad2292ab01c' var outlookWebAppClientId = '00000002-0000-0ff1-ce00-000000000000' var authorizedClientApplicationIds = '${teamsMobileOrDesktopAppClientId};${teamsWebAppClientId};${officeWebAppClientId1};${officeWebAppClientId2};${outlookDesktopAppClientId};${outlookWebAppClientId}' +var allowedClientApplications = '"${teamsMobileOrDesktopAppClientId}","${teamsWebAppClientId}","${officeWebAppClientId1}","${officeWebAppClientId2}","${outlookDesktopAppClientId}","${outlookWebAppClientId}"' // Azure Storage that hosts your static web site resource storage 'Microsoft.Storage/storageAccounts@2021-06-01' = { @@ -173,6 +174,10 @@ resource functionApp 'Microsoft.Web/sites@2021-02-01' = { name: 'PLANNER_BUCKET_ID' value: plannerBucketId } + { + name: 'WEBSITE_AUTH_AAD_ACL' + value: '{"allowed_client_applications": [${allowedClientApplications}]}' + } ] ftpsState: 'FtpsOnly' } diff --git a/graph-connector-app/infra/azure.bicep b/graph-connector-app/infra/azure.bicep index b35fb525..816f0deb 100644 --- a/graph-connector-app/infra/azure.bicep +++ b/graph-connector-app/infra/azure.bicep @@ -23,6 +23,7 @@ var officeWebAppClientId2 = '4765445b-32c6-49b0-83e6-1d93765276ca' var outlookDesktopAppClientId = 'd3590ed6-52b3-4102-aeff-aad2292ab01c' var outlookWebAppClientId = '00000002-0000-0ff1-ce00-000000000000' var authorizedClientApplicationIds = '${teamsMobileOrDesktopAppClientId};${teamsWebAppClientId};${officeWebAppClientId1};${officeWebAppClientId2};${outlookDesktopAppClientId};${outlookWebAppClientId}' +var allowedClientApplications = '["${aadAppClientId}","${teamsMobileOrDesktopAppClientId}","${teamsWebAppClientId}","${officeWebAppClientId1}","${officeWebAppClientId2}","${outlookDesktopAppClientId}","${outlookWebAppClientId}"]' // Azure Storage that hosts your static web site resource storage 'Microsoft.Storage/storageAccounts@2021-06-01' = { @@ -97,6 +98,10 @@ resource functionApp 'Microsoft.Web/sites@2021-02-01' = { name: 'ALLOWED_APP_IDS' value: authorizedClientApplicationIds } + { + name: 'WEBSITE_AUTH_AAD_ACL' + value: '{"allowed_client_applications": ${allowedClientApplications}}}' + } { name: 'M365_CLIENT_ID' value: aadAppClientId diff --git a/hello-world-in-meeting/appPackage/manifest.json b/hello-world-in-meeting/appPackage/manifest.json index 51018cf0..b8d01ae7 100644 --- a/hello-world-in-meeting/appPackage/manifest.json +++ b/hello-world-in-meeting/appPackage/manifest.json @@ -34,6 +34,8 @@ "groupchat" ], "context": [ + "channelTab", + "privateChatTab", "meetingChatTab", "meetingDetailsTab", "meetingSidePanel" diff --git a/hello-world-tab-with-backend/.vscode/tasks.json b/hello-world-tab-with-backend/.vscode/tasks.json index 0d0d32cd..fff4dbc1 100644 --- a/hello-world-tab-with-backend/.vscode/tasks.json +++ b/hello-world-tab-with-backend/.vscode/tasks.json @@ -121,7 +121,7 @@ { "label": "Watch backend", "type": "shell", - "command": "npm run watch", + "command": "npm run watch:teamsfx", "isBackground": true, "options": { "cwd": "${workspaceFolder}/api" diff --git a/hello-world-tab-with-backend/api/package.json b/hello-world-tab-with-backend/api/package.json index da8e637f..2ab6044c 100644 --- a/hello-world-tab-with-backend/api/package.json +++ b/hello-world-tab-with-backend/api/package.json @@ -8,7 +8,7 @@ "dev:teamsfx": "env-cmd --silent -f .localConfigs npm run dev", "dev": "func start --typescript --language-worker=\"--inspect=9229\" --port \"7071\" --cors \"*\"", "build": "tsc", - "watch": "tsc -w", + "watch:teamsfx": "tsc -w", "prestart": "npm run build", "start": "npx func start", "test": "echo \"Error: no test specified\" && exit 1" diff --git a/hello-world-tab-with-backend/infra/azure.bicep b/hello-world-tab-with-backend/infra/azure.bicep index c17e9441..978da515 100644 --- a/hello-world-tab-with-backend/infra/azure.bicep +++ b/hello-world-tab-with-backend/infra/azure.bicep @@ -23,6 +23,7 @@ var officeWebAppClientId2 = '4765445b-32c6-49b0-83e6-1d93765276ca' var outlookDesktopAppClientId = 'd3590ed6-52b3-4102-aeff-aad2292ab01c' var outlookWebAppClientId = '00000002-0000-0ff1-ce00-000000000000' var authorizedClientApplicationIds = '${teamsMobileOrDesktopAppClientId};${teamsWebAppClientId};${officeWebAppClientId1};${officeWebAppClientId2};${outlookDesktopAppClientId};${outlookWebAppClientId}' +var allowedClientApplications = '"${teamsMobileOrDesktopAppClientId}","${teamsWebAppClientId}","${officeWebAppClientId1}","${officeWebAppClientId2}","${outlookDesktopAppClientId}","${outlookWebAppClientId}"' // Azure Storage that hosts your static web site resource storage 'Microsoft.Storage/storageAccounts@2021-06-01' = { @@ -118,6 +119,10 @@ resource functionApp 'Microsoft.Web/sites@2021-02-01' = { name: 'M365_APPLICATION_ID_URI' value: aadApplicationIdUri } + { + name: 'WEBSITE_AUTH_AAD_ACL' + value: '{"allowed_client_applications": [${allowedClientApplications}]}' + } ] ftpsState: 'FtpsOnly' } diff --git a/hello-world-teams-tab-and-outlook-add-in/appPackage/manifest.json b/hello-world-teams-tab-and-outlook-add-in/appPackage/manifest.json index 2fe9090b..ab02bf7b 100644 --- a/hello-world-teams-tab-and-outlook-add-in/appPackage/manifest.json +++ b/hello-world-teams-tab-and-outlook-add-in/appPackage/manifest.json @@ -31,7 +31,7 @@ "canUpdateConfiguration": true, "scopes": [ "team", - "groupchat" + "groupChat" ] } ], diff --git a/share-now/infra/teamsFx/function.bicep b/share-now/infra/teamsFx/function.bicep index 1acc9e57..5f911197 100644 --- a/share-now/infra/teamsFx/function.bicep +++ b/share-now/infra/teamsFx/function.bicep @@ -18,8 +18,7 @@ var administratorLogin = contains(provisionParameters, 'azureSqlAdmin') ? provis var administratorLoginPassword = contains(provisionParameters, 'azureSqlAdminPassword') ? provisionParameters['azureSqlAdminPassword'] : '' var oauthAuthority = uri(m365OauthAuthorityHost, m365TenantId) var tabAppDomain = provisionOutputs.frontendHostingOutput.value.domain -var tabAppEndpoint = provisionOutputs.frontendHostingOutput.value.endpoint -var botId = provisionParameters['botAadAppClientId'] +var tabAppEndpoint = provisionOutputs.frontendHostingOutput.value.endpoint var m365ApplicationIdUri = 'api://${tabAppDomain}/${m365ClientId}' var teamsMobileOrDesktopAppClientId = '1fec8e78-bce4-4aaf-ab1b-5451cc387264' @@ -30,6 +29,7 @@ var outlookDesktopAppClientId = 'd3590ed6-52b3-4102-aeff-aad2292ab01c' var outlookWebAppClientId = '00000002-0000-0ff1-ce00-000000000000' var authorizedClientApplicationIds = '${teamsMobileOrDesktopAppClientId};${teamsWebAppClientId};${officeWebAppClientId1};${officeWebAppClientId2};${outlookDesktopAppClientId};${outlookWebAppClientId}' +var allowedClientApplications = '["${m365ClientId}","${teamsMobileOrDesktopAppClientId}","${teamsWebAppClientId}","${officeWebAppClientId1}","${officeWebAppClientId2}","${outlookDesktopAppClientId}","${outlookWebAppClientId}"]' var currentAllowedOrigins = empty(currentConfigs.cors) ? [] : currentConfigs.cors.allowedOrigins resource appConfig 'Microsoft.Web/sites/config@2021-02-01' = { @@ -38,8 +38,8 @@ resource appConfig 'Microsoft.Web/sites/config@2021-02-01' = { properties: { cors: { allowedOrigins: union(currentAllowedOrigins, [ - tabAppEndpoint - ]) + tabAppEndpoint + ]) } } } @@ -48,6 +48,7 @@ resource appSettings 'Microsoft.Web/sites/config@2021-02-01' = { properties: union({ API_ENDPOINT: provisionOutputs.functionOutput.value.functionEndpoint ALLOWED_APP_IDS: authorizedClientApplicationIds + WEBSITE_AUTH_AAD_ACL: '{"allowed_client_applications": ${allowedClientApplications}}}' M365_CLIENT_ID: m365ClientId M365_CLIENT_SECRET: m365ClientSecret M365_TENANT_ID: m365TenantId diff --git a/team-central-dashboard/.vscode/tasks.json b/team-central-dashboard/.vscode/tasks.json index 6692bf3f..e6cc3599 100644 --- a/team-central-dashboard/.vscode/tasks.json +++ b/team-central-dashboard/.vscode/tasks.json @@ -121,7 +121,7 @@ { "label": "Watch backend", "type": "shell", - "command": "npm run watch", + "command": "npm run watch:teamsfx", "isBackground": true, "options": { "cwd": "${workspaceFolder}/api" diff --git a/team-central-dashboard/api/package.json b/team-central-dashboard/api/package.json index 8c247912..1cc3da74 100644 --- a/team-central-dashboard/api/package.json +++ b/team-central-dashboard/api/package.json @@ -5,7 +5,7 @@ "dev:teamsfx": "env-cmd --silent -f .localConfigs npm run dev", "dev": "func start --typescript --language-worker=\"--inspect=9229\" --port \"7071\" --cors \"*\"", "build": "tsc", - "watch": "tsc -w", + "watch:teamsfx": "tsc -w", "prestart": "npm run build", "start": "npx func start", "test": "echo \"Error: no test specified\" && exit 1" diff --git a/team-central-dashboard/infra/azure.bicep b/team-central-dashboard/infra/azure.bicep index a9f9a1f7..2b56868c 100644 --- a/team-central-dashboard/infra/azure.bicep +++ b/team-central-dashboard/infra/azure.bicep @@ -26,6 +26,7 @@ var officeWebAppClientId2 = '4765445b-32c6-49b0-83e6-1d93765276ca' var outlookDesktopAppClientId = 'd3590ed6-52b3-4102-aeff-aad2292ab01c' var outlookWebAppClientId = '00000002-0000-0ff1-ce00-000000000000' var authorizedClientApplicationIds = '${teamsMobileOrDesktopAppClientId};${teamsWebAppClientId};${officeWebAppClientId1};${officeWebAppClientId2};${outlookDesktopAppClientId};${outlookWebAppClientId}' +var allowedClientApplications = '"${teamsMobileOrDesktopAppClientId}","${teamsWebAppClientId}","${officeWebAppClientId1}","${officeWebAppClientId2}","${outlookDesktopAppClientId}","${outlookWebAppClientId}"' // Azure Storage that hosts your static web site resource storage 'Microsoft.Storage/storageAccounts@2021-06-01' = { @@ -124,6 +125,10 @@ resource functionApp 'Microsoft.Web/sites@2021-02-01' = { name: 'TEAMS_APP_ID' value: teamsAppId } + { + name: 'WEBSITE_AUTH_AAD_ACL' + value: '{"allowed_client_applications": [${allowedClientApplications}]}' + } ] ftpsState: 'FtpsOnly' } diff --git a/todo-list-with-Azure-backend-M365/infra/teamsFx/function.bicep b/todo-list-with-Azure-backend-M365/infra/teamsFx/function.bicep index 49c095c9..2aed368d 100644 --- a/todo-list-with-Azure-backend-M365/infra/teamsFx/function.bicep +++ b/todo-list-with-Azure-backend-M365/infra/teamsFx/function.bicep @@ -33,6 +33,7 @@ var outlookDesktopAppClientId = 'd3590ed6-52b3-4102-aeff-aad2292ab01c' var outlookWebAppClientId1 = '00000002-0000-0ff1-ce00-000000000000' var outlookWebAppClientId2 = 'bc59ab01-8403-45c6-8796-ac3ef710b3e3' var authorizedClientApplicationIds = '${teamsMobileOrDesktopAppClientId};${teamsWebAppClientId};${officeWebAppClientId1};${officeWebAppClientId2};${officeDesktopAppClientId};${outlookDesktopAppClientId};${outlookWebAppClientId1};${outlookWebAppClientId2}' +var allowedClientApplications = '["${m365ClientId}","${teamsMobileOrDesktopAppClientId}","${teamsWebAppClientId}","${officeWebAppClientId1}","${officeWebAppClientId2}","${officeDesktopAppClientId}","${outlookDesktopAppClientId}","${outlookWebAppClientId1}","${outlookWebAppClientId2}"]' var currentAllowedOrigins = empty(currentConfigs.cors) ? [] : currentConfigs.cors.allowedOrigins @@ -58,6 +59,7 @@ resource appSettings 'Microsoft.Web/sites/config@2021-02-01' = { M365_AUTHORITY_HOST: m365OauthAuthorityHost // AAD authority host M365_APPLICATION_ID_URI: m365ApplicationIdUri // Application ID URI of AAD application IDENTITY_ID: provisionOutputs.identityOutput.value.identityClientId // User assigned identity id, the identity is used to access other Azure resources + WEBSITE_AUTH_AAD_ACL: '{"allowed_client_applications": ${allowedClientApplications}}}' }, currentAppSettings) // Merge new settings with existing settings } diff --git a/todo-list-with-Azure-backend/infra/teamsFx/function.bicep b/todo-list-with-Azure-backend/infra/teamsFx/function.bicep index fd51299e..ab593461 100644 --- a/todo-list-with-Azure-backend/infra/teamsFx/function.bicep +++ b/todo-list-with-Azure-backend/infra/teamsFx/function.bicep @@ -28,6 +28,7 @@ var officeWebAppClientId2 = '4765445b-32c6-49b0-83e6-1d93765276ca' var outlookDesktopAppClientId = 'd3590ed6-52b3-4102-aeff-aad2292ab01c' var outlookWebAppClientId = '00000002-0000-0ff1-ce00-000000000000' var authorizedClientApplicationIds = '${teamsMobileOrDesktopAppClientId};${teamsWebAppClientId};${officeWebAppClientId1};${officeWebAppClientId2};${outlookDesktopAppClientId};${outlookWebAppClientId}' +var allowedClientApplications = '["${m365ClientId}","${teamsMobileOrDesktopAppClientId}","${teamsWebAppClientId}","${officeWebAppClientId1}","${officeWebAppClientId2}","${outlookDesktopAppClientId}","${outlookWebAppClientId}"]' var currentAllowedOrigins = empty(currentConfigs.cors) ? [] : currentConfigs.cors.allowedOrigins @@ -57,6 +58,7 @@ resource appSettings 'Microsoft.Web/sites/config@2021-02-01' = { SQL_ENDPOINT: provisionOutputs.azureSqlOutput.value.sqlEndpoint SQL_USER_NAME: administratorLogin SQL_PASSWORD: administratorLoginPassword + WEBSITE_AUTH_AAD_ACL: '{"allowed_client_applications": ${allowedClientApplications}}}' }, currentAppSettings) }