Detach OAuth continuation replay from token-exchange invoke#464
Detach OAuth continuation replay from token-exchange invoke#464Carvalh0XYZ wants to merge 1 commit into
Conversation
There was a problem hiding this comment.
Pull request overview
Detaches OAuth continuation replay from the signin/tokenExchange invoke lifecycle so the invoke response can return promptly while the original message is replayed asynchronously via a proactive turn.
Changes:
- Starts OAuth continuation replay in a background task using
continue_conversation_with_claims()and tracks tasks to prevent premature GC. - Deep-copies the continuation activity and reapplies the current conversation reference before replaying.
- Adds a regression test ensuring the invoke completes before the replay finishes and that state is saved.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| tests/hosting_core/app/test_agent_application.py | Adds regression coverage verifying token-exchange invoke returns before continuation replay completes. |
| libraries/microsoft-agents-hosting-core/microsoft_agents/hosting/core/app/agent_application.py | Moves continuation replay off the invoke call path into a background proactive continuation task. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
60b33aa to
50cd3fa
Compare
50cd3fa to
fb89185
Compare
|
One extra compatibility detail came out while checking this feedback: the old shallow-copied context also shared the completed OAuth token cache with the replayed message. A fresh proactive context does not. The latest commit now copies only those completed OAuth token entries into the replay context before running the message. It deliberately does not copy the whole invoke Focused authorization/application tests: 79 passed. |
Fixes #463.
Description
This detaches the original-message replay from the
signin/tokenExchangerequest lifecycle.After a successful auth intercept, the SDK now:
continue_conversation_with_claims();TurnContextuntouched.The replay still enters the normal
_on_turnpipeline as the original message activity, with its original channel and claims identity.This mirrors the lifecycle fix made for the JavaScript SDK in microsoft/Agents-for-js#1013.
Testing
msteams:COPILOTchannel.Live validation
Validated with a deployed Microsoft 365 Copilot custom-engine agent after clearing both Bot Framework token partitions:
21:06:55.793;21:06:56.286;21:06:56.294;21:06:56.299;21:07:01.361.The user received one answer with silent SSO, no sign-in card, and no retry loop.