Use refreshable app tokens

[heyitsaamir]

Context

This fixes #184 which stated that the token wasn't being refreshed after an hour. This was because we weren't refreshing it on use.
In typescript, we refresh the token on every app.process. But this actually still leaves proactive scenarios to used an cached, potentially expired, tokens. To remediate this, the token that gets passed to the API is a factory which refreshes the token if the cached token is expired.
For the record C# sets the token value to be refreshable (just as this PR is attempting to do).

Changes

This PR includes several changes

1. No more graph token manager. Instead we now have a TokenManager which manages all tokens. Soon, this might change to msal doing the changes
2. The app no longer refreshes token on start. But it does it the first time the token is being used. Because of this, the id field is now from the credentials, and the "name" field had to be removed. I don't think this should cause a big deal because name is honestly, not a very well used (or documented) field. This is a breaking change though.
3. The token that's being passed around now is an async function that either gets the token from the cache, or refreshes it if it's expired.

Testing

1. Unit tests
2. Sanity tests to make sure we can send messages etc normally.
3. Tested to make sure app token refreshes automatically after an hour
4. Tested user graph tokens
5. Tested app graph tokens

PR Dependency Tree

• PR Use refreshable app tokens  #187 👈
  • PR Introduce msal #191

This tree was auto-generated by Charcoal

[Copilot]

Pull Request Overview

This PR implements refreshable app tokens to fix issue #184 where tokens weren't being refreshed after an hour. The implementation follows TypeScript's approach by providing a token factory that automatically refreshes expired tokens on use, extending to proactive scenarios as well.

Key Changes:

• Consolidated token management from separate bot and graph token managers into a unified TokenManager
• Changed app.id to use credentials instead of tokens, removing app.name property (breaking change)
• Token passing now uses async factory functions that check expiration and refresh as needed

Reviewed Changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
packages/apps/src/microsoft/teams/apps/token_manager.py	New unified token manager handling bot, graph, and user tokens with automatic refresh logic
packages/apps/src/microsoft/teams/apps/routing/activity_context.py	Updated to use Token type and removed null check for app_token since it's now always a factory function
packages/apps/src/microsoft/teams/apps/http_plugin.py	Updated type annotations to use Token and removed separate graph_token parameter
packages/apps/src/microsoft/teams/apps/graph_token_manager.py	Removed in favor of unified TokenManager
packages/apps/src/microsoft/teams/apps/app_tokens.py	Removed dataclass in favor of TokenManager-based approach
packages/apps/src/microsoft/teams/apps/app_process.py	Refactored to use TokenManager methods and pass token factories to context
packages/apps/src/microsoft/teams/apps/app.py	Major refactoring removing token refresh logic, app.name property, and integrating TokenManager throughout

[heyitsaamir]

Comments for the reviwer

[heyitsaamir]

this wasn't being used anywhere, so removing until we need it

[heyitsaamir]

no longer using a cached token

[heyitsaamir]

no longer using a cached token

[heyitsaamir]

using the credentials now, now that we are no longer refreshing the token on app-start

[heyitsaamir]

don't have access to "name", and I don't think it's actually useful

[heyitsaamir]

refresh token logic is all in token manager now

[heyitsaamir]

passing in a factory for the token which can be refreshed if needed.

[corinagum]

I saw copilot left one unresolved comment regarding async function, could you take a look at that? Thanks for doing this work plus extensive testing.