Get Botbuilder Signin button cancel response

Crowd,

I’m struggling on an issue reacting to denied consent in Teams SSO.

My solution looks like this:

  1. I have a webserver doing some conversational logic written in typescript reachable via ngrok
  2. I have an Azure bot
  3. I have an Azure AD bot registration

When requesting permissions I’m creating an oauthcard that is sent as an attachment like this:

await CardFactory.oauthCard(
    myConnectionName,
    "Title",
    "text",
    signInLink,
    {
        id: this.accessToken,
        uri: `api://botid-${myAppId}`
    }
);

This works fine, the user receives a small prompt “We need to ask for additional permissions. You should only need to do this once for MyApplication” with two buttons “Cancel” and “Continue”.

Continue works fine, the webserver receives a response, can get the Token for GraphAPI and use all cool features, but what about the cancel button?

Unfortunately I receive exactly 0 feedback if the user clicks “Cancel”. Do you know if there’s a way to get a confirmation when the user clicks cancel?

I already added an adapter and check each activity using adapter.processActivity() but there’s no activity or web request coming in for cancelations.

Any idea how to handle this? Do I need to somehow add a different link for the cancel button? The attachment I’m sending looks like this:

{
        "contentType":"application/vnd.microsoft.card.oauth",
        "content":{
           "buttons":[
              {
                 "type":"signin",
                 "title":"Title",
                 "value":"https://token.botframework.com/api/oauth/signin?signin=mySignInId"
              }
           ],
           "connectionName":"myConnection",
           "tokenExchangeResource":{
              "id":"myAccessToken",
              "uri":"api://botid-myAppId"
           },
           "text":"text"
        }
     }

Any ideas how to receive a response or fetch this event?

Thanks in advance!

EDIT:

My Permission request screen

Answer

This is expected to be handled by Teams client, If we pass this control to the Bot, the requests would get into a loop and we want to avoid that. For example, user interacts with Bot -> client shows consent pop up -> User cancels -> Bot again initializes Auth request -> client again shows pop up -> ...

So, this is by design. Teams client will show the consent pop up when user tries to interact with the Bot again.