首页 / 技能 / msteams china adapter — 技能工具

📦 msteams china adapter — 技能工具

v1.0.1

Patch OpenClaw to support Microsoft Teams China (世纪互联/21Vianet). Use when: (1) user reports msteams webhook 401 errors or AADSTS500011 with api.botframework....

0· 195·0 当前·0 累计
yhs666 头像by @yhs666·MIT-0
生产力工具办公协作API开发数据分析数据可视化
下载技能包
License
MIT-0
最后更新
2026/4/16
0
安全扫描
VirusTotal
可疑
查看报告
OpenClaw
可疑
medium confidence
The skill is a plausible patch that edits your local OpenClaw distribution to use Microsoft Teams China endpoints, but it requires write access to local OpenClaw files while not declaring those config paths or provenance — exercise caution and review before running.
评估建议
This skill contains a local Node script that will read and overwrite files inside your OpenClaw distribution to switch endpoints to Microsoft Teams China. That behavior is consistent with a legitimate patch, but be cautious because: 1) the manifest does not declare the config path it touches (the script defaults to a hardcoded /home/yang path or OPENCLAW_DIST), 2) running it will change installed files (make a backup or use version control), and 3) the source is unknown. Before running: review t...
详细分析 ▾
用途与能力
The skill's stated purpose (patch OpenClaw for Teams China) matches the content: a script that searches the OpenClaw dist and replaces endpoint/authority strings. However, the manifest declares no required config paths or environment variables even though the script reads/writes the OpenClaw distribution (default hardcoded to /home/yang/.nvm/…/openclaw/dist or overridden by OPENCLAW_DIST). That omission is an incoherence: the skill needs access to user files but doesn't declare those paths.
指令范围
SKILL.md instructs running the included Node script against a specific dist path and to restart the gateway; the script indexes all .js files in the dist and performs targeted string replacements, writing changes back to disk. This is in-scope for a patch, but the instructions reference hardcoded home paths (e.g., /home/yang and a specific ~/.nvm path) and advise grepping/editing files under the user's Node global modules — actions which require filesystem read/write privileges and could corrupt the installation if used incorrectly.
安装机制
No install spec or external downloads are used — the skill is instruction-only with a bundled script. That limits supply-chain risk (nothing is fetched at install time). The script is executed locally by the user/agent, which is expected for a patch tool.
凭证需求
The skill declares no required environment variables or credentials, which aligns with no external network calls. The script supports an OPENCLAW_DIST environment override but does not declare it; SKILL.md also shows optional MSTEAMS_* env variables for post-patch configuration. The missing declaration of OPENCLAW_DIST / config paths is a minor mismatch that reduces transparency.
持久化与权限
The skill does not request permanent inclusion (always: false) and does not autonomously persist credentials. It does, however, modify another installed application's files (OpenClaw's dist). That is expected for a patch but is a privileged action — altering installed application files should be done with backups and from a trusted source.
安全有层次,运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发,无需署名。

运行时依赖

无特殊依赖

版本

latestv1.0.12026/3/14

msteamschinaadapter 1.0.1 - Added patch script (scripts/apply_patch.js) to automatically update OpenClaw’s compiled msteams extension for Microsoft Teams China endpoints. - Added endpoints reference (references/endpoints.md) for quick mapping between global and China-specific endpoints. - Skill now provides both automated patching instructions and clear manual fallback steps. - Major bug fix: Ensures the adapter configures China-specific authorities, issuers, and scopes to resolve audience mismatch errors and AADSTS500011 issues with Teams China.

可疑

安装命令

点击复制
官方npx clawhub@latest install msteamschinaadapter
镜像加速npx clawhub@latest install msteamschinaadapter --registry https://cn.longxiaskill.com

技能文档

Patches OpenClaw's compiled msteams extension to use Microsoft Teams China (世纪互联/21Vianet) endpoints.

哈希无关设计: 脚本通过内容 marker(函数名、字符串字面量)定位文件,不依赖 src-CfmuZgBM.js 这类哈希文件名,OpenClaw 更新后哈希变化也能正常运行。

Step 1 — Run the Patch Script

node /home/yang/.openclaw/workspace/skills/msteams-china-patch/scripts/apply_patch.js

Expected output: 

Indexing dist files...
  1448 files indexed
Applying patches...
[OK]   buildMSTeamsAuthConfig - MSAL 中国区认证
[OK]   GRAPH_ROOT - Graph API 中国区
[OK]   getAccessToken Graph scope - 中国区
...
=== Result: 8 applied, 8 already, 0 missing, 0 not found ===
Restart gateway: systemctl --user restart openclaw-gateway

Step 2 — Restart Gateway

systemctl --user restart openclaw-gateway
# or
openclaw gateway restart

Step 3 — Verify

Send a test message to the bot from Teams. Check logs: 

openclaw gateway logs --tail 50

What the Script Does

脚本通过内容 marker 定位目标文件(哈希文件名自动兼容):

#PatchMarker 定位
1buildMSTeamsAuthConfig — adds authority, issuers, scope for ChinabuildMSTeamsAuthConfig + getAuthConfigWithDefaults
2GRAPH_ROOTmicrosoftgraph.chinacloudapi.cnGRAPH_ROOT + microsoftgraph
3getAccessToken("https://graph.microsoft.com") → ChinaMsalTokenProvider + GRAPH_ROOT
4DEFAULT_MEDIA_HOST_ALLOWLIST adds China Graph CDNDEFAULT_MEDIA_HOST_ALLOWLIST + microsoftgraph
5DEFAULT_MEDIA_AUTH_HOST_ALLOWLIST adds China endpointsDEFAULT_MEDIA_AUTH_HOST_ALLOWLIST + microsoftgraph
6getDefaultIssuers adds China issuergetDefaultIssuers + api.botframework.com
7MsalConnectionManager.applyConnectionDefaults issuers adds ChinaMsalConnectionManager + applyConnectionDefaults
8jwksUri adds China JWKS endpointpayload.iss + login.botframework.com
9verifyOptions audience adds ChinaverifyOptions + api.botframework.com
10getTokenServiceEndpoint default → ChinagetTokenServiceEndpoint + TOKEN_SERVICE_ENDPOINT
11createConnectorClientWithIdentity scope default → ChinacreateConnectorClientWithIdentity
12createUserTokenClient scope/audience defaults → ChinacreateUserTokenClient
13getAccessToken botframework scope → ChinaMsalTokenProvider + loadAuthConfigFromEnv
14scopeCandidatesForUrl adds China Graph domainscopeCandidatesForUrl + graph.microsoft.com

Manual Fallback (if script reports missing or not found)

If any patch shows missing (pattern not found in located file) or not found (no file matches markers):

  • Read the endpoints reference:
   references/endpoints.md
  • Locate the file manually — search for the function name or string literal in dist:
   grep -r "functionName" ~/.nvm/versions/node/v24.14.1/lib/node_modules/openclaw/dist/*.js
  • Read the actual content and use edit tool with the real oldText → newText.

Key Bug: Audience Mismatch

The most critical bug the script fixes is in buildMSTeamsAuthConfig. The original code returns: 

return sdk.getAuthConfigWithDefaults({ clientId, clientSecret, tenantId });

This causes MSAL to fall back to global endpoints because no China configuration is passed. The script fixes this by adding: 

return sdk.getAuthConfigWithDefaults({
    clientId: creds.appId,
    clientSecret: creds.appPassword,
    tenantId: creds.tenantId,
    authority: "https://login.chinacloudapi.cn",
    issuers: ["https://api.botframework.azure.cn", "https://sts.chinacloudapi.cn/"],
    scope: "https://api.botframework.azure.cn"
});

Configuration (After Patching)

Configure the msteams channel with the authority field:

{
  "channels": {
    "msteams": {
      "enabled": true,
      "appId": "",
      "appPassword": "",
      "tenantId": "",
      "authority": "https://login.partner.microsoftonline.cn"
    }
  }
}

Or via environment variables: 

MSTEAMS_AUTHORITY=https://login.partner.microsoftonline.cn
MSTEAMS_APP_ID=
MSTEAMS_APP_PASSWORD=
MSTEAMS_TENANT_ID=

Endpoints Reference

See references/endpoints.md for the complete China vs Global endpoint table (AAD authority, Bot Framework API, Graph API, JWKS URIs, AAD token issuers).

数据来源ClawHub ↗ · 中文优化:龙虾技能库