Issue in MS Teams chat UI action

nameisnani
Mega Sage

‎03-23-2025 11:21 PM

hi team 

 

we are getting issue like this [ ' Invalid access token. Please check  your credential alias ' ] and 

HTTP Error 401 - Unauthorized

when we are clicking on  ms teams chat  UI action button in Incident form, as shown in below 

 

nameisnani_0-1742796892839.png

nameisnani_1-1742796947806.png

 

from the logs we found this message 

nameisnani_2-1742797006771.png

 

 

can anyone please provide where should i update and what needs to be updated.

 

nameisnani_3-1742797078696.png

 

 

 

 

I have followed this step also 

 

- Please delete oAuth token by navigating to "System OAuth > Manage Tokens" and locate the token for the user who receive the error message which prompts for login when he tried to open teams chat again.

 

after that also not working .

 

 

Please hlep me 

 

0 Helpfuls
  • 683 Views
7 REPLIES 7

nameisnani
Mega Sage

‎03-24-2025 11:15 PM

Hi @Ankur Bawiskar  ,

 

Please find Script Include and UI action 

SCRIPT INCLUDE 


var MSTeamsCredentialsHelper = Class.create();
MSTeamsCredentialsHelper.prototype = {
    initialize: function() {
        this.requestorId;
        this.requestorProfile;
        this.azureGlobalUtils = new global.MSAzureGlobalUtils();
        this.azureUtils = new sn_now_azure.MSAzureUtils();
        this.useIHActionsForSingleTenant = new sn_tcm_collab_hook.MSTeamsChatUtil().useIHActionsForSingleTenant();
        this.defaultOAuthProfile = this.useIHActionsForSingleTenant ? (GlideApplicationProperty.getValue('sn_tcm_collab_hook.teams_st_chat_oauth_profile') || 'e0210fec532130101bd3ddeeff7b12d0') : 'd2cb473e53a72010fa75ddeeff7b120f';
    },

    TABLES: {
        USER: 'sn_now_azure_user',
        OAUTH_REQUESTOR_PROFILE: 'oauth_requestor_profile'
    },

    FIELDS: {
        USER: 'user',
        REQ_CONTEXT: 'requestor_context',
        REQ_ID: 'requestor_id',
    },

    DEFAULT_REQUESTOR_CONEXT: 'sn_now_azure_user',

    getUserCredential: function() {
        // Mapping record is created if not exists;
        var credentialGr = new sn_now_azure.MSAzureUserUtils().getAzureMappingGr(true);
        var requestorProfileGr = new GlideRecord(this.TABLES.OAUTH_REQUESTOR_PROFILE);
        requestorProfileGr.addQuery(this.FIELDS.REQ_CONTEXT, this.DEFAULT_REQUESTOR_CONEXT);
        requestorProfileGr.addQuery(this.FIELDS.REQ_ID, credentialGr.getUniqueValue());
        requestorProfileGr.query();
        requestorProfileGr.next();
        this.requestorProfile = requestorProfileGr.getUniqueValue();
        this.requestorId = credentialGr.getUniqueValue();
    },

    getOauthInitiatorURL: function() {
        var state = gs.base64Encode(JSON.stringify({
            instance_url: this.azureGlobalUtils.getInstanceURL(),
            browser_url: this.azureGlobalUtils.getBrowserURL(),
            nonce: this.azureGlobalUtils.encrypt(this.azureUtils.getNonce())
        }));
        this.getUserCredential();
        var oauth_initiator_url = '/oauth_initiator.do' +
            '?oauth_requestor_context=' + this.DEFAULT_REQUESTOR_CONEXT +
            '&oauth_requestor=' + this.requestorId +
            '&oauth_provider_profile=' + this.defaultOAuthProfile +
            '&response_type=code';
        if (!this.useIHActionsForSingleTenant)
            oauth_initiator_url += '&state=' + state;
        return oauth_initiator_url;
    },

    isAccessTokenOrRefreshTokenAvailable: function() {
        this.getUserCredential();
        if (!gs.nil(this.requestorId)) {
            var oAuthClient = new sn_auth.GlideOAuthClient();
            var token = oAuthClient.getToken(this.requestorId, this.defaultOAuthProfile);
            if (token) {
                if (token.getAccessToken() && !this.isExpired(token.getExpiresIn(), 60))
                    return true;
                if (token.getRefreshToken() && !this.isExpired(token.getRefreshTokenExpiresIn(), 120))
                    return true;
            }
        }
        return false;
    },

    getAccessToken: function() {
        var token = this.getToken();
        var accessToken = token.getAccessToken();
        if (accessToken) {
            // if the token is valid for atleast 1 min, use the token otherwise refresh it
            if (!this.isExpired(token.getExpiresIn(), 60)) {
                return accessToken;
            } else {
                gs.info('token has expired');
            }
        }
        if (!token.getRefreshToken()) {
            gs.error("No OAuth refresh token available. Manual reauthorization required");
            return;
        }

        if (this.isExpired(token.getRefreshTokenExpiresIn(), 0)) {
            return;
        }

        accessToken = this.refreshAccessToken(this.requestorId, this.defaultOAuthProfile, token);
        if (!gs.nil(accessToken))
            return accessToken;
        else
            gs.error("Error while refreshing the token");
    },

    getToken: function() {
        var entityProfileId = this.defaultOAuthProfile;
        this.getUserCredential();
        if (!gs.nil(this.requestorId)) {
            var client = new sn_auth.GlideOAuthClient();
            return client.getToken(this.requestorId, entityProfileId);
        } else {
            gs.error('Could not find the access token for the user');
            return null;
        }
    },

    refreshAccessToken: function(requestorId, oauthProfileId, token) {
        if (!(token && requestorId && oauthProfileId))
            return;
        var tokenRequest = new sn_auth.GlideOAuthClientRequest();
        tokenRequest.setGrantType("refresh_token");
        tokenRequest.setRefreshToken(token.getRefreshToken());
        tokenRequest.setParameter('oauth_requestor_context', this.DEFAULT_REQUESTOR_CONEXT);
        tokenRequest.setParameter('oauth_requestor', requestorId);
        tokenRequest.setParameter('oauth_provider_profile', oauthProfileId);
        var oAuthClient = new sn_auth.GlideOAuthClient();
        var tokenResponse = oAuthClient.requestTokenByRequest(null, tokenRequest);
        var error = tokenResponse.getErrorMessage();
        if (error)
            gs.warn("Error:" + tokenResponse.getErrorMessage());
        var tokenRes = tokenResponse.getToken();
        if (!gs.nil(tokenRes))
            return tokenRes.getAccessToken();
        return;
    },

    isExpired: function(expiresIn, withinSeconds) {
        if (expiresIn > withinSeconds)
            return false;
        return true;
    },

    type: 'MSTeamsCredentialsHelper'
};

 

0 Helpfuls

nameisnani
Mega Sage

‎03-24-2025 11:17 PM

Hi @Ankur Bawiskar 

 

ui action script .

function initChatWithGroup() {
    ScriptLoader.getScripts('/sn_tcm_collab_hook.openChatSwarmModal.jsdbx', function() {
        MSTeamsOpenUserChatModal();
    });
}

nameisnani_0-1742883431276.png

 

 

0 Helpfuls

Ankur Bawiskar
Tera Patron
Tera Patron
In response to nameisnani

‎03-24-2025 11:23 PM

@nameisnani 

is that UI script coming with some plugin or a custom one?

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls