Add get_token_scope method to ClaimsIdentity and update token handling in ChannelServiceAdapter and RestChannelServiceClientFactory

[MattB-msft]

This pull request introduces improvements to how token scopes are determined and utilized throughout the agent hosting core, aiming for more consistent and centralized handling. The main changes include the addition of a new method for retrieving token scopes from claims, refactoring of scope assignment in several places to use this method, and an update to the echo proactive agent sample to include JWT authorization middleware.

Token scope handling improvements:

• Added a new method get_token_scope to ClaimsIdentity for retrieving the appropriate token scope based on the claim type, centralizing scope logic.
• Updated scope assignment in process_activity (in channel_service_adapter.py) to use claims_identity.get_token_scope() instead of duplicating scope logic.
• Refactored token retrieval in create_connector_client and create_user_token_client to use the new centralized get_token_scope method for consistency. [1] [2]

Sample and middleware updates:

• Added jwt_authorization_middleware import and applied it as a middleware in the echo_proactive_agent.py sample app to improve request authorization handling. [1] [2]

[Copilot]

Pull request overview

This pull request centralizes token scope determination logic by introducing a new get_token_scope method to the ClaimsIdentity class. The changes eliminate duplicate scope construction logic across multiple files and add JWT authorization middleware to the echo proactive agent sample.

Changes:

• Added get_token_scope() method to ClaimsIdentity for centralized token scope retrieval
• Refactored ChannelServiceAdapter and RestChannelServiceClientFactory to use the new centralized method
• Added JWT authorization middleware to the echo proactive agent sample for improved request authorization

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 4 comments.

File	Description
libraries/microsoft-agents-hosting-core/microsoft_agents/hosting/core/authorization/claims_identity.py	Added new get_token_scope() method to centralize token scope logic
libraries/microsoft-agents-hosting-core/microsoft_agents/hosting/core/channel_service_adapter.py	Removed duplicate scope logic and now uses claims_identity.get_token_scope()
libraries/microsoft-agents-hosting-core/microsoft_agents/hosting/core/rest_channel_service_client_factory.py	Updated to use claims_identity.get_token_scope() instead of inline scope construction
test_samples/app_style/echo_proactive_agent.py	Added JWT authorization middleware to the sample application

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

@MattB-msft I've opened a new pull request, #291, to work on those changes. Once the pull request is ready, I'll request review from you.

[Copilot]

@MattB-msft I've opened a new pull request, #292, to work on those changes. Once the pull request is ready, I'll request review from you.

[Copilot]

@MattB-msft I've opened a new pull request, #293, to work on those changes. Once the pull request is ready, I'll request review from you.

[Copilot]

Pull request overview

Copilot reviewed 13 out of 13 changed files in this pull request and generated 3 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.