rani/matterbridge.git

Viewing file on branch master

1	<!-- TOC -->
2
3	- [MSteams - mattermost - matterbridge integration](#MSteams---mattermost---matterbridge-integration)
4	- [Go to Microsoft Azure portal](#go-to-microsoft-azure-portal)
5	- [Go to App registrations](#go-to-app-registrations)
6	- [Create a new App registration](#create-a-new-app-registration)
7	- [Set Permissions](#set-permissions)
8	- [Click on View API Permissions (at the bottom)](#click-on-view-api-permissions-at-the-bottom)
9	- [Actually set permissions](#actually-set-permissions)
10	- [Wait and let an admin consent them](#wait-and-let-an-admin-consent-them)
11	- [Consent](#consent)
12	- [Accept permissions](#accept-permissions)
13	- [Wait again](#wait-again)
14	- [Reload](#reload)
15	- [Set redirect URI](#set-redirect-uri)
16	- [Set application as public client](#set-application-as-public-client)
17	- [Get necessary ID's for matterbridge](#get-necessary-ids-for-matterbridge)
18	- [ClientID and TenantID](#clientid-and-tenantid)
19	- [TeamID](#teamid)
20	- [ChannelID](#channelid)
21	- [Matterbridge configuration](#matterbridge-configuration)
22	- [Configure teams in matterbridge](#configure-teams-in-matterbridge)
23	- [Configure mattermost in matterbridge](#configure-mattermost-in-matterbridge)
24	- [Configure bridging channels](#configure-bridging-channels)
25	- [Once again the complete configuration](#once-again-the-complete-configuration)
26	- [Starting matterbridge](#starting-matterbridge)
27
28	<!-- /TOC -->
29
30	# MSteams - mattermost - matterbridge integration
31
32	This is a complete walkthrough about how to setup an example mattermost <=> microsoft teams integration using matterbridge.
33
34	Please read everything very careful!
35
36	# Go to Microsoft Azure portal
37
38	- https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Overview
39
40	# Go to App registrations
41
42	- https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps
43
44	![image](https://user-images.githubusercontent.com/1810977/71424191-ba89e700-268f-11ea-9733-a0fb193c1fb7.png)
45
46	# Create a new App registration
47
48	Click on `New Registration` (top)
49
50	![image](https://user-images.githubusercontent.com/1810977/71424288-7f3be800-2690-11ea-93c6-ee4d811e2bdf.png)
51
52	# Set Permissions
53
54	## Click on View API Permissions (at the bottom)
55
56	![image](https://user-images.githubusercontent.com/1810977/71424300-9bd82000-2690-11ea-9818-6103c09dbbd6.png)
57
58	## Actually set permissions
59
60	- Choose `graph API`
61	- Choose `delegated permissions`
62	- Add `Group.Read.All`, `Group.ReadWrite.All` and `User.Read`. These permissions are needed for sending/reading chat messages in a channel.
63	- Add `Files.Read`, `Files.Read.All`, `Sites.Read.All`. These permissions are needed for reading the file attachments in messages.
64
65	![image](https://user-images.githubusercontent.com/1810977/71424310-b4483a80-2690-11ea-8c28-051694f2972a.png)
66
67	## Wait and let an admin consent them
68
69	This can take a while according to the message
70
71	![image](https://user-images.githubusercontent.com/1810977/71424323-d04bdc00-2690-11ea-961a-5963f8d02e97.png)
72
73	## Consent
74
75	You can now click on the Grant admin consent for `yourorganization`
76
77	![image](https://user-images.githubusercontent.com/1810977/71424329-df328e80-2690-11ea-8f2c-4e679f5d0460.png)
78
79	## Accept permissions
80
81	You'll get a popup with the permissions you just added. Agree
82
83	![image](https://user-images.githubusercontent.com/1810977/71424341-ef4a6e00-2690-11ea-94ac-1dd7d7737ce0.png)
84
85	## Wait again
86
87	This will take a few minutes again :)
88
89	![image](https://user-images.githubusercontent.com/1810977/71424347-fc675d00-2690-11ea-90cb-a9c95a482d78.png)
90
91	## Reload
92
93	Afterwards you'll see green checkboxes for the permissions
94
95	![image](https://user-images.githubusercontent.com/1810977/71424355-0c7f3c80-2691-11ea-9cd5-a91c7fd0ae3b.png)
96
97	# Set redirect URI
98
99	This needs to be set otherwise the delegation doesn't work. Click on "Add a redirect URI"
100
101	![image](https://user-images.githubusercontent.com/1810977/71424361-1b65ef00-2691-11ea-9b0e-e8bf271451d8.png)
102
103	Just fill in something like http://localhost:12345/matterbridge
104
105	![image](https://user-images.githubusercontent.com/1810977/71424371-2de02880-2691-11ea-8ce8-fa4535e7468d.png)
106
107	# Set application as public client
108
109	Scroll down a bit
110
111	Set `Treat application as a public client.` to Yes
112
113	![image](https://user-images.githubusercontent.com/1810977/71424383-3cc6db00-2691-11ea-94e3-d17fb6faee11.png)
114
115	Don't forget to click Save on top of the page
116
117
118	# Get necessary ID's for matterbridge
119
120	## ClientID and TenantID
121
122	Click on overview, left upper link.
123
124	You'll see 2 ID's, these are needed for the matterbridge configuration.
125
126	- Tenant ID
127	- Client ID
128
129	![image](https://user-images.githubusercontent.com/1810977/71424388-4b14f700-2691-11ea-88fa-e8bcaeeb6747.png)
130
131	## TeamID
132
133	Go to your teams website <https://teams.microsoft.com> should work.
134
135	Find your team, click on the 3 dots and select `get link to team`
136
137	![image](https://user-images.githubusercontent.com/1810977/71424396-5c5e0380-2691-11ea-853f-182ae192f787.png)
138
139	This will get you a popup, click copy.
140
141	![image](https://user-images.githubusercontent.com/1810977/71424402-697af280-2691-11ea-9054-30edce6b9e0a.png)
142
143	If you paste it you'll get something like
144
145	https://teams.microsoft.com/l/team/19%3axxxxxxxxxxxxxxxxxc%40thread.skype/conversations?groupId=xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx&tenantId=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
146
147	The groupID is the TeamID you need to configure matterbridge.
148
149	## ChannelID
150
151	Next you have to decide which channel you want to bridge with for example mattermost.
152
153	In our setup we have the team `matterbridge` with 2 channels `General` (a default channel for every team) and `newchannel` one I created.
154
155	You'll find the channel ID in the URL in the `threadId=`19:82abcxxxxxxxxx@thread.skype
156
157	![image](https://user-images.githubusercontent.com/1810977/71424405-7861a500-2691-11ea-9567-c595efe07818.png)
158
159	Note this ID 19:82abcxxxxxxxxx@thread.skype, we will need it when configuring the bridging.
160
161
162	# Matterbridge configuration
163
164	Create an empty `matterbridge.toml` file
165
166	## Configure teams in matterbridge
167
168	You should know have all the three ID's to configure matterbridge:
169
170	```toml
171	[msteams.teams]
172	TenantID="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
173	ClientID="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
174	TeamID="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
175	RemoteNickFormat="[{PROTOCOL}] <{NICK}> "
176	```
177
178	add this to the `matterbridge.toml` file
179
180	## Configure mattermost in matterbridge
181
182	See als the [wiki](https://github.com/42wim/matterbridge/wiki/Section-Mattermost-(basic)-https)
183
184	Configure this for your setup and add this to the `matterbridge.toml` file
185
186
187	```toml
188	[mattermost.mymattermost]
189	#The mattermost hostname. (do not prefix it with http or https)
190	Server="yourmattermostserver.domain:443"
191
192	#the team name as can be seen in the mattermost webinterface URL
193	#in lowercase, without spaces
194	Team="yourteam"
195
196	#login/pass of your bot.
197	#Use a dedicated user for this and not your own!
198	Login="yourlogin"
199	Password="yourpass"
200
201	RemoteNickFormat="[{PROTOCOL}] <{NICK}> "
202	PrefixMessagesWithNick=true
203	```
204
205	## Configure bridging channels
206
207	If you want to bridge the `testing` channel in mattermost with the `general` channel in msteams the configuration will look like this:
208
209	```toml
210	[[gateway]]
211	name="gw"
212	enable=true
213
214	[[gateway.inout]]
215	account = "mattermost.mymattermost"
216	channel = "testing"
217
218	[[gateway.inout]]
219	account="msteams.teams"
220	channel="19:82caxxxxxxxxxxxxxxxxxxxxxxxx@thread.skype"
221	```
222
223	The strange channel 19:82caxxxxxxxxxxxxxxxxxxxxxxxx@thread.skype can be found in this documentation at the ChannelID header above.
224
225	## Once again the complete configuration
226
227	Your `matterbridge.toml` file should contain:
228
229	```toml
230	[msteams.teams]
231	TenantID="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
232	ClientID="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
233	TeamID="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
234	RemoteNickFormat="[{PROTOCOL}] <{NICK}> "
235
236	[mattermost.mymattermost]
237	Server="yourmattermostserver.domain:443"
238	Team="yourteam"
239	Login="yourlogin"
240	Password="yourpass"
241	RemoteNickFormat="[{PROTOCOL}] <{NICK}> "
242	PrefixMessagesWithNick=true
243
244	[[gateway]]
245	name="gw"
246	enable=true
247
248	[[gateway.inout]]
249	account = "mattermost.mymattermost"
250	channel = "testing"
251
252	[[gateway.inout]]
253	account="msteams.teams"
254	channel="19:82caxxxxxxxxxxxxxxxxxxxxxxxx@thread.skype"
255	```
256
257
258	## Starting matterbridge
259
260	Now you can start matterbridge by running `matterbridge -conf matterbridge.toml`
261
262	The first time you start matterbridge it'll ask you to authenticate the app on behalf of you. You can do this from your own account or use a specific bot account for it.
263
264	Matterbridge can only read/send to the channels the account is in
265
266	```bash
267	[0003] INFO router: Starting bridge: msteams.teams
268	To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code C8EGY6384 to authenticate.
269	```
270
271	Go to the URL as specified and enter the code.
272
273	![image](https://user-images.githubusercontent.com/1810977/71424412-8b747500-2691-11ea-92ee-294e82a1fdf1.png)
274
275	You'll now get a popup to consent, this is everything that matterbridge has access to. For now it'll only use read all groups and read and write all groups to read and send messages.
276
277	![image](https://user-images.githubusercontent.com/1810977/71424430-b5c63280-2691-11ea-8aa9-ababae5b7a6a.png)
278
279	Afterwards you should see this window
280
281	![image](https://user-images.githubusercontent.com/1810977/71424441-c8406c00-2691-11ea-8ead-ce725875dea9.png)
282
283	And matterbridge will continue to start-up
284
285	Matterbridge by default will write a sessionfile containing tokens to the directory where matterbridge is running. It'll be a file called `msteams_session.json`. This files contains the necessary credentials so that matterbridge can restart/renew without asking the device login again.
286
287	Be sure to keep this file secure!
288
289	You can choose another path/filename, by adding `SessionFile="/yourpath/yourfilename"` to the `[msteams.teams]` configuration.
290