@bradygaster/squad-sdk 0.9.3-insider.1 → 0.9.4

package/dist/platform/comms-teams.js

@@ -4,61 +4,167 @@
  * Auth priority: cached token → refresh → browser PKCE → device code fallback.
  * Uses the Microsoft Graph PowerShell first-party client ID by default (works
  * in every Microsoft tenant with no custom Entra registration required).
- * Tokens stored in ~/.squad/teams-tokens.json.
+ * Tokens stored per-identity in ~/.squad/teams-tokens-{hash(tenantId:clientId)}.json.
  *
  * @module platform/comms-teams
  */
 import { join } from 'node:path';
 import { homedir, platform } from 'node:os';
-import { existsSync, readFileSync, writeFileSync, mkdirSync } from 'node:fs';
+import { existsSync, readFileSync, writeFileSync, mkdirSync, chmodSync, unlinkSync } from 'node:fs';
 import { createServer } from 'node:http';
 import { randomBytes, createHash } from 'node:crypto';
-import { exec } from 'node:child_process';
+import { execFile } from 'node:child_process';
 // ─── Defaults ────────────────────────────────────────────────────────
 /** Microsoft Graph PowerShell — first-party, present in every tenant */
 const DEFAULT_CLIENT_ID = '14d82eec-204b-4c2f-b7e8-296a70dab67e';
 /** Multi-tenant "organizations" endpoint — works for any Entra org */
 const DEFAULT_TENANT_ID = 'organizations';
 const SQUAD_DIR = join(homedir(), '.squad');
-const TOKEN_PATH = join(SQUAD_DIR, 'teams-tokens.json');
-function loadTokens() {
+/** Legacy single-file path (pre-tenant-scoped) — migrated away on first use */
+const LEGACY_TOKEN_PATH = join(SQUAD_DIR, 'teams-tokens.json');
+/**
+ * Derive a safe, collision-resistant filename for a token cache entry.
+ * Uses SHA-256 hash of `tenantId + clientId` to avoid path traversal,
+ * special character issues, and to provide collision-resistant separation for different app registrations. Uses 16 hex chars (~64 bits) of SHA-256 — sufficient for practical uniqueness across tenant/app combinations.
+ */
+function getTokenPath(tenantId, clientId) {
+    const hash = createHash('sha256').update(`${tenantId}:${clientId}`).digest('hex').slice(0, 16);
+    return join(SQUAD_DIR, `teams-tokens-${hash}.json`);
+}
+function loadTokens(tenantId, clientId) {
+    const tokenPath = getTokenPath(tenantId, clientId);
     try {
-        if (!existsSync(TOKEN_PATH))
+        if (!existsSync(tokenPath))
+            return null;
+        const raw = readFileSync(tokenPath, 'utf-8');
+        const parsed = JSON.parse(raw);
+        // Validate minimum required shape
+        if (typeof parsed.accessToken !== 'string' || typeof parsed.expiresAt !== 'number' || typeof parsed.refreshToken !== 'string')
+            return null;
+        // Reject tokens from a different config (stale/corrupted cache)
+        if (parsed.configTenantId && parsed.configTenantId !== tenantId)
+            return null;
+        if (parsed.clientId && parsed.clientId !== clientId)
             return null;
-        const raw = readFileSync(TOKEN_PATH, 'utf-8');
-        return JSON.parse(raw);
+        return parsed;
     }
     catch {
         return null;
     }
 }
-function saveTokens(tokens) {
+// Security: tokens stored with 0o600 permissions (owner-only read/write).
+function saveTokens(tenantId, clientId, tokens) {
+    const tokenPath = getTokenPath(tenantId, clientId);
     if (!existsSync(SQUAD_DIR)) {
-        mkdirSync(SQUAD_DIR, { recursive: true });
+        mkdirSync(SQUAD_DIR, { recursive: true, mode: 0o700 });
+    }
+    const jwtClaims = extractJwtClaims(tokens.accessToken);
+    const withMeta = {
+        ...tokens,
+        configTenantId: tenantId,
+        clientId,
+        authenticatedTenantId: jwtClaims.tid,
+        authenticatedUserId: jwtClaims.oid,
+    };
+    writeFileSync(tokenPath, JSON.stringify(withMeta, null, 2), { encoding: 'utf-8', mode: 0o600 });
+    // Ensure permissions are correct even if file already existed
+    if (platform() === 'win32') {
+        execFile('icacls', [tokenPath, '/inheritance:r', '/grant:r', `${process.env.USERNAME ?? 'CURRENT_USER'}:(R,W)`], (err) => {
+            if (err)
+                console.warn('⚠️ Could not restrict token file permissions:', err.message);
+        });
+    }
+    else {
+        chmodSync(SQUAD_DIR, 0o700);
+        chmodSync(tokenPath, 0o600);
+    }
+}
+/**
+ * Remove cached tokens from disk for a specific config.
+ * Used on permanent auth errors and explicit logout.
+ */
+function clearTokens(tenantId, clientId) {
+    const tokenPath = getTokenPath(tenantId, clientId);
+    try {
+        if (existsSync(tokenPath))
+            unlinkSync(tokenPath);
+    }
+    catch { /* best-effort cleanup */ }
+}
+/**
+ * Migrate legacy single-file token cache to identity-scoped storage.
+ * Moves tokens from `teams-tokens.json` → `teams-tokens-{hash}.json`,
+ * then deletes the legacy file.
+ */
+function migrateLegacyTokens(tenantId, clientId) {
+    try {
+        if (!existsSync(LEGACY_TOKEN_PATH))
+            return;
+        const raw = readFileSync(LEGACY_TOKEN_PATH, 'utf-8');
+        const tokens = JSON.parse(raw);
+        if (tokens.accessToken) {
+            saveTokens(tenantId, clientId, tokens);
+        }
+        unlinkSync(LEGACY_TOKEN_PATH);
     }
-    writeFileSync(TOKEN_PATH, JSON.stringify(tokens, null, 2), 'utf-8');
+    catch { /* best-effort migration */ }
 }
+/**
+ * Extract `tid` (tenant GUID) and `oid` (user object ID) from a JWT access token.
+ * Best-effort: returns empty object if the token can't be decoded.
+ * Does NOT verify the signature — the token was just received over TLS from Microsoft.
+ */
+function extractJwtClaims(accessToken) {
+    try {
+        const parts = accessToken.split('.');
+        if (parts.length !== 3 || !parts[1])
+            return {};
+        const payload = parts[1].replace(/-/g, '+').replace(/_/g, '/');
+        const decoded = JSON.parse(Buffer.from(payload, 'base64').toString('utf-8'));
+        return {
+            tid: typeof decoded.tid === 'string' ? decoded.tid : undefined,
+            oid: typeof decoded.oid === 'string' ? decoded.oid : undefined,
+        };
+    }
+    catch {
+        return {};
+    }
+}
+/** Errors that indicate a permanently invalid refresh token (do not retry) */
+const PERMANENT_AUTH_ERRORS = ['invalid_grant', 'interaction_required', 'consent_required', 'invalid_client'];
 // ─── Graph Helpers ───────────────────────────────────────────────────
 const GRAPH_BASE = 'https://graph.microsoft.com/v1.0';
 const SCOPES = 'Chat.ReadWrite ChatMessage.Send ChatMessage.Read User.Read offline_access';
 async function graphFetch(url, accessToken, options = {}) {
-    const res = await fetch(url, {
-        method: options.method ?? 'GET',
-        headers: {
-            Authorization: `Bearer ${accessToken}`,
-            'Content-Type': 'application/json',
-        },
-        body: options.body ? JSON.stringify(options.body) : undefined,
-    });
-    if (!res.ok) {
-        const text = await res.text().catch(() => '');
-        throw new Error(`Graph API ${res.status}: ${res.statusText} — ${text}`);
-    }
-    const contentType = res.headers.get('content-type') ?? '';
-    if (contentType.includes('application/json')) {
-        return res.json();
+    const maxRetries = 3;
+    for (let attempt = 0; attempt <= maxRetries; attempt++) {
+        const res = await fetch(url, {
+            method: options.method ?? 'GET',
+            headers: {
+                Authorization: `Bearer ${accessToken}`,
+                'Content-Type': 'application/json',
+            },
+            body: options.body ? JSON.stringify(options.body) : undefined,
+        });
+        if (res.status === 429 || res.status === 503 || res.status === 504) {
+            if (attempt < maxRetries) {
+                const retryAfter = Math.min(Number(res.headers.get('Retry-After') || '5'), 30);
+                await new Promise((r) => setTimeout(r, retryAfter * 1000));
+                continue;
+            }
+        }
+        if (!res.ok) {
+            const text = await res.text().catch(() => '');
+            throw new Error(`Graph API ${res.status}: ${res.statusText} — ${text}`);
+        }
+        const contentType = res.headers.get('content-type') ?? '';
+        if (contentType.includes('application/json')) {
+            return res.json();
+        }
+        return undefined;
     }
-    return undefined;
+    // Unreachable, but satisfies TypeScript
+    throw new Error('Graph API request failed after retries');
 }
 function parseTokens(data) {
     return {
@@ -76,10 +182,17 @@ h1{margin:0 0 .5rem;font-size:1.4rem}p{color:#555;margin:0}</style></head>
 <body><div class="card"><h1>✅ Authentication successful!</h1><p>You can close this tab and return to the terminal.</p></div></body></html>`;
 /** Open a URL in the user's default browser. */
 function openBrowser(url) {
-    const cmd = platform() === 'win32' ? `start "" "${url}"`
-        : platform() === 'darwin' ? `open "${url}"`
-            : `xdg-open "${url}"`;
-    exec(cmd, () => { });
+    const p = platform();
+    if (p === 'win32') {
+        // Use PowerShell Start-Process to avoid cmd.exe & metacharacter injection
+        execFile('powershell.exe', ['-NoProfile', '-Command', `Start-Process '${url.replace(/'/g, "''")}'`], () => { });
+    }
+    else if (p === 'darwin') {
+        execFile('open', [url], () => { });
+    }
+    else {
+        execFile('xdg-open', [url], () => { });
+    }
 }
 /** Base64-URL encode (no padding). */
 function base64url(buf) {
@@ -88,14 +201,17 @@ function base64url(buf) {
 async function startBrowserAuthFlow(tenantId, clientId) {
     const codeVerifier = base64url(randomBytes(32));
     const codeChallenge = base64url(createHash('sha256').update(codeVerifier).digest());
+    const oauthState = base64url(randomBytes(16));
     return new Promise((resolve, reject) => {
         const server = createServer((req, res) => {
             const reqUrl = new URL(req.url ?? '/', `http://localhost`);
             const code = reqUrl.searchParams.get('code');
             const error = reqUrl.searchParams.get('error');
+            const returnedState = reqUrl.searchParams.get('state');
             if (error) {
+                const errorDesc = reqUrl.searchParams.get('error_description') ?? '';
                 res.writeHead(200, { 'Content-Type': 'text/html' });
-                res.end(`<html><body><h1>Authentication failed</h1><p>${error}</p></body></html>`);
+                res.end(`<html><body><h1>Authentication failed</h1><p>${escapeHtml(error)}</p><p>${escapeHtml(errorDesc)}</p></body></html>`);
                 cleanup();
                 reject(new Error(`Browser auth denied: ${error}`));
                 return;
@@ -105,6 +221,14 @@ async function startBrowserAuthFlow(tenantId, clientId) {
                 res.end('Missing authorization code');
                 return;
             }
+            // Validate state to prevent CSRF
+            if (returnedState !== oauthState) {
+                res.writeHead(400, { 'Content-Type': 'text/plain' });
+                res.end('Invalid state parameter — possible CSRF attack');
+                cleanup();
+                reject(new Error('OAuth state mismatch — possible CSRF'));
+                return;
+            }
             // Exchange code for tokens
             const redirectUri = `http://localhost:${server.address().port}`;
             const tokenUrl = `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/token`;
@@ -126,7 +250,7 @@ async function startBrowserAuthFlow(tenantId, clientId) {
                     throw new Error(`Token exchange failed: ${data.error} — ${data.error_description}`);
                 }
                 const tokens = parseTokens(data);
-                saveTokens(tokens);
+                saveTokens(tenantId, clientId, tokens);
                 res.writeHead(200, { 'Content-Type': 'text/html' });
                 res.end(SUCCESS_HTML);
                 cleanup();
@@ -148,6 +272,11 @@ async function startBrowserAuthFlow(tenantId, clientId) {
             clearTimeout(timer);
             server.close();
         }
+        // Handle server startup errors (port exhaustion, permission denied, etc.)
+        server.on('error', (err) => {
+            cleanup();
+            reject(new Error(`OAuth callback server failed: ${err.message}`));
+        });
         // Bind to a random available port
         server.listen(0, '127.0.0.1', () => {
             const port = server.address().port;
@@ -159,12 +288,19 @@ async function startBrowserAuthFlow(tenantId, clientId) {
                 `&scope=${encodeURIComponent(SCOPES)}` +
                 `&code_challenge=${encodeURIComponent(codeChallenge)}` +
                 `&code_challenge_method=S256` +
+                `&state=${encodeURIComponent(oauthState)}` +
                 `&prompt=select_account`;
             console.log('🌐 Opening browser for Teams authentication...');
             openBrowser(authorizeUrl);
         });
     });
 }
+/** Maximum time allowed for device-code auth flow (15 minutes) */
+const DEVICE_CODE_TIMEOUT_MS = 15 * 60 * 1000;
+/** Minimum poll interval for device-code flow (2 seconds) */
+const DEVICE_CODE_MIN_POLL_MS = 2_000;
+/** Maximum poll interval for device-code flow (30 seconds) */
+const DEVICE_CODE_MAX_POLL_MS = 30_000;
 async function startDeviceCodeFlow(tenantId, clientId) {
     const deviceCodeUrl = `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/devicecode`;
     const tokenUrl = `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/token`;
@@ -182,8 +318,11 @@ async function startDeviceCodeFlow(tenantId, clientId) {
     const dcData = (await dcRes.json());
     console.log(`\n🔐 Teams authentication required`);
     console.log(`   ${dcData.message}\n`);
-    const pollInterval = (dcData.interval || 5) * 1000;
-    const deadline = Date.now() + dcData.expires_in * 1000;
+    // Clamp poll interval and timeout to sane bounds
+    const rawInterval = (dcData.interval || 5) * 1000;
+    const pollInterval = Math.max(DEVICE_CODE_MIN_POLL_MS, Math.min(rawInterval, DEVICE_CODE_MAX_POLL_MS));
+    const serverTimeout = dcData.expires_in > 0 ? dcData.expires_in * 1000 : DEVICE_CODE_TIMEOUT_MS;
+    const deadline = Date.now() + Math.min(serverTimeout, DEVICE_CODE_TIMEOUT_MS);
     while (Date.now() < deadline) {
         await new Promise((r) => setTimeout(r, pollInterval));
         const tokenRes = await fetch(tokenUrl, {
@@ -198,7 +337,7 @@ async function startDeviceCodeFlow(tenantId, clientId) {
         const tokenData = (await tokenRes.json());
         if (tokenData.access_token) {
             const tokens = parseTokens(tokenData);
-            saveTokens(tokens);
+            saveTokens(tenantId, clientId, tokens);
             console.log(`✅ Teams authentication successful — tokens saved\n`);
             return tokens;
         }
@@ -227,29 +366,41 @@ async function refreshAccessToken(tenantId, clientId, refreshToken) {
     });
     const data = (await res.json());
     if (!data.access_token) {
-        throw new Error(`Token refresh failed: ${data.error} — ${data.error_description}`);
+        const err = new Error(`Token refresh failed: ${data.error} — ${data.error_description}`);
+        // Attach error code for callers to distinguish permanent vs transient failures
+        err.authError = data.error ?? 'unknown';
+        throw err;
     }
     const tokens = {
         accessToken: data.access_token,
         refreshToken: data.refresh_token ?? refreshToken,
         expiresAt: Date.now() + data.expires_in * 1000,
     };
-    saveTokens(tokens);
+    saveTokens(tenantId, clientId, tokens);
     return tokens;
 }
 // ─── Adapter ─────────────────────────────────────────────────────────
 export class TeamsCommunicationAdapter {
     config;
-    channel = 'teams-webhook';
+    channel = 'teams-graph';
     tokens = null;
     resolvedChatId;
     clientId;
     tenantId;
+    /** Per-instance user ID cache — cleared on every token change to prevent cross-account leaks */
+    cachedUserId = null;
     constructor(config) {
         this.config = config;
         this.resolvedChatId = config.chatId ?? null;
         this.clientId = config.clientId ?? DEFAULT_CLIENT_ID;
         this.tenantId = config.tenantId ?? DEFAULT_TENANT_ID;
+        // One-time migration from legacy single-file token storage
+        migrateLegacyTokens(this.tenantId, this.clientId);
+    }
+    /** Reset all identity-sensitive caches. Called on every token change. */
+    resetIdentityCaches() {
+        this.cachedUserId = null;
+        this.resolvedChatId = this.config.chatId ?? null;
     }
     /**
      * Ensure we have a valid access token.
@@ -257,7 +408,12 @@ export class TeamsCommunicationAdapter {
      */
     async ensureAuthenticated() {
         if (!this.tokens) {
-            this.tokens = loadTokens();
+            this.tokens = loadTokens(this.tenantId, this.clientId);
+            if (this.tokens) {
+                // Loaded from disk — reset identity caches since this may be
+                // a different session or the identity may have changed
+                this.resetIdentityCaches();
+            }
         }
         // Valid token — return it
         if (this.tokens && Date.now() < this.tokens.expiresAt - 60_000) {
@@ -267,15 +423,27 @@ export class TeamsCommunicationAdapter {
         if (this.tokens?.refreshToken) {
             try {
                 this.tokens = await refreshAccessToken(this.tenantId, this.clientId, this.tokens.refreshToken);
+                this.resetIdentityCaches();
                 return this.tokens.accessToken;
             }
-            catch {
-                console.warn('⚠️  Token refresh failed — re-authenticating...');
+            catch (err) {
+                const authError = err.authError ?? '';
+                if (PERMANENT_AUTH_ERRORS.includes(authError)) {
+                    // Permanent failure — clear stale tokens so they're not reloaded
+                    clearTokens(this.tenantId, this.clientId);
+                    this.tokens = null;
+                    this.resetIdentityCaches();
+                    console.warn(`⚠️  Token refresh permanently failed (${authError}) — re-authenticating...`);
+                }
+                else {
+                    console.warn('⚠️  Token refresh failed (transient) — re-authenticating...');
+                }
             }
         }
         // Try browser auth code flow with PKCE first
         try {
             this.tokens = await startBrowserAuthFlow(this.tenantId, this.clientId);
+            this.resetIdentityCaches();
             console.log('✅ Teams authentication successful — tokens saved');
             return this.tokens.accessToken;
         }
@@ -284,8 +452,33 @@ export class TeamsCommunicationAdapter {
         }
         // Fallback — device code flow (works in headless/SSH environments)
         this.tokens = await startDeviceCodeFlow(this.tenantId, this.clientId);
+        this.resetIdentityCaches();
         return this.tokens.accessToken;
     }
+    /**
+     * Logout: clear cached credentials (memory + disk) for this adapter's config.
+     * This is a local credential purge — does not call Microsoft's revocation endpoint
+     * (public-client refresh tokens cannot be reliably revoked server-side).
+     */
+    async logout() {
+        clearTokens(this.tenantId, this.clientId);
+        this.tokens = null;
+        this.resetIdentityCaches();
+    }
+    /** Resolve the current user's Graph ID, cached per auth session. */
+    async getMyUserId(accessToken) {
+        if (this.cachedUserId)
+            return this.cachedUserId;
+        try {
+            const me = (await graphFetch(`${GRAPH_BASE}/me`, accessToken));
+            this.cachedUserId = me.id;
+            return this.cachedUserId;
+        }
+        catch (err) {
+            console.warn(`⚠️ Teams /me fetch failed: ${err.message}`);
+            return null;
+        }
+    }
     /**
      * Find or create a 1:1 chat with the recipient.
      */
@@ -293,31 +486,18 @@ export class TeamsCommunicationAdapter {
         if (this.resolvedChatId)
             return this.resolvedChatId;
         const upn = this.config.recipientUpn;
-        // "me" mode — find or create a self-chat
+        // "me" mode requires an explicit chat ID to avoid selecting an arbitrary 1:1 chat.
         if (!upn || upn === 'me') {
-            const chatsRes = (await graphFetch(`${GRAPH_BASE}/me/chats?$filter=chatType eq 'oneOnOne'&$top=10`, accessToken));
-            if (chatsRes.value.length > 0) {
-                this.resolvedChatId = chatsRes.value[0].id;
-                return this.resolvedChatId;
+            if (!this.config.chatId) {
+                throw new Error('Teams "me" mode requires an explicit chatId to avoid routing messages to the wrong one-on-one chat. Provide config.chatId or set recipientUpn to a specific user.');
             }
-            const meRes = (await graphFetch(`${GRAPH_BASE}/me`, accessToken));
-            const chatRes = (await graphFetch(`${GRAPH_BASE}/chats`, accessToken, {
-                method: 'POST',
-                body: {
-                    chatType: 'oneOnOne',
-                    members: [
-                        {
-                            '@odata.type': '#microsoft.graph.aadUserConversationMember',
-                            roles: ['owner'],
-                            'user@odata.bind': `https://graph.microsoft.com/v1.0/users('${meRes.id}')`,
-                        },
-                    ],
-                },
-            }));
-            this.resolvedChatId = chatRes.id;
+            validateGraphId(this.config.chatId, 'chatId');
+            this.resolvedChatId = this.config.chatId;
             return this.resolvedChatId;
         }
-        // Create 1:1 chat with recipient UPN
+        // Create 1:1 chat with recipient UPN — Graph requires both participants
+        const safeUpn = validateGraphId(upn, 'recipientUpn');
+        const meRes = (await graphFetch(`${GRAPH_BASE}/me`, accessToken));
         const chatRes = (await graphFetch(`${GRAPH_BASE}/chats`, accessToken, {
             method: 'POST',
             body: {
@@ -326,7 +506,12 @@ export class TeamsCommunicationAdapter {
                     {
                         '@odata.type': '#microsoft.graph.aadUserConversationMember',
                         roles: ['owner'],
-                        'user@odata.bind': `https://graph.microsoft.com/v1.0/users('${upn}')`,
+                        'user@odata.bind': `https://graph.microsoft.com/v1.0/users('${meRes.id}')`,
+                    },
+                    {
+                        '@odata.type': '#microsoft.graph.aadUserConversationMember',
+                        roles: ['owner'],
+                        'user@odata.bind': `https://graph.microsoft.com/v1.0/users('${safeUpn}')`,
                     },
                 ],
             },
@@ -338,8 +523,10 @@ export class TeamsCommunicationAdapter {
         const accessToken = await this.ensureAuthenticated();
         // Use channel message if teamId + channelId are configured
         if (this.config.teamId && this.config.channelId) {
-            const url = `${GRAPH_BASE}/teams/${this.config.teamId}/channels/${this.config.channelId}/messages`;
-            const msg = (await graphFetch(url, accessToken, {
+            const safeTeamId = validateGraphId(this.config.teamId, 'teamId');
+            const safeChannelId = validateGraphId(this.config.channelId, 'channelId');
+            const url = `${GRAPH_BASE}/teams/${safeTeamId}/channels/${safeChannelId}/messages`;
+            await graphFetch(url, accessToken, {
                 method: 'POST',
                 body: {
                     body: {
@@ -347,16 +534,18 @@ export class TeamsCommunicationAdapter {
                         content: formatTeamsMessage(options.title, options.body, options.author),
                     },
                 },
-            }));
+            });
+            // Return stable composite ID so pollForReplies can locate the channel
             return {
-                id: msg.id,
-                url: `https://teams.microsoft.com/l/channel/${this.config.channelId}`,
+                id: `${this.config.teamId}|${this.config.channelId}`,
+                url: `https://teams.microsoft.com/l/channel/${encodeURIComponent(this.config.channelId)}`,
             };
         }
         // 1:1 chat mode
         const chatId = await this.ensureChat(accessToken);
-        const url = `${GRAPH_BASE}/chats/${chatId}/messages`;
-        const msg = (await graphFetch(url, accessToken, {
+        const safeChatId = validateGraphId(chatId, 'chatId');
+        const url = `${GRAPH_BASE}/chats/${safeChatId}/messages`;
+        await graphFetch(url, accessToken, {
             method: 'POST',
             body: {
                 body: {
@@ -364,36 +553,60 @@ export class TeamsCommunicationAdapter {
                     content: formatTeamsMessage(options.title, options.body, options.author),
                 },
             },
-        }));
+        });
+        // Return chatId so pollForReplies can locate the right chat
         return {
-            id: msg.id,
+            id: chatId,
             url: this.getNotificationUrl(chatId),
         };
     }
     async pollForReplies(options) {
         const accessToken = await this.ensureAuthenticated();
-        const chatId = this.resolvedChatId ?? options.threadId;
         const sinceIso = options.since.toISOString();
-        const url = `${GRAPH_BASE}/chats/${chatId}/messages?$filter=createdDateTime gt ${sinceIso}&$top=50&$orderby=createdDateTime asc`;
+        // Channel mode: threadId is "teamId|channelId" composite from postUpdate
+        let messagesUrl;
+        if (options.threadId.includes('|')) {
+            const [teamId, channelId] = options.threadId.split('|', 2);
+            if (teamId && channelId) {
+                const safeTeamId = validateGraphId(teamId, 'teamId');
+                const safeChannelId = validateGraphId(channelId, 'channelId');
+                const url = new URL(`${GRAPH_BASE}/teams/${safeTeamId}/channels/${safeChannelId}/messages`);
+                url.searchParams.set('$filter', `createdDateTime gt ${sinceIso}`);
+                url.searchParams.set('$top', '50');
+                url.searchParams.set('$orderby', 'createdDateTime asc');
+                messagesUrl = url.toString();
+            }
+            else {
+                return [];
+            }
+        }
+        else {
+            // 1:1 chat mode: threadId is the chatId
+            const chatId = this.resolvedChatId ?? options.threadId;
+            const safeChatId = validateGraphId(chatId, 'chatId');
+            const url = new URL(`${GRAPH_BASE}/chats/${safeChatId}/messages`);
+            url.searchParams.set('$filter', `createdDateTime gt ${sinceIso}`);
+            url.searchParams.set('$top', '50');
+            url.searchParams.set('$orderby', 'createdDateTime asc');
+            messagesUrl = url.toString();
+        }
         let data;
         try {
-            data = (await graphFetch(url, accessToken));
+            data = (await graphFetch(messagesUrl, accessToken));
         }
-        catch {
+        catch (err) {
+            console.warn(`⚠️ Teams pollForReplies failed: ${err.message}`);
             return [];
         }
-        let myId = null;
-        try {
-            const me = (await graphFetch(`${GRAPH_BASE}/me`, accessToken));
-            myId = me.id;
-        }
-        catch { /* ignore */ }
+        const myId = await this.getMyUserId(accessToken);
         return data.value
             .filter((m) => {
             if (!m.from?.user)
                 return false;
             if (myId && m.from.user.id === myId)
                 return false;
+            if (new Date(m.createdDateTime) <= options.since)
+                return false;
             return true;
         })
             .map((m) => ({
@@ -408,15 +621,24 @@ export class TeamsCommunicationAdapter {
         return `https://teams.microsoft.com/l/chat/${encodeURIComponent(chatId)}`;
     }
 }
+// ─── Graph ID Validation ─────────────────────────────────────────────
+/** Validate and encode a Graph API path segment. */
+function validateGraphId(id, label) {
+    if (!/^[\w:@.\-]+$/.test(id)) {
+        throw new Error(`Invalid ${label}: contains unsafe characters`);
+    }
+    return encodeURIComponent(id);
+}
 // ─── Formatting ──────────────────────────────────────────────────────
 function formatTeamsMessage(title, body, author) {
     const authorLine = author ? `<em>Posted by ${escapeHtml(author)}</em><br/>` : '';
     return `<b>${escapeHtml(title)}</b><br/>${authorLine}<br/>${escapeHtml(body).replace(/\n/g, '<br/>')}`;
 }
 function escapeHtml(s) {
-    return s.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;').replace(/"/g, '&quot;');
+    return s.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;').replace(/"/g, '&quot;').replace(/'/g, '&#39;');
 }
 function stripHtml(html) {
     return html.replace(/<[^>]+>/g, '').replace(/&nbsp;/g, ' ').replace(/&amp;/g, '&').replace(/&lt;/g, '<').replace(/&gt;/g, '>').replace(/&quot;/g, '"').trim();
 }
+export { escapeHtml, stripHtml, formatTeamsMessage, parseTokens, base64url, validateGraphId, getTokenPath, clearTokens, loadTokens, saveTokens, migrateLegacyTokens, extractJwtClaims, DEVICE_CODE_TIMEOUT_MS, DEVICE_CODE_MIN_POLL_MS, DEVICE_CODE_MAX_POLL_MS, LEGACY_TOKEN_PATH, PERMANENT_AUTH_ERRORS, };
 //# sourceMappingURL=comms-teams.js.map