@microsoft/agents-hosting 1.5.0-beta.6.ga236d9a19c → 1.5.1

package/src/app/agentApplicationOptions.ts

@@ -12,6 +12,36 @@ import { TurnState } from './turnState'
 import { HeaderPropagationDefinition } from '../headerPropagation'
 import { AuthorizationOptions } from './auth/types'
 import { Connections } from '../auth/connections'
+import { ProactiveOptions } from './proactive'
+
+/**
+ * Typing timer settings for a specific channel or the global default.
+ */
+export interface TypingTimingOptions {
+  /**
+   * Delay in milliseconds before the first typing indicator is sent.
+   *
+   * @default 0
+   */
+  initialDelayMs?: number
+
+  /**
+   * Delay in milliseconds between subsequent typing indicators.
+   *
+   * @default 4000
+   */
+  intervalMs?: number
+}
+
+/**
+ * Configuration options for automatic typing indicators.
+ */
+export interface TypingOptions extends TypingTimingOptions {
+  /**
+   * Optional channel-specific timing overrides keyed by channel ID.
+   */
+  channelStrategies?: Record<string, TypingTimingOptions>
+}
 
 /**
  * Configuration options for creating and initializing an Agent Application.
@@ -59,6 +89,13 @@ export interface AgentApplicationOptions<TState extends TurnState> {
    */
   startTypingTimer: boolean;
 
+  /**
+   * Optional timing settings for automatic typing indicators.
+   *
+   * @default undefined
+   */
+  typing?: TypingOptions;
+
   /**
    * Whether to enable support for long-running message processing operations.
    * When enabled, the agent can handle operations that take longer than the typical
@@ -147,4 +184,10 @@ export interface AgentApplicationOptions<TState extends TurnState> {
    * identity providers.
    */
   connections?: Connections
+
+  /**
+   * Optional. Configuration for the proactive messaging subsystem.
+   * When provided, `app.proactive` will be available.
+   */
+  proactive?: ProactiveOptions
 }

package/src/app/attachmentDownloader.ts

@@ -9,7 +9,7 @@ import { TurnState } from './turnState'
 import { TurnContext } from '../turnContext'
 import { Attachment } from '@microsoft/agents-activity'
 import { AuthProvider } from '../auth/authProvider'
-import { debug } from '@microsoft/agents-activity/logger'
+import { debug } from '@microsoft/agents-telemetry'
 import { loadAuthConfigFromEnv, MsalTokenProvider } from '../auth'
 
 const logger = debug('agents:attachmentDownloader')

package/src/app/auth/authorization.ts

@@ -3,12 +3,14 @@
  * Licensed under the MIT License.
  */
 
-import { debug } from '@microsoft/agents-activity/logger'
+import { debug } from '@microsoft/agents-telemetry'
+import { ExceptionHelper } from '@microsoft/agents-activity'
 import { TokenResponse } from '../../oauth'
 import { TurnContext } from '../../turnContext'
 import { TurnState } from '../turnState'
 import { AuthorizationManager } from './authorizationManager'
 import { AuthorizationHandlerTokenOptions } from './types'
+import { Errors } from '../../errorHelper'
 
 const logger = debug('agents:authorization')
 
@@ -148,7 +150,7 @@ export class UserAuthorization implements Authorization {
       return { token }
     }
 
-    throw new Error('Invalid parameters for exchangeToken method.')
+    throw ExceptionHelper.generateException(Error, Errors.InvalidExchangeTokenParameters)
   }
 
   /**
@@ -180,7 +182,7 @@ export class UserAuthorization implements Authorization {
     if (authHandlerId) {
       await this.getHandler(authHandlerId).signout(context)
     } else {
-      for (const handler of Object.values(this.manager.handlers)) {
+      for (const handler of this.manager.handlers) {
         await handler.signout(context)
       }
     }
@@ -207,7 +209,7 @@ export class UserAuthorization implements Authorization {
    * @public
    */
   public onSignInSuccess (handler: (context: TurnContext, state: TurnState, authHandlerId?: string) => Promise<void>) {
-    for (const authHandler of Object.values(this.manager.handlers)) {
+    for (const authHandler of this.manager.handlers) {
       authHandler.onSuccess((context) => handler(context, new TurnState(), authHandler.id))
     }
   }
@@ -239,7 +241,7 @@ export class UserAuthorization implements Authorization {
    * @public
    */
   public onSignInFailure (handler: (context: TurnContext, state: TurnState, authHandlerId?: string, errorMessage?: string) => Promise<void>) {
-    for (const authHandler of Object.values(this.manager.handlers)) {
+    for (const authHandler of this.manager.handlers) {
       authHandler.onFailure((context, reason) => handler(context, new TurnState(), authHandler.id, reason))
     }
   }
@@ -253,9 +255,10 @@ export class UserAuthorization implements Authorization {
    * @private
    */
   private getHandler (id: string) {
-    if (!Object.prototype.hasOwnProperty.call(this.manager.handlers, id)) {
-      throw new Error(`Cannot find auth handler with ID '${id}'. Ensure it is configured in the agent application options.`)
+    const handler = this.manager.handlers.find(e => e.id.toLowerCase() === id.toLowerCase())
+    if (!handler) {
+      throw ExceptionHelper.generateException(Error, Errors.AuthHandlerNotFound, undefined, { handlerId: id })
     }
-    return this.manager.handlers[id]
+    return handler
   }
 }

package/src/app/auth/authorizationManager.ts

@@ -3,16 +3,24 @@
  * Licensed under the MIT License.
  */
 
-import { Activity, debug } from '@microsoft/agents-activity'
+import { Activity, ExceptionHelper } from '@microsoft/agents-activity'
+import { debug } from '@microsoft/agents-telemetry'
 import { AgentApplication } from '../agentApplication'
 import { AgenticAuthorization, AzureBotAuthorization } from './handlers'
 import { TurnContext } from '../../turnContext'
 import { HandlerStorage } from './handlerStorage'
+import { Errors } from '../../errorHelper'
 import { ActiveAuthorizationHandler, AuthorizationHandlerStatus, AuthorizationHandler, AuthorizationHandlerSettings, AuthorizationOptions } from './types'
 import { Connections } from '../../auth/connections'
+import { sendInvokeResponse } from './utils'
+import { envParser, envParserUtils } from '../../auth'
 
 const logger = debug('agents:authorization:manager')
 
+const AGENTIC = 'AgenticUserAuthorization'
+const AGENTIC_LEGACY = 'agentic'
+const AZURE_BOT = 'AzureBotUserAuthorization'
+
 /**
  * Active handler information used by the AuthorizationManager.
  */
@@ -52,53 +60,113 @@ export class AuthorizationManager {
   private _handlers: Record<string, AuthorizationHandler> = {}
 
   /**
-   * Creates an instance of the AuthorizationManager.
-   * @param app The agent application instance.
+   * Environment variable configuration for the latest format.
    */
-  constructor (private app: AgentApplication<any>, connections: Connections) {
-    if (!app.options.storage) {
-      throw new Error('Storage is required for Authorization. Ensure that a storage provider is configured in the AgentApplication options.')
-    }
-
-    if (app.options.authorization === undefined || Object.keys(app.options.authorization).length === 0) {
-      throw new Error('The AgentApplication.authorization does not have any auth handlers')
-    }
-
-    const settings: AuthorizationHandlerSettings = { storage: app.options.storage, connections }
-    for (const [id, handler] of Object.entries(app.options.authorization)) {
-      const options = this.loadOptions(id, handler)
-      if (options.type === 'agentic') {
-        this._handlers[id] = new AgenticAuthorization(id, options, settings)
-      } else {
-        this._handlers[id] = new AzureBotAuthorization(id, options, settings)
+  private _envLatest = {
+    key: {
+      prefix: 'AgentApplication__UserAuthorization__Handlers__',
+      separator: '__Settings__',
+      create (id: string, prop: string) {
+        return `${this.prefix}${id}${this.separator}${prop}`
+      },
+      extract (envKey: string) {
+        // Substring: AgentApplication__UserAuthorization__Handlers__<id>__Settings__<prop>
+        // position —————————————————————————————————————————> start^   ^end         ^prop
+        const start = this.prefix.length
+        const end = envKey.toUpperCase().indexOf(this.separator.toUpperCase())
+        if (end === -1) {
+          return { id: undefined, prop: undefined }
+        }
+
+        const id = envKey.substring(start, end)
+        const prop = envKey.substring(end + this.separator.length)
+        return { id, prop }
       }
-    }
+    },
+    parser: envParser({
+      // Common
+      type: envParserUtils.bypass,
+
+      // Azure Bot
+      azureBotOAuthConnectionName: envParserUtils.bypass,
+      title: envParserUtils.bypass,
+      text: envParserUtils.bypass,
+      invalidSignInRetryMessage: envParserUtils.bypass,
+      invalidSignInRetryMessageFormat: envParserUtils.bypass,
+      invalidSignInRetryMaxExceededMessage: envParserUtils.bypass,
+      oboConnectionName: envParserUtils.bypass,
+      enableSso (value) {
+        return { value: value !== 'false' }
+      },
+      invalidSignInRetryMax (value) {
+        return { value: parseInt(value) }
+      },
+      oboScopes (value) {
+        return this.scopes(value)
+      },
+
+      // Agentic
+      altBlueprintConnectionName: envParserUtils.bypass,
+      scopes (value) {
+        if (value.includes(',')) {
+          return { value: value.split(',').map(s => s.trim()).filter(Boolean) }
+        }
+        return { value: value.split(/\s+/).filter(Boolean) }
+      }
+    }),
   }
 
   /**
-   * Loads and validates the authorization handler options.
+   * Environment variable configuration for the legacy format.
    */
-  private loadOptions (id: string, options: AuthorizationOptions[string]) {
-    const result: AuthorizationOptions[string] = {
-      ...options,
-      type: (options.type ?? process.env[`${id}_type`])?.toLowerCase() as typeof options.type,
-    }
+  private _envLegacy = {
+    key: {
+      separator: '_',
+    },
+    parser: envParser({
+      // Common
+      type: envParserUtils.redirect(this._envLatest.parser, 'type'),
+
+      // Azure Bot
+      connectionName: envParserUtils.redirect(this._envLatest.parser, 'azureBotOAuthConnectionName'),
+      connectionTitle: envParserUtils.redirect(this._envLatest.parser, 'title'),
+      connectionText: envParserUtils.redirect(this._envLatest.parser, 'text'),
+      maxAttempts: envParserUtils.redirect(this._envLatest.parser, 'invalidSignInRetryMax'),
+      messages_invalidCode: envParserUtils.redirect(this._envLatest.parser, 'invalidSignInRetryMessage'),
+      messages_invalidCodeFormat: envParserUtils.redirect(this._envLatest.parser, 'invalidSignInRetryMessageFormat'),
+      messages_maxAttemptsExceeded: envParserUtils.redirect(this._envLatest.parser, 'invalidSignInRetryMaxExceededMessage'),
+      obo_connection: envParserUtils.redirect(this._envLatest.parser, 'oboConnectionName'),
+      obo_scopes: envParserUtils.redirect(this._envLatest.parser, 'oboScopes'),
+      enableSso: envParserUtils.redirect(this._envLatest.parser, 'enableSso'),
+
+      // Agentic
+      scopes: envParserUtils.redirect(this._envLatest.parser, 'scopes'),
+      altBlueprintConnectionName: envParserUtils.redirect(this._envLatest.parser, 'altBlueprintConnectionName')
+    })
+  }
 
-    // Validate supported types, agentic, and default (Azure Bot - undefined)
-    const supportedTypes = ['agentic', undefined]
-    if (!supportedTypes.includes(result.type)) {
-      throw new Error(`Unsupported authorization handler type: '${result.type}' for auth handler: '${id}'. Supported types are: '${supportedTypes.filter(Boolean).join('\', \'')}'.`)
+  /**
+   * Creates an instance of the AuthorizationManager.
+   * @param app The agent application instance.
+   */
+  constructor (private app: AgentApplication<any>, private connections: Connections) {
+    this.createHandlers()
+
+    if (this.handlers.length === 0 && app.options.authorization !== undefined) {
+      throw ExceptionHelper.generateException(Error, Errors.NoAuthHandlersConfigured)
     }
 
-    return result
+    for (const [id, handler] of Object.entries(this._handlers)) {
+      logger.debug('auth handler "%s" type=%s scopes=%o', id, handler.type, handler.scopes)
+    }
   }
 
   /**
    * Gets the registered authorization handlers.
    * @returns A record of authorization handlers by their IDs.
    */
-  public get handlers (): Record<string, AuthorizationHandler> {
-    return this._handlers
+  public get handlers (): AuthorizationHandler[] {
+    return Object.values(this._handlers)
   }
 
   /**
@@ -108,24 +176,45 @@ export class AuthorizationManager {
    * @returns The result of the authorization process.
    */
   public async process (context: TurnContext, getHandlerIds: GetHandlerIds): Promise<AuthorizationManagerProcessResult> {
+    const activity = context.activity
+
+    if (this.handlers.length === 0) {
+      return { authorized: true, context }
+    }
+
     const storage = new HandlerStorage(this.app.options.storage!, context)
 
     let active = await this.active(storage, getHandlerIds)
 
-    if (active !== undefined && active?.data.activity.conversation?.id !== context.activity.conversation?.id) {
+    if (!active && activity.name?.startsWith('signin/')) {
+      const reason = `Received '${activity.name}' but no active sign-in flow exists for user '${activity.from?.id}'.`
+      logger.warn(reason, activity)
+      await sendInvokeResponse(context, {
+        status: 400,
+        body: { failureDetail: reason }
+      })
+      return { authorized: false, context }
+    }
+
+    if (active !== undefined && active?.data.activity.conversation?.id !== activity.conversation?.id) {
       logger.warn('Discarding the active session due to the conversation has changed during an active sign-in process', active?.data.activity)
       await storage.delete()
       return { authorized: true, context }
     }
 
-    const handlers = active?.handlers ?? this.mapHandlers(await getHandlerIds(context.activity) ?? []) ?? []
+    const handlers = active?.handlers ?? this.mapHandlers(await getHandlerIds(activity) ?? []) ?? []
 
     // Create a shallow copy to modify the activity, since the signin process depends on it and we want to ensure the next handler depends on the initial activity, not the modified one.
     const sharedContext = new TurnContext(context)
 
     for (const handler of handlers) {
+      if (handler.scopes?.length) {
+        logger.debug('invoking auth handler "%s" scopes=[%s]', handler.id, handler.scopes.join(','))
+      } else {
+        logger.debug('invoking auth handler "%s"', handler.id)
+      }
       const status = await this.signin(storage, handler, sharedContext, active?.data)
-      logger.debug(this.prefix(handler.id, `Sign-in status: ${status}`))
+      logger.debug('auth handler "%s" sign-in status=%s', handler.id, status)
 
       if (status === AuthorizationHandlerStatus.IGNORED) {
         await storage.delete()
@@ -147,7 +236,7 @@ export class AuthorizationManager {
       }
 
       if (status !== AuthorizationHandlerStatus.APPROVED) {
-        throw new Error(this.prefix(handler.id, `Unexpected registration status: ${status}`))
+        throw ExceptionHelper.generateException(Error, Errors.UnexpectedRegistrationStatus, undefined, { status })
       }
 
       await storage.delete()
@@ -194,7 +283,7 @@ export class AuthorizationManager {
       return await handler.signin(context, active)
     } catch (cause) {
       await storage.delete()
-      throw new Error(this.prefix(handler.id, 'Failed to sign in'), { cause })
+      throw ExceptionHelper.generateException(Error, Errors.FailedToSignIn, cause as Error)
     }
   }
 
@@ -202,16 +291,19 @@ export class AuthorizationManager {
    * Maps an array of handler IDs to their corresponding handler instances.
    */
   private mapHandlers (ids: string[]): AuthorizationHandler[] {
-    let unknownHandlers = ''
+    const unknownHandlers: string[] = []
     const handlers = ids.map(id => {
-      if (!this._handlers[id]) {
-        unknownHandlers += ` ${id}`
+      const handler = this.handlers.find(e => e.id.toLowerCase() === id.toLowerCase())
+      if (!handler) {
+        unknownHandlers.push(id)
       }
-      return this._handlers[id]
-    })
-    if (unknownHandlers) {
-      throw new Error(`Cannot find auth handlers with ID(s): ${unknownHandlers}`)
+      return handler
+    }).filter((handler) => handler !== undefined)
+
+    if (unknownHandlers.length > 0) {
+      throw ExceptionHelper.generateException(Error, Errors.AuthHandlersNotFound, undefined, { handlerIds: unknownHandlers.join(', ') })
     }
+
     return handlers
   }
 
@@ -221,4 +313,164 @@ export class AuthorizationManager {
   private prefix (id: string, message: string) {
     return `[handler:${id}] ${message}`
   }
+
+  /**
+   * Creates authorization handlers based on the application configuration and environment variables.
+   */
+  private createHandlers () {
+    let legacyMessage = ''
+    const settings: AuthorizationHandlerSettings = { storage: this.app.options.storage!, connections: this.connections }
+    let runtimeEntries = Object.entries(this.app.options.authorization ?? {})
+    const result = { latest: {}, legacy: {} } as {
+      latest: Record<string, Record<string, any> | undefined>;
+      legacy: Record<string, Record<string, any> | undefined>;
+    }
+
+    for (const [envKey, envValue] of Object.entries(process.env)) {
+      if (!envValue?.trim()) {
+        continue
+      }
+
+      const upperEnvKey = envKey.toUpperCase()
+
+      // Legacy: extract handler ID, handler options key and its value, and assign it to the correct runtime handler ID.
+      if (!upperEnvKey.startsWith(this._envLatest.key.prefix.toUpperCase())) {
+        const [id] = runtimeEntries.find(([id]) => upperEnvKey.startsWith(`${id.toUpperCase()}${this._envLegacy.key.separator}`)) ?? []
+        if (!id) {
+          continue
+        }
+
+        const prop = envKey.substring(id.length + this._envLegacy.key.separator.length)
+        if (!prop) {
+          continue
+        }
+
+        const { key, value } = this._envLegacy.parser.parse(prop as any, envValue)
+        if (!key) {
+          continue
+        }
+
+        legacyMessage += `  ${envKey}= # Use ${this._envLatest.key.create(id, key)} instead.\n`
+
+        result.legacy[id] ??= {}
+        result.legacy[id][key] = value
+        continue
+      }
+
+      // Latest: extract handler ID, handler options key and its value, and assign it to the correct latest handler ID.
+      const { id, prop } = this._envLatest.key.extract(envKey)
+      if (!id || !prop) {
+        continue
+      }
+
+      const { key, value } = this._envLatest.parser.parse(prop as any, envValue)
+      if (!key) {
+        continue
+      }
+
+      // Find existing handler ID case-insensitively to avoid duplicates, but keep the original casing for later processing.
+      // This allows users to specify environment variables in a case-insensitive way, while ensuring that the handler IDs are treated in a case-sensitive way internally, to avoid issues when referencing them later.
+      // For example, if the user specifies AGENTAPPLICATION__USERAUTHORIZATION__HANDLERS__GRAPH__SETTINGS__AZUREBOTOAUTHCONNECTIONNAME and agentapplication__userauthorization__handlers__graph__settings__azurebotoauthconnectionname, we want to treat them as the same handler ID "graph", and not create two separate handlers "GRAPH" and "graph".
+      // Note: the first environment variable that is processed will determine the casing of the handler ID, and any subsequent environment variable that matches the same handler ID case-insensitively will be treated as referring to the same handler, regardless of its casing.
+      const existingId = id in result.latest ? id : Object.keys(result.latest).find(e => e.toLowerCase() === id.toLowerCase())
+      const realId = existingId ?? id
+      result.latest[realId] ??= {}
+      result.latest[realId][key] = value
+    }
+
+    if (legacyMessage.length > 0) {
+      logger.warn('Deprecated environment variables detected, update to the latest format: (case-insensitive)', `[\n${legacyMessage}]`)
+    }
+
+    // Fix types
+    const fixTypes = (entries: [string, any][]) => entries
+      .map(([id, options]) => [id, { ...options, type: this.fixType(id, options?.type) }] as [string, AuthorizationOptions[string]])
+
+    runtimeEntries = fixTypes(runtimeEntries)
+    const latestEntries = fixTypes(Object.entries(result.latest))
+    const legacyEntries = fixTypes(Object.entries(result.legacy))
+
+    const registeredHandlers = new Set()
+    for (const [id] of [...runtimeEntries, ...latestEntries]) {
+      if (registeredHandlers.has(id.toLowerCase())) {
+        continue
+      }
+
+      // Find entries case-insensitively for later processing
+      const [, runtime] = runtimeEntries.find(([key]) => key.toLowerCase() === id.toLowerCase()) ?? []
+      const [, latest] = latestEntries.find(([key]) => key.toLowerCase() === id.toLowerCase()) ?? []
+      const [, legacy] = legacyEntries.find(([key]) => key.toLowerCase() === id.toLowerCase()) ?? []
+
+      if (runtime !== undefined && latest !== undefined) {
+        logger.warn(this.prefix(id, 'Both runtime and latest environment variable configurations detected. Runtime configuration will take precedence over latest environment variables.'))
+      }
+
+      // Normalize runtime legacy options to latest format
+      if (runtime?.type === AZURE_BOT) {
+        runtime.azureBotOAuthConnectionName ??= runtime.name
+        runtime.invalidSignInRetryMax ??= runtime.maxAttempts
+        runtime.invalidSignInRetryMessage ??= runtime.messages?.invalidCode
+        runtime.invalidSignInRetryMessageFormat ??= runtime.messages?.invalidCodeFormat
+        runtime.invalidSignInRetryMaxExceededMessage ??= runtime.messages?.maxAttemptsExceeded
+        runtime.oboConnectionName ??= runtime.obo?.connection
+        runtime.oboScopes ??= runtime.obo?.scopes
+        delete runtime.name
+        delete runtime.maxAttempts
+        delete runtime.messages
+        delete runtime.obo
+      }
+
+      // Helper to remove undefined options
+      const prune = <T extends Record<string, any>>(obj: T) => {
+        const entries = Object.entries(obj).filter(([, e]) => e !== undefined)
+        return Object.fromEntries(entries) as T
+      }
+
+      // Priority: runtime > latest > legacy
+      // Pruning done individually to avoid overwriting with undefined when merging.
+      const options: AuthorizationOptions[string] = runtime ? { ...prune(legacy || {}), ...prune(runtime) } : prune(latest || {})
+
+      if (!settings.storage) {
+        throw ExceptionHelper.generateException(Error, Errors.StorageRequiredForAuthorization)
+      }
+
+      if (options.type === AGENTIC) {
+        this._handlers[id] = new AgenticAuthorization(id, options, settings)
+      } else if (options.type === AZURE_BOT) {
+        // Set default values if not provided
+        options.title ||= 'Sign-in'
+        options.text ||= 'Please sign-in to continue'
+        options.oboScopes ??= []
+        options.enableSso = options.enableSso !== false // default value is true if undefined.
+
+        this._handlers[id] = new AzureBotAuthorization(id, options, settings)
+      }
+
+      registeredHandlers.add(id.toLowerCase())
+    }
+  }
+
+  /**
+   * Fixes the handler type based on the provided type string, supporting both latest and legacy formats.
+   */
+  private fixType (handlerId: string, type: AuthorizationOptions[string]['type'] | string) {
+    if (!type) {
+      return AZURE_BOT
+    }
+
+    if (type.toLowerCase() === AGENTIC_LEGACY.toLowerCase()) {
+      logger.warn(this.prefix(handlerId, 'The \'agentic\' type is deprecated. Please use \'AgenticUserAuthorization\' instead.'))
+      return AGENTIC
+    }
+
+    if (type.toLowerCase() === AGENTIC.toLowerCase()) {
+      return AGENTIC
+    }
+
+    if (type.toLowerCase() === AZURE_BOT.toLowerCase()) {
+      return AZURE_BOT
+    }
+
+    throw ExceptionHelper.generateException(Error, Errors.UnsupportedAuthHandlerType, undefined, { handlerType: type })
+  }
 }

package/src/app/auth/handlerStorage.ts

@@ -6,6 +6,8 @@
 import { ActiveAuthorizationHandler } from './types'
 import { TurnContext } from '../../turnContext'
 import { Storage } from '../../storage'
+import { ExceptionHelper } from '@microsoft/agents-activity'
+import { Errors } from '../../errorHelper'
 
 /**
  * Storage manager for handler state.
@@ -25,7 +27,7 @@ export class HandlerStorage<TActiveHandler extends ActiveAuthorizationHandler =
     const channelId = this.context.activity.channelId?.trim()
     const userId = this.context.activity.from?.id?.trim()
     if (!channelId || !userId) {
-      throw new Error(`Both 'activity.channelId' and 'activity.from.id' are required to generate the ${HandlerStorage.name} key.`)
+      throw ExceptionHelper.generateException(Error, Errors.ChannelIdAndFromIdRequired)
     }
     return `auth/${channelId}/${userId}`
   }