@microsoft/teams-js 2.34.0-beta.1 → 2.34.1-beta.0

package/dist/umd/MicrosoftTeams.js

@@ -1148,20 +1148,6 @@ __webpack_require__.d(app_namespaceObject, {
   registerOnThemeChangeHandler: () => (registerOnThemeChangeHandler)
 });
 
-// NAMESPACE OBJECT: ./src/public/authentication.ts
-var authentication_namespaceObject = {};
-__webpack_require__.r(authentication_namespaceObject);
-__webpack_require__.d(authentication_namespaceObject, {
-  DataResidency: () => (DataResidency),
-  authenticate: () => (authenticate),
-  getAuthToken: () => (getAuthToken),
-  getUser: () => (getUser),
-  initialize: () => (authentication_initialize),
-  notifyFailure: () => (authentication_notifyFailure),
-  notifySuccess: () => (authentication_notifySuccess),
-  registerAuthenticationHandlers: () => (registerAuthenticationHandlers)
-});
-
 // NAMESPACE OBJECT: ./src/public/dialog/update.ts
 var update_namespaceObject = {};
 __webpack_require__.r(update_namespaceObject);
@@ -1615,6 +1601,19 @@ __webpack_require__.d(store_namespaceObject, {
   openSpecificStore: () => (openSpecificStore)
 });
 
+// NAMESPACE OBJECT: ./src/public/authentication.ts
+var authentication_namespaceObject = {};
+__webpack_require__.r(authentication_namespaceObject);
+__webpack_require__.d(authentication_namespaceObject, {
+  DataResidency: () => (DataResidency),
+  authenticate: () => (authenticate),
+  getAuthToken: () => (getAuthToken),
+  getUser: () => (getUser),
+  notifyFailure: () => (authentication_notifyFailure),
+  notifySuccess: () => (authentication_notifySuccess),
+  registerAuthenticationHandlers: () => (registerAuthenticationHandlers)
+});
+
 // NAMESPACE OBJECT: ./src/public/appInstallDialog.ts
 var appInstallDialog_namespaceObject = {};
 __webpack_require__.r(appInstallDialog_namespaceObject);
@@ -3156,6 +3155,8 @@ var HostClientType;
     HostClientType["ipados"] = "ipados";
     /** The host is running on a macOS client, which runs on devices such as MacBooks. */
     HostClientType["macos"] = "macos";
+    /** The host is running on a visionOS client, which runs on devices such as Apple Vision. */
+    HostClientType["visionOS"] = "visionOS";
     /**
      * @deprecated
      * As of TeamsJS v2.0.0, please use {@link teamsRoomsWindows} instead.
@@ -4013,6 +4014,14 @@ const validOriginsLocal = artifactsForCDN_validDomains_namespaceObject;
  * Limited to Microsoft-internal use
  */
 const validOriginsFallback = validOriginsLocal.validOrigins;
+/**
+ * @hidden
+ * Timeout length for Fetch Call for Valid Origins
+ *
+ * @internal
+ * Limited to Microsoft-internal use
+ */
+const ORIGIN_LIST_FETCH_TIMEOUT_IN_MS = 1500;
 /**
  * @hidden
  * CDN endpoint of the list of valid origins
@@ -4188,7 +4197,12 @@ const v1NonMobileHostClientTypes = [
     HostClientType.teamsPhones,
     HostClientType.teamsDisplays,
 ];
-const v1MobileHostClientTypes = [HostClientType.android, HostClientType.ios, HostClientType.ipados];
+const v1MobileHostClientTypes = [
+    HostClientType.android,
+    HostClientType.ios,
+    HostClientType.ipados,
+    HostClientType.visionOS,
+];
 const v1HostClientTypes = [...v1NonMobileHostClientTypes, ...v1MobileHostClientTypes];
 /**
  * @hidden
@@ -4338,7 +4352,7 @@ const mapTeamsVersionToSupportedCapabilities = {
     '2.1.1': [
         {
             capability: { nestedAppAuth: {} },
-            hostClientTypes: [HostClientType.android, HostClientType.ios, HostClientType.ipados],
+            hostClientTypes: [HostClientType.android, HostClientType.ios, HostClientType.ipados, HostClientType.visionOS],
         },
     ],
 };
@@ -4470,7 +4484,7 @@ function isSerializable(arg) {
  * @hidden
  *  Package version.
  */
-const version = "2.34.0-beta.1";
+const version = "2.34.1-beta.0";
 
 ;// ./src/internal/internalAPIs.ts
 
@@ -4549,7 +4563,7 @@ function isCurrentSDKVersionAtLeast(requiredVersion = defaultSDKVersionForCompat
 }
 /**
  * @hidden
- * Helper function to identify if host client is either android, ios, or ipados
+ * Helper function to identify if host client is either android, ios, ipados, or visionOS
  *
  * @internal
  * Limited to Microsoft-internal use
@@ -4557,7 +4571,8 @@ function isCurrentSDKVersionAtLeast(requiredVersion = defaultSDKVersionForCompat
 function isHostClientMobile() {
     return (GlobalVars.hostClientType == HostClientType.android ||
         GlobalVars.hostClientType == HostClientType.ios ||
-        GlobalVars.hostClientType == HostClientType.ipados);
+        GlobalVars.hostClientType == HostClientType.ipados ||
+        GlobalVars.hostClientType == HostClientType.visionOS);
 }
 /**
  * @hidden
@@ -4697,139 +4712,8 @@ function isNullOrUndefined(value) {
     return value === null || value === undefined;
 }
 
-;// ./src/internal/validOrigins.ts
-var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-
-
-
-
-let validOriginsCache = [];
-const validateOriginLogger = getLogger('validateOrigin');
-function prefetchOriginsFromCDN() {
-    return __awaiter(this, void 0, void 0, function* () {
-        yield getValidOriginsListFromCDN();
-    });
-}
-function isValidOriginsCacheEmpty() {
-    return validOriginsCache.length === 0;
-}
-function getValidOriginsListFromCDN() {
-    return __awaiter(this, void 0, void 0, function* () {
-        if (!isValidOriginsCacheEmpty()) {
-            return validOriginsCache;
-        }
-        if (!inServerSideRenderingEnvironment()) {
-            return fetch(validOriginsCdnEndpoint)
-                .then((response) => {
-                if (!response.ok) {
-                    throw new Error('Invalid Response from Fetch Call');
-                }
-                return response.json().then((validOriginsCDN) => {
-                    if (isValidOriginsJSONValid(JSON.stringify(validOriginsCDN))) {
-                        validOriginsCache = validOriginsCDN.validOrigins;
-                        return validOriginsCache;
-                    }
-                    else {
-                        throw new Error('Valid Origins List Is Invalid');
-                    }
-                });
-            })
-                .catch((e) => {
-                validateOriginLogger('validOrigins fetch call to CDN failed with error: %s. Defaulting to fallback list', e);
-                validOriginsCache = validOriginsFallback;
-                return validOriginsCache;
-            });
-        }
-        else {
-            validOriginsCache = validOriginsFallback;
-            return validOriginsFallback;
-        }
-    });
-}
-function isValidOriginsJSONValid(validOriginsJSON) {
-    let validOriginsCDN = JSON.parse(validOriginsJSON);
-    try {
-        validOriginsCDN = JSON.parse(validOriginsJSON);
-    }
-    catch (_) {
-        return false;
-    }
-    if (!validOriginsCDN.validOrigins) {
-        return false;
-    }
-    for (const validOrigin of validOriginsCDN.validOrigins) {
-        try {
-            new URL('https://' + validOrigin);
-        }
-        catch (_) {
-            validateOriginLogger('isValidOriginsFromCDN call failed to validate origin: %s', validOrigin);
-            return false;
-        }
-    }
-    return true;
-}
-/**
- * @param pattern - reference pattern
- * @param host - candidate string
- * @returns returns true if host matches pre-know valid pattern
- *
- * @example
- *    validateHostAgainstPattern('*.teams.microsoft.com', 'subdomain.teams.microsoft.com') returns true
- *    validateHostAgainstPattern('teams.microsoft.com', 'team.microsoft.com') returns false
- *
- * @internal
- * Limited to Microsoft-internal use
- */
-function validateHostAgainstPattern(pattern, host) {
-    if (pattern.substring(0, 2) === '*.') {
-        const suffix = pattern.substring(1);
-        if (host.length > suffix.length &&
-            host.split('.').length === suffix.split('.').length &&
-            host.substring(host.length - suffix.length) === suffix) {
-            return true;
-        }
-    }
-    else if (pattern === host) {
-        return true;
-    }
-    return false;
-}
-/**
- * @internal
- * Limited to Microsoft-internal use
- */
-function validateOrigin(messageOrigin) {
-    return getValidOriginsListFromCDN().then((validOriginsList) => {
-        // Check whether the url is in the pre-known allowlist or supplied by user
-        if (!isValidHttpsURL(messageOrigin)) {
-            validateOriginLogger('Origin %s is invalid because it is not using https protocol. Protocol being used: %s', messageOrigin, messageOrigin.protocol);
-            return false;
-        }
-        const messageOriginHost = messageOrigin.host;
-        if (validOriginsList.some((pattern) => validateHostAgainstPattern(pattern, messageOriginHost))) {
-            return true;
-        }
-        for (const domainOrPattern of GlobalVars.additionalValidOrigins) {
-            const pattern = domainOrPattern.substring(0, 8) === 'https://' ? domainOrPattern.substring(8) : domainOrPattern;
-            if (validateHostAgainstPattern(pattern, messageOriginHost)) {
-                return true;
-            }
-        }
-        validateOriginLogger('Origin %s is invalid because it is not an origin approved by this library or included in the call to app.initialize.\nOrigins approved by this library: %o\nOrigins included in app.initialize: %o', messageOrigin, validOriginsList, GlobalVars.additionalValidOrigins);
-        return false;
-    });
-}
-
 ;// ./src/private/messageChannels/telemetry.ts
-var telemetry_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
+var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
     function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
     return new (P || (P = Promise))(function (resolve, reject) {
         function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
@@ -4861,7 +4745,7 @@ const logger = getLogger('messageChannels.telemetry');
  * Limited to Microsoft-internal use
  */
 function getTelemetryPort() {
-    return telemetry_awaiter(this, void 0, void 0, function* () {
+    return __awaiter(this, void 0, void 0, function* () {
         // If the port has already been initialized, return it.
         if (telemetryPort) {
             logger('Returning telemetry port from cache');
@@ -5155,7 +5039,6 @@ logWhereTeamsJsIsBeingUsed();
  * @returns Promise that will be fulfilled when initialization has completed, or rejected if the initialization fails or times out
  */
 function initialize(validMessageOrigins) {
-    prefetchOriginsFromCDN();
     return appInitializeHelper(getApiVersionTag(appTelemetryVersionNumber, "app.initialize" /* ApiName.App_Initialize */), validMessageOrigins);
 }
 /**
@@ -5319,6 +5202,8 @@ function transformLegacyContextToAppContext(legacyContext) {
                 ringId: legacyContext.ringId,
             },
             appLaunchId: legacyContext.appLaunchId,
+            appId: legacyContext.appId ? new AppId(legacyContext.appId) : undefined,
+            manifestVersion: legacyContext.manifestVersion,
         },
         page: {
             id: legacyContext.entityId,
@@ -5398,469 +5283,104 @@ function transformLegacyContextToAppContext(legacyContext) {
     return context;
 }
 
-;// ./src/public/authentication.ts
+;// ./src/public/dialog/update.ts
 /**
- * Module to interact with the authentication-specific part of the SDK.
+ * Module to update the dialog
  *
- * This object is used for starting or completing authentication flows.
  * @module
  */
 
 
 
 
+/**
+ * Update dimensions - height/width of a dialog.
+ *
+ * @param dimensions - An object containing width and height properties.
+ */
+function resize(dimensions) {
+    updateResizeHelper(getApiVersionTag(dialogTelemetryVersionNumber, "dialog.update.resize" /* ApiName.Dialog_Update_Resize */), dimensions);
+}
+/**
+ * Checks if dialog.update capability is supported by the host
+ * @returns boolean to represent whether dialog.update capabilty is supported
+ *
+ * @throws Error if {@linkcode app.initialize} has not successfully completed
+ */
+function update_isSupported() {
+    return ensureInitialized(runtime) && runtime.supports.dialog
+        ? runtime.supports.dialog.update
+            ? true
+            : false
+        : false;
+}
+
+;// ./src/public/dialog/url/bot.ts
+/**
+ * Module to open a dialog that sends results to the bot framework
+ *
+ * @module
+ */
 
 
 
 
 /**
- * Exceptional APIs telemetry versioning file: v1 and v2 APIs are mixed together in this file
+ * Allows an app to open a dialog that sends submitted data to a bot.
+ *
+ * @param botUrlDialogInfo - An object containing the parameters of the dialog module including completionBotId.
+ * @param submitHandler - Handler that triggers when the dialog has been submitted or closed.
+ * @param messageFromChildHandler - Handler that triggers if dialog sends a message to the app.
+ *
+ * @returns a function that can be used to send messages to the dialog.
  */
-const authenticationTelemetryVersionNumber_v1 = "v1" /* ApiVersionNumber.V_1 */;
-const authenticationTelemetryVersionNumber_v2 = "v2" /* ApiVersionNumber.V_2 */;
-let authHandlers;
-let authWindowMonitor;
+function bot_open(botUrlDialogInfo, submitHandler, messageFromChildHandler) {
+    botUrlOpenHelper(getApiVersionTag(dialogTelemetryVersionNumber, "dialog.url.bot.open" /* ApiName.Dialog_Url_Bot_Open */), botUrlDialogInfo, submitHandler, messageFromChildHandler);
+}
 /**
- * @hidden
- * @internal
- * Limited to Microsoft-internal use; automatically called when library is initialized
+ * Checks if dialog.url.bot capability is supported by the host
+ *
+ * @returns boolean to represent whether dialog.url.bot is supported
+ *
+ * @throws Error if {@linkcode app.initialize} has not successfully completed
  */
-function authentication_initialize() {
-    registerHandler(getApiVersionTag(authenticationTelemetryVersionNumber_v1, "authentication.registerAuthenticateSuccessHandler" /* ApiName.Authentication_RegisterAuthenticateSuccessHandler */), 'authentication.authenticate.success', handleSuccess, false);
-    registerHandler(getApiVersionTag(authenticationTelemetryVersionNumber_v1, "authentication.registerAuthenticateFailureHandler" /* ApiName.Authentication_RegisterAuthenticateFailureHandler */), 'authentication.authenticate.failure', handleFailure, false);
+function bot_isSupported() {
+    return (ensureInitialized(runtime) &&
+        (runtime.supports.dialog && runtime.supports.dialog.url && runtime.supports.dialog.url.bot) !== undefined);
 }
-let authParams;
+
+;// ./src/public/dialog/url/parentCommunication.ts
 /**
- * @deprecated
- * As of TeamsJS v2.0.0, this function has been deprecated in favor of a Promise-based pattern using {@link authentication.authenticate authentication.authenticate(authenticateParameters: AuthenticatePopUpParameters): Promise\<string\>}
+ * Subcapability that allows communication between the dialog and the parent app.
  *
- * Registers handlers to be called with the result of an authentication flow triggered using {@link authentication.authenticate authentication.authenticate(authenticateParameters?: AuthenticateParameters): void}
+ * @remarks
+ * Note that dialog can be invoked from parentless scenarios e.g. Search Message Extensions. The subcapability `parentCommunication` is not supported in such scenarios.
  *
- * @param authenticateParameters - Configuration for authentication flow pop-up result communication
+ * @module
  */
-function registerAuthenticationHandlers(authenticateParameters) {
-    authParams = authenticateParameters;
-}
-function authenticate(authenticateParameters) {
-    const isDifferentParamsInCall = authenticateParameters !== undefined;
-    const authenticateParams = isDifferentParamsInCall
-        ? authenticateParameters
-        : authParams;
-    if (!authenticateParams) {
-        throw new Error('No parameters are provided for authentication');
-    }
-    ensureInitialized(runtime, FrameContexts.content, FrameContexts.sidePanel, FrameContexts.settings, FrameContexts.remove, FrameContexts.task, FrameContexts.stage, FrameContexts.meetingStage);
-    const apiVersionTag = authenticateParams.successCallback || authenticateParams.failureCallback
-        ? getApiVersionTag(authenticationTelemetryVersionNumber_v1, "authentication.authenticate" /* ApiName.Authentication_Authenticate */)
-        : getApiVersionTag(authenticationTelemetryVersionNumber_v2, "authentication.authenticate" /* ApiName.Authentication_Authenticate */);
-    return authenticateHelper(apiVersionTag, authenticateParams)
-        .then((value) => {
-        try {
-            if (authenticateParams && authenticateParams.successCallback) {
-                authenticateParams.successCallback(value);
-                return '';
-            }
-            return value;
-        }
-        finally {
-            if (!isDifferentParamsInCall) {
-                authParams = undefined;
-            }
-        }
-    })
-        .catch((err) => {
-        try {
-            if (authenticateParams && authenticateParams.failureCallback) {
-                authenticateParams.failureCallback(err.message);
-                return '';
-            }
-            throw err;
-        }
-        finally {
-            if (!isDifferentParamsInCall) {
-                authParams = undefined;
-            }
-        }
-    });
-}
-function authenticateHelper(apiVersionTag, authenticateParameters) {
-    return new Promise((resolve, reject) => {
-        if (GlobalVars.hostClientType !== HostClientType.web) {
-            // Convert any relative URLs into absolute URLs before sending them over to the parent window.
-            const fullyQualifiedURL = fullyQualifyUrlString(authenticateParameters.url);
-            validateUrl(fullyQualifiedURL);
-            // Ask the parent window to open an authentication window with the parameters provided by the caller.
-            resolve(sendMessageToParentAsync(apiVersionTag, 'authentication.authenticate', [
-                fullyQualifiedURL.href,
-                authenticateParameters.width,
-                authenticateParameters.height,
-                authenticateParameters.isExternal,
-            ]).then(([success, response]) => {
-                if (success) {
-                    return response;
-                }
-                else {
-                    throw new Error(response);
-                }
-            }));
-        }
-        else {
-            // Open an authentication window with the parameters provided by the caller.
-            authHandlers = {
-                success: resolve,
-                fail: reject,
-            };
-            openAuthenticationWindow(authenticateParameters);
-        }
-    });
-}
-function getAuthToken(authTokenRequest) {
-    ensureInitializeCalled();
-    const apiVersionTag = authTokenRequest && (authTokenRequest.successCallback || authTokenRequest.failureCallback)
-        ? getApiVersionTag(authenticationTelemetryVersionNumber_v1, "authentication.getAuthToken" /* ApiName.Authentication_GetAuthToken */)
-        : getApiVersionTag(authenticationTelemetryVersionNumber_v2, "authentication.getAuthToken" /* ApiName.Authentication_GetAuthToken */);
-    return getAuthTokenHelper(apiVersionTag, authTokenRequest)
-        .then((value) => {
-        if (authTokenRequest && authTokenRequest.successCallback) {
-            authTokenRequest.successCallback(value);
-            return '';
-        }
-        return value;
-    })
-        .catch((err) => {
-        if (authTokenRequest && authTokenRequest.failureCallback) {
-            authTokenRequest.failureCallback(err.message);
-            return '';
-        }
-        throw err;
-    });
-}
-function getAuthTokenHelper(apiVersionTag, authTokenRequest) {
-    return new Promise((resolve) => {
-        resolve(sendMessageToParentAsync(apiVersionTag, 'authentication.getAuthToken', [
-            authTokenRequest === null || authTokenRequest === void 0 ? void 0 : authTokenRequest.resources,
-            authTokenRequest === null || authTokenRequest === void 0 ? void 0 : authTokenRequest.claims,
-            authTokenRequest === null || authTokenRequest === void 0 ? void 0 : authTokenRequest.silent,
-            authTokenRequest === null || authTokenRequest === void 0 ? void 0 : authTokenRequest.tenantId,
-        ]));
-    }).then(([success, result]) => {
-        if (success) {
-            return result;
-        }
-        else {
-            throw new Error(result);
-        }
-    });
-}
-function getUser(userRequest) {
-    ensureInitializeCalled();
-    const apiVersionTag = userRequest && (userRequest.successCallback || userRequest.failureCallback)
-        ? getApiVersionTag(authenticationTelemetryVersionNumber_v1, "authentication.getUser" /* ApiName.Authentication_GetUser */)
-        : getApiVersionTag(authenticationTelemetryVersionNumber_v2, "authentication.getUser" /* ApiName.Authentication_GetUser */);
-    return getUserHelper(apiVersionTag)
-        .then((value) => {
-        if (userRequest && userRequest.successCallback) {
-            userRequest.successCallback(value);
-            return null;
-        }
-        return value;
-    })
-        .catch((err) => {
-        const errorMessage = `Error returned, code = ${err.errorCode}, message = ${err.message}`;
-        if (userRequest && userRequest.failureCallback) {
-            userRequest.failureCallback(errorMessage);
-            return null;
-        }
-        throw new Error(errorMessage);
-    });
-}
-function getUserHelper(apiVersionTag) {
-    return new Promise((resolve) => {
-        resolve(sendMessageToParentAsync(apiVersionTag, 'authentication.getUser'));
-    }).then(([success, result]) => {
-        if (success) {
-            return result;
-        }
-        else {
-            throw result;
-        }
-    });
-}
-function closeAuthenticationWindow() {
-    // Stop monitoring the authentication window
-    stopAuthenticationWindowMonitor();
-    // Try to close the authentication window and clear all properties associated with it
-    try {
-        if (Communication.childWindow) {
-            Communication.childWindow.close();
-        }
-    }
-    finally {
-        Communication.childWindow = null;
-        Communication.childOrigin = null;
-    }
-}
-/**
- * Different browsers handle authentication flows in pop-up windows differently.
- * Firefox and Safari, which use Quantum and WebKit browser engines respectively, block the use of 'window.open' for pop-up windows.
- * Any chrome-based browser (Chrome, Edge, Brave, etc.) opens a new browser window without any user-prompts.
- * To ensure consistent behavior across all browsers, consider using the following function to create a new authentication window.
- *
- * @param authenticateParameters - Parameters describing the authentication window used for executing the authentication flow.
- */
-function openAuthenticationWindow(authenticateParameters) {
-    // Close the previously opened window if we have one
-    closeAuthenticationWindow();
-    // Start with a sensible default size
-    let width = authenticateParameters.width || 600;
-    let height = authenticateParameters.height || 400;
-    // Ensure that the new window is always smaller than our app's window so that it never fully covers up our app
-    width = Math.min(width, Communication.currentWindow.outerWidth - 400);
-    height = Math.min(height, Communication.currentWindow.outerHeight - 200);
-    // Convert any relative URLs into absolute URLs before sending them over to the parent window
-    const fullyQualifiedURL = fullyQualifyUrlString(authenticateParameters.url.replace('{oauthRedirectMethod}', 'web'));
-    validateUrl(fullyQualifiedURL);
-    // We are running in the browser, so we need to center the new window ourselves
-    let left = typeof Communication.currentWindow.screenLeft !== 'undefined'
-        ? Communication.currentWindow.screenLeft
-        : Communication.currentWindow.screenX;
-    let top = typeof Communication.currentWindow.screenTop !== 'undefined'
-        ? Communication.currentWindow.screenTop
-        : Communication.currentWindow.screenY;
-    left += Communication.currentWindow.outerWidth / 2 - width / 2;
-    top += Communication.currentWindow.outerHeight / 2 - height / 2;
-    // Open a child window with a desired set of standard browser features
-    Communication.childWindow = Communication.currentWindow.open(fullyQualifiedURL.href, '_blank', 'toolbar=no, location=yes, status=no, menubar=no, scrollbars=yes, top=' +
-        top +
-        ', left=' +
-        left +
-        ', width=' +
-        width +
-        ', height=' +
-        height);
-    if (Communication.childWindow) {
-        // Start monitoring the authentication window so that we can detect if it gets closed before the flow completes
-        startAuthenticationWindowMonitor();
-    }
-    else {
-        // If we failed to open the window, fail the authentication flow
-        handleFailure('FailedToOpenWindow');
-    }
-}
-function stopAuthenticationWindowMonitor() {
-    if (authWindowMonitor) {
-        clearInterval(authWindowMonitor);
-        authWindowMonitor = 0;
-    }
-    handlers_removeHandler('initialize');
-    handlers_removeHandler('navigateCrossDomain');
-}
-function startAuthenticationWindowMonitor() {
-    // Stop the previous window monitor if one is running
-    stopAuthenticationWindowMonitor();
-    // Create an interval loop that
-    // - Notifies the caller of failure if it detects that the authentication window is closed
-    // - Keeps pinging the authentication window while it is open to re-establish
-    //   contact with any pages along the authentication flow that need to communicate
-    //   with us
-    authWindowMonitor = Communication.currentWindow.setInterval(() => {
-        if (!Communication.childWindow || Communication.childWindow.closed) {
-            handleFailure('CancelledByUser');
-        }
-        else {
-            const savedChildOrigin = Communication.childOrigin;
-            try {
-                Communication.childOrigin = '*';
-                sendMessageEventToChild('ping');
-            }
-            finally {
-                Communication.childOrigin = savedChildOrigin;
-            }
-        }
-    }, 100);
-    // Set up an initialize-message handler that gives the authentication window its frame context
-    registerHandler(getApiVersionTag(authenticationTelemetryVersionNumber_v1, "authentication.authenticationWindow.registerInitializeHandler" /* ApiName.Authentication_AuthenticationWindow_RegisterInitializeHandler */), 'initialize', () => {
-        return [FrameContexts.authentication, GlobalVars.hostClientType];
-    });
-    // Set up a navigateCrossDomain message handler that blocks cross-domain re-navigation attempts
-    // in the authentication window. We could at some point choose to implement this method via a call to
-    // authenticationWindow.location.href = url; however, we would first need to figure out how to
-    // validate the URL against the tab's list of valid domains.
-    registerHandler(getApiVersionTag(authenticationTelemetryVersionNumber_v1, "authentication.authenticationWindow.registerNavigateCrossDomainHandler" /* ApiName.Authentication_AuthenticationWindow_RegisterNavigateCrossDomainHandler */), 'navigateCrossDomain', () => {
-        return false;
-    });
-}
-/**
- * @deprecated
- * This function used to have an unused optional second parameter called callbackUrl. Because it was not used, it has been removed.
- * Please use the {@link authentication.notifySuccess authentication.notifySuccess(result?: string): void} instead.
- */
-function authentication_notifySuccess(result, _callbackUrl) {
-    ensureInitialized(runtime, FrameContexts.authentication);
-    const apiVersionTag = _callbackUrl
-        ? getApiVersionTag(authenticationTelemetryVersionNumber_v1, "authentication.notifySuccess" /* ApiName.Authentication_NotifySuccess */)
-        : getApiVersionTag(authenticationTelemetryVersionNumber_v2, "authentication.notifySuccess" /* ApiName.Authentication_NotifySuccess */);
-    sendMessageToParent(apiVersionTag, 'authentication.authenticate.success', [result]);
-    // Wait for the message to be sent before closing the window
-    waitForMessageQueue(Communication.parentWindow, () => setTimeout(() => Communication.currentWindow.close(), 200));
-}
-/**
- * @deprecated
- * This function used to have an unused optional second parameter called callbackUrl. Because it was not used, it has been removed.
- * Please use the {@link authentication.notifyFailure authentication.notifyFailure(result?: string): void} instead.
- */
-function authentication_notifyFailure(reason, _callbackUrl) {
-    ensureInitialized(runtime, FrameContexts.authentication);
-    const apiVersionTag = _callbackUrl
-        ? getApiVersionTag(authenticationTelemetryVersionNumber_v1, "authentication.notifyFailure" /* ApiName.Authentication_NotifyFailure */)
-        : getApiVersionTag(authenticationTelemetryVersionNumber_v2, "authentication.notifyFailure" /* ApiName.Authentication_NotifyFailure */);
-    sendMessageToParent(apiVersionTag, 'authentication.authenticate.failure', [reason]);
-    // Wait for the message to be sent before closing the window
-    waitForMessageQueue(Communication.parentWindow, () => setTimeout(() => Communication.currentWindow.close(), 200));
-}
-function handleSuccess(result) {
-    try {
-        if (authHandlers) {
-            authHandlers.success(result);
-        }
-    }
-    finally {
-        authHandlers = undefined;
-        closeAuthenticationWindow();
-    }
-}
-function handleFailure(reason) {
-    try {
-        if (authHandlers) {
-            authHandlers.fail(new Error(reason));
-        }
-    }
-    finally {
-        authHandlers = undefined;
-        closeAuthenticationWindow();
-    }
-}
-/**
- * @hidden
- * Limited set of data residencies information exposed to 1P application developers
- *
- * @internal
- * Limited to Microsoft-internal use
- */
-var DataResidency;
-(function (DataResidency) {
-    /**
-     * Public
-     */
-    DataResidency["Public"] = "public";
-    /**
-     * European Union Data Boundary
-     */
-    DataResidency["EUDB"] = "eudb";
-    /**
-     * Other, stored to cover fields that will not be exposed
-     */
-    DataResidency["Other"] = "other";
-})(DataResidency || (DataResidency = {}));
-
-;// ./src/public/dialog/update.ts
-/**
- * Module to update the dialog
- *
- * @module
- */
-
-
-
-
-/**
- * Update dimensions - height/width of a dialog.
- *
- * @param dimensions - An object containing width and height properties.
- */
-function resize(dimensions) {
-    updateResizeHelper(getApiVersionTag(dialogTelemetryVersionNumber, "dialog.update.resize" /* ApiName.Dialog_Update_Resize */), dimensions);
-}
-/**
- * Checks if dialog.update capability is supported by the host
- * @returns boolean to represent whether dialog.update capabilty is supported
- *
- * @throws Error if {@linkcode app.initialize} has not successfully completed
- */
-function update_isSupported() {
-    return ensureInitialized(runtime) && runtime.supports.dialog
-        ? runtime.supports.dialog.update
-            ? true
-            : false
-        : false;
-}
-
-;// ./src/public/dialog/url/bot.ts
-/**
- * Module to open a dialog that sends results to the bot framework
- *
- * @module
- */
-
-
-
-
-/**
- * Allows an app to open a dialog that sends submitted data to a bot.
- *
- * @param botUrlDialogInfo - An object containing the parameters of the dialog module including completionBotId.
- * @param submitHandler - Handler that triggers when the dialog has been submitted or closed.
- * @param messageFromChildHandler - Handler that triggers if dialog sends a message to the app.
- *
- * @returns a function that can be used to send messages to the dialog.
- */
-function bot_open(botUrlDialogInfo, submitHandler, messageFromChildHandler) {
-    botUrlOpenHelper(getApiVersionTag(dialogTelemetryVersionNumber, "dialog.url.bot.open" /* ApiName.Dialog_Url_Bot_Open */), botUrlDialogInfo, submitHandler, messageFromChildHandler);
-}
-/**
- * Checks if dialog.url.bot capability is supported by the host
- *
- * @returns boolean to represent whether dialog.url.bot is supported
- *
- * @throws Error if {@linkcode app.initialize} has not successfully completed
- */
-function bot_isSupported() {
-    return (ensureInitialized(runtime) &&
-        (runtime.supports.dialog && runtime.supports.dialog.url && runtime.supports.dialog.url.bot) !== undefined);
-}
-
-;// ./src/public/dialog/url/parentCommunication.ts
-/**
- * Subcapability that allows communication between the dialog and the parent app.
- *
- * @remarks
- * Note that dialog can be invoked from parentless scenarios e.g. Search Message Extensions. The subcapability `parentCommunication` is not supported in such scenarios.
- *
- * @module
- */
-
-
-
-
-
-
-
-/**
- *  Send message to the parent from dialog
- *
- * @remarks
- * This function is only intended to be called from code running within the dialog. Calling it from outside the dialog will have no effect.
- *
- * @param message - The message to send to the parent
- */
-function sendMessageToParentFromDialog(
-// eslint-disable-next-line @typescript-eslint/no-explicit-any
-message) {
-    ensureInitialized(runtime, FrameContexts.task);
-    if (!parentCommunication_isSupported()) {
-        throw errorNotSupportedOnPlatform;
-    }
-    sendMessageToParent(getApiVersionTag(dialogTelemetryVersionNumber, "dialog.url.parentCommunication.sendMessageToParentFromDialog" /* ApiName.Dialog_Url_ParentCommunication_SendMessageToParentFromDialog */), 'messageForParent', [message]);
+
+
+
+
+
+
+
+/**
+ *  Send message to the parent from dialog
+ *
+ * @remarks
+ * This function is only intended to be called from code running within the dialog. Calling it from outside the dialog will have no effect.
+ *
+ * @param message - The message to send to the parent
+ */
+function sendMessageToParentFromDialog(
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+message) {
+    ensureInitialized(runtime, FrameContexts.task);
+    if (!parentCommunication_isSupported()) {
+        throw errorNotSupportedOnPlatform;
+    }
+    sendMessageToParent(getApiVersionTag(dialogTelemetryVersionNumber, "dialog.url.parentCommunication.sendMessageToParentFromDialog" /* ApiName.Dialog_Url_ParentCommunication_SendMessageToParentFromDialog */), 'messageForParent', [message]);
 }
 /**
  *  Send message to the dialog from the parent
@@ -6656,7 +6176,6 @@ var appHelpers_awaiter = (undefined && undefined.__awaiter) || function (thisArg
 
 
 
-
 /**
  * Number of milliseconds we'll give the initialization call to return before timing it out
  */
@@ -6789,7 +6308,6 @@ function initializeHelper(apiVersionTag, validMessageOrigins) {
                 }
                 GlobalVars.initializeCompleted = true;
             });
-            authentication_initialize();
             menus_initialize();
             config_initialize();
             dialog_initialize();
@@ -6798,25 +6316,167 @@ function initializeHelper(apiVersionTag, validMessageOrigins) {
         if (Array.isArray(validMessageOrigins)) {
             processAdditionalValidOrigins(validMessageOrigins);
         }
-        if (GlobalVars.initializePromise !== undefined) {
-            resolve(GlobalVars.initializePromise);
+        if (GlobalVars.initializePromise !== undefined) {
+            resolve(GlobalVars.initializePromise);
+        }
+        else {
+            initializeHelperLogger('GlobalVars.initializePromise is unexpectedly undefined');
+        }
+    });
+}
+function registerOnThemeChangeHandlerHelper(apiVersionTag, handler) {
+    // allow for registration cleanup even when not called initialize
+    !isNullOrUndefined(handler) && ensureInitializeCalled();
+    handlers_registerOnThemeChangeHandler(apiVersionTag, handler);
+}
+function openLinkHelper(apiVersionTag, deepLink) {
+    return new Promise((resolve) => {
+        ensureInitialized(runtime, FrameContexts.content, FrameContexts.sidePanel, FrameContexts.settings, FrameContexts.task, FrameContexts.stage, FrameContexts.meetingStage);
+        resolve(sendAndHandleStatusAndReason(apiVersionTag, 'executeDeepLink', deepLink));
+    });
+}
+
+;// ./src/internal/validOrigins.ts
+var validOrigins_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+
+
+
+
+let validOriginsCache = [];
+const validateOriginLogger = getLogger('validateOrigin');
+function prefetchOriginsFromCDN() {
+    return validOrigins_awaiter(this, void 0, void 0, function* () {
+        yield getValidOriginsListFromCDN();
+    });
+}
+function isValidOriginsCacheEmpty() {
+    return validOriginsCache.length === 0;
+}
+function getValidOriginsListFromCDN(shouldDisableCache = false) {
+    return validOrigins_awaiter(this, void 0, void 0, function* () {
+        if (!isValidOriginsCacheEmpty() && !shouldDisableCache) {
+            return validOriginsCache;
+        }
+        if (!inServerSideRenderingEnvironment()) {
+            validateOriginLogger('Initiating fetch call to acquire valid origins list from CDN');
+            const controller = new AbortController();
+            const timeoutId = setTimeout(() => controller.abort(), ORIGIN_LIST_FETCH_TIMEOUT_IN_MS);
+            return fetch(validOriginsCdnEndpoint, { signal: controller.signal })
+                .then((response) => {
+                clearTimeout(timeoutId);
+                if (!response.ok) {
+                    throw new Error('Invalid Response from Fetch Call');
+                }
+                validateOriginLogger('Fetch call completed and retrieved valid origins list from CDN');
+                return response.json().then((validOriginsCDN) => {
+                    if (isValidOriginsJSONValid(JSON.stringify(validOriginsCDN))) {
+                        validOriginsCache = validOriginsCDN.validOrigins;
+                        return validOriginsCache;
+                    }
+                    else {
+                        throw new Error('Valid origins list retrieved from CDN is invalid');
+                    }
+                });
+            })
+                .catch((e) => {
+                if (e.name === 'AbortError') {
+                    validateOriginLogger(`validOrigins fetch call to CDN failed due to Timeout of ${ORIGIN_LIST_FETCH_TIMEOUT_IN_MS} ms. Defaulting to fallback list`);
+                }
+                else {
+                    validateOriginLogger('validOrigins fetch call to CDN failed with error: %s. Defaulting to fallback list', e);
+                }
+                validOriginsCache = validOriginsFallback;
+                return validOriginsCache;
+            });
+        }
+        else {
+            validOriginsCache = validOriginsFallback;
+            return validOriginsFallback;
+        }
+    });
+}
+function isValidOriginsJSONValid(validOriginsJSON) {
+    let validOriginsCDN = JSON.parse(validOriginsJSON);
+    try {
+        validOriginsCDN = JSON.parse(validOriginsJSON);
+    }
+    catch (_) {
+        return false;
+    }
+    if (!validOriginsCDN.validOrigins) {
+        return false;
+    }
+    for (const validOrigin of validOriginsCDN.validOrigins) {
+        try {
+            new URL('https://' + validOrigin);
+        }
+        catch (_) {
+            validateOriginLogger('isValidOriginsFromCDN call failed to validate origin: %s', validOrigin);
+            return false;
+        }
+    }
+    return true;
+}
+/**
+ * @param pattern - reference pattern
+ * @param host - candidate string
+ * @returns returns true if host matches pre-know valid pattern
+ *
+ * @example
+ *    validateHostAgainstPattern('*.teams.microsoft.com', 'subdomain.teams.microsoft.com') returns true
+ *    validateHostAgainstPattern('teams.microsoft.com', 'team.microsoft.com') returns false
+ *
+ * @internal
+ * Limited to Microsoft-internal use
+ */
+function validateHostAgainstPattern(pattern, host) {
+    if (pattern.substring(0, 2) === '*.') {
+        const suffix = pattern.substring(1);
+        if (host.length > suffix.length &&
+            host.split('.').length === suffix.split('.').length &&
+            host.substring(host.length - suffix.length) === suffix) {
+            return true;
+        }
+    }
+    else if (pattern === host) {
+        return true;
+    }
+    return false;
+}
+/**
+ * @internal
+ * Limited to Microsoft-internal use
+ */
+function validateOrigin(messageOrigin, disableCache) {
+    return getValidOriginsListFromCDN(disableCache).then((validOriginsList) => {
+        // Check whether the url is in the pre-known allowlist or supplied by user
+        if (!isValidHttpsURL(messageOrigin)) {
+            validateOriginLogger('Origin %s is invalid because it is not using https protocol. Protocol being used: %s', messageOrigin, messageOrigin.protocol);
+            return false;
+        }
+        const messageOriginHost = messageOrigin.host;
+        if (validOriginsList.some((pattern) => validateHostAgainstPattern(pattern, messageOriginHost))) {
+            return true;
         }
-        else {
-            initializeHelperLogger('GlobalVars.initializePromise is unexpectedly undefined');
+        for (const domainOrPattern of GlobalVars.additionalValidOrigins) {
+            const pattern = domainOrPattern.substring(0, 8) === 'https://' ? domainOrPattern.substring(8) : domainOrPattern;
+            if (validateHostAgainstPattern(pattern, messageOriginHost)) {
+                return true;
+            }
         }
+        validateOriginLogger('Origin %s is invalid because it is not an origin approved by this library or included in the call to app.initialize.\nOrigins approved by this library: %o\nOrigins included in app.initialize: %o', messageOrigin, validOriginsList, GlobalVars.additionalValidOrigins);
+        return false;
     });
 }
-function registerOnThemeChangeHandlerHelper(apiVersionTag, handler) {
-    // allow for registration cleanup even when not called initialize
-    !isNullOrUndefined(handler) && ensureInitializeCalled();
-    handlers_registerOnThemeChangeHandler(apiVersionTag, handler);
-}
-function openLinkHelper(apiVersionTag, deepLink) {
-    return new Promise((resolve) => {
-        ensureInitialized(runtime, FrameContexts.content, FrameContexts.sidePanel, FrameContexts.settings, FrameContexts.task, FrameContexts.stage, FrameContexts.meetingStage);
-        resolve(sendAndHandleStatusAndReason(apiVersionTag, 'executeDeepLink', deepLink));
-    });
-}
+prefetchOriginsFromCDN();
 
 ;// ./src/public/pages/appButton.ts
 /**
@@ -8354,10 +8014,10 @@ const sendMessageToParentHelperLogger = communicationLogger.extend('sendMessageT
  * @internal
  * Limited to Microsoft-internal use
  */
-function sendMessageToParentHelper(apiVersionTag, actionName, args) {
+function sendMessageToParentHelper(apiVersionTag, actionName, args, isProxiedFromChild) {
     const logger = sendMessageToParentHelperLogger;
     const targetWindow = Communication.parentWindow;
-    const request = createMessageRequest(apiVersionTag, actionName, args);
+    const request = createMessageRequest(apiVersionTag, actionName, args, isProxiedFromChild);
     HostToAppMessageDelayTelemetry.storeCallbackInformation(request.uuid, {
         name: actionName,
         calledAt: request.timestamp,
@@ -8684,15 +8344,7 @@ function handleIncomingMessageFromChild(evt) {
         else {
             // No handler, proxy to parent
             handleIncomingMessageFromChildLogger('No handler for message %s from child found; relaying message on to parent, action: %s. Relayed message will have a new id.', getMessageIdsAsLogString(message), message.func);
-            sendMessageToParent(getApiVersionTag("v2" /* ApiVersionNumber.V_2 */, "tasks.startTask" /* ApiName.Tasks_StartTask */), message.func, message.args, (...args) => {
-                if (Communication.childWindow) {
-                    const isPartialResponse = args.pop();
-                    handleIncomingMessageFromChildLogger('Message from parent being relayed to child, id: %s', getMessageIdsAsLogString(message));
-                    // eslint-disable-next-line @typescript-eslint/ban-ts-comment
-                    // @ts-ignore
-                    sendMessageResponseToChild(message.id, message.uuid, args, isPartialResponse);
-                }
-            });
+            proxyChildMessageToParent(message);
         }
     }
 }
@@ -8839,7 +8491,7 @@ function sendMessageEventToChild(actionName, args) {
  * @internal
  * Limited to Microsoft-internal use
  */
-function createMessageRequest(apiVersionTag, func, args) {
+function createMessageRequest(apiVersionTag, func, args, isProxiedFromChild) {
     const messageId = CommunicationPrivate.nextMessageId++;
     const messageUuid = new UUID();
     CommunicationPrivate.legacyMessageIdsToUuidMap[messageId] = messageUuid;
@@ -8851,6 +8503,7 @@ function createMessageRequest(apiVersionTag, func, args) {
         monotonicTimestamp: getCurrentTimestamp(),
         args: args || [],
         apiVersionTag: apiVersionTag,
+        isProxiedFromChild: isProxiedFromChild !== null && isProxiedFromChild !== void 0 ? isProxiedFromChild : false,
     };
 }
 /**
@@ -8916,6 +8569,22 @@ function getMessageIdsAsLogString(message) {
         return `legacy id: ${message.id} (no uuid)`;
     }
 }
+/**
+ * @internal
+ * Limited to Microsoft-internal use
+ */
+function proxyChildMessageToParent(message) {
+    const request = sendMessageToParentHelper(getApiVersionTag("v2" /* ApiVersionNumber.V_2 */, "tasks.startTask" /* ApiName.Tasks_StartTask */), message.func, message.args, true);
+    CommunicationPrivate.callbacks.set(request.uuid, (...args) => {
+        if (Communication.childWindow) {
+            const isPartialResponse = args.pop();
+            handleIncomingMessageFromChildLogger('Message from parent being relayed to child, id: %s', getMessageIdsAsLogString(message));
+            // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+            // @ts-ignore
+            sendMessageResponseToChild(message.id, message.uuid, args, isPartialResponse);
+        }
+    });
+}
 
 ;// ./src/private/logs.ts
 /**
@@ -13188,6 +12857,236 @@ function serializeValidSize(size) {
 
 
 
+
+;// ./src/public/authentication.ts
+/**
+ * Module to interact with the authentication-specific part of the SDK.
+ *
+ * This object is used for starting or completing authentication flows.
+ * @module
+ */
+var authentication_awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+
+
+
+
+
+
+/**
+ * Exceptional APIs telemetry versioning file: v1 and v2 APIs are mixed together in this file
+ */
+const authenticationTelemetryVersionNumber_v1 = "v1" /* ApiVersionNumber.V_1 */;
+const authenticationTelemetryVersionNumber_v2 = "v2" /* ApiVersionNumber.V_2 */;
+/**
+ * @hidden
+ * @internal
+ * Limited to Microsoft-internal use; automatically called when library is initialized
+ */
+let authParams;
+/**
+ * @deprecated
+ * As of TeamsJS v2.0.0, this function has been deprecated in favor of a Promise-based pattern using {@link authentication.authenticate authentication.authenticate(authenticateParameters: AuthenticatePopUpParameters): Promise\<string\>}
+ *
+ * Registers handlers to be called with the result of an authentication flow triggered using {@link authentication.authenticate authentication.authenticate(authenticateParameters?: AuthenticateParameters): void}
+ *
+ * @param authenticateParameters - Configuration for authentication flow pop-up result communication
+ */
+function registerAuthenticationHandlers(authenticateParameters) {
+    authParams = authenticateParameters;
+}
+function authenticate(authenticateParameters) {
+    const isDifferentParamsInCall = authenticateParameters !== undefined;
+    const authenticateParams = isDifferentParamsInCall
+        ? authenticateParameters
+        : authParams;
+    if (!authenticateParams) {
+        throw new Error('No parameters are provided for authentication');
+    }
+    ensureInitialized(runtime, FrameContexts.content, FrameContexts.sidePanel, FrameContexts.settings, FrameContexts.remove, FrameContexts.task, FrameContexts.stage, FrameContexts.meetingStage);
+    const apiVersionTag = authenticateParams.successCallback || authenticateParams.failureCallback
+        ? getApiVersionTag(authenticationTelemetryVersionNumber_v1, "authentication.authenticate" /* ApiName.Authentication_Authenticate */)
+        : getApiVersionTag(authenticationTelemetryVersionNumber_v2, "authentication.authenticate" /* ApiName.Authentication_Authenticate */);
+    return authenticateHelper(apiVersionTag, authenticateParams)
+        .then((value) => {
+        try {
+            if (authenticateParams && authenticateParams.successCallback) {
+                authenticateParams.successCallback(value);
+                return '';
+            }
+            return value;
+        }
+        finally {
+            if (!isDifferentParamsInCall) {
+                authParams = undefined;
+            }
+        }
+    })
+        .catch((err) => {
+        try {
+            if (authenticateParams && authenticateParams.failureCallback) {
+                authenticateParams.failureCallback(err.message);
+                return '';
+            }
+            throw err;
+        }
+        finally {
+            if (!isDifferentParamsInCall) {
+                authParams = undefined;
+            }
+        }
+    });
+}
+function authenticateHelper(apiVersionTag, authenticateParameters) {
+    return authentication_awaiter(this, void 0, void 0, function* () {
+        // Convert any relative URLs into absolute URLs before sending them over to the parent window.
+        const fullyQualifiedURL = fullyQualifyUrlString(authenticateParameters.url);
+        validateUrl(fullyQualifiedURL);
+        // Ask the parent window to open an authentication window with the parameters provided by the caller.
+        return sendMessageToParentAsync(apiVersionTag, 'authentication.authenticate', [
+            fullyQualifiedURL.href,
+            authenticateParameters.width,
+            authenticateParameters.height,
+            authenticateParameters.isExternal,
+        ]).then(([success, response]) => {
+            if (success) {
+                return response;
+            }
+            else {
+                throw new Error(response);
+            }
+        });
+    });
+}
+function getAuthToken(authTokenRequest) {
+    ensureInitializeCalled();
+    const apiVersionTag = authTokenRequest && (authTokenRequest.successCallback || authTokenRequest.failureCallback)
+        ? getApiVersionTag(authenticationTelemetryVersionNumber_v1, "authentication.getAuthToken" /* ApiName.Authentication_GetAuthToken */)
+        : getApiVersionTag(authenticationTelemetryVersionNumber_v2, "authentication.getAuthToken" /* ApiName.Authentication_GetAuthToken */);
+    return getAuthTokenHelper(apiVersionTag, authTokenRequest)
+        .then((value) => {
+        if (authTokenRequest && authTokenRequest.successCallback) {
+            authTokenRequest.successCallback(value);
+            return '';
+        }
+        return value;
+    })
+        .catch((err) => {
+        if (authTokenRequest && authTokenRequest.failureCallback) {
+            authTokenRequest.failureCallback(err.message);
+            return '';
+        }
+        throw err;
+    });
+}
+function getAuthTokenHelper(apiVersionTag, authTokenRequest) {
+    return new Promise((resolve) => {
+        resolve(sendMessageToParentAsync(apiVersionTag, 'authentication.getAuthToken', [
+            authTokenRequest === null || authTokenRequest === void 0 ? void 0 : authTokenRequest.resources,
+            authTokenRequest === null || authTokenRequest === void 0 ? void 0 : authTokenRequest.claims,
+            authTokenRequest === null || authTokenRequest === void 0 ? void 0 : authTokenRequest.silent,
+            authTokenRequest === null || authTokenRequest === void 0 ? void 0 : authTokenRequest.tenantId,
+        ]));
+    }).then(([success, result]) => {
+        if (success) {
+            return result;
+        }
+        else {
+            throw new Error(result);
+        }
+    });
+}
+function getUser(userRequest) {
+    ensureInitializeCalled();
+    const apiVersionTag = userRequest && (userRequest.successCallback || userRequest.failureCallback)
+        ? getApiVersionTag(authenticationTelemetryVersionNumber_v1, "authentication.getUser" /* ApiName.Authentication_GetUser */)
+        : getApiVersionTag(authenticationTelemetryVersionNumber_v2, "authentication.getUser" /* ApiName.Authentication_GetUser */);
+    return getUserHelper(apiVersionTag)
+        .then((value) => {
+        if (userRequest && userRequest.successCallback) {
+            userRequest.successCallback(value);
+            return null;
+        }
+        return value;
+    })
+        .catch((err) => {
+        const errorMessage = `Error returned, code = ${err.errorCode}, message = ${err.message}`;
+        if (userRequest && userRequest.failureCallback) {
+            userRequest.failureCallback(errorMessage);
+            return null;
+        }
+        throw new Error(errorMessage);
+    });
+}
+function getUserHelper(apiVersionTag) {
+    return new Promise((resolve) => {
+        resolve(sendMessageToParentAsync(apiVersionTag, 'authentication.getUser'));
+    }).then(([success, result]) => {
+        if (success) {
+            return result;
+        }
+        else {
+            throw result;
+        }
+    });
+}
+/**
+ * @deprecated
+ * This function used to have an unused optional second parameter called callbackUrl. Because it was not used, it has been removed.
+ * Please use the {@link authentication.notifySuccess authentication.notifySuccess(result?: string): void} instead.
+ */
+function authentication_notifySuccess(result, _callbackUrl) {
+    ensureInitialized(runtime, FrameContexts.authentication);
+    const apiVersionTag = _callbackUrl
+        ? getApiVersionTag(authenticationTelemetryVersionNumber_v1, "authentication.notifySuccess" /* ApiName.Authentication_NotifySuccess */)
+        : getApiVersionTag(authenticationTelemetryVersionNumber_v2, "authentication.notifySuccess" /* ApiName.Authentication_NotifySuccess */);
+    sendMessageToParent(apiVersionTag, 'authentication.authenticate.success', [result]);
+    // Wait for the message to be sent before closing the window
+    waitForMessageQueue(Communication.parentWindow, () => setTimeout(() => Communication.currentWindow.close(), 200));
+}
+/**
+ * @deprecated
+ * This function used to have an unused optional second parameter called callbackUrl. Because it was not used, it has been removed.
+ * Please use the {@link authentication.notifyFailure authentication.notifyFailure(result?: string): void} instead.
+ */
+function authentication_notifyFailure(reason, _callbackUrl) {
+    ensureInitialized(runtime, FrameContexts.authentication);
+    const apiVersionTag = _callbackUrl
+        ? getApiVersionTag(authenticationTelemetryVersionNumber_v1, "authentication.notifyFailure" /* ApiName.Authentication_NotifyFailure */)
+        : getApiVersionTag(authenticationTelemetryVersionNumber_v2, "authentication.notifyFailure" /* ApiName.Authentication_NotifyFailure */);
+    sendMessageToParent(apiVersionTag, 'authentication.authenticate.failure', [reason]);
+    // Wait for the message to be sent before closing the window
+    waitForMessageQueue(Communication.parentWindow, () => setTimeout(() => Communication.currentWindow.close(), 200));
+}
+/**
+ * @hidden
+ * Limited set of data residencies information exposed to 1P application developers
+ *
+ * @internal
+ * Limited to Microsoft-internal use
+ */
+var DataResidency;
+(function (DataResidency) {
+    /**
+     * Public
+     */
+    DataResidency["Public"] = "public";
+    /**
+     * European Union Data Boundary
+     */
+    DataResidency["EUDB"] = "eudb";
+    /**
+     * Other, stored to cover fields that will not be exposed
+     */
+    DataResidency["Other"] = "other";
+})(DataResidency || (DataResidency = {}));
 
 ;// ./src/internal/emailAddressValidation.ts
 function validateEmailAddress(emailString) {
@@ -14341,16 +14240,17 @@ function isNAAChannelRecommended() {
 }
 function isNAAChannelRecommendedForLegacyTeamsMobile() {
     return ensureInitialized(runtime) &&
-        isHostAndroidOrIOSOrIPadOS() &&
+        isHostAndroidOrIOSOrIPadOSOrVisionOS() &&
         runtime.isLegacyTeams &&
         runtime.supports.nestedAppAuth
         ? true
         : false;
 }
-function isHostAndroidOrIOSOrIPadOS() {
+function isHostAndroidOrIOSOrIPadOSOrVisionOS() {
     return (GlobalVars.hostClientType === HostClientType.android ||
         GlobalVars.hostClientType === HostClientType.ios ||
-        GlobalVars.hostClientType === HostClientType.ipados);
+        GlobalVars.hostClientType === HostClientType.ipados ||
+        GlobalVars.hostClientType === HostClientType.visionOS);
 }
 
 ;// ./src/public/geoLocation/map.ts
@@ -16739,7 +16639,8 @@ function isWebStorageClearedOnUserLogOut() {
         if (runtime.isLegacyTeams &&
             (GlobalVars.hostClientType === HostClientType.android ||
                 GlobalVars.hostClientType === HostClientType.ios ||
-                GlobalVars.hostClientType === HostClientType.ipados) &&
+                GlobalVars.hostClientType === HostClientType.ipados ||
+                GlobalVars.hostClientType === HostClientType.visionOS) &&
             (yield getHostName()) === HostName.teams) {
             // On Teams Mobile, they haven't yet implemented this capability. However, for compatibility reasons, we need
             // to act as if they do. If they did implement it, they would return true, so that's what we do here.