@microsoft/teamsfx 3.0.0-rc.0 → 3.0.0-rc.1

package/dist/index.esm2017.mjs

@@ -1,17 +1,3578 @@
-import{jwtDecode as e}from"jwt-decode";import{ConfidentialClientApplication as t}from"@azure/msal-node";import{createHash as n}from"crypto";import{ActivityTypes as i,Channels as o,TeamsInfo as a,CardFactory as r,ActionTypes as s,MessageFactory as c,StatusCodes as d,verifyStateOperationName as l,tokenExchangeOperationName as u,TurnContext as h,TeamsActivityHandler as p,MemoryStorage as v,UserState as m,ConversationState as f,ConfigurationServiceClientCredentialFactory as y,ConfigurationBotFrameworkAuthentication as g,CloudAdapter as w}from"botbuilder";import{Dialog as C,ComponentDialog as A,WaterfallDialog as S,DialogSet as I,DialogTurnStatus as T}from"botbuilder-dialogs";import{v4 as k}from"uuid";import E from"axios";import{Agent as x}from"https";import*as R from"adaptivecards-templating";import*as b from"path";import*as O from"fs";var P,F;!function(e){e.InvalidParameter="InvalidParameter",e.InvalidConfiguration="InvalidConfiguration",e.InvalidCertificate="InvalidCertificate",e.InternalError="InternalError",e.ChannelNotSupported="ChannelNotSupported",e.FailedToRetrieveSsoToken="FailedToRetrieveSsoToken",e.FailedToProcessSsoHandler="FailedToProcessSsoHandler",e.CannotFindCommand="CannotFindCommand",e.FailedToRunSsoStep="FailedToRunSsoStep",e.FailedToRunDedupStep="FailedToRunDedupStep",e.SsoActivityHandlerIsUndefined="SsoActivityHandlerIsUndefined",e.RuntimeNotSupported="RuntimeNotSupported",e.ConsentFailed="ConsentFailed",e.UiRequiredError="UiRequiredError",e.TokenExpiredError="TokenExpiredError",e.ServiceError="ServiceError",e.FailedOperation="FailedOperation",e.InvalidResponse="InvalidResponse",e.AuthorizationInfoAlreadyExists="AuthorizationInfoAlreadyExists"}(P||(P={}));class D{}D.InvalidConfiguration="{0} in configuration is invalid: {1}.",D.ConfigurationNotExists="Configuration does not exist. {0}",D.ResourceConfigurationNotExists="{0} resource configuration does not exist.",D.MissingResourceConfiguration="Missing resource configuration with type: {0}, name: {1}.",D.AuthenticationConfigurationNotExists="Authentication configuration does not exist.",D.BrowserRuntimeNotSupported="{0} is not supported in browser.",D.NodejsRuntimeNotSupported="{0} is not supported in Node.",D.FailToAcquireTokenOnBehalfOfUser="Failed to acquire access token on behalf of user: {0}",D.OnlyMSTeamsChannelSupported="{0} is only supported in MS Teams Channel",D.FailedToProcessSsoHandler="Failed to process sso handler: {0}",D.FailedToRetrieveSsoToken="Failed to retrieve sso token, user failed to finish the AAD consent flow.",D.CannotFindCommand="Cannot find command: {0}",D.FailedToRunSsoStep="Failed to run dialog to retrieve sso token: {0}",D.FailedToRunDedupStep="Failed to run dialog to remove duplicated messages: {0}",D.SsoActivityHandlerIsNull="Sso command can only be used or added when sso activity handler is not undefined",D.AuthorizationHeaderAlreadyExists="Authorization header already exists!",D.BasicCredentialAlreadyExists="Basic credential already exists!",D.EmptyParameter="Parameter {0} is empty",D.DuplicateHttpsOptionProperty="Axios HTTPS agent already defined value for property {0}",D.DuplicateApiKeyInHeader="The request already defined api key in request header with name {0}.",D.DuplicateApiKeyInQueryParam="The request already defined api key in query parameter with name {0}.",D.OnlySupportInQueryActivity="The handleMessageExtensionQueryWithToken only support in handleTeamsMessagingExtensionQuery with composeExtension/query type.",D.OnlySupportInLinkQueryActivity="The handleMessageExtensionLinkQueryWithSSO only support in handleTeamsAppBasedLinkQuery with composeExtension/queryLink type.";class M extends Error{constructor(e,t){if(!t)return super(e),this;super(e),Object.setPrototypeOf(this,M.prototype),this.name=`${new.target.name}.${t}`,this.code=t}}function N(e){B.level=e}function H(){return B.level}!function(e){e[e.Verbose=0]="Verbose",e[e.Info=1]="Info",e[e.Warn=2]="Warn",e[e.Error=3]="Error"}(F||(F={}));const B=new class{constructor(e,t){this.level=void 0,this.defaultLogger={verbose:console.debug,info:console.info,warn:console.warn,error:console.error},this.name=e,this.level=t}error(e){this.log(F.Error,(e=>e.error),e)}warn(e){this.log(F.Warn,(e=>e.warn),e)}info(e){this.log(F.Info,(e=>e.info),e)}verbose(e){this.log(F.Verbose,(e=>e.verbose),e)}log(e,t,n){if(""===n.trim())return;const i=(new Date).toUTCString();let o;o=this.name?`[${i}] : @microsoft/teamsfx - ${this.name} : ${F[e]} - `:`[${i}] : @microsoft/teamsfx : ${F[e]} - `;const a=`${o}${n}`;void 0!==this.level&&this.level<=e&&(this.customLogger?t(this.customLogger)(a):this.customLogFunction?this.customLogFunction(e,a):t(this.defaultLogger)(a))}};function U(e){B.customLogger=e}function q(e){B.customLogFunction=e}function j(t){try{const n=e(t);if(!n||!n.exp)throw new M("Decoded token is null or exp claim does not exists.",P.InternalError);return n}catch(e){const t="Parse jwt token failed in node env with error: "+e.message;throw B.error(t),new M(t,P.InternalError)}}function L(e,...t){const n=t;return e.replace(/{(\d+)}/g,(function(e,t){return void 0!==n[t]?n[t]:e}))}function $(e){if("string"==typeof e||e instanceof String)return;if(Array.isArray(e)&&0===e.length)return;if(Array.isArray(e)&&e.length>0&&e.every((e=>"string"==typeof e)))return;const t="The type of scopes is not valid, it must be string or string array";throw B.error(t),new M(t,P.InvalidParameter)}function z(e){return("string"==typeof e?e.split(" "):e).filter((e=>null!==e&&""!==e))}function K(e){const i=(o=e.authorityHost,a=e.tenantId,o.replace(/\/+$/g,"")+"/"+a);var o,a;const r=function(e){if(!e)return;const t=/(-+BEGIN CERTIFICATE-+)(\n\r?|\r\n?)([A-Za-z0-9+/\n\r]+=*)(\n\r?|\r\n?)(-+END CERTIFICATE-+)/.exec(e);if(!t){const e="The certificate content does not contain a PEM-encoded certificate.";throw B.error(e),new M(e,P.InvalidCertificate)}return{thumbprintSha256:n("sha256").update(Buffer.from(t[3],"base64")).digest("hex").toUpperCase(),privateKey:e}}(e.certificateContent),s={clientId:e.clientId,authority:i};return r?s.clientCertificate=r:s.clientSecret=e.clientSecret,new t({auth:s})}class G{constructor(e){B.info("Create M365 tenant credential");const t=this.loadAndValidateConfig(e);this.msalClient=K(t)}async getToken(e,t){let n;$(e);const i="string"==typeof e?e:e.join(" ");B.info("Get access token with scopes: "+i);try{const t=z(e),i=await this.msalClient.acquireTokenByClientCredential({scopes:t});i&&(n={token:i.accessToken,expiresOnTimestamp:i.expiresOn.getTime()})}catch(e){const t="Get M365 tenant credential failed with error: "+e.message;throw B.error(t),new M(t,P.ServiceError)}if(!n){const e="Get M365 tenant credential access token failed with empty access token";throw B.error(e),new M(e,P.InternalError)}return n}loadAndValidateConfig(e){if(B.verbose("Validate authentication configuration"),e.clientId&&(e.clientSecret||e.certificateContent)&&e.tenantId&&e.authorityHost)return e;const t=[];e.clientId||t.push("clientId"),e.clientSecret||e.certificateContent||t.push("clientSecret or certificateContent"),e.tenantId||t.push("tenantId"),e.authorityHost||t.push("authorityHost");const n=L(D.InvalidConfiguration,t.join(", "),"undefined");throw B.error(n),new M(n,P.InvalidConfiguration)}}class _{constructor(e,t){B.info("Get on behalf of user credential");const n=[];if(t.clientId||n.push("clientId"),t.authorityHost||n.push("authorityHost"),t.clientSecret||t.certificateContent||n.push("clientSecret or certificateContent"),t.tenantId||n.push("tenantId"),0!=n.length){const e=L(D.InvalidConfiguration,n.join(", "),"undefined");throw B.error(e),new M(e,P.InvalidConfiguration)}this.msalClient=K(t);const i=j(e);this.ssoToken={token:e,expiresOnTimestamp:i.exp}}async getToken(e,t){$(e);const n=z(e);let i;if(n.length){let e;B.info("Get access token with scopes: "+n.join(" "));try{e=await this.msalClient.acquireTokenOnBehalfOf({oboAssertion:this.ssoToken.token,scopes:n})}catch(e){throw this.generateAuthServerError(e)}if(!e){const e="Access token is null";throw B.error(e),new M(L(D.FailToAcquireTokenOnBehalfOfUser,e),P.InternalError)}i={token:e.accessToken,expiresOnTimestamp:e.expiresOn.getTime()}}else{if(B.info("Get SSO token."),Math.floor(Date.now()/1e3)>this.ssoToken.expiresOnTimestamp){const e="Sso token has already expired.";throw B.error(e),new M(e,P.TokenExpiredError)}i=this.ssoToken}return i}getUserInfo(){return B.info("Get basic user info from SSO token"),function(e){if(!e){const e="SSO token is undefined.";throw B.error(e),new M(e,P.InvalidParameter)}const t=j(e),n={displayName:t.name,objectId:t.oid,tenantId:t.tid,preferredUserName:""};return"2.0"===t.ver?n.preferredUserName=t.preferred_username:"1.0"===t.ver&&(n.preferredUserName=t.upn),n}(this.ssoToken.token)}generateAuthServerError(e){const t=e.errorMessage;if("InteractionRequiredAuthError"===e.name){const e="Failed to get access token from AAD server, interaction required: "+t;return B.warn(e),new M(e,P.UiRequiredError)}if(t&&t.indexOf("AADSTS50013")>=0){const e="Failed to get access token from AAD server, assertion is invalid because of various reasons: "+t;return B.error(e),new M(e,P.TokenExpiredError)}{const e=L(D.FailToAcquireTokenOnBehalfOfUser,t);return B.error(e),new M(e,P.ServiceError)}}}class Q{constructor(e){throw new M(L(D.NodejsRuntimeNotSupported,"TeamsUserCredential"),P.RuntimeNotSupported)}login(e,t){return Promise.reject(new M(L(D.NodejsRuntimeNotSupported,"TeamsUserCredential"),P.RuntimeNotSupported))}getToken(e,t){return Promise.reject(new M(L(D.NodejsRuntimeNotSupported,"TeamsUserCredential"),P.RuntimeNotSupported))}getUserInfo(e){return Promise.reject(new M(L(D.NodejsRuntimeNotSupported,"TeamsUserCredential"),P.RuntimeNotSupported))}}const V="invokeResponse";class W{constructor(e,t){this.id=e,this.failureDetail=t}}class J extends C{constructor(e,t,n,i){super(n),this.initiateLoginEndpoint=t,this.authConfig=e,this.settings=i,$(this.settings.scopes),function(e){if(e.clientId&&(e.clientSecret||e.certificateContent)&&e.tenantId&&e.authorityHost)return;const t=[];e.clientId||t.push("clientId"),e.clientSecret||e.certificateContent||t.push("clientSecret or certificateContent"),e.tenantId||t.push("tenantId"),e.authorityHost||t.push("authorityHost");const n=L(D.InvalidConfiguration,t.join(", "),"undefined");throw B.error(n),new M(n,P.InvalidConfiguration)}(this.authConfig),B.info("Create a new Teams Bot SSO Prompt")}async beginDialog(e){var t;B.info("Begin Teams Bot SSO Prompt"),this.ensureMsTeamsChannel(e);let n=9e5;if(this.settings.timeout){if("number"!=typeof this.settings.timeout){const e="type of timeout property in teamsBotSsoPromptSettings should be number.";throw B.error(e),new M(e,P.InvalidParameter)}if(this.settings.timeout<=0){const e="value of timeout property in teamsBotSsoPromptSettings should be positive.";throw B.error(e),new M(e,P.InvalidParameter)}n=this.settings.timeout}void 0===this.settings.endOnInvalidMessage&&(this.settings.endOnInvalidMessage=!0);const i=null===(t=e.activeDialog)||void 0===t?void 0:t.state;return i.state={},i.options={},i.expires=(new Date).getTime()+n,await this.sendOAuthCardAsync(e.context),C.EndOfTurn}async continueDialog(e){var t;B.info("Continue Teams Bot SSO Prompt"),this.ensureMsTeamsChannel(e);const n=null===(t=e.activeDialog)||void 0===t?void 0:t.state,o=e.context.activity.type===i.Message;if((o||this.isTeamsVerificationInvoke(e.context)||this.isTokenExchangeRequestInvoke(e.context))&&(new Date).getTime()>n.expires)return B.warn("End Teams Bot SSO Prompt due to timeout"),await e.endDialog(void 0);if(this.isTeamsVerificationInvoke(e.context)||this.isTokenExchangeRequestInvoke(e.context)){const t=await this.recognizeToken(e);if(t.succeeded)return await e.endDialog(t.value)}else if(o&&this.settings.endOnInvalidMessage)return B.warn("End Teams Bot SSO Prompt due to invalid message"),await e.endDialog(void 0);return C.EndOfTurn}ensureMsTeamsChannel(e){if(e.context.activity.channelId!=o.Msteams){const e=L(D.OnlyMSTeamsChannelSupported,"Teams Bot SSO Prompt");throw B.error(e),new M(e,P.ChannelNotSupported)}}async sendOAuthCardAsync(e){B.verbose("Send OAuth card to get SSO token");const t=await a.getMember(e,e.activity.from.id);B.verbose("Get Teams member account user principal name: "+(t.userPrincipalName?t.userPrincipalName:""));const n=t.userPrincipalName?t.userPrincipalName:"",i=this.getSignInResource(n),o=r.oauthCard("","Teams SSO Sign In","Sign In",i.signInLink,i.tokenExchangeResource);o.content.buttons[0].type=s.Signin;const d=c.attachment(o);await e.sendActivity(d)}getSignInResource(e){B.verbose("Get sign in authentication configuration");const t=`${this.initiateLoginEndpoint}?scope=${encodeURI(this.settings.scopes.join(" "))}&clientId=${this.authConfig.clientId}&tenantId=${this.authConfig.tenantId}&loginHint=${e}`;B.verbose("Sign in link: "+t);return{signInLink:t,tokenExchangeResource:{id:k()}}}async recognizeToken(e){const t=e.context;let n;if(this.isTokenExchangeRequestInvoke(t))if(B.verbose("Receive token exchange request"),t.activity.value&&this.isTokenExchangeRequest(t.activity.value)){const e=t.activity.value.token,i=new _(e,this.authConfig);let o;try{if(o=await i.getToken(this.settings.scopes),o){await t.sendActivity(this.getTokenExchangeInvokeResponse(d.OK,"",t.activity.value.id));const i=j(e).exp;n={ssoToken:e,ssoTokenExpiration:new Date(1e3*i).toISOString(),connectionName:"",token:o.token,expiration:o.expiresOnTimestamp.toString()}}}catch(e){const n="The bot is unable to exchange token. Ask for user consent.";B.info(n),await t.sendActivity(this.getTokenExchangeInvokeResponse(d.PRECONDITION_FAILED,n,t.activity.value.id))}}else{const e="The bot received an InvokeActivity that is missing a TokenExchangeInvokeRequest value. This is required to be sent with the InvokeActivity.";B.warn(e),await t.sendActivity(this.getTokenExchangeInvokeResponse(d.BAD_REQUEST,e))}else this.isTeamsVerificationInvoke(t)&&(B.verbose("Receive Teams state verification request"),await this.sendOAuthCardAsync(e.context),await t.sendActivity({type:V,value:{status:d.OK}}));return void 0!==n?{succeeded:!0,value:n}:{succeeded:!1}}getTokenExchangeInvokeResponse(e,t,n){return{type:V,value:{status:e,body:new W(n,t)}}}isTeamsVerificationInvoke(e){const t=e.activity;return t.type===i.Invoke&&t.name===l}isTokenExchangeRequestInvoke(e){const t=e.activity;return t.type===i.Invoke&&t.name===u}isTokenExchangeRequest(e){return e.hasOwnProperty("token")}}function Z(e,t){const n=E.create({baseURL:e});return n.interceptors.request.use((async function(e){return await t.AddAuthenticationInfo(e)})),n}class X{constructor(e){this.getToken=e}async AddAuthenticationInfo(e){const t=await this.getToken();if(e.headers||(e.headers={}),e.headers.Authorization)throw new M(D.AuthorizationHeaderAlreadyExists,P.AuthorizationInfoAlreadyExists);return e.headers.Authorization=`Bearer ${t}`,e}}class Y{constructor(e,t){if(!e)throw new M(L(D.EmptyParameter,"username"),P.InvalidParameter);if(!t)throw new M(L(D.EmptyParameter,"password"),P.InvalidParameter);this.userName=e,this.password=t}AddAuthenticationInfo(e){return e.headers&&e.headers.Authorization?Promise.reject(new M(D.AuthorizationHeaderAlreadyExists,P.AuthorizationInfoAlreadyExists)):e.auth?Promise.reject(new M(D.BasicCredentialAlreadyExists,P.AuthorizationInfoAlreadyExists)):(e.auth={username:this.userName,password:this.password},Promise.resolve(e))}}class ee{constructor(e,t,n){if(!e)throw new M(L(D.EmptyParameter,"keyName"),P.InvalidParameter);if(!t)throw new M(L(D.EmptyParameter,"keyVaule"),P.InvalidParameter);this.keyName=e,this.keyValue=t,this.keyLocation=n}AddAuthenticationInfo(e){switch(this.keyLocation){case te.Header:if(e.headers||(e.headers={}),e.headers[this.keyName])return Promise.reject(new M(L(D.DuplicateApiKeyInHeader,this.keyName),P.AuthorizationInfoAlreadyExists));e.headers[this.keyName]=this.keyValue;break;case te.QueryParams:e.params||(e.params={});let t=!1;if(e.url){t=new URL(e.url,e.baseURL).searchParams.has(this.keyName)}if(e.params[this.keyName]||t)return Promise.reject(new M(L(D.DuplicateApiKeyInQueryParam,this.keyName),P.AuthorizationInfoAlreadyExists));e.params[this.keyName]=this.keyValue}return Promise.resolve(e)}}var te,ne,ie,oe;!function(e){e[e.Header=0]="Header",e[e.QueryParams=1]="QueryParams"}(te||(te={}));class ae{constructor(e){if(!e||0===Object.keys(e).length)throw new M(L(D.EmptyParameter,"certOption"),P.InvalidParameter);this.certOption=e}AddAuthenticationInfo(e){if(e.httpsAgent){const t=new Set(Object.keys(e.httpsAgent.options));for(const e of Object.keys(this.certOption))if(t.has(e))return Promise.reject(new M(L(D.DuplicateHttpsOptionProperty,e),P.InvalidParameter));Object.assign(e.httpsAgent.options,this.certOption)}else e.httpsAgent=new x(this.certOption);return Promise.resolve(e)}}function re(e,t,n){if(0===e.length)throw new M(L(D.EmptyParameter,"cert"),P.InvalidParameter);if(0===t.length)throw new M(L(D.EmptyParameter,"key"),P.InvalidParameter);return{cert:e,key:t,passphrase:null==n?void 0:n.passphrase,ca:null==n?void 0:n.ca}}function se(e,t){if(0===e.length)throw new M(L(D.EmptyParameter,"pfx"),P.InvalidParameter);return{pfx:e,passphrase:null==t?void 0:t.passphrase}}!function(e){e.Channel="Channel",e.Group="Group",e.Person="Person"}(ne||(ne={})),function(e){e[e.ReplaceForInteractor=0]="ReplaceForInteractor",e[e.ReplaceForAll=1]="ReplaceForAll",e[e.NewForAll=2]="NewForAll"}(ie||(ie={})),function(e){e[e.BadRequest=400]="BadRequest",e[e.InternalServerError=500]="InternalServerError"}(oe||(oe={}));let ce="BotSsoExecutionDialog",de="TeamsFxSsoPrompt",le="CommandRouteDialog";class ue extends A{constructor(e,t,n,i,o){super(null!=o?o:ce),this.dedupStorageKeys=[],this.commandMapping=new Map,o&&(ce=o,de=o+de,le=o+le);const a=new J(n,i,de,t);this.addDialog(a),this.initialDialogId=le,this.dedupStorage=e,this.dedupStorageKeys=[];const r=new S(le,[this.commandRouteStep.bind(this)]);this.addDialog(r)}addCommand(e,t){const n=this.getCommandHash(t),i=new S(n,[this.ssoStep.bind(this),this.dedupStep.bind(this),async t=>{const n=t.result.tokenResponse,i=t.context,o=t.result.message;try{if(!n)throw new Error(D.FailedToRetrieveSsoToken);return await e(i,n,o),await t.endDialog()}catch(e){const n=L(D.FailedToProcessSsoHandler,e.message);return B.error(n),await t.endDialog(new M(n,P.FailedToProcessSsoHandler))}}]);this.commandMapping.set(n,t),this.addDialog(i)}getCommandHash(e){const t=(Array.isArray(e)?e:[e]).join();return t.replace(/[^a-zA-Z0-9]/g,"")+n("sha256").update(t).digest("hex").toLowerCase()}async run(e,t){const n=new I(t);n.add(this);const i=await n.createContext(e);this.ensureMsTeamsChannel(i);const o=await i.continueDialog();if(o&&o.status===T.empty)await i.beginDialog(this.id);else if(o&&o.status===T.complete&&o.result instanceof Error)throw o.result}getActivityText(e){let t=e.text;const n=h.removeRecipientMention(e);return n&&(t=n.toLowerCase().replace(/\n|\r\n/g,"").trim()),t}async commandRouteStep(e){const t=e.context,n=this.getActivityText(t.activity),i=this.getMatchesCommandId(n);if(i)return await e.beginDialog(i);const o=L(D.CannotFindCommand,t.activity.text);throw B.error(o),new M(o,P.CannotFindCommand)}async ssoStep(e){try{const t=e.context,n={text:this.getActivityText(t.activity)};return e.options.commandMessage=n,await e.beginDialog(de)}catch(t){const n=L(D.FailedToRunSsoStep,t.message);return B.error(n),await e.endDialog(new M(n,P.FailedToRunSsoStep))}}async dedupStep(e){const t=e.result;if(!t)return B.error(D.FailedToRetrieveSsoToken),await e.endDialog(new M(D.FailedToRetrieveSsoToken,P.FailedToRunSsoStep));try{return t&&await this.shouldDedup(e.context)?C.EndOfTurn:await e.next({tokenResponse:t,message:e.options.commandMessage})}catch(t){const n=L(D.FailedToRunDedupStep,t.message);return B.error(n),await e.endDialog(new M(n,P.FailedToRunDedupStep))}}async onEndDialog(e){const t=e.activity.conversation.id,n=this.dedupStorageKeys.filter((e=>e.indexOf(t)>0));await this.dedupStorage.delete(n),this.dedupStorageKeys=this.dedupStorageKeys.filter((e=>e.indexOf(t)<0))}async shouldDedup(e){const t={eTag:e.activity.value.id},n=this.getStorageKey(e),i={[n]:t};try{await this.dedupStorage.write(i),this.dedupStorageKeys.push(n)}catch(e){if(e instanceof Error&&e.message.indexOf("eTag conflict"))return!0;throw e}return!1}getStorageKey(e){if(!e||!e.activity||!e.activity.conversation)throw new Error("Invalid context, can not get storage key!");const t=e.activity,n=t.channelId,o=t.conversation.id;if(t.type!==i.Invoke||t.name!==u)throw new Error("TokenExchangeState can only be used with Invokes of signin/tokenExchange.");const a=t.value;if(!a||!a.id)throw new Error("Invalid signin/tokenExchange. Missing activity.value.id.");return`${n}/${o}/${a.id}`}matchPattern(e,t){if(t){if("string"==typeof e){return new RegExp(e,"i").test(t)}if(e instanceof RegExp){const n=t.match(e);return null!=n&&n}}return!1}isPatternMatched(e,t){const n=Array.isArray(e)?e:[e];for(const e of n){return!!this.matchPattern(e,t)}return!1}getMatchesCommandId(e){for(const t of this.commandMapping){const n=t[1];if(this.isPatternMatched(n,e))return t[0]}}ensureMsTeamsChannel(e){if(e.context.activity.channelId!=o.Msteams){const e=L(D.OnlyMSTeamsChannelSupported,"SSO execution dialog");throw B.error(e),new M(e,P.ChannelNotSupported)}}}class he{static attachAdaptiveCard(e,t){const n={$root:t};return{attachments:[r.adaptiveCard(new R.Template(e).expand(n))]}}static attachAdaptiveCardWithoutData(e){return{attachments:[r.adaptiveCard(e)]}}static attachHeroCard(e,t,n,i){return he.attachContent(r.heroCard(e,t,n,i))}static attachSigninCard(e,t,n){return he.attachContent(r.signinCard(e,t,n))}static attachO365ConnectorCard(e){return he.attachContent(r.o365ConnectorCard(e))}static AttachReceiptCard(e){return he.attachContent(r.receiptCard(e))}static attachThumbnailCard(e,t,n,i){return he.attachContent(r.thumbnailCard(e,t,n,i))}static attachContent(e){return{attachments:[e]}}}var pe,ve,me;!function(e){e.AdaptiveCard="application/vnd.microsoft.card.adaptive",e.Message="application/vnd.microsoft.activity.message",e.Error="application/vnd.microsoft.error"}(pe||(pe={}));class fe{static textMessage(e){if(!e)throw new Error("The text message cannot be null or empty");return{status:d.OK,body:{statusCode:d.OK,type:pe.Message,value:e}}}static adaptiveCard(e){if(!e)throw new Error("The adaptive card content cannot be null or undefined");return{status:d.OK,body:{statusCode:d.OK,type:pe.AdaptiveCard,value:e}}}static errorResponse(e,t){return{status:d.OK,body:{statusCode:e,type:pe.Error,value:{code:e.toString(),message:t}}}}static createInvokeResponse(e,t){return{status:e,body:t}}}async function ye(e,t,n,o,a){const r=e.activity.value;if(!r.authentication||!r.authentication.token)return B.verbose("No AccessToken in request, return silentAuth for AccessToken"),function(e,t,n){const i=z(n);return{composeExtension:{type:"silentAuth",suggestedActions:{actions:[{type:"openUrl",value:`${t}?scope=${encodeURI(i.join(" "))}&clientId=${e.clientId}&tenantId=${e.tenantId}`,title:"Message Extension OAuth"}]}}}}(t,n,o);try{const e=new _(r.authentication.token,t),n=await e.getToken(o),i=j(r.authentication.token).exp,s={ssoToken:r.authentication.token,ssoTokenExpiration:new Date(1e3*i).toISOString(),token:n.token,expiration:n.expiresOnTimestamp.toString(),connectionName:""};if(a)return await a(s)}catch(a){if(a instanceof M&&a.code===P.UiRequiredError&&"composeExtension/query"===e.activity.name){B.verbose("User not consent yet, return 412 to user consent first.");const t={status:412};return void await e.sendActivity({value:t,type:i.InvokeResponse})}if(a instanceof M&&a.code===P.UiRequiredError&&"composeExtension/queryLink"===e.activity.name){B.verbose("User not consent yet, return auth card for user login");const a=function(e,t,n){const i=z(n);return{composeExtension:{type:"auth",suggestedActions:{actions:[{type:"openUrl",value:`${t}?scope=${encodeURI(i.join(" "))}&clientId=${e.clientId}&tenantId=${e.tenantId}`,title:"Message Extension OAuth"}]}}}}(t,n,o);return void await e.sendActivity({value:{status:200,body:a},type:i.InvokeResponse})}throw a}}async function ge(e,t,n,i,o){if("composeExtension/query"!=e.activity.name)throw B.error(D.OnlySupportInQueryActivity),new M(L(D.OnlySupportInQueryActivity),P.FailedOperation);return await ye(e,null!=t?t:{},n,i,o)}async function we(e,t,n,i,o){if("composeExtension/queryLink"!=e.activity.name)throw B.error(D.OnlySupportInLinkQueryActivity),new M(L(D.OnlySupportInLinkQueryActivity),P.FailedOperation);return await ye(e,null!=t?t:{},n,i,o)}class Ce{constructor(e){this.actionHandlers=[],this.defaultMessage="Your response was sent to the app",e&&e.length>0&&this.actionHandlers.push(...e)}async onTurn(e,t){var n,i,o;if("adaptiveCard/action"===e.activity.name){const t=e.activity.value.action,a=t.verb;for(const s of this.actionHandlers)if((null===(n=s.triggerVerb)||void 0===n?void 0:n.toLowerCase())===(null==a?void 0:a.toLowerCase())){let n;try{n=await s.handleActionInvoked(e,t.data)}catch(t){const n=fe.errorResponse(oe.InternalServerError,t.message);throw await this.sendInvokeResponse(e,n),t}switch(null===(i=n.body)||void 0===i?void 0:i.type){case pe.AdaptiveCard:const t=null===(o=n.body)||void 0===o?void 0:o.value;if(!t){const t="Adaptive card content cannot be found in the response body";throw await this.sendInvokeResponse(e,fe.errorResponse(oe.InternalServerError,t)),new Error(t)}t.refresh&&s.adaptiveCardResponse!==ie.NewForAll&&(s.adaptiveCardResponse=ie.ReplaceForAll);const i=c.attachment(r.adaptiveCard(t));s.adaptiveCardResponse===ie.NewForAll?(await this.sendInvokeResponse(e,fe.textMessage(this.defaultMessage)),await e.sendActivity(i)):s.adaptiveCardResponse===ie.ReplaceForAll?(i.id=e.activity.replyToId,await e.updateActivity(i),await this.sendInvokeResponse(e,n)):await this.sendInvokeResponse(e,n);break;case pe.Message:case pe.Error:default:await this.sendInvokeResponse(e,n)}break}}await t()}async sendInvokeResponse(e,t){await e.sendActivity({type:i.InvokeResponse,value:t})}}class Ae{constructor(e,t){this.middleware=new Ce(null==t?void 0:t.actions),this.adapter=e.use(this.middleware)}registerHandler(e){e&&this.middleware.actionHandlers.push(e)}registerHandlers(e){e&&this.middleware.actionHandlers.push(...e)}}class Se{constructor(e,t,n){if(this.commandHandlers=[],this.ssoCommandHandlers=[],e=null!=e?e:[],t=null!=t?t:[],this.hasSsoCommand=t.length>0,this.ssoActivityHandler=n,this.hasSsoCommand&&!this.ssoActivityHandler)throw B.error(D.SsoActivityHandlerIsNull),new M(D.SsoActivityHandlerIsNull,P.SsoActivityHandlerIsUndefined);this.commandHandlers.push(...e);for(const e of t)this.addSsoCommand(e)}addSsoCommand(e){var t;null===(t=this.ssoActivityHandler)||void 0===t||t.addCommand((async(t,n,i)=>{const o=this.shouldTrigger(e.triggerPatterns,i.text);i.matches=Array.isArray(o)?o:void 0;const a=await e.handleCommandReceived(t,i,n);await this.processResponse(t,a)}),e.triggerPatterns),this.ssoCommandHandlers.push(e),this.hasSsoCommand=!0}async onTurn(e,t){var n,o;if(e.activity.type===i.Message){const t=this.getActivityText(e.activity);let i=!1;for(const n of this.commandHandlers){const o=this.shouldTrigger(n.triggerPatterns,t);if(o){const a={text:t};a.matches=Array.isArray(o)?o:void 0;const r=await n.handleCommandReceived(e,a);await this.processResponse(e,r),i=!0;break}}if(!i)for(const i of this.ssoCommandHandlers){if(this.shouldTrigger(i.triggerPatterns,t)){await(null===(n=this.ssoActivityHandler)||void 0===n?void 0:n.run(e));break}}}else this.hasSsoCommand&&await(null===(o=this.ssoActivityHandler)||void 0===o?void 0:o.run(e));await t()}async processResponse(e,t){if("string"==typeof t)await e.sendActivity(t);else{const n=t;n&&await e.sendActivity(n)}}matchPattern(e,t){if(t){if("string"==typeof e){return new RegExp(e,"i").test(t)}if(e instanceof RegExp){const n=t.match(e);return null!=n&&n}}return!1}shouldTrigger(e,t){const n=Array.isArray(e)?e:[e];for(const e of n){const n=this.matchPattern(e,t);if(n)return n}return!1}getActivityText(e){let t=e.text;const n=h.removeRecipientMention(e);return n&&(t=n.toLowerCase().replace(/\n|\r\n/g,"").trim()),t}}class Ie{constructor(e,t,n,i){this.ssoConfig=i,this.middleware=new Se(null==t?void 0:t.commands,null==t?void 0:t.ssoCommands,n),this.adapter=e.use(this.middleware)}registerCommand(e){e&&this.middleware.commandHandlers.push(e)}registerCommands(e){e&&this.middleware.commandHandlers.push(...e)}registerSsoCommand(e){this.validateSsoActivityHandler(),this.middleware.addSsoCommand(e)}registerSsoCommands(e){if(e.length>0){this.validateSsoActivityHandler();for(const t of e)this.middleware.addSsoCommand(t)}}validateSsoActivityHandler(){if(!this.middleware.ssoActivityHandler)throw B.error(D.SsoActivityHandlerIsNull),new M(D.SsoActivityHandlerIsNull,P.SsoActivityHandlerIsUndefined)}}function Te(e){return JSON.parse(JSON.stringify(e))}function ke(e){var t,n;return`_${null===(t=e.conversation)||void 0===t?void 0:t.tenantId}_${null===(n=e.conversation)||void 0===n?void 0:n.id}`}function Ee(e){var t,n,i;const o=null===(i=null===(n=null===(t=e.activity)||void 0===t?void 0:t.channelData)||void 0===n?void 0:n.team)||void 0===i?void 0:i.id;return o||(void 0===e.activity.conversation.name?e.activity.conversation.id:void 0)}!function(e){e[e.CurrentBotInstalled=0]="CurrentBotInstalled",e[e.CurrentBotMessaged=1]="CurrentBotMessaged",e[e.CurrentBotUninstalled=2]="CurrentBotUninstalled",e[e.TeamDeleted=3]="TeamDeleted",e[e.TeamRestored=4]="TeamRestored",e[e.Unknown=5]="Unknown"}(ve||(ve={}));class xe{constructor(e){this.conversationReferenceStore=e.conversationReferenceStore}async onTurn(e,t){switch(this.classifyActivity(e.activity)){case ve.CurrentBotInstalled:case ve.TeamRestored:{const t=h.getConversationReference(e.activity);await this.conversationReferenceStore.add(ke(t),t,{overwrite:!0});break}case ve.CurrentBotMessaged:await this.tryAddMessagedReference(e);break;case ve.CurrentBotUninstalled:case ve.TeamDeleted:{const t=h.getConversationReference(e.activity);await this.conversationReferenceStore.remove(ke(t),t);break}}await t()}classifyActivity(e){var t,n;const i=e.type;if("installationUpdate"===i){const n=null===(t=e.action)||void 0===t?void 0:t.toLowerCase();return"add"===n||"add-upgrade"===n?ve.CurrentBotInstalled:ve.CurrentBotUninstalled}if("conversationUpdate"===i){const t=null===(n=e.channelData)||void 0===n?void 0:n.eventType;if("teamDeleted"===t)return ve.TeamDeleted;if("teamRestored"===t)return ve.TeamRestored}else if("message"===i)return ve.CurrentBotMessaged;return ve.Unknown}async tryAddMessagedReference(e){var t,n,i,o,a,r;const s=h.getConversationReference(e.activity),c=null===(t=null==s?void 0:s.conversation)||void 0===t?void 0:t.conversationType;if("personal"===c||"groupChat"===c)await this.conversationReferenceStore.add(ke(s),s,{overwrite:!1});else if("channel"===c){const t=null===(o=null===(i=null===(n=e.activity)||void 0===n?void 0:n.channelData)||void 0===i?void 0:i.team)||void 0===o?void 0:o.id,c=null===(r=null===(a=e.activity.channelData)||void 0===a?void 0:a.channel)||void 0===r?void 0:r.id;if(void 0!==t&&(void 0===c||t===c)){const e=Te(s);e.conversation.id=t,await this.conversationReferenceStore.add(ke(e),e,{overwrite:!1})}}}}class Re{constructor(e){var t;this.localFileName=null!==(t=process.env.TEAMSFX_NOTIFICATION_STORE_FILENAME)&&void 0!==t?t:".notification.localstore.json",this.filePath=b.resolve(e,this.localFileName)}async add(e,t,n){if(n.overwrite||!await this.storeFileExists()){if(await this.storeFileExists()){const n=await this.readFromFile();await this.writeToFile(Object.assign(n,{[e]:t}))}else await this.writeToFile({[e]:t});return!0}return!1}async remove(e,t){if(!await this.storeFileExists())return!1;if(await this.storeFileExists()){const t=await this.readFromFile();void 0!==t[e]&&(delete t[e],await this.writeToFile(t))}return!0}async list(e,t){if(!await this.storeFileExists())return{data:[],continuationToken:""};const n=await this.readFromFile();return{data:Object.entries(n).map((e=>e[1])),continuationToken:""}}storeFileExists(){return new Promise((e=>{try{O.access(this.filePath,(t=>{e(!t)}))}catch(t){e(!1)}}))}readFromFile(){return new Promise(((e,t)=>{try{O.readFile(this.filePath,{encoding:"utf-8"},((n,i)=>{n?t(n):e(JSON.parse(i))}))}catch(e){t(e)}}))}async writeToFile(e){return new Promise(((t,n)=>{try{const i=JSON.stringify(e,void 0,2);O.writeFile(this.filePath,i,{encoding:"utf-8"},(e=>{e?n(e):t()}))}catch(e){n(e)}}))}}class be{constructor(e,t){this.type=ne.Channel,this.parent=e,this.info=t}async sendMessage(e,t){const n={};return await this.parent.adapter.continueConversationAsync(this.parent.botAppId,this.parent.conversationReference,(async i=>{const o=await this.newConversation(i);await this.parent.adapter.continueConversationAsync(this.parent.botAppId,o,(async i=>{try{const t=await i.sendActivity(e);n.id=null==t?void 0:t.id}catch(e){if(!t)throw e;await t(i,e)}}))})),n}async sendAdaptiveCard(e,t){const n={};return await this.parent.adapter.continueConversationAsync(this.parent.botAppId,this.parent.conversationReference,(async i=>{const o=await this.newConversation(i);await this.parent.adapter.continueConversationAsync(this.parent.botAppId,o,(async i=>{try{const t=await i.sendActivity({attachments:[r.adaptiveCard(e)]});n.id=null==t?void 0:t.id}catch(e){if(!t)throw e;await t(i,e)}}))})),n}newConversation(e){const t=Te(h.getConversationReference(e.activity));return t.conversation.id=this.info.id||"",Promise.resolve(t)}}class Oe{constructor(e,t){this.type=ne.Person,this.parent=e,this.account=t}async sendMessage(e,t){const n={};return await this.parent.adapter.continueConversationAsync(this.parent.botAppId,this.parent.conversationReference,(async i=>{const o=await this.newConversation(i);await this.parent.adapter.continueConversationAsync(this.parent.botAppId,o,(async i=>{try{const t=await i.sendActivity(e);n.id=null==t?void 0:t.id}catch(e){if(!t)throw e;await t(i,e)}}))})),n}async sendAdaptiveCard(e,t){const n={};return await this.parent.adapter.continueConversationAsync(this.parent.botAppId,this.parent.conversationReference,(async i=>{const o=await this.newConversation(i);await this.parent.adapter.continueConversationAsync(this.parent.botAppId,o,(async i=>{try{const t=await i.sendActivity({attachments:[r.adaptiveCard(e)]});n.id=null==t?void 0:t.id}catch(e){if(!t)throw e;await t(i,e)}}))})),n}async newConversation(e){const t=Te(h.getConversationReference(e.activity)),n=e.turnState.get(this.parent.adapter.ConnectorClientKey),i=await n.conversations.createConversation({isGroup:!1,tenantId:e.activity.conversation.tenantId,bot:e.activity.recipient,members:[this.account],channelData:{}});return t.conversation.id=i.id,t}}class Pe{constructor(e,t,n){this.adapter=e,this.conversationReference=t,this.type=function(e){var t;const n=null===(t=e.conversation)||void 0===t?void 0:t.conversationType;return"personal"===n?ne.Person:"groupChat"===n?ne.Group:"channel"===n?ne.Channel:void 0}(t),this.botAppId=n}async sendMessage(e,t){const n={};return await this.adapter.continueConversationAsync(this.botAppId,this.conversationReference,(async i=>{try{const t=await i.sendActivity(e);n.id=null==t?void 0:t.id}catch(e){if(!t)throw e;await t(i,e)}})),n}async sendAdaptiveCard(e,t){const n={};return await this.adapter.continueConversationAsync(this.botAppId,this.conversationReference,(async i=>{try{const t=await i.sendActivity({attachments:[r.adaptiveCard(e)]});n.id=null==t?void 0:t.id}catch(e){if(!t)throw e;await t(i,e)}})),n}async channels(){const e=[];if(this.type!==ne.Channel)return e;let t=[];await this.adapter.continueConversationAsync(this.botAppId,this.conversationReference,(async e=>{const n=Ee(e);void 0!==n&&(t=await a.getTeamChannels(e,n))}));for(const n of t)e.push(new be(this,n));return e}async getPagedMembers(e,t){let n={data:[],continuationToken:""};return await this.adapter.continueConversationAsync(this.botAppId,this.conversationReference,(async i=>{const o=await a.getPagedMembers(i,e,t);n={data:o.members.map((e=>new Oe(this,e))),continuationToken:o.continuationToken}})),n}async getTeamDetails(){if(this.type!==ne.Channel)return;let e;return await this.adapter.continueConversationAsync(this.botAppId,this.conversationReference,(async t=>{const n=Ee(t);void 0!==n&&(e=await a.getTeamDetails(t,n))})),e}}class Fe{constructor(e,t){var n,i;(null==t?void 0:t.store)?this.conversationReferenceStore=t.store:this.conversationReferenceStore=new Re(b.resolve("1"===process.env.RUNNING_ON_AZURE&&null!==(n=process.env.TEMP)&&void 0!==n?n:"./")),this.adapter=e.use(new xe({conversationReferenceStore:this.conversationReferenceStore})),this.botAppId=null!==(i=null==t?void 0:t.botAppId)&&void 0!==i?i:process.env.BOT_ID}buildTeamsBotInstallation(e){if(!e)throw new Error("conversationReference is required.");return new Pe(this.adapter,e,this.botAppId)}async validateInstallation(e){let t=!0;return await this.adapter.continueConversationAsync(this.botAppId,e,(async e=>{try{await a.getPagedMembers(e,1)}catch(e){"BotNotInConversationRoster"===e.code&&(t=!1)}})),t}async getPagedInstallations(e,t,n=!0){if(void 0===this.conversationReferenceStore||void 0===this.adapter)throw new Error("NotificationBot has not been initialized.");const i=await this.conversationReferenceStore.list(e,t),o=[];for(const e of i.data){let t;n&&(t=await this.validateInstallation(e)),!n||n&&t?o.push(new Pe(this.adapter,e,this.botAppId)):await this.conversationReferenceStore.remove(ke(e),e)}return{data:o,continuationToken:i.continuationToken}}async findMember(e,t){for(const n of await this.installations())if(this.matchSearchScope(n,t)){const t=[];let i;do{const e=await n.getPagedMembers(void 0,i);i=e.continuationToken,t.push(...e.data)}while(i);for(const n of t)if(await e(n))return n}}async findChannel(e){for(const t of await this.installations())if(t.type===ne.Channel){const n=await t.getTeamDetails();for(const i of await t.channels())if(await e(i,n))return i}}async findAllMembers(e,t){const n=[];for(const i of await this.installations())if(this.matchSearchScope(i,t)){const t=[];let o;do{const e=await i.getPagedMembers(void 0,o);o=e.continuationToken,t.push(...e.data)}while(o);for(const i of t)await e(i)&&n.push(i)}return n}async findAllChannels(e){const t=[];for(const n of await this.installations())if(n.type===ne.Channel){const i=await n.getTeamDetails();for(const o of await n.channels())await e(o,i)&&t.push(o)}return t}matchSearchScope(e,t){return t=null!=t?t:me.All,e.type===ne.Channel&&0!=(t&me.Channel)||e.type===ne.Group&&0!=(t&me.Group)||e.type===ne.Person&&0!=(t&me.Person)}async installations(){let e;const t=[];do{const n=await this.getPagedInstallations(void 0,e);e=n.continuationToken,t.push(...n.data)}while(e);return t}}!function(e){e[e.Person=1]="Person",e[e.Group=2]="Group",e[e.Channel=4]="Channel",e[e.All=7]="All"}(me||(me={}));class De extends p{constructor(e){var t,n,i,o,a,r,s,c,d,l;super();const u=new v,h=null!==(n=null===(t=e.dialog)||void 0===t?void 0:t.userState)&&void 0!==n?n:new m(u),p=null!==(o=null===(i=e.dialog)||void 0===i?void 0:i.conversationState)&&void 0!==o?o:new f(u),y=null!==(r=null===(a=e.dialog)||void 0===a?void 0:a.dedupStorage)&&void 0!==r?r:u,g=e.aad,{scopes:w}=g,C=
-/*! *****************************************************************************
-Copyright (c) Microsoft Corporation.
-
-Permission to use, copy, modify, and/or distribute this software for any
-purpose with or without fee is hereby granted.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
-REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
-INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
-OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-PERFORMANCE OF THIS SOFTWARE.
-***************************************************************************** */
-function(e,t){var n={};for(var i in e)Object.prototype.hasOwnProperty.call(e,i)&&t.indexOf(i)<0&&(n[i]=e[i]);if(null!=e&&"function"==typeof Object.getOwnPropertySymbols){var o=0;for(i=Object.getOwnPropertySymbols(e);o<i.length;o++)t.indexOf(i[o])<0&&Object.prototype.propertyIsEnumerable.call(e,i[o])&&(n[i[o]]=e[i[o]])}return n}(g,["scopes"]),A={scopes:w,timeout:null===(c=null===(s=e.dialog)||void 0===s?void 0:s.ssoPromptConfig)||void 0===c?void 0:c.timeout,endOnInvalidMessage:null===(l=null===(d=e.dialog)||void 0===d?void 0:d.ssoPromptConfig)||void 0===l?void 0:l.endOnInvalidMessage};this.ssoExecutionDialog=new ue(y,A,C,C.initiateLoginEndpoint),this.conversationState=p,this.dialogState=p.createProperty("DialogState"),this.userState=h,this.onMessage((async(e,t)=>{await this.ssoExecutionDialog.run(e,this.dialogState),await t()}))}addCommand(e,t){this.ssoExecutionDialog.addCommand(e,t)}async run(e){try{await super.run(e)}finally{await this.conversationState.saveChanges(e,!1),await this.userState.saveChanges(e,!1)}}async handleTeamsSigninVerifyState(e,t){await this.ssoExecutionDialog.run(e,this.dialogState)}async handleTeamsSigninTokenExchange(e,t){await this.ssoExecutionDialog.run(e,this.dialogState)}}var Me=Object.freeze({__proto__:null,BotSsoExecutionDialog:ue,CardActionBot:Ae,Channel:be,CommandBot:Ie,ConversationBot:class{constructor(e){var t,n,i,o;let a;e.adapter?this.adapter=e.adapter:this.adapter=this.createDefaultAdapter(e.adapterConfig),(null==e?void 0:e.ssoConfig)&&(a=(null===(t=e.ssoConfig.dialog)||void 0===t?void 0:t.CustomBotSsoExecutionActivityHandler)?new e.ssoConfig.dialog.CustomBotSsoExecutionActivityHandler(e.ssoConfig):new De(e.ssoConfig)),(null===(n=e.command)||void 0===n?void 0:n.enabled)&&(this.command=new Ie(this.adapter,e.command,a,e.ssoConfig)),(null===(i=e.notification)||void 0===i?void 0:i.enabled)&&(this.notification=new Fe(this.adapter,e.notification)),(null===(o=e.cardAction)||void 0===o?void 0:o.enabled)&&(this.cardAction=new Ae(this.adapter,e.cardAction))}createDefaultAdapter(e){const t=new y(void 0===e?{MicrosoftAppId:process.env.BOT_ID,MicrosoftAppPassword:process.env.BOT_PASSWORD,MicrosoftAppType:"MultiTenant"}:e),n=new g({},t),i=new w(n);return i.onTurnError=async(e,t)=>{console.error("[onTurnError] unhandled error",t),"message"===e.activity.type&&(await e.sendTraceActivity("OnTurnError Trace",t instanceof Error?t.message:t,"https://www.botframework.com/schemas/error","TurnError"),await e.sendActivity(`The bot encountered unhandled error: ${t.message}`),await e.sendActivity("To continue to run this bot, please fix the bot source code."))},i}async requestHandler(e,t,n){void 0===n&&(n=async()=>{}),await this.adapter.process(e,t,n)}},Member:Oe,NotificationBot:Fe,get SearchScope(){return me},TeamsBotInstallation:Pe,sendAdaptiveCard:function(e,t,n){return e.sendAdaptiveCard(t,n)},sendMessage:function(e,t,n){return e.sendMessage(t,n)}});export{ie as AdaptiveCardResponse,te as ApiKeyLocation,ee as ApiKeyProvider,G as AppCredential,Y as BasicAuthProvider,X as BearerTokenAuthProvider,Me as BotBuilderCloudAdapter,ue as BotSsoExecutionDialog,ae as CertificateAuthProvider,P as ErrorCode,M as ErrorWithCode,oe as InvokeResponseErrorCode,fe as InvokeResponseFactory,F as LogLevel,he as MessageBuilder,ne as NotificationTargetType,_ as OnBehalfOfUserCredential,J as TeamsBotSsoPrompt,Q as TeamsUserCredential,Z as createApiClient,re as createPemCertOption,se as createPfxCertOption,H as getLogLevel,we as handleMessageExtensionLinkQueryWithSSO,ge as handleMessageExtensionQueryWithSSO,q as setLogFunction,N as setLogLevel,U as setLogger};
+import { jwtDecode } from 'jwt-decode';
+import { ConfidentialClientApplication } from '@azure/msal-node';
+import { createHash } from 'crypto';
+import { ActivityTypes, Channels, TeamsInfo, CardFactory, ActionTypes, MessageFactory, StatusCodes, verifyStateOperationName, tokenExchangeOperationName, TurnContext, TeamsActivityHandler, MemoryStorage, UserState, ConversationState, ConfigurationServiceClientCredentialFactory, ConfigurationBotFrameworkAuthentication, CloudAdapter } from 'botbuilder';
+import { Dialog, ComponentDialog, WaterfallDialog, DialogSet, DialogTurnStatus } from 'botbuilder-dialogs';
+import { v4 } from 'uuid';
+import axios from 'axios';
+import { Agent } from 'https';
+import * as ACData from 'adaptivecards-templating';
+import * as path from 'path';
+import * as fs from 'fs';
+
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT license.
+/**
+ * Error code to trace the error types.
+ */
+var ErrorCode;
+(function (ErrorCode) {
+    /**
+     * Invalid parameter error.
+     */
+    ErrorCode["InvalidParameter"] = "InvalidParameter";
+    /**
+     * Invalid configuration error.
+     */
+    ErrorCode["InvalidConfiguration"] = "InvalidConfiguration";
+    /**
+     * Invalid certificate error.
+     */
+    ErrorCode["InvalidCertificate"] = "InvalidCertificate";
+    /**
+     * Internal error.
+     */
+    ErrorCode["InternalError"] = "InternalError";
+    /**
+     * Channel is not supported error.
+     */
+    ErrorCode["ChannelNotSupported"] = "ChannelNotSupported";
+    /**
+     * Failed to retrieve sso token
+     */
+    ErrorCode["FailedToRetrieveSsoToken"] = "FailedToRetrieveSsoToken";
+    /**
+     * Failed to process sso handler
+     */
+    ErrorCode["FailedToProcessSsoHandler"] = "FailedToProcessSsoHandler";
+    /**
+     * Cannot find command
+     */
+    ErrorCode["CannotFindCommand"] = "CannotFindCommand";
+    /**
+     * Failed to run sso step
+     */
+    ErrorCode["FailedToRunSsoStep"] = "FailedToRunSsoStep";
+    /**
+     * Failed to run dedup step
+     */
+    ErrorCode["FailedToRunDedupStep"] = "FailedToRunDedupStep";
+    /**
+     * Sso activity handler is undefined
+     */
+    ErrorCode["SsoActivityHandlerIsUndefined"] = "SsoActivityHandlerIsUndefined";
+    /**
+     * Runtime is not supported error.
+     */
+    ErrorCode["RuntimeNotSupported"] = "RuntimeNotSupported";
+    /**
+     * User failed to finish the AAD consent flow failed.
+     */
+    ErrorCode["ConsentFailed"] = "ConsentFailed";
+    /**
+     * The user or administrator has not consented to use the application error.
+     */
+    ErrorCode["UiRequiredError"] = "UiRequiredError";
+    /**
+     * Token is not within its valid time range error.
+     */
+    ErrorCode["TokenExpiredError"] = "TokenExpiredError";
+    /**
+     * Call service (AAD or simple authentication server) failed.
+     */
+    ErrorCode["ServiceError"] = "ServiceError";
+    /**
+     * Operation failed.
+     */
+    ErrorCode["FailedOperation"] = "FailedOperation";
+    /**
+     * Invalid response error.
+     */
+    ErrorCode["InvalidResponse"] = "InvalidResponse";
+    /**
+     * Authentication info already exists error.
+     */
+    ErrorCode["AuthorizationInfoAlreadyExists"] = "AuthorizationInfoAlreadyExists";
+})(ErrorCode || (ErrorCode = {}));
+/**
+ * @internal
+ */
+class ErrorMessage {
+}
+// InvalidConfiguration Error
+ErrorMessage.InvalidConfiguration = "{0} in configuration is invalid: {1}.";
+ErrorMessage.ConfigurationNotExists = "Configuration does not exist. {0}";
+ErrorMessage.ResourceConfigurationNotExists = "{0} resource configuration does not exist.";
+ErrorMessage.MissingResourceConfiguration = "Missing resource configuration with type: {0}, name: {1}.";
+ErrorMessage.AuthenticationConfigurationNotExists = "Authentication configuration does not exist.";
+// RuntimeNotSupported Error
+ErrorMessage.BrowserRuntimeNotSupported = "{0} is not supported in browser.";
+ErrorMessage.NodejsRuntimeNotSupported = "{0} is not supported in Node.";
+// Internal Error
+ErrorMessage.FailToAcquireTokenOnBehalfOfUser = "Failed to acquire access token on behalf of user: {0}";
+// ChannelNotSupported Error
+ErrorMessage.OnlyMSTeamsChannelSupported = "{0} is only supported in MS Teams Channel";
+ErrorMessage.FailedToProcessSsoHandler = "Failed to process sso handler: {0}";
+// FailedToRetrieveSsoToken Error
+ErrorMessage.FailedToRetrieveSsoToken = "Failed to retrieve sso token, user failed to finish the AAD consent flow.";
+// CannotFindCommand Error
+ErrorMessage.CannotFindCommand = "Cannot find command: {0}";
+ErrorMessage.FailedToRunSsoStep = "Failed to run dialog to retrieve sso token: {0}";
+ErrorMessage.FailedToRunDedupStep = "Failed to run dialog to remove duplicated messages: {0}";
+// SsoActivityHandlerIsUndefined Error
+ErrorMessage.SsoActivityHandlerIsNull = "Sso command can only be used or added when sso activity handler is not undefined";
+// AuthorizationInfoError
+ErrorMessage.AuthorizationHeaderAlreadyExists = "Authorization header already exists!";
+ErrorMessage.BasicCredentialAlreadyExists = "Basic credential already exists!";
+// InvalidParameter Error
+ErrorMessage.EmptyParameter = "Parameter {0} is empty";
+ErrorMessage.DuplicateHttpsOptionProperty = "Axios HTTPS agent already defined value for property {0}";
+ErrorMessage.DuplicateApiKeyInHeader = "The request already defined api key in request header with name {0}.";
+ErrorMessage.DuplicateApiKeyInQueryParam = "The request already defined api key in query parameter with name {0}.";
+ErrorMessage.OnlySupportInQueryActivity = "The handleMessageExtensionQueryWithToken only support in handleTeamsMessagingExtensionQuery with composeExtension/query type.";
+ErrorMessage.OnlySupportInLinkQueryActivity = "The handleMessageExtensionLinkQueryWithSSO only support in handleTeamsAppBasedLinkQuery with composeExtension/queryLink type.";
+/**
+ * Error class with code and message thrown by the SDK.
+ */
+class ErrorWithCode extends Error {
+    /**
+     * Constructor of ErrorWithCode.
+     *
+     * @param {string} message - error message.
+     * @param {ErrorCode} code - error code.
+     */
+    constructor(message, code) {
+        if (!code) {
+            super(message);
+            return this;
+        }
+        super(message);
+        Object.setPrototypeOf(this, ErrorWithCode.prototype);
+        this.name = `${new.target.name}.${code}`;
+        this.code = code;
+    }
+}
+
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT license.
+/**
+ * Log level.
+ */
+var LogLevel;
+(function (LogLevel) {
+    /**
+     * Show verbose, information, warning and error message.
+     */
+    LogLevel[LogLevel["Verbose"] = 0] = "Verbose";
+    /**
+     * Show information, warning and error message.
+     */
+    LogLevel[LogLevel["Info"] = 1] = "Info";
+    /**
+     * Show warning and error message.
+     */
+    LogLevel[LogLevel["Warn"] = 2] = "Warn";
+    /**
+     * Show error message.
+     */
+    LogLevel[LogLevel["Error"] = 3] = "Error";
+})(LogLevel || (LogLevel = {}));
+/**
+ * Update log level helper.
+ *
+ * @param { LogLevel } level - log level in configuration
+ */
+function setLogLevel(level) {
+    internalLogger.level = level;
+}
+/**
+ * Get log level.
+ *
+ * @returns Log level
+ */
+function getLogLevel() {
+    return internalLogger.level;
+}
+class InternalLogger {
+    constructor(name, logLevel) {
+        this.level = undefined;
+        this.defaultLogger = {
+            verbose: console.debug,
+            info: console.info,
+            warn: console.warn,
+            error: console.error,
+        };
+        this.name = name;
+        this.level = logLevel;
+    }
+    error(message) {
+        this.log(LogLevel.Error, (x) => x.error, message);
+    }
+    warn(message) {
+        this.log(LogLevel.Warn, (x) => x.warn, message);
+    }
+    info(message) {
+        this.log(LogLevel.Info, (x) => x.info, message);
+    }
+    verbose(message) {
+        this.log(LogLevel.Verbose, (x) => x.verbose, message);
+    }
+    log(logLevel, logFunction, message) {
+        if (message.trim() === "") {
+            return;
+        }
+        const timestamp = new Date().toUTCString();
+        let logHeader;
+        if (this.name) {
+            logHeader = `[${timestamp}] : @microsoft/teamsfx - ${this.name} : ${LogLevel[logLevel]} - `;
+        }
+        else {
+            logHeader = `[${timestamp}] : @microsoft/teamsfx : ${LogLevel[logLevel]} - `;
+        }
+        const logMessage = `${logHeader}${message}`;
+        if (this.level !== undefined && this.level <= logLevel) {
+            if (this.customLogger) {
+                logFunction(this.customLogger)(logMessage);
+            }
+            else if (this.customLogFunction) {
+                this.customLogFunction(logLevel, logMessage);
+            }
+            else {
+                logFunction(this.defaultLogger)(logMessage);
+            }
+        }
+    }
+}
+/**
+ * Logger instance used internally
+ *
+ * @internal
+ */
+const internalLogger = new InternalLogger();
+/**
+ * Set custom logger. Use the output functions if it's set. Priority is higher than setLogFunction.
+ *
+ * @param {Logger} logger - custom logger. If it's undefined, custom logger will be cleared.
+ *
+ * @example
+ * ```typescript
+ * setLogger({
+ *   verbose: console.debug,
+ *   info: console.info,
+ *   warn: console.warn,
+ *   error: console.error,
+ * });
+ * ```
+ */
+function setLogger(logger) {
+    internalLogger.customLogger = logger;
+}
+/**
+ * Set custom log function. Use the function if it's set. Priority is lower than setLogger.
+ *
+ * @param {LogFunction} logFunction - custom log function. If it's undefined, custom log function will be cleared.
+ *
+ * @example
+ * ```typescript
+ * setLogFunction((level: LogLevel, message: string) => {
+ *   if (level === LogLevel.Error) {
+ *     console.log(message);
+ *   }
+ * });
+ * ```
+ */
+function setLogFunction(logFunction) {
+    internalLogger.customLogFunction = logFunction;
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * Parse jwt token payload
+ *
+ * @param token
+ *
+ * @returns Payload object
+ *
+ * @internal
+ */
+function parseJwt(token) {
+    try {
+        const tokenObj = jwtDecode(token);
+        if (!tokenObj || !tokenObj.exp) {
+            throw new ErrorWithCode("Decoded token is null or exp claim does not exists.", ErrorCode.InternalError);
+        }
+        return tokenObj;
+    }
+    catch (err) {
+        const errorMsg = "Parse jwt token failed in node env with error: " + err.message;
+        internalLogger.error(errorMsg);
+        throw new ErrorWithCode(errorMsg, ErrorCode.InternalError);
+    }
+}
+/**
+ * @internal
+ */
+function getUserInfoFromSsoToken(ssoToken) {
+    if (!ssoToken) {
+        const errorMsg = "SSO token is undefined.";
+        internalLogger.error(errorMsg);
+        throw new ErrorWithCode(errorMsg, ErrorCode.InvalidParameter);
+    }
+    const tokenObject = parseJwt(ssoToken);
+    const userInfo = {
+        displayName: tokenObject.name,
+        objectId: tokenObject.oid,
+        tenantId: tokenObject.tid,
+        preferredUserName: "",
+    };
+    if (tokenObject.ver === "2.0") {
+        userInfo.preferredUserName = tokenObject.preferred_username;
+    }
+    else if (tokenObject.ver === "1.0") {
+        userInfo.preferredUserName = tokenObject.upn;
+    }
+    return userInfo;
+}
+/**
+ * Format string template with replacements
+ *
+ * ```typescript
+ * const template = "{0} and {1} are fruit. {0} is my favorite one."
+ * const formattedStr = formatString(template, "apple", "pear"); // formattedStr: "apple and pear are fruit. apple is my favorite one."
+ * ```
+ *
+ * @param str string template
+ * @param replacements replacement string array
+ * @returns Formatted string
+ *
+ * @internal
+ */
+function formatString(str, ...replacements) {
+    const args = replacements;
+    return str.replace(/{(\d+)}/g, function (match, number) {
+        return typeof args[number] != "undefined" ? args[number] : match;
+    });
+}
+/**
+ * @internal
+ */
+function validateScopesType(value) {
+    // string
+    if (typeof value === "string" || value instanceof String) {
+        return;
+    }
+    // empty array
+    if (Array.isArray(value) && value.length === 0) {
+        return;
+    }
+    // string array
+    if (Array.isArray(value) && value.length > 0 && value.every((item) => typeof item === "string")) {
+        return;
+    }
+    const errorMsg = "The type of scopes is not valid, it must be string or string array";
+    internalLogger.error(errorMsg);
+    throw new ErrorWithCode(errorMsg, ErrorCode.InvalidParameter);
+}
+/**
+ * @internal
+ */
+function getScopesArray(scopes) {
+    const scopesArray = typeof scopes === "string" ? scopes.split(" ") : scopes;
+    return scopesArray.filter((x) => x !== null && x !== "");
+}
+/**
+ * @internal
+ */
+function getAuthority(authorityHost, tenantId) {
+    const normalizedAuthorityHost = authorityHost.replace(/\/+$/g, "");
+    return normalizedAuthorityHost + "/" + tenantId;
+}
+/**
+ * @internal
+ */
+function validateConfig(config) {
+    if (config.clientId &&
+        (config.clientSecret || config.certificateContent) &&
+        config.tenantId &&
+        config.authorityHost) {
+        return;
+    }
+    const missingValues = [];
+    if (!config.clientId) {
+        missingValues.push("clientId");
+    }
+    if (!config.clientSecret && !config.certificateContent) {
+        missingValues.push("clientSecret or certificateContent");
+    }
+    if (!config.tenantId) {
+        missingValues.push("tenantId");
+    }
+    if (!config.authorityHost) {
+        missingValues.push("authorityHost");
+    }
+    const errorMsg = formatString(ErrorMessage.InvalidConfiguration, missingValues.join(", "), "undefined");
+    internalLogger.error(errorMsg);
+    throw new ErrorWithCode(errorMsg, ErrorCode.InvalidConfiguration);
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * @internal
+ */
+function createConfidentialClientApplication(authentication) {
+    const authority = getAuthority(authentication.authorityHost, authentication.tenantId);
+    const clientCertificate = parseCertificate(authentication.certificateContent);
+    const auth = {
+        clientId: authentication.clientId,
+        authority: authority,
+    };
+    if (clientCertificate) {
+        auth.clientCertificate = clientCertificate;
+    }
+    else {
+        auth.clientSecret = authentication.clientSecret;
+    }
+    return new ConfidentialClientApplication({
+        auth,
+    });
+}
+/**
+ * @internal
+ */
+function parseCertificate(certificateContent) {
+    if (!certificateContent) {
+        return undefined;
+    }
+    const certificatePattern = /(-+BEGIN CERTIFICATE-+)(\n\r?|\r\n?)([A-Za-z0-9+/\n\r]+=*)(\n\r?|\r\n?)(-+END CERTIFICATE-+)/;
+    const match = certificatePattern.exec(certificateContent);
+    if (!match) {
+        const errorMsg = "The certificate content does not contain a PEM-encoded certificate.";
+        internalLogger.error(errorMsg);
+        throw new ErrorWithCode(errorMsg, ErrorCode.InvalidCertificate);
+    }
+    const thumbprint = createHash("sha256")
+        .update(Buffer.from(match[3], "base64"))
+        .digest("hex")
+        .toUpperCase();
+    return {
+        thumbprintSha256: thumbprint,
+        privateKey: certificateContent,
+    };
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * Represent Microsoft 365 tenant identity, and it is usually used when user is not involved like time-triggered automation job.
+ *
+ * @example
+ * ```typescript
+ * loadConfiguration(); // load configuration from environment variables
+ * const credential = new AppCredential();
+ * ```
+ *
+ * @remarks
+ * Only works in in server side.
+ */
+class AppCredential {
+    /**
+     * Constructor of AppCredential.
+     *
+     * @remarks
+     * Only works in in server side.
+     *
+     * @param {AppCredentialAuthConfig} authConfig - The authentication configuration.
+     *
+     * @throws {@link ErrorCode|InvalidConfiguration} when client id, client secret or tenant id is not found in config.
+     * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is nodeJS.
+     */
+    constructor(authConfig) {
+        internalLogger.info("Create M365 tenant credential");
+        const config = this.loadAndValidateConfig(authConfig);
+        this.msalClient = createConfidentialClientApplication(config);
+    }
+    /**
+     * Get access token for credential.
+     *
+     * @example
+     * ```typescript
+     * await credential.getToken(["User.Read.All"]) // Get Graph access token for single scope using string array
+     * await credential.getToken("User.Read.All") // Get Graph access token for single scope using string
+     * await credential.getToken(["User.Read.All", "Calendars.Read"]) // Get Graph access token for multiple scopes using string array
+     * await credential.getToken("User.Read.All Calendars.Read") // Get Graph access token for multiple scopes using space-separated string
+     * await credential.getToken("https://graph.microsoft.com/User.Read.All") // Get Graph access token with full resource URI
+     * await credential.getToken(["https://outlook.office.com/Mail.Read"]) // Get Outlook access token
+     * ```
+     *
+     * @param {string | string[]} scopes - The list of scopes for which the token will have access.
+     * @param {GetTokenOptions} options - The options used to configure any requests this TokenCredential implementation might make.
+     *
+     * @throws {@link ErrorCode|ServiceError} when get access token with authentication error.
+     * @throws {@link ErrorCode|InternalError} when get access token with unknown error.
+     * @throws {@link ErrorCode|InvalidParameter} when scopes is not a valid string or string array.
+     * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is nodeJS.
+     *
+     * @returns Access token with expected scopes.
+     * Throw error if get access token failed.
+     */
+    async getToken(scopes, options) {
+        let accessToken;
+        validateScopesType(scopes);
+        const scopesStr = typeof scopes === "string" ? scopes : scopes.join(" ");
+        internalLogger.info("Get access token with scopes: " + scopesStr);
+        try {
+            const scopesArray = getScopesArray(scopes);
+            const authenticationResult = await this.msalClient.acquireTokenByClientCredential({
+                scopes: scopesArray,
+            });
+            if (authenticationResult) {
+                accessToken = {
+                    token: authenticationResult.accessToken,
+                    expiresOnTimestamp: authenticationResult.expiresOn.getTime(),
+                };
+            }
+        }
+        catch (err) {
+            const errorMsg = "Get M365 tenant credential failed with error: " + err.message;
+            internalLogger.error(errorMsg);
+            throw new ErrorWithCode(errorMsg, ErrorCode.ServiceError);
+        }
+        if (!accessToken) {
+            const errorMsg = "Get M365 tenant credential access token failed with empty access token";
+            internalLogger.error(errorMsg);
+            throw new ErrorWithCode(errorMsg, ErrorCode.InternalError);
+        }
+        return accessToken;
+    }
+    /**
+     * Load and validate authentication configuration
+     *
+     * @param {AuthenticationConfiguration} authConfig - The authentication configuration. Use environment variables if not provided.
+     *
+     * @returns Authentication configuration
+     */
+    loadAndValidateConfig(config) {
+        internalLogger.verbose("Validate authentication configuration");
+        if (config.clientId &&
+            (config.clientSecret || config.certificateContent) &&
+            config.tenantId &&
+            config.authorityHost) {
+            return config;
+        }
+        const missingValues = [];
+        if (!config.clientId) {
+            missingValues.push("clientId");
+        }
+        if (!config.clientSecret && !config.certificateContent) {
+            missingValues.push("clientSecret or certificateContent");
+        }
+        if (!config.tenantId) {
+            missingValues.push("tenantId");
+        }
+        if (!config.authorityHost) {
+            missingValues.push("authorityHost");
+        }
+        const errorMsg = formatString(ErrorMessage.InvalidConfiguration, missingValues.join(", "), "undefined");
+        internalLogger.error(errorMsg);
+        throw new ErrorWithCode(errorMsg, ErrorCode.InvalidConfiguration);
+    }
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * Represent on-behalf-of flow to get user identity, and it is designed to be used in server side.
+ *
+ * @example
+ * ```typescript
+ * const credential = new OnBehalfOfUserCredential(ssoToken);
+ * ```
+ *
+ * @remarks
+ * Can only be used in server side.
+ */
+class OnBehalfOfUserCredential {
+    /**
+     * Constructor of OnBehalfOfUserCredential
+     *
+     * @remarks
+     * Only works in in server side.
+     *
+     * @param {string} ssoToken - User token provided by Teams SSO feature.
+     * @param {OnBehalfOfCredentialAuthConfig} config - The authentication configuration.
+     *
+     * @throws {@link ErrorCode|InvalidConfiguration} when client id, client secret, certificate content, authority host or tenant id is not found in config.
+     * @throws {@link ErrorCode|InternalError} when SSO token is not valid.
+     * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is browser.
+     */
+    constructor(ssoToken, config) {
+        internalLogger.info("Get on behalf of user credential");
+        const missingConfigurations = [];
+        if (!config.clientId) {
+            missingConfigurations.push("clientId");
+        }
+        if (!config.authorityHost) {
+            missingConfigurations.push("authorityHost");
+        }
+        if (!config.clientSecret && !config.certificateContent) {
+            missingConfigurations.push("clientSecret or certificateContent");
+        }
+        if (!config.tenantId) {
+            missingConfigurations.push("tenantId");
+        }
+        if (missingConfigurations.length != 0) {
+            const errorMsg = formatString(ErrorMessage.InvalidConfiguration, missingConfigurations.join(", "), "undefined");
+            internalLogger.error(errorMsg);
+            throw new ErrorWithCode(errorMsg, ErrorCode.InvalidConfiguration);
+        }
+        this.msalClient = createConfidentialClientApplication(config);
+        const decodedSsoToken = parseJwt(ssoToken);
+        this.ssoToken = {
+            token: ssoToken,
+            expiresOnTimestamp: decodedSsoToken.exp,
+        };
+    }
+    /**
+     * Get access token from credential.
+     *
+     * @example
+     * ```typescript
+     * await credential.getToken([]) // Get SSO token using empty string array
+     * await credential.getToken("") // Get SSO token using empty string
+     * await credential.getToken([".default"]) // Get Graph access token with default scope using string array
+     * await credential.getToken(".default") // Get Graph access token with default scope using string
+     * await credential.getToken(["User.Read"]) // Get Graph access token for single scope using string array
+     * await credential.getToken("User.Read") // Get Graph access token for single scope using string
+     * await credential.getToken(["User.Read", "Application.Read.All"]) // Get Graph access token for multiple scopes using string array
+     * await credential.getToken("User.Read Application.Read.All") // Get Graph access token for multiple scopes using space-separated string
+     * await credential.getToken("https://graph.microsoft.com/User.Read") // Get Graph access token with full resource URI
+     * await credential.getToken(["https://outlook.office.com/Mail.Read"]) // Get Outlook access token
+     * ```
+     *
+     * @param {string | string[]} scopes - The list of scopes for which the token will have access.
+     * @param {GetTokenOptions} options - The options used to configure any requests this TokenCredential implementation might make.
+     *
+     * @throws {@link ErrorCode|InternalError} when failed to acquire access token on behalf of user with unknown error.
+     * @throws {@link ErrorCode|TokenExpiredError} when SSO token has already expired.
+     * @throws {@link ErrorCode|UiRequiredError} when need user consent to get access token.
+     * @throws {@link ErrorCode|ServiceError} when failed to get access token from simple auth server.
+     * @throws {@link ErrorCode|InvalidParameter} when scopes is not a valid string or string array.
+     * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is browser.
+     *
+     * @returns Access token with expected scopes.
+     *
+     * @remarks
+     * If scopes is empty string or array, it returns SSO token.
+     * If scopes is non-empty, it returns access token for target scope.
+     */
+    async getToken(scopes, options) {
+        validateScopesType(scopes);
+        const scopesArray = getScopesArray(scopes);
+        let result;
+        if (!scopesArray.length) {
+            internalLogger.info("Get SSO token.");
+            if (Math.floor(Date.now() / 1000) > this.ssoToken.expiresOnTimestamp) {
+                const errorMsg = "Sso token has already expired.";
+                internalLogger.error(errorMsg);
+                throw new ErrorWithCode(errorMsg, ErrorCode.TokenExpiredError);
+            }
+            result = this.ssoToken;
+        }
+        else {
+            internalLogger.info("Get access token with scopes: " + scopesArray.join(" "));
+            let authenticationResult;
+            try {
+                authenticationResult = await this.msalClient.acquireTokenOnBehalfOf({
+                    oboAssertion: this.ssoToken.token,
+                    scopes: scopesArray,
+                });
+            }
+            catch (error) {
+                throw this.generateAuthServerError(error);
+            }
+            if (!authenticationResult) {
+                const errorMsg = "Access token is null";
+                internalLogger.error(errorMsg);
+                throw new ErrorWithCode(formatString(ErrorMessage.FailToAcquireTokenOnBehalfOfUser, errorMsg), ErrorCode.InternalError);
+            }
+            result = {
+                token: authenticationResult.accessToken,
+                expiresOnTimestamp: authenticationResult.expiresOn.getTime(),
+            };
+        }
+        return result;
+    }
+    /**
+     * Get basic user info from SSO token.
+     *
+     * @example
+     * ```typescript
+     * const currentUser = getUserInfo();
+     * ```
+     *
+     * @throws {@link ErrorCode|InternalError} when SSO token is not valid.
+     * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is browser.
+     *
+     * @returns Basic user info with user displayName, objectId and preferredUserName.
+     */
+    getUserInfo() {
+        internalLogger.info("Get basic user info from SSO token");
+        return getUserInfoFromSsoToken(this.ssoToken.token);
+    }
+    generateAuthServerError(err) {
+        const errorMessage = err.errorMessage;
+        if (err.name === "InteractionRequiredAuthError") {
+            const fullErrorMsg = "Failed to get access token from AAD server, interaction required: " + errorMessage;
+            internalLogger.warn(fullErrorMsg);
+            return new ErrorWithCode(fullErrorMsg, ErrorCode.UiRequiredError);
+        }
+        else if (errorMessage && errorMessage.indexOf("AADSTS50013") >= 0) {
+            const fullErrorMsg = "Failed to get access token from AAD server, assertion is invalid because of various reasons: " +
+                errorMessage;
+            internalLogger.error(fullErrorMsg);
+            return new ErrorWithCode(fullErrorMsg, ErrorCode.TokenExpiredError);
+        }
+        else {
+            const fullErrorMsg = formatString(ErrorMessage.FailToAcquireTokenOnBehalfOfUser, errorMessage);
+            internalLogger.error(fullErrorMsg);
+            return new ErrorWithCode(fullErrorMsg, ErrorCode.ServiceError);
+        }
+    }
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * Represent Teams current user's identity, and it is used within Teams client applications.
+ *
+ * @remarks
+ * Can only be used within Teams.
+ */
+class TeamsUserCredential {
+    /**
+     * Constructor of TeamsUserCredential.
+     * @remarks
+     * Can only be used within Teams.
+     */
+    constructor(authConfig) {
+        throw new ErrorWithCode(formatString(ErrorMessage.NodejsRuntimeNotSupported, "TeamsUserCredential"), ErrorCode.RuntimeNotSupported);
+    }
+    /**
+     * Popup login page to get user's access token with specific scopes.
+     *
+     * @param {string[]} resources - The optional list of resources for full trust Teams apps.
+     *
+     * @remarks
+     * Can only be used within Teams.
+     */
+    login(scopes, resources) {
+        return Promise.reject(new ErrorWithCode(formatString(ErrorMessage.NodejsRuntimeNotSupported, "TeamsUserCredential"), ErrorCode.RuntimeNotSupported));
+    }
+    /**
+     * Get access token from credential.
+     * @remarks
+     * Can only be used within Teams.
+     */
+    getToken(scopes, options) {
+        return Promise.reject(new ErrorWithCode(formatString(ErrorMessage.NodejsRuntimeNotSupported, "TeamsUserCredential"), ErrorCode.RuntimeNotSupported));
+    }
+    /**
+     * Get basic user info from SSO token
+     *
+     * @param {string[]} resources - The optional list of resources for full trust Teams apps.
+     *
+     * @remarks
+     * Can only be used within Teams.
+     */
+    getUserInfo(resources) {
+        return Promise.reject(new ErrorWithCode(formatString(ErrorMessage.NodejsRuntimeNotSupported, "TeamsUserCredential"), ErrorCode.RuntimeNotSupported));
+    }
+}
+
+// Copyright (c) Microsoft Corporation.
+const invokeResponseType = "invokeResponse";
+/**
+ * Response body returned for a token exchange invoke activity.
+ */
+class TokenExchangeInvokeResponse {
+    constructor(id, failureDetail) {
+        this.id = id;
+        this.failureDetail = failureDetail;
+    }
+}
+/**
+ * Creates a new prompt that leverage Teams Single Sign On (SSO) support for bot to automatically sign in user and
+ * help receive oauth token, asks the user to consent if needed.
+ *
+ * @remarks
+ * The prompt will attempt to retrieve the users current token of the desired scopes and store it in
+ * the token store.
+ *
+ * User will be automatically signed in leveraging Teams support of Bot Single Sign On(SSO):
+ * https://docs.microsoft.com/en-us/microsoftteams/platform/bots/how-to/authentication/auth-aad-sso-bots
+ *
+ * @example
+ * When used with your bots `DialogSet` you can simply add a new instance of the prompt as a named
+ * dialog using `DialogSet.add()`. You can then start the prompt from a waterfall step using either
+ * `DialogContext.beginDialog()` or `DialogContext.prompt()`. The user will be prompted to sign in as
+ * needed and their access token will be passed as an argument to the callers next waterfall step:
+ *
+ * ```JavaScript
+ * const { ConversationState, MemoryStorage } = require('botbuilder');
+ * const { DialogSet, WaterfallDialog } = require('botbuilder-dialogs');
+ * const { TeamsBotSsoPrompt } = require('@microsoft/teamsfx');
+ *
+ * const convoState = new ConversationState(new MemoryStorage());
+ * const dialogState = convoState.createProperty('dialogState');
+ * const dialogs = new DialogSet(dialogState);
+ *
+ * dialogs.add(new TeamsBotSsoPrompt('TeamsBotSsoPrompt', {
+ *    scopes: ["User.Read"],
+ * }));
+ *
+ * dialogs.add(new WaterfallDialog('taskNeedingLogin', [
+ *      async (step) => {
+ *          return await step.beginDialog('TeamsBotSsoPrompt');
+ *      },
+ *      async (step) => {
+ *          const token = step.result;
+ *          if (token) {
+ *
+ *              // ... continue with task needing access token ...
+ *
+ *          } else {
+ *              await step.context.sendActivity(`Sorry... We couldn't log you in. Try again later.`);
+ *              return await step.endDialog();
+ *          }
+ *      }
+ * ]));
+ * ```
+ */
+class TeamsBotSsoPrompt extends Dialog {
+    /**
+     * Constructor of TeamsBotSsoPrompt.
+     *
+     * @param {OnBehalfOfCredentialAuthConfig} authConfig - Used to provide configuration and auth
+     * @param {string} initiateLoginEndpoint - Login URL for Teams to redirect to
+     * @param {string} dialogId Unique ID of the dialog within its parent `DialogSet` or `ComponentDialog`.
+     * @param {TeamsBotSsoPromptSettings} settings Settings used to configure the prompt.
+     *
+     * @throws {@link ErrorCode|InvalidParameter} when scopes is not a valid string or string array.
+     * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is browser.
+     */
+    constructor(authConfig, initiateLoginEndpoint, dialogId, settings) {
+        super(dialogId);
+        this.initiateLoginEndpoint = initiateLoginEndpoint;
+        this.authConfig = authConfig;
+        this.settings = settings;
+        validateScopesType(this.settings.scopes);
+        validateConfig(this.authConfig);
+        internalLogger.info("Create a new Teams Bot SSO Prompt");
+    }
+    /**
+     * Called when a prompt dialog is pushed onto the dialog stack and is being activated.
+     * @remarks
+     * If the task is successful, the result indicates whether the prompt is still
+     * active after the turn has been processed by the prompt.
+     *
+     * @param dc The DialogContext for the current turn of the conversation.
+     *
+     * @throws {@link ErrorCode|InvalidParameter} when timeout property in teams bot sso prompt settings is not number or is not positive.
+     * @throws {@link ErrorCode|ChannelNotSupported} when bot channel is not MS Teams.
+     * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is browser.
+     *
+     * @returns A `Promise` representing the asynchronous operation.
+     */
+    async beginDialog(dc) {
+        var _a;
+        internalLogger.info("Begin Teams Bot SSO Prompt");
+        this.ensureMsTeamsChannel(dc);
+        // Initialize prompt state
+        const default_timeout = 900000;
+        let timeout = default_timeout;
+        if (this.settings.timeout) {
+            if (typeof this.settings.timeout != "number") {
+                const errorMsg = "type of timeout property in teamsBotSsoPromptSettings should be number.";
+                internalLogger.error(errorMsg);
+                throw new ErrorWithCode(errorMsg, ErrorCode.InvalidParameter);
+            }
+            if (this.settings.timeout <= 0) {
+                const errorMsg = "value of timeout property in teamsBotSsoPromptSettings should be positive.";
+                internalLogger.error(errorMsg);
+                throw new ErrorWithCode(errorMsg, ErrorCode.InvalidParameter);
+            }
+            timeout = this.settings.timeout;
+        }
+        if (this.settings.endOnInvalidMessage === undefined) {
+            this.settings.endOnInvalidMessage = true;
+        }
+        const state = (_a = dc.activeDialog) === null || _a === void 0 ? void 0 : _a.state;
+        state.state = {};
+        state.options = {};
+        state.expires = new Date().getTime() + timeout;
+        // Send OAuth card to get SSO token
+        await this.sendOAuthCardAsync(dc.context);
+        return Dialog.EndOfTurn;
+    }
+    /**
+     * Called when a prompt dialog is the active dialog and the user replied with a new activity.
+     *
+     * @remarks
+     * If the task is successful, the result indicates whether the dialog is still
+     * active after the turn has been processed by the dialog.
+     * The prompt generally continues to receive the user's replies until it accepts the
+     * user's reply as valid input for the prompt.
+     *
+     * @param dc The DialogContext for the current turn of the conversation.
+     *
+     * @returns A `Promise` representing the asynchronous operation.
+     *
+     * @throws {@link ErrorCode|ChannelNotSupported} when bot channel is not MS Teams.
+     * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is browser.
+     */
+    async continueDialog(dc) {
+        var _a;
+        internalLogger.info("Continue Teams Bot SSO Prompt");
+        this.ensureMsTeamsChannel(dc);
+        // Check for timeout
+        const state = (_a = dc.activeDialog) === null || _a === void 0 ? void 0 : _a.state;
+        const isMessage = dc.context.activity.type === ActivityTypes.Message;
+        const isTimeoutActivityType = isMessage ||
+            this.isTeamsVerificationInvoke(dc.context) ||
+            this.isTokenExchangeRequestInvoke(dc.context);
+        // If the incoming Activity is a message, or an Activity Type normally handled by TeamsBotSsoPrompt,
+        // check to see if this TeamsBotSsoPrompt Expiration has elapsed, and end the dialog if so.
+        const hasTimedOut = isTimeoutActivityType && new Date().getTime() > state.expires;
+        if (hasTimedOut) {
+            internalLogger.warn("End Teams Bot SSO Prompt due to timeout");
+            return await dc.endDialog(undefined);
+        }
+        else {
+            if (this.isTeamsVerificationInvoke(dc.context) ||
+                this.isTokenExchangeRequestInvoke(dc.context)) {
+                // Recognize token
+                const recognized = await this.recognizeToken(dc);
+                if (recognized.succeeded) {
+                    return await dc.endDialog(recognized.value);
+                }
+            }
+            else if (isMessage && this.settings.endOnInvalidMessage) {
+                internalLogger.warn("End Teams Bot SSO Prompt due to invalid message");
+                return await dc.endDialog(undefined);
+            }
+            return Dialog.EndOfTurn;
+        }
+    }
+    /**
+     * Ensure bot is running in MS Teams since TeamsBotSsoPrompt is only supported in MS Teams channel.
+     * @param dc dialog context
+     * @throws {@link ErrorCode|ChannelNotSupported} if bot channel is not MS Teams
+     * @internal
+     */
+    ensureMsTeamsChannel(dc) {
+        if (dc.context.activity.channelId != Channels.Msteams) {
+            const errorMsg = formatString(ErrorMessage.OnlyMSTeamsChannelSupported, "Teams Bot SSO Prompt");
+            internalLogger.error(errorMsg);
+            throw new ErrorWithCode(errorMsg, ErrorCode.ChannelNotSupported);
+        }
+    }
+    /**
+     * Send OAuthCard that tells Teams to obtain an authentication token for the bot application.
+     * For details see https://docs.microsoft.com/en-us/microsoftteams/platform/bots/how-to/authentication/auth-aad-sso-bots.
+     *
+     * @internal
+     */
+    async sendOAuthCardAsync(context) {
+        internalLogger.verbose("Send OAuth card to get SSO token");
+        const account = await TeamsInfo.getMember(context, context.activity.from.id);
+        internalLogger.verbose("Get Teams member account user principal name: " +
+            (account.userPrincipalName ? account.userPrincipalName : ""));
+        const loginHint = account.userPrincipalName ? account.userPrincipalName : "";
+        const signInResource = this.getSignInResource(loginHint);
+        const card = CardFactory.oauthCard("", "Teams SSO Sign In", "Sign In", signInResource.signInLink, signInResource.tokenExchangeResource);
+        card.content.buttons[0].type = ActionTypes.Signin;
+        const msg = MessageFactory.attachment(card);
+        // Send prompt
+        await context.sendActivity(msg);
+    }
+    /**
+     * Get sign in resource.
+     *
+     * @throws {@link ErrorCode|InvalidConfiguration} if client id, tenant id or initiate login endpoint is not found in config.
+     *
+     * @internal
+     */
+    getSignInResource(loginHint) {
+        internalLogger.verbose("Get sign in authentication configuration");
+        const signInLink = `${this.initiateLoginEndpoint}?scope=${encodeURI(this.settings.scopes.join(" "))}&clientId=${this.authConfig.clientId}&tenantId=${this.authConfig.tenantId}&loginHint=${loginHint}`;
+        internalLogger.verbose("Sign in link: " + signInLink);
+        const tokenExchangeResource = {
+            id: v4(),
+        };
+        return {
+            signInLink: signInLink,
+            tokenExchangeResource: tokenExchangeResource,
+        };
+    }
+    /**
+     * @internal
+     */
+    async recognizeToken(dc) {
+        const context = dc.context;
+        let tokenResponse;
+        if (this.isTokenExchangeRequestInvoke(context)) {
+            internalLogger.verbose("Receive token exchange request");
+            // Received activity is not a token exchange request
+            if (!(context.activity.value && this.isTokenExchangeRequest(context.activity.value))) {
+                const warningMsg = "The bot received an InvokeActivity that is missing a TokenExchangeInvokeRequest value. This is required to be sent with the InvokeActivity.";
+                internalLogger.warn(warningMsg);
+                await context.sendActivity(this.getTokenExchangeInvokeResponse(StatusCodes.BAD_REQUEST, warningMsg));
+            }
+            else {
+                const ssoToken = context.activity.value.token;
+                const credential = new OnBehalfOfUserCredential(ssoToken, this.authConfig);
+                let exchangedToken;
+                try {
+                    exchangedToken = await credential.getToken(this.settings.scopes);
+                    if (exchangedToken) {
+                        await context.sendActivity(this.getTokenExchangeInvokeResponse(StatusCodes.OK, "", context.activity.value.id));
+                        const ssoTokenExpiration = parseJwt(ssoToken).exp;
+                        tokenResponse = {
+                            ssoToken: ssoToken,
+                            ssoTokenExpiration: new Date(ssoTokenExpiration * 1000).toISOString(),
+                            connectionName: "",
+                            token: exchangedToken.token,
+                            expiration: exchangedToken.expiresOnTimestamp.toString(),
+                        };
+                    }
+                }
+                catch (error) {
+                    const warningMsg = "The bot is unable to exchange token. Ask for user consent.";
+                    internalLogger.info(warningMsg);
+                    await context.sendActivity(this.getTokenExchangeInvokeResponse(StatusCodes.PRECONDITION_FAILED, warningMsg, context.activity.value.id));
+                }
+            }
+        }
+        else if (this.isTeamsVerificationInvoke(context)) {
+            internalLogger.verbose("Receive Teams state verification request");
+            await this.sendOAuthCardAsync(dc.context);
+            await context.sendActivity({ type: invokeResponseType, value: { status: StatusCodes.OK } });
+        }
+        return tokenResponse !== undefined
+            ? { succeeded: true, value: tokenResponse }
+            : { succeeded: false };
+    }
+    /**
+     * @internal
+     */
+    getTokenExchangeInvokeResponse(status, failureDetail, id) {
+        const invokeResponse = {
+            type: invokeResponseType,
+            value: { status, body: new TokenExchangeInvokeResponse(id, failureDetail) },
+        };
+        return invokeResponse;
+    }
+    /**
+     * @internal
+     */
+    isTeamsVerificationInvoke(context) {
+        const activity = context.activity;
+        return activity.type === ActivityTypes.Invoke && activity.name === verifyStateOperationName;
+    }
+    /**
+     * @internal
+     */
+    isTokenExchangeRequestInvoke(context) {
+        const activity = context.activity;
+        return activity.type === ActivityTypes.Invoke && activity.name === tokenExchangeOperationName;
+    }
+    /**
+     * @internal
+     */
+    isTokenExchangeRequest(obj) {
+        return obj.hasOwnProperty("token");
+    }
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * Initializes new Axios instance with specific auth provider
+ *
+ * @param apiEndpoint - Base url of the API
+ * @param authProvider - Auth provider that injects authentication info to each request
+ * @returns axios instance configured with specfic auth provider
+ *
+ * @example
+ * ```typescript
+ * const client = createApiClient("https://my-api-endpoint-base-url", new BasicAuthProvider("xxx","xxx"));
+ * ```
+ */
+function createApiClient(apiEndpoint, authProvider) {
+    // Add a request interceptor
+    const instance = axios.create({
+        baseURL: apiEndpoint,
+    });
+    instance.interceptors.request.use(async function (config) {
+        return (await authProvider.AddAuthenticationInfo(config));
+    });
+    return instance;
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * Provider that handles Bearer Token authentication
+ */
+class BearerTokenAuthProvider {
+    /**
+     * @param { () => Promise<string> } getToken - Function that returns the content of bearer token used in http request
+     */
+    constructor(getToken) {
+        this.getToken = getToken;
+    }
+    /**
+     * Adds authentication info to http requests
+     *
+     * @param { AxiosRequestConfig } config - Contains all the request information and can be updated to include extra authentication info.
+     * Refer https://axios-http.com/docs/req_config for detailed document.
+     *
+     * @returns Updated axios request config.
+     *
+     * @throws {@link ErrorCode|AuthorizationInfoAlreadyExists} - when Authorization header already exists in request configuration.
+     */
+    async AddAuthenticationInfo(config) {
+        const token = await this.getToken();
+        if (!config.headers) {
+            config.headers = {};
+        }
+        if (config.headers["Authorization"]) {
+            throw new ErrorWithCode(ErrorMessage.AuthorizationHeaderAlreadyExists, ErrorCode.AuthorizationInfoAlreadyExists);
+        }
+        config.headers["Authorization"] = `Bearer ${token}`;
+        return config;
+    }
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * Provider that handles Basic authentication
+ */
+class BasicAuthProvider {
+    /**
+     *
+     * @param { string } userName - Username used in basic auth
+     * @param { string } password - Password used in basic auth
+     *
+     * @throws {@link ErrorCode|InvalidParameter} - when username or password is empty.
+     * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is browser.
+     */
+    constructor(userName, password) {
+        if (!userName) {
+            throw new ErrorWithCode(formatString(ErrorMessage.EmptyParameter, "username"), ErrorCode.InvalidParameter);
+        }
+        if (!password) {
+            throw new ErrorWithCode(formatString(ErrorMessage.EmptyParameter, "password"), ErrorCode.InvalidParameter);
+        }
+        this.userName = userName;
+        this.password = password;
+    }
+    /**
+     * Adds authentication info to http requests
+     *
+     * @param { AxiosRequestConfig } config - Contains all the request information and can be updated to include extra authentication info.
+     * Refer https://axios-http.com/docs/req_config for detailed document.
+     *
+     * @returns Updated axios request config.
+     *
+     * @throws {@link ErrorCode|AuthorizationInfoAlreadyExists} - when Authorization header or auth property already exists in request configuration.
+     * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is browser.
+     */
+    AddAuthenticationInfo(config) {
+        if (config.headers && config.headers["Authorization"]) {
+            return Promise.reject(new ErrorWithCode(ErrorMessage.AuthorizationHeaderAlreadyExists, ErrorCode.AuthorizationInfoAlreadyExists));
+        }
+        if (config.auth) {
+            return Promise.reject(new ErrorWithCode(ErrorMessage.BasicCredentialAlreadyExists, ErrorCode.AuthorizationInfoAlreadyExists));
+        }
+        config.auth = {
+            username: this.userName,
+            password: this.password,
+        };
+        return Promise.resolve(config);
+    }
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * Provider that handles API Key authentication
+ */
+class ApiKeyProvider {
+    /**
+     *
+     * @param { string } keyName - The name of request header or query parameter that specifies API Key
+     * @param { string } keyValue - The value of API Key
+     * @param { ApiKeyLocation } keyLocation - The location of API Key: request header or query parameter.
+     *
+     * @throws {@link ErrorCode|InvalidParameter} - when key name or key value is empty.
+     * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is browser.
+     */
+    constructor(keyName, keyValue, keyLocation) {
+        if (!keyName) {
+            throw new ErrorWithCode(formatString(ErrorMessage.EmptyParameter, "keyName"), ErrorCode.InvalidParameter);
+        }
+        if (!keyValue) {
+            throw new ErrorWithCode(formatString(ErrorMessage.EmptyParameter, "keyVaule"), ErrorCode.InvalidParameter);
+        }
+        this.keyName = keyName;
+        this.keyValue = keyValue;
+        this.keyLocation = keyLocation;
+    }
+    /**
+     * Adds authentication info to http requests
+     *
+     * @param { AxiosRequestConfig } config - Contains all the request information and can be updated to include extra authentication info.
+     * Refer https://axios-http.com/docs/req_config for detailed document.
+     *
+     * @returns Updated axios request config.
+     *
+     * @throws {@link ErrorCode|AuthorizationInfoAlreadyExists} - when API key already exists in request header or url query parameter.
+     * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is browser.
+     */
+    AddAuthenticationInfo(config) {
+        switch (this.keyLocation) {
+            case ApiKeyLocation.Header:
+                if (!config.headers) {
+                    config.headers = {};
+                }
+                if (config.headers[this.keyName]) {
+                    return Promise.reject(new ErrorWithCode(formatString(ErrorMessage.DuplicateApiKeyInHeader, this.keyName), ErrorCode.AuthorizationInfoAlreadyExists));
+                }
+                config.headers[this.keyName] = this.keyValue;
+                break;
+            case ApiKeyLocation.QueryParams:
+                if (!config.params) {
+                    config.params = {};
+                }
+                let urlHasDefinedApiKey = false;
+                if (config.url) {
+                    const url = new URL(config.url, config.baseURL);
+                    urlHasDefinedApiKey = url.searchParams.has(this.keyName);
+                }
+                if (config.params[this.keyName] || urlHasDefinedApiKey) {
+                    return Promise.reject(new ErrorWithCode(formatString(ErrorMessage.DuplicateApiKeyInQueryParam, this.keyName), ErrorCode.AuthorizationInfoAlreadyExists));
+                }
+                config.params[this.keyName] = this.keyValue;
+                break;
+        }
+        return Promise.resolve(config);
+    }
+}
+/**
+ * Define available location for API Key location
+ */
+var ApiKeyLocation;
+(function (ApiKeyLocation) {
+    /**
+     * The API Key is placed in request header
+     */
+    ApiKeyLocation[ApiKeyLocation["Header"] = 0] = "Header";
+    /**
+     * The API Key is placed in query parameter
+     */
+    ApiKeyLocation[ApiKeyLocation["QueryParams"] = 1] = "QueryParams";
+})(ApiKeyLocation || (ApiKeyLocation = {}));
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * Provider that handles Certificate authentication
+ */
+class CertificateAuthProvider {
+    /**
+     *
+     * @param { SecureContextOptions } certOption - information about the cert used in http requests
+     *
+     * @throws {@link ErrorCode|InvalidParameter} - when cert option is empty.
+     */
+    constructor(certOption) {
+        if (certOption && Object.keys(certOption).length !== 0) {
+            this.certOption = certOption;
+        }
+        else {
+            throw new ErrorWithCode(formatString(ErrorMessage.EmptyParameter, "certOption"), ErrorCode.InvalidParameter);
+        }
+    }
+    /**
+     * Adds authentication info to http requests.
+     *
+     * @param { AxiosRequestConfig } config - Contains all the request information and can be updated to include extra authentication info.
+     * Refer https://axios-http.com/docs/req_config for detailed document.
+     *
+     * @returns Updated axios request config.
+     *
+     * @throws {@link ErrorCode|InvalidParameter} - when custom httpsAgent in the request has duplicate properties with certOption provided in constructor.
+     */
+    AddAuthenticationInfo(config) {
+        if (!config.httpsAgent) {
+            config.httpsAgent = new Agent(this.certOption);
+        }
+        else {
+            const existingProperties = new Set(Object.keys(config.httpsAgent.options));
+            for (const property of Object.keys(this.certOption)) {
+                if (existingProperties.has(property)) {
+                    return Promise.reject(new ErrorWithCode(formatString(ErrorMessage.DuplicateHttpsOptionProperty, property), ErrorCode.InvalidParameter));
+                }
+            }
+            Object.assign(config.httpsAgent.options, this.certOption);
+        }
+        return Promise.resolve(config);
+    }
+}
+/**
+ * Helper to create SecureContextOptions from PEM format cert
+ *
+ * @param { string | Buffer } cert - The cert chain in PEM format
+ * @param { string | Buffer } key - The private key for the cert chain
+ * @param { {passphrase?: string; ca?: string | Buffer} } options - Optional settings when create the cert options.
+ *
+ * @returns Instance of SecureContextOptions
+ *
+ * @throws {@link ErrorCode|InvalidParameter} - when any parameter is empty
+ *
+ */
+function createPemCertOption(cert, key, options) {
+    if (cert.length === 0) {
+        throw new ErrorWithCode(formatString(ErrorMessage.EmptyParameter, "cert"), ErrorCode.InvalidParameter);
+    }
+    if (key.length === 0) {
+        throw new ErrorWithCode(formatString(ErrorMessage.EmptyParameter, "key"), ErrorCode.InvalidParameter);
+    }
+    return {
+        cert,
+        key,
+        passphrase: options === null || options === void 0 ? void 0 : options.passphrase,
+        ca: options === null || options === void 0 ? void 0 : options.ca,
+    };
+}
+/**
+ * Helper to create SecureContextOptions from PFX format cert
+ *
+ * @param { string | Buffer } pfx - The content of .pfx file
+ * @param { {passphrase?: string} } options - Optional settings when create the cert options.
+ *
+ * @returns Instance of SecureContextOptions
+ *
+ * @throws {@link ErrorCode|InvalidParameter} - when any parameter is empty
+ *
+ */
+function createPfxCertOption(pfx, options) {
+    if (pfx.length === 0) {
+        throw new ErrorWithCode(formatString(ErrorMessage.EmptyParameter, "pfx"), ErrorCode.InvalidParameter);
+    }
+    return {
+        pfx,
+        passphrase: options === null || options === void 0 ? void 0 : options.passphrase,
+    };
+}
+
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT license.
+/**
+ * The target type where the notification will be sent to.
+ *
+ * @remarks
+ * - "Channel" means to a team channel. (By default, notification to a team will be sent to its "General" channel.)
+ * - "Group" means to a group chat.
+ * - "Person" means to a personal chat.
+ */
+var NotificationTargetType;
+(function (NotificationTargetType) {
+    /**
+     * The notification will be sent to a team channel.
+     * (By default, notification to a team will be sent to its "General" channel.)
+     */
+    NotificationTargetType["Channel"] = "Channel";
+    /**
+     * The notification will be sent to a group chat.
+     */
+    NotificationTargetType["Group"] = "Group";
+    /**
+     * The notification will be sent to a personal chat.
+     */
+    NotificationTargetType["Person"] = "Person";
+})(NotificationTargetType || (NotificationTargetType = {}));
+/**
+ * Options used to control how the response card will be sent to users.
+ */
+var AdaptiveCardResponse;
+(function (AdaptiveCardResponse) {
+    /**
+     * The response card will be replaced the current one for the interactor who trigger the action.
+     */
+    AdaptiveCardResponse[AdaptiveCardResponse["ReplaceForInteractor"] = 0] = "ReplaceForInteractor";
+    /**
+     * The response card will be replaced the current one for all users in the chat.
+     */
+    AdaptiveCardResponse[AdaptiveCardResponse["ReplaceForAll"] = 1] = "ReplaceForAll";
+    /**
+     * The response card will be sent as a new message for all users in the chat.
+     */
+    AdaptiveCardResponse[AdaptiveCardResponse["NewForAll"] = 2] = "NewForAll";
+})(AdaptiveCardResponse || (AdaptiveCardResponse = {}));
+/**
+ * Status code for an `application/vnd.microsoft.error` invoke response.
+ */
+var InvokeResponseErrorCode;
+(function (InvokeResponseErrorCode) {
+    /**
+     * Invalid request.
+     */
+    InvokeResponseErrorCode[InvokeResponseErrorCode["BadRequest"] = 400] = "BadRequest";
+    /**
+     * Internal server error.
+     */
+    InvokeResponseErrorCode[InvokeResponseErrorCode["InternalServerError"] = 500] = "InternalServerError";
+})(InvokeResponseErrorCode || (InvokeResponseErrorCode = {}));
+
+// Copyright (c) Microsoft Corporation.
+let DIALOG_NAME = "BotSsoExecutionDialog";
+let TEAMS_SSO_PROMPT_ID = "TeamsFxSsoPrompt";
+let COMMAND_ROUTE_DIALOG = "CommandRouteDialog";
+/**
+ * Sso execution dialog, use to handle sso command
+ */
+class BotSsoExecutionDialog extends ComponentDialog {
+    /**
+     * Creates a new instance of the BotSsoExecutionDialog.
+     * @param {@link Storage} dedupStorage Helper storage to remove duplicated messages
+     * @param {@link TeamsBotSsoPromptSettings} settings The list of scopes for which the token will have access
+     * @param {@link OnBehalfOfCredentialAuthConfig} authConfig The authentication configuration.
+     * @param {string} initiateLoginEndpoint Login URL for Teams to redirect to.
+     * @param {string} dialogName custom dialog name
+     */
+    constructor(dedupStorage, ssoPromptSettings, authConfig, initiateLoginEndpoint, dialogName) {
+        super(dialogName !== null && dialogName !== void 0 ? dialogName : DIALOG_NAME);
+        this.dedupStorageKeys = [];
+        // Map to store the commandId and triggerPatterns, key: commandId, value: triggerPatterns
+        this.commandMapping = new Map();
+        if (dialogName) {
+            DIALOG_NAME = dialogName;
+            TEAMS_SSO_PROMPT_ID = dialogName + TEAMS_SSO_PROMPT_ID;
+            COMMAND_ROUTE_DIALOG = dialogName + COMMAND_ROUTE_DIALOG;
+        }
+        const ssoDialog = new TeamsBotSsoPrompt(authConfig, initiateLoginEndpoint, TEAMS_SSO_PROMPT_ID, ssoPromptSettings);
+        this.addDialog(ssoDialog);
+        this.initialDialogId = COMMAND_ROUTE_DIALOG;
+        this.dedupStorage = dedupStorage;
+        this.dedupStorageKeys = [];
+        const commandRouteDialog = new WaterfallDialog(COMMAND_ROUTE_DIALOG, [
+            this.commandRouteStep.bind(this),
+        ]);
+        this.addDialog(commandRouteDialog);
+    }
+    /**
+     * Add TeamsFxBotSsoCommandHandler instance
+     * @param handler {@link BotSsoExecutionDialogHandler} callback function
+     * @param triggerPatterns The trigger pattern
+     */
+    addCommand(handler, triggerPatterns) {
+        const commandId = this.getCommandHash(triggerPatterns);
+        const dialog = new WaterfallDialog(commandId, [
+            this.ssoStep.bind(this),
+            this.dedupStep.bind(this),
+            async (stepContext) => {
+                const tokenResponse = stepContext.result.tokenResponse;
+                const context = stepContext.context;
+                const message = stepContext.result.message;
+                try {
+                    if (tokenResponse) {
+                        await handler(context, tokenResponse, message);
+                    }
+                    else {
+                        throw new Error(ErrorMessage.FailedToRetrieveSsoToken);
+                    }
+                    return await stepContext.endDialog();
+                }
+                catch (error) {
+                    const errorMsg = formatString(ErrorMessage.FailedToProcessSsoHandler, error.message);
+                    internalLogger.error(errorMsg);
+                    return await stepContext.endDialog(new ErrorWithCode(errorMsg, ErrorCode.FailedToProcessSsoHandler));
+                }
+            },
+        ]);
+        this.commandMapping.set(commandId, triggerPatterns);
+        this.addDialog(dialog);
+    }
+    getCommandHash(patterns) {
+        const expressions = Array.isArray(patterns) ? patterns : [patterns];
+        const patternStr = expressions.join();
+        const patternStrWithoutSpecialChar = patternStr.replace(/[^a-zA-Z0-9]/g, "");
+        const hash = createHash("sha256").update(patternStr).digest("hex").toLowerCase();
+        return patternStrWithoutSpecialChar + hash;
+    }
+    /**
+     * The run method handles the incoming activity (in the form of a DialogContext) and passes it through the dialog system.
+     *
+     * @param context The context object for the current turn.
+     * @param accessor The instance of StatePropertyAccessor for dialog system.
+     */
+    async run(context, accessor) {
+        const dialogSet = new DialogSet(accessor);
+        dialogSet.add(this);
+        const dialogContext = await dialogSet.createContext(context);
+        this.ensureMsTeamsChannel(dialogContext);
+        const results = await dialogContext.continueDialog();
+        if (results && results.status === DialogTurnStatus.empty) {
+            await dialogContext.beginDialog(this.id);
+        }
+        else if (results &&
+            results.status === DialogTurnStatus.complete &&
+            results.result instanceof Error) {
+            throw results.result;
+        }
+    }
+    getActivityText(activity) {
+        let text = activity.text;
+        const removedMentionText = TurnContext.removeRecipientMention(activity);
+        if (removedMentionText) {
+            text = removedMentionText
+                .toLowerCase()
+                .replace(/\n|\r\n/g, "")
+                .trim();
+        }
+        return text;
+    }
+    async commandRouteStep(stepContext) {
+        const turnContext = stepContext.context;
+        const text = this.getActivityText(turnContext.activity);
+        const commandId = this.getMatchesCommandId(text);
+        if (commandId) {
+            return await stepContext.beginDialog(commandId);
+        }
+        const errorMsg = formatString(ErrorMessage.CannotFindCommand, turnContext.activity.text);
+        internalLogger.error(errorMsg);
+        throw new ErrorWithCode(errorMsg, ErrorCode.CannotFindCommand);
+    }
+    async ssoStep(stepContext) {
+        try {
+            const turnContext = stepContext.context;
+            const text = this.getActivityText(turnContext.activity);
+            const message = {
+                text,
+            };
+            stepContext.options.commandMessage = message;
+            return await stepContext.beginDialog(TEAMS_SSO_PROMPT_ID);
+        }
+        catch (error) {
+            const errorMsg = formatString(ErrorMessage.FailedToRunSsoStep, error.message);
+            internalLogger.error(errorMsg);
+            return await stepContext.endDialog(new ErrorWithCode(errorMsg, ErrorCode.FailedToRunSsoStep));
+        }
+    }
+    async dedupStep(stepContext) {
+        const tokenResponse = stepContext.result;
+        if (!tokenResponse) {
+            internalLogger.error(ErrorMessage.FailedToRetrieveSsoToken);
+            return await stepContext.endDialog(new ErrorWithCode(ErrorMessage.FailedToRetrieveSsoToken, ErrorCode.FailedToRunSsoStep));
+        }
+        try {
+            // Only dedup after ssoStep to make sure that all Teams client would receive the login request
+            if (tokenResponse && (await this.shouldDedup(stepContext.context))) {
+                return Dialog.EndOfTurn;
+            }
+            return await stepContext.next({
+                tokenResponse,
+                message: stepContext.options.commandMessage,
+            });
+        }
+        catch (error) {
+            const errorMsg = formatString(ErrorMessage.FailedToRunDedupStep, error.message);
+            internalLogger.error(errorMsg);
+            return await stepContext.endDialog(new ErrorWithCode(errorMsg, ErrorCode.FailedToRunDedupStep));
+        }
+    }
+    /**
+     * Called when the component is ending.
+     *
+     * @param context Context for the current turn of conversation.
+     */
+    async onEndDialog(context) {
+        const conversationId = context.activity.conversation.id;
+        const currentDedupKeys = this.dedupStorageKeys.filter((key) => key.indexOf(conversationId) > 0);
+        await this.dedupStorage.delete(currentDedupKeys);
+        this.dedupStorageKeys = this.dedupStorageKeys.filter((key) => key.indexOf(conversationId) < 0);
+    }
+    /**
+     * If a user is signed into multiple Teams clients, the Bot might receive a "signin/tokenExchange" from each client.
+     * Each token exchange request for a specific user login will have an identical activity.value.Id.
+     * Only one of these token exchange requests should be processed by the bot. For a distributed bot in production,
+     * this requires a distributed storage to ensure only one token exchange is processed.
+     * @param context Context for the current turn of conversation.
+     * @returns boolean value indicate whether the message should be removed
+     */
+    async shouldDedup(context) {
+        const storeItem = {
+            eTag: context.activity.value.id,
+        };
+        const key = this.getStorageKey(context);
+        const storeItems = { [key]: storeItem };
+        try {
+            await this.dedupStorage.write(storeItems);
+            this.dedupStorageKeys.push(key);
+        }
+        catch (err) {
+            if (err instanceof Error && err.message.indexOf("eTag conflict")) {
+                return true;
+            }
+            throw err;
+        }
+        return false;
+    }
+    getStorageKey(context) {
+        if (!context || !context.activity || !context.activity.conversation) {
+            throw new Error("Invalid context, can not get storage key!");
+        }
+        const activity = context.activity;
+        const channelId = activity.channelId;
+        const conversationId = activity.conversation.id;
+        if (activity.type !== ActivityTypes.Invoke || activity.name !== tokenExchangeOperationName) {
+            throw new Error("TokenExchangeState can only be used with Invokes of signin/tokenExchange.");
+        }
+        const value = activity.value;
+        if (!value || !value.id) {
+            throw new Error("Invalid signin/tokenExchange. Missing activity.value.id.");
+        }
+        return `${channelId}/${conversationId}/${value.id}`;
+    }
+    matchPattern(pattern, text) {
+        if (text) {
+            if (typeof pattern === "string") {
+                const regExp = new RegExp(pattern, "i");
+                return regExp.test(text);
+            }
+            if (pattern instanceof RegExp) {
+                const matches = text.match(pattern);
+                return matches !== null && matches !== void 0 ? matches : false;
+            }
+        }
+        return false;
+    }
+    isPatternMatched(patterns, text) {
+        const expressions = Array.isArray(patterns) ? patterns : [patterns];
+        for (const ex of expressions) {
+            const matches = this.matchPattern(ex, text);
+            return !!matches;
+        }
+        return false;
+    }
+    getMatchesCommandId(text) {
+        for (const command of this.commandMapping) {
+            const pattern = command[1];
+            if (this.isPatternMatched(pattern, text)) {
+                return command[0];
+            }
+        }
+        return undefined;
+    }
+    /**
+     * Ensure bot is running in MS Teams since TeamsBotSsoPrompt is only supported in MS Teams channel.
+     * @param dc dialog context
+     * @throws {@link ErrorCode|ChannelNotSupported} if bot channel is not MS Teams
+     * @internal
+     */
+    ensureMsTeamsChannel(dc) {
+        if (dc.context.activity.channelId != Channels.Msteams) {
+            const errorMsg = formatString(ErrorMessage.OnlyMSTeamsChannelSupported, "SSO execution dialog");
+            internalLogger.error(errorMsg);
+            throw new ErrorWithCode(errorMsg, ErrorCode.ChannelNotSupported);
+        }
+    }
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * Provides utility method to build bot message with cards that supported in Teams.
+ */
+class MessageBuilder {
+    /**
+     * Build a bot message activity attached with adaptive card.
+     *
+     * @param cardTemplate The adaptive card template.
+     * @param data card data used to render the template.
+     * @returns A bot message activity attached with an adaptive card.
+     *
+     * @example
+     * ```javascript
+     * const cardTemplate = {
+     *   type: "AdaptiveCard",
+     *   body: [
+     *     {
+     *       "type": "TextBlock",
+     *       "text": "${title}",
+     *       "size": "Large"
+     *     },
+     *     {
+     *       "type": "TextBlock",
+     *       "text": "${description}"
+     *     }],
+     *     $schema: "http://adaptivecards.io/schemas/adaptive-card.json",
+     *     version: "1.4"
+     *  };
+     *
+     * type CardData = {
+     *   title: string,
+     *   description: string
+     * };
+     * const card = MessageBuilder.attachAdaptiveCard<CardData>(
+     *   cardTemplate, {
+     *   title: "sample card title",
+     *   description: "sample card description"
+     * });
+     * ```
+     */
+    static attachAdaptiveCard(cardTemplate, data) {
+        const context = {
+            $root: data,
+        };
+        return {
+            attachments: [CardFactory.adaptiveCard(new ACData.Template(cardTemplate).expand(context))],
+        };
+    }
+    /**
+     * Build a bot message activity attached with an adaptive card.
+     *
+     * @param card The adaptive card content.
+     * @returns A bot message activity attached with an adaptive card.
+     */
+    static attachAdaptiveCardWithoutData(card) {
+        return {
+            attachments: [CardFactory.adaptiveCard(card)],
+        };
+    }
+    /**
+     * Build a bot message activity attached with an hero card.
+     *
+     * @param title The card title.
+     * @param images Optional. The array of images to include on the card.
+     * @param buttons Optional. The array of buttons to include on the card. Each `string` in the array
+     *      is converted to an `imBack` button with a title and value set to the value of the string.
+     * @param other Optional. Any additional properties to include on the card.
+     *
+     * @returns A bot message activity attached with a hero card.
+     *
+     * @example
+     * ```javascript
+     * const message = MessageBuilder.attachHeroCard(
+     *      'sample title',
+     *      ['https://example.com/sample.jpg'],
+     *      ['action']
+     * );
+     * ```
+     */
+    static attachHeroCard(title, images, buttons, other) {
+        return MessageBuilder.attachContent(CardFactory.heroCard(title, images, buttons, other));
+    }
+    /**
+     * Returns an attachment for a sign-in card.
+     *
+     * @param title The title for the card's sign-in button.
+     * @param url The URL of the sign-in page to use.
+     * @param text Optional. Additional text to include on the card.
+     *
+     * @returns A bot message activity attached with a sign-in card.
+     *
+     * @remarks
+     * For channels that don't natively support sign-in cards, an alternative message is rendered.
+     */
+    static attachSigninCard(title, url, text) {
+        return MessageBuilder.attachContent(CardFactory.signinCard(title, url, text));
+    }
+    /**
+     * Build a bot message activity attached with an Office 365 connector card.
+     *
+     * @param card A description of the Office 365 connector card.
+     * @returns A bot message activity attached with an Office 365 connector card.
+     */
+    static attachO365ConnectorCard(card) {
+        return MessageBuilder.attachContent(CardFactory.o365ConnectorCard(card));
+    }
+    /**
+     * Build a message activity attached with a receipt card.
+     * @param card A description of the receipt card.
+     * @returns A message activity attached with a receipt card.
+     */
+    static AttachReceiptCard(card) {
+        return MessageBuilder.attachContent(CardFactory.receiptCard(card));
+    }
+    /**
+     *
+     * @param title The card title.
+     * @param images Optional. The array of images to include on the card.
+     * @param buttons Optional. The array of buttons to include on the card. Each `string` in the array
+     *      is converted to an `imBack` button with a title and value set to the value of the string.
+     * @param other Optional. Any additional properties to include on the card.
+     * @returns A message activity attached with a thumbnail card
+     */
+    static attachThumbnailCard(title, images, buttons, other) {
+        return MessageBuilder.attachContent(CardFactory.thumbnailCard(title, images, buttons, other));
+    }
+    /**
+     * Add an attachement to a bot activity.
+     * @param attachement The attachment object to attach.
+     * @returns A message activity with an attachment.
+     */
+    static attachContent(attachement) {
+        return {
+            attachments: [attachement],
+        };
+    }
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * Available response type for an adaptive card invoke response.
+ * @internal
+ */
+var InvokeResponseType;
+(function (InvokeResponseType) {
+    InvokeResponseType["AdaptiveCard"] = "application/vnd.microsoft.card.adaptive";
+    InvokeResponseType["Message"] = "application/vnd.microsoft.activity.message";
+    InvokeResponseType["Error"] = "application/vnd.microsoft.error";
+})(InvokeResponseType || (InvokeResponseType = {}));
+/**
+ * Provides methods for formatting various invoke responses a bot can send to respond to an invoke request.
+ *
+ * @remarks
+ * All of these functions return an `InvokeResponse` object, which can be
+ * passed as input to generate a new `invokeResponse` activity.
+ *
+ * This example sends an invoke response that contains an adaptive card.
+ *
+ * ```typescript
+ *
+ * const myCard = {
+ *    type: "AdaptiveCard",
+ *    body: [
+ *     {
+ *       "type": "TextBlock",
+ *       "text": "This is a sample card"
+ *     }],
+ *     $schema: "http://adaptivecards.io/schemas/adaptive-card.json",
+ *     version: "1.4"
+ *  };
+ *
+ * const invokeResponse = InvokeResponseFactory.adaptiveCard(myCard);
+ * await context.sendActivity({
+ *    type: ActivityTypes.InvokeResponse,
+ *    value: invokeResponse,
+ *  });
+ * ```
+ */
+class InvokeResponseFactory {
+    /**
+     * Create an invoke response from a text message.
+     * The type of the invoke response is `application/vnd.microsoft.activity.message`
+     * indicates the request was successfully processed.
+     *
+     * @param message - A text message included in a invoke response.
+     *
+     * @returns An `InvokeResponse` object.
+     */
+    static textMessage(message) {
+        if (!message) {
+            throw new Error("The text message cannot be null or empty");
+        }
+        return {
+            status: StatusCodes.OK,
+            body: {
+                statusCode: StatusCodes.OK,
+                type: InvokeResponseType.Message,
+                value: message,
+            },
+        };
+    }
+    /**
+     * Create an invoke response from an adaptive card.
+     *
+     * The type of the invoke response is `application/vnd.microsoft.card.adaptive` indicates
+     * the request was successfully processed, and the response includes an adaptive card
+     * that the client should display in place of the current one.
+     *
+     * @param card - The adaptive card JSON payload.
+     *
+     * @returns An `InvokeResponse` object.
+     */
+    static adaptiveCard(card) {
+        if (!card) {
+            throw new Error("The adaptive card content cannot be null or undefined");
+        }
+        return {
+            status: StatusCodes.OK,
+            body: {
+                statusCode: StatusCodes.OK,
+                type: InvokeResponseType.AdaptiveCard,
+                value: card,
+            },
+        };
+    }
+    /**
+     * Create an invoke response with error code and message.
+     *
+     * The type of the invoke response is `application/vnd.microsoft.error` indicates
+     * the request was failed to processed.
+     *
+     * @param errorCode - The status code indicates error, available values:
+     *  - 400 (BadRequest): indicate the incoming request was invalid.
+     *  - 500 (InternalServerError): indicate an unexpected error occurred.
+     * @param errorMessage - The error message.
+     *
+     * @returns An `InvokeResponse` object.
+     */
+    static errorResponse(errorCode, errorMessage) {
+        return {
+            status: StatusCodes.OK,
+            body: {
+                statusCode: errorCode,
+                type: InvokeResponseType.Error,
+                value: {
+                    code: errorCode.toString(),
+                    message: errorMessage,
+                },
+            },
+        };
+    }
+    /**
+     * Create an invoke response with status code and response value.
+     * @param statusCode - The status code.
+     * @param body - The value of the response body.
+     *
+     * @returns An `InvokeResponse` object.
+     */
+    static createInvokeResponse(statusCode, body) {
+        return {
+            status: statusCode,
+            body: body,
+        };
+    }
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * Retrieve the OAuth Sign in Link to use in the MessagingExtensionResult Suggested Actions.
+ * This method only work on MessageExtension with Query now.
+ *
+ * @param {OnBehalfOfCredentialAuthConfig} authConfig - User custom the message extension authentication configuration.
+ * @param {initiateLoginEndpoint} initiateLoginEndpoint - Login page for Teams to redirect to.
+ * @param {string | string[]} scopes - The list of scopes for which the token will have access.
+ *
+ * @returns SignIn link SilentAuth CardAction with 200 status code.
+ */
+function getSignInResponseForMessageExtensionWithSilentAuthConfig(authConfig, initiateLoginEndpoint, scopes) {
+    const scopesArray = getScopesArray(scopes);
+    const signInLink = `${initiateLoginEndpoint}?scope=${encodeURI(scopesArray.join(" "))}&clientId=${authConfig.clientId}&tenantId=${authConfig.tenantId}`;
+    return {
+        composeExtension: {
+            type: "silentAuth",
+            suggestedActions: {
+                actions: [
+                    {
+                        type: "openUrl",
+                        value: signInLink,
+                        title: "Message Extension OAuth",
+                    },
+                ],
+            },
+        },
+    };
+}
+/**
+ *  Retrieve the OAuth Sign in Link to use in the MessagingExtensionResult Suggested Actions.
+ * This method just a workaround for link unfurling now.
+ *
+ * @param {OnBehalfOfCredentialAuthConfig} authConfig - User custom the message extension authentication configuration.
+ * @param {initiateLoginEndpoint} initiateLoginEndpoint - Login page for Teams to redirect to.
+ * @param {string | string[]} scopes - The list of scopes for which the token will have access.
+ *
+ * @returns SignIn link Auth CardAction with 200 status code.
+ */
+function getSignInResponseForMessageExtensionWithAuthConfig(authConfig, initiateLoginEndpoint, scopes) {
+    const scopesArray = getScopesArray(scopes);
+    const signInLink = `${initiateLoginEndpoint}?scope=${encodeURI(scopesArray.join(" "))}&clientId=${authConfig.clientId}&tenantId=${authConfig.tenantId}`;
+    return {
+        composeExtension: {
+            type: "auth",
+            suggestedActions: {
+                actions: [
+                    {
+                        type: "openUrl",
+                        value: signInLink,
+                        title: "Message Extension OAuth",
+                    },
+                ],
+            },
+        },
+    };
+}
+/**
+ * execution in message extension with SSO token.
+ *
+ * @param {TurnContext} context - The context object for the current turn.
+ * @param {OnBehalfOfCredentialAuthConfig} authConfig - User custom the message extension authentication configuration.
+ * @param {initiateLoginEndpoint} initiateLoginEndpoint - Login page for Teams to redirect to.
+ * @param {string[]} scopes - The list of scopes for which the token will have access.
+ * @param {function} logic - Business logic when executing the query in message extension with SSO or access token.
+ *
+ * @throws {@link ErrorCode|InternalError} when failed to get access token with unknown error.
+ * @throws {@link ErrorCode|TokenExpiredError} when SSO token has already expired.
+ * @throws {@link ErrorCode|ServiceError} when failed to get access token from simple auth server.
+ * @throws {@link ErrorCode|InvalidParameter} when scopes is not a valid string or string array.
+ * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is nodeJS.
+ *
+ * @returns A MessageExtension Response for the activity. If the logic not return any, return void instead.
+ */
+async function executionWithTokenAndConfig(context, authConfig, initiateLoginEndpoint, scopes, logic) {
+    const valueObj = context.activity.value;
+    if (!valueObj.authentication || !valueObj.authentication.token) {
+        internalLogger.verbose("No AccessToken in request, return silentAuth for AccessToken");
+        return getSignInResponseForMessageExtensionWithSilentAuthConfig(authConfig, initiateLoginEndpoint, scopes);
+    }
+    try {
+        const credential = new OnBehalfOfUserCredential(valueObj.authentication.token, authConfig);
+        const token = await credential.getToken(scopes);
+        const ssoTokenExpiration = parseJwt(valueObj.authentication.token).exp;
+        const tokenRes = {
+            ssoToken: valueObj.authentication.token,
+            ssoTokenExpiration: new Date(ssoTokenExpiration * 1000).toISOString(),
+            token: token.token,
+            expiration: token.expiresOnTimestamp.toString(),
+            connectionName: "",
+        };
+        if (logic) {
+            return await logic(tokenRes);
+        }
+    }
+    catch (err) {
+        if (err instanceof ErrorWithCode &&
+            err.code === ErrorCode.UiRequiredError &&
+            context.activity.name === "composeExtension/query") {
+            internalLogger.verbose("User not consent yet, return 412 to user consent first.");
+            const response = { status: 412 };
+            await context.sendActivity({ value: response, type: ActivityTypes.InvokeResponse });
+            return;
+        }
+        else if (err instanceof ErrorWithCode &&
+            err.code === ErrorCode.UiRequiredError &&
+            context.activity.name === "composeExtension/queryLink") {
+            internalLogger.verbose("User not consent yet, return auth card for user login");
+            const response = getSignInResponseForMessageExtensionWithAuthConfig(authConfig, initiateLoginEndpoint, scopes);
+            await context.sendActivity({
+                value: { status: 200, body: response },
+                type: ActivityTypes.InvokeResponse,
+            });
+            return;
+        }
+        throw err;
+    }
+}
+/**
+ * Users execute query in message extension with SSO or access token.
+ *
+ * @param {TurnContext} context - The context object for the current turn.
+ * @param {OnBehalfOfCredentialAuthConfig} config - User custom the message extension authentication configuration.
+ * @param {initiateLoginEndpoint} initiateLoginEndpoint - Login page for Teams to redirect to.
+ * @param {string| string[]} scopes - The list of scopes for which the token will have access.
+ * @param {function} logic - Business logic when executing the query in message extension with SSO or access token.
+ *
+ * @throws {@link ErrorCode|InternalError} when User invoke not response to message extension query.
+ * @throws {@link ErrorCode|InternalError} when failed to get access token with unknown error.
+ * @throws {@link ErrorCode|TokenExpiredError} when SSO token has already expired.
+ * @throws {@link ErrorCode|ServiceError} when failed to get access token from simple auth server.
+ * @throws {@link ErrorCode|InvalidParameter} when scopes is not a valid string or string array.
+ * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is nodeJS.
+ *
+ * @returns A MessageExtension Response for the activity. If the logic not return any, return void instead.
+ */
+async function handleMessageExtensionQueryWithSSO(context, config, initiateLoginEndpoint, scopes, logic) {
+    if (context.activity.name != "composeExtension/query") {
+        internalLogger.error(ErrorMessage.OnlySupportInQueryActivity);
+        throw new ErrorWithCode(formatString(ErrorMessage.OnlySupportInQueryActivity), ErrorCode.FailedOperation);
+    }
+    return await executionWithTokenAndConfig(context, config !== null && config !== void 0 ? config : {}, initiateLoginEndpoint, scopes, logic);
+}
+/**
+ * Users execute link query in message extension with SSO or access token.
+ *
+ * @param {TurnContext} context - The context object for the current turn.
+ * @param {OnBehalfOfCredentialAuthConfig} config - User custom the message extension authentication configuration.
+ * @param {initiateLoginEndpoint} initiateLoginEndpoint - Login page for Teams to redirect to.
+ * @param {string| string[]} scopes - The list of scopes for which the token will have access.
+ * @param {function} logic - Business logic when executing the link query in message extension with SSO or access token.
+ *
+ * @throws {@link ErrorCode|InternalError} when User invoke not response to message extension link query.
+ * @throws {@link ErrorCode|InternalError} when failed to get access token with unknown error.
+ * @throws {@link ErrorCode|TokenExpiredError} when SSO token has already expired.
+ * @throws {@link ErrorCode|ServiceError} when failed to get access token from simple auth server.
+ * @throws {@link ErrorCode|InvalidParameter} when scopes is not a valid string or string array.
+ * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is nodeJS.
+ *
+ * @returns A MessageExtension Response for the activity. If the logic not return any, return void instead.
+ */
+async function handleMessageExtensionLinkQueryWithSSO(context, config, initiateLoginEndpoint, scopes, logic) {
+    if (context.activity.name != "composeExtension/queryLink") {
+        internalLogger.error(ErrorMessage.OnlySupportInLinkQueryActivity);
+        throw new ErrorWithCode(formatString(ErrorMessage.OnlySupportInLinkQueryActivity), ErrorCode.FailedOperation);
+    }
+    return await executionWithTokenAndConfig(context, config !== null && config !== void 0 ? config : {}, initiateLoginEndpoint, scopes, logic);
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * @internal
+ */
+class CardActionMiddleware {
+    constructor(handlers) {
+        this.actionHandlers = [];
+        this.defaultMessage = "Your response was sent to the app";
+        if (handlers && handlers.length > 0) {
+            this.actionHandlers.push(...handlers);
+        }
+    }
+    async onTurn(context, next) {
+        var _a, _b, _c;
+        if (context.activity.name === "adaptiveCard/action") {
+            const action = context.activity.value.action;
+            const actionVerb = action.verb;
+            for (const handler of this.actionHandlers) {
+                if (((_a = handler.triggerVerb) === null || _a === void 0 ? void 0 : _a.toLowerCase()) === (actionVerb === null || actionVerb === void 0 ? void 0 : actionVerb.toLowerCase())) {
+                    let response;
+                    try {
+                        response = await handler.handleActionInvoked(context, action.data);
+                    }
+                    catch (error) {
+                        const errorResponse = InvokeResponseFactory.errorResponse(InvokeResponseErrorCode.InternalServerError, error.message);
+                        await this.sendInvokeResponse(context, errorResponse);
+                        throw error;
+                    }
+                    const responseType = (_b = response.body) === null || _b === void 0 ? void 0 : _b.type;
+                    switch (responseType) {
+                        case InvokeResponseType.AdaptiveCard:
+                            const card = (_c = response.body) === null || _c === void 0 ? void 0 : _c.value;
+                            if (!card) {
+                                const errorMessage = "Adaptive card content cannot be found in the response body";
+                                await this.sendInvokeResponse(context, InvokeResponseFactory.errorResponse(InvokeResponseErrorCode.InternalServerError, errorMessage));
+                                throw new Error(errorMessage);
+                            }
+                            if (card.refresh && handler.adaptiveCardResponse !== AdaptiveCardResponse.NewForAll) {
+                                // Card won't be refreshed with AdaptiveCardResponse.ReplaceForInteractor.
+                                // So set to AdaptiveCardResponse.ReplaceForAll here.
+                                handler.adaptiveCardResponse = AdaptiveCardResponse.ReplaceForAll;
+                            }
+                            const activity = MessageFactory.attachment(CardFactory.adaptiveCard(card));
+                            if (handler.adaptiveCardResponse === AdaptiveCardResponse.NewForAll) {
+                                await this.sendInvokeResponse(context, InvokeResponseFactory.textMessage(this.defaultMessage));
+                                await context.sendActivity(activity);
+                            }
+                            else if (handler.adaptiveCardResponse === AdaptiveCardResponse.ReplaceForAll) {
+                                activity.id = context.activity.replyToId;
+                                await context.updateActivity(activity);
+                                await this.sendInvokeResponse(context, response);
+                            }
+                            else {
+                                await this.sendInvokeResponse(context, response);
+                            }
+                            break;
+                        case InvokeResponseType.Message:
+                        case InvokeResponseType.Error:
+                        default:
+                            await this.sendInvokeResponse(context, response);
+                            break;
+                    }
+                    break;
+                }
+            }
+        }
+        await next();
+    }
+    async sendInvokeResponse(context, response) {
+        await context.sendActivity({
+            type: ActivityTypes.InvokeResponse,
+            value: response,
+        });
+    }
+}
+
+/**
+ * A card action bot to respond to adaptive card universal actions.
+ */
+class CardActionBot {
+    /**
+     * Create a new instance of the `CardActionBot`.
+     *
+     * @param adapter - The bound `CloudAdapter`.
+     * @param options - The initialize options.
+     */
+    constructor(adapter, options) {
+        this.middleware = new CardActionMiddleware(options === null || options === void 0 ? void 0 : options.actions);
+        this.adapter = adapter.use(this.middleware);
+    }
+    /**
+     * Register a card action handler to the bot.
+     *
+     * @param actionHandler - A card action handler to be registered.
+     */
+    registerHandler(actionHandler) {
+        if (actionHandler) {
+            this.middleware.actionHandlers.push(actionHandler);
+        }
+    }
+    /**
+     * Register card action handlers to the bot.
+     *
+     * @param actionHandlers - A set of card action handlers to be registered.
+     */
+    registerHandlers(actionHandlers) {
+        if (actionHandlers) {
+            this.middleware.actionHandlers.push(...actionHandlers);
+        }
+    }
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * @internal
+ */
+class CommandResponseMiddleware {
+    constructor(handlers, ssoHandlers, activityHandler) {
+        this.commandHandlers = [];
+        this.ssoCommandHandlers = [];
+        handlers = handlers !== null && handlers !== void 0 ? handlers : [];
+        ssoHandlers = ssoHandlers !== null && ssoHandlers !== void 0 ? ssoHandlers : [];
+        this.hasSsoCommand = ssoHandlers.length > 0;
+        this.ssoActivityHandler = activityHandler;
+        if (this.hasSsoCommand && !this.ssoActivityHandler) {
+            internalLogger.error(ErrorMessage.SsoActivityHandlerIsNull);
+            throw new ErrorWithCode(ErrorMessage.SsoActivityHandlerIsNull, ErrorCode.SsoActivityHandlerIsUndefined);
+        }
+        this.commandHandlers.push(...handlers);
+        for (const ssoHandler of ssoHandlers) {
+            this.addSsoCommand(ssoHandler);
+        }
+    }
+    addSsoCommand(ssoHandler) {
+        var _a;
+        (_a = this.ssoActivityHandler) === null || _a === void 0 ? void 0 : _a.addCommand(async (context, tokenResponse, message) => {
+            const matchResult = this.shouldTrigger(ssoHandler.triggerPatterns, message.text);
+            message.matches = Array.isArray(matchResult) ? matchResult : void 0;
+            const response = await ssoHandler.handleCommandReceived(context, message, tokenResponse);
+            await this.processResponse(context, response);
+        }, ssoHandler.triggerPatterns);
+        this.ssoCommandHandlers.push(ssoHandler);
+        this.hasSsoCommand = true;
+    }
+    async onTurn(context, next) {
+        var _a, _b;
+        if (context.activity.type === ActivityTypes.Message) {
+            // Invoke corresponding command handler for the command response
+            const commandText = this.getActivityText(context.activity);
+            let alreadyProcessed = false;
+            for (const handler of this.commandHandlers) {
+                const matchResult = this.shouldTrigger(handler.triggerPatterns, commandText);
+                // It is important to note that the command bot will stop processing handlers
+                // when the first command handler is matched.
+                if (!!matchResult) {
+                    const message = {
+                        text: commandText,
+                    };
+                    message.matches = Array.isArray(matchResult) ? matchResult : void 0;
+                    const response = await handler.handleCommandReceived(context, message);
+                    await this.processResponse(context, response);
+                    alreadyProcessed = true;
+                    break;
+                }
+            }
+            if (!alreadyProcessed) {
+                for (const handler of this.ssoCommandHandlers) {
+                    const matchResult = this.shouldTrigger(handler.triggerPatterns, commandText);
+                    if (!!matchResult) {
+                        await ((_a = this.ssoActivityHandler) === null || _a === void 0 ? void 0 : _a.run(context));
+                        break;
+                    }
+                }
+            }
+        }
+        else {
+            if (this.hasSsoCommand) {
+                await ((_b = this.ssoActivityHandler) === null || _b === void 0 ? void 0 : _b.run(context));
+            }
+        }
+        await next();
+    }
+    async processResponse(context, response) {
+        if (typeof response === "string") {
+            await context.sendActivity(response);
+        }
+        else {
+            const replyActivity = response;
+            if (replyActivity) {
+                await context.sendActivity(replyActivity);
+            }
+        }
+    }
+    matchPattern(pattern, text) {
+        if (text) {
+            if (typeof pattern === "string") {
+                const regExp = new RegExp(pattern, "i");
+                return regExp.test(text);
+            }
+            if (pattern instanceof RegExp) {
+                const matches = text.match(pattern);
+                return matches !== null && matches !== void 0 ? matches : false;
+            }
+        }
+        return false;
+    }
+    shouldTrigger(patterns, text) {
+        const expressions = Array.isArray(patterns) ? patterns : [patterns];
+        for (const ex of expressions) {
+            const arg = this.matchPattern(ex, text);
+            if (arg)
+                return arg;
+        }
+        return false;
+    }
+    getActivityText(activity) {
+        let text = activity.text;
+        const removedMentionText = TurnContext.removeRecipientMention(activity);
+        if (removedMentionText) {
+            text = removedMentionText
+                .toLowerCase()
+                .replace(/\n|\r\n/g, "")
+                .trim();
+        }
+        return text;
+    }
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * A command bot for receiving commands and sending responses in Teams.
+ *
+ * @remarks
+ * Ensure each command should ONLY be registered with the command once, otherwise it'll cause unexpected behavior if you register the same command more than once.
+ */
+class CommandBot {
+    // eslint-disable-next-line no-secrets/no-secrets
+    /**
+     * Create a new instance of the `CommandBot`.
+     *
+     * @param adapter - The bound `CloudAdapter`.
+     * @param options - The initialize options
+     * @param ssoCommandActivityHandler - SSO execution activity handler.
+     * @param ssoConfig - SSO configuration for Bot SSO.
+     */
+    constructor(adapter, options, ssoCommandActivityHandler, ssoConfig) {
+        this.ssoConfig = ssoConfig;
+        this.middleware = new CommandResponseMiddleware(options === null || options === void 0 ? void 0 : options.commands, options === null || options === void 0 ? void 0 : options.ssoCommands, ssoCommandActivityHandler);
+        this.adapter = adapter.use(this.middleware);
+    }
+    /**
+     * Register a command into the command bot.
+     *
+     * @param command - The command to be registered.
+     */
+    registerCommand(command) {
+        if (command) {
+            this.middleware.commandHandlers.push(command);
+        }
+    }
+    /**
+     * Register commands into the command bot.
+     *
+     * @param commands - The commands to be registered.
+     */
+    registerCommands(commands) {
+        if (commands) {
+            this.middleware.commandHandlers.push(...commands);
+        }
+    }
+    /**
+     * Register a sso command into the command bot.
+     *
+     * @param ssoCommand - The sso command to be registered.
+     */
+    registerSsoCommand(ssoCommand) {
+        this.validateSsoActivityHandler();
+        this.middleware.addSsoCommand(ssoCommand);
+    }
+    /**
+     * Register sso commands into the command bot.
+     *
+     * @param ssoCommands - The sso commands to be registered.
+     */
+    registerSsoCommands(ssoCommands) {
+        if (ssoCommands.length > 0) {
+            this.validateSsoActivityHandler();
+            for (const ssoCommand of ssoCommands) {
+                this.middleware.addSsoCommand(ssoCommand);
+            }
+        }
+    }
+    validateSsoActivityHandler() {
+        if (!this.middleware.ssoActivityHandler) {
+            internalLogger.error(ErrorMessage.SsoActivityHandlerIsNull);
+            throw new ErrorWithCode(ErrorMessage.SsoActivityHandlerIsNull, ErrorCode.SsoActivityHandlerIsUndefined);
+        }
+    }
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * @internal
+ */
+function cloneConversation(conversation) {
+    return JSON.parse(JSON.stringify(conversation));
+}
+/**
+ * @internal
+ */
+function getKey(reference) {
+    var _a, _b;
+    // eslint-disable-next-line @typescript-eslint/restrict-template-expressions
+    return `_${(_a = reference.conversation) === null || _a === void 0 ? void 0 : _a.tenantId}_${(_b = reference.conversation) === null || _b === void 0 ? void 0 : _b.id}`;
+}
+/**
+ * @internal
+ */
+function getTargetType(conversationReference) {
+    var _a;
+    const conversationType = (_a = conversationReference.conversation) === null || _a === void 0 ? void 0 : _a.conversationType;
+    if (conversationType === "personal") {
+        return NotificationTargetType.Person;
+    }
+    else if (conversationType === "groupChat") {
+        return NotificationTargetType.Group;
+    }
+    else if (conversationType === "channel") {
+        return NotificationTargetType.Channel;
+    }
+    else {
+        return undefined;
+    }
+}
+/**
+ * @internal
+ */
+function getTeamsBotInstallationId(context) {
+    var _a, _b, _c;
+    const teamId = (_c = (_b = (_a = context.activity) === null || _a === void 0 ? void 0 : _a.channelData) === null || _b === void 0 ? void 0 : _b.team) === null || _c === void 0 ? void 0 : _c.id;
+    if (teamId) {
+        return teamId;
+    }
+    // Fallback to use conversation id.
+    // The conversation id is equal to team id only when the bot app is installed into the General channel.
+    if (context.activity.conversation.name === undefined) {
+        return context.activity.conversation.id;
+    }
+    return undefined;
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * @internal
+ */
+var ActivityType;
+(function (ActivityType) {
+    ActivityType[ActivityType["CurrentBotInstalled"] = 0] = "CurrentBotInstalled";
+    ActivityType[ActivityType["CurrentBotMessaged"] = 1] = "CurrentBotMessaged";
+    ActivityType[ActivityType["CurrentBotUninstalled"] = 2] = "CurrentBotUninstalled";
+    ActivityType[ActivityType["TeamDeleted"] = 3] = "TeamDeleted";
+    ActivityType[ActivityType["TeamRestored"] = 4] = "TeamRestored";
+    ActivityType[ActivityType["Unknown"] = 5] = "Unknown";
+})(ActivityType || (ActivityType = {}));
+/**
+ * @internal
+ */
+class NotificationMiddleware {
+    constructor(options) {
+        this.conversationReferenceStore = options.conversationReferenceStore;
+    }
+    async onTurn(context, next) {
+        const type = this.classifyActivity(context.activity);
+        switch (type) {
+            case ActivityType.CurrentBotInstalled:
+            case ActivityType.TeamRestored: {
+                const reference = TurnContext.getConversationReference(context.activity);
+                await this.conversationReferenceStore.add(getKey(reference), reference, {
+                    overwrite: true,
+                });
+                break;
+            }
+            case ActivityType.CurrentBotMessaged: {
+                await this.tryAddMessagedReference(context);
+                break;
+            }
+            case ActivityType.CurrentBotUninstalled:
+            case ActivityType.TeamDeleted: {
+                const reference = TurnContext.getConversationReference(context.activity);
+                await this.conversationReferenceStore.remove(getKey(reference), reference);
+                break;
+            }
+        }
+        await next();
+    }
+    classifyActivity(activity) {
+        var _a, _b;
+        const activityType = activity.type;
+        if (activityType === "installationUpdate") {
+            const action = (_a = activity.action) === null || _a === void 0 ? void 0 : _a.toLowerCase();
+            if (action === "add" || action === "add-upgrade") {
+                return ActivityType.CurrentBotInstalled;
+            }
+            else {
+                return ActivityType.CurrentBotUninstalled;
+            }
+        }
+        else if (activityType === "conversationUpdate") {
+            const eventType = (_b = activity.channelData) === null || _b === void 0 ? void 0 : _b.eventType;
+            if (eventType === "teamDeleted") {
+                return ActivityType.TeamDeleted;
+            }
+            else if (eventType === "teamRestored") {
+                return ActivityType.TeamRestored;
+            }
+        }
+        else if (activityType === "message") {
+            return ActivityType.CurrentBotMessaged;
+        }
+        return ActivityType.Unknown;
+    }
+    async tryAddMessagedReference(context) {
+        var _a, _b, _c, _d, _e, _f;
+        const reference = TurnContext.getConversationReference(context.activity);
+        const conversationType = (_a = reference === null || reference === void 0 ? void 0 : reference.conversation) === null || _a === void 0 ? void 0 : _a.conversationType;
+        if (conversationType === "personal" || conversationType === "groupChat") {
+            await this.conversationReferenceStore.add(getKey(reference), reference, { overwrite: false });
+        }
+        else if (conversationType === "channel") {
+            const teamId = (_d = (_c = (_b = context.activity) === null || _b === void 0 ? void 0 : _b.channelData) === null || _c === void 0 ? void 0 : _c.team) === null || _d === void 0 ? void 0 : _d.id;
+            const channelId = (_f = (_e = context.activity.channelData) === null || _e === void 0 ? void 0 : _e.channel) === null || _f === void 0 ? void 0 : _f.id;
+            // `teamId === channelId` means General channel. Ignore messaging in non-General channel.
+            if (teamId !== undefined && (channelId === undefined || teamId === channelId)) {
+                const teamReference = cloneConversation(reference);
+                teamReference.conversation.id = teamId;
+                await this.conversationReferenceStore.add(getKey(teamReference), teamReference, {
+                    overwrite: false,
+                });
+            }
+        }
+    }
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * @internal
+ */
+class DefaultConversationReferenceStore {
+    constructor(fileDir) {
+        var _a;
+        this.localFileName = (_a = process.env.TEAMSFX_NOTIFICATION_STORE_FILENAME) !== null && _a !== void 0 ? _a : ".notification.localstore.json";
+        this.filePath = path.resolve(fileDir, this.localFileName);
+    }
+    async add(key, reference, options) {
+        if (options.overwrite || !(await this.storeFileExists())) {
+            if (!(await this.storeFileExists())) {
+                await this.writeToFile({ [key]: reference });
+            }
+            else {
+                const data = await this.readFromFile();
+                await this.writeToFile(Object.assign(data, { [key]: reference }));
+            }
+            return true;
+        }
+        return false;
+    }
+    async remove(key, reference) {
+        if (!(await this.storeFileExists())) {
+            return false;
+        }
+        if (await this.storeFileExists()) {
+            const data = await this.readFromFile();
+            if (data[key] !== undefined) {
+                delete data[key];
+                await this.writeToFile(data);
+            }
+        }
+        return true;
+    }
+    async list(pageSize, continuationToken) {
+        if (!(await this.storeFileExists())) {
+            return {
+                data: [],
+                continuationToken: "",
+            };
+        }
+        const fileData = await this.readFromFile();
+        const data = Object.entries(fileData).map((entry) => entry[1]);
+        return {
+            data,
+            continuationToken: "",
+        };
+    }
+    storeFileExists() {
+        return new Promise((resolve) => {
+            try {
+                fs.access(this.filePath, (err) => {
+                    if (err) {
+                        resolve(false);
+                    }
+                    else {
+                        resolve(true);
+                    }
+                });
+            }
+            catch (error) {
+                resolve(false);
+            }
+        });
+    }
+    readFromFile() {
+        return new Promise((resolve, reject) => {
+            try {
+                fs.readFile(this.filePath, { encoding: "utf-8" }, (err, rawData) => {
+                    if (err) {
+                        reject(err);
+                    }
+                    else {
+                        resolve(JSON.parse(rawData));
+                    }
+                });
+            }
+            catch (error) {
+                reject(error);
+            }
+        });
+    }
+    async writeToFile(data) {
+        return new Promise((resolve, reject) => {
+            try {
+                const rawData = JSON.stringify(data, undefined, 2);
+                fs.writeFile(this.filePath, rawData, { encoding: "utf-8" }, (err) => {
+                    if (err) {
+                        reject(err);
+                    }
+                    else {
+                        resolve();
+                    }
+                });
+            }
+            catch (error) {
+                reject(error);
+            }
+        });
+    }
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * Send a plain text message to a notification target.
+ *
+ * @param target - The notification target.
+ * @param text - The plain text message.
+ * @param onError - An optional error handler that can catch exceptions during message sending.
+ * If not defined, error will be handled by `BotAdapter.onTurnError`.
+ *
+ * @returns The response of sending message.
+ */
+function sendMessage(target, text, onError) {
+    return target.sendMessage(text, onError);
+}
+/**
+ * Send an adaptive card message to a notification target.
+ *
+ * @param target - The notification target.
+ * @param card - The adaptive card raw JSON.
+ * @param onError - An optional error handler that can catch exceptions during adaptive card sending.
+ * If not defined, error will be handled by `BotAdapter.onTurnError`.
+ *
+ * @returns The response of sending adaptive card message.
+ */
+function sendAdaptiveCard(target, card, onError) {
+    return target.sendAdaptiveCard(card, onError);
+}
+/**
+ * A {@link NotificationTarget} that represents a team channel.
+ *
+ * @remarks
+ * It's recommended to get channels from {@link TeamsBotInstallation.channels()}.
+ */
+class Channel {
+    /**
+     * Constructor.
+     *
+     * @remarks
+     * It's recommended to get channels from {@link TeamsBotInstallation.channels()}, instead of using this constructor.
+     *
+     * @param parent - The parent {@link TeamsBotInstallation} where this channel is created from.
+     * @param info - Detailed channel information.
+     */
+    constructor(parent, info) {
+        /**
+         * Notification target type. For channel it's always "Channel".
+         */
+        this.type = NotificationTargetType.Channel;
+        this.parent = parent;
+        this.info = info;
+    }
+    /**
+     * Send a plain text message.
+     *
+     * @param text - The plain text message.
+     * @param onError - An optional error handler that can catch exceptions during message sending.
+     * If not defined, error will be handled by `BotAdapter.onTurnError`.
+     *
+     * @returns The response of sending message.
+     */
+    async sendMessage(text, onError) {
+        const response = {};
+        await this.parent.adapter.continueConversationAsync(this.parent.botAppId, this.parent.conversationReference, async (context) => {
+            const conversation = await this.newConversation(context);
+            await this.parent.adapter.continueConversationAsync(this.parent.botAppId, conversation, async (ctx) => {
+                try {
+                    const res = await ctx.sendActivity(text);
+                    response.id = res === null || res === void 0 ? void 0 : res.id;
+                }
+                catch (error) {
+                    if (onError) {
+                        await onError(ctx, error);
+                    }
+                    else {
+                        throw error;
+                    }
+                }
+            });
+        });
+        return response;
+    }
+    /**
+     * Send an adaptive card message.
+     *
+     * @param card - The adaptive card raw JSON.
+     * @param onError - An optional error handler that can catch exceptions during adaptive card sending.
+     * If not defined, error will be handled by `BotAdapter.onTurnError`.
+     *
+     * @returns The response of sending adaptive card message.
+     */
+    async sendAdaptiveCard(card, onError) {
+        const response = {};
+        await this.parent.adapter.continueConversationAsync(this.parent.botAppId, this.parent.conversationReference, async (context) => {
+            const conversation = await this.newConversation(context);
+            await this.parent.adapter.continueConversationAsync(this.parent.botAppId, conversation, async (ctx) => {
+                try {
+                    const res = await ctx.sendActivity({
+                        attachments: [CardFactory.adaptiveCard(card)],
+                    });
+                    response.id = res === null || res === void 0 ? void 0 : res.id;
+                }
+                catch (error) {
+                    if (onError) {
+                        await onError(ctx, error);
+                    }
+                    else {
+                        throw error;
+                    }
+                }
+            });
+        });
+        return response;
+    }
+    /**
+     * @internal
+     */
+    newConversation(context) {
+        const reference = TurnContext.getConversationReference(context.activity);
+        const channelConversation = cloneConversation(reference);
+        channelConversation.conversation.id = this.info.id || "";
+        return Promise.resolve(channelConversation);
+    }
+}
+/**
+ * A {@link NotificationTarget} that represents a team member.
+ *
+ * @remarks
+ * It's recommended to get members from {@link TeamsBotInstallation.members()}.
+ */
+class Member {
+    /**
+     * Constructor.
+     *
+     * @remarks
+     * It's recommended to get members from {@link TeamsBotInstallation.members()}, instead of using this constructor.
+     *
+     * @param parent - The parent {@link TeamsBotInstallation} where this member is created from.
+     * @param account - Detailed member account information.
+     */
+    constructor(parent, account) {
+        /**
+         * Notification target type. For member it's always "Person".
+         */
+        this.type = NotificationTargetType.Person;
+        this.parent = parent;
+        this.account = account;
+    }
+    /**
+     * Send a plain text message.
+     *
+     * @param text - The plain text message.
+     * @param onError - An optional error handler that can catch exceptions during message sending.
+     * If not defined, error will be handled by `BotAdapter.onTurnError`.
+     *
+     * @returns The response of sending message.
+     */
+    async sendMessage(text, onError) {
+        const response = {};
+        await this.parent.adapter.continueConversationAsync(this.parent.botAppId, this.parent.conversationReference, async (context) => {
+            const conversation = await this.newConversation(context);
+            await this.parent.adapter.continueConversationAsync(this.parent.botAppId, conversation, async (ctx) => {
+                try {
+                    const res = await ctx.sendActivity(text);
+                    response.id = res === null || res === void 0 ? void 0 : res.id;
+                }
+                catch (error) {
+                    if (onError) {
+                        await onError(ctx, error);
+                    }
+                    else {
+                        throw error;
+                    }
+                }
+            });
+        });
+        return response;
+    }
+    /**
+     * Send an adaptive card message.
+     *
+     * @param card - The adaptive card raw JSON.
+     * @param onError - An optional error handler that can catch exceptions during adaptive card sending.
+     * If not defined, error will be handled by `BotAdapter.onTurnError`.
+     *
+     * @returns The response of sending adaptive card message.
+     */
+    async sendAdaptiveCard(card, onError) {
+        const response = {};
+        await this.parent.adapter.continueConversationAsync(this.parent.botAppId, this.parent.conversationReference, async (context) => {
+            const conversation = await this.newConversation(context);
+            await this.parent.adapter.continueConversationAsync(this.parent.botAppId, conversation, async (ctx) => {
+                try {
+                    const res = await ctx.sendActivity({
+                        attachments: [CardFactory.adaptiveCard(card)],
+                    });
+                    response.id = res === null || res === void 0 ? void 0 : res.id;
+                }
+                catch (error) {
+                    if (onError) {
+                        await onError(ctx, error);
+                    }
+                    else {
+                        throw error;
+                    }
+                }
+            });
+        });
+        return response;
+    }
+    /**
+     * @internal
+     */
+    async newConversation(context) {
+        const reference = TurnContext.getConversationReference(context.activity);
+        const personalConversation = cloneConversation(reference);
+        const connectorClient = context.turnState.get(this.parent.adapter.ConnectorClientKey);
+        const conversation = await connectorClient.conversations.createConversation({
+            isGroup: false,
+            tenantId: context.activity.conversation.tenantId,
+            bot: context.activity.recipient,
+            members: [this.account],
+            channelData: {},
+        });
+        personalConversation.conversation.id = conversation.id;
+        return personalConversation;
+    }
+}
+/**
+ * A {@link NotificationTarget} that represents a bot installation. Teams Bot could be installed into
+ * - Personal chat
+ * - Group chat
+ * - Team (by default the `General` channel)
+ *
+ * @remarks
+ * It's recommended to get bot installations from {@link ConversationBot.installations()}.
+ */
+class TeamsBotInstallation {
+    /**
+     * Constructor
+     *
+     * @remarks
+     * It's recommended to get bot installations from {@link ConversationBot.installations()}, instead of using this constructor.
+     *
+     * @param adapter - The bound `CloudAdapter`.
+     * @param conversationReference - The bound `ConversationReference`.
+     * @param botAppId - The bot app id.
+     */
+    constructor(adapter, conversationReference, botAppId) {
+        this.adapter = adapter;
+        this.conversationReference = conversationReference;
+        this.type = getTargetType(conversationReference);
+        this.botAppId = botAppId;
+    }
+    /**
+     * Send a plain text message.
+     *
+     * @param text - The plain text message.
+     * @param onError - An optional error handler that can catch exceptions during message sending.
+     * If not defined, error will be handled by `BotAdapter.onTurnError`.
+     *
+     * @returns The response of sending message.
+     */
+    async sendMessage(text, onError) {
+        const response = {};
+        await this.adapter.continueConversationAsync(this.botAppId, this.conversationReference, async (context) => {
+            try {
+                const res = await context.sendActivity(text);
+                response.id = res === null || res === void 0 ? void 0 : res.id;
+            }
+            catch (error) {
+                if (onError) {
+                    await onError(context, error);
+                }
+                else {
+                    throw error;
+                }
+            }
+        });
+        return response;
+    }
+    /**
+     * Send an adaptive card message.
+     *
+     * @param card - The adaptive card raw JSON.
+     * @param onError - An optional error handler that can catch exceptions during adaptive card sending.
+     * If not defined, error will be handled by `BotAdapter.onTurnError`.
+     *
+     * @returns The response of sending adaptive card message.
+     */
+    async sendAdaptiveCard(card, onError) {
+        const response = {};
+        await this.adapter.continueConversationAsync(this.botAppId, this.conversationReference, async (context) => {
+            try {
+                const res = await context.sendActivity({
+                    attachments: [CardFactory.adaptiveCard(card)],
+                });
+                response.id = res === null || res === void 0 ? void 0 : res.id;
+            }
+            catch (error) {
+                if (onError) {
+                    await onError(context, error);
+                }
+                else {
+                    throw error;
+                }
+            }
+        });
+        return response;
+    }
+    /**
+     * Get channels from this bot installation.
+     *
+     * @returns An array of channels if bot is installed into a team, otherwise returns an empty array.
+     */
+    async channels() {
+        const channels = [];
+        if (this.type !== NotificationTargetType.Channel) {
+            return channels;
+        }
+        let teamsChannels = [];
+        await this.adapter.continueConversationAsync(this.botAppId, this.conversationReference, async (context) => {
+            const teamId = getTeamsBotInstallationId(context);
+            if (teamId !== undefined) {
+                teamsChannels = await TeamsInfo.getTeamChannels(context, teamId);
+            }
+        });
+        for (const channel of teamsChannels) {
+            channels.push(new Channel(this, channel));
+        }
+        return channels;
+    }
+    /**
+     * Gets a pagined list of members from this bot installation.
+     *
+     * @param pageSize - Suggested number of entries on a page.
+     * @param continuationToken - A continuation token.
+     * @returns An array of members from where the bot is installed.
+     */
+    async getPagedMembers(pageSize, continuationToken) {
+        let result = {
+            data: [],
+            continuationToken: "",
+        };
+        await this.adapter.continueConversationAsync(this.botAppId, this.conversationReference, async (context) => {
+            const pagedMembers = await TeamsInfo.getPagedMembers(context, pageSize, continuationToken);
+            result = {
+                data: pagedMembers.members.map((m) => new Member(this, m)),
+                continuationToken: pagedMembers.continuationToken,
+            };
+        });
+        return result;
+    }
+    /**
+     * Get team details from this bot installation
+     *
+     * @returns The team details if bot is installed into a team, otherwise returns `undefined`.
+     */
+    async getTeamDetails() {
+        if (this.type !== NotificationTargetType.Channel) {
+            return undefined;
+        }
+        let teamDetails;
+        await this.adapter.continueConversationAsync(this.botAppId, this.conversationReference, async (context) => {
+            const teamId = getTeamsBotInstallationId(context);
+            if (teamId !== undefined) {
+                teamDetails = await TeamsInfo.getTeamDetails(context, teamId);
+            }
+        });
+        return teamDetails;
+    }
+}
+/**
+ * Provide utilities to send notification to varies targets (e.g., member, group, channel).
+ */
+class NotificationBot {
+    /**
+     * Constructor of the notification bot.
+     *
+     * @remarks
+     * To ensure accuracy, it's recommended to initialize before handling any message.
+     *
+     * @param adapter - The bound `CloudAdapter`
+     * @param options - The initialize options
+     */
+    constructor(adapter, options) {
+        var _a, _b;
+        if (options === null || options === void 0 ? void 0 : options.store) {
+            this.conversationReferenceStore = options.store;
+        }
+        else {
+            this.conversationReferenceStore = new DefaultConversationReferenceStore(path.resolve(process.env.RUNNING_ON_AZURE === "1" ? (_a = process.env.TEMP) !== null && _a !== void 0 ? _a : "./" : "./"));
+        }
+        this.adapter = adapter.use(new NotificationMiddleware({
+            conversationReferenceStore: this.conversationReferenceStore,
+        }));
+        this.botAppId = ((_b = options === null || options === void 0 ? void 0 : options.botAppId) !== null && _b !== void 0 ? _b : process.env.BOT_ID);
+    }
+    /**
+     * Create a {@link TeamsBotInstallation} instance with conversation reference.
+     *
+     * @param conversationReference - The bound `ConversationReference`.
+     * @returns - The {@link TeamsBotInstallation} instance or null.
+     */
+    buildTeamsBotInstallation(conversationReference) {
+        if (!conversationReference) {
+            throw new Error("conversationReference is required.");
+        }
+        return new TeamsBotInstallation(this.adapter, conversationReference, this.botAppId);
+    }
+    /**
+     * Validate the installation by getting paged memebers.
+     *
+     * @param conversationReference The bound `ConversationReference`.
+     * @returns Returns false if recieves `BotNotInConversationRoster` error, otherwise returns true.
+     */
+    async validateInstallation(conversationReference) {
+        let isValid = true;
+        await this.adapter.continueConversationAsync(this.botAppId, conversationReference, async (context) => {
+            try {
+                // try get member to see if the installation is still valid
+                await TeamsInfo.getPagedMembers(context, 1);
+            }
+            catch (error) {
+                if (error.code === "BotNotInConversationRoster") {
+                    isValid = false;
+                }
+            }
+        });
+        return isValid;
+    }
+    /**
+     * Gets a pagined list of targets where the bot is installed.
+     *
+     * @remarks
+     * The result is retrieving from the persisted storage.
+     *
+     * @param pageSize - Suggested number of entries on a page.
+     * @param continuationToken - A continuation token.
+     *
+     * @returns An array of {@link TeamsBotInstallation} with paged data and continuation token.
+     */
+    async getPagedInstallations(pageSize, continuationToken, validationEnabled = true) {
+        if (this.conversationReferenceStore === undefined || this.adapter === undefined) {
+            throw new Error("NotificationBot has not been initialized.");
+        }
+        const references = await this.conversationReferenceStore.list(pageSize, continuationToken);
+        const targets = [];
+        for (const reference of references.data) {
+            // validate connection
+            let valid;
+            if (validationEnabled) {
+                // try get member to see if the installation is still valid
+                valid = await this.validateInstallation(reference);
+            }
+            if (!validationEnabled || (validationEnabled && valid)) {
+                targets.push(new TeamsBotInstallation(this.adapter, reference, this.botAppId));
+            }
+            else {
+                await this.conversationReferenceStore.remove(getKey(reference), reference);
+            }
+        }
+        return {
+            data: targets,
+            continuationToken: references.continuationToken,
+        };
+    }
+    /**
+     * Return the first {@link Member} where predicate is true, and undefined otherwise.
+     *
+     * @param predicate - Find calls predicate once for each member of the installation,
+     * until it finds one where predicate returns true. If such a member is found, find
+     * immediately returns that member. Otherwise, find returns undefined.
+     * @param scope - The scope to find members from the installations
+     * (personal chat, group chat, Teams channel).
+     *
+     * @returns The first {@link Member} where predicate is true, and `undefined` otherwise.
+     */
+    async findMember(predicate, scope) {
+        for (const target of await this.installations()) {
+            if (this.matchSearchScope(target, scope)) {
+                const members = [];
+                let continuationToken;
+                do {
+                    const pagedData = await target.getPagedMembers(undefined, continuationToken);
+                    continuationToken = pagedData.continuationToken;
+                    members.push(...pagedData.data);
+                } while (continuationToken);
+                for (const member of members) {
+                    if (await predicate(member)) {
+                        return member;
+                    }
+                }
+            }
+        }
+        return;
+    }
+    /**
+     * Return the first {@link Channel} where predicate is true, and undefined otherwise.
+     * (Ensure the bot app is installed into the `General` channel, otherwise undefined will be returned.)
+     *
+     * @param predicate - Find calls predicate once for each channel of the installation,
+     * until it finds one where predicate returns true. If such a channel is found, find
+     * immediately returns that channel. Otherwise, find returns `undefined`.
+     *
+     * @returns The first {@link Channel} where predicate is true, and `undefined` otherwise.
+     */
+    async findChannel(predicate) {
+        for (const target of await this.installations()) {
+            if (target.type === NotificationTargetType.Channel) {
+                const teamDetails = await target.getTeamDetails();
+                for (const channel of await target.channels()) {
+                    if (await predicate(channel, teamDetails)) {
+                        return channel;
+                    }
+                }
+            }
+        }
+        return;
+    }
+    /**
+     * Return all {@link Member} where predicate is true, and empty array otherwise.
+     *
+     * @param predicate - Find calls predicate for each member of the installation.
+     * @param scope - The scope to find members from the installations
+     * (personal chat, group chat, Teams channel).
+     *
+     * @returns An array of {@link Member} where predicate is true, and empty array otherwise.
+     */
+    async findAllMembers(predicate, scope) {
+        const members = [];
+        for (const target of await this.installations()) {
+            if (this.matchSearchScope(target, scope)) {
+                const targetMembers = [];
+                let continuationToken;
+                do {
+                    const pagedData = await target.getPagedMembers(undefined, continuationToken);
+                    continuationToken = pagedData.continuationToken;
+                    targetMembers.push(...pagedData.data);
+                } while (continuationToken);
+                for (const member of targetMembers) {
+                    if (await predicate(member)) {
+                        members.push(member);
+                    }
+                }
+            }
+        }
+        return members;
+    }
+    /**
+     * Return all {@link Channel} where predicate is true, and empty array otherwise.
+     * (Ensure the bot app is installed into the `General` channel, otherwise empty array will be returned.)
+     *
+     * @param predicate - Find calls predicate for each channel of the installation.
+     *
+     * @returns An array of {@link Channel} where predicate is true, and empty array otherwise.
+     */
+    async findAllChannels(predicate) {
+        const channels = [];
+        for (const target of await this.installations()) {
+            if (target.type === NotificationTargetType.Channel) {
+                const teamDetails = await target.getTeamDetails();
+                for (const channel of await target.channels()) {
+                    if (await predicate(channel, teamDetails)) {
+                        channels.push(channel);
+                    }
+                }
+            }
+        }
+        return channels;
+    }
+    matchSearchScope(target, scope) {
+        scope = scope !== null && scope !== void 0 ? scope : SearchScope.All;
+        return ((target.type === NotificationTargetType.Channel && (scope & SearchScope.Channel) !== 0) ||
+            (target.type === NotificationTargetType.Group && (scope & SearchScope.Group) !== 0) ||
+            (target.type === NotificationTargetType.Person && (scope & SearchScope.Person) !== 0));
+    }
+    /**
+     * @internal
+     * Get all targets where the bot is installed.
+     *
+     * @remarks
+     * The result is retrieving from the persisted storage.
+     *
+     * @returns An array of {@link TeamsBotInstallation}
+     */
+    async installations() {
+        let continuationToken;
+        const targets = [];
+        do {
+            const result = await this.getPagedInstallations(undefined, continuationToken);
+            continuationToken = result.continuationToken;
+            targets.push(...result.data);
+        } while (continuationToken);
+        return targets;
+    }
+}
+/**
+ * The search scope when calling {@link NotificationBot.findMember} and {@link NotificationBot.findAllMembers}.
+ * The search scope is a flagged enum and it can be combined with `|`.
+ * For example, to search from personal chat and group chat, use `SearchScope.Person | SearchScope.Group`.
+ */
+var SearchScope;
+(function (SearchScope) {
+    /**
+     * Search members from the installations in personal chat only.
+     */
+    SearchScope[SearchScope["Person"] = 1] = "Person";
+    /**
+     * Search members from the installations in group chat only.
+     */
+    SearchScope[SearchScope["Group"] = 2] = "Group";
+    /**
+     * Search members from the installations in Teams channel only.
+     */
+    SearchScope[SearchScope["Channel"] = 4] = "Channel";
+    /**
+     * Search members from all installations including personal chat, group chat and Teams channel.
+     */
+    SearchScope[SearchScope["All"] = 7] = "All";
+})(SearchScope || (SearchScope = {}));
+
+/******************************************************************************
+Copyright (c) Microsoft Corporation.
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
+REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
+INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+PERFORMANCE OF THIS SOFTWARE.
+***************************************************************************** */
+
+function __rest(s, e) {
+    var t = {};
+    for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
+        t[p] = s[p];
+    if (s != null && typeof Object.getOwnPropertySymbols === "function")
+        for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
+            if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
+                t[p[i]] = s[p[i]];
+        }
+    return t;
+}
+
+typeof SuppressedError === "function" ? SuppressedError : function (error, suppressed, message) {
+    var e = new Error(message);
+    return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
+};
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * Default SSO execution activity handler
+ */
+class DefaultBotSsoExecutionActivityHandler extends TeamsActivityHandler {
+    /**
+     * Creates a new instance of the DefaultBotSsoExecutionActivityHandler.
+     * @param ssoConfig configuration for SSO command bot
+     *
+     * @remarks
+     * In the constructor, it uses BotSsoConfig parameter which from {@link ConversationBot} options to initialize {@link BotSsoExecutionDialog}.
+     * It also need to register an event handler for the message event which trigger {@link BotSsoExecutionDialog} instance.
+     */
+    constructor(ssoConfig) {
+        var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k;
+        super();
+        const memoryStorage = new MemoryStorage();
+        const userState = (_b = (_a = ssoConfig.dialog) === null || _a === void 0 ? void 0 : _a.userState) !== null && _b !== void 0 ? _b : new UserState(memoryStorage);
+        const conversationState = (_d = (_c = ssoConfig.dialog) === null || _c === void 0 ? void 0 : _c.conversationState) !== null && _d !== void 0 ? _d : new ConversationState(memoryStorage);
+        const dedupStorage = (_f = (_e = ssoConfig.dialog) === null || _e === void 0 ? void 0 : _e.dedupStorage) !== null && _f !== void 0 ? _f : memoryStorage;
+        const _l = ssoConfig.aad, { scopes } = _l, customConfig = __rest(_l, ["scopes"]);
+        const settings = {
+            scopes: scopes,
+            timeout: (_h = (_g = ssoConfig.dialog) === null || _g === void 0 ? void 0 : _g.ssoPromptConfig) === null || _h === void 0 ? void 0 : _h.timeout,
+            endOnInvalidMessage: (_k = (_j = ssoConfig.dialog) === null || _j === void 0 ? void 0 : _j.ssoPromptConfig) === null || _k === void 0 ? void 0 : _k.endOnInvalidMessage,
+        };
+        this.ssoExecutionDialog = new BotSsoExecutionDialog(dedupStorage, settings, customConfig, customConfig.initiateLoginEndpoint);
+        this.conversationState = conversationState;
+        this.dialogState = conversationState.createProperty("DialogState");
+        this.userState = userState;
+        this.onMessage(async (context, next) => {
+            await this.ssoExecutionDialog.run(context, this.dialogState);
+            await next();
+        });
+    }
+    /**
+     * Add TeamsFxBotSsoCommandHandler instance to SSO execution dialog
+     * @param handler {@link BotSsoExecutionDialogHandler} callback function
+     * @param triggerPatterns The trigger pattern
+     *
+     * @remarks
+     * This function is used to add SSO command to {@link BotSsoExecutionDialog} instance.
+     */
+    addCommand(handler, triggerPatterns) {
+        this.ssoExecutionDialog.addCommand(handler, triggerPatterns);
+    }
+    /**
+     * Called to initiate the event emission process.
+     * @param context The context object for the current turn.
+     */
+    async run(context) {
+        try {
+            await super.run(context);
+        }
+        finally {
+            await this.conversationState.saveChanges(context, false);
+            await this.userState.saveChanges(context, false);
+        }
+    }
+    /**
+     * Receives invoke activities with Activity name of 'signin/verifyState'.
+     * @param context A context object for this turn.
+     * @param query Signin state (part of signin action auth flow) verification invoke query.
+     * @returns A promise that represents the work queued.
+     *
+     * @remarks
+     * It should trigger {@link BotSsoExecutionDialog} instance to handle signin process
+     */
+    async handleTeamsSigninVerifyState(context, query) {
+        await this.ssoExecutionDialog.run(context, this.dialogState);
+    }
+    /**
+     * Receives invoke activities with Activity name of 'signin/tokenExchange'
+     * @param context A context object for this turn.
+     * @param query Signin state (part of signin action auth flow) verification invoke query
+     * @returns A promise that represents the work queued.
+     *
+     * @remarks
+     * It should trigger {@link BotSsoExecutionDialog} instance to handle signin process
+     */
+    async handleTeamsSigninTokenExchange(context, query) {
+        await this.ssoExecutionDialog.run(context, this.dialogState);
+    }
+}
+
+// Copyright (c) Microsoft Corporation.
+/**
+ * Provide utilities for bot conversation, including:
+ *   - handle command and response.
+ *   - send notification to varies targets (e.g., member, group, channel).
+ *
+ * @example
+ * For command and response, you can register your commands through the constructor, or use the `registerCommand` and `registerCommands` API to add commands later.
+ *
+ * ```typescript
+ * import { BotBuilderCloudAdapter } from "@microsoft/teamsfx";
+ * import ConversationBot = BotBuilderCloudAdapter.ConversationBot;
+ *
+ * // register through constructor
+ * const conversationBot = new ConversationBot({
+ *   command: {
+ *     enabled: true,
+ *     commands: [ new HelloWorldCommandHandler() ],
+ *   },
+ * });
+ *
+ * // register through `register*` API
+ * conversationBot.command.registerCommand(new HelpCommandHandler());
+ * ```
+ *
+ * For notification, you can enable notification at initialization, then send notifications at any time.
+ *
+ * ```typescript
+ * import { BotBuilderCloudAdapter } from "@microsoft/teamsfx";
+ * import ConversationBot = BotBuilderCloudAdapter.ConversationBot;
+ *
+ * // enable through constructor
+ * const conversationBot = new ConversationBot({
+ *   notification: {
+ *     enabled: true,
+ *   },
+ * });
+ *
+ * // get all bot installations and send message
+ * for (const target of await conversationBot.notification.installations()) {
+ *   await target.sendMessage("Hello Notification");
+ * }
+ *
+ * // alternative - send message to all members
+ * for (const target of await conversationBot.notification.installations()) {
+ *   for (const member of await target.members()) {
+ *     await member.sendMessage("Hello Notification");
+ *   }
+ * }
+ * ```
+ *
+ * @remarks
+ * Set `adapter` in {@link ConversationOptions} to use your own bot adapter.
+ *
+ * For command and response, ensure each command should ONLY be registered with the command once, otherwise it'll cause unexpected behavior if you register the same command more than once.
+ *
+ * For notification, set `notification.storage` in {@link ConversationOptions} to use your own storage implementation.
+ */
+class ConversationBot {
+    /**
+     * Create new instance of the `ConversationBot`.
+     *
+     * @remarks
+     * It's recommended to create your own adapter and storage for production environment instead of the default one.
+     *
+     * @param options - The initialize options.
+     */
+    constructor(options) {
+        var _a, _b, _c, _d;
+        if (options.adapter) {
+            this.adapter = options.adapter;
+        }
+        else {
+            this.adapter = this.createDefaultAdapter(options.adapterConfig);
+        }
+        let ssoCommandActivityHandler;
+        if (options === null || options === void 0 ? void 0 : options.ssoConfig) {
+            if ((_a = options.ssoConfig.dialog) === null || _a === void 0 ? void 0 : _a.CustomBotSsoExecutionActivityHandler) {
+                ssoCommandActivityHandler =
+                    new options.ssoConfig.dialog.CustomBotSsoExecutionActivityHandler(options.ssoConfig);
+            }
+            else {
+                ssoCommandActivityHandler = new DefaultBotSsoExecutionActivityHandler(options.ssoConfig);
+            }
+        }
+        if ((_b = options.command) === null || _b === void 0 ? void 0 : _b.enabled) {
+            this.command = new CommandBot(this.adapter, options.command, ssoCommandActivityHandler, options.ssoConfig);
+        }
+        if ((_c = options.notification) === null || _c === void 0 ? void 0 : _c.enabled) {
+            this.notification = new NotificationBot(this.adapter, options.notification);
+        }
+        if ((_d = options.cardAction) === null || _d === void 0 ? void 0 : _d.enabled) {
+            this.cardAction = new CardActionBot(this.adapter, options.cardAction);
+        }
+    }
+    createDefaultAdapter(adapterConfig) {
+        const credentialsFactory = adapterConfig === undefined
+            ? new ConfigurationServiceClientCredentialFactory({
+                MicrosoftAppId: process.env.BOT_ID,
+                MicrosoftAppPassword: process.env.BOT_PASSWORD,
+                MicrosoftAppType: "MultiTenant",
+            })
+            : new ConfigurationServiceClientCredentialFactory(adapterConfig);
+        const botFrameworkAuthentication = new ConfigurationBotFrameworkAuthentication({}, credentialsFactory);
+        const adapter = new CloudAdapter(botFrameworkAuthentication);
+        // the default error handler
+        adapter.onTurnError = async (context, error) => {
+            // This check writes out errors to console.
+            console.error(`[onTurnError] unhandled error`, error);
+            // Only send error message for user messages, not for other message types so the bot doesn't spam a channel or chat.
+            if (context.activity.type === "message") {
+                // Send a trace activity, which will be displayed in Bot Framework Emulator
+                await context.sendTraceActivity("OnTurnError Trace", error instanceof Error ? error.message : error, "https://www.botframework.com/schemas/error", "TurnError");
+                // Send a message to the user
+                await context.sendActivity(`The bot encountered unhandled error: ${error.message}`);
+                await context.sendActivity("To continue to run this bot, please fix the bot source code.");
+            }
+        };
+        return adapter;
+    }
+    /**
+     * The request handler to integrate with web request.
+     *
+     * @param req - An incoming HTTP [Request](xref:botbuilder.Request).
+     * @param res - The corresponding HTTP [Response](xref:botbuilder.Response).
+     * @param logic - The additional function to handle bot context.
+     *
+     * @example
+     * For example, to use with Express:
+     * ``` typescript
+     * // The default/empty behavior
+     * const expressApp = express();
+     * expressApp.use(express.json());
+     * expressApp.post("/api/notification", conversationBot.requestHandler);
+     *
+     * // Or, add your own logic
+     * const expressApp = express();
+     * expressApp.use(express.json());
+     * expressApp.post("/api/notification", async (req, res) => {
+     *   await conversationBot.requestHandler(req, res, async (context) => {
+     *     // your-own-context-logic
+     *   });
+     * });
+     * ```
+     */
+    async requestHandler(req, res, logic) {
+        if (logic === undefined) {
+            // create empty logic
+            logic = async () => { };
+        }
+        await this.adapter.process(req, res, logic);
+    }
+}
+
+var conversationWithCloudAdapter = /*#__PURE__*/Object.freeze({
+  __proto__: null,
+  ConversationBot: ConversationBot,
+  BotSsoExecutionDialog: BotSsoExecutionDialog,
+  Channel: Channel,
+  Member: Member,
+  NotificationBot: NotificationBot,
+  sendAdaptiveCard: sendAdaptiveCard,
+  sendMessage: sendMessage,
+  TeamsBotInstallation: TeamsBotInstallation,
+  get SearchScope () { return SearchScope; },
+  CommandBot: CommandBot,
+  CardActionBot: CardActionBot
+});
+
+export { AdaptiveCardResponse, ApiKeyLocation, ApiKeyProvider, AppCredential, BasicAuthProvider, BearerTokenAuthProvider, conversationWithCloudAdapter as BotBuilderCloudAdapter, BotSsoExecutionDialog, CertificateAuthProvider, ErrorCode, ErrorWithCode, InvokeResponseErrorCode, InvokeResponseFactory, LogLevel, MessageBuilder, NotificationTargetType, OnBehalfOfUserCredential, TeamsBotSsoPrompt, TeamsUserCredential, createApiClient, createPemCertOption, createPfxCertOption, getLogLevel, handleMessageExtensionLinkQueryWithSSO, handleMessageExtensionQueryWithSSO, setLogFunction, setLogLevel, setLogger };
 //# sourceMappingURL=index.esm2017.mjs.map