npm - @openclaw/msteams - Versions diffs - 2026.5.2 → 2026.5.3-beta.2 - Mend

@openclaw/msteams 2026.5.2 → 2026.5.3-beta.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (197) hide show

package/dist/api.js +3 -0
package/dist/channel-D7hdreTh.js +984 -0
package/dist/channel-config-api.js +2 -0
package/dist/channel-plugin-api.js +2 -0
package/dist/channel.runtime-BC1ruIfN.js +573 -0
package/dist/config-schema-B8QezH6t.js +15 -0
package/dist/contract-api.js +2 -0
package/dist/graph-users-9uQJepqr.js +1354 -0
package/dist/index.js +22 -0
package/dist/oauth-BWJyilR1.js +114 -0
package/dist/oauth.token-xxpoLWy5.js +115 -0
package/dist/policy-DTnU2GR7.js +142 -0
package/dist/probe-D_H8yFps.js +2194 -0
package/dist/resolve-allowlist-D41JSziq.js +219 -0
package/dist/runtime-api-DV1iVMn1.js +28 -0
package/dist/runtime-api.js +2 -0
package/dist/secret-contract-BuoEXmPS.js +35 -0
package/dist/secret-contract-api.js +2 -0
package/dist/setup-entry.js +15 -0
package/dist/setup-plugin-api.js +64 -0
package/dist/setup-surface-BLkFQYIQ.js +313 -0
package/dist/src-CFp1QpFd.js +4064 -0
package/dist/test-api.js +2 -0
package/package.json +14 -6
package/api.ts +0 -3
package/channel-config-api.ts +0 -1
package/channel-plugin-api.ts +0 -2
package/config-api.ts +0 -4
package/contract-api.ts +0 -4
package/index.ts +0 -20
package/runtime-api.ts +0 -73
package/secret-contract-api.ts +0 -5
package/setup-entry.ts +0 -13
package/setup-plugin-api.ts +0 -3
package/src/ai-entity.ts +0 -7
package/src/approval-auth.ts +0 -44
package/src/attachments/bot-framework.test.ts +0 -461
package/src/attachments/bot-framework.ts +0 -362
package/src/attachments/download.ts +0 -311
package/src/attachments/graph.test.ts +0 -416
package/src/attachments/graph.ts +0 -484
package/src/attachments/html.ts +0 -122
package/src/attachments/payload.ts +0 -14
package/src/attachments/remote-media.test.ts +0 -137
package/src/attachments/remote-media.ts +0 -112
package/src/attachments/shared.test.ts +0 -530
package/src/attachments/shared.ts +0 -626
package/src/attachments/types.ts +0 -47
package/src/attachments.graph.test.ts +0 -342
package/src/attachments.helpers.test.ts +0 -246
package/src/attachments.test-helpers.ts +0 -17
package/src/attachments.test.ts +0 -687
package/src/attachments.ts +0 -18
package/src/block-streaming-config.test.ts +0 -61
package/src/channel-api.ts +0 -1
package/src/channel.actions.test.ts +0 -742
package/src/channel.directory.test.ts +0 -200
package/src/channel.runtime.ts +0 -56
package/src/channel.setup.ts +0 -77
package/src/channel.test.ts +0 -128
package/src/channel.ts +0 -1136
package/src/config-schema.ts +0 -6
package/src/config-ui-hints.ts +0 -12
package/src/conversation-store-fs.test.ts +0 -74
package/src/conversation-store-fs.ts +0 -149
package/src/conversation-store-helpers.test.ts +0 -202
package/src/conversation-store-helpers.ts +0 -105
package/src/conversation-store-memory.ts +0 -51
package/src/conversation-store.shared.test.ts +0 -225
package/src/conversation-store.ts +0 -71
package/src/directory-live.test.ts +0 -156
package/src/directory-live.ts +0 -111
package/src/doctor.ts +0 -27
package/src/errors.test.ts +0 -133
package/src/errors.ts +0 -246
package/src/feedback-reflection-prompt.ts +0 -117
package/src/feedback-reflection-store.ts +0 -114
package/src/feedback-reflection.test.ts +0 -237
package/src/feedback-reflection.ts +0 -283
package/src/file-consent-helpers.test.ts +0 -326
package/src/file-consent-helpers.ts +0 -126
package/src/file-consent-invoke.ts +0 -150
package/src/file-consent.test.ts +0 -363
package/src/file-consent.ts +0 -287
package/src/graph-chat.ts +0 -55
package/src/graph-group-management.test.ts +0 -318
package/src/graph-group-management.ts +0 -168
package/src/graph-members.test.ts +0 -89
package/src/graph-members.ts +0 -48
package/src/graph-messages.actions.test.ts +0 -243
package/src/graph-messages.read.test.ts +0 -391
package/src/graph-messages.search.test.ts +0 -213
package/src/graph-messages.test-helpers.ts +0 -50
package/src/graph-messages.ts +0 -534
package/src/graph-teams.test.ts +0 -215
package/src/graph-teams.ts +0 -114
package/src/graph-thread.test.ts +0 -246
package/src/graph-thread.ts +0 -146
package/src/graph-upload.test.ts +0 -258
package/src/graph-upload.ts +0 -531
package/src/graph-users.ts +0 -29
package/src/graph.test.ts +0 -516
package/src/graph.ts +0 -293
package/src/inbound.test.ts +0 -221
package/src/inbound.ts +0 -148
package/src/index.ts +0 -4
package/src/media-helpers.test.ts +0 -202
package/src/media-helpers.ts +0 -105
package/src/mentions.test.ts +0 -244
package/src/mentions.ts +0 -114
package/src/messenger.test.ts +0 -865
package/src/messenger.ts +0 -605
package/src/monitor-handler/access.ts +0 -125
package/src/monitor-handler/inbound-media.test.ts +0 -289
package/src/monitor-handler/inbound-media.ts +0 -180
package/src/monitor-handler/message-handler-mock-support.test-support.ts +0 -28
package/src/monitor-handler/message-handler.authz.test.ts +0 -669
package/src/monitor-handler/message-handler.dm-media.test.ts +0 -54
package/src/monitor-handler/message-handler.test-support.ts +0 -100
package/src/monitor-handler/message-handler.thread-parent.test.ts +0 -223
package/src/monitor-handler/message-handler.thread-session.test.ts +0 -77
package/src/monitor-handler/message-handler.ts +0 -1000
package/src/monitor-handler/reaction-handler.test.ts +0 -267
package/src/monitor-handler/reaction-handler.ts +0 -210
package/src/monitor-handler/thread-session.ts +0 -17
package/src/monitor-handler.adaptive-card.test.ts +0 -162
package/src/monitor-handler.feedback-authz.test.ts +0 -314
package/src/monitor-handler.file-consent.test.ts +0 -423
package/src/monitor-handler.sso.test.ts +0 -563
package/src/monitor-handler.test-helpers.ts +0 -180
package/src/monitor-handler.ts +0 -534
package/src/monitor-handler.types.ts +0 -27
package/src/monitor-types.ts +0 -6
package/src/monitor.lifecycle.test.ts +0 -278
package/src/monitor.test.ts +0 -119
package/src/monitor.ts +0 -442
package/src/oauth.flow.ts +0 -77
package/src/oauth.shared.ts +0 -37
package/src/oauth.test.ts +0 -305
package/src/oauth.token.ts +0 -158
package/src/oauth.ts +0 -130
package/src/outbound.test.ts +0 -130
package/src/outbound.ts +0 -71
package/src/pending-uploads-fs.test.ts +0 -246
package/src/pending-uploads-fs.ts +0 -235
package/src/pending-uploads.test.ts +0 -173
package/src/pending-uploads.ts +0 -121
package/src/policy.test.ts +0 -240
package/src/policy.ts +0 -262
package/src/polls-store-memory.ts +0 -32
package/src/polls.test.ts +0 -160
package/src/polls.ts +0 -323
package/src/presentation.ts +0 -68
package/src/probe.test.ts +0 -77
package/src/probe.ts +0 -132
package/src/reply-dispatcher.test.ts +0 -437
package/src/reply-dispatcher.ts +0 -346
package/src/reply-stream-controller.test.ts +0 -235
package/src/reply-stream-controller.ts +0 -147
package/src/resolve-allowlist.test.ts +0 -250
package/src/resolve-allowlist.ts +0 -309
package/src/revoked-context.ts +0 -17
package/src/runtime.ts +0 -9
package/src/sdk-types.ts +0 -59
package/src/sdk.test.ts +0 -666
package/src/sdk.ts +0 -884
package/src/secret-contract.ts +0 -49
package/src/secret-input.ts +0 -7
package/src/send-context.ts +0 -231
package/src/send.test.ts +0 -493
package/src/send.ts +0 -637
package/src/sent-message-cache.test.ts +0 -15
package/src/sent-message-cache.ts +0 -56
package/src/session-route.ts +0 -40
package/src/setup-core.ts +0 -160
package/src/setup-surface.test.ts +0 -202
package/src/setup-surface.ts +0 -320
package/src/sso-token-store.test.ts +0 -72
package/src/sso-token-store.ts +0 -166
package/src/sso.ts +0 -300
package/src/storage.ts +0 -25
package/src/store-fs.ts +0 -44
package/src/streaming-message.test.ts +0 -262
package/src/streaming-message.ts +0 -297
package/src/test-runtime.ts +0 -16
package/src/thread-parent-context.test.ts +0 -224
package/src/thread-parent-context.ts +0 -159
package/src/token-response.ts +0 -11
package/src/token.test.ts +0 -259
package/src/token.ts +0 -195
package/src/user-agent.test.ts +0 -86
package/src/user-agent.ts +0 -53
package/src/webhook-timeouts.ts +0 -27
package/src/welcome-card.test.ts +0 -81
package/src/welcome-card.ts +0 -57
package/test-api.ts +0 -1
package/tsconfig.json +0 -16

package/src/token-response.ts DELETED Viewed

@@ -1,11 +0,0 @@
-export function readAccessToken(value: unknown): string | null {
-  if (typeof value === "string") {
-    return value;
-  }
-  if (value && typeof value === "object") {
-    const token =
-      (value as { accessToken?: unknown }).accessToken ?? (value as { token?: unknown }).token;
-    return typeof token === "string" ? token : null;
-  }
-  return null;
-}

package/src/token.test.ts DELETED Viewed

@@ -1,259 +0,0 @@
-import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
-import { readAccessToken } from "./token-response.js";
-import { hasConfiguredMSTeamsCredentials, resolveMSTeamsCredentials } from "./token.js";
-vi.mock("./secret-input.js", () => ({
-  normalizeSecretInputString: (v: unknown) =>
-    typeof v === "string" && v.trim() ? v.trim() : undefined,
-  normalizeResolvedSecretInputString: (opts: { value: unknown; path: string }) =>
-    typeof opts.value === "string" && opts.value.trim() ? opts.value.trim() : undefined,
-  hasConfiguredSecretInput: (v: unknown) => typeof v === "string" && v.trim().length > 0,
-}));
-const ENV_KEYS = [
-  "MSTEAMS_APP_ID",
-  "MSTEAMS_APP_PASSWORD",
-  "MSTEAMS_TENANT_ID",
-  "MSTEAMS_AUTH_TYPE",
-  "MSTEAMS_CERTIFICATE_PATH",
-  "MSTEAMS_CERTIFICATE_THUMBPRINT",
-  "MSTEAMS_USE_MANAGED_IDENTITY",
-  "MSTEAMS_MANAGED_IDENTITY_CLIENT_ID",
-] as const;
-let savedEnv: Record<string, string | undefined> = {};
-function saveAndClearEnv() {
-  savedEnv = {};
-  for (const key of ENV_KEYS) {
-    savedEnv[key] = process.env[key];
-    delete process.env[key];
-  }
-}
-function restoreEnv() {
-  for (const key of ENV_KEYS) {
-    if (savedEnv[key] !== undefined) {
-      process.env[key] = savedEnv[key];
-    } else {
-      delete process.env[key];
-    }
-  }
-}
-describe("token – secret credentials", () => {
-  beforeEach(saveAndClearEnv);
-  afterEach(restoreEnv);
-  it("returns true when appId + appPassword + tenantId are provided in config", () => {
-    const cfg = { appId: "app-id", appPassword: "app-pw", tenantId: "tenant-id" } as any;
-    expect(hasConfiguredMSTeamsCredentials(cfg)).toBe(true);
-  });
-  it("returns false when appPassword is missing", () => {
-    const cfg = { appId: "app-id", tenantId: "tenant-id" } as any;
-    expect(hasConfiguredMSTeamsCredentials(cfg)).toBe(false);
-  });
-  it("returns false when no config is given and no env vars set", () => {
-    expect(hasConfiguredMSTeamsCredentials(undefined)).toBe(false);
-  });
-  it("resolves secret credentials from config", () => {
-    const cfg = { appId: "app-id", appPassword: "app-pw", tenantId: "tenant-id" } as any;
-    const result = resolveMSTeamsCredentials(cfg);
-    expect(result).toEqual({
-      type: "secret",
-      appId: "app-id",
-      appPassword: "app-pw",
-      tenantId: "tenant-id",
-    });
-  });
-  it("resolves secret credentials from env vars", () => {
-    process.env.MSTEAMS_APP_ID = "env-app-id";
-    process.env.MSTEAMS_APP_PASSWORD = "env-app-pw";
-    process.env.MSTEAMS_TENANT_ID = "env-tenant-id";
-    const result = resolveMSTeamsCredentials(undefined);
-    expect(result).toEqual({
-      type: "secret",
-      appId: "env-app-id",
-      appPassword: "env-app-pw",
-      tenantId: "env-tenant-id",
-    });
-  });
-  it("returns undefined when appPassword is missing", () => {
-    const cfg = { appId: "app-id", tenantId: "tenant-id" } as any;
-    expect(resolveMSTeamsCredentials(cfg)).toBeUndefined();
-  });
-});
-describe("token – federated credentials (certificate)", () => {
-  beforeEach(saveAndClearEnv);
-  afterEach(restoreEnv);
-  it("hasConfigured returns true when certificate path is provided", () => {
-    const cfg = {
-      appId: "app-id",
-      tenantId: "tenant-id",
-      authType: "federated",
-      certificatePath: "/cert.pem",
-    } as any;
-    expect(hasConfiguredMSTeamsCredentials(cfg)).toBe(true);
-  });
-  it("hasConfigured returns false when neither cert nor MI is provided", () => {
-    const cfg = { appId: "app-id", tenantId: "tenant-id", authType: "federated" } as any;
-    expect(hasConfiguredMSTeamsCredentials(cfg)).toBe(false);
-  });
-  it("resolves federated credentials with certificate from config", () => {
-    const cfg = {
-      appId: "app-id",
-      tenantId: "tenant-id",
-      authType: "federated",
-      certificatePath: "/cert.pem",
-      certificateThumbprint: "AABBCCDD",
-    } as any;
-    const result = resolveMSTeamsCredentials(cfg);
-    expect(result).toEqual({
-      type: "federated",
-      appId: "app-id",
-      tenantId: "tenant-id",
-      certificatePath: "/cert.pem",
-      certificateThumbprint: "AABBCCDD",
-      useManagedIdentity: undefined,
-      managedIdentityClientId: undefined,
-    });
-  });
-  it("resolves federated credentials from env vars", () => {
-    process.env.MSTEAMS_AUTH_TYPE = "federated";
-    process.env.MSTEAMS_APP_ID = "env-app-id";
-    process.env.MSTEAMS_TENANT_ID = "env-tenant-id";
-    process.env.MSTEAMS_CERTIFICATE_PATH = "/env/cert.pem";
-    process.env.MSTEAMS_CERTIFICATE_THUMBPRINT = "EEFF0011";
-    const result = resolveMSTeamsCredentials(undefined);
-    expect(result).toEqual({
-      type: "federated",
-      appId: "env-app-id",
-      tenantId: "env-tenant-id",
-      certificatePath: "/env/cert.pem",
-      certificateThumbprint: "EEFF0011",
-      useManagedIdentity: undefined,
-      managedIdentityClientId: undefined,
-    });
-  });
-});
-describe("token – federated credentials (managed identity)", () => {
-  beforeEach(saveAndClearEnv);
-  afterEach(restoreEnv);
-  it("resolves managed identity from config", () => {
-    const cfg = {
-      appId: "app-id",
-      tenantId: "tenant-id",
-      authType: "federated",
-      useManagedIdentity: true,
-      managedIdentityClientId: "mi-client-id",
-    } as any;
-    const result = resolveMSTeamsCredentials(cfg);
-    expect(result).toEqual({
-      type: "federated",
-      appId: "app-id",
-      tenantId: "tenant-id",
-      certificatePath: undefined,
-      certificateThumbprint: undefined,
-      useManagedIdentity: true,
-      managedIdentityClientId: "mi-client-id",
-    });
-  });
-  it("resolves system-assigned managed identity (no clientId)", () => {
-    const cfg = {
-      appId: "app-id",
-      tenantId: "tenant-id",
-      authType: "federated",
-      useManagedIdentity: true,
-    } as any;
-    const result = resolveMSTeamsCredentials(cfg);
-    expect(result).toEqual({
-      type: "federated",
-      appId: "app-id",
-      tenantId: "tenant-id",
-      certificatePath: undefined,
-      certificateThumbprint: undefined,
-      useManagedIdentity: true,
-      managedIdentityClientId: undefined,
-    });
-  });
-  it("hasConfigured returns true for managed identity via env", () => {
-    process.env.MSTEAMS_AUTH_TYPE = "federated";
-    process.env.MSTEAMS_APP_ID = "env-app-id";
-    process.env.MSTEAMS_TENANT_ID = "env-tenant-id";
-    process.env.MSTEAMS_USE_MANAGED_IDENTITY = "true";
-    expect(hasConfiguredMSTeamsCredentials(undefined)).toBe(true);
-  });
-  it("config useManagedIdentity=false overrides env MSTEAMS_USE_MANAGED_IDENTITY=true", () => {
-    process.env.MSTEAMS_USE_MANAGED_IDENTITY = "true";
-    const cfg = {
-      appId: "app-id",
-      tenantId: "tenant-id",
-      authType: "federated",
-      certificatePath: "/cert.pem",
-      useManagedIdentity: false,
-    } as any;
-    const result = resolveMSTeamsCredentials(cfg);
-    expect(result).toBeDefined();
-    expect(result!.type).toBe("federated");
-    expect((result as any).useManagedIdentity).toBeUndefined();
-    expect((result as any).certificatePath).toBe("/cert.pem");
-  });
-});
-describe("token – backward compatibility", () => {
-  beforeEach(saveAndClearEnv);
-  afterEach(restoreEnv);
-  it("defaults to secret when authType is absent", () => {
-    const cfg = { appId: "app-id", appPassword: "pw", tenantId: "tenant-id" } as any;
-    const result = resolveMSTeamsCredentials(cfg);
-    expect(result).toBeDefined();
-    expect(result!.type).toBe("secret");
-  });
-  it("explicit authType=secret behaves same as absent", () => {
-    const cfg = {
-      appId: "app-id",
-      appPassword: "pw",
-      tenantId: "tenant-id",
-      authType: "secret",
-    } as any;
-    const result = resolveMSTeamsCredentials(cfg);
-    expect(result).toEqual({
-      type: "secret",
-      appId: "app-id",
-      appPassword: "pw",
-      tenantId: "tenant-id",
-    });
-  });
-});
-describe("readAccessToken", () => {
-  it("reads string and object token forms", () => {
-    expect(readAccessToken("abc")).toBe("abc");
-    expect(readAccessToken({ accessToken: "access-token" })).toBe("access-token");
-    expect(readAccessToken({ token: "fallback-token" })).toBe("fallback-token");
-  });
-  it("returns null for unsupported token payloads", () => {
-    expect(readAccessToken({ accessToken: 123 })).toBeNull();
-    expect(readAccessToken({ token: false })).toBeNull();
-    expect(readAccessToken(null)).toBeNull();
-    expect(readAccessToken(undefined)).toBeNull();
-  });
-});

package/src/token.ts DELETED Viewed

@@ -1,195 +0,0 @@
-import { readFileSync, writeFileSync, mkdirSync } from "node:fs";
-import { dirname } from "node:path";
-import type { MSTeamsConfig } from "../runtime-api.js";
-import type { MSTeamsDelegatedTokens } from "./oauth.shared.js";
-import { refreshMSTeamsDelegatedTokens } from "./oauth.token.js";
-import {
-  hasConfiguredSecretInput,
-  normalizeResolvedSecretInputString,
-  normalizeSecretInputString,
-} from "./secret-input.js";
-import { resolveMSTeamsStorePath } from "./storage.js";
-// ── Credential types ───────────────────────────────────────────────────────
-export type MSTeamsSecretCredentials = {
-  type: "secret";
-  appId: string;
-  appPassword: string;
-  tenantId: string;
-};
-export type MSTeamsFederatedCredentials = {
-  type: "federated";
-  appId: string;
-  tenantId: string;
-  certificatePath?: string;
-  certificateThumbprint?: string;
-  useManagedIdentity?: boolean;
-  managedIdentityClientId?: string;
-};
-export type MSTeamsCredentials = MSTeamsSecretCredentials | MSTeamsFederatedCredentials;
-// ── Helpers ────────────────────────────────────────────────────────────────
-function resolveAuthType(cfg?: MSTeamsConfig): "secret" | "federated" {
-  const fromCfg = cfg?.authType;
-  if (fromCfg === "secret" || fromCfg === "federated") {
-    return fromCfg;
-  }
-  const fromEnv = process.env.MSTEAMS_AUTH_TYPE;
-  if (fromEnv === "federated") {
-    return "federated";
-  }
-  return "secret";
-}
-// ── hasConfiguredMSTeamsCredentials ────────────────────────────────────────
-export function hasConfiguredMSTeamsCredentials(cfg?: MSTeamsConfig): boolean {
-  const authType = resolveAuthType(cfg);
-  const hasAppId = Boolean(
-    normalizeSecretInputString(cfg?.appId) ||
-    normalizeSecretInputString(process.env.MSTEAMS_APP_ID),
-  );
-  const hasTenantId = Boolean(
-    normalizeSecretInputString(cfg?.tenantId) ||
-    normalizeSecretInputString(process.env.MSTEAMS_TENANT_ID),
-  );
-  if (authType === "federated") {
-    const hasCert = Boolean(cfg?.certificatePath || process.env.MSTEAMS_CERTIFICATE_PATH);
-    const hasManagedIdentity =
-      cfg?.useManagedIdentity ?? process.env.MSTEAMS_USE_MANAGED_IDENTITY === "true";
-    return hasAppId && hasTenantId && (hasCert || hasManagedIdentity);
-  }
-  // "secret" (default) — original logic
-  return Boolean(
-    normalizeSecretInputString(cfg?.appId) &&
-    hasConfiguredSecretInput(cfg?.appPassword) &&
-    normalizeSecretInputString(cfg?.tenantId),
-  );
-}
-// ── resolveMSTeamsCredentials ─────────────────────────────────────────────
-export function resolveMSTeamsCredentials(cfg?: MSTeamsConfig): MSTeamsCredentials | undefined {
-  const authType = resolveAuthType(cfg);
-  const appId =
-    normalizeSecretInputString(cfg?.appId) ||
-    normalizeSecretInputString(process.env.MSTEAMS_APP_ID);
-  const tenantId =
-    normalizeSecretInputString(cfg?.tenantId) ||
-    normalizeSecretInputString(process.env.MSTEAMS_TENANT_ID);
-  if (!appId || !tenantId) {
-    return undefined;
-  }
-  if (authType === "federated") {
-    const certificatePath =
-      cfg?.certificatePath || process.env.MSTEAMS_CERTIFICATE_PATH || undefined;
-    const certificateThumbprint =
-      cfg?.certificateThumbprint || process.env.MSTEAMS_CERTIFICATE_THUMBPRINT || undefined;
-    const useManagedIdentity =
-      cfg?.useManagedIdentity ?? process.env.MSTEAMS_USE_MANAGED_IDENTITY === "true";
-    const managedIdentityClientId =
-      cfg?.managedIdentityClientId || process.env.MSTEAMS_MANAGED_IDENTITY_CLIENT_ID || undefined;
-    // At least one federated mechanism must be configured.
-    if (!certificatePath && !useManagedIdentity) {
-      return undefined;
-    }
-    return {
-      type: "federated",
-      appId,
-      tenantId,
-      certificatePath,
-      certificateThumbprint,
-      useManagedIdentity: useManagedIdentity || undefined,
-      managedIdentityClientId,
-    };
-  }
-  // "secret" (default) — original logic
-  const appPassword =
-    normalizeResolvedSecretInputString({
-      value: cfg?.appPassword,
-      path: "channels.msteams.appPassword",
-    }) || normalizeSecretInputString(process.env.MSTEAMS_APP_PASSWORD);
-  if (!appPassword) {
-    return undefined;
-  }
-  return { type: "secret", appId, appPassword, tenantId };
-}
-// ---------------------------------------------------------------------------
-// Delegated token storage / resolution
-// ---------------------------------------------------------------------------
-const DELEGATED_TOKEN_FILENAME = "msteams-delegated.json";
-function resolveDelegatedTokenPath(): string {
-  return resolveMSTeamsStorePath({ filename: DELEGATED_TOKEN_FILENAME });
-}
-export function loadDelegatedTokens(): MSTeamsDelegatedTokens | undefined {
-  try {
-    const content = readFileSync(resolveDelegatedTokenPath(), "utf8");
-    return JSON.parse(content) as MSTeamsDelegatedTokens;
-  } catch {
-    return undefined;
-  }
-}
-export function saveDelegatedTokens(tokens: MSTeamsDelegatedTokens): void {
-  const tokenPath = resolveDelegatedTokenPath();
-  const dir = dirname(tokenPath);
-  mkdirSync(dir, { recursive: true });
-  writeFileSync(tokenPath, JSON.stringify(tokens, null, 2), "utf8");
-}
-export async function resolveDelegatedAccessToken(params: {
-  tenantId: string;
-  clientId: string;
-  clientSecret: string;
-}): Promise<string | undefined> {
-  const tokens = loadDelegatedTokens();
-  if (!tokens) {
-    return undefined;
-  }
-  // Token still valid (5-min buffer already baked into expiresAt)
-  if (tokens.expiresAt > Date.now()) {
-    return tokens.accessToken;
-  }
-  // Attempt refresh
-  try {
-    const refreshed = await refreshMSTeamsDelegatedTokens({
-      tenantId: params.tenantId,
-      clientId: params.clientId,
-      clientSecret: params.clientSecret,
-      refreshToken: tokens.refreshToken,
-      scopes: tokens.scopes,
-    });
-    saveDelegatedTokens(refreshed);
-    return refreshed.accessToken;
-  } catch {
-    return undefined;
-  }
-}

package/src/user-agent.test.ts DELETED Viewed

@@ -1,86 +0,0 @@
-import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
-// Mock the runtime before importing buildUserAgent
-const mockRuntime = {
-  version: "2026.3.19",
-};
-vi.mock("./runtime.js", () => ({
-  getMSTeamsRuntime: vi.fn(() => mockRuntime),
-}));
-import { fetchGraphJson } from "./graph.js";
-import { getMSTeamsRuntime } from "./runtime.js";
-import { buildUserAgent, ensureUserAgentHeader, resetUserAgentCache } from "./user-agent.js";
-describe("buildUserAgent", () => {
-  beforeEach(() => {
-    resetUserAgentCache();
-    vi.mocked(getMSTeamsRuntime).mockReturnValue(mockRuntime as never);
-  });
-  afterEach(() => {
-    vi.restoreAllMocks();
-  });
-  it("returns teams.ts[apps]/<sdk> OpenClaw/<version> format", () => {
-    const ua = buildUserAgent();
-    expect(ua).toMatch(/^teams\.ts\[apps\]\/.+ OpenClaw\/2026\.3\.19$/);
-  });
-  it("reflects the runtime version", () => {
-    vi.mocked(getMSTeamsRuntime).mockReturnValue({ version: "1.2.3" } as never);
-    const ua = buildUserAgent();
-    expect(ua).toMatch(/OpenClaw\/1\.2\.3$/);
-  });
-  it("returns OpenClaw/unknown when runtime is not initialized", () => {
-    vi.mocked(getMSTeamsRuntime).mockImplementation(() => {
-      throw new Error("MSTeams runtime not initialized");
-    });
-    const ua = buildUserAgent();
-    expect(ua).toMatch(/OpenClaw\/unknown$/);
-    // SDK version should still be present
-    expect(ua).toMatch(/^teams\.ts\[apps\]\//);
-  });
-  it("sends the generated User-Agent in Graph requests by default", async () => {
-    const mockFetch = vi.fn().mockResolvedValueOnce({
-      ok: true,
-      json: async () => ({ value: [] }),
-    });
-    vi.stubGlobal("fetch", mockFetch);
-    await fetchGraphJson({ token: "test-token", path: "/groups" });
-    expect(mockFetch).toHaveBeenCalledOnce();
-    const [, init] = mockFetch.mock.calls[0];
-    expect(init.headers["User-Agent"]).toMatch(/^teams\.ts\[apps\]\/.+ OpenClaw\/2026\.3\.19$/);
-    expect(init.headers).toHaveProperty("Authorization", "Bearer test-token");
-  });
-  it("lets caller headers override the default Graph User-Agent", async () => {
-    const mockFetch = vi.fn().mockResolvedValueOnce({
-      ok: true,
-      json: async () => ({ value: [] }),
-    });
-    vi.stubGlobal("fetch", mockFetch);
-    await fetchGraphJson({
-      token: "test-token",
-      path: "/groups",
-      headers: { "User-Agent": "custom-agent/1.0" },
-    });
-    const [, init] = mockFetch.mock.calls[0];
-    expect(init.headers["User-Agent"]).toBe("custom-agent/1.0");
-  });
-  it("adds the generated User-Agent to Headers instances without overwriting callers", () => {
-    const generated = ensureUserAgentHeader();
-    expect(generated.get("User-Agent")).toMatch(/^teams\.ts\[apps\]\/.+ OpenClaw\/2026\.3\.19$/);
-    const custom = ensureUserAgentHeader({ "User-Agent": "custom-agent/2.0" });
-    expect(custom.get("User-Agent")).toBe("custom-agent/2.0");
-  });
-});

package/src/user-agent.ts DELETED Viewed

@@ -1,53 +0,0 @@
-import { createRequire } from "node:module";
-import { getMSTeamsRuntime } from "./runtime.js";
-let cachedUserAgent: string | undefined;
-function resolveTeamsSdkVersion(): string {
-  try {
-    const require = createRequire(import.meta.url);
-    const pkg = require("@microsoft/teams.apps/package.json") as { version?: string };
-    return pkg.version ?? "unknown";
-  } catch {
-    return "unknown";
-  }
-}
-function resolveOpenClawVersion(): string {
-  try {
-    return getMSTeamsRuntime().version;
-  } catch {
-    return "unknown";
-  }
-}
-/**
- * Build a combined User-Agent string that preserves the Teams SDK identity
- * and appends the OpenClaw version.
- *
- * Format: "teams.ts[apps]/<sdk-version> OpenClaw/<openclaw-version>"
- * Example: "teams.ts[apps]/2.0.5 OpenClaw/2026.3.22"
- *
- * This lets the Teams backend track SDK usage while also identifying the
- * host application.
- */
-/** Reset the cached User-Agent (for testing). */
-export function resetUserAgentCache(): void {
-  cachedUserAgent = undefined;
-}
-export function buildUserAgent(): string {
-  if (cachedUserAgent) {
-    return cachedUserAgent;
-  }
-  cachedUserAgent = `teams.ts[apps]/${resolveTeamsSdkVersion()} OpenClaw/${resolveOpenClawVersion()}`;
-  return cachedUserAgent;
-}
-export function ensureUserAgentHeader(headers?: HeadersInit): Headers {
-  const nextHeaders = new Headers(headers);
-  if (!nextHeaders.has("User-Agent")) {
-    nextHeaders.set("User-Agent", buildUserAgent());
-  }
-  return nextHeaders;
-}

package/src/webhook-timeouts.ts DELETED Viewed

@@ -1,27 +0,0 @@
-import type { Server } from "node:http";
-const MSTEAMS_WEBHOOK_INACTIVITY_TIMEOUT_MS = 30_000;
-const MSTEAMS_WEBHOOK_REQUEST_TIMEOUT_MS = 30_000;
-const MSTEAMS_WEBHOOK_HEADERS_TIMEOUT_MS = 15_000;
-type ApplyMSTeamsWebhookTimeoutsOpts = {
-  inactivityTimeoutMs?: number;
-  requestTimeoutMs?: number;
-  headersTimeoutMs?: number;
-};
-export function applyMSTeamsWebhookTimeouts(
-  httpServer: Server,
-  opts?: ApplyMSTeamsWebhookTimeoutsOpts,
-): void {
-  const inactivityTimeoutMs = opts?.inactivityTimeoutMs ?? MSTEAMS_WEBHOOK_INACTIVITY_TIMEOUT_MS;
-  const requestTimeoutMs = opts?.requestTimeoutMs ?? MSTEAMS_WEBHOOK_REQUEST_TIMEOUT_MS;
-  const headersTimeoutMs = Math.min(
-    opts?.headersTimeoutMs ?? MSTEAMS_WEBHOOK_HEADERS_TIMEOUT_MS,
-    requestTimeoutMs,
-  );
-  httpServer.setTimeout(inactivityTimeoutMs);
-  httpServer.requestTimeout = requestTimeoutMs;
-  httpServer.headersTimeout = headersTimeoutMs;
-}