// Copyright (c) Microsoft. All rights reserved.
using Microsoft.Agents.Authentication;
namespace M365Agent;
internal sealed class TokenValidationOptions
{
///
/// The list of audiences to validate against.
///
public IList? Audiences { get; set; }
///
/// TenantId of the Azure Bot. Optional but recommended.
///
public string? TenantId { get; set; }
///
/// Additional valid issuers. Optional, in which case the Public Azure Bot Service issuers are used.
///
public IList? ValidIssuers { get; set; }
///
/// Can be omitted, in which case public Azure Bot Service and Azure Cloud metadata urls are used.
///
public bool IsGov { get; set; }
///
/// Azure Bot Service OpenIdMetadataUrl. Optional, in which case default value depends on IsGov.
///
///
///
public string? AzureBotServiceOpenIdMetadataUrl { get; set; }
///
/// Entra OpenIdMetadataUrl. Optional, in which case default value depends on IsGov.
///
///
///
public string? OpenIdMetadataUrl { get; set; }
///
/// Determines if Azure Bot Service tokens are handled. Defaults to true and should always be true until Azure Bot Service sends Entra ID token.
///
public bool AzureBotServiceTokenHandling { get; set; } = true;
///
/// OpenIdMetadata refresh interval. Defaults to 12 hours.
///
public TimeSpan? OpenIdMetadataRefresh { get; set; }
}