// Copyright (c) Microsoft. All rights reserved. using Microsoft.Agents.Authentication; namespace M365Agent; internal sealed class TokenValidationOptions { /// /// The list of audiences to validate against. /// public IList? Audiences { get; set; } /// /// TenantId of the Azure Bot. Optional but recommended. /// public string? TenantId { get; set; } /// /// Additional valid issuers. Optional, in which case the Public Azure Bot Service issuers are used. /// public IList? ValidIssuers { get; set; } /// /// Can be omitted, in which case public Azure Bot Service and Azure Cloud metadata urls are used. /// public bool IsGov { get; set; } /// /// Azure Bot Service OpenIdMetadataUrl. Optional, in which case default value depends on IsGov. /// /// /// public string? AzureBotServiceOpenIdMetadataUrl { get; set; } /// /// Entra OpenIdMetadataUrl. Optional, in which case default value depends on IsGov. /// /// /// public string? OpenIdMetadataUrl { get; set; } /// /// Determines if Azure Bot Service tokens are handled. Defaults to true and should always be true until Azure Bot Service sends Entra ID token. /// public bool AzureBotServiceTokenHandling { get; set; } = true; /// /// OpenIdMetadata refresh interval. Defaults to 12 hours. /// public TimeSpan? OpenIdMetadataRefresh { get; set; } }