import { ISignInFailureInvokeActivity, ISignInTokenExchangeInvokeActivity, ISignInVerifyStateInvokeActivity, TokenExchangeInvokeResponse } from '@microsoft/teams.api';
import { App } from './app';
import * as contexts from './contexts';
import { IPlugin } from './types';
import { PluginAdditionalContext } from './types/app-routing';
export declare function onTokenExchange<TPlugin extends IPlugin>(this: App<TPlugin>, ctx: contexts.IActivityContext<ISignInTokenExchangeInvokeActivity, PluginAdditionalContext<TPlugin>>): Promise<{
    status: number;
    body?: undefined;
} | {
    status: number;
    body: TokenExchangeInvokeResponse;
}>;
export declare function onVerifyState<TPlugin extends IPlugin>(this: App<TPlugin>, ctx: contexts.IActivityContext<ISignInVerifyStateInvokeActivity, PluginAdditionalContext<TPlugin>>): Promise<{
    status: number;
}>;
/**
 * Default handler for signin/failure invoke activities.
 *
 * Teams sends a signin/failure invoke when SSO token exchange fails
 * (e.g., due to a misconfigured Entra app registration). This handler
 * logs the failure details and emits an error event so developers are
 * notified rather than having the failure silently swallowed.
 *
 * Known failure codes (sent by the Teams client):
 * - `installappfailed`: Failed to install the app in the user's personal scope (non-silent).
 * - `authrequestfailed`: The SSO auth request failed after app installation (non-silent).
 * - `installedappnotfound`: The bot app is not installed for the user or group chat.
 * - `invokeerror`: A generic error occurred during the SSO invoke flow.
 * - `resourcematchfailed`: The token exchange resource URI on the OAuthCard does not
 *   match the Application ID URI in the Entra app registration's "Expose an API" section.
 * - `oauthcardnotvalid`: The bot's OAuthCard could not be parsed.
 * - `tokenmissing`: AAD token acquisition failed.
 * - `userconsentrequired`: The user needs to consent (handled via OAuth card fallback,
 *   does not typically reach the bot).
 * - `interactionrequired`: User interaction is required (handled via OAuth card fallback,
 *   does not typically reach the bot).
 */
export declare function onSignInFailure<TPlugin extends IPlugin>(this: App<TPlugin>, ctx: contexts.IActivityContext<ISignInFailureInvokeActivity, PluginAdditionalContext<TPlugin>>): Promise<{
    status: number;
}>;
