@acorex/platform 20.1.0 → 20.2.0-next.0

package/auth/index.d.ts

@@ -1,5 +1,5 @@
 import * as i0 from '@angular/core';
-import { InjectionToken, TemplateRef, ViewContainerRef, ModuleWithProviders, Injector } from '@angular/core';
+import { InjectionToken, TemplateRef, ViewContainerRef, ModuleWithProviders } from '@angular/core';
 import { Observable } from 'rxjs';
 import { AXPLogoConfig, AXPExpressionEvaluatorScopeProvider, AXPExpressionEvaluatorScopeProviderContext } from '@acorex/platform/core';
 import { CanActivateFn } from '@angular/router';
@@ -165,18 +165,11 @@ interface AXPRefreshTokenResult {
     succeed: boolean;
     data?: AXPTokenResult;
 }
-declare abstract class AXPAuthStrategy {
-    abstract get name(): string;
-    abstract signin(credentials: AXPBaseCredentials): Promise<AXPSignInResult>;
-    abstract signout(): Promise<void>;
-    abstract refreshToken(context: AXPSessionContext): Promise<AXPRefreshTokenResult>;
-    startAuthorizationFlow?(tenantId: string, applicationId: string): Promise<void>;
-    completeAuthorizationCodeFlow?(options: {
-        code: string;
-        redirectUri: string;
-        clientId?: string;
-        tokenEndpoint?: string;
-    }): Promise<void>;
+interface AXPAuthStrategy {
+    get name(): string;
+    signin(credentials: AXPBaseCredentials): Promise<AXPSignInResult>;
+    signout(): Promise<void>;
+    refreshToken(context: AXPSessionContext): Promise<AXPRefreshTokenResult>;
 }
 interface AXPSessionData {
     accessToken: string;
@@ -227,8 +220,6 @@ declare class AXPSessionService {
     private readonly applicationLoader;
     private status;
     readonly status$: Observable<AXPSessionStatus>;
-    private isLoading;
-    readonly isLoading$: Observable<boolean>;
     private currentUserSubject;
     readonly user$: Observable<AXPUser | null>;
     get user(): AXPUser | null;
@@ -247,16 +238,18 @@ declare class AXPSessionService {
     readonly features$: Observable<never[] | AXPFeature[]>;
     get features(): AXPFeature[];
     readonly isAuthenticated$: Observable<boolean>;
-    readonly isAuthenticatedWithLoading$: Observable<boolean>;
     readonly isAuthorized$: Observable<boolean>;
     restoreSession(): Promise<void>;
     signin(credentials: AXPBaseCredentials): Promise<void>;
     signout(): Promise<void>;
     refreshToken(): Promise<any>;
+    setTenant(tenant: AXPTenant | null): Promise<void>;
+    setApplication(application: AXPApplication | null): Promise<void>;
     private loadPermissions;
     private loadFeatures;
     signInComplete(): Promise<void>;
-    setSession(tokens: Partial<AXPSessionData>): void;
+    private setSession;
+    private updateSession;
     getSessionData(): AXPSessionData | null;
     private clearSession;
     authorize(...keys: string[]): boolean;
@@ -291,16 +284,6 @@ declare class AXPAuthModule {
     static ɵinj: i0.ɵɵInjectorDeclaration<AXPAuthModule>;
 }
 
-declare class AXPAuthStrategyRegistryService {
-    private strategies;
-    private injector;
-    constructor(injector: Injector);
-    register(...plugins: (new () => AXPAuthStrategy)[]): void;
-    get(strategyKey: string): AXPAuthStrategy | undefined;
-    static ɵfac: i0.ɵɵFactoryDeclaration<AXPAuthStrategyRegistryService, never>;
-    static ɵprov: i0.ɵɵInjectableDeclaration<AXPAuthStrategyRegistryService>;
-}
-
 declare class AXPUnauthorizedError extends Error {
     data?: {
         redirectUrl?: string;
@@ -318,5 +301,5 @@ declare class AXPUnauthenticatedError extends Error {
     } | undefined);
 }
 
-export { AXPAuthGuard, AXPAuthModule, AXPAuthStrategy, AXPAuthStrategyRegistryService, AXPFeatureDirective, AXPFeatureGuard, AXPPermissionDefinitionBuilder, AXPPermissionDefinitionGroupBuilder, AXPPermissionDefinitionProviderContext, AXPPermissionDefinitionService, AXPPermissionDirective, AXPPermissionEvaluatorScopeProvider, AXPPermissionGuard, AXPSessionContext, AXPSessionService, AXPSessionStatus, AXPUnauthenticatedError, AXPUnauthorizedError, AXP_APPLICATION_LOADER, AXP_FEATURE_LOADER, AXP_PERMISSION_DEFINITION_PROVIDER, AXP_PERMISSION_LOADER, AXP_TENANT_LOADER, initializeAppState };
-export type { AXPApplication, AXPApplicationLoader, AXPAuthModuleConfigs, AXPBaseCredentials, AXPFeature, AXPFeatureLoader, AXPPermission, AXPPermissionDefinition, AXPPermissionDefinitionProvider, AXPPermissionGroupDefinition, AXPPermissionLoader, AXPRefreshTokenResult, AXPSessionData, AXPSignInResult, AXPTenant, AXPTenantLoader, AXPTokenResult, AXPUser };
+export { AXPAuthGuard, AXPAuthModule, AXPFeatureDirective, AXPFeatureGuard, AXPPermissionDefinitionBuilder, AXPPermissionDefinitionGroupBuilder, AXPPermissionDefinitionProviderContext, AXPPermissionDefinitionService, AXPPermissionDirective, AXPPermissionEvaluatorScopeProvider, AXPPermissionGuard, AXPSessionContext, AXPSessionService, AXPSessionStatus, AXPUnauthenticatedError, AXPUnauthorizedError, AXP_APPLICATION_LOADER, AXP_FEATURE_LOADER, AXP_PERMISSION_DEFINITION_PROVIDER, AXP_PERMISSION_LOADER, AXP_TENANT_LOADER, initializeAppState };
+export type { AXPApplication, AXPApplicationLoader, AXPAuthModuleConfigs, AXPAuthStrategy, AXPBaseCredentials, AXPFeature, AXPFeatureLoader, AXPPermission, AXPPermissionDefinition, AXPPermissionDefinitionProvider, AXPPermissionGroupDefinition, AXPPermissionLoader, AXPRefreshTokenResult, AXPSessionData, AXPSignInResult, AXPTenant, AXPTenantLoader, AXPTokenResult, AXPUser };

package/fesm2022/acorex-platform-auth.mjs

@@ -1,8 +1,8 @@
 import * as i0 from '@angular/core';
 import { InjectionToken, Injector, Injectable, signal, inject, Input, Directive, provideAppInitializer, Optional, Inject, NgModule } from '@angular/core';
-import { of, map, BehaviorSubject, shareReplay, defaultIfEmpty, switchMap, filter, firstValueFrom, first } from 'rxjs';
-import { AXPBroadcastEventService } from '@acorex/platform/core';
-import { isEmpty } from 'lodash-es';
+import { of, map, BehaviorSubject, shareReplay, defaultIfEmpty, firstValueFrom, first } from 'rxjs';
+import { AXPBroadcastEventService, AXP_EXPRESSION_EVALUATOR_SCOPE_PROVIDER } from '@acorex/platform/core';
+import { merge, isEmpty } from 'lodash-es';
 
 const AXP_APPLICATION_LOADER = new InjectionToken('AXP_APPLICATION_LOADER', {
     providedIn: 'root',
@@ -21,14 +21,6 @@ class AXPApplicationDefaultLoader {
                 editionName: 'Standard',
                 features: [],
             },
-            {
-                id: '2',
-                name: 'default-app',
-                title: 'Default Application',
-                version: '1.0.0',
-                editionName: 'Standard',
-                features: [],
-            },
         ]);
     }
 }
@@ -224,9 +216,6 @@ class AXPSessionService {
         this.applicationLoader = inject(AXP_APPLICATION_LOADER);
         this.status = new BehaviorSubject(AXPSessionStatus.Unauthenticated);
         this.status$ = this.status.asObservable().pipe(shareReplay(1));
-        // Add loading state to prevent premature redirects
-        this.isLoading = new BehaviorSubject(true);
-        this.isLoading$ = this.isLoading.asObservable().pipe(shareReplay(1));
         this.currentUserSubject = new BehaviorSubject(null);
         this.user$ = this.currentUserSubject.asObservable().pipe(shareReplay(1));
         this.currentTenantSubject = new BehaviorSubject(null);
@@ -237,17 +226,7 @@ class AXPSessionService {
         this.permissions$ = this.permissionsSubject.asObservable().pipe(shareReplay(1), defaultIfEmpty([]));
         this.featuresSubject = new BehaviorSubject([]);
         this.features$ = this.featuresSubject.asObservable().pipe(shareReplay(1), defaultIfEmpty([]));
-        this.isAuthenticated$ = this.status$.pipe(map((status) => {
-            const isAuth = status === AXPSessionStatus.Authenticated || status === AXPSessionStatus.Authorized;
-            return isAuth;
-        }), shareReplay(1));
-        // Add a new observable that considers loading state
-        this.isAuthenticatedWithLoading$ = this.isLoading$.pipe(switchMap((loading) => {
-            if (loading) {
-                return this.isLoading$.pipe(filter((isLoading) => !isLoading), switchMap(() => this.isAuthenticated$));
-            }
-            return this.isAuthenticated$;
-        }), shareReplay(1));
+        this.isAuthenticated$ = this.status$.pipe(map((status) => status === AXPSessionStatus.Authenticated || status === AXPSessionStatus.Authorized), shareReplay(1));
         this.isAuthorized$ = this.status$.pipe(map((status) => status === AXPSessionStatus.Authorized), shareReplay(1));
     }
     static { this.SESSION_KEY = 'AXP_SESSION'; }
@@ -285,138 +264,108 @@ class AXPSessionService {
         return this.featuresSubject.value ?? [];
     }
     async restoreSession() {
-        this.isLoading.next(true);
-        try {
-            const sessionData = this.getSessionData();
-            if (sessionData) {
-                if (sessionData.user) {
-                    this.currentUserSubject.next(sessionData.user);
-                    this.status.next(AXPSessionStatus.Authenticated);
-                    await this.loadPermissions();
-                    await this.loadFeatures();
-                    await this.signInComplete();
-                }
-            }
-            else {
-                this.status.next(AXPSessionStatus.Unauthorized);
+        const sessionData = this.getSessionData();
+        if (sessionData) {
+            if (sessionData.user) {
+                this.currentUserSubject.next(sessionData.user);
+                this.status.next(AXPSessionStatus.Authenticated);
             }
-        }
-        catch (error) {
+            // if (sessionData.tenant) {
+            //   this.setTenant(sessionData.tenant);
+            // }
+            // if (sessionData.application) {
+            //   this.setApplication(sessionData.application);
+            // }
+            await this.loadPermissions();
+            await this.loadFeatures();
+            await this.signInComplete();
+        }
+        else {
             this.status.next(AXPSessionStatus.Unauthorized);
         }
-        finally {
-            this.isLoading.next(false);
-        }
     }
     async signin(credentials) {
-        this.isLoading.next(true);
-        try {
-            //
-            this.clearSession();
-            //
-            const strategy = this.authStrategyRegistry.get(credentials.strategy);
-            if (!strategy) {
-                throw new Error(`Authentication strategy '${credentials.strategy}' is not supported`);
-            }
-            const result = await strategy.signin(credentials);
-            if (result.succeed) {
-                this.currentUserSubject.next(result.data.user);
-                this.setSession({
-                    accessToken: result.data.accessToken,
-                    refreshToken: result.data.refreshToken,
-                    strategy: credentials.strategy,
-                    user: result.data.user,
-                    application: result.data?.application,
-                    tenant: result.data?.tenant,
-                    expiresIn: result.data?.expiresIn,
-                    idToken: result.data?.idToken ?? null,
-                });
-                this.status.next(AXPSessionStatus.Authenticated);
-                // Load permissions and features
-                await this.loadPermissions();
-                await this.loadFeatures();
-                // If we have both tenant and application, complete the sign-in
-                if (this.application && this.tenant) {
-                    await this.signInComplete();
-                }
-            }
-            else {
-                this.status.next(AXPSessionStatus.Unauthenticated);
-                throw new Error(`Invalid Username or Password`);
-            }
+        // 
+        this.clearSession();
+        //
+        const strategy = this.authStrategyRegistry.get(credentials.strategy);
+        if (!strategy) {
+            throw new Error(`Authentication strategy '${credentials.strategy}' is not supported`);
+        }
+        const result = await strategy.signin(credentials);
+        if (result.succeed) {
+            this.currentUserSubject.next(result.data.user);
+            this.setSession({
+                accessToken: result.data.accessToken,
+                refreshToken: result.data.refreshToken,
+                strategy: credentials.strategy,
+                user: result.data.user,
+                application: result.data?.application,
+                tenant: result.data?.tenant,
+                expiresIn: result.data?.expiresIn,
+                idToken: result.data?.idToken ?? null,
+            });
+            this.status.next(AXPSessionStatus.Authenticated);
+            if (this.application && this.tenant)
+                await this.signInComplete();
         }
-        catch (error) {
-            console.error('Signin error:', error);
+        else {
             this.status.next(AXPSessionStatus.Unauthenticated);
-            throw error;
-        }
-        finally {
-            this.isLoading.next(false);
-            console.log('Signin process completed');
+            throw new Error(`Invalid Username or Password`);
         }
     }
     async signout() {
-        console.log('Signing out...');
-        this.isLoading.next(true);
-        try {
-            const sessionData = this.getSessionData();
-            if (sessionData?.strategy) {
-                const strategy = this.authStrategyRegistry.get(sessionData?.strategy);
-                if (strategy) {
-                    try {
-                        await strategy.signout();
-                    }
-                    catch (error) {
-                    }
-                }
+        const sessionData = this.getSessionData();
+        if (sessionData?.strategy) {
+            const strategy = this.authStrategyRegistry.get(sessionData?.strategy);
+            if (strategy) {
+                await strategy.signout();
             }
-            //
-            const userId = this.user?.id;
-            this.clearSession();
-            this.status.next(AXPSessionStatus.SignedOut);
-            this.eventService.publish(AXPSessionStatus.SignedOut, { id: userId });
-        }
-        finally {
-            this.isLoading.next(false);
         }
+        //
+        const userId = this.user?.id;
+        this.clearSession();
+        this.status.next(AXPSessionStatus.SignedOut);
+        this.eventService.publish(AXPSessionStatus.SignedOut, { id: userId });
     }
     async refreshToken() {
-        console.log('Refreshing token...');
         return new Promise(async (resolve, reject) => {
             const sessionData = this.getSessionData();
             if (!sessionData || !sessionData?.refreshToken) {
-                console.log('No session data or refresh token found');
-                reject(new Error('No refresh token available'));
                 return;
             }
             const strategy = this.authStrategyRegistry.get(sessionData.strategy);
             if (!strategy) {
-                console.error('Authentication strategy not found:', sessionData.strategy);
-                reject(new Error(`Authentication strategy '${sessionData.strategy}' is not found`));
-                return;
+                reject();
+                throw new Error(`Authentication strategy '${sessionData.strategy}' is not found`);
             }
-            try {
-                const result = await strategy.refreshToken(this.getContext());
-                if (result.succeed) {
-                    console.log('Token refresh successful');
-                    this.setSession(result.data);
-                    resolve(result.data?.accessToken);
-                }
-                else {
-                    console.error('Token refresh failed');
-                    this.clearSession();
-                    this.status.next(AXPSessionStatus.Expired);
-                    reject(new Error('Token refresh failed'));
-                }
+            const result = await strategy.refreshToken(this.getContext());
+            if (result.succeed) {
+                this.setSession(result.data);
+                resolve(result.data?.accessToken);
             }
-            catch (error) {
-                console.error('Error during token refresh:', error);
+            else {
                 this.clearSession();
                 this.status.next(AXPSessionStatus.Expired);
-                reject(error);
             }
         });
     }
+    async setTenant(tenant) {
+        this.currentTenantSubject.next(tenant);
+        if (tenant) {
+            this.updateSession({ tenant: tenant });
+            await this.refreshToken();
+        }
+    }
+    async setApplication(application) {
+        this.currentApplicationSubject.next(application);
+        if (application) {
+            this.updateSession({ application: application });
+            await this.refreshToken();
+            await this.loadPermissions();
+            await this.loadFeatures();
+        }
+    }
     async loadPermissions() {
         try {
             const permissions = await firstValueFrom(this.permissionLoader.getList(this.getContext()));
@@ -438,64 +387,37 @@ class AXPSessionService {
         }
     }
     async signInComplete() {
-        // Ensure we have the required data
-        if (!this.user) {
-            this.status.next(AXPSessionStatus.Unauthenticated);
-            return;
-        }
-        // Set status to Authorized
         this.status.next(AXPSessionStatus.Authorized);
-        // Double-check the status was set correctly
-        setTimeout(() => {
-            console.log('Status after timeout:', this.status.value);
-        }, 100);
     }
     setSession(tokens) {
         const sessionData = {
             accessToken: tokens.accessToken,
             refreshToken: tokens.refreshToken,
             strategy: tokens.strategy,
-            user: tokens.user,
+            user: this.user,
             application: tokens.application,
             tenant: tokens.tenant,
             expiresIn: tokens.expiresIn,
             idToken: tokens.idToken,
         };
-        // Update subjects
-        if (tokens.user) {
-            this.currentUserSubject.next(tokens.user);
-        }
-        if (tokens.tenant) {
-            this.currentTenantSubject.next(tokens.tenant);
-        }
-        if (tokens.application) {
-            this.currentApplicationSubject.next(tokens.application);
-        }
-        localStorage.setItem(AXPSessionService.SESSION_KEY, JSON.stringify(sessionData));
+        this.updateSession(sessionData);
+    }
+    updateSession(update) {
+        const currentSession = this.getSessionData() ?? {};
+        const updatedSession = merge({}, currentSession, update);
+        localStorage.setItem(AXPSessionService.SESSION_KEY, JSON.stringify(updatedSession));
     }
     getSessionData() {
-        try {
-            const sessionDataString = localStorage.getItem(AXPSessionService.SESSION_KEY);
-            if (sessionDataString) {
-                const sessionData = JSON.parse(sessionDataString);
-                return sessionData;
-            }
-            else {
-                return null;
-            }
-        }
-        catch (error) {
-            localStorage.removeItem(AXPSessionService.SESSION_KEY);
-            return null;
-        }
+        const sessionDataString = localStorage.getItem(AXPSessionService.SESSION_KEY);
+        return sessionDataString ? JSON.parse(sessionDataString) : null;
     }
     clearSession() {
         //
         this.currentUserSubject.next(null);
         //
-        this.currentTenantSubject.next(null);
+        this.setTenant(null);
         //
-        this.currentApplicationSubject.next(null);
+        this.setApplication(null);
         //
         this.permissionsSubject.next([]);
         //
@@ -771,7 +693,7 @@ class AXPPermissionEvaluatorScopeProvider {
 
 const AXPAuthGuard = (route, state) => {
     const sessionService = inject(AXPSessionService);
-    return sessionService.isAuthenticatedWithLoading$.pipe(first(), map((value) => {
+    return sessionService.isAuthenticated$.pipe(first(), map((value) => {
         if (value) {
             return true;
         }
@@ -836,9 +758,14 @@ class AXPAuthModule {
     static { this.ɵmod = i0.ɵɵngDeclareNgModule({ minVersion: "14.0.0", version: "20.1.3", ngImport: i0, type: AXPAuthModule, declarations: [AXPPermissionDirective, AXPFeatureDirective], exports: [AXPPermissionDirective, AXPFeatureDirective] }); }
     static { this.ɵinj = i0.ɵɵngDeclareInjector({ minVersion: "12.0.0", version: "20.1.3", ngImport: i0, type: AXPAuthModule, providers: [
             provideAppInitializer(() => {
-                const initializerFn = initializeAppState(inject(AXPSessionService));
+                const initializerFn = (initializeAppState)(inject(AXPSessionService));
                 return initializerFn();
             }),
+            {
+                provide: AXP_EXPRESSION_EVALUATOR_SCOPE_PROVIDER,
+                useClass: AXPPermissionEvaluatorScopeProvider,
+                multi: true,
+            },
         ] }); }
 }
 i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.1.3", ngImport: i0, type: AXPAuthModule, decorators: [{
@@ -849,9 +776,14 @@ i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.1.3", ngImpor
                     declarations: [AXPPermissionDirective, AXPFeatureDirective],
                     providers: [
                         provideAppInitializer(() => {
-                            const initializerFn = initializeAppState(inject(AXPSessionService));
+                            const initializerFn = (initializeAppState)(inject(AXPSessionService));
                             return initializerFn();
                         }),
+                        {
+                            provide: AXP_EXPRESSION_EVALUATOR_SCOPE_PROVIDER,
+                            useClass: AXPPermissionEvaluatorScopeProvider,
+                            multi: true,
+                        },
                     ],
                 }]
         }], ctorParameters: () => [{ type: undefined, decorators: [{
@@ -861,19 +793,9 @@ i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.1.3", ngImpor
                     args: ['AXPAuthModuleFactory']
                 }] }] });
 
-class AXPAuthStrategy {
-    // OIDC-specific methods (default: throw error)
-    startAuthorizationFlow(tenantId, applicationId) {
-        throw new Error('startAuthorizationFlow is not implemented for this strategy');
-    }
-    completeAuthorizationCodeFlow(options) {
-        throw new Error('completeAuthorizationCodeFlow is not implemented for this strategy');
-    }
-}
-
 /**
  * Generated bundle index. Do not edit.
  */
 
-export { AXPAuthGuard, AXPAuthModule, AXPAuthStrategy, AXPAuthStrategyRegistryService, AXPFeatureDirective, AXPFeatureGuard, AXPPermissionDefinitionBuilder, AXPPermissionDefinitionGroupBuilder, AXPPermissionDefinitionProviderContext, AXPPermissionDefinitionService, AXPPermissionDirective, AXPPermissionEvaluatorScopeProvider, AXPPermissionGuard, AXPSessionContext, AXPSessionService, AXPSessionStatus, AXPUnauthenticatedError, AXPUnauthorizedError, AXP_APPLICATION_LOADER, AXP_FEATURE_LOADER, AXP_PERMISSION_DEFINITION_PROVIDER, AXP_PERMISSION_LOADER, AXP_TENANT_LOADER, initializeAppState };
+export { AXPAuthGuard, AXPAuthModule, AXPFeatureDirective, AXPFeatureGuard, AXPPermissionDefinitionBuilder, AXPPermissionDefinitionGroupBuilder, AXPPermissionDefinitionProviderContext, AXPPermissionDefinitionService, AXPPermissionDirective, AXPPermissionEvaluatorScopeProvider, AXPPermissionGuard, AXPSessionContext, AXPSessionService, AXPSessionStatus, AXPUnauthenticatedError, AXPUnauthorizedError, AXP_APPLICATION_LOADER, AXP_FEATURE_LOADER, AXP_PERMISSION_DEFINITION_PROVIDER, AXP_PERMISSION_LOADER, AXP_TENANT_LOADER, initializeAppState };
 //# sourceMappingURL=acorex-platform-auth.mjs.map