@acorex/platform 20.2.0-next.1 → 20.2.0-next.3

package/fesm2022/acorex-platform-auth.mjs

@@ -1,8 +1,8 @@
 import * as i0 from '@angular/core';
 import { InjectionToken, Injector, Injectable, signal, inject, Input, Directive, provideAppInitializer, Optional, Inject, NgModule } from '@angular/core';
-import { of, map, BehaviorSubject, shareReplay, defaultIfEmpty, firstValueFrom, first } from 'rxjs';
-import { AXPBroadcastEventService, AXP_EXPRESSION_EVALUATOR_SCOPE_PROVIDER } from '@acorex/platform/core';
-import { merge, isEmpty } from 'lodash-es';
+import { of, map, BehaviorSubject, shareReplay, defaultIfEmpty, switchMap, filter, firstValueFrom, first } from 'rxjs';
+import { AXPBroadcastEventService } from '@acorex/platform/core';
+import { isEmpty } from 'lodash-es';
 
 const AXP_APPLICATION_LOADER = new InjectionToken('AXP_APPLICATION_LOADER', {
     providedIn: 'root',
@@ -21,6 +21,14 @@ class AXPApplicationDefaultLoader {
                 editionName: 'Standard',
                 features: [],
             },
+            {
+                id: '2',
+                name: 'default-app',
+                title: 'Default Application',
+                version: '1.0.0',
+                editionName: 'Standard',
+                features: [],
+            },
         ]);
     }
 }
@@ -60,10 +68,10 @@ class AXPAuthStrategyRegistryService {
     get(strategyKey) {
         return this.strategies.get(strategyKey);
     }
-    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.1.3", ngImport: i0, type: AXPAuthStrategyRegistryService, deps: [{ token: i0.Injector }], target: i0.ɵɵFactoryTarget.Injectable }); }
-    static { this.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "20.1.3", ngImport: i0, type: AXPAuthStrategyRegistryService, providedIn: 'root' }); }
+    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.1.4", ngImport: i0, type: AXPAuthStrategyRegistryService, deps: [{ token: i0.Injector }], target: i0.ɵɵFactoryTarget.Injectable }); }
+    static { this.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "20.1.4", ngImport: i0, type: AXPAuthStrategyRegistryService, providedIn: 'root' }); }
 }
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.1.3", ngImport: i0, type: AXPAuthStrategyRegistryService, decorators: [{
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.1.4", ngImport: i0, type: AXPAuthStrategyRegistryService, decorators: [{
             type: Injectable,
             args: [{
                     providedIn: 'root'
@@ -120,10 +128,10 @@ class AXPFeatureDirective {
     ngOnDestroy() {
         this.subscription?.unsubscribe();
     }
-    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.1.3", ngImport: i0, type: AXPFeatureDirective, deps: [{ token: i0.TemplateRef }, { token: i0.ViewContainerRef }], target: i0.ɵɵFactoryTarget.Directive }); }
-    static { this.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "14.0.0", version: "20.1.3", type: AXPFeatureDirective, isStandalone: false, selector: "[feature]", inputs: { feature: "feature", featureElse: "featureElse" }, ngImport: i0 }); }
+    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.1.4", ngImport: i0, type: AXPFeatureDirective, deps: [{ token: i0.TemplateRef }, { token: i0.ViewContainerRef }], target: i0.ɵɵFactoryTarget.Directive }); }
+    static { this.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "14.0.0", version: "20.1.4", type: AXPFeatureDirective, isStandalone: false, selector: "[feature]", inputs: { feature: "feature", featureElse: "featureElse" }, ngImport: i0 }); }
 }
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.1.3", ngImport: i0, type: AXPFeatureDirective, decorators: [{
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.1.4", ngImport: i0, type: AXPFeatureDirective, decorators: [{
             type: Directive,
             args: [{
                     selector: '[feature]',
@@ -216,6 +224,9 @@ class AXPSessionService {
         this.applicationLoader = inject(AXP_APPLICATION_LOADER);
         this.status = new BehaviorSubject(AXPSessionStatus.Unauthenticated);
         this.status$ = this.status.asObservable().pipe(shareReplay(1));
+        // Add loading state to prevent premature redirects
+        this.isLoading = new BehaviorSubject(true);
+        this.isLoading$ = this.isLoading.asObservable().pipe(shareReplay(1));
         this.currentUserSubject = new BehaviorSubject(null);
         this.user$ = this.currentUserSubject.asObservable().pipe(shareReplay(1));
         this.currentTenantSubject = new BehaviorSubject(null);
@@ -226,7 +237,17 @@ class AXPSessionService {
         this.permissions$ = this.permissionsSubject.asObservable().pipe(shareReplay(1), defaultIfEmpty([]));
         this.featuresSubject = new BehaviorSubject([]);
         this.features$ = this.featuresSubject.asObservable().pipe(shareReplay(1), defaultIfEmpty([]));
-        this.isAuthenticated$ = this.status$.pipe(map((status) => status === AXPSessionStatus.Authenticated || status === AXPSessionStatus.Authorized), shareReplay(1));
+        this.isAuthenticated$ = this.status$.pipe(map((status) => {
+            const isAuth = status === AXPSessionStatus.Authenticated || status === AXPSessionStatus.Authorized;
+            return isAuth;
+        }), shareReplay(1));
+        // Add a new observable that considers loading state
+        this.isAuthenticatedWithLoading$ = this.isLoading$.pipe(switchMap((loading) => {
+            if (loading) {
+                return this.isLoading$.pipe(filter((isLoading) => !isLoading), switchMap(() => this.isAuthenticated$));
+            }
+            return this.isAuthenticated$;
+        }), shareReplay(1));
         this.isAuthorized$ = this.status$.pipe(map((status) => status === AXPSessionStatus.Authorized), shareReplay(1));
     }
     static { this.SESSION_KEY = 'AXP_SESSION'; }
@@ -264,108 +285,184 @@ class AXPSessionService {
         return this.featuresSubject.value ?? [];
     }
     async restoreSession() {
-        const sessionData = this.getSessionData();
-        if (sessionData) {
-            if (sessionData.user) {
-                this.currentUserSubject.next(sessionData.user);
-                this.status.next(AXPSessionStatus.Authenticated);
+        this.isLoading.next(true);
+        try {
+            const sessionData = this.getSessionData();
+            if (sessionData) {
+                if (sessionData.user) {
+                    this.currentUserSubject.next(sessionData.user);
+                    this.status.next(AXPSessionStatus.Authenticated);
+                    await this.loadPermissions();
+                    await this.loadFeatures();
+                    await this.signInComplete();
+                }
+            }
+            else {
+                this.status.next(AXPSessionStatus.Unauthorized);
             }
-            // if (sessionData.tenant) {
-            //   this.setTenant(sessionData.tenant);
-            // }
-            // if (sessionData.application) {
-            //   this.setApplication(sessionData.application);
-            // }
-            await this.loadPermissions();
-            await this.loadFeatures();
-            await this.signInComplete();
-        }
-        else {
+        }
+        catch (error) {
             this.status.next(AXPSessionStatus.Unauthorized);
         }
+        finally {
+            this.isLoading.next(false);
+        }
     }
     async signin(credentials) {
-        // 
-        this.clearSession();
-        //
-        const strategy = this.authStrategyRegistry.get(credentials.strategy);
-        if (!strategy) {
-            throw new Error(`Authentication strategy '${credentials.strategy}' is not supported`);
-        }
-        const result = await strategy.signin(credentials);
-        if (result.succeed) {
-            this.currentUserSubject.next(result.data.user);
-            this.setSession({
-                accessToken: result.data.accessToken,
-                refreshToken: result.data.refreshToken,
-                strategy: credentials.strategy,
-                user: result.data.user,
-                application: result.data?.application,
-                tenant: result.data?.tenant,
-                expiresIn: result.data?.expiresIn,
-                idToken: result.data?.idToken ?? null,
-            });
-            this.status.next(AXPSessionStatus.Authenticated);
-            if (this.application && this.tenant)
-                await this.signInComplete();
+        this.isLoading.next(true);
+        try {
+            //
+            // this.clearSession();
+            //
+            const strategy = this.authStrategyRegistry.get(credentials.strategy);
+            if (!strategy) {
+                throw new Error(`Authentication strategy '${credentials.strategy}' is not supported`);
+            }
+            const result = await strategy.signin(credentials);
+            if (!result)
+                return;
+            if (result?.succeed) {
+                this.currentUserSubject.next(result.data.user);
+                this.setSession({
+                    accessToken: result.data.accessToken,
+                    refreshToken: result.data.refreshToken,
+                    strategy: credentials.strategy,
+                    user: result.data.user,
+                    application: result.data?.application,
+                    tenant: result.data?.tenant,
+                    expiresIn: result.data?.expiresIn,
+                    idToken: result.data?.idToken ?? null,
+                });
+                this.status.next(AXPSessionStatus.Authenticated);
+                // Load permissions and features
+                await this.loadPermissions();
+                await this.loadFeatures();
+                // If we have both tenant and application, complete the sign-in
+                if (this.application && this.tenant) {
+                    await this.signInComplete();
+                }
+            }
+            else {
+                this.status.next(AXPSessionStatus.Unauthenticated);
+                throw new Error(`Invalid Username or Password`);
+            }
         }
-        else {
+        catch (error) {
+            console.error('Signin error:', error);
             this.status.next(AXPSessionStatus.Unauthenticated);
-            throw new Error(`Invalid Username or Password`);
+            throw error;
+        }
+        finally {
+            this.isLoading.next(false);
+            console.log('Signin process completed');
+        }
+    }
+    async updateToken(params) {
+        this.isLoading.next(true);
+        try {
+            const strategyName = this.getSessionData()?.strategy;
+            if (!strategyName) {
+                throw new Error('Strategy not found');
+            }
+            const strategy = this.authStrategyRegistry.get(strategyName);
+            if (!strategy) {
+                throw new Error(`Authentication strategy '${this.getSessionData()?.strategy}' is not supported`);
+            }
+            const result = await strategy.updateToken(params);
+            if (result?.succeed) {
+                this.currentUserSubject.next(result.data.user);
+                this.setSession({
+                    accessToken: result.data.accessToken,
+                    refreshToken: result.data.refreshToken,
+                    strategy: strategyName,
+                    user: result.data.user,
+                    application: result.data?.application,
+                    tenant: result.data?.tenant,
+                    expiresIn: result.data?.expiresIn,
+                    idToken: result.data?.idToken ?? null,
+                });
+                this.status.next(AXPSessionStatus.Authenticated);
+                // If we have both tenant and application, complete the sign-in
+                if (this.application && this.tenant) {
+                    await this.signInComplete();
+                }
+            }
+            else {
+                this.status.next(AXPSessionStatus.Unauthenticated);
+                throw new Error(`Invalid Username or Password`);
+            }
+        }
+        catch (error) {
+            console.error('Update token error:', error);
+            throw error;
+        }
+        finally {
+            this.isLoading.next(false);
+            console.log('Update token process completed');
         }
     }
     async signout() {
-        const sessionData = this.getSessionData();
-        if (sessionData?.strategy) {
-            const strategy = this.authStrategyRegistry.get(sessionData?.strategy);
-            if (strategy) {
-                await strategy.signout();
+        console.log('Signing out...');
+        this.isLoading.next(true);
+        try {
+            const sessionData = this.getSessionData();
+            if (sessionData?.strategy) {
+                const strategy = this.authStrategyRegistry.get(sessionData?.strategy);
+                if (strategy) {
+                    try {
+                        await strategy.signout();
+                    }
+                    catch (error) { }
+                }
             }
+            //
+            const userId = this.user?.id;
+            this.clearSession();
+            this.eventService.publish(AXPSessionStatus.SignedOut, { id: userId });
+            this.isLoading.next(false);
+            this.status.next(AXPSessionStatus.SignedOut);
+        }
+        finally {
+            this.isLoading.next(false);
         }
-        //
-        const userId = this.user?.id;
-        this.clearSession();
-        this.status.next(AXPSessionStatus.SignedOut);
-        this.eventService.publish(AXPSessionStatus.SignedOut, { id: userId });
     }
     async refreshToken() {
+        console.log('Refreshing token...');
         return new Promise(async (resolve, reject) => {
             const sessionData = this.getSessionData();
             if (!sessionData || !sessionData?.refreshToken) {
+                console.log('No session data or refresh token found');
+                reject(new Error('No refresh token available'));
                 return;
             }
             const strategy = this.authStrategyRegistry.get(sessionData.strategy);
             if (!strategy) {
-                reject();
-                throw new Error(`Authentication strategy '${sessionData.strategy}' is not found`);
+                console.error('Authentication strategy not found:', sessionData.strategy);
+                reject(new Error(`Authentication strategy '${sessionData.strategy}' is not found`));
+                return;
             }
-            const result = await strategy.refreshToken(this.getContext());
-            if (result.succeed) {
-                this.setSession(result.data);
-                resolve(result.data?.accessToken);
+            try {
+                const result = await strategy.refreshToken(this.getContext());
+                if (result.succeed) {
+                    console.log('Token refresh successful');
+                    this.setSession(result.data);
+                    resolve(result.data?.accessToken);
+                }
+                else {
+                    console.error('Token refresh failed');
+                    this.clearSession();
+                    this.status.next(AXPSessionStatus.Expired);
+                    reject(new Error('Token refresh failed'));
+                }
             }
-            else {
+            catch (error) {
+                console.error('Error during token refresh:', error);
                 this.clearSession();
                 this.status.next(AXPSessionStatus.Expired);
+                reject(error);
             }
         });
     }
-    async setTenant(tenant) {
-        this.currentTenantSubject.next(tenant);
-        if (tenant) {
-            this.updateSession({ tenant: tenant });
-            await this.refreshToken();
-        }
-    }
-    async setApplication(application) {
-        this.currentApplicationSubject.next(application);
-        if (application) {
-            this.updateSession({ application: application });
-            await this.refreshToken();
-            await this.loadPermissions();
-            await this.loadFeatures();
-        }
-    }
     async loadPermissions() {
         try {
             const permissions = await firstValueFrom(this.permissionLoader.getList(this.getContext()));
@@ -387,37 +484,69 @@ class AXPSessionService {
         }
     }
     async signInComplete() {
+        // Ensure we have the required data
+        if (!this.user) {
+            this.status.next(AXPSessionStatus.Unauthenticated);
+            return;
+        }
+        // Set status to Authorized
         this.status.next(AXPSessionStatus.Authorized);
+        // Double-check the status was set correctly
+        setTimeout(() => {
+            console.log('Status after timeout:', this.status.value);
+        }, 100);
     }
     setSession(tokens) {
         const sessionData = {
             accessToken: tokens.accessToken,
             refreshToken: tokens.refreshToken,
             strategy: tokens.strategy,
-            user: this.user,
+            user: tokens.user,
             application: tokens.application,
             tenant: tokens.tenant,
             expiresIn: tokens.expiresIn,
             idToken: tokens.idToken,
         };
-        this.updateSession(sessionData);
+        // Update subjects
+        if (tokens.user) {
+            this.currentUserSubject.next(tokens.user);
+        }
+        if (tokens.tenant) {
+            this.currentTenantSubject.next(tokens.tenant);
+        }
+        if (tokens.application) {
+            this.currentApplicationSubject.next(tokens.application);
+        }
+        localStorage.setItem(AXPSessionService.SESSION_KEY, JSON.stringify(sessionData));
     }
-    updateSession(update) {
-        const currentSession = this.getSessionData() ?? {};
-        const updatedSession = merge({}, currentSession, update);
-        localStorage.setItem(AXPSessionService.SESSION_KEY, JSON.stringify(updatedSession));
+    setStrategy(strategy) {
+        const sessionData = this.getSessionData();
+        const newSessionData = { ...sessionData, strategy };
+        this.setSession(newSessionData);
     }
     getSessionData() {
-        const sessionDataString = localStorage.getItem(AXPSessionService.SESSION_KEY);
-        return sessionDataString ? JSON.parse(sessionDataString) : null;
+        try {
+            const sessionDataString = localStorage.getItem(AXPSessionService.SESSION_KEY);
+            if (sessionDataString) {
+                const sessionData = JSON.parse(sessionDataString);
+                return sessionData;
+            }
+            else {
+                return null;
+            }
+        }
+        catch (error) {
+            localStorage.removeItem(AXPSessionService.SESSION_KEY);
+            return null;
+        }
     }
     clearSession() {
         //
         this.currentUserSubject.next(null);
         //
-        this.setTenant(null);
+        this.currentTenantSubject.next(null);
         //
-        this.setApplication(null);
+        this.currentApplicationSubject.next(null);
         //
         this.permissionsSubject.next([]);
         //
@@ -453,10 +582,10 @@ class AXPSessionService {
             application: this.application,
         });
     }
-    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.1.3", ngImport: i0, type: AXPSessionService, deps: [], target: i0.ɵɵFactoryTarget.Injectable }); }
-    static { this.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "20.1.3", ngImport: i0, type: AXPSessionService, providedIn: 'root' }); }
+    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.1.4", ngImport: i0, type: AXPSessionService, deps: [], target: i0.ɵɵFactoryTarget.Injectable }); }
+    static { this.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "20.1.4", ngImport: i0, type: AXPSessionService, providedIn: 'root' }); }
 }
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.1.3", ngImport: i0, type: AXPSessionService, decorators: [{
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.1.4", ngImport: i0, type: AXPSessionService, decorators: [{
             type: Injectable,
             args: [{
                     providedIn: 'root',
@@ -500,10 +629,10 @@ class AXPPermissionDirective {
     ngOnDestroy() {
         this.subscription?.unsubscribe();
     }
-    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.1.3", ngImport: i0, type: AXPPermissionDirective, deps: [{ token: i0.TemplateRef }, { token: i0.ViewContainerRef }], target: i0.ɵɵFactoryTarget.Directive }); }
-    static { this.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "14.0.0", version: "20.1.3", type: AXPPermissionDirective, isStandalone: false, selector: "[permission]", inputs: { permission: "permission", permissionElse: "permissionElse" }, ngImport: i0 }); }
+    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.1.4", ngImport: i0, type: AXPPermissionDirective, deps: [{ token: i0.TemplateRef }, { token: i0.ViewContainerRef }], target: i0.ɵɵFactoryTarget.Directive }); }
+    static { this.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "14.0.0", version: "20.1.4", type: AXPPermissionDirective, isStandalone: false, selector: "[permission]", inputs: { permission: "permission", permissionElse: "permissionElse" }, ngImport: i0 }); }
 }
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.1.3", ngImport: i0, type: AXPPermissionDirective, decorators: [{
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.1.4", ngImport: i0, type: AXPPermissionDirective, decorators: [{
             type: Directive,
             args: [{
                     selector: '[permission]',
@@ -657,10 +786,10 @@ class AXPPermissionDefinitionService {
         await this.load();
         return this.cache?.find(g => g.permissions.find(p => p.name === name))?.permissions.find(p => p.name === name) ?? null;
     }
-    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.1.3", ngImport: i0, type: AXPPermissionDefinitionService, deps: [], target: i0.ɵɵFactoryTarget.Injectable }); }
-    static { this.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "20.1.3", ngImport: i0, type: AXPPermissionDefinitionService, providedIn: 'root' }); }
+    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.1.4", ngImport: i0, type: AXPPermissionDefinitionService, deps: [], target: i0.ɵɵFactoryTarget.Injectable }); }
+    static { this.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "20.1.4", ngImport: i0, type: AXPPermissionDefinitionService, providedIn: 'root' }); }
 }
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.1.3", ngImport: i0, type: AXPPermissionDefinitionService, decorators: [{
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.1.4", ngImport: i0, type: AXPPermissionDefinitionService, decorators: [{
             type: Injectable,
             args: [{ providedIn: 'root' }]
         }] });
@@ -693,7 +822,7 @@ class AXPPermissionEvaluatorScopeProvider {
 
 const AXPAuthGuard = (route, state) => {
     const sessionService = inject(AXPSessionService);
-    return sessionService.isAuthenticated$.pipe(first(), map((value) => {
+    return sessionService.isAuthenticatedWithLoading$.pipe(first(), map((value) => {
         if (value) {
             return true;
         }
@@ -754,21 +883,16 @@ class AXPAuthModule {
             f();
         });
     }
-    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.1.3", ngImport: i0, type: AXPAuthModule, deps: [{ token: 'AXPAuthModuleFactory', optional: true }], target: i0.ɵɵFactoryTarget.NgModule }); }
-    static { this.ɵmod = i0.ɵɵngDeclareNgModule({ minVersion: "14.0.0", version: "20.1.3", ngImport: i0, type: AXPAuthModule, declarations: [AXPPermissionDirective, AXPFeatureDirective], exports: [AXPPermissionDirective, AXPFeatureDirective] }); }
-    static { this.ɵinj = i0.ɵɵngDeclareInjector({ minVersion: "12.0.0", version: "20.1.3", ngImport: i0, type: AXPAuthModule, providers: [
+    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.1.4", ngImport: i0, type: AXPAuthModule, deps: [{ token: 'AXPAuthModuleFactory', optional: true }], target: i0.ɵɵFactoryTarget.NgModule }); }
+    static { this.ɵmod = i0.ɵɵngDeclareNgModule({ minVersion: "14.0.0", version: "20.1.4", ngImport: i0, type: AXPAuthModule, declarations: [AXPPermissionDirective, AXPFeatureDirective], exports: [AXPPermissionDirective, AXPFeatureDirective] }); }
+    static { this.ɵinj = i0.ɵɵngDeclareInjector({ minVersion: "12.0.0", version: "20.1.4", ngImport: i0, type: AXPAuthModule, providers: [
             provideAppInitializer(() => {
-                const initializerFn = (initializeAppState)(inject(AXPSessionService));
+                const initializerFn = initializeAppState(inject(AXPSessionService));
                 return initializerFn();
             }),
-            {
-                provide: AXP_EXPRESSION_EVALUATOR_SCOPE_PROVIDER,
-                useClass: AXPPermissionEvaluatorScopeProvider,
-                multi: true,
-            },
         ] }); }
 }
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.1.3", ngImport: i0, type: AXPAuthModule, decorators: [{
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.1.4", ngImport: i0, type: AXPAuthModule, decorators: [{
             type: NgModule,
             args: [{
                     imports: [],
@@ -776,14 +900,9 @@ i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.1.3", ngImpor
                     declarations: [AXPPermissionDirective, AXPFeatureDirective],
                     providers: [
                         provideAppInitializer(() => {
-                            const initializerFn = (initializeAppState)(inject(AXPSessionService));
+                            const initializerFn = initializeAppState(inject(AXPSessionService));
                             return initializerFn();
                         }),
-                        {
-                            provide: AXP_EXPRESSION_EVALUATOR_SCOPE_PROVIDER,
-                            useClass: AXPPermissionEvaluatorScopeProvider,
-                            multi: true,
-                        },
                     ],
                 }]
         }], ctorParameters: () => [{ type: undefined, decorators: [{
@@ -793,9 +912,89 @@ i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.1.3", ngImpor
                     args: ['AXPAuthModuleFactory']
                 }] }] });
 
+class AXPAuthStrategy {
+}
+
+//#region ----   JWT Utility   ----
+/**
+ * Utility class for JWT token operations
+ */
+class JwtUtil {
+    /**
+     * Parses a JWT token and returns the payload
+     */
+    static parseJwt(token) {
+        try {
+            const base64Url = token.split('.')[1];
+            const base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/');
+            const jsonPayload = decodeURIComponent(atob(base64)
+                .split('')
+                .map(c => '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2))
+                .join(''));
+            return JSON.parse(jsonPayload);
+        }
+        catch (error) {
+            throw new Error('Invalid JWT token');
+        }
+    }
+}
+//#endregion
+//#region ----   PKCE Utility   ----
+/**
+ * Utility class for PKCE (Proof Key for Code Exchange) operations
+ */
+class PkceUtil {
+    /**
+     * Generates a random string for PKCE code verifier
+     */
+    static generateRandomString(length) {
+        const array = new Uint8Array(length);
+        crypto.getRandomValues(array);
+        return this.base64UrlEncode(array);
+    }
+    /**
+     * Generates PKCE code challenge from verifier
+     */
+    static async generateCodeChallenge(codeVerifier) {
+        const encoder = new TextEncoder();
+        const data = encoder.encode(codeVerifier);
+        const digest = await crypto.subtle.digest('SHA-256', data);
+        return this.base64UrlEncode(new Uint8Array(digest));
+    }
+    /**
+     * Base64 URL encoding for PKCE
+     */
+    static base64UrlEncode(array) {
+        return btoa(String.fromCharCode(...array))
+            .replace(/\+/g, '-')
+            .replace(/\//g, '_')
+            .replace(/=/g, '');
+    }
+}
+//#endregion
+//#region ----   Time Utility   ----
+/**
+ * Utility class for time and date operations
+ */
+class TimeUtil {
+    /**
+     * Calculates the time difference in milliseconds between a future date and now
+     */
+    static expiresInMilliseconds(expiresInDate) {
+        return new Date(expiresInDate).getTime() - new Date().getTime();
+    }
+    /**
+     * Calculates expiration date from seconds
+     */
+    static calculateExpireInDate(expireInSeconds) {
+        return new Date(Date.now() + expireInSeconds * 1000).toISOString();
+    }
+}
+//#endregion
+
 /**
  * Generated bundle index. Do not edit.
  */
 
-export { AXPAuthGuard, AXPAuthModule, AXPFeatureDirective, AXPFeatureGuard, AXPPermissionDefinitionBuilder, AXPPermissionDefinitionGroupBuilder, AXPPermissionDefinitionProviderContext, AXPPermissionDefinitionService, AXPPermissionDirective, AXPPermissionEvaluatorScopeProvider, AXPPermissionGuard, AXPSessionContext, AXPSessionService, AXPSessionStatus, AXPUnauthenticatedError, AXPUnauthorizedError, AXP_APPLICATION_LOADER, AXP_FEATURE_LOADER, AXP_PERMISSION_DEFINITION_PROVIDER, AXP_PERMISSION_LOADER, AXP_TENANT_LOADER, initializeAppState };
+export { AXPAuthGuard, AXPAuthModule, AXPAuthStrategy, AXPAuthStrategyRegistryService, AXPFeatureDirective, AXPFeatureGuard, AXPPermissionDefinitionBuilder, AXPPermissionDefinitionGroupBuilder, AXPPermissionDefinitionProviderContext, AXPPermissionDefinitionService, AXPPermissionDirective, AXPPermissionEvaluatorScopeProvider, AXPPermissionGuard, AXPSessionContext, AXPSessionService, AXPSessionStatus, AXPUnauthenticatedError, AXPUnauthorizedError, AXP_APPLICATION_LOADER, AXP_FEATURE_LOADER, AXP_PERMISSION_DEFINITION_PROVIDER, AXP_PERMISSION_LOADER, AXP_TENANT_LOADER, JwtUtil, PkceUtil, TimeUtil, initializeAppState };
 //# sourceMappingURL=acorex-platform-auth.mjs.map