@ahoo-wang/fetcher-cosec 3.0.3 → 3.0.6

package/dist/index.es.js

@@ -1,16 +1,16 @@
-import { REQUEST_BODY_INTERCEPTOR_ORDER as D, FetcherError as S, ResultExtractors as U } from "@ahoo-wang/fetcher";
-import { nanoid as w } from "nanoid";
+import { REQUEST_BODY_INTERCEPTOR_ORDER as w, FetcherError as D, ResultExtractors as y } from "@ahoo-wang/fetcher";
+import { nanoid as U } from "nanoid";
 import { KeyStorage as f } from "@ahoo-wang/fetcher-storage";
 import { BroadcastTypedEventBus as O, SerialTypedEventBus as _ } from "@ahoo-wang/fetcher-eventbus";
 const a = class a {
 };
 a.DEVICE_ID = "CoSec-Device-Id", a.APP_ID = "CoSec-App-Id", a.AUTHORIZATION = "Authorization", a.REQUEST_ID = "CoSec-Request-Id";
 let n = a;
-const E = class E {
+const u = class u {
 };
-E.UNAUTHORIZED = 401, E.FORBIDDEN = 403;
-let h = E;
-const j = {
+u.UNAUTHORIZED = 401, u.FORBIDDEN = 403;
+let h = u;
+const ne = {
   ALLOW: { authorized: !0, reason: "Allow" },
   EXPLICIT_DENY: { authorized: !1, reason: "Explicit Deny" },
   IMPLICIT_DENY: { authorized: !1, reason: "Implicit Deny" },
@@ -24,17 +24,17 @@ class C {
    * @returns A unique request ID
    */
   generateId() {
-    return w();
+    return U();
   }
 }
-const N = new C(), m = "CoSecRequestInterceptor", P = D + 1e3, A = "Ignore-Refresh-Token";
-class G {
+const N = new C(), m = "CoSecRequestInterceptor", g = w + 1e3, k = "Ignore-Refresh-Token";
+class b {
   /**
    * Creates a new CoSecRequestInterceptor instance.
    * @param options - The CoSec configuration options including appId, deviceIdStorage, and tokenManager
    */
   constructor(e) {
-    this.name = m, this.order = P, this.options = e;
+    this.name = m, this.order = g, this.options = e;
   }
   /**
    * Intercept requests to add CoSec authentication headers.
@@ -59,19 +59,19 @@ class G {
    * It will attempt to refresh the token before adding the Authorization header to the request.
    */
   async intercept(e) {
-    const t = N.generateId(), r = this.options.deviceIdStorage.getOrCreate(), o = e.ensureRequestHeaders();
-    o[n.APP_ID] = this.options.appId, o[n.DEVICE_ID] = r, o[n.REQUEST_ID] = t;
+    const t = N.generateId(), s = this.options.deviceIdStorage.getOrCreate(), o = e.ensureRequestHeaders();
+    o[n.APP_ID] = this.options.appId, o[n.DEVICE_ID] = s, o[n.REQUEST_ID] = t;
   }
 }
-const b = "AuthorizationRequestInterceptor", z = P + 1e3;
-class V {
+const M = "AuthorizationRequestInterceptor", z = g + 1e3;
+class v {
   /**
    * Creates an AuthorizationRequestInterceptor instance.
    *
    * @param options - Configuration options containing the token manager
    */
   constructor(e) {
-    this.options = e, this.name = b, this.order = z;
+    this.options = e, this.name = M, this.order = z;
   }
   /**
    * Intercepts the request exchange to add authorization headers.
@@ -86,18 +86,18 @@ class V {
    */
   async intercept(e) {
     let t = this.options.tokenManager.currentToken;
-    const r = e.ensureRequestHeaders();
-    !t || r[n.AUTHORIZATION] || (!e.attributes.has(A) && t.isRefreshNeeded && t.isRefreshable && await this.options.tokenManager.refresh(), t = this.options.tokenManager.currentToken, t && (r[n.AUTHORIZATION] = `Bearer ${t.access.token}`));
+    const s = e.ensureRequestHeaders();
+    !t || s[n.AUTHORIZATION] || (!e.attributes.has(k) && t.isRefreshNeeded && t.isRefreshable && await this.options.tokenManager.refresh(), t = this.options.tokenManager.currentToken, t && (s[n.AUTHORIZATION] = `Bearer ${t.access.token}`));
   }
 }
-const M = "AuthorizationResponseInterceptor", q = Number.MIN_SAFE_INTEGER + 1e3;
-class X {
+const q = "AuthorizationResponseInterceptor", F = Number.MIN_SAFE_INTEGER + 1e3;
+class B {
   /**
    * Creates a new AuthorizationResponseInterceptor instance.
    * @param options - The CoSec configuration options including token storage and refresher
    */
   constructor(e) {
-    this.options = e, this.name = M, this.order = q;
+    this.options = e, this.name = q, this.order = F;
   }
   /**
    * Intercepts the response and handles unauthorized responses by refreshing tokens.
@@ -108,16 +108,16 @@ class X {
     if (t && t.status === h.UNAUTHORIZED && this.options.tokenManager.isRefreshable)
       try {
         await this.options.tokenManager.refresh(), await e.fetcher.interceptors.exchange(e);
-      } catch (r) {
-        throw this.options.tokenManager.tokenStorage.remove(), r;
+      } catch (s) {
+        throw this.options.tokenManager.tokenStorage.remove(), s;
       }
   }
 }
-const d = "cosec-device-id";
-class W extends f {
+const T = "cosec-device-id";
+class K extends f {
   constructor(e = {
-    key: d,
-    eventBus: new O({ delegate: new _(d) })
+    key: T,
+    eventBus: new O({ delegate: new _(T) })
   }) {
     super(e);
   }
@@ -139,99 +139,74 @@ class W extends f {
     return e || (e = this.generateDeviceId(), this.set(e)), e;
   }
 }
-function k(s) {
-  try {
-    if (typeof s != "string")
-      return null;
-    const e = s.split(".");
-    if (e.length !== 3)
-      return null;
-    const r = e[1].replace(/-/g, "+").replace(/_/g, "/"), o = r.padEnd(
-      r.length + (4 - r.length % 4) % 4,
-      "="
-    ), c = decodeURIComponent(
-      atob(o).split("").map(function(i) {
-        return "%" + ("00" + i.charCodeAt(0).toString(16)).slice(-2);
-      }).join("")
-    );
-    return JSON.parse(c);
-  } catch (e) {
-    return console.error("Failed to parse JWT token", e), null;
-  }
-}
-function v(s, e = 0) {
-  const t = typeof s == "string" ? k(s) : s;
-  if (!t)
-    return !0;
-  const r = t.exp;
-  return r ? Date.now() / 1e3 > r - e : !1;
-}
-class p {
-  /**
-   * Creates a new JwtToken instance
-   */
-  constructor(e, t = 0) {
-    this.token = e, this.earlyPeriod = t, this.payload = k(e);
-  }
-  /**
-   * Checks if the token is expired
-   * @returns true if the token is expired, false otherwise
-   */
-  get isExpired() {
-    return this.payload ? v(this.payload, this.earlyPeriod) : !0;
-  }
-}
-class g {
-  /**
-   * Creates a new JwtCompositeToken instance
-   */
-  constructor(e, t = 0) {
-    this.token = e, this.earlyPeriod = t, this.access = new p(e.accessToken, t), this.refresh = new p(e.refreshToken, t);
-  }
-  /**
-   * Checks if the access token needs to be refreshed
-   * @returns true if the access token is expired, false otherwise
-   */
-  get isRefreshNeeded() {
-    return this.access.isExpired;
-  }
-  /**
-   * Checks if the refresh token is still valid and can be used to refresh the access token
-   * @returns true if the refresh token is not expired, false otherwise
-   */
-  get isRefreshable() {
-    return !this.refresh.isExpired;
-  }
-}
-class y {
-  constructor(e = 0) {
-    this.earlyPeriod = e;
-  }
+const H = "ForbiddenErrorInterceptor", Z = 0;
+class J {
   /**
-   * Deserializes a JSON string to a JwtCompositeToken
-   * @param value The JSON string representation of a composite token
-   * @returns A JwtCompositeToken instance
+   * Creates a new ForbiddenErrorInterceptor instance.
+   *
+   * @param options - Configuration options containing the callback to handle forbidden responses.
+   *                  Must include the `onForbidden` callback function.
+   *
+   * @throws Will throw an error if options are not provided or if `onForbidden` callback is missing.
+   *
+   * @example
+   * ```typescript
+   * const interceptor = new ForbiddenErrorInterceptor({
+   *   onForbidden: async (exchange) => {
+   *     // Handle forbidden access
+   *   }
+   * });
+   * ```
    */
-  deserialize(e) {
-    const t = JSON.parse(e);
-    return new g(t, this.earlyPeriod);
+  constructor(e) {
+    this.options = e, this.name = H, this.order = Z;
   }
   /**
-   * Serializes a JwtCompositeToken to a JSON string
-   * @param value The JwtCompositeToken to serialize
-   * @returns A JSON string representation of the composite token
+   * Intercepts fetch exchanges to detect and handle forbidden (403) responses.
+   *
+   * This method examines the response status code and invokes the configured `onForbidden`
+   * callback when a 403 Forbidden response is detected. The method is asynchronous to
+   * allow the callback to perform async operations like API calls, redirects, or UI updates.
+   *
+   * The interceptor only acts on responses with status code 403. Other error codes are
+   * ignored and passed through to other error interceptors in the chain.
+   *
+   * @param exchange - The fetch exchange containing request, response, and error information
+   *                   to be inspected for forbidden status codes. The exchange object provides
+   *                   access to the original request, response details, and any error information.
+   * @returns Promise that resolves when the forbidden error handling is complete.
+   *          Returns void - the method does not modify the exchange or return values.
+   *
+   * @remarks
+   * - Only responds to HTTP 403 status codes
+   * - Does not retry requests or modify responses
+   * - Allows async operations in the callback
+   * - Does not throw exceptions - delegates all error handling to the callback
+   * - Safe to use with other error interceptors
+   *
+   * @example
+   * ```typescript
+   * // The intercept method is called automatically by the fetcher
+   * // No manual invocation needed - this is for documentation purposes
+   * const interceptor = new ForbiddenErrorInterceptor({
+   *   onForbidden: async (exchange) => {
+   *     // exchange.response.status === 403
+   *     // exchange.request contains original request details
+   *     await handleForbiddenAccess(exchange);
+   *   }
+   * });
+   * ```
    */
-  serialize(e) {
-    return JSON.stringify(e.token);
+  async intercept(e) {
+    e.response?.status === h.FORBIDDEN && await this.options.onForbidden(e);
   }
 }
-const $ = new y();
-class u extends S {
+class E extends D {
   constructor(e, t) {
-    super("Refresh token failed.", t), this.token = e, this.name = "RefreshTokenError", Object.setPrototypeOf(this, u.prototype);
+    super("Refresh token failed.", t), this.token = e, this.name = "RefreshTokenError", Object.setPrototypeOf(this, E.prototype);
   }
 }
-class ee {
+class Q {
   /**
    * Creates a new JwtTokenManager instance
    * @param tokenStorage The storage used to persist tokens
@@ -259,7 +234,7 @@ class ee {
     return this.refreshInProgress ? this.refreshInProgress : (this.refreshInProgress = this.tokenRefresher.refresh(e.token).then((t) => {
       this.tokenStorage.setCompositeToken(t);
     }).catch((t) => {
-      throw this.tokenStorage.remove(), new u(e, t);
+      throw this.tokenStorage.remove(), new E(e, t);
     }).finally(() => {
       this.refreshInProgress = void 0;
     }), this.refreshInProgress);
@@ -279,18 +254,18 @@ class ee {
     return this.currentToken ? this.currentToken.isRefreshable : !1;
   }
 }
-const B = "ResourceAttributionRequestInterceptor", F = Number.MAX_SAFE_INTEGER;
-class te {
+const x = "tenantId", Y = "ownerId", L = "ResourceAttributionRequestInterceptor", j = Number.MAX_SAFE_INTEGER;
+class G {
   /**
    * Creates a new ResourceAttributionRequestInterceptor
    * @param options - Configuration options for resource attribution including tenantId, ownerId and tokenStorage
    */
   constructor({
-    tenantId: e = "tenantId",
-    ownerId: t = "ownerId",
-    tokenStorage: r
+    tenantId: e = x,
+    ownerId: t = Y,
+    tokenStorage: s
   }) {
-    this.name = B, this.order = F, this.tenantIdPathKey = e, this.ownerIdPathKey = t, this.tokenStorage = r;
+    this.name = L, this.order = j, this.tenantIdPathKey = e, this.ownerIdPathKey = t, this.tokenStorage = s;
   }
   /**
    * Intercepts outgoing requests and automatically adds tenant and owner ID path parameters
@@ -301,69 +276,127 @@ class te {
     const t = this.tokenStorage.get();
     if (!t)
       return;
-    const r = t.access.payload;
-    if (!r || !r.tenantId && !r.sub)
+    const s = t.access.payload;
+    if (!s || !s.tenantId && !s.sub)
       return;
     const o = e.fetcher.urlBuilder.urlTemplateResolver.extractPathParams(
       e.request.url
-    ), c = this.tenantIdPathKey, i = e.ensureRequestUrlParams().path, I = r.tenantId;
-    I && o.includes(c) && !i[c] && (i[c] = I);
-    const R = this.ownerIdPathKey, T = r.sub;
-    T && o.includes(R) && !i[R] && (i[R] = T);
+    ), c = this.tenantIdPathKey, i = e.ensureRequestUrlParams().path, d = s.tenantId;
+    d && o.includes(c) && !i[c] && (i[c] = d);
+    const R = this.ownerIdPathKey, I = s.sub;
+    I && o.includes(R) && !i[R] && (i[R] = I);
+  }
+}
+function S(r) {
+  try {
+    if (typeof r != "string")
+      return null;
+    const e = r.split(".");
+    if (e.length !== 3)
+      return null;
+    const s = e[1].replace(/-/g, "+").replace(/_/g, "/"), o = s.padEnd(
+      s.length + (4 - s.length % 4) % 4,
+      "="
+    ), c = decodeURIComponent(
+      atob(o).split("").map(function(i) {
+        return "%" + ("00" + i.charCodeAt(0).toString(16)).slice(-2);
+      }).join("")
+    );
+    return JSON.parse(c);
+  } catch (e) {
+    return console.error("Failed to parse JWT token", e), null;
   }
 }
-class re {
+function V(r, e = 0) {
+  const t = typeof r == "string" ? S(r) : r;
+  if (!t)
+    return !0;
+  const s = t.exp;
+  return s ? Date.now() / 1e3 > s - e : !1;
+}
+class p {
   /**
-   * Creates a new instance of CoSecTokenRefresher.
-   *
-   * @param options The configuration options for the token refresher including fetcher and endpoint
+   * Creates a new JwtToken instance
    */
-  constructor(e) {
-    this.options = e;
+  constructor(e, t = 0) {
+    this.token = e, this.earlyPeriod = t, this.payload = S(e);
   }
   /**
-   * Refresh the given token and return a new CompositeToken.
-   *
-   * @param token The token to refresh
-   * @returns A Promise that resolves to a new CompositeToken
+   * Checks if the token is expired
+   * @returns true if the token is expired, false otherwise
    */
-  refresh(e) {
-    return this.options.fetcher.post(
-      this.options.endpoint,
-      {
-        body: e
-      },
-      {
-        resultExtractor: U.Json,
-        attributes: /* @__PURE__ */ new Map([[A, !0]])
-      }
-    );
+  get isExpired() {
+    return this.payload ? V(this.payload, this.earlyPeriod) : !0;
+  }
+}
+class A {
+  /**
+   * Creates a new JwtCompositeToken instance
+   */
+  constructor(e, t = 0) {
+    this.token = e, this.earlyPeriod = t, this.access = new p(e.accessToken, t), this.refresh = new p(e.refreshToken, t);
+  }
+  /**
+   * Checks if the access token needs to be refreshed
+   * @returns true if the access token is expired, false otherwise
+   */
+  get isRefreshNeeded() {
+    return this.access.isExpired;
+  }
+  /**
+   * Checks if the refresh token is still valid and can be used to refresh the access token
+   * @returns true if the refresh token is not expired, false otherwise
+   */
+  get isRefreshable() {
+    return !this.refresh.isExpired;
+  }
+}
+class P {
+  constructor(e = 0) {
+    this.earlyPeriod = e;
+  }
+  /**
+   * Deserializes a JSON string to a JwtCompositeToken
+   * @param value The JSON string representation of a composite token
+   * @returns A JwtCompositeToken instance
+   */
+  deserialize(e) {
+    const t = JSON.parse(e);
+    return new A(t, this.earlyPeriod);
+  }
+  /**
+   * Serializes a JwtCompositeToken to a JSON string
+   * @param value The JwtCompositeToken to serialize
+   * @returns A JSON string representation of the composite token
+   */
+  serialize(e) {
+    return JSON.stringify(e.token);
   }
 }
-const l = "cosec-token";
-class se extends f {
+const ie = new P(), l = "cosec-token";
+class W extends f {
   constructor(e = {
     key: l,
     eventBus: new O({ delegate: new _(l) })
   }) {
     super({
-      serializer: new y(e.earlyPeriod),
+      serializer: new P(e.earlyPeriod),
       ...e
     }), this.earlyPeriod = e.earlyPeriod ?? 0;
   }
   setCompositeToken(e) {
-    this.set(new g(e, this.earlyPeriod));
+    this.set(new A(e, this.earlyPeriod));
   }
 }
-const K = "UnauthorizedErrorInterceptor", H = 0;
-class oe {
+const X = "UnauthorizedErrorInterceptor", $ = 0;
+class ee {
   /**
    * Creates a new UnauthorizedErrorInterceptor instance.
    *
    * @param options - Configuration options containing the callback to handle unauthorized responses
    */
   constructor(e) {
-    this.options = e, this.name = K, this.order = H;
+    this.options = e, this.name = X, this.order = $;
   }
   /**
    * Intercepts fetch exchanges to detect and handle unauthorized (401) responses
@@ -389,108 +422,169 @@ class oe {
    * ```
    */
   async intercept(e) {
-    (e.response?.status === h.UNAUTHORIZED || e.error instanceof u) && await this.options.onUnauthorized(e);
+    (e.response?.status === h.UNAUTHORIZED || e.error instanceof E) && await this.options.onUnauthorized(e);
   }
 }
-const Z = "ForbiddenErrorInterceptor", J = 0;
-class ne {
+class ae {
   /**
-   * Creates a new ForbiddenErrorInterceptor instance.
+   * Creates a new CoSecConfigurer instance with the provided configuration.
    *
-   * @param options - Configuration options containing the callback to handle forbidden responses.
-   *                  Must include the `onForbidden` callback function.
+   * This constructor conditionally creates dependencies based on the configuration:
+   * - TokenStorage and DeviceIdStorage are always created (using defaults if not provided)
+   * - JwtTokenManager is only created if tokenRefresher is provided
    *
-   * @throws Will throw an error if options are not provided or if `onForbidden` callback is missing.
+   * @param config - CoSec configuration object
    *
    * @example
    * ```typescript
-   * const interceptor = new ForbiddenErrorInterceptor({
-   *   onForbidden: async (exchange) => {
-   *     // Handle forbidden access
-   *   }
+   * // Full setup with all dependencies
+   * const configurer = new CoSecConfigurer({
+   *   appId: 'my-app',
+   *   tokenRefresher: myTokenRefresher,
+   * });
+   *
+   * // Minimal setup with custom storage
+   * const configurer = new CoSecConfigurer({
+   *   appId: 'my-app',
+   *   tokenStorage: customStorage,
+   *   deviceIdStorage: customDeviceStorage,
    * });
    * ```
    */
   constructor(e) {
-    this.options = e, this.name = Z, this.order = J;
+    this.config = e, this.tokenStorage = e.tokenStorage ?? new W(), this.deviceIdStorage = e.deviceIdStorage ?? new K(), e.tokenRefresher && (this.tokenManager = new Q(
+      this.tokenStorage,
+      e.tokenRefresher
+    ));
   }
   /**
-   * Intercepts fetch exchanges to detect and handle forbidden (403) responses.
+   * Applies CoSec interceptors to the provided Fetcher instance.
    *
-   * This method examines the response status code and invokes the configured `onForbidden`
-   * callback when a 403 Forbidden response is detected. The method is asynchronous to
-   * allow the callback to perform async operations like API calls, redirects, or UI updates.
+   * This method conditionally configures interceptors based on the provided configuration:
    *
-   * The interceptor only acts on responses with status code 403. Other error codes are
-   * ignored and passed through to other error interceptors in the chain.
+   * Always added:
+   * 1. CoSecRequestInterceptor - Adds CoSec headers (appId, deviceId, requestId)
+   * 2. ResourceAttributionRequestInterceptor - Adds tenant/owner path parameters
    *
-   * @param exchange - The fetch exchange containing request, response, and error information
-   *                   to be inspected for forbidden status codes. The exchange object provides
-   *                   access to the original request, response details, and any error information.
-   * @returns Promise that resolves when the forbidden error handling is complete.
-   *          Returns void - the method does not modify the exchange or return values.
+   * Only when `tokenRefresher` is provided:
+   * 3. AuthorizationRequestInterceptor - Adds Bearer token authentication
+   * 4. AuthorizationResponseInterceptor - Handles token refresh on 401 responses
    *
-   * @remarks
-   * - Only responds to HTTP 403 status codes
-   * - Does not retry requests or modify responses
-   * - Allows async operations in the callback
-   * - Does not throw exceptions - delegates all error handling to the callback
-   * - Safe to use with other error interceptors
+   * Only when corresponding handlers are provided:
+   * 5. UnauthorizedErrorInterceptor - Handles 401 unauthorized errors
+   * 6. ForbiddenErrorInterceptor - Handles 403 forbidden errors
+   *
+   * @param fetcher - The Fetcher instance to configure
    *
    * @example
    * ```typescript
-   * // The intercept method is called automatically by the fetcher
-   * // No manual invocation needed - this is for documentation purposes
-   * const interceptor = new ForbiddenErrorInterceptor({
-   *   onForbidden: async (exchange) => {
-   *     // exchange.response.status === 403
-   *     // exchange.request contains original request details
-   *     await handleForbiddenAccess(exchange);
-   *   }
+   * const fetcher = new Fetcher({ baseURL: '/api' });
+   * const configurer = new CoSecConfigurer({
+   *   appId: 'my-app',
+   *   tokenRefresher: myTokenRefresher,
+   *   onUnauthorized: handle401,
+   *   onForbidden: handle403,
    * });
+   *
+   * configurer.applyTo(fetcher);
+   * // Now fetcher has all CoSec interceptors configured
    * ```
    */
-  async intercept(e) {
-    e.response?.status === h.FORBIDDEN && await this.options.onForbidden(e);
+  applyTo(e) {
+    e.interceptors.request.use(
+      new b({
+        appId: this.config.appId,
+        deviceIdStorage: this.deviceIdStorage
+      })
+    ), e.interceptors.request.use(
+      new G({
+        tokenStorage: this.tokenStorage
+      })
+    ), this.tokenManager && (e.interceptors.request.use(
+      new v({
+        tokenManager: this.tokenManager
+      })
+    ), e.interceptors.response.use(
+      new B({
+        tokenManager: this.tokenManager
+      })
+    )), this.config.onUnauthorized && e.interceptors.error.use(
+      new ee({
+        onUnauthorized: this.config.onUnauthorized
+      })
+    ), this.config.onForbidden && e.interceptors.error.use(
+      new J({
+        onForbidden: this.config.onForbidden
+      })
+    );
+  }
+}
+class ce {
+  /**
+   * Creates a new instance of CoSecTokenRefresher.
+   *
+   * @param options The configuration options for the token refresher including fetcher and endpoint
+   */
+  constructor(e) {
+    this.options = e;
+  }
+  /**
+   * Refresh the given token and return a new CompositeToken.
+   *
+   * @param token The token to refresh
+   * @returns A Promise that resolves to a new CompositeToken
+   */
+  refresh(e) {
+    return this.options.fetcher.post(
+      this.options.endpoint,
+      {
+        body: e
+      },
+      {
+        resultExtractor: y.Json,
+        attributes: /* @__PURE__ */ new Map([[k, !0]])
+      }
+    );
   }
 }
 export {
-  b as AUTHORIZATION_REQUEST_INTERCEPTOR_NAME,
+  M as AUTHORIZATION_REQUEST_INTERCEPTOR_NAME,
   z as AUTHORIZATION_REQUEST_INTERCEPTOR_ORDER,
-  M as AUTHORIZATION_RESPONSE_INTERCEPTOR_NAME,
-  q as AUTHORIZATION_RESPONSE_INTERCEPTOR_ORDER,
-  V as AuthorizationRequestInterceptor,
-  X as AuthorizationResponseInterceptor,
-  j as AuthorizeResults,
+  q as AUTHORIZATION_RESPONSE_INTERCEPTOR_NAME,
+  F as AUTHORIZATION_RESPONSE_INTERCEPTOR_ORDER,
+  v as AuthorizationRequestInterceptor,
+  B as AuthorizationResponseInterceptor,
+  ne as AuthorizeResults,
   m as COSEC_REQUEST_INTERCEPTOR_NAME,
-  P as COSEC_REQUEST_INTERCEPTOR_ORDER,
+  g as COSEC_REQUEST_INTERCEPTOR_ORDER,
+  ae as CoSecConfigurer,
   n as CoSecHeaders,
-  G as CoSecRequestInterceptor,
-  re as CoSecTokenRefresher,
-  d as DEFAULT_COSEC_DEVICE_ID_KEY,
+  b as CoSecRequestInterceptor,
+  ce as CoSecTokenRefresher,
+  T as DEFAULT_COSEC_DEVICE_ID_KEY,
   l as DEFAULT_COSEC_TOKEN_KEY,
-  W as DeviceIdStorage,
-  Z as FORBIDDEN_ERROR_INTERCEPTOR_NAME,
-  J as FORBIDDEN_ERROR_INTERCEPTOR_ORDER,
-  ne as ForbiddenErrorInterceptor,
-  A as IGNORE_REFRESH_TOKEN_ATTRIBUTE_KEY,
-  g as JwtCompositeToken,
-  y as JwtCompositeTokenSerializer,
+  K as DeviceIdStorage,
+  H as FORBIDDEN_ERROR_INTERCEPTOR_NAME,
+  Z as FORBIDDEN_ERROR_INTERCEPTOR_ORDER,
+  J as ForbiddenErrorInterceptor,
+  k as IGNORE_REFRESH_TOKEN_ATTRIBUTE_KEY,
+  A as JwtCompositeToken,
+  P as JwtCompositeTokenSerializer,
   p as JwtToken,
-  ee as JwtTokenManager,
+  Q as JwtTokenManager,
   C as NanoIdGenerator,
-  B as RESOURCE_ATTRIBUTION_REQUEST_INTERCEPTOR_NAME,
-  F as RESOURCE_ATTRIBUTION_REQUEST_INTERCEPTOR_ORDER,
-  u as RefreshTokenError,
-  te as ResourceAttributionRequestInterceptor,
+  L as RESOURCE_ATTRIBUTION_REQUEST_INTERCEPTOR_NAME,
+  j as RESOURCE_ATTRIBUTION_REQUEST_INTERCEPTOR_ORDER,
+  E as RefreshTokenError,
+  G as ResourceAttributionRequestInterceptor,
   h as ResponseCodes,
-  se as TokenStorage,
-  K as UNAUTHORIZED_ERROR_INTERCEPTOR_NAME,
-  H as UNAUTHORIZED_ERROR_INTERCEPTOR_ORDER,
-  oe as UnauthorizedErrorInterceptor,
+  W as TokenStorage,
+  X as UNAUTHORIZED_ERROR_INTERCEPTOR_NAME,
+  $ as UNAUTHORIZED_ERROR_INTERCEPTOR_ORDER,
+  ee as UnauthorizedErrorInterceptor,
   N as idGenerator,
-  v as isTokenExpired,
-  $ as jwtCompositeTokenSerializer,
-  k as parseJwtPayload
+  V as isTokenExpired,
+  ie as jwtCompositeTokenSerializer,
+  S as parseJwtPayload
 };
 //# sourceMappingURL=index.es.js.map