@bravobit/bb-foundation 0.16.5 → 0.20.0

package/fesm2020/bravobit-bb-foundation-auth.mjs

@@ -12,916 +12,920 @@ import * as i3 from '@bravobit/bb-foundation';
 import * as i7 from '@bravobit/bb-foundation/http';
 import { HttpError } from '@bravobit/bb-foundation/http';
 
-class AuthConfig {
+class AuthConfig {
 }
 
 const USE_AUTHORIZATION = new HttpContextToken(() => true);
 
-class JwtHelper {
-    constructor() {
-        this.baseDecodeUnicode = (value) => {
-            return decodeURIComponent(atob(value).replace(/(.)/g, (_, p) => {
-                let code = p.charCodeAt(0).toString(16).toUpperCase();
-                if (code.length < 2) {
-                    code = '0' + code;
-                }
-                return '%' + code;
-            }));
-        };
-        this.parse = (data) => {
-            return {
-                id: data['iss'] || null,
-                type: data['typ'] || null,
-                audience: data['aud'] || null,
-                issuer: data['iss'] || null,
-                subject: data['sub'] || null,
-                role: data['role'] || null,
-                notValidBefore: this.parseDate(data['nbf']),
-                expiresAt: this.parseDate(data['exp']),
-                issuedAt: this.parseDate(data['iat'])
-            };
-        };
-        this.parseDate = (epochInSeconds) => {
-            if (!epochInSeconds || epochInSeconds <= 0) {
-                return null;
-            }
-            return new Date(epochInSeconds * 1000);
-        };
-    }
-    decode(token) {
-        try {
-            if (token === null || token === undefined) {
-                return null;
-            }
-            const json = JSON.parse(this.urlDecode(token.split('.')[1]));
-            return this.parse(json);
-        }
-        catch {
-            return null;
-        }
-    }
-    urlDecode(token) {
-        const value = token || '';
-        let output = value
-            .replace(/-/g, '+')
-            .replace(/_/g, '/');
-        switch (output.length % 4) {
-            case 0:
-                break;
-            case 2:
-                output += '==';
-                break;
-            case 3:
-                output += '=';
-                break;
-            default:
-                throw 'Illegal base64url string!';
-        }
-        try {
-            return this.baseDecodeUnicode(output);
-        }
-        catch {
-            return atob(output);
-        }
-    }
+class JwtHelper {
+    constructor() {
+        this.baseDecodeUnicode = (value) => {
+            return decodeURIComponent(atob(value).replace(/(.)/g, (_, p) => {
+                let code = p.charCodeAt(0).toString(16).toUpperCase();
+                if (code.length < 2) {
+                    code = '0' + code;
+                }
+                return '%' + code;
+            }));
+        };
+        this.parse = (data) => {
+            return {
+                id: data['iss'] || null,
+                type: data['typ'] || null,
+                audience: data['aud'] || null,
+                issuer: data['iss'] || null,
+                subject: data['sub'] || null,
+                role: data['role'] || null,
+                notValidBefore: this.parseDate(data['nbf']),
+                expiresAt: this.parseDate(data['exp']),
+                issuedAt: this.parseDate(data['iat'])
+            };
+        };
+        this.parseDate = (epochInSeconds) => {
+            if (!epochInSeconds || epochInSeconds <= 0) {
+                return null;
+            }
+            return new Date(epochInSeconds * 1000);
+        };
+    }
+    decode(token) {
+        try {
+            if (token === null || token === undefined) {
+                return null;
+            }
+            const json = JSON.parse(this.urlDecode(token.split('.')[1]));
+            return this.parse(json);
+        }
+        catch {
+            return null;
+        }
+    }
+    urlDecode(token) {
+        const value = token || '';
+        let output = value
+            .replace(/-/g, '+')
+            .replace(/_/g, '/');
+        switch (output.length % 4) {
+            case 0:
+                break;
+            case 2:
+                output += '==';
+                break;
+            case 3:
+                output += '=';
+                break;
+            default:
+                throw 'Illegal base64url string!';
+        }
+        try {
+            return this.baseDecodeUnicode(output);
+        }
+        catch {
+            return atob(output);
+        }
+    }
 }
 
-class AuthMapper {
-    constructor() {
-        // Routes.
-        this.me = 'auth/me';
-        this.register = 'auth/register';
-        this.resendCode = 'auth/resend';
-        this.logout = 'auth/logout';
-        this.refresh = 'auth/refresh';
-        this.requestPassword = 'auth/reset';
-        this.resetPassword = 'auth/reset-password';
-    }
-    role(data) {
-        return (data && data.role) || null;
-    }
-    toRegister(data) {
-        // Retrieve the params.
-        const { token, refresh_token, user } = data;
-        // Map the data to the correct format.
-        return { accessToken: token, refreshToken: refresh_token, user: user };
-    }
-    toRefresh(data) {
-        // Retrieve the params.
-        const { token, refresh_token } = data;
-        // Map the data to the correct format.
-        return { accessToken: token, refreshToken: refresh_token };
-    }
-}
-AuthMapper.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: AuthMapper, deps: [], target: i0.ɵɵFactoryTarget.Injectable });
-AuthMapper.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: AuthMapper });
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: AuthMapper, decorators: [{
-            type: Injectable
+class AuthMapper {
+    constructor() {
+        // Routes.
+        this.me = 'auth/me';
+        this.register = 'auth/register';
+        this.resendCode = 'auth/resend';
+        this.logout = 'auth/logout';
+        this.refresh = 'auth/refresh';
+        this.requestPassword = 'auth/reset';
+        this.resetPassword = 'auth/reset-password';
+    }
+    role(data) {
+        return (data && data.role) || null;
+    }
+    toRegister(data) {
+        // Retrieve the params.
+        const { token, refresh_token, user } = data;
+        // Map the data to the correct format.
+        return { accessToken: token, refreshToken: refresh_token, user: user };
+    }
+    toRefresh(data) {
+        // Retrieve the params.
+        const { token, refresh_token } = data;
+        // Map the data to the correct format.
+        return { accessToken: token, refreshToken: refresh_token };
+    }
+}
+AuthMapper.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: AuthMapper, deps: [], target: i0.ɵɵFactoryTarget.Injectable });
+AuthMapper.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: AuthMapper });
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: AuthMapper, decorators: [{
+            type: Injectable
         }] });
 
-class AuthVerifyProvider {
-    constructor(_code, _verifyToken, _endpoint) {
-        this._code = _code;
-        this._verifyToken = _verifyToken;
-        this._endpoint = _endpoint;
-    }
-    async authenticate(httpClient) {
-        // Execute API call.
-        const data$ = await httpClient.post(this._endpoint, {
-            token: this._code,
-            verify_token: this._verifyToken
-        });
-        const { token, refresh_token, user } = await firstValueFrom(data$);
-        // Map the data to the correct format.
-        return { accessToken: token, refreshToken: refresh_token, user: user };
-    }
+class AuthVerifyProvider {
+    constructor(_code, _verifyToken, _endpoint) {
+        this._code = _code;
+        this._verifyToken = _verifyToken;
+        this._endpoint = _endpoint;
+    }
+    async authenticate(httpClient) {
+        // Execute API call.
+        const data$ = await httpClient.post(this._endpoint, {
+            token: this._code,
+            verify_token: this._verifyToken
+        });
+        const { token, refresh_token, user } = await firstValueFrom(data$);
+        // Map the data to the correct format.
+        return { accessToken: token, refreshToken: refresh_token, user: user };
+    }
 }
 
-class AuthEmailProvider {
-    constructor(_email, _password, _endpoint) {
-        this._email = _email;
-        this._password = _password;
-        this._endpoint = _endpoint;
-    }
-    async authenticate(httpClient) {
-        // Execute API call.
-        const data$ = await httpClient.post(this._endpoint, {
-            email: this._email,
-            password: this._password
-        });
-        const { token, refresh_token, user, provider, verify_token } = await firstValueFrom(data$);
-        // Map the data to the correct format.
-        return {
-            accessToken: token,
-            refreshToken: refresh_token,
-            user: user,
-            provider: provider,
-            verifyToken: verify_token
-        };
-    }
+class AuthEmailProvider {
+    constructor(_email, _password, _endpoint) {
+        this._email = _email;
+        this._password = _password;
+        this._endpoint = _endpoint;
+    }
+    async authenticate(httpClient) {
+        // Execute API call.
+        const data$ = await httpClient.post(this._endpoint, {
+            email: this._email,
+            password: this._password
+        });
+        const { token, refresh_token, user, provider, verify_token } = await firstValueFrom(data$);
+        // Map the data to the correct format.
+        return {
+            accessToken: token,
+            refreshToken: refresh_token,
+            user: user,
+            provider: provider,
+            verifyToken: verify_token
+        };
+    }
 }
 
-class AuthSession {
-    constructor(options) {
-        // Readonly data.
-        this._jwt = new JwtHelper();
-        // Token strings.
-        this._accessTokenString = null;
-        this._refreshTokenString = null;
-        // Token payloads.
-        this._accessTokenPayload = null;
-        this._refreshTokenPayload = null;
-        // Private user data.
-        this._user$ = new BehaviorSubject(null);
-        // Public user data.
-        this.user = this._user$.pipe(shareReplay(1));
-        this.generateKey = (applicationId, key) => {
-            return [applicationId, key].join('_');
-        };
-        this.isTokenValid = (token) => {
-            if (!token) {
-                return false;
-            }
-            return token?.expiresAt?.getTime() > Date.now();
-        };
-        const applicationId = options?.id ?? 'ng';
-        // Setting up the readonly storage keys.
-        this._accessTokenStorageKey = this.generateKey(applicationId, 'au_act');
-        this._refreshTokenStorageKey = this.generateKey(applicationId, 'au_rft');
-        this._userStorageKey = this.generateKey(applicationId, 'au_usr');
-        // Setting up the storage.
-        this._storage = options?.storage ?? null;
-        // Init methods.
-        this.restoreFromStorage();
-    }
-    get accessToken() {
-        return this.isTokenValid(this._accessTokenPayload)
-            ? this._accessTokenString
-            : null;
-    }
-    get refreshToken() {
-        return this.isTokenValid(this.refreshTokenPayload)
-            ? this._refreshTokenString
-            : null;
-    }
-    get accessTokenPayload() {
-        return this._accessTokenPayload ?? null;
-    }
-    get refreshTokenPayload() {
-        return this._refreshTokenPayload ?? null;
-    }
-    authenticated() {
-        return this.isTokenValid(this._accessTokenPayload) || this.isTokenValid(this._refreshTokenPayload);
-    }
-    setTokens(accessToken, refreshToken) {
-        this.setAccessToken(accessToken);
-        this.setRefreshToken(refreshToken);
-        this.syncTokensInStorage();
-    }
-    setUser(user) {
-        this._user$.next(user ?? null);
-        this.syncUserInStorage();
-    }
-    clear() {
-        this.setTokens(null, null);
-        this.setUser(null);
-    }
-    restoreFromStorage() {
-        if (!this._storage) {
-            return;
-        }
-        // Set the access token.
-        const accessToken = this._storage.get(this._accessTokenStorageKey);
-        this.setAccessToken(accessToken);
-        // Set the refresh token.
-        const refreshToken = this._storage.get(this._refreshTokenStorageKey);
-        this.setRefreshToken(refreshToken);
-        // Set the user if we have any correct token payloads.
-        if (this._accessTokenPayload || this._refreshTokenPayload) {
-            const user = this._storage.get(this._userStorageKey);
-            this._user$.next(user ?? null); // Note: just settings here instead of setUser() because of syncing to the storage.
-        }
-    }
-    syncTokensInStorage() {
-        if (!this._storage) {
-            return;
-        }
-        // Set the access token if completely valid.
-        if (!!this.accessToken) {
-            this._storage.set(this._accessTokenStorageKey, this._accessTokenString, {
-                expires: this._accessTokenPayload?.expiresAt
-            });
-        }
-        else {
-            this._storage.remove(this._accessTokenStorageKey);
-        }
-        // Set the refresh token if completely valid.
-        if (!!this.refreshToken) {
-            this._storage.set(this._refreshTokenStorageKey, this._refreshTokenString, {
-                expires: this._refreshTokenPayload?.expiresAt
-            });
-        }
-        else {
-            this._storage.remove(this._refreshTokenStorageKey);
-        }
-    }
-    syncUserInStorage() {
-        if (!this._storage) {
-            return;
-        }
-        const user = this._user$.getValue();
-        if (!user) {
-            return this._storage.remove(this._userStorageKey);
-        }
-        const date = new Date();
-        date.setFullYear(date.getFullYear() + 1);
-        this._storage.set(this._userStorageKey, user, {
-            expires: new Date(date.getTime())
-        });
-    }
-    setAccessToken(value) {
-        this._accessTokenString = value ?? null;
-        this._accessTokenPayload = this._jwt.decode(this._accessTokenString);
-    }
-    setRefreshToken(value) {
-        this._refreshTokenString = value ?? null;
-        this._refreshTokenPayload = this._jwt.decode(this._refreshTokenString);
-    }
+class AuthSession {
+    constructor(options) {
+        // Readonly data.
+        this._jwt = new JwtHelper();
+        // Token strings.
+        this._accessTokenString = null;
+        this._refreshTokenString = null;
+        // Token payloads.
+        this._accessTokenPayload = null;
+        this._refreshTokenPayload = null;
+        // Private user data.
+        this._user$ = new BehaviorSubject(null);
+        // Public user data.
+        this.user = this._user$.pipe(shareReplay(1));
+        this.generateKey = (applicationId, key) => {
+            return [applicationId, key].join('_');
+        };
+        this.isTokenValid = (token) => {
+            if (!token) {
+                return false;
+            }
+            return token?.expiresAt?.getTime() > Date.now();
+        };
+        const applicationId = options?.id ?? 'ng';
+        // Setting up the readonly storage keys.
+        this._accessTokenStorageKey = this.generateKey(applicationId, 'au_act');
+        this._refreshTokenStorageKey = this.generateKey(applicationId, 'au_rft');
+        this._userStorageKey = this.generateKey(applicationId, 'au_usr');
+        // Setting up the storage.
+        this._storage = options?.storage ?? null;
+        // Init methods.
+        this.restoreFromStorage();
+    }
+    get accessToken() {
+        return this.isTokenValid(this._accessTokenPayload)
+            ? this._accessTokenString
+            : null;
+    }
+    get refreshToken() {
+        return this.isTokenValid(this.refreshTokenPayload)
+            ? this._refreshTokenString
+            : null;
+    }
+    get accessTokenPayload() {
+        return this._accessTokenPayload ?? null;
+    }
+    get refreshTokenPayload() {
+        return this._refreshTokenPayload ?? null;
+    }
+    authenticated() {
+        return this.isTokenValid(this._accessTokenPayload) || this.isTokenValid(this._refreshTokenPayload);
+    }
+    setTokens(accessToken, refreshToken) {
+        this.setAccessToken(accessToken);
+        this.setRefreshToken(refreshToken);
+        this.syncTokensInStorage();
+    }
+    setUser(user) {
+        this._user$.next(user ?? null);
+        this.syncUserInStorage();
+    }
+    clear() {
+        this.setTokens(null, null);
+        this.setUser(null);
+    }
+    restoreFromStorage() {
+        if (!this._storage) {
+            return;
+        }
+        // Set the access token.
+        const accessToken = this._storage.get(this._accessTokenStorageKey);
+        this.setAccessToken(accessToken);
+        // Set the refresh token.
+        const refreshToken = this._storage.get(this._refreshTokenStorageKey);
+        this.setRefreshToken(refreshToken);
+        // Set the user if we have any correct token payloads.
+        if (this._accessTokenPayload || this._refreshTokenPayload) {
+            const user = this._storage.get(this._userStorageKey);
+            this._user$.next(user ?? null); // Note: just settings here instead of setUser() because of syncing to the storage.
+        }
+    }
+    syncTokensInStorage() {
+        if (!this._storage) {
+            return;
+        }
+        // Set the access token if completely valid.
+        if (!!this.accessToken) {
+            this._storage.set(this._accessTokenStorageKey, this._accessTokenString, {
+                expires: this._accessTokenPayload?.expiresAt
+            });
+        }
+        else {
+            this._storage.remove(this._accessTokenStorageKey);
+        }
+        // Set the refresh token if completely valid.
+        if (!!this.refreshToken) {
+            this._storage.set(this._refreshTokenStorageKey, this._refreshTokenString, {
+                expires: this._refreshTokenPayload?.expiresAt
+            });
+        }
+        else {
+            this._storage.remove(this._refreshTokenStorageKey);
+        }
+    }
+    syncUserInStorage() {
+        if (!this._storage) {
+            return;
+        }
+        const user = this._user$.getValue();
+        if (!user) {
+            return this._storage.remove(this._userStorageKey);
+        }
+        const date = new Date();
+        date.setFullYear(date.getFullYear() + 1);
+        this._storage.set(this._userStorageKey, user, {
+            expires: new Date(date.getTime())
+        });
+    }
+    setAccessToken(value) {
+        this._accessTokenString = value ?? null;
+        this._accessTokenPayload = this._jwt.decode(this._accessTokenString);
+    }
+    setRefreshToken(value) {
+        this._refreshTokenString = value ?? null;
+        this._refreshTokenPayload = this._jwt.decode(this._refreshTokenString);
+    }
 }
 
-class Auth {
-    constructor(_storage, _mapper, _injector, _platform, _httpClient, _config, _state, _httpConfig) {
-        this._storage = _storage;
-        this._mapper = _mapper;
-        this._injector = _injector;
-        this._platform = _platform;
-        this._httpClient = _httpClient;
-        this._config = _config;
-        this._state = _state;
-        this._httpConfig = _httpConfig;
-        // Readonly data.
-        this._authStateKey = makeStateKey(`bbAuthStateKey`);
-        this._httpAlias = this._httpConfig?.defaultAlias ?? null;
-        this._refreshHandler = null;
-        // Starting the new session.
-        this.session = new AuthSession({
-            id: this._config?.applicationId,
-            storage: this._storage.select(["cookie" /* Cookie */, "local" /* Local */])
-        });
-        this.user = this.session.user;
-    }
-    initialize() {
-        return async () => {
-            // Check if the app should bootstrap the authentication.
-            const shouldBootstrap = this._config?.bootstrap ?? true;
-            if (!shouldBootstrap) {
-                return this.handleAutoRefreshing();
-            }
-            // Only retrieve from the server when we are actually authenticated.
-            if (!this.session.authenticated()) {
-                return;
-            }
-            // Get the key from the server state.
-            if (this._state && this._state?.hasKey(this._authStateKey)) {
-                const user = this._state?.get(this._authStateKey, null) ?? null;
-                return this.session.setUser(user);
-            }
-            // Try to fetch the user from the server.
-            const user$ = this.me();
-            const user = await firstValueFrom(user$, { defaultValue: null });
-            // Set the state if exists.
-            if (this._state) {
-                this._state?.set(this._authStateKey, user ?? null);
-            }
-            // Save the user in the storage and handle auto refreshing.
-            this.session.setUser(user);
-            this.handleAutoRefreshing();
-        };
-    }
-    me() {
-        const url = this.getUrl('auth/me');
-        return this._httpClient.get(url);
-    }
-    async signIn(provider, as) {
-        const { accessToken, refreshToken, user, ...result } = await provider.authenticate(this._httpClient);
-        // Check if the role matches.
-        if (as && !as.includes(this._mapper.role(user))) {
-            throw new Error('Invalid role.');
-        }
-        // Validate if the provider is one of the available
-        // providers then return the user object and the provider.
-        const apiProvider = result?.provider ?? null;
-        const apiVerifyToken = result?.verifyToken ?? null;
-        const availableProviders = ['email', 'sms', 'totp'];
-        if (availableProviders.includes(apiProvider)) {
-            return { user, provider: apiProvider, verifyToken: apiVerifyToken };
-        }
-        // Set the tokens in storage.
-        this.setTokens(accessToken, refreshToken);
-        // Set the user in storage.
-        this.session.setUser(user);
-        // Return the user.
-        return { user };
-    }
-    async signInWithEmail(email, password, as) {
-        const url = this.getUrl('auth/login');
-        return this.signIn(new AuthEmailProvider(email, password, url), as);
-    }
-    async signInWithVerifyCode(code, verifyToken) {
-        const url = this.getUrl('auth/verify');
-        return this.signIn(new AuthVerifyProvider(code, verifyToken, url));
-    }
-    async resendVerifyCode(verifyToken) {
-        const url = this.getUrl('auth/resend');
-        const result$ = this._httpClient.post(url, {
-            verify_token: verifyToken
-        });
-        return firstValueFrom(result$);
-    }
-    async register(data, options) {
-        // Execute API call.
-        const url = this.getUrl('auth/register');
-        const result$ = this._httpClient.post(url, data, options);
-        const result = await firstValueFrom(result$);
-        // Map to the correct response.
-        const { accessToken, refreshToken, user } = this._mapper.toRegister(result);
-        // Set the tokens in storage.
-        this.setTokens(accessToken, refreshToken);
-        // Set the user in storage.
-        this.session.setUser(user);
-        // Return the user.
-        return user;
-    }
-    logout() {
-        // If we don't have a refresh token just clear the session.
-        // Note: We do this because else we try to invalidate
-        // an "undefined" refresh token.
-        const refreshToken = this.session.refreshToken;
-        if (!refreshToken) {
-            return this.session.clear();
-        }
-        // We do have a refresh token, so try to
-        // invalidate it in the backend.
-        try {
-            const url = this.getUrl('auth/logout');
-            const observable$ = this._httpClient.get(url, {
-                headers: { Authorization: refreshToken }
-            });
-            firstValueFrom(observable$).then(_ => _);
-        }
-        catch {
-            // Do nothing because the tokens will be deleted anyways from the session.
-        }
-        // Delete the tokens from the session.
-        return this.session.clear();
-    }
-    refresh() {
-        // If the refresh token does
-        // not exist just return an observable of null.
-        const refreshToken = this.session.refreshToken;
-        if (!refreshToken) {
-            return of(null);
-        }
-        // Perform the refresh call.
-        const scheme = this._config?.scheme ?? 'Bearer';
-        const url = this.getUrl('auth/refresh');
-        const context = new HttpContext()
-            .set(USE_AUTHORIZATION, false);
-        return this._httpClient.get(url, {
-            headers: { Authorization: `${scheme} ${refreshToken}` },
-            context: context
-        }).pipe(map(data => this._mapper.toRefresh(data)), tap(({ accessToken, refreshToken }) => this.setTokens(accessToken, refreshToken)), map(({ accessToken }) => accessToken));
-    }
-    async requestPassword(email, extraParams = {}) {
-        const url = this.getUrl('auth/reset');
-        const observable$ = this._httpClient.post(url, { ...extraParams, email });
-        return firstValueFrom(observable$);
-    }
-    async resetPassword(token, newPassword, extraParams = {}) {
-        const url = this.getUrl('auth/reset-password');
-        const observable$ = this._httpClient.post(url, { ...extraParams, token, password: newPassword });
-        return firstValueFrom(observable$);
-    }
-    guard(type, redirectUrl) {
-        let newUrl = null;
-        // Get the correct new url.
-        switch (type) {
-            case 'authenticated':
-                newUrl = this._config?.loggedInUrl ?? null;
-                break;
-            case 'unauthenticated':
-                newUrl = this._config?.redirectUrl ?? null;
-                break;
-        }
-        // Append a redirect url if the user is deemed
-        // unauthenticated.
-        if (type === 'unauthenticated') {
-            const setRedirectOnFailedAuth = this._config?.setRedirectOnFailedAuth ?? true;
-            if (setRedirectOnFailedAuth && redirectUrl && newUrl) {
-                newUrl += `?redirectUrl=${redirectUrl}`;
-            }
-        }
-        // Parse the url if it exists.
-        if (this.router && newUrl) {
-            return this.router.parseUrl(newUrl);
-        }
-        // Return false if the user is not allowed.
-        return false;
-    }
-    clearAndRedirect() {
-        // 1. Delete the tokens from the session.
-        this.session.clear();
-        // 2. Compose the route url.
-        const redirectUrl = this._config?.redirectUrl ?? null;
-        // 3. Route back if the user provided a redirect url.
-        if (this.router && redirectUrl) {
-            this.router.navigate([redirectUrl]).then(_ => _);
-        }
-    }
-    setTokens(accessToken, refreshToken) {
-        // Set the tokens in our session.
-        this.session.setTokens(accessToken, refreshToken);
-        // We need to update the auto refresh of the refresh token.
-        this.handleAutoRefreshing();
-    }
-    handleAutoRefreshing() {
-        const shouldAutoRefresh = this._config?.autoRefresh ?? false;
-        if (!shouldAutoRefresh) {
-            return;
-        }
-        const expiresAt = this.session.refreshTokenPayload?.expiresAt ?? null;
-        if (expiresAt === null || !this._platform.isBrowser) {
-            return;
-        }
-        const differenceInMilliseconds = expiresAt.getTime() - Date.now();
-        const offsetInMilliseconds = 10000; // 10 seconds.
-        // We want to start the refresh 10 seconds before it expires.
-        const actualTiming = differenceInMilliseconds - offsetInMilliseconds;
-        if (actualTiming <= 0) {
-            return;
-        }
-        // We need to cap the timings because if
-        // we get large numbers it might cause unwanted results.
-        const maxTiming = 1000 * 60 * 60 * 24; // 24 hours.
-        const cappedTiming = Math.max(1, Math.min(actualTiming, maxTiming));
-        try {
-            if (this._refreshHandler !== null) {
-                clearTimeout?.(this._refreshHandler);
-                this._refreshHandler = null;
-            }
-            this._refreshHandler = setTimeout?.(() => this.autoRefresh(), cappedTiming);
-        }
-        catch {
-            // Just ignore it.
-        }
-    }
-    async autoRefresh() {
-        try {
-            // We just need to wait for it to refresh.
-            const refresh$ = this.refresh();
-            await firstValueFrom(refresh$);
-        }
-        catch {
-            // Something went wrong refreshing, we need to clear.
-            this.clearAndRedirect();
-        }
-    }
-    get router() {
-        return this._injector.get(Router);
-    }
-    getUrl(endpoint) {
-        return [this._httpAlias, endpoint]
-            .filter(item => !!item)
-            .join('/');
-    }
-}
-Auth.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: Auth, deps: [{ token: i1.Storage }, { token: AuthMapper }, { token: i0.Injector }, { token: i3.Platform }, { token: i4.HttpClient }, { token: AuthConfig, optional: true }, { token: i6.TransferState, optional: true }, { token: i7.HttpConfig, optional: true }], target: i0.ɵɵFactoryTarget.Injectable });
-Auth.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: Auth });
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: Auth, decorators: [{
-            type: Injectable
-        }], ctorParameters: function () { return [{ type: i1.Storage }, { type: AuthMapper }, { type: i0.Injector }, { type: i3.Platform }, { type: i4.HttpClient }, { type: AuthConfig, decorators: [{
-                    type: Optional
-                }] }, { type: i6.TransferState, decorators: [{
-                    type: Optional
-                }] }, { type: i7.HttpConfig, decorators: [{
-                    type: Optional
+class Auth {
+    constructor(_storage, _mapper, _injector, _platform, _httpClient, _config, _state, _httpConfig) {
+        this._storage = _storage;
+        this._mapper = _mapper;
+        this._injector = _injector;
+        this._platform = _platform;
+        this._httpClient = _httpClient;
+        this._config = _config;
+        this._state = _state;
+        this._httpConfig = _httpConfig;
+        // Readonly data.
+        this._authStateKey = makeStateKey(`bbAuthStateKey`);
+        this._httpAlias = this._httpConfig?.defaultAlias ?? null;
+        this._refreshHandler = null;
+        // We select a storage strategy based on the server/browser.
+        // Only cookies CAN work on the server.
+        const storageStrategy = this._platform.isBrowser
+            ? this._storage.select(["cookie" /* Cookie */, "local" /* Local */])
+            : this._storage.cookie;
+        // Starting the new session.
+        this.session = new AuthSession({
+            id: this._config?.applicationId,
+            storage: storageStrategy
+        });
+        this.user = this.session.user;
+    }
+    initialize() {
+        return async () => {
+            // Check if the app should bootstrap the authentication.
+            const shouldBootstrap = this._config?.bootstrap ?? true;
+            if (!shouldBootstrap) {
+                return this.handleAutoRefreshing();
+            }
+            // Only retrieve from the server when we are actually authenticated.
+            if (!this.session.authenticated()) {
+                return;
+            }
+            // Get the key from the server state.
+            if (this._state && this._state?.hasKey(this._authStateKey)) {
+                const user = this._state?.get(this._authStateKey, null) ?? null;
+                return this.session.setUser(user);
+            }
+            // Try to fetch the user from the server.
+            const user$ = this.me();
+            const user = await firstValueFrom(user$, { defaultValue: null });
+            // Set the state if exists.
+            if (this._state) {
+                this._state?.set(this._authStateKey, user ?? null);
+            }
+            // Save the user in the storage and handle auto refreshing.
+            this.session.setUser(user);
+            this.handleAutoRefreshing();
+        };
+    }
+    me() {
+        const url = this.getUrl('auth/me');
+        return this._httpClient.get(url);
+    }
+    async signIn(provider, as) {
+        const { accessToken, refreshToken, user, ...result } = await provider.authenticate(this._httpClient);
+        // Check if the role matches.
+        if (as && !as.includes(this._mapper.role(user))) {
+            throw new Error('Invalid role.');
+        }
+        // Validate if the provider is one of the available
+        // providers then return the user object and the provider.
+        const apiProvider = result?.provider ?? null;
+        const apiVerifyToken = result?.verifyToken ?? null;
+        const availableProviders = ['email', 'sms', 'totp'];
+        if (availableProviders.includes(apiProvider)) {
+            return { user, provider: apiProvider, verifyToken: apiVerifyToken };
+        }
+        // Set the tokens in storage.
+        this.setTokens(accessToken, refreshToken);
+        // Set the user in storage.
+        this.session.setUser(user);
+        // Return the user.
+        return { user };
+    }
+    async signInWithEmail(email, password, as) {
+        const url = this.getUrl('auth/login');
+        return this.signIn(new AuthEmailProvider(email, password, url), as);
+    }
+    async signInWithVerifyCode(code, verifyToken) {
+        const url = this.getUrl('auth/verify');
+        return this.signIn(new AuthVerifyProvider(code, verifyToken, url));
+    }
+    async resendVerifyCode(verifyToken) {
+        const url = this.getUrl('auth/resend');
+        const result$ = this._httpClient.post(url, {
+            verify_token: verifyToken
+        });
+        return firstValueFrom(result$);
+    }
+    async register(data, options) {
+        // Execute API call.
+        const url = this.getUrl('auth/register');
+        const result$ = this._httpClient.post(url, data, options);
+        const result = await firstValueFrom(result$);
+        // Map to the correct response.
+        const { accessToken, refreshToken, user } = this._mapper.toRegister(result);
+        // Set the tokens in storage.
+        this.setTokens(accessToken, refreshToken);
+        // Set the user in storage.
+        this.session.setUser(user);
+        // Return the user.
+        return user;
+    }
+    logout() {
+        // If we don't have a refresh token just clear the session.
+        // Note: We do this because else we try to invalidate
+        // an "undefined" refresh token.
+        const refreshToken = this.session.refreshToken;
+        if (!refreshToken) {
+            return this.session.clear();
+        }
+        // We do have a refresh token, so try to
+        // invalidate it in the backend.
+        try {
+            const url = this.getUrl('auth/logout');
+            const observable$ = this._httpClient.get(url, {
+                headers: { Authorization: refreshToken }
+            });
+            firstValueFrom(observable$).then(_ => _);
+        }
+        catch {
+            // Do nothing because the tokens will be deleted anyways from the session.
+        }
+        // Delete the tokens from the session.
+        return this.session.clear();
+    }
+    refresh() {
+        // If the refresh token does
+        // not exist just return an observable of null.
+        const refreshToken = this.session.refreshToken;
+        if (!refreshToken) {
+            return of(null);
+        }
+        // Perform the refresh call.
+        const scheme = this._config?.scheme ?? 'Bearer';
+        const url = this.getUrl('auth/refresh');
+        const context = new HttpContext()
+            .set(USE_AUTHORIZATION, false);
+        return this._httpClient.get(url, {
+            headers: { Authorization: `${scheme} ${refreshToken}` },
+            context: context
+        }).pipe(map(data => this._mapper.toRefresh(data)), tap(({ accessToken, refreshToken }) => this.setTokens(accessToken, refreshToken)), map(({ accessToken }) => accessToken));
+    }
+    async requestPassword(email, extraParams = {}) {
+        const url = this.getUrl('auth/reset');
+        const observable$ = this._httpClient.post(url, { ...extraParams, email });
+        return firstValueFrom(observable$);
+    }
+    async resetPassword(token, newPassword, extraParams = {}) {
+        const url = this.getUrl('auth/reset-password');
+        const observable$ = this._httpClient.post(url, { ...extraParams, token, password: newPassword });
+        return firstValueFrom(observable$);
+    }
+    guard(type, redirectUrl) {
+        let newUrl = null;
+        // Get the correct new url.
+        switch (type) {
+            case 'authenticated':
+                newUrl = this._config?.loggedInUrl ?? null;
+                break;
+            case 'unauthenticated':
+                newUrl = this._config?.redirectUrl ?? null;
+                break;
+        }
+        // Append a redirect url if the user is deemed
+        // unauthenticated.
+        if (type === 'unauthenticated') {
+            const setRedirectOnFailedAuth = this._config?.setRedirectOnFailedAuth ?? true;
+            if (setRedirectOnFailedAuth && redirectUrl && newUrl) {
+                newUrl += `?redirectUrl=${redirectUrl}`;
+            }
+        }
+        // Parse the url if it exists.
+        if (this.router && newUrl) {
+            return this.router.parseUrl(newUrl);
+        }
+        // Return false if the user is not allowed.
+        return false;
+    }
+    clearAndRedirect() {
+        // 1. Delete the tokens from the session.
+        this.session.clear();
+        // 2. Compose the route url.
+        const redirectUrl = this._config?.redirectUrl ?? null;
+        // 3. Route back if the user provided a redirect url.
+        if (this.router && redirectUrl) {
+            this.router.navigate([redirectUrl]).then(_ => _);
+        }
+    }
+    setTokens(accessToken, refreshToken) {
+        // Set the tokens in our session.
+        this.session.setTokens(accessToken, refreshToken);
+        // We need to update the auto refresh of the refresh token.
+        this.handleAutoRefreshing();
+    }
+    handleAutoRefreshing() {
+        const shouldAutoRefresh = this._config?.autoRefresh ?? false;
+        if (!shouldAutoRefresh) {
+            return;
+        }
+        const expiresAt = this.session.refreshTokenPayload?.expiresAt ?? null;
+        if (expiresAt === null || !this._platform.isBrowser) {
+            return;
+        }
+        const differenceInMilliseconds = expiresAt.getTime() - Date.now();
+        const offsetInMilliseconds = 10000; // 10 seconds.
+        // We want to start the refresh 10 seconds before it expires.
+        const actualTiming = differenceInMilliseconds - offsetInMilliseconds;
+        if (actualTiming <= 0) {
+            return;
+        }
+        // We need to cap the timings because if
+        // we get large numbers it might cause unwanted results.
+        const maxTiming = 1000 * 60 * 60 * 24; // 24 hours.
+        const cappedTiming = Math.max(1, Math.min(actualTiming, maxTiming));
+        try {
+            if (this._refreshHandler !== null) {
+                clearTimeout?.(this._refreshHandler);
+                this._refreshHandler = null;
+            }
+            this._refreshHandler = setTimeout?.(() => this.autoRefresh(), cappedTiming);
+        }
+        catch {
+            // Just ignore it.
+        }
+    }
+    async autoRefresh() {
+        try {
+            // We just need to wait for it to refresh.
+            const refresh$ = this.refresh();
+            await firstValueFrom(refresh$);
+        }
+        catch {
+            // Something went wrong refreshing, we need to clear.
+            this.clearAndRedirect();
+        }
+    }
+    get router() {
+        return this._injector.get(Router);
+    }
+    getUrl(endpoint) {
+        return [this._httpAlias, endpoint]
+            .filter(item => !!item)
+            .join('/');
+    }
+}
+Auth.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: Auth, deps: [{ token: i1.Storage }, { token: AuthMapper }, { token: i0.Injector }, { token: i3.Platform }, { token: i4.HttpClient }, { token: AuthConfig, optional: true }, { token: i6.TransferState, optional: true }, { token: i7.HttpConfig, optional: true }], target: i0.ɵɵFactoryTarget.Injectable });
+Auth.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: Auth });
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: Auth, decorators: [{
+            type: Injectable
+        }], ctorParameters: function () { return [{ type: i1.Storage }, { type: AuthMapper }, { type: i0.Injector }, { type: i3.Platform }, { type: i4.HttpClient }, { type: AuthConfig, decorators: [{
+                    type: Optional
+                }] }, { type: i6.TransferState, decorators: [{
+                    type: Optional
+                }] }, { type: i7.HttpConfig, decorators: [{
+                    type: Optional
                 }] }]; } });
 
-class BbAuthenticated {
-    constructor(_auth, _template, _viewContainerRef) {
-        this._auth = _auth;
-        this._template = _template;
-        this._viewContainerRef = _viewContainerRef;
-    }
-    ngOnInit() {
-        this._subscription = this._auth.user.pipe(map(user => !!user), distinctUntilChanged()).subscribe(isAuthenticated => {
-            if (!isAuthenticated) {
-                return this._viewContainerRef.clear();
-            }
-            this._viewContainerRef.createEmbeddedView(this._template);
-        });
-    }
-    ngOnDestroy() {
-        this._subscription?.unsubscribe();
-    }
-}
-BbAuthenticated.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: BbAuthenticated, deps: [{ token: Auth }, { token: i0.TemplateRef }, { token: i0.ViewContainerRef }], target: i0.ɵɵFactoryTarget.Directive });
-BbAuthenticated.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "12.0.0", version: "13.2.5", type: BbAuthenticated, selector: "[bbAuthenticated]", ngImport: i0 });
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: BbAuthenticated, decorators: [{
-            type: Directive,
-            args: [{
-                    selector: '[bbAuthenticated]'
-                }]
+class BbAuthenticated {
+    constructor(_auth, _template, _viewContainerRef) {
+        this._auth = _auth;
+        this._template = _template;
+        this._viewContainerRef = _viewContainerRef;
+    }
+    ngOnInit() {
+        this._subscription = this._auth.user.pipe(map(user => !!user), distinctUntilChanged()).subscribe(isAuthenticated => {
+            if (!isAuthenticated) {
+                return this._viewContainerRef.clear();
+            }
+            this._viewContainerRef.createEmbeddedView(this._template);
+        });
+    }
+    ngOnDestroy() {
+        this._subscription?.unsubscribe();
+    }
+}
+BbAuthenticated.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: BbAuthenticated, deps: [{ token: Auth }, { token: i0.TemplateRef }, { token: i0.ViewContainerRef }], target: i0.ɵɵFactoryTarget.Directive });
+BbAuthenticated.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "12.0.0", version: "13.3.6", type: BbAuthenticated, selector: "[bbAuthenticated]", ngImport: i0 });
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: BbAuthenticated, decorators: [{
+            type: Directive,
+            args: [{
+                    selector: '[bbAuthenticated]'
+                }]
         }], ctorParameters: function () { return [{ type: Auth }, { type: i0.TemplateRef }, { type: i0.ViewContainerRef }]; } });
 
-class BbRole {
-    constructor(_auth, _template, _viewContainerRef) {
-        this._auth = _auth;
-        this._template = _template;
-        this._viewContainerRef = _viewContainerRef;
-        this.getAllowedRoles = (value) => {
-            return Array.isArray(value) ? value : [value];
-        };
-    }
-    ngOnInit() {
-        this._subscription = this._auth.user.pipe(map(user => user?.role ?? null), distinctUntilChanged()).subscribe(role => {
-            const allowedRoles = this.getAllowedRoles(this.bbRole);
-            if (!allowedRoles.includes(role)) {
-                return this._viewContainerRef.clear();
-            }
-            this._viewContainerRef.createEmbeddedView(this._template);
-        });
-    }
-    ngOnDestroy() {
-        this._subscription?.unsubscribe();
-    }
-}
-BbRole.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: BbRole, deps: [{ token: Auth }, { token: i0.TemplateRef }, { token: i0.ViewContainerRef }], target: i0.ɵɵFactoryTarget.Directive });
-BbRole.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "12.0.0", version: "13.2.5", type: BbRole, selector: "[bbRole]", inputs: { bbRole: "bbRole" }, ngImport: i0 });
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: BbRole, decorators: [{
-            type: Directive,
-            args: [{
-                    selector: '[bbRole]'
-                }]
-        }], ctorParameters: function () { return [{ type: Auth }, { type: i0.TemplateRef }, { type: i0.ViewContainerRef }]; }, propDecorators: { bbRole: [{
-                type: Input
+class BbRole {
+    constructor(_auth, _template, _viewContainerRef) {
+        this._auth = _auth;
+        this._template = _template;
+        this._viewContainerRef = _viewContainerRef;
+        this.getAllowedRoles = (value) => {
+            return Array.isArray(value) ? value : [value];
+        };
+    }
+    ngOnInit() {
+        this._subscription = this._auth.user.pipe(map(user => user?.role ?? null), distinctUntilChanged()).subscribe(role => {
+            const allowedRoles = this.getAllowedRoles(this.bbRole);
+            if (!allowedRoles.includes(role)) {
+                return this._viewContainerRef.clear();
+            }
+            this._viewContainerRef.createEmbeddedView(this._template);
+        });
+    }
+    ngOnDestroy() {
+        this._subscription?.unsubscribe();
+    }
+}
+BbRole.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: BbRole, deps: [{ token: Auth }, { token: i0.TemplateRef }, { token: i0.ViewContainerRef }], target: i0.ɵɵFactoryTarget.Directive });
+BbRole.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "12.0.0", version: "13.3.6", type: BbRole, selector: "[bbRole]", inputs: { bbRole: "bbRole" }, ngImport: i0 });
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: BbRole, decorators: [{
+            type: Directive,
+            args: [{
+                    selector: '[bbRole]'
+                }]
+        }], ctorParameters: function () { return [{ type: Auth }, { type: i0.TemplateRef }, { type: i0.ViewContainerRef }]; }, propDecorators: { bbRole: [{
+                type: Input
             }] } });
 
-class Permissions {
-    constructor(_auth, _config) {
-        this._auth = _auth;
-        this._config = _config;
-        // Data.
-        this._permissions = this._config?.permissions ?? {};
-        this._role$ = this._auth.user.pipe(map(user => user?.role ?? null), distinctUntilChanged());
-    }
-    has(value) {
-        const requiredPermissions = Array.isArray(value)
-            ? value
-            : [value];
-        return this._role$.pipe(map(role => {
-            if (role === null || role === undefined) {
-                return false;
-            }
-            for (const requiredPermission of requiredPermissions) {
-                const result = this.validatePermission(requiredPermission, role);
-                if (!result) {
-                    return false;
-                }
-            }
-            return true;
-        }));
-    }
-    validatePermission(type, role) {
-        const permission = this._permissions?.[type] ?? null;
-        if (!permission) {
-            console?.warn?.(`Permissions: Invalid permission requested "${type}".`);
-            return false;
-        }
-        if (permission?.length <= 0) {
-            console?.warn?.(`Permissions: No roles were set, please add some roles to this permission.`);
-            return false;
-        }
-        // If the permission includes a "*" we allow everyone.
-        if (permission.includes('*')) {
-            return true;
-        }
-        // Validate the role against the permissions.
-        return permission?.includes(role) ?? false;
-    }
-}
-Permissions.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: Permissions, deps: [{ token: Auth }, { token: AuthConfig, optional: true }], target: i0.ɵɵFactoryTarget.Injectable });
-Permissions.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: Permissions });
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: Permissions, decorators: [{
-            type: Injectable
-        }], ctorParameters: function () { return [{ type: Auth }, { type: AuthConfig, decorators: [{
-                    type: Optional
+class Permissions {
+    constructor(_auth, _config) {
+        this._auth = _auth;
+        this._config = _config;
+        // Data.
+        this._permissions = this._config?.permissions ?? {};
+        this._role$ = this._auth.user.pipe(map(user => user?.role ?? null), distinctUntilChanged());
+    }
+    has(value) {
+        const requiredPermissions = Array.isArray(value)
+            ? value
+            : [value];
+        return this._role$.pipe(map(role => {
+            if (role === null || role === undefined) {
+                return false;
+            }
+            for (const requiredPermission of requiredPermissions) {
+                const result = this.validatePermission(requiredPermission, role);
+                if (!result) {
+                    return false;
+                }
+            }
+            return true;
+        }));
+    }
+    validatePermission(type, role) {
+        const permission = this._permissions?.[type] ?? null;
+        if (!permission) {
+            console?.warn?.(`Permissions: Invalid permission requested "${type}".`);
+            return false;
+        }
+        if (permission?.length <= 0) {
+            console?.warn?.(`Permissions: No roles were set, please add some roles to this permission.`);
+            return false;
+        }
+        // If the permission includes a "*" we allow everyone.
+        if (permission.includes('*')) {
+            return true;
+        }
+        // Validate the role against the permissions.
+        return permission?.includes(role) ?? false;
+    }
+}
+Permissions.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: Permissions, deps: [{ token: Auth }, { token: AuthConfig, optional: true }], target: i0.ɵɵFactoryTarget.Injectable });
+Permissions.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: Permissions });
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: Permissions, decorators: [{
+            type: Injectable
+        }], ctorParameters: function () { return [{ type: Auth }, { type: AuthConfig, decorators: [{
+                    type: Optional
                 }] }]; } });
 
-class BbPermission {
-    constructor(_permissions, _templateRef, _viewContainerRef) {
-        this._permissions = _permissions;
-        this._templateRef = _templateRef;
-        this._viewContainerRef = _viewContainerRef;
-        // Data.
-        this._permission$ = new BehaviorSubject([]);
-        this._valid = false;
-        this._elseTemplateRef = null;
-        this._thenViewRef = null;
-        this._elseViewRef = null;
-        this.getAllowedPermissions = (value) => {
-            return Array.isArray(value) ? value : [value];
-        };
-        this.assertTemplate = (property, templateRef) => {
-            const isTemplateRefOrNull = !!(!templateRef || templateRef.createEmbeddedView);
-            if (!isTemplateRefOrNull) {
-                throw new Error(`${property} must be a TemplateRef.`);
-            }
-        };
-    }
-    set bbPermission(value) {
-        const permissions = this.getAllowedPermissions(value);
-        this._permission$.next(permissions);
-        this.updateView();
-    }
-    set bbPermissionElse(templateRef) {
-        this.assertTemplate('bbPermissionElse', templateRef);
-        this._elseTemplateRef = templateRef;
-        this.updateView();
-    }
-    ngOnInit() {
-        const check$ = this._permission$.pipe(switchMap(permissions => this._permissions.has(permissions)));
-        this._subscription = check$.subscribe(valid => {
-            this._valid = valid;
-            this.updateView();
-        });
-    }
-    ngOnDestroy() {
-        this._subscription?.unsubscribe();
-    }
-    updateView() {
-        if (this._valid) {
-            if (!this._thenViewRef) {
-                this._viewContainerRef.clear();
-                this._elseViewRef = null;
-                if (this._templateRef) {
-                    this._thenViewRef = this._viewContainerRef.createEmbeddedView(this._templateRef);
-                }
-            }
-        }
-        else {
-            if (!this._elseViewRef) {
-                this._viewContainerRef.clear();
-                this._thenViewRef = null;
-                if (this._elseTemplateRef) {
-                    this._elseViewRef = this._viewContainerRef.createEmbeddedView(this._elseTemplateRef);
-                }
-            }
-        }
-    }
-}
-BbPermission.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: BbPermission, deps: [{ token: Permissions }, { token: i0.TemplateRef }, { token: i0.ViewContainerRef }], target: i0.ɵɵFactoryTarget.Directive });
-BbPermission.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "12.0.0", version: "13.2.5", type: BbPermission, selector: "[bbPermission]", inputs: { bbPermission: "bbPermission", bbPermissionElse: "bbPermissionElse" }, ngImport: i0 });
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: BbPermission, decorators: [{
-            type: Directive,
-            args: [{
-                    selector: '[bbPermission]'
-                }]
-        }], ctorParameters: function () { return [{ type: Permissions }, { type: i0.TemplateRef }, { type: i0.ViewContainerRef }]; }, propDecorators: { bbPermission: [{
-                type: Input
-            }], bbPermissionElse: [{
-                type: Input
+class BbPermission {
+    constructor(_permissions, _templateRef, _viewContainerRef) {
+        this._permissions = _permissions;
+        this._templateRef = _templateRef;
+        this._viewContainerRef = _viewContainerRef;
+        // Data.
+        this._permission$ = new BehaviorSubject([]);
+        this._valid = false;
+        this._elseTemplateRef = null;
+        this._thenViewRef = null;
+        this._elseViewRef = null;
+        this.getAllowedPermissions = (value) => {
+            return Array.isArray(value) ? value : [value];
+        };
+        this.assertTemplate = (property, templateRef) => {
+            const isTemplateRefOrNull = !!(!templateRef || templateRef.createEmbeddedView);
+            if (!isTemplateRefOrNull) {
+                throw new Error(`${property} must be a TemplateRef.`);
+            }
+        };
+    }
+    set bbPermission(value) {
+        const permissions = this.getAllowedPermissions(value);
+        this._permission$.next(permissions);
+        this.updateView();
+    }
+    set bbPermissionElse(templateRef) {
+        this.assertTemplate('bbPermissionElse', templateRef);
+        this._elseTemplateRef = templateRef;
+        this.updateView();
+    }
+    ngOnInit() {
+        const check$ = this._permission$.pipe(switchMap(permissions => this._permissions.has(permissions)));
+        this._subscription = check$.subscribe(valid => {
+            this._valid = valid;
+            this.updateView();
+        });
+    }
+    ngOnDestroy() {
+        this._subscription?.unsubscribe();
+    }
+    updateView() {
+        if (this._valid) {
+            if (!this._thenViewRef) {
+                this._viewContainerRef.clear();
+                this._elseViewRef = null;
+                if (this._templateRef) {
+                    this._thenViewRef = this._viewContainerRef.createEmbeddedView(this._templateRef);
+                }
+            }
+        }
+        else {
+            if (!this._elseViewRef) {
+                this._viewContainerRef.clear();
+                this._thenViewRef = null;
+                if (this._elseTemplateRef) {
+                    this._elseViewRef = this._viewContainerRef.createEmbeddedView(this._elseTemplateRef);
+                }
+            }
+        }
+    }
+}
+BbPermission.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: BbPermission, deps: [{ token: Permissions }, { token: i0.TemplateRef }, { token: i0.ViewContainerRef }], target: i0.ɵɵFactoryTarget.Directive });
+BbPermission.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "12.0.0", version: "13.3.6", type: BbPermission, selector: "[bbPermission]", inputs: { bbPermission: "bbPermission", bbPermissionElse: "bbPermissionElse" }, ngImport: i0 });
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: BbPermission, decorators: [{
+            type: Directive,
+            args: [{
+                    selector: '[bbPermission]'
+                }]
+        }], ctorParameters: function () { return [{ type: Permissions }, { type: i0.TemplateRef }, { type: i0.ViewContainerRef }]; }, propDecorators: { bbPermission: [{
+                type: Input
+            }], bbPermissionElse: [{
+                type: Input
             }] } });
 
-class BbAnonymousGuard {
-    constructor(_auth) {
-        this._auth = _auth;
-    }
-    async canActivate(_, state) {
-        // Check if the user is authenticated.
-        const isAuthenticated$ = await this._auth.user.pipe(map(user => !!user));
-        // If the user is not authenticated it can
-        // access the anonymous page.
-        const isAuthenticated = await firstValueFrom(isAuthenticated$, { defaultValue: null });
-        if (!isAuthenticated) {
-            return true;
-        }
-        // Return the user back to the authenticated page.
-        return this._auth.guard('authenticated', state.url);
-    }
-    canActivateChild(childRoute, state) {
-        return this.canActivate(childRoute, state);
-    }
-}
-BbAnonymousGuard.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: BbAnonymousGuard, deps: [{ token: Auth }], target: i0.ɵɵFactoryTarget.Injectable });
-BbAnonymousGuard.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: BbAnonymousGuard, providedIn: 'root' });
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: BbAnonymousGuard, decorators: [{
-            type: Injectable,
-            args: [{
-                    providedIn: 'root'
-                }]
+class BbAnonymousGuard {
+    constructor(_auth) {
+        this._auth = _auth;
+    }
+    async canActivate(_, state) {
+        // Check if the user is authenticated.
+        const isAuthenticated$ = await this._auth.user.pipe(map(user => !!user));
+        // If the user is not authenticated it can
+        // access the anonymous page.
+        const isAuthenticated = await firstValueFrom(isAuthenticated$, { defaultValue: null });
+        if (!isAuthenticated) {
+            return true;
+        }
+        // Return the user back to the authenticated page.
+        return this._auth.guard('authenticated', state.url);
+    }
+    canActivateChild(childRoute, state) {
+        return this.canActivate(childRoute, state);
+    }
+}
+BbAnonymousGuard.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: BbAnonymousGuard, deps: [{ token: Auth }], target: i0.ɵɵFactoryTarget.Injectable });
+BbAnonymousGuard.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: BbAnonymousGuard, providedIn: 'root' });
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: BbAnonymousGuard, decorators: [{
+            type: Injectable,
+            args: [{
+                    providedIn: 'root'
+                }]
         }], ctorParameters: function () { return [{ type: Auth }]; } });
 
-class BbAuthenticatedGuard {
-    constructor(_auth) {
-        this._auth = _auth;
-    }
-    async canActivate(_, state) {
-        // Check if the user is authenticated.
-        const isAuthenticated$ = await this._auth.user.pipe(map(user => !!user));
-        // If the user is authenticated it can
-        // access the authenticated page.
-        const isAuthenticated = await firstValueFrom(isAuthenticated$, { defaultValue: null });
-        if (isAuthenticated) {
-            return true;
-        }
-        // The user is not authorized to see that
-        // page so un-authorize him.
-        return this._auth.guard('unauthenticated', state.url);
-    }
-    canActivateChild(childRoute, state) {
-        return this.canActivate(childRoute, state);
-    }
-}
-BbAuthenticatedGuard.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: BbAuthenticatedGuard, deps: [{ token: Auth }], target: i0.ɵɵFactoryTarget.Injectable });
-BbAuthenticatedGuard.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: BbAuthenticatedGuard, providedIn: 'root' });
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: BbAuthenticatedGuard, decorators: [{
-            type: Injectable,
-            args: [{
-                    providedIn: 'root'
-                }]
+class BbAuthenticatedGuard {
+    constructor(_auth) {
+        this._auth = _auth;
+    }
+    async canActivate(_, state) {
+        // Check if the user is authenticated.
+        const isAuthenticated$ = await this._auth.user.pipe(map(user => !!user));
+        // If the user is authenticated it can
+        // access the authenticated page.
+        const isAuthenticated = await firstValueFrom(isAuthenticated$, { defaultValue: null });
+        if (isAuthenticated) {
+            return true;
+        }
+        // The user is not authorized to see that
+        // page so un-authorize him.
+        return this._auth.guard('unauthenticated', state.url);
+    }
+    canActivateChild(childRoute, state) {
+        return this.canActivate(childRoute, state);
+    }
+}
+BbAuthenticatedGuard.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: BbAuthenticatedGuard, deps: [{ token: Auth }], target: i0.ɵɵFactoryTarget.Injectable });
+BbAuthenticatedGuard.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: BbAuthenticatedGuard, providedIn: 'root' });
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: BbAuthenticatedGuard, decorators: [{
+            type: Injectable,
+            args: [{
+                    providedIn: 'root'
+                }]
         }], ctorParameters: function () { return [{ type: Auth }]; } });
 
-class AuthInterceptor {
-    constructor(_auth, _config) {
-        this._auth = _auth;
-        this._config = _config;
-        // Readonly data.
-        this._authHeaderString = 'Authorization';
-        // Data.
-        this.isRefreshing = false;
-        this.refreshingAccessToken$ = new BehaviorSubject(null);
-        this.getAccessToken = (request) => {
-            // Get the token based on header.
-            if (request.headers.has('Authorization')) {
-                return request.headers.get('Authorization');
-            }
-            // Return the default access token.
-            return this._auth.session.accessToken;
-        };
-        this.addAuthorizationHeader = (request, accessToken = null) => {
-            // Remove auth header when we do not have
-            // an access token.
-            if (!accessToken) {
-                return request.clone({
-                    headers: request.headers.delete(this._authHeaderString)
-                });
-            }
-            // Add the auth header to the request.
-            return request.clone({
-                setHeaders: { [this._authHeaderString]: this.getFullAuthorizationHeader(accessToken) }
-            });
-        };
-        this.getFullAuthorizationHeader = (token) => {
-            const authScheme = this._config?.scheme ?? 'Bearer';
-            return [authScheme, token].join(' ');
-        };
-    }
-    intercept(request, next) {
-        // 1. Check if the user wants to use the authorization for this request.
-        if (!request.context.get(USE_AUTHORIZATION)) {
-            return next.handle(request);
-        }
-        // 2. Compose the new request.
-        const accessToken = this.getAccessToken(request);
-        const newRequest = this.addAuthorizationHeader(request, accessToken);
-        // 3. Handle all errors.
-        return next.handle(newRequest).pipe(catchError(error => {
-            // Handle the HTTP401 error.
-            if ((error instanceof HttpErrorResponse || error instanceof HttpError) && error?.status === 401) {
-                return this.handle401Error(request, next);
-            }
-            // Just re-throw the parsed error.
-            return throwError(error);
-        }));
-    }
-    handle401Error(request, next) {
-        // If already refreshing wait for the refresh token to complete.
-        if (this.isRefreshing) {
-            return this.refreshingAccessToken$.pipe(filter(accessToken => accessToken !== null), take(1), switchMap(accessToken => next.handle(this.addAuthorizationHeader(request, accessToken))));
-        }
-        // Set the refreshing to true.
-        this.isRefreshing = true;
-        this.refreshingAccessToken$.next(null);
-        return this._auth.refresh().pipe(switchMap(newAccessToken => {
-            if (!newAccessToken) {
-                const error = new Error('No refresh token was available.');
-                return throwError(error);
-            }
-            this.refreshingAccessToken$.next(newAccessToken);
-            return next.handle(this.addAuthorizationHeader(request, newAccessToken));
-        }), catchError(() => this.logoutUser()), finalize(() => this.isRefreshing = false));
-    }
-    logoutUser() {
-        // Handle the refresh error.
-        this._auth.clearAndRedirect();
-        // Return null as data.
-        return of(null);
-    }
-}
-AuthInterceptor.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: AuthInterceptor, deps: [{ token: Auth }, { token: AuthConfig, optional: true }], target: i0.ɵɵFactoryTarget.Injectable });
-AuthInterceptor.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: AuthInterceptor });
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: AuthInterceptor, decorators: [{
-            type: Injectable
-        }], ctorParameters: function () { return [{ type: Auth }, { type: AuthConfig, decorators: [{
-                    type: Optional
+class AuthInterceptor {
+    constructor(_auth, _config) {
+        this._auth = _auth;
+        this._config = _config;
+        // Readonly data.
+        this._authHeaderString = 'Authorization';
+        // Data.
+        this.isRefreshing = false;
+        this.refreshingAccessToken$ = new BehaviorSubject(null);
+        this.getAccessToken = (request) => {
+            // Get the token based on header.
+            if (request.headers.has('Authorization')) {
+                return request.headers.get('Authorization');
+            }
+            // Return the default access token.
+            return this._auth.session.accessToken;
+        };
+        this.addAuthorizationHeader = (request, accessToken = null) => {
+            // Remove auth header when we do not have
+            // an access token.
+            if (!accessToken) {
+                return request.clone({
+                    headers: request.headers.delete(this._authHeaderString)
+                });
+            }
+            // Add the auth header to the request.
+            return request.clone({
+                setHeaders: { [this._authHeaderString]: this.getFullAuthorizationHeader(accessToken) }
+            });
+        };
+        this.getFullAuthorizationHeader = (token) => {
+            const authScheme = this._config?.scheme ?? 'Bearer';
+            return [authScheme, token].join(' ');
+        };
+    }
+    intercept(request, next) {
+        // 1. Check if the user wants to use the authorization for this request.
+        if (!request.context.get(USE_AUTHORIZATION)) {
+            return next.handle(request);
+        }
+        // 2. Compose the new request.
+        const accessToken = this.getAccessToken(request);
+        const newRequest = this.addAuthorizationHeader(request, accessToken);
+        // 3. Handle all errors.
+        return next.handle(newRequest).pipe(catchError(error => {
+            // Handle the HTTP401 error.
+            if ((error instanceof HttpErrorResponse || error instanceof HttpError) && error?.status === 401) {
+                return this.handle401Error(request, next);
+            }
+            // Just re-throw the parsed error.
+            return throwError(() => error);
+        }));
+    }
+    handle401Error(request, next) {
+        // If already refreshing wait for the refresh token to complete.
+        if (this.isRefreshing) {
+            return this.refreshingAccessToken$.pipe(filter(accessToken => accessToken !== null), take(1), switchMap(accessToken => next.handle(this.addAuthorizationHeader(request, accessToken))));
+        }
+        // Set the refreshing to true.
+        this.isRefreshing = true;
+        this.refreshingAccessToken$.next(null);
+        return this._auth.refresh().pipe(switchMap(newAccessToken => {
+            if (!newAccessToken) {
+                return throwError(() => new Error('No refresh token was available.'));
+            }
+            this.refreshingAccessToken$.next(newAccessToken);
+            return next.handle(this.addAuthorizationHeader(request, newAccessToken));
+        }), catchError(() => this.logoutUser()), finalize(() => this.isRefreshing = false));
+    }
+    logoutUser() {
+        // Handle the refresh error.
+        this._auth.clearAndRedirect();
+        // Return null as data.
+        return of(null);
+    }
+}
+AuthInterceptor.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: AuthInterceptor, deps: [{ token: Auth }, { token: AuthConfig, optional: true }], target: i0.ɵɵFactoryTarget.Injectable });
+AuthInterceptor.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: AuthInterceptor });
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: AuthInterceptor, decorators: [{
+            type: Injectable
+        }], ctorParameters: function () { return [{ type: Auth }, { type: AuthConfig, decorators: [{
+                    type: Optional
                 }] }]; } });
 
-const DECLARATIONS_EXPORTS = [
-    BbAuthenticated,
-    BbRole,
-    BbPermission
-];
-class AuthModule {
-    static forRoot(config) {
-        return {
-            ngModule: AuthModule,
-            providers: [
-                Auth,
-                Permissions,
-                { provide: AuthConfig, useValue: config },
-                { provide: HTTP_INTERCEPTORS, useClass: AuthInterceptor, multi: true },
-                { useFactory: initializeAuth, provide: APP_INITIALIZER, deps: [Auth], multi: true }
-            ]
-        };
-    }
-}
-AuthModule.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: AuthModule, deps: [], target: i0.ɵɵFactoryTarget.NgModule });
-AuthModule.ɵmod = i0.ɵɵngDeclareNgModule({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: AuthModule, declarations: [BbAuthenticated,
-        BbRole,
-        BbPermission], imports: [HttpClientModule], exports: [BbAuthenticated,
-        BbRole,
-        BbPermission] });
-AuthModule.ɵinj = i0.ɵɵngDeclareInjector({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: AuthModule, providers: [
-        { provide: AuthMapper, useClass: AuthMapper }
-    ], imports: [[HttpClientModule]] });
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.2.5", ngImport: i0, type: AuthModule, decorators: [{
-            type: NgModule,
-            args: [{
-                    imports: [HttpClientModule],
-                    declarations: [...DECLARATIONS_EXPORTS],
-                    exports: [...DECLARATIONS_EXPORTS],
-                    providers: [
-                        { provide: AuthMapper, useClass: AuthMapper }
-                    ]
-                }]
-        }] });
-function initializeAuth(auth) {
-    return auth.initialize();
+const DECLARATIONS_EXPORTS = [
+    BbAuthenticated,
+    BbRole,
+    BbPermission
+];
+class AuthModule {
+    static forRoot(config) {
+        return {
+            ngModule: AuthModule,
+            providers: [
+                Auth,
+                Permissions,
+                { provide: AuthConfig, useValue: config },
+                { provide: HTTP_INTERCEPTORS, useClass: AuthInterceptor, multi: true },
+                { useFactory: initializeAuth, provide: APP_INITIALIZER, deps: [Auth], multi: true }
+            ]
+        };
+    }
+}
+AuthModule.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: AuthModule, deps: [], target: i0.ɵɵFactoryTarget.NgModule });
+AuthModule.ɵmod = i0.ɵɵngDeclareNgModule({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: AuthModule, declarations: [BbAuthenticated,
+        BbRole,
+        BbPermission], imports: [HttpClientModule], exports: [BbAuthenticated,
+        BbRole,
+        BbPermission] });
+AuthModule.ɵinj = i0.ɵɵngDeclareInjector({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: AuthModule, providers: [
+        { provide: AuthMapper, useClass: AuthMapper }
+    ], imports: [[HttpClientModule]] });
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "13.3.6", ngImport: i0, type: AuthModule, decorators: [{
+            type: NgModule,
+            args: [{
+                    imports: [HttpClientModule],
+                    declarations: [...DECLARATIONS_EXPORTS],
+                    exports: [...DECLARATIONS_EXPORTS],
+                    providers: [
+                        { provide: AuthMapper, useClass: AuthMapper }
+                    ]
+                }]
+        }] });
+function initializeAuth(auth) {
+    return auth.initialize();
 }
 
-/**
- * Generated bundle index. Do not edit.
+/**
+ * Generated bundle index. Do not edit.
  */
 
 export { Auth, AuthConfig, AuthEmailProvider, AuthMapper, AuthModule, AuthSession, AuthVerifyProvider, BbAnonymousGuard, BbAuthenticated, BbAuthenticatedGuard, BbPermission, BbRole, JwtHelper, Permissions, USE_AUTHORIZATION, initializeAuth };