@bravobit/bb-foundation 0.26.3 → 0.28.0

package/fesm2015/bravobit-bb-foundation-auth.mjs

@@ -1,851 +0,0 @@
-import * as i0 from '@angular/core';
-import { InjectionToken, Injectable, Optional, Inject, Directive, Input, APP_INITIALIZER, NgModule } from '@angular/core';
-import * as i3 from '@angular/common/http';
-import { HttpContextToken, HttpContext, HttpErrorResponse, HTTP_INTERCEPTORS, HttpClientModule } from '@angular/common/http';
-import { shareReplay, tap, map, distinctUntilChanged, catchError, filter, take, switchMap, finalize } from 'rxjs/operators';
-import { firstValueFrom, BehaviorSubject, of, Subscription, first, throwError } from 'rxjs';
-import { __awaiter, __rest } from 'tslib';
-import * as i5 from '@angular/platform-browser';
-import { makeStateKey } from '@angular/platform-browser';
-import * as i2$1 from '@angular/router';
-import { Router } from '@angular/router';
-import * as i1 from '@bravobit/bb-foundation/storage';
-import * as i2 from '@angular/cdk/platform';
-import * as i6 from '@bravobit/bb-foundation/http';
-import { HttpError } from '@bravobit/bb-foundation/http';
-
-class AuthConfig {
-}
-const AUTH_REDIRECT_HANDLER = new InjectionToken('auth redirect handler');
-
-const USE_AUTHORIZATION = new HttpContextToken(() => true);
-
-class JwtHelper {
-    constructor() {
-        this.baseDecodeUnicode = (value) => {
-            return decodeURIComponent(atob(value).replace(/(.)/g, (_, p) => {
-                let code = p.charCodeAt(0).toString(16).toUpperCase();
-                if (code.length < 2) {
-                    code = '0' + code;
-                }
-                return '%' + code;
-            }));
-        };
-        this.parse = (data) => {
-            var _a, _b, _c, _d, _e, _f;
-            return {
-                id: (_a = data['iss']) !== null && _a !== void 0 ? _a : null,
-                type: (_b = data['typ']) !== null && _b !== void 0 ? _b : null,
-                audience: (_c = data['aud']) !== null && _c !== void 0 ? _c : null,
-                issuer: (_d = data['iss']) !== null && _d !== void 0 ? _d : null,
-                subject: (_e = data['sub']) !== null && _e !== void 0 ? _e : null,
-                role: (_f = data['role']) !== null && _f !== void 0 ? _f : null,
-                notValidBefore: this.parseDate(data['nbf']),
-                expiresAt: this.parseDate(data['exp']),
-                issuedAt: this.parseDate(data['iat'])
-            };
-        };
-        this.parseDate = (epochInSeconds) => {
-            if (!epochInSeconds || epochInSeconds <= 0) {
-                return null;
-            }
-            return new Date(epochInSeconds * 1000);
-        };
-    }
-    decode(token) {
-        try {
-            if (token === null || token === undefined) {
-                return null;
-            }
-            const json = JSON.parse(this.urlDecode(token.split('.')[1]));
-            return this.parse(json);
-        }
-        catch (_a) {
-            return null;
-        }
-    }
-    urlDecode(token) {
-        const value = token || '';
-        let output = value
-            .replace(/-/g, '+')
-            .replace(/_/g, '/');
-        switch (output.length % 4) {
-            case 0:
-                break;
-            case 2:
-                output += '==';
-                break;
-            case 3:
-                output += '=';
-                break;
-            default:
-                throw 'Illegal base64url string!';
-        }
-        try {
-            return this.baseDecodeUnicode(output);
-        }
-        catch (_a) {
-            return atob(output);
-        }
-    }
-}
-
-class AbstractAuthDirective {
-    constructor(templateRef, viewContainerRef) {
-        this.templateRef = templateRef;
-        this.viewContainerRef = viewContainerRef;
-        // Data.
-        this.valid = false;
-        // Templates.
-        this.elseTemplateRef = null;
-        // View refs.
-        this.thenViewRef = null;
-        this.elseViewRef = null;
-    }
-    updateView() {
-        if (this.valid) {
-            if (!this.thenViewRef) {
-                this.viewContainerRef.clear();
-                this.elseViewRef = null;
-                if (this.templateRef) {
-                    this.thenViewRef = this.viewContainerRef.createEmbeddedView(this.templateRef);
-                }
-            }
-        }
-        else {
-            if (!this.elseViewRef) {
-                this.viewContainerRef.clear();
-                this.thenViewRef = null;
-                if (this.elseTemplateRef) {
-                    this.elseViewRef = this.viewContainerRef.createEmbeddedView(this.elseTemplateRef);
-                }
-            }
-        }
-    }
-    assertTemplate(property, templateRef) {
-        const isTemplateRefOrNull = !!(!templateRef || templateRef.createEmbeddedView);
-        if (!isTemplateRefOrNull) {
-            throw new Error(`${property} must be a TemplateRef.`);
-        }
-    }
-}
-
-class AuthVerifyProvider {
-    constructor(_code, _verifyToken, _endpoint) {
-        this._code = _code;
-        this._verifyToken = _verifyToken;
-        this._endpoint = _endpoint;
-    }
-    authenticate(httpClient) {
-        return __awaiter(this, void 0, void 0, function* () {
-            // Execute API call.
-            const data$ = httpClient.post(this._endpoint, {
-                token: this._code,
-                verify_token: this._verifyToken
-            });
-            const data = yield firstValueFrom(data$);
-            return {
-                accessToken: data === null || data === void 0 ? void 0 : data.token,
-                refreshToken: data === null || data === void 0 ? void 0 : data.refresh_token,
-                user: data === null || data === void 0 ? void 0 : data.user
-            };
-        });
-    }
-}
-
-class AuthEmailProvider {
-    constructor(_email, _password, _endpoint) {
-        this._email = _email;
-        this._password = _password;
-        this._endpoint = _endpoint;
-    }
-    authenticate(httpClient) {
-        return __awaiter(this, void 0, void 0, function* () {
-            // Execute API call.
-            const data$ = httpClient.post(this._endpoint, {
-                email: this._email,
-                password: this._password
-            });
-            const data = yield firstValueFrom(data$);
-            return {
-                accessToken: data === null || data === void 0 ? void 0 : data.token,
-                refreshToken: data === null || data === void 0 ? void 0 : data.refresh_token,
-                user: data === null || data === void 0 ? void 0 : data.user,
-                provider: data === null || data === void 0 ? void 0 : data.provider,
-                verifyToken: data === null || data === void 0 ? void 0 : data.verify_token
-            };
-        });
-    }
-}
-
-class AuthSession {
-    constructor(options) {
-        var _a, _b;
-        // Readonly data.
-        this._jwt = new JwtHelper();
-        // Token strings.
-        this._accessTokenString = null;
-        this._refreshTokenString = null;
-        // Token payloads.
-        this._accessTokenPayload = null;
-        this._refreshTokenPayload = null;
-        // Private user data.
-        this._user$ = new BehaviorSubject(null);
-        // Public user data.
-        this.user = this._user$.pipe(shareReplay({ refCount: true, bufferSize: 1 }));
-        this.generateKey = (applicationId, key) => {
-            return [applicationId, key].join('_');
-        };
-        this.isTokenValid = (token) => {
-            var _a;
-            if (!token) {
-                return false;
-            }
-            return ((_a = token === null || token === void 0 ? void 0 : token.expiresAt) === null || _a === void 0 ? void 0 : _a.getTime()) > Date.now();
-        };
-        const applicationId = (_a = options === null || options === void 0 ? void 0 : options.id) !== null && _a !== void 0 ? _a : 'ng';
-        // Setting up the readonly storage keys.
-        this._accessTokenStorageKey = this.generateKey(applicationId, 'au_act');
-        this._refreshTokenStorageKey = this.generateKey(applicationId, 'au_rft');
-        this._userStorageKey = this.generateKey(applicationId, 'au_usr');
-        // Setting up the storage.
-        this._storage = (_b = options === null || options === void 0 ? void 0 : options.storage) !== null && _b !== void 0 ? _b : null;
-        // Init methods.
-        this.restoreFromStorage();
-    }
-    get snapshot() {
-        return {
-            user: this._user$.getValue(),
-            accessToken: this.accessToken,
-            refreshToken: this.refreshToken
-        };
-    }
-    get accessToken() {
-        return this.isTokenValid(this._accessTokenPayload)
-            ? this._accessTokenString
-            : null;
-    }
-    get refreshToken() {
-        return this.isTokenValid(this.refreshTokenPayload)
-            ? this._refreshTokenString
-            : null;
-    }
-    get accessTokenPayload() {
-        var _a;
-        return (_a = this._accessTokenPayload) !== null && _a !== void 0 ? _a : null;
-    }
-    get refreshTokenPayload() {
-        var _a;
-        return (_a = this._refreshTokenPayload) !== null && _a !== void 0 ? _a : null;
-    }
-    authenticated() {
-        return this.isTokenValid(this._accessTokenPayload) || this.isTokenValid(this._refreshTokenPayload);
-    }
-    setTokens(accessToken, refreshToken) {
-        this.setAccessToken(accessToken);
-        this.setRefreshToken(refreshToken);
-        this.syncTokensInStorage();
-    }
-    setUser(user) {
-        this._user$.next(user !== null && user !== void 0 ? user : null);
-        this.syncUserInStorage();
-    }
-    clear() {
-        this.setTokens(null, null);
-        this.setUser(null);
-    }
-    restoreFromStorage() {
-        if (!this._storage) {
-            return;
-        }
-        // Set the access token.
-        const accessToken = this._storage.get(this._accessTokenStorageKey);
-        this.setAccessToken(accessToken);
-        // Set the refresh token.
-        const refreshToken = this._storage.get(this._refreshTokenStorageKey);
-        this.setRefreshToken(refreshToken);
-        // Set the user if we have any correct token payloads.
-        if (this._accessTokenPayload || this._refreshTokenPayload) {
-            const user = this._storage.get(this._userStorageKey);
-            this._user$.next(user !== null && user !== void 0 ? user : null); // Note: just settings here instead of setUser() because of syncing to the storage.
-        }
-    }
-    syncTokensInStorage() {
-        var _a, _b;
-        if (!this._storage) {
-            return;
-        }
-        // Set the access token if completely valid.
-        if (!!this.accessToken) {
-            this._storage.set(this._accessTokenStorageKey, this._accessTokenString, {
-                expires: (_a = this._accessTokenPayload) === null || _a === void 0 ? void 0 : _a.expiresAt
-            });
-        }
-        else {
-            this._storage.remove(this._accessTokenStorageKey);
-        }
-        // Set the refresh token if completely valid.
-        if (!!this.refreshToken) {
-            this._storage.set(this._refreshTokenStorageKey, this._refreshTokenString, {
-                expires: (_b = this._refreshTokenPayload) === null || _b === void 0 ? void 0 : _b.expiresAt
-            });
-        }
-        else {
-            this._storage.remove(this._refreshTokenStorageKey);
-        }
-    }
-    syncUserInStorage() {
-        if (!this._storage) {
-            return;
-        }
-        const user = this._user$.getValue();
-        if (!user) {
-            return this._storage.remove(this._userStorageKey);
-        }
-        const date = new Date();
-        date.setFullYear(date.getFullYear() + 1);
-        this._storage.set(this._userStorageKey, user, {
-            expires: new Date(date.getTime())
-        });
-    }
-    setAccessToken(value) {
-        this._accessTokenString = value !== null && value !== void 0 ? value : null;
-        this._accessTokenPayload = this._jwt.decode(this._accessTokenString);
-    }
-    setRefreshToken(value) {
-        this._refreshTokenString = value !== null && value !== void 0 ? value : null;
-        this._refreshTokenPayload = this._jwt.decode(this._refreshTokenString);
-    }
-}
-
-class Auth {
-    constructor(_storage, _injector, _platform, _httpClient, _config, _state, _httpConfig, _handler) {
-        var _a, _b, _c;
-        this._storage = _storage;
-        this._injector = _injector;
-        this._platform = _platform;
-        this._httpClient = _httpClient;
-        this._config = _config;
-        this._state = _state;
-        this._httpConfig = _httpConfig;
-        this._handler = _handler;
-        // Readonly data.
-        this._authStateKey = makeStateKey(`bbAuthStateKey`);
-        this._httpAlias = (_b = (_a = this._httpConfig) === null || _a === void 0 ? void 0 : _a.defaultAlias) !== null && _b !== void 0 ? _b : null;
-        this._refreshHandler = null;
-        // We select a storage strategy based on the server/browser.
-        // Only cookies CAN work on the server.
-        const storageStrategy = this._platform.isBrowser
-            ? this._storage.select(["cookie" /* StorageOption.Cookie */, "local" /* StorageOption.Local */])
-            : this._storage.cookie;
-        // Starting the new session.
-        this.session = new AuthSession({
-            id: (_c = this._config) === null || _c === void 0 ? void 0 : _c.applicationId,
-            storage: storageStrategy
-        });
-        this.user = this.session.user;
-    }
-    initialize() {
-        return () => __awaiter(this, void 0, void 0, function* () {
-            var _a, _b, _c, _d, _e, _f;
-            // Check if the app should bootstrap the authentication.
-            const shouldBootstrap = (_b = (_a = this._config) === null || _a === void 0 ? void 0 : _a.bootstrap) !== null && _b !== void 0 ? _b : true;
-            if (!shouldBootstrap) {
-                return this.handleAutoRefreshing();
-            }
-            // Only retrieve from the server when we are actually authenticated.
-            if (!this.session.authenticated()) {
-                return;
-            }
-            // Get the key from the server state.
-            if (this._state && ((_c = this._state) === null || _c === void 0 ? void 0 : _c.hasKey(this._authStateKey))) {
-                const user = (_e = (_d = this._state) === null || _d === void 0 ? void 0 : _d.get(this._authStateKey, null)) !== null && _e !== void 0 ? _e : null;
-                return this.session.setUser(user);
-            }
-            // Try to fetch the user from the server.
-            const user$ = this.me();
-            const user = yield firstValueFrom(user$, { defaultValue: null });
-            // Set the state if exists.
-            if (this._state) {
-                (_f = this._state) === null || _f === void 0 ? void 0 : _f.set(this._authStateKey, user !== null && user !== void 0 ? user : null);
-            }
-            // Save the user in the storage and handle auto refreshing.
-            this.session.setUser(user);
-            this.handleAutoRefreshing();
-        });
-    }
-    me() {
-        const url = this.getUrl('auth/me');
-        return this._httpClient.get(url);
-    }
-    signIn(provider, as) {
-        var _a, _b, _c, _d, _e;
-        return __awaiter(this, void 0, void 0, function* () {
-            const _f = yield provider.authenticate(this._httpClient), { accessToken, refreshToken, user } = _f, result = __rest(_f, ["accessToken", "refreshToken", "user"]);
-            // Check if the role matches.
-            const role = (_a = user === null || user === void 0 ? void 0 : user.role) !== null && _a !== void 0 ? _a : null;
-            if (as && !as.includes(role)) {
-                throw new Error('Invalid role.');
-            }
-            // Validate if the provider is one of the available
-            // providers then return the user object and the provider.
-            const apiProvider = (_b = result === null || result === void 0 ? void 0 : result.provider) !== null && _b !== void 0 ? _b : null;
-            const apiVerifyToken = (_c = result === null || result === void 0 ? void 0 : result.verifyToken) !== null && _c !== void 0 ? _c : null;
-            const availableProviders = (_e = (_d = this._config) === null || _d === void 0 ? void 0 : _d.providers) !== null && _e !== void 0 ? _e : ['email', 'sms', 'totp'];
-            if (availableProviders.includes(apiProvider)) {
-                return { user, provider: apiProvider, verifyToken: apiVerifyToken };
-            }
-            // Set the tokens in storage.
-            this.setTokens(accessToken, refreshToken);
-            // Set the user in storage.
-            this.session.setUser(user);
-            // Return the user.
-            return { user };
-        });
-    }
-    signInWithEmail(email, password, as) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const url = this.getUrl('auth/login');
-            return this.signIn(new AuthEmailProvider(email, password, url), as);
-        });
-    }
-    signInWithVerifyCode(code, verifyToken) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const url = this.getUrl('auth/verify');
-            return this.signIn(new AuthVerifyProvider(code, verifyToken, url));
-        });
-    }
-    resendVerifyCode(verifyToken) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const url = this.getUrl('auth/resend');
-            const result$ = this._httpClient.post(url, {
-                verify_token: verifyToken
-            });
-            return firstValueFrom(result$);
-        });
-    }
-    register(data, options) {
-        return __awaiter(this, void 0, void 0, function* () {
-            // Execute API call.
-            const url = this.getUrl('auth/register');
-            const result$ = this._httpClient.post(url, data, options);
-            const result = yield firstValueFrom(result$);
-            // Set the tokens in storage.
-            this.setTokens(result === null || result === void 0 ? void 0 : result.token, result === null || result === void 0 ? void 0 : result.refresh_token);
-            // Set the user in storage.
-            const user = result === null || result === void 0 ? void 0 : result.user;
-            this.session.setUser(user);
-            // Return the user.
-            return user;
-        });
-    }
-    logout() {
-        var _a, _b, _c;
-        // If we don't have a refresh token just clear the session.
-        // Note: We do this because else we try to invalidate
-        // an "undefined" refresh token.
-        const refreshToken = this.session.refreshToken;
-        if (!refreshToken) {
-            return this.session.clear();
-        }
-        // We do have a refresh token, so try to
-        // invalidate it in the backend.
-        try {
-            const url = this.getUrl('auth/logout');
-            const headerName = (_c = (_b = (_a = this._config) === null || _a === void 0 ? void 0 : _a.http) === null || _b === void 0 ? void 0 : _b.header) !== null && _c !== void 0 ? _c : 'Authorization';
-            const observable$ = this._httpClient.get(url, {
-                headers: { [headerName]: refreshToken }
-            });
-            firstValueFrom(observable$).then(_ => _).catch(_ => _);
-        }
-        catch (_d) {
-            // Do nothing because the tokens will be deleted anyways from the session.
-        }
-        // Delete the tokens from the session.
-        return this.session.clear();
-    }
-    refresh() {
-        var _a, _b, _c, _d, _e, _f;
-        // If the refresh token does
-        // not exist just return an observable of null.
-        const refreshToken = this.session.refreshToken;
-        if (!refreshToken) {
-            return of(null);
-        }
-        // Perform the refresh call.
-        const headerName = (_c = (_b = (_a = this._config) === null || _a === void 0 ? void 0 : _a.http) === null || _b === void 0 ? void 0 : _b.header) !== null && _c !== void 0 ? _c : 'Authorization';
-        const scheme = (_f = (_e = (_d = this._config) === null || _d === void 0 ? void 0 : _d.http) === null || _e === void 0 ? void 0 : _e.scheme) !== null && _f !== void 0 ? _f : 'Bearer';
-        const url = this.getUrl('auth/refresh');
-        const context = new HttpContext().set(USE_AUTHORIZATION, false);
-        return this._httpClient.get(url, {
-            headers: { [headerName]: `${scheme} ${refreshToken}` },
-            context: context
-        }).pipe(tap(({ token, refresh_token }) => this.setTokens(token, refresh_token)), map(({ token }) => token));
-    }
-    requestPassword(email, extraParams = {}) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const url = this.getUrl('auth/reset');
-            const observable$ = this._httpClient.post(url, Object.assign(Object.assign({}, extraParams), { email }));
-            return firstValueFrom(observable$);
-        });
-    }
-    resetPassword(token, newPassword, extraParams = {}) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const url = this.getUrl('auth/reset-password');
-            const observable$ = this._httpClient.post(url, Object.assign(Object.assign({}, extraParams), { token, password: newPassword }));
-            return firstValueFrom(observable$);
-        });
-    }
-    clearAndRedirect() {
-        var _a, _b;
-        // 1. Delete the tokens from the session.
-        this.session.clear();
-        if (this._handler) {
-            const urlTree = this._handler.onFailedAuthenticated();
-            if (!urlTree || urlTree === true) {
-                return;
-            }
-            this.router.navigateByUrl(urlTree).then(_ => _);
-            return;
-        }
-        // 2. Compose the route url.
-        const redirectUrl = (_b = (_a = this._config) === null || _a === void 0 ? void 0 : _a.redirects.unauthenticated) !== null && _b !== void 0 ? _b : null;
-        // 3. Route back if the user provided a redirect url.
-        if (this.router && redirectUrl) {
-            const commands = Array.isArray(redirectUrl) ? redirectUrl : [redirectUrl];
-            this.router.navigate(commands).then(_ => _);
-        }
-    }
-    setTokens(accessToken, refreshToken) {
-        // Set the tokens in our session.
-        this.session.setTokens(accessToken, refreshToken);
-        // We need to update the auto refresh of the refresh token.
-        this.handleAutoRefreshing();
-    }
-    handleAutoRefreshing() {
-        var _a, _b, _c, _d, _e;
-        const shouldAutoRefresh = (_b = (_a = this._config) === null || _a === void 0 ? void 0 : _a.autoRefresh) !== null && _b !== void 0 ? _b : false;
-        if (!shouldAutoRefresh) {
-            return;
-        }
-        const expiresAt = (_d = (_c = this.session.refreshTokenPayload) === null || _c === void 0 ? void 0 : _c.expiresAt) !== null && _d !== void 0 ? _d : null;
-        if (expiresAt === null || !this._platform.isBrowser) {
-            return;
-        }
-        const differenceInMilliseconds = expiresAt.getTime() - Date.now();
-        const offsetInMilliseconds = 10000; // 10 seconds.
-        // We want to start the refresh 10 seconds before it expires.
-        const actualTiming = differenceInMilliseconds - offsetInMilliseconds;
-        if (actualTiming <= 0) {
-            return;
-        }
-        // We need to cap the timings because if
-        // we get large numbers it might cause unwanted results.
-        const maxTiming = 1000 * 60 * 60 * 24; // 24 hours.
-        const cappedTiming = Math.max(1, Math.min(actualTiming, maxTiming));
-        try {
-            if (this._refreshHandler !== null) {
-                clearTimeout === null || clearTimeout === void 0 ? void 0 : clearTimeout(this._refreshHandler);
-                this._refreshHandler = null;
-            }
-            this._refreshHandler = (_e = window === null || window === void 0 ? void 0 : window.setTimeout) === null || _e === void 0 ? void 0 : _e.call(window, () => this.autoRefresh(), cappedTiming);
-        }
-        catch (_f) {
-            // Just ignore it.
-        }
-    }
-    autoRefresh() {
-        return __awaiter(this, void 0, void 0, function* () {
-            try {
-                // We just need to wait for it to refresh.
-                const refresh$ = this.refresh();
-                yield firstValueFrom(refresh$);
-            }
-            catch (_a) {
-                // Something went wrong refreshing, we need to clear.
-                this.clearAndRedirect();
-            }
-        });
-    }
-    get router() {
-        return this._injector.get(Router);
-    }
-    getUrl(endpoint) {
-        return [this._httpAlias, endpoint]
-            .filter(item => !!item)
-            .join('/');
-    }
-}
-Auth.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: Auth, deps: [{ token: i1.Storage }, { token: i0.Injector }, { token: i2.Platform }, { token: i3.HttpClient }, { token: AuthConfig, optional: true }, { token: i5.TransferState, optional: true }, { token: i6.HttpConfig, optional: true }, { token: AUTH_REDIRECT_HANDLER, optional: true }], target: i0.ɵɵFactoryTarget.Injectable });
-Auth.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: Auth });
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: Auth, decorators: [{
-            type: Injectable
-        }], ctorParameters: function () {
-        return [{ type: i1.Storage }, { type: i0.Injector }, { type: i2.Platform }, { type: i3.HttpClient }, { type: AuthConfig, decorators: [{
-                        type: Optional
-                    }] }, { type: i5.TransferState, decorators: [{
-                        type: Optional
-                    }] }, { type: i6.HttpConfig, decorators: [{
-                        type: Optional
-                    }] }, { type: undefined, decorators: [{
-                        type: Optional
-                    }, {
-                        type: Inject,
-                        args: [AUTH_REDIRECT_HANDLER]
-                    }] }];
-    } });
-
-class BbAuthenticated extends AbstractAuthDirective {
-    set bbAuthenticatedElse(templateRef) {
-        this.assertTemplate('bbAuthenticatedElse', templateRef);
-        this.elseTemplateRef = templateRef;
-        this.updateView();
-    }
-    constructor(_auth, _templateRef, _viewContainerRef) {
-        super(_templateRef, _viewContainerRef);
-        this._auth = _auth;
-        this._templateRef = _templateRef;
-        this._viewContainerRef = _viewContainerRef;
-        // Subscriptions.
-        this._subscription = new Subscription();
-    }
-    ngOnInit() {
-        const subscription = this._auth.user.pipe(map(user => !!user), distinctUntilChanged()).subscribe(valid => {
-            this.valid = valid;
-            this.updateView();
-        });
-        this._subscription.add(subscription);
-    }
-    ngOnDestroy() {
-        var _a;
-        (_a = this._subscription) === null || _a === void 0 ? void 0 : _a.unsubscribe();
-    }
-}
-BbAuthenticated.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: BbAuthenticated, deps: [{ token: Auth }, { token: i0.TemplateRef }, { token: i0.ViewContainerRef }], target: i0.ɵɵFactoryTarget.Directive });
-BbAuthenticated.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "14.0.0", version: "15.2.8", type: BbAuthenticated, selector: "[bbAuthenticated]", inputs: { bbAuthenticatedElse: "bbAuthenticatedElse" }, usesInheritance: true, ngImport: i0 });
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: BbAuthenticated, decorators: [{
-            type: Directive,
-            args: [{
-                    selector: '[bbAuthenticated]'
-                }]
-        }], ctorParameters: function () { return [{ type: Auth }, { type: i0.TemplateRef }, { type: i0.ViewContainerRef }]; }, propDecorators: { bbAuthenticatedElse: [{
-                type: Input
-            }] } });
-
-class BbAnonymousGuard {
-    constructor(_auth, _router, _config, _handler) {
-        this._auth = _auth;
-        this._router = _router;
-        this._config = _config;
-        this._handler = _handler;
-    }
-    canActivate(snapshot, state) {
-        return this._auth.user.pipe(map(user => !!user), map(isAuthenticated => {
-            var _a, _b, _c;
-            if (!isAuthenticated) {
-                return true;
-            }
-            if (this._handler) {
-                return this._handler.onFailedAnonymous(snapshot, state);
-            }
-            // If we don't have a URL to go to we can just say
-            // the user is not allowed in this route by returning false.
-            const nextUrl = (_c = (_b = (_a = this._config) === null || _a === void 0 ? void 0 : _a.redirects) === null || _b === void 0 ? void 0 : _b.authenticated) !== null && _c !== void 0 ? _c : null;
-            if (!nextUrl) {
-                return false;
-            }
-            const commands = Array.isArray(nextUrl) ? nextUrl : [nextUrl];
-            return this._router.createUrlTree(commands);
-        }), first());
-    }
-    canActivateChild(childRoute, state) {
-        return this.canActivate(childRoute, state);
-    }
-}
-BbAnonymousGuard.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: BbAnonymousGuard, deps: [{ token: Auth }, { token: i2$1.Router }, { token: AuthConfig, optional: true }, { token: AUTH_REDIRECT_HANDLER, optional: true }], target: i0.ɵɵFactoryTarget.Injectable });
-BbAnonymousGuard.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: BbAnonymousGuard, providedIn: 'root' });
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: BbAnonymousGuard, decorators: [{
-            type: Injectable,
-            args: [{
-                    providedIn: 'root'
-                }]
-        }], ctorParameters: function () {
-        return [{ type: Auth }, { type: i2$1.Router }, { type: AuthConfig, decorators: [{
-                        type: Optional
-                    }] }, { type: undefined, decorators: [{
-                        type: Optional
-                    }, {
-                        type: Inject,
-                        args: [AUTH_REDIRECT_HANDLER]
-                    }] }];
-    } });
-
-class BbAuthenticatedGuard {
-    constructor(_auth, _router, _config, _handler) {
-        this._auth = _auth;
-        this._router = _router;
-        this._config = _config;
-        this._handler = _handler;
-    }
-    canActivate(snapshot, state) {
-        return this._auth.user.pipe(map(user => !!user), map(isAuthenticated => {
-            var _a, _b, _c, _d, _e, _f;
-            if (isAuthenticated) {
-                return true;
-            }
-            if (this._handler) {
-                return this._handler.onFailedAuthenticated(snapshot, state);
-            }
-            // If we don't have a URL to go to we can just say
-            // the user is not allowed in this route by returning false.
-            const nextUrl = (_c = (_b = (_a = this._config) === null || _a === void 0 ? void 0 : _a.redirects) === null || _b === void 0 ? void 0 : _b.unauthenticated) !== null && _c !== void 0 ? _c : null;
-            if (!nextUrl) {
-                return false;
-            }
-            const setRedirectOnFailedAuth = (_e = (_d = this._config) === null || _d === void 0 ? void 0 : _d.setRedirectOnFailedAuth) !== null && _e !== void 0 ? _e : true;
-            const redirectUrl = (_f = state === null || state === void 0 ? void 0 : state.url) !== null && _f !== void 0 ? _f : null;
-            const queryParams = setRedirectOnFailedAuth && redirectUrl ? { redirectUrl } : {};
-            const commands = Array.isArray(nextUrl) ? nextUrl : [nextUrl];
-            return this._router.createUrlTree(commands, { queryParams });
-        }), first());
-    }
-    canActivateChild(childRoute, state) {
-        return this.canActivate(childRoute, state);
-    }
-}
-BbAuthenticatedGuard.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: BbAuthenticatedGuard, deps: [{ token: Auth }, { token: i2$1.Router }, { token: AuthConfig, optional: true }, { token: AUTH_REDIRECT_HANDLER, optional: true }], target: i0.ɵɵFactoryTarget.Injectable });
-BbAuthenticatedGuard.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: BbAuthenticatedGuard, providedIn: 'root' });
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: BbAuthenticatedGuard, decorators: [{
-            type: Injectable,
-            args: [{
-                    providedIn: 'root'
-                }]
-        }], ctorParameters: function () {
-        return [{ type: Auth }, { type: i2$1.Router }, { type: AuthConfig, decorators: [{
-                        type: Optional
-                    }] }, { type: undefined, decorators: [{
-                        type: Optional
-                    }, {
-                        type: Inject,
-                        args: [AUTH_REDIRECT_HANDLER]
-                    }] }];
-    } });
-
-class AuthInterceptor {
-    constructor(_auth, _config) {
-        var _a, _b, _c, _d, _e, _f;
-        this._auth = _auth;
-        this._config = _config;
-        // Readonly data.
-        this._authHeaderString = (_c = (_b = (_a = this._config) === null || _a === void 0 ? void 0 : _a.http) === null || _b === void 0 ? void 0 : _b.header) !== null && _c !== void 0 ? _c : 'Authorization';
-        this._authScheme = (_f = (_e = (_d = this._config) === null || _d === void 0 ? void 0 : _d.http) === null || _e === void 0 ? void 0 : _e.scheme) !== null && _f !== void 0 ? _f : 'Bearer';
-        // Data.
-        this.isRefreshing = false;
-        this.refreshingAccessToken$ = new BehaviorSubject(null);
-        this.getAccessToken = (request) => {
-            // Get the token based on header.
-            if (request.headers.has(this._authHeaderString)) {
-                return request.headers.get(this._authHeaderString);
-            }
-            // Return the default access token.
-            return this._auth.session.accessToken;
-        };
-        this.addAuthorizationHeader = (request, accessToken = null) => {
-            // Remove auth header when we do not have
-            // an access token.
-            if (!accessToken) {
-                return request.clone({
-                    headers: request.headers.delete(this._authHeaderString)
-                });
-            }
-            // Add the auth header to the request.
-            return request.clone({
-                setHeaders: { [this._authHeaderString]: `${this._authScheme} ${accessToken}` }
-            });
-        };
-    }
-    intercept(request, next) {
-        // 1. Check if the user wants to use the authorization for this request.
-        if (!request.context.get(USE_AUTHORIZATION)) {
-            return next.handle(request);
-        }
-        // 2. Compose the new request.
-        const accessToken = this.getAccessToken(request);
-        const newRequest = this.addAuthorizationHeader(request, accessToken);
-        // 3. Handle all errors.
-        return next.handle(newRequest).pipe(catchError(error => {
-            // Handle the HTTP401 error.
-            if ((error instanceof HttpErrorResponse || error instanceof HttpError) && (error === null || error === void 0 ? void 0 : error.status) === 401) {
-                return this.handle401Error(request, next);
-            }
-            // Just re-throw the parsed error.
-            return throwError(() => error);
-        }));
-    }
-    handle401Error(request, next) {
-        // If already refreshing wait for the refresh token to complete.
-        if (this.isRefreshing) {
-            return this.refreshingAccessToken$.pipe(filter(accessToken => accessToken !== null), take(1), switchMap(accessToken => next.handle(this.addAuthorizationHeader(request, accessToken))));
-        }
-        // Set the refreshing to true.
-        this.isRefreshing = true;
-        this.refreshingAccessToken$.next(null);
-        return this._auth.refresh().pipe(switchMap(newAccessToken => {
-            if (!newAccessToken) {
-                return throwError(() => new Error('No refresh token was available.'));
-            }
-            this.refreshingAccessToken$.next(newAccessToken);
-            return next.handle(this.addAuthorizationHeader(request, newAccessToken));
-        }), catchError(() => this.logoutUser()), finalize(() => this.isRefreshing = false));
-    }
-    logoutUser() {
-        // Handle the refresh error.
-        this._auth.clearAndRedirect();
-        // Return null as data.
-        return of(null);
-    }
-}
-AuthInterceptor.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthInterceptor, deps: [{ token: Auth }, { token: AuthConfig, optional: true }], target: i0.ɵɵFactoryTarget.Injectable });
-AuthInterceptor.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthInterceptor });
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthInterceptor, decorators: [{
-            type: Injectable
-        }], ctorParameters: function () {
-        return [{ type: Auth }, { type: AuthConfig, decorators: [{
-                        type: Optional
-                    }] }];
-    } });
-
-class AuthModule {
-    static forRoot(config) {
-        return {
-            ngModule: AuthModule,
-            providers: [
-                Auth,
-                { provide: AuthConfig, useValue: config },
-                { provide: HTTP_INTERCEPTORS, useClass: AuthInterceptor, multi: true },
-                { useFactory: initializeAuth, provide: APP_INITIALIZER, deps: [Auth], multi: true }
-            ]
-        };
-    }
-}
-AuthModule.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthModule, deps: [], target: i0.ɵɵFactoryTarget.NgModule });
-AuthModule.ɵmod = i0.ɵɵngDeclareNgModule({ minVersion: "14.0.0", version: "15.2.8", ngImport: i0, type: AuthModule, declarations: [BbAuthenticated], imports: [HttpClientModule], exports: [BbAuthenticated] });
-AuthModule.ɵinj = i0.ɵɵngDeclareInjector({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthModule, imports: [HttpClientModule] });
-i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthModule, decorators: [{
-            type: NgModule,
-            args: [{
-                    imports: [HttpClientModule],
-                    declarations: [BbAuthenticated],
-                    exports: [BbAuthenticated]
-                }]
-        }] });
-function initializeAuth(auth) {
-    return auth.initialize();
-}
-
-/**
- * Generated bundle index. Do not edit.
- */
-
-export { AUTH_REDIRECT_HANDLER, Auth, AuthConfig, AuthEmailProvider, AuthModule, AuthSession, AuthVerifyProvider, BbAnonymousGuard, BbAuthenticated, BbAuthenticatedGuard, JwtHelper, USE_AUTHORIZATION, initializeAuth };
-//# sourceMappingURL=bravobit-bb-foundation-auth.mjs.map