@cosmotech/core 1.18.0-dev.2 → 1.18.1

package/dist/index.cjs.js

@@ -41311,13 +41311,13 @@ var PathUtils = {
 // Notes : local storage works on Chromium but not on Firefox if "Delete
 // cookies and site data when Firefox is closed" is selected (for more
 // details, see https://bugzilla.mozilla.org/show_bug.cgi?id=1453699)
-function writeToStorage$2(key, value) {
+function writeToStorage$1(key, value) {
   localStorage.setItem(key, value);
 }
-function readFromStorage$3(key) {
+function readFromStorage$2(key) {
   return localStorage.getItem(key);
 }
-function clearFromStorage$2(key) {
+function clearFromStorage$1(key) {
   localStorage.removeItem(key);
 }
 
@@ -41353,7 +41353,7 @@ function setProvider(providerName) {
       currentProvider.setAuthChangeCallbacks(onAuthChangeCallbacks);
     }
     // Store the provider used in local storage
-    writeToStorage$2('authProvider', providerName);
+    writeToStorage$1('authProvider', providerName);
   }
 }
 
@@ -41362,77 +41362,93 @@ function setProvider(providerName) {
 // this provider will be selected
 function initProviderIfNull() {
   if (currentProvider === undefined) {
-    var newProviderName = readFromStorage$3('authProvider');
+    var newProviderName = readFromStorage$2('authProvider');
     if (newProviderName !== undefined && newProviderName !== null) {
       setProvider(newProviderName);
     }
   }
 }
-function signIn$3() {
+function signIn$2() {
   return currentProvider.signIn();
 }
-function signOut$3() {
+function signOut$2() {
   initProviderIfNull();
   // Clear last auth provider used from local storage
-  clearFromStorage$2('authProvider');
+  clearFromStorage$1('authProvider');
   return currentProvider.signOut();
 }
 function onAuthStateChanged(newCallback) {
   onAuthChangeCallbacks.push(newCallback);
 }
-function isAsync$3() {
+function isAsync$2() {
   initProviderIfNull();
   if (currentProvider && currentProvider.isAsync) {
     return currentProvider.isAsync();
   }
   return false;
 }
-function acquireTokens$3(callback) {
+function acquireTokens$2(callback) {
   initProviderIfNull();
   if (currentProvider === undefined) {
     return undefined;
   }
   return currentProvider.acquireTokens(callback);
 }
-function acquireTokensByRequest$2(tokenReq) {
+function acquireTokensByRequest$1(tokenReq) {
   initProviderIfNull();
   if (currentProvider === undefined) {
     return undefined;
   }
   return currentProvider.acquireTokensByRequest(tokenReq);
 }
-function isUserSignedIn$3(callback) {
+function isUserSignedIn$2(callback) {
   initProviderIfNull();
   if (currentProvider === undefined) {
     return false;
   }
   return currentProvider.isUserSignedIn(callback);
 }
-function getUserEmail$3() {
+function refreshTokens$1() {
+  return _refreshTokens.apply(this, arguments);
+}
+function _refreshTokens() {
+  _refreshTokens = _asyncToGenerator(function* () {
+    if (currentProvider === undefined) {
+      return;
+    }
+    if (!currentProvider.refreshTokens) {
+      console.warn('Method refreshTokens is not implemented in the current authentication provider');
+      return;
+    }
+    return currentProvider.refreshTokens();
+  });
+  return _refreshTokens.apply(this, arguments);
+}
+function getUserEmail$2() {
   if (currentProvider === undefined) {
     return undefined;
   }
   return currentProvider.getUserEmail();
 }
-function getUserName$3() {
+function getUserName$2() {
   if (currentProvider === undefined) {
     return undefined;
   }
   return currentProvider.getUserName();
 }
-function getUserRoles$3() {
+function getUserRoles$2() {
   if (currentProvider === undefined) {
     return undefined;
   }
   return currentProvider.getUserRoles();
 }
-function getUserId$3() {
+function getUserId$2() {
   if (currentProvider === undefined) {
     return undefined;
   }
   return currentProvider.getUserId();
 }
-function getUserPicUrl$3() {
+function getUserPicUrl$2() {
   if (currentProvider === undefined) {
     return undefined;
   }
@@ -41441,28 +41457,29 @@ function getUserPicUrl$3() {
 var Auth = {
   addProvider,
   setProvider,
-  signIn: signIn$3,
-  signOut: signOut$3,
+  signIn: signIn$2,
+  signOut: signOut$2,
   onAuthStateChanged,
-  isUserSignedIn: isUserSignedIn$3,
-  getUserEmail: getUserEmail$3,
-  getUserName: getUserName$3,
-  getUserId: getUserId$3,
-  getUserRoles: getUserRoles$3,
-  getUserPicUrl: getUserPicUrl$3,
-  isAsync: isAsync$3,
-  acquireTokens: acquireTokens$3,
-  acquireTokensByRequest: acquireTokensByRequest$2
+  isUserSignedIn: isUserSignedIn$2,
+  refreshTokens: refreshTokens$1,
+  getUserEmail: getUserEmail$2,
+  getUserName: getUserName$2,
+  getUserId: getUserId$2,
+  getUserRoles: getUserRoles$2,
+  getUserPicUrl: getUserPicUrl$2,
+  isAsync: isAsync$2,
+  acquireTokens: acquireTokens$2,
+  acquireTokensByRequest: acquireTokensByRequest$1
 };
 
 // Copyright (c) Cosmo Tech.
 // Licensed under the MIT license.
 
-function readFromStorage$2(key) {
+function readFromStorage$1(key) {
   return localStorage.getItem(key);
 }
-var name$4 = 'auth-dev';
-var authData$2 = null;
+var name$3 = 'auth-dev';
+var authData$1 = null;
 var DEFAULT_AUTH_DATA = {
   authenticated: true,
   accountId: 'xxxxxxxx-xxxx-dave-xxxx-xxxxxxxxxxxx',
@@ -41473,75 +41490,75 @@ var DEFAULT_AUTH_DATA = {
 };
 
 // Optional configuration method to overwrite default values such as accountId, userEmail, userId, userName and roles
-function setConfig$2(authDataPatch) {
-  authData$2 = _objectSpread2(_objectSpread2({}, DEFAULT_AUTH_DATA), authDataPatch);
+function setConfig$1(authDataPatch) {
+  authData$1 = _objectSpread2(_objectSpread2({}, DEFAULT_AUTH_DATA), authDataPatch);
 }
 function setDefaultUser() {
-  if (authData$2 != null) return;
-  authData$2 = DEFAULT_AUTH_DATA;
+  if (authData$1 != null) return;
+  authData$1 = DEFAULT_AUTH_DATA;
 }
-function signIn$2() {
+function signIn$1() {
   setDefaultUser();
   window.location.href = '/';
 }
-function signOut$2() {
-  authData$2 = null;
+function signOut$1() {
+  authData$1 = null;
   window.location.href = '/';
 }
-function isAsync$2() {
+function isAsync$1() {
   return false;
 }
-function isUserSignedIn$2() {
+function isUserSignedIn$1() {
   setDefaultUser();
   return true;
 }
-function getUserEmail$2() {
+function getUserEmail$1() {
   var _authData;
-  return (_authData = authData$2) === null || _authData === void 0 ? void 0 : _authData.userEmail;
+  return (_authData = authData$1) === null || _authData === void 0 ? void 0 : _authData.userEmail;
 }
-function getUserName$2() {
+function getUserName$1() {
   var _authData2;
-  return (_authData2 = authData$2) === null || _authData2 === void 0 ? void 0 : _authData2.userName;
+  return (_authData2 = authData$1) === null || _authData2 === void 0 ? void 0 : _authData2.userName;
 }
-function acquireTokens$2() {
-  var accessToken = readFromStorage$2('authAccessToken');
+function acquireTokens$1() {
+  var accessToken = readFromStorage$1('authAccessToken');
   return accessToken ? {
     accessToken
   } : undefined;
 }
-function acquireTokensByRequest$1(tokenReq) {
-  var accessToken = readFromStorage$2('authAccessToken');
+function acquireTokensByRequest(tokenReq) {
+  var accessToken = readFromStorage$1('authAccessToken');
   return accessToken ? {
     accessToken
   } : undefined;
 }
-function getUserId$2() {
-  if (authData$2) {
-    return authData$2.userId;
+function getUserId$1() {
+  if (authData$1) {
+    return authData$1.userId;
   }
   return undefined;
 }
-function getUserRoles$2() {
+function getUserRoles$1() {
   var _authData3;
-  return (_authData3 = authData$2) === null || _authData3 === void 0 ? void 0 : _authData3.roles;
+  return (_authData3 = authData$1) === null || _authData3 === void 0 ? void 0 : _authData3.roles;
 }
-function getUserPicUrl$2() {
+function getUserPicUrl$1() {
   return undefined;
 }
 var AuthDev = {
-  name: name$4,
-  signIn: signIn$2,
-  signOut: signOut$2,
-  isUserSignedIn: isUserSignedIn$2,
-  getUserEmail: getUserEmail$2,
-  getUserName: getUserName$2,
-  getUserRoles: getUserRoles$2,
-  getUserId: getUserId$2,
-  getUserPicUrl: getUserPicUrl$2,
-  isAsync: isAsync$2,
-  setConfig: setConfig$2,
-  acquireTokens: acquireTokens$2,
-  acquireTokensByRequest: acquireTokensByRequest$1
+  name: name$3,
+  signIn: signIn$1,
+  signOut: signOut$1,
+  isUserSignedIn: isUserSignedIn$1,
+  getUserEmail: getUserEmail$1,
+  getUserName: getUserName$1,
+  getUserRoles: getUserRoles$1,
+  getUserId: getUserId$1,
+  getUserPicUrl: getUserPicUrl$1,
+  isAsync: isAsync$1,
+  setConfig: setConfig$1,
+  acquireTokens: acquireTokens$1,
+  acquireTokensByRequest
 };
 
 /*! @azure/msal-common v14.14.0 2024-07-23 */
@@ -44676,7 +44693,7 @@ class Logger {
 
 /*! @azure/msal-common v14.14.0 2024-07-23 */
 /* eslint-disable header/header */
-const name$3 = "@azure/msal-common";
+const name$2 = "@azure/msal-common";
 const version$1 = "14.14.0";
 
 /*! @azure/msal-common v14.14.0 2024-07-23 */
@@ -45312,7 +45329,7 @@ class CacheManager {
     constructor(clientId, cryptoImpl, logger, staticAuthorityOptions) {
         this.clientId = clientId;
         this.cryptoImpl = cryptoImpl;
-        this.commonLogger = logger.clone(name$3, version$1);
+        this.commonLogger = logger.clone(name$2, version$1);
         this.staticAuthorityOptions = staticAuthorityOptions;
     }
     /**
@@ -47279,7 +47296,7 @@ class BaseClient {
         // Set the configuration
         this.config = buildClientConfiguration(configuration);
         // Initialize the logger
-        this.logger = new Logger(this.config.loggerOptions, name$3, version$1);
+        this.logger = new Logger(this.config.loggerOptions, name$2, version$1);
         // Initialize crypto
         this.cryptoUtils = this.config.cryptoInterface;
         // Initialize storage interface
@@ -50195,7 +50212,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
 
 /*! @azure/msal-browser v3.20.0 2024-07-23 */
 /* eslint-disable header/header */
-const name$2 = "@azure/msal-browser";
+const name$1 = "@azure/msal-browser";
 const version = "3.20.0";
 
 /*! @azure/msal-browser v3.20.0 2024-07-23 */
@@ -50270,7 +50287,7 @@ class BaseOperatingContext {
         if (piiLoggingEnabled !== undefined) {
             loggerOptions.piiLoggingEnabled = piiLoggingEnabled;
         }
-        this.logger = new Logger(loggerOptions, name$2, version);
+        this.logger = new Logger(loggerOptions, name$1, version);
         this.available = false;
     }
     /**
@@ -57263,278 +57280,12 @@ class PublicClientApplication {
     }
 }
 
-// Functions to read & write from storage.
-// Notes : local storage works on Chromium but not on Firefox if "Delete
-// cookies and site data when Firefox is closed" is selected (for more
-// details, see https://bugzilla.mozilla.org/show_bug.cgi?id=1453699)
-var writeToStorage$1 = (key, value) => {
-  localStorage.setItem(key, value);
-};
-var readFromStorage$1 = key => {
-  return localStorage.getItem(key);
-};
-var clearFromStorage$1 = key => {
-  localStorage.removeItem(key);
-};
-var name$1 = 'auth-keycloakPopupExperimental';
-var authData$1 = {
-  authenticated: readFromStorage$1('authAuthenticated') === 'true',
-  accountId: undefined,
-  userEmail: undefined,
-  username: undefined,
-  userId: undefined,
-  roles: []
-};
-var config$1 = null;
-var msalApp$1 = null;
-var setConfig$1 = /*#__PURE__*/function () {
-  var _ref = _asyncToGenerator(function* (newConfig) {
-    config$1 = newConfig;
-    msalApp$1 = new PublicClientApplication(config$1.msalConfig);
-    yield msalApp$1.initialize();
-  });
-  return function setConfig(_x) {
-    return _ref.apply(this, arguments);
-  };
-}();
-var checkInit$1 = () => {
-  if (msalApp$1 === null) {
-    console.error('AuthMSAL module has not been initialized. Make sure you ' + 'call the setConfig const when =  you add the AuthMSAL provider.');
-    return false;
-  }
-  return true;
-};
-var redirectOnAuthSuccess$1 = () => {
-  var _config$msalConfig$au, _config;
-  window.location.href = (_config$msalConfig$au = (_config = config$1) === null || _config === void 0 || (_config = _config.msalConfig) === null || _config === void 0 || (_config = _config.auth) === null || _config === void 0 ? void 0 : _config.redirectUri) !== null && _config$msalConfig$au !== void 0 ? _config$msalConfig$au : '/';
-};
-var _acquireTokensByRequestAndAccount$1 = /*#__PURE__*/function () {
-  var _ref2 = _asyncToGenerator(function* (tokenReq, account) {
-    if (!tokenReq) {
-      console.warn('No base access token request provided');
-      tokenReq = {};
-    }
-    tokenReq.account = account;
-    return yield msalApp$1.acquireTokenSilent(tokenReq).then(tokenRes => tokenRes).catch(silentTokenFetchError => {
-      var _silentTokenFetchErro;
-      if (silentTokenFetchError.errorCode === 'no_tokens_found') {
-        // No token found during acquireTokenSilent, ignore this error, nothing to do
-        return;
-      } else if (silentTokenFetchError.errorCode === 'login_required') {
-        console.warn('Silent authentication not possible, user is not logged in. This usually happens when the user session ' + 'has expired. Please try to log in again.');
-        return;
-      } else if (((_silentTokenFetchErro = silentTokenFetchError.errorMessage) === null || _silentTokenFetchErro === void 0 ? void 0 : _silentTokenFetchErro.indexOf('interaction_required')) !== -1) {
-        msalApp$1.acquireTokenPopup(tokenReq).then(tokenRes => tokenRes) // Token acquired with interaction
-        .catch(popupTokenFetchError => popupTokenFetchError); // Token retrieval failed
-      }
-      throw silentTokenFetchError;
-    });
-  });
-  return function _acquireTokensByRequestAndAccount(_x2, _x3) {
-    return _ref2.apply(this, arguments);
-  };
-}();
-var acquireTokens$1 = /*#__PURE__*/function () {
-  var _ref3 = _asyncToGenerator(function* () {
-    var _msalApp$getAllAccoun;
-    if (!checkInit$1()) return;
-    var idToken = readFromStorage$1('authIdToken');
-    var accessToken = readFromStorage$1('authAccessToken');
-    var authenticated = readFromStorage$1('authAuthenticated') === 'true';
-    if (authenticated && idToken != null && accessToken != null) {
-      return {
-        accessToken,
-        idToken
-      };
-    }
-    var account = (_msalApp$getAllAccoun = msalApp$1.getAllAccounts()) === null || _msalApp$getAllAccoun === void 0 ? void 0 : _msalApp$getAllAccoun[0];
-    var tokenReq = config$1.accessRequest;
-    if (account === undefined) {
-      return undefined;
-    }
-    return yield _acquireTokensByRequestAndAccount$1(tokenReq, account);
-  });
-  return function acquireTokens() {
-    return _ref3.apply(this, arguments);
-  };
-}();
-var acquireTokensByRequest = /*#__PURE__*/function () {
-  var _ref4 = _asyncToGenerator(function* (tokenReq) {
-    var _msalApp$getAllAccoun2;
-    if (!checkInit$1()) return;
-    var account = (_msalApp$getAllAccoun2 = msalApp$1.getAllAccounts()) === null || _msalApp$getAllAccoun2 === void 0 ? void 0 : _msalApp$getAllAccoun2[0];
-    return yield _acquireTokensByRequestAndAccount$1(tokenReq, account);
-  });
-  return function acquireTokensByRequest(_x4) {
-    return _ref4.apply(this, arguments);
-  };
-}();
-var selectAccount = () => {
-  if (!checkInit$1()) return;
-  var accounts = msalApp$1.getAllAccounts();
-  if (accounts.length === 0) {
-    return;
-  }
-  // Select the 1st account if more than one is detected
-  if (accounts.length > 1) {
-    console.warn('Several accounts detected, using the first one by default.');
-  }
-  authData$1.authenticated = true;
-  var account = accounts[0];
-  authData$1.accountId = account.homeAccountId;
-  authData$1.userEmail = account.username; // In MSAL account data, username property contains user email
-  authData$1.username = account.name;
-  authData$1.userId = account.localAccountId;
-  redirectOnAuthSuccess$1();
-};
-var handleResponse$1 = response => {
-  if (response == null) {
-    selectAccount();
-    return;
-  }
-  writeToStorage$1('authIdTokenPopup', response.idToken);
-  writeToStorage$1('authIdToken', response.idToken);
-  writeToStorage$1('authAccessToken', response.accessToken);
-  writeToStorage$1('authAuthenticated', 'true');
-  authData$1.authenticated = true;
-  var account = response.account;
-  authData$1.accountId = account.homeAccountId;
-  authData$1.userEmail = account.username; // In MSAL account data, username property contains user email
-  authData$1.username = account.name;
-  authData$1.userId = account.localAccountId;
-  redirectOnAuthSuccess$1();
-};
-var signIn$1 = () => {
-  if (!checkInit$1()) return;
-
-  // Force removal of MSAL interaction status if it exists in session storage (it happens sometimes after logout)
-  var itemKey = 'msal.interaction.status';
-  if (sessionStorage.getItem(itemKey)) {
-    sessionStorage.removeItem(itemKey);
-  }
-  return msalApp$1.loginPopup(config$1.loginRequest).then(handleResponse$1).catch(error => {
-    var _error$errorMessage;
-    // Error handling
-    // Check for forgot password error
-    // Learn more about AAD error codes at
-    // https://docs.microsoft.com/en-us/azure/active-directory/develop/reference-aadsts-error-codes
-    if (((_error$errorMessage = error.errorMessage) === null || _error$errorMessage === void 0 ? void 0 : _error$errorMessage.indexOf('AADB2C90118')) > -1) {
-      msalApp$1.loginPopup(config$1.b2cPolicies.authorities.forgotPassword).then(response => {
-        window.alert('Password has been reset successfully. \nPlease sign-in with your new password.');
-      });
-    } else if (error.errorCode === 'user_cancelled') ; else {
-      throw error;
-    }
-  });
-};
-var signOut$1 = () => {
-  if (!checkInit$1()) return;
-  clearFromStorage$1('authIdTokenPopup');
-  clearFromStorage$1('authIdToken');
-  clearFromStorage$1('authAccessToken');
-  writeToStorage$1('authAuthenticated', 'false');
-  // return;
-  var logoutRequest = {
-    account: msalApp$1.getAccountByHomeId(authData$1.accountId)
-  };
-  msalApp$1.logoutRedirect(logoutRequest);
-};
-
-// Returns a boolean value, stating whether the isUserSignedIn must be provided a callback
-var isAsync$1 = () => {
-  return false;
-};
-var _extractRolesFromAccessToken$1 = accessToken => {
-  var result = [];
-  if (accessToken) {
-    var decodedToken = JSON.parse(atob(accessToken.split('.')[1]));
-    if (decodedToken !== null && decodedToken !== void 0 && decodedToken.roles) {
-      result = decodedToken === null || decodedToken === void 0 ? void 0 : decodedToken.roles;
-    }
-  }
-  return result;
-};
-var isUserSignedIn$1 = /*#__PURE__*/function () {
-  var _ref5 = _asyncToGenerator(function* () {
-    // Return true if already authenticated
-    if (authData$1.authenticated) return true;
-    if (readFromStorage$1('authAuthenticated') === 'true') {
-      authData$1.authenticated = true;
-      return true;
-    }
-
-    // Otherwise, try to acquire a token silently to implement SSO
-    var tokens = yield acquireTokens$1();
-    if ((tokens === null || tokens === void 0 ? void 0 : tokens.idToken) !== undefined) {
-      writeToStorage$1('authIdToken', tokens.idToken);
-    }
-    if ((tokens === null || tokens === void 0 ? void 0 : tokens.accessToken) !== undefined) {
-      var accessToken = tokens.accessToken;
-      authData$1.roles = _extractRolesFromAccessToken$1(accessToken);
-      writeToStorage$1('authAccessToken', accessToken);
-      return true;
-    }
-    return false;
-  });
-  return function isUserSignedIn() {
-    return _ref5.apply(this, arguments);
-  };
-}();
-var getUserEmail$1 = () => {
-  var _authData$userEmail, _msalApp$getAllAccoun3;
-  if (!checkInit$1()) return;
-  // Note: account data from MSAL seems to contain user email in the 'username' property
-  return (_authData$userEmail = authData$1 === null || authData$1 === void 0 ? void 0 : authData$1.userEmail) !== null && _authData$userEmail !== void 0 ? _authData$userEmail : (_msalApp$getAllAccoun3 = msalApp$1.getAllAccounts()) === null || _msalApp$getAllAccoun3 === void 0 || (_msalApp$getAllAccoun3 = _msalApp$getAllAccoun3[0]) === null || _msalApp$getAllAccoun3 === void 0 ? void 0 : _msalApp$getAllAccoun3.username;
-};
-var getUserName$1 = () => {
-  var _authData$name, _msalApp$getAllAccoun4;
-  if (!checkInit$1()) return;
-  return (_authData$name = authData$1 === null || authData$1 === void 0 ? void 0 : authData$1.name) !== null && _authData$name !== void 0 ? _authData$name : (_msalApp$getAllAccoun4 = msalApp$1.getAllAccounts()) === null || _msalApp$getAllAccoun4 === void 0 || (_msalApp$getAllAccoun4 = _msalApp$getAllAccoun4[0]) === null || _msalApp$getAllAccoun4 === void 0 ? void 0 : _msalApp$getAllAccoun4.name;
-};
-var getUserId$1 = () => {
-  var _authData$userId, _msalApp$getAllAccoun5;
-  if (!checkInit$1()) return;
-  return (_authData$userId = authData$1 === null || authData$1 === void 0 ? void 0 : authData$1.userId) !== null && _authData$userId !== void 0 ? _authData$userId : (_msalApp$getAllAccoun5 = msalApp$1.getAllAccounts()) === null || _msalApp$getAllAccoun5 === void 0 || (_msalApp$getAllAccoun5 = _msalApp$getAllAccoun5[0]) === null || _msalApp$getAllAccoun5 === void 0 ? void 0 : _msalApp$getAllAccoun5.localAccountId;
-};
-var getUserRoles$1 = () => {
-  if (!checkInit$1()) return;
-  return authData$1.roles;
-};
-var getUserPicUrl$1 = () => {
-  return undefined;
-};
-
-var AuthKeycloakPopupExperimental = /*#__PURE__*/Object.freeze({
-  __proto__: null,
-  acquireTokens: acquireTokens$1,
-  acquireTokensByRequest: acquireTokensByRequest,
-  getUserEmail: getUserEmail$1,
-  getUserId: getUserId$1,
-  getUserName: getUserName$1,
-  getUserPicUrl: getUserPicUrl$1,
-  getUserRoles: getUserRoles$1,
-  isAsync: isAsync$1,
-  isUserSignedIn: isUserSignedIn$1,
-  name: name$1,
-  setConfig: setConfig$1,
-  signIn: signIn$1,
-  signOut: signOut$1
-});
-
-// Functions to read & write from storage.
-// Notes : local storage works on Chromium but not on Firefox if "Delete
-// cookies and site data when Firefox is closed" is selected (for more
-// details, see https://bugzilla.mozilla.org/show_bug.cgi?id=1453699)
-var writeToStorage = (key, value) => {
-  localStorage.setItem(key, value);
-};
-var readFromStorage = key => {
-  return localStorage.getItem(key);
-};
-var clearFromStorage = key => {
-  localStorage.removeItem(key);
-};
-var name = 'auth-keycloakRedirectExperimental';
+// Note: local storage works on Chromium but not on Firefox if "Delete cookies and site data when Firefox is closed" is
+// selected (for more details, see https://bugzilla.mozilla.org/show_bug.cgi?id=1453699)
+var writeToStorage = (key, value) => localStorage.setItem(key, value);
+var readFromStorage = key => localStorage.getItem(key);
+var clearFromStorage = key => localStorage.removeItem(key);
+var name = 'auth-keycloakRedirect';
 var authData = {
   authenticated: readFromStorage('authAuthenticated') === 'true',
   accountId: undefined,
@@ -57557,7 +57308,7 @@ var setConfig = /*#__PURE__*/function () {
 }();
 var checkInit = () => {
   if (msalApp === null) {
-    console.error('AuthMSAL module has not been initialized. Make sure you ' + 'call the setConfig const when =  you add the AuthMSAL provider.');
+    console.error('AuthKeycloakRedirect module has not been initialized. Make sure you ' + 'call the setConfig function when you add the AuthKeycloakRedirect provider.');
     return false;
   }
   return true;
@@ -57569,7 +57320,7 @@ var redirectOnAuthSuccess = () => {
 var _acquireTokensByRequestAndAccount = /*#__PURE__*/function () {
   var _ref2 = _asyncToGenerator(function* (tokenReq, account) {
     if (!tokenReq) {
-      console.warn('No base access token request provided');
+      console.warn('No token request provided');
       tokenReq = {};
     }
     tokenReq.account = account;
@@ -57583,7 +57334,7 @@ var _acquireTokensByRequestAndAccount = /*#__PURE__*/function () {
         return;
       } else if (((_silentTokenFetchErro = silentTokenFetchError.errorMessage) === null || _silentTokenFetchErro === void 0 ? void 0 : _silentTokenFetchErro.indexOf('interaction_required')) !== -1) {
         msalApp.acquireTokenRedirect(tokenReq).then(tokenRes => tokenRes) // Token acquired with interaction
-        .catch(tokenRedirectError => tokenRedirectError); // Token retrieval failed
+        .catch(tokenRedirectError => console.error(tokenRedirectError));
       }
       throw silentTokenFetchError;
     });
@@ -57592,25 +57343,28 @@ var _acquireTokensByRequestAndAccount = /*#__PURE__*/function () {
     return _ref2.apply(this, arguments);
   };
 }();
+
+// When forceRefresh is set to true, existing tokens in browser storage are ignored and new tokens are retrieved with
+// a silent request
 var acquireTokens = /*#__PURE__*/function () {
   var _ref3 = _asyncToGenerator(function* () {
     var _msalApp$getAllAccoun;
+    var forceRefresh = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : false;
     if (!checkInit()) return;
-    var idToken = readFromStorage('authIdToken');
-    var accessToken = readFromStorage('authAccessToken');
-    var authenticated = readFromStorage('authAuthenticated') === 'true';
-    if (authenticated && idToken != null && accessToken != null) {
-      return {
-        accessToken,
-        idToken
-      };
+    if (!forceRefresh) {
+      var idToken = readFromStorage('authIdToken');
+      var accessToken = readFromStorage('authAccessToken');
+      var authenticated = readFromStorage('authAuthenticated') === 'true';
+      if (authenticated && idToken != null && accessToken != null) {
+        return {
+          accessToken,
+          idToken
+        };
+      }
     }
     var account = (_msalApp$getAllAccoun = msalApp.getAllAccounts()) === null || _msalApp$getAllAccoun === void 0 ? void 0 : _msalApp$getAllAccoun[0];
-    var tokenReq = config.accessRequest;
-    if (account === undefined) {
-      return undefined;
-    }
-    return yield _acquireTokensByRequestAndAccount(tokenReq, account);
+    if (account === undefined) return;
+    return yield _acquireTokensByRequestAndAccount(config.accessRequest, account);
   });
   return function acquireTokens() {
     return _ref3.apply(this, arguments);
@@ -57664,6 +57418,10 @@ var signOut = () => {
 var isAsync = () => {
   return false;
 };
+var _updateTokensInStorage = tokens => {
+  if (tokens !== null && tokens !== void 0 && tokens.idToken) writeToStorage('authIdToken', tokens.idToken);
+  if (tokens !== null && tokens !== void 0 && tokens.accessToken) writeToStorage('authAccessToken', tokens.accessToken);
+};
 var _extractRolesFromAccessToken = accessToken => {
   var result = [];
   if (accessToken) {
@@ -57676,40 +57434,38 @@ var _extractRolesFromAccessToken = accessToken => {
 };
 var isUserSignedIn = /*#__PURE__*/function () {
   var _ref4 = _asyncToGenerator(function* () {
-    // Return true if already authenticated
     if (authData.authenticated) return true;
     if (readFromStorage('authAuthenticated') === 'true') {
       authData.authenticated = true;
       return true;
     }
-
-    // Resume interaction if one is already in progress
-    if (readFromStorage('authInteractionInProgress') === name) {
-      clearFromStorage('authInteractionInProgress');
-      var locationHashParameters = new URLSearchParams(window.location.hash.substring(1));
-      if (locationHashParameters.has('state')) {
-        var _config2;
-        if (locationHashParameters.has('iss', (_config2 = config) === null || _config2 === void 0 || (_config2 = _config2.msalConfig) === null || _config2 === void 0 || (_config2 = _config2.auth) === null || _config2 === void 0 || (_config2 = _config2.authorityMetadata) === null || _config2 === void 0 ? void 0 : _config2.issuer)) {
-          // Resume redirect workflow process
-          msalApp.handleRedirectPromise().then(handleResponse);
-          // return true;
-        } else if (locationHashParameters.has('iss')) {
-          var _config3;
-          console.warn('Issuer found in url ("' + ((_config3 = config) === null || _config3 === void 0 || (_config3 = _config3.msalConfig) === null || _config3 === void 0 || (_config3 = _config3.auth) === null || _config3 === void 0 || (_config3 = _config3.authorityMetadata) === null || _config3 === void 0 ? void 0 : _config3.issuer) + '") does not match the keycloak configuration ("' + locationHashParameters.get('iss') + '")');
+    try {
+      // Resume interaction if one is already in progress
+      if (readFromStorage('authInteractionInProgress') === name) {
+        clearFromStorage('authInteractionInProgress');
+        var locationHashParameters = new URLSearchParams(window.location.hash.substring(1));
+        if (locationHashParameters.has('state')) {
+          var _config2;
+          if (locationHashParameters.has('iss', (_config2 = config) === null || _config2 === void 0 || (_config2 = _config2.msalConfig) === null || _config2 === void 0 || (_config2 = _config2.auth) === null || _config2 === void 0 || (_config2 = _config2.authorityMetadata) === null || _config2 === void 0 ? void 0 : _config2.issuer)) {
+            msalApp.handleRedirectPromise().then(handleResponse); // Resume redirect workflow process
+          } else if (locationHashParameters.has('iss')) {
+            var _config3;
+            var configIssuer = (_config3 = config) === null || _config3 === void 0 || (_config3 = _config3.msalConfig) === null || _config3 === void 0 || (_config3 = _config3.auth) === null || _config3 === void 0 || (_config3 = _config3.authorityMetadata) === null || _config3 === void 0 ? void 0 : _config3.issuer;
+            var urlIssuer = locationHashParameters.get('iss');
+            console.warn("Issuer found in url \"".concat(urlIssuer, "\" does not match keycloak configuration: \"").concat(configIssuer, "\""));
+          }
         }
       }
-    }
 
-    // Otherwise, try to acquire a token silently to implement SSO
-    var tokens = yield acquireTokens();
-    if ((tokens === null || tokens === void 0 ? void 0 : tokens.idToken) !== undefined) {
-      writeToStorage('authIdToken', tokens.idToken);
-    }
-    if ((tokens === null || tokens === void 0 ? void 0 : tokens.accessToken) !== undefined) {
-      var accessToken = tokens.accessToken;
-      authData.roles = _extractRolesFromAccessToken(accessToken);
-      writeToStorage('authAccessToken', accessToken);
-      return true;
+      // Otherwise, try to acquire a token silently to implement SSO
+      var tokens = yield acquireTokens();
+      _updateTokensInStorage(tokens);
+      if ((tokens === null || tokens === void 0 ? void 0 : tokens.accessToken) !== undefined) {
+        authData.roles = _extractRolesFromAccessToken(tokens.accessToken);
+        return true;
+      }
+    } catch (e) {
+      console.error(e);
     }
     return false;
   });
@@ -57717,6 +57473,16 @@ var isUserSignedIn = /*#__PURE__*/function () {
     return _ref4.apply(this, arguments);
   };
 }();
+var refreshTokens = /*#__PURE__*/function () {
+  var _ref5 = _asyncToGenerator(function* () {
+    var tokens = yield acquireTokens(true);
+    _updateTokensInStorage(tokens);
+    return tokens;
+  });
+  return function refreshTokens() {
+    return _ref5.apply(this, arguments);
+  };
+}();
 var getUserEmail = () => {
   var _authData$userEmail, _msalApp$getAllAccoun2;
   if (!checkInit()) return;
@@ -57741,7 +57507,7 @@ var getUserPicUrl = () => {
   return undefined;
 };
 
-var AuthKeycloakRedirectExperimental = /*#__PURE__*/Object.freeze({
+var AuthKeycloakRedirect = /*#__PURE__*/Object.freeze({
   __proto__: null,
   acquireTokens: acquireTokens,
   getUserEmail: getUserEmail,
@@ -57752,6 +57518,7 @@ var AuthKeycloakRedirectExperimental = /*#__PURE__*/Object.freeze({
   isAsync: isAsync,
   isUserSignedIn: isUserSignedIn,
   name: name,
+  refreshTokens: refreshTokens,
   setConfig: setConfig,
   signIn: signIn,
   signOut: signOut
@@ -58105,8 +57872,7 @@ var ResourceUtils = {
 exports.AgGridUtils = AgGridUtils;
 exports.Auth = Auth;
 exports.AuthDev = AuthDev;
-exports.AuthKeycloakPopupExperimental = AuthKeycloakPopupExperimental;
-exports.AuthKeycloakRedirectExperimental = AuthKeycloakRedirectExperimental;
+exports.AuthKeycloakRedirect = AuthKeycloakRedirect;
 exports.CSVUtils = CSVUtils;
 exports.DatasetUtils = DatasetUtils;
 exports.DateUtils = DateUtils;