@globus/sdk 3.0.0-alpha.1 → 3.0.0-alpha.11

package/cjs/lib/core/authorization/AuthorizationManager.d.ts

@@ -1,7 +1,8 @@
 import type IConfig from 'js-pkce/dist/IConfig';
 import { Token, TokenResponse } from '../../services/auth/index.js';
-import { Service } from '../global.js';
 import { Event } from './Event.js';
+import { TokenLookup } from './TokenLookup.js';
+import { AuthorizationRequirementsError, ConsentRequiredError } from '../errors.js';
 export type AuthorizationManagerConfiguration = {
     client_id: IConfig['client_id'];
     requested_scopes: IConfig['requested_scopes'];
@@ -12,18 +13,36 @@ export type AuthorizationManagerConfiguration = {
  */
 export declare class AuthorizationManager {
     #private;
-    authenticated: boolean;
-    getTokenForService(service: Extract<Service, 'AUTH' | 'TRANSFER' | 'FLOWS'>): any;
+    configuration: AuthorizationManagerConfiguration;
+    /**
+     * The `AuthorizationManager` is consdiered `authenticated` if it has a valid Globus Auth token.
+     * It does not necessarily mean that it has a valid token for a specific resource server.
+     */
+    get authenticated(): boolean;
+    /**
+     * Set the authenticated state and emit the `authenticated` event.
+     */
+    set authenticated(value: boolean);
+    tokens: TokenLookup;
     events: {
         /**
          * Emitted when the authenticated state changes.
+         * @event AuthorizationManager.events#authenticated
+         * @type {object}
+         * @property {boolean} isAuthenticated - Whether the `AuthorizationManager` is authenticated.
+         * @property {TokenResponse} [token] - The token response if the `AuthorizationManager` is authenticated.
          */
         authenticated: Event<"authenticated", {
+            /**
+             * Whether the `AuthorizationManager` is authenticated.
+             * @see {@link AuthorizationManager.authenticated}
+             */
             isAuthenticated: boolean;
             token?: TokenResponse | undefined;
         }>;
         /**
          * Emitted when the user revokes their authentication.
+         * @event AuthorizationManager.events#revoke
          */
         revoke: Event<"revoke", unknown>;
     };
@@ -31,17 +50,46 @@ export declare class AuthorizationManager {
     startSilentRenew(): void;
     hasGlobusAuthToken(): boolean;
     getGlobusAuthToken(): any;
+    /**
+     * Reset the authenticated state and clear all tokens from storage.
+     * This method **does not** emit the `revoke` event. If you need to emit the `revoke` event, use the `AuthorizationManager.revoke` method.
+     */
     reset(): void;
-    redirect(): void;
+    /**
+     * Initiate the login process by redirecting to the Globus Auth login page.
+     */
+    login(): void;
     handleCodeRedirect(): Promise<void>;
     /**
-     * @todo
+     * Handle an error response from a Globus service in the context of this `AuthorizationManager`.
+     * This method will introspect the response and attempt to handle any errors that should result
+     * in some additional Globus Auth interaction.
+     * @param response - The error response from a Globus service.
+     * @param execute - Whether to execute the handler immediately or return a function that can be executed later.
+     */
+    handleErrorResponse(response: Record<string, unknown>, execute?: true): void;
+    handleErrorResponse(response: Record<string, unknown>, execute?: false): () => void;
+    /**
+     * Process a well-formed Authorization Requirements error response from a Globus service
+     * and redirect the user to the Globus Auth login page with the necessary parameters.
+     */
+    handleAuthorizationRequirementsError(response: AuthorizationRequirementsError): void;
+    /**
+     * Process a well-formed `ConsentRequired` error response from a Globus service
+     * and redirect the user to the Globus Auth login page with the necessary parameters.
+     */
+    handleConsentRequiredError(response: ConsentRequiredError): void;
+    /**
+     * Add a Globus Auth token response to storage, if `other_tokens` are present they are also added.
+     * This method is mostly used internally by the `AuthorizationManager`, but can be used by downstream
+     * consumers to add tokens to storage if necessary.
      */
-    handleConsentRequiredError(response: {
-        code: 'ConsentRequired';
-        required_scopes: string[];
-    }): void;
     addTokenResponse: (token: Token | TokenResponse) => void;
+    /**
+     * Call `AuthroizationManager.reset` and emit the `revoke` event.
+     * @emits AuthorizationManager.events#revoke
+     * @see AuthorizationManager.reset
+     */
     revoke(): Promise<void>;
 }
 //# sourceMappingURL=AuthorizationManager.d.ts.map

package/cjs/lib/core/authorization/AuthorizationManager.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"AuthorizationManager.d.ts","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/AuthorizationManager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,OAAO,MAAM,sBAAsB,CAAC;AAEhD,OAAO,EACL,KAAK,EACL,aAAa,EAKd,MAAM,8BAA8B,CAAC;AAItC,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAEvC,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAC;AAGnC,MAAM,MAAM,iCAAiC,GAAG;IAC9C,SAAS,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;IAChC,gBAAgB,EAAE,OAAO,CAAC,kBAAkB,CAAC,CAAC;IAC9C,YAAY,EAAE,OAAO,CAAC,cAAc,CAAC,CAAC;CACvC,CAAC;AAEF;;GAEG;AACH,qBAAa,oBAAoB;;IAK/B,aAAa,UAAS;IAEtB,kBAAkB,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,UAAU,GAAG,OAAO,CAAC;IAS3E,MAAM;QACJ;;WAEG;;6BAIkB,OAAO;;;QAI5B;;WAEG;;MAEH;gBAEU,aAAa,EAAE,iCAAiC;IAc5D,gBAAgB;IAMhB,kBAAkB;IAIlB,kBAAkB;IAuBlB,KAAK;IAgBL,QAAQ;IAMF,kBAAkB;IASxB;;OAEG;IAUH,0BAA0B,CAAC,QAAQ,EAAE;QAAE,IAAI,EAAE,iBAAiB,CAAC;QAAC,eAAe,EAAE,MAAM,EAAE,CAAA;KAAE;IAO3F,gBAAgB,UAAW,KAAK,GAAG,aAAa,UAK9C;IAEI,MAAM;CAIb"}
+{"version":3,"file":"AuthorizationManager.d.ts","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/AuthorizationManager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,OAAO,MAAM,sBAAsB,CAAC;AAEhD,OAAO,EACL,KAAK,EACL,aAAa,EAId,MAAM,8BAA8B,CAAC;AAKtC,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAC;AAEnC,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAE/C,OAAO,EAGL,8BAA8B,EAC9B,oBAAoB,EACrB,MAAM,cAAc,CAAC;AAEtB,MAAM,MAAM,iCAAiC,GAAG;IAC9C,SAAS,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;IAChC,gBAAgB,EAAE,OAAO,CAAC,kBAAkB,CAAC,CAAC;IAC9C,YAAY,EAAE,OAAO,CAAC,cAAc,CAAC,CAAC;CACvC,CAAC;AAEF;;GAEG;AACH,qBAAa,oBAAoB;;IAG/B,aAAa,EAAE,iCAAiC,CAAC;IAIjD;;;OAGG;IACH,IAAI,aAAa,IAOQ,OAAO,CAL/B;IAED;;OAEG;IACH,IAAI,aAAa,CAAC,KAAK,EAAE,OAAO,EAG/B;IAED,MAAM,EAAE,WAAW,CAAC;IAEpB,MAAM;QACJ;;;;;;WAMG;;YAIC;;;eAGG;6BACc,OAAO;;;QAI5B;;;WAGG;;MAEH;gBAEU,aAAa,EAAE,iCAAiC;IAsB5D,gBAAgB;IAMhB,kBAAkB;IAIlB,kBAAkB;IA0BlB;;;OAGG;IACH,KAAK;IAmBL;;OAEG;IACH,KAAK;IASC,kBAAkB;IAYxB;;;;;;OAMG;IACH,mBAAmB,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,CAAC,EAAE,IAAI,GAAG,IAAI;IAC5E,mBAAmB,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,CAAC,EAAE,KAAK,GAAG,MAAM,IAAI;IAyBnF;;;OAGG;IACH,oCAAoC,CAAC,QAAQ,EAAE,8BAA8B;IAe7E;;;OAGG;IACH,0BAA0B,CAAC,QAAQ,EAAE,oBAAoB;IAOzD;;;;OAIG;IACH,gBAAgB,UAAW,KAAK,GAAG,aAAa,UAM9C;IAEF;;;;OAIG;IACG,MAAM;CAIb"}

package/cjs/lib/core/authorization/AuthorizationManager.js

@@ -1,5 +1,5 @@
 "use strict";
-var _AuthorizationManager_instances, _AuthorizationManager_transport, _AuthorizationManager_configuration, _AuthorizationManager_bootstrapFromStorageState, _AuthorizationManager_emitAuthenticatedState, _AuthorizationManager_buildTransport;
+var _AuthorizationManager_instances, _AuthorizationManager_transport, _AuthorizationManager_authenticated, _AuthorizationManager_checkAuthorizationState, _AuthorizationManager_bootstrapFromStorageState, _AuthorizationManager_emitAuthenticatedState, _AuthorizationManager_buildTransport;
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.AuthorizationManager = void 0;
 const tslib_1 = require("tslib");
@@ -8,39 +8,56 @@ const index_js_2 = require("../storage/index.js");
 const logger_js_1 = require("../logger.js");
 const Event_js_1 = require("./Event.js");
 const RedirectTransport_js_1 = require("./RedirectTransport.js");
+const TokenLookup_js_1 = require("./TokenLookup.js");
+const errors_js_1 = require("../errors.js");
 /**
  * @experimental
  */
 class AuthorizationManager {
-    getTokenForService(service) {
-        var _a;
-        const resourceServer = (_a = index_js_1.CONFIG.RESOURCE_SERVERS) === null || _a === void 0 ? void 0 : _a[service];
-        if (!resourceServer) {
-            throw new Error(`No resource server found for service: ${service}`);
-        }
-        const raw = (0, index_js_2.getStorage)().get(`${tslib_1.__classPrivateFieldGet(this, _AuthorizationManager_configuration, "f").client_id}:${resourceServer}`) || '{}';
-        return JSON.parse(raw).access_token;
+    /**
+     * The `AuthorizationManager` is consdiered `authenticated` if it has a valid Globus Auth token.
+     * It does not necessarily mean that it has a valid token for a specific resource server.
+     */
+    get authenticated() {
+        return tslib_1.__classPrivateFieldGet(this, _AuthorizationManager_authenticated, "f");
+    }
+    /**
+     * Set the authenticated state and emit the `authenticated` event.
+     */
+    set authenticated(value) {
+        tslib_1.__classPrivateFieldSet(this, _AuthorizationManager_authenticated, value, "f");
+        tslib_1.__classPrivateFieldGet(this, _AuthorizationManager_instances, "m", _AuthorizationManager_emitAuthenticatedState).call(this);
     }
     constructor(configuration) {
         _AuthorizationManager_instances.add(this);
         _AuthorizationManager_transport.set(this, void 0);
-        _AuthorizationManager_configuration.set(this, void 0);
-        this.authenticated = false;
+        _AuthorizationManager_authenticated.set(this, false);
         this.events = {
             /**
              * Emitted when the authenticated state changes.
+             * @event AuthorizationManager.events#authenticated
+             * @type {object}
+             * @property {boolean} isAuthenticated - Whether the `AuthorizationManager` is authenticated.
+             * @property {TokenResponse} [token] - The token response if the `AuthorizationManager` is authenticated.
              */
             authenticated: new Event_js_1.Event('authenticated'),
             /**
              * Emitted when the user revokes their authentication.
+             * @event AuthorizationManager.events#revoke
              */
             revoke: new Event_js_1.Event('revoke'),
         };
+        /**
+         * Add a Globus Auth token response to storage, if `other_tokens` are present they are also added.
+         * This method is mostly used internally by the `AuthorizationManager`, but can be used by downstream
+         * consumers to add tokens to storage if necessary.
+         */
         this.addTokenResponse = (token) => {
-            (0, index_js_2.getStorage)().set(`${tslib_1.__classPrivateFieldGet(this, _AuthorizationManager_configuration, "f").client_id}:${token.resource_server}`, token);
+            (0, index_js_2.getStorage)().set(`${this.configuration.client_id}:${token.resource_server}`, token);
             if ('other_tokens' in token) {
                 token.other_tokens.forEach(this.addTokenResponse);
             }
+            tslib_1.__classPrivateFieldGet(this, _AuthorizationManager_instances, "m", _AuthorizationManager_checkAuthorizationState).call(this);
         };
         /**
          * @todo Add support for passing in an alternative storage mechanism.
@@ -49,7 +66,14 @@ class AuthorizationManager {
         if (!configuration.client_id) {
             throw new Error('You must provide a `client_id` for your application.');
         }
-        tslib_1.__classPrivateFieldSet(this, _AuthorizationManager_configuration, Object.assign({}, configuration), "f");
+        this.configuration = Object.assign(Object.assign({}, configuration), { 
+            /**
+             * Inject the `openid`, `profile`, `email`, and `offline_access` scopes by default.
+             */
+            requested_scopes: `${configuration.requested_scopes} openid profile email offline_access` });
+        this.tokens = new TokenLookup_js_1.TokenLookup({
+            manager: this,
+        });
         this.startSilentRenew();
     }
     startSilentRenew() {
@@ -61,45 +85,89 @@ class AuthorizationManager {
         return this.getGlobusAuthToken() !== null;
     }
     getGlobusAuthToken() {
-        const entry = (0, index_js_2.getStorage)().get(`${tslib_1.__classPrivateFieldGet(this, _AuthorizationManager_configuration, "f").client_id}:auth.globus.org`);
+        const entry = (0, index_js_2.getStorage)().get(`${this.configuration.client_id}:auth.globus.org`);
         return entry ? JSON.parse(entry) : null;
     }
+    /**
+     * Reset the authenticated state and clear all tokens from storage.
+     * This method **does not** emit the `revoke` event. If you need to emit the `revoke` event, use the `AuthorizationManager.revoke` method.
+     */
     reset() {
-        this.authenticated = false;
+        /**
+         * @todo This should be made specific to the keys generated by the `AuthorizationManager`.
+         */
         (0, index_js_2.getStorage)().clear();
+        this.authenticated = false;
     }
-    redirect() {
+    /**
+     * Initiate the login process by redirecting to the Globus Auth login page.
+     */
+    login() {
         this.reset();
+        /**
+         * In the future, it's possible that we may want to support different types of transports.
+         */
         const transport = tslib_1.__classPrivateFieldGet(this, _AuthorizationManager_instances, "m", _AuthorizationManager_buildTransport).call(this);
         transport.send();
     }
     handleCodeRedirect() {
         return tslib_1.__awaiter(this, void 0, void 0, function* () {
+            (0, logger_js_1.log)('debug', 'AuthorizationManager.handleCodeRedirect');
             const response = yield tslib_1.__classPrivateFieldGet(this, _AuthorizationManager_instances, "m", _AuthorizationManager_buildTransport).call(this).getToken();
             if ((0, index_js_1.isGlobusAuthTokenResponse)(response)) {
+                (0, logger_js_1.log)('debug', `AuthorizationManager.handleCodeRedirect | response=${JSON.stringify(response)}`);
                 this.addTokenResponse(response);
-                this.authenticated = true;
-                yield tslib_1.__classPrivateFieldGet(this, _AuthorizationManager_instances, "m", _AuthorizationManager_emitAuthenticatedState).call(this);
             }
         });
     }
+    handleErrorResponse(response, execute = true) {
+        (0, logger_js_1.log)('debug', `AuthorizationManager.handleErrorResponse | response=${JSON.stringify(response)} execute=${execute}`);
+        let handler = () => { };
+        if ((0, errors_js_1.isAuthorizationRequirementsError)(response)) {
+            (0, logger_js_1.log)('debug', 'AuthorizationManager.handleErrorResponse | error=AuthorizationRequirementsError');
+            handler = () => this.handleAuthorizationRequirementsError(response);
+        }
+        if ((0, errors_js_1.isConsentRequiredError)(response)) {
+            (0, logger_js_1.log)('debug', 'AuthorizationManager.handleErrorResponse | error=ConsentRequiredError');
+            handler = () => this.handleConsentRequiredError(response);
+        }
+        if ('code' in response && response['code'] === 'AuthenticationFailed') {
+            (0, logger_js_1.log)('debug', 'AuthorizationManager.handleErrorResponse | error=AuthenticationFailed');
+            handler = () => this.revoke();
+        }
+        return execute === true ? handler() : handler;
+    }
     /**
-     * @todo
+     * Process a well-formed Authorization Requirements error response from a Globus service
+     * and redirect the user to the Globus Auth login page with the necessary parameters.
+     */
+    handleAuthorizationRequirementsError(response) {
+        tslib_1.__classPrivateFieldSet(this, _AuthorizationManager_transport, tslib_1.__classPrivateFieldGet(this, _AuthorizationManager_instances, "m", _AuthorizationManager_buildTransport).call(this, {
+            params: {
+                session_message: response.authorization_parameters.session_message,
+                session_required_identities: response.authorization_parameters.session_required_identities.join(','),
+                session_required_mfa: response.authorization_parameters.session_required_mfa,
+                session_required_single_domain: response.authorization_parameters.session_required_single_domain.join(','),
+                prompt: 'login',
+            },
+        }), "f");
+        tslib_1.__classPrivateFieldGet(this, _AuthorizationManager_transport, "f").send();
+    }
+    /**
+     * Process a well-formed `ConsentRequired` error response from a Globus service
+     * and redirect the user to the Globus Auth login page with the necessary parameters.
      */
-    // handleErrorResponse(response: { code: string }) {
-    //   if (response.code === 'ConsentRequired') {
-    //     this.handleConsentRequiredError(response);
-    //   }
-    //   if (response.code === 'AuthenticationFailed') {
-    //     this.revoke();
-    //   }
-    // }
     handleConsentRequiredError(response) {
         tslib_1.__classPrivateFieldSet(this, _AuthorizationManager_transport, tslib_1.__classPrivateFieldGet(this, _AuthorizationManager_instances, "m", _AuthorizationManager_buildTransport).call(this, {
             requested_scopes: response.required_scopes.join(' '),
         }), "f");
         tslib_1.__classPrivateFieldGet(this, _AuthorizationManager_transport, "f").send();
     }
+    /**
+     * Call `AuthroizationManager.reset` and emit the `revoke` event.
+     * @emits AuthorizationManager.events#revoke
+     * @see AuthorizationManager.reset
+     */
     revoke() {
         return tslib_1.__awaiter(this, void 0, void 0, function* () {
             this.reset();
@@ -108,18 +176,19 @@ class AuthorizationManager {
     }
 }
 exports.AuthorizationManager = AuthorizationManager;
-_AuthorizationManager_transport = new WeakMap(), _AuthorizationManager_configuration = new WeakMap(), _AuthorizationManager_instances = new WeakSet(), _AuthorizationManager_bootstrapFromStorageState = function _AuthorizationManager_bootstrapFromStorageState() {
+_AuthorizationManager_transport = new WeakMap(), _AuthorizationManager_authenticated = new WeakMap(), _AuthorizationManager_instances = new WeakSet(), _AuthorizationManager_checkAuthorizationState = function _AuthorizationManager_checkAuthorizationState() {
+    (0, logger_js_1.log)('debug', 'AuthorizationManager.#checkAuthorizationState');
+    if (this.hasGlobusAuthToken()) {
+        this.authenticated = true;
+    }
+}, _AuthorizationManager_bootstrapFromStorageState = function _AuthorizationManager_bootstrapFromStorageState() {
     return tslib_1.__awaiter(this, void 0, void 0, function* () {
         (0, logger_js_1.log)('debug', 'AuthorizationManager.bootstrapFromStorageState');
-        if (this.hasGlobusAuthToken()) {
-            (0, logger_js_1.log)('debug', 'AuthorizationManager.bootstrapFromStorageState: hasGlobusAuthToken');
-            this.authenticated = true;
-            yield tslib_1.__classPrivateFieldGet(this, _AuthorizationManager_instances, "m", _AuthorizationManager_emitAuthenticatedState).call(this);
-        }
+        tslib_1.__classPrivateFieldGet(this, _AuthorizationManager_instances, "m", _AuthorizationManager_checkAuthorizationState).call(this);
     });
 }, _AuthorizationManager_emitAuthenticatedState = function _AuthorizationManager_emitAuthenticatedState() {
-    var _a;
     return tslib_1.__awaiter(this, void 0, void 0, function* () {
+        var _a;
         const isAuthenticated = this.authenticated;
         const token = (_a = this.getGlobusAuthToken()) !== null && _a !== void 0 ? _a : undefined;
         yield this.events.authenticated.dispatch({
@@ -128,6 +197,6 @@ _AuthorizationManager_transport = new WeakMap(), _AuthorizationManager_configura
         });
     });
 }, _AuthorizationManager_buildTransport = function _AuthorizationManager_buildTransport(overrides) {
-    return new RedirectTransport_js_1.RedirectTransport(Object.assign({ client_id: tslib_1.__classPrivateFieldGet(this, _AuthorizationManager_configuration, "f").client_id, authorization_endpoint: (0, index_js_1.getAuthorizationEndpoint)(), token_endpoint: (0, index_js_1.getTokenEndpoint)(), redirect_uri: tslib_1.__classPrivateFieldGet(this, _AuthorizationManager_configuration, "f").redirect_uri, requested_scopes: tslib_1.__classPrivateFieldGet(this, _AuthorizationManager_configuration, "f").requested_scopes }, overrides));
+    return new RedirectTransport_js_1.RedirectTransport(Object.assign({ client_id: this.configuration.client_id, authorization_endpoint: (0, index_js_1.getAuthorizationEndpoint)(), token_endpoint: (0, index_js_1.getTokenEndpoint)(), redirect_uri: this.configuration.redirect_uri, requested_scopes: this.configuration.requested_scopes }, overrides));
 };
 //# sourceMappingURL=AuthorizationManager.js.map

package/cjs/lib/core/authorization/AuthorizationManager.js.map

@@ -1 +1 @@
-{"version":3,"file":"AuthorizationManager.js","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/AuthorizationManager.ts"],"names":[],"mappings":";;;;;AAEA,2DAOsC;AAEtC,kDAAgE;AAChE,4CAAmC;AAGnC,yCAAmC;AACnC,iEAA2D;AAQ3D;;GAEG;AACH,MAAa,oBAAoB;IAO/B,kBAAkB,CAAC,OAAwD;;QACzE,MAAM,cAAc,GAAG,MAAA,iBAAM,CAAC,gBAAgB,0CAAG,OAAO,CAAC,CAAC;QAC1D,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,yCAAyC,OAAO,EAAE,CAAC,CAAC;QACtE,CAAC;QACD,MAAM,GAAG,GAAG,IAAA,qBAAU,GAAE,CAAC,GAAG,CAAC,GAAG,+BAAA,IAAI,2CAAe,CAAC,SAAS,IAAI,cAAc,EAAE,CAAC,IAAI,IAAI,CAAC;QAC3F,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,YAAY,CAAC;IACtC,CAAC;IAmBD,YAAY,aAAgD;;QAhC5D,kDAA+B;QAE/B,sDAAkD;QAElD,kBAAa,GAAG,KAAK,CAAC;QAWtB,WAAM,GAAG;YACP;;eAEG;YACH,aAAa,EAAE,IAAI,gBAAK,CAMtB,eAAe,CAAC;YAClB;;eAEG;YACH,MAAM,EAAE,IAAI,gBAAK,CAAC,QAAQ,CAAC;SAC5B,CAAC;QAmGF,qBAAgB,GAAG,CAAC,KAA4B,EAAE,EAAE;YAClD,IAAA,qBAAU,GAAE,CAAC,GAAG,CAAC,GAAG,+BAAA,IAAI,2CAAe,CAAC,SAAS,IAAI,KAAK,CAAC,eAAe,EAAE,EAAE,KAAK,CAAC,CAAC;YACrF,IAAI,cAAc,IAAI,KAAK,EAAE,CAAC;gBAC5B,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YACpD,CAAC;QACH,CAAC,CAAC;QArGA;;WAEG;QACH,IAAA,wBAAa,EAAC,cAAc,CAAC,CAAC;QAC9B,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;QAC1E,CAAC;QACD,+BAAA,IAAI,yDACC,aAAa,OACjB,CAAC;QACF,IAAI,CAAC,gBAAgB,EAAE,CAAC;IAC1B,CAAC;IAED,gBAAgB;QACd,IAAA,eAAG,EAAC,OAAO,EAAE,uCAAuC,CAAC,CAAC;QACtD,+BAAA,IAAI,wFAA2B,MAA/B,IAAI,CAA6B,CAAC;QAClC,qDAAqD;IACvD,CAAC;IAED,kBAAkB;QAChB,OAAO,IAAI,CAAC,kBAAkB,EAAE,KAAK,IAAI,CAAC;IAC5C,CAAC;IAED,kBAAkB;QAChB,MAAM,KAAK,GAAG,IAAA,qBAAU,GAAE,CAAC,GAAG,CAAC,GAAG,+BAAA,IAAI,2CAAe,CAAC,SAAS,kBAAkB,CAAC,CAAC;QACnF,OAAO,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAC1C,CAAC;IAoBD,KAAK;QACH,IAAI,CAAC,aAAa,GAAG,KAAK,CAAC;QAC3B,IAAA,qBAAU,GAAE,CAAC,KAAK,EAAE,CAAC;IACvB,CAAC;IAaD,QAAQ;QACN,IAAI,CAAC,KAAK,EAAE,CAAC;QACb,MAAM,SAAS,GAAG,+BAAA,IAAI,6EAAgB,MAApB,IAAI,CAAkB,CAAC;QACzC,SAAS,CAAC,IAAI,EAAE,CAAC;IACnB,CAAC;IAEK,kBAAkB;;YACtB,MAAM,QAAQ,GAAG,MAAM,+BAAA,IAAI,6EAAgB,MAApB,IAAI,CAAkB,CAAC,QAAQ,EAAE,CAAC;YACzD,IAAI,IAAA,oCAAyB,EAAC,QAAQ,CAAC,EAAE,CAAC;gBACxC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;gBAChC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;gBAC1B,MAAM,+BAAA,IAAI,qFAAwB,MAA5B,IAAI,CAA0B,CAAC;YACvC,CAAC;QACH,CAAC;KAAA;IAED;;OAEG;IACH,oDAAoD;IACpD,+CAA+C;IAC/C,iDAAiD;IACjD,MAAM;IACN,oDAAoD;IACpD,qBAAqB;IACrB,MAAM;IACN,IAAI;IAEJ,0BAA0B,CAAC,QAAgE;QACzF,+BAAA,IAAI,mCAAc,+BAAA,IAAI,6EAAgB,MAApB,IAAI,EAAiB;YACrC,gBAAgB,EAAE,QAAQ,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC;SACrD,CAAC,MAAA,CAAC;QACH,+BAAA,IAAI,uCAAW,CAAC,IAAI,EAAE,CAAC;IACzB,CAAC;IASK,MAAM;;YACV,IAAI,CAAC,KAAK,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;QACtC,CAAC;KAAA;CACF;AA7ID,oDA6IC;;;QA9EG,IAAA,eAAG,EAAC,OAAO,EAAE,gDAAgD,CAAC,CAAC;QAC/D,IAAI,IAAI,CAAC,kBAAkB,EAAE,EAAE,CAAC;YAC9B,IAAA,eAAG,EAAC,OAAO,EAAE,oEAAoE,CAAC,CAAC;YACnF,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;YAC1B,MAAM,+BAAA,IAAI,qFAAwB,MAA5B,IAAI,CAA0B,CAAC;QACvC,CAAC;IACH,CAAC;;;;QAGC,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC;QAC3C,MAAM,KAAK,GAAG,MAAA,IAAI,CAAC,kBAAkB,EAAE,mCAAI,SAAS,CAAC;QACrD,MAAM,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,QAAQ,CAAC;YACvC,eAAe;YACf,KAAK;SACN,CAAC,CAAC;;wFAQW,SAA4B;IAC1C,OAAO,IAAI,wCAAiB,iBAC1B,SAAS,EAAE,+BAAA,IAAI,2CAAe,CAAC,SAAS,EACxC,sBAAsB,EAAE,IAAA,mCAAwB,GAAE,EAClD,cAAc,EAAE,IAAA,2BAAgB,GAAE,EAClC,YAAY,EAAE,+BAAA,IAAI,2CAAe,CAAC,YAAY,EAC9C,gBAAgB,EAAE,+BAAA,IAAI,2CAAe,CAAC,gBAAgB,IACnD,SAAS,EACZ,CAAC;AACL,CAAC"}
+{"version":3,"file":"AuthorizationManager.js","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/AuthorizationManager.ts"],"names":[],"mappings":";;;;;AAEA,2DAMsC;AAEtC,kDAAgE;AAChE,4CAAmC;AAEnC,yCAAmC;AACnC,iEAA2D;AAC3D,qDAA+C;AAE/C,4CAKsB;AAQtB;;GAEG;AACH,MAAa,oBAAoB;IAO/B;;;OAGG;IACH,IAAI,aAAa;QACf,OAAO,+BAAA,IAAI,2CAAe,CAAC;IAC7B,CAAC;IAED;;OAEG;IACH,IAAI,aAAa,CAAC,KAAc;QAC9B,+BAAA,IAAI,uCAAkB,KAAK,MAAA,CAAC;QAC5B,+BAAA,IAAI,qFAAwB,MAA5B,IAAI,CAA0B,CAAC;IACjC,CAAC;IA8BD,YAAY,aAAgD;;QAlD5D,kDAA+B;QAI/B,8CAAiB,KAAK,EAAC;QAoBvB,WAAM,GAAG;YACP;;;;;;eAMG;YACH,aAAa,EAAE,IAAI,gBAAK,CAUtB,eAAe,CAAC;YAClB;;;eAGG;YACH,MAAM,EAAE,IAAI,gBAAK,CAAC,QAAQ,CAAC;SAC5B,CAAC;QA0KF;;;;WAIG;QACH,qBAAgB,GAAG,CAAC,KAA4B,EAAE,EAAE;YAClD,IAAA,qBAAU,GAAE,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,aAAa,CAAC,SAAS,IAAI,KAAK,CAAC,eAAe,EAAE,EAAE,KAAK,CAAC,CAAC;YACpF,IAAI,cAAc,IAAI,KAAK,EAAE,CAAC;gBAC5B,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YACpD,CAAC;YACD,+BAAA,IAAI,sFAAyB,MAA7B,IAAI,CAA2B,CAAC;QAClC,CAAC,CAAC;QAlLA;;WAEG;QACH,IAAA,wBAAa,EAAC,cAAc,CAAC,CAAC;QAC9B,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;QAC1E,CAAC;QACD,IAAI,CAAC,aAAa,mCACb,aAAa;YAChB;;eAEG;YACH,gBAAgB,EAAE,GAAG,aAAa,CAAC,gBAAgB,sCAAsC,GAC1F,CAAC;QAEF,IAAI,CAAC,MAAM,GAAG,IAAI,4BAAW,CAAC;YAC5B,OAAO,EAAE,IAAI;SACd,CAAC,CAAC;QACH,IAAI,CAAC,gBAAgB,EAAE,CAAC;IAC1B,CAAC;IAED,gBAAgB;QACd,IAAA,eAAG,EAAC,OAAO,EAAE,uCAAuC,CAAC,CAAC;QACtD,+BAAA,IAAI,wFAA2B,MAA/B,IAAI,CAA6B,CAAC;QAClC,qDAAqD;IACvD,CAAC;IAED,kBAAkB;QAChB,OAAO,IAAI,CAAC,kBAAkB,EAAE,KAAK,IAAI,CAAC;IAC5C,CAAC;IAED,kBAAkB;QAChB,MAAM,KAAK,GAAG,IAAA,qBAAU,GAAE,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,aAAa,CAAC,SAAS,kBAAkB,CAAC,CAAC;QAClF,OAAO,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAC1C,CAAC;IAuBD;;;OAGG;IACH,KAAK;QACH;;WAEG;QACH,IAAA,qBAAU,GAAE,CAAC,KAAK,EAAE,CAAC;QACrB,IAAI,CAAC,aAAa,GAAG,KAAK,CAAC;IAC7B,CAAC;IAaD;;OAEG;IACH,KAAK;QACH,IAAI,CAAC,KAAK,EAAE,CAAC;QACb;;WAEG;QACH,MAAM,SAAS,GAAG,+BAAA,IAAI,6EAAgB,MAApB,IAAI,CAAkB,CAAC;QACzC,SAAS,CAAC,IAAI,EAAE,CAAC;IACnB,CAAC;IAEK,kBAAkB;;YACtB,IAAA,eAAG,EAAC,OAAO,EAAE,yCAAyC,CAAC,CAAC;YACxD,MAAM,QAAQ,GAAG,MAAM,+BAAA,IAAI,6EAAgB,MAApB,IAAI,CAAkB,CAAC,QAAQ,EAAE,CAAC;YACzD,IAAI,IAAA,oCAAyB,EAAC,QAAQ,CAAC,EAAE,CAAC;gBACxC,IAAA,eAAG,EACD,OAAO,EACP,sDAAsD,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,CACjF,CAAC;gBACF,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;YAClC,CAAC;QACH,CAAC;KAAA;IAWD,mBAAmB,CAAC,QAAiC,EAAE,OAAO,GAAG,IAAI;QACnE,IAAA,eAAG,EACD,OAAO,EACP,uDAAuD,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,YAAY,OAAO,EAAE,CACrG,CAAC;QACF,IAAI,OAAO,GAAG,GAAG,EAAE,GAAE,CAAC,CAAC;QACvB,IAAI,IAAA,4CAAgC,EAAC,QAAQ,CAAC,EAAE,CAAC;YAC/C,IAAA,eAAG,EACD,OAAO,EACP,iFAAiF,CAClF,CAAC;YACF,OAAO,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,oCAAoC,CAAC,QAAQ,CAAC,CAAC;QACtE,CAAC;QACD,IAAI,IAAA,kCAAsB,EAAC,QAAQ,CAAC,EAAE,CAAC;YACrC,IAAA,eAAG,EAAC,OAAO,EAAE,uEAAuE,CAAC,CAAC;YACtF,OAAO,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,0BAA0B,CAAC,QAAQ,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,MAAM,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,CAAC,KAAK,sBAAsB,EAAE,CAAC;YACtE,IAAA,eAAG,EAAC,OAAO,EAAE,uEAAuE,CAAC,CAAC;YACtF,OAAO,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;QAChC,CAAC;QACD,OAAO,OAAO,KAAK,IAAI,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC;IAChD,CAAC;IAED;;;OAGG;IACH,oCAAoC,CAAC,QAAwC;QAC3E,+BAAA,IAAI,mCAAc,+BAAA,IAAI,6EAAgB,MAApB,IAAI,EAAiB;YACrC,MAAM,EAAE;gBACN,eAAe,EAAE,QAAQ,CAAC,wBAAwB,CAAC,eAAe;gBAClE,2BAA2B,EACzB,QAAQ,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,IAAI,CAAC,GAAG,CAAC;gBACzE,oBAAoB,EAAE,QAAQ,CAAC,wBAAwB,CAAC,oBAAoB;gBAC5E,8BAA8B,EAC5B,QAAQ,CAAC,wBAAwB,CAAC,8BAA8B,CAAC,IAAI,CAAC,GAAG,CAAC;gBAC5E,MAAM,EAAE,OAAO;aAChB;SACF,CAAC,MAAA,CAAC;QACH,+BAAA,IAAI,uCAAW,CAAC,IAAI,EAAE,CAAC;IACzB,CAAC;IAED;;;OAGG;IACH,0BAA0B,CAAC,QAA8B;QACvD,+BAAA,IAAI,mCAAc,+BAAA,IAAI,6EAAgB,MAApB,IAAI,EAAiB;YACrC,gBAAgB,EAAE,QAAQ,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC;SACrD,CAAC,MAAA,CAAC;QACH,+BAAA,IAAI,uCAAW,CAAC,IAAI,EAAE,CAAC;IACzB,CAAC;IAeD;;;;OAIG;IACG,MAAM;;YACV,IAAI,CAAC,KAAK,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;QACtC,CAAC;KAAA;CACF;AAjPD,oDAiPC;;IAxJG,IAAA,eAAG,EAAC,OAAO,EAAE,+CAA+C,CAAC,CAAC;IAC9D,IAAI,IAAI,CAAC,kBAAkB,EAAE,EAAE,CAAC;QAC9B,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;IAC5B,CAAC;AACH,CAAC;;QAGC,IAAA,eAAG,EAAC,OAAO,EAAE,gDAAgD,CAAC,CAAC;QAC/D,+BAAA,IAAI,sFAAyB,MAA7B,IAAI,CAA2B,CAAC;IAClC,CAAC;;;;QAGC,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC;QAC3C,MAAM,KAAK,GAAG,MAAA,IAAI,CAAC,kBAAkB,EAAE,mCAAI,SAAS,CAAC;QACrD,MAAM,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,QAAQ,CAAC;YACvC,eAAe;YACf,KAAK;SACN,CAAC,CAAC;IACL,CAAC;wFAce,SAAuE;IACrF,OAAO,IAAI,wCAAiB,iBAC1B,SAAS,EAAE,IAAI,CAAC,aAAa,CAAC,SAAS,EACvC,sBAAsB,EAAE,IAAA,mCAAwB,GAAE,EAClD,cAAc,EAAE,IAAA,2BAAgB,GAAE,EAClC,YAAY,EAAE,IAAI,CAAC,aAAa,CAAC,YAAY,EAC7C,gBAAgB,EAAE,IAAI,CAAC,aAAa,CAAC,gBAAgB,IAClD,SAAS,EACZ,CAAC;AACL,CAAC"}

package/cjs/lib/core/authorization/Event.d.ts

@@ -1,10 +1,15 @@
-type ListenerCallback<P> = (payload: P | undefined) => Promise<void> | void;
+/**
+ * @todo It would be nice to not `| any` here, but ideally callers do not need to
+ * fully type the payload to attach listeners.
+ */
+type ListenerCallback<P> = (payload?: P | any) => Promise<void> | void;
 export declare class Event<EventName extends string, Payload extends unknown> {
     #private;
     readonly name: EventName;
     constructor(name: EventName);
     addListener(callback: ListenerCallback<Payload>): () => void;
     removeListener(callback: ListenerCallback<Payload>): void;
+    clearListeners(): void;
     dispatch(payload?: Payload): Promise<void>;
 }
 export {};

package/cjs/lib/core/authorization/Event.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"Event.d.ts","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/Event.ts"],"names":[],"mappings":"AAAA,KAAK,gBAAgB,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,GAAG,SAAS,KAAK,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;AAE5E,qBAAa,KAAK,CAAC,SAAS,SAAS,MAAM,EAAE,OAAO,SAAS,OAAO;;IAGtD,QAAQ,CAAC,IAAI,EAAE,SAAS;gBAAf,IAAI,EAAE,SAAS;IAEpC,WAAW,CAAC,QAAQ,EAAE,gBAAgB,CAAC,OAAO,CAAC;IAK/C,cAAc,CAAC,QAAQ,EAAE,gBAAgB,CAAC,OAAO,CAAC;IAI5C,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO;CAGjC"}
+{"version":3,"file":"Event.d.ts","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/Event.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,KAAK,gBAAgB,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,GAAG,GAAG,KAAK,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;AAEvE,qBAAa,KAAK,CAAC,SAAS,SAAS,MAAM,EAAE,OAAO,SAAS,OAAO;;IAGtD,QAAQ,CAAC,IAAI,EAAE,SAAS;gBAAf,IAAI,EAAE,SAAS;IAEpC,WAAW,CAAC,QAAQ,EAAE,gBAAgB,CAAC,OAAO,CAAC;IAK/C,cAAc,CAAC,QAAQ,EAAE,gBAAgB,CAAC,OAAO,CAAC;IAIlD,cAAc;IAIR,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO;CAGjC"}

package/cjs/lib/core/authorization/Event.js

@@ -15,6 +15,9 @@ class Event {
     removeListener(callback) {
         tslib_1.__classPrivateFieldSet(this, _Event_callbacks, tslib_1.__classPrivateFieldGet(this, _Event_callbacks, "f").filter((cb) => cb !== callback), "f");
     }
+    clearListeners() {
+        tslib_1.__classPrivateFieldSet(this, _Event_callbacks, [], "f");
+    }
     dispatch(payload) {
         return tslib_1.__awaiter(this, void 0, void 0, function* () {
             yield Promise.all(tslib_1.__classPrivateFieldGet(this, _Event_callbacks, "f").map((callback) => callback(payload)));

package/cjs/lib/core/authorization/Event.js.map

@@ -1 +1 @@
-{"version":3,"file":"Event.js","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/Event.ts"],"names":[],"mappings":";;;;;AAEA,MAAa,KAAK;IAGhB,YAAqB,IAAe;QAAf,SAAI,GAAJ,IAAI,CAAW;QAFpC,2BAA0C,EAAE,EAAC;IAEN,CAAC;IAExC,WAAW,CAAC,QAAmC;QAC7C,+BAAA,IAAI,wBAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC/B,OAAO,GAAG,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IAC7C,CAAC;IAED,cAAc,CAAC,QAAmC;QAChD,+BAAA,IAAI,oBAAc,+BAAA,IAAI,wBAAW,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,KAAK,QAAQ,CAAC,MAAA,CAAC;IACpE,CAAC;IAEK,QAAQ,CAAC,OAAiB;;YAC9B,MAAM,OAAO,CAAC,GAAG,CAAC,+BAAA,IAAI,wBAAW,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QAC1E,CAAC;KAAA;CACF;AAjBD,sBAiBC"}
+{"version":3,"file":"Event.js","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/Event.ts"],"names":[],"mappings":";;;;;AAMA,MAAa,KAAK;IAGhB,YAAqB,IAAe;QAAf,SAAI,GAAJ,IAAI,CAAW;QAFpC,2BAA0C,EAAE,EAAC;IAEN,CAAC;IAExC,WAAW,CAAC,QAAmC;QAC7C,+BAAA,IAAI,wBAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC/B,OAAO,GAAG,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IAC7C,CAAC;IAED,cAAc,CAAC,QAAmC;QAChD,+BAAA,IAAI,oBAAc,+BAAA,IAAI,wBAAW,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,KAAK,QAAQ,CAAC,MAAA,CAAC;IACpE,CAAC;IAED,cAAc;QACZ,+BAAA,IAAI,oBAAc,EAAE,MAAA,CAAC;IACvB,CAAC;IAEK,QAAQ,CAAC,OAAiB;;YAC9B,MAAM,OAAO,CAAC,GAAG,CAAC,+BAAA,IAAI,wBAAW,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QAC1E,CAAC;KAAA;CACF;AArBD,sBAqBC"}

package/cjs/lib/core/authorization/RedirectTransport.d.ts

@@ -1,7 +1,13 @@
 import type IConfig from 'js-pkce/dist/IConfig';
+import type IObject from 'js-pkce/dist/IObject';
 export declare class RedirectTransport {
     #private;
-    constructor(options: IConfig);
+    constructor(options: IConfig & {
+        /**
+         * Additional parameters to be included in the query string of the authorization request.
+         */
+        params?: IObject;
+    });
     send(): void;
     getToken(): Promise<import("js-pkce/dist/ITokenResponse").default | undefined>;
 }

package/cjs/lib/core/authorization/RedirectTransport.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"RedirectTransport.d.ts","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/RedirectTransport.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,OAAO,MAAM,sBAAsB,CAAC;AAEhD,qBAAa,iBAAiB;;gBAGhB,OAAO,EAAE,OAAO;IAM5B,IAAI;IAIE,QAAQ;CAiBf"}
+{"version":3,"file":"RedirectTransport.d.ts","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/RedirectTransport.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,OAAO,MAAM,sBAAsB,CAAC;AAChD,OAAO,KAAK,OAAO,MAAM,sBAAsB,CAAC;AAEhD,qBAAa,iBAAiB;;gBAM1B,OAAO,EAAE,OAAO,GAAG;QACjB;;WAEG;QACH,MAAM,CAAC,EAAE,OAAO,CAAC;KAClB;IAWH,IAAI;IAIE,QAAQ;CAiBf"}

package/cjs/lib/core/authorization/RedirectTransport.js

@@ -1,5 +1,5 @@
 "use strict";
-var _RedirectTransport_pkce;
+var _RedirectTransport_pkce, _RedirectTransport_params;
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.RedirectTransport = void 0;
 const tslib_1 = require("tslib");
@@ -7,10 +7,13 @@ const js_pkce_1 = tslib_1.__importDefault(require("js-pkce"));
 class RedirectTransport {
     constructor(options) {
         _RedirectTransport_pkce.set(this, void 0);
-        tslib_1.__classPrivateFieldSet(this, _RedirectTransport_pkce, new js_pkce_1.default(Object.assign({}, options)), "f");
+        _RedirectTransport_params.set(this, {});
+        const { params } = options, config = tslib_1.__rest(options, ["params"]);
+        tslib_1.__classPrivateFieldSet(this, _RedirectTransport_pkce, new js_pkce_1.default(Object.assign({}, config)), "f");
+        tslib_1.__classPrivateFieldSet(this, _RedirectTransport_params, Object.assign({}, params), "f");
     }
     send() {
-        window.location.replace(tslib_1.__classPrivateFieldGet(this, _RedirectTransport_pkce, "f").authorizeUrl());
+        window.location.replace(tslib_1.__classPrivateFieldGet(this, _RedirectTransport_pkce, "f").authorizeUrl(tslib_1.__classPrivateFieldGet(this, _RedirectTransport_params, "f")));
     }
     getToken() {
         return tslib_1.__awaiter(this, void 0, void 0, function* () {
@@ -34,5 +37,5 @@ class RedirectTransport {
     }
 }
 exports.RedirectTransport = RedirectTransport;
-_RedirectTransport_pkce = new WeakMap();
+_RedirectTransport_pkce = new WeakMap(), _RedirectTransport_params = new WeakMap();
 //# sourceMappingURL=RedirectTransport.js.map

package/cjs/lib/core/authorization/RedirectTransport.js.map

@@ -1 +1 @@
-{"version":3,"file":"RedirectTransport.js","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/RedirectTransport.ts"],"names":[],"mappings":";;;;;AAAA,8DAA2B;AAG3B,MAAa,iBAAiB;IAG5B,YAAY,OAAgB;QAF5B,0CAAY;QAGV,+BAAA,IAAI,2BAAS,IAAI,iBAAI,mBAChB,OAAO,EACV,MAAA,CAAC;IACL,CAAC;IAED,IAAI;QACF,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,+BAAA,IAAI,+BAAM,CAAC,YAAY,EAAE,CAAC,CAAC;IACrD,CAAC;IAEK,QAAQ;;YACZ,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC1C,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAC/C,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC;gBAAE,OAAO,SAAS,CAAC;YAC1C,MAAM,QAAQ,GAAG,MAAM,+BAAA,IAAI,+BAAM,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;YACzE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;YACtB,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACvB,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;YAC/B;;;eAGG;YACH,cAAc,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;YACxC,cAAc,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;YAChD,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAC7B,OAAO,QAAQ,CAAC;QAClB,CAAC;KAAA;CACF;AA9BD,8CA8BC"}
+{"version":3,"file":"RedirectTransport.js","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/RedirectTransport.ts"],"names":[],"mappings":";;;;;AAAA,8DAA2B;AAI3B,MAAa,iBAAiB;IAK5B,YACE,OAKC;QAVH,0CAAY;QAEZ,oCAAmB,EAAE,EAAC;QAUpB,MAAM,EAAE,MAAM,KAAgB,OAAO,EAAlB,MAAM,kBAAK,OAAO,EAA/B,UAAqB,CAAU,CAAC;QACtC,+BAAA,IAAI,2BAAS,IAAI,iBAAI,mBAChB,MAAM,EACT,MAAA,CAAC;QACH,+BAAA,IAAI,+CACC,MAAM,OACV,CAAC;IACJ,CAAC;IAED,IAAI;QACF,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,+BAAA,IAAI,+BAAM,CAAC,YAAY,CAAC,+BAAA,IAAI,iCAAQ,CAAC,CAAC,CAAC;IACjE,CAAC;IAEK,QAAQ;;YACZ,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC1C,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAC/C,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC;gBAAE,OAAO,SAAS,CAAC;YAC1C,MAAM,QAAQ,GAAG,MAAM,+BAAA,IAAI,+BAAM,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;YACzE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;YACtB,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACvB,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;YAC/B;;;eAGG;YACH,cAAc,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;YACxC,cAAc,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;YAChD,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAC7B,OAAO,QAAQ,CAAC;QAClB,CAAC;KAAA;CACF;AA3CD,8CA2CC"}

package/cjs/lib/core/authorization/TokenLookup.d.ts

@@ -0,0 +1,12 @@
+import { Token } from '../../services/auth/index.js';
+import { AuthorizationManager } from './AuthorizationManager.js';
+export declare class TokenLookup {
+    #private;
+    constructor(options: {
+        manager: AuthorizationManager;
+    });
+    get auth(): Token | null;
+    get transfer(): Token | null;
+    get flows(): Token | null;
+}
+//# sourceMappingURL=TokenLookup.d.ts.map

package/cjs/lib/core/authorization/TokenLookup.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"TokenLookup.d.ts","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/TokenLookup.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,EAAU,MAAM,8BAA8B,CAAC;AAG7D,OAAO,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AAEjE,qBAAa,WAAW;;gBAGV,OAAO,EAAE;QAAE,OAAO,EAAE,oBAAoB,CAAA;KAAE;IAWtD,IAAI,IAAI,IAAI,KAAK,GAAG,IAAI,CAEvB;IAED,IAAI,QAAQ,IAAI,KAAK,GAAG,IAAI,CAE3B;IAED,IAAI,KAAK,IAAI,KAAK,GAAG,IAAI,CAExB;CACF"}

package/cjs/lib/core/authorization/TokenLookup.js

@@ -0,0 +1,31 @@
+"use strict";
+var _TokenLookup_instances, _TokenLookup_manager, _TokenLookup_getTokenForService;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.TokenLookup = void 0;
+const tslib_1 = require("tslib");
+const index_js_1 = require("../storage/index.js");
+const index_js_2 = require("../../services/auth/index.js");
+class TokenLookup {
+    constructor(options) {
+        _TokenLookup_instances.add(this);
+        _TokenLookup_manager.set(this, void 0);
+        tslib_1.__classPrivateFieldSet(this, _TokenLookup_manager, options.manager, "f");
+    }
+    get auth() {
+        return tslib_1.__classPrivateFieldGet(this, _TokenLookup_instances, "m", _TokenLookup_getTokenForService).call(this, 'AUTH');
+    }
+    get transfer() {
+        return tslib_1.__classPrivateFieldGet(this, _TokenLookup_instances, "m", _TokenLookup_getTokenForService).call(this, 'TRANSFER');
+    }
+    get flows() {
+        return tslib_1.__classPrivateFieldGet(this, _TokenLookup_instances, "m", _TokenLookup_getTokenForService).call(this, 'FLOWS');
+    }
+}
+exports.TokenLookup = TokenLookup;
+_TokenLookup_manager = new WeakMap(), _TokenLookup_instances = new WeakSet(), _TokenLookup_getTokenForService = function _TokenLookup_getTokenForService(service) {
+    var _a;
+    const resourceServer = (_a = index_js_2.CONFIG.RESOURCE_SERVERS) === null || _a === void 0 ? void 0 : _a[service];
+    const raw = (0, index_js_1.getStorage)().get(`${tslib_1.__classPrivateFieldGet(this, _TokenLookup_manager, "f").configuration.client_id}:${resourceServer}`) || 'null';
+    return JSON.parse(raw);
+};
+//# sourceMappingURL=TokenLookup.js.map

package/cjs/lib/core/authorization/TokenLookup.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"TokenLookup.js","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/TokenLookup.ts"],"names":[],"mappings":";;;;;AAAA,kDAAiD;AACjD,2DAA6D;AAK7D,MAAa,WAAW;IAGtB,YAAY,OAA0C;;QAFtD,uCAA+B;QAG7B,+BAAA,IAAI,wBAAY,OAAO,CAAC,OAAO,MAAA,CAAC;IAClC,CAAC;IASD,IAAI,IAAI;QACN,OAAO,+BAAA,IAAI,+DAAoB,MAAxB,IAAI,EAAqB,MAAM,CAAC,CAAC;IAC1C,CAAC;IAED,IAAI,QAAQ;QACV,OAAO,+BAAA,IAAI,+DAAoB,MAAxB,IAAI,EAAqB,UAAU,CAAC,CAAC;IAC9C,CAAC;IAED,IAAI,KAAK;QACP,OAAO,+BAAA,IAAI,+DAAoB,MAAxB,IAAI,EAAqB,OAAO,CAAC,CAAC;IAC3C,CAAC;CACF;AAzBD,kCAyBC;yJAlBqB,OAAwD;;IAC1E,MAAM,cAAc,GAAG,MAAA,iBAAM,CAAC,gBAAgB,0CAAG,OAAO,CAAC,CAAC;IAC1D,MAAM,GAAG,GACP,IAAA,qBAAU,GAAE,CAAC,GAAG,CAAC,GAAG,+BAAA,IAAI,4BAAS,CAAC,aAAa,CAAC,SAAS,IAAI,cAAc,EAAE,CAAC,IAAI,MAAM,CAAC;IAC3F,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AACzB,CAAC"}

package/cjs/lib/core/authorization/tokens.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"tokens.d.ts","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/tokens.ts"],"names":[],"mappings":"AASA;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,iBAM7C"}
+{"version":3,"file":"tokens.d.ts","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/tokens.ts"],"names":[],"mappings":"AASA;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,iBAO7C"}

package/cjs/lib/core/authorization/tokens.js

@@ -12,7 +12,8 @@ function isValidToken(check) {
  * @returns The token string for the given scope or null if no token is found.
  */
 function getTokenForScope(scope) {
-    const token = (0, index_js_1.getStorage)().get(scope);
+    const storageValue = (0, index_js_1.getStorage)().get(scope);
+    const token = storageValue ? JSON.parse(storageValue) : null;
     if (!token || !isValidToken(token)) {
         return null;
     }

package/cjs/lib/core/authorization/tokens.js.map

@@ -1 +1 @@
-{"version":3,"file":"tokens.js","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/tokens.ts"],"names":[],"mappings":";;;AAEA,kDAAiD;AAEjD,SAAS,YAAY,CAAC,KAAc;IAClC,MAAM,KAAK,GAAG,KAAc,CAAC;IAC7B,OAAO,OAAO,CAAC,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;AACzD,CAAC;AAED;;;;GAIG;AACH,SAAgB,gBAAgB,CAAC,KAAa;IAC5C,MAAM,KAAK,GAAG,IAAA,qBAAU,GAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACtC,IAAI,CAAC,KAAK,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,GAAG,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,YAAY,EAAE,CAAC;AACrD,CAAC;AAND,4CAMC"}
+{"version":3,"file":"tokens.js","sourceRoot":"","sources":["../../../../../src/lib/core/authorization/tokens.ts"],"names":[],"mappings":";;;AAEA,kDAAiD;AAEjD,SAAS,YAAY,CAAC,KAAc;IAClC,MAAM,KAAK,GAAG,KAAc,CAAC;IAC7B,OAAO,OAAO,CAAC,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;AACzD,CAAC;AAED;;;;GAIG;AACH,SAAgB,gBAAgB,CAAC,KAAa;IAC5C,MAAM,YAAY,GAAG,IAAA,qBAAU,GAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAC7C,MAAM,KAAK,GAAG,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAC7D,IAAI,CAAC,KAAK,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,GAAG,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,YAAY,EAAE,CAAC;AACrD,CAAC;AAPD,4CAOC"}

package/cjs/lib/core/errors.d.ts

@@ -2,4 +2,25 @@ export declare class EnvironmentConfigurationError extends Error {
     name: string;
     constructor(variable: string, value: unknown);
 }
+export type WellFormedError = {
+    code: string;
+    message: string;
+};
+export declare function isErrorWellFormed(test: unknown): test is WellFormedError;
+export type ConsentRequiredError = {
+    code: 'ConsentRequired';
+    required_scopes: string[];
+    [key: string]: unknown;
+};
+export declare function isConsentRequiredError(test: unknown): test is ConsentRequiredError;
+export type AuthorizationRequirementsError = {
+    authorization_parameters: {
+        session_message: string;
+        session_required_identities: string[];
+        session_required_mfa: boolean;
+        session_required_single_domain: string[];
+    };
+    [key: string]: unknown;
+};
+export declare function isAuthorizationRequirementsError(test: unknown): test is AuthorizationRequirementsError;
 //# sourceMappingURL=errors.d.ts.map

package/cjs/lib/core/errors.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../../../src/lib/core/errors.ts"],"names":[],"mappings":"AAAA,qBAAa,6BAA8B,SAAQ,KAAK;IAC7C,IAAI,SAAmC;gBAEpC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO;CAK7C"}
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../../../src/lib/core/errors.ts"],"names":[],"mappings":"AAAA,qBAAa,6BAA8B,SAAQ,KAAK;IAC7C,IAAI,SAAmC;gBAEpC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO;CAK7C;AAED,MAAM,MAAM,eAAe,GAAG;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,OAAO,GAAG,IAAI,IAAI,eAAe,CAExE;AAED,MAAM,MAAM,oBAAoB,GAAG;IACjC,IAAI,EAAE,iBAAiB,CAAC;IACxB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,OAAO,GAAG,IAAI,IAAI,oBAAoB,CAOlF;AAED,MAAM,MAAM,8BAA8B,GAAG;IAC3C,wBAAwB,EAAE;QACxB,eAAe,EAAE,MAAM,CAAC;QACxB,2BAA2B,EAAE,MAAM,EAAE,CAAC;QACtC,oBAAoB,EAAE,OAAO,CAAC;QAC9B,8BAA8B,EAAE,MAAM,EAAE,CAAC;KAC1C,CAAC;IACF,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF,wBAAgB,gCAAgC,CAC9C,IAAI,EAAE,OAAO,GACZ,IAAI,IAAI,8BAA8B,CAOxC"}

package/cjs/lib/core/errors.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.EnvironmentConfigurationError = void 0;
+exports.isAuthorizationRequirementsError = exports.isConsentRequiredError = exports.isErrorWellFormed = exports.EnvironmentConfigurationError = void 0;
 class EnvironmentConfigurationError extends Error {
     constructor(variable, value) {
         super();
@@ -10,4 +10,22 @@ class EnvironmentConfigurationError extends Error {
     }
 }
 exports.EnvironmentConfigurationError = EnvironmentConfigurationError;
+function isErrorWellFormed(test) {
+    return typeof test === 'object' && test !== null && 'code' in test && 'message' in test;
+}
+exports.isErrorWellFormed = isErrorWellFormed;
+function isConsentRequiredError(test) {
+    return (isErrorWellFormed(test) &&
+        test.code === 'ConsentRequired' &&
+        'required_scopes' in test &&
+        Array.isArray(test.required_scopes));
+}
+exports.isConsentRequiredError = isConsentRequiredError;
+function isAuthorizationRequirementsError(test) {
+    return (isErrorWellFormed(test) &&
+        'authorization_parameters' in test &&
+        typeof test.authorization_parameters === 'object' &&
+        test.authorization_parameters !== null);
+}
+exports.isAuthorizationRequirementsError = isAuthorizationRequirementsError;
 //# sourceMappingURL=errors.js.map

package/cjs/lib/core/errors.js.map

@@ -1 +1 @@
-{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../../../src/lib/core/errors.ts"],"names":[],"mappings":";;;AAAA,MAAa,6BAA8B,SAAQ,KAAK;IAGtD,YAAY,QAAgB,EAAE,KAAc;QAC1C,KAAK,EAAE,CAAC;QAHD,SAAI,GAAG,+BAA+B,CAAC;QAI9C,4EAA4E;QAC5E,IAAI,CAAC,OAAO,GAAG,4CAA4C,QAAQ,KAAK,KAAK,IAAI,CAAC;IACpF,CAAC;CACF;AARD,sEAQC"}
+{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../../../src/lib/core/errors.ts"],"names":[],"mappings":";;;AAAA,MAAa,6BAA8B,SAAQ,KAAK;IAGtD,YAAY,QAAgB,EAAE,KAAc;QAC1C,KAAK,EAAE,CAAC;QAHD,SAAI,GAAG,+BAA+B,CAAC;QAI9C,4EAA4E;QAC5E,IAAI,CAAC,OAAO,GAAG,4CAA4C,QAAQ,KAAK,KAAK,IAAI,CAAC;IACpF,CAAC;CACF;AARD,sEAQC;AAOD,SAAgB,iBAAiB,CAAC,IAAa;IAC7C,OAAO,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,IAAI,MAAM,IAAI,IAAI,IAAI,SAAS,IAAI,IAAI,CAAC;AAC1F,CAAC;AAFD,8CAEC;AAQD,SAAgB,sBAAsB,CAAC,IAAa;IAClD,OAAO,CACL,iBAAiB,CAAC,IAAI,CAAC;QACvB,IAAI,CAAC,IAAI,KAAK,iBAAiB;QAC/B,iBAAiB,IAAI,IAAI;QACzB,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CACpC,CAAC;AACJ,CAAC;AAPD,wDAOC;AAYD,SAAgB,gCAAgC,CAC9C,IAAa;IAEb,OAAO,CACL,iBAAiB,CAAC,IAAI,CAAC;QACvB,0BAA0B,IAAI,IAAI;QAClC,OAAO,IAAI,CAAC,wBAAwB,KAAK,QAAQ;QACjD,IAAI,CAAC,wBAAwB,KAAK,IAAI,CACvC,CAAC;AACJ,CAAC;AATD,4EASC"}