@microsoft/agents-hosting 1.1.0-alpha.5 → 1.1.0-alpha.75

package/src/app/auth/handlers/azureBotAuthorization.ts

@@ -0,0 +1,599 @@
+/**
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License.
+ */
+
+import { debug } from '@microsoft/agents-activity/logger'
+import { AuthorizationHandlerStatus, AuthorizationHandler, ActiveAuthorizationHandler, AuthorizationHandlerSettings, AuthorizationHandlerTokenOptions } from '../types'
+import { MessageFactory } from '../../../messageFactory'
+import { CardFactory } from '../../../cards'
+import { TurnContext } from '../../../turnContext'
+import { TokenExchangeRequest, TokenExchangeInvokeResponse, TokenResponse, UserTokenClient } from '../../../oauth'
+import jwt, { JwtPayload } from 'jsonwebtoken'
+import { HandlerStorage } from '../handlerStorage'
+import { Activity, ActivityTypes, Channels } from '@microsoft/agents-activity'
+import { InvokeResponse, TokenExchangeInvokeRequest } from '../../../invoke'
+
+const logger = debug('agents:authorization:azurebot')
+
+const DEFAULT_SIGN_IN_ATTEMPTS = 2
+
+enum Category {
+  SIGNIN = 'signin',
+  UNKNOWN = 'unknown',
+}
+
+/**
+ * Active handler manager information.
+ */
+export interface AzureBotActiveHandler extends ActiveAuthorizationHandler {
+  /**
+   * The number of attempts left for the handler to process in case of failure.
+   */
+  attemptsLeft: number
+  /**
+   * The current category of the handler.
+   */
+  category?: Category
+}
+
+/**
+ * Messages configuration for the AzureBotAuthorization handler.
+ */
+export interface AzureBotAuthorizationOptionsMessages {
+  /**
+   * Message displayed when an invalid code is entered.
+   * Use `{code}` as a placeholder for the entered code.
+   * Defaults to: 'The code entered is invalid. Please sign-in again to continue.'
+   */
+  invalidCode?: string
+  /**
+   * Message displayed when the entered code format is invalid.
+   * Use `{attemptsLeft}` as a placeholder for the number of attempts left.
+   * Defaults to: 'Please enter a valid **6-digit** code format (_e.g. 123456_).\r\n**{attemptsLeft} attempt(s) left...**'
+   */
+  invalidCodeFormat?: string
+  /**
+   * Message displayed when the maximum number of attempts is exceeded.
+   * Use `{maxAttempts}` as a placeholder for the maximum number of attempts.
+   * Defaults to: 'You have exceeded the maximum number of sign-in attempts ({maxAttempts}).'
+   */
+  maxAttemptsExceeded?: string
+}
+
+/**
+ * Settings for on-behalf-of token acquisition.
+ */
+export interface AzureBotAuthorizationOptionsOBO {
+  /**
+   * Connection name to use for on-behalf-of token acquisition.
+   */
+  connection?: string
+  /**
+   * Scopes to request for on-behalf-of token acquisition.
+   */
+  scopes?: string[]
+}
+
+/**
+ * Interface defining an authorization handler configuration.
+ */
+export interface AzureBotAuthorizationOptions {
+  /**
+   * The type of authorization handler.
+   * This property is optional and should not be set when configuring this handler.
+   * It is included here for completeness and type safety.
+   */
+  type?: undefined
+  /**
+   * Connection name for the auth provider.
+   * @remarks
+   * When using environment variables, this can be set using the `${authHandlerId}_connectionName` variable.
+   */
+  name?: string,
+  /**
+   * Title to display on auth cards/UI.
+   * @remarks
+   * When using environment variables, this can be set using the `${authHandlerId}_connectionTitle` variable.
+   */
+  title?: string,
+  /**
+   * Text to display on auth cards/UI.
+   * @remarks
+   * When using environment variables, this can be set using the `${authHandlerId}_connectionText` variable.
+   */
+  text?: string,
+  /**
+   * Maximum number of attempts for entering the magic code. Defaults to 2.
+   * @remarks
+   * When using environment variables, this can be set using the `${authHandlerId}_maxAttempts` variable.
+   */
+  maxAttempts?: number
+  /**
+   * Messages to display for various authentication scenarios.
+   * @remarks
+   * When using environment variables, these can be set using the following variables:
+   * - `${authHandlerId}_messages_invalidCode`
+   * - `${authHandlerId}_messages_invalidCodeFormat`
+   * - `${authHandlerId}_messages_maxAttemptsExceeded`
+   */
+  messages?: AzureBotAuthorizationOptionsMessages
+  /**
+   * Settings for on-behalf-of token acquisition.
+   * @remarks
+   * When using environment variables, these can be set using the following variables:
+   * - `${authHandlerId}_obo_connection`
+   * - `${authHandlerId}_obo_scopes` (comma-separated values, e.g. `scope1,scope2`)
+   */
+  obo?: AzureBotAuthorizationOptionsOBO
+}
+
+/**
+ * Settings for configuring the AzureBot authorization handler.
+ */
+export interface AzureBotAuthorizationSettings extends AuthorizationHandlerSettings {}
+
+/**
+ * Interface for token verification state.
+ */
+interface TokenVerifyState {
+  state: string
+}
+
+/**
+ * Interface for sign-in failure value.
+ */
+interface SignInFailureValue {
+  code: string
+  message: string
+}
+
+/**
+ * Default implementation of an authorization handler using Azure Bot Service.
+ */
+export class AzureBotAuthorization implements AuthorizationHandler {
+  private _options: AzureBotAuthorizationOptions
+  private _onSuccess?: Parameters<AuthorizationHandler['onSuccess']>[0]
+  private _onFailure?: Parameters<AuthorizationHandler['onFailure']>[0]
+
+  /**
+   * Creates an instance of the AzureBotAuthorization.
+   * @param id The unique identifier for the handler.
+   * @param options The settings for the handler.
+   * @param app The agent application instance.
+   */
+  constructor (public readonly id: string, options: AzureBotAuthorizationOptions, private settings: AzureBotAuthorizationSettings) {
+    if (!this.settings.storage) {
+      throw new Error(this.prefix('The \'storage\' option is not available in the app options. Ensure that the app is properly configured.'))
+    }
+
+    if (!this.settings.connections) {
+      throw new Error(this.prefix('The \'connections\' option is not available in the app options. Ensure that the app is properly configured.'))
+    }
+
+    this._options = this.loadOptions(options)
+  }
+
+  /**
+   * Loads and validates the authorization handler options.
+   */
+  private loadOptions (settings: AzureBotAuthorizationOptions) {
+    const result: AzureBotAuthorizationOptions = {
+      name: settings.name ?? (process.env[`${this.id}_connectionName`]),
+      title: settings.title ?? (process.env[`${this.id}_connectionTitle`]) ?? 'Sign-in',
+      text: settings.text ?? (process.env[`${this.id}_connectionText`]) ?? 'Please sign-in to continue',
+      maxAttempts: settings.maxAttempts ?? parseInt(process.env[`${this.id}_maxAttempts`]!),
+      messages: {
+        invalidCode: settings.messages?.invalidCode ?? process.env[`${this.id}_messages_invalidCode`],
+        invalidCodeFormat: settings.messages?.invalidCodeFormat ?? process.env[`${this.id}_messages_invalidCodeFormat`],
+        maxAttemptsExceeded: settings.messages?.maxAttemptsExceeded ?? process.env[`${this.id}_messages_maxAttemptsExceeded`],
+      },
+      obo: {
+        connection: settings.obo?.connection ?? process.env[`${this.id}_obo_connection`],
+        scopes: settings.obo?.scopes ?? this.loadScopes(process.env[`${this.id}_obo_scopes`]),
+      }
+    }
+
+    if (!result.name) {
+      throw new Error(this.prefix(`The 'name' property or '${this.id}_connectionName' env variable is required to initialize the handler.`))
+    }
+
+    return result
+  }
+
+  /**
+   * Maximum number of attempts for magic code entry.
+   */
+  private get maxAttempts (): number {
+    const attempts = this._options.maxAttempts
+    const result = typeof attempts === 'number' && Number.isFinite(attempts) ? Math.round(attempts) : NaN
+    return result > 0 ? result : DEFAULT_SIGN_IN_ATTEMPTS
+  }
+
+  /**
+   * Sets a handler to be called when a user successfully signs in.
+   * @param callback The callback function to be invoked on successful sign-in.
+   */
+  onSuccess (callback: (context: TurnContext) => Promise<void> | void): void {
+    this._onSuccess = callback
+  }
+
+  /**
+   * Sets a handler to be called when a user fails to sign in.
+   * @param callback The callback function to be invoked on sign-in failure.
+   */
+  onFailure (callback: (context: TurnContext, reason?: string) => Promise<void> | void): void {
+    this._onFailure = callback
+  }
+
+  /**
+   * Retrieves the token for the user, optionally using on-behalf-of flow for specified scopes.
+   * @param context The turn context.
+   * @param options Optional options for token acquisition, including connection and scopes for on-behalf-of flow.
+   * @returns The token response containing the token or undefined if not available.
+   */
+  async token (context: TurnContext, options?: AuthorizationHandlerTokenOptions): Promise<TokenResponse> {
+    let { token } = this.getContext(context)
+
+    if (!token?.trim()) {
+      const { activity } = context
+
+      const userTokenClient = await this.getUserTokenClient(context)
+      // Using getTokenOrSignInResource instead of getUserToken to avoid HTTP 404 errors.
+      const { tokenResponse } = await userTokenClient.getTokenOrSignInResource(activity.from?.id!, this._options.name!, activity.channelId!, activity.getConversationReference(), activity.relatesTo!, '')
+      token = tokenResponse?.token
+    }
+
+    if (!token?.trim()) {
+      return { token: undefined }
+    }
+
+    return await this.handleOBO(token, options)
+  }
+
+  /**
+   * Signs out the user from the service.
+   * @param context The turn context.
+   * @returns True if the signout was successful, false otherwise.
+   */
+  async signout (context: TurnContext): Promise<boolean> {
+    const user = context.activity.from?.id
+    const channel = context.activity.channelId
+    const connection = this._options.name!
+
+    if (!channel || !user) {
+      throw new Error(this.prefix('Both \'activity.channelId\' and \'activity.from.id\' are required to perform signout.'))
+    }
+
+    logger.debug(this.prefix(`Signing out User '${user}' from => Channel: '${channel}', Connection: '${connection}'`), context.activity)
+    const userTokenClient = await this.getUserTokenClient(context)
+    await userTokenClient.signOut(user, connection, channel)
+    return true
+  }
+
+  /**
+   * Initiates the sign-in process for the handler.
+   * @param context The turn context.
+   * @param active Optional active handler data.
+   * @returns The status of the sign-in attempt.
+   */
+  async signin (context: TurnContext, active?: AzureBotActiveHandler): Promise<AuthorizationHandlerStatus> {
+    const { activity } = context
+    const [category] = activity.name?.split('/') ?? [Category.UNKNOWN]
+
+    const storage = new HandlerStorage<AzureBotActiveHandler>(this.settings.storage, context)
+
+    if (!active) {
+      return this.setToken(storage, context)
+    }
+
+    logger.debug(this.prefix('Sign-in active session detected'), active.activity)
+
+    if (active.activity.conversation?.id !== activity.conversation?.id) {
+      await this.sendInvokeResponse(context, { status: 400 })
+      logger.warn(this.prefix('Discarding the active session due to the conversation has changed during an active sign-in process'), activity)
+      return AuthorizationHandlerStatus.IGNORED
+    }
+
+    if (active.attemptsLeft <= 0) {
+      logger.warn(this.prefix('Maximum sign-in attempts exceeded'), activity)
+      await context.sendActivity(MessageFactory.text(this.messages.maxAttemptsExceeded(this.maxAttempts)))
+      return AuthorizationHandlerStatus.REJECTED
+    }
+
+    if (category === Category.SIGNIN) {
+      await storage.write({ ...active, category })
+      const status = await this.handleSignInActivities(context)
+      if (status !== AuthorizationHandlerStatus.IGNORED) {
+        return status
+      }
+    } else if (active.category === Category.SIGNIN) {
+      // This is only for safety in case of unexpected behaviors during the MS Teams sign-in process,
+      // e.g., user interrupts the flow by clicking the Consent Cancel button.
+      logger.warn(this.prefix('The incoming activity will be revalidated due to a change in the sign-in flow'), activity)
+      return AuthorizationHandlerStatus.REVALIDATE
+    }
+
+    const { status, code } = await this.codeVerification(storage, context, active)
+    if (status !== AuthorizationHandlerStatus.APPROVED) {
+      return status
+    }
+
+    try {
+      const result = await this.setToken(storage, context, active, code)
+      if (result !== AuthorizationHandlerStatus.APPROVED) {
+        await this.sendInvokeResponse(context, { status: 404 })
+        return result
+      }
+
+      await this.sendInvokeResponse(context, { status: 200 })
+      await this._onSuccess?.(context)
+      return result
+    } catch (error) {
+      await this.sendInvokeResponse(context, { status: 500 })
+      if (error instanceof Error) {
+        error.message = this.prefix(error.message)
+      }
+      throw error
+    }
+  }
+
+  /**
+   * Handles on-behalf-of token acquisition.
+   */
+  private async handleOBO (token:string, options?: AuthorizationHandlerTokenOptions): Promise<TokenResponse> {
+    const oboConnection = options?.connection ?? this._options.obo?.connection
+    const oboScopes = options?.scopes && options.scopes.length > 0 ? options.scopes : this._options.obo?.scopes
+
+    if (!oboScopes || oboScopes.length === 0) {
+      return { token }
+    }
+
+    if (!this.isExchangeable(token)) {
+      throw new Error(this.prefix('The current token is not exchangeable for an on-behalf-of flow. Ensure the token audience starts with \'api://\'.'))
+    }
+
+    try {
+      const provider = oboConnection ? this.settings.connections.getConnection(oboConnection) : this.settings.connections.getDefaultConnection()
+      const newToken = await provider.acquireTokenOnBehalfOf(oboScopes, token)
+      logger.debug(this.prefix('Successfully acquired on-behalf-of token'), { connection: oboConnection, scopes: oboScopes })
+      return { token: newToken }
+    } catch (error) {
+      logger.error(this.prefix('Failed to exchange on-behalf-of token'), { connection: oboConnection, scopes: oboScopes }, error)
+      return { token: undefined }
+    }
+  }
+
+  /**
+   * Checks if a token is exchangeable for an on-behalf-of flow.
+   */
+  private isExchangeable (token: string | undefined): boolean {
+    if (!token || typeof token !== 'string') {
+      return false
+    }
+    const payload = jwt.decode(token) as JwtPayload
+    const audiences = Array.isArray(payload.aud) ? payload.aud : [payload.aud]
+    return audiences.some(aud => typeof aud === 'string' && aud.startsWith('api://'))
+  }
+
+  /**
+   * Sets the token from the token response or initiates the sign-in flow.
+   */
+  private async setToken (storage: HandlerStorage<AzureBotActiveHandler>, context: TurnContext, active?: AzureBotActiveHandler, code?: string): Promise<AuthorizationHandlerStatus> {
+    const { activity } = context
+
+    const userTokenClient = await this.getUserTokenClient(context)
+    const { tokenResponse, signInResource } = await userTokenClient.getTokenOrSignInResource(activity.from?.id!, this._options.name!, activity.channelId!, activity.getConversationReference(), activity.relatesTo!, code ?? '')
+
+    if (!tokenResponse && active) {
+      logger.warn(this.prefix('Invalid code entered. Restarting sign-in flow'), activity)
+      await context.sendActivity(MessageFactory.text(this.messages.invalidCode(code ?? '')))
+      return AuthorizationHandlerStatus.REJECTED
+    }
+
+    if (!tokenResponse) {
+      logger.debug(this.prefix('Cannot find token. Sending sign-in card'), activity)
+      const oCard = CardFactory.oauthCard(this._options.name!, this._options.title!, this._options.text!, signInResource)
+      await context.sendActivity(MessageFactory.attachment(oCard))
+      await storage.write({ activity, id: this.id, ...(active ?? {}), attemptsLeft: this.maxAttempts })
+      return AuthorizationHandlerStatus.PENDING
+    }
+
+    logger.debug(this.prefix('Successfully acquired token'), activity)
+    this.setContext(context, { token: tokenResponse.token })
+    return AuthorizationHandlerStatus.APPROVED
+  }
+
+  /**
+   * Handles sign-in related activities.
+   */
+  private async handleSignInActivities (context: TurnContext): Promise<AuthorizationHandlerStatus> {
+    const { activity } = context
+
+    // Ignore signin/verifyState here (handled in codeVerification).
+    if (activity.name === 'signin/verifyState') {
+      return AuthorizationHandlerStatus.IGNORED
+    }
+
+    const userTokenClient = await this.getUserTokenClient(context)
+
+    if (activity.name === 'signin/tokenExchange') {
+      const tokenExchangeInvokeRequest = activity.value as TokenExchangeInvokeRequest
+      const tokenExchangeRequest: TokenExchangeRequest = { token: tokenExchangeInvokeRequest.token }
+
+      if (!tokenExchangeRequest?.token) {
+        const reason = 'The Agent received an InvokeActivity that is missing a TokenExchangeInvokeRequest value. This is required to be sent with the InvokeActivity.'
+        await this.sendInvokeResponse<TokenExchangeInvokeResponse>(context, {
+          status: 400,
+          body: { connectionName: this._options.name!, failureDetail: reason }
+        })
+        logger.error(this.prefix(reason))
+        await this._onFailure?.(context, reason)
+        return AuthorizationHandlerStatus.REJECTED
+      }
+
+      if (tokenExchangeInvokeRequest.connectionName !== this._options.name) {
+        const reason = `The Agent received an InvokeActivity with a TokenExchangeInvokeRequest for a different connection name ('${tokenExchangeInvokeRequest.connectionName}') than expected ('${this._options.name}').`
+        await this.sendInvokeResponse<TokenExchangeInvokeResponse>(context, {
+          status: 400,
+          body: { id: tokenExchangeInvokeRequest.id, connectionName: this._options.name!, failureDetail: reason }
+        })
+        logger.error(this.prefix(reason))
+        await this._onFailure?.(context, reason)
+        return AuthorizationHandlerStatus.REJECTED
+      }
+
+      const { token } = await userTokenClient.exchangeTokenAsync(activity.from?.id!, this._options.name!, activity.channelId!, tokenExchangeRequest)
+      if (!token) {
+        const reason = 'The MS Teams token service didn\'t send back the exchanged token. Waiting for MS Teams to send another signin/tokenExchange request. After multiple failed attempts, the user will be asked to enter the magic code.'
+        await this.sendInvokeResponse<TokenExchangeInvokeResponse>(context, {
+          status: 412,
+          body: { id: tokenExchangeInvokeRequest.id, connectionName: this._options.name!, failureDetail: reason }
+        })
+        logger.debug(this.prefix(reason))
+        return AuthorizationHandlerStatus.PENDING
+      }
+
+      await this.sendInvokeResponse<TokenExchangeInvokeResponse>(context, {
+        status: 200,
+        body: { id: tokenExchangeInvokeRequest.id, connectionName: this._options.name! }
+      })
+      logger.debug(this.prefix('Successfully exchanged token'))
+      this.setContext(context, { token })
+      await this._onSuccess?.(context)
+      return AuthorizationHandlerStatus.APPROVED
+    }
+
+    if (activity.name === 'signin/failure') {
+      await this.sendInvokeResponse(context, { status: 200 })
+      const reason = 'Failed to sign-in'
+      const value = activity.value as SignInFailureValue
+      logger.error(this.prefix(reason), value, activity)
+      if (this._onFailure) {
+        await this._onFailure(context, value.message || reason)
+      } else {
+        await context.sendActivity(MessageFactory.text(`${reason}. Please try again.`))
+      }
+      return AuthorizationHandlerStatus.REJECTED
+    }
+
+    logger.error(this.prefix(`Unknown sign-in activity name: ${activity.name}`), activity)
+    return AuthorizationHandlerStatus.REJECTED
+  }
+
+  /**
+   * Verifies the magic code provided by the user.
+   */
+  private async codeVerification (storage: HandlerStorage<AzureBotActiveHandler>, context: TurnContext, active?: AzureBotActiveHandler): Promise<{ status: AuthorizationHandlerStatus, code?: string }> {
+    if (!active) {
+      logger.debug(this.prefix('No active session found. Skipping code verification.'), context.activity)
+      return { status: AuthorizationHandlerStatus.IGNORED }
+    }
+
+    const { activity } = context
+    let state: string | undefined = activity.text
+
+    if (activity.name === 'signin/verifyState') {
+      logger.debug(this.prefix('Getting code from activity.value'), activity)
+      const { state: teamsState } = activity.value as TokenVerifyState
+      state = teamsState
+    }
+
+    if (state === 'CancelledByUser') {
+      await this.sendInvokeResponse(context, { status: 200 })
+      logger.warn(this.prefix('Sign-in process was cancelled by the user'), activity)
+      return { status: AuthorizationHandlerStatus.REJECTED }
+    }
+
+    if (!state?.match(/^\d{6}$/)) {
+      logger.warn(this.prefix(`Invalid magic code entered. Attempts left: ${active.attemptsLeft}`), activity)
+      await context.sendActivity(MessageFactory.text(this.messages.invalidCodeFormat(active.attemptsLeft)))
+      await storage.write({ ...active, attemptsLeft: active.attemptsLeft - 1 })
+      return { status: AuthorizationHandlerStatus.PENDING }
+    }
+
+    await this.sendInvokeResponse(context, { status: 200 })
+    logger.debug(this.prefix('Code verification successful'), activity)
+    return { status: AuthorizationHandlerStatus.APPROVED, code: state }
+  }
+
+  private _key = `${AzureBotAuthorization.name}/${this.id}`
+
+  /**
+   * Sets the authorization context in the turn state.
+   */
+  private setContext (context: TurnContext, data: TokenResponse) {
+    return context.turnState.set(this._key, () => data)
+  }
+
+  /**
+   * Gets the authorization context from the turn state.
+   */
+  private getContext (context: TurnContext): TokenResponse {
+    const result = context.turnState.get(this._key)
+    return result?.() ?? { token: undefined }
+  }
+
+  /**
+   * Gets the user token client from the turn context.
+   */
+  private async getUserTokenClient (context: TurnContext): Promise<UserTokenClient> {
+    const userTokenClient = context.turnState.get<UserTokenClient>(context.adapter.UserTokenClientKey)
+    if (!userTokenClient) {
+      throw new Error(this.prefix('The \'userTokenClient\' is not available in the adapter. Ensure that the adapter supports user token operations.'))
+    }
+    return userTokenClient
+  }
+
+  /**
+   * Sends an InvokeResponse activity if the channel is Microsoft Teams.
+   */
+  private sendInvokeResponse <T>(context: TurnContext, response: InvokeResponse<T>) {
+    if (context.activity.channelId !== Channels.Msteams) {
+      return Promise.resolve()
+    }
+
+    return context.sendActivity(Activity.fromObject({
+      type: ActivityTypes.InvokeResponse,
+      value: response
+    }))
+  }
+
+  /**
+   * Prefixes a message with the handler ID.
+   */
+  private prefix (message: string) {
+    return `[handler:${this.id}] ${message}`
+  }
+
+  /**
+   * Predefined messages with dynamic placeholders.
+   */
+  private messages = {
+    invalidCode: (code: string) => {
+      const message = this._options.messages?.invalidCode ?? 'Invalid **{code}** code entered. Please try again with a new sign-in request.'
+      return message.replaceAll('{code}', code)
+    },
+    invalidCodeFormat: (attemptsLeft: number) => {
+      const message = this._options.messages?.invalidCodeFormat ?? 'Please enter a valid **6-digit** code format (_e.g. 123456_).\r\n**{attemptsLeft} attempt(s) left...**'
+      return message.replaceAll('{attemptsLeft}', attemptsLeft.toString())
+    },
+    maxAttemptsExceeded: (maxAttempts: number) => {
+      const message = this._options.messages?.maxAttemptsExceeded ?? 'You have exceeded the maximum number of sign-in attempts ({maxAttempts}). Please try again with a new sign-in request.'
+      return message.replaceAll('{maxAttempts}', maxAttempts.toString())
+    },
+  }
+
+  /**
+   * Loads the OAuth scopes from the environment variables.
+   */
+  private loadScopes (value:string | undefined): string[] {
+    return value?.split(',').reduce<string[]>((acc, scope) => {
+      const trimmed = scope.trim()
+      if (trimmed) {
+        acc.push(trimmed)
+      }
+      return acc
+    }, []) ?? []
+  }
+}

package/src/app/auth/handlers/index.ts

@@ -0,0 +1,2 @@
+export * from './azureBotAuthorization'
+export * from './agenticAuthorization'

package/src/app/auth/index.ts

@@ -0,0 +1,2 @@
+export * from './authorization'
+export * from './authorizationManager'