@naylence/runtime 0.4.5 → 0.4.7

package/dist/browser/index.cjs

@@ -525,12 +525,12 @@ async function ensureRuntimeFactoriesRegistered(registry = factory.Registry) {
 }
 
 // This file is auto-generated during build - do not edit manually
-// Generated from package.json version: 0.4.5
+// Generated from package.json version: 0.4.7
 /**
  * The package version, injected at build time.
  * @internal
  */
-const VERSION = '0.4.5';
+const VERSION = '0.4.7';
 
 let initialized = false;
 const runtimePlugin = {
@@ -3561,6 +3561,58 @@ class InMemoryFanoutBroker extends TaskSpawner {
     }
 }
 
+const registry = new Map();
+function normalizeKey$1(value, label) {
+    if (typeof value !== 'string') {
+        throw new Error(`${label} must be a non-empty string`);
+    }
+    const trimmed = value.trim();
+    if (!trimmed) {
+        throw new Error(`${label} must be a non-empty string`);
+    }
+    return trimmed;
+}
+function cloneConfig(value) {
+    return JSON.parse(JSON.stringify(value));
+}
+function registerProfile(baseType, name, config, options) {
+    const normalizedBase = normalizeKey$1(baseType, 'baseType');
+    const normalizedName = normalizeKey$1(name, 'profile name');
+    if (!config || typeof config !== 'object' || Array.isArray(config)) {
+        throw new Error(`Profile '${normalizedName}' config must be an object`);
+    }
+    const profiles = registry.get(normalizedBase) ?? new Map();
+    if (profiles.has(normalizedName) && options?.allowOverride !== true) {
+        const sourceLabel = options?.source ? ` (${options.source})` : '';
+        throw new Error(`Profile '${normalizedName}' already registered for ${normalizedBase}${sourceLabel}`);
+    }
+    profiles.set(normalizedName, config);
+    registry.set(normalizedBase, profiles);
+}
+function getProfile(baseType, name) {
+    const normalizedBase = normalizeKey$1(baseType, 'baseType');
+    const normalizedName = normalizeKey$1(name, 'profile name');
+    const profiles = registry.get(normalizedBase);
+    if (!profiles) {
+        return null;
+    }
+    const profile = profiles.get(normalizedName);
+    return profile ? cloneConfig(profile) : null;
+}
+function listProfiles(baseType) {
+    const normalizedBase = normalizeKey$1(baseType, 'baseType');
+    const profiles = registry.get(normalizedBase);
+    return profiles ? Array.from(profiles.keys()) : [];
+}
+function clearProfiles(baseType) {
+    if (!baseType) {
+        registry.clear();
+        return;
+    }
+    const normalizedBase = normalizeKey$1(baseType, 'baseType');
+    registry.delete(normalizedBase);
+}
+
 class InMemoryKeyValueStore {
     constructor() {
         this.store = new Map();
@@ -4202,15 +4254,8 @@ const INDEXEDDB_PROFILE_CONFIG = {
 ({
     dbDirectory: factory.Expressions.env(ENV_VAR_STORAGE_DB_DIRECTORY, './data/sqlite'),
     masterKey: factory.Expressions.env(ENV_VAR_STORAGE_MASTER_KEY)});
-// Base profile map with browser-safe options
-const BASE_PROFILE_MAP = {
-    [PROFILE_NAME_MEMORY]: MEMORY_PROFILE_CONFIG,
-    [PROFILE_NAME_INDEXEDDB]: INDEXEDDB_PROFILE_CONFIG,
-};
-// Extended profile map - can be augmented by Node.js environment
-const PROFILE_MAP$7 = {
-    ...BASE_PROFILE_MAP,
-};
+registerProfile(STORAGE_PROVIDER_FACTORY_BASE_TYPE, PROFILE_NAME_MEMORY, MEMORY_PROFILE_CONFIG, { source: 'storage-profile-factory' });
+registerProfile(STORAGE_PROVIDER_FACTORY_BASE_TYPE, PROFILE_NAME_INDEXEDDB, INDEXEDDB_PROFILE_CONFIG, { source: 'storage-profile-factory' });
 class StorageProfileFactory extends StorageProviderFactory {
     constructor() {
         super(...arguments);
@@ -4223,9 +4268,9 @@ class StorageProfileFactory extends StorageProviderFactory {
             type: 'StorageProfile',
         });
         const profileName = (parsed.profile ?? PROFILE_NAME_MEMORY).toLowerCase();
-        const profileConfig = PROFILE_MAP$7[profileName];
+        const profileConfig = getProfile(STORAGE_PROVIDER_FACTORY_BASE_TYPE, profileName);
         if (!profileConfig) {
-            throw new Error(`Unknown storage profile '${profileName}'. Supported profiles: ${Object.keys(PROFILE_MAP$7).join(', ')}`);
+            throw new Error(`Unknown storage profile '${profileName}'. Supported profiles: ${listProfiles(STORAGE_PROVIDER_FACTORY_BASE_TYPE).join(', ')}`);
         }
         const createOptions = {
             ...options,
@@ -16193,11 +16238,9 @@ const DEFAULT_PROFILE$1 = {
 const TOKEN_SUBJECT_PROFILE = {
     type: 'TokenSubjectNodeIdentityPolicy',
 };
-const PROFILE_MAP$6 = {
-    [PROFILE_NAME_DEFAULT$1]: DEFAULT_PROFILE$1,
-    [PROFILE_NAME_TOKEN_SUBJECT]: TOKEN_SUBJECT_PROFILE,
-    [PROFILE_NAME_TOKEN_SUBJECT_ALIAS]: TOKEN_SUBJECT_PROFILE,
-};
+registerProfile(NODE_IDENTITY_POLICY_FACTORY_BASE_TYPE, PROFILE_NAME_DEFAULT$1, DEFAULT_PROFILE$1, { source: 'node-identity-policy-profile-factory' });
+registerProfile(NODE_IDENTITY_POLICY_FACTORY_BASE_TYPE, PROFILE_NAME_TOKEN_SUBJECT, TOKEN_SUBJECT_PROFILE, { source: 'node-identity-policy-profile-factory' });
+registerProfile(NODE_IDENTITY_POLICY_FACTORY_BASE_TYPE, PROFILE_NAME_TOKEN_SUBJECT_ALIAS, TOKEN_SUBJECT_PROFILE, { source: 'node-identity-policy-profile-factory' });
 const FACTORY_META$19 = {
     base: NODE_IDENTITY_POLICY_FACTORY_BASE_TYPE,
     key: 'NodeIdentityPolicyProfile',
@@ -16234,14 +16277,11 @@ function normalizeConfig$x(config) {
     return { profile: normalizedProfile };
 }
 function resolveProfileConfig$5(profileName) {
-    const profile = PROFILE_MAP$6[profileName];
+    const profile = getProfile(NODE_IDENTITY_POLICY_FACTORY_BASE_TYPE, profileName);
     if (!profile) {
         throw new Error(`Unknown node identity policy profile: ${profileName}`);
     }
-    return deepClone$5(profile);
-}
-function deepClone$5(value) {
-    return JSON.parse(JSON.stringify(value));
+    return profile;
 }
 
 var nodeIdentityPolicyProfileFactory = /*#__PURE__*/Object.freeze({
@@ -21941,14 +21981,13 @@ const ENV_VAR_JWT_REVERSE_AUTH_AUDIENCE$1 = 'FAME_JWT_REVERSE_AUTH_AUDIENCE';
 const ENV_VAR_HMAC_SECRET$1 = 'FAME_HMAC_SECRET';
 const DEFAULT_REVERSE_AUTH_ISSUER = 'reverse-auth.naylence.ai';
 const DEFAULT_REVERSE_AUTH_AUDIENCE = 'dev.naylence.ai';
-const DEFAULT_VERIFIER_CONFIG = {
-    type: 'JWKSJWTTokenVerifier',
-    jwks_url: factory.Expressions.env(ENV_VAR_JWKS_URL$1),
-    issuer: factory.Expressions.env(ENV_VAR_JWT_TRUSTED_ISSUER$1),
-};
 const DEFAULT_PROFILE = {
     type: 'DefaultAuthorizer',
-    verifier: DEFAULT_VERIFIER_CONFIG,
+    verifier: {
+        type: 'JWKSJWTTokenVerifier',
+        jwks_url: factory.Expressions.env(ENV_VAR_JWKS_URL$1),
+        issuer: factory.Expressions.env(ENV_VAR_JWT_TRUSTED_ISSUER$1),
+    },
 };
 const OAUTH2_PROFILE = {
     type: 'OAuth2Authorizer',
@@ -21993,6 +22032,11 @@ const OAUTH2_CALLBACK_PROFILE = {
 const NOOP_PROFILE$2 = {
     type: 'NoopAuthorizer',
 };
+const DEFAULT_VERIFIER_CONFIG = {
+    type: 'JWKSJWTTokenVerifier',
+    jwks_url: factory.Expressions.env(ENV_VAR_JWKS_URL$1),
+    issuer: factory.Expressions.env(ENV_VAR_JWT_TRUSTED_ISSUER$1),
+};
 const DEFAULT_POLICY_SOURCE = {
     type: 'LocalFileAuthorizationPolicySource',
     path: factory.Expressions.env(ENV_VAR_AUTH_POLICY_PATH, './auth-policy.yaml'),
@@ -22003,14 +22047,12 @@ const POLICY_LOCALFILE_PROFILE = {
     verifier: DEFAULT_VERIFIER_CONFIG,
     policySource: DEFAULT_POLICY_SOURCE,
 };
-const PROFILE_MAP$5 = {
-    [PROFILE_NAME_DEFAULT]: DEFAULT_PROFILE,
-    [PROFILE_NAME_OAUTH2]: OAUTH2_PROFILE,
-    [PROFILE_NAME_OAUTH2_GATED]: OAUTH2_GATED_PROFILE,
-    [PROFILE_NAME_OAUTH2_CALLBACK]: OAUTH2_CALLBACK_PROFILE,
-    [PROFILE_NAME_POLICY_LOCALFILE]: POLICY_LOCALFILE_PROFILE,
-    [PROFILE_NAME_NOOP$2]: NOOP_PROFILE$2,
-};
+registerProfile(AUTHORIZER_FACTORY_BASE_TYPE, PROFILE_NAME_DEFAULT, DEFAULT_PROFILE, { source: 'authorization-profile-factory' });
+registerProfile(AUTHORIZER_FACTORY_BASE_TYPE, PROFILE_NAME_OAUTH2, OAUTH2_PROFILE, { source: 'authorization-profile-factory' });
+registerProfile(AUTHORIZER_FACTORY_BASE_TYPE, PROFILE_NAME_OAUTH2_GATED, OAUTH2_GATED_PROFILE, { source: 'authorization-profile-factory' });
+registerProfile(AUTHORIZER_FACTORY_BASE_TYPE, PROFILE_NAME_OAUTH2_CALLBACK, OAUTH2_CALLBACK_PROFILE, { source: 'authorization-profile-factory' });
+registerProfile(AUTHORIZER_FACTORY_BASE_TYPE, PROFILE_NAME_POLICY_LOCALFILE, POLICY_LOCALFILE_PROFILE, { source: 'authorization-profile-factory' });
+registerProfile(AUTHORIZER_FACTORY_BASE_TYPE, PROFILE_NAME_NOOP$2, NOOP_PROFILE$2, { source: 'authorization-profile-factory' });
 const PROFILE_ALIASES$1 = {
     jwt: PROFILE_NAME_DEFAULT,
     jwks: PROFILE_NAME_DEFAULT,
@@ -22044,13 +22086,55 @@ class AuthorizationProfileFactory extends AuthorizerFactory {
         logger$K.debug('enabling_authorization_profile', {
             profile: normalized.profile,
         });
-        const authorizer = await AuthorizerFactory.createAuthorizer(profileConfig, { factoryArgs });
+        // Extract CreateResourceOptions from factoryArgs - it's typically the last object with env/config/variables
+        const createOptions = extractCreateResourceOptions(factoryArgs);
+        // Only evaluate expressions if we have env/config/variables available
+        let evaluatedConfig = profileConfig;
+        const hasContext = createOptions.env || createOptions.config || createOptions.variables;
+        if (hasContext) {
+            // Build validation context from createOptions to evaluate expressions
+            const validationContext = {
+                env: createOptions.env,
+                config: createOptions.config,
+                variables: createOptions.variables,
+                allowUnknownProperties: true,
+            };
+            // Evaluate expressions in the profile config
+            const validationResult = factory.configValidator.validate(profileConfig, validationContext);
+            if (!validationResult.valid) {
+                const errorMessages = validationResult.errors
+                    .map((error) => `${error.path || 'root'}: ${error.message}`)
+                    .join('; ');
+                throw new Error(`Failed to evaluate authorization profile configuration: ${errorMessages}`);
+            }
+            evaluatedConfig = validationResult.config ?? profileConfig;
+        }
+        const authorizer = await AuthorizerFactory.createAuthorizer(evaluatedConfig, hasContext ? { validate: false } : { factoryArgs } // Pass factoryArgs if no validation was done
+        );
         if (!authorizer) {
             throw new Error(`Failed to create authorizer for profile: ${normalized.profile}`);
         }
         return authorizer;
     }
 }
+/**
+ * Extracts CreateResourceOptions from factoryArgs.
+ * The factory system passes CreateResourceOptions as an object in factoryArgs.
+ */
+function extractCreateResourceOptions(factoryArgs) {
+    // Find the last object argument that looks like CreateResourceOptions
+    for (let i = factoryArgs.length - 1; i >= 0; i--) {
+        const arg = factoryArgs[i];
+        if (arg && typeof arg === 'object' && !Array.isArray(arg)) {
+            const candidate = arg;
+            // Check if it has typical CreateResourceOptions properties
+            if ('env' in candidate || 'config' in candidate || 'variables' in candidate || 'factoryArgs' in candidate) {
+                return candidate;
+            }
+        }
+    }
+    return {};
+}
 function normalizeConfig$w(config) {
     if (!config) {
         return { profile: PROFILE_NAME_OAUTH2 };
@@ -22062,21 +22146,13 @@ function normalizeConfig$w(config) {
     return { profile: canonicalProfile };
 }
 function resolveProfileName$2(candidate) {
-    let direct = coerceProfileString$2(candidate.profile);
-    if (direct && factory.ExpressionEvaluator.isExpression(direct)) {
-        const evaluated = factory.ExpressionEvaluator.evaluate(direct);
-        direct = coerceProfileString$2(evaluated);
-    }
+    const direct = coerceProfileString$2(candidate.profile);
     if (direct) {
         return direct;
     }
     const legacyKeys = ['profile_name', 'profileName'];
     for (const legacyKey of legacyKeys) {
-        let legacyValue = coerceProfileString$2(candidate[legacyKey]);
-        if (legacyValue && factory.ExpressionEvaluator.isExpression(legacyValue)) {
-            const evaluated = factory.ExpressionEvaluator.evaluate(legacyValue);
-            legacyValue = coerceProfileString$2(evaluated);
-        }
+        const legacyValue = coerceProfileString$2(candidate[legacyKey]);
         if (legacyValue) {
             return legacyValue;
         }
@@ -22095,14 +22171,11 @@ function canonicalizeProfileName$1(value) {
     return PROFILE_ALIASES$1[normalized] ?? normalized;
 }
 function resolveProfileConfig$4(profileName) {
-    const profile = PROFILE_MAP$5[profileName];
+    const profile = getProfile(AUTHORIZER_FACTORY_BASE_TYPE, profileName);
     if (!profile) {
         throw new Error(`Unknown authorization profile: ${profileName}`);
     }
-    return deepClone$4(profile);
-}
-function deepClone$4(value) {
-    return JSON.parse(JSON.stringify(value));
+    return profile;
 }
 
 var authorizationProfileFactory = /*#__PURE__*/Object.freeze({
@@ -29906,14 +29979,12 @@ const OPEN_PROFILE$1 = {
         profile: factory.Expressions.env(ENV_VAR_AUTHORIZATION_PROFILE, 'noop'),
     },
 };
-const PROFILE_MAP$4 = {
-    [PROFILE_NAME_OVERLAY]: OVERLAY_PROFILE,
-    [PROFILE_NAME_OVERLAY_CALLBACK]: OVERLAY_CALLBACK_PROFILE,
-    [PROFILE_NAME_STRICT_OVERLAY]: STRICT_OVERLAY_PROFILE,
-    [PROFILE_NAME_GATED]: GATED_PROFILE,
-    [PROFILE_NAME_GATED_CALLBACK]: GATED_CALLBACK_PROFILE,
-    [PROFILE_NAME_OPEN$1]: OPEN_PROFILE$1,
-};
+registerProfile(SECURITY_MANAGER_FACTORY_BASE_TYPE, PROFILE_NAME_OVERLAY, OVERLAY_PROFILE, { source: 'node-security-profile-factory' });
+registerProfile(SECURITY_MANAGER_FACTORY_BASE_TYPE, PROFILE_NAME_OVERLAY_CALLBACK, OVERLAY_CALLBACK_PROFILE, { source: 'node-security-profile-factory' });
+registerProfile(SECURITY_MANAGER_FACTORY_BASE_TYPE, PROFILE_NAME_STRICT_OVERLAY, STRICT_OVERLAY_PROFILE, { source: 'node-security-profile-factory' });
+registerProfile(SECURITY_MANAGER_FACTORY_BASE_TYPE, PROFILE_NAME_GATED, GATED_PROFILE, { source: 'node-security-profile-factory' });
+registerProfile(SECURITY_MANAGER_FACTORY_BASE_TYPE, PROFILE_NAME_GATED_CALLBACK, GATED_CALLBACK_PROFILE, { source: 'node-security-profile-factory' });
+registerProfile(SECURITY_MANAGER_FACTORY_BASE_TYPE, PROFILE_NAME_OPEN$1, OPEN_PROFILE$1, { source: 'node-security-profile-factory' });
 const FACTORY_META$13 = {
     base: SECURITY_MANAGER_FACTORY_BASE_TYPE,
     key: 'SecurityProfile',
@@ -30020,14 +30091,11 @@ function normalizeProfile(config) {
     return value.toLowerCase();
 }
 function resolveProfileConfig$3(profileName) {
-    const template = PROFILE_MAP$4[profileName];
+    const template = getProfile(SECURITY_MANAGER_FACTORY_BASE_TYPE, profileName);
     if (!template) {
         throw new Error(`Unknown security profile: ${profileName}`);
     }
-    return deepClone$3(template);
-}
-function deepClone$3(value) {
-    return JSON.parse(JSON.stringify(value));
+    return template;
 }
 
 var nodeSecurityProfileFactory = /*#__PURE__*/Object.freeze({
@@ -33952,10 +34020,8 @@ const AT_LEAST_ONCE_PROFILE = {
 const AT_MOST_ONCE_PROFILE = {
     type: 'AtMostOnceDeliveryPolicy',
 };
-const PROFILE_MAP$3 = {
-    [PROFILE_NAME_AT_LEAST_ONCE]: AT_LEAST_ONCE_PROFILE,
-    [PROFILE_NAME_AT_MOST_ONCE]: AT_MOST_ONCE_PROFILE,
-};
+registerProfile(DELIVERY_POLICY_FACTORY_BASE_TYPE, PROFILE_NAME_AT_LEAST_ONCE, AT_LEAST_ONCE_PROFILE, { source: 'delivery-profile-factory' });
+registerProfile(DELIVERY_POLICY_FACTORY_BASE_TYPE, PROFILE_NAME_AT_MOST_ONCE, AT_MOST_ONCE_PROFILE, { source: 'delivery-profile-factory' });
 class DeliveryProfileFactory extends DeliveryPolicyFactory {
     constructor() {
         super(...arguments);
@@ -34004,14 +34070,11 @@ function coerceProfileString$1(value) {
     return trimmed.length > 0 ? trimmed : null;
 }
 function resolveProfileConfig$2(profileName) {
-    const profile = PROFILE_MAP$3[profileName];
+    const profile = getProfile(DELIVERY_POLICY_FACTORY_BASE_TYPE, profileName);
     if (!profile) {
         throw new Error(`Unknown delivery profile: ${profileName}`);
     }
-    return deepClone$2(profile);
-}
-function deepClone$2(value) {
-    return JSON.parse(JSON.stringify(value));
+    return profile;
 }
 const FACTORY_META$S = {
     base: DELIVERY_POLICY_FACTORY_BASE_TYPE,
@@ -34448,20 +34511,18 @@ const NOOP_PROFILE$1 = {
     auto_accept_logicals: true,
     autoAcceptLogicals: true,
 };
-const PROFILE_MAP$2 = {
-    [PROFILE_NAME_WELCOME]: WELCOME_SERVICE_PROFILE,
-    [PROFILE_NAME_WELCOME_PKCE]: WELCOME_SERVICE_PKCE_PROFILE,
-    [PROFILE_NAME_WELCOME_PKCE_ALIAS]: WELCOME_SERVICE_PKCE_PROFILE,
-    [PROFILE_NAME_DIRECT]: DIRECT_PROFILE,
-    [PROFILE_NAME_DIRECT_PKCE]: DIRECT_PKCE_PROFILE,
-    [PROFILE_NAME_DIRECT_PKCE_ALIAS]: DIRECT_PKCE_PROFILE,
-    [PROFILE_NAME_DIRECT_HTTP]: DIRECT_HTTP_PROFILE,
-    [PROFILE_NAME_DIRECT_INPAGE]: DIRECT_INPAGE_PROFILE,
-    [PROFILE_NAME_DIRECT_INPAGE_ALIAS]: DIRECT_INPAGE_PROFILE,
-    [PROFILE_NAME_OPEN]: OPEN_PROFILE,
-    [PROFILE_NAME_NOOP$1]: NOOP_PROFILE$1,
-    [PROFILE_NAME_NONE]: NOOP_PROFILE$1,
-};
+registerProfile(ADMISSION_CLIENT_FACTORY_BASE_TYPE, PROFILE_NAME_WELCOME, WELCOME_SERVICE_PROFILE, { source: 'admission-profile-factory' });
+registerProfile(ADMISSION_CLIENT_FACTORY_BASE_TYPE, PROFILE_NAME_WELCOME_PKCE, WELCOME_SERVICE_PKCE_PROFILE, { source: 'admission-profile-factory' });
+registerProfile(ADMISSION_CLIENT_FACTORY_BASE_TYPE, PROFILE_NAME_WELCOME_PKCE_ALIAS, WELCOME_SERVICE_PKCE_PROFILE, { source: 'admission-profile-factory' });
+registerProfile(ADMISSION_CLIENT_FACTORY_BASE_TYPE, PROFILE_NAME_DIRECT, DIRECT_PROFILE, { source: 'admission-profile-factory' });
+registerProfile(ADMISSION_CLIENT_FACTORY_BASE_TYPE, PROFILE_NAME_DIRECT_PKCE, DIRECT_PKCE_PROFILE, { source: 'admission-profile-factory' });
+registerProfile(ADMISSION_CLIENT_FACTORY_BASE_TYPE, PROFILE_NAME_DIRECT_PKCE_ALIAS, DIRECT_PKCE_PROFILE, { source: 'admission-profile-factory' });
+registerProfile(ADMISSION_CLIENT_FACTORY_BASE_TYPE, PROFILE_NAME_DIRECT_HTTP, DIRECT_HTTP_PROFILE, { source: 'admission-profile-factory' });
+registerProfile(ADMISSION_CLIENT_FACTORY_BASE_TYPE, PROFILE_NAME_DIRECT_INPAGE, DIRECT_INPAGE_PROFILE, { source: 'admission-profile-factory' });
+registerProfile(ADMISSION_CLIENT_FACTORY_BASE_TYPE, PROFILE_NAME_DIRECT_INPAGE_ALIAS, DIRECT_INPAGE_PROFILE, { source: 'admission-profile-factory' });
+registerProfile(ADMISSION_CLIENT_FACTORY_BASE_TYPE, PROFILE_NAME_OPEN, OPEN_PROFILE, { source: 'admission-profile-factory' });
+registerProfile(ADMISSION_CLIENT_FACTORY_BASE_TYPE, PROFILE_NAME_NOOP$1, NOOP_PROFILE$1, { source: 'admission-profile-factory' });
+registerProfile(ADMISSION_CLIENT_FACTORY_BASE_TYPE, PROFILE_NAME_NONE, NOOP_PROFILE$1, { source: 'admission-profile-factory' });
 const FACTORY_META$Q = {
     base: ADMISSION_CLIENT_FACTORY_BASE_TYPE,
     key: 'AdmissionProfile',
@@ -34498,14 +34559,11 @@ function normalizeConfig$p(config) {
     return { profile: normalizedProfile };
 }
 function resolveProfileConfig$1(profileName) {
-    const profile = PROFILE_MAP$2[profileName];
+    const profile = getProfile(ADMISSION_CLIENT_FACTORY_BASE_TYPE, profileName);
     if (!profile) {
         throw new Error(`Unknown admission profile: ${profileName}`);
     }
-    return deepClone$1(profile);
-}
-function deepClone$1(value) {
-    return JSON.parse(JSON.stringify(value));
+    return profile;
 }
 
 var admissionProfileFactory = /*#__PURE__*/Object.freeze({
@@ -37415,7 +37473,7 @@ class DefaultSecurityManagerFactory extends SecurityManagerFactory {
         }
         if (!authorizer) {
             authorizer =
-                await DefaultSecurityManagerFactory.createAuthorizerFromConfig(config, policy);
+                await DefaultSecurityManagerFactory.createAuthorizerFromConfig(config, policy, createOptions);
         }
         if (authorizer &&
             eventListeners &&
@@ -37646,14 +37704,14 @@ class DefaultSecurityManagerFactory extends SecurityManagerFactory {
         }
         return null;
     }
-    static async createAuthorizerFromConfig(config, policy) {
+    static async createAuthorizerFromConfig(config, policy, createOptions) {
         let authorizerConfig = config.authorizer ?? null;
         if (!authorizerConfig) {
             authorizerConfig = config.authorizer_config ?? null;
         }
         if (authorizerConfig &&
             DefaultSecurityManagerFactory.isConfigLike(authorizerConfig)) {
-            return ((await AuthorizerFactory.createAuthorizer(authorizerConfig)) ?? null);
+            return ((await AuthorizerFactory.createAuthorizer(authorizerConfig, createOptions ?? undefined)) ?? null);
         }
         try {
             const requirements = policy.requirements?.();
@@ -37669,6 +37727,7 @@ class DefaultSecurityManagerFactory extends SecurityManagerFactory {
             }
             const tokenVerifier = new NoopTokenVerifier();
             return ((await AuthorizerFactory.createAuthorizer(null, {
+                ...createOptions,
                 factoryArgs: [tokenVerifier],
             })) ?? null);
         }
@@ -38830,6 +38889,11 @@ const STICKY_HRW_PROFILE = {
 const DEVELOPMENT_PROFILE$1 = {
     type: 'RoundRobinLoadBalancingStrategy',
 };
+registerProfile(LOAD_BALANCING_STRATEGY_FACTORY_BASE, PROFILE_NAME_RANDOM, RANDOM_PROFILE, { source: 'load-balancing-profile-factory' });
+registerProfile(LOAD_BALANCING_STRATEGY_FACTORY_BASE, PROFILE_NAME_ROUND_ROBIN, ROUND_ROBIN_PROFILE, { source: 'load-balancing-profile-factory' });
+registerProfile(LOAD_BALANCING_STRATEGY_FACTORY_BASE, PROFILE_NAME_HRW, HRW_PROFILE, { source: 'load-balancing-profile-factory' });
+registerProfile(LOAD_BALANCING_STRATEGY_FACTORY_BASE, PROFILE_NAME_STICKY_HRW, STICKY_HRW_PROFILE, { source: 'load-balancing-profile-factory' });
+registerProfile(LOAD_BALANCING_STRATEGY_FACTORY_BASE, PROFILE_NAME_DEVELOPMENT$1, DEVELOPMENT_PROFILE$1, { source: 'load-balancing-profile-factory' });
 const FACTORY_META$7 = {
     base: LOAD_BALANCING_STRATEGY_FACTORY_BASE,
     key: 'LoadBalancingProfile',
@@ -38884,20 +38948,11 @@ class LoadBalancingProfileFactory extends LoadBalancingStrategyFactory {
         return undefined;
     }
     resolveProfile(profile) {
-        switch (profile) {
-            case PROFILE_NAME_RANDOM:
-                return RANDOM_PROFILE;
-            case PROFILE_NAME_ROUND_ROBIN:
-                return ROUND_ROBIN_PROFILE;
-            case PROFILE_NAME_HRW:
-                return HRW_PROFILE;
-            case PROFILE_NAME_STICKY_HRW:
-                return STICKY_HRW_PROFILE;
-            case PROFILE_NAME_DEVELOPMENT$1:
-                return DEVELOPMENT_PROFILE$1;
-            default:
-                throw new Error(`Unknown load balancing profile: ${profile}`);
+        const strategyConfig = getProfile(LOAD_BALANCING_STRATEGY_FACTORY_BASE, profile);
+        if (!strategyConfig) {
+            throw new Error(`Unknown load balancing profile: ${profile}`);
         }
+        return strategyConfig;
     }
 }
 
@@ -39066,13 +39121,11 @@ const HYBRID_ONLY_PROFILE = {
     type: 'HybridPathRoutingPolicy',
     loadBalancingStrategy: { type: 'HRWLoadBalancingStrategy' },
 };
-const PROFILE_MAP$1 = {
-    [PROFILE_NAME_DEVELOPMENT]: DEVELOPMENT_PROFILE,
-    [PROFILE_NAME_PRODUCTION]: PRODUCTION_PROFILE,
-    [PROFILE_NAME_BASIC]: BASIC_PROFILE,
-    [PROFILE_NAME_CAPABILITY_AWARE]: CAPABILITY_AWARE_PROFILE,
-    [PROFILE_NAME_HYBRID_ONLY]: HYBRID_ONLY_PROFILE,
-};
+registerProfile(ROUTING_POLICY_FACTORY_BASE, PROFILE_NAME_DEVELOPMENT, DEVELOPMENT_PROFILE, { source: 'routing-profile-factory' });
+registerProfile(ROUTING_POLICY_FACTORY_BASE, PROFILE_NAME_PRODUCTION, PRODUCTION_PROFILE, { source: 'routing-profile-factory' });
+registerProfile(ROUTING_POLICY_FACTORY_BASE, PROFILE_NAME_BASIC, BASIC_PROFILE, { source: 'routing-profile-factory' });
+registerProfile(ROUTING_POLICY_FACTORY_BASE, PROFILE_NAME_CAPABILITY_AWARE, CAPABILITY_AWARE_PROFILE, { source: 'routing-profile-factory' });
+registerProfile(ROUTING_POLICY_FACTORY_BASE, PROFILE_NAME_HYBRID_ONLY, HYBRID_ONLY_PROFILE, { source: 'routing-profile-factory' });
 const FACTORY_META$3 = {
     base: ROUTING_POLICY_FACTORY_BASE,
     key: 'RoutingProfile',
@@ -39127,7 +39180,7 @@ class RoutingProfileFactory extends RoutingPolicyFactory {
         return undefined;
     }
     getProfileConfig(profile) {
-        const routingConfig = PROFILE_MAP$1[profile];
+        const routingConfig = getProfile(ROUTING_POLICY_FACTORY_BASE, profile);
         if (!routingConfig) {
             throw new Error('Unknown routing profile');
         }
@@ -39677,10 +39730,8 @@ const OPEN_TELEMETRY_PROFILE = {
     serviceName: factory.Expressions.env(ENV_VAR_TELEMETRY_SERVICE_NAME, 'naylence-service'),
     headers: {},
 };
-const PROFILE_MAP = {
-    [PROFILE_NAME_NOOP]: NOOP_PROFILE,
-    [PROFILE_NAME_OPEN_TELEMETRY]: OPEN_TELEMETRY_PROFILE,
-};
+registerProfile(TRACE_EMITTER_FACTORY_BASE_TYPE, PROFILE_NAME_NOOP, NOOP_PROFILE, { source: 'trace-emitter-profile-factory' });
+registerProfile(TRACE_EMITTER_FACTORY_BASE_TYPE, PROFILE_NAME_OPEN_TELEMETRY, OPEN_TELEMETRY_PROFILE, { source: 'trace-emitter-profile-factory' });
 const FACTORY_META = {
     base: TRACE_EMITTER_FACTORY_BASE_TYPE,
     key: 'TraceEmitterProfile',
@@ -39749,14 +39800,11 @@ function canonicalizeProfileName(value) {
     return PROFILE_ALIASES[normalized] ?? normalized;
 }
 function resolveProfileConfig(profileName) {
-    const profile = PROFILE_MAP[profileName];
+    const profile = getProfile(TRACE_EMITTER_FACTORY_BASE_TYPE, profileName);
     if (!profile) {
         throw new Error(`Unknown trace emitter profile: ${profileName}`);
     }
-    return deepClone(profile);
-}
-function deepClone(value) {
-    return JSON.parse(JSON.stringify(value));
+    return profile;
 }
 
 var traceEmitterProfileFactory = /*#__PURE__*/Object.freeze({
@@ -44020,6 +44068,7 @@ exports.broadcastChannelGrantToConnectorConfig = broadcastChannelGrantToConnecto
 exports.camelToSnakeCase = camelToSnakeCase;
 exports.canonicalJson = canonicalJson;
 exports.capitalizeFirstLetter = capitalizeFirstLetter;
+exports.clearProfiles = clearProfiles;
 exports.color = color;
 exports.compareCryptoLevels = compareCryptoLevels;
 exports.compileGlobOnlyScopeRequirement = compileGlobOnlyScopeRequirement;
@@ -44066,6 +44115,7 @@ exports.getFameRoot = getFameRoot;
 exports.getKeyProvider = getKeyProvider;
 exports.getKeyStore = getKeyStore;
 exports.getLogger = getLogger;
+exports.getProfile = getProfile;
 exports.hasCryptoSupport = hasCryptoSupport;
 exports.hostnameToLogical = hostnameToLogical;
 exports.hostnamesToLogicals = hostnamesToLogicals;
@@ -44094,6 +44144,7 @@ exports.isTokenProvider = isTokenProvider;
 exports.isTokenValid = isTokenValid;
 exports.isWebSocketConnectionGrant = isWebSocketConnectionGrant;
 exports.jsonDumps = jsonDumps;
+exports.listProfiles = listProfiles;
 exports.logicalPatternsToDnsConstraints = logicalPatternsToDnsConstraints;
 exports.logicalToHostname = logicalToHostname;
 exports.logicalsToHostnames = logicalsToHostnames;
@@ -44128,6 +44179,7 @@ exports.prettyModel = prettyModel$1;
 exports.registerDefaultFactories = registerDefaultFactories;
 exports.registerDefaultKeyStoreFactory = registerDefaultKeyStoreFactory;
 exports.registerNodePlacementStrategyFactory = registerNodePlacementStrategyFactory;
+exports.registerProfile = registerProfile;
 exports.registerRuntimeFactories = registerRuntimeFactories;
 exports.requireCryptoSupport = requireCryptoSupport;
 exports.retryWithBackoff = retryWithBackoff;