@odx/auth 17.2.0 → 18.0.0

package/index.d.ts

@@ -1,15 +1,744 @@
-export * from './lib/auth.component';
-export * from './lib/auth.config';
-export * from './lib/auth.directive';
-export * from './lib/auth.guard';
-export * from './lib/auth.interceptor';
-export * from './lib/auth.module';
-export * from './lib/auth.providers';
-export * from './lib/auth.service';
-export * from './lib/auth.typings';
-export * from './lib/components';
-export * from './lib/directives';
-export * from './lib/helpers';
-export * from './lib/models';
-export * from './lib/plugins';
-export * from './lib/unauth.guard';
+import * as i0 from '@angular/core';
+import { AfterViewInit, TemplateRef, EventEmitter, InjectionToken, Provider, EnvironmentProviders } from '@angular/core';
+import * as rxjs from 'rxjs';
+import { Observable, OperatorFunction } from 'rxjs';
+import * as _odx_auth from '@odx/auth';
+import { DropdownOptions } from '@odx/angular/components/dropdown';
+import * as angular_oauth2_oidc from 'angular-oauth2-oidc';
+import { OAuthErrorEvent, OAuthStorage, AuthConfig as AuthConfig$1, TokenResponse, OAuthEvent } from 'angular-oauth2-oidc';
+import { HttpRequest, HttpContextToken, HttpInterceptorFn } from '@angular/common/http';
+import { Router, CanActivateFn } from '@angular/router';
+import * as _odx_angular_utils from '@odx/angular/utils';
+import { ConfigDependencies, ConfigProvider } from '@odx/angular/utils';
+import { DynamicTextContent, DynamicViewService } from '@odx/angular/cdk/dynamic-view';
+import * as i1 from '@angular/common';
+import { NgIfContext } from '@angular/common';
+import * as i1$1 from '@odx/angular/components/loading-spinner';
+import { LanguageLoaderFn } from '@odx/angular/localization';
+
+type AuthEnvironment = (typeof AuthEnvironment)[keyof typeof AuthEnvironment];
+declare const AuthEnvironment: {
+    readonly DEV: "dev";
+    readonly STAGE: "stage";
+    readonly PROD: "prod";
+};
+
+type AuthPlugin = (authService: AuthService) => Observable<Partial<OdxAuth.AuthPluginResult>>;
+type AuthPluginFactory = () => AuthPlugin;
+type AuthPluginError = unknown;
+type AuthPluginErrorHandler = (error: AuthPluginError) => void;
+declare class AuthPluginManager {
+    private readonly authConfig;
+    private readonly pluginsErrorHandler;
+    private readonly plugins;
+    private readonly result$$;
+    readonly pluginsReady$: Observable<boolean>;
+    readonly pluginsLoading$: Observable<boolean>;
+    runPlugins(authService: AuthService): Observable<OdxAuth.AuthPluginResult>;
+    getResult(): OdxAuth.AuthPluginResult;
+    private handlePluginError;
+    private runPlugin;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AuthPluginManager, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<AuthPluginManager>;
+}
+
+type AuthorizedHandler = (identityClaims: OdxAuth.IdentityClaims | null, authService: AuthService, router?: Router | null) => boolean;
+
+declare const AUTH_HTTP_HEADER = "Authorization";
+declare const ODX_AUTH_DEFAULT_SCOPES: string[];
+declare const ODX_AUTH_HOSTS: Record<AuthEnvironment, string>;
+declare const ODX_AUTH_USER_PROFILE_HOSTS: Record<AuthEnvironment, string>;
+type AuthErrorHandlerFn = (error: OAuthErrorEvent) => void;
+type ResolveUsernameFn = (rawClaims: OdxAuth.RawIdentityClaims) => string;
+type ResolveEmailFn = (rawClaims: OdxAuth.RawIdentityClaims) => string;
+type CreateInitialsFn = (value: string) => string;
+/**
+ * Tools for injecting and providing the auth configuration with default configuration for the authentication.
+ *
+ * @example
+ * // Providing custom authentication configuration.
+ * ```ts
+ *   import { createInitials, resolveEmail, resolveUsername } from './helpers';
+ *
+ *   providers: [provideAuthConfig({
+ *        environment: 'dev',
+ *        redirectPath: 'login/callback',
+ *        allowedUrls: [],
+ *        timeoutFactor: 0.75,
+ *        maxOfflineTime: 60 * 60, // 1 hour
+ *        loadUserProfile: false,
+ *        errorHandler: (error) => {
+ *          throw error;
+ *        },
+ *        createInitials,
+ *        resolveEmail,
+ *        resolveUsername,
+ *        plugins: [],
+ *        defaultAuthorizedHandler: null,
+ *        enableLoadingScreen: true,
+ *        loadingScreenMessage: 'Loading...',
+ *        waitForTokenInMs: 500,
+ *
+ *    })],
+ *
+ * // Injecting the datepicker configuration.
+ * ```ts
+ * @Component({})
+ * export class MyComponent {
+ *  constructor(@Inject(injectAuthConfig()) private readonly authConfig: AuthConfig) {}
+ * }
+ * ```
+ */
+declare const AuthDefaultConfig: AuthConfig;
+/**
+ * Configuration options for the authentication module.
+ *
+ * @interface AuthConfig
+ */
+interface AuthConfig {
+    environment: AuthEnvironment;
+    clientId?: string;
+    issuer?: string;
+    redirectPath: string;
+    allowedUrls: Array<string | RegExp>;
+    timeoutFactor: number;
+    maxOfflineTime: number;
+    loadUserProfile: boolean;
+    postLogoutRedirectUrl?: string;
+    scopes?: string[];
+    discoveryUrl?: string;
+    errorHandler: AuthErrorHandlerFn;
+    createInitials: CreateInitialsFn;
+    resolveEmail: ResolveEmailFn;
+    resolveUsername: ResolveUsernameFn;
+    storage?: OAuthStorage;
+    plugins: AuthPluginFactory[];
+    pluginsErrorHandler?: (error: unknown) => void;
+    defaultAuthorizedHandler?: AuthorizedHandler | null;
+    enableLoadingScreen: boolean;
+    refreshTokenOnInit?: boolean;
+    loadingScreenMessage?: DynamicTextContent | null;
+    userProfileUrl?: string;
+    requireSignIn?: boolean;
+    requireSignInForRequests?: boolean;
+    waitForTokenInMs?: number;
+    showDebugInformation?: boolean;
+    pluginTimeout?: number;
+}
+declare const AuthConfig: i0.InjectionToken<Partial<AuthConfig>>;
+declare const injectAuthConfig: () => AuthConfig;
+declare const provideAuthConfig: <D extends _odx_angular_utils.ConfigDependencies = _odx_angular_utils.ConfigDependencies<Partial<AuthConfig>>>(config: _odx_angular_utils.ConfigProvider<Partial<AuthConfig>, D>) => i0.FactoryProvider | i0.ValueProvider;
+
+declare const offlineAuthErrorHandler: AuthErrorHandlerFn;
+
+/**
+ * The `AuthService` class provides authentication functionality for an Angular application.
+ * It handles OAuth2/OIDC authentication, token management, and user identity claims.
+ *
+ * Key responsibilities include:
+ * - Initializing authentication with a provided configuration.
+ * - Managing tokens (access, refresh, and ID tokens).
+ * - Checking and emitting authentication and authorization states.
+ * - Handling user login and logout flows.
+ * - Supporting silent refresh and offline authentication scenarios.
+ * - Integrating authentication plugins via `AuthPluginManager`.
+ *
+ * @example
+ * ```typescript
+ * // Injecting the AuthService
+ * constructor(private authService: AuthService) {}
+ *
+ * // Using the AuthService to initialize authentication
+ * async ngOnInit() {
+ *   const config: AuthConfig = { clientId: 'your-client-id', discoveryUrl: 'https://example.com/.well-known/openid-configuration' };
+ *   await this.authService.initialize(config);
+ * }
+ * ```
+ */
+declare class AuthService {
+    private readonly authConfig;
+    private readonly authPluginManager;
+    private readonly oauthService;
+    private readonly router;
+    private readonly windowRef;
+    private readonly isInitialized$$;
+    private readonly isRedirecting$$;
+    private readonly onAccessTokenUpdate$;
+    private readonly silentRefreshHandler$;
+    private readonly onAuthStateChange$;
+    /**
+     * Emits `true` when the service has completed initialization.
+     * Emits `false` until the initialization is complete.
+     *
+     * @type {Observable<boolean>}
+     */
+    readonly isInitialized$: Observable<true>;
+    /**
+     * Emits `true` when the user is being redirected to the login page.
+     * Emits `false` when there is no redirection in progress.
+     *
+     * @type {Observable<boolean>}
+     */
+    readonly isRedirecting$: Observable<boolean>;
+    /**
+     * Emits `true` when the application is in a loading state (e.g., during redirection or plugin initialization).
+     * Emits `false` when there is no ongoing loading activity.
+     *
+     * @type {Observable<boolean>}
+     */
+    readonly isLoading$: Observable<boolean>;
+    /**
+     * Emits `true` when the user is authenticated.
+     * Emits `false` when the user is not authenticated.
+     *
+     * @type {Observable<boolean>}
+     */
+    readonly isAuthenticated$: Observable<boolean>;
+    /**
+     * Emits the identity claims of the authenticated user.
+     * If the user is not authenticated, emits `null`.
+     *
+     * @type {Observable<OdxAuth.IdentityClaims | null>}
+     */
+    readonly identityClaims$: Observable<OdxAuth.IdentityClaims | null>;
+    /**
+     * Emits OAuth error events.
+     *
+     * @type {Observable<OAuthErrorEvent>}
+     */
+    readonly errors$: Observable<OAuthErrorEvent>;
+    /**
+     * Emits events when an OAuth token is successfully received.
+     *
+     * @type {Observable<Event>}
+     */
+    readonly onTokenReceived$: Observable<angular_oauth2_oidc.OAuthEvent>;
+    /**
+     * Emits whenever the `access_token` in local storage is updated or cleared.
+     * Provides an observable for tracking token updates.
+     *
+     * @type {Observable<StorageEvent | null>}
+     */
+    get accessTokenUpdate$(): Observable<StorageEvent | null>;
+    constructor();
+    /**
+     * Initializes the authentication service with the provided configuration.
+     *
+     * @param {AuthConfig} config - The authentication configuration object.
+     * @returns {Promise<void>} Resolves when initialization is complete.
+     */
+    initialize(config: AuthConfig$1): Promise<void>;
+    /**
+     * Runs all authentication plugins registered in the `AuthPluginManager`.
+     */
+    runPlugins(): void;
+    /**
+     * Returns the issuer URL for the OAuth server.
+     *
+     * @returns {URL} The issuer URL.
+     */
+    getIssuer(): URL;
+    /**
+     * Initiates the login flow for the user. Redirects to the login page.
+     *
+     * @param {string} [url] - The URL to redirect back to after login.
+     */
+    signIn(url?: string): void;
+    /**
+     * Logs the user out and clears their tokens.
+     *
+     * @param {boolean} [noRedirect] - If `true`, no redirection occurs after logout.
+     */
+    signOut(noRedirect?: boolean): void;
+    /**
+     * Attempts to refresh the user's tokens.
+     *
+     * @returns {Promise<TokenResponse>} Resolves with the new token response.
+     */
+    refreshTokens(): Promise<TokenResponse>;
+    /**
+     * Retrieves the current access token, if available.
+     *
+     * @returns {string | null} The access token, or `null` if not available.
+     */
+    getAccessToken(): string | null;
+    /**
+     * Retrieves the current refresh token, if available.
+     *
+     * @returns {string | null} The refresh token, or `null` if not available.
+     */
+    getRefreshToken(): string | null;
+    /**
+     * Retrieves the current ID token, if available.
+     *
+     * @returns {string | null} The ID token, or `null` if not available.
+     */
+    getIdToken(): string | null;
+    /**
+     * Retrieves the identity claims of the authenticated user.
+     *
+     * @returns {OdxAuth.IdentityClaims | null} The identity claims, or `null` if not available.
+     */
+    getIdentityClaims(): OdxAuth.IdentityClaims | null;
+    /**
+     * Retrieves the raw identity claims of the authenticated user.
+     *
+     * @returns {OdxAuth.RawIdentityClaims | null} The raw identity claims, or `null` if not available.
+     */
+    getRawIdentityClaims(): OdxAuth.RawIdentityClaims | null;
+    /**
+     * Checks if the user is currently authenticated.
+     *
+     * @returns {boolean} `true` if authenticated, otherwise `false`.
+     */
+    isAuthenticated(): boolean;
+    /**
+     * Checks if the user is authorized based on the provided handler.
+     *
+     * @param {AuthorizedHandler | null} [authorizedHandler] - A handler to determine authorization.
+     * @returns {boolean} `true` if authorized, otherwise `false`.
+     */
+    isAuthorized(authorizedHandler?: AuthorizedHandler | null): boolean;
+    /**
+     * Emits whether the user is authorized based on the provided handler.
+     *
+     * @param {AuthorizedHandler | null} [authorizedHandler] - A handler to determine authorization.
+     * @returns {Observable<boolean>} An observable emitting the authorization status.
+     */
+    isAuthorized$(authorizedHandler?: AuthorizedHandler | null): Observable<boolean>;
+    /**
+     * Prepares an HTTP request by adding the access token to its headers.
+     *
+     * @param {HttpRequest<T> | Request} req - The HTTP request to prepare.
+     * @param {boolean} requireSignIn - Whether to require the user to sign in if no token is available.
+     * @returns {Observable<R>} An observable emitting the prepared request.
+     * @template R, T
+     */
+    prepareAuthRequest$<R extends HttpRequest<T> | Request, T>(req: R, requireSignIn?: boolean): Observable<R>;
+    /**
+     * Waits for a valid access token to become available.
+     *
+     * @param {boolean} requireSignIn - Whether to require the user to sign in if no token is available.
+     * @returns {Observable<string | null>} An observable emitting the access token.
+     */
+    waitForAccessToken$(requireSignIn: boolean): Observable<string | null>;
+    private routeToRequestedUrl;
+    private hasValidOfflineToken;
+    private redirectToLogin;
+    private tryLoadUserProfile;
+    private tryRefreshToken;
+    private assertAudience;
+    private updateSilentRefresh;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AuthService, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<AuthService>;
+}
+
+declare class AuthComponent {
+    protected readonly authConfig: _odx_auth.AuthConfig;
+    protected readonly authService: AuthService;
+    protected readonly dropdownOptions: Partial<DropdownOptions>;
+    protected readonly vm$: rxjs.Observable<{
+        idClaims: OdxAuth.IdentityClaims | null;
+        isAuthenticated: boolean;
+    }>;
+    /**
+     * Whether to hide the institution information.
+     *
+     * @type {InputSignal<boolean>}
+     */
+    readonly hideInstitution: i0.InputSignal<boolean>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AuthComponent, never>;
+    static ɵcmp: i0.ɵɵComponentDeclaration<AuthComponent, "odx-auth", never, { "hideInstitution": { "alias": "hideInstitution"; "required": false; "isSignal": true; }; }, {}, never, ["*"], true, never>;
+}
+
+declare class AuthDirective implements AfterViewInit {
+    private readonly authService;
+    private readonly ngIfDirective;
+    private readonly takeUntilDestroyed;
+    /**
+     * The authorization handler or a string representing the handler.
+     *
+     * @type {AuthorizedHandler | null | string}
+     */
+    authorizationHandler?: AuthorizedHandler | null | string;
+    /**
+     * Sets the template to be displayed when the authorization check fails.
+     *
+     * @param {TemplateRef<NgIfContext<unknown>>} value - The template reference.
+     */
+    set elseTemplate(value: TemplateRef<NgIfContext<unknown>>);
+    ngAfterViewInit(): void;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AuthDirective, never>;
+    static ɵdir: i0.ɵɵDirectiveDeclaration<AuthDirective, "ng-template[odxAuth]", never, { "authorizationHandler": { "alias": "odxAuth"; "required": false; }; "elseTemplate": { "alias": "odxAuthElse"; "required": false; }; }, {}, never, never, true, [{ directive: typeof i1.NgIf; inputs: {}; outputs: {}; }]>;
+}
+
+/**
+ * Guard function to protect routes from unauthorized access.
+ *
+ * @param {AuthorizedHandler} [authorizedHandler] - Optional handler to check if the user is authorized.
+ * @param {string | any[]} [redirectTo] - Optional URL or route to redirect unauthorized users to. Can be a string or an array of strings.
+ * @param {boolean} [isExternal=false] - Optional flag to indicate if the redirection should be external. Defaults to false.
+ * @returns {CanActivateFn} A function that implements the CanActivateFn interface.
+ */
+declare function authGuard(authorizedHandler?: AuthorizedHandler, redirectTo?: any[] | string, isExternal?: boolean): CanActivateFn;
+
+declare const requireAuthentication: HttpContextToken<boolean>;
+/**
+ * Interceptor to handle authentication for HTTP requests.
+ *
+ * This interceptor checks if the request URL is allowed or if the request requires authentication.
+ * If the URL is not allowed and the request does not require authentication, it simply forwards the request.
+ * Otherwise, it prepares the authentication request using the AuthService.
+ */
+declare const authInterceptor: HttpInterceptorFn;
+
+/**
+ * An abstract directive that integrates with the `LoadingSpinnerDirective` and `AuthService` to manage loading states based on authentication redirection.
+ *
+ * This directive automatically sets the `autoColor` property of the `LoadingSpinnerDirective` to `true` and subscribes to the `isRedirecting$` observable from the `AuthService`.
+ * When `isRedirecting$` emits a value, it updates the `isLoading` property of the `LoadingSpinnerDirective`.
+ */
+declare abstract class AuthActionDirective implements AfterViewInit {
+    private readonly takeUntilDestroyed;
+    private readonly loadingSpinnerDirective;
+    protected readonly authService: AuthService;
+    ngAfterViewInit(): void;
+    protected abstract handleClick(): void;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AuthActionDirective, never>;
+    static ɵdir: i0.ɵɵDirectiveDeclaration<AuthActionDirective, never, never, {}, {}, never, never, true, never>;
+}
+
+/**
+ * A directive that handles the sign-in action for a button element.
+ *
+ * This directive extends the `AuthActionDirective` and uses the `LoadingSpinnerDirective`
+ * to show a loading spinner during the sign-in process.
+ *
+ * @see {AuthActionDirective}
+ * @see {LoadingSpinnerDirective}
+ *
+ * @example
+ * ```html
+ * <button odxButton odxAuthSignIn (odxAuthSignIn)="onSignIn()">Sign In</button>
+ * ```
+ */
+
+declare class SignInDirective extends AuthActionDirective {
+    /**
+     * Emits an event after the sign-in action is completed.
+     *
+     * @type {EventEmitter<void>}
+     */
+    afterSignIn: EventEmitter<void>;
+    protected handleClick(): void;
+    static ɵfac: i0.ɵɵFactoryDeclaration<SignInDirective, never>;
+    static ɵdir: i0.ɵɵDirectiveDeclaration<SignInDirective, "[odxButton][odxAuthSignIn]", never, {}, { "afterSignIn": "odxAuthSignIn"; }, never, never, true, [{ directive: typeof i1$1.LoadingSpinnerDirective; inputs: {}; outputs: {}; }]>;
+}
+
+/**
+ * A directive that handles the sign-out action for a button element.
+ *
+ * This directive extends the `AuthActionDirective` and uses the `LoadingSpinnerDirective`
+ * to show a loading spinner during the sign-out process.
+ *
+ * @see {AuthActionDirective}
+ * @see {LoadingSpinnerDirective}
+ *
+ * @example
+ * ```html
+ * <button odxButton odxAuthSignOut (odxAuthSignOut)="onSignOut()">Sign Out</button>
+ * ```
+ */
+declare class SignOutDirective extends AuthActionDirective {
+    /**
+     * Emits an event after the sign-out action is completed.
+     *
+     */
+    afterSignOut: EventEmitter<void>;
+    protected handleClick(): void;
+    static ɵfac: i0.ɵɵFactoryDeclaration<SignOutDirective, never>;
+    static ɵdir: i0.ɵɵDirectiveDeclaration<SignOutDirective, "[odxAuthSignOut]", never, {}, { "afterSignOut": "odxAuthSignOut"; }, never, never, true, [{ directive: typeof i1$1.LoadingSpinnerDirective; inputs: {}; outputs: {}; }]>;
+}
+
+declare class AuthModule {
+    static ɵfac: i0.ɵɵFactoryDeclaration<AuthModule, never>;
+    static ɵmod: i0.ɵɵNgModuleDeclaration<AuthModule, never, [typeof AuthComponent, typeof AuthDirective, typeof SignInDirective, typeof SignOutDirective], [typeof AuthComponent, typeof AuthDirective, typeof SignInDirective, typeof SignOutDirective]>;
+    static ɵinj: i0.ɵɵInjectorDeclaration<AuthModule>;
+}
+
+declare const ODX_AUTH_ERROR_HANDLERS: InjectionToken<AuthErrorHandlerFn[]>;
+declare const ODX_AUTH_PLUGINS_ERROR_HANDLER: InjectionToken<AuthPluginErrorHandler | null>;
+declare const ODX_AUTH_CORE_PLUGINS: InjectionToken<AuthPluginFactory[]>;
+declare const ODX_AUTH_PLUGINS: InjectionToken<AuthPlugin[]>;
+/**
+ * Provides a logger for the authentication module.
+ *
+ * @returns {Provider} - The provider for the logger.
+ */
+declare function provideAuthLogger(): Provider;
+/**
+ * Initializes the authentication error handlers.
+ */
+declare function initializeAuthErrorHandlers(): void;
+/**
+ * Initializes the authentication configuration.
+ *
+ * @returns {() => Promise<void>} - A function that returns a promise resolving when the configuration is initialized.
+ */
+declare function initalizeAuthConfig(): () => Promise<void>;
+/**
+ * Provides the authentication configuration and dependencies.
+ *
+ * @param {ConfigProvider<Partial<AuthConfig>, D>} config - The configuration provider.
+ * @returns {EnvironmentProviders} The environment providers for authentication.
+ * @template D
+ *
+ * @example Provide the authentication configuration and dependencies
+ * ```ts
+ * providers: [
+ *  provideAuth({
+ *   useFactory: ({ environment, auth: { clientId, loadUserProfile } }: ApplicationEnvironment) => ({
+ *     environment,
+ *     clientId,
+ *     loadUserProfile,
+ *   }),
+ *   deps: [APPLICATION_ENVIRONMENT],
+ *  }),
+ * ],
+ * ```
+ */
+declare function provideAuth<D extends ConfigDependencies>(config: ConfigProvider<Partial<AuthConfig>, D>): EnvironmentProviders;
+
+declare global {
+    namespace OdxAuth {
+        type RawIdentityClaims = Record<string, unknown>;
+        interface AuthPluginResult {
+            email?: string;
+            initials?: string;
+            institutionName?: string;
+            languageCode?: string;
+            preferredLanguage?: string;
+            userProfileUrl?: string;
+            username?: string;
+        }
+        interface IdentityClaims extends AuthPluginResult {
+            sub: string;
+            oktaid: string;
+            iat: number;
+            aud: string;
+            name: string;
+            firstname: string;
+            lastname: string;
+            displayname: string;
+            preferred_username: string;
+            email: string;
+            initials: string;
+            organization: string;
+            locale?: string;
+            zoneinfo?: string;
+        }
+    }
+}
+
+/**
+ * Displays authentication actions.
+ */
+declare class AuthActionsComponent {
+    readonly element: i0.ElementRef<HTMLElement>;
+    /**
+     * The identity claims.
+     *
+     * @type {OdxAuth.IdentityClaims | null}
+     * @default null
+     */
+    claims: OdxAuth.IdentityClaims | null;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AuthActionsComponent, never>;
+    static ɵcmp: i0.ɵɵComponentDeclaration<AuthActionsComponent, "odx-auth-actions", never, { "claims": { "alias": "claims"; "required": false; }; }, {}, never, never, true, never>;
+}
+
+/**
+ * Authentication loading screen.
+ *
+ * This component displays a loading screen with animations and dynamic content
+ * based on the authentication state.
+ */
+declare class AuthLoadingScreenComponent {
+    private static instance;
+    protected readonly authConfig: _odx_auth.AuthConfig;
+    protected readonly icon$: rxjs.Observable<"core::link-external" | "core::user">;
+    /**
+     * Initializes the authentication loading screen.
+     *
+     * @param {AuthService} authService - The authentication service.
+     * @param {DynamicViewService} dynamicViewService - The dynamic view service used to create the loading screen.
+     * @static
+     */
+    static initialize(authService: AuthService, dynamicViewService: DynamicViewService): void;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AuthLoadingScreenComponent, never>;
+    static ɵcmp: i0.ɵɵComponentDeclaration<AuthLoadingScreenComponent, "div.odx-auth-loading-screen", never, {}, {}, never, never, true, never>;
+}
+
+/**
+ * Creates an authentication host URL based on the provided environment and URL segments.
+ *
+ * @param {AuthEnvironment} environment - The authentication environment (e.g., 'development', 'production').
+ * @param {string[]} segments - Additional URL segments to append to the base URL.
+ * @returns {string} The constructed authentication host URL.
+ *
+ * @example
+ * ```ts
+ * createAuthHostUrl('dev', 'api', 'v1', 'users'); // returns 'https://dev-auth.odx.com/api/v1/users'
+ * ```
+ */
+declare function createAuthHostUrl(environment: AuthEnvironment, ...segments: string[]): string;
+
+/**
+ * Creates initials from a given string.
+ *
+ * This function takes a string input, removes any text within parentheses,
+ * trims any leading or trailing whitespace, and then splits the string into
+ * parts based on spaces. It then constructs initials using the first letter
+ * of the first and last parts of the string, converting them to uppercase.
+ *
+ * @param {string | null} value - The input string from which to create initials. It can be
+ *                undefined or null, in which case an empty string is returned.
+ * @returns {string} - A string containing the initials derived from the input string.
+ *
+ * @example
+ * ```ts
+ * createInitials('John Smith'); // returns 'JS'
+ * ```
+ */
+declare function createInitials(value?: string | null): string;
+
+/**
+ * Handles authentication errors by executing a series of error handler functions.
+ *
+ * @param {AuthErrorHandlerFn[]} handlers - An array of functions that handle authentication errors.
+ * Each function is expected to take an `OAuthErrorEvent` as an argument.
+ *
+ * @returns A function that takes an `OAuthErrorEvent` and processes it using the provided handlers.
+ * The function will stop processing once a handler successfully handles the error without throwing.
+ * If a handler throws an error that is not an instance of `OAuthErrorEvent`, the original error is re-thrown.
+ */
+declare function handleAuthError(handlers: AuthErrorHandlerFn[]): (error: OAuthErrorEvent) => void;
+
+/**
+ * Handles OAuth events of a specific type by applying a provided handler function.
+ *
+ * @template {T} - The type of OAuth event.
+ * @param {T['type']} type - The type of the OAuth event to handle.
+ * @param {(event: T) => Promise<void>} handler - A function that takes an event of type T and returns a Promise that resolves to void.
+ * @returns {OperatorFunction<T, void>} - An OperatorFunction that filters events of the specified type and applies the handler function.
+ */
+declare function handleOAuthEvent<T extends OAuthEvent>(type: T['type'], handler: (event: T) => Promise<void>): OperatorFunction<T, void>;
+
+/**
+ * Resolves the email address from the given identity claims.
+ *
+ * This function attempts to extract an email address from the provided
+ * `OdxAuth.RawIdentityClaims` object by checking the following properties
+ * in order:
+ * 1. `email` - if it is a string, it is returned.
+ * 2. `email_address` - if it is a string, it is returned.
+ * 3. `emails` - if it is an array and the first element is a string, the first element is returned.
+ *
+ * If none of these properties contain a valid string email address, an empty string is returned.
+ *
+ * @param {OdxAuth.RawIdentityClaims} claims - The identity claims object from which to resolve the email address.
+ * @returns {string} - The resolved email address as a string, or an empty string if no valid email address is found.
+ *
+ * @example
+ * ```ts
+ * resolveEmail({ email_address: 'email.address@mdn.com' }) // returns 'email.address@mdn.com';
+ * ```
+ */
+declare function resolveEmail(claims: OdxAuth.RawIdentityClaims): string;
+
+/**
+ * Resolves the username from the provided identity claims.
+ *
+ * The function attempts to construct a username from the claims in the following order:
+ * 1. If both 'firstname' and 'lastname' are strings, it returns them concatenated with a space.
+ * 2. If both 'given_name' and 'family_name' are strings, it returns them concatenated with a space.
+ * 3. If 'name' is a string, it returns the 'name'.
+ * 4. If 'displayname' is a string, it returns the 'displayname'.
+ * 5. If none of the above conditions are met, it returns an empty string.
+ *
+ * @param {OdxAuth.RawIdentityClaims} claims - The raw identity claims from which to resolve the username.
+ * @returns {string} - The resolved username as a string.
+ *
+ * @example
+ * ```ts
+ * resolveUsername({ firstname: 'John', lastname: 'Doe' }) // returns 'John Doe';
+ * resolveUsername({ given_name: 'John', family_name: 'Doe' }) // returns 'John Doe';
+ * resolveUsername({ name: 'John Doe' }) // returns 'John Doe';
+ * resolveUsername({ displayname: 'John Doe' }) // returns 'John Doe';
+ * ```
+ */
+declare function resolveUsername(claims: OdxAuth.RawIdentityClaims): string;
+
+/**
+ * Sets the HTTP Authorization header for a given request.
+ *
+ * @template R - The type of the request, which extends HttpRequest<T> or Request.
+ * @template T - The type of the request body.
+ * @param {R} req - The HTTP request to which the Authorization header will be added.
+ * @param {string | null} [token] - The token to be used in the Authorization header. If no token is provided, the request is returned unchanged.
+ * @returns {R} - The modified HTTP request with the Authorization header set, or the original request if no token is provided.
+ */
+declare function setHttpAuthHeader<R extends HttpRequest<T> | Request, T>(req: R, token?: string | null): R;
+
+type LanguageSelector = (claims?: OdxAuth.IdentityClaims | null) => string | null | undefined;
+/**
+ * A function that creates a language loader function for user authentication.
+ *
+ * @param {LanguageSelector} languageSelector - A function that takes optional identity claims and returns a language string, null, or undefined.
+ *                           Defaults to a function that returns the preferred language from the claims.
+ * @returns {LanguageLoaderFn} - A function that retrieves the user's preferred language from the identity claims.
+ */
+declare function userLanguageLoader(languageSelector?: LanguageSelector): LanguageLoaderFn;
+
+/**
+ * A factory function that creates a core debug plugin for the authentication service.
+ * This plugin logs detailed information about the user's identity claims and tokens.
+ *
+ * @remarks
+ * This plugin is intended for debugging purposes only and should not be used in production environments.
+ *
+ * @returns {AuthPluginFactory} A function that takes an authentication service and sets up logging for identity claims and tokens.
+ */
+declare const coreDebugPlugin: AuthPluginFactory;
+
+/**
+ * Core identity plugin for authentication.
+ *
+ * This plugin extracts and processes identity claims from the authentication service.
+ *
+ * @returns {AuthPluginFactory} A factory function that returns an observable with the processed identity claims.
+ */
+declare const coreIdentityPlugin: AuthPluginFactory;
+
+/**
+ * A plugin factory that generates a user profile URL plugin.
+ *
+ * This plugin retrieves the user profile URL from the authentication configuration.
+ * If the user profile URL is not specified in the configuration, it falls back to
+ * using the default URL for the current environment from `ODX_AUTH_USER_PROFILE_HOSTS`.
+ *
+ * @returns A function that returns an observable emitting an object containing the user profile URL.
+ */
+declare const userProfileUrlPlugin: AuthPluginFactory;
+
+/**
+ * Guard function to prevent unauthorized access to routes.
+ *
+ * @param {AuthorizedHandler} authorizedHandler - Optional handler to check if the user is authorized.
+ * @param {any[] | string} redirectTo - Optional URL or route to redirect unauthorized users to. Can be a string or an array of strings.
+ * @param {boolean} isExternal - Optional flag to indicate if the redirection should be external. Defaults to false.
+ * @returns {CanActivateFn} - A function that implements the CanActivateFn interface.
+ */
+declare function unauthGuard(authorizedHandler?: AuthorizedHandler, redirectTo?: any[] | string, isExternal?: boolean): CanActivateFn;
+
+export { AUTH_HTTP_HEADER, AuthActionDirective, AuthActionsComponent, AuthComponent, AuthConfig, AuthDefaultConfig, AuthDirective, AuthEnvironment, AuthLoadingScreenComponent, AuthModule, AuthPluginManager, AuthService, ODX_AUTH_CORE_PLUGINS, ODX_AUTH_DEFAULT_SCOPES, ODX_AUTH_ERROR_HANDLERS, ODX_AUTH_HOSTS, ODX_AUTH_PLUGINS, ODX_AUTH_PLUGINS_ERROR_HANDLER, ODX_AUTH_USER_PROFILE_HOSTS, SignInDirective, SignOutDirective, authGuard, authInterceptor, coreDebugPlugin, coreIdentityPlugin, createAuthHostUrl, createInitials, handleAuthError, handleOAuthEvent, initalizeAuthConfig, initializeAuthErrorHandlers, injectAuthConfig, offlineAuthErrorHandler, provideAuth, provideAuthConfig, provideAuthLogger, requireAuthentication, resolveEmail, resolveUsername, setHttpAuthHeader, unauthGuard, userLanguageLoader, userProfileUrlPlugin };
+export type { AuthErrorHandlerFn, AuthPlugin, AuthPluginError, AuthPluginErrorHandler, AuthPluginFactory, AuthorizedHandler, CreateInitialsFn, ResolveEmailFn, ResolveUsernameFn };