@onecx/shell-auth 8.0.0-rc.10

package/LICENSE

@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

package/README.md

@@ -0,0 +1,16 @@
+# @onecx/shell-auth
+
+`@onecx/shell-auth` contains all authentication services and utilities meant to be used exclusively by the OneCX Shell and Standalone Shell.
+More information about OneCX libraries can be found in the [OneCX documentation](https://onecx.github.io/docs/documentation/current/onecx-portal-ui-libs/index.html).
+
+## Installation
+
+```bash
+npm install @onecx/shell-auth
+```
+
+## Additional Commands
+- `npx nx run shell-auth:build` - Builds the library and outputs the result to the `dist` folder.
+- `npx nx run shell-auth:test` - Runs the unit tests for the library.
+- `npx nx run shell-auth:lint` - Lints the library's codebase.
+- `npx nx run shell-auth:release` - Releases a new version of the library to npm, following semantic versioning guidelines.

package/fesm2022/onecx-shell-auth.mjs

@@ -0,0 +1,380 @@
+import { loadRemoteModule } from '@angular-architects/module-federation';
+import * as i0 from '@angular/core';
+import { inject, Injectable, Injector, provideAppInitializer } from '@angular/core';
+import { ConfigurationService, CONFIG_KEY, AppStateService } from '@onecx/angular-integration-interface';
+import { EventsTopic, EventType } from '@onecx/integration-interface';
+import { filter } from 'rxjs/internal/operators/filter';
+import { createLoggerFactory } from '@onecx/accelerator';
+import Semaphore from 'ts-semaphore';
+
+var Injectables;
+(function (Injectables) {
+    Injectables["KEYCLOAK_AUTH_SERVICE"] = "KEYCLOAK_AUTH_SERVICE";
+    Injectables["CONFIG"] = "CONFIG";
+})(Injectables || (Injectables = {}));
+
+// This file is not planned to be in the index.ts so it is private to this lib
+const createLogger = createLoggerFactory('@onecx/shell-auth');
+
+const KC_REFRESH_TOKEN_LS = 'onecx_kc_refreshToken';
+const KC_ID_TOKEN_LS = 'onecx_kc_idToken';
+const KC_TOKEN_LS = 'onecx_kc_token';
+class KeycloakAuthService {
+    constructor() {
+        this.logger = createLogger('KeycloakAuthService');
+        this.configService = inject(ConfigurationService);
+        this.updateTokenSemaphore = new Semaphore(1);
+    }
+    async init(config) {
+        this.config = config;
+        let token = localStorage.getItem(KC_TOKEN_LS);
+        let idToken = localStorage.getItem(KC_ID_TOKEN_LS);
+        let refreshToken = localStorage.getItem(KC_REFRESH_TOKEN_LS);
+        if (token && refreshToken) {
+            const parsedToken = JSON.parse(atob(refreshToken.split('.')[1]));
+            if (parsedToken.exp * 1000 < new Date().getTime()) {
+                token = null;
+                refreshToken = null;
+                idToken = null;
+                this.clearKCStateFromLocalstorage();
+            }
+        }
+        let kcConfig;
+        const validKCConfig = await this.getValidKCConfig();
+        kcConfig = { ...validKCConfig, ...(config ?? {}) };
+        if (!kcConfig.clientId || !kcConfig.realm || !kcConfig.url) {
+            kcConfig = './assets/keycloak.json';
+        }
+        const enableSilentSSOCheck = (await this.configService.getProperty(CONFIG_KEY.KEYCLOAK_ENABLE_SILENT_SSO)) === 'true';
+        const timeSkew = await this.getConfigValueNumberOrUndefined(CONFIG_KEY.KEYCLOAK_TIME_SKEW);
+        try {
+            await import('keycloak-js').then(({ default: Keycloak }) => {
+                this.keycloak = new Keycloak(kcConfig);
+            });
+        }
+        catch (err) {
+            const errorMessage = 'Keycloak initialization failed! Could not load keycloak-js library which is required in the current environment.';
+            this.logger.error(errorMessage, err);
+            throw new Error(errorMessage);
+        }
+        if (!this.keycloak) {
+            throw new Error('Keycloak initialization failed!');
+        }
+        await this.setupEventListener();
+        return this.keycloak
+            .init({
+            onLoad: 'check-sso',
+            checkLoginIframe: false,
+            silentCheckSsoRedirectUri: enableSilentSSOCheck ? this.getSilentSSOUrl() : undefined,
+            idToken: idToken || undefined,
+            refreshToken: refreshToken || undefined,
+            token: token || undefined,
+            timeSkew: timeSkew,
+        })
+            .catch((err) => {
+            this.logger.warn(`Keycloak err: ${err}, try force login`);
+            return this.keycloak?.login(this.config);
+        })
+            .then((loginOk) => {
+            if (loginOk) {
+                return this.keycloak?.token;
+            }
+            else {
+                return this.keycloak?.login(this.config).then(() => 'login');
+            }
+        })
+            .then(() => {
+            return true;
+        })
+            .catch((err) => {
+            this.logger.error(`KC ERROR ${err} as json ${JSON.stringify(err)}`);
+            throw err;
+        });
+    }
+    async getValidKCConfig() {
+        const clientId = await this.configService.getProperty(CONFIG_KEY.KEYCLOAK_CLIENT_ID);
+        if (!clientId) {
+            throw new Error('Invalid KC config, missing clientId');
+        }
+        const realm = await this.configService.getProperty(CONFIG_KEY.KEYCLOAK_REALM);
+        if (!realm) {
+            throw new Error('Invalid KC config, missing realm');
+        }
+        const url = (await this.configService.getProperty(CONFIG_KEY.KEYCLOAK_URL)) ?? '';
+        return {
+            url,
+            clientId,
+            realm,
+        };
+    }
+    async setupEventListener() {
+        if (this.keycloak) {
+            const onTokenExpiredEnabled = (await this.configService.getProperty(CONFIG_KEY.KEYCLOAK_ON_TOKEN_EXPIRED_ENABLED)) === 'true';
+            const onAuthRefreshErrorEnabled = (await this.configService.getProperty(CONFIG_KEY.KEYCLOAK_ON_AUTH_REFRESH_ERROR_ENABLED)) === 'true';
+            this.keycloak.onAuthError = () => {
+                this.updateLocalStorage();
+            };
+            this.keycloak.onAuthLogout = () => {
+                this.logger.info('SSO logout nav to root');
+                this.clearKCStateFromLocalstorage();
+                this.keycloak?.login(this.config);
+            };
+            this.keycloak.onAuthRefreshSuccess = () => {
+                this.updateLocalStorage();
+            };
+            this.keycloak.onAuthRefreshError = () => {
+                this.updateLocalStorage();
+                if (onAuthRefreshErrorEnabled) {
+                    this.logger.info('Auth refresh error - initiating re-login');
+                    this.keycloak?.login(this.config);
+                }
+            };
+            this.keycloak.onAuthSuccess = () => {
+                this.updateLocalStorage();
+            };
+            this.keycloak.onTokenExpired = () => {
+                this.updateLocalStorage();
+                if (onTokenExpiredEnabled) {
+                    // A semaphore is used to prevent executing multiple updateToken calls in parallel.
+                    this.updateTokenSemaphore.use(async () => {
+                        this.logger.info('Token expired - proactively refreshing');
+                        this.keycloak?.updateToken();
+                    });
+                }
+            };
+            this.keycloak.onActionUpdate = () => {
+                this.updateLocalStorage();
+            };
+            this.keycloak.onReady = () => {
+                this.updateLocalStorage();
+            };
+        }
+    }
+    updateLocalStorage() {
+        if (this.keycloak) {
+            if (this.keycloak.token) {
+                localStorage.setItem(KC_TOKEN_LS, this.keycloak.token);
+            }
+            else {
+                localStorage.removeItem(KC_TOKEN_LS);
+            }
+            if (this.keycloak.idToken) {
+                localStorage.setItem(KC_ID_TOKEN_LS, this.keycloak.idToken);
+            }
+            else {
+                localStorage.removeItem(KC_ID_TOKEN_LS);
+            }
+            if (this.keycloak.refreshToken) {
+                localStorage.setItem(KC_REFRESH_TOKEN_LS, this.keycloak.refreshToken);
+            }
+            else {
+                localStorage.removeItem(KC_REFRESH_TOKEN_LS);
+            }
+        }
+    }
+    clearKCStateFromLocalstorage() {
+        localStorage.removeItem(KC_ID_TOKEN_LS);
+        localStorage.removeItem(KC_TOKEN_LS);
+        localStorage.removeItem(KC_REFRESH_TOKEN_LS);
+    }
+    getSilentSSOUrl() {
+        let currentBase = document.getElementsByTagName('base')[0].href;
+        if (currentBase === '/') {
+            currentBase = '';
+        }
+        return `${currentBase}/assets/silent-check-sso.html`;
+    }
+    getIdToken() {
+        return this.keycloak?.idToken ?? null;
+    }
+    getAccessToken() {
+        return this.keycloak?.token ?? null;
+    }
+    logout() {
+        this.keycloak?.logout();
+    }
+    async updateTokenIfNeeded() {
+        return this.updateTokenSemaphore.use(async () => {
+            if (!this.keycloak?.authenticated) {
+                return this.keycloak?.login(this.config).then(() => false) ?? Promise.reject('Keycloak not initialized!');
+            }
+            const minValidity = await this.getConfigValueNumberOrUndefined(CONFIG_KEY.KEYCLOAK_UPDATE_TOKEN_MIN_VALIDITY);
+            return this.keycloak.updateToken(minValidity);
+        });
+    }
+    getAuthProviderName() {
+        return 'keycloak-auth';
+    }
+    hasRole(_role) {
+        return false;
+    }
+    getUserRoles() {
+        return [];
+    }
+    getHeaderValues() {
+        return { 'apm-principal-token': this.getIdToken() ?? '', Authorization: `Bearer ${this.getAccessToken()}` };
+    }
+    async getConfigValueNumberOrUndefined(configKey) {
+        const value = await this.configService.getProperty(configKey);
+        if (value === undefined)
+            return undefined;
+        const parsed = Number.parseInt(value, 10);
+        if (Number.isNaN(parsed))
+            return undefined;
+        return parsed;
+    }
+    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "21.2.1", ngImport: i0, type: KeycloakAuthService, deps: [], target: i0.ɵɵFactoryTarget.Injectable }); }
+    static { this.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "21.2.1", ngImport: i0, type: KeycloakAuthService }); }
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "21.2.1", ngImport: i0, type: KeycloakAuthService, decorators: [{
+            type: Injectable
+        }] });
+
+var globalThis$1 = globalThis;
+
+class DisabledAuthService {
+    async init(_config) {
+        return Promise.resolve(true);
+    }
+    getIdToken() {
+        return "";
+    }
+    getAccessToken() {
+        return "";
+    }
+    logout() {
+        window.location.href = "https://github.com/onecx/";
+    }
+    async updateTokenIfNeeded() {
+        return Promise.resolve(true);
+    }
+    getHeaderValues() {
+        return {};
+    }
+    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "21.2.1", ngImport: i0, type: DisabledAuthService, deps: [], target: i0.ɵɵFactoryTarget.Injectable }); }
+    static { this.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "21.2.1", ngImport: i0, type: DisabledAuthService }); }
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "21.2.1", ngImport: i0, type: DisabledAuthService, decorators: [{
+            type: Injectable
+        }] });
+
+class AuthServiceWrapper {
+    constructor() {
+        this.configService = inject(ConfigurationService);
+        this.appStateService = inject(AppStateService);
+        this.injector = inject(Injector);
+        this.eventsTopic$ = new EventsTopic();
+        this.eventsTopic$
+            .pipe(filter((e) => e.type === EventType.AUTH_LOGOUT_BUTTON_CLICKED))
+            .subscribe(() => this.authService?.logout());
+        // Shell defines these properties to support older library versions
+        window.onecxAngularAuth ??= {};
+        window.onecxAngularAuth.authServiceProxy ??= {};
+        window.onecxAngularAuth.authServiceProxy.v1 ??= {
+            updateTokenIfNeeded: () => {
+                return this.updateTokenIfNeeded();
+            },
+            getHeaderValues: () => {
+                return this.getHeaderValues();
+            },
+        };
+        window.onecxAuth ??= {};
+        window.onecxAuth.authServiceProxy ??= {};
+        window.onecxAuth.authServiceProxy.v1 ??= {
+            updateTokenIfNeeded: () => {
+                return this.updateTokenIfNeeded();
+            },
+            getHeaderValues: () => {
+                return this.getHeaderValues();
+            },
+        };
+    }
+    async init() {
+        await this.configService.isInitialized;
+        await this.initializeAuthService();
+        const initResult = this.getInitResult();
+        return initResult;
+    }
+    async getInitResult() {
+        const initResult = await this.authService?.init();
+        if (initResult) {
+            await this.appStateService.isAuthenticated$.publish();
+        }
+        return initResult;
+    }
+    getHeaderValues() {
+        return this.authService?.getHeaderValues() ?? {};
+    }
+    updateTokenIfNeeded() {
+        return this.authService?.updateTokenIfNeeded() ?? Promise.reject();
+    }
+    async initializeAuthService() {
+        const serviceTypeConfig = (await this.configService.getProperty(CONFIG_KEY.AUTH_SERVICE)) ?? 'keycloak';
+        switch (serviceTypeConfig) {
+            case 'keycloak':
+                this.authService = this.injector.get(KeycloakAuthService);
+                break;
+            case 'custom': {
+                // remote module is exposing function as default export (this is a convention)
+                // this function is responsible for creating the custom auth service
+                // to have access to the dependency mechanism of the shell
+                // the function gets a callback which is returning the requested injectable
+                const factory = await this.getAuthServiceFactory();
+                this.authService = await Promise.resolve(factory((injectable) => this.retrieveInjectables(injectable)));
+                break;
+            }
+            case 'disabled':
+                this.authService = this.injector.get(DisabledAuthService);
+                break;
+            default:
+                throw new Error('Configured AuthService not found');
+        }
+    }
+    async retrieveInjectables(injectable) {
+        if (injectable === Injectables.KEYCLOAK_AUTH_SERVICE) {
+            return this.injector.get(KeycloakAuthService);
+        }
+        else if (injectable === Injectables.CONFIG) {
+            return this.configService.getConfig();
+        }
+        throw new Error('unknown injectable type');
+    }
+    async getAuthServiceFactory() {
+        if (await !this.configService.getProperty(CONFIG_KEY.AUTH_SERVICE_CUSTOM_URL)) {
+            throw new Error('URL of the custom auth service is not defined');
+        }
+        const module = await loadRemoteModule({
+            type: 'module',
+            remoteEntry: (await this.configService.getProperty(CONFIG_KEY.AUTH_SERVICE_CUSTOM_URL)) ?? '',
+            exposedModule: (await this.configService.getProperty(CONFIG_KEY.AUTH_SERVICE_CUSTOM_MODULE_NAME)) ?? './CustomAuth',
+        });
+        return module.default;
+    }
+    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "21.2.1", ngImport: i0, type: AuthServiceWrapper, deps: [], target: i0.ɵɵFactoryTarget.Injectable }); }
+    static { this.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "21.2.1", ngImport: i0, type: AuthServiceWrapper }); }
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "21.2.1", ngImport: i0, type: AuthServiceWrapper, decorators: [{
+            type: Injectable
+        }], ctorParameters: () => [] });
+
+function provideAuthServices() {
+    return [AuthServiceWrapper, KeycloakAuthService, DisabledAuthService];
+}
+function provideAuthService() {
+    return [
+        provideAuthServices(),
+        provideAppInitializer(async () => {
+            const configService = inject(ConfigurationService);
+            const authServiceWrapper = inject(AuthServiceWrapper);
+            await configService.isInitialized;
+            await authServiceWrapper.init();
+        }),
+    ];
+}
+
+/**
+ * Generated bundle index. Do not edit.
+ */
+
+export { AuthServiceWrapper, provideAuthService };
+//# sourceMappingURL=onecx-shell-auth.mjs.map

package/fesm2022/onecx-shell-auth.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"onecx-shell-auth.mjs","sources":["../../../../libs/shell-auth/src/lib/auth.service.ts","../../../../libs/shell-auth/src/lib/utils/logger.utils.ts","../../../../libs/shell-auth/src/lib/auth_services/keycloak-auth.service.ts","../../../../libs/shell-auth/src/lib/declarations.ts","../../../../libs/shell-auth/src/lib/auth_services/disabled-auth.service.ts","../../../../libs/shell-auth/src/lib/auth-service-wrapper.ts","../../../../libs/shell-auth/src/lib/provide-auth-service.ts","../../../../libs/shell-auth/src/onecx-shell-auth.ts"],"sourcesContent":["export interface AuthService {\n  init(config?: Record<string, unknown>): Promise<boolean>\n\n  getHeaderValues(): Record<string, string>\n\n  logout(): void\n\n  updateTokenIfNeeded(): Promise<boolean>\n}\n\nexport enum Injectables {\n  KEYCLOAK_AUTH_SERVICE = 'KEYCLOAK_AUTH_SERVICE',\n  CONFIG = 'CONFIG',\n}\n\nexport type AuthServiceFactory = (\n  injectorFunction: (injectable: Injectables) => Promise<unknown> | unknown\n) => AuthService | Promise<AuthService>\n","// This file is not planned to be in the index.ts so it is private to this lib\nimport { createLoggerFactory } from '@onecx/accelerator'\n\nexport const createLogger = createLoggerFactory('@onecx/shell-auth')\n","import { Injectable, inject } from '@angular/core'\nimport { CONFIG_KEY, ConfigurationService } from '@onecx/angular-integration-interface'\nimport Keycloak, { KeycloakServerConfig } from 'keycloak-js'\nimport { AuthService } from '../auth.service'\nimport { createLogger } from '../utils/logger.utils'\nimport Semaphore from 'ts-semaphore'\n\nconst KC_REFRESH_TOKEN_LS = 'onecx_kc_refreshToken'\nconst KC_ID_TOKEN_LS = 'onecx_kc_idToken'\nconst KC_TOKEN_LS = 'onecx_kc_token'\n\n@Injectable()\nexport class KeycloakAuthService implements AuthService {\n  private readonly logger = createLogger('KeycloakAuthService')\n  private configService = inject(ConfigurationService)\n  private keycloak: Keycloak | undefined\n  private readonly updateTokenSemaphore = new Semaphore(1)\n\n  config?: Record<string, unknown>\n\n  public async init(config?: Record<string, unknown>): Promise<boolean> {\n    this.config = config\n    let token = localStorage.getItem(KC_TOKEN_LS)\n    let idToken = localStorage.getItem(KC_ID_TOKEN_LS)\n    let refreshToken = localStorage.getItem(KC_REFRESH_TOKEN_LS)\n    if (token && refreshToken) {\n      const parsedToken = JSON.parse(atob(refreshToken.split('.')[1]))\n      if (parsedToken.exp * 1000 < new Date().getTime()) {\n        token = null\n        refreshToken = null\n        idToken = null\n        this.clearKCStateFromLocalstorage()\n      }\n    }\n\n    let kcConfig: KeycloakServerConfig | string\n    const validKCConfig = await this.getValidKCConfig()\n    kcConfig = { ...validKCConfig, ...(config ?? {}) }\n    \n    if (!kcConfig.clientId || !kcConfig.realm || !kcConfig.url) {\n      kcConfig = './assets/keycloak.json'\n    }\n\n    const enableSilentSSOCheck =\n      (await this.configService.getProperty(CONFIG_KEY.KEYCLOAK_ENABLE_SILENT_SSO)) === 'true'\n\n    const timeSkew = await this.getConfigValueNumberOrUndefined(CONFIG_KEY.KEYCLOAK_TIME_SKEW)\n\n    try {\n      await import('keycloak-js').then(({ default: Keycloak }) => {\n        this.keycloak = new Keycloak(kcConfig)\n      })\n    } catch (err) {\n      const errorMessage = 'Keycloak initialization failed! Could not load keycloak-js library which is required in the current environment.'\n      this.logger.error(\n        errorMessage,\n        err\n      )\n      throw new Error(\n        errorMessage\n      )\n    }\n\n    if (!this.keycloak) {\n      throw new Error('Keycloak initialization failed!')\n    }\n\n    await this.setupEventListener()\n\n    return this.keycloak\n      .init({\n        onLoad: 'check-sso',\n        checkLoginIframe: false,\n        silentCheckSsoRedirectUri: enableSilentSSOCheck ? this.getSilentSSOUrl() : undefined,\n        idToken: idToken || undefined,\n        refreshToken: refreshToken || undefined,\n        token: token || undefined,\n        timeSkew: timeSkew,\n      })\n      .catch((err) => {\n        this.logger.warn(`Keycloak err: ${err}, try force login`)\n        return this.keycloak?.login(this.config)\n      })\n      .then((loginOk) => {\n        if (loginOk) {\n          return this.keycloak?.token\n        } else {\n          return this.keycloak?.login(this.config).then(() => 'login')\n        }\n      })\n      .then(() => {\n        return true\n      })\n      .catch((err) => {\n        this.logger.error(`KC ERROR ${err} as json ${JSON.stringify(err)}`)\n        throw err\n      })\n  }\n\n  protected async getValidKCConfig(): Promise<KeycloakServerConfig> {\n    const clientId = await this.configService.getProperty(CONFIG_KEY.KEYCLOAK_CLIENT_ID)\n    if (!clientId) {\n      throw new Error('Invalid KC config, missing clientId')\n    }\n    const realm = await this.configService.getProperty(CONFIG_KEY.KEYCLOAK_REALM)\n    if (!realm) {\n      throw new Error('Invalid KC config, missing realm')\n    }\n    const url = (await this.configService.getProperty(CONFIG_KEY.KEYCLOAK_URL)) ?? ''\n    return {\n      url,\n      clientId,\n      realm,\n    }\n  }\n\n    private async setupEventListener() {\n    if (this.keycloak) {\n      const onTokenExpiredEnabled = (await this.configService.getProperty(CONFIG_KEY.KEYCLOAK_ON_TOKEN_EXPIRED_ENABLED)) === 'true'\n\n      const onAuthRefreshErrorEnabled = (await this.configService.getProperty(CONFIG_KEY.KEYCLOAK_ON_AUTH_REFRESH_ERROR_ENABLED)) === 'true'\n\n      this.keycloak.onAuthError = () => {\n        this.updateLocalStorage()\n      }\n      this.keycloak.onAuthLogout = () => {\n        this.logger.info('SSO logout nav to root')\n        this.clearKCStateFromLocalstorage()\n        this.keycloak?.login(this.config)\n      }\n      this.keycloak.onAuthRefreshSuccess = () => {\n        this.updateLocalStorage()\n      }\n      this.keycloak.onAuthRefreshError = () => {\n        this.updateLocalStorage()\n        if (onAuthRefreshErrorEnabled) {\n          this.logger.info('Auth refresh error - initiating re-login')\n          this.keycloak?.login(this.config)\n        }\n      }\n      this.keycloak.onAuthSuccess = () => {\n        this.updateLocalStorage()\n      }\n      this.keycloak.onTokenExpired = () => {\n        this.updateLocalStorage()\n        if (onTokenExpiredEnabled) {\n          // A semaphore is used to prevent executing multiple updateToken calls in parallel.\n          this.updateTokenSemaphore.use(async () => {\n            this.logger.info('Token expired - proactively refreshing')\n            this.keycloak?.updateToken()\n          })\n        }\n      }\n      this.keycloak.onActionUpdate = () => {\n        this.updateLocalStorage()\n      }\n      this.keycloak.onReady = () => {\n        this.updateLocalStorage()\n      }\n    }\n  }\n\n  private updateLocalStorage() {\n    if (this.keycloak) {\n      if (this.keycloak.token) {\n        localStorage.setItem(KC_TOKEN_LS, this.keycloak.token)\n      } else {\n        localStorage.removeItem(KC_TOKEN_LS)\n      }\n      if (this.keycloak.idToken) {\n        localStorage.setItem(KC_ID_TOKEN_LS, this.keycloak.idToken)\n      } else {\n        localStorage.removeItem(KC_ID_TOKEN_LS)\n      }\n      if (this.keycloak.refreshToken) {\n        localStorage.setItem(KC_REFRESH_TOKEN_LS, this.keycloak.refreshToken)\n      } else {\n        localStorage.removeItem(KC_REFRESH_TOKEN_LS)\n      }\n    }\n  }\n\n  private clearKCStateFromLocalstorage() {\n    localStorage.removeItem(KC_ID_TOKEN_LS)\n    localStorage.removeItem(KC_TOKEN_LS)\n    localStorage.removeItem(KC_REFRESH_TOKEN_LS)\n  }\n\n  private getSilentSSOUrl() {\n    let currentBase = document.getElementsByTagName('base')[0].href\n    if (currentBase === '/') {\n      currentBase = ''\n    }\n    return `${currentBase}/assets/silent-check-sso.html`\n  }\n\n  getIdToken(): string | null {\n    return this.keycloak?.idToken ?? null\n  }\n  getAccessToken(): string | null {\n    return this.keycloak?.token ?? null\n  }\n\n  logout(): void {\n    this.keycloak?.logout()\n  }\n\n  async updateTokenIfNeeded(): Promise<boolean> {\n    return this.updateTokenSemaphore.use(async () => {\n      if (!this.keycloak?.authenticated) {\n        return this.keycloak?.login(this.config).then(() => false) ?? Promise.reject('Keycloak not initialized!')\n      }\n\n      const minValidity = await this.getConfigValueNumberOrUndefined(CONFIG_KEY.KEYCLOAK_UPDATE_TOKEN_MIN_VALIDITY)\n\n      return this.keycloak.updateToken(minValidity)\n    })\n  }\n\n  getAuthProviderName(): string {\n    return 'keycloak-auth'\n  }\n\n  hasRole(_role: string): boolean {\n    return false\n  }\n\n  getUserRoles(): string[] {\n    return []\n  }\n\n  getHeaderValues(): Record<string, string> {\n    return { 'apm-principal-token': this.getIdToken() ?? '', Authorization: `Bearer ${this.getAccessToken()}` }\n  }\n\n  async getConfigValueNumberOrUndefined(configKey: CONFIG_KEY): Promise<number | undefined> {\n    const value = await this.configService.getProperty(configKey)\n    if (value === undefined) return undefined\n\n    const parsed = Number.parseInt(value, 10)\n    if (Number.isNaN(parsed)) return undefined\n    return parsed\n  }\n}\n","declare global {\n  interface Window {\n    onecxAuth?: {\n      authServiceProxy?: {\n        v1?: {\n          getHeaderValues: () => Record<string, string>\n          updateTokenIfNeeded: () => Promise<boolean>\n        }\n      }\n    }\n    // Shell defines these properties to support older library versions\n    onecxAngularAuth?: {\n      authServiceProxy?: {\n        v1?: {\n          getHeaderValues: () => Record<string, string>\n          updateTokenIfNeeded: () => Promise<boolean>\n        }\n      }\n    }\n  }\n}\n\nexport default globalThis\n","import { Injectable } from '@angular/core';\nimport { AuthService } from '../auth.service';\n\n@Injectable()\nexport class DisabledAuthService implements AuthService {\n\n  public async init(_config?: Record<string, unknown>): Promise<boolean> {\n    return Promise.resolve(true);\n  }\n\n  getIdToken(): string | null {\n    return \"\";\n  }\n  getAccessToken(): string | null {\n    return \"\";\n  }\n\n  logout(): void {\n    window.location.href = \"https://github.com/onecx/\";\n  }\n\n  async updateTokenIfNeeded(): Promise<boolean> {\n    return Promise.resolve(true);\n  }\n\n  getHeaderValues(): Record<string, string> {\n    return {};\n  }\n}\n","import { loadRemoteModule } from '@angular-architects/module-federation'\nimport { Injectable, Injector, inject } from '@angular/core'\nimport { AppStateService, CONFIG_KEY, ConfigurationService } from '@onecx/angular-integration-interface'\nimport { Config, EventsTopic, EventType } from '@onecx/integration-interface'\nimport { filter } from 'rxjs/internal/operators/filter'\nimport { AuthService, AuthServiceFactory, Injectables } from './auth.service'\nimport { KeycloakAuthService } from './auth_services/keycloak-auth.service'\nimport './declarations'\nimport { DisabledAuthService } from './auth_services/disabled-auth.service'\n\n@Injectable()\nexport class AuthServiceWrapper {\n  private configService = inject(ConfigurationService)\n  private appStateService = inject(AppStateService)\n  private injector = inject(Injector)\n\n  private eventsTopic$ = new EventsTopic()\n  private authService: AuthService | undefined\n\n  constructor() {\n    this.eventsTopic$\n      .pipe(filter((e) => e.type === EventType.AUTH_LOGOUT_BUTTON_CLICKED))\n      .subscribe(() => this.authService?.logout())\n    // Shell defines these properties to support older library versions\n    window.onecxAngularAuth ??= {}\n    window.onecxAngularAuth.authServiceProxy ??= {}\n    window.onecxAngularAuth.authServiceProxy.v1 ??= {\n      updateTokenIfNeeded: (): Promise<boolean> => {\n        return this.updateTokenIfNeeded()\n      },\n      getHeaderValues: (): Record<string, string> => {\n        return this.getHeaderValues()\n      },\n    }\n    window.onecxAuth ??= {}\n    window.onecxAuth.authServiceProxy ??= {}\n    window.onecxAuth.authServiceProxy.v1 ??= {\n      updateTokenIfNeeded: (): Promise<boolean> => {\n        return this.updateTokenIfNeeded()\n      },\n      getHeaderValues: (): Record<string, string> => {\n        return this.getHeaderValues()\n      },\n    }\n  }\n  async init(): Promise<boolean | undefined> {\n    await this.configService.isInitialized\n\n    await this.initializeAuthService()\n    const initResult = this.getInitResult()\n    return initResult\n  }\n  async getInitResult(): Promise<boolean | undefined> {\n    const initResult = await this.authService?.init()\n\n    if (initResult) {\n      await this.appStateService.isAuthenticated$.publish()\n    }\n    return initResult\n  }\n  getHeaderValues(): Record<string, string> {\n    return this.authService?.getHeaderValues() ?? {}\n  }\n  updateTokenIfNeeded(): Promise<boolean> {\n    return this.authService?.updateTokenIfNeeded() ?? Promise.reject()\n  }\n\n  async initializeAuthService(): Promise<void> {\n    const serviceTypeConfig = (await this.configService.getProperty(CONFIG_KEY.AUTH_SERVICE)) ?? 'keycloak'\n\n    switch (serviceTypeConfig) {\n      case 'keycloak':\n        this.authService = this.injector.get(KeycloakAuthService)\n        break\n      case 'custom': {\n        // remote module is exposing function as default export (this is a convention)\n        // this function is responsible for creating the custom auth service\n        // to have access to the dependency mechanism of the shell\n        // the function gets a callback which is returning the requested injectable\n        const factory = await this.getAuthServiceFactory()\n        this.authService = await Promise.resolve(\n          factory((injectable: Injectables) => this.retrieveInjectables(injectable))\n        )\n        break\n      }\n      case 'disabled':\n        this.authService = this.injector.get(DisabledAuthService)\n        break\n      default:\n        throw new Error('Configured AuthService not found')\n    }\n  }\n\n  async retrieveInjectables(injectable: Injectables): Promise<KeycloakAuthService | Config | undefined> {\n    if (injectable === Injectables.KEYCLOAK_AUTH_SERVICE) {\n      return this.injector.get(KeycloakAuthService)\n    } else if (injectable === Injectables.CONFIG) {\n      return this.configService.getConfig()\n    }\n    throw new Error('unknown injectable type')\n  }\n\n  async getAuthServiceFactory(): Promise<AuthServiceFactory> {\n    if (await !this.configService.getProperty(CONFIG_KEY.AUTH_SERVICE_CUSTOM_URL)) {\n      throw new Error('URL of the custom auth service is not defined')\n    }\n    const module = await loadRemoteModule({\n      type: 'module',\n      remoteEntry: (await this.configService.getProperty(CONFIG_KEY.AUTH_SERVICE_CUSTOM_URL)) ?? '',\n      exposedModule:\n        (await this.configService.getProperty(CONFIG_KEY.AUTH_SERVICE_CUSTOM_MODULE_NAME)) ?? './CustomAuth',\n    })\n    return module.default as AuthServiceFactory\n  }\n}\n","import { inject, provideAppInitializer } from '@angular/core'\nimport { ConfigurationService } from '@onecx/angular-integration-interface'\nimport { AuthServiceWrapper } from './auth-service-wrapper'\nimport { DisabledAuthService } from './auth_services/disabled-auth.service'\nimport { KeycloakAuthService } from './auth_services/keycloak-auth.service'\n\nfunction provideAuthServices() {\n  return [AuthServiceWrapper, KeycloakAuthService, DisabledAuthService]\n}\n\nexport function provideAuthService() {\n  return [\n    provideAuthServices(),\n    provideAppInitializer(async () => {\n      const configService = inject(ConfigurationService)\n      const authServiceWrapper = inject(AuthServiceWrapper)\n      await configService.isInitialized\n      await authServiceWrapper.init()\n    }),\n  ]\n}","/**\n * Generated bundle index. Do not edit.\n */\n\nexport * from './index';\n"],"names":[],"mappings":";;;;;;;;;AAUA,IAAY,WAGX;AAHD,CAAA,UAAY,WAAW,EAAA;AACrB,IAAA,WAAA,CAAA,uBAAA,CAAA,GAAA,uBAA+C;AAC/C,IAAA,WAAA,CAAA,QAAA,CAAA,GAAA,QAAiB;AACnB,CAAC,EAHW,WAAW,KAAX,WAAW,GAAA,EAAA,CAAA,CAAA;;ACVvB;AAGO,MAAM,YAAY,GAAG,mBAAmB,CAAC,mBAAmB,CAAC;;ACIpE,MAAM,mBAAmB,GAAG,uBAAuB;AACnD,MAAM,cAAc,GAAG,kBAAkB;AACzC,MAAM,WAAW,GAAG,gBAAgB;MAGvB,mBAAmB,CAAA;AADhC,IAAA,WAAA,GAAA;AAEmB,QAAA,IAAA,CAAA,MAAM,GAAG,YAAY,CAAC,qBAAqB,CAAC;AACrD,QAAA,IAAA,CAAA,aAAa,GAAG,MAAM,CAAC,oBAAoB,CAAC;AAEnC,QAAA,IAAA,CAAA,oBAAoB,GAAG,IAAI,SAAS,CAAC,CAAC,CAAC;AAmOzD,IAAA;IA/NQ,MAAM,IAAI,CAAC,MAAgC,EAAA;AAChD,QAAA,IAAI,CAAC,MAAM,GAAG,MAAM;QACpB,IAAI,KAAK,GAAG,YAAY,CAAC,OAAO,CAAC,WAAW,CAAC;QAC7C,IAAI,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,cAAc,CAAC;QAClD,IAAI,YAAY,GAAG,YAAY,CAAC,OAAO,CAAC,mBAAmB,CAAC;AAC5D,QAAA,IAAI,KAAK,IAAI,YAAY,EAAE;AACzB,YAAA,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAChE,YAAA,IAAI,WAAW,CAAC,GAAG,GAAG,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAAE;gBACjD,KAAK,GAAG,IAAI;gBACZ,YAAY,GAAG,IAAI;gBACnB,OAAO,GAAG,IAAI;gBACd,IAAI,CAAC,4BAA4B,EAAE;YACrC;QACF;AAEA,QAAA,IAAI,QAAuC;AAC3C,QAAA,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,gBAAgB,EAAE;AACnD,QAAA,QAAQ,GAAG,EAAE,GAAG,aAAa,EAAE,IAAI,MAAM,IAAI,EAAE,CAAC,EAAE;AAElD,QAAA,IAAI,CAAC,QAAQ,CAAC,QAAQ,IAAI,CAAC,QAAQ,CAAC,KAAK,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE;YAC1D,QAAQ,GAAG,wBAAwB;QACrC;AAEA,QAAA,MAAM,oBAAoB,GACxB,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,UAAU,CAAC,0BAA0B,CAAC,MAAM,MAAM;QAE1F,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,+BAA+B,CAAC,UAAU,CAAC,kBAAkB,CAAC;AAE1F,QAAA,IAAI;AACF,YAAA,MAAM,OAAO,aAAa,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAI;gBACzD,IAAI,CAAC,QAAQ,GAAG,IAAI,QAAQ,CAAC,QAAQ,CAAC;AACxC,YAAA,CAAC,CAAC;QACJ;QAAE,OAAO,GAAG,EAAE;YACZ,MAAM,YAAY,GAAG,kHAAkH;YACvI,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,YAAY,EACZ,GAAG,CACJ;AACD,YAAA,MAAM,IAAI,KAAK,CACb,YAAY,CACb;QACH;AAEA,QAAA,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE;AAClB,YAAA,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC;QACpD;AAEA,QAAA,MAAM,IAAI,CAAC,kBAAkB,EAAE;QAE/B,OAAO,IAAI,CAAC;AACT,aAAA,IAAI,CAAC;AACJ,YAAA,MAAM,EAAE,WAAW;AACnB,YAAA,gBAAgB,EAAE,KAAK;AACvB,YAAA,yBAAyB,EAAE,oBAAoB,GAAG,IAAI,CAAC,eAAe,EAAE,GAAG,SAAS;YACpF,OAAO,EAAE,OAAO,IAAI,SAAS;YAC7B,YAAY,EAAE,YAAY,IAAI,SAAS;YACvC,KAAK,EAAE,KAAK,IAAI,SAAS;AACzB,YAAA,QAAQ,EAAE,QAAQ;SACnB;AACA,aAAA,KAAK,CAAC,CAAC,GAAG,KAAI;YACb,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA,cAAA,EAAiB,GAAG,CAAA,iBAAA,CAAmB,CAAC;YACzD,OAAO,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC;AAC1C,QAAA,CAAC;AACA,aAAA,IAAI,CAAC,CAAC,OAAO,KAAI;YAChB,IAAI,OAAO,EAAE;AACX,gBAAA,OAAO,IAAI,CAAC,QAAQ,EAAE,KAAK;YAC7B;iBAAO;AACL,gBAAA,OAAO,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,OAAO,CAAC;YAC9D;AACF,QAAA,CAAC;aACA,IAAI,CAAC,MAAK;AACT,YAAA,OAAO,IAAI;AACb,QAAA,CAAC;AACA,aAAA,KAAK,CAAC,CAAC,GAAG,KAAI;AACb,YAAA,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,YAAY,GAAG,CAAA,SAAA,EAAY,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA,CAAE,CAAC;AACnE,YAAA,MAAM,GAAG;AACX,QAAA,CAAC,CAAC;IACN;AAEU,IAAA,MAAM,gBAAgB,GAAA;AAC9B,QAAA,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,UAAU,CAAC,kBAAkB,CAAC;QACpF,IAAI,CAAC,QAAQ,EAAE;AACb,YAAA,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC;QACxD;AACA,QAAA,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,UAAU,CAAC,cAAc,CAAC;QAC7E,IAAI,CAAC,KAAK,EAAE;AACV,YAAA,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC;QACrD;AACA,QAAA,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,UAAU,CAAC,YAAY,CAAC,KAAK,EAAE;QACjF,OAAO;YACL,GAAG;YACH,QAAQ;YACR,KAAK;SACN;IACH;AAEU,IAAA,MAAM,kBAAkB,GAAA;AAChC,QAAA,IAAI,IAAI,CAAC,QAAQ,EAAE;AACjB,YAAA,MAAM,qBAAqB,GAAG,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,UAAU,CAAC,iCAAiC,CAAC,MAAM,MAAM;AAE7H,YAAA,MAAM,yBAAyB,GAAG,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,UAAU,CAAC,sCAAsC,CAAC,MAAM,MAAM;AAEtI,YAAA,IAAI,CAAC,QAAQ,CAAC,WAAW,GAAG,MAAK;gBAC/B,IAAI,CAAC,kBAAkB,EAAE;AAC3B,YAAA,CAAC;AACD,YAAA,IAAI,CAAC,QAAQ,CAAC,YAAY,GAAG,MAAK;AAChC,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wBAAwB,CAAC;gBAC1C,IAAI,CAAC,4BAA4B,EAAE;gBACnC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC;AACnC,YAAA,CAAC;AACD,YAAA,IAAI,CAAC,QAAQ,CAAC,oBAAoB,GAAG,MAAK;gBACxC,IAAI,CAAC,kBAAkB,EAAE;AAC3B,YAAA,CAAC;AACD,YAAA,IAAI,CAAC,QAAQ,CAAC,kBAAkB,GAAG,MAAK;gBACtC,IAAI,CAAC,kBAAkB,EAAE;gBACzB,IAAI,yBAAyB,EAAE;AAC7B,oBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0CAA0C,CAAC;oBAC5D,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC;gBACnC;AACF,YAAA,CAAC;AACD,YAAA,IAAI,CAAC,QAAQ,CAAC,aAAa,GAAG,MAAK;gBACjC,IAAI,CAAC,kBAAkB,EAAE;AAC3B,YAAA,CAAC;AACD,YAAA,IAAI,CAAC,QAAQ,CAAC,cAAc,GAAG,MAAK;gBAClC,IAAI,CAAC,kBAAkB,EAAE;gBACzB,IAAI,qBAAqB,EAAE;;AAEzB,oBAAA,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,YAAW;AACvC,wBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wCAAwC,CAAC;AAC1D,wBAAA,IAAI,CAAC,QAAQ,EAAE,WAAW,EAAE;AAC9B,oBAAA,CAAC,CAAC;gBACJ;AACF,YAAA,CAAC;AACD,YAAA,IAAI,CAAC,QAAQ,CAAC,cAAc,GAAG,MAAK;gBAClC,IAAI,CAAC,kBAAkB,EAAE;AAC3B,YAAA,CAAC;AACD,YAAA,IAAI,CAAC,QAAQ,CAAC,OAAO,GAAG,MAAK;gBAC3B,IAAI,CAAC,kBAAkB,EAAE;AAC3B,YAAA,CAAC;QACH;IACF;IAEQ,kBAAkB,GAAA;AACxB,QAAA,IAAI,IAAI,CAAC,QAAQ,EAAE;AACjB,YAAA,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE;gBACvB,YAAY,CAAC,OAAO,CAAC,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;YACxD;iBAAO;AACL,gBAAA,YAAY,CAAC,UAAU,CAAC,WAAW,CAAC;YACtC;AACA,YAAA,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE;gBACzB,YAAY,CAAC,OAAO,CAAC,cAAc,EAAE,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;YAC7D;iBAAO;AACL,gBAAA,YAAY,CAAC,UAAU,CAAC,cAAc,CAAC;YACzC;AACA,YAAA,IAAI,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE;gBAC9B,YAAY,CAAC,OAAO,CAAC,mBAAmB,EAAE,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC;YACvE;iBAAO;AACL,gBAAA,YAAY,CAAC,UAAU,CAAC,mBAAmB,CAAC;YAC9C;QACF;IACF;IAEQ,4BAA4B,GAAA;AAClC,QAAA,YAAY,CAAC,UAAU,CAAC,cAAc,CAAC;AACvC,QAAA,YAAY,CAAC,UAAU,CAAC,WAAW,CAAC;AACpC,QAAA,YAAY,CAAC,UAAU,CAAC,mBAAmB,CAAC;IAC9C;IAEQ,eAAe,GAAA;AACrB,QAAA,IAAI,WAAW,GAAG,QAAQ,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI;AAC/D,QAAA,IAAI,WAAW,KAAK,GAAG,EAAE;YACvB,WAAW,GAAG,EAAE;QAClB;QACA,OAAO,CAAA,EAAG,WAAW,CAAA,6BAAA,CAA+B;IACtD;IAEA,UAAU,GAAA;AACR,QAAA,OAAO,IAAI,CAAC,QAAQ,EAAE,OAAO,IAAI,IAAI;IACvC;IACA,cAAc,GAAA;AACZ,QAAA,OAAO,IAAI,CAAC,QAAQ,EAAE,KAAK,IAAI,IAAI;IACrC;IAEA,MAAM,GAAA;AACJ,QAAA,IAAI,CAAC,QAAQ,EAAE,MAAM,EAAE;IACzB;AAEA,IAAA,MAAM,mBAAmB,GAAA;QACvB,OAAO,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,YAAW;AAC9C,YAAA,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,aAAa,EAAE;gBACjC,OAAO,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,OAAO,CAAC,MAAM,CAAC,2BAA2B,CAAC;YAC3G;YAEA,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,+BAA+B,CAAC,UAAU,CAAC,kCAAkC,CAAC;YAE7G,OAAO,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,WAAW,CAAC;AAC/C,QAAA,CAAC,CAAC;IACJ;IAEA,mBAAmB,GAAA;AACjB,QAAA,OAAO,eAAe;IACxB;AAEA,IAAA,OAAO,CAAC,KAAa,EAAA;AACnB,QAAA,OAAO,KAAK;IACd;IAEA,YAAY,GAAA;AACV,QAAA,OAAO,EAAE;IACX;IAEA,eAAe,GAAA;AACb,QAAA,OAAO,EAAE,qBAAqB,EAAE,IAAI,CAAC,UAAU,EAAE,IAAI,EAAE,EAAE,aAAa,EAAE,UAAU,IAAI,CAAC,cAAc,EAAE,CAAA,CAAE,EAAE;IAC7G;IAEA,MAAM,+BAA+B,CAAC,SAAqB,EAAA;QACzD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,SAAS,CAAC;QAC7D,IAAI,KAAK,KAAK,SAAS;AAAE,YAAA,OAAO,SAAS;QAEzC,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC;AACzC,QAAA,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC;AAAE,YAAA,OAAO,SAAS;AAC1C,QAAA,OAAO,MAAM;IACf;8GAtOW,mBAAmB,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA,CAAA;kHAAnB,mBAAmB,EAAA,CAAA,CAAA;;2FAAnB,mBAAmB,EAAA,UAAA,EAAA,CAAA;kBAD/B;;;ACWD,mBAAe,UAAU;;MClBZ,mBAAmB,CAAA;IAEvB,MAAM,IAAI,CAAC,OAAiC,EAAA;AACjD,QAAA,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC;IAC9B;IAEA,UAAU,GAAA;AACR,QAAA,OAAO,EAAE;IACX;IACA,cAAc,GAAA;AACZ,QAAA,OAAO,EAAE;IACX;IAEA,MAAM,GAAA;AACJ,QAAA,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,2BAA2B;IACpD;AAEA,IAAA,MAAM,mBAAmB,GAAA;AACvB,QAAA,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC;IAC9B;IAEA,eAAe,GAAA;AACb,QAAA,OAAO,EAAE;IACX;8GAvBW,mBAAmB,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA,CAAA;kHAAnB,mBAAmB,EAAA,CAAA,CAAA;;2FAAnB,mBAAmB,EAAA,UAAA,EAAA,CAAA;kBAD/B;;;MCQY,kBAAkB,CAAA;AAQ7B,IAAA,WAAA,GAAA;AAPQ,QAAA,IAAA,CAAA,aAAa,GAAG,MAAM,CAAC,oBAAoB,CAAC;AAC5C,QAAA,IAAA,CAAA,eAAe,GAAG,MAAM,CAAC,eAAe,CAAC;AACzC,QAAA,IAAA,CAAA,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;AAE3B,QAAA,IAAA,CAAA,YAAY,GAAG,IAAI,WAAW,EAAE;AAItC,QAAA,IAAI,CAAC;AACF,aAAA,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,0BAA0B,CAAC;aACnE,SAAS,CAAC,MAAM,IAAI,CAAC,WAAW,EAAE,MAAM,EAAE,CAAC;;AAE9C,QAAA,MAAM,CAAC,gBAAgB,KAAK,EAAE;AAC9B,QAAA,MAAM,CAAC,gBAAgB,CAAC,gBAAgB,KAAK,EAAE;AAC/C,QAAA,MAAM,CAAC,gBAAgB,CAAC,gBAAgB,CAAC,EAAE,KAAK;YAC9C,mBAAmB,EAAE,MAAuB;AAC1C,gBAAA,OAAO,IAAI,CAAC,mBAAmB,EAAE;YACnC,CAAC;YACD,eAAe,EAAE,MAA6B;AAC5C,gBAAA,OAAO,IAAI,CAAC,eAAe,EAAE;YAC/B,CAAC;SACF;AACD,QAAA,MAAM,CAAC,SAAS,KAAK,EAAE;AACvB,QAAA,MAAM,CAAC,SAAS,CAAC,gBAAgB,KAAK,EAAE;AACxC,QAAA,MAAM,CAAC,SAAS,CAAC,gBAAgB,CAAC,EAAE,KAAK;YACvC,mBAAmB,EAAE,MAAuB;AAC1C,gBAAA,OAAO,IAAI,CAAC,mBAAmB,EAAE;YACnC,CAAC;YACD,eAAe,EAAE,MAA6B;AAC5C,gBAAA,OAAO,IAAI,CAAC,eAAe,EAAE;YAC/B,CAAC;SACF;IACH;AACA,IAAA,MAAM,IAAI,GAAA;AACR,QAAA,MAAM,IAAI,CAAC,aAAa,CAAC,aAAa;AAEtC,QAAA,MAAM,IAAI,CAAC,qBAAqB,EAAE;AAClC,QAAA,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,EAAE;AACvC,QAAA,OAAO,UAAU;IACnB;AACA,IAAA,MAAM,aAAa,GAAA;QACjB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,IAAI,EAAE;QAEjD,IAAI,UAAU,EAAE;YACd,MAAM,IAAI,CAAC,eAAe,CAAC,gBAAgB,CAAC,OAAO,EAAE;QACvD;AACA,QAAA,OAAO,UAAU;IACnB;IACA,eAAe,GAAA;QACb,OAAO,IAAI,CAAC,WAAW,EAAE,eAAe,EAAE,IAAI,EAAE;IAClD;IACA,mBAAmB,GAAA;QACjB,OAAO,IAAI,CAAC,WAAW,EAAE,mBAAmB,EAAE,IAAI,OAAO,CAAC,MAAM,EAAE;IACpE;AAEA,IAAA,MAAM,qBAAqB,GAAA;AACzB,QAAA,MAAM,iBAAiB,GAAG,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,UAAU,CAAC,YAAY,CAAC,KAAK,UAAU;QAEvG,QAAQ,iBAAiB;AACvB,YAAA,KAAK,UAAU;gBACb,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,mBAAmB,CAAC;gBACzD;YACF,KAAK,QAAQ,EAAE;;;;;AAKb,gBAAA,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,qBAAqB,EAAE;gBAClD,IAAI,CAAC,WAAW,GAAG,MAAM,OAAO,CAAC,OAAO,CACtC,OAAO,CAAC,CAAC,UAAuB,KAAK,IAAI,CAAC,mBAAmB,CAAC,UAAU,CAAC,CAAC,CAC3E;gBACD;YACF;AACA,YAAA,KAAK,UAAU;gBACb,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,mBAAmB,CAAC;gBACzD;AACF,YAAA;AACE,gBAAA,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC;;IAEzD;IAEA,MAAM,mBAAmB,CAAC,UAAuB,EAAA;AAC/C,QAAA,IAAI,UAAU,KAAK,WAAW,CAAC,qBAAqB,EAAE;YACpD,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,mBAAmB,CAAC;QAC/C;AAAO,aAAA,IAAI,UAAU,KAAK,WAAW,CAAC,MAAM,EAAE;AAC5C,YAAA,OAAO,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE;QACvC;AACA,QAAA,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC;IAC5C;AAEA,IAAA,MAAM,qBAAqB,GAAA;AACzB,QAAA,IAAI,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,UAAU,CAAC,uBAAuB,CAAC,EAAE;AAC7E,YAAA,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC;QAClE;AACA,QAAA,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC;AACpC,YAAA,IAAI,EAAE,QAAQ;AACd,YAAA,WAAW,EAAE,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,UAAU,CAAC,uBAAuB,CAAC,KAAK,EAAE;AAC7F,YAAA,aAAa,EACX,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,UAAU,CAAC,+BAA+B,CAAC,KAAK,cAAc;AACvG,SAAA,CAAC;QACF,OAAO,MAAM,CAAC,OAA6B;IAC7C;8GAtGW,kBAAkB,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA,CAAA;kHAAlB,kBAAkB,EAAA,CAAA,CAAA;;2FAAlB,kBAAkB,EAAA,UAAA,EAAA,CAAA;kBAD9B;;;ACJD,SAAS,mBAAmB,GAAA;AAC1B,IAAA,OAAO,CAAC,kBAAkB,EAAE,mBAAmB,EAAE,mBAAmB,CAAC;AACvE;SAEgB,kBAAkB,GAAA;IAChC,OAAO;AACL,QAAA,mBAAmB,EAAE;QACrB,qBAAqB,CAAC,YAAW;AAC/B,YAAA,MAAM,aAAa,GAAG,MAAM,CAAC,oBAAoB,CAAC;AAClD,YAAA,MAAM,kBAAkB,GAAG,MAAM,CAAC,kBAAkB,CAAC;YACrD,MAAM,aAAa,CAAC,aAAa;AACjC,YAAA,MAAM,kBAAkB,CAAC,IAAI,EAAE;AACjC,QAAA,CAAC,CAAC;KACH;AACH;;ACpBA;;AAEG;;;;"}

package/package.json

@@ -0,0 +1,42 @@
+{
+  "name": "@onecx/shell-auth",
+  "version": "8.0.0-rc.10",
+  "license": "Apache-2.0",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/onecx/onecx-portal-ui-libs"
+  },
+  "peerDependencies": {
+    "@angular-architects/module-federation": "^20.0.0",
+    "@angular/core": "^21.0.0",
+    "@onecx/accelerator": "^8.0.0-rc.10",
+    "@onecx/angular-integration-interface": "^8.0.0-rc.10",
+    "@onecx/integration-interface": "^8.0.0-rc.10",
+    "keycloak-js": "^26.2.3",
+    "ts-semaphore": "^1.0.0",
+    "rxjs": "~7.8.0"
+  },
+  "peerDependenciesMeta": {
+    "keycloak-js": {
+      "optional": true
+    }
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "module": "fesm2022/onecx-shell-auth.mjs",
+  "typings": "types/onecx-shell-auth.d.ts",
+  "exports": {
+    "./package.json": {
+      "default": "./package.json"
+    },
+    ".": {
+      "types": "./types/onecx-shell-auth.d.ts",
+      "default": "./fesm2022/onecx-shell-auth.mjs"
+    }
+  },
+  "sideEffects": false,
+  "dependencies": {
+    "tslib": "^2.3.0"
+  }
+}

package/types/onecx-shell-auth.d.ts

@@ -0,0 +1,95 @@
+import { Config } from '@onecx/integration-interface';
+import { CONFIG_KEY } from '@onecx/angular-integration-interface';
+import { KeycloakServerConfig } from 'keycloak-js';
+import * as i0 from '@angular/core';
+
+interface AuthService {
+    init(config?: Record<string, unknown>): Promise<boolean>;
+    getHeaderValues(): Record<string, string>;
+    logout(): void;
+    updateTokenIfNeeded(): Promise<boolean>;
+}
+declare enum Injectables {
+    KEYCLOAK_AUTH_SERVICE = "KEYCLOAK_AUTH_SERVICE",
+    CONFIG = "CONFIG"
+}
+type AuthServiceFactory = (injectorFunction: (injectable: Injectables) => Promise<unknown> | unknown) => AuthService | Promise<AuthService>;
+
+declare class KeycloakAuthService implements AuthService {
+    private readonly logger;
+    private configService;
+    private keycloak;
+    private readonly updateTokenSemaphore;
+    config?: Record<string, unknown>;
+    init(config?: Record<string, unknown>): Promise<boolean>;
+    protected getValidKCConfig(): Promise<KeycloakServerConfig>;
+    private setupEventListener;
+    private updateLocalStorage;
+    private clearKCStateFromLocalstorage;
+    private getSilentSSOUrl;
+    getIdToken(): string | null;
+    getAccessToken(): string | null;
+    logout(): void;
+    updateTokenIfNeeded(): Promise<boolean>;
+    getAuthProviderName(): string;
+    hasRole(_role: string): boolean;
+    getUserRoles(): string[];
+    getHeaderValues(): Record<string, string>;
+    getConfigValueNumberOrUndefined(configKey: CONFIG_KEY): Promise<number | undefined>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<KeycloakAuthService, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<KeycloakAuthService>;
+}
+
+declare global {
+    interface Window {
+        onecxAuth?: {
+            authServiceProxy?: {
+                v1?: {
+                    getHeaderValues: () => Record<string, string>;
+                    updateTokenIfNeeded: () => Promise<boolean>;
+                };
+            };
+        };
+        onecxAngularAuth?: {
+            authServiceProxy?: {
+                v1?: {
+                    getHeaderValues: () => Record<string, string>;
+                    updateTokenIfNeeded: () => Promise<boolean>;
+                };
+            };
+        };
+    }
+}
+
+declare class AuthServiceWrapper {
+    private configService;
+    private appStateService;
+    private injector;
+    private eventsTopic$;
+    private authService;
+    constructor();
+    init(): Promise<boolean | undefined>;
+    getInitResult(): Promise<boolean | undefined>;
+    getHeaderValues(): Record<string, string>;
+    updateTokenIfNeeded(): Promise<boolean>;
+    initializeAuthService(): Promise<void>;
+    retrieveInjectables(injectable: Injectables): Promise<KeycloakAuthService | Config | undefined>;
+    getAuthServiceFactory(): Promise<AuthServiceFactory>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AuthServiceWrapper, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<AuthServiceWrapper>;
+}
+
+declare class DisabledAuthService implements AuthService {
+    init(_config?: Record<string, unknown>): Promise<boolean>;
+    getIdToken(): string | null;
+    getAccessToken(): string | null;
+    logout(): void;
+    updateTokenIfNeeded(): Promise<boolean>;
+    getHeaderValues(): Record<string, string>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<DisabledAuthService, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<DisabledAuthService>;
+}
+
+declare function provideAuthService(): ((typeof DisabledAuthService | typeof AuthServiceWrapper)[] | i0.EnvironmentProviders)[];
+
+export { AuthServiceWrapper, provideAuthService };