@qlik/api 1.31.0 → 1.33.0

package/chunks/{FKDGGR2O.js → OTIO4SEJ.js}

@@ -1,49 +1,55 @@
 import {
   getInterceptors
-} from "./3RGGGGAR.js";
+} from "./ZCTVPXGO.js";
 import {
+  cleanFalsyValues,
   isBrowser,
-  isNode
-} from "./2ZQ3ZX7F.js";
+  isNode,
+  sortKeys
+} from "./7MMXU6EL.js";
 
-// src/auth/internal/host-config-registry.ts
-var registeredHostConfigs = {};
-function registerHostConfigInternal(name, hostConfig) {
-  if (hostConfig?.reference) {
-    throw new InvalidHostConfigError("Cannot register a host config with a reference");
-  }
-  if (registeredHostConfigs[name]) {
-    console.warn(`registerHostConfig: Host config with name "${name}" is already registered. Overwriting.`);
-  }
-  registeredHostConfigs[name] = hostConfig;
-}
-function unregisterHostConfigInternal(name) {
-  if (registeredHostConfigs[name]) {
-    delete registeredHostConfigs[name];
-  } else {
-    console.warn(`unregisterHostConfig: Host config with name "${name}" not found.`);
+// src/invoke-fetch/invoke-fetch-errors.ts
+var InvokeFetchError = class extends Error {
+  status;
+  headers;
+  data;
+  constructor(errorMessage, status, headers, data) {
+    super(errorMessage);
+    this.status = status;
+    this.headers = headers;
+    this.data = data;
+    this.stack = cleanStack(this.stack);
   }
-}
-function getRegisteredHostConfigInternal(name) {
-  if (!registeredHostConfigs[name]) {
-    throw new Error(`Host config with name "${name}" not found.`);
+};
+var EncodingError = class extends Error {
+  contentType;
+  data;
+  constructor(errorMessage, contentType, data) {
+    super(errorMessage);
+    this.contentType = contentType;
+    this.data = data;
+    this.stack = cleanStack(this.stack);
   }
-  return registeredHostConfigs[name];
-}
-
-// src/auth/internal/default-host-config.ts
-var defaultHostConfig = {};
-function setDefaultHostConfigInternal(hostConfig) {
-  defaultHostConfig = hostConfig || {};
-}
-function withResolvedHostConfig(hostConfig) {
-  if (hostConfig?.reference) {
-    return getRegisteredHostConfigInternal(hostConfig.reference);
+};
+var regex = /^.+\/qmfe-api(?:\.js)?:(\d+)(?::\d+)?$/gim;
+var isFromQmfeApi = (line) => {
+  const matches = line.match(regex);
+  return Boolean(matches && matches.length > 0);
+};
+function cleanStack(stack) {
+  if (!stack) {
+    return stack;
   }
-  if (hostConfig && Object.keys(hostConfig).length > 0) {
-    return hostConfig;
+  const newStack = [];
+  const lines = stack.split("\n");
+  lines.reverse();
+  for (const line of lines) {
+    if (isFromQmfeApi(line)) {
+      break;
+    }
+    newStack.unshift(line);
   }
-  return defaultHostConfig;
+  return newStack.join("\n");
 }
 
 // src/platform/platform-functions.ts
@@ -151,414 +157,82 @@ var result = (data) => ({
   ...data
 });
 
-// src/auth/internal/auth-module-registry.ts
-var authModules = {};
-var ongoingAuthModuleLoading = Promise.resolve();
-function registerAuthModule(name, authModule) {
-  authModules[name.toLowerCase()] = authModule;
-}
-function getRegisteredAuthModules() {
-  return Object.keys(authModules);
-}
-function getRegisteredAuthModule(authType) {
-  return authModules[authType.toLowerCase()];
+// src/auth/auth-types.ts
+var hostConfigCommonProperties = [
+  "authType",
+  "autoRedirect",
+  "authRedirectUserConfirmation",
+  "embedRuntimeUrl",
+  "host",
+  "onAuthFailed"
+];
+var authTypesThatCanBeOmitted = [
+  "apikey",
+  "oauth2",
+  "cookie",
+  "windowscookie",
+  "reference",
+  "anonymous"
+];
+
+// src/utils/random.ts
+import { customAlphabet, nanoid } from "nanoid";
+function generateRandomString(targetLength) {
+  return nanoid(targetLength);
 }
-async function getAuthModule(hostConfig) {
-  const hostConfigToUse = withResolvedHostConfig(hostConfig);
-  const authType = await determineAuthType(hostConfigToUse);
-  if (ongoingAuthModuleLoading) {
-    await ongoingAuthModuleLoading;
-  }
-  let authModule = getRegisteredAuthModule(authType);
-  if (!authModule) {
-    ongoingAuthModuleLoading = (async () => {
-      authModule = await resolveGloballyDefinedAuthModule(authType);
-      if (authModule) {
-        registerAuthModule(authType, authModule);
-      }
-    })();
-    await ongoingAuthModuleLoading;
-  }
-  if (!authModule) {
-    throw new InvalidAuthTypeError(authType);
-  }
-  if (authModule.validateHostConfig) {
-    authModule.validateHostConfig({ authType, ...hostConfigToUse });
-  }
-  return authModule;
+function generateRandomHexString(targetLength) {
+  return customAlphabet("1234567890abcdef", targetLength)();
 }
-async function resolveGloballyDefinedAuthModule(authType) {
-  const globalWindow = globalThis;
-  const globalVariable = globalWindow[authType];
-  if (globalVariable) {
-    let potentialAuthModule;
-    if (typeof globalVariable === "function") {
-      potentialAuthModule = await globalVariable();
-    } else {
-      potentialAuthModule = globalVariable;
-    }
-    if (potentialAuthModule && potentialAuthModule.getRestCallAuthParams && potentialAuthModule.getWebSocketAuthParams && potentialAuthModule.handleAuthenticationError) {
-      return potentialAuthModule;
+
+// src/utils/expose-internal-test-apis.ts
+var internalApisName = "__QLIK_INTERNAL__DO_NOT_USE_OR_YOU_WILL_BE_FIRED";
+function exposeInternalApiOnWindow(name, fn) {
+  if (globalThis.location?.origin.startsWith("https://localhost:") || globalThis.location?.origin?.endsWith("qlik-stage.com")) {
+    if (globalThis[internalApisName] === void 0) {
+      globalThis[internalApisName] = {};
     }
-    console.error("Not a valid auth module", potentialAuthModule);
-    throw new InvalidAuthTypeError(authType);
+    globalThis[internalApisName][name] = fn;
   }
-  return Promise.resolve(void 0);
 }
 
-// src/auth/auth-errors.ts
-var InvalidHostConfigError = class extends Error {
-  constructor(message) {
-    super(`Invalid host config: ${message}`);
-    this.name = "InvalidHostConfigError";
-  }
-};
-var UnexpectedAuthTypeError = class extends Error {
-  constructor(...expectedAuthTypes) {
-    const ors = expectedAuthTypes.map((item, index) => index === 0 ? `"${item}"` : `or "${item}"`).join(" ");
-    super(`HostConfig is not properly configured. authType is expected to be ${ors}`);
-    this.name = "UnexpectedAuthTypeError";
-  }
-};
-var InvalidAuthTypeError = class extends Error {
-  constructor(authType) {
-    const validAuthModules = getRegisteredAuthModules();
-    super(
-      `Not a valid auth type: ${authType}, valid auth types are; '${validAuthModules.filter((name) => name.toLowerCase() !== "qmfeembedframerauthmodule").join("', '")}'`
-    );
-    this.name = "InvalidAuthTypeError";
+// src/auth/internal/default-auth-modules/oauth/storage-helpers.ts
+var storagePrefix = "qlik-qmfe-api";
+function getTopicFromOauthHostConfig(hostConfig) {
+  let topic = hostConfig.clientId + (hostConfig.scope ? `_${hostConfig.scope}` : "_user_default");
+  if (hostConfig.subject) {
+    topic += `_${hostConfig.subject}`;
   }
-};
-function errorToString({ title, detail, code, status }) {
-  if (detail) {
-    return `${title} - ${detail} (Status: ${status}, Code: ${code})`;
+  if (hostConfig.userId) {
+    topic += `_${hostConfig.userId}`;
   }
-  return `${title} (Status: ${status}, Code: ${code})`;
+  return topic;
 }
-var AuthorizationError = class extends Error {
-  errors;
-  constructor(errors) {
-    if (typeof errors !== "object") {
-      super("Unknown error");
-      return;
-    }
-    const errorArray = Array.isArray(errors) ? errors : [errors];
-    super(errorArray.map(errorToString).join(", "));
-    this.errors = errorArray;
-  }
-};
-
-// src/auth/auth-functions.ts
-var lastErrorMessage = "";
-function logToConsole({ message }) {
-  if (message !== lastErrorMessage) {
-    lastErrorMessage = message;
-    console.error(message);
-  }
+function getTopicFromAnonHostConfig(hostConfig) {
+  return `${hostConfig.accessCode}_${hostConfig.clientId}`;
 }
-function isHostCrossOrigin(hostConfig) {
-  if (!globalThis.location?.origin) {
-    return true;
-  }
-  const hostConfigToUse = withResolvedHostConfig(hostConfig);
-  if (Object.keys(hostConfigToUse).length === 0) {
-    return false;
-  }
-  try {
-    const locationUrl = new URL(toValidLocationUrl(hostConfigToUse));
-    return locationUrl.origin !== globalThis.location.origin;
-  } catch {
+var cachedTokens = {};
+function clearAllCachedTokens() {
+  for (const key in cachedTokens) {
+    delete cachedTokens[key];
   }
-  return false;
 }
-async function isWindows(hostConfig) {
-  const hostConfigToUse = withResolvedHostConfig(hostConfig);
-  if (typeof hostConfigToUse.forceIsWindows === "boolean") {
-    return hostConfigToUse.forceIsWindows;
-  }
-  if (hostConfigToUse.authType === "cookie") {
-    return false;
-  }
-  if (hostConfigToUse.authType === "windowscookie") {
-    return true;
-  }
-  return (await getPlatform({ hostConfig })).isWindows;
+exposeInternalApiOnWindow("clearAllAccessTokens", () => {
+  console.log("Clearing tokens", cachedTokens);
+  Object.keys(cachedTokens).forEach((key) => {
+    console.log("Clearing access tokens for", key);
+    deleteFromLocalStorage(key, ["access-token", "refresh-token"]);
+    deleteFromSessionStorage(key, ["access-token", "refresh-token"]);
+  });
+  clearAllCachedTokens();
+});
+function saveInLocalStorage(topic, name, value) {
+  localStorage.setItem(`${storagePrefix}-${topic}-${name}`, value);
 }
-function toValidLocationUrl(hostConfig) {
-  const url = withResolvedHostConfig(hostConfig)?.host;
-  let locationUrl;
-  if (!url) {
-    locationUrl = "";
-  } else if (url.toLowerCase().startsWith("https://") || url.toLowerCase().startsWith("http://")) {
-    locationUrl = url;
-  } else {
-    locationUrl = `https://${url}`;
-  }
-  while (locationUrl[locationUrl.length - 1] === "/") {
-    locationUrl = locationUrl.substring(0, locationUrl.length - 1);
-  }
-  return locationUrl;
+function saveInSessionStorage(topic, name, value) {
+  sessionStorage.setItem(`${storagePrefix}-${topic}-${name}`, value);
 }
-function toValidWebsocketLocationUrl(hostConfig) {
-  const url = withResolvedHostConfig(hostConfig)?.host;
-  let locationUrl;
-  if (!url) {
-    locationUrl = globalThis.location.origin;
-  } else if (url.toLowerCase().startsWith("https://") || url.toLowerCase().startsWith("http://")) {
-    locationUrl = url;
-  } else {
-    locationUrl = `https://${url}`;
-  }
-  while (locationUrl[locationUrl.length - 1] === "/") {
-    locationUrl = locationUrl.substring(0, locationUrl.length - 1);
-  }
-  return locationUrl.replace(leadingHttp, "ws");
-}
-async function getWebSocketAuthParams(props) {
-  const hostConfigToUse = withResolvedHostConfig(props.hostConfig);
-  try {
-    const authModule = await getAuthModule(hostConfigToUse);
-    return await authModule.getWebSocketAuthParams({
-      ...props,
-      hostConfig: hostConfigToUse
-    });
-  } catch (err) {
-    (hostConfigToUse.onAuthFailed || logToConsole)(normalizeAuthModuleError(err));
-    throw err;
-  }
-}
-async function getWebResourceAuthParams(props) {
-  const hostConfigToUse = withResolvedHostConfig(props.hostConfig);
-  try {
-    const authModule = await getAuthModule(hostConfigToUse);
-    return await authModule.getWebResourceAuthParams?.({
-      ...props,
-      hostConfig: hostConfigToUse
-    }) || { queryParams: {} };
-  } catch (err) {
-    (hostConfigToUse.onAuthFailed || logToConsole)(normalizeAuthModuleError(err));
-    throw err;
-  }
-}
-async function handleAuthenticationError(props) {
-  const hostConfigToUse = withResolvedHostConfig(props.hostConfig);
-  const authModule = await getAuthModule(hostConfigToUse);
-  const result2 = await authModule.handleAuthenticationError({
-    ...props,
-    hostConfig: hostConfigToUse
-  });
-  const willRetry = props.canRetry && result2.retry;
-  const willHangUntilANewPageIsLoaded = result2.preventDefault;
-  if (!willRetry && !willHangUntilANewPageIsLoaded) {
-    const { status, errorBody } = props;
-    (hostConfigToUse.onAuthFailed || logToConsole)(normalizeInbandAuthError({ status, errorBody }));
-  }
-  return result2;
-}
-async function getRestCallAuthParams(props) {
-  const hostConfigToUse = withResolvedHostConfig(props.hostConfig);
-  try {
-    const authModule = await getAuthModule(hostConfigToUse);
-    return await authModule.getRestCallAuthParams({
-      ...props,
-      hostConfig: hostConfigToUse
-    });
-  } catch (err) {
-    (hostConfigToUse.onAuthFailed || logToConsole)(normalizeAuthModuleError(err));
-    throw err;
-  }
-}
-async function getAccessToken(props) {
-  const res = await getRestCallAuthParams({ method: "GET", ...props });
-  const authorizationHeader = res.headers?.Authorization;
-  if (authorizationHeader.indexOf("Bearer ") === 0) {
-    return authorizationHeader.substring(7);
-  }
-  throw new Error("Unknown format of authorization header returned by remote auth module");
-}
-function registerAuthModule2(name, authModule) {
-  registerAuthModule(name, authModule);
-}
-function setDefaultHostConfig(hostConfig) {
-  setDefaultHostConfigInternal(hostConfig);
-}
-function registerHostConfig(name, hostConfig) {
-  registerHostConfigInternal(name, hostConfig);
-}
-function unregisterHostConfig(name) {
-  unregisterHostConfigInternal(name);
-}
-function serializeHostConfig(hostConfig) {
-  const hostConfigToUse = withResolvedHostConfig(hostConfig);
-  return JSON.stringify(hostConfigToUse, hostConfigPropertyIgnorer);
-}
-async function determineAuthType(hostConfig) {
-  if (hostConfig.authType) {
-    return hostConfig.authType;
-  }
-  if (hostConfig.apiKey) {
-    return "apikey";
-  }
-  if (hostConfig.accessCode) {
-    return "anonymous";
-  }
-  if (hostConfig.clientId) {
-    return "oauth2";
-  }
-  if (hostConfig.webIntegrationId) {
-    return "cookie";
-  }
-  if (hostConfig.reference) {
-    return "reference";
-  }
-  if (await isWindows(hostConfig)) {
-    return "windowscookie";
-  }
-  return "cookie";
-}
-function checkForCrossDomainRequest(hostConfig) {
-  const hostConfigToUse = withResolvedHostConfig(hostConfig);
-  if (isHostCrossOrigin(hostConfigToUse)) {
-    if (Object.keys(hostConfigToUse).length === 0) {
-      throw new InvalidHostConfigError("a host config must be provided when making a cross domain request");
-    }
-    if (!hostConfigToUse.host) {
-      throw new InvalidHostConfigError("A 'host' must be set in host config when making a cross domain request");
-    }
-  }
-}
-var logout = () => {
-  globalThis.loggingOut = true;
-  globalThis.location.href = "/logout";
-};
-var leadingHttp = /^http/;
-function normalizeInbandAuthError({ errorBody, status }) {
-  const authError = errorBody;
-  if (typeof authError?.errors === "object") {
-    const err = new AuthorizationError(authError?.errors);
-    return { message: err.message };
-  }
-  return { message: `HTTP ${status}` };
-}
-function normalizeAuthModuleError(err) {
-  return { message: err.message || "Unknown error" };
-}
-function hostConfigPropertyIgnorer(key, value) {
-  if (key === "") {
-    return value;
-  }
-  if (key === "authType") {
-    return void 0;
-  }
-  const vtype = typeof value;
-  if (vtype === "object" || vtype === "function") {
-    return void 0;
-  }
-  return value;
-}
-
-// src/random/random.ts
-import { customAlphabet, nanoid } from "nanoid";
-function generateRandomString(targetLength) {
-  return nanoid(targetLength);
-}
-function generateRandomHexString(targetLength) {
-  return customAlphabet("1234567890abcdef", targetLength)();
-}
-
-// src/auth/internal/auth-functions.ts
-function getCredentialsForCookieAuth(hostConfig) {
-  if (hostConfig.crossSiteCookies === false) {
-    return "same-origin";
-  }
-  if (isHostCrossOrigin(hostConfig)) {
-    return "include";
-  }
-  return "same-origin";
-}
-function internalValidateHostConfig(hostConfig, options) {
-  const missingRequiredProps = [];
-  for (const requiredProp of options.requiredProps) {
-    if (!hostConfig[requiredProp]) {
-      missingRequiredProps.push(requiredProp);
-    }
-  }
-  if (missingRequiredProps.length > 0) {
-    throw new InvalidHostConfigError(
-      `missing required properties in host config; '${missingRequiredProps.join("', '")}'`
-    );
-  }
-  const validProps = [
-    "authType",
-    "autoRedirect",
-    "authRedirectUserConfirmation",
-    "embedRuntimeUrl",
-    "host",
-    "onAuthFailed",
-    ...options.requiredProps,
-    ...options.optionalProps
-  ];
-  const invalidKeys = [];
-  Object.keys(hostConfig).forEach((key) => {
-    if (!validProps.some((k) => k === key)) {
-      invalidKeys.push(key);
-    }
-  });
-  if (invalidKeys.length > 0) {
-    throw new InvalidHostConfigError(`unknown properties in host config; '${invalidKeys.join("', '")}'`);
-  }
-  return true;
-}
-
-// src/utils/expose-internal-test-apis.ts
-var internalApisName = "__QLIK_INTERNAL__DO_NOT_USE_OR_YOU_WILL_BE_FIRED";
-function exposeInternalApiOnWindow(name, fn) {
-  if (globalThis.location?.origin.startsWith("https://localhost:") || globalThis.location?.origin?.endsWith("qlik-stage.com")) {
-    if (globalThis[internalApisName] === void 0) {
-      globalThis[internalApisName] = {};
-    }
-    globalThis[internalApisName][name] = fn;
-  }
-}
-
-// src/auth/internal/default-auth-modules/oauth/storage-helpers.ts
-var storagePrefix = "qlik-qmfe-api";
-function getTopicFromOauthHostConfig(hostConfig) {
-  let topic = hostConfig.clientId + (hostConfig.scope ? `_${hostConfig.scope}` : "_user_default");
-  if (hostConfig.subject) {
-    topic += `_${hostConfig.subject}`;
-  }
-  if (hostConfig.userId) {
-    topic += `_${hostConfig.userId}`;
-  }
-  return topic;
-}
-function getTopicFromAnonHostConfig(hostConfig) {
-  return `${hostConfig.accessCode}_${hostConfig.clientId}`;
-}
-var cachedTokens = {};
-function clearAllCachedTokens() {
-  for (const key in cachedTokens) {
-    delete cachedTokens[key];
-  }
-}
-exposeInternalApiOnWindow("clearAllAccessTokens", () => {
-  console.log("Clearing tokens", cachedTokens);
-  Object.keys(cachedTokens).forEach((key) => {
-    console.log("Clearing access tokens for", key);
-    deleteFromLocalStorage(key, ["access-token", "refresh-token"]);
-    deleteFromSessionStorage(key, ["access-token", "refresh-token"]);
-  });
-  clearAllCachedTokens();
-});
-function saveInLocalStorage(topic, name, value) {
-  localStorage.setItem(`${storagePrefix}-${topic}-${name}`, value);
-}
-function saveInSessionStorage(topic, name, value) {
-  sessionStorage.setItem(`${storagePrefix}-${topic}-${name}`, value);
-}
-function loadFromLocalStorage(topic, name) {
-  return localStorage.getItem(`${storagePrefix}-${topic}-${name}`) || void 0;
+function loadFromLocalStorage(topic, name) {
+  return localStorage.getItem(`${storagePrefix}-${topic}-${name}`) || void 0;
 }
 function loadFromSessionStorage(topic, name) {
   return sessionStorage.getItem(`${storagePrefix}-${topic}-${name}`) || void 0;
@@ -672,8 +346,8 @@ function toPerformInteractiveLoginFunction(performInteractiveLogin) {
   }
   return performInteractiveLogin;
 }
-function lookupGetAccessFn(getAccessToken2) {
-  return globalThis[getAccessToken2];
+function lookupGetAccessFn(getAccessToken) {
+  return globalThis[getAccessToken];
 }
 function lookupInteractiveLoginFn(name) {
   return globalThis[name];
@@ -1087,7 +761,7 @@ async function handlePotentialAuthenticationErrorAndRetry(hostConfig, fn) {
   try {
     return await fn();
   } catch (err) {
-    const { retry } = await handleAuthenticationError2({
+    const { retry } = await handleAuthenticationError({
       hostConfig,
       canRetry: true
     });
@@ -1139,7 +813,7 @@ async function getAnonymousAccessToken(hostConfig) {
   }
   return "";
 }
-async function getRestCallAuthParams2({
+async function getRestCallAuthParams({
   hostConfig
 }) {
   return {
@@ -1150,7 +824,7 @@ async function getRestCallAuthParams2({
     credentials: "omit"
   };
 }
-async function getWebSocketAuthParams2({
+async function getWebSocketAuthParams({
   hostConfig
 }) {
   const websocketAccessToken = await handlePotentialAuthenticationErrorAndRetry(hostConfig, async () => {
@@ -1163,7 +837,7 @@ async function getWebSocketAuthParams2({
     }
   };
 }
-async function getWebResourceAuthParams2({
+async function getWebResourceAuthParams({
   hostConfig
 }) {
   const websocketResourceAccessToken = await handlePotentialAuthenticationErrorAndRetry(hostConfig, async () => {
@@ -1176,7 +850,7 @@ async function getWebResourceAuthParams2({
     }
   };
 }
-async function handleAuthenticationError2({
+async function handleAuthenticationError({
   hostConfig
 }) {
   clearStoredAnonymousTokens(hostConfig);
@@ -1186,18 +860,16 @@ async function handleAuthenticationError2({
   };
 }
 var anonymous_default = {
-  getRestCallAuthParams: getRestCallAuthParams2,
-  getWebSocketAuthParams: getWebSocketAuthParams2,
-  getWebResourceAuthParams: getWebResourceAuthParams2,
-  handleAuthenticationError: handleAuthenticationError2,
-  validateHostConfig: (hostConfig) => internalValidateHostConfig(hostConfig, {
-    requiredProps: ["clientId", "accessCode"],
-    optionalProps: []
-  })
+  requiredProps: ["clientId", "accessCode"],
+  optionalProps: [],
+  getRestCallAuthParams,
+  getWebSocketAuthParams,
+  getWebResourceAuthParams,
+  handleAuthenticationError
 };
 
 // src/auth/internal/default-auth-modules/apikey.ts
-function getRestCallAuthParams3({ hostConfig }) {
+function getRestCallAuthParams2({ hostConfig }) {
   return Promise.resolve({
     headers: {
       Authorization: `Bearer ${hostConfig?.apiKey}`
@@ -1206,25 +878,28 @@ function getRestCallAuthParams3({ hostConfig }) {
     credentials: "omit"
   });
 }
-async function getWebSocketAuthParams3() {
+async function getWebSocketAuthParams2() {
   return {
     queryParams: {
       // accessToken: hostConfig.apiKey,
     }
   };
 }
-function handleAuthenticationError3() {
+function handleAuthenticationError2() {
   return Promise.resolve({});
 }
 var apikey_default = {
-  getRestCallAuthParams: getRestCallAuthParams3,
-  getWebSocketAuthParams: getWebSocketAuthParams3,
-  handleAuthenticationError: handleAuthenticationError3,
-  validateHostConfig: (hostConfig) => internalValidateHostConfig(hostConfig, { requiredProps: ["apiKey"], optionalProps: [] })
+  requiredProps: ["apiKey"],
+  optionalProps: [],
+  getRestCallAuthParams: getRestCallAuthParams2,
+  getWebSocketAuthParams: getWebSocketAuthParams2,
+  handleAuthenticationError: handleAuthenticationError2
 };
 
-// src/http/http-functions.ts
+// src/http/http-constants.ts
 var QLIK_CSRF_TOKEN = "qlik-csrf-token";
+
+// src/http/http-functions.ts
 function clearCsrfToken(hostConfig) {
   const locationUrl = toValidLocationUrl(hostConfig);
   delete csrfTokens[locationUrl];
@@ -1269,11 +944,22 @@ async function getCsrfToken(hostConfig, noCache) {
 }
 var csrfTokens = {};
 
+// src/auth/internal/internal-auth-functions.ts
+function internalGetCredentialsForCookieAuth(hostConfig) {
+  if (hostConfig.crossSiteCookies === false) {
+    return "same-origin";
+  }
+  if (isHostCrossOrigin(hostConfig)) {
+    return "include";
+  }
+  return "same-origin";
+}
+
 // src/auth/internal/default-auth-modules/cookie.ts
 function isModifyingVerb(verb) {
   return !(verb === "get" || verb === "GET");
 }
-async function getRestCallAuthParams4({
+async function getRestCallAuthParams3({
   hostConfig,
   method
 }) {
@@ -1284,9 +970,9 @@ async function getRestCallAuthParams4({
   if (hostConfig.webIntegrationId) {
     headers["qlik-web-integration-id"] = hostConfig.webIntegrationId;
   }
-  return { headers, queryParams: {}, credentials: getCredentialsForCookieAuth(hostConfig) };
+  return { headers, queryParams: {}, credentials: internalGetCredentialsForCookieAuth(hostConfig) };
 }
-async function getWebSocketAuthParams4({
+async function getWebSocketAuthParams3({
   hostConfig
 }) {
   const params = {
@@ -1298,7 +984,7 @@ async function getWebSocketAuthParams4({
   }
   return { queryParams: params };
 }
-async function handleAuthenticationError4({
+async function handleAuthenticationError3({
   hostConfig,
   status
 }) {
@@ -1322,30 +1008,29 @@ async function handleAuthenticationError4({
   };
 }
 var cookie_default = {
-  getRestCallAuthParams: getRestCallAuthParams4,
-  getWebSocketAuthParams: getWebSocketAuthParams4,
-  handleAuthenticationError: handleAuthenticationError4,
-  validateHostConfig: (hostConfig) => internalValidateHostConfig(hostConfig, {
-    requiredProps: [],
-    optionalProps: ["webIntegrationId", "crossSiteCookies", "anonymousMode"]
-  })
+  requiredProps: [],
+  optionalProps: ["webIntegrationId", "crossSiteCookies", "anonymousMode"],
+  getRestCallAuthParams: getRestCallAuthParams3,
+  getWebSocketAuthParams: getWebSocketAuthParams3,
+  handleAuthenticationError: handleAuthenticationError3
 };
 
 // src/auth/internal/default-auth-modules/none.ts
-function getRestCallAuthParams5() {
+function getRestCallAuthParams4() {
   return Promise.resolve({ headers: {}, queryParams: {}, credentials: "same-origin" });
 }
-function getWebSocketAuthParams5() {
+function getWebSocketAuthParams4() {
   return Promise.resolve({ queryParams: {} });
 }
-function handleAuthenticationError5() {
+function handleAuthenticationError4() {
   return Promise.resolve({});
 }
 var none_default = {
-  getRestCallAuthParams: getRestCallAuthParams5,
-  getWebSocketAuthParams: getWebSocketAuthParams5,
-  handleAuthenticationError: handleAuthenticationError5,
-  validateHostConfig: (hostConfig) => internalValidateHostConfig(hostConfig, { requiredProps: [], optionalProps: [] })
+  requiredProps: [],
+  optionalProps: [],
+  getRestCallAuthParams: getRestCallAuthParams4,
+  getWebSocketAuthParams: getWebSocketAuthParams4,
+  handleAuthenticationError: handleAuthenticationError4
 };
 
 // src/auth/internal/default-auth-modules/oauth/callback.ts
@@ -1385,7 +1070,7 @@ async function handlePotentialAuthenticationErrorAndRetry2(hostConfig, fn) {
   try {
     return await fn();
   } catch (err) {
-    const { retry } = await handleAuthenticationError6({
+    const { retry } = await handleAuthenticationError5({
       hostConfig,
       canRetry: true
     });
@@ -1395,7 +1080,7 @@ async function handlePotentialAuthenticationErrorAndRetry2(hostConfig, fn) {
     throw err;
   }
 }
-async function getRestCallAuthParams6({
+async function getRestCallAuthParams5({
   hostConfig
 }) {
   return {
@@ -1406,7 +1091,7 @@ async function getRestCallAuthParams6({
     credentials: "omit"
   };
 }
-async function getWebSocketAuthParams6({
+async function getWebSocketAuthParams5({
   hostConfig
 }) {
   const websocketAccessToken = await handlePotentialAuthenticationErrorAndRetry2(hostConfig, async () => {
@@ -1419,7 +1104,7 @@ async function getWebSocketAuthParams6({
     }
   };
 }
-async function getWebResourceAuthParams3({
+async function getWebResourceAuthParams2({
   hostConfig
 }) {
   const webResourceAccessToken = await handlePotentialAuthenticationErrorAndRetry2(hostConfig, async () => {
@@ -1432,183 +1117,544 @@ async function getWebResourceAuthParams3({
     }
   };
 }
-async function handleAuthenticationError6({
-  hostConfig
-}) {
-  if (hostConfig.getAccessToken) {
-    clearStoredOauthTokens(hostConfig);
-    return {
-      preventDefault: false,
-      retry: true
-    };
+async function handleAuthenticationError5({
+  hostConfig
+}) {
+  if (hostConfig.getAccessToken) {
+    clearStoredOauthTokens(hostConfig);
+    return {
+      preventDefault: false,
+      retry: true
+    };
+  }
+  if (isBrowser()) {
+    if (hostConfig.performInteractiveLogin) {
+      clearStoredOauthTokens(hostConfig);
+      return {
+        retry: true
+      };
+    }
+    if (hostConfig.authRedirectUserConfirmation) {
+      await hostConfig.authRedirectUserConfirmation();
+    }
+    startFullPageLoginFlow(hostConfig);
+    return {
+      preventDefault: true
+    };
+  }
+  await refreshAccessToken(hostConfig);
+  return {
+    preventDefault: false,
+    retry: true
+  };
+}
+var oauth_default = {
+  requiredProps: ["clientId"],
+  optionalProps: [
+    "clientSecret",
+    "redirectUri",
+    "accessTokenStorage",
+    "scope",
+    "subject",
+    "userId",
+    "noCache",
+    "getAccessToken",
+    "performInteractiveLogin"
+  ],
+  getRestCallAuthParams: getRestCallAuthParams5,
+  getWebSocketAuthParams: getWebSocketAuthParams5,
+  getWebResourceAuthParams: getWebResourceAuthParams2,
+  handleAuthenticationError: handleAuthenticationError5
+};
+
+// src/auth/internal/default-auth-modules/reference.ts
+function getRestCallAuthParams6() {
+  throw new Error("getRestCallAuthParams should never be called for reference auth module");
+}
+function getWebSocketAuthParams6() {
+  throw new Error("getWebSocketAuthParams should never be called for reference auth module");
+}
+function handleAuthenticationError6() {
+  throw new Error("handleAuthenticationError should never be called for reference auth module");
+}
+var reference_default = {
+  requiredProps: ["reference"],
+  optionalProps: [],
+  getRestCallAuthParams: getRestCallAuthParams6,
+  getWebSocketAuthParams: getWebSocketAuthParams6,
+  handleAuthenticationError: handleAuthenticationError6
+};
+
+// src/auth/internal/default-auth-modules/windows-cookie/xrf-keys.ts
+var xrfKeys = {};
+function createXrfKey() {
+  let result2 = "";
+  for (let i = 0; i < 16; i += 1) {
+    const j = Math.floor(Math.random() * 62);
+    if (j < 10) {
+      result2 += j;
+    } else if (j > 9 && j < 36) {
+      result2 += String.fromCharCode(j + 55);
+    } else {
+      result2 += String.fromCharCode(j + 61);
+    }
+  }
+  return result2;
+}
+function getXrfKey(hostConfig) {
+  const locationUrl = toValidLocationUrl(hostConfig);
+  xrfKeys[locationUrl] = xrfKeys[locationUrl] || createXrfKey();
+  return xrfKeys[locationUrl];
+}
+
+// src/auth/internal/default-auth-modules/windows-cookie.ts
+async function getRestCallAuthParams7({
+  hostConfig
+}) {
+  return {
+    headers: {
+      "X-Qlik-XrfKey": getXrfKey(hostConfig)
+    },
+    queryParams: {
+      xrfkey: getXrfKey(hostConfig)
+    },
+    credentials: internalGetCredentialsForCookieAuth(hostConfig)
+  };
+}
+async function getWebSocketAuthParams7({
+  hostConfig
+}) {
+  return {
+    queryParams: {
+      xrfkey: getXrfKey(hostConfig),
+      "qlik-csrf-token": await getCsrfToken(hostConfig, true)
+    }
+  };
+}
+async function handleAuthenticationError7({
+  hostConfig
+}) {
+  if (hostConfig.loginUri) {
+    if (hostConfig.authRedirectUserConfirmation) {
+      await hostConfig.authRedirectUserConfirmation();
+    }
+    globalThis.location.replace(
+      hostConfig.loginUri.replace("{location}", encodeURIComponent(globalThis.location.href))
+    );
+    return {
+      preventDefault: true
+    };
+  }
+  return {
+    // Do nothing, just let the error be thrown to calling code
+  };
+}
+var windows_cookie_default = {
+  requiredProps: [],
+  optionalProps: ["loginUri", "crossSiteCookies"],
+  getRestCallAuthParams: getRestCallAuthParams7,
+  getWebSocketAuthParams: getWebSocketAuthParams7,
+  handleAuthenticationError: handleAuthenticationError7
+};
+
+// src/auth/internal/auth-module-registry.ts
+var authModules = {};
+var ongoingAuthModuleLoading = Promise.resolve();
+var authModulesRegistered = false;
+(function registerDefaultAuthModules() {
+  if (!authModulesRegistered) {
+    registerAuthModule("apikey", apikey_default);
+    registerAuthModule("cookie", cookie_default);
+    registerAuthModule("none", none_default);
+    registerAuthModule("oauth2", oauth_default);
+    registerAuthModule("anonymous", anonymous_default);
+    registerAuthModule("windowscookie", windows_cookie_default);
+    registerAuthModule("reference", reference_default);
+    authModulesRegistered = true;
+  }
+})();
+function registerAuthModule(name, authModule) {
+  authModules[name.toLowerCase()] = authModule;
+}
+function getRegisteredAuthModules() {
+  return Object.keys(authModules);
+}
+function getRegisteredAuthModule(authType) {
+  return authModules[authType.toLowerCase()];
+}
+async function getAuthModule(hostConfig) {
+  const hostConfigToUse = withResolvedHostConfig(hostConfig);
+  const authType = await determineAuthType(hostConfigToUse);
+  if (ongoingAuthModuleLoading) {
+    await ongoingAuthModuleLoading;
+  }
+  let authModule = getRegisteredAuthModule(authType);
+  if (!authModule) {
+    ongoingAuthModuleLoading = (async () => {
+      authModule = await resolveGloballyDefinedAuthModule(authType);
+      if (authModule) {
+        registerAuthModule(authType, authModule);
+      }
+    })();
+    await ongoingAuthModuleLoading;
+  }
+  if (!authModule) {
+    throw new InvalidAuthTypeError(authType);
+  }
+  if (authModule.validateHostConfig) {
+    authModule.validateHostConfig({ authType, ...hostConfigToUse });
+  } else {
+    internalValidateHostConfig(
+      { authType, ...hostConfigToUse },
+      { requiredProps: authModule.requiredProps || [], optionalProps: authModule.optionalProps || [] }
+    );
+  }
+  return authModule;
+}
+async function resolveGloballyDefinedAuthModule(authType) {
+  const globalWindow = globalThis;
+  const globalVariable = globalWindow[authType];
+  if (globalVariable) {
+    let potentialAuthModule;
+    if (typeof globalVariable === "function") {
+      potentialAuthModule = await globalVariable();
+    } else {
+      potentialAuthModule = globalVariable;
+    }
+    if (potentialAuthModule && potentialAuthModule.getRestCallAuthParams && potentialAuthModule.getWebSocketAuthParams && potentialAuthModule.handleAuthenticationError) {
+      return potentialAuthModule;
+    }
+    console.error("Not a valid auth module", potentialAuthModule);
+    throw new InvalidAuthTypeError(authType);
+  }
+  return Promise.resolve(void 0);
+}
+function internalValidateHostConfig(hostConfig, { requiredProps, optionalProps }) {
+  const missingRequiredProps = [];
+  for (const requiredProp of requiredProps) {
+    if (!hostConfig[requiredProp]) {
+      missingRequiredProps.push(requiredProp);
+    }
+  }
+  if (missingRequiredProps.length > 0) {
+    throw new InvalidHostConfigError(
+      `missing required properties in host config; '${missingRequiredProps.join("', '")}'`
+    );
+  }
+  const validProps = [...hostConfigCommonProperties, ...requiredProps, ...optionalProps];
+  const invalidKeys = [];
+  Object.keys(hostConfig).forEach((key) => {
+    if (!validProps.includes(key)) {
+      invalidKeys.push(key);
+    }
+  });
+  if (invalidKeys.length > 0) {
+    console.warn(`WARNING: unknown properties in host config; '${invalidKeys.join("', '")}'`);
+  }
+  return true;
+}
+async function determineAuthType(hostConfig) {
+  if (hostConfig.authType) {
+    return hostConfig.authType;
+  }
+  if (hostConfig.apiKey) {
+    return "apikey";
+  }
+  if (hostConfig.accessCode) {
+    return "anonymous";
+  }
+  if (hostConfig.clientId) {
+    return "oauth2";
+  }
+  if (hostConfig.webIntegrationId) {
+    return "cookie";
+  }
+  if (hostConfig.reference) {
+    return "reference";
+  }
+  if (await isWindows(hostConfig)) {
+    return "windowscookie";
+  }
+  return "cookie";
+}
+
+// src/auth/auth-errors.ts
+var InvalidHostConfigError = class extends Error {
+  constructor(message) {
+    super(`Invalid host config: ${message}`);
+    this.name = "InvalidHostConfigError";
+  }
+};
+var UnexpectedAuthTypeError = class extends Error {
+  constructor(...expectedAuthTypes) {
+    const ors = expectedAuthTypes.map((item, index) => index === 0 ? `"${item}"` : `or "${item}"`).join(" ");
+    super(`HostConfig is not properly configured. authType is expected to be ${ors}`);
+    this.name = "UnexpectedAuthTypeError";
+  }
+};
+var InvalidAuthTypeError = class extends Error {
+  constructor(authType) {
+    const validAuthModules = getRegisteredAuthModules();
+    super(
+      `Not a valid auth type: ${authType}, valid auth types are; '${validAuthModules.filter((name) => name.toLowerCase() !== "qmfeembedframerauthmodule").join("', '")}'`
+    );
+    this.name = "InvalidAuthTypeError";
+  }
+};
+function errorToString({ title, detail, code, status }) {
+  if (detail) {
+    return `${title} - ${detail} (Status: ${status}, Code: ${code})`;
+  }
+  return `${title} (Status: ${status}, Code: ${code})`;
+}
+var AuthorizationError = class extends Error {
+  errors;
+  constructor(errors) {
+    if (typeof errors !== "object") {
+      super("Unknown error");
+      return;
+    }
+    const errorArray = Array.isArray(errors) ? errors : [errors];
+    super(errorArray.map(errorToString).join(", "));
+    this.errors = errorArray;
+  }
+};
+
+// src/auth/internal/host-config-functions.ts
+var defaultHostConfig = {};
+function setDefaultHostConfigInternal(hostConfig) {
+  defaultHostConfig = hostConfig || {};
+}
+function getDefaultHostConfigInternal() {
+  return defaultHostConfig;
+}
+function removeDefaults(hostConfig) {
+  const cleanedHostConfig = cleanFalsyValues(hostConfig) || {};
+  if (cleanedHostConfig.host) {
+    cleanedHostConfig.host = toValidLocationUrl(cleanedHostConfig);
+  }
+  if (isBrowser()) {
+    if (toValidLocationUrl(cleanedHostConfig) === window.location.origin) {
+      delete cleanedHostConfig.host;
+    }
+  }
+  if (cleanedHostConfig.authType && authTypesThatCanBeOmitted.includes(cleanedHostConfig.authType)) {
+    delete cleanedHostConfig.authType;
+  }
+  return cleanedHostConfig;
+}
+function globalReplacer(key, value) {
+  if (typeof value === "function") {
+    return void 0;
+  }
+  return value;
+}
+function serializeHostConfigInternal(hostConfig) {
+  const hostConfigToUse = removeDefaults(withResolvedHostConfig(hostConfig));
+  const sorted = sortKeys(hostConfigToUse);
+  return JSON.stringify(sorted, globalReplacer);
+}
+var registeredHostConfigs = /* @__PURE__ */ new Map();
+function registerHostConfigInternal(name, hostConfig) {
+  if (hostConfig?.reference) {
+    throw new InvalidHostConfigError("Cannot register a host config with a reference");
+  }
+  if (registeredHostConfigs.has(name)) {
+    console.warn(`registerHostConfig: Host config with name "${name}" is already registered. Overwriting.`);
+  }
+  registeredHostConfigs.set(name, hostConfig);
+}
+function unregisterHostConfigInternal(name) {
+  if (registeredHostConfigs.has(name)) {
+    registeredHostConfigs.delete(name);
+  } else {
+    console.warn(`unregisterHostConfig: Host config with name "${name}" not found.`);
+  }
+}
+function getRegisteredHostConfigInternal(name) {
+  if (!registeredHostConfigs.has(name)) {
+    throw new Error(`Host config with name "${name}" not found.`);
+  }
+  return registeredHostConfigs.get(name);
+}
+
+// src/auth/auth-functions.ts
+globalThis.loggingOut = false;
+var lastErrorMessage = "";
+function logToConsole({ message }) {
+  if (message !== lastErrorMessage) {
+    lastErrorMessage = message;
+    console.error(message);
+  }
+}
+function determineAuthType2(hostConfig) {
+  return determineAuthType(hostConfig);
+}
+function isHostCrossOrigin(hostConfig) {
+  if (!globalThis.location?.origin) {
+    return true;
+  }
+  const hostConfigToUse = withResolvedHostConfig(hostConfig);
+  if (Object.keys(hostConfigToUse).length === 0) {
+    return false;
+  }
+  try {
+    const locationUrl = new URL(toValidLocationUrl(hostConfigToUse));
+    return locationUrl.origin !== globalThis.location.origin;
+  } catch {
+  }
+  return false;
+}
+async function isWindows(hostConfig) {
+  const hostConfigToUse = withResolvedHostConfig(hostConfig);
+  if (typeof hostConfigToUse.forceIsWindows === "boolean") {
+    return hostConfigToUse.forceIsWindows;
+  }
+  if (hostConfigToUse.authType === "cookie") {
+    return false;
+  }
+  if (hostConfigToUse.authType === "windowscookie") {
+    return true;
+  }
+  return (await getPlatform({ hostConfig })).isWindows;
+}
+function toValidLocationUrl(hostConfig) {
+  const url = withResolvedHostConfig(hostConfig)?.host?.trim();
+  let locationUrl;
+  if (!url) {
+    locationUrl = "";
+  } else if (url.toLowerCase().startsWith("https://") || url.toLowerCase().startsWith("http://")) {
+    locationUrl = url;
+  } else {
+    locationUrl = `https://${url}`;
+  }
+  while (locationUrl[locationUrl.length - 1] === "/") {
+    locationUrl = locationUrl.substring(0, locationUrl.length - 1);
+  }
+  return locationUrl;
+}
+function toValidWebsocketLocationUrl(hostConfig) {
+  const url = withResolvedHostConfig(hostConfig)?.host;
+  let locationUrl;
+  if (!url) {
+    locationUrl = globalThis.location.origin;
+  } else if (url.toLowerCase().startsWith("https://") || url.toLowerCase().startsWith("http://")) {
+    locationUrl = url;
+  } else {
+    locationUrl = `https://${url}`;
+  }
+  while (locationUrl[locationUrl.length - 1] === "/") {
+    locationUrl = locationUrl.substring(0, locationUrl.length - 1);
+  }
+  return locationUrl.replace(leadingHttp, "ws");
+}
+async function getWebSocketAuthParams8(props) {
+  const hostConfigToUse = withResolvedHostConfig(props.hostConfig);
+  try {
+    const authModule = await getAuthModule(hostConfigToUse);
+    return await authModule.getWebSocketAuthParams({
+      ...props,
+      hostConfig: hostConfigToUse
+    });
+  } catch (err) {
+    (hostConfigToUse.onAuthFailed || logToConsole)(normalizeAuthModuleError(err));
+    throw err;
+  }
+}
+async function getWebResourceAuthParams3(props) {
+  const hostConfigToUse = withResolvedHostConfig(props.hostConfig);
+  try {
+    const authModule = await getAuthModule(hostConfigToUse);
+    return await authModule.getWebResourceAuthParams?.({
+      ...props,
+      hostConfig: hostConfigToUse
+    }) || { queryParams: {} };
+  } catch (err) {
+    (hostConfigToUse.onAuthFailed || logToConsole)(normalizeAuthModuleError(err));
+    throw err;
   }
-  if (isBrowser()) {
-    if (hostConfig.performInteractiveLogin) {
-      clearStoredOauthTokens(hostConfig);
-      return {
-        retry: true
-      };
-    }
-    if (hostConfig.authRedirectUserConfirmation) {
-      await hostConfig.authRedirectUserConfirmation();
-    }
-    startFullPageLoginFlow(hostConfig);
-    return {
-      preventDefault: true
-    };
+}
+async function handleAuthenticationError8(props) {
+  const hostConfigToUse = withResolvedHostConfig(props.hostConfig);
+  const authModule = await getAuthModule(hostConfigToUse);
+  const result2 = await authModule.handleAuthenticationError({
+    ...props,
+    hostConfig: hostConfigToUse
+  });
+  const willRetry = props.canRetry && result2.retry;
+  const willHangUntilANewPageIsLoaded = result2.preventDefault;
+  if (!willRetry && !willHangUntilANewPageIsLoaded) {
+    const { status, errorBody } = props;
+    (hostConfigToUse.onAuthFailed || logToConsole)(normalizeInbandAuthError({ status, errorBody }));
   }
-  await refreshAccessToken(hostConfig);
-  return {
-    preventDefault: false,
-    retry: true
-  };
+  return result2;
 }
-var oauth_default = {
-  getRestCallAuthParams: getRestCallAuthParams6,
-  getWebSocketAuthParams: getWebSocketAuthParams6,
-  getWebResourceAuthParams: getWebResourceAuthParams3,
-  handleAuthenticationError: handleAuthenticationError6,
-  validateHostConfig: (hostConfig) => internalValidateHostConfig(hostConfig, {
-    requiredProps: ["clientId"],
-    optionalProps: [
-      "clientSecret",
-      "redirectUri",
-      "accessTokenStorage",
-      "scope",
-      "subject",
-      "userId",
-      "noCache",
-      "getAccessToken",
-      "performInteractiveLogin"
-    ]
-  })
-};
-
-// src/auth/internal/default-auth-modules/reference.ts
-function getRestCallAuthParams7() {
-  throw new Error("getRestCallAuthParams should never be called for reference auth module");
+async function getRestCallAuthParams8(props) {
+  const hostConfigToUse = withResolvedHostConfig(props.hostConfig);
+  try {
+    const authModule = await getAuthModule(hostConfigToUse);
+    return await authModule.getRestCallAuthParams({
+      ...props,
+      hostConfig: hostConfigToUse
+    });
+  } catch (err) {
+    (hostConfigToUse.onAuthFailed || logToConsole)(normalizeAuthModuleError(err));
+    throw err;
+  }
 }
-function getWebSocketAuthParams7() {
-  throw new Error("getWebSocketAuthParams should never be called for reference auth module");
+function registerAuthModule2(name, authModule) {
+  registerAuthModule(name, authModule);
 }
-function handleAuthenticationError7() {
-  throw new Error("handleAuthenticationError should never be called for reference auth module");
+function setDefaultHostConfig(hostConfig) {
+  setDefaultHostConfigInternal(hostConfig);
 }
-var reference_default = {
-  getRestCallAuthParams: getRestCallAuthParams7,
-  getWebSocketAuthParams: getWebSocketAuthParams7,
-  handleAuthenticationError: handleAuthenticationError7,
-  validateHostConfig: (hostConfig) => internalValidateHostConfig(hostConfig, { requiredProps: ["reference"], optionalProps: [] })
-};
-
-// src/auth/internal/default-auth-modules/windows-cookie/xrf-keys.ts
-var xrfKeys = {};
-function createXrfKey() {
-  let result2 = "";
-  for (let i = 0; i < 16; i += 1) {
-    const j = Math.floor(Math.random() * 62);
-    if (j < 10) {
-      result2 += j;
-    } else if (j > 9 && j < 36) {
-      result2 += String.fromCharCode(j + 55);
-    } else {
-      result2 += String.fromCharCode(j + 61);
-    }
-  }
-  return result2;
+function registerHostConfig(name, hostConfig) {
+  registerHostConfigInternal(name, hostConfig);
 }
-function getXrfKey(hostConfig) {
-  const locationUrl = toValidLocationUrl(hostConfig);
-  xrfKeys[locationUrl] = xrfKeys[locationUrl] || createXrfKey();
-  return xrfKeys[locationUrl];
+function unregisterHostConfig(name) {
+  unregisterHostConfigInternal(name);
 }
-
-// src/auth/internal/default-auth-modules/windows-cookie.ts
-async function getRestCallAuthParams8({
-  hostConfig
-}) {
-  return {
-    headers: {
-      "X-Qlik-XrfKey": getXrfKey(hostConfig)
-    },
-    queryParams: {
-      xrfkey: getXrfKey(hostConfig)
-    },
-    credentials: getCredentialsForCookieAuth(hostConfig)
-  };
+function serializeHostConfig(hostConfig) {
+  return serializeHostConfigInternal(hostConfig);
 }
-async function getWebSocketAuthParams8({
-  hostConfig
-}) {
-  return {
-    queryParams: {
-      xrfkey: getXrfKey(hostConfig),
-      "qlik-csrf-token": await getCsrfToken(hostConfig, true)
+function checkForCrossDomainRequest(hostConfig) {
+  const hostConfigToUse = withResolvedHostConfig(hostConfig);
+  if (isHostCrossOrigin(hostConfigToUse)) {
+    if (Object.keys(hostConfigToUse).length === 0) {
+      throw new InvalidHostConfigError("a host config must be provided when making a cross domain request");
     }
-  };
-}
-async function handleAuthenticationError8({
-  hostConfig
-}) {
-  if (hostConfig.loginUri) {
-    if (hostConfig.authRedirectUserConfirmation) {
-      await hostConfig.authRedirectUserConfirmation();
+    if (!hostConfigToUse.host) {
+      throw new InvalidHostConfigError(
+        "A 'host' property must be set in host config when making a cross domain request"
+      );
     }
-    globalThis.location.replace(
-      hostConfig.loginUri.replace("{location}", encodeURIComponent(globalThis.location.href))
-    );
-    return {
-      preventDefault: true
-    };
   }
-  return {
-    // Do nothing, just let the error be thrown to calling code
-  };
 }
-var windows_cookie_default = {
-  getRestCallAuthParams: getRestCallAuthParams8,
-  getWebSocketAuthParams: getWebSocketAuthParams8,
-  handleAuthenticationError: handleAuthenticationError8,
-  validateHostConfig: (hostConfig) => internalValidateHostConfig(hostConfig, {
-    requiredProps: [],
-    optionalProps: ["loginUri", "crossSiteCookies"]
-  })
+var logout = () => {
+  globalThis.loggingOut = true;
+  globalThis.location.href = "/logout";
 };
-
-// src/auth/auth.ts
-globalThis.loggingOut = false;
-var authModulesRegistered = false;
-function registerDefaultAuthModules() {
-  if (!authModulesRegistered) {
-    registerAuthModule("apikey", apikey_default);
-    registerAuthModule("cookie", cookie_default);
-    registerAuthModule("none", none_default);
-    registerAuthModule("oauth2", oauth_default);
-    registerAuthModule("anonymous", anonymous_default);
-    registerAuthModule("windowscookie", windows_cookie_default);
-    registerAuthModule("reference", reference_default);
-    authModulesRegistered = true;
+var leadingHttp = /^http/;
+function normalizeInbandAuthError({ errorBody, status }) {
+  const authError = errorBody;
+  if (typeof authError?.errors === "object") {
+    const err = new AuthorizationError(authError?.errors);
+    return { message: err.message };
   }
+  return { message: `HTTP ${status}` };
+}
+function normalizeAuthModuleError(err) {
+  return { message: err.message || "Unknown error" };
+}
+function withResolvedHostConfig(hostConfig) {
+  if (hostConfig?.reference) {
+    return getRegisteredHostConfigInternal(hostConfig.reference);
+  }
+  if (hostConfig && Object.keys(hostConfig).length > 0) {
+    return hostConfig;
+  }
+  return getDefaultHostConfigInternal();
 }
-registerDefaultAuthModules();
-var auth = {
-  logout,
-  registerAuthModule,
-  setDefaultHostConfig,
-  registerHostConfig,
-  unregisterHostConfig,
-  getRestCallAuthParams,
-  getWebSocketAuthParams,
-  getWebResourceAuthParams,
-  handleAuthenticationError,
-  toValidLocationUrl,
-  toValidWebsocketLocationUrl,
-  isWindows,
-  isHostCrossOrigin,
-  determineAuthType,
-  serializeHostConfig
-};
-var auth_default = auth;
 
 // src/invoke-fetch/internal/invoke-fetch-helpers.ts
 function encodeQueryParams(query) {
@@ -1981,7 +2027,7 @@ async function getInvokeFetchUrlParams({
     headers: authHeaders,
     queryParams: authQueryParams,
     credentials
-  } = await getRestCallAuthParams({
+  } = await getRestCallAuthParams8({
     hostConfig: options?.hostConfig,
     method
   });
@@ -2114,7 +2160,7 @@ async function interceptAuthenticationErrors(hostConfig, resultPromise, performR
       if (globalThis.loggingOut) {
         return neverResolvingPromise();
       }
-      const { retry, preventDefault } = await handleAuthenticationError({
+      const { retry, preventDefault } = await handleAuthenticationError8({
         hostConfig,
         status: err.status,
         headers: err.headers,
@@ -2166,50 +2212,6 @@ async function download(blob, filename) {
   }
 }
 
-// src/invoke-fetch/invoke-fetch-error.ts
-var InvokeFetchError = class extends Error {
-  status;
-  headers;
-  data;
-  constructor(errorMessage, status, headers, data) {
-    super(errorMessage);
-    this.status = status;
-    this.headers = headers;
-    this.data = data;
-    this.stack = cleanStack(this.stack);
-  }
-};
-var EncodingError = class extends Error {
-  contentType;
-  data;
-  constructor(errorMessage, contentType, data) {
-    super(errorMessage);
-    this.contentType = contentType;
-    this.data = data;
-    this.stack = cleanStack(this.stack);
-  }
-};
-var regex = /^.+\/qmfe-api(?:\.js)?:(\d+)(?::\d+)?$/gim;
-var isFromQmfeApi = (line) => {
-  const matches = line.match(regex);
-  return Boolean(matches && matches.length > 0);
-};
-function cleanStack(stack) {
-  if (!stack) {
-    return stack;
-  }
-  const newStack = [];
-  const lines = stack.split("\n");
-  lines.reverse();
-  for (const line of lines) {
-    if (isFromQmfeApi(line)) {
-      break;
-    }
-    newStack.unshift(line);
-  }
-  return newStack.join("\n");
-}
-
 // src/invoke-fetch/invoke-fetch-functions.ts
 var defaultUserAgent = "qmfe-api/latest";
 async function invokeFetch(api, props, interceptors) {
@@ -2301,44 +2303,32 @@ async function parseFetchResponse(fetchResponse, url) {
   return invokeFetchResponse;
 }
 
-// src/invoke-fetch/invoke-fetch.ts
-var invokeFetchExp = {
-  invokeFetch,
-  clearApiCache,
-  parseFetchResponse
-};
-var invoke_fetch_default = invokeFetchExp;
-
 export {
   getPlatform,
+  generateRandomString,
+  exposeInternalApiOnWindow,
+  InvokeFetchError,
+  EncodingError,
+  invokeFetch,
+  clearApiCache,
+  parseFetchResponse,
   InvalidHostConfigError,
   UnexpectedAuthTypeError,
   InvalidAuthTypeError,
   AuthorizationError,
+  determineAuthType2 as determineAuthType,
   isHostCrossOrigin,
   isWindows,
   toValidLocationUrl,
   toValidWebsocketLocationUrl,
-  getWebSocketAuthParams,
-  getWebResourceAuthParams,
-  handleAuthenticationError,
-  getRestCallAuthParams,
-  getAccessToken,
+  getWebSocketAuthParams8 as getWebSocketAuthParams,
+  getWebResourceAuthParams3 as getWebResourceAuthParams,
+  handleAuthenticationError8 as handleAuthenticationError,
+  getRestCallAuthParams8 as getRestCallAuthParams,
   registerAuthModule2 as registerAuthModule,
   setDefaultHostConfig,
   registerHostConfig,
   unregisterHostConfig,
   serializeHostConfig,
-  determineAuthType,
-  checkForCrossDomainRequest,
-  logout,
-  generateRandomString,
-  exposeInternalApiOnWindow,
-  InvokeFetchError,
-  EncodingError,
-  invokeFetch,
-  clearApiCache,
-  parseFetchResponse,
-  invoke_fetch_default,
-  auth_default
+  logout
 };