@qlik/api 2.3.0 → 2.4.0

package/chunks/{interceptors-DipDBQQ5.js → boot-interceptors-DqRxTczb.js}

@@ -1,9 +1,10 @@
-import { a as sortKeys, i as isNode, r as isBrowser, t as cleanFalsyValues } from "./utils-vv-xFm06.js";
-import { n as hostConfigCommonProperties, t as authTypesThatCanBeOmitted } from "./auth-types-h43TVDpB.js";
+import { a as sortKeys, i as isNode, r as isBrowser, t as cleanFalsyValues } from "./utils-jkpLuYZR.js";
+import { authTypesThatCanBeOmitted, hostConfigCommonProperties } from "../auth-types.js";
+import { getInterceptors } from "../interceptors.js";
 
 //#region src/platform/platform-functions.ts
 const getPlatform = async (options = {}) => {
-	const hc = withResolvedHostConfig(options.hostConfig);
+	const hc = resolveHostConfig(options.hostConfig);
 	if (hc.authType === "mock-backend-rest-recorder") return hc.recordGetPlatform();
 	if (hc?.authType === "mock-backend") return hc.mockGetPlatform();
 	if (hc?.authType === "noauth") return result({ isUnknown: true });
@@ -137,9 +138,9 @@ const HEX_ALPHABET = "0123456789abcdef";
 function generateRandomFromAlphabet(alphabet, length) {
 	const bytes = new Uint8Array(length);
 	globalThis.crypto.getRandomValues(bytes);
-	let result$1 = "";
-	for (let i = 0; i < length; i++) result$1 += alphabet[bytes[i] % alphabet.length];
-	return result$1;
+	let result = "";
+	for (let i = 0; i < length; i++) result += alphabet[bytes[i] % alphabet.length];
+	return result;
 }
 /**
 * Method helper for generating a random string [a-zA-Z0-9\-_]{length}
@@ -156,6 +157,154 @@ function generateRandomHexString(targetLength) {
 	return generateRandomFromAlphabet(HEX_ALPHABET, targetLength);
 }
 
+//#endregion
+//#region src/auth/internal/host-config-functions.ts
+const emptyHostConfig = {};
+const normalizedHostConfigs = /* @__PURE__ */ new Map();
+/**
+* Returns a new host config with all default and falsy values removed.
+* @param hostConfig - The host config to fill with defaults
+* @returns
+*/
+function removeDefaults(hostConfig) {
+	const cleanedHostConfig = cleanFalsyValues(hostConfig) || {};
+	if (cleanedHostConfig.host) cleanedHostConfig.host = toValidLocationUrl(cleanedHostConfig);
+	if (isBrowser()) {
+		if (toValidLocationUrl(cleanedHostConfig) === window.location.origin) delete cleanedHostConfig.host;
+	}
+	if (cleanedHostConfig.authType && authTypesThatCanBeOmitted.includes(cleanedHostConfig.authType)) delete cleanedHostConfig.authType;
+	return cleanedHostConfig;
+}
+function globalReplacer(key, value) {
+	if (typeof value === "function") return;
+	return value;
+}
+/**
+* Serializes the provided hostConfig, if present, otherwise the default one.
+*/
+function serializeHostConfig$1(hostConfig) {
+	const sorted = sortKeys(removeDefaults(resolveHostConfig(hostConfig)));
+	return JSON.stringify(sorted, globalReplacer);
+}
+const registeredHostConfigs = /* @__PURE__ */ new Map();
+/**
+* Registers a host config with the given name.
+* @param name The name of the host config to be used to reference the host config later.
+* @param hostConfig The host config to register.
+*/
+function registerHostConfig$1(name, hostConfig) {
+	const reference = hostConfig?.reference || null;
+	if (reference && !registeredHostConfigs.has(reference)) throw new InvalidHostConfigError(`Host config with reference "${reference}" is not registered. Please register it before using it.`);
+	if (registeredHostConfigs.has(name)) console.warn(`registerHostConfig: Host config with name "${name}" is already registered. Overwriting.`);
+	registeredHostConfigs.set(name, hostConfig);
+}
+/**
+* Unregisters a host config with the given name.
+* @param name The name of the host config to unregister.
+*/
+function unregisterHostConfig$1(name) {
+	if (registeredHostConfigs.has(name)) registeredHostConfigs.delete(name);
+	else console.warn(`unregisterHostConfig: Host config with name "${name}" not found.`);
+}
+/**
+* Gets the host config with the given name.
+* @private
+* @param name The name of the host config to get.
+* @returns The host config, or undefined if not found.
+*/
+function getRegisteredHostConfig(name) {
+	return registeredHostConfigs.get(name);
+}
+/**
+* Sets the default host config that will be used for all api calls that do not include a HostConfig
+* @private
+* @param hostConfig the default HostConfig to use
+*/
+function setDefaultHostConfig$1(hostConfig) {
+	registerHostConfig$1("default", hostConfig || {});
+}
+/**
+* Gets the default host config that will be used for all qmfe api calls that do not include a HostConfig.
+* @private
+* @returns The default host config that will be used for all qmfe api calls that do not include a HostConfig
+*/
+function getDefaultHostConfig$1() {
+	return getRegisteredHostConfig("default") || {};
+}
+function normalizeHostConfig$1(hostConfig) {
+	const suppliedHostConfigOrEmpty = hostConfig || emptyHostConfig;
+	const serializedHostConfigKey = serializeHostConfig$1(suppliedHostConfigOrEmpty);
+	let normalizedHostConfig = normalizedHostConfigs.get(serializedHostConfigKey);
+	if (!normalizedHostConfig) {
+		normalizedHostConfig = removeDefaults(resolveHostConfig(suppliedHostConfigOrEmpty));
+		normalizedHostConfigs.set(serializedHostConfigKey, normalizedHostConfig);
+	}
+	return normalizedHostConfig;
+}
+
+//#endregion
+//#region src/auth/internal/page-redirect-request-listeners.ts
+/**
+* A store containing all listener registries for different host configurations.
+*/
+const listenerRegistries$1 = /* @__PURE__ */ new Map();
+/**
+* Retrieves the listener registry for a given host configuration, creating one if it doesn't exist.
+*/
+function getRegistryForHostConfig(hostConfig) {
+	const key = serializeHostConfig$1(hostConfig);
+	let registry = listenerRegistries$1.get(key);
+	if (!registry) {
+		registry = {
+			redirectRequestedListeners: /* @__PURE__ */ new Set(),
+			redirectStartedListeners: /* @__PURE__ */ new Set()
+		};
+		listenerRegistries$1.set(key, registry);
+	}
+	return registry;
+}
+/**
+* Registers a listener for page redirects requested by auth modules.
+* @param hostConfig
+* @param listener
+* @returns
+*/
+function onPageRedirectRequested$1(hostConfig, listener) {
+	const registry = getRegistryForHostConfig(hostConfig);
+	registry.redirectRequestedListeners.add(listener);
+	return () => {
+		registry.redirectRequestedListeners.delete(listener);
+	};
+}
+function onPageRedirectStarted$1(hostConfig, listener) {
+	const registry = getRegistryForHostConfig(hostConfig);
+	registry.redirectStartedListeners.add(listener);
+	return () => {
+		registry.redirectStartedListeners.delete(listener);
+	};
+}
+function requestRedirect(hostConfig) {
+	const registry = getRegistryForHostConfig(hostConfig);
+	const hasRedirectListener = registry.redirectRequestedListeners.size > 0 || hostConfig.authRedirectUserConfirmation;
+	if (hostConfig.autoRedirect || !hasRedirectListener) return Promise.resolve();
+	if (typeof hostConfig.authRedirectUserConfirmation === "function") return hostConfig.authRedirectUserConfirmation().catch(() => {});
+	return new Promise((resolve) => {
+		const proceed = () => {
+			for (const startedListener of registry.redirectStartedListeners) try {
+				startedListener();
+			} catch (error) {
+				console.warn(error);
+			}
+			resolve();
+		};
+		for (const requestListener of registry.redirectRequestedListeners) try {
+			requestListener({ proceed });
+		} catch (error) {
+			console.warn(error);
+		}
+	});
+}
+
 //#endregion
 //#region src/utils/expose-internal-test-apis.ts
 function exposeInternalApiOnWindow(name, fn) {
@@ -218,9 +367,9 @@ function deleteFromSessionStorage(topic, names) {
 }
 function loadAndDeleteFromSessionStorage(topic, name) {
 	const id = `${storagePrefix}-${topic}-${name}`;
-	const result$1 = sessionStorage.getItem(id) || void 0;
+	const result = sessionStorage.getItem(id) || void 0;
 	sessionStorage.removeItem(id);
-	return result$1;
+	return result;
 }
 function loadOauthTokensFromStorage(topic, accessTokenStorage) {
 	let accessToken;
@@ -297,8 +446,8 @@ function toPerformInteractiveLoginFunction(performInteractiveLogin) {
 	}
 	return performInteractiveLogin;
 }
-function lookupGetAccessFn(getAccessToken$1) {
-	return globalThis[getAccessToken$1];
+function lookupGetAccessFn(getAccessToken) {
+	return globalThis[getAccessToken];
 }
 function lookupInteractiveLoginFn(name) {
 	return globalThis[name];
@@ -312,13 +461,13 @@ function toQueryString(queryParams) {
 	return queryParamsKeys.map((k) => `${k}=${queryParams[k]}`).join("&");
 }
 function byteArrayToBase64(hashArray) {
-	let result$1 = "";
+	let result = "";
 	if (isBrowser()) {
 		const byteArrayToString = String.fromCharCode.apply(null, hashArray);
-		result$1 = btoa(byteArrayToString);
-	} else if (isNode()) result$1 = Buffer.from(hashArray).toString("base64");
+		result = btoa(byteArrayToString);
+	} else if (isNode()) result = Buffer.from(hashArray).toString("base64");
 	else throw new Error("Environment not supported for oauth2 authentication");
-	return result$1;
+	return result;
 }
 /**
 * @param message string to hash
@@ -502,16 +651,16 @@ async function getOAuthTokensForBrowser(hostConfig) {
 		if (hostConfig.performInteractiveLogin) {
 			let usedRedirectUri;
 			try {
-				const verifier$1 = generateRandomString(128);
+				const verifier = generateRandomString(128);
 				const originalState = generateRandomString(43);
-				const { code: code$1, state } = extractCodeAndState(await toPerformInteractiveLoginFunction(hostConfig.performInteractiveLogin)({ getLoginUrl: async ({ redirectUri }) => {
+				const { code, state } = extractCodeAndState(await toPerformInteractiveLoginFunction(hostConfig.performInteractiveLogin)({ getLoginUrl: async ({ redirectUri }) => {
 					usedRedirectUri = redirectUri;
-					return createInteractiveLoginUrl(hostConfig, redirectUri, originalState, verifier$1);
+					return createInteractiveLoginUrl(hostConfig, redirectUri, originalState, verifier);
 				} }));
 				if (!usedRedirectUri) return errorMessageToAuthData("No redirect uri provided");
 				if (originalState !== state) return errorMessageToAuthData("State returned by custom interactive login function does not match original");
-				if (!code$1) return errorMessageToAuthData("No code found in response from custom interactive login function");
-				return await exchangeCodeAndVerifierForAccessTokenData(hostConfig, code$1, verifier$1, usedRedirectUri);
+				if (!code) return errorMessageToAuthData("No code found in response from custom interactive login function");
+				return await exchangeCodeAndVerifierForAccessTokenData(hostConfig, code, verifier, usedRedirectUri);
 			} catch (error) {
 				return {
 					accessToken: void 0,
@@ -535,7 +684,7 @@ async function getOAuthTokensForBrowser(hostConfig) {
 	});
 	if (oauthTokens) return oauthTokens;
 	if (hostConfig.performInteractiveLogin) return new Promise(() => {});
-	if (hostConfig.authRedirectUserConfirmation) await hostConfig.authRedirectUserConfirmation();
+	await requestRedirect(hostConfig);
 	startFullPageLoginFlow(hostConfig);
 	return new Promise(() => {});
 }
@@ -810,11 +959,11 @@ function encodeQueryParams(query) {
 * @private
 */
 function applyPathVariables(pathTemplate, pathVariables) {
-	let result$1 = pathTemplate;
+	let result = pathTemplate;
 	if (pathVariables) Object.keys(pathVariables).forEach((key) => {
-		result$1 = result$1.replace(`{${key}}`, pathVariables[key]);
+		result = result.replace(`{${key}}`, pathVariables[key]);
 	});
-	return result$1;
+	return result;
 }
 /**
 * Join url and query to a complete url
@@ -888,6 +1037,7 @@ async function invokeXHR(completeUrl, { method, headers, credentials, keepalive,
 //#region src/invoke-fetch/internal/response-cache.ts
 const responseCaches = {};
 globalThis.__API_CACHE__DO_NOT_USE_OR_YOU_WILL_BE_FIRED = responseCaches;
+if (globalThis.QlikMain?.INTERNAL__DO_NOT_USE) globalThis.QlikMain.INTERNAL__DO_NOT_USE.apiCache = responseCaches;
 let defaultCacheTime = 1e3 * 60 * 10;
 /**
 * The global namespace is used as a fallback if an entry is not found in a specific cache.
@@ -1045,14 +1195,14 @@ function clone(value) {
 */
 function cloneResultPromise(value) {
 	return value.then((resp) => {
-		const result$1 = {
+		const result = {
 			data: clone(resp.data),
 			headers: resp.headers,
 			status: resp.status
 		};
-		if (resp.next) result$1.next = resp.next;
-		if (resp.prev) result$1.prev = resp.prev;
-		return result$1;
+		if (resp.next) result.next = resp.next;
+		if (resp.prev) result.prev = resp.prev;
+		return result;
 	});
 }
 /**
@@ -1323,10 +1473,10 @@ function getServiceOverrideHeaderFromLocalStorage() {
 }
 /** Convert a Blob to a DownloadableBlob */
 function toDownloadableBlob(blob, name) {
-	const result$1 = blob;
-	if (name) result$1.download = (filename = name) => download(blob, filename);
-	else result$1.download = (filename) => download(blob, filename);
-	return result$1;
+	const result = blob;
+	if (name) result.download = (filename = name) => download(blob, filename);
+	else result.download = (filename) => download(blob, filename);
+	return result;
 }
 /** Convenience-function for downloading a blob. */
 async function download(blob, filename) {
@@ -1352,8 +1502,8 @@ const defaultUserAgent = "qmfe-api/latest";
 * @param api Name of api to call. Will be used for caching responses.
 * @param invokeFetchProps InvokeFetchProperties
 */
-async function invokeFetch(api, props, interceptors$1) {
-	const effectiveInterceptors = interceptors$1 || getInterceptors();
+async function invokeFetch(api, props, interceptors) {
+	const effectiveInterceptors = interceptors || getInterceptors();
 	const invokeFetchFinal = (reqeust) => invokeFetchIntercepted(api, reqeust);
 	return (effectiveInterceptors || []).reduce((proceed, interceptor) => (request) => interceptor(request, proceed), invokeFetchFinal)(props);
 }
@@ -1516,16 +1666,16 @@ function internalGetCredentialsForCookieAuth(hostConfig) {
 	if (isHostCrossOrigin(hostConfig)) return "include";
 	return "same-origin";
 }
-async function resolveTokenIfPresent(getAccessToken$1) {
-	if (typeof getAccessToken$1 === "function") return getAccessToken$1();
-	if (typeof getAccessToken$1 === "string") {
-		const accessTokenFn = lookupGlobalGetAccessTokenFn(getAccessToken$1);
-		if (typeof accessTokenFn !== "function") throw new Error(`getAccessToken function "${getAccessToken$1}" not found on globalThis. Please make sure it is defined.`);
+async function resolveTokenIfPresent(getAccessToken) {
+	if (typeof getAccessToken === "function") return getAccessToken();
+	if (typeof getAccessToken === "string") {
+		const accessTokenFn = lookupGlobalGetAccessTokenFn(getAccessToken);
+		if (typeof accessTokenFn !== "function") throw new Error(`getAccessToken function "${getAccessToken}" not found on globalThis. Please make sure it is defined.`);
 		return accessTokenFn();
 	}
 }
-function lookupGlobalGetAccessTokenFn(getAccessToken$1) {
-	return globalThis[getAccessToken$1];
+function lookupGlobalGetAccessTokenFn(getAccessToken) {
+	return globalThis[getAccessToken];
 }
 
 //#endregion
@@ -1565,7 +1715,7 @@ async function handleAuthenticationError$7({ hostConfig, status }) {
 	};
 	const webIntegrationParam = hostConfig.webIntegrationId ? `qlik-web-integration-id=${hostConfig?.webIntegrationId}&` : "";
 	const locationUrl = toValidLocationUrl(hostConfig);
-	if (hostConfig.authRedirectUserConfirmation) await hostConfig.authRedirectUserConfirmation();
+	await requestRedirect(hostConfig);
 	globalThis.location.replace(`${locationUrl}/login?${webIntegrationParam}returnto=${encodeURIComponent(globalThis.location.href)}`);
 	return { preventDefault: true };
 }
@@ -1712,7 +1862,7 @@ async function handleAuthenticationError$4({ hostConfig }) {
 			clearStoredOauthTokens(hostConfig);
 			return { retry: true };
 		}
-		if (hostConfig.authRedirectUserConfirmation) await hostConfig.authRedirectUserConfirmation();
+		await requestRedirect(hostConfig);
 		startFullPageLoginFlow(hostConfig);
 		return { preventDefault: true };
 	}
@@ -1770,14 +1920,14 @@ const xrfKeys = {};
 * @returns {string} 16 character long xrf-key
 */
 function createXrfKey() {
-	let result$1 = "";
+	let result = "";
 	for (let i = 0; i < 16; i += 1) {
 		const j = Math.floor(Math.random() * 62);
-		if (j < 10) result$1 += j;
-		else if (j > 9 && j < 36) result$1 += String.fromCharCode(j + 55);
-		else result$1 += String.fromCharCode(j + 61);
+		if (j < 10) result += j;
+		else if (j > 9 && j < 36) result += String.fromCharCode(j + 55);
+		else result += String.fromCharCode(j + 61);
 	}
-	return result$1;
+	return result;
 }
 function getXrfKey(hostConfig) {
 	const locationUrl = toValidLocationUrl(hostConfig);
@@ -1802,7 +1952,7 @@ async function getWebSocketAuthParams$2({ hostConfig }) {
 }
 async function handleAuthenticationError$2({ hostConfig }) {
 	if (hostConfig.loginUri) {
-		if (hostConfig.authRedirectUserConfirmation) await hostConfig.authRedirectUserConfirmation();
+		await requestRedirect(hostConfig);
 		globalThis.location.replace(hostConfig.loginUri.replace("{location}", encodeURIComponent(globalThis.location.href)));
 		return { preventDefault: true };
 	}
@@ -1968,7 +2118,7 @@ function getRegisteredAuthModule(authType) {
 * @param hostConfig
 */
 async function getAuthModule(hostConfig) {
-	const hostConfigToUse = withResolvedHostConfig(hostConfig);
+	const hostConfigToUse = resolveHostConfig(hostConfig);
 	const authType = await determineAuthType$1(hostConfigToUse);
 	if (ongoingAuthModuleLoading) await ongoingAuthModuleLoading;
 	let authModule = getRegisteredAuthModule(authType);
@@ -2093,76 +2243,55 @@ var AuthorizationError = class extends Error {
 };
 
 //#endregion
-//#region src/auth/internal/host-config-functions.ts
+//#region src/auth/internal/fatal-auth-error-listeners.ts
+const listenerRegistries = /* @__PURE__ */ new Map();
+let lastErrorMessage = "";
+let lastHostConfig;
 /**
-* Returns a new host config with all default and falsy values removed.
-* @param hostConfig - The host config to fill with defaults
-* @returns
+* Retrieves the listener registry for a given host configuration, creating one if it doesn't exist.
 */
-function removeDefaults(hostConfig) {
-	const cleanedHostConfig = cleanFalsyValues(hostConfig) || {};
-	if (cleanedHostConfig.host) cleanedHostConfig.host = toValidLocationUrl(cleanedHostConfig);
-	if (isBrowser()) {
-		if (toValidLocationUrl(cleanedHostConfig) === window.location.origin) delete cleanedHostConfig.host;
+function getAuthErrorListenerRegistryForHostConfig(hostConfig) {
+	const key = serializeHostConfig$1(hostConfig);
+	let registry = listenerRegistries.get(key);
+	if (!registry) {
+		registry = { listeners: /* @__PURE__ */ new Set() };
+		listenerRegistries.set(key, registry);
 	}
-	if (cleanedHostConfig.authType && authTypesThatCanBeOmitted.includes(cleanedHostConfig.authType)) delete cleanedHostConfig.authType;
-	return cleanedHostConfig;
-}
-function globalReplacer(key, value) {
-	if (typeof value === "function") return;
-	return value;
-}
-/**
-* Serializes the provided hostConfig, if present, otherwise the default one.
-*/
-function serializeHostConfig$1(hostConfig) {
-	const sorted = sortKeys(removeDefaults(withResolvedHostConfig(hostConfig)));
-	return JSON.stringify(sorted, globalReplacer);
-}
-const registeredHostConfigs = /* @__PURE__ */ new Map();
-/**
-* Registers a host config with the given name.
-* @param name The name of the host config to be used to reference the host config later.
-* @param hostConfig The host config to register.
-*/
-function registerHostConfig$1(name, hostConfig) {
-	const reference = hostConfig?.reference || null;
-	if (reference && !registeredHostConfigs.has(reference)) throw new InvalidHostConfigError(`Host config with reference "${reference}" is not registered. Please register it before using it.`);
-	if (registeredHostConfigs.has(name)) console.warn(`registerHostConfig: Host config with name "${name}" is already registered. Overwriting.`);
-	registeredHostConfigs.set(name, hostConfig);
-}
-/**
-* Unregisters a host config with the given name.
-* @param name The name of the host config to unregister.
-*/
-function unregisterHostConfig$1(name) {
-	if (registeredHostConfigs.has(name)) registeredHostConfigs.delete(name);
-	else console.warn(`unregisterHostConfig: Host config with name "${name}" not found.`);
-}
-/**
-* Gets the host config with the given name.
-* @private
-* @param name The name of the host config to get.
-* @returns The host config, or undefined if not found.
-*/
-function getRegisteredHostConfig(name) {
-	return registeredHostConfigs.get(name);
-}
-/**
-* Sets the default host config that will be used for all api calls that do not include a HostConfig
-* @private
-* @param hostConfig the default HostConfig to use
-*/
-function setDefaultHostConfig$1(hostConfig) {
-	registerHostConfig$1("default", hostConfig || {});
+	return registry;
+}
+/**
+* Emits a fatal authentication error to all registered listeners plus to the onAuthFailed property in the hostConfig.
+* If there are no listeners or onAuthFailed callback, the error message is logged to the console.
+*/
+function emitFatalAuthError(hostConfig, normalizedError) {
+	if (hostConfig === lastHostConfig && normalizedError.message === lastErrorMessage) return;
+	lastHostConfig = hostConfig;
+	lastErrorMessage = normalizedError.message;
+	let someOneIsListening = false;
+	const registry = getAuthErrorListenerRegistryForHostConfig(hostConfig);
+	for (const listener of registry.listeners) try {
+		someOneIsListening = true;
+		listener(normalizedError);
+	} catch (listenerError) {
+		console.warn("Error in auth error listener", listenerError);
+	}
+	if (hostConfig.onAuthFailed) try {
+		someOneIsListening = true;
+		hostConfig.onAuthFailed(normalizedError);
+	} catch (callbackError) {
+		console.warn("Error in onAuthFailed callback", callbackError);
+	}
+	if (!someOneIsListening) console.error(normalizedError.message);
 }
 /**
-* Gets the default host config that will be used for all qmfe api calls that do not include a HostConfig.
-* @private
-* @returns The default host config that will be used for all qmfe api calls that do not include a HostConfig
+* Registers a listener for fatal auth errors. This means errors in the actual auth mechanism, i.e. misconfigurations etc.
 */
-function getDefaultHostConfig$1() {
-	return getRegisteredHostConfig("default") || {};
+function onFatalAuthError$1(hostConfig, callback) {
+	const registry = getAuthErrorListenerRegistryForHostConfig(hostConfig);
+	registry.listeners.add(callback);
+	return () => {
+		registry.listeners.delete(callback);
+	};
 }
 
 //#endregion
@@ -2171,14 +2300,6 @@ function getDefaultHostConfig$1() {
 * Set initial loggingOut value to false to make sure it has a value before any auth module is loaded
 */
 globalThis.loggingOut = false;
-let lastErrorMessage = "";
-/** Default error logger that simply prints the error unless it is identical to the last one (to prevent bloating of the console) */
-function logToConsole({ message }) {
-	if (message !== lastErrorMessage) {
-		lastErrorMessage = message;
-		console.error(message);
-	}
-}
 /**
 * Determines the authType associated with a HostConfig even if it's
 * not explicitly set.
@@ -2195,7 +2316,7 @@ function determineAuthType(hostConfig) {
 */
 function isHostCrossOrigin(hostConfig) {
 	if (!globalThis.location?.origin) return true;
-	const hostConfigToUse = withResolvedHostConfig(hostConfig);
+	const hostConfigToUse = resolveHostConfig(hostConfig);
 	if (Object.keys(hostConfigToUse).length === 0) return false;
 	try {
 		return new URL(toValidLocationUrl(hostConfigToUse)).origin !== globalThis.location.origin;
@@ -2207,7 +2328,7 @@ function isHostCrossOrigin(hostConfig) {
 * @param hostConfig the HostConfig containing authentication details
 */
 async function isWindows(hostConfig) {
-	const hostConfigToUse = withResolvedHostConfig(hostConfig);
+	const hostConfigToUse = resolveHostConfig(hostConfig);
 	if (typeof hostConfigToUse.forceIsWindows === "boolean") return hostConfigToUse.forceIsWindows;
 	if (hostConfigToUse.host?.endsWith(".qlik-stage.com") || hostConfigToUse.host?.endsWith(".qlikcloud.com") || hostConfigToUse.host?.endsWith(".qlikcloudgov.com")) return false;
 	if (hostConfigToUse.authType === "cookie") return false;
@@ -2219,7 +2340,7 @@ async function isWindows(hostConfig) {
 * @param hostConfig the HostConfig containing authentication details
 */
 function toValidLocationUrl(hostConfig) {
-	const url = withResolvedHostConfig(hostConfig)?.host?.trim();
+	const url = resolveHostConfig(hostConfig)?.host?.trim();
 	let locationUrl;
 	if (!url) locationUrl = "";
 	else if (url.toLowerCase().startsWith("https://") || url.toLowerCase().startsWith("http://")) locationUrl = url;
@@ -2232,7 +2353,7 @@ function toValidLocationUrl(hostConfig) {
 * @param hostConfig the HostConfig containing authentication details
 */
 function toValidWebsocketLocationUrl(hostConfig) {
-	const url = withResolvedHostConfig(hostConfig)?.host;
+	const url = resolveHostConfig(hostConfig)?.host;
 	let locationUrl;
 	if (!url) locationUrl = globalThis.location.origin;
 	else if (url.toLowerCase().startsWith("https://") || url.toLowerCase().startsWith("http://")) locationUrl = url;
@@ -2245,14 +2366,14 @@ function toValidWebsocketLocationUrl(hostConfig) {
 * @param hostConfig the HostConfig containing authentication details
 */
 async function getWebSocketAuthParams(props) {
-	const hostConfigToUse = withResolvedHostConfig(props.hostConfig);
+	const hostConfigToUse = resolveHostConfig(props.hostConfig);
 	try {
 		return await (await getAuthModule(hostConfigToUse)).getWebSocketAuthParams({
 			...props,
 			hostConfig: hostConfigToUse
 		});
 	} catch (err) {
-		(hostConfigToUse.onAuthFailed || logToConsole)(normalizeAuthModuleError(err));
+		emitFatalAuthError(hostConfigToUse, normalizeAuthModuleError(err));
 		throw err;
 	}
 }
@@ -2262,14 +2383,14 @@ async function getWebSocketAuthParams(props) {
 * @param hostConfig the HostConfig containing authentication details
 */
 async function getWebResourceAuthParams(props) {
-	const hostConfigToUse = withResolvedHostConfig(props.hostConfig);
+	const hostConfigToUse = resolveHostConfig(props.hostConfig);
 	try {
 		return await (await getAuthModule(hostConfigToUse)).getWebResourceAuthParams?.({
 			...props,
 			hostConfig: hostConfigToUse
 		}) || { queryParams: {} };
 	} catch (err) {
-		(hostConfigToUse.onAuthFailed || logToConsole)(normalizeAuthModuleError(err));
+		emitFatalAuthError(hostConfigToUse, normalizeAuthModuleError(err));
 		throw err;
 	}
 }
@@ -2277,21 +2398,21 @@ async function getWebResourceAuthParams(props) {
 * Calls and return handleAuthenticationError on the authModule a host config is associated with.
 */
 async function handleAuthenticationError(props) {
-	const hostConfigToUse = withResolvedHostConfig(props.hostConfig);
-	const result$1 = await (await getAuthModule(hostConfigToUse)).handleAuthenticationError({
+	const hostConfigToUse = resolveHostConfig(props.hostConfig);
+	const result = await (await getAuthModule(hostConfigToUse)).handleAuthenticationError({
 		...props,
 		hostConfig: hostConfigToUse
 	});
-	const willRetry = props.canRetry && result$1.retry;
-	const willHangUntilANewPageIsLoaded = result$1.preventDefault;
+	const willRetry = props.canRetry && result.retry;
+	const willHangUntilANewPageIsLoaded = result.preventDefault;
 	if (!willRetry && !willHangUntilANewPageIsLoaded) {
 		const { status, errorBody } = props;
-		(hostConfigToUse.onAuthFailed || logToConsole)(normalizeInbandAuthError({
+		emitFatalAuthError(hostConfigToUse, normalizeInbandAuthError({
 			status,
 			errorBody
 		}));
 	}
-	return result$1;
+	return result;
 }
 /**
 * Returns a record of headers and a record of query params that needs to be added to outgoing rest calls
@@ -2299,14 +2420,14 @@ async function handleAuthenticationError(props) {
 * @param props.method the http method, which may affect what authentication are needed.
 */
 async function getRestCallAuthParams(props) {
-	const hostConfigToUse = withResolvedHostConfig(props.hostConfig);
+	const hostConfigToUse = resolveHostConfig(props.hostConfig);
 	try {
 		return await (await getAuthModule(hostConfigToUse)).getRestCallAuthParams({
 			...props,
 			hostConfig: hostConfigToUse
 		});
 	} catch (err) {
-		(hostConfigToUse.onAuthFailed || logToConsole)(normalizeAuthModuleError(err));
+		emitFatalAuthError(hostConfigToUse, normalizeAuthModuleError(err));
 		throw err;
 	}
 }
@@ -2363,13 +2484,19 @@ function serializeHostConfig(hostConfig) {
 * Throws errors if hostConfig is missing or missing properties on cross domain requests
 */
 function checkForCrossDomainRequest(hostConfig) {
-	const hostConfigToUse = withResolvedHostConfig(hostConfig);
+	const hostConfigToUse = resolveHostConfig(hostConfig);
 	if (isHostCrossOrigin(hostConfigToUse)) {
 		if (Object.keys(hostConfigToUse).length === 0) throw new InvalidHostConfigError("a host config must be provided when making a cross domain request");
 		if (!hostConfigToUse.host) throw new InvalidHostConfigError("A 'host' property must be set in host config when making a cross domain request");
 	}
 }
 /**
+* Returns a normalized host config that will always be the same instance when the serialized host config is the same.
+*/
+function normalizeHostConfig(hostConfig) {
+	return normalizeHostConfig$1(hostConfig);
+}
+/**
 * Logs out the user and sets `global.loggingOut` to true.
 * **NOTE**: Does not abort pending requests.
 */
@@ -2400,15 +2527,14 @@ function normalizeAuthModuleError(err) {
 	return { message: err.message || "Unknown error" };
 }
 /**
-* Returns a resolved host config. If the host config is a reference to a registered host config, it will be resolved
-* to the actual host config.
-* If the host config is undefined or empty, the default host config will be used.
-* If the host config is not a reference, it will be returned as is.
-* @private
+* Replaces the supplied host config according the following rules:
+* * If the host config is a reference to a registered host config, the registered host config will be used.
+* * If the host config is undefined or empty, the default host config will be returned.
+* * If the host config is not a reference and not empty or undefined, it will be returned as is.
+* * If the host config is empty or undefined an empty object (which represents the default cookie mode) is returned.
 * @param hostConfig - The host config to resolve
-* @returns
 */
-function withResolvedHostConfig(hostConfig) {
+function resolveHostConfig(hostConfig) {
 	if (hostConfig?.reference) {
 		const refConfig = getRegisteredHostConfig(hostConfig.reference);
 		if (!refConfig) throw new InvalidHostConfigError(`Host config with name "${hostConfig.reference}" not found.`);
@@ -2423,6 +2549,30 @@ function withResolvedHostConfig(hostConfig) {
 function getDefaultHostConfig() {
 	return getDefaultHostConfig$1();
 }
+/**
+* Registers a callback to be invoked when a fatal authentication error occurs for the provided hostConfig.
+* @param callback The callback function to register
+* @returns A function to unregister the callback
+*/
+function onFatalAuthError(hostConfig, callback) {
+	return onFatalAuthError$1(hostConfig, callback);
+}
+/**
+* Registers a listener for page redirect requested by the auth module that is handling authentication for the provided host configuration.
+* This is typically used when embedded to let the end user explicitly approve a redirect by for instance clicking an "authorize" button. The user can then decide to leave that UI unauthorized
+* and stay on the page.
+* The listener is provided a `proceed` function that if called continues the redirect process. Before actually redirecting the page, the onPageRedirectStarted listeners are called.
+* Note that if more than one listener is registered, it still takes just one proceed call to continue the redirect process so it can not be used to block the redirect.
+*/
+function onPageRedirectRequested(hostConfig, listener) {
+	return onPageRedirectRequested$1(hostConfig, listener);
+}
+/**
+* Registers a listener that will be called when a page redirect is started by the auth module that is handling authentication for the provided host configuration.
+*/
+function onPageRedirectStarted(hostConfig, listener) {
+	return onPageRedirectStarted$1(hostConfig, listener);
+}
 
 //#endregion
 //#region src/interceptors/boot-interceptors.ts
@@ -2513,106 +2663,4 @@ function populateCacheFrom(responses, pathsToInclude, serializedHostConfig, loca
 }
 
 //#endregion
-//#region src/interceptors/interceptors.ts
-let GLOBAL_INTERCEPTORS;
-function createInterceptors() {
-	const interceptors$1 = [...GLOBAL_INTERCEPTORS?.getInterceptors() || []];
-	return {
-		addInterceptor: (interceptor) => {
-			interceptors$1.push(interceptor);
-			return interceptor;
-		},
-		removeInterceptor: (interceptor) => {
-			const index = interceptors$1.indexOf(interceptor);
-			let removed;
-			if (index !== -1) removed = interceptors$1.splice(index, 1)[0];
-			return removed || null;
-		},
-		getInterceptors: () => interceptors$1
-	};
-}
-let addDefaultInterceptorsRun = false;
-function addDefaultInterceptors() {
-	if (addDefaultInterceptorsRun) return;
-	if (isBrowser()) {
-		const readFlagsFromUrlQuery = () => {
-			const featuresParam = new URLSearchParams(window.location.search).get("features");
-			if (!featuresParam) return {};
-			return featuresParam.split(",").map((item) => item.trim()).reduce((map, obj) => {
-				const value = !obj.startsWith("!");
-				const key = value ? obj : obj.substring(1);
-				map[key] = value;
-				return map;
-			}, {});
-		};
-		const readFlagsFromLocalStorage = () => {
-			try {
-				const featuresParam = localStorage.getItem("qcs-features");
-				if (featuresParam) return JSON.parse(featuresParam);
-				return {};
-			} catch {
-				return {};
-			}
-		};
-		const flagsFromUrl = readFlagsFromUrlQuery();
-		const flagsFromLocalStorage = readFlagsFromLocalStorage();
-		const featuresInterceptor = async (request, proceed) => {
-			let resultPromise;
-			if (request.pathTemplate === "/api/v1/features") {
-				resultPromise = proceed(request);
-				const result$1 = await resultPromise;
-				return {
-					...result$1,
-					data: {
-						...result$1.data || {},
-						...flagsFromLocalStorage,
-						...flagsFromUrl
-					}
-				};
-			}
-			return proceed(request);
-		};
-		GLOBAL_INTERCEPTORS.addInterceptor(featuresInterceptor);
-		GLOBAL_INTERCEPTORS.addInterceptor(coreBootInterceptor);
-	}
-	addDefaultInterceptorsRun = true;
-}
-/**
-* The global interceptor stack
-*/
-GLOBAL_INTERCEPTORS = createInterceptors();
-/**
-* Adds an interceptor to the global interceptor stack
-* Returns the newly added interceptor
-* @param interceptor the interceptor to add
-* @returns the newly added interceptor
-*/
-function addInterceptor(interceptor) {
-	return GLOBAL_INTERCEPTORS.addInterceptor(interceptor);
-}
-/**
-* Removes an interceptor from the global interceptor stack
-* @param interceptor the interceptor remove
-*/
-function removeInterceptor(interceptor) {
-	return GLOBAL_INTERCEPTORS.removeInterceptor(interceptor);
-}
-/**
-* Gets all registered interceptors
-*/
-function getInterceptors() {
-	return GLOBAL_INTERCEPTORS.getInterceptors();
-}
-/**
-* The interceptors API
-*/
-const interceptors = {
-	addInterceptor,
-	removeInterceptor,
-	getInterceptors,
-	createInterceptors
-};
-var interceptors_default = interceptors;
-
-//#endregion
-export { parseFetchResponse as A, unregisterHostConfig as C, UnexpectedAuthTypeError as D, InvalidHostConfigError as E, generateRandomString as F, getPlatform as I, EncodingError as M, InvokeFetchError as N, clearApiCache as O, exposeInternalApiOnWindow as P, toValidWebsocketLocationUrl as S, InvalidAuthTypeError as T, registerAuthModule as _, interceptors_default as a, setDefaultHostConfig as b, getAccessToken as c, getWebResourceAuthParams as d, getWebSocketAuthParams as f, logout as g, isWindows as h, getInterceptors as i, appendQueryToUrl as j, invokeFetch as k, getDefaultHostConfig as l, isHostCrossOrigin as m, addInterceptor as n, removeInterceptor as o, handleAuthenticationError as p, createInterceptors as r, determineAuthType as s, addDefaultInterceptors as t, getRestCallAuthParams as u, registerHostConfig as v, AuthorizationError as w, toValidLocationUrl as x, serializeHostConfig as y };
+export { appendQueryToUrl as A, AuthorizationError as C, clearApiCache as D, UnexpectedAuthTypeError as E, getPlatform as F, InvokeFetchError as M, exposeInternalApiOnWindow as N, invokeFetch as O, generateRandomString as P, unregisterHostConfig as S, InvalidHostConfigError as T, registerHostConfig as _, getRestCallAuthParams as a, toValidLocationUrl as b, handleAuthenticationError as c, logout as d, normalizeHostConfig as f, registerAuthModule as g, onPageRedirectStarted as h, getDefaultHostConfig as i, EncodingError as j, parseFetchResponse as k, isHostCrossOrigin as l, onPageRedirectRequested as m, determineAuthType as n, getWebResourceAuthParams as o, onFatalAuthError as p, getAccessToken as r, getWebSocketAuthParams as s, coreBootInterceptor as t, isWindows as u, serializeHostConfig as v, InvalidAuthTypeError as w, toValidWebsocketLocationUrl as x, setDefaultHostConfig as y };