npm - @tilde-nlp/ngx-user-access - Versions diffs - 8.0.1 - Mend

@tilde-nlp/ngx-user-access 8.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md +63 -0
package/fesm2022/tilde-nlp-ngx-user-access.mjs +513 -0
package/fesm2022/tilde-nlp-ngx-user-access.mjs.map +1 -0
package/index.d.ts +233 -0
package/package.json +28 -0

package/README.md ADDED Viewed

@@ -0,0 +1,63 @@
+# NgxUserAccess
+This project was generated using [Angular CLI](https://github.com/angular/angular-cli) version 20.2.0.
+## Code scaffolding
+Angular CLI includes powerful code scaffolding tools. To generate a new component, run:
+```bash
+ng generate component component-name
+```
+For a complete list of available schematics (such as `components`, `directives`, or `pipes`), run:
+```bash
+ng generate --help
+```
+## Building
+To build the library, run:
+```bash
+ng build ngx-user-access
+```
+This command will compile your project, and the build artifacts will be placed in the `dist/` directory.
+### Publishing the Library
+Once the project is built, you can publish your library by following these steps:
+1. Navigate to the `dist` directory:
+   ```bash
+   cd dist/ngx-user-access
+   ```
+2. Run the `npm publish` command to publish your library to the npm registry:
+   ```bash
+   npm publish
+   ```
+## Running unit tests
+To execute unit tests with the [Karma](https://karma-runner.github.io) test runner, use the following command:
+```bash
+ng test
+```
+## Running end-to-end tests
+For end-to-end (e2e) testing, run:
+```bash
+ng e2e
+```
+Angular CLI does not come with an end-to-end testing framework by default. You can choose one that suits your needs.
+## Additional Resources
+For more information on using the Angular CLI, including detailed command references, visit the [Angular CLI Overview and Command Reference](https://angular.dev/tools/cli) page.

package/fesm2022/tilde-nlp-ngx-user-access.mjs ADDED Viewed

@@ -0,0 +1,513 @@
+import * as i0 from '@angular/core';
+import { InjectionToken, inject, Injectable, Inject } from '@angular/core';
+import * as i2 from 'keycloak-angular';
+import { KeycloakService, KeycloakEventTypeLegacy, KeycloakBearerInterceptor } from 'keycloak-angular';
+import { BehaviorSubject, Subject } from 'rxjs';
+import * as i1 from '@angular/router';
+import { HTTP_INTERCEPTORS } from '@angular/common/http';
+const USER_ACCESS_CONFIG_TOKEN = new InjectionToken('USER_ACCESS_CONFIG_TOKEN');
+class UserAccessConfigService {
+    #config = inject(USER_ACCESS_CONFIG_TOKEN);
+    getConfiguration() {
+        return this.#config;
+    }
+    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.2.1", ngImport: i0, type: UserAccessConfigService, deps: [], target: i0.ɵɵFactoryTarget.Injectable }); }
+    static { this.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "20.2.1", ngImport: i0, type: UserAccessConfigService, providedIn: 'root' }); }
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.2.1", ngImport: i0, type: UserAccessConfigService, decorators: [{
+            type: Injectable,
+            args: [{
+                    providedIn: 'root',
+                }]
+        }] });
+var PermissionStatus;
+(function (PermissionStatus) {
+    PermissionStatus["OK"] = "OK";
+    PermissionStatus["EXPIRED_SUBSCRIPTION"] = "EXPIRED_SUBSCRIPTION";
+    PermissionStatus["NO_SUBSCRIPTION"] = "NO_SUBSCRIPTION";
+})(PermissionStatus || (PermissionStatus = {}));
+var DefaultPermissions;
+(function (DefaultPermissions) {
+    DefaultPermissions["ALL"] = "ALL";
+})(DefaultPermissions || (DefaultPermissions = {}));
+const USER_CUSTOM_CONFIGURATION_SERVICE_TOKEN = new InjectionToken('USER_CUSTOM_CONFIGURATION_SERVICE_TOKEN');
+class AuthService {
+    get token() {
+        return this._token;
+    }
+    get parsedKeyCloakToken() {
+        return this._parsedKeycloakToken;
+    }
+    constructor(config, keyCloak) {
+        this.config = config;
+        this.keyCloak = keyCloak;
+        this._isAuthenticated = false;
+        this.username = new BehaviorSubject('');
+        // make jwt available in window object, so that it can be accessed everywhere (e.g. from webtranslate iframe)
+        /* eslint-disable  @typescript-eslint/no-explicit-any */
+        window.keycloakToken = () => {
+            return this._token;
+        };
+    }
+    userSubscriptionPlan() {
+        return this.parsedKeyCloakToken?.subscription?.find((plan) => Object.values(this.config.getConfiguration().plans).includes(plan.PlanId));
+    }
+    isAuthenticated() {
+        return this._isAuthenticated;
+    }
+    getUserName() {
+        return this.isAuthenticated() ? this.keyCloak?.getUsername() : '';
+    }
+    getUserDisplayName() {
+        if (!this.authEnabled || !this._isAuthenticated) {
+            return '';
+        }
+        let username = this.getUserName();
+        if (this._parsedKeycloakToken?.name) {
+            username = this.parsedKeyCloakToken.name;
+        }
+        return username;
+    }
+    getToken() {
+        return this.keyCloak.getToken();
+    }
+    logout() {
+        if (!this.authEnabled) {
+            return;
+        }
+        this.keyCloak.logout(window.location.origin);
+    }
+    async checkLogin() {
+        if (!this.authEnabled) {
+            return;
+        }
+        this._isAuthenticated = await this.keyCloak.isLoggedIn();
+        this.refreshKeycloakToken();
+        const username = this.getUserName();
+        this.username.next(username);
+    }
+    login() {
+        if (!this.authEnabled) {
+            return;
+        }
+        this.keyCloak.login();
+    }
+    enableAuth() {
+        this.authEnabled = true;
+    }
+    refreshKeycloakToken() {
+        if (!this.authEnabled) {
+            return;
+        }
+        const keyCloakInstance = this.keyCloak.getKeycloakInstance();
+        /* eslint-disable  @typescript-eslint/no-explicit-any */
+        const tokenParsed = keyCloakInstance.tokenParsed;
+        this._token = keyCloakInstance.token;
+        tokenParsed?.subscription?.forEach((subscription) => {
+            // Removes "-Yearly", "-Monthly" from end of string or -Eur- and everything that follows.
+            subscription.Label = subscription.PlanId.replace(/-Monthly$|-Yearly$|-EUR-(.*)/, '');
+        });
+        this._parsedKeycloakToken = tokenParsed;
+    }
+    userIsGroupMember() {
+        return this.parsedKeyCloakToken?.membership?.length > 0;
+    }
+    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.2.1", ngImport: i0, type: AuthService, deps: [{ token: UserAccessConfigService }, { token: i2.KeycloakService }], target: i0.ɵɵFactoryTarget.Injectable }); }
+    static { this.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "20.2.1", ngImport: i0, type: AuthService, providedIn: 'root' }); }
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.2.1", ngImport: i0, type: AuthService, decorators: [{
+            type: Injectable,
+            args: [{
+                    providedIn: 'root',
+                }]
+        }], ctorParameters: () => [{ type: UserAccessConfigService }, { type: i2.KeycloakService }] });
+var AuthGuardParamKeys;
+(function (AuthGuardParamKeys) {
+    AuthGuardParamKeys["REDIRECT_ROUTE"] = "redirectRoute";
+})(AuthGuardParamKeys || (AuthGuardParamKeys = {}));
+class AuthGuard {
+    constructor(router, keycloak, auth) {
+        this.router = router;
+        this.keycloak = keycloak;
+        this.auth = auth;
+    }
+    async canActivate(route, state) {
+        if (!this.auth.isAuthenticated()) {
+            // redirectToLogin query param is more important than redirectRoute
+            if (!route.queryParams?.redirectToLogin && route.data?.[AuthGuardParamKeys.REDIRECT_ROUTE]) {
+                this.router.navigate([route.data[AuthGuardParamKeys.REDIRECT_ROUTE]]);
+            }
+            else {
+                await this.keycloak.login({
+                    redirectUri: window.location.origin + state.url,
+                });
+            }
+        }
+        // Clear unnecessary query param
+        if (route.queryParams?.redirectToLogin) {
+            const queryParams = { ...route.queryParams };
+            delete queryParams.redirectToLogin;
+            this.router.navigate([state.url.split('?')[0]], { queryParams });
+        }
+        return this.auth.isAuthenticated();
+    }
+    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.2.1", ngImport: i0, type: AuthGuard, deps: [{ token: i1.Router }, { token: i2.KeycloakService }, { token: AuthService }], target: i0.ɵɵFactoryTarget.Injectable }); }
+    static { this.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "20.2.1", ngImport: i0, type: AuthGuard, providedIn: 'root' }); }
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.2.1", ngImport: i0, type: AuthGuard, decorators: [{
+            type: Injectable,
+            args: [{
+                    providedIn: 'root',
+                }]
+        }], ctorParameters: () => [{ type: i1.Router }, { type: i2.KeycloakService }, { type: AuthService }] });
+class PermissionsService {
+    get statusLocalStorageKey() {
+        return this.userSpecificLocalstorageKey(this.status);
+    }
+    get subscriptionConfig() {
+        return this.config.getConfiguration().subscriptions;
+    }
+    get token() {
+        return this.auth.parsedKeyCloakToken;
+    }
+    get status() {
+        return this._status;
+    }
+    get permissions() {
+        return this._permissions;
+    }
+    get expiredSubscriptions() {
+        return this._expiredSubscriptions;
+    }
+    get expiredNotConfirmedSubscriptions() {
+        return this._expiredNotConfirmedSubscriptions;
+    }
+    get hasOnlyUnauthorizedPermissions() {
+        return this._hasOnlyUnauthorizedPermissions;
+    }
+    get onPermissionRefresh() {
+        return this._onPermissionRefresh.asObservable();
+    }
+    constructor(config, auth, userConfigurationService) {
+        this.config = config;
+        this.auth = auth;
+        this.userConfigurationService = userConfigurationService;
+        this._expiredSubscriptions = [];
+        this._expiredNotConfirmedSubscriptions = [];
+        this._onPermissionRefresh = new Subject();
+        this.SUPPORT_ROLE_KEY = 'support';
+    }
+    /**
+     * Checks wether user has necessary permission/permissions. By default, if user has at least one of given permissions, method returns true. To check all permissions, set needsAll to true.
+     * @param permissions Permissions to be checked.
+     * @param needsAll If user should have all of given permissions
+     * @returns
+     */
+    hasPermission(permissions, needsAll = false) {
+        // if user is not any group member, access should not be provided
+        if (!this.auth.userIsGroupMember() && this.auth.userSubscriptionPlan()) {
+            return false;
+        }
+        if (!permissions || permissions.length === 0 || this.permissions.includes(DefaultPermissions.ALL)) {
+            return true;
+        }
+        for (const permission of permissions) {
+            const hasPermission = this.permissions.includes(permission);
+            if (needsAll && !hasPermission) {
+                return false;
+            }
+            else if (!needsAll && hasPermission) {
+                return true;
+            }
+        }
+        return needsAll ? true : false;
+    }
+    configurePermissions() {
+        this.isDebug = this.config.getConfiguration()?.isDebug ?? false;
+        this.userConfiguration = {};
+        this._status = PermissionStatus.OK;
+        let allPermissions = [];
+        const expiredSubscriptions = [];
+        allPermissions = this.refreshAllPermissionsForUser();
+        if (new Date() > new Date(this.auth.userSubscriptionPlan()?.EndDate)) {
+            expiredSubscriptions.push(this.auth.userSubscriptionPlan());
+        }
+        this.setPermissions(allPermissions);
+        this._expiredSubscriptions = expiredSubscriptions;
+        if (this.isDebug) {
+            // eslint-disable-next-line no-console
+            console.log('permissions', this.permissions);
+            // eslint-disable-next-line no-console
+            console.log('userConfig', this.userConfiguration);
+        }
+        this.shouldShowMessage();
+    }
+    confirmMessage() {
+        const localStorageKey = this.statusLocalStorageKey;
+        if (this.status === PermissionStatus.NO_SUBSCRIPTION) {
+            localStorage.setItem(localStorageKey, `true`);
+        }
+        else if (this.status === PermissionStatus.EXPIRED_SUBSCRIPTION) {
+            const confirmed = JSON.parse(localStorage.getItem(localStorageKey)) ?? {};
+            this.expiredNotConfirmedSubscriptions.forEach((subscription) => {
+                confirmed[subscription.PlanId] = new Date().toString();
+            });
+            localStorage.setItem(localStorageKey, JSON.stringify(confirmed));
+        }
+        this.showSubscriptionMessage = false;
+    }
+    userSpecificLocalstorageKey(key) {
+        return this.hashString(`${key}_${this.auth.getUserName().toUpperCase()}`);
+    }
+    refreshAllPermissionsForUser() {
+        // We should ignore subscription permissions for Supports.
+        return this.isSupport()
+            ? this.checkRolePermissions()
+            : this.checkSubscriptionPermissions().concat(this.checkRolePermissions());
+    }
+    checkSubscriptionPermissions() {
+        const subscriptionConfig = this.subscriptionConfig;
+        const allPermissions = subscriptionConfig.plans;
+        const token = this.token;
+        const isAuthenticated = this.auth.isAuthenticated();
+        let permissions = [];
+        if (isAuthenticated && !subscriptionConfig.ignoreSubscriptions) {
+            let hasAnySubscription = false;
+            if (token?.subscription) {
+                for (const plan of token.subscription) {
+                    const permissionConfig = this.findPermissionConfig(allPermissions, plan.Label);
+                    if (!this.isPlanActive(plan) && this.isSupportedPlan(plan)) {
+                        if (permissionConfig) {
+                            hasAnySubscription = true;
+                            this._status = PermissionStatus.EXPIRED_SUBSCRIPTION;
+                        }
+                        continue;
+                    }
+                    if (this.isPlanActive(plan) && this.isSupportedPlan(plan) && permissionConfig) {
+                        hasAnySubscription = true;
+                    }
+                    if (permissionConfig?.permissions) {
+                        permissionConfig.permissions.forEach((permission) => {
+                            if (!permissions.includes(permission)) {
+                                permissions.push(permission);
+                            }
+                        });
+                    }
+                    if (permissionConfig?.userConfiguration) {
+                        this.updateUserConfiguration(permissionConfig.userConfiguration);
+                    }
+                }
+            }
+            if (!hasAnySubscription) {
+                this._status = PermissionStatus.NO_SUBSCRIPTION;
+            }
+        }
+        else if (subscriptionConfig.ignoreSubscriptions && this.isDebug) {
+            console.warn('You are ignoring subscriptions, which means that your permissions might not work as expected. This option might be set in config.local.debug.json for easier testing.');
+        }
+        // if has no permissions, use default permissions
+        if (permissions.length === 0) {
+            const defaultPlanName = this.findDefaultPlanName(subscriptionConfig, isAuthenticated);
+            const permissionConfig = this.findPermissionConfig(allPermissions, defaultPlanName);
+            permissions = permissionConfig?.permissions ?? [];
+            this.updateUserConfiguration(permissionConfig?.userConfiguration);
+            if (!subscriptionConfig.ignoreSubscriptions) {
+                this._hasOnlyUnauthorizedPermissions = true;
+            }
+        }
+        return permissions;
+    }
+    checkRolePermissions() {
+        const subscriptionConfig = this.subscriptionConfig;
+        const token = this.token;
+        let permissions = [];
+        const roles = token?.realm_access?.roles;
+        // if no roles for user or no permissions defined for roles, return empty array.
+        if (!roles?.length || !subscriptionConfig.roles?.length) {
+            return [];
+        }
+        if (this.isSupport()) {
+            return this.findPermissionConfig(subscriptionConfig.roles, this.SUPPORT_ROLE_KEY)?.permissions;
+        }
+        roles.forEach((role) => {
+            const rolePermissionConfig = this.findPermissionConfig(subscriptionConfig.roles, role);
+            if (rolePermissionConfig) {
+                permissions = permissions.concat(rolePermissionConfig.permissions);
+                this.updateUserConfiguration(rolePermissionConfig.userConfiguration);
+            }
+        });
+        return permissions;
+    }
+    /**
+     * Updates current user configuration object with values that gives more permissions (bigger limits) to the user.
+     * @param userConfiguration User configuration object to be compared with current userconfig object
+     */
+    updateUserConfiguration(userConfiguration) {
+        if (!userConfiguration) {
+            return;
+        }
+        this.userConfigurationService.updateUserConfiguration(this.userConfiguration, userConfiguration);
+    }
+    shouldShowMessage() {
+        const localStorageValue = localStorage.getItem(this.statusLocalStorageKey);
+        if (this.status === PermissionStatus.NO_SUBSCRIPTION) {
+            this.showSubscriptionMessage = localStorageValue ? false : true;
+        }
+        else if (this.status === PermissionStatus.EXPIRED_SUBSCRIPTION) {
+            const confirmed = JSON.parse(localStorageValue);
+            if (!confirmed) {
+                this._expiredNotConfirmedSubscriptions = this.expiredSubscriptions;
+                this.showSubscriptionMessage = true;
+                return;
+            }
+            const notConfirmedExpired = [];
+            for (const subscription of this.expiredSubscriptions) {
+                if (confirmed[subscription.PlanId] && new Date() > new Date(subscription.EndDate)) {
+                    continue;
+                }
+                notConfirmedExpired.push(subscription);
+                this.showSubscriptionMessage = true;
+            }
+            this._expiredNotConfirmedSubscriptions = notConfirmedExpired;
+        }
+    }
+    isPlanActive(plan) {
+        if (!plan.EndDate || new Date() < new Date(plan.EndDate)) {
+            return true;
+        }
+        return false;
+    }
+    isSupportedPlan(plan) {
+        const planLabels = Object.values(this.config.getConfiguration().plans);
+        if (planLabels.includes(plan.Label)) {
+            return true;
+        }
+        return false;
+    }
+    /**
+     * Finds permission config in array based on given key
+     * @param permissions permission array where to find config from
+     * @param key object identification key
+     * @returns permission config
+     */
+    findPermissionConfig(permissions, key) {
+        for (const permission of permissions) {
+            if (permission.keys.includes(key)) {
+                return permission;
+            }
+        }
+        return null;
+    }
+    // for storing user specific info in localstorage;
+    hashString(username) {
+        let hash = 0;
+        if (username.length > 0) {
+            for (let i = 0; i < username.length; i++) {
+                const char = username.charCodeAt(i);
+                hash = (hash << 5) - hash + char;
+                hash = hash & hash; // Convert to 32bit integer
+            }
+        }
+        return hash.toString();
+    }
+    findDefaultPlanName(config, isAuthenticated) {
+        let defaultPlanName;
+        if (isAuthenticated) {
+            if (this.status === PermissionStatus.EXPIRED_SUBSCRIPTION) {
+                defaultPlanName = config.expiredPermissionsPlanName || config.authorizedDefaultPermissionPlan;
+            }
+            else {
+                defaultPlanName = config.authorizedDefaultPermissionPlan;
+            }
+        }
+        return defaultPlanName || config.unauthorizedDefaultPermissionPlan;
+    }
+    setPermissions(permissions) {
+        this._permissions = permissions;
+        this._onPermissionRefresh.next(this._permissions);
+    }
+    isSupport() {
+        return this.token?.realm_access?.roles?.includes(this.SUPPORT_ROLE_KEY);
+    }
+    static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.2.1", ngImport: i0, type: PermissionsService, deps: [{ token: UserAccessConfigService }, { token: AuthService }, { token: USER_CUSTOM_CONFIGURATION_SERVICE_TOKEN }], target: i0.ɵɵFactoryTarget.Injectable }); }
+    static { this.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "20.2.1", ngImport: i0, type: PermissionsService, providedIn: 'root' }); }
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.2.1", ngImport: i0, type: PermissionsService, decorators: [{
+            type: Injectable,
+            args: [{
+                    providedIn: 'root',
+                }]
+        }], ctorParameters: () => [{ type: UserAccessConfigService }, { type: AuthService }, { type: undefined, decorators: [{
+                    type: Inject,
+                    args: [USER_CUSTOM_CONFIGURATION_SERVICE_TOKEN]
+                }] }] });
+async function KEYCLOAK_INITIALIZER() {
+    const keycloak = inject(KeycloakService);
+    const config = inject(UserAccessConfigService);
+    const permissions = inject(PermissionsService);
+    const auth = inject(AuthService);
+    await keycloak
+        .init({
+        config: config.getConfiguration().keycloak,
+        enableBearerInterceptor: false,
+        loadUserProfileAtStartUp: true,
+        initOptions: {
+            onLoad: 'check-sso',
+            silentCheckSsoRedirectUri: window.location.origin + '/assets/auth/silent-check-sso.html',
+            redirectUri: window.location.origin,
+        },
+        bearerExcludedUrls: config.getConfiguration().keycloak.bearerExcludedUrls,
+    })
+        .catch((error) => {
+        console.error(error);
+        permissions.configurePermissions();
+        return;
+    });
+    auth.enableAuth();
+    await auth.checkLogin();
+    permissions.configurePermissions();
+    keycloak.keycloakEvents$.subscribe((ev) => {
+        if (ev.type == KeycloakEventTypeLegacy.OnTokenExpired) {
+            const minValidity = 5;
+            if (keycloak.isTokenExpired(minValidity)) {
+                keycloak.updateToken(minValidity).then(() => {
+                    auth.refreshKeycloakToken();
+                    permissions.configurePermissions();
+                }, (err) => {
+                    console.error('Token refresh failed', err);
+                    keycloak.login();
+                });
+            }
+        }
+    });
+}
+async function KEYCLOAK_PROVIDER() {
+    return [
+        KeycloakService,
+        {
+            provide: HTTP_INTERCEPTORS,
+            useClass: KeycloakBearerInterceptor,
+            deps: [KeycloakService],
+            multi: true,
+        },
+        await KEYCLOAK_INITIALIZER(),
+    ];
+}
+/**
+ * Generated bundle index. Do not edit.
+ */
+export { AuthGuard, AuthGuardParamKeys, AuthService, DefaultPermissions, KEYCLOAK_PROVIDER, PermissionStatus, PermissionsService, USER_ACCESS_CONFIG_TOKEN, USER_CUSTOM_CONFIGURATION_SERVICE_TOKEN, UserAccessConfigService };
+//# sourceMappingURL=tilde-nlp-ngx-user-access.mjs.map

package/fesm2022/tilde-nlp-ngx-user-access.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"tilde-nlp-ngx-user-access.mjs","sources":["../../../projects/ngx-user-access/src/lib/user-access-config/tokens/user-access-config,.token.ts","../../../projects/ngx-user-access/src/lib/user-access-config/user-access-config.service.ts","../../../projects/ngx-user-access/src/lib/permissions/models/permission-status.model.ts","../../../projects/ngx-user-access/src/lib/permissions/models/default-permissions.enum.ts","../../../projects/ngx-user-access/src/lib/permissions/models/user-custom-configuration-service.token.ts","../../../projects/ngx-user-access/src/lib/auth/auth.service.ts","../../../projects/ngx-user-access/src/lib/auth/models/auth-guard-param-keys.enum.ts","../../../projects/ngx-user-access/src/lib/auth/auth.guard.ts","../../../projects/ngx-user-access/src/lib/permissions/permissions.service.ts","../../../projects/ngx-user-access/src/lib/keycloak/keycloak.initializer.ts","../../../projects/ngx-user-access/src/lib/keycloak/keycloak.provider.ts","../../../projects/ngx-user-access/src/tilde-nlp-ngx-user-access.ts"],"sourcesContent":["import { InjectionToken } from '@angular/core';\r\nimport { UserAccessConfig } from '../models/user-access-config.model';\r\n\r\nexport const USER_ACCESS_CONFIG_TOKEN = new InjectionToken<UserAccessConfig>('USER_ACCESS_CONFIG_TOKEN');\r\n","import { inject, Injectable } from '@angular/core';\r\nimport { USER_ACCESS_CONFIG_TOKEN } from './tokens/user-access-config,.token';\r\nimport { UserAccessConfig } from './models/user-access-config.model';\r\n\r\n@Injectable({\r\n\tprovidedIn: 'root',\r\n})\r\nexport class UserAccessConfigService {\r\n\t#config = inject(USER_ACCESS_CONFIG_TOKEN);\r\n\r\n\tgetConfiguration(): UserAccessConfig {\r\n\t\treturn this.#config;\r\n\t}\r\n}\r\n","export enum PermissionStatus {\r\n\tOK = 'OK',\r\n\tEXPIRED_SUBSCRIPTION = 'EXPIRED_SUBSCRIPTION',\r\n\tNO_SUBSCRIPTION = 'NO_SUBSCRIPTION',\r\n}\r\n","export enum DefaultPermissions {\r\n ALL = 'ALL'\r\n}","import { InjectionToken } from '@angular/core';\r\n\r\nexport const USER_CUSTOM_CONFIGURATION_SERVICE_TOKEN = new InjectionToken('USER_CUSTOM_CONFIGURATION_SERVICE_TOKEN');\r\n","import { Injectable } from '@angular/core';\r\nimport { KeycloakService } from 'keycloak-angular';\r\nimport { BehaviorSubject } from 'rxjs';\r\nimport { UserAccessConfigService } from '../user-access-config';\r\nimport { AuthTokenParsed } from './models/auth-token-parsed.model';\r\nimport { AuthSubscription } from '@tilde-nlp/ngx-common';\r\n\r\n@Injectable({\r\n\tprovidedIn: 'root',\r\n})\r\nexport class AuthService {\r\n\tauthEnabled!: boolean;\r\n\tusername: BehaviorSubject<string>;\r\n\r\n\tprivate _isAuthenticated = false;\r\n\tprivate _parsedKeycloakToken!: AuthTokenParsed;\r\n\tprivate _token!: string | undefined;\r\n\tget token() {\r\n\t\treturn this._token;\r\n\t}\r\n\r\n\tget parsedKeyCloakToken() {\r\n\t\treturn this._parsedKeycloakToken;\r\n\t}\r\n\r\n\tconstructor(private readonly config: UserAccessConfigService, private readonly keyCloak: KeycloakService) {\r\n\t\tthis.username = new BehaviorSubject<string>('');\r\n\r\n\t\t// make jwt available in window object, so that it can be accessed everywhere (e.g. from webtranslate iframe)\r\n\t\t/* eslint-disable @typescript-eslint/no-explicit-any */\r\n\t\t(window as any).keycloakToken = () => {\r\n\t\t\treturn this._token;\r\n\t\t};\r\n\t}\r\n\r\n\tuserSubscriptionPlan() {\r\n\t\treturn this.parsedKeyCloakToken?.subscription?.find((plan: { PlanId: string }) =>\r\n\t\t\tObject.values(this.config.getConfiguration().plans).includes(plan.PlanId)\r\n\t\t);\r\n\t}\r\n\r\n\tisAuthenticated(): boolean {\r\n\t\treturn this._isAuthenticated;\r\n\t}\r\n\r\n\tgetUserName(): string {\r\n\t\treturn this.isAuthenticated() ? this.keyCloak?.getUsername() : '';\r\n\t}\r\n\r\n\tgetUserDisplayName(): string {\r\n\t\tif (!this.authEnabled || !this._isAuthenticated) {\r\n\t\t\treturn '';\r\n\t\t}\r\n\t\tlet username = this.getUserName();\r\n\r\n\t\tif (this._parsedKeycloakToken?.name) {\r\n\t\t\tusername = this.parsedKeyCloakToken.name;\r\n\t\t}\r\n\t\treturn username;\r\n\t}\r\n\r\n\tgetToken() {\r\n\t\treturn this.keyCloak.getToken();\r\n\t}\r\n\r\n\tlogout() {\r\n\t\tif (!this.authEnabled) {\r\n\t\t\treturn;\r\n\t\t}\r\n\r\n\t\tthis.keyCloak.logout(window.location.origin);\r\n\t}\r\n\r\n\tasync checkLogin() {\r\n\t\tif (!this.authEnabled) {\r\n\t\t\treturn;\r\n\t\t}\r\n\r\n\t\tthis._isAuthenticated = await this.keyCloak.isLoggedIn();\r\n\t\tthis.refreshKeycloakToken();\r\n\t\tconst username = this.getUserName();\r\n\t\tthis.username.next(username);\r\n\t}\r\n\r\n\tlogin() {\r\n\t\tif (!this.authEnabled) {\r\n\t\t\treturn;\r\n\t\t}\r\n\r\n\t\tthis.keyCloak.login();\r\n\t}\r\n\r\n\tenableAuth() {\r\n\t\tthis.authEnabled = true;\r\n\t}\r\n\r\n\trefreshKeycloakToken() {\r\n\t\tif (!this.authEnabled) {\r\n\t\t\treturn;\r\n\t\t}\r\n\r\n\t\tconst keyCloakInstance = this.keyCloak.getKeycloakInstance();\r\n\t\t/* eslint-disable @typescript-eslint/no-explicit-any */\r\n\t\tconst tokenParsed: AuthTokenParsed = keyCloakInstance.tokenParsed as any;\r\n\t\tthis._token = keyCloakInstance.token;\r\n\t\ttokenParsed?.subscription?.forEach((subscription: AuthSubscription) => {\r\n\t\t\t// Removes \"-Yearly\", \"-Monthly\" from end of string or -Eur- and everything that follows.\r\n\t\t\tsubscription.Label = subscription.PlanId.replace(/-Monthly$|-Yearly$|-EUR-(.*)/, '');\r\n\t\t});\r\n\t\tthis._parsedKeycloakToken = tokenParsed;\r\n\t}\r\n\r\n\tuserIsGroupMember(): boolean {\r\n\t\treturn this.parsedKeyCloakToken?.membership?.length > 0;\r\n\t}\r\n}\r\n","export enum AuthGuardParamKeys {\r\n\tREDIRECT_ROUTE = 'redirectRoute',\r\n}\r\n","import { Injectable } from '@angular/core';\r\nimport { ActivatedRouteSnapshot, Router, RouterStateSnapshot, CanActivate } from '@angular/router';\r\nimport { KeycloakService } from 'keycloak-angular';\r\n\r\nimport { AuthService } from './auth.service';\r\nimport { AuthGuardParamKeys } from './models/auth-guard-param-keys.enum';\r\n\r\n@Injectable({\r\n\tprovidedIn: 'root',\r\n})\r\nexport class AuthGuard implements CanActivate {\r\n\tconstructor(private readonly router: Router, private readonly keycloak: KeycloakService, private readonly auth: AuthService) {}\r\n\r\n\tasync canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Promise<boolean> {\r\n\t\tif (!this.auth.isAuthenticated()) {\r\n\t\t\t// redirectToLogin query param is more important than redirectRoute\r\n\t\t\tif (!route.queryParams?.redirectToLogin && route.data?.[AuthGuardParamKeys.REDIRECT_ROUTE]) {\r\n\t\t\t\tthis.router.navigate([route.data[AuthGuardParamKeys.REDIRECT_ROUTE]]);\r\n\t\t\t} else {\r\n\t\t\t\tawait this.keycloak.login({\r\n\t\t\t\t\tredirectUri: window.location.origin + state.url,\r\n\t\t\t\t});\r\n\t\t\t}\r\n\t\t}\r\n\r\n\t\t// Clear unnecessary query param\r\n\t\tif (route.queryParams?.redirectToLogin) {\r\n\t\t\tconst queryParams = { ...route.queryParams };\r\n\t\t\tdelete queryParams.redirectToLogin;\r\n\t\t\tthis.router.navigate([state.url.split('?')[0]], { queryParams });\r\n\t\t}\r\n\r\n\t\treturn this.auth.isAuthenticated();\r\n\t}\r\n}\r\n","import { Inject, Injectable } from '@angular/core';\r\nimport { PermissionStatus } from './models/permission-status.model';\r\nimport { Observable, Subject } from 'rxjs';\r\nimport { UserAccessConfigService } from '../user-access-config';\r\nimport { AuthService } from '../auth';\r\nimport { DefaultPermissions } from './models/default-permissions.enum';\r\nimport { PermissionsConfig } from './models/permissions-config.model';\r\nimport { USER_CUSTOM_CONFIGURATION_SERVICE_TOKEN } from './models/user-custom-configuration-service.token';\r\nimport { UserCustomConfigurationService } from './models/user-custom-configuration-service.model';\r\nimport { DefaultSubscriptionConfig } from './models/default-subscription-config.model';\r\nimport { AuthSubscription } from '@tilde-nlp/ngx-common';\r\n\r\n@Injectable({\r\n\tprovidedIn: 'root',\r\n})\r\nexport class PermissionsService<Permission, UserConfiguration> {\r\n\tuserConfiguration!: UserConfiguration;\r\n\tshowSubscriptionMessage!: boolean;\r\n\r\n\tprivate _hasOnlyUnauthorizedPermissions!: boolean;\r\n\r\n\tprivate _status!: PermissionStatus;\r\n\r\n\tprivate _permissions!: Permission[];\r\n\r\n\tprivate _expiredSubscriptions: AuthSubscription[] = [];\r\n\r\n\tprivate _expiredNotConfirmedSubscriptions: AuthSubscription[] = [];\r\n\r\n\tprivate _onPermissionRefresh = new Subject<Permission[]>();\r\n\r\n\tprivate isDebug!: boolean;\r\n\r\n\tprivate get statusLocalStorageKey() {\r\n\t\treturn this.userSpecificLocalstorageKey(this.status);\r\n\t}\r\n\r\n\tprivate get subscriptionConfig() {\r\n\t\treturn this.config.getConfiguration().subscriptions;\r\n\t}\r\n\r\n\tprivate get token() {\r\n\t\treturn this.auth.parsedKeyCloakToken;\r\n\t}\r\n\r\n\tget status() {\r\n\t\treturn this._status;\r\n\t}\r\n\tget permissions() {\r\n\t\treturn this._permissions;\r\n\t}\r\n\tget expiredSubscriptions() {\r\n\t\treturn this._expiredSubscriptions;\r\n\t}\r\n\tget expiredNotConfirmedSubscriptions() {\r\n\t\treturn this._expiredNotConfirmedSubscriptions;\r\n\t}\r\n\tget hasOnlyUnauthorizedPermissions() {\r\n\t\treturn this._hasOnlyUnauthorizedPermissions;\r\n\t}\r\n\r\n\tget onPermissionRefresh(): Observable<Permission[]> {\r\n\t\treturn this._onPermissionRefresh.asObservable();\r\n\t}\r\n\r\n\tprivate readonly SUPPORT_ROLE_KEY = 'support';\r\n\r\n\tconstructor(\r\n\t\tprivate readonly config: UserAccessConfigService,\r\n\t\tprivate readonly auth: AuthService,\r\n\t\t@Inject(USER_CUSTOM_CONFIGURATION_SERVICE_TOKEN)\r\n\t\tprivate readonly userConfigurationService: UserCustomConfigurationService<UserConfiguration>\r\n\t) {}\r\n\r\n\t/**\r\n\t * Checks wether user has necessary permission/permissions. By default, if user has at least one of given permissions, method returns true. To check all permissions, set needsAll to true.\r\n\t * @param permissions Permissions to be checked.\r\n\t * @param needsAll If user should have all of given permissions\r\n\t * @returns\r\n\t */\r\n\thasPermission(permissions: Permission[], needsAll = false): boolean {\r\n\t\t// if user is not any group member, access should not be provided\r\n\t\tif (!this.auth.userIsGroupMember() && this.auth.userSubscriptionPlan()) {\r\n\t\t\treturn false;\r\n\t\t}\r\n\r\n\t\tif (!permissions || permissions.length === 0 || this.permissions.includes(DefaultPermissions.ALL as Permission)) {\r\n\t\t\treturn true;\r\n\t\t}\r\n\r\n\t\tfor (const permission of permissions) {\r\n\t\t\tconst hasPermission = this.permissions.includes(permission);\r\n\t\t\tif (needsAll && !hasPermission) {\r\n\t\t\t\treturn false;\r\n\t\t\t} else if (!needsAll && hasPermission) {\r\n\t\t\t\treturn true;\r\n\t\t\t}\r\n\t\t}\r\n\r\n\t\treturn needsAll ? true : false;\r\n\t}\r\n\r\n\tconfigurePermissions(): void {\r\n\t\tthis.isDebug = this.config.getConfiguration()?.isDebug ?? false;\r\n\r\n\t\tthis.userConfiguration = {} as UserConfiguration;\r\n\t\tthis._status = PermissionStatus.OK;\r\n\r\n\t\tlet allPermissions: Permission[] | undefined = [];\r\n\t\tconst expiredSubscriptions: AuthSubscription[] = [];\r\n\r\n\t\tallPermissions = this.refreshAllPermissionsForUser();\r\n\r\n\t\tif (new Date() > new Date(this.auth.userSubscriptionPlan()?.EndDate as string)) {\r\n\t\t\texpiredSubscriptions.push(this.auth.userSubscriptionPlan() as AuthSubscription);\r\n\t\t}\r\n\r\n\t\tthis.setPermissions(allPermissions as Permission[]);\r\n\t\tthis._expiredSubscriptions = expiredSubscriptions;\r\n\t\tif (this.isDebug) {\r\n\t\t\t// eslint-disable-next-line no-console\r\n\t\t\tconsole.log('permissions', this.permissions);\r\n\t\t\t// eslint-disable-next-line no-console\r\n\t\t\tconsole.log('userConfig', this.userConfiguration);\r\n\t\t}\r\n\t\tthis.shouldShowMessage();\r\n\t}\r\n\r\n\tconfirmMessage() {\r\n\t\tconst localStorageKey = this.statusLocalStorageKey;\r\n\t\tif (this.status === PermissionStatus.NO_SUBSCRIPTION) {\r\n\t\t\tlocalStorage.setItem(localStorageKey, `true`);\r\n\t\t} else if (this.status === PermissionStatus.EXPIRED_SUBSCRIPTION) {\r\n\t\t\tconst confirmed = JSON.parse(localStorage.getItem(localStorageKey) as string) ?? {};\r\n\t\t\tthis.expiredNotConfirmedSubscriptions.forEach((subscription) => {\r\n\t\t\t\tconfirmed[subscription.PlanId] = new Date().toString();\r\n\t\t\t});\r\n\t\t\tlocalStorage.setItem(localStorageKey, JSON.stringify(confirmed));\r\n\t\t}\r\n\t\tthis.showSubscriptionMessage = false;\r\n\t}\r\n\r\n\tuserSpecificLocalstorageKey(key: string) {\r\n\t\treturn this.hashString(`${key}_${this.auth.getUserName().toUpperCase()}`);\r\n\t}\r\n\r\n\tprivate refreshAllPermissionsForUser() {\r\n\t\t// We should ignore subscription permissions for Supports.\r\n\t\treturn this.isSupport()\r\n\t\t\t? this.checkRolePermissions()\r\n\t\t\t: this.checkSubscriptionPermissions().concat(this.checkRolePermissions() as Permission[]);\r\n\t}\r\n\r\n\tprivate checkSubscriptionPermissions(): Permission[] {\r\n\t\tconst subscriptionConfig = this.subscriptionConfig;\r\n\t\tconst allPermissions = subscriptionConfig.plans;\r\n\t\tconst token = this.token;\r\n\t\tconst isAuthenticated = this.auth.isAuthenticated();\r\n\r\n\t\tlet permissions: Permission[] = [];\r\n\r\n\t\tif (isAuthenticated && !subscriptionConfig.ignoreSubscriptions) {\r\n\t\t\tlet hasAnySubscription = false;\r\n\t\t\tif (token?.subscription) {\r\n\t\t\t\tfor (const plan of token.subscription) {\r\n\t\t\t\t\tconst permissionConfig = this.findPermissionConfig(allPermissions, plan.Label as string);\r\n\t\t\t\t\tif (!this.isPlanActive(plan) && this.isSupportedPlan(plan)) {\r\n\t\t\t\t\t\tif (permissionConfig) {\r\n\t\t\t\t\t\t\thasAnySubscription = true;\r\n\t\t\t\t\t\t\tthis._status = PermissionStatus.EXPIRED_SUBSCRIPTION;\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\tcontinue;\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\tif (this.isPlanActive(plan) && this.isSupportedPlan(plan) && permissionConfig) {\r\n\t\t\t\t\t\thasAnySubscription = true;\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\tif (permissionConfig?.permissions) {\r\n\t\t\t\t\t\tpermissionConfig.permissions.forEach((permission) => {\r\n\t\t\t\t\t\t\tif (!permissions.includes(permission)) {\r\n\t\t\t\t\t\t\t\tpermissions.push(permission);\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\tif (permissionConfig?.userConfiguration) {\r\n\t\t\t\t\t\tthis.updateUserConfiguration(permissionConfig.userConfiguration);\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\tif (!hasAnySubscription) {\r\n\t\t\t\tthis._status = PermissionStatus.NO_SUBSCRIPTION;\r\n\t\t\t}\r\n\t\t} else if (subscriptionConfig.ignoreSubscriptions && this.isDebug) {\r\n\t\t\tconsole.warn(\r\n\t\t\t\t'You are ignoring subscriptions, which means that your permissions might not work as expected. This option might be set in config.local.debug.json for easier testing.'\r\n\t\t\t);\r\n\t\t}\r\n\r\n\t\t// if has no permissions, use default permissions\r\n\t\tif (permissions.length === 0) {\r\n\t\t\tconst defaultPlanName = this.findDefaultPlanName(subscriptionConfig, isAuthenticated);\r\n\t\t\tconst permissionConfig = this.findPermissionConfig(allPermissions, defaultPlanName);\r\n\r\n\t\t\tpermissions = permissionConfig?.permissions ?? [];\r\n\t\t\tthis.updateUserConfiguration(permissionConfig?.userConfiguration as UserConfiguration);\r\n\t\t\tif (!subscriptionConfig.ignoreSubscriptions) {\r\n\t\t\t\tthis._hasOnlyUnauthorizedPermissions = true;\r\n\t\t\t}\r\n\t\t}\r\n\r\n\t\treturn permissions;\r\n\t}\r\n\r\n\tprivate checkRolePermissions(): Permission[] | undefined {\r\n\t\tconst subscriptionConfig = this.subscriptionConfig;\r\n\t\tconst token = this.token;\r\n\t\tlet permissions: Permission[] = [];\r\n\r\n\t\tconst roles = token?.realm_access?.roles;\r\n\r\n\t\t// if no roles for user or no permissions defined for roles, return empty array.\r\n\t\tif (!roles?.length || !subscriptionConfig.roles?.length) {\r\n\t\t\treturn [];\r\n\t\t}\r\n\r\n\t\tif (this.isSupport()) {\r\n\t\t\treturn this.findPermissionConfig(subscriptionConfig.roles, this.SUPPORT_ROLE_KEY)?.permissions;\r\n\t\t}\r\n\r\n\t\troles.forEach((role) => {\r\n\t\t\tconst rolePermissionConfig = this.findPermissionConfig(subscriptionConfig.roles, role);\r\n\t\t\tif (rolePermissionConfig) {\r\n\t\t\t\tpermissions = permissions.concat(rolePermissionConfig.permissions as Permission[]);\r\n\t\t\t\tthis.updateUserConfiguration(rolePermissionConfig.userConfiguration);\r\n\t\t\t}\r\n\t\t});\r\n\r\n\t\treturn permissions;\r\n\t}\r\n\r\n\t/**\r\n\t * Updates current user configuration object with values that gives more permissions (bigger limits) to the user.\r\n\t * @param userConfiguration User configuration object to be compared with current userconfig object\r\n\t */\r\n\tprivate updateUserConfiguration(userConfiguration: UserConfiguration) {\r\n\t\tif (!userConfiguration) {\r\n\t\t\treturn;\r\n\t\t}\r\n\r\n\t\tthis.userConfigurationService.updateUserConfiguration(this.userConfiguration, userConfiguration);\r\n\t}\r\n\r\n\tprivate shouldShowMessage() {\r\n\t\tconst localStorageValue = localStorage.getItem(this.statusLocalStorageKey);\r\n\t\tif (this.status === PermissionStatus.NO_SUBSCRIPTION) {\r\n\t\t\tthis.showSubscriptionMessage = localStorageValue ? false : true;\r\n\t\t} else if (this.status === PermissionStatus.EXPIRED_SUBSCRIPTION) {\r\n\t\t\tconst confirmed = JSON.parse(localStorageValue as string);\r\n\t\t\tif (!confirmed) {\r\n\t\t\t\tthis._expiredNotConfirmedSubscriptions = this.expiredSubscriptions;\r\n\t\t\t\tthis.showSubscriptionMessage = true;\r\n\t\t\t\treturn;\r\n\t\t\t}\r\n\t\t\tconst notConfirmedExpired = [];\r\n\t\t\tfor (const subscription of this.expiredSubscriptions) {\r\n\t\t\t\tif (confirmed[subscription.PlanId] && new Date() > new Date(subscription.EndDate as string)) {\r\n\t\t\t\t\tcontinue;\r\n\t\t\t\t}\r\n\t\t\t\tnotConfirmedExpired.push(subscription);\r\n\t\t\t\tthis.showSubscriptionMessage = true;\r\n\t\t\t}\r\n\t\t\tthis._expiredNotConfirmedSubscriptions = notConfirmedExpired;\r\n\t\t}\r\n\t}\r\n\r\n\tprivate isPlanActive(plan: AuthSubscription) {\r\n\t\tif (!plan.EndDate || new Date() < new Date(plan.EndDate)) {\r\n\t\t\treturn true;\r\n\t\t}\r\n\r\n\t\treturn false;\r\n\t}\r\n\r\n\tprivate isSupportedPlan(plan: AuthSubscription) {\r\n\t\tconst planLabels = Object.values(this.config.getConfiguration().plans) as string[];\r\n\r\n\t\tif (planLabels.includes(plan.Label as string)) {\r\n\t\t\treturn true;\r\n\t\t}\r\n\r\n\t\treturn false;\r\n\t}\r\n\r\n\t/**\r\n\t * Finds permission config in array based on given key\r\n\t * @param permissions permission array where to find config from\r\n\t * @param key object identification key\r\n\t * @returns permission config\r\n\t */\r\n\tprivate findPermissionConfig(\r\n\t\tpermissions: PermissionsConfig<Permission, UserConfiguration>[],\r\n\t\tkey: string\r\n\t): PermissionsConfig<Permission, UserConfiguration> | null {\r\n\t\tfor (const permission of permissions) {\r\n\t\t\tif (permission.keys.includes(key)) {\r\n\t\t\t\treturn permission;\r\n\t\t\t}\r\n\t\t}\r\n\r\n\t\treturn null;\r\n\t}\r\n\r\n\t// for storing user specific info in localstorage;\r\n\tprivate hashString(username: string) {\r\n\t\tlet hash = 0;\r\n\t\tif (username.length > 0) {\r\n\t\t\tfor (let i = 0; i < username.length; i++) {\r\n\t\t\t\tconst char = username.charCodeAt(i);\r\n\t\t\t\thash = (hash << 5) - hash + char;\r\n\t\t\t\thash = hash & hash; // Convert to 32bit integer\r\n\t\t\t}\r\n\t\t}\r\n\t\treturn hash.toString();\r\n\t}\r\n\r\n\tprivate findDefaultPlanName(config: DefaultSubscriptionConfig, isAuthenticated: boolean): string {\r\n\t\tlet defaultPlanName;\r\n\t\tif (isAuthenticated) {\r\n\t\t\tif (this.status === PermissionStatus.EXPIRED_SUBSCRIPTION) {\r\n\t\t\t\tdefaultPlanName = config.expiredPermissionsPlanName || config.authorizedDefaultPermissionPlan;\r\n\t\t\t} else {\r\n\t\t\t\tdefaultPlanName = config.authorizedDefaultPermissionPlan;\r\n\t\t\t}\r\n\t\t}\r\n\t\treturn defaultPlanName || (config.unauthorizedDefaultPermissionPlan as string);\r\n\t}\r\n\r\n\tprivate setPermissions(permissions: Permission[]) {\r\n\t\tthis._permissions = permissions;\r\n\t\tthis._onPermissionRefresh.next(this._permissions);\r\n\t}\r\n\r\n\tprivate isSupport(): boolean {\r\n\t\treturn this.token?.realm_access?.roles?.includes(this.SUPPORT_ROLE_KEY);\r\n\t}\r\n}\r\n","import { inject } from '@angular/core';\r\nimport { KeycloakEventTypeLegacy, KeycloakService } from 'keycloak-angular';\r\nimport { UserAccessConfigService } from '../user-access-config';\r\nimport { PermissionsService } from '../permissions';\r\nimport { AuthService } from '../auth';\r\n\r\nexport async function KEYCLOAK_INITIALIZER() {\r\n\tconst keycloak = inject(KeycloakService);\r\n\tconst config = inject(UserAccessConfigService);\r\n\tconst permissions = inject(PermissionsService);\r\n\tconst auth = inject(AuthService);\r\n\r\n\tawait keycloak\r\n\t\t.init({\r\n\t\t\tconfig: config.getConfiguration().keycloak,\r\n\t\t\tenableBearerInterceptor: false,\r\n\t\t\tloadUserProfileAtStartUp: true,\r\n\t\t\tinitOptions: {\r\n\t\t\t\tonLoad: 'check-sso',\r\n\t\t\t\tsilentCheckSsoRedirectUri: window.location.origin + '/assets/auth/silent-check-sso.html',\r\n\t\t\t\tredirectUri: window.location.origin,\r\n\t\t\t},\r\n\t\t\tbearerExcludedUrls: config.getConfiguration().keycloak.bearerExcludedUrls,\r\n\t\t})\r\n\t\t.catch((error) => {\r\n\t\t\tconsole.error(error);\r\n\t\t\tpermissions.configurePermissions();\r\n\t\t\treturn;\r\n\t\t});\r\n\r\n\tauth.enableAuth();\r\n\tawait auth.checkLogin();\r\n\t\r\n\tpermissions.configurePermissions();\r\n\r\n\tkeycloak.keycloakEvents$.subscribe((ev) => {\r\n\t\tif (ev.type == KeycloakEventTypeLegacy.OnTokenExpired) {\r\n\t\t\tconst minValidity = 5;\r\n\t\t\tif (keycloak.isTokenExpired(minValidity)) {\r\n\t\t\t\tkeycloak.updateToken(minValidity).then(\r\n\t\t\t\t\t() => {\r\n\t\t\t\t\t\tauth.refreshKeycloakToken();\r\n\t\t\t\t\t\tpermissions.configurePermissions();\r\n\t\t\t\t\t},\r\n\t\t\t\t\t(err) => {\r\n\t\t\t\t\t\tconsole.error('Token refresh failed', err);\r\n\t\t\t\t\t\tkeycloak.login();\r\n\t\t\t\t\t}\r\n\t\t\t\t);\r\n\t\t\t}\r\n\t\t}\r\n\t});\r\n}\r\n","import { KeycloakBearerInterceptor, KeycloakService } from 'keycloak-angular';\r\nimport { KEYCLOAK_INITIALIZER } from './keycloak.initializer';\r\nimport { HTTP_INTERCEPTORS } from '@angular/common/http';\r\n\r\nexport async function KEYCLOAK_PROVIDER() {\r\n\treturn [\r\n\t\tKeycloakService,\r\n\t\t{\r\n\t\t\tprovide: HTTP_INTERCEPTORS,\r\n\t\t\tuseClass: KeycloakBearerInterceptor,\r\n\t\t\tdeps: [KeycloakService],\r\n\t\t\tmulti: true,\r\n\t\t},\r\n\t\tawait KEYCLOAK_INITIALIZER(),\r\n\t];\r\n}\r\n","/**\n * Generated bundle index. Do not edit.\n */\n\nexport * from './public-api';\n"],"names":["i1.UserAccessConfigService","i3.AuthService"],"mappings":";;;;;;;;MAGa,wBAAwB,GAAG,IAAI,cAAc,CAAmB,0BAA0B;;MCI1F,uBAAuB,CAAA;AACnC,IAAA,OAAO,GAAG,MAAM,CAAC,wBAAwB,CAAC;IAE1C,gBAAgB,GAAA;QACf,OAAO,IAAI,CAAC,OAAO;IACpB;8GALY,uBAAuB,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA,CAAA;AAAvB,IAAA,SAAA,IAAA,CAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,uBAAuB,cAFvB,MAAM,EAAA,CAAA,CAAA;;2FAEN,uBAAuB,EAAA,UAAA,EAAA,CAAA;kBAHnC,UAAU;AAAC,YAAA,IAAA,EAAA,CAAA;AACX,oBAAA,UAAU,EAAE,MAAM;AAClB,iBAAA;;;ICNW;AAAZ,CAAA,UAAY,gBAAgB,EAAA;AAC3B,IAAA,gBAAA,CAAA,IAAA,CAAA,GAAA,IAAS;AACT,IAAA,gBAAA,CAAA,sBAAA,CAAA,GAAA,sBAA6C;AAC7C,IAAA,gBAAA,CAAA,iBAAA,CAAA,GAAA,iBAAmC;AACpC,CAAC,EAJW,gBAAgB,KAAhB,gBAAgB,GAAA,EAAA,CAAA,CAAA;;ICAhB;AAAZ,CAAA,UAAY,kBAAkB,EAAA;AAC5B,IAAA,kBAAA,CAAA,KAAA,CAAA,GAAA,KAAW;AACb,CAAC,EAFW,kBAAkB,KAAlB,kBAAkB,GAAA,EAAA,CAAA,CAAA;;MCEjB,uCAAuC,GAAG,IAAI,cAAc,CAAC,yCAAyC;;MCQtG,WAAW,CAAA;AAOvB,IAAA,IAAI,KAAK,GAAA;QACR,OAAO,IAAI,CAAC,MAAM;IACnB;AAEA,IAAA,IAAI,mBAAmB,GAAA;QACtB,OAAO,IAAI,CAAC,oBAAoB;IACjC;IAEA,WAAA,CAA6B,MAA+B,EAAmB,QAAyB,EAAA;QAA3E,IAAA,CAAA,MAAM,GAAN,MAAM;QAA4C,IAAA,CAAA,QAAQ,GAAR,QAAQ;QAX/E,IAAA,CAAA,gBAAgB,GAAG,KAAK;QAY/B,IAAI,CAAC,QAAQ,GAAG,IAAI,eAAe,CAAS,EAAE,CAAC;;;AAI9C,QAAA,MAAc,CAAC,aAAa,GAAG,MAAK;YACpC,OAAO,IAAI,CAAC,MAAM;AACnB,QAAA,CAAC;IACF;IAEA,oBAAoB,GAAA;AACnB,QAAA,OAAO,IAAI,CAAC,mBAAmB,EAAE,YAAY,EAAE,IAAI,CAAC,CAAC,IAAwB,KAC5E,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CACzE;IACF;IAEA,eAAe,GAAA;QACd,OAAO,IAAI,CAAC,gBAAgB;IAC7B;IAEA,WAAW,GAAA;AACV,QAAA,OAAO,IAAI,CAAC,eAAe,EAAE,GAAG,IAAI,CAAC,QAAQ,EAAE,WAAW,EAAE,GAAG,EAAE;IAClE;IAEA,kBAAkB,GAAA;QACjB,IAAI,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE;AAChD,YAAA,OAAO,EAAE;QACV;AACA,QAAA,IAAI,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE;AAEjC,QAAA,IAAI,IAAI,CAAC,oBAAoB,EAAE,IAAI,EAAE;AACpC,YAAA,QAAQ,GAAG,IAAI,CAAC,mBAAmB,CAAC,IAAI;QACzC;AACA,QAAA,OAAO,QAAQ;IAChB;IAEA,QAAQ,GAAA;AACP,QAAA,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE;IAChC;IAEA,MAAM,GAAA;AACL,QAAA,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE;YACtB;QACD;QAEA,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;IAC7C;AAEA,IAAA,MAAM,UAAU,GAAA;AACf,QAAA,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE;YACtB;QACD;QAEA,IAAI,CAAC,gBAAgB,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE;QACxD,IAAI,CAAC,oBAAoB,EAAE;AAC3B,QAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE;AACnC,QAAA,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC;IAC7B;IAEA,KAAK,GAAA;AACJ,QAAA,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE;YACtB;QACD;AAEA,QAAA,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE;IACtB;IAEA,UAAU,GAAA;AACT,QAAA,IAAI,CAAC,WAAW,GAAG,IAAI;IACxB;IAEA,oBAAoB,GAAA;AACnB,QAAA,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE;YACtB;QACD;QAEA,MAAM,gBAAgB,GAAG,IAAI,CAAC,QAAQ,CAAC,mBAAmB,EAAE;;AAE5D,QAAA,MAAM,WAAW,GAAoB,gBAAgB,CAAC,WAAkB;AACxE,QAAA,IAAI,CAAC,MAAM,GAAG,gBAAgB,CAAC,KAAK;QACpC,WAAW,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC,YAA8B,KAAI;;AAErE,YAAA,YAAY,CAAC,KAAK,GAAG,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,8BAA8B,EAAE,EAAE,CAAC;AACrF,QAAA,CAAC,CAAC;AACF,QAAA,IAAI,CAAC,oBAAoB,GAAG,WAAW;IACxC;IAEA,iBAAiB,GAAA;QAChB,OAAO,IAAI,CAAC,mBAAmB,EAAE,UAAU,EAAE,MAAM,GAAG,CAAC;IACxD;8GAxGY,WAAW,EAAA,IAAA,EAAA,CAAA,EAAA,KAAA,EAAAA,uBAAA,EAAA,EAAA,EAAA,KAAA,EAAA,EAAA,CAAA,eAAA,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA,CAAA;AAAX,IAAA,SAAA,IAAA,CAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAW,cAFX,MAAM,EAAA,CAAA,CAAA;;2FAEN,WAAW,EAAA,UAAA,EAAA,CAAA;kBAHvB,UAAU;AAAC,YAAA,IAAA,EAAA,CAAA;AACX,oBAAA,UAAU,EAAE,MAAM;AAClB,iBAAA;;;ICTW;AAAZ,CAAA,UAAY,kBAAkB,EAAA;AAC7B,IAAA,kBAAA,CAAA,gBAAA,CAAA,GAAA,eAAgC;AACjC,CAAC,EAFW,kBAAkB,KAAlB,kBAAkB,GAAA,EAAA,CAAA,CAAA;;MCUjB,SAAS,CAAA;AACrB,IAAA,WAAA,CAA6B,MAAc,EAAmB,QAAyB,EAAmB,IAAiB,EAAA;QAA9F,IAAA,CAAA,MAAM,GAAN,MAAM;QAA2B,IAAA,CAAA,QAAQ,GAAR,QAAQ;QAAoC,IAAA,CAAA,IAAI,GAAJ,IAAI;IAAgB;AAE9H,IAAA,MAAM,WAAW,CAAC,KAA6B,EAAE,KAA0B,EAAA;QAC1E,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,EAAE;;AAEjC,YAAA,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,eAAe,IAAI,KAAK,CAAC,IAAI,GAAG,kBAAkB,CAAC,cAAc,CAAC,EAAE;AAC3F,gBAAA,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,cAAc,CAAC,CAAC,CAAC;YACtE;iBAAO;AACN,gBAAA,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;oBACzB,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,KAAK,CAAC,GAAG;AAC/C,iBAAA,CAAC;YACH;QACD;;AAGA,QAAA,IAAI,KAAK,CAAC,WAAW,EAAE,eAAe,EAAE;YACvC,MAAM,WAAW,GAAG,EAAE,GAAG,KAAK,CAAC,WAAW,EAAE;YAC5C,OAAO,WAAW,CAAC,eAAe;YAClC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,WAAW,EAAE,CAAC;QACjE;AAEA,QAAA,OAAO,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;IACnC;8GAvBY,SAAS,EAAA,IAAA,EAAA,CAAA,EAAA,KAAA,EAAA,EAAA,CAAA,MAAA,EAAA,EAAA,EAAA,KAAA,EAAA,EAAA,CAAA,eAAA,EAAA,EAAA,EAAA,KAAA,EAAAC,WAAA,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA,CAAA;AAAT,IAAA,SAAA,IAAA,CAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,SAAS,cAFT,MAAM,EAAA,CAAA,CAAA;;2FAEN,SAAS,EAAA,UAAA,EAAA,CAAA;kBAHrB,UAAU;AAAC,YAAA,IAAA,EAAA,CAAA;AACX,oBAAA,UAAU,EAAE,MAAM;AAClB,iBAAA;;;MCMY,kBAAkB,CAAA;AAkB9B,IAAA,IAAY,qBAAqB,GAAA;QAChC,OAAO,IAAI,CAAC,2BAA2B,CAAC,IAAI,CAAC,MAAM,CAAC;IACrD;AAEA,IAAA,IAAY,kBAAkB,GAAA;QAC7B,OAAO,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC,aAAa;IACpD;AAEA,IAAA,IAAY,KAAK,GAAA;AAChB,QAAA,OAAO,IAAI,CAAC,IAAI,CAAC,mBAAmB;IACrC;AAEA,IAAA,IAAI,MAAM,GAAA;QACT,OAAO,IAAI,CAAC,OAAO;IACpB;AACA,IAAA,IAAI,WAAW,GAAA;QACd,OAAO,IAAI,CAAC,YAAY;IACzB;AACA,IAAA,IAAI,oBAAoB,GAAA;QACvB,OAAO,IAAI,CAAC,qBAAqB;IAClC;AACA,IAAA,IAAI,gCAAgC,GAAA;QACnC,OAAO,IAAI,CAAC,iCAAiC;IAC9C;AACA,IAAA,IAAI,8BAA8B,GAAA;QACjC,OAAO,IAAI,CAAC,+BAA+B;IAC5C;AAEA,IAAA,IAAI,mBAAmB,GAAA;AACtB,QAAA,OAAO,IAAI,CAAC,oBAAoB,CAAC,YAAY,EAAE;IAChD;AAIA,IAAA,WAAA,CACkB,MAA+B,EAC/B,IAAiB,EAEjB,wBAA2E,EAAA;QAH3E,IAAA,CAAA,MAAM,GAAN,MAAM;QACN,IAAA,CAAA,IAAI,GAAJ,IAAI;QAEJ,IAAA,CAAA,wBAAwB,GAAxB,wBAAwB;QA9ClC,IAAA,CAAA,qBAAqB,GAAuB,EAAE;QAE9C,IAAA,CAAA,iCAAiC,GAAuB,EAAE;AAE1D,QAAA,IAAA,CAAA,oBAAoB,GAAG,IAAI,OAAO,EAAgB;QAoCzC,IAAA,CAAA,gBAAgB,GAAG,SAAS;IAO1C;AAEH;;;;;AAKG;AACH,IAAA,aAAa,CAAC,WAAyB,EAAE,QAAQ,GAAG,KAAK,EAAA;;AAExD,QAAA,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE;AACvE,YAAA,OAAO,KAAK;QACb;QAEA,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,kBAAkB,CAAC,GAAiB,CAAC,EAAE;AAChH,YAAA,OAAO,IAAI;QACZ;AAEA,QAAA,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE;YACrC,MAAM,aAAa,GAAG,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,UAAU,CAAC;AAC3D,YAAA,IAAI,QAAQ,IAAI,CAAC,aAAa,EAAE;AAC/B,gBAAA,OAAO,KAAK;YACb;AAAO,iBAAA,IAAI,CAAC,QAAQ,IAAI,aAAa,EAAE;AACtC,gBAAA,OAAO,IAAI;YACZ;QACD;QAEA,OAAO,QAAQ,GAAG,IAAI,GAAG,KAAK;IAC/B;IAEA,oBAAoB,GAAA;AACnB,QAAA,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,EAAE,OAAO,IAAI,KAAK;AAE/D,QAAA,IAAI,CAAC,iBAAiB,GAAG,EAAuB;AAChD,QAAA,IAAI,CAAC,OAAO,GAAG,gBAAgB,CAAC,EAAE;QAElC,IAAI,cAAc,GAA6B,EAAE;QACjD,MAAM,oBAAoB,GAAuB,EAAE;AAEnD,QAAA,cAAc,GAAG,IAAI,CAAC,4BAA4B,EAAE;AAEpD,QAAA,IAAI,IAAI,IAAI,EAAE,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,OAAiB,CAAC,EAAE;YAC/E,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAsB,CAAC;QAChF;AAEA,QAAA,IAAI,CAAC,cAAc,CAAC,cAA8B,CAAC;AACnD,QAAA,IAAI,CAAC,qBAAqB,GAAG,oBAAoB;AACjD,QAAA,IAAI,IAAI,CAAC,OAAO,EAAE;;YAEjB,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC,WAAW,CAAC;;YAE5C,OAAO,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,iBAAiB,CAAC;QAClD;QACA,IAAI,CAAC,iBAAiB,EAAE;IACzB;IAEA,cAAc,GAAA;AACb,QAAA,MAAM,eAAe,GAAG,IAAI,CAAC,qBAAqB;QAClD,IAAI,IAAI,CAAC,MAAM,KAAK,gBAAgB,CAAC,eAAe,EAAE;AACrD,YAAA,YAAY,CAAC,OAAO,CAAC,eAAe,EAAE,CAAA,IAAA,CAAM,CAAC;QAC9C;aAAO,IAAI,IAAI,CAAC,MAAM,KAAK,gBAAgB,CAAC,oBAAoB,EAAE;AACjE,YAAA,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,eAAe,CAAW,CAAC,IAAI,EAAE;YACnF,IAAI,CAAC,gCAAgC,CAAC,OAAO,CAAC,CAAC,YAAY,KAAI;AAC9D,gBAAA,SAAS,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,IAAI,IAAI,EAAE,CAAC,QAAQ,EAAE;AACvD,YAAA,CAAC,CAAC;AACF,YAAA,YAAY,CAAC,OAAO,CAAC,eAAe,EAAE,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACjE;AACA,QAAA,IAAI,CAAC,uBAAuB,GAAG,KAAK;IACrC;AAEA,IAAA,2BAA2B,CAAC,GAAW,EAAA;AACtC,QAAA,OAAO,IAAI,CAAC,UAAU,CAAC,CAAA,EAAG,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,WAAW,EAAE,CAAA,CAAE,CAAC;IAC1E;IAEQ,4BAA4B,GAAA;;QAEnC,OAAO,IAAI,CAAC,SAAS;AACpB,cAAE,IAAI,CAAC,oBAAoB;AAC3B,cAAE,IAAI,CAAC,4BAA4B,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,EAAkB,CAAC;IAC3F;IAEQ,4BAA4B,GAAA;AACnC,QAAA,MAAM,kBAAkB,GAAG,IAAI,CAAC,kBAAkB;AAClD,QAAA,MAAM,cAAc,GAAG,kBAAkB,CAAC,KAAK;AAC/C,QAAA,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK;QACxB,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;QAEnD,IAAI,WAAW,GAAiB,EAAE;AAElC,QAAA,IAAI,eAAe,IAAI,CAAC,kBAAkB,CAAC,mBAAmB,EAAE;YAC/D,IAAI,kBAAkB,GAAG,KAAK;AAC9B,YAAA,IAAI,KAAK,EAAE,YAAY,EAAE;AACxB,gBAAA,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,YAAY,EAAE;AACtC,oBAAA,MAAM,gBAAgB,GAAG,IAAI,CAAC,oBAAoB,CAAC,cAAc,EAAE,IAAI,CAAC,KAAe,CAAC;AACxF,oBAAA,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE;wBAC3D,IAAI,gBAAgB,EAAE;4BACrB,kBAAkB,GAAG,IAAI;AACzB,4BAAA,IAAI,CAAC,OAAO,GAAG,gBAAgB,CAAC,oBAAoB;wBACrD;wBACA;oBACD;AAEA,oBAAA,IAAI,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,gBAAgB,EAAE;wBAC9E,kBAAkB,GAAG,IAAI;oBAC1B;AAEA,oBAAA,IAAI,gBAAgB,EAAE,WAAW,EAAE;wBAClC,gBAAgB,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,UAAU,KAAI;4BACnD,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE;AACtC,gCAAA,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC;4BAC7B;AACD,wBAAA,CAAC,CAAC;oBACH;AAEA,oBAAA,IAAI,gBAAgB,EAAE,iBAAiB,EAAE;AACxC,wBAAA,IAAI,CAAC,uBAAuB,CAAC,gBAAgB,CAAC,iBAAiB,CAAC;oBACjE;gBACD;YACD;YACA,IAAI,CAAC,kBAAkB,EAAE;AACxB,gBAAA,IAAI,CAAC,OAAO,GAAG,gBAAgB,CAAC,eAAe;YAChD;QACD;aAAO,IAAI,kBAAkB,CAAC,mBAAmB,IAAI,IAAI,CAAC,OAAO,EAAE;AAClE,YAAA,OAAO,CAAC,IAAI,CACX,uKAAuK,CACvK;QACF;;AAGA,QAAA,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE;YAC7B,MAAM,eAAe,GAAG,IAAI,CAAC,mBAAmB,CAAC,kBAAkB,EAAE,eAAe,CAAC;YACrF,MAAM,gBAAgB,GAAG,IAAI,CAAC,oBAAoB,CAAC,cAAc,EAAE,eAAe,CAAC;AAEnF,YAAA,WAAW,GAAG,gBAAgB,EAAE,WAAW,IAAI,EAAE;AACjD,YAAA,IAAI,CAAC,uBAAuB,CAAC,gBAAgB,EAAE,iBAAsC,CAAC;AACtF,YAAA,IAAI,CAAC,kBAAkB,CAAC,mBAAmB,EAAE;AAC5C,gBAAA,IAAI,CAAC,+BAA+B,GAAG,IAAI;YAC5C;QACD;AAEA,QAAA,OAAO,WAAW;IACnB;IAEQ,oBAAoB,GAAA;AAC3B,QAAA,MAAM,kBAAkB,GAAG,IAAI,CAAC,kBAAkB;AAClD,QAAA,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK;QACxB,IAAI,WAAW,GAAiB,EAAE;AAElC,QAAA,MAAM,KAAK,GAAG,KAAK,EAAE,YAAY,EAAE,KAAK;;AAGxC,QAAA,IAAI,CAAC,KAAK,EAAE,MAAM,IAAI,CAAC,kBAAkB,CAAC,KAAK,EAAE,MAAM,EAAE;AACxD,YAAA,OAAO,EAAE;QACV;AAEA,QAAA,IAAI,IAAI,CAAC,SAAS,EAAE,EAAE;AACrB,YAAA,OAAO,IAAI,CAAC,oBAAoB,CAAC,kBAAkB,CAAC,KAAK,EAAE,IAAI,CAAC,gBAAgB,CAAC,EAAE,WAAW;QAC/F;AAEA,QAAA,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,KAAI;AACtB,YAAA,MAAM,oBAAoB,GAAG,IAAI,CAAC,oBAAoB,CAAC,kBAAkB,CAAC,KAAK,EAAE,IAAI,CAAC;YACtF,IAAI,oBAAoB,EAAE;gBACzB,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,oBAAoB,CAAC,WAA2B,CAAC;AAClF,gBAAA,IAAI,CAAC,uBAAuB,CAAC,oBAAoB,CAAC,iBAAiB,CAAC;YACrE;AACD,QAAA,CAAC,CAAC;AAEF,QAAA,OAAO,WAAW;IACnB;AAEA;;;AAGG;AACK,IAAA,uBAAuB,CAAC,iBAAoC,EAAA;QACnE,IAAI,CAAC,iBAAiB,EAAE;YACvB;QACD;QAEA,IAAI,CAAC,wBAAwB,CAAC,uBAAuB,CAAC,IAAI,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;IACjG;IAEQ,iBAAiB,GAAA;QACxB,MAAM,iBAAiB,GAAG,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,qBAAqB,CAAC;QAC1E,IAAI,IAAI,CAAC,MAAM,KAAK,gBAAgB,CAAC,eAAe,EAAE;AACrD,YAAA,IAAI,CAAC,uBAAuB,GAAG,iBAAiB,GAAG,KAAK,GAAG,IAAI;QAChE;aAAO,IAAI,IAAI,CAAC,MAAM,KAAK,gBAAgB,CAAC,oBAAoB,EAAE;YACjE,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,iBAA2B,CAAC;YACzD,IAAI,CAAC,SAAS,EAAE;AACf,gBAAA,IAAI,CAAC,iCAAiC,GAAG,IAAI,CAAC,oBAAoB;AAClE,gBAAA,IAAI,CAAC,uBAAuB,GAAG,IAAI;gBACnC;YACD;YACA,MAAM,mBAAmB,GAAG,EAAE;AAC9B,YAAA,KAAK,MAAM,YAAY,IAAI,IAAI,CAAC,oBAAoB,EAAE;AACrD,gBAAA,IAAI,SAAS,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,IAAI,IAAI,EAAE,GAAG,IAAI,IAAI,CAAC,YAAY,CAAC,OAAiB,CAAC,EAAE;oBAC5F;gBACD;AACA,gBAAA,mBAAmB,CAAC,IAAI,CAAC,YAAY,CAAC;AACtC,gBAAA,IAAI,CAAC,uBAAuB,GAAG,IAAI;YACpC;AACA,YAAA,IAAI,CAAC,iCAAiC,GAAG,mBAAmB;QAC7D;IACD;AAEQ,IAAA,YAAY,CAAC,IAAsB,EAAA;AAC1C,QAAA,IAAI,CAAC,IAAI,CAAC,OAAO,IAAI,IAAI,IAAI,EAAE,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;AACzD,YAAA,OAAO,IAAI;QACZ;AAEA,QAAA,OAAO,KAAK;IACb;AAEQ,IAAA,eAAe,CAAC,IAAsB,EAAA;AAC7C,QAAA,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC,KAAK,CAAa;QAElF,IAAI,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAe,CAAC,EAAE;AAC9C,YAAA,OAAO,IAAI;QACZ;AAEA,QAAA,OAAO,KAAK;IACb;AAEA;;;;;AAKG;IACK,oBAAoB,CAC3B,WAA+D,EAC/D,GAAW,EAAA;AAEX,QAAA,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE;YACrC,IAAI,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;AAClC,gBAAA,OAAO,UAAU;YAClB;QACD;AAEA,QAAA,OAAO,IAAI;IACZ;;AAGQ,IAAA,UAAU,CAAC,QAAgB,EAAA;QAClC,IAAI,IAAI,GAAG,CAAC;AACZ,QAAA,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;AACxB,YAAA,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;gBACzC,MAAM,IAAI,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC;gBACnC,IAAI,GAAG,CAAC,IAAI,IAAI,CAAC,IAAI,IAAI,GAAG,IAAI;AAChC,gBAAA,IAAI,GAAG,IAAI,GAAG,IAAI,CAAC;YACpB;QACD;AACA,QAAA,OAAO,IAAI,CAAC,QAAQ,EAAE;IACvB;IAEQ,mBAAmB,CAAC,MAAiC,EAAE,eAAwB,EAAA;AACtF,QAAA,IAAI,eAAe;QACnB,IAAI,eAAe,EAAE;YACpB,IAAI,IAAI,CAAC,MAAM,KAAK,gBAAgB,CAAC,oBAAoB,EAAE;gBAC1D,eAAe,GAAG,MAAM,CAAC,0BAA0B,IAAI,MAAM,CAAC,+BAA+B;YAC9F;iBAAO;AACN,gBAAA,eAAe,GAAG,MAAM,CAAC,+BAA+B;YACzD;QACD;AACA,QAAA,OAAO,eAAe,IAAK,MAAM,CAAC,iCAA4C;IAC/E;AAEQ,IAAA,cAAc,CAAC,WAAyB,EAAA;AAC/C,QAAA,IAAI,CAAC,YAAY,GAAG,WAAW;QAC/B,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC;IAClD;IAEQ,SAAS,GAAA;AAChB,QAAA,OAAO,IAAI,CAAC,KAAK,EAAE,YAAY,EAAE,KAAK,EAAE,QAAQ,CAAC,IAAI,CAAC,gBAAgB,CAAC;IACxE;AA3UY,IAAA,SAAA,IAAA,CAAA,IAAA,GAAA,EAAA,CAAA,kBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,kBAAkB,8EAuDrB,uCAAuC,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA,CAAA;AAvDpC,IAAA,SAAA,IAAA,CAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,kBAAkB,cAFlB,MAAM,EAAA,CAAA,CAAA;;2FAEN,kBAAkB,EAAA,UAAA,EAAA,CAAA;kBAH9B,UAAU;AAAC,YAAA,IAAA,EAAA,CAAA;AACX,oBAAA,UAAU,EAAE,MAAM;AAClB,iBAAA;;0BAwDE,MAAM;2BAAC,uCAAuC;;;AChE1C,eAAe,oBAAoB,GAAA;AACzC,IAAA,MAAM,QAAQ,GAAG,MAAM,CAAC,eAAe,CAAC;AACxC,IAAA,MAAM,MAAM,GAAG,MAAM,CAAC,uBAAuB,CAAC;AAC9C,IAAA,MAAM,WAAW,GAAG,MAAM,CAAC,kBAAkB,CAAC;AAC9C,IAAA,MAAM,IAAI,GAAG,MAAM,CAAC,WAAW,CAAC;AAEhC,IAAA,MAAM;AACJ,SAAA,IAAI,CAAC;AACL,QAAA,MAAM,EAAE,MAAM,CAAC,gBAAgB,EAAE,CAAC,QAAQ;AAC1C,QAAA,uBAAuB,EAAE,KAAK;AAC9B,QAAA,wBAAwB,EAAE,IAAI;AAC9B,QAAA,WAAW,EAAE;AACZ,YAAA,MAAM,EAAE,WAAW;AACnB,YAAA,yBAAyB,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,oCAAoC;AACxF,YAAA,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;AACnC,SAAA;QACD,kBAAkB,EAAE,MAAM,CAAC,gBAAgB,EAAE,CAAC,QAAQ,CAAC,kBAAkB;KACzE;AACA,SAAA,KAAK,CAAC,CAAC,KAAK,KAAI;AAChB,QAAA,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC;QACpB,WAAW,CAAC,oBAAoB,EAAE;QAClC;AACD,IAAA,CAAC,CAAC;IAEH,IAAI,CAAC,UAAU,EAAE;AACjB,IAAA,MAAM,IAAI,CAAC,UAAU,EAAE;IAEvB,WAAW,CAAC,oBAAoB,EAAE;IAElC,QAAQ,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC,EAAE,KAAI;QACzC,IAAI,EAAE,CAAC,IAAI,IAAI,uBAAuB,CAAC,cAAc,EAAE;YACtD,MAAM,WAAW,GAAG,CAAC;AACrB,YAAA,IAAI,QAAQ,CAAC,cAAc,CAAC,WAAW,CAAC,EAAE;gBACzC,QAAQ,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,IAAI,CACrC,MAAK;oBACJ,IAAI,CAAC,oBAAoB,EAAE;oBAC3B,WAAW,CAAC,oBAAoB,EAAE;AACnC,gBAAA,CAAC,EACD,CAAC,GAAG,KAAI;AACP,oBAAA,OAAO,CAAC,KAAK,CAAC,sBAAsB,EAAE,GAAG,CAAC;oBAC1C,QAAQ,CAAC,KAAK,EAAE;AACjB,gBAAA,CAAC,CACD;YACF;QACD;AACD,IAAA,CAAC,CAAC;AACH;;AChDO,eAAe,iBAAiB,GAAA;IACtC,OAAO;QACN,eAAe;AACf,QAAA;AACC,YAAA,OAAO,EAAE,iBAAiB;AAC1B,YAAA,QAAQ,EAAE,yBAAyB;YACnC,IAAI,EAAE,CAAC,eAAe,CAAC;AACvB,YAAA,KAAK,EAAE,IAAI;AACX,SAAA;AACD,QAAA,MAAM,oBAAoB,EAAE;KAC5B;AACF;;ACfA;;AAEG;;;;"}

package/index.d.ts ADDED Viewed

@@ -0,0 +1,233 @@
+import * as i0 from '@angular/core';
+import { InjectionToken } from '@angular/core';
+import * as _angular_common_http from '@angular/common/http';
+import { KeycloakService, KeycloakBearerInterceptor } from 'keycloak-angular';
+import { BehaviorSubject, Observable } from 'rxjs';
+import { AuthSubscription } from '@tilde-nlp/ngx-common';
+import { CanActivate, Router, ActivatedRouteSnapshot, RouterStateSnapshot } from '@angular/router';
+interface UserAccessConfig {
+    keycloak: {
+        url: string;
+        realm: string;
+        clientId: string;
+        bearerExcludedUrls: string[];
+    };
+    plans: string[];
+    subscriptions: any;
+    /** Use this to keep useful console logs in dev environment */
+    isDebug?: boolean;
+}
+declare class UserAccessConfigService {
+    #private;
+    getConfiguration(): UserAccessConfig;
+    static ɵfac: i0.ɵɵFactoryDeclaration<UserAccessConfigService, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<UserAccessConfigService>;
+}
+declare const USER_ACCESS_CONFIG_TOKEN: InjectionToken<UserAccessConfig>;
+declare function KEYCLOAK_PROVIDER(): Promise<(void | typeof KeycloakService | {
+    provide: i0.InjectionToken<readonly _angular_common_http.HttpInterceptor[]>;
+    useClass: typeof KeycloakBearerInterceptor;
+    deps: (typeof KeycloakService)[];
+    multi: boolean;
+})[]>;
+interface RolesCollection<Type> {
+    roles: Type[];
+}
+interface ResourceAccess {
+    account: RolesCollection<string>;
+    scope: string;
+    session_state: string;
+    sub: string;
+}
+interface AuthTokenParsed {
+    MT: RolesCollection<string>;
+    acr: string;
+    at_hash: string;
+    aud: string[];
+    authTime: number;
+    azp: string;
+    email: string;
+    email_verified: boolean;
+    exp: number;
+    family_name: string;
+    given_name: string;
+    iat: number;
+    iss: string;
+    jti: string;
+    membership: string[];
+    name: string;
+    nonce: string;
+    plan: string;
+    preferred_username: string;
+    session_state: string;
+    sub: string;
+    subscription?: AuthSubscription[];
+    typ: string;
+    realm_access: RolesCollection<string>;
+    resource_access: ResourceAccess;
+}
+declare class AuthService {
+    private readonly config;
+    private readonly keyCloak;
+    authEnabled: boolean;
+    username: BehaviorSubject<string>;
+    private _isAuthenticated;
+    private _parsedKeycloakToken;
+    private _token;
+    get token(): string | undefined;
+    get parsedKeyCloakToken(): AuthTokenParsed;
+    constructor(config: UserAccessConfigService, keyCloak: KeycloakService);
+    userSubscriptionPlan(): AuthSubscription | undefined;
+    isAuthenticated(): boolean;
+    getUserName(): string;
+    getUserDisplayName(): string;
+    getToken(): Promise<string>;
+    logout(): void;
+    checkLogin(): Promise<void>;
+    login(): void;
+    enableAuth(): void;
+    refreshKeycloakToken(): void;
+    userIsGroupMember(): boolean;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AuthService, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<AuthService>;
+}
+declare class AuthGuard implements CanActivate {
+    private readonly router;
+    private readonly keycloak;
+    private readonly auth;
+    constructor(router: Router, keycloak: KeycloakService, auth: AuthService);
+    canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Promise<boolean>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AuthGuard, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<AuthGuard>;
+}
+declare enum AuthGuardParamKeys {
+    REDIRECT_ROUTE = "redirectRoute"
+}
+declare enum PermissionStatus {
+    OK = "OK",
+    EXPIRED_SUBSCRIPTION = "EXPIRED_SUBSCRIPTION",
+    NO_SUBSCRIPTION = "NO_SUBSCRIPTION"
+}
+interface UserCustomConfigurationService<T> {
+    updateUserConfiguration: (currentConfiguration: T, newConfiguration: T) => T;
+}
+declare class PermissionsService<Permission, UserConfiguration> {
+    private readonly config;
+    private readonly auth;
+    private readonly userConfigurationService;
+    userConfiguration: UserConfiguration;
+    showSubscriptionMessage: boolean;
+    private _hasOnlyUnauthorizedPermissions;
+    private _status;
+    private _permissions;
+    private _expiredSubscriptions;
+    private _expiredNotConfirmedSubscriptions;
+    private _onPermissionRefresh;
+    private isDebug;
+    private get statusLocalStorageKey();
+    private get subscriptionConfig();
+    private get token();
+    get status(): PermissionStatus;
+    get permissions(): Permission[];
+    get expiredSubscriptions(): AuthSubscription[];
+    get expiredNotConfirmedSubscriptions(): AuthSubscription[];
+    get hasOnlyUnauthorizedPermissions(): boolean;
+    get onPermissionRefresh(): Observable<Permission[]>;
+    private readonly SUPPORT_ROLE_KEY;
+    constructor(config: UserAccessConfigService, auth: AuthService, userConfigurationService: UserCustomConfigurationService<UserConfiguration>);
+    /**
+     * Checks wether user has necessary permission/permissions. By default, if user has at least one of given permissions, method returns true. To check all permissions, set needsAll to true.
+     * @param permissions Permissions to be checked.
+     * @param needsAll If user should have all of given permissions
+     * @returns
+     */
+    hasPermission(permissions: Permission[], needsAll?: boolean): boolean;
+    configurePermissions(): void;
+    confirmMessage(): void;
+    userSpecificLocalstorageKey(key: string): string;
+    private refreshAllPermissionsForUser;
+    private checkSubscriptionPermissions;
+    private checkRolePermissions;
+    /**
+     * Updates current user configuration object with values that gives more permissions (bigger limits) to the user.
+     * @param userConfiguration User configuration object to be compared with current userconfig object
+     */
+    private updateUserConfiguration;
+    private shouldShowMessage;
+    private isPlanActive;
+    private isSupportedPlan;
+    /**
+     * Finds permission config in array based on given key
+     * @param permissions permission array where to find config from
+     * @param key object identification key
+     * @returns permission config
+     */
+    private findPermissionConfig;
+    private hashString;
+    private findDefaultPlanName;
+    private setPermissions;
+    private isSupport;
+    static ɵfac: i0.ɵɵFactoryDeclaration<PermissionsService<any, any>, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<PermissionsService<any, any>>;
+}
+declare enum DefaultPermissions {
+    ALL = "ALL"
+}
+interface PermissionsConfig<Permission, UserConfiguration> {
+    /** Depends on where this is used (either for plans or roles), keys are object identification string names. */
+    keys: string[];
+    permissions: Permission[];
+    userConfiguration: UserConfiguration;
+}
+interface DefaultSubscriptionConfig {
+    /**
+     * Plan name that is used if user is not authenticated or is authenticated but no default plan for that case is provided.
+     * If this is not defined - it searches for "unauthorized".
+     */
+    unauthorizedDefaultPermissionPlan?: string;
+    /**
+     * Plan name that is used only if user is authenticated. It is used when no active subscriptions are found or if "ignoreSubscriptions" is set to true.
+     * */
+    authorizedDefaultPermissionPlan?: string;
+    /**
+     * Even if user is authenticated, when this is set to true, all subscriptions are ignored and default plans are used.
+     */
+    ignoreSubscriptions?: boolean;
+    /**
+     * If any subscriptions are expired, use speicific plan.
+     */
+    expiredPermissionsPlanName?: string;
+    /**
+     * If user has no subscriptions but has MT roles.
+     */
+    supportedRolesPermissionPlanName?: string;
+    /**
+     * Permission configs for subscription plans.
+     */
+    plans: PermissionsConfig<unknown, unknown>[];
+    /**
+     * Permission configs for roles.
+     */
+    roles?: PermissionsConfig<unknown, unknown>[];
+}
+declare const USER_CUSTOM_CONFIGURATION_SERVICE_TOKEN: InjectionToken<unknown>;
+export { AuthGuard, AuthGuardParamKeys, AuthService, DefaultPermissions, KEYCLOAK_PROVIDER, PermissionStatus, PermissionsService, USER_ACCESS_CONFIG_TOKEN, USER_CUSTOM_CONFIGURATION_SERVICE_TOKEN, UserAccessConfigService };
+export type { AuthTokenParsed, DefaultSubscriptionConfig, PermissionsConfig, UserAccessConfig, UserCustomConfigurationService };

package/package.json ADDED Viewed

@@ -0,0 +1,28 @@
+{
+  "name": "@tilde-nlp/ngx-user-access",
+  "version": "8.0.1",
+  "peerDependencies": {
+    "@angular/common": "^20.2.0",
+    "@angular/core": "^20.2.0",
+    "@tilde-nlp/ngx-common": "^8.0.0",
+    "keycloak-angular": "^20.0.0",
+    "keycloak-js": "^26.2.0"
+  },
+  "dependencies": {
+    "tslib": "^2.3.0"
+  },
+  "author": "Tilde",
+  "license": "Apache-2.0",
+  "module": "fesm2022/tilde-nlp-ngx-user-access.mjs",
+  "typings": "index.d.ts",
+  "exports": {
+    "./package.json": {
+      "default": "./package.json"
+    },
+    ".": {
+      "types": "./index.d.ts",
+      "default": "./fesm2022/tilde-nlp-ngx-user-access.mjs"
+    }
+  },
+  "sideEffects": false
+}