@verisoft/security-core 18.7.0 → 19.0.0-1

package/README.md

@@ -1,56 +1,7 @@
-# security-core
-
-The `security-core` library provides authentication, authorization, and security-related utilities for the Verisoft Frontend workspace.
-
-## Features
-
-- Authentication and authorization helpers
-- Security-related Angular services and guards
-- Shared security interfaces and types
-
-## Installation
-
-This package is intended for internal use within the monorepo. To use it in another library or app, add it as a dependency in your `project.json`:
-
-```json
-"dependencies": {
-  "security-core": "*"
-}
-```
-
-## Usage
-
-Import the required modules, services, or utilities from `security-core`:
-
-```typescript
-import { AuthService } from '@verisoft/security-core';
-```
-
-## Development
-
-### Building
-
-Run the following command to build the library:
-
-```sh
-nx build security-core
-```
-
-### Running Unit Tests
-
-To execute the unit tests for this library:
-
-```sh
-nx test security-core
-```
-
-## Contributing
-
-1. Fork the repository and create your branch from `master`.
-2. Make your changes and add tests if needed.
-3. Run `nx test security-core` to ensure all tests pass.
-4. Submit a pull request.
-
-## License
-
-This project is licensed under the MIT License.
+# security-core
+
+This library was generated with [Nx](https://nx.dev).
+
+## Running unit tests
+
+Run `nx test security-core` to execute the unit tests.

package/fesm2022/verisoft-security-core.mjs

@@ -0,0 +1,380 @@
+import * as i0 from '@angular/core';
+import { Injectable, inject, InjectionToken, provideAppInitializer, NgModule, Input, Directive } from '@angular/core';
+import { map, switchMap, of, from, firstValueFrom, distinctUntilChanged } from 'rxjs';
+import * as i1 from '@ngrx/store';
+import { createAction, props, createReducer, on, createFeature, createSelector, StoreModule } from '@ngrx/store';
+import { Router } from '@angular/router';
+
+function hasRequiredPermission(user, permission) {
+    return hasItems(user?.permissions, permission);
+}
+function hasRequiredRole(user, role) {
+    return hasItems(user?.roles, role);
+}
+function hasItems(userItems, neededItems) {
+    if (!neededItems || !neededItems.length) {
+        return true;
+    }
+    if (!userItems || !userItems.length) {
+        return false;
+    }
+    const userItemsSet = new Set(userItems);
+    if (Array.isArray(neededItems)) {
+        return neededItems.some((item) => hasItems(userItems, item));
+    }
+    if (neededItems.includes(',')) {
+        const splitItems = neededItems.split(',').map((i) => i.trim());
+        return splitItems.every((i) => userItemsSet.has(i));
+    }
+    return userItemsSet.has(neededItems);
+}
+function convertJWTToUser(base64Token) {
+    if (!base64Token) {
+        return undefined;
+    }
+    try {
+        const parts = base64Token.split('.');
+        if (parts.length < 2) {
+            return undefined;
+        }
+        const payload = decodeJwtPayload(parts[1]);
+        const userName = payload['unique_name'] ?? payload['nameid'];
+        if (!userName) {
+            return undefined;
+        }
+        const user = {
+            userName,
+            userId: payload['nameid'],
+            email: payload['email'],
+            displayName: payload['name'],
+            roles: convertToArray(payload, 'role'),
+            permissions: convertToArray(payload, 'permission'),
+        };
+        return user;
+    }
+    catch (error) {
+        return undefined;
+    }
+}
+function decodeJwtPayload(jwt) {
+    const base64 = jwt.replace(/-/g, '+').replace(/_/g, '/');
+    const jsonPayload = decodeURIComponent(atob(base64)
+        .split('')
+        .map(c => '%' + c.charCodeAt(0).toString(16).padStart(2, '0'))
+        .join(''));
+    return JSON.parse(jsonPayload);
+}
+function convertToArray(item, propertyName) {
+    const rawValue = item[propertyName];
+    if (!rawValue) {
+        return undefined;
+    }
+    if (Array.isArray(rawValue)) {
+        return rawValue;
+    }
+    return [rawValue];
+}
+
+const setUser = createAction('[Auth] Set User', props());
+
+const initialState = {
+    user: undefined,
+};
+
+const authReducer = createReducer(initialState, on(setUser, (state, action) => ({
+    ...state,
+    user: action.user
+})));
+
+const SECURITY_FEATURE_NAME = 'SECURITY';
+const SecurityFeature = createFeature({
+    name: SECURITY_FEATURE_NAME,
+    reducer: authReducer
+});
+
+const selectIsAuthenticated = createSelector(SecurityFeature.selectUser, (user) => !!user);
+const selectUser = SecurityFeature.selectUser;
+
+class AuthContextService {
+    store;
+    user$;
+    isAuthenticated$;
+    constructor(store) {
+        this.store = store;
+        this.user$ = this.store.select(selectUser);
+        this.isAuthenticated$ = this.store.select(selectIsAuthenticated);
+    }
+    setUser(user) {
+        this.store.dispatch(setUser({ user }));
+    }
+    hasRequiredPermission(requiredPermissions) {
+        return this.user$.pipe(map((user) => hasRequiredPermission(user, requiredPermissions)));
+    }
+    hasRequiredRole(requiredPermissions) {
+        return this.user$.pipe(map((user) => hasRequiredRole(user, requiredPermissions)));
+    }
+    static ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: AuthContextService, deps: [{ token: i1.Store }], target: i0.ɵɵFactoryTarget.Injectable });
+    static ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: AuthContextService, providedIn: 'root' });
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: AuthContextService, decorators: [{
+            type: Injectable,
+            args: [{
+                    providedIn: 'root',
+                }]
+        }], ctorParameters: () => [{ type: i1.Store }] });
+
+class AuthGuard {
+    config = inject(SECURITY_CONFIG);
+    router = inject(Router);
+    authContext = inject(AuthContextService);
+    canActivate(route) {
+        return this.checkPermissionsAndRolesAndNavigate(route, this.config.notAuthorizedPage);
+    }
+    canActivateChild(childRoute) {
+        return this.checkPermissionsAndRolesAndNavigate(childRoute, this.config.notAuthorizedPage);
+    }
+    checkPermissionsAndRolesAndNavigate(route, notAuthorizedUrl) {
+        const requiredPermissions = route.data['permissions'];
+        const requiredRoles = route.data['roles'];
+        return this.authContext.user$.pipe(map((user) => user &&
+            (!requiredPermissions ||
+                hasRequiredPermission(user, requiredPermissions)) &&
+            (!requiredRoles || hasRequiredPermission(user, requiredRoles))), switchMap((hasPermission) => {
+            if (!hasPermission && notAuthorizedUrl) {
+                return of(this.router.parseUrl(notAuthorizedUrl));
+            }
+            return of(!!hasPermission);
+        }));
+    }
+    static ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: AuthGuard, deps: [], target: i0.ɵɵFactoryTarget.Injectable });
+    static ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: AuthGuard, providedIn: 'root' });
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: AuthGuard, decorators: [{
+            type: Injectable,
+            args: [{
+                    providedIn: 'root',
+                }]
+        }] });
+
+function provideSecurity(config = undefined) {
+    const securityConfig = {
+        tokenStorageKey: 'APP_TOKEN',
+        notAuthorizedPage: '/not-authorized',
+        ...(config ?? {}),
+    };
+    return [
+        AuthGuard,
+        SECURITY_INITIALIZER_PROVIDER,
+        { provide: SECURITY_CONTEXT_TOKEN_PROVIDER, useClass: LocalStorageTokenProvider },
+        { provide: SECURITY_CONFIG, useValue: securityConfig },
+    ];
+}
+class SecurityModule {
+    static forRoot(config) {
+        return {
+            ngModule: SecurityModule,
+            providers: [...provideSecurity(config)],
+        };
+    }
+    static ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: SecurityModule, deps: [], target: i0.ɵɵFactoryTarget.NgModule });
+    static ɵmod = i0.ɵɵngDeclareNgModule({ minVersion: "14.0.0", version: "19.2.9", ngImport: i0, type: SecurityModule, imports: [i1.StoreFeatureModule] });
+    static ɵinj = i0.ɵɵngDeclareInjector({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: SecurityModule, imports: [StoreModule.forFeature(SecurityFeature)] });
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: SecurityModule, decorators: [{
+            type: NgModule,
+            args: [{
+                    imports: [StoreModule.forFeature(SecurityFeature)],
+                }]
+        }] });
+const SECURITY_CONTEXT_TOKEN_PROVIDER = new InjectionToken('SECURITY_CONTEXT_TOKEN_PROVIDER');
+const SECURITY_CONFIG = new InjectionToken('SECURITY_CONFIG');
+const SECURITY_INITIALIZER_PROVIDER = provideAppInitializer(() => {
+    const initializerFn = (securityInitializerFactory)(inject(SECURITY_CONTEXT_TOKEN_PROVIDER), inject(AuthContextService), inject(SECURITY_CONFIG), inject(Router));
+    return initializerFn();
+});
+
+class LocalStorageTokenProvider {
+    config = inject(SECURITY_CONFIG);
+    getToken() {
+        const token = localStorage.getItem(this.config.tokenStorageKey);
+        return of(token ?? undefined);
+    }
+    setToken(token) {
+        localStorage.setItem(this.config.tokenStorageKey, token);
+    }
+    removeToken() {
+        localStorage.clear();
+    }
+    static ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: LocalStorageTokenProvider, deps: [], target: i0.ɵɵFactoryTarget.Injectable });
+    static ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: LocalStorageTokenProvider });
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: LocalStorageTokenProvider, decorators: [{
+            type: Injectable
+        }] });
+
+function securityInitializerFactory(tokenProvider, authService, config, router) {
+    const initializationFn = tokenProvider.getToken().pipe(switchMap((token) => {
+        const user = convertJWTToUser(token);
+        if (config.loginPage && !user) {
+            return from(router.navigate([config.loginPage]));
+        }
+        authService.setUser(user);
+        return of({});
+    }));
+    return () => firstValueFrom(initializationFn);
+}
+
+class SessionStorageTokenProvider {
+    config = inject(SECURITY_CONFIG);
+    getToken() {
+        const token = sessionStorage.getItem(this.config.tokenStorageKey);
+        return of(token ?? undefined);
+    }
+    static ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: SessionStorageTokenProvider, deps: [], target: i0.ɵɵFactoryTarget.Injectable });
+    static ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: SessionStorageTokenProvider });
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: SessionStorageTokenProvider, decorators: [{
+            type: Injectable
+        }] });
+
+class LoginService {
+    config = inject(SECURITY_CONFIG);
+    tokenProvider = inject(SECURITY_CONTEXT_TOKEN_PROVIDER);
+    authService = inject(AuthContextService);
+    router = inject(Router);
+    login(token) {
+        if (token) {
+            this.tokenProvider.setToken(token);
+            this.authService.setUser(convertJWTToUser(token));
+        }
+        else {
+            this.router.navigate([this.config.loginPage]);
+        }
+    }
+    static ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: LoginService, deps: [], target: i0.ɵɵFactoryTarget.Injectable });
+    static ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: LoginService });
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: LoginService, decorators: [{
+            type: Injectable
+        }] });
+
+class LogoutService {
+    tokenProvider = inject(SECURITY_CONTEXT_TOKEN_PROVIDER);
+    authService = inject(AuthContextService);
+    logout() {
+        this.tokenProvider.removeToken();
+        this.authService.setUser(undefined);
+    }
+    static ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: LogoutService, deps: [], target: i0.ɵɵFactoryTarget.Injectable });
+    static ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: LogoutService });
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: LogoutService, decorators: [{
+            type: Injectable
+        }] });
+
+class HasPermissionDirective {
+    templateRef;
+    viewContainer;
+    authContext;
+    requiredPermissions = '';
+    sub;
+    constructor(templateRef, viewContainer, authContext) {
+        this.templateRef = templateRef;
+        this.viewContainer = viewContainer;
+        this.authContext = authContext;
+    }
+    set hasPermission(value) {
+        this.requiredPermissions = value;
+        this.updateView();
+    }
+    ngOnDestroy() {
+        this.unregister();
+    }
+    unregister() {
+        this.sub?.unsubscribe();
+    }
+    updateView() {
+        this.unregister();
+        if (this.requiredPermissions || this.requiredPermissions.length) {
+            this.sub = this.authContext
+                .hasRequiredPermission(this.requiredPermissions)
+                .pipe(distinctUntilChanged())
+                .subscribe((hasPerm) => {
+                if (hasPerm) {
+                    this.viewContainer.createEmbeddedView(this.templateRef);
+                }
+                else {
+                    this.viewContainer.clear();
+                }
+            });
+        }
+    }
+    static ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: HasPermissionDirective, deps: [{ token: i0.TemplateRef }, { token: i0.ViewContainerRef }, { token: AuthContextService }], target: i0.ɵɵFactoryTarget.Directive });
+    static ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "14.0.0", version: "19.2.9", type: HasPermissionDirective, isStandalone: true, selector: "[hasPermission]", inputs: { hasPermission: "hasPermission" }, ngImport: i0 });
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: HasPermissionDirective, decorators: [{
+            type: Directive,
+            args: [{
+                    standalone: true,
+                    selector: '[hasPermission]',
+                }]
+        }], ctorParameters: () => [{ type: i0.TemplateRef }, { type: i0.ViewContainerRef }, { type: AuthContextService }], propDecorators: { hasPermission: [{
+                type: Input
+            }] } });
+
+class HasRoleDirective {
+    templateRef;
+    viewContainer;
+    authContext;
+    requiredRoles;
+    sub;
+    constructor(templateRef, viewContainer, authContext) {
+        this.templateRef = templateRef;
+        this.viewContainer = viewContainer;
+        this.authContext = authContext;
+    }
+    set hasRole(value) {
+        this.requiredRoles = value;
+        this.updateView();
+    }
+    ngOnDestroy() {
+        this.unregister();
+    }
+    unregister() {
+        this.sub?.unsubscribe();
+    }
+    updateView() {
+        this.unregister();
+        if (this.requiredRoles || this.requiredRoles?.length) {
+            this.sub = this.authContext
+                .hasRequiredRole(this.requiredRoles)
+                .pipe(distinctUntilChanged())
+                .subscribe((hasRole) => {
+                if (hasRole) {
+                    this.viewContainer.createEmbeddedView(this.templateRef);
+                }
+                else {
+                    this.viewContainer.clear();
+                }
+            });
+        }
+    }
+    static ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: HasRoleDirective, deps: [{ token: i0.TemplateRef }, { token: i0.ViewContainerRef }, { token: AuthContextService }], target: i0.ɵɵFactoryTarget.Directive });
+    static ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "14.0.0", version: "19.2.9", type: HasRoleDirective, isStandalone: true, selector: "[hasRole]", inputs: { hasRole: "hasRole" }, ngImport: i0 });
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "19.2.9", ngImport: i0, type: HasRoleDirective, decorators: [{
+            type: Directive,
+            args: [{
+                    standalone: true,
+                    selector: '[hasRole]',
+                }]
+        }], ctorParameters: () => [{ type: i0.TemplateRef }, { type: i0.ViewContainerRef }, { type: AuthContextService }], propDecorators: { hasRole: [{
+                type: Input
+            }] } });
+
+/**
+ * Generated bundle index. Do not edit.
+ */
+
+export { AuthContextService, AuthGuard, HasPermissionDirective, HasRoleDirective, LocalStorageTokenProvider, LoginService, LogoutService, SECURITY_CONFIG, SECURITY_CONTEXT_TOKEN_PROVIDER, SECURITY_INITIALIZER_PROVIDER, SecurityModule, SessionStorageTokenProvider, authReducer, convertJWTToUser, decodeJwtPayload, hasRequiredPermission, hasRequiredRole, initialState, provideSecurity, securityInitializerFactory, selectIsAuthenticated, selectUser, setUser };
+//# sourceMappingURL=verisoft-security-core.mjs.map

package/fesm2022/verisoft-security-core.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"verisoft-security-core.mjs","sources":["../../../../../../src/libs/security/core/src/lib/models/functions.ts","../../../../../../src/libs/security/core/src/lib/state/actions.ts","../../../../../../src/libs/security/core/src/lib/state/state.ts","../../../../../../src/libs/security/core/src/lib/state/reducers.ts","../../../../../../src/libs/security/core/src/lib/state/feature.ts","../../../../../../src/libs/security/core/src/lib/state/selectors.ts","../../../../../../src/libs/security/core/src/lib/services/auth-context.service.ts","../../../../../../src/libs/security/core/src/lib/guards/auth.guard.ts","../../../../../../src/libs/security/core/src/lib/provider.ts","../../../../../../src/libs/security/core/src/lib/services/local-storage-token-provider.ts","../../../../../../src/libs/security/core/src/lib/services/security-initializer.ts","../../../../../../src/libs/security/core/src/lib/services/session-token-provider.ts","../../../../../../src/libs/security/core/src/lib/services/login.service.ts","../../../../../../src/libs/security/core/src/lib/services/logout.service.ts","../../../../../../src/libs/security/core/src/lib/directives/has-permission.directive.ts","../../../../../../src/libs/security/core/src/lib/directives/has-role.directive.ts","../../../../../../src/libs/security/core/src/verisoft-security-core.ts"],"sourcesContent":["import { AuthenticatedUser } from './authenticated-user.model';\r\n\r\nexport function hasRequiredPermission(\r\n  user: AuthenticatedUser | undefined,\r\n  permission: string | string[]\r\n): boolean {\r\n  return hasItems(user?.permissions, permission);\r\n}\r\n\r\nexport function hasRequiredRole(\r\n  user: AuthenticatedUser | undefined,\r\n  role: string | string[]\r\n): boolean {\r\n  return hasItems(user?.roles, role);\r\n}\r\n\r\nfunction hasItems(\r\n  userItems: string[] | undefined,\r\n  neededItems: string | string[]\r\n): boolean {\r\n  if (!neededItems || !neededItems.length) {\r\n    return true;\r\n  }\r\n\r\n  if (!userItems || !userItems.length) {\r\n    return false;\r\n  }\r\n\r\n  const userItemsSet = new Set(userItems);\r\n  if (Array.isArray(neededItems)) {\r\n    return neededItems.some((item) => hasItems(userItems, item));\r\n  }\r\n\r\n  if (neededItems.includes(',')) {\r\n    const splitItems = neededItems.split(',').map((i) => i.trim());\r\n    return splitItems.every((i) => userItemsSet.has(i));\r\n  }\r\n\r\n  return userItemsSet.has(neededItems);\r\n}\r\n\r\nexport function convertJWTToUser(\r\n  base64Token?: string\r\n): AuthenticatedUser | undefined {\r\n  if (!base64Token) {\r\n    return undefined;\r\n  }\r\n\r\n  try {\r\n    const parts = base64Token.split('.');\r\n    if (parts.length < 2) {\r\n      return undefined;\r\n    }\r\n    const payload = decodeJwtPayload(parts[1]);\r\n\r\n    const userName = payload['unique_name'] ?? payload['nameid'];\r\n    if (!userName) {\r\n      return undefined;\r\n    }\r\n\r\n    const user: AuthenticatedUser = {\r\n      userName,\r\n      userId: payload['nameid'],\r\n      email: payload['email'],\r\n      displayName: payload['name'],\r\n      roles: convertToArray(payload, 'role'),\r\n      permissions: convertToArray(payload, 'permission'),\r\n    };\r\n\r\n    return user;\r\n  } catch (error) {\r\n    return undefined;\r\n  }\r\n}\r\n\r\nexport function decodeJwtPayload(jwt: string): any {\r\n  const base64 = jwt.replace(/-/g, '+').replace(/_/g, '/');\r\n\r\n  const jsonPayload = decodeURIComponent(\r\n    atob(base64)\r\n      .split('')\r\n      .map(c => '%' + c.charCodeAt(0).toString(16).padStart(2, '0'))\r\n      .join('')\r\n  );\r\n\r\n  return JSON.parse(jsonPayload);\r\n}\r\n\r\nfunction convertToArray(\r\n  item: { [key: string]: string | string[] },\r\n  propertyName: string\r\n): string[] | undefined {\r\n  const rawValue = item[propertyName];\r\n  if (!rawValue) {\r\n    return undefined;\r\n  }\r\n\r\n  if (Array.isArray(rawValue)) {\r\n    return rawValue;\r\n  }\r\n\r\n  return [rawValue];\r\n}\r\n","import { createAction, props } from '@ngrx/store';\r\nimport { AuthenticatedUser } from '../models';\r\n\r\nexport const setUser = createAction(\r\n  '[Auth] Set User',\r\n  props<{ user: AuthenticatedUser | undefined }>()\r\n);\r\n","import { AuthenticatedUser } from '../models';\r\n\r\nexport interface AuthState {\r\n  user: AuthenticatedUser | undefined;\r\n}\r\n\r\nexport const initialState: AuthState = {\r\n  user: undefined,\r\n};\r\n","import { createReducer, on } from '@ngrx/store';\r\nimport { setUser } from './actions';\r\nimport { initialState } from './state';\r\n\r\nexport const authReducer = createReducer(\r\n  initialState,\r\n  on(setUser, (state, action) => ({\r\n    ...state,\r\n    user: action.user\r\n  }))\r\n);","import { createFeature } from \"@ngrx/store\"\r\nimport { authReducer } from \"./reducers\"\r\n\r\nexport const SECURITY_FEATURE_NAME = 'SECURITY';\r\n\r\nexport const SecurityFeature = createFeature({\r\n    name: SECURITY_FEATURE_NAME,\r\n    reducer: authReducer\r\n});\r\n\r\n","import { createSelector } from '@ngrx/store';\r\nimport { SecurityFeature } from './feature';\r\n\r\nexport const selectIsAuthenticated = createSelector(\r\n  SecurityFeature.selectUser,\r\n  (user) => !!user\r\n);\r\n\r\nexport const selectUser = SecurityFeature.selectUser;","import { Injectable } from '@angular/core';\r\nimport { Store } from '@ngrx/store';\r\nimport { map, Observable } from 'rxjs';\r\nimport { AuthenticatedUser } from '../models';\r\nimport { hasRequiredPermission, hasRequiredRole } from '../models/functions';\r\nimport { setUser } from '../state/actions';\r\nimport { selectIsAuthenticated, selectUser } from '../state/selectors';\r\n\r\n@Injectable({\r\n  providedIn: 'root',\r\n})\r\nexport class AuthContextService {\r\n  user$: Observable<AuthenticatedUser | undefined>;\r\n  isAuthenticated$: Observable<boolean>;\r\n\r\n  constructor(private store: Store) {\r\n    this.user$ = this.store.select(selectUser);\r\n    this.isAuthenticated$ = this.store.select(selectIsAuthenticated);\r\n  }\r\n\r\n  setUser(user: AuthenticatedUser | undefined): void {\r\n    this.store.dispatch(setUser({ user }));\r\n  }\r\n\r\n  hasRequiredPermission(\r\n    requiredPermissions: string | string[]\r\n  ): Observable<boolean> {\r\n    return this.user$.pipe(\r\n      map((user) => hasRequiredPermission(user, requiredPermissions))\r\n    );\r\n  }\r\n\r\n  hasRequiredRole(requiredPermissions: string | string[]): Observable<boolean> {\r\n    return this.user$.pipe(\r\n      map((user) => hasRequiredRole(user, requiredPermissions))\r\n    );\r\n  }\r\n}\r\n","import { inject, Injectable } from '@angular/core';\r\nimport {\r\n  ActivatedRouteSnapshot,\r\n  CanActivate,\r\n  CanActivateChild,\r\n  Router,\r\n  UrlTree,\r\n} from '@angular/router';\r\nimport { map, Observable, of, switchMap } from 'rxjs';\r\nimport { SecurityConfig } from '../models';\r\nimport { hasRequiredPermission } from '../models/functions';\r\nimport { SECURITY_CONFIG } from '../provider';\r\nimport { AuthContextService } from '../services';\r\n\r\n@Injectable({\r\n  providedIn: 'root',\r\n})\r\nexport class AuthGuard implements CanActivate, CanActivateChild {\r\n  private config = inject<SecurityConfig>(SECURITY_CONFIG);\r\n  private router = inject(Router);\r\n  private authContext = inject(AuthContextService);\r\n\r\n  canActivate(route: ActivatedRouteSnapshot): Observable<boolean | UrlTree> {\r\n    return this.checkPermissionsAndRolesAndNavigate(route, this.config.notAuthorizedPage);\r\n  }\r\n\r\n  canActivateChild(\r\n    childRoute: ActivatedRouteSnapshot\r\n  ): Observable<boolean | UrlTree> {\r\n    return this.checkPermissionsAndRolesAndNavigate(childRoute, this.config.notAuthorizedPage);\r\n  }\r\n\r\n  private checkPermissionsAndRolesAndNavigate(\r\n    route: ActivatedRouteSnapshot,\r\n    notAuthorizedUrl: string | undefined\r\n  ): Observable<boolean | UrlTree> {\r\n    const requiredPermissions = route.data['permissions'] as | string | string[] | undefined;\r\n    const requiredRoles = route.data['roles'] as string | string[] | undefined;\r\n\r\n    return this.authContext.user$.pipe(\r\n      map(\r\n        (user) => user &&\r\n          (!requiredPermissions ||\r\n            hasRequiredPermission(user, requiredPermissions)) &&\r\n          (!requiredRoles || hasRequiredPermission(user, requiredRoles))\r\n      ),\r\n      switchMap((hasPermission) => {\r\n        if (!hasPermission && notAuthorizedUrl) {\r\n          return of(this.router.parseUrl(notAuthorizedUrl));\r\n        }\r\n        return of(!!hasPermission);\r\n      })\r\n    );\r\n  }\r\n}\r\n","import { EnvironmentProviders, InjectionToken, ModuleWithProviders, NgModule, Provider, inject, provideAppInitializer } from '@angular/core';\r\nimport { Router } from '@angular/router';\r\nimport { StoreModule } from '@ngrx/store';\r\nimport { AuthGuard } from './guards';\r\nimport { SecurityConfig } from './models';\r\nimport {\r\n  AuthContextService,\r\n  LocalStorageTokenProvider,\r\n  securityInitializerFactory,\r\n  TokenProvider,\r\n} from './services';\r\nimport { SecurityFeature } from './state/feature';\r\n\r\nexport function provideSecurity(\r\n  config: Partial<SecurityConfig> | undefined = undefined\r\n): (Provider | EnvironmentProviders)[] {\r\n  const securityConfig: SecurityConfig = {\r\n    tokenStorageKey: 'APP_TOKEN',\r\n    notAuthorizedPage: '/not-authorized',\r\n    ...(config ?? {}),\r\n  };\r\n  return [\r\n    AuthGuard,\r\n    SECURITY_INITIALIZER_PROVIDER,\r\n    { provide: SECURITY_CONTEXT_TOKEN_PROVIDER, useClass: LocalStorageTokenProvider },\r\n    { provide: SECURITY_CONFIG, useValue: securityConfig },\r\n  ];\r\n}\r\n\r\n@NgModule({\r\n  imports: [StoreModule.forFeature(SecurityFeature)],\r\n})\r\nexport class SecurityModule {\r\n  static forRoot(\r\n    config?: Partial<SecurityConfig>\r\n  ): ModuleWithProviders<SecurityModule> {\r\n    return {\r\n      ngModule: SecurityModule,\r\n      providers: [...provideSecurity(config)],\r\n    };\r\n  }\r\n}\r\n\r\nexport const SECURITY_CONTEXT_TOKEN_PROVIDER = new InjectionToken('SECURITY_CONTEXT_TOKEN_PROVIDER');\r\n\r\nexport const SECURITY_CONFIG = new InjectionToken('SECURITY_CONFIG');\r\n\r\n\r\nexport const SECURITY_INITIALIZER_PROVIDER: EnvironmentProviders = provideAppInitializer(() => {\r\n  const initializerFn = (securityInitializerFactory)(inject<TokenProvider>(SECURITY_CONTEXT_TOKEN_PROVIDER), inject(AuthContextService), inject<SecurityConfig>(SECURITY_CONFIG), inject(Router));\r\n  return initializerFn();\r\n});","import { inject, Injectable } from '@angular/core';\nimport { Observable, of } from 'rxjs';\nimport { SecurityConfig } from '../models';\nimport { SECURITY_CONFIG } from '../provider';\nimport { TokenProvider } from './token-provider';\n\n@Injectable()\nexport class LocalStorageTokenProvider implements TokenProvider {\n  private config = inject<SecurityConfig>(SECURITY_CONFIG);\n\n  getToken(): Observable<string | undefined> {\n    const token = localStorage.getItem(this.config.tokenStorageKey);\n    return of(token ?? undefined);\n  }\n\n  setToken(token: string): void {\n    localStorage.setItem(this.config.tokenStorageKey, token);\n  }\n\n  removeToken(): void {\n    localStorage.clear();\n  }\n}\n","import { Router } from '@angular/router';\r\nimport { firstValueFrom, from, of, switchMap } from 'rxjs';\r\nimport { convertJWTToUser, SecurityConfig } from '../models';\r\nimport { AuthContextService } from './auth-context.service';\r\nimport { TokenProvider } from './token-provider';\r\n\r\nexport function securityInitializerFactory(\r\n  tokenProvider: TokenProvider,\r\n  authService: AuthContextService,\r\n  config: SecurityConfig,\r\n  router: Router\r\n): () => Promise<unknown> {\r\n  const initializationFn = tokenProvider.getToken().pipe(\r\n    switchMap((token) => {\r\n      const user = convertJWTToUser(token);\r\n      if (config.loginPage && !user) {\r\n        return from(router.navigate([config.loginPage]));\r\n      }\r\n\r\n      authService.setUser(user);\r\n      return of({});\r\n    })\r\n  );\r\n\r\n  return () => firstValueFrom(initializationFn)\r\n}\r\n","import { inject, Injectable } from '@angular/core';\r\nimport { Observable, of } from 'rxjs';\r\nimport { SecurityConfig } from '../models';\r\nimport { SECURITY_CONFIG } from '../provider';\r\nimport { TokenProvider } from './token-provider';\r\n\r\n@Injectable()\r\nexport class SessionStorageTokenProvider implements TokenProvider {\r\n  private config = inject<SecurityConfig>(SECURITY_CONFIG);\r\n\r\n  getToken(): Observable<string | undefined> {\r\n    const token = sessionStorage.getItem(this.config.tokenStorageKey);\r\n    return of(token ?? undefined);\r\n  }\r\n}\r\n","import { inject, Injectable } from '@angular/core';\nimport { Router } from '@angular/router';\nimport { convertJWTToUser, SecurityConfig } from '../models';\nimport { SECURITY_CONFIG, SECURITY_CONTEXT_TOKEN_PROVIDER } from '../provider';\nimport { AuthContextService } from './auth-context.service';\nimport { LocalStorageTokenProvider } from './local-storage-token-provider';\n\n@Injectable()\nexport class LoginService {\n    private config = inject<SecurityConfig>(SECURITY_CONFIG);\n    private tokenProvider = inject<LocalStorageTokenProvider>(SECURITY_CONTEXT_TOKEN_PROVIDER);\n    private authService = inject(AuthContextService);\n    private router = inject(Router);\n\n    login(token?: string): void {\n        if (token) {\n            this.tokenProvider.setToken(token);\n            this.authService.setUser(convertJWTToUser(token));\n        } else {\n            this.router.navigate([this.config.loginPage]);\n        }\n    }\n}\n","import { inject, Injectable } from '@angular/core';\nimport { SECURITY_CONTEXT_TOKEN_PROVIDER } from '../provider';\nimport { AuthContextService } from './auth-context.service';\nimport { LocalStorageTokenProvider } from './local-storage-token-provider';\n\n@Injectable()\nexport class LogoutService {\n    private readonly tokenProvider = inject<LocalStorageTokenProvider>(SECURITY_CONTEXT_TOKEN_PROVIDER);\n    private readonly authService = inject(AuthContextService);\n\n    logout(): void {\n        this.tokenProvider.removeToken();\n        this.authService.setUser(undefined);\n    }\n}\n","import {\r\n  Directive,\r\n  Input,\r\n  TemplateRef,\r\n  ViewContainerRef,\r\n  OnDestroy,\r\n} from '@angular/core';\r\nimport { distinctUntilChanged, Subscription } from 'rxjs';\r\nimport { AuthContextService } from '../services';\r\n\r\n@Directive({\r\n  standalone: true,\r\n  selector: '[hasPermission]',\r\n})\r\nexport class HasPermissionDirective<T> implements OnDestroy {\r\n  private requiredPermissions: string | string[] = '';\r\n  private sub?: Subscription;\r\n\r\n  constructor(\r\n    private templateRef: TemplateRef<T>,\r\n    private viewContainer: ViewContainerRef,\r\n    private authContext: AuthContextService\r\n  ) {}\r\n\r\n  @Input()\r\n  set hasPermission(value: string | string[]) {\r\n    this.requiredPermissions = value;\r\n    this.updateView();\r\n  }\r\n\r\n  ngOnDestroy(): void {\r\n    this.unregister();\r\n  }\r\n\r\n  private unregister() {\r\n    this.sub?.unsubscribe();\r\n  }\r\n\r\n  private updateView(): void {\r\n    this.unregister();\r\n    if (this.requiredPermissions || this.requiredPermissions.length) {\r\n      this.sub = this.authContext\r\n        .hasRequiredPermission(this.requiredPermissions)\r\n        .pipe(distinctUntilChanged())\r\n        .subscribe((hasPerm) => {\r\n          if (hasPerm) {\r\n            this.viewContainer.createEmbeddedView(this.templateRef);\r\n          } else {\r\n            this.viewContainer.clear();\r\n          }\r\n        });\r\n    }\r\n  }\r\n}\r\n","import {\r\n  Directive,\r\n  Input,\r\n  TemplateRef,\r\n  ViewContainerRef,\r\n  OnDestroy,\r\n} from '@angular/core';\r\nimport { distinctUntilChanged, Subscription } from 'rxjs';\r\nimport { AuthContextService } from '../services';\r\n\r\n@Directive({\r\n  standalone: true,\r\n  selector: '[hasRole]',\r\n})\r\nexport class HasRoleDirective<T> implements OnDestroy {\r\n  private requiredRoles: string | string[] | undefined;\r\n  private sub?: Subscription;\r\n\r\n  constructor(\r\n    private templateRef: TemplateRef<T>,\r\n    private viewContainer: ViewContainerRef,\r\n    private authContext: AuthContextService\r\n  ) {}\r\n\r\n  @Input()\r\n  set hasRole(value: string | string[]) {\r\n    this.requiredRoles = value;\r\n    this.updateView();\r\n  }\r\n\r\n  ngOnDestroy(): void {\r\n    this.unregister();\r\n  }\r\n\r\n  private unregister() {\r\n    this.sub?.unsubscribe();\r\n  }\r\n\r\n  private updateView(): void {\r\n    this.unregister();\r\n    if (this.requiredRoles || this.requiredRoles?.length) {\r\n      this.sub = this.authContext\r\n        .hasRequiredRole(this.requiredRoles)\r\n        .pipe(distinctUntilChanged())\r\n        .subscribe((hasRole) => {\r\n          if (hasRole) {\r\n            this.viewContainer.createEmbeddedView(this.templateRef);\r\n          } else {\r\n            this.viewContainer.clear();\r\n          }\r\n        });\r\n    }\r\n  }\r\n}\r\n","/**\n * Generated bundle index. Do not edit.\n */\n\nexport * from './index';\n"],"names":["i1.AuthContextService"],"mappings":";;;;;;;AAEgB,SAAA,qBAAqB,CACnC,IAAmC,EACnC,UAA6B,EAAA;IAE7B,OAAO,QAAQ,CAAC,IAAI,EAAE,WAAW,EAAE,UAAU,CAAC;AAChD;AAEgB,SAAA,eAAe,CAC7B,IAAmC,EACnC,IAAuB,EAAA;IAEvB,OAAO,QAAQ,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC;AACpC;AAEA,SAAS,QAAQ,CACf,SAA+B,EAC/B,WAA8B,EAAA;IAE9B,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE;AACvC,QAAA,OAAO,IAAI;;IAGb,IAAI,CAAC,SAAS,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE;AACnC,QAAA,OAAO,KAAK;;AAGd,IAAA,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC;AACvC,IAAA,IAAI,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE;AAC9B,QAAA,OAAO,WAAW,CAAC,IAAI,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;;AAG9D,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;QAC7B,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC;AAC9D,QAAA,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;;AAGrD,IAAA,OAAO,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC;AACtC;AAEM,SAAU,gBAAgB,CAC9B,WAAoB,EAAA;IAEpB,IAAI,CAAC,WAAW,EAAE;AAChB,QAAA,OAAO,SAAS;;AAGlB,IAAA,IAAI;QACF,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC;AACpC,QAAA,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE;AACpB,YAAA,OAAO,SAAS;;QAElB,MAAM,OAAO,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAE1C,MAAM,QAAQ,GAAG,OAAO,CAAC,aAAa,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC;QAC5D,IAAI,CAAC,QAAQ,EAAE;AACb,YAAA,OAAO,SAAS;;AAGlB,QAAA,MAAM,IAAI,GAAsB;YAC9B,QAAQ;AACR,YAAA,MAAM,EAAE,OAAO,CAAC,QAAQ,CAAC;AACzB,YAAA,KAAK,EAAE,OAAO,CAAC,OAAO,CAAC;AACvB,YAAA,WAAW,EAAE,OAAO,CAAC,MAAM,CAAC;AAC5B,YAAA,KAAK,EAAE,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC;AACtC,YAAA,WAAW,EAAE,cAAc,CAAC,OAAO,EAAE,YAAY,CAAC;SACnD;AAED,QAAA,OAAO,IAAI;;IACX,OAAO,KAAK,EAAE;AACd,QAAA,OAAO,SAAS;;AAEpB;AAEM,SAAU,gBAAgB,CAAC,GAAW,EAAA;AAC1C,IAAA,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC;AAExD,IAAA,MAAM,WAAW,GAAG,kBAAkB,CACpC,IAAI,CAAC,MAAM;SACR,KAAK,CAAC,EAAE;SACR,GAAG,CAAC,CAAC,IAAI,GAAG,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC;AAC5D,SAAA,IAAI,CAAC,EAAE,CAAC,CACZ;AAED,IAAA,OAAO,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC;AAChC;AAEA,SAAS,cAAc,CACrB,IAA0C,EAC1C,YAAoB,EAAA;AAEpB,IAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC;IACnC,IAAI,CAAC,QAAQ,EAAE;AACb,QAAA,OAAO,SAAS;;AAGlB,IAAA,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;AAC3B,QAAA,OAAO,QAAQ;;IAGjB,OAAO,CAAC,QAAQ,CAAC;AACnB;;ACnGa,MAAA,OAAO,GAAG,YAAY,CACjC,iBAAiB,EACjB,KAAK,EAA2C;;ACCrC,MAAA,YAAY,GAAc;AACrC,IAAA,IAAI,EAAE,SAAS;;;ACHJ,MAAA,WAAW,GAAG,aAAa,CACtC,YAAY,EACZ,EAAE,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,MAAM;AAC9B,IAAA,GAAG,KAAK;IACR,IAAI,EAAE,MAAM,CAAC;CACd,CAAC,CAAC;;ACNE,MAAM,qBAAqB,GAAG,UAAU;AAExC,MAAM,eAAe,GAAG,aAAa,CAAC;AACzC,IAAA,IAAI,EAAE,qBAAqB;AAC3B,IAAA,OAAO,EAAE;AACZ,CAAA,CAAC;;ACLW,MAAA,qBAAqB,GAAG,cAAc,CACjD,eAAe,CAAC,UAAU,EAC1B,CAAC,IAAI,KAAK,CAAC,CAAC,IAAI;AAGL,MAAA,UAAU,GAAG,eAAe,CAAC;;MCG7B,kBAAkB,CAAA;AAIT,IAAA,KAAA;AAHpB,IAAA,KAAK;AACL,IAAA,gBAAgB;AAEhB,IAAA,WAAA,CAAoB,KAAY,EAAA;QAAZ,IAAK,CAAA,KAAA,GAAL,KAAK;QACvB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC;QAC1C,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,qBAAqB,CAAC;;AAGlE,IAAA,OAAO,CAAC,IAAmC,EAAA;AACzC,QAAA,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;;AAGxC,IAAA,qBAAqB,CACnB,mBAAsC,EAAA;QAEtC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CACpB,GAAG,CAAC,CAAC,IAAI,KAAK,qBAAqB,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC,CAChE;;AAGH,IAAA,eAAe,CAAC,mBAAsC,EAAA;QACpD,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CACpB,GAAG,CAAC,CAAC,IAAI,KAAK,eAAe,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC,CAC1D;;uGAxBQ,kBAAkB,EAAA,IAAA,EAAA,CAAA,EAAA,KAAA,EAAA,EAAA,CAAA,KAAA,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA;AAAlB,IAAA,OAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,kBAAkB,cAFjB,MAAM,EAAA,CAAA;;2FAEP,kBAAkB,EAAA,UAAA,EAAA,CAAA;kBAH9B,UAAU;AAAC,YAAA,IAAA,EAAA,CAAA;AACV,oBAAA,UAAU,EAAE,MAAM;AACnB,iBAAA;;;MCOY,SAAS,CAAA;AACZ,IAAA,MAAM,GAAG,MAAM,CAAiB,eAAe,CAAC;AAChD,IAAA,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;AACvB,IAAA,WAAW,GAAG,MAAM,CAAC,kBAAkB,CAAC;AAEhD,IAAA,WAAW,CAAC,KAA6B,EAAA;AACvC,QAAA,OAAO,IAAI,CAAC,mCAAmC,CAAC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC;;AAGvF,IAAA,gBAAgB,CACd,UAAkC,EAAA;AAElC,QAAA,OAAO,IAAI,CAAC,mCAAmC,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC;;IAGpF,mCAAmC,CACzC,KAA6B,EAC7B,gBAAoC,EAAA;QAEpC,MAAM,mBAAmB,GAAG,KAAK,CAAC,IAAI,CAAC,aAAa,CAAoC;QACxF,MAAM,aAAa,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAkC;AAE1E,QAAA,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAChC,GAAG,CACD,CAAC,IAAI,KAAK,IAAI;AACZ,aAAC,CAAC,mBAAmB;AACnB,gBAAA,qBAAqB,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC;AACnD,aAAC,CAAC,aAAa,IAAI,qBAAqB,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC,CACjE,EACD,SAAS,CAAC,CAAC,aAAa,KAAI;AAC1B,YAAA,IAAI,CAAC,aAAa,IAAI,gBAAgB,EAAE;gBACtC,OAAO,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC;;AAEnD,YAAA,OAAO,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC;SAC3B,CAAC,CACH;;uGAnCQ,SAAS,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA;AAAT,IAAA,OAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,SAAS,cAFR,MAAM,EAAA,CAAA;;2FAEP,SAAS,EAAA,UAAA,EAAA,CAAA;kBAHrB,UAAU;AAAC,YAAA,IAAA,EAAA,CAAA;AACV,oBAAA,UAAU,EAAE,MAAM;AACnB,iBAAA;;;ACHe,SAAA,eAAe,CAC7B,MAAA,GAA8C,SAAS,EAAA;AAEvD,IAAA,MAAM,cAAc,GAAmB;AACrC,QAAA,eAAe,EAAE,WAAW;AAC5B,QAAA,iBAAiB,EAAE,iBAAiB;AACpC,QAAA,IAAI,MAAM,IAAI,EAAE,CAAC;KAClB;IACD,OAAO;QACL,SAAS;QACT,6BAA6B;AAC7B,QAAA,EAAE,OAAO,EAAE,+BAA+B,EAAE,QAAQ,EAAE,yBAAyB,EAAE;AACjF,QAAA,EAAE,OAAO,EAAE,eAAe,EAAE,QAAQ,EAAE,cAAc,EAAE;KACvD;AACH;MAKa,cAAc,CAAA;IACzB,OAAO,OAAO,CACZ,MAAgC,EAAA;QAEhC,OAAO;AACL,YAAA,QAAQ,EAAE,cAAc;AACxB,YAAA,SAAS,EAAE,CAAC,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;SACxC;;uGAPQ,cAAc,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,QAAA,EAAA,CAAA;wGAAd,cAAc,EAAA,OAAA,EAAA,CAAA,EAAA,CAAA,kBAAA,CAAA,EAAA,CAAA;AAAd,IAAA,OAAA,IAAA,GAAA,EAAA,CAAA,mBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,cAAc,YAFf,WAAW,CAAC,UAAU,CAAC,eAAe,CAAC,CAAA,EAAA,CAAA;;2FAEtC,cAAc,EAAA,UAAA,EAAA,CAAA;kBAH1B,QAAQ;AAAC,YAAA,IAAA,EAAA,CAAA;oBACR,OAAO,EAAE,CAAC,WAAW,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;AACnD,iBAAA;;MAYY,+BAA+B,GAAG,IAAI,cAAc,CAAC,iCAAiC;MAEtF,eAAe,GAAG,IAAI,cAAc,CAAC,iBAAiB;AAGtD,MAAA,6BAA6B,GAAyB,qBAAqB,CAAC,MAAK;IAC5F,MAAM,aAAa,GAAG,CAAC,0BAA0B,EAAE,MAAM,CAAgB,+BAA+B,CAAC,EAAE,MAAM,CAAC,kBAAkB,CAAC,EAAE,MAAM,CAAiB,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IAC/L,OAAO,aAAa,EAAE;AACxB,CAAC;;MC5CY,yBAAyB,CAAA;AAC5B,IAAA,MAAM,GAAG,MAAM,CAAiB,eAAe,CAAC;IAExD,QAAQ,GAAA;AACN,QAAA,MAAM,KAAK,GAAG,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;AAC/D,QAAA,OAAO,EAAE,CAAC,KAAK,IAAI,SAAS,CAAC;;AAG/B,IAAA,QAAQ,CAAC,KAAa,EAAA;QACpB,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,KAAK,CAAC;;IAG1D,WAAW,GAAA;QACT,YAAY,CAAC,KAAK,EAAE;;uGAbX,yBAAyB,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA;2GAAzB,yBAAyB,EAAA,CAAA;;2FAAzB,yBAAyB,EAAA,UAAA,EAAA,CAAA;kBADrC;;;ACAK,SAAU,0BAA0B,CACxC,aAA4B,EAC5B,WAA+B,EAC/B,MAAsB,EACtB,MAAc,EAAA;AAEd,IAAA,MAAM,gBAAgB,GAAG,aAAa,CAAC,QAAQ,EAAE,CAAC,IAAI,CACpD,SAAS,CAAC,CAAC,KAAK,KAAI;AAClB,QAAA,MAAM,IAAI,GAAG,gBAAgB,CAAC,KAAK,CAAC;AACpC,QAAA,IAAI,MAAM,CAAC,SAAS,IAAI,CAAC,IAAI,EAAE;AAC7B,YAAA,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC;;AAGlD,QAAA,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC;AACzB,QAAA,OAAO,EAAE,CAAC,EAAE,CAAC;KACd,CAAC,CACH;AAED,IAAA,OAAO,MAAM,cAAc,CAAC,gBAAgB,CAAC;AAC/C;;MClBa,2BAA2B,CAAA;AAC9B,IAAA,MAAM,GAAG,MAAM,CAAiB,eAAe,CAAC;IAExD,QAAQ,GAAA;AACN,QAAA,MAAM,KAAK,GAAG,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;AACjE,QAAA,OAAO,EAAE,CAAC,KAAK,IAAI,SAAS,CAAC;;uGALpB,2BAA2B,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA;2GAA3B,2BAA2B,EAAA,CAAA;;2FAA3B,2BAA2B,EAAA,UAAA,EAAA,CAAA;kBADvC;;;MCEY,YAAY,CAAA;AACb,IAAA,MAAM,GAAG,MAAM,CAAiB,eAAe,CAAC;AAChD,IAAA,aAAa,GAAG,MAAM,CAA4B,+BAA+B,CAAC;AAClF,IAAA,WAAW,GAAG,MAAM,CAAC,kBAAkB,CAAC;AACxC,IAAA,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;AAE/B,IAAA,KAAK,CAAC,KAAc,EAAA;QAChB,IAAI,KAAK,EAAE;AACP,YAAA,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,KAAK,CAAC;YAClC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;;aAC9C;AACH,YAAA,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;;;uGAX5C,YAAY,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA;2GAAZ,YAAY,EAAA,CAAA;;2FAAZ,YAAY,EAAA,UAAA,EAAA,CAAA;kBADxB;;;MCDY,aAAa,CAAA;AACL,IAAA,aAAa,GAAG,MAAM,CAA4B,+BAA+B,CAAC;AAClF,IAAA,WAAW,GAAG,MAAM,CAAC,kBAAkB,CAAC;IAEzD,MAAM,GAAA;AACF,QAAA,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE;AAChC,QAAA,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,SAAS,CAAC;;uGAN9B,aAAa,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA;2GAAb,aAAa,EAAA,CAAA;;2FAAb,aAAa,EAAA,UAAA,EAAA,CAAA;kBADzB;;;MCSY,sBAAsB,CAAA;AAKvB,IAAA,WAAA;AACA,IAAA,aAAA;AACA,IAAA,WAAA;IANF,mBAAmB,GAAsB,EAAE;AAC3C,IAAA,GAAG;AAEX,IAAA,WAAA,CACU,WAA2B,EAC3B,aAA+B,EAC/B,WAA+B,EAAA;QAF/B,IAAW,CAAA,WAAA,GAAX,WAAW;QACX,IAAa,CAAA,aAAA,GAAb,aAAa;QACb,IAAW,CAAA,WAAA,GAAX,WAAW;;IAGrB,IACI,aAAa,CAAC,KAAwB,EAAA;AACxC,QAAA,IAAI,CAAC,mBAAmB,GAAG,KAAK;QAChC,IAAI,CAAC,UAAU,EAAE;;IAGnB,WAAW,GAAA;QACT,IAAI,CAAC,UAAU,EAAE;;IAGX,UAAU,GAAA;AAChB,QAAA,IAAI,CAAC,GAAG,EAAE,WAAW,EAAE;;IAGjB,UAAU,GAAA;QAChB,IAAI,CAAC,UAAU,EAAE;QACjB,IAAI,IAAI,CAAC,mBAAmB,IAAI,IAAI,CAAC,mBAAmB,CAAC,MAAM,EAAE;AAC/D,YAAA,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC;AACb,iBAAA,qBAAqB,CAAC,IAAI,CAAC,mBAAmB;iBAC9C,IAAI,CAAC,oBAAoB,EAAE;AAC3B,iBAAA,SAAS,CAAC,CAAC,OAAO,KAAI;gBACrB,IAAI,OAAO,EAAE;oBACX,IAAI,CAAC,aAAa,CAAC,kBAAkB,CAAC,IAAI,CAAC,WAAW,CAAC;;qBAClD;AACL,oBAAA,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE;;AAE9B,aAAC,CAAC;;;uGApCG,sBAAsB,EAAA,IAAA,EAAA,CAAA,EAAA,KAAA,EAAA,EAAA,CAAA,WAAA,EAAA,EAAA,EAAA,KAAA,EAAA,EAAA,CAAA,gBAAA,EAAA,EAAA,EAAA,KAAA,EAAAA,kBAAA,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA;2FAAtB,sBAAsB,EAAA,YAAA,EAAA,IAAA,EAAA,QAAA,EAAA,iBAAA,EAAA,MAAA,EAAA,EAAA,aAAA,EAAA,eAAA,EAAA,EAAA,QAAA,EAAA,EAAA,EAAA,CAAA;;2FAAtB,sBAAsB,EAAA,UAAA,EAAA,CAAA;kBAJlC,SAAS;AAAC,YAAA,IAAA,EAAA,CAAA;AACT,oBAAA,UAAU,EAAE,IAAI;AAChB,oBAAA,QAAQ,EAAE,iBAAiB;AAC5B,iBAAA;6IAYK,aAAa,EAAA,CAAA;sBADhB;;;MCVU,gBAAgB,CAAA;AAKjB,IAAA,WAAA;AACA,IAAA,aAAA;AACA,IAAA,WAAA;AANF,IAAA,aAAa;AACb,IAAA,GAAG;AAEX,IAAA,WAAA,CACU,WAA2B,EAC3B,aAA+B,EAC/B,WAA+B,EAAA;QAF/B,IAAW,CAAA,WAAA,GAAX,WAAW;QACX,IAAa,CAAA,aAAA,GAAb,aAAa;QACb,IAAW,CAAA,WAAA,GAAX,WAAW;;IAGrB,IACI,OAAO,CAAC,KAAwB,EAAA;AAClC,QAAA,IAAI,CAAC,aAAa,GAAG,KAAK;QAC1B,IAAI,CAAC,UAAU,EAAE;;IAGnB,WAAW,GAAA;QACT,IAAI,CAAC,UAAU,EAAE;;IAGX,UAAU,GAAA;AAChB,QAAA,IAAI,CAAC,GAAG,EAAE,WAAW,EAAE;;IAGjB,UAAU,GAAA;QAChB,IAAI,CAAC,UAAU,EAAE;QACjB,IAAI,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,aAAa,EAAE,MAAM,EAAE;AACpD,YAAA,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC;AACb,iBAAA,eAAe,CAAC,IAAI,CAAC,aAAa;iBAClC,IAAI,CAAC,oBAAoB,EAAE;AAC3B,iBAAA,SAAS,CAAC,CAAC,OAAO,KAAI;gBACrB,IAAI,OAAO,EAAE;oBACX,IAAI,CAAC,aAAa,CAAC,kBAAkB,CAAC,IAAI,CAAC,WAAW,CAAC;;qBAClD;AACL,oBAAA,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE;;AAE9B,aAAC,CAAC;;;uGApCG,gBAAgB,EAAA,IAAA,EAAA,CAAA,EAAA,KAAA,EAAA,EAAA,CAAA,WAAA,EAAA,EAAA,EAAA,KAAA,EAAA,EAAA,CAAA,gBAAA,EAAA,EAAA,EAAA,KAAA,EAAAA,kBAAA,EAAA,CAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA;2FAAhB,gBAAgB,EAAA,YAAA,EAAA,IAAA,EAAA,QAAA,EAAA,WAAA,EAAA,MAAA,EAAA,EAAA,OAAA,EAAA,SAAA,EAAA,EAAA,QAAA,EAAA,EAAA,EAAA,CAAA;;2FAAhB,gBAAgB,EAAA,UAAA,EAAA,CAAA;kBAJ5B,SAAS;AAAC,YAAA,IAAA,EAAA,CAAA;AACT,oBAAA,UAAU,EAAE,IAAI;AAChB,oBAAA,QAAQ,EAAE,WAAW;AACtB,iBAAA;6IAYK,OAAO,EAAA,CAAA;sBADV;;;ACxBH;;AAEG;;;;"}

package/index.d.ts

@@ -0,0 +1 @@
+export * from './lib';

package/lib/directives/has-permission.directive.d.ts

@@ -0,0 +1,17 @@
+import { TemplateRef, ViewContainerRef, OnDestroy } from '@angular/core';
+import { AuthContextService } from '../services';
+import * as i0 from "@angular/core";
+export declare class HasPermissionDirective<T> implements OnDestroy {
+    private templateRef;
+    private viewContainer;
+    private authContext;
+    private requiredPermissions;
+    private sub?;
+    constructor(templateRef: TemplateRef<T>, viewContainer: ViewContainerRef, authContext: AuthContextService);
+    set hasPermission(value: string | string[]);
+    ngOnDestroy(): void;
+    private unregister;
+    private updateView;
+    static ɵfac: i0.ɵɵFactoryDeclaration<HasPermissionDirective<any>, never>;
+    static ɵdir: i0.ɵɵDirectiveDeclaration<HasPermissionDirective<any>, "[hasPermission]", never, { "hasPermission": { "alias": "hasPermission"; "required": false; }; }, {}, never, never, true, never>;
+}

package/lib/directives/has-role.directive.d.ts

@@ -0,0 +1,17 @@
+import { TemplateRef, ViewContainerRef, OnDestroy } from '@angular/core';
+import { AuthContextService } from '../services';
+import * as i0 from "@angular/core";
+export declare class HasRoleDirective<T> implements OnDestroy {
+    private templateRef;
+    private viewContainer;
+    private authContext;
+    private requiredRoles;
+    private sub?;
+    constructor(templateRef: TemplateRef<T>, viewContainer: ViewContainerRef, authContext: AuthContextService);
+    set hasRole(value: string | string[]);
+    ngOnDestroy(): void;
+    private unregister;
+    private updateView;
+    static ɵfac: i0.ɵɵFactoryDeclaration<HasRoleDirective<any>, never>;
+    static ɵdir: i0.ɵɵDirectiveDeclaration<HasRoleDirective<any>, "[hasRole]", never, { "hasRole": { "alias": "hasRole"; "required": false; }; }, {}, never, never, true, never>;
+}

package/{src/lib/directives/index.ts → lib/directives/index.d.ts}

@@ -1,2 +1,2 @@
-export * from './has-permission.directive';
-export * from './has-role.directive';
+export * from './has-permission.directive';
+export * from './has-role.directive';

package/lib/guards/auth.guard.d.ts

@@ -0,0 +1,13 @@
+import { ActivatedRouteSnapshot, CanActivate, CanActivateChild, UrlTree } from '@angular/router';
+import { Observable } from 'rxjs';
+import * as i0 from "@angular/core";
+export declare class AuthGuard implements CanActivate, CanActivateChild {
+    private config;
+    private router;
+    private authContext;
+    canActivate(route: ActivatedRouteSnapshot): Observable<boolean | UrlTree>;
+    canActivateChild(childRoute: ActivatedRouteSnapshot): Observable<boolean | UrlTree>;
+    private checkPermissionsAndRolesAndNavigate;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AuthGuard, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<AuthGuard>;
+}

package/{src/lib/guards/index.ts → lib/guards/index.d.ts}

@@ -1 +1 @@
-export * from './auth.guard';
+export * from './auth.guard';

package/{src/lib/index.ts → lib/index.d.ts}

@@ -1,6 +1,6 @@
-export * from './directives';
-export * from './guards';
-export * from './models';
-export * from './services';
-export * from './state';
-export * from './provider';
+export * from './directives';
+export * from './guards';
+export * from './models';
+export * from './services';
+export * from './state';
+export * from './provider';

package/{src/lib/models/authenticated-user.model.ts → lib/models/authenticated-user.model.d.ts}

@@ -1,8 +1,8 @@
-export interface AuthenticatedUser {
-    userId?: string;
-    userName: string;
-    email: string;
-    displayName?: string;
-    roles: string[] | undefined;
-    permissions: string[] | undefined;
-}
+export interface AuthenticatedUser {
+    userId?: string;
+    userName: string;
+    email: string;
+    displayName?: string;
+    roles: string[] | undefined;
+    permissions: string[] | undefined;
+}

package/{src/lib/models/config.model.ts → lib/models/config.model.d.ts}

@@ -1,9 +1,8 @@
-
-export interface SecurityConfig {
-    tokenStorageKey: string;
-    contextTokenStorageKey?: string;
-    loginPage?: string;
-    logoutPage?: string;
-    notAuthorizedPage?: string;
-    sendTokenHeader?: boolean;
-}
+export interface SecurityConfig {
+    tokenStorageKey: string;
+    contextTokenStorageKey?: string;
+    loginPage?: string;
+    logoutPage?: string;
+    notAuthorizedPage?: string;
+    sendTokenHeader?: boolean;
+}

package/lib/models/functions.d.ts

@@ -0,0 +1,5 @@
+import { AuthenticatedUser } from './authenticated-user.model';
+export declare function hasRequiredPermission(user: AuthenticatedUser | undefined, permission: string | string[]): boolean;
+export declare function hasRequiredRole(user: AuthenticatedUser | undefined, role: string | string[]): boolean;
+export declare function convertJWTToUser(base64Token?: string): AuthenticatedUser | undefined;
+export declare function decodeJwtPayload(jwt: string): any;

package/{src/lib/models/index.ts → lib/models/index.d.ts}

@@ -1,3 +1,3 @@
-export * from './authenticated-user.model';
-export * from './functions';
-export * from './config.model';
+export * from './authenticated-user.model';
+export * from './functions';
+export * from './config.model';

package/lib/provider.d.ts

@@ -0,0 +1,14 @@
+import { EnvironmentProviders, InjectionToken, ModuleWithProviders, Provider } from '@angular/core';
+import { SecurityConfig } from './models';
+import * as i0 from "@angular/core";
+import * as i1 from "@ngrx/store";
+export declare function provideSecurity(config?: Partial<SecurityConfig> | undefined): (Provider | EnvironmentProviders)[];
+export declare class SecurityModule {
+    static forRoot(config?: Partial<SecurityConfig>): ModuleWithProviders<SecurityModule>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<SecurityModule, never>;
+    static ɵmod: i0.ɵɵNgModuleDeclaration<SecurityModule, never, [typeof i1.StoreFeatureModule], never>;
+    static ɵinj: i0.ɵɵInjectorDeclaration<SecurityModule>;
+}
+export declare const SECURITY_CONTEXT_TOKEN_PROVIDER: InjectionToken<unknown>;
+export declare const SECURITY_CONFIG: InjectionToken<unknown>;
+export declare const SECURITY_INITIALIZER_PROVIDER: EnvironmentProviders;