keycloak-angular 19.0.2 → 20.1.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "keycloak-angular",
-  "version": "19.0.2",
+  "version": "20.1.0",
   "description": "Easy Keycloak integration for Angular applications.",
   "repository": {
     "type": "git",
@@ -26,9 +26,10 @@
     "oidc"
   ],
   "peerDependencies": {
-    "@angular/common": "^19",
-    "@angular/core": "^19",
-    "@angular/router": "^19",
+    "@angular/common": "^20",
+    "@angular/core": "^20",
+    "@angular/router": "^20",
+    "rxjs": "^7",
     "keycloak-js": "^18 || ^19 || ^20 || ^21 || ^22 || ^23 || ^24 || ^25 || ^26"
   },
   "dependencies": {

package/lib/directives/has-roles.directive.d.ts

@@ -1,95 +0,0 @@
-/**
- * @license
- * Copyright Mauricio Gemelli Vigolo All Rights Reserved.
- *
- * Use of this source code is governed by a MIT-style license that can be
- * found in the LICENSE file at https://github.com/mauriciovigolo/keycloak-angular/blob/main/LICENSE.md
- */
-import { TemplateRef, ViewContainerRef } from '@angular/core';
-import Keycloak from 'keycloak-js';
-import * as i0 from "@angular/core";
-/**
- * Structural directive to conditionally display elements based on Keycloak user roles.
- *
- * This directive checks if the authenticated user has at least one of the specified roles.
- * Roles can be validated against a specific **resource (client ID)** or the **realm**.
- *
- * ### Features:
- * - Supports role checking in both **resources (client-level roles)** and the **realm**.
- * - Accepts an array of roles to match.
- * - Optional configuration to check realm-level roles.
- *
- * ### Inputs:
- * - `kaHasRoles` (Required): Array of roles to validate.
- * - `resource` (Optional): The client ID or resource name to validate resource-level roles.
- * - `checkRealm` (Optional): A boolean flag to enable realm role validation (default is `false`).
- *
- * ### Requirements:
- * - A Keycloak instance must be injected via Angular's dependency injection.
- * - The user must be authenticated in Keycloak.
- *
- * @example
- * #### Example 1: Check for Global Realm Roles
- * Show the content only if the user has the `admin` or `editor` role in the realm.
- * ```html
- * <div *kaHasRoles="['admin', 'editor']; checkRealm:true">
- *   <p>This content is visible only to users with 'admin' or 'editor' realm roles.</p>
- * </div>
- * ```
- *
- * @example
- * #### Example 2: Check for Resource Roles
- * Show the content only if the user has the `read` or `write` role for a specific resource (`my-client`).
- * ```html
- * <div *kaHasRoles="['read', 'write']; resource:'my-client'">
- *   <p>This content is visible only to users with 'read' or 'write' roles for 'my-client'.</p>
- * </div>
- * ```
- *
- * @example
- * #### Example 3: Check for Both Resource and Realm Roles
- * Show the content if the user has the roles in either the realm or a resource.
- * ```html
- * <div *kaHasRoles="['admin', 'write']; resource:'my-client' checkRealm:true">
- *   <p>This content is visible to users with 'admin' in the realm or 'write' in 'my-client'.</p>
- * </div>
- * ```
- *
- * @example
- * #### Example 4: Fallback Content When Roles Do Not Match
- * Use an `<ng-template>` to display fallback content if the user lacks the required roles.
- * ```html
- * <div *kaHasRoles="['admin']; resource:'my-client'">
- *   <p>Welcome, Admin!</p>
- * </div>
- * <ng-template #noAccess>
- *   <p>Access Denied</p>
- * </ng-template>
- * ```
- */
-export declare class HasRolesDirective {
-    private templateRef;
-    private viewContainer;
-    private keycloak;
-    /**
-     * List of roles to validate against the resource or realm.
-     */
-    roles: string[];
-    /**
-     * The resource (client ID) to validate roles against.
-     */
-    resource?: string;
-    /**
-     * Flag to enable realm-level role validation.
-     */
-    checkRealm: boolean;
-    constructor(templateRef: TemplateRef<unknown>, viewContainer: ViewContainerRef, keycloak: Keycloak);
-    private render;
-    /**
-     * Checks if the user has at least one of the specified roles in the resource or realm.
-     * @returns True if the user has access, false otherwise.
-     */
-    private checkUserRoles;
-    static ɵfac: i0.ɵɵFactoryDeclaration<HasRolesDirective, never>;
-    static ɵdir: i0.ɵɵDirectiveDeclaration<HasRolesDirective, "[kaHasRoles]", never, { "roles": { "alias": "kaHasRoles"; "required": false; }; "resource": { "alias": "kaHasRolesResource"; "required": false; }; "checkRealm": { "alias": "kaHasRolesCheckRealm"; "required": false; }; }, {}, never, never, true, never>;
-}

package/lib/features/keycloak.feature.d.ts

@@ -1,43 +0,0 @@
-/**
- * @license
- * Copyright Mauricio Gemelli Vigolo All Rights Reserved.
- *
- * Use of this source code is governed by a MIT-style license that can be
- * found in the LICENSE file at https://github.com/mauriciovigolo/keycloak-angular/blob/main/LICENSE.md
- */
-/**
- * Represents a feature from keycloak-angualr that can be configured during the library initialization.
- *
- * This type defines the structure of a feature that includes a `configure` method,
- * which is responsible for setting up or initializing the feature's behavior or properties
- * related to Keycloak.
- *
- * ### Usage:
- * The `KeycloakFeature` type is typically used for defining modular, reusable Keycloak
- * features that can be dynamically configured and integrated into an application.
- *
- * @property {() => void} configure - A method that initializes or configures the feature.
- * This method is invoked to perform any setup or customization required for the feature.
- *
- * ### Example:
- * ```typescript
- * const withLoggingFeature: KeycloakFeature = {
- *   configure: () => {
- *     console.log('Configuring Keycloak logging feature');
- *   },
- * };
- *
- * const withAnalyticsFeature: KeycloakFeature = {
- *   configure: () => {
- *     console.log('Configuring Keycloak analytics feature');
- *   },
- * };
- *
- * // Configure and initialize features
- * withLoggingFeature.configure();
- * withAnalyticsFeature.configure();
- * ```
- */
-export type KeycloakFeature = {
-    configure: () => void;
-};

package/lib/features/with-refresh-token.feature.d.ts

@@ -1,66 +0,0 @@
-/**
- * @license
- * Copyright Mauricio Gemelli Vigolo All Rights Reserved.
- *
- * Use of this source code is governed by a MIT-style license that can be
- * found in the LICENSE file at https://github.com/mauriciovigolo/keycloak-angular/blob/main/LICENSE.md
- */
-import { KeycloakFeature } from './keycloak.feature';
-/**
- * Options for configuring the auto-refresh token feature.
- *
- * This type defines the configuration parameters for enabling auto-refresh
- * of Keycloak tokens and handling session inactivity scenarios.
- */
-type WithRefreshTokenOptions = {
-    /**
-     * The session timeout duration in milliseconds. This specifies the time
-     * of inactivity after which the session is considered expired.
-     *
-     * Default value: `300000` milliseconds (5 minutes).
-     */
-    sessionTimeout?: number;
-    /**
-     * Action to take when the session timeout due to inactivity occurs.
-     *
-     * - `'login'`: Execute the `keycloak.login` method.
-     * - `'logout'`: Logs the user out by calling the `keycloak.logout` method.
-     * - `'none'`: Takes no action on session timeout.
-     *
-     * Default value: `'logout'`.
-     */
-    onInactivityTimeout?: 'login' | 'logout' | 'none';
-};
-/**
- * Enables automatic token refresh and session inactivity handling for a
- * Keycloak-enabled Angular application.
- *
- * This function initializes a service that tracks user interactions, such as
- * mouse movements, touches, key presses, clicks, and scrolls. If user activity
- * is detected, it periodically calls `Keycloak.updateToken` to ensure the bearer
- * token remains valid and does not expire.
- *
- * If the session remains inactive beyond the defined `sessionTimeout`, the
- * specified action (`logout`, `login`, or `none`) will be executed. By default,
- * the service will call `keycloak.logout` upon inactivity timeout.
- *
- * Event tracking uses RxJS observables with a debounce of 300 milliseconds to
- * monitor user interactions. When the Keycloak `OnTokenExpired` event occurs,
- * the service checks the user's last activity timestamp. If the user has been
- * active within the session timeout period, it refreshes the token using `updateToken`.
- *
- *
- * @param options - Configuration options for the auto-refresh token feature.
- *   - `sessionTimeout` (optional): The duration in milliseconds after which
- *     the session is considered inactive. Defaults to `300000` (5 minutes).
- *   - `onInactivityTimeout` (optional): The action to take when session inactivity
- *     exceeds the specified timeout. Defaults to `'logout'`.
- *       - `'login'`: Execute `keycloak.login` function.
- *       - `'logout'`: Logs the user out by calling `keycloak.logout`.
- *       - `'none'`: No action is taken.
- *
- * @returns A `KeycloakFeature` instance that configures and enables the
- * auto-refresh token functionality.
- */
-export declare function withAutoRefreshToken(options?: WithRefreshTokenOptions): KeycloakFeature;
-export {};

package/lib/guards/auth.guard.d.ts

@@ -1,75 +0,0 @@
-/**
- * @license
- * Copyright Mauricio Gemelli Vigolo All Rights Reserved.
- *
- * Use of this source code is governed by a MIT-style license that can be
- * found in the LICENSE file at https://github.com/mauriciovigolo/keycloak-angular/blob/main/LICENSE.md
- */
-import Keycloak from 'keycloak-js';
-import { ActivatedRouteSnapshot, CanActivateChildFn, CanActivateFn, RouterStateSnapshot, UrlTree } from '@angular/router';
-/**
- * Type representing the roles granted to a user, including both realm and resource-level roles.
- */
-type Roles = {
-    /**
-     * Roles assigned at the realm level.
-     */
-    realmRoles: string[];
-    /**
-     * Roles assigned at the resource level, organized by resource name.
-     */
-    resourceRoles: {
-        [resource: string]: string[];
-    };
-};
-/**
- * Data structure passed to the custom authorization guard to determine access.
- */
-export type AuthGuardData = {
-    /**
-     * Indicates whether the user is currently authenticated.
-     */
-    authenticated: boolean;
-    /**
-     * A collection of roles granted to the user, including both realm and resource roles.
-     */
-    grantedRoles: Roles;
-    /**
-     * The Keycloak instance managing the user's session and access.
-     */
-    keycloak: Keycloak;
-};
-/**
- * Creates a custom authorization guard for Angular routes, enabling fine-grained access control.
- *
- * This guard invokes the provided `isAccessAllowed` function to determine if access is permitted
- * based on the current route, router state, and user's authentication and roles data.
- *
- * @template T - The type of the guard function (`CanActivateFn` or `CanActivateChildFn`).
- * @param isAccessAllowed - A callback function that evaluates access conditions. The function receives:
- *   - `route`: The current `ActivatedRouteSnapshot` for the route being accessed.
- *   - `state`: The current `RouterStateSnapshot` representing the router's state.
- *   - `authData`: An `AuthGuardData` object containing the user's authentication status, roles, and Keycloak instance.
- * @returns A guard function of type `T` that can be used as a route `canActivate` or `canActivateChild` guard.
- *
- * @example
- * ```ts
- * import { createAuthGuard } from './auth-guard';
- * import { Routes } from '@angular/router';
- *
- * const isUserAllowed = async (route, state, authData) => {
- *   const { authenticated, grantedRoles } = authData;
- *   return authenticated && grantedRoles.realmRoles.includes('admin');
- * };
- *
- * const routes: Routes = [
- *   {
- *     path: 'admin',
- *     canActivate: [createAuthGuard(isUserAllowed)],
- *     component: AdminComponent,
- *   },
- * ];
- * ```
- */
-export declare const createAuthGuard: <T extends CanActivateFn | CanActivateChildFn>(isAccessAllowed: (route: ActivatedRouteSnapshot, state: RouterStateSnapshot, authData: AuthGuardData) => Promise<boolean | UrlTree>) => T;
-export {};

package/lib/interceptors/custom-bearer-token.interceptor.d.ts

@@ -1,97 +0,0 @@
-/**
- * @license
- * Copyright Mauricio Gemelli Vigolo All Rights Reserved.
- *
- * Use of this source code is governed by a MIT-style license that can be
- * found in the LICENSE file at https://github.com/mauriciovigolo/keycloak-angular/blob/main/LICENSE.md
- */
-import Keycloak from 'keycloak-js';
-import { Observable } from 'rxjs';
-import { InjectionToken } from '@angular/core';
-import { HttpEvent, HttpHandlerFn, HttpRequest } from '@angular/common/http';
-import { BearerTokenCondition } from './keycloak.interceptor';
-/**
- * Defines a custom condition for determining whether a Bearer token should be included
- * in the `Authorization` header of an outgoing HTTP request.
- *
- * This type extends the `BearerTokenCondition` type and adds a dynamic function
- * (`shouldAddToken`) that evaluates whether the token should be added based on the
- * request, handler, and Keycloak state.
- */
-export type CustomBearerTokenCondition = Partial<BearerTokenCondition> & {
-    /**
-     * A function that dynamically determines whether the Bearer token should be included
-     * in the `Authorization` header for a given request.
-     *
-     * This function is asynchronous and receives the following arguments:
-     * - `req`: The `HttpRequest` object representing the current outgoing HTTP request.
-     * - `next`: The `HttpHandlerFn` for forwarding the request to the next handler in the chain.
-     * - `keycloak`: The `Keycloak` instance representing the authentication context.
-     */
-    shouldAddToken: (req: HttpRequest<unknown>, next: HttpHandlerFn, keycloak: Keycloak) => Promise<boolean>;
-};
-/**
- * Injection token for configuring the `customBearerTokenInterceptor`.
- *
- * This injection token holds an array of `CustomBearerTokenCondition` objects, which define
- * the conditions under which a Bearer token should be included in the `Authorization` header
- * of outgoing HTTP requests. Each condition provides a `shouldAddToken` function that dynamically
- * determines whether the token should be added based on the request, handler, and Keycloak state.
- */
-export declare const CUSTOM_BEARER_TOKEN_INTERCEPTOR_CONFIG: InjectionToken<CustomBearerTokenCondition[]>;
-/**
- * Custom HTTP Interceptor for dynamically adding a Bearer token to requests based on conditions.
- *
- * This interceptor uses a flexible approach where the decision to include a Bearer token in the
- * `Authorization` HTTP header is determined by a user-provided function (`shouldAddToken`).
- * This enables a dynamic and granular control over when tokens are added to HTTP requests.
- *
- * ### Key Features:
- * 1. **Dynamic Token Inclusion**: Uses a condition function (`shouldAddToken`) to decide dynamically
- *    whether to add the token based on the request, Keycloak state, and other factors.
- * 2. **Token Management**: Optionally refreshes the Keycloak token before adding it to the request.
- * 3. **Controlled Authorization**: Adds the Bearer token only when the condition function allows
- *    and the user is authenticated in Keycloak.
- *
- * ### Configuration:
- * The interceptor relies on `CUSTOM_BEARER_TOKEN_INTERCEPTOR_CONFIG`, an injection token that contains
- * an array of `CustomBearerTokenCondition` objects. Each condition specifies a `shouldAddToken` function
- * that determines whether to add the Bearer token for a given request.
- *
- * ### Workflow:
- * 1. Reads the conditions from the `CUSTOM_BEARER_TOKEN_INTERCEPTOR_CONFIG` injection token.
- * 2. Iterates through the conditions and evaluates the `shouldAddToken` function for the request.
- * 3. If a condition matches:
- *    - Optionally refreshes the Keycloak token if needed.
- *    - Adds the Bearer token to the request's `Authorization` header if the user is authenticated.
- * 4. If no conditions match, the request proceeds unchanged.
- *
- * ### Parameters:
- * @param req - The `HttpRequest` object representing the outgoing HTTP request.
- * @param next - The `HttpHandlerFn` for passing the request to the next handler in the chain.
- *
- * @returns An `Observable<HttpEvent<unknown>>` representing the HTTP response.
- *
- * ### Usage Example:
- * ```typescript
- * // Define a custom condition to include the token
- * const customCondition: CustomBearerTokenCondition = {
- *   shouldAddToken: async (req, next, keycloak) => {
- *     // Add token only for requests to the /api endpoint
- *     return req.url.startsWith('/api') && keycloak.authenticated;
- *   },
- * };
- *
- * // Configure the interceptor with the custom condition
- * export const appConfig: ApplicationConfig = {
- *   providers: [
- *     provideHttpClient(withInterceptors([customBearerTokenInterceptor])),
- *     {
- *       provide: CUSTOM_BEARER_TOKEN_INTERCEPTOR_CONFIG,
- *       useValue: [customCondition],
- *     },
- *   ],
- * };
- * ```
- */
-export declare const customBearerTokenInterceptor: (req: HttpRequest<unknown>, next: HttpHandlerFn) => Observable<HttpEvent<unknown>>;

package/lib/interceptors/include-bearer-token.interceptor.d.ts

@@ -1,111 +0,0 @@
-/**
- * @license
- * Copyright Mauricio Gemelli Vigolo All Rights Reserved.
- *
- * Use of this source code is governed by a MIT-style license that can be
- * found in the LICENSE file at https://github.com/mauriciovigolo/keycloak-angular/blob/main/LICENSE.md
- */
-import { Observable } from 'rxjs';
-import { InjectionToken } from '@angular/core';
-import { HttpEvent, HttpHandlerFn, HttpRequest } from '@angular/common/http';
-import { HttpMethod, BearerTokenCondition } from './keycloak.interceptor';
-/**
- * Defines the conditions for including the Bearer token in the Authorization HTTP header.
- */
-export type IncludeBearerTokenCondition = Partial<BearerTokenCondition> & {
-    /**
-     * A URL pattern (as a `RegExp`) used to determine whether the Bearer token should be added
-     * to the Authorization HTTP header for a given request. The Bearer token is only added if
-     * this pattern matches the request's URL.
-     *
-     * This EXPLICIT configuration is for security purposes, ensuring that internal tokens are not
-     * shared with unintended services.
-     */
-    urlPattern: RegExp;
-    /**
-     * An optional array of HTTP methods (`HttpMethod[]`) to further refine the conditions under
-     * which the Bearer token is added. If not provided, the default behavior is to add the token
-     * for all HTTP methods matching the `urlPattern`.
-     */
-    httpMethods?: HttpMethod[];
-};
-/**
- * Injection token for configuring the `includeBearerTokenInterceptor`, allowing the specification
- * of conditions under which the Bearer token should be included in HTTP request headers.
- *
- * This configuration supports multiple conditions, enabling customization for different URLs.
- * It also provides options to tailor the Bearer prefix and the Authorization header name as needed.
- */
-export declare const INCLUDE_BEARER_TOKEN_INTERCEPTOR_CONFIG: InjectionToken<IncludeBearerTokenCondition[]>;
-/**
- * HTTP Interceptor to include a Bearer token in the Authorization header for specific HTTP requests.
- *
- * This interceptor ensures that a Bearer token is added to outgoing HTTP requests based on explicitly
- * defined conditions. By default, the interceptor does not include the Bearer token unless the request
- * matches the provided configuration (`IncludeBearerTokenCondition`). This approach enhances security
- * by preventing sensitive tokens from being unintentionally sent to unauthorized services.
- *
- * ### Features:
- * 1. **Explicit URL Matching**: The interceptor uses regular expressions to match URLs where the Bearer token should be included.
- * 2. **HTTP Method Filtering**: Optional filtering by HTTP methods (e.g., `GET`, `POST`, `PUT`) to refine the conditions for adding the token.
- * 3. **Token Management**: Ensures the Keycloak token is valid by optionally refreshing it before attaching it to the request.
- * 4. **Controlled Authorization**: Sends the token only for requests where the user is authenticated, and the conditions match.
- *
- * ### Workflow:
- * - Reads conditions from `INCLUDE_BEARER_TOKEN_INTERCEPTOR_CONFIG`, which specifies when the Bearer token should be included.
- * - If a request matches the conditions:
- *   1. The Keycloak token is refreshed if needed.
- *   2. The Bearer token is added to the Authorization header.
- *   3. The modified request is passed to the next handler.
- * - If no conditions match, the request proceeds unchanged.
- *
- * ### Security:
- * By explicitly defining URL patterns and optional HTTP methods, this interceptor prevents the leakage of tokens
- * to unintended endpoints, such as third-party APIs or external services. This is especially critical for applications
- * that interact with both internal and external services.
- *
- * @param req - The `HttpRequest` object representing the outgoing HTTP request.
- * @param next - The `HttpHandlerFn` for passing the request to the next handler in the chain.
- * @returns An `Observable<HttpEvent<unknown>>` representing the asynchronous HTTP response.
- *
- * ### Configuration:
- * The interceptor relies on `INCLUDE_BEARER_TOKEN_INTERCEPTOR_CONFIG`, an injection token that holds
- * an array of `IncludeBearerTokenCondition` objects. Each object defines the conditions for including
- * the Bearer token in the request.
- *
- * #### Example Configuration:
- * ```typescript
- * provideHttpClient(
- *   withInterceptors([includeBearerTokenInterceptor]),
- *   {
- *     provide: INCLUDE_BEARER_TOKEN_INTERCEPTOR_CONFIG,
- *     useValue: [
- *       {
- *         urlPattern: /^https:\/\/api\.internal\.myapp\.com\/.*\/,
- *         httpMethods: ['GET', 'POST'], // Add the token only for GET and POST methods
- *       },
- *     ],
- *   }
- * );
- * ```
- *
- * ### Example Usage:
- * ```typescript
- * export const appConfig: ApplicationConfig = {
- *   providers: [
- *     provideHttpClient(withInterceptors([includeBearerTokenInterceptor])),
- *     provideZoneChangeDetection({ eventCoalescing: true }),
- *     provideRouter(routes),
- *   ],
- * };
- * ```
- *
- * ### Example Matching Condition:
- * ```typescript
- * {
- *   urlPattern: /^(https:\/\/internal\.mycompany\.com)(\/.*)?$/i,
- *   httpMethods: ['GET', 'PUT'], // Optional: Match only specific HTTP methods
- * }
- * ```
- */
-export declare const includeBearerTokenInterceptor: (req: HttpRequest<unknown>, next: HttpHandlerFn) => Observable<HttpEvent<unknown>>;

package/lib/interceptors/keycloak.interceptor.d.ts

@@ -1,71 +0,0 @@
-/**
- * @license
- * Copyright Mauricio Gemelli Vigolo All Rights Reserved.
- *
- * Use of this source code is governed by a MIT-style license that can be
- * found in the LICENSE file at https://github.com/mauriciovigolo/keycloak-angular/blob/main/LICENSE.md
- */
-import { Observable } from 'rxjs';
-import Keycloak from 'keycloak-js';
-import { HttpEvent, HttpHandlerFn, HttpRequest } from '@angular/common/http';
-/**
- * Represents the HTTP methods supported by the interceptor for authorization purposes.
- */
-export type HttpMethod = 'GET' | 'POST' | 'PUT' | 'DELETE' | 'OPTIONS' | 'HEAD' | 'PATCH';
-/**
- * Common attributes for the Auth Bearer interceptor that can be reused in other interceptor implementations.
- */
-export type BearerTokenCondition = {
-    /**
-     * Prefix to be used in the Authorization header. Default is "Bearer".
-     * This will result in a header formatted as: `Authorization: Bearer <token>`.
-     *
-     * Adjust this value if your backend expects a different prefix in the Authorization header.
-     */
-    bearerPrefix?: string;
-    /**
-     * Name of the HTTP header used for authorization. Default is "Authorization".
-     * Customize this value if your backend expects a different header, e.g., "JWT-Authorization".
-     */
-    authorizationHeaderName?: string;
-    /**
-     * Function to determine whether the token should be updated before a request. Default is a function returning true.
-     * If the function returns `true`, the token's validity will be checked and updated if needed.
-     * If it returns `false`, the token update process will be skipped for that request.
-     *
-     * @param request - The current `HttpRequest` object being intercepted.
-     * @returns A boolean indicating whether to update the token.
-     */
-    shouldUpdateToken?: (request: HttpRequest<unknown>) => boolean;
-};
-/**
- * Generic factory function to create an interceptor condition with default values.
- *
- * This utility allows you to define custom interceptor conditions while ensuring that
- * default values are applied to any missing fields. By using generics, you can enforce
- * strong typing when creating the fields for the interceptor condition, enhancing type safety.
- *
- * @template T - A type that extends `AuthBearerCondition`.
- * @param value - An object of type `T` (extending `AuthBearerCondition`) to be enhanced with default values.
- * @returns A new object of type `T` with default values assigned to any undefined properties.
- */
-export declare const createInterceptorCondition: <T extends BearerTokenCondition>(value: T) => T;
-/**
- * Conditionally updates the Keycloak token based on the provided request and conditions.
- *
- * @param req - The `HttpRequest` object being processed.
- * @param keycloak - The Keycloak instance managing authentication.
- * @param condition - An `AuthBearerCondition` object with the `shouldUpdateToken` function.
- * @returns A `Promise<boolean>` indicating whether the token was successfully updated.
- */
-export declare const conditionallyUpdateToken: (req: HttpRequest<unknown>, keycloak: Keycloak, { shouldUpdateToken }: BearerTokenCondition) => Promise<boolean>;
-/**
- * Adds the Authorization header to an HTTP request and forwards it to the next handler.
- *
- * @param req - The original `HttpRequest` object.
- * @param next - The `HttpHandlerFn` function for forwarding the HTTP request.
- * @param keycloak - The Keycloak instance providing the authentication token.
- * @param condition - An `AuthBearerCondition` object specifying header configuration.
- * @returns An `Observable<HttpEvent<unknown>>` representing the HTTP response.
- */
-export declare const addAuthorizationHeader: (req: HttpRequest<unknown>, next: HttpHandlerFn, keycloak: Keycloak, condition: BearerTokenCondition) => Observable<HttpEvent<unknown>>;

package/lib/legacy/core/core.module.d.ts

@@ -1,12 +0,0 @@
-import * as i0 from "@angular/core";
-import * as i1 from "@angular/common";
-/**
- * @deprecated NgModules are deprecated in Keycloak Angular and will be removed in future versions.
- * Use the new `provideKeycloak` function to load Keycloak in an Angular application.
- * More info: https://github.com/mauriciovigolo/keycloak-angular/docs/migration-guides/v19.md
- */
-export declare class CoreModule {
-    static ɵfac: i0.ɵɵFactoryDeclaration<CoreModule, never>;
-    static ɵmod: i0.ɵɵNgModuleDeclaration<CoreModule, never, [typeof i1.CommonModule], never>;
-    static ɵinj: i0.ɵɵInjectorDeclaration<CoreModule>;
-}

package/lib/legacy/core/interceptors/keycloak-bearer.interceptor.d.ts

@@ -1,53 +0,0 @@
-import { HttpInterceptor, HttpRequest, HttpHandler, HttpEvent } from '@angular/common/http';
-import { Observable } from 'rxjs';
-import { KeycloakService } from '../services/keycloak.service';
-import * as i0 from "@angular/core";
-/**
- * This interceptor includes the bearer by default in all HttpClient requests.
- *
- * If you need to exclude some URLs from adding the bearer, please, take a look
- * at the {@link KeycloakOptions} bearerExcludedUrls property.
- *
- * @deprecated KeycloakBearerInterceptor is deprecated and will be removed in future versions.
- * Use the new functional interceptor such as `includeBearerTokenInterceptor`.
- * More info: https://github.com/mauriciovigolo/keycloak-angular/docs/migration-guides/v19.md
- */
-export declare class KeycloakBearerInterceptor implements HttpInterceptor {
-    private keycloak;
-    constructor(keycloak: KeycloakService);
-    /**
-     * Calls to update the keycloak token if the request should update the token.
-     *
-     * @param req http request from @angular http module.
-     * @returns
-     * A promise boolean for the token update or noop result.
-     */
-    private conditionallyUpdateToken;
-    /**
-     * @deprecated
-     * Checks if the url is excluded from having the Bearer Authorization
-     * header added.
-     *
-     * @param req http request from @angular http module.
-     * @param excludedUrlRegex contains the url pattern and the http methods,
-     * excluded from adding the bearer at the Http Request.
-     */
-    private isUrlExcluded;
-    /**
-     * Intercept implementation that checks if the request url matches the excludedUrls.
-     * If not, adds the Authorization header to the request if the user is logged in.
-     *
-     * @param req
-     * @param next
-     */
-    intercept(req: HttpRequest<unknown>, next: HttpHandler): Observable<HttpEvent<unknown>>;
-    /**
-     * Adds the token of the current user to the Authorization header
-     *
-     * @param req
-     * @param next
-     */
-    private handleRequestWithTokenHeader;
-    static ɵfac: i0.ɵɵFactoryDeclaration<KeycloakBearerInterceptor, never>;
-    static ɵprov: i0.ɵɵInjectableDeclaration<KeycloakBearerInterceptor>;
-}