@firebase/app-check 0.11.3 → 0.11.4-eap-crashlytics.558ee841d

package/dist/app-check-public.d.ts

@@ -37,7 +37,7 @@ export declare interface AppCheckOptions {
     /**
      * A reCAPTCHA V3 provider, reCAPTCHA Enterprise provider, or custom provider.
      */
-    provider: CustomProvider | ReCaptchaV3Provider | ReCaptchaEnterpriseProvider;
+    provider?: CustomProvider | ReCaptchaV3Provider | ReCaptchaEnterpriseProvider;
     /**
      * If set to true, enables automatic background refresh of App Check token.
      */
@@ -144,7 +144,9 @@ export declare function getToken(appCheckInstance: AppCheck, forceRefresh?: bool
  * @param options - App Check initialization options
  * @public
  */
-export declare function initializeAppCheck(app: FirebaseApp | undefined, options: AppCheckOptions): AppCheck;
+export declare function initializeAppCheck(app?: FirebaseApp, options?: AppCheckOptions): AppCheck;
+
+/* Excluded from this release type: _initializeAppCheckInternal */
 
 /**
  * Registers a listener to changes in the token state. There can be more

package/dist/app-check.d.ts

@@ -43,7 +43,7 @@ export declare interface AppCheckOptions {
     /**
      * A reCAPTCHA V3 provider, reCAPTCHA Enterprise provider, or custom provider.
      */
-    provider: CustomProvider | ReCaptchaV3Provider | ReCaptchaEnterpriseProvider;
+    provider?: CustomProvider | ReCaptchaV3Provider | ReCaptchaEnterpriseProvider;
     /**
      * If set to true, enables automatic background refresh of App Check token.
      */
@@ -55,7 +55,7 @@ declare interface AppCheckProvider {
      * Returns an App Check token.
      * @internal
      */
-    getToken: () => Promise<AppCheckTokenInternal>;
+    getToken: (isLimitedUse?: boolean) => Promise<AppCheckTokenInternal>;
     /**
      * @internal
      */
@@ -166,7 +166,15 @@ export declare function getToken(appCheckInstance: AppCheck, forceRefresh?: bool
  * @param options - App Check initialization options
  * @public
  */
-export declare function initializeAppCheck(app: FirebaseApp | undefined, options: AppCheckOptions): AppCheck;
+export declare function initializeAppCheck(app?: FirebaseApp, options?: AppCheckOptions): AppCheck;
+
+/**
+ * Internal wrapper that sets a state variable flagging that this was
+ * initialized under the hood by a product SDK.
+ *
+ * @internal
+ */
+export declare function _initializeAppCheckInternal(initializerName: string, app?: FirebaseApp, options?: AppCheckOptions): AppCheck;
 
 /**
  * Registers a listener to changes in the token state. There can be more
@@ -229,7 +237,7 @@ export declare class ReCaptchaEnterpriseProvider implements AppCheckProvider {
      * Returns an App Check token.
      * @internal
      */
-    getToken(): Promise<AppCheckTokenInternal>;
+    getToken(isLimitedUse?: boolean): Promise<AppCheckTokenInternal>;
     /**
      * @internal
      */
@@ -264,7 +272,7 @@ export declare class ReCaptchaV3Provider implements AppCheckProvider {
      * Returns an App Check token.
      * @internal
      */
-    getToken(): Promise<AppCheckTokenInternal>;
+    getToken(isLimitedUse?: boolean): Promise<AppCheckTokenInternal>;
     /**
      * @internal
      */

package/dist/esm/index.esm.js

@@ -222,6 +222,9 @@ const ERRORS = {
         'different options. To avoid this error, call initializeAppCheck() with the ' +
         'same options as when it was originally called. This will return the ' +
         'already initialized instance.',
+    ["already-internally-initialized" /* AppCheckError.ALREADY_INTERNALLY_INITIALIZED */]: 'App Check has already been automatically initialized by {$initializerName} ' +
+        'with default options. If you want to initialize App Check with custom options, ' +
+        'call initializeAppCheck() with those options before initializing {$initializerName}.',
     ["use-before-activation" /* AppCheckError.USE_BEFORE_ACTIVATION */]: 'App Check is being used before initializeAppCheck() is called for FirebaseApp {$appName}. ' +
         'Call initializeAppCheck() before instantiating other Firebase services.',
     ["fetch-network-error" /* AppCheckError.FETCH_NETWORK_ERROR */]: 'Fetch failed to connect to a network. Check Internet connection. ' +
@@ -233,6 +236,8 @@ const ERRORS = {
     ["storage-get" /* AppCheckError.STORAGE_GET */]: 'Error thrown when reading from storage. Original error: {$originalErrorMessage}.',
     ["storage-set" /* AppCheckError.STORAGE_WRITE */]: 'Error thrown when writing to storage. Original error: {$originalErrorMessage}.',
     ["recaptcha-error" /* AppCheckError.RECAPTCHA_ERROR */]: 'ReCAPTCHA error.',
+    ["no-provider" /* AppCheckError.NO_PROVIDER */]: 'No attestation provider was passed to initializeAppCheck() and ' +
+        'no ReCAPTCHA Enterprise site key was found in the Firebase config.',
     ["initial-throttle" /* AppCheckError.INITIAL_THROTTLE */]: `{$httpStatus} error. Attempts allowed again after {$time}`,
     ["throttled" /* AppCheckError.THROTTLED */]: `Requests throttled due to previous {$httpStatus} error. Attempts allowed again after {$time}`
 };
@@ -850,12 +855,14 @@ async function getLimitedUseToken$1(appCheck) {
     const { provider } = getStateReference(app);
     if (isDebugMode()) {
         const debugToken = await getDebugToken();
-        const { token } = await exchangeToken(getExchangeDebugTokenRequest(app, debugToken), appCheck.heartbeatServiceProvider);
+        const request = getExchangeDebugTokenRequest(app, debugToken);
+        request.body['limited_use'] = true;
+        const { token } = await exchangeToken(request, appCheck.heartbeatServiceProvider);
         return { token };
     }
     else {
         // provider is definitely valid since we ensure AppCheck was activated
-        const { token } = await provider.getToken();
+        const { token } = await provider.getToken(true /* isLimitedUse */);
         return { token };
     }
 }
@@ -1051,7 +1058,7 @@ function internalFactory(appCheck) {
 }
 
 const name = "@firebase/app-check";
-const version = "0.11.3";
+const version = "0.11.4-eap-crashlytics.558ee841d";
 
 /**
  * @license
@@ -1185,7 +1192,8 @@ function loadReCAPTCHAV3Script(onload) {
 }
 function loadReCAPTCHAEnterpriseScript(onload) {
     const script = document.createElement('script');
-    script.src = RECAPTCHA_ENTERPRISE_URL;
+    // This param is required when we plan to render a widget explicitly.
+    script.src = RECAPTCHA_ENTERPRISE_URL + '?render=explicit';
     script.onload = onload;
     document.head.appendChild(script);
 }
@@ -1229,7 +1237,7 @@ class ReCaptchaV3Provider {
      * Returns an App Check token.
      * @internal
      */
-    async getToken() {
+    async getToken(isLimitedUse = false) {
         throwIfThrottled(this._throttleData);
         // Top-level `getToken()` has already checked that App Check is initialized
         // and therefore this._app and this._heartbeatServiceProvider are available.
@@ -1243,7 +1251,11 @@ class ReCaptchaV3Provider {
         }
         let result;
         try {
-            result = await exchangeToken(getExchangeRecaptchaV3TokenRequest(this._app, attestedClaimsToken), this._heartbeatServiceProvider);
+            const request = getExchangeRecaptchaV3TokenRequest(this._app, attestedClaimsToken);
+            if (isLimitedUse) {
+                request.body['limited_use'] = true;
+            }
+            result = await exchangeToken(request, this._heartbeatServiceProvider);
         }
         catch (e) {
             if (e.code?.includes("fetch-status-error" /* AppCheckError.FETCH_STATUS_ERROR */)) {
@@ -1306,7 +1318,7 @@ class ReCaptchaEnterpriseProvider {
      * Returns an App Check token.
      * @internal
      */
-    async getToken() {
+    async getToken(isLimitedUse = false) {
         throwIfThrottled(this._throttleData);
         // Top-level `getToken()` has already checked that App Check is initialized
         // and therefore this._app and this._heartbeatServiceProvider are available.
@@ -1320,7 +1332,11 @@ class ReCaptchaEnterpriseProvider {
         }
         let result;
         try {
-            result = await exchangeToken(getExchangeRecaptchaEnterpriseTokenRequest(this._app, attestedClaimsToken), this._heartbeatServiceProvider);
+            const request = getExchangeRecaptchaEnterpriseTokenRequest(this._app, attestedClaimsToken);
+            if (isLimitedUse) {
+                request.body['limited_use'] = true;
+            }
+            result = await exchangeToken(request, this._heartbeatServiceProvider);
         }
         catch (e) {
             if (e.code?.includes("fetch-status-error" /* AppCheckError.FETCH_STATUS_ERROR */)) {
@@ -1481,7 +1497,6 @@ function throwIfThrottled(throttleData) {
  */
 function initializeAppCheck(app = getApp(), options) {
     app = getModularInstance(app);
-    const provider = _getProvider(app, 'app-check');
     // Ensure initializeDebugMode() is only called once.
     if (!getDebugState().initialized) {
         initializeDebugMode();
@@ -1494,22 +1509,53 @@ function initializeAppCheck(app = getApp(), options) {
         // Not using logger because I don't think we ever want this accidentally hidden.
         console.log(`App Check debug token: ${token}. You will need to add it to your app's App Check settings in the Firebase console for it to work.`));
     }
-    if (provider.isInitialized()) {
-        const existingInstance = provider.getImmediate();
-        const initialOptions = provider.getOptions();
-        if (initialOptions.isTokenAutoRefreshEnabled ===
-            options.isTokenAutoRefreshEnabled &&
-            initialOptions.provider.isEqual(options.provider)) {
+    let defaultProvider;
+    /**
+     * If user did not pass a provider, look for site key in project
+     * config and create a default ReCaptchaEnterpriseProvider with it.
+     */
+    if (!options?.provider && app.options.recaptchaSiteKey) {
+        defaultProvider = new ReCaptchaEnterpriseProvider(app.options.recaptchaSiteKey);
+    }
+    /**
+     * If there's no passed provider and no siteKey in project config,
+     * throw.
+     */
+    if (!options?.provider && !defaultProvider) {
+        throw ERROR_FACTORY.create("no-provider" /* AppCheckError.NO_PROVIDER */);
+    }
+    const initOptions = {
+        ...options,
+        provider: options?.provider || defaultProvider
+    };
+    const componentProvider = _getProvider(app, 'app-check');
+    if (componentProvider.isInitialized()) {
+        const existingInstance = componentProvider.getImmediate();
+        const existingOptions = componentProvider.getOptions();
+        /**
+         * Check if all AppCheckOptions previously passed to initializeAppCheck
+         * (`isTokenAutoRefreshEnabled` and `provider`) match those being passed
+         * now. If so, return previous existing instance. Otherwise throw error.
+         */
+        if (existingOptions.isTokenAutoRefreshEnabled ===
+            initOptions.isTokenAutoRefreshEnabled &&
+            existingOptions.provider?.isEqual(initOptions.provider)) {
             return existingInstance;
         }
         else {
+            if (typeof getStateReference(app).internallyInitializedBy === 'string') {
+                throw ERROR_FACTORY.create("already-internally-initialized" /* AppCheckError.ALREADY_INTERNALLY_INITIALIZED */, {
+                    initializerName: getStateReference(app)
+                        .internallyInitializedBy
+                });
+            }
             throw ERROR_FACTORY.create("already-initialized" /* AppCheckError.ALREADY_INITIALIZED */, {
                 appName: app.name
             });
         }
     }
-    const appCheck = provider.initialize({ options });
-    _activate(app, options.provider, options.isTokenAutoRefreshEnabled);
+    const appCheck = componentProvider.initialize({ options: initOptions });
+    _activate(app, initOptions.provider, initOptions.isTokenAutoRefreshEnabled);
     // If isTokenAutoRefreshEnabled is false, do not send any requests to the
     // exchange endpoint without an explicit call from the user either directly
     // or through another Firebase library (storage, functions, etc.)
@@ -1523,6 +1569,29 @@ function initializeAppCheck(app = getApp(), options) {
     }
     return appCheck;
 }
+/**
+ * Internal wrapper that sets a state variable flagging that this was
+ * initialized under the hood by a product SDK.
+ *
+ * @internal
+ */
+function _initializeAppCheckInternal(
+// String to be used in error message if there is a future conflict.
+// Example: "Firebase AI Logic"
+initializerName, app = getApp(), options) {
+    const componentProvider = _getProvider(app, 'app-check');
+    const previouslyInitialized = componentProvider.isInitialized();
+    if (previouslyInitialized) {
+        // Product SDKs should accept any previously initialized
+        // App Check configuration without error.
+        return componentProvider.getImmediate();
+    }
+    else {
+        const appCheck = initializeAppCheck(app, options);
+        getStateReference(app).internallyInitializedBy = initializerName;
+        return appCheck;
+    }
+}
 /**
  * Activate App Check
  * @param app - Firebase app to activate App Check for.
@@ -1690,5 +1759,5 @@ function registerAppCheck() {
 }
 registerAppCheck();
 
-export { CustomProvider, ReCaptchaEnterpriseProvider, ReCaptchaV3Provider, getLimitedUseToken, getToken, initializeAppCheck, onTokenChanged, setTokenAutoRefreshEnabled };
+export { CustomProvider, ReCaptchaEnterpriseProvider, ReCaptchaV3Provider, _initializeAppCheckInternal, getLimitedUseToken, getToken, initializeAppCheck, onTokenChanged, setTokenAutoRefreshEnabled };
 //# sourceMappingURL=index.esm.js.map