@firebase/app-check 0.11.3 → 0.11.4-eap-crashlytics.558ee841d

package/dist/esm/src/errors.d.ts

@@ -17,6 +17,7 @@
 import { ErrorFactory } from '@firebase/util';
 export declare const enum AppCheckError {
     ALREADY_INITIALIZED = "already-initialized",
+    ALREADY_INTERNALLY_INITIALIZED = "already-internally-initialized",
     USE_BEFORE_ACTIVATION = "use-before-activation",
     FETCH_NETWORK_ERROR = "fetch-network-error",
     FETCH_PARSE_ERROR = "fetch-parse-error",
@@ -25,6 +26,7 @@ export declare const enum AppCheckError {
     STORAGE_GET = "storage-get",
     STORAGE_WRITE = "storage-set",
     RECAPTCHA_ERROR = "recaptcha-error",
+    NO_PROVIDER = "no-provider",
     INITIAL_THROTTLE = "initial-throttle",
     THROTTLED = "throttled"
 }
@@ -32,6 +34,9 @@ interface ErrorParams {
     [AppCheckError.ALREADY_INITIALIZED]: {
         appName: string;
     };
+    [AppCheckError.ALREADY_INTERNALLY_INITIALIZED]: {
+        initializerName: string;
+    };
     [AppCheckError.USE_BEFORE_ACTIVATION]: {
         appName: string;
     };

package/dist/esm/src/providers.d.ts

@@ -41,7 +41,7 @@ export declare class ReCaptchaV3Provider implements AppCheckProvider {
      * Returns an App Check token.
      * @internal
      */
-    getToken(): Promise<AppCheckTokenInternal>;
+    getToken(isLimitedUse?: boolean): Promise<AppCheckTokenInternal>;
     /**
      * @internal
      */
@@ -75,7 +75,7 @@ export declare class ReCaptchaEnterpriseProvider implements AppCheckProvider {
      * Returns an App Check token.
      * @internal
      */
-    getToken(): Promise<AppCheckTokenInternal>;
+    getToken(isLimitedUse?: boolean): Promise<AppCheckTokenInternal>;
     /**
      * @internal
      */

package/dist/esm/src/public-types.d.ts

@@ -51,7 +51,7 @@ export interface AppCheckOptions {
     /**
      * A reCAPTCHA V3 provider, reCAPTCHA Enterprise provider, or custom provider.
      */
-    provider: CustomProvider | ReCaptchaV3Provider | ReCaptchaEnterpriseProvider;
+    provider?: CustomProvider | ReCaptchaV3Provider | ReCaptchaEnterpriseProvider;
     /**
      * If set to true, enables automatic background refresh of App Check token.
      */

package/dist/esm/src/state.d.ts

@@ -29,6 +29,7 @@ export interface AppCheckState {
     tokenRefresher?: Refresher;
     reCAPTCHAState?: ReCAPTCHAState;
     isTokenAutoRefreshEnabled?: boolean;
+    internallyInitializedBy?: string;
 }
 export interface ReCAPTCHAState {
     initialized: Deferred<GreCAPTCHA>;

package/dist/esm/src/types.d.ts

@@ -44,7 +44,7 @@ export interface AppCheckProvider {
      * Returns an App Check token.
      * @internal
      */
-    getToken: () => Promise<AppCheckTokenInternal>;
+    getToken: (isLimitedUse?: boolean) => Promise<AppCheckTokenInternal>;
     /**
      * @internal
      */

package/dist/index.cjs.js

@@ -226,6 +226,9 @@ const ERRORS = {
         'different options. To avoid this error, call initializeAppCheck() with the ' +
         'same options as when it was originally called. This will return the ' +
         'already initialized instance.',
+    ["already-internally-initialized" /* AppCheckError.ALREADY_INTERNALLY_INITIALIZED */]: 'App Check has already been automatically initialized by {$initializerName} ' +
+        'with default options. If you want to initialize App Check with custom options, ' +
+        'call initializeAppCheck() with those options before initializing {$initializerName}.',
     ["use-before-activation" /* AppCheckError.USE_BEFORE_ACTIVATION */]: 'App Check is being used before initializeAppCheck() is called for FirebaseApp {$appName}. ' +
         'Call initializeAppCheck() before instantiating other Firebase services.',
     ["fetch-network-error" /* AppCheckError.FETCH_NETWORK_ERROR */]: 'Fetch failed to connect to a network. Check Internet connection. ' +
@@ -237,6 +240,8 @@ const ERRORS = {
     ["storage-get" /* AppCheckError.STORAGE_GET */]: 'Error thrown when reading from storage. Original error: {$originalErrorMessage}.',
     ["storage-set" /* AppCheckError.STORAGE_WRITE */]: 'Error thrown when writing to storage. Original error: {$originalErrorMessage}.',
     ["recaptcha-error" /* AppCheckError.RECAPTCHA_ERROR */]: 'ReCAPTCHA error.',
+    ["no-provider" /* AppCheckError.NO_PROVIDER */]: 'No attestation provider was passed to initializeAppCheck() and ' +
+        'no ReCAPTCHA Enterprise site key was found in the Firebase config.',
     ["initial-throttle" /* AppCheckError.INITIAL_THROTTLE */]: `{$httpStatus} error. Attempts allowed again after {$time}`,
     ["throttled" /* AppCheckError.THROTTLED */]: `Requests throttled due to previous {$httpStatus} error. Attempts allowed again after {$time}`
 };
@@ -854,12 +859,14 @@ async function getLimitedUseToken$1(appCheck) {
     const { provider } = getStateReference(app);
     if (isDebugMode()) {
         const debugToken = await getDebugToken();
-        const { token } = await exchangeToken(getExchangeDebugTokenRequest(app, debugToken), appCheck.heartbeatServiceProvider);
+        const request = getExchangeDebugTokenRequest(app, debugToken);
+        request.body['limited_use'] = true;
+        const { token } = await exchangeToken(request, appCheck.heartbeatServiceProvider);
         return { token };
     }
     else {
         // provider is definitely valid since we ensure AppCheck was activated
-        const { token } = await provider.getToken();
+        const { token } = await provider.getToken(true /* isLimitedUse */);
         return { token };
     }
 }
@@ -1055,7 +1062,7 @@ function internalFactory(appCheck) {
 }
 
 const name = "@firebase/app-check";
-const version = "0.11.3";
+const version = "0.11.4-eap-crashlytics.558ee841d";
 
 /**
  * @license
@@ -1189,7 +1196,8 @@ function loadReCAPTCHAV3Script(onload) {
 }
 function loadReCAPTCHAEnterpriseScript(onload) {
     const script = document.createElement('script');
-    script.src = RECAPTCHA_ENTERPRISE_URL;
+    // This param is required when we plan to render a widget explicitly.
+    script.src = RECAPTCHA_ENTERPRISE_URL + '?render=explicit';
     script.onload = onload;
     document.head.appendChild(script);
 }
@@ -1233,7 +1241,7 @@ class ReCaptchaV3Provider {
      * Returns an App Check token.
      * @internal
      */
-    async getToken() {
+    async getToken(isLimitedUse = false) {
         throwIfThrottled(this._throttleData);
         // Top-level `getToken()` has already checked that App Check is initialized
         // and therefore this._app and this._heartbeatServiceProvider are available.
@@ -1247,7 +1255,11 @@ class ReCaptchaV3Provider {
         }
         let result;
         try {
-            result = await exchangeToken(getExchangeRecaptchaV3TokenRequest(this._app, attestedClaimsToken), this._heartbeatServiceProvider);
+            const request = getExchangeRecaptchaV3TokenRequest(this._app, attestedClaimsToken);
+            if (isLimitedUse) {
+                request.body['limited_use'] = true;
+            }
+            result = await exchangeToken(request, this._heartbeatServiceProvider);
         }
         catch (e) {
             if (e.code?.includes("fetch-status-error" /* AppCheckError.FETCH_STATUS_ERROR */)) {
@@ -1310,7 +1322,7 @@ class ReCaptchaEnterpriseProvider {
      * Returns an App Check token.
      * @internal
      */
-    async getToken() {
+    async getToken(isLimitedUse = false) {
         throwIfThrottled(this._throttleData);
         // Top-level `getToken()` has already checked that App Check is initialized
         // and therefore this._app and this._heartbeatServiceProvider are available.
@@ -1324,7 +1336,11 @@ class ReCaptchaEnterpriseProvider {
         }
         let result;
         try {
-            result = await exchangeToken(getExchangeRecaptchaEnterpriseTokenRequest(this._app, attestedClaimsToken), this._heartbeatServiceProvider);
+            const request = getExchangeRecaptchaEnterpriseTokenRequest(this._app, attestedClaimsToken);
+            if (isLimitedUse) {
+                request.body['limited_use'] = true;
+            }
+            result = await exchangeToken(request, this._heartbeatServiceProvider);
         }
         catch (e) {
             if (e.code?.includes("fetch-status-error" /* AppCheckError.FETCH_STATUS_ERROR */)) {
@@ -1485,7 +1501,6 @@ function throwIfThrottled(throttleData) {
  */
 function initializeAppCheck(app$1 = app.getApp(), options) {
     app$1 = util.getModularInstance(app$1);
-    const provider = app._getProvider(app$1, 'app-check');
     // Ensure initializeDebugMode() is only called once.
     if (!getDebugState().initialized) {
         initializeDebugMode();
@@ -1498,22 +1513,53 @@ function initializeAppCheck(app$1 = app.getApp(), options) {
         // Not using logger because I don't think we ever want this accidentally hidden.
         console.log(`App Check debug token: ${token}. You will need to add it to your app's App Check settings in the Firebase console for it to work.`));
     }
-    if (provider.isInitialized()) {
-        const existingInstance = provider.getImmediate();
-        const initialOptions = provider.getOptions();
-        if (initialOptions.isTokenAutoRefreshEnabled ===
-            options.isTokenAutoRefreshEnabled &&
-            initialOptions.provider.isEqual(options.provider)) {
+    let defaultProvider;
+    /**
+     * If user did not pass a provider, look for site key in project
+     * config and create a default ReCaptchaEnterpriseProvider with it.
+     */
+    if (!options?.provider && app$1.options.recaptchaSiteKey) {
+        defaultProvider = new ReCaptchaEnterpriseProvider(app$1.options.recaptchaSiteKey);
+    }
+    /**
+     * If there's no passed provider and no siteKey in project config,
+     * throw.
+     */
+    if (!options?.provider && !defaultProvider) {
+        throw ERROR_FACTORY.create("no-provider" /* AppCheckError.NO_PROVIDER */);
+    }
+    const initOptions = {
+        ...options,
+        provider: options?.provider || defaultProvider
+    };
+    const componentProvider = app._getProvider(app$1, 'app-check');
+    if (componentProvider.isInitialized()) {
+        const existingInstance = componentProvider.getImmediate();
+        const existingOptions = componentProvider.getOptions();
+        /**
+         * Check if all AppCheckOptions previously passed to initializeAppCheck
+         * (`isTokenAutoRefreshEnabled` and `provider`) match those being passed
+         * now. If so, return previous existing instance. Otherwise throw error.
+         */
+        if (existingOptions.isTokenAutoRefreshEnabled ===
+            initOptions.isTokenAutoRefreshEnabled &&
+            existingOptions.provider?.isEqual(initOptions.provider)) {
             return existingInstance;
         }
         else {
+            if (typeof getStateReference(app$1).internallyInitializedBy === 'string') {
+                throw ERROR_FACTORY.create("already-internally-initialized" /* AppCheckError.ALREADY_INTERNALLY_INITIALIZED */, {
+                    initializerName: getStateReference(app$1)
+                        .internallyInitializedBy
+                });
+            }
             throw ERROR_FACTORY.create("already-initialized" /* AppCheckError.ALREADY_INITIALIZED */, {
                 appName: app$1.name
             });
         }
     }
-    const appCheck = provider.initialize({ options });
-    _activate(app$1, options.provider, options.isTokenAutoRefreshEnabled);
+    const appCheck = componentProvider.initialize({ options: initOptions });
+    _activate(app$1, initOptions.provider, initOptions.isTokenAutoRefreshEnabled);
     // If isTokenAutoRefreshEnabled is false, do not send any requests to the
     // exchange endpoint without an explicit call from the user either directly
     // or through another Firebase library (storage, functions, etc.)
@@ -1527,6 +1573,29 @@ function initializeAppCheck(app$1 = app.getApp(), options) {
     }
     return appCheck;
 }
+/**
+ * Internal wrapper that sets a state variable flagging that this was
+ * initialized under the hood by a product SDK.
+ *
+ * @internal
+ */
+function _initializeAppCheckInternal(
+// String to be used in error message if there is a future conflict.
+// Example: "Firebase AI Logic"
+initializerName, app$1 = app.getApp(), options) {
+    const componentProvider = app._getProvider(app$1, 'app-check');
+    const previouslyInitialized = componentProvider.isInitialized();
+    if (previouslyInitialized) {
+        // Product SDKs should accept any previously initialized
+        // App Check configuration without error.
+        return componentProvider.getImmediate();
+    }
+    else {
+        const appCheck = initializeAppCheck(app$1, options);
+        getStateReference(app$1).internallyInitializedBy = initializerName;
+        return appCheck;
+    }
+}
 /**
  * Activate App Check
  * @param app - Firebase app to activate App Check for.
@@ -1697,6 +1766,7 @@ registerAppCheck();
 exports.CustomProvider = CustomProvider;
 exports.ReCaptchaEnterpriseProvider = ReCaptchaEnterpriseProvider;
 exports.ReCaptchaV3Provider = ReCaptchaV3Provider;
+exports._initializeAppCheckInternal = _initializeAppCheckInternal;
 exports.getLimitedUseToken = getLimitedUseToken;
 exports.getToken = getToken;
 exports.initializeAppCheck = initializeAppCheck;