@firebase/app-check 0.6.4 → 0.6.5-canary.0a27d2fbf

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -820,6 +820,25 @@ async function getToken$2(appCheck, forceRefresh = false) {
820
820
  }
821
821
  return interopTokenResult;
822
822
  }
823
+ /**
824
+ * Internal API for limited use tokens. Skips all FAC state and simply calls
825
+ * the underlying provider.
826
+ */
827
+ async function getLimitedUseToken$1(appCheck) {
828
+ const app = appCheck.app;
829
+ ensureActivated(app);
830
+ const { provider } = getStateReference(app);
831
+ if (isDebugMode()) {
832
+ const debugToken = await getDebugToken();
833
+ const { token } = await exchangeToken(getExchangeDebugTokenRequest(app, debugToken), appCheck.heartbeatServiceProvider);
834
+ return { token };
835
+ }
836
+ else {
837
+ // provider is definitely valid since we ensure AppCheck was activated
838
+ const { token } = await provider.getToken();
839
+ return { token };
840
+ }
841
+ }
823
842
  function addTokenListener(appCheck, type, listener, onError) {
824
843
  const { app } = appCheck;
825
844
  const state = getStateReference(app);
@@ -1011,7 +1030,7 @@ function internalFactory(appCheck) {
1011
1030
  }
1012
1031
 
1013
1032
  const name = "@firebase/app-check";
1014
- const version = "0.6.4";
1033
+ const version = "0.6.5-canary.0a27d2fbf";
1015
1034
 
1016
1035
  /**
1017
1036
  * @license
@@ -1121,7 +1140,15 @@ async function getToken$1(app) {
1121
1140
  function renderInvisibleWidget(app, siteKey, grecaptcha, container) {
1122
1141
  const widgetId = grecaptcha.render(container, {
1123
1142
  sitekey: siteKey,
1124
- size: 'invisible'
1143
+ size: 'invisible',
1144
+ // Success callback - set state
1145
+ callback: () => {
1146
+ getStateReference(app).reCAPTCHAState.succeeded = true;
1147
+ },
1148
+ // Failure callback - set state
1149
+ 'error-callback': () => {
1150
+ getStateReference(app).reCAPTCHAState.succeeded = false;
1151
+ }
1125
1152
  });
1126
1153
  const state = getStateReference(app);
1127
1154
  state.reCAPTCHAState = Object.assign(Object.assign({}, state.reCAPTCHAState), { // state.reCAPTCHAState is set in the initialize()
@@ -1180,7 +1207,7 @@ class ReCaptchaV3Provider {
1180
1207
  * @internal
1181
1208
  */
1182
1209
  async getToken() {
1183
- var _a, _b;
1210
+ var _a, _b, _c;
1184
1211
  throwIfThrottled(this._throttleData);
1185
1212
  // Top-level `getToken()` has already checked that App Check is initialized
1186
1213
  // and therefore this._app and this._heartbeatServiceProvider are available.
@@ -1188,13 +1215,17 @@ class ReCaptchaV3Provider {
1188
1215
  // reCaptcha.execute() throws null which is not very descriptive.
1189
1216
  throw ERROR_FACTORY.create("recaptcha-error" /* AppCheckError.RECAPTCHA_ERROR */);
1190
1217
  });
1218
+ // Check if a failure state was set by the recaptcha "error-callback".
1219
+ if (!((_a = getStateReference(this._app).reCAPTCHAState) === null || _a === void 0 ? void 0 : _a.succeeded)) {
1220
+ throw ERROR_FACTORY.create("recaptcha-error" /* AppCheckError.RECAPTCHA_ERROR */);
1221
+ }
1191
1222
  let result;
1192
1223
  try {
1193
1224
  result = await exchangeToken(getExchangeRecaptchaV3TokenRequest(this._app, attestedClaimsToken), this._heartbeatServiceProvider);
1194
1225
  }
1195
1226
  catch (e) {
1196
- if ((_a = e.code) === null || _a === void 0 ? void 0 : _a.includes("fetch-status-error" /* AppCheckError.FETCH_STATUS_ERROR */)) {
1197
- this._throttleData = setBackoff(Number((_b = e.customData) === null || _b === void 0 ? void 0 : _b.httpStatus), this._throttleData);
1227
+ if ((_b = e.code) === null || _b === void 0 ? void 0 : _b.includes("fetch-status-error" /* AppCheckError.FETCH_STATUS_ERROR */)) {
1228
+ this._throttleData = setBackoff(Number((_c = e.customData) === null || _c === void 0 ? void 0 : _c.httpStatus), this._throttleData);
1198
1229
  throw ERROR_FACTORY.create("throttled" /* AppCheckError.THROTTLED */, {
1199
1230
  time: getDurationString(this._throttleData.allowRequestsAfter - Date.now()),
1200
1231
  httpStatus: this._throttleData.httpStatus
@@ -1254,7 +1285,7 @@ class ReCaptchaEnterpriseProvider {
1254
1285
  * @internal
1255
1286
  */
1256
1287
  async getToken() {
1257
- var _a, _b;
1288
+ var _a, _b, _c;
1258
1289
  throwIfThrottled(this._throttleData);
1259
1290
  // Top-level `getToken()` has already checked that App Check is initialized
1260
1291
  // and therefore this._app and this._heartbeatServiceProvider are available.
@@ -1262,13 +1293,17 @@ class ReCaptchaEnterpriseProvider {
1262
1293
  // reCaptcha.execute() throws null which is not very descriptive.
1263
1294
  throw ERROR_FACTORY.create("recaptcha-error" /* AppCheckError.RECAPTCHA_ERROR */);
1264
1295
  });
1296
+ // Check if a failure state was set by the recaptcha "error-callback".
1297
+ if (!((_a = getStateReference(this._app).reCAPTCHAState) === null || _a === void 0 ? void 0 : _a.succeeded)) {
1298
+ throw ERROR_FACTORY.create("recaptcha-error" /* AppCheckError.RECAPTCHA_ERROR */);
1299
+ }
1265
1300
  let result;
1266
1301
  try {
1267
1302
  result = await exchangeToken(getExchangeRecaptchaEnterpriseTokenRequest(this._app, attestedClaimsToken), this._heartbeatServiceProvider);
1268
1303
  }
1269
1304
  catch (e) {
1270
- if ((_a = e.code) === null || _a === void 0 ? void 0 : _a.includes("fetch-status-error" /* AppCheckError.FETCH_STATUS_ERROR */)) {
1271
- this._throttleData = setBackoff(Number((_b = e.customData) === null || _b === void 0 ? void 0 : _b.httpStatus), this._throttleData);
1305
+ if ((_b = e.code) === null || _b === void 0 ? void 0 : _b.includes("fetch-status-error" /* AppCheckError.FETCH_STATUS_ERROR */)) {
1306
+ this._throttleData = setBackoff(Number((_c = e.customData) === null || _c === void 0 ? void 0 : _c.httpStatus), this._throttleData);
1272
1307
  throw ERROR_FACTORY.create("throttled" /* AppCheckError.THROTTLED */, {
1273
1308
  time: getDurationString(this._throttleData.allowRequestsAfter - Date.now()),
1274
1309
  httpStatus: this._throttleData.httpStatus
@@ -1541,6 +1576,24 @@ async function getToken(appCheckInstance, forceRefresh) {
1541
1576
  }
1542
1577
  return { token: result.token };
1543
1578
  }
1579
+ /**
1580
+ * Requests a Firebase App Check token. This method should be used
1581
+ * only if you need to authorize requests to a non-Firebase backend.
1582
+ *
1583
+ * Returns limited-use tokens that are intended for use with your
1584
+ * non-Firebase backend endpoints that are protected with
1585
+ * <a href="https://firebase.google.com/docs/app-check/custom-resource-backend#replay-protection">
1586
+ * Replay Protection</a>. This method
1587
+ * does not affect the token generation behavior of the
1588
+ * #getAppCheckToken() method.
1589
+ *
1590
+ * @param appCheckInstance - The App Check service instance.
1591
+ * @returns The limited use token.
1592
+ * @public
1593
+ */
1594
+ function getLimitedUseToken(appCheckInstance) {
1595
+ return getLimitedUseToken$1(appCheckInstance);
1596
+ }
1544
1597
  /**
1545
1598
  * Wraps `addTokenListener`/`removeTokenListener` methods in an `Observer`
1546
1599
  * pattern for public use.
@@ -1604,5 +1657,5 @@ function registerAppCheck() {
1604
1657
  }
1605
1658
  registerAppCheck();
1606
1659
 
1607
- export { CustomProvider, ReCaptchaEnterpriseProvider, ReCaptchaV3Provider, getToken, initializeAppCheck, onTokenChanged, setTokenAutoRefreshEnabled };
1660
+ export { CustomProvider, ReCaptchaEnterpriseProvider, ReCaptchaV3Provider, getLimitedUseToken, getToken, initializeAppCheck, onTokenChanged, setTokenAutoRefreshEnabled };
1608
1661
  //# sourceMappingURL=index.esm2017.js.map