@firebase/app 0.10.18 → 0.11.0-20250205220033

package/dist/app/src/global_index.d.ts

@@ -439,9 +439,11 @@ interface FirebaseServerAppSettings extends Omit<FirebaseAppSettings, 'name'> {
      * causes an automatic attempt to sign in the user that the `authIdToken` represents. The token
      * needs to have been recently minted for this operation to succeed.
      *
-     * If the token fails local verification, or if the Auth service has failed to validate it when
-     * the Auth SDK is initialized, then a warning is logged to the console and the Auth SDK will not
-     * sign in a user on initialization.
+     * If the token fails local verification due to expiration or parsing errors, then a console error
+     * is logged at the time of initialization of the `FirebaseServerApp` instance.
+     *
+     * If the Auth service has failed to validate the token when the Auth SDK is initialized, then an
+     * warning is logged to the console and the Auth SDK will not sign in a user on initialization.
      *
      * If a user is successfully signed in, then the Auth instance's `onAuthStateChanged` callback
      * is invoked with the `User` object as per standard Auth flows. However, `User` objects
@@ -449,6 +451,14 @@ interface FirebaseServerAppSettings extends Omit<FirebaseAppSettings, 'name'> {
      * operations fail.
      */
     authIdToken?: string;
+    /**
+     * An optional App Check token. If provided, the Firebase SDKs that use App Check will utilize
+     * this App Check token in place of requiring an instance of App Check to be initialized.
+     *
+     * If the token fails local verification due to expiration or parsing errors, then a console error
+     * is logged at the time of initialization of the `FirebaseServerApp` instance.
+     */
+    appCheckToken?: string;
     /**
      * An optional object. If provided, the Firebase SDK uses a `FinalizationRegistry`
      * object to monitor the garbage collection status of the provided object. The
@@ -881,7 +891,7 @@ declare function _isFirebaseApp(obj: FirebaseApp | FirebaseOptions): obj is Fire
  *
  * @internal
  */
-declare function _isFirebaseServerApp(obj: FirebaseApp | FirebaseServerApp): obj is FirebaseServerApp;
+declare function _isFirebaseServerApp(obj: FirebaseApp | FirebaseServerApp | null | undefined): obj is FirebaseServerApp;
 /**
  * Test only
  *

package/dist/app/src/heartbeatService.d.ts

@@ -17,6 +17,7 @@
 import { ComponentContainer } from '@firebase/component';
 import { FirebaseApp } from './public-types';
 import { HeartbeatsByUserAgent, HeartbeatService, HeartbeatsInIndexedDB, HeartbeatStorage, SingleDateHeartbeat } from './types';
+export declare const MAX_NUM_STORED_HEARTBEATS = 30;
 export declare class HeartbeatServiceImpl implements HeartbeatService {
     private readonly container;
     /**
@@ -81,3 +82,8 @@ export declare class HeartbeatStorageImpl implements HeartbeatStorage {
  * to base 64.
  */
 export declare function countBytes(heartbeatsCache: HeartbeatsByUserAgent[]): number;
+/**
+ * Returns the index of the heartbeat with the earliest date.
+ * If the heartbeats array is empty, -1 is returned.
+ */
+export declare function getEarliestHeartbeatIdx(heartbeats: SingleDateHeartbeat[]): number;

package/dist/app/src/internal.d.ts

@@ -86,7 +86,7 @@ export declare function _isFirebaseApp(obj: FirebaseApp | FirebaseOptions): obj
  *
  * @internal
  */
-export declare function _isFirebaseServerApp(obj: FirebaseApp | FirebaseServerApp): obj is FirebaseServerApp;
+export declare function _isFirebaseServerApp(obj: FirebaseApp | FirebaseServerApp | null | undefined): obj is FirebaseServerApp;
 /**
  * Test only
  *

package/dist/app/src/public-types.d.ts

@@ -171,9 +171,11 @@ export interface FirebaseServerAppSettings extends Omit<FirebaseAppSettings, 'na
      * causes an automatic attempt to sign in the user that the `authIdToken` represents. The token
      * needs to have been recently minted for this operation to succeed.
      *
-     * If the token fails local verification, or if the Auth service has failed to validate it when
-     * the Auth SDK is initialized, then a warning is logged to the console and the Auth SDK will not
-     * sign in a user on initialization.
+     * If the token fails local verification due to expiration or parsing errors, then a console error
+     * is logged at the time of initialization of the `FirebaseServerApp` instance.
+     *
+     * If the Auth service has failed to validate the token when the Auth SDK is initialized, then an
+     * warning is logged to the console and the Auth SDK will not sign in a user on initialization.
      *
      * If a user is successfully signed in, then the Auth instance's `onAuthStateChanged` callback
      * is invoked with the `User` object as per standard Auth flows. However, `User` objects
@@ -181,6 +183,14 @@ export interface FirebaseServerAppSettings extends Omit<FirebaseAppSettings, 'na
      * operations fail.
      */
     authIdToken?: string;
+    /**
+     * An optional App Check token. If provided, the Firebase SDKs that use App Check will utilize
+     * this App Check token in place of requiring an instance of App Check to be initialized.
+     *
+     * If the token fails local verification due to expiration or parsing errors, then a console error
+     * is logged at the time of initialization of the `FirebaseServerApp` instance.
+     */
+    appCheckToken?: string;
     /**
      * An optional object. If provided, the Firebase SDK uses a `FinalizationRegistry`
      * object to monitor the garbage collection status of the provided object. The

package/dist/app-public.d.ts

@@ -207,9 +207,11 @@ export declare interface FirebaseServerAppSettings extends Omit<FirebaseAppSetti
      * causes an automatic attempt to sign in the user that the `authIdToken` represents. The token
      * needs to have been recently minted for this operation to succeed.
      *
-     * If the token fails local verification, or if the Auth service has failed to validate it when
-     * the Auth SDK is initialized, then a warning is logged to the console and the Auth SDK will not
-     * sign in a user on initialization.
+     * If the token fails local verification due to expiration or parsing errors, then a console error
+     * is logged at the time of initialization of the `FirebaseServerApp` instance.
+     *
+     * If the Auth service has failed to validate the token when the Auth SDK is initialized, then an
+     * warning is logged to the console and the Auth SDK will not sign in a user on initialization.
      *
      * If a user is successfully signed in, then the Auth instance's `onAuthStateChanged` callback
      * is invoked with the `User` object as per standard Auth flows. However, `User` objects
@@ -217,6 +219,14 @@ export declare interface FirebaseServerAppSettings extends Omit<FirebaseAppSetti
      * operations fail.
      */
     authIdToken?: string;
+    /**
+     * An optional App Check token. If provided, the Firebase SDKs that use App Check will utilize
+     * this App Check token in place of requiring an instance of App Check to be initialized.
+     *
+     * If the token fails local verification due to expiration or parsing errors, then a console error
+     * is logged at the time of initialization of the `FirebaseServerApp` instance.
+     */
+    appCheckToken?: string;
     /**
      * An optional object. If provided, the Firebase SDK uses a `FinalizationRegistry`
      * object to monitor the garbage collection status of the provided object. The

package/dist/app.d.ts

@@ -241,9 +241,11 @@ export declare interface FirebaseServerAppSettings extends Omit<FirebaseAppSetti
      * causes an automatic attempt to sign in the user that the `authIdToken` represents. The token
      * needs to have been recently minted for this operation to succeed.
      *
-     * If the token fails local verification, or if the Auth service has failed to validate it when
-     * the Auth SDK is initialized, then a warning is logged to the console and the Auth SDK will not
-     * sign in a user on initialization.
+     * If the token fails local verification due to expiration or parsing errors, then a console error
+     * is logged at the time of initialization of the `FirebaseServerApp` instance.
+     *
+     * If the Auth service has failed to validate the token when the Auth SDK is initialized, then an
+     * warning is logged to the console and the Auth SDK will not sign in a user on initialization.
      *
      * If a user is successfully signed in, then the Auth instance's `onAuthStateChanged` callback
      * is invoked with the `User` object as per standard Auth flows. However, `User` objects
@@ -251,6 +253,14 @@ export declare interface FirebaseServerAppSettings extends Omit<FirebaseAppSetti
      * operations fail.
      */
     authIdToken?: string;
+    /**
+     * An optional App Check token. If provided, the Firebase SDKs that use App Check will utilize
+     * this App Check token in place of requiring an instance of App Check to be initialized.
+     *
+     * If the token fails local verification due to expiration or parsing errors, then a console error
+     * is logged at the time of initialization of the `FirebaseServerApp` instance.
+     */
+    appCheckToken?: string;
     /**
      * An optional object. If provided, the Firebase SDK uses a `FinalizationRegistry`
      * object to monitor the garbage collection status of the provided object. The
@@ -457,7 +467,7 @@ export declare function _isFirebaseApp(obj: FirebaseApp | FirebaseOptions): obj
  *
  * @internal
  */
-export declare function _isFirebaseServerApp(obj: FirebaseApp | FirebaseServerApp): obj is FirebaseServerApp;
+export declare function _isFirebaseServerApp(obj: FirebaseApp | FirebaseServerApp | null | undefined): obj is FirebaseServerApp;
 
 /**
  * Sets log handler for all Firebase SDKs.

package/dist/esm/app/src/heartbeatService.d.ts

@@ -17,6 +17,7 @@
 import { ComponentContainer } from '@firebase/component';
 import { FirebaseApp } from './public-types';
 import { HeartbeatsByUserAgent, HeartbeatService, HeartbeatsInIndexedDB, HeartbeatStorage, SingleDateHeartbeat } from './types';
+export declare const MAX_NUM_STORED_HEARTBEATS = 30;
 export declare class HeartbeatServiceImpl implements HeartbeatService {
     private readonly container;
     /**
@@ -81,3 +82,8 @@ export declare class HeartbeatStorageImpl implements HeartbeatStorage {
  * to base 64.
  */
 export declare function countBytes(heartbeatsCache: HeartbeatsByUserAgent[]): number;
+/**
+ * Returns the index of the heartbeat with the earliest date.
+ * If the heartbeats array is empty, -1 is returned.
+ */
+export declare function getEarliestHeartbeatIdx(heartbeats: SingleDateHeartbeat[]): number;

package/dist/esm/app/src/internal.d.ts

@@ -86,7 +86,7 @@ export declare function _isFirebaseApp(obj: FirebaseApp | FirebaseOptions): obj
  *
  * @internal
  */
-export declare function _isFirebaseServerApp(obj: FirebaseApp | FirebaseServerApp): obj is FirebaseServerApp;
+export declare function _isFirebaseServerApp(obj: FirebaseApp | FirebaseServerApp | null | undefined): obj is FirebaseServerApp;
 /**
  * Test only
  *

package/dist/esm/app/src/public-types.d.ts

@@ -171,9 +171,11 @@ export interface FirebaseServerAppSettings extends Omit<FirebaseAppSettings, 'na
      * causes an automatic attempt to sign in the user that the `authIdToken` represents. The token
      * needs to have been recently minted for this operation to succeed.
      *
-     * If the token fails local verification, or if the Auth service has failed to validate it when
-     * the Auth SDK is initialized, then a warning is logged to the console and the Auth SDK will not
-     * sign in a user on initialization.
+     * If the token fails local verification due to expiration or parsing errors, then a console error
+     * is logged at the time of initialization of the `FirebaseServerApp` instance.
+     *
+     * If the Auth service has failed to validate the token when the Auth SDK is initialized, then an
+     * warning is logged to the console and the Auth SDK will not sign in a user on initialization.
      *
      * If a user is successfully signed in, then the Auth instance's `onAuthStateChanged` callback
      * is invoked with the `User` object as per standard Auth flows. However, `User` objects
@@ -181,6 +183,14 @@ export interface FirebaseServerAppSettings extends Omit<FirebaseAppSettings, 'na
      * operations fail.
      */
     authIdToken?: string;
+    /**
+     * An optional App Check token. If provided, the Firebase SDKs that use App Check will utilize
+     * this App Check token in place of requiring an instance of App Check to be initialized.
+     *
+     * If the token fails local verification due to expiration or parsing errors, then a console error
+     * is logged at the time of initialization of the `FirebaseServerApp` instance.
+     */
+    appCheckToken?: string;
     /**
      * An optional object. If provided, the Firebase SDK uses a `FinalizationRegistry`
      * object to monitor the garbage collection status of the provided object. The

package/dist/esm/index.esm2017.js

@@ -1,6 +1,6 @@
 import { Component, ComponentContainer } from '@firebase/component';
 import { Logger, setUserLogHandler, setLogLevel as setLogLevel$1 } from '@firebase/logger';
-import { ErrorFactory, getDefaultAppConfig, deepEqual, isBrowser, isWebWorker, FirebaseError, base64urlEncodeWithoutPadding, isIndexedDBAvailable, validateIndexedDBOpenable } from '@firebase/util';
+import { ErrorFactory, base64Decode, getDefaultAppConfig, deepEqual, isBrowser, isWebWorker, FirebaseError, base64urlEncodeWithoutPadding, isIndexedDBAvailable, validateIndexedDBOpenable } from '@firebase/util';
 export { FirebaseError } from '@firebase/util';
 import { openDB } from 'idb';
 
@@ -58,7 +58,7 @@ function isVersionServiceProvider(provider) {
 }
 
 const name$q = "@firebase/app";
-const version$1 = "0.10.18";
+const version$1 = "0.11.0-20250205220033";
 
 /**
  * @license
@@ -129,7 +129,7 @@ const name$2 = "@firebase/vertexai";
 const name$1 = "@firebase/firestore-compat";
 
 const name = "firebase";
-const version = "11.2.0";
+const version = "11.3.0-20250205220033";
 
 /**
  * @license
@@ -307,6 +307,9 @@ function _isFirebaseApp(obj) {
  * @internal
  */
 function _isFirebaseServerApp(obj) {
+    if (obj === null || obj === undefined) {
+        return false;
+    }
     return obj.settings !== undefined;
 }
 /**
@@ -437,6 +440,27 @@ class FirebaseAppImpl {
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+// Parse the token and check to see if the `exp` claim is in the future.
+// Reports an error to the console if the token or claim could not be parsed, or if `exp` is in
+// the past.
+function validateTokenTTL(base64Token, tokenName) {
+    const secondPart = base64Decode(base64Token.split('.')[1]);
+    if (secondPart === null) {
+        console.error(`FirebaseServerApp ${tokenName} is invalid: second part could not be parsed.`);
+        return;
+    }
+    const expClaim = JSON.parse(secondPart).exp;
+    if (expClaim === undefined) {
+        console.error(`FirebaseServerApp ${tokenName} is invalid: expiration claim could not be parsed`);
+        return;
+    }
+    const exp = JSON.parse(secondPart).exp * 1000;
+    const now = new Date().getTime();
+    const diff = exp - now;
+    if (diff <= 0) {
+        console.error(`FirebaseServerApp ${tokenName} is invalid: the token has expired.`);
+    }
+}
 class FirebaseServerAppImpl extends FirebaseAppImpl {
     constructor(options, serverConfig, name, container) {
         // Build configuration parameters for the FirebaseAppImpl base class.
@@ -458,6 +482,14 @@ class FirebaseServerAppImpl extends FirebaseAppImpl {
         }
         // Now construct the data for the FirebaseServerAppImpl.
         this._serverConfig = Object.assign({ automaticDataCollectionEnabled }, serverConfig);
+        // Ensure that the current time is within the `authIdtoken` window of validity.
+        if (this._serverConfig.authIdToken) {
+            validateTokenTTL(this._serverConfig.authIdToken, 'authIdToken');
+        }
+        // Ensure that the current time is within the `appCheckToken` window of validity.
+        if (this._serverConfig.appCheckToken) {
+            validateTokenTTL(this._serverConfig.appCheckToken, 'appCheckToken');
+        }
         this._finalizationRegistry = null;
         if (typeof FinalizationRegistry !== 'undefined') {
             this._finalizationRegistry = new FinalizationRegistry(() => {
@@ -878,8 +910,7 @@ function computeKey(app) {
  * limitations under the License.
  */
 const MAX_HEADER_BYTES = 1024;
-// 30 days
-const STORED_HEARTBEAT_RETENTION_MAX_MILLIS = 30 * 24 * 60 * 60 * 1000;
+const MAX_NUM_STORED_HEARTBEATS = 30;
 class HeartbeatServiceImpl {
     constructor(container) {
         this.container = container;
@@ -933,14 +964,13 @@ class HeartbeatServiceImpl {
             else {
                 // There is no entry for this date. Create one.
                 this._heartbeatsCache.heartbeats.push({ date, agent });
+                // If the number of stored heartbeats exceeds the maximum number of stored heartbeats, remove the heartbeat with the earliest date.
+                // Since this is executed each time a heartbeat is pushed, the limit can only be exceeded by one, so only one needs to be removed.
+                if (this._heartbeatsCache.heartbeats.length > MAX_NUM_STORED_HEARTBEATS) {
+                    const earliestHeartbeatIdx = getEarliestHeartbeatIdx(this._heartbeatsCache.heartbeats);
+                    this._heartbeatsCache.heartbeats.splice(earliestHeartbeatIdx, 1);
+                }
             }
-            // Remove entries older than 30 days.
-            this._heartbeatsCache.heartbeats =
-                this._heartbeatsCache.heartbeats.filter(singleDateHeartbeat => {
-                    const hbTimestamp = new Date(singleDateHeartbeat.date).valueOf();
-                    const now = Date.now();
-                    return now - hbTimestamp <= STORED_HEARTBEAT_RETENTION_MAX_MILLIS;
-                });
             return this._storage.overwrite(this._heartbeatsCache);
         }
         catch (e) {
@@ -1115,6 +1145,24 @@ function countBytes(heartbeatsCache) {
     // heartbeatsCache wrapper properties
     JSON.stringify({ version: 2, heartbeats: heartbeatsCache })).length;
 }
+/**
+ * Returns the index of the heartbeat with the earliest date.
+ * If the heartbeats array is empty, -1 is returned.
+ */
+function getEarliestHeartbeatIdx(heartbeats) {
+    if (heartbeats.length === 0) {
+        return -1;
+    }
+    let earliestHeartbeatIdx = 0;
+    let earliestHeartbeatDate = heartbeats[0].date;
+    for (let i = 1; i < heartbeats.length; i++) {
+        if (heartbeats[i].date < earliestHeartbeatDate) {
+            earliestHeartbeatDate = heartbeats[i].date;
+            earliestHeartbeatIdx = i;
+        }
+    }
+    return earliestHeartbeatIdx;
+}
 
 /**
  * @license