@firebase/auth 0.19.12 → 0.20.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (121) hide show
  1. package/CHANGELOG.md +13 -0
  2. package/dist/auth-public.d.ts +30 -0
  3. package/dist/auth.d.ts +38 -1
  4. package/dist/cordova/index.js +2 -2
  5. package/dist/cordova/internal/index.d.ts +1 -0
  6. package/dist/cordova/internal.js +3 -2
  7. package/dist/cordova/internal.js.map +1 -1
  8. package/dist/cordova/{popup_redirect-fd81f644.js → popup_redirect-1228b67a.js} +203 -43
  9. package/dist/cordova/popup_redirect-1228b67a.js.map +1 -0
  10. package/dist/cordova/src/core/auth/auth_impl.d.ts +3 -1
  11. package/dist/cordova/src/core/auth/middleware.d.ts +25 -0
  12. package/dist/cordova/src/core/auth/middleware.test.d.ts +17 -0
  13. package/dist/cordova/src/core/errors.d.ts +7 -1
  14. package/dist/cordova/src/core/index.d.ts +11 -0
  15. package/dist/cordova/src/core/strategies/redirect.d.ts +1 -0
  16. package/dist/cordova/src/model/popup_redirect.d.ts +2 -0
  17. package/dist/cordova/src/model/public_types.d.ts +10 -0
  18. package/dist/cordova/test/integration/flows/middleware_test_generator.d.ts +18 -0
  19. package/dist/cordova/test/integration/webdriver/util/functions.d.ts +4 -0
  20. package/dist/esm2017/{index-7078a255.js → index-815f1b87.js} +143 -18
  21. package/dist/esm2017/index-815f1b87.js.map +1 -0
  22. package/dist/esm2017/index.js +1 -1
  23. package/dist/esm2017/internal/index.d.ts +1 -0
  24. package/dist/esm2017/internal.js +3 -2
  25. package/dist/esm2017/internal.js.map +1 -1
  26. package/dist/esm2017/src/core/auth/auth_impl.d.ts +3 -1
  27. package/dist/esm2017/src/core/auth/middleware.d.ts +25 -0
  28. package/dist/esm2017/src/core/auth/middleware.test.d.ts +17 -0
  29. package/dist/esm2017/src/core/errors.d.ts +7 -1
  30. package/dist/esm2017/src/core/index.d.ts +11 -0
  31. package/dist/esm2017/src/core/strategies/redirect.d.ts +1 -0
  32. package/dist/esm2017/src/model/popup_redirect.d.ts +2 -0
  33. package/dist/esm2017/src/model/public_types.d.ts +10 -0
  34. package/dist/esm2017/test/integration/flows/middleware_test_generator.d.ts +18 -0
  35. package/dist/esm2017/test/integration/webdriver/util/functions.d.ts +4 -0
  36. package/dist/esm5/{index-7a476dcd.js → index-dc27d95e.js} +203 -43
  37. package/dist/esm5/index-dc27d95e.js.map +1 -0
  38. package/dist/esm5/index.js +1 -1
  39. package/dist/esm5/internal/index.d.ts +1 -0
  40. package/dist/esm5/internal.js +3 -2
  41. package/dist/esm5/internal.js.map +1 -1
  42. package/dist/esm5/src/core/auth/auth_impl.d.ts +3 -1
  43. package/dist/esm5/src/core/auth/middleware.d.ts +25 -0
  44. package/dist/esm5/src/core/auth/middleware.test.d.ts +17 -0
  45. package/dist/esm5/src/core/errors.d.ts +7 -1
  46. package/dist/esm5/src/core/index.d.ts +11 -0
  47. package/dist/esm5/src/core/strategies/redirect.d.ts +1 -0
  48. package/dist/esm5/src/model/popup_redirect.d.ts +2 -0
  49. package/dist/esm5/src/model/public_types.d.ts +10 -0
  50. package/dist/esm5/test/integration/flows/middleware_test_generator.d.ts +18 -0
  51. package/dist/esm5/test/integration/webdriver/util/functions.d.ts +4 -0
  52. package/dist/index.webworker.esm5.js +198 -42
  53. package/dist/index.webworker.esm5.js.map +1 -1
  54. package/dist/internal/index.d.ts +1 -0
  55. package/dist/node/{index-eabd3e6c.js → index-ec34877a.js} +199 -42
  56. package/dist/node/index-ec34877a.js.map +1 -0
  57. package/dist/node/index.js +2 -1
  58. package/dist/node/index.js.map +1 -1
  59. package/dist/node/internal/index.d.ts +1 -0
  60. package/dist/node/internal.js +7 -1
  61. package/dist/node/internal.js.map +1 -1
  62. package/dist/node/src/core/auth/auth_impl.d.ts +3 -1
  63. package/dist/node/src/core/auth/middleware.d.ts +25 -0
  64. package/dist/node/src/core/auth/middleware.test.d.ts +17 -0
  65. package/dist/node/src/core/errors.d.ts +7 -1
  66. package/dist/node/src/core/index.d.ts +11 -0
  67. package/dist/node/src/core/strategies/redirect.d.ts +1 -0
  68. package/dist/node/src/model/popup_redirect.d.ts +2 -0
  69. package/dist/node/src/model/public_types.d.ts +10 -0
  70. package/dist/node/test/integration/flows/middleware_test_generator.d.ts +18 -0
  71. package/dist/node/test/integration/webdriver/util/functions.d.ts +4 -0
  72. package/dist/node-esm/{index-d709908a.js → index-c85cf380.js} +139 -18
  73. package/dist/node-esm/index-c85cf380.js.map +1 -0
  74. package/dist/node-esm/index.js +1 -1
  75. package/dist/node-esm/internal/index.d.ts +1 -0
  76. package/dist/node-esm/internal.js +7 -3
  77. package/dist/node-esm/internal.js.map +1 -1
  78. package/dist/node-esm/src/core/auth/auth_impl.d.ts +3 -1
  79. package/dist/node-esm/src/core/auth/middleware.d.ts +25 -0
  80. package/dist/node-esm/src/core/auth/middleware.test.d.ts +17 -0
  81. package/dist/node-esm/src/core/errors.d.ts +7 -1
  82. package/dist/node-esm/src/core/index.d.ts +11 -0
  83. package/dist/node-esm/src/core/strategies/redirect.d.ts +1 -0
  84. package/dist/node-esm/src/model/popup_redirect.d.ts +2 -0
  85. package/dist/node-esm/src/model/public_types.d.ts +10 -0
  86. package/dist/node-esm/test/integration/flows/middleware_test_generator.d.ts +18 -0
  87. package/dist/node-esm/test/integration/webdriver/util/functions.d.ts +4 -0
  88. package/dist/rn/index.js +2 -1
  89. package/dist/rn/index.js.map +1 -1
  90. package/dist/rn/internal/index.d.ts +1 -0
  91. package/dist/rn/internal.js +8 -1
  92. package/dist/rn/internal.js.map +1 -1
  93. package/dist/rn/{phone-eec7f987.js → phone-ae029e3c.js} +199 -42
  94. package/dist/rn/phone-ae029e3c.js.map +1 -0
  95. package/dist/rn/src/core/auth/auth_impl.d.ts +3 -1
  96. package/dist/rn/src/core/auth/middleware.d.ts +25 -0
  97. package/dist/rn/src/core/auth/middleware.test.d.ts +17 -0
  98. package/dist/rn/src/core/errors.d.ts +7 -1
  99. package/dist/rn/src/core/index.d.ts +11 -0
  100. package/dist/rn/src/core/strategies/redirect.d.ts +1 -0
  101. package/dist/rn/src/model/popup_redirect.d.ts +2 -0
  102. package/dist/rn/src/model/public_types.d.ts +10 -0
  103. package/dist/rn/test/integration/flows/middleware_test_generator.d.ts +18 -0
  104. package/dist/rn/test/integration/webdriver/util/functions.d.ts +4 -0
  105. package/dist/src/core/auth/auth_impl.d.ts +3 -1
  106. package/dist/src/core/auth/middleware.d.ts +25 -0
  107. package/dist/src/core/auth/middleware.test.d.ts +17 -0
  108. package/dist/src/core/errors.d.ts +7 -1
  109. package/dist/src/core/index.d.ts +11 -0
  110. package/dist/src/core/strategies/redirect.d.ts +1 -0
  111. package/dist/src/model/popup_redirect.d.ts +2 -0
  112. package/dist/src/model/public_types.d.ts +10 -0
  113. package/dist/test/integration/flows/middleware_test_generator.d.ts +18 -0
  114. package/dist/test/integration/webdriver/util/functions.d.ts +4 -0
  115. package/package.json +6 -6
  116. package/dist/cordova/popup_redirect-fd81f644.js.map +0 -1
  117. package/dist/esm2017/index-7078a255.js.map +0 -1
  118. package/dist/esm5/index-7a476dcd.js.map +0 -1
  119. package/dist/node/index-eabd3e6c.js.map +0 -1
  120. package/dist/node-esm/index-d709908a.js.map +0 -1
  121. package/dist/rn/phone-eec7f987.js.map +0 -1
@@ -199,6 +199,7 @@ function _debugErrorMap() {
199
199
  'Please fix by going to the Auth email templates section in the Firebase Console.',
200
200
  _a["invalid-verification-id" /* INVALID_SESSION_INFO */] = 'The verification ID used to create the phone auth credential is invalid.',
201
201
  _a["invalid-tenant-id" /* INVALID_TENANT_ID */] = "The Auth instance's tenant ID is invalid.",
202
+ _a["login-blocked" /* LOGIN_BLOCKED */] = "Login blocked by user-provided method: {$originalMessage}",
202
203
  _a["missing-android-pkg-name" /* MISSING_ANDROID_PACKAGE_NAME */] = 'An Android Package Name must be provided if the Android App is required to be installed.',
203
204
  _a["auth-domain-config-required" /* MISSING_AUTH_DOMAIN */] = 'Be sure to include authDomain when calling firebase.initializeApp(), ' +
204
205
  'by following the instructions in the Firebase console.',
@@ -2463,6 +2464,104 @@ function _getClientVersion(clientPlatform, frameworks) {
2463
2464
  return reportedPlatform + "/" + "JsCore" /* CORE */ + "/" + SDK_VERSION + "/" + reportedFrameworks;
2464
2465
  }
2465
2466
 
2467
+ /**
2468
+ * @license
2469
+ * Copyright 2022 Google LLC
2470
+ *
2471
+ * Licensed under the Apache License, Version 2.0 (the "License");
2472
+ * you may not use this file except in compliance with the License.
2473
+ * You may obtain a copy of the License at
2474
+ *
2475
+ * http://www.apache.org/licenses/LICENSE-2.0
2476
+ *
2477
+ * Unless required by applicable law or agreed to in writing, software
2478
+ * distributed under the License is distributed on an "AS IS" BASIS,
2479
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2480
+ * See the License for the specific language governing permissions and
2481
+ * limitations under the License.
2482
+ */
2483
+ var AuthMiddlewareQueue = /** @class */ (function () {
2484
+ function AuthMiddlewareQueue(auth) {
2485
+ this.auth = auth;
2486
+ this.queue = [];
2487
+ }
2488
+ AuthMiddlewareQueue.prototype.pushCallback = function (callback, onAbort) {
2489
+ var _this = this;
2490
+ // The callback could be sync or async. Wrap it into a
2491
+ // function that is always async.
2492
+ var wrappedCallback = function (user) { return new Promise(function (resolve, reject) {
2493
+ try {
2494
+ var result = callback(user);
2495
+ // Either resolve with existing promise or wrap a non-promise
2496
+ // return value into a promise.
2497
+ resolve(result);
2498
+ }
2499
+ catch (e) {
2500
+ // Sync callback throws.
2501
+ reject(e);
2502
+ }
2503
+ }); };
2504
+ // Attach the onAbort if present
2505
+ wrappedCallback.onAbort = onAbort;
2506
+ this.queue.push(wrappedCallback);
2507
+ var index = this.queue.length - 1;
2508
+ return function () {
2509
+ // Unsubscribe. Replace with no-op. Do not remove from array, or it will disturb
2510
+ // indexing of other elements.
2511
+ _this.queue[index] = function () { return Promise.resolve(); };
2512
+ };
2513
+ };
2514
+ AuthMiddlewareQueue.prototype.runMiddleware = function (nextUser) {
2515
+ return __awaiter(this, void 0, void 0, function () {
2516
+ var onAbortStack, _i, _a, beforeStateCallback, e_1, _b, onAbortStack_1, onAbort;
2517
+ return __generator(this, function (_c) {
2518
+ switch (_c.label) {
2519
+ case 0:
2520
+ if (this.auth.currentUser === nextUser) {
2521
+ return [2 /*return*/];
2522
+ }
2523
+ onAbortStack = [];
2524
+ _c.label = 1;
2525
+ case 1:
2526
+ _c.trys.push([1, 6, , 7]);
2527
+ _i = 0, _a = this.queue;
2528
+ _c.label = 2;
2529
+ case 2:
2530
+ if (!(_i < _a.length)) return [3 /*break*/, 5];
2531
+ beforeStateCallback = _a[_i];
2532
+ return [4 /*yield*/, beforeStateCallback(nextUser)];
2533
+ case 3:
2534
+ _c.sent();
2535
+ // Only push the onAbort if the callback succeeds
2536
+ if (beforeStateCallback.onAbort) {
2537
+ onAbortStack.push(beforeStateCallback.onAbort);
2538
+ }
2539
+ _c.label = 4;
2540
+ case 4:
2541
+ _i++;
2542
+ return [3 /*break*/, 2];
2543
+ case 5: return [3 /*break*/, 7];
2544
+ case 6:
2545
+ e_1 = _c.sent();
2546
+ // Run all onAbort, with separate try/catch to ignore any errors and
2547
+ // continue
2548
+ onAbortStack.reverse();
2549
+ for (_b = 0, onAbortStack_1 = onAbortStack; _b < onAbortStack_1.length; _b++) {
2550
+ onAbort = onAbortStack_1[_b];
2551
+ try {
2552
+ onAbort();
2553
+ }
2554
+ catch (_) { /* swallow error */ }
2555
+ }
2556
+ throw this.auth._errorFactory.create("login-blocked" /* LOGIN_BLOCKED */, { originalMessage: e_1.message });
2557
+ case 7: return [2 /*return*/];
2558
+ }
2559
+ });
2560
+ });
2561
+ };
2562
+ return AuthMiddlewareQueue;
2563
+ }());
2564
+
2466
2565
  /**
2467
2566
  * @license
2468
2567
  * Copyright 2020 Google LLC
@@ -2489,6 +2588,7 @@ var AuthImpl = /** @class */ (function () {
2489
2588
  this.operations = Promise.resolve();
2490
2589
  this.authStateSubscription = new Subscription(this);
2491
2590
  this.idTokenSubscription = new Subscription(this);
2591
+ this.beforeStateQueue = new AuthMiddlewareQueue(this);
2492
2592
  this.redirectUser = null;
2493
2593
  this.isProactiveRefreshEnabled = false;
2494
2594
  // Any network calls will set this to true and prevent subsequent emulator
@@ -2590,9 +2690,11 @@ var AuthImpl = /** @class */ (function () {
2590
2690
  return [2 /*return*/];
2591
2691
  case 3:
2592
2692
  // Update current Auth state. Either a new login or logout.
2593
- return [4 /*yield*/, this._updateCurrentUser(user)];
2693
+ // Skip blocking callbacks, they should not apply to a change in another tab.
2694
+ return [4 /*yield*/, this._updateCurrentUser(user, /* skipBeforeStateCallbacks */ true)];
2594
2695
  case 4:
2595
2696
  // Update current Auth state. Either a new login or logout.
2697
+ // Skip blocking callbacks, they should not apply to a change in another tab.
2596
2698
  _a.sent();
2597
2699
  return [2 /*return*/];
2598
2700
  }
@@ -2602,18 +2704,20 @@ var AuthImpl = /** @class */ (function () {
2602
2704
  AuthImpl.prototype.initializeCurrentUser = function (popupRedirectResolver) {
2603
2705
  var _a;
2604
2706
  return __awaiter(this, void 0, void 0, function () {
2605
- var storedUser, redirectUserEventId, storedUserEventId, result;
2707
+ var previouslyStoredUser, futureCurrentUser, needsTocheckMiddleware, redirectUserEventId, storedUserEventId, result, e_2;
2606
2708
  return __generator(this, function (_b) {
2607
2709
  switch (_b.label) {
2608
2710
  case 0: return [4 /*yield*/, this.assertedPersistence.getCurrentUser()];
2609
2711
  case 1:
2610
- storedUser = (_b.sent());
2712
+ previouslyStoredUser = (_b.sent());
2713
+ futureCurrentUser = previouslyStoredUser;
2714
+ needsTocheckMiddleware = false;
2611
2715
  if (!(popupRedirectResolver && this.config.authDomain)) return [3 /*break*/, 4];
2612
2716
  return [4 /*yield*/, this.getOrInitRedirectPersistenceManager()];
2613
2717
  case 2:
2614
2718
  _b.sent();
2615
2719
  redirectUserEventId = (_a = this.redirectUser) === null || _a === void 0 ? void 0 : _a._redirectEventId;
2616
- storedUserEventId = storedUser === null || storedUser === void 0 ? void 0 : storedUser._redirectEventId;
2720
+ storedUserEventId = futureCurrentUser === null || futureCurrentUser === void 0 ? void 0 : futureCurrentUser._redirectEventId;
2617
2721
  return [4 /*yield*/, this.tryRedirectSignIn(popupRedirectResolver)];
2618
2722
  case 3:
2619
2723
  result = _b.sent();
@@ -2623,32 +2727,51 @@ var AuthImpl = /** @class */ (function () {
2623
2727
  // TODO(samgho): More thoroughly test all of this
2624
2728
  if ((!redirectUserEventId || redirectUserEventId === storedUserEventId) &&
2625
2729
  (result === null || result === void 0 ? void 0 : result.user)) {
2626
- storedUser = result.user;
2730
+ futureCurrentUser = result.user;
2731
+ needsTocheckMiddleware = true;
2627
2732
  }
2628
2733
  _b.label = 4;
2629
2734
  case 4:
2630
2735
  // If no user in persistence, there is no current user. Set to null.
2631
- if (!storedUser) {
2736
+ if (!futureCurrentUser) {
2632
2737
  return [2 /*return*/, this.directlySetCurrentUser(null)];
2633
2738
  }
2634
- if (!storedUser._redirectEventId) {
2635
- // This isn't a redirect user, we can reload and bail
2636
- // This will also catch the redirected user, if available, as that method
2637
- // strips the _redirectEventId
2638
- return [2 /*return*/, this.reloadAndSetCurrentUserOrClear(storedUser)];
2739
+ if (!!futureCurrentUser._redirectEventId) return [3 /*break*/, 9];
2740
+ if (!needsTocheckMiddleware) return [3 /*break*/, 8];
2741
+ _b.label = 5;
2742
+ case 5:
2743
+ _b.trys.push([5, 7, , 8]);
2744
+ return [4 /*yield*/, this.beforeStateQueue.runMiddleware(futureCurrentUser)];
2745
+ case 6:
2746
+ _b.sent();
2747
+ return [3 /*break*/, 8];
2748
+ case 7:
2749
+ e_2 = _b.sent();
2750
+ futureCurrentUser = previouslyStoredUser;
2751
+ // We know this is available since the bit is only set when the
2752
+ // resolver is available
2753
+ this._popupRedirectResolver._overrideRedirectResult(this, function () { return Promise.reject(e_2); });
2754
+ return [3 /*break*/, 8];
2755
+ case 8:
2756
+ if (futureCurrentUser) {
2757
+ return [2 /*return*/, this.reloadAndSetCurrentUserOrClear(futureCurrentUser)];
2639
2758
  }
2759
+ else {
2760
+ return [2 /*return*/, this.directlySetCurrentUser(null)];
2761
+ }
2762
+ case 9:
2640
2763
  _assert(this._popupRedirectResolver, this, "argument-error" /* ARGUMENT_ERROR */);
2641
2764
  return [4 /*yield*/, this.getOrInitRedirectPersistenceManager()];
2642
- case 5:
2765
+ case 10:
2643
2766
  _b.sent();
2644
2767
  // If the redirect user's event ID matches the current user's event ID,
2645
2768
  // DO NOT reload the current user, otherwise they'll be cleared from storage.
2646
2769
  // This is important for the reauthenticateWithRedirect() flow.
2647
2770
  if (this.redirectUser &&
2648
- this.redirectUser._redirectEventId === storedUser._redirectEventId) {
2649
- return [2 /*return*/, this.directlySetCurrentUser(storedUser)];
2771
+ this.redirectUser._redirectEventId === futureCurrentUser._redirectEventId) {
2772
+ return [2 /*return*/, this.directlySetCurrentUser(futureCurrentUser)];
2650
2773
  }
2651
- return [2 /*return*/, this.reloadAndSetCurrentUserOrClear(storedUser)];
2774
+ return [2 /*return*/, this.reloadAndSetCurrentUserOrClear(futureCurrentUser)];
2652
2775
  }
2653
2776
  });
2654
2777
  });
@@ -2686,7 +2809,7 @@ var AuthImpl = /** @class */ (function () {
2686
2809
  };
2687
2810
  AuthImpl.prototype.reloadAndSetCurrentUserOrClear = function (user) {
2688
2811
  return __awaiter(this, void 0, void 0, function () {
2689
- var e_3;
2812
+ var e_4;
2690
2813
  return __generator(this, function (_a) {
2691
2814
  switch (_a.label) {
2692
2815
  case 0:
@@ -2696,8 +2819,8 @@ var AuthImpl = /** @class */ (function () {
2696
2819
  _a.sent();
2697
2820
  return [3 /*break*/, 3];
2698
2821
  case 2:
2699
- e_3 = _a.sent();
2700
- if (e_3.code !== "auth/" + "network-request-failed" /* NETWORK_REQUEST_FAILED */) {
2822
+ e_4 = _a.sent();
2823
+ if (e_4.code !== "auth/" + "network-request-failed" /* NETWORK_REQUEST_FAILED */) {
2701
2824
  // Something's wrong with the user's token. Log them out and remove
2702
2825
  // them from storage
2703
2826
  return [2 /*return*/, this.directlySetCurrentUser(null)];
@@ -2733,27 +2856,36 @@ var AuthImpl = /** @class */ (function () {
2733
2856
  });
2734
2857
  });
2735
2858
  };
2736
- AuthImpl.prototype._updateCurrentUser = function (user) {
2859
+ AuthImpl.prototype._updateCurrentUser = function (user, skipBeforeStateCallbacks) {
2860
+ if (skipBeforeStateCallbacks === void 0) { skipBeforeStateCallbacks = false; }
2737
2861
  return __awaiter(this, void 0, void 0, function () {
2738
2862
  var _this = this;
2739
2863
  return __generator(this, function (_a) {
2740
- if (this._deleted) {
2741
- return [2 /*return*/];
2742
- }
2743
- if (user) {
2744
- _assert(this.tenantId === user.tenantId, this, "tenant-id-mismatch" /* TENANT_ID_MISMATCH */);
2864
+ switch (_a.label) {
2865
+ case 0:
2866
+ if (this._deleted) {
2867
+ return [2 /*return*/];
2868
+ }
2869
+ if (user) {
2870
+ _assert(this.tenantId === user.tenantId, this, "tenant-id-mismatch" /* TENANT_ID_MISMATCH */);
2871
+ }
2872
+ if (!!skipBeforeStateCallbacks) return [3 /*break*/, 2];
2873
+ return [4 /*yield*/, this.beforeStateQueue.runMiddleware(user)];
2874
+ case 1:
2875
+ _a.sent();
2876
+ _a.label = 2;
2877
+ case 2: return [2 /*return*/, this.queue(function () { return __awaiter(_this, void 0, void 0, function () {
2878
+ return __generator(this, function (_a) {
2879
+ switch (_a.label) {
2880
+ case 0: return [4 /*yield*/, this.directlySetCurrentUser(user)];
2881
+ case 1:
2882
+ _a.sent();
2883
+ this.notifyAuthListeners();
2884
+ return [2 /*return*/];
2885
+ }
2886
+ });
2887
+ }); })];
2745
2888
  }
2746
- return [2 /*return*/, this.queue(function () { return __awaiter(_this, void 0, void 0, function () {
2747
- return __generator(this, function (_a) {
2748
- switch (_a.label) {
2749
- case 0: return [4 /*yield*/, this.directlySetCurrentUser(user)];
2750
- case 1:
2751
- _a.sent();
2752
- this.notifyAuthListeners();
2753
- return [2 /*return*/];
2754
- }
2755
- });
2756
- }); })];
2757
2889
  });
2758
2890
  });
2759
2891
  };
@@ -2761,13 +2893,21 @@ var AuthImpl = /** @class */ (function () {
2761
2893
  return __awaiter(this, void 0, void 0, function () {
2762
2894
  return __generator(this, function (_a) {
2763
2895
  switch (_a.label) {
2764
- case 0:
2765
- if (!(this.redirectPersistenceManager || this._popupRedirectResolver)) return [3 /*break*/, 2];
2766
- return [4 /*yield*/, this._setRedirectUser(null)];
2896
+ case 0:
2897
+ // Run first, to block _setRedirectUser() if any callbacks fail.
2898
+ return [4 /*yield*/, this.beforeStateQueue.runMiddleware(null)];
2767
2899
  case 1:
2900
+ // Run first, to block _setRedirectUser() if any callbacks fail.
2768
2901
  _a.sent();
2769
- _a.label = 2;
2770
- case 2: return [2 /*return*/, this._updateCurrentUser(null)];
2902
+ if (!(this.redirectPersistenceManager || this._popupRedirectResolver)) return [3 /*break*/, 3];
2903
+ return [4 /*yield*/, this._setRedirectUser(null)];
2904
+ case 2:
2905
+ _a.sent();
2906
+ _a.label = 3;
2907
+ case 3:
2908
+ // Prevent callbacks from being called again in _updateCurrentUser, as
2909
+ // they were already called in the first line.
2910
+ return [2 /*return*/, this._updateCurrentUser(null, /* skipBeforeStateCallbacks */ true)];
2771
2911
  }
2772
2912
  });
2773
2913
  });
@@ -2794,6 +2934,9 @@ var AuthImpl = /** @class */ (function () {
2794
2934
  AuthImpl.prototype.onAuthStateChanged = function (nextOrObserver, error, completed) {
2795
2935
  return this.registerStateListener(this.authStateSubscription, nextOrObserver, error, completed);
2796
2936
  };
2937
+ AuthImpl.prototype.beforeAuthStateChanged = function (callback, onAbort) {
2938
+ return this.beforeStateQueue.pushCallback(callback, onAbort);
2939
+ };
2797
2940
  AuthImpl.prototype.onIdTokenChanged = function (nextOrObserver, error, completed) {
2798
2941
  return this.registerStateListener(this.idTokenSubscription, nextOrObserver, error, completed);
2799
2942
  };
@@ -6529,6 +6672,19 @@ function setPersistence(auth, persistence) {
6529
6672
  function onIdTokenChanged(auth, nextOrObserver, error, completed) {
6530
6673
  return getModularInstance(auth).onIdTokenChanged(nextOrObserver, error, completed);
6531
6674
  }
6675
+ /**
6676
+ * Adds a blocking callback that runs before an auth state change
6677
+ * sets a new user.
6678
+ *
6679
+ * @param auth - The {@link Auth} instance.
6680
+ * @param callback - callback triggered before new user value is set.
6681
+ * If this throws, it blocks the user from being set.
6682
+ * @param onAbort - callback triggered if a later `beforeAuthStateChanged()`
6683
+ * callback throws, allowing you to undo any side effects.
6684
+ */
6685
+ function beforeAuthStateChanged(auth, callback, onAbort) {
6686
+ return getModularInstance(auth).beforeAuthStateChanged(callback, onAbort);
6687
+ }
6532
6688
  /**
6533
6689
  * Adds an observer for changes to the user's sign-in state.
6534
6690
  *
@@ -9779,6 +9935,9 @@ function _setPendingRedirectStatus(resolver, auth) {
9779
9935
  function _clearRedirectOutcomes() {
9780
9936
  redirectOutcomeMap.clear();
9781
9937
  }
9938
+ function _overrideRedirectResult(auth, result) {
9939
+ redirectOutcomeMap.set(auth._key(), result);
9940
+ }
9782
9941
  function resolverPersistence(resolver) {
9783
9942
  return _getInstance(resolver._redirectPersistence);
9784
9943
  }
@@ -10700,6 +10859,7 @@ var BrowserPopupRedirectResolver = /** @class */ (function () {
10700
10859
  this.originValidationPromises = {};
10701
10860
  this._redirectPersistence = browserSessionPersistence;
10702
10861
  this._completeRedirectFn = _getRedirectResult;
10862
+ this._overrideRedirectResult = _overrideRedirectResult;
10703
10863
  }
10704
10864
  // Wrapping in async even though we don't await anywhere in order
10705
10865
  // to make sure errors are raised as promise rejections
@@ -10883,7 +11043,7 @@ var PhoneMultiFactorGenerator = /** @class */ (function () {
10883
11043
  }());
10884
11044
 
10885
11045
  var name = "@firebase/auth";
10886
- var version = "0.19.12";
11046
+ var version = "0.20.0";
10887
11047
 
10888
11048
  /**
10889
11049
  * @license
@@ -11088,5 +11248,5 @@ function getAuth(app) {
11088
11248
  }
11089
11249
  registerAuth("Browser" /* BROWSER */);
11090
11250
 
11091
- export { sendPasswordResetEmail as $, ActionCodeOperation as A, prodErrorMap as B, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as C, initializeAuth as D, connectAuthEmulator as E, FactorId as F, AuthCredential as G, EmailAuthCredential as H, OAuthCredential as I, PhoneAuthCredential as J, inMemoryPersistence as K, EmailAuthProvider as L, FacebookAuthProvider as M, GoogleAuthProvider as N, OperationType as O, PhoneAuthProvider as P, GithubAuthProvider as Q, RecaptchaVerifier as R, SignInMethod as S, OAuthProvider as T, SAMLAuthProvider as U, TwitterAuthProvider as V, signInAnonymously as W, signInWithCredential as X, linkWithCredential as Y, reauthenticateWithCredential as Z, signInWithCustomToken as _, browserSessionPersistence as a, confirmPasswordReset as a0, applyActionCode as a1, checkActionCode as a2, verifyPasswordResetCode as a3, createUserWithEmailAndPassword as a4, signInWithEmailAndPassword as a5, sendSignInLinkToEmail as a6, isSignInWithEmailLink as a7, signInWithEmailLink as a8, fetchSignInMethodsForEmail as a9, _clearRedirectOutcomes as aA, _getRedirectResult as aB, _castAuth as aC, UserImpl as aD, AuthImpl as aE, _getClientVersion as aF, _generateEventId as aG, AuthPopup as aH, FetchProvider as aI, SAMLAuthCredential as aJ, sendEmailVerification as aa, verifyBeforeUpdateEmail as ab, ActionCodeURL as ac, parseActionCodeURL as ad, updateProfile as ae, updateEmail as af, updatePassword as ag, getIdToken as ah, getIdTokenResult as ai, unlink as aj, getAdditionalUserInfo as ak, reload as al, getMultiFactorResolver as am, multiFactor as an, _isAndroid as ao, _isIOS7Or8 as ap, _isIOS as aq, _fail as ar, _getRedirectUrl as as, debugAssert as at, _getProjectConfig as au, _createError as av, _assert as aw, AuthEventManager as ax, _getInstance as ay, _persistenceKeyName as az, browserLocalPersistence as b, signInWithPopup as c, linkWithPopup as d, reauthenticateWithPopup as e, signInWithRedirect as f, linkWithRedirect as g, reauthenticateWithRedirect as h, indexedDBLocalPersistence as i, getRedirectResult as j, browserPopupRedirectResolver as k, linkWithPhoneNumber as l, PhoneMultiFactorGenerator as m, getAuth as n, ProviderId as o, setPersistence as p, onIdTokenChanged as q, reauthenticateWithPhoneNumber as r, signInWithPhoneNumber as s, onAuthStateChanged as t, updatePhoneNumber as u, useDeviceLanguage as v, updateCurrentUser as w, signOut as x, deleteUser as y, debugErrorMap as z };
11092
- //# sourceMappingURL=index-7a476dcd.js.map
11251
+ export { signInWithCustomToken as $, ActionCodeOperation as A, debugErrorMap as B, prodErrorMap as C, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as D, initializeAuth as E, FactorId as F, connectAuthEmulator as G, AuthCredential as H, EmailAuthCredential as I, OAuthCredential as J, PhoneAuthCredential as K, inMemoryPersistence as L, EmailAuthProvider as M, FacebookAuthProvider as N, OperationType as O, PhoneAuthProvider as P, GoogleAuthProvider as Q, RecaptchaVerifier as R, SignInMethod as S, GithubAuthProvider as T, OAuthProvider as U, SAMLAuthProvider as V, TwitterAuthProvider as W, signInAnonymously as X, signInWithCredential as Y, linkWithCredential as Z, reauthenticateWithCredential as _, browserSessionPersistence as a, sendPasswordResetEmail as a0, confirmPasswordReset as a1, applyActionCode as a2, checkActionCode as a3, verifyPasswordResetCode as a4, createUserWithEmailAndPassword as a5, signInWithEmailAndPassword as a6, sendSignInLinkToEmail as a7, isSignInWithEmailLink as a8, signInWithEmailLink as a9, _persistenceKeyName as aA, _clearRedirectOutcomes as aB, _getRedirectResult as aC, _overrideRedirectResult as aD, _castAuth as aE, UserImpl as aF, AuthImpl as aG, _getClientVersion as aH, _generateEventId as aI, AuthPopup as aJ, FetchProvider as aK, SAMLAuthCredential as aL, fetchSignInMethodsForEmail as aa, sendEmailVerification as ab, verifyBeforeUpdateEmail as ac, ActionCodeURL as ad, parseActionCodeURL as ae, updateProfile as af, updateEmail as ag, updatePassword as ah, getIdToken as ai, getIdTokenResult as aj, unlink as ak, getAdditionalUserInfo as al, reload as am, getMultiFactorResolver as an, multiFactor as ao, _isAndroid as ap, _isIOS7Or8 as aq, _isIOS as ar, _fail as as, _getRedirectUrl as at, debugAssert as au, _getProjectConfig as av, _createError as aw, _assert as ax, AuthEventManager as ay, _getInstance as az, browserLocalPersistence as b, signInWithPopup as c, linkWithPopup as d, reauthenticateWithPopup as e, signInWithRedirect as f, linkWithRedirect as g, reauthenticateWithRedirect as h, indexedDBLocalPersistence as i, getRedirectResult as j, browserPopupRedirectResolver as k, linkWithPhoneNumber as l, PhoneMultiFactorGenerator as m, getAuth as n, ProviderId as o, setPersistence as p, onIdTokenChanged as q, reauthenticateWithPhoneNumber as r, signInWithPhoneNumber as s, beforeAuthStateChanged as t, updatePhoneNumber as u, onAuthStateChanged as v, useDeviceLanguage as w, updateCurrentUser as x, signOut as y, deleteUser as z };
11252
+ //# sourceMappingURL=index-dc27d95e.js.map