@firebase/auth 0.21.5 → 0.21.6-canary.45a55330e

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (144) hide show
  1. package/CHANGELOG.md +8 -0
  2. package/README.md +25 -0
  3. package/dist/auth-public.d.ts +135 -4
  4. package/dist/auth.d.ts +138 -4
  5. package/dist/browser-cjs/{index-ff477525.js → index-3e63d976.js} +180 -5
  6. package/dist/browser-cjs/index-3e63d976.js.map +1 -0
  7. package/dist/browser-cjs/index.d.ts +2 -1
  8. package/dist/browser-cjs/index.js +3 -1
  9. package/dist/browser-cjs/index.js.map +1 -1
  10. package/dist/browser-cjs/internal.js +3 -1
  11. package/dist/browser-cjs/internal.js.map +1 -1
  12. package/dist/browser-cjs/src/api/account_management/mfa.d.ts +38 -4
  13. package/dist/browser-cjs/src/api/authentication/mfa.d.ts +11 -0
  14. package/dist/browser-cjs/src/core/errors.d.ts +1 -0
  15. package/dist/browser-cjs/src/core/index.d.ts +1 -0
  16. package/dist/browser-cjs/src/mfa/assertions/totp.d.ts +124 -0
  17. package/dist/browser-cjs/src/mfa/assertions/totp.test.d.ts +17 -0
  18. package/dist/browser-cjs/src/mfa/mfa_info.d.ts +5 -1
  19. package/dist/browser-cjs/src/model/enum_maps.d.ts +1 -0
  20. package/dist/browser-cjs/src/model/public_types.d.ts +18 -1
  21. package/dist/browser-cjs/test/helpers/integration/helpers.d.ts +3 -0
  22. package/dist/browser-cjs/test/integration/flows/totp.test.d.ts +17 -0
  23. package/dist/cordova/index.d.ts +2 -1
  24. package/dist/cordova/index.js +2 -2
  25. package/dist/cordova/internal.js +179 -3
  26. package/dist/cordova/internal.js.map +1 -1
  27. package/dist/cordova/{popup_redirect-a4d3c436.js → popup_redirect-4dd66477.js} +31 -6
  28. package/dist/cordova/popup_redirect-4dd66477.js.map +1 -0
  29. package/dist/cordova/src/api/account_management/mfa.d.ts +38 -4
  30. package/dist/cordova/src/api/authentication/mfa.d.ts +11 -0
  31. package/dist/cordova/src/core/errors.d.ts +1 -0
  32. package/dist/cordova/src/core/index.d.ts +1 -0
  33. package/dist/cordova/src/mfa/assertions/totp.d.ts +124 -0
  34. package/dist/cordova/src/mfa/assertions/totp.test.d.ts +17 -0
  35. package/dist/cordova/src/mfa/mfa_info.d.ts +5 -1
  36. package/dist/cordova/src/model/enum_maps.d.ts +1 -0
  37. package/dist/cordova/src/model/public_types.d.ts +18 -1
  38. package/dist/cordova/test/helpers/integration/helpers.d.ts +3 -0
  39. package/dist/cordova/test/integration/flows/totp.test.d.ts +17 -0
  40. package/dist/esm2017/{index-3363a72a.js → index-c8153924.js} +179 -6
  41. package/dist/esm2017/index-c8153924.js.map +1 -0
  42. package/dist/esm2017/index.d.ts +2 -1
  43. package/dist/esm2017/index.js +1 -1
  44. package/dist/esm2017/internal.js +2 -2
  45. package/dist/esm2017/src/api/account_management/mfa.d.ts +38 -4
  46. package/dist/esm2017/src/api/authentication/mfa.d.ts +11 -0
  47. package/dist/esm2017/src/core/errors.d.ts +1 -0
  48. package/dist/esm2017/src/core/index.d.ts +1 -0
  49. package/dist/esm2017/src/mfa/assertions/totp.d.ts +124 -0
  50. package/dist/esm2017/src/mfa/assertions/totp.test.d.ts +17 -0
  51. package/dist/esm2017/src/mfa/mfa_info.d.ts +5 -1
  52. package/dist/esm2017/src/model/enum_maps.d.ts +1 -0
  53. package/dist/esm2017/src/model/public_types.d.ts +18 -1
  54. package/dist/esm2017/test/helpers/integration/helpers.d.ts +3 -0
  55. package/dist/esm2017/test/integration/flows/totp.test.d.ts +17 -0
  56. package/dist/esm5/{index-3f05dc7b.js → index-f3279380.js} +207 -6
  57. package/dist/esm5/index-f3279380.js.map +1 -0
  58. package/dist/esm5/index.d.ts +2 -1
  59. package/dist/esm5/index.js +1 -1
  60. package/dist/esm5/internal.js +2 -2
  61. package/dist/esm5/src/api/account_management/mfa.d.ts +38 -4
  62. package/dist/esm5/src/api/authentication/mfa.d.ts +11 -0
  63. package/dist/esm5/src/core/errors.d.ts +1 -0
  64. package/dist/esm5/src/core/index.d.ts +1 -0
  65. package/dist/esm5/src/mfa/assertions/totp.d.ts +124 -0
  66. package/dist/esm5/src/mfa/assertions/totp.test.d.ts +17 -0
  67. package/dist/esm5/src/mfa/mfa_info.d.ts +5 -1
  68. package/dist/esm5/src/model/enum_maps.d.ts +1 -0
  69. package/dist/esm5/src/model/public_types.d.ts +18 -1
  70. package/dist/esm5/test/helpers/integration/helpers.d.ts +3 -0
  71. package/dist/esm5/test/integration/flows/totp.test.d.ts +17 -0
  72. package/dist/index.d.ts +2 -1
  73. package/dist/index.webworker.esm5.js +23 -4
  74. package/dist/index.webworker.esm5.js.map +1 -1
  75. package/dist/node/index.d.ts +2 -1
  76. package/dist/node/index.js +83 -81
  77. package/dist/node/index.js.map +1 -1
  78. package/dist/node/internal.js +144 -142
  79. package/dist/node/internal.js.map +1 -1
  80. package/dist/node/src/api/account_management/mfa.d.ts +38 -4
  81. package/dist/node/src/api/authentication/mfa.d.ts +11 -0
  82. package/dist/node/src/core/errors.d.ts +1 -0
  83. package/dist/node/src/core/index.d.ts +1 -0
  84. package/dist/node/src/mfa/assertions/totp.d.ts +124 -0
  85. package/dist/node/src/mfa/assertions/totp.test.d.ts +17 -0
  86. package/dist/node/src/mfa/mfa_info.d.ts +5 -1
  87. package/dist/node/src/model/enum_maps.d.ts +1 -0
  88. package/dist/node/src/model/public_types.d.ts +18 -1
  89. package/dist/node/test/helpers/integration/helpers.d.ts +3 -0
  90. package/dist/node/test/integration/flows/totp.test.d.ts +17 -0
  91. package/dist/node/{index-45468d80.js → totp-9c98f1ff.js} +243 -6
  92. package/dist/node/totp-9c98f1ff.js.map +1 -0
  93. package/dist/node-esm/index.d.ts +2 -1
  94. package/dist/node-esm/index.js +2 -2
  95. package/dist/node-esm/internal.js +3 -3
  96. package/dist/node-esm/src/api/account_management/mfa.d.ts +38 -4
  97. package/dist/node-esm/src/api/authentication/mfa.d.ts +11 -0
  98. package/dist/node-esm/src/core/errors.d.ts +1 -0
  99. package/dist/node-esm/src/core/index.d.ts +1 -0
  100. package/dist/node-esm/src/mfa/assertions/totp.d.ts +124 -0
  101. package/dist/node-esm/src/mfa/assertions/totp.test.d.ts +17 -0
  102. package/dist/node-esm/src/mfa/mfa_info.d.ts +5 -1
  103. package/dist/node-esm/src/model/enum_maps.d.ts +1 -0
  104. package/dist/node-esm/src/model/public_types.d.ts +18 -1
  105. package/dist/node-esm/test/helpers/integration/helpers.d.ts +3 -0
  106. package/dist/node-esm/test/integration/flows/totp.test.d.ts +17 -0
  107. package/dist/node-esm/{index-1f9492de.js → totp-a3bfc07a.js} +213 -7
  108. package/dist/node-esm/totp-a3bfc07a.js.map +1 -0
  109. package/dist/rn/index.d.ts +2 -1
  110. package/dist/rn/index.js +1 -1
  111. package/dist/rn/internal.js +176 -1
  112. package/dist/rn/internal.js.map +1 -1
  113. package/dist/rn/{phone-e7bf48a1.js → phone-588b1f48.js} +37 -5
  114. package/dist/rn/phone-588b1f48.js.map +1 -0
  115. package/dist/rn/src/api/account_management/mfa.d.ts +38 -4
  116. package/dist/rn/src/api/authentication/mfa.d.ts +11 -0
  117. package/dist/rn/src/core/errors.d.ts +1 -0
  118. package/dist/rn/src/core/index.d.ts +1 -0
  119. package/dist/rn/src/mfa/assertions/totp.d.ts +124 -0
  120. package/dist/rn/src/mfa/assertions/totp.test.d.ts +17 -0
  121. package/dist/rn/src/mfa/mfa_info.d.ts +5 -1
  122. package/dist/rn/src/model/enum_maps.d.ts +1 -0
  123. package/dist/rn/src/model/public_types.d.ts +18 -1
  124. package/dist/rn/test/helpers/integration/helpers.d.ts +3 -0
  125. package/dist/rn/test/integration/flows/totp.test.d.ts +17 -0
  126. package/dist/src/api/account_management/mfa.d.ts +38 -4
  127. package/dist/src/api/authentication/mfa.d.ts +11 -0
  128. package/dist/src/core/errors.d.ts +1 -0
  129. package/dist/src/core/index.d.ts +1 -0
  130. package/dist/src/mfa/assertions/totp.d.ts +124 -0
  131. package/dist/src/mfa/assertions/totp.test.d.ts +17 -0
  132. package/dist/src/mfa/mfa_info.d.ts +5 -1
  133. package/dist/src/model/enum_maps.d.ts +1 -0
  134. package/dist/src/model/public_types.d.ts +18 -1
  135. package/dist/test/helpers/integration/helpers.d.ts +3 -0
  136. package/dist/test/integration/flows/totp.test.d.ts +17 -0
  137. package/package.json +10 -8
  138. package/dist/browser-cjs/index-ff477525.js.map +0 -1
  139. package/dist/cordova/popup_redirect-a4d3c436.js.map +0 -1
  140. package/dist/esm2017/index-3363a72a.js.map +0 -1
  141. package/dist/esm5/index-3f05dc7b.js.map +0 -1
  142. package/dist/node/index-45468d80.js.map +0 -1
  143. package/dist/node-esm/index-1f9492de.js.map +0 -1
  144. package/dist/rn/phone-e7bf48a1.js.map +0 -1
@@ -1,9 +1,9 @@
1
1
  import { ErrorFactory, deepEqual, isBrowserExtension, isMobileCordova, isReactNative, FirebaseError, querystring, getModularInstance, base64Decode, getUA, isIE, createSubscribe, querystringDecode, extractQuerystring, getDefaultEmulatorHost } from '@firebase/util';
2
2
  import { SDK_VERSION, _getProvider, _registerComponent, registerVersion, getApp } from '@firebase/app';
3
3
  import { __rest } from 'tslib';
4
- import { Logger, LogLevel } from '@firebase/logger';
5
4
  import { Component } from '@firebase/component';
6
5
  import * as fetchImpl from 'node-fetch';
6
+ import { Logger, LogLevel } from '@firebase/logger';
7
7
 
8
8
  /**
9
9
  * @license
@@ -28,7 +28,8 @@ import * as fetchImpl from 'node-fetch';
28
28
  */
29
29
  const FactorId = {
30
30
  /** Phone as second factor */
31
- PHONE: 'phone'
31
+ PHONE: 'phone',
32
+ TOTP: 'totp'
32
33
  };
33
34
  /**
34
35
  * Enumeration of supported providers.
@@ -212,6 +213,7 @@ function _debugErrorMap() {
212
213
  ["missing-or-invalid-nonce" /* AuthErrorCode.MISSING_OR_INVALID_NONCE */]: 'The request does not contain a valid nonce. This can occur if the ' +
213
214
  'SHA-256 hash of the provided raw nonce does not match the hashed nonce ' +
214
215
  'in the ID token payload.',
216
+ ["missing-password" /* AuthErrorCode.MISSING_PASSWORD */]: 'A non-empty password must be provided',
215
217
  ["missing-multi-factor-info" /* AuthErrorCode.MISSING_MFA_INFO */]: 'No second factor identifier is provided.',
216
218
  ["missing-multi-factor-session" /* AuthErrorCode.MISSING_MFA_SESSION */]: 'The request is missing proof of first factor successful sign-in.',
217
219
  ["missing-phone-number" /* AuthErrorCode.MISSING_PHONE_NUMBER */]: 'To send verification codes, provide a phone number for the recipient.',
@@ -828,7 +830,7 @@ const SERVER_ERROR_MAP = {
828
830
  // Sign in with email and password errors (some apply to sign up too).
829
831
  ["INVALID_PASSWORD" /* ServerError.INVALID_PASSWORD */]: "wrong-password" /* AuthErrorCode.INVALID_PASSWORD */,
830
832
  // This can only happen if the SDK sends a bad request.
831
- ["MISSING_PASSWORD" /* ServerError.MISSING_PASSWORD */]: "internal-error" /* AuthErrorCode.INTERNAL_ERROR */,
833
+ ["MISSING_PASSWORD" /* ServerError.MISSING_PASSWORD */]: "missing-password" /* AuthErrorCode.MISSING_PASSWORD */,
832
834
  // Sign up with email and password errors.
833
835
  ["EMAIL_EXISTS" /* ServerError.EMAIL_EXISTS */]: "email-already-in-use" /* AuthErrorCode.EMAIL_EXISTS */,
834
836
  ["PASSWORD_LOGIN_DISABLED" /* ServerError.PASSWORD_LOGIN_DISABLED */]: "operation-not-allowed" /* AuthErrorCode.OPERATION_NOT_ALLOWED */,
@@ -972,7 +974,10 @@ async function _performFetchWithErrorHandling(auth, customErrorMap, fetchFn) {
972
974
  if (e instanceof FirebaseError) {
973
975
  throw e;
974
976
  }
975
- _fail(auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */, { 'message': String(e) });
977
+ // Changing this to a different error code will log user out when there is a network error
978
+ // because we treat any error other than NETWORK_REQUEST_FAILED as token is invalid.
979
+ // https://github.com/firebase/firebase-js-sdk/blob/4fbc73610d70be4e0852e7de63a39cb7897e8546/packages/auth/src/core/auth/auth_impl.ts#L309-L316
980
+ _fail(auth, "network-request-failed" /* AuthErrorCode.NETWORK_REQUEST_FAILED */, { 'message': String(e) });
976
981
  }
977
982
  }
978
983
  async function _performSignInRequest(auth, method, path, request, customErrorMap = {}) {
@@ -4843,6 +4848,9 @@ class MultiFactorInfoImpl {
4843
4848
  if ('phoneInfo' in enrollment) {
4844
4849
  return PhoneMultiFactorInfoImpl._fromServerResponse(auth, enrollment);
4845
4850
  }
4851
+ else if ('totpInfo' in enrollment) {
4852
+ return TotpMultiFactorInfoImpl._fromServerResponse(auth, enrollment);
4853
+ }
4846
4854
  return _fail(auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
4847
4855
  }
4848
4856
  }
@@ -4854,6 +4862,14 @@ class PhoneMultiFactorInfoImpl extends MultiFactorInfoImpl {
4854
4862
  static _fromServerResponse(_auth, enrollment) {
4855
4863
  return new PhoneMultiFactorInfoImpl(enrollment);
4856
4864
  }
4865
+ }
4866
+ class TotpMultiFactorInfoImpl extends MultiFactorInfoImpl {
4867
+ constructor(response) {
4868
+ super("totp" /* FactorId.TOTP */, response);
4869
+ }
4870
+ static _fromServerResponse(_auth, enrollment) {
4871
+ return new TotpMultiFactorInfoImpl(enrollment);
4872
+ }
4857
4873
  }
4858
4874
 
4859
4875
  /**
@@ -5657,6 +5673,7 @@ function setPersistence(auth, persistence) {
5657
5673
  *
5658
5674
  * @remarks
5659
5675
  * This includes sign-in, sign-out, and token refresh events.
5676
+ * This will not be triggered automatically upon ID token expiration. Use {@link User.getIdToken} to refresh the ID token.
5660
5677
  *
5661
5678
  * @param auth - The {@link Auth} instance.
5662
5679
  * @param nextOrObserver - callback triggered on change.
@@ -5884,6 +5901,12 @@ function getMultiFactorResolver(auth, error) {
5884
5901
  * See the License for the specific language governing permissions and
5885
5902
  * limitations under the License.
5886
5903
  */
5904
+ function startEnrollTotpMfa(auth, request) {
5905
+ return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v2/accounts/mfaEnrollment:start" /* Endpoint.START_MFA_ENROLLMENT */, _addTidIfNecessary(auth, request));
5906
+ }
5907
+ function finalizeEnrollTotpMfa(auth, request) {
5908
+ return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v2/accounts/mfaEnrollment:finalize" /* Endpoint.FINALIZE_MFA_ENROLLMENT */, _addTidIfNecessary(auth, request));
5909
+ }
5887
5910
  function withdrawMfa(auth, request) {
5888
5911
  return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v2/accounts/mfaEnrollment:withdraw" /* Endpoint.WITHDRAW_MFA */, _addTidIfNecessary(auth, request));
5889
5912
  }
@@ -5958,7 +5981,7 @@ function multiFactor(user) {
5958
5981
  }
5959
5982
 
5960
5983
  var name = "@firebase/auth";
5961
- var version = "0.21.5";
5984
+ var version = "0.21.6-canary.45a55330e";
5962
5985
 
5963
5986
  /**
5964
5987
  * @license
@@ -6188,5 +6211,188 @@ class PhoneMultiFactorGenerator {
6188
6211
  // auth.setPersistence(persistence) are covered.
6189
6212
  AuthImpl.prototype.setPersistence = async () => { };
6190
6213
 
6191
- export { signInWithCustomToken as $, ActionCodeOperation as A, debugErrorMap as B, prodErrorMap as C, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as D, initializeAuth as E, FactorId as F, connectAuthEmulator as G, AuthCredential as H, EmailAuthCredential as I, OAuthCredential as J, PhoneAuthCredential as K, inMemoryPersistence as L, EmailAuthProvider as M, FacebookAuthProvider as N, OperationType as O, PhoneAuthProvider as P, GoogleAuthProvider as Q, RecaptchaVerifier as R, SignInMethod as S, GithubAuthProvider as T, OAuthProvider as U, SAMLAuthProvider as V, TwitterAuthProvider as W, signInAnonymously as X, signInWithCredential as Y, linkWithCredential as Z, reauthenticateWithCredential as _, browserSessionPersistence as a, sendPasswordResetEmail as a0, confirmPasswordReset as a1, applyActionCode as a2, checkActionCode as a3, verifyPasswordResetCode as a4, createUserWithEmailAndPassword as a5, signInWithEmailAndPassword as a6, sendSignInLinkToEmail as a7, isSignInWithEmailLink as a8, signInWithEmailLink as a9, BaseOAuthProvider as aA, _emulatorUrl as aB, _performApiRequest as aC, _isIOS as aD, _isAndroid as aE, _isIOS7Or8 as aF, _createError as aG, _isIframe as aH, _isMobileBrowser as aI, _isIE10 as aJ, _isSafari as aK, UserImpl as aL, AuthImpl as aM, _getClientVersion as aN, FetchProvider as aO, SAMLAuthCredential as aP, fetchSignInMethodsForEmail as aa, sendEmailVerification as ab, verifyBeforeUpdateEmail as ac, ActionCodeURL as ad, parseActionCodeURL as ae, updateProfile as af, updateEmail as ag, updatePassword as ah, getIdToken as ai, getIdTokenResult as aj, unlink as ak, getAdditionalUserInfo as al, reload as am, getMultiFactorResolver as an, multiFactor as ao, _getInstance as ap, _assert as aq, _signInWithCredential as ar, _reauthenticate as as, _link as at, signInWithIdp as au, _fail as av, debugAssert as aw, _persistenceKeyName as ax, _castAuth as ay, FederatedAuthProvider as az, browserLocalPersistence as b, signInWithPopup as c, linkWithPopup as d, reauthenticateWithPopup as e, signInWithRedirect as f, linkWithRedirect as g, reauthenticateWithRedirect as h, indexedDBLocalPersistence as i, getRedirectResult as j, browserPopupRedirectResolver as k, linkWithPhoneNumber as l, PhoneMultiFactorGenerator as m, getAuth as n, ProviderId as o, setPersistence as p, onIdTokenChanged as q, reauthenticateWithPhoneNumber as r, signInWithPhoneNumber as s, beforeAuthStateChanged as t, updatePhoneNumber as u, onAuthStateChanged as v, useDeviceLanguage as w, updateCurrentUser as x, signOut as y, deleteUser as z };
6192
- //# sourceMappingURL=index-1f9492de.js.map
6214
+ /**
6215
+ * @license
6216
+ * Copyright 2020 Google LLC
6217
+ *
6218
+ * Licensed under the Apache License, Version 2.0 (the "License");
6219
+ * you may not use this file except in compliance with the License.
6220
+ * You may obtain a copy of the License at
6221
+ *
6222
+ * http://www.apache.org/licenses/LICENSE-2.0
6223
+ *
6224
+ * Unless required by applicable law or agreed to in writing, software
6225
+ * distributed under the License is distributed on an "AS IS" BASIS,
6226
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
6227
+ * See the License for the specific language governing permissions and
6228
+ * limitations under the License.
6229
+ */
6230
+ function finalizeSignInTotpMfa(auth, request) {
6231
+ return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v2/accounts/mfaSignIn:finalize" /* Endpoint.FINALIZE_MFA_SIGN_IN */, _addTidIfNecessary(auth, request));
6232
+ }
6233
+
6234
+ class MultiFactorAssertionImpl {
6235
+ constructor(factorId) {
6236
+ this.factorId = factorId;
6237
+ }
6238
+ _process(auth, session, displayName) {
6239
+ switch (session.type) {
6240
+ case "enroll" /* MultiFactorSessionType.ENROLL */:
6241
+ return this._finalizeEnroll(auth, session.credential, displayName);
6242
+ case "signin" /* MultiFactorSessionType.SIGN_IN */:
6243
+ return this._finalizeSignIn(auth, session.credential);
6244
+ default:
6245
+ return debugFail('unexpected MultiFactorSessionType');
6246
+ }
6247
+ }
6248
+ }
6249
+
6250
+ /**
6251
+ * Provider for generating a {@link TotpMultiFactorAssertion}.
6252
+ *
6253
+ * @public
6254
+ */
6255
+ class TotpMultiFactorGenerator {
6256
+ /**
6257
+ * Provides a {@link TotpMultiFactorAssertion} to confirm ownership of
6258
+ * the TOTP (time-based one-time password) second factor.
6259
+ * This assertion is used to complete enrollment in TOTP second factor.
6260
+ *
6261
+ * @param secret A {@link TotpSecret} containing the shared secret key and other TOTP parameters.
6262
+ * @param oneTimePassword One-time password from TOTP App.
6263
+ * @returns A {@link TotpMultiFactorAssertion} which can be used with
6264
+ * {@link MultiFactorUser.enroll}.
6265
+ */
6266
+ static assertionForEnrollment(secret, oneTimePassword) {
6267
+ return TotpMultiFactorAssertionImpl._fromSecret(secret, oneTimePassword);
6268
+ }
6269
+ /**
6270
+ * Provides a {@link TotpMultiFactorAssertion} to confirm ownership of the TOTP second factor.
6271
+ * This assertion is used to complete signIn with TOTP as the second factor.
6272
+ *
6273
+ * @param enrollmentId identifies the enrolled TOTP second factor.
6274
+ * @param oneTimePassword One-time password from TOTP App.
6275
+ * @returns A {@link TotpMultiFactorAssertion} which can be used with
6276
+ * {@link MultiFactorResolver.resolveSignIn}.
6277
+ */
6278
+ static assertionForSignIn(enrollmentId, oneTimePassword) {
6279
+ return TotpMultiFactorAssertionImpl._fromEnrollmentId(enrollmentId, oneTimePassword);
6280
+ }
6281
+ /**
6282
+ * Returns a promise to {@link TotpSecret} which contains the TOTP shared secret key and other parameters.
6283
+ * Creates a TOTP secret as part of enrolling a TOTP second factor.
6284
+ * Used for generating a QR code URL or inputting into a TOTP app.
6285
+ * This method uses the auth instance corresponding to the user in the multiFactorSession.
6286
+ *
6287
+ * @param session The {@link MultiFactorSession} that the user is part of.
6288
+ * @returns A promise to {@link TotpSecret}.
6289
+ */
6290
+ static async generateSecret(session) {
6291
+ const mfaSession = session;
6292
+ _assert(typeof mfaSession.auth !== 'undefined', "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
6293
+ const response = await startEnrollTotpMfa(mfaSession.auth, {
6294
+ idToken: mfaSession.credential,
6295
+ totpEnrollmentInfo: {}
6296
+ });
6297
+ return TotpSecret._fromStartTotpMfaEnrollmentResponse(response, mfaSession.auth);
6298
+ }
6299
+ }
6300
+ /**
6301
+ * The identifier of the TOTP second factor: `totp`.
6302
+ */
6303
+ TotpMultiFactorGenerator.FACTOR_ID = "totp" /* FactorId.TOTP */;
6304
+ class TotpMultiFactorAssertionImpl extends MultiFactorAssertionImpl {
6305
+ constructor(otp, enrollmentId, secret) {
6306
+ super("totp" /* FactorId.TOTP */);
6307
+ this.otp = otp;
6308
+ this.enrollmentId = enrollmentId;
6309
+ this.secret = secret;
6310
+ }
6311
+ /** @internal */
6312
+ static _fromSecret(secret, otp) {
6313
+ return new TotpMultiFactorAssertionImpl(otp, undefined, secret);
6314
+ }
6315
+ /** @internal */
6316
+ static _fromEnrollmentId(enrollmentId, otp) {
6317
+ return new TotpMultiFactorAssertionImpl(otp, enrollmentId);
6318
+ }
6319
+ /** @internal */
6320
+ async _finalizeEnroll(auth, idToken, displayName) {
6321
+ _assert(typeof this.secret !== 'undefined', auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
6322
+ return finalizeEnrollTotpMfa(auth, {
6323
+ idToken,
6324
+ displayName,
6325
+ totpVerificationInfo: this.secret._makeTotpVerificationInfo(this.otp)
6326
+ });
6327
+ }
6328
+ /** @internal */
6329
+ async _finalizeSignIn(auth, mfaPendingCredential) {
6330
+ _assert(this.enrollmentId !== undefined && this.otp !== undefined, auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
6331
+ const totpVerificationInfo = { verificationCode: this.otp };
6332
+ return finalizeSignInTotpMfa(auth, {
6333
+ mfaPendingCredential,
6334
+ mfaEnrollmentId: this.enrollmentId,
6335
+ totpVerificationInfo
6336
+ });
6337
+ }
6338
+ }
6339
+ /**
6340
+ * Provider for generating a {@link TotpMultiFactorAssertion}.
6341
+ *
6342
+ * Stores the shared secret key and other parameters to generate time-based OTPs.
6343
+ * Implements methods to retrieve the shared secret key and generate a QR code URL.
6344
+ * @public
6345
+ */
6346
+ class TotpSecret {
6347
+ // The public members are declared outside the constructor so the docs can be generated.
6348
+ constructor(secretKey, hashingAlgorithm, codeLength, codeIntervalSeconds, enrollmentCompletionDeadline, sessionInfo, auth) {
6349
+ this.sessionInfo = sessionInfo;
6350
+ this.auth = auth;
6351
+ this.secretKey = secretKey;
6352
+ this.hashingAlgorithm = hashingAlgorithm;
6353
+ this.codeLength = codeLength;
6354
+ this.codeIntervalSeconds = codeIntervalSeconds;
6355
+ this.enrollmentCompletionDeadline = enrollmentCompletionDeadline;
6356
+ }
6357
+ /** @internal */
6358
+ static _fromStartTotpMfaEnrollmentResponse(response, auth) {
6359
+ return new TotpSecret(response.totpSessionInfo.sharedSecretKey, response.totpSessionInfo.hashingAlgorithm, response.totpSessionInfo.verificationCodeLength, response.totpSessionInfo.periodSec, new Date(response.totpSessionInfo.finalizeEnrollmentTime).toUTCString(), response.totpSessionInfo.sessionInfo, auth);
6360
+ }
6361
+ /** @internal */
6362
+ _makeTotpVerificationInfo(otp) {
6363
+ return { sessionInfo: this.sessionInfo, verificationCode: otp };
6364
+ }
6365
+ /**
6366
+ * Returns a QR code URL as described in
6367
+ * https://github.com/google/google-authenticator/wiki/Key-Uri-Format
6368
+ * This can be displayed to the user as a QR code to be scanned into a TOTP app like Google Authenticator.
6369
+ * If the optional parameters are unspecified, an accountName of <userEmail> and issuer of <firebaseAppName> are used.
6370
+ *
6371
+ * @param accountName the name of the account/app along with a user identifier.
6372
+ * @param issuer issuer of the TOTP (likely the app name).
6373
+ * @returns A QR code URL string.
6374
+ */
6375
+ generateQrCodeUrl(accountName, issuer) {
6376
+ var _a;
6377
+ let useDefaults = false;
6378
+ if (_isEmptyString(accountName) || _isEmptyString(issuer)) {
6379
+ useDefaults = true;
6380
+ }
6381
+ if (useDefaults) {
6382
+ if (_isEmptyString(accountName)) {
6383
+ accountName = ((_a = this.auth.currentUser) === null || _a === void 0 ? void 0 : _a.email) || 'unknownuser';
6384
+ }
6385
+ if (_isEmptyString(issuer)) {
6386
+ issuer = this.auth.name;
6387
+ }
6388
+ }
6389
+ return `otpauth://totp/${issuer}:${accountName}?secret=${this.secretKey}&issuer=${issuer}&algorithm=${this.hashingAlgorithm}&digits=${this.codeLength}`;
6390
+ }
6391
+ }
6392
+ /** @internal */
6393
+ function _isEmptyString(input) {
6394
+ return typeof input === 'undefined' || (input === null || input === void 0 ? void 0 : input.length) === 0;
6395
+ }
6396
+
6397
+ export { linkWithCredential as $, ActionCodeOperation as A, deleteUser as B, debugErrorMap as C, prodErrorMap as D, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as E, FactorId as F, initializeAuth as G, connectAuthEmulator as H, AuthCredential as I, EmailAuthCredential as J, OAuthCredential as K, PhoneAuthCredential as L, inMemoryPersistence as M, EmailAuthProvider as N, OperationType as O, PhoneAuthProvider as P, FacebookAuthProvider as Q, RecaptchaVerifier as R, SignInMethod as S, TotpMultiFactorGenerator as T, GoogleAuthProvider as U, GithubAuthProvider as V, OAuthProvider as W, SAMLAuthProvider as X, TwitterAuthProvider as Y, signInAnonymously as Z, signInWithCredential as _, browserSessionPersistence as a, reauthenticateWithCredential as a0, signInWithCustomToken as a1, sendPasswordResetEmail as a2, confirmPasswordReset as a3, applyActionCode as a4, checkActionCode as a5, verifyPasswordResetCode as a6, createUserWithEmailAndPassword as a7, signInWithEmailAndPassword as a8, sendSignInLinkToEmail as a9, _castAuth as aA, FederatedAuthProvider as aB, BaseOAuthProvider as aC, _emulatorUrl as aD, _performApiRequest as aE, _isIOS as aF, _isAndroid as aG, _isIOS7Or8 as aH, _createError as aI, _isIframe as aJ, _isMobileBrowser as aK, _isIE10 as aL, _isSafari as aM, UserImpl as aN, AuthImpl as aO, _getClientVersion as aP, FetchProvider as aQ, SAMLAuthCredential as aR, isSignInWithEmailLink as aa, signInWithEmailLink as ab, fetchSignInMethodsForEmail as ac, sendEmailVerification as ad, verifyBeforeUpdateEmail as ae, ActionCodeURL as af, parseActionCodeURL as ag, updateProfile as ah, updateEmail as ai, updatePassword as aj, getIdToken as ak, getIdTokenResult as al, unlink as am, getAdditionalUserInfo as an, reload as ao, getMultiFactorResolver as ap, multiFactor as aq, _getInstance as ar, _assert as as, _signInWithCredential as at, _reauthenticate as au, _link as av, signInWithIdp as aw, _fail as ax, debugAssert as ay, _persistenceKeyName as az, browserLocalPersistence as b, signInWithPopup as c, linkWithPopup as d, reauthenticateWithPopup as e, signInWithRedirect as f, linkWithRedirect as g, reauthenticateWithRedirect as h, indexedDBLocalPersistence as i, getRedirectResult as j, browserPopupRedirectResolver as k, linkWithPhoneNumber as l, PhoneMultiFactorGenerator as m, TotpSecret as n, getAuth as o, ProviderId as p, setPersistence as q, reauthenticateWithPhoneNumber as r, signInWithPhoneNumber as s, onIdTokenChanged as t, updatePhoneNumber as u, beforeAuthStateChanged as v, onAuthStateChanged as w, useDeviceLanguage as x, updateCurrentUser as y, signOut as z };
6398
+ //# sourceMappingURL=totp-a3bfc07a.js.map