@firebase/auth 0.21.5 → 0.21.6-canary.a8d6499b1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/README.md +25 -0
- package/dist/auth-public.d.ts +137 -4
- package/dist/auth.d.ts +149 -4
- package/dist/browser-cjs/{index-ff477525.js → index-a031a7c0.js} +180 -5
- package/dist/browser-cjs/index-a031a7c0.js.map +1 -0
- package/dist/browser-cjs/index.d.ts +2 -1
- package/dist/browser-cjs/index.js +3 -1
- package/dist/browser-cjs/index.js.map +1 -1
- package/dist/browser-cjs/internal.js +3 -1
- package/dist/browser-cjs/internal.js.map +1 -1
- package/dist/browser-cjs/src/api/account_management/mfa.d.ts +38 -4
- package/dist/browser-cjs/src/api/authentication/mfa.d.ts +11 -0
- package/dist/browser-cjs/src/core/errors.d.ts +1 -0
- package/dist/browser-cjs/src/core/index.d.ts +1 -0
- package/dist/browser-cjs/src/mfa/assertions/totp.d.ts +124 -0
- package/dist/browser-cjs/src/mfa/assertions/totp.test.d.ts +17 -0
- package/dist/browser-cjs/src/mfa/mfa_info.d.ts +5 -1
- package/dist/browser-cjs/src/model/enum_maps.d.ts +1 -0
- package/dist/browser-cjs/src/model/public_types.d.ts +18 -1
- package/dist/browser-cjs/test/helpers/integration/helpers.d.ts +3 -0
- package/dist/browser-cjs/test/integration/flows/totp.test.d.ts +17 -0
- package/dist/cordova/index.d.ts +2 -1
- package/dist/cordova/index.js +2 -2
- package/dist/cordova/internal.js +179 -3
- package/dist/cordova/internal.js.map +1 -1
- package/dist/cordova/{popup_redirect-a4d3c436.js → popup_redirect-69cff576.js} +31 -6
- package/dist/cordova/popup_redirect-69cff576.js.map +1 -0
- package/dist/cordova/src/api/account_management/mfa.d.ts +38 -4
- package/dist/cordova/src/api/authentication/mfa.d.ts +11 -0
- package/dist/cordova/src/core/errors.d.ts +1 -0
- package/dist/cordova/src/core/index.d.ts +1 -0
- package/dist/cordova/src/mfa/assertions/totp.d.ts +124 -0
- package/dist/cordova/src/mfa/assertions/totp.test.d.ts +17 -0
- package/dist/cordova/src/mfa/mfa_info.d.ts +5 -1
- package/dist/cordova/src/model/enum_maps.d.ts +1 -0
- package/dist/cordova/src/model/public_types.d.ts +18 -1
- package/dist/cordova/test/helpers/integration/helpers.d.ts +3 -0
- package/dist/cordova/test/integration/flows/totp.test.d.ts +17 -0
- package/dist/esm2017/{index-3363a72a.js → index-33f309f3.js} +179 -6
- package/dist/esm2017/index-33f309f3.js.map +1 -0
- package/dist/esm2017/index.d.ts +2 -1
- package/dist/esm2017/index.js +1 -1
- package/dist/esm2017/internal.js +2 -2
- package/dist/esm2017/src/api/account_management/mfa.d.ts +38 -4
- package/dist/esm2017/src/api/authentication/mfa.d.ts +11 -0
- package/dist/esm2017/src/core/errors.d.ts +1 -0
- package/dist/esm2017/src/core/index.d.ts +1 -0
- package/dist/esm2017/src/mfa/assertions/totp.d.ts +124 -0
- package/dist/esm2017/src/mfa/assertions/totp.test.d.ts +17 -0
- package/dist/esm2017/src/mfa/mfa_info.d.ts +5 -1
- package/dist/esm2017/src/model/enum_maps.d.ts +1 -0
- package/dist/esm2017/src/model/public_types.d.ts +18 -1
- package/dist/esm2017/test/helpers/integration/helpers.d.ts +3 -0
- package/dist/esm2017/test/integration/flows/totp.test.d.ts +17 -0
- package/dist/esm5/{index-3f05dc7b.js → index-588c4d42.js} +207 -6
- package/dist/esm5/index-588c4d42.js.map +1 -0
- package/dist/esm5/index.d.ts +2 -1
- package/dist/esm5/index.js +1 -1
- package/dist/esm5/internal.js +2 -2
- package/dist/esm5/src/api/account_management/mfa.d.ts +38 -4
- package/dist/esm5/src/api/authentication/mfa.d.ts +11 -0
- package/dist/esm5/src/core/errors.d.ts +1 -0
- package/dist/esm5/src/core/index.d.ts +1 -0
- package/dist/esm5/src/mfa/assertions/totp.d.ts +124 -0
- package/dist/esm5/src/mfa/assertions/totp.test.d.ts +17 -0
- package/dist/esm5/src/mfa/mfa_info.d.ts +5 -1
- package/dist/esm5/src/model/enum_maps.d.ts +1 -0
- package/dist/esm5/src/model/public_types.d.ts +18 -1
- package/dist/esm5/test/helpers/integration/helpers.d.ts +3 -0
- package/dist/esm5/test/integration/flows/totp.test.d.ts +17 -0
- package/dist/index.d.ts +2 -1
- package/dist/index.webworker.esm5.js +23 -4
- package/dist/index.webworker.esm5.js.map +1 -1
- package/dist/node/index.d.ts +2 -1
- package/dist/node/index.js +83 -81
- package/dist/node/index.js.map +1 -1
- package/dist/node/internal.js +144 -142
- package/dist/node/internal.js.map +1 -1
- package/dist/node/src/api/account_management/mfa.d.ts +38 -4
- package/dist/node/src/api/authentication/mfa.d.ts +11 -0
- package/dist/node/src/core/errors.d.ts +1 -0
- package/dist/node/src/core/index.d.ts +1 -0
- package/dist/node/src/mfa/assertions/totp.d.ts +124 -0
- package/dist/node/src/mfa/assertions/totp.test.d.ts +17 -0
- package/dist/node/src/mfa/mfa_info.d.ts +5 -1
- package/dist/node/src/model/enum_maps.d.ts +1 -0
- package/dist/node/src/model/public_types.d.ts +18 -1
- package/dist/node/test/helpers/integration/helpers.d.ts +3 -0
- package/dist/node/test/integration/flows/totp.test.d.ts +17 -0
- package/dist/node/{index-45468d80.js → totp-4f539e73.js} +243 -6
- package/dist/node/totp-4f539e73.js.map +1 -0
- package/dist/node-esm/index.d.ts +2 -1
- package/dist/node-esm/index.js +2 -2
- package/dist/node-esm/internal.js +3 -3
- package/dist/node-esm/src/api/account_management/mfa.d.ts +38 -4
- package/dist/node-esm/src/api/authentication/mfa.d.ts +11 -0
- package/dist/node-esm/src/core/errors.d.ts +1 -0
- package/dist/node-esm/src/core/index.d.ts +1 -0
- package/dist/node-esm/src/mfa/assertions/totp.d.ts +124 -0
- package/dist/node-esm/src/mfa/assertions/totp.test.d.ts +17 -0
- package/dist/node-esm/src/mfa/mfa_info.d.ts +5 -1
- package/dist/node-esm/src/model/enum_maps.d.ts +1 -0
- package/dist/node-esm/src/model/public_types.d.ts +18 -1
- package/dist/node-esm/test/helpers/integration/helpers.d.ts +3 -0
- package/dist/node-esm/test/integration/flows/totp.test.d.ts +17 -0
- package/dist/node-esm/{index-1f9492de.js → totp-aec70fa2.js} +213 -7
- package/dist/node-esm/totp-aec70fa2.js.map +1 -0
- package/dist/rn/index.d.ts +2 -1
- package/dist/rn/index.js +1 -1
- package/dist/rn/internal.js +176 -1
- package/dist/rn/internal.js.map +1 -1
- package/dist/rn/{phone-e7bf48a1.js → phone-a38a417c.js} +37 -5
- package/dist/rn/phone-a38a417c.js.map +1 -0
- package/dist/rn/src/api/account_management/mfa.d.ts +38 -4
- package/dist/rn/src/api/authentication/mfa.d.ts +11 -0
- package/dist/rn/src/core/errors.d.ts +1 -0
- package/dist/rn/src/core/index.d.ts +1 -0
- package/dist/rn/src/mfa/assertions/totp.d.ts +124 -0
- package/dist/rn/src/mfa/assertions/totp.test.d.ts +17 -0
- package/dist/rn/src/mfa/mfa_info.d.ts +5 -1
- package/dist/rn/src/model/enum_maps.d.ts +1 -0
- package/dist/rn/src/model/public_types.d.ts +18 -1
- package/dist/rn/test/helpers/integration/helpers.d.ts +3 -0
- package/dist/rn/test/integration/flows/totp.test.d.ts +17 -0
- package/dist/src/api/account_management/mfa.d.ts +38 -4
- package/dist/src/api/authentication/mfa.d.ts +11 -0
- package/dist/src/core/errors.d.ts +1 -0
- package/dist/src/core/index.d.ts +1 -0
- package/dist/src/mfa/assertions/totp.d.ts +124 -0
- package/dist/src/mfa/assertions/totp.test.d.ts +17 -0
- package/dist/src/mfa/mfa_info.d.ts +5 -1
- package/dist/src/model/enum_maps.d.ts +1 -0
- package/dist/src/model/public_types.d.ts +18 -1
- package/dist/test/helpers/integration/helpers.d.ts +3 -0
- package/dist/test/integration/flows/totp.test.d.ts +17 -0
- package/package.json +10 -8
- package/dist/browser-cjs/index-ff477525.js.map +0 -1
- package/dist/cordova/popup_redirect-a4d3c436.js.map +0 -1
- package/dist/esm2017/index-3363a72a.js.map +0 -1
- package/dist/esm5/index-3f05dc7b.js.map +0 -1
- package/dist/node/index-45468d80.js.map +0 -1
- package/dist/node-esm/index-1f9492de.js.map +0 -1
- package/dist/rn/phone-e7bf48a1.js.map +0 -1
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
import { ErrorFactory, deepEqual, isBrowserExtension, isMobileCordova, isReactNative, FirebaseError, querystring, getModularInstance, base64Decode, getUA, isIE, createSubscribe, querystringDecode, extractQuerystring, getDefaultEmulatorHost } from '@firebase/util';
|
|
2
2
|
import { SDK_VERSION, _getProvider, _registerComponent, registerVersion, getApp } from '@firebase/app';
|
|
3
3
|
import { __rest } from 'tslib';
|
|
4
|
-
import { Logger, LogLevel } from '@firebase/logger';
|
|
5
4
|
import { Component } from '@firebase/component';
|
|
6
5
|
import * as fetchImpl from 'node-fetch';
|
|
6
|
+
import { Logger, LogLevel } from '@firebase/logger';
|
|
7
7
|
|
|
8
8
|
/**
|
|
9
9
|
* @license
|
|
@@ -28,7 +28,8 @@ import * as fetchImpl from 'node-fetch';
|
|
|
28
28
|
*/
|
|
29
29
|
const FactorId = {
|
|
30
30
|
/** Phone as second factor */
|
|
31
|
-
PHONE: 'phone'
|
|
31
|
+
PHONE: 'phone',
|
|
32
|
+
TOTP: 'totp'
|
|
32
33
|
};
|
|
33
34
|
/**
|
|
34
35
|
* Enumeration of supported providers.
|
|
@@ -212,6 +213,7 @@ function _debugErrorMap() {
|
|
|
212
213
|
["missing-or-invalid-nonce" /* AuthErrorCode.MISSING_OR_INVALID_NONCE */]: 'The request does not contain a valid nonce. This can occur if the ' +
|
|
213
214
|
'SHA-256 hash of the provided raw nonce does not match the hashed nonce ' +
|
|
214
215
|
'in the ID token payload.',
|
|
216
|
+
["missing-password" /* AuthErrorCode.MISSING_PASSWORD */]: 'A non-empty password must be provided',
|
|
215
217
|
["missing-multi-factor-info" /* AuthErrorCode.MISSING_MFA_INFO */]: 'No second factor identifier is provided.',
|
|
216
218
|
["missing-multi-factor-session" /* AuthErrorCode.MISSING_MFA_SESSION */]: 'The request is missing proof of first factor successful sign-in.',
|
|
217
219
|
["missing-phone-number" /* AuthErrorCode.MISSING_PHONE_NUMBER */]: 'To send verification codes, provide a phone number for the recipient.',
|
|
@@ -828,7 +830,7 @@ const SERVER_ERROR_MAP = {
|
|
|
828
830
|
// Sign in with email and password errors (some apply to sign up too).
|
|
829
831
|
["INVALID_PASSWORD" /* ServerError.INVALID_PASSWORD */]: "wrong-password" /* AuthErrorCode.INVALID_PASSWORD */,
|
|
830
832
|
// This can only happen if the SDK sends a bad request.
|
|
831
|
-
["MISSING_PASSWORD" /* ServerError.MISSING_PASSWORD */]: "
|
|
833
|
+
["MISSING_PASSWORD" /* ServerError.MISSING_PASSWORD */]: "missing-password" /* AuthErrorCode.MISSING_PASSWORD */,
|
|
832
834
|
// Sign up with email and password errors.
|
|
833
835
|
["EMAIL_EXISTS" /* ServerError.EMAIL_EXISTS */]: "email-already-in-use" /* AuthErrorCode.EMAIL_EXISTS */,
|
|
834
836
|
["PASSWORD_LOGIN_DISABLED" /* ServerError.PASSWORD_LOGIN_DISABLED */]: "operation-not-allowed" /* AuthErrorCode.OPERATION_NOT_ALLOWED */,
|
|
@@ -972,7 +974,10 @@ async function _performFetchWithErrorHandling(auth, customErrorMap, fetchFn) {
|
|
|
972
974
|
if (e instanceof FirebaseError) {
|
|
973
975
|
throw e;
|
|
974
976
|
}
|
|
975
|
-
|
|
977
|
+
// Changing this to a different error code will log user out when there is a network error
|
|
978
|
+
// because we treat any error other than NETWORK_REQUEST_FAILED as token is invalid.
|
|
979
|
+
// https://github.com/firebase/firebase-js-sdk/blob/4fbc73610d70be4e0852e7de63a39cb7897e8546/packages/auth/src/core/auth/auth_impl.ts#L309-L316
|
|
980
|
+
_fail(auth, "network-request-failed" /* AuthErrorCode.NETWORK_REQUEST_FAILED */, { 'message': String(e) });
|
|
976
981
|
}
|
|
977
982
|
}
|
|
978
983
|
async function _performSignInRequest(auth, method, path, request, customErrorMap = {}) {
|
|
@@ -4843,6 +4848,9 @@ class MultiFactorInfoImpl {
|
|
|
4843
4848
|
if ('phoneInfo' in enrollment) {
|
|
4844
4849
|
return PhoneMultiFactorInfoImpl._fromServerResponse(auth, enrollment);
|
|
4845
4850
|
}
|
|
4851
|
+
else if ('totpInfo' in enrollment) {
|
|
4852
|
+
return TotpMultiFactorInfoImpl._fromServerResponse(auth, enrollment);
|
|
4853
|
+
}
|
|
4846
4854
|
return _fail(auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
|
|
4847
4855
|
}
|
|
4848
4856
|
}
|
|
@@ -4854,6 +4862,14 @@ class PhoneMultiFactorInfoImpl extends MultiFactorInfoImpl {
|
|
|
4854
4862
|
static _fromServerResponse(_auth, enrollment) {
|
|
4855
4863
|
return new PhoneMultiFactorInfoImpl(enrollment);
|
|
4856
4864
|
}
|
|
4865
|
+
}
|
|
4866
|
+
class TotpMultiFactorInfoImpl extends MultiFactorInfoImpl {
|
|
4867
|
+
constructor(response) {
|
|
4868
|
+
super("totp" /* FactorId.TOTP */, response);
|
|
4869
|
+
}
|
|
4870
|
+
static _fromServerResponse(_auth, enrollment) {
|
|
4871
|
+
return new TotpMultiFactorInfoImpl(enrollment);
|
|
4872
|
+
}
|
|
4857
4873
|
}
|
|
4858
4874
|
|
|
4859
4875
|
/**
|
|
@@ -5657,6 +5673,7 @@ function setPersistence(auth, persistence) {
|
|
|
5657
5673
|
*
|
|
5658
5674
|
* @remarks
|
|
5659
5675
|
* This includes sign-in, sign-out, and token refresh events.
|
|
5676
|
+
* This will not be triggered automatically upon ID token expiration. Use {@link User.getIdToken} to refresh the ID token.
|
|
5660
5677
|
*
|
|
5661
5678
|
* @param auth - The {@link Auth} instance.
|
|
5662
5679
|
* @param nextOrObserver - callback triggered on change.
|
|
@@ -5884,6 +5901,12 @@ function getMultiFactorResolver(auth, error) {
|
|
|
5884
5901
|
* See the License for the specific language governing permissions and
|
|
5885
5902
|
* limitations under the License.
|
|
5886
5903
|
*/
|
|
5904
|
+
function startEnrollTotpMfa(auth, request) {
|
|
5905
|
+
return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v2/accounts/mfaEnrollment:start" /* Endpoint.START_MFA_ENROLLMENT */, _addTidIfNecessary(auth, request));
|
|
5906
|
+
}
|
|
5907
|
+
function finalizeEnrollTotpMfa(auth, request) {
|
|
5908
|
+
return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v2/accounts/mfaEnrollment:finalize" /* Endpoint.FINALIZE_MFA_ENROLLMENT */, _addTidIfNecessary(auth, request));
|
|
5909
|
+
}
|
|
5887
5910
|
function withdrawMfa(auth, request) {
|
|
5888
5911
|
return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v2/accounts/mfaEnrollment:withdraw" /* Endpoint.WITHDRAW_MFA */, _addTidIfNecessary(auth, request));
|
|
5889
5912
|
}
|
|
@@ -5958,7 +5981,7 @@ function multiFactor(user) {
|
|
|
5958
5981
|
}
|
|
5959
5982
|
|
|
5960
5983
|
var name = "@firebase/auth";
|
|
5961
|
-
var version = "0.21.
|
|
5984
|
+
var version = "0.21.6-canary.a8d6499b1";
|
|
5962
5985
|
|
|
5963
5986
|
/**
|
|
5964
5987
|
* @license
|
|
@@ -6188,5 +6211,188 @@ class PhoneMultiFactorGenerator {
|
|
|
6188
6211
|
// auth.setPersistence(persistence) are covered.
|
|
6189
6212
|
AuthImpl.prototype.setPersistence = async () => { };
|
|
6190
6213
|
|
|
6191
|
-
|
|
6192
|
-
|
|
6214
|
+
/**
|
|
6215
|
+
* @license
|
|
6216
|
+
* Copyright 2020 Google LLC
|
|
6217
|
+
*
|
|
6218
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
6219
|
+
* you may not use this file except in compliance with the License.
|
|
6220
|
+
* You may obtain a copy of the License at
|
|
6221
|
+
*
|
|
6222
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
6223
|
+
*
|
|
6224
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
6225
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
6226
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
6227
|
+
* See the License for the specific language governing permissions and
|
|
6228
|
+
* limitations under the License.
|
|
6229
|
+
*/
|
|
6230
|
+
function finalizeSignInTotpMfa(auth, request) {
|
|
6231
|
+
return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v2/accounts/mfaSignIn:finalize" /* Endpoint.FINALIZE_MFA_SIGN_IN */, _addTidIfNecessary(auth, request));
|
|
6232
|
+
}
|
|
6233
|
+
|
|
6234
|
+
class MultiFactorAssertionImpl {
|
|
6235
|
+
constructor(factorId) {
|
|
6236
|
+
this.factorId = factorId;
|
|
6237
|
+
}
|
|
6238
|
+
_process(auth, session, displayName) {
|
|
6239
|
+
switch (session.type) {
|
|
6240
|
+
case "enroll" /* MultiFactorSessionType.ENROLL */:
|
|
6241
|
+
return this._finalizeEnroll(auth, session.credential, displayName);
|
|
6242
|
+
case "signin" /* MultiFactorSessionType.SIGN_IN */:
|
|
6243
|
+
return this._finalizeSignIn(auth, session.credential);
|
|
6244
|
+
default:
|
|
6245
|
+
return debugFail('unexpected MultiFactorSessionType');
|
|
6246
|
+
}
|
|
6247
|
+
}
|
|
6248
|
+
}
|
|
6249
|
+
|
|
6250
|
+
/**
|
|
6251
|
+
* Provider for generating a {@link TotpMultiFactorAssertion}.
|
|
6252
|
+
*
|
|
6253
|
+
* @public
|
|
6254
|
+
*/
|
|
6255
|
+
class TotpMultiFactorGenerator {
|
|
6256
|
+
/**
|
|
6257
|
+
* Provides a {@link TotpMultiFactorAssertion} to confirm ownership of
|
|
6258
|
+
* the TOTP (time-based one-time password) second factor.
|
|
6259
|
+
* This assertion is used to complete enrollment in TOTP second factor.
|
|
6260
|
+
*
|
|
6261
|
+
* @param secret A {@link TotpSecret} containing the shared secret key and other TOTP parameters.
|
|
6262
|
+
* @param oneTimePassword One-time password from TOTP App.
|
|
6263
|
+
* @returns A {@link TotpMultiFactorAssertion} which can be used with
|
|
6264
|
+
* {@link MultiFactorUser.enroll}.
|
|
6265
|
+
*/
|
|
6266
|
+
static assertionForEnrollment(secret, oneTimePassword) {
|
|
6267
|
+
return TotpMultiFactorAssertionImpl._fromSecret(secret, oneTimePassword);
|
|
6268
|
+
}
|
|
6269
|
+
/**
|
|
6270
|
+
* Provides a {@link TotpMultiFactorAssertion} to confirm ownership of the TOTP second factor.
|
|
6271
|
+
* This assertion is used to complete signIn with TOTP as the second factor.
|
|
6272
|
+
*
|
|
6273
|
+
* @param enrollmentId identifies the enrolled TOTP second factor.
|
|
6274
|
+
* @param oneTimePassword One-time password from TOTP App.
|
|
6275
|
+
* @returns A {@link TotpMultiFactorAssertion} which can be used with
|
|
6276
|
+
* {@link MultiFactorResolver.resolveSignIn}.
|
|
6277
|
+
*/
|
|
6278
|
+
static assertionForSignIn(enrollmentId, oneTimePassword) {
|
|
6279
|
+
return TotpMultiFactorAssertionImpl._fromEnrollmentId(enrollmentId, oneTimePassword);
|
|
6280
|
+
}
|
|
6281
|
+
/**
|
|
6282
|
+
* Returns a promise to {@link TotpSecret} which contains the TOTP shared secret key and other parameters.
|
|
6283
|
+
* Creates a TOTP secret as part of enrolling a TOTP second factor.
|
|
6284
|
+
* Used for generating a QR code URL or inputting into a TOTP app.
|
|
6285
|
+
* This method uses the auth instance corresponding to the user in the multiFactorSession.
|
|
6286
|
+
*
|
|
6287
|
+
* @param session The {@link MultiFactorSession} that the user is part of.
|
|
6288
|
+
* @returns A promise to {@link TotpSecret}.
|
|
6289
|
+
*/
|
|
6290
|
+
static async generateSecret(session) {
|
|
6291
|
+
const mfaSession = session;
|
|
6292
|
+
_assert(typeof mfaSession.auth !== 'undefined', "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
|
|
6293
|
+
const response = await startEnrollTotpMfa(mfaSession.auth, {
|
|
6294
|
+
idToken: mfaSession.credential,
|
|
6295
|
+
totpEnrollmentInfo: {}
|
|
6296
|
+
});
|
|
6297
|
+
return TotpSecret._fromStartTotpMfaEnrollmentResponse(response, mfaSession.auth);
|
|
6298
|
+
}
|
|
6299
|
+
}
|
|
6300
|
+
/**
|
|
6301
|
+
* The identifier of the TOTP second factor: `totp`.
|
|
6302
|
+
*/
|
|
6303
|
+
TotpMultiFactorGenerator.FACTOR_ID = "totp" /* FactorId.TOTP */;
|
|
6304
|
+
class TotpMultiFactorAssertionImpl extends MultiFactorAssertionImpl {
|
|
6305
|
+
constructor(otp, enrollmentId, secret) {
|
|
6306
|
+
super("totp" /* FactorId.TOTP */);
|
|
6307
|
+
this.otp = otp;
|
|
6308
|
+
this.enrollmentId = enrollmentId;
|
|
6309
|
+
this.secret = secret;
|
|
6310
|
+
}
|
|
6311
|
+
/** @internal */
|
|
6312
|
+
static _fromSecret(secret, otp) {
|
|
6313
|
+
return new TotpMultiFactorAssertionImpl(otp, undefined, secret);
|
|
6314
|
+
}
|
|
6315
|
+
/** @internal */
|
|
6316
|
+
static _fromEnrollmentId(enrollmentId, otp) {
|
|
6317
|
+
return new TotpMultiFactorAssertionImpl(otp, enrollmentId);
|
|
6318
|
+
}
|
|
6319
|
+
/** @internal */
|
|
6320
|
+
async _finalizeEnroll(auth, idToken, displayName) {
|
|
6321
|
+
_assert(typeof this.secret !== 'undefined', auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
|
|
6322
|
+
return finalizeEnrollTotpMfa(auth, {
|
|
6323
|
+
idToken,
|
|
6324
|
+
displayName,
|
|
6325
|
+
totpVerificationInfo: this.secret._makeTotpVerificationInfo(this.otp)
|
|
6326
|
+
});
|
|
6327
|
+
}
|
|
6328
|
+
/** @internal */
|
|
6329
|
+
async _finalizeSignIn(auth, mfaPendingCredential) {
|
|
6330
|
+
_assert(this.enrollmentId !== undefined && this.otp !== undefined, auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
|
|
6331
|
+
const totpVerificationInfo = { verificationCode: this.otp };
|
|
6332
|
+
return finalizeSignInTotpMfa(auth, {
|
|
6333
|
+
mfaPendingCredential,
|
|
6334
|
+
mfaEnrollmentId: this.enrollmentId,
|
|
6335
|
+
totpVerificationInfo
|
|
6336
|
+
});
|
|
6337
|
+
}
|
|
6338
|
+
}
|
|
6339
|
+
/**
|
|
6340
|
+
* Provider for generating a {@link TotpMultiFactorAssertion}.
|
|
6341
|
+
*
|
|
6342
|
+
* Stores the shared secret key and other parameters to generate time-based OTPs.
|
|
6343
|
+
* Implements methods to retrieve the shared secret key and generate a QR code URL.
|
|
6344
|
+
* @public
|
|
6345
|
+
*/
|
|
6346
|
+
class TotpSecret {
|
|
6347
|
+
// The public members are declared outside the constructor so the docs can be generated.
|
|
6348
|
+
constructor(secretKey, hashingAlgorithm, codeLength, codeIntervalSeconds, enrollmentCompletionDeadline, sessionInfo, auth) {
|
|
6349
|
+
this.sessionInfo = sessionInfo;
|
|
6350
|
+
this.auth = auth;
|
|
6351
|
+
this.secretKey = secretKey;
|
|
6352
|
+
this.hashingAlgorithm = hashingAlgorithm;
|
|
6353
|
+
this.codeLength = codeLength;
|
|
6354
|
+
this.codeIntervalSeconds = codeIntervalSeconds;
|
|
6355
|
+
this.enrollmentCompletionDeadline = enrollmentCompletionDeadline;
|
|
6356
|
+
}
|
|
6357
|
+
/** @internal */
|
|
6358
|
+
static _fromStartTotpMfaEnrollmentResponse(response, auth) {
|
|
6359
|
+
return new TotpSecret(response.totpSessionInfo.sharedSecretKey, response.totpSessionInfo.hashingAlgorithm, response.totpSessionInfo.verificationCodeLength, response.totpSessionInfo.periodSec, new Date(response.totpSessionInfo.finalizeEnrollmentTime).toUTCString(), response.totpSessionInfo.sessionInfo, auth);
|
|
6360
|
+
}
|
|
6361
|
+
/** @internal */
|
|
6362
|
+
_makeTotpVerificationInfo(otp) {
|
|
6363
|
+
return { sessionInfo: this.sessionInfo, verificationCode: otp };
|
|
6364
|
+
}
|
|
6365
|
+
/**
|
|
6366
|
+
* Returns a QR code URL as described in
|
|
6367
|
+
* https://github.com/google/google-authenticator/wiki/Key-Uri-Format
|
|
6368
|
+
* This can be displayed to the user as a QR code to be scanned into a TOTP app like Google Authenticator.
|
|
6369
|
+
* If the optional parameters are unspecified, an accountName of <userEmail> and issuer of <firebaseAppName> are used.
|
|
6370
|
+
*
|
|
6371
|
+
* @param accountName the name of the account/app along with a user identifier.
|
|
6372
|
+
* @param issuer issuer of the TOTP (likely the app name).
|
|
6373
|
+
* @returns A QR code URL string.
|
|
6374
|
+
*/
|
|
6375
|
+
generateQrCodeUrl(accountName, issuer) {
|
|
6376
|
+
var _a;
|
|
6377
|
+
let useDefaults = false;
|
|
6378
|
+
if (_isEmptyString(accountName) || _isEmptyString(issuer)) {
|
|
6379
|
+
useDefaults = true;
|
|
6380
|
+
}
|
|
6381
|
+
if (useDefaults) {
|
|
6382
|
+
if (_isEmptyString(accountName)) {
|
|
6383
|
+
accountName = ((_a = this.auth.currentUser) === null || _a === void 0 ? void 0 : _a.email) || 'unknownuser';
|
|
6384
|
+
}
|
|
6385
|
+
if (_isEmptyString(issuer)) {
|
|
6386
|
+
issuer = this.auth.name;
|
|
6387
|
+
}
|
|
6388
|
+
}
|
|
6389
|
+
return `otpauth://totp/${issuer}:${accountName}?secret=${this.secretKey}&issuer=${issuer}&algorithm=${this.hashingAlgorithm}&digits=${this.codeLength}`;
|
|
6390
|
+
}
|
|
6391
|
+
}
|
|
6392
|
+
/** @internal */
|
|
6393
|
+
function _isEmptyString(input) {
|
|
6394
|
+
return typeof input === 'undefined' || (input === null || input === void 0 ? void 0 : input.length) === 0;
|
|
6395
|
+
}
|
|
6396
|
+
|
|
6397
|
+
export { linkWithCredential as $, ActionCodeOperation as A, deleteUser as B, debugErrorMap as C, prodErrorMap as D, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as E, FactorId as F, initializeAuth as G, connectAuthEmulator as H, AuthCredential as I, EmailAuthCredential as J, OAuthCredential as K, PhoneAuthCredential as L, inMemoryPersistence as M, EmailAuthProvider as N, OperationType as O, PhoneAuthProvider as P, FacebookAuthProvider as Q, RecaptchaVerifier as R, SignInMethod as S, TotpMultiFactorGenerator as T, GoogleAuthProvider as U, GithubAuthProvider as V, OAuthProvider as W, SAMLAuthProvider as X, TwitterAuthProvider as Y, signInAnonymously as Z, signInWithCredential as _, browserSessionPersistence as a, reauthenticateWithCredential as a0, signInWithCustomToken as a1, sendPasswordResetEmail as a2, confirmPasswordReset as a3, applyActionCode as a4, checkActionCode as a5, verifyPasswordResetCode as a6, createUserWithEmailAndPassword as a7, signInWithEmailAndPassword as a8, sendSignInLinkToEmail as a9, _castAuth as aA, FederatedAuthProvider as aB, BaseOAuthProvider as aC, _emulatorUrl as aD, _performApiRequest as aE, _isIOS as aF, _isAndroid as aG, _isIOS7Or8 as aH, _createError as aI, _isIframe as aJ, _isMobileBrowser as aK, _isIE10 as aL, _isSafari as aM, UserImpl as aN, AuthImpl as aO, _getClientVersion as aP, FetchProvider as aQ, SAMLAuthCredential as aR, isSignInWithEmailLink as aa, signInWithEmailLink as ab, fetchSignInMethodsForEmail as ac, sendEmailVerification as ad, verifyBeforeUpdateEmail as ae, ActionCodeURL as af, parseActionCodeURL as ag, updateProfile as ah, updateEmail as ai, updatePassword as aj, getIdToken as ak, getIdTokenResult as al, unlink as am, getAdditionalUserInfo as an, reload as ao, getMultiFactorResolver as ap, multiFactor as aq, _getInstance as ar, _assert as as, _signInWithCredential as at, _reauthenticate as au, _link as av, signInWithIdp as aw, _fail as ax, debugAssert as ay, _persistenceKeyName as az, browserLocalPersistence as b, signInWithPopup as c, linkWithPopup as d, reauthenticateWithPopup as e, signInWithRedirect as f, linkWithRedirect as g, reauthenticateWithRedirect as h, indexedDBLocalPersistence as i, getRedirectResult as j, browserPopupRedirectResolver as k, linkWithPhoneNumber as l, PhoneMultiFactorGenerator as m, TotpSecret as n, getAuth as o, ProviderId as p, setPersistence as q, reauthenticateWithPhoneNumber as r, signInWithPhoneNumber as s, onIdTokenChanged as t, updatePhoneNumber as u, beforeAuthStateChanged as v, onAuthStateChanged as w, useDeviceLanguage as x, updateCurrentUser as y, signOut as z };
|
|
6398
|
+
//# sourceMappingURL=totp-aec70fa2.js.map
|