@firebase/auth 0.21.6 → 0.22.0-canary.1d6771eb3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (218) hide show
  1. package/CHANGELOG.md +10 -0
  2. package/README.md +5 -0
  3. package/dist/auth-public.d.ts +59 -3
  4. package/dist/auth.d.ts +74 -13
  5. package/dist/browser-cjs/{index-39443020.js → index-7393ca6a.js} +593 -208
  6. package/dist/browser-cjs/index-7393ca6a.js.map +1 -0
  7. package/dist/browser-cjs/index.js +3 -2
  8. package/dist/browser-cjs/index.js.map +1 -1
  9. package/dist/browser-cjs/internal.js +3 -2
  10. package/dist/browser-cjs/internal.js.map +1 -1
  11. package/dist/browser-cjs/src/api/authentication/email_and_password.d.ts +9 -0
  12. package/dist/browser-cjs/src/api/authentication/recaptcha.d.ts +16 -0
  13. package/dist/browser-cjs/src/api/authentication/sign_up.d.ts +4 -0
  14. package/dist/browser-cjs/src/api/errors.d.ts +9 -1
  15. package/dist/browser-cjs/src/api/index.d.ts +17 -2
  16. package/dist/browser-cjs/src/core/auth/auth_impl.d.ts +9 -1
  17. package/dist/browser-cjs/src/core/errors.d.ts +18 -1
  18. package/dist/browser-cjs/src/core/index.d.ts +27 -0
  19. package/dist/browser-cjs/src/core/util/handler.d.ts +1 -1
  20. package/dist/browser-cjs/src/core/util/log.d.ts +1 -0
  21. package/dist/browser-cjs/src/mfa/assertions/totp.d.ts +2 -2
  22. package/dist/browser-cjs/src/model/auth.d.ts +6 -0
  23. package/dist/browser-cjs/src/platform_browser/auth_window.d.ts +2 -2
  24. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  25. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  26. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  27. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  28. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  29. package/dist/browser-cjs/src/platform_browser/strategies/popup.d.ts +1 -1
  30. package/dist/browser-cjs/test/helpers/api/helper.d.ts +2 -0
  31. package/dist/browser-cjs/test/helpers/mock_auth.d.ts +5 -0
  32. package/dist/cordova/index.js +2 -2
  33. package/dist/cordova/internal.js +21 -77
  34. package/dist/cordova/internal.js.map +1 -1
  35. package/dist/cordova/{popup_redirect-8b388294.js → popup_redirect-eae95465.js} +781 -215
  36. package/dist/cordova/popup_redirect-eae95465.js.map +1 -0
  37. package/dist/cordova/src/api/authentication/email_and_password.d.ts +9 -0
  38. package/dist/cordova/src/api/authentication/recaptcha.d.ts +16 -0
  39. package/dist/cordova/src/api/authentication/sign_up.d.ts +4 -0
  40. package/dist/cordova/src/api/errors.d.ts +9 -1
  41. package/dist/cordova/src/api/index.d.ts +17 -2
  42. package/dist/cordova/src/core/auth/auth_impl.d.ts +9 -1
  43. package/dist/cordova/src/core/errors.d.ts +18 -1
  44. package/dist/cordova/src/core/index.d.ts +27 -0
  45. package/dist/cordova/src/core/util/handler.d.ts +1 -1
  46. package/dist/cordova/src/core/util/log.d.ts +1 -0
  47. package/dist/cordova/src/mfa/assertions/totp.d.ts +2 -2
  48. package/dist/cordova/src/model/auth.d.ts +6 -0
  49. package/dist/cordova/src/platform_browser/auth_window.d.ts +2 -2
  50. package/dist/cordova/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  51. package/dist/cordova/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  52. package/dist/cordova/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  53. package/dist/cordova/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  54. package/dist/cordova/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  55. package/dist/cordova/src/platform_browser/strategies/popup.d.ts +1 -1
  56. package/dist/cordova/test/helpers/api/helper.d.ts +2 -0
  57. package/dist/cordova/test/helpers/mock_auth.d.ts +5 -0
  58. package/dist/esm2017/{index-2d01563f.js → index-1124980d.js} +594 -210
  59. package/dist/esm2017/index-1124980d.js.map +1 -0
  60. package/dist/esm2017/index.js +2 -2
  61. package/dist/esm2017/internal.js +3 -3
  62. package/dist/esm2017/src/api/authentication/email_and_password.d.ts +9 -0
  63. package/dist/esm2017/src/api/authentication/recaptcha.d.ts +16 -0
  64. package/dist/esm2017/src/api/authentication/sign_up.d.ts +4 -0
  65. package/dist/esm2017/src/api/errors.d.ts +9 -1
  66. package/dist/esm2017/src/api/index.d.ts +17 -2
  67. package/dist/esm2017/src/core/auth/auth_impl.d.ts +9 -1
  68. package/dist/esm2017/src/core/errors.d.ts +18 -1
  69. package/dist/esm2017/src/core/index.d.ts +27 -0
  70. package/dist/esm2017/src/core/util/handler.d.ts +1 -1
  71. package/dist/esm2017/src/core/util/log.d.ts +1 -0
  72. package/dist/esm2017/src/mfa/assertions/totp.d.ts +2 -2
  73. package/dist/esm2017/src/model/auth.d.ts +6 -0
  74. package/dist/esm2017/src/platform_browser/auth_window.d.ts +2 -2
  75. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  76. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  77. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  78. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  79. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  80. package/dist/esm2017/src/platform_browser/strategies/popup.d.ts +1 -1
  81. package/dist/esm2017/test/helpers/api/helper.d.ts +2 -0
  82. package/dist/esm2017/test/helpers/mock_auth.d.ts +5 -0
  83. package/dist/esm5/{index-44fc929c.js → index-169fb84f.js} +800 -290
  84. package/dist/esm5/index-169fb84f.js.map +1 -0
  85. package/dist/esm5/index.js +1 -1
  86. package/dist/esm5/internal.js +2 -2
  87. package/dist/esm5/src/api/authentication/email_and_password.d.ts +9 -0
  88. package/dist/esm5/src/api/authentication/recaptcha.d.ts +16 -0
  89. package/dist/esm5/src/api/authentication/sign_up.d.ts +4 -0
  90. package/dist/esm5/src/api/errors.d.ts +9 -1
  91. package/dist/esm5/src/api/index.d.ts +17 -2
  92. package/dist/esm5/src/core/auth/auth_impl.d.ts +9 -1
  93. package/dist/esm5/src/core/errors.d.ts +18 -1
  94. package/dist/esm5/src/core/index.d.ts +27 -0
  95. package/dist/esm5/src/core/util/handler.d.ts +1 -1
  96. package/dist/esm5/src/core/util/log.d.ts +1 -0
  97. package/dist/esm5/src/mfa/assertions/totp.d.ts +2 -2
  98. package/dist/esm5/src/model/auth.d.ts +6 -0
  99. package/dist/esm5/src/platform_browser/auth_window.d.ts +2 -2
  100. package/dist/esm5/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  101. package/dist/esm5/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  102. package/dist/esm5/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  103. package/dist/esm5/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  104. package/dist/esm5/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  105. package/dist/esm5/src/platform_browser/strategies/popup.d.ts +1 -1
  106. package/dist/esm5/test/helpers/api/helper.d.ts +2 -0
  107. package/dist/esm5/test/helpers/mock_auth.d.ts +5 -0
  108. package/dist/index.webworker.esm5.js +605 -75
  109. package/dist/index.webworker.esm5.js.map +1 -1
  110. package/dist/node/index.js +2 -1
  111. package/dist/node/index.js.map +1 -1
  112. package/dist/node/internal.js +62 -42
  113. package/dist/node/internal.js.map +1 -1
  114. package/dist/node/src/api/authentication/email_and_password.d.ts +9 -0
  115. package/dist/node/src/api/authentication/recaptcha.d.ts +16 -0
  116. package/dist/node/src/api/authentication/sign_up.d.ts +4 -0
  117. package/dist/node/src/api/errors.d.ts +9 -1
  118. package/dist/node/src/api/index.d.ts +17 -2
  119. package/dist/node/src/core/auth/auth_impl.d.ts +9 -1
  120. package/dist/node/src/core/errors.d.ts +18 -1
  121. package/dist/node/src/core/index.d.ts +27 -0
  122. package/dist/node/src/core/util/handler.d.ts +1 -1
  123. package/dist/node/src/core/util/log.d.ts +1 -0
  124. package/dist/node/src/mfa/assertions/totp.d.ts +2 -2
  125. package/dist/node/src/model/auth.d.ts +6 -0
  126. package/dist/node/src/platform_browser/auth_window.d.ts +2 -2
  127. package/dist/node/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  128. package/dist/node/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  129. package/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  130. package/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  131. package/dist/node/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  132. package/dist/node/src/platform_browser/strategies/popup.d.ts +1 -1
  133. package/dist/node/test/helpers/api/helper.d.ts +2 -0
  134. package/dist/node/test/helpers/mock_auth.d.ts +5 -0
  135. package/dist/node/{totp-5e73d8e7.js → totp-13fce87f.js} +703 -172
  136. package/dist/node/totp-13fce87f.js.map +1 -0
  137. package/dist/node-esm/index.js +1 -1
  138. package/dist/node-esm/internal.js +16 -4
  139. package/dist/node-esm/internal.js.map +1 -1
  140. package/dist/node-esm/src/api/authentication/email_and_password.d.ts +9 -0
  141. package/dist/node-esm/src/api/authentication/recaptcha.d.ts +16 -0
  142. package/dist/node-esm/src/api/authentication/sign_up.d.ts +4 -0
  143. package/dist/node-esm/src/api/errors.d.ts +9 -1
  144. package/dist/node-esm/src/api/index.d.ts +17 -2
  145. package/dist/node-esm/src/core/auth/auth_impl.d.ts +9 -1
  146. package/dist/node-esm/src/core/errors.d.ts +18 -1
  147. package/dist/node-esm/src/core/index.d.ts +27 -0
  148. package/dist/node-esm/src/core/util/handler.d.ts +1 -1
  149. package/dist/node-esm/src/core/util/log.d.ts +1 -0
  150. package/dist/node-esm/src/mfa/assertions/totp.d.ts +2 -2
  151. package/dist/node-esm/src/model/auth.d.ts +6 -0
  152. package/dist/node-esm/src/platform_browser/auth_window.d.ts +2 -2
  153. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  154. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  155. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  156. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  157. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  158. package/dist/node-esm/src/platform_browser/strategies/popup.d.ts +1 -1
  159. package/dist/node-esm/test/helpers/api/helper.d.ts +2 -0
  160. package/dist/node-esm/test/helpers/mock_auth.d.ts +5 -0
  161. package/dist/node-esm/{totp-7b645f19.js → totp-aee19ee4.js} +560 -141
  162. package/dist/node-esm/totp-aee19ee4.js.map +1 -0
  163. package/dist/rn/index.js +2 -1
  164. package/dist/rn/index.js.map +1 -1
  165. package/dist/rn/internal.js +79 -48
  166. package/dist/rn/internal.js.map +1 -1
  167. package/dist/rn/{phone-ec210006.js → phone-26700494.js} +741 -260
  168. package/dist/rn/phone-26700494.js.map +1 -0
  169. package/dist/rn/src/api/authentication/email_and_password.d.ts +9 -0
  170. package/dist/rn/src/api/authentication/recaptcha.d.ts +16 -0
  171. package/dist/rn/src/api/authentication/sign_up.d.ts +4 -0
  172. package/dist/rn/src/api/errors.d.ts +9 -1
  173. package/dist/rn/src/api/index.d.ts +17 -2
  174. package/dist/rn/src/core/auth/auth_impl.d.ts +9 -1
  175. package/dist/rn/src/core/errors.d.ts +18 -1
  176. package/dist/rn/src/core/index.d.ts +27 -0
  177. package/dist/rn/src/core/util/handler.d.ts +1 -1
  178. package/dist/rn/src/core/util/log.d.ts +1 -0
  179. package/dist/rn/src/mfa/assertions/totp.d.ts +2 -2
  180. package/dist/rn/src/model/auth.d.ts +6 -0
  181. package/dist/rn/src/platform_browser/auth_window.d.ts +2 -2
  182. package/dist/rn/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  183. package/dist/rn/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  184. package/dist/rn/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  185. package/dist/rn/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  186. package/dist/rn/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  187. package/dist/rn/src/platform_browser/strategies/popup.d.ts +1 -1
  188. package/dist/rn/test/helpers/api/helper.d.ts +2 -0
  189. package/dist/rn/test/helpers/mock_auth.d.ts +5 -0
  190. package/dist/src/api/authentication/email_and_password.d.ts +9 -0
  191. package/dist/src/api/authentication/recaptcha.d.ts +16 -0
  192. package/dist/src/api/authentication/sign_up.d.ts +4 -0
  193. package/dist/src/api/errors.d.ts +9 -1
  194. package/dist/src/api/index.d.ts +17 -2
  195. package/dist/src/core/auth/auth_impl.d.ts +9 -1
  196. package/dist/src/core/errors.d.ts +18 -1
  197. package/dist/src/core/index.d.ts +27 -0
  198. package/dist/src/core/util/handler.d.ts +1 -1
  199. package/dist/src/core/util/log.d.ts +1 -0
  200. package/dist/src/mfa/assertions/totp.d.ts +2 -2
  201. package/dist/src/model/auth.d.ts +6 -0
  202. package/dist/src/platform_browser/auth_window.d.ts +2 -2
  203. package/dist/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  204. package/dist/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  205. package/dist/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  206. package/dist/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  207. package/dist/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  208. package/dist/src/platform_browser/strategies/popup.d.ts +1 -1
  209. package/dist/test/helpers/api/helper.d.ts +2 -0
  210. package/dist/test/helpers/mock_auth.d.ts +5 -0
  211. package/package.json +6 -6
  212. package/dist/browser-cjs/index-39443020.js.map +0 -1
  213. package/dist/cordova/popup_redirect-8b388294.js.map +0 -1
  214. package/dist/esm2017/index-2d01563f.js.map +0 -1
  215. package/dist/esm5/index-44fc929c.js.map +0 -1
  216. package/dist/node/totp-5e73d8e7.js.map +0 -1
  217. package/dist/node-esm/totp-7b645f19.js.map +0 -1
  218. package/dist/rn/phone-ec210006.js.map +0 -1
@@ -114,6 +114,7 @@ function _debugErrorMap() {
114
114
  _a["missing-or-invalid-nonce" /* AuthErrorCode.MISSING_OR_INVALID_NONCE */] = 'The request does not contain a valid nonce. This can occur if the ' +
115
115
  'SHA-256 hash of the provided raw nonce does not match the hashed nonce ' +
116
116
  'in the ID token payload.',
117
+ _a["missing-password" /* AuthErrorCode.MISSING_PASSWORD */] = 'A non-empty password must be provided',
117
118
  _a["missing-multi-factor-info" /* AuthErrorCode.MISSING_MFA_INFO */] = 'No second factor identifier is provided.',
118
119
  _a["missing-multi-factor-session" /* AuthErrorCode.MISSING_MFA_SESSION */] = 'The request is missing proof of first factor successful sign-in.',
119
120
  _a["missing-phone-number" /* AuthErrorCode.MISSING_PHONE_NUMBER */] = 'To send verification codes, provide a phone number for the recipient.',
@@ -167,6 +168,14 @@ function _debugErrorMap() {
167
168
  'different options. To avoid this error, call initializeAuth() with the ' +
168
169
  'same options as when it was originally called, or call getAuth() to return the' +
169
170
  ' already initialized instance.',
171
+ _a["missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */] = 'The reCAPTCHA token is missing when sending request to the backend.',
172
+ _a["invalid-recaptcha-token" /* AuthErrorCode.INVALID_RECAPTCHA_TOKEN */] = 'The reCAPTCHA token is invalid when sending request to the backend.',
173
+ _a["invalid-recaptcha-action" /* AuthErrorCode.INVALID_RECAPTCHA_ACTION */] = 'The reCAPTCHA action is invalid when sending request to the backend.',
174
+ _a["recaptcha-not-enabled" /* AuthErrorCode.RECAPTCHA_NOT_ENABLED */] = 'reCAPTCHA Enterprise integration is not enabled for this project.',
175
+ _a["missing-client-type" /* AuthErrorCode.MISSING_CLIENT_TYPE */] = 'The reCAPTCHA client type is missing when sending request to the backend.',
176
+ _a["missing-recaptcha-version" /* AuthErrorCode.MISSING_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is missing when sending request to the backend.',
177
+ _a["invalid-req-type" /* AuthErrorCode.INVALID_REQ_TYPE */] = 'Invalid request parameters.',
178
+ _a["invalid-recaptcha-version" /* AuthErrorCode.INVALID_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is invalid when sending request to the backend.',
170
179
  _a;
171
180
  }
172
181
  function _prodErrorMap() {
@@ -303,7 +312,15 @@ var AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = {
303
312
  USER_SIGNED_OUT: 'auth/user-signed-out',
304
313
  WEAK_PASSWORD: 'auth/weak-password',
305
314
  WEB_STORAGE_UNSUPPORTED: 'auth/web-storage-unsupported',
306
- ALREADY_INITIALIZED: 'auth/already-initialized'
315
+ ALREADY_INITIALIZED: 'auth/already-initialized',
316
+ RECAPTCHA_NOT_ENABLED: 'auth/recaptcha-not-enabled',
317
+ MISSING_RECAPTCHA_TOKEN: 'auth/missing-recaptcha-token',
318
+ INVALID_RECAPTCHA_TOKEN: 'auth/invalid-recaptcha-token',
319
+ INVALID_RECAPTCHA_ACTION: 'auth/invalid-recaptcha-action',
320
+ MISSING_CLIENT_TYPE: 'auth/missing-client-type',
321
+ MISSING_RECAPTCHA_VERSION: 'auth/missing-recaptcha-version',
322
+ INVALID_RECAPTCHA_VERSION: 'auth/invalid-recaptcha-version',
323
+ INVALID_REQ_TYPE: 'auth/invalid-req-type'
307
324
  };
308
325
 
309
326
  /**
@@ -323,6 +340,15 @@ var AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = {
323
340
  * limitations under the License.
324
341
  */
325
342
  var logClient = new Logger('@firebase/auth');
343
+ function _logWarn(msg) {
344
+ var args = [];
345
+ for (var _i = 1; _i < arguments.length; _i++) {
346
+ args[_i - 1] = arguments[_i];
347
+ }
348
+ if (logClient.logLevel <= LogLevel.WARN) {
349
+ logClient.warn.apply(logClient, __spreadArray(["Auth (".concat(SDK_VERSION, "): ").concat(msg)], args, false));
350
+ }
351
+ }
326
352
  function _logError(msg) {
327
353
  var args = [];
328
354
  for (var _i = 1; _i < arguments.length; _i++) {
@@ -523,7 +549,7 @@ function _initializeAuthInstance(auth, deps) {
523
549
  }
524
550
 
525
551
  var name = "@firebase/auth";
526
- var version = "0.21.6";
552
+ var version = "0.22.0-canary.1d6771eb3";
527
553
 
528
554
  /**
529
555
  * @license
@@ -905,7 +931,7 @@ var SERVER_ERROR_MAP = (_a$1 = {},
905
931
  // Sign in with email and password errors (some apply to sign up too).
906
932
  _a$1["INVALID_PASSWORD" /* ServerError.INVALID_PASSWORD */] = "wrong-password" /* AuthErrorCode.INVALID_PASSWORD */,
907
933
  // This can only happen if the SDK sends a bad request.
908
- _a$1["MISSING_PASSWORD" /* ServerError.MISSING_PASSWORD */] = "internal-error" /* AuthErrorCode.INTERNAL_ERROR */,
934
+ _a$1["MISSING_PASSWORD" /* ServerError.MISSING_PASSWORD */] = "missing-password" /* AuthErrorCode.MISSING_PASSWORD */,
909
935
  // Sign up with email and password errors.
910
936
  _a$1["EMAIL_EXISTS" /* ServerError.EMAIL_EXISTS */] = "email-already-in-use" /* AuthErrorCode.EMAIL_EXISTS */,
911
937
  _a$1["PASSWORD_LOGIN_DISABLED" /* ServerError.PASSWORD_LOGIN_DISABLED */] = "operation-not-allowed" /* AuthErrorCode.OPERATION_NOT_ALLOWED */,
@@ -953,6 +979,15 @@ var SERVER_ERROR_MAP = (_a$1 = {},
953
979
  _a$1["SECOND_FACTOR_LIMIT_EXCEEDED" /* ServerError.SECOND_FACTOR_LIMIT_EXCEEDED */] = "maximum-second-factor-count-exceeded" /* AuthErrorCode.SECOND_FACTOR_LIMIT_EXCEEDED */,
954
980
  // Blocking functions related errors.
955
981
  _a$1["BLOCKING_FUNCTION_ERROR_RESPONSE" /* ServerError.BLOCKING_FUNCTION_ERROR_RESPONSE */] = "internal-error" /* AuthErrorCode.INTERNAL_ERROR */,
982
+ // Recaptcha related errors.
983
+ _a$1["RECAPTCHA_NOT_ENABLED" /* ServerError.RECAPTCHA_NOT_ENABLED */] = "recaptcha-not-enabled" /* AuthErrorCode.RECAPTCHA_NOT_ENABLED */,
984
+ _a$1["MISSING_RECAPTCHA_TOKEN" /* ServerError.MISSING_RECAPTCHA_TOKEN */] = "missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */,
985
+ _a$1["INVALID_RECAPTCHA_TOKEN" /* ServerError.INVALID_RECAPTCHA_TOKEN */] = "invalid-recaptcha-token" /* AuthErrorCode.INVALID_RECAPTCHA_TOKEN */,
986
+ _a$1["INVALID_RECAPTCHA_ACTION" /* ServerError.INVALID_RECAPTCHA_ACTION */] = "invalid-recaptcha-action" /* AuthErrorCode.INVALID_RECAPTCHA_ACTION */,
987
+ _a$1["MISSING_CLIENT_TYPE" /* ServerError.MISSING_CLIENT_TYPE */] = "missing-client-type" /* AuthErrorCode.MISSING_CLIENT_TYPE */,
988
+ _a$1["MISSING_RECAPTCHA_VERSION" /* ServerError.MISSING_RECAPTCHA_VERSION */] = "missing-recaptcha-version" /* AuthErrorCode.MISSING_RECAPTCHA_VERSION */,
989
+ _a$1["INVALID_RECAPTCHA_VERSION" /* ServerError.INVALID_RECAPTCHA_VERSION */] = "invalid-recaptcha-version" /* AuthErrorCode.INVALID_RECAPTCHA_VERSION */,
990
+ _a$1["INVALID_REQ_TYPE" /* ServerError.INVALID_REQ_TYPE */] = "invalid-req-type" /* AuthErrorCode.INVALID_REQ_TYPE */,
956
991
  _a$1);
957
992
 
958
993
  /**
@@ -2330,6 +2365,271 @@ var PersistenceUserManager = /** @class */ (function () {
2330
2365
  return PersistenceUserManager;
2331
2366
  }());
2332
2367
 
2368
+ /**
2369
+ * @license
2370
+ * Copyright 2020 Google LLC
2371
+ *
2372
+ * Licensed under the Apache License, Version 2.0 (the "License");
2373
+ * you may not use this file except in compliance with the License.
2374
+ * You may obtain a copy of the License at
2375
+ *
2376
+ * http://www.apache.org/licenses/LICENSE-2.0
2377
+ *
2378
+ * Unless required by applicable law or agreed to in writing, software
2379
+ * distributed under the License is distributed on an "AS IS" BASIS,
2380
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2381
+ * See the License for the specific language governing permissions and
2382
+ * limitations under the License.
2383
+ */
2384
+ function getRecaptchaConfig(auth, request) {
2385
+ return __awaiter(this, void 0, void 0, function () {
2386
+ return __generator(this, function (_a) {
2387
+ return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/recaptchaConfig" /* Endpoint.GET_RECAPTCHA_CONFIG */, _addTidIfNecessary(auth, request))];
2388
+ });
2389
+ });
2390
+ }
2391
+
2392
+ /**
2393
+ * @license
2394
+ * Copyright 2020 Google LLC
2395
+ *
2396
+ * Licensed under the Apache License, Version 2.0 (the "License");
2397
+ * you may not use this file except in compliance with the License.
2398
+ * You may obtain a copy of the License at
2399
+ *
2400
+ * http://www.apache.org/licenses/LICENSE-2.0
2401
+ *
2402
+ * Unless required by applicable law or agreed to in writing, software
2403
+ * distributed under the License is distributed on an "AS IS" BASIS,
2404
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2405
+ * See the License for the specific language governing permissions and
2406
+ * limitations under the License.
2407
+ */
2408
+ function isEnterprise(grecaptcha) {
2409
+ return (grecaptcha !== undefined &&
2410
+ grecaptcha.enterprise !== undefined);
2411
+ }
2412
+ var RecaptchaConfig = /** @class */ (function () {
2413
+ function RecaptchaConfig(response) {
2414
+ /**
2415
+ * The reCAPTCHA site key.
2416
+ */
2417
+ this.siteKey = '';
2418
+ /**
2419
+ * The reCAPTCHA enablement status of the {@link EmailAuthProvider} for the current tenant.
2420
+ */
2421
+ this.emailPasswordEnabled = false;
2422
+ if (response.recaptchaKey === undefined) {
2423
+ throw new Error('recaptchaKey undefined');
2424
+ }
2425
+ // Example response.recaptchaKey: "projects/proj123/keys/sitekey123"
2426
+ this.siteKey = response.recaptchaKey.split('/')[3];
2427
+ this.emailPasswordEnabled = response.recaptchaEnforcementState.some(function (enforcementState) {
2428
+ return enforcementState.provider === 'EMAIL_PASSWORD_PROVIDER' &&
2429
+ enforcementState.enforcementState !== 'OFF';
2430
+ });
2431
+ }
2432
+ return RecaptchaConfig;
2433
+ }());
2434
+
2435
+ /**
2436
+ * @license
2437
+ * Copyright 2020 Google LLC
2438
+ *
2439
+ * Licensed under the Apache License, Version 2.0 (the "License");
2440
+ * you may not use this file except in compliance with the License.
2441
+ * You may obtain a copy of the License at
2442
+ *
2443
+ * http://www.apache.org/licenses/LICENSE-2.0
2444
+ *
2445
+ * Unless required by applicable law or agreed to in writing, software
2446
+ * distributed under the License is distributed on an "AS IS" BASIS,
2447
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2448
+ * See the License for the specific language governing permissions and
2449
+ * limitations under the License.
2450
+ */
2451
+ function getScriptParentElement() {
2452
+ var _a, _b;
2453
+ return (_b = (_a = document.getElementsByTagName('head')) === null || _a === void 0 ? void 0 : _a[0]) !== null && _b !== void 0 ? _b : document;
2454
+ }
2455
+ function _loadJS(url) {
2456
+ // TODO: consider adding timeout support & cancellation
2457
+ return new Promise(function (resolve, reject) {
2458
+ var el = document.createElement('script');
2459
+ el.setAttribute('src', url);
2460
+ el.onload = resolve;
2461
+ el.onerror = function (e) {
2462
+ var error = _createError("internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
2463
+ error.customData = e;
2464
+ reject(error);
2465
+ };
2466
+ el.type = 'text/javascript';
2467
+ el.charset = 'UTF-8';
2468
+ getScriptParentElement().appendChild(el);
2469
+ });
2470
+ }
2471
+
2472
+ /* eslint-disable @typescript-eslint/no-require-imports */
2473
+ var RECAPTCHA_ENTERPRISE_URL = 'https://www.google.com/recaptcha/enterprise.js?render=';
2474
+ var RECAPTCHA_ENTERPRISE_VERIFIER_TYPE = 'recaptcha-enterprise';
2475
+ var RecaptchaEnterpriseVerifier = /** @class */ (function () {
2476
+ /**
2477
+ *
2478
+ * @param authExtern - The corresponding Firebase {@link Auth} instance.
2479
+ *
2480
+ */
2481
+ function RecaptchaEnterpriseVerifier(authExtern) {
2482
+ /**
2483
+ * Identifies the type of application verifier (e.g. "recaptcha-enterprise").
2484
+ */
2485
+ this.type = RECAPTCHA_ENTERPRISE_VERIFIER_TYPE;
2486
+ this.auth = _castAuth(authExtern);
2487
+ }
2488
+ /**
2489
+ * Executes the verification process.
2490
+ *
2491
+ * @returns A Promise for a token that can be used to assert the validity of a request.
2492
+ */
2493
+ RecaptchaEnterpriseVerifier.prototype.verify = function (action, forceRefresh) {
2494
+ if (action === void 0) { action = 'verify'; }
2495
+ if (forceRefresh === void 0) { forceRefresh = false; }
2496
+ return __awaiter(this, void 0, void 0, function () {
2497
+ function retrieveSiteKey(auth) {
2498
+ return __awaiter(this, void 0, void 0, function () {
2499
+ var _this = this;
2500
+ return __generator(this, function (_a) {
2501
+ if (!forceRefresh) {
2502
+ if (auth.tenantId == null && auth._agentRecaptchaConfig != null) {
2503
+ return [2 /*return*/, auth._agentRecaptchaConfig.siteKey];
2504
+ }
2505
+ if (auth.tenantId != null &&
2506
+ auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined) {
2507
+ return [2 /*return*/, auth._tenantRecaptchaConfigs[auth.tenantId].siteKey];
2508
+ }
2509
+ }
2510
+ return [2 /*return*/, new Promise(function (resolve, reject) { return __awaiter(_this, void 0, void 0, function () {
2511
+ return __generator(this, function (_a) {
2512
+ getRecaptchaConfig(auth, {
2513
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
2514
+ version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
2515
+ })
2516
+ .then(function (response) {
2517
+ if (response.recaptchaKey === undefined) {
2518
+ reject(new Error('recaptcha Enterprise site key undefined'));
2519
+ }
2520
+ else {
2521
+ var config = new RecaptchaConfig(response);
2522
+ if (auth.tenantId == null) {
2523
+ auth._agentRecaptchaConfig = config;
2524
+ }
2525
+ else {
2526
+ auth._tenantRecaptchaConfigs[auth.tenantId] = config;
2527
+ }
2528
+ return resolve(config.siteKey);
2529
+ }
2530
+ })
2531
+ .catch(function (error) {
2532
+ reject(error);
2533
+ });
2534
+ return [2 /*return*/];
2535
+ });
2536
+ }); })];
2537
+ });
2538
+ });
2539
+ }
2540
+ function retrieveRecaptchaToken(siteKey, resolve, reject) {
2541
+ var grecaptcha = window.grecaptcha;
2542
+ if (isEnterprise(grecaptcha)) {
2543
+ grecaptcha.enterprise.ready(function () {
2544
+ try {
2545
+ grecaptcha.enterprise
2546
+ .execute(siteKey, { action: action })
2547
+ .then(function (token) {
2548
+ resolve(token);
2549
+ })
2550
+ .catch(function (error) {
2551
+ reject(error);
2552
+ });
2553
+ }
2554
+ catch (error) {
2555
+ reject(error);
2556
+ }
2557
+ });
2558
+ }
2559
+ else {
2560
+ reject(Error('No reCAPTCHA enterprise script loaded.'));
2561
+ }
2562
+ }
2563
+ var _this = this;
2564
+ return __generator(this, function (_a) {
2565
+ return [2 /*return*/, new Promise(function (resolve, reject) {
2566
+ retrieveSiteKey(_this.auth)
2567
+ .then(function (siteKey) {
2568
+ if (!forceRefresh && isEnterprise(window.grecaptcha)) {
2569
+ retrieveRecaptchaToken(siteKey, resolve, reject);
2570
+ }
2571
+ else {
2572
+ if (typeof window === 'undefined') {
2573
+ reject(new Error('RecaptchaVerifier is only supported in browser'));
2574
+ return;
2575
+ }
2576
+ _loadJS(RECAPTCHA_ENTERPRISE_URL + siteKey)
2577
+ .then(function () {
2578
+ retrieveRecaptchaToken(siteKey, resolve, reject);
2579
+ })
2580
+ .catch(function (error) {
2581
+ reject(error);
2582
+ });
2583
+ }
2584
+ })
2585
+ .catch(function (error) {
2586
+ reject(error);
2587
+ });
2588
+ })];
2589
+ });
2590
+ });
2591
+ };
2592
+ return RecaptchaEnterpriseVerifier;
2593
+ }());
2594
+ function injectRecaptchaFields(auth, request, action, captchaResp) {
2595
+ if (captchaResp === void 0) { captchaResp = false; }
2596
+ return __awaiter(this, void 0, void 0, function () {
2597
+ var verifier, captchaResponse, newRequest;
2598
+ return __generator(this, function (_a) {
2599
+ switch (_a.label) {
2600
+ case 0:
2601
+ verifier = new RecaptchaEnterpriseVerifier(auth);
2602
+ _a.label = 1;
2603
+ case 1:
2604
+ _a.trys.push([1, 3, , 5]);
2605
+ return [4 /*yield*/, verifier.verify(action)];
2606
+ case 2:
2607
+ captchaResponse = _a.sent();
2608
+ return [3 /*break*/, 5];
2609
+ case 3:
2610
+ _a.sent();
2611
+ return [4 /*yield*/, verifier.verify(action, true)];
2612
+ case 4:
2613
+ captchaResponse = _a.sent();
2614
+ return [3 /*break*/, 5];
2615
+ case 5:
2616
+ newRequest = __assign({}, request);
2617
+ if (!captchaResp) {
2618
+ Object.assign(newRequest, { captchaResponse: captchaResponse });
2619
+ }
2620
+ else {
2621
+ Object.assign(newRequest, { 'captchaResp': captchaResponse });
2622
+ }
2623
+ Object.assign(newRequest, { 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ });
2624
+ Object.assign(newRequest, {
2625
+ 'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
2626
+ });
2627
+ return [2 /*return*/, newRequest];
2628
+ }
2629
+ });
2630
+ });
2631
+ }
2632
+
2333
2633
  /**
2334
2634
  * @license
2335
2635
  * Copyright 2022 Google LLC
@@ -2451,9 +2751,10 @@ var AuthMiddlewareQueue = /** @class */ (function () {
2451
2751
  * limitations under the License.
2452
2752
  */
2453
2753
  var AuthImpl = /** @class */ (function () {
2454
- function AuthImpl(app, heartbeatServiceProvider, config) {
2754
+ function AuthImpl(app, heartbeatServiceProvider, appCheckServiceProvider, config) {
2455
2755
  this.app = app;
2456
2756
  this.heartbeatServiceProvider = heartbeatServiceProvider;
2757
+ this.appCheckServiceProvider = appCheckServiceProvider;
2457
2758
  this.config = config;
2458
2759
  this.currentUser = null;
2459
2760
  this.emulatorConfig = null;
@@ -2471,6 +2772,8 @@ var AuthImpl = /** @class */ (function () {
2471
2772
  this._initializationPromise = null;
2472
2773
  this._popupRedirectResolver = null;
2473
2774
  this._errorFactory = _DEFAULT_AUTH_ERROR_FACTORY;
2775
+ this._agentRecaptchaConfig = null;
2776
+ this._tenantRecaptchaConfigs = {};
2474
2777
  // Tracks the last notified UID for state change listeners to prevent
2475
2778
  // repeated calls to the callbacks. Undefined means it's never been
2476
2779
  // called, whereas null means it's been called with a signed out user
@@ -2800,6 +3103,41 @@ var AuthImpl = /** @class */ (function () {
2800
3103
  });
2801
3104
  }); });
2802
3105
  };
3106
+ AuthImpl.prototype.initializeRecaptchaConfig = function () {
3107
+ return __awaiter(this, void 0, void 0, function () {
3108
+ var response, config, verifier;
3109
+ return __generator(this, function (_a) {
3110
+ switch (_a.label) {
3111
+ case 0: return [4 /*yield*/, getRecaptchaConfig(this, {
3112
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
3113
+ version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
3114
+ })];
3115
+ case 1:
3116
+ response = _a.sent();
3117
+ config = new RecaptchaConfig(response);
3118
+ if (this.tenantId == null) {
3119
+ this._agentRecaptchaConfig = config;
3120
+ }
3121
+ else {
3122
+ this._tenantRecaptchaConfigs[this.tenantId] = config;
3123
+ }
3124
+ if (config.emailPasswordEnabled) {
3125
+ verifier = new RecaptchaEnterpriseVerifier(this);
3126
+ void verifier.verify();
3127
+ }
3128
+ return [2 /*return*/];
3129
+ }
3130
+ });
3131
+ });
3132
+ };
3133
+ AuthImpl.prototype._getRecaptchaConfig = function () {
3134
+ if (this.tenantId == null) {
3135
+ return this._agentRecaptchaConfig;
3136
+ }
3137
+ else {
3138
+ return this._tenantRecaptchaConfigs[this.tenantId];
3139
+ }
3140
+ };
2803
3141
  AuthImpl.prototype._getPersistence = function () {
2804
3142
  return this.assertedPersistence.persistence.type;
2805
3143
  };
@@ -3027,7 +3365,7 @@ var AuthImpl = /** @class */ (function () {
3027
3365
  AuthImpl.prototype._getAdditionalHeaders = function () {
3028
3366
  var _a;
3029
3367
  return __awaiter(this, void 0, void 0, function () {
3030
- var headers, heartbeatsHeader;
3368
+ var headers, heartbeatsHeader, appCheckToken;
3031
3369
  var _b;
3032
3370
  return __generator(this, function (_c) {
3033
3371
  switch (_c.label) {
@@ -3047,11 +3385,39 @@ var AuthImpl = /** @class */ (function () {
3047
3385
  if (heartbeatsHeader) {
3048
3386
  headers["X-Firebase-Client" /* HttpHeader.X_FIREBASE_CLIENT */] = heartbeatsHeader;
3049
3387
  }
3388
+ return [4 /*yield*/, this._getAppCheckToken()];
3389
+ case 2:
3390
+ appCheckToken = _c.sent();
3391
+ if (appCheckToken) {
3392
+ headers["X-Firebase-AppCheck" /* HttpHeader.X_FIREBASE_APP_CHECK */] = appCheckToken;
3393
+ }
3050
3394
  return [2 /*return*/, headers];
3051
3395
  }
3052
3396
  });
3053
3397
  });
3054
3398
  };
3399
+ AuthImpl.prototype._getAppCheckToken = function () {
3400
+ var _a;
3401
+ return __awaiter(this, void 0, void 0, function () {
3402
+ var appCheckTokenResult;
3403
+ return __generator(this, function (_b) {
3404
+ switch (_b.label) {
3405
+ case 0: return [4 /*yield*/, ((_a = this.appCheckServiceProvider
3406
+ .getImmediate({ optional: true })) === null || _a === void 0 ? void 0 : _a.getToken())];
3407
+ case 1:
3408
+ appCheckTokenResult = _b.sent();
3409
+ if (appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.error) {
3410
+ // Context: appCheck.getToken() will never throw even if an error happened.
3411
+ // In the error case, a dummy token will be returned along with an error field describing
3412
+ // the error. In general, we shouldn't care about the error condition and just use
3413
+ // the token (actual or dummy) to send requests.
3414
+ _logWarn("Error while retrieving App Check token: ".concat(appCheckTokenResult.error));
3415
+ }
3416
+ return [2 /*return*/, appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.token];
3417
+ }
3418
+ });
3419
+ });
3420
+ };
3055
3421
  return AuthImpl;
3056
3422
  }());
3057
3423
  /**
@@ -3200,26 +3566,25 @@ function registerAuth(clientPlatform) {
3200
3566
  var deps = _a.options;
3201
3567
  var app = container.getProvider('app').getImmediate();
3202
3568
  var heartbeatServiceProvider = container.getProvider('heartbeat');
3569
+ var appCheckServiceProvider = container.getProvider('app-check-internal');
3203
3570
  var _b = app.options, apiKey = _b.apiKey, authDomain = _b.authDomain;
3204
- return (function (app, heartbeatServiceProvider) {
3205
- _assert(apiKey && !apiKey.includes(':'), "invalid-api-key" /* AuthErrorCode.INVALID_API_KEY */, { appName: app.name });
3206
- // Auth domain is optional if IdP sign in isn't being used
3207
- _assert(!(authDomain === null || authDomain === void 0 ? void 0 : authDomain.includes(':')), "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */, {
3208
- appName: app.name
3209
- });
3210
- var config = {
3211
- apiKey: apiKey,
3212
- authDomain: authDomain,
3213
- clientPlatform: clientPlatform,
3214
- apiHost: "identitytoolkit.googleapis.com" /* DefaultConfig.API_HOST */,
3215
- tokenApiHost: "securetoken.googleapis.com" /* DefaultConfig.TOKEN_API_HOST */,
3216
- apiScheme: "https" /* DefaultConfig.API_SCHEME */,
3217
- sdkClientVersion: _getClientVersion(clientPlatform)
3218
- };
3219
- var authInstance = new AuthImpl(app, heartbeatServiceProvider, config);
3220
- _initializeAuthInstance(authInstance, deps);
3221
- return authInstance;
3222
- })(app, heartbeatServiceProvider);
3571
+ _assert(apiKey && !apiKey.includes(':'), "invalid-api-key" /* AuthErrorCode.INVALID_API_KEY */, { appName: app.name });
3572
+ // Auth domain is optional if IdP sign in isn't being used
3573
+ _assert(!(authDomain === null || authDomain === void 0 ? void 0 : authDomain.includes(':')), "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */, {
3574
+ appName: app.name
3575
+ });
3576
+ var config = {
3577
+ apiKey: apiKey,
3578
+ authDomain: authDomain,
3579
+ clientPlatform: clientPlatform,
3580
+ apiHost: "identitytoolkit.googleapis.com" /* DefaultConfig.API_HOST */,
3581
+ tokenApiHost: "securetoken.googleapis.com" /* DefaultConfig.TOKEN_API_HOST */,
3582
+ apiScheme: "https" /* DefaultConfig.API_SCHEME */,
3583
+ sdkClientVersion: _getClientVersion(clientPlatform)
3584
+ };
3585
+ var authInstance = new AuthImpl(app, heartbeatServiceProvider, appCheckServiceProvider, config);
3586
+ _initializeAuthInstance(authInstance, deps);
3587
+ return authInstance;
3223
3588
  }, "PUBLIC" /* ComponentType.PUBLIC */)
3224
3589
  /**
3225
3590
  * Auth can only be initialized by explicitly calling getAuth() or initializeAuth()
@@ -4641,24 +5006,55 @@ var EmailAuthCredential = /** @class */ (function (_super) {
4641
5006
  };
4642
5007
  /** @internal */
4643
5008
  EmailAuthCredential.prototype._getIdTokenResponse = function (auth) {
5009
+ var _a;
4644
5010
  return __awaiter(this, void 0, void 0, function () {
4645
- return __generator(this, function (_a) {
4646
- switch (this.signInMethod) {
4647
- case "password" /* SignInMethod.EMAIL_PASSWORD */:
4648
- return [2 /*return*/, signInWithPassword(auth, {
4649
- returnSecureToken: true,
4650
- email: this._email,
4651
- password: this._password
4652
- })];
4653
- case "emailLink" /* SignInMethod.EMAIL_LINK */:
4654
- return [2 /*return*/, signInWithEmailLink$1(auth, {
4655
- email: this._email,
4656
- oobCode: this._password
4657
- })];
4658
- default:
5011
+ var _b, request_1, requestWithRecaptcha;
5012
+ var _this = this;
5013
+ return __generator(this, function (_c) {
5014
+ switch (_c.label) {
5015
+ case 0:
5016
+ _b = this.signInMethod;
5017
+ switch (_b) {
5018
+ case "password" /* SignInMethod.EMAIL_PASSWORD */: return [3 /*break*/, 1];
5019
+ case "emailLink" /* SignInMethod.EMAIL_LINK */: return [3 /*break*/, 4];
5020
+ }
5021
+ return [3 /*break*/, 5];
5022
+ case 1:
5023
+ request_1 = {
5024
+ returnSecureToken: true,
5025
+ email: this._email,
5026
+ password: this._password,
5027
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
5028
+ };
5029
+ if (!((_a = auth._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled)) return [3 /*break*/, 3];
5030
+ return [4 /*yield*/, injectRecaptchaFields(auth, request_1, "signInWithPassword" /* RecaptchaActionName.SIGN_IN_WITH_PASSWORD */)];
5031
+ case 2:
5032
+ requestWithRecaptcha = _c.sent();
5033
+ return [2 /*return*/, signInWithPassword(auth, requestWithRecaptcha)];
5034
+ case 3: return [2 /*return*/, signInWithPassword(auth, request_1).catch(function (error) { return __awaiter(_this, void 0, void 0, function () {
5035
+ var requestWithRecaptcha;
5036
+ return __generator(this, function (_a) {
5037
+ switch (_a.label) {
5038
+ case 0:
5039
+ if (!(error.code === "auth/".concat("missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */))) return [3 /*break*/, 2];
5040
+ console.log('Sign-in with email address and password is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-in flow.');
5041
+ return [4 /*yield*/, injectRecaptchaFields(auth, request_1, "signInWithPassword" /* RecaptchaActionName.SIGN_IN_WITH_PASSWORD */)];
5042
+ case 1:
5043
+ requestWithRecaptcha = _a.sent();
5044
+ return [2 /*return*/, signInWithPassword(auth, requestWithRecaptcha)];
5045
+ case 2: return [2 /*return*/, Promise.reject(error)];
5046
+ }
5047
+ });
5048
+ }); })];
5049
+ case 4: return [2 /*return*/, signInWithEmailLink$1(auth, {
5050
+ email: this._email,
5051
+ oobCode: this._password
5052
+ })];
5053
+ case 5:
4659
5054
  _fail(auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
5055
+ _c.label = 6;
5056
+ case 6: return [2 /*return*/];
4660
5057
  }
4661
- return [2 /*return*/];
4662
5058
  });
4663
5059
  });
4664
5060
  };
@@ -6838,23 +7234,61 @@ function _setActionCodeSettingsOnRequest(auth, request, actionCodeSettings) {
6838
7234
  * @public
6839
7235
  */
6840
7236
  function sendPasswordResetEmail(auth, email, actionCodeSettings) {
7237
+ var _a;
6841
7238
  return __awaiter(this, void 0, void 0, function () {
6842
- var authModular, request;
6843
- return __generator(this, function (_a) {
6844
- switch (_a.label) {
7239
+ var authInternal, request, requestWithRecaptcha;
7240
+ var _this = this;
7241
+ return __generator(this, function (_b) {
7242
+ switch (_b.label) {
6845
7243
  case 0:
6846
- authModular = getModularInstance(auth);
7244
+ authInternal = _castAuth(auth);
6847
7245
  request = {
6848
7246
  requestType: "PASSWORD_RESET" /* ActionCodeOperation.PASSWORD_RESET */,
6849
- email: email
7247
+ email: email,
7248
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
6850
7249
  };
7250
+ if (!((_a = authInternal._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled)) return [3 /*break*/, 3];
7251
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true)];
7252
+ case 1:
7253
+ requestWithRecaptcha = _b.sent();
6851
7254
  if (actionCodeSettings) {
6852
- _setActionCodeSettingsOnRequest(authModular, request, actionCodeSettings);
7255
+ _setActionCodeSettingsOnRequest(authInternal, requestWithRecaptcha, actionCodeSettings);
6853
7256
  }
6854
- return [4 /*yield*/, sendPasswordResetEmail$1(authModular, request)];
6855
- case 1:
6856
- _a.sent();
6857
- return [2 /*return*/];
7257
+ return [4 /*yield*/, sendPasswordResetEmail$1(authInternal, requestWithRecaptcha)];
7258
+ case 2:
7259
+ _b.sent();
7260
+ return [3 /*break*/, 5];
7261
+ case 3:
7262
+ if (actionCodeSettings) {
7263
+ _setActionCodeSettingsOnRequest(authInternal, request, actionCodeSettings);
7264
+ }
7265
+ return [4 /*yield*/, sendPasswordResetEmail$1(authInternal, request)
7266
+ .catch(function (error) { return __awaiter(_this, void 0, void 0, function () {
7267
+ var requestWithRecaptcha;
7268
+ return __generator(this, function (_a) {
7269
+ switch (_a.label) {
7270
+ case 0:
7271
+ if (!(error.code === "auth/".concat("missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */))) return [3 /*break*/, 3];
7272
+ console.log('Password resets are protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the password reset flow.');
7273
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true)];
7274
+ case 1:
7275
+ requestWithRecaptcha = _a.sent();
7276
+ if (actionCodeSettings) {
7277
+ _setActionCodeSettingsOnRequest(authInternal, requestWithRecaptcha, actionCodeSettings);
7278
+ }
7279
+ return [4 /*yield*/, sendPasswordResetEmail$1(authInternal, requestWithRecaptcha)];
7280
+ case 2:
7281
+ _a.sent();
7282
+ return [3 /*break*/, 4];
7283
+ case 3: return [2 /*return*/, Promise.reject(error)];
7284
+ case 4: return [2 /*return*/];
7285
+ }
7286
+ });
7287
+ }); })];
7288
+ case 4:
7289
+ _b.sent();
7290
+ _b.label = 5;
7291
+ case 5: return [2 /*return*/];
6858
7292
  }
6859
7293
  });
6860
7294
  });
@@ -6999,25 +7433,54 @@ function verifyPasswordResetCode(auth, code) {
6999
7433
  * @public
7000
7434
  */
7001
7435
  function createUserWithEmailAndPassword(auth, email, password) {
7436
+ var _a;
7002
7437
  return __awaiter(this, void 0, void 0, function () {
7003
- var authInternal, response, userCredential;
7004
- return __generator(this, function (_a) {
7005
- switch (_a.label) {
7438
+ var authInternal, request, signUpResponse, requestWithRecaptcha, response, userCredential;
7439
+ var _this = this;
7440
+ return __generator(this, function (_b) {
7441
+ switch (_b.label) {
7006
7442
  case 0:
7007
7443
  authInternal = _castAuth(auth);
7008
- return [4 /*yield*/, signUp(authInternal, {
7009
- returnSecureToken: true,
7010
- email: email,
7011
- password: password
7012
- })];
7444
+ request = {
7445
+ returnSecureToken: true,
7446
+ email: email,
7447
+ password: password,
7448
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
7449
+ };
7450
+ if (!((_a = authInternal._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled)) return [3 /*break*/, 2];
7451
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */)];
7013
7452
  case 1:
7014
- response = _a.sent();
7015
- return [4 /*yield*/, UserCredentialImpl._fromIdTokenResponse(authInternal, "signIn" /* OperationType.SIGN_IN */, response)];
7453
+ requestWithRecaptcha = _b.sent();
7454
+ signUpResponse = signUp(authInternal, requestWithRecaptcha);
7455
+ return [3 /*break*/, 3];
7016
7456
  case 2:
7017
- userCredential = _a.sent();
7457
+ signUpResponse = signUp(authInternal, request).catch(function (error) { return __awaiter(_this, void 0, void 0, function () {
7458
+ var requestWithRecaptcha;
7459
+ return __generator(this, function (_a) {
7460
+ switch (_a.label) {
7461
+ case 0:
7462
+ if (!(error.code === "auth/".concat("missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */))) return [3 /*break*/, 2];
7463
+ console.log('Sign-up is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-up flow.');
7464
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */)];
7465
+ case 1:
7466
+ requestWithRecaptcha = _a.sent();
7467
+ return [2 /*return*/, signUp(authInternal, requestWithRecaptcha)];
7468
+ case 2: return [2 /*return*/, Promise.reject(error)];
7469
+ }
7470
+ });
7471
+ }); });
7472
+ _b.label = 3;
7473
+ case 3: return [4 /*yield*/, signUpResponse.catch(function (error) {
7474
+ return Promise.reject(error);
7475
+ })];
7476
+ case 4:
7477
+ response = _b.sent();
7478
+ return [4 /*yield*/, UserCredentialImpl._fromIdTokenResponse(authInternal, "signIn" /* OperationType.SIGN_IN */, response)];
7479
+ case 5:
7480
+ userCredential = _b.sent();
7018
7481
  return [4 /*yield*/, authInternal._updateCurrentUser(userCredential.user)];
7019
- case 3:
7020
- _a.sent();
7482
+ case 6:
7483
+ _b.sent();
7021
7484
  return [2 /*return*/, userCredential];
7022
7485
  }
7023
7486
  });
@@ -7098,24 +7561,61 @@ function signInWithEmailAndPassword(auth, email, password) {
7098
7561
  * @public
7099
7562
  */
7100
7563
  function sendSignInLinkToEmail(auth, email, actionCodeSettings) {
7564
+ var _a;
7101
7565
  return __awaiter(this, void 0, void 0, function () {
7102
- var authModular, request;
7103
- return __generator(this, function (_a) {
7104
- switch (_a.label) {
7566
+ function setActionCodeSettings(request, actionCodeSettings) {
7567
+ _assert(actionCodeSettings.handleCodeInApp, authInternal, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
7568
+ if (actionCodeSettings) {
7569
+ _setActionCodeSettingsOnRequest(authInternal, request, actionCodeSettings);
7570
+ }
7571
+ }
7572
+ var authInternal, request, requestWithRecaptcha;
7573
+ var _this = this;
7574
+ return __generator(this, function (_b) {
7575
+ switch (_b.label) {
7105
7576
  case 0:
7106
- authModular = getModularInstance(auth);
7577
+ authInternal = _castAuth(auth);
7107
7578
  request = {
7108
7579
  requestType: "EMAIL_SIGNIN" /* ActionCodeOperation.EMAIL_SIGNIN */,
7109
- email: email
7580
+ email: email,
7581
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
7110
7582
  };
7111
- _assert(actionCodeSettings.handleCodeInApp, authModular, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
7112
- if (actionCodeSettings) {
7113
- _setActionCodeSettingsOnRequest(authModular, request, actionCodeSettings);
7114
- }
7115
- return [4 /*yield*/, sendSignInLinkToEmail$1(authModular, request)];
7583
+ if (!((_a = authInternal._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled)) return [3 /*break*/, 3];
7584
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true)];
7116
7585
  case 1:
7117
- _a.sent();
7118
- return [2 /*return*/];
7586
+ requestWithRecaptcha = _b.sent();
7587
+ setActionCodeSettings(requestWithRecaptcha, actionCodeSettings);
7588
+ return [4 /*yield*/, sendSignInLinkToEmail$1(authInternal, requestWithRecaptcha)];
7589
+ case 2:
7590
+ _b.sent();
7591
+ return [3 /*break*/, 5];
7592
+ case 3:
7593
+ setActionCodeSettings(request, actionCodeSettings);
7594
+ return [4 /*yield*/, sendSignInLinkToEmail$1(authInternal, request)
7595
+ .catch(function (error) { return __awaiter(_this, void 0, void 0, function () {
7596
+ var requestWithRecaptcha;
7597
+ return __generator(this, function (_a) {
7598
+ switch (_a.label) {
7599
+ case 0:
7600
+ if (!(error.code === "auth/".concat("missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */))) return [3 /*break*/, 3];
7601
+ console.log('Email link sign-in is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-in flow.');
7602
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true)];
7603
+ case 1:
7604
+ requestWithRecaptcha = _a.sent();
7605
+ setActionCodeSettings(requestWithRecaptcha, actionCodeSettings);
7606
+ return [4 /*yield*/, sendSignInLinkToEmail$1(authInternal, requestWithRecaptcha)];
7607
+ case 2:
7608
+ _a.sent();
7609
+ return [3 /*break*/, 4];
7610
+ case 3: return [2 /*return*/, Promise.reject(error)];
7611
+ case 4: return [2 /*return*/];
7612
+ }
7613
+ });
7614
+ }); })];
7615
+ case 4:
7616
+ _b.sent();
7617
+ _b.label = 5;
7618
+ case 5: return [2 /*return*/];
7119
7619
  }
7120
7620
  });
7121
7621
  });
@@ -7711,11 +8211,41 @@ function getAdditionalUserInfo(userCredential) {
7711
8211
  function setPersistence(auth, persistence) {
7712
8212
  return getModularInstance(auth).setPersistence(persistence);
7713
8213
  }
8214
+ /**
8215
+ * Loads the reCAPTCHA configuration into the `Auth` instance.
8216
+ *
8217
+ * @remarks
8218
+ * This will load the reCAPTCHA config, which indicates whether the reCAPTCHA
8219
+ * verification flow should be triggered for each auth provider, into the
8220
+ * current Auth session.
8221
+ *
8222
+ * If initializeRecaptchaConfig() is not invoked, the auth flow will always start
8223
+ * without reCAPTCHA verification. If the provider is configured to require reCAPTCHA
8224
+ * verification, the SDK will transparently load the reCAPTCHA config and restart the
8225
+ * auth flows.
8226
+ *
8227
+ * Thus, by calling this optional method, you will reduce the latency of future auth flows.
8228
+ * Loading the reCAPTCHA config early will also enhance the signal collected by reCAPTCHA.
8229
+ *
8230
+ * @example
8231
+ * ```javascript
8232
+ * initializeRecaptchaConfig(auth);
8233
+ * ```
8234
+ *
8235
+ * @param auth - The {@link Auth} instance.
8236
+ *
8237
+ * @public
8238
+ */
8239
+ function initializeRecaptchaConfig(auth) {
8240
+ var authInternal = _castAuth(auth);
8241
+ return authInternal.initializeRecaptchaConfig();
8242
+ }
7714
8243
  /**
7715
8244
  * Adds an observer for changes to the signed-in user's ID token.
7716
8245
  *
7717
8246
  * @remarks
7718
8247
  * This includes sign-in, sign-out, and token refresh events.
8248
+ * This will not be triggered automatically upon ID token expiration. Use {@link User.getIdToken} to refresh the ID token.
7719
8249
  *
7720
8250
  * @param auth - The {@link Auth} instance.
7721
8251
  * @param nextOrObserver - callback triggered on change.
@@ -8135,5 +8665,5 @@ function getAuth(app) {
8135
8665
  return auth;
8136
8666
  }
8137
8667
 
8138
- export { ActionCodeOperation, ActionCodeURL, AuthCredential, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as AuthErrorCodes, EmailAuthCredential, EmailAuthProvider, FacebookAuthProvider, FactorId, GithubAuthProvider, GoogleAuthProvider, OAuthCredential, OAuthProvider, OperationType, PhoneAuthCredential, ProviderId, SAMLAuthProvider, SignInMethod, TwitterAuthProvider, applyActionCode, beforeAuthStateChanged, checkActionCode, confirmPasswordReset, connectAuthEmulator, createUserWithEmailAndPassword, debugErrorMap, deleteUser, fetchSignInMethodsForEmail, getAdditionalUserInfo, getAuth, getIdToken, getIdTokenResult, getMultiFactorResolver, inMemoryPersistence, indexedDBLocalPersistence, initializeAuth, isSignInWithEmailLink, linkWithCredential, multiFactor, onAuthStateChanged, onIdTokenChanged, parseActionCodeURL, prodErrorMap, reauthenticateWithCredential, reload, sendEmailVerification, sendPasswordResetEmail, sendSignInLinkToEmail, setPersistence, signInAnonymously, signInWithCredential, signInWithCustomToken, signInWithEmailAndPassword, signInWithEmailLink, signOut, unlink, updateCurrentUser, updateEmail, updatePassword, updateProfile, useDeviceLanguage, verifyBeforeUpdateEmail, verifyPasswordResetCode };
8668
+ export { ActionCodeOperation, ActionCodeURL, AuthCredential, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as AuthErrorCodes, EmailAuthCredential, EmailAuthProvider, FacebookAuthProvider, FactorId, GithubAuthProvider, GoogleAuthProvider, OAuthCredential, OAuthProvider, OperationType, PhoneAuthCredential, ProviderId, SAMLAuthProvider, SignInMethod, TwitterAuthProvider, applyActionCode, beforeAuthStateChanged, checkActionCode, confirmPasswordReset, connectAuthEmulator, createUserWithEmailAndPassword, debugErrorMap, deleteUser, fetchSignInMethodsForEmail, getAdditionalUserInfo, getAuth, getIdToken, getIdTokenResult, getMultiFactorResolver, inMemoryPersistence, indexedDBLocalPersistence, initializeAuth, initializeRecaptchaConfig, isSignInWithEmailLink, linkWithCredential, multiFactor, onAuthStateChanged, onIdTokenChanged, parseActionCodeURL, prodErrorMap, reauthenticateWithCredential, reload, sendEmailVerification, sendPasswordResetEmail, sendSignInLinkToEmail, setPersistence, signInAnonymously, signInWithCredential, signInWithCustomToken, signInWithEmailAndPassword, signInWithEmailLink, signOut, unlink, updateCurrentUser, updateEmail, updatePassword, updateProfile, useDeviceLanguage, verifyBeforeUpdateEmail, verifyPasswordResetCode };
8139
8669
  //# sourceMappingURL=index.webworker.esm5.js.map