@firebase/auth 0.21.6 → 0.22.0-canary.1d6771eb3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (218) hide show
  1. package/CHANGELOG.md +10 -0
  2. package/README.md +5 -0
  3. package/dist/auth-public.d.ts +59 -3
  4. package/dist/auth.d.ts +74 -13
  5. package/dist/browser-cjs/{index-39443020.js → index-7393ca6a.js} +593 -208
  6. package/dist/browser-cjs/index-7393ca6a.js.map +1 -0
  7. package/dist/browser-cjs/index.js +3 -2
  8. package/dist/browser-cjs/index.js.map +1 -1
  9. package/dist/browser-cjs/internal.js +3 -2
  10. package/dist/browser-cjs/internal.js.map +1 -1
  11. package/dist/browser-cjs/src/api/authentication/email_and_password.d.ts +9 -0
  12. package/dist/browser-cjs/src/api/authentication/recaptcha.d.ts +16 -0
  13. package/dist/browser-cjs/src/api/authentication/sign_up.d.ts +4 -0
  14. package/dist/browser-cjs/src/api/errors.d.ts +9 -1
  15. package/dist/browser-cjs/src/api/index.d.ts +17 -2
  16. package/dist/browser-cjs/src/core/auth/auth_impl.d.ts +9 -1
  17. package/dist/browser-cjs/src/core/errors.d.ts +18 -1
  18. package/dist/browser-cjs/src/core/index.d.ts +27 -0
  19. package/dist/browser-cjs/src/core/util/handler.d.ts +1 -1
  20. package/dist/browser-cjs/src/core/util/log.d.ts +1 -0
  21. package/dist/browser-cjs/src/mfa/assertions/totp.d.ts +2 -2
  22. package/dist/browser-cjs/src/model/auth.d.ts +6 -0
  23. package/dist/browser-cjs/src/platform_browser/auth_window.d.ts +2 -2
  24. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  25. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  26. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  27. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  28. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  29. package/dist/browser-cjs/src/platform_browser/strategies/popup.d.ts +1 -1
  30. package/dist/browser-cjs/test/helpers/api/helper.d.ts +2 -0
  31. package/dist/browser-cjs/test/helpers/mock_auth.d.ts +5 -0
  32. package/dist/cordova/index.js +2 -2
  33. package/dist/cordova/internal.js +21 -77
  34. package/dist/cordova/internal.js.map +1 -1
  35. package/dist/cordova/{popup_redirect-8b388294.js → popup_redirect-eae95465.js} +781 -215
  36. package/dist/cordova/popup_redirect-eae95465.js.map +1 -0
  37. package/dist/cordova/src/api/authentication/email_and_password.d.ts +9 -0
  38. package/dist/cordova/src/api/authentication/recaptcha.d.ts +16 -0
  39. package/dist/cordova/src/api/authentication/sign_up.d.ts +4 -0
  40. package/dist/cordova/src/api/errors.d.ts +9 -1
  41. package/dist/cordova/src/api/index.d.ts +17 -2
  42. package/dist/cordova/src/core/auth/auth_impl.d.ts +9 -1
  43. package/dist/cordova/src/core/errors.d.ts +18 -1
  44. package/dist/cordova/src/core/index.d.ts +27 -0
  45. package/dist/cordova/src/core/util/handler.d.ts +1 -1
  46. package/dist/cordova/src/core/util/log.d.ts +1 -0
  47. package/dist/cordova/src/mfa/assertions/totp.d.ts +2 -2
  48. package/dist/cordova/src/model/auth.d.ts +6 -0
  49. package/dist/cordova/src/platform_browser/auth_window.d.ts +2 -2
  50. package/dist/cordova/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  51. package/dist/cordova/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  52. package/dist/cordova/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  53. package/dist/cordova/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  54. package/dist/cordova/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  55. package/dist/cordova/src/platform_browser/strategies/popup.d.ts +1 -1
  56. package/dist/cordova/test/helpers/api/helper.d.ts +2 -0
  57. package/dist/cordova/test/helpers/mock_auth.d.ts +5 -0
  58. package/dist/esm2017/{index-2d01563f.js → index-1124980d.js} +594 -210
  59. package/dist/esm2017/index-1124980d.js.map +1 -0
  60. package/dist/esm2017/index.js +2 -2
  61. package/dist/esm2017/internal.js +3 -3
  62. package/dist/esm2017/src/api/authentication/email_and_password.d.ts +9 -0
  63. package/dist/esm2017/src/api/authentication/recaptcha.d.ts +16 -0
  64. package/dist/esm2017/src/api/authentication/sign_up.d.ts +4 -0
  65. package/dist/esm2017/src/api/errors.d.ts +9 -1
  66. package/dist/esm2017/src/api/index.d.ts +17 -2
  67. package/dist/esm2017/src/core/auth/auth_impl.d.ts +9 -1
  68. package/dist/esm2017/src/core/errors.d.ts +18 -1
  69. package/dist/esm2017/src/core/index.d.ts +27 -0
  70. package/dist/esm2017/src/core/util/handler.d.ts +1 -1
  71. package/dist/esm2017/src/core/util/log.d.ts +1 -0
  72. package/dist/esm2017/src/mfa/assertions/totp.d.ts +2 -2
  73. package/dist/esm2017/src/model/auth.d.ts +6 -0
  74. package/dist/esm2017/src/platform_browser/auth_window.d.ts +2 -2
  75. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  76. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  77. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  78. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  79. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  80. package/dist/esm2017/src/platform_browser/strategies/popup.d.ts +1 -1
  81. package/dist/esm2017/test/helpers/api/helper.d.ts +2 -0
  82. package/dist/esm2017/test/helpers/mock_auth.d.ts +5 -0
  83. package/dist/esm5/{index-44fc929c.js → index-169fb84f.js} +800 -290
  84. package/dist/esm5/index-169fb84f.js.map +1 -0
  85. package/dist/esm5/index.js +1 -1
  86. package/dist/esm5/internal.js +2 -2
  87. package/dist/esm5/src/api/authentication/email_and_password.d.ts +9 -0
  88. package/dist/esm5/src/api/authentication/recaptcha.d.ts +16 -0
  89. package/dist/esm5/src/api/authentication/sign_up.d.ts +4 -0
  90. package/dist/esm5/src/api/errors.d.ts +9 -1
  91. package/dist/esm5/src/api/index.d.ts +17 -2
  92. package/dist/esm5/src/core/auth/auth_impl.d.ts +9 -1
  93. package/dist/esm5/src/core/errors.d.ts +18 -1
  94. package/dist/esm5/src/core/index.d.ts +27 -0
  95. package/dist/esm5/src/core/util/handler.d.ts +1 -1
  96. package/dist/esm5/src/core/util/log.d.ts +1 -0
  97. package/dist/esm5/src/mfa/assertions/totp.d.ts +2 -2
  98. package/dist/esm5/src/model/auth.d.ts +6 -0
  99. package/dist/esm5/src/platform_browser/auth_window.d.ts +2 -2
  100. package/dist/esm5/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  101. package/dist/esm5/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  102. package/dist/esm5/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  103. package/dist/esm5/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  104. package/dist/esm5/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  105. package/dist/esm5/src/platform_browser/strategies/popup.d.ts +1 -1
  106. package/dist/esm5/test/helpers/api/helper.d.ts +2 -0
  107. package/dist/esm5/test/helpers/mock_auth.d.ts +5 -0
  108. package/dist/index.webworker.esm5.js +605 -75
  109. package/dist/index.webworker.esm5.js.map +1 -1
  110. package/dist/node/index.js +2 -1
  111. package/dist/node/index.js.map +1 -1
  112. package/dist/node/internal.js +62 -42
  113. package/dist/node/internal.js.map +1 -1
  114. package/dist/node/src/api/authentication/email_and_password.d.ts +9 -0
  115. package/dist/node/src/api/authentication/recaptcha.d.ts +16 -0
  116. package/dist/node/src/api/authentication/sign_up.d.ts +4 -0
  117. package/dist/node/src/api/errors.d.ts +9 -1
  118. package/dist/node/src/api/index.d.ts +17 -2
  119. package/dist/node/src/core/auth/auth_impl.d.ts +9 -1
  120. package/dist/node/src/core/errors.d.ts +18 -1
  121. package/dist/node/src/core/index.d.ts +27 -0
  122. package/dist/node/src/core/util/handler.d.ts +1 -1
  123. package/dist/node/src/core/util/log.d.ts +1 -0
  124. package/dist/node/src/mfa/assertions/totp.d.ts +2 -2
  125. package/dist/node/src/model/auth.d.ts +6 -0
  126. package/dist/node/src/platform_browser/auth_window.d.ts +2 -2
  127. package/dist/node/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  128. package/dist/node/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  129. package/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  130. package/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  131. package/dist/node/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  132. package/dist/node/src/platform_browser/strategies/popup.d.ts +1 -1
  133. package/dist/node/test/helpers/api/helper.d.ts +2 -0
  134. package/dist/node/test/helpers/mock_auth.d.ts +5 -0
  135. package/dist/node/{totp-5e73d8e7.js → totp-13fce87f.js} +703 -172
  136. package/dist/node/totp-13fce87f.js.map +1 -0
  137. package/dist/node-esm/index.js +1 -1
  138. package/dist/node-esm/internal.js +16 -4
  139. package/dist/node-esm/internal.js.map +1 -1
  140. package/dist/node-esm/src/api/authentication/email_and_password.d.ts +9 -0
  141. package/dist/node-esm/src/api/authentication/recaptcha.d.ts +16 -0
  142. package/dist/node-esm/src/api/authentication/sign_up.d.ts +4 -0
  143. package/dist/node-esm/src/api/errors.d.ts +9 -1
  144. package/dist/node-esm/src/api/index.d.ts +17 -2
  145. package/dist/node-esm/src/core/auth/auth_impl.d.ts +9 -1
  146. package/dist/node-esm/src/core/errors.d.ts +18 -1
  147. package/dist/node-esm/src/core/index.d.ts +27 -0
  148. package/dist/node-esm/src/core/util/handler.d.ts +1 -1
  149. package/dist/node-esm/src/core/util/log.d.ts +1 -0
  150. package/dist/node-esm/src/mfa/assertions/totp.d.ts +2 -2
  151. package/dist/node-esm/src/model/auth.d.ts +6 -0
  152. package/dist/node-esm/src/platform_browser/auth_window.d.ts +2 -2
  153. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  154. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  155. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  156. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  157. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  158. package/dist/node-esm/src/platform_browser/strategies/popup.d.ts +1 -1
  159. package/dist/node-esm/test/helpers/api/helper.d.ts +2 -0
  160. package/dist/node-esm/test/helpers/mock_auth.d.ts +5 -0
  161. package/dist/node-esm/{totp-7b645f19.js → totp-aee19ee4.js} +560 -141
  162. package/dist/node-esm/totp-aee19ee4.js.map +1 -0
  163. package/dist/rn/index.js +2 -1
  164. package/dist/rn/index.js.map +1 -1
  165. package/dist/rn/internal.js +79 -48
  166. package/dist/rn/internal.js.map +1 -1
  167. package/dist/rn/{phone-ec210006.js → phone-26700494.js} +741 -260
  168. package/dist/rn/phone-26700494.js.map +1 -0
  169. package/dist/rn/src/api/authentication/email_and_password.d.ts +9 -0
  170. package/dist/rn/src/api/authentication/recaptcha.d.ts +16 -0
  171. package/dist/rn/src/api/authentication/sign_up.d.ts +4 -0
  172. package/dist/rn/src/api/errors.d.ts +9 -1
  173. package/dist/rn/src/api/index.d.ts +17 -2
  174. package/dist/rn/src/core/auth/auth_impl.d.ts +9 -1
  175. package/dist/rn/src/core/errors.d.ts +18 -1
  176. package/dist/rn/src/core/index.d.ts +27 -0
  177. package/dist/rn/src/core/util/handler.d.ts +1 -1
  178. package/dist/rn/src/core/util/log.d.ts +1 -0
  179. package/dist/rn/src/mfa/assertions/totp.d.ts +2 -2
  180. package/dist/rn/src/model/auth.d.ts +6 -0
  181. package/dist/rn/src/platform_browser/auth_window.d.ts +2 -2
  182. package/dist/rn/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  183. package/dist/rn/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  184. package/dist/rn/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  185. package/dist/rn/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  186. package/dist/rn/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  187. package/dist/rn/src/platform_browser/strategies/popup.d.ts +1 -1
  188. package/dist/rn/test/helpers/api/helper.d.ts +2 -0
  189. package/dist/rn/test/helpers/mock_auth.d.ts +5 -0
  190. package/dist/src/api/authentication/email_and_password.d.ts +9 -0
  191. package/dist/src/api/authentication/recaptcha.d.ts +16 -0
  192. package/dist/src/api/authentication/sign_up.d.ts +4 -0
  193. package/dist/src/api/errors.d.ts +9 -1
  194. package/dist/src/api/index.d.ts +17 -2
  195. package/dist/src/core/auth/auth_impl.d.ts +9 -1
  196. package/dist/src/core/errors.d.ts +18 -1
  197. package/dist/src/core/index.d.ts +27 -0
  198. package/dist/src/core/util/handler.d.ts +1 -1
  199. package/dist/src/core/util/log.d.ts +1 -0
  200. package/dist/src/mfa/assertions/totp.d.ts +2 -2
  201. package/dist/src/model/auth.d.ts +6 -0
  202. package/dist/src/platform_browser/auth_window.d.ts +2 -2
  203. package/dist/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  204. package/dist/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  205. package/dist/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  206. package/dist/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  207. package/dist/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  208. package/dist/src/platform_browser/strategies/popup.d.ts +1 -1
  209. package/dist/test/helpers/api/helper.d.ts +2 -0
  210. package/dist/test/helpers/mock_auth.d.ts +5 -0
  211. package/package.json +6 -6
  212. package/dist/browser-cjs/index-39443020.js.map +0 -1
  213. package/dist/cordova/popup_redirect-8b388294.js.map +0 -1
  214. package/dist/esm2017/index-2d01563f.js.map +0 -1
  215. package/dist/esm5/index-44fc929c.js.map +0 -1
  216. package/dist/node/totp-5e73d8e7.js.map +0 -1
  217. package/dist/node-esm/totp-7b645f19.js.map +0 -1
  218. package/dist/rn/phone-ec210006.js.map +0 -1
@@ -236,6 +236,7 @@ function _debugErrorMap() {
236
236
  _a["missing-or-invalid-nonce" /* AuthErrorCode.MISSING_OR_INVALID_NONCE */] = 'The request does not contain a valid nonce. This can occur if the ' +
237
237
  'SHA-256 hash of the provided raw nonce does not match the hashed nonce ' +
238
238
  'in the ID token payload.',
239
+ _a["missing-password" /* AuthErrorCode.MISSING_PASSWORD */] = 'A non-empty password must be provided',
239
240
  _a["missing-multi-factor-info" /* AuthErrorCode.MISSING_MFA_INFO */] = 'No second factor identifier is provided.',
240
241
  _a["missing-multi-factor-session" /* AuthErrorCode.MISSING_MFA_SESSION */] = 'The request is missing proof of first factor successful sign-in.',
241
242
  _a["missing-phone-number" /* AuthErrorCode.MISSING_PHONE_NUMBER */] = 'To send verification codes, provide a phone number for the recipient.',
@@ -289,6 +290,14 @@ function _debugErrorMap() {
289
290
  'different options. To avoid this error, call initializeAuth() with the ' +
290
291
  'same options as when it was originally called, or call getAuth() to return the' +
291
292
  ' already initialized instance.',
293
+ _a["missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */] = 'The reCAPTCHA token is missing when sending request to the backend.',
294
+ _a["invalid-recaptcha-token" /* AuthErrorCode.INVALID_RECAPTCHA_TOKEN */] = 'The reCAPTCHA token is invalid when sending request to the backend.',
295
+ _a["invalid-recaptcha-action" /* AuthErrorCode.INVALID_RECAPTCHA_ACTION */] = 'The reCAPTCHA action is invalid when sending request to the backend.',
296
+ _a["recaptcha-not-enabled" /* AuthErrorCode.RECAPTCHA_NOT_ENABLED */] = 'reCAPTCHA Enterprise integration is not enabled for this project.',
297
+ _a["missing-client-type" /* AuthErrorCode.MISSING_CLIENT_TYPE */] = 'The reCAPTCHA client type is missing when sending request to the backend.',
298
+ _a["missing-recaptcha-version" /* AuthErrorCode.MISSING_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is missing when sending request to the backend.',
299
+ _a["invalid-req-type" /* AuthErrorCode.INVALID_REQ_TYPE */] = 'Invalid request parameters.',
300
+ _a["invalid-recaptcha-version" /* AuthErrorCode.INVALID_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is invalid when sending request to the backend.',
292
301
  _a;
293
302
  }
294
303
  function _prodErrorMap() {
@@ -425,7 +434,15 @@ var AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = {
425
434
  USER_SIGNED_OUT: 'auth/user-signed-out',
426
435
  WEAK_PASSWORD: 'auth/weak-password',
427
436
  WEB_STORAGE_UNSUPPORTED: 'auth/web-storage-unsupported',
428
- ALREADY_INITIALIZED: 'auth/already-initialized'
437
+ ALREADY_INITIALIZED: 'auth/already-initialized',
438
+ RECAPTCHA_NOT_ENABLED: 'auth/recaptcha-not-enabled',
439
+ MISSING_RECAPTCHA_TOKEN: 'auth/missing-recaptcha-token',
440
+ INVALID_RECAPTCHA_TOKEN: 'auth/invalid-recaptcha-token',
441
+ INVALID_RECAPTCHA_ACTION: 'auth/invalid-recaptcha-action',
442
+ MISSING_CLIENT_TYPE: 'auth/missing-client-type',
443
+ MISSING_RECAPTCHA_VERSION: 'auth/missing-recaptcha-version',
444
+ INVALID_RECAPTCHA_VERSION: 'auth/invalid-recaptcha-version',
445
+ INVALID_REQ_TYPE: 'auth/invalid-req-type'
429
446
  };
430
447
 
431
448
  /**
@@ -445,6 +462,15 @@ var AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = {
445
462
  * limitations under the License.
446
463
  */
447
464
  var logClient = new logger.Logger('@firebase/auth');
465
+ function _logWarn(msg) {
466
+ var args = [];
467
+ for (var _i = 1; _i < arguments.length; _i++) {
468
+ args[_i - 1] = arguments[_i];
469
+ }
470
+ if (logClient.logLevel <= logger.LogLevel.WARN) {
471
+ logClient.warn.apply(logClient, tslib.__spreadArray(["Auth (".concat(app.SDK_VERSION, "): ").concat(msg)], args, false));
472
+ }
473
+ }
448
474
  function _logError(msg) {
449
475
  var args = [];
450
476
  for (var _i = 1; _i < arguments.length; _i++) {
@@ -547,103 +573,6 @@ function debugAssert(assertion, message) {
547
573
  }
548
574
  }
549
575
 
550
- /**
551
- * @license
552
- * Copyright 2020 Google LLC
553
- *
554
- * Licensed under the Apache License, Version 2.0 (the "License");
555
- * you may not use this file except in compliance with the License.
556
- * You may obtain a copy of the License at
557
- *
558
- * http://www.apache.org/licenses/LICENSE-2.0
559
- *
560
- * Unless required by applicable law or agreed to in writing, software
561
- * distributed under the License is distributed on an "AS IS" BASIS,
562
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
563
- * See the License for the specific language governing permissions and
564
- * limitations under the License.
565
- */
566
- var instanceCache = new Map();
567
- function _getInstance(cls) {
568
- debugAssert(cls instanceof Function, 'Expected a class definition');
569
- var instance = instanceCache.get(cls);
570
- if (instance) {
571
- debugAssert(instance instanceof cls, 'Instance stored in cache mismatched with class');
572
- return instance;
573
- }
574
- instance = new cls();
575
- instanceCache.set(cls, instance);
576
- return instance;
577
- }
578
-
579
- /**
580
- * @license
581
- * Copyright 2020 Google LLC
582
- *
583
- * Licensed under the Apache License, Version 2.0 (the "License");
584
- * you may not use this file except in compliance with the License.
585
- * You may obtain a copy of the License at
586
- *
587
- * http://www.apache.org/licenses/LICENSE-2.0
588
- *
589
- * Unless required by applicable law or agreed to in writing, software
590
- * distributed under the License is distributed on an "AS IS" BASIS,
591
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
592
- * See the License for the specific language governing permissions and
593
- * limitations under the License.
594
- */
595
- /**
596
- * Initializes an {@link Auth} instance with fine-grained control over
597
- * {@link Dependencies}.
598
- *
599
- * @remarks
600
- *
601
- * This function allows more control over the {@link Auth} instance than
602
- * {@link getAuth}. `getAuth` uses platform-specific defaults to supply
603
- * the {@link Dependencies}. In general, `getAuth` is the easiest way to
604
- * initialize Auth and works for most use cases. Use `initializeAuth` if you
605
- * need control over which persistence layer is used, or to minimize bundle
606
- * size if you're not using either `signInWithPopup` or `signInWithRedirect`.
607
- *
608
- * For example, if your app only uses anonymous accounts and you only want
609
- * accounts saved for the current session, initialize `Auth` with:
610
- *
611
- * ```js
612
- * const auth = initializeAuth(app, {
613
- * persistence: browserSessionPersistence,
614
- * popupRedirectResolver: undefined,
615
- * });
616
- * ```
617
- *
618
- * @public
619
- */
620
- function initializeAuth(app$1, deps) {
621
- var provider = app._getProvider(app$1, 'auth');
622
- if (provider.isInitialized()) {
623
- var auth_1 = provider.getImmediate();
624
- var initialOptions = provider.getOptions();
625
- if (util.deepEqual(initialOptions, deps !== null && deps !== void 0 ? deps : {})) {
626
- return auth_1;
627
- }
628
- else {
629
- _fail(auth_1, "already-initialized" /* AuthErrorCode.ALREADY_INITIALIZED */);
630
- }
631
- }
632
- var auth = provider.initialize({ options: deps });
633
- return auth;
634
- }
635
- function _initializeAuthInstance(auth, deps) {
636
- var persistence = (deps === null || deps === void 0 ? void 0 : deps.persistence) || [];
637
- var hierarchy = (Array.isArray(persistence) ? persistence : [persistence]).map(_getInstance);
638
- if (deps === null || deps === void 0 ? void 0 : deps.errorMap) {
639
- auth._updateErrorMap(deps.errorMap);
640
- }
641
- // This promise is intended to float; auth initialization happens in the
642
- // background, meanwhile the auth object may be used by the app.
643
- // eslint-disable-next-line @typescript-eslint/no-floating-promises
644
- auth._initializeWithPersistence(hierarchy, deps === null || deps === void 0 ? void 0 : deps.popupRedirectResolver);
645
- }
646
-
647
576
  /**
648
577
  * @license
649
578
  * Copyright 2020 Google LLC
@@ -880,7 +809,7 @@ var SERVER_ERROR_MAP = (_a$1 = {},
880
809
  // Sign in with email and password errors (some apply to sign up too).
881
810
  _a$1["INVALID_PASSWORD" /* ServerError.INVALID_PASSWORD */] = "wrong-password" /* AuthErrorCode.INVALID_PASSWORD */,
882
811
  // This can only happen if the SDK sends a bad request.
883
- _a$1["MISSING_PASSWORD" /* ServerError.MISSING_PASSWORD */] = "internal-error" /* AuthErrorCode.INTERNAL_ERROR */,
812
+ _a$1["MISSING_PASSWORD" /* ServerError.MISSING_PASSWORD */] = "missing-password" /* AuthErrorCode.MISSING_PASSWORD */,
884
813
  // Sign up with email and password errors.
885
814
  _a$1["EMAIL_EXISTS" /* ServerError.EMAIL_EXISTS */] = "email-already-in-use" /* AuthErrorCode.EMAIL_EXISTS */,
886
815
  _a$1["PASSWORD_LOGIN_DISABLED" /* ServerError.PASSWORD_LOGIN_DISABLED */] = "operation-not-allowed" /* AuthErrorCode.OPERATION_NOT_ALLOWED */,
@@ -928,6 +857,15 @@ var SERVER_ERROR_MAP = (_a$1 = {},
928
857
  _a$1["SECOND_FACTOR_LIMIT_EXCEEDED" /* ServerError.SECOND_FACTOR_LIMIT_EXCEEDED */] = "maximum-second-factor-count-exceeded" /* AuthErrorCode.SECOND_FACTOR_LIMIT_EXCEEDED */,
929
858
  // Blocking functions related errors.
930
859
  _a$1["BLOCKING_FUNCTION_ERROR_RESPONSE" /* ServerError.BLOCKING_FUNCTION_ERROR_RESPONSE */] = "internal-error" /* AuthErrorCode.INTERNAL_ERROR */,
860
+ // Recaptcha related errors.
861
+ _a$1["RECAPTCHA_NOT_ENABLED" /* ServerError.RECAPTCHA_NOT_ENABLED */] = "recaptcha-not-enabled" /* AuthErrorCode.RECAPTCHA_NOT_ENABLED */,
862
+ _a$1["MISSING_RECAPTCHA_TOKEN" /* ServerError.MISSING_RECAPTCHA_TOKEN */] = "missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */,
863
+ _a$1["INVALID_RECAPTCHA_TOKEN" /* ServerError.INVALID_RECAPTCHA_TOKEN */] = "invalid-recaptcha-token" /* AuthErrorCode.INVALID_RECAPTCHA_TOKEN */,
864
+ _a$1["INVALID_RECAPTCHA_ACTION" /* ServerError.INVALID_RECAPTCHA_ACTION */] = "invalid-recaptcha-action" /* AuthErrorCode.INVALID_RECAPTCHA_ACTION */,
865
+ _a$1["MISSING_CLIENT_TYPE" /* ServerError.MISSING_CLIENT_TYPE */] = "missing-client-type" /* AuthErrorCode.MISSING_CLIENT_TYPE */,
866
+ _a$1["MISSING_RECAPTCHA_VERSION" /* ServerError.MISSING_RECAPTCHA_VERSION */] = "missing-recaptcha-version" /* AuthErrorCode.MISSING_RECAPTCHA_VERSION */,
867
+ _a$1["INVALID_RECAPTCHA_VERSION" /* ServerError.INVALID_RECAPTCHA_VERSION */] = "invalid-recaptcha-version" /* AuthErrorCode.INVALID_RECAPTCHA_VERSION */,
868
+ _a$1["INVALID_REQ_TYPE" /* ServerError.INVALID_REQ_TYPE */] = "invalid-req-type" /* AuthErrorCode.INVALID_REQ_TYPE */,
931
869
  _a$1);
932
870
 
933
871
  /**
@@ -2049,6 +1987,35 @@ var UserImpl = /** @class */ (function () {
2049
1987
  return UserImpl;
2050
1988
  }());
2051
1989
 
1990
+ /**
1991
+ * @license
1992
+ * Copyright 2020 Google LLC
1993
+ *
1994
+ * Licensed under the Apache License, Version 2.0 (the "License");
1995
+ * you may not use this file except in compliance with the License.
1996
+ * You may obtain a copy of the License at
1997
+ *
1998
+ * http://www.apache.org/licenses/LICENSE-2.0
1999
+ *
2000
+ * Unless required by applicable law or agreed to in writing, software
2001
+ * distributed under the License is distributed on an "AS IS" BASIS,
2002
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2003
+ * See the License for the specific language governing permissions and
2004
+ * limitations under the License.
2005
+ */
2006
+ var instanceCache = new Map();
2007
+ function _getInstance(cls) {
2008
+ debugAssert(cls instanceof Function, 'Expected a class definition');
2009
+ var instance = instanceCache.get(cls);
2010
+ if (instance) {
2011
+ debugAssert(instance instanceof cls, 'Instance stored in cache mismatched with class');
2012
+ return instance;
2013
+ }
2014
+ instance = new cls();
2015
+ instanceCache.set(cls, instance);
2016
+ return instance;
2017
+ }
2018
+
2052
2019
  /**
2053
2020
  * @license
2054
2021
  * Copyright 2019 Google LLC
@@ -2482,6 +2449,271 @@ function _getClientVersion(clientPlatform, frameworks) {
2482
2449
  return "".concat(reportedPlatform, "/").concat("JsCore" /* ClientImplementation.CORE */, "/").concat(app.SDK_VERSION, "/").concat(reportedFrameworks);
2483
2450
  }
2484
2451
 
2452
+ /**
2453
+ * @license
2454
+ * Copyright 2020 Google LLC
2455
+ *
2456
+ * Licensed under the Apache License, Version 2.0 (the "License");
2457
+ * you may not use this file except in compliance with the License.
2458
+ * You may obtain a copy of the License at
2459
+ *
2460
+ * http://www.apache.org/licenses/LICENSE-2.0
2461
+ *
2462
+ * Unless required by applicable law or agreed to in writing, software
2463
+ * distributed under the License is distributed on an "AS IS" BASIS,
2464
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2465
+ * See the License for the specific language governing permissions and
2466
+ * limitations under the License.
2467
+ */
2468
+ function getRecaptchaConfig(auth, request) {
2469
+ return tslib.__awaiter(this, void 0, void 0, function () {
2470
+ return tslib.__generator(this, function (_a) {
2471
+ return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/recaptchaConfig" /* Endpoint.GET_RECAPTCHA_CONFIG */, _addTidIfNecessary(auth, request))];
2472
+ });
2473
+ });
2474
+ }
2475
+
2476
+ /**
2477
+ * @license
2478
+ * Copyright 2020 Google LLC
2479
+ *
2480
+ * Licensed under the Apache License, Version 2.0 (the "License");
2481
+ * you may not use this file except in compliance with the License.
2482
+ * You may obtain a copy of the License at
2483
+ *
2484
+ * http://www.apache.org/licenses/LICENSE-2.0
2485
+ *
2486
+ * Unless required by applicable law or agreed to in writing, software
2487
+ * distributed under the License is distributed on an "AS IS" BASIS,
2488
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2489
+ * See the License for the specific language governing permissions and
2490
+ * limitations under the License.
2491
+ */
2492
+ function isEnterprise(grecaptcha) {
2493
+ return (grecaptcha !== undefined &&
2494
+ grecaptcha.enterprise !== undefined);
2495
+ }
2496
+ var RecaptchaConfig = /** @class */ (function () {
2497
+ function RecaptchaConfig(response) {
2498
+ /**
2499
+ * The reCAPTCHA site key.
2500
+ */
2501
+ this.siteKey = '';
2502
+ /**
2503
+ * The reCAPTCHA enablement status of the {@link EmailAuthProvider} for the current tenant.
2504
+ */
2505
+ this.emailPasswordEnabled = false;
2506
+ if (response.recaptchaKey === undefined) {
2507
+ throw new Error('recaptchaKey undefined');
2508
+ }
2509
+ // Example response.recaptchaKey: "projects/proj123/keys/sitekey123"
2510
+ this.siteKey = response.recaptchaKey.split('/')[3];
2511
+ this.emailPasswordEnabled = response.recaptchaEnforcementState.some(function (enforcementState) {
2512
+ return enforcementState.provider === 'EMAIL_PASSWORD_PROVIDER' &&
2513
+ enforcementState.enforcementState !== 'OFF';
2514
+ });
2515
+ }
2516
+ return RecaptchaConfig;
2517
+ }());
2518
+
2519
+ /**
2520
+ * @license
2521
+ * Copyright 2020 Google LLC
2522
+ *
2523
+ * Licensed under the Apache License, Version 2.0 (the "License");
2524
+ * you may not use this file except in compliance with the License.
2525
+ * You may obtain a copy of the License at
2526
+ *
2527
+ * http://www.apache.org/licenses/LICENSE-2.0
2528
+ *
2529
+ * Unless required by applicable law or agreed to in writing, software
2530
+ * distributed under the License is distributed on an "AS IS" BASIS,
2531
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2532
+ * See the License for the specific language governing permissions and
2533
+ * limitations under the License.
2534
+ */
2535
+ function getScriptParentElement() {
2536
+ var _a, _b;
2537
+ return (_b = (_a = document.getElementsByTagName('head')) === null || _a === void 0 ? void 0 : _a[0]) !== null && _b !== void 0 ? _b : document;
2538
+ }
2539
+ function _loadJS(url) {
2540
+ // TODO: consider adding timeout support & cancellation
2541
+ return new Promise(function (resolve, reject) {
2542
+ var el = document.createElement('script');
2543
+ el.setAttribute('src', url);
2544
+ el.onload = resolve;
2545
+ el.onerror = function (e) {
2546
+ var error = _createError("internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
2547
+ error.customData = e;
2548
+ reject(error);
2549
+ };
2550
+ el.type = 'text/javascript';
2551
+ el.charset = 'UTF-8';
2552
+ getScriptParentElement().appendChild(el);
2553
+ });
2554
+ }
2555
+
2556
+ /* eslint-disable @typescript-eslint/no-require-imports */
2557
+ var RECAPTCHA_ENTERPRISE_URL = 'https://www.google.com/recaptcha/enterprise.js?render=';
2558
+ var RECAPTCHA_ENTERPRISE_VERIFIER_TYPE = 'recaptcha-enterprise';
2559
+ var RecaptchaEnterpriseVerifier = /** @class */ (function () {
2560
+ /**
2561
+ *
2562
+ * @param authExtern - The corresponding Firebase {@link Auth} instance.
2563
+ *
2564
+ */
2565
+ function RecaptchaEnterpriseVerifier(authExtern) {
2566
+ /**
2567
+ * Identifies the type of application verifier (e.g. "recaptcha-enterprise").
2568
+ */
2569
+ this.type = RECAPTCHA_ENTERPRISE_VERIFIER_TYPE;
2570
+ this.auth = _castAuth(authExtern);
2571
+ }
2572
+ /**
2573
+ * Executes the verification process.
2574
+ *
2575
+ * @returns A Promise for a token that can be used to assert the validity of a request.
2576
+ */
2577
+ RecaptchaEnterpriseVerifier.prototype.verify = function (action, forceRefresh) {
2578
+ if (action === void 0) { action = 'verify'; }
2579
+ if (forceRefresh === void 0) { forceRefresh = false; }
2580
+ return tslib.__awaiter(this, void 0, void 0, function () {
2581
+ function retrieveSiteKey(auth) {
2582
+ return tslib.__awaiter(this, void 0, void 0, function () {
2583
+ var _this = this;
2584
+ return tslib.__generator(this, function (_a) {
2585
+ if (!forceRefresh) {
2586
+ if (auth.tenantId == null && auth._agentRecaptchaConfig != null) {
2587
+ return [2 /*return*/, auth._agentRecaptchaConfig.siteKey];
2588
+ }
2589
+ if (auth.tenantId != null &&
2590
+ auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined) {
2591
+ return [2 /*return*/, auth._tenantRecaptchaConfigs[auth.tenantId].siteKey];
2592
+ }
2593
+ }
2594
+ return [2 /*return*/, new Promise(function (resolve, reject) { return tslib.__awaiter(_this, void 0, void 0, function () {
2595
+ return tslib.__generator(this, function (_a) {
2596
+ getRecaptchaConfig(auth, {
2597
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
2598
+ version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
2599
+ })
2600
+ .then(function (response) {
2601
+ if (response.recaptchaKey === undefined) {
2602
+ reject(new Error('recaptcha Enterprise site key undefined'));
2603
+ }
2604
+ else {
2605
+ var config = new RecaptchaConfig(response);
2606
+ if (auth.tenantId == null) {
2607
+ auth._agentRecaptchaConfig = config;
2608
+ }
2609
+ else {
2610
+ auth._tenantRecaptchaConfigs[auth.tenantId] = config;
2611
+ }
2612
+ return resolve(config.siteKey);
2613
+ }
2614
+ })
2615
+ .catch(function (error) {
2616
+ reject(error);
2617
+ });
2618
+ return [2 /*return*/];
2619
+ });
2620
+ }); })];
2621
+ });
2622
+ });
2623
+ }
2624
+ function retrieveRecaptchaToken(siteKey, resolve, reject) {
2625
+ var grecaptcha = window.grecaptcha;
2626
+ if (isEnterprise(grecaptcha)) {
2627
+ grecaptcha.enterprise.ready(function () {
2628
+ try {
2629
+ grecaptcha.enterprise
2630
+ .execute(siteKey, { action: action })
2631
+ .then(function (token) {
2632
+ resolve(token);
2633
+ })
2634
+ .catch(function (error) {
2635
+ reject(error);
2636
+ });
2637
+ }
2638
+ catch (error) {
2639
+ reject(error);
2640
+ }
2641
+ });
2642
+ }
2643
+ else {
2644
+ reject(Error('No reCAPTCHA enterprise script loaded.'));
2645
+ }
2646
+ }
2647
+ var _this = this;
2648
+ return tslib.__generator(this, function (_a) {
2649
+ return [2 /*return*/, new Promise(function (resolve, reject) {
2650
+ retrieveSiteKey(_this.auth)
2651
+ .then(function (siteKey) {
2652
+ if (!forceRefresh && isEnterprise(window.grecaptcha)) {
2653
+ retrieveRecaptchaToken(siteKey, resolve, reject);
2654
+ }
2655
+ else {
2656
+ if (typeof window === 'undefined') {
2657
+ reject(new Error('RecaptchaVerifier is only supported in browser'));
2658
+ return;
2659
+ }
2660
+ _loadJS(RECAPTCHA_ENTERPRISE_URL + siteKey)
2661
+ .then(function () {
2662
+ retrieveRecaptchaToken(siteKey, resolve, reject);
2663
+ })
2664
+ .catch(function (error) {
2665
+ reject(error);
2666
+ });
2667
+ }
2668
+ })
2669
+ .catch(function (error) {
2670
+ reject(error);
2671
+ });
2672
+ })];
2673
+ });
2674
+ });
2675
+ };
2676
+ return RecaptchaEnterpriseVerifier;
2677
+ }());
2678
+ function injectRecaptchaFields(auth, request, action, captchaResp) {
2679
+ if (captchaResp === void 0) { captchaResp = false; }
2680
+ return tslib.__awaiter(this, void 0, void 0, function () {
2681
+ var verifier, captchaResponse, newRequest;
2682
+ return tslib.__generator(this, function (_a) {
2683
+ switch (_a.label) {
2684
+ case 0:
2685
+ verifier = new RecaptchaEnterpriseVerifier(auth);
2686
+ _a.label = 1;
2687
+ case 1:
2688
+ _a.trys.push([1, 3, , 5]);
2689
+ return [4 /*yield*/, verifier.verify(action)];
2690
+ case 2:
2691
+ captchaResponse = _a.sent();
2692
+ return [3 /*break*/, 5];
2693
+ case 3:
2694
+ _a.sent();
2695
+ return [4 /*yield*/, verifier.verify(action, true)];
2696
+ case 4:
2697
+ captchaResponse = _a.sent();
2698
+ return [3 /*break*/, 5];
2699
+ case 5:
2700
+ newRequest = tslib.__assign({}, request);
2701
+ if (!captchaResp) {
2702
+ Object.assign(newRequest, { captchaResponse: captchaResponse });
2703
+ }
2704
+ else {
2705
+ Object.assign(newRequest, { 'captchaResp': captchaResponse });
2706
+ }
2707
+ Object.assign(newRequest, { 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ });
2708
+ Object.assign(newRequest, {
2709
+ 'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
2710
+ });
2711
+ return [2 /*return*/, newRequest];
2712
+ }
2713
+ });
2714
+ });
2715
+ }
2716
+
2485
2717
  /**
2486
2718
  * @license
2487
2719
  * Copyright 2022 Google LLC
@@ -2603,9 +2835,10 @@ var AuthMiddlewareQueue = /** @class */ (function () {
2603
2835
  * limitations under the License.
2604
2836
  */
2605
2837
  var AuthImpl = /** @class */ (function () {
2606
- function AuthImpl(app, heartbeatServiceProvider, config) {
2838
+ function AuthImpl(app, heartbeatServiceProvider, appCheckServiceProvider, config) {
2607
2839
  this.app = app;
2608
2840
  this.heartbeatServiceProvider = heartbeatServiceProvider;
2841
+ this.appCheckServiceProvider = appCheckServiceProvider;
2609
2842
  this.config = config;
2610
2843
  this.currentUser = null;
2611
2844
  this.emulatorConfig = null;
@@ -2623,6 +2856,8 @@ var AuthImpl = /** @class */ (function () {
2623
2856
  this._initializationPromise = null;
2624
2857
  this._popupRedirectResolver = null;
2625
2858
  this._errorFactory = _DEFAULT_AUTH_ERROR_FACTORY;
2859
+ this._agentRecaptchaConfig = null;
2860
+ this._tenantRecaptchaConfigs = {};
2626
2861
  // Tracks the last notified UID for state change listeners to prevent
2627
2862
  // repeated calls to the callbacks. Undefined means it's never been
2628
2863
  // called, whereas null means it's been called with a signed out user
@@ -2952,6 +3187,41 @@ var AuthImpl = /** @class */ (function () {
2952
3187
  });
2953
3188
  }); });
2954
3189
  };
3190
+ AuthImpl.prototype.initializeRecaptchaConfig = function () {
3191
+ return tslib.__awaiter(this, void 0, void 0, function () {
3192
+ var response, config, verifier;
3193
+ return tslib.__generator(this, function (_a) {
3194
+ switch (_a.label) {
3195
+ case 0: return [4 /*yield*/, getRecaptchaConfig(this, {
3196
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
3197
+ version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
3198
+ })];
3199
+ case 1:
3200
+ response = _a.sent();
3201
+ config = new RecaptchaConfig(response);
3202
+ if (this.tenantId == null) {
3203
+ this._agentRecaptchaConfig = config;
3204
+ }
3205
+ else {
3206
+ this._tenantRecaptchaConfigs[this.tenantId] = config;
3207
+ }
3208
+ if (config.emailPasswordEnabled) {
3209
+ verifier = new RecaptchaEnterpriseVerifier(this);
3210
+ void verifier.verify();
3211
+ }
3212
+ return [2 /*return*/];
3213
+ }
3214
+ });
3215
+ });
3216
+ };
3217
+ AuthImpl.prototype._getRecaptchaConfig = function () {
3218
+ if (this.tenantId == null) {
3219
+ return this._agentRecaptchaConfig;
3220
+ }
3221
+ else {
3222
+ return this._tenantRecaptchaConfigs[this.tenantId];
3223
+ }
3224
+ };
2955
3225
  AuthImpl.prototype._getPersistence = function () {
2956
3226
  return this.assertedPersistence.persistence.type;
2957
3227
  };
@@ -3179,7 +3449,7 @@ var AuthImpl = /** @class */ (function () {
3179
3449
  AuthImpl.prototype._getAdditionalHeaders = function () {
3180
3450
  var _a;
3181
3451
  return tslib.__awaiter(this, void 0, void 0, function () {
3182
- var headers, heartbeatsHeader;
3452
+ var headers, heartbeatsHeader, appCheckToken;
3183
3453
  var _b;
3184
3454
  return tslib.__generator(this, function (_c) {
3185
3455
  switch (_c.label) {
@@ -3199,11 +3469,39 @@ var AuthImpl = /** @class */ (function () {
3199
3469
  if (heartbeatsHeader) {
3200
3470
  headers["X-Firebase-Client" /* HttpHeader.X_FIREBASE_CLIENT */] = heartbeatsHeader;
3201
3471
  }
3472
+ return [4 /*yield*/, this._getAppCheckToken()];
3473
+ case 2:
3474
+ appCheckToken = _c.sent();
3475
+ if (appCheckToken) {
3476
+ headers["X-Firebase-AppCheck" /* HttpHeader.X_FIREBASE_APP_CHECK */] = appCheckToken;
3477
+ }
3202
3478
  return [2 /*return*/, headers];
3203
3479
  }
3204
3480
  });
3205
3481
  });
3206
3482
  };
3483
+ AuthImpl.prototype._getAppCheckToken = function () {
3484
+ var _a;
3485
+ return tslib.__awaiter(this, void 0, void 0, function () {
3486
+ var appCheckTokenResult;
3487
+ return tslib.__generator(this, function (_b) {
3488
+ switch (_b.label) {
3489
+ case 0: return [4 /*yield*/, ((_a = this.appCheckServiceProvider
3490
+ .getImmediate({ optional: true })) === null || _a === void 0 ? void 0 : _a.getToken())];
3491
+ case 1:
3492
+ appCheckTokenResult = _b.sent();
3493
+ if (appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.error) {
3494
+ // Context: appCheck.getToken() will never throw even if an error happened.
3495
+ // In the error case, a dummy token will be returned along with an error field describing
3496
+ // the error. In general, we shouldn't care about the error condition and just use
3497
+ // the token (actual or dummy) to send requests.
3498
+ _logWarn("Error while retrieving App Check token: ".concat(appCheckTokenResult.error));
3499
+ }
3500
+ return [2 /*return*/, appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.token];
3501
+ }
3502
+ });
3503
+ });
3504
+ };
3207
3505
  return AuthImpl;
3208
3506
  }());
3209
3507
  /**
@@ -3234,6 +3532,74 @@ var Subscription = /** @class */ (function () {
3234
3532
  return Subscription;
3235
3533
  }());
3236
3534
 
3535
+ /**
3536
+ * @license
3537
+ * Copyright 2020 Google LLC
3538
+ *
3539
+ * Licensed under the Apache License, Version 2.0 (the "License");
3540
+ * you may not use this file except in compliance with the License.
3541
+ * You may obtain a copy of the License at
3542
+ *
3543
+ * http://www.apache.org/licenses/LICENSE-2.0
3544
+ *
3545
+ * Unless required by applicable law or agreed to in writing, software
3546
+ * distributed under the License is distributed on an "AS IS" BASIS,
3547
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
3548
+ * See the License for the specific language governing permissions and
3549
+ * limitations under the License.
3550
+ */
3551
+ /**
3552
+ * Initializes an {@link Auth} instance with fine-grained control over
3553
+ * {@link Dependencies}.
3554
+ *
3555
+ * @remarks
3556
+ *
3557
+ * This function allows more control over the {@link Auth} instance than
3558
+ * {@link getAuth}. `getAuth` uses platform-specific defaults to supply
3559
+ * the {@link Dependencies}. In general, `getAuth` is the easiest way to
3560
+ * initialize Auth and works for most use cases. Use `initializeAuth` if you
3561
+ * need control over which persistence layer is used, or to minimize bundle
3562
+ * size if you're not using either `signInWithPopup` or `signInWithRedirect`.
3563
+ *
3564
+ * For example, if your app only uses anonymous accounts and you only want
3565
+ * accounts saved for the current session, initialize `Auth` with:
3566
+ *
3567
+ * ```js
3568
+ * const auth = initializeAuth(app, {
3569
+ * persistence: browserSessionPersistence,
3570
+ * popupRedirectResolver: undefined,
3571
+ * });
3572
+ * ```
3573
+ *
3574
+ * @public
3575
+ */
3576
+ function initializeAuth(app$1, deps) {
3577
+ var provider = app._getProvider(app$1, 'auth');
3578
+ if (provider.isInitialized()) {
3579
+ var auth_1 = provider.getImmediate();
3580
+ var initialOptions = provider.getOptions();
3581
+ if (util.deepEqual(initialOptions, deps !== null && deps !== void 0 ? deps : {})) {
3582
+ return auth_1;
3583
+ }
3584
+ else {
3585
+ _fail(auth_1, "already-initialized" /* AuthErrorCode.ALREADY_INITIALIZED */);
3586
+ }
3587
+ }
3588
+ var auth = provider.initialize({ options: deps });
3589
+ return auth;
3590
+ }
3591
+ function _initializeAuthInstance(auth, deps) {
3592
+ var persistence = (deps === null || deps === void 0 ? void 0 : deps.persistence) || [];
3593
+ var hierarchy = (Array.isArray(persistence) ? persistence : [persistence]).map(_getInstance);
3594
+ if (deps === null || deps === void 0 ? void 0 : deps.errorMap) {
3595
+ auth._updateErrorMap(deps.errorMap);
3596
+ }
3597
+ // This promise is intended to float; auth initialization happens in the
3598
+ // background, meanwhile the auth object may be used by the app.
3599
+ // eslint-disable-next-line @typescript-eslint/no-floating-promises
3600
+ auth._initializeWithPersistence(hierarchy, deps === null || deps === void 0 ? void 0 : deps.popupRedirectResolver);
3601
+ }
3602
+
3237
3603
  /**
3238
3604
  * Changes the {@link Auth} instance to communicate with the Firebase Auth Emulator, instead of production
3239
3605
  * Firebase Auth services.
@@ -3622,24 +3988,55 @@ var EmailAuthCredential = /** @class */ (function (_super) {
3622
3988
  };
3623
3989
  /** @internal */
3624
3990
  EmailAuthCredential.prototype._getIdTokenResponse = function (auth) {
3991
+ var _a;
3625
3992
  return tslib.__awaiter(this, void 0, void 0, function () {
3626
- return tslib.__generator(this, function (_a) {
3627
- switch (this.signInMethod) {
3628
- case "password" /* SignInMethod.EMAIL_PASSWORD */:
3629
- return [2 /*return*/, signInWithPassword(auth, {
3630
- returnSecureToken: true,
3631
- email: this._email,
3632
- password: this._password
3633
- })];
3634
- case "emailLink" /* SignInMethod.EMAIL_LINK */:
3635
- return [2 /*return*/, signInWithEmailLink$1(auth, {
3636
- email: this._email,
3637
- oobCode: this._password
3638
- })];
3639
- default:
3993
+ var _b, request_1, requestWithRecaptcha;
3994
+ var _this = this;
3995
+ return tslib.__generator(this, function (_c) {
3996
+ switch (_c.label) {
3997
+ case 0:
3998
+ _b = this.signInMethod;
3999
+ switch (_b) {
4000
+ case "password" /* SignInMethod.EMAIL_PASSWORD */: return [3 /*break*/, 1];
4001
+ case "emailLink" /* SignInMethod.EMAIL_LINK */: return [3 /*break*/, 4];
4002
+ }
4003
+ return [3 /*break*/, 5];
4004
+ case 1:
4005
+ request_1 = {
4006
+ returnSecureToken: true,
4007
+ email: this._email,
4008
+ password: this._password,
4009
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
4010
+ };
4011
+ if (!((_a = auth._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled)) return [3 /*break*/, 3];
4012
+ return [4 /*yield*/, injectRecaptchaFields(auth, request_1, "signInWithPassword" /* RecaptchaActionName.SIGN_IN_WITH_PASSWORD */)];
4013
+ case 2:
4014
+ requestWithRecaptcha = _c.sent();
4015
+ return [2 /*return*/, signInWithPassword(auth, requestWithRecaptcha)];
4016
+ case 3: return [2 /*return*/, signInWithPassword(auth, request_1).catch(function (error) { return tslib.__awaiter(_this, void 0, void 0, function () {
4017
+ var requestWithRecaptcha;
4018
+ return tslib.__generator(this, function (_a) {
4019
+ switch (_a.label) {
4020
+ case 0:
4021
+ if (!(error.code === "auth/".concat("missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */))) return [3 /*break*/, 2];
4022
+ console.log('Sign-in with email address and password is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-in flow.');
4023
+ return [4 /*yield*/, injectRecaptchaFields(auth, request_1, "signInWithPassword" /* RecaptchaActionName.SIGN_IN_WITH_PASSWORD */)];
4024
+ case 1:
4025
+ requestWithRecaptcha = _a.sent();
4026
+ return [2 /*return*/, signInWithPassword(auth, requestWithRecaptcha)];
4027
+ case 2: return [2 /*return*/, Promise.reject(error)];
4028
+ }
4029
+ });
4030
+ }); })];
4031
+ case 4: return [2 /*return*/, signInWithEmailLink$1(auth, {
4032
+ email: this._email,
4033
+ oobCode: this._password
4034
+ })];
4035
+ case 5:
3640
4036
  _fail(auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
4037
+ _c.label = 6;
4038
+ case 6: return [2 /*return*/];
3641
4039
  }
3642
- return [2 /*return*/];
3643
4040
  });
3644
4041
  });
3645
4042
  };
@@ -5819,23 +6216,61 @@ function _setActionCodeSettingsOnRequest(auth, request, actionCodeSettings) {
5819
6216
  * @public
5820
6217
  */
5821
6218
  function sendPasswordResetEmail(auth, email, actionCodeSettings) {
6219
+ var _a;
5822
6220
  return tslib.__awaiter(this, void 0, void 0, function () {
5823
- var authModular, request;
5824
- return tslib.__generator(this, function (_a) {
5825
- switch (_a.label) {
6221
+ var authInternal, request, requestWithRecaptcha;
6222
+ var _this = this;
6223
+ return tslib.__generator(this, function (_b) {
6224
+ switch (_b.label) {
5826
6225
  case 0:
5827
- authModular = util.getModularInstance(auth);
6226
+ authInternal = _castAuth(auth);
5828
6227
  request = {
5829
6228
  requestType: "PASSWORD_RESET" /* ActionCodeOperation.PASSWORD_RESET */,
5830
- email: email
6229
+ email: email,
6230
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
5831
6231
  };
6232
+ if (!((_a = authInternal._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled)) return [3 /*break*/, 3];
6233
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true)];
6234
+ case 1:
6235
+ requestWithRecaptcha = _b.sent();
5832
6236
  if (actionCodeSettings) {
5833
- _setActionCodeSettingsOnRequest(authModular, request, actionCodeSettings);
6237
+ _setActionCodeSettingsOnRequest(authInternal, requestWithRecaptcha, actionCodeSettings);
5834
6238
  }
5835
- return [4 /*yield*/, sendPasswordResetEmail$1(authModular, request)];
5836
- case 1:
5837
- _a.sent();
5838
- return [2 /*return*/];
6239
+ return [4 /*yield*/, sendPasswordResetEmail$1(authInternal, requestWithRecaptcha)];
6240
+ case 2:
6241
+ _b.sent();
6242
+ return [3 /*break*/, 5];
6243
+ case 3:
6244
+ if (actionCodeSettings) {
6245
+ _setActionCodeSettingsOnRequest(authInternal, request, actionCodeSettings);
6246
+ }
6247
+ return [4 /*yield*/, sendPasswordResetEmail$1(authInternal, request)
6248
+ .catch(function (error) { return tslib.__awaiter(_this, void 0, void 0, function () {
6249
+ var requestWithRecaptcha;
6250
+ return tslib.__generator(this, function (_a) {
6251
+ switch (_a.label) {
6252
+ case 0:
6253
+ if (!(error.code === "auth/".concat("missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */))) return [3 /*break*/, 3];
6254
+ console.log('Password resets are protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the password reset flow.');
6255
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true)];
6256
+ case 1:
6257
+ requestWithRecaptcha = _a.sent();
6258
+ if (actionCodeSettings) {
6259
+ _setActionCodeSettingsOnRequest(authInternal, requestWithRecaptcha, actionCodeSettings);
6260
+ }
6261
+ return [4 /*yield*/, sendPasswordResetEmail$1(authInternal, requestWithRecaptcha)];
6262
+ case 2:
6263
+ _a.sent();
6264
+ return [3 /*break*/, 4];
6265
+ case 3: return [2 /*return*/, Promise.reject(error)];
6266
+ case 4: return [2 /*return*/];
6267
+ }
6268
+ });
6269
+ }); })];
6270
+ case 4:
6271
+ _b.sent();
6272
+ _b.label = 5;
6273
+ case 5: return [2 /*return*/];
5839
6274
  }
5840
6275
  });
5841
6276
  });
@@ -5980,25 +6415,54 @@ function verifyPasswordResetCode(auth, code) {
5980
6415
  * @public
5981
6416
  */
5982
6417
  function createUserWithEmailAndPassword(auth, email, password) {
6418
+ var _a;
5983
6419
  return tslib.__awaiter(this, void 0, void 0, function () {
5984
- var authInternal, response, userCredential;
5985
- return tslib.__generator(this, function (_a) {
5986
- switch (_a.label) {
6420
+ var authInternal, request, signUpResponse, requestWithRecaptcha, response, userCredential;
6421
+ var _this = this;
6422
+ return tslib.__generator(this, function (_b) {
6423
+ switch (_b.label) {
5987
6424
  case 0:
5988
6425
  authInternal = _castAuth(auth);
5989
- return [4 /*yield*/, signUp(authInternal, {
5990
- returnSecureToken: true,
5991
- email: email,
5992
- password: password
5993
- })];
6426
+ request = {
6427
+ returnSecureToken: true,
6428
+ email: email,
6429
+ password: password,
6430
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
6431
+ };
6432
+ if (!((_a = authInternal._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled)) return [3 /*break*/, 2];
6433
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */)];
5994
6434
  case 1:
5995
- response = _a.sent();
5996
- return [4 /*yield*/, UserCredentialImpl._fromIdTokenResponse(authInternal, "signIn" /* OperationType.SIGN_IN */, response)];
6435
+ requestWithRecaptcha = _b.sent();
6436
+ signUpResponse = signUp(authInternal, requestWithRecaptcha);
6437
+ return [3 /*break*/, 3];
5997
6438
  case 2:
5998
- userCredential = _a.sent();
6439
+ signUpResponse = signUp(authInternal, request).catch(function (error) { return tslib.__awaiter(_this, void 0, void 0, function () {
6440
+ var requestWithRecaptcha;
6441
+ return tslib.__generator(this, function (_a) {
6442
+ switch (_a.label) {
6443
+ case 0:
6444
+ if (!(error.code === "auth/".concat("missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */))) return [3 /*break*/, 2];
6445
+ console.log('Sign-up is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-up flow.');
6446
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */)];
6447
+ case 1:
6448
+ requestWithRecaptcha = _a.sent();
6449
+ return [2 /*return*/, signUp(authInternal, requestWithRecaptcha)];
6450
+ case 2: return [2 /*return*/, Promise.reject(error)];
6451
+ }
6452
+ });
6453
+ }); });
6454
+ _b.label = 3;
6455
+ case 3: return [4 /*yield*/, signUpResponse.catch(function (error) {
6456
+ return Promise.reject(error);
6457
+ })];
6458
+ case 4:
6459
+ response = _b.sent();
6460
+ return [4 /*yield*/, UserCredentialImpl._fromIdTokenResponse(authInternal, "signIn" /* OperationType.SIGN_IN */, response)];
6461
+ case 5:
6462
+ userCredential = _b.sent();
5999
6463
  return [4 /*yield*/, authInternal._updateCurrentUser(userCredential.user)];
6000
- case 3:
6001
- _a.sent();
6464
+ case 6:
6465
+ _b.sent();
6002
6466
  return [2 /*return*/, userCredential];
6003
6467
  }
6004
6468
  });
@@ -6079,24 +6543,61 @@ function signInWithEmailAndPassword(auth, email, password) {
6079
6543
  * @public
6080
6544
  */
6081
6545
  function sendSignInLinkToEmail(auth, email, actionCodeSettings) {
6546
+ var _a;
6082
6547
  return tslib.__awaiter(this, void 0, void 0, function () {
6083
- var authModular, request;
6084
- return tslib.__generator(this, function (_a) {
6085
- switch (_a.label) {
6548
+ function setActionCodeSettings(request, actionCodeSettings) {
6549
+ _assert(actionCodeSettings.handleCodeInApp, authInternal, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
6550
+ if (actionCodeSettings) {
6551
+ _setActionCodeSettingsOnRequest(authInternal, request, actionCodeSettings);
6552
+ }
6553
+ }
6554
+ var authInternal, request, requestWithRecaptcha;
6555
+ var _this = this;
6556
+ return tslib.__generator(this, function (_b) {
6557
+ switch (_b.label) {
6086
6558
  case 0:
6087
- authModular = util.getModularInstance(auth);
6559
+ authInternal = _castAuth(auth);
6088
6560
  request = {
6089
6561
  requestType: "EMAIL_SIGNIN" /* ActionCodeOperation.EMAIL_SIGNIN */,
6090
- email: email
6562
+ email: email,
6563
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
6091
6564
  };
6092
- _assert(actionCodeSettings.handleCodeInApp, authModular, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
6093
- if (actionCodeSettings) {
6094
- _setActionCodeSettingsOnRequest(authModular, request, actionCodeSettings);
6095
- }
6096
- return [4 /*yield*/, sendSignInLinkToEmail$1(authModular, request)];
6565
+ if (!((_a = authInternal._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled)) return [3 /*break*/, 3];
6566
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true)];
6097
6567
  case 1:
6098
- _a.sent();
6099
- return [2 /*return*/];
6568
+ requestWithRecaptcha = _b.sent();
6569
+ setActionCodeSettings(requestWithRecaptcha, actionCodeSettings);
6570
+ return [4 /*yield*/, sendSignInLinkToEmail$1(authInternal, requestWithRecaptcha)];
6571
+ case 2:
6572
+ _b.sent();
6573
+ return [3 /*break*/, 5];
6574
+ case 3:
6575
+ setActionCodeSettings(request, actionCodeSettings);
6576
+ return [4 /*yield*/, sendSignInLinkToEmail$1(authInternal, request)
6577
+ .catch(function (error) { return tslib.__awaiter(_this, void 0, void 0, function () {
6578
+ var requestWithRecaptcha;
6579
+ return tslib.__generator(this, function (_a) {
6580
+ switch (_a.label) {
6581
+ case 0:
6582
+ if (!(error.code === "auth/".concat("missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */))) return [3 /*break*/, 3];
6583
+ console.log('Email link sign-in is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-in flow.');
6584
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true)];
6585
+ case 1:
6586
+ requestWithRecaptcha = _a.sent();
6587
+ setActionCodeSettings(requestWithRecaptcha, actionCodeSettings);
6588
+ return [4 /*yield*/, sendSignInLinkToEmail$1(authInternal, requestWithRecaptcha)];
6589
+ case 2:
6590
+ _a.sent();
6591
+ return [3 /*break*/, 4];
6592
+ case 3: return [2 /*return*/, Promise.reject(error)];
6593
+ case 4: return [2 /*return*/];
6594
+ }
6595
+ });
6596
+ }); })];
6597
+ case 4:
6598
+ _b.sent();
6599
+ _b.label = 5;
6600
+ case 5: return [2 /*return*/];
6100
6601
  }
6101
6602
  });
6102
6603
  });
@@ -6692,11 +7193,41 @@ function getAdditionalUserInfo(userCredential) {
6692
7193
  function setPersistence(auth, persistence) {
6693
7194
  return util.getModularInstance(auth).setPersistence(persistence);
6694
7195
  }
7196
+ /**
7197
+ * Loads the reCAPTCHA configuration into the `Auth` instance.
7198
+ *
7199
+ * @remarks
7200
+ * This will load the reCAPTCHA config, which indicates whether the reCAPTCHA
7201
+ * verification flow should be triggered for each auth provider, into the
7202
+ * current Auth session.
7203
+ *
7204
+ * If initializeRecaptchaConfig() is not invoked, the auth flow will always start
7205
+ * without reCAPTCHA verification. If the provider is configured to require reCAPTCHA
7206
+ * verification, the SDK will transparently load the reCAPTCHA config and restart the
7207
+ * auth flows.
7208
+ *
7209
+ * Thus, by calling this optional method, you will reduce the latency of future auth flows.
7210
+ * Loading the reCAPTCHA config early will also enhance the signal collected by reCAPTCHA.
7211
+ *
7212
+ * @example
7213
+ * ```javascript
7214
+ * initializeRecaptchaConfig(auth);
7215
+ * ```
7216
+ *
7217
+ * @param auth - The {@link Auth} instance.
7218
+ *
7219
+ * @public
7220
+ */
7221
+ function initializeRecaptchaConfig(auth) {
7222
+ var authInternal = _castAuth(auth);
7223
+ return authInternal.initializeRecaptchaConfig();
7224
+ }
6695
7225
  /**
6696
7226
  * Adds an observer for changes to the signed-in user's ID token.
6697
7227
  *
6698
7228
  * @remarks
6699
7229
  * This includes sign-in, sign-out, and token refresh events.
7230
+ * This will not be triggered automatically upon ID token expiration. Use {@link User.getIdToken} to refresh the ID token.
6700
7231
  *
6701
7232
  * @param auth - The {@link Auth} instance.
6702
7233
  * @param nextOrObserver - callback triggered on change.
@@ -7089,7 +7620,7 @@ function multiFactor(user) {
7089
7620
  }
7090
7621
 
7091
7622
  var name = "@firebase/auth";
7092
- var version = "0.21.6";
7623
+ var version = "0.22.0-canary.1d6771eb3";
7093
7624
 
7094
7625
  /**
7095
7626
  * @license
@@ -7209,26 +7740,25 @@ function registerAuth(clientPlatform) {
7209
7740
  var deps = _a.options;
7210
7741
  var app = container.getProvider('app').getImmediate();
7211
7742
  var heartbeatServiceProvider = container.getProvider('heartbeat');
7743
+ var appCheckServiceProvider = container.getProvider('app-check-internal');
7212
7744
  var _b = app.options, apiKey = _b.apiKey, authDomain = _b.authDomain;
7213
- return (function (app, heartbeatServiceProvider) {
7214
- _assert(apiKey && !apiKey.includes(':'), "invalid-api-key" /* AuthErrorCode.INVALID_API_KEY */, { appName: app.name });
7215
- // Auth domain is optional if IdP sign in isn't being used
7216
- _assert(!(authDomain === null || authDomain === void 0 ? void 0 : authDomain.includes(':')), "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */, {
7217
- appName: app.name
7218
- });
7219
- var config = {
7220
- apiKey: apiKey,
7221
- authDomain: authDomain,
7222
- clientPlatform: clientPlatform,
7223
- apiHost: "identitytoolkit.googleapis.com" /* DefaultConfig.API_HOST */,
7224
- tokenApiHost: "securetoken.googleapis.com" /* DefaultConfig.TOKEN_API_HOST */,
7225
- apiScheme: "https" /* DefaultConfig.API_SCHEME */,
7226
- sdkClientVersion: _getClientVersion(clientPlatform)
7227
- };
7228
- var authInstance = new AuthImpl(app, heartbeatServiceProvider, config);
7229
- _initializeAuthInstance(authInstance, deps);
7230
- return authInstance;
7231
- })(app, heartbeatServiceProvider);
7745
+ _assert(apiKey && !apiKey.includes(':'), "invalid-api-key" /* AuthErrorCode.INVALID_API_KEY */, { appName: app.name });
7746
+ // Auth domain is optional if IdP sign in isn't being used
7747
+ _assert(!(authDomain === null || authDomain === void 0 ? void 0 : authDomain.includes(':')), "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */, {
7748
+ appName: app.name
7749
+ });
7750
+ var config = {
7751
+ apiKey: apiKey,
7752
+ authDomain: authDomain,
7753
+ clientPlatform: clientPlatform,
7754
+ apiHost: "identitytoolkit.googleapis.com" /* DefaultConfig.API_HOST */,
7755
+ tokenApiHost: "securetoken.googleapis.com" /* DefaultConfig.TOKEN_API_HOST */,
7756
+ apiScheme: "https" /* DefaultConfig.API_SCHEME */,
7757
+ sdkClientVersion: _getClientVersion(clientPlatform)
7758
+ };
7759
+ var authInstance = new AuthImpl(app, heartbeatServiceProvider, appCheckServiceProvider, config);
7760
+ _initializeAuthInstance(authInstance, deps);
7761
+ return authInstance;
7232
7762
  }, "PUBLIC" /* ComponentType.PUBLIC */)
7233
7763
  /**
7234
7764
  * Auth can only be initialized by explicitly calling getAuth() or initializeAuth()
@@ -7624,6 +8154,7 @@ exports.getRedirectResult = getRedirectResult;
7624
8154
  exports.inMemoryPersistence = inMemoryPersistence;
7625
8155
  exports.indexedDBLocalPersistence = indexedDBLocalPersistence;
7626
8156
  exports.initializeAuth = initializeAuth;
8157
+ exports.initializeRecaptchaConfig = initializeRecaptchaConfig;
7627
8158
  exports.isSignInWithEmailLink = isSignInWithEmailLink;
7628
8159
  exports.linkWithCredential = linkWithCredential;
7629
8160
  exports.linkWithPhoneNumber = linkWithPhoneNumber;
@@ -7662,4 +8193,4 @@ exports.updateProfile = updateProfile;
7662
8193
  exports.useDeviceLanguage = useDeviceLanguage;
7663
8194
  exports.verifyBeforeUpdateEmail = verifyBeforeUpdateEmail;
7664
8195
  exports.verifyPasswordResetCode = verifyPasswordResetCode;
7665
- //# sourceMappingURL=totp-5e73d8e7.js.map
8196
+ //# sourceMappingURL=totp-13fce87f.js.map