@firebase/auth 0.21.6 → 0.22.0-canary.1d6771eb3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (218) hide show
  1. package/CHANGELOG.md +10 -0
  2. package/README.md +5 -0
  3. package/dist/auth-public.d.ts +59 -3
  4. package/dist/auth.d.ts +74 -13
  5. package/dist/browser-cjs/{index-39443020.js → index-7393ca6a.js} +593 -208
  6. package/dist/browser-cjs/index-7393ca6a.js.map +1 -0
  7. package/dist/browser-cjs/index.js +3 -2
  8. package/dist/browser-cjs/index.js.map +1 -1
  9. package/dist/browser-cjs/internal.js +3 -2
  10. package/dist/browser-cjs/internal.js.map +1 -1
  11. package/dist/browser-cjs/src/api/authentication/email_and_password.d.ts +9 -0
  12. package/dist/browser-cjs/src/api/authentication/recaptcha.d.ts +16 -0
  13. package/dist/browser-cjs/src/api/authentication/sign_up.d.ts +4 -0
  14. package/dist/browser-cjs/src/api/errors.d.ts +9 -1
  15. package/dist/browser-cjs/src/api/index.d.ts +17 -2
  16. package/dist/browser-cjs/src/core/auth/auth_impl.d.ts +9 -1
  17. package/dist/browser-cjs/src/core/errors.d.ts +18 -1
  18. package/dist/browser-cjs/src/core/index.d.ts +27 -0
  19. package/dist/browser-cjs/src/core/util/handler.d.ts +1 -1
  20. package/dist/browser-cjs/src/core/util/log.d.ts +1 -0
  21. package/dist/browser-cjs/src/mfa/assertions/totp.d.ts +2 -2
  22. package/dist/browser-cjs/src/model/auth.d.ts +6 -0
  23. package/dist/browser-cjs/src/platform_browser/auth_window.d.ts +2 -2
  24. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  25. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  26. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  27. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  28. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  29. package/dist/browser-cjs/src/platform_browser/strategies/popup.d.ts +1 -1
  30. package/dist/browser-cjs/test/helpers/api/helper.d.ts +2 -0
  31. package/dist/browser-cjs/test/helpers/mock_auth.d.ts +5 -0
  32. package/dist/cordova/index.js +2 -2
  33. package/dist/cordova/internal.js +21 -77
  34. package/dist/cordova/internal.js.map +1 -1
  35. package/dist/cordova/{popup_redirect-8b388294.js → popup_redirect-eae95465.js} +781 -215
  36. package/dist/cordova/popup_redirect-eae95465.js.map +1 -0
  37. package/dist/cordova/src/api/authentication/email_and_password.d.ts +9 -0
  38. package/dist/cordova/src/api/authentication/recaptcha.d.ts +16 -0
  39. package/dist/cordova/src/api/authentication/sign_up.d.ts +4 -0
  40. package/dist/cordova/src/api/errors.d.ts +9 -1
  41. package/dist/cordova/src/api/index.d.ts +17 -2
  42. package/dist/cordova/src/core/auth/auth_impl.d.ts +9 -1
  43. package/dist/cordova/src/core/errors.d.ts +18 -1
  44. package/dist/cordova/src/core/index.d.ts +27 -0
  45. package/dist/cordova/src/core/util/handler.d.ts +1 -1
  46. package/dist/cordova/src/core/util/log.d.ts +1 -0
  47. package/dist/cordova/src/mfa/assertions/totp.d.ts +2 -2
  48. package/dist/cordova/src/model/auth.d.ts +6 -0
  49. package/dist/cordova/src/platform_browser/auth_window.d.ts +2 -2
  50. package/dist/cordova/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  51. package/dist/cordova/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  52. package/dist/cordova/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  53. package/dist/cordova/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  54. package/dist/cordova/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  55. package/dist/cordova/src/platform_browser/strategies/popup.d.ts +1 -1
  56. package/dist/cordova/test/helpers/api/helper.d.ts +2 -0
  57. package/dist/cordova/test/helpers/mock_auth.d.ts +5 -0
  58. package/dist/esm2017/{index-2d01563f.js → index-1124980d.js} +594 -210
  59. package/dist/esm2017/index-1124980d.js.map +1 -0
  60. package/dist/esm2017/index.js +2 -2
  61. package/dist/esm2017/internal.js +3 -3
  62. package/dist/esm2017/src/api/authentication/email_and_password.d.ts +9 -0
  63. package/dist/esm2017/src/api/authentication/recaptcha.d.ts +16 -0
  64. package/dist/esm2017/src/api/authentication/sign_up.d.ts +4 -0
  65. package/dist/esm2017/src/api/errors.d.ts +9 -1
  66. package/dist/esm2017/src/api/index.d.ts +17 -2
  67. package/dist/esm2017/src/core/auth/auth_impl.d.ts +9 -1
  68. package/dist/esm2017/src/core/errors.d.ts +18 -1
  69. package/dist/esm2017/src/core/index.d.ts +27 -0
  70. package/dist/esm2017/src/core/util/handler.d.ts +1 -1
  71. package/dist/esm2017/src/core/util/log.d.ts +1 -0
  72. package/dist/esm2017/src/mfa/assertions/totp.d.ts +2 -2
  73. package/dist/esm2017/src/model/auth.d.ts +6 -0
  74. package/dist/esm2017/src/platform_browser/auth_window.d.ts +2 -2
  75. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  76. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  77. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  78. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  79. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  80. package/dist/esm2017/src/platform_browser/strategies/popup.d.ts +1 -1
  81. package/dist/esm2017/test/helpers/api/helper.d.ts +2 -0
  82. package/dist/esm2017/test/helpers/mock_auth.d.ts +5 -0
  83. package/dist/esm5/{index-44fc929c.js → index-169fb84f.js} +800 -290
  84. package/dist/esm5/index-169fb84f.js.map +1 -0
  85. package/dist/esm5/index.js +1 -1
  86. package/dist/esm5/internal.js +2 -2
  87. package/dist/esm5/src/api/authentication/email_and_password.d.ts +9 -0
  88. package/dist/esm5/src/api/authentication/recaptcha.d.ts +16 -0
  89. package/dist/esm5/src/api/authentication/sign_up.d.ts +4 -0
  90. package/dist/esm5/src/api/errors.d.ts +9 -1
  91. package/dist/esm5/src/api/index.d.ts +17 -2
  92. package/dist/esm5/src/core/auth/auth_impl.d.ts +9 -1
  93. package/dist/esm5/src/core/errors.d.ts +18 -1
  94. package/dist/esm5/src/core/index.d.ts +27 -0
  95. package/dist/esm5/src/core/util/handler.d.ts +1 -1
  96. package/dist/esm5/src/core/util/log.d.ts +1 -0
  97. package/dist/esm5/src/mfa/assertions/totp.d.ts +2 -2
  98. package/dist/esm5/src/model/auth.d.ts +6 -0
  99. package/dist/esm5/src/platform_browser/auth_window.d.ts +2 -2
  100. package/dist/esm5/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  101. package/dist/esm5/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  102. package/dist/esm5/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  103. package/dist/esm5/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  104. package/dist/esm5/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  105. package/dist/esm5/src/platform_browser/strategies/popup.d.ts +1 -1
  106. package/dist/esm5/test/helpers/api/helper.d.ts +2 -0
  107. package/dist/esm5/test/helpers/mock_auth.d.ts +5 -0
  108. package/dist/index.webworker.esm5.js +605 -75
  109. package/dist/index.webworker.esm5.js.map +1 -1
  110. package/dist/node/index.js +2 -1
  111. package/dist/node/index.js.map +1 -1
  112. package/dist/node/internal.js +62 -42
  113. package/dist/node/internal.js.map +1 -1
  114. package/dist/node/src/api/authentication/email_and_password.d.ts +9 -0
  115. package/dist/node/src/api/authentication/recaptcha.d.ts +16 -0
  116. package/dist/node/src/api/authentication/sign_up.d.ts +4 -0
  117. package/dist/node/src/api/errors.d.ts +9 -1
  118. package/dist/node/src/api/index.d.ts +17 -2
  119. package/dist/node/src/core/auth/auth_impl.d.ts +9 -1
  120. package/dist/node/src/core/errors.d.ts +18 -1
  121. package/dist/node/src/core/index.d.ts +27 -0
  122. package/dist/node/src/core/util/handler.d.ts +1 -1
  123. package/dist/node/src/core/util/log.d.ts +1 -0
  124. package/dist/node/src/mfa/assertions/totp.d.ts +2 -2
  125. package/dist/node/src/model/auth.d.ts +6 -0
  126. package/dist/node/src/platform_browser/auth_window.d.ts +2 -2
  127. package/dist/node/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  128. package/dist/node/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  129. package/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  130. package/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  131. package/dist/node/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  132. package/dist/node/src/platform_browser/strategies/popup.d.ts +1 -1
  133. package/dist/node/test/helpers/api/helper.d.ts +2 -0
  134. package/dist/node/test/helpers/mock_auth.d.ts +5 -0
  135. package/dist/node/{totp-5e73d8e7.js → totp-13fce87f.js} +703 -172
  136. package/dist/node/totp-13fce87f.js.map +1 -0
  137. package/dist/node-esm/index.js +1 -1
  138. package/dist/node-esm/internal.js +16 -4
  139. package/dist/node-esm/internal.js.map +1 -1
  140. package/dist/node-esm/src/api/authentication/email_and_password.d.ts +9 -0
  141. package/dist/node-esm/src/api/authentication/recaptcha.d.ts +16 -0
  142. package/dist/node-esm/src/api/authentication/sign_up.d.ts +4 -0
  143. package/dist/node-esm/src/api/errors.d.ts +9 -1
  144. package/dist/node-esm/src/api/index.d.ts +17 -2
  145. package/dist/node-esm/src/core/auth/auth_impl.d.ts +9 -1
  146. package/dist/node-esm/src/core/errors.d.ts +18 -1
  147. package/dist/node-esm/src/core/index.d.ts +27 -0
  148. package/dist/node-esm/src/core/util/handler.d.ts +1 -1
  149. package/dist/node-esm/src/core/util/log.d.ts +1 -0
  150. package/dist/node-esm/src/mfa/assertions/totp.d.ts +2 -2
  151. package/dist/node-esm/src/model/auth.d.ts +6 -0
  152. package/dist/node-esm/src/platform_browser/auth_window.d.ts +2 -2
  153. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  154. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  155. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  156. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  157. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  158. package/dist/node-esm/src/platform_browser/strategies/popup.d.ts +1 -1
  159. package/dist/node-esm/test/helpers/api/helper.d.ts +2 -0
  160. package/dist/node-esm/test/helpers/mock_auth.d.ts +5 -0
  161. package/dist/node-esm/{totp-7b645f19.js → totp-aee19ee4.js} +560 -141
  162. package/dist/node-esm/totp-aee19ee4.js.map +1 -0
  163. package/dist/rn/index.js +2 -1
  164. package/dist/rn/index.js.map +1 -1
  165. package/dist/rn/internal.js +79 -48
  166. package/dist/rn/internal.js.map +1 -1
  167. package/dist/rn/{phone-ec210006.js → phone-26700494.js} +741 -260
  168. package/dist/rn/phone-26700494.js.map +1 -0
  169. package/dist/rn/src/api/authentication/email_and_password.d.ts +9 -0
  170. package/dist/rn/src/api/authentication/recaptcha.d.ts +16 -0
  171. package/dist/rn/src/api/authentication/sign_up.d.ts +4 -0
  172. package/dist/rn/src/api/errors.d.ts +9 -1
  173. package/dist/rn/src/api/index.d.ts +17 -2
  174. package/dist/rn/src/core/auth/auth_impl.d.ts +9 -1
  175. package/dist/rn/src/core/errors.d.ts +18 -1
  176. package/dist/rn/src/core/index.d.ts +27 -0
  177. package/dist/rn/src/core/util/handler.d.ts +1 -1
  178. package/dist/rn/src/core/util/log.d.ts +1 -0
  179. package/dist/rn/src/mfa/assertions/totp.d.ts +2 -2
  180. package/dist/rn/src/model/auth.d.ts +6 -0
  181. package/dist/rn/src/platform_browser/auth_window.d.ts +2 -2
  182. package/dist/rn/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  183. package/dist/rn/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  184. package/dist/rn/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  185. package/dist/rn/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  186. package/dist/rn/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  187. package/dist/rn/src/platform_browser/strategies/popup.d.ts +1 -1
  188. package/dist/rn/test/helpers/api/helper.d.ts +2 -0
  189. package/dist/rn/test/helpers/mock_auth.d.ts +5 -0
  190. package/dist/src/api/authentication/email_and_password.d.ts +9 -0
  191. package/dist/src/api/authentication/recaptcha.d.ts +16 -0
  192. package/dist/src/api/authentication/sign_up.d.ts +4 -0
  193. package/dist/src/api/errors.d.ts +9 -1
  194. package/dist/src/api/index.d.ts +17 -2
  195. package/dist/src/core/auth/auth_impl.d.ts +9 -1
  196. package/dist/src/core/errors.d.ts +18 -1
  197. package/dist/src/core/index.d.ts +27 -0
  198. package/dist/src/core/util/handler.d.ts +1 -1
  199. package/dist/src/core/util/log.d.ts +1 -0
  200. package/dist/src/mfa/assertions/totp.d.ts +2 -2
  201. package/dist/src/model/auth.d.ts +6 -0
  202. package/dist/src/platform_browser/auth_window.d.ts +2 -2
  203. package/dist/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  204. package/dist/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  205. package/dist/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  206. package/dist/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  207. package/dist/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  208. package/dist/src/platform_browser/strategies/popup.d.ts +1 -1
  209. package/dist/test/helpers/api/helper.d.ts +2 -0
  210. package/dist/test/helpers/mock_auth.d.ts +5 -0
  211. package/package.json +6 -6
  212. package/dist/browser-cjs/index-39443020.js.map +0 -1
  213. package/dist/cordova/popup_redirect-8b388294.js.map +0 -1
  214. package/dist/esm2017/index-2d01563f.js.map +0 -1
  215. package/dist/esm5/index-44fc929c.js.map +0 -1
  216. package/dist/node/totp-5e73d8e7.js.map +0 -1
  217. package/dist/node-esm/totp-7b645f19.js.map +0 -1
  218. package/dist/rn/phone-ec210006.js.map +0 -1
@@ -116,6 +116,7 @@ function _debugErrorMap() {
116
116
  _a["missing-or-invalid-nonce" /* AuthErrorCode.MISSING_OR_INVALID_NONCE */] = 'The request does not contain a valid nonce. This can occur if the ' +
117
117
  'SHA-256 hash of the provided raw nonce does not match the hashed nonce ' +
118
118
  'in the ID token payload.',
119
+ _a["missing-password" /* AuthErrorCode.MISSING_PASSWORD */] = 'A non-empty password must be provided',
119
120
  _a["missing-multi-factor-info" /* AuthErrorCode.MISSING_MFA_INFO */] = 'No second factor identifier is provided.',
120
121
  _a["missing-multi-factor-session" /* AuthErrorCode.MISSING_MFA_SESSION */] = 'The request is missing proof of first factor successful sign-in.',
121
122
  _a["missing-phone-number" /* AuthErrorCode.MISSING_PHONE_NUMBER */] = 'To send verification codes, provide a phone number for the recipient.',
@@ -169,6 +170,14 @@ function _debugErrorMap() {
169
170
  'different options. To avoid this error, call initializeAuth() with the ' +
170
171
  'same options as when it was originally called, or call getAuth() to return the' +
171
172
  ' already initialized instance.',
173
+ _a["missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */] = 'The reCAPTCHA token is missing when sending request to the backend.',
174
+ _a["invalid-recaptcha-token" /* AuthErrorCode.INVALID_RECAPTCHA_TOKEN */] = 'The reCAPTCHA token is invalid when sending request to the backend.',
175
+ _a["invalid-recaptcha-action" /* AuthErrorCode.INVALID_RECAPTCHA_ACTION */] = 'The reCAPTCHA action is invalid when sending request to the backend.',
176
+ _a["recaptcha-not-enabled" /* AuthErrorCode.RECAPTCHA_NOT_ENABLED */] = 'reCAPTCHA Enterprise integration is not enabled for this project.',
177
+ _a["missing-client-type" /* AuthErrorCode.MISSING_CLIENT_TYPE */] = 'The reCAPTCHA client type is missing when sending request to the backend.',
178
+ _a["missing-recaptcha-version" /* AuthErrorCode.MISSING_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is missing when sending request to the backend.',
179
+ _a["invalid-req-type" /* AuthErrorCode.INVALID_REQ_TYPE */] = 'Invalid request parameters.',
180
+ _a["invalid-recaptcha-version" /* AuthErrorCode.INVALID_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is invalid when sending request to the backend.',
172
181
  _a;
173
182
  }
174
183
  function _prodErrorMap() {
@@ -305,7 +314,15 @@ var AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = {
305
314
  USER_SIGNED_OUT: 'auth/user-signed-out',
306
315
  WEAK_PASSWORD: 'auth/weak-password',
307
316
  WEB_STORAGE_UNSUPPORTED: 'auth/web-storage-unsupported',
308
- ALREADY_INITIALIZED: 'auth/already-initialized'
317
+ ALREADY_INITIALIZED: 'auth/already-initialized',
318
+ RECAPTCHA_NOT_ENABLED: 'auth/recaptcha-not-enabled',
319
+ MISSING_RECAPTCHA_TOKEN: 'auth/missing-recaptcha-token',
320
+ INVALID_RECAPTCHA_TOKEN: 'auth/invalid-recaptcha-token',
321
+ INVALID_RECAPTCHA_ACTION: 'auth/invalid-recaptcha-action',
322
+ MISSING_CLIENT_TYPE: 'auth/missing-client-type',
323
+ MISSING_RECAPTCHA_VERSION: 'auth/missing-recaptcha-version',
324
+ INVALID_RECAPTCHA_VERSION: 'auth/invalid-recaptcha-version',
325
+ INVALID_REQ_TYPE: 'auth/invalid-req-type'
309
326
  };
310
327
 
311
328
  /**
@@ -325,6 +342,15 @@ var AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = {
325
342
  * limitations under the License.
326
343
  */
327
344
  var logClient = new logger.Logger('@firebase/auth');
345
+ function _logWarn(msg) {
346
+ var args = [];
347
+ for (var _i = 1; _i < arguments.length; _i++) {
348
+ args[_i - 1] = arguments[_i];
349
+ }
350
+ if (logClient.logLevel <= logger.LogLevel.WARN) {
351
+ logClient.warn.apply(logClient, tslib.__spreadArray(["Auth (".concat(app.SDK_VERSION, "): ").concat(msg)], args, false));
352
+ }
353
+ }
328
354
  function _logError(msg) {
329
355
  var args = [];
330
356
  for (var _i = 1; _i < arguments.length; _i++) {
@@ -437,103 +463,6 @@ function debugAssert(assertion, message) {
437
463
  }
438
464
  }
439
465
 
440
- /**
441
- * @license
442
- * Copyright 2020 Google LLC
443
- *
444
- * Licensed under the Apache License, Version 2.0 (the "License");
445
- * you may not use this file except in compliance with the License.
446
- * You may obtain a copy of the License at
447
- *
448
- * http://www.apache.org/licenses/LICENSE-2.0
449
- *
450
- * Unless required by applicable law or agreed to in writing, software
451
- * distributed under the License is distributed on an "AS IS" BASIS,
452
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
453
- * See the License for the specific language governing permissions and
454
- * limitations under the License.
455
- */
456
- var instanceCache = new Map();
457
- function _getInstance(cls) {
458
- debugAssert(cls instanceof Function, 'Expected a class definition');
459
- var instance = instanceCache.get(cls);
460
- if (instance) {
461
- debugAssert(instance instanceof cls, 'Instance stored in cache mismatched with class');
462
- return instance;
463
- }
464
- instance = new cls();
465
- instanceCache.set(cls, instance);
466
- return instance;
467
- }
468
-
469
- /**
470
- * @license
471
- * Copyright 2020 Google LLC
472
- *
473
- * Licensed under the Apache License, Version 2.0 (the "License");
474
- * you may not use this file except in compliance with the License.
475
- * You may obtain a copy of the License at
476
- *
477
- * http://www.apache.org/licenses/LICENSE-2.0
478
- *
479
- * Unless required by applicable law or agreed to in writing, software
480
- * distributed under the License is distributed on an "AS IS" BASIS,
481
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
482
- * See the License for the specific language governing permissions and
483
- * limitations under the License.
484
- */
485
- /**
486
- * Initializes an {@link Auth} instance with fine-grained control over
487
- * {@link Dependencies}.
488
- *
489
- * @remarks
490
- *
491
- * This function allows more control over the {@link Auth} instance than
492
- * {@link getAuth}. `getAuth` uses platform-specific defaults to supply
493
- * the {@link Dependencies}. In general, `getAuth` is the easiest way to
494
- * initialize Auth and works for most use cases. Use `initializeAuth` if you
495
- * need control over which persistence layer is used, or to minimize bundle
496
- * size if you're not using either `signInWithPopup` or `signInWithRedirect`.
497
- *
498
- * For example, if your app only uses anonymous accounts and you only want
499
- * accounts saved for the current session, initialize `Auth` with:
500
- *
501
- * ```js
502
- * const auth = initializeAuth(app, {
503
- * persistence: browserSessionPersistence,
504
- * popupRedirectResolver: undefined,
505
- * });
506
- * ```
507
- *
508
- * @public
509
- */
510
- function initializeAuth(app$1, deps) {
511
- var provider = app._getProvider(app$1, 'auth');
512
- if (provider.isInitialized()) {
513
- var auth_1 = provider.getImmediate();
514
- var initialOptions = provider.getOptions();
515
- if (util.deepEqual(initialOptions, deps !== null && deps !== void 0 ? deps : {})) {
516
- return auth_1;
517
- }
518
- else {
519
- _fail(auth_1, "already-initialized" /* AuthErrorCode.ALREADY_INITIALIZED */);
520
- }
521
- }
522
- var auth = provider.initialize({ options: deps });
523
- return auth;
524
- }
525
- function _initializeAuthInstance(auth, deps) {
526
- var persistence = (deps === null || deps === void 0 ? void 0 : deps.persistence) || [];
527
- var hierarchy = (Array.isArray(persistence) ? persistence : [persistence]).map(_getInstance);
528
- if (deps === null || deps === void 0 ? void 0 : deps.errorMap) {
529
- auth._updateErrorMap(deps.errorMap);
530
- }
531
- // This promise is intended to float; auth initialization happens in the
532
- // background, meanwhile the auth object may be used by the app.
533
- // eslint-disable-next-line @typescript-eslint/no-floating-promises
534
- auth._initializeWithPersistence(hierarchy, deps === null || deps === void 0 ? void 0 : deps.popupRedirectResolver);
535
- }
536
-
537
466
  /**
538
467
  * @license
539
468
  * Copyright 2020 Google LLC
@@ -770,7 +699,7 @@ var SERVER_ERROR_MAP = (_a$1 = {},
770
699
  // Sign in with email and password errors (some apply to sign up too).
771
700
  _a$1["INVALID_PASSWORD" /* ServerError.INVALID_PASSWORD */] = "wrong-password" /* AuthErrorCode.INVALID_PASSWORD */,
772
701
  // This can only happen if the SDK sends a bad request.
773
- _a$1["MISSING_PASSWORD" /* ServerError.MISSING_PASSWORD */] = "internal-error" /* AuthErrorCode.INTERNAL_ERROR */,
702
+ _a$1["MISSING_PASSWORD" /* ServerError.MISSING_PASSWORD */] = "missing-password" /* AuthErrorCode.MISSING_PASSWORD */,
774
703
  // Sign up with email and password errors.
775
704
  _a$1["EMAIL_EXISTS" /* ServerError.EMAIL_EXISTS */] = "email-already-in-use" /* AuthErrorCode.EMAIL_EXISTS */,
776
705
  _a$1["PASSWORD_LOGIN_DISABLED" /* ServerError.PASSWORD_LOGIN_DISABLED */] = "operation-not-allowed" /* AuthErrorCode.OPERATION_NOT_ALLOWED */,
@@ -818,6 +747,15 @@ var SERVER_ERROR_MAP = (_a$1 = {},
818
747
  _a$1["SECOND_FACTOR_LIMIT_EXCEEDED" /* ServerError.SECOND_FACTOR_LIMIT_EXCEEDED */] = "maximum-second-factor-count-exceeded" /* AuthErrorCode.SECOND_FACTOR_LIMIT_EXCEEDED */,
819
748
  // Blocking functions related errors.
820
749
  _a$1["BLOCKING_FUNCTION_ERROR_RESPONSE" /* ServerError.BLOCKING_FUNCTION_ERROR_RESPONSE */] = "internal-error" /* AuthErrorCode.INTERNAL_ERROR */,
750
+ // Recaptcha related errors.
751
+ _a$1["RECAPTCHA_NOT_ENABLED" /* ServerError.RECAPTCHA_NOT_ENABLED */] = "recaptcha-not-enabled" /* AuthErrorCode.RECAPTCHA_NOT_ENABLED */,
752
+ _a$1["MISSING_RECAPTCHA_TOKEN" /* ServerError.MISSING_RECAPTCHA_TOKEN */] = "missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */,
753
+ _a$1["INVALID_RECAPTCHA_TOKEN" /* ServerError.INVALID_RECAPTCHA_TOKEN */] = "invalid-recaptcha-token" /* AuthErrorCode.INVALID_RECAPTCHA_TOKEN */,
754
+ _a$1["INVALID_RECAPTCHA_ACTION" /* ServerError.INVALID_RECAPTCHA_ACTION */] = "invalid-recaptcha-action" /* AuthErrorCode.INVALID_RECAPTCHA_ACTION */,
755
+ _a$1["MISSING_CLIENT_TYPE" /* ServerError.MISSING_CLIENT_TYPE */] = "missing-client-type" /* AuthErrorCode.MISSING_CLIENT_TYPE */,
756
+ _a$1["MISSING_RECAPTCHA_VERSION" /* ServerError.MISSING_RECAPTCHA_VERSION */] = "missing-recaptcha-version" /* AuthErrorCode.MISSING_RECAPTCHA_VERSION */,
757
+ _a$1["INVALID_RECAPTCHA_VERSION" /* ServerError.INVALID_RECAPTCHA_VERSION */] = "invalid-recaptcha-version" /* AuthErrorCode.INVALID_RECAPTCHA_VERSION */,
758
+ _a$1["INVALID_REQ_TYPE" /* ServerError.INVALID_REQ_TYPE */] = "invalid-req-type" /* AuthErrorCode.INVALID_REQ_TYPE */,
821
759
  _a$1);
822
760
 
823
761
  /**
@@ -1939,6 +1877,35 @@ var UserImpl = /** @class */ (function () {
1939
1877
  return UserImpl;
1940
1878
  }());
1941
1879
 
1880
+ /**
1881
+ * @license
1882
+ * Copyright 2020 Google LLC
1883
+ *
1884
+ * Licensed under the Apache License, Version 2.0 (the "License");
1885
+ * you may not use this file except in compliance with the License.
1886
+ * You may obtain a copy of the License at
1887
+ *
1888
+ * http://www.apache.org/licenses/LICENSE-2.0
1889
+ *
1890
+ * Unless required by applicable law or agreed to in writing, software
1891
+ * distributed under the License is distributed on an "AS IS" BASIS,
1892
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1893
+ * See the License for the specific language governing permissions and
1894
+ * limitations under the License.
1895
+ */
1896
+ var instanceCache = new Map();
1897
+ function _getInstance(cls) {
1898
+ debugAssert(cls instanceof Function, 'Expected a class definition');
1899
+ var instance = instanceCache.get(cls);
1900
+ if (instance) {
1901
+ debugAssert(instance instanceof cls, 'Instance stored in cache mismatched with class');
1902
+ return instance;
1903
+ }
1904
+ instance = new cls();
1905
+ instanceCache.set(cls, instance);
1906
+ return instance;
1907
+ }
1908
+
1942
1909
  /**
1943
1910
  * @license
1944
1911
  * Copyright 2019 Google LLC
@@ -2377,6 +2344,288 @@ function _getClientVersion(clientPlatform, frameworks) {
2377
2344
  return "".concat(reportedPlatform, "/").concat("JsCore" /* ClientImplementation.CORE */, "/").concat(app.SDK_VERSION, "/").concat(reportedFrameworks);
2378
2345
  }
2379
2346
 
2347
+ /**
2348
+ * @license
2349
+ * Copyright 2020 Google LLC
2350
+ *
2351
+ * Licensed under the Apache License, Version 2.0 (the "License");
2352
+ * you may not use this file except in compliance with the License.
2353
+ * You may obtain a copy of the License at
2354
+ *
2355
+ * http://www.apache.org/licenses/LICENSE-2.0
2356
+ *
2357
+ * Unless required by applicable law or agreed to in writing, software
2358
+ * distributed under the License is distributed on an "AS IS" BASIS,
2359
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2360
+ * See the License for the specific language governing permissions and
2361
+ * limitations under the License.
2362
+ */
2363
+ function getRecaptchaParams(auth) {
2364
+ return tslib.__awaiter(this, void 0, void 0, function () {
2365
+ return tslib.__generator(this, function (_a) {
2366
+ switch (_a.label) {
2367
+ case 0: return [4 /*yield*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v1/recaptchaParams" /* Endpoint.GET_RECAPTCHA_PARAM */)];
2368
+ case 1: return [2 /*return*/, ((_a.sent()).recaptchaSiteKey || '')];
2369
+ }
2370
+ });
2371
+ });
2372
+ }
2373
+ function getRecaptchaConfig(auth, request) {
2374
+ return tslib.__awaiter(this, void 0, void 0, function () {
2375
+ return tslib.__generator(this, function (_a) {
2376
+ return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/recaptchaConfig" /* Endpoint.GET_RECAPTCHA_CONFIG */, _addTidIfNecessary(auth, request))];
2377
+ });
2378
+ });
2379
+ }
2380
+
2381
+ /**
2382
+ * @license
2383
+ * Copyright 2020 Google LLC
2384
+ *
2385
+ * Licensed under the Apache License, Version 2.0 (the "License");
2386
+ * you may not use this file except in compliance with the License.
2387
+ * You may obtain a copy of the License at
2388
+ *
2389
+ * http://www.apache.org/licenses/LICENSE-2.0
2390
+ *
2391
+ * Unless required by applicable law or agreed to in writing, software
2392
+ * distributed under the License is distributed on an "AS IS" BASIS,
2393
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2394
+ * See the License for the specific language governing permissions and
2395
+ * limitations under the License.
2396
+ */
2397
+ function isV2(grecaptcha) {
2398
+ return (grecaptcha !== undefined &&
2399
+ grecaptcha.getResponse !== undefined);
2400
+ }
2401
+ function isEnterprise(grecaptcha) {
2402
+ return (grecaptcha !== undefined &&
2403
+ grecaptcha.enterprise !== undefined);
2404
+ }
2405
+ var RecaptchaConfig = /** @class */ (function () {
2406
+ function RecaptchaConfig(response) {
2407
+ /**
2408
+ * The reCAPTCHA site key.
2409
+ */
2410
+ this.siteKey = '';
2411
+ /**
2412
+ * The reCAPTCHA enablement status of the {@link EmailAuthProvider} for the current tenant.
2413
+ */
2414
+ this.emailPasswordEnabled = false;
2415
+ if (response.recaptchaKey === undefined) {
2416
+ throw new Error('recaptchaKey undefined');
2417
+ }
2418
+ // Example response.recaptchaKey: "projects/proj123/keys/sitekey123"
2419
+ this.siteKey = response.recaptchaKey.split('/')[3];
2420
+ this.emailPasswordEnabled = response.recaptchaEnforcementState.some(function (enforcementState) {
2421
+ return enforcementState.provider === 'EMAIL_PASSWORD_PROVIDER' &&
2422
+ enforcementState.enforcementState !== 'OFF';
2423
+ });
2424
+ }
2425
+ return RecaptchaConfig;
2426
+ }());
2427
+
2428
+ /**
2429
+ * @license
2430
+ * Copyright 2020 Google LLC
2431
+ *
2432
+ * Licensed under the Apache License, Version 2.0 (the "License");
2433
+ * you may not use this file except in compliance with the License.
2434
+ * You may obtain a copy of the License at
2435
+ *
2436
+ * http://www.apache.org/licenses/LICENSE-2.0
2437
+ *
2438
+ * Unless required by applicable law or agreed to in writing, software
2439
+ * distributed under the License is distributed on an "AS IS" BASIS,
2440
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2441
+ * See the License for the specific language governing permissions and
2442
+ * limitations under the License.
2443
+ */
2444
+ function getScriptParentElement() {
2445
+ var _a, _b;
2446
+ return (_b = (_a = document.getElementsByTagName('head')) === null || _a === void 0 ? void 0 : _a[0]) !== null && _b !== void 0 ? _b : document;
2447
+ }
2448
+ function _loadJS(url) {
2449
+ // TODO: consider adding timeout support & cancellation
2450
+ return new Promise(function (resolve, reject) {
2451
+ var el = document.createElement('script');
2452
+ el.setAttribute('src', url);
2453
+ el.onload = resolve;
2454
+ el.onerror = function (e) {
2455
+ var error = _createError("internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
2456
+ error.customData = e;
2457
+ reject(error);
2458
+ };
2459
+ el.type = 'text/javascript';
2460
+ el.charset = 'UTF-8';
2461
+ getScriptParentElement().appendChild(el);
2462
+ });
2463
+ }
2464
+ function _generateCallbackName(prefix) {
2465
+ return "__".concat(prefix).concat(Math.floor(Math.random() * 1000000));
2466
+ }
2467
+
2468
+ /* eslint-disable @typescript-eslint/no-require-imports */
2469
+ var RECAPTCHA_ENTERPRISE_URL = 'https://www.google.com/recaptcha/enterprise.js?render=';
2470
+ var RECAPTCHA_ENTERPRISE_VERIFIER_TYPE = 'recaptcha-enterprise';
2471
+ var RecaptchaEnterpriseVerifier = /** @class */ (function () {
2472
+ /**
2473
+ *
2474
+ * @param authExtern - The corresponding Firebase {@link Auth} instance.
2475
+ *
2476
+ */
2477
+ function RecaptchaEnterpriseVerifier(authExtern) {
2478
+ /**
2479
+ * Identifies the type of application verifier (e.g. "recaptcha-enterprise").
2480
+ */
2481
+ this.type = RECAPTCHA_ENTERPRISE_VERIFIER_TYPE;
2482
+ this.auth = _castAuth(authExtern);
2483
+ }
2484
+ /**
2485
+ * Executes the verification process.
2486
+ *
2487
+ * @returns A Promise for a token that can be used to assert the validity of a request.
2488
+ */
2489
+ RecaptchaEnterpriseVerifier.prototype.verify = function (action, forceRefresh) {
2490
+ if (action === void 0) { action = 'verify'; }
2491
+ if (forceRefresh === void 0) { forceRefresh = false; }
2492
+ return tslib.__awaiter(this, void 0, void 0, function () {
2493
+ function retrieveSiteKey(auth) {
2494
+ return tslib.__awaiter(this, void 0, void 0, function () {
2495
+ var _this = this;
2496
+ return tslib.__generator(this, function (_a) {
2497
+ if (!forceRefresh) {
2498
+ if (auth.tenantId == null && auth._agentRecaptchaConfig != null) {
2499
+ return [2 /*return*/, auth._agentRecaptchaConfig.siteKey];
2500
+ }
2501
+ if (auth.tenantId != null &&
2502
+ auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined) {
2503
+ return [2 /*return*/, auth._tenantRecaptchaConfigs[auth.tenantId].siteKey];
2504
+ }
2505
+ }
2506
+ return [2 /*return*/, new Promise(function (resolve, reject) { return tslib.__awaiter(_this, void 0, void 0, function () {
2507
+ return tslib.__generator(this, function (_a) {
2508
+ getRecaptchaConfig(auth, {
2509
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
2510
+ version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
2511
+ })
2512
+ .then(function (response) {
2513
+ if (response.recaptchaKey === undefined) {
2514
+ reject(new Error('recaptcha Enterprise site key undefined'));
2515
+ }
2516
+ else {
2517
+ var config = new RecaptchaConfig(response);
2518
+ if (auth.tenantId == null) {
2519
+ auth._agentRecaptchaConfig = config;
2520
+ }
2521
+ else {
2522
+ auth._tenantRecaptchaConfigs[auth.tenantId] = config;
2523
+ }
2524
+ return resolve(config.siteKey);
2525
+ }
2526
+ })
2527
+ .catch(function (error) {
2528
+ reject(error);
2529
+ });
2530
+ return [2 /*return*/];
2531
+ });
2532
+ }); })];
2533
+ });
2534
+ });
2535
+ }
2536
+ function retrieveRecaptchaToken(siteKey, resolve, reject) {
2537
+ var grecaptcha = window.grecaptcha;
2538
+ if (isEnterprise(grecaptcha)) {
2539
+ grecaptcha.enterprise.ready(function () {
2540
+ try {
2541
+ grecaptcha.enterprise
2542
+ .execute(siteKey, { action: action })
2543
+ .then(function (token) {
2544
+ resolve(token);
2545
+ })
2546
+ .catch(function (error) {
2547
+ reject(error);
2548
+ });
2549
+ }
2550
+ catch (error) {
2551
+ reject(error);
2552
+ }
2553
+ });
2554
+ }
2555
+ else {
2556
+ reject(Error('No reCAPTCHA enterprise script loaded.'));
2557
+ }
2558
+ }
2559
+ var _this = this;
2560
+ return tslib.__generator(this, function (_a) {
2561
+ return [2 /*return*/, new Promise(function (resolve, reject) {
2562
+ retrieveSiteKey(_this.auth)
2563
+ .then(function (siteKey) {
2564
+ if (!forceRefresh && isEnterprise(window.grecaptcha)) {
2565
+ retrieveRecaptchaToken(siteKey, resolve, reject);
2566
+ }
2567
+ else {
2568
+ if (typeof window === 'undefined') {
2569
+ reject(new Error('RecaptchaVerifier is only supported in browser'));
2570
+ return;
2571
+ }
2572
+ _loadJS(RECAPTCHA_ENTERPRISE_URL + siteKey)
2573
+ .then(function () {
2574
+ retrieveRecaptchaToken(siteKey, resolve, reject);
2575
+ })
2576
+ .catch(function (error) {
2577
+ reject(error);
2578
+ });
2579
+ }
2580
+ })
2581
+ .catch(function (error) {
2582
+ reject(error);
2583
+ });
2584
+ })];
2585
+ });
2586
+ });
2587
+ };
2588
+ return RecaptchaEnterpriseVerifier;
2589
+ }());
2590
+ function injectRecaptchaFields(auth, request, action, captchaResp) {
2591
+ if (captchaResp === void 0) { captchaResp = false; }
2592
+ return tslib.__awaiter(this, void 0, void 0, function () {
2593
+ var verifier, captchaResponse, newRequest;
2594
+ return tslib.__generator(this, function (_a) {
2595
+ switch (_a.label) {
2596
+ case 0:
2597
+ verifier = new RecaptchaEnterpriseVerifier(auth);
2598
+ _a.label = 1;
2599
+ case 1:
2600
+ _a.trys.push([1, 3, , 5]);
2601
+ return [4 /*yield*/, verifier.verify(action)];
2602
+ case 2:
2603
+ captchaResponse = _a.sent();
2604
+ return [3 /*break*/, 5];
2605
+ case 3:
2606
+ _a.sent();
2607
+ return [4 /*yield*/, verifier.verify(action, true)];
2608
+ case 4:
2609
+ captchaResponse = _a.sent();
2610
+ return [3 /*break*/, 5];
2611
+ case 5:
2612
+ newRequest = tslib.__assign({}, request);
2613
+ if (!captchaResp) {
2614
+ Object.assign(newRequest, { captchaResponse: captchaResponse });
2615
+ }
2616
+ else {
2617
+ Object.assign(newRequest, { 'captchaResp': captchaResponse });
2618
+ }
2619
+ Object.assign(newRequest, { 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ });
2620
+ Object.assign(newRequest, {
2621
+ 'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
2622
+ });
2623
+ return [2 /*return*/, newRequest];
2624
+ }
2625
+ });
2626
+ });
2627
+ }
2628
+
2380
2629
  /**
2381
2630
  * @license
2382
2631
  * Copyright 2022 Google LLC
@@ -2498,9 +2747,10 @@ var AuthMiddlewareQueue = /** @class */ (function () {
2498
2747
  * limitations under the License.
2499
2748
  */
2500
2749
  var AuthImpl = /** @class */ (function () {
2501
- function AuthImpl(app, heartbeatServiceProvider, config) {
2750
+ function AuthImpl(app, heartbeatServiceProvider, appCheckServiceProvider, config) {
2502
2751
  this.app = app;
2503
2752
  this.heartbeatServiceProvider = heartbeatServiceProvider;
2753
+ this.appCheckServiceProvider = appCheckServiceProvider;
2504
2754
  this.config = config;
2505
2755
  this.currentUser = null;
2506
2756
  this.emulatorConfig = null;
@@ -2518,6 +2768,8 @@ var AuthImpl = /** @class */ (function () {
2518
2768
  this._initializationPromise = null;
2519
2769
  this._popupRedirectResolver = null;
2520
2770
  this._errorFactory = _DEFAULT_AUTH_ERROR_FACTORY;
2771
+ this._agentRecaptchaConfig = null;
2772
+ this._tenantRecaptchaConfigs = {};
2521
2773
  // Tracks the last notified UID for state change listeners to prevent
2522
2774
  // repeated calls to the callbacks. Undefined means it's never been
2523
2775
  // called, whereas null means it's been called with a signed out user
@@ -2847,6 +3099,41 @@ var AuthImpl = /** @class */ (function () {
2847
3099
  });
2848
3100
  }); });
2849
3101
  };
3102
+ AuthImpl.prototype.initializeRecaptchaConfig = function () {
3103
+ return tslib.__awaiter(this, void 0, void 0, function () {
3104
+ var response, config, verifier;
3105
+ return tslib.__generator(this, function (_a) {
3106
+ switch (_a.label) {
3107
+ case 0: return [4 /*yield*/, getRecaptchaConfig(this, {
3108
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
3109
+ version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
3110
+ })];
3111
+ case 1:
3112
+ response = _a.sent();
3113
+ config = new RecaptchaConfig(response);
3114
+ if (this.tenantId == null) {
3115
+ this._agentRecaptchaConfig = config;
3116
+ }
3117
+ else {
3118
+ this._tenantRecaptchaConfigs[this.tenantId] = config;
3119
+ }
3120
+ if (config.emailPasswordEnabled) {
3121
+ verifier = new RecaptchaEnterpriseVerifier(this);
3122
+ void verifier.verify();
3123
+ }
3124
+ return [2 /*return*/];
3125
+ }
3126
+ });
3127
+ });
3128
+ };
3129
+ AuthImpl.prototype._getRecaptchaConfig = function () {
3130
+ if (this.tenantId == null) {
3131
+ return this._agentRecaptchaConfig;
3132
+ }
3133
+ else {
3134
+ return this._tenantRecaptchaConfigs[this.tenantId];
3135
+ }
3136
+ };
2850
3137
  AuthImpl.prototype._getPersistence = function () {
2851
3138
  return this.assertedPersistence.persistence.type;
2852
3139
  };
@@ -3074,7 +3361,7 @@ var AuthImpl = /** @class */ (function () {
3074
3361
  AuthImpl.prototype._getAdditionalHeaders = function () {
3075
3362
  var _a;
3076
3363
  return tslib.__awaiter(this, void 0, void 0, function () {
3077
- var headers, heartbeatsHeader;
3364
+ var headers, heartbeatsHeader, appCheckToken;
3078
3365
  var _b;
3079
3366
  return tslib.__generator(this, function (_c) {
3080
3367
  switch (_c.label) {
@@ -3094,11 +3381,39 @@ var AuthImpl = /** @class */ (function () {
3094
3381
  if (heartbeatsHeader) {
3095
3382
  headers["X-Firebase-Client" /* HttpHeader.X_FIREBASE_CLIENT */] = heartbeatsHeader;
3096
3383
  }
3384
+ return [4 /*yield*/, this._getAppCheckToken()];
3385
+ case 2:
3386
+ appCheckToken = _c.sent();
3387
+ if (appCheckToken) {
3388
+ headers["X-Firebase-AppCheck" /* HttpHeader.X_FIREBASE_APP_CHECK */] = appCheckToken;
3389
+ }
3097
3390
  return [2 /*return*/, headers];
3098
3391
  }
3099
3392
  });
3100
3393
  });
3101
3394
  };
3395
+ AuthImpl.prototype._getAppCheckToken = function () {
3396
+ var _a;
3397
+ return tslib.__awaiter(this, void 0, void 0, function () {
3398
+ var appCheckTokenResult;
3399
+ return tslib.__generator(this, function (_b) {
3400
+ switch (_b.label) {
3401
+ case 0: return [4 /*yield*/, ((_a = this.appCheckServiceProvider
3402
+ .getImmediate({ optional: true })) === null || _a === void 0 ? void 0 : _a.getToken())];
3403
+ case 1:
3404
+ appCheckTokenResult = _b.sent();
3405
+ if (appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.error) {
3406
+ // Context: appCheck.getToken() will never throw even if an error happened.
3407
+ // In the error case, a dummy token will be returned along with an error field describing
3408
+ // the error. In general, we shouldn't care about the error condition and just use
3409
+ // the token (actual or dummy) to send requests.
3410
+ _logWarn("Error while retrieving App Check token: ".concat(appCheckTokenResult.error));
3411
+ }
3412
+ return [2 /*return*/, appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.token];
3413
+ }
3414
+ });
3415
+ });
3416
+ };
3102
3417
  return AuthImpl;
3103
3418
  }());
3104
3419
  /**
@@ -3107,27 +3422,95 @@ var AuthImpl = /** @class */ (function () {
3107
3422
  *
3108
3423
  * @param auth Auth object passed in from developer
3109
3424
  */
3110
- function _castAuth(auth) {
3111
- return util.getModularInstance(auth);
3425
+ function _castAuth(auth) {
3426
+ return util.getModularInstance(auth);
3427
+ }
3428
+ /** Helper class to wrap subscriber logic */
3429
+ var Subscription = /** @class */ (function () {
3430
+ function Subscription(auth) {
3431
+ var _this = this;
3432
+ this.auth = auth;
3433
+ this.observer = null;
3434
+ this.addObserver = util.createSubscribe(function (observer) { return (_this.observer = observer); });
3435
+ }
3436
+ Object.defineProperty(Subscription.prototype, "next", {
3437
+ get: function () {
3438
+ _assert(this.observer, this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
3439
+ return this.observer.next.bind(this.observer);
3440
+ },
3441
+ enumerable: false,
3442
+ configurable: true
3443
+ });
3444
+ return Subscription;
3445
+ }());
3446
+
3447
+ /**
3448
+ * @license
3449
+ * Copyright 2020 Google LLC
3450
+ *
3451
+ * Licensed under the Apache License, Version 2.0 (the "License");
3452
+ * you may not use this file except in compliance with the License.
3453
+ * You may obtain a copy of the License at
3454
+ *
3455
+ * http://www.apache.org/licenses/LICENSE-2.0
3456
+ *
3457
+ * Unless required by applicable law or agreed to in writing, software
3458
+ * distributed under the License is distributed on an "AS IS" BASIS,
3459
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
3460
+ * See the License for the specific language governing permissions and
3461
+ * limitations under the License.
3462
+ */
3463
+ /**
3464
+ * Initializes an {@link Auth} instance with fine-grained control over
3465
+ * {@link Dependencies}.
3466
+ *
3467
+ * @remarks
3468
+ *
3469
+ * This function allows more control over the {@link Auth} instance than
3470
+ * {@link getAuth}. `getAuth` uses platform-specific defaults to supply
3471
+ * the {@link Dependencies}. In general, `getAuth` is the easiest way to
3472
+ * initialize Auth and works for most use cases. Use `initializeAuth` if you
3473
+ * need control over which persistence layer is used, or to minimize bundle
3474
+ * size if you're not using either `signInWithPopup` or `signInWithRedirect`.
3475
+ *
3476
+ * For example, if your app only uses anonymous accounts and you only want
3477
+ * accounts saved for the current session, initialize `Auth` with:
3478
+ *
3479
+ * ```js
3480
+ * const auth = initializeAuth(app, {
3481
+ * persistence: browserSessionPersistence,
3482
+ * popupRedirectResolver: undefined,
3483
+ * });
3484
+ * ```
3485
+ *
3486
+ * @public
3487
+ */
3488
+ function initializeAuth(app$1, deps) {
3489
+ var provider = app._getProvider(app$1, 'auth');
3490
+ if (provider.isInitialized()) {
3491
+ var auth_1 = provider.getImmediate();
3492
+ var initialOptions = provider.getOptions();
3493
+ if (util.deepEqual(initialOptions, deps !== null && deps !== void 0 ? deps : {})) {
3494
+ return auth_1;
3495
+ }
3496
+ else {
3497
+ _fail(auth_1, "already-initialized" /* AuthErrorCode.ALREADY_INITIALIZED */);
3498
+ }
3499
+ }
3500
+ var auth = provider.initialize({ options: deps });
3501
+ return auth;
3112
3502
  }
3113
- /** Helper class to wrap subscriber logic */
3114
- var Subscription = /** @class */ (function () {
3115
- function Subscription(auth) {
3116
- var _this = this;
3117
- this.auth = auth;
3118
- this.observer = null;
3119
- this.addObserver = util.createSubscribe(function (observer) { return (_this.observer = observer); });
3503
+ function _initializeAuthInstance(auth, deps) {
3504
+ var persistence = (deps === null || deps === void 0 ? void 0 : deps.persistence) || [];
3505
+ var hierarchy = (Array.isArray(persistence) ? persistence : [persistence]).map(_getInstance);
3506
+ if (deps === null || deps === void 0 ? void 0 : deps.errorMap) {
3507
+ auth._updateErrorMap(deps.errorMap);
3120
3508
  }
3121
- Object.defineProperty(Subscription.prototype, "next", {
3122
- get: function () {
3123
- _assert(this.observer, this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
3124
- return this.observer.next.bind(this.observer);
3125
- },
3126
- enumerable: false,
3127
- configurable: true
3128
- });
3129
- return Subscription;
3130
- }());
3509
+ // This promise is intended to float; auth initialization happens in the
3510
+ // background, meanwhile the auth object may be used by the app.
3511
+ // eslint-disable-next-line @typescript-eslint/no-floating-promises
3512
+ auth._initializeWithPersistence(hierarchy, deps === null || deps === void 0 ? void 0 : deps.popupRedirectResolver);
3513
+ }
3131
3514
 
3132
3515
  /**
3133
3516
  * Changes the {@link Auth} instance to communicate with the Firebase Auth Emulator, instead of production
@@ -3517,24 +3900,55 @@ var EmailAuthCredential = /** @class */ (function (_super) {
3517
3900
  };
3518
3901
  /** @internal */
3519
3902
  EmailAuthCredential.prototype._getIdTokenResponse = function (auth) {
3903
+ var _a;
3520
3904
  return tslib.__awaiter(this, void 0, void 0, function () {
3521
- return tslib.__generator(this, function (_a) {
3522
- switch (this.signInMethod) {
3523
- case "password" /* SignInMethod.EMAIL_PASSWORD */:
3524
- return [2 /*return*/, signInWithPassword(auth, {
3525
- returnSecureToken: true,
3526
- email: this._email,
3527
- password: this._password
3528
- })];
3529
- case "emailLink" /* SignInMethod.EMAIL_LINK */:
3530
- return [2 /*return*/, signInWithEmailLink$1(auth, {
3531
- email: this._email,
3532
- oobCode: this._password
3533
- })];
3534
- default:
3905
+ var _b, request_1, requestWithRecaptcha;
3906
+ var _this = this;
3907
+ return tslib.__generator(this, function (_c) {
3908
+ switch (_c.label) {
3909
+ case 0:
3910
+ _b = this.signInMethod;
3911
+ switch (_b) {
3912
+ case "password" /* SignInMethod.EMAIL_PASSWORD */: return [3 /*break*/, 1];
3913
+ case "emailLink" /* SignInMethod.EMAIL_LINK */: return [3 /*break*/, 4];
3914
+ }
3915
+ return [3 /*break*/, 5];
3916
+ case 1:
3917
+ request_1 = {
3918
+ returnSecureToken: true,
3919
+ email: this._email,
3920
+ password: this._password,
3921
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
3922
+ };
3923
+ if (!((_a = auth._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled)) return [3 /*break*/, 3];
3924
+ return [4 /*yield*/, injectRecaptchaFields(auth, request_1, "signInWithPassword" /* RecaptchaActionName.SIGN_IN_WITH_PASSWORD */)];
3925
+ case 2:
3926
+ requestWithRecaptcha = _c.sent();
3927
+ return [2 /*return*/, signInWithPassword(auth, requestWithRecaptcha)];
3928
+ case 3: return [2 /*return*/, signInWithPassword(auth, request_1).catch(function (error) { return tslib.__awaiter(_this, void 0, void 0, function () {
3929
+ var requestWithRecaptcha;
3930
+ return tslib.__generator(this, function (_a) {
3931
+ switch (_a.label) {
3932
+ case 0:
3933
+ if (!(error.code === "auth/".concat("missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */))) return [3 /*break*/, 2];
3934
+ console.log('Sign-in with email address and password is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-in flow.');
3935
+ return [4 /*yield*/, injectRecaptchaFields(auth, request_1, "signInWithPassword" /* RecaptchaActionName.SIGN_IN_WITH_PASSWORD */)];
3936
+ case 1:
3937
+ requestWithRecaptcha = _a.sent();
3938
+ return [2 /*return*/, signInWithPassword(auth, requestWithRecaptcha)];
3939
+ case 2: return [2 /*return*/, Promise.reject(error)];
3940
+ }
3941
+ });
3942
+ }); })];
3943
+ case 4: return [2 /*return*/, signInWithEmailLink$1(auth, {
3944
+ email: this._email,
3945
+ oobCode: this._password
3946
+ })];
3947
+ case 5:
3535
3948
  _fail(auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
3949
+ _c.label = 6;
3950
+ case 6: return [2 /*return*/];
3536
3951
  }
3537
- return [2 /*return*/];
3538
3952
  });
3539
3953
  });
3540
3954
  };
@@ -5721,23 +6135,61 @@ function _setActionCodeSettingsOnRequest(auth, request, actionCodeSettings) {
5721
6135
  * @public
5722
6136
  */
5723
6137
  function sendPasswordResetEmail(auth, email, actionCodeSettings) {
6138
+ var _a;
5724
6139
  return tslib.__awaiter(this, void 0, void 0, function () {
5725
- var authModular, request;
5726
- return tslib.__generator(this, function (_a) {
5727
- switch (_a.label) {
6140
+ var authInternal, request, requestWithRecaptcha;
6141
+ var _this = this;
6142
+ return tslib.__generator(this, function (_b) {
6143
+ switch (_b.label) {
5728
6144
  case 0:
5729
- authModular = util.getModularInstance(auth);
6145
+ authInternal = _castAuth(auth);
5730
6146
  request = {
5731
6147
  requestType: "PASSWORD_RESET" /* ActionCodeOperation.PASSWORD_RESET */,
5732
- email: email
6148
+ email: email,
6149
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
5733
6150
  };
6151
+ if (!((_a = authInternal._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled)) return [3 /*break*/, 3];
6152
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true)];
6153
+ case 1:
6154
+ requestWithRecaptcha = _b.sent();
5734
6155
  if (actionCodeSettings) {
5735
- _setActionCodeSettingsOnRequest(authModular, request, actionCodeSettings);
6156
+ _setActionCodeSettingsOnRequest(authInternal, requestWithRecaptcha, actionCodeSettings);
5736
6157
  }
5737
- return [4 /*yield*/, sendPasswordResetEmail$1(authModular, request)];
5738
- case 1:
5739
- _a.sent();
5740
- return [2 /*return*/];
6158
+ return [4 /*yield*/, sendPasswordResetEmail$1(authInternal, requestWithRecaptcha)];
6159
+ case 2:
6160
+ _b.sent();
6161
+ return [3 /*break*/, 5];
6162
+ case 3:
6163
+ if (actionCodeSettings) {
6164
+ _setActionCodeSettingsOnRequest(authInternal, request, actionCodeSettings);
6165
+ }
6166
+ return [4 /*yield*/, sendPasswordResetEmail$1(authInternal, request)
6167
+ .catch(function (error) { return tslib.__awaiter(_this, void 0, void 0, function () {
6168
+ var requestWithRecaptcha;
6169
+ return tslib.__generator(this, function (_a) {
6170
+ switch (_a.label) {
6171
+ case 0:
6172
+ if (!(error.code === "auth/".concat("missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */))) return [3 /*break*/, 3];
6173
+ console.log('Password resets are protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the password reset flow.');
6174
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true)];
6175
+ case 1:
6176
+ requestWithRecaptcha = _a.sent();
6177
+ if (actionCodeSettings) {
6178
+ _setActionCodeSettingsOnRequest(authInternal, requestWithRecaptcha, actionCodeSettings);
6179
+ }
6180
+ return [4 /*yield*/, sendPasswordResetEmail$1(authInternal, requestWithRecaptcha)];
6181
+ case 2:
6182
+ _a.sent();
6183
+ return [3 /*break*/, 4];
6184
+ case 3: return [2 /*return*/, Promise.reject(error)];
6185
+ case 4: return [2 /*return*/];
6186
+ }
6187
+ });
6188
+ }); })];
6189
+ case 4:
6190
+ _b.sent();
6191
+ _b.label = 5;
6192
+ case 5: return [2 /*return*/];
5741
6193
  }
5742
6194
  });
5743
6195
  });
@@ -5882,25 +6334,54 @@ function verifyPasswordResetCode(auth, code) {
5882
6334
  * @public
5883
6335
  */
5884
6336
  function createUserWithEmailAndPassword(auth, email, password) {
6337
+ var _a;
5885
6338
  return tslib.__awaiter(this, void 0, void 0, function () {
5886
- var authInternal, response, userCredential;
5887
- return tslib.__generator(this, function (_a) {
5888
- switch (_a.label) {
6339
+ var authInternal, request, signUpResponse, requestWithRecaptcha, response, userCredential;
6340
+ var _this = this;
6341
+ return tslib.__generator(this, function (_b) {
6342
+ switch (_b.label) {
5889
6343
  case 0:
5890
6344
  authInternal = _castAuth(auth);
5891
- return [4 /*yield*/, signUp(authInternal, {
5892
- returnSecureToken: true,
5893
- email: email,
5894
- password: password
5895
- })];
6345
+ request = {
6346
+ returnSecureToken: true,
6347
+ email: email,
6348
+ password: password,
6349
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
6350
+ };
6351
+ if (!((_a = authInternal._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled)) return [3 /*break*/, 2];
6352
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */)];
5896
6353
  case 1:
5897
- response = _a.sent();
5898
- return [4 /*yield*/, UserCredentialImpl._fromIdTokenResponse(authInternal, "signIn" /* OperationType.SIGN_IN */, response)];
6354
+ requestWithRecaptcha = _b.sent();
6355
+ signUpResponse = signUp(authInternal, requestWithRecaptcha);
6356
+ return [3 /*break*/, 3];
5899
6357
  case 2:
5900
- userCredential = _a.sent();
6358
+ signUpResponse = signUp(authInternal, request).catch(function (error) { return tslib.__awaiter(_this, void 0, void 0, function () {
6359
+ var requestWithRecaptcha;
6360
+ return tslib.__generator(this, function (_a) {
6361
+ switch (_a.label) {
6362
+ case 0:
6363
+ if (!(error.code === "auth/".concat("missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */))) return [3 /*break*/, 2];
6364
+ console.log('Sign-up is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-up flow.');
6365
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */)];
6366
+ case 1:
6367
+ requestWithRecaptcha = _a.sent();
6368
+ return [2 /*return*/, signUp(authInternal, requestWithRecaptcha)];
6369
+ case 2: return [2 /*return*/, Promise.reject(error)];
6370
+ }
6371
+ });
6372
+ }); });
6373
+ _b.label = 3;
6374
+ case 3: return [4 /*yield*/, signUpResponse.catch(function (error) {
6375
+ return Promise.reject(error);
6376
+ })];
6377
+ case 4:
6378
+ response = _b.sent();
6379
+ return [4 /*yield*/, UserCredentialImpl._fromIdTokenResponse(authInternal, "signIn" /* OperationType.SIGN_IN */, response)];
6380
+ case 5:
6381
+ userCredential = _b.sent();
5901
6382
  return [4 /*yield*/, authInternal._updateCurrentUser(userCredential.user)];
5902
- case 3:
5903
- _a.sent();
6383
+ case 6:
6384
+ _b.sent();
5904
6385
  return [2 /*return*/, userCredential];
5905
6386
  }
5906
6387
  });
@@ -5981,24 +6462,61 @@ function signInWithEmailAndPassword(auth, email, password) {
5981
6462
  * @public
5982
6463
  */
5983
6464
  function sendSignInLinkToEmail(auth, email, actionCodeSettings) {
6465
+ var _a;
5984
6466
  return tslib.__awaiter(this, void 0, void 0, function () {
5985
- var authModular, request;
5986
- return tslib.__generator(this, function (_a) {
5987
- switch (_a.label) {
6467
+ function setActionCodeSettings(request, actionCodeSettings) {
6468
+ _assert(actionCodeSettings.handleCodeInApp, authInternal, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
6469
+ if (actionCodeSettings) {
6470
+ _setActionCodeSettingsOnRequest(authInternal, request, actionCodeSettings);
6471
+ }
6472
+ }
6473
+ var authInternal, request, requestWithRecaptcha;
6474
+ var _this = this;
6475
+ return tslib.__generator(this, function (_b) {
6476
+ switch (_b.label) {
5988
6477
  case 0:
5989
- authModular = util.getModularInstance(auth);
6478
+ authInternal = _castAuth(auth);
5990
6479
  request = {
5991
6480
  requestType: "EMAIL_SIGNIN" /* ActionCodeOperation.EMAIL_SIGNIN */,
5992
- email: email
6481
+ email: email,
6482
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
5993
6483
  };
5994
- _assert(actionCodeSettings.handleCodeInApp, authModular, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
5995
- if (actionCodeSettings) {
5996
- _setActionCodeSettingsOnRequest(authModular, request, actionCodeSettings);
5997
- }
5998
- return [4 /*yield*/, sendSignInLinkToEmail$1(authModular, request)];
6484
+ if (!((_a = authInternal._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled)) return [3 /*break*/, 3];
6485
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true)];
5999
6486
  case 1:
6000
- _a.sent();
6001
- return [2 /*return*/];
6487
+ requestWithRecaptcha = _b.sent();
6488
+ setActionCodeSettings(requestWithRecaptcha, actionCodeSettings);
6489
+ return [4 /*yield*/, sendSignInLinkToEmail$1(authInternal, requestWithRecaptcha)];
6490
+ case 2:
6491
+ _b.sent();
6492
+ return [3 /*break*/, 5];
6493
+ case 3:
6494
+ setActionCodeSettings(request, actionCodeSettings);
6495
+ return [4 /*yield*/, sendSignInLinkToEmail$1(authInternal, request)
6496
+ .catch(function (error) { return tslib.__awaiter(_this, void 0, void 0, function () {
6497
+ var requestWithRecaptcha;
6498
+ return tslib.__generator(this, function (_a) {
6499
+ switch (_a.label) {
6500
+ case 0:
6501
+ if (!(error.code === "auth/".concat("missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */))) return [3 /*break*/, 3];
6502
+ console.log('Email link sign-in is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-in flow.');
6503
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true)];
6504
+ case 1:
6505
+ requestWithRecaptcha = _a.sent();
6506
+ setActionCodeSettings(requestWithRecaptcha, actionCodeSettings);
6507
+ return [4 /*yield*/, sendSignInLinkToEmail$1(authInternal, requestWithRecaptcha)];
6508
+ case 2:
6509
+ _a.sent();
6510
+ return [3 /*break*/, 4];
6511
+ case 3: return [2 /*return*/, Promise.reject(error)];
6512
+ case 4: return [2 /*return*/];
6513
+ }
6514
+ });
6515
+ }); })];
6516
+ case 4:
6517
+ _b.sent();
6518
+ _b.label = 5;
6519
+ case 5: return [2 /*return*/];
6002
6520
  }
6003
6521
  });
6004
6522
  });
@@ -6594,11 +7112,41 @@ function getAdditionalUserInfo(userCredential) {
6594
7112
  function setPersistence(auth, persistence) {
6595
7113
  return util.getModularInstance(auth).setPersistence(persistence);
6596
7114
  }
7115
+ /**
7116
+ * Loads the reCAPTCHA configuration into the `Auth` instance.
7117
+ *
7118
+ * @remarks
7119
+ * This will load the reCAPTCHA config, which indicates whether the reCAPTCHA
7120
+ * verification flow should be triggered for each auth provider, into the
7121
+ * current Auth session.
7122
+ *
7123
+ * If initializeRecaptchaConfig() is not invoked, the auth flow will always start
7124
+ * without reCAPTCHA verification. If the provider is configured to require reCAPTCHA
7125
+ * verification, the SDK will transparently load the reCAPTCHA config and restart the
7126
+ * auth flows.
7127
+ *
7128
+ * Thus, by calling this optional method, you will reduce the latency of future auth flows.
7129
+ * Loading the reCAPTCHA config early will also enhance the signal collected by reCAPTCHA.
7130
+ *
7131
+ * @example
7132
+ * ```javascript
7133
+ * initializeRecaptchaConfig(auth);
7134
+ * ```
7135
+ *
7136
+ * @param auth - The {@link Auth} instance.
7137
+ *
7138
+ * @public
7139
+ */
7140
+ function initializeRecaptchaConfig(auth) {
7141
+ var authInternal = _castAuth(auth);
7142
+ return authInternal.initializeRecaptchaConfig();
7143
+ }
6597
7144
  /**
6598
7145
  * Adds an observer for changes to the signed-in user's ID token.
6599
7146
  *
6600
7147
  * @remarks
6601
7148
  * This includes sign-in, sign-out, and token refresh events.
7149
+ * This will not be triggered automatically upon ID token expiration. Use {@link User.getIdToken} to refresh the ID token.
6602
7150
  *
6603
7151
  * @param auth - The {@link Auth} instance.
6604
7152
  * @param nextOrObserver - callback triggered on change.
@@ -6997,7 +7545,7 @@ function multiFactor(user) {
6997
7545
  }
6998
7546
 
6999
7547
  var name = "@firebase/auth";
7000
- var version = "0.21.6";
7548
+ var version = "0.22.0-canary.1d6771eb3";
7001
7549
 
7002
7550
  /**
7003
7551
  * @license
@@ -7117,26 +7665,25 @@ function registerAuth(clientPlatform) {
7117
7665
  var deps = _a.options;
7118
7666
  var app = container.getProvider('app').getImmediate();
7119
7667
  var heartbeatServiceProvider = container.getProvider('heartbeat');
7668
+ var appCheckServiceProvider = container.getProvider('app-check-internal');
7120
7669
  var _b = app.options, apiKey = _b.apiKey, authDomain = _b.authDomain;
7121
- return (function (app, heartbeatServiceProvider) {
7122
- _assert(apiKey && !apiKey.includes(':'), "invalid-api-key" /* AuthErrorCode.INVALID_API_KEY */, { appName: app.name });
7123
- // Auth domain is optional if IdP sign in isn't being used
7124
- _assert(!(authDomain === null || authDomain === void 0 ? void 0 : authDomain.includes(':')), "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */, {
7125
- appName: app.name
7126
- });
7127
- var config = {
7128
- apiKey: apiKey,
7129
- authDomain: authDomain,
7130
- clientPlatform: clientPlatform,
7131
- apiHost: "identitytoolkit.googleapis.com" /* DefaultConfig.API_HOST */,
7132
- tokenApiHost: "securetoken.googleapis.com" /* DefaultConfig.TOKEN_API_HOST */,
7133
- apiScheme: "https" /* DefaultConfig.API_SCHEME */,
7134
- sdkClientVersion: _getClientVersion(clientPlatform)
7135
- };
7136
- var authInstance = new AuthImpl(app, heartbeatServiceProvider, config);
7137
- _initializeAuthInstance(authInstance, deps);
7138
- return authInstance;
7139
- })(app, heartbeatServiceProvider);
7670
+ _assert(apiKey && !apiKey.includes(':'), "invalid-api-key" /* AuthErrorCode.INVALID_API_KEY */, { appName: app.name });
7671
+ // Auth domain is optional if IdP sign in isn't being used
7672
+ _assert(!(authDomain === null || authDomain === void 0 ? void 0 : authDomain.includes(':')), "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */, {
7673
+ appName: app.name
7674
+ });
7675
+ var config = {
7676
+ apiKey: apiKey,
7677
+ authDomain: authDomain,
7678
+ clientPlatform: clientPlatform,
7679
+ apiHost: "identitytoolkit.googleapis.com" /* DefaultConfig.API_HOST */,
7680
+ tokenApiHost: "securetoken.googleapis.com" /* DefaultConfig.TOKEN_API_HOST */,
7681
+ apiScheme: "https" /* DefaultConfig.API_SCHEME */,
7682
+ sdkClientVersion: _getClientVersion(clientPlatform)
7683
+ };
7684
+ var authInstance = new AuthImpl(app, heartbeatServiceProvider, appCheckServiceProvider, config);
7685
+ _initializeAuthInstance(authInstance, deps);
7686
+ return authInstance;
7140
7687
  }, "PUBLIC" /* ComponentType.PUBLIC */)
7141
7688
  /**
7142
7689
  * Auth can only be initialized by explicitly calling getAuth() or initializeAuth()
@@ -7287,33 +7834,6 @@ function finalizeSignInTotpMfa(auth, request) {
7287
7834
  return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v2/accounts/mfaSignIn:finalize" /* Endpoint.FINALIZE_MFA_SIGN_IN */, _addTidIfNecessary(auth, request));
7288
7835
  }
7289
7836
 
7290
- /**
7291
- * @license
7292
- * Copyright 2020 Google LLC
7293
- *
7294
- * Licensed under the Apache License, Version 2.0 (the "License");
7295
- * you may not use this file except in compliance with the License.
7296
- * You may obtain a copy of the License at
7297
- *
7298
- * http://www.apache.org/licenses/LICENSE-2.0
7299
- *
7300
- * Unless required by applicable law or agreed to in writing, software
7301
- * distributed under the License is distributed on an "AS IS" BASIS,
7302
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
7303
- * See the License for the specific language governing permissions and
7304
- * limitations under the License.
7305
- */
7306
- function getRecaptchaParams(auth) {
7307
- return tslib.__awaiter(this, void 0, void 0, function () {
7308
- return tslib.__generator(this, function (_a) {
7309
- switch (_a.label) {
7310
- case 0: return [4 /*yield*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v1/recaptchaParams" /* Endpoint.GET_RECAPTCHA_PARAM */)];
7311
- case 1: return [2 /*return*/, ((_a.sent()).recaptchaSiteKey || '')];
7312
- }
7313
- });
7314
- });
7315
- }
7316
-
7317
7837
  /**
7318
7838
  * @license
7319
7839
  * Copyright 2020 Google LLC
@@ -7393,46 +7913,6 @@ function _getWorkerGlobalScope() {
7393
7913
  return _isWorker() ? self : null;
7394
7914
  }
7395
7915
 
7396
- /**
7397
- * @license
7398
- * Copyright 2020 Google LLC
7399
- *
7400
- * Licensed under the Apache License, Version 2.0 (the "License");
7401
- * you may not use this file except in compliance with the License.
7402
- * You may obtain a copy of the License at
7403
- *
7404
- * http://www.apache.org/licenses/LICENSE-2.0
7405
- *
7406
- * Unless required by applicable law or agreed to in writing, software
7407
- * distributed under the License is distributed on an "AS IS" BASIS,
7408
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
7409
- * See the License for the specific language governing permissions and
7410
- * limitations under the License.
7411
- */
7412
- function getScriptParentElement() {
7413
- var _a, _b;
7414
- return (_b = (_a = document.getElementsByTagName('head')) === null || _a === void 0 ? void 0 : _a[0]) !== null && _b !== void 0 ? _b : document;
7415
- }
7416
- function _loadJS(url) {
7417
- // TODO: consider adding timeout support & cancellation
7418
- return new Promise(function (resolve, reject) {
7419
- var el = document.createElement('script');
7420
- el.setAttribute('src', url);
7421
- el.onload = resolve;
7422
- el.onerror = function (e) {
7423
- var error = _createError("internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
7424
- error.customData = e;
7425
- reject(error);
7426
- };
7427
- el.type = 'text/javascript';
7428
- el.charset = 'UTF-8';
7429
- getScriptParentElement().appendChild(el);
7430
- });
7431
- }
7432
- function _generateCallbackName(prefix) {
7433
- return "__".concat(prefix).concat(Math.floor(Math.random() * 1000000));
7434
- }
7435
-
7436
7916
  /**
7437
7917
  * @license
7438
7918
  * Copyright 2020 Google LLC
@@ -7610,7 +8090,7 @@ var ReCaptchaLoaderImpl = /** @class */ (function () {
7610
8090
  var _this = this;
7611
8091
  if (hl === void 0) { hl = ''; }
7612
8092
  _assert(isHostLanguageValid(hl), auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
7613
- if (this.shouldResolveImmediately(hl)) {
8093
+ if (this.shouldResolveImmediately(hl) && isV2(_window().grecaptcha)) {
7614
8094
  return Promise.resolve(_window().grecaptcha);
7615
8095
  }
7616
8096
  return new Promise(function (resolve, reject) {
@@ -7621,7 +8101,7 @@ var ReCaptchaLoaderImpl = /** @class */ (function () {
7621
8101
  _window().clearTimeout(networkTimeout);
7622
8102
  delete _window()[_JSLOAD_CALLBACK];
7623
8103
  var recaptcha = _window().grecaptcha;
7624
- if (!recaptcha) {
8104
+ if (!recaptcha || !isV2(recaptcha)) {
7625
8105
  reject(_createError(auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */));
7626
8106
  return;
7627
8107
  }
@@ -8498,6 +8978,7 @@ exports.getIdTokenResult = getIdTokenResult;
8498
8978
  exports.getMultiFactorResolver = getMultiFactorResolver;
8499
8979
  exports.inMemoryPersistence = inMemoryPersistence;
8500
8980
  exports.initializeAuth = initializeAuth;
8981
+ exports.initializeRecaptchaConfig = initializeRecaptchaConfig;
8501
8982
  exports.isSignInWithEmailLink = isSignInWithEmailLink;
8502
8983
  exports.linkWithCredential = linkWithCredential;
8503
8984
  exports.linkWithPhoneNumber = linkWithPhoneNumber;
@@ -8532,4 +9013,4 @@ exports.updateProfile = updateProfile;
8532
9013
  exports.useDeviceLanguage = useDeviceLanguage;
8533
9014
  exports.verifyBeforeUpdateEmail = verifyBeforeUpdateEmail;
8534
9015
  exports.verifyPasswordResetCode = verifyPasswordResetCode;
8535
- //# sourceMappingURL=phone-ec210006.js.map
9016
+ //# sourceMappingURL=phone-26700494.js.map