@firebase/auth 0.22.0 → 0.23.0-20230413163153

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (201) hide show
  1. package/CHANGELOG.md +8 -0
  2. package/dist/auth-public.d.ts +57 -0
  3. package/dist/auth.d.ts +71 -1
  4. package/dist/browser-cjs/{index-5859881d.js → index-11e51d65.js} +586 -205
  5. package/dist/browser-cjs/index-11e51d65.js.map +1 -0
  6. package/dist/browser-cjs/index.js +3 -2
  7. package/dist/browser-cjs/index.js.map +1 -1
  8. package/dist/browser-cjs/internal.js +3 -2
  9. package/dist/browser-cjs/internal.js.map +1 -1
  10. package/dist/browser-cjs/src/api/authentication/email_and_password.d.ts +9 -0
  11. package/dist/browser-cjs/src/api/authentication/recaptcha.d.ts +16 -0
  12. package/dist/browser-cjs/src/api/authentication/sign_up.d.ts +4 -0
  13. package/dist/browser-cjs/src/api/errors.d.ts +9 -1
  14. package/dist/browser-cjs/src/api/index.d.ts +17 -2
  15. package/dist/browser-cjs/src/core/auth/auth_impl.d.ts +9 -1
  16. package/dist/browser-cjs/src/core/errors.d.ts +17 -1
  17. package/dist/browser-cjs/src/core/index.d.ts +26 -0
  18. package/dist/browser-cjs/src/core/util/handler.d.ts +1 -1
  19. package/dist/browser-cjs/src/core/util/log.d.ts +1 -0
  20. package/dist/browser-cjs/src/model/auth.d.ts +6 -0
  21. package/dist/browser-cjs/src/platform_browser/auth_window.d.ts +2 -2
  22. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  23. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  24. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  25. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  26. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  27. package/dist/browser-cjs/test/helpers/api/helper.d.ts +2 -0
  28. package/dist/browser-cjs/test/helpers/mock_auth.d.ts +5 -0
  29. package/dist/cordova/index.js +2 -2
  30. package/dist/cordova/internal.js +17 -75
  31. package/dist/cordova/internal.js.map +1 -1
  32. package/dist/cordova/{popup_redirect-3519667a.js → popup_redirect-fcd471f9.js} +778 -214
  33. package/dist/cordova/popup_redirect-fcd471f9.js.map +1 -0
  34. package/dist/cordova/src/api/authentication/email_and_password.d.ts +9 -0
  35. package/dist/cordova/src/api/authentication/recaptcha.d.ts +16 -0
  36. package/dist/cordova/src/api/authentication/sign_up.d.ts +4 -0
  37. package/dist/cordova/src/api/errors.d.ts +9 -1
  38. package/dist/cordova/src/api/index.d.ts +17 -2
  39. package/dist/cordova/src/core/auth/auth_impl.d.ts +9 -1
  40. package/dist/cordova/src/core/errors.d.ts +17 -1
  41. package/dist/cordova/src/core/index.d.ts +26 -0
  42. package/dist/cordova/src/core/util/handler.d.ts +1 -1
  43. package/dist/cordova/src/core/util/log.d.ts +1 -0
  44. package/dist/cordova/src/model/auth.d.ts +6 -0
  45. package/dist/cordova/src/platform_browser/auth_window.d.ts +2 -2
  46. package/dist/cordova/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  47. package/dist/cordova/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  48. package/dist/cordova/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  49. package/dist/cordova/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  50. package/dist/cordova/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  51. package/dist/cordova/test/helpers/api/helper.d.ts +2 -0
  52. package/dist/cordova/test/helpers/mock_auth.d.ts +5 -0
  53. package/dist/esm2017/{index-680e2b70.js → index-999a48c4.js} +587 -207
  54. package/dist/esm2017/index-999a48c4.js.map +1 -0
  55. package/dist/esm2017/index.js +2 -2
  56. package/dist/esm2017/internal.js +3 -3
  57. package/dist/esm2017/src/api/authentication/email_and_password.d.ts +9 -0
  58. package/dist/esm2017/src/api/authentication/recaptcha.d.ts +16 -0
  59. package/dist/esm2017/src/api/authentication/sign_up.d.ts +4 -0
  60. package/dist/esm2017/src/api/errors.d.ts +9 -1
  61. package/dist/esm2017/src/api/index.d.ts +17 -2
  62. package/dist/esm2017/src/core/auth/auth_impl.d.ts +9 -1
  63. package/dist/esm2017/src/core/errors.d.ts +17 -1
  64. package/dist/esm2017/src/core/index.d.ts +26 -0
  65. package/dist/esm2017/src/core/util/handler.d.ts +1 -1
  66. package/dist/esm2017/src/core/util/log.d.ts +1 -0
  67. package/dist/esm2017/src/model/auth.d.ts +6 -0
  68. package/dist/esm2017/src/platform_browser/auth_window.d.ts +2 -2
  69. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  70. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  71. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  72. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  73. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  74. package/dist/esm2017/test/helpers/api/helper.d.ts +2 -0
  75. package/dist/esm2017/test/helpers/mock_auth.d.ts +5 -0
  76. package/dist/esm5/{index-714e827f.js → index-35460fdd.js} +793 -287
  77. package/dist/esm5/index-35460fdd.js.map +1 -0
  78. package/dist/esm5/index.js +1 -1
  79. package/dist/esm5/internal.js +2 -2
  80. package/dist/esm5/src/api/authentication/email_and_password.d.ts +9 -0
  81. package/dist/esm5/src/api/authentication/recaptcha.d.ts +16 -0
  82. package/dist/esm5/src/api/authentication/sign_up.d.ts +4 -0
  83. package/dist/esm5/src/api/errors.d.ts +9 -1
  84. package/dist/esm5/src/api/index.d.ts +17 -2
  85. package/dist/esm5/src/core/auth/auth_impl.d.ts +9 -1
  86. package/dist/esm5/src/core/errors.d.ts +17 -1
  87. package/dist/esm5/src/core/index.d.ts +26 -0
  88. package/dist/esm5/src/core/util/handler.d.ts +1 -1
  89. package/dist/esm5/src/core/util/log.d.ts +1 -0
  90. package/dist/esm5/src/model/auth.d.ts +6 -0
  91. package/dist/esm5/src/platform_browser/auth_window.d.ts +2 -2
  92. package/dist/esm5/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  93. package/dist/esm5/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  94. package/dist/esm5/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  95. package/dist/esm5/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  96. package/dist/esm5/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  97. package/dist/esm5/test/helpers/api/helper.d.ts +2 -0
  98. package/dist/esm5/test/helpers/mock_auth.d.ts +5 -0
  99. package/dist/index.webworker.esm5.js +602 -74
  100. package/dist/index.webworker.esm5.js.map +1 -1
  101. package/dist/node/index.js +2 -1
  102. package/dist/node/index.js.map +1 -1
  103. package/dist/node/internal.js +62 -42
  104. package/dist/node/internal.js.map +1 -1
  105. package/dist/node/src/api/authentication/email_and_password.d.ts +9 -0
  106. package/dist/node/src/api/authentication/recaptcha.d.ts +16 -0
  107. package/dist/node/src/api/authentication/sign_up.d.ts +4 -0
  108. package/dist/node/src/api/errors.d.ts +9 -1
  109. package/dist/node/src/api/index.d.ts +17 -2
  110. package/dist/node/src/core/auth/auth_impl.d.ts +9 -1
  111. package/dist/node/src/core/errors.d.ts +17 -1
  112. package/dist/node/src/core/index.d.ts +26 -0
  113. package/dist/node/src/core/util/handler.d.ts +1 -1
  114. package/dist/node/src/core/util/log.d.ts +1 -0
  115. package/dist/node/src/model/auth.d.ts +6 -0
  116. package/dist/node/src/platform_browser/auth_window.d.ts +2 -2
  117. package/dist/node/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  118. package/dist/node/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  119. package/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  120. package/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  121. package/dist/node/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  122. package/dist/node/test/helpers/api/helper.d.ts +2 -0
  123. package/dist/node/test/helpers/mock_auth.d.ts +5 -0
  124. package/dist/node/{totp-416a2adc.js → totp-ba4e50e7.js} +700 -171
  125. package/dist/node/totp-ba4e50e7.js.map +1 -0
  126. package/dist/node-esm/index.js +1 -1
  127. package/dist/node-esm/internal.js +16 -4
  128. package/dist/node-esm/internal.js.map +1 -1
  129. package/dist/node-esm/src/api/authentication/email_and_password.d.ts +9 -0
  130. package/dist/node-esm/src/api/authentication/recaptcha.d.ts +16 -0
  131. package/dist/node-esm/src/api/authentication/sign_up.d.ts +4 -0
  132. package/dist/node-esm/src/api/errors.d.ts +9 -1
  133. package/dist/node-esm/src/api/index.d.ts +17 -2
  134. package/dist/node-esm/src/core/auth/auth_impl.d.ts +9 -1
  135. package/dist/node-esm/src/core/errors.d.ts +17 -1
  136. package/dist/node-esm/src/core/index.d.ts +26 -0
  137. package/dist/node-esm/src/core/util/handler.d.ts +1 -1
  138. package/dist/node-esm/src/core/util/log.d.ts +1 -0
  139. package/dist/node-esm/src/model/auth.d.ts +6 -0
  140. package/dist/node-esm/src/platform_browser/auth_window.d.ts +2 -2
  141. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  142. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  143. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  144. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  145. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  146. package/dist/node-esm/test/helpers/api/helper.d.ts +2 -0
  147. package/dist/node-esm/test/helpers/mock_auth.d.ts +5 -0
  148. package/dist/node-esm/{totp-c3bf2a20.js → totp-9cd89fc6.js} +557 -140
  149. package/dist/node-esm/totp-9cd89fc6.js.map +1 -0
  150. package/dist/rn/index.js +2 -1
  151. package/dist/rn/index.js.map +1 -1
  152. package/dist/rn/internal.js +75 -46
  153. package/dist/rn/internal.js.map +1 -1
  154. package/dist/rn/{phone-2ec1815d.js → phone-b58141c1.js} +738 -259
  155. package/dist/rn/phone-b58141c1.js.map +1 -0
  156. package/dist/rn/src/api/authentication/email_and_password.d.ts +9 -0
  157. package/dist/rn/src/api/authentication/recaptcha.d.ts +16 -0
  158. package/dist/rn/src/api/authentication/sign_up.d.ts +4 -0
  159. package/dist/rn/src/api/errors.d.ts +9 -1
  160. package/dist/rn/src/api/index.d.ts +17 -2
  161. package/dist/rn/src/core/auth/auth_impl.d.ts +9 -1
  162. package/dist/rn/src/core/errors.d.ts +17 -1
  163. package/dist/rn/src/core/index.d.ts +26 -0
  164. package/dist/rn/src/core/util/handler.d.ts +1 -1
  165. package/dist/rn/src/core/util/log.d.ts +1 -0
  166. package/dist/rn/src/model/auth.d.ts +6 -0
  167. package/dist/rn/src/platform_browser/auth_window.d.ts +2 -2
  168. package/dist/rn/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  169. package/dist/rn/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  170. package/dist/rn/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  171. package/dist/rn/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  172. package/dist/rn/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  173. package/dist/rn/test/helpers/api/helper.d.ts +2 -0
  174. package/dist/rn/test/helpers/mock_auth.d.ts +5 -0
  175. package/dist/src/api/authentication/email_and_password.d.ts +9 -0
  176. package/dist/src/api/authentication/recaptcha.d.ts +16 -0
  177. package/dist/src/api/authentication/sign_up.d.ts +4 -0
  178. package/dist/src/api/errors.d.ts +9 -1
  179. package/dist/src/api/index.d.ts +17 -2
  180. package/dist/src/core/auth/auth_impl.d.ts +9 -1
  181. package/dist/src/core/errors.d.ts +17 -1
  182. package/dist/src/core/index.d.ts +26 -0
  183. package/dist/src/core/util/handler.d.ts +1 -1
  184. package/dist/src/core/util/log.d.ts +1 -0
  185. package/dist/src/model/auth.d.ts +6 -0
  186. package/dist/src/platform_browser/auth_window.d.ts +2 -2
  187. package/dist/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  188. package/dist/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  189. package/dist/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  190. package/dist/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  191. package/dist/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  192. package/dist/test/helpers/api/helper.d.ts +2 -0
  193. package/dist/test/helpers/mock_auth.d.ts +5 -0
  194. package/package.json +1 -1
  195. package/dist/browser-cjs/index-5859881d.js.map +0 -1
  196. package/dist/cordova/popup_redirect-3519667a.js.map +0 -1
  197. package/dist/esm2017/index-680e2b70.js.map +0 -1
  198. package/dist/esm5/index-714e827f.js.map +0 -1
  199. package/dist/node/totp-416a2adc.js.map +0 -1
  200. package/dist/node-esm/totp-c3bf2a20.js.map +0 -1
  201. package/dist/rn/phone-2ec1815d.js.map +0 -1
@@ -1,5 +1,5 @@
1
1
  import { __awaiter, __generator, __spreadArray, __assign, __rest, __extends } from 'tslib';
2
- import { ErrorFactory, deepEqual, isBrowserExtension, isMobileCordova, isReactNative, FirebaseError, querystring, getModularInstance, base64Decode, isIE, getUA, createSubscribe, querystringDecode, extractQuerystring, isEmpty } from '@firebase/util';
2
+ import { ErrorFactory, isBrowserExtension, isMobileCordova, isReactNative, FirebaseError, querystring, getModularInstance, base64Decode, isIE, getUA, createSubscribe, deepEqual, querystringDecode, extractQuerystring, isEmpty } from '@firebase/util';
3
3
  import { SDK_VERSION, _getProvider, _registerComponent, registerVersion } from '@firebase/app';
4
4
  import { Component } from '@firebase/component';
5
5
  import { Logger, LogLevel } from '@firebase/logger';
@@ -1082,6 +1082,14 @@ function _debugErrorMap() {
1082
1082
  'different options. To avoid this error, call initializeAuth() with the ' +
1083
1083
  'same options as when it was originally called, or call getAuth() to return the' +
1084
1084
  ' already initialized instance.',
1085
+ _a["missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */] = 'The reCAPTCHA token is missing when sending request to the backend.',
1086
+ _a["invalid-recaptcha-token" /* AuthErrorCode.INVALID_RECAPTCHA_TOKEN */] = 'The reCAPTCHA token is invalid when sending request to the backend.',
1087
+ _a["invalid-recaptcha-action" /* AuthErrorCode.INVALID_RECAPTCHA_ACTION */] = 'The reCAPTCHA action is invalid when sending request to the backend.',
1088
+ _a["recaptcha-not-enabled" /* AuthErrorCode.RECAPTCHA_NOT_ENABLED */] = 'reCAPTCHA Enterprise integration is not enabled for this project.',
1089
+ _a["missing-client-type" /* AuthErrorCode.MISSING_CLIENT_TYPE */] = 'The reCAPTCHA client type is missing when sending request to the backend.',
1090
+ _a["missing-recaptcha-version" /* AuthErrorCode.MISSING_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is missing when sending request to the backend.',
1091
+ _a["invalid-req-type" /* AuthErrorCode.INVALID_REQ_TYPE */] = 'Invalid request parameters.',
1092
+ _a["invalid-recaptcha-version" /* AuthErrorCode.INVALID_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is invalid when sending request to the backend.',
1085
1093
  _a;
1086
1094
  }
1087
1095
  function _prodErrorMap() {
@@ -1218,7 +1226,15 @@ var AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = {
1218
1226
  USER_SIGNED_OUT: 'auth/user-signed-out',
1219
1227
  WEAK_PASSWORD: 'auth/weak-password',
1220
1228
  WEB_STORAGE_UNSUPPORTED: 'auth/web-storage-unsupported',
1221
- ALREADY_INITIALIZED: 'auth/already-initialized'
1229
+ ALREADY_INITIALIZED: 'auth/already-initialized',
1230
+ RECAPTCHA_NOT_ENABLED: 'auth/recaptcha-not-enabled',
1231
+ MISSING_RECAPTCHA_TOKEN: 'auth/missing-recaptcha-token',
1232
+ INVALID_RECAPTCHA_TOKEN: 'auth/invalid-recaptcha-token',
1233
+ INVALID_RECAPTCHA_ACTION: 'auth/invalid-recaptcha-action',
1234
+ MISSING_CLIENT_TYPE: 'auth/missing-client-type',
1235
+ MISSING_RECAPTCHA_VERSION: 'auth/missing-recaptcha-version',
1236
+ INVALID_RECAPTCHA_VERSION: 'auth/invalid-recaptcha-version',
1237
+ INVALID_REQ_TYPE: 'auth/invalid-req-type'
1222
1238
  };
1223
1239
 
1224
1240
  /**
@@ -1238,6 +1254,15 @@ var AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = {
1238
1254
  * limitations under the License.
1239
1255
  */
1240
1256
  var logClient = new Logger('@firebase/auth');
1257
+ function _logWarn(msg) {
1258
+ var args = [];
1259
+ for (var _i = 1; _i < arguments.length; _i++) {
1260
+ args[_i - 1] = arguments[_i];
1261
+ }
1262
+ if (logClient.logLevel <= LogLevel.WARN) {
1263
+ logClient.warn.apply(logClient, __spreadArray(["Auth (".concat(SDK_VERSION, "): ").concat(msg)], args, false));
1264
+ }
1265
+ }
1241
1266
  function _logError(msg) {
1242
1267
  var args = [];
1243
1268
  for (var _i = 1; _i < arguments.length; _i++) {
@@ -1350,103 +1375,6 @@ function debugAssert(assertion, message) {
1350
1375
  }
1351
1376
  }
1352
1377
 
1353
- /**
1354
- * @license
1355
- * Copyright 2020 Google LLC
1356
- *
1357
- * Licensed under the Apache License, Version 2.0 (the "License");
1358
- * you may not use this file except in compliance with the License.
1359
- * You may obtain a copy of the License at
1360
- *
1361
- * http://www.apache.org/licenses/LICENSE-2.0
1362
- *
1363
- * Unless required by applicable law or agreed to in writing, software
1364
- * distributed under the License is distributed on an "AS IS" BASIS,
1365
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1366
- * See the License for the specific language governing permissions and
1367
- * limitations under the License.
1368
- */
1369
- var instanceCache = new Map();
1370
- function _getInstance(cls) {
1371
- debugAssert(cls instanceof Function, 'Expected a class definition');
1372
- var instance = instanceCache.get(cls);
1373
- if (instance) {
1374
- debugAssert(instance instanceof cls, 'Instance stored in cache mismatched with class');
1375
- return instance;
1376
- }
1377
- instance = new cls();
1378
- instanceCache.set(cls, instance);
1379
- return instance;
1380
- }
1381
-
1382
- /**
1383
- * @license
1384
- * Copyright 2020 Google LLC
1385
- *
1386
- * Licensed under the Apache License, Version 2.0 (the "License");
1387
- * you may not use this file except in compliance with the License.
1388
- * You may obtain a copy of the License at
1389
- *
1390
- * http://www.apache.org/licenses/LICENSE-2.0
1391
- *
1392
- * Unless required by applicable law or agreed to in writing, software
1393
- * distributed under the License is distributed on an "AS IS" BASIS,
1394
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1395
- * See the License for the specific language governing permissions and
1396
- * limitations under the License.
1397
- */
1398
- /**
1399
- * Initializes an {@link Auth} instance with fine-grained control over
1400
- * {@link Dependencies}.
1401
- *
1402
- * @remarks
1403
- *
1404
- * This function allows more control over the {@link Auth} instance than
1405
- * {@link getAuth}. `getAuth` uses platform-specific defaults to supply
1406
- * the {@link Dependencies}. In general, `getAuth` is the easiest way to
1407
- * initialize Auth and works for most use cases. Use `initializeAuth` if you
1408
- * need control over which persistence layer is used, or to minimize bundle
1409
- * size if you're not using either `signInWithPopup` or `signInWithRedirect`.
1410
- *
1411
- * For example, if your app only uses anonymous accounts and you only want
1412
- * accounts saved for the current session, initialize `Auth` with:
1413
- *
1414
- * ```js
1415
- * const auth = initializeAuth(app, {
1416
- * persistence: browserSessionPersistence,
1417
- * popupRedirectResolver: undefined,
1418
- * });
1419
- * ```
1420
- *
1421
- * @public
1422
- */
1423
- function initializeAuth(app, deps) {
1424
- var provider = _getProvider(app, 'auth');
1425
- if (provider.isInitialized()) {
1426
- var auth_1 = provider.getImmediate();
1427
- var initialOptions = provider.getOptions();
1428
- if (deepEqual(initialOptions, deps !== null && deps !== void 0 ? deps : {})) {
1429
- return auth_1;
1430
- }
1431
- else {
1432
- _fail(auth_1, "already-initialized" /* AuthErrorCode.ALREADY_INITIALIZED */);
1433
- }
1434
- }
1435
- var auth = provider.initialize({ options: deps });
1436
- return auth;
1437
- }
1438
- function _initializeAuthInstance(auth, deps) {
1439
- var persistence = (deps === null || deps === void 0 ? void 0 : deps.persistence) || [];
1440
- var hierarchy = (Array.isArray(persistence) ? persistence : [persistence]).map(_getInstance);
1441
- if (deps === null || deps === void 0 ? void 0 : deps.errorMap) {
1442
- auth._updateErrorMap(deps.errorMap);
1443
- }
1444
- // This promise is intended to float; auth initialization happens in the
1445
- // background, meanwhile the auth object may be used by the app.
1446
- // eslint-disable-next-line @typescript-eslint/no-floating-promises
1447
- auth._initializeWithPersistence(hierarchy, deps === null || deps === void 0 ? void 0 : deps.popupRedirectResolver);
1448
- }
1449
-
1450
1378
  /**
1451
1379
  * @license
1452
1380
  * Copyright 2020 Google LLC
@@ -1731,6 +1659,15 @@ var SERVER_ERROR_MAP = (_a$1 = {},
1731
1659
  _a$1["SECOND_FACTOR_LIMIT_EXCEEDED" /* ServerError.SECOND_FACTOR_LIMIT_EXCEEDED */] = "maximum-second-factor-count-exceeded" /* AuthErrorCode.SECOND_FACTOR_LIMIT_EXCEEDED */,
1732
1660
  // Blocking functions related errors.
1733
1661
  _a$1["BLOCKING_FUNCTION_ERROR_RESPONSE" /* ServerError.BLOCKING_FUNCTION_ERROR_RESPONSE */] = "internal-error" /* AuthErrorCode.INTERNAL_ERROR */,
1662
+ // Recaptcha related errors.
1663
+ _a$1["RECAPTCHA_NOT_ENABLED" /* ServerError.RECAPTCHA_NOT_ENABLED */] = "recaptcha-not-enabled" /* AuthErrorCode.RECAPTCHA_NOT_ENABLED */,
1664
+ _a$1["MISSING_RECAPTCHA_TOKEN" /* ServerError.MISSING_RECAPTCHA_TOKEN */] = "missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */,
1665
+ _a$1["INVALID_RECAPTCHA_TOKEN" /* ServerError.INVALID_RECAPTCHA_TOKEN */] = "invalid-recaptcha-token" /* AuthErrorCode.INVALID_RECAPTCHA_TOKEN */,
1666
+ _a$1["INVALID_RECAPTCHA_ACTION" /* ServerError.INVALID_RECAPTCHA_ACTION */] = "invalid-recaptcha-action" /* AuthErrorCode.INVALID_RECAPTCHA_ACTION */,
1667
+ _a$1["MISSING_CLIENT_TYPE" /* ServerError.MISSING_CLIENT_TYPE */] = "missing-client-type" /* AuthErrorCode.MISSING_CLIENT_TYPE */,
1668
+ _a$1["MISSING_RECAPTCHA_VERSION" /* ServerError.MISSING_RECAPTCHA_VERSION */] = "missing-recaptcha-version" /* AuthErrorCode.MISSING_RECAPTCHA_VERSION */,
1669
+ _a$1["INVALID_RECAPTCHA_VERSION" /* ServerError.INVALID_RECAPTCHA_VERSION */] = "invalid-recaptcha-version" /* AuthErrorCode.INVALID_RECAPTCHA_VERSION */,
1670
+ _a$1["INVALID_REQ_TYPE" /* ServerError.INVALID_REQ_TYPE */] = "invalid-req-type" /* AuthErrorCode.INVALID_REQ_TYPE */,
1734
1671
  _a$1);
1735
1672
 
1736
1673
  /**
@@ -2852,6 +2789,35 @@ var UserImpl = /** @class */ (function () {
2852
2789
  return UserImpl;
2853
2790
  }());
2854
2791
 
2792
+ /**
2793
+ * @license
2794
+ * Copyright 2020 Google LLC
2795
+ *
2796
+ * Licensed under the Apache License, Version 2.0 (the "License");
2797
+ * you may not use this file except in compliance with the License.
2798
+ * You may obtain a copy of the License at
2799
+ *
2800
+ * http://www.apache.org/licenses/LICENSE-2.0
2801
+ *
2802
+ * Unless required by applicable law or agreed to in writing, software
2803
+ * distributed under the License is distributed on an "AS IS" BASIS,
2804
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2805
+ * See the License for the specific language governing permissions and
2806
+ * limitations under the License.
2807
+ */
2808
+ var instanceCache = new Map();
2809
+ function _getInstance(cls) {
2810
+ debugAssert(cls instanceof Function, 'Expected a class definition');
2811
+ var instance = instanceCache.get(cls);
2812
+ if (instance) {
2813
+ debugAssert(instance instanceof cls, 'Instance stored in cache mismatched with class');
2814
+ return instance;
2815
+ }
2816
+ instance = new cls();
2817
+ instanceCache.set(cls, instance);
2818
+ return instance;
2819
+ }
2820
+
2855
2821
  /**
2856
2822
  * @license
2857
2823
  * Copyright 2019 Google LLC
@@ -3290,6 +3256,288 @@ function _getClientVersion(clientPlatform, frameworks) {
3290
3256
  return "".concat(reportedPlatform, "/").concat("JsCore" /* ClientImplementation.CORE */, "/").concat(SDK_VERSION, "/").concat(reportedFrameworks);
3291
3257
  }
3292
3258
 
3259
+ /**
3260
+ * @license
3261
+ * Copyright 2020 Google LLC
3262
+ *
3263
+ * Licensed under the Apache License, Version 2.0 (the "License");
3264
+ * you may not use this file except in compliance with the License.
3265
+ * You may obtain a copy of the License at
3266
+ *
3267
+ * http://www.apache.org/licenses/LICENSE-2.0
3268
+ *
3269
+ * Unless required by applicable law or agreed to in writing, software
3270
+ * distributed under the License is distributed on an "AS IS" BASIS,
3271
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
3272
+ * See the License for the specific language governing permissions and
3273
+ * limitations under the License.
3274
+ */
3275
+ function getRecaptchaParams(auth) {
3276
+ return __awaiter(this, void 0, void 0, function () {
3277
+ return __generator(this, function (_a) {
3278
+ switch (_a.label) {
3279
+ case 0: return [4 /*yield*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v1/recaptchaParams" /* Endpoint.GET_RECAPTCHA_PARAM */)];
3280
+ case 1: return [2 /*return*/, ((_a.sent()).recaptchaSiteKey || '')];
3281
+ }
3282
+ });
3283
+ });
3284
+ }
3285
+ function getRecaptchaConfig(auth, request) {
3286
+ return __awaiter(this, void 0, void 0, function () {
3287
+ return __generator(this, function (_a) {
3288
+ return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/recaptchaConfig" /* Endpoint.GET_RECAPTCHA_CONFIG */, _addTidIfNecessary(auth, request))];
3289
+ });
3290
+ });
3291
+ }
3292
+
3293
+ /**
3294
+ * @license
3295
+ * Copyright 2020 Google LLC
3296
+ *
3297
+ * Licensed under the Apache License, Version 2.0 (the "License");
3298
+ * you may not use this file except in compliance with the License.
3299
+ * You may obtain a copy of the License at
3300
+ *
3301
+ * http://www.apache.org/licenses/LICENSE-2.0
3302
+ *
3303
+ * Unless required by applicable law or agreed to in writing, software
3304
+ * distributed under the License is distributed on an "AS IS" BASIS,
3305
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
3306
+ * See the License for the specific language governing permissions and
3307
+ * limitations under the License.
3308
+ */
3309
+ function isV2(grecaptcha) {
3310
+ return (grecaptcha !== undefined &&
3311
+ grecaptcha.getResponse !== undefined);
3312
+ }
3313
+ function isEnterprise(grecaptcha) {
3314
+ return (grecaptcha !== undefined &&
3315
+ grecaptcha.enterprise !== undefined);
3316
+ }
3317
+ var RecaptchaConfig = /** @class */ (function () {
3318
+ function RecaptchaConfig(response) {
3319
+ /**
3320
+ * The reCAPTCHA site key.
3321
+ */
3322
+ this.siteKey = '';
3323
+ /**
3324
+ * The reCAPTCHA enablement status of the {@link EmailAuthProvider} for the current tenant.
3325
+ */
3326
+ this.emailPasswordEnabled = false;
3327
+ if (response.recaptchaKey === undefined) {
3328
+ throw new Error('recaptchaKey undefined');
3329
+ }
3330
+ // Example response.recaptchaKey: "projects/proj123/keys/sitekey123"
3331
+ this.siteKey = response.recaptchaKey.split('/')[3];
3332
+ this.emailPasswordEnabled = response.recaptchaEnforcementState.some(function (enforcementState) {
3333
+ return enforcementState.provider === 'EMAIL_PASSWORD_PROVIDER' &&
3334
+ enforcementState.enforcementState !== 'OFF';
3335
+ });
3336
+ }
3337
+ return RecaptchaConfig;
3338
+ }());
3339
+
3340
+ /**
3341
+ * @license
3342
+ * Copyright 2020 Google LLC
3343
+ *
3344
+ * Licensed under the Apache License, Version 2.0 (the "License");
3345
+ * you may not use this file except in compliance with the License.
3346
+ * You may obtain a copy of the License at
3347
+ *
3348
+ * http://www.apache.org/licenses/LICENSE-2.0
3349
+ *
3350
+ * Unless required by applicable law or agreed to in writing, software
3351
+ * distributed under the License is distributed on an "AS IS" BASIS,
3352
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
3353
+ * See the License for the specific language governing permissions and
3354
+ * limitations under the License.
3355
+ */
3356
+ function getScriptParentElement() {
3357
+ var _a, _b;
3358
+ return (_b = (_a = document.getElementsByTagName('head')) === null || _a === void 0 ? void 0 : _a[0]) !== null && _b !== void 0 ? _b : document;
3359
+ }
3360
+ function _loadJS(url) {
3361
+ // TODO: consider adding timeout support & cancellation
3362
+ return new Promise(function (resolve, reject) {
3363
+ var el = document.createElement('script');
3364
+ el.setAttribute('src', url);
3365
+ el.onload = resolve;
3366
+ el.onerror = function (e) {
3367
+ var error = _createError("internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
3368
+ error.customData = e;
3369
+ reject(error);
3370
+ };
3371
+ el.type = 'text/javascript';
3372
+ el.charset = 'UTF-8';
3373
+ getScriptParentElement().appendChild(el);
3374
+ });
3375
+ }
3376
+ function _generateCallbackName(prefix) {
3377
+ return "__".concat(prefix).concat(Math.floor(Math.random() * 1000000));
3378
+ }
3379
+
3380
+ /* eslint-disable @typescript-eslint/no-require-imports */
3381
+ var RECAPTCHA_ENTERPRISE_URL = 'https://www.google.com/recaptcha/enterprise.js?render=';
3382
+ var RECAPTCHA_ENTERPRISE_VERIFIER_TYPE = 'recaptcha-enterprise';
3383
+ var RecaptchaEnterpriseVerifier = /** @class */ (function () {
3384
+ /**
3385
+ *
3386
+ * @param authExtern - The corresponding Firebase {@link Auth} instance.
3387
+ *
3388
+ */
3389
+ function RecaptchaEnterpriseVerifier(authExtern) {
3390
+ /**
3391
+ * Identifies the type of application verifier (e.g. "recaptcha-enterprise").
3392
+ */
3393
+ this.type = RECAPTCHA_ENTERPRISE_VERIFIER_TYPE;
3394
+ this.auth = _castAuth(authExtern);
3395
+ }
3396
+ /**
3397
+ * Executes the verification process.
3398
+ *
3399
+ * @returns A Promise for a token that can be used to assert the validity of a request.
3400
+ */
3401
+ RecaptchaEnterpriseVerifier.prototype.verify = function (action, forceRefresh) {
3402
+ if (action === void 0) { action = 'verify'; }
3403
+ if (forceRefresh === void 0) { forceRefresh = false; }
3404
+ return __awaiter(this, void 0, void 0, function () {
3405
+ function retrieveSiteKey(auth) {
3406
+ return __awaiter(this, void 0, void 0, function () {
3407
+ var _this = this;
3408
+ return __generator(this, function (_a) {
3409
+ if (!forceRefresh) {
3410
+ if (auth.tenantId == null && auth._agentRecaptchaConfig != null) {
3411
+ return [2 /*return*/, auth._agentRecaptchaConfig.siteKey];
3412
+ }
3413
+ if (auth.tenantId != null &&
3414
+ auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined) {
3415
+ return [2 /*return*/, auth._tenantRecaptchaConfigs[auth.tenantId].siteKey];
3416
+ }
3417
+ }
3418
+ return [2 /*return*/, new Promise(function (resolve, reject) { return __awaiter(_this, void 0, void 0, function () {
3419
+ return __generator(this, function (_a) {
3420
+ getRecaptchaConfig(auth, {
3421
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
3422
+ version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
3423
+ })
3424
+ .then(function (response) {
3425
+ if (response.recaptchaKey === undefined) {
3426
+ reject(new Error('recaptcha Enterprise site key undefined'));
3427
+ }
3428
+ else {
3429
+ var config = new RecaptchaConfig(response);
3430
+ if (auth.tenantId == null) {
3431
+ auth._agentRecaptchaConfig = config;
3432
+ }
3433
+ else {
3434
+ auth._tenantRecaptchaConfigs[auth.tenantId] = config;
3435
+ }
3436
+ return resolve(config.siteKey);
3437
+ }
3438
+ })
3439
+ .catch(function (error) {
3440
+ reject(error);
3441
+ });
3442
+ return [2 /*return*/];
3443
+ });
3444
+ }); })];
3445
+ });
3446
+ });
3447
+ }
3448
+ function retrieveRecaptchaToken(siteKey, resolve, reject) {
3449
+ var grecaptcha = window.grecaptcha;
3450
+ if (isEnterprise(grecaptcha)) {
3451
+ grecaptcha.enterprise.ready(function () {
3452
+ try {
3453
+ grecaptcha.enterprise
3454
+ .execute(siteKey, { action: action })
3455
+ .then(function (token) {
3456
+ resolve(token);
3457
+ })
3458
+ .catch(function (error) {
3459
+ reject(error);
3460
+ });
3461
+ }
3462
+ catch (error) {
3463
+ reject(error);
3464
+ }
3465
+ });
3466
+ }
3467
+ else {
3468
+ reject(Error('No reCAPTCHA enterprise script loaded.'));
3469
+ }
3470
+ }
3471
+ var _this = this;
3472
+ return __generator(this, function (_a) {
3473
+ return [2 /*return*/, new Promise(function (resolve, reject) {
3474
+ retrieveSiteKey(_this.auth)
3475
+ .then(function (siteKey) {
3476
+ if (!forceRefresh && isEnterprise(window.grecaptcha)) {
3477
+ retrieveRecaptchaToken(siteKey, resolve, reject);
3478
+ }
3479
+ else {
3480
+ if (typeof window === 'undefined') {
3481
+ reject(new Error('RecaptchaVerifier is only supported in browser'));
3482
+ return;
3483
+ }
3484
+ _loadJS(RECAPTCHA_ENTERPRISE_URL + siteKey)
3485
+ .then(function () {
3486
+ retrieveRecaptchaToken(siteKey, resolve, reject);
3487
+ })
3488
+ .catch(function (error) {
3489
+ reject(error);
3490
+ });
3491
+ }
3492
+ })
3493
+ .catch(function (error) {
3494
+ reject(error);
3495
+ });
3496
+ })];
3497
+ });
3498
+ });
3499
+ };
3500
+ return RecaptchaEnterpriseVerifier;
3501
+ }());
3502
+ function injectRecaptchaFields(auth, request, action, captchaResp) {
3503
+ if (captchaResp === void 0) { captchaResp = false; }
3504
+ return __awaiter(this, void 0, void 0, function () {
3505
+ var verifier, captchaResponse, newRequest;
3506
+ return __generator(this, function (_a) {
3507
+ switch (_a.label) {
3508
+ case 0:
3509
+ verifier = new RecaptchaEnterpriseVerifier(auth);
3510
+ _a.label = 1;
3511
+ case 1:
3512
+ _a.trys.push([1, 3, , 5]);
3513
+ return [4 /*yield*/, verifier.verify(action)];
3514
+ case 2:
3515
+ captchaResponse = _a.sent();
3516
+ return [3 /*break*/, 5];
3517
+ case 3:
3518
+ _a.sent();
3519
+ return [4 /*yield*/, verifier.verify(action, true)];
3520
+ case 4:
3521
+ captchaResponse = _a.sent();
3522
+ return [3 /*break*/, 5];
3523
+ case 5:
3524
+ newRequest = __assign({}, request);
3525
+ if (!captchaResp) {
3526
+ Object.assign(newRequest, { captchaResponse: captchaResponse });
3527
+ }
3528
+ else {
3529
+ Object.assign(newRequest, { 'captchaResp': captchaResponse });
3530
+ }
3531
+ Object.assign(newRequest, { 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ });
3532
+ Object.assign(newRequest, {
3533
+ 'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
3534
+ });
3535
+ return [2 /*return*/, newRequest];
3536
+ }
3537
+ });
3538
+ });
3539
+ }
3540
+
3293
3541
  /**
3294
3542
  * @license
3295
3543
  * Copyright 2022 Google LLC
@@ -3411,9 +3659,10 @@ var AuthMiddlewareQueue = /** @class */ (function () {
3411
3659
  * limitations under the License.
3412
3660
  */
3413
3661
  var AuthImpl = /** @class */ (function () {
3414
- function AuthImpl(app, heartbeatServiceProvider, config) {
3662
+ function AuthImpl(app, heartbeatServiceProvider, appCheckServiceProvider, config) {
3415
3663
  this.app = app;
3416
3664
  this.heartbeatServiceProvider = heartbeatServiceProvider;
3665
+ this.appCheckServiceProvider = appCheckServiceProvider;
3417
3666
  this.config = config;
3418
3667
  this.currentUser = null;
3419
3668
  this.emulatorConfig = null;
@@ -3431,6 +3680,8 @@ var AuthImpl = /** @class */ (function () {
3431
3680
  this._initializationPromise = null;
3432
3681
  this._popupRedirectResolver = null;
3433
3682
  this._errorFactory = _DEFAULT_AUTH_ERROR_FACTORY;
3683
+ this._agentRecaptchaConfig = null;
3684
+ this._tenantRecaptchaConfigs = {};
3434
3685
  // Tracks the last notified UID for state change listeners to prevent
3435
3686
  // repeated calls to the callbacks. Undefined means it's never been
3436
3687
  // called, whereas null means it's been called with a signed out user
@@ -3760,6 +4011,41 @@ var AuthImpl = /** @class */ (function () {
3760
4011
  });
3761
4012
  }); });
3762
4013
  };
4014
+ AuthImpl.prototype.initializeRecaptchaConfig = function () {
4015
+ return __awaiter(this, void 0, void 0, function () {
4016
+ var response, config, verifier;
4017
+ return __generator(this, function (_a) {
4018
+ switch (_a.label) {
4019
+ case 0: return [4 /*yield*/, getRecaptchaConfig(this, {
4020
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
4021
+ version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
4022
+ })];
4023
+ case 1:
4024
+ response = _a.sent();
4025
+ config = new RecaptchaConfig(response);
4026
+ if (this.tenantId == null) {
4027
+ this._agentRecaptchaConfig = config;
4028
+ }
4029
+ else {
4030
+ this._tenantRecaptchaConfigs[this.tenantId] = config;
4031
+ }
4032
+ if (config.emailPasswordEnabled) {
4033
+ verifier = new RecaptchaEnterpriseVerifier(this);
4034
+ void verifier.verify();
4035
+ }
4036
+ return [2 /*return*/];
4037
+ }
4038
+ });
4039
+ });
4040
+ };
4041
+ AuthImpl.prototype._getRecaptchaConfig = function () {
4042
+ if (this.tenantId == null) {
4043
+ return this._agentRecaptchaConfig;
4044
+ }
4045
+ else {
4046
+ return this._tenantRecaptchaConfigs[this.tenantId];
4047
+ }
4048
+ };
3763
4049
  AuthImpl.prototype._getPersistence = function () {
3764
4050
  return this.assertedPersistence.persistence.type;
3765
4051
  };
@@ -3987,7 +4273,7 @@ var AuthImpl = /** @class */ (function () {
3987
4273
  AuthImpl.prototype._getAdditionalHeaders = function () {
3988
4274
  var _a;
3989
4275
  return __awaiter(this, void 0, void 0, function () {
3990
- var headers, heartbeatsHeader;
4276
+ var headers, heartbeatsHeader, appCheckToken;
3991
4277
  var _b;
3992
4278
  return __generator(this, function (_c) {
3993
4279
  switch (_c.label) {
@@ -4007,11 +4293,39 @@ var AuthImpl = /** @class */ (function () {
4007
4293
  if (heartbeatsHeader) {
4008
4294
  headers["X-Firebase-Client" /* HttpHeader.X_FIREBASE_CLIENT */] = heartbeatsHeader;
4009
4295
  }
4296
+ return [4 /*yield*/, this._getAppCheckToken()];
4297
+ case 2:
4298
+ appCheckToken = _c.sent();
4299
+ if (appCheckToken) {
4300
+ headers["X-Firebase-AppCheck" /* HttpHeader.X_FIREBASE_APP_CHECK */] = appCheckToken;
4301
+ }
4010
4302
  return [2 /*return*/, headers];
4011
4303
  }
4012
4304
  });
4013
4305
  });
4014
4306
  };
4307
+ AuthImpl.prototype._getAppCheckToken = function () {
4308
+ var _a;
4309
+ return __awaiter(this, void 0, void 0, function () {
4310
+ var appCheckTokenResult;
4311
+ return __generator(this, function (_b) {
4312
+ switch (_b.label) {
4313
+ case 0: return [4 /*yield*/, ((_a = this.appCheckServiceProvider
4314
+ .getImmediate({ optional: true })) === null || _a === void 0 ? void 0 : _a.getToken())];
4315
+ case 1:
4316
+ appCheckTokenResult = _b.sent();
4317
+ if (appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.error) {
4318
+ // Context: appCheck.getToken() will never throw even if an error happened.
4319
+ // In the error case, a dummy token will be returned along with an error field describing
4320
+ // the error. In general, we shouldn't care about the error condition and just use
4321
+ // the token (actual or dummy) to send requests.
4322
+ _logWarn("Error while retrieving App Check token: ".concat(appCheckTokenResult.error));
4323
+ }
4324
+ return [2 /*return*/, appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.token];
4325
+ }
4326
+ });
4327
+ });
4328
+ };
4015
4329
  return AuthImpl;
4016
4330
  }());
4017
4331
  /**
@@ -4042,6 +4356,74 @@ var Subscription = /** @class */ (function () {
4042
4356
  return Subscription;
4043
4357
  }());
4044
4358
 
4359
+ /**
4360
+ * @license
4361
+ * Copyright 2020 Google LLC
4362
+ *
4363
+ * Licensed under the Apache License, Version 2.0 (the "License");
4364
+ * you may not use this file except in compliance with the License.
4365
+ * You may obtain a copy of the License at
4366
+ *
4367
+ * http://www.apache.org/licenses/LICENSE-2.0
4368
+ *
4369
+ * Unless required by applicable law or agreed to in writing, software
4370
+ * distributed under the License is distributed on an "AS IS" BASIS,
4371
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
4372
+ * See the License for the specific language governing permissions and
4373
+ * limitations under the License.
4374
+ */
4375
+ /**
4376
+ * Initializes an {@link Auth} instance with fine-grained control over
4377
+ * {@link Dependencies}.
4378
+ *
4379
+ * @remarks
4380
+ *
4381
+ * This function allows more control over the {@link Auth} instance than
4382
+ * {@link getAuth}. `getAuth` uses platform-specific defaults to supply
4383
+ * the {@link Dependencies}. In general, `getAuth` is the easiest way to
4384
+ * initialize Auth and works for most use cases. Use `initializeAuth` if you
4385
+ * need control over which persistence layer is used, or to minimize bundle
4386
+ * size if you're not using either `signInWithPopup` or `signInWithRedirect`.
4387
+ *
4388
+ * For example, if your app only uses anonymous accounts and you only want
4389
+ * accounts saved for the current session, initialize `Auth` with:
4390
+ *
4391
+ * ```js
4392
+ * const auth = initializeAuth(app, {
4393
+ * persistence: browserSessionPersistence,
4394
+ * popupRedirectResolver: undefined,
4395
+ * });
4396
+ * ```
4397
+ *
4398
+ * @public
4399
+ */
4400
+ function initializeAuth(app, deps) {
4401
+ var provider = _getProvider(app, 'auth');
4402
+ if (provider.isInitialized()) {
4403
+ var auth_1 = provider.getImmediate();
4404
+ var initialOptions = provider.getOptions();
4405
+ if (deepEqual(initialOptions, deps !== null && deps !== void 0 ? deps : {})) {
4406
+ return auth_1;
4407
+ }
4408
+ else {
4409
+ _fail(auth_1, "already-initialized" /* AuthErrorCode.ALREADY_INITIALIZED */);
4410
+ }
4411
+ }
4412
+ var auth = provider.initialize({ options: deps });
4413
+ return auth;
4414
+ }
4415
+ function _initializeAuthInstance(auth, deps) {
4416
+ var persistence = (deps === null || deps === void 0 ? void 0 : deps.persistence) || [];
4417
+ var hierarchy = (Array.isArray(persistence) ? persistence : [persistence]).map(_getInstance);
4418
+ if (deps === null || deps === void 0 ? void 0 : deps.errorMap) {
4419
+ auth._updateErrorMap(deps.errorMap);
4420
+ }
4421
+ // This promise is intended to float; auth initialization happens in the
4422
+ // background, meanwhile the auth object may be used by the app.
4423
+ // eslint-disable-next-line @typescript-eslint/no-floating-promises
4424
+ auth._initializeWithPersistence(hierarchy, deps === null || deps === void 0 ? void 0 : deps.popupRedirectResolver);
4425
+ }
4426
+
4045
4427
  /**
4046
4428
  * Changes the {@link Auth} instance to communicate with the Firebase Auth Emulator, instead of production
4047
4429
  * Firebase Auth services.
@@ -4430,24 +4812,55 @@ var EmailAuthCredential = /** @class */ (function (_super) {
4430
4812
  };
4431
4813
  /** @internal */
4432
4814
  EmailAuthCredential.prototype._getIdTokenResponse = function (auth) {
4815
+ var _a;
4433
4816
  return __awaiter(this, void 0, void 0, function () {
4434
- return __generator(this, function (_a) {
4435
- switch (this.signInMethod) {
4436
- case "password" /* SignInMethod.EMAIL_PASSWORD */:
4437
- return [2 /*return*/, signInWithPassword(auth, {
4438
- returnSecureToken: true,
4439
- email: this._email,
4440
- password: this._password
4441
- })];
4442
- case "emailLink" /* SignInMethod.EMAIL_LINK */:
4443
- return [2 /*return*/, signInWithEmailLink$1(auth, {
4444
- email: this._email,
4445
- oobCode: this._password
4446
- })];
4447
- default:
4817
+ var _b, request_1, requestWithRecaptcha;
4818
+ var _this = this;
4819
+ return __generator(this, function (_c) {
4820
+ switch (_c.label) {
4821
+ case 0:
4822
+ _b = this.signInMethod;
4823
+ switch (_b) {
4824
+ case "password" /* SignInMethod.EMAIL_PASSWORD */: return [3 /*break*/, 1];
4825
+ case "emailLink" /* SignInMethod.EMAIL_LINK */: return [3 /*break*/, 4];
4826
+ }
4827
+ return [3 /*break*/, 5];
4828
+ case 1:
4829
+ request_1 = {
4830
+ returnSecureToken: true,
4831
+ email: this._email,
4832
+ password: this._password,
4833
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
4834
+ };
4835
+ if (!((_a = auth._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled)) return [3 /*break*/, 3];
4836
+ return [4 /*yield*/, injectRecaptchaFields(auth, request_1, "signInWithPassword" /* RecaptchaActionName.SIGN_IN_WITH_PASSWORD */)];
4837
+ case 2:
4838
+ requestWithRecaptcha = _c.sent();
4839
+ return [2 /*return*/, signInWithPassword(auth, requestWithRecaptcha)];
4840
+ case 3: return [2 /*return*/, signInWithPassword(auth, request_1).catch(function (error) { return __awaiter(_this, void 0, void 0, function () {
4841
+ var requestWithRecaptcha;
4842
+ return __generator(this, function (_a) {
4843
+ switch (_a.label) {
4844
+ case 0:
4845
+ if (!(error.code === "auth/".concat("missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */))) return [3 /*break*/, 2];
4846
+ console.log('Sign-in with email address and password is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-in flow.');
4847
+ return [4 /*yield*/, injectRecaptchaFields(auth, request_1, "signInWithPassword" /* RecaptchaActionName.SIGN_IN_WITH_PASSWORD */)];
4848
+ case 1:
4849
+ requestWithRecaptcha = _a.sent();
4850
+ return [2 /*return*/, signInWithPassword(auth, requestWithRecaptcha)];
4851
+ case 2: return [2 /*return*/, Promise.reject(error)];
4852
+ }
4853
+ });
4854
+ }); })];
4855
+ case 4: return [2 /*return*/, signInWithEmailLink$1(auth, {
4856
+ email: this._email,
4857
+ oobCode: this._password
4858
+ })];
4859
+ case 5:
4448
4860
  _fail(auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
4861
+ _c.label = 6;
4862
+ case 6: return [2 /*return*/];
4449
4863
  }
4450
- return [2 /*return*/];
4451
4864
  });
4452
4865
  });
4453
4866
  };
@@ -6634,23 +7047,61 @@ function _setActionCodeSettingsOnRequest(auth, request, actionCodeSettings) {
6634
7047
  * @public
6635
7048
  */
6636
7049
  function sendPasswordResetEmail(auth, email, actionCodeSettings) {
7050
+ var _a;
6637
7051
  return __awaiter(this, void 0, void 0, function () {
6638
- var authModular, request;
6639
- return __generator(this, function (_a) {
6640
- switch (_a.label) {
7052
+ var authInternal, request, requestWithRecaptcha;
7053
+ var _this = this;
7054
+ return __generator(this, function (_b) {
7055
+ switch (_b.label) {
6641
7056
  case 0:
6642
- authModular = getModularInstance(auth);
7057
+ authInternal = _castAuth(auth);
6643
7058
  request = {
6644
7059
  requestType: "PASSWORD_RESET" /* ActionCodeOperation.PASSWORD_RESET */,
6645
- email: email
7060
+ email: email,
7061
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
6646
7062
  };
7063
+ if (!((_a = authInternal._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled)) return [3 /*break*/, 3];
7064
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true)];
7065
+ case 1:
7066
+ requestWithRecaptcha = _b.sent();
6647
7067
  if (actionCodeSettings) {
6648
- _setActionCodeSettingsOnRequest(authModular, request, actionCodeSettings);
7068
+ _setActionCodeSettingsOnRequest(authInternal, requestWithRecaptcha, actionCodeSettings);
6649
7069
  }
6650
- return [4 /*yield*/, sendPasswordResetEmail$1(authModular, request)];
6651
- case 1:
6652
- _a.sent();
6653
- return [2 /*return*/];
7070
+ return [4 /*yield*/, sendPasswordResetEmail$1(authInternal, requestWithRecaptcha)];
7071
+ case 2:
7072
+ _b.sent();
7073
+ return [3 /*break*/, 5];
7074
+ case 3:
7075
+ if (actionCodeSettings) {
7076
+ _setActionCodeSettingsOnRequest(authInternal, request, actionCodeSettings);
7077
+ }
7078
+ return [4 /*yield*/, sendPasswordResetEmail$1(authInternal, request)
7079
+ .catch(function (error) { return __awaiter(_this, void 0, void 0, function () {
7080
+ var requestWithRecaptcha;
7081
+ return __generator(this, function (_a) {
7082
+ switch (_a.label) {
7083
+ case 0:
7084
+ if (!(error.code === "auth/".concat("missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */))) return [3 /*break*/, 3];
7085
+ console.log('Password resets are protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the password reset flow.');
7086
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true)];
7087
+ case 1:
7088
+ requestWithRecaptcha = _a.sent();
7089
+ if (actionCodeSettings) {
7090
+ _setActionCodeSettingsOnRequest(authInternal, requestWithRecaptcha, actionCodeSettings);
7091
+ }
7092
+ return [4 /*yield*/, sendPasswordResetEmail$1(authInternal, requestWithRecaptcha)];
7093
+ case 2:
7094
+ _a.sent();
7095
+ return [3 /*break*/, 4];
7096
+ case 3: return [2 /*return*/, Promise.reject(error)];
7097
+ case 4: return [2 /*return*/];
7098
+ }
7099
+ });
7100
+ }); })];
7101
+ case 4:
7102
+ _b.sent();
7103
+ _b.label = 5;
7104
+ case 5: return [2 /*return*/];
6654
7105
  }
6655
7106
  });
6656
7107
  });
@@ -6795,25 +7246,54 @@ function verifyPasswordResetCode(auth, code) {
6795
7246
  * @public
6796
7247
  */
6797
7248
  function createUserWithEmailAndPassword(auth, email, password) {
7249
+ var _a;
6798
7250
  return __awaiter(this, void 0, void 0, function () {
6799
- var authInternal, response, userCredential;
6800
- return __generator(this, function (_a) {
6801
- switch (_a.label) {
7251
+ var authInternal, request, signUpResponse, requestWithRecaptcha, response, userCredential;
7252
+ var _this = this;
7253
+ return __generator(this, function (_b) {
7254
+ switch (_b.label) {
6802
7255
  case 0:
6803
7256
  authInternal = _castAuth(auth);
6804
- return [4 /*yield*/, signUp(authInternal, {
6805
- returnSecureToken: true,
6806
- email: email,
6807
- password: password
6808
- })];
7257
+ request = {
7258
+ returnSecureToken: true,
7259
+ email: email,
7260
+ password: password,
7261
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
7262
+ };
7263
+ if (!((_a = authInternal._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled)) return [3 /*break*/, 2];
7264
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */)];
6809
7265
  case 1:
6810
- response = _a.sent();
6811
- return [4 /*yield*/, UserCredentialImpl._fromIdTokenResponse(authInternal, "signIn" /* OperationType.SIGN_IN */, response)];
7266
+ requestWithRecaptcha = _b.sent();
7267
+ signUpResponse = signUp(authInternal, requestWithRecaptcha);
7268
+ return [3 /*break*/, 3];
6812
7269
  case 2:
6813
- userCredential = _a.sent();
7270
+ signUpResponse = signUp(authInternal, request).catch(function (error) { return __awaiter(_this, void 0, void 0, function () {
7271
+ var requestWithRecaptcha;
7272
+ return __generator(this, function (_a) {
7273
+ switch (_a.label) {
7274
+ case 0:
7275
+ if (!(error.code === "auth/".concat("missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */))) return [3 /*break*/, 2];
7276
+ console.log('Sign-up is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-up flow.');
7277
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */)];
7278
+ case 1:
7279
+ requestWithRecaptcha = _a.sent();
7280
+ return [2 /*return*/, signUp(authInternal, requestWithRecaptcha)];
7281
+ case 2: return [2 /*return*/, Promise.reject(error)];
7282
+ }
7283
+ });
7284
+ }); });
7285
+ _b.label = 3;
7286
+ case 3: return [4 /*yield*/, signUpResponse.catch(function (error) {
7287
+ return Promise.reject(error);
7288
+ })];
7289
+ case 4:
7290
+ response = _b.sent();
7291
+ return [4 /*yield*/, UserCredentialImpl._fromIdTokenResponse(authInternal, "signIn" /* OperationType.SIGN_IN */, response)];
7292
+ case 5:
7293
+ userCredential = _b.sent();
6814
7294
  return [4 /*yield*/, authInternal._updateCurrentUser(userCredential.user)];
6815
- case 3:
6816
- _a.sent();
7295
+ case 6:
7296
+ _b.sent();
6817
7297
  return [2 /*return*/, userCredential];
6818
7298
  }
6819
7299
  });
@@ -6894,24 +7374,61 @@ function signInWithEmailAndPassword(auth, email, password) {
6894
7374
  * @public
6895
7375
  */
6896
7376
  function sendSignInLinkToEmail(auth, email, actionCodeSettings) {
7377
+ var _a;
6897
7378
  return __awaiter(this, void 0, void 0, function () {
6898
- var authModular, request;
6899
- return __generator(this, function (_a) {
6900
- switch (_a.label) {
7379
+ function setActionCodeSettings(request, actionCodeSettings) {
7380
+ _assert(actionCodeSettings.handleCodeInApp, authInternal, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
7381
+ if (actionCodeSettings) {
7382
+ _setActionCodeSettingsOnRequest(authInternal, request, actionCodeSettings);
7383
+ }
7384
+ }
7385
+ var authInternal, request, requestWithRecaptcha;
7386
+ var _this = this;
7387
+ return __generator(this, function (_b) {
7388
+ switch (_b.label) {
6901
7389
  case 0:
6902
- authModular = getModularInstance(auth);
7390
+ authInternal = _castAuth(auth);
6903
7391
  request = {
6904
7392
  requestType: "EMAIL_SIGNIN" /* ActionCodeOperation.EMAIL_SIGNIN */,
6905
- email: email
7393
+ email: email,
7394
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
6906
7395
  };
6907
- _assert(actionCodeSettings.handleCodeInApp, authModular, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
6908
- if (actionCodeSettings) {
6909
- _setActionCodeSettingsOnRequest(authModular, request, actionCodeSettings);
6910
- }
6911
- return [4 /*yield*/, sendSignInLinkToEmail$1(authModular, request)];
7396
+ if (!((_a = authInternal._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled)) return [3 /*break*/, 3];
7397
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true)];
6912
7398
  case 1:
6913
- _a.sent();
6914
- return [2 /*return*/];
7399
+ requestWithRecaptcha = _b.sent();
7400
+ setActionCodeSettings(requestWithRecaptcha, actionCodeSettings);
7401
+ return [4 /*yield*/, sendSignInLinkToEmail$1(authInternal, requestWithRecaptcha)];
7402
+ case 2:
7403
+ _b.sent();
7404
+ return [3 /*break*/, 5];
7405
+ case 3:
7406
+ setActionCodeSettings(request, actionCodeSettings);
7407
+ return [4 /*yield*/, sendSignInLinkToEmail$1(authInternal, request)
7408
+ .catch(function (error) { return __awaiter(_this, void 0, void 0, function () {
7409
+ var requestWithRecaptcha;
7410
+ return __generator(this, function (_a) {
7411
+ switch (_a.label) {
7412
+ case 0:
7413
+ if (!(error.code === "auth/".concat("missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */))) return [3 /*break*/, 3];
7414
+ console.log('Email link sign-in is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-in flow.');
7415
+ return [4 /*yield*/, injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true)];
7416
+ case 1:
7417
+ requestWithRecaptcha = _a.sent();
7418
+ setActionCodeSettings(requestWithRecaptcha, actionCodeSettings);
7419
+ return [4 /*yield*/, sendSignInLinkToEmail$1(authInternal, requestWithRecaptcha)];
7420
+ case 2:
7421
+ _a.sent();
7422
+ return [3 /*break*/, 4];
7423
+ case 3: return [2 /*return*/, Promise.reject(error)];
7424
+ case 4: return [2 /*return*/];
7425
+ }
7426
+ });
7427
+ }); })];
7428
+ case 4:
7429
+ _b.sent();
7430
+ _b.label = 5;
7431
+ case 5: return [2 /*return*/];
6915
7432
  }
6916
7433
  });
6917
7434
  });
@@ -7507,6 +8024,35 @@ function getAdditionalUserInfo(userCredential) {
7507
8024
  function setPersistence(auth, persistence) {
7508
8025
  return getModularInstance(auth).setPersistence(persistence);
7509
8026
  }
8027
+ /**
8028
+ * Loads the reCAPTCHA configuration into the `Auth` instance.
8029
+ *
8030
+ * @remarks
8031
+ * This will load the reCAPTCHA config, which indicates whether the reCAPTCHA
8032
+ * verification flow should be triggered for each auth provider, into the
8033
+ * current Auth session.
8034
+ *
8035
+ * If initializeRecaptchaConfig() is not invoked, the auth flow will always start
8036
+ * without reCAPTCHA verification. If the provider is configured to require reCAPTCHA
8037
+ * verification, the SDK will transparently load the reCAPTCHA config and restart the
8038
+ * auth flows.
8039
+ *
8040
+ * Thus, by calling this optional method, you will reduce the latency of future auth flows.
8041
+ * Loading the reCAPTCHA config early will also enhance the signal collected by reCAPTCHA.
8042
+ *
8043
+ * @example
8044
+ * ```javascript
8045
+ * initializeRecaptchaConfig(auth);
8046
+ * ```
8047
+ *
8048
+ * @param auth - The {@link Auth} instance.
8049
+ *
8050
+ * @public
8051
+ */
8052
+ function initializeRecaptchaConfig(auth) {
8053
+ var authInternal = _castAuth(auth);
8054
+ return authInternal.initializeRecaptchaConfig();
8055
+ }
7510
8056
  /**
7511
8057
  * Adds an observer for changes to the signed-in user's ID token.
7512
8058
  *
@@ -7911,7 +8457,7 @@ function multiFactor(user) {
7911
8457
  }
7912
8458
 
7913
8459
  var name = "@firebase/auth";
7914
- var version = "0.22.0";
8460
+ var version = "0.23.0-20230413163153";
7915
8461
 
7916
8462
  /**
7917
8463
  * @license
@@ -8031,26 +8577,25 @@ function registerAuth(clientPlatform) {
8031
8577
  var deps = _a.options;
8032
8578
  var app = container.getProvider('app').getImmediate();
8033
8579
  var heartbeatServiceProvider = container.getProvider('heartbeat');
8580
+ var appCheckServiceProvider = container.getProvider('app-check-internal');
8034
8581
  var _b = app.options, apiKey = _b.apiKey, authDomain = _b.authDomain;
8035
- return (function (app, heartbeatServiceProvider) {
8036
- _assert(apiKey && !apiKey.includes(':'), "invalid-api-key" /* AuthErrorCode.INVALID_API_KEY */, { appName: app.name });
8037
- // Auth domain is optional if IdP sign in isn't being used
8038
- _assert(!(authDomain === null || authDomain === void 0 ? void 0 : authDomain.includes(':')), "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */, {
8039
- appName: app.name
8040
- });
8041
- var config = {
8042
- apiKey: apiKey,
8043
- authDomain: authDomain,
8044
- clientPlatform: clientPlatform,
8045
- apiHost: "identitytoolkit.googleapis.com" /* DefaultConfig.API_HOST */,
8046
- tokenApiHost: "securetoken.googleapis.com" /* DefaultConfig.TOKEN_API_HOST */,
8047
- apiScheme: "https" /* DefaultConfig.API_SCHEME */,
8048
- sdkClientVersion: _getClientVersion(clientPlatform)
8049
- };
8050
- var authInstance = new AuthImpl(app, heartbeatServiceProvider, config);
8051
- _initializeAuthInstance(authInstance, deps);
8052
- return authInstance;
8053
- })(app, heartbeatServiceProvider);
8582
+ _assert(apiKey && !apiKey.includes(':'), "invalid-api-key" /* AuthErrorCode.INVALID_API_KEY */, { appName: app.name });
8583
+ // Auth domain is optional if IdP sign in isn't being used
8584
+ _assert(!(authDomain === null || authDomain === void 0 ? void 0 : authDomain.includes(':')), "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */, {
8585
+ appName: app.name
8586
+ });
8587
+ var config = {
8588
+ apiKey: apiKey,
8589
+ authDomain: authDomain,
8590
+ clientPlatform: clientPlatform,
8591
+ apiHost: "identitytoolkit.googleapis.com" /* DefaultConfig.API_HOST */,
8592
+ tokenApiHost: "securetoken.googleapis.com" /* DefaultConfig.TOKEN_API_HOST */,
8593
+ apiScheme: "https" /* DefaultConfig.API_SCHEME */,
8594
+ sdkClientVersion: _getClientVersion(clientPlatform)
8595
+ };
8596
+ var authInstance = new AuthImpl(app, heartbeatServiceProvider, appCheckServiceProvider, config);
8597
+ _initializeAuthInstance(authInstance, deps);
8598
+ return authInstance;
8054
8599
  }, "PUBLIC" /* ComponentType.PUBLIC */)
8055
8600
  /**
8056
8601
  * Auth can only be initialized by explicitly calling getAuth() or initializeAuth()
@@ -9251,48 +9796,67 @@ var WIDGET_PATH = '__/auth/handler';
9251
9796
  * @internal
9252
9797
  */
9253
9798
  var EMULATOR_WIDGET_PATH = 'emulator/auth/handler';
9799
+ /**
9800
+ * Fragment name for the App Check token that gets passed to the widget
9801
+ *
9802
+ * @internal
9803
+ */
9804
+ var FIREBASE_APP_CHECK_FRAGMENT_ID = encodeURIComponent('fac');
9254
9805
  function _getRedirectUrl(auth, provider, authType, redirectUrl, eventId, additionalParams) {
9255
- _assert(auth.config.authDomain, auth, "auth-domain-config-required" /* AuthErrorCode.MISSING_AUTH_DOMAIN */);
9256
- _assert(auth.config.apiKey, auth, "invalid-api-key" /* AuthErrorCode.INVALID_API_KEY */);
9257
- var params = {
9258
- apiKey: auth.config.apiKey,
9259
- appName: auth.name,
9260
- authType: authType,
9261
- redirectUrl: redirectUrl,
9262
- v: SDK_VERSION,
9263
- eventId: eventId
9264
- };
9265
- if (provider instanceof FederatedAuthProvider) {
9266
- provider.setDefaultLanguage(auth.languageCode);
9267
- params.providerId = provider.providerId || '';
9268
- if (!isEmpty(provider.getCustomParameters())) {
9269
- params.customParameters = JSON.stringify(provider.getCustomParameters());
9270
- }
9271
- // TODO set additionalParams from the provider as well?
9272
- for (var _i = 0, _a = Object.entries(additionalParams || {}); _i < _a.length; _i++) {
9273
- var _b = _a[_i], key = _b[0], value = _b[1];
9274
- params[key] = value;
9275
- }
9276
- }
9277
- if (provider instanceof BaseOAuthProvider) {
9278
- var scopes = provider.getScopes().filter(function (scope) { return scope !== ''; });
9279
- if (scopes.length > 0) {
9280
- params.scopes = scopes.join(',');
9281
- }
9282
- }
9283
- if (auth.tenantId) {
9284
- params.tid = auth.tenantId;
9285
- }
9286
- // TODO: maybe set eid as endipointId
9287
- // TODO: maybe set fw as Frameworks.join(",")
9288
- var paramsDict = params;
9289
- for (var _c = 0, _d = Object.keys(paramsDict); _c < _d.length; _c++) {
9290
- var key = _d[_c];
9291
- if (paramsDict[key] === undefined) {
9292
- delete paramsDict[key];
9293
- }
9294
- }
9295
- return "".concat(getHandlerBase(auth), "?").concat(querystring(paramsDict).slice(1));
9806
+ return __awaiter(this, void 0, void 0, function () {
9807
+ var params, _i, _a, _b, key, value, scopes, paramsDict, _c, _d, key, appCheckToken, appCheckTokenFragment;
9808
+ return __generator(this, function (_e) {
9809
+ switch (_e.label) {
9810
+ case 0:
9811
+ _assert(auth.config.authDomain, auth, "auth-domain-config-required" /* AuthErrorCode.MISSING_AUTH_DOMAIN */);
9812
+ _assert(auth.config.apiKey, auth, "invalid-api-key" /* AuthErrorCode.INVALID_API_KEY */);
9813
+ params = {
9814
+ apiKey: auth.config.apiKey,
9815
+ appName: auth.name,
9816
+ authType: authType,
9817
+ redirectUrl: redirectUrl,
9818
+ v: SDK_VERSION,
9819
+ eventId: eventId
9820
+ };
9821
+ if (provider instanceof FederatedAuthProvider) {
9822
+ provider.setDefaultLanguage(auth.languageCode);
9823
+ params.providerId = provider.providerId || '';
9824
+ if (!isEmpty(provider.getCustomParameters())) {
9825
+ params.customParameters = JSON.stringify(provider.getCustomParameters());
9826
+ }
9827
+ // TODO set additionalParams from the provider as well?
9828
+ for (_i = 0, _a = Object.entries(additionalParams || {}); _i < _a.length; _i++) {
9829
+ _b = _a[_i], key = _b[0], value = _b[1];
9830
+ params[key] = value;
9831
+ }
9832
+ }
9833
+ if (provider instanceof BaseOAuthProvider) {
9834
+ scopes = provider.getScopes().filter(function (scope) { return scope !== ''; });
9835
+ if (scopes.length > 0) {
9836
+ params.scopes = scopes.join(',');
9837
+ }
9838
+ }
9839
+ if (auth.tenantId) {
9840
+ params.tid = auth.tenantId;
9841
+ }
9842
+ paramsDict = params;
9843
+ for (_c = 0, _d = Object.keys(paramsDict); _c < _d.length; _c++) {
9844
+ key = _d[_c];
9845
+ if (paramsDict[key] === undefined) {
9846
+ delete paramsDict[key];
9847
+ }
9848
+ }
9849
+ return [4 /*yield*/, auth._getAppCheckToken()];
9850
+ case 1:
9851
+ appCheckToken = _e.sent();
9852
+ appCheckTokenFragment = appCheckToken
9853
+ ? "#".concat(FIREBASE_APP_CHECK_FRAGMENT_ID, "=").concat(encodeURIComponent(appCheckToken))
9854
+ : '';
9855
+ // Start at index 1 to skip the leading '&' in the query string
9856
+ return [2 /*return*/, "".concat(getHandlerBase(auth), "?").concat(querystring(paramsDict).slice(1)).concat(appCheckTokenFragment)];
9857
+ }
9858
+ });
9859
+ });
9296
9860
  }
9297
9861
  function getHandlerBase(_a) {
9298
9862
  var config = _a.config;
@@ -10093,5 +10657,5 @@ function generateNoEvent() {
10093
10657
  };
10094
10658
  }
10095
10659
 
10096
- export { signInWithEmailLink as $, ActionCodeOperation as A, FacebookAuthProvider as B, GithubAuthProvider as C, OAuthProvider as D, EmailAuthCredential as E, FactorId as F, GoogleAuthProvider as G, SAMLAuthProvider as H, signInAnonymously as I, signInWithCredential as J, linkWithCredential as K, reauthenticateWithCredential as L, signInWithCustomToken as M, sendPasswordResetEmail as N, OperationType as O, ProviderId as P, confirmPasswordReset as Q, applyActionCode as R, SignInMethod as S, TwitterAuthProvider as T, checkActionCode as U, verifyPasswordResetCode as V, createUserWithEmailAndPassword as W, signInWithEmailAndPassword as X, sendSignInLinkToEmail as Y, isSignInWithEmailLink as Z, _signInWithRedirect as _, _reauthenticateWithRedirect as a, fetchSignInMethodsForEmail as a0, sendEmailVerification as a1, verifyBeforeUpdateEmail as a2, ActionCodeURL as a3, parseActionCodeURL as a4, updateProfile as a5, updateEmail as a6, updatePassword as a7, getIdToken as a8, getIdTokenResult as a9, _getCurrentUrl as aA, _emulatorUrl as aB, _isChromeIOS as aC, _isFirefox as aD, _isIOSStandalone as aE, _getRedirectUrl as aF, _setWindowLocation as aG, _isMobileBrowser as aH, _isSafari as aI, _isIOS as aJ, _getRedirectResult as aK, _overrideRedirectResult as aL, AuthEventManager as aM, debugFail as aN, finalizeEnrollPhoneMfa as aO, finalizeEnrollTotpMfa as aP, startEnrollTotpMfa as aQ, _persistenceKeyName as aR, UserImpl as aS, _getInstance as aT, AuthImpl as aU, _getClientVersion as aV, FetchProvider as aW, SAMLAuthCredential as aX, signInWithRedirect as aY, linkWithRedirect as aZ, reauthenticateWithRedirect as a_, unlink as aa, getAdditionalUserInfo as ab, reload as ac, getMultiFactorResolver as ad, multiFactor as ae, _performApiRequest as af, _addTidIfNecessary as ag, _createError as ah, _assert as ai, Delay as aj, _window as ak, _isHttpOrHttps as al, _isWorker as am, _castAuth as an, _assertLinkedStatus as ao, sendPhoneVerificationCode as ap, startEnrollPhoneMfa as aq, _link$1 as ar, debugAssert as as, _generateEventId as at, AbstractPopupRedirectOperation as au, _assertInstanceOf as av, _withDefaultResolver as aw, FederatedAuthProvider as ax, _fail as ay, _getProjectConfig as az, _linkWithRedirect as b, indexedDBLocalPersistence as c, cordovaPopupRedirectResolver as d, browserLocalPersistence as e, browserSessionPersistence as f, getRedirectResult as g, beforeAuthStateChanged as h, initializeAuth as i, onAuthStateChanged as j, updateCurrentUser as k, signOut as l, deleteUser as m, debugErrorMap as n, onIdTokenChanged as o, prodErrorMap as p, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as q, registerAuth as r, setPersistence as s, connectAuthEmulator as t, useDeviceLanguage as u, AuthCredential as v, OAuthCredential as w, PhoneAuthCredential as x, inMemoryPersistence as y, EmailAuthProvider as z };
10097
- //# sourceMappingURL=popup_redirect-3519667a.js.map
10660
+ export { isSignInWithEmailLink as $, ActionCodeOperation as A, EmailAuthProvider as B, FacebookAuthProvider as C, GithubAuthProvider as D, EmailAuthCredential as E, FactorId as F, GoogleAuthProvider as G, OAuthProvider as H, SAMLAuthProvider as I, signInAnonymously as J, signInWithCredential as K, linkWithCredential as L, reauthenticateWithCredential as M, signInWithCustomToken as N, OperationType as O, ProviderId as P, sendPasswordResetEmail as Q, confirmPasswordReset as R, SignInMethod as S, TwitterAuthProvider as T, applyActionCode as U, checkActionCode as V, verifyPasswordResetCode as W, createUserWithEmailAndPassword as X, signInWithEmailAndPassword as Y, sendSignInLinkToEmail as Z, _signInWithRedirect as _, _reauthenticateWithRedirect as a, FetchProvider as a$, signInWithEmailLink as a0, fetchSignInMethodsForEmail as a1, sendEmailVerification as a2, verifyBeforeUpdateEmail as a3, ActionCodeURL as a4, parseActionCodeURL as a5, updateProfile as a6, updateEmail as a7, updatePassword as a8, getIdToken as a9, _assertInstanceOf as aA, _withDefaultResolver as aB, FederatedAuthProvider as aC, _fail as aD, _getProjectConfig as aE, _getCurrentUrl as aF, _emulatorUrl as aG, _isChromeIOS as aH, _isFirefox as aI, _isIOSStandalone as aJ, _getRedirectUrl as aK, _setWindowLocation as aL, _isMobileBrowser as aM, _isSafari as aN, _isIOS as aO, _getRedirectResult as aP, _overrideRedirectResult as aQ, AuthEventManager as aR, debugFail as aS, finalizeEnrollPhoneMfa as aT, finalizeEnrollTotpMfa as aU, startEnrollTotpMfa as aV, _persistenceKeyName as aW, UserImpl as aX, _getInstance as aY, AuthImpl as aZ, _getClientVersion as a_, getIdTokenResult as aa, unlink as ab, getAdditionalUserInfo as ac, reload as ad, getMultiFactorResolver as ae, multiFactor as af, _performApiRequest as ag, _addTidIfNecessary as ah, _assert as ai, Delay as aj, _window as ak, isV2 as al, _createError as am, _loadJS as an, _generateCallbackName as ao, getRecaptchaParams as ap, _isHttpOrHttps as aq, _isWorker as ar, _castAuth as as, _assertLinkedStatus as at, sendPhoneVerificationCode as au, startEnrollPhoneMfa as av, _link$1 as aw, debugAssert as ax, _generateEventId as ay, AbstractPopupRedirectOperation as az, _linkWithRedirect as b, SAMLAuthCredential as b0, signInWithRedirect as b1, linkWithRedirect as b2, reauthenticateWithRedirect as b3, indexedDBLocalPersistence as c, cordovaPopupRedirectResolver as d, browserLocalPersistence as e, browserSessionPersistence as f, getRedirectResult as g, initializeRecaptchaConfig as h, initializeAuth as i, beforeAuthStateChanged as j, onAuthStateChanged as k, updateCurrentUser as l, signOut as m, deleteUser as n, onIdTokenChanged as o, debugErrorMap as p, prodErrorMap as q, registerAuth as r, setPersistence as s, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as t, useDeviceLanguage as u, connectAuthEmulator as v, AuthCredential as w, OAuthCredential as x, PhoneAuthCredential as y, inMemoryPersistence as z };
10661
+ //# sourceMappingURL=popup_redirect-fcd471f9.js.map