@firebase/auth 0.22.0 → 0.23.0-canary.0a27d2fbf

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (209) hide show
  1. package/CHANGELOG.md +8 -0
  2. package/dist/auth-public.d.ts +57 -0
  3. package/dist/auth.d.ts +71 -1
  4. package/dist/browser-cjs/{index-5859881d.js → index-5df83e84.js} +590 -207
  5. package/dist/browser-cjs/index-5df83e84.js.map +1 -0
  6. package/dist/browser-cjs/index.js +3 -2
  7. package/dist/browser-cjs/index.js.map +1 -1
  8. package/dist/browser-cjs/internal.js +3 -2
  9. package/dist/browser-cjs/internal.js.map +1 -1
  10. package/dist/browser-cjs/src/api/authentication/email_and_password.d.ts +9 -0
  11. package/dist/browser-cjs/src/api/authentication/recaptcha.d.ts +16 -0
  12. package/dist/browser-cjs/src/api/authentication/sign_up.d.ts +4 -0
  13. package/dist/browser-cjs/src/api/errors.d.ts +9 -1
  14. package/dist/browser-cjs/src/api/index.d.ts +17 -2
  15. package/dist/browser-cjs/src/core/auth/auth_impl.d.ts +9 -1
  16. package/dist/browser-cjs/src/core/errors.d.ts +17 -1
  17. package/dist/browser-cjs/src/core/index.d.ts +26 -0
  18. package/dist/browser-cjs/src/core/util/handler.d.ts +1 -1
  19. package/dist/browser-cjs/src/core/util/log.d.ts +1 -0
  20. package/dist/browser-cjs/src/model/auth.d.ts +6 -0
  21. package/dist/browser-cjs/src/platform_browser/auth_window.d.ts +2 -2
  22. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  23. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  24. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  25. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  26. package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  27. package/dist/browser-cjs/src/platform_browser/strategies/popup.d.ts +1 -1
  28. package/dist/browser-cjs/test/helpers/api/helper.d.ts +2 -0
  29. package/dist/browser-cjs/test/helpers/mock_auth.d.ts +5 -0
  30. package/dist/cordova/index.js +2 -2
  31. package/dist/cordova/internal.js +21 -77
  32. package/dist/cordova/internal.js.map +1 -1
  33. package/dist/cordova/{popup_redirect-3519667a.js → popup_redirect-b3f8e40c.js} +778 -214
  34. package/dist/cordova/popup_redirect-b3f8e40c.js.map +1 -0
  35. package/dist/cordova/src/api/authentication/email_and_password.d.ts +9 -0
  36. package/dist/cordova/src/api/authentication/recaptcha.d.ts +16 -0
  37. package/dist/cordova/src/api/authentication/sign_up.d.ts +4 -0
  38. package/dist/cordova/src/api/errors.d.ts +9 -1
  39. package/dist/cordova/src/api/index.d.ts +17 -2
  40. package/dist/cordova/src/core/auth/auth_impl.d.ts +9 -1
  41. package/dist/cordova/src/core/errors.d.ts +17 -1
  42. package/dist/cordova/src/core/index.d.ts +26 -0
  43. package/dist/cordova/src/core/util/handler.d.ts +1 -1
  44. package/dist/cordova/src/core/util/log.d.ts +1 -0
  45. package/dist/cordova/src/model/auth.d.ts +6 -0
  46. package/dist/cordova/src/platform_browser/auth_window.d.ts +2 -2
  47. package/dist/cordova/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  48. package/dist/cordova/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  49. package/dist/cordova/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  50. package/dist/cordova/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  51. package/dist/cordova/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  52. package/dist/cordova/src/platform_browser/strategies/popup.d.ts +1 -1
  53. package/dist/cordova/test/helpers/api/helper.d.ts +2 -0
  54. package/dist/cordova/test/helpers/mock_auth.d.ts +5 -0
  55. package/dist/esm2017/{index-680e2b70.js → index-6cb4f120.js} +591 -209
  56. package/dist/esm2017/index-6cb4f120.js.map +1 -0
  57. package/dist/esm2017/index.js +2 -2
  58. package/dist/esm2017/internal.js +3 -3
  59. package/dist/esm2017/src/api/authentication/email_and_password.d.ts +9 -0
  60. package/dist/esm2017/src/api/authentication/recaptcha.d.ts +16 -0
  61. package/dist/esm2017/src/api/authentication/sign_up.d.ts +4 -0
  62. package/dist/esm2017/src/api/errors.d.ts +9 -1
  63. package/dist/esm2017/src/api/index.d.ts +17 -2
  64. package/dist/esm2017/src/core/auth/auth_impl.d.ts +9 -1
  65. package/dist/esm2017/src/core/errors.d.ts +17 -1
  66. package/dist/esm2017/src/core/index.d.ts +26 -0
  67. package/dist/esm2017/src/core/util/handler.d.ts +1 -1
  68. package/dist/esm2017/src/core/util/log.d.ts +1 -0
  69. package/dist/esm2017/src/model/auth.d.ts +6 -0
  70. package/dist/esm2017/src/platform_browser/auth_window.d.ts +2 -2
  71. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  72. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  73. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  74. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  75. package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  76. package/dist/esm2017/src/platform_browser/strategies/popup.d.ts +1 -1
  77. package/dist/esm2017/test/helpers/api/helper.d.ts +2 -0
  78. package/dist/esm2017/test/helpers/mock_auth.d.ts +5 -0
  79. package/dist/esm5/{index-714e827f.js → index-4dc6213a.js} +797 -289
  80. package/dist/esm5/index-4dc6213a.js.map +1 -0
  81. package/dist/esm5/index.js +1 -1
  82. package/dist/esm5/internal.js +2 -2
  83. package/dist/esm5/src/api/authentication/email_and_password.d.ts +9 -0
  84. package/dist/esm5/src/api/authentication/recaptcha.d.ts +16 -0
  85. package/dist/esm5/src/api/authentication/sign_up.d.ts +4 -0
  86. package/dist/esm5/src/api/errors.d.ts +9 -1
  87. package/dist/esm5/src/api/index.d.ts +17 -2
  88. package/dist/esm5/src/core/auth/auth_impl.d.ts +9 -1
  89. package/dist/esm5/src/core/errors.d.ts +17 -1
  90. package/dist/esm5/src/core/index.d.ts +26 -0
  91. package/dist/esm5/src/core/util/handler.d.ts +1 -1
  92. package/dist/esm5/src/core/util/log.d.ts +1 -0
  93. package/dist/esm5/src/model/auth.d.ts +6 -0
  94. package/dist/esm5/src/platform_browser/auth_window.d.ts +2 -2
  95. package/dist/esm5/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  96. package/dist/esm5/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  97. package/dist/esm5/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  98. package/dist/esm5/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  99. package/dist/esm5/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  100. package/dist/esm5/src/platform_browser/strategies/popup.d.ts +1 -1
  101. package/dist/esm5/test/helpers/api/helper.d.ts +2 -0
  102. package/dist/esm5/test/helpers/mock_auth.d.ts +5 -0
  103. package/dist/index.webworker.esm5.js +602 -74
  104. package/dist/index.webworker.esm5.js.map +1 -1
  105. package/dist/node/index.js +2 -1
  106. package/dist/node/index.js.map +1 -1
  107. package/dist/node/internal.js +62 -42
  108. package/dist/node/internal.js.map +1 -1
  109. package/dist/node/src/api/authentication/email_and_password.d.ts +9 -0
  110. package/dist/node/src/api/authentication/recaptcha.d.ts +16 -0
  111. package/dist/node/src/api/authentication/sign_up.d.ts +4 -0
  112. package/dist/node/src/api/errors.d.ts +9 -1
  113. package/dist/node/src/api/index.d.ts +17 -2
  114. package/dist/node/src/core/auth/auth_impl.d.ts +9 -1
  115. package/dist/node/src/core/errors.d.ts +17 -1
  116. package/dist/node/src/core/index.d.ts +26 -0
  117. package/dist/node/src/core/util/handler.d.ts +1 -1
  118. package/dist/node/src/core/util/log.d.ts +1 -0
  119. package/dist/node/src/model/auth.d.ts +6 -0
  120. package/dist/node/src/platform_browser/auth_window.d.ts +2 -2
  121. package/dist/node/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  122. package/dist/node/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  123. package/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  124. package/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  125. package/dist/node/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  126. package/dist/node/src/platform_browser/strategies/popup.d.ts +1 -1
  127. package/dist/node/test/helpers/api/helper.d.ts +2 -0
  128. package/dist/node/test/helpers/mock_auth.d.ts +5 -0
  129. package/dist/node/{totp-416a2adc.js → totp-c1b55906.js} +700 -171
  130. package/dist/node/totp-c1b55906.js.map +1 -0
  131. package/dist/node-esm/index.js +1 -1
  132. package/dist/node-esm/internal.js +16 -4
  133. package/dist/node-esm/internal.js.map +1 -1
  134. package/dist/node-esm/src/api/authentication/email_and_password.d.ts +9 -0
  135. package/dist/node-esm/src/api/authentication/recaptcha.d.ts +16 -0
  136. package/dist/node-esm/src/api/authentication/sign_up.d.ts +4 -0
  137. package/dist/node-esm/src/api/errors.d.ts +9 -1
  138. package/dist/node-esm/src/api/index.d.ts +17 -2
  139. package/dist/node-esm/src/core/auth/auth_impl.d.ts +9 -1
  140. package/dist/node-esm/src/core/errors.d.ts +17 -1
  141. package/dist/node-esm/src/core/index.d.ts +26 -0
  142. package/dist/node-esm/src/core/util/handler.d.ts +1 -1
  143. package/dist/node-esm/src/core/util/log.d.ts +1 -0
  144. package/dist/node-esm/src/model/auth.d.ts +6 -0
  145. package/dist/node-esm/src/platform_browser/auth_window.d.ts +2 -2
  146. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  147. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  148. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  149. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  150. package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  151. package/dist/node-esm/src/platform_browser/strategies/popup.d.ts +1 -1
  152. package/dist/node-esm/test/helpers/api/helper.d.ts +2 -0
  153. package/dist/node-esm/test/helpers/mock_auth.d.ts +5 -0
  154. package/dist/node-esm/{totp-c3bf2a20.js → totp-5cad7b9f.js} +557 -140
  155. package/dist/node-esm/totp-5cad7b9f.js.map +1 -0
  156. package/dist/rn/index.js +2 -1
  157. package/dist/rn/index.js.map +1 -1
  158. package/dist/rn/internal.js +79 -48
  159. package/dist/rn/internal.js.map +1 -1
  160. package/dist/rn/{phone-2ec1815d.js → phone-5059d9ba.js} +738 -259
  161. package/dist/rn/phone-5059d9ba.js.map +1 -0
  162. package/dist/rn/src/api/authentication/email_and_password.d.ts +9 -0
  163. package/dist/rn/src/api/authentication/recaptcha.d.ts +16 -0
  164. package/dist/rn/src/api/authentication/sign_up.d.ts +4 -0
  165. package/dist/rn/src/api/errors.d.ts +9 -1
  166. package/dist/rn/src/api/index.d.ts +17 -2
  167. package/dist/rn/src/core/auth/auth_impl.d.ts +9 -1
  168. package/dist/rn/src/core/errors.d.ts +17 -1
  169. package/dist/rn/src/core/index.d.ts +26 -0
  170. package/dist/rn/src/core/util/handler.d.ts +1 -1
  171. package/dist/rn/src/core/util/log.d.ts +1 -0
  172. package/dist/rn/src/model/auth.d.ts +6 -0
  173. package/dist/rn/src/platform_browser/auth_window.d.ts +2 -2
  174. package/dist/rn/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  175. package/dist/rn/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  176. package/dist/rn/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  177. package/dist/rn/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  178. package/dist/rn/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  179. package/dist/rn/src/platform_browser/strategies/popup.d.ts +1 -1
  180. package/dist/rn/test/helpers/api/helper.d.ts +2 -0
  181. package/dist/rn/test/helpers/mock_auth.d.ts +5 -0
  182. package/dist/src/api/authentication/email_and_password.d.ts +9 -0
  183. package/dist/src/api/authentication/recaptcha.d.ts +16 -0
  184. package/dist/src/api/authentication/sign_up.d.ts +4 -0
  185. package/dist/src/api/errors.d.ts +9 -1
  186. package/dist/src/api/index.d.ts +17 -2
  187. package/dist/src/core/auth/auth_impl.d.ts +9 -1
  188. package/dist/src/core/errors.d.ts +17 -1
  189. package/dist/src/core/index.d.ts +26 -0
  190. package/dist/src/core/util/handler.d.ts +1 -1
  191. package/dist/src/core/util/log.d.ts +1 -0
  192. package/dist/src/model/auth.d.ts +6 -0
  193. package/dist/src/platform_browser/auth_window.d.ts +2 -2
  194. package/dist/src/platform_browser/recaptcha/recaptcha.d.ts +33 -0
  195. package/dist/src/platform_browser/recaptcha/recaptcha.test.d.ts +17 -0
  196. package/dist/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +40 -0
  197. package/dist/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.test.d.ts +17 -0
  198. package/dist/src/platform_browser/recaptcha/recaptcha_mock.d.ts +16 -1
  199. package/dist/src/platform_browser/strategies/popup.d.ts +1 -1
  200. package/dist/test/helpers/api/helper.d.ts +2 -0
  201. package/dist/test/helpers/mock_auth.d.ts +5 -0
  202. package/package.json +6 -6
  203. package/dist/browser-cjs/index-5859881d.js.map +0 -1
  204. package/dist/cordova/popup_redirect-3519667a.js.map +0 -1
  205. package/dist/esm2017/index-680e2b70.js.map +0 -1
  206. package/dist/esm5/index-714e827f.js.map +0 -1
  207. package/dist/node/totp-416a2adc.js.map +0 -1
  208. package/dist/node-esm/totp-c3bf2a20.js.map +0 -1
  209. package/dist/rn/phone-2ec1815d.js.map +0 -1
@@ -1,4 +1,4 @@
1
- import { ErrorFactory, deepEqual, isBrowserExtension, isMobileCordova, isReactNative, FirebaseError, querystring, getModularInstance, base64Decode, getUA, isIE, createSubscribe, querystringDecode, extractQuerystring, getDefaultEmulatorHost } from '@firebase/util';
1
+ import { ErrorFactory, isBrowserExtension, isMobileCordova, isReactNative, FirebaseError, querystring, getModularInstance, base64Decode, getUA, isIE, createSubscribe, deepEqual, querystringDecode, extractQuerystring, getDefaultEmulatorHost } from '@firebase/util';
2
2
  import { SDK_VERSION, _getProvider, _registerComponent, registerVersion, getApp } from '@firebase/app';
3
3
  import { __rest } from 'tslib';
4
4
  import { Component } from '@firebase/component';
@@ -266,7 +266,15 @@ function _debugErrorMap() {
266
266
  ["already-initialized" /* AuthErrorCode.ALREADY_INITIALIZED */]: 'initializeAuth() has already been called with ' +
267
267
  'different options. To avoid this error, call initializeAuth() with the ' +
268
268
  'same options as when it was originally called, or call getAuth() to return the' +
269
- ' already initialized instance.'
269
+ ' already initialized instance.',
270
+ ["missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */]: 'The reCAPTCHA token is missing when sending request to the backend.',
271
+ ["invalid-recaptcha-token" /* AuthErrorCode.INVALID_RECAPTCHA_TOKEN */]: 'The reCAPTCHA token is invalid when sending request to the backend.',
272
+ ["invalid-recaptcha-action" /* AuthErrorCode.INVALID_RECAPTCHA_ACTION */]: 'The reCAPTCHA action is invalid when sending request to the backend.',
273
+ ["recaptcha-not-enabled" /* AuthErrorCode.RECAPTCHA_NOT_ENABLED */]: 'reCAPTCHA Enterprise integration is not enabled for this project.',
274
+ ["missing-client-type" /* AuthErrorCode.MISSING_CLIENT_TYPE */]: 'The reCAPTCHA client type is missing when sending request to the backend.',
275
+ ["missing-recaptcha-version" /* AuthErrorCode.MISSING_RECAPTCHA_VERSION */]: 'The reCAPTCHA version is missing when sending request to the backend.',
276
+ ["invalid-req-type" /* AuthErrorCode.INVALID_REQ_TYPE */]: 'Invalid request parameters.',
277
+ ["invalid-recaptcha-version" /* AuthErrorCode.INVALID_RECAPTCHA_VERSION */]: 'The reCAPTCHA version is invalid when sending request to the backend.'
270
278
  };
271
279
  }
272
280
  function _prodErrorMap() {
@@ -402,7 +410,15 @@ const AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = {
402
410
  USER_SIGNED_OUT: 'auth/user-signed-out',
403
411
  WEAK_PASSWORD: 'auth/weak-password',
404
412
  WEB_STORAGE_UNSUPPORTED: 'auth/web-storage-unsupported',
405
- ALREADY_INITIALIZED: 'auth/already-initialized'
413
+ ALREADY_INITIALIZED: 'auth/already-initialized',
414
+ RECAPTCHA_NOT_ENABLED: 'auth/recaptcha-not-enabled',
415
+ MISSING_RECAPTCHA_TOKEN: 'auth/missing-recaptcha-token',
416
+ INVALID_RECAPTCHA_TOKEN: 'auth/invalid-recaptcha-token',
417
+ INVALID_RECAPTCHA_ACTION: 'auth/invalid-recaptcha-action',
418
+ MISSING_CLIENT_TYPE: 'auth/missing-client-type',
419
+ MISSING_RECAPTCHA_VERSION: 'auth/missing-recaptcha-version',
420
+ INVALID_RECAPTCHA_VERSION: 'auth/invalid-recaptcha-version',
421
+ INVALID_REQ_TYPE: 'auth/invalid-req-type'
406
422
  };
407
423
 
408
424
  /**
@@ -422,6 +438,11 @@ const AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = {
422
438
  * limitations under the License.
423
439
  */
424
440
  const logClient = new Logger('@firebase/auth');
441
+ function _logWarn(msg, ...args) {
442
+ if (logClient.logLevel <= LogLevel.WARN) {
443
+ logClient.warn(`Auth (${SDK_VERSION}): ${msg}`, ...args);
444
+ }
445
+ }
425
446
  function _logError(msg, ...args) {
426
447
  if (logClient.logLevel <= LogLevel.ERROR) {
427
448
  logClient.error(`Auth (${SDK_VERSION}): ${msg}`, ...args);
@@ -502,103 +523,6 @@ function debugAssert(assertion, message) {
502
523
  }
503
524
  }
504
525
 
505
- /**
506
- * @license
507
- * Copyright 2020 Google LLC
508
- *
509
- * Licensed under the Apache License, Version 2.0 (the "License");
510
- * you may not use this file except in compliance with the License.
511
- * You may obtain a copy of the License at
512
- *
513
- * http://www.apache.org/licenses/LICENSE-2.0
514
- *
515
- * Unless required by applicable law or agreed to in writing, software
516
- * distributed under the License is distributed on an "AS IS" BASIS,
517
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
518
- * See the License for the specific language governing permissions and
519
- * limitations under the License.
520
- */
521
- const instanceCache = new Map();
522
- function _getInstance(cls) {
523
- debugAssert(cls instanceof Function, 'Expected a class definition');
524
- let instance = instanceCache.get(cls);
525
- if (instance) {
526
- debugAssert(instance instanceof cls, 'Instance stored in cache mismatched with class');
527
- return instance;
528
- }
529
- instance = new cls();
530
- instanceCache.set(cls, instance);
531
- return instance;
532
- }
533
-
534
- /**
535
- * @license
536
- * Copyright 2020 Google LLC
537
- *
538
- * Licensed under the Apache License, Version 2.0 (the "License");
539
- * you may not use this file except in compliance with the License.
540
- * You may obtain a copy of the License at
541
- *
542
- * http://www.apache.org/licenses/LICENSE-2.0
543
- *
544
- * Unless required by applicable law or agreed to in writing, software
545
- * distributed under the License is distributed on an "AS IS" BASIS,
546
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
547
- * See the License for the specific language governing permissions and
548
- * limitations under the License.
549
- */
550
- /**
551
- * Initializes an {@link Auth} instance with fine-grained control over
552
- * {@link Dependencies}.
553
- *
554
- * @remarks
555
- *
556
- * This function allows more control over the {@link Auth} instance than
557
- * {@link getAuth}. `getAuth` uses platform-specific defaults to supply
558
- * the {@link Dependencies}. In general, `getAuth` is the easiest way to
559
- * initialize Auth and works for most use cases. Use `initializeAuth` if you
560
- * need control over which persistence layer is used, or to minimize bundle
561
- * size if you're not using either `signInWithPopup` or `signInWithRedirect`.
562
- *
563
- * For example, if your app only uses anonymous accounts and you only want
564
- * accounts saved for the current session, initialize `Auth` with:
565
- *
566
- * ```js
567
- * const auth = initializeAuth(app, {
568
- * persistence: browserSessionPersistence,
569
- * popupRedirectResolver: undefined,
570
- * });
571
- * ```
572
- *
573
- * @public
574
- */
575
- function initializeAuth(app, deps) {
576
- const provider = _getProvider(app, 'auth');
577
- if (provider.isInitialized()) {
578
- const auth = provider.getImmediate();
579
- const initialOptions = provider.getOptions();
580
- if (deepEqual(initialOptions, deps !== null && deps !== void 0 ? deps : {})) {
581
- return auth;
582
- }
583
- else {
584
- _fail(auth, "already-initialized" /* AuthErrorCode.ALREADY_INITIALIZED */);
585
- }
586
- }
587
- const auth = provider.initialize({ options: deps });
588
- return auth;
589
- }
590
- function _initializeAuthInstance(auth, deps) {
591
- const persistence = (deps === null || deps === void 0 ? void 0 : deps.persistence) || [];
592
- const hierarchy = (Array.isArray(persistence) ? persistence : [persistence]).map(_getInstance);
593
- if (deps === null || deps === void 0 ? void 0 : deps.errorMap) {
594
- auth._updateErrorMap(deps.errorMap);
595
- }
596
- // This promise is intended to float; auth initialization happens in the
597
- // background, meanwhile the auth object may be used by the app.
598
- // eslint-disable-next-line @typescript-eslint/no-floating-promises
599
- auth._initializeWithPersistence(hierarchy, deps === null || deps === void 0 ? void 0 : deps.popupRedirectResolver);
600
- }
601
-
602
526
  /**
603
527
  * @license
604
528
  * Copyright 2020 Google LLC
@@ -877,7 +801,16 @@ const SERVER_ERROR_MAP = {
877
801
  ["SECOND_FACTOR_EXISTS" /* ServerError.SECOND_FACTOR_EXISTS */]: "second-factor-already-in-use" /* AuthErrorCode.SECOND_FACTOR_ALREADY_ENROLLED */,
878
802
  ["SECOND_FACTOR_LIMIT_EXCEEDED" /* ServerError.SECOND_FACTOR_LIMIT_EXCEEDED */]: "maximum-second-factor-count-exceeded" /* AuthErrorCode.SECOND_FACTOR_LIMIT_EXCEEDED */,
879
803
  // Blocking functions related errors.
880
- ["BLOCKING_FUNCTION_ERROR_RESPONSE" /* ServerError.BLOCKING_FUNCTION_ERROR_RESPONSE */]: "internal-error" /* AuthErrorCode.INTERNAL_ERROR */
804
+ ["BLOCKING_FUNCTION_ERROR_RESPONSE" /* ServerError.BLOCKING_FUNCTION_ERROR_RESPONSE */]: "internal-error" /* AuthErrorCode.INTERNAL_ERROR */,
805
+ // Recaptcha related errors.
806
+ ["RECAPTCHA_NOT_ENABLED" /* ServerError.RECAPTCHA_NOT_ENABLED */]: "recaptcha-not-enabled" /* AuthErrorCode.RECAPTCHA_NOT_ENABLED */,
807
+ ["MISSING_RECAPTCHA_TOKEN" /* ServerError.MISSING_RECAPTCHA_TOKEN */]: "missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */,
808
+ ["INVALID_RECAPTCHA_TOKEN" /* ServerError.INVALID_RECAPTCHA_TOKEN */]: "invalid-recaptcha-token" /* AuthErrorCode.INVALID_RECAPTCHA_TOKEN */,
809
+ ["INVALID_RECAPTCHA_ACTION" /* ServerError.INVALID_RECAPTCHA_ACTION */]: "invalid-recaptcha-action" /* AuthErrorCode.INVALID_RECAPTCHA_ACTION */,
810
+ ["MISSING_CLIENT_TYPE" /* ServerError.MISSING_CLIENT_TYPE */]: "missing-client-type" /* AuthErrorCode.MISSING_CLIENT_TYPE */,
811
+ ["MISSING_RECAPTCHA_VERSION" /* ServerError.MISSING_RECAPTCHA_VERSION */]: "missing-recaptcha-version" /* AuthErrorCode.MISSING_RECAPTCHA_VERSION */,
812
+ ["INVALID_RECAPTCHA_VERSION" /* ServerError.INVALID_RECAPTCHA_VERSION */]: "invalid-recaptcha-version" /* AuthErrorCode.INVALID_RECAPTCHA_VERSION */,
813
+ ["INVALID_REQ_TYPE" /* ServerError.INVALID_REQ_TYPE */]: "invalid-req-type" /* AuthErrorCode.INVALID_REQ_TYPE */
881
814
  };
882
815
 
883
816
  /**
@@ -1779,6 +1712,35 @@ class UserImpl {
1779
1712
  }
1780
1713
  }
1781
1714
 
1715
+ /**
1716
+ * @license
1717
+ * Copyright 2020 Google LLC
1718
+ *
1719
+ * Licensed under the Apache License, Version 2.0 (the "License");
1720
+ * you may not use this file except in compliance with the License.
1721
+ * You may obtain a copy of the License at
1722
+ *
1723
+ * http://www.apache.org/licenses/LICENSE-2.0
1724
+ *
1725
+ * Unless required by applicable law or agreed to in writing, software
1726
+ * distributed under the License is distributed on an "AS IS" BASIS,
1727
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1728
+ * See the License for the specific language governing permissions and
1729
+ * limitations under the License.
1730
+ */
1731
+ const instanceCache = new Map();
1732
+ function _getInstance(cls) {
1733
+ debugAssert(cls instanceof Function, 'Expected a class definition');
1734
+ let instance = instanceCache.get(cls);
1735
+ if (instance) {
1736
+ debugAssert(instance instanceof cls, 'Instance stored in cache mismatched with class');
1737
+ return instance;
1738
+ }
1739
+ instance = new cls();
1740
+ instanceCache.set(cls, instance);
1741
+ return instance;
1742
+ }
1743
+
1782
1744
  /**
1783
1745
  * @license
1784
1746
  * Copyright 2019 Google LLC
@@ -2116,6 +2078,232 @@ function _getClientVersion(clientPlatform, frameworks = []) {
2116
2078
  return `${reportedPlatform}/${"JsCore" /* ClientImplementation.CORE */}/${SDK_VERSION}/${reportedFrameworks}`;
2117
2079
  }
2118
2080
 
2081
+ /**
2082
+ * @license
2083
+ * Copyright 2020 Google LLC
2084
+ *
2085
+ * Licensed under the Apache License, Version 2.0 (the "License");
2086
+ * you may not use this file except in compliance with the License.
2087
+ * You may obtain a copy of the License at
2088
+ *
2089
+ * http://www.apache.org/licenses/LICENSE-2.0
2090
+ *
2091
+ * Unless required by applicable law or agreed to in writing, software
2092
+ * distributed under the License is distributed on an "AS IS" BASIS,
2093
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2094
+ * See the License for the specific language governing permissions and
2095
+ * limitations under the License.
2096
+ */
2097
+ async function getRecaptchaConfig(auth, request) {
2098
+ return _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/recaptchaConfig" /* Endpoint.GET_RECAPTCHA_CONFIG */, _addTidIfNecessary(auth, request));
2099
+ }
2100
+
2101
+ /**
2102
+ * @license
2103
+ * Copyright 2020 Google LLC
2104
+ *
2105
+ * Licensed under the Apache License, Version 2.0 (the "License");
2106
+ * you may not use this file except in compliance with the License.
2107
+ * You may obtain a copy of the License at
2108
+ *
2109
+ * http://www.apache.org/licenses/LICENSE-2.0
2110
+ *
2111
+ * Unless required by applicable law or agreed to in writing, software
2112
+ * distributed under the License is distributed on an "AS IS" BASIS,
2113
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2114
+ * See the License for the specific language governing permissions and
2115
+ * limitations under the License.
2116
+ */
2117
+ function isEnterprise(grecaptcha) {
2118
+ return (grecaptcha !== undefined &&
2119
+ grecaptcha.enterprise !== undefined);
2120
+ }
2121
+ class RecaptchaConfig {
2122
+ constructor(response) {
2123
+ /**
2124
+ * The reCAPTCHA site key.
2125
+ */
2126
+ this.siteKey = '';
2127
+ /**
2128
+ * The reCAPTCHA enablement status of the {@link EmailAuthProvider} for the current tenant.
2129
+ */
2130
+ this.emailPasswordEnabled = false;
2131
+ if (response.recaptchaKey === undefined) {
2132
+ throw new Error('recaptchaKey undefined');
2133
+ }
2134
+ // Example response.recaptchaKey: "projects/proj123/keys/sitekey123"
2135
+ this.siteKey = response.recaptchaKey.split('/')[3];
2136
+ this.emailPasswordEnabled = response.recaptchaEnforcementState.some(enforcementState => enforcementState.provider === 'EMAIL_PASSWORD_PROVIDER' &&
2137
+ enforcementState.enforcementState !== 'OFF');
2138
+ }
2139
+ }
2140
+
2141
+ /**
2142
+ * @license
2143
+ * Copyright 2020 Google LLC
2144
+ *
2145
+ * Licensed under the Apache License, Version 2.0 (the "License");
2146
+ * you may not use this file except in compliance with the License.
2147
+ * You may obtain a copy of the License at
2148
+ *
2149
+ * http://www.apache.org/licenses/LICENSE-2.0
2150
+ *
2151
+ * Unless required by applicable law or agreed to in writing, software
2152
+ * distributed under the License is distributed on an "AS IS" BASIS,
2153
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2154
+ * See the License for the specific language governing permissions and
2155
+ * limitations under the License.
2156
+ */
2157
+ function getScriptParentElement() {
2158
+ var _a, _b;
2159
+ return (_b = (_a = document.getElementsByTagName('head')) === null || _a === void 0 ? void 0 : _a[0]) !== null && _b !== void 0 ? _b : document;
2160
+ }
2161
+ function _loadJS(url) {
2162
+ // TODO: consider adding timeout support & cancellation
2163
+ return new Promise((resolve, reject) => {
2164
+ const el = document.createElement('script');
2165
+ el.setAttribute('src', url);
2166
+ el.onload = resolve;
2167
+ el.onerror = e => {
2168
+ const error = _createError("internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
2169
+ error.customData = e;
2170
+ reject(error);
2171
+ };
2172
+ el.type = 'text/javascript';
2173
+ el.charset = 'UTF-8';
2174
+ getScriptParentElement().appendChild(el);
2175
+ });
2176
+ }
2177
+
2178
+ /* eslint-disable @typescript-eslint/no-require-imports */
2179
+ const RECAPTCHA_ENTERPRISE_URL = 'https://www.google.com/recaptcha/enterprise.js?render=';
2180
+ const RECAPTCHA_ENTERPRISE_VERIFIER_TYPE = 'recaptcha-enterprise';
2181
+ class RecaptchaEnterpriseVerifier {
2182
+ /**
2183
+ *
2184
+ * @param authExtern - The corresponding Firebase {@link Auth} instance.
2185
+ *
2186
+ */
2187
+ constructor(authExtern) {
2188
+ /**
2189
+ * Identifies the type of application verifier (e.g. "recaptcha-enterprise").
2190
+ */
2191
+ this.type = RECAPTCHA_ENTERPRISE_VERIFIER_TYPE;
2192
+ this.auth = _castAuth(authExtern);
2193
+ }
2194
+ /**
2195
+ * Executes the verification process.
2196
+ *
2197
+ * @returns A Promise for a token that can be used to assert the validity of a request.
2198
+ */
2199
+ async verify(action = 'verify', forceRefresh = false) {
2200
+ async function retrieveSiteKey(auth) {
2201
+ if (!forceRefresh) {
2202
+ if (auth.tenantId == null && auth._agentRecaptchaConfig != null) {
2203
+ return auth._agentRecaptchaConfig.siteKey;
2204
+ }
2205
+ if (auth.tenantId != null &&
2206
+ auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined) {
2207
+ return auth._tenantRecaptchaConfigs[auth.tenantId].siteKey;
2208
+ }
2209
+ }
2210
+ return new Promise(async (resolve, reject) => {
2211
+ getRecaptchaConfig(auth, {
2212
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
2213
+ version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
2214
+ })
2215
+ .then(response => {
2216
+ if (response.recaptchaKey === undefined) {
2217
+ reject(new Error('recaptcha Enterprise site key undefined'));
2218
+ }
2219
+ else {
2220
+ const config = new RecaptchaConfig(response);
2221
+ if (auth.tenantId == null) {
2222
+ auth._agentRecaptchaConfig = config;
2223
+ }
2224
+ else {
2225
+ auth._tenantRecaptchaConfigs[auth.tenantId] = config;
2226
+ }
2227
+ return resolve(config.siteKey);
2228
+ }
2229
+ })
2230
+ .catch(error => {
2231
+ reject(error);
2232
+ });
2233
+ });
2234
+ }
2235
+ function retrieveRecaptchaToken(siteKey, resolve, reject) {
2236
+ const grecaptcha = window.grecaptcha;
2237
+ if (isEnterprise(grecaptcha)) {
2238
+ grecaptcha.enterprise.ready(() => {
2239
+ try {
2240
+ grecaptcha.enterprise
2241
+ .execute(siteKey, { action })
2242
+ .then(token => {
2243
+ resolve(token);
2244
+ })
2245
+ .catch(error => {
2246
+ reject(error);
2247
+ });
2248
+ }
2249
+ catch (error) {
2250
+ reject(error);
2251
+ }
2252
+ });
2253
+ }
2254
+ else {
2255
+ reject(Error('No reCAPTCHA enterprise script loaded.'));
2256
+ }
2257
+ }
2258
+ return new Promise((resolve, reject) => {
2259
+ retrieveSiteKey(this.auth)
2260
+ .then(siteKey => {
2261
+ if (!forceRefresh && isEnterprise(window.grecaptcha)) {
2262
+ retrieveRecaptchaToken(siteKey, resolve, reject);
2263
+ }
2264
+ else {
2265
+ if (typeof window === 'undefined') {
2266
+ reject(new Error('RecaptchaVerifier is only supported in browser'));
2267
+ return;
2268
+ }
2269
+ _loadJS(RECAPTCHA_ENTERPRISE_URL + siteKey)
2270
+ .then(() => {
2271
+ retrieveRecaptchaToken(siteKey, resolve, reject);
2272
+ })
2273
+ .catch(error => {
2274
+ reject(error);
2275
+ });
2276
+ }
2277
+ })
2278
+ .catch(error => {
2279
+ reject(error);
2280
+ });
2281
+ });
2282
+ }
2283
+ }
2284
+ async function injectRecaptchaFields(auth, request, action, captchaResp = false) {
2285
+ const verifier = new RecaptchaEnterpriseVerifier(auth);
2286
+ let captchaResponse;
2287
+ try {
2288
+ captchaResponse = await verifier.verify(action);
2289
+ }
2290
+ catch (error) {
2291
+ captchaResponse = await verifier.verify(action, true);
2292
+ }
2293
+ const newRequest = Object.assign({}, request);
2294
+ if (!captchaResp) {
2295
+ Object.assign(newRequest, { captchaResponse });
2296
+ }
2297
+ else {
2298
+ Object.assign(newRequest, { 'captchaResp': captchaResponse });
2299
+ }
2300
+ Object.assign(newRequest, { 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ });
2301
+ Object.assign(newRequest, {
2302
+ 'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
2303
+ });
2304
+ return newRequest;
2305
+ }
2306
+
2119
2307
  /**
2120
2308
  * @license
2121
2309
  * Copyright 2022 Google LLC
@@ -2214,9 +2402,10 @@ class AuthMiddlewareQueue {
2214
2402
  * limitations under the License.
2215
2403
  */
2216
2404
  class AuthImpl {
2217
- constructor(app, heartbeatServiceProvider, config) {
2405
+ constructor(app, heartbeatServiceProvider, appCheckServiceProvider, config) {
2218
2406
  this.app = app;
2219
2407
  this.heartbeatServiceProvider = heartbeatServiceProvider;
2408
+ this.appCheckServiceProvider = appCheckServiceProvider;
2220
2409
  this.config = config;
2221
2410
  this.currentUser = null;
2222
2411
  this.emulatorConfig = null;
@@ -2234,6 +2423,8 @@ class AuthImpl {
2234
2423
  this._initializationPromise = null;
2235
2424
  this._popupRedirectResolver = null;
2236
2425
  this._errorFactory = _DEFAULT_AUTH_ERROR_FACTORY;
2426
+ this._agentRecaptchaConfig = null;
2427
+ this._tenantRecaptchaConfigs = {};
2237
2428
  // Tracks the last notified UID for state change listeners to prevent
2238
2429
  // repeated calls to the callbacks. Undefined means it's never been
2239
2430
  // called, whereas null means it's been called with a signed out user
@@ -2453,6 +2644,31 @@ class AuthImpl {
2453
2644
  await this.assertedPersistence.setPersistence(_getInstance(persistence));
2454
2645
  });
2455
2646
  }
2647
+ async initializeRecaptchaConfig() {
2648
+ const response = await getRecaptchaConfig(this, {
2649
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
2650
+ version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
2651
+ });
2652
+ const config = new RecaptchaConfig(response);
2653
+ if (this.tenantId == null) {
2654
+ this._agentRecaptchaConfig = config;
2655
+ }
2656
+ else {
2657
+ this._tenantRecaptchaConfigs[this.tenantId] = config;
2658
+ }
2659
+ if (config.emailPasswordEnabled) {
2660
+ const verifier = new RecaptchaEnterpriseVerifier(this);
2661
+ void verifier.verify();
2662
+ }
2663
+ }
2664
+ _getRecaptchaConfig() {
2665
+ if (this.tenantId == null) {
2666
+ return this._agentRecaptchaConfig;
2667
+ }
2668
+ else {
2669
+ return this._tenantRecaptchaConfigs[this.tenantId];
2670
+ }
2671
+ }
2456
2672
  _getPersistence() {
2457
2673
  return this.assertedPersistence.persistence.type;
2458
2674
  }
@@ -2632,8 +2848,26 @@ class AuthImpl {
2632
2848
  if (heartbeatsHeader) {
2633
2849
  headers["X-Firebase-Client" /* HttpHeader.X_FIREBASE_CLIENT */] = heartbeatsHeader;
2634
2850
  }
2851
+ // If the App Check service exists, add the App Check token in the headers
2852
+ const appCheckToken = await this._getAppCheckToken();
2853
+ if (appCheckToken) {
2854
+ headers["X-Firebase-AppCheck" /* HttpHeader.X_FIREBASE_APP_CHECK */] = appCheckToken;
2855
+ }
2635
2856
  return headers;
2636
2857
  }
2858
+ async _getAppCheckToken() {
2859
+ var _a;
2860
+ const appCheckTokenResult = await ((_a = this.appCheckServiceProvider
2861
+ .getImmediate({ optional: true })) === null || _a === void 0 ? void 0 : _a.getToken());
2862
+ if (appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.error) {
2863
+ // Context: appCheck.getToken() will never throw even if an error happened.
2864
+ // In the error case, a dummy token will be returned along with an error field describing
2865
+ // the error. In general, we shouldn't care about the error condition and just use
2866
+ // the token (actual or dummy) to send requests.
2867
+ _logWarn(`Error while retrieving App Check token: ${appCheckTokenResult.error}`);
2868
+ }
2869
+ return appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.token;
2870
+ }
2637
2871
  }
2638
2872
  /**
2639
2873
  * Method to be used to cast down to our private implmentation of Auth.
@@ -2657,6 +2891,74 @@ class Subscription {
2657
2891
  }
2658
2892
  }
2659
2893
 
2894
+ /**
2895
+ * @license
2896
+ * Copyright 2020 Google LLC
2897
+ *
2898
+ * Licensed under the Apache License, Version 2.0 (the "License");
2899
+ * you may not use this file except in compliance with the License.
2900
+ * You may obtain a copy of the License at
2901
+ *
2902
+ * http://www.apache.org/licenses/LICENSE-2.0
2903
+ *
2904
+ * Unless required by applicable law or agreed to in writing, software
2905
+ * distributed under the License is distributed on an "AS IS" BASIS,
2906
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
2907
+ * See the License for the specific language governing permissions and
2908
+ * limitations under the License.
2909
+ */
2910
+ /**
2911
+ * Initializes an {@link Auth} instance with fine-grained control over
2912
+ * {@link Dependencies}.
2913
+ *
2914
+ * @remarks
2915
+ *
2916
+ * This function allows more control over the {@link Auth} instance than
2917
+ * {@link getAuth}. `getAuth` uses platform-specific defaults to supply
2918
+ * the {@link Dependencies}. In general, `getAuth` is the easiest way to
2919
+ * initialize Auth and works for most use cases. Use `initializeAuth` if you
2920
+ * need control over which persistence layer is used, or to minimize bundle
2921
+ * size if you're not using either `signInWithPopup` or `signInWithRedirect`.
2922
+ *
2923
+ * For example, if your app only uses anonymous accounts and you only want
2924
+ * accounts saved for the current session, initialize `Auth` with:
2925
+ *
2926
+ * ```js
2927
+ * const auth = initializeAuth(app, {
2928
+ * persistence: browserSessionPersistence,
2929
+ * popupRedirectResolver: undefined,
2930
+ * });
2931
+ * ```
2932
+ *
2933
+ * @public
2934
+ */
2935
+ function initializeAuth(app, deps) {
2936
+ const provider = _getProvider(app, 'auth');
2937
+ if (provider.isInitialized()) {
2938
+ const auth = provider.getImmediate();
2939
+ const initialOptions = provider.getOptions();
2940
+ if (deepEqual(initialOptions, deps !== null && deps !== void 0 ? deps : {})) {
2941
+ return auth;
2942
+ }
2943
+ else {
2944
+ _fail(auth, "already-initialized" /* AuthErrorCode.ALREADY_INITIALIZED */);
2945
+ }
2946
+ }
2947
+ const auth = provider.initialize({ options: deps });
2948
+ return auth;
2949
+ }
2950
+ function _initializeAuthInstance(auth, deps) {
2951
+ const persistence = (deps === null || deps === void 0 ? void 0 : deps.persistence) || [];
2952
+ const hierarchy = (Array.isArray(persistence) ? persistence : [persistence]).map(_getInstance);
2953
+ if (deps === null || deps === void 0 ? void 0 : deps.errorMap) {
2954
+ auth._updateErrorMap(deps.errorMap);
2955
+ }
2956
+ // This promise is intended to float; auth initialization happens in the
2957
+ // background, meanwhile the auth object may be used by the app.
2958
+ // eslint-disable-next-line @typescript-eslint/no-floating-promises
2959
+ auth._initializeWithPersistence(hierarchy, deps === null || deps === void 0 ? void 0 : deps.popupRedirectResolver);
2960
+ }
2961
+
2660
2962
  /**
2661
2963
  * Changes the {@link Auth} instance to communicate with the Firebase Auth Emulator, instead of production
2662
2964
  * Firebase Auth services.
@@ -2996,13 +3298,31 @@ class EmailAuthCredential extends AuthCredential {
2996
3298
  }
2997
3299
  /** @internal */
2998
3300
  async _getIdTokenResponse(auth) {
3301
+ var _a;
2999
3302
  switch (this.signInMethod) {
3000
3303
  case "password" /* SignInMethod.EMAIL_PASSWORD */:
3001
- return signInWithPassword(auth, {
3304
+ const request = {
3002
3305
  returnSecureToken: true,
3003
3306
  email: this._email,
3004
- password: this._password
3005
- });
3307
+ password: this._password,
3308
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
3309
+ };
3310
+ if ((_a = auth._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled) {
3311
+ const requestWithRecaptcha = await injectRecaptchaFields(auth, request, "signInWithPassword" /* RecaptchaActionName.SIGN_IN_WITH_PASSWORD */);
3312
+ return signInWithPassword(auth, requestWithRecaptcha);
3313
+ }
3314
+ else {
3315
+ return signInWithPassword(auth, request).catch(async (error) => {
3316
+ if (error.code === `auth/${"missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */}`) {
3317
+ console.log('Sign-in with email address and password is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-in flow.');
3318
+ const requestWithRecaptcha = await injectRecaptchaFields(auth, request, "signInWithPassword" /* RecaptchaActionName.SIGN_IN_WITH_PASSWORD */);
3319
+ return signInWithPassword(auth, requestWithRecaptcha);
3320
+ }
3321
+ else {
3322
+ return Promise.reject(error);
3323
+ }
3324
+ });
3325
+ }
3006
3326
  case "emailLink" /* SignInMethod.EMAIL_LINK */:
3007
3327
  return signInWithEmailLink$1(auth, {
3008
3328
  email: this._email,
@@ -4958,15 +5278,39 @@ function _setActionCodeSettingsOnRequest(auth, request, actionCodeSettings) {
4958
5278
  * @public
4959
5279
  */
4960
5280
  async function sendPasswordResetEmail(auth, email, actionCodeSettings) {
4961
- const authModular = getModularInstance(auth);
5281
+ var _a;
5282
+ const authInternal = _castAuth(auth);
4962
5283
  const request = {
4963
5284
  requestType: "PASSWORD_RESET" /* ActionCodeOperation.PASSWORD_RESET */,
4964
- email
5285
+ email,
5286
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
4965
5287
  };
4966
- if (actionCodeSettings) {
4967
- _setActionCodeSettingsOnRequest(authModular, request, actionCodeSettings);
5288
+ if ((_a = authInternal._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled) {
5289
+ const requestWithRecaptcha = await injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true);
5290
+ if (actionCodeSettings) {
5291
+ _setActionCodeSettingsOnRequest(authInternal, requestWithRecaptcha, actionCodeSettings);
5292
+ }
5293
+ await sendPasswordResetEmail$1(authInternal, requestWithRecaptcha);
5294
+ }
5295
+ else {
5296
+ if (actionCodeSettings) {
5297
+ _setActionCodeSettingsOnRequest(authInternal, request, actionCodeSettings);
5298
+ }
5299
+ await sendPasswordResetEmail$1(authInternal, request)
5300
+ .catch(async (error) => {
5301
+ if (error.code === `auth/${"missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */}`) {
5302
+ console.log('Password resets are protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the password reset flow.');
5303
+ const requestWithRecaptcha = await injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true);
5304
+ if (actionCodeSettings) {
5305
+ _setActionCodeSettingsOnRequest(authInternal, requestWithRecaptcha, actionCodeSettings);
5306
+ }
5307
+ await sendPasswordResetEmail$1(authInternal, requestWithRecaptcha);
5308
+ }
5309
+ else {
5310
+ return Promise.reject(error);
5311
+ }
5312
+ });
4968
5313
  }
4969
- await sendPasswordResetEmail$1(authModular, request);
4970
5314
  }
4971
5315
  /**
4972
5316
  * Completes the password reset process, given a confirmation code and new password.
@@ -5079,11 +5423,33 @@ async function verifyPasswordResetCode(auth, code) {
5079
5423
  * @public
5080
5424
  */
5081
5425
  async function createUserWithEmailAndPassword(auth, email, password) {
5426
+ var _a;
5082
5427
  const authInternal = _castAuth(auth);
5083
- const response = await signUp(authInternal, {
5428
+ const request = {
5084
5429
  returnSecureToken: true,
5085
5430
  email,
5086
- password
5431
+ password,
5432
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
5433
+ };
5434
+ let signUpResponse;
5435
+ if ((_a = authInternal._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled) {
5436
+ const requestWithRecaptcha = await injectRecaptchaFields(authInternal, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */);
5437
+ signUpResponse = signUp(authInternal, requestWithRecaptcha);
5438
+ }
5439
+ else {
5440
+ signUpResponse = signUp(authInternal, request).catch(async (error) => {
5441
+ if (error.code === `auth/${"missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */}`) {
5442
+ console.log('Sign-up is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-up flow.');
5443
+ const requestWithRecaptcha = await injectRecaptchaFields(authInternal, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */);
5444
+ return signUp(authInternal, requestWithRecaptcha);
5445
+ }
5446
+ else {
5447
+ return Promise.reject(error);
5448
+ }
5449
+ });
5450
+ }
5451
+ const response = await signUpResponse.catch(error => {
5452
+ return Promise.reject(error);
5087
5453
  });
5088
5454
  const userCredential = await UserCredentialImpl._fromIdTokenResponse(authInternal, "signIn" /* OperationType.SIGN_IN */, response);
5089
5455
  await authInternal._updateCurrentUser(userCredential.user);
@@ -5164,16 +5530,39 @@ function signInWithEmailAndPassword(auth, email, password) {
5164
5530
  * @public
5165
5531
  */
5166
5532
  async function sendSignInLinkToEmail(auth, email, actionCodeSettings) {
5167
- const authModular = getModularInstance(auth);
5533
+ var _a;
5534
+ const authInternal = _castAuth(auth);
5168
5535
  const request = {
5169
5536
  requestType: "EMAIL_SIGNIN" /* ActionCodeOperation.EMAIL_SIGNIN */,
5170
- email
5537
+ email,
5538
+ clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
5171
5539
  };
5172
- _assert(actionCodeSettings.handleCodeInApp, authModular, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
5173
- if (actionCodeSettings) {
5174
- _setActionCodeSettingsOnRequest(authModular, request, actionCodeSettings);
5540
+ function setActionCodeSettings(request, actionCodeSettings) {
5541
+ _assert(actionCodeSettings.handleCodeInApp, authInternal, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
5542
+ if (actionCodeSettings) {
5543
+ _setActionCodeSettingsOnRequest(authInternal, request, actionCodeSettings);
5544
+ }
5545
+ }
5546
+ if ((_a = authInternal._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled) {
5547
+ const requestWithRecaptcha = await injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true);
5548
+ setActionCodeSettings(requestWithRecaptcha, actionCodeSettings);
5549
+ await sendSignInLinkToEmail$1(authInternal, requestWithRecaptcha);
5550
+ }
5551
+ else {
5552
+ setActionCodeSettings(request, actionCodeSettings);
5553
+ await sendSignInLinkToEmail$1(authInternal, request)
5554
+ .catch(async (error) => {
5555
+ if (error.code === `auth/${"missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */}`) {
5556
+ console.log('Email link sign-in is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-in flow.');
5557
+ const requestWithRecaptcha = await injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true);
5558
+ setActionCodeSettings(requestWithRecaptcha, actionCodeSettings);
5559
+ await sendSignInLinkToEmail$1(authInternal, requestWithRecaptcha);
5560
+ }
5561
+ else {
5562
+ return Promise.reject(error);
5563
+ }
5564
+ });
5175
5565
  }
5176
- await sendSignInLinkToEmail$1(authModular, request);
5177
5566
  }
5178
5567
  /**
5179
5568
  * Checks if an incoming link is a sign-in with email link suitable for {@link signInWithEmailLink}.
@@ -5668,6 +6057,35 @@ function getAdditionalUserInfo(userCredential) {
5668
6057
  function setPersistence(auth, persistence) {
5669
6058
  return getModularInstance(auth).setPersistence(persistence);
5670
6059
  }
6060
+ /**
6061
+ * Loads the reCAPTCHA configuration into the `Auth` instance.
6062
+ *
6063
+ * @remarks
6064
+ * This will load the reCAPTCHA config, which indicates whether the reCAPTCHA
6065
+ * verification flow should be triggered for each auth provider, into the
6066
+ * current Auth session.
6067
+ *
6068
+ * If initializeRecaptchaConfig() is not invoked, the auth flow will always start
6069
+ * without reCAPTCHA verification. If the provider is configured to require reCAPTCHA
6070
+ * verification, the SDK will transparently load the reCAPTCHA config and restart the
6071
+ * auth flows.
6072
+ *
6073
+ * Thus, by calling this optional method, you will reduce the latency of future auth flows.
6074
+ * Loading the reCAPTCHA config early will also enhance the signal collected by reCAPTCHA.
6075
+ *
6076
+ * @example
6077
+ * ```javascript
6078
+ * initializeRecaptchaConfig(auth);
6079
+ * ```
6080
+ *
6081
+ * @param auth - The {@link Auth} instance.
6082
+ *
6083
+ * @public
6084
+ */
6085
+ function initializeRecaptchaConfig(auth) {
6086
+ const authInternal = _castAuth(auth);
6087
+ return authInternal.initializeRecaptchaConfig();
6088
+ }
5671
6089
  /**
5672
6090
  * Adds an observer for changes to the signed-in user's ID token.
5673
6091
  *
@@ -5981,7 +6399,7 @@ function multiFactor(user) {
5981
6399
  }
5982
6400
 
5983
6401
  var name = "@firebase/auth";
5984
- var version = "0.22.0";
6402
+ var version = "0.23.0-canary.0a27d2fbf";
5985
6403
 
5986
6404
  /**
5987
6405
  * @license
@@ -6087,26 +6505,25 @@ function registerAuth(clientPlatform) {
6087
6505
  _registerComponent(new Component("auth" /* _ComponentName.AUTH */, (container, { options: deps }) => {
6088
6506
  const app = container.getProvider('app').getImmediate();
6089
6507
  const heartbeatServiceProvider = container.getProvider('heartbeat');
6508
+ const appCheckServiceProvider = container.getProvider('app-check-internal');
6090
6509
  const { apiKey, authDomain } = app.options;
6091
- return ((app, heartbeatServiceProvider) => {
6092
- _assert(apiKey && !apiKey.includes(':'), "invalid-api-key" /* AuthErrorCode.INVALID_API_KEY */, { appName: app.name });
6093
- // Auth domain is optional if IdP sign in isn't being used
6094
- _assert(!(authDomain === null || authDomain === void 0 ? void 0 : authDomain.includes(':')), "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */, {
6095
- appName: app.name
6096
- });
6097
- const config = {
6098
- apiKey,
6099
- authDomain,
6100
- clientPlatform,
6101
- apiHost: "identitytoolkit.googleapis.com" /* DefaultConfig.API_HOST */,
6102
- tokenApiHost: "securetoken.googleapis.com" /* DefaultConfig.TOKEN_API_HOST */,
6103
- apiScheme: "https" /* DefaultConfig.API_SCHEME */,
6104
- sdkClientVersion: _getClientVersion(clientPlatform)
6105
- };
6106
- const authInstance = new AuthImpl(app, heartbeatServiceProvider, config);
6107
- _initializeAuthInstance(authInstance, deps);
6108
- return authInstance;
6109
- })(app, heartbeatServiceProvider);
6510
+ _assert(apiKey && !apiKey.includes(':'), "invalid-api-key" /* AuthErrorCode.INVALID_API_KEY */, { appName: app.name });
6511
+ // Auth domain is optional if IdP sign in isn't being used
6512
+ _assert(!(authDomain === null || authDomain === void 0 ? void 0 : authDomain.includes(':')), "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */, {
6513
+ appName: app.name
6514
+ });
6515
+ const config = {
6516
+ apiKey,
6517
+ authDomain,
6518
+ clientPlatform,
6519
+ apiHost: "identitytoolkit.googleapis.com" /* DefaultConfig.API_HOST */,
6520
+ tokenApiHost: "securetoken.googleapis.com" /* DefaultConfig.TOKEN_API_HOST */,
6521
+ apiScheme: "https" /* DefaultConfig.API_SCHEME */,
6522
+ sdkClientVersion: _getClientVersion(clientPlatform)
6523
+ };
6524
+ const authInstance = new AuthImpl(app, heartbeatServiceProvider, appCheckServiceProvider, config);
6525
+ _initializeAuthInstance(authInstance, deps);
6526
+ return authInstance;
6110
6527
  }, "PUBLIC" /* ComponentType.PUBLIC */)
6111
6528
  /**
6112
6529
  * Auth can only be initialized by explicitly calling getAuth() or initializeAuth()
@@ -6394,5 +6811,5 @@ function _isEmptyString(input) {
6394
6811
  return typeof input === 'undefined' || (input === null || input === void 0 ? void 0 : input.length) === 0;
6395
6812
  }
6396
6813
 
6397
- export { linkWithCredential as $, ActionCodeOperation as A, deleteUser as B, debugErrorMap as C, prodErrorMap as D, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as E, FactorId as F, initializeAuth as G, connectAuthEmulator as H, AuthCredential as I, EmailAuthCredential as J, OAuthCredential as K, PhoneAuthCredential as L, inMemoryPersistence as M, EmailAuthProvider as N, OperationType as O, PhoneAuthProvider as P, FacebookAuthProvider as Q, RecaptchaVerifier as R, SignInMethod as S, TotpMultiFactorGenerator as T, GoogleAuthProvider as U, GithubAuthProvider as V, OAuthProvider as W, SAMLAuthProvider as X, TwitterAuthProvider as Y, signInAnonymously as Z, signInWithCredential as _, browserSessionPersistence as a, reauthenticateWithCredential as a0, signInWithCustomToken as a1, sendPasswordResetEmail as a2, confirmPasswordReset as a3, applyActionCode as a4, checkActionCode as a5, verifyPasswordResetCode as a6, createUserWithEmailAndPassword as a7, signInWithEmailAndPassword as a8, sendSignInLinkToEmail as a9, _castAuth as aA, FederatedAuthProvider as aB, BaseOAuthProvider as aC, _emulatorUrl as aD, _performApiRequest as aE, _isIOS as aF, _isAndroid as aG, _isIOS7Or8 as aH, _createError as aI, _isIframe as aJ, _isMobileBrowser as aK, _isIE10 as aL, _isSafari as aM, UserImpl as aN, AuthImpl as aO, _getClientVersion as aP, FetchProvider as aQ, SAMLAuthCredential as aR, isSignInWithEmailLink as aa, signInWithEmailLink as ab, fetchSignInMethodsForEmail as ac, sendEmailVerification as ad, verifyBeforeUpdateEmail as ae, ActionCodeURL as af, parseActionCodeURL as ag, updateProfile as ah, updateEmail as ai, updatePassword as aj, getIdToken as ak, getIdTokenResult as al, unlink as am, getAdditionalUserInfo as an, reload as ao, getMultiFactorResolver as ap, multiFactor as aq, _getInstance as ar, _assert as as, _signInWithCredential as at, _reauthenticate as au, _link as av, signInWithIdp as aw, _fail as ax, debugAssert as ay, _persistenceKeyName as az, browserLocalPersistence as b, signInWithPopup as c, linkWithPopup as d, reauthenticateWithPopup as e, signInWithRedirect as f, linkWithRedirect as g, reauthenticateWithRedirect as h, indexedDBLocalPersistence as i, getRedirectResult as j, browserPopupRedirectResolver as k, linkWithPhoneNumber as l, PhoneMultiFactorGenerator as m, TotpSecret as n, getAuth as o, ProviderId as p, setPersistence as q, reauthenticateWithPhoneNumber as r, signInWithPhoneNumber as s, onIdTokenChanged as t, updatePhoneNumber as u, beforeAuthStateChanged as v, onAuthStateChanged as w, useDeviceLanguage as x, updateCurrentUser as y, signOut as z };
6398
- //# sourceMappingURL=totp-c3bf2a20.js.map
6814
+ export { signInWithCredential as $, ActionCodeOperation as A, signOut as B, deleteUser as C, debugErrorMap as D, prodErrorMap as E, FactorId as F, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as G, initializeAuth as H, connectAuthEmulator as I, AuthCredential as J, EmailAuthCredential as K, OAuthCredential as L, PhoneAuthCredential as M, inMemoryPersistence as N, OperationType as O, PhoneAuthProvider as P, EmailAuthProvider as Q, RecaptchaVerifier as R, SignInMethod as S, TotpMultiFactorGenerator as T, FacebookAuthProvider as U, GoogleAuthProvider as V, GithubAuthProvider as W, OAuthProvider as X, SAMLAuthProvider as Y, TwitterAuthProvider as Z, signInAnonymously as _, browserSessionPersistence as a, linkWithCredential as a0, reauthenticateWithCredential as a1, signInWithCustomToken as a2, sendPasswordResetEmail as a3, confirmPasswordReset as a4, applyActionCode as a5, checkActionCode as a6, verifyPasswordResetCode as a7, createUserWithEmailAndPassword as a8, signInWithEmailAndPassword as a9, _persistenceKeyName as aA, _castAuth as aB, FederatedAuthProvider as aC, BaseOAuthProvider as aD, _emulatorUrl as aE, _performApiRequest as aF, _isIOS as aG, _isAndroid as aH, _isIOS7Or8 as aI, _createError as aJ, _isIframe as aK, _isMobileBrowser as aL, _isIE10 as aM, _isSafari as aN, UserImpl as aO, AuthImpl as aP, _getClientVersion as aQ, FetchProvider as aR, SAMLAuthCredential as aS, sendSignInLinkToEmail as aa, isSignInWithEmailLink as ab, signInWithEmailLink as ac, fetchSignInMethodsForEmail as ad, sendEmailVerification as ae, verifyBeforeUpdateEmail as af, ActionCodeURL as ag, parseActionCodeURL as ah, updateProfile as ai, updateEmail as aj, updatePassword as ak, getIdToken as al, getIdTokenResult as am, unlink as an, getAdditionalUserInfo as ao, reload as ap, getMultiFactorResolver as aq, multiFactor as ar, _getInstance as as, _assert as at, _signInWithCredential as au, _reauthenticate as av, _link as aw, signInWithIdp as ax, _fail as ay, debugAssert as az, browserLocalPersistence as b, signInWithPopup as c, linkWithPopup as d, reauthenticateWithPopup as e, signInWithRedirect as f, linkWithRedirect as g, reauthenticateWithRedirect as h, indexedDBLocalPersistence as i, getRedirectResult as j, browserPopupRedirectResolver as k, linkWithPhoneNumber as l, PhoneMultiFactorGenerator as m, TotpSecret as n, getAuth as o, ProviderId as p, setPersistence as q, reauthenticateWithPhoneNumber as r, signInWithPhoneNumber as s, initializeRecaptchaConfig as t, updatePhoneNumber as u, onIdTokenChanged as v, beforeAuthStateChanged as w, onAuthStateChanged as x, useDeviceLanguage as y, updateCurrentUser as z };
6815
+ //# sourceMappingURL=totp-5cad7b9f.js.map