@firebase/auth 1.1.0-canary.e037eeed6 → 1.1.0-canary.f497a400a
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +28 -1
- package/dist/auth-public.d.ts +119 -0
- package/dist/auth.d.ts +179 -2
- package/dist/browser-cjs/{index-1a2a2779.js → index-316b8221.js} +548 -274
- package/dist/browser-cjs/index-316b8221.js.map +1 -0
- package/dist/browser-cjs/index.js +3 -2
- package/dist/browser-cjs/index.js.map +1 -1
- package/dist/browser-cjs/internal.js +3 -2
- package/dist/browser-cjs/internal.js.map +1 -1
- package/dist/browser-cjs/src/api/errors.d.ts +2 -1
- package/dist/browser-cjs/src/api/index.d.ts +2 -1
- package/dist/browser-cjs/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/browser-cjs/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/browser-cjs/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/browser-cjs/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/browser-cjs/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/browser-cjs/src/core/errors.d.ts +3 -1
- package/dist/browser-cjs/src/core/index.d.ts +25 -1
- package/dist/browser-cjs/src/model/auth.d.ts +7 -2
- package/dist/browser-cjs/src/model/password_policy.d.ts +111 -0
- package/dist/browser-cjs/src/model/public_types.d.ts +88 -0
- package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/browser-cjs/src/platform_node/index.d.ts +1 -0
- package/dist/browser-cjs/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/browser-cjs/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/cordova/index.js +2 -2
- package/dist/cordova/internal.js +2 -2
- package/dist/cordova/{popup_redirect-8599967b.js → popup_redirect-2410e07a.js} +737 -413
- package/dist/cordova/popup_redirect-2410e07a.js.map +1 -0
- package/dist/cordova/src/api/errors.d.ts +2 -1
- package/dist/cordova/src/api/index.d.ts +2 -1
- package/dist/cordova/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/cordova/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/cordova/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/cordova/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/cordova/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/cordova/src/core/errors.d.ts +3 -1
- package/dist/cordova/src/core/index.d.ts +25 -1
- package/dist/cordova/src/model/auth.d.ts +7 -2
- package/dist/cordova/src/model/password_policy.d.ts +111 -0
- package/dist/cordova/src/model/public_types.d.ts +88 -0
- package/dist/cordova/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/cordova/src/platform_node/index.d.ts +1 -0
- package/dist/cordova/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/cordova/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/esm2017/{index-f8a66098.js → index-9be3d514.js} +548 -275
- package/dist/esm2017/index-9be3d514.js.map +1 -0
- package/dist/esm2017/index.js +2 -2
- package/dist/esm2017/internal.js +3 -3
- package/dist/esm2017/src/api/errors.d.ts +2 -1
- package/dist/esm2017/src/api/index.d.ts +2 -1
- package/dist/esm2017/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/esm2017/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/esm2017/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/esm2017/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/esm2017/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/esm2017/src/core/errors.d.ts +3 -1
- package/dist/esm2017/src/core/index.d.ts +25 -1
- package/dist/esm2017/src/model/auth.d.ts +7 -2
- package/dist/esm2017/src/model/password_policy.d.ts +111 -0
- package/dist/esm2017/src/model/public_types.d.ts +88 -0
- package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/esm2017/src/platform_node/index.d.ts +1 -0
- package/dist/esm2017/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/esm2017/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/esm5/{index-fdb9efbb.js → index-4ab2fcdf.js} +737 -413
- package/dist/esm5/index-4ab2fcdf.js.map +1 -0
- package/dist/esm5/index.js +1 -1
- package/dist/esm5/internal.js +2 -2
- package/dist/esm5/src/api/errors.d.ts +2 -1
- package/dist/esm5/src/api/index.d.ts +2 -1
- package/dist/esm5/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/esm5/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/esm5/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/esm5/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/esm5/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/esm5/src/core/errors.d.ts +3 -1
- package/dist/esm5/src/core/index.d.ts +25 -1
- package/dist/esm5/src/model/auth.d.ts +7 -2
- package/dist/esm5/src/model/password_policy.d.ts +111 -0
- package/dist/esm5/src/model/public_types.d.ts +88 -0
- package/dist/esm5/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/esm5/src/platform_node/index.d.ts +1 -0
- package/dist/esm5/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/esm5/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/index.webworker.esm5.js +811 -487
- package/dist/index.webworker.esm5.js.map +1 -1
- package/dist/node/index.js +2 -1
- package/dist/node/index.js.map +1 -1
- package/dist/node/internal.js +2 -1
- package/dist/node/internal.js.map +1 -1
- package/dist/node/src/api/errors.d.ts +2 -1
- package/dist/node/src/api/index.d.ts +2 -1
- package/dist/node/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/node/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/node/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/node/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/node/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/node/src/core/errors.d.ts +3 -1
- package/dist/node/src/core/index.d.ts +25 -1
- package/dist/node/src/model/auth.d.ts +7 -2
- package/dist/node/src/model/password_policy.d.ts +111 -0
- package/dist/node/src/model/public_types.d.ts +88 -0
- package/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/node/src/platform_node/index.d.ts +1 -0
- package/dist/node/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/node/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/node/{totp-7ea0acc9.js → totp-4cc8bac4.js} +700 -375
- package/dist/node/totp-4cc8bac4.js.map +1 -0
- package/dist/node-esm/index.js +1 -1
- package/dist/node-esm/internal.js +2 -2
- package/dist/node-esm/src/api/errors.d.ts +2 -1
- package/dist/node-esm/src/api/index.d.ts +2 -1
- package/dist/node-esm/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/node-esm/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/node-esm/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/node-esm/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/node-esm/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/node-esm/src/core/errors.d.ts +3 -1
- package/dist/node-esm/src/core/index.d.ts +25 -1
- package/dist/node-esm/src/model/auth.d.ts +7 -2
- package/dist/node-esm/src/model/password_policy.d.ts +111 -0
- package/dist/node-esm/src/model/public_types.d.ts +88 -0
- package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/node-esm/src/platform_node/index.d.ts +1 -0
- package/dist/node-esm/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/node-esm/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/node-esm/{totp-af1856f8.js → totp-79809646.js} +540 -267
- package/dist/node-esm/totp-79809646.js.map +1 -0
- package/dist/rn/index.js +2 -1
- package/dist/rn/index.js.map +1 -1
- package/dist/rn/internal.js +2 -1
- package/dist/rn/internal.js.map +1 -1
- package/dist/rn/{phone-a321ec79.js → phone-87fdb2ba.js} +717 -392
- package/dist/rn/phone-87fdb2ba.js.map +1 -0
- package/dist/rn/src/api/errors.d.ts +2 -1
- package/dist/rn/src/api/index.d.ts +2 -1
- package/dist/rn/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/rn/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/rn/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/rn/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/rn/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/rn/src/core/errors.d.ts +3 -1
- package/dist/rn/src/core/index.d.ts +25 -1
- package/dist/rn/src/model/auth.d.ts +7 -2
- package/dist/rn/src/model/password_policy.d.ts +111 -0
- package/dist/rn/src/model/public_types.d.ts +88 -0
- package/dist/rn/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/rn/src/platform_node/index.d.ts +1 -0
- package/dist/rn/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/rn/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/src/api/errors.d.ts +2 -1
- package/dist/src/api/index.d.ts +2 -1
- package/dist/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/src/core/errors.d.ts +3 -1
- package/dist/src/core/index.d.ts +25 -1
- package/dist/src/model/auth.d.ts +7 -2
- package/dist/src/model/password_policy.d.ts +111 -0
- package/dist/src/model/public_types.d.ts +88 -0
- package/dist/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/src/platform_node/index.d.ts +1 -0
- package/dist/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/test/integration/flows/password_policy.test.d.ts +17 -0
- package/package.json +6 -6
- package/dist/browser-cjs/index-1a2a2779.js.map +0 -1
- package/dist/cordova/popup_redirect-8599967b.js.map +0 -1
- package/dist/esm2017/index-f8a66098.js.map +0 -1
- package/dist/esm5/index-fdb9efbb.js.map +0 -1
- package/dist/node/totp-7ea0acc9.js.map +0 -1
- package/dist/node-esm/totp-af1856f8.js.map +0 -1
- package/dist/rn/phone-a321ec79.js.map +0 -1
|
@@ -6,6 +6,53 @@ var app = require('@firebase/app');
|
|
|
6
6
|
var component = require('@firebase/component');
|
|
7
7
|
var logger = require('@firebase/logger');
|
|
8
8
|
|
|
9
|
+
/**
|
|
10
|
+
* @license
|
|
11
|
+
* Copyright 2020 Google LLC
|
|
12
|
+
*
|
|
13
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
14
|
+
* you may not use this file except in compliance with the License.
|
|
15
|
+
* You may obtain a copy of the License at
|
|
16
|
+
*
|
|
17
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
18
|
+
*
|
|
19
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
20
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
21
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
22
|
+
* See the License for the specific language governing permissions and
|
|
23
|
+
* limitations under the License.
|
|
24
|
+
*/
|
|
25
|
+
function isV2(grecaptcha) {
|
|
26
|
+
return (grecaptcha !== undefined &&
|
|
27
|
+
grecaptcha.getResponse !== undefined);
|
|
28
|
+
}
|
|
29
|
+
function isEnterprise(grecaptcha) {
|
|
30
|
+
return (grecaptcha !== undefined &&
|
|
31
|
+
grecaptcha.enterprise !== undefined);
|
|
32
|
+
}
|
|
33
|
+
var RecaptchaConfig = /** @class */ (function () {
|
|
34
|
+
function RecaptchaConfig(response) {
|
|
35
|
+
/**
|
|
36
|
+
* The reCAPTCHA site key.
|
|
37
|
+
*/
|
|
38
|
+
this.siteKey = '';
|
|
39
|
+
/**
|
|
40
|
+
* The reCAPTCHA enablement status of the {@link EmailAuthProvider} for the current tenant.
|
|
41
|
+
*/
|
|
42
|
+
this.emailPasswordEnabled = false;
|
|
43
|
+
if (response.recaptchaKey === undefined) {
|
|
44
|
+
throw new Error('recaptchaKey undefined');
|
|
45
|
+
}
|
|
46
|
+
// Example response.recaptchaKey: "projects/proj123/keys/sitekey123"
|
|
47
|
+
this.siteKey = response.recaptchaKey.split('/')[3];
|
|
48
|
+
this.emailPasswordEnabled = response.recaptchaEnforcementState.some(function (enforcementState) {
|
|
49
|
+
return enforcementState.provider === 'EMAIL_PASSWORD_PROVIDER' &&
|
|
50
|
+
enforcementState.enforcementState !== 'OFF';
|
|
51
|
+
});
|
|
52
|
+
}
|
|
53
|
+
return RecaptchaConfig;
|
|
54
|
+
}());
|
|
55
|
+
|
|
9
56
|
/**
|
|
10
57
|
* @license
|
|
11
58
|
* Copyright 2020 Google LLC
|
|
@@ -178,6 +225,8 @@ function _debugErrorMap() {
|
|
|
178
225
|
_a["missing-recaptcha-version" /* AuthErrorCode.MISSING_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is missing when sending request to the backend.',
|
|
179
226
|
_a["invalid-req-type" /* AuthErrorCode.INVALID_REQ_TYPE */] = 'Invalid request parameters.',
|
|
180
227
|
_a["invalid-recaptcha-version" /* AuthErrorCode.INVALID_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is invalid when sending request to the backend.',
|
|
228
|
+
_a["unsupported-password-policy-schema-version" /* AuthErrorCode.UNSUPPORTED_PASSWORD_POLICY_SCHEMA_VERSION */] = 'The password policy received from the backend uses a schema version that is not supported by this version of the Firebase SDK.',
|
|
229
|
+
_a["password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */] = 'The password does not meet the requirements.',
|
|
181
230
|
_a;
|
|
182
231
|
}
|
|
183
232
|
function _prodErrorMap() {
|
|
@@ -723,6 +772,7 @@ var SERVER_ERROR_MAP = (_a$1 = {},
|
|
|
723
772
|
_a$1["USER_NOT_FOUND" /* ServerError.USER_NOT_FOUND */] = "user-token-expired" /* AuthErrorCode.TOKEN_EXPIRED */,
|
|
724
773
|
// Other errors.
|
|
725
774
|
_a$1["TOO_MANY_ATTEMPTS_TRY_LATER" /* ServerError.TOO_MANY_ATTEMPTS_TRY_LATER */] = "too-many-requests" /* AuthErrorCode.TOO_MANY_ATTEMPTS_TRY_LATER */,
|
|
775
|
+
_a$1["PASSWORD_DOES_NOT_MEET_REQUIREMENTS" /* ServerError.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */] = "password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */,
|
|
726
776
|
// Phone Auth related errors.
|
|
727
777
|
_a$1["INVALID_CODE" /* ServerError.INVALID_CODE */] = "invalid-verification-code" /* AuthErrorCode.INVALID_CODE */,
|
|
728
778
|
_a$1["INVALID_SESSION_INFO" /* ServerError.INVALID_SESSION_INFO */] = "invalid-verification-id" /* AuthErrorCode.INVALID_SESSION_INFO */,
|
|
@@ -948,6 +998,40 @@ function _makeTaggedError(auth, code, response) {
|
|
|
948
998
|
return error;
|
|
949
999
|
}
|
|
950
1000
|
|
|
1001
|
+
/**
|
|
1002
|
+
* @license
|
|
1003
|
+
* Copyright 2020 Google LLC
|
|
1004
|
+
*
|
|
1005
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
1006
|
+
* you may not use this file except in compliance with the License.
|
|
1007
|
+
* You may obtain a copy of the License at
|
|
1008
|
+
*
|
|
1009
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
1010
|
+
*
|
|
1011
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
1012
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
1013
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
1014
|
+
* See the License for the specific language governing permissions and
|
|
1015
|
+
* limitations under the License.
|
|
1016
|
+
*/
|
|
1017
|
+
function getRecaptchaParams(auth) {
|
|
1018
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
1019
|
+
return tslib.__generator(this, function (_a) {
|
|
1020
|
+
switch (_a.label) {
|
|
1021
|
+
case 0: return [4 /*yield*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v1/recaptchaParams" /* Endpoint.GET_RECAPTCHA_PARAM */)];
|
|
1022
|
+
case 1: return [2 /*return*/, ((_a.sent()).recaptchaSiteKey || '')];
|
|
1023
|
+
}
|
|
1024
|
+
});
|
|
1025
|
+
});
|
|
1026
|
+
}
|
|
1027
|
+
function getRecaptchaConfig(auth, request) {
|
|
1028
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
1029
|
+
return tslib.__generator(this, function (_a) {
|
|
1030
|
+
return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/recaptchaConfig" /* Endpoint.GET_RECAPTCHA_CONFIG */, _addTidIfNecessary(auth, request))];
|
|
1031
|
+
});
|
|
1032
|
+
});
|
|
1033
|
+
}
|
|
1034
|
+
|
|
951
1035
|
/**
|
|
952
1036
|
* @license
|
|
953
1037
|
* Copyright 2020 Google LLC
|
|
@@ -2346,7 +2430,7 @@ function _getClientVersion(clientPlatform, frameworks) {
|
|
|
2346
2430
|
|
|
2347
2431
|
/**
|
|
2348
2432
|
* @license
|
|
2349
|
-
* Copyright
|
|
2433
|
+
* Copyright 2022 Google LLC
|
|
2350
2434
|
*
|
|
2351
2435
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2352
2436
|
* you may not use this file except in compliance with the License.
|
|
@@ -2360,27 +2444,97 @@ function _getClientVersion(clientPlatform, frameworks) {
|
|
|
2360
2444
|
* See the License for the specific language governing permissions and
|
|
2361
2445
|
* limitations under the License.
|
|
2362
2446
|
*/
|
|
2363
|
-
function
|
|
2364
|
-
|
|
2365
|
-
|
|
2366
|
-
|
|
2367
|
-
|
|
2368
|
-
|
|
2369
|
-
|
|
2370
|
-
|
|
2371
|
-
|
|
2372
|
-
|
|
2373
|
-
function
|
|
2374
|
-
|
|
2375
|
-
|
|
2376
|
-
|
|
2447
|
+
var AuthMiddlewareQueue = /** @class */ (function () {
|
|
2448
|
+
function AuthMiddlewareQueue(auth) {
|
|
2449
|
+
this.auth = auth;
|
|
2450
|
+
this.queue = [];
|
|
2451
|
+
}
|
|
2452
|
+
AuthMiddlewareQueue.prototype.pushCallback = function (callback, onAbort) {
|
|
2453
|
+
var _this = this;
|
|
2454
|
+
// The callback could be sync or async. Wrap it into a
|
|
2455
|
+
// function that is always async.
|
|
2456
|
+
var wrappedCallback = function (user) {
|
|
2457
|
+
return new Promise(function (resolve, reject) {
|
|
2458
|
+
try {
|
|
2459
|
+
var result = callback(user);
|
|
2460
|
+
// Either resolve with existing promise or wrap a non-promise
|
|
2461
|
+
// return value into a promise.
|
|
2462
|
+
resolve(result);
|
|
2463
|
+
}
|
|
2464
|
+
catch (e) {
|
|
2465
|
+
// Sync callback throws.
|
|
2466
|
+
reject(e);
|
|
2467
|
+
}
|
|
2468
|
+
});
|
|
2469
|
+
};
|
|
2470
|
+
// Attach the onAbort if present
|
|
2471
|
+
wrappedCallback.onAbort = onAbort;
|
|
2472
|
+
this.queue.push(wrappedCallback);
|
|
2473
|
+
var index = this.queue.length - 1;
|
|
2474
|
+
return function () {
|
|
2475
|
+
// Unsubscribe. Replace with no-op. Do not remove from array, or it will disturb
|
|
2476
|
+
// indexing of other elements.
|
|
2477
|
+
_this.queue[index] = function () { return Promise.resolve(); };
|
|
2478
|
+
};
|
|
2479
|
+
};
|
|
2480
|
+
AuthMiddlewareQueue.prototype.runMiddleware = function (nextUser) {
|
|
2481
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
2482
|
+
var onAbortStack, _i, _a, beforeStateCallback, e_1, _b, onAbortStack_1, onAbort;
|
|
2483
|
+
return tslib.__generator(this, function (_c) {
|
|
2484
|
+
switch (_c.label) {
|
|
2485
|
+
case 0:
|
|
2486
|
+
if (this.auth.currentUser === nextUser) {
|
|
2487
|
+
return [2 /*return*/];
|
|
2488
|
+
}
|
|
2489
|
+
onAbortStack = [];
|
|
2490
|
+
_c.label = 1;
|
|
2491
|
+
case 1:
|
|
2492
|
+
_c.trys.push([1, 6, , 7]);
|
|
2493
|
+
_i = 0, _a = this.queue;
|
|
2494
|
+
_c.label = 2;
|
|
2495
|
+
case 2:
|
|
2496
|
+
if (!(_i < _a.length)) return [3 /*break*/, 5];
|
|
2497
|
+
beforeStateCallback = _a[_i];
|
|
2498
|
+
return [4 /*yield*/, beforeStateCallback(nextUser)];
|
|
2499
|
+
case 3:
|
|
2500
|
+
_c.sent();
|
|
2501
|
+
// Only push the onAbort if the callback succeeds
|
|
2502
|
+
if (beforeStateCallback.onAbort) {
|
|
2503
|
+
onAbortStack.push(beforeStateCallback.onAbort);
|
|
2504
|
+
}
|
|
2505
|
+
_c.label = 4;
|
|
2506
|
+
case 4:
|
|
2507
|
+
_i++;
|
|
2508
|
+
return [3 /*break*/, 2];
|
|
2509
|
+
case 5: return [3 /*break*/, 7];
|
|
2510
|
+
case 6:
|
|
2511
|
+
e_1 = _c.sent();
|
|
2512
|
+
// Run all onAbort, with separate try/catch to ignore any errors and
|
|
2513
|
+
// continue
|
|
2514
|
+
onAbortStack.reverse();
|
|
2515
|
+
for (_b = 0, onAbortStack_1 = onAbortStack; _b < onAbortStack_1.length; _b++) {
|
|
2516
|
+
onAbort = onAbortStack_1[_b];
|
|
2517
|
+
try {
|
|
2518
|
+
onAbort();
|
|
2519
|
+
}
|
|
2520
|
+
catch (_) {
|
|
2521
|
+
/* swallow error */
|
|
2522
|
+
}
|
|
2523
|
+
}
|
|
2524
|
+
throw this.auth._errorFactory.create("login-blocked" /* AuthErrorCode.LOGIN_BLOCKED */, {
|
|
2525
|
+
originalMessage: e_1 === null || e_1 === void 0 ? void 0 : e_1.message
|
|
2526
|
+
});
|
|
2527
|
+
case 7: return [2 /*return*/];
|
|
2528
|
+
}
|
|
2529
|
+
});
|
|
2377
2530
|
});
|
|
2378
|
-
}
|
|
2379
|
-
|
|
2531
|
+
};
|
|
2532
|
+
return AuthMiddlewareQueue;
|
|
2533
|
+
}());
|
|
2380
2534
|
|
|
2381
2535
|
/**
|
|
2382
2536
|
* @license
|
|
2383
|
-
* Copyright
|
|
2537
|
+
* Copyright 2023 Google LLC
|
|
2384
2538
|
*
|
|
2385
2539
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2386
2540
|
* you may not use this file except in compliance with the License.
|
|
@@ -2394,40 +2548,25 @@ function getRecaptchaConfig(auth, request) {
|
|
|
2394
2548
|
* See the License for the specific language governing permissions and
|
|
2395
2549
|
* limitations under the License.
|
|
2396
2550
|
*/
|
|
2397
|
-
|
|
2398
|
-
|
|
2399
|
-
|
|
2400
|
-
|
|
2401
|
-
|
|
2402
|
-
|
|
2403
|
-
|
|
2404
|
-
|
|
2405
|
-
|
|
2406
|
-
function
|
|
2407
|
-
|
|
2408
|
-
|
|
2409
|
-
*/
|
|
2410
|
-
this.siteKey = '';
|
|
2411
|
-
/**
|
|
2412
|
-
* The reCAPTCHA enablement status of the {@link EmailAuthProvider} for the current tenant.
|
|
2413
|
-
*/
|
|
2414
|
-
this.emailPasswordEnabled = false;
|
|
2415
|
-
if (response.recaptchaKey === undefined) {
|
|
2416
|
-
throw new Error('recaptchaKey undefined');
|
|
2417
|
-
}
|
|
2418
|
-
// Example response.recaptchaKey: "projects/proj123/keys/sitekey123"
|
|
2419
|
-
this.siteKey = response.recaptchaKey.split('/')[3];
|
|
2420
|
-
this.emailPasswordEnabled = response.recaptchaEnforcementState.some(function (enforcementState) {
|
|
2421
|
-
return enforcementState.provider === 'EMAIL_PASSWORD_PROVIDER' &&
|
|
2422
|
-
enforcementState.enforcementState !== 'OFF';
|
|
2551
|
+
/**
|
|
2552
|
+
* Fetches the password policy for the currently set tenant or the project if no tenant is set.
|
|
2553
|
+
*
|
|
2554
|
+
* @param auth Auth object.
|
|
2555
|
+
* @param request Password policy request.
|
|
2556
|
+
* @returns Password policy response.
|
|
2557
|
+
*/
|
|
2558
|
+
function _getPasswordPolicy(auth, request) {
|
|
2559
|
+
if (request === void 0) { request = {}; }
|
|
2560
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
2561
|
+
return tslib.__generator(this, function (_a) {
|
|
2562
|
+
return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/passwordPolicy" /* Endpoint.GET_PASSWORD_POLICY */, _addTidIfNecessary(auth, request))];
|
|
2423
2563
|
});
|
|
2424
|
-
}
|
|
2425
|
-
|
|
2426
|
-
}());
|
|
2564
|
+
});
|
|
2565
|
+
}
|
|
2427
2566
|
|
|
2428
2567
|
/**
|
|
2429
2568
|
* @license
|
|
2430
|
-
* Copyright
|
|
2569
|
+
* Copyright 2023 Google LLC
|
|
2431
2570
|
*
|
|
2432
2571
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2433
2572
|
* you may not use this file except in compliance with the License.
|
|
@@ -2441,289 +2580,138 @@ var RecaptchaConfig = /** @class */ (function () {
|
|
|
2441
2580
|
* See the License for the specific language governing permissions and
|
|
2442
2581
|
* limitations under the License.
|
|
2443
2582
|
*/
|
|
2444
|
-
|
|
2445
|
-
|
|
2446
|
-
|
|
2447
|
-
|
|
2448
|
-
|
|
2449
|
-
|
|
2450
|
-
|
|
2451
|
-
|
|
2452
|
-
|
|
2453
|
-
|
|
2454
|
-
|
|
2455
|
-
|
|
2456
|
-
|
|
2457
|
-
|
|
2583
|
+
// Minimum min password length enforced by the backend, even if no minimum length is set.
|
|
2584
|
+
var MINIMUM_MIN_PASSWORD_LENGTH = 6;
|
|
2585
|
+
/**
|
|
2586
|
+
* Stores password policy requirements and provides password validation against the policy.
|
|
2587
|
+
*
|
|
2588
|
+
* @internal
|
|
2589
|
+
*/
|
|
2590
|
+
var PasswordPolicyImpl = /** @class */ (function () {
|
|
2591
|
+
function PasswordPolicyImpl(response) {
|
|
2592
|
+
var _a, _b, _c, _d;
|
|
2593
|
+
// Only include custom strength options defined in the response.
|
|
2594
|
+
var responseOptions = response.customStrengthOptions;
|
|
2595
|
+
this.customStrengthOptions = {};
|
|
2596
|
+
// TODO: Remove once the backend is updated to include the minimum min password length instead of undefined when there is no minimum length set.
|
|
2597
|
+
this.customStrengthOptions.minPasswordLength =
|
|
2598
|
+
(_a = responseOptions.minPasswordLength) !== null && _a !== void 0 ? _a : MINIMUM_MIN_PASSWORD_LENGTH;
|
|
2599
|
+
if (responseOptions.maxPasswordLength) {
|
|
2600
|
+
this.customStrengthOptions.maxPasswordLength =
|
|
2601
|
+
responseOptions.maxPasswordLength;
|
|
2602
|
+
}
|
|
2603
|
+
if (responseOptions.containsLowercaseCharacter !== undefined) {
|
|
2604
|
+
this.customStrengthOptions.containsLowercaseLetter =
|
|
2605
|
+
responseOptions.containsLowercaseCharacter;
|
|
2606
|
+
}
|
|
2607
|
+
if (responseOptions.containsUppercaseCharacter !== undefined) {
|
|
2608
|
+
this.customStrengthOptions.containsUppercaseLetter =
|
|
2609
|
+
responseOptions.containsUppercaseCharacter;
|
|
2610
|
+
}
|
|
2611
|
+
if (responseOptions.containsNumericCharacter !== undefined) {
|
|
2612
|
+
this.customStrengthOptions.containsNumericCharacter =
|
|
2613
|
+
responseOptions.containsNumericCharacter;
|
|
2614
|
+
}
|
|
2615
|
+
if (responseOptions.containsNonAlphanumericCharacter !== undefined) {
|
|
2616
|
+
this.customStrengthOptions.containsNonAlphanumericCharacter =
|
|
2617
|
+
responseOptions.containsNonAlphanumericCharacter;
|
|
2618
|
+
}
|
|
2619
|
+
this.enforcementState = response.enforcementState;
|
|
2620
|
+
if (this.enforcementState === 'ENFORCEMENT_STATE_UNSPECIFIED') {
|
|
2621
|
+
this.enforcementState = 'OFF';
|
|
2622
|
+
}
|
|
2623
|
+
// Use an empty string if no non-alphanumeric characters are specified in the response.
|
|
2624
|
+
this.allowedNonAlphanumericCharacters =
|
|
2625
|
+
(_c = (_b = response.allowedNonAlphanumericCharacters) === null || _b === void 0 ? void 0 : _b.join('')) !== null && _c !== void 0 ? _c : '';
|
|
2626
|
+
this.forceUpgradeOnSignin = (_d = response.forceUpgradeOnSignin) !== null && _d !== void 0 ? _d : false;
|
|
2627
|
+
this.schemaVersion = response.schemaVersion;
|
|
2628
|
+
}
|
|
2629
|
+
PasswordPolicyImpl.prototype.validatePassword = function (password) {
|
|
2630
|
+
var _a, _b, _c, _d, _e, _f;
|
|
2631
|
+
var status = {
|
|
2632
|
+
isValid: true,
|
|
2633
|
+
passwordPolicy: this
|
|
2458
2634
|
};
|
|
2459
|
-
|
|
2460
|
-
|
|
2461
|
-
|
|
2462
|
-
|
|
2463
|
-
|
|
2464
|
-
|
|
2465
|
-
|
|
2466
|
-
|
|
2467
|
-
|
|
2468
|
-
|
|
2469
|
-
|
|
2470
|
-
|
|
2471
|
-
var FAKE_TOKEN = 'NO_RECAPTCHA';
|
|
2472
|
-
var RecaptchaEnterpriseVerifier = /** @class */ (function () {
|
|
2635
|
+
// Check the password length and character options.
|
|
2636
|
+
this.validatePasswordLengthOptions(password, status);
|
|
2637
|
+
this.validatePasswordCharacterOptions(password, status);
|
|
2638
|
+
// Combine the status into single isValid property.
|
|
2639
|
+
status.isValid && (status.isValid = (_a = status.meetsMinPasswordLength) !== null && _a !== void 0 ? _a : true);
|
|
2640
|
+
status.isValid && (status.isValid = (_b = status.meetsMaxPasswordLength) !== null && _b !== void 0 ? _b : true);
|
|
2641
|
+
status.isValid && (status.isValid = (_c = status.containsLowercaseLetter) !== null && _c !== void 0 ? _c : true);
|
|
2642
|
+
status.isValid && (status.isValid = (_d = status.containsUppercaseLetter) !== null && _d !== void 0 ? _d : true);
|
|
2643
|
+
status.isValid && (status.isValid = (_e = status.containsNumericCharacter) !== null && _e !== void 0 ? _e : true);
|
|
2644
|
+
status.isValid && (status.isValid = (_f = status.containsNonAlphanumericCharacter) !== null && _f !== void 0 ? _f : true);
|
|
2645
|
+
return status;
|
|
2646
|
+
};
|
|
2473
2647
|
/**
|
|
2648
|
+
* Validates that the password meets the length options for the policy.
|
|
2474
2649
|
*
|
|
2475
|
-
* @param
|
|
2476
|
-
*
|
|
2650
|
+
* @param password Password to validate.
|
|
2651
|
+
* @param status Validation status.
|
|
2477
2652
|
*/
|
|
2478
|
-
function
|
|
2479
|
-
|
|
2480
|
-
|
|
2481
|
-
|
|
2482
|
-
|
|
2483
|
-
|
|
2484
|
-
|
|
2653
|
+
PasswordPolicyImpl.prototype.validatePasswordLengthOptions = function (password, status) {
|
|
2654
|
+
var minPasswordLength = this.customStrengthOptions.minPasswordLength;
|
|
2655
|
+
var maxPasswordLength = this.customStrengthOptions.maxPasswordLength;
|
|
2656
|
+
if (minPasswordLength) {
|
|
2657
|
+
status.meetsMinPasswordLength = password.length >= minPasswordLength;
|
|
2658
|
+
}
|
|
2659
|
+
if (maxPasswordLength) {
|
|
2660
|
+
status.meetsMaxPasswordLength = password.length <= maxPasswordLength;
|
|
2661
|
+
}
|
|
2662
|
+
};
|
|
2485
2663
|
/**
|
|
2486
|
-
*
|
|
2664
|
+
* Validates that the password meets the character options for the policy.
|
|
2487
2665
|
*
|
|
2488
|
-
* @
|
|
2666
|
+
* @param password Password to validate.
|
|
2667
|
+
* @param status Validation status.
|
|
2489
2668
|
*/
|
|
2490
|
-
|
|
2491
|
-
|
|
2492
|
-
|
|
2493
|
-
|
|
2494
|
-
|
|
2495
|
-
|
|
2496
|
-
|
|
2497
|
-
|
|
2498
|
-
|
|
2499
|
-
|
|
2500
|
-
|
|
2501
|
-
|
|
2502
|
-
|
|
2503
|
-
|
|
2504
|
-
|
|
2505
|
-
|
|
2506
|
-
|
|
2507
|
-
|
|
2508
|
-
|
|
2509
|
-
getRecaptchaConfig(auth, {
|
|
2510
|
-
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
|
|
2511
|
-
version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
2512
|
-
})
|
|
2513
|
-
.then(function (response) {
|
|
2514
|
-
if (response.recaptchaKey === undefined) {
|
|
2515
|
-
reject(new Error('recaptcha Enterprise site key undefined'));
|
|
2516
|
-
}
|
|
2517
|
-
else {
|
|
2518
|
-
var config = new RecaptchaConfig(response);
|
|
2519
|
-
if (auth.tenantId == null) {
|
|
2520
|
-
auth._agentRecaptchaConfig = config;
|
|
2521
|
-
}
|
|
2522
|
-
else {
|
|
2523
|
-
auth._tenantRecaptchaConfigs[auth.tenantId] = config;
|
|
2524
|
-
}
|
|
2525
|
-
return resolve(config.siteKey);
|
|
2526
|
-
}
|
|
2527
|
-
})
|
|
2528
|
-
.catch(function (error) {
|
|
2529
|
-
reject(error);
|
|
2530
|
-
});
|
|
2531
|
-
return [2 /*return*/];
|
|
2532
|
-
});
|
|
2533
|
-
}); })];
|
|
2534
|
-
});
|
|
2535
|
-
});
|
|
2536
|
-
}
|
|
2537
|
-
function retrieveRecaptchaToken(siteKey, resolve, reject) {
|
|
2538
|
-
var grecaptcha = window.grecaptcha;
|
|
2539
|
-
if (isEnterprise(grecaptcha)) {
|
|
2540
|
-
grecaptcha.enterprise.ready(function () {
|
|
2541
|
-
grecaptcha.enterprise
|
|
2542
|
-
.execute(siteKey, { action: action })
|
|
2543
|
-
.then(function (token) {
|
|
2544
|
-
resolve(token);
|
|
2545
|
-
})
|
|
2546
|
-
.catch(function () {
|
|
2547
|
-
resolve(FAKE_TOKEN);
|
|
2548
|
-
});
|
|
2549
|
-
});
|
|
2550
|
-
}
|
|
2551
|
-
else {
|
|
2552
|
-
reject(Error('No reCAPTCHA enterprise script loaded.'));
|
|
2553
|
-
}
|
|
2554
|
-
}
|
|
2555
|
-
var _this = this;
|
|
2556
|
-
return tslib.__generator(this, function (_a) {
|
|
2557
|
-
return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
2558
|
-
retrieveSiteKey(_this.auth)
|
|
2559
|
-
.then(function (siteKey) {
|
|
2560
|
-
if (!forceRefresh && isEnterprise(window.grecaptcha)) {
|
|
2561
|
-
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
2562
|
-
}
|
|
2563
|
-
else {
|
|
2564
|
-
if (typeof window === 'undefined') {
|
|
2565
|
-
reject(new Error('RecaptchaVerifier is only supported in browser'));
|
|
2566
|
-
return;
|
|
2567
|
-
}
|
|
2568
|
-
_loadJS(RECAPTCHA_ENTERPRISE_URL + siteKey)
|
|
2569
|
-
.then(function () {
|
|
2570
|
-
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
2571
|
-
})
|
|
2572
|
-
.catch(function (error) {
|
|
2573
|
-
reject(error);
|
|
2574
|
-
});
|
|
2575
|
-
}
|
|
2576
|
-
})
|
|
2577
|
-
.catch(function (error) {
|
|
2578
|
-
reject(error);
|
|
2579
|
-
});
|
|
2580
|
-
})];
|
|
2581
|
-
});
|
|
2582
|
-
});
|
|
2583
|
-
};
|
|
2584
|
-
return RecaptchaEnterpriseVerifier;
|
|
2585
|
-
}());
|
|
2586
|
-
function injectRecaptchaFields(auth, request, action, captchaResp) {
|
|
2587
|
-
if (captchaResp === void 0) { captchaResp = false; }
|
|
2588
|
-
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
2589
|
-
var verifier, captchaResponse, newRequest;
|
|
2590
|
-
return tslib.__generator(this, function (_a) {
|
|
2591
|
-
switch (_a.label) {
|
|
2592
|
-
case 0:
|
|
2593
|
-
verifier = new RecaptchaEnterpriseVerifier(auth);
|
|
2594
|
-
_a.label = 1;
|
|
2595
|
-
case 1:
|
|
2596
|
-
_a.trys.push([1, 3, , 5]);
|
|
2597
|
-
return [4 /*yield*/, verifier.verify(action)];
|
|
2598
|
-
case 2:
|
|
2599
|
-
captchaResponse = _a.sent();
|
|
2600
|
-
return [3 /*break*/, 5];
|
|
2601
|
-
case 3:
|
|
2602
|
-
_a.sent();
|
|
2603
|
-
return [4 /*yield*/, verifier.verify(action, true)];
|
|
2604
|
-
case 4:
|
|
2605
|
-
captchaResponse = _a.sent();
|
|
2606
|
-
return [3 /*break*/, 5];
|
|
2607
|
-
case 5:
|
|
2608
|
-
newRequest = tslib.__assign({}, request);
|
|
2609
|
-
if (!captchaResp) {
|
|
2610
|
-
Object.assign(newRequest, { captchaResponse: captchaResponse });
|
|
2611
|
-
}
|
|
2612
|
-
else {
|
|
2613
|
-
Object.assign(newRequest, { 'captchaResp': captchaResponse });
|
|
2614
|
-
}
|
|
2615
|
-
Object.assign(newRequest, { 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ });
|
|
2616
|
-
Object.assign(newRequest, {
|
|
2617
|
-
'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
2618
|
-
});
|
|
2619
|
-
return [2 /*return*/, newRequest];
|
|
2620
|
-
}
|
|
2621
|
-
});
|
|
2622
|
-
});
|
|
2623
|
-
}
|
|
2624
|
-
|
|
2625
|
-
/**
|
|
2626
|
-
* @license
|
|
2627
|
-
* Copyright 2022 Google LLC
|
|
2628
|
-
*
|
|
2629
|
-
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2630
|
-
* you may not use this file except in compliance with the License.
|
|
2631
|
-
* You may obtain a copy of the License at
|
|
2632
|
-
*
|
|
2633
|
-
* http://www.apache.org/licenses/LICENSE-2.0
|
|
2634
|
-
*
|
|
2635
|
-
* Unless required by applicable law or agreed to in writing, software
|
|
2636
|
-
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
2637
|
-
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
2638
|
-
* See the License for the specific language governing permissions and
|
|
2639
|
-
* limitations under the License.
|
|
2640
|
-
*/
|
|
2641
|
-
var AuthMiddlewareQueue = /** @class */ (function () {
|
|
2642
|
-
function AuthMiddlewareQueue(auth) {
|
|
2643
|
-
this.auth = auth;
|
|
2644
|
-
this.queue = [];
|
|
2645
|
-
}
|
|
2646
|
-
AuthMiddlewareQueue.prototype.pushCallback = function (callback, onAbort) {
|
|
2647
|
-
var _this = this;
|
|
2648
|
-
// The callback could be sync or async. Wrap it into a
|
|
2649
|
-
// function that is always async.
|
|
2650
|
-
var wrappedCallback = function (user) {
|
|
2651
|
-
return new Promise(function (resolve, reject) {
|
|
2652
|
-
try {
|
|
2653
|
-
var result = callback(user);
|
|
2654
|
-
// Either resolve with existing promise or wrap a non-promise
|
|
2655
|
-
// return value into a promise.
|
|
2656
|
-
resolve(result);
|
|
2657
|
-
}
|
|
2658
|
-
catch (e) {
|
|
2659
|
-
// Sync callback throws.
|
|
2660
|
-
reject(e);
|
|
2661
|
-
}
|
|
2662
|
-
});
|
|
2663
|
-
};
|
|
2664
|
-
// Attach the onAbort if present
|
|
2665
|
-
wrappedCallback.onAbort = onAbort;
|
|
2666
|
-
this.queue.push(wrappedCallback);
|
|
2667
|
-
var index = this.queue.length - 1;
|
|
2668
|
-
return function () {
|
|
2669
|
-
// Unsubscribe. Replace with no-op. Do not remove from array, or it will disturb
|
|
2670
|
-
// indexing of other elements.
|
|
2671
|
-
_this.queue[index] = function () { return Promise.resolve(); };
|
|
2672
|
-
};
|
|
2669
|
+
PasswordPolicyImpl.prototype.validatePasswordCharacterOptions = function (password, status) {
|
|
2670
|
+
// Assign statuses for requirements even if the password is an empty string.
|
|
2671
|
+
this.updatePasswordCharacterOptionsStatuses(status,
|
|
2672
|
+
/* containsLowercaseCharacter= */ false,
|
|
2673
|
+
/* containsUppercaseCharacter= */ false,
|
|
2674
|
+
/* containsNumericCharacter= */ false,
|
|
2675
|
+
/* containsNonAlphanumericCharacter= */ false);
|
|
2676
|
+
var passwordChar;
|
|
2677
|
+
for (var i = 0; i < password.length; i++) {
|
|
2678
|
+
passwordChar = password.charAt(i);
|
|
2679
|
+
this.updatePasswordCharacterOptionsStatuses(status,
|
|
2680
|
+
/* containsLowercaseCharacter= */ passwordChar >= 'a' &&
|
|
2681
|
+
passwordChar <= 'z',
|
|
2682
|
+
/* containsUppercaseCharacter= */ passwordChar >= 'A' &&
|
|
2683
|
+
passwordChar <= 'Z',
|
|
2684
|
+
/* containsNumericCharacter= */ passwordChar >= '0' &&
|
|
2685
|
+
passwordChar <= '9',
|
|
2686
|
+
/* containsNonAlphanumericCharacter= */ this.allowedNonAlphanumericCharacters.includes(passwordChar));
|
|
2687
|
+
}
|
|
2673
2688
|
};
|
|
2674
|
-
|
|
2675
|
-
|
|
2676
|
-
|
|
2677
|
-
|
|
2678
|
-
|
|
2679
|
-
|
|
2680
|
-
|
|
2681
|
-
|
|
2682
|
-
|
|
2683
|
-
|
|
2684
|
-
|
|
2685
|
-
|
|
2686
|
-
|
|
2687
|
-
|
|
2688
|
-
|
|
2689
|
-
|
|
2690
|
-
|
|
2691
|
-
|
|
2692
|
-
|
|
2693
|
-
|
|
2694
|
-
|
|
2695
|
-
|
|
2696
|
-
|
|
2697
|
-
|
|
2698
|
-
}
|
|
2699
|
-
_c.label = 4;
|
|
2700
|
-
case 4:
|
|
2701
|
-
_i++;
|
|
2702
|
-
return [3 /*break*/, 2];
|
|
2703
|
-
case 5: return [3 /*break*/, 7];
|
|
2704
|
-
case 6:
|
|
2705
|
-
e_1 = _c.sent();
|
|
2706
|
-
// Run all onAbort, with separate try/catch to ignore any errors and
|
|
2707
|
-
// continue
|
|
2708
|
-
onAbortStack.reverse();
|
|
2709
|
-
for (_b = 0, onAbortStack_1 = onAbortStack; _b < onAbortStack_1.length; _b++) {
|
|
2710
|
-
onAbort = onAbortStack_1[_b];
|
|
2711
|
-
try {
|
|
2712
|
-
onAbort();
|
|
2713
|
-
}
|
|
2714
|
-
catch (_) {
|
|
2715
|
-
/* swallow error */
|
|
2716
|
-
}
|
|
2717
|
-
}
|
|
2718
|
-
throw this.auth._errorFactory.create("login-blocked" /* AuthErrorCode.LOGIN_BLOCKED */, {
|
|
2719
|
-
originalMessage: e_1 === null || e_1 === void 0 ? void 0 : e_1.message
|
|
2720
|
-
});
|
|
2721
|
-
case 7: return [2 /*return*/];
|
|
2722
|
-
}
|
|
2723
|
-
});
|
|
2724
|
-
});
|
|
2689
|
+
/**
|
|
2690
|
+
* Updates the running validation status with the statuses for the character options.
|
|
2691
|
+
* Expected to be called each time a character is processed to update each option status
|
|
2692
|
+
* based on the current character.
|
|
2693
|
+
*
|
|
2694
|
+
* @param status Validation status.
|
|
2695
|
+
* @param containsLowercaseCharacter Whether the character is a lowercase letter.
|
|
2696
|
+
* @param containsUppercaseCharacter Whether the character is an uppercase letter.
|
|
2697
|
+
* @param containsNumericCharacter Whether the character is a numeric character.
|
|
2698
|
+
* @param containsNonAlphanumericCharacter Whether the character is a non-alphanumeric character.
|
|
2699
|
+
*/
|
|
2700
|
+
PasswordPolicyImpl.prototype.updatePasswordCharacterOptionsStatuses = function (status, containsLowercaseCharacter, containsUppercaseCharacter, containsNumericCharacter, containsNonAlphanumericCharacter) {
|
|
2701
|
+
if (this.customStrengthOptions.containsLowercaseLetter) {
|
|
2702
|
+
status.containsLowercaseLetter || (status.containsLowercaseLetter = containsLowercaseCharacter);
|
|
2703
|
+
}
|
|
2704
|
+
if (this.customStrengthOptions.containsUppercaseLetter) {
|
|
2705
|
+
status.containsUppercaseLetter || (status.containsUppercaseLetter = containsUppercaseCharacter);
|
|
2706
|
+
}
|
|
2707
|
+
if (this.customStrengthOptions.containsNumericCharacter) {
|
|
2708
|
+
status.containsNumericCharacter || (status.containsNumericCharacter = containsNumericCharacter);
|
|
2709
|
+
}
|
|
2710
|
+
if (this.customStrengthOptions.containsNonAlphanumericCharacter) {
|
|
2711
|
+
status.containsNonAlphanumericCharacter || (status.containsNonAlphanumericCharacter = containsNonAlphanumericCharacter);
|
|
2712
|
+
}
|
|
2725
2713
|
};
|
|
2726
|
-
return
|
|
2714
|
+
return PasswordPolicyImpl;
|
|
2727
2715
|
}());
|
|
2728
2716
|
|
|
2729
2717
|
/**
|
|
@@ -2756,6 +2744,7 @@ var AuthImpl = /** @class */ (function () {
|
|
|
2756
2744
|
this.beforeStateQueue = new AuthMiddlewareQueue(this);
|
|
2757
2745
|
this.redirectUser = null;
|
|
2758
2746
|
this.isProactiveRefreshEnabled = false;
|
|
2747
|
+
this.EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION = 1;
|
|
2759
2748
|
// Any network calls will set this to true and prevent subsequent emulator
|
|
2760
2749
|
// initialization
|
|
2761
2750
|
this._canInitEmulator = true;
|
|
@@ -2766,6 +2755,8 @@ var AuthImpl = /** @class */ (function () {
|
|
|
2766
2755
|
this._errorFactory = _DEFAULT_AUTH_ERROR_FACTORY;
|
|
2767
2756
|
this._agentRecaptchaConfig = null;
|
|
2768
2757
|
this._tenantRecaptchaConfigs = {};
|
|
2758
|
+
this._projectPasswordPolicy = null;
|
|
2759
|
+
this._tenantPasswordPolicies = {};
|
|
2769
2760
|
// Tracks the last notified UID for state change listeners to prevent
|
|
2770
2761
|
// repeated calls to the callbacks. Undefined means it's never been
|
|
2771
2762
|
// called, whereas null means it's been called with a signed out user
|
|
@@ -3095,41 +3086,66 @@ var AuthImpl = /** @class */ (function () {
|
|
|
3095
3086
|
});
|
|
3096
3087
|
}); });
|
|
3097
3088
|
};
|
|
3098
|
-
AuthImpl.prototype.
|
|
3089
|
+
AuthImpl.prototype._getRecaptchaConfig = function () {
|
|
3090
|
+
if (this.tenantId == null) {
|
|
3091
|
+
return this._agentRecaptchaConfig;
|
|
3092
|
+
}
|
|
3093
|
+
else {
|
|
3094
|
+
return this._tenantRecaptchaConfigs[this.tenantId];
|
|
3095
|
+
}
|
|
3096
|
+
};
|
|
3097
|
+
AuthImpl.prototype.validatePassword = function (password) {
|
|
3099
3098
|
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3100
|
-
var
|
|
3099
|
+
var passwordPolicy;
|
|
3101
3100
|
return tslib.__generator(this, function (_a) {
|
|
3102
3101
|
switch (_a.label) {
|
|
3103
|
-
case 0:
|
|
3104
|
-
|
|
3105
|
-
|
|
3106
|
-
})];
|
|
3102
|
+
case 0:
|
|
3103
|
+
if (!!this._getPasswordPolicyInternal()) return [3 /*break*/, 2];
|
|
3104
|
+
return [4 /*yield*/, this._updatePasswordPolicy()];
|
|
3107
3105
|
case 1:
|
|
3108
|
-
|
|
3109
|
-
|
|
3110
|
-
|
|
3111
|
-
|
|
3112
|
-
|
|
3113
|
-
|
|
3114
|
-
|
|
3115
|
-
|
|
3116
|
-
|
|
3117
|
-
verifier = new RecaptchaEnterpriseVerifier(this);
|
|
3118
|
-
void verifier.verify();
|
|
3106
|
+
_a.sent();
|
|
3107
|
+
_a.label = 2;
|
|
3108
|
+
case 2:
|
|
3109
|
+
passwordPolicy = this._getPasswordPolicyInternal();
|
|
3110
|
+
// Check that the policy schema version is supported by the SDK.
|
|
3111
|
+
// TODO: Update this logic to use a max supported policy schema version once we have multiple schema versions.
|
|
3112
|
+
if (passwordPolicy.schemaVersion !==
|
|
3113
|
+
this.EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION) {
|
|
3114
|
+
return [2 /*return*/, Promise.reject(this._errorFactory.create("unsupported-password-policy-schema-version" /* AuthErrorCode.UNSUPPORTED_PASSWORD_POLICY_SCHEMA_VERSION */, {}))];
|
|
3119
3115
|
}
|
|
3120
|
-
return [2 /*return
|
|
3116
|
+
return [2 /*return*/, passwordPolicy.validatePassword(password)];
|
|
3121
3117
|
}
|
|
3122
3118
|
});
|
|
3123
3119
|
});
|
|
3124
3120
|
};
|
|
3125
|
-
AuthImpl.prototype.
|
|
3126
|
-
if (this.tenantId
|
|
3127
|
-
return this.
|
|
3121
|
+
AuthImpl.prototype._getPasswordPolicyInternal = function () {
|
|
3122
|
+
if (this.tenantId === null) {
|
|
3123
|
+
return this._projectPasswordPolicy;
|
|
3128
3124
|
}
|
|
3129
3125
|
else {
|
|
3130
|
-
return this.
|
|
3126
|
+
return this._tenantPasswordPolicies[this.tenantId];
|
|
3131
3127
|
}
|
|
3132
3128
|
};
|
|
3129
|
+
AuthImpl.prototype._updatePasswordPolicy = function () {
|
|
3130
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3131
|
+
var response, passwordPolicy;
|
|
3132
|
+
return tslib.__generator(this, function (_a) {
|
|
3133
|
+
switch (_a.label) {
|
|
3134
|
+
case 0: return [4 /*yield*/, _getPasswordPolicy(this)];
|
|
3135
|
+
case 1:
|
|
3136
|
+
response = _a.sent();
|
|
3137
|
+
passwordPolicy = new PasswordPolicyImpl(response);
|
|
3138
|
+
if (this.tenantId === null) {
|
|
3139
|
+
this._projectPasswordPolicy = passwordPolicy;
|
|
3140
|
+
}
|
|
3141
|
+
else {
|
|
3142
|
+
this._tenantPasswordPolicies[this.tenantId] = passwordPolicy;
|
|
3143
|
+
}
|
|
3144
|
+
return [2 /*return*/];
|
|
3145
|
+
}
|
|
3146
|
+
});
|
|
3147
|
+
});
|
|
3148
|
+
};
|
|
3133
3149
|
AuthImpl.prototype._getPersistence = function () {
|
|
3134
3150
|
return this.assertedPersistence.persistence.type;
|
|
3135
3151
|
};
|
|
@@ -3405,54 +3421,280 @@ var AuthImpl = /** @class */ (function () {
|
|
|
3405
3421
|
AuthImpl.prototype._getAppCheckToken = function () {
|
|
3406
3422
|
var _a;
|
|
3407
3423
|
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3408
|
-
var appCheckTokenResult;
|
|
3409
|
-
return tslib.__generator(this, function (_b) {
|
|
3410
|
-
switch (_b.label) {
|
|
3411
|
-
case 0: return [4 /*yield*/, ((_a = this.appCheckServiceProvider
|
|
3412
|
-
.getImmediate({ optional: true })) === null || _a === void 0 ? void 0 : _a.getToken())];
|
|
3413
|
-
case 1:
|
|
3414
|
-
appCheckTokenResult = _b.sent();
|
|
3415
|
-
if (appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.error) {
|
|
3416
|
-
// Context: appCheck.getToken() will never throw even if an error happened.
|
|
3417
|
-
// In the error case, a dummy token will be returned along with an error field describing
|
|
3418
|
-
// the error. In general, we shouldn't care about the error condition and just use
|
|
3419
|
-
// the token (actual or dummy) to send requests.
|
|
3420
|
-
_logWarn("Error while retrieving App Check token: ".concat(appCheckTokenResult.error));
|
|
3424
|
+
var appCheckTokenResult;
|
|
3425
|
+
return tslib.__generator(this, function (_b) {
|
|
3426
|
+
switch (_b.label) {
|
|
3427
|
+
case 0: return [4 /*yield*/, ((_a = this.appCheckServiceProvider
|
|
3428
|
+
.getImmediate({ optional: true })) === null || _a === void 0 ? void 0 : _a.getToken())];
|
|
3429
|
+
case 1:
|
|
3430
|
+
appCheckTokenResult = _b.sent();
|
|
3431
|
+
if (appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.error) {
|
|
3432
|
+
// Context: appCheck.getToken() will never throw even if an error happened.
|
|
3433
|
+
// In the error case, a dummy token will be returned along with an error field describing
|
|
3434
|
+
// the error. In general, we shouldn't care about the error condition and just use
|
|
3435
|
+
// the token (actual or dummy) to send requests.
|
|
3436
|
+
_logWarn("Error while retrieving App Check token: ".concat(appCheckTokenResult.error));
|
|
3437
|
+
}
|
|
3438
|
+
return [2 /*return*/, appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.token];
|
|
3439
|
+
}
|
|
3440
|
+
});
|
|
3441
|
+
});
|
|
3442
|
+
};
|
|
3443
|
+
return AuthImpl;
|
|
3444
|
+
}());
|
|
3445
|
+
/**
|
|
3446
|
+
* Method to be used to cast down to our private implmentation of Auth.
|
|
3447
|
+
* It will also handle unwrapping from the compat type if necessary
|
|
3448
|
+
*
|
|
3449
|
+
* @param auth Auth object passed in from developer
|
|
3450
|
+
*/
|
|
3451
|
+
function _castAuth(auth) {
|
|
3452
|
+
return util.getModularInstance(auth);
|
|
3453
|
+
}
|
|
3454
|
+
/** Helper class to wrap subscriber logic */
|
|
3455
|
+
var Subscription = /** @class */ (function () {
|
|
3456
|
+
function Subscription(auth) {
|
|
3457
|
+
var _this = this;
|
|
3458
|
+
this.auth = auth;
|
|
3459
|
+
this.observer = null;
|
|
3460
|
+
this.addObserver = util.createSubscribe(function (observer) { return (_this.observer = observer); });
|
|
3461
|
+
}
|
|
3462
|
+
Object.defineProperty(Subscription.prototype, "next", {
|
|
3463
|
+
get: function () {
|
|
3464
|
+
_assert(this.observer, this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
|
|
3465
|
+
return this.observer.next.bind(this.observer);
|
|
3466
|
+
},
|
|
3467
|
+
enumerable: false,
|
|
3468
|
+
configurable: true
|
|
3469
|
+
});
|
|
3470
|
+
return Subscription;
|
|
3471
|
+
}());
|
|
3472
|
+
|
|
3473
|
+
/**
|
|
3474
|
+
* @license
|
|
3475
|
+
* Copyright 2020 Google LLC
|
|
3476
|
+
*
|
|
3477
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
3478
|
+
* you may not use this file except in compliance with the License.
|
|
3479
|
+
* You may obtain a copy of the License at
|
|
3480
|
+
*
|
|
3481
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
3482
|
+
*
|
|
3483
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
3484
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
3485
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
3486
|
+
* See the License for the specific language governing permissions and
|
|
3487
|
+
* limitations under the License.
|
|
3488
|
+
*/
|
|
3489
|
+
function getScriptParentElement() {
|
|
3490
|
+
var _a, _b;
|
|
3491
|
+
return (_b = (_a = document.getElementsByTagName('head')) === null || _a === void 0 ? void 0 : _a[0]) !== null && _b !== void 0 ? _b : document;
|
|
3492
|
+
}
|
|
3493
|
+
function _loadJS(url) {
|
|
3494
|
+
// TODO: consider adding timeout support & cancellation
|
|
3495
|
+
return new Promise(function (resolve, reject) {
|
|
3496
|
+
var el = document.createElement('script');
|
|
3497
|
+
el.setAttribute('src', url);
|
|
3498
|
+
el.onload = resolve;
|
|
3499
|
+
el.onerror = function (e) {
|
|
3500
|
+
var error = _createError("internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
|
|
3501
|
+
error.customData = e;
|
|
3502
|
+
reject(error);
|
|
3503
|
+
};
|
|
3504
|
+
el.type = 'text/javascript';
|
|
3505
|
+
el.charset = 'UTF-8';
|
|
3506
|
+
getScriptParentElement().appendChild(el);
|
|
3507
|
+
});
|
|
3508
|
+
}
|
|
3509
|
+
function _generateCallbackName(prefix) {
|
|
3510
|
+
return "__".concat(prefix).concat(Math.floor(Math.random() * 1000000));
|
|
3511
|
+
}
|
|
3512
|
+
|
|
3513
|
+
/* eslint-disable @typescript-eslint/no-require-imports */
|
|
3514
|
+
var RECAPTCHA_ENTERPRISE_URL = 'https://www.google.com/recaptcha/enterprise.js?render=';
|
|
3515
|
+
var RECAPTCHA_ENTERPRISE_VERIFIER_TYPE = 'recaptcha-enterprise';
|
|
3516
|
+
var FAKE_TOKEN = 'NO_RECAPTCHA';
|
|
3517
|
+
var RecaptchaEnterpriseVerifier = /** @class */ (function () {
|
|
3518
|
+
/**
|
|
3519
|
+
*
|
|
3520
|
+
* @param authExtern - The corresponding Firebase {@link Auth} instance.
|
|
3521
|
+
*
|
|
3522
|
+
*/
|
|
3523
|
+
function RecaptchaEnterpriseVerifier(authExtern) {
|
|
3524
|
+
/**
|
|
3525
|
+
* Identifies the type of application verifier (e.g. "recaptcha-enterprise").
|
|
3526
|
+
*/
|
|
3527
|
+
this.type = RECAPTCHA_ENTERPRISE_VERIFIER_TYPE;
|
|
3528
|
+
this.auth = _castAuth(authExtern);
|
|
3529
|
+
}
|
|
3530
|
+
/**
|
|
3531
|
+
* Executes the verification process.
|
|
3532
|
+
*
|
|
3533
|
+
* @returns A Promise for a token that can be used to assert the validity of a request.
|
|
3534
|
+
*/
|
|
3535
|
+
RecaptchaEnterpriseVerifier.prototype.verify = function (action, forceRefresh) {
|
|
3536
|
+
if (action === void 0) { action = 'verify'; }
|
|
3537
|
+
if (forceRefresh === void 0) { forceRefresh = false; }
|
|
3538
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3539
|
+
function retrieveSiteKey(auth) {
|
|
3540
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3541
|
+
var _this = this;
|
|
3542
|
+
return tslib.__generator(this, function (_a) {
|
|
3543
|
+
if (!forceRefresh) {
|
|
3544
|
+
if (auth.tenantId == null && auth._agentRecaptchaConfig != null) {
|
|
3545
|
+
return [2 /*return*/, auth._agentRecaptchaConfig.siteKey];
|
|
3546
|
+
}
|
|
3547
|
+
if (auth.tenantId != null &&
|
|
3548
|
+
auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined) {
|
|
3549
|
+
return [2 /*return*/, auth._tenantRecaptchaConfigs[auth.tenantId].siteKey];
|
|
3550
|
+
}
|
|
3421
3551
|
}
|
|
3422
|
-
return [2 /*return*/,
|
|
3552
|
+
return [2 /*return*/, new Promise(function (resolve, reject) { return tslib.__awaiter(_this, void 0, void 0, function () {
|
|
3553
|
+
return tslib.__generator(this, function (_a) {
|
|
3554
|
+
getRecaptchaConfig(auth, {
|
|
3555
|
+
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
|
|
3556
|
+
version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
3557
|
+
})
|
|
3558
|
+
.then(function (response) {
|
|
3559
|
+
if (response.recaptchaKey === undefined) {
|
|
3560
|
+
reject(new Error('recaptcha Enterprise site key undefined'));
|
|
3561
|
+
}
|
|
3562
|
+
else {
|
|
3563
|
+
var config = new RecaptchaConfig(response);
|
|
3564
|
+
if (auth.tenantId == null) {
|
|
3565
|
+
auth._agentRecaptchaConfig = config;
|
|
3566
|
+
}
|
|
3567
|
+
else {
|
|
3568
|
+
auth._tenantRecaptchaConfigs[auth.tenantId] = config;
|
|
3569
|
+
}
|
|
3570
|
+
return resolve(config.siteKey);
|
|
3571
|
+
}
|
|
3572
|
+
})
|
|
3573
|
+
.catch(function (error) {
|
|
3574
|
+
reject(error);
|
|
3575
|
+
});
|
|
3576
|
+
return [2 /*return*/];
|
|
3577
|
+
});
|
|
3578
|
+
}); })];
|
|
3579
|
+
});
|
|
3580
|
+
});
|
|
3581
|
+
}
|
|
3582
|
+
function retrieveRecaptchaToken(siteKey, resolve, reject) {
|
|
3583
|
+
var grecaptcha = window.grecaptcha;
|
|
3584
|
+
if (isEnterprise(grecaptcha)) {
|
|
3585
|
+
grecaptcha.enterprise.ready(function () {
|
|
3586
|
+
grecaptcha.enterprise
|
|
3587
|
+
.execute(siteKey, { action: action })
|
|
3588
|
+
.then(function (token) {
|
|
3589
|
+
resolve(token);
|
|
3590
|
+
})
|
|
3591
|
+
.catch(function () {
|
|
3592
|
+
resolve(FAKE_TOKEN);
|
|
3593
|
+
});
|
|
3594
|
+
});
|
|
3595
|
+
}
|
|
3596
|
+
else {
|
|
3597
|
+
reject(Error('No reCAPTCHA enterprise script loaded.'));
|
|
3423
3598
|
}
|
|
3599
|
+
}
|
|
3600
|
+
var _this = this;
|
|
3601
|
+
return tslib.__generator(this, function (_a) {
|
|
3602
|
+
return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
3603
|
+
retrieveSiteKey(_this.auth)
|
|
3604
|
+
.then(function (siteKey) {
|
|
3605
|
+
if (!forceRefresh && isEnterprise(window.grecaptcha)) {
|
|
3606
|
+
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
3607
|
+
}
|
|
3608
|
+
else {
|
|
3609
|
+
if (typeof window === 'undefined') {
|
|
3610
|
+
reject(new Error('RecaptchaVerifier is only supported in browser'));
|
|
3611
|
+
return;
|
|
3612
|
+
}
|
|
3613
|
+
_loadJS(RECAPTCHA_ENTERPRISE_URL + siteKey)
|
|
3614
|
+
.then(function () {
|
|
3615
|
+
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
3616
|
+
})
|
|
3617
|
+
.catch(function (error) {
|
|
3618
|
+
reject(error);
|
|
3619
|
+
});
|
|
3620
|
+
}
|
|
3621
|
+
})
|
|
3622
|
+
.catch(function (error) {
|
|
3623
|
+
reject(error);
|
|
3624
|
+
});
|
|
3625
|
+
})];
|
|
3424
3626
|
});
|
|
3425
3627
|
});
|
|
3426
3628
|
};
|
|
3427
|
-
return
|
|
3629
|
+
return RecaptchaEnterpriseVerifier;
|
|
3428
3630
|
}());
|
|
3429
|
-
|
|
3430
|
-
|
|
3431
|
-
|
|
3432
|
-
|
|
3433
|
-
|
|
3434
|
-
|
|
3435
|
-
|
|
3436
|
-
|
|
3631
|
+
function injectRecaptchaFields(auth, request, action, captchaResp) {
|
|
3632
|
+
if (captchaResp === void 0) { captchaResp = false; }
|
|
3633
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3634
|
+
var verifier, captchaResponse, newRequest;
|
|
3635
|
+
return tslib.__generator(this, function (_a) {
|
|
3636
|
+
switch (_a.label) {
|
|
3637
|
+
case 0:
|
|
3638
|
+
verifier = new RecaptchaEnterpriseVerifier(auth);
|
|
3639
|
+
_a.label = 1;
|
|
3640
|
+
case 1:
|
|
3641
|
+
_a.trys.push([1, 3, , 5]);
|
|
3642
|
+
return [4 /*yield*/, verifier.verify(action)];
|
|
3643
|
+
case 2:
|
|
3644
|
+
captchaResponse = _a.sent();
|
|
3645
|
+
return [3 /*break*/, 5];
|
|
3646
|
+
case 3:
|
|
3647
|
+
_a.sent();
|
|
3648
|
+
return [4 /*yield*/, verifier.verify(action, true)];
|
|
3649
|
+
case 4:
|
|
3650
|
+
captchaResponse = _a.sent();
|
|
3651
|
+
return [3 /*break*/, 5];
|
|
3652
|
+
case 5:
|
|
3653
|
+
newRequest = tslib.__assign({}, request);
|
|
3654
|
+
if (!captchaResp) {
|
|
3655
|
+
Object.assign(newRequest, { captchaResponse: captchaResponse });
|
|
3656
|
+
}
|
|
3657
|
+
else {
|
|
3658
|
+
Object.assign(newRequest, { 'captchaResp': captchaResponse });
|
|
3659
|
+
}
|
|
3660
|
+
Object.assign(newRequest, { 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ });
|
|
3661
|
+
Object.assign(newRequest, {
|
|
3662
|
+
'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
3663
|
+
});
|
|
3664
|
+
return [2 /*return*/, newRequest];
|
|
3665
|
+
}
|
|
3666
|
+
});
|
|
3667
|
+
});
|
|
3437
3668
|
}
|
|
3438
|
-
|
|
3439
|
-
|
|
3440
|
-
|
|
3441
|
-
|
|
3442
|
-
|
|
3443
|
-
|
|
3444
|
-
|
|
3445
|
-
|
|
3446
|
-
|
|
3447
|
-
|
|
3448
|
-
|
|
3449
|
-
|
|
3450
|
-
|
|
3451
|
-
|
|
3452
|
-
|
|
3669
|
+
function _initializeRecaptchaConfig(auth) {
|
|
3670
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3671
|
+
var authInternal, response, config, verifier;
|
|
3672
|
+
return tslib.__generator(this, function (_a) {
|
|
3673
|
+
switch (_a.label) {
|
|
3674
|
+
case 0:
|
|
3675
|
+
authInternal = _castAuth(auth);
|
|
3676
|
+
return [4 /*yield*/, getRecaptchaConfig(authInternal, {
|
|
3677
|
+
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
|
|
3678
|
+
version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
3679
|
+
})];
|
|
3680
|
+
case 1:
|
|
3681
|
+
response = _a.sent();
|
|
3682
|
+
config = new RecaptchaConfig(response);
|
|
3683
|
+
if (authInternal.tenantId == null) {
|
|
3684
|
+
authInternal._agentRecaptchaConfig = config;
|
|
3685
|
+
}
|
|
3686
|
+
else {
|
|
3687
|
+
authInternal._tenantRecaptchaConfigs[authInternal.tenantId] = config;
|
|
3688
|
+
}
|
|
3689
|
+
if (config.emailPasswordEnabled) {
|
|
3690
|
+
verifier = new RecaptchaEnterpriseVerifier(authInternal);
|
|
3691
|
+
void verifier.verify();
|
|
3692
|
+
}
|
|
3693
|
+
return [2 /*return*/];
|
|
3694
|
+
}
|
|
3695
|
+
});
|
|
3453
3696
|
});
|
|
3454
|
-
|
|
3455
|
-
}());
|
|
3697
|
+
}
|
|
3456
3698
|
|
|
3457
3699
|
/**
|
|
3458
3700
|
* @license
|
|
@@ -6112,6 +6354,36 @@ function _setActionCodeSettingsOnRequest(auth, request, actionCodeSettings) {
|
|
|
6112
6354
|
* See the License for the specific language governing permissions and
|
|
6113
6355
|
* limitations under the License.
|
|
6114
6356
|
*/
|
|
6357
|
+
/**
|
|
6358
|
+
* Updates the password policy cached in the {@link Auth} instance if a policy is already
|
|
6359
|
+
* cached for the project or tenant.
|
|
6360
|
+
*
|
|
6361
|
+
* @remarks
|
|
6362
|
+
* We only fetch the password policy if the password did not meet policy requirements and
|
|
6363
|
+
* there is an existing policy cached. A developer must call validatePassword at least
|
|
6364
|
+
* once for the cache to be automatically updated.
|
|
6365
|
+
*
|
|
6366
|
+
* @param auth - The {@link Auth} instance.
|
|
6367
|
+
*
|
|
6368
|
+
* @private
|
|
6369
|
+
*/
|
|
6370
|
+
function recachePasswordPolicy(auth) {
|
|
6371
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
6372
|
+
var authInternal;
|
|
6373
|
+
return tslib.__generator(this, function (_a) {
|
|
6374
|
+
switch (_a.label) {
|
|
6375
|
+
case 0:
|
|
6376
|
+
authInternal = _castAuth(auth);
|
|
6377
|
+
if (!authInternal._getPasswordPolicyInternal()) return [3 /*break*/, 2];
|
|
6378
|
+
return [4 /*yield*/, authInternal._updatePasswordPolicy()];
|
|
6379
|
+
case 1:
|
|
6380
|
+
_a.sent();
|
|
6381
|
+
_a.label = 2;
|
|
6382
|
+
case 2: return [2 /*return*/];
|
|
6383
|
+
}
|
|
6384
|
+
});
|
|
6385
|
+
});
|
|
6386
|
+
}
|
|
6115
6387
|
/**
|
|
6116
6388
|
* Sends a password reset email to the given email address.
|
|
6117
6389
|
*
|
|
@@ -6215,12 +6487,22 @@ function sendPasswordResetEmail(auth, email, actionCodeSettings) {
|
|
|
6215
6487
|
*/
|
|
6216
6488
|
function confirmPasswordReset(auth, oobCode, newPassword) {
|
|
6217
6489
|
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
6490
|
+
var _this = this;
|
|
6218
6491
|
return tslib.__generator(this, function (_a) {
|
|
6219
6492
|
switch (_a.label) {
|
|
6220
6493
|
case 0: return [4 /*yield*/, resetPassword(util.getModularInstance(auth), {
|
|
6221
6494
|
oobCode: oobCode,
|
|
6222
6495
|
newPassword: newPassword
|
|
6223
|
-
})
|
|
6496
|
+
})
|
|
6497
|
+
.catch(function (error) { return tslib.__awaiter(_this, void 0, void 0, function () {
|
|
6498
|
+
return tslib.__generator(this, function (_a) {
|
|
6499
|
+
if (error.code ===
|
|
6500
|
+
"auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
|
|
6501
|
+
void recachePasswordPolicy(auth);
|
|
6502
|
+
}
|
|
6503
|
+
throw error;
|
|
6504
|
+
});
|
|
6505
|
+
}); })];
|
|
6224
6506
|
case 1:
|
|
6225
6507
|
_a.sent();
|
|
6226
6508
|
return [2 /*return*/];
|
|
@@ -6376,13 +6658,16 @@ function createUserWithEmailAndPassword(auth, email, password) {
|
|
|
6376
6658
|
case 1:
|
|
6377
6659
|
requestWithRecaptcha = _a.sent();
|
|
6378
6660
|
return [2 /*return*/, signUp(authInternal, requestWithRecaptcha)];
|
|
6379
|
-
case 2:
|
|
6661
|
+
case 2: throw error;
|
|
6380
6662
|
}
|
|
6381
6663
|
});
|
|
6382
6664
|
}); });
|
|
6383
6665
|
_b.label = 3;
|
|
6384
6666
|
case 3: return [4 /*yield*/, signUpResponse.catch(function (error) {
|
|
6385
|
-
|
|
6667
|
+
if (error.code === "auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
|
|
6668
|
+
void recachePasswordPolicy(auth);
|
|
6669
|
+
}
|
|
6670
|
+
throw error;
|
|
6386
6671
|
})];
|
|
6387
6672
|
case 4:
|
|
6388
6673
|
response = _b.sent();
|
|
@@ -6414,7 +6699,15 @@ function createUserWithEmailAndPassword(auth, email, password) {
|
|
|
6414
6699
|
* @public
|
|
6415
6700
|
*/
|
|
6416
6701
|
function signInWithEmailAndPassword(auth, email, password) {
|
|
6417
|
-
|
|
6702
|
+
var _this = this;
|
|
6703
|
+
return signInWithCredential(util.getModularInstance(auth), EmailAuthProvider.credential(email, password)).catch(function (error) { return tslib.__awaiter(_this, void 0, void 0, function () {
|
|
6704
|
+
return tslib.__generator(this, function (_a) {
|
|
6705
|
+
if (error.code === "auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
|
|
6706
|
+
void recachePasswordPolicy(auth);
|
|
6707
|
+
}
|
|
6708
|
+
throw error;
|
|
6709
|
+
});
|
|
6710
|
+
}); });
|
|
6418
6711
|
}
|
|
6419
6712
|
|
|
6420
6713
|
/**
|
|
@@ -7152,8 +7445,39 @@ function setPersistence(auth, persistence) {
|
|
|
7152
7445
|
* @public
|
|
7153
7446
|
*/
|
|
7154
7447
|
function initializeRecaptchaConfig(auth) {
|
|
7155
|
-
|
|
7156
|
-
|
|
7448
|
+
return _initializeRecaptchaConfig(auth);
|
|
7449
|
+
}
|
|
7450
|
+
/**
|
|
7451
|
+
* Validates the password against the password policy configured for the project or tenant.
|
|
7452
|
+
*
|
|
7453
|
+
* @remarks
|
|
7454
|
+
* If no tenant ID is set on the `Auth` instance, then this method will use the password
|
|
7455
|
+
* policy configured for the project. Otherwise, this method will use the policy configured
|
|
7456
|
+
* for the tenant. If a password policy has not been configured, then the default policy
|
|
7457
|
+
* configured for all projects will be used.
|
|
7458
|
+
*
|
|
7459
|
+
* If an auth flow fails because a submitted password does not meet the password policy
|
|
7460
|
+
* requirements and this method has previously been called, then this method will use the
|
|
7461
|
+
* most recent policy available when called again.
|
|
7462
|
+
*
|
|
7463
|
+
* @example
|
|
7464
|
+
* ```javascript
|
|
7465
|
+
* validatePassword(auth, 'some-password');
|
|
7466
|
+
* ```
|
|
7467
|
+
*
|
|
7468
|
+
* @param auth The {@link Auth} instance.
|
|
7469
|
+
* @param password The password to validate.
|
|
7470
|
+
*
|
|
7471
|
+
* @public
|
|
7472
|
+
*/
|
|
7473
|
+
function validatePassword(auth, password) {
|
|
7474
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
7475
|
+
var authInternal;
|
|
7476
|
+
return tslib.__generator(this, function (_a) {
|
|
7477
|
+
authInternal = _castAuth(auth);
|
|
7478
|
+
return [2 /*return*/, authInternal.validatePassword(password)];
|
|
7479
|
+
});
|
|
7480
|
+
});
|
|
7157
7481
|
}
|
|
7158
7482
|
/**
|
|
7159
7483
|
* Adds an observer for changes to the signed-in user's ID token.
|
|
@@ -7575,7 +7899,7 @@ function multiFactor(user) {
|
|
|
7575
7899
|
}
|
|
7576
7900
|
|
|
7577
7901
|
var name = "@firebase/auth";
|
|
7578
|
-
var version = "1.1.0-canary.
|
|
7902
|
+
var version = "1.1.0-canary.f497a400a";
|
|
7579
7903
|
|
|
7580
7904
|
/**
|
|
7581
7905
|
* @license
|
|
@@ -9056,6 +9380,7 @@ exports.updatePassword = updatePassword;
|
|
|
9056
9380
|
exports.updatePhoneNumber = updatePhoneNumber;
|
|
9057
9381
|
exports.updateProfile = updateProfile;
|
|
9058
9382
|
exports.useDeviceLanguage = useDeviceLanguage;
|
|
9383
|
+
exports.validatePassword = validatePassword;
|
|
9059
9384
|
exports.verifyBeforeUpdateEmail = verifyBeforeUpdateEmail;
|
|
9060
9385
|
exports.verifyPasswordResetCode = verifyPasswordResetCode;
|
|
9061
|
-
//# sourceMappingURL=phone-
|
|
9386
|
+
//# sourceMappingURL=phone-87fdb2ba.js.map
|