@firebase/auth 1.1.0-canary.e201e5390 → 1.1.0-canary.f497a400a
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +28 -1
- package/dist/auth-public.d.ts +119 -0
- package/dist/auth.d.ts +179 -2
- package/dist/browser-cjs/{index-df624435.js → index-316b8221.js} +548 -274
- package/dist/browser-cjs/index-316b8221.js.map +1 -0
- package/dist/browser-cjs/index.js +3 -2
- package/dist/browser-cjs/index.js.map +1 -1
- package/dist/browser-cjs/internal.js +3 -2
- package/dist/browser-cjs/internal.js.map +1 -1
- package/dist/browser-cjs/src/api/errors.d.ts +2 -1
- package/dist/browser-cjs/src/api/index.d.ts +2 -1
- package/dist/browser-cjs/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/browser-cjs/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/browser-cjs/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/browser-cjs/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/browser-cjs/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/browser-cjs/src/core/errors.d.ts +3 -1
- package/dist/browser-cjs/src/core/index.d.ts +25 -1
- package/dist/browser-cjs/src/model/auth.d.ts +7 -2
- package/dist/browser-cjs/src/model/password_policy.d.ts +111 -0
- package/dist/browser-cjs/src/model/public_types.d.ts +88 -0
- package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/browser-cjs/src/platform_node/index.d.ts +1 -0
- package/dist/browser-cjs/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/browser-cjs/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/cordova/index.js +2 -2
- package/dist/cordova/internal.js +2 -2
- package/dist/cordova/{popup_redirect-b7da569e.js → popup_redirect-2410e07a.js} +737 -413
- package/dist/cordova/popup_redirect-2410e07a.js.map +1 -0
- package/dist/cordova/src/api/errors.d.ts +2 -1
- package/dist/cordova/src/api/index.d.ts +2 -1
- package/dist/cordova/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/cordova/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/cordova/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/cordova/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/cordova/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/cordova/src/core/errors.d.ts +3 -1
- package/dist/cordova/src/core/index.d.ts +25 -1
- package/dist/cordova/src/model/auth.d.ts +7 -2
- package/dist/cordova/src/model/password_policy.d.ts +111 -0
- package/dist/cordova/src/model/public_types.d.ts +88 -0
- package/dist/cordova/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/cordova/src/platform_node/index.d.ts +1 -0
- package/dist/cordova/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/cordova/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/esm2017/{index-e04f7451.js → index-9be3d514.js} +548 -275
- package/dist/esm2017/index-9be3d514.js.map +1 -0
- package/dist/esm2017/index.js +2 -2
- package/dist/esm2017/internal.js +3 -3
- package/dist/esm2017/src/api/errors.d.ts +2 -1
- package/dist/esm2017/src/api/index.d.ts +2 -1
- package/dist/esm2017/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/esm2017/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/esm2017/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/esm2017/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/esm2017/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/esm2017/src/core/errors.d.ts +3 -1
- package/dist/esm2017/src/core/index.d.ts +25 -1
- package/dist/esm2017/src/model/auth.d.ts +7 -2
- package/dist/esm2017/src/model/password_policy.d.ts +111 -0
- package/dist/esm2017/src/model/public_types.d.ts +88 -0
- package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/esm2017/src/platform_node/index.d.ts +1 -0
- package/dist/esm2017/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/esm2017/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/esm5/{index-8ca3adc5.js → index-4ab2fcdf.js} +737 -413
- package/dist/esm5/index-4ab2fcdf.js.map +1 -0
- package/dist/esm5/index.js +1 -1
- package/dist/esm5/internal.js +2 -2
- package/dist/esm5/src/api/errors.d.ts +2 -1
- package/dist/esm5/src/api/index.d.ts +2 -1
- package/dist/esm5/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/esm5/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/esm5/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/esm5/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/esm5/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/esm5/src/core/errors.d.ts +3 -1
- package/dist/esm5/src/core/index.d.ts +25 -1
- package/dist/esm5/src/model/auth.d.ts +7 -2
- package/dist/esm5/src/model/password_policy.d.ts +111 -0
- package/dist/esm5/src/model/public_types.d.ts +88 -0
- package/dist/esm5/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/esm5/src/platform_node/index.d.ts +1 -0
- package/dist/esm5/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/esm5/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/index.webworker.esm5.js +811 -487
- package/dist/index.webworker.esm5.js.map +1 -1
- package/dist/node/index.js +2 -1
- package/dist/node/index.js.map +1 -1
- package/dist/node/internal.js +2 -1
- package/dist/node/internal.js.map +1 -1
- package/dist/node/src/api/errors.d.ts +2 -1
- package/dist/node/src/api/index.d.ts +2 -1
- package/dist/node/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/node/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/node/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/node/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/node/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/node/src/core/errors.d.ts +3 -1
- package/dist/node/src/core/index.d.ts +25 -1
- package/dist/node/src/model/auth.d.ts +7 -2
- package/dist/node/src/model/password_policy.d.ts +111 -0
- package/dist/node/src/model/public_types.d.ts +88 -0
- package/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/node/src/platform_node/index.d.ts +1 -0
- package/dist/node/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/node/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/node/{totp-1af99381.js → totp-4cc8bac4.js} +700 -375
- package/dist/node/totp-4cc8bac4.js.map +1 -0
- package/dist/node-esm/index.js +1 -1
- package/dist/node-esm/internal.js +2 -2
- package/dist/node-esm/src/api/errors.d.ts +2 -1
- package/dist/node-esm/src/api/index.d.ts +2 -1
- package/dist/node-esm/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/node-esm/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/node-esm/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/node-esm/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/node-esm/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/node-esm/src/core/errors.d.ts +3 -1
- package/dist/node-esm/src/core/index.d.ts +25 -1
- package/dist/node-esm/src/model/auth.d.ts +7 -2
- package/dist/node-esm/src/model/password_policy.d.ts +111 -0
- package/dist/node-esm/src/model/public_types.d.ts +88 -0
- package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/node-esm/src/platform_node/index.d.ts +1 -0
- package/dist/node-esm/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/node-esm/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/node-esm/{totp-7de24448.js → totp-79809646.js} +540 -267
- package/dist/node-esm/totp-79809646.js.map +1 -0
- package/dist/rn/index.js +2 -1
- package/dist/rn/index.js.map +1 -1
- package/dist/rn/internal.js +2 -1
- package/dist/rn/internal.js.map +1 -1
- package/dist/rn/{phone-a11d12b4.js → phone-87fdb2ba.js} +717 -392
- package/dist/rn/phone-87fdb2ba.js.map +1 -0
- package/dist/rn/src/api/errors.d.ts +2 -1
- package/dist/rn/src/api/index.d.ts +2 -1
- package/dist/rn/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/rn/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/rn/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/rn/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/rn/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/rn/src/core/errors.d.ts +3 -1
- package/dist/rn/src/core/index.d.ts +25 -1
- package/dist/rn/src/model/auth.d.ts +7 -2
- package/dist/rn/src/model/password_policy.d.ts +111 -0
- package/dist/rn/src/model/public_types.d.ts +88 -0
- package/dist/rn/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/rn/src/platform_node/index.d.ts +1 -0
- package/dist/rn/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/rn/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/src/api/errors.d.ts +2 -1
- package/dist/src/api/index.d.ts +2 -1
- package/dist/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/src/core/errors.d.ts +3 -1
- package/dist/src/core/index.d.ts +25 -1
- package/dist/src/model/auth.d.ts +7 -2
- package/dist/src/model/password_policy.d.ts +111 -0
- package/dist/src/model/public_types.d.ts +88 -0
- package/dist/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/src/platform_node/index.d.ts +1 -0
- package/dist/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/test/integration/flows/password_policy.test.d.ts +17 -0
- package/package.json +6 -6
- package/dist/browser-cjs/index-df624435.js.map +0 -1
- package/dist/cordova/popup_redirect-b7da569e.js.map +0 -1
- package/dist/esm2017/index-e04f7451.js.map +0 -1
- package/dist/esm5/index-8ca3adc5.js.map +0 -1
- package/dist/node/totp-1af99381.js.map +0 -1
- package/dist/node-esm/totp-7de24448.js.map +0 -1
- package/dist/rn/phone-a11d12b4.js.map +0 -1
|
@@ -103,6 +103,53 @@ var ActionCodeOperation = {
|
|
|
103
103
|
VERIFY_EMAIL: 'VERIFY_EMAIL'
|
|
104
104
|
};
|
|
105
105
|
|
|
106
|
+
/**
|
|
107
|
+
* @license
|
|
108
|
+
* Copyright 2020 Google LLC
|
|
109
|
+
*
|
|
110
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
111
|
+
* you may not use this file except in compliance with the License.
|
|
112
|
+
* You may obtain a copy of the License at
|
|
113
|
+
*
|
|
114
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
115
|
+
*
|
|
116
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
117
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
118
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
119
|
+
* See the License for the specific language governing permissions and
|
|
120
|
+
* limitations under the License.
|
|
121
|
+
*/
|
|
122
|
+
function isV2(grecaptcha) {
|
|
123
|
+
return (grecaptcha !== undefined &&
|
|
124
|
+
grecaptcha.getResponse !== undefined);
|
|
125
|
+
}
|
|
126
|
+
function isEnterprise(grecaptcha) {
|
|
127
|
+
return (grecaptcha !== undefined &&
|
|
128
|
+
grecaptcha.enterprise !== undefined);
|
|
129
|
+
}
|
|
130
|
+
var RecaptchaConfig = /** @class */ (function () {
|
|
131
|
+
function RecaptchaConfig(response) {
|
|
132
|
+
/**
|
|
133
|
+
* The reCAPTCHA site key.
|
|
134
|
+
*/
|
|
135
|
+
this.siteKey = '';
|
|
136
|
+
/**
|
|
137
|
+
* The reCAPTCHA enablement status of the {@link EmailAuthProvider} for the current tenant.
|
|
138
|
+
*/
|
|
139
|
+
this.emailPasswordEnabled = false;
|
|
140
|
+
if (response.recaptchaKey === undefined) {
|
|
141
|
+
throw new Error('recaptchaKey undefined');
|
|
142
|
+
}
|
|
143
|
+
// Example response.recaptchaKey: "projects/proj123/keys/sitekey123"
|
|
144
|
+
this.siteKey = response.recaptchaKey.split('/')[3];
|
|
145
|
+
this.emailPasswordEnabled = response.recaptchaEnforcementState.some(function (enforcementState) {
|
|
146
|
+
return enforcementState.provider === 'EMAIL_PASSWORD_PROVIDER' &&
|
|
147
|
+
enforcementState.enforcementState !== 'OFF';
|
|
148
|
+
});
|
|
149
|
+
}
|
|
150
|
+
return RecaptchaConfig;
|
|
151
|
+
}());
|
|
152
|
+
|
|
106
153
|
/**
|
|
107
154
|
* @license
|
|
108
155
|
* Copyright 2020 Google LLC
|
|
@@ -275,6 +322,8 @@ function _debugErrorMap() {
|
|
|
275
322
|
_a["missing-recaptcha-version" /* AuthErrorCode.MISSING_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is missing when sending request to the backend.',
|
|
276
323
|
_a["invalid-req-type" /* AuthErrorCode.INVALID_REQ_TYPE */] = 'Invalid request parameters.',
|
|
277
324
|
_a["invalid-recaptcha-version" /* AuthErrorCode.INVALID_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is invalid when sending request to the backend.',
|
|
325
|
+
_a["unsupported-password-policy-schema-version" /* AuthErrorCode.UNSUPPORTED_PASSWORD_POLICY_SCHEMA_VERSION */] = 'The password policy received from the backend uses a schema version that is not supported by this version of the Firebase SDK.',
|
|
326
|
+
_a["password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */] = 'The password does not meet the requirements.',
|
|
278
327
|
_a;
|
|
279
328
|
}
|
|
280
329
|
function _prodErrorMap() {
|
|
@@ -820,6 +869,7 @@ var SERVER_ERROR_MAP = (_a$1 = {},
|
|
|
820
869
|
_a$1["USER_NOT_FOUND" /* ServerError.USER_NOT_FOUND */] = "user-token-expired" /* AuthErrorCode.TOKEN_EXPIRED */,
|
|
821
870
|
// Other errors.
|
|
822
871
|
_a$1["TOO_MANY_ATTEMPTS_TRY_LATER" /* ServerError.TOO_MANY_ATTEMPTS_TRY_LATER */] = "too-many-requests" /* AuthErrorCode.TOO_MANY_ATTEMPTS_TRY_LATER */,
|
|
872
|
+
_a$1["PASSWORD_DOES_NOT_MEET_REQUIREMENTS" /* ServerError.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */] = "password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */,
|
|
823
873
|
// Phone Auth related errors.
|
|
824
874
|
_a$1["INVALID_CODE" /* ServerError.INVALID_CODE */] = "invalid-verification-code" /* AuthErrorCode.INVALID_CODE */,
|
|
825
875
|
_a$1["INVALID_SESSION_INFO" /* ServerError.INVALID_SESSION_INFO */] = "invalid-verification-id" /* AuthErrorCode.INVALID_SESSION_INFO */,
|
|
@@ -1045,6 +1095,40 @@ function _makeTaggedError(auth, code, response) {
|
|
|
1045
1095
|
return error;
|
|
1046
1096
|
}
|
|
1047
1097
|
|
|
1098
|
+
/**
|
|
1099
|
+
* @license
|
|
1100
|
+
* Copyright 2020 Google LLC
|
|
1101
|
+
*
|
|
1102
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
1103
|
+
* you may not use this file except in compliance with the License.
|
|
1104
|
+
* You may obtain a copy of the License at
|
|
1105
|
+
*
|
|
1106
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
1107
|
+
*
|
|
1108
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
1109
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
1110
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
1111
|
+
* See the License for the specific language governing permissions and
|
|
1112
|
+
* limitations under the License.
|
|
1113
|
+
*/
|
|
1114
|
+
function getRecaptchaParams(auth) {
|
|
1115
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
1116
|
+
return __generator(this, function (_a) {
|
|
1117
|
+
switch (_a.label) {
|
|
1118
|
+
case 0: return [4 /*yield*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v1/recaptchaParams" /* Endpoint.GET_RECAPTCHA_PARAM */)];
|
|
1119
|
+
case 1: return [2 /*return*/, ((_a.sent()).recaptchaSiteKey || '')];
|
|
1120
|
+
}
|
|
1121
|
+
});
|
|
1122
|
+
});
|
|
1123
|
+
}
|
|
1124
|
+
function getRecaptchaConfig(auth, request) {
|
|
1125
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
1126
|
+
return __generator(this, function (_a) {
|
|
1127
|
+
return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/recaptchaConfig" /* Endpoint.GET_RECAPTCHA_CONFIG */, _addTidIfNecessary(auth, request))];
|
|
1128
|
+
});
|
|
1129
|
+
});
|
|
1130
|
+
}
|
|
1131
|
+
|
|
1048
1132
|
/**
|
|
1049
1133
|
* @license
|
|
1050
1134
|
* Copyright 2020 Google LLC
|
|
@@ -2443,7 +2527,7 @@ function _getClientVersion(clientPlatform, frameworks) {
|
|
|
2443
2527
|
|
|
2444
2528
|
/**
|
|
2445
2529
|
* @license
|
|
2446
|
-
* Copyright
|
|
2530
|
+
* Copyright 2022 Google LLC
|
|
2447
2531
|
*
|
|
2448
2532
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2449
2533
|
* you may not use this file except in compliance with the License.
|
|
@@ -2457,27 +2541,129 @@ function _getClientVersion(clientPlatform, frameworks) {
|
|
|
2457
2541
|
* See the License for the specific language governing permissions and
|
|
2458
2542
|
* limitations under the License.
|
|
2459
2543
|
*/
|
|
2460
|
-
function
|
|
2461
|
-
|
|
2462
|
-
|
|
2463
|
-
|
|
2464
|
-
|
|
2465
|
-
|
|
2466
|
-
|
|
2544
|
+
var AuthMiddlewareQueue = /** @class */ (function () {
|
|
2545
|
+
function AuthMiddlewareQueue(auth) {
|
|
2546
|
+
this.auth = auth;
|
|
2547
|
+
this.queue = [];
|
|
2548
|
+
}
|
|
2549
|
+
AuthMiddlewareQueue.prototype.pushCallback = function (callback, onAbort) {
|
|
2550
|
+
var _this = this;
|
|
2551
|
+
// The callback could be sync or async. Wrap it into a
|
|
2552
|
+
// function that is always async.
|
|
2553
|
+
var wrappedCallback = function (user) {
|
|
2554
|
+
return new Promise(function (resolve, reject) {
|
|
2555
|
+
try {
|
|
2556
|
+
var result = callback(user);
|
|
2557
|
+
// Either resolve with existing promise or wrap a non-promise
|
|
2558
|
+
// return value into a promise.
|
|
2559
|
+
resolve(result);
|
|
2560
|
+
}
|
|
2561
|
+
catch (e) {
|
|
2562
|
+
// Sync callback throws.
|
|
2563
|
+
reject(e);
|
|
2564
|
+
}
|
|
2565
|
+
});
|
|
2566
|
+
};
|
|
2567
|
+
// Attach the onAbort if present
|
|
2568
|
+
wrappedCallback.onAbort = onAbort;
|
|
2569
|
+
this.queue.push(wrappedCallback);
|
|
2570
|
+
var index = this.queue.length - 1;
|
|
2571
|
+
return function () {
|
|
2572
|
+
// Unsubscribe. Replace with no-op. Do not remove from array, or it will disturb
|
|
2573
|
+
// indexing of other elements.
|
|
2574
|
+
_this.queue[index] = function () { return Promise.resolve(); };
|
|
2575
|
+
};
|
|
2576
|
+
};
|
|
2577
|
+
AuthMiddlewareQueue.prototype.runMiddleware = function (nextUser) {
|
|
2578
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
2579
|
+
var onAbortStack, _i, _a, beforeStateCallback, e_1, _b, onAbortStack_1, onAbort;
|
|
2580
|
+
return __generator(this, function (_c) {
|
|
2581
|
+
switch (_c.label) {
|
|
2582
|
+
case 0:
|
|
2583
|
+
if (this.auth.currentUser === nextUser) {
|
|
2584
|
+
return [2 /*return*/];
|
|
2585
|
+
}
|
|
2586
|
+
onAbortStack = [];
|
|
2587
|
+
_c.label = 1;
|
|
2588
|
+
case 1:
|
|
2589
|
+
_c.trys.push([1, 6, , 7]);
|
|
2590
|
+
_i = 0, _a = this.queue;
|
|
2591
|
+
_c.label = 2;
|
|
2592
|
+
case 2:
|
|
2593
|
+
if (!(_i < _a.length)) return [3 /*break*/, 5];
|
|
2594
|
+
beforeStateCallback = _a[_i];
|
|
2595
|
+
return [4 /*yield*/, beforeStateCallback(nextUser)];
|
|
2596
|
+
case 3:
|
|
2597
|
+
_c.sent();
|
|
2598
|
+
// Only push the onAbort if the callback succeeds
|
|
2599
|
+
if (beforeStateCallback.onAbort) {
|
|
2600
|
+
onAbortStack.push(beforeStateCallback.onAbort);
|
|
2601
|
+
}
|
|
2602
|
+
_c.label = 4;
|
|
2603
|
+
case 4:
|
|
2604
|
+
_i++;
|
|
2605
|
+
return [3 /*break*/, 2];
|
|
2606
|
+
case 5: return [3 /*break*/, 7];
|
|
2607
|
+
case 6:
|
|
2608
|
+
e_1 = _c.sent();
|
|
2609
|
+
// Run all onAbort, with separate try/catch to ignore any errors and
|
|
2610
|
+
// continue
|
|
2611
|
+
onAbortStack.reverse();
|
|
2612
|
+
for (_b = 0, onAbortStack_1 = onAbortStack; _b < onAbortStack_1.length; _b++) {
|
|
2613
|
+
onAbort = onAbortStack_1[_b];
|
|
2614
|
+
try {
|
|
2615
|
+
onAbort();
|
|
2616
|
+
}
|
|
2617
|
+
catch (_) {
|
|
2618
|
+
/* swallow error */
|
|
2619
|
+
}
|
|
2620
|
+
}
|
|
2621
|
+
throw this.auth._errorFactory.create("login-blocked" /* AuthErrorCode.LOGIN_BLOCKED */, {
|
|
2622
|
+
originalMessage: e_1 === null || e_1 === void 0 ? void 0 : e_1.message
|
|
2623
|
+
});
|
|
2624
|
+
case 7: return [2 /*return*/];
|
|
2625
|
+
}
|
|
2626
|
+
});
|
|
2467
2627
|
});
|
|
2468
|
-
}
|
|
2469
|
-
|
|
2470
|
-
|
|
2628
|
+
};
|
|
2629
|
+
return AuthMiddlewareQueue;
|
|
2630
|
+
}());
|
|
2631
|
+
|
|
2632
|
+
/**
|
|
2633
|
+
* @license
|
|
2634
|
+
* Copyright 2023 Google LLC
|
|
2635
|
+
*
|
|
2636
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2637
|
+
* you may not use this file except in compliance with the License.
|
|
2638
|
+
* You may obtain a copy of the License at
|
|
2639
|
+
*
|
|
2640
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
2641
|
+
*
|
|
2642
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
2643
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
2644
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
2645
|
+
* See the License for the specific language governing permissions and
|
|
2646
|
+
* limitations under the License.
|
|
2647
|
+
*/
|
|
2648
|
+
/**
|
|
2649
|
+
* Fetches the password policy for the currently set tenant or the project if no tenant is set.
|
|
2650
|
+
*
|
|
2651
|
+
* @param auth Auth object.
|
|
2652
|
+
* @param request Password policy request.
|
|
2653
|
+
* @returns Password policy response.
|
|
2654
|
+
*/
|
|
2655
|
+
function _getPasswordPolicy(auth, request) {
|
|
2656
|
+
if (request === void 0) { request = {}; }
|
|
2471
2657
|
return __awaiter(this, void 0, void 0, function () {
|
|
2472
2658
|
return __generator(this, function (_a) {
|
|
2473
|
-
return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/
|
|
2659
|
+
return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/passwordPolicy" /* Endpoint.GET_PASSWORD_POLICY */, _addTidIfNecessary(auth, request))];
|
|
2474
2660
|
});
|
|
2475
2661
|
});
|
|
2476
2662
|
}
|
|
2477
2663
|
|
|
2478
2664
|
/**
|
|
2479
2665
|
* @license
|
|
2480
|
-
* Copyright
|
|
2666
|
+
* Copyright 2023 Google LLC
|
|
2481
2667
|
*
|
|
2482
2668
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2483
2669
|
* you may not use this file except in compliance with the License.
|
|
@@ -2491,336 +2677,138 @@ function getRecaptchaConfig(auth, request) {
|
|
|
2491
2677
|
* See the License for the specific language governing permissions and
|
|
2492
2678
|
* limitations under the License.
|
|
2493
2679
|
*/
|
|
2494
|
-
|
|
2495
|
-
|
|
2496
|
-
|
|
2497
|
-
|
|
2498
|
-
|
|
2499
|
-
|
|
2500
|
-
|
|
2501
|
-
|
|
2502
|
-
|
|
2503
|
-
|
|
2504
|
-
|
|
2505
|
-
|
|
2506
|
-
|
|
2507
|
-
|
|
2508
|
-
|
|
2509
|
-
|
|
2510
|
-
|
|
2511
|
-
|
|
2512
|
-
|
|
2513
|
-
|
|
2680
|
+
// Minimum min password length enforced by the backend, even if no minimum length is set.
|
|
2681
|
+
var MINIMUM_MIN_PASSWORD_LENGTH = 6;
|
|
2682
|
+
/**
|
|
2683
|
+
* Stores password policy requirements and provides password validation against the policy.
|
|
2684
|
+
*
|
|
2685
|
+
* @internal
|
|
2686
|
+
*/
|
|
2687
|
+
var PasswordPolicyImpl = /** @class */ (function () {
|
|
2688
|
+
function PasswordPolicyImpl(response) {
|
|
2689
|
+
var _a, _b, _c, _d;
|
|
2690
|
+
// Only include custom strength options defined in the response.
|
|
2691
|
+
var responseOptions = response.customStrengthOptions;
|
|
2692
|
+
this.customStrengthOptions = {};
|
|
2693
|
+
// TODO: Remove once the backend is updated to include the minimum min password length instead of undefined when there is no minimum length set.
|
|
2694
|
+
this.customStrengthOptions.minPasswordLength =
|
|
2695
|
+
(_a = responseOptions.minPasswordLength) !== null && _a !== void 0 ? _a : MINIMUM_MIN_PASSWORD_LENGTH;
|
|
2696
|
+
if (responseOptions.maxPasswordLength) {
|
|
2697
|
+
this.customStrengthOptions.maxPasswordLength =
|
|
2698
|
+
responseOptions.maxPasswordLength;
|
|
2699
|
+
}
|
|
2700
|
+
if (responseOptions.containsLowercaseCharacter !== undefined) {
|
|
2701
|
+
this.customStrengthOptions.containsLowercaseLetter =
|
|
2702
|
+
responseOptions.containsLowercaseCharacter;
|
|
2703
|
+
}
|
|
2704
|
+
if (responseOptions.containsUppercaseCharacter !== undefined) {
|
|
2705
|
+
this.customStrengthOptions.containsUppercaseLetter =
|
|
2706
|
+
responseOptions.containsUppercaseCharacter;
|
|
2707
|
+
}
|
|
2708
|
+
if (responseOptions.containsNumericCharacter !== undefined) {
|
|
2709
|
+
this.customStrengthOptions.containsNumericCharacter =
|
|
2710
|
+
responseOptions.containsNumericCharacter;
|
|
2711
|
+
}
|
|
2712
|
+
if (responseOptions.containsNonAlphanumericCharacter !== undefined) {
|
|
2713
|
+
this.customStrengthOptions.containsNonAlphanumericCharacter =
|
|
2714
|
+
responseOptions.containsNonAlphanumericCharacter;
|
|
2715
|
+
}
|
|
2716
|
+
this.enforcementState = response.enforcementState;
|
|
2717
|
+
if (this.enforcementState === 'ENFORCEMENT_STATE_UNSPECIFIED') {
|
|
2718
|
+
this.enforcementState = 'OFF';
|
|
2719
|
+
}
|
|
2720
|
+
// Use an empty string if no non-alphanumeric characters are specified in the response.
|
|
2721
|
+
this.allowedNonAlphanumericCharacters =
|
|
2722
|
+
(_c = (_b = response.allowedNonAlphanumericCharacters) === null || _b === void 0 ? void 0 : _b.join('')) !== null && _c !== void 0 ? _c : '';
|
|
2723
|
+
this.forceUpgradeOnSignin = (_d = response.forceUpgradeOnSignin) !== null && _d !== void 0 ? _d : false;
|
|
2724
|
+
this.schemaVersion = response.schemaVersion;
|
|
2725
|
+
}
|
|
2726
|
+
PasswordPolicyImpl.prototype.validatePassword = function (password) {
|
|
2727
|
+
var _a, _b, _c, _d, _e, _f;
|
|
2728
|
+
var status = {
|
|
2729
|
+
isValid: true,
|
|
2730
|
+
passwordPolicy: this
|
|
2731
|
+
};
|
|
2732
|
+
// Check the password length and character options.
|
|
2733
|
+
this.validatePasswordLengthOptions(password, status);
|
|
2734
|
+
this.validatePasswordCharacterOptions(password, status);
|
|
2735
|
+
// Combine the status into single isValid property.
|
|
2736
|
+
status.isValid && (status.isValid = (_a = status.meetsMinPasswordLength) !== null && _a !== void 0 ? _a : true);
|
|
2737
|
+
status.isValid && (status.isValid = (_b = status.meetsMaxPasswordLength) !== null && _b !== void 0 ? _b : true);
|
|
2738
|
+
status.isValid && (status.isValid = (_c = status.containsLowercaseLetter) !== null && _c !== void 0 ? _c : true);
|
|
2739
|
+
status.isValid && (status.isValid = (_d = status.containsUppercaseLetter) !== null && _d !== void 0 ? _d : true);
|
|
2740
|
+
status.isValid && (status.isValid = (_e = status.containsNumericCharacter) !== null && _e !== void 0 ? _e : true);
|
|
2741
|
+
status.isValid && (status.isValid = (_f = status.containsNonAlphanumericCharacter) !== null && _f !== void 0 ? _f : true);
|
|
2742
|
+
return status;
|
|
2743
|
+
};
|
|
2744
|
+
/**
|
|
2745
|
+
* Validates that the password meets the length options for the policy.
|
|
2746
|
+
*
|
|
2747
|
+
* @param password Password to validate.
|
|
2748
|
+
* @param status Validation status.
|
|
2749
|
+
*/
|
|
2750
|
+
PasswordPolicyImpl.prototype.validatePasswordLengthOptions = function (password, status) {
|
|
2751
|
+
var minPasswordLength = this.customStrengthOptions.minPasswordLength;
|
|
2752
|
+
var maxPasswordLength = this.customStrengthOptions.maxPasswordLength;
|
|
2753
|
+
if (minPasswordLength) {
|
|
2754
|
+
status.meetsMinPasswordLength = password.length >= minPasswordLength;
|
|
2514
2755
|
}
|
|
2515
|
-
|
|
2516
|
-
|
|
2517
|
-
|
|
2518
|
-
|
|
2519
|
-
|
|
2520
|
-
|
|
2521
|
-
|
|
2522
|
-
|
|
2523
|
-
|
|
2524
|
-
|
|
2525
|
-
|
|
2526
|
-
|
|
2527
|
-
|
|
2528
|
-
|
|
2529
|
-
|
|
2530
|
-
|
|
2531
|
-
|
|
2532
|
-
|
|
2533
|
-
|
|
2534
|
-
|
|
2535
|
-
|
|
2536
|
-
|
|
2537
|
-
|
|
2538
|
-
|
|
2539
|
-
|
|
2540
|
-
*/
|
|
2541
|
-
|
|
2542
|
-
|
|
2543
|
-
|
|
2544
|
-
}
|
|
2545
|
-
|
|
2546
|
-
|
|
2547
|
-
|
|
2548
|
-
|
|
2549
|
-
|
|
2550
|
-
|
|
2551
|
-
|
|
2552
|
-
|
|
2553
|
-
|
|
2554
|
-
|
|
2555
|
-
|
|
2556
|
-
|
|
2557
|
-
|
|
2558
|
-
|
|
2559
|
-
|
|
2560
|
-
|
|
2561
|
-
|
|
2562
|
-
|
|
2563
|
-
|
|
2564
|
-
|
|
2565
|
-
|
|
2566
|
-
|
|
2567
|
-
|
|
2568
|
-
|
|
2569
|
-
|
|
2570
|
-
|
|
2571
|
-
*
|
|
2572
|
-
* @param authExtern - The corresponding Firebase {@link Auth} instance.
|
|
2573
|
-
*
|
|
2574
|
-
*/
|
|
2575
|
-
function RecaptchaEnterpriseVerifier(authExtern) {
|
|
2576
|
-
/**
|
|
2577
|
-
* Identifies the type of application verifier (e.g. "recaptcha-enterprise").
|
|
2578
|
-
*/
|
|
2579
|
-
this.type = RECAPTCHA_ENTERPRISE_VERIFIER_TYPE;
|
|
2580
|
-
this.auth = _castAuth(authExtern);
|
|
2581
|
-
}
|
|
2582
|
-
/**
|
|
2583
|
-
* Executes the verification process.
|
|
2584
|
-
*
|
|
2585
|
-
* @returns A Promise for a token that can be used to assert the validity of a request.
|
|
2586
|
-
*/
|
|
2587
|
-
RecaptchaEnterpriseVerifier.prototype.verify = function (action, forceRefresh) {
|
|
2588
|
-
if (action === void 0) { action = 'verify'; }
|
|
2589
|
-
if (forceRefresh === void 0) { forceRefresh = false; }
|
|
2590
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
2591
|
-
function retrieveSiteKey(auth) {
|
|
2592
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
2593
|
-
var _this = this;
|
|
2594
|
-
return __generator(this, function (_a) {
|
|
2595
|
-
if (!forceRefresh) {
|
|
2596
|
-
if (auth.tenantId == null && auth._agentRecaptchaConfig != null) {
|
|
2597
|
-
return [2 /*return*/, auth._agentRecaptchaConfig.siteKey];
|
|
2598
|
-
}
|
|
2599
|
-
if (auth.tenantId != null &&
|
|
2600
|
-
auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined) {
|
|
2601
|
-
return [2 /*return*/, auth._tenantRecaptchaConfigs[auth.tenantId].siteKey];
|
|
2602
|
-
}
|
|
2603
|
-
}
|
|
2604
|
-
return [2 /*return*/, new Promise(function (resolve, reject) { return __awaiter(_this, void 0, void 0, function () {
|
|
2605
|
-
return __generator(this, function (_a) {
|
|
2606
|
-
getRecaptchaConfig(auth, {
|
|
2607
|
-
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
|
|
2608
|
-
version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
2609
|
-
})
|
|
2610
|
-
.then(function (response) {
|
|
2611
|
-
if (response.recaptchaKey === undefined) {
|
|
2612
|
-
reject(new Error('recaptcha Enterprise site key undefined'));
|
|
2613
|
-
}
|
|
2614
|
-
else {
|
|
2615
|
-
var config = new RecaptchaConfig(response);
|
|
2616
|
-
if (auth.tenantId == null) {
|
|
2617
|
-
auth._agentRecaptchaConfig = config;
|
|
2618
|
-
}
|
|
2619
|
-
else {
|
|
2620
|
-
auth._tenantRecaptchaConfigs[auth.tenantId] = config;
|
|
2621
|
-
}
|
|
2622
|
-
return resolve(config.siteKey);
|
|
2623
|
-
}
|
|
2624
|
-
})
|
|
2625
|
-
.catch(function (error) {
|
|
2626
|
-
reject(error);
|
|
2627
|
-
});
|
|
2628
|
-
return [2 /*return*/];
|
|
2629
|
-
});
|
|
2630
|
-
}); })];
|
|
2631
|
-
});
|
|
2632
|
-
});
|
|
2633
|
-
}
|
|
2634
|
-
function retrieveRecaptchaToken(siteKey, resolve, reject) {
|
|
2635
|
-
var grecaptcha = window.grecaptcha;
|
|
2636
|
-
if (isEnterprise(grecaptcha)) {
|
|
2637
|
-
grecaptcha.enterprise.ready(function () {
|
|
2638
|
-
grecaptcha.enterprise
|
|
2639
|
-
.execute(siteKey, { action: action })
|
|
2640
|
-
.then(function (token) {
|
|
2641
|
-
resolve(token);
|
|
2642
|
-
})
|
|
2643
|
-
.catch(function () {
|
|
2644
|
-
resolve(FAKE_TOKEN);
|
|
2645
|
-
});
|
|
2646
|
-
});
|
|
2647
|
-
}
|
|
2648
|
-
else {
|
|
2649
|
-
reject(Error('No reCAPTCHA enterprise script loaded.'));
|
|
2650
|
-
}
|
|
2651
|
-
}
|
|
2652
|
-
var _this = this;
|
|
2653
|
-
return __generator(this, function (_a) {
|
|
2654
|
-
return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
2655
|
-
retrieveSiteKey(_this.auth)
|
|
2656
|
-
.then(function (siteKey) {
|
|
2657
|
-
if (!forceRefresh && isEnterprise(window.grecaptcha)) {
|
|
2658
|
-
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
2659
|
-
}
|
|
2660
|
-
else {
|
|
2661
|
-
if (typeof window === 'undefined') {
|
|
2662
|
-
reject(new Error('RecaptchaVerifier is only supported in browser'));
|
|
2663
|
-
return;
|
|
2664
|
-
}
|
|
2665
|
-
_loadJS(RECAPTCHA_ENTERPRISE_URL + siteKey)
|
|
2666
|
-
.then(function () {
|
|
2667
|
-
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
2668
|
-
})
|
|
2669
|
-
.catch(function (error) {
|
|
2670
|
-
reject(error);
|
|
2671
|
-
});
|
|
2672
|
-
}
|
|
2673
|
-
})
|
|
2674
|
-
.catch(function (error) {
|
|
2675
|
-
reject(error);
|
|
2676
|
-
});
|
|
2677
|
-
})];
|
|
2678
|
-
});
|
|
2679
|
-
});
|
|
2680
|
-
};
|
|
2681
|
-
return RecaptchaEnterpriseVerifier;
|
|
2682
|
-
}());
|
|
2683
|
-
function injectRecaptchaFields(auth, request, action, captchaResp) {
|
|
2684
|
-
if (captchaResp === void 0) { captchaResp = false; }
|
|
2685
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
2686
|
-
var verifier, captchaResponse, newRequest;
|
|
2687
|
-
return __generator(this, function (_a) {
|
|
2688
|
-
switch (_a.label) {
|
|
2689
|
-
case 0:
|
|
2690
|
-
verifier = new RecaptchaEnterpriseVerifier(auth);
|
|
2691
|
-
_a.label = 1;
|
|
2692
|
-
case 1:
|
|
2693
|
-
_a.trys.push([1, 3, , 5]);
|
|
2694
|
-
return [4 /*yield*/, verifier.verify(action)];
|
|
2695
|
-
case 2:
|
|
2696
|
-
captchaResponse = _a.sent();
|
|
2697
|
-
return [3 /*break*/, 5];
|
|
2698
|
-
case 3:
|
|
2699
|
-
_a.sent();
|
|
2700
|
-
return [4 /*yield*/, verifier.verify(action, true)];
|
|
2701
|
-
case 4:
|
|
2702
|
-
captchaResponse = _a.sent();
|
|
2703
|
-
return [3 /*break*/, 5];
|
|
2704
|
-
case 5:
|
|
2705
|
-
newRequest = __assign({}, request);
|
|
2706
|
-
if (!captchaResp) {
|
|
2707
|
-
Object.assign(newRequest, { captchaResponse: captchaResponse });
|
|
2708
|
-
}
|
|
2709
|
-
else {
|
|
2710
|
-
Object.assign(newRequest, { 'captchaResp': captchaResponse });
|
|
2711
|
-
}
|
|
2712
|
-
Object.assign(newRequest, { 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ });
|
|
2713
|
-
Object.assign(newRequest, {
|
|
2714
|
-
'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
2715
|
-
});
|
|
2716
|
-
return [2 /*return*/, newRequest];
|
|
2717
|
-
}
|
|
2718
|
-
});
|
|
2719
|
-
});
|
|
2720
|
-
}
|
|
2721
|
-
|
|
2722
|
-
/**
|
|
2723
|
-
* @license
|
|
2724
|
-
* Copyright 2022 Google LLC
|
|
2725
|
-
*
|
|
2726
|
-
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2727
|
-
* you may not use this file except in compliance with the License.
|
|
2728
|
-
* You may obtain a copy of the License at
|
|
2729
|
-
*
|
|
2730
|
-
* http://www.apache.org/licenses/LICENSE-2.0
|
|
2731
|
-
*
|
|
2732
|
-
* Unless required by applicable law or agreed to in writing, software
|
|
2733
|
-
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
2734
|
-
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
2735
|
-
* See the License for the specific language governing permissions and
|
|
2736
|
-
* limitations under the License.
|
|
2737
|
-
*/
|
|
2738
|
-
var AuthMiddlewareQueue = /** @class */ (function () {
|
|
2739
|
-
function AuthMiddlewareQueue(auth) {
|
|
2740
|
-
this.auth = auth;
|
|
2741
|
-
this.queue = [];
|
|
2742
|
-
}
|
|
2743
|
-
AuthMiddlewareQueue.prototype.pushCallback = function (callback, onAbort) {
|
|
2744
|
-
var _this = this;
|
|
2745
|
-
// The callback could be sync or async. Wrap it into a
|
|
2746
|
-
// function that is always async.
|
|
2747
|
-
var wrappedCallback = function (user) {
|
|
2748
|
-
return new Promise(function (resolve, reject) {
|
|
2749
|
-
try {
|
|
2750
|
-
var result = callback(user);
|
|
2751
|
-
// Either resolve with existing promise or wrap a non-promise
|
|
2752
|
-
// return value into a promise.
|
|
2753
|
-
resolve(result);
|
|
2754
|
-
}
|
|
2755
|
-
catch (e) {
|
|
2756
|
-
// Sync callback throws.
|
|
2757
|
-
reject(e);
|
|
2758
|
-
}
|
|
2759
|
-
});
|
|
2760
|
-
};
|
|
2761
|
-
// Attach the onAbort if present
|
|
2762
|
-
wrappedCallback.onAbort = onAbort;
|
|
2763
|
-
this.queue.push(wrappedCallback);
|
|
2764
|
-
var index = this.queue.length - 1;
|
|
2765
|
-
return function () {
|
|
2766
|
-
// Unsubscribe. Replace with no-op. Do not remove from array, or it will disturb
|
|
2767
|
-
// indexing of other elements.
|
|
2768
|
-
_this.queue[index] = function () { return Promise.resolve(); };
|
|
2769
|
-
};
|
|
2770
|
-
};
|
|
2771
|
-
AuthMiddlewareQueue.prototype.runMiddleware = function (nextUser) {
|
|
2772
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
2773
|
-
var onAbortStack, _i, _a, beforeStateCallback, e_1, _b, onAbortStack_1, onAbort;
|
|
2774
|
-
return __generator(this, function (_c) {
|
|
2775
|
-
switch (_c.label) {
|
|
2776
|
-
case 0:
|
|
2777
|
-
if (this.auth.currentUser === nextUser) {
|
|
2778
|
-
return [2 /*return*/];
|
|
2779
|
-
}
|
|
2780
|
-
onAbortStack = [];
|
|
2781
|
-
_c.label = 1;
|
|
2782
|
-
case 1:
|
|
2783
|
-
_c.trys.push([1, 6, , 7]);
|
|
2784
|
-
_i = 0, _a = this.queue;
|
|
2785
|
-
_c.label = 2;
|
|
2786
|
-
case 2:
|
|
2787
|
-
if (!(_i < _a.length)) return [3 /*break*/, 5];
|
|
2788
|
-
beforeStateCallback = _a[_i];
|
|
2789
|
-
return [4 /*yield*/, beforeStateCallback(nextUser)];
|
|
2790
|
-
case 3:
|
|
2791
|
-
_c.sent();
|
|
2792
|
-
// Only push the onAbort if the callback succeeds
|
|
2793
|
-
if (beforeStateCallback.onAbort) {
|
|
2794
|
-
onAbortStack.push(beforeStateCallback.onAbort);
|
|
2795
|
-
}
|
|
2796
|
-
_c.label = 4;
|
|
2797
|
-
case 4:
|
|
2798
|
-
_i++;
|
|
2799
|
-
return [3 /*break*/, 2];
|
|
2800
|
-
case 5: return [3 /*break*/, 7];
|
|
2801
|
-
case 6:
|
|
2802
|
-
e_1 = _c.sent();
|
|
2803
|
-
// Run all onAbort, with separate try/catch to ignore any errors and
|
|
2804
|
-
// continue
|
|
2805
|
-
onAbortStack.reverse();
|
|
2806
|
-
for (_b = 0, onAbortStack_1 = onAbortStack; _b < onAbortStack_1.length; _b++) {
|
|
2807
|
-
onAbort = onAbortStack_1[_b];
|
|
2808
|
-
try {
|
|
2809
|
-
onAbort();
|
|
2810
|
-
}
|
|
2811
|
-
catch (_) {
|
|
2812
|
-
/* swallow error */
|
|
2813
|
-
}
|
|
2814
|
-
}
|
|
2815
|
-
throw this.auth._errorFactory.create("login-blocked" /* AuthErrorCode.LOGIN_BLOCKED */, {
|
|
2816
|
-
originalMessage: e_1 === null || e_1 === void 0 ? void 0 : e_1.message
|
|
2817
|
-
});
|
|
2818
|
-
case 7: return [2 /*return*/];
|
|
2819
|
-
}
|
|
2820
|
-
});
|
|
2821
|
-
});
|
|
2822
|
-
};
|
|
2823
|
-
return AuthMiddlewareQueue;
|
|
2756
|
+
if (maxPasswordLength) {
|
|
2757
|
+
status.meetsMaxPasswordLength = password.length <= maxPasswordLength;
|
|
2758
|
+
}
|
|
2759
|
+
};
|
|
2760
|
+
/**
|
|
2761
|
+
* Validates that the password meets the character options for the policy.
|
|
2762
|
+
*
|
|
2763
|
+
* @param password Password to validate.
|
|
2764
|
+
* @param status Validation status.
|
|
2765
|
+
*/
|
|
2766
|
+
PasswordPolicyImpl.prototype.validatePasswordCharacterOptions = function (password, status) {
|
|
2767
|
+
// Assign statuses for requirements even if the password is an empty string.
|
|
2768
|
+
this.updatePasswordCharacterOptionsStatuses(status,
|
|
2769
|
+
/* containsLowercaseCharacter= */ false,
|
|
2770
|
+
/* containsUppercaseCharacter= */ false,
|
|
2771
|
+
/* containsNumericCharacter= */ false,
|
|
2772
|
+
/* containsNonAlphanumericCharacter= */ false);
|
|
2773
|
+
var passwordChar;
|
|
2774
|
+
for (var i = 0; i < password.length; i++) {
|
|
2775
|
+
passwordChar = password.charAt(i);
|
|
2776
|
+
this.updatePasswordCharacterOptionsStatuses(status,
|
|
2777
|
+
/* containsLowercaseCharacter= */ passwordChar >= 'a' &&
|
|
2778
|
+
passwordChar <= 'z',
|
|
2779
|
+
/* containsUppercaseCharacter= */ passwordChar >= 'A' &&
|
|
2780
|
+
passwordChar <= 'Z',
|
|
2781
|
+
/* containsNumericCharacter= */ passwordChar >= '0' &&
|
|
2782
|
+
passwordChar <= '9',
|
|
2783
|
+
/* containsNonAlphanumericCharacter= */ this.allowedNonAlphanumericCharacters.includes(passwordChar));
|
|
2784
|
+
}
|
|
2785
|
+
};
|
|
2786
|
+
/**
|
|
2787
|
+
* Updates the running validation status with the statuses for the character options.
|
|
2788
|
+
* Expected to be called each time a character is processed to update each option status
|
|
2789
|
+
* based on the current character.
|
|
2790
|
+
*
|
|
2791
|
+
* @param status Validation status.
|
|
2792
|
+
* @param containsLowercaseCharacter Whether the character is a lowercase letter.
|
|
2793
|
+
* @param containsUppercaseCharacter Whether the character is an uppercase letter.
|
|
2794
|
+
* @param containsNumericCharacter Whether the character is a numeric character.
|
|
2795
|
+
* @param containsNonAlphanumericCharacter Whether the character is a non-alphanumeric character.
|
|
2796
|
+
*/
|
|
2797
|
+
PasswordPolicyImpl.prototype.updatePasswordCharacterOptionsStatuses = function (status, containsLowercaseCharacter, containsUppercaseCharacter, containsNumericCharacter, containsNonAlphanumericCharacter) {
|
|
2798
|
+
if (this.customStrengthOptions.containsLowercaseLetter) {
|
|
2799
|
+
status.containsLowercaseLetter || (status.containsLowercaseLetter = containsLowercaseCharacter);
|
|
2800
|
+
}
|
|
2801
|
+
if (this.customStrengthOptions.containsUppercaseLetter) {
|
|
2802
|
+
status.containsUppercaseLetter || (status.containsUppercaseLetter = containsUppercaseCharacter);
|
|
2803
|
+
}
|
|
2804
|
+
if (this.customStrengthOptions.containsNumericCharacter) {
|
|
2805
|
+
status.containsNumericCharacter || (status.containsNumericCharacter = containsNumericCharacter);
|
|
2806
|
+
}
|
|
2807
|
+
if (this.customStrengthOptions.containsNonAlphanumericCharacter) {
|
|
2808
|
+
status.containsNonAlphanumericCharacter || (status.containsNonAlphanumericCharacter = containsNonAlphanumericCharacter);
|
|
2809
|
+
}
|
|
2810
|
+
};
|
|
2811
|
+
return PasswordPolicyImpl;
|
|
2824
2812
|
}());
|
|
2825
2813
|
|
|
2826
2814
|
/**
|
|
@@ -2853,6 +2841,7 @@ var AuthImpl = /** @class */ (function () {
|
|
|
2853
2841
|
this.beforeStateQueue = new AuthMiddlewareQueue(this);
|
|
2854
2842
|
this.redirectUser = null;
|
|
2855
2843
|
this.isProactiveRefreshEnabled = false;
|
|
2844
|
+
this.EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION = 1;
|
|
2856
2845
|
// Any network calls will set this to true and prevent subsequent emulator
|
|
2857
2846
|
// initialization
|
|
2858
2847
|
this._canInitEmulator = true;
|
|
@@ -2863,6 +2852,8 @@ var AuthImpl = /** @class */ (function () {
|
|
|
2863
2852
|
this._errorFactory = _DEFAULT_AUTH_ERROR_FACTORY;
|
|
2864
2853
|
this._agentRecaptchaConfig = null;
|
|
2865
2854
|
this._tenantRecaptchaConfigs = {};
|
|
2855
|
+
this._projectPasswordPolicy = null;
|
|
2856
|
+
this._tenantPasswordPolicies = {};
|
|
2866
2857
|
// Tracks the last notified UID for state change listeners to prevent
|
|
2867
2858
|
// repeated calls to the callbacks. Undefined means it's never been
|
|
2868
2859
|
// called, whereas null means it's been called with a signed out user
|
|
@@ -3192,41 +3183,66 @@ var AuthImpl = /** @class */ (function () {
|
|
|
3192
3183
|
});
|
|
3193
3184
|
}); });
|
|
3194
3185
|
};
|
|
3195
|
-
AuthImpl.prototype.
|
|
3186
|
+
AuthImpl.prototype._getRecaptchaConfig = function () {
|
|
3187
|
+
if (this.tenantId == null) {
|
|
3188
|
+
return this._agentRecaptchaConfig;
|
|
3189
|
+
}
|
|
3190
|
+
else {
|
|
3191
|
+
return this._tenantRecaptchaConfigs[this.tenantId];
|
|
3192
|
+
}
|
|
3193
|
+
};
|
|
3194
|
+
AuthImpl.prototype.validatePassword = function (password) {
|
|
3196
3195
|
return __awaiter(this, void 0, void 0, function () {
|
|
3197
|
-
var
|
|
3196
|
+
var passwordPolicy;
|
|
3198
3197
|
return __generator(this, function (_a) {
|
|
3199
3198
|
switch (_a.label) {
|
|
3200
|
-
case 0:
|
|
3201
|
-
|
|
3202
|
-
|
|
3203
|
-
})];
|
|
3199
|
+
case 0:
|
|
3200
|
+
if (!!this._getPasswordPolicyInternal()) return [3 /*break*/, 2];
|
|
3201
|
+
return [4 /*yield*/, this._updatePasswordPolicy()];
|
|
3204
3202
|
case 1:
|
|
3205
|
-
|
|
3206
|
-
|
|
3207
|
-
|
|
3208
|
-
|
|
3209
|
-
|
|
3210
|
-
|
|
3211
|
-
|
|
3212
|
-
|
|
3213
|
-
|
|
3214
|
-
verifier = new RecaptchaEnterpriseVerifier(this);
|
|
3215
|
-
void verifier.verify();
|
|
3203
|
+
_a.sent();
|
|
3204
|
+
_a.label = 2;
|
|
3205
|
+
case 2:
|
|
3206
|
+
passwordPolicy = this._getPasswordPolicyInternal();
|
|
3207
|
+
// Check that the policy schema version is supported by the SDK.
|
|
3208
|
+
// TODO: Update this logic to use a max supported policy schema version once we have multiple schema versions.
|
|
3209
|
+
if (passwordPolicy.schemaVersion !==
|
|
3210
|
+
this.EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION) {
|
|
3211
|
+
return [2 /*return*/, Promise.reject(this._errorFactory.create("unsupported-password-policy-schema-version" /* AuthErrorCode.UNSUPPORTED_PASSWORD_POLICY_SCHEMA_VERSION */, {}))];
|
|
3216
3212
|
}
|
|
3217
|
-
return [2 /*return
|
|
3213
|
+
return [2 /*return*/, passwordPolicy.validatePassword(password)];
|
|
3218
3214
|
}
|
|
3219
3215
|
});
|
|
3220
3216
|
});
|
|
3221
3217
|
};
|
|
3222
|
-
AuthImpl.prototype.
|
|
3223
|
-
if (this.tenantId
|
|
3224
|
-
return this.
|
|
3218
|
+
AuthImpl.prototype._getPasswordPolicyInternal = function () {
|
|
3219
|
+
if (this.tenantId === null) {
|
|
3220
|
+
return this._projectPasswordPolicy;
|
|
3225
3221
|
}
|
|
3226
3222
|
else {
|
|
3227
|
-
return this.
|
|
3223
|
+
return this._tenantPasswordPolicies[this.tenantId];
|
|
3228
3224
|
}
|
|
3229
3225
|
};
|
|
3226
|
+
AuthImpl.prototype._updatePasswordPolicy = function () {
|
|
3227
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
3228
|
+
var response, passwordPolicy;
|
|
3229
|
+
return __generator(this, function (_a) {
|
|
3230
|
+
switch (_a.label) {
|
|
3231
|
+
case 0: return [4 /*yield*/, _getPasswordPolicy(this)];
|
|
3232
|
+
case 1:
|
|
3233
|
+
response = _a.sent();
|
|
3234
|
+
passwordPolicy = new PasswordPolicyImpl(response);
|
|
3235
|
+
if (this.tenantId === null) {
|
|
3236
|
+
this._projectPasswordPolicy = passwordPolicy;
|
|
3237
|
+
}
|
|
3238
|
+
else {
|
|
3239
|
+
this._tenantPasswordPolicies[this.tenantId] = passwordPolicy;
|
|
3240
|
+
}
|
|
3241
|
+
return [2 /*return*/];
|
|
3242
|
+
}
|
|
3243
|
+
});
|
|
3244
|
+
});
|
|
3245
|
+
};
|
|
3230
3246
|
AuthImpl.prototype._getPersistence = function () {
|
|
3231
3247
|
return this.assertedPersistence.persistence.type;
|
|
3232
3248
|
};
|
|
@@ -3502,54 +3518,280 @@ var AuthImpl = /** @class */ (function () {
|
|
|
3502
3518
|
AuthImpl.prototype._getAppCheckToken = function () {
|
|
3503
3519
|
var _a;
|
|
3504
3520
|
return __awaiter(this, void 0, void 0, function () {
|
|
3505
|
-
var appCheckTokenResult;
|
|
3506
|
-
return __generator(this, function (_b) {
|
|
3507
|
-
switch (_b.label) {
|
|
3508
|
-
case 0: return [4 /*yield*/, ((_a = this.appCheckServiceProvider
|
|
3509
|
-
.getImmediate({ optional: true })) === null || _a === void 0 ? void 0 : _a.getToken())];
|
|
3510
|
-
case 1:
|
|
3511
|
-
appCheckTokenResult = _b.sent();
|
|
3512
|
-
if (appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.error) {
|
|
3513
|
-
// Context: appCheck.getToken() will never throw even if an error happened.
|
|
3514
|
-
// In the error case, a dummy token will be returned along with an error field describing
|
|
3515
|
-
// the error. In general, we shouldn't care about the error condition and just use
|
|
3516
|
-
// the token (actual or dummy) to send requests.
|
|
3517
|
-
_logWarn("Error while retrieving App Check token: ".concat(appCheckTokenResult.error));
|
|
3521
|
+
var appCheckTokenResult;
|
|
3522
|
+
return __generator(this, function (_b) {
|
|
3523
|
+
switch (_b.label) {
|
|
3524
|
+
case 0: return [4 /*yield*/, ((_a = this.appCheckServiceProvider
|
|
3525
|
+
.getImmediate({ optional: true })) === null || _a === void 0 ? void 0 : _a.getToken())];
|
|
3526
|
+
case 1:
|
|
3527
|
+
appCheckTokenResult = _b.sent();
|
|
3528
|
+
if (appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.error) {
|
|
3529
|
+
// Context: appCheck.getToken() will never throw even if an error happened.
|
|
3530
|
+
// In the error case, a dummy token will be returned along with an error field describing
|
|
3531
|
+
// the error. In general, we shouldn't care about the error condition and just use
|
|
3532
|
+
// the token (actual or dummy) to send requests.
|
|
3533
|
+
_logWarn("Error while retrieving App Check token: ".concat(appCheckTokenResult.error));
|
|
3534
|
+
}
|
|
3535
|
+
return [2 /*return*/, appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.token];
|
|
3536
|
+
}
|
|
3537
|
+
});
|
|
3538
|
+
});
|
|
3539
|
+
};
|
|
3540
|
+
return AuthImpl;
|
|
3541
|
+
}());
|
|
3542
|
+
/**
|
|
3543
|
+
* Method to be used to cast down to our private implmentation of Auth.
|
|
3544
|
+
* It will also handle unwrapping from the compat type if necessary
|
|
3545
|
+
*
|
|
3546
|
+
* @param auth Auth object passed in from developer
|
|
3547
|
+
*/
|
|
3548
|
+
function _castAuth(auth) {
|
|
3549
|
+
return getModularInstance(auth);
|
|
3550
|
+
}
|
|
3551
|
+
/** Helper class to wrap subscriber logic */
|
|
3552
|
+
var Subscription = /** @class */ (function () {
|
|
3553
|
+
function Subscription(auth) {
|
|
3554
|
+
var _this = this;
|
|
3555
|
+
this.auth = auth;
|
|
3556
|
+
this.observer = null;
|
|
3557
|
+
this.addObserver = createSubscribe(function (observer) { return (_this.observer = observer); });
|
|
3558
|
+
}
|
|
3559
|
+
Object.defineProperty(Subscription.prototype, "next", {
|
|
3560
|
+
get: function () {
|
|
3561
|
+
_assert(this.observer, this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
|
|
3562
|
+
return this.observer.next.bind(this.observer);
|
|
3563
|
+
},
|
|
3564
|
+
enumerable: false,
|
|
3565
|
+
configurable: true
|
|
3566
|
+
});
|
|
3567
|
+
return Subscription;
|
|
3568
|
+
}());
|
|
3569
|
+
|
|
3570
|
+
/**
|
|
3571
|
+
* @license
|
|
3572
|
+
* Copyright 2020 Google LLC
|
|
3573
|
+
*
|
|
3574
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
3575
|
+
* you may not use this file except in compliance with the License.
|
|
3576
|
+
* You may obtain a copy of the License at
|
|
3577
|
+
*
|
|
3578
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
3579
|
+
*
|
|
3580
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
3581
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
3582
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
3583
|
+
* See the License for the specific language governing permissions and
|
|
3584
|
+
* limitations under the License.
|
|
3585
|
+
*/
|
|
3586
|
+
function getScriptParentElement() {
|
|
3587
|
+
var _a, _b;
|
|
3588
|
+
return (_b = (_a = document.getElementsByTagName('head')) === null || _a === void 0 ? void 0 : _a[0]) !== null && _b !== void 0 ? _b : document;
|
|
3589
|
+
}
|
|
3590
|
+
function _loadJS(url) {
|
|
3591
|
+
// TODO: consider adding timeout support & cancellation
|
|
3592
|
+
return new Promise(function (resolve, reject) {
|
|
3593
|
+
var el = document.createElement('script');
|
|
3594
|
+
el.setAttribute('src', url);
|
|
3595
|
+
el.onload = resolve;
|
|
3596
|
+
el.onerror = function (e) {
|
|
3597
|
+
var error = _createError("internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
|
|
3598
|
+
error.customData = e;
|
|
3599
|
+
reject(error);
|
|
3600
|
+
};
|
|
3601
|
+
el.type = 'text/javascript';
|
|
3602
|
+
el.charset = 'UTF-8';
|
|
3603
|
+
getScriptParentElement().appendChild(el);
|
|
3604
|
+
});
|
|
3605
|
+
}
|
|
3606
|
+
function _generateCallbackName(prefix) {
|
|
3607
|
+
return "__".concat(prefix).concat(Math.floor(Math.random() * 1000000));
|
|
3608
|
+
}
|
|
3609
|
+
|
|
3610
|
+
/* eslint-disable @typescript-eslint/no-require-imports */
|
|
3611
|
+
var RECAPTCHA_ENTERPRISE_URL = 'https://www.google.com/recaptcha/enterprise.js?render=';
|
|
3612
|
+
var RECAPTCHA_ENTERPRISE_VERIFIER_TYPE = 'recaptcha-enterprise';
|
|
3613
|
+
var FAKE_TOKEN = 'NO_RECAPTCHA';
|
|
3614
|
+
var RecaptchaEnterpriseVerifier = /** @class */ (function () {
|
|
3615
|
+
/**
|
|
3616
|
+
*
|
|
3617
|
+
* @param authExtern - The corresponding Firebase {@link Auth} instance.
|
|
3618
|
+
*
|
|
3619
|
+
*/
|
|
3620
|
+
function RecaptchaEnterpriseVerifier(authExtern) {
|
|
3621
|
+
/**
|
|
3622
|
+
* Identifies the type of application verifier (e.g. "recaptcha-enterprise").
|
|
3623
|
+
*/
|
|
3624
|
+
this.type = RECAPTCHA_ENTERPRISE_VERIFIER_TYPE;
|
|
3625
|
+
this.auth = _castAuth(authExtern);
|
|
3626
|
+
}
|
|
3627
|
+
/**
|
|
3628
|
+
* Executes the verification process.
|
|
3629
|
+
*
|
|
3630
|
+
* @returns A Promise for a token that can be used to assert the validity of a request.
|
|
3631
|
+
*/
|
|
3632
|
+
RecaptchaEnterpriseVerifier.prototype.verify = function (action, forceRefresh) {
|
|
3633
|
+
if (action === void 0) { action = 'verify'; }
|
|
3634
|
+
if (forceRefresh === void 0) { forceRefresh = false; }
|
|
3635
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
3636
|
+
function retrieveSiteKey(auth) {
|
|
3637
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
3638
|
+
var _this = this;
|
|
3639
|
+
return __generator(this, function (_a) {
|
|
3640
|
+
if (!forceRefresh) {
|
|
3641
|
+
if (auth.tenantId == null && auth._agentRecaptchaConfig != null) {
|
|
3642
|
+
return [2 /*return*/, auth._agentRecaptchaConfig.siteKey];
|
|
3643
|
+
}
|
|
3644
|
+
if (auth.tenantId != null &&
|
|
3645
|
+
auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined) {
|
|
3646
|
+
return [2 /*return*/, auth._tenantRecaptchaConfigs[auth.tenantId].siteKey];
|
|
3647
|
+
}
|
|
3518
3648
|
}
|
|
3519
|
-
return [2 /*return*/,
|
|
3649
|
+
return [2 /*return*/, new Promise(function (resolve, reject) { return __awaiter(_this, void 0, void 0, function () {
|
|
3650
|
+
return __generator(this, function (_a) {
|
|
3651
|
+
getRecaptchaConfig(auth, {
|
|
3652
|
+
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
|
|
3653
|
+
version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
3654
|
+
})
|
|
3655
|
+
.then(function (response) {
|
|
3656
|
+
if (response.recaptchaKey === undefined) {
|
|
3657
|
+
reject(new Error('recaptcha Enterprise site key undefined'));
|
|
3658
|
+
}
|
|
3659
|
+
else {
|
|
3660
|
+
var config = new RecaptchaConfig(response);
|
|
3661
|
+
if (auth.tenantId == null) {
|
|
3662
|
+
auth._agentRecaptchaConfig = config;
|
|
3663
|
+
}
|
|
3664
|
+
else {
|
|
3665
|
+
auth._tenantRecaptchaConfigs[auth.tenantId] = config;
|
|
3666
|
+
}
|
|
3667
|
+
return resolve(config.siteKey);
|
|
3668
|
+
}
|
|
3669
|
+
})
|
|
3670
|
+
.catch(function (error) {
|
|
3671
|
+
reject(error);
|
|
3672
|
+
});
|
|
3673
|
+
return [2 /*return*/];
|
|
3674
|
+
});
|
|
3675
|
+
}); })];
|
|
3676
|
+
});
|
|
3677
|
+
});
|
|
3678
|
+
}
|
|
3679
|
+
function retrieveRecaptchaToken(siteKey, resolve, reject) {
|
|
3680
|
+
var grecaptcha = window.grecaptcha;
|
|
3681
|
+
if (isEnterprise(grecaptcha)) {
|
|
3682
|
+
grecaptcha.enterprise.ready(function () {
|
|
3683
|
+
grecaptcha.enterprise
|
|
3684
|
+
.execute(siteKey, { action: action })
|
|
3685
|
+
.then(function (token) {
|
|
3686
|
+
resolve(token);
|
|
3687
|
+
})
|
|
3688
|
+
.catch(function () {
|
|
3689
|
+
resolve(FAKE_TOKEN);
|
|
3690
|
+
});
|
|
3691
|
+
});
|
|
3520
3692
|
}
|
|
3693
|
+
else {
|
|
3694
|
+
reject(Error('No reCAPTCHA enterprise script loaded.'));
|
|
3695
|
+
}
|
|
3696
|
+
}
|
|
3697
|
+
var _this = this;
|
|
3698
|
+
return __generator(this, function (_a) {
|
|
3699
|
+
return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
3700
|
+
retrieveSiteKey(_this.auth)
|
|
3701
|
+
.then(function (siteKey) {
|
|
3702
|
+
if (!forceRefresh && isEnterprise(window.grecaptcha)) {
|
|
3703
|
+
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
3704
|
+
}
|
|
3705
|
+
else {
|
|
3706
|
+
if (typeof window === 'undefined') {
|
|
3707
|
+
reject(new Error('RecaptchaVerifier is only supported in browser'));
|
|
3708
|
+
return;
|
|
3709
|
+
}
|
|
3710
|
+
_loadJS(RECAPTCHA_ENTERPRISE_URL + siteKey)
|
|
3711
|
+
.then(function () {
|
|
3712
|
+
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
3713
|
+
})
|
|
3714
|
+
.catch(function (error) {
|
|
3715
|
+
reject(error);
|
|
3716
|
+
});
|
|
3717
|
+
}
|
|
3718
|
+
})
|
|
3719
|
+
.catch(function (error) {
|
|
3720
|
+
reject(error);
|
|
3721
|
+
});
|
|
3722
|
+
})];
|
|
3521
3723
|
});
|
|
3522
3724
|
});
|
|
3523
3725
|
};
|
|
3524
|
-
return
|
|
3726
|
+
return RecaptchaEnterpriseVerifier;
|
|
3525
3727
|
}());
|
|
3526
|
-
|
|
3527
|
-
|
|
3528
|
-
|
|
3529
|
-
|
|
3530
|
-
|
|
3531
|
-
|
|
3532
|
-
|
|
3533
|
-
|
|
3728
|
+
function injectRecaptchaFields(auth, request, action, captchaResp) {
|
|
3729
|
+
if (captchaResp === void 0) { captchaResp = false; }
|
|
3730
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
3731
|
+
var verifier, captchaResponse, newRequest;
|
|
3732
|
+
return __generator(this, function (_a) {
|
|
3733
|
+
switch (_a.label) {
|
|
3734
|
+
case 0:
|
|
3735
|
+
verifier = new RecaptchaEnterpriseVerifier(auth);
|
|
3736
|
+
_a.label = 1;
|
|
3737
|
+
case 1:
|
|
3738
|
+
_a.trys.push([1, 3, , 5]);
|
|
3739
|
+
return [4 /*yield*/, verifier.verify(action)];
|
|
3740
|
+
case 2:
|
|
3741
|
+
captchaResponse = _a.sent();
|
|
3742
|
+
return [3 /*break*/, 5];
|
|
3743
|
+
case 3:
|
|
3744
|
+
_a.sent();
|
|
3745
|
+
return [4 /*yield*/, verifier.verify(action, true)];
|
|
3746
|
+
case 4:
|
|
3747
|
+
captchaResponse = _a.sent();
|
|
3748
|
+
return [3 /*break*/, 5];
|
|
3749
|
+
case 5:
|
|
3750
|
+
newRequest = __assign({}, request);
|
|
3751
|
+
if (!captchaResp) {
|
|
3752
|
+
Object.assign(newRequest, { captchaResponse: captchaResponse });
|
|
3753
|
+
}
|
|
3754
|
+
else {
|
|
3755
|
+
Object.assign(newRequest, { 'captchaResp': captchaResponse });
|
|
3756
|
+
}
|
|
3757
|
+
Object.assign(newRequest, { 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ });
|
|
3758
|
+
Object.assign(newRequest, {
|
|
3759
|
+
'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
3760
|
+
});
|
|
3761
|
+
return [2 /*return*/, newRequest];
|
|
3762
|
+
}
|
|
3763
|
+
});
|
|
3764
|
+
});
|
|
3534
3765
|
}
|
|
3535
|
-
|
|
3536
|
-
|
|
3537
|
-
|
|
3538
|
-
|
|
3539
|
-
|
|
3540
|
-
|
|
3541
|
-
|
|
3542
|
-
|
|
3543
|
-
|
|
3544
|
-
|
|
3545
|
-
|
|
3546
|
-
|
|
3547
|
-
|
|
3548
|
-
|
|
3549
|
-
|
|
3766
|
+
function _initializeRecaptchaConfig(auth) {
|
|
3767
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
3768
|
+
var authInternal, response, config, verifier;
|
|
3769
|
+
return __generator(this, function (_a) {
|
|
3770
|
+
switch (_a.label) {
|
|
3771
|
+
case 0:
|
|
3772
|
+
authInternal = _castAuth(auth);
|
|
3773
|
+
return [4 /*yield*/, getRecaptchaConfig(authInternal, {
|
|
3774
|
+
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
|
|
3775
|
+
version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
3776
|
+
})];
|
|
3777
|
+
case 1:
|
|
3778
|
+
response = _a.sent();
|
|
3779
|
+
config = new RecaptchaConfig(response);
|
|
3780
|
+
if (authInternal.tenantId == null) {
|
|
3781
|
+
authInternal._agentRecaptchaConfig = config;
|
|
3782
|
+
}
|
|
3783
|
+
else {
|
|
3784
|
+
authInternal._tenantRecaptchaConfigs[authInternal.tenantId] = config;
|
|
3785
|
+
}
|
|
3786
|
+
if (config.emailPasswordEnabled) {
|
|
3787
|
+
verifier = new RecaptchaEnterpriseVerifier(authInternal);
|
|
3788
|
+
void verifier.verify();
|
|
3789
|
+
}
|
|
3790
|
+
return [2 /*return*/];
|
|
3791
|
+
}
|
|
3792
|
+
});
|
|
3550
3793
|
});
|
|
3551
|
-
|
|
3552
|
-
}());
|
|
3794
|
+
}
|
|
3553
3795
|
|
|
3554
3796
|
/**
|
|
3555
3797
|
* @license
|
|
@@ -6209,6 +6451,36 @@ function _setActionCodeSettingsOnRequest(auth, request, actionCodeSettings) {
|
|
|
6209
6451
|
* See the License for the specific language governing permissions and
|
|
6210
6452
|
* limitations under the License.
|
|
6211
6453
|
*/
|
|
6454
|
+
/**
|
|
6455
|
+
* Updates the password policy cached in the {@link Auth} instance if a policy is already
|
|
6456
|
+
* cached for the project or tenant.
|
|
6457
|
+
*
|
|
6458
|
+
* @remarks
|
|
6459
|
+
* We only fetch the password policy if the password did not meet policy requirements and
|
|
6460
|
+
* there is an existing policy cached. A developer must call validatePassword at least
|
|
6461
|
+
* once for the cache to be automatically updated.
|
|
6462
|
+
*
|
|
6463
|
+
* @param auth - The {@link Auth} instance.
|
|
6464
|
+
*
|
|
6465
|
+
* @private
|
|
6466
|
+
*/
|
|
6467
|
+
function recachePasswordPolicy(auth) {
|
|
6468
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
6469
|
+
var authInternal;
|
|
6470
|
+
return __generator(this, function (_a) {
|
|
6471
|
+
switch (_a.label) {
|
|
6472
|
+
case 0:
|
|
6473
|
+
authInternal = _castAuth(auth);
|
|
6474
|
+
if (!authInternal._getPasswordPolicyInternal()) return [3 /*break*/, 2];
|
|
6475
|
+
return [4 /*yield*/, authInternal._updatePasswordPolicy()];
|
|
6476
|
+
case 1:
|
|
6477
|
+
_a.sent();
|
|
6478
|
+
_a.label = 2;
|
|
6479
|
+
case 2: return [2 /*return*/];
|
|
6480
|
+
}
|
|
6481
|
+
});
|
|
6482
|
+
});
|
|
6483
|
+
}
|
|
6212
6484
|
/**
|
|
6213
6485
|
* Sends a password reset email to the given email address.
|
|
6214
6486
|
*
|
|
@@ -6312,12 +6584,22 @@ function sendPasswordResetEmail(auth, email, actionCodeSettings) {
|
|
|
6312
6584
|
*/
|
|
6313
6585
|
function confirmPasswordReset(auth, oobCode, newPassword) {
|
|
6314
6586
|
return __awaiter(this, void 0, void 0, function () {
|
|
6587
|
+
var _this = this;
|
|
6315
6588
|
return __generator(this, function (_a) {
|
|
6316
6589
|
switch (_a.label) {
|
|
6317
6590
|
case 0: return [4 /*yield*/, resetPassword(getModularInstance(auth), {
|
|
6318
6591
|
oobCode: oobCode,
|
|
6319
6592
|
newPassword: newPassword
|
|
6320
|
-
})
|
|
6593
|
+
})
|
|
6594
|
+
.catch(function (error) { return __awaiter(_this, void 0, void 0, function () {
|
|
6595
|
+
return __generator(this, function (_a) {
|
|
6596
|
+
if (error.code ===
|
|
6597
|
+
"auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
|
|
6598
|
+
void recachePasswordPolicy(auth);
|
|
6599
|
+
}
|
|
6600
|
+
throw error;
|
|
6601
|
+
});
|
|
6602
|
+
}); })];
|
|
6321
6603
|
case 1:
|
|
6322
6604
|
_a.sent();
|
|
6323
6605
|
return [2 /*return*/];
|
|
@@ -6473,13 +6755,16 @@ function createUserWithEmailAndPassword(auth, email, password) {
|
|
|
6473
6755
|
case 1:
|
|
6474
6756
|
requestWithRecaptcha = _a.sent();
|
|
6475
6757
|
return [2 /*return*/, signUp(authInternal, requestWithRecaptcha)];
|
|
6476
|
-
case 2:
|
|
6758
|
+
case 2: throw error;
|
|
6477
6759
|
}
|
|
6478
6760
|
});
|
|
6479
6761
|
}); });
|
|
6480
6762
|
_b.label = 3;
|
|
6481
6763
|
case 3: return [4 /*yield*/, signUpResponse.catch(function (error) {
|
|
6482
|
-
|
|
6764
|
+
if (error.code === "auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
|
|
6765
|
+
void recachePasswordPolicy(auth);
|
|
6766
|
+
}
|
|
6767
|
+
throw error;
|
|
6483
6768
|
})];
|
|
6484
6769
|
case 4:
|
|
6485
6770
|
response = _b.sent();
|
|
@@ -6511,7 +6796,15 @@ function createUserWithEmailAndPassword(auth, email, password) {
|
|
|
6511
6796
|
* @public
|
|
6512
6797
|
*/
|
|
6513
6798
|
function signInWithEmailAndPassword(auth, email, password) {
|
|
6514
|
-
|
|
6799
|
+
var _this = this;
|
|
6800
|
+
return signInWithCredential(getModularInstance(auth), EmailAuthProvider.credential(email, password)).catch(function (error) { return __awaiter(_this, void 0, void 0, function () {
|
|
6801
|
+
return __generator(this, function (_a) {
|
|
6802
|
+
if (error.code === "auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
|
|
6803
|
+
void recachePasswordPolicy(auth);
|
|
6804
|
+
}
|
|
6805
|
+
throw error;
|
|
6806
|
+
});
|
|
6807
|
+
}); });
|
|
6515
6808
|
}
|
|
6516
6809
|
|
|
6517
6810
|
/**
|
|
@@ -7249,8 +7542,39 @@ function setPersistence(auth, persistence) {
|
|
|
7249
7542
|
* @public
|
|
7250
7543
|
*/
|
|
7251
7544
|
function initializeRecaptchaConfig(auth) {
|
|
7252
|
-
|
|
7253
|
-
|
|
7545
|
+
return _initializeRecaptchaConfig(auth);
|
|
7546
|
+
}
|
|
7547
|
+
/**
|
|
7548
|
+
* Validates the password against the password policy configured for the project or tenant.
|
|
7549
|
+
*
|
|
7550
|
+
* @remarks
|
|
7551
|
+
* If no tenant ID is set on the `Auth` instance, then this method will use the password
|
|
7552
|
+
* policy configured for the project. Otherwise, this method will use the policy configured
|
|
7553
|
+
* for the tenant. If a password policy has not been configured, then the default policy
|
|
7554
|
+
* configured for all projects will be used.
|
|
7555
|
+
*
|
|
7556
|
+
* If an auth flow fails because a submitted password does not meet the password policy
|
|
7557
|
+
* requirements and this method has previously been called, then this method will use the
|
|
7558
|
+
* most recent policy available when called again.
|
|
7559
|
+
*
|
|
7560
|
+
* @example
|
|
7561
|
+
* ```javascript
|
|
7562
|
+
* validatePassword(auth, 'some-password');
|
|
7563
|
+
* ```
|
|
7564
|
+
*
|
|
7565
|
+
* @param auth The {@link Auth} instance.
|
|
7566
|
+
* @param password The password to validate.
|
|
7567
|
+
*
|
|
7568
|
+
* @public
|
|
7569
|
+
*/
|
|
7570
|
+
function validatePassword(auth, password) {
|
|
7571
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
7572
|
+
var authInternal;
|
|
7573
|
+
return __generator(this, function (_a) {
|
|
7574
|
+
authInternal = _castAuth(auth);
|
|
7575
|
+
return [2 /*return*/, authInternal.validatePassword(password)];
|
|
7576
|
+
});
|
|
7577
|
+
});
|
|
7254
7578
|
}
|
|
7255
7579
|
/**
|
|
7256
7580
|
* Adds an observer for changes to the signed-in user's ID token.
|
|
@@ -11876,7 +12200,7 @@ function _isEmptyString(input) {
|
|
|
11876
12200
|
}
|
|
11877
12201
|
|
|
11878
12202
|
var name = "@firebase/auth";
|
|
11879
|
-
var version = "1.1.0-canary.
|
|
12203
|
+
var version = "1.1.0-canary.f497a400a";
|
|
11880
12204
|
|
|
11881
12205
|
/**
|
|
11882
12206
|
* @license
|
|
@@ -12128,5 +12452,5 @@ function getAuth(app) {
|
|
|
12128
12452
|
}
|
|
12129
12453
|
registerAuth("Browser" /* ClientPlatform.BROWSER */);
|
|
12130
12454
|
|
|
12131
|
-
export {
|
|
12132
|
-
//# sourceMappingURL=index-
|
|
12455
|
+
export { signInAnonymously as $, ActionCodeOperation as A, updateCurrentUser as B, signOut as C, deleteUser as D, debugErrorMap as E, FactorId as F, prodErrorMap as G, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as H, initializeAuth as I, connectAuthEmulator as J, AuthCredential as K, EmailAuthCredential as L, OAuthCredential as M, PhoneAuthCredential as N, OperationType as O, PhoneAuthProvider as P, inMemoryPersistence as Q, RecaptchaVerifier as R, SignInMethod as S, TotpMultiFactorGenerator as T, EmailAuthProvider as U, FacebookAuthProvider as V, GoogleAuthProvider as W, GithubAuthProvider as X, OAuthProvider as Y, SAMLAuthProvider as Z, TwitterAuthProvider as _, browserSessionPersistence as a, signInWithCredential as a0, linkWithCredential as a1, reauthenticateWithCredential as a2, signInWithCustomToken as a3, sendPasswordResetEmail as a4, confirmPasswordReset as a5, applyActionCode as a6, checkActionCode as a7, verifyPasswordResetCode as a8, createUserWithEmailAndPassword as a9, _assert as aA, _createError as aB, AuthEventManager as aC, _getInstance as aD, _persistenceKeyName as aE, _clearRedirectOutcomes as aF, _getRedirectResult as aG, _overrideRedirectResult as aH, _castAuth as aI, UserImpl as aJ, AuthImpl as aK, _getClientVersion as aL, _generateEventId as aM, AuthPopup as aN, FetchProvider as aO, SAMLAuthCredential as aP, signInWithEmailAndPassword as aa, sendSignInLinkToEmail as ab, isSignInWithEmailLink as ac, signInWithEmailLink as ad, fetchSignInMethodsForEmail as ae, sendEmailVerification as af, verifyBeforeUpdateEmail as ag, ActionCodeURL as ah, parseActionCodeURL as ai, updateProfile as aj, updateEmail as ak, updatePassword as al, getIdToken as am, getIdTokenResult as an, unlink as ao, getAdditionalUserInfo as ap, reload as aq, getMultiFactorResolver as ar, multiFactor as as, _isIOS as at, _isAndroid as au, _fail as av, _getRedirectUrl as aw, debugAssert as ax, _getProjectConfig as ay, _isIOS7Or8 as az, browserLocalPersistence as b, signInWithPopup as c, linkWithPopup as d, reauthenticateWithPopup as e, signInWithRedirect as f, linkWithRedirect as g, reauthenticateWithRedirect as h, indexedDBLocalPersistence as i, getRedirectResult as j, browserPopupRedirectResolver as k, linkWithPhoneNumber as l, PhoneMultiFactorGenerator as m, TotpSecret as n, getAuth as o, ProviderId as p, setPersistence as q, reauthenticateWithPhoneNumber as r, signInWithPhoneNumber as s, initializeRecaptchaConfig as t, updatePhoneNumber as u, validatePassword as v, onIdTokenChanged as w, beforeAuthStateChanged as x, onAuthStateChanged as y, useDeviceLanguage as z };
|
|
12456
|
+
//# sourceMappingURL=index-4ab2fcdf.js.map
|