@firebase/auth 1.1.0-canary.e201e5390 → 1.1.0-canary.f497a400a
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +28 -1
- package/dist/auth-public.d.ts +119 -0
- package/dist/auth.d.ts +179 -2
- package/dist/browser-cjs/{index-df624435.js → index-316b8221.js} +548 -274
- package/dist/browser-cjs/index-316b8221.js.map +1 -0
- package/dist/browser-cjs/index.js +3 -2
- package/dist/browser-cjs/index.js.map +1 -1
- package/dist/browser-cjs/internal.js +3 -2
- package/dist/browser-cjs/internal.js.map +1 -1
- package/dist/browser-cjs/src/api/errors.d.ts +2 -1
- package/dist/browser-cjs/src/api/index.d.ts +2 -1
- package/dist/browser-cjs/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/browser-cjs/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/browser-cjs/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/browser-cjs/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/browser-cjs/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/browser-cjs/src/core/errors.d.ts +3 -1
- package/dist/browser-cjs/src/core/index.d.ts +25 -1
- package/dist/browser-cjs/src/model/auth.d.ts +7 -2
- package/dist/browser-cjs/src/model/password_policy.d.ts +111 -0
- package/dist/browser-cjs/src/model/public_types.d.ts +88 -0
- package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/browser-cjs/src/platform_node/index.d.ts +1 -0
- package/dist/browser-cjs/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/browser-cjs/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/cordova/index.js +2 -2
- package/dist/cordova/internal.js +2 -2
- package/dist/cordova/{popup_redirect-b7da569e.js → popup_redirect-2410e07a.js} +737 -413
- package/dist/cordova/popup_redirect-2410e07a.js.map +1 -0
- package/dist/cordova/src/api/errors.d.ts +2 -1
- package/dist/cordova/src/api/index.d.ts +2 -1
- package/dist/cordova/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/cordova/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/cordova/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/cordova/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/cordova/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/cordova/src/core/errors.d.ts +3 -1
- package/dist/cordova/src/core/index.d.ts +25 -1
- package/dist/cordova/src/model/auth.d.ts +7 -2
- package/dist/cordova/src/model/password_policy.d.ts +111 -0
- package/dist/cordova/src/model/public_types.d.ts +88 -0
- package/dist/cordova/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/cordova/src/platform_node/index.d.ts +1 -0
- package/dist/cordova/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/cordova/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/esm2017/{index-e04f7451.js → index-9be3d514.js} +548 -275
- package/dist/esm2017/index-9be3d514.js.map +1 -0
- package/dist/esm2017/index.js +2 -2
- package/dist/esm2017/internal.js +3 -3
- package/dist/esm2017/src/api/errors.d.ts +2 -1
- package/dist/esm2017/src/api/index.d.ts +2 -1
- package/dist/esm2017/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/esm2017/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/esm2017/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/esm2017/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/esm2017/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/esm2017/src/core/errors.d.ts +3 -1
- package/dist/esm2017/src/core/index.d.ts +25 -1
- package/dist/esm2017/src/model/auth.d.ts +7 -2
- package/dist/esm2017/src/model/password_policy.d.ts +111 -0
- package/dist/esm2017/src/model/public_types.d.ts +88 -0
- package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/esm2017/src/platform_node/index.d.ts +1 -0
- package/dist/esm2017/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/esm2017/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/esm5/{index-8ca3adc5.js → index-4ab2fcdf.js} +737 -413
- package/dist/esm5/index-4ab2fcdf.js.map +1 -0
- package/dist/esm5/index.js +1 -1
- package/dist/esm5/internal.js +2 -2
- package/dist/esm5/src/api/errors.d.ts +2 -1
- package/dist/esm5/src/api/index.d.ts +2 -1
- package/dist/esm5/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/esm5/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/esm5/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/esm5/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/esm5/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/esm5/src/core/errors.d.ts +3 -1
- package/dist/esm5/src/core/index.d.ts +25 -1
- package/dist/esm5/src/model/auth.d.ts +7 -2
- package/dist/esm5/src/model/password_policy.d.ts +111 -0
- package/dist/esm5/src/model/public_types.d.ts +88 -0
- package/dist/esm5/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/esm5/src/platform_node/index.d.ts +1 -0
- package/dist/esm5/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/esm5/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/index.webworker.esm5.js +811 -487
- package/dist/index.webworker.esm5.js.map +1 -1
- package/dist/node/index.js +2 -1
- package/dist/node/index.js.map +1 -1
- package/dist/node/internal.js +2 -1
- package/dist/node/internal.js.map +1 -1
- package/dist/node/src/api/errors.d.ts +2 -1
- package/dist/node/src/api/index.d.ts +2 -1
- package/dist/node/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/node/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/node/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/node/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/node/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/node/src/core/errors.d.ts +3 -1
- package/dist/node/src/core/index.d.ts +25 -1
- package/dist/node/src/model/auth.d.ts +7 -2
- package/dist/node/src/model/password_policy.d.ts +111 -0
- package/dist/node/src/model/public_types.d.ts +88 -0
- package/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/node/src/platform_node/index.d.ts +1 -0
- package/dist/node/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/node/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/node/{totp-1af99381.js → totp-4cc8bac4.js} +700 -375
- package/dist/node/totp-4cc8bac4.js.map +1 -0
- package/dist/node-esm/index.js +1 -1
- package/dist/node-esm/internal.js +2 -2
- package/dist/node-esm/src/api/errors.d.ts +2 -1
- package/dist/node-esm/src/api/index.d.ts +2 -1
- package/dist/node-esm/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/node-esm/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/node-esm/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/node-esm/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/node-esm/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/node-esm/src/core/errors.d.ts +3 -1
- package/dist/node-esm/src/core/index.d.ts +25 -1
- package/dist/node-esm/src/model/auth.d.ts +7 -2
- package/dist/node-esm/src/model/password_policy.d.ts +111 -0
- package/dist/node-esm/src/model/public_types.d.ts +88 -0
- package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/node-esm/src/platform_node/index.d.ts +1 -0
- package/dist/node-esm/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/node-esm/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/node-esm/{totp-7de24448.js → totp-79809646.js} +540 -267
- package/dist/node-esm/totp-79809646.js.map +1 -0
- package/dist/rn/index.js +2 -1
- package/dist/rn/index.js.map +1 -1
- package/dist/rn/internal.js +2 -1
- package/dist/rn/internal.js.map +1 -1
- package/dist/rn/{phone-a11d12b4.js → phone-87fdb2ba.js} +717 -392
- package/dist/rn/phone-87fdb2ba.js.map +1 -0
- package/dist/rn/src/api/errors.d.ts +2 -1
- package/dist/rn/src/api/index.d.ts +2 -1
- package/dist/rn/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/rn/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/rn/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/rn/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/rn/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/rn/src/core/errors.d.ts +3 -1
- package/dist/rn/src/core/index.d.ts +25 -1
- package/dist/rn/src/model/auth.d.ts +7 -2
- package/dist/rn/src/model/password_policy.d.ts +111 -0
- package/dist/rn/src/model/public_types.d.ts +88 -0
- package/dist/rn/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/rn/src/platform_node/index.d.ts +1 -0
- package/dist/rn/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/rn/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/src/api/errors.d.ts +2 -1
- package/dist/src/api/index.d.ts +2 -1
- package/dist/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/src/core/errors.d.ts +3 -1
- package/dist/src/core/index.d.ts +25 -1
- package/dist/src/model/auth.d.ts +7 -2
- package/dist/src/model/password_policy.d.ts +111 -0
- package/dist/src/model/public_types.d.ts +88 -0
- package/dist/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/src/platform_node/index.d.ts +1 -0
- package/dist/test/helpers/integration/helpers.d.ts +6 -0
- package/dist/test/integration/flows/password_policy.test.d.ts +17 -0
- package/package.json +6 -6
- package/dist/browser-cjs/index-df624435.js.map +0 -1
- package/dist/cordova/popup_redirect-b7da569e.js.map +0 -1
- package/dist/esm2017/index-e04f7451.js.map +0 -1
- package/dist/esm5/index-8ca3adc5.js.map +0 -1
- package/dist/node/totp-1af99381.js.map +0 -1
- package/dist/node-esm/totp-7de24448.js.map +0 -1
- package/dist/rn/phone-a11d12b4.js.map +0 -1
|
@@ -126,6 +126,49 @@ var ActionCodeOperation = {
|
|
|
126
126
|
VERIFY_EMAIL: 'VERIFY_EMAIL'
|
|
127
127
|
};
|
|
128
128
|
|
|
129
|
+
/**
|
|
130
|
+
* @license
|
|
131
|
+
* Copyright 2020 Google LLC
|
|
132
|
+
*
|
|
133
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
134
|
+
* you may not use this file except in compliance with the License.
|
|
135
|
+
* You may obtain a copy of the License at
|
|
136
|
+
*
|
|
137
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
138
|
+
*
|
|
139
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
140
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
141
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
142
|
+
* See the License for the specific language governing permissions and
|
|
143
|
+
* limitations under the License.
|
|
144
|
+
*/
|
|
145
|
+
function isEnterprise(grecaptcha) {
|
|
146
|
+
return (grecaptcha !== undefined &&
|
|
147
|
+
grecaptcha.enterprise !== undefined);
|
|
148
|
+
}
|
|
149
|
+
var RecaptchaConfig = /** @class */ (function () {
|
|
150
|
+
function RecaptchaConfig(response) {
|
|
151
|
+
/**
|
|
152
|
+
* The reCAPTCHA site key.
|
|
153
|
+
*/
|
|
154
|
+
this.siteKey = '';
|
|
155
|
+
/**
|
|
156
|
+
* The reCAPTCHA enablement status of the {@link EmailAuthProvider} for the current tenant.
|
|
157
|
+
*/
|
|
158
|
+
this.emailPasswordEnabled = false;
|
|
159
|
+
if (response.recaptchaKey === undefined) {
|
|
160
|
+
throw new Error('recaptchaKey undefined');
|
|
161
|
+
}
|
|
162
|
+
// Example response.recaptchaKey: "projects/proj123/keys/sitekey123"
|
|
163
|
+
this.siteKey = response.recaptchaKey.split('/')[3];
|
|
164
|
+
this.emailPasswordEnabled = response.recaptchaEnforcementState.some(function (enforcementState) {
|
|
165
|
+
return enforcementState.provider === 'EMAIL_PASSWORD_PROVIDER' &&
|
|
166
|
+
enforcementState.enforcementState !== 'OFF';
|
|
167
|
+
});
|
|
168
|
+
}
|
|
169
|
+
return RecaptchaConfig;
|
|
170
|
+
}());
|
|
171
|
+
|
|
129
172
|
/**
|
|
130
173
|
* @license
|
|
131
174
|
* Copyright 2020 Google LLC
|
|
@@ -298,6 +341,8 @@ function _debugErrorMap() {
|
|
|
298
341
|
_a["missing-recaptcha-version" /* AuthErrorCode.MISSING_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is missing when sending request to the backend.',
|
|
299
342
|
_a["invalid-req-type" /* AuthErrorCode.INVALID_REQ_TYPE */] = 'Invalid request parameters.',
|
|
300
343
|
_a["invalid-recaptcha-version" /* AuthErrorCode.INVALID_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is invalid when sending request to the backend.',
|
|
344
|
+
_a["unsupported-password-policy-schema-version" /* AuthErrorCode.UNSUPPORTED_PASSWORD_POLICY_SCHEMA_VERSION */] = 'The password policy received from the backend uses a schema version that is not supported by this version of the Firebase SDK.',
|
|
345
|
+
_a["password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */] = 'The password does not meet the requirements.',
|
|
301
346
|
_a;
|
|
302
347
|
}
|
|
303
348
|
function _prodErrorMap() {
|
|
@@ -833,6 +878,7 @@ var SERVER_ERROR_MAP = (_a$1 = {},
|
|
|
833
878
|
_a$1["USER_NOT_FOUND" /* ServerError.USER_NOT_FOUND */] = "user-token-expired" /* AuthErrorCode.TOKEN_EXPIRED */,
|
|
834
879
|
// Other errors.
|
|
835
880
|
_a$1["TOO_MANY_ATTEMPTS_TRY_LATER" /* ServerError.TOO_MANY_ATTEMPTS_TRY_LATER */] = "too-many-requests" /* AuthErrorCode.TOO_MANY_ATTEMPTS_TRY_LATER */,
|
|
881
|
+
_a$1["PASSWORD_DOES_NOT_MEET_REQUIREMENTS" /* ServerError.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */] = "password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */,
|
|
836
882
|
// Phone Auth related errors.
|
|
837
883
|
_a$1["INVALID_CODE" /* ServerError.INVALID_CODE */] = "invalid-verification-code" /* AuthErrorCode.INVALID_CODE */,
|
|
838
884
|
_a$1["INVALID_SESSION_INFO" /* ServerError.INVALID_SESSION_INFO */] = "invalid-verification-id" /* AuthErrorCode.INVALID_SESSION_INFO */,
|
|
@@ -1058,6 +1104,30 @@ function _makeTaggedError(auth, code, response) {
|
|
|
1058
1104
|
return error;
|
|
1059
1105
|
}
|
|
1060
1106
|
|
|
1107
|
+
/**
|
|
1108
|
+
* @license
|
|
1109
|
+
* Copyright 2020 Google LLC
|
|
1110
|
+
*
|
|
1111
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
1112
|
+
* you may not use this file except in compliance with the License.
|
|
1113
|
+
* You may obtain a copy of the License at
|
|
1114
|
+
*
|
|
1115
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
1116
|
+
*
|
|
1117
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
1118
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
1119
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
1120
|
+
* See the License for the specific language governing permissions and
|
|
1121
|
+
* limitations under the License.
|
|
1122
|
+
*/
|
|
1123
|
+
function getRecaptchaConfig(auth, request) {
|
|
1124
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
1125
|
+
return tslib.__generator(this, function (_a) {
|
|
1126
|
+
return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/recaptchaConfig" /* Endpoint.GET_RECAPTCHA_CONFIG */, _addTidIfNecessary(auth, request))];
|
|
1127
|
+
});
|
|
1128
|
+
});
|
|
1129
|
+
}
|
|
1130
|
+
|
|
1061
1131
|
/**
|
|
1062
1132
|
* @license
|
|
1063
1133
|
* Copyright 2020 Google LLC
|
|
@@ -2451,7 +2521,7 @@ function _getClientVersion(clientPlatform, frameworks) {
|
|
|
2451
2521
|
|
|
2452
2522
|
/**
|
|
2453
2523
|
* @license
|
|
2454
|
-
* Copyright
|
|
2524
|
+
* Copyright 2022 Google LLC
|
|
2455
2525
|
*
|
|
2456
2526
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2457
2527
|
* you may not use this file except in compliance with the License.
|
|
@@ -2465,17 +2535,97 @@ function _getClientVersion(clientPlatform, frameworks) {
|
|
|
2465
2535
|
* See the License for the specific language governing permissions and
|
|
2466
2536
|
* limitations under the License.
|
|
2467
2537
|
*/
|
|
2468
|
-
function
|
|
2469
|
-
|
|
2470
|
-
|
|
2471
|
-
|
|
2538
|
+
var AuthMiddlewareQueue = /** @class */ (function () {
|
|
2539
|
+
function AuthMiddlewareQueue(auth) {
|
|
2540
|
+
this.auth = auth;
|
|
2541
|
+
this.queue = [];
|
|
2542
|
+
}
|
|
2543
|
+
AuthMiddlewareQueue.prototype.pushCallback = function (callback, onAbort) {
|
|
2544
|
+
var _this = this;
|
|
2545
|
+
// The callback could be sync or async. Wrap it into a
|
|
2546
|
+
// function that is always async.
|
|
2547
|
+
var wrappedCallback = function (user) {
|
|
2548
|
+
return new Promise(function (resolve, reject) {
|
|
2549
|
+
try {
|
|
2550
|
+
var result = callback(user);
|
|
2551
|
+
// Either resolve with existing promise or wrap a non-promise
|
|
2552
|
+
// return value into a promise.
|
|
2553
|
+
resolve(result);
|
|
2554
|
+
}
|
|
2555
|
+
catch (e) {
|
|
2556
|
+
// Sync callback throws.
|
|
2557
|
+
reject(e);
|
|
2558
|
+
}
|
|
2559
|
+
});
|
|
2560
|
+
};
|
|
2561
|
+
// Attach the onAbort if present
|
|
2562
|
+
wrappedCallback.onAbort = onAbort;
|
|
2563
|
+
this.queue.push(wrappedCallback);
|
|
2564
|
+
var index = this.queue.length - 1;
|
|
2565
|
+
return function () {
|
|
2566
|
+
// Unsubscribe. Replace with no-op. Do not remove from array, or it will disturb
|
|
2567
|
+
// indexing of other elements.
|
|
2568
|
+
_this.queue[index] = function () { return Promise.resolve(); };
|
|
2569
|
+
};
|
|
2570
|
+
};
|
|
2571
|
+
AuthMiddlewareQueue.prototype.runMiddleware = function (nextUser) {
|
|
2572
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
2573
|
+
var onAbortStack, _i, _a, beforeStateCallback, e_1, _b, onAbortStack_1, onAbort;
|
|
2574
|
+
return tslib.__generator(this, function (_c) {
|
|
2575
|
+
switch (_c.label) {
|
|
2576
|
+
case 0:
|
|
2577
|
+
if (this.auth.currentUser === nextUser) {
|
|
2578
|
+
return [2 /*return*/];
|
|
2579
|
+
}
|
|
2580
|
+
onAbortStack = [];
|
|
2581
|
+
_c.label = 1;
|
|
2582
|
+
case 1:
|
|
2583
|
+
_c.trys.push([1, 6, , 7]);
|
|
2584
|
+
_i = 0, _a = this.queue;
|
|
2585
|
+
_c.label = 2;
|
|
2586
|
+
case 2:
|
|
2587
|
+
if (!(_i < _a.length)) return [3 /*break*/, 5];
|
|
2588
|
+
beforeStateCallback = _a[_i];
|
|
2589
|
+
return [4 /*yield*/, beforeStateCallback(nextUser)];
|
|
2590
|
+
case 3:
|
|
2591
|
+
_c.sent();
|
|
2592
|
+
// Only push the onAbort if the callback succeeds
|
|
2593
|
+
if (beforeStateCallback.onAbort) {
|
|
2594
|
+
onAbortStack.push(beforeStateCallback.onAbort);
|
|
2595
|
+
}
|
|
2596
|
+
_c.label = 4;
|
|
2597
|
+
case 4:
|
|
2598
|
+
_i++;
|
|
2599
|
+
return [3 /*break*/, 2];
|
|
2600
|
+
case 5: return [3 /*break*/, 7];
|
|
2601
|
+
case 6:
|
|
2602
|
+
e_1 = _c.sent();
|
|
2603
|
+
// Run all onAbort, with separate try/catch to ignore any errors and
|
|
2604
|
+
// continue
|
|
2605
|
+
onAbortStack.reverse();
|
|
2606
|
+
for (_b = 0, onAbortStack_1 = onAbortStack; _b < onAbortStack_1.length; _b++) {
|
|
2607
|
+
onAbort = onAbortStack_1[_b];
|
|
2608
|
+
try {
|
|
2609
|
+
onAbort();
|
|
2610
|
+
}
|
|
2611
|
+
catch (_) {
|
|
2612
|
+
/* swallow error */
|
|
2613
|
+
}
|
|
2614
|
+
}
|
|
2615
|
+
throw this.auth._errorFactory.create("login-blocked" /* AuthErrorCode.LOGIN_BLOCKED */, {
|
|
2616
|
+
originalMessage: e_1 === null || e_1 === void 0 ? void 0 : e_1.message
|
|
2617
|
+
});
|
|
2618
|
+
case 7: return [2 /*return*/];
|
|
2619
|
+
}
|
|
2620
|
+
});
|
|
2472
2621
|
});
|
|
2473
|
-
}
|
|
2474
|
-
|
|
2622
|
+
};
|
|
2623
|
+
return AuthMiddlewareQueue;
|
|
2624
|
+
}());
|
|
2475
2625
|
|
|
2476
2626
|
/**
|
|
2477
2627
|
* @license
|
|
2478
|
-
* Copyright
|
|
2628
|
+
* Copyright 2023 Google LLC
|
|
2479
2629
|
*
|
|
2480
2630
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2481
2631
|
* you may not use this file except in compliance with the License.
|
|
@@ -2489,36 +2639,25 @@ function getRecaptchaConfig(auth, request) {
|
|
|
2489
2639
|
* See the License for the specific language governing permissions and
|
|
2490
2640
|
* limitations under the License.
|
|
2491
2641
|
*/
|
|
2492
|
-
|
|
2493
|
-
|
|
2494
|
-
|
|
2495
|
-
|
|
2496
|
-
|
|
2497
|
-
|
|
2498
|
-
|
|
2499
|
-
|
|
2500
|
-
|
|
2501
|
-
|
|
2502
|
-
|
|
2503
|
-
|
|
2504
|
-
*/
|
|
2505
|
-
this.emailPasswordEnabled = false;
|
|
2506
|
-
if (response.recaptchaKey === undefined) {
|
|
2507
|
-
throw new Error('recaptchaKey undefined');
|
|
2508
|
-
}
|
|
2509
|
-
// Example response.recaptchaKey: "projects/proj123/keys/sitekey123"
|
|
2510
|
-
this.siteKey = response.recaptchaKey.split('/')[3];
|
|
2511
|
-
this.emailPasswordEnabled = response.recaptchaEnforcementState.some(function (enforcementState) {
|
|
2512
|
-
return enforcementState.provider === 'EMAIL_PASSWORD_PROVIDER' &&
|
|
2513
|
-
enforcementState.enforcementState !== 'OFF';
|
|
2642
|
+
/**
|
|
2643
|
+
* Fetches the password policy for the currently set tenant or the project if no tenant is set.
|
|
2644
|
+
*
|
|
2645
|
+
* @param auth Auth object.
|
|
2646
|
+
* @param request Password policy request.
|
|
2647
|
+
* @returns Password policy response.
|
|
2648
|
+
*/
|
|
2649
|
+
function _getPasswordPolicy(auth, request) {
|
|
2650
|
+
if (request === void 0) { request = {}; }
|
|
2651
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
2652
|
+
return tslib.__generator(this, function (_a) {
|
|
2653
|
+
return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/passwordPolicy" /* Endpoint.GET_PASSWORD_POLICY */, _addTidIfNecessary(auth, request))];
|
|
2514
2654
|
});
|
|
2515
|
-
}
|
|
2516
|
-
|
|
2517
|
-
}());
|
|
2655
|
+
});
|
|
2656
|
+
}
|
|
2518
2657
|
|
|
2519
2658
|
/**
|
|
2520
2659
|
* @license
|
|
2521
|
-
* Copyright
|
|
2660
|
+
* Copyright 2023 Google LLC
|
|
2522
2661
|
*
|
|
2523
2662
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2524
2663
|
* you may not use this file except in compliance with the License.
|
|
@@ -2532,286 +2671,138 @@ var RecaptchaConfig = /** @class */ (function () {
|
|
|
2532
2671
|
* See the License for the specific language governing permissions and
|
|
2533
2672
|
* limitations under the License.
|
|
2534
2673
|
*/
|
|
2535
|
-
|
|
2536
|
-
|
|
2537
|
-
|
|
2538
|
-
|
|
2539
|
-
|
|
2540
|
-
|
|
2541
|
-
|
|
2542
|
-
|
|
2543
|
-
|
|
2544
|
-
|
|
2545
|
-
|
|
2546
|
-
|
|
2547
|
-
|
|
2548
|
-
|
|
2674
|
+
// Minimum min password length enforced by the backend, even if no minimum length is set.
|
|
2675
|
+
var MINIMUM_MIN_PASSWORD_LENGTH = 6;
|
|
2676
|
+
/**
|
|
2677
|
+
* Stores password policy requirements and provides password validation against the policy.
|
|
2678
|
+
*
|
|
2679
|
+
* @internal
|
|
2680
|
+
*/
|
|
2681
|
+
var PasswordPolicyImpl = /** @class */ (function () {
|
|
2682
|
+
function PasswordPolicyImpl(response) {
|
|
2683
|
+
var _a, _b, _c, _d;
|
|
2684
|
+
// Only include custom strength options defined in the response.
|
|
2685
|
+
var responseOptions = response.customStrengthOptions;
|
|
2686
|
+
this.customStrengthOptions = {};
|
|
2687
|
+
// TODO: Remove once the backend is updated to include the minimum min password length instead of undefined when there is no minimum length set.
|
|
2688
|
+
this.customStrengthOptions.minPasswordLength =
|
|
2689
|
+
(_a = responseOptions.minPasswordLength) !== null && _a !== void 0 ? _a : MINIMUM_MIN_PASSWORD_LENGTH;
|
|
2690
|
+
if (responseOptions.maxPasswordLength) {
|
|
2691
|
+
this.customStrengthOptions.maxPasswordLength =
|
|
2692
|
+
responseOptions.maxPasswordLength;
|
|
2693
|
+
}
|
|
2694
|
+
if (responseOptions.containsLowercaseCharacter !== undefined) {
|
|
2695
|
+
this.customStrengthOptions.containsLowercaseLetter =
|
|
2696
|
+
responseOptions.containsLowercaseCharacter;
|
|
2697
|
+
}
|
|
2698
|
+
if (responseOptions.containsUppercaseCharacter !== undefined) {
|
|
2699
|
+
this.customStrengthOptions.containsUppercaseLetter =
|
|
2700
|
+
responseOptions.containsUppercaseCharacter;
|
|
2701
|
+
}
|
|
2702
|
+
if (responseOptions.containsNumericCharacter !== undefined) {
|
|
2703
|
+
this.customStrengthOptions.containsNumericCharacter =
|
|
2704
|
+
responseOptions.containsNumericCharacter;
|
|
2705
|
+
}
|
|
2706
|
+
if (responseOptions.containsNonAlphanumericCharacter !== undefined) {
|
|
2707
|
+
this.customStrengthOptions.containsNonAlphanumericCharacter =
|
|
2708
|
+
responseOptions.containsNonAlphanumericCharacter;
|
|
2709
|
+
}
|
|
2710
|
+
this.enforcementState = response.enforcementState;
|
|
2711
|
+
if (this.enforcementState === 'ENFORCEMENT_STATE_UNSPECIFIED') {
|
|
2712
|
+
this.enforcementState = 'OFF';
|
|
2713
|
+
}
|
|
2714
|
+
// Use an empty string if no non-alphanumeric characters are specified in the response.
|
|
2715
|
+
this.allowedNonAlphanumericCharacters =
|
|
2716
|
+
(_c = (_b = response.allowedNonAlphanumericCharacters) === null || _b === void 0 ? void 0 : _b.join('')) !== null && _c !== void 0 ? _c : '';
|
|
2717
|
+
this.forceUpgradeOnSignin = (_d = response.forceUpgradeOnSignin) !== null && _d !== void 0 ? _d : false;
|
|
2718
|
+
this.schemaVersion = response.schemaVersion;
|
|
2719
|
+
}
|
|
2720
|
+
PasswordPolicyImpl.prototype.validatePassword = function (password) {
|
|
2721
|
+
var _a, _b, _c, _d, _e, _f;
|
|
2722
|
+
var status = {
|
|
2723
|
+
isValid: true,
|
|
2724
|
+
passwordPolicy: this
|
|
2549
2725
|
};
|
|
2550
|
-
|
|
2551
|
-
|
|
2552
|
-
|
|
2553
|
-
|
|
2554
|
-
|
|
2555
|
-
|
|
2556
|
-
|
|
2557
|
-
|
|
2558
|
-
|
|
2559
|
-
|
|
2560
|
-
|
|
2726
|
+
// Check the password length and character options.
|
|
2727
|
+
this.validatePasswordLengthOptions(password, status);
|
|
2728
|
+
this.validatePasswordCharacterOptions(password, status);
|
|
2729
|
+
// Combine the status into single isValid property.
|
|
2730
|
+
status.isValid && (status.isValid = (_a = status.meetsMinPasswordLength) !== null && _a !== void 0 ? _a : true);
|
|
2731
|
+
status.isValid && (status.isValid = (_b = status.meetsMaxPasswordLength) !== null && _b !== void 0 ? _b : true);
|
|
2732
|
+
status.isValid && (status.isValid = (_c = status.containsLowercaseLetter) !== null && _c !== void 0 ? _c : true);
|
|
2733
|
+
status.isValid && (status.isValid = (_d = status.containsUppercaseLetter) !== null && _d !== void 0 ? _d : true);
|
|
2734
|
+
status.isValid && (status.isValid = (_e = status.containsNumericCharacter) !== null && _e !== void 0 ? _e : true);
|
|
2735
|
+
status.isValid && (status.isValid = (_f = status.containsNonAlphanumericCharacter) !== null && _f !== void 0 ? _f : true);
|
|
2736
|
+
return status;
|
|
2737
|
+
};
|
|
2561
2738
|
/**
|
|
2739
|
+
* Validates that the password meets the length options for the policy.
|
|
2562
2740
|
*
|
|
2563
|
-
* @param
|
|
2741
|
+
* @param password Password to validate.
|
|
2742
|
+
* @param status Validation status.
|
|
2743
|
+
*/
|
|
2744
|
+
PasswordPolicyImpl.prototype.validatePasswordLengthOptions = function (password, status) {
|
|
2745
|
+
var minPasswordLength = this.customStrengthOptions.minPasswordLength;
|
|
2746
|
+
var maxPasswordLength = this.customStrengthOptions.maxPasswordLength;
|
|
2747
|
+
if (minPasswordLength) {
|
|
2748
|
+
status.meetsMinPasswordLength = password.length >= minPasswordLength;
|
|
2749
|
+
}
|
|
2750
|
+
if (maxPasswordLength) {
|
|
2751
|
+
status.meetsMaxPasswordLength = password.length <= maxPasswordLength;
|
|
2752
|
+
}
|
|
2753
|
+
};
|
|
2754
|
+
/**
|
|
2755
|
+
* Validates that the password meets the character options for the policy.
|
|
2564
2756
|
*
|
|
2757
|
+
* @param password Password to validate.
|
|
2758
|
+
* @param status Validation status.
|
|
2565
2759
|
*/
|
|
2566
|
-
function
|
|
2567
|
-
|
|
2568
|
-
|
|
2569
|
-
|
|
2570
|
-
|
|
2571
|
-
|
|
2572
|
-
|
|
2760
|
+
PasswordPolicyImpl.prototype.validatePasswordCharacterOptions = function (password, status) {
|
|
2761
|
+
// Assign statuses for requirements even if the password is an empty string.
|
|
2762
|
+
this.updatePasswordCharacterOptionsStatuses(status,
|
|
2763
|
+
/* containsLowercaseCharacter= */ false,
|
|
2764
|
+
/* containsUppercaseCharacter= */ false,
|
|
2765
|
+
/* containsNumericCharacter= */ false,
|
|
2766
|
+
/* containsNonAlphanumericCharacter= */ false);
|
|
2767
|
+
var passwordChar;
|
|
2768
|
+
for (var i = 0; i < password.length; i++) {
|
|
2769
|
+
passwordChar = password.charAt(i);
|
|
2770
|
+
this.updatePasswordCharacterOptionsStatuses(status,
|
|
2771
|
+
/* containsLowercaseCharacter= */ passwordChar >= 'a' &&
|
|
2772
|
+
passwordChar <= 'z',
|
|
2773
|
+
/* containsUppercaseCharacter= */ passwordChar >= 'A' &&
|
|
2774
|
+
passwordChar <= 'Z',
|
|
2775
|
+
/* containsNumericCharacter= */ passwordChar >= '0' &&
|
|
2776
|
+
passwordChar <= '9',
|
|
2777
|
+
/* containsNonAlphanumericCharacter= */ this.allowedNonAlphanumericCharacters.includes(passwordChar));
|
|
2778
|
+
}
|
|
2779
|
+
};
|
|
2573
2780
|
/**
|
|
2574
|
-
*
|
|
2781
|
+
* Updates the running validation status with the statuses for the character options.
|
|
2782
|
+
* Expected to be called each time a character is processed to update each option status
|
|
2783
|
+
* based on the current character.
|
|
2575
2784
|
*
|
|
2576
|
-
* @
|
|
2785
|
+
* @param status Validation status.
|
|
2786
|
+
* @param containsLowercaseCharacter Whether the character is a lowercase letter.
|
|
2787
|
+
* @param containsUppercaseCharacter Whether the character is an uppercase letter.
|
|
2788
|
+
* @param containsNumericCharacter Whether the character is a numeric character.
|
|
2789
|
+
* @param containsNonAlphanumericCharacter Whether the character is a non-alphanumeric character.
|
|
2577
2790
|
*/
|
|
2578
|
-
|
|
2579
|
-
if (
|
|
2580
|
-
|
|
2581
|
-
|
|
2582
|
-
|
|
2583
|
-
|
|
2584
|
-
|
|
2585
|
-
|
|
2586
|
-
|
|
2587
|
-
|
|
2588
|
-
|
|
2589
|
-
|
|
2590
|
-
|
|
2591
|
-
auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined) {
|
|
2592
|
-
return [2 /*return*/, auth._tenantRecaptchaConfigs[auth.tenantId].siteKey];
|
|
2593
|
-
}
|
|
2594
|
-
}
|
|
2595
|
-
return [2 /*return*/, new Promise(function (resolve, reject) { return tslib.__awaiter(_this, void 0, void 0, function () {
|
|
2596
|
-
return tslib.__generator(this, function (_a) {
|
|
2597
|
-
getRecaptchaConfig(auth, {
|
|
2598
|
-
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
|
|
2599
|
-
version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
2600
|
-
})
|
|
2601
|
-
.then(function (response) {
|
|
2602
|
-
if (response.recaptchaKey === undefined) {
|
|
2603
|
-
reject(new Error('recaptcha Enterprise site key undefined'));
|
|
2604
|
-
}
|
|
2605
|
-
else {
|
|
2606
|
-
var config = new RecaptchaConfig(response);
|
|
2607
|
-
if (auth.tenantId == null) {
|
|
2608
|
-
auth._agentRecaptchaConfig = config;
|
|
2609
|
-
}
|
|
2610
|
-
else {
|
|
2611
|
-
auth._tenantRecaptchaConfigs[auth.tenantId] = config;
|
|
2612
|
-
}
|
|
2613
|
-
return resolve(config.siteKey);
|
|
2614
|
-
}
|
|
2615
|
-
})
|
|
2616
|
-
.catch(function (error) {
|
|
2617
|
-
reject(error);
|
|
2618
|
-
});
|
|
2619
|
-
return [2 /*return*/];
|
|
2620
|
-
});
|
|
2621
|
-
}); })];
|
|
2622
|
-
});
|
|
2623
|
-
});
|
|
2624
|
-
}
|
|
2625
|
-
function retrieveRecaptchaToken(siteKey, resolve, reject) {
|
|
2626
|
-
var grecaptcha = window.grecaptcha;
|
|
2627
|
-
if (isEnterprise(grecaptcha)) {
|
|
2628
|
-
grecaptcha.enterprise.ready(function () {
|
|
2629
|
-
grecaptcha.enterprise
|
|
2630
|
-
.execute(siteKey, { action: action })
|
|
2631
|
-
.then(function (token) {
|
|
2632
|
-
resolve(token);
|
|
2633
|
-
})
|
|
2634
|
-
.catch(function () {
|
|
2635
|
-
resolve(FAKE_TOKEN);
|
|
2636
|
-
});
|
|
2637
|
-
});
|
|
2638
|
-
}
|
|
2639
|
-
else {
|
|
2640
|
-
reject(Error('No reCAPTCHA enterprise script loaded.'));
|
|
2641
|
-
}
|
|
2642
|
-
}
|
|
2643
|
-
var _this = this;
|
|
2644
|
-
return tslib.__generator(this, function (_a) {
|
|
2645
|
-
return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
2646
|
-
retrieveSiteKey(_this.auth)
|
|
2647
|
-
.then(function (siteKey) {
|
|
2648
|
-
if (!forceRefresh && isEnterprise(window.grecaptcha)) {
|
|
2649
|
-
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
2650
|
-
}
|
|
2651
|
-
else {
|
|
2652
|
-
if (typeof window === 'undefined') {
|
|
2653
|
-
reject(new Error('RecaptchaVerifier is only supported in browser'));
|
|
2654
|
-
return;
|
|
2655
|
-
}
|
|
2656
|
-
_loadJS(RECAPTCHA_ENTERPRISE_URL + siteKey)
|
|
2657
|
-
.then(function () {
|
|
2658
|
-
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
2659
|
-
})
|
|
2660
|
-
.catch(function (error) {
|
|
2661
|
-
reject(error);
|
|
2662
|
-
});
|
|
2663
|
-
}
|
|
2664
|
-
})
|
|
2665
|
-
.catch(function (error) {
|
|
2666
|
-
reject(error);
|
|
2667
|
-
});
|
|
2668
|
-
})];
|
|
2669
|
-
});
|
|
2670
|
-
});
|
|
2671
|
-
};
|
|
2672
|
-
return RecaptchaEnterpriseVerifier;
|
|
2673
|
-
}());
|
|
2674
|
-
function injectRecaptchaFields(auth, request, action, captchaResp) {
|
|
2675
|
-
if (captchaResp === void 0) { captchaResp = false; }
|
|
2676
|
-
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
2677
|
-
var verifier, captchaResponse, newRequest;
|
|
2678
|
-
return tslib.__generator(this, function (_a) {
|
|
2679
|
-
switch (_a.label) {
|
|
2680
|
-
case 0:
|
|
2681
|
-
verifier = new RecaptchaEnterpriseVerifier(auth);
|
|
2682
|
-
_a.label = 1;
|
|
2683
|
-
case 1:
|
|
2684
|
-
_a.trys.push([1, 3, , 5]);
|
|
2685
|
-
return [4 /*yield*/, verifier.verify(action)];
|
|
2686
|
-
case 2:
|
|
2687
|
-
captchaResponse = _a.sent();
|
|
2688
|
-
return [3 /*break*/, 5];
|
|
2689
|
-
case 3:
|
|
2690
|
-
_a.sent();
|
|
2691
|
-
return [4 /*yield*/, verifier.verify(action, true)];
|
|
2692
|
-
case 4:
|
|
2693
|
-
captchaResponse = _a.sent();
|
|
2694
|
-
return [3 /*break*/, 5];
|
|
2695
|
-
case 5:
|
|
2696
|
-
newRequest = tslib.__assign({}, request);
|
|
2697
|
-
if (!captchaResp) {
|
|
2698
|
-
Object.assign(newRequest, { captchaResponse: captchaResponse });
|
|
2699
|
-
}
|
|
2700
|
-
else {
|
|
2701
|
-
Object.assign(newRequest, { 'captchaResp': captchaResponse });
|
|
2702
|
-
}
|
|
2703
|
-
Object.assign(newRequest, { 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ });
|
|
2704
|
-
Object.assign(newRequest, {
|
|
2705
|
-
'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
2706
|
-
});
|
|
2707
|
-
return [2 /*return*/, newRequest];
|
|
2708
|
-
}
|
|
2709
|
-
});
|
|
2710
|
-
});
|
|
2711
|
-
}
|
|
2712
|
-
|
|
2713
|
-
/**
|
|
2714
|
-
* @license
|
|
2715
|
-
* Copyright 2022 Google LLC
|
|
2716
|
-
*
|
|
2717
|
-
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2718
|
-
* you may not use this file except in compliance with the License.
|
|
2719
|
-
* You may obtain a copy of the License at
|
|
2720
|
-
*
|
|
2721
|
-
* http://www.apache.org/licenses/LICENSE-2.0
|
|
2722
|
-
*
|
|
2723
|
-
* Unless required by applicable law or agreed to in writing, software
|
|
2724
|
-
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
2725
|
-
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
2726
|
-
* See the License for the specific language governing permissions and
|
|
2727
|
-
* limitations under the License.
|
|
2728
|
-
*/
|
|
2729
|
-
var AuthMiddlewareQueue = /** @class */ (function () {
|
|
2730
|
-
function AuthMiddlewareQueue(auth) {
|
|
2731
|
-
this.auth = auth;
|
|
2732
|
-
this.queue = [];
|
|
2733
|
-
}
|
|
2734
|
-
AuthMiddlewareQueue.prototype.pushCallback = function (callback, onAbort) {
|
|
2735
|
-
var _this = this;
|
|
2736
|
-
// The callback could be sync or async. Wrap it into a
|
|
2737
|
-
// function that is always async.
|
|
2738
|
-
var wrappedCallback = function (user) {
|
|
2739
|
-
return new Promise(function (resolve, reject) {
|
|
2740
|
-
try {
|
|
2741
|
-
var result = callback(user);
|
|
2742
|
-
// Either resolve with existing promise or wrap a non-promise
|
|
2743
|
-
// return value into a promise.
|
|
2744
|
-
resolve(result);
|
|
2745
|
-
}
|
|
2746
|
-
catch (e) {
|
|
2747
|
-
// Sync callback throws.
|
|
2748
|
-
reject(e);
|
|
2749
|
-
}
|
|
2750
|
-
});
|
|
2751
|
-
};
|
|
2752
|
-
// Attach the onAbort if present
|
|
2753
|
-
wrappedCallback.onAbort = onAbort;
|
|
2754
|
-
this.queue.push(wrappedCallback);
|
|
2755
|
-
var index = this.queue.length - 1;
|
|
2756
|
-
return function () {
|
|
2757
|
-
// Unsubscribe. Replace with no-op. Do not remove from array, or it will disturb
|
|
2758
|
-
// indexing of other elements.
|
|
2759
|
-
_this.queue[index] = function () { return Promise.resolve(); };
|
|
2760
|
-
};
|
|
2761
|
-
};
|
|
2762
|
-
AuthMiddlewareQueue.prototype.runMiddleware = function (nextUser) {
|
|
2763
|
-
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
2764
|
-
var onAbortStack, _i, _a, beforeStateCallback, e_1, _b, onAbortStack_1, onAbort;
|
|
2765
|
-
return tslib.__generator(this, function (_c) {
|
|
2766
|
-
switch (_c.label) {
|
|
2767
|
-
case 0:
|
|
2768
|
-
if (this.auth.currentUser === nextUser) {
|
|
2769
|
-
return [2 /*return*/];
|
|
2770
|
-
}
|
|
2771
|
-
onAbortStack = [];
|
|
2772
|
-
_c.label = 1;
|
|
2773
|
-
case 1:
|
|
2774
|
-
_c.trys.push([1, 6, , 7]);
|
|
2775
|
-
_i = 0, _a = this.queue;
|
|
2776
|
-
_c.label = 2;
|
|
2777
|
-
case 2:
|
|
2778
|
-
if (!(_i < _a.length)) return [3 /*break*/, 5];
|
|
2779
|
-
beforeStateCallback = _a[_i];
|
|
2780
|
-
return [4 /*yield*/, beforeStateCallback(nextUser)];
|
|
2781
|
-
case 3:
|
|
2782
|
-
_c.sent();
|
|
2783
|
-
// Only push the onAbort if the callback succeeds
|
|
2784
|
-
if (beforeStateCallback.onAbort) {
|
|
2785
|
-
onAbortStack.push(beforeStateCallback.onAbort);
|
|
2786
|
-
}
|
|
2787
|
-
_c.label = 4;
|
|
2788
|
-
case 4:
|
|
2789
|
-
_i++;
|
|
2790
|
-
return [3 /*break*/, 2];
|
|
2791
|
-
case 5: return [3 /*break*/, 7];
|
|
2792
|
-
case 6:
|
|
2793
|
-
e_1 = _c.sent();
|
|
2794
|
-
// Run all onAbort, with separate try/catch to ignore any errors and
|
|
2795
|
-
// continue
|
|
2796
|
-
onAbortStack.reverse();
|
|
2797
|
-
for (_b = 0, onAbortStack_1 = onAbortStack; _b < onAbortStack_1.length; _b++) {
|
|
2798
|
-
onAbort = onAbortStack_1[_b];
|
|
2799
|
-
try {
|
|
2800
|
-
onAbort();
|
|
2801
|
-
}
|
|
2802
|
-
catch (_) {
|
|
2803
|
-
/* swallow error */
|
|
2804
|
-
}
|
|
2805
|
-
}
|
|
2806
|
-
throw this.auth._errorFactory.create("login-blocked" /* AuthErrorCode.LOGIN_BLOCKED */, {
|
|
2807
|
-
originalMessage: e_1 === null || e_1 === void 0 ? void 0 : e_1.message
|
|
2808
|
-
});
|
|
2809
|
-
case 7: return [2 /*return*/];
|
|
2810
|
-
}
|
|
2811
|
-
});
|
|
2812
|
-
});
|
|
2791
|
+
PasswordPolicyImpl.prototype.updatePasswordCharacterOptionsStatuses = function (status, containsLowercaseCharacter, containsUppercaseCharacter, containsNumericCharacter, containsNonAlphanumericCharacter) {
|
|
2792
|
+
if (this.customStrengthOptions.containsLowercaseLetter) {
|
|
2793
|
+
status.containsLowercaseLetter || (status.containsLowercaseLetter = containsLowercaseCharacter);
|
|
2794
|
+
}
|
|
2795
|
+
if (this.customStrengthOptions.containsUppercaseLetter) {
|
|
2796
|
+
status.containsUppercaseLetter || (status.containsUppercaseLetter = containsUppercaseCharacter);
|
|
2797
|
+
}
|
|
2798
|
+
if (this.customStrengthOptions.containsNumericCharacter) {
|
|
2799
|
+
status.containsNumericCharacter || (status.containsNumericCharacter = containsNumericCharacter);
|
|
2800
|
+
}
|
|
2801
|
+
if (this.customStrengthOptions.containsNonAlphanumericCharacter) {
|
|
2802
|
+
status.containsNonAlphanumericCharacter || (status.containsNonAlphanumericCharacter = containsNonAlphanumericCharacter);
|
|
2803
|
+
}
|
|
2813
2804
|
};
|
|
2814
|
-
return
|
|
2805
|
+
return PasswordPolicyImpl;
|
|
2815
2806
|
}());
|
|
2816
2807
|
|
|
2817
2808
|
/**
|
|
@@ -2844,6 +2835,7 @@ var AuthImpl = /** @class */ (function () {
|
|
|
2844
2835
|
this.beforeStateQueue = new AuthMiddlewareQueue(this);
|
|
2845
2836
|
this.redirectUser = null;
|
|
2846
2837
|
this.isProactiveRefreshEnabled = false;
|
|
2838
|
+
this.EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION = 1;
|
|
2847
2839
|
// Any network calls will set this to true and prevent subsequent emulator
|
|
2848
2840
|
// initialization
|
|
2849
2841
|
this._canInitEmulator = true;
|
|
@@ -2854,6 +2846,8 @@ var AuthImpl = /** @class */ (function () {
|
|
|
2854
2846
|
this._errorFactory = _DEFAULT_AUTH_ERROR_FACTORY;
|
|
2855
2847
|
this._agentRecaptchaConfig = null;
|
|
2856
2848
|
this._tenantRecaptchaConfigs = {};
|
|
2849
|
+
this._projectPasswordPolicy = null;
|
|
2850
|
+
this._tenantPasswordPolicies = {};
|
|
2857
2851
|
// Tracks the last notified UID for state change listeners to prevent
|
|
2858
2852
|
// repeated calls to the callbacks. Undefined means it's never been
|
|
2859
2853
|
// called, whereas null means it's been called with a signed out user
|
|
@@ -3183,41 +3177,66 @@ var AuthImpl = /** @class */ (function () {
|
|
|
3183
3177
|
});
|
|
3184
3178
|
}); });
|
|
3185
3179
|
};
|
|
3186
|
-
AuthImpl.prototype.
|
|
3180
|
+
AuthImpl.prototype._getRecaptchaConfig = function () {
|
|
3181
|
+
if (this.tenantId == null) {
|
|
3182
|
+
return this._agentRecaptchaConfig;
|
|
3183
|
+
}
|
|
3184
|
+
else {
|
|
3185
|
+
return this._tenantRecaptchaConfigs[this.tenantId];
|
|
3186
|
+
}
|
|
3187
|
+
};
|
|
3188
|
+
AuthImpl.prototype.validatePassword = function (password) {
|
|
3187
3189
|
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3188
|
-
var
|
|
3190
|
+
var passwordPolicy;
|
|
3189
3191
|
return tslib.__generator(this, function (_a) {
|
|
3190
3192
|
switch (_a.label) {
|
|
3191
|
-
case 0:
|
|
3192
|
-
|
|
3193
|
-
|
|
3194
|
-
})];
|
|
3193
|
+
case 0:
|
|
3194
|
+
if (!!this._getPasswordPolicyInternal()) return [3 /*break*/, 2];
|
|
3195
|
+
return [4 /*yield*/, this._updatePasswordPolicy()];
|
|
3195
3196
|
case 1:
|
|
3196
|
-
|
|
3197
|
-
|
|
3198
|
-
|
|
3199
|
-
|
|
3200
|
-
|
|
3201
|
-
|
|
3202
|
-
|
|
3203
|
-
|
|
3204
|
-
|
|
3205
|
-
verifier = new RecaptchaEnterpriseVerifier(this);
|
|
3206
|
-
void verifier.verify();
|
|
3197
|
+
_a.sent();
|
|
3198
|
+
_a.label = 2;
|
|
3199
|
+
case 2:
|
|
3200
|
+
passwordPolicy = this._getPasswordPolicyInternal();
|
|
3201
|
+
// Check that the policy schema version is supported by the SDK.
|
|
3202
|
+
// TODO: Update this logic to use a max supported policy schema version once we have multiple schema versions.
|
|
3203
|
+
if (passwordPolicy.schemaVersion !==
|
|
3204
|
+
this.EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION) {
|
|
3205
|
+
return [2 /*return*/, Promise.reject(this._errorFactory.create("unsupported-password-policy-schema-version" /* AuthErrorCode.UNSUPPORTED_PASSWORD_POLICY_SCHEMA_VERSION */, {}))];
|
|
3207
3206
|
}
|
|
3208
|
-
return [2 /*return
|
|
3207
|
+
return [2 /*return*/, passwordPolicy.validatePassword(password)];
|
|
3209
3208
|
}
|
|
3210
3209
|
});
|
|
3211
3210
|
});
|
|
3212
3211
|
};
|
|
3213
|
-
AuthImpl.prototype.
|
|
3214
|
-
if (this.tenantId
|
|
3215
|
-
return this.
|
|
3212
|
+
AuthImpl.prototype._getPasswordPolicyInternal = function () {
|
|
3213
|
+
if (this.tenantId === null) {
|
|
3214
|
+
return this._projectPasswordPolicy;
|
|
3216
3215
|
}
|
|
3217
3216
|
else {
|
|
3218
|
-
return this.
|
|
3217
|
+
return this._tenantPasswordPolicies[this.tenantId];
|
|
3219
3218
|
}
|
|
3220
3219
|
};
|
|
3220
|
+
AuthImpl.prototype._updatePasswordPolicy = function () {
|
|
3221
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3222
|
+
var response, passwordPolicy;
|
|
3223
|
+
return tslib.__generator(this, function (_a) {
|
|
3224
|
+
switch (_a.label) {
|
|
3225
|
+
case 0: return [4 /*yield*/, _getPasswordPolicy(this)];
|
|
3226
|
+
case 1:
|
|
3227
|
+
response = _a.sent();
|
|
3228
|
+
passwordPolicy = new PasswordPolicyImpl(response);
|
|
3229
|
+
if (this.tenantId === null) {
|
|
3230
|
+
this._projectPasswordPolicy = passwordPolicy;
|
|
3231
|
+
}
|
|
3232
|
+
else {
|
|
3233
|
+
this._tenantPasswordPolicies[this.tenantId] = passwordPolicy;
|
|
3234
|
+
}
|
|
3235
|
+
return [2 /*return*/];
|
|
3236
|
+
}
|
|
3237
|
+
});
|
|
3238
|
+
});
|
|
3239
|
+
};
|
|
3221
3240
|
AuthImpl.prototype._getPersistence = function () {
|
|
3222
3241
|
return this.assertedPersistence.persistence.type;
|
|
3223
3242
|
};
|
|
@@ -3493,54 +3512,277 @@ var AuthImpl = /** @class */ (function () {
|
|
|
3493
3512
|
AuthImpl.prototype._getAppCheckToken = function () {
|
|
3494
3513
|
var _a;
|
|
3495
3514
|
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3496
|
-
var appCheckTokenResult;
|
|
3497
|
-
return tslib.__generator(this, function (_b) {
|
|
3498
|
-
switch (_b.label) {
|
|
3499
|
-
case 0: return [4 /*yield*/, ((_a = this.appCheckServiceProvider
|
|
3500
|
-
.getImmediate({ optional: true })) === null || _a === void 0 ? void 0 : _a.getToken())];
|
|
3501
|
-
case 1:
|
|
3502
|
-
appCheckTokenResult = _b.sent();
|
|
3503
|
-
if (appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.error) {
|
|
3504
|
-
// Context: appCheck.getToken() will never throw even if an error happened.
|
|
3505
|
-
// In the error case, a dummy token will be returned along with an error field describing
|
|
3506
|
-
// the error. In general, we shouldn't care about the error condition and just use
|
|
3507
|
-
// the token (actual or dummy) to send requests.
|
|
3508
|
-
_logWarn("Error while retrieving App Check token: ".concat(appCheckTokenResult.error));
|
|
3515
|
+
var appCheckTokenResult;
|
|
3516
|
+
return tslib.__generator(this, function (_b) {
|
|
3517
|
+
switch (_b.label) {
|
|
3518
|
+
case 0: return [4 /*yield*/, ((_a = this.appCheckServiceProvider
|
|
3519
|
+
.getImmediate({ optional: true })) === null || _a === void 0 ? void 0 : _a.getToken())];
|
|
3520
|
+
case 1:
|
|
3521
|
+
appCheckTokenResult = _b.sent();
|
|
3522
|
+
if (appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.error) {
|
|
3523
|
+
// Context: appCheck.getToken() will never throw even if an error happened.
|
|
3524
|
+
// In the error case, a dummy token will be returned along with an error field describing
|
|
3525
|
+
// the error. In general, we shouldn't care about the error condition and just use
|
|
3526
|
+
// the token (actual or dummy) to send requests.
|
|
3527
|
+
_logWarn("Error while retrieving App Check token: ".concat(appCheckTokenResult.error));
|
|
3528
|
+
}
|
|
3529
|
+
return [2 /*return*/, appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.token];
|
|
3530
|
+
}
|
|
3531
|
+
});
|
|
3532
|
+
});
|
|
3533
|
+
};
|
|
3534
|
+
return AuthImpl;
|
|
3535
|
+
}());
|
|
3536
|
+
/**
|
|
3537
|
+
* Method to be used to cast down to our private implmentation of Auth.
|
|
3538
|
+
* It will also handle unwrapping from the compat type if necessary
|
|
3539
|
+
*
|
|
3540
|
+
* @param auth Auth object passed in from developer
|
|
3541
|
+
*/
|
|
3542
|
+
function _castAuth(auth) {
|
|
3543
|
+
return util.getModularInstance(auth);
|
|
3544
|
+
}
|
|
3545
|
+
/** Helper class to wrap subscriber logic */
|
|
3546
|
+
var Subscription = /** @class */ (function () {
|
|
3547
|
+
function Subscription(auth) {
|
|
3548
|
+
var _this = this;
|
|
3549
|
+
this.auth = auth;
|
|
3550
|
+
this.observer = null;
|
|
3551
|
+
this.addObserver = util.createSubscribe(function (observer) { return (_this.observer = observer); });
|
|
3552
|
+
}
|
|
3553
|
+
Object.defineProperty(Subscription.prototype, "next", {
|
|
3554
|
+
get: function () {
|
|
3555
|
+
_assert(this.observer, this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
|
|
3556
|
+
return this.observer.next.bind(this.observer);
|
|
3557
|
+
},
|
|
3558
|
+
enumerable: false,
|
|
3559
|
+
configurable: true
|
|
3560
|
+
});
|
|
3561
|
+
return Subscription;
|
|
3562
|
+
}());
|
|
3563
|
+
|
|
3564
|
+
/**
|
|
3565
|
+
* @license
|
|
3566
|
+
* Copyright 2020 Google LLC
|
|
3567
|
+
*
|
|
3568
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
3569
|
+
* you may not use this file except in compliance with the License.
|
|
3570
|
+
* You may obtain a copy of the License at
|
|
3571
|
+
*
|
|
3572
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
3573
|
+
*
|
|
3574
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
3575
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
3576
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
3577
|
+
* See the License for the specific language governing permissions and
|
|
3578
|
+
* limitations under the License.
|
|
3579
|
+
*/
|
|
3580
|
+
function getScriptParentElement() {
|
|
3581
|
+
var _a, _b;
|
|
3582
|
+
return (_b = (_a = document.getElementsByTagName('head')) === null || _a === void 0 ? void 0 : _a[0]) !== null && _b !== void 0 ? _b : document;
|
|
3583
|
+
}
|
|
3584
|
+
function _loadJS(url) {
|
|
3585
|
+
// TODO: consider adding timeout support & cancellation
|
|
3586
|
+
return new Promise(function (resolve, reject) {
|
|
3587
|
+
var el = document.createElement('script');
|
|
3588
|
+
el.setAttribute('src', url);
|
|
3589
|
+
el.onload = resolve;
|
|
3590
|
+
el.onerror = function (e) {
|
|
3591
|
+
var error = _createError("internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
|
|
3592
|
+
error.customData = e;
|
|
3593
|
+
reject(error);
|
|
3594
|
+
};
|
|
3595
|
+
el.type = 'text/javascript';
|
|
3596
|
+
el.charset = 'UTF-8';
|
|
3597
|
+
getScriptParentElement().appendChild(el);
|
|
3598
|
+
});
|
|
3599
|
+
}
|
|
3600
|
+
|
|
3601
|
+
/* eslint-disable @typescript-eslint/no-require-imports */
|
|
3602
|
+
var RECAPTCHA_ENTERPRISE_URL = 'https://www.google.com/recaptcha/enterprise.js?render=';
|
|
3603
|
+
var RECAPTCHA_ENTERPRISE_VERIFIER_TYPE = 'recaptcha-enterprise';
|
|
3604
|
+
var FAKE_TOKEN = 'NO_RECAPTCHA';
|
|
3605
|
+
var RecaptchaEnterpriseVerifier = /** @class */ (function () {
|
|
3606
|
+
/**
|
|
3607
|
+
*
|
|
3608
|
+
* @param authExtern - The corresponding Firebase {@link Auth} instance.
|
|
3609
|
+
*
|
|
3610
|
+
*/
|
|
3611
|
+
function RecaptchaEnterpriseVerifier(authExtern) {
|
|
3612
|
+
/**
|
|
3613
|
+
* Identifies the type of application verifier (e.g. "recaptcha-enterprise").
|
|
3614
|
+
*/
|
|
3615
|
+
this.type = RECAPTCHA_ENTERPRISE_VERIFIER_TYPE;
|
|
3616
|
+
this.auth = _castAuth(authExtern);
|
|
3617
|
+
}
|
|
3618
|
+
/**
|
|
3619
|
+
* Executes the verification process.
|
|
3620
|
+
*
|
|
3621
|
+
* @returns A Promise for a token that can be used to assert the validity of a request.
|
|
3622
|
+
*/
|
|
3623
|
+
RecaptchaEnterpriseVerifier.prototype.verify = function (action, forceRefresh) {
|
|
3624
|
+
if (action === void 0) { action = 'verify'; }
|
|
3625
|
+
if (forceRefresh === void 0) { forceRefresh = false; }
|
|
3626
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3627
|
+
function retrieveSiteKey(auth) {
|
|
3628
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3629
|
+
var _this = this;
|
|
3630
|
+
return tslib.__generator(this, function (_a) {
|
|
3631
|
+
if (!forceRefresh) {
|
|
3632
|
+
if (auth.tenantId == null && auth._agentRecaptchaConfig != null) {
|
|
3633
|
+
return [2 /*return*/, auth._agentRecaptchaConfig.siteKey];
|
|
3634
|
+
}
|
|
3635
|
+
if (auth.tenantId != null &&
|
|
3636
|
+
auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined) {
|
|
3637
|
+
return [2 /*return*/, auth._tenantRecaptchaConfigs[auth.tenantId].siteKey];
|
|
3638
|
+
}
|
|
3509
3639
|
}
|
|
3510
|
-
return [2 /*return*/,
|
|
3640
|
+
return [2 /*return*/, new Promise(function (resolve, reject) { return tslib.__awaiter(_this, void 0, void 0, function () {
|
|
3641
|
+
return tslib.__generator(this, function (_a) {
|
|
3642
|
+
getRecaptchaConfig(auth, {
|
|
3643
|
+
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
|
|
3644
|
+
version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
3645
|
+
})
|
|
3646
|
+
.then(function (response) {
|
|
3647
|
+
if (response.recaptchaKey === undefined) {
|
|
3648
|
+
reject(new Error('recaptcha Enterprise site key undefined'));
|
|
3649
|
+
}
|
|
3650
|
+
else {
|
|
3651
|
+
var config = new RecaptchaConfig(response);
|
|
3652
|
+
if (auth.tenantId == null) {
|
|
3653
|
+
auth._agentRecaptchaConfig = config;
|
|
3654
|
+
}
|
|
3655
|
+
else {
|
|
3656
|
+
auth._tenantRecaptchaConfigs[auth.tenantId] = config;
|
|
3657
|
+
}
|
|
3658
|
+
return resolve(config.siteKey);
|
|
3659
|
+
}
|
|
3660
|
+
})
|
|
3661
|
+
.catch(function (error) {
|
|
3662
|
+
reject(error);
|
|
3663
|
+
});
|
|
3664
|
+
return [2 /*return*/];
|
|
3665
|
+
});
|
|
3666
|
+
}); })];
|
|
3667
|
+
});
|
|
3668
|
+
});
|
|
3669
|
+
}
|
|
3670
|
+
function retrieveRecaptchaToken(siteKey, resolve, reject) {
|
|
3671
|
+
var grecaptcha = window.grecaptcha;
|
|
3672
|
+
if (isEnterprise(grecaptcha)) {
|
|
3673
|
+
grecaptcha.enterprise.ready(function () {
|
|
3674
|
+
grecaptcha.enterprise
|
|
3675
|
+
.execute(siteKey, { action: action })
|
|
3676
|
+
.then(function (token) {
|
|
3677
|
+
resolve(token);
|
|
3678
|
+
})
|
|
3679
|
+
.catch(function () {
|
|
3680
|
+
resolve(FAKE_TOKEN);
|
|
3681
|
+
});
|
|
3682
|
+
});
|
|
3683
|
+
}
|
|
3684
|
+
else {
|
|
3685
|
+
reject(Error('No reCAPTCHA enterprise script loaded.'));
|
|
3511
3686
|
}
|
|
3687
|
+
}
|
|
3688
|
+
var _this = this;
|
|
3689
|
+
return tslib.__generator(this, function (_a) {
|
|
3690
|
+
return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
3691
|
+
retrieveSiteKey(_this.auth)
|
|
3692
|
+
.then(function (siteKey) {
|
|
3693
|
+
if (!forceRefresh && isEnterprise(window.grecaptcha)) {
|
|
3694
|
+
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
3695
|
+
}
|
|
3696
|
+
else {
|
|
3697
|
+
if (typeof window === 'undefined') {
|
|
3698
|
+
reject(new Error('RecaptchaVerifier is only supported in browser'));
|
|
3699
|
+
return;
|
|
3700
|
+
}
|
|
3701
|
+
_loadJS(RECAPTCHA_ENTERPRISE_URL + siteKey)
|
|
3702
|
+
.then(function () {
|
|
3703
|
+
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
3704
|
+
})
|
|
3705
|
+
.catch(function (error) {
|
|
3706
|
+
reject(error);
|
|
3707
|
+
});
|
|
3708
|
+
}
|
|
3709
|
+
})
|
|
3710
|
+
.catch(function (error) {
|
|
3711
|
+
reject(error);
|
|
3712
|
+
});
|
|
3713
|
+
})];
|
|
3512
3714
|
});
|
|
3513
3715
|
});
|
|
3514
3716
|
};
|
|
3515
|
-
return
|
|
3717
|
+
return RecaptchaEnterpriseVerifier;
|
|
3516
3718
|
}());
|
|
3517
|
-
|
|
3518
|
-
|
|
3519
|
-
|
|
3520
|
-
|
|
3521
|
-
|
|
3522
|
-
|
|
3523
|
-
|
|
3524
|
-
|
|
3719
|
+
function injectRecaptchaFields(auth, request, action, captchaResp) {
|
|
3720
|
+
if (captchaResp === void 0) { captchaResp = false; }
|
|
3721
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3722
|
+
var verifier, captchaResponse, newRequest;
|
|
3723
|
+
return tslib.__generator(this, function (_a) {
|
|
3724
|
+
switch (_a.label) {
|
|
3725
|
+
case 0:
|
|
3726
|
+
verifier = new RecaptchaEnterpriseVerifier(auth);
|
|
3727
|
+
_a.label = 1;
|
|
3728
|
+
case 1:
|
|
3729
|
+
_a.trys.push([1, 3, , 5]);
|
|
3730
|
+
return [4 /*yield*/, verifier.verify(action)];
|
|
3731
|
+
case 2:
|
|
3732
|
+
captchaResponse = _a.sent();
|
|
3733
|
+
return [3 /*break*/, 5];
|
|
3734
|
+
case 3:
|
|
3735
|
+
_a.sent();
|
|
3736
|
+
return [4 /*yield*/, verifier.verify(action, true)];
|
|
3737
|
+
case 4:
|
|
3738
|
+
captchaResponse = _a.sent();
|
|
3739
|
+
return [3 /*break*/, 5];
|
|
3740
|
+
case 5:
|
|
3741
|
+
newRequest = tslib.__assign({}, request);
|
|
3742
|
+
if (!captchaResp) {
|
|
3743
|
+
Object.assign(newRequest, { captchaResponse: captchaResponse });
|
|
3744
|
+
}
|
|
3745
|
+
else {
|
|
3746
|
+
Object.assign(newRequest, { 'captchaResp': captchaResponse });
|
|
3747
|
+
}
|
|
3748
|
+
Object.assign(newRequest, { 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ });
|
|
3749
|
+
Object.assign(newRequest, {
|
|
3750
|
+
'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
3751
|
+
});
|
|
3752
|
+
return [2 /*return*/, newRequest];
|
|
3753
|
+
}
|
|
3754
|
+
});
|
|
3755
|
+
});
|
|
3525
3756
|
}
|
|
3526
|
-
|
|
3527
|
-
|
|
3528
|
-
|
|
3529
|
-
|
|
3530
|
-
|
|
3531
|
-
|
|
3532
|
-
|
|
3533
|
-
|
|
3534
|
-
|
|
3535
|
-
|
|
3536
|
-
|
|
3537
|
-
|
|
3538
|
-
|
|
3539
|
-
|
|
3540
|
-
|
|
3757
|
+
function _initializeRecaptchaConfig(auth) {
|
|
3758
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3759
|
+
var authInternal, response, config, verifier;
|
|
3760
|
+
return tslib.__generator(this, function (_a) {
|
|
3761
|
+
switch (_a.label) {
|
|
3762
|
+
case 0:
|
|
3763
|
+
authInternal = _castAuth(auth);
|
|
3764
|
+
return [4 /*yield*/, getRecaptchaConfig(authInternal, {
|
|
3765
|
+
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
|
|
3766
|
+
version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
3767
|
+
})];
|
|
3768
|
+
case 1:
|
|
3769
|
+
response = _a.sent();
|
|
3770
|
+
config = new RecaptchaConfig(response);
|
|
3771
|
+
if (authInternal.tenantId == null) {
|
|
3772
|
+
authInternal._agentRecaptchaConfig = config;
|
|
3773
|
+
}
|
|
3774
|
+
else {
|
|
3775
|
+
authInternal._tenantRecaptchaConfigs[authInternal.tenantId] = config;
|
|
3776
|
+
}
|
|
3777
|
+
if (config.emailPasswordEnabled) {
|
|
3778
|
+
verifier = new RecaptchaEnterpriseVerifier(authInternal);
|
|
3779
|
+
void verifier.verify();
|
|
3780
|
+
}
|
|
3781
|
+
return [2 /*return*/];
|
|
3782
|
+
}
|
|
3783
|
+
});
|
|
3541
3784
|
});
|
|
3542
|
-
|
|
3543
|
-
}());
|
|
3785
|
+
}
|
|
3544
3786
|
|
|
3545
3787
|
/**
|
|
3546
3788
|
* @license
|
|
@@ -6193,6 +6435,36 @@ function _setActionCodeSettingsOnRequest(auth, request, actionCodeSettings) {
|
|
|
6193
6435
|
* See the License for the specific language governing permissions and
|
|
6194
6436
|
* limitations under the License.
|
|
6195
6437
|
*/
|
|
6438
|
+
/**
|
|
6439
|
+
* Updates the password policy cached in the {@link Auth} instance if a policy is already
|
|
6440
|
+
* cached for the project or tenant.
|
|
6441
|
+
*
|
|
6442
|
+
* @remarks
|
|
6443
|
+
* We only fetch the password policy if the password did not meet policy requirements and
|
|
6444
|
+
* there is an existing policy cached. A developer must call validatePassword at least
|
|
6445
|
+
* once for the cache to be automatically updated.
|
|
6446
|
+
*
|
|
6447
|
+
* @param auth - The {@link Auth} instance.
|
|
6448
|
+
*
|
|
6449
|
+
* @private
|
|
6450
|
+
*/
|
|
6451
|
+
function recachePasswordPolicy(auth) {
|
|
6452
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
6453
|
+
var authInternal;
|
|
6454
|
+
return tslib.__generator(this, function (_a) {
|
|
6455
|
+
switch (_a.label) {
|
|
6456
|
+
case 0:
|
|
6457
|
+
authInternal = _castAuth(auth);
|
|
6458
|
+
if (!authInternal._getPasswordPolicyInternal()) return [3 /*break*/, 2];
|
|
6459
|
+
return [4 /*yield*/, authInternal._updatePasswordPolicy()];
|
|
6460
|
+
case 1:
|
|
6461
|
+
_a.sent();
|
|
6462
|
+
_a.label = 2;
|
|
6463
|
+
case 2: return [2 /*return*/];
|
|
6464
|
+
}
|
|
6465
|
+
});
|
|
6466
|
+
});
|
|
6467
|
+
}
|
|
6196
6468
|
/**
|
|
6197
6469
|
* Sends a password reset email to the given email address.
|
|
6198
6470
|
*
|
|
@@ -6296,12 +6568,22 @@ function sendPasswordResetEmail(auth, email, actionCodeSettings) {
|
|
|
6296
6568
|
*/
|
|
6297
6569
|
function confirmPasswordReset(auth, oobCode, newPassword) {
|
|
6298
6570
|
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
6571
|
+
var _this = this;
|
|
6299
6572
|
return tslib.__generator(this, function (_a) {
|
|
6300
6573
|
switch (_a.label) {
|
|
6301
6574
|
case 0: return [4 /*yield*/, resetPassword(util.getModularInstance(auth), {
|
|
6302
6575
|
oobCode: oobCode,
|
|
6303
6576
|
newPassword: newPassword
|
|
6304
|
-
})
|
|
6577
|
+
})
|
|
6578
|
+
.catch(function (error) { return tslib.__awaiter(_this, void 0, void 0, function () {
|
|
6579
|
+
return tslib.__generator(this, function (_a) {
|
|
6580
|
+
if (error.code ===
|
|
6581
|
+
"auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
|
|
6582
|
+
void recachePasswordPolicy(auth);
|
|
6583
|
+
}
|
|
6584
|
+
throw error;
|
|
6585
|
+
});
|
|
6586
|
+
}); })];
|
|
6305
6587
|
case 1:
|
|
6306
6588
|
_a.sent();
|
|
6307
6589
|
return [2 /*return*/];
|
|
@@ -6457,13 +6739,16 @@ function createUserWithEmailAndPassword(auth, email, password) {
|
|
|
6457
6739
|
case 1:
|
|
6458
6740
|
requestWithRecaptcha = _a.sent();
|
|
6459
6741
|
return [2 /*return*/, signUp(authInternal, requestWithRecaptcha)];
|
|
6460
|
-
case 2:
|
|
6742
|
+
case 2: throw error;
|
|
6461
6743
|
}
|
|
6462
6744
|
});
|
|
6463
6745
|
}); });
|
|
6464
6746
|
_b.label = 3;
|
|
6465
6747
|
case 3: return [4 /*yield*/, signUpResponse.catch(function (error) {
|
|
6466
|
-
|
|
6748
|
+
if (error.code === "auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
|
|
6749
|
+
void recachePasswordPolicy(auth);
|
|
6750
|
+
}
|
|
6751
|
+
throw error;
|
|
6467
6752
|
})];
|
|
6468
6753
|
case 4:
|
|
6469
6754
|
response = _b.sent();
|
|
@@ -6495,7 +6780,15 @@ function createUserWithEmailAndPassword(auth, email, password) {
|
|
|
6495
6780
|
* @public
|
|
6496
6781
|
*/
|
|
6497
6782
|
function signInWithEmailAndPassword(auth, email, password) {
|
|
6498
|
-
|
|
6783
|
+
var _this = this;
|
|
6784
|
+
return signInWithCredential(util.getModularInstance(auth), EmailAuthProvider.credential(email, password)).catch(function (error) { return tslib.__awaiter(_this, void 0, void 0, function () {
|
|
6785
|
+
return tslib.__generator(this, function (_a) {
|
|
6786
|
+
if (error.code === "auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
|
|
6787
|
+
void recachePasswordPolicy(auth);
|
|
6788
|
+
}
|
|
6789
|
+
throw error;
|
|
6790
|
+
});
|
|
6791
|
+
}); });
|
|
6499
6792
|
}
|
|
6500
6793
|
|
|
6501
6794
|
/**
|
|
@@ -7233,8 +7526,39 @@ function setPersistence(auth, persistence) {
|
|
|
7233
7526
|
* @public
|
|
7234
7527
|
*/
|
|
7235
7528
|
function initializeRecaptchaConfig(auth) {
|
|
7236
|
-
|
|
7237
|
-
|
|
7529
|
+
return _initializeRecaptchaConfig(auth);
|
|
7530
|
+
}
|
|
7531
|
+
/**
|
|
7532
|
+
* Validates the password against the password policy configured for the project or tenant.
|
|
7533
|
+
*
|
|
7534
|
+
* @remarks
|
|
7535
|
+
* If no tenant ID is set on the `Auth` instance, then this method will use the password
|
|
7536
|
+
* policy configured for the project. Otherwise, this method will use the policy configured
|
|
7537
|
+
* for the tenant. If a password policy has not been configured, then the default policy
|
|
7538
|
+
* configured for all projects will be used.
|
|
7539
|
+
*
|
|
7540
|
+
* If an auth flow fails because a submitted password does not meet the password policy
|
|
7541
|
+
* requirements and this method has previously been called, then this method will use the
|
|
7542
|
+
* most recent policy available when called again.
|
|
7543
|
+
*
|
|
7544
|
+
* @example
|
|
7545
|
+
* ```javascript
|
|
7546
|
+
* validatePassword(auth, 'some-password');
|
|
7547
|
+
* ```
|
|
7548
|
+
*
|
|
7549
|
+
* @param auth The {@link Auth} instance.
|
|
7550
|
+
* @param password The password to validate.
|
|
7551
|
+
*
|
|
7552
|
+
* @public
|
|
7553
|
+
*/
|
|
7554
|
+
function validatePassword(auth, password) {
|
|
7555
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
7556
|
+
var authInternal;
|
|
7557
|
+
return tslib.__generator(this, function (_a) {
|
|
7558
|
+
authInternal = _castAuth(auth);
|
|
7559
|
+
return [2 /*return*/, authInternal.validatePassword(password)];
|
|
7560
|
+
});
|
|
7561
|
+
});
|
|
7238
7562
|
}
|
|
7239
7563
|
/**
|
|
7240
7564
|
* Adds an observer for changes to the signed-in user's ID token.
|
|
@@ -7650,7 +7974,7 @@ function multiFactor(user) {
|
|
|
7650
7974
|
}
|
|
7651
7975
|
|
|
7652
7976
|
var name = "@firebase/auth";
|
|
7653
|
-
var version = "1.1.0-canary.
|
|
7977
|
+
var version = "1.1.0-canary.f497a400a";
|
|
7654
7978
|
|
|
7655
7979
|
/**
|
|
7656
7980
|
* @license
|
|
@@ -8218,6 +8542,7 @@ exports.updatePassword = updatePassword;
|
|
|
8218
8542
|
exports.updatePhoneNumber = updatePhoneNumber;
|
|
8219
8543
|
exports.updateProfile = updateProfile;
|
|
8220
8544
|
exports.useDeviceLanguage = useDeviceLanguage;
|
|
8545
|
+
exports.validatePassword = validatePassword;
|
|
8221
8546
|
exports.verifyBeforeUpdateEmail = verifyBeforeUpdateEmail;
|
|
8222
8547
|
exports.verifyPasswordResetCode = verifyPasswordResetCode;
|
|
8223
|
-
//# sourceMappingURL=totp-
|
|
8548
|
+
//# sourceMappingURL=totp-4cc8bac4.js.map
|