@firebase/auth 1.1.0 → 1.2.0-20230815211035
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +28 -1
- package/dist/auth-public.d.ts +119 -0
- package/dist/auth.d.ts +179 -2
- package/dist/browser-cjs/{index-0b2238be.js → index-4a6bae3a.js} +566 -278
- package/dist/browser-cjs/index-4a6bae3a.js.map +1 -0
- package/dist/browser-cjs/index.js +3 -2
- package/dist/browser-cjs/index.js.map +1 -1
- package/dist/browser-cjs/internal.js +3 -2
- package/dist/browser-cjs/internal.js.map +1 -1
- package/dist/browser-cjs/src/api/errors.d.ts +2 -1
- package/dist/browser-cjs/src/api/index.d.ts +2 -1
- package/dist/browser-cjs/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/browser-cjs/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/browser-cjs/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/browser-cjs/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/browser-cjs/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/browser-cjs/src/core/errors.d.ts +3 -1
- package/dist/browser-cjs/src/core/index.d.ts +25 -1
- package/dist/browser-cjs/src/model/auth.d.ts +7 -2
- package/dist/browser-cjs/src/model/password_policy.d.ts +111 -0
- package/dist/browser-cjs/src/model/public_types.d.ts +88 -0
- package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/browser-cjs/src/platform_node/index.d.ts +1 -0
- package/dist/browser-cjs/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/browser-cjs/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/cordova/index.js +2 -2
- package/dist/cordova/internal.js +2 -2
- package/dist/cordova/{popup_redirect-71c1ff0a.js → popup_redirect-03e63fe8.js} +754 -416
- package/dist/cordova/popup_redirect-03e63fe8.js.map +1 -0
- package/dist/cordova/src/api/errors.d.ts +2 -1
- package/dist/cordova/src/api/index.d.ts +2 -1
- package/dist/cordova/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/cordova/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/cordova/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/cordova/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/cordova/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/cordova/src/core/errors.d.ts +3 -1
- package/dist/cordova/src/core/index.d.ts +25 -1
- package/dist/cordova/src/model/auth.d.ts +7 -2
- package/dist/cordova/src/model/password_policy.d.ts +111 -0
- package/dist/cordova/src/model/public_types.d.ts +88 -0
- package/dist/cordova/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/cordova/src/platform_node/index.d.ts +1 -0
- package/dist/cordova/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/cordova/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/esm2017/{index-e24386e7.js → index-a2ce75d7.js} +566 -279
- package/dist/esm2017/index-a2ce75d7.js.map +1 -0
- package/dist/esm2017/index.js +2 -2
- package/dist/esm2017/internal.js +3 -3
- package/dist/esm2017/src/api/errors.d.ts +2 -1
- package/dist/esm2017/src/api/index.d.ts +2 -1
- package/dist/esm2017/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/esm2017/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/esm2017/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/esm2017/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/esm2017/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/esm2017/src/core/errors.d.ts +3 -1
- package/dist/esm2017/src/core/index.d.ts +25 -1
- package/dist/esm2017/src/model/auth.d.ts +7 -2
- package/dist/esm2017/src/model/password_policy.d.ts +111 -0
- package/dist/esm2017/src/model/public_types.d.ts +88 -0
- package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/esm2017/src/platform_node/index.d.ts +1 -0
- package/dist/esm2017/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/esm2017/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/esm5/{index-be7bff78.js → index-aeb2d939.js} +754 -416
- package/dist/esm5/index-aeb2d939.js.map +1 -0
- package/dist/esm5/index.js +1 -1
- package/dist/esm5/internal.js +2 -2
- package/dist/esm5/src/api/errors.d.ts +2 -1
- package/dist/esm5/src/api/index.d.ts +2 -1
- package/dist/esm5/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/esm5/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/esm5/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/esm5/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/esm5/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/esm5/src/core/errors.d.ts +3 -1
- package/dist/esm5/src/core/index.d.ts +25 -1
- package/dist/esm5/src/model/auth.d.ts +7 -2
- package/dist/esm5/src/model/password_policy.d.ts +111 -0
- package/dist/esm5/src/model/public_types.d.ts +88 -0
- package/dist/esm5/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/esm5/src/platform_node/index.d.ts +1 -0
- package/dist/esm5/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/esm5/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/index.webworker.esm5.js +828 -490
- package/dist/index.webworker.esm5.js.map +1 -1
- package/dist/node/index.js +2 -1
- package/dist/node/index.js.map +1 -1
- package/dist/node/internal.js +2 -1
- package/dist/node/internal.js.map +1 -1
- package/dist/node/src/api/errors.d.ts +2 -1
- package/dist/node/src/api/index.d.ts +2 -1
- package/dist/node/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/node/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/node/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/node/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/node/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/node/src/core/errors.d.ts +3 -1
- package/dist/node/src/core/index.d.ts +25 -1
- package/dist/node/src/model/auth.d.ts +7 -2
- package/dist/node/src/model/password_policy.d.ts +111 -0
- package/dist/node/src/model/public_types.d.ts +88 -0
- package/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/node/src/platform_node/index.d.ts +1 -0
- package/dist/node/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/node/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/node/{totp-8a876b1a.js → totp-59663c77.js} +717 -378
- package/dist/node/totp-59663c77.js.map +1 -0
- package/dist/node-esm/index.js +1 -1
- package/dist/node-esm/internal.js +2 -2
- package/dist/node-esm/src/api/errors.d.ts +2 -1
- package/dist/node-esm/src/api/index.d.ts +2 -1
- package/dist/node-esm/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/node-esm/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/node-esm/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/node-esm/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/node-esm/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/node-esm/src/core/errors.d.ts +3 -1
- package/dist/node-esm/src/core/index.d.ts +25 -1
- package/dist/node-esm/src/model/auth.d.ts +7 -2
- package/dist/node-esm/src/model/password_policy.d.ts +111 -0
- package/dist/node-esm/src/model/public_types.d.ts +88 -0
- package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/node-esm/src/platform_node/index.d.ts +1 -0
- package/dist/node-esm/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/node-esm/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/node-esm/{totp-04ac595e.js → totp-8ca454e8.js} +554 -267
- package/dist/node-esm/totp-8ca454e8.js.map +1 -0
- package/dist/rn/index.js +2 -1
- package/dist/rn/index.js.map +1 -1
- package/dist/rn/internal.js +2 -1
- package/dist/rn/internal.js.map +1 -1
- package/dist/rn/{phone-2132481b.js → phone-14433b21.js} +734 -395
- package/dist/rn/phone-14433b21.js.map +1 -0
- package/dist/rn/src/api/errors.d.ts +2 -1
- package/dist/rn/src/api/index.d.ts +2 -1
- package/dist/rn/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/rn/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/rn/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/rn/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/rn/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/rn/src/core/errors.d.ts +3 -1
- package/dist/rn/src/core/index.d.ts +25 -1
- package/dist/rn/src/model/auth.d.ts +7 -2
- package/dist/rn/src/model/password_policy.d.ts +111 -0
- package/dist/rn/src/model/public_types.d.ts +88 -0
- package/dist/rn/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/rn/src/platform_node/index.d.ts +1 -0
- package/dist/rn/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/rn/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/src/api/errors.d.ts +2 -1
- package/dist/src/api/index.d.ts +2 -1
- package/dist/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/src/core/errors.d.ts +3 -1
- package/dist/src/core/index.d.ts +25 -1
- package/dist/src/model/auth.d.ts +7 -2
- package/dist/src/model/password_policy.d.ts +111 -0
- package/dist/src/model/public_types.d.ts +88 -0
- package/dist/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/src/platform_node/index.d.ts +1 -0
- package/dist/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/test/integration/flows/password_policy.test.d.ts +17 -0
- package/package.json +1 -1
- package/dist/browser-cjs/index-0b2238be.js.map +0 -1
- package/dist/cordova/popup_redirect-71c1ff0a.js.map +0 -1
- package/dist/esm2017/index-e24386e7.js.map +0 -1
- package/dist/esm5/index-be7bff78.js.map +0 -1
- package/dist/node/totp-8a876b1a.js.map +0 -1
- package/dist/node-esm/totp-04ac595e.js.map +0 -1
- package/dist/rn/phone-2132481b.js.map +0 -1
|
@@ -126,6 +126,49 @@ var ActionCodeOperation = {
|
|
|
126
126
|
VERIFY_EMAIL: 'VERIFY_EMAIL'
|
|
127
127
|
};
|
|
128
128
|
|
|
129
|
+
/**
|
|
130
|
+
* @license
|
|
131
|
+
* Copyright 2020 Google LLC
|
|
132
|
+
*
|
|
133
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
134
|
+
* you may not use this file except in compliance with the License.
|
|
135
|
+
* You may obtain a copy of the License at
|
|
136
|
+
*
|
|
137
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
138
|
+
*
|
|
139
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
140
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
141
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
142
|
+
* See the License for the specific language governing permissions and
|
|
143
|
+
* limitations under the License.
|
|
144
|
+
*/
|
|
145
|
+
function isEnterprise(grecaptcha) {
|
|
146
|
+
return (grecaptcha !== undefined &&
|
|
147
|
+
grecaptcha.enterprise !== undefined);
|
|
148
|
+
}
|
|
149
|
+
var RecaptchaConfig = /** @class */ (function () {
|
|
150
|
+
function RecaptchaConfig(response) {
|
|
151
|
+
/**
|
|
152
|
+
* The reCAPTCHA site key.
|
|
153
|
+
*/
|
|
154
|
+
this.siteKey = '';
|
|
155
|
+
/**
|
|
156
|
+
* The reCAPTCHA enablement status of the {@link EmailAuthProvider} for the current tenant.
|
|
157
|
+
*/
|
|
158
|
+
this.emailPasswordEnabled = false;
|
|
159
|
+
if (response.recaptchaKey === undefined) {
|
|
160
|
+
throw new Error('recaptchaKey undefined');
|
|
161
|
+
}
|
|
162
|
+
// Example response.recaptchaKey: "projects/proj123/keys/sitekey123"
|
|
163
|
+
this.siteKey = response.recaptchaKey.split('/')[3];
|
|
164
|
+
this.emailPasswordEnabled = response.recaptchaEnforcementState.some(function (enforcementState) {
|
|
165
|
+
return enforcementState.provider === 'EMAIL_PASSWORD_PROVIDER' &&
|
|
166
|
+
enforcementState.enforcementState !== 'OFF';
|
|
167
|
+
});
|
|
168
|
+
}
|
|
169
|
+
return RecaptchaConfig;
|
|
170
|
+
}());
|
|
171
|
+
|
|
129
172
|
/**
|
|
130
173
|
* @license
|
|
131
174
|
* Copyright 2020 Google LLC
|
|
@@ -298,6 +341,8 @@ function _debugErrorMap() {
|
|
|
298
341
|
_a["missing-recaptcha-version" /* AuthErrorCode.MISSING_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is missing when sending request to the backend.',
|
|
299
342
|
_a["invalid-req-type" /* AuthErrorCode.INVALID_REQ_TYPE */] = 'Invalid request parameters.',
|
|
300
343
|
_a["invalid-recaptcha-version" /* AuthErrorCode.INVALID_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is invalid when sending request to the backend.',
|
|
344
|
+
_a["unsupported-password-policy-schema-version" /* AuthErrorCode.UNSUPPORTED_PASSWORD_POLICY_SCHEMA_VERSION */] = 'The password policy received from the backend uses a schema version that is not supported by this version of the Firebase SDK.',
|
|
345
|
+
_a["password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */] = 'The password does not meet the requirements.',
|
|
301
346
|
_a;
|
|
302
347
|
}
|
|
303
348
|
function _prodErrorMap() {
|
|
@@ -833,6 +878,7 @@ var SERVER_ERROR_MAP = (_a$1 = {},
|
|
|
833
878
|
_a$1["USER_NOT_FOUND" /* ServerError.USER_NOT_FOUND */] = "user-token-expired" /* AuthErrorCode.TOKEN_EXPIRED */,
|
|
834
879
|
// Other errors.
|
|
835
880
|
_a$1["TOO_MANY_ATTEMPTS_TRY_LATER" /* ServerError.TOO_MANY_ATTEMPTS_TRY_LATER */] = "too-many-requests" /* AuthErrorCode.TOO_MANY_ATTEMPTS_TRY_LATER */,
|
|
881
|
+
_a$1["PASSWORD_DOES_NOT_MEET_REQUIREMENTS" /* ServerError.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */] = "password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */,
|
|
836
882
|
// Phone Auth related errors.
|
|
837
883
|
_a$1["INVALID_CODE" /* ServerError.INVALID_CODE */] = "invalid-verification-code" /* AuthErrorCode.INVALID_CODE */,
|
|
838
884
|
_a$1["INVALID_SESSION_INFO" /* ServerError.INVALID_SESSION_INFO */] = "invalid-verification-id" /* AuthErrorCode.INVALID_SESSION_INFO */,
|
|
@@ -1058,6 +1104,30 @@ function _makeTaggedError(auth, code, response) {
|
|
|
1058
1104
|
return error;
|
|
1059
1105
|
}
|
|
1060
1106
|
|
|
1107
|
+
/**
|
|
1108
|
+
* @license
|
|
1109
|
+
* Copyright 2020 Google LLC
|
|
1110
|
+
*
|
|
1111
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
1112
|
+
* you may not use this file except in compliance with the License.
|
|
1113
|
+
* You may obtain a copy of the License at
|
|
1114
|
+
*
|
|
1115
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
1116
|
+
*
|
|
1117
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
1118
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
1119
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
1120
|
+
* See the License for the specific language governing permissions and
|
|
1121
|
+
* limitations under the License.
|
|
1122
|
+
*/
|
|
1123
|
+
function getRecaptchaConfig(auth, request) {
|
|
1124
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
1125
|
+
return tslib.__generator(this, function (_a) {
|
|
1126
|
+
return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/recaptchaConfig" /* Endpoint.GET_RECAPTCHA_CONFIG */, _addTidIfNecessary(auth, request))];
|
|
1127
|
+
});
|
|
1128
|
+
});
|
|
1129
|
+
}
|
|
1130
|
+
|
|
1061
1131
|
/**
|
|
1062
1132
|
* @license
|
|
1063
1133
|
* Copyright 2020 Google LLC
|
|
@@ -2451,7 +2521,7 @@ function _getClientVersion(clientPlatform, frameworks) {
|
|
|
2451
2521
|
|
|
2452
2522
|
/**
|
|
2453
2523
|
* @license
|
|
2454
|
-
* Copyright
|
|
2524
|
+
* Copyright 2022 Google LLC
|
|
2455
2525
|
*
|
|
2456
2526
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2457
2527
|
* you may not use this file except in compliance with the License.
|
|
@@ -2465,17 +2535,97 @@ function _getClientVersion(clientPlatform, frameworks) {
|
|
|
2465
2535
|
* See the License for the specific language governing permissions and
|
|
2466
2536
|
* limitations under the License.
|
|
2467
2537
|
*/
|
|
2468
|
-
function
|
|
2469
|
-
|
|
2470
|
-
|
|
2471
|
-
|
|
2538
|
+
var AuthMiddlewareQueue = /** @class */ (function () {
|
|
2539
|
+
function AuthMiddlewareQueue(auth) {
|
|
2540
|
+
this.auth = auth;
|
|
2541
|
+
this.queue = [];
|
|
2542
|
+
}
|
|
2543
|
+
AuthMiddlewareQueue.prototype.pushCallback = function (callback, onAbort) {
|
|
2544
|
+
var _this = this;
|
|
2545
|
+
// The callback could be sync or async. Wrap it into a
|
|
2546
|
+
// function that is always async.
|
|
2547
|
+
var wrappedCallback = function (user) {
|
|
2548
|
+
return new Promise(function (resolve, reject) {
|
|
2549
|
+
try {
|
|
2550
|
+
var result = callback(user);
|
|
2551
|
+
// Either resolve with existing promise or wrap a non-promise
|
|
2552
|
+
// return value into a promise.
|
|
2553
|
+
resolve(result);
|
|
2554
|
+
}
|
|
2555
|
+
catch (e) {
|
|
2556
|
+
// Sync callback throws.
|
|
2557
|
+
reject(e);
|
|
2558
|
+
}
|
|
2559
|
+
});
|
|
2560
|
+
};
|
|
2561
|
+
// Attach the onAbort if present
|
|
2562
|
+
wrappedCallback.onAbort = onAbort;
|
|
2563
|
+
this.queue.push(wrappedCallback);
|
|
2564
|
+
var index = this.queue.length - 1;
|
|
2565
|
+
return function () {
|
|
2566
|
+
// Unsubscribe. Replace with no-op. Do not remove from array, or it will disturb
|
|
2567
|
+
// indexing of other elements.
|
|
2568
|
+
_this.queue[index] = function () { return Promise.resolve(); };
|
|
2569
|
+
};
|
|
2570
|
+
};
|
|
2571
|
+
AuthMiddlewareQueue.prototype.runMiddleware = function (nextUser) {
|
|
2572
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
2573
|
+
var onAbortStack, _i, _a, beforeStateCallback, e_1, _b, onAbortStack_1, onAbort;
|
|
2574
|
+
return tslib.__generator(this, function (_c) {
|
|
2575
|
+
switch (_c.label) {
|
|
2576
|
+
case 0:
|
|
2577
|
+
if (this.auth.currentUser === nextUser) {
|
|
2578
|
+
return [2 /*return*/];
|
|
2579
|
+
}
|
|
2580
|
+
onAbortStack = [];
|
|
2581
|
+
_c.label = 1;
|
|
2582
|
+
case 1:
|
|
2583
|
+
_c.trys.push([1, 6, , 7]);
|
|
2584
|
+
_i = 0, _a = this.queue;
|
|
2585
|
+
_c.label = 2;
|
|
2586
|
+
case 2:
|
|
2587
|
+
if (!(_i < _a.length)) return [3 /*break*/, 5];
|
|
2588
|
+
beforeStateCallback = _a[_i];
|
|
2589
|
+
return [4 /*yield*/, beforeStateCallback(nextUser)];
|
|
2590
|
+
case 3:
|
|
2591
|
+
_c.sent();
|
|
2592
|
+
// Only push the onAbort if the callback succeeds
|
|
2593
|
+
if (beforeStateCallback.onAbort) {
|
|
2594
|
+
onAbortStack.push(beforeStateCallback.onAbort);
|
|
2595
|
+
}
|
|
2596
|
+
_c.label = 4;
|
|
2597
|
+
case 4:
|
|
2598
|
+
_i++;
|
|
2599
|
+
return [3 /*break*/, 2];
|
|
2600
|
+
case 5: return [3 /*break*/, 7];
|
|
2601
|
+
case 6:
|
|
2602
|
+
e_1 = _c.sent();
|
|
2603
|
+
// Run all onAbort, with separate try/catch to ignore any errors and
|
|
2604
|
+
// continue
|
|
2605
|
+
onAbortStack.reverse();
|
|
2606
|
+
for (_b = 0, onAbortStack_1 = onAbortStack; _b < onAbortStack_1.length; _b++) {
|
|
2607
|
+
onAbort = onAbortStack_1[_b];
|
|
2608
|
+
try {
|
|
2609
|
+
onAbort();
|
|
2610
|
+
}
|
|
2611
|
+
catch (_) {
|
|
2612
|
+
/* swallow error */
|
|
2613
|
+
}
|
|
2614
|
+
}
|
|
2615
|
+
throw this.auth._errorFactory.create("login-blocked" /* AuthErrorCode.LOGIN_BLOCKED */, {
|
|
2616
|
+
originalMessage: e_1 === null || e_1 === void 0 ? void 0 : e_1.message
|
|
2617
|
+
});
|
|
2618
|
+
case 7: return [2 /*return*/];
|
|
2619
|
+
}
|
|
2620
|
+
});
|
|
2472
2621
|
});
|
|
2473
|
-
}
|
|
2474
|
-
|
|
2622
|
+
};
|
|
2623
|
+
return AuthMiddlewareQueue;
|
|
2624
|
+
}());
|
|
2475
2625
|
|
|
2476
2626
|
/**
|
|
2477
2627
|
* @license
|
|
2478
|
-
* Copyright
|
|
2628
|
+
* Copyright 2023 Google LLC
|
|
2479
2629
|
*
|
|
2480
2630
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2481
2631
|
* you may not use this file except in compliance with the License.
|
|
@@ -2489,36 +2639,25 @@ function getRecaptchaConfig(auth, request) {
|
|
|
2489
2639
|
* See the License for the specific language governing permissions and
|
|
2490
2640
|
* limitations under the License.
|
|
2491
2641
|
*/
|
|
2492
|
-
|
|
2493
|
-
|
|
2494
|
-
|
|
2495
|
-
|
|
2496
|
-
|
|
2497
|
-
|
|
2498
|
-
|
|
2499
|
-
|
|
2500
|
-
|
|
2501
|
-
|
|
2502
|
-
|
|
2503
|
-
|
|
2504
|
-
*/
|
|
2505
|
-
this.emailPasswordEnabled = false;
|
|
2506
|
-
if (response.recaptchaKey === undefined) {
|
|
2507
|
-
throw new Error('recaptchaKey undefined');
|
|
2508
|
-
}
|
|
2509
|
-
// Example response.recaptchaKey: "projects/proj123/keys/sitekey123"
|
|
2510
|
-
this.siteKey = response.recaptchaKey.split('/')[3];
|
|
2511
|
-
this.emailPasswordEnabled = response.recaptchaEnforcementState.some(function (enforcementState) {
|
|
2512
|
-
return enforcementState.provider === 'EMAIL_PASSWORD_PROVIDER' &&
|
|
2513
|
-
enforcementState.enforcementState !== 'OFF';
|
|
2642
|
+
/**
|
|
2643
|
+
* Fetches the password policy for the currently set tenant or the project if no tenant is set.
|
|
2644
|
+
*
|
|
2645
|
+
* @param auth Auth object.
|
|
2646
|
+
* @param request Password policy request.
|
|
2647
|
+
* @returns Password policy response.
|
|
2648
|
+
*/
|
|
2649
|
+
function _getPasswordPolicy(auth, request) {
|
|
2650
|
+
if (request === void 0) { request = {}; }
|
|
2651
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
2652
|
+
return tslib.__generator(this, function (_a) {
|
|
2653
|
+
return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/passwordPolicy" /* Endpoint.GET_PASSWORD_POLICY */, _addTidIfNecessary(auth, request))];
|
|
2514
2654
|
});
|
|
2515
|
-
}
|
|
2516
|
-
|
|
2517
|
-
}());
|
|
2655
|
+
});
|
|
2656
|
+
}
|
|
2518
2657
|
|
|
2519
2658
|
/**
|
|
2520
2659
|
* @license
|
|
2521
|
-
* Copyright
|
|
2660
|
+
* Copyright 2023 Google LLC
|
|
2522
2661
|
*
|
|
2523
2662
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2524
2663
|
* you may not use this file except in compliance with the License.
|
|
@@ -2532,286 +2671,138 @@ var RecaptchaConfig = /** @class */ (function () {
|
|
|
2532
2671
|
* See the License for the specific language governing permissions and
|
|
2533
2672
|
* limitations under the License.
|
|
2534
2673
|
*/
|
|
2535
|
-
|
|
2536
|
-
|
|
2537
|
-
|
|
2538
|
-
|
|
2539
|
-
|
|
2540
|
-
|
|
2541
|
-
|
|
2542
|
-
|
|
2543
|
-
|
|
2544
|
-
|
|
2545
|
-
|
|
2546
|
-
|
|
2547
|
-
|
|
2548
|
-
|
|
2674
|
+
// Minimum min password length enforced by the backend, even if no minimum length is set.
|
|
2675
|
+
var MINIMUM_MIN_PASSWORD_LENGTH = 6;
|
|
2676
|
+
/**
|
|
2677
|
+
* Stores password policy requirements and provides password validation against the policy.
|
|
2678
|
+
*
|
|
2679
|
+
* @internal
|
|
2680
|
+
*/
|
|
2681
|
+
var PasswordPolicyImpl = /** @class */ (function () {
|
|
2682
|
+
function PasswordPolicyImpl(response) {
|
|
2683
|
+
var _a, _b, _c, _d;
|
|
2684
|
+
// Only include custom strength options defined in the response.
|
|
2685
|
+
var responseOptions = response.customStrengthOptions;
|
|
2686
|
+
this.customStrengthOptions = {};
|
|
2687
|
+
// TODO: Remove once the backend is updated to include the minimum min password length instead of undefined when there is no minimum length set.
|
|
2688
|
+
this.customStrengthOptions.minPasswordLength =
|
|
2689
|
+
(_a = responseOptions.minPasswordLength) !== null && _a !== void 0 ? _a : MINIMUM_MIN_PASSWORD_LENGTH;
|
|
2690
|
+
if (responseOptions.maxPasswordLength) {
|
|
2691
|
+
this.customStrengthOptions.maxPasswordLength =
|
|
2692
|
+
responseOptions.maxPasswordLength;
|
|
2693
|
+
}
|
|
2694
|
+
if (responseOptions.containsLowercaseCharacter !== undefined) {
|
|
2695
|
+
this.customStrengthOptions.containsLowercaseLetter =
|
|
2696
|
+
responseOptions.containsLowercaseCharacter;
|
|
2697
|
+
}
|
|
2698
|
+
if (responseOptions.containsUppercaseCharacter !== undefined) {
|
|
2699
|
+
this.customStrengthOptions.containsUppercaseLetter =
|
|
2700
|
+
responseOptions.containsUppercaseCharacter;
|
|
2701
|
+
}
|
|
2702
|
+
if (responseOptions.containsNumericCharacter !== undefined) {
|
|
2703
|
+
this.customStrengthOptions.containsNumericCharacter =
|
|
2704
|
+
responseOptions.containsNumericCharacter;
|
|
2705
|
+
}
|
|
2706
|
+
if (responseOptions.containsNonAlphanumericCharacter !== undefined) {
|
|
2707
|
+
this.customStrengthOptions.containsNonAlphanumericCharacter =
|
|
2708
|
+
responseOptions.containsNonAlphanumericCharacter;
|
|
2709
|
+
}
|
|
2710
|
+
this.enforcementState = response.enforcementState;
|
|
2711
|
+
if (this.enforcementState === 'ENFORCEMENT_STATE_UNSPECIFIED') {
|
|
2712
|
+
this.enforcementState = 'OFF';
|
|
2713
|
+
}
|
|
2714
|
+
// Use an empty string if no non-alphanumeric characters are specified in the response.
|
|
2715
|
+
this.allowedNonAlphanumericCharacters =
|
|
2716
|
+
(_c = (_b = response.allowedNonAlphanumericCharacters) === null || _b === void 0 ? void 0 : _b.join('')) !== null && _c !== void 0 ? _c : '';
|
|
2717
|
+
this.forceUpgradeOnSignin = (_d = response.forceUpgradeOnSignin) !== null && _d !== void 0 ? _d : false;
|
|
2718
|
+
this.schemaVersion = response.schemaVersion;
|
|
2719
|
+
}
|
|
2720
|
+
PasswordPolicyImpl.prototype.validatePassword = function (password) {
|
|
2721
|
+
var _a, _b, _c, _d, _e, _f;
|
|
2722
|
+
var status = {
|
|
2723
|
+
isValid: true,
|
|
2724
|
+
passwordPolicy: this
|
|
2549
2725
|
};
|
|
2550
|
-
|
|
2551
|
-
|
|
2552
|
-
|
|
2553
|
-
|
|
2554
|
-
|
|
2555
|
-
|
|
2556
|
-
|
|
2557
|
-
|
|
2558
|
-
|
|
2559
|
-
|
|
2560
|
-
|
|
2726
|
+
// Check the password length and character options.
|
|
2727
|
+
this.validatePasswordLengthOptions(password, status);
|
|
2728
|
+
this.validatePasswordCharacterOptions(password, status);
|
|
2729
|
+
// Combine the status into single isValid property.
|
|
2730
|
+
status.isValid && (status.isValid = (_a = status.meetsMinPasswordLength) !== null && _a !== void 0 ? _a : true);
|
|
2731
|
+
status.isValid && (status.isValid = (_b = status.meetsMaxPasswordLength) !== null && _b !== void 0 ? _b : true);
|
|
2732
|
+
status.isValid && (status.isValid = (_c = status.containsLowercaseLetter) !== null && _c !== void 0 ? _c : true);
|
|
2733
|
+
status.isValid && (status.isValid = (_d = status.containsUppercaseLetter) !== null && _d !== void 0 ? _d : true);
|
|
2734
|
+
status.isValid && (status.isValid = (_e = status.containsNumericCharacter) !== null && _e !== void 0 ? _e : true);
|
|
2735
|
+
status.isValid && (status.isValid = (_f = status.containsNonAlphanumericCharacter) !== null && _f !== void 0 ? _f : true);
|
|
2736
|
+
return status;
|
|
2737
|
+
};
|
|
2561
2738
|
/**
|
|
2739
|
+
* Validates that the password meets the length options for the policy.
|
|
2562
2740
|
*
|
|
2563
|
-
* @param
|
|
2741
|
+
* @param password Password to validate.
|
|
2742
|
+
* @param status Validation status.
|
|
2743
|
+
*/
|
|
2744
|
+
PasswordPolicyImpl.prototype.validatePasswordLengthOptions = function (password, status) {
|
|
2745
|
+
var minPasswordLength = this.customStrengthOptions.minPasswordLength;
|
|
2746
|
+
var maxPasswordLength = this.customStrengthOptions.maxPasswordLength;
|
|
2747
|
+
if (minPasswordLength) {
|
|
2748
|
+
status.meetsMinPasswordLength = password.length >= minPasswordLength;
|
|
2749
|
+
}
|
|
2750
|
+
if (maxPasswordLength) {
|
|
2751
|
+
status.meetsMaxPasswordLength = password.length <= maxPasswordLength;
|
|
2752
|
+
}
|
|
2753
|
+
};
|
|
2754
|
+
/**
|
|
2755
|
+
* Validates that the password meets the character options for the policy.
|
|
2564
2756
|
*
|
|
2757
|
+
* @param password Password to validate.
|
|
2758
|
+
* @param status Validation status.
|
|
2565
2759
|
*/
|
|
2566
|
-
function
|
|
2567
|
-
|
|
2568
|
-
|
|
2569
|
-
|
|
2570
|
-
|
|
2571
|
-
|
|
2572
|
-
|
|
2760
|
+
PasswordPolicyImpl.prototype.validatePasswordCharacterOptions = function (password, status) {
|
|
2761
|
+
// Assign statuses for requirements even if the password is an empty string.
|
|
2762
|
+
this.updatePasswordCharacterOptionsStatuses(status,
|
|
2763
|
+
/* containsLowercaseCharacter= */ false,
|
|
2764
|
+
/* containsUppercaseCharacter= */ false,
|
|
2765
|
+
/* containsNumericCharacter= */ false,
|
|
2766
|
+
/* containsNonAlphanumericCharacter= */ false);
|
|
2767
|
+
var passwordChar;
|
|
2768
|
+
for (var i = 0; i < password.length; i++) {
|
|
2769
|
+
passwordChar = password.charAt(i);
|
|
2770
|
+
this.updatePasswordCharacterOptionsStatuses(status,
|
|
2771
|
+
/* containsLowercaseCharacter= */ passwordChar >= 'a' &&
|
|
2772
|
+
passwordChar <= 'z',
|
|
2773
|
+
/* containsUppercaseCharacter= */ passwordChar >= 'A' &&
|
|
2774
|
+
passwordChar <= 'Z',
|
|
2775
|
+
/* containsNumericCharacter= */ passwordChar >= '0' &&
|
|
2776
|
+
passwordChar <= '9',
|
|
2777
|
+
/* containsNonAlphanumericCharacter= */ this.allowedNonAlphanumericCharacters.includes(passwordChar));
|
|
2778
|
+
}
|
|
2779
|
+
};
|
|
2573
2780
|
/**
|
|
2574
|
-
*
|
|
2781
|
+
* Updates the running validation status with the statuses for the character options.
|
|
2782
|
+
* Expected to be called each time a character is processed to update each option status
|
|
2783
|
+
* based on the current character.
|
|
2575
2784
|
*
|
|
2576
|
-
* @
|
|
2785
|
+
* @param status Validation status.
|
|
2786
|
+
* @param containsLowercaseCharacter Whether the character is a lowercase letter.
|
|
2787
|
+
* @param containsUppercaseCharacter Whether the character is an uppercase letter.
|
|
2788
|
+
* @param containsNumericCharacter Whether the character is a numeric character.
|
|
2789
|
+
* @param containsNonAlphanumericCharacter Whether the character is a non-alphanumeric character.
|
|
2577
2790
|
*/
|
|
2578
|
-
|
|
2579
|
-
if (
|
|
2580
|
-
|
|
2581
|
-
|
|
2582
|
-
|
|
2583
|
-
|
|
2584
|
-
|
|
2585
|
-
|
|
2586
|
-
|
|
2587
|
-
|
|
2588
|
-
|
|
2589
|
-
|
|
2590
|
-
|
|
2591
|
-
auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined) {
|
|
2592
|
-
return [2 /*return*/, auth._tenantRecaptchaConfigs[auth.tenantId].siteKey];
|
|
2593
|
-
}
|
|
2594
|
-
}
|
|
2595
|
-
return [2 /*return*/, new Promise(function (resolve, reject) { return tslib.__awaiter(_this, void 0, void 0, function () {
|
|
2596
|
-
return tslib.__generator(this, function (_a) {
|
|
2597
|
-
getRecaptchaConfig(auth, {
|
|
2598
|
-
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
|
|
2599
|
-
version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
2600
|
-
})
|
|
2601
|
-
.then(function (response) {
|
|
2602
|
-
if (response.recaptchaKey === undefined) {
|
|
2603
|
-
reject(new Error('recaptcha Enterprise site key undefined'));
|
|
2604
|
-
}
|
|
2605
|
-
else {
|
|
2606
|
-
var config = new RecaptchaConfig(response);
|
|
2607
|
-
if (auth.tenantId == null) {
|
|
2608
|
-
auth._agentRecaptchaConfig = config;
|
|
2609
|
-
}
|
|
2610
|
-
else {
|
|
2611
|
-
auth._tenantRecaptchaConfigs[auth.tenantId] = config;
|
|
2612
|
-
}
|
|
2613
|
-
return resolve(config.siteKey);
|
|
2614
|
-
}
|
|
2615
|
-
})
|
|
2616
|
-
.catch(function (error) {
|
|
2617
|
-
reject(error);
|
|
2618
|
-
});
|
|
2619
|
-
return [2 /*return*/];
|
|
2620
|
-
});
|
|
2621
|
-
}); })];
|
|
2622
|
-
});
|
|
2623
|
-
});
|
|
2624
|
-
}
|
|
2625
|
-
function retrieveRecaptchaToken(siteKey, resolve, reject) {
|
|
2626
|
-
var grecaptcha = window.grecaptcha;
|
|
2627
|
-
if (isEnterprise(grecaptcha)) {
|
|
2628
|
-
grecaptcha.enterprise.ready(function () {
|
|
2629
|
-
grecaptcha.enterprise
|
|
2630
|
-
.execute(siteKey, { action: action })
|
|
2631
|
-
.then(function (token) {
|
|
2632
|
-
resolve(token);
|
|
2633
|
-
})
|
|
2634
|
-
.catch(function () {
|
|
2635
|
-
resolve(FAKE_TOKEN);
|
|
2636
|
-
});
|
|
2637
|
-
});
|
|
2638
|
-
}
|
|
2639
|
-
else {
|
|
2640
|
-
reject(Error('No reCAPTCHA enterprise script loaded.'));
|
|
2641
|
-
}
|
|
2642
|
-
}
|
|
2643
|
-
var _this = this;
|
|
2644
|
-
return tslib.__generator(this, function (_a) {
|
|
2645
|
-
return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
2646
|
-
retrieveSiteKey(_this.auth)
|
|
2647
|
-
.then(function (siteKey) {
|
|
2648
|
-
if (!forceRefresh && isEnterprise(window.grecaptcha)) {
|
|
2649
|
-
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
2650
|
-
}
|
|
2651
|
-
else {
|
|
2652
|
-
if (typeof window === 'undefined') {
|
|
2653
|
-
reject(new Error('RecaptchaVerifier is only supported in browser'));
|
|
2654
|
-
return;
|
|
2655
|
-
}
|
|
2656
|
-
_loadJS(RECAPTCHA_ENTERPRISE_URL + siteKey)
|
|
2657
|
-
.then(function () {
|
|
2658
|
-
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
2659
|
-
})
|
|
2660
|
-
.catch(function (error) {
|
|
2661
|
-
reject(error);
|
|
2662
|
-
});
|
|
2663
|
-
}
|
|
2664
|
-
})
|
|
2665
|
-
.catch(function (error) {
|
|
2666
|
-
reject(error);
|
|
2667
|
-
});
|
|
2668
|
-
})];
|
|
2669
|
-
});
|
|
2670
|
-
});
|
|
2671
|
-
};
|
|
2672
|
-
return RecaptchaEnterpriseVerifier;
|
|
2673
|
-
}());
|
|
2674
|
-
function injectRecaptchaFields(auth, request, action, captchaResp) {
|
|
2675
|
-
if (captchaResp === void 0) { captchaResp = false; }
|
|
2676
|
-
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
2677
|
-
var verifier, captchaResponse, newRequest;
|
|
2678
|
-
return tslib.__generator(this, function (_a) {
|
|
2679
|
-
switch (_a.label) {
|
|
2680
|
-
case 0:
|
|
2681
|
-
verifier = new RecaptchaEnterpriseVerifier(auth);
|
|
2682
|
-
_a.label = 1;
|
|
2683
|
-
case 1:
|
|
2684
|
-
_a.trys.push([1, 3, , 5]);
|
|
2685
|
-
return [4 /*yield*/, verifier.verify(action)];
|
|
2686
|
-
case 2:
|
|
2687
|
-
captchaResponse = _a.sent();
|
|
2688
|
-
return [3 /*break*/, 5];
|
|
2689
|
-
case 3:
|
|
2690
|
-
_a.sent();
|
|
2691
|
-
return [4 /*yield*/, verifier.verify(action, true)];
|
|
2692
|
-
case 4:
|
|
2693
|
-
captchaResponse = _a.sent();
|
|
2694
|
-
return [3 /*break*/, 5];
|
|
2695
|
-
case 5:
|
|
2696
|
-
newRequest = tslib.__assign({}, request);
|
|
2697
|
-
if (!captchaResp) {
|
|
2698
|
-
Object.assign(newRequest, { captchaResponse: captchaResponse });
|
|
2699
|
-
}
|
|
2700
|
-
else {
|
|
2701
|
-
Object.assign(newRequest, { 'captchaResp': captchaResponse });
|
|
2702
|
-
}
|
|
2703
|
-
Object.assign(newRequest, { 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ });
|
|
2704
|
-
Object.assign(newRequest, {
|
|
2705
|
-
'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
2706
|
-
});
|
|
2707
|
-
return [2 /*return*/, newRequest];
|
|
2708
|
-
}
|
|
2709
|
-
});
|
|
2710
|
-
});
|
|
2711
|
-
}
|
|
2712
|
-
|
|
2713
|
-
/**
|
|
2714
|
-
* @license
|
|
2715
|
-
* Copyright 2022 Google LLC
|
|
2716
|
-
*
|
|
2717
|
-
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2718
|
-
* you may not use this file except in compliance with the License.
|
|
2719
|
-
* You may obtain a copy of the License at
|
|
2720
|
-
*
|
|
2721
|
-
* http://www.apache.org/licenses/LICENSE-2.0
|
|
2722
|
-
*
|
|
2723
|
-
* Unless required by applicable law or agreed to in writing, software
|
|
2724
|
-
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
2725
|
-
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
2726
|
-
* See the License for the specific language governing permissions and
|
|
2727
|
-
* limitations under the License.
|
|
2728
|
-
*/
|
|
2729
|
-
var AuthMiddlewareQueue = /** @class */ (function () {
|
|
2730
|
-
function AuthMiddlewareQueue(auth) {
|
|
2731
|
-
this.auth = auth;
|
|
2732
|
-
this.queue = [];
|
|
2733
|
-
}
|
|
2734
|
-
AuthMiddlewareQueue.prototype.pushCallback = function (callback, onAbort) {
|
|
2735
|
-
var _this = this;
|
|
2736
|
-
// The callback could be sync or async. Wrap it into a
|
|
2737
|
-
// function that is always async.
|
|
2738
|
-
var wrappedCallback = function (user) {
|
|
2739
|
-
return new Promise(function (resolve, reject) {
|
|
2740
|
-
try {
|
|
2741
|
-
var result = callback(user);
|
|
2742
|
-
// Either resolve with existing promise or wrap a non-promise
|
|
2743
|
-
// return value into a promise.
|
|
2744
|
-
resolve(result);
|
|
2745
|
-
}
|
|
2746
|
-
catch (e) {
|
|
2747
|
-
// Sync callback throws.
|
|
2748
|
-
reject(e);
|
|
2749
|
-
}
|
|
2750
|
-
});
|
|
2751
|
-
};
|
|
2752
|
-
// Attach the onAbort if present
|
|
2753
|
-
wrappedCallback.onAbort = onAbort;
|
|
2754
|
-
this.queue.push(wrappedCallback);
|
|
2755
|
-
var index = this.queue.length - 1;
|
|
2756
|
-
return function () {
|
|
2757
|
-
// Unsubscribe. Replace with no-op. Do not remove from array, or it will disturb
|
|
2758
|
-
// indexing of other elements.
|
|
2759
|
-
_this.queue[index] = function () { return Promise.resolve(); };
|
|
2760
|
-
};
|
|
2761
|
-
};
|
|
2762
|
-
AuthMiddlewareQueue.prototype.runMiddleware = function (nextUser) {
|
|
2763
|
-
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
2764
|
-
var onAbortStack, _i, _a, beforeStateCallback, e_1, _b, onAbortStack_1, onAbort;
|
|
2765
|
-
return tslib.__generator(this, function (_c) {
|
|
2766
|
-
switch (_c.label) {
|
|
2767
|
-
case 0:
|
|
2768
|
-
if (this.auth.currentUser === nextUser) {
|
|
2769
|
-
return [2 /*return*/];
|
|
2770
|
-
}
|
|
2771
|
-
onAbortStack = [];
|
|
2772
|
-
_c.label = 1;
|
|
2773
|
-
case 1:
|
|
2774
|
-
_c.trys.push([1, 6, , 7]);
|
|
2775
|
-
_i = 0, _a = this.queue;
|
|
2776
|
-
_c.label = 2;
|
|
2777
|
-
case 2:
|
|
2778
|
-
if (!(_i < _a.length)) return [3 /*break*/, 5];
|
|
2779
|
-
beforeStateCallback = _a[_i];
|
|
2780
|
-
return [4 /*yield*/, beforeStateCallback(nextUser)];
|
|
2781
|
-
case 3:
|
|
2782
|
-
_c.sent();
|
|
2783
|
-
// Only push the onAbort if the callback succeeds
|
|
2784
|
-
if (beforeStateCallback.onAbort) {
|
|
2785
|
-
onAbortStack.push(beforeStateCallback.onAbort);
|
|
2786
|
-
}
|
|
2787
|
-
_c.label = 4;
|
|
2788
|
-
case 4:
|
|
2789
|
-
_i++;
|
|
2790
|
-
return [3 /*break*/, 2];
|
|
2791
|
-
case 5: return [3 /*break*/, 7];
|
|
2792
|
-
case 6:
|
|
2793
|
-
e_1 = _c.sent();
|
|
2794
|
-
// Run all onAbort, with separate try/catch to ignore any errors and
|
|
2795
|
-
// continue
|
|
2796
|
-
onAbortStack.reverse();
|
|
2797
|
-
for (_b = 0, onAbortStack_1 = onAbortStack; _b < onAbortStack_1.length; _b++) {
|
|
2798
|
-
onAbort = onAbortStack_1[_b];
|
|
2799
|
-
try {
|
|
2800
|
-
onAbort();
|
|
2801
|
-
}
|
|
2802
|
-
catch (_) {
|
|
2803
|
-
/* swallow error */
|
|
2804
|
-
}
|
|
2805
|
-
}
|
|
2806
|
-
throw this.auth._errorFactory.create("login-blocked" /* AuthErrorCode.LOGIN_BLOCKED */, {
|
|
2807
|
-
originalMessage: e_1 === null || e_1 === void 0 ? void 0 : e_1.message
|
|
2808
|
-
});
|
|
2809
|
-
case 7: return [2 /*return*/];
|
|
2810
|
-
}
|
|
2811
|
-
});
|
|
2812
|
-
});
|
|
2791
|
+
PasswordPolicyImpl.prototype.updatePasswordCharacterOptionsStatuses = function (status, containsLowercaseCharacter, containsUppercaseCharacter, containsNumericCharacter, containsNonAlphanumericCharacter) {
|
|
2792
|
+
if (this.customStrengthOptions.containsLowercaseLetter) {
|
|
2793
|
+
status.containsLowercaseLetter || (status.containsLowercaseLetter = containsLowercaseCharacter);
|
|
2794
|
+
}
|
|
2795
|
+
if (this.customStrengthOptions.containsUppercaseLetter) {
|
|
2796
|
+
status.containsUppercaseLetter || (status.containsUppercaseLetter = containsUppercaseCharacter);
|
|
2797
|
+
}
|
|
2798
|
+
if (this.customStrengthOptions.containsNumericCharacter) {
|
|
2799
|
+
status.containsNumericCharacter || (status.containsNumericCharacter = containsNumericCharacter);
|
|
2800
|
+
}
|
|
2801
|
+
if (this.customStrengthOptions.containsNonAlphanumericCharacter) {
|
|
2802
|
+
status.containsNonAlphanumericCharacter || (status.containsNonAlphanumericCharacter = containsNonAlphanumericCharacter);
|
|
2803
|
+
}
|
|
2813
2804
|
};
|
|
2814
|
-
return
|
|
2805
|
+
return PasswordPolicyImpl;
|
|
2815
2806
|
}());
|
|
2816
2807
|
|
|
2817
2808
|
/**
|
|
@@ -2844,6 +2835,7 @@ var AuthImpl = /** @class */ (function () {
|
|
|
2844
2835
|
this.beforeStateQueue = new AuthMiddlewareQueue(this);
|
|
2845
2836
|
this.redirectUser = null;
|
|
2846
2837
|
this.isProactiveRefreshEnabled = false;
|
|
2838
|
+
this.EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION = 1;
|
|
2847
2839
|
// Any network calls will set this to true and prevent subsequent emulator
|
|
2848
2840
|
// initialization
|
|
2849
2841
|
this._canInitEmulator = true;
|
|
@@ -2854,6 +2846,8 @@ var AuthImpl = /** @class */ (function () {
|
|
|
2854
2846
|
this._errorFactory = _DEFAULT_AUTH_ERROR_FACTORY;
|
|
2855
2847
|
this._agentRecaptchaConfig = null;
|
|
2856
2848
|
this._tenantRecaptchaConfigs = {};
|
|
2849
|
+
this._projectPasswordPolicy = null;
|
|
2850
|
+
this._tenantPasswordPolicies = {};
|
|
2857
2851
|
// Tracks the last notified UID for state change listeners to prevent
|
|
2858
2852
|
// repeated calls to the callbacks. Undefined means it's never been
|
|
2859
2853
|
// called, whereas null means it's been called with a signed out user
|
|
@@ -3183,41 +3177,66 @@ var AuthImpl = /** @class */ (function () {
|
|
|
3183
3177
|
});
|
|
3184
3178
|
}); });
|
|
3185
3179
|
};
|
|
3186
|
-
AuthImpl.prototype.
|
|
3180
|
+
AuthImpl.prototype._getRecaptchaConfig = function () {
|
|
3181
|
+
if (this.tenantId == null) {
|
|
3182
|
+
return this._agentRecaptchaConfig;
|
|
3183
|
+
}
|
|
3184
|
+
else {
|
|
3185
|
+
return this._tenantRecaptchaConfigs[this.tenantId];
|
|
3186
|
+
}
|
|
3187
|
+
};
|
|
3188
|
+
AuthImpl.prototype.validatePassword = function (password) {
|
|
3187
3189
|
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3188
|
-
var
|
|
3190
|
+
var passwordPolicy;
|
|
3189
3191
|
return tslib.__generator(this, function (_a) {
|
|
3190
3192
|
switch (_a.label) {
|
|
3191
|
-
case 0:
|
|
3192
|
-
|
|
3193
|
-
|
|
3194
|
-
})];
|
|
3193
|
+
case 0:
|
|
3194
|
+
if (!!this._getPasswordPolicyInternal()) return [3 /*break*/, 2];
|
|
3195
|
+
return [4 /*yield*/, this._updatePasswordPolicy()];
|
|
3195
3196
|
case 1:
|
|
3196
|
-
|
|
3197
|
-
|
|
3198
|
-
|
|
3199
|
-
|
|
3200
|
-
|
|
3201
|
-
|
|
3202
|
-
|
|
3203
|
-
|
|
3204
|
-
|
|
3205
|
-
verifier = new RecaptchaEnterpriseVerifier(this);
|
|
3206
|
-
void verifier.verify();
|
|
3197
|
+
_a.sent();
|
|
3198
|
+
_a.label = 2;
|
|
3199
|
+
case 2:
|
|
3200
|
+
passwordPolicy = this._getPasswordPolicyInternal();
|
|
3201
|
+
// Check that the policy schema version is supported by the SDK.
|
|
3202
|
+
// TODO: Update this logic to use a max supported policy schema version once we have multiple schema versions.
|
|
3203
|
+
if (passwordPolicy.schemaVersion !==
|
|
3204
|
+
this.EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION) {
|
|
3205
|
+
return [2 /*return*/, Promise.reject(this._errorFactory.create("unsupported-password-policy-schema-version" /* AuthErrorCode.UNSUPPORTED_PASSWORD_POLICY_SCHEMA_VERSION */, {}))];
|
|
3207
3206
|
}
|
|
3208
|
-
return [2 /*return
|
|
3207
|
+
return [2 /*return*/, passwordPolicy.validatePassword(password)];
|
|
3209
3208
|
}
|
|
3210
3209
|
});
|
|
3211
3210
|
});
|
|
3212
3211
|
};
|
|
3213
|
-
AuthImpl.prototype.
|
|
3214
|
-
if (this.tenantId
|
|
3215
|
-
return this.
|
|
3212
|
+
AuthImpl.prototype._getPasswordPolicyInternal = function () {
|
|
3213
|
+
if (this.tenantId === null) {
|
|
3214
|
+
return this._projectPasswordPolicy;
|
|
3216
3215
|
}
|
|
3217
3216
|
else {
|
|
3218
|
-
return this.
|
|
3217
|
+
return this._tenantPasswordPolicies[this.tenantId];
|
|
3219
3218
|
}
|
|
3220
3219
|
};
|
|
3220
|
+
AuthImpl.prototype._updatePasswordPolicy = function () {
|
|
3221
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3222
|
+
var response, passwordPolicy;
|
|
3223
|
+
return tslib.__generator(this, function (_a) {
|
|
3224
|
+
switch (_a.label) {
|
|
3225
|
+
case 0: return [4 /*yield*/, _getPasswordPolicy(this)];
|
|
3226
|
+
case 1:
|
|
3227
|
+
response = _a.sent();
|
|
3228
|
+
passwordPolicy = new PasswordPolicyImpl(response);
|
|
3229
|
+
if (this.tenantId === null) {
|
|
3230
|
+
this._projectPasswordPolicy = passwordPolicy;
|
|
3231
|
+
}
|
|
3232
|
+
else {
|
|
3233
|
+
this._tenantPasswordPolicies[this.tenantId] = passwordPolicy;
|
|
3234
|
+
}
|
|
3235
|
+
return [2 /*return*/];
|
|
3236
|
+
}
|
|
3237
|
+
});
|
|
3238
|
+
});
|
|
3239
|
+
};
|
|
3221
3240
|
AuthImpl.prototype._getPersistence = function () {
|
|
3222
3241
|
return this.assertedPersistence.persistence.type;
|
|
3223
3242
|
};
|
|
@@ -3384,18 +3403,32 @@ var AuthImpl = /** @class */ (function () {
|
|
|
3384
3403
|
var cb = typeof nextOrObserver === 'function'
|
|
3385
3404
|
? nextOrObserver
|
|
3386
3405
|
: nextOrObserver.next.bind(nextOrObserver);
|
|
3406
|
+
var isUnsubscribed = false;
|
|
3387
3407
|
var promise = this._isInitialized
|
|
3388
3408
|
? Promise.resolve()
|
|
3389
3409
|
: this._initializationPromise;
|
|
3390
3410
|
_assert(promise, this, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
|
|
3391
3411
|
// The callback needs to be called asynchronously per the spec.
|
|
3392
3412
|
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
|
3393
|
-
promise.then(function () {
|
|
3413
|
+
promise.then(function () {
|
|
3414
|
+
if (isUnsubscribed) {
|
|
3415
|
+
return;
|
|
3416
|
+
}
|
|
3417
|
+
cb(_this.currentUser);
|
|
3418
|
+
});
|
|
3394
3419
|
if (typeof nextOrObserver === 'function') {
|
|
3395
|
-
|
|
3420
|
+
var unsubscribe_2 = subscription.addObserver(nextOrObserver, error, completed);
|
|
3421
|
+
return function () {
|
|
3422
|
+
isUnsubscribed = true;
|
|
3423
|
+
unsubscribe_2();
|
|
3424
|
+
};
|
|
3396
3425
|
}
|
|
3397
3426
|
else {
|
|
3398
|
-
|
|
3427
|
+
var unsubscribe_3 = subscription.addObserver(nextOrObserver);
|
|
3428
|
+
return function () {
|
|
3429
|
+
isUnsubscribed = true;
|
|
3430
|
+
unsubscribe_3();
|
|
3431
|
+
};
|
|
3399
3432
|
}
|
|
3400
3433
|
};
|
|
3401
3434
|
/**
|
|
@@ -3493,54 +3526,277 @@ var AuthImpl = /** @class */ (function () {
|
|
|
3493
3526
|
AuthImpl.prototype._getAppCheckToken = function () {
|
|
3494
3527
|
var _a;
|
|
3495
3528
|
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3496
|
-
var appCheckTokenResult;
|
|
3497
|
-
return tslib.__generator(this, function (_b) {
|
|
3498
|
-
switch (_b.label) {
|
|
3499
|
-
case 0: return [4 /*yield*/, ((_a = this.appCheckServiceProvider
|
|
3500
|
-
.getImmediate({ optional: true })) === null || _a === void 0 ? void 0 : _a.getToken())];
|
|
3501
|
-
case 1:
|
|
3502
|
-
appCheckTokenResult = _b.sent();
|
|
3503
|
-
if (appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.error) {
|
|
3504
|
-
// Context: appCheck.getToken() will never throw even if an error happened.
|
|
3505
|
-
// In the error case, a dummy token will be returned along with an error field describing
|
|
3506
|
-
// the error. In general, we shouldn't care about the error condition and just use
|
|
3507
|
-
// the token (actual or dummy) to send requests.
|
|
3508
|
-
_logWarn("Error while retrieving App Check token: ".concat(appCheckTokenResult.error));
|
|
3529
|
+
var appCheckTokenResult;
|
|
3530
|
+
return tslib.__generator(this, function (_b) {
|
|
3531
|
+
switch (_b.label) {
|
|
3532
|
+
case 0: return [4 /*yield*/, ((_a = this.appCheckServiceProvider
|
|
3533
|
+
.getImmediate({ optional: true })) === null || _a === void 0 ? void 0 : _a.getToken())];
|
|
3534
|
+
case 1:
|
|
3535
|
+
appCheckTokenResult = _b.sent();
|
|
3536
|
+
if (appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.error) {
|
|
3537
|
+
// Context: appCheck.getToken() will never throw even if an error happened.
|
|
3538
|
+
// In the error case, a dummy token will be returned along with an error field describing
|
|
3539
|
+
// the error. In general, we shouldn't care about the error condition and just use
|
|
3540
|
+
// the token (actual or dummy) to send requests.
|
|
3541
|
+
_logWarn("Error while retrieving App Check token: ".concat(appCheckTokenResult.error));
|
|
3542
|
+
}
|
|
3543
|
+
return [2 /*return*/, appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.token];
|
|
3544
|
+
}
|
|
3545
|
+
});
|
|
3546
|
+
});
|
|
3547
|
+
};
|
|
3548
|
+
return AuthImpl;
|
|
3549
|
+
}());
|
|
3550
|
+
/**
|
|
3551
|
+
* Method to be used to cast down to our private implmentation of Auth.
|
|
3552
|
+
* It will also handle unwrapping from the compat type if necessary
|
|
3553
|
+
*
|
|
3554
|
+
* @param auth Auth object passed in from developer
|
|
3555
|
+
*/
|
|
3556
|
+
function _castAuth(auth) {
|
|
3557
|
+
return util.getModularInstance(auth);
|
|
3558
|
+
}
|
|
3559
|
+
/** Helper class to wrap subscriber logic */
|
|
3560
|
+
var Subscription = /** @class */ (function () {
|
|
3561
|
+
function Subscription(auth) {
|
|
3562
|
+
var _this = this;
|
|
3563
|
+
this.auth = auth;
|
|
3564
|
+
this.observer = null;
|
|
3565
|
+
this.addObserver = util.createSubscribe(function (observer) { return (_this.observer = observer); });
|
|
3566
|
+
}
|
|
3567
|
+
Object.defineProperty(Subscription.prototype, "next", {
|
|
3568
|
+
get: function () {
|
|
3569
|
+
_assert(this.observer, this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
|
|
3570
|
+
return this.observer.next.bind(this.observer);
|
|
3571
|
+
},
|
|
3572
|
+
enumerable: false,
|
|
3573
|
+
configurable: true
|
|
3574
|
+
});
|
|
3575
|
+
return Subscription;
|
|
3576
|
+
}());
|
|
3577
|
+
|
|
3578
|
+
/**
|
|
3579
|
+
* @license
|
|
3580
|
+
* Copyright 2020 Google LLC
|
|
3581
|
+
*
|
|
3582
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
3583
|
+
* you may not use this file except in compliance with the License.
|
|
3584
|
+
* You may obtain a copy of the License at
|
|
3585
|
+
*
|
|
3586
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
3587
|
+
*
|
|
3588
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
3589
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
3590
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
3591
|
+
* See the License for the specific language governing permissions and
|
|
3592
|
+
* limitations under the License.
|
|
3593
|
+
*/
|
|
3594
|
+
function getScriptParentElement() {
|
|
3595
|
+
var _a, _b;
|
|
3596
|
+
return (_b = (_a = document.getElementsByTagName('head')) === null || _a === void 0 ? void 0 : _a[0]) !== null && _b !== void 0 ? _b : document;
|
|
3597
|
+
}
|
|
3598
|
+
function _loadJS(url) {
|
|
3599
|
+
// TODO: consider adding timeout support & cancellation
|
|
3600
|
+
return new Promise(function (resolve, reject) {
|
|
3601
|
+
var el = document.createElement('script');
|
|
3602
|
+
el.setAttribute('src', url);
|
|
3603
|
+
el.onload = resolve;
|
|
3604
|
+
el.onerror = function (e) {
|
|
3605
|
+
var error = _createError("internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
|
|
3606
|
+
error.customData = e;
|
|
3607
|
+
reject(error);
|
|
3608
|
+
};
|
|
3609
|
+
el.type = 'text/javascript';
|
|
3610
|
+
el.charset = 'UTF-8';
|
|
3611
|
+
getScriptParentElement().appendChild(el);
|
|
3612
|
+
});
|
|
3613
|
+
}
|
|
3614
|
+
|
|
3615
|
+
/* eslint-disable @typescript-eslint/no-require-imports */
|
|
3616
|
+
var RECAPTCHA_ENTERPRISE_URL = 'https://www.google.com/recaptcha/enterprise.js?render=';
|
|
3617
|
+
var RECAPTCHA_ENTERPRISE_VERIFIER_TYPE = 'recaptcha-enterprise';
|
|
3618
|
+
var FAKE_TOKEN = 'NO_RECAPTCHA';
|
|
3619
|
+
var RecaptchaEnterpriseVerifier = /** @class */ (function () {
|
|
3620
|
+
/**
|
|
3621
|
+
*
|
|
3622
|
+
* @param authExtern - The corresponding Firebase {@link Auth} instance.
|
|
3623
|
+
*
|
|
3624
|
+
*/
|
|
3625
|
+
function RecaptchaEnterpriseVerifier(authExtern) {
|
|
3626
|
+
/**
|
|
3627
|
+
* Identifies the type of application verifier (e.g. "recaptcha-enterprise").
|
|
3628
|
+
*/
|
|
3629
|
+
this.type = RECAPTCHA_ENTERPRISE_VERIFIER_TYPE;
|
|
3630
|
+
this.auth = _castAuth(authExtern);
|
|
3631
|
+
}
|
|
3632
|
+
/**
|
|
3633
|
+
* Executes the verification process.
|
|
3634
|
+
*
|
|
3635
|
+
* @returns A Promise for a token that can be used to assert the validity of a request.
|
|
3636
|
+
*/
|
|
3637
|
+
RecaptchaEnterpriseVerifier.prototype.verify = function (action, forceRefresh) {
|
|
3638
|
+
if (action === void 0) { action = 'verify'; }
|
|
3639
|
+
if (forceRefresh === void 0) { forceRefresh = false; }
|
|
3640
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3641
|
+
function retrieveSiteKey(auth) {
|
|
3642
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3643
|
+
var _this = this;
|
|
3644
|
+
return tslib.__generator(this, function (_a) {
|
|
3645
|
+
if (!forceRefresh) {
|
|
3646
|
+
if (auth.tenantId == null && auth._agentRecaptchaConfig != null) {
|
|
3647
|
+
return [2 /*return*/, auth._agentRecaptchaConfig.siteKey];
|
|
3648
|
+
}
|
|
3649
|
+
if (auth.tenantId != null &&
|
|
3650
|
+
auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined) {
|
|
3651
|
+
return [2 /*return*/, auth._tenantRecaptchaConfigs[auth.tenantId].siteKey];
|
|
3652
|
+
}
|
|
3509
3653
|
}
|
|
3510
|
-
return [2 /*return*/,
|
|
3654
|
+
return [2 /*return*/, new Promise(function (resolve, reject) { return tslib.__awaiter(_this, void 0, void 0, function () {
|
|
3655
|
+
return tslib.__generator(this, function (_a) {
|
|
3656
|
+
getRecaptchaConfig(auth, {
|
|
3657
|
+
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
|
|
3658
|
+
version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
3659
|
+
})
|
|
3660
|
+
.then(function (response) {
|
|
3661
|
+
if (response.recaptchaKey === undefined) {
|
|
3662
|
+
reject(new Error('recaptcha Enterprise site key undefined'));
|
|
3663
|
+
}
|
|
3664
|
+
else {
|
|
3665
|
+
var config = new RecaptchaConfig(response);
|
|
3666
|
+
if (auth.tenantId == null) {
|
|
3667
|
+
auth._agentRecaptchaConfig = config;
|
|
3668
|
+
}
|
|
3669
|
+
else {
|
|
3670
|
+
auth._tenantRecaptchaConfigs[auth.tenantId] = config;
|
|
3671
|
+
}
|
|
3672
|
+
return resolve(config.siteKey);
|
|
3673
|
+
}
|
|
3674
|
+
})
|
|
3675
|
+
.catch(function (error) {
|
|
3676
|
+
reject(error);
|
|
3677
|
+
});
|
|
3678
|
+
return [2 /*return*/];
|
|
3679
|
+
});
|
|
3680
|
+
}); })];
|
|
3681
|
+
});
|
|
3682
|
+
});
|
|
3683
|
+
}
|
|
3684
|
+
function retrieveRecaptchaToken(siteKey, resolve, reject) {
|
|
3685
|
+
var grecaptcha = window.grecaptcha;
|
|
3686
|
+
if (isEnterprise(grecaptcha)) {
|
|
3687
|
+
grecaptcha.enterprise.ready(function () {
|
|
3688
|
+
grecaptcha.enterprise
|
|
3689
|
+
.execute(siteKey, { action: action })
|
|
3690
|
+
.then(function (token) {
|
|
3691
|
+
resolve(token);
|
|
3692
|
+
})
|
|
3693
|
+
.catch(function () {
|
|
3694
|
+
resolve(FAKE_TOKEN);
|
|
3695
|
+
});
|
|
3696
|
+
});
|
|
3697
|
+
}
|
|
3698
|
+
else {
|
|
3699
|
+
reject(Error('No reCAPTCHA enterprise script loaded.'));
|
|
3511
3700
|
}
|
|
3701
|
+
}
|
|
3702
|
+
var _this = this;
|
|
3703
|
+
return tslib.__generator(this, function (_a) {
|
|
3704
|
+
return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
3705
|
+
retrieveSiteKey(_this.auth)
|
|
3706
|
+
.then(function (siteKey) {
|
|
3707
|
+
if (!forceRefresh && isEnterprise(window.grecaptcha)) {
|
|
3708
|
+
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
3709
|
+
}
|
|
3710
|
+
else {
|
|
3711
|
+
if (typeof window === 'undefined') {
|
|
3712
|
+
reject(new Error('RecaptchaVerifier is only supported in browser'));
|
|
3713
|
+
return;
|
|
3714
|
+
}
|
|
3715
|
+
_loadJS(RECAPTCHA_ENTERPRISE_URL + siteKey)
|
|
3716
|
+
.then(function () {
|
|
3717
|
+
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
3718
|
+
})
|
|
3719
|
+
.catch(function (error) {
|
|
3720
|
+
reject(error);
|
|
3721
|
+
});
|
|
3722
|
+
}
|
|
3723
|
+
})
|
|
3724
|
+
.catch(function (error) {
|
|
3725
|
+
reject(error);
|
|
3726
|
+
});
|
|
3727
|
+
})];
|
|
3512
3728
|
});
|
|
3513
3729
|
});
|
|
3514
3730
|
};
|
|
3515
|
-
return
|
|
3731
|
+
return RecaptchaEnterpriseVerifier;
|
|
3516
3732
|
}());
|
|
3517
|
-
|
|
3518
|
-
|
|
3519
|
-
|
|
3520
|
-
|
|
3521
|
-
|
|
3522
|
-
|
|
3523
|
-
|
|
3524
|
-
|
|
3733
|
+
function injectRecaptchaFields(auth, request, action, captchaResp) {
|
|
3734
|
+
if (captchaResp === void 0) { captchaResp = false; }
|
|
3735
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3736
|
+
var verifier, captchaResponse, newRequest;
|
|
3737
|
+
return tslib.__generator(this, function (_a) {
|
|
3738
|
+
switch (_a.label) {
|
|
3739
|
+
case 0:
|
|
3740
|
+
verifier = new RecaptchaEnterpriseVerifier(auth);
|
|
3741
|
+
_a.label = 1;
|
|
3742
|
+
case 1:
|
|
3743
|
+
_a.trys.push([1, 3, , 5]);
|
|
3744
|
+
return [4 /*yield*/, verifier.verify(action)];
|
|
3745
|
+
case 2:
|
|
3746
|
+
captchaResponse = _a.sent();
|
|
3747
|
+
return [3 /*break*/, 5];
|
|
3748
|
+
case 3:
|
|
3749
|
+
_a.sent();
|
|
3750
|
+
return [4 /*yield*/, verifier.verify(action, true)];
|
|
3751
|
+
case 4:
|
|
3752
|
+
captchaResponse = _a.sent();
|
|
3753
|
+
return [3 /*break*/, 5];
|
|
3754
|
+
case 5:
|
|
3755
|
+
newRequest = tslib.__assign({}, request);
|
|
3756
|
+
if (!captchaResp) {
|
|
3757
|
+
Object.assign(newRequest, { captchaResponse: captchaResponse });
|
|
3758
|
+
}
|
|
3759
|
+
else {
|
|
3760
|
+
Object.assign(newRequest, { 'captchaResp': captchaResponse });
|
|
3761
|
+
}
|
|
3762
|
+
Object.assign(newRequest, { 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ });
|
|
3763
|
+
Object.assign(newRequest, {
|
|
3764
|
+
'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
3765
|
+
});
|
|
3766
|
+
return [2 /*return*/, newRequest];
|
|
3767
|
+
}
|
|
3768
|
+
});
|
|
3769
|
+
});
|
|
3525
3770
|
}
|
|
3526
|
-
|
|
3527
|
-
|
|
3528
|
-
|
|
3529
|
-
|
|
3530
|
-
|
|
3531
|
-
|
|
3532
|
-
|
|
3533
|
-
|
|
3534
|
-
|
|
3535
|
-
|
|
3536
|
-
|
|
3537
|
-
|
|
3538
|
-
|
|
3539
|
-
|
|
3540
|
-
|
|
3771
|
+
function _initializeRecaptchaConfig(auth) {
|
|
3772
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3773
|
+
var authInternal, response, config, verifier;
|
|
3774
|
+
return tslib.__generator(this, function (_a) {
|
|
3775
|
+
switch (_a.label) {
|
|
3776
|
+
case 0:
|
|
3777
|
+
authInternal = _castAuth(auth);
|
|
3778
|
+
return [4 /*yield*/, getRecaptchaConfig(authInternal, {
|
|
3779
|
+
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
|
|
3780
|
+
version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
3781
|
+
})];
|
|
3782
|
+
case 1:
|
|
3783
|
+
response = _a.sent();
|
|
3784
|
+
config = new RecaptchaConfig(response);
|
|
3785
|
+
if (authInternal.tenantId == null) {
|
|
3786
|
+
authInternal._agentRecaptchaConfig = config;
|
|
3787
|
+
}
|
|
3788
|
+
else {
|
|
3789
|
+
authInternal._tenantRecaptchaConfigs[authInternal.tenantId] = config;
|
|
3790
|
+
}
|
|
3791
|
+
if (config.emailPasswordEnabled) {
|
|
3792
|
+
verifier = new RecaptchaEnterpriseVerifier(authInternal);
|
|
3793
|
+
void verifier.verify();
|
|
3794
|
+
}
|
|
3795
|
+
return [2 /*return*/];
|
|
3796
|
+
}
|
|
3797
|
+
});
|
|
3541
3798
|
});
|
|
3542
|
-
|
|
3543
|
-
}());
|
|
3799
|
+
}
|
|
3544
3800
|
|
|
3545
3801
|
/**
|
|
3546
3802
|
* @license
|
|
@@ -6193,6 +6449,36 @@ function _setActionCodeSettingsOnRequest(auth, request, actionCodeSettings) {
|
|
|
6193
6449
|
* See the License for the specific language governing permissions and
|
|
6194
6450
|
* limitations under the License.
|
|
6195
6451
|
*/
|
|
6452
|
+
/**
|
|
6453
|
+
* Updates the password policy cached in the {@link Auth} instance if a policy is already
|
|
6454
|
+
* cached for the project or tenant.
|
|
6455
|
+
*
|
|
6456
|
+
* @remarks
|
|
6457
|
+
* We only fetch the password policy if the password did not meet policy requirements and
|
|
6458
|
+
* there is an existing policy cached. A developer must call validatePassword at least
|
|
6459
|
+
* once for the cache to be automatically updated.
|
|
6460
|
+
*
|
|
6461
|
+
* @param auth - The {@link Auth} instance.
|
|
6462
|
+
*
|
|
6463
|
+
* @private
|
|
6464
|
+
*/
|
|
6465
|
+
function recachePasswordPolicy(auth) {
|
|
6466
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
6467
|
+
var authInternal;
|
|
6468
|
+
return tslib.__generator(this, function (_a) {
|
|
6469
|
+
switch (_a.label) {
|
|
6470
|
+
case 0:
|
|
6471
|
+
authInternal = _castAuth(auth);
|
|
6472
|
+
if (!authInternal._getPasswordPolicyInternal()) return [3 /*break*/, 2];
|
|
6473
|
+
return [4 /*yield*/, authInternal._updatePasswordPolicy()];
|
|
6474
|
+
case 1:
|
|
6475
|
+
_a.sent();
|
|
6476
|
+
_a.label = 2;
|
|
6477
|
+
case 2: return [2 /*return*/];
|
|
6478
|
+
}
|
|
6479
|
+
});
|
|
6480
|
+
});
|
|
6481
|
+
}
|
|
6196
6482
|
/**
|
|
6197
6483
|
* Sends a password reset email to the given email address.
|
|
6198
6484
|
*
|
|
@@ -6296,12 +6582,22 @@ function sendPasswordResetEmail(auth, email, actionCodeSettings) {
|
|
|
6296
6582
|
*/
|
|
6297
6583
|
function confirmPasswordReset(auth, oobCode, newPassword) {
|
|
6298
6584
|
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
6585
|
+
var _this = this;
|
|
6299
6586
|
return tslib.__generator(this, function (_a) {
|
|
6300
6587
|
switch (_a.label) {
|
|
6301
6588
|
case 0: return [4 /*yield*/, resetPassword(util.getModularInstance(auth), {
|
|
6302
6589
|
oobCode: oobCode,
|
|
6303
6590
|
newPassword: newPassword
|
|
6304
|
-
})
|
|
6591
|
+
})
|
|
6592
|
+
.catch(function (error) { return tslib.__awaiter(_this, void 0, void 0, function () {
|
|
6593
|
+
return tslib.__generator(this, function (_a) {
|
|
6594
|
+
if (error.code ===
|
|
6595
|
+
"auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
|
|
6596
|
+
void recachePasswordPolicy(auth);
|
|
6597
|
+
}
|
|
6598
|
+
throw error;
|
|
6599
|
+
});
|
|
6600
|
+
}); })];
|
|
6305
6601
|
case 1:
|
|
6306
6602
|
_a.sent();
|
|
6307
6603
|
return [2 /*return*/];
|
|
@@ -6457,13 +6753,16 @@ function createUserWithEmailAndPassword(auth, email, password) {
|
|
|
6457
6753
|
case 1:
|
|
6458
6754
|
requestWithRecaptcha = _a.sent();
|
|
6459
6755
|
return [2 /*return*/, signUp(authInternal, requestWithRecaptcha)];
|
|
6460
|
-
case 2:
|
|
6756
|
+
case 2: throw error;
|
|
6461
6757
|
}
|
|
6462
6758
|
});
|
|
6463
6759
|
}); });
|
|
6464
6760
|
_b.label = 3;
|
|
6465
6761
|
case 3: return [4 /*yield*/, signUpResponse.catch(function (error) {
|
|
6466
|
-
|
|
6762
|
+
if (error.code === "auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
|
|
6763
|
+
void recachePasswordPolicy(auth);
|
|
6764
|
+
}
|
|
6765
|
+
throw error;
|
|
6467
6766
|
})];
|
|
6468
6767
|
case 4:
|
|
6469
6768
|
response = _b.sent();
|
|
@@ -6495,7 +6794,15 @@ function createUserWithEmailAndPassword(auth, email, password) {
|
|
|
6495
6794
|
* @public
|
|
6496
6795
|
*/
|
|
6497
6796
|
function signInWithEmailAndPassword(auth, email, password) {
|
|
6498
|
-
|
|
6797
|
+
var _this = this;
|
|
6798
|
+
return signInWithCredential(util.getModularInstance(auth), EmailAuthProvider.credential(email, password)).catch(function (error) { return tslib.__awaiter(_this, void 0, void 0, function () {
|
|
6799
|
+
return tslib.__generator(this, function (_a) {
|
|
6800
|
+
if (error.code === "auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
|
|
6801
|
+
void recachePasswordPolicy(auth);
|
|
6802
|
+
}
|
|
6803
|
+
throw error;
|
|
6804
|
+
});
|
|
6805
|
+
}); });
|
|
6499
6806
|
}
|
|
6500
6807
|
|
|
6501
6808
|
/**
|
|
@@ -7233,8 +7540,39 @@ function setPersistence(auth, persistence) {
|
|
|
7233
7540
|
* @public
|
|
7234
7541
|
*/
|
|
7235
7542
|
function initializeRecaptchaConfig(auth) {
|
|
7236
|
-
|
|
7237
|
-
|
|
7543
|
+
return _initializeRecaptchaConfig(auth);
|
|
7544
|
+
}
|
|
7545
|
+
/**
|
|
7546
|
+
* Validates the password against the password policy configured for the project or tenant.
|
|
7547
|
+
*
|
|
7548
|
+
* @remarks
|
|
7549
|
+
* If no tenant ID is set on the `Auth` instance, then this method will use the password
|
|
7550
|
+
* policy configured for the project. Otherwise, this method will use the policy configured
|
|
7551
|
+
* for the tenant. If a password policy has not been configured, then the default policy
|
|
7552
|
+
* configured for all projects will be used.
|
|
7553
|
+
*
|
|
7554
|
+
* If an auth flow fails because a submitted password does not meet the password policy
|
|
7555
|
+
* requirements and this method has previously been called, then this method will use the
|
|
7556
|
+
* most recent policy available when called again.
|
|
7557
|
+
*
|
|
7558
|
+
* @example
|
|
7559
|
+
* ```javascript
|
|
7560
|
+
* validatePassword(auth, 'some-password');
|
|
7561
|
+
* ```
|
|
7562
|
+
*
|
|
7563
|
+
* @param auth The {@link Auth} instance.
|
|
7564
|
+
* @param password The password to validate.
|
|
7565
|
+
*
|
|
7566
|
+
* @public
|
|
7567
|
+
*/
|
|
7568
|
+
function validatePassword(auth, password) {
|
|
7569
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
7570
|
+
var authInternal;
|
|
7571
|
+
return tslib.__generator(this, function (_a) {
|
|
7572
|
+
authInternal = _castAuth(auth);
|
|
7573
|
+
return [2 /*return*/, authInternal.validatePassword(password)];
|
|
7574
|
+
});
|
|
7575
|
+
});
|
|
7238
7576
|
}
|
|
7239
7577
|
/**
|
|
7240
7578
|
* Adds an observer for changes to the signed-in user's ID token.
|
|
@@ -7650,7 +7988,7 @@ function multiFactor(user) {
|
|
|
7650
7988
|
}
|
|
7651
7989
|
|
|
7652
7990
|
var name = "@firebase/auth";
|
|
7653
|
-
var version = "1.
|
|
7991
|
+
var version = "1.2.0-20230815211035";
|
|
7654
7992
|
|
|
7655
7993
|
/**
|
|
7656
7994
|
* @license
|
|
@@ -8218,6 +8556,7 @@ exports.updatePassword = updatePassword;
|
|
|
8218
8556
|
exports.updatePhoneNumber = updatePhoneNumber;
|
|
8219
8557
|
exports.updateProfile = updateProfile;
|
|
8220
8558
|
exports.useDeviceLanguage = useDeviceLanguage;
|
|
8559
|
+
exports.validatePassword = validatePassword;
|
|
8221
8560
|
exports.verifyBeforeUpdateEmail = verifyBeforeUpdateEmail;
|
|
8222
8561
|
exports.verifyPasswordResetCode = verifyPasswordResetCode;
|
|
8223
|
-
//# sourceMappingURL=totp-
|
|
8562
|
+
//# sourceMappingURL=totp-59663c77.js.map
|