@firebase/auth 1.1.0 → 1.2.0-canary.309f7a914
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +28 -1
- package/dist/auth-public.d.ts +119 -0
- package/dist/auth.d.ts +179 -2
- package/dist/browser-cjs/{index-0b2238be.js → index-d2c2196f.js} +566 -278
- package/dist/browser-cjs/index-d2c2196f.js.map +1 -0
- package/dist/browser-cjs/index.js +3 -2
- package/dist/browser-cjs/index.js.map +1 -1
- package/dist/browser-cjs/index.rn.d.ts +11 -3
- package/dist/browser-cjs/internal.js +3 -2
- package/dist/browser-cjs/internal.js.map +1 -1
- package/dist/browser-cjs/src/api/errors.d.ts +2 -1
- package/dist/browser-cjs/src/api/index.d.ts +2 -1
- package/dist/browser-cjs/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/browser-cjs/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/browser-cjs/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/browser-cjs/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/browser-cjs/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/browser-cjs/src/core/errors.d.ts +3 -1
- package/dist/browser-cjs/src/core/index.d.ts +25 -1
- package/dist/browser-cjs/src/model/auth.d.ts +7 -2
- package/dist/browser-cjs/src/model/password_policy.d.ts +111 -0
- package/dist/browser-cjs/src/model/public_types.d.ts +88 -0
- package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/browser-cjs/src/platform_node/index.d.ts +1 -0
- package/dist/browser-cjs/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/browser-cjs/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/cordova/index.js +2 -2
- package/dist/cordova/index.rn.d.ts +11 -3
- package/dist/cordova/internal.js +2 -2
- package/dist/cordova/{popup_redirect-71c1ff0a.js → popup_redirect-63074918.js} +754 -416
- package/dist/cordova/popup_redirect-63074918.js.map +1 -0
- package/dist/cordova/src/api/errors.d.ts +2 -1
- package/dist/cordova/src/api/index.d.ts +2 -1
- package/dist/cordova/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/cordova/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/cordova/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/cordova/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/cordova/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/cordova/src/core/errors.d.ts +3 -1
- package/dist/cordova/src/core/index.d.ts +25 -1
- package/dist/cordova/src/model/auth.d.ts +7 -2
- package/dist/cordova/src/model/password_policy.d.ts +111 -0
- package/dist/cordova/src/model/public_types.d.ts +88 -0
- package/dist/cordova/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/cordova/src/platform_node/index.d.ts +1 -0
- package/dist/cordova/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/cordova/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/esm2017/{index-e24386e7.js → index-99f8b451.js} +566 -279
- package/dist/esm2017/index-99f8b451.js.map +1 -0
- package/dist/esm2017/index.js +2 -2
- package/dist/esm2017/index.rn.d.ts +11 -3
- package/dist/esm2017/internal.js +3 -3
- package/dist/esm2017/src/api/errors.d.ts +2 -1
- package/dist/esm2017/src/api/index.d.ts +2 -1
- package/dist/esm2017/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/esm2017/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/esm2017/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/esm2017/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/esm2017/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/esm2017/src/core/errors.d.ts +3 -1
- package/dist/esm2017/src/core/index.d.ts +25 -1
- package/dist/esm2017/src/model/auth.d.ts +7 -2
- package/dist/esm2017/src/model/password_policy.d.ts +111 -0
- package/dist/esm2017/src/model/public_types.d.ts +88 -0
- package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/esm2017/src/platform_node/index.d.ts +1 -0
- package/dist/esm2017/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/esm2017/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/esm5/{index-be7bff78.js → index-679880b3.js} +754 -416
- package/dist/esm5/index-679880b3.js.map +1 -0
- package/dist/esm5/index.js +1 -1
- package/dist/esm5/index.rn.d.ts +11 -3
- package/dist/esm5/internal.js +2 -2
- package/dist/esm5/src/api/errors.d.ts +2 -1
- package/dist/esm5/src/api/index.d.ts +2 -1
- package/dist/esm5/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/esm5/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/esm5/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/esm5/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/esm5/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/esm5/src/core/errors.d.ts +3 -1
- package/dist/esm5/src/core/index.d.ts +25 -1
- package/dist/esm5/src/model/auth.d.ts +7 -2
- package/dist/esm5/src/model/password_policy.d.ts +111 -0
- package/dist/esm5/src/model/public_types.d.ts +88 -0
- package/dist/esm5/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/esm5/src/platform_node/index.d.ts +1 -0
- package/dist/esm5/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/esm5/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/index.rn.d.ts +11 -3
- package/dist/index.webworker.esm5.js +828 -490
- package/dist/index.webworker.esm5.js.map +1 -1
- package/dist/node/index.js +2 -1
- package/dist/node/index.js.map +1 -1
- package/dist/node/index.rn.d.ts +11 -3
- package/dist/node/internal.js +2 -1
- package/dist/node/internal.js.map +1 -1
- package/dist/node/src/api/errors.d.ts +2 -1
- package/dist/node/src/api/index.d.ts +2 -1
- package/dist/node/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/node/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/node/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/node/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/node/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/node/src/core/errors.d.ts +3 -1
- package/dist/node/src/core/index.d.ts +25 -1
- package/dist/node/src/model/auth.d.ts +7 -2
- package/dist/node/src/model/password_policy.d.ts +111 -0
- package/dist/node/src/model/public_types.d.ts +88 -0
- package/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/node/src/platform_node/index.d.ts +1 -0
- package/dist/node/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/node/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/node/{totp-8a876b1a.js → totp-b4e8736c.js} +717 -378
- package/dist/node/totp-b4e8736c.js.map +1 -0
- package/dist/node-esm/index.js +1 -1
- package/dist/node-esm/index.rn.d.ts +11 -3
- package/dist/node-esm/internal.js +2 -2
- package/dist/node-esm/src/api/errors.d.ts +2 -1
- package/dist/node-esm/src/api/index.d.ts +2 -1
- package/dist/node-esm/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/node-esm/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/node-esm/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/node-esm/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/node-esm/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/node-esm/src/core/errors.d.ts +3 -1
- package/dist/node-esm/src/core/index.d.ts +25 -1
- package/dist/node-esm/src/model/auth.d.ts +7 -2
- package/dist/node-esm/src/model/password_policy.d.ts +111 -0
- package/dist/node-esm/src/model/public_types.d.ts +88 -0
- package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/node-esm/src/platform_node/index.d.ts +1 -0
- package/dist/node-esm/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/node-esm/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/node-esm/{totp-04ac595e.js → totp-ae3f6ed7.js} +554 -267
- package/dist/node-esm/totp-ae3f6ed7.js.map +1 -0
- package/dist/rn/{phone-2132481b.js → index-8d0ca009.js} +737 -397
- package/dist/rn/index-8d0ca009.js.map +1 -0
- package/dist/rn/index.js +90 -79
- package/dist/rn/index.js.map +1 -1
- package/dist/rn/index.rn.d.ts +11 -3
- package/dist/rn/internal.js +198 -197
- package/dist/rn/internal.js.map +1 -1
- package/dist/rn/src/api/errors.d.ts +2 -1
- package/dist/rn/src/api/index.d.ts +2 -1
- package/dist/rn/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/rn/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/rn/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/rn/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/rn/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/rn/src/core/errors.d.ts +3 -1
- package/dist/rn/src/core/index.d.ts +25 -1
- package/dist/rn/src/model/auth.d.ts +7 -2
- package/dist/rn/src/model/password_policy.d.ts +111 -0
- package/dist/rn/src/model/public_types.d.ts +88 -0
- package/dist/rn/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/rn/src/platform_node/index.d.ts +1 -0
- package/dist/rn/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/rn/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/src/api/errors.d.ts +2 -1
- package/dist/src/api/index.d.ts +2 -1
- package/dist/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/src/core/errors.d.ts +3 -1
- package/dist/src/core/index.d.ts +25 -1
- package/dist/src/model/auth.d.ts +7 -2
- package/dist/src/model/password_policy.d.ts +111 -0
- package/dist/src/model/public_types.d.ts +88 -0
- package/dist/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/src/platform_node/index.d.ts +1 -0
- package/dist/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/test/integration/flows/password_policy.test.d.ts +17 -0
- package/package.json +12 -7
- package/dist/browser-cjs/index-0b2238be.js.map +0 -1
- package/dist/cordova/popup_redirect-71c1ff0a.js.map +0 -1
- package/dist/esm2017/index-e24386e7.js.map +0 -1
- package/dist/esm5/index-be7bff78.js.map +0 -1
- package/dist/node/totp-8a876b1a.js.map +0 -1
- package/dist/node-esm/totp-04ac595e.js.map +0 -1
- package/dist/rn/phone-2132481b.js.map +0 -1
|
@@ -918,6 +918,53 @@ var IndexedDBLocalPersistence = /** @class */ (function () {
|
|
|
918
918
|
*/
|
|
919
919
|
var indexedDBLocalPersistence = IndexedDBLocalPersistence;
|
|
920
920
|
|
|
921
|
+
/**
|
|
922
|
+
* @license
|
|
923
|
+
* Copyright 2020 Google LLC
|
|
924
|
+
*
|
|
925
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
926
|
+
* you may not use this file except in compliance with the License.
|
|
927
|
+
* You may obtain a copy of the License at
|
|
928
|
+
*
|
|
929
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
930
|
+
*
|
|
931
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
932
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
933
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
934
|
+
* See the License for the specific language governing permissions and
|
|
935
|
+
* limitations under the License.
|
|
936
|
+
*/
|
|
937
|
+
function isV2(grecaptcha) {
|
|
938
|
+
return (grecaptcha !== undefined &&
|
|
939
|
+
grecaptcha.getResponse !== undefined);
|
|
940
|
+
}
|
|
941
|
+
function isEnterprise(grecaptcha) {
|
|
942
|
+
return (grecaptcha !== undefined &&
|
|
943
|
+
grecaptcha.enterprise !== undefined);
|
|
944
|
+
}
|
|
945
|
+
var RecaptchaConfig = /** @class */ (function () {
|
|
946
|
+
function RecaptchaConfig(response) {
|
|
947
|
+
/**
|
|
948
|
+
* The reCAPTCHA site key.
|
|
949
|
+
*/
|
|
950
|
+
this.siteKey = '';
|
|
951
|
+
/**
|
|
952
|
+
* The reCAPTCHA enablement status of the {@link EmailAuthProvider} for the current tenant.
|
|
953
|
+
*/
|
|
954
|
+
this.emailPasswordEnabled = false;
|
|
955
|
+
if (response.recaptchaKey === undefined) {
|
|
956
|
+
throw new Error('recaptchaKey undefined');
|
|
957
|
+
}
|
|
958
|
+
// Example response.recaptchaKey: "projects/proj123/keys/sitekey123"
|
|
959
|
+
this.siteKey = response.recaptchaKey.split('/')[3];
|
|
960
|
+
this.emailPasswordEnabled = response.recaptchaEnforcementState.some(function (enforcementState) {
|
|
961
|
+
return enforcementState.provider === 'EMAIL_PASSWORD_PROVIDER' &&
|
|
962
|
+
enforcementState.enforcementState !== 'OFF';
|
|
963
|
+
});
|
|
964
|
+
}
|
|
965
|
+
return RecaptchaConfig;
|
|
966
|
+
}());
|
|
967
|
+
|
|
921
968
|
/**
|
|
922
969
|
* @license
|
|
923
970
|
* Copyright 2020 Google LLC
|
|
@@ -1090,6 +1137,8 @@ function _debugErrorMap() {
|
|
|
1090
1137
|
_a["missing-recaptcha-version" /* AuthErrorCode.MISSING_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is missing when sending request to the backend.',
|
|
1091
1138
|
_a["invalid-req-type" /* AuthErrorCode.INVALID_REQ_TYPE */] = 'Invalid request parameters.',
|
|
1092
1139
|
_a["invalid-recaptcha-version" /* AuthErrorCode.INVALID_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is invalid when sending request to the backend.',
|
|
1140
|
+
_a["unsupported-password-policy-schema-version" /* AuthErrorCode.UNSUPPORTED_PASSWORD_POLICY_SCHEMA_VERSION */] = 'The password policy received from the backend uses a schema version that is not supported by this version of the Firebase SDK.',
|
|
1141
|
+
_a["password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */] = 'The password does not meet the requirements.',
|
|
1093
1142
|
_a;
|
|
1094
1143
|
}
|
|
1095
1144
|
function _prodErrorMap() {
|
|
@@ -1635,6 +1684,7 @@ var SERVER_ERROR_MAP = (_a$1 = {},
|
|
|
1635
1684
|
_a$1["USER_NOT_FOUND" /* ServerError.USER_NOT_FOUND */] = "user-token-expired" /* AuthErrorCode.TOKEN_EXPIRED */,
|
|
1636
1685
|
// Other errors.
|
|
1637
1686
|
_a$1["TOO_MANY_ATTEMPTS_TRY_LATER" /* ServerError.TOO_MANY_ATTEMPTS_TRY_LATER */] = "too-many-requests" /* AuthErrorCode.TOO_MANY_ATTEMPTS_TRY_LATER */,
|
|
1687
|
+
_a$1["PASSWORD_DOES_NOT_MEET_REQUIREMENTS" /* ServerError.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */] = "password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */,
|
|
1638
1688
|
// Phone Auth related errors.
|
|
1639
1689
|
_a$1["INVALID_CODE" /* ServerError.INVALID_CODE */] = "invalid-verification-code" /* AuthErrorCode.INVALID_CODE */,
|
|
1640
1690
|
_a$1["INVALID_SESSION_INFO" /* ServerError.INVALID_SESSION_INFO */] = "invalid-verification-id" /* AuthErrorCode.INVALID_SESSION_INFO */,
|
|
@@ -1860,6 +1910,40 @@ function _makeTaggedError(auth, code, response) {
|
|
|
1860
1910
|
return error;
|
|
1861
1911
|
}
|
|
1862
1912
|
|
|
1913
|
+
/**
|
|
1914
|
+
* @license
|
|
1915
|
+
* Copyright 2020 Google LLC
|
|
1916
|
+
*
|
|
1917
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
1918
|
+
* you may not use this file except in compliance with the License.
|
|
1919
|
+
* You may obtain a copy of the License at
|
|
1920
|
+
*
|
|
1921
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
1922
|
+
*
|
|
1923
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
1924
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
1925
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
1926
|
+
* See the License for the specific language governing permissions and
|
|
1927
|
+
* limitations under the License.
|
|
1928
|
+
*/
|
|
1929
|
+
function getRecaptchaParams(auth) {
|
|
1930
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
1931
|
+
return __generator(this, function (_a) {
|
|
1932
|
+
switch (_a.label) {
|
|
1933
|
+
case 0: return [4 /*yield*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v1/recaptchaParams" /* Endpoint.GET_RECAPTCHA_PARAM */)];
|
|
1934
|
+
case 1: return [2 /*return*/, ((_a.sent()).recaptchaSiteKey || '')];
|
|
1935
|
+
}
|
|
1936
|
+
});
|
|
1937
|
+
});
|
|
1938
|
+
}
|
|
1939
|
+
function getRecaptchaConfig(auth, request) {
|
|
1940
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
1941
|
+
return __generator(this, function (_a) {
|
|
1942
|
+
return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/recaptchaConfig" /* Endpoint.GET_RECAPTCHA_CONFIG */, _addTidIfNecessary(auth, request))];
|
|
1943
|
+
});
|
|
1944
|
+
});
|
|
1945
|
+
}
|
|
1946
|
+
|
|
1863
1947
|
/**
|
|
1864
1948
|
* @license
|
|
1865
1949
|
* Copyright 2020 Google LLC
|
|
@@ -3258,7 +3342,7 @@ function _getClientVersion(clientPlatform, frameworks) {
|
|
|
3258
3342
|
|
|
3259
3343
|
/**
|
|
3260
3344
|
* @license
|
|
3261
|
-
* Copyright
|
|
3345
|
+
* Copyright 2022 Google LLC
|
|
3262
3346
|
*
|
|
3263
3347
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
3264
3348
|
* you may not use this file except in compliance with the License.
|
|
@@ -3272,27 +3356,129 @@ function _getClientVersion(clientPlatform, frameworks) {
|
|
|
3272
3356
|
* See the License for the specific language governing permissions and
|
|
3273
3357
|
* limitations under the License.
|
|
3274
3358
|
*/
|
|
3275
|
-
function
|
|
3276
|
-
|
|
3277
|
-
|
|
3278
|
-
|
|
3279
|
-
|
|
3280
|
-
|
|
3281
|
-
|
|
3359
|
+
var AuthMiddlewareQueue = /** @class */ (function () {
|
|
3360
|
+
function AuthMiddlewareQueue(auth) {
|
|
3361
|
+
this.auth = auth;
|
|
3362
|
+
this.queue = [];
|
|
3363
|
+
}
|
|
3364
|
+
AuthMiddlewareQueue.prototype.pushCallback = function (callback, onAbort) {
|
|
3365
|
+
var _this = this;
|
|
3366
|
+
// The callback could be sync or async. Wrap it into a
|
|
3367
|
+
// function that is always async.
|
|
3368
|
+
var wrappedCallback = function (user) {
|
|
3369
|
+
return new Promise(function (resolve, reject) {
|
|
3370
|
+
try {
|
|
3371
|
+
var result = callback(user);
|
|
3372
|
+
// Either resolve with existing promise or wrap a non-promise
|
|
3373
|
+
// return value into a promise.
|
|
3374
|
+
resolve(result);
|
|
3375
|
+
}
|
|
3376
|
+
catch (e) {
|
|
3377
|
+
// Sync callback throws.
|
|
3378
|
+
reject(e);
|
|
3379
|
+
}
|
|
3380
|
+
});
|
|
3381
|
+
};
|
|
3382
|
+
// Attach the onAbort if present
|
|
3383
|
+
wrappedCallback.onAbort = onAbort;
|
|
3384
|
+
this.queue.push(wrappedCallback);
|
|
3385
|
+
var index = this.queue.length - 1;
|
|
3386
|
+
return function () {
|
|
3387
|
+
// Unsubscribe. Replace with no-op. Do not remove from array, or it will disturb
|
|
3388
|
+
// indexing of other elements.
|
|
3389
|
+
_this.queue[index] = function () { return Promise.resolve(); };
|
|
3390
|
+
};
|
|
3391
|
+
};
|
|
3392
|
+
AuthMiddlewareQueue.prototype.runMiddleware = function (nextUser) {
|
|
3393
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
3394
|
+
var onAbortStack, _i, _a, beforeStateCallback, e_1, _b, onAbortStack_1, onAbort;
|
|
3395
|
+
return __generator(this, function (_c) {
|
|
3396
|
+
switch (_c.label) {
|
|
3397
|
+
case 0:
|
|
3398
|
+
if (this.auth.currentUser === nextUser) {
|
|
3399
|
+
return [2 /*return*/];
|
|
3400
|
+
}
|
|
3401
|
+
onAbortStack = [];
|
|
3402
|
+
_c.label = 1;
|
|
3403
|
+
case 1:
|
|
3404
|
+
_c.trys.push([1, 6, , 7]);
|
|
3405
|
+
_i = 0, _a = this.queue;
|
|
3406
|
+
_c.label = 2;
|
|
3407
|
+
case 2:
|
|
3408
|
+
if (!(_i < _a.length)) return [3 /*break*/, 5];
|
|
3409
|
+
beforeStateCallback = _a[_i];
|
|
3410
|
+
return [4 /*yield*/, beforeStateCallback(nextUser)];
|
|
3411
|
+
case 3:
|
|
3412
|
+
_c.sent();
|
|
3413
|
+
// Only push the onAbort if the callback succeeds
|
|
3414
|
+
if (beforeStateCallback.onAbort) {
|
|
3415
|
+
onAbortStack.push(beforeStateCallback.onAbort);
|
|
3416
|
+
}
|
|
3417
|
+
_c.label = 4;
|
|
3418
|
+
case 4:
|
|
3419
|
+
_i++;
|
|
3420
|
+
return [3 /*break*/, 2];
|
|
3421
|
+
case 5: return [3 /*break*/, 7];
|
|
3422
|
+
case 6:
|
|
3423
|
+
e_1 = _c.sent();
|
|
3424
|
+
// Run all onAbort, with separate try/catch to ignore any errors and
|
|
3425
|
+
// continue
|
|
3426
|
+
onAbortStack.reverse();
|
|
3427
|
+
for (_b = 0, onAbortStack_1 = onAbortStack; _b < onAbortStack_1.length; _b++) {
|
|
3428
|
+
onAbort = onAbortStack_1[_b];
|
|
3429
|
+
try {
|
|
3430
|
+
onAbort();
|
|
3431
|
+
}
|
|
3432
|
+
catch (_) {
|
|
3433
|
+
/* swallow error */
|
|
3434
|
+
}
|
|
3435
|
+
}
|
|
3436
|
+
throw this.auth._errorFactory.create("login-blocked" /* AuthErrorCode.LOGIN_BLOCKED */, {
|
|
3437
|
+
originalMessage: e_1 === null || e_1 === void 0 ? void 0 : e_1.message
|
|
3438
|
+
});
|
|
3439
|
+
case 7: return [2 /*return*/];
|
|
3440
|
+
}
|
|
3441
|
+
});
|
|
3282
3442
|
});
|
|
3283
|
-
}
|
|
3284
|
-
|
|
3285
|
-
|
|
3443
|
+
};
|
|
3444
|
+
return AuthMiddlewareQueue;
|
|
3445
|
+
}());
|
|
3446
|
+
|
|
3447
|
+
/**
|
|
3448
|
+
* @license
|
|
3449
|
+
* Copyright 2023 Google LLC
|
|
3450
|
+
*
|
|
3451
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
3452
|
+
* you may not use this file except in compliance with the License.
|
|
3453
|
+
* You may obtain a copy of the License at
|
|
3454
|
+
*
|
|
3455
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
3456
|
+
*
|
|
3457
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
3458
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
3459
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
3460
|
+
* See the License for the specific language governing permissions and
|
|
3461
|
+
* limitations under the License.
|
|
3462
|
+
*/
|
|
3463
|
+
/**
|
|
3464
|
+
* Fetches the password policy for the currently set tenant or the project if no tenant is set.
|
|
3465
|
+
*
|
|
3466
|
+
* @param auth Auth object.
|
|
3467
|
+
* @param request Password policy request.
|
|
3468
|
+
* @returns Password policy response.
|
|
3469
|
+
*/
|
|
3470
|
+
function _getPasswordPolicy(auth, request) {
|
|
3471
|
+
if (request === void 0) { request = {}; }
|
|
3286
3472
|
return __awaiter(this, void 0, void 0, function () {
|
|
3287
3473
|
return __generator(this, function (_a) {
|
|
3288
|
-
return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/
|
|
3474
|
+
return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/passwordPolicy" /* Endpoint.GET_PASSWORD_POLICY */, _addTidIfNecessary(auth, request))];
|
|
3289
3475
|
});
|
|
3290
3476
|
});
|
|
3291
3477
|
}
|
|
3292
3478
|
|
|
3293
3479
|
/**
|
|
3294
3480
|
* @license
|
|
3295
|
-
* Copyright
|
|
3481
|
+
* Copyright 2023 Google LLC
|
|
3296
3482
|
*
|
|
3297
3483
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
3298
3484
|
* you may not use this file except in compliance with the License.
|
|
@@ -3306,336 +3492,138 @@ function getRecaptchaConfig(auth, request) {
|
|
|
3306
3492
|
* See the License for the specific language governing permissions and
|
|
3307
3493
|
* limitations under the License.
|
|
3308
3494
|
*/
|
|
3309
|
-
|
|
3310
|
-
|
|
3311
|
-
|
|
3312
|
-
|
|
3313
|
-
|
|
3314
|
-
|
|
3315
|
-
|
|
3316
|
-
|
|
3317
|
-
|
|
3318
|
-
|
|
3319
|
-
|
|
3320
|
-
|
|
3321
|
-
|
|
3322
|
-
|
|
3323
|
-
|
|
3324
|
-
|
|
3325
|
-
|
|
3326
|
-
|
|
3327
|
-
|
|
3328
|
-
|
|
3495
|
+
// Minimum min password length enforced by the backend, even if no minimum length is set.
|
|
3496
|
+
var MINIMUM_MIN_PASSWORD_LENGTH = 6;
|
|
3497
|
+
/**
|
|
3498
|
+
* Stores password policy requirements and provides password validation against the policy.
|
|
3499
|
+
*
|
|
3500
|
+
* @internal
|
|
3501
|
+
*/
|
|
3502
|
+
var PasswordPolicyImpl = /** @class */ (function () {
|
|
3503
|
+
function PasswordPolicyImpl(response) {
|
|
3504
|
+
var _a, _b, _c, _d;
|
|
3505
|
+
// Only include custom strength options defined in the response.
|
|
3506
|
+
var responseOptions = response.customStrengthOptions;
|
|
3507
|
+
this.customStrengthOptions = {};
|
|
3508
|
+
// TODO: Remove once the backend is updated to include the minimum min password length instead of undefined when there is no minimum length set.
|
|
3509
|
+
this.customStrengthOptions.minPasswordLength =
|
|
3510
|
+
(_a = responseOptions.minPasswordLength) !== null && _a !== void 0 ? _a : MINIMUM_MIN_PASSWORD_LENGTH;
|
|
3511
|
+
if (responseOptions.maxPasswordLength) {
|
|
3512
|
+
this.customStrengthOptions.maxPasswordLength =
|
|
3513
|
+
responseOptions.maxPasswordLength;
|
|
3514
|
+
}
|
|
3515
|
+
if (responseOptions.containsLowercaseCharacter !== undefined) {
|
|
3516
|
+
this.customStrengthOptions.containsLowercaseLetter =
|
|
3517
|
+
responseOptions.containsLowercaseCharacter;
|
|
3518
|
+
}
|
|
3519
|
+
if (responseOptions.containsUppercaseCharacter !== undefined) {
|
|
3520
|
+
this.customStrengthOptions.containsUppercaseLetter =
|
|
3521
|
+
responseOptions.containsUppercaseCharacter;
|
|
3522
|
+
}
|
|
3523
|
+
if (responseOptions.containsNumericCharacter !== undefined) {
|
|
3524
|
+
this.customStrengthOptions.containsNumericCharacter =
|
|
3525
|
+
responseOptions.containsNumericCharacter;
|
|
3526
|
+
}
|
|
3527
|
+
if (responseOptions.containsNonAlphanumericCharacter !== undefined) {
|
|
3528
|
+
this.customStrengthOptions.containsNonAlphanumericCharacter =
|
|
3529
|
+
responseOptions.containsNonAlphanumericCharacter;
|
|
3530
|
+
}
|
|
3531
|
+
this.enforcementState = response.enforcementState;
|
|
3532
|
+
if (this.enforcementState === 'ENFORCEMENT_STATE_UNSPECIFIED') {
|
|
3533
|
+
this.enforcementState = 'OFF';
|
|
3534
|
+
}
|
|
3535
|
+
// Use an empty string if no non-alphanumeric characters are specified in the response.
|
|
3536
|
+
this.allowedNonAlphanumericCharacters =
|
|
3537
|
+
(_c = (_b = response.allowedNonAlphanumericCharacters) === null || _b === void 0 ? void 0 : _b.join('')) !== null && _c !== void 0 ? _c : '';
|
|
3538
|
+
this.forceUpgradeOnSignin = (_d = response.forceUpgradeOnSignin) !== null && _d !== void 0 ? _d : false;
|
|
3539
|
+
this.schemaVersion = response.schemaVersion;
|
|
3540
|
+
}
|
|
3541
|
+
PasswordPolicyImpl.prototype.validatePassword = function (password) {
|
|
3542
|
+
var _a, _b, _c, _d, _e, _f;
|
|
3543
|
+
var status = {
|
|
3544
|
+
isValid: true,
|
|
3545
|
+
passwordPolicy: this
|
|
3546
|
+
};
|
|
3547
|
+
// Check the password length and character options.
|
|
3548
|
+
this.validatePasswordLengthOptions(password, status);
|
|
3549
|
+
this.validatePasswordCharacterOptions(password, status);
|
|
3550
|
+
// Combine the status into single isValid property.
|
|
3551
|
+
status.isValid && (status.isValid = (_a = status.meetsMinPasswordLength) !== null && _a !== void 0 ? _a : true);
|
|
3552
|
+
status.isValid && (status.isValid = (_b = status.meetsMaxPasswordLength) !== null && _b !== void 0 ? _b : true);
|
|
3553
|
+
status.isValid && (status.isValid = (_c = status.containsLowercaseLetter) !== null && _c !== void 0 ? _c : true);
|
|
3554
|
+
status.isValid && (status.isValid = (_d = status.containsUppercaseLetter) !== null && _d !== void 0 ? _d : true);
|
|
3555
|
+
status.isValid && (status.isValid = (_e = status.containsNumericCharacter) !== null && _e !== void 0 ? _e : true);
|
|
3556
|
+
status.isValid && (status.isValid = (_f = status.containsNonAlphanumericCharacter) !== null && _f !== void 0 ? _f : true);
|
|
3557
|
+
return status;
|
|
3558
|
+
};
|
|
3559
|
+
/**
|
|
3560
|
+
* Validates that the password meets the length options for the policy.
|
|
3561
|
+
*
|
|
3562
|
+
* @param password Password to validate.
|
|
3563
|
+
* @param status Validation status.
|
|
3564
|
+
*/
|
|
3565
|
+
PasswordPolicyImpl.prototype.validatePasswordLengthOptions = function (password, status) {
|
|
3566
|
+
var minPasswordLength = this.customStrengthOptions.minPasswordLength;
|
|
3567
|
+
var maxPasswordLength = this.customStrengthOptions.maxPasswordLength;
|
|
3568
|
+
if (minPasswordLength) {
|
|
3569
|
+
status.meetsMinPasswordLength = password.length >= minPasswordLength;
|
|
3329
3570
|
}
|
|
3330
|
-
|
|
3331
|
-
|
|
3332
|
-
|
|
3333
|
-
|
|
3334
|
-
|
|
3335
|
-
|
|
3336
|
-
|
|
3337
|
-
|
|
3338
|
-
|
|
3339
|
-
|
|
3340
|
-
|
|
3341
|
-
|
|
3342
|
-
|
|
3343
|
-
|
|
3344
|
-
|
|
3345
|
-
|
|
3346
|
-
|
|
3347
|
-
|
|
3348
|
-
|
|
3349
|
-
|
|
3350
|
-
|
|
3351
|
-
|
|
3352
|
-
|
|
3353
|
-
|
|
3354
|
-
|
|
3355
|
-
*/
|
|
3356
|
-
|
|
3357
|
-
|
|
3358
|
-
|
|
3359
|
-
}
|
|
3360
|
-
|
|
3361
|
-
|
|
3362
|
-
|
|
3363
|
-
|
|
3364
|
-
|
|
3365
|
-
|
|
3366
|
-
|
|
3367
|
-
|
|
3368
|
-
|
|
3369
|
-
|
|
3370
|
-
|
|
3371
|
-
|
|
3372
|
-
|
|
3373
|
-
|
|
3374
|
-
|
|
3375
|
-
|
|
3376
|
-
|
|
3377
|
-
|
|
3378
|
-
|
|
3379
|
-
|
|
3380
|
-
|
|
3381
|
-
|
|
3382
|
-
|
|
3383
|
-
|
|
3384
|
-
|
|
3385
|
-
|
|
3386
|
-
*
|
|
3387
|
-
* @param authExtern - The corresponding Firebase {@link Auth} instance.
|
|
3388
|
-
*
|
|
3389
|
-
*/
|
|
3390
|
-
function RecaptchaEnterpriseVerifier(authExtern) {
|
|
3391
|
-
/**
|
|
3392
|
-
* Identifies the type of application verifier (e.g. "recaptcha-enterprise").
|
|
3393
|
-
*/
|
|
3394
|
-
this.type = RECAPTCHA_ENTERPRISE_VERIFIER_TYPE;
|
|
3395
|
-
this.auth = _castAuth(authExtern);
|
|
3396
|
-
}
|
|
3397
|
-
/**
|
|
3398
|
-
* Executes the verification process.
|
|
3399
|
-
*
|
|
3400
|
-
* @returns A Promise for a token that can be used to assert the validity of a request.
|
|
3401
|
-
*/
|
|
3402
|
-
RecaptchaEnterpriseVerifier.prototype.verify = function (action, forceRefresh) {
|
|
3403
|
-
if (action === void 0) { action = 'verify'; }
|
|
3404
|
-
if (forceRefresh === void 0) { forceRefresh = false; }
|
|
3405
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
3406
|
-
function retrieveSiteKey(auth) {
|
|
3407
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
3408
|
-
var _this = this;
|
|
3409
|
-
return __generator(this, function (_a) {
|
|
3410
|
-
if (!forceRefresh) {
|
|
3411
|
-
if (auth.tenantId == null && auth._agentRecaptchaConfig != null) {
|
|
3412
|
-
return [2 /*return*/, auth._agentRecaptchaConfig.siteKey];
|
|
3413
|
-
}
|
|
3414
|
-
if (auth.tenantId != null &&
|
|
3415
|
-
auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined) {
|
|
3416
|
-
return [2 /*return*/, auth._tenantRecaptchaConfigs[auth.tenantId].siteKey];
|
|
3417
|
-
}
|
|
3418
|
-
}
|
|
3419
|
-
return [2 /*return*/, new Promise(function (resolve, reject) { return __awaiter(_this, void 0, void 0, function () {
|
|
3420
|
-
return __generator(this, function (_a) {
|
|
3421
|
-
getRecaptchaConfig(auth, {
|
|
3422
|
-
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
|
|
3423
|
-
version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
3424
|
-
})
|
|
3425
|
-
.then(function (response) {
|
|
3426
|
-
if (response.recaptchaKey === undefined) {
|
|
3427
|
-
reject(new Error('recaptcha Enterprise site key undefined'));
|
|
3428
|
-
}
|
|
3429
|
-
else {
|
|
3430
|
-
var config = new RecaptchaConfig(response);
|
|
3431
|
-
if (auth.tenantId == null) {
|
|
3432
|
-
auth._agentRecaptchaConfig = config;
|
|
3433
|
-
}
|
|
3434
|
-
else {
|
|
3435
|
-
auth._tenantRecaptchaConfigs[auth.tenantId] = config;
|
|
3436
|
-
}
|
|
3437
|
-
return resolve(config.siteKey);
|
|
3438
|
-
}
|
|
3439
|
-
})
|
|
3440
|
-
.catch(function (error) {
|
|
3441
|
-
reject(error);
|
|
3442
|
-
});
|
|
3443
|
-
return [2 /*return*/];
|
|
3444
|
-
});
|
|
3445
|
-
}); })];
|
|
3446
|
-
});
|
|
3447
|
-
});
|
|
3448
|
-
}
|
|
3449
|
-
function retrieveRecaptchaToken(siteKey, resolve, reject) {
|
|
3450
|
-
var grecaptcha = window.grecaptcha;
|
|
3451
|
-
if (isEnterprise(grecaptcha)) {
|
|
3452
|
-
grecaptcha.enterprise.ready(function () {
|
|
3453
|
-
grecaptcha.enterprise
|
|
3454
|
-
.execute(siteKey, { action: action })
|
|
3455
|
-
.then(function (token) {
|
|
3456
|
-
resolve(token);
|
|
3457
|
-
})
|
|
3458
|
-
.catch(function () {
|
|
3459
|
-
resolve(FAKE_TOKEN);
|
|
3460
|
-
});
|
|
3461
|
-
});
|
|
3462
|
-
}
|
|
3463
|
-
else {
|
|
3464
|
-
reject(Error('No reCAPTCHA enterprise script loaded.'));
|
|
3465
|
-
}
|
|
3466
|
-
}
|
|
3467
|
-
var _this = this;
|
|
3468
|
-
return __generator(this, function (_a) {
|
|
3469
|
-
return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
3470
|
-
retrieveSiteKey(_this.auth)
|
|
3471
|
-
.then(function (siteKey) {
|
|
3472
|
-
if (!forceRefresh && isEnterprise(window.grecaptcha)) {
|
|
3473
|
-
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
3474
|
-
}
|
|
3475
|
-
else {
|
|
3476
|
-
if (typeof window === 'undefined') {
|
|
3477
|
-
reject(new Error('RecaptchaVerifier is only supported in browser'));
|
|
3478
|
-
return;
|
|
3479
|
-
}
|
|
3480
|
-
_loadJS(RECAPTCHA_ENTERPRISE_URL + siteKey)
|
|
3481
|
-
.then(function () {
|
|
3482
|
-
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
3483
|
-
})
|
|
3484
|
-
.catch(function (error) {
|
|
3485
|
-
reject(error);
|
|
3486
|
-
});
|
|
3487
|
-
}
|
|
3488
|
-
})
|
|
3489
|
-
.catch(function (error) {
|
|
3490
|
-
reject(error);
|
|
3491
|
-
});
|
|
3492
|
-
})];
|
|
3493
|
-
});
|
|
3494
|
-
});
|
|
3495
|
-
};
|
|
3496
|
-
return RecaptchaEnterpriseVerifier;
|
|
3497
|
-
}());
|
|
3498
|
-
function injectRecaptchaFields(auth, request, action, captchaResp) {
|
|
3499
|
-
if (captchaResp === void 0) { captchaResp = false; }
|
|
3500
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
3501
|
-
var verifier, captchaResponse, newRequest;
|
|
3502
|
-
return __generator(this, function (_a) {
|
|
3503
|
-
switch (_a.label) {
|
|
3504
|
-
case 0:
|
|
3505
|
-
verifier = new RecaptchaEnterpriseVerifier(auth);
|
|
3506
|
-
_a.label = 1;
|
|
3507
|
-
case 1:
|
|
3508
|
-
_a.trys.push([1, 3, , 5]);
|
|
3509
|
-
return [4 /*yield*/, verifier.verify(action)];
|
|
3510
|
-
case 2:
|
|
3511
|
-
captchaResponse = _a.sent();
|
|
3512
|
-
return [3 /*break*/, 5];
|
|
3513
|
-
case 3:
|
|
3514
|
-
_a.sent();
|
|
3515
|
-
return [4 /*yield*/, verifier.verify(action, true)];
|
|
3516
|
-
case 4:
|
|
3517
|
-
captchaResponse = _a.sent();
|
|
3518
|
-
return [3 /*break*/, 5];
|
|
3519
|
-
case 5:
|
|
3520
|
-
newRequest = __assign({}, request);
|
|
3521
|
-
if (!captchaResp) {
|
|
3522
|
-
Object.assign(newRequest, { captchaResponse: captchaResponse });
|
|
3523
|
-
}
|
|
3524
|
-
else {
|
|
3525
|
-
Object.assign(newRequest, { 'captchaResp': captchaResponse });
|
|
3526
|
-
}
|
|
3527
|
-
Object.assign(newRequest, { 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ });
|
|
3528
|
-
Object.assign(newRequest, {
|
|
3529
|
-
'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
3530
|
-
});
|
|
3531
|
-
return [2 /*return*/, newRequest];
|
|
3532
|
-
}
|
|
3533
|
-
});
|
|
3534
|
-
});
|
|
3535
|
-
}
|
|
3536
|
-
|
|
3537
|
-
/**
|
|
3538
|
-
* @license
|
|
3539
|
-
* Copyright 2022 Google LLC
|
|
3540
|
-
*
|
|
3541
|
-
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
3542
|
-
* you may not use this file except in compliance with the License.
|
|
3543
|
-
* You may obtain a copy of the License at
|
|
3544
|
-
*
|
|
3545
|
-
* http://www.apache.org/licenses/LICENSE-2.0
|
|
3546
|
-
*
|
|
3547
|
-
* Unless required by applicable law or agreed to in writing, software
|
|
3548
|
-
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
3549
|
-
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
3550
|
-
* See the License for the specific language governing permissions and
|
|
3551
|
-
* limitations under the License.
|
|
3552
|
-
*/
|
|
3553
|
-
var AuthMiddlewareQueue = /** @class */ (function () {
|
|
3554
|
-
function AuthMiddlewareQueue(auth) {
|
|
3555
|
-
this.auth = auth;
|
|
3556
|
-
this.queue = [];
|
|
3557
|
-
}
|
|
3558
|
-
AuthMiddlewareQueue.prototype.pushCallback = function (callback, onAbort) {
|
|
3559
|
-
var _this = this;
|
|
3560
|
-
// The callback could be sync or async. Wrap it into a
|
|
3561
|
-
// function that is always async.
|
|
3562
|
-
var wrappedCallback = function (user) {
|
|
3563
|
-
return new Promise(function (resolve, reject) {
|
|
3564
|
-
try {
|
|
3565
|
-
var result = callback(user);
|
|
3566
|
-
// Either resolve with existing promise or wrap a non-promise
|
|
3567
|
-
// return value into a promise.
|
|
3568
|
-
resolve(result);
|
|
3569
|
-
}
|
|
3570
|
-
catch (e) {
|
|
3571
|
-
// Sync callback throws.
|
|
3572
|
-
reject(e);
|
|
3573
|
-
}
|
|
3574
|
-
});
|
|
3575
|
-
};
|
|
3576
|
-
// Attach the onAbort if present
|
|
3577
|
-
wrappedCallback.onAbort = onAbort;
|
|
3578
|
-
this.queue.push(wrappedCallback);
|
|
3579
|
-
var index = this.queue.length - 1;
|
|
3580
|
-
return function () {
|
|
3581
|
-
// Unsubscribe. Replace with no-op. Do not remove from array, or it will disturb
|
|
3582
|
-
// indexing of other elements.
|
|
3583
|
-
_this.queue[index] = function () { return Promise.resolve(); };
|
|
3584
|
-
};
|
|
3585
|
-
};
|
|
3586
|
-
AuthMiddlewareQueue.prototype.runMiddleware = function (nextUser) {
|
|
3587
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
3588
|
-
var onAbortStack, _i, _a, beforeStateCallback, e_1, _b, onAbortStack_1, onAbort;
|
|
3589
|
-
return __generator(this, function (_c) {
|
|
3590
|
-
switch (_c.label) {
|
|
3591
|
-
case 0:
|
|
3592
|
-
if (this.auth.currentUser === nextUser) {
|
|
3593
|
-
return [2 /*return*/];
|
|
3594
|
-
}
|
|
3595
|
-
onAbortStack = [];
|
|
3596
|
-
_c.label = 1;
|
|
3597
|
-
case 1:
|
|
3598
|
-
_c.trys.push([1, 6, , 7]);
|
|
3599
|
-
_i = 0, _a = this.queue;
|
|
3600
|
-
_c.label = 2;
|
|
3601
|
-
case 2:
|
|
3602
|
-
if (!(_i < _a.length)) return [3 /*break*/, 5];
|
|
3603
|
-
beforeStateCallback = _a[_i];
|
|
3604
|
-
return [4 /*yield*/, beforeStateCallback(nextUser)];
|
|
3605
|
-
case 3:
|
|
3606
|
-
_c.sent();
|
|
3607
|
-
// Only push the onAbort if the callback succeeds
|
|
3608
|
-
if (beforeStateCallback.onAbort) {
|
|
3609
|
-
onAbortStack.push(beforeStateCallback.onAbort);
|
|
3610
|
-
}
|
|
3611
|
-
_c.label = 4;
|
|
3612
|
-
case 4:
|
|
3613
|
-
_i++;
|
|
3614
|
-
return [3 /*break*/, 2];
|
|
3615
|
-
case 5: return [3 /*break*/, 7];
|
|
3616
|
-
case 6:
|
|
3617
|
-
e_1 = _c.sent();
|
|
3618
|
-
// Run all onAbort, with separate try/catch to ignore any errors and
|
|
3619
|
-
// continue
|
|
3620
|
-
onAbortStack.reverse();
|
|
3621
|
-
for (_b = 0, onAbortStack_1 = onAbortStack; _b < onAbortStack_1.length; _b++) {
|
|
3622
|
-
onAbort = onAbortStack_1[_b];
|
|
3623
|
-
try {
|
|
3624
|
-
onAbort();
|
|
3625
|
-
}
|
|
3626
|
-
catch (_) {
|
|
3627
|
-
/* swallow error */
|
|
3628
|
-
}
|
|
3629
|
-
}
|
|
3630
|
-
throw this.auth._errorFactory.create("login-blocked" /* AuthErrorCode.LOGIN_BLOCKED */, {
|
|
3631
|
-
originalMessage: e_1 === null || e_1 === void 0 ? void 0 : e_1.message
|
|
3632
|
-
});
|
|
3633
|
-
case 7: return [2 /*return*/];
|
|
3634
|
-
}
|
|
3635
|
-
});
|
|
3636
|
-
});
|
|
3637
|
-
};
|
|
3638
|
-
return AuthMiddlewareQueue;
|
|
3571
|
+
if (maxPasswordLength) {
|
|
3572
|
+
status.meetsMaxPasswordLength = password.length <= maxPasswordLength;
|
|
3573
|
+
}
|
|
3574
|
+
};
|
|
3575
|
+
/**
|
|
3576
|
+
* Validates that the password meets the character options for the policy.
|
|
3577
|
+
*
|
|
3578
|
+
* @param password Password to validate.
|
|
3579
|
+
* @param status Validation status.
|
|
3580
|
+
*/
|
|
3581
|
+
PasswordPolicyImpl.prototype.validatePasswordCharacterOptions = function (password, status) {
|
|
3582
|
+
// Assign statuses for requirements even if the password is an empty string.
|
|
3583
|
+
this.updatePasswordCharacterOptionsStatuses(status,
|
|
3584
|
+
/* containsLowercaseCharacter= */ false,
|
|
3585
|
+
/* containsUppercaseCharacter= */ false,
|
|
3586
|
+
/* containsNumericCharacter= */ false,
|
|
3587
|
+
/* containsNonAlphanumericCharacter= */ false);
|
|
3588
|
+
var passwordChar;
|
|
3589
|
+
for (var i = 0; i < password.length; i++) {
|
|
3590
|
+
passwordChar = password.charAt(i);
|
|
3591
|
+
this.updatePasswordCharacterOptionsStatuses(status,
|
|
3592
|
+
/* containsLowercaseCharacter= */ passwordChar >= 'a' &&
|
|
3593
|
+
passwordChar <= 'z',
|
|
3594
|
+
/* containsUppercaseCharacter= */ passwordChar >= 'A' &&
|
|
3595
|
+
passwordChar <= 'Z',
|
|
3596
|
+
/* containsNumericCharacter= */ passwordChar >= '0' &&
|
|
3597
|
+
passwordChar <= '9',
|
|
3598
|
+
/* containsNonAlphanumericCharacter= */ this.allowedNonAlphanumericCharacters.includes(passwordChar));
|
|
3599
|
+
}
|
|
3600
|
+
};
|
|
3601
|
+
/**
|
|
3602
|
+
* Updates the running validation status with the statuses for the character options.
|
|
3603
|
+
* Expected to be called each time a character is processed to update each option status
|
|
3604
|
+
* based on the current character.
|
|
3605
|
+
*
|
|
3606
|
+
* @param status Validation status.
|
|
3607
|
+
* @param containsLowercaseCharacter Whether the character is a lowercase letter.
|
|
3608
|
+
* @param containsUppercaseCharacter Whether the character is an uppercase letter.
|
|
3609
|
+
* @param containsNumericCharacter Whether the character is a numeric character.
|
|
3610
|
+
* @param containsNonAlphanumericCharacter Whether the character is a non-alphanumeric character.
|
|
3611
|
+
*/
|
|
3612
|
+
PasswordPolicyImpl.prototype.updatePasswordCharacterOptionsStatuses = function (status, containsLowercaseCharacter, containsUppercaseCharacter, containsNumericCharacter, containsNonAlphanumericCharacter) {
|
|
3613
|
+
if (this.customStrengthOptions.containsLowercaseLetter) {
|
|
3614
|
+
status.containsLowercaseLetter || (status.containsLowercaseLetter = containsLowercaseCharacter);
|
|
3615
|
+
}
|
|
3616
|
+
if (this.customStrengthOptions.containsUppercaseLetter) {
|
|
3617
|
+
status.containsUppercaseLetter || (status.containsUppercaseLetter = containsUppercaseCharacter);
|
|
3618
|
+
}
|
|
3619
|
+
if (this.customStrengthOptions.containsNumericCharacter) {
|
|
3620
|
+
status.containsNumericCharacter || (status.containsNumericCharacter = containsNumericCharacter);
|
|
3621
|
+
}
|
|
3622
|
+
if (this.customStrengthOptions.containsNonAlphanumericCharacter) {
|
|
3623
|
+
status.containsNonAlphanumericCharacter || (status.containsNonAlphanumericCharacter = containsNonAlphanumericCharacter);
|
|
3624
|
+
}
|
|
3625
|
+
};
|
|
3626
|
+
return PasswordPolicyImpl;
|
|
3639
3627
|
}());
|
|
3640
3628
|
|
|
3641
3629
|
/**
|
|
@@ -3668,6 +3656,7 @@ var AuthImpl = /** @class */ (function () {
|
|
|
3668
3656
|
this.beforeStateQueue = new AuthMiddlewareQueue(this);
|
|
3669
3657
|
this.redirectUser = null;
|
|
3670
3658
|
this.isProactiveRefreshEnabled = false;
|
|
3659
|
+
this.EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION = 1;
|
|
3671
3660
|
// Any network calls will set this to true and prevent subsequent emulator
|
|
3672
3661
|
// initialization
|
|
3673
3662
|
this._canInitEmulator = true;
|
|
@@ -3678,6 +3667,8 @@ var AuthImpl = /** @class */ (function () {
|
|
|
3678
3667
|
this._errorFactory = _DEFAULT_AUTH_ERROR_FACTORY;
|
|
3679
3668
|
this._agentRecaptchaConfig = null;
|
|
3680
3669
|
this._tenantRecaptchaConfigs = {};
|
|
3670
|
+
this._projectPasswordPolicy = null;
|
|
3671
|
+
this._tenantPasswordPolicies = {};
|
|
3681
3672
|
// Tracks the last notified UID for state change listeners to prevent
|
|
3682
3673
|
// repeated calls to the callbacks. Undefined means it's never been
|
|
3683
3674
|
// called, whereas null means it's been called with a signed out user
|
|
@@ -4007,41 +3998,66 @@ var AuthImpl = /** @class */ (function () {
|
|
|
4007
3998
|
});
|
|
4008
3999
|
}); });
|
|
4009
4000
|
};
|
|
4010
|
-
AuthImpl.prototype.
|
|
4001
|
+
AuthImpl.prototype._getRecaptchaConfig = function () {
|
|
4002
|
+
if (this.tenantId == null) {
|
|
4003
|
+
return this._agentRecaptchaConfig;
|
|
4004
|
+
}
|
|
4005
|
+
else {
|
|
4006
|
+
return this._tenantRecaptchaConfigs[this.tenantId];
|
|
4007
|
+
}
|
|
4008
|
+
};
|
|
4009
|
+
AuthImpl.prototype.validatePassword = function (password) {
|
|
4011
4010
|
return __awaiter(this, void 0, void 0, function () {
|
|
4012
|
-
var
|
|
4011
|
+
var passwordPolicy;
|
|
4013
4012
|
return __generator(this, function (_a) {
|
|
4014
4013
|
switch (_a.label) {
|
|
4015
|
-
case 0:
|
|
4016
|
-
|
|
4017
|
-
|
|
4018
|
-
})];
|
|
4014
|
+
case 0:
|
|
4015
|
+
if (!!this._getPasswordPolicyInternal()) return [3 /*break*/, 2];
|
|
4016
|
+
return [4 /*yield*/, this._updatePasswordPolicy()];
|
|
4019
4017
|
case 1:
|
|
4020
|
-
|
|
4021
|
-
|
|
4022
|
-
|
|
4023
|
-
|
|
4024
|
-
|
|
4025
|
-
|
|
4026
|
-
|
|
4027
|
-
|
|
4028
|
-
|
|
4029
|
-
verifier = new RecaptchaEnterpriseVerifier(this);
|
|
4030
|
-
void verifier.verify();
|
|
4018
|
+
_a.sent();
|
|
4019
|
+
_a.label = 2;
|
|
4020
|
+
case 2:
|
|
4021
|
+
passwordPolicy = this._getPasswordPolicyInternal();
|
|
4022
|
+
// Check that the policy schema version is supported by the SDK.
|
|
4023
|
+
// TODO: Update this logic to use a max supported policy schema version once we have multiple schema versions.
|
|
4024
|
+
if (passwordPolicy.schemaVersion !==
|
|
4025
|
+
this.EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION) {
|
|
4026
|
+
return [2 /*return*/, Promise.reject(this._errorFactory.create("unsupported-password-policy-schema-version" /* AuthErrorCode.UNSUPPORTED_PASSWORD_POLICY_SCHEMA_VERSION */, {}))];
|
|
4031
4027
|
}
|
|
4032
|
-
return [2 /*return
|
|
4028
|
+
return [2 /*return*/, passwordPolicy.validatePassword(password)];
|
|
4033
4029
|
}
|
|
4034
4030
|
});
|
|
4035
4031
|
});
|
|
4036
4032
|
};
|
|
4037
|
-
AuthImpl.prototype.
|
|
4038
|
-
if (this.tenantId
|
|
4039
|
-
return this.
|
|
4033
|
+
AuthImpl.prototype._getPasswordPolicyInternal = function () {
|
|
4034
|
+
if (this.tenantId === null) {
|
|
4035
|
+
return this._projectPasswordPolicy;
|
|
4040
4036
|
}
|
|
4041
4037
|
else {
|
|
4042
|
-
return this.
|
|
4038
|
+
return this._tenantPasswordPolicies[this.tenantId];
|
|
4043
4039
|
}
|
|
4044
4040
|
};
|
|
4041
|
+
AuthImpl.prototype._updatePasswordPolicy = function () {
|
|
4042
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
4043
|
+
var response, passwordPolicy;
|
|
4044
|
+
return __generator(this, function (_a) {
|
|
4045
|
+
switch (_a.label) {
|
|
4046
|
+
case 0: return [4 /*yield*/, _getPasswordPolicy(this)];
|
|
4047
|
+
case 1:
|
|
4048
|
+
response = _a.sent();
|
|
4049
|
+
passwordPolicy = new PasswordPolicyImpl(response);
|
|
4050
|
+
if (this.tenantId === null) {
|
|
4051
|
+
this._projectPasswordPolicy = passwordPolicy;
|
|
4052
|
+
}
|
|
4053
|
+
else {
|
|
4054
|
+
this._tenantPasswordPolicies[this.tenantId] = passwordPolicy;
|
|
4055
|
+
}
|
|
4056
|
+
return [2 /*return*/];
|
|
4057
|
+
}
|
|
4058
|
+
});
|
|
4059
|
+
});
|
|
4060
|
+
};
|
|
4045
4061
|
AuthImpl.prototype._getPersistence = function () {
|
|
4046
4062
|
return this.assertedPersistence.persistence.type;
|
|
4047
4063
|
};
|
|
@@ -4208,18 +4224,32 @@ var AuthImpl = /** @class */ (function () {
|
|
|
4208
4224
|
var cb = typeof nextOrObserver === 'function'
|
|
4209
4225
|
? nextOrObserver
|
|
4210
4226
|
: nextOrObserver.next.bind(nextOrObserver);
|
|
4227
|
+
var isUnsubscribed = false;
|
|
4211
4228
|
var promise = this._isInitialized
|
|
4212
4229
|
? Promise.resolve()
|
|
4213
4230
|
: this._initializationPromise;
|
|
4214
4231
|
_assert(promise, this, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
|
|
4215
4232
|
// The callback needs to be called asynchronously per the spec.
|
|
4216
4233
|
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
|
4217
|
-
promise.then(function () {
|
|
4234
|
+
promise.then(function () {
|
|
4235
|
+
if (isUnsubscribed) {
|
|
4236
|
+
return;
|
|
4237
|
+
}
|
|
4238
|
+
cb(_this.currentUser);
|
|
4239
|
+
});
|
|
4218
4240
|
if (typeof nextOrObserver === 'function') {
|
|
4219
|
-
|
|
4241
|
+
var unsubscribe_2 = subscription.addObserver(nextOrObserver, error, completed);
|
|
4242
|
+
return function () {
|
|
4243
|
+
isUnsubscribed = true;
|
|
4244
|
+
unsubscribe_2();
|
|
4245
|
+
};
|
|
4220
4246
|
}
|
|
4221
4247
|
else {
|
|
4222
|
-
|
|
4248
|
+
var unsubscribe_3 = subscription.addObserver(nextOrObserver);
|
|
4249
|
+
return function () {
|
|
4250
|
+
isUnsubscribed = true;
|
|
4251
|
+
unsubscribe_3();
|
|
4252
|
+
};
|
|
4223
4253
|
}
|
|
4224
4254
|
};
|
|
4225
4255
|
/**
|
|
@@ -4317,54 +4347,280 @@ var AuthImpl = /** @class */ (function () {
|
|
|
4317
4347
|
AuthImpl.prototype._getAppCheckToken = function () {
|
|
4318
4348
|
var _a;
|
|
4319
4349
|
return __awaiter(this, void 0, void 0, function () {
|
|
4320
|
-
var appCheckTokenResult;
|
|
4321
|
-
return __generator(this, function (_b) {
|
|
4322
|
-
switch (_b.label) {
|
|
4323
|
-
case 0: return [4 /*yield*/, ((_a = this.appCheckServiceProvider
|
|
4324
|
-
.getImmediate({ optional: true })) === null || _a === void 0 ? void 0 : _a.getToken())];
|
|
4325
|
-
case 1:
|
|
4326
|
-
appCheckTokenResult = _b.sent();
|
|
4327
|
-
if (appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.error) {
|
|
4328
|
-
// Context: appCheck.getToken() will never throw even if an error happened.
|
|
4329
|
-
// In the error case, a dummy token will be returned along with an error field describing
|
|
4330
|
-
// the error. In general, we shouldn't care about the error condition and just use
|
|
4331
|
-
// the token (actual or dummy) to send requests.
|
|
4332
|
-
_logWarn("Error while retrieving App Check token: ".concat(appCheckTokenResult.error));
|
|
4350
|
+
var appCheckTokenResult;
|
|
4351
|
+
return __generator(this, function (_b) {
|
|
4352
|
+
switch (_b.label) {
|
|
4353
|
+
case 0: return [4 /*yield*/, ((_a = this.appCheckServiceProvider
|
|
4354
|
+
.getImmediate({ optional: true })) === null || _a === void 0 ? void 0 : _a.getToken())];
|
|
4355
|
+
case 1:
|
|
4356
|
+
appCheckTokenResult = _b.sent();
|
|
4357
|
+
if (appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.error) {
|
|
4358
|
+
// Context: appCheck.getToken() will never throw even if an error happened.
|
|
4359
|
+
// In the error case, a dummy token will be returned along with an error field describing
|
|
4360
|
+
// the error. In general, we shouldn't care about the error condition and just use
|
|
4361
|
+
// the token (actual or dummy) to send requests.
|
|
4362
|
+
_logWarn("Error while retrieving App Check token: ".concat(appCheckTokenResult.error));
|
|
4363
|
+
}
|
|
4364
|
+
return [2 /*return*/, appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.token];
|
|
4365
|
+
}
|
|
4366
|
+
});
|
|
4367
|
+
});
|
|
4368
|
+
};
|
|
4369
|
+
return AuthImpl;
|
|
4370
|
+
}());
|
|
4371
|
+
/**
|
|
4372
|
+
* Method to be used to cast down to our private implmentation of Auth.
|
|
4373
|
+
* It will also handle unwrapping from the compat type if necessary
|
|
4374
|
+
*
|
|
4375
|
+
* @param auth Auth object passed in from developer
|
|
4376
|
+
*/
|
|
4377
|
+
function _castAuth(auth) {
|
|
4378
|
+
return getModularInstance(auth);
|
|
4379
|
+
}
|
|
4380
|
+
/** Helper class to wrap subscriber logic */
|
|
4381
|
+
var Subscription = /** @class */ (function () {
|
|
4382
|
+
function Subscription(auth) {
|
|
4383
|
+
var _this = this;
|
|
4384
|
+
this.auth = auth;
|
|
4385
|
+
this.observer = null;
|
|
4386
|
+
this.addObserver = createSubscribe(function (observer) { return (_this.observer = observer); });
|
|
4387
|
+
}
|
|
4388
|
+
Object.defineProperty(Subscription.prototype, "next", {
|
|
4389
|
+
get: function () {
|
|
4390
|
+
_assert(this.observer, this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
|
|
4391
|
+
return this.observer.next.bind(this.observer);
|
|
4392
|
+
},
|
|
4393
|
+
enumerable: false,
|
|
4394
|
+
configurable: true
|
|
4395
|
+
});
|
|
4396
|
+
return Subscription;
|
|
4397
|
+
}());
|
|
4398
|
+
|
|
4399
|
+
/**
|
|
4400
|
+
* @license
|
|
4401
|
+
* Copyright 2020 Google LLC
|
|
4402
|
+
*
|
|
4403
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
4404
|
+
* you may not use this file except in compliance with the License.
|
|
4405
|
+
* You may obtain a copy of the License at
|
|
4406
|
+
*
|
|
4407
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
4408
|
+
*
|
|
4409
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
4410
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
4411
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
4412
|
+
* See the License for the specific language governing permissions and
|
|
4413
|
+
* limitations under the License.
|
|
4414
|
+
*/
|
|
4415
|
+
function getScriptParentElement() {
|
|
4416
|
+
var _a, _b;
|
|
4417
|
+
return (_b = (_a = document.getElementsByTagName('head')) === null || _a === void 0 ? void 0 : _a[0]) !== null && _b !== void 0 ? _b : document;
|
|
4418
|
+
}
|
|
4419
|
+
function _loadJS(url) {
|
|
4420
|
+
// TODO: consider adding timeout support & cancellation
|
|
4421
|
+
return new Promise(function (resolve, reject) {
|
|
4422
|
+
var el = document.createElement('script');
|
|
4423
|
+
el.setAttribute('src', url);
|
|
4424
|
+
el.onload = resolve;
|
|
4425
|
+
el.onerror = function (e) {
|
|
4426
|
+
var error = _createError("internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
|
|
4427
|
+
error.customData = e;
|
|
4428
|
+
reject(error);
|
|
4429
|
+
};
|
|
4430
|
+
el.type = 'text/javascript';
|
|
4431
|
+
el.charset = 'UTF-8';
|
|
4432
|
+
getScriptParentElement().appendChild(el);
|
|
4433
|
+
});
|
|
4434
|
+
}
|
|
4435
|
+
function _generateCallbackName(prefix) {
|
|
4436
|
+
return "__".concat(prefix).concat(Math.floor(Math.random() * 1000000));
|
|
4437
|
+
}
|
|
4438
|
+
|
|
4439
|
+
/* eslint-disable @typescript-eslint/no-require-imports */
|
|
4440
|
+
var RECAPTCHA_ENTERPRISE_URL = 'https://www.google.com/recaptcha/enterprise.js?render=';
|
|
4441
|
+
var RECAPTCHA_ENTERPRISE_VERIFIER_TYPE = 'recaptcha-enterprise';
|
|
4442
|
+
var FAKE_TOKEN = 'NO_RECAPTCHA';
|
|
4443
|
+
var RecaptchaEnterpriseVerifier = /** @class */ (function () {
|
|
4444
|
+
/**
|
|
4445
|
+
*
|
|
4446
|
+
* @param authExtern - The corresponding Firebase {@link Auth} instance.
|
|
4447
|
+
*
|
|
4448
|
+
*/
|
|
4449
|
+
function RecaptchaEnterpriseVerifier(authExtern) {
|
|
4450
|
+
/**
|
|
4451
|
+
* Identifies the type of application verifier (e.g. "recaptcha-enterprise").
|
|
4452
|
+
*/
|
|
4453
|
+
this.type = RECAPTCHA_ENTERPRISE_VERIFIER_TYPE;
|
|
4454
|
+
this.auth = _castAuth(authExtern);
|
|
4455
|
+
}
|
|
4456
|
+
/**
|
|
4457
|
+
* Executes the verification process.
|
|
4458
|
+
*
|
|
4459
|
+
* @returns A Promise for a token that can be used to assert the validity of a request.
|
|
4460
|
+
*/
|
|
4461
|
+
RecaptchaEnterpriseVerifier.prototype.verify = function (action, forceRefresh) {
|
|
4462
|
+
if (action === void 0) { action = 'verify'; }
|
|
4463
|
+
if (forceRefresh === void 0) { forceRefresh = false; }
|
|
4464
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
4465
|
+
function retrieveSiteKey(auth) {
|
|
4466
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
4467
|
+
var _this = this;
|
|
4468
|
+
return __generator(this, function (_a) {
|
|
4469
|
+
if (!forceRefresh) {
|
|
4470
|
+
if (auth.tenantId == null && auth._agentRecaptchaConfig != null) {
|
|
4471
|
+
return [2 /*return*/, auth._agentRecaptchaConfig.siteKey];
|
|
4472
|
+
}
|
|
4473
|
+
if (auth.tenantId != null &&
|
|
4474
|
+
auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined) {
|
|
4475
|
+
return [2 /*return*/, auth._tenantRecaptchaConfigs[auth.tenantId].siteKey];
|
|
4476
|
+
}
|
|
4333
4477
|
}
|
|
4334
|
-
return [2 /*return*/,
|
|
4478
|
+
return [2 /*return*/, new Promise(function (resolve, reject) { return __awaiter(_this, void 0, void 0, function () {
|
|
4479
|
+
return __generator(this, function (_a) {
|
|
4480
|
+
getRecaptchaConfig(auth, {
|
|
4481
|
+
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
|
|
4482
|
+
version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
4483
|
+
})
|
|
4484
|
+
.then(function (response) {
|
|
4485
|
+
if (response.recaptchaKey === undefined) {
|
|
4486
|
+
reject(new Error('recaptcha Enterprise site key undefined'));
|
|
4487
|
+
}
|
|
4488
|
+
else {
|
|
4489
|
+
var config = new RecaptchaConfig(response);
|
|
4490
|
+
if (auth.tenantId == null) {
|
|
4491
|
+
auth._agentRecaptchaConfig = config;
|
|
4492
|
+
}
|
|
4493
|
+
else {
|
|
4494
|
+
auth._tenantRecaptchaConfigs[auth.tenantId] = config;
|
|
4495
|
+
}
|
|
4496
|
+
return resolve(config.siteKey);
|
|
4497
|
+
}
|
|
4498
|
+
})
|
|
4499
|
+
.catch(function (error) {
|
|
4500
|
+
reject(error);
|
|
4501
|
+
});
|
|
4502
|
+
return [2 /*return*/];
|
|
4503
|
+
});
|
|
4504
|
+
}); })];
|
|
4505
|
+
});
|
|
4506
|
+
});
|
|
4507
|
+
}
|
|
4508
|
+
function retrieveRecaptchaToken(siteKey, resolve, reject) {
|
|
4509
|
+
var grecaptcha = window.grecaptcha;
|
|
4510
|
+
if (isEnterprise(grecaptcha)) {
|
|
4511
|
+
grecaptcha.enterprise.ready(function () {
|
|
4512
|
+
grecaptcha.enterprise
|
|
4513
|
+
.execute(siteKey, { action: action })
|
|
4514
|
+
.then(function (token) {
|
|
4515
|
+
resolve(token);
|
|
4516
|
+
})
|
|
4517
|
+
.catch(function () {
|
|
4518
|
+
resolve(FAKE_TOKEN);
|
|
4519
|
+
});
|
|
4520
|
+
});
|
|
4521
|
+
}
|
|
4522
|
+
else {
|
|
4523
|
+
reject(Error('No reCAPTCHA enterprise script loaded.'));
|
|
4335
4524
|
}
|
|
4525
|
+
}
|
|
4526
|
+
var _this = this;
|
|
4527
|
+
return __generator(this, function (_a) {
|
|
4528
|
+
return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
4529
|
+
retrieveSiteKey(_this.auth)
|
|
4530
|
+
.then(function (siteKey) {
|
|
4531
|
+
if (!forceRefresh && isEnterprise(window.grecaptcha)) {
|
|
4532
|
+
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
4533
|
+
}
|
|
4534
|
+
else {
|
|
4535
|
+
if (typeof window === 'undefined') {
|
|
4536
|
+
reject(new Error('RecaptchaVerifier is only supported in browser'));
|
|
4537
|
+
return;
|
|
4538
|
+
}
|
|
4539
|
+
_loadJS(RECAPTCHA_ENTERPRISE_URL + siteKey)
|
|
4540
|
+
.then(function () {
|
|
4541
|
+
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
4542
|
+
})
|
|
4543
|
+
.catch(function (error) {
|
|
4544
|
+
reject(error);
|
|
4545
|
+
});
|
|
4546
|
+
}
|
|
4547
|
+
})
|
|
4548
|
+
.catch(function (error) {
|
|
4549
|
+
reject(error);
|
|
4550
|
+
});
|
|
4551
|
+
})];
|
|
4336
4552
|
});
|
|
4337
4553
|
});
|
|
4338
4554
|
};
|
|
4339
|
-
return
|
|
4555
|
+
return RecaptchaEnterpriseVerifier;
|
|
4340
4556
|
}());
|
|
4341
|
-
|
|
4342
|
-
|
|
4343
|
-
|
|
4344
|
-
|
|
4345
|
-
|
|
4346
|
-
|
|
4347
|
-
|
|
4348
|
-
|
|
4557
|
+
function injectRecaptchaFields(auth, request, action, captchaResp) {
|
|
4558
|
+
if (captchaResp === void 0) { captchaResp = false; }
|
|
4559
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
4560
|
+
var verifier, captchaResponse, newRequest;
|
|
4561
|
+
return __generator(this, function (_a) {
|
|
4562
|
+
switch (_a.label) {
|
|
4563
|
+
case 0:
|
|
4564
|
+
verifier = new RecaptchaEnterpriseVerifier(auth);
|
|
4565
|
+
_a.label = 1;
|
|
4566
|
+
case 1:
|
|
4567
|
+
_a.trys.push([1, 3, , 5]);
|
|
4568
|
+
return [4 /*yield*/, verifier.verify(action)];
|
|
4569
|
+
case 2:
|
|
4570
|
+
captchaResponse = _a.sent();
|
|
4571
|
+
return [3 /*break*/, 5];
|
|
4572
|
+
case 3:
|
|
4573
|
+
_a.sent();
|
|
4574
|
+
return [4 /*yield*/, verifier.verify(action, true)];
|
|
4575
|
+
case 4:
|
|
4576
|
+
captchaResponse = _a.sent();
|
|
4577
|
+
return [3 /*break*/, 5];
|
|
4578
|
+
case 5:
|
|
4579
|
+
newRequest = __assign({}, request);
|
|
4580
|
+
if (!captchaResp) {
|
|
4581
|
+
Object.assign(newRequest, { captchaResponse: captchaResponse });
|
|
4582
|
+
}
|
|
4583
|
+
else {
|
|
4584
|
+
Object.assign(newRequest, { 'captchaResp': captchaResponse });
|
|
4585
|
+
}
|
|
4586
|
+
Object.assign(newRequest, { 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ });
|
|
4587
|
+
Object.assign(newRequest, {
|
|
4588
|
+
'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
4589
|
+
});
|
|
4590
|
+
return [2 /*return*/, newRequest];
|
|
4591
|
+
}
|
|
4592
|
+
});
|
|
4593
|
+
});
|
|
4349
4594
|
}
|
|
4350
|
-
|
|
4351
|
-
|
|
4352
|
-
|
|
4353
|
-
|
|
4354
|
-
|
|
4355
|
-
|
|
4356
|
-
|
|
4357
|
-
|
|
4358
|
-
|
|
4359
|
-
|
|
4360
|
-
|
|
4361
|
-
|
|
4362
|
-
|
|
4363
|
-
|
|
4364
|
-
|
|
4595
|
+
function _initializeRecaptchaConfig(auth) {
|
|
4596
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
4597
|
+
var authInternal, response, config, verifier;
|
|
4598
|
+
return __generator(this, function (_a) {
|
|
4599
|
+
switch (_a.label) {
|
|
4600
|
+
case 0:
|
|
4601
|
+
authInternal = _castAuth(auth);
|
|
4602
|
+
return [4 /*yield*/, getRecaptchaConfig(authInternal, {
|
|
4603
|
+
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
|
|
4604
|
+
version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
4605
|
+
})];
|
|
4606
|
+
case 1:
|
|
4607
|
+
response = _a.sent();
|
|
4608
|
+
config = new RecaptchaConfig(response);
|
|
4609
|
+
if (authInternal.tenantId == null) {
|
|
4610
|
+
authInternal._agentRecaptchaConfig = config;
|
|
4611
|
+
}
|
|
4612
|
+
else {
|
|
4613
|
+
authInternal._tenantRecaptchaConfigs[authInternal.tenantId] = config;
|
|
4614
|
+
}
|
|
4615
|
+
if (config.emailPasswordEnabled) {
|
|
4616
|
+
verifier = new RecaptchaEnterpriseVerifier(authInternal);
|
|
4617
|
+
void verifier.verify();
|
|
4618
|
+
}
|
|
4619
|
+
return [2 /*return*/];
|
|
4620
|
+
}
|
|
4621
|
+
});
|
|
4365
4622
|
});
|
|
4366
|
-
|
|
4367
|
-
}());
|
|
4623
|
+
}
|
|
4368
4624
|
|
|
4369
4625
|
/**
|
|
4370
4626
|
* @license
|
|
@@ -7024,6 +7280,36 @@ function _setActionCodeSettingsOnRequest(auth, request, actionCodeSettings) {
|
|
|
7024
7280
|
* See the License for the specific language governing permissions and
|
|
7025
7281
|
* limitations under the License.
|
|
7026
7282
|
*/
|
|
7283
|
+
/**
|
|
7284
|
+
* Updates the password policy cached in the {@link Auth} instance if a policy is already
|
|
7285
|
+
* cached for the project or tenant.
|
|
7286
|
+
*
|
|
7287
|
+
* @remarks
|
|
7288
|
+
* We only fetch the password policy if the password did not meet policy requirements and
|
|
7289
|
+
* there is an existing policy cached. A developer must call validatePassword at least
|
|
7290
|
+
* once for the cache to be automatically updated.
|
|
7291
|
+
*
|
|
7292
|
+
* @param auth - The {@link Auth} instance.
|
|
7293
|
+
*
|
|
7294
|
+
* @private
|
|
7295
|
+
*/
|
|
7296
|
+
function recachePasswordPolicy(auth) {
|
|
7297
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
7298
|
+
var authInternal;
|
|
7299
|
+
return __generator(this, function (_a) {
|
|
7300
|
+
switch (_a.label) {
|
|
7301
|
+
case 0:
|
|
7302
|
+
authInternal = _castAuth(auth);
|
|
7303
|
+
if (!authInternal._getPasswordPolicyInternal()) return [3 /*break*/, 2];
|
|
7304
|
+
return [4 /*yield*/, authInternal._updatePasswordPolicy()];
|
|
7305
|
+
case 1:
|
|
7306
|
+
_a.sent();
|
|
7307
|
+
_a.label = 2;
|
|
7308
|
+
case 2: return [2 /*return*/];
|
|
7309
|
+
}
|
|
7310
|
+
});
|
|
7311
|
+
});
|
|
7312
|
+
}
|
|
7027
7313
|
/**
|
|
7028
7314
|
* Sends a password reset email to the given email address.
|
|
7029
7315
|
*
|
|
@@ -7127,12 +7413,22 @@ function sendPasswordResetEmail(auth, email, actionCodeSettings) {
|
|
|
7127
7413
|
*/
|
|
7128
7414
|
function confirmPasswordReset(auth, oobCode, newPassword) {
|
|
7129
7415
|
return __awaiter(this, void 0, void 0, function () {
|
|
7416
|
+
var _this = this;
|
|
7130
7417
|
return __generator(this, function (_a) {
|
|
7131
7418
|
switch (_a.label) {
|
|
7132
7419
|
case 0: return [4 /*yield*/, resetPassword(getModularInstance(auth), {
|
|
7133
7420
|
oobCode: oobCode,
|
|
7134
7421
|
newPassword: newPassword
|
|
7135
|
-
})
|
|
7422
|
+
})
|
|
7423
|
+
.catch(function (error) { return __awaiter(_this, void 0, void 0, function () {
|
|
7424
|
+
return __generator(this, function (_a) {
|
|
7425
|
+
if (error.code ===
|
|
7426
|
+
"auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
|
|
7427
|
+
void recachePasswordPolicy(auth);
|
|
7428
|
+
}
|
|
7429
|
+
throw error;
|
|
7430
|
+
});
|
|
7431
|
+
}); })];
|
|
7136
7432
|
case 1:
|
|
7137
7433
|
_a.sent();
|
|
7138
7434
|
return [2 /*return*/];
|
|
@@ -7288,13 +7584,16 @@ function createUserWithEmailAndPassword(auth, email, password) {
|
|
|
7288
7584
|
case 1:
|
|
7289
7585
|
requestWithRecaptcha = _a.sent();
|
|
7290
7586
|
return [2 /*return*/, signUp(authInternal, requestWithRecaptcha)];
|
|
7291
|
-
case 2:
|
|
7587
|
+
case 2: throw error;
|
|
7292
7588
|
}
|
|
7293
7589
|
});
|
|
7294
7590
|
}); });
|
|
7295
7591
|
_b.label = 3;
|
|
7296
7592
|
case 3: return [4 /*yield*/, signUpResponse.catch(function (error) {
|
|
7297
|
-
|
|
7593
|
+
if (error.code === "auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
|
|
7594
|
+
void recachePasswordPolicy(auth);
|
|
7595
|
+
}
|
|
7596
|
+
throw error;
|
|
7298
7597
|
})];
|
|
7299
7598
|
case 4:
|
|
7300
7599
|
response = _b.sent();
|
|
@@ -7326,7 +7625,15 @@ function createUserWithEmailAndPassword(auth, email, password) {
|
|
|
7326
7625
|
* @public
|
|
7327
7626
|
*/
|
|
7328
7627
|
function signInWithEmailAndPassword(auth, email, password) {
|
|
7329
|
-
|
|
7628
|
+
var _this = this;
|
|
7629
|
+
return signInWithCredential(getModularInstance(auth), EmailAuthProvider.credential(email, password)).catch(function (error) { return __awaiter(_this, void 0, void 0, function () {
|
|
7630
|
+
return __generator(this, function (_a) {
|
|
7631
|
+
if (error.code === "auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
|
|
7632
|
+
void recachePasswordPolicy(auth);
|
|
7633
|
+
}
|
|
7634
|
+
throw error;
|
|
7635
|
+
});
|
|
7636
|
+
}); });
|
|
7330
7637
|
}
|
|
7331
7638
|
|
|
7332
7639
|
/**
|
|
@@ -8064,8 +8371,39 @@ function setPersistence(auth, persistence) {
|
|
|
8064
8371
|
* @public
|
|
8065
8372
|
*/
|
|
8066
8373
|
function initializeRecaptchaConfig(auth) {
|
|
8067
|
-
|
|
8068
|
-
|
|
8374
|
+
return _initializeRecaptchaConfig(auth);
|
|
8375
|
+
}
|
|
8376
|
+
/**
|
|
8377
|
+
* Validates the password against the password policy configured for the project or tenant.
|
|
8378
|
+
*
|
|
8379
|
+
* @remarks
|
|
8380
|
+
* If no tenant ID is set on the `Auth` instance, then this method will use the password
|
|
8381
|
+
* policy configured for the project. Otherwise, this method will use the policy configured
|
|
8382
|
+
* for the tenant. If a password policy has not been configured, then the default policy
|
|
8383
|
+
* configured for all projects will be used.
|
|
8384
|
+
*
|
|
8385
|
+
* If an auth flow fails because a submitted password does not meet the password policy
|
|
8386
|
+
* requirements and this method has previously been called, then this method will use the
|
|
8387
|
+
* most recent policy available when called again.
|
|
8388
|
+
*
|
|
8389
|
+
* @example
|
|
8390
|
+
* ```javascript
|
|
8391
|
+
* validatePassword(auth, 'some-password');
|
|
8392
|
+
* ```
|
|
8393
|
+
*
|
|
8394
|
+
* @param auth The {@link Auth} instance.
|
|
8395
|
+
* @param password The password to validate.
|
|
8396
|
+
*
|
|
8397
|
+
* @public
|
|
8398
|
+
*/
|
|
8399
|
+
function validatePassword(auth, password) {
|
|
8400
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
8401
|
+
var authInternal;
|
|
8402
|
+
return __generator(this, function (_a) {
|
|
8403
|
+
authInternal = _castAuth(auth);
|
|
8404
|
+
return [2 /*return*/, authInternal.validatePassword(password)];
|
|
8405
|
+
});
|
|
8406
|
+
});
|
|
8069
8407
|
}
|
|
8070
8408
|
/**
|
|
8071
8409
|
* Adds an observer for changes to the signed-in user's ID token.
|
|
@@ -8487,7 +8825,7 @@ function multiFactor(user) {
|
|
|
8487
8825
|
}
|
|
8488
8826
|
|
|
8489
8827
|
var name = "@firebase/auth";
|
|
8490
|
-
var version = "1.
|
|
8828
|
+
var version = "1.2.0-canary.309f7a914";
|
|
8491
8829
|
|
|
8492
8830
|
/**
|
|
8493
8831
|
* @license
|
|
@@ -10690,5 +11028,5 @@ function generateNoEvent() {
|
|
|
10690
11028
|
};
|
|
10691
11029
|
}
|
|
10692
11030
|
|
|
10693
|
-
export {
|
|
10694
|
-
//# sourceMappingURL=popup_redirect-
|
|
11031
|
+
export { sendSignInLinkToEmail as $, ActionCodeOperation as A, inMemoryPersistence as B, EmailAuthProvider as C, FacebookAuthProvider as D, EmailAuthCredential as E, FactorId as F, GoogleAuthProvider as G, GithubAuthProvider as H, OAuthProvider as I, SAMLAuthProvider as J, signInAnonymously as K, signInWithCredential as L, linkWithCredential as M, reauthenticateWithCredential as N, OperationType as O, ProviderId as P, signInWithCustomToken as Q, sendPasswordResetEmail as R, SignInMethod as S, TwitterAuthProvider as T, confirmPasswordReset as U, applyActionCode as V, checkActionCode as W, verifyPasswordResetCode as X, createUserWithEmailAndPassword as Y, signInWithEmailAndPassword as Z, _signInWithRedirect as _, _reauthenticateWithRedirect as a, _getClientVersion as a$, isSignInWithEmailLink as a0, signInWithEmailLink as a1, fetchSignInMethodsForEmail as a2, sendEmailVerification as a3, verifyBeforeUpdateEmail as a4, ActionCodeURL as a5, parseActionCodeURL as a6, updateProfile as a7, updateEmail as a8, updatePassword as a9, AbstractPopupRedirectOperation as aA, _assertInstanceOf as aB, _withDefaultResolver as aC, FederatedAuthProvider as aD, _fail as aE, _getProjectConfig as aF, _getCurrentUrl as aG, _emulatorUrl as aH, _isChromeIOS as aI, _isFirefox as aJ, _isIOSStandalone as aK, _getRedirectUrl as aL, _setWindowLocation as aM, _isMobileBrowser as aN, _isSafari as aO, _isIOS as aP, _getRedirectResult as aQ, _overrideRedirectResult as aR, AuthEventManager as aS, debugFail as aT, finalizeEnrollPhoneMfa as aU, finalizeEnrollTotpMfa as aV, startEnrollTotpMfa as aW, _persistenceKeyName as aX, UserImpl as aY, _getInstance as aZ, AuthImpl as a_, getIdToken as aa, getIdTokenResult as ab, unlink as ac, getAdditionalUserInfo as ad, reload as ae, getMultiFactorResolver as af, multiFactor as ag, _performApiRequest as ah, _addTidIfNecessary as ai, _assert as aj, Delay as ak, _window as al, isV2 as am, _createError as an, _loadJS as ao, _generateCallbackName as ap, getRecaptchaParams as aq, _isHttpOrHttps as ar, _isWorker as as, _castAuth as at, _assertLinkedStatus as au, sendPhoneVerificationCode as av, startEnrollPhoneMfa as aw, _link$1 as ax, debugAssert as ay, _generateEventId as az, _linkWithRedirect as b, FetchProvider as b0, SAMLAuthCredential as b1, signInWithRedirect as b2, linkWithRedirect as b3, reauthenticateWithRedirect as b4, indexedDBLocalPersistence as c, cordovaPopupRedirectResolver as d, browserLocalPersistence as e, browserSessionPersistence as f, getRedirectResult as g, initializeRecaptchaConfig as h, initializeAuth as i, beforeAuthStateChanged as j, onAuthStateChanged as k, updateCurrentUser as l, signOut as m, deleteUser as n, onIdTokenChanged as o, debugErrorMap as p, prodErrorMap as q, registerAuth as r, setPersistence as s, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as t, useDeviceLanguage as u, validatePassword as v, connectAuthEmulator as w, AuthCredential as x, OAuthCredential as y, PhoneAuthCredential as z };
|
|
11032
|
+
//# sourceMappingURL=popup_redirect-63074918.js.map
|