@firebase/auth 1.1.0 → 1.2.0-canary.78d2738c2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +28 -1
- package/dist/auth-public.d.ts +119 -0
- package/dist/auth.d.ts +179 -2
- package/dist/browser-cjs/{index-0b2238be.js → index-86319583.js} +566 -278
- package/dist/browser-cjs/index-86319583.js.map +1 -0
- package/dist/browser-cjs/index.js +3 -2
- package/dist/browser-cjs/index.js.map +1 -1
- package/dist/browser-cjs/internal.js +3 -2
- package/dist/browser-cjs/internal.js.map +1 -1
- package/dist/browser-cjs/src/api/errors.d.ts +2 -1
- package/dist/browser-cjs/src/api/index.d.ts +2 -1
- package/dist/browser-cjs/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/browser-cjs/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/browser-cjs/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/browser-cjs/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/browser-cjs/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/browser-cjs/src/core/errors.d.ts +3 -1
- package/dist/browser-cjs/src/core/index.d.ts +25 -1
- package/dist/browser-cjs/src/model/auth.d.ts +7 -2
- package/dist/browser-cjs/src/model/password_policy.d.ts +111 -0
- package/dist/browser-cjs/src/model/public_types.d.ts +88 -0
- package/dist/browser-cjs/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/browser-cjs/src/platform_node/index.d.ts +1 -0
- package/dist/browser-cjs/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/browser-cjs/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/cordova/index.js +2 -2
- package/dist/cordova/internal.js +2 -2
- package/dist/cordova/{popup_redirect-71c1ff0a.js → popup_redirect-4fa20060.js} +754 -416
- package/dist/cordova/popup_redirect-4fa20060.js.map +1 -0
- package/dist/cordova/src/api/errors.d.ts +2 -1
- package/dist/cordova/src/api/index.d.ts +2 -1
- package/dist/cordova/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/cordova/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/cordova/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/cordova/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/cordova/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/cordova/src/core/errors.d.ts +3 -1
- package/dist/cordova/src/core/index.d.ts +25 -1
- package/dist/cordova/src/model/auth.d.ts +7 -2
- package/dist/cordova/src/model/password_policy.d.ts +111 -0
- package/dist/cordova/src/model/public_types.d.ts +88 -0
- package/dist/cordova/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/cordova/src/platform_node/index.d.ts +1 -0
- package/dist/cordova/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/cordova/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/esm2017/{index-e24386e7.js → index-0a61cd84.js} +566 -279
- package/dist/esm2017/index-0a61cd84.js.map +1 -0
- package/dist/esm2017/index.js +2 -2
- package/dist/esm2017/internal.js +3 -3
- package/dist/esm2017/src/api/errors.d.ts +2 -1
- package/dist/esm2017/src/api/index.d.ts +2 -1
- package/dist/esm2017/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/esm2017/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/esm2017/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/esm2017/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/esm2017/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/esm2017/src/core/errors.d.ts +3 -1
- package/dist/esm2017/src/core/index.d.ts +25 -1
- package/dist/esm2017/src/model/auth.d.ts +7 -2
- package/dist/esm2017/src/model/password_policy.d.ts +111 -0
- package/dist/esm2017/src/model/public_types.d.ts +88 -0
- package/dist/esm2017/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/esm2017/src/platform_node/index.d.ts +1 -0
- package/dist/esm2017/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/esm2017/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/esm5/{index-be7bff78.js → index-e3004618.js} +754 -416
- package/dist/esm5/index-e3004618.js.map +1 -0
- package/dist/esm5/index.js +1 -1
- package/dist/esm5/internal.js +2 -2
- package/dist/esm5/src/api/errors.d.ts +2 -1
- package/dist/esm5/src/api/index.d.ts +2 -1
- package/dist/esm5/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/esm5/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/esm5/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/esm5/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/esm5/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/esm5/src/core/errors.d.ts +3 -1
- package/dist/esm5/src/core/index.d.ts +25 -1
- package/dist/esm5/src/model/auth.d.ts +7 -2
- package/dist/esm5/src/model/password_policy.d.ts +111 -0
- package/dist/esm5/src/model/public_types.d.ts +88 -0
- package/dist/esm5/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/esm5/src/platform_node/index.d.ts +1 -0
- package/dist/esm5/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/esm5/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/index.webworker.esm5.js +828 -490
- package/dist/index.webworker.esm5.js.map +1 -1
- package/dist/node/index.js +2 -1
- package/dist/node/index.js.map +1 -1
- package/dist/node/internal.js +2 -1
- package/dist/node/internal.js.map +1 -1
- package/dist/node/src/api/errors.d.ts +2 -1
- package/dist/node/src/api/index.d.ts +2 -1
- package/dist/node/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/node/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/node/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/node/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/node/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/node/src/core/errors.d.ts +3 -1
- package/dist/node/src/core/index.d.ts +25 -1
- package/dist/node/src/model/auth.d.ts +7 -2
- package/dist/node/src/model/password_policy.d.ts +111 -0
- package/dist/node/src/model/public_types.d.ts +88 -0
- package/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/node/src/platform_node/index.d.ts +1 -0
- package/dist/node/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/node/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/node/{totp-8a876b1a.js → totp-6f13b95f.js} +717 -378
- package/dist/node/totp-6f13b95f.js.map +1 -0
- package/dist/node-esm/index.js +1 -1
- package/dist/node-esm/internal.js +2 -2
- package/dist/node-esm/src/api/errors.d.ts +2 -1
- package/dist/node-esm/src/api/index.d.ts +2 -1
- package/dist/node-esm/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/node-esm/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/node-esm/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/node-esm/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/node-esm/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/node-esm/src/core/errors.d.ts +3 -1
- package/dist/node-esm/src/core/index.d.ts +25 -1
- package/dist/node-esm/src/model/auth.d.ts +7 -2
- package/dist/node-esm/src/model/password_policy.d.ts +111 -0
- package/dist/node-esm/src/model/public_types.d.ts +88 -0
- package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/node-esm/src/platform_node/index.d.ts +1 -0
- package/dist/node-esm/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/node-esm/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/node-esm/{totp-04ac595e.js → totp-3d18bd9e.js} +554 -267
- package/dist/node-esm/totp-3d18bd9e.js.map +1 -0
- package/dist/rn/index.js +2 -1
- package/dist/rn/index.js.map +1 -1
- package/dist/rn/internal.js +2 -1
- package/dist/rn/internal.js.map +1 -1
- package/dist/rn/{phone-2132481b.js → phone-e617de09.js} +734 -395
- package/dist/rn/phone-e617de09.js.map +1 -0
- package/dist/rn/src/api/errors.d.ts +2 -1
- package/dist/rn/src/api/index.d.ts +2 -1
- package/dist/rn/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/rn/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/rn/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/rn/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/rn/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/rn/src/core/errors.d.ts +3 -1
- package/dist/rn/src/core/index.d.ts +25 -1
- package/dist/rn/src/model/auth.d.ts +7 -2
- package/dist/rn/src/model/password_policy.d.ts +111 -0
- package/dist/rn/src/model/public_types.d.ts +88 -0
- package/dist/rn/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/rn/src/platform_node/index.d.ts +1 -0
- package/dist/rn/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/rn/test/integration/flows/password_policy.test.d.ts +17 -0
- package/dist/src/api/errors.d.ts +2 -1
- package/dist/src/api/index.d.ts +2 -1
- package/dist/src/api/password_policy/get_password_policy.d.ts +48 -0
- package/dist/src/api/password_policy/get_password_policy.test.d.ts +17 -0
- package/dist/src/core/auth/auth_impl.d.ts +8 -2
- package/dist/src/core/auth/password_policy_impl.d.ts +59 -0
- package/dist/src/core/auth/password_policy_impl.test.d.ts +17 -0
- package/dist/src/core/errors.d.ts +3 -1
- package/dist/src/core/index.d.ts +25 -1
- package/dist/src/model/auth.d.ts +7 -2
- package/dist/src/model/password_policy.d.ts +111 -0
- package/dist/src/model/public_types.d.ts +88 -0
- package/dist/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts +1 -0
- package/dist/src/platform_node/index.d.ts +1 -0
- package/dist/test/helpers/integration/helpers.d.ts +7 -1
- package/dist/test/integration/flows/password_policy.test.d.ts +17 -0
- package/package.json +6 -6
- package/dist/browser-cjs/index-0b2238be.js.map +0 -1
- package/dist/cordova/popup_redirect-71c1ff0a.js.map +0 -1
- package/dist/esm2017/index-e24386e7.js.map +0 -1
- package/dist/esm5/index-be7bff78.js.map +0 -1
- package/dist/node/totp-8a876b1a.js.map +0 -1
- package/dist/node-esm/totp-04ac595e.js.map +0 -1
- package/dist/rn/phone-2132481b.js.map +0 -1
|
@@ -103,6 +103,53 @@ var ActionCodeOperation = {
|
|
|
103
103
|
VERIFY_EMAIL: 'VERIFY_EMAIL'
|
|
104
104
|
};
|
|
105
105
|
|
|
106
|
+
/**
|
|
107
|
+
* @license
|
|
108
|
+
* Copyright 2020 Google LLC
|
|
109
|
+
*
|
|
110
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
111
|
+
* you may not use this file except in compliance with the License.
|
|
112
|
+
* You may obtain a copy of the License at
|
|
113
|
+
*
|
|
114
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
115
|
+
*
|
|
116
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
117
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
118
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
119
|
+
* See the License for the specific language governing permissions and
|
|
120
|
+
* limitations under the License.
|
|
121
|
+
*/
|
|
122
|
+
function isV2(grecaptcha) {
|
|
123
|
+
return (grecaptcha !== undefined &&
|
|
124
|
+
grecaptcha.getResponse !== undefined);
|
|
125
|
+
}
|
|
126
|
+
function isEnterprise(grecaptcha) {
|
|
127
|
+
return (grecaptcha !== undefined &&
|
|
128
|
+
grecaptcha.enterprise !== undefined);
|
|
129
|
+
}
|
|
130
|
+
var RecaptchaConfig = /** @class */ (function () {
|
|
131
|
+
function RecaptchaConfig(response) {
|
|
132
|
+
/**
|
|
133
|
+
* The reCAPTCHA site key.
|
|
134
|
+
*/
|
|
135
|
+
this.siteKey = '';
|
|
136
|
+
/**
|
|
137
|
+
* The reCAPTCHA enablement status of the {@link EmailAuthProvider} for the current tenant.
|
|
138
|
+
*/
|
|
139
|
+
this.emailPasswordEnabled = false;
|
|
140
|
+
if (response.recaptchaKey === undefined) {
|
|
141
|
+
throw new Error('recaptchaKey undefined');
|
|
142
|
+
}
|
|
143
|
+
// Example response.recaptchaKey: "projects/proj123/keys/sitekey123"
|
|
144
|
+
this.siteKey = response.recaptchaKey.split('/')[3];
|
|
145
|
+
this.emailPasswordEnabled = response.recaptchaEnforcementState.some(function (enforcementState) {
|
|
146
|
+
return enforcementState.provider === 'EMAIL_PASSWORD_PROVIDER' &&
|
|
147
|
+
enforcementState.enforcementState !== 'OFF';
|
|
148
|
+
});
|
|
149
|
+
}
|
|
150
|
+
return RecaptchaConfig;
|
|
151
|
+
}());
|
|
152
|
+
|
|
106
153
|
/**
|
|
107
154
|
* @license
|
|
108
155
|
* Copyright 2020 Google LLC
|
|
@@ -275,6 +322,8 @@ function _debugErrorMap() {
|
|
|
275
322
|
_a["missing-recaptcha-version" /* AuthErrorCode.MISSING_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is missing when sending request to the backend.',
|
|
276
323
|
_a["invalid-req-type" /* AuthErrorCode.INVALID_REQ_TYPE */] = 'Invalid request parameters.',
|
|
277
324
|
_a["invalid-recaptcha-version" /* AuthErrorCode.INVALID_RECAPTCHA_VERSION */] = 'The reCAPTCHA version is invalid when sending request to the backend.',
|
|
325
|
+
_a["unsupported-password-policy-schema-version" /* AuthErrorCode.UNSUPPORTED_PASSWORD_POLICY_SCHEMA_VERSION */] = 'The password policy received from the backend uses a schema version that is not supported by this version of the Firebase SDK.',
|
|
326
|
+
_a["password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */] = 'The password does not meet the requirements.',
|
|
278
327
|
_a;
|
|
279
328
|
}
|
|
280
329
|
function _prodErrorMap() {
|
|
@@ -820,6 +869,7 @@ var SERVER_ERROR_MAP = (_a$1 = {},
|
|
|
820
869
|
_a$1["USER_NOT_FOUND" /* ServerError.USER_NOT_FOUND */] = "user-token-expired" /* AuthErrorCode.TOKEN_EXPIRED */,
|
|
821
870
|
// Other errors.
|
|
822
871
|
_a$1["TOO_MANY_ATTEMPTS_TRY_LATER" /* ServerError.TOO_MANY_ATTEMPTS_TRY_LATER */] = "too-many-requests" /* AuthErrorCode.TOO_MANY_ATTEMPTS_TRY_LATER */,
|
|
872
|
+
_a$1["PASSWORD_DOES_NOT_MEET_REQUIREMENTS" /* ServerError.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */] = "password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */,
|
|
823
873
|
// Phone Auth related errors.
|
|
824
874
|
_a$1["INVALID_CODE" /* ServerError.INVALID_CODE */] = "invalid-verification-code" /* AuthErrorCode.INVALID_CODE */,
|
|
825
875
|
_a$1["INVALID_SESSION_INFO" /* ServerError.INVALID_SESSION_INFO */] = "invalid-verification-id" /* AuthErrorCode.INVALID_SESSION_INFO */,
|
|
@@ -1045,6 +1095,40 @@ function _makeTaggedError(auth, code, response) {
|
|
|
1045
1095
|
return error;
|
|
1046
1096
|
}
|
|
1047
1097
|
|
|
1098
|
+
/**
|
|
1099
|
+
* @license
|
|
1100
|
+
* Copyright 2020 Google LLC
|
|
1101
|
+
*
|
|
1102
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
1103
|
+
* you may not use this file except in compliance with the License.
|
|
1104
|
+
* You may obtain a copy of the License at
|
|
1105
|
+
*
|
|
1106
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
1107
|
+
*
|
|
1108
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
1109
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
1110
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
1111
|
+
* See the License for the specific language governing permissions and
|
|
1112
|
+
* limitations under the License.
|
|
1113
|
+
*/
|
|
1114
|
+
function getRecaptchaParams(auth) {
|
|
1115
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
1116
|
+
return __generator(this, function (_a) {
|
|
1117
|
+
switch (_a.label) {
|
|
1118
|
+
case 0: return [4 /*yield*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v1/recaptchaParams" /* Endpoint.GET_RECAPTCHA_PARAM */)];
|
|
1119
|
+
case 1: return [2 /*return*/, ((_a.sent()).recaptchaSiteKey || '')];
|
|
1120
|
+
}
|
|
1121
|
+
});
|
|
1122
|
+
});
|
|
1123
|
+
}
|
|
1124
|
+
function getRecaptchaConfig(auth, request) {
|
|
1125
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
1126
|
+
return __generator(this, function (_a) {
|
|
1127
|
+
return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/recaptchaConfig" /* Endpoint.GET_RECAPTCHA_CONFIG */, _addTidIfNecessary(auth, request))];
|
|
1128
|
+
});
|
|
1129
|
+
});
|
|
1130
|
+
}
|
|
1131
|
+
|
|
1048
1132
|
/**
|
|
1049
1133
|
* @license
|
|
1050
1134
|
* Copyright 2020 Google LLC
|
|
@@ -2443,7 +2527,7 @@ function _getClientVersion(clientPlatform, frameworks) {
|
|
|
2443
2527
|
|
|
2444
2528
|
/**
|
|
2445
2529
|
* @license
|
|
2446
|
-
* Copyright
|
|
2530
|
+
* Copyright 2022 Google LLC
|
|
2447
2531
|
*
|
|
2448
2532
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2449
2533
|
* you may not use this file except in compliance with the License.
|
|
@@ -2457,27 +2541,129 @@ function _getClientVersion(clientPlatform, frameworks) {
|
|
|
2457
2541
|
* See the License for the specific language governing permissions and
|
|
2458
2542
|
* limitations under the License.
|
|
2459
2543
|
*/
|
|
2460
|
-
function
|
|
2461
|
-
|
|
2462
|
-
|
|
2463
|
-
|
|
2464
|
-
|
|
2465
|
-
|
|
2466
|
-
|
|
2544
|
+
var AuthMiddlewareQueue = /** @class */ (function () {
|
|
2545
|
+
function AuthMiddlewareQueue(auth) {
|
|
2546
|
+
this.auth = auth;
|
|
2547
|
+
this.queue = [];
|
|
2548
|
+
}
|
|
2549
|
+
AuthMiddlewareQueue.prototype.pushCallback = function (callback, onAbort) {
|
|
2550
|
+
var _this = this;
|
|
2551
|
+
// The callback could be sync or async. Wrap it into a
|
|
2552
|
+
// function that is always async.
|
|
2553
|
+
var wrappedCallback = function (user) {
|
|
2554
|
+
return new Promise(function (resolve, reject) {
|
|
2555
|
+
try {
|
|
2556
|
+
var result = callback(user);
|
|
2557
|
+
// Either resolve with existing promise or wrap a non-promise
|
|
2558
|
+
// return value into a promise.
|
|
2559
|
+
resolve(result);
|
|
2560
|
+
}
|
|
2561
|
+
catch (e) {
|
|
2562
|
+
// Sync callback throws.
|
|
2563
|
+
reject(e);
|
|
2564
|
+
}
|
|
2565
|
+
});
|
|
2566
|
+
};
|
|
2567
|
+
// Attach the onAbort if present
|
|
2568
|
+
wrappedCallback.onAbort = onAbort;
|
|
2569
|
+
this.queue.push(wrappedCallback);
|
|
2570
|
+
var index = this.queue.length - 1;
|
|
2571
|
+
return function () {
|
|
2572
|
+
// Unsubscribe. Replace with no-op. Do not remove from array, or it will disturb
|
|
2573
|
+
// indexing of other elements.
|
|
2574
|
+
_this.queue[index] = function () { return Promise.resolve(); };
|
|
2575
|
+
};
|
|
2576
|
+
};
|
|
2577
|
+
AuthMiddlewareQueue.prototype.runMiddleware = function (nextUser) {
|
|
2578
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
2579
|
+
var onAbortStack, _i, _a, beforeStateCallback, e_1, _b, onAbortStack_1, onAbort;
|
|
2580
|
+
return __generator(this, function (_c) {
|
|
2581
|
+
switch (_c.label) {
|
|
2582
|
+
case 0:
|
|
2583
|
+
if (this.auth.currentUser === nextUser) {
|
|
2584
|
+
return [2 /*return*/];
|
|
2585
|
+
}
|
|
2586
|
+
onAbortStack = [];
|
|
2587
|
+
_c.label = 1;
|
|
2588
|
+
case 1:
|
|
2589
|
+
_c.trys.push([1, 6, , 7]);
|
|
2590
|
+
_i = 0, _a = this.queue;
|
|
2591
|
+
_c.label = 2;
|
|
2592
|
+
case 2:
|
|
2593
|
+
if (!(_i < _a.length)) return [3 /*break*/, 5];
|
|
2594
|
+
beforeStateCallback = _a[_i];
|
|
2595
|
+
return [4 /*yield*/, beforeStateCallback(nextUser)];
|
|
2596
|
+
case 3:
|
|
2597
|
+
_c.sent();
|
|
2598
|
+
// Only push the onAbort if the callback succeeds
|
|
2599
|
+
if (beforeStateCallback.onAbort) {
|
|
2600
|
+
onAbortStack.push(beforeStateCallback.onAbort);
|
|
2601
|
+
}
|
|
2602
|
+
_c.label = 4;
|
|
2603
|
+
case 4:
|
|
2604
|
+
_i++;
|
|
2605
|
+
return [3 /*break*/, 2];
|
|
2606
|
+
case 5: return [3 /*break*/, 7];
|
|
2607
|
+
case 6:
|
|
2608
|
+
e_1 = _c.sent();
|
|
2609
|
+
// Run all onAbort, with separate try/catch to ignore any errors and
|
|
2610
|
+
// continue
|
|
2611
|
+
onAbortStack.reverse();
|
|
2612
|
+
for (_b = 0, onAbortStack_1 = onAbortStack; _b < onAbortStack_1.length; _b++) {
|
|
2613
|
+
onAbort = onAbortStack_1[_b];
|
|
2614
|
+
try {
|
|
2615
|
+
onAbort();
|
|
2616
|
+
}
|
|
2617
|
+
catch (_) {
|
|
2618
|
+
/* swallow error */
|
|
2619
|
+
}
|
|
2620
|
+
}
|
|
2621
|
+
throw this.auth._errorFactory.create("login-blocked" /* AuthErrorCode.LOGIN_BLOCKED */, {
|
|
2622
|
+
originalMessage: e_1 === null || e_1 === void 0 ? void 0 : e_1.message
|
|
2623
|
+
});
|
|
2624
|
+
case 7: return [2 /*return*/];
|
|
2625
|
+
}
|
|
2626
|
+
});
|
|
2467
2627
|
});
|
|
2468
|
-
}
|
|
2469
|
-
|
|
2470
|
-
|
|
2628
|
+
};
|
|
2629
|
+
return AuthMiddlewareQueue;
|
|
2630
|
+
}());
|
|
2631
|
+
|
|
2632
|
+
/**
|
|
2633
|
+
* @license
|
|
2634
|
+
* Copyright 2023 Google LLC
|
|
2635
|
+
*
|
|
2636
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2637
|
+
* you may not use this file except in compliance with the License.
|
|
2638
|
+
* You may obtain a copy of the License at
|
|
2639
|
+
*
|
|
2640
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
2641
|
+
*
|
|
2642
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
2643
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
2644
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
2645
|
+
* See the License for the specific language governing permissions and
|
|
2646
|
+
* limitations under the License.
|
|
2647
|
+
*/
|
|
2648
|
+
/**
|
|
2649
|
+
* Fetches the password policy for the currently set tenant or the project if no tenant is set.
|
|
2650
|
+
*
|
|
2651
|
+
* @param auth Auth object.
|
|
2652
|
+
* @param request Password policy request.
|
|
2653
|
+
* @returns Password policy response.
|
|
2654
|
+
*/
|
|
2655
|
+
function _getPasswordPolicy(auth, request) {
|
|
2656
|
+
if (request === void 0) { request = {}; }
|
|
2471
2657
|
return __awaiter(this, void 0, void 0, function () {
|
|
2472
2658
|
return __generator(this, function (_a) {
|
|
2473
|
-
return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/
|
|
2659
|
+
return [2 /*return*/, _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/passwordPolicy" /* Endpoint.GET_PASSWORD_POLICY */, _addTidIfNecessary(auth, request))];
|
|
2474
2660
|
});
|
|
2475
2661
|
});
|
|
2476
2662
|
}
|
|
2477
2663
|
|
|
2478
2664
|
/**
|
|
2479
2665
|
* @license
|
|
2480
|
-
* Copyright
|
|
2666
|
+
* Copyright 2023 Google LLC
|
|
2481
2667
|
*
|
|
2482
2668
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2483
2669
|
* you may not use this file except in compliance with the License.
|
|
@@ -2491,336 +2677,138 @@ function getRecaptchaConfig(auth, request) {
|
|
|
2491
2677
|
* See the License for the specific language governing permissions and
|
|
2492
2678
|
* limitations under the License.
|
|
2493
2679
|
*/
|
|
2494
|
-
|
|
2495
|
-
|
|
2496
|
-
|
|
2497
|
-
|
|
2498
|
-
|
|
2499
|
-
|
|
2500
|
-
|
|
2501
|
-
|
|
2502
|
-
|
|
2503
|
-
|
|
2504
|
-
|
|
2505
|
-
|
|
2506
|
-
|
|
2507
|
-
|
|
2508
|
-
|
|
2509
|
-
|
|
2510
|
-
|
|
2511
|
-
|
|
2512
|
-
|
|
2513
|
-
|
|
2680
|
+
// Minimum min password length enforced by the backend, even if no minimum length is set.
|
|
2681
|
+
var MINIMUM_MIN_PASSWORD_LENGTH = 6;
|
|
2682
|
+
/**
|
|
2683
|
+
* Stores password policy requirements and provides password validation against the policy.
|
|
2684
|
+
*
|
|
2685
|
+
* @internal
|
|
2686
|
+
*/
|
|
2687
|
+
var PasswordPolicyImpl = /** @class */ (function () {
|
|
2688
|
+
function PasswordPolicyImpl(response) {
|
|
2689
|
+
var _a, _b, _c, _d;
|
|
2690
|
+
// Only include custom strength options defined in the response.
|
|
2691
|
+
var responseOptions = response.customStrengthOptions;
|
|
2692
|
+
this.customStrengthOptions = {};
|
|
2693
|
+
// TODO: Remove once the backend is updated to include the minimum min password length instead of undefined when there is no minimum length set.
|
|
2694
|
+
this.customStrengthOptions.minPasswordLength =
|
|
2695
|
+
(_a = responseOptions.minPasswordLength) !== null && _a !== void 0 ? _a : MINIMUM_MIN_PASSWORD_LENGTH;
|
|
2696
|
+
if (responseOptions.maxPasswordLength) {
|
|
2697
|
+
this.customStrengthOptions.maxPasswordLength =
|
|
2698
|
+
responseOptions.maxPasswordLength;
|
|
2699
|
+
}
|
|
2700
|
+
if (responseOptions.containsLowercaseCharacter !== undefined) {
|
|
2701
|
+
this.customStrengthOptions.containsLowercaseLetter =
|
|
2702
|
+
responseOptions.containsLowercaseCharacter;
|
|
2703
|
+
}
|
|
2704
|
+
if (responseOptions.containsUppercaseCharacter !== undefined) {
|
|
2705
|
+
this.customStrengthOptions.containsUppercaseLetter =
|
|
2706
|
+
responseOptions.containsUppercaseCharacter;
|
|
2707
|
+
}
|
|
2708
|
+
if (responseOptions.containsNumericCharacter !== undefined) {
|
|
2709
|
+
this.customStrengthOptions.containsNumericCharacter =
|
|
2710
|
+
responseOptions.containsNumericCharacter;
|
|
2711
|
+
}
|
|
2712
|
+
if (responseOptions.containsNonAlphanumericCharacter !== undefined) {
|
|
2713
|
+
this.customStrengthOptions.containsNonAlphanumericCharacter =
|
|
2714
|
+
responseOptions.containsNonAlphanumericCharacter;
|
|
2715
|
+
}
|
|
2716
|
+
this.enforcementState = response.enforcementState;
|
|
2717
|
+
if (this.enforcementState === 'ENFORCEMENT_STATE_UNSPECIFIED') {
|
|
2718
|
+
this.enforcementState = 'OFF';
|
|
2719
|
+
}
|
|
2720
|
+
// Use an empty string if no non-alphanumeric characters are specified in the response.
|
|
2721
|
+
this.allowedNonAlphanumericCharacters =
|
|
2722
|
+
(_c = (_b = response.allowedNonAlphanumericCharacters) === null || _b === void 0 ? void 0 : _b.join('')) !== null && _c !== void 0 ? _c : '';
|
|
2723
|
+
this.forceUpgradeOnSignin = (_d = response.forceUpgradeOnSignin) !== null && _d !== void 0 ? _d : false;
|
|
2724
|
+
this.schemaVersion = response.schemaVersion;
|
|
2725
|
+
}
|
|
2726
|
+
PasswordPolicyImpl.prototype.validatePassword = function (password) {
|
|
2727
|
+
var _a, _b, _c, _d, _e, _f;
|
|
2728
|
+
var status = {
|
|
2729
|
+
isValid: true,
|
|
2730
|
+
passwordPolicy: this
|
|
2731
|
+
};
|
|
2732
|
+
// Check the password length and character options.
|
|
2733
|
+
this.validatePasswordLengthOptions(password, status);
|
|
2734
|
+
this.validatePasswordCharacterOptions(password, status);
|
|
2735
|
+
// Combine the status into single isValid property.
|
|
2736
|
+
status.isValid && (status.isValid = (_a = status.meetsMinPasswordLength) !== null && _a !== void 0 ? _a : true);
|
|
2737
|
+
status.isValid && (status.isValid = (_b = status.meetsMaxPasswordLength) !== null && _b !== void 0 ? _b : true);
|
|
2738
|
+
status.isValid && (status.isValid = (_c = status.containsLowercaseLetter) !== null && _c !== void 0 ? _c : true);
|
|
2739
|
+
status.isValid && (status.isValid = (_d = status.containsUppercaseLetter) !== null && _d !== void 0 ? _d : true);
|
|
2740
|
+
status.isValid && (status.isValid = (_e = status.containsNumericCharacter) !== null && _e !== void 0 ? _e : true);
|
|
2741
|
+
status.isValid && (status.isValid = (_f = status.containsNonAlphanumericCharacter) !== null && _f !== void 0 ? _f : true);
|
|
2742
|
+
return status;
|
|
2743
|
+
};
|
|
2744
|
+
/**
|
|
2745
|
+
* Validates that the password meets the length options for the policy.
|
|
2746
|
+
*
|
|
2747
|
+
* @param password Password to validate.
|
|
2748
|
+
* @param status Validation status.
|
|
2749
|
+
*/
|
|
2750
|
+
PasswordPolicyImpl.prototype.validatePasswordLengthOptions = function (password, status) {
|
|
2751
|
+
var minPasswordLength = this.customStrengthOptions.minPasswordLength;
|
|
2752
|
+
var maxPasswordLength = this.customStrengthOptions.maxPasswordLength;
|
|
2753
|
+
if (minPasswordLength) {
|
|
2754
|
+
status.meetsMinPasswordLength = password.length >= minPasswordLength;
|
|
2514
2755
|
}
|
|
2515
|
-
|
|
2516
|
-
|
|
2517
|
-
|
|
2518
|
-
|
|
2519
|
-
|
|
2520
|
-
|
|
2521
|
-
|
|
2522
|
-
|
|
2523
|
-
|
|
2524
|
-
|
|
2525
|
-
|
|
2526
|
-
|
|
2527
|
-
|
|
2528
|
-
|
|
2529
|
-
|
|
2530
|
-
|
|
2531
|
-
|
|
2532
|
-
|
|
2533
|
-
|
|
2534
|
-
|
|
2535
|
-
|
|
2536
|
-
|
|
2537
|
-
|
|
2538
|
-
|
|
2539
|
-
|
|
2540
|
-
*/
|
|
2541
|
-
|
|
2542
|
-
|
|
2543
|
-
|
|
2544
|
-
}
|
|
2545
|
-
|
|
2546
|
-
|
|
2547
|
-
|
|
2548
|
-
|
|
2549
|
-
|
|
2550
|
-
|
|
2551
|
-
|
|
2552
|
-
|
|
2553
|
-
|
|
2554
|
-
|
|
2555
|
-
|
|
2556
|
-
|
|
2557
|
-
|
|
2558
|
-
|
|
2559
|
-
|
|
2560
|
-
|
|
2561
|
-
|
|
2562
|
-
|
|
2563
|
-
|
|
2564
|
-
|
|
2565
|
-
|
|
2566
|
-
|
|
2567
|
-
|
|
2568
|
-
|
|
2569
|
-
|
|
2570
|
-
|
|
2571
|
-
*
|
|
2572
|
-
* @param authExtern - The corresponding Firebase {@link Auth} instance.
|
|
2573
|
-
*
|
|
2574
|
-
*/
|
|
2575
|
-
function RecaptchaEnterpriseVerifier(authExtern) {
|
|
2576
|
-
/**
|
|
2577
|
-
* Identifies the type of application verifier (e.g. "recaptcha-enterprise").
|
|
2578
|
-
*/
|
|
2579
|
-
this.type = RECAPTCHA_ENTERPRISE_VERIFIER_TYPE;
|
|
2580
|
-
this.auth = _castAuth(authExtern);
|
|
2581
|
-
}
|
|
2582
|
-
/**
|
|
2583
|
-
* Executes the verification process.
|
|
2584
|
-
*
|
|
2585
|
-
* @returns A Promise for a token that can be used to assert the validity of a request.
|
|
2586
|
-
*/
|
|
2587
|
-
RecaptchaEnterpriseVerifier.prototype.verify = function (action, forceRefresh) {
|
|
2588
|
-
if (action === void 0) { action = 'verify'; }
|
|
2589
|
-
if (forceRefresh === void 0) { forceRefresh = false; }
|
|
2590
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
2591
|
-
function retrieveSiteKey(auth) {
|
|
2592
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
2593
|
-
var _this = this;
|
|
2594
|
-
return __generator(this, function (_a) {
|
|
2595
|
-
if (!forceRefresh) {
|
|
2596
|
-
if (auth.tenantId == null && auth._agentRecaptchaConfig != null) {
|
|
2597
|
-
return [2 /*return*/, auth._agentRecaptchaConfig.siteKey];
|
|
2598
|
-
}
|
|
2599
|
-
if (auth.tenantId != null &&
|
|
2600
|
-
auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined) {
|
|
2601
|
-
return [2 /*return*/, auth._tenantRecaptchaConfigs[auth.tenantId].siteKey];
|
|
2602
|
-
}
|
|
2603
|
-
}
|
|
2604
|
-
return [2 /*return*/, new Promise(function (resolve, reject) { return __awaiter(_this, void 0, void 0, function () {
|
|
2605
|
-
return __generator(this, function (_a) {
|
|
2606
|
-
getRecaptchaConfig(auth, {
|
|
2607
|
-
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
|
|
2608
|
-
version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
2609
|
-
})
|
|
2610
|
-
.then(function (response) {
|
|
2611
|
-
if (response.recaptchaKey === undefined) {
|
|
2612
|
-
reject(new Error('recaptcha Enterprise site key undefined'));
|
|
2613
|
-
}
|
|
2614
|
-
else {
|
|
2615
|
-
var config = new RecaptchaConfig(response);
|
|
2616
|
-
if (auth.tenantId == null) {
|
|
2617
|
-
auth._agentRecaptchaConfig = config;
|
|
2618
|
-
}
|
|
2619
|
-
else {
|
|
2620
|
-
auth._tenantRecaptchaConfigs[auth.tenantId] = config;
|
|
2621
|
-
}
|
|
2622
|
-
return resolve(config.siteKey);
|
|
2623
|
-
}
|
|
2624
|
-
})
|
|
2625
|
-
.catch(function (error) {
|
|
2626
|
-
reject(error);
|
|
2627
|
-
});
|
|
2628
|
-
return [2 /*return*/];
|
|
2629
|
-
});
|
|
2630
|
-
}); })];
|
|
2631
|
-
});
|
|
2632
|
-
});
|
|
2633
|
-
}
|
|
2634
|
-
function retrieveRecaptchaToken(siteKey, resolve, reject) {
|
|
2635
|
-
var grecaptcha = window.grecaptcha;
|
|
2636
|
-
if (isEnterprise(grecaptcha)) {
|
|
2637
|
-
grecaptcha.enterprise.ready(function () {
|
|
2638
|
-
grecaptcha.enterprise
|
|
2639
|
-
.execute(siteKey, { action: action })
|
|
2640
|
-
.then(function (token) {
|
|
2641
|
-
resolve(token);
|
|
2642
|
-
})
|
|
2643
|
-
.catch(function () {
|
|
2644
|
-
resolve(FAKE_TOKEN);
|
|
2645
|
-
});
|
|
2646
|
-
});
|
|
2647
|
-
}
|
|
2648
|
-
else {
|
|
2649
|
-
reject(Error('No reCAPTCHA enterprise script loaded.'));
|
|
2650
|
-
}
|
|
2651
|
-
}
|
|
2652
|
-
var _this = this;
|
|
2653
|
-
return __generator(this, function (_a) {
|
|
2654
|
-
return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
2655
|
-
retrieveSiteKey(_this.auth)
|
|
2656
|
-
.then(function (siteKey) {
|
|
2657
|
-
if (!forceRefresh && isEnterprise(window.grecaptcha)) {
|
|
2658
|
-
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
2659
|
-
}
|
|
2660
|
-
else {
|
|
2661
|
-
if (typeof window === 'undefined') {
|
|
2662
|
-
reject(new Error('RecaptchaVerifier is only supported in browser'));
|
|
2663
|
-
return;
|
|
2664
|
-
}
|
|
2665
|
-
_loadJS(RECAPTCHA_ENTERPRISE_URL + siteKey)
|
|
2666
|
-
.then(function () {
|
|
2667
|
-
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
2668
|
-
})
|
|
2669
|
-
.catch(function (error) {
|
|
2670
|
-
reject(error);
|
|
2671
|
-
});
|
|
2672
|
-
}
|
|
2673
|
-
})
|
|
2674
|
-
.catch(function (error) {
|
|
2675
|
-
reject(error);
|
|
2676
|
-
});
|
|
2677
|
-
})];
|
|
2678
|
-
});
|
|
2679
|
-
});
|
|
2680
|
-
};
|
|
2681
|
-
return RecaptchaEnterpriseVerifier;
|
|
2682
|
-
}());
|
|
2683
|
-
function injectRecaptchaFields(auth, request, action, captchaResp) {
|
|
2684
|
-
if (captchaResp === void 0) { captchaResp = false; }
|
|
2685
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
2686
|
-
var verifier, captchaResponse, newRequest;
|
|
2687
|
-
return __generator(this, function (_a) {
|
|
2688
|
-
switch (_a.label) {
|
|
2689
|
-
case 0:
|
|
2690
|
-
verifier = new RecaptchaEnterpriseVerifier(auth);
|
|
2691
|
-
_a.label = 1;
|
|
2692
|
-
case 1:
|
|
2693
|
-
_a.trys.push([1, 3, , 5]);
|
|
2694
|
-
return [4 /*yield*/, verifier.verify(action)];
|
|
2695
|
-
case 2:
|
|
2696
|
-
captchaResponse = _a.sent();
|
|
2697
|
-
return [3 /*break*/, 5];
|
|
2698
|
-
case 3:
|
|
2699
|
-
_a.sent();
|
|
2700
|
-
return [4 /*yield*/, verifier.verify(action, true)];
|
|
2701
|
-
case 4:
|
|
2702
|
-
captchaResponse = _a.sent();
|
|
2703
|
-
return [3 /*break*/, 5];
|
|
2704
|
-
case 5:
|
|
2705
|
-
newRequest = __assign({}, request);
|
|
2706
|
-
if (!captchaResp) {
|
|
2707
|
-
Object.assign(newRequest, { captchaResponse: captchaResponse });
|
|
2708
|
-
}
|
|
2709
|
-
else {
|
|
2710
|
-
Object.assign(newRequest, { 'captchaResp': captchaResponse });
|
|
2711
|
-
}
|
|
2712
|
-
Object.assign(newRequest, { 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ });
|
|
2713
|
-
Object.assign(newRequest, {
|
|
2714
|
-
'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
2715
|
-
});
|
|
2716
|
-
return [2 /*return*/, newRequest];
|
|
2717
|
-
}
|
|
2718
|
-
});
|
|
2719
|
-
});
|
|
2720
|
-
}
|
|
2721
|
-
|
|
2722
|
-
/**
|
|
2723
|
-
* @license
|
|
2724
|
-
* Copyright 2022 Google LLC
|
|
2725
|
-
*
|
|
2726
|
-
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
2727
|
-
* you may not use this file except in compliance with the License.
|
|
2728
|
-
* You may obtain a copy of the License at
|
|
2729
|
-
*
|
|
2730
|
-
* http://www.apache.org/licenses/LICENSE-2.0
|
|
2731
|
-
*
|
|
2732
|
-
* Unless required by applicable law or agreed to in writing, software
|
|
2733
|
-
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
2734
|
-
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
2735
|
-
* See the License for the specific language governing permissions and
|
|
2736
|
-
* limitations under the License.
|
|
2737
|
-
*/
|
|
2738
|
-
var AuthMiddlewareQueue = /** @class */ (function () {
|
|
2739
|
-
function AuthMiddlewareQueue(auth) {
|
|
2740
|
-
this.auth = auth;
|
|
2741
|
-
this.queue = [];
|
|
2742
|
-
}
|
|
2743
|
-
AuthMiddlewareQueue.prototype.pushCallback = function (callback, onAbort) {
|
|
2744
|
-
var _this = this;
|
|
2745
|
-
// The callback could be sync or async. Wrap it into a
|
|
2746
|
-
// function that is always async.
|
|
2747
|
-
var wrappedCallback = function (user) {
|
|
2748
|
-
return new Promise(function (resolve, reject) {
|
|
2749
|
-
try {
|
|
2750
|
-
var result = callback(user);
|
|
2751
|
-
// Either resolve with existing promise or wrap a non-promise
|
|
2752
|
-
// return value into a promise.
|
|
2753
|
-
resolve(result);
|
|
2754
|
-
}
|
|
2755
|
-
catch (e) {
|
|
2756
|
-
// Sync callback throws.
|
|
2757
|
-
reject(e);
|
|
2758
|
-
}
|
|
2759
|
-
});
|
|
2760
|
-
};
|
|
2761
|
-
// Attach the onAbort if present
|
|
2762
|
-
wrappedCallback.onAbort = onAbort;
|
|
2763
|
-
this.queue.push(wrappedCallback);
|
|
2764
|
-
var index = this.queue.length - 1;
|
|
2765
|
-
return function () {
|
|
2766
|
-
// Unsubscribe. Replace with no-op. Do not remove from array, or it will disturb
|
|
2767
|
-
// indexing of other elements.
|
|
2768
|
-
_this.queue[index] = function () { return Promise.resolve(); };
|
|
2769
|
-
};
|
|
2770
|
-
};
|
|
2771
|
-
AuthMiddlewareQueue.prototype.runMiddleware = function (nextUser) {
|
|
2772
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
2773
|
-
var onAbortStack, _i, _a, beforeStateCallback, e_1, _b, onAbortStack_1, onAbort;
|
|
2774
|
-
return __generator(this, function (_c) {
|
|
2775
|
-
switch (_c.label) {
|
|
2776
|
-
case 0:
|
|
2777
|
-
if (this.auth.currentUser === nextUser) {
|
|
2778
|
-
return [2 /*return*/];
|
|
2779
|
-
}
|
|
2780
|
-
onAbortStack = [];
|
|
2781
|
-
_c.label = 1;
|
|
2782
|
-
case 1:
|
|
2783
|
-
_c.trys.push([1, 6, , 7]);
|
|
2784
|
-
_i = 0, _a = this.queue;
|
|
2785
|
-
_c.label = 2;
|
|
2786
|
-
case 2:
|
|
2787
|
-
if (!(_i < _a.length)) return [3 /*break*/, 5];
|
|
2788
|
-
beforeStateCallback = _a[_i];
|
|
2789
|
-
return [4 /*yield*/, beforeStateCallback(nextUser)];
|
|
2790
|
-
case 3:
|
|
2791
|
-
_c.sent();
|
|
2792
|
-
// Only push the onAbort if the callback succeeds
|
|
2793
|
-
if (beforeStateCallback.onAbort) {
|
|
2794
|
-
onAbortStack.push(beforeStateCallback.onAbort);
|
|
2795
|
-
}
|
|
2796
|
-
_c.label = 4;
|
|
2797
|
-
case 4:
|
|
2798
|
-
_i++;
|
|
2799
|
-
return [3 /*break*/, 2];
|
|
2800
|
-
case 5: return [3 /*break*/, 7];
|
|
2801
|
-
case 6:
|
|
2802
|
-
e_1 = _c.sent();
|
|
2803
|
-
// Run all onAbort, with separate try/catch to ignore any errors and
|
|
2804
|
-
// continue
|
|
2805
|
-
onAbortStack.reverse();
|
|
2806
|
-
for (_b = 0, onAbortStack_1 = onAbortStack; _b < onAbortStack_1.length; _b++) {
|
|
2807
|
-
onAbort = onAbortStack_1[_b];
|
|
2808
|
-
try {
|
|
2809
|
-
onAbort();
|
|
2810
|
-
}
|
|
2811
|
-
catch (_) {
|
|
2812
|
-
/* swallow error */
|
|
2813
|
-
}
|
|
2814
|
-
}
|
|
2815
|
-
throw this.auth._errorFactory.create("login-blocked" /* AuthErrorCode.LOGIN_BLOCKED */, {
|
|
2816
|
-
originalMessage: e_1 === null || e_1 === void 0 ? void 0 : e_1.message
|
|
2817
|
-
});
|
|
2818
|
-
case 7: return [2 /*return*/];
|
|
2819
|
-
}
|
|
2820
|
-
});
|
|
2821
|
-
});
|
|
2822
|
-
};
|
|
2823
|
-
return AuthMiddlewareQueue;
|
|
2756
|
+
if (maxPasswordLength) {
|
|
2757
|
+
status.meetsMaxPasswordLength = password.length <= maxPasswordLength;
|
|
2758
|
+
}
|
|
2759
|
+
};
|
|
2760
|
+
/**
|
|
2761
|
+
* Validates that the password meets the character options for the policy.
|
|
2762
|
+
*
|
|
2763
|
+
* @param password Password to validate.
|
|
2764
|
+
* @param status Validation status.
|
|
2765
|
+
*/
|
|
2766
|
+
PasswordPolicyImpl.prototype.validatePasswordCharacterOptions = function (password, status) {
|
|
2767
|
+
// Assign statuses for requirements even if the password is an empty string.
|
|
2768
|
+
this.updatePasswordCharacterOptionsStatuses(status,
|
|
2769
|
+
/* containsLowercaseCharacter= */ false,
|
|
2770
|
+
/* containsUppercaseCharacter= */ false,
|
|
2771
|
+
/* containsNumericCharacter= */ false,
|
|
2772
|
+
/* containsNonAlphanumericCharacter= */ false);
|
|
2773
|
+
var passwordChar;
|
|
2774
|
+
for (var i = 0; i < password.length; i++) {
|
|
2775
|
+
passwordChar = password.charAt(i);
|
|
2776
|
+
this.updatePasswordCharacterOptionsStatuses(status,
|
|
2777
|
+
/* containsLowercaseCharacter= */ passwordChar >= 'a' &&
|
|
2778
|
+
passwordChar <= 'z',
|
|
2779
|
+
/* containsUppercaseCharacter= */ passwordChar >= 'A' &&
|
|
2780
|
+
passwordChar <= 'Z',
|
|
2781
|
+
/* containsNumericCharacter= */ passwordChar >= '0' &&
|
|
2782
|
+
passwordChar <= '9',
|
|
2783
|
+
/* containsNonAlphanumericCharacter= */ this.allowedNonAlphanumericCharacters.includes(passwordChar));
|
|
2784
|
+
}
|
|
2785
|
+
};
|
|
2786
|
+
/**
|
|
2787
|
+
* Updates the running validation status with the statuses for the character options.
|
|
2788
|
+
* Expected to be called each time a character is processed to update each option status
|
|
2789
|
+
* based on the current character.
|
|
2790
|
+
*
|
|
2791
|
+
* @param status Validation status.
|
|
2792
|
+
* @param containsLowercaseCharacter Whether the character is a lowercase letter.
|
|
2793
|
+
* @param containsUppercaseCharacter Whether the character is an uppercase letter.
|
|
2794
|
+
* @param containsNumericCharacter Whether the character is a numeric character.
|
|
2795
|
+
* @param containsNonAlphanumericCharacter Whether the character is a non-alphanumeric character.
|
|
2796
|
+
*/
|
|
2797
|
+
PasswordPolicyImpl.prototype.updatePasswordCharacterOptionsStatuses = function (status, containsLowercaseCharacter, containsUppercaseCharacter, containsNumericCharacter, containsNonAlphanumericCharacter) {
|
|
2798
|
+
if (this.customStrengthOptions.containsLowercaseLetter) {
|
|
2799
|
+
status.containsLowercaseLetter || (status.containsLowercaseLetter = containsLowercaseCharacter);
|
|
2800
|
+
}
|
|
2801
|
+
if (this.customStrengthOptions.containsUppercaseLetter) {
|
|
2802
|
+
status.containsUppercaseLetter || (status.containsUppercaseLetter = containsUppercaseCharacter);
|
|
2803
|
+
}
|
|
2804
|
+
if (this.customStrengthOptions.containsNumericCharacter) {
|
|
2805
|
+
status.containsNumericCharacter || (status.containsNumericCharacter = containsNumericCharacter);
|
|
2806
|
+
}
|
|
2807
|
+
if (this.customStrengthOptions.containsNonAlphanumericCharacter) {
|
|
2808
|
+
status.containsNonAlphanumericCharacter || (status.containsNonAlphanumericCharacter = containsNonAlphanumericCharacter);
|
|
2809
|
+
}
|
|
2810
|
+
};
|
|
2811
|
+
return PasswordPolicyImpl;
|
|
2824
2812
|
}());
|
|
2825
2813
|
|
|
2826
2814
|
/**
|
|
@@ -2853,6 +2841,7 @@ var AuthImpl = /** @class */ (function () {
|
|
|
2853
2841
|
this.beforeStateQueue = new AuthMiddlewareQueue(this);
|
|
2854
2842
|
this.redirectUser = null;
|
|
2855
2843
|
this.isProactiveRefreshEnabled = false;
|
|
2844
|
+
this.EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION = 1;
|
|
2856
2845
|
// Any network calls will set this to true and prevent subsequent emulator
|
|
2857
2846
|
// initialization
|
|
2858
2847
|
this._canInitEmulator = true;
|
|
@@ -2863,6 +2852,8 @@ var AuthImpl = /** @class */ (function () {
|
|
|
2863
2852
|
this._errorFactory = _DEFAULT_AUTH_ERROR_FACTORY;
|
|
2864
2853
|
this._agentRecaptchaConfig = null;
|
|
2865
2854
|
this._tenantRecaptchaConfigs = {};
|
|
2855
|
+
this._projectPasswordPolicy = null;
|
|
2856
|
+
this._tenantPasswordPolicies = {};
|
|
2866
2857
|
// Tracks the last notified UID for state change listeners to prevent
|
|
2867
2858
|
// repeated calls to the callbacks. Undefined means it's never been
|
|
2868
2859
|
// called, whereas null means it's been called with a signed out user
|
|
@@ -3192,41 +3183,66 @@ var AuthImpl = /** @class */ (function () {
|
|
|
3192
3183
|
});
|
|
3193
3184
|
}); });
|
|
3194
3185
|
};
|
|
3195
|
-
AuthImpl.prototype.
|
|
3186
|
+
AuthImpl.prototype._getRecaptchaConfig = function () {
|
|
3187
|
+
if (this.tenantId == null) {
|
|
3188
|
+
return this._agentRecaptchaConfig;
|
|
3189
|
+
}
|
|
3190
|
+
else {
|
|
3191
|
+
return this._tenantRecaptchaConfigs[this.tenantId];
|
|
3192
|
+
}
|
|
3193
|
+
};
|
|
3194
|
+
AuthImpl.prototype.validatePassword = function (password) {
|
|
3196
3195
|
return __awaiter(this, void 0, void 0, function () {
|
|
3197
|
-
var
|
|
3196
|
+
var passwordPolicy;
|
|
3198
3197
|
return __generator(this, function (_a) {
|
|
3199
3198
|
switch (_a.label) {
|
|
3200
|
-
case 0:
|
|
3201
|
-
|
|
3202
|
-
|
|
3203
|
-
})];
|
|
3199
|
+
case 0:
|
|
3200
|
+
if (!!this._getPasswordPolicyInternal()) return [3 /*break*/, 2];
|
|
3201
|
+
return [4 /*yield*/, this._updatePasswordPolicy()];
|
|
3204
3202
|
case 1:
|
|
3205
|
-
|
|
3206
|
-
|
|
3207
|
-
|
|
3208
|
-
|
|
3209
|
-
|
|
3210
|
-
|
|
3211
|
-
|
|
3212
|
-
|
|
3213
|
-
|
|
3214
|
-
verifier = new RecaptchaEnterpriseVerifier(this);
|
|
3215
|
-
void verifier.verify();
|
|
3203
|
+
_a.sent();
|
|
3204
|
+
_a.label = 2;
|
|
3205
|
+
case 2:
|
|
3206
|
+
passwordPolicy = this._getPasswordPolicyInternal();
|
|
3207
|
+
// Check that the policy schema version is supported by the SDK.
|
|
3208
|
+
// TODO: Update this logic to use a max supported policy schema version once we have multiple schema versions.
|
|
3209
|
+
if (passwordPolicy.schemaVersion !==
|
|
3210
|
+
this.EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION) {
|
|
3211
|
+
return [2 /*return*/, Promise.reject(this._errorFactory.create("unsupported-password-policy-schema-version" /* AuthErrorCode.UNSUPPORTED_PASSWORD_POLICY_SCHEMA_VERSION */, {}))];
|
|
3216
3212
|
}
|
|
3217
|
-
return [2 /*return
|
|
3213
|
+
return [2 /*return*/, passwordPolicy.validatePassword(password)];
|
|
3218
3214
|
}
|
|
3219
3215
|
});
|
|
3220
3216
|
});
|
|
3221
3217
|
};
|
|
3222
|
-
AuthImpl.prototype.
|
|
3223
|
-
if (this.tenantId
|
|
3224
|
-
return this.
|
|
3218
|
+
AuthImpl.prototype._getPasswordPolicyInternal = function () {
|
|
3219
|
+
if (this.tenantId === null) {
|
|
3220
|
+
return this._projectPasswordPolicy;
|
|
3225
3221
|
}
|
|
3226
3222
|
else {
|
|
3227
|
-
return this.
|
|
3223
|
+
return this._tenantPasswordPolicies[this.tenantId];
|
|
3228
3224
|
}
|
|
3229
3225
|
};
|
|
3226
|
+
AuthImpl.prototype._updatePasswordPolicy = function () {
|
|
3227
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
3228
|
+
var response, passwordPolicy;
|
|
3229
|
+
return __generator(this, function (_a) {
|
|
3230
|
+
switch (_a.label) {
|
|
3231
|
+
case 0: return [4 /*yield*/, _getPasswordPolicy(this)];
|
|
3232
|
+
case 1:
|
|
3233
|
+
response = _a.sent();
|
|
3234
|
+
passwordPolicy = new PasswordPolicyImpl(response);
|
|
3235
|
+
if (this.tenantId === null) {
|
|
3236
|
+
this._projectPasswordPolicy = passwordPolicy;
|
|
3237
|
+
}
|
|
3238
|
+
else {
|
|
3239
|
+
this._tenantPasswordPolicies[this.tenantId] = passwordPolicy;
|
|
3240
|
+
}
|
|
3241
|
+
return [2 /*return*/];
|
|
3242
|
+
}
|
|
3243
|
+
});
|
|
3244
|
+
});
|
|
3245
|
+
};
|
|
3230
3246
|
AuthImpl.prototype._getPersistence = function () {
|
|
3231
3247
|
return this.assertedPersistence.persistence.type;
|
|
3232
3248
|
};
|
|
@@ -3393,18 +3409,32 @@ var AuthImpl = /** @class */ (function () {
|
|
|
3393
3409
|
var cb = typeof nextOrObserver === 'function'
|
|
3394
3410
|
? nextOrObserver
|
|
3395
3411
|
: nextOrObserver.next.bind(nextOrObserver);
|
|
3412
|
+
var isUnsubscribed = false;
|
|
3396
3413
|
var promise = this._isInitialized
|
|
3397
3414
|
? Promise.resolve()
|
|
3398
3415
|
: this._initializationPromise;
|
|
3399
3416
|
_assert(promise, this, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
|
|
3400
3417
|
// The callback needs to be called asynchronously per the spec.
|
|
3401
3418
|
// eslint-disable-next-line @typescript-eslint/no-floating-promises
|
|
3402
|
-
promise.then(function () {
|
|
3419
|
+
promise.then(function () {
|
|
3420
|
+
if (isUnsubscribed) {
|
|
3421
|
+
return;
|
|
3422
|
+
}
|
|
3423
|
+
cb(_this.currentUser);
|
|
3424
|
+
});
|
|
3403
3425
|
if (typeof nextOrObserver === 'function') {
|
|
3404
|
-
|
|
3426
|
+
var unsubscribe_2 = subscription.addObserver(nextOrObserver, error, completed);
|
|
3427
|
+
return function () {
|
|
3428
|
+
isUnsubscribed = true;
|
|
3429
|
+
unsubscribe_2();
|
|
3430
|
+
};
|
|
3405
3431
|
}
|
|
3406
3432
|
else {
|
|
3407
|
-
|
|
3433
|
+
var unsubscribe_3 = subscription.addObserver(nextOrObserver);
|
|
3434
|
+
return function () {
|
|
3435
|
+
isUnsubscribed = true;
|
|
3436
|
+
unsubscribe_3();
|
|
3437
|
+
};
|
|
3408
3438
|
}
|
|
3409
3439
|
};
|
|
3410
3440
|
/**
|
|
@@ -3502,54 +3532,280 @@ var AuthImpl = /** @class */ (function () {
|
|
|
3502
3532
|
AuthImpl.prototype._getAppCheckToken = function () {
|
|
3503
3533
|
var _a;
|
|
3504
3534
|
return __awaiter(this, void 0, void 0, function () {
|
|
3505
|
-
var appCheckTokenResult;
|
|
3506
|
-
return __generator(this, function (_b) {
|
|
3507
|
-
switch (_b.label) {
|
|
3508
|
-
case 0: return [4 /*yield*/, ((_a = this.appCheckServiceProvider
|
|
3509
|
-
.getImmediate({ optional: true })) === null || _a === void 0 ? void 0 : _a.getToken())];
|
|
3510
|
-
case 1:
|
|
3511
|
-
appCheckTokenResult = _b.sent();
|
|
3512
|
-
if (appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.error) {
|
|
3513
|
-
// Context: appCheck.getToken() will never throw even if an error happened.
|
|
3514
|
-
// In the error case, a dummy token will be returned along with an error field describing
|
|
3515
|
-
// the error. In general, we shouldn't care about the error condition and just use
|
|
3516
|
-
// the token (actual or dummy) to send requests.
|
|
3517
|
-
_logWarn("Error while retrieving App Check token: ".concat(appCheckTokenResult.error));
|
|
3535
|
+
var appCheckTokenResult;
|
|
3536
|
+
return __generator(this, function (_b) {
|
|
3537
|
+
switch (_b.label) {
|
|
3538
|
+
case 0: return [4 /*yield*/, ((_a = this.appCheckServiceProvider
|
|
3539
|
+
.getImmediate({ optional: true })) === null || _a === void 0 ? void 0 : _a.getToken())];
|
|
3540
|
+
case 1:
|
|
3541
|
+
appCheckTokenResult = _b.sent();
|
|
3542
|
+
if (appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.error) {
|
|
3543
|
+
// Context: appCheck.getToken() will never throw even if an error happened.
|
|
3544
|
+
// In the error case, a dummy token will be returned along with an error field describing
|
|
3545
|
+
// the error. In general, we shouldn't care about the error condition and just use
|
|
3546
|
+
// the token (actual or dummy) to send requests.
|
|
3547
|
+
_logWarn("Error while retrieving App Check token: ".concat(appCheckTokenResult.error));
|
|
3548
|
+
}
|
|
3549
|
+
return [2 /*return*/, appCheckTokenResult === null || appCheckTokenResult === void 0 ? void 0 : appCheckTokenResult.token];
|
|
3550
|
+
}
|
|
3551
|
+
});
|
|
3552
|
+
});
|
|
3553
|
+
};
|
|
3554
|
+
return AuthImpl;
|
|
3555
|
+
}());
|
|
3556
|
+
/**
|
|
3557
|
+
* Method to be used to cast down to our private implmentation of Auth.
|
|
3558
|
+
* It will also handle unwrapping from the compat type if necessary
|
|
3559
|
+
*
|
|
3560
|
+
* @param auth Auth object passed in from developer
|
|
3561
|
+
*/
|
|
3562
|
+
function _castAuth(auth) {
|
|
3563
|
+
return getModularInstance(auth);
|
|
3564
|
+
}
|
|
3565
|
+
/** Helper class to wrap subscriber logic */
|
|
3566
|
+
var Subscription = /** @class */ (function () {
|
|
3567
|
+
function Subscription(auth) {
|
|
3568
|
+
var _this = this;
|
|
3569
|
+
this.auth = auth;
|
|
3570
|
+
this.observer = null;
|
|
3571
|
+
this.addObserver = createSubscribe(function (observer) { return (_this.observer = observer); });
|
|
3572
|
+
}
|
|
3573
|
+
Object.defineProperty(Subscription.prototype, "next", {
|
|
3574
|
+
get: function () {
|
|
3575
|
+
_assert(this.observer, this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
|
|
3576
|
+
return this.observer.next.bind(this.observer);
|
|
3577
|
+
},
|
|
3578
|
+
enumerable: false,
|
|
3579
|
+
configurable: true
|
|
3580
|
+
});
|
|
3581
|
+
return Subscription;
|
|
3582
|
+
}());
|
|
3583
|
+
|
|
3584
|
+
/**
|
|
3585
|
+
* @license
|
|
3586
|
+
* Copyright 2020 Google LLC
|
|
3587
|
+
*
|
|
3588
|
+
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
3589
|
+
* you may not use this file except in compliance with the License.
|
|
3590
|
+
* You may obtain a copy of the License at
|
|
3591
|
+
*
|
|
3592
|
+
* http://www.apache.org/licenses/LICENSE-2.0
|
|
3593
|
+
*
|
|
3594
|
+
* Unless required by applicable law or agreed to in writing, software
|
|
3595
|
+
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
3596
|
+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
3597
|
+
* See the License for the specific language governing permissions and
|
|
3598
|
+
* limitations under the License.
|
|
3599
|
+
*/
|
|
3600
|
+
function getScriptParentElement() {
|
|
3601
|
+
var _a, _b;
|
|
3602
|
+
return (_b = (_a = document.getElementsByTagName('head')) === null || _a === void 0 ? void 0 : _a[0]) !== null && _b !== void 0 ? _b : document;
|
|
3603
|
+
}
|
|
3604
|
+
function _loadJS(url) {
|
|
3605
|
+
// TODO: consider adding timeout support & cancellation
|
|
3606
|
+
return new Promise(function (resolve, reject) {
|
|
3607
|
+
var el = document.createElement('script');
|
|
3608
|
+
el.setAttribute('src', url);
|
|
3609
|
+
el.onload = resolve;
|
|
3610
|
+
el.onerror = function (e) {
|
|
3611
|
+
var error = _createError("internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
|
|
3612
|
+
error.customData = e;
|
|
3613
|
+
reject(error);
|
|
3614
|
+
};
|
|
3615
|
+
el.type = 'text/javascript';
|
|
3616
|
+
el.charset = 'UTF-8';
|
|
3617
|
+
getScriptParentElement().appendChild(el);
|
|
3618
|
+
});
|
|
3619
|
+
}
|
|
3620
|
+
function _generateCallbackName(prefix) {
|
|
3621
|
+
return "__".concat(prefix).concat(Math.floor(Math.random() * 1000000));
|
|
3622
|
+
}
|
|
3623
|
+
|
|
3624
|
+
/* eslint-disable @typescript-eslint/no-require-imports */
|
|
3625
|
+
var RECAPTCHA_ENTERPRISE_URL = 'https://www.google.com/recaptcha/enterprise.js?render=';
|
|
3626
|
+
var RECAPTCHA_ENTERPRISE_VERIFIER_TYPE = 'recaptcha-enterprise';
|
|
3627
|
+
var FAKE_TOKEN = 'NO_RECAPTCHA';
|
|
3628
|
+
var RecaptchaEnterpriseVerifier = /** @class */ (function () {
|
|
3629
|
+
/**
|
|
3630
|
+
*
|
|
3631
|
+
* @param authExtern - The corresponding Firebase {@link Auth} instance.
|
|
3632
|
+
*
|
|
3633
|
+
*/
|
|
3634
|
+
function RecaptchaEnterpriseVerifier(authExtern) {
|
|
3635
|
+
/**
|
|
3636
|
+
* Identifies the type of application verifier (e.g. "recaptcha-enterprise").
|
|
3637
|
+
*/
|
|
3638
|
+
this.type = RECAPTCHA_ENTERPRISE_VERIFIER_TYPE;
|
|
3639
|
+
this.auth = _castAuth(authExtern);
|
|
3640
|
+
}
|
|
3641
|
+
/**
|
|
3642
|
+
* Executes the verification process.
|
|
3643
|
+
*
|
|
3644
|
+
* @returns A Promise for a token that can be used to assert the validity of a request.
|
|
3645
|
+
*/
|
|
3646
|
+
RecaptchaEnterpriseVerifier.prototype.verify = function (action, forceRefresh) {
|
|
3647
|
+
if (action === void 0) { action = 'verify'; }
|
|
3648
|
+
if (forceRefresh === void 0) { forceRefresh = false; }
|
|
3649
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
3650
|
+
function retrieveSiteKey(auth) {
|
|
3651
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
3652
|
+
var _this = this;
|
|
3653
|
+
return __generator(this, function (_a) {
|
|
3654
|
+
if (!forceRefresh) {
|
|
3655
|
+
if (auth.tenantId == null && auth._agentRecaptchaConfig != null) {
|
|
3656
|
+
return [2 /*return*/, auth._agentRecaptchaConfig.siteKey];
|
|
3657
|
+
}
|
|
3658
|
+
if (auth.tenantId != null &&
|
|
3659
|
+
auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined) {
|
|
3660
|
+
return [2 /*return*/, auth._tenantRecaptchaConfigs[auth.tenantId].siteKey];
|
|
3661
|
+
}
|
|
3518
3662
|
}
|
|
3519
|
-
return [2 /*return*/,
|
|
3663
|
+
return [2 /*return*/, new Promise(function (resolve, reject) { return __awaiter(_this, void 0, void 0, function () {
|
|
3664
|
+
return __generator(this, function (_a) {
|
|
3665
|
+
getRecaptchaConfig(auth, {
|
|
3666
|
+
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
|
|
3667
|
+
version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
3668
|
+
})
|
|
3669
|
+
.then(function (response) {
|
|
3670
|
+
if (response.recaptchaKey === undefined) {
|
|
3671
|
+
reject(new Error('recaptcha Enterprise site key undefined'));
|
|
3672
|
+
}
|
|
3673
|
+
else {
|
|
3674
|
+
var config = new RecaptchaConfig(response);
|
|
3675
|
+
if (auth.tenantId == null) {
|
|
3676
|
+
auth._agentRecaptchaConfig = config;
|
|
3677
|
+
}
|
|
3678
|
+
else {
|
|
3679
|
+
auth._tenantRecaptchaConfigs[auth.tenantId] = config;
|
|
3680
|
+
}
|
|
3681
|
+
return resolve(config.siteKey);
|
|
3682
|
+
}
|
|
3683
|
+
})
|
|
3684
|
+
.catch(function (error) {
|
|
3685
|
+
reject(error);
|
|
3686
|
+
});
|
|
3687
|
+
return [2 /*return*/];
|
|
3688
|
+
});
|
|
3689
|
+
}); })];
|
|
3690
|
+
});
|
|
3691
|
+
});
|
|
3692
|
+
}
|
|
3693
|
+
function retrieveRecaptchaToken(siteKey, resolve, reject) {
|
|
3694
|
+
var grecaptcha = window.grecaptcha;
|
|
3695
|
+
if (isEnterprise(grecaptcha)) {
|
|
3696
|
+
grecaptcha.enterprise.ready(function () {
|
|
3697
|
+
grecaptcha.enterprise
|
|
3698
|
+
.execute(siteKey, { action: action })
|
|
3699
|
+
.then(function (token) {
|
|
3700
|
+
resolve(token);
|
|
3701
|
+
})
|
|
3702
|
+
.catch(function () {
|
|
3703
|
+
resolve(FAKE_TOKEN);
|
|
3704
|
+
});
|
|
3705
|
+
});
|
|
3520
3706
|
}
|
|
3707
|
+
else {
|
|
3708
|
+
reject(Error('No reCAPTCHA enterprise script loaded.'));
|
|
3709
|
+
}
|
|
3710
|
+
}
|
|
3711
|
+
var _this = this;
|
|
3712
|
+
return __generator(this, function (_a) {
|
|
3713
|
+
return [2 /*return*/, new Promise(function (resolve, reject) {
|
|
3714
|
+
retrieveSiteKey(_this.auth)
|
|
3715
|
+
.then(function (siteKey) {
|
|
3716
|
+
if (!forceRefresh && isEnterprise(window.grecaptcha)) {
|
|
3717
|
+
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
3718
|
+
}
|
|
3719
|
+
else {
|
|
3720
|
+
if (typeof window === 'undefined') {
|
|
3721
|
+
reject(new Error('RecaptchaVerifier is only supported in browser'));
|
|
3722
|
+
return;
|
|
3723
|
+
}
|
|
3724
|
+
_loadJS(RECAPTCHA_ENTERPRISE_URL + siteKey)
|
|
3725
|
+
.then(function () {
|
|
3726
|
+
retrieveRecaptchaToken(siteKey, resolve, reject);
|
|
3727
|
+
})
|
|
3728
|
+
.catch(function (error) {
|
|
3729
|
+
reject(error);
|
|
3730
|
+
});
|
|
3731
|
+
}
|
|
3732
|
+
})
|
|
3733
|
+
.catch(function (error) {
|
|
3734
|
+
reject(error);
|
|
3735
|
+
});
|
|
3736
|
+
})];
|
|
3521
3737
|
});
|
|
3522
3738
|
});
|
|
3523
3739
|
};
|
|
3524
|
-
return
|
|
3740
|
+
return RecaptchaEnterpriseVerifier;
|
|
3525
3741
|
}());
|
|
3526
|
-
|
|
3527
|
-
|
|
3528
|
-
|
|
3529
|
-
|
|
3530
|
-
|
|
3531
|
-
|
|
3532
|
-
|
|
3533
|
-
|
|
3742
|
+
function injectRecaptchaFields(auth, request, action, captchaResp) {
|
|
3743
|
+
if (captchaResp === void 0) { captchaResp = false; }
|
|
3744
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
3745
|
+
var verifier, captchaResponse, newRequest;
|
|
3746
|
+
return __generator(this, function (_a) {
|
|
3747
|
+
switch (_a.label) {
|
|
3748
|
+
case 0:
|
|
3749
|
+
verifier = new RecaptchaEnterpriseVerifier(auth);
|
|
3750
|
+
_a.label = 1;
|
|
3751
|
+
case 1:
|
|
3752
|
+
_a.trys.push([1, 3, , 5]);
|
|
3753
|
+
return [4 /*yield*/, verifier.verify(action)];
|
|
3754
|
+
case 2:
|
|
3755
|
+
captchaResponse = _a.sent();
|
|
3756
|
+
return [3 /*break*/, 5];
|
|
3757
|
+
case 3:
|
|
3758
|
+
_a.sent();
|
|
3759
|
+
return [4 /*yield*/, verifier.verify(action, true)];
|
|
3760
|
+
case 4:
|
|
3761
|
+
captchaResponse = _a.sent();
|
|
3762
|
+
return [3 /*break*/, 5];
|
|
3763
|
+
case 5:
|
|
3764
|
+
newRequest = __assign({}, request);
|
|
3765
|
+
if (!captchaResp) {
|
|
3766
|
+
Object.assign(newRequest, { captchaResponse: captchaResponse });
|
|
3767
|
+
}
|
|
3768
|
+
else {
|
|
3769
|
+
Object.assign(newRequest, { 'captchaResp': captchaResponse });
|
|
3770
|
+
}
|
|
3771
|
+
Object.assign(newRequest, { 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ });
|
|
3772
|
+
Object.assign(newRequest, {
|
|
3773
|
+
'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
3774
|
+
});
|
|
3775
|
+
return [2 /*return*/, newRequest];
|
|
3776
|
+
}
|
|
3777
|
+
});
|
|
3778
|
+
});
|
|
3534
3779
|
}
|
|
3535
|
-
|
|
3536
|
-
|
|
3537
|
-
|
|
3538
|
-
|
|
3539
|
-
|
|
3540
|
-
|
|
3541
|
-
|
|
3542
|
-
|
|
3543
|
-
|
|
3544
|
-
|
|
3545
|
-
|
|
3546
|
-
|
|
3547
|
-
|
|
3548
|
-
|
|
3549
|
-
|
|
3780
|
+
function _initializeRecaptchaConfig(auth) {
|
|
3781
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
3782
|
+
var authInternal, response, config, verifier;
|
|
3783
|
+
return __generator(this, function (_a) {
|
|
3784
|
+
switch (_a.label) {
|
|
3785
|
+
case 0:
|
|
3786
|
+
authInternal = _castAuth(auth);
|
|
3787
|
+
return [4 /*yield*/, getRecaptchaConfig(authInternal, {
|
|
3788
|
+
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
|
|
3789
|
+
version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
|
|
3790
|
+
})];
|
|
3791
|
+
case 1:
|
|
3792
|
+
response = _a.sent();
|
|
3793
|
+
config = new RecaptchaConfig(response);
|
|
3794
|
+
if (authInternal.tenantId == null) {
|
|
3795
|
+
authInternal._agentRecaptchaConfig = config;
|
|
3796
|
+
}
|
|
3797
|
+
else {
|
|
3798
|
+
authInternal._tenantRecaptchaConfigs[authInternal.tenantId] = config;
|
|
3799
|
+
}
|
|
3800
|
+
if (config.emailPasswordEnabled) {
|
|
3801
|
+
verifier = new RecaptchaEnterpriseVerifier(authInternal);
|
|
3802
|
+
void verifier.verify();
|
|
3803
|
+
}
|
|
3804
|
+
return [2 /*return*/];
|
|
3805
|
+
}
|
|
3806
|
+
});
|
|
3550
3807
|
});
|
|
3551
|
-
|
|
3552
|
-
}());
|
|
3808
|
+
}
|
|
3553
3809
|
|
|
3554
3810
|
/**
|
|
3555
3811
|
* @license
|
|
@@ -6209,6 +6465,36 @@ function _setActionCodeSettingsOnRequest(auth, request, actionCodeSettings) {
|
|
|
6209
6465
|
* See the License for the specific language governing permissions and
|
|
6210
6466
|
* limitations under the License.
|
|
6211
6467
|
*/
|
|
6468
|
+
/**
|
|
6469
|
+
* Updates the password policy cached in the {@link Auth} instance if a policy is already
|
|
6470
|
+
* cached for the project or tenant.
|
|
6471
|
+
*
|
|
6472
|
+
* @remarks
|
|
6473
|
+
* We only fetch the password policy if the password did not meet policy requirements and
|
|
6474
|
+
* there is an existing policy cached. A developer must call validatePassword at least
|
|
6475
|
+
* once for the cache to be automatically updated.
|
|
6476
|
+
*
|
|
6477
|
+
* @param auth - The {@link Auth} instance.
|
|
6478
|
+
*
|
|
6479
|
+
* @private
|
|
6480
|
+
*/
|
|
6481
|
+
function recachePasswordPolicy(auth) {
|
|
6482
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
6483
|
+
var authInternal;
|
|
6484
|
+
return __generator(this, function (_a) {
|
|
6485
|
+
switch (_a.label) {
|
|
6486
|
+
case 0:
|
|
6487
|
+
authInternal = _castAuth(auth);
|
|
6488
|
+
if (!authInternal._getPasswordPolicyInternal()) return [3 /*break*/, 2];
|
|
6489
|
+
return [4 /*yield*/, authInternal._updatePasswordPolicy()];
|
|
6490
|
+
case 1:
|
|
6491
|
+
_a.sent();
|
|
6492
|
+
_a.label = 2;
|
|
6493
|
+
case 2: return [2 /*return*/];
|
|
6494
|
+
}
|
|
6495
|
+
});
|
|
6496
|
+
});
|
|
6497
|
+
}
|
|
6212
6498
|
/**
|
|
6213
6499
|
* Sends a password reset email to the given email address.
|
|
6214
6500
|
*
|
|
@@ -6312,12 +6598,22 @@ function sendPasswordResetEmail(auth, email, actionCodeSettings) {
|
|
|
6312
6598
|
*/
|
|
6313
6599
|
function confirmPasswordReset(auth, oobCode, newPassword) {
|
|
6314
6600
|
return __awaiter(this, void 0, void 0, function () {
|
|
6601
|
+
var _this = this;
|
|
6315
6602
|
return __generator(this, function (_a) {
|
|
6316
6603
|
switch (_a.label) {
|
|
6317
6604
|
case 0: return [4 /*yield*/, resetPassword(getModularInstance(auth), {
|
|
6318
6605
|
oobCode: oobCode,
|
|
6319
6606
|
newPassword: newPassword
|
|
6320
|
-
})
|
|
6607
|
+
})
|
|
6608
|
+
.catch(function (error) { return __awaiter(_this, void 0, void 0, function () {
|
|
6609
|
+
return __generator(this, function (_a) {
|
|
6610
|
+
if (error.code ===
|
|
6611
|
+
"auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
|
|
6612
|
+
void recachePasswordPolicy(auth);
|
|
6613
|
+
}
|
|
6614
|
+
throw error;
|
|
6615
|
+
});
|
|
6616
|
+
}); })];
|
|
6321
6617
|
case 1:
|
|
6322
6618
|
_a.sent();
|
|
6323
6619
|
return [2 /*return*/];
|
|
@@ -6473,13 +6769,16 @@ function createUserWithEmailAndPassword(auth, email, password) {
|
|
|
6473
6769
|
case 1:
|
|
6474
6770
|
requestWithRecaptcha = _a.sent();
|
|
6475
6771
|
return [2 /*return*/, signUp(authInternal, requestWithRecaptcha)];
|
|
6476
|
-
case 2:
|
|
6772
|
+
case 2: throw error;
|
|
6477
6773
|
}
|
|
6478
6774
|
});
|
|
6479
6775
|
}); });
|
|
6480
6776
|
_b.label = 3;
|
|
6481
6777
|
case 3: return [4 /*yield*/, signUpResponse.catch(function (error) {
|
|
6482
|
-
|
|
6778
|
+
if (error.code === "auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
|
|
6779
|
+
void recachePasswordPolicy(auth);
|
|
6780
|
+
}
|
|
6781
|
+
throw error;
|
|
6483
6782
|
})];
|
|
6484
6783
|
case 4:
|
|
6485
6784
|
response = _b.sent();
|
|
@@ -6511,7 +6810,15 @@ function createUserWithEmailAndPassword(auth, email, password) {
|
|
|
6511
6810
|
* @public
|
|
6512
6811
|
*/
|
|
6513
6812
|
function signInWithEmailAndPassword(auth, email, password) {
|
|
6514
|
-
|
|
6813
|
+
var _this = this;
|
|
6814
|
+
return signInWithCredential(getModularInstance(auth), EmailAuthProvider.credential(email, password)).catch(function (error) { return __awaiter(_this, void 0, void 0, function () {
|
|
6815
|
+
return __generator(this, function (_a) {
|
|
6816
|
+
if (error.code === "auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
|
|
6817
|
+
void recachePasswordPolicy(auth);
|
|
6818
|
+
}
|
|
6819
|
+
throw error;
|
|
6820
|
+
});
|
|
6821
|
+
}); });
|
|
6515
6822
|
}
|
|
6516
6823
|
|
|
6517
6824
|
/**
|
|
@@ -7249,8 +7556,39 @@ function setPersistence(auth, persistence) {
|
|
|
7249
7556
|
* @public
|
|
7250
7557
|
*/
|
|
7251
7558
|
function initializeRecaptchaConfig(auth) {
|
|
7252
|
-
|
|
7253
|
-
|
|
7559
|
+
return _initializeRecaptchaConfig(auth);
|
|
7560
|
+
}
|
|
7561
|
+
/**
|
|
7562
|
+
* Validates the password against the password policy configured for the project or tenant.
|
|
7563
|
+
*
|
|
7564
|
+
* @remarks
|
|
7565
|
+
* If no tenant ID is set on the `Auth` instance, then this method will use the password
|
|
7566
|
+
* policy configured for the project. Otherwise, this method will use the policy configured
|
|
7567
|
+
* for the tenant. If a password policy has not been configured, then the default policy
|
|
7568
|
+
* configured for all projects will be used.
|
|
7569
|
+
*
|
|
7570
|
+
* If an auth flow fails because a submitted password does not meet the password policy
|
|
7571
|
+
* requirements and this method has previously been called, then this method will use the
|
|
7572
|
+
* most recent policy available when called again.
|
|
7573
|
+
*
|
|
7574
|
+
* @example
|
|
7575
|
+
* ```javascript
|
|
7576
|
+
* validatePassword(auth, 'some-password');
|
|
7577
|
+
* ```
|
|
7578
|
+
*
|
|
7579
|
+
* @param auth The {@link Auth} instance.
|
|
7580
|
+
* @param password The password to validate.
|
|
7581
|
+
*
|
|
7582
|
+
* @public
|
|
7583
|
+
*/
|
|
7584
|
+
function validatePassword(auth, password) {
|
|
7585
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
7586
|
+
var authInternal;
|
|
7587
|
+
return __generator(this, function (_a) {
|
|
7588
|
+
authInternal = _castAuth(auth);
|
|
7589
|
+
return [2 /*return*/, authInternal.validatePassword(password)];
|
|
7590
|
+
});
|
|
7591
|
+
});
|
|
7254
7592
|
}
|
|
7255
7593
|
/**
|
|
7256
7594
|
* Adds an observer for changes to the signed-in user's ID token.
|
|
@@ -11876,7 +12214,7 @@ function _isEmptyString(input) {
|
|
|
11876
12214
|
}
|
|
11877
12215
|
|
|
11878
12216
|
var name = "@firebase/auth";
|
|
11879
|
-
var version = "1.
|
|
12217
|
+
var version = "1.2.0-canary.78d2738c2";
|
|
11880
12218
|
|
|
11881
12219
|
/**
|
|
11882
12220
|
* @license
|
|
@@ -12128,5 +12466,5 @@ function getAuth(app) {
|
|
|
12128
12466
|
}
|
|
12129
12467
|
registerAuth("Browser" /* ClientPlatform.BROWSER */);
|
|
12130
12468
|
|
|
12131
|
-
export {
|
|
12132
|
-
//# sourceMappingURL=index-
|
|
12469
|
+
export { signInAnonymously as $, ActionCodeOperation as A, updateCurrentUser as B, signOut as C, deleteUser as D, debugErrorMap as E, FactorId as F, prodErrorMap as G, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as H, initializeAuth as I, connectAuthEmulator as J, AuthCredential as K, EmailAuthCredential as L, OAuthCredential as M, PhoneAuthCredential as N, OperationType as O, PhoneAuthProvider as P, inMemoryPersistence as Q, RecaptchaVerifier as R, SignInMethod as S, TotpMultiFactorGenerator as T, EmailAuthProvider as U, FacebookAuthProvider as V, GoogleAuthProvider as W, GithubAuthProvider as X, OAuthProvider as Y, SAMLAuthProvider as Z, TwitterAuthProvider as _, browserSessionPersistence as a, signInWithCredential as a0, linkWithCredential as a1, reauthenticateWithCredential as a2, signInWithCustomToken as a3, sendPasswordResetEmail as a4, confirmPasswordReset as a5, applyActionCode as a6, checkActionCode as a7, verifyPasswordResetCode as a8, createUserWithEmailAndPassword as a9, _assert as aA, _createError as aB, AuthEventManager as aC, _getInstance as aD, _persistenceKeyName as aE, _clearRedirectOutcomes as aF, _getRedirectResult as aG, _overrideRedirectResult as aH, _castAuth as aI, UserImpl as aJ, AuthImpl as aK, _getClientVersion as aL, _generateEventId as aM, AuthPopup as aN, FetchProvider as aO, SAMLAuthCredential as aP, signInWithEmailAndPassword as aa, sendSignInLinkToEmail as ab, isSignInWithEmailLink as ac, signInWithEmailLink as ad, fetchSignInMethodsForEmail as ae, sendEmailVerification as af, verifyBeforeUpdateEmail as ag, ActionCodeURL as ah, parseActionCodeURL as ai, updateProfile as aj, updateEmail as ak, updatePassword as al, getIdToken as am, getIdTokenResult as an, unlink as ao, getAdditionalUserInfo as ap, reload as aq, getMultiFactorResolver as ar, multiFactor as as, _isIOS as at, _isAndroid as au, _fail as av, _getRedirectUrl as aw, debugAssert as ax, _getProjectConfig as ay, _isIOS7Or8 as az, browserLocalPersistence as b, signInWithPopup as c, linkWithPopup as d, reauthenticateWithPopup as e, signInWithRedirect as f, linkWithRedirect as g, reauthenticateWithRedirect as h, indexedDBLocalPersistence as i, getRedirectResult as j, browserPopupRedirectResolver as k, linkWithPhoneNumber as l, PhoneMultiFactorGenerator as m, TotpSecret as n, getAuth as o, ProviderId as p, setPersistence as q, reauthenticateWithPhoneNumber as r, signInWithPhoneNumber as s, initializeRecaptchaConfig as t, updatePhoneNumber as u, validatePassword as v, onIdTokenChanged as w, beforeAuthStateChanged as x, onAuthStateChanged as y, useDeviceLanguage as z };
|
|
12470
|
+
//# sourceMappingURL=index-e3004618.js.map
|