@firebase/auth 1.3.0 → 1.3.1-20231025123451

package/dist/auth-public.d.ts

@@ -1087,6 +1087,13 @@ export declare interface EmulatorConfig {
         readonly disableWarnings: boolean;
     };
 }
+
+declare const enum EnforcementState {
+    ENFORCE = "ENFORCE",
+    AUDIT = "AUDIT",
+    OFF = "OFF",
+    ENFORCEMENT_STATE_UNSPECIFIED = "ENFORCEMENT_STATE_UNSPECIFIED"
+}
 export { ErrorFn }
 
 /* Excluded from this release type: EventManager */
@@ -1300,7 +1307,7 @@ export declare function getMultiFactorResolver(auth: Auth, error: MultiFactorErr
 
 declare interface GetRecaptchaConfigResponse {
     recaptchaKey: string;
-    recaptchaEnforcementState: RecaptchaEnforcementState[];
+    recaptchaEnforcementState: RecaptchaEnforcementProviderState[];
 }
 
 /**
@@ -2812,13 +2819,27 @@ declare class RecaptchaConfig {
      */
     siteKey: string;
     /**
-     * The reCAPTCHA enablement status of the {@link EmailAuthProvider} for the current tenant.
+     * The list of providers and their enablement status for reCAPTCHA Enterprise.
      */
-    emailPasswordEnabled: boolean;
+    recaptchaEnforcementState: RecaptchaEnforcementProviderState[];
     constructor(response: GetRecaptchaConfigResponse);
+    /**
+     * Returns the reCAPTCHA Enterprise enforcement state for the given provider.
+     *
+     * @param providerStr - The provider whose enforcement state is to be returned.
+     * @returns The reCAPTCHA Enterprise enforcement state for the given provider.
+     */
+    getProviderEnforcementState(providerStr: string): EnforcementState | null;
+    /**
+     * Returns true if the reCAPTCHA Enterprise enforcement state for the provider is set to ENFORCE or AUDIT.
+     *
+     * @param providerStr - The provider whose enablement state is to be returned.
+     * @returns Whether or not reCAPTCHA Enterprise protection is enabled for the given provider.
+     */
+    isProviderEnabled(providerStr: string): boolean;
 }
 
-declare interface RecaptchaEnforcementState {
+declare interface RecaptchaEnforcementProviderState {
     provider: string;
     enforcementState: string;
 }

package/dist/auth.d.ts

@@ -1367,6 +1367,13 @@ export declare interface EmulatorConfig {
         readonly disableWarnings: boolean;
     };
 }
+
+declare const enum EnforcementState {
+    ENFORCE = "ENFORCE",
+    AUDIT = "AUDIT",
+    OFF = "OFF",
+    ENFORCEMENT_STATE_UNSPECIFIED = "ENFORCEMENT_STATE_UNSPECIFIED"
+}
 export { ErrorFn }
 
 /**
@@ -1598,7 +1605,7 @@ export declare function getMultiFactorResolver(auth: Auth, error: MultiFactorErr
 
 declare interface GetRecaptchaConfigResponse {
     recaptchaKey: string;
-    recaptchaEnforcementState: RecaptchaEnforcementState[];
+    recaptchaEnforcementState: RecaptchaEnforcementProviderState[];
 }
 
 /**
@@ -3273,13 +3280,27 @@ declare class RecaptchaConfig {
      */
     siteKey: string;
     /**
-     * The reCAPTCHA enablement status of the {@link EmailAuthProvider} for the current tenant.
+     * The list of providers and their enablement status for reCAPTCHA Enterprise.
      */
-    emailPasswordEnabled: boolean;
+    recaptchaEnforcementState: RecaptchaEnforcementProviderState[];
     constructor(response: GetRecaptchaConfigResponse);
+    /**
+     * Returns the reCAPTCHA Enterprise enforcement state for the given provider.
+     *
+     * @param providerStr - The provider whose enforcement state is to be returned.
+     * @returns The reCAPTCHA Enterprise enforcement state for the given provider.
+     */
+    getProviderEnforcementState(providerStr: string): EnforcementState | null;
+    /**
+     * Returns true if the reCAPTCHA Enterprise enforcement state for the provider is set to ENFORCE or AUDIT.
+     *
+     * @param providerStr - The provider whose enablement state is to be returned.
+     * @returns Whether or not reCAPTCHA Enterprise protection is enabled for the given provider.
+     */
+    isProviderEnabled(providerStr: string): boolean;
 }
 
-declare interface RecaptchaEnforcementState {
+declare interface RecaptchaEnforcementProviderState {
     provider: string;
     enforcementState: string;
 }

package/dist/browser-cjs/{index-68b50c51.js → index-1a200980.js}

@@ -105,50 +105,6 @@ const ActionCodeOperation = {
     VERIFY_EMAIL: 'VERIFY_EMAIL'
 };
 
-/**
- * @license
- * Copyright 2020 Google LLC
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-function isV2(grecaptcha) {
-    return (grecaptcha !== undefined &&
-        grecaptcha.getResponse !== undefined);
-}
-function isEnterprise(grecaptcha) {
-    return (grecaptcha !== undefined &&
-        grecaptcha.enterprise !== undefined);
-}
-class RecaptchaConfig {
-    constructor(response) {
-        /**
-         * The reCAPTCHA site key.
-         */
-        this.siteKey = '';
-        /**
-         * The reCAPTCHA enablement status of the {@link EmailAuthProvider} for the current tenant.
-         */
-        this.emailPasswordEnabled = false;
-        if (response.recaptchaKey === undefined) {
-            throw new Error('recaptchaKey undefined');
-        }
-        // Example response.recaptchaKey: "projects/proj123/keys/sitekey123"
-        this.siteKey = response.recaptchaKey.split('/')[3];
-        this.emailPasswordEnabled = response.recaptchaEnforcementState.some(enforcementState => enforcementState.provider === 'EMAIL_PASSWORD_PROVIDER' &&
-            enforcementState.enforcementState !== 'OFF');
-    }
-}
-
 /**
  * @license
  * Copyright 2020 Google LLC
@@ -758,6 +714,12 @@ class FetchProvider {
         if (typeof self !== 'undefined' && 'fetch' in self) {
             return self.fetch;
         }
+        if (typeof globalThis !== 'undefined' && globalThis.fetch) {
+            return globalThis.fetch;
+        }
+        if (typeof fetch !== 'undefined') {
+            return fetch;
+        }
         debugFail('Could not find fetch implementation, make sure you call FetchProvider.initialize() with an appropriate polyfill');
     }
     static headers() {
@@ -767,6 +729,12 @@ class FetchProvider {
         if (typeof self !== 'undefined' && 'Headers' in self) {
             return self.Headers;
         }
+        if (typeof globalThis !== 'undefined' && globalThis.Headers) {
+            return globalThis.Headers;
+        }
+        if (typeof Headers !== 'undefined') {
+            return Headers;
+        }
         debugFail('Could not find Headers implementation, make sure you call FetchProvider.initialize() with an appropriate polyfill');
     }
     static response() {
@@ -776,6 +744,12 @@ class FetchProvider {
         if (typeof self !== 'undefined' && 'Response' in self) {
             return self.Response;
         }
+        if (typeof globalThis !== 'undefined' && globalThis.Response) {
+            return globalThis.Response;
+        }
+        if (typeof Response !== 'undefined') {
+            return Response;
+        }
         debugFail('Could not find Response implementation, make sure you call FetchProvider.initialize() with an appropriate polyfill');
     }
 }
@@ -987,6 +961,18 @@ function _getFinalTarget(auth, host, path, query) {
     }
     return _emulatorUrl(auth.config, base);
 }
+function _parseEnforcementState(enforcementStateStr) {
+    switch (enforcementStateStr) {
+        case 'ENFORCE':
+            return "ENFORCE" /* EnforcementState.ENFORCE */;
+        case 'AUDIT':
+            return "AUDIT" /* EnforcementState.AUDIT */;
+        case 'OFF':
+            return "OFF" /* EnforcementState.OFF */;
+        default:
+            return "ENFORCEMENT_STATE_UNSPECIFIED" /* EnforcementState.ENFORCEMENT_STATE_UNSPECIFIED */;
+    }
+}
 class NetworkTimeout {
     constructor(auth) {
         this.auth = auth;
@@ -1020,6 +1006,79 @@ function _makeTaggedError(auth, code, response) {
     return error;
 }
 
+/**
+ * @license
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+function isV2(grecaptcha) {
+    return (grecaptcha !== undefined &&
+        grecaptcha.getResponse !== undefined);
+}
+function isEnterprise(grecaptcha) {
+    return (grecaptcha !== undefined &&
+        grecaptcha.enterprise !== undefined);
+}
+class RecaptchaConfig {
+    constructor(response) {
+        /**
+         * The reCAPTCHA site key.
+         */
+        this.siteKey = '';
+        /**
+         * The list of providers and their enablement status for reCAPTCHA Enterprise.
+         */
+        this.recaptchaEnforcementState = [];
+        if (response.recaptchaKey === undefined) {
+            throw new Error('recaptchaKey undefined');
+        }
+        // Example response.recaptchaKey: "projects/proj123/keys/sitekey123"
+        this.siteKey = response.recaptchaKey.split('/')[3];
+        this.recaptchaEnforcementState = response.recaptchaEnforcementState;
+    }
+    /**
+     * Returns the reCAPTCHA Enterprise enforcement state for the given provider.
+     *
+     * @param providerStr - The provider whose enforcement state is to be returned.
+     * @returns The reCAPTCHA Enterprise enforcement state for the given provider.
+     */
+    getProviderEnforcementState(providerStr) {
+        if (!this.recaptchaEnforcementState ||
+            this.recaptchaEnforcementState.length === 0) {
+            return null;
+        }
+        for (const recaptchaEnforcementState of this.recaptchaEnforcementState) {
+            if (recaptchaEnforcementState.provider &&
+                recaptchaEnforcementState.provider === providerStr) {
+                return _parseEnforcementState(recaptchaEnforcementState.enforcementState);
+            }
+        }
+        return null;
+    }
+    /**
+     * Returns true if the reCAPTCHA Enterprise enforcement state for the provider is set to ENFORCE or AUDIT.
+     *
+     * @param providerStr - The provider whose enablement state is to be returned.
+     * @returns Whether or not reCAPTCHA Enterprise protection is enabled for the given provider.
+     */
+    isProviderEnabled(providerStr) {
+        return (this.getProviderEnforcementState(providerStr) ===
+            "ENFORCE" /* EnforcementState.ENFORCE */ ||
+            this.getProviderEnforcementState(providerStr) === "AUDIT" /* EnforcementState.AUDIT */);
+    }
+}
+
 /**
  * @license
  * Copyright 2020 Google LLC
@@ -3135,6 +3194,26 @@ async function injectRecaptchaFields(auth, request, action, captchaResp = false)
     });
     return newRequest;
 }
+async function handleRecaptchaFlow(authInstance, request, actionName, actionMethod) {
+    var _a;
+    if ((_a = authInstance
+        ._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.isProviderEnabled("EMAIL_PASSWORD_PROVIDER" /* RecaptchaProvider.EMAIL_PASSWORD_PROVIDER */)) {
+        const requestWithRecaptcha = await injectRecaptchaFields(authInstance, request, actionName, actionName === "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */);
+        return actionMethod(authInstance, requestWithRecaptcha);
+    }
+    else {
+        return actionMethod(authInstance, request).catch(async (error) => {
+            if (error.code === `auth/${"missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */}`) {
+                console.log(`${actionName} is protected by reCAPTCHA Enterprise for this project. Automatically triggering the reCAPTCHA flow and restarting the flow.`);
+                const requestWithRecaptcha = await injectRecaptchaFields(authInstance, request, actionName, actionName === "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */);
+                return actionMethod(authInstance, requestWithRecaptcha);
+            }
+            else {
+                return Promise.reject(error);
+            }
+        });
+    }
+}
 async function _initializeRecaptchaConfig(auth) {
     const authInternal = _castAuth(auth);
     const response = await getRecaptchaConfig(authInternal, {
@@ -3148,7 +3227,7 @@ async function _initializeRecaptchaConfig(auth) {
     else {
         authInternal._tenantRecaptchaConfigs[authInternal.tenantId] = config;
     }
-    if (config.emailPasswordEnabled) {
+    if (config.isProviderEnabled("EMAIL_PASSWORD_PROVIDER" /* RecaptchaProvider.EMAIL_PASSWORD_PROVIDER */)) {
         const verifier = new RecaptchaEnterpriseVerifier(authInternal);
         void verifier.verify();
     }
@@ -3561,7 +3640,6 @@ class EmailAuthCredential extends AuthCredential {
     }
     /** @internal */
     async _getIdTokenResponse(auth) {
-        var _a;
         switch (this.signInMethod) {
             case "password" /* SignInMethod.EMAIL_PASSWORD */:
                 const request = {
@@ -3570,22 +3648,7 @@ class EmailAuthCredential extends AuthCredential {
                     password: this._password,
                     clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
                 };
-                if ((_a = auth._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled) {
-                    const requestWithRecaptcha = await injectRecaptchaFields(auth, request, "signInWithPassword" /* RecaptchaActionName.SIGN_IN_WITH_PASSWORD */);
-                    return signInWithPassword(auth, requestWithRecaptcha);
-                }
-                else {
-                    return signInWithPassword(auth, request).catch(async (error) => {
-                        if (error.code === `auth/${"missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */}`) {
-                            console.log('Sign-in with email address and password is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-in flow.');
-                            const requestWithRecaptcha = await injectRecaptchaFields(auth, request, "signInWithPassword" /* RecaptchaActionName.SIGN_IN_WITH_PASSWORD */);
-                            return signInWithPassword(auth, requestWithRecaptcha);
-                        }
-                        else {
-                            return Promise.reject(error);
-                        }
-                    });
-                }
+                return handleRecaptchaFlow(auth, request, "signInWithPassword" /* RecaptchaActionName.SIGN_IN_WITH_PASSWORD */, signInWithPassword);
             case "emailLink" /* SignInMethod.EMAIL_LINK */:
                 return signInWithEmailLink$1(auth, {
                     email: this._email,
@@ -5563,39 +5626,16 @@ async function recachePasswordPolicy(auth) {
  * @public
  */
 async function sendPasswordResetEmail(auth, email, actionCodeSettings) {
-    var _a;
     const authInternal = _castAuth(auth);
     const request = {
         requestType: "PASSWORD_RESET" /* ActionCodeOperation.PASSWORD_RESET */,
         email,
         clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
     };
-    if ((_a = authInternal._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled) {
-        const requestWithRecaptcha = await injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true);
-        if (actionCodeSettings) {
-            _setActionCodeSettingsOnRequest(authInternal, requestWithRecaptcha, actionCodeSettings);
-        }
-        await sendPasswordResetEmail$1(authInternal, requestWithRecaptcha);
-    }
-    else {
-        if (actionCodeSettings) {
-            _setActionCodeSettingsOnRequest(authInternal, request, actionCodeSettings);
-        }
-        await sendPasswordResetEmail$1(authInternal, request)
-            .catch(async (error) => {
-            if (error.code === `auth/${"missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */}`) {
-                console.log('Password resets are protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the password reset flow.');
-                const requestWithRecaptcha = await injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true);
-                if (actionCodeSettings) {
-                    _setActionCodeSettingsOnRequest(authInternal, requestWithRecaptcha, actionCodeSettings);
-                }
-                await sendPasswordResetEmail$1(authInternal, requestWithRecaptcha);
-            }
-            else {
-                return Promise.reject(error);
-            }
-        });
+    if (actionCodeSettings) {
+        _setActionCodeSettingsOnRequest(authInternal, request, actionCodeSettings);
     }
+    await handleRecaptchaFlow(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, sendPasswordResetEmail$1);
 }
 /**
  * Completes the password reset process, given a confirmation code and new password.
@@ -5715,7 +5755,6 @@ async function verifyPasswordResetCode(auth, code) {
  * @public
  */
 async function createUserWithEmailAndPassword(auth, email, password) {
-    var _a;
     const authInternal = _castAuth(auth);
     const request = {
         returnSecureToken: true,
@@ -5723,21 +5762,7 @@ async function createUserWithEmailAndPassword(auth, email, password) {
         password,
         clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
     };
-    let signUpResponse;
-    if ((_a = authInternal._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled) {
-        const requestWithRecaptcha = await injectRecaptchaFields(authInternal, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */);
-        signUpResponse = signUp(authInternal, requestWithRecaptcha);
-    }
-    else {
-        signUpResponse = signUp(authInternal, request).catch(async (error) => {
-            if (error.code === `auth/${"missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */}`) {
-                console.log('Sign-up is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-up flow.');
-                const requestWithRecaptcha = await injectRecaptchaFields(authInternal, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */);
-                return signUp(authInternal, requestWithRecaptcha);
-            }
-            throw error;
-        });
-    }
+    const signUpResponse = handleRecaptchaFlow(authInternal, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */, signUp);
     const response = await signUpResponse.catch(error => {
         if (error.code === `auth/${"password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */}`) {
             void recachePasswordPolicy(auth);
@@ -5828,7 +5853,6 @@ function signInWithEmailAndPassword(auth, email, password) {
  * @public
  */
 async function sendSignInLinkToEmail(auth, email, actionCodeSettings) {
-    var _a;
     const authInternal = _castAuth(auth);
     const request = {
         requestType: "EMAIL_SIGNIN" /* ActionCodeOperation.EMAIL_SIGNIN */,
@@ -5841,26 +5865,8 @@ async function sendSignInLinkToEmail(auth, email, actionCodeSettings) {
             _setActionCodeSettingsOnRequest(authInternal, request, actionCodeSettings);
         }
     }
-    if ((_a = authInternal._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.emailPasswordEnabled) {
-        const requestWithRecaptcha = await injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true);
-        setActionCodeSettings(requestWithRecaptcha, actionCodeSettings);
-        await sendSignInLinkToEmail$1(authInternal, requestWithRecaptcha);
-    }
-    else {
-        setActionCodeSettings(request, actionCodeSettings);
-        await sendSignInLinkToEmail$1(authInternal, request)
-            .catch(async (error) => {
-            if (error.code === `auth/${"missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */}`) {
-                console.log('Email link sign-in is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-in flow.');
-                const requestWithRecaptcha = await injectRecaptchaFields(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, true);
-                setActionCodeSettings(requestWithRecaptcha, actionCodeSettings);
-                await sendSignInLinkToEmail$1(authInternal, requestWithRecaptcha);
-            }
-            else {
-                return Promise.reject(error);
-            }
-        });
-    }
+    setActionCodeSettings(request, actionCodeSettings);
+    await handleRecaptchaFlow(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, sendSignInLinkToEmail$1);
 }
 /**
  * Checks if an incoming link is a sign-in with email link suitable for {@link signInWithEmailLink}.
@@ -10220,7 +10226,7 @@ function _isEmptyString(input) {
 }
 
 var name = "@firebase/auth";
-var version = "1.3.0";
+var version = "1.3.1-20231025123451";
 
 /**
  * @license
@@ -10546,4 +10552,4 @@ exports.useDeviceLanguage = useDeviceLanguage;
 exports.validatePassword = validatePassword;
 exports.verifyBeforeUpdateEmail = verifyBeforeUpdateEmail;
 exports.verifyPasswordResetCode = verifyPasswordResetCode;
-//# sourceMappingURL=index-68b50c51.js.map
+//# sourceMappingURL=index-1a200980.js.map