@firebase/auth 1.3.2 → 1.4.0-canary.00235ba68
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth-public.d.ts +24 -2
- package/dist/auth.d.ts +26 -3
- package/dist/browser-cjs/{index-770706ba.js → index-d50ad728.js} +68 -11
- package/dist/browser-cjs/index-d50ad728.js.map +1 -0
- package/dist/browser-cjs/index.js +2 -1
- package/dist/browser-cjs/index.js.map +1 -1
- package/dist/browser-cjs/internal.js +2 -1
- package/dist/browser-cjs/internal.js.map +1 -1
- package/dist/browser-cjs/src/api/account_management/email_and_password.d.ts +2 -0
- package/dist/browser-cjs/src/api/authentication/sign_up.d.ts +1 -0
- package/dist/browser-cjs/src/api/authentication/token.d.ts +13 -2
- package/dist/browser-cjs/src/api/errors.d.ts +1 -0
- package/dist/browser-cjs/src/api/index.d.ts +3 -1
- package/dist/browser-cjs/src/core/auth/auth_impl.d.ts +4 -0
- package/dist/browser-cjs/src/core/errors.d.ts +2 -1
- package/dist/browser-cjs/src/core/index.d.ts +9 -0
- package/dist/browser-cjs/src/core/strategies/email.d.ts +5 -1
- package/dist/browser-cjs/src/core/strategies/email_and_password.d.ts +5 -1
- package/dist/browser-cjs/src/core/user/account_info.d.ts +3 -0
- package/dist/browser-cjs/src/model/auth.d.ts +1 -0
- package/dist/cordova/index.js +2 -2
- package/dist/cordova/internal.js +2 -2
- package/dist/cordova/{popup_redirect-a9365a6c.js → popup_redirect-599b3914.js} +92 -15
- package/dist/cordova/popup_redirect-599b3914.js.map +1 -0
- package/dist/cordova/src/api/account_management/email_and_password.d.ts +2 -0
- package/dist/cordova/src/api/authentication/sign_up.d.ts +1 -0
- package/dist/cordova/src/api/authentication/token.d.ts +13 -2
- package/dist/cordova/src/api/errors.d.ts +1 -0
- package/dist/cordova/src/api/index.d.ts +3 -1
- package/dist/cordova/src/core/auth/auth_impl.d.ts +4 -0
- package/dist/cordova/src/core/errors.d.ts +2 -1
- package/dist/cordova/src/core/index.d.ts +9 -0
- package/dist/cordova/src/core/strategies/email.d.ts +5 -1
- package/dist/cordova/src/core/strategies/email_and_password.d.ts +5 -1
- package/dist/cordova/src/core/user/account_info.d.ts +3 -0
- package/dist/cordova/src/model/auth.d.ts +1 -0
- package/dist/esm2017/{index-94e5f531.js → index-2b54b271.js} +68 -12
- package/dist/esm2017/index-2b54b271.js.map +1 -0
- package/dist/esm2017/index.js +1 -1
- package/dist/esm2017/internal.js +2 -2
- package/dist/esm2017/src/api/account_management/email_and_password.d.ts +2 -0
- package/dist/esm2017/src/api/authentication/sign_up.d.ts +1 -0
- package/dist/esm2017/src/api/authentication/token.d.ts +13 -2
- package/dist/esm2017/src/api/errors.d.ts +1 -0
- package/dist/esm2017/src/api/index.d.ts +3 -1
- package/dist/esm2017/src/core/auth/auth_impl.d.ts +4 -0
- package/dist/esm2017/src/core/errors.d.ts +2 -1
- package/dist/esm2017/src/core/index.d.ts +9 -0
- package/dist/esm2017/src/core/strategies/email.d.ts +5 -1
- package/dist/esm2017/src/core/strategies/email_and_password.d.ts +5 -1
- package/dist/esm2017/src/core/user/account_info.d.ts +3 -0
- package/dist/esm2017/src/model/auth.d.ts +1 -0
- package/dist/esm5/{index-7b6c682b.js → index-ab0a3e4e.js} +92 -15
- package/dist/esm5/index-ab0a3e4e.js.map +1 -0
- package/dist/esm5/index.js +1 -1
- package/dist/esm5/internal.js +2 -2
- package/dist/esm5/src/api/account_management/email_and_password.d.ts +2 -0
- package/dist/esm5/src/api/authentication/sign_up.d.ts +1 -0
- package/dist/esm5/src/api/authentication/token.d.ts +13 -2
- package/dist/esm5/src/api/errors.d.ts +1 -0
- package/dist/esm5/src/api/index.d.ts +3 -1
- package/dist/esm5/src/core/auth/auth_impl.d.ts +4 -0
- package/dist/esm5/src/core/errors.d.ts +2 -1
- package/dist/esm5/src/core/index.d.ts +9 -0
- package/dist/esm5/src/core/strategies/email.d.ts +5 -1
- package/dist/esm5/src/core/strategies/email_and_password.d.ts +5 -1
- package/dist/esm5/src/core/user/account_info.d.ts +3 -0
- package/dist/esm5/src/model/auth.d.ts +1 -0
- package/dist/index.webworker.esm5.js +91 -14
- package/dist/index.webworker.esm5.js.map +1 -1
- package/dist/node/index.js +3 -2
- package/dist/node/index.js.map +1 -1
- package/dist/node/internal.js +3 -2
- package/dist/node/internal.js.map +1 -1
- package/dist/node/src/api/account_management/email_and_password.d.ts +2 -0
- package/dist/node/src/api/authentication/sign_up.d.ts +1 -0
- package/dist/node/src/api/authentication/token.d.ts +13 -2
- package/dist/node/src/api/errors.d.ts +1 -0
- package/dist/node/src/api/index.d.ts +3 -1
- package/dist/node/src/core/auth/auth_impl.d.ts +4 -0
- package/dist/node/src/core/errors.d.ts +2 -1
- package/dist/node/src/core/index.d.ts +9 -0
- package/dist/node/src/core/strategies/email.d.ts +5 -1
- package/dist/node/src/core/strategies/email_and_password.d.ts +5 -1
- package/dist/node/src/core/user/account_info.d.ts +3 -0
- package/dist/node/src/model/auth.d.ts +1 -0
- package/dist/node/{totp-24a79064.js → totp-b6ed1d9d.js} +94 -36
- package/dist/node/totp-b6ed1d9d.js.map +1 -0
- package/dist/node-esm/index.js +2 -2
- package/dist/node-esm/internal.js +3 -3
- package/dist/node-esm/src/api/account_management/email_and_password.d.ts +2 -0
- package/dist/node-esm/src/api/authentication/sign_up.d.ts +1 -0
- package/dist/node-esm/src/api/authentication/token.d.ts +13 -2
- package/dist/node-esm/src/api/errors.d.ts +1 -0
- package/dist/node-esm/src/api/index.d.ts +3 -1
- package/dist/node-esm/src/core/auth/auth_impl.d.ts +4 -0
- package/dist/node-esm/src/core/errors.d.ts +2 -1
- package/dist/node-esm/src/core/index.d.ts +9 -0
- package/dist/node-esm/src/core/strategies/email.d.ts +5 -1
- package/dist/node-esm/src/core/strategies/email_and_password.d.ts +5 -1
- package/dist/node-esm/src/core/user/account_info.d.ts +3 -0
- package/dist/node-esm/src/model/auth.d.ts +1 -0
- package/dist/node-esm/{totp-a0f18007.js → totp-aa0a9277.js} +70 -14
- package/dist/node-esm/totp-aa0a9277.js.map +1 -0
- package/dist/rn/{index-3d9ec48b.js → index-943ed676.js} +92 -14
- package/dist/rn/index-943ed676.js.map +1 -0
- package/dist/rn/index.js +2 -1
- package/dist/rn/index.js.map +1 -1
- package/dist/rn/internal.js +2 -1
- package/dist/rn/internal.js.map +1 -1
- package/dist/rn/src/api/account_management/email_and_password.d.ts +2 -0
- package/dist/rn/src/api/authentication/sign_up.d.ts +1 -0
- package/dist/rn/src/api/authentication/token.d.ts +13 -2
- package/dist/rn/src/api/errors.d.ts +1 -0
- package/dist/rn/src/api/index.d.ts +3 -1
- package/dist/rn/src/core/auth/auth_impl.d.ts +4 -0
- package/dist/rn/src/core/errors.d.ts +2 -1
- package/dist/rn/src/core/index.d.ts +9 -0
- package/dist/rn/src/core/strategies/email.d.ts +5 -1
- package/dist/rn/src/core/strategies/email_and_password.d.ts +5 -1
- package/dist/rn/src/core/user/account_info.d.ts +3 -0
- package/dist/rn/src/model/auth.d.ts +1 -0
- package/dist/src/api/account_management/email_and_password.d.ts +2 -0
- package/dist/src/api/authentication/sign_up.d.ts +1 -0
- package/dist/src/api/authentication/token.d.ts +13 -2
- package/dist/src/api/errors.d.ts +1 -0
- package/dist/src/api/index.d.ts +3 -1
- package/dist/src/core/auth/auth_impl.d.ts +4 -0
- package/dist/src/core/errors.d.ts +2 -1
- package/dist/src/core/index.d.ts +9 -0
- package/dist/src/core/strategies/email.d.ts +5 -1
- package/dist/src/core/strategies/email_and_password.d.ts +5 -1
- package/dist/src/core/user/account_info.d.ts +3 -0
- package/dist/src/model/auth.d.ts +1 -0
- package/package.json +7 -7
- package/dist/browser-cjs/index-770706ba.js.map +0 -1
- package/dist/cordova/popup_redirect-a9365a6c.js.map +0 -1
- package/dist/esm2017/index-94e5f531.js.map +0 -1
- package/dist/esm5/index-7b6c682b.js.map +0 -1
- package/dist/node/totp-24a79064.js.map +0 -1
- package/dist/node-esm/totp-a0f18007.js.map +0 -1
- package/dist/rn/index-3d9ec48b.js.map +0 -1
|
@@ -17,6 +17,7 @@
|
|
|
17
17
|
import { ActionCodeOperation, Auth } from '../../model/public_types';
|
|
18
18
|
import { IdTokenResponse } from '../../model/id_token';
|
|
19
19
|
import { MfaEnrollment } from './mfa';
|
|
20
|
+
import { SignUpRequest, SignUpResponse } from '../authentication/sign_up';
|
|
20
21
|
export interface ResetPasswordRequest {
|
|
21
22
|
oobCode: string;
|
|
22
23
|
newPassword?: string;
|
|
@@ -38,6 +39,7 @@ export interface UpdateEmailPasswordRequest {
|
|
|
38
39
|
export interface UpdateEmailPasswordResponse extends IdTokenResponse {
|
|
39
40
|
}
|
|
40
41
|
export declare function updateEmailPassword(auth: Auth, request: UpdateEmailPasswordRequest): Promise<UpdateEmailPasswordResponse>;
|
|
42
|
+
export declare function linkEmailPassword(auth: Auth, request: SignUpRequest): Promise<SignUpResponse>;
|
|
41
43
|
export interface ApplyActionCodeRequest {
|
|
42
44
|
oobCode: string;
|
|
43
45
|
tenantId?: string;
|
|
@@ -18,6 +18,7 @@ import { RecaptchaClientType, RecaptchaVersion } from '../index';
|
|
|
18
18
|
import { IdTokenResponse } from '../../model/id_token';
|
|
19
19
|
import { Auth } from '../../model/public_types';
|
|
20
20
|
export interface SignUpRequest {
|
|
21
|
+
idToken?: string;
|
|
21
22
|
returnSecureToken?: boolean;
|
|
22
23
|
email?: string;
|
|
23
24
|
password?: string;
|
|
@@ -15,12 +15,23 @@
|
|
|
15
15
|
* limitations under the License.
|
|
16
16
|
*/
|
|
17
17
|
import { Auth } from '../../model/public_types';
|
|
18
|
-
export declare const enum
|
|
19
|
-
|
|
18
|
+
export declare const enum TokenType {
|
|
19
|
+
REFRESH_TOKEN = "REFRESH_TOKEN",
|
|
20
|
+
ACCESS_TOKEN = "ACCESS_TOKEN"
|
|
20
21
|
}
|
|
21
22
|
export interface RequestStsTokenResponse {
|
|
22
23
|
accessToken: string;
|
|
23
24
|
expiresIn: string;
|
|
24
25
|
refreshToken: string;
|
|
25
26
|
}
|
|
27
|
+
export interface RevokeTokenRequest {
|
|
28
|
+
providerId: string;
|
|
29
|
+
tokenType: TokenType;
|
|
30
|
+
token: string;
|
|
31
|
+
idToken: string;
|
|
32
|
+
tenantId?: string;
|
|
33
|
+
}
|
|
34
|
+
export interface RevokeTokenResponse {
|
|
35
|
+
}
|
|
26
36
|
export declare function requestStsToken(auth: Auth, refreshToken: string): Promise<RequestStsTokenResponse>;
|
|
37
|
+
export declare function revokeToken(auth: Auth, request: RevokeTokenRequest): Promise<RevokeTokenResponse>;
|
|
@@ -42,6 +42,7 @@ export declare const enum ServerError {
|
|
|
42
42
|
INVALID_ID_TOKEN = "INVALID_ID_TOKEN",
|
|
43
43
|
INVALID_IDP_RESPONSE = "INVALID_IDP_RESPONSE",
|
|
44
44
|
INVALID_IDENTIFIER = "INVALID_IDENTIFIER",
|
|
45
|
+
INVALID_LOGIN_CREDENTIALS = "INVALID_LOGIN_CREDENTIALS",
|
|
45
46
|
INVALID_MESSAGE_PAYLOAD = "INVALID_MESSAGE_PAYLOAD",
|
|
46
47
|
INVALID_MFA_PENDING_CREDENTIAL = "INVALID_MFA_PENDING_CREDENTIAL",
|
|
47
48
|
INVALID_OAUTH_CLIENT_ID = "INVALID_OAUTH_CLIENT_ID",
|
|
@@ -54,7 +54,9 @@ export declare const enum Endpoint {
|
|
|
54
54
|
WITHDRAW_MFA = "/v2/accounts/mfaEnrollment:withdraw",
|
|
55
55
|
GET_PROJECT_CONFIG = "/v1/projects",
|
|
56
56
|
GET_RECAPTCHA_CONFIG = "/v2/recaptchaConfig",
|
|
57
|
-
GET_PASSWORD_POLICY = "/v2/passwordPolicy"
|
|
57
|
+
GET_PASSWORD_POLICY = "/v2/passwordPolicy",
|
|
58
|
+
TOKEN = "/v1/token",
|
|
59
|
+
REVOKE_TOKEN = "/v2/accounts:revokeToken"
|
|
58
60
|
}
|
|
59
61
|
export declare const enum RecaptchaClientType {
|
|
60
62
|
WEB = "CLIENT_TYPE_WEB",
|
|
@@ -87,6 +87,10 @@ export declare class AuthImpl implements AuthInternal, _FirebaseService {
|
|
|
87
87
|
beforeAuthStateChanged(callback: (user: User | null) => void | Promise<void>, onAbort?: () => void): Unsubscribe;
|
|
88
88
|
onIdTokenChanged(nextOrObserver: NextOrObserver<User>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe;
|
|
89
89
|
authStateReady(): Promise<void>;
|
|
90
|
+
/**
|
|
91
|
+
* Revokes the given access token. Currently only supports Apple OAuth access tokens.
|
|
92
|
+
*/
|
|
93
|
+
revokeAccessToken(token: string): Promise<void>;
|
|
90
94
|
toJSON(): object;
|
|
91
95
|
_setRedirectUser(user: UserInternal | null, popupRedirectResolver?: PopupRedirectResolver): Promise<void>;
|
|
92
96
|
private getOrInitRedirectPersistenceManager;
|
|
@@ -57,7 +57,7 @@ export declare const enum AuthErrorCode {
|
|
|
57
57
|
INVALID_DYNAMIC_LINK_DOMAIN = "invalid-dynamic-link-domain",
|
|
58
58
|
INVALID_EMAIL = "invalid-email",
|
|
59
59
|
INVALID_EMULATOR_SCHEME = "invalid-emulator-scheme",
|
|
60
|
-
|
|
60
|
+
INVALID_CREDENTIAL = "invalid-credential",
|
|
61
61
|
INVALID_MESSAGE_PAYLOAD = "invalid-message-payload",
|
|
62
62
|
INVALID_MFA_SESSION = "invalid-multi-factor-session",
|
|
63
63
|
INVALID_OAUTH_CLIENT_ID = "invalid-oauth-client-id",
|
|
@@ -250,6 +250,7 @@ export declare const AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY: {
|
|
|
250
250
|
readonly INVALID_EMAIL: "auth/invalid-email";
|
|
251
251
|
readonly INVALID_EMULATOR_SCHEME: "auth/invalid-emulator-scheme";
|
|
252
252
|
readonly INVALID_IDP_RESPONSE: "auth/invalid-credential";
|
|
253
|
+
readonly INVALID_LOGIN_CREDENTIALS: "auth/invalid-credential";
|
|
253
254
|
readonly INVALID_MESSAGE_PAYLOAD: "auth/invalid-message-payload";
|
|
254
255
|
readonly INVALID_MFA_SESSION: "auth/invalid-multi-factor-session";
|
|
255
256
|
readonly INVALID_OAUTH_CLIENT_ID: "auth/invalid-oauth-client-id";
|
|
@@ -171,6 +171,15 @@ export declare function updateCurrentUser(auth: Auth, user: User | null): Promis
|
|
|
171
171
|
* @public
|
|
172
172
|
*/
|
|
173
173
|
export declare function signOut(auth: Auth): Promise<void>;
|
|
174
|
+
/**
|
|
175
|
+
* Revokes the given access token. Currently only supports Apple OAuth access tokens.
|
|
176
|
+
*
|
|
177
|
+
* @param auth - The {@link Auth} instance.
|
|
178
|
+
* @param token - The Apple OAuth access token.
|
|
179
|
+
*
|
|
180
|
+
* @public
|
|
181
|
+
*/
|
|
182
|
+
export declare function revokeAccessToken(auth: Auth, token: string): Promise<void>;
|
|
174
183
|
export { initializeAuth } from './auth/initialize';
|
|
175
184
|
export { connectAuthEmulator } from './auth/emulator';
|
|
176
185
|
export { AuthCredential } from './credentials';
|
|
@@ -16,7 +16,9 @@
|
|
|
16
16
|
*/
|
|
17
17
|
import { ActionCodeSettings, Auth, User } from '../../model/public_types';
|
|
18
18
|
/**
|
|
19
|
-
* Gets the list of possible sign in methods for the given email address.
|
|
19
|
+
* Gets the list of possible sign in methods for the given email address. This method returns an
|
|
20
|
+
* empty list when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled, irrespective of the number of
|
|
21
|
+
* authentication methods available for the given email.
|
|
20
22
|
*
|
|
21
23
|
* @remarks
|
|
22
24
|
* This is useful to differentiate methods of sign-in for the same provider, eg.
|
|
@@ -27,6 +29,8 @@ import { ActionCodeSettings, Auth, User } from '../../model/public_types';
|
|
|
27
29
|
* @param auth - The {@link Auth} instance.
|
|
28
30
|
* @param email - The user's email address.
|
|
29
31
|
*
|
|
32
|
+
* Deprecated. Migrating off of this method is recommended as a security best-practice.
|
|
33
|
+
* Learn more in the Identity Platform documentation for [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection).
|
|
30
34
|
* @public
|
|
31
35
|
*/
|
|
32
36
|
export declare function fetchSignInMethodsForEmail(auth: Auth, email: string): Promise<string[]>;
|
|
@@ -16,7 +16,9 @@
|
|
|
16
16
|
*/
|
|
17
17
|
import { ActionCodeInfo, ActionCodeSettings, Auth, UserCredential } from '../../model/public_types';
|
|
18
18
|
/**
|
|
19
|
-
* Sends a password reset email to the given email address.
|
|
19
|
+
* Sends a password reset email to the given email address. This method does not throw an error when
|
|
20
|
+
* there's no user account with the given email address and
|
|
21
|
+
* [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
|
|
20
22
|
*
|
|
21
23
|
* @remarks
|
|
22
24
|
* To complete the password reset, call {@link confirmPasswordReset} with the code supplied in
|
|
@@ -112,6 +114,8 @@ export declare function createUserWithEmailAndPassword(auth: Auth, email: string
|
|
|
112
114
|
*
|
|
113
115
|
* @remarks
|
|
114
116
|
* Fails with an error if the email address and password do not match.
|
|
117
|
+
* When [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled,
|
|
118
|
+
* this method fails with "auth/invalid-credential" in case of an invalid email/password.
|
|
115
119
|
*
|
|
116
120
|
* Note: The user's password is NOT the password used to access the user's email account. The
|
|
117
121
|
* email address serves as a unique identifier for the user, and the password is used to access
|
|
@@ -41,6 +41,9 @@ export declare function updateProfile(user: User, { displayName, photoURL: photo
|
|
|
41
41
|
* @param user - The user.
|
|
42
42
|
* @param newEmail - The new email address.
|
|
43
43
|
*
|
|
44
|
+
* Throws "auth/operation-not-allowed" error when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
|
|
45
|
+
* Deprecated - Use {@link verifyBeforeUpdateEmail} instead.
|
|
46
|
+
*
|
|
44
47
|
* @public
|
|
45
48
|
*/
|
|
46
49
|
export declare function updateEmail(user: User, newEmail: string): Promise<void>;
|
|
@@ -4,29 +4,9 @@ var tslib = require('tslib');
|
|
|
4
4
|
var util = require('@firebase/util');
|
|
5
5
|
var app = require('@firebase/app');
|
|
6
6
|
var component = require('@firebase/component');
|
|
7
|
-
var
|
|
7
|
+
var undici = require('undici');
|
|
8
8
|
var logger = require('@firebase/logger');
|
|
9
9
|
|
|
10
|
-
function _interopNamespace(e) {
|
|
11
|
-
if (e && e.__esModule) return e;
|
|
12
|
-
var n = Object.create(null);
|
|
13
|
-
if (e) {
|
|
14
|
-
Object.keys(e).forEach(function (k) {
|
|
15
|
-
if (k !== 'default') {
|
|
16
|
-
var d = Object.getOwnPropertyDescriptor(e, k);
|
|
17
|
-
Object.defineProperty(n, k, d.get ? d : {
|
|
18
|
-
enumerable: true,
|
|
19
|
-
get: function () { return e[k]; }
|
|
20
|
-
});
|
|
21
|
-
}
|
|
22
|
-
});
|
|
23
|
-
}
|
|
24
|
-
n["default"] = e;
|
|
25
|
-
return Object.freeze(n);
|
|
26
|
-
}
|
|
27
|
-
|
|
28
|
-
var fetchImpl__namespace = /*#__PURE__*/_interopNamespace(fetchImpl);
|
|
29
|
-
|
|
30
10
|
/**
|
|
31
11
|
* @license
|
|
32
12
|
* Copyright 2021 Google LLC
|
|
@@ -198,7 +178,7 @@ function _debugErrorMap() {
|
|
|
198
178
|
_a["invalid-emulator-scheme" /* AuthErrorCode.INVALID_EMULATOR_SCHEME */] = 'Emulator URL must start with a valid scheme (http:// or https://).',
|
|
199
179
|
_a["invalid-api-key" /* AuthErrorCode.INVALID_API_KEY */] = 'Your API key is invalid, please check you have copied it correctly.',
|
|
200
180
|
_a["invalid-cert-hash" /* AuthErrorCode.INVALID_CERT_HASH */] = 'The SHA-1 certificate hash provided is invalid.',
|
|
201
|
-
_a["invalid-credential" /* AuthErrorCode.
|
|
181
|
+
_a["invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */] = 'The supplied auth credential is incorrect, malformed or has expired.',
|
|
202
182
|
_a["invalid-message-payload" /* AuthErrorCode.INVALID_MESSAGE_PAYLOAD */] = 'The email template corresponding to this action contains invalid characters in its message. ' +
|
|
203
183
|
'Please fix by going to the Auth email templates section in the Firebase Console.',
|
|
204
184
|
_a["invalid-multi-factor-session" /* AuthErrorCode.INVALID_MFA_SESSION */] = 'The request does not contain a valid proof of first factor successful sign-in.',
|
|
@@ -375,6 +355,7 @@ var AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = {
|
|
|
375
355
|
INVALID_EMAIL: 'auth/invalid-email',
|
|
376
356
|
INVALID_EMULATOR_SCHEME: 'auth/invalid-emulator-scheme',
|
|
377
357
|
INVALID_IDP_RESPONSE: 'auth/invalid-credential',
|
|
358
|
+
INVALID_LOGIN_CREDENTIALS: 'auth/invalid-credential',
|
|
378
359
|
INVALID_MESSAGE_PAYLOAD: 'auth/invalid-message-payload',
|
|
379
360
|
INVALID_MFA_SESSION: 'auth/invalid-multi-factor-session',
|
|
380
361
|
INVALID_OAUTH_CLIENT_ID: 'auth/invalid-oauth-client-id',
|
|
@@ -830,12 +811,15 @@ var SERVER_ERROR_MAP = (_a$1 = {},
|
|
|
830
811
|
_a$1["INVALID_PASSWORD" /* ServerError.INVALID_PASSWORD */] = "wrong-password" /* AuthErrorCode.INVALID_PASSWORD */,
|
|
831
812
|
// This can only happen if the SDK sends a bad request.
|
|
832
813
|
_a$1["MISSING_PASSWORD" /* ServerError.MISSING_PASSWORD */] = "missing-password" /* AuthErrorCode.MISSING_PASSWORD */,
|
|
814
|
+
// Thrown if Email Enumeration Protection is enabled in the project and the email or password is
|
|
815
|
+
// invalid.
|
|
816
|
+
_a$1["INVALID_LOGIN_CREDENTIALS" /* ServerError.INVALID_LOGIN_CREDENTIALS */] = "invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */,
|
|
833
817
|
// Sign up with email and password errors.
|
|
834
818
|
_a$1["EMAIL_EXISTS" /* ServerError.EMAIL_EXISTS */] = "email-already-in-use" /* AuthErrorCode.EMAIL_EXISTS */,
|
|
835
819
|
_a$1["PASSWORD_LOGIN_DISABLED" /* ServerError.PASSWORD_LOGIN_DISABLED */] = "operation-not-allowed" /* AuthErrorCode.OPERATION_NOT_ALLOWED */,
|
|
836
820
|
// Verify assertion for sign in with credential errors:
|
|
837
|
-
_a$1["INVALID_IDP_RESPONSE" /* ServerError.INVALID_IDP_RESPONSE */] = "invalid-credential" /* AuthErrorCode.
|
|
838
|
-
_a$1["INVALID_PENDING_TOKEN" /* ServerError.INVALID_PENDING_TOKEN */] = "invalid-credential" /* AuthErrorCode.
|
|
821
|
+
_a$1["INVALID_IDP_RESPONSE" /* ServerError.INVALID_IDP_RESPONSE */] = "invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */,
|
|
822
|
+
_a$1["INVALID_PENDING_TOKEN" /* ServerError.INVALID_PENDING_TOKEN */] = "invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */,
|
|
839
823
|
_a$1["FEDERATED_USER_ID_ALREADY_LINKED" /* ServerError.FEDERATED_USER_ID_ALREADY_LINKED */] = "credential-already-in-use" /* AuthErrorCode.CREDENTIAL_ALREADY_IN_USE */,
|
|
840
824
|
// This can only happen if the SDK sends a bad request.
|
|
841
825
|
_a$1["MISSING_REQ_TYPE" /* ServerError.MISSING_REQ_TYPE */] = "internal-error" /* AuthErrorCode.INTERNAL_ERROR */,
|
|
@@ -857,7 +841,7 @@ var SERVER_ERROR_MAP = (_a$1 = {},
|
|
|
857
841
|
// Phone Auth related errors.
|
|
858
842
|
_a$1["INVALID_CODE" /* ServerError.INVALID_CODE */] = "invalid-verification-code" /* AuthErrorCode.INVALID_CODE */,
|
|
859
843
|
_a$1["INVALID_SESSION_INFO" /* ServerError.INVALID_SESSION_INFO */] = "invalid-verification-id" /* AuthErrorCode.INVALID_SESSION_INFO */,
|
|
860
|
-
_a$1["INVALID_TEMPORARY_PROOF" /* ServerError.INVALID_TEMPORARY_PROOF */] = "invalid-credential" /* AuthErrorCode.
|
|
844
|
+
_a$1["INVALID_TEMPORARY_PROOF" /* ServerError.INVALID_TEMPORARY_PROOF */] = "invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */,
|
|
861
845
|
_a$1["MISSING_SESSION_INFO" /* ServerError.MISSING_SESSION_INFO */] = "missing-verification-id" /* AuthErrorCode.MISSING_SESSION_INFO */,
|
|
862
846
|
_a$1["SESSION_EXPIRED" /* ServerError.SESSION_EXPIRED */] = "code-expired" /* AuthErrorCode.CODE_EXPIRED */,
|
|
863
847
|
// Other action code errors when additional settings passed.
|
|
@@ -1727,6 +1711,13 @@ function requestStsToken(auth, refreshToken) {
|
|
|
1727
1711
|
}
|
|
1728
1712
|
});
|
|
1729
1713
|
});
|
|
1714
|
+
}
|
|
1715
|
+
function revokeToken(auth, request) {
|
|
1716
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
1717
|
+
return tslib.__generator(this, function (_a) {
|
|
1718
|
+
return [2 /*return*/, _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v2/accounts:revokeToken" /* Endpoint.REVOKE_TOKEN */, _addTidIfNecessary(auth, request))];
|
|
1719
|
+
});
|
|
1720
|
+
});
|
|
1730
1721
|
}
|
|
1731
1722
|
|
|
1732
1723
|
/**
|
|
@@ -3324,6 +3315,37 @@ var AuthImpl = /** @class */ (function () {
|
|
|
3324
3315
|
}
|
|
3325
3316
|
});
|
|
3326
3317
|
};
|
|
3318
|
+
/**
|
|
3319
|
+
* Revokes the given access token. Currently only supports Apple OAuth access tokens.
|
|
3320
|
+
*/
|
|
3321
|
+
AuthImpl.prototype.revokeAccessToken = function (token) {
|
|
3322
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
3323
|
+
var idToken, request;
|
|
3324
|
+
return tslib.__generator(this, function (_a) {
|
|
3325
|
+
switch (_a.label) {
|
|
3326
|
+
case 0:
|
|
3327
|
+
if (!this.currentUser) return [3 /*break*/, 3];
|
|
3328
|
+
return [4 /*yield*/, this.currentUser.getIdToken()];
|
|
3329
|
+
case 1:
|
|
3330
|
+
idToken = _a.sent();
|
|
3331
|
+
request = {
|
|
3332
|
+
providerId: 'apple.com',
|
|
3333
|
+
tokenType: "ACCESS_TOKEN" /* TokenType.ACCESS_TOKEN */,
|
|
3334
|
+
token: token,
|
|
3335
|
+
idToken: idToken
|
|
3336
|
+
};
|
|
3337
|
+
if (this.tenantId != null) {
|
|
3338
|
+
request.tenantId = this.tenantId;
|
|
3339
|
+
}
|
|
3340
|
+
return [4 /*yield*/, revokeToken(this, request)];
|
|
3341
|
+
case 2:
|
|
3342
|
+
_a.sent();
|
|
3343
|
+
_a.label = 3;
|
|
3344
|
+
case 3: return [2 /*return*/];
|
|
3345
|
+
}
|
|
3346
|
+
});
|
|
3347
|
+
});
|
|
3348
|
+
};
|
|
3327
3349
|
AuthImpl.prototype.toJSON = function () {
|
|
3328
3350
|
var _a;
|
|
3329
3351
|
return {
|
|
@@ -4164,6 +4186,15 @@ function updateEmailPassword(auth, request) {
|
|
|
4164
4186
|
});
|
|
4165
4187
|
});
|
|
4166
4188
|
}
|
|
4189
|
+
// Used for linking an email/password account to an existing idToken. Uses the same request/response
|
|
4190
|
+
// format as updateEmailPassword.
|
|
4191
|
+
function linkEmailPassword(auth, request) {
|
|
4192
|
+
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
4193
|
+
return tslib.__generator(this, function (_a) {
|
|
4194
|
+
return [2 /*return*/, _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:signUp" /* Endpoint.SIGN_UP */, request)];
|
|
4195
|
+
});
|
|
4196
|
+
});
|
|
4197
|
+
}
|
|
4167
4198
|
function applyActionCode$1(auth, request) {
|
|
4168
4199
|
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
4169
4200
|
return tslib.__generator(this, function (_a) {
|
|
@@ -4372,15 +4403,18 @@ var EmailAuthCredential = /** @class */ (function (_super) {
|
|
|
4372
4403
|
/** @internal */
|
|
4373
4404
|
EmailAuthCredential.prototype._linkToIdToken = function (auth, idToken) {
|
|
4374
4405
|
return tslib.__awaiter(this, void 0, void 0, function () {
|
|
4406
|
+
var request;
|
|
4375
4407
|
return tslib.__generator(this, function (_a) {
|
|
4376
4408
|
switch (this.signInMethod) {
|
|
4377
4409
|
case "password" /* SignInMethod.EMAIL_PASSWORD */:
|
|
4378
|
-
|
|
4379
|
-
|
|
4380
|
-
|
|
4381
|
-
|
|
4382
|
-
|
|
4383
|
-
|
|
4410
|
+
request = {
|
|
4411
|
+
idToken: idToken,
|
|
4412
|
+
returnSecureToken: true,
|
|
4413
|
+
email: this._email,
|
|
4414
|
+
password: this._password,
|
|
4415
|
+
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
|
|
4416
|
+
};
|
|
4417
|
+
return [2 /*return*/, handleRecaptchaFlow(auth, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */, linkEmailPassword)];
|
|
4384
4418
|
case "emailLink" /* SignInMethod.EMAIL_LINK */:
|
|
4385
4419
|
return [2 /*return*/, signInWithEmailLinkForLinking(auth, {
|
|
4386
4420
|
idToken: idToken,
|
|
@@ -6543,7 +6577,9 @@ function recachePasswordPolicy(auth) {
|
|
|
6543
6577
|
});
|
|
6544
6578
|
}
|
|
6545
6579
|
/**
|
|
6546
|
-
* Sends a password reset email to the given email address.
|
|
6580
|
+
* Sends a password reset email to the given email address. This method does not throw an error when
|
|
6581
|
+
* there's no user account with the given email address and
|
|
6582
|
+
* [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
|
|
6547
6583
|
*
|
|
6548
6584
|
* @remarks
|
|
6549
6585
|
* To complete the password reset, call {@link confirmPasswordReset} with the code supplied in
|
|
@@ -6784,6 +6820,8 @@ function createUserWithEmailAndPassword(auth, email, password) {
|
|
|
6784
6820
|
*
|
|
6785
6821
|
* @remarks
|
|
6786
6822
|
* Fails with an error if the email address and password do not match.
|
|
6823
|
+
* When [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled,
|
|
6824
|
+
* this method fails with "auth/invalid-credential" in case of an invalid email/password.
|
|
6787
6825
|
*
|
|
6788
6826
|
* Note: The user's password is NOT the password used to access the user's email account. The
|
|
6789
6827
|
* email address serves as a unique identifier for the user, and the password is used to access
|
|
@@ -6992,7 +7030,9 @@ function createAuthUri(auth, request) {
|
|
|
6992
7030
|
* limitations under the License.
|
|
6993
7031
|
*/
|
|
6994
7032
|
/**
|
|
6995
|
-
* Gets the list of possible sign in methods for the given email address.
|
|
7033
|
+
* Gets the list of possible sign in methods for the given email address. This method returns an
|
|
7034
|
+
* empty list when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled, irrespective of the number of
|
|
7035
|
+
* authentication methods available for the given email.
|
|
6996
7036
|
*
|
|
6997
7037
|
* @remarks
|
|
6998
7038
|
* This is useful to differentiate methods of sign-in for the same provider, eg.
|
|
@@ -7003,6 +7043,8 @@ function createAuthUri(auth, request) {
|
|
|
7003
7043
|
* @param auth - The {@link Auth} instance.
|
|
7004
7044
|
* @param email - The user's email address.
|
|
7005
7045
|
*
|
|
7046
|
+
* Deprecated. Migrating off of this method is recommended as a security best-practice.
|
|
7047
|
+
* Learn more in the Identity Platform documentation for [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection).
|
|
7006
7048
|
* @public
|
|
7007
7049
|
*/
|
|
7008
7050
|
function fetchSignInMethodsForEmail(auth, email) {
|
|
@@ -7257,6 +7299,9 @@ function updateProfile(user, _a) {
|
|
|
7257
7299
|
* @param user - The user.
|
|
7258
7300
|
* @param newEmail - The new email address.
|
|
7259
7301
|
*
|
|
7302
|
+
* Throws "auth/operation-not-allowed" error when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
|
|
7303
|
+
* Deprecated - Use {@link verifyBeforeUpdateEmail} instead.
|
|
7304
|
+
*
|
|
7260
7305
|
* @public
|
|
7261
7306
|
*/
|
|
7262
7307
|
function updateEmail(user, newEmail) {
|
|
@@ -7634,6 +7679,18 @@ function updateCurrentUser(auth, user) {
|
|
|
7634
7679
|
function signOut(auth) {
|
|
7635
7680
|
return util.getModularInstance(auth).signOut();
|
|
7636
7681
|
}
|
|
7682
|
+
/**
|
|
7683
|
+
* Revokes the given access token. Currently only supports Apple OAuth access tokens.
|
|
7684
|
+
*
|
|
7685
|
+
* @param auth - The {@link Auth} instance.
|
|
7686
|
+
* @param token - The Apple OAuth access token.
|
|
7687
|
+
*
|
|
7688
|
+
* @public
|
|
7689
|
+
*/
|
|
7690
|
+
function revokeAccessToken(auth, token) {
|
|
7691
|
+
var authInternal = _castAuth(auth);
|
|
7692
|
+
return authInternal.revokeAccessToken(token);
|
|
7693
|
+
}
|
|
7637
7694
|
/**
|
|
7638
7695
|
* Deletes and signs out the user.
|
|
7639
7696
|
*
|
|
@@ -7957,7 +8014,7 @@ function multiFactor(user) {
|
|
|
7957
8014
|
}
|
|
7958
8015
|
|
|
7959
8016
|
var name = "@firebase/auth";
|
|
7960
|
-
var version = "1.
|
|
8017
|
+
var version = "1.4.0-canary.00235ba68";
|
|
7961
8018
|
|
|
7962
8019
|
/**
|
|
7963
8020
|
* @license
|
|
@@ -8132,7 +8189,7 @@ function registerAuth(clientPlatform) {
|
|
|
8132
8189
|
* limitations under the License.
|
|
8133
8190
|
*/
|
|
8134
8191
|
// Initialize the fetch polyfill, the types are slightly off so just cast and hope for the best
|
|
8135
|
-
FetchProvider.initialize(
|
|
8192
|
+
FetchProvider.initialize(undici.fetch, undici.Headers, undici.Response);
|
|
8136
8193
|
// First, we set up the various platform-specific features for Node (register
|
|
8137
8194
|
// the version and declare the Node getAuth function)
|
|
8138
8195
|
function getAuth(app$1) {
|
|
@@ -8504,6 +8561,7 @@ exports.reauthenticateWithPhoneNumber = reauthenticateWithPhoneNumber;
|
|
|
8504
8561
|
exports.reauthenticateWithPopup = reauthenticateWithPopup;
|
|
8505
8562
|
exports.reauthenticateWithRedirect = reauthenticateWithRedirect;
|
|
8506
8563
|
exports.reload = reload;
|
|
8564
|
+
exports.revokeAccessToken = revokeAccessToken;
|
|
8507
8565
|
exports.sendEmailVerification = sendEmailVerification;
|
|
8508
8566
|
exports.sendPasswordResetEmail = sendPasswordResetEmail;
|
|
8509
8567
|
exports.sendSignInLinkToEmail = sendSignInLinkToEmail;
|
|
@@ -8528,4 +8586,4 @@ exports.useDeviceLanguage = useDeviceLanguage;
|
|
|
8528
8586
|
exports.validatePassword = validatePassword;
|
|
8529
8587
|
exports.verifyBeforeUpdateEmail = verifyBeforeUpdateEmail;
|
|
8530
8588
|
exports.verifyPasswordResetCode = verifyPasswordResetCode;
|
|
8531
|
-
//# sourceMappingURL=totp-
|
|
8589
|
+
//# sourceMappingURL=totp-b6ed1d9d.js.map
|