@firebase/auth 1.3.2 → 1.4.0-canary.00235ba68
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth-public.d.ts +24 -2
- package/dist/auth.d.ts +26 -3
- package/dist/browser-cjs/{index-770706ba.js → index-d50ad728.js} +68 -11
- package/dist/browser-cjs/index-d50ad728.js.map +1 -0
- package/dist/browser-cjs/index.js +2 -1
- package/dist/browser-cjs/index.js.map +1 -1
- package/dist/browser-cjs/internal.js +2 -1
- package/dist/browser-cjs/internal.js.map +1 -1
- package/dist/browser-cjs/src/api/account_management/email_and_password.d.ts +2 -0
- package/dist/browser-cjs/src/api/authentication/sign_up.d.ts +1 -0
- package/dist/browser-cjs/src/api/authentication/token.d.ts +13 -2
- package/dist/browser-cjs/src/api/errors.d.ts +1 -0
- package/dist/browser-cjs/src/api/index.d.ts +3 -1
- package/dist/browser-cjs/src/core/auth/auth_impl.d.ts +4 -0
- package/dist/browser-cjs/src/core/errors.d.ts +2 -1
- package/dist/browser-cjs/src/core/index.d.ts +9 -0
- package/dist/browser-cjs/src/core/strategies/email.d.ts +5 -1
- package/dist/browser-cjs/src/core/strategies/email_and_password.d.ts +5 -1
- package/dist/browser-cjs/src/core/user/account_info.d.ts +3 -0
- package/dist/browser-cjs/src/model/auth.d.ts +1 -0
- package/dist/cordova/index.js +2 -2
- package/dist/cordova/internal.js +2 -2
- package/dist/cordova/{popup_redirect-a9365a6c.js → popup_redirect-599b3914.js} +92 -15
- package/dist/cordova/popup_redirect-599b3914.js.map +1 -0
- package/dist/cordova/src/api/account_management/email_and_password.d.ts +2 -0
- package/dist/cordova/src/api/authentication/sign_up.d.ts +1 -0
- package/dist/cordova/src/api/authentication/token.d.ts +13 -2
- package/dist/cordova/src/api/errors.d.ts +1 -0
- package/dist/cordova/src/api/index.d.ts +3 -1
- package/dist/cordova/src/core/auth/auth_impl.d.ts +4 -0
- package/dist/cordova/src/core/errors.d.ts +2 -1
- package/dist/cordova/src/core/index.d.ts +9 -0
- package/dist/cordova/src/core/strategies/email.d.ts +5 -1
- package/dist/cordova/src/core/strategies/email_and_password.d.ts +5 -1
- package/dist/cordova/src/core/user/account_info.d.ts +3 -0
- package/dist/cordova/src/model/auth.d.ts +1 -0
- package/dist/esm2017/{index-94e5f531.js → index-2b54b271.js} +68 -12
- package/dist/esm2017/index-2b54b271.js.map +1 -0
- package/dist/esm2017/index.js +1 -1
- package/dist/esm2017/internal.js +2 -2
- package/dist/esm2017/src/api/account_management/email_and_password.d.ts +2 -0
- package/dist/esm2017/src/api/authentication/sign_up.d.ts +1 -0
- package/dist/esm2017/src/api/authentication/token.d.ts +13 -2
- package/dist/esm2017/src/api/errors.d.ts +1 -0
- package/dist/esm2017/src/api/index.d.ts +3 -1
- package/dist/esm2017/src/core/auth/auth_impl.d.ts +4 -0
- package/dist/esm2017/src/core/errors.d.ts +2 -1
- package/dist/esm2017/src/core/index.d.ts +9 -0
- package/dist/esm2017/src/core/strategies/email.d.ts +5 -1
- package/dist/esm2017/src/core/strategies/email_and_password.d.ts +5 -1
- package/dist/esm2017/src/core/user/account_info.d.ts +3 -0
- package/dist/esm2017/src/model/auth.d.ts +1 -0
- package/dist/esm5/{index-7b6c682b.js → index-ab0a3e4e.js} +92 -15
- package/dist/esm5/index-ab0a3e4e.js.map +1 -0
- package/dist/esm5/index.js +1 -1
- package/dist/esm5/internal.js +2 -2
- package/dist/esm5/src/api/account_management/email_and_password.d.ts +2 -0
- package/dist/esm5/src/api/authentication/sign_up.d.ts +1 -0
- package/dist/esm5/src/api/authentication/token.d.ts +13 -2
- package/dist/esm5/src/api/errors.d.ts +1 -0
- package/dist/esm5/src/api/index.d.ts +3 -1
- package/dist/esm5/src/core/auth/auth_impl.d.ts +4 -0
- package/dist/esm5/src/core/errors.d.ts +2 -1
- package/dist/esm5/src/core/index.d.ts +9 -0
- package/dist/esm5/src/core/strategies/email.d.ts +5 -1
- package/dist/esm5/src/core/strategies/email_and_password.d.ts +5 -1
- package/dist/esm5/src/core/user/account_info.d.ts +3 -0
- package/dist/esm5/src/model/auth.d.ts +1 -0
- package/dist/index.webworker.esm5.js +91 -14
- package/dist/index.webworker.esm5.js.map +1 -1
- package/dist/node/index.js +3 -2
- package/dist/node/index.js.map +1 -1
- package/dist/node/internal.js +3 -2
- package/dist/node/internal.js.map +1 -1
- package/dist/node/src/api/account_management/email_and_password.d.ts +2 -0
- package/dist/node/src/api/authentication/sign_up.d.ts +1 -0
- package/dist/node/src/api/authentication/token.d.ts +13 -2
- package/dist/node/src/api/errors.d.ts +1 -0
- package/dist/node/src/api/index.d.ts +3 -1
- package/dist/node/src/core/auth/auth_impl.d.ts +4 -0
- package/dist/node/src/core/errors.d.ts +2 -1
- package/dist/node/src/core/index.d.ts +9 -0
- package/dist/node/src/core/strategies/email.d.ts +5 -1
- package/dist/node/src/core/strategies/email_and_password.d.ts +5 -1
- package/dist/node/src/core/user/account_info.d.ts +3 -0
- package/dist/node/src/model/auth.d.ts +1 -0
- package/dist/node/{totp-24a79064.js → totp-b6ed1d9d.js} +94 -36
- package/dist/node/totp-b6ed1d9d.js.map +1 -0
- package/dist/node-esm/index.js +2 -2
- package/dist/node-esm/internal.js +3 -3
- package/dist/node-esm/src/api/account_management/email_and_password.d.ts +2 -0
- package/dist/node-esm/src/api/authentication/sign_up.d.ts +1 -0
- package/dist/node-esm/src/api/authentication/token.d.ts +13 -2
- package/dist/node-esm/src/api/errors.d.ts +1 -0
- package/dist/node-esm/src/api/index.d.ts +3 -1
- package/dist/node-esm/src/core/auth/auth_impl.d.ts +4 -0
- package/dist/node-esm/src/core/errors.d.ts +2 -1
- package/dist/node-esm/src/core/index.d.ts +9 -0
- package/dist/node-esm/src/core/strategies/email.d.ts +5 -1
- package/dist/node-esm/src/core/strategies/email_and_password.d.ts +5 -1
- package/dist/node-esm/src/core/user/account_info.d.ts +3 -0
- package/dist/node-esm/src/model/auth.d.ts +1 -0
- package/dist/node-esm/{totp-a0f18007.js → totp-aa0a9277.js} +70 -14
- package/dist/node-esm/totp-aa0a9277.js.map +1 -0
- package/dist/rn/{index-3d9ec48b.js → index-943ed676.js} +92 -14
- package/dist/rn/index-943ed676.js.map +1 -0
- package/dist/rn/index.js +2 -1
- package/dist/rn/index.js.map +1 -1
- package/dist/rn/internal.js +2 -1
- package/dist/rn/internal.js.map +1 -1
- package/dist/rn/src/api/account_management/email_and_password.d.ts +2 -0
- package/dist/rn/src/api/authentication/sign_up.d.ts +1 -0
- package/dist/rn/src/api/authentication/token.d.ts +13 -2
- package/dist/rn/src/api/errors.d.ts +1 -0
- package/dist/rn/src/api/index.d.ts +3 -1
- package/dist/rn/src/core/auth/auth_impl.d.ts +4 -0
- package/dist/rn/src/core/errors.d.ts +2 -1
- package/dist/rn/src/core/index.d.ts +9 -0
- package/dist/rn/src/core/strategies/email.d.ts +5 -1
- package/dist/rn/src/core/strategies/email_and_password.d.ts +5 -1
- package/dist/rn/src/core/user/account_info.d.ts +3 -0
- package/dist/rn/src/model/auth.d.ts +1 -0
- package/dist/src/api/account_management/email_and_password.d.ts +2 -0
- package/dist/src/api/authentication/sign_up.d.ts +1 -0
- package/dist/src/api/authentication/token.d.ts +13 -2
- package/dist/src/api/errors.d.ts +1 -0
- package/dist/src/api/index.d.ts +3 -1
- package/dist/src/core/auth/auth_impl.d.ts +4 -0
- package/dist/src/core/errors.d.ts +2 -1
- package/dist/src/core/index.d.ts +9 -0
- package/dist/src/core/strategies/email.d.ts +5 -1
- package/dist/src/core/strategies/email_and_password.d.ts +5 -1
- package/dist/src/core/user/account_info.d.ts +3 -0
- package/dist/src/model/auth.d.ts +1 -0
- package/package.json +7 -7
- package/dist/browser-cjs/index-770706ba.js.map +0 -1
- package/dist/cordova/popup_redirect-a9365a6c.js.map +0 -1
- package/dist/esm2017/index-94e5f531.js.map +0 -1
- package/dist/esm5/index-7b6c682b.js.map +0 -1
- package/dist/node/totp-24a79064.js.map +0 -1
- package/dist/node-esm/totp-a0f18007.js.map +0 -1
- package/dist/rn/index-3d9ec48b.js.map +0 -1
|
@@ -17,6 +17,7 @@
|
|
|
17
17
|
import { ActionCodeOperation, Auth } from '../../model/public_types';
|
|
18
18
|
import { IdTokenResponse } from '../../model/id_token';
|
|
19
19
|
import { MfaEnrollment } from './mfa';
|
|
20
|
+
import { SignUpRequest, SignUpResponse } from '../authentication/sign_up';
|
|
20
21
|
export interface ResetPasswordRequest {
|
|
21
22
|
oobCode: string;
|
|
22
23
|
newPassword?: string;
|
|
@@ -38,6 +39,7 @@ export interface UpdateEmailPasswordRequest {
|
|
|
38
39
|
export interface UpdateEmailPasswordResponse extends IdTokenResponse {
|
|
39
40
|
}
|
|
40
41
|
export declare function updateEmailPassword(auth: Auth, request: UpdateEmailPasswordRequest): Promise<UpdateEmailPasswordResponse>;
|
|
42
|
+
export declare function linkEmailPassword(auth: Auth, request: SignUpRequest): Promise<SignUpResponse>;
|
|
41
43
|
export interface ApplyActionCodeRequest {
|
|
42
44
|
oobCode: string;
|
|
43
45
|
tenantId?: string;
|
|
@@ -18,6 +18,7 @@ import { RecaptchaClientType, RecaptchaVersion } from '../index';
|
|
|
18
18
|
import { IdTokenResponse } from '../../model/id_token';
|
|
19
19
|
import { Auth } from '../../model/public_types';
|
|
20
20
|
export interface SignUpRequest {
|
|
21
|
+
idToken?: string;
|
|
21
22
|
returnSecureToken?: boolean;
|
|
22
23
|
email?: string;
|
|
23
24
|
password?: string;
|
|
@@ -15,12 +15,23 @@
|
|
|
15
15
|
* limitations under the License.
|
|
16
16
|
*/
|
|
17
17
|
import { Auth } from '../../model/public_types';
|
|
18
|
-
export declare const enum
|
|
19
|
-
|
|
18
|
+
export declare const enum TokenType {
|
|
19
|
+
REFRESH_TOKEN = "REFRESH_TOKEN",
|
|
20
|
+
ACCESS_TOKEN = "ACCESS_TOKEN"
|
|
20
21
|
}
|
|
21
22
|
export interface RequestStsTokenResponse {
|
|
22
23
|
accessToken: string;
|
|
23
24
|
expiresIn: string;
|
|
24
25
|
refreshToken: string;
|
|
25
26
|
}
|
|
27
|
+
export interface RevokeTokenRequest {
|
|
28
|
+
providerId: string;
|
|
29
|
+
tokenType: TokenType;
|
|
30
|
+
token: string;
|
|
31
|
+
idToken: string;
|
|
32
|
+
tenantId?: string;
|
|
33
|
+
}
|
|
34
|
+
export interface RevokeTokenResponse {
|
|
35
|
+
}
|
|
26
36
|
export declare function requestStsToken(auth: Auth, refreshToken: string): Promise<RequestStsTokenResponse>;
|
|
37
|
+
export declare function revokeToken(auth: Auth, request: RevokeTokenRequest): Promise<RevokeTokenResponse>;
|
|
@@ -42,6 +42,7 @@ export declare const enum ServerError {
|
|
|
42
42
|
INVALID_ID_TOKEN = "INVALID_ID_TOKEN",
|
|
43
43
|
INVALID_IDP_RESPONSE = "INVALID_IDP_RESPONSE",
|
|
44
44
|
INVALID_IDENTIFIER = "INVALID_IDENTIFIER",
|
|
45
|
+
INVALID_LOGIN_CREDENTIALS = "INVALID_LOGIN_CREDENTIALS",
|
|
45
46
|
INVALID_MESSAGE_PAYLOAD = "INVALID_MESSAGE_PAYLOAD",
|
|
46
47
|
INVALID_MFA_PENDING_CREDENTIAL = "INVALID_MFA_PENDING_CREDENTIAL",
|
|
47
48
|
INVALID_OAUTH_CLIENT_ID = "INVALID_OAUTH_CLIENT_ID",
|
|
@@ -54,7 +54,9 @@ export declare const enum Endpoint {
|
|
|
54
54
|
WITHDRAW_MFA = "/v2/accounts/mfaEnrollment:withdraw",
|
|
55
55
|
GET_PROJECT_CONFIG = "/v1/projects",
|
|
56
56
|
GET_RECAPTCHA_CONFIG = "/v2/recaptchaConfig",
|
|
57
|
-
GET_PASSWORD_POLICY = "/v2/passwordPolicy"
|
|
57
|
+
GET_PASSWORD_POLICY = "/v2/passwordPolicy",
|
|
58
|
+
TOKEN = "/v1/token",
|
|
59
|
+
REVOKE_TOKEN = "/v2/accounts:revokeToken"
|
|
58
60
|
}
|
|
59
61
|
export declare const enum RecaptchaClientType {
|
|
60
62
|
WEB = "CLIENT_TYPE_WEB",
|
|
@@ -87,6 +87,10 @@ export declare class AuthImpl implements AuthInternal, _FirebaseService {
|
|
|
87
87
|
beforeAuthStateChanged(callback: (user: User | null) => void | Promise<void>, onAbort?: () => void): Unsubscribe;
|
|
88
88
|
onIdTokenChanged(nextOrObserver: NextOrObserver<User>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe;
|
|
89
89
|
authStateReady(): Promise<void>;
|
|
90
|
+
/**
|
|
91
|
+
* Revokes the given access token. Currently only supports Apple OAuth access tokens.
|
|
92
|
+
*/
|
|
93
|
+
revokeAccessToken(token: string): Promise<void>;
|
|
90
94
|
toJSON(): object;
|
|
91
95
|
_setRedirectUser(user: UserInternal | null, popupRedirectResolver?: PopupRedirectResolver): Promise<void>;
|
|
92
96
|
private getOrInitRedirectPersistenceManager;
|
|
@@ -57,7 +57,7 @@ export declare const enum AuthErrorCode {
|
|
|
57
57
|
INVALID_DYNAMIC_LINK_DOMAIN = "invalid-dynamic-link-domain",
|
|
58
58
|
INVALID_EMAIL = "invalid-email",
|
|
59
59
|
INVALID_EMULATOR_SCHEME = "invalid-emulator-scheme",
|
|
60
|
-
|
|
60
|
+
INVALID_CREDENTIAL = "invalid-credential",
|
|
61
61
|
INVALID_MESSAGE_PAYLOAD = "invalid-message-payload",
|
|
62
62
|
INVALID_MFA_SESSION = "invalid-multi-factor-session",
|
|
63
63
|
INVALID_OAUTH_CLIENT_ID = "invalid-oauth-client-id",
|
|
@@ -250,6 +250,7 @@ export declare const AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY: {
|
|
|
250
250
|
readonly INVALID_EMAIL: "auth/invalid-email";
|
|
251
251
|
readonly INVALID_EMULATOR_SCHEME: "auth/invalid-emulator-scheme";
|
|
252
252
|
readonly INVALID_IDP_RESPONSE: "auth/invalid-credential";
|
|
253
|
+
readonly INVALID_LOGIN_CREDENTIALS: "auth/invalid-credential";
|
|
253
254
|
readonly INVALID_MESSAGE_PAYLOAD: "auth/invalid-message-payload";
|
|
254
255
|
readonly INVALID_MFA_SESSION: "auth/invalid-multi-factor-session";
|
|
255
256
|
readonly INVALID_OAUTH_CLIENT_ID: "auth/invalid-oauth-client-id";
|
|
@@ -171,6 +171,15 @@ export declare function updateCurrentUser(auth: Auth, user: User | null): Promis
|
|
|
171
171
|
* @public
|
|
172
172
|
*/
|
|
173
173
|
export declare function signOut(auth: Auth): Promise<void>;
|
|
174
|
+
/**
|
|
175
|
+
* Revokes the given access token. Currently only supports Apple OAuth access tokens.
|
|
176
|
+
*
|
|
177
|
+
* @param auth - The {@link Auth} instance.
|
|
178
|
+
* @param token - The Apple OAuth access token.
|
|
179
|
+
*
|
|
180
|
+
* @public
|
|
181
|
+
*/
|
|
182
|
+
export declare function revokeAccessToken(auth: Auth, token: string): Promise<void>;
|
|
174
183
|
export { initializeAuth } from './auth/initialize';
|
|
175
184
|
export { connectAuthEmulator } from './auth/emulator';
|
|
176
185
|
export { AuthCredential } from './credentials';
|
|
@@ -16,7 +16,9 @@
|
|
|
16
16
|
*/
|
|
17
17
|
import { ActionCodeSettings, Auth, User } from '../../model/public_types';
|
|
18
18
|
/**
|
|
19
|
-
* Gets the list of possible sign in methods for the given email address.
|
|
19
|
+
* Gets the list of possible sign in methods for the given email address. This method returns an
|
|
20
|
+
* empty list when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled, irrespective of the number of
|
|
21
|
+
* authentication methods available for the given email.
|
|
20
22
|
*
|
|
21
23
|
* @remarks
|
|
22
24
|
* This is useful to differentiate methods of sign-in for the same provider, eg.
|
|
@@ -27,6 +29,8 @@ import { ActionCodeSettings, Auth, User } from '../../model/public_types';
|
|
|
27
29
|
* @param auth - The {@link Auth} instance.
|
|
28
30
|
* @param email - The user's email address.
|
|
29
31
|
*
|
|
32
|
+
* Deprecated. Migrating off of this method is recommended as a security best-practice.
|
|
33
|
+
* Learn more in the Identity Platform documentation for [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection).
|
|
30
34
|
* @public
|
|
31
35
|
*/
|
|
32
36
|
export declare function fetchSignInMethodsForEmail(auth: Auth, email: string): Promise<string[]>;
|
|
@@ -16,7 +16,9 @@
|
|
|
16
16
|
*/
|
|
17
17
|
import { ActionCodeInfo, ActionCodeSettings, Auth, UserCredential } from '../../model/public_types';
|
|
18
18
|
/**
|
|
19
|
-
* Sends a password reset email to the given email address.
|
|
19
|
+
* Sends a password reset email to the given email address. This method does not throw an error when
|
|
20
|
+
* there's no user account with the given email address and
|
|
21
|
+
* [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
|
|
20
22
|
*
|
|
21
23
|
* @remarks
|
|
22
24
|
* To complete the password reset, call {@link confirmPasswordReset} with the code supplied in
|
|
@@ -112,6 +114,8 @@ export declare function createUserWithEmailAndPassword(auth: Auth, email: string
|
|
|
112
114
|
*
|
|
113
115
|
* @remarks
|
|
114
116
|
* Fails with an error if the email address and password do not match.
|
|
117
|
+
* When [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled,
|
|
118
|
+
* this method fails with "auth/invalid-credential" in case of an invalid email/password.
|
|
115
119
|
*
|
|
116
120
|
* Note: The user's password is NOT the password used to access the user's email account. The
|
|
117
121
|
* email address serves as a unique identifier for the user, and the password is used to access
|
|
@@ -41,6 +41,9 @@ export declare function updateProfile(user: User, { displayName, photoURL: photo
|
|
|
41
41
|
* @param user - The user.
|
|
42
42
|
* @param newEmail - The new email address.
|
|
43
43
|
*
|
|
44
|
+
* Throws "auth/operation-not-allowed" error when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
|
|
45
|
+
* Deprecated - Use {@link verifyBeforeUpdateEmail} instead.
|
|
46
|
+
*
|
|
44
47
|
* @public
|
|
45
48
|
*/
|
|
46
49
|
export declare function updateEmail(user: User, newEmail: string): Promise<void>;
|
|
@@ -174,7 +174,7 @@ function _debugErrorMap() {
|
|
|
174
174
|
["invalid-emulator-scheme" /* AuthErrorCode.INVALID_EMULATOR_SCHEME */]: 'Emulator URL must start with a valid scheme (http:// or https://).',
|
|
175
175
|
["invalid-api-key" /* AuthErrorCode.INVALID_API_KEY */]: 'Your API key is invalid, please check you have copied it correctly.',
|
|
176
176
|
["invalid-cert-hash" /* AuthErrorCode.INVALID_CERT_HASH */]: 'The SHA-1 certificate hash provided is invalid.',
|
|
177
|
-
["invalid-credential" /* AuthErrorCode.
|
|
177
|
+
["invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */]: 'The supplied auth credential is incorrect, malformed or has expired.',
|
|
178
178
|
["invalid-message-payload" /* AuthErrorCode.INVALID_MESSAGE_PAYLOAD */]: 'The email template corresponding to this action contains invalid characters in its message. ' +
|
|
179
179
|
'Please fix by going to the Auth email templates section in the Firebase Console.',
|
|
180
180
|
["invalid-multi-factor-session" /* AuthErrorCode.INVALID_MFA_SESSION */]: 'The request does not contain a valid proof of first factor successful sign-in.',
|
|
@@ -350,6 +350,7 @@ const AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = {
|
|
|
350
350
|
INVALID_EMAIL: 'auth/invalid-email',
|
|
351
351
|
INVALID_EMULATOR_SCHEME: 'auth/invalid-emulator-scheme',
|
|
352
352
|
INVALID_IDP_RESPONSE: 'auth/invalid-credential',
|
|
353
|
+
INVALID_LOGIN_CREDENTIALS: 'auth/invalid-credential',
|
|
353
354
|
INVALID_MESSAGE_PAYLOAD: 'auth/invalid-message-payload',
|
|
354
355
|
INVALID_MFA_SESSION: 'auth/invalid-multi-factor-session',
|
|
355
356
|
INVALID_OAUTH_CLIENT_ID: 'auth/invalid-oauth-client-id',
|
|
@@ -784,12 +785,15 @@ const SERVER_ERROR_MAP = {
|
|
|
784
785
|
["INVALID_PASSWORD" /* ServerError.INVALID_PASSWORD */]: "wrong-password" /* AuthErrorCode.INVALID_PASSWORD */,
|
|
785
786
|
// This can only happen if the SDK sends a bad request.
|
|
786
787
|
["MISSING_PASSWORD" /* ServerError.MISSING_PASSWORD */]: "missing-password" /* AuthErrorCode.MISSING_PASSWORD */,
|
|
788
|
+
// Thrown if Email Enumeration Protection is enabled in the project and the email or password is
|
|
789
|
+
// invalid.
|
|
790
|
+
["INVALID_LOGIN_CREDENTIALS" /* ServerError.INVALID_LOGIN_CREDENTIALS */]: "invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */,
|
|
787
791
|
// Sign up with email and password errors.
|
|
788
792
|
["EMAIL_EXISTS" /* ServerError.EMAIL_EXISTS */]: "email-already-in-use" /* AuthErrorCode.EMAIL_EXISTS */,
|
|
789
793
|
["PASSWORD_LOGIN_DISABLED" /* ServerError.PASSWORD_LOGIN_DISABLED */]: "operation-not-allowed" /* AuthErrorCode.OPERATION_NOT_ALLOWED */,
|
|
790
794
|
// Verify assertion for sign in with credential errors:
|
|
791
|
-
["INVALID_IDP_RESPONSE" /* ServerError.INVALID_IDP_RESPONSE */]: "invalid-credential" /* AuthErrorCode.
|
|
792
|
-
["INVALID_PENDING_TOKEN" /* ServerError.INVALID_PENDING_TOKEN */]: "invalid-credential" /* AuthErrorCode.
|
|
795
|
+
["INVALID_IDP_RESPONSE" /* ServerError.INVALID_IDP_RESPONSE */]: "invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */,
|
|
796
|
+
["INVALID_PENDING_TOKEN" /* ServerError.INVALID_PENDING_TOKEN */]: "invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */,
|
|
793
797
|
["FEDERATED_USER_ID_ALREADY_LINKED" /* ServerError.FEDERATED_USER_ID_ALREADY_LINKED */]: "credential-already-in-use" /* AuthErrorCode.CREDENTIAL_ALREADY_IN_USE */,
|
|
794
798
|
// This can only happen if the SDK sends a bad request.
|
|
795
799
|
["MISSING_REQ_TYPE" /* ServerError.MISSING_REQ_TYPE */]: "internal-error" /* AuthErrorCode.INTERNAL_ERROR */,
|
|
@@ -811,7 +815,7 @@ const SERVER_ERROR_MAP = {
|
|
|
811
815
|
// Phone Auth related errors.
|
|
812
816
|
["INVALID_CODE" /* ServerError.INVALID_CODE */]: "invalid-verification-code" /* AuthErrorCode.INVALID_CODE */,
|
|
813
817
|
["INVALID_SESSION_INFO" /* ServerError.INVALID_SESSION_INFO */]: "invalid-verification-id" /* AuthErrorCode.INVALID_SESSION_INFO */,
|
|
814
|
-
["INVALID_TEMPORARY_PROOF" /* ServerError.INVALID_TEMPORARY_PROOF */]: "invalid-credential" /* AuthErrorCode.
|
|
818
|
+
["INVALID_TEMPORARY_PROOF" /* ServerError.INVALID_TEMPORARY_PROOF */]: "invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */,
|
|
815
819
|
["MISSING_SESSION_INFO" /* ServerError.MISSING_SESSION_INFO */]: "missing-verification-id" /* AuthErrorCode.MISSING_SESSION_INFO */,
|
|
816
820
|
["SESSION_EXPIRED" /* ServerError.SESSION_EXPIRED */]: "code-expired" /* AuthErrorCode.CODE_EXPIRED */,
|
|
817
821
|
// Other action code errors when additional settings passed.
|
|
@@ -1538,6 +1542,9 @@ async function requestStsToken(auth, refreshToken) {
|
|
|
1538
1542
|
expiresIn: response.expires_in,
|
|
1539
1543
|
refreshToken: response.refresh_token
|
|
1540
1544
|
};
|
|
1545
|
+
}
|
|
1546
|
+
async function revokeToken(auth, request) {
|
|
1547
|
+
return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v2/accounts:revokeToken" /* Endpoint.REVOKE_TOKEN */, _addTidIfNecessary(auth, request));
|
|
1541
1548
|
}
|
|
1542
1549
|
|
|
1543
1550
|
/**
|
|
@@ -2807,6 +2814,25 @@ class AuthImpl {
|
|
|
2807
2814
|
}
|
|
2808
2815
|
});
|
|
2809
2816
|
}
|
|
2817
|
+
/**
|
|
2818
|
+
* Revokes the given access token. Currently only supports Apple OAuth access tokens.
|
|
2819
|
+
*/
|
|
2820
|
+
async revokeAccessToken(token) {
|
|
2821
|
+
if (this.currentUser) {
|
|
2822
|
+
const idToken = await this.currentUser.getIdToken();
|
|
2823
|
+
// Generalize this to accept other providers once supported.
|
|
2824
|
+
const request = {
|
|
2825
|
+
providerId: 'apple.com',
|
|
2826
|
+
tokenType: "ACCESS_TOKEN" /* TokenType.ACCESS_TOKEN */,
|
|
2827
|
+
token,
|
|
2828
|
+
idToken
|
|
2829
|
+
};
|
|
2830
|
+
if (this.tenantId != null) {
|
|
2831
|
+
request.tenantId = this.tenantId;
|
|
2832
|
+
}
|
|
2833
|
+
await revokeToken(this, request);
|
|
2834
|
+
}
|
|
2835
|
+
}
|
|
2810
2836
|
toJSON() {
|
|
2811
2837
|
var _a;
|
|
2812
2838
|
return {
|
|
@@ -3497,6 +3523,11 @@ async function resetPassword(auth, request) {
|
|
|
3497
3523
|
async function updateEmailPassword(auth, request) {
|
|
3498
3524
|
return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:update" /* Endpoint.SET_ACCOUNT_INFO */, request);
|
|
3499
3525
|
}
|
|
3526
|
+
// Used for linking an email/password account to an existing idToken. Uses the same request/response
|
|
3527
|
+
// format as updateEmailPassword.
|
|
3528
|
+
async function linkEmailPassword(auth, request) {
|
|
3529
|
+
return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:signUp" /* Endpoint.SIGN_UP */, request);
|
|
3530
|
+
}
|
|
3500
3531
|
async function applyActionCode$1(auth, request) {
|
|
3501
3532
|
return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:update" /* Endpoint.SET_ACCOUNT_INFO */, _addTidIfNecessary(auth, request));
|
|
3502
3533
|
}
|
|
@@ -3660,12 +3691,14 @@ class EmailAuthCredential extends AuthCredential {
|
|
|
3660
3691
|
async _linkToIdToken(auth, idToken) {
|
|
3661
3692
|
switch (this.signInMethod) {
|
|
3662
3693
|
case "password" /* SignInMethod.EMAIL_PASSWORD */:
|
|
3663
|
-
|
|
3694
|
+
const request = {
|
|
3664
3695
|
idToken,
|
|
3665
3696
|
returnSecureToken: true,
|
|
3666
3697
|
email: this._email,
|
|
3667
|
-
password: this._password
|
|
3668
|
-
|
|
3698
|
+
password: this._password,
|
|
3699
|
+
clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
|
|
3700
|
+
};
|
|
3701
|
+
return handleRecaptchaFlow(auth, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */, linkEmailPassword);
|
|
3669
3702
|
case "emailLink" /* SignInMethod.EMAIL_LINK */:
|
|
3670
3703
|
return signInWithEmailLinkForLinking(auth, {
|
|
3671
3704
|
idToken,
|
|
@@ -5592,7 +5625,9 @@ async function recachePasswordPolicy(auth) {
|
|
|
5592
5625
|
}
|
|
5593
5626
|
}
|
|
5594
5627
|
/**
|
|
5595
|
-
* Sends a password reset email to the given email address.
|
|
5628
|
+
* Sends a password reset email to the given email address. This method does not throw an error when
|
|
5629
|
+
* there's no user account with the given email address and
|
|
5630
|
+
* [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
|
|
5596
5631
|
*
|
|
5597
5632
|
* @remarks
|
|
5598
5633
|
* To complete the password reset, call {@link confirmPasswordReset} with the code supplied in
|
|
@@ -5776,6 +5811,8 @@ async function createUserWithEmailAndPassword(auth, email, password) {
|
|
|
5776
5811
|
*
|
|
5777
5812
|
* @remarks
|
|
5778
5813
|
* Fails with an error if the email address and password do not match.
|
|
5814
|
+
* When [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled,
|
|
5815
|
+
* this method fails with "auth/invalid-credential" in case of an invalid email/password.
|
|
5779
5816
|
*
|
|
5780
5817
|
* Note: The user's password is NOT the password used to access the user's email account. The
|
|
5781
5818
|
* email address serves as a unique identifier for the user, and the password is used to access
|
|
@@ -5961,7 +5998,9 @@ async function createAuthUri(auth, request) {
|
|
|
5961
5998
|
* limitations under the License.
|
|
5962
5999
|
*/
|
|
5963
6000
|
/**
|
|
5964
|
-
* Gets the list of possible sign in methods for the given email address.
|
|
6001
|
+
* Gets the list of possible sign in methods for the given email address. This method returns an
|
|
6002
|
+
* empty list when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled, irrespective of the number of
|
|
6003
|
+
* authentication methods available for the given email.
|
|
5965
6004
|
*
|
|
5966
6005
|
* @remarks
|
|
5967
6006
|
* This is useful to differentiate methods of sign-in for the same provider, eg.
|
|
@@ -5972,6 +6011,8 @@ async function createAuthUri(auth, request) {
|
|
|
5972
6011
|
* @param auth - The {@link Auth} instance.
|
|
5973
6012
|
* @param email - The user's email address.
|
|
5974
6013
|
*
|
|
6014
|
+
* Deprecated. Migrating off of this method is recommended as a security best-practice.
|
|
6015
|
+
* Learn more in the Identity Platform documentation for [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection).
|
|
5975
6016
|
* @public
|
|
5976
6017
|
*/
|
|
5977
6018
|
async function fetchSignInMethodsForEmail(auth, email) {
|
|
@@ -6165,6 +6206,9 @@ async function updateProfile(user, { displayName, photoURL: photoUrl }) {
|
|
|
6165
6206
|
* @param user - The user.
|
|
6166
6207
|
* @param newEmail - The new email address.
|
|
6167
6208
|
*
|
|
6209
|
+
* Throws "auth/operation-not-allowed" error when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
|
|
6210
|
+
* Deprecated - Use {@link verifyBeforeUpdateEmail} instead.
|
|
6211
|
+
*
|
|
6168
6212
|
* @public
|
|
6169
6213
|
*/
|
|
6170
6214
|
function updateEmail(user, newEmail) {
|
|
@@ -6509,6 +6553,18 @@ function updateCurrentUser(auth, user) {
|
|
|
6509
6553
|
function signOut(auth) {
|
|
6510
6554
|
return getModularInstance(auth).signOut();
|
|
6511
6555
|
}
|
|
6556
|
+
/**
|
|
6557
|
+
* Revokes the given access token. Currently only supports Apple OAuth access tokens.
|
|
6558
|
+
*
|
|
6559
|
+
* @param auth - The {@link Auth} instance.
|
|
6560
|
+
* @param token - The Apple OAuth access token.
|
|
6561
|
+
*
|
|
6562
|
+
* @public
|
|
6563
|
+
*/
|
|
6564
|
+
function revokeAccessToken(auth, token) {
|
|
6565
|
+
const authInternal = _castAuth(auth);
|
|
6566
|
+
return authInternal.revokeAccessToken(token);
|
|
6567
|
+
}
|
|
6512
6568
|
/**
|
|
6513
6569
|
* Deletes and signs out the user.
|
|
6514
6570
|
*
|
|
@@ -10224,7 +10280,7 @@ function _isEmptyString(input) {
|
|
|
10224
10280
|
}
|
|
10225
10281
|
|
|
10226
10282
|
var name = "@firebase/auth";
|
|
10227
|
-
var version = "1.
|
|
10283
|
+
var version = "1.4.0-canary.00235ba68";
|
|
10228
10284
|
|
|
10229
10285
|
/**
|
|
10230
10286
|
* @license
|
|
@@ -10444,5 +10500,5 @@ function getAuth(app = getApp()) {
|
|
|
10444
10500
|
}
|
|
10445
10501
|
registerAuth("Browser" /* ClientPlatform.BROWSER */);
|
|
10446
10502
|
|
|
10447
|
-
export {
|
|
10448
|
-
//# sourceMappingURL=index-
|
|
10503
|
+
export { TwitterAuthProvider as $, ActionCodeOperation as A, updateCurrentUser as B, signOut as C, revokeAccessToken as D, deleteUser as E, FactorId as F, debugErrorMap as G, prodErrorMap as H, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as I, initializeAuth as J, connectAuthEmulator as K, AuthCredential as L, EmailAuthCredential as M, OAuthCredential as N, OperationType as O, PhoneAuthProvider as P, PhoneAuthCredential as Q, RecaptchaVerifier as R, SignInMethod as S, TotpMultiFactorGenerator as T, inMemoryPersistence as U, EmailAuthProvider as V, FacebookAuthProvider as W, GoogleAuthProvider as X, GithubAuthProvider as Y, OAuthProvider as Z, SAMLAuthProvider as _, browserSessionPersistence as a, signInAnonymously as a0, signInWithCredential as a1, linkWithCredential as a2, reauthenticateWithCredential as a3, signInWithCustomToken as a4, sendPasswordResetEmail as a5, confirmPasswordReset as a6, applyActionCode as a7, checkActionCode as a8, verifyPasswordResetCode as a9, _isIOS7Or8 as aA, _createError as aB, _assert as aC, AuthEventManager as aD, _getInstance as aE, _persistenceKeyName as aF, _getRedirectResult as aG, _overrideRedirectResult as aH, _clearRedirectOutcomes as aI, _castAuth as aJ, UserImpl as aK, AuthImpl as aL, _getClientVersion as aM, _generateEventId as aN, AuthPopup as aO, FetchProvider as aP, SAMLAuthCredential as aQ, createUserWithEmailAndPassword as aa, signInWithEmailAndPassword as ab, sendSignInLinkToEmail as ac, isSignInWithEmailLink as ad, signInWithEmailLink as ae, fetchSignInMethodsForEmail as af, sendEmailVerification as ag, verifyBeforeUpdateEmail as ah, ActionCodeURL as ai, parseActionCodeURL as aj, updateProfile as ak, updateEmail as al, updatePassword as am, getIdToken as an, getIdTokenResult as ao, unlink as ap, getAdditionalUserInfo as aq, reload as ar, getMultiFactorResolver as as, multiFactor as at, debugAssert as au, _isIOS as av, _isAndroid as aw, _fail as ax, _getRedirectUrl as ay, _getProjectConfig as az, browserLocalPersistence as b, signInWithPopup as c, linkWithPopup as d, reauthenticateWithPopup as e, signInWithRedirect as f, linkWithRedirect as g, reauthenticateWithRedirect as h, indexedDBLocalPersistence as i, getRedirectResult as j, browserPopupRedirectResolver as k, linkWithPhoneNumber as l, PhoneMultiFactorGenerator as m, TotpSecret as n, getAuth as o, ProviderId as p, setPersistence as q, reauthenticateWithPhoneNumber as r, signInWithPhoneNumber as s, initializeRecaptchaConfig as t, updatePhoneNumber as u, validatePassword as v, onIdTokenChanged as w, beforeAuthStateChanged as x, onAuthStateChanged as y, useDeviceLanguage as z };
|
|
10504
|
+
//# sourceMappingURL=index-2b54b271.js.map
|