@firebase/auth 1.4.0-canary.bebecdaad → 1.4.0-canary.e9ff107ee

package/dist/browser-cjs/index.js

@@ -2,7 +2,7 @@
 
 Object.defineProperty(exports, '__esModule', { value: true });
 
-var index = require('./index-278c561b.js');
+var index = require('./index-f3093184.js');
 require('@firebase/util');
 require('@firebase/app');
 require('@firebase/logger');

package/dist/browser-cjs/internal.js

@@ -2,7 +2,7 @@
 
 Object.defineProperty(exports, '__esModule', { value: true });
 
-var index = require('./index-278c561b.js');
+var index = require('./index-f3093184.js');
 var util = require('@firebase/util');
 require('@firebase/app');
 require('@firebase/logger');

package/dist/browser-cjs/src/api/errors.d.ts

@@ -42,6 +42,7 @@ export declare const enum ServerError {
     INVALID_ID_TOKEN = "INVALID_ID_TOKEN",
     INVALID_IDP_RESPONSE = "INVALID_IDP_RESPONSE",
     INVALID_IDENTIFIER = "INVALID_IDENTIFIER",
+    INVALID_LOGIN_CREDENTIALS = "INVALID_LOGIN_CREDENTIALS",
     INVALID_MESSAGE_PAYLOAD = "INVALID_MESSAGE_PAYLOAD",
     INVALID_MFA_PENDING_CREDENTIAL = "INVALID_MFA_PENDING_CREDENTIAL",
     INVALID_OAUTH_CLIENT_ID = "INVALID_OAUTH_CLIENT_ID",

package/dist/browser-cjs/src/core/errors.d.ts

@@ -57,7 +57,7 @@ export declare const enum AuthErrorCode {
     INVALID_DYNAMIC_LINK_DOMAIN = "invalid-dynamic-link-domain",
     INVALID_EMAIL = "invalid-email",
     INVALID_EMULATOR_SCHEME = "invalid-emulator-scheme",
-    INVALID_IDP_RESPONSE = "invalid-credential",
+    INVALID_CREDENTIAL = "invalid-credential",
     INVALID_MESSAGE_PAYLOAD = "invalid-message-payload",
     INVALID_MFA_SESSION = "invalid-multi-factor-session",
     INVALID_OAUTH_CLIENT_ID = "invalid-oauth-client-id",
@@ -250,6 +250,7 @@ export declare const AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY: {
     readonly INVALID_EMAIL: "auth/invalid-email";
     readonly INVALID_EMULATOR_SCHEME: "auth/invalid-emulator-scheme";
     readonly INVALID_IDP_RESPONSE: "auth/invalid-credential";
+    readonly INVALID_LOGIN_CREDENTIALS: "auth/invalid-credential";
     readonly INVALID_MESSAGE_PAYLOAD: "auth/invalid-message-payload";
     readonly INVALID_MFA_SESSION: "auth/invalid-multi-factor-session";
     readonly INVALID_OAUTH_CLIENT_ID: "auth/invalid-oauth-client-id";

package/dist/browser-cjs/src/core/strategies/email.d.ts

@@ -16,7 +16,9 @@
  */
 import { ActionCodeSettings, Auth, User } from '../../model/public_types';
 /**
- * Gets the list of possible sign in methods for the given email address.
+ * Gets the list of possible sign in methods for the given email address. This method returns an
+ * empty list when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled, irrespective of the number of
+ * authentication methods available for the given email.
  *
  * @remarks
  * This is useful to differentiate methods of sign-in for the same provider, eg.
@@ -27,6 +29,8 @@ import { ActionCodeSettings, Auth, User } from '../../model/public_types';
  * @param auth - The {@link Auth} instance.
  * @param email - The user's email address.
  *
+ * Deprecated. Migrating off of this method is recommended as a security best-practice.
+ * Learn more in the Identity Platform documentation for [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection).
  * @public
  */
 export declare function fetchSignInMethodsForEmail(auth: Auth, email: string): Promise<string[]>;

package/dist/browser-cjs/src/core/strategies/email_and_password.d.ts

@@ -16,7 +16,9 @@
  */
 import { ActionCodeInfo, ActionCodeSettings, Auth, UserCredential } from '../../model/public_types';
 /**
- * Sends a password reset email to the given email address.
+ * Sends a password reset email to the given email address. This method does not throw an error when
+ * there's no user account with the given email address and
+ * [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
  *
  * @remarks
  * To complete the password reset, call {@link confirmPasswordReset} with the code supplied in
@@ -112,6 +114,8 @@ export declare function createUserWithEmailAndPassword(auth: Auth, email: string
  *
  * @remarks
  * Fails with an error if the email address and password do not match.
+ * When [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled,
+ * this method fails with "auth/invalid-credential" in case of an invalid email/password.
  *
  * Note: The user's password is NOT the password used to access the user's email account. The
  * email address serves as a unique identifier for the user, and the password is used to access

package/dist/browser-cjs/src/core/user/account_info.d.ts

@@ -41,6 +41,9 @@ export declare function updateProfile(user: User, { displayName, photoURL: photo
  * @param user - The user.
  * @param newEmail - The new email address.
  *
+ * Throws "auth/operation-not-allowed" error when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
+ * Deprecated - Use {@link verifyBeforeUpdateEmail} instead.
+ *
  * @public
  */
 export declare function updateEmail(user: User, newEmail: string): Promise<void>;

package/dist/cordova/index.js

@@ -1,6 +1,6 @@
 import { getApp, _getProvider } from '@firebase/app';
-import { _ as _signInWithRedirect, a as _reauthenticateWithRedirect, b as _linkWithRedirect, r as registerAuth, i as initializeAuth, c as indexedDBLocalPersistence, d as cordovaPopupRedirectResolver } from './popup_redirect-d8c8d0e5.js';
-export { A as ActionCodeOperation, a6 as ActionCodeURL, y as AuthCredential, w as AuthErrorCodes, E as EmailAuthCredential, D as EmailAuthProvider, G as FacebookAuthProvider, F as FactorId, I as GithubAuthProvider, H as GoogleAuthProvider, z as OAuthCredential, J as OAuthProvider, O as OperationType, B as PhoneAuthCredential, P as ProviderId, K as SAMLAuthProvider, S as SignInMethod, T as TwitterAuthProvider, W as applyActionCode, j as beforeAuthStateChanged, e as browserLocalPersistence, f as browserSessionPersistence, X as checkActionCode, V as confirmPasswordReset, x as connectAuthEmulator, d as cordovaPopupRedirectResolver, Z as createUserWithEmailAndPassword, q as debugErrorMap, p as deleteUser, a3 as fetchSignInMethodsForEmail, ae as getAdditionalUserInfo, ab as getIdToken, ac as getIdTokenResult, ag as getMultiFactorResolver, g as getRedirectResult, C as inMemoryPersistence, c as indexedDBLocalPersistence, i as initializeAuth, h as initializeRecaptchaConfig, a1 as isSignInWithEmailLink, N as linkWithCredential, ah as multiFactor, k as onAuthStateChanged, o as onIdTokenChanged, a7 as parseActionCodeURL, t as prodErrorMap, Q as reauthenticateWithCredential, af as reload, n as revokeAccessToken, a4 as sendEmailVerification, U as sendPasswordResetEmail, a0 as sendSignInLinkToEmail, s as setPersistence, L as signInAnonymously, M as signInWithCredential, R as signInWithCustomToken, $ as signInWithEmailAndPassword, a2 as signInWithEmailLink, m as signOut, ad as unlink, l as updateCurrentUser, a9 as updateEmail, aa as updatePassword, a8 as updateProfile, u as useDeviceLanguage, v as validatePassword, a5 as verifyBeforeUpdateEmail, Y as verifyPasswordResetCode } from './popup_redirect-d8c8d0e5.js';
+import { _ as _signInWithRedirect, a as _reauthenticateWithRedirect, b as _linkWithRedirect, r as registerAuth, i as initializeAuth, c as indexedDBLocalPersistence, d as cordovaPopupRedirectResolver } from './popup_redirect-755b181a.js';
+export { A as ActionCodeOperation, a6 as ActionCodeURL, y as AuthCredential, w as AuthErrorCodes, E as EmailAuthCredential, D as EmailAuthProvider, G as FacebookAuthProvider, F as FactorId, I as GithubAuthProvider, H as GoogleAuthProvider, z as OAuthCredential, J as OAuthProvider, O as OperationType, B as PhoneAuthCredential, P as ProviderId, K as SAMLAuthProvider, S as SignInMethod, T as TwitterAuthProvider, W as applyActionCode, j as beforeAuthStateChanged, e as browserLocalPersistence, f as browserSessionPersistence, X as checkActionCode, V as confirmPasswordReset, x as connectAuthEmulator, d as cordovaPopupRedirectResolver, Z as createUserWithEmailAndPassword, q as debugErrorMap, p as deleteUser, a3 as fetchSignInMethodsForEmail, ae as getAdditionalUserInfo, ab as getIdToken, ac as getIdTokenResult, ag as getMultiFactorResolver, g as getRedirectResult, C as inMemoryPersistence, c as indexedDBLocalPersistence, i as initializeAuth, h as initializeRecaptchaConfig, a1 as isSignInWithEmailLink, N as linkWithCredential, ah as multiFactor, k as onAuthStateChanged, o as onIdTokenChanged, a7 as parseActionCodeURL, t as prodErrorMap, Q as reauthenticateWithCredential, af as reload, n as revokeAccessToken, a4 as sendEmailVerification, U as sendPasswordResetEmail, a0 as sendSignInLinkToEmail, s as setPersistence, L as signInAnonymously, M as signInWithCredential, R as signInWithCustomToken, $ as signInWithEmailAndPassword, a2 as signInWithEmailLink, m as signOut, ad as unlink, l as updateCurrentUser, a9 as updateEmail, aa as updatePassword, a8 as updateProfile, u as useDeviceLanguage, v as validatePassword, a5 as verifyBeforeUpdateEmail, Y as verifyPasswordResetCode } from './popup_redirect-755b181a.js';
 import 'tslib';
 import '@firebase/util';
 import '@firebase/component';

package/dist/cordova/internal.js

@@ -1,5 +1,5 @@
-import { ai as _performApiRequest, aj as _addTidIfNecessary, ak as _assert, al as Delay, am as _window, an as isV2, ao as _createError, ap as _loadJS, aq as _generateCallbackName, ar as getRecaptchaParams, as as _isHttpOrHttps, at as _isWorker, au as _castAuth, M as signInWithCredential, N as linkWithCredential, av as _assertLinkedStatus, Q as reauthenticateWithCredential, aw as sendPhoneVerificationCode, ax as startEnrollPhoneMfa, ay as _link, B as PhoneAuthCredential, az as debugAssert, aA as _generateEventId, aB as AbstractPopupRedirectOperation, aC as _assertInstanceOf, aD as _withDefaultResolver, aE as FederatedAuthProvider, aF as _fail, aG as _getProjectConfig, aH as _getCurrentUrl, aI as _emulatorUrl, aJ as _isChromeIOS, aK as _isFirefox, aL as _isIOSStandalone, aM as _getRedirectUrl, aN as _setWindowLocation, aO as _isMobileBrowser, aP as _isSafari, aQ as _isIOS, f as browserSessionPersistence, aR as _getRedirectResult, aS as _overrideRedirectResult, aT as AuthEventManager, aU as debugFail, aV as finalizeEnrollPhoneMfa, aW as finalizeEnrollTotpMfa, aX as startEnrollTotpMfa, r as registerAuth, i as initializeAuth, c as indexedDBLocalPersistence, e as browserLocalPersistence, j as beforeAuthStateChanged, o as onIdTokenChanged, x as connectAuthEmulator } from './popup_redirect-d8c8d0e5.js';
-export { A as ActionCodeOperation, a6 as ActionCodeURL, y as AuthCredential, w as AuthErrorCodes, a$ as AuthImpl, E as EmailAuthCredential, D as EmailAuthProvider, G as FacebookAuthProvider, F as FactorId, b1 as FetchProvider, I as GithubAuthProvider, H as GoogleAuthProvider, z as OAuthCredential, J as OAuthProvider, O as OperationType, B as PhoneAuthCredential, P as ProviderId, b2 as SAMLAuthCredential, K as SAMLAuthProvider, S as SignInMethod, T as TwitterAuthProvider, aZ as UserImpl, ak as _assert, au as _castAuth, aF as _fail, aA as _generateEventId, b0 as _getClientVersion, a_ as _getInstance, aR as _getRedirectResult, aS as _overrideRedirectResult, aY as _persistenceKeyName, W as applyActionCode, j as beforeAuthStateChanged, e as browserLocalPersistence, f as browserSessionPersistence, X as checkActionCode, V as confirmPasswordReset, x as connectAuthEmulator, d as cordovaPopupRedirectResolver, Z as createUserWithEmailAndPassword, q as debugErrorMap, p as deleteUser, a3 as fetchSignInMethodsForEmail, ae as getAdditionalUserInfo, ab as getIdToken, ac as getIdTokenResult, ag as getMultiFactorResolver, g as getRedirectResult, C as inMemoryPersistence, c as indexedDBLocalPersistence, i as initializeAuth, h as initializeRecaptchaConfig, a1 as isSignInWithEmailLink, N as linkWithCredential, b4 as linkWithRedirect, ah as multiFactor, k as onAuthStateChanged, o as onIdTokenChanged, a7 as parseActionCodeURL, t as prodErrorMap, Q as reauthenticateWithCredential, b5 as reauthenticateWithRedirect, af as reload, n as revokeAccessToken, a4 as sendEmailVerification, U as sendPasswordResetEmail, a0 as sendSignInLinkToEmail, s as setPersistence, L as signInAnonymously, M as signInWithCredential, R as signInWithCustomToken, $ as signInWithEmailAndPassword, a2 as signInWithEmailLink, b3 as signInWithRedirect, m as signOut, ad as unlink, l as updateCurrentUser, a9 as updateEmail, aa as updatePassword, a8 as updateProfile, u as useDeviceLanguage, v as validatePassword, a5 as verifyBeforeUpdateEmail, Y as verifyPasswordResetCode } from './popup_redirect-d8c8d0e5.js';
+import { ai as _performApiRequest, aj as _addTidIfNecessary, ak as _assert, al as Delay, am as _window, an as isV2, ao as _createError, ap as _loadJS, aq as _generateCallbackName, ar as getRecaptchaParams, as as _isHttpOrHttps, at as _isWorker, au as _castAuth, M as signInWithCredential, N as linkWithCredential, av as _assertLinkedStatus, Q as reauthenticateWithCredential, aw as sendPhoneVerificationCode, ax as startEnrollPhoneMfa, ay as _link, B as PhoneAuthCredential, az as debugAssert, aA as _generateEventId, aB as AbstractPopupRedirectOperation, aC as _assertInstanceOf, aD as _withDefaultResolver, aE as FederatedAuthProvider, aF as _fail, aG as _getProjectConfig, aH as _getCurrentUrl, aI as _emulatorUrl, aJ as _isChromeIOS, aK as _isFirefox, aL as _isIOSStandalone, aM as _getRedirectUrl, aN as _setWindowLocation, aO as _isMobileBrowser, aP as _isSafari, aQ as _isIOS, f as browserSessionPersistence, aR as _getRedirectResult, aS as _overrideRedirectResult, aT as AuthEventManager, aU as debugFail, aV as finalizeEnrollPhoneMfa, aW as finalizeEnrollTotpMfa, aX as startEnrollTotpMfa, r as registerAuth, i as initializeAuth, c as indexedDBLocalPersistence, e as browserLocalPersistence, j as beforeAuthStateChanged, o as onIdTokenChanged, x as connectAuthEmulator } from './popup_redirect-755b181a.js';
+export { A as ActionCodeOperation, a6 as ActionCodeURL, y as AuthCredential, w as AuthErrorCodes, a$ as AuthImpl, E as EmailAuthCredential, D as EmailAuthProvider, G as FacebookAuthProvider, F as FactorId, b1 as FetchProvider, I as GithubAuthProvider, H as GoogleAuthProvider, z as OAuthCredential, J as OAuthProvider, O as OperationType, B as PhoneAuthCredential, P as ProviderId, b2 as SAMLAuthCredential, K as SAMLAuthProvider, S as SignInMethod, T as TwitterAuthProvider, aZ as UserImpl, ak as _assert, au as _castAuth, aF as _fail, aA as _generateEventId, b0 as _getClientVersion, a_ as _getInstance, aR as _getRedirectResult, aS as _overrideRedirectResult, aY as _persistenceKeyName, W as applyActionCode, j as beforeAuthStateChanged, e as browserLocalPersistence, f as browserSessionPersistence, X as checkActionCode, V as confirmPasswordReset, x as connectAuthEmulator, d as cordovaPopupRedirectResolver, Z as createUserWithEmailAndPassword, q as debugErrorMap, p as deleteUser, a3 as fetchSignInMethodsForEmail, ae as getAdditionalUserInfo, ab as getIdToken, ac as getIdTokenResult, ag as getMultiFactorResolver, g as getRedirectResult, C as inMemoryPersistence, c as indexedDBLocalPersistence, i as initializeAuth, h as initializeRecaptchaConfig, a1 as isSignInWithEmailLink, N as linkWithCredential, b4 as linkWithRedirect, ah as multiFactor, k as onAuthStateChanged, o as onIdTokenChanged, a7 as parseActionCodeURL, t as prodErrorMap, Q as reauthenticateWithCredential, b5 as reauthenticateWithRedirect, af as reload, n as revokeAccessToken, a4 as sendEmailVerification, U as sendPasswordResetEmail, a0 as sendSignInLinkToEmail, s as setPersistence, L as signInAnonymously, M as signInWithCredential, R as signInWithCustomToken, $ as signInWithEmailAndPassword, a2 as signInWithEmailLink, b3 as signInWithRedirect, m as signOut, ad as unlink, l as updateCurrentUser, a9 as updateEmail, aa as updatePassword, a8 as updateProfile, u as useDeviceLanguage, v as validatePassword, a5 as verifyBeforeUpdateEmail, Y as verifyPasswordResetCode } from './popup_redirect-755b181a.js';
 import { __awaiter, __generator, __assign, __extends, __spreadArray } from 'tslib';
 import { querystring, getModularInstance, getUA, getExperimentalSetting, getDefaultEmulatorHost } from '@firebase/util';
 import { SDK_VERSION, getApp, _getProvider } from '@firebase/app';

package/dist/cordova/{popup_redirect-d8c8d0e5.js → popup_redirect-755b181a.js}

@@ -990,7 +990,7 @@ function _debugErrorMap() {
         _a["invalid-emulator-scheme" /* AuthErrorCode.INVALID_EMULATOR_SCHEME */] = 'Emulator URL must start with a valid scheme (http:// or https://).',
         _a["invalid-api-key" /* AuthErrorCode.INVALID_API_KEY */] = 'Your API key is invalid, please check you have copied it correctly.',
         _a["invalid-cert-hash" /* AuthErrorCode.INVALID_CERT_HASH */] = 'The SHA-1 certificate hash provided is invalid.',
-        _a["invalid-credential" /* AuthErrorCode.INVALID_IDP_RESPONSE */] = 'The supplied auth credential is malformed or has expired.',
+        _a["invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */] = 'The supplied auth credential is incorrect, malformed or has expired.',
         _a["invalid-message-payload" /* AuthErrorCode.INVALID_MESSAGE_PAYLOAD */] = 'The email template corresponding to this action contains invalid characters in its message. ' +
             'Please fix by going to the Auth email templates section in the Firebase Console.',
         _a["invalid-multi-factor-session" /* AuthErrorCode.INVALID_MFA_SESSION */] = 'The request does not contain a valid proof of first factor successful sign-in.',
@@ -1167,6 +1167,7 @@ var AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = {
     INVALID_EMAIL: 'auth/invalid-email',
     INVALID_EMULATOR_SCHEME: 'auth/invalid-emulator-scheme',
     INVALID_IDP_RESPONSE: 'auth/invalid-credential',
+    INVALID_LOGIN_CREDENTIALS: 'auth/invalid-credential',
     INVALID_MESSAGE_PAYLOAD: 'auth/invalid-message-payload',
     INVALID_MFA_SESSION: 'auth/invalid-multi-factor-session',
     INVALID_OAUTH_CLIENT_ID: 'auth/invalid-oauth-client-id',
@@ -1632,12 +1633,15 @@ var SERVER_ERROR_MAP = (_a$1 = {},
     _a$1["INVALID_PASSWORD" /* ServerError.INVALID_PASSWORD */] = "wrong-password" /* AuthErrorCode.INVALID_PASSWORD */,
     // This can only happen if the SDK sends a bad request.
     _a$1["MISSING_PASSWORD" /* ServerError.MISSING_PASSWORD */] = "missing-password" /* AuthErrorCode.MISSING_PASSWORD */,
+    // Thrown if Email Enumeration Protection is enabled in the project and the email or password is
+    // invalid.
+    _a$1["INVALID_LOGIN_CREDENTIALS" /* ServerError.INVALID_LOGIN_CREDENTIALS */] = "invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */,
     // Sign up with email and password errors.
     _a$1["EMAIL_EXISTS" /* ServerError.EMAIL_EXISTS */] = "email-already-in-use" /* AuthErrorCode.EMAIL_EXISTS */,
     _a$1["PASSWORD_LOGIN_DISABLED" /* ServerError.PASSWORD_LOGIN_DISABLED */] = "operation-not-allowed" /* AuthErrorCode.OPERATION_NOT_ALLOWED */,
     // Verify assertion for sign in with credential errors:
-    _a$1["INVALID_IDP_RESPONSE" /* ServerError.INVALID_IDP_RESPONSE */] = "invalid-credential" /* AuthErrorCode.INVALID_IDP_RESPONSE */,
-    _a$1["INVALID_PENDING_TOKEN" /* ServerError.INVALID_PENDING_TOKEN */] = "invalid-credential" /* AuthErrorCode.INVALID_IDP_RESPONSE */,
+    _a$1["INVALID_IDP_RESPONSE" /* ServerError.INVALID_IDP_RESPONSE */] = "invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */,
+    _a$1["INVALID_PENDING_TOKEN" /* ServerError.INVALID_PENDING_TOKEN */] = "invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */,
     _a$1["FEDERATED_USER_ID_ALREADY_LINKED" /* ServerError.FEDERATED_USER_ID_ALREADY_LINKED */] = "credential-already-in-use" /* AuthErrorCode.CREDENTIAL_ALREADY_IN_USE */,
     // This can only happen if the SDK sends a bad request.
     _a$1["MISSING_REQ_TYPE" /* ServerError.MISSING_REQ_TYPE */] = "internal-error" /* AuthErrorCode.INTERNAL_ERROR */,
@@ -1659,7 +1663,7 @@ var SERVER_ERROR_MAP = (_a$1 = {},
     // Phone Auth related errors.
     _a$1["INVALID_CODE" /* ServerError.INVALID_CODE */] = "invalid-verification-code" /* AuthErrorCode.INVALID_CODE */,
     _a$1["INVALID_SESSION_INFO" /* ServerError.INVALID_SESSION_INFO */] = "invalid-verification-id" /* AuthErrorCode.INVALID_SESSION_INFO */,
-    _a$1["INVALID_TEMPORARY_PROOF" /* ServerError.INVALID_TEMPORARY_PROOF */] = "invalid-credential" /* AuthErrorCode.INVALID_IDP_RESPONSE */,
+    _a$1["INVALID_TEMPORARY_PROOF" /* ServerError.INVALID_TEMPORARY_PROOF */] = "invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */,
     _a$1["MISSING_SESSION_INFO" /* ServerError.MISSING_SESSION_INFO */] = "missing-verification-id" /* AuthErrorCode.MISSING_SESSION_INFO */,
     _a$1["SESSION_EXPIRED" /* ServerError.SESSION_EXPIRED */] = "code-expired" /* AuthErrorCode.CODE_EXPIRED */,
     // Other action code errors when additional settings passed.
@@ -7424,7 +7428,9 @@ function recachePasswordPolicy(auth) {
     });
 }
 /**
- * Sends a password reset email to the given email address.
+ * Sends a password reset email to the given email address. This method does not throw an error when
+ * there's no user account with the given email address and
+ * [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
  *
  * @remarks
  * To complete the password reset, call {@link confirmPasswordReset} with the code supplied in
@@ -7665,6 +7671,8 @@ function createUserWithEmailAndPassword(auth, email, password) {
  *
  * @remarks
  * Fails with an error if the email address and password do not match.
+ * When [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled,
+ * this method fails with "auth/invalid-credential" in case of an invalid email/password.
  *
  * Note: The user's password is NOT the password used to access the user's email account. The
  * email address serves as a unique identifier for the user, and the password is used to access
@@ -7873,7 +7881,9 @@ function createAuthUri(auth, request) {
  * limitations under the License.
  */
 /**
- * Gets the list of possible sign in methods for the given email address.
+ * Gets the list of possible sign in methods for the given email address. This method returns an
+ * empty list when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled, irrespective of the number of
+ * authentication methods available for the given email.
  *
  * @remarks
  * This is useful to differentiate methods of sign-in for the same provider, eg.
@@ -7884,6 +7894,8 @@ function createAuthUri(auth, request) {
  * @param auth - The {@link Auth} instance.
  * @param email - The user's email address.
  *
+ * Deprecated. Migrating off of this method is recommended as a security best-practice.
+ * Learn more in the Identity Platform documentation for [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection).
  * @public
  */
 function fetchSignInMethodsForEmail(auth, email) {
@@ -8138,6 +8150,9 @@ function updateProfile(user, _a) {
  * @param user - The user.
  * @param newEmail - The new email address.
  *
+ * Throws "auth/operation-not-allowed" error when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
+ * Deprecated - Use {@link verifyBeforeUpdateEmail} instead.
+ *
  * @public
  */
 function updateEmail(user, newEmail) {
@@ -8856,7 +8871,7 @@ function multiFactor(user) {
 }
 
 var name = "@firebase/auth";
-var version = "1.4.0-canary.bebecdaad";
+var version = "1.4.0-canary.e9ff107ee";
 
 /**
  * @license
@@ -11060,4 +11075,4 @@ function generateNoEvent() {
 }
 
 export { signInWithEmailAndPassword as $, ActionCodeOperation as A, PhoneAuthCredential as B, inMemoryPersistence as C, EmailAuthProvider as D, EmailAuthCredential as E, FactorId as F, FacebookAuthProvider as G, GoogleAuthProvider as H, GithubAuthProvider as I, OAuthProvider as J, SAMLAuthProvider as K, signInAnonymously as L, signInWithCredential as M, linkWithCredential as N, OperationType as O, ProviderId as P, reauthenticateWithCredential as Q, signInWithCustomToken as R, SignInMethod as S, TwitterAuthProvider as T, sendPasswordResetEmail as U, confirmPasswordReset as V, applyActionCode as W, checkActionCode as X, verifyPasswordResetCode as Y, createUserWithEmailAndPassword as Z, _signInWithRedirect as _, _reauthenticateWithRedirect as a, AuthImpl as a$, sendSignInLinkToEmail as a0, isSignInWithEmailLink as a1, signInWithEmailLink as a2, fetchSignInMethodsForEmail as a3, sendEmailVerification as a4, verifyBeforeUpdateEmail as a5, ActionCodeURL as a6, parseActionCodeURL as a7, updateProfile as a8, updateEmail as a9, _generateEventId as aA, AbstractPopupRedirectOperation as aB, _assertInstanceOf as aC, _withDefaultResolver as aD, FederatedAuthProvider as aE, _fail as aF, _getProjectConfig as aG, _getCurrentUrl as aH, _emulatorUrl as aI, _isChromeIOS as aJ, _isFirefox as aK, _isIOSStandalone as aL, _getRedirectUrl as aM, _setWindowLocation as aN, _isMobileBrowser as aO, _isSafari as aP, _isIOS as aQ, _getRedirectResult as aR, _overrideRedirectResult as aS, AuthEventManager as aT, debugFail as aU, finalizeEnrollPhoneMfa as aV, finalizeEnrollTotpMfa as aW, startEnrollTotpMfa as aX, _persistenceKeyName as aY, UserImpl as aZ, _getInstance as a_, updatePassword as aa, getIdToken as ab, getIdTokenResult as ac, unlink as ad, getAdditionalUserInfo as ae, reload as af, getMultiFactorResolver as ag, multiFactor as ah, _performApiRequest as ai, _addTidIfNecessary as aj, _assert as ak, Delay as al, _window as am, isV2 as an, _createError as ao, _loadJS as ap, _generateCallbackName as aq, getRecaptchaParams as ar, _isHttpOrHttps as as, _isWorker as at, _castAuth as au, _assertLinkedStatus as av, sendPhoneVerificationCode as aw, startEnrollPhoneMfa as ax, _link$1 as ay, debugAssert as az, _linkWithRedirect as b, _getClientVersion as b0, FetchProvider as b1, SAMLAuthCredential as b2, signInWithRedirect as b3, linkWithRedirect as b4, reauthenticateWithRedirect as b5, indexedDBLocalPersistence as c, cordovaPopupRedirectResolver as d, browserLocalPersistence as e, browserSessionPersistence as f, getRedirectResult as g, initializeRecaptchaConfig as h, initializeAuth as i, beforeAuthStateChanged as j, onAuthStateChanged as k, updateCurrentUser as l, signOut as m, revokeAccessToken as n, onIdTokenChanged as o, deleteUser as p, debugErrorMap as q, registerAuth as r, setPersistence as s, prodErrorMap as t, useDeviceLanguage as u, validatePassword as v, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as w, connectAuthEmulator as x, AuthCredential as y, OAuthCredential as z };
-//# sourceMappingURL=popup_redirect-d8c8d0e5.js.map
+//# sourceMappingURL=popup_redirect-755b181a.js.map