@firebase/auth 1.6.2 → 1.7.0-canary.42fcdfe4c

package/dist/rn/{index-8ee80bdc.js → index-bbdaa838.js}

@@ -1,8 +1,8 @@
 'use strict';
 
 var tslib = require('tslib');
-var util = require('@firebase/util');
 var app = require('@firebase/app');
+var util = require('@firebase/util');
 var component = require('@firebase/component');
 var logger = require('@firebase/logger');
 
@@ -402,6 +402,9 @@ function _errorWithCustomMessage(auth, code, message) {
         appName: auth.name
     });
 }
+function _serverAppCurrentUserOperationNotSupportedError(auth) {
+    return _errorWithCustomMessage(auth, "operation-not-supported-in-this-environment" /* AuthErrorCode.OPERATION_NOT_SUPPORTED */, 'Operations that alter the current user are not supported in conjunction with FirebaseServerApp');
+}
 function _assertInstanceOf(auth, object, instance) {
     var constructorInstance = instance;
     if (!(object instanceof constructorInstance)) {
@@ -1689,16 +1692,21 @@ var StsTokenManager = /** @class */ (function () {
             : _tokenExpiresIn(response.idToken);
         this.updateTokensAndExpiration(response.idToken, response.refreshToken, expiresIn);
     };
+    StsTokenManager.prototype.updateFromIdToken = function (idToken) {
+        _assert(idToken.length !== 0, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
+        var expiresIn = _tokenExpiresIn(idToken);
+        this.updateTokensAndExpiration(idToken, null, expiresIn);
+    };
     StsTokenManager.prototype.getToken = function (auth, forceRefresh) {
         if (forceRefresh === void 0) { forceRefresh = false; }
         return tslib.__awaiter(this, void 0, void 0, function () {
             return tslib.__generator(this, function (_a) {
                 switch (_a.label) {
                     case 0:
-                        _assert(!this.accessToken || this.refreshToken, auth, "user-token-expired" /* AuthErrorCode.TOKEN_EXPIRED */);
                         if (!forceRefresh && this.accessToken && !this.isExpired) {
                             return [2 /*return*/, this.accessToken];
                         }
+                        _assert(this.refreshToken, auth, "user-token-expired" /* AuthErrorCode.TOKEN_EXPIRED */);
                         if (!this.refreshToken) return [3 /*break*/, 2];
                         return [4 /*yield*/, this.refresh(auth, this.refreshToken)];
                     case 1:
@@ -1922,7 +1930,11 @@ var UserImpl = /** @class */ (function () {
             var idToken;
             return tslib.__generator(this, function (_a) {
                 switch (_a.label) {
-                    case 0: return [4 /*yield*/, this.getIdToken()];
+                    case 0:
+                        if (app._isFirebaseServerApp(this.auth.app)) {
+                            return [2 /*return*/, Promise.reject(_serverAppCurrentUserOperationNotSupportedError(this.auth))];
+                        }
+                        return [4 /*yield*/, this.getIdToken()];
                     case 1:
                         idToken = _a.sent();
                         return [4 /*yield*/, _logoutIfInvalidated(this, deleteAccount(this.auth, { idToken: idToken }))];
@@ -2027,6 +2039,47 @@ var UserImpl = /** @class */ (function () {
             });
         });
     };
+    /**
+     * Initialize a User from an idToken server response
+     * @param auth
+     * @param idTokenResponse
+     */
+    UserImpl._fromGetAccountInfoResponse = function (auth, response, idToken) {
+        return tslib.__awaiter(this, void 0, void 0, function () {
+            var coreAccount, providerData, isAnonymous, stsTokenManager, user, updates;
+            return tslib.__generator(this, function (_a) {
+                coreAccount = response.users[0];
+                _assert(coreAccount.localId !== undefined, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
+                providerData = coreAccount.providerUserInfo !== undefined
+                    ? extractProviderData(coreAccount.providerUserInfo)
+                    : [];
+                isAnonymous = !(coreAccount.email && coreAccount.passwordHash) && !(providerData === null || providerData === void 0 ? void 0 : providerData.length);
+                stsTokenManager = new StsTokenManager();
+                stsTokenManager.updateFromIdToken(idToken);
+                user = new UserImpl({
+                    uid: coreAccount.localId,
+                    auth: auth,
+                    stsTokenManager: stsTokenManager,
+                    isAnonymous: isAnonymous
+                });
+                updates = {
+                    uid: coreAccount.localId,
+                    displayName: coreAccount.displayName || null,
+                    photoURL: coreAccount.photoUrl || null,
+                    email: coreAccount.email || null,
+                    emailVerified: coreAccount.emailVerified || false,
+                    phoneNumber: coreAccount.phoneNumber || null,
+                    tenantId: coreAccount.tenantId || null,
+                    providerData: providerData,
+                    metadata: new UserMetadata(coreAccount.createdAt, coreAccount.lastLoginAt),
+                    isAnonymous: !(coreAccount.email && coreAccount.passwordHash) &&
+                        !(providerData === null || providerData === void 0 ? void 0 : providerData.length)
+                };
+                Object.assign(user, updates);
+                return [2 /*return*/, user];
+            });
+        });
+    };
     return UserImpl;
 }());
 
@@ -2928,13 +2981,59 @@ var AuthImpl = /** @class */ (function () {
             });
         });
     };
+    AuthImpl.prototype.initializeCurrentUserFromIdToken = function (idToken) {
+        return tslib.__awaiter(this, void 0, void 0, function () {
+            var response, user, err_1;
+            return tslib.__generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0:
+                        _a.trys.push([0, 4, , 6]);
+                        return [4 /*yield*/, getAccountInfo(this, { idToken: idToken })];
+                    case 1:
+                        response = _a.sent();
+                        return [4 /*yield*/, UserImpl._fromGetAccountInfoResponse(this, response, idToken)];
+                    case 2:
+                        user = _a.sent();
+                        return [4 /*yield*/, this.directlySetCurrentUser(user)];
+                    case 3:
+                        _a.sent();
+                        return [3 /*break*/, 6];
+                    case 4:
+                        err_1 = _a.sent();
+                        console.warn('FirebaseServerApp could not login user with provided authIdToken: ', err_1);
+                        return [4 /*yield*/, this.directlySetCurrentUser(null)];
+                    case 5:
+                        _a.sent();
+                        return [3 /*break*/, 6];
+                    case 6: return [2 /*return*/];
+                }
+            });
+        });
+    };
     AuthImpl.prototype.initializeCurrentUser = function (popupRedirectResolver) {
         var _a;
         return tslib.__awaiter(this, void 0, void 0, function () {
-            var previouslyStoredUser, futureCurrentUser, needsTocheckMiddleware, redirectUserEventId, storedUserEventId, result, e_2;
+            var idToken_1, previouslyStoredUser, futureCurrentUser, needsTocheckMiddleware, redirectUserEventId, storedUserEventId, result, e_2;
+            var _this = this;
             return tslib.__generator(this, function (_b) {
                 switch (_b.label) {
-                    case 0: return [4 /*yield*/, this.assertedPersistence.getCurrentUser()];
+                    case 0:
+                        if (app._isFirebaseServerApp(this.app)) {
+                            idToken_1 = this.app.settings.authIdToken;
+                            if (idToken_1) {
+                                // Start the auth operation in the next tick to allow a moment for the customer's app to
+                                // attach an emulator, if desired.
+                                return [2 /*return*/, new Promise(function (resolve) {
+                                        setTimeout(function () {
+                                            return _this.initializeCurrentUserFromIdToken(idToken_1).then(resolve, resolve);
+                                        });
+                                    })];
+                            }
+                            else {
+                                return [2 /*return*/, this.directlySetCurrentUser(null)];
+                            }
+                        }
+                        return [4 /*yield*/, this.assertedPersistence.getCurrentUser()];
                     case 1:
                         previouslyStoredUser = (_b.sent());
                         futureCurrentUser = previouslyStoredUser;
@@ -3076,6 +3175,9 @@ var AuthImpl = /** @class */ (function () {
         return tslib.__awaiter(this, void 0, void 0, function () {
             var user;
             return tslib.__generator(this, function (_a) {
+                if (app._isFirebaseServerApp(this.app)) {
+                    return [2 /*return*/, Promise.reject(_serverAppCurrentUserOperationNotSupportedError(this))];
+                }
                 user = userExtern
                     ? util.getModularInstance(userExtern)
                     : null;
@@ -3123,9 +3225,12 @@ var AuthImpl = /** @class */ (function () {
         return tslib.__awaiter(this, void 0, void 0, function () {
             return tslib.__generator(this, function (_a) {
                 switch (_a.label) {
-                    case 0: 
-                    // Run first, to block _setRedirectUser() if any callbacks fail.
-                    return [4 /*yield*/, this.beforeStateQueue.runMiddleware(null)];
+                    case 0:
+                        if (app._isFirebaseServerApp(this.app)) {
+                            return [2 /*return*/, Promise.reject(_serverAppCurrentUserOperationNotSupportedError(this))];
+                        }
+                        // Run first, to block _setRedirectUser() if any callbacks fail.
+                        return [4 /*yield*/, this.beforeStateQueue.runMiddleware(null)];
                     case 1:
                         // Run first, to block _setRedirectUser() if any callbacks fail.
                         _a.sent();
@@ -3144,6 +3249,9 @@ var AuthImpl = /** @class */ (function () {
     };
     AuthImpl.prototype.setPersistence = function (persistence) {
         var _this = this;
+        if (app._isFirebaseServerApp(this.app)) {
+            return Promise.reject(_serverAppCurrentUserOperationNotSupportedError(this));
+        }
         return this.queue(function () { return tslib.__awaiter(_this, void 0, void 0, function () {
             return tslib.__generator(this, function (_a) {
                 switch (_a.label) {
@@ -5931,6 +6039,9 @@ function providerIdForResponse(response) {
  * If there is already an anonymous user signed in, that user will be returned; otherwise, a
  * new anonymous user identity will be created and returned.
  *
+ * This method is not supported by {@link Auth} instances created with a
+ * {@link @firebase/app#FirebaseServerApp}.
+ *
  * @param auth - The {@link Auth} instance.
  *
  * @public
@@ -5942,6 +6053,9 @@ function signInAnonymously(auth) {
         return tslib.__generator(this, function (_b) {
             switch (_b.label) {
                 case 0:
+                    if (app._isFirebaseServerApp(auth.app)) {
+                        return [2 /*return*/, Promise.reject(_serverAppCurrentUserOperationNotSupportedError(auth))];
+                    }
                     authInternal = _castAuth(auth);
                     return [4 /*yield*/, authInternal._initializationPromise];
                 case 1:
@@ -6173,6 +6287,9 @@ function _reauthenticate(user, credential, bypassAuthState) {
             switch (_a.label) {
                 case 0:
                     auth = user.auth;
+                    if (app._isFirebaseServerApp(auth.app)) {
+                        return [2 /*return*/, Promise.reject(_serverAppCurrentUserOperationNotSupportedError(auth))];
+                    }
                     operationType = "reauthenticate" /* OperationType.REAUTHENTICATE */;
                     _a.label = 1;
                 case 1:
@@ -6222,6 +6339,9 @@ function _signInWithCredential(auth, credential, bypassAuthState) {
         return tslib.__generator(this, function (_a) {
             switch (_a.label) {
                 case 0:
+                    if (app._isFirebaseServerApp(auth.app)) {
+                        return [2 /*return*/, Promise.reject(_serverAppCurrentUserOperationNotSupportedError(auth))];
+                    }
                     operationType = "signIn" /* OperationType.SIGN_IN */;
                     return [4 /*yield*/, _processCredentialSavingMfaContextIfNecessary(auth, operationType, credential)];
                 case 1:
@@ -6245,6 +6365,9 @@ function _signInWithCredential(auth, credential, bypassAuthState) {
  * @remarks
  * An {@link AuthProvider} can be used to generate the credential.
  *
+ * This method is not supported by {@link Auth} instances created with a
+ * {@link @firebase/app#FirebaseServerApp}.
+ *
  * @param auth - The {@link Auth} instance.
  * @param credential - The auth credential.
  *
@@ -6291,6 +6414,9 @@ function linkWithCredential(user, credential) {
  * attempts. This method can be used to recover from a `CREDENTIAL_TOO_OLD_LOGIN_AGAIN` error
  * or a `TOKEN_EXPIRED` error.
  *
+ * This method is not supported on any {@link User} signed in by {@link Auth} instances
+ * created with a {@link @firebase/app#FirebaseServerApp}.
+ *
  * @param user - The user.
  * @param credential - The auth credential.
  *
@@ -6355,6 +6481,9 @@ function signInWithCustomToken$1(auth, request) {
  *
  * Fails with an error if the token is invalid, expired, or not accepted by the Firebase Auth service.
  *
+ * This method is not supported by {@link Auth} instances created with a
+ * {@link @firebase/app#FirebaseServerApp}.
+ *
  * @param auth - The {@link Auth} instance.
  * @param customToken - The custom token to sign in with.
  *
@@ -6366,6 +6495,9 @@ function signInWithCustomToken(auth, customToken) {
         return tslib.__generator(this, function (_a) {
             switch (_a.label) {
                 case 0:
+                    if (app._isFirebaseServerApp(auth.app)) {
+                        return [2 /*return*/, Promise.reject(_serverAppCurrentUserOperationNotSupportedError(auth))];
+                    }
                     authInternal = _castAuth(auth);
                     return [4 /*yield*/, signInWithCustomToken$1(authInternal, {
                             token: customToken,
@@ -6722,6 +6854,9 @@ function verifyPasswordResetCode(auth, code) {
  *
  * User account creation can fail if the account already exists or the password is invalid.
  *
+ * This method is not supported on {@link Auth} instances created with a
+ * {@link @firebase/app#FirebaseServerApp}.
+ *
  * Note: The email address acts as a unique identifier for the user and enables an email-based
  * password reset. This function will create a new user account and set the initial user password.
  *
@@ -6737,6 +6872,9 @@ function createUserWithEmailAndPassword(auth, email, password) {
         return tslib.__generator(this, function (_a) {
             switch (_a.label) {
                 case 0:
+                    if (app._isFirebaseServerApp(auth.app)) {
+                        return [2 /*return*/, Promise.reject(_serverAppCurrentUserOperationNotSupportedError(auth))];
+                    }
                     authInternal = _castAuth(auth);
                     request = {
                         returnSecureToken: true,
@@ -6772,10 +6910,14 @@ function createUserWithEmailAndPassword(auth, email, password) {
  * When [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled,
  * this method fails with "auth/invalid-credential" in case of an invalid email/password.
  *
+ * This method is not supported on {@link Auth} instances created with a
+ * {@link @firebase/app#FirebaseServerApp}.
+ *
  * Note: The user's password is NOT the password used to access the user's email account. The
  * email address serves as a unique identifier for the user, and the password is used to access
  * the user's account in your Firebase project. See also: {@link createUserWithEmailAndPassword}.
  *
+ *
  * @param auth - The {@link Auth} instance.
  * @param email - The users email address.
  * @param password - The users password.
@@ -6784,6 +6926,9 @@ function createUserWithEmailAndPassword(auth, email, password) {
  */
 function signInWithEmailAndPassword(auth, email, password) {
     var _this = this;
+    if (app._isFirebaseServerApp(auth.app)) {
+        return Promise.reject(_serverAppCurrentUserOperationNotSupportedError(auth));
+    }
     return signInWithCredential(util.getModularInstance(auth), EmailAuthProvider.credential(email, password)).catch(function (error) { return tslib.__awaiter(_this, void 0, void 0, function () {
         return tslib.__generator(this, function (_a) {
             if (error.code === "auth/".concat("password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */)) {
@@ -6895,6 +7040,9 @@ function isSignInWithEmailLink(auth, emailLink) {
  *
  * Fails with an error if the email address is invalid or OTP in email link expires.
  *
+ * This method is not supported by {@link Auth} instances created with a
+ * {@link @firebase/app#FirebaseServerApp}.
+ *
  * Note: Confirm the link is a sign-in email link before calling this method firebase.auth.Auth.isSignInWithEmailLink.
  *
  * @example
@@ -6918,6 +7066,7 @@ function isSignInWithEmailLink(auth, emailLink) {
  * }
  * ```
  *
+ *
  * @param auth - The {@link Auth} instance.
  * @param email - The user's email address.
  * @param emailLink - The link sent to the user's email address.
@@ -6928,6 +7077,9 @@ function signInWithEmailLink(auth, email, emailLink) {
     return tslib.__awaiter(this, void 0, void 0, function () {
         var authModular, credential;
         return tslib.__generator(this, function (_a) {
+            if (app._isFirebaseServerApp(auth.app)) {
+                return [2 /*return*/, Promise.reject(_serverAppCurrentUserOperationNotSupportedError(auth))];
+            }
             authModular = util.getModularInstance(auth);
             credential = EmailAuthProvider.credentialWithLink(email, emailLink || _getCurrentUrl());
             // Check if the tenant ID in the email link matches the tenant ID on Auth
@@ -7241,6 +7393,9 @@ function updateProfile(user, _a) {
  * An email will be sent to the original email address (if it was set) that allows to revoke the
  * email address change, in order to protect them from account hijacking.
  *
+ * This method is not supported on any {@link User} signed in by {@link Auth} instances
+ * created with a {@link @firebase/app#FirebaseServerApp}.
+ *
  * Important: this is a security sensitive operation that requires the user to have recently signed
  * in. If this requirement isn't met, ask the user to authenticate again and then call
  * {@link reauthenticateWithCredential}.
@@ -7254,7 +7409,11 @@ function updateProfile(user, _a) {
  * @public
  */
 function updateEmail(user, newEmail) {
-    return updateEmailOrPassword(util.getModularInstance(user), newEmail, null);
+    var userInternal = util.getModularInstance(user);
+    if (app._isFirebaseServerApp(userInternal.auth.app)) {
+        return Promise.reject(_serverAppCurrentUserOperationNotSupportedError(userInternal.auth));
+    }
+    return updateEmailOrPassword(userInternal, newEmail, null);
 }
 /**
  * Updates the user's password.
@@ -7459,7 +7618,8 @@ function getAdditionalUserInfo(userCredential) {
  * remembered or not. It also makes it easier to never persist the `Auth` state for applications
  * that are shared by other users or have sensitive data.
  *
- * This method does not work in a Node.js environment.
+ * This method does not work in a Node.js environment or with {@link Auth} instances created with a
+ * {@link @firebase/app#FirebaseServerApp}.
  *
  * @example
  * ```javascript
@@ -7610,6 +7770,9 @@ function useDeviceLanguage(auth) {
  * The operation fails with an error if the user to be updated belongs to a different Firebase
  * project.
  *
+ * This method is not supported by {@link Auth} instances created with a
+ * {@link @firebase/app#FirebaseServerApp}.
+ *
  * @param auth - The {@link Auth} instance.
  * @param user - The new {@link User}.
  *
@@ -7621,6 +7784,10 @@ function updateCurrentUser(auth, user) {
 /**
  * Signs out the current user.
  *
+ * @remarks
+ * This method is not supported by {@link Auth} instances created with a
+ * {@link @firebase/app#FirebaseServerApp}.
+ *
  * @param auth - The {@link Auth} instance.
  *
  * @public
@@ -7969,7 +8136,7 @@ function multiFactor(user) {
 }
 
 var name = "@firebase/auth";
-var version = "1.6.2";
+var version = "1.7.0-canary.42fcdfe4c";
 
 /**
  * @license
@@ -8882,7 +9049,8 @@ var ConfirmationResultImpl = /** @class */ (function () {
  * {@link RecaptchaVerifier} (like React Native), but you need to use a
  * third-party {@link ApplicationVerifier} implementation.
  *
- * This method does not work in a Node.js environment.
+ * This method does not work in a Node.js environment or with {@link Auth} instances created with a
+ * {@link @firebase/app#FirebaseServerApp}.
  *
  * @example
  * ```javascript
@@ -8905,6 +9073,9 @@ function signInWithPhoneNumber(auth, phoneNumber, appVerifier) {
         return tslib.__generator(this, function (_a) {
             switch (_a.label) {
                 case 0:
+                    if (app._isFirebaseServerApp(auth.app)) {
+                        return [2 /*return*/, Promise.reject(_serverAppCurrentUserOperationNotSupportedError(auth))];
+                    }
                     authInternal = _castAuth(auth);
                     return [4 /*yield*/, _verifyPhoneNumber(authInternal, phoneNumber, util.getModularInstance(appVerifier))];
                 case 1:
@@ -8954,7 +9125,8 @@ function linkWithPhoneNumber(user, phoneNumber, appVerifier) {
  * @remarks
  * Use before operations such as {@link updatePassword} that require tokens from recent sign-in attempts.
  *
- * This method does not work in a Node.js environment.
+ * This method does not work in a Node.js environment or on any {@link User} signed in by
+ * {@link Auth} instances created with a {@link @firebase/app#FirebaseServerApp}.
  *
  * @param user - The user.
  * @param phoneNumber - The user's phone number in E.164 format (e.g. +16505550101).
@@ -8969,6 +9141,9 @@ function reauthenticateWithPhoneNumber(user, phoneNumber, appVerifier) {
             switch (_a.label) {
                 case 0:
                     userInternal = util.getModularInstance(user);
+                    if (app._isFirebaseServerApp(userInternal.auth.app)) {
+                        return [2 /*return*/, Promise.reject(_serverAppCurrentUserOperationNotSupportedError(userInternal.auth))];
+                    }
                     return [4 /*yield*/, _verifyPhoneNumber(userInternal.auth, phoneNumber, util.getModularInstance(appVerifier))];
                 case 1:
                     verificationId = _a.sent();
@@ -9056,7 +9231,8 @@ function _verifyPhoneNumber(auth, options, verifier) {
  * Updates the user's phone number.
  *
  * @remarks
- * This method does not work in a Node.js environment.
+ * This method does not work in a Node.js environment or on any {@link User} signed in by
+ * {@link Auth} instances created with a {@link @firebase/app#FirebaseServerApp}.
  *
  * @example
  * ```
@@ -9076,9 +9252,15 @@ function _verifyPhoneNumber(auth, options, verifier) {
  */
 function updatePhoneNumber(user, credential) {
     return tslib.__awaiter(this, void 0, void 0, function () {
+        var userInternal;
         return tslib.__generator(this, function (_a) {
             switch (_a.label) {
-                case 0: return [4 /*yield*/, _link(util.getModularInstance(user), credential)];
+                case 0:
+                    userInternal = util.getModularInstance(user);
+                    if (app._isFirebaseServerApp(userInternal.auth.app)) {
+                        return [2 /*return*/, Promise.reject(_serverAppCurrentUserOperationNotSupportedError(userInternal.auth))];
+                    }
+                    return [4 /*yield*/, _link(userInternal, credential)];
                 case 1:
                     _a.sent();
                     return [2 /*return*/];
@@ -9574,6 +9756,7 @@ exports._logWarn = _logWarn;
 exports._performApiRequest = _performApiRequest;
 exports._persistenceKeyName = _persistenceKeyName;
 exports._reauthenticate = _reauthenticate;
+exports._serverAppCurrentUserOperationNotSupportedError = _serverAppCurrentUserOperationNotSupportedError;
 exports._setExternalJSProvider = _setExternalJSProvider;
 exports._setWindowLocation = _setWindowLocation;
 exports._signInWithCredential = _signInWithCredential;
@@ -9630,4 +9813,4 @@ exports.useDeviceLanguage = useDeviceLanguage;
 exports.validatePassword = validatePassword;
 exports.verifyBeforeUpdateEmail = verifyBeforeUpdateEmail;
 exports.verifyPasswordResetCode = verifyPasswordResetCode;
-//# sourceMappingURL=index-8ee80bdc.js.map
+//# sourceMappingURL=index-bbdaa838.js.map