@firebase/auth 1.7.1-canary.e1a7764cf → 1.7.1-passkey-preview.103ead202

package/dist/auth-public.d.ts

@@ -237,6 +237,7 @@ declare interface APIUserInfo {
     passwordHash?: string;
     providerUserInfo?: ProviderUserInfo[];
     mfaInfo?: MfaEnrollment[];
+    passkeyInfo?: PasskeyInfo_2[];
 }
 
 /**
@@ -1102,6 +1103,15 @@ declare const enum EnforcementState {
     OFF = "OFF",
     ENFORCEMENT_STATE_UNSPECIFIED = "ENFORCEMENT_STATE_UNSPECIFIED"
 }
+
+/**
+ * Enrolls a passkey for the user account.
+ * @param user - The user to enroll the passkey for.
+ * @param name - The name associated with the passkey.
+ * @returns A promise that resolves with a `UserCredential` object.
+ * @public
+ */
+export declare function enrollPasskey(user: User, name: string): Promise<UserCredential>;
 export { ErrorFn }
 
 /* Excluded from this release type: EventManager */
@@ -1233,9 +1243,8 @@ declare abstract class FederatedAuthProvider implements AuthProvider {
 
 /**
  * Gets the list of possible sign in methods for the given email address. This method returns an
- * empty list when
- * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}
- * is enabled, irrespective of the number of authentication methods available for the given email.
+ * empty list when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled, irrespective of the number of
+ * authentication methods available for the given email.
  *
  * @remarks
  * This is useful to differentiate methods of sign-in for the same provider, eg.
@@ -1247,8 +1256,7 @@ declare abstract class FederatedAuthProvider implements AuthProvider {
  * @param email - The user's email address.
  *
  * Deprecated. Migrating off of this method is recommended as a security best-practice.
- * Learn more in the Identity Platform documentation for
- * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}.
+ * Learn more in the Identity Platform documentation for [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection).
  * @public
  */
 export declare function fetchSignInMethodsForEmail(auth: Auth, email: string): Promise<string[]>;
@@ -2277,6 +2285,25 @@ export declare interface ParsedToken {
     [key: string]: unknown;
 }
 
+/**
+ * Represents information about a passkey.
+ */
+export declare interface PasskeyInfo {
+    /**
+     * The credential ID of the passkey.
+     */
+    readonly credentialId: string;
+    /**
+     * The name associated with the passkey.
+     */
+    readonly name?: string;
+}
+
+declare interface PasskeyInfo_2 {
+    credentialId: string;
+    name?: string;
+}
+
 /**
  * A structure specifying password policy requirements.
  *
@@ -2871,7 +2898,7 @@ declare interface RecaptchaEnforcementProviderState {
 /**
  * Interface representing reCAPTCHA parameters.
  *
- * See the {@link https://developers.google.com/recaptcha/docs/display#render_param | reCAPTCHA docs}
+ * See the [reCAPTCHA docs](https://developers.google.com/recaptcha/docs/display#render_param)
  * for the list of accepted parameters. All parameters are accepted except for `sitekey`: Firebase Auth
  * provisions a reCAPTCHA for each project and will configure the site key upon rendering.
  *
@@ -3051,8 +3078,7 @@ export declare function sendEmailVerification(user: User, actionCodeSettings?: A
 /**
  * Sends a password reset email to the given email address. This method does not throw an error when
  * there's no user account with the given email address and
- * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}
- * is enabled.
+ * [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
  *
  * @remarks
  * To complete the password reset, call {@link confirmPasswordReset} with the code supplied in
@@ -3230,10 +3256,9 @@ export declare function signInWithCustomToken(auth: Auth, customToken: string):
  * Asynchronously signs in using an email and password.
  *
  * @remarks
- * Fails with an error if the email address and password do not match. When
- * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}
- * is enabled, this method fails with "auth/invalid-credential" in case of an invalid
- * email/password.
+ * Fails with an error if the email address and password do not match.
+ * When [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled,
+ * this method fails with "auth/invalid-credential" in case of an invalid email/password.
  *
  * This method is not supported on {@link Auth} instances created with a
  * {@link @firebase/app#FirebaseServerApp}.
@@ -3296,6 +3321,15 @@ export declare function signInWithEmailLink(auth: Auth, email: string, emailLink
 
 /* Excluded from this release type: SignInWithIdpResponse */
 
+/**
+ * Signs in a user with a passkey. Use enrollPasskey to enroll a passkey credential for the current user.
+ * @param auth - The Firebase Auth instance.
+ * @param name - The user's name for passkey.
+ * @param manualSignUp - When false, automatically creates an anonymous user if a passkey credential does not exist. Defaults to false.
+ * @returns A promise that resolves with a `UserCredential` object.
+ */
+export declare function signInWithPasskey(auth: Auth, name: string, manualSignUp?: boolean): Promise<UserCredential>;
+
 /**
  * Asynchronously signs in using a phone number.
  *
@@ -3628,6 +3662,15 @@ export declare class TwitterAuthProvider extends BaseOAuthProvider {
     private static credentialFromTaggedObject;
 }
 
+/**
+ * Unenrolls the passkey corresponding to the specified credentialId.
+ * @param user - The user to unenroll the passkey for.
+ * @param credentialId - The ID of the passkey to unenroll.
+ * @returns A promise that resolves when the passkey is successfully unenrolled.
+ * @public
+ */
+export declare function unenrollPasskey(user: User, credentialId: string): Promise<void>;
+
 /**
  * Unlinks a provider from a user account.
  *
@@ -3679,9 +3722,7 @@ export declare function updateCurrentUser(auth: Auth, user: User | null): Promis
  * @param user - The user.
  * @param newEmail - The new email address.
  *
- * Throws "auth/operation-not-allowed" error when
- * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}
- * is enabled.
+ * Throws "auth/operation-not-allowed" error when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
  * Deprecated - Use {@link verifyBeforeUpdateEmail} instead.
  *
  * @public
@@ -3773,6 +3814,10 @@ export declare interface User extends UserInfo {
      * Additional per provider such as displayName and profile information.
      */
     readonly providerData: UserInfo[];
+    /**
+     * An array of PasskeyInfo objects representing the passkeys that the user has enrolled.
+     */
+    readonly enrolledPasskeys: PasskeyInfo[];
     /**
      * Refresh token used to reauthenticate the user. Avoid using this directly and prefer
      * {@link User.getIdToken} to refresh the ID token instead.

package/dist/auth.d.ts

@@ -243,6 +243,7 @@ declare interface APIUserInfo {
     passwordHash?: string;
     providerUserInfo?: ProviderUserInfo[];
     mfaInfo?: MfaEnrollment[];
+    passkeyInfo?: PasskeyInfo_2[];
 }
 
 /**
@@ -1384,6 +1385,15 @@ declare const enum EnforcementState {
     OFF = "OFF",
     ENFORCEMENT_STATE_UNSPECIFIED = "ENFORCEMENT_STATE_UNSPECIFIED"
 }
+
+/**
+ * Enrolls a passkey for the user account.
+ * @param user - The user to enroll the passkey for.
+ * @param name - The name associated with the passkey.
+ * @returns A promise that resolves with a `UserCredential` object.
+ * @public
+ */
+export declare function enrollPasskey(user: User, name: string): Promise<UserCredential>;
 export { ErrorFn }
 
 /**
@@ -1523,9 +1533,8 @@ declare abstract class FederatedAuthProvider implements AuthProvider {
 
 /**
  * Gets the list of possible sign in methods for the given email address. This method returns an
- * empty list when
- * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}
- * is enabled, irrespective of the number of authentication methods available for the given email.
+ * empty list when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled, irrespective of the number of
+ * authentication methods available for the given email.
  *
  * @remarks
  * This is useful to differentiate methods of sign-in for the same provider, eg.
@@ -1537,8 +1546,7 @@ declare abstract class FederatedAuthProvider implements AuthProvider {
  * @param email - The user's email address.
  *
  * Deprecated. Migrating off of this method is recommended as a security best-practice.
- * Learn more in the Identity Platform documentation for
- * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}.
+ * Learn more in the Identity Platform documentation for [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection).
  * @public
  */
 export declare function fetchSignInMethodsForEmail(auth: Auth, email: string): Promise<string[]>;
@@ -2624,6 +2632,25 @@ export declare interface ParsedToken {
     [key: string]: unknown;
 }
 
+/**
+ * Represents information about a passkey.
+ */
+export declare interface PasskeyInfo {
+    /**
+     * The credential ID of the passkey.
+     */
+    readonly credentialId: string;
+    /**
+     * The name associated with the passkey.
+     */
+    readonly name?: string;
+}
+
+declare interface PasskeyInfo_2 {
+    credentialId: string;
+    name?: string;
+}
+
 /**
  * A structure specifying password policy requirements.
  *
@@ -3150,7 +3177,9 @@ declare const enum ProviderId_2 {
     /** Phone provider */
     PHONE = "phone",
     /** Twitter provider ID */
-    TWITTER = "twitter.com"
+    TWITTER = "twitter.com",
+    /** Passkey provider */
+    PASSKEY = "passkey"
 }
 
 declare interface ProviderUserInfo {
@@ -3343,7 +3372,7 @@ declare interface ReCaptchaLoader {
 /**
  * Interface representing reCAPTCHA parameters.
  *
- * See the {@link https://developers.google.com/recaptcha/docs/display#render_param | reCAPTCHA docs}
+ * See the [reCAPTCHA docs](https://developers.google.com/recaptcha/docs/display#render_param)
  * for the list of accepted parameters. All parameters are accepted except for `sitekey`: Firebase Auth
  * provisions a reCAPTCHA for each project and will configure the site key upon rendering.
  *
@@ -3525,8 +3554,7 @@ export declare function sendEmailVerification(user: User, actionCodeSettings?: A
 /**
  * Sends a password reset email to the given email address. This method does not throw an error when
  * there's no user account with the given email address and
- * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}
- * is enabled.
+ * [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
  *
  * @remarks
  * To complete the password reset, call {@link confirmPasswordReset} with the code supplied in
@@ -3704,10 +3732,9 @@ export declare function signInWithCustomToken(auth: Auth, customToken: string):
  * Asynchronously signs in using an email and password.
  *
  * @remarks
- * Fails with an error if the email address and password do not match. When
- * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}
- * is enabled, this method fails with "auth/invalid-credential" in case of an invalid
- * email/password.
+ * Fails with an error if the email address and password do not match.
+ * When [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled,
+ * this method fails with "auth/invalid-credential" in case of an invalid email/password.
  *
  * This method is not supported on {@link Auth} instances created with a
  * {@link @firebase/app#FirebaseServerApp}.
@@ -3779,6 +3806,15 @@ declare interface SignInWithIdpResponse extends IdTokenResponse {
     pendingToken?: string;
 }
 
+/**
+ * Signs in a user with a passkey. Use enrollPasskey to enroll a passkey credential for the current user.
+ * @param auth - The Firebase Auth instance.
+ * @param name - The user's name for passkey.
+ * @param manualSignUp - When false, automatically creates an anonymous user if a passkey credential does not exist. Defaults to false.
+ * @returns A promise that resolves with a `UserCredential` object.
+ */
+export declare function signInWithPasskey(auth: Auth, name: string, manualSignUp?: boolean): Promise<UserCredential>;
+
 /**
  * Asynchronously signs in using a phone number.
  *
@@ -4155,6 +4191,15 @@ export declare class TwitterAuthProvider extends BaseOAuthProvider {
     private static credentialFromTaggedObject;
 }
 
+/**
+ * Unenrolls the passkey corresponding to the specified credentialId.
+ * @param user - The user to unenroll the passkey for.
+ * @param credentialId - The ID of the passkey to unenroll.
+ * @returns A promise that resolves when the passkey is successfully unenrolled.
+ * @public
+ */
+export declare function unenrollPasskey(user: User, credentialId: string): Promise<void>;
+
 /**
  * Unlinks a provider from a user account.
  *
@@ -4206,9 +4251,7 @@ export declare function updateCurrentUser(auth: Auth, user: User | null): Promis
  * @param user - The user.
  * @param newEmail - The new email address.
  *
- * Throws "auth/operation-not-allowed" error when
- * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}
- * is enabled.
+ * Throws "auth/operation-not-allowed" error when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
  * Deprecated - Use {@link verifyBeforeUpdateEmail} instead.
  *
  * @public
@@ -4300,6 +4343,10 @@ export declare interface User extends UserInfo {
      * Additional per provider such as displayName and profile information.
      */
     readonly providerData: UserInfo[];
+    /**
+     * An array of PasskeyInfo objects representing the passkeys that the user has enrolled.
+     */
+    readonly enrolledPasskeys: PasskeyInfo[];
     /**
      * Refresh token used to reauthenticate the user. Avoid using this directly and prefer
      * {@link User.getIdToken} to refresh the ID token instead.
@@ -4454,6 +4501,7 @@ declare interface UserInternal extends User {
     tenantId: string | null;
     providerData: MutableUserInfo[];
     metadata: UserMetadata_2;
+    enrolledPasskeys: PasskeyInfo_2[];
     stsTokenManager: StsTokenManager;
     _redirectEventId?: string;
     _updateTokensIfNecessary(response: IdTokenResponse | FinalizeMfaResponse, reload?: boolean): Promise<void>;