@firebase/auth 1.7.9 → 1.8.0

package/dist/node-esm/src/api/account_management/mfa.d.ts

@@ -14,6 +14,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+import { RecaptchaClientType, RecaptchaVersion } from '../index';
 import { SignInWithPhoneNumberRequest } from '../authentication/sms';
 import { FinalizeMfaResponse } from '../authentication/mfa';
 import { AuthInternal } from '../../model/auth';
@@ -44,7 +45,10 @@ export interface StartPhoneMfaEnrollmentRequest {
     idToken: string;
     phoneEnrollmentInfo: {
         phoneNumber: string;
-        recaptchaToken: string;
+        recaptchaToken?: string;
+        captchaResponse?: string;
+        clientType?: RecaptchaClientType;
+        recaptchaVersion?: RecaptchaVersion;
     };
     tenantId?: string;
 }

package/dist/node-esm/src/api/authentication/mfa.d.ts

@@ -14,6 +14,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+import { RecaptchaClientType, RecaptchaVersion } from '../index';
 import { Auth } from '../../model/public_types';
 import { IdTokenResponse } from '../../model/id_token';
 import { MfaEnrollment } from '../account_management/mfa';
@@ -34,7 +35,10 @@ export interface StartPhoneMfaSignInRequest {
     mfaPendingCredential: string;
     mfaEnrollmentId: string;
     phoneSignInInfo: {
-        recaptchaToken: string;
+        recaptchaToken?: string;
+        captchaResponse?: string;
+        clientType?: RecaptchaClientType;
+        recaptchaVersion?: RecaptchaVersion;
     };
     tenantId?: string;
 }

package/dist/node-esm/src/api/authentication/sms.d.ts

@@ -14,12 +14,16 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+import { RecaptchaClientType, RecaptchaVersion } from '../index';
 import { IdTokenResponse } from '../../model/id_token';
 import { Auth } from '../../model/public_types';
 export interface SendPhoneVerificationCodeRequest {
     phoneNumber: string;
-    recaptchaToken: string;
+    recaptchaToken?: string;
     tenantId?: string;
+    captchaResponse?: string;
+    clientType?: RecaptchaClientType;
+    recaptchaVersion?: RecaptchaVersion;
 }
 export interface SendPhoneVerificationCodeResponse {
     sessionInfo: string;

package/dist/node-esm/src/api/index.d.ts

@@ -69,7 +69,10 @@ export declare const enum RecaptchaVersion {
 export declare const enum RecaptchaActionName {
     SIGN_IN_WITH_PASSWORD = "signInWithPassword",
     GET_OOB_CODE = "getOobCode",
-    SIGN_UP_PASSWORD = "signUpPassword"
+    SIGN_UP_PASSWORD = "signUpPassword",
+    SEND_VERIFICATION_CODE = "sendVerificationCode",
+    MFA_SMS_ENROLLMENT = "mfaSmsEnrollment",
+    MFA_SMS_SIGNIN = "mfaSmsSignIn"
 }
 export declare const enum EnforcementState {
     ENFORCE = "ENFORCE",
@@ -77,8 +80,9 @@ export declare const enum EnforcementState {
     OFF = "OFF",
     ENFORCEMENT_STATE_UNSPECIFIED = "ENFORCEMENT_STATE_UNSPECIFIED"
 }
-export declare const enum RecaptchaProvider {
-    EMAIL_PASSWORD_PROVIDER = "EMAIL_PASSWORD_PROVIDER"
+export declare const enum RecaptchaAuthProvider {
+    EMAIL_PASSWORD_PROVIDER = "EMAIL_PASSWORD_PROVIDER",
+    PHONE_PROVIDER = "PHONE_PROVIDER"
 }
 export declare const DEFAULT_API_TIMEOUT_MS: Delay;
 export declare function _addTidIfNecessary<T extends {

package/dist/node-esm/src/platform_browser/providers/phone.d.ts

@@ -74,14 +74,16 @@ export declare class PhoneAuthProvider {
      *
      * @param phoneInfoOptions - The user's {@link PhoneInfoOptions}. The phone number should be in
      * E.164 format (e.g. +16505550101).
-     * @param applicationVerifier - For abuse prevention, this method also requires a
-     * {@link ApplicationVerifier}. This SDK includes a reCAPTCHA-based implementation,
-     * {@link RecaptchaVerifier}.
+     * @param applicationVerifier - An {@link ApplicationVerifier}, which prevents
+     * requests from unauthorized clients. This SDK includes an implementation
+     * based on reCAPTCHA v2, {@link RecaptchaVerifier}. If you've enabled
+     * reCAPTCHA Enterprise bot protection in Enforce mode, this parameter is
+     * optional; in all other configurations, the parameter is required.
      *
      * @returns A Promise for a verification ID that can be passed to
-     * {@link PhoneAuthProvider.credential} to identify this flow..
+     * {@link PhoneAuthProvider.credential} to identify this flow.
      */
-    verifyPhoneNumber(phoneOptions: PhoneInfoOptions | string, applicationVerifier: ApplicationVerifier): Promise<string>;
+    verifyPhoneNumber(phoneOptions: PhoneInfoOptions | string, applicationVerifier?: ApplicationVerifier): Promise<string>;
     /**
      * Creates a phone auth credential, given the verification ID from
      * {@link PhoneAuthProvider.verifyPhoneNumber} and the code that was sent to the user's

package/dist/node-esm/src/platform_browser/recaptcha/recaptcha.d.ts

@@ -68,4 +68,11 @@ export declare class RecaptchaConfig {
      * @returns Whether or not reCAPTCHA Enterprise protection is enabled for the given provider.
      */
     isProviderEnabled(providerStr: string): boolean;
+    /**
+     * Returns true if reCAPTCHA Enterprise protection is enabled in at least one provider, otherwise
+     * returns false.
+     *
+     * @returns Whether or not reCAPTCHA Enterprise protection is enabled for at least one provider.
+     */
+    isAnyProviderEnabled(): boolean;
 }

package/dist/node-esm/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts

@@ -14,7 +14,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-import { RecaptchaActionName } from '../../api';
+import { RecaptchaActionName, RecaptchaAuthProvider } from '../../api';
 import { Auth } from '../../model/public_types';
 import { AuthInternal } from '../../model/auth';
 export declare const RECAPTCHA_ENTERPRISE_VERIFIER_TYPE = "recaptcha-enterprise";
@@ -38,8 +38,8 @@ export declare class RecaptchaEnterpriseVerifier {
      */
     verify(action?: string, forceRefresh?: boolean): Promise<string>;
 }
-export declare function injectRecaptchaFields<T>(auth: AuthInternal, request: T, action: RecaptchaActionName, captchaResp?: boolean): Promise<T>;
-declare type ActionMethod<TRequest, TResponse> = (auth: Auth, request: TRequest) => Promise<TResponse>;
-export declare function handleRecaptchaFlow<TRequest, TResponse>(authInstance: AuthInternal, request: TRequest, actionName: RecaptchaActionName, actionMethod: ActionMethod<TRequest, TResponse>): Promise<TResponse>;
+export declare function injectRecaptchaFields<T>(auth: AuthInternal, request: T, action: RecaptchaActionName, isCaptchaResp?: boolean, isFakeToken?: boolean): Promise<T>;
+declare type ActionMethod<TRequest, TResponse> = (auth: AuthInternal, request: TRequest) => Promise<TResponse>;
+export declare function handleRecaptchaFlow<TRequest, TResponse>(authInstance: AuthInternal, request: TRequest, actionName: RecaptchaActionName, actionMethod: ActionMethod<TRequest, TResponse>, recaptchaAuthProvider: RecaptchaAuthProvider): Promise<TResponse>;
 export declare function _initializeRecaptchaConfig(auth: Auth): Promise<void>;
 export {};

package/dist/node-esm/src/platform_browser/strategies/phone.d.ts

@@ -27,12 +27,15 @@ import { AuthInternal } from '../../model/auth';
  * provides the code sent to their phone, call {@link ConfirmationResult.confirm}
  * with the code to sign the user in.
  *
- * For abuse prevention, this method also requires a {@link ApplicationVerifier}.
- * This SDK includes a reCAPTCHA-based implementation, {@link RecaptchaVerifier}.
+ * For abuse prevention, this method requires a {@link ApplicationVerifier}.
+ * This SDK includes an implementation based on reCAPTCHA v2, {@link RecaptchaVerifier}.
  * This function can work on other platforms that do not support the
  * {@link RecaptchaVerifier} (like React Native), but you need to use a
  * third-party {@link ApplicationVerifier} implementation.
  *
+ * If you've enabled project-level reCAPTCHA Enterprise bot protection in
+ * Enforce mode, you can omit the {@link ApplicationVerifier}.
+ *
  * This method does not work in a Node.js environment or with {@link Auth} instances created with a
  * {@link @firebase/app#FirebaseServerApp}.
  *
@@ -51,7 +54,7 @@ import { AuthInternal } from '../../model/auth';
  *
  * @public
  */
-export declare function signInWithPhoneNumber(auth: Auth, phoneNumber: string, appVerifier: ApplicationVerifier): Promise<ConfirmationResult>;
+export declare function signInWithPhoneNumber(auth: Auth, phoneNumber: string, appVerifier?: ApplicationVerifier): Promise<ConfirmationResult>;
 /**
  * Links the user account with the given phone number.
  *
@@ -64,7 +67,7 @@ export declare function signInWithPhoneNumber(auth: Auth, phoneNumber: string, a
  *
  * @public
  */
-export declare function linkWithPhoneNumber(user: User, phoneNumber: string, appVerifier: ApplicationVerifier): Promise<ConfirmationResult>;
+export declare function linkWithPhoneNumber(user: User, phoneNumber: string, appVerifier?: ApplicationVerifier): Promise<ConfirmationResult>;
 /**
  * Re-authenticates a user using a fresh phone credential.
  *
@@ -80,12 +83,12 @@ export declare function linkWithPhoneNumber(user: User, phoneNumber: string, app
  *
  * @public
  */
-export declare function reauthenticateWithPhoneNumber(user: User, phoneNumber: string, appVerifier: ApplicationVerifier): Promise<ConfirmationResult>;
+export declare function reauthenticateWithPhoneNumber(user: User, phoneNumber: string, appVerifier?: ApplicationVerifier): Promise<ConfirmationResult>;
 /**
  * Returns a verification ID to be used in conjunction with the SMS code that is sent.
  *
  */
-export declare function _verifyPhoneNumber(auth: AuthInternal, options: PhoneInfoOptions | string, verifier: ApplicationVerifierInternal): Promise<string>;
+export declare function _verifyPhoneNumber(auth: AuthInternal, options: PhoneInfoOptions | string, verifier?: ApplicationVerifierInternal): Promise<string>;
 /**
  * Updates the user's phone number.
  *
@@ -110,3 +113,4 @@ export declare function _verifyPhoneNumber(auth: AuthInternal, options: PhoneInf
  * @public
  */
 export declare function updatePhoneNumber(user: User, credential: PhoneAuthCredential): Promise<void>;
+export declare function injectRecaptchaV2Token<T>(auth: AuthInternal, request: T, recaptchaV2Verifier: ApplicationVerifierInternal): Promise<T>;

package/dist/{esm5/scripts/run_node_tests.d.ts → node-esm/test/integration/flows/recaptcha_enterprise.test.d.ts}

@@ -1,6 +1,6 @@
 /**
  * @license
- * Copyright 2020 Google LLC
+ * Copyright 2024 Google LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

package/dist/node-esm/{totp-219bb96f.js → totp-f311e20a.js}

@@ -2,7 +2,6 @@ import { SDK_VERSION, _isFirebaseServerApp, _getProvider, _registerComponent, re
 import { ErrorFactory, isBrowserExtension, isMobileCordova, isReactNative, FirebaseError, querystring, isCloudflareWorker, getModularInstance, base64Decode, getUA, isIE, createSubscribe, deepEqual, querystringDecode, extractQuerystring, getDefaultEmulatorHost } from '@firebase/util';
 import { __rest } from 'tslib';
 import { Component } from '@firebase/component';
-import { fetch as fetch$1, Headers as Headers$1, Response as Response$1 } from 'undici';
 import { Logger, LogLevel } from '@firebase/logger';
 
 /**
@@ -1077,6 +1076,16 @@ class RecaptchaConfig {
             "ENFORCE" /* EnforcementState.ENFORCE */ ||
             this.getProviderEnforcementState(providerStr) === "AUDIT" /* EnforcementState.AUDIT */);
     }
+    /**
+     * Returns true if reCAPTCHA Enterprise protection is enabled in at least one provider, otherwise
+     * returns false.
+     *
+     * @returns Whether or not reCAPTCHA Enterprise protection is enabled for at least one provider.
+     */
+    isAnyProviderEnabled() {
+        return (this.isProviderEnabled("EMAIL_PASSWORD_PROVIDER" /* RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER */) ||
+            this.isProviderEnabled("PHONE_PROVIDER" /* RecaptchaAuthProvider.PHONE_PROVIDER */));
+    }
 }
 
 /**
@@ -3145,6 +3154,56 @@ function _recaptchaEnterpriseScriptUrl() {
     return externalJSProvider.recaptchaEnterpriseScript;
 }
 
+/**
+ * @license
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+class MockGreCAPTCHATopLevel {
+    constructor() {
+        this.enterprise = new MockGreCAPTCHA();
+    }
+    ready(callback) {
+        callback();
+    }
+    execute(
+    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+    _siteKey, _options) {
+        return Promise.resolve('token');
+    }
+    render(
+    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+    _container, _parameters) {
+        return '';
+    }
+}
+class MockGreCAPTCHA {
+    ready(callback) {
+        callback();
+    }
+    execute(
+    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+    _siteKey, _options) {
+        return Promise.resolve('token');
+    }
+    render(
+    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+    _container, _parameters) {
+        return '';
+    }
+}
+
 /* eslint-disable @typescript-eslint/no-require-imports */
 const RECAPTCHA_ENTERPRISE_VERIFIER_TYPE = 'recaptcha-enterprise';
 const FAKE_TOKEN = 'NO_RECAPTCHA';
@@ -3220,6 +3279,11 @@ class RecaptchaEnterpriseVerifier {
                 reject(Error('No reCAPTCHA enterprise script loaded.'));
             }
         }
+        // Returns Promise for a mock token when appVerificationDisabledForTesting is true.
+        if (this.auth.settings.appVerificationDisabledForTesting) {
+            const mockRecaptcha = new MockGreCAPTCHATopLevel();
+            return mockRecaptcha.execute('siteKey', { action: 'verify' });
+        }
         return new Promise((resolve, reject) => {
             retrieveSiteKey(this.auth)
                 .then(siteKey => {
@@ -3250,17 +3314,50 @@ class RecaptchaEnterpriseVerifier {
         });
     }
 }
-async function injectRecaptchaFields(auth, request, action, captchaResp = false) {
+async function injectRecaptchaFields(auth, request, action, isCaptchaResp = false, isFakeToken = false) {
     const verifier = new RecaptchaEnterpriseVerifier(auth);
     let captchaResponse;
-    try {
-        captchaResponse = await verifier.verify(action);
+    if (isFakeToken) {
+        captchaResponse = FAKE_TOKEN;
     }
-    catch (error) {
-        captchaResponse = await verifier.verify(action, true);
+    else {
+        try {
+            captchaResponse = await verifier.verify(action);
+        }
+        catch (error) {
+            captchaResponse = await verifier.verify(action, true);
+        }
     }
     const newRequest = Object.assign({}, request);
-    if (!captchaResp) {
+    if (action === "mfaSmsEnrollment" /* RecaptchaActionName.MFA_SMS_ENROLLMENT */ ||
+        action === "mfaSmsSignIn" /* RecaptchaActionName.MFA_SMS_SIGNIN */) {
+        if ('phoneEnrollmentInfo' in newRequest) {
+            const phoneNumber = newRequest.phoneEnrollmentInfo.phoneNumber;
+            const recaptchaToken = newRequest.phoneEnrollmentInfo.recaptchaToken;
+            Object.assign(newRequest, {
+                'phoneEnrollmentInfo': {
+                    phoneNumber,
+                    recaptchaToken,
+                    captchaResponse,
+                    'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
+                    'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
+                }
+            });
+        }
+        else if ('phoneSignInInfo' in newRequest) {
+            const recaptchaToken = newRequest.phoneSignInInfo.recaptchaToken;
+            Object.assign(newRequest, {
+                'phoneSignInInfo': {
+                    recaptchaToken,
+                    captchaResponse,
+                    'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */,
+                    'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */
+                }
+            });
+        }
+        return newRequest;
+    }
+    if (!isCaptchaResp) {
         Object.assign(newRequest, { captchaResponse });
     }
     else {
@@ -3272,24 +3369,64 @@ async function injectRecaptchaFields(auth, request, action, captchaResp = false)
     });
     return newRequest;
 }
-async function handleRecaptchaFlow(authInstance, request, actionName, actionMethod) {
-    var _a;
-    if ((_a = authInstance
-        ._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.isProviderEnabled("EMAIL_PASSWORD_PROVIDER" /* RecaptchaProvider.EMAIL_PASSWORD_PROVIDER */)) {
-        const requestWithRecaptcha = await injectRecaptchaFields(authInstance, request, actionName, actionName === "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */);
-        return actionMethod(authInstance, requestWithRecaptcha);
+async function handleRecaptchaFlow(authInstance, request, actionName, actionMethod, recaptchaAuthProvider) {
+    var _a, _b;
+    if (recaptchaAuthProvider === "EMAIL_PASSWORD_PROVIDER" /* RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER */) {
+        if ((_a = authInstance
+            ._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.isProviderEnabled("EMAIL_PASSWORD_PROVIDER" /* RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER */)) {
+            const requestWithRecaptcha = await injectRecaptchaFields(authInstance, request, actionName, actionName === "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */);
+            return actionMethod(authInstance, requestWithRecaptcha);
+        }
+        else {
+            return actionMethod(authInstance, request).catch(async (error) => {
+                if (error.code === `auth/${"missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */}`) {
+                    console.log(`${actionName} is protected by reCAPTCHA Enterprise for this project. Automatically triggering the reCAPTCHA flow and restarting the flow.`);
+                    const requestWithRecaptcha = await injectRecaptchaFields(authInstance, request, actionName, actionName === "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */);
+                    return actionMethod(authInstance, requestWithRecaptcha);
+                }
+                else {
+                    return Promise.reject(error);
+                }
+            });
+        }
     }
-    else {
-        return actionMethod(authInstance, request).catch(async (error) => {
-            if (error.code === `auth/${"missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */}`) {
-                console.log(`${actionName} is protected by reCAPTCHA Enterprise for this project. Automatically triggering the reCAPTCHA flow and restarting the flow.`);
-                const requestWithRecaptcha = await injectRecaptchaFields(authInstance, request, actionName, actionName === "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */);
-                return actionMethod(authInstance, requestWithRecaptcha);
-            }
-            else {
+    else if (recaptchaAuthProvider === "PHONE_PROVIDER" /* RecaptchaAuthProvider.PHONE_PROVIDER */) {
+        if ((_b = authInstance
+            ._getRecaptchaConfig()) === null || _b === void 0 ? void 0 : _b.isProviderEnabled("PHONE_PROVIDER" /* RecaptchaAuthProvider.PHONE_PROVIDER */)) {
+            const requestWithRecaptcha = await injectRecaptchaFields(authInstance, request, actionName);
+            return actionMethod(authInstance, requestWithRecaptcha).catch(async (error) => {
+                var _a;
+                if (((_a = authInstance
+                    ._getRecaptchaConfig()) === null || _a === void 0 ? void 0 : _a.getProviderEnforcementState("PHONE_PROVIDER" /* RecaptchaAuthProvider.PHONE_PROVIDER */)) === "AUDIT" /* EnforcementState.AUDIT */) {
+                    // AUDIT mode
+                    if (error.code === `auth/${"missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */}` ||
+                        error.code === `auth/${"invalid-app-credential" /* AuthErrorCode.INVALID_APP_CREDENTIAL */}`) {
+                        console.log(`Failed to verify with reCAPTCHA Enterprise. Automatically triggering the reCAPTCHA v2 flow to complete the ${actionName} flow.`);
+                        // reCAPTCHA Enterprise token is missing or reCAPTCHA Enterprise token
+                        // check fails.
+                        // Fallback to reCAPTCHA v2 flow.
+                        const requestWithRecaptchaFields = await injectRecaptchaFields(authInstance, request, actionName, false, // isCaptchaResp
+                        true // isFakeToken
+                        );
+                        // This will call the PhoneApiCaller to fetch and inject reCAPTCHA v2 token.
+                        return actionMethod(authInstance, requestWithRecaptchaFields);
+                    }
+                }
+                // ENFORCE mode or AUDIT mode with any other error.
                 return Promise.reject(error);
-            }
-        });
+            });
+        }
+        else {
+            // Do reCAPTCHA v2 flow.
+            const requestWithRecaptchaFields = await injectRecaptchaFields(authInstance, request, actionName, false, // isCaptchaResp
+            true // isFakeToken
+            );
+            // This will call the PhoneApiCaller to fetch and inject v2 token.
+            return actionMethod(authInstance, requestWithRecaptchaFields);
+        }
+    }
+    else {
+        return Promise.reject(recaptchaAuthProvider + ' provider is not supported.');
     }
 }
 async function _initializeRecaptchaConfig(auth) {
@@ -3305,7 +3442,7 @@ async function _initializeRecaptchaConfig(auth) {
     else {
         authInternal._tenantRecaptchaConfigs[authInternal.tenantId] = config;
     }
-    if (config.isProviderEnabled("EMAIL_PASSWORD_PROVIDER" /* RecaptchaProvider.EMAIL_PASSWORD_PROVIDER */)) {
+    if (config.isAnyProviderEnabled()) {
         const verifier = new RecaptchaEnterpriseVerifier(authInternal);
         void verifier.verify();
     }
@@ -3731,7 +3868,7 @@ class EmailAuthCredential extends AuthCredential {
                     password: this._password,
                     clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
                 };
-                return handleRecaptchaFlow(auth, request, "signInWithPassword" /* RecaptchaActionName.SIGN_IN_WITH_PASSWORD */, signInWithPassword);
+                return handleRecaptchaFlow(auth, request, "signInWithPassword" /* RecaptchaActionName.SIGN_IN_WITH_PASSWORD */, signInWithPassword, "EMAIL_PASSWORD_PROVIDER" /* RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER */);
             case "emailLink" /* SignInMethod.EMAIL_LINK */:
                 return signInWithEmailLink$1(auth, {
                     email: this._email,
@@ -3752,7 +3889,7 @@ class EmailAuthCredential extends AuthCredential {
                     password: this._password,
                     clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
                 };
-                return handleRecaptchaFlow(auth, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */, linkEmailPassword);
+                return handleRecaptchaFlow(auth, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */, linkEmailPassword, "EMAIL_PASSWORD_PROVIDER" /* RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER */);
             case "emailLink" /* SignInMethod.EMAIL_LINK */:
                 return signInWithEmailLinkForLinking(auth, {
                     idToken,
@@ -5744,7 +5881,7 @@ async function sendPasswordResetEmail(auth, email, actionCodeSettings) {
     if (actionCodeSettings) {
         _setActionCodeSettingsOnRequest(authInternal, request, actionCodeSettings);
     }
-    await handleRecaptchaFlow(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, sendPasswordResetEmail$1);
+    await handleRecaptchaFlow(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, sendPasswordResetEmail$1, "EMAIL_PASSWORD_PROVIDER" /* RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER */);
 }
 /**
  * Completes the password reset process, given a confirmation code and new password.
@@ -5877,7 +6014,7 @@ async function createUserWithEmailAndPassword(auth, email, password) {
         password,
         clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
     };
-    const signUpResponse = handleRecaptchaFlow(authInternal, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */, signUp);
+    const signUpResponse = handleRecaptchaFlow(authInternal, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */, signUp, "EMAIL_PASSWORD_PROVIDER" /* RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER */);
     const response = await signUpResponse.catch(error => {
         if (error.code === `auth/${"password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */}`) {
             void recachePasswordPolicy(auth);
@@ -5991,7 +6128,7 @@ async function sendSignInLinkToEmail(auth, email, actionCodeSettings) {
         }
     }
     setActionCodeSettings(request, actionCodeSettings);
-    await handleRecaptchaFlow(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, sendSignInLinkToEmail$1);
+    await handleRecaptchaFlow(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, sendSignInLinkToEmail$1, "EMAIL_PASSWORD_PROVIDER" /* RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER */);
 }
 /**
  * Checks if an incoming link is a sign-in with email link suitable for {@link signInWithEmailLink}.
@@ -6919,7 +7056,7 @@ function multiFactor(user) {
 }
 
 var name = "@firebase/auth";
-var version = "1.7.9";
+var version = "1.8.0";
 
 /**
  * @license
@@ -7061,7 +7198,7 @@ function registerAuth(clientPlatform) {
         return (auth => new AuthInterop(auth))(auth);
     }, "PRIVATE" /* ComponentType.PRIVATE */).setInstantiationMode("EXPLICIT" /* InstantiationMode.EXPLICIT */));
     registerVersion(name, version, getVersionForPlatform(clientPlatform));
-    // BUILD_TARGET will be replaced by values like esm5, esm2017, cjs5, etc during the compilation
+    // BUILD_TARGET will be replaced by values like esm2017, cjs2017, etc during the compilation
     registerVersion(name, version, 'esm2017');
 }
 
@@ -7082,7 +7219,7 @@ function registerAuth(clientPlatform) {
  * limitations under the License.
  */
 // Initialize the fetch polyfill, the types are slightly off so just cast and hope for the best
-FetchProvider.initialize(fetch$1, Headers$1, Response$1);
+FetchProvider.initialize(fetch, Headers, Response);
 // First, we set up the various platform-specific features for Node (register
 // the version and declare the Node getAuth function)
 function getAuth(app = getApp()) {
@@ -7331,4 +7468,4 @@ function _isEmptyString(input) {
 }
 
 export { TwitterAuthProvider as $, ActionCodeOperation as A, updateCurrentUser as B, signOut as C, revokeAccessToken as D, deleteUser as E, FactorId as F, debugErrorMap as G, prodErrorMap as H, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as I, initializeAuth as J, connectAuthEmulator as K, AuthCredential as L, EmailAuthCredential as M, OAuthCredential as N, OperationType as O, PhoneAuthProvider as P, PhoneAuthCredential as Q, RecaptchaVerifier as R, SignInMethod as S, TotpMultiFactorGenerator as T, inMemoryPersistence as U, EmailAuthProvider as V, FacebookAuthProvider as W, GoogleAuthProvider as X, GithubAuthProvider as Y, OAuthProvider as Z, SAMLAuthProvider as _, browserSessionPersistence as a, signInAnonymously as a0, signInWithCredential as a1, linkWithCredential as a2, reauthenticateWithCredential as a3, signInWithCustomToken as a4, sendPasswordResetEmail as a5, confirmPasswordReset as a6, applyActionCode as a7, checkActionCode as a8, verifyPasswordResetCode as a9, _fail as aA, debugAssert as aB, _persistenceKeyName as aC, _serverAppCurrentUserOperationNotSupportedError as aD, _castAuth as aE, FederatedAuthProvider as aF, BaseOAuthProvider as aG, _emulatorUrl as aH, _performApiRequest as aI, _isIOS as aJ, _isAndroid as aK, _isIOS7Or8 as aL, _createError as aM, _isMobileBrowser as aN, _isIE10 as aO, UserImpl as aP, AuthImpl as aQ, _getClientVersion as aR, FetchProvider as aS, SAMLAuthCredential as aT, createUserWithEmailAndPassword as aa, signInWithEmailAndPassword as ab, sendSignInLinkToEmail as ac, isSignInWithEmailLink as ad, signInWithEmailLink as ae, fetchSignInMethodsForEmail as af, sendEmailVerification as ag, verifyBeforeUpdateEmail as ah, ActionCodeURL as ai, parseActionCodeURL as aj, updateProfile as ak, updateEmail as al, updatePassword as am, getIdToken as an, getIdTokenResult as ao, unlink as ap, getAdditionalUserInfo as aq, reload as ar, getMultiFactorResolver as as, multiFactor as at, _getInstance as au, _assert as av, _signInWithCredential as aw, _reauthenticate as ax, _link as ay, signInWithIdp as az, browserLocalPersistence as b, signInWithPopup as c, linkWithPopup as d, reauthenticateWithPopup as e, signInWithRedirect as f, linkWithRedirect as g, reauthenticateWithRedirect as h, indexedDBLocalPersistence as i, getRedirectResult as j, browserPopupRedirectResolver as k, linkWithPhoneNumber as l, PhoneMultiFactorGenerator as m, TotpSecret as n, getAuth as o, ProviderId as p, setPersistence as q, reauthenticateWithPhoneNumber as r, signInWithPhoneNumber as s, initializeRecaptchaConfig as t, updatePhoneNumber as u, validatePassword as v, onIdTokenChanged as w, beforeAuthStateChanged as x, onAuthStateChanged as y, useDeviceLanguage as z };
-//# sourceMappingURL=totp-219bb96f.js.map
+//# sourceMappingURL=totp-f311e20a.js.map