@firebase/auth 1.7.9 → 1.8.0

package/dist/cordova/internal.js

@@ -1,8 +1,8 @@
-import { ai as _performApiRequest, aj as _addTidIfNecessary, ak as _assert, al as Delay, am as _window, an as isV2, ao as _createError, ap as _recaptchaV2ScriptUrl, aq as _loadJS, ar as _generateCallbackName, as as getRecaptchaParams, at as _isHttpOrHttps, au as _isWorker, av as _castAuth, M as signInWithCredential, aw as _serverAppCurrentUserOperationNotSupportedError, N as linkWithCredential, ax as _assertLinkedStatus, Q as reauthenticateWithCredential, ay as sendPhoneVerificationCode, az as startEnrollPhoneMfa, aA as _link, B as PhoneAuthCredential, aB as debugAssert, aC as _generateEventId, aD as AbstractPopupRedirectOperation, aE as _assertInstanceOf, aF as _withDefaultResolver, aG as FederatedAuthProvider, aH as _fail, aI as _getProjectConfig, aJ as _getCurrentUrl, aK as _gapiScriptUrl, aL as _emulatorUrl, aM as _isChromeIOS, aN as _isFirefox, aO as _isIOSStandalone, aP as _getRedirectUrl, aQ as _setWindowLocation, aR as _isMobileBrowser, aS as _isSafari, aT as _isIOS, f as browserSessionPersistence, aU as _getRedirectResult, aV as _overrideRedirectResult, aW as AuthEventManager, aX as debugFail, aY as finalizeEnrollPhoneMfa, aZ as finalizeEnrollTotpMfa, a_ as startEnrollTotpMfa, r as registerAuth, i as initializeAuth, c as indexedDBLocalPersistence, e as browserLocalPersistence, j as beforeAuthStateChanged, o as onIdTokenChanged, x as connectAuthEmulator, a$ as _setExternalJSProvider } from './popup_redirect-abcbab4c.js';
-export { A as ActionCodeOperation, a6 as ActionCodeURL, y as AuthCredential, w as AuthErrorCodes, b3 as AuthImpl, E as EmailAuthCredential, D as EmailAuthProvider, G as FacebookAuthProvider, F as FactorId, b5 as FetchProvider, I as GithubAuthProvider, H as GoogleAuthProvider, z as OAuthCredential, J as OAuthProvider, O as OperationType, B as PhoneAuthCredential, P as ProviderId, b6 as SAMLAuthCredential, K as SAMLAuthProvider, S as SignInMethod, T as TwitterAuthProvider, b1 as UserImpl, ak as _assert, av as _castAuth, aH as _fail, aC as _generateEventId, b4 as _getClientVersion, b2 as _getInstance, aU as _getRedirectResult, aV as _overrideRedirectResult, b0 as _persistenceKeyName, W as applyActionCode, j as beforeAuthStateChanged, e as browserLocalPersistence, f as browserSessionPersistence, X as checkActionCode, V as confirmPasswordReset, x as connectAuthEmulator, d as cordovaPopupRedirectResolver, Z as createUserWithEmailAndPassword, q as debugErrorMap, p as deleteUser, a3 as fetchSignInMethodsForEmail, ae as getAdditionalUserInfo, ab as getIdToken, ac as getIdTokenResult, ag as getMultiFactorResolver, g as getRedirectResult, C as inMemoryPersistence, c as indexedDBLocalPersistence, i as initializeAuth, h as initializeRecaptchaConfig, a1 as isSignInWithEmailLink, N as linkWithCredential, b8 as linkWithRedirect, ah as multiFactor, k as onAuthStateChanged, o as onIdTokenChanged, a7 as parseActionCodeURL, t as prodErrorMap, Q as reauthenticateWithCredential, b9 as reauthenticateWithRedirect, af as reload, n as revokeAccessToken, a4 as sendEmailVerification, U as sendPasswordResetEmail, a0 as sendSignInLinkToEmail, s as setPersistence, L as signInAnonymously, M as signInWithCredential, R as signInWithCustomToken, $ as signInWithEmailAndPassword, a2 as signInWithEmailLink, b7 as signInWithRedirect, m as signOut, ad as unlink, l as updateCurrentUser, a9 as updateEmail, aa as updatePassword, a8 as updateProfile, u as useDeviceLanguage, v as validatePassword, a5 as verifyBeforeUpdateEmail, Y as verifyPasswordResetCode } from './popup_redirect-abcbab4c.js';
-import { __awaiter, __generator, __assign, __extends, __spreadArray } from 'tslib';
+import { ai as _performApiRequest, aj as _addTidIfNecessary, ak as Delay, al as _window, am as _assert, an as isV2, ao as _createError, ap as _recaptchaV2ScriptUrl, aq as _loadJS, ar as MockReCaptcha, as as _generateCallbackName, at as _castAuth, au as _isHttpOrHttps, av as _isWorker, aw as getRecaptchaParams, ax as _serverAppCurrentUserOperationNotSupportedError, M as signInWithCredential, ay as _assertLinkedStatus, N as linkWithCredential, Q as reauthenticateWithCredential, az as _initializeRecaptchaConfig, aA as FAKE_TOKEN, aB as startEnrollPhoneMfa, aC as handleRecaptchaFlow, aD as sendPhoneVerificationCode, aE as _link, B as PhoneAuthCredential, aF as _assertInstanceOf, aG as _withDefaultResolver, aH as AbstractPopupRedirectOperation, aI as debugAssert, aJ as _generateEventId, aK as FederatedAuthProvider, aL as _getProjectConfig, aM as _fail, aN as _getCurrentUrl, aO as _gapiScriptUrl, aP as _emulatorUrl, aQ as _isChromeIOS, aR as _isFirefox, aS as _isIOSStandalone, f as browserSessionPersistence, aT as _getRedirectResult, aU as _overrideRedirectResult, aV as _getRedirectUrl, aW as _setWindowLocation, aX as _isMobileBrowser, aY as _isSafari, aZ as _isIOS, a_ as AuthEventManager, a$ as debugFail, b0 as finalizeEnrollPhoneMfa, b1 as startEnrollTotpMfa, b2 as finalizeEnrollTotpMfa, r as registerAuth, i as initializeAuth, c as indexedDBLocalPersistence, e as browserLocalPersistence, j as beforeAuthStateChanged, o as onIdTokenChanged, x as connectAuthEmulator, b3 as _setExternalJSProvider } from './popup_redirect-6fcd583a.js';
+export { A as ActionCodeOperation, a6 as ActionCodeURL, y as AuthCredential, w as AuthErrorCodes, b7 as AuthImpl, E as EmailAuthCredential, D as EmailAuthProvider, G as FacebookAuthProvider, F as FactorId, b9 as FetchProvider, I as GithubAuthProvider, H as GoogleAuthProvider, z as OAuthCredential, J as OAuthProvider, O as OperationType, B as PhoneAuthCredential, P as ProviderId, ba as SAMLAuthCredential, K as SAMLAuthProvider, S as SignInMethod, T as TwitterAuthProvider, b5 as UserImpl, am as _assert, at as _castAuth, aM as _fail, aJ as _generateEventId, b8 as _getClientVersion, b6 as _getInstance, aT as _getRedirectResult, aU as _overrideRedirectResult, b4 as _persistenceKeyName, W as applyActionCode, j as beforeAuthStateChanged, e as browserLocalPersistence, f as browserSessionPersistence, X as checkActionCode, V as confirmPasswordReset, x as connectAuthEmulator, d as cordovaPopupRedirectResolver, Z as createUserWithEmailAndPassword, q as debugErrorMap, p as deleteUser, a3 as fetchSignInMethodsForEmail, ae as getAdditionalUserInfo, ab as getIdToken, ac as getIdTokenResult, ag as getMultiFactorResolver, g as getRedirectResult, C as inMemoryPersistence, c as indexedDBLocalPersistence, i as initializeAuth, h as initializeRecaptchaConfig, a1 as isSignInWithEmailLink, N as linkWithCredential, bc as linkWithRedirect, ah as multiFactor, k as onAuthStateChanged, o as onIdTokenChanged, a7 as parseActionCodeURL, t as prodErrorMap, Q as reauthenticateWithCredential, bd as reauthenticateWithRedirect, af as reload, n as revokeAccessToken, a4 as sendEmailVerification, U as sendPasswordResetEmail, a0 as sendSignInLinkToEmail, s as setPersistence, L as signInAnonymously, M as signInWithCredential, R as signInWithCustomToken, $ as signInWithEmailAndPassword, a2 as signInWithEmailLink, bb as signInWithRedirect, m as signOut, ad as unlink, l as updateCurrentUser, a9 as updateEmail, aa as updatePassword, a8 as updateProfile, u as useDeviceLanguage, v as validatePassword, a5 as verifyBeforeUpdateEmail, Y as verifyPasswordResetCode } from './popup_redirect-6fcd583a.js';
 import { querystring, getModularInstance, getUA, getExperimentalSetting, getDefaultEmulatorHost } from '@firebase/util';
-import { _isFirebaseServerApp, SDK_VERSION, getApp, _getProvider } from '@firebase/app';
+import { _isFirebaseServerApp, SDK_VERSION, _getProvider, getApp } from '@firebase/app';
+import 'tslib';
 import '@firebase/component';
 import '@firebase/logger';
 
@@ -32,143 +32,6 @@ function finalizeSignInTotpMfa(auth, request) {
     return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v2/accounts/mfaSignIn:finalize" /* Endpoint.FINALIZE_MFA_SIGN_IN */, _addTidIfNecessary(auth, request));
 }
 
-/**
- * @license
- * Copyright 2020 Google LLC
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-var _SOLVE_TIME_MS = 500;
-var _EXPIRATION_TIME_MS = 60000;
-var _WIDGET_ID_START = 1000000000000;
-var MockReCaptcha = /** @class */ (function () {
-    function MockReCaptcha(auth) {
-        this.auth = auth;
-        this.counter = _WIDGET_ID_START;
-        this._widgets = new Map();
-    }
-    MockReCaptcha.prototype.render = function (container, parameters) {
-        var id = this.counter;
-        this._widgets.set(id, new MockWidget(container, this.auth.name, parameters || {}));
-        this.counter++;
-        return id;
-    };
-    MockReCaptcha.prototype.reset = function (optWidgetId) {
-        var _a;
-        var id = optWidgetId || _WIDGET_ID_START;
-        void ((_a = this._widgets.get(id)) === null || _a === void 0 ? void 0 : _a.delete());
-        this._widgets.delete(id);
-    };
-    MockReCaptcha.prototype.getResponse = function (optWidgetId) {
-        var _a;
-        var id = optWidgetId || _WIDGET_ID_START;
-        return ((_a = this._widgets.get(id)) === null || _a === void 0 ? void 0 : _a.getResponse()) || '';
-    };
-    MockReCaptcha.prototype.execute = function (optWidgetId) {
-        var _a;
-        return __awaiter(this, void 0, void 0, function () {
-            var id;
-            return __generator(this, function (_b) {
-                id = optWidgetId || _WIDGET_ID_START;
-                void ((_a = this._widgets.get(id)) === null || _a === void 0 ? void 0 : _a.execute());
-                return [2 /*return*/, ''];
-            });
-        });
-    };
-    return MockReCaptcha;
-}());
-var MockWidget = /** @class */ (function () {
-    function MockWidget(containerOrId, appName, params) {
-        var _this = this;
-        this.params = params;
-        this.timerId = null;
-        this.deleted = false;
-        this.responseToken = null;
-        this.clickHandler = function () {
-            _this.execute();
-        };
-        var container = typeof containerOrId === 'string'
-            ? document.getElementById(containerOrId)
-            : containerOrId;
-        _assert(container, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */, { appName: appName });
-        this.container = container;
-        this.isVisible = this.params.size !== 'invisible';
-        if (this.isVisible) {
-            this.execute();
-        }
-        else {
-            this.container.addEventListener('click', this.clickHandler);
-        }
-    }
-    MockWidget.prototype.getResponse = function () {
-        this.checkIfDeleted();
-        return this.responseToken;
-    };
-    MockWidget.prototype.delete = function () {
-        this.checkIfDeleted();
-        this.deleted = true;
-        if (this.timerId) {
-            clearTimeout(this.timerId);
-            this.timerId = null;
-        }
-        this.container.removeEventListener('click', this.clickHandler);
-    };
-    MockWidget.prototype.execute = function () {
-        var _this = this;
-        this.checkIfDeleted();
-        if (this.timerId) {
-            return;
-        }
-        this.timerId = window.setTimeout(function () {
-            _this.responseToken = generateRandomAlphaNumericString(50);
-            var _a = _this.params, callback = _a.callback, expiredCallback = _a["expired-callback"];
-            if (callback) {
-                try {
-                    callback(_this.responseToken);
-                }
-                catch (e) { }
-            }
-            _this.timerId = window.setTimeout(function () {
-                _this.timerId = null;
-                _this.responseToken = null;
-                if (expiredCallback) {
-                    try {
-                        expiredCallback();
-                    }
-                    catch (e) { }
-                }
-                if (_this.isVisible) {
-                    _this.execute();
-                }
-            }, _EXPIRATION_TIME_MS);
-        }, _SOLVE_TIME_MS);
-    };
-    MockWidget.prototype.checkIfDeleted = function () {
-        if (this.deleted) {
-            throw new Error('reCAPTCHA mock was already deleted!');
-        }
-    };
-    return MockWidget;
-}());
-function generateRandomAlphaNumericString(len) {
-    var chars = [];
-    var allowedChars = '1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
-    for (var i = 0; i < len; i++) {
-        chars.push(allowedChars.charAt(Math.floor(Math.random() * allowedChars.length)));
-    }
-    return chars.join('');
-}
-
 /**
  * @license
  * Copyright 2020 Google LLC
@@ -187,13 +50,13 @@ function generateRandomAlphaNumericString(len) {
  */
 // ReCaptcha will load using the same callback, so the callback function needs
 // to be kept around
-var _JSLOAD_CALLBACK = _generateCallbackName('rcb');
-var NETWORK_TIMEOUT_DELAY = new Delay(30000, 60000);
+const _JSLOAD_CALLBACK = _generateCallbackName('rcb');
+const NETWORK_TIMEOUT_DELAY = new Delay(30000, 60000);
 /**
  * Loader for the GReCaptcha library. There should only ever be one of this.
  */
-var ReCaptchaLoaderImpl = /** @class */ (function () {
-    function ReCaptchaLoaderImpl() {
+class ReCaptchaLoaderImpl {
+    constructor() {
         var _a;
         this.hostLanguage = '';
         this.counter = 0;
@@ -204,51 +67,49 @@ var ReCaptchaLoaderImpl = /** @class */ (function () {
          */
         this.librarySeparatelyLoaded = !!((_a = _window().grecaptcha) === null || _a === void 0 ? void 0 : _a.render);
     }
-    ReCaptchaLoaderImpl.prototype.load = function (auth, hl) {
-        var _this = this;
-        if (hl === void 0) { hl = ''; }
+    load(auth, hl = '') {
         _assert(isHostLanguageValid(hl), auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
         if (this.shouldResolveImmediately(hl) && isV2(_window().grecaptcha)) {
             return Promise.resolve(_window().grecaptcha);
         }
-        return new Promise(function (resolve, reject) {
-            var networkTimeout = _window().setTimeout(function () {
+        return new Promise((resolve, reject) => {
+            const networkTimeout = _window().setTimeout(() => {
                 reject(_createError(auth, "network-request-failed" /* AuthErrorCode.NETWORK_REQUEST_FAILED */));
             }, NETWORK_TIMEOUT_DELAY.get());
-            _window()[_JSLOAD_CALLBACK] = function () {
+            _window()[_JSLOAD_CALLBACK] = () => {
                 _window().clearTimeout(networkTimeout);
                 delete _window()[_JSLOAD_CALLBACK];
-                var recaptcha = _window().grecaptcha;
+                const recaptcha = _window().grecaptcha;
                 if (!recaptcha || !isV2(recaptcha)) {
                     reject(_createError(auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */));
                     return;
                 }
                 // Wrap the recaptcha render function so that we know if the developer has
                 // called it separately
-                var render = recaptcha.render;
-                recaptcha.render = function (container, params) {
-                    var widgetId = render(container, params);
-                    _this.counter++;
+                const render = recaptcha.render;
+                recaptcha.render = (container, params) => {
+                    const widgetId = render(container, params);
+                    this.counter++;
                     return widgetId;
                 };
-                _this.hostLanguage = hl;
+                this.hostLanguage = hl;
                 resolve(recaptcha);
             };
-            var url = "".concat(_recaptchaV2ScriptUrl(), "?").concat(querystring({
+            const url = `${_recaptchaV2ScriptUrl()}?${querystring({
                 onload: _JSLOAD_CALLBACK,
                 render: 'explicit',
-                hl: hl
-            }));
-            _loadJS(url).catch(function () {
+                hl
+            })}`;
+            _loadJS(url).catch(() => {
                 clearTimeout(networkTimeout);
                 reject(_createError(auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */));
             });
         });
-    };
-    ReCaptchaLoaderImpl.prototype.clearedOneInstance = function () {
+    }
+    clearedOneInstance() {
         this.counter--;
-    };
-    ReCaptchaLoaderImpl.prototype.shouldResolveImmediately = function (hl) {
+    }
+    shouldResolveImmediately(hl) {
         var _a;
         // We can resolve immediately if:
         //   • grecaptcha is already defined AND (
@@ -261,25 +122,17 @@ var ReCaptchaLoaderImpl = /** @class */ (function () {
             (hl === this.hostLanguage ||
                 this.counter > 0 ||
                 this.librarySeparatelyLoaded));
-    };
-    return ReCaptchaLoaderImpl;
-}());
+    }
+}
 function isHostLanguageValid(hl) {
     return hl.length <= 6 && /^\s*[a-zA-Z0-9\-]*\s*$/.test(hl);
 }
-var MockReCaptchaLoaderImpl = /** @class */ (function () {
-    function MockReCaptchaLoaderImpl() {
+class MockReCaptchaLoaderImpl {
+    async load(auth) {
+        return new MockReCaptcha(auth);
     }
-    MockReCaptchaLoaderImpl.prototype.load = function (auth) {
-        return __awaiter(this, void 0, void 0, function () {
-            return __generator(this, function (_a) {
-                return [2 /*return*/, new MockReCaptcha(auth)];
-            });
-        });
-    };
-    MockReCaptchaLoaderImpl.prototype.clearedOneInstance = function () { };
-    return MockReCaptchaLoaderImpl;
-}());
+    clearedOneInstance() { }
+}
 
 /**
  * @license
@@ -297,8 +150,8 @@ var MockReCaptchaLoaderImpl = /** @class */ (function () {
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-var RECAPTCHA_VERIFIER_TYPE = 'recaptcha';
-var DEFAULT_PARAMS = {
+const RECAPTCHA_VERIFIER_TYPE = 'recaptcha';
+const DEFAULT_PARAMS = {
     theme: 'light',
     type: 'image'
 };
@@ -310,7 +163,7 @@ var DEFAULT_PARAMS = {
  *
  * @public
  */
-var RecaptchaVerifier = /** @class */ (function () {
+class RecaptchaVerifier {
     /**
      * @param authExtern - The corresponding Firebase {@link Auth} instance.
      *
@@ -330,8 +183,7 @@ var RecaptchaVerifier = /** @class */ (function () {
      * configure this upon rendering. For an invisible reCAPTCHA, a size key must have the value
      * 'invisible'.
      */
-    function RecaptchaVerifier(authExtern, containerOrId, parameters) {
-        if (parameters === void 0) { parameters = __assign({}, DEFAULT_PARAMS); }
+    constructor(authExtern, containerOrId, parameters = Object.assign({}, DEFAULT_PARAMS)) {
         this.parameters = parameters;
         /**
          * The application verifier type.
@@ -348,7 +200,7 @@ var RecaptchaVerifier = /** @class */ (function () {
         this.auth = _castAuth(authExtern);
         this.isInvisible = this.parameters.size === 'invisible';
         _assert(typeof document !== 'undefined', this.auth, "operation-not-supported-in-this-environment" /* AuthErrorCode.OPERATION_NOT_SUPPORTED */);
-        var container = typeof containerOrId === 'string'
+        const container = typeof containerOrId === 'string'
             ? document.getElementById(containerOrId)
             : containerOrId;
         _assert(container, this.auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
@@ -365,46 +217,34 @@ var RecaptchaVerifier = /** @class */ (function () {
      *
      * @returns A Promise for the reCAPTCHA token.
      */
-    RecaptchaVerifier.prototype.verify = function () {
-        return __awaiter(this, void 0, void 0, function () {
-            var id, recaptcha, response;
-            var _this = this;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
-                    case 0:
-                        this.assertNotDestroyed();
-                        return [4 /*yield*/, this.render()];
-                    case 1:
-                        id = _a.sent();
-                        recaptcha = this.getAssertedRecaptcha();
-                        response = recaptcha.getResponse(id);
-                        if (response) {
-                            return [2 /*return*/, response];
-                        }
-                        return [2 /*return*/, new Promise(function (resolve) {
-                                var tokenChange = function (token) {
-                                    if (!token) {
-                                        return; // Ignore token expirations.
-                                    }
-                                    _this.tokenChangeListeners.delete(tokenChange);
-                                    resolve(token);
-                                };
-                                _this.tokenChangeListeners.add(tokenChange);
-                                if (_this.isInvisible) {
-                                    recaptcha.execute(id);
-                                }
-                            })];
+    async verify() {
+        this.assertNotDestroyed();
+        const id = await this.render();
+        const recaptcha = this.getAssertedRecaptcha();
+        const response = recaptcha.getResponse(id);
+        if (response) {
+            return response;
+        }
+        return new Promise(resolve => {
+            const tokenChange = (token) => {
+                if (!token) {
+                    return; // Ignore token expirations.
                 }
-            });
+                this.tokenChangeListeners.delete(tokenChange);
+                resolve(token);
+            };
+            this.tokenChangeListeners.add(tokenChange);
+            if (this.isInvisible) {
+                recaptcha.execute(id);
+            }
         });
-    };
+    }
     /**
      * Renders the reCAPTCHA widget on the page.
      *
      * @returns A Promise that resolves with the reCAPTCHA widget ID.
      */
-    RecaptchaVerifier.prototype.render = function () {
-        var _this = this;
+    render() {
         try {
             this.assertNotDestroyed();
         }
@@ -417,111 +257,83 @@ var RecaptchaVerifier = /** @class */ (function () {
         if (this.renderPromise) {
             return this.renderPromise;
         }
-        this.renderPromise = this.makeRenderPromise().catch(function (e) {
-            _this.renderPromise = null;
+        this.renderPromise = this.makeRenderPromise().catch(e => {
+            this.renderPromise = null;
             throw e;
         });
         return this.renderPromise;
-    };
+    }
     /** @internal */
-    RecaptchaVerifier.prototype._reset = function () {
+    _reset() {
         this.assertNotDestroyed();
         if (this.widgetId !== null) {
             this.getAssertedRecaptcha().reset(this.widgetId);
         }
-    };
+    }
     /**
      * Clears the reCAPTCHA widget from the page and destroys the instance.
      */
-    RecaptchaVerifier.prototype.clear = function () {
-        var _this = this;
+    clear() {
         this.assertNotDestroyed();
         this.destroyed = true;
         this._recaptchaLoader.clearedOneInstance();
         if (!this.isInvisible) {
-            this.container.childNodes.forEach(function (node) {
-                _this.container.removeChild(node);
+            this.container.childNodes.forEach(node => {
+                this.container.removeChild(node);
             });
         }
-    };
-    RecaptchaVerifier.prototype.validateStartingState = function () {
+    }
+    validateStartingState() {
         _assert(!this.parameters.sitekey, this.auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
         _assert(this.isInvisible || !this.container.hasChildNodes(), this.auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
         _assert(typeof document !== 'undefined', this.auth, "operation-not-supported-in-this-environment" /* AuthErrorCode.OPERATION_NOT_SUPPORTED */);
-    };
-    RecaptchaVerifier.prototype.makeTokenCallback = function (existing) {
-        var _this = this;
-        return function (token) {
-            _this.tokenChangeListeners.forEach(function (listener) { return listener(token); });
+    }
+    makeTokenCallback(existing) {
+        return token => {
+            this.tokenChangeListeners.forEach(listener => listener(token));
             if (typeof existing === 'function') {
                 existing(token);
             }
             else if (typeof existing === 'string') {
-                var globalFunc = _window()[existing];
+                const globalFunc = _window()[existing];
                 if (typeof globalFunc === 'function') {
                     globalFunc(token);
                 }
             }
         };
-    };
-    RecaptchaVerifier.prototype.assertNotDestroyed = function () {
+    }
+    assertNotDestroyed() {
         _assert(!this.destroyed, this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
-    };
-    RecaptchaVerifier.prototype.makeRenderPromise = function () {
-        return __awaiter(this, void 0, void 0, function () {
-            var container, guaranteedEmpty;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
-                    case 0: return [4 /*yield*/, this.init()];
-                    case 1:
-                        _a.sent();
-                        if (!this.widgetId) {
-                            container = this.container;
-                            if (!this.isInvisible) {
-                                guaranteedEmpty = document.createElement('div');
-                                container.appendChild(guaranteedEmpty);
-                                container = guaranteedEmpty;
-                            }
-                            this.widgetId = this.getAssertedRecaptcha().render(container, this.parameters);
-                        }
-                        return [2 /*return*/, this.widgetId];
-                }
-            });
-        });
-    };
-    RecaptchaVerifier.prototype.init = function () {
-        return __awaiter(this, void 0, void 0, function () {
-            var _a, siteKey;
-            return __generator(this, function (_b) {
-                switch (_b.label) {
-                    case 0:
-                        _assert(_isHttpOrHttps() && !_isWorker(), this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
-                        return [4 /*yield*/, domReady()];
-                    case 1:
-                        _b.sent();
-                        _a = this;
-                        return [4 /*yield*/, this._recaptchaLoader.load(this.auth, this.auth.languageCode || undefined)];
-                    case 2:
-                        _a.recaptcha = _b.sent();
-                        return [4 /*yield*/, getRecaptchaParams(this.auth)];
-                    case 3:
-                        siteKey = _b.sent();
-                        _assert(siteKey, this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
-                        this.parameters.sitekey = siteKey;
-                        return [2 /*return*/];
-                }
-            });
-        });
-    };
-    RecaptchaVerifier.prototype.getAssertedRecaptcha = function () {
+    }
+    async makeRenderPromise() {
+        await this.init();
+        if (!this.widgetId) {
+            let container = this.container;
+            if (!this.isInvisible) {
+                const guaranteedEmpty = document.createElement('div');
+                container.appendChild(guaranteedEmpty);
+                container = guaranteedEmpty;
+            }
+            this.widgetId = this.getAssertedRecaptcha().render(container, this.parameters);
+        }
+        return this.widgetId;
+    }
+    async init() {
+        _assert(_isHttpOrHttps() && !_isWorker(), this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
+        await domReady();
+        this.recaptcha = await this._recaptchaLoader.load(this.auth, this.auth.languageCode || undefined);
+        const siteKey = await getRecaptchaParams(this.auth);
+        _assert(siteKey, this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
+        this.parameters.sitekey = siteKey;
+    }
+    getAssertedRecaptcha() {
         _assert(this.recaptcha, this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
         return this.recaptcha;
-    };
-    return RecaptchaVerifier;
-}());
+    }
+}
 function domReady() {
-    var resolver = null;
-    return new Promise(function (resolve) {
+    let resolver = null;
+    return new Promise(resolve => {
         if (document.readyState === 'complete') {
             resolve();
             return;
@@ -529,9 +341,9 @@ function domReady() {
         // Document not ready, wait for load before resolving.
         // Save resolver, so we can remove listener in case it was externally
         // cancelled.
-        resolver = function () { return resolve(); };
+        resolver = () => resolve();
         window.addEventListener('load', resolver);
-    }).catch(function (e) {
+    }).catch(e => {
         if (resolver) {
             window.removeEventListener('load', resolver);
         }
@@ -555,17 +367,16 @@ function domReady() {
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-var ConfirmationResultImpl = /** @class */ (function () {
-    function ConfirmationResultImpl(verificationId, onConfirmation) {
+class ConfirmationResultImpl {
+    constructor(verificationId, onConfirmation) {
         this.verificationId = verificationId;
         this.onConfirmation = onConfirmation;
     }
-    ConfirmationResultImpl.prototype.confirm = function (verificationCode) {
-        var authCredential = PhoneAuthCredential._fromVerification(this.verificationId, verificationCode);
+    confirm(verificationCode) {
+        const authCredential = PhoneAuthCredential._fromVerification(this.verificationId, verificationCode);
         return this.onConfirmation(authCredential);
-    };
-    return ConfirmationResultImpl;
-}());
+    }
+}
 /**
  * Asynchronously signs in using a phone number.
  *
@@ -575,12 +386,15 @@ var ConfirmationResultImpl = /** @class */ (function () {
  * provides the code sent to their phone, call {@link ConfirmationResult.confirm}
  * with the code to sign the user in.
  *
- * For abuse prevention, this method also requires a {@link ApplicationVerifier}.
- * This SDK includes a reCAPTCHA-based implementation, {@link RecaptchaVerifier}.
+ * For abuse prevention, this method requires a {@link ApplicationVerifier}.
+ * This SDK includes an implementation based on reCAPTCHA v2, {@link RecaptchaVerifier}.
  * This function can work on other platforms that do not support the
  * {@link RecaptchaVerifier} (like React Native), but you need to use a
  * third-party {@link ApplicationVerifier} implementation.
  *
+ * If you've enabled project-level reCAPTCHA Enterprise bot protection in
+ * Enforce mode, you can omit the {@link ApplicationVerifier}.
+ *
  * This method does not work in a Node.js environment or with {@link Auth} instances created with a
  * {@link @firebase/app#FirebaseServerApp}.
  *
@@ -599,25 +413,13 @@ var ConfirmationResultImpl = /** @class */ (function () {
  *
  * @public
  */
-function signInWithPhoneNumber(auth, phoneNumber, appVerifier) {
-    return __awaiter(this, void 0, void 0, function () {
-        var authInternal, verificationId;
-        return __generator(this, function (_a) {
-            switch (_a.label) {
-                case 0:
-                    if (_isFirebaseServerApp(auth.app)) {
-                        return [2 /*return*/, Promise.reject(_serverAppCurrentUserOperationNotSupportedError(auth))];
-                    }
-                    authInternal = _castAuth(auth);
-                    return [4 /*yield*/, _verifyPhoneNumber(authInternal, phoneNumber, getModularInstance(appVerifier))];
-                case 1:
-                    verificationId = _a.sent();
-                    return [2 /*return*/, new ConfirmationResultImpl(verificationId, function (cred) {
-                            return signInWithCredential(authInternal, cred);
-                        })];
-            }
-        });
-    });
+async function signInWithPhoneNumber(auth, phoneNumber, appVerifier) {
+    if (_isFirebaseServerApp(auth.app)) {
+        return Promise.reject(_serverAppCurrentUserOperationNotSupportedError(auth));
+    }
+    const authInternal = _castAuth(auth);
+    const verificationId = await _verifyPhoneNumber(authInternal, phoneNumber, getModularInstance(appVerifier));
+    return new ConfirmationResultImpl(verificationId, cred => signInWithCredential(authInternal, cred));
 }
 /**
  * Links the user account with the given phone number.
@@ -631,25 +433,11 @@ function signInWithPhoneNumber(auth, phoneNumber, appVerifier) {
  *
  * @public
  */
-function linkWithPhoneNumber(user, phoneNumber, appVerifier) {
-    return __awaiter(this, void 0, void 0, function () {
-        var userInternal, verificationId;
-        return __generator(this, function (_a) {
-            switch (_a.label) {
-                case 0:
-                    userInternal = getModularInstance(user);
-                    return [4 /*yield*/, _assertLinkedStatus(false, userInternal, "phone" /* ProviderId.PHONE */)];
-                case 1:
-                    _a.sent();
-                    return [4 /*yield*/, _verifyPhoneNumber(userInternal.auth, phoneNumber, getModularInstance(appVerifier))];
-                case 2:
-                    verificationId = _a.sent();
-                    return [2 /*return*/, new ConfirmationResultImpl(verificationId, function (cred) {
-                            return linkWithCredential(userInternal, cred);
-                        })];
-            }
-        });
-    });
+async function linkWithPhoneNumber(user, phoneNumber, appVerifier) {
+    const userInternal = getModularInstance(user);
+    await _assertLinkedStatus(false, userInternal, "phone" /* ProviderId.PHONE */);
+    const verificationId = await _verifyPhoneNumber(userInternal.auth, phoneNumber, getModularInstance(appVerifier));
+    return new ConfirmationResultImpl(verificationId, cred => linkWithCredential(userInternal, cred));
 }
 /**
  * Re-authenticates a user using a fresh phone credential.
@@ -666,98 +454,120 @@ function linkWithPhoneNumber(user, phoneNumber, appVerifier) {
  *
  * @public
  */
-function reauthenticateWithPhoneNumber(user, phoneNumber, appVerifier) {
-    return __awaiter(this, void 0, void 0, function () {
-        var userInternal, verificationId;
-        return __generator(this, function (_a) {
-            switch (_a.label) {
-                case 0:
-                    userInternal = getModularInstance(user);
-                    if (_isFirebaseServerApp(userInternal.auth.app)) {
-                        return [2 /*return*/, Promise.reject(_serverAppCurrentUserOperationNotSupportedError(userInternal.auth))];
-                    }
-                    return [4 /*yield*/, _verifyPhoneNumber(userInternal.auth, phoneNumber, getModularInstance(appVerifier))];
-                case 1:
-                    verificationId = _a.sent();
-                    return [2 /*return*/, new ConfirmationResultImpl(verificationId, function (cred) {
-                            return reauthenticateWithCredential(userInternal, cred);
-                        })];
-            }
-        });
-    });
+async function reauthenticateWithPhoneNumber(user, phoneNumber, appVerifier) {
+    const userInternal = getModularInstance(user);
+    if (_isFirebaseServerApp(userInternal.auth.app)) {
+        return Promise.reject(_serverAppCurrentUserOperationNotSupportedError(userInternal.auth));
+    }
+    const verificationId = await _verifyPhoneNumber(userInternal.auth, phoneNumber, getModularInstance(appVerifier));
+    return new ConfirmationResultImpl(verificationId, cred => reauthenticateWithCredential(userInternal, cred));
 }
 /**
  * Returns a verification ID to be used in conjunction with the SMS code that is sent.
  *
  */
-function _verifyPhoneNumber(auth, options, verifier) {
+async function _verifyPhoneNumber(auth, options, verifier) {
     var _a;
-    return __awaiter(this, void 0, void 0, function () {
-        var recaptchaToken, phoneInfoOptions, session, response, mfaEnrollmentId, response, sessionInfo;
-        return __generator(this, function (_b) {
-            switch (_b.label) {
-                case 0: return [4 /*yield*/, verifier.verify()];
-                case 1:
-                    recaptchaToken = _b.sent();
-                    _b.label = 2;
-                case 2:
-                    _b.trys.push([2, , 10, 11]);
-                    _assert(typeof recaptchaToken === 'string', auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
-                    _assert(verifier.type === RECAPTCHA_VERIFIER_TYPE, auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
-                    phoneInfoOptions = void 0;
-                    if (typeof options === 'string') {
-                        phoneInfoOptions = {
-                            phoneNumber: options
-                        };
+    if (!auth._getRecaptchaConfig()) {
+        try {
+            await _initializeRecaptchaConfig(auth);
+        }
+        catch (error) {
+            // If an error occurs while fetching the config, there is no way to know the enablement state
+            // of Phone provider, so we proceed with recaptcha V2 verification.
+            // The error is likely "recaptchaKey undefined", as reCAPTCHA Enterprise is not
+            // enabled for any provider.
+            console.log('Failed to initialize reCAPTCHA Enterprise config. Triggering the reCAPTCHA v2 verification.');
+        }
+    }
+    try {
+        let phoneInfoOptions;
+        if (typeof options === 'string') {
+            phoneInfoOptions = {
+                phoneNumber: options
+            };
+        }
+        else {
+            phoneInfoOptions = options;
+        }
+        if ('session' in phoneInfoOptions) {
+            const session = phoneInfoOptions.session;
+            if ('phoneNumber' in phoneInfoOptions) {
+                _assert(session.type === "enroll" /* MultiFactorSessionType.ENROLL */, auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
+                const startPhoneMfaEnrollmentRequest = {
+                    idToken: session.credential,
+                    phoneEnrollmentInfo: {
+                        phoneNumber: phoneInfoOptions.phoneNumber,
+                        clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
                     }
-                    else {
-                        phoneInfoOptions = options;
+                };
+                const startEnrollPhoneMfaActionCallback = async (authInstance, request) => {
+                    // If reCAPTCHA Enterprise token is FAKE_TOKEN, fetch reCAPTCHA v2 token and inject into request.
+                    if (request.phoneEnrollmentInfo.captchaResponse === FAKE_TOKEN) {
+                        _assert((verifier === null || verifier === void 0 ? void 0 : verifier.type) === RECAPTCHA_VERIFIER_TYPE, authInstance, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
+                        const requestWithRecaptchaV2 = await injectRecaptchaV2Token(authInstance, request, verifier);
+                        return startEnrollPhoneMfa(authInstance, requestWithRecaptchaV2);
                     }
-                    if (!('session' in phoneInfoOptions)) return [3 /*break*/, 7];
-                    session = phoneInfoOptions.session;
-                    if (!('phoneNumber' in phoneInfoOptions)) return [3 /*break*/, 4];
-                    _assert(session.type === "enroll" /* MultiFactorSessionType.ENROLL */, auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
-                    return [4 /*yield*/, startEnrollPhoneMfa(auth, {
-                            idToken: session.credential,
-                            phoneEnrollmentInfo: {
-                                phoneNumber: phoneInfoOptions.phoneNumber,
-                                recaptchaToken: recaptchaToken
-                            }
-                        })];
-                case 3:
-                    response = _b.sent();
-                    return [2 /*return*/, response.phoneSessionInfo.sessionInfo];
-                case 4:
-                    _assert(session.type === "signin" /* MultiFactorSessionType.SIGN_IN */, auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
-                    mfaEnrollmentId = ((_a = phoneInfoOptions.multiFactorHint) === null || _a === void 0 ? void 0 : _a.uid) ||
-                        phoneInfoOptions.multiFactorUid;
-                    _assert(mfaEnrollmentId, auth, "missing-multi-factor-info" /* AuthErrorCode.MISSING_MFA_INFO */);
-                    return [4 /*yield*/, startSignInPhoneMfa(auth, {
-                            mfaPendingCredential: session.credential,
-                            mfaEnrollmentId: mfaEnrollmentId,
-                            phoneSignInInfo: {
-                                recaptchaToken: recaptchaToken
-                            }
-                        })];
-                case 5:
-                    response = _b.sent();
-                    return [2 /*return*/, response.phoneResponseInfo.sessionInfo];
-                case 6: return [3 /*break*/, 9];
-                case 7: return [4 /*yield*/, sendPhoneVerificationCode(auth, {
-                        phoneNumber: phoneInfoOptions.phoneNumber,
-                        recaptchaToken: recaptchaToken
-                    })];
-                case 8:
-                    sessionInfo = (_b.sent()).sessionInfo;
-                    return [2 /*return*/, sessionInfo];
-                case 9: return [3 /*break*/, 11];
-                case 10:
-                    verifier._reset();
-                    return [7 /*endfinally*/];
-                case 11: return [2 /*return*/];
+                    return startEnrollPhoneMfa(authInstance, request);
+                };
+                const startPhoneMfaEnrollmentResponse = handleRecaptchaFlow(auth, startPhoneMfaEnrollmentRequest, "mfaSmsEnrollment" /* RecaptchaActionName.MFA_SMS_ENROLLMENT */, startEnrollPhoneMfaActionCallback, "PHONE_PROVIDER" /* RecaptchaAuthProvider.PHONE_PROVIDER */);
+                const response = await startPhoneMfaEnrollmentResponse.catch(error => {
+                    return Promise.reject(error);
+                });
+                return response.phoneSessionInfo.sessionInfo;
             }
-        });
-    });
+            else {
+                _assert(session.type === "signin" /* MultiFactorSessionType.SIGN_IN */, auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
+                const mfaEnrollmentId = ((_a = phoneInfoOptions.multiFactorHint) === null || _a === void 0 ? void 0 : _a.uid) ||
+                    phoneInfoOptions.multiFactorUid;
+                _assert(mfaEnrollmentId, auth, "missing-multi-factor-info" /* AuthErrorCode.MISSING_MFA_INFO */);
+                const startPhoneMfaSignInRequest = {
+                    mfaPendingCredential: session.credential,
+                    mfaEnrollmentId,
+                    phoneSignInInfo: {
+                        clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
+                    }
+                };
+                const startSignInPhoneMfaActionCallback = async (authInstance, request) => {
+                    // If reCAPTCHA Enterprise token is FAKE_TOKEN, fetch reCAPTCHA v2 token and inject into request.
+                    if (request.phoneSignInInfo.captchaResponse === FAKE_TOKEN) {
+                        _assert((verifier === null || verifier === void 0 ? void 0 : verifier.type) === RECAPTCHA_VERIFIER_TYPE, authInstance, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
+                        const requestWithRecaptchaV2 = await injectRecaptchaV2Token(authInstance, request, verifier);
+                        return startSignInPhoneMfa(authInstance, requestWithRecaptchaV2);
+                    }
+                    return startSignInPhoneMfa(authInstance, request);
+                };
+                const startPhoneMfaSignInResponse = handleRecaptchaFlow(auth, startPhoneMfaSignInRequest, "mfaSmsSignIn" /* RecaptchaActionName.MFA_SMS_SIGNIN */, startSignInPhoneMfaActionCallback, "PHONE_PROVIDER" /* RecaptchaAuthProvider.PHONE_PROVIDER */);
+                const response = await startPhoneMfaSignInResponse.catch(error => {
+                    return Promise.reject(error);
+                });
+                return response.phoneResponseInfo.sessionInfo;
+            }
+        }
+        else {
+            const sendPhoneVerificationCodeRequest = {
+                phoneNumber: phoneInfoOptions.phoneNumber,
+                clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */
+            };
+            const sendPhoneVerificationCodeActionCallback = async (authInstance, request) => {
+                // If reCAPTCHA Enterprise token is FAKE_TOKEN, fetch reCAPTCHA v2 token and inject into request.
+                if (request.captchaResponse === FAKE_TOKEN) {
+                    _assert((verifier === null || verifier === void 0 ? void 0 : verifier.type) === RECAPTCHA_VERIFIER_TYPE, authInstance, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
+                    const requestWithRecaptchaV2 = await injectRecaptchaV2Token(authInstance, request, verifier);
+                    return sendPhoneVerificationCode(authInstance, requestWithRecaptchaV2);
+                }
+                return sendPhoneVerificationCode(authInstance, request);
+            };
+            const sendPhoneVerificationCodeResponse = handleRecaptchaFlow(auth, sendPhoneVerificationCodeRequest, "sendVerificationCode" /* RecaptchaActionName.SEND_VERIFICATION_CODE */, sendPhoneVerificationCodeActionCallback, "PHONE_PROVIDER" /* RecaptchaAuthProvider.PHONE_PROVIDER */);
+            const response = await sendPhoneVerificationCodeResponse.catch(error => {
+                return Promise.reject(error);
+            });
+            return response.sessionInfo;
+        }
+    }
+    finally {
+        verifier === null || verifier === void 0 ? void 0 : verifier._reset();
+    }
 }
 /**
  * Updates the user's phone number.
@@ -782,23 +592,55 @@ function _verifyPhoneNumber(auth, options, verifier) {
  *
  * @public
  */
-function updatePhoneNumber(user, credential) {
-    return __awaiter(this, void 0, void 0, function () {
-        var userInternal;
-        return __generator(this, function (_a) {
-            switch (_a.label) {
-                case 0:
-                    userInternal = getModularInstance(user);
-                    if (_isFirebaseServerApp(userInternal.auth.app)) {
-                        return [2 /*return*/, Promise.reject(_serverAppCurrentUserOperationNotSupportedError(userInternal.auth))];
-                    }
-                    return [4 /*yield*/, _link(userInternal, credential)];
-                case 1:
-                    _a.sent();
-                    return [2 /*return*/];
+async function updatePhoneNumber(user, credential) {
+    const userInternal = getModularInstance(user);
+    if (_isFirebaseServerApp(userInternal.auth.app)) {
+        return Promise.reject(_serverAppCurrentUserOperationNotSupportedError(userInternal.auth));
+    }
+    await _link(userInternal, credential);
+}
+// Helper function that fetches and injects a reCAPTCHA v2 token into the request.
+async function injectRecaptchaV2Token(auth, request, recaptchaV2Verifier) {
+    _assert(recaptchaV2Verifier.type === RECAPTCHA_VERIFIER_TYPE, auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
+    const recaptchaV2Token = await recaptchaV2Verifier.verify();
+    _assert(typeof recaptchaV2Token === 'string', auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
+    const newRequest = Object.assign({}, request);
+    if ('phoneEnrollmentInfo' in newRequest) {
+        const phoneNumber = newRequest.phoneEnrollmentInfo.phoneNumber;
+        const captchaResponse = newRequest.phoneEnrollmentInfo.captchaResponse;
+        const clientType = newRequest
+            .phoneEnrollmentInfo.clientType;
+        const recaptchaVersion = newRequest.phoneEnrollmentInfo.recaptchaVersion;
+        Object.assign(newRequest, {
+            'phoneEnrollmentInfo': {
+                phoneNumber,
+                recaptchaToken: recaptchaV2Token,
+                captchaResponse,
+                clientType,
+                recaptchaVersion
             }
         });
-    });
+        return newRequest;
+    }
+    else if ('phoneSignInInfo' in newRequest) {
+        const captchaResponse = newRequest.phoneSignInInfo.captchaResponse;
+        const clientType = newRequest
+            .phoneSignInInfo.clientType;
+        const recaptchaVersion = newRequest.phoneSignInInfo.recaptchaVersion;
+        Object.assign(newRequest, {
+            'phoneSignInInfo': {
+                recaptchaToken: recaptchaV2Token,
+                captchaResponse,
+                clientType,
+                recaptchaVersion
+            }
+        });
+        return newRequest;
+    }
+    else {
+        Object.assign(newRequest, { 'recaptchaToken': recaptchaV2Token });
+        return newRequest;
+    }
 }
 
 /**
@@ -836,12 +678,12 @@ function updatePhoneNumber(user, credential) {
  *
  * @public
  */
-var PhoneAuthProvider = /** @class */ (function () {
+class PhoneAuthProvider {
     /**
      * @param auth - The Firebase {@link Auth} instance in which sign-ins should occur.
      *
      */
-    function PhoneAuthProvider(auth) {
+    constructor(auth) {
         /** Always set to {@link ProviderId}.PHONE. */
         this.providerId = PhoneAuthProvider.PROVIDER_ID;
         this.auth = _castAuth(auth);
@@ -870,16 +712,18 @@ var PhoneAuthProvider = /** @class */ (function () {
      *
      * @param phoneInfoOptions - The user's {@link PhoneInfoOptions}. The phone number should be in
      * E.164 format (e.g. +16505550101).
-     * @param applicationVerifier - For abuse prevention, this method also requires a
-     * {@link ApplicationVerifier}. This SDK includes a reCAPTCHA-based implementation,
-     * {@link RecaptchaVerifier}.
+     * @param applicationVerifier - An {@link ApplicationVerifier}, which prevents
+     * requests from unauthorized clients. This SDK includes an implementation
+     * based on reCAPTCHA v2, {@link RecaptchaVerifier}. If you've enabled
+     * reCAPTCHA Enterprise bot protection in Enforce mode, this parameter is
+     * optional; in all other configurations, the parameter is required.
      *
      * @returns A Promise for a verification ID that can be passed to
-     * {@link PhoneAuthProvider.credential} to identify this flow..
+     * {@link PhoneAuthProvider.credential} to identify this flow.
      */
-    PhoneAuthProvider.prototype.verifyPhoneNumber = function (phoneOptions, applicationVerifier) {
+    verifyPhoneNumber(phoneOptions, applicationVerifier) {
         return _verifyPhoneNumber(this.auth, phoneOptions, getModularInstance(applicationVerifier));
-    };
+    }
     /**
      * Creates a phone auth credential, given the verification ID from
      * {@link PhoneAuthProvider.verifyPhoneNumber} and the code that was sent to the user's
@@ -907,17 +751,17 @@ var PhoneAuthProvider = /** @class */ (function () {
      *
      * @returns The auth provider credential.
      */
-    PhoneAuthProvider.credential = function (verificationId, verificationCode) {
+    static credential(verificationId, verificationCode) {
         return PhoneAuthCredential._fromVerification(verificationId, verificationCode);
-    };
+    }
     /**
      * Generates an {@link AuthCredential} from a {@link UserCredential}.
      * @param userCredential - The user credential.
      */
-    PhoneAuthProvider.credentialFromResult = function (userCredential) {
-        var credential = userCredential;
+    static credentialFromResult(userCredential) {
+        const credential = userCredential;
         return PhoneAuthProvider.credentialFromTaggedObject(credential);
-    };
+    }
     /**
      * Returns an {@link AuthCredential} when passed an error.
      *
@@ -950,26 +794,24 @@ var PhoneAuthProvider = /** @class */ (function () {
      *
      * @param error - The error to generate a credential from.
      */
-    PhoneAuthProvider.credentialFromError = function (error) {
+    static credentialFromError(error) {
         return PhoneAuthProvider.credentialFromTaggedObject((error.customData || {}));
-    };
-    PhoneAuthProvider.credentialFromTaggedObject = function (_a) {
-        var tokenResponse = _a._tokenResponse;
+    }
+    static credentialFromTaggedObject({ _tokenResponse: tokenResponse }) {
         if (!tokenResponse) {
             return null;
         }
-        var _b = tokenResponse, phoneNumber = _b.phoneNumber, temporaryProof = _b.temporaryProof;
+        const { phoneNumber, temporaryProof } = tokenResponse;
         if (phoneNumber && temporaryProof) {
             return PhoneAuthCredential._fromTokenResponse(phoneNumber, temporaryProof);
         }
         return null;
-    };
-    /** Always set to {@link ProviderId}.PHONE. */
-    PhoneAuthProvider.PROVIDER_ID = "phone" /* ProviderId.PHONE */;
-    /** Always set to {@link SignInMethod}.PHONE. */
-    PhoneAuthProvider.PHONE_SIGN_IN_METHOD = "phone" /* SignInMethod.PHONE */;
-    return PhoneAuthProvider;
-}());
+    }
+}
+/** Always set to {@link ProviderId}.PHONE. */
+PhoneAuthProvider.PROVIDER_ID = "phone" /* ProviderId.PHONE */;
+/** Always set to {@link SignInMethod}.PHONE. */
+PhoneAuthProvider.PHONE_SIGN_IN_METHOD = "phone" /* SignInMethod.PHONE */;
 
 /**
  * @license
@@ -987,7 +829,7 @@ var PhoneAuthProvider = /** @class */ (function () {
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-var _POLL_WINDOW_CLOSE_TIMEOUT = new Delay(2000, 10000);
+const _POLL_WINDOW_CLOSE_TIMEOUT = new Delay(2000, 10000);
 /**
  * Authenticates a Firebase client using a popup-based OAuth authentication flow.
  *
@@ -1019,20 +861,15 @@ var _POLL_WINDOW_CLOSE_TIMEOUT = new Delay(2000, 10000);
  *
  * @public
  */
-function signInWithPopup(auth, provider, resolver) {
-    return __awaiter(this, void 0, void 0, function () {
-        var authInternal, resolverInternal, action;
-        return __generator(this, function (_a) {
-            if (_isFirebaseServerApp(auth.app)) {
-                return [2 /*return*/, Promise.reject(_createError(auth, "operation-not-supported-in-this-environment" /* AuthErrorCode.OPERATION_NOT_SUPPORTED */))];
-            }
-            authInternal = _castAuth(auth);
-            _assertInstanceOf(auth, provider, FederatedAuthProvider);
-            resolverInternal = _withDefaultResolver(authInternal, resolver);
-            action = new PopupOperation(authInternal, "signInViaPopup" /* AuthEventType.SIGN_IN_VIA_POPUP */, provider, resolverInternal);
-            return [2 /*return*/, action.executeNotNull()];
-        });
-    });
+async function signInWithPopup(auth, provider, resolver) {
+    if (_isFirebaseServerApp(auth.app)) {
+        return Promise.reject(_createError(auth, "operation-not-supported-in-this-environment" /* AuthErrorCode.OPERATION_NOT_SUPPORTED */));
+    }
+    const authInternal = _castAuth(auth);
+    _assertInstanceOf(auth, provider, FederatedAuthProvider);
+    const resolverInternal = _withDefaultResolver(authInternal, resolver);
+    const action = new PopupOperation(authInternal, "signInViaPopup" /* AuthEventType.SIGN_IN_VIA_POPUP */, provider, resolverInternal);
+    return action.executeNotNull();
 }
 /**
  * Reauthenticates the current user with the specified {@link OAuthProvider} using a pop-up based
@@ -1062,20 +899,15 @@ function signInWithPopup(auth, provider, resolver) {
  *
  * @public
  */
-function reauthenticateWithPopup(user, provider, resolver) {
-    return __awaiter(this, void 0, void 0, function () {
-        var userInternal, resolverInternal, action;
-        return __generator(this, function (_a) {
-            userInternal = getModularInstance(user);
-            if (_isFirebaseServerApp(userInternal.auth.app)) {
-                return [2 /*return*/, Promise.reject(_createError(userInternal.auth, "operation-not-supported-in-this-environment" /* AuthErrorCode.OPERATION_NOT_SUPPORTED */))];
-            }
-            _assertInstanceOf(userInternal.auth, provider, FederatedAuthProvider);
-            resolverInternal = _withDefaultResolver(userInternal.auth, resolver);
-            action = new PopupOperation(userInternal.auth, "reauthViaPopup" /* AuthEventType.REAUTH_VIA_POPUP */, provider, resolverInternal, userInternal);
-            return [2 /*return*/, action.executeNotNull()];
-        });
-    });
+async function reauthenticateWithPopup(user, provider, resolver) {
+    const userInternal = getModularInstance(user);
+    if (_isFirebaseServerApp(userInternal.auth.app)) {
+        return Promise.reject(_createError(userInternal.auth, "operation-not-supported-in-this-environment" /* AuthErrorCode.OPERATION_NOT_SUPPORTED */));
+    }
+    _assertInstanceOf(userInternal.auth, provider, FederatedAuthProvider);
+    const resolverInternal = _withDefaultResolver(userInternal.auth, resolver);
+    const action = new PopupOperation(userInternal.auth, "reauthViaPopup" /* AuthEventType.REAUTH_VIA_POPUP */, provider, resolverInternal, userInternal);
+    return action.executeNotNull();
 }
 /**
  * Links the authenticated provider to the user account using a pop-up based OAuth flow.
@@ -1102,99 +934,66 @@ function reauthenticateWithPopup(user, provider, resolver) {
  *
  * @public
  */
-function linkWithPopup(user, provider, resolver) {
-    return __awaiter(this, void 0, void 0, function () {
-        var userInternal, resolverInternal, action;
-        return __generator(this, function (_a) {
-            userInternal = getModularInstance(user);
-            _assertInstanceOf(userInternal.auth, provider, FederatedAuthProvider);
-            resolverInternal = _withDefaultResolver(userInternal.auth, resolver);
-            action = new PopupOperation(userInternal.auth, "linkViaPopup" /* AuthEventType.LINK_VIA_POPUP */, provider, resolverInternal, userInternal);
-            return [2 /*return*/, action.executeNotNull()];
-        });
-    });
+async function linkWithPopup(user, provider, resolver) {
+    const userInternal = getModularInstance(user);
+    _assertInstanceOf(userInternal.auth, provider, FederatedAuthProvider);
+    const resolverInternal = _withDefaultResolver(userInternal.auth, resolver);
+    const action = new PopupOperation(userInternal.auth, "linkViaPopup" /* AuthEventType.LINK_VIA_POPUP */, provider, resolverInternal, userInternal);
+    return action.executeNotNull();
 }
 /**
  * Popup event manager. Handles the popup's entire lifecycle; listens to auth
  * events
  *
  */
-var PopupOperation = /** @class */ (function (_super) {
-    __extends(PopupOperation, _super);
-    function PopupOperation(auth, filter, provider, resolver, user) {
-        var _this = _super.call(this, auth, filter, resolver, user) || this;
-        _this.provider = provider;
-        _this.authWindow = null;
-        _this.pollId = null;
+class PopupOperation extends AbstractPopupRedirectOperation {
+    constructor(auth, filter, provider, resolver, user) {
+        super(auth, filter, resolver, user);
+        this.provider = provider;
+        this.authWindow = null;
+        this.pollId = null;
         if (PopupOperation.currentPopupAction) {
             PopupOperation.currentPopupAction.cancel();
         }
-        PopupOperation.currentPopupAction = _this;
-        return _this;
-    }
-    PopupOperation.prototype.executeNotNull = function () {
-        return __awaiter(this, void 0, void 0, function () {
-            var result;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
-                    case 0: return [4 /*yield*/, this.execute()];
-                    case 1:
-                        result = _a.sent();
-                        _assert(result, this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
-                        return [2 /*return*/, result];
-                }
-            });
+        PopupOperation.currentPopupAction = this;
+    }
+    async executeNotNull() {
+        const result = await this.execute();
+        _assert(result, this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
+        return result;
+    }
+    async onExecution() {
+        debugAssert(this.filter.length === 1, 'Popup operations only handle one event');
+        const eventId = _generateEventId();
+        this.authWindow = await this.resolver._openPopup(this.auth, this.provider, this.filter[0], // There's always one, see constructor
+        eventId);
+        this.authWindow.associatedEvent = eventId;
+        // Check for web storage support and origin validation _after_ the popup is
+        // loaded. These operations are slow (~1 second or so) Rather than
+        // waiting on them before opening the window, optimistically open the popup
+        // and check for storage support at the same time. If storage support is
+        // not available, this will cause the whole thing to reject properly. It
+        // will also close the popup, but since the promise has already rejected,
+        // the popup closed by user poll will reject into the void.
+        this.resolver._originValidation(this.auth).catch(e => {
+            this.reject(e);
         });
-    };
-    PopupOperation.prototype.onExecution = function () {
-        return __awaiter(this, void 0, void 0, function () {
-            var eventId, _a;
-            var _this = this;
-            return __generator(this, function (_b) {
-                switch (_b.label) {
-                    case 0:
-                        debugAssert(this.filter.length === 1, 'Popup operations only handle one event');
-                        eventId = _generateEventId();
-                        _a = this;
-                        return [4 /*yield*/, this.resolver._openPopup(this.auth, this.provider, this.filter[0], // There's always one, see constructor
-                            eventId)];
-                    case 1:
-                        _a.authWindow = _b.sent();
-                        this.authWindow.associatedEvent = eventId;
-                        // Check for web storage support and origin validation _after_ the popup is
-                        // loaded. These operations are slow (~1 second or so) Rather than
-                        // waiting on them before opening the window, optimistically open the popup
-                        // and check for storage support at the same time. If storage support is
-                        // not available, this will cause the whole thing to reject properly. It
-                        // will also close the popup, but since the promise has already rejected,
-                        // the popup closed by user poll will reject into the void.
-                        this.resolver._originValidation(this.auth).catch(function (e) {
-                            _this.reject(e);
-                        });
-                        this.resolver._isIframeWebStorageSupported(this.auth, function (isSupported) {
-                            if (!isSupported) {
-                                _this.reject(_createError(_this.auth, "web-storage-unsupported" /* AuthErrorCode.WEB_STORAGE_UNSUPPORTED */));
-                            }
-                        });
-                        // Handle user closure. Notice this does *not* use await
-                        this.pollUserCancellation();
-                        return [2 /*return*/];
-                }
-            });
+        this.resolver._isIframeWebStorageSupported(this.auth, isSupported => {
+            if (!isSupported) {
+                this.reject(_createError(this.auth, "web-storage-unsupported" /* AuthErrorCode.WEB_STORAGE_UNSUPPORTED */));
+            }
         });
-    };
-    Object.defineProperty(PopupOperation.prototype, "eventId", {
-        get: function () {
-            var _a;
-            return ((_a = this.authWindow) === null || _a === void 0 ? void 0 : _a.associatedEvent) || null;
-        },
-        enumerable: false,
-        configurable: true
-    });
-    PopupOperation.prototype.cancel = function () {
+        // Handle user closure. Notice this does *not* use await
+        this.pollUserCancellation();
+    }
+    get eventId() {
+        var _a;
+        return ((_a = this.authWindow) === null || _a === void 0 ? void 0 : _a.associatedEvent) || null;
+    }
+    cancel() {
         this.reject(_createError(this.auth, "cancelled-popup-request" /* AuthErrorCode.EXPIRED_POPUP_REQUEST */));
-    };
-    PopupOperation.prototype.cleanUp = function () {
+    }
+    cleanUp() {
         if (this.authWindow) {
             this.authWindow.close();
         }
@@ -1204,32 +1003,30 @@ var PopupOperation = /** @class */ (function (_super) {
         this.authWindow = null;
         this.pollId = null;
         PopupOperation.currentPopupAction = null;
-    };
-    PopupOperation.prototype.pollUserCancellation = function () {
-        var _this = this;
-        var poll = function () {
+    }
+    pollUserCancellation() {
+        const poll = () => {
             var _a, _b;
-            if ((_b = (_a = _this.authWindow) === null || _a === void 0 ? void 0 : _a.window) === null || _b === void 0 ? void 0 : _b.closed) {
+            if ((_b = (_a = this.authWindow) === null || _a === void 0 ? void 0 : _a.window) === null || _b === void 0 ? void 0 : _b.closed) {
                 // Make sure that there is sufficient time for whatever action to
                 // complete. The window could have closed but the sign in network
                 // call could still be in flight. This is specifically true for
                 // Firefox or if the opener is in an iframe, in which case the oauth
                 // helper closes the popup.
-                _this.pollId = window.setTimeout(function () {
-                    _this.pollId = null;
-                    _this.reject(_createError(_this.auth, "popup-closed-by-user" /* AuthErrorCode.POPUP_CLOSED_BY_USER */));
+                this.pollId = window.setTimeout(() => {
+                    this.pollId = null;
+                    this.reject(_createError(this.auth, "popup-closed-by-user" /* AuthErrorCode.POPUP_CLOSED_BY_USER */));
                 }, 8000 /* _Timeout.AUTH_EVENT */);
                 return;
             }
-            _this.pollId = window.setTimeout(poll, _POLL_WINDOW_CLOSE_TIMEOUT.get());
+            this.pollId = window.setTimeout(poll, _POLL_WINDOW_CLOSE_TIMEOUT.get());
         };
         poll();
-    };
-    // Only one popup is ever shown at once. The lifecycle of the current popup
-    // can be managed / cancelled by the constructor.
-    PopupOperation.currentPopupAction = null;
-    return PopupOperation;
-}(AbstractPopupRedirectOperation));
+    }
+}
+// Only one popup is ever shown at once. The lifecycle of the current popup
+// can be managed / cancelled by the constructor.
+PopupOperation.currentPopupAction = null;
 
 /**
  * @license
@@ -1247,44 +1044,32 @@ var PopupOperation = /** @class */ (function (_super) {
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-var IP_ADDRESS_REGEX = /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/;
-var HTTP_REGEX = /^https?/;
-function _validateOrigin(auth) {
-    return __awaiter(this, void 0, void 0, function () {
-        var authorizedDomains, _i, authorizedDomains_1, domain;
-        return __generator(this, function (_a) {
-            switch (_a.label) {
-                case 0:
-                    // Skip origin validation if we are in an emulated environment
-                    if (auth.config.emulator) {
-                        return [2 /*return*/];
-                    }
-                    return [4 /*yield*/, _getProjectConfig(auth)];
-                case 1:
-                    authorizedDomains = (_a.sent()).authorizedDomains;
-                    for (_i = 0, authorizedDomains_1 = authorizedDomains; _i < authorizedDomains_1.length; _i++) {
-                        domain = authorizedDomains_1[_i];
-                        try {
-                            if (matchDomain(domain)) {
-                                return [2 /*return*/];
-                            }
-                        }
-                        catch (_b) {
-                            // Do nothing if there's a URL error; just continue searching
-                        }
-                    }
-                    // In the old SDK, this error also provides helpful messages.
-                    _fail(auth, "unauthorized-domain" /* AuthErrorCode.INVALID_ORIGIN */);
-                    return [2 /*return*/];
+const IP_ADDRESS_REGEX = /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/;
+const HTTP_REGEX = /^https?/;
+async function _validateOrigin(auth) {
+    // Skip origin validation if we are in an emulated environment
+    if (auth.config.emulator) {
+        return;
+    }
+    const { authorizedDomains } = await _getProjectConfig(auth);
+    for (const domain of authorizedDomains) {
+        try {
+            if (matchDomain(domain)) {
+                return;
             }
-        });
-    });
+        }
+        catch (_a) {
+            // Do nothing if there's a URL error; just continue searching
+        }
+    }
+    // In the old SDK, this error also provides helpful messages.
+    _fail(auth, "unauthorized-domain" /* AuthErrorCode.INVALID_ORIGIN */);
 }
 function matchDomain(expected) {
-    var currentUrl = _getCurrentUrl();
-    var _a = new URL(currentUrl), protocol = _a.protocol, hostname = _a.hostname;
+    const currentUrl = _getCurrentUrl();
+    const { protocol, hostname } = new URL(currentUrl);
     if (expected.startsWith('chrome-extension://')) {
-        var ceUrl = new URL(expected);
+        const ceUrl = new URL(expected);
         if (ceUrl.hostname === '' && hostname === '') {
             // For some reason we're not parsing chrome URLs properly
             return (protocol === 'chrome-extension:' &&
@@ -1302,10 +1087,10 @@ function matchDomain(expected) {
         return hostname === expected;
     }
     // Dots in pattern should be escaped.
-    var escapedDomainPattern = expected.replace(/\./g, '\\.');
+    const escapedDomainPattern = expected.replace(/\./g, '\\.');
     // Non ip address domains.
     // domain.com = *.domain.com OR domain.com
-    var re = new RegExp('^(.+\\.' + escapedDomainPattern + '|' + escapedDomainPattern + ')$', 'i');
+    const re = new RegExp('^(.+\\.' + escapedDomainPattern + '|' + escapedDomainPattern + ')$', 'i');
     return re.test(hostname);
 }
 
@@ -1325,7 +1110,7 @@ function matchDomain(expected) {
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-var NETWORK_TIMEOUT = new Delay(30000, 60000);
+const NETWORK_TIMEOUT = new Delay(30000, 60000);
 /**
  * Reset unloaded GApi modules. If gapi.load fails due to a network error,
  * it will stop working after a retrial. This is a hack to fix this issue.
@@ -1334,21 +1119,20 @@ function resetUnloadedGapiModules() {
     // Clear last failed gapi.load state to force next gapi.load to first
     // load the failed gapi.iframes module.
     // Get gapix.beacon context.
-    var beacon = _window().___jsl;
+    const beacon = _window().___jsl;
     // Get current hint.
     if (beacon === null || beacon === void 0 ? void 0 : beacon.H) {
         // Get gapi hint.
-        for (var _i = 0, _a = Object.keys(beacon.H); _i < _a.length; _i++) {
-            var hint = _a[_i];
+        for (const hint of Object.keys(beacon.H)) {
             // Requested modules.
             beacon.H[hint].r = beacon.H[hint].r || [];
             // Loaded modules.
             beacon.H[hint].L = beacon.H[hint].L || [];
             // Set requested modules to a copy of the loaded modules.
-            beacon.H[hint].r = __spreadArray([], beacon.H[hint].L, true);
+            beacon.H[hint].r = [...beacon.H[hint].L];
             // Clear pending callbacks.
             if (beacon.CP) {
-                for (var i = 0; i < beacon.CP.length; i++) {
+                for (let i = 0; i < beacon.CP.length; i++) {
                     // Remove all failed pending callbacks.
                     beacon.CP[i] = null;
                 }
@@ -1357,7 +1141,7 @@ function resetUnloadedGapiModules() {
     }
 }
 function loadGapi(auth) {
-    return new Promise(function (resolve, reject) {
+    return new Promise((resolve, reject) => {
         var _a, _b, _c;
         // Function to run when gapi.load is ready.
         function loadGapiIframe() {
@@ -1365,10 +1149,10 @@ function loadGapi(auth) {
             // Run this to fix that.
             resetUnloadedGapiModules();
             gapi.load('gapi.iframes', {
-                callback: function () {
+                callback: () => {
                     resolve(gapi.iframes.getContext());
                 },
-                ontimeout: function () {
+                ontimeout: () => {
                     // The above reset may be sufficient, but having this reset after
                     // failure ensures that if the developer calls gapi.load after the
                     // connection is re-established and before another attempt to embed
@@ -1395,9 +1179,9 @@ function loadGapi(auth) {
             // multiple times in parallel and could result in the later callback
             // overwriting the previous one. This would end up with a iframe
             // timeout.
-            var cbName = _generateCallbackName('iframefcb');
+            const cbName = _generateCallbackName('iframefcb');
             // GApi loader not available, dynamically load platform.js.
-            _window()[cbName] = function () {
+            _window()[cbName] = () => {
                 // GApi loader should be ready.
                 if (!!gapi.load) {
                     loadGapiIframe();
@@ -1408,16 +1192,16 @@ function loadGapi(auth) {
                 }
             };
             // Load GApi loader.
-            return _loadJS("".concat(_gapiScriptUrl(), "?onload=").concat(cbName))
-                .catch(function (e) { return reject(e); });
+            return _loadJS(`${_gapiScriptUrl()}?onload=${cbName}`)
+                .catch(e => reject(e));
         }
-    }).catch(function (error) {
+    }).catch(error => {
         // Reset cached promise to allow for retrial.
         cachedGApiLoader = null;
         throw error;
     });
 }
-var cachedGApiLoader = null;
+let cachedGApiLoader = null;
 function _loadGapi(auth) {
     cachedGApiLoader = cachedGApiLoader || loadGapi(auth);
     return cachedGApiLoader;
@@ -1439,10 +1223,10 @@ function _loadGapi(auth) {
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-var PING_TIMEOUT = new Delay(5000, 15000);
-var IFRAME_PATH = '__/auth/iframe';
-var EMULATED_IFRAME_PATH = 'emulator/auth/iframe';
-var IFRAME_ATTRIBUTES = {
+const PING_TIMEOUT = new Delay(5000, 15000);
+const IFRAME_PATH = '__/auth/iframe';
+const EMULATED_IFRAME_PATH = 'emulator/auth/iframe';
+const IFRAME_ATTRIBUTES = {
     style: {
         position: 'absolute',
         top: '-100px',
@@ -1454,82 +1238,64 @@ var IFRAME_ATTRIBUTES = {
 };
 // Map from apiHost to endpoint ID for passing into iframe. In current SDK, apiHost can be set to
 // anything (not from a list of endpoints with IDs as in legacy), so this is the closest we can get.
-var EID_FROM_APIHOST = new Map([
+const EID_FROM_APIHOST = new Map([
     ["identitytoolkit.googleapis.com" /* DefaultConfig.API_HOST */, 'p'],
     ['staging-identitytoolkit.sandbox.googleapis.com', 's'],
     ['test-identitytoolkit.sandbox.googleapis.com', 't'] // test
 ]);
 function getIframeUrl(auth) {
-    var config = auth.config;
+    const config = auth.config;
     _assert(config.authDomain, auth, "auth-domain-config-required" /* AuthErrorCode.MISSING_AUTH_DOMAIN */);
-    var url = config.emulator
+    const url = config.emulator
         ? _emulatorUrl(config, EMULATED_IFRAME_PATH)
-        : "https://".concat(auth.config.authDomain, "/").concat(IFRAME_PATH);
-    var params = {
+        : `https://${auth.config.authDomain}/${IFRAME_PATH}`;
+    const params = {
         apiKey: config.apiKey,
         appName: auth.name,
         v: SDK_VERSION
     };
-    var eid = EID_FROM_APIHOST.get(auth.config.apiHost);
+    const eid = EID_FROM_APIHOST.get(auth.config.apiHost);
     if (eid) {
         params.eid = eid;
     }
-    var frameworks = auth._getFrameworks();
+    const frameworks = auth._getFrameworks();
     if (frameworks.length) {
         params.fw = frameworks.join(',');
     }
-    return "".concat(url, "?").concat(querystring(params).slice(1));
+    return `${url}?${querystring(params).slice(1)}`;
 }
-function _openIframe(auth) {
-    return __awaiter(this, void 0, void 0, function () {
-        var context, gapi;
-        var _this = this;
-        return __generator(this, function (_a) {
-            switch (_a.label) {
-                case 0: return [4 /*yield*/, _loadGapi(auth)];
-                case 1:
-                    context = _a.sent();
-                    gapi = _window().gapi;
-                    _assert(gapi, auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
-                    return [2 /*return*/, context.open({
-                            where: document.body,
-                            url: getIframeUrl(auth),
-                            messageHandlersFilter: gapi.iframes.CROSS_ORIGIN_IFRAMES_FILTER,
-                            attributes: IFRAME_ATTRIBUTES,
-                            dontclear: true
-                        }, function (iframe) {
-                            return new Promise(function (resolve, reject) { return __awaiter(_this, void 0, void 0, function () {
-                                // Clear timer and resolve pending iframe ready promise.
-                                function clearTimerAndResolve() {
-                                    _window().clearTimeout(networkErrorTimer);
-                                    resolve(iframe);
-                                }
-                                var networkError, networkErrorTimer;
-                                return __generator(this, function (_a) {
-                                    switch (_a.label) {
-                                        case 0: return [4 /*yield*/, iframe.restyle({
-                                                // Prevent iframe from closing on mouse out.
-                                                setHideOnLeave: false
-                                            })];
-                                        case 1:
-                                            _a.sent();
-                                            networkError = _createError(auth, "network-request-failed" /* AuthErrorCode.NETWORK_REQUEST_FAILED */);
-                                            networkErrorTimer = _window().setTimeout(function () {
-                                                reject(networkError);
-                                            }, PING_TIMEOUT.get());
-                                            // This returns an IThenable. However the reject part does not call
-                                            // when the iframe is not loaded.
-                                            iframe.ping(clearTimerAndResolve).then(clearTimerAndResolve, function () {
-                                                reject(networkError);
-                                            });
-                                            return [2 /*return*/];
-                                    }
-                                });
-                            }); });
-                        })];
-            }
+async function _openIframe(auth) {
+    const context = await _loadGapi(auth);
+    const gapi = _window().gapi;
+    _assert(gapi, auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
+    return context.open({
+        where: document.body,
+        url: getIframeUrl(auth),
+        messageHandlersFilter: gapi.iframes.CROSS_ORIGIN_IFRAMES_FILTER,
+        attributes: IFRAME_ATTRIBUTES,
+        dontclear: true
+    }, (iframe) => new Promise(async (resolve, reject) => {
+        await iframe.restyle({
+            // Prevent iframe from closing on mouse out.
+            setHideOnLeave: false
         });
-    });
+        const networkError = _createError(auth, "network-request-failed" /* AuthErrorCode.NETWORK_REQUEST_FAILED */);
+        // Confirm iframe is correctly loaded.
+        // To fallback on failure, set a timeout.
+        const networkErrorTimer = _window().setTimeout(() => {
+            reject(networkError);
+        }, PING_TIMEOUT.get());
+        // Clear timer and resolve pending iframe ready promise.
+        function clearTimerAndResolve() {
+            _window().clearTimeout(networkErrorTimer);
+            resolve(iframe);
+        }
+        // This returns an IThenable. However the reject part does not call
+        // when the iframe is not loaded.
+        iframe.ping(clearTimerAndResolve).then(clearTimerAndResolve, () => {
+            reject(networkError);
+        });
+    }));
 }
 
 /**
@@ -1548,41 +1314,39 @@ function _openIframe(auth) {
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-var BASE_POPUP_OPTIONS = {
+const BASE_POPUP_OPTIONS = {
     location: 'yes',
     resizable: 'yes',
     statusbar: 'yes',
     toolbar: 'no'
 };
-var DEFAULT_WIDTH = 500;
-var DEFAULT_HEIGHT = 600;
-var TARGET_BLANK = '_blank';
-var FIREFOX_EMPTY_URL = 'http://localhost';
-var AuthPopup = /** @class */ (function () {
-    function AuthPopup(window) {
+const DEFAULT_WIDTH = 500;
+const DEFAULT_HEIGHT = 600;
+const TARGET_BLANK = '_blank';
+const FIREFOX_EMPTY_URL = 'http://localhost';
+class AuthPopup {
+    constructor(window) {
         this.window = window;
         this.associatedEvent = null;
     }
-    AuthPopup.prototype.close = function () {
+    close() {
         if (this.window) {
             try {
                 this.window.close();
             }
             catch (e) { }
         }
-    };
-    return AuthPopup;
-}());
-function _open(auth, url, name, width, height) {
-    if (width === void 0) { width = DEFAULT_WIDTH; }
-    if (height === void 0) { height = DEFAULT_HEIGHT; }
-    var top = Math.max((window.screen.availHeight - height) / 2, 0).toString();
-    var left = Math.max((window.screen.availWidth - width) / 2, 0).toString();
-    var target = '';
-    var options = __assign(__assign({}, BASE_POPUP_OPTIONS), { width: width.toString(), height: height.toString(), top: top, left: left });
+    }
+}
+function _open(auth, url, name, width = DEFAULT_WIDTH, height = DEFAULT_HEIGHT) {
+    const top = Math.max((window.screen.availHeight - height) / 2, 0).toString();
+    const left = Math.max((window.screen.availWidth - width) / 2, 0).toString();
+    let target = '';
+    const options = Object.assign(Object.assign({}, BASE_POPUP_OPTIONS), { width: width.toString(), height: height.toString(), top,
+        left });
     // Chrome iOS 7 and 8 is returning an undefined popup win when target is
     // specified, even though the popup is not necessarily blocked.
-    var ua = getUA().toLowerCase();
+    const ua = getUA().toLowerCase();
     if (name) {
         target = _isChromeIOS(ua) ? TARGET_BLANK : name;
     }
@@ -1593,17 +1357,14 @@ function _open(auth, url, name, width, height) {
         // issues when the user has many Google accounts, for instance.
         options.scrollbars = 'yes';
     }
-    var optionsString = Object.entries(options).reduce(function (accum, _a) {
-        var key = _a[0], value = _a[1];
-        return "".concat(accum).concat(key, "=").concat(value, ",");
-    }, '');
+    const optionsString = Object.entries(options).reduce((accum, [key, value]) => `${accum}${key}=${value},`, '');
     if (_isIOSStandalone(ua) && target !== '_self') {
         openAsNewWindowIOS(url || '', target);
         return new AuthPopup(null);
     }
     // about:blank getting sanitized causing browsers like IE/Edge to display
     // brief error message before redirecting to handler.
-    var newWin = window.open(url || '', target, optionsString);
+    const newWin = window.open(url || '', target, optionsString);
     _assert(newWin, auth, "popup-blocked" /* AuthErrorCode.POPUP_BLOCKED */);
     // Flaky on IE edge, encapsulate with a try and catch.
     try {
@@ -1613,10 +1374,10 @@ function _open(auth, url, name, width, height) {
     return new AuthPopup(newWin);
 }
 function openAsNewWindowIOS(url, target) {
-    var el = document.createElement('a');
+    const el = document.createElement('a');
     el.href = url;
     el.target = target;
-    var click = document.createEvent('MouseEvent');
+    const click = document.createEvent('MouseEvent');
     click.initMouseEvent('click', true, true, window, 1, 0, 0, 0, 0, false, false, false, false, 1, null);
     el.dispatchEvent(click);
 }
@@ -1641,9 +1402,9 @@ function openAsNewWindowIOS(url, target) {
  * The special web storage event
  *
  */
-var WEB_STORAGE_SUPPORT_KEY = 'webStorageSupport';
-var BrowserPopupRedirectResolver = /** @class */ (function () {
-    function BrowserPopupRedirectResolver() {
+const WEB_STORAGE_SUPPORT_KEY = 'webStorageSupport';
+class BrowserPopupRedirectResolver {
+    constructor() {
         this.eventManagers = {};
         this.iframes = {};
         this.originValidationPromises = {};
@@ -1653,111 +1414,75 @@ var BrowserPopupRedirectResolver = /** @class */ (function () {
     }
     // Wrapping in async even though we don't await anywhere in order
     // to make sure errors are raised as promise rejections
-    BrowserPopupRedirectResolver.prototype._openPopup = function (auth, provider, authType, eventId) {
+    async _openPopup(auth, provider, authType, eventId) {
         var _a;
-        return __awaiter(this, void 0, void 0, function () {
-            var url;
-            return __generator(this, function (_b) {
-                switch (_b.label) {
-                    case 0:
-                        debugAssert((_a = this.eventManagers[auth._key()]) === null || _a === void 0 ? void 0 : _a.manager, '_initialize() not called before _openPopup()');
-                        return [4 /*yield*/, _getRedirectUrl(auth, provider, authType, _getCurrentUrl(), eventId)];
-                    case 1:
-                        url = _b.sent();
-                        return [2 /*return*/, _open(auth, url, _generateEventId())];
-                }
-            });
-        });
-    };
-    BrowserPopupRedirectResolver.prototype._openRedirect = function (auth, provider, authType, eventId) {
-        return __awaiter(this, void 0, void 0, function () {
-            var url;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
-                    case 0: return [4 /*yield*/, this._originValidation(auth)];
-                    case 1:
-                        _a.sent();
-                        return [4 /*yield*/, _getRedirectUrl(auth, provider, authType, _getCurrentUrl(), eventId)];
-                    case 2:
-                        url = _a.sent();
-                        _setWindowLocation(url);
-                        return [2 /*return*/, new Promise(function () { })];
-                }
-            });
-        });
-    };
-    BrowserPopupRedirectResolver.prototype._initialize = function (auth) {
-        var _this = this;
-        var key = auth._key();
+        debugAssert((_a = this.eventManagers[auth._key()]) === null || _a === void 0 ? void 0 : _a.manager, '_initialize() not called before _openPopup()');
+        const url = await _getRedirectUrl(auth, provider, authType, _getCurrentUrl(), eventId);
+        return _open(auth, url, _generateEventId());
+    }
+    async _openRedirect(auth, provider, authType, eventId) {
+        await this._originValidation(auth);
+        const url = await _getRedirectUrl(auth, provider, authType, _getCurrentUrl(), eventId);
+        _setWindowLocation(url);
+        return new Promise(() => { });
+    }
+    _initialize(auth) {
+        const key = auth._key();
         if (this.eventManagers[key]) {
-            var _a = this.eventManagers[key], manager = _a.manager, promise_1 = _a.promise;
+            const { manager, promise } = this.eventManagers[key];
             if (manager) {
                 return Promise.resolve(manager);
             }
             else {
-                debugAssert(promise_1, 'If manager is not set, promise should be');
-                return promise_1;
+                debugAssert(promise, 'If manager is not set, promise should be');
+                return promise;
             }
         }
-        var promise = this.initAndGetManager(auth);
-        this.eventManagers[key] = { promise: promise };
+        const promise = this.initAndGetManager(auth);
+        this.eventManagers[key] = { promise };
         // If the promise is rejected, the key should be removed so that the
         // operation can be retried later.
-        promise.catch(function () {
-            delete _this.eventManagers[key];
+        promise.catch(() => {
+            delete this.eventManagers[key];
         });
         return promise;
-    };
-    BrowserPopupRedirectResolver.prototype.initAndGetManager = function (auth) {
-        return __awaiter(this, void 0, void 0, function () {
-            var iframe, manager;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
-                    case 0: return [4 /*yield*/, _openIframe(auth)];
-                    case 1:
-                        iframe = _a.sent();
-                        manager = new AuthEventManager(auth);
-                        iframe.register('authEvent', function (iframeEvent) {
-                            _assert(iframeEvent === null || iframeEvent === void 0 ? void 0 : iframeEvent.authEvent, auth, "invalid-auth-event" /* AuthErrorCode.INVALID_AUTH_EVENT */);
-                            // TODO: Consider splitting redirect and popup events earlier on
-                            var handled = manager.onEvent(iframeEvent.authEvent);
-                            return { status: handled ? "ACK" /* GapiOutcome.ACK */ : "ERROR" /* GapiOutcome.ERROR */ };
-                        }, gapi.iframes.CROSS_ORIGIN_IFRAMES_FILTER);
-                        this.eventManagers[auth._key()] = { manager: manager };
-                        this.iframes[auth._key()] = iframe;
-                        return [2 /*return*/, manager];
-                }
-            });
-        });
-    };
-    BrowserPopupRedirectResolver.prototype._isIframeWebStorageSupported = function (auth, cb) {
-        var iframe = this.iframes[auth._key()];
-        iframe.send(WEB_STORAGE_SUPPORT_KEY, { type: WEB_STORAGE_SUPPORT_KEY }, function (result) {
+    }
+    async initAndGetManager(auth) {
+        const iframe = await _openIframe(auth);
+        const manager = new AuthEventManager(auth);
+        iframe.register('authEvent', (iframeEvent) => {
+            _assert(iframeEvent === null || iframeEvent === void 0 ? void 0 : iframeEvent.authEvent, auth, "invalid-auth-event" /* AuthErrorCode.INVALID_AUTH_EVENT */);
+            // TODO: Consider splitting redirect and popup events earlier on
+            const handled = manager.onEvent(iframeEvent.authEvent);
+            return { status: handled ? "ACK" /* GapiOutcome.ACK */ : "ERROR" /* GapiOutcome.ERROR */ };
+        }, gapi.iframes.CROSS_ORIGIN_IFRAMES_FILTER);
+        this.eventManagers[auth._key()] = { manager };
+        this.iframes[auth._key()] = iframe;
+        return manager;
+    }
+    _isIframeWebStorageSupported(auth, cb) {
+        const iframe = this.iframes[auth._key()];
+        iframe.send(WEB_STORAGE_SUPPORT_KEY, { type: WEB_STORAGE_SUPPORT_KEY }, result => {
             var _a;
-            var isSupported = (_a = result === null || result === void 0 ? void 0 : result[0]) === null || _a === void 0 ? void 0 : _a[WEB_STORAGE_SUPPORT_KEY];
+            const isSupported = (_a = result === null || result === void 0 ? void 0 : result[0]) === null || _a === void 0 ? void 0 : _a[WEB_STORAGE_SUPPORT_KEY];
             if (isSupported !== undefined) {
                 cb(!!isSupported);
             }
             _fail(auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
         }, gapi.iframes.CROSS_ORIGIN_IFRAMES_FILTER);
-    };
-    BrowserPopupRedirectResolver.prototype._originValidation = function (auth) {
-        var key = auth._key();
+    }
+    _originValidation(auth) {
+        const key = auth._key();
         if (!this.originValidationPromises[key]) {
             this.originValidationPromises[key] = _validateOrigin(auth);
         }
         return this.originValidationPromises[key];
-    };
-    Object.defineProperty(BrowserPopupRedirectResolver.prototype, "_shouldInitProactively", {
-        get: function () {
-            // Mobile browsers and Safari need to optimistically initialize
-            return _isMobileBrowser() || _isSafari() || _isIOS();
-        },
-        enumerable: false,
-        configurable: true
-    });
-    return BrowserPopupRedirectResolver;
-}());
+    }
+    get _shouldInitProactively() {
+        // Mobile browsers and Safari need to optimistically initialize
+        return _isMobileBrowser() || _isSafari() || _isIOS();
+    }
+}
 /**
  * An implementation of {@link PopupRedirectResolver} suitable for browser
  * based applications.
@@ -1767,13 +1492,13 @@ var BrowserPopupRedirectResolver = /** @class */ (function () {
  *
  * @public
  */
-var browserPopupRedirectResolver = BrowserPopupRedirectResolver;
+const browserPopupRedirectResolver = BrowserPopupRedirectResolver;
 
-var MultiFactorAssertionImpl = /** @class */ (function () {
-    function MultiFactorAssertionImpl(factorId) {
+class MultiFactorAssertionImpl {
+    constructor(factorId) {
         this.factorId = factorId;
     }
-    MultiFactorAssertionImpl.prototype._process = function (auth, session, displayName) {
+    _process(auth, session, displayName) {
         switch (session.type) {
             case "enroll" /* MultiFactorSessionType.ENROLL */:
                 return this._finalizeEnroll(auth, session.credential, displayName);
@@ -1782,51 +1507,46 @@ var MultiFactorAssertionImpl = /** @class */ (function () {
             default:
                 return debugFail('unexpected MultiFactorSessionType');
         }
-    };
-    return MultiFactorAssertionImpl;
-}());
+    }
+}
 
 /**
  * {@inheritdoc PhoneMultiFactorAssertion}
  *
  * @public
  */
-var PhoneMultiFactorAssertionImpl = /** @class */ (function (_super) {
-    __extends(PhoneMultiFactorAssertionImpl, _super);
-    function PhoneMultiFactorAssertionImpl(credential) {
-        var _this = _super.call(this, "phone" /* FactorId.PHONE */) || this;
-        _this.credential = credential;
-        return _this;
+class PhoneMultiFactorAssertionImpl extends MultiFactorAssertionImpl {
+    constructor(credential) {
+        super("phone" /* FactorId.PHONE */);
+        this.credential = credential;
     }
     /** @internal */
-    PhoneMultiFactorAssertionImpl._fromCredential = function (credential) {
+    static _fromCredential(credential) {
         return new PhoneMultiFactorAssertionImpl(credential);
-    };
+    }
     /** @internal */
-    PhoneMultiFactorAssertionImpl.prototype._finalizeEnroll = function (auth, idToken, displayName) {
+    _finalizeEnroll(auth, idToken, displayName) {
         return finalizeEnrollPhoneMfa(auth, {
-            idToken: idToken,
-            displayName: displayName,
+            idToken,
+            displayName,
             phoneVerificationInfo: this.credential._makeVerificationRequest()
         });
-    };
+    }
     /** @internal */
-    PhoneMultiFactorAssertionImpl.prototype._finalizeSignIn = function (auth, mfaPendingCredential) {
+    _finalizeSignIn(auth, mfaPendingCredential) {
         return finalizeSignInPhoneMfa(auth, {
-            mfaPendingCredential: mfaPendingCredential,
+            mfaPendingCredential,
             phoneVerificationInfo: this.credential._makeVerificationRequest()
         });
-    };
-    return PhoneMultiFactorAssertionImpl;
-}(MultiFactorAssertionImpl));
+    }
+}
 /**
  * Provider for generating a {@link PhoneMultiFactorAssertion}.
  *
  * @public
  */
-var PhoneMultiFactorGenerator = /** @class */ (function () {
-    function PhoneMultiFactorGenerator() {
-    }
+class PhoneMultiFactorGenerator {
+    constructor() { }
     /**
      * Provides a {@link PhoneMultiFactorAssertion} to confirm ownership of the phone second factor.
      *
@@ -1837,24 +1557,21 @@ var PhoneMultiFactorGenerator = /** @class */ (function () {
      * @returns A {@link PhoneMultiFactorAssertion} which can be used with
      * {@link MultiFactorResolver.resolveSignIn}
      */
-    PhoneMultiFactorGenerator.assertion = function (credential) {
+    static assertion(credential) {
         return PhoneMultiFactorAssertionImpl._fromCredential(credential);
-    };
-    /**
-     * The identifier of the phone second factor: `phone`.
-     */
-    PhoneMultiFactorGenerator.FACTOR_ID = 'phone';
-    return PhoneMultiFactorGenerator;
-}());
+    }
+}
+/**
+ * The identifier of the phone second factor: `phone`.
+ */
+PhoneMultiFactorGenerator.FACTOR_ID = 'phone';
 
 /**
  * Provider for generating a {@link TotpMultiFactorAssertion}.
  *
  * @public
  */
-var TotpMultiFactorGenerator = /** @class */ (function () {
-    function TotpMultiFactorGenerator() {
-    }
+class TotpMultiFactorGenerator {
     /**
      * Provides a {@link TotpMultiFactorAssertion} to confirm ownership of
      * the TOTP (time-based one-time password) second factor.
@@ -1865,9 +1582,9 @@ var TotpMultiFactorGenerator = /** @class */ (function () {
      * @returns A {@link TotpMultiFactorAssertion} which can be used with
      * {@link MultiFactorUser.enroll}.
      */
-    TotpMultiFactorGenerator.assertionForEnrollment = function (secret, oneTimePassword) {
+    static assertionForEnrollment(secret, oneTimePassword) {
         return TotpMultiFactorAssertionImpl._fromSecret(secret, oneTimePassword);
-    };
+    }
     /**
      * Provides a {@link TotpMultiFactorAssertion} to confirm ownership of the TOTP second factor.
      * This assertion is used to complete signIn with TOTP as the second factor.
@@ -1877,9 +1594,9 @@ var TotpMultiFactorGenerator = /** @class */ (function () {
      * @returns A {@link TotpMultiFactorAssertion} which can be used with
      * {@link MultiFactorResolver.resolveSignIn}.
      */
-    TotpMultiFactorGenerator.assertionForSignIn = function (enrollmentId, oneTimePassword) {
+    static assertionForSignIn(enrollmentId, oneTimePassword) {
         return TotpMultiFactorAssertionImpl._fromEnrollmentId(enrollmentId, oneTimePassword);
-    };
+    }
     /**
      * Returns a promise to {@link TotpSecret} which contains the TOTP shared secret key and other parameters.
      * Creates a TOTP secret as part of enrolling a TOTP second factor.
@@ -1889,79 +1606,56 @@ var TotpMultiFactorGenerator = /** @class */ (function () {
      * @param session The {@link MultiFactorSession} that the user is part of.
      * @returns A promise to {@link TotpSecret}.
      */
-    TotpMultiFactorGenerator.generateSecret = function (session) {
+    static async generateSecret(session) {
         var _a;
-        return __awaiter(this, void 0, void 0, function () {
-            var mfaSession, response;
-            return __generator(this, function (_b) {
-                switch (_b.label) {
-                    case 0:
-                        mfaSession = session;
-                        _assert(typeof ((_a = mfaSession.user) === null || _a === void 0 ? void 0 : _a.auth) !== 'undefined', "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
-                        return [4 /*yield*/, startEnrollTotpMfa(mfaSession.user.auth, {
-                                idToken: mfaSession.credential,
-                                totpEnrollmentInfo: {}
-                            })];
-                    case 1:
-                        response = _b.sent();
-                        return [2 /*return*/, TotpSecret._fromStartTotpMfaEnrollmentResponse(response, mfaSession.user.auth)];
-                }
-            });
+        const mfaSession = session;
+        _assert(typeof ((_a = mfaSession.user) === null || _a === void 0 ? void 0 : _a.auth) !== 'undefined', "internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
+        const response = await startEnrollTotpMfa(mfaSession.user.auth, {
+            idToken: mfaSession.credential,
+            totpEnrollmentInfo: {}
         });
-    };
-    /**
-     * The identifier of the TOTP second factor: `totp`.
-     */
-    TotpMultiFactorGenerator.FACTOR_ID = "totp" /* FactorId.TOTP */;
-    return TotpMultiFactorGenerator;
-}());
-var TotpMultiFactorAssertionImpl = /** @class */ (function (_super) {
-    __extends(TotpMultiFactorAssertionImpl, _super);
-    function TotpMultiFactorAssertionImpl(otp, enrollmentId, secret) {
-        var _this = _super.call(this, "totp" /* FactorId.TOTP */) || this;
-        _this.otp = otp;
-        _this.enrollmentId = enrollmentId;
-        _this.secret = secret;
-        return _this;
+        return TotpSecret._fromStartTotpMfaEnrollmentResponse(response, mfaSession.user.auth);
+    }
+}
+/**
+ * The identifier of the TOTP second factor: `totp`.
+ */
+TotpMultiFactorGenerator.FACTOR_ID = "totp" /* FactorId.TOTP */;
+class TotpMultiFactorAssertionImpl extends MultiFactorAssertionImpl {
+    constructor(otp, enrollmentId, secret) {
+        super("totp" /* FactorId.TOTP */);
+        this.otp = otp;
+        this.enrollmentId = enrollmentId;
+        this.secret = secret;
     }
     /** @internal */
-    TotpMultiFactorAssertionImpl._fromSecret = function (secret, otp) {
+    static _fromSecret(secret, otp) {
         return new TotpMultiFactorAssertionImpl(otp, undefined, secret);
-    };
+    }
     /** @internal */
-    TotpMultiFactorAssertionImpl._fromEnrollmentId = function (enrollmentId, otp) {
+    static _fromEnrollmentId(enrollmentId, otp) {
         return new TotpMultiFactorAssertionImpl(otp, enrollmentId);
-    };
+    }
     /** @internal */
-    TotpMultiFactorAssertionImpl.prototype._finalizeEnroll = function (auth, idToken, displayName) {
-        return __awaiter(this, void 0, void 0, function () {
-            return __generator(this, function (_a) {
-                _assert(typeof this.secret !== 'undefined', auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
-                return [2 /*return*/, finalizeEnrollTotpMfa(auth, {
-                        idToken: idToken,
-                        displayName: displayName,
-                        totpVerificationInfo: this.secret._makeTotpVerificationInfo(this.otp)
-                    })];
-            });
+    async _finalizeEnroll(auth, idToken, displayName) {
+        _assert(typeof this.secret !== 'undefined', auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
+        return finalizeEnrollTotpMfa(auth, {
+            idToken,
+            displayName,
+            totpVerificationInfo: this.secret._makeTotpVerificationInfo(this.otp)
         });
-    };
+    }
     /** @internal */
-    TotpMultiFactorAssertionImpl.prototype._finalizeSignIn = function (auth, mfaPendingCredential) {
-        return __awaiter(this, void 0, void 0, function () {
-            var totpVerificationInfo;
-            return __generator(this, function (_a) {
-                _assert(this.enrollmentId !== undefined && this.otp !== undefined, auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
-                totpVerificationInfo = { verificationCode: this.otp };
-                return [2 /*return*/, finalizeSignInTotpMfa(auth, {
-                        mfaPendingCredential: mfaPendingCredential,
-                        mfaEnrollmentId: this.enrollmentId,
-                        totpVerificationInfo: totpVerificationInfo
-                    })];
-            });
+    async _finalizeSignIn(auth, mfaPendingCredential) {
+        _assert(this.enrollmentId !== undefined && this.otp !== undefined, auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */);
+        const totpVerificationInfo = { verificationCode: this.otp };
+        return finalizeSignInTotpMfa(auth, {
+            mfaPendingCredential,
+            mfaEnrollmentId: this.enrollmentId,
+            totpVerificationInfo
         });
-    };
-    return TotpMultiFactorAssertionImpl;
-}(MultiFactorAssertionImpl));
+    }
+}
 /**
  * Provider for generating a {@link TotpMultiFactorAssertion}.
  *
@@ -1969,9 +1663,9 @@ var TotpMultiFactorAssertionImpl = /** @class */ (function (_super) {
  * Implements methods to retrieve the shared secret key and generate a QR code URL.
  * @public
  */
-var TotpSecret = /** @class */ (function () {
+class TotpSecret {
     // The public members are declared outside the constructor so the docs can be generated.
-    function TotpSecret(secretKey, hashingAlgorithm, codeLength, codeIntervalSeconds, enrollmentCompletionDeadline, sessionInfo, auth) {
+    constructor(secretKey, hashingAlgorithm, codeLength, codeIntervalSeconds, enrollmentCompletionDeadline, sessionInfo, auth) {
         this.sessionInfo = sessionInfo;
         this.auth = auth;
         this.secretKey = secretKey;
@@ -1981,13 +1675,13 @@ var TotpSecret = /** @class */ (function () {
         this.enrollmentCompletionDeadline = enrollmentCompletionDeadline;
     }
     /** @internal */
-    TotpSecret._fromStartTotpMfaEnrollmentResponse = function (response, auth) {
+    static _fromStartTotpMfaEnrollmentResponse(response, auth) {
         return new TotpSecret(response.totpSessionInfo.sharedSecretKey, response.totpSessionInfo.hashingAlgorithm, response.totpSessionInfo.verificationCodeLength, response.totpSessionInfo.periodSec, new Date(response.totpSessionInfo.finalizeEnrollmentTime).toUTCString(), response.totpSessionInfo.sessionInfo, auth);
-    };
+    }
     /** @internal */
-    TotpSecret.prototype._makeTotpVerificationInfo = function (otp) {
+    _makeTotpVerificationInfo(otp) {
         return { sessionInfo: this.sessionInfo, verificationCode: otp };
-    };
+    }
     /**
      * Returns a QR code URL as described in
      * https://github.com/google/google-authenticator/wiki/Key-Uri-Format
@@ -1998,9 +1692,9 @@ var TotpSecret = /** @class */ (function () {
      * @param issuer issuer of the TOTP (likely the app name).
      * @returns A QR code URL string.
      */
-    TotpSecret.prototype.generateQrCodeUrl = function (accountName, issuer) {
+    generateQrCodeUrl(accountName, issuer) {
         var _a;
-        var useDefaults = false;
+        let useDefaults = false;
         if (_isEmptyString(accountName) || _isEmptyString(issuer)) {
             useDefaults = true;
         }
@@ -2012,10 +1706,9 @@ var TotpSecret = /** @class */ (function () {
                 issuer = this.auth.name;
             }
         }
-        return "otpauth://totp/".concat(issuer, ":").concat(accountName, "?secret=").concat(this.secretKey, "&issuer=").concat(issuer, "&algorithm=").concat(this.hashingAlgorithm, "&digits=").concat(this.codeLength);
-    };
-    return TotpSecret;
-}());
+        return `otpauth://totp/${issuer}:${accountName}?secret=${this.secretKey}&issuer=${issuer}&algorithm=${this.hashingAlgorithm}&digits=${this.codeLength}`;
+    }
+}
 /** @internal */
 function _isEmptyString(input) {
     return typeof input === 'undefined' || (input === null || input === void 0 ? void 0 : input.length) === 0;
@@ -2037,46 +1730,31 @@ function _isEmptyString(input) {
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-var DEFAULT_ID_TOKEN_MAX_AGE = 5 * 60;
-var authIdTokenMaxAge = getExperimentalSetting('authIdTokenMaxAge') || DEFAULT_ID_TOKEN_MAX_AGE;
-var lastPostedIdToken = null;
-var mintCookieFactory = function (url) { return function (user) { return __awaiter(void 0, void 0, void 0, function () {
-    var idTokenResult, _a, idTokenAge, idToken;
-    return __generator(this, function (_b) {
-        switch (_b.label) {
-            case 0:
-                _a = user;
-                if (!_a) return [3 /*break*/, 2];
-                return [4 /*yield*/, user.getIdTokenResult()];
-            case 1:
-                _a = (_b.sent());
-                _b.label = 2;
-            case 2:
-                idTokenResult = _a;
-                idTokenAge = idTokenResult &&
-                    (new Date().getTime() - Date.parse(idTokenResult.issuedAtTime)) / 1000;
-                if (idTokenAge && idTokenAge > authIdTokenMaxAge) {
-                    return [2 /*return*/];
-                }
-                idToken = idTokenResult === null || idTokenResult === void 0 ? void 0 : idTokenResult.token;
-                if (lastPostedIdToken === idToken) {
-                    return [2 /*return*/];
-                }
-                lastPostedIdToken = idToken;
-                return [4 /*yield*/, fetch(url, {
-                        method: idToken ? 'POST' : 'DELETE',
-                        headers: idToken
-                            ? {
-                                'Authorization': "Bearer ".concat(idToken)
-                            }
-                            : {}
-                    })];
-            case 3:
-                _b.sent();
-                return [2 /*return*/];
-        }
+const DEFAULT_ID_TOKEN_MAX_AGE = 5 * 60;
+const authIdTokenMaxAge = getExperimentalSetting('authIdTokenMaxAge') || DEFAULT_ID_TOKEN_MAX_AGE;
+let lastPostedIdToken = null;
+const mintCookieFactory = (url) => async (user) => {
+    const idTokenResult = user && (await user.getIdTokenResult());
+    const idTokenAge = idTokenResult &&
+        (new Date().getTime() - Date.parse(idTokenResult.issuedAtTime)) / 1000;
+    if (idTokenAge && idTokenAge > authIdTokenMaxAge) {
+        return;
+    }
+    // Specifically trip null => undefined when logged out, to delete any existing cookie
+    const idToken = idTokenResult === null || idTokenResult === void 0 ? void 0 : idTokenResult.token;
+    if (lastPostedIdToken === idToken) {
+        return;
+    }
+    lastPostedIdToken = idToken;
+    await fetch(url, {
+        method: idToken ? 'POST' : 'DELETE',
+        headers: idToken
+            ? {
+                'Authorization': `Bearer ${idToken}`
+            }
+            : {}
     });
-}); }; };
+};
 /**
  * Returns the Auth instance associated with the provided {@link @firebase/app#FirebaseApp}.
  * If no instance exists, initializes an Auth instance with platform-specific default dependencies.
@@ -2085,13 +1763,12 @@ var mintCookieFactory = function (url) { return function (user) { return __await
  *
  * @public
  */
-function getAuth(app) {
-    if (app === void 0) { app = getApp(); }
-    var provider = _getProvider(app, 'auth');
+function getAuth(app = getApp()) {
+    const provider = _getProvider(app, 'auth');
     if (provider.isInitialized()) {
         return provider.getImmediate();
     }
-    var auth = initializeAuth(app, {
+    const auth = initializeAuth(app, {
         popupRedirectResolver: browserPopupRedirectResolver,
         persistence: [
             indexedDBLocalPersistence,
@@ -2099,24 +1776,22 @@ function getAuth(app) {
             browserSessionPersistence
         ]
     });
-    var authTokenSyncPath = getExperimentalSetting('authTokenSyncURL');
+    const authTokenSyncPath = getExperimentalSetting('authTokenSyncURL');
     // Only do the Cookie exchange in a secure context
     if (authTokenSyncPath &&
         typeof isSecureContext === 'boolean' &&
         isSecureContext) {
         // Don't allow urls (XSS possibility), only paths on the same domain
-        var authTokenSyncUrl = new URL(authTokenSyncPath, location.origin);
+        const authTokenSyncUrl = new URL(authTokenSyncPath, location.origin);
         if (location.origin === authTokenSyncUrl.origin) {
-            var mintCookie_1 = mintCookieFactory(authTokenSyncUrl.toString());
-            beforeAuthStateChanged(auth, mintCookie_1, function () {
-                return mintCookie_1(auth.currentUser);
-            });
-            onIdTokenChanged(auth, function (user) { return mintCookie_1(user); });
+            const mintCookie = mintCookieFactory(authTokenSyncUrl.toString());
+            beforeAuthStateChanged(auth, mintCookie, () => mintCookie(auth.currentUser));
+            onIdTokenChanged(auth, user => mintCookie(user));
         }
     }
-    var authEmulatorHost = getDefaultEmulatorHost('auth');
+    const authEmulatorHost = getDefaultEmulatorHost('auth');
     if (authEmulatorHost) {
-        connectAuthEmulator(auth, "http://".concat(authEmulatorHost));
+        connectAuthEmulator(auth, `http://${authEmulatorHost}`);
     }
     return auth;
 }
@@ -2125,14 +1800,14 @@ function getScriptParentElement() {
     return (_b = (_a = document.getElementsByTagName('head')) === null || _a === void 0 ? void 0 : _a[0]) !== null && _b !== void 0 ? _b : document;
 }
 _setExternalJSProvider({
-    loadJS: function (url) {
+    loadJS(url) {
         // TODO: consider adding timeout support & cancellation
-        return new Promise(function (resolve, reject) {
-            var el = document.createElement('script');
+        return new Promise((resolve, reject) => {
+            const el = document.createElement('script');
             el.setAttribute('src', url);
             el.onload = resolve;
-            el.onerror = function (e) {
-                var error = _createError("internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
+            el.onerror = e => {
+                const error = _createError("internal-error" /* AuthErrorCode.INTERNAL_ERROR */);
                 error.customData = e;
                 reject(error);
             };