npm - @firebase/auth - Versions diffs - 1.9.1 → 1.10.0-auth-redirect-credentials.82faa0828 - Mend

@firebase/auth 1.9.1 → 1.10.0-auth-redirect-credentials.82faa0828

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (130) hide show

package/dist/auth-public.d.ts +28 -1
package/dist/auth.d.ts +40 -2
package/dist/browser-cjs/{index-018c7ebd.js → index-d5da52c1.js} +215 -16
package/dist/browser-cjs/index-d5da52c1.js.map +1 -0
package/dist/browser-cjs/index.d.ts +2 -1
package/dist/browser-cjs/index.js +2 -1
package/dist/browser-cjs/index.js.map +1 -1
package/dist/browser-cjs/internal.js +2 -1
package/dist/browser-cjs/internal.js.map +1 -1
package/dist/browser-cjs/src/api/index.d.ts +1 -1
package/dist/browser-cjs/src/core/auth/auth_impl.d.ts +4 -1
package/dist/browser-cjs/src/core/persistence/index.d.ts +2 -1
package/dist/browser-cjs/src/model/auth.d.ts +4 -1
package/dist/browser-cjs/src/model/public_types.d.ts +2 -1
package/dist/browser-cjs/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
package/dist/browser-cjs/src/platform_node/index.d.ts +1 -0
package/dist/cordova/auth-cordova-public.d.ts +26 -1
package/dist/cordova/auth-cordova.d.ts +29 -2
package/dist/cordova/index.d.ts +2 -1
package/dist/cordova/index.js +2 -2
package/dist/cordova/internal.js +147 -3
package/dist/cordova/internal.js.map +1 -1
package/dist/cordova/{popup_redirect-e795474a.js → popup_redirect-79d5de9a.js} +71 -17
package/dist/cordova/popup_redirect-79d5de9a.js.map +1 -0
package/dist/cordova/src/api/index.d.ts +1 -1
package/dist/cordova/src/core/auth/auth_impl.d.ts +4 -1
package/dist/cordova/src/core/persistence/index.d.ts +2 -1
package/dist/cordova/src/model/auth.d.ts +4 -1
package/dist/cordova/src/model/public_types.d.ts +2 -1
package/dist/cordova/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
package/dist/cordova/src/platform_node/index.d.ts +1 -0
package/dist/esm2017/{index-e84cf44d.js → index-fc6bc882.js} +216 -18
package/dist/esm2017/index-fc6bc882.js.map +1 -0
package/dist/esm2017/index.d.ts +2 -1
package/dist/esm2017/index.js +1 -1
package/dist/esm2017/internal.js +2 -2
package/dist/esm2017/src/api/index.d.ts +1 -1
package/dist/esm2017/src/core/auth/auth_impl.d.ts +4 -1
package/dist/esm2017/src/core/persistence/index.d.ts +2 -1
package/dist/esm2017/src/model/auth.d.ts +4 -1
package/dist/esm2017/src/model/public_types.d.ts +2 -1
package/dist/esm2017/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
package/dist/esm2017/src/platform_node/index.d.ts +1 -0
package/dist/index.d.ts +2 -1
package/dist/index.webworker.js +70 -16
package/dist/index.webworker.js.map +1 -1
package/dist/node/index.d.ts +2 -1
package/dist/node/index.js +2 -1
package/dist/node/index.js.map +1 -1
package/dist/node/internal.js +2 -1
package/dist/node/internal.js.map +1 -1
package/dist/node/src/api/index.d.ts +1 -1
package/dist/node/src/core/auth/auth_impl.d.ts +4 -1
package/dist/node/src/core/persistence/index.d.ts +2 -1
package/dist/node/src/model/auth.d.ts +4 -1
package/dist/node/src/model/public_types.d.ts +2 -1
package/dist/node/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
package/dist/node/src/platform_node/index.d.ts +1 -0
package/dist/node/{totp-06fa6909.js → totp-88cb8aaf.js} +72 -16
package/dist/node/totp-88cb8aaf.js.map +1 -0
package/dist/node-esm/index.d.ts +2 -1
package/dist/node-esm/index.js +1 -1
package/dist/node-esm/internal.js +2 -2
package/dist/node-esm/internal.js.map +1 -1
package/dist/node-esm/src/api/index.d.ts +1 -1
package/dist/node-esm/src/core/auth/auth_impl.d.ts +4 -1
package/dist/node-esm/src/core/persistence/index.d.ts +2 -1
package/dist/node-esm/src/model/auth.d.ts +4 -1
package/dist/node-esm/src/model/public_types.d.ts +2 -1
package/dist/node-esm/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
package/dist/node-esm/src/platform_node/index.d.ts +1 -0
package/dist/node-esm/{totp-d5ff2369.js → totp-91f8ecc7.js} +73 -18
package/dist/node-esm/totp-91f8ecc7.js.map +1 -0
package/dist/rn/{index-ee081591.js → index-be8638d6.js} +70 -16
package/dist/rn/index-be8638d6.js.map +1 -0
package/dist/rn/index.d.ts +2 -1
package/dist/rn/index.js +1 -1
package/dist/rn/internal.js +146 -1
package/dist/rn/internal.js.map +1 -1
package/dist/rn/src/api/index.d.ts +1 -1
package/dist/rn/src/core/auth/auth_impl.d.ts +4 -1
package/dist/rn/src/core/persistence/index.d.ts +2 -1
package/dist/rn/src/model/auth.d.ts +4 -1
package/dist/rn/src/model/public_types.d.ts +2 -1
package/dist/rn/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
package/dist/rn/src/platform_node/index.d.ts +1 -0
package/dist/src/api/index.d.ts +1 -1
package/dist/src/core/auth/auth_impl.d.ts +4 -1
package/dist/src/core/persistence/index.d.ts +2 -1
package/dist/src/model/auth.d.ts +4 -1
package/dist/src/model/public_types.d.ts +2 -1
package/dist/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
package/dist/src/platform_node/index.d.ts +1 -0
package/dist/web-extension-cjs/index.d.ts +2 -1
package/dist/web-extension-cjs/index.js +1 -1
package/dist/web-extension-cjs/internal.js +146 -1
package/dist/web-extension-cjs/internal.js.map +1 -1
package/dist/web-extension-cjs/{register-c2c7670d.js → register-878ee631.js} +70 -16
package/dist/web-extension-cjs/register-878ee631.js.map +1 -0
package/dist/web-extension-cjs/src/api/index.d.ts +1 -1
package/dist/web-extension-cjs/src/core/auth/auth_impl.d.ts +4 -1
package/dist/web-extension-cjs/src/core/persistence/index.d.ts +2 -1
package/dist/web-extension-cjs/src/model/auth.d.ts +4 -1
package/dist/web-extension-cjs/src/model/public_types.d.ts +2 -1
package/dist/web-extension-cjs/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
package/dist/web-extension-cjs/src/platform_node/index.d.ts +1 -0
package/dist/web-extension-esm2017/auth-web-extension-public.d.ts +26 -1
package/dist/web-extension-esm2017/auth-web-extension.d.ts +29 -2
package/dist/web-extension-esm2017/index.d.ts +2 -1
package/dist/web-extension-esm2017/index.js +2 -2
package/dist/web-extension-esm2017/internal.js +147 -3
package/dist/web-extension-esm2017/internal.js.map +1 -1
package/dist/web-extension-esm2017/{register-31c228e4.js → register-59e2f235.js} +71 -17
package/dist/web-extension-esm2017/register-59e2f235.js.map +1 -0
package/dist/web-extension-esm2017/src/api/index.d.ts +1 -1
package/dist/web-extension-esm2017/src/core/auth/auth_impl.d.ts +4 -1
package/dist/web-extension-esm2017/src/core/persistence/index.d.ts +2 -1
package/dist/web-extension-esm2017/src/model/auth.d.ts +4 -1
package/dist/web-extension-esm2017/src/model/public_types.d.ts +2 -1
package/dist/web-extension-esm2017/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
package/dist/web-extension-esm2017/src/platform_node/index.d.ts +1 -0
package/package.json +8 -7
package/dist/browser-cjs/index-018c7ebd.js.map +0 -1
package/dist/cordova/popup_redirect-e795474a.js.map +0 -1
package/dist/esm2017/index-e84cf44d.js.map +0 -1
package/dist/node/totp-06fa6909.js.map +0 -1
package/dist/node-esm/totp-d5ff2369.js.map +0 -1
package/dist/rn/index-ee081591.js.map +0 -1
package/dist/web-extension-cjs/register-c2c7670d.js.map +0 -1
package/dist/web-extension-esm2017/register-31c228e4.js.map +0 -1

package/dist/web-extension-esm2017/{register-31c228e4.js → register-59e2f235.js} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { ErrorFactory, isBrowserExtension, isMobileCordova, isReactNative, FirebaseError, querystring, isCloudflareWorker, getModularInstance, base64Decode, getUA, isIE, createSubscribe, deepEqual, querystringDecode, extractQuerystring } from '@firebase/util';
+import { ErrorFactory, isBrowserExtension, isMobileCordova, isReactNative, FirebaseError, querystring, isCloudflareWorker, isCloudWorkstation, getModularInstance, base64Decode, getUA, isIE, createSubscribe, deepEqual, querystringDecode, extractQuerystring } from '@firebase/util';
 import { SDK_VERSION, _isFirebaseServerApp, _getProvider, _registerComponent, registerVersion } from '@firebase/app';
 import { __rest } from 'tslib';
 import { Component } from '@firebase/component';
@@ -770,6 +770,14 @@ const SERVER_ERROR_MAP = {
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+const CookieAuthProxiedEndpoints = [
+    "/v1/accounts:signInWithCustomToken" /* Endpoint.SIGN_IN_WITH_CUSTOM_TOKEN */,
+    "/v1/accounts:signInWithEmailLink" /* Endpoint.SIGN_IN_WITH_EMAIL_LINK */,
+    "/v1/accounts:signInWithIdp" /* Endpoint.SIGN_IN_WITH_IDP */,
+    "/v1/accounts:signInWithPassword" /* Endpoint.SIGN_IN_WITH_PASSWORD */,
+    "/v1/accounts:signInWithPhoneNumber" /* Endpoint.SIGN_IN_WITH_PHONE_NUMBER */,
+    "/v1/token" /* Endpoint.TOKEN */
+];
 const DEFAULT_API_TIMEOUT_MS = new Delay(30000, 60000);
 function _addTidIfNecessary(auth, request) {
     if (auth.tenantId && !request.tenantId) {
@@ -806,7 +814,10 @@ async function _performApiRequest(auth, method, path, request, customErrorMap =
         if (!isCloudflareWorker()) {
             fetchArgs.referrerPolicy = 'no-referrer';
         }
-        return FetchProvider.fetch()(_getFinalTarget(auth, auth.config.apiHost, path, query), fetchArgs);
+        if (auth.emulatorConfig && isCloudWorkstation(auth.emulatorConfig.host)) {
+            fetchArgs.credentials = 'include';
+        }
+        return FetchProvider.fetch()(await _getFinalTarget(auth, auth.config.apiHost, path, query), fetchArgs);
     });
 }
 async function _performFetchWithErrorHandling(auth, customErrorMap, fetchFn) {
@@ -871,12 +882,25 @@ async function _performSignInRequest(auth, method, path, request, customErrorMap
     }
     return serverResponse;
 }
-function _getFinalTarget(auth, host, path, query) {
+async function _getFinalTarget(auth, host, path, query) {
     const base = `${host}${path}?${query}`;
-    if (!auth.config.emulator) {
-        return `${auth.config.apiScheme}://${base}`;
-    }
-    return _emulatorUrl(auth.config, base);
+    const authInternal = auth;
+    const finalTarget = authInternal.config.emulator
+        ? _emulatorUrl(auth.config, base)
+        : `${auth.config.apiScheme}://${base}`;
+    // Cookie auth works by MiTMing the signIn and token endpoints from the developer's backend,
+    // saving the idToken and refreshToken into cookies, and then redacting the refreshToken
+    // from the response
+    if (CookieAuthProxiedEndpoints.includes(path)) {
+        // Persistence manager is async, we need to await it. We can't just wait for auth initialized
+        // here since auth initialization calls this function.
+        await authInternal._persistenceManagerAvailable;
+        if (authInternal._getPersistenceType() === "COOKIE" /* PersistenceType.COOKIE */) {
+            const cookiePersistence = authInternal._getPersistence();
+            return cookiePersistence._getFinalTarget(finalTarget).toString();
+        }
+    }
+    return finalTarget;
 }
 function _parseEnforcementState(enforcementStateStr) {
     switch (enforcementStateStr) {
@@ -1452,7 +1476,7 @@ async function requestStsToken(auth, refreshToken) {
             'refresh_token': refreshToken
         }).slice(1);
         const { tokenApiHost, apiKey } = auth.config;
-        const url = _getFinalTarget(auth, tokenApiHost, "/v1/token" /* Endpoint.TOKEN */, `key=${apiKey}`);
+        const url = await _getFinalTarget(auth, tokenApiHost, "/v1/token" /* Endpoint.TOKEN */, `key=${apiKey}`);
         const headers = await auth._getAdditionalHeaders();
         headers["Content-Type" /* HttpHeader.CONTENT_TYPE */] = 'application/x-www-form-urlencoded';
         return FetchProvider.fetch()(url, {
@@ -1943,7 +1967,17 @@ class PersistenceUserManager {
     }
     async getCurrentUser() {
         const blob = await this.persistence._get(this.fullUserKey);
-        return blob ? UserImpl._fromJSON(this.auth, blob) : null;
+        if (!blob) {
+            return null;
+        }
+        if (typeof blob === 'string') {
+            const response = await getAccountInfo(this.auth, { idToken: blob }).catch(() => undefined);
+            if (!response) {
+                return null;
+            }
+            return UserImpl._fromGetAccountInfoResponse(this.auth, response, blob);
+        }
+        return UserImpl._fromJSON(this.auth, blob);
     }
     removeCurrentUser() {
         return this.persistence._remove(this.fullUserKey);
@@ -1990,7 +2024,19 @@ class PersistenceUserManager {
             try {
                 const blob = await persistence._get(key);
                 if (blob) {
-                    const user = UserImpl._fromJSON(auth, blob); // throws for unparsable blob (wrong format)
+                    let user;
+                    if (typeof blob === 'string') {
+                        const response = await getAccountInfo(auth, {
+                            idToken: blob
+                        }).catch(() => undefined);
+                        if (!response) {
+                            break;
+                        }
+                        user = await UserImpl._fromGetAccountInfoResponse(auth, response, blob);
+                    }
+                    else {
+                        user = UserImpl._fromJSON(auth, blob); // throws for unparsable blob (wrong format)
+                    }
                     if (persistence !== selectedPersistence) {
                         userToMigrate = user;
                     }
@@ -2488,6 +2534,7 @@ class AuthImpl {
         this._tenantRecaptchaConfigs = {};
         this._projectPasswordPolicy = null;
         this._tenantPasswordPolicies = {};
+        this._resolvePersistenceManagerAvailable = undefined;
         // Tracks the last notified UID for state change listeners to prevent
         // repeated calls to the callbacks. Undefined means it's never been
         // called, whereas null means it's been called with a signed out user
@@ -2498,6 +2545,9 @@ class AuthImpl {
         this.frameworks = [];
         this.name = app.name;
         this.clientVersion = config.sdkClientVersion;
+        // TODO(jamesdaniels) explore less hacky way to do this, cookie authentication needs
+        // persistenceMananger to be available. see _getFinalTarget for more context
+        this._persistenceManagerAvailable = new Promise(resolve => (this._resolvePersistenceManagerAvailable = resolve));
     }
     _initializeWithPersistence(persistenceHierarchy, popupRedirectResolver) {
         if (popupRedirectResolver) {
@@ -2506,17 +2556,18 @@ class AuthImpl {
         // Have to check for app deletion throughout initialization (after each
         // promise resolution)
         this._initializationPromise = this.queue(async () => {
-            var _a, _b;
+            var _a, _b, _c;
             if (this._deleted) {
                 return;
             }
             this.persistenceManager = await PersistenceUserManager.create(this, persistenceHierarchy);
+            (_a = this._resolvePersistenceManagerAvailable) === null || _a === void 0 ? void 0 : _a.call(this);
             if (this._deleted) {
                 return;
             }
             // Initialize the resolver early if necessary (only applicable to web:
             // this will cause the iframe to load immediately in certain cases)
-            if ((_a = this._popupRedirectResolver) === null || _a === void 0 ? void 0 : _a._shouldInitProactively) {
+            if ((_b = this._popupRedirectResolver) === null || _b === void 0 ? void 0 : _b._shouldInitProactively) {
                 // If this fails, don't halt auth loading
                 try {
                     await this._popupRedirectResolver._initialize(this);
@@ -2526,7 +2577,7 @@ class AuthImpl {
                 }
             }
             await this.initializeCurrentUser(popupRedirectResolver);
-            this.lastNotifiedUid = ((_b = this.currentUser) === null || _b === void 0 ? void 0 : _b.uid) || null;
+            this.lastNotifiedUid = ((_c = this.currentUser) === null || _c === void 0 ? void 0 : _c.uid) || null;
             if (this._deleted) {
                 return;
             }
@@ -2780,9 +2831,12 @@ class AuthImpl {
             this._tenantPasswordPolicies[this.tenantId] = passwordPolicy;
         }
     }
-    _getPersistence() {
+    _getPersistenceType() {
         return this.assertedPersistence.persistence.type;
     }
+    _getPersistence() {
+        return this.assertedPersistence.persistence;
+    }
     _updateErrorMap(errorMap) {
         this._errorFactory = new ErrorFactory('auth', 'Firebase', errorMap());
     }
@@ -4347,7 +4401,7 @@ class ActionCodeURL {
         this.operation = operation;
         this.code = code;
         this.continueUrl = (_d = searchParams["continueUrl" /* QueryField.CONTINUE_URL */]) !== null && _d !== void 0 ? _d : null;
-        this.languageCode = (_e = searchParams["languageCode" /* QueryField.LANGUAGE_CODE */]) !== null && _e !== void 0 ? _e : null;
+        this.languageCode = (_e = searchParams["lang" /* QueryField.LANGUAGE_CODE */]) !== null && _e !== void 0 ? _e : null;
         this.tenantId = (_f = searchParams["tenantId" /* QueryField.TENANT_ID */]) !== null && _f !== void 0 ? _f : null;
     }
     /**
@@ -8025,7 +8079,7 @@ function _isEmptyString(input) {
 }
 var name = "@firebase/auth";
-var version = "1.9.1";
+var version = "1.10.0-auth-redirect-credentials.82faa0828";
 /**
  * @license
@@ -8172,4 +8226,4 @@ function registerAuth(clientPlatform) {
 }
 export { updateEmail as $, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as A, linkWithCredential as B, reauthenticateWithCredential as C, signInWithCustomToken as D, EmailAuthCredential as E, FacebookAuthProvider as F, GoogleAuthProvider as G, sendPasswordResetEmail as H, confirmPasswordReset as I, applyActionCode as J, checkActionCode as K, verifyPasswordResetCode as L, createUserWithEmailAndPassword as M, signInWithEmailAndPassword as N, OAuthCredential as O, PhoneAuthCredential as P, sendSignInLinkToEmail as Q, isSignInWithEmailLink as R, SAMLAuthProvider as S, TotpMultiFactorGenerator as T, signInWithEmailLink as U, fetchSignInMethodsForEmail as V, sendEmailVerification as W, verifyBeforeUpdateEmail as X, ActionCodeURL as Y, parseActionCodeURL as Z, updateProfile as _, indexedDBLocalPersistence as a, FetchProvider as a$, updatePassword as a0, getIdToken as a1, getIdTokenResult as a2, unlink as a3, getAdditionalUserInfo as a4, reload as a5, getMultiFactorResolver as a6, multiFactor as a7, STORAGE_AVAILABLE_KEY as a8, _isMobileBrowser as a9, signInWithIdp as aA, _fail as aB, debugAssert as aC, _assertInstanceOf as aD, _generateEventId as aE, FederatedAuthProvider as aF, _persistenceKeyName as aG, _performApiRequest as aH, _getCurrentUrl as aI, _gapiScriptUrl as aJ, _emulatorUrl as aK, _isChromeIOS as aL, _isFirefox as aM, _isIOSStandalone as aN, BaseOAuthProvider as aO, _setWindowLocation as aP, _isSafari as aQ, _isIOS as aR, MultiFactorAssertionImpl as aS, finalizeEnrollPhoneMfa as aT, finalizeSignInPhoneMfa as aU, _setExternalJSProvider as aV, _isAndroid as aW, _isIOS7Or8 as aX, UserImpl as aY, AuthImpl as aZ, _getClientVersion as a_, _isIE10 as aa, Delay as ab, _window as ac, _assert as ad, isV2 as ae, _createError as af, _recaptchaV2ScriptUrl as ag, _loadJS as ah, MockReCaptcha as ai, _generateCallbackName as aj, _castAuth as ak, _isHttpOrHttps as al, _isWorker as am, getRecaptchaParams as an, _serverAppCurrentUserOperationNotSupportedError as ao, _assertLinkedStatus as ap, _initializeRecaptchaConfig as aq, FAKE_TOKEN as ar, startEnrollPhoneMfa as as, handleRecaptchaFlow as at, startSignInPhoneMfa as au, sendPhoneVerificationCode as av, _link as aw, _getInstance as ax, _signInWithCredential as ay, _reauthenticate as az, TotpSecret as b, SAMLAuthCredential as b0, connectAuthEmulator as c, initializeRecaptchaConfig as d, beforeAuthStateChanged as e, onAuthStateChanged as f, updateCurrentUser as g, signOut as h, initializeAuth as i, revokeAccessToken as j, deleteUser as k, debugErrorMap as l, AuthCredential as m, inMemoryPersistence as n, onIdTokenChanged as o, prodErrorMap as p, EmailAuthProvider as q, registerAuth as r, setPersistence as s, GithubAuthProvider as t, useDeviceLanguage as u, validatePassword as v, OAuthProvider as w, TwitterAuthProvider as x, signInAnonymously as y, signInWithCredential as z };
-//# sourceMappingURL=register-31c228e4.js.map
+//# sourceMappingURL=register-59e2f235.js.map