npm - @firebase/auth - Versions diffs - 1.9.1 → 1.10.0-auth-redirect-credentials.82faa0828 - Mend

@firebase/auth 1.9.1 → 1.10.0-auth-redirect-credentials.82faa0828

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (130) hide show

package/dist/auth-public.d.ts +28 -1
package/dist/auth.d.ts +40 -2
package/dist/browser-cjs/{index-018c7ebd.js → index-d5da52c1.js} +215 -16
package/dist/browser-cjs/index-d5da52c1.js.map +1 -0
package/dist/browser-cjs/index.d.ts +2 -1
package/dist/browser-cjs/index.js +2 -1
package/dist/browser-cjs/index.js.map +1 -1
package/dist/browser-cjs/internal.js +2 -1
package/dist/browser-cjs/internal.js.map +1 -1
package/dist/browser-cjs/src/api/index.d.ts +1 -1
package/dist/browser-cjs/src/core/auth/auth_impl.d.ts +4 -1
package/dist/browser-cjs/src/core/persistence/index.d.ts +2 -1
package/dist/browser-cjs/src/model/auth.d.ts +4 -1
package/dist/browser-cjs/src/model/public_types.d.ts +2 -1
package/dist/browser-cjs/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
package/dist/browser-cjs/src/platform_node/index.d.ts +1 -0
package/dist/cordova/auth-cordova-public.d.ts +26 -1
package/dist/cordova/auth-cordova.d.ts +29 -2
package/dist/cordova/index.d.ts +2 -1
package/dist/cordova/index.js +2 -2
package/dist/cordova/internal.js +147 -3
package/dist/cordova/internal.js.map +1 -1
package/dist/cordova/{popup_redirect-e795474a.js → popup_redirect-79d5de9a.js} +71 -17
package/dist/cordova/popup_redirect-79d5de9a.js.map +1 -0
package/dist/cordova/src/api/index.d.ts +1 -1
package/dist/cordova/src/core/auth/auth_impl.d.ts +4 -1
package/dist/cordova/src/core/persistence/index.d.ts +2 -1
package/dist/cordova/src/model/auth.d.ts +4 -1
package/dist/cordova/src/model/public_types.d.ts +2 -1
package/dist/cordova/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
package/dist/cordova/src/platform_node/index.d.ts +1 -0
package/dist/esm2017/{index-e84cf44d.js → index-fc6bc882.js} +216 -18
package/dist/esm2017/index-fc6bc882.js.map +1 -0
package/dist/esm2017/index.d.ts +2 -1
package/dist/esm2017/index.js +1 -1
package/dist/esm2017/internal.js +2 -2
package/dist/esm2017/src/api/index.d.ts +1 -1
package/dist/esm2017/src/core/auth/auth_impl.d.ts +4 -1
package/dist/esm2017/src/core/persistence/index.d.ts +2 -1
package/dist/esm2017/src/model/auth.d.ts +4 -1
package/dist/esm2017/src/model/public_types.d.ts +2 -1
package/dist/esm2017/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
package/dist/esm2017/src/platform_node/index.d.ts +1 -0
package/dist/index.d.ts +2 -1
package/dist/index.webworker.js +70 -16
package/dist/index.webworker.js.map +1 -1
package/dist/node/index.d.ts +2 -1
package/dist/node/index.js +2 -1
package/dist/node/index.js.map +1 -1
package/dist/node/internal.js +2 -1
package/dist/node/internal.js.map +1 -1
package/dist/node/src/api/index.d.ts +1 -1
package/dist/node/src/core/auth/auth_impl.d.ts +4 -1
package/dist/node/src/core/persistence/index.d.ts +2 -1
package/dist/node/src/model/auth.d.ts +4 -1
package/dist/node/src/model/public_types.d.ts +2 -1
package/dist/node/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
package/dist/node/src/platform_node/index.d.ts +1 -0
package/dist/node/{totp-06fa6909.js → totp-88cb8aaf.js} +72 -16
package/dist/node/totp-88cb8aaf.js.map +1 -0
package/dist/node-esm/index.d.ts +2 -1
package/dist/node-esm/index.js +1 -1
package/dist/node-esm/internal.js +2 -2
package/dist/node-esm/internal.js.map +1 -1
package/dist/node-esm/src/api/index.d.ts +1 -1
package/dist/node-esm/src/core/auth/auth_impl.d.ts +4 -1
package/dist/node-esm/src/core/persistence/index.d.ts +2 -1
package/dist/node-esm/src/model/auth.d.ts +4 -1
package/dist/node-esm/src/model/public_types.d.ts +2 -1
package/dist/node-esm/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
package/dist/node-esm/src/platform_node/index.d.ts +1 -0
package/dist/node-esm/{totp-d5ff2369.js → totp-91f8ecc7.js} +73 -18
package/dist/node-esm/totp-91f8ecc7.js.map +1 -0
package/dist/rn/{index-ee081591.js → index-be8638d6.js} +70 -16
package/dist/rn/index-be8638d6.js.map +1 -0
package/dist/rn/index.d.ts +2 -1
package/dist/rn/index.js +1 -1
package/dist/rn/internal.js +146 -1
package/dist/rn/internal.js.map +1 -1
package/dist/rn/src/api/index.d.ts +1 -1
package/dist/rn/src/core/auth/auth_impl.d.ts +4 -1
package/dist/rn/src/core/persistence/index.d.ts +2 -1
package/dist/rn/src/model/auth.d.ts +4 -1
package/dist/rn/src/model/public_types.d.ts +2 -1
package/dist/rn/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
package/dist/rn/src/platform_node/index.d.ts +1 -0
package/dist/src/api/index.d.ts +1 -1
package/dist/src/core/auth/auth_impl.d.ts +4 -1
package/dist/src/core/persistence/index.d.ts +2 -1
package/dist/src/model/auth.d.ts +4 -1
package/dist/src/model/public_types.d.ts +2 -1
package/dist/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
package/dist/src/platform_node/index.d.ts +1 -0
package/dist/web-extension-cjs/index.d.ts +2 -1
package/dist/web-extension-cjs/index.js +1 -1
package/dist/web-extension-cjs/internal.js +146 -1
package/dist/web-extension-cjs/internal.js.map +1 -1
package/dist/web-extension-cjs/{register-c2c7670d.js → register-878ee631.js} +70 -16
package/dist/web-extension-cjs/register-878ee631.js.map +1 -0
package/dist/web-extension-cjs/src/api/index.d.ts +1 -1
package/dist/web-extension-cjs/src/core/auth/auth_impl.d.ts +4 -1
package/dist/web-extension-cjs/src/core/persistence/index.d.ts +2 -1
package/dist/web-extension-cjs/src/model/auth.d.ts +4 -1
package/dist/web-extension-cjs/src/model/public_types.d.ts +2 -1
package/dist/web-extension-cjs/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
package/dist/web-extension-cjs/src/platform_node/index.d.ts +1 -0
package/dist/web-extension-esm2017/auth-web-extension-public.d.ts +26 -1
package/dist/web-extension-esm2017/auth-web-extension.d.ts +29 -2
package/dist/web-extension-esm2017/index.d.ts +2 -1
package/dist/web-extension-esm2017/index.js +2 -2
package/dist/web-extension-esm2017/internal.js +147 -3
package/dist/web-extension-esm2017/internal.js.map +1 -1
package/dist/web-extension-esm2017/{register-31c228e4.js → register-59e2f235.js} +71 -17
package/dist/web-extension-esm2017/register-59e2f235.js.map +1 -0
package/dist/web-extension-esm2017/src/api/index.d.ts +1 -1
package/dist/web-extension-esm2017/src/core/auth/auth_impl.d.ts +4 -1
package/dist/web-extension-esm2017/src/core/persistence/index.d.ts +2 -1
package/dist/web-extension-esm2017/src/model/auth.d.ts +4 -1
package/dist/web-extension-esm2017/src/model/public_types.d.ts +2 -1
package/dist/web-extension-esm2017/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
package/dist/web-extension-esm2017/src/platform_node/index.d.ts +1 -0
package/package.json +8 -7
package/dist/browser-cjs/index-018c7ebd.js.map +0 -1
package/dist/cordova/popup_redirect-e795474a.js.map +0 -1
package/dist/esm2017/index-e84cf44d.js.map +0 -1
package/dist/node/totp-06fa6909.js.map +0 -1
package/dist/node-esm/totp-d5ff2369.js.map +0 -1
package/dist/rn/index-ee081591.js.map +0 -1
package/dist/web-extension-cjs/register-c2c7670d.js.map +0 -1
package/dist/web-extension-esm2017/register-31c228e4.js.map +0 -1

package/dist/cordova/{popup_redirect-e795474a.js → popup_redirect-79d5de9a.js} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { ErrorFactory, isBrowserExtension, isMobileCordova, isReactNative, FirebaseError, querystring, isCloudflareWorker, getModularInstance, base64Decode, getUA, isIE, createSubscribe, deepEqual, querystringDecode, extractQuerystring, isEmpty } from '@firebase/util';
+import { ErrorFactory, isBrowserExtension, isMobileCordova, isReactNative, FirebaseError, querystring, isCloudflareWorker, isCloudWorkstation, getModularInstance, base64Decode, getUA, isIE, createSubscribe, deepEqual, querystringDecode, extractQuerystring, isEmpty } from '@firebase/util';
 import { SDK_VERSION, _isFirebaseServerApp, _getProvider, _registerComponent, registerVersion } from '@firebase/app';
 import { __rest } from 'tslib';
 import { Component } from '@firebase/component';
@@ -1472,6 +1472,14 @@ const SERVER_ERROR_MAP = {
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+const CookieAuthProxiedEndpoints = [
+    "/v1/accounts:signInWithCustomToken" /* Endpoint.SIGN_IN_WITH_CUSTOM_TOKEN */,
+    "/v1/accounts:signInWithEmailLink" /* Endpoint.SIGN_IN_WITH_EMAIL_LINK */,
+    "/v1/accounts:signInWithIdp" /* Endpoint.SIGN_IN_WITH_IDP */,
+    "/v1/accounts:signInWithPassword" /* Endpoint.SIGN_IN_WITH_PASSWORD */,
+    "/v1/accounts:signInWithPhoneNumber" /* Endpoint.SIGN_IN_WITH_PHONE_NUMBER */,
+    "/v1/token" /* Endpoint.TOKEN */
+];
 const DEFAULT_API_TIMEOUT_MS = new Delay(30000, 60000);
 function _addTidIfNecessary(auth, request) {
     if (auth.tenantId && !request.tenantId) {
@@ -1508,7 +1516,10 @@ async function _performApiRequest(auth, method, path, request, customErrorMap =
         if (!isCloudflareWorker()) {
             fetchArgs.referrerPolicy = 'no-referrer';
         }
-        return FetchProvider.fetch()(_getFinalTarget(auth, auth.config.apiHost, path, query), fetchArgs);
+        if (auth.emulatorConfig && isCloudWorkstation(auth.emulatorConfig.host)) {
+            fetchArgs.credentials = 'include';
+        }
+        return FetchProvider.fetch()(await _getFinalTarget(auth, auth.config.apiHost, path, query), fetchArgs);
     });
 }
 async function _performFetchWithErrorHandling(auth, customErrorMap, fetchFn) {
@@ -1573,12 +1584,25 @@ async function _performSignInRequest(auth, method, path, request, customErrorMap
     }
     return serverResponse;
 }
-function _getFinalTarget(auth, host, path, query) {
+async function _getFinalTarget(auth, host, path, query) {
     const base = `${host}${path}?${query}`;
-    if (!auth.config.emulator) {
-        return `${auth.config.apiScheme}://${base}`;
-    }
-    return _emulatorUrl(auth.config, base);
+    const authInternal = auth;
+    const finalTarget = authInternal.config.emulator
+        ? _emulatorUrl(auth.config, base)
+        : `${auth.config.apiScheme}://${base}`;
+    // Cookie auth works by MiTMing the signIn and token endpoints from the developer's backend,
+    // saving the idToken and refreshToken into cookies, and then redacting the refreshToken
+    // from the response
+    if (CookieAuthProxiedEndpoints.includes(path)) {
+        // Persistence manager is async, we need to await it. We can't just wait for auth initialized
+        // here since auth initialization calls this function.
+        await authInternal._persistenceManagerAvailable;
+        if (authInternal._getPersistenceType() === "COOKIE" /* PersistenceType.COOKIE */) {
+            const cookiePersistence = authInternal._getPersistence();
+            return cookiePersistence._getFinalTarget(finalTarget).toString();
+        }
+    }
+    return finalTarget;
 }
 function _parseEnforcementState(enforcementStateStr) {
     switch (enforcementStateStr) {
@@ -2154,7 +2178,7 @@ async function requestStsToken(auth, refreshToken) {
             'refresh_token': refreshToken
         }).slice(1);
         const { tokenApiHost, apiKey } = auth.config;
-        const url = _getFinalTarget(auth, tokenApiHost, "/v1/token" /* Endpoint.TOKEN */, `key=${apiKey}`);
+        const url = await _getFinalTarget(auth, tokenApiHost, "/v1/token" /* Endpoint.TOKEN */, `key=${apiKey}`);
         const headers = await auth._getAdditionalHeaders();
         headers["Content-Type" /* HttpHeader.CONTENT_TYPE */] = 'application/x-www-form-urlencoded';
         return FetchProvider.fetch()(url, {
@@ -2645,7 +2669,17 @@ class PersistenceUserManager {
     }
     async getCurrentUser() {
         const blob = await this.persistence._get(this.fullUserKey);
-        return blob ? UserImpl._fromJSON(this.auth, blob) : null;
+        if (!blob) {
+            return null;
+        }
+        if (typeof blob === 'string') {
+            const response = await getAccountInfo(this.auth, { idToken: blob }).catch(() => undefined);
+            if (!response) {
+                return null;
+            }
+            return UserImpl._fromGetAccountInfoResponse(this.auth, response, blob);
+        }
+        return UserImpl._fromJSON(this.auth, blob);
     }
     removeCurrentUser() {
         return this.persistence._remove(this.fullUserKey);
@@ -2692,7 +2726,19 @@ class PersistenceUserManager {
             try {
                 const blob = await persistence._get(key);
                 if (blob) {
-                    const user = UserImpl._fromJSON(auth, blob); // throws for unparsable blob (wrong format)
+                    let user;
+                    if (typeof blob === 'string') {
+                        const response = await getAccountInfo(auth, {
+                            idToken: blob
+                        }).catch(() => undefined);
+                        if (!response) {
+                            break;
+                        }
+                        user = await UserImpl._fromGetAccountInfoResponse(auth, response, blob);
+                    }
+                    else {
+                        user = UserImpl._fromJSON(auth, blob); // throws for unparsable blob (wrong format)
+                    }
                     if (persistence !== selectedPersistence) {
                         userToMigrate = user;
                     }
@@ -3190,6 +3236,7 @@ class AuthImpl {
         this._tenantRecaptchaConfigs = {};
         this._projectPasswordPolicy = null;
         this._tenantPasswordPolicies = {};
+        this._resolvePersistenceManagerAvailable = undefined;
         // Tracks the last notified UID for state change listeners to prevent
         // repeated calls to the callbacks. Undefined means it's never been
         // called, whereas null means it's been called with a signed out user
@@ -3200,6 +3247,9 @@ class AuthImpl {
         this.frameworks = [];
         this.name = app.name;
         this.clientVersion = config.sdkClientVersion;
+        // TODO(jamesdaniels) explore less hacky way to do this, cookie authentication needs
+        // persistenceMananger to be available. see _getFinalTarget for more context
+        this._persistenceManagerAvailable = new Promise(resolve => (this._resolvePersistenceManagerAvailable = resolve));
     }
     _initializeWithPersistence(persistenceHierarchy, popupRedirectResolver) {
         if (popupRedirectResolver) {
@@ -3208,17 +3258,18 @@ class AuthImpl {
         // Have to check for app deletion throughout initialization (after each
         // promise resolution)
         this._initializationPromise = this.queue(async () => {
-            var _a, _b;
+            var _a, _b, _c;
             if (this._deleted) {
                 return;
             }
             this.persistenceManager = await PersistenceUserManager.create(this, persistenceHierarchy);
+            (_a = this._resolvePersistenceManagerAvailable) === null || _a === void 0 ? void 0 : _a.call(this);
             if (this._deleted) {
                 return;
             }
             // Initialize the resolver early if necessary (only applicable to web:
             // this will cause the iframe to load immediately in certain cases)
-            if ((_a = this._popupRedirectResolver) === null || _a === void 0 ? void 0 : _a._shouldInitProactively) {
+            if ((_b = this._popupRedirectResolver) === null || _b === void 0 ? void 0 : _b._shouldInitProactively) {
                 // If this fails, don't halt auth loading
                 try {
                     await this._popupRedirectResolver._initialize(this);
@@ -3228,7 +3279,7 @@ class AuthImpl {
                 }
             }
             await this.initializeCurrentUser(popupRedirectResolver);
-            this.lastNotifiedUid = ((_b = this.currentUser) === null || _b === void 0 ? void 0 : _b.uid) || null;
+            this.lastNotifiedUid = ((_c = this.currentUser) === null || _c === void 0 ? void 0 : _c.uid) || null;
             if (this._deleted) {
                 return;
             }
@@ -3482,9 +3533,12 @@ class AuthImpl {
             this._tenantPasswordPolicies[this.tenantId] = passwordPolicy;
         }
     }
-    _getPersistence() {
+    _getPersistenceType() {
         return this.assertedPersistence.persistence.type;
     }
+    _getPersistence() {
+        return this.assertedPersistence.persistence;
+    }
     _updateErrorMap(errorMap) {
         this._errorFactory = new ErrorFactory('auth', 'Firebase', errorMap());
     }
@@ -5049,7 +5103,7 @@ class ActionCodeURL {
         this.operation = operation;
         this.code = code;
         this.continueUrl = (_d = searchParams["continueUrl" /* QueryField.CONTINUE_URL */]) !== null && _d !== void 0 ? _d : null;
-        this.languageCode = (_e = searchParams["languageCode" /* QueryField.LANGUAGE_CODE */]) !== null && _e !== void 0 ? _e : null;
+        this.languageCode = (_e = searchParams["lang" /* QueryField.LANGUAGE_CODE */]) !== null && _e !== void 0 ? _e : null;
         this.tenantId = (_f = searchParams["tenantId" /* QueryField.TENANT_ID */]) !== null && _f !== void 0 ? _f : null;
     }
     /**
@@ -7835,7 +7889,7 @@ function multiFactor(user) {
 }
 var name = "@firebase/auth";
-var version = "1.9.1";
+var version = "1.10.0-auth-redirect-credentials.82faa0828";
 /**
  * @license
@@ -9655,4 +9709,4 @@ function generateNoEvent() {
 }
 export { signInWithEmailAndPassword as $, ActionCodeOperation as A, PhoneAuthCredential as B, inMemoryPersistence as C, EmailAuthProvider as D, EmailAuthCredential as E, FactorId as F, FacebookAuthProvider as G, GoogleAuthProvider as H, GithubAuthProvider as I, OAuthProvider as J, SAMLAuthProvider as K, signInAnonymously as L, signInWithCredential as M, linkWithCredential as N, OperationType as O, ProviderId as P, reauthenticateWithCredential as Q, signInWithCustomToken as R, SignInMethod as S, TwitterAuthProvider as T, sendPasswordResetEmail as U, confirmPasswordReset as V, applyActionCode as W, checkActionCode as X, verifyPasswordResetCode as Y, createUserWithEmailAndPassword as Z, _signInWithRedirect as _, _reauthenticateWithRedirect as a, debugFail as a$, sendSignInLinkToEmail as a0, isSignInWithEmailLink as a1, signInWithEmailLink as a2, fetchSignInMethodsForEmail as a3, sendEmailVerification as a4, verifyBeforeUpdateEmail as a5, ActionCodeURL as a6, parseActionCodeURL as a7, updateProfile as a8, updateEmail as a9, FAKE_TOKEN as aA, startEnrollPhoneMfa as aB, handleRecaptchaFlow as aC, sendPhoneVerificationCode as aD, _link$1 as aE, _assertInstanceOf as aF, _withDefaultResolver as aG, AbstractPopupRedirectOperation as aH, debugAssert as aI, _generateEventId as aJ, FederatedAuthProvider as aK, _getProjectConfig as aL, _fail as aM, _getCurrentUrl as aN, _gapiScriptUrl as aO, _emulatorUrl as aP, _isChromeIOS as aQ, _isFirefox as aR, _isIOSStandalone as aS, _getRedirectResult as aT, _overrideRedirectResult as aU, _getRedirectUrl as aV, _setWindowLocation as aW, _isMobileBrowser as aX, _isSafari as aY, _isIOS as aZ, AuthEventManager as a_, updatePassword as aa, getIdToken as ab, getIdTokenResult as ac, unlink as ad, getAdditionalUserInfo as ae, reload as af, getMultiFactorResolver as ag, multiFactor as ah, _performApiRequest as ai, _addTidIfNecessary as aj, Delay as ak, _window as al, _assert as am, isV2 as an, _createError as ao, _recaptchaV2ScriptUrl as ap, _loadJS as aq, MockReCaptcha as ar, _generateCallbackName as as, _castAuth as at, _isHttpOrHttps as au, _isWorker as av, getRecaptchaParams as aw, _serverAppCurrentUserOperationNotSupportedError as ax, _assertLinkedStatus as ay, _initializeRecaptchaConfig as az, _linkWithRedirect as b, finalizeEnrollPhoneMfa as b0, startEnrollTotpMfa as b1, finalizeEnrollTotpMfa as b2, _setExternalJSProvider as b3, _persistenceKeyName as b4, UserImpl as b5, _getInstance as b6, AuthImpl as b7, _getClientVersion as b8, FetchProvider as b9, SAMLAuthCredential as ba, signInWithRedirect as bb, linkWithRedirect as bc, reauthenticateWithRedirect as bd, indexedDBLocalPersistence as c, cordovaPopupRedirectResolver as d, browserLocalPersistence as e, browserSessionPersistence as f, getRedirectResult as g, initializeRecaptchaConfig as h, initializeAuth as i, beforeAuthStateChanged as j, onAuthStateChanged as k, updateCurrentUser as l, signOut as m, revokeAccessToken as n, onIdTokenChanged as o, deleteUser as p, debugErrorMap as q, registerAuth as r, setPersistence as s, prodErrorMap as t, useDeviceLanguage as u, validatePassword as v, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as w, connectAuthEmulator as x, AuthCredential as y, OAuthCredential as z };
-//# sourceMappingURL=popup_redirect-e795474a.js.map
+//# sourceMappingURL=popup_redirect-79d5de9a.js.map