@firebase/auth 1.9.1 → 1.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (130) hide show
  1. package/dist/auth-public.d.ts +28 -1
  2. package/dist/auth.d.ts +40 -2
  3. package/dist/browser-cjs/{index-018c7ebd.js → index-eddc1dc3.js} +211 -15
  4. package/dist/browser-cjs/index-eddc1dc3.js.map +1 -0
  5. package/dist/browser-cjs/index.d.ts +2 -1
  6. package/dist/browser-cjs/index.js +2 -1
  7. package/dist/browser-cjs/index.js.map +1 -1
  8. package/dist/browser-cjs/internal.js +2 -1
  9. package/dist/browser-cjs/internal.js.map +1 -1
  10. package/dist/browser-cjs/src/api/index.d.ts +1 -1
  11. package/dist/browser-cjs/src/core/auth/auth_impl.d.ts +4 -1
  12. package/dist/browser-cjs/src/core/persistence/index.d.ts +2 -1
  13. package/dist/browser-cjs/src/model/auth.d.ts +4 -1
  14. package/dist/browser-cjs/src/model/public_types.d.ts +2 -1
  15. package/dist/browser-cjs/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
  16. package/dist/browser-cjs/src/platform_node/index.d.ts +1 -0
  17. package/dist/cordova/auth-cordova-public.d.ts +26 -1
  18. package/dist/cordova/auth-cordova.d.ts +29 -2
  19. package/dist/cordova/index.d.ts +2 -1
  20. package/dist/cordova/index.js +2 -2
  21. package/dist/cordova/internal.js +147 -3
  22. package/dist/cordova/internal.js.map +1 -1
  23. package/dist/cordova/{popup_redirect-e795474a.js → popup_redirect-5323ec00.js} +66 -15
  24. package/dist/cordova/popup_redirect-5323ec00.js.map +1 -0
  25. package/dist/cordova/src/api/index.d.ts +1 -1
  26. package/dist/cordova/src/core/auth/auth_impl.d.ts +4 -1
  27. package/dist/cordova/src/core/persistence/index.d.ts +2 -1
  28. package/dist/cordova/src/model/auth.d.ts +4 -1
  29. package/dist/cordova/src/model/public_types.d.ts +2 -1
  30. package/dist/cordova/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
  31. package/dist/cordova/src/platform_node/index.d.ts +1 -0
  32. package/dist/esm2017/{index-e84cf44d.js → index-c92d61ad.js} +211 -16
  33. package/dist/esm2017/index-c92d61ad.js.map +1 -0
  34. package/dist/esm2017/index.d.ts +2 -1
  35. package/dist/esm2017/index.js +1 -1
  36. package/dist/esm2017/internal.js +2 -2
  37. package/dist/esm2017/src/api/index.d.ts +1 -1
  38. package/dist/esm2017/src/core/auth/auth_impl.d.ts +4 -1
  39. package/dist/esm2017/src/core/persistence/index.d.ts +2 -1
  40. package/dist/esm2017/src/model/auth.d.ts +4 -1
  41. package/dist/esm2017/src/model/public_types.d.ts +2 -1
  42. package/dist/esm2017/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
  43. package/dist/esm2017/src/platform_node/index.d.ts +1 -0
  44. package/dist/index.d.ts +2 -1
  45. package/dist/index.webworker.js +65 -14
  46. package/dist/index.webworker.js.map +1 -1
  47. package/dist/node/index.d.ts +2 -1
  48. package/dist/node/index.js +2 -1
  49. package/dist/node/index.js.map +1 -1
  50. package/dist/node/internal.js +2 -1
  51. package/dist/node/internal.js.map +1 -1
  52. package/dist/node/src/api/index.d.ts +1 -1
  53. package/dist/node/src/core/auth/auth_impl.d.ts +4 -1
  54. package/dist/node/src/core/persistence/index.d.ts +2 -1
  55. package/dist/node/src/model/auth.d.ts +4 -1
  56. package/dist/node/src/model/public_types.d.ts +2 -1
  57. package/dist/node/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
  58. package/dist/node/src/platform_node/index.d.ts +1 -0
  59. package/dist/node/{totp-06fa6909.js → totp-af329771.js} +68 -15
  60. package/dist/node/totp-af329771.js.map +1 -0
  61. package/dist/node-esm/index.d.ts +2 -1
  62. package/dist/node-esm/index.js +1 -1
  63. package/dist/node-esm/internal.js +2 -2
  64. package/dist/node-esm/internal.js.map +1 -1
  65. package/dist/node-esm/src/api/index.d.ts +1 -1
  66. package/dist/node-esm/src/core/auth/auth_impl.d.ts +4 -1
  67. package/dist/node-esm/src/core/persistence/index.d.ts +2 -1
  68. package/dist/node-esm/src/model/auth.d.ts +4 -1
  69. package/dist/node-esm/src/model/public_types.d.ts +2 -1
  70. package/dist/node-esm/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
  71. package/dist/node-esm/src/platform_node/index.d.ts +1 -0
  72. package/dist/node-esm/{totp-d5ff2369.js → totp-7829abf2.js} +68 -16
  73. package/dist/node-esm/totp-7829abf2.js.map +1 -0
  74. package/dist/rn/{index-ee081591.js → index-e8d5e0fb.js} +66 -15
  75. package/dist/rn/index-e8d5e0fb.js.map +1 -0
  76. package/dist/rn/index.d.ts +2 -1
  77. package/dist/rn/index.js +1 -1
  78. package/dist/rn/internal.js +146 -1
  79. package/dist/rn/internal.js.map +1 -1
  80. package/dist/rn/src/api/index.d.ts +1 -1
  81. package/dist/rn/src/core/auth/auth_impl.d.ts +4 -1
  82. package/dist/rn/src/core/persistence/index.d.ts +2 -1
  83. package/dist/rn/src/model/auth.d.ts +4 -1
  84. package/dist/rn/src/model/public_types.d.ts +2 -1
  85. package/dist/rn/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
  86. package/dist/rn/src/platform_node/index.d.ts +1 -0
  87. package/dist/src/api/index.d.ts +1 -1
  88. package/dist/src/core/auth/auth_impl.d.ts +4 -1
  89. package/dist/src/core/persistence/index.d.ts +2 -1
  90. package/dist/src/model/auth.d.ts +4 -1
  91. package/dist/src/model/public_types.d.ts +2 -1
  92. package/dist/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
  93. package/dist/src/platform_node/index.d.ts +1 -0
  94. package/dist/web-extension-cjs/index.d.ts +2 -1
  95. package/dist/web-extension-cjs/index.js +1 -1
  96. package/dist/web-extension-cjs/internal.js +146 -1
  97. package/dist/web-extension-cjs/internal.js.map +1 -1
  98. package/dist/web-extension-cjs/{register-c2c7670d.js → register-b64ddc5e.js} +66 -15
  99. package/dist/web-extension-cjs/register-b64ddc5e.js.map +1 -0
  100. package/dist/web-extension-cjs/src/api/index.d.ts +1 -1
  101. package/dist/web-extension-cjs/src/core/auth/auth_impl.d.ts +4 -1
  102. package/dist/web-extension-cjs/src/core/persistence/index.d.ts +2 -1
  103. package/dist/web-extension-cjs/src/model/auth.d.ts +4 -1
  104. package/dist/web-extension-cjs/src/model/public_types.d.ts +2 -1
  105. package/dist/web-extension-cjs/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
  106. package/dist/web-extension-cjs/src/platform_node/index.d.ts +1 -0
  107. package/dist/web-extension-esm2017/auth-web-extension-public.d.ts +26 -1
  108. package/dist/web-extension-esm2017/auth-web-extension.d.ts +29 -2
  109. package/dist/web-extension-esm2017/index.d.ts +2 -1
  110. package/dist/web-extension-esm2017/index.js +2 -2
  111. package/dist/web-extension-esm2017/internal.js +147 -3
  112. package/dist/web-extension-esm2017/internal.js.map +1 -1
  113. package/dist/web-extension-esm2017/{register-31c228e4.js → register-00522d81.js} +66 -15
  114. package/dist/web-extension-esm2017/register-00522d81.js.map +1 -0
  115. package/dist/web-extension-esm2017/src/api/index.d.ts +1 -1
  116. package/dist/web-extension-esm2017/src/core/auth/auth_impl.d.ts +4 -1
  117. package/dist/web-extension-esm2017/src/core/persistence/index.d.ts +2 -1
  118. package/dist/web-extension-esm2017/src/model/auth.d.ts +4 -1
  119. package/dist/web-extension-esm2017/src/model/public_types.d.ts +2 -1
  120. package/dist/web-extension-esm2017/src/platform_browser/persistence/cookie_storage.d.ts +40 -0
  121. package/dist/web-extension-esm2017/src/platform_node/index.d.ts +1 -0
  122. package/package.json +3 -2
  123. package/dist/browser-cjs/index-018c7ebd.js.map +0 -1
  124. package/dist/cordova/popup_redirect-e795474a.js.map +0 -1
  125. package/dist/esm2017/index-e84cf44d.js.map +0 -1
  126. package/dist/node/totp-06fa6909.js.map +0 -1
  127. package/dist/node-esm/totp-d5ff2369.js.map +0 -1
  128. package/dist/rn/index-ee081591.js.map +0 -1
  129. package/dist/web-extension-cjs/register-c2c7670d.js.map +0 -1
  130. package/dist/web-extension-esm2017/register-31c228e4.js.map +0 -1
package/dist/cordova/{popup_redirect-e795474a.js → popup_redirect-5323ec00.js} RENAMED
@@ -1472,6 +1472,14 @@ const SERVER_ERROR_MAP = {
1472
1472
  * See the License for the specific language governing permissions and
1473
1473
  * limitations under the License.
1474
1474
  */
1475
+ const CookieAuthProxiedEndpoints = [
1476
+ "/v1/accounts:signInWithCustomToken" /* Endpoint.SIGN_IN_WITH_CUSTOM_TOKEN */,
1477
+ "/v1/accounts:signInWithEmailLink" /* Endpoint.SIGN_IN_WITH_EMAIL_LINK */,
1478
+ "/v1/accounts:signInWithIdp" /* Endpoint.SIGN_IN_WITH_IDP */,
1479
+ "/v1/accounts:signInWithPassword" /* Endpoint.SIGN_IN_WITH_PASSWORD */,
1480
+ "/v1/accounts:signInWithPhoneNumber" /* Endpoint.SIGN_IN_WITH_PHONE_NUMBER */,
1481
+ "/v1/token" /* Endpoint.TOKEN */
1482
+ ];
1475
1483
  const DEFAULT_API_TIMEOUT_MS = new Delay(30000, 60000);
1476
1484
  function _addTidIfNecessary(auth, request) {
1477
1485
  if (auth.tenantId && !request.tenantId) {
@@ -1508,7 +1516,7 @@ async function _performApiRequest(auth, method, path, request, customErrorMap =
1508
1516
  if (!isCloudflareWorker()) {
1509
1517
  fetchArgs.referrerPolicy = 'no-referrer';
1510
1518
  }
1511
- return FetchProvider.fetch()(_getFinalTarget(auth, auth.config.apiHost, path, query), fetchArgs);
1519
+ return FetchProvider.fetch()(await _getFinalTarget(auth, auth.config.apiHost, path, query), fetchArgs);
1512
1520
  });
1513
1521
  }
1514
1522
  async function _performFetchWithErrorHandling(auth, customErrorMap, fetchFn) {
@@ -1573,12 +1581,25 @@ async function _performSignInRequest(auth, method, path, request, customErrorMap
1573
1581
  }
1574
1582
  return serverResponse;
1575
1583
  }
1576
- function _getFinalTarget(auth, host, path, query) {
1584
+ async function _getFinalTarget(auth, host, path, query) {
1577
1585
  const base = `${host}${path}?${query}`;
1578
- if (!auth.config.emulator) {
1579
- return `${auth.config.apiScheme}://${base}`;
1580
- }
1581
- return _emulatorUrl(auth.config, base);
1586
+ const authInternal = auth;
1587
+ const finalTarget = authInternal.config.emulator
1588
+ ? _emulatorUrl(auth.config, base)
1589
+ : `${auth.config.apiScheme}://${base}`;
1590
+ // Cookie auth works by MiTMing the signIn and token endpoints from the developer's backend,
1591
+ // saving the idToken and refreshToken into cookies, and then redacting the refreshToken
1592
+ // from the response
1593
+ if (CookieAuthProxiedEndpoints.includes(path)) {
1594
+ // Persistence manager is async, we need to await it. We can't just wait for auth initialized
1595
+ // here since auth initialization calls this function.
1596
+ await authInternal._persistenceManagerAvailable;
1597
+ if (authInternal._getPersistenceType() === "COOKIE" /* PersistenceType.COOKIE */) {
1598
+ const cookiePersistence = authInternal._getPersistence();
1599
+ return cookiePersistence._getFinalTarget(finalTarget).toString();
1600
+ }
1601
+ }
1602
+ return finalTarget;
1582
1603
  }
1583
1604
  function _parseEnforcementState(enforcementStateStr) {
1584
1605
  switch (enforcementStateStr) {
@@ -2154,7 +2175,7 @@ async function requestStsToken(auth, refreshToken) {
2154
2175
  'refresh_token': refreshToken
2155
2176
  }).slice(1);
2156
2177
  const { tokenApiHost, apiKey } = auth.config;
2157
- const url = _getFinalTarget(auth, tokenApiHost, "/v1/token" /* Endpoint.TOKEN */, `key=${apiKey}`);
2178
+ const url = await _getFinalTarget(auth, tokenApiHost, "/v1/token" /* Endpoint.TOKEN */, `key=${apiKey}`);
2158
2179
  const headers = await auth._getAdditionalHeaders();
2159
2180
  headers["Content-Type" /* HttpHeader.CONTENT_TYPE */] = 'application/x-www-form-urlencoded';
2160
2181
  return FetchProvider.fetch()(url, {
@@ -2645,7 +2666,17 @@ class PersistenceUserManager {
2645
2666
  }
2646
2667
  async getCurrentUser() {
2647
2668
  const blob = await this.persistence._get(this.fullUserKey);
2648
- return blob ? UserImpl._fromJSON(this.auth, blob) : null;
2669
+ if (!blob) {
2670
+ return null;
2671
+ }
2672
+ if (typeof blob === 'string') {
2673
+ const response = await getAccountInfo(this.auth, { idToken: blob }).catch(() => undefined);
2674
+ if (!response) {
2675
+ return null;
2676
+ }
2677
+ return UserImpl._fromGetAccountInfoResponse(this.auth, response, blob);
2678
+ }
2679
+ return UserImpl._fromJSON(this.auth, blob);
2649
2680
  }
2650
2681
  removeCurrentUser() {
2651
2682
  return this.persistence._remove(this.fullUserKey);
@@ -2692,7 +2723,19 @@ class PersistenceUserManager {
2692
2723
  try {
2693
2724
  const blob = await persistence._get(key);
2694
2725
  if (blob) {
2695
- const user = UserImpl._fromJSON(auth, blob); // throws for unparsable blob (wrong format)
2726
+ let user;
2727
+ if (typeof blob === 'string') {
2728
+ const response = await getAccountInfo(auth, {
2729
+ idToken: blob
2730
+ }).catch(() => undefined);
2731
+ if (!response) {
2732
+ break;
2733
+ }
2734
+ user = await UserImpl._fromGetAccountInfoResponse(auth, response, blob);
2735
+ }
2736
+ else {
2737
+ user = UserImpl._fromJSON(auth, blob); // throws for unparsable blob (wrong format)
2738
+ }
2696
2739
  if (persistence !== selectedPersistence) {
2697
2740
  userToMigrate = user;
2698
2741
  }
@@ -3190,6 +3233,7 @@ class AuthImpl {
3190
3233
  this._tenantRecaptchaConfigs = {};
3191
3234
  this._projectPasswordPolicy = null;
3192
3235
  this._tenantPasswordPolicies = {};
3236
+ this._resolvePersistenceManagerAvailable = undefined;
3193
3237
  // Tracks the last notified UID for state change listeners to prevent
3194
3238
  // repeated calls to the callbacks. Undefined means it's never been
3195
3239
  // called, whereas null means it's been called with a signed out user
@@ -3200,6 +3244,9 @@ class AuthImpl {
3200
3244
  this.frameworks = [];
3201
3245
  this.name = app.name;
3202
3246
  this.clientVersion = config.sdkClientVersion;
3247
+ // TODO(jamesdaniels) explore less hacky way to do this, cookie authentication needs
3248
+ // persistenceMananger to be available. see _getFinalTarget for more context
3249
+ this._persistenceManagerAvailable = new Promise(resolve => (this._resolvePersistenceManagerAvailable = resolve));
3203
3250
  }
3204
3251
  _initializeWithPersistence(persistenceHierarchy, popupRedirectResolver) {
3205
3252
  if (popupRedirectResolver) {
@@ -3208,17 +3255,18 @@ class AuthImpl {
3208
3255
  // Have to check for app deletion throughout initialization (after each
3209
3256
  // promise resolution)
3210
3257
  this._initializationPromise = this.queue(async () => {
3211
- var _a, _b;
3258
+ var _a, _b, _c;
3212
3259
  if (this._deleted) {
3213
3260
  return;
3214
3261
  }
3215
3262
  this.persistenceManager = await PersistenceUserManager.create(this, persistenceHierarchy);
3263
+ (_a = this._resolvePersistenceManagerAvailable) === null || _a === void 0 ? void 0 : _a.call(this);
3216
3264
  if (this._deleted) {
3217
3265
  return;
3218
3266
  }
3219
3267
  // Initialize the resolver early if necessary (only applicable to web:
3220
3268
  // this will cause the iframe to load immediately in certain cases)
3221
- if ((_a = this._popupRedirectResolver) === null || _a === void 0 ? void 0 : _a._shouldInitProactively) {
3269
+ if ((_b = this._popupRedirectResolver) === null || _b === void 0 ? void 0 : _b._shouldInitProactively) {
3222
3270
  // If this fails, don't halt auth loading
3223
3271
  try {
3224
3272
  await this._popupRedirectResolver._initialize(this);
@@ -3228,7 +3276,7 @@ class AuthImpl {
3228
3276
  }
3229
3277
  }
3230
3278
  await this.initializeCurrentUser(popupRedirectResolver);
3231
- this.lastNotifiedUid = ((_b = this.currentUser) === null || _b === void 0 ? void 0 : _b.uid) || null;
3279
+ this.lastNotifiedUid = ((_c = this.currentUser) === null || _c === void 0 ? void 0 : _c.uid) || null;
3232
3280
  if (this._deleted) {
3233
3281
  return;
3234
3282
  }
@@ -3482,9 +3530,12 @@ class AuthImpl {
3482
3530
  this._tenantPasswordPolicies[this.tenantId] = passwordPolicy;
3483
3531
  }
3484
3532
  }
3485
- _getPersistence() {
3533
+ _getPersistenceType() {
3486
3534
  return this.assertedPersistence.persistence.type;
3487
3535
  }
3536
+ _getPersistence() {
3537
+ return this.assertedPersistence.persistence;
3538
+ }
3488
3539
  _updateErrorMap(errorMap) {
3489
3540
  this._errorFactory = new ErrorFactory('auth', 'Firebase', errorMap());
3490
3541
  }
@@ -7835,7 +7886,7 @@ function multiFactor(user) {
7835
7886
  }
7836
7887
 
7837
7888
  var name = "@firebase/auth";
7838
- var version = "1.9.1";
7889
+ var version = "1.10.0";
7839
7890
 
7840
7891
  /**
7841
7892
  * @license
@@ -9655,4 +9706,4 @@ function generateNoEvent() {
9655
9706
  }
9656
9707
 
9657
9708
  export { signInWithEmailAndPassword as $, ActionCodeOperation as A, PhoneAuthCredential as B, inMemoryPersistence as C, EmailAuthProvider as D, EmailAuthCredential as E, FactorId as F, FacebookAuthProvider as G, GoogleAuthProvider as H, GithubAuthProvider as I, OAuthProvider as J, SAMLAuthProvider as K, signInAnonymously as L, signInWithCredential as M, linkWithCredential as N, OperationType as O, ProviderId as P, reauthenticateWithCredential as Q, signInWithCustomToken as R, SignInMethod as S, TwitterAuthProvider as T, sendPasswordResetEmail as U, confirmPasswordReset as V, applyActionCode as W, checkActionCode as X, verifyPasswordResetCode as Y, createUserWithEmailAndPassword as Z, _signInWithRedirect as _, _reauthenticateWithRedirect as a, debugFail as a$, sendSignInLinkToEmail as a0, isSignInWithEmailLink as a1, signInWithEmailLink as a2, fetchSignInMethodsForEmail as a3, sendEmailVerification as a4, verifyBeforeUpdateEmail as a5, ActionCodeURL as a6, parseActionCodeURL as a7, updateProfile as a8, updateEmail as a9, FAKE_TOKEN as aA, startEnrollPhoneMfa as aB, handleRecaptchaFlow as aC, sendPhoneVerificationCode as aD, _link$1 as aE, _assertInstanceOf as aF, _withDefaultResolver as aG, AbstractPopupRedirectOperation as aH, debugAssert as aI, _generateEventId as aJ, FederatedAuthProvider as aK, _getProjectConfig as aL, _fail as aM, _getCurrentUrl as aN, _gapiScriptUrl as aO, _emulatorUrl as aP, _isChromeIOS as aQ, _isFirefox as aR, _isIOSStandalone as aS, _getRedirectResult as aT, _overrideRedirectResult as aU, _getRedirectUrl as aV, _setWindowLocation as aW, _isMobileBrowser as aX, _isSafari as aY, _isIOS as aZ, AuthEventManager as a_, updatePassword as aa, getIdToken as ab, getIdTokenResult as ac, unlink as ad, getAdditionalUserInfo as ae, reload as af, getMultiFactorResolver as ag, multiFactor as ah, _performApiRequest as ai, _addTidIfNecessary as aj, Delay as ak, _window as al, _assert as am, isV2 as an, _createError as ao, _recaptchaV2ScriptUrl as ap, _loadJS as aq, MockReCaptcha as ar, _generateCallbackName as as, _castAuth as at, _isHttpOrHttps as au, _isWorker as av, getRecaptchaParams as aw, _serverAppCurrentUserOperationNotSupportedError as ax, _assertLinkedStatus as ay, _initializeRecaptchaConfig as az, _linkWithRedirect as b, finalizeEnrollPhoneMfa as b0, startEnrollTotpMfa as b1, finalizeEnrollTotpMfa as b2, _setExternalJSProvider as b3, _persistenceKeyName as b4, UserImpl as b5, _getInstance as b6, AuthImpl as b7, _getClientVersion as b8, FetchProvider as b9, SAMLAuthCredential as ba, signInWithRedirect as bb, linkWithRedirect as bc, reauthenticateWithRedirect as bd, indexedDBLocalPersistence as c, cordovaPopupRedirectResolver as d, browserLocalPersistence as e, browserSessionPersistence as f, getRedirectResult as g, initializeRecaptchaConfig as h, initializeAuth as i, beforeAuthStateChanged as j, onAuthStateChanged as k, updateCurrentUser as l, signOut as m, revokeAccessToken as n, onIdTokenChanged as o, deleteUser as p, debugErrorMap as q, registerAuth as r, setPersistence as s, prodErrorMap as t, useDeviceLanguage as u, validatePassword as v, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as w, connectAuthEmulator as x, AuthCredential as y, OAuthCredential as z };
9658
- //# sourceMappingURL=popup_redirect-e795474a.js.map
9709
+ //# sourceMappingURL=popup_redirect-5323ec00.js.map