@prmichaelsen/firebase-admin-sdk-v8 2.4.2 → 2.5.1

package/dist/index.d.ts

@@ -183,6 +183,81 @@ interface BatchWriteResult {
         updateTime: string;
     }>;
 }
+/**
+ * Firebase user record
+ */
+interface UserRecord {
+    /** User's unique ID */
+    uid: string;
+    /** User's email address */
+    email?: string;
+    /** Whether the email is verified */
+    emailVerified: boolean;
+    /** User's display name */
+    displayName?: string;
+    /** User's photo URL */
+    photoURL?: string;
+    /** User's phone number */
+    phoneNumber?: string;
+    /** Whether the user is disabled */
+    disabled: boolean;
+    /** User metadata (creation and last sign-in times) */
+    metadata: {
+        creationTime: string;
+        lastSignInTime: string;
+    };
+    /** Provider-specific user information */
+    providerData: UserInfo[];
+    /** Custom claims set on the user */
+    customClaims?: Record<string, any>;
+}
+/**
+ * Request to create a new user
+ */
+interface CreateUserRequest {
+    /** User's email address */
+    email?: string;
+    /** Whether the email should be marked as verified */
+    emailVerified?: boolean;
+    /** User's phone number */
+    phoneNumber?: string;
+    /** User's password */
+    password?: string;
+    /** User's display name */
+    displayName?: string;
+    /** User's photo URL */
+    photoURL?: string;
+    /** Whether the user should be disabled */
+    disabled?: boolean;
+}
+/**
+ * Request to update an existing user
+ */
+interface UpdateUserRequest {
+    /** User's email address */
+    email?: string;
+    /** Whether the email should be marked as verified */
+    emailVerified?: boolean;
+    /** User's phone number */
+    phoneNumber?: string;
+    /** User's password */
+    password?: string;
+    /** User's display name */
+    displayName?: string;
+    /** User's photo URL */
+    photoURL?: string;
+    /** Whether the user should be disabled */
+    disabled?: boolean;
+}
+/**
+ * Result of listing users
+ */
+interface ListUsersResult {
+    /** Array of user records */
+    users: UserRecord[];
+    /** Token for fetching the next page (if available) */
+    pageToken?: string;
+}
 
 /**
  * Firebase Admin SDK v8 - Configuration
@@ -395,6 +470,55 @@ declare function verifySessionCookie(sessionCookie: string, checkRevoked?: boole
  */
 declare function getAuth(): any;
 
+/**
+ * Firebase User Management APIs
+ * Provides user management operations using Firebase Identity Toolkit REST API
+ */
+
+/**
+ * Look up a Firebase user by email address
+ * @param email - User's email address
+ * @returns User record or null if not found
+ */
+declare function getUserByEmail(email: string): Promise<UserRecord | null>;
+/**
+ * Look up a Firebase user by UID
+ * @param uid - User's unique ID
+ * @returns User record or null if not found
+ */
+declare function getUserByUid(uid: string): Promise<UserRecord | null>;
+/**
+ * Create a new Firebase user
+ * @param properties - User properties (email, password, displayName, etc.)
+ * @returns Created user record
+ */
+declare function createUser(properties: CreateUserRequest): Promise<UserRecord>;
+/**
+ * Update an existing Firebase user
+ * @param uid - User's unique ID
+ * @param properties - Properties to update (email, password, displayName, etc.)
+ * @returns Updated user record
+ */
+declare function updateUser(uid: string, properties: UpdateUserRequest): Promise<UserRecord>;
+/**
+ * Delete a Firebase user
+ * @param uid - User's unique ID
+ */
+declare function deleteUser(uid: string): Promise<void>;
+/**
+ * List all users with pagination
+ * @param maxResults - Maximum number of users to return (default: 1000, max: 1000)
+ * @param pageToken - Token for next page
+ * @returns List of users and next page token
+ */
+declare function listUsers(maxResults?: number, pageToken?: string): Promise<ListUsersResult>;
+/**
+ * Set custom claims on a user's ID token
+ * @param uid - User's unique ID
+ * @param customClaims - Custom claims object (max 1000 bytes when serialized)
+ */
+declare function setCustomUserClaims(uid: string, customClaims: Record<string, any> | null): Promise<void>;
+
 /**
  * Firebase Admin SDK v8 - Firestore CRUD Operations
  * All Firestore document operations using REST API
@@ -979,4 +1103,4 @@ declare function getAdminAccessToken(): Promise<string>;
  */
 declare function clearTokenCache(): void;
 
-export { type BatchWrite, type BatchWriteResult, type CustomClaims, type CustomTokenSignInResponse, type DataObject, type DecodedIdToken, type DocumentReference, type DownloadOptions, FieldValue, type FieldValue$1 as FieldValueSentinel, FieldValueType, type FileMetadata, type FirestoreDocument, type FirestoreValue, type ListFilesResult, type ListOptions, type QueryFilter, type QueryOptions, type QueryOrder, type ResumableUploadOptions, type ServiceAccount, type SessionCookieOptions, type SetOptions, type SignedUrlOptions, type TokenResponse, type UpdateOptions, type UploadOptions, type UserInfo, type WhereFilterOp, addDocument, batchWrite, clearConfig, clearTokenCache, countDocuments, createCustomToken, createSessionCookie, deleteDocument, deleteFile, downloadFile, fileExists, generateSignedUrl, getAdminAccessToken, getAuth, getConfig, getDocument, getFileMetadata, getProjectId, getServiceAccount, getUserFromToken, initializeApp, iterateCollection, listDocuments, listFiles, queryDocuments, setDocument, signInWithCustomToken, updateDocument, uploadFile, uploadFileResumable, verifyIdToken, verifySessionCookie };
+export { type BatchWrite, type BatchWriteResult, type CreateUserRequest, type CustomClaims, type CustomTokenSignInResponse, type DataObject, type DecodedIdToken, type DocumentReference, type DownloadOptions, FieldValue, type FieldValue$1 as FieldValueSentinel, FieldValueType, type FileMetadata, type FirestoreDocument, type FirestoreValue, type ListFilesResult, type ListOptions, type ListUsersResult, type QueryFilter, type QueryOptions, type QueryOrder, type ResumableUploadOptions, type ServiceAccount, type SessionCookieOptions, type SetOptions, type SignedUrlOptions, type TokenResponse, type UpdateOptions, type UpdateUserRequest, type UploadOptions, type UserInfo, type UserRecord, type WhereFilterOp, addDocument, batchWrite, clearConfig, clearTokenCache, countDocuments, createCustomToken, createSessionCookie, createUser, deleteDocument, deleteFile, deleteUser, downloadFile, fileExists, generateSignedUrl, getAdminAccessToken, getAuth, getConfig, getDocument, getFileMetadata, getProjectId, getServiceAccount, getUserByEmail, getUserByUid, getUserFromToken, initializeApp, iterateCollection, listDocuments, listFiles, listUsers, queryDocuments, setCustomUserClaims, setDocument, signInWithCustomToken, updateDocument, updateUser, uploadFile, uploadFileResumable, verifyIdToken, verifySessionCookie };

package/dist/index.js

@@ -208,8 +208,10 @@ __export(index_exports, {
   countDocuments: () => countDocuments,
   createCustomToken: () => createCustomToken,
   createSessionCookie: () => createSessionCookie,
+  createUser: () => createUser,
   deleteDocument: () => deleteDocument,
   deleteFile: () => deleteFile,
+  deleteUser: () => deleteUser,
   downloadFile: () => downloadFile,
   fileExists: () => fileExists,
   generateSignedUrl: () => generateSignedUrl,
@@ -220,15 +222,20 @@ __export(index_exports, {
   getFileMetadata: () => getFileMetadata,
   getProjectId: () => getProjectId,
   getServiceAccount: () => getServiceAccount,
+  getUserByEmail: () => getUserByEmail,
+  getUserByUid: () => getUserByUid,
   getUserFromToken: () => getUserFromToken,
   initializeApp: () => initializeApp,
   iterateCollection: () => iterateCollection,
   listDocuments: () => listDocuments,
   listFiles: () => listFiles,
+  listUsers: () => listUsers,
   queryDocuments: () => queryDocuments,
+  setCustomUserClaims: () => setCustomUserClaims,
   setDocument: () => setDocument,
   signInWithCustomToken: () => signInWithCustomToken,
   updateDocument: () => updateDocument,
+  updateUser: () => updateUser,
   uploadFile: () => uploadFile,
   uploadFileResumable: () => uploadFileResumable,
   verifyIdToken: () => verifyIdToken,
@@ -716,6 +723,233 @@ function getAuth() {
   };
 }
 
+// src/user-management.ts
+init_token_generation();
+init_service_account();
+var IDENTITY_TOOLKIT_API = "https://identitytoolkit.googleapis.com/v1";
+function convertToUserRecord(user) {
+  return {
+    uid: user.localId,
+    email: user.email || void 0,
+    emailVerified: user.emailVerified || false,
+    displayName: user.displayName || void 0,
+    photoURL: user.photoUrl || void 0,
+    phoneNumber: user.phoneNumber || void 0,
+    disabled: user.disabled || false,
+    metadata: {
+      creationTime: user.createdAt ? new Date(parseInt(user.createdAt)).toISOString() : (/* @__PURE__ */ new Date()).toISOString(),
+      lastSignInTime: user.lastLoginAt ? new Date(parseInt(user.lastLoginAt)).toISOString() : (/* @__PURE__ */ new Date()).toISOString()
+    },
+    providerData: user.providerUserInfo || [],
+    customClaims: user.customAttributes ? JSON.parse(user.customAttributes) : void 0
+  };
+}
+async function getUserByEmail(email) {
+  if (!email || typeof email !== "string") {
+    throw new Error("email must be a non-empty string");
+  }
+  const projectId = getProjectId();
+  const accessToken = await getAdminAccessToken();
+  const response = await fetch(
+    `${IDENTITY_TOOLKIT_API}/projects/${projectId}/accounts:lookup`,
+    {
+      method: "POST",
+      headers: {
+        "Authorization": `Bearer ${accessToken}`,
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify({ email: [email] })
+    }
+  );
+  if (!response.ok) {
+    const errorText = await response.text();
+    throw new Error(`Failed to get user by email: ${response.status} ${errorText}`);
+  }
+  const data = await response.json();
+  if (!data.users || data.users.length === 0) {
+    return null;
+  }
+  return convertToUserRecord(data.users[0]);
+}
+async function getUserByUid(uid) {
+  if (!uid || typeof uid !== "string") {
+    throw new Error("uid must be a non-empty string");
+  }
+  const projectId = getProjectId();
+  const accessToken = await getAdminAccessToken();
+  const response = await fetch(
+    `${IDENTITY_TOOLKIT_API}/projects/${projectId}/accounts:lookup`,
+    {
+      method: "POST",
+      headers: {
+        "Authorization": `Bearer ${accessToken}`,
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify({ localId: [uid] })
+    }
+  );
+  if (!response.ok) {
+    const errorText = await response.text();
+    throw new Error(`Failed to get user by UID: ${response.status} ${errorText}`);
+  }
+  const data = await response.json();
+  if (!data.users || data.users.length === 0) {
+    return null;
+  }
+  return convertToUserRecord(data.users[0]);
+}
+async function createUser(properties) {
+  if (!properties || typeof properties !== "object") {
+    throw new Error("properties must be an object");
+  }
+  const projectId = getProjectId();
+  const accessToken = await getAdminAccessToken();
+  const requestBody = {};
+  if (properties.email) requestBody.email = properties.email;
+  if (properties.password) requestBody.password = properties.password;
+  if (properties.displayName) requestBody.displayName = properties.displayName;
+  if (properties.photoURL) requestBody.photoUrl = properties.photoURL;
+  if (properties.phoneNumber) requestBody.phoneNumber = properties.phoneNumber;
+  if (typeof properties.emailVerified === "boolean") requestBody.emailVerified = properties.emailVerified;
+  if (typeof properties.disabled === "boolean") requestBody.disabled = properties.disabled;
+  const response = await fetch(
+    `${IDENTITY_TOOLKIT_API}/projects/${projectId}/accounts`,
+    {
+      method: "POST",
+      headers: {
+        "Authorization": `Bearer ${accessToken}`,
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify(requestBody)
+    }
+  );
+  if (!response.ok) {
+    const errorText = await response.text();
+    throw new Error(`Failed to create user: ${response.status} ${errorText}`);
+  }
+  const data = await response.json();
+  return getUserByUid(data.localId);
+}
+async function updateUser(uid, properties) {
+  if (!uid || typeof uid !== "string") {
+    throw new Error("uid must be a non-empty string");
+  }
+  if (!properties || typeof properties !== "object") {
+    throw new Error("properties must be an object");
+  }
+  const projectId = getProjectId();
+  const accessToken = await getAdminAccessToken();
+  const requestBody = { localId: uid };
+  if (properties.email) requestBody.email = properties.email;
+  if (properties.password) requestBody.password = properties.password;
+  if (properties.displayName !== void 0) requestBody.displayName = properties.displayName;
+  if (properties.photoURL !== void 0) requestBody.photoUrl = properties.photoURL;
+  if (properties.phoneNumber !== void 0) requestBody.phoneNumber = properties.phoneNumber;
+  if (typeof properties.emailVerified === "boolean") requestBody.emailVerified = properties.emailVerified;
+  if (typeof properties.disabled === "boolean") requestBody.disableUser = properties.disabled;
+  const response = await fetch(
+    `${IDENTITY_TOOLKIT_API}/projects/${projectId}/accounts:update`,
+    {
+      method: "POST",
+      headers: {
+        "Authorization": `Bearer ${accessToken}`,
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify(requestBody)
+    }
+  );
+  if (!response.ok) {
+    const errorText = await response.text();
+    throw new Error(`Failed to update user: ${response.status} ${errorText}`);
+  }
+  return getUserByUid(uid);
+}
+async function deleteUser(uid) {
+  if (!uid || typeof uid !== "string") {
+    throw new Error("uid must be a non-empty string");
+  }
+  const projectId = getProjectId();
+  const accessToken = await getAdminAccessToken();
+  const response = await fetch(
+    `${IDENTITY_TOOLKIT_API}/projects/${projectId}/accounts:delete`,
+    {
+      method: "POST",
+      headers: {
+        "Authorization": `Bearer ${accessToken}`,
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify({ localId: uid })
+    }
+  );
+  if (!response.ok) {
+    const errorText = await response.text();
+    throw new Error(`Failed to delete user: ${response.status} ${errorText}`);
+  }
+}
+async function listUsers(maxResults = 1e3, pageToken) {
+  if (typeof maxResults !== "number" || maxResults < 1 || maxResults > 1e3) {
+    throw new Error("maxResults must be a number between 1 and 1000");
+  }
+  const projectId = getProjectId();
+  const accessToken = await getAdminAccessToken();
+  const params = new URLSearchParams({
+    maxResults: maxResults.toString()
+  });
+  if (pageToken) {
+    params.append("nextPageToken", pageToken);
+  }
+  const response = await fetch(
+    `${IDENTITY_TOOLKIT_API}/projects/${projectId}/accounts:query?${params.toString()}`,
+    {
+      method: "GET",
+      headers: {
+        "Authorization": `Bearer ${accessToken}`
+      }
+    }
+  );
+  if (!response.ok) {
+    const errorText = await response.text();
+    throw new Error(`Failed to list users: ${response.status} ${errorText}`);
+  }
+  const data = await response.json();
+  return {
+    users: (data.users || []).map(convertToUserRecord),
+    pageToken: data.nextPageToken
+  };
+}
+async function setCustomUserClaims(uid, customClaims) {
+  if (!uid || typeof uid !== "string") {
+    throw new Error("uid must be a non-empty string");
+  }
+  if (customClaims !== null) {
+    const serialized = JSON.stringify(customClaims);
+    if (new TextEncoder().encode(serialized).length > 1e3) {
+      throw new Error("customClaims must be less than 1000 bytes when serialized");
+    }
+  }
+  const projectId = getProjectId();
+  const accessToken = await getAdminAccessToken();
+  const requestBody = {
+    localId: uid,
+    customAttributes: customClaims ? JSON.stringify(customClaims) : "{}"
+  };
+  const response = await fetch(
+    `${IDENTITY_TOOLKIT_API}/projects/${projectId}/accounts:update`,
+    {
+      method: "POST",
+      headers: {
+        "Authorization": `Bearer ${accessToken}`,
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify(requestBody)
+    }
+  );
+  if (!response.ok) {
+    const errorText = await response.text();
+    throw new Error(`Failed to set custom claims: ${response.status} ${errorText}`);
+  }
+}
+
 // src/field-value.ts
 function serverTimestamp() {
   return {
@@ -1053,7 +1287,7 @@ async function setDocument(collectionPath, documentId, data, options) {
     const nonTransformFields = Object.keys(cleanData);
     if (nonTransformFields.length > 0) {
       if (options?.merge) {
-        updateWrite.updateMask = { fieldPaths: ["*"] };
+        updateWrite.updateMask = { fieldPaths: nonTransformFields };
       } else if (options?.mergeFields && options.mergeFields.length > 0) {
         updateWrite.updateMask = { fieldPaths: options.mergeFields };
       } else {
@@ -1067,7 +1301,11 @@ async function setDocument(collectionPath, documentId, data, options) {
   const url = `${FIRESTORE_API}/${documentPath}`;
   let queryParams = "";
   if (options?.merge) {
-    queryParams = "?updateMask.fieldPaths=*";
+    const allFields = Object.keys(cleanData);
+    if (allFields.length > 0) {
+      const fieldPaths = allFields.join("&updateMask.fieldPaths=");
+      queryParams = `?updateMask.fieldPaths=${fieldPaths}`;
+    }
   } else if (options?.mergeFields && options.mergeFields.length > 0) {
     const fieldPaths = options.mergeFields.join("&updateMask.fieldPaths=");
     queryParams = `?updateMask.fieldPaths=${fieldPaths}`;
@@ -1273,7 +1511,10 @@ async function batchWrite(operations) {
           }
         };
         if (op.options?.merge) {
-          write.updateMask = { fieldPaths: ["*"] };
+          const nonTransformFields = Object.keys(cleanData);
+          if (nonTransformFields.length > 0) {
+            write.updateMask = { fieldPaths: nonTransformFields };
+          }
         } else if (op.options?.mergeFields) {
           write.updateMask = { fieldPaths: op.options.mergeFields };
         }
@@ -1896,8 +2137,10 @@ init_service_account();
   countDocuments,
   createCustomToken,
   createSessionCookie,
+  createUser,
   deleteDocument,
   deleteFile,
+  deleteUser,
   downloadFile,
   fileExists,
   generateSignedUrl,
@@ -1908,15 +2151,20 @@ init_service_account();
   getFileMetadata,
   getProjectId,
   getServiceAccount,
+  getUserByEmail,
+  getUserByUid,
   getUserFromToken,
   initializeApp,
   iterateCollection,
   listDocuments,
   listFiles,
+  listUsers,
   queryDocuments,
+  setCustomUserClaims,
   setDocument,
   signInWithCustomToken,
   updateDocument,
+  updateUser,
   uploadFile,
   uploadFileResumable,
   verifyIdToken,