firebase-admin 10.3.0 → 11.0.0

package/lib/utils/index.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v10.3.0 */
+/*! firebase-admin v11.0.0 */
 /*!
  * @license
  * Copyright 2017 Google Inc.

package/lib/utils/index.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v10.3.0 */
+/*! firebase-admin v11.0.0 */
 "use strict";
 /*!
  * @license
@@ -18,13 +18,13 @@
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.parseResourceName = exports.transformMillisecondsToSecondsString = exports.generateUpdateMask = exports.formatString = exports.toWebSafeBase64 = exports.findServiceAccountEmail = exports.getExplicitServiceAccountEmail = exports.findProjectId = exports.getExplicitProjectId = exports.addReadonlyGetter = exports.renameProperties = exports.getSdkVersion = void 0;
-var credential_internal_1 = require("../app/credential-internal");
-var validator = require("./validator");
-var sdkVersion;
+const credential_internal_1 = require("../app/credential-internal");
+const validator = require("./validator");
+let sdkVersion;
 // TODO: Move to firebase-admin/app as an internal member.
 function getSdkVersion() {
     if (!sdkVersion) {
-        var version = require('../../package.json').version; // eslint-disable-line @typescript-eslint/no-var-requires
+        const { version } = require('../../package.json'); // eslint-disable-line @typescript-eslint/no-var-requires
         sdkVersion = version;
     }
     return sdkVersion;
@@ -39,9 +39,9 @@ exports.getSdkVersion = getSdkVersion;
  * @param keyMap - The mapping from old to new property names.
  */
 function renameProperties(obj, keyMap) {
-    Object.keys(keyMap).forEach(function (oldKey) {
+    Object.keys(keyMap).forEach((oldKey) => {
         if (oldKey in obj) {
-            var newKey = keyMap[oldKey];
+            const newKey = keyMap[oldKey];
             // The old key's value takes precedence over the new key's value.
             obj[newKey] = obj[oldKey];
             delete obj[oldKey];
@@ -58,7 +58,7 @@ exports.renameProperties = renameProperties;
  */
 function addReadonlyGetter(obj, prop, value) {
     Object.defineProperty(obj, prop, {
-        value: value,
+        value,
         // Make this property read-only.
         writable: false,
         // Include this property during enumeration of obj's properties.
@@ -76,15 +76,15 @@ exports.addReadonlyGetter = addReadonlyGetter;
  * @returns A project ID string or null.
  */
 function getExplicitProjectId(app) {
-    var options = app.options;
+    const options = app.options;
     if (validator.isNonEmptyString(options.projectId)) {
         return options.projectId;
     }
-    var credential = app.options.credential;
+    const credential = app.options.credential;
     if (credential instanceof credential_internal_1.ServiceAccountCredential) {
         return credential.projectId;
     }
-    var projectId = process.env.GOOGLE_CLOUD_PROJECT || process.env.GCLOUD_PROJECT;
+    const projectId = process.env.GOOGLE_CLOUD_PROJECT || process.env.GCLOUD_PROJECT;
     if (validator.isNonEmptyString(projectId)) {
         return projectId;
     }
@@ -103,11 +103,11 @@ exports.getExplicitProjectId = getExplicitProjectId;
  * @returns A project ID string or null.
  */
 function findProjectId(app) {
-    var projectId = getExplicitProjectId(app);
+    const projectId = getExplicitProjectId(app);
     if (projectId) {
         return Promise.resolve(projectId);
     }
-    var credential = app.options.credential;
+    const credential = app.options.credential;
     if (credential instanceof credential_internal_1.ComputeEngineCredential) {
         return credential.getProjectId();
     }
@@ -124,11 +124,11 @@ exports.findProjectId = findProjectId;
  * @returns A service account email string or null.
  */
 function getExplicitServiceAccountEmail(app) {
-    var options = app.options;
+    const options = app.options;
     if (validator.isNonEmptyString(options.serviceAccountId)) {
         return options.serviceAccountId;
     }
-    var credential = app.options.credential;
+    const credential = app.options.credential;
     if (credential instanceof credential_internal_1.ServiceAccountCredential) {
         return credential.clientEmail;
     }
@@ -147,11 +147,11 @@ exports.getExplicitServiceAccountEmail = getExplicitServiceAccountEmail;
  * @returns A service account email ID string or null.
  */
 function findServiceAccountEmail(app) {
-    var accountId = getExplicitServiceAccountEmail(app);
+    const accountId = getExplicitServiceAccountEmail(app);
     if (accountId) {
         return Promise.resolve(accountId);
     }
-    var credential = app.options.credential;
+    const credential = app.options.credential;
     if (credential instanceof credential_internal_1.ComputeEngineCredential) {
         return credential.getServiceAccountEmail();
     }
@@ -180,8 +180,8 @@ exports.toWebSafeBase64 = toWebSafeBase64;
  * @returns The resulting formatted string.
  */
 function formatString(str, params) {
-    var formatted = str;
-    Object.keys(params || {}).forEach(function (key) {
+    let formatted = str;
+    Object.keys(params || {}).forEach((key) => {
         formatted = formatted.replace(new RegExp('{' + key + '}', 'g'), params[key]);
     });
     return formatted;
@@ -198,16 +198,14 @@ exports.formatString = formatString;
  * @param root - The path so far.
  * @returns The computed update mask list.
  */
-function generateUpdateMask(obj, terminalPaths, root) {
-    if (terminalPaths === void 0) { terminalPaths = []; }
-    if (root === void 0) { root = ''; }
-    var updateMask = [];
+function generateUpdateMask(obj, terminalPaths = [], root = '') {
+    const updateMask = [];
     if (!validator.isNonNullObject(obj)) {
         return updateMask;
     }
-    var _loop_1 = function (key) {
+    for (const key in obj) {
         if (typeof obj[key] !== 'undefined') {
-            var nextPath = root ? root + "." + key : key;
+            const nextPath = root ? `${root}.${key}` : key;
             // We hit maximum path.
             // Consider switching to Set<string> if the list grows too large.
             if (terminalPaths.indexOf(nextPath) !== -1) {
@@ -215,10 +213,10 @@ function generateUpdateMask(obj, terminalPaths, root) {
                 updateMask.push(key);
             }
             else {
-                var maskList = generateUpdateMask(obj[key], terminalPaths, nextPath);
+                const maskList = generateUpdateMask(obj[key], terminalPaths, nextPath);
                 if (maskList.length > 0) {
-                    maskList.forEach(function (mask) {
-                        updateMask.push(key + "." + mask);
+                    maskList.forEach((mask) => {
+                        updateMask.push(`${key}.${mask}`);
                     });
                 }
                 else {
@@ -226,9 +224,6 @@ function generateUpdateMask(obj, terminalPaths, root) {
                 }
             }
         }
-    };
-    for (var key in obj) {
-        _loop_1(key);
     }
     return updateMask;
 }
@@ -244,18 +239,18 @@ exports.generateUpdateMask = generateUpdateMask;
  * digits, terminated by 's'.
  */
 function transformMillisecondsToSecondsString(milliseconds) {
-    var duration;
-    var seconds = Math.floor(milliseconds / 1000);
-    var nanos = Math.floor((milliseconds - seconds * 1000) * 1000000);
+    let duration;
+    const seconds = Math.floor(milliseconds / 1000);
+    const nanos = Math.floor((milliseconds - seconds * 1000) * 1000000);
     if (nanos > 0) {
-        var nanoString = nanos.toString();
+        let nanoString = nanos.toString();
         while (nanoString.length < 9) {
             nanoString = '0' + nanoString;
         }
-        duration = seconds + "." + nanoString + "s";
+        duration = `${seconds}.${nanoString}s`;
     }
     else {
-        duration = seconds + "s";
+        duration = `${seconds}s`;
     }
     return duration;
 }
@@ -275,14 +270,14 @@ function parseResourceName(resourceName, resourceIdKey) {
     if (!resourceName.includes('/')) {
         return { resourceId: resourceName };
     }
-    var CHANNEL_NAME_REGEX = new RegExp("^(projects/([^/]+)/)?locations/([^/]+)/" + resourceIdKey + "/([^/]+)$");
-    var match = CHANNEL_NAME_REGEX.exec(resourceName);
+    const CHANNEL_NAME_REGEX = new RegExp(`^(projects/([^/]+)/)?locations/([^/]+)/${resourceIdKey}/([^/]+)$`);
+    const match = CHANNEL_NAME_REGEX.exec(resourceName);
     if (match === null) {
         throw new Error('Invalid resource name format.');
     }
-    var projectId = match[2];
-    var locationId = match[3];
-    var resourceId = match[4];
-    return { projectId: projectId, locationId: locationId, resourceId: resourceId };
+    const projectId = match[2];
+    const locationId = match[3];
+    const resourceId = match[4];
+    return { projectId, locationId, resourceId };
 }
 exports.parseResourceName = parseResourceName;

package/lib/utils/jwt.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v10.3.0 */
+/*! firebase-admin v11.0.0 */
 /*!
  * Copyright 2021 Google Inc.
  *

package/lib/utils/jwt.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v10.3.0 */
+/*! firebase-admin v11.0.0 */
 "use strict";
 /*!
  * Copyright 2021 Google Inc.
@@ -15,79 +15,64 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-var __extends = (this && this.__extends) || (function () {
-    var extendStatics = function (d, b) {
-        extendStatics = Object.setPrototypeOf ||
-            ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
-            function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; };
-        return extendStatics(d, b);
-    };
-    return function (d, b) {
-        extendStatics(d, b);
-        function __() { this.constructor = d; }
-        d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
-    };
-})();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.JwtErrorCode = exports.JwtError = exports.decodeJwt = exports.verifyJwtSignature = exports.EmulatorSignatureVerifier = exports.PublicKeySignatureVerifier = exports.UrlKeyFetcher = exports.JwksFetcher = exports.ALGORITHM_RS256 = void 0;
-var validator = require("./validator");
-var jwt = require("jsonwebtoken");
-var jwks = require("jwks-rsa");
-var api_request_1 = require("../utils/api-request");
+const validator = require("./validator");
+const jwt = require("jsonwebtoken");
+const jwks = require("jwks-rsa");
+const api_request_1 = require("../utils/api-request");
 exports.ALGORITHM_RS256 = 'RS256';
 // `jsonwebtoken` converts errors from the `getKey` callback to its own `JsonWebTokenError` type
 // and prefixes the error message with the following. Use the prefix to identify errors thrown
 // from the key provider callback.
 // https://github.com/auth0/node-jsonwebtoken/blob/d71e383862fc735991fd2e759181480f066bf138/verify.js#L96
-var JWT_CALLBACK_ERROR_PREFIX = 'error in secret or public key callback: ';
-var NO_MATCHING_KID_ERROR_MESSAGE = 'no-matching-kid-error';
-var NO_KID_IN_HEADER_ERROR_MESSAGE = 'no-kid-in-header-error';
-var HOUR_IN_SECONDS = 3600;
-var JwksFetcher = /** @class */ (function () {
-    function JwksFetcher(jwksUrl) {
+const JWT_CALLBACK_ERROR_PREFIX = 'error in secret or public key callback: ';
+const NO_MATCHING_KID_ERROR_MESSAGE = 'no-matching-kid-error';
+const NO_KID_IN_HEADER_ERROR_MESSAGE = 'no-kid-in-header-error';
+const HOUR_IN_SECONDS = 3600;
+class JwksFetcher {
+    constructor(jwksUrl) {
         this.publicKeysExpireAt = 0;
         if (!validator.isURL(jwksUrl)) {
             throw new Error('The provided JWKS URL is not a valid URL.');
         }
         this.client = jwks({
             jwksUri: jwksUrl,
-            cache: false,
+            cache: false, // disable jwks-rsa LRU cache as the keys are always cached for 6 hours.
         });
     }
-    JwksFetcher.prototype.fetchPublicKeys = function () {
+    fetchPublicKeys() {
         if (this.shouldRefresh()) {
             return this.refresh();
         }
         return Promise.resolve(this.publicKeys);
-    };
-    JwksFetcher.prototype.shouldRefresh = function () {
+    }
+    shouldRefresh() {
         return !this.publicKeys || this.publicKeysExpireAt <= Date.now();
-    };
-    JwksFetcher.prototype.refresh = function () {
-        var _this = this;
+    }
+    refresh() {
         return this.client.getSigningKeys()
-            .then(function (signingKeys) {
+            .then((signingKeys) => {
             // reset expire at from previous set of keys.
-            _this.publicKeysExpireAt = 0;
-            var newKeys = signingKeys.reduce(function (map, signingKey) {
+            this.publicKeysExpireAt = 0;
+            const newKeys = signingKeys.reduce((map, signingKey) => {
                 map[signingKey.kid] = signingKey.getPublicKey();
                 return map;
             }, {});
-            _this.publicKeysExpireAt = Date.now() + (HOUR_IN_SECONDS * 6 * 1000);
-            _this.publicKeys = newKeys;
+            this.publicKeysExpireAt = Date.now() + (HOUR_IN_SECONDS * 6 * 1000);
+            this.publicKeys = newKeys;
             return newKeys;
-        }).catch(function (err) {
-            throw new Error("Error fetching Json Web Keys: " + err.message);
+        }).catch((err) => {
+            throw new Error(`Error fetching Json Web Keys: ${err.message}`);
         });
-    };
-    return JwksFetcher;
-}());
+    }
+}
 exports.JwksFetcher = JwksFetcher;
 /**
  * Class to fetch public keys from a client certificates URL.
  */
-var UrlKeyFetcher = /** @class */ (function () {
-    function UrlKeyFetcher(clientCertUrl, httpAgent) {
+class UrlKeyFetcher {
+    constructor(clientCertUrl, httpAgent) {
         this.clientCertUrl = clientCertUrl;
         this.httpAgent = httpAgent;
         this.publicKeysExpireAt = 0;
@@ -100,111 +85,107 @@ var UrlKeyFetcher = /** @class */ (function () {
      *
      * @returns A promise fulfilled with public keys for the Google certs.
      */
-    UrlKeyFetcher.prototype.fetchPublicKeys = function () {
+    fetchPublicKeys() {
         if (this.shouldRefresh()) {
             return this.refresh();
         }
         return Promise.resolve(this.publicKeys);
-    };
+    }
     /**
      * Checks if the cached public keys need to be refreshed.
      *
      * @returns Whether the keys should be fetched from the client certs url or not.
      */
-    UrlKeyFetcher.prototype.shouldRefresh = function () {
+    shouldRefresh() {
         return !this.publicKeys || this.publicKeysExpireAt <= Date.now();
-    };
-    UrlKeyFetcher.prototype.refresh = function () {
-        var _this = this;
-        var client = new api_request_1.HttpClient();
-        var request = {
+    }
+    refresh() {
+        const client = new api_request_1.HttpClient();
+        const request = {
             method: 'GET',
             url: this.clientCertUrl,
             httpAgent: this.httpAgent,
         };
-        return client.send(request).then(function (resp) {
+        return client.send(request).then((resp) => {
             if (!resp.isJson() || resp.data.error) {
                 // Treat all non-json messages and messages with an 'error' field as
                 // error responses.
                 throw new api_request_1.HttpError(resp);
             }
             // reset expire at from previous set of keys.
-            _this.publicKeysExpireAt = 0;
+            this.publicKeysExpireAt = 0;
             if (Object.prototype.hasOwnProperty.call(resp.headers, 'cache-control')) {
-                var cacheControlHeader = resp.headers['cache-control'];
-                var parts = cacheControlHeader.split(',');
-                parts.forEach(function (part) {
-                    var subParts = part.trim().split('=');
+                const cacheControlHeader = resp.headers['cache-control'];
+                const parts = cacheControlHeader.split(',');
+                parts.forEach((part) => {
+                    const subParts = part.trim().split('=');
                     if (subParts[0] === 'max-age') {
-                        var maxAge = +subParts[1];
-                        _this.publicKeysExpireAt = Date.now() + (maxAge * 1000);
+                        const maxAge = +subParts[1];
+                        this.publicKeysExpireAt = Date.now() + (maxAge * 1000);
                     }
                 });
             }
-            _this.publicKeys = resp.data;
+            this.publicKeys = resp.data;
             return resp.data;
-        }).catch(function (err) {
+        }).catch((err) => {
             if (err instanceof api_request_1.HttpError) {
-                var errorMessage = 'Error fetching public keys for Google certs: ';
-                var resp = err.response;
+                let errorMessage = 'Error fetching public keys for Google certs: ';
+                const resp = err.response;
                 if (resp.isJson() && resp.data.error) {
-                    errorMessage += "" + resp.data.error;
+                    errorMessage += `${resp.data.error}`;
                     if (resp.data.error_description) {
                         errorMessage += ' (' + resp.data.error_description + ')';
                     }
                 }
                 else {
-                    errorMessage += "" + resp.text;
+                    errorMessage += `${resp.text}`;
                 }
                 throw new Error(errorMessage);
             }
             throw err;
         });
-    };
-    return UrlKeyFetcher;
-}());
+    }
+}
 exports.UrlKeyFetcher = UrlKeyFetcher;
 /**
  * Class for verifying JWT signature with a public key.
  */
-var PublicKeySignatureVerifier = /** @class */ (function () {
-    function PublicKeySignatureVerifier(keyFetcher) {
+class PublicKeySignatureVerifier {
+    constructor(keyFetcher) {
         this.keyFetcher = keyFetcher;
         if (!validator.isNonNullObject(keyFetcher)) {
             throw new Error('The provided key fetcher is not an object or null.');
         }
     }
-    PublicKeySignatureVerifier.withCertificateUrl = function (clientCertUrl, httpAgent) {
+    static withCertificateUrl(clientCertUrl, httpAgent) {
         return new PublicKeySignatureVerifier(new UrlKeyFetcher(clientCertUrl, httpAgent));
-    };
-    PublicKeySignatureVerifier.withJwksUrl = function (jwksUrl) {
+    }
+    static withJwksUrl(jwksUrl) {
         return new PublicKeySignatureVerifier(new JwksFetcher(jwksUrl));
-    };
-    PublicKeySignatureVerifier.prototype.verify = function (token) {
-        var _this = this;
+    }
+    verify(token) {
         if (!validator.isString(token)) {
             return Promise.reject(new JwtError(JwtErrorCode.INVALID_ARGUMENT, 'The provided token must be a string.'));
         }
         return verifyJwtSignature(token, getKeyCallback(this.keyFetcher), { algorithms: [exports.ALGORITHM_RS256] })
-            .catch(function (error) {
+            .catch((error) => {
             if (error.code === JwtErrorCode.NO_KID_IN_HEADER) {
                 // No kid in JWT header. Try with all the public keys.
-                return _this.verifyWithoutKid(token);
+                return this.verifyWithoutKid(token);
             }
             throw error;
         });
-    };
-    PublicKeySignatureVerifier.prototype.verifyWithoutKid = function (token) {
-        var _this = this;
+    }
+    verifyWithoutKid(token) {
         return this.keyFetcher.fetchPublicKeys()
-            .then(function (publicKeys) { return _this.verifyWithAllKeys(token, publicKeys); });
-    };
-    PublicKeySignatureVerifier.prototype.verifyWithAllKeys = function (token, keys) {
-        var promises = [];
-        Object.values(keys).forEach(function (key) {
-            var result = verifyJwtSignature(token, key)
-                .then(function () { return true; })
-                .catch(function (error) {
+            .then(publicKeys => this.verifyWithAllKeys(token, publicKeys));
+    }
+    verifyWithAllKeys(token, keys) {
+        const promises = [];
+        Object.values(keys).forEach((key) => {
+            const result = verifyJwtSignature(token, key)
+                .then(() => true)
+                .catch((error) => {
                 if (error.code === JwtErrorCode.TOKEN_EXPIRED) {
                     throw error;
                 }
@@ -213,27 +194,23 @@ var PublicKeySignatureVerifier = /** @class */ (function () {
             promises.push(result);
         });
         return Promise.all(promises)
-            .then(function (result) {
-            if (result.every(function (r) { return r === false; })) {
+            .then((result) => {
+            if (result.every((r) => r === false)) {
                 throw new JwtError(JwtErrorCode.INVALID_SIGNATURE, 'Invalid token signature.');
             }
         });
-    };
-    return PublicKeySignatureVerifier;
-}());
+    }
+}
 exports.PublicKeySignatureVerifier = PublicKeySignatureVerifier;
 /**
  * Class for verifying unsigned (emulator) JWTs.
  */
-var EmulatorSignatureVerifier = /** @class */ (function () {
-    function EmulatorSignatureVerifier() {
-    }
-    EmulatorSignatureVerifier.prototype.verify = function (token) {
+class EmulatorSignatureVerifier {
+    verify(token) {
         // Signature checks skipped for emulator; no need to fetch public keys.
         return verifyJwtSignature(token, '');
-    };
-    return EmulatorSignatureVerifier;
-}());
+    }
+}
 exports.EmulatorSignatureVerifier = EmulatorSignatureVerifier;
 /**
  * Provides a callback to fetch public keys.
@@ -242,12 +219,12 @@ exports.EmulatorSignatureVerifier = EmulatorSignatureVerifier;
  * @returns A callback function that can be used to get keys in `jsonwebtoken`.
  */
 function getKeyCallback(fetcher) {
-    return function (header, callback) {
+    return (header, callback) => {
         if (!header.kid) {
             callback(new Error(NO_KID_IN_HEADER_ERROR_MESSAGE));
         }
-        var kid = header.kid || '';
-        fetcher.fetchPublicKeys().then(function (publicKeys) {
+        const kid = header.kid || '';
+        fetcher.fetchPublicKeys().then((publicKeys) => {
             if (!Object.prototype.hasOwnProperty.call(publicKeys, kid)) {
                 callback(new Error(NO_MATCHING_KID_ERROR_MESSAGE));
             }
@@ -255,7 +232,7 @@ function getKeyCallback(fetcher) {
                 callback(null, publicKeys[kid]);
             }
         })
-            .catch(function (error) {
+            .catch(error => {
             callback(error);
         });
     };
@@ -273,8 +250,8 @@ function verifyJwtSignature(token, secretOrPublicKey, options) {
     if (!validator.isString(token)) {
         return Promise.reject(new JwtError(JwtErrorCode.INVALID_ARGUMENT, 'The provided token must be a string.'));
     }
-    return new Promise(function (resolve, reject) {
-        jwt.verify(token, secretOrPublicKey, options, function (error) {
+    return new Promise((resolve, reject) => {
+        jwt.verify(token, secretOrPublicKey, options, (error) => {
             if (!error) {
                 return resolve();
             }
@@ -284,8 +261,8 @@ function verifyJwtSignature(token, secretOrPublicKey, options) {
             }
             else if (error.name === 'JsonWebTokenError') {
                 if (error.message && error.message.includes(JWT_CALLBACK_ERROR_PREFIX)) {
-                    var message = error.message.split(JWT_CALLBACK_ERROR_PREFIX).pop() || 'Error fetching public keys.';
-                    var code = JwtErrorCode.KEY_FETCH_ERROR;
+                    const message = error.message.split(JWT_CALLBACK_ERROR_PREFIX).pop() || 'Error fetching public keys.';
+                    let code = JwtErrorCode.KEY_FETCH_ERROR;
                     if (message === NO_MATCHING_KID_ERROR_MESSAGE) {
                         code = JwtErrorCode.NO_MATCHING_KID;
                     }
@@ -310,15 +287,15 @@ function decodeJwt(jwtToken) {
     if (!validator.isString(jwtToken)) {
         return Promise.reject(new JwtError(JwtErrorCode.INVALID_ARGUMENT, 'The provided token must be a string.'));
     }
-    var fullDecodedToken = jwt.decode(jwtToken, {
+    const fullDecodedToken = jwt.decode(jwtToken, {
         complete: true,
     });
     if (!fullDecodedToken) {
         return Promise.reject(new JwtError(JwtErrorCode.INVALID_ARGUMENT, 'Decoding token failed.'));
     }
-    var header = fullDecodedToken === null || fullDecodedToken === void 0 ? void 0 : fullDecodedToken.header;
-    var payload = fullDecodedToken === null || fullDecodedToken === void 0 ? void 0 : fullDecodedToken.payload;
-    return Promise.resolve({ header: header, payload: payload });
+    const header = fullDecodedToken?.header;
+    const payload = fullDecodedToken?.payload;
+    return Promise.resolve({ header, payload });
 }
 exports.decodeJwt = decodeJwt;
 /**
@@ -328,17 +305,14 @@ exports.decodeJwt = decodeJwt;
  * @param message - The error message.
  * @constructor
  */
-var JwtError = /** @class */ (function (_super) {
-    __extends(JwtError, _super);
-    function JwtError(code, message) {
-        var _this = _super.call(this, message) || this;
-        _this.code = code;
-        _this.message = message;
-        _this.__proto__ = JwtError.prototype;
-        return _this;
+class JwtError extends Error {
+    constructor(code, message) {
+        super(message);
+        this.code = code;
+        this.message = message;
+        this.__proto__ = JwtError.prototype;
     }
-    return JwtError;
-}(Error));
+}
 exports.JwtError = JwtError;
 /**
  * JWT error codes.

package/lib/utils/validator.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v10.3.0 */
+/*! firebase-admin v11.0.0 */
 /*!
  * @license
  * Copyright 2017 Google Inc.