firebase-admin 10.3.0 → 11.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -2
- package/lib/app/core.d.ts +1 -1
- package/lib/app/core.js +1 -1
- package/lib/app/credential-factory.d.ts +1 -1
- package/lib/app/credential-factory.js +8 -8
- package/lib/app/credential-internal.d.ts +1 -1
- package/lib/app/credential-internal.js +97 -106
- package/lib/app/credential.d.ts +1 -1
- package/lib/app/credential.js +1 -1
- package/lib/app/firebase-app.d.ts +1 -1
- package/lib/app/firebase-app.js +76 -91
- package/lib/app/firebase-namespace.d.ts +1 -1
- package/lib/app/firebase-namespace.js +209 -279
- package/lib/app/index.d.ts +1 -1
- package/lib/app/index.js +4 -4
- package/lib/app/lifecycle.d.ts +1 -1
- package/lib/app/lifecycle.js +37 -43
- package/lib/app-check/app-check-api-client-internal.d.ts +1 -1
- package/lib/app-check/app-check-api-client-internal.js +54 -73
- package/lib/app-check/app-check-api.d.ts +1 -1
- package/lib/app-check/app-check-api.js +1 -1
- package/lib/app-check/app-check-namespace.d.ts +1 -1
- package/lib/app-check/app-check-namespace.js +1 -1
- package/lib/app-check/app-check.d.ts +1 -1
- package/lib/app-check/app-check.js +17 -19
- package/lib/app-check/index.d.ts +1 -1
- package/lib/app-check/index.js +7 -7
- package/lib/app-check/token-generator.d.ts +1 -1
- package/lib/app-check/token-generator.js +47 -52
- package/lib/app-check/token-verifier.d.ts +1 -1
- package/lib/app-check/token-verifier.js +46 -50
- package/lib/auth/action-code-settings-builder.d.ts +1 -1
- package/lib/auth/action-code-settings-builder.js +10 -11
- package/lib/auth/auth-api-request.d.ts +1 -1
- package/lib/auth/auth-api-request.js +346 -393
- package/lib/auth/auth-config.d.ts +1 -1
- package/lib/auth/auth-config.js +95 -106
- package/lib/auth/auth-namespace.d.ts +1 -1
- package/lib/auth/auth-namespace.js +1 -1
- package/lib/auth/auth.d.ts +1 -1
- package/lib/auth/auth.js +20 -40
- package/lib/auth/base-auth.d.ts +1 -1
- package/lib/auth/base-auth.js +137 -144
- package/lib/auth/identifier.d.ts +1 -1
- package/lib/auth/identifier.js +2 -2
- package/lib/auth/index.d.ts +1 -1
- package/lib/auth/index.js +7 -7
- package/lib/auth/tenant-manager.d.ts +1 -1
- package/lib/auth/tenant-manager.js +49 -71
- package/lib/auth/tenant.d.ts +1 -1
- package/lib/auth/tenant.js +44 -55
- package/lib/auth/token-generator.d.ts +1 -1
- package/lib/auth/token-generator.js +49 -53
- package/lib/auth/token-verifier.d.ts +1 -1
- package/lib/auth/token-verifier.js +83 -91
- package/lib/auth/user-import-builder.d.ts +1 -1
- package/lib/auth/user-import-builder.js +70 -73
- package/lib/auth/user-record.d.ts +1 -1
- package/lib/auth/user-record.js +61 -84
- package/lib/credential/index.d.ts +1 -1
- package/lib/credential/index.js +2 -2
- package/lib/database/database-namespace.d.ts +1 -1
- package/lib/database/database-namespace.js +1 -1
- package/lib/database/database.d.ts +1 -1
- package/lib/database/database.js +92 -108
- package/lib/database/index.d.ts +1 -1
- package/lib/database/index.js +10 -10
- package/lib/default-namespace.d.ts +1 -1
- package/lib/default-namespace.js +2 -2
- package/lib/eventarc/cloudevent.d.ts +1 -1
- package/lib/eventarc/cloudevent.js +1 -1
- package/lib/eventarc/eventarc-client-internal.d.ts +1 -1
- package/lib/eventarc/eventarc-client-internal.js +63 -129
- package/lib/eventarc/eventarc-utils.d.ts +1 -1
- package/lib/eventarc/eventarc-utils.js +16 -32
- package/lib/eventarc/eventarc.d.ts +1 -1
- package/lib/eventarc/eventarc.js +51 -65
- package/lib/eventarc/index.d.ts +1 -1
- package/lib/eventarc/index.js +7 -7
- package/lib/firebase-namespace-api.d.ts +1 -1
- package/lib/firebase-namespace-api.js +8 -3
- package/lib/firestore/firestore-internal.d.ts +1 -1
- package/lib/firestore/firestore-internal.js +28 -37
- package/lib/firestore/firestore-namespace.d.ts +9 -1
- package/lib/firestore/firestore-namespace.js +2 -2
- package/lib/firestore/index.d.ts +2 -2
- package/lib/firestore/index.js +7 -7
- package/lib/functions/functions-api-client-internal.d.ts +1 -1
- package/lib/functions/functions-api-client-internal.js +71 -93
- package/lib/functions/functions-api.d.ts +1 -1
- package/lib/functions/functions-api.js +1 -1
- package/lib/functions/functions.d.ts +1 -1
- package/lib/functions/functions.js +13 -15
- package/lib/functions/index.d.ts +1 -1
- package/lib/functions/index.js +7 -7
- package/lib/index.d.ts +1 -1
- package/lib/index.js +14 -4
- package/lib/installations/index.d.ts +1 -1
- package/lib/installations/index.js +6 -6
- package/lib/installations/installations-namespace.d.ts +1 -1
- package/lib/installations/installations-namespace.js +1 -1
- package/lib/installations/installations-request-handler.d.ts +1 -1
- package/lib/installations/installations-request-handler.js +33 -36
- package/lib/installations/installations.d.ts +1 -1
- package/lib/installations/installations.js +17 -22
- package/lib/instance-id/index.d.ts +1 -1
- package/lib/instance-id/index.js +6 -6
- package/lib/instance-id/instance-id-namespace.d.ts +1 -1
- package/lib/instance-id/instance-id-namespace.js +1 -1
- package/lib/instance-id/instance-id.d.ts +1 -1
- package/lib/instance-id/instance-id.js +21 -26
- package/lib/machine-learning/index.d.ts +1 -1
- package/lib/machine-learning/index.js +7 -7
- package/lib/machine-learning/machine-learning-api-client.d.ts +1 -1
- package/lib/machine-learning/machine-learning-api-client.js +110 -124
- package/lib/machine-learning/machine-learning-namespace.d.ts +1 -1
- package/lib/machine-learning/machine-learning-namespace.js +1 -1
- package/lib/machine-learning/machine-learning-utils.d.ts +1 -1
- package/lib/machine-learning/machine-learning-utils.js +9 -24
- package/lib/machine-learning/machine-learning.d.ts +1 -1
- package/lib/machine-learning/machine-learning.js +146 -207
- package/lib/messaging/batch-request-internal.d.ts +1 -1
- package/lib/messaging/batch-request-internal.js +33 -35
- package/lib/messaging/index.d.ts +1 -1
- package/lib/messaging/index.js +7 -7
- package/lib/messaging/messaging-api-request-internal.d.ts +1 -1
- package/lib/messaging/messaging-api-request-internal.js +38 -40
- package/lib/messaging/messaging-api.d.ts +1 -1
- package/lib/messaging/messaging-api.js +1 -1
- package/lib/messaging/messaging-errors-internal.d.ts +1 -1
- package/lib/messaging/messaging-errors-internal.js +12 -13
- package/lib/messaging/messaging-internal.d.ts +1 -1
- package/lib/messaging/messaging-internal.js +51 -51
- package/lib/messaging/messaging-namespace.d.ts +1 -1
- package/lib/messaging/messaging-namespace.js +1 -1
- package/lib/messaging/messaging.d.ts +1 -1
- package/lib/messaging/messaging.js +184 -208
- package/lib/project-management/android-app.d.ts +1 -1
- package/lib/project-management/android-app.js +41 -43
- package/lib/project-management/app-metadata.d.ts +1 -1
- package/lib/project-management/app-metadata.js +1 -1
- package/lib/project-management/index.d.ts +1 -1
- package/lib/project-management/index.js +7 -7
- package/lib/project-management/ios-app.d.ts +1 -1
- package/lib/project-management/ios-app.js +25 -26
- package/lib/project-management/project-management-api-request-internal.d.ts +1 -1
- package/lib/project-management/project-management-api-request-internal.js +84 -89
- package/lib/project-management/project-management-namespace.d.ts +1 -1
- package/lib/project-management/project-management-namespace.js +1 -1
- package/lib/project-management/project-management.d.ts +1 -1
- package/lib/project-management/project-management.js +80 -87
- package/lib/remote-config/index.d.ts +1 -1
- package/lib/remote-config/index.js +7 -7
- package/lib/remote-config/remote-config-api-client-internal.d.ts +1 -1
- package/lib/remote-config/remote-config-api-client-internal.js +116 -154
- package/lib/remote-config/remote-config-api.d.ts +1 -1
- package/lib/remote-config/remote-config-api.js +1 -1
- package/lib/remote-config/remote-config-namespace.d.ts +1 -1
- package/lib/remote-config/remote-config-namespace.js +1 -1
- package/lib/remote-config/remote-config.d.ts +1 -1
- package/lib/remote-config/remote-config.js +51 -59
- package/lib/security-rules/index.d.ts +1 -1
- package/lib/security-rules/index.js +7 -7
- package/lib/security-rules/security-rules-api-client-internal.d.ts +1 -1
- package/lib/security-rules/security-rules-api-client-internal.js +95 -107
- package/lib/security-rules/security-rules-internal.d.ts +1 -1
- package/lib/security-rules/security-rules-internal.js +6 -21
- package/lib/security-rules/security-rules-namespace.d.ts +1 -1
- package/lib/security-rules/security-rules-namespace.js +1 -1
- package/lib/security-rules/security-rules.d.ts +1 -1
- package/lib/security-rules/security-rules.js +82 -91
- package/lib/storage/index.d.ts +1 -1
- package/lib/storage/index.js +7 -7
- package/lib/storage/storage-namespace.d.ts +1 -1
- package/lib/storage/storage-namespace.js +1 -1
- package/lib/storage/storage.d.ts +1 -1
- package/lib/storage/storage.js +25 -30
- package/lib/utils/api-request.d.ts +3 -1
- package/lib/utils/api-request.js +278 -356
- package/lib/utils/crypto-signer.d.ts +1 -1
- package/lib/utils/crypto-signer.js +58 -93
- package/lib/utils/deep-copy.d.ts +1 -1
- package/lib/utils/deep-copy.js +3 -3
- package/lib/utils/error.d.ts +1 -1
- package/lib/utils/error.js +611 -681
- package/lib/utils/index.d.ts +1 -1
- package/lib/utils/index.js +38 -43
- package/lib/utils/jwt.d.ts +1 -1
- package/lib/utils/jwt.js +97 -123
- package/lib/utils/validator.d.ts +1 -1
- package/lib/utils/validator.js +13 -13
- package/package.json +5 -5
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! firebase-admin
|
|
1
|
+
/*! firebase-admin v11.0.0 */
|
|
2
2
|
"use strict";
|
|
3
3
|
/*!
|
|
4
4
|
* @license
|
|
@@ -16,48 +16,24 @@
|
|
|
16
16
|
* See the License for the specific language governing permissions and
|
|
17
17
|
* limitations under the License.
|
|
18
18
|
*/
|
|
19
|
-
var __extends = (this && this.__extends) || (function () {
|
|
20
|
-
var extendStatics = function (d, b) {
|
|
21
|
-
extendStatics = Object.setPrototypeOf ||
|
|
22
|
-
({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
|
|
23
|
-
function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; };
|
|
24
|
-
return extendStatics(d, b);
|
|
25
|
-
};
|
|
26
|
-
return function (d, b) {
|
|
27
|
-
extendStatics(d, b);
|
|
28
|
-
function __() { this.constructor = d; }
|
|
29
|
-
d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
|
|
30
|
-
};
|
|
31
|
-
})();
|
|
32
|
-
var __assign = (this && this.__assign) || function () {
|
|
33
|
-
__assign = Object.assign || function(t) {
|
|
34
|
-
for (var s, i = 1, n = arguments.length; i < n; i++) {
|
|
35
|
-
s = arguments[i];
|
|
36
|
-
for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))
|
|
37
|
-
t[p] = s[p];
|
|
38
|
-
}
|
|
39
|
-
return t;
|
|
40
|
-
};
|
|
41
|
-
return __assign.apply(this, arguments);
|
|
42
|
-
};
|
|
43
19
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
44
20
|
exports.useEmulator = exports.TenantAwareAuthRequestHandler = exports.AuthRequestHandler = exports.AbstractAuthRequestHandler = exports.FIREBASE_AUTH_SIGN_UP_NEW_USER = exports.FIREBASE_AUTH_SET_ACCOUNT_INFO = exports.FIREBASE_AUTH_BATCH_DELETE_ACCOUNTS = exports.FIREBASE_AUTH_DELETE_ACCOUNT = exports.FIREBASE_AUTH_GET_ACCOUNTS_INFO = exports.FIREBASE_AUTH_GET_ACCOUNT_INFO = exports.FIREBASE_AUTH_DOWNLOAD_ACCOUNT = exports.FIREBASE_AUTH_UPLOAD_ACCOUNT = exports.FIREBASE_AUTH_CREATE_SESSION_COOKIE = exports.EMAIL_ACTION_REQUEST_TYPES = exports.RESERVED_CLAIMS = void 0;
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
21
|
+
const validator = require("../utils/validator");
|
|
22
|
+
const deep_copy_1 = require("../utils/deep-copy");
|
|
23
|
+
const error_1 = require("../utils/error");
|
|
24
|
+
const api_request_1 = require("../utils/api-request");
|
|
25
|
+
const utils = require("../utils/index");
|
|
26
|
+
const user_import_builder_1 = require("./user-import-builder");
|
|
27
|
+
const action_code_settings_builder_1 = require("./action-code-settings-builder");
|
|
28
|
+
const tenant_1 = require("./tenant");
|
|
29
|
+
const identifier_1 = require("./identifier");
|
|
30
|
+
const auth_config_1 = require("./auth-config");
|
|
55
31
|
/** Firebase Auth request header. */
|
|
56
|
-
|
|
57
|
-
'X-Client-Version':
|
|
32
|
+
const FIREBASE_AUTH_HEADER = {
|
|
33
|
+
'X-Client-Version': `Node/Admin/${utils.getSdkVersion()}`,
|
|
58
34
|
};
|
|
59
35
|
/** Firebase Auth request timeout duration in milliseconds. */
|
|
60
|
-
|
|
36
|
+
const FIREBASE_AUTH_TIMEOUT = 25000;
|
|
61
37
|
/** List of reserved claims which cannot be provided when creating a custom token. */
|
|
62
38
|
exports.RESERVED_CLAIMS = [
|
|
63
39
|
'acr', 'amr', 'at_hash', 'aud', 'auth_time', 'azp', 'cnf', 'c_hash', 'exp', 'iat',
|
|
@@ -68,31 +44,31 @@ exports.EMAIL_ACTION_REQUEST_TYPES = [
|
|
|
68
44
|
'PASSWORD_RESET', 'VERIFY_EMAIL', 'EMAIL_SIGNIN', 'VERIFY_AND_CHANGE_EMAIL',
|
|
69
45
|
];
|
|
70
46
|
/** Maximum allowed number of characters in the custom claims payload. */
|
|
71
|
-
|
|
47
|
+
const MAX_CLAIMS_PAYLOAD_SIZE = 1000;
|
|
72
48
|
/** Maximum allowed number of users to batch download at one time. */
|
|
73
|
-
|
|
49
|
+
const MAX_DOWNLOAD_ACCOUNT_PAGE_SIZE = 1000;
|
|
74
50
|
/** Maximum allowed number of users to batch upload at one time. */
|
|
75
|
-
|
|
51
|
+
const MAX_UPLOAD_ACCOUNT_BATCH_SIZE = 1000;
|
|
76
52
|
/** Maximum allowed number of users to batch get at one time. */
|
|
77
|
-
|
|
53
|
+
const MAX_GET_ACCOUNTS_BATCH_SIZE = 100;
|
|
78
54
|
/** Maximum allowed number of users to batch delete at one time. */
|
|
79
|
-
|
|
55
|
+
const MAX_DELETE_ACCOUNTS_BATCH_SIZE = 1000;
|
|
80
56
|
/** Minimum allowed session cookie duration in seconds (5 minutes). */
|
|
81
|
-
|
|
57
|
+
const MIN_SESSION_COOKIE_DURATION_SECS = 5 * 60;
|
|
82
58
|
/** Maximum allowed session cookie duration in seconds (2 weeks). */
|
|
83
|
-
|
|
59
|
+
const MAX_SESSION_COOKIE_DURATION_SECS = 14 * 24 * 60 * 60;
|
|
84
60
|
/** Maximum allowed number of provider configurations to batch download at one time. */
|
|
85
|
-
|
|
61
|
+
const MAX_LIST_PROVIDER_CONFIGURATION_PAGE_SIZE = 100;
|
|
86
62
|
/** The Firebase Auth backend base URL format. */
|
|
87
|
-
|
|
63
|
+
const FIREBASE_AUTH_BASE_URL_FORMAT = 'https://identitytoolkit.googleapis.com/{version}/projects/{projectId}{api}';
|
|
88
64
|
/** Firebase Auth base URlLformat when using the auth emultor. */
|
|
89
|
-
|
|
65
|
+
const FIREBASE_AUTH_EMULATOR_BASE_URL_FORMAT = 'http://{host}/identitytoolkit.googleapis.com/{version}/projects/{projectId}{api}';
|
|
90
66
|
/** The Firebase Auth backend multi-tenancy base URL format. */
|
|
91
|
-
|
|
67
|
+
const FIREBASE_AUTH_TENANT_URL_FORMAT = FIREBASE_AUTH_BASE_URL_FORMAT.replace('projects/{projectId}', 'projects/{projectId}/tenants/{tenantId}');
|
|
92
68
|
/** Firebase Auth base URL format when using the auth emultor with multi-tenancy. */
|
|
93
|
-
|
|
69
|
+
const FIREBASE_AUTH_EMULATOR_TENANT_URL_FORMAT = FIREBASE_AUTH_EMULATOR_BASE_URL_FORMAT.replace('projects/{projectId}', 'projects/{projectId}/tenants/{tenantId}');
|
|
94
70
|
/** Maximum allowed number of tenants to download at one time. */
|
|
95
|
-
|
|
71
|
+
const MAX_LIST_TENANT_PAGE_SIZE = 1000;
|
|
96
72
|
/**
|
|
97
73
|
* Enum for the user write operation type.
|
|
98
74
|
*/
|
|
@@ -103,7 +79,7 @@ var WriteOperationType;
|
|
|
103
79
|
WriteOperationType["Upload"] = "upload";
|
|
104
80
|
})(WriteOperationType || (WriteOperationType = {}));
|
|
105
81
|
/** Defines a base utility to help with resource URL construction. */
|
|
106
|
-
|
|
82
|
+
class AuthResourceUrlBuilder {
|
|
107
83
|
/**
|
|
108
84
|
* The resource URL builder constructor.
|
|
109
85
|
*
|
|
@@ -111,8 +87,7 @@ var AuthResourceUrlBuilder = /** @class */ (function () {
|
|
|
111
87
|
* @param version - The endpoint API version.
|
|
112
88
|
* @constructor
|
|
113
89
|
*/
|
|
114
|
-
|
|
115
|
-
if (version === void 0) { version = 'v1'; }
|
|
90
|
+
constructor(app, version = 'v1') {
|
|
116
91
|
this.app = app;
|
|
117
92
|
this.version = version;
|
|
118
93
|
if (useEmulator()) {
|
|
@@ -132,41 +107,37 @@ var AuthResourceUrlBuilder = /** @class */ (function () {
|
|
|
132
107
|
* URL path.
|
|
133
108
|
* @returns The corresponding resource URL.
|
|
134
109
|
*/
|
|
135
|
-
|
|
136
|
-
var _this = this;
|
|
110
|
+
getUrl(api, params) {
|
|
137
111
|
return this.getProjectId()
|
|
138
|
-
.then(
|
|
139
|
-
|
|
140
|
-
version:
|
|
141
|
-
projectId
|
|
112
|
+
.then((projectId) => {
|
|
113
|
+
const baseParams = {
|
|
114
|
+
version: this.version,
|
|
115
|
+
projectId,
|
|
142
116
|
api: api || '',
|
|
143
117
|
};
|
|
144
|
-
|
|
118
|
+
const baseUrl = utils.formatString(this.urlFormat, baseParams);
|
|
145
119
|
// Substitute additional api related parameters.
|
|
146
120
|
return utils.formatString(baseUrl, params || {});
|
|
147
121
|
});
|
|
148
|
-
}
|
|
149
|
-
|
|
150
|
-
var _this = this;
|
|
122
|
+
}
|
|
123
|
+
getProjectId() {
|
|
151
124
|
if (this.projectId) {
|
|
152
125
|
return Promise.resolve(this.projectId);
|
|
153
126
|
}
|
|
154
127
|
return utils.findProjectId(this.app)
|
|
155
|
-
.then(
|
|
128
|
+
.then((projectId) => {
|
|
156
129
|
if (!validator.isNonEmptyString(projectId)) {
|
|
157
130
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CREDENTIAL, 'Failed to determine project ID for Auth. Initialize the '
|
|
158
131
|
+ 'SDK with service account credentials or set project ID as an app option. '
|
|
159
132
|
+ 'Alternatively set the GOOGLE_CLOUD_PROJECT environment variable.');
|
|
160
133
|
}
|
|
161
|
-
|
|
134
|
+
this.projectId = projectId;
|
|
162
135
|
return projectId;
|
|
163
136
|
});
|
|
164
|
-
}
|
|
165
|
-
|
|
166
|
-
}());
|
|
137
|
+
}
|
|
138
|
+
}
|
|
167
139
|
/** Tenant aware resource builder utility. */
|
|
168
|
-
|
|
169
|
-
__extends(TenantAwareAuthResourceUrlBuilder, _super);
|
|
140
|
+
class TenantAwareAuthResourceUrlBuilder extends AuthResourceUrlBuilder {
|
|
170
141
|
/**
|
|
171
142
|
* The tenant aware resource URL builder constructor.
|
|
172
143
|
*
|
|
@@ -175,20 +146,19 @@ var TenantAwareAuthResourceUrlBuilder = /** @class */ (function (_super) {
|
|
|
175
146
|
* @param tenantId - The tenant ID.
|
|
176
147
|
* @constructor
|
|
177
148
|
*/
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
149
|
+
constructor(app, version, tenantId) {
|
|
150
|
+
super(app, version);
|
|
151
|
+
this.app = app;
|
|
152
|
+
this.version = version;
|
|
153
|
+
this.tenantId = tenantId;
|
|
183
154
|
if (useEmulator()) {
|
|
184
|
-
|
|
155
|
+
this.urlFormat = utils.formatString(FIREBASE_AUTH_EMULATOR_TENANT_URL_FORMAT, {
|
|
185
156
|
host: emulatorHost()
|
|
186
157
|
});
|
|
187
158
|
}
|
|
188
159
|
else {
|
|
189
|
-
|
|
160
|
+
this.urlFormat = FIREBASE_AUTH_TENANT_URL_FORMAT;
|
|
190
161
|
}
|
|
191
|
-
return _this;
|
|
192
162
|
}
|
|
193
163
|
/**
|
|
194
164
|
* Returns the resource URL corresponding to the provided parameters.
|
|
@@ -198,32 +168,25 @@ var TenantAwareAuthResourceUrlBuilder = /** @class */ (function (_super) {
|
|
|
198
168
|
* URL path.
|
|
199
169
|
* @returns The corresponding resource URL.
|
|
200
170
|
*/
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
.
|
|
205
|
-
return utils.formatString(url, { tenantId: _this.tenantId });
|
|
171
|
+
getUrl(api, params) {
|
|
172
|
+
return super.getUrl(api, params)
|
|
173
|
+
.then((url) => {
|
|
174
|
+
return utils.formatString(url, { tenantId: this.tenantId });
|
|
206
175
|
});
|
|
207
|
-
}
|
|
208
|
-
|
|
209
|
-
}(AuthResourceUrlBuilder));
|
|
176
|
+
}
|
|
177
|
+
}
|
|
210
178
|
/**
|
|
211
179
|
* Auth-specific HTTP client which uses the special "owner" token
|
|
212
180
|
* when communicating with the Auth Emulator.
|
|
213
181
|
*/
|
|
214
|
-
|
|
215
|
-
|
|
216
|
-
function AuthHttpClient() {
|
|
217
|
-
return _super !== null && _super.apply(this, arguments) || this;
|
|
218
|
-
}
|
|
219
|
-
AuthHttpClient.prototype.getToken = function () {
|
|
182
|
+
class AuthHttpClient extends api_request_1.AuthorizedHttpClient {
|
|
183
|
+
getToken() {
|
|
220
184
|
if (useEmulator()) {
|
|
221
185
|
return Promise.resolve('owner');
|
|
222
186
|
}
|
|
223
|
-
return
|
|
224
|
-
}
|
|
225
|
-
|
|
226
|
-
}(api_request_1.AuthorizedHttpClient));
|
|
187
|
+
return super.getToken();
|
|
188
|
+
}
|
|
189
|
+
}
|
|
227
190
|
/**
|
|
228
191
|
* Validates an AuthFactorInfo object. All unsupported parameters
|
|
229
192
|
* are removed from the original request. If an invalid field is passed
|
|
@@ -232,20 +195,20 @@ var AuthHttpClient = /** @class */ (function (_super) {
|
|
|
232
195
|
* @param request - The AuthFactorInfo request object.
|
|
233
196
|
*/
|
|
234
197
|
function validateAuthFactorInfo(request) {
|
|
235
|
-
|
|
198
|
+
const validKeys = {
|
|
236
199
|
mfaEnrollmentId: true,
|
|
237
200
|
displayName: true,
|
|
238
201
|
phoneInfo: true,
|
|
239
202
|
enrolledAt: true,
|
|
240
203
|
};
|
|
241
204
|
// Remove unsupported keys from the original request.
|
|
242
|
-
for (
|
|
205
|
+
for (const key in request) {
|
|
243
206
|
if (!(key in validKeys)) {
|
|
244
207
|
delete request[key];
|
|
245
208
|
}
|
|
246
209
|
}
|
|
247
210
|
// No enrollment ID is available for signupNewUser. Use another identifier.
|
|
248
|
-
|
|
211
|
+
const authFactorInfoIdentifier = request.mfaEnrollmentId || request.phoneInfo || JSON.stringify(request);
|
|
249
212
|
// Enrollment uid may or may not be specified for update operations.
|
|
250
213
|
if (typeof request.mfaEnrollmentId !== 'undefined' &&
|
|
251
214
|
!validator.isNonEmptyString(request.mfaEnrollmentId)) {
|
|
@@ -253,19 +216,19 @@ function validateAuthFactorInfo(request) {
|
|
|
253
216
|
}
|
|
254
217
|
if (typeof request.displayName !== 'undefined' &&
|
|
255
218
|
!validator.isString(request.displayName)) {
|
|
256
|
-
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_DISPLAY_NAME,
|
|
219
|
+
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_DISPLAY_NAME, `The second factor "displayName" for "${authFactorInfoIdentifier}" must be a valid string.`);
|
|
257
220
|
}
|
|
258
221
|
// enrolledAt must be a valid UTC date string.
|
|
259
222
|
if (typeof request.enrolledAt !== 'undefined' &&
|
|
260
223
|
!validator.isISODateString(request.enrolledAt)) {
|
|
261
|
-
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ENROLLMENT_TIME,
|
|
224
|
+
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ENROLLMENT_TIME, `The second factor "enrollmentTime" for "${authFactorInfoIdentifier}" must be a valid ` +
|
|
262
225
|
'UTC date string.');
|
|
263
226
|
}
|
|
264
227
|
// Validate required fields depending on second factor type.
|
|
265
228
|
if (typeof request.phoneInfo !== 'undefined') {
|
|
266
229
|
// phoneNumber should be a string and a valid phone number.
|
|
267
230
|
if (!validator.isPhoneNumber(request.phoneInfo)) {
|
|
268
|
-
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PHONE_NUMBER,
|
|
231
|
+
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PHONE_NUMBER, `The second factor "phoneNumber" for "${authFactorInfoIdentifier}" must be a non-empty ` +
|
|
269
232
|
'E.164 standard compliant identifier string.');
|
|
270
233
|
}
|
|
271
234
|
}
|
|
@@ -283,7 +246,7 @@ function validateAuthFactorInfo(request) {
|
|
|
283
246
|
* @param request - The providerUserInfo request object.
|
|
284
247
|
*/
|
|
285
248
|
function validateProviderUserInfo(request) {
|
|
286
|
-
|
|
249
|
+
const validKeys = {
|
|
287
250
|
rawId: true,
|
|
288
251
|
providerId: true,
|
|
289
252
|
email: true,
|
|
@@ -291,7 +254,7 @@ function validateProviderUserInfo(request) {
|
|
|
291
254
|
photoUrl: true,
|
|
292
255
|
};
|
|
293
256
|
// Remove invalid keys from original request.
|
|
294
|
-
for (
|
|
257
|
+
for (const key in request) {
|
|
295
258
|
if (!(key in validKeys)) {
|
|
296
259
|
delete request[key];
|
|
297
260
|
}
|
|
@@ -301,23 +264,23 @@ function validateProviderUserInfo(request) {
|
|
|
301
264
|
}
|
|
302
265
|
if (typeof request.displayName !== 'undefined' &&
|
|
303
266
|
typeof request.displayName !== 'string') {
|
|
304
|
-
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_DISPLAY_NAME,
|
|
267
|
+
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_DISPLAY_NAME, `The provider "displayName" for "${request.providerId}" must be a valid string.`);
|
|
305
268
|
}
|
|
306
269
|
if (!validator.isNonEmptyString(request.rawId)) {
|
|
307
270
|
// This is called localId on the backend but the developer specifies this as
|
|
308
271
|
// uid externally. So the error message should use the client facing name.
|
|
309
|
-
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID,
|
|
272
|
+
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID, `The provider "uid" for "${request.providerId}" must be a valid non-empty string.`);
|
|
310
273
|
}
|
|
311
274
|
// email should be a string and a valid email.
|
|
312
275
|
if (typeof request.email !== 'undefined' && !validator.isEmail(request.email)) {
|
|
313
|
-
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_EMAIL,
|
|
276
|
+
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_EMAIL, `The provider "email" for "${request.providerId}" must be a valid email string.`);
|
|
314
277
|
}
|
|
315
278
|
// photoUrl should be a URL.
|
|
316
279
|
if (typeof request.photoUrl !== 'undefined' &&
|
|
317
280
|
!validator.isURL(request.photoUrl)) {
|
|
318
281
|
// This is called photoUrl on the backend but the developer specifies this as
|
|
319
282
|
// photoURL externally. So the error message should use the client facing name.
|
|
320
|
-
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PHOTO_URL,
|
|
283
|
+
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PHOTO_URL, `The provider "photoURL" for "${request.providerId}" must be a valid URL string.`);
|
|
321
284
|
}
|
|
322
285
|
}
|
|
323
286
|
/**
|
|
@@ -329,9 +292,9 @@ function validateProviderUserInfo(request) {
|
|
|
329
292
|
* @param writeOperationType - The write operation type.
|
|
330
293
|
*/
|
|
331
294
|
function validateCreateEditRequest(request, writeOperationType) {
|
|
332
|
-
|
|
295
|
+
const uploadAccountRequest = writeOperationType === WriteOperationType.Upload;
|
|
333
296
|
// Hash set of whitelisted parameters.
|
|
334
|
-
|
|
297
|
+
const validKeys = {
|
|
335
298
|
displayName: true,
|
|
336
299
|
localId: true,
|
|
337
300
|
email: true,
|
|
@@ -361,7 +324,7 @@ function validateCreateEditRequest(request, writeOperationType) {
|
|
|
361
324
|
mfa: !uploadAccountRequest,
|
|
362
325
|
};
|
|
363
326
|
// Remove invalid keys from original request.
|
|
364
|
-
for (
|
|
327
|
+
for (const key in request) {
|
|
365
328
|
if (!(key in validKeys)) {
|
|
366
329
|
delete request[key];
|
|
367
330
|
}
|
|
@@ -445,9 +408,9 @@ function validateCreateEditRequest(request, writeOperationType) {
|
|
|
445
408
|
// customAttributes should be stringified JSON with no blacklisted claims.
|
|
446
409
|
// The payload should not exceed 1KB.
|
|
447
410
|
if (typeof request.customAttributes !== 'undefined') {
|
|
448
|
-
|
|
411
|
+
let developerClaims;
|
|
449
412
|
try {
|
|
450
|
-
|
|
413
|
+
developerClaims = JSON.parse(request.customAttributes);
|
|
451
414
|
}
|
|
452
415
|
catch (error) {
|
|
453
416
|
// JSON parsing error. This should never happen as we stringify the claims internally.
|
|
@@ -455,22 +418,22 @@ function validateCreateEditRequest(request, writeOperationType) {
|
|
|
455
418
|
// this field.
|
|
456
419
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CLAIMS, error.message);
|
|
457
420
|
}
|
|
458
|
-
|
|
421
|
+
const invalidClaims = [];
|
|
459
422
|
// Check for any invalid claims.
|
|
460
|
-
exports.RESERVED_CLAIMS.forEach(
|
|
461
|
-
if (Object.prototype.hasOwnProperty.call(
|
|
462
|
-
|
|
423
|
+
exports.RESERVED_CLAIMS.forEach((blacklistedClaim) => {
|
|
424
|
+
if (Object.prototype.hasOwnProperty.call(developerClaims, blacklistedClaim)) {
|
|
425
|
+
invalidClaims.push(blacklistedClaim);
|
|
463
426
|
}
|
|
464
427
|
});
|
|
465
428
|
// Throw an error if an invalid claim is detected.
|
|
466
|
-
if (
|
|
467
|
-
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.FORBIDDEN_CLAIM,
|
|
468
|
-
|
|
469
|
-
|
|
429
|
+
if (invalidClaims.length > 0) {
|
|
430
|
+
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.FORBIDDEN_CLAIM, invalidClaims.length > 1 ?
|
|
431
|
+
`Developer claims "${invalidClaims.join('", "')}" are reserved and cannot be specified.` :
|
|
432
|
+
`Developer claim "${invalidClaims[0]}" is reserved and cannot be specified.`);
|
|
470
433
|
}
|
|
471
434
|
// Check claims payload does not exceed maxmimum size.
|
|
472
435
|
if (request.customAttributes.length > MAX_CLAIMS_PAYLOAD_SIZE) {
|
|
473
|
-
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.CLAIMS_TOO_LARGE,
|
|
436
|
+
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.CLAIMS_TOO_LARGE, `Developer claims payload should not exceed ${MAX_CLAIMS_PAYLOAD_SIZE} characters.`);
|
|
474
437
|
}
|
|
475
438
|
}
|
|
476
439
|
// passwordHash has to be a base64 encoded string.
|
|
@@ -489,7 +452,7 @@ function validateCreateEditRequest(request, writeOperationType) {
|
|
|
489
452
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_DATA);
|
|
490
453
|
}
|
|
491
454
|
else if (validator.isArray(request.providerUserInfo)) {
|
|
492
|
-
request.providerUserInfo.forEach(
|
|
455
|
+
request.providerUserInfo.forEach((providerUserInfoEntry) => {
|
|
493
456
|
validateProviderUserInfo(providerUserInfoEntry);
|
|
494
457
|
});
|
|
495
458
|
}
|
|
@@ -500,7 +463,7 @@ function validateCreateEditRequest(request, writeOperationType) {
|
|
|
500
463
|
// mfaInfo is used for importUsers.
|
|
501
464
|
// mfa.enrollments is used for setAccountInfo.
|
|
502
465
|
// enrollments has to be an array of valid AuthFactorInfo requests.
|
|
503
|
-
|
|
466
|
+
let enrollments = null;
|
|
504
467
|
if (request.mfaInfo) {
|
|
505
468
|
enrollments = request.mfaInfo;
|
|
506
469
|
}
|
|
@@ -511,7 +474,7 @@ function validateCreateEditRequest(request, writeOperationType) {
|
|
|
511
474
|
if (!validator.isArray(enrollments)) {
|
|
512
475
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ENROLLED_FACTORS);
|
|
513
476
|
}
|
|
514
|
-
enrollments.forEach(
|
|
477
|
+
enrollments.forEach((authFactorInfoEntry) => {
|
|
515
478
|
validateAuthFactorInfo(authFactorInfoEntry);
|
|
516
479
|
});
|
|
517
480
|
}
|
|
@@ -523,7 +486,7 @@ function validateCreateEditRequest(request, writeOperationType) {
|
|
|
523
486
|
*/
|
|
524
487
|
exports.FIREBASE_AUTH_CREATE_SESSION_COOKIE = new api_request_1.ApiSettings(':createSessionCookie', 'POST')
|
|
525
488
|
// Set request validator.
|
|
526
|
-
.setRequestValidator(
|
|
489
|
+
.setRequestValidator((request) => {
|
|
527
490
|
// Validate the ID token is a non-empty string.
|
|
528
491
|
if (!validator.isNonEmptyString(request.idToken)) {
|
|
529
492
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ID_TOKEN);
|
|
@@ -536,7 +499,7 @@ exports.FIREBASE_AUTH_CREATE_SESSION_COOKIE = new api_request_1.ApiSettings(':cr
|
|
|
536
499
|
}
|
|
537
500
|
})
|
|
538
501
|
// Set response validator.
|
|
539
|
-
.setResponseValidator(
|
|
502
|
+
.setResponseValidator((response) => {
|
|
540
503
|
// Response should always contain the session cookie.
|
|
541
504
|
if (!validator.isNonEmptyString(response.sessionCookie)) {
|
|
542
505
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR);
|
|
@@ -555,7 +518,7 @@ exports.FIREBASE_AUTH_UPLOAD_ACCOUNT = new api_request_1.ApiSettings('/accounts:
|
|
|
555
518
|
*/
|
|
556
519
|
exports.FIREBASE_AUTH_DOWNLOAD_ACCOUNT = new api_request_1.ApiSettings('/accounts:batchGet', 'GET')
|
|
557
520
|
// Set request validator.
|
|
558
|
-
.setRequestValidator(
|
|
521
|
+
.setRequestValidator((request) => {
|
|
559
522
|
// Validate next page token.
|
|
560
523
|
if (typeof request.nextPageToken !== 'undefined' &&
|
|
561
524
|
!validator.isNonEmptyString(request.nextPageToken)) {
|
|
@@ -566,7 +529,7 @@ exports.FIREBASE_AUTH_DOWNLOAD_ACCOUNT = new api_request_1.ApiSettings('/account
|
|
|
566
529
|
request.maxResults <= 0 ||
|
|
567
530
|
request.maxResults > MAX_DOWNLOAD_ACCOUNT_PAGE_SIZE) {
|
|
568
531
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'Required "maxResults" must be a positive integer that does not exceed ' +
|
|
569
|
-
|
|
532
|
+
`${MAX_DOWNLOAD_ACCOUNT_PAGE_SIZE}.`);
|
|
570
533
|
}
|
|
571
534
|
});
|
|
572
535
|
/**
|
|
@@ -576,13 +539,13 @@ exports.FIREBASE_AUTH_DOWNLOAD_ACCOUNT = new api_request_1.ApiSettings('/account
|
|
|
576
539
|
*/
|
|
577
540
|
exports.FIREBASE_AUTH_GET_ACCOUNT_INFO = new api_request_1.ApiSettings('/accounts:lookup', 'POST')
|
|
578
541
|
// Set request validator.
|
|
579
|
-
.setRequestValidator(
|
|
542
|
+
.setRequestValidator((request) => {
|
|
580
543
|
if (!request.localId && !request.email && !request.phoneNumber && !request.federatedUserId) {
|
|
581
544
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server request is missing user identifier');
|
|
582
545
|
}
|
|
583
546
|
})
|
|
584
547
|
// Set response validator.
|
|
585
|
-
.setResponseValidator(
|
|
548
|
+
.setResponseValidator((response) => {
|
|
586
549
|
if (!response.users || !response.users.length) {
|
|
587
550
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.USER_NOT_FOUND);
|
|
588
551
|
}
|
|
@@ -595,7 +558,7 @@ exports.FIREBASE_AUTH_GET_ACCOUNT_INFO = new api_request_1.ApiSettings('/account
|
|
|
595
558
|
*/
|
|
596
559
|
exports.FIREBASE_AUTH_GET_ACCOUNTS_INFO = new api_request_1.ApiSettings('/accounts:lookup', 'POST')
|
|
597
560
|
// Set request validator.
|
|
598
|
-
.setRequestValidator(
|
|
561
|
+
.setRequestValidator((request) => {
|
|
599
562
|
if (!request.localId && !request.email && !request.phoneNumber && !request.federatedUserId) {
|
|
600
563
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server request is missing user identifier');
|
|
601
564
|
}
|
|
@@ -607,7 +570,7 @@ exports.FIREBASE_AUTH_GET_ACCOUNTS_INFO = new api_request_1.ApiSettings('/accoun
|
|
|
607
570
|
*/
|
|
608
571
|
exports.FIREBASE_AUTH_DELETE_ACCOUNT = new api_request_1.ApiSettings('/accounts:delete', 'POST')
|
|
609
572
|
// Set request validator.
|
|
610
|
-
.setRequestValidator(
|
|
573
|
+
.setRequestValidator((request) => {
|
|
611
574
|
if (!request.localId) {
|
|
612
575
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server request is missing user identifier');
|
|
613
576
|
}
|
|
@@ -616,7 +579,7 @@ exports.FIREBASE_AUTH_DELETE_ACCOUNT = new api_request_1.ApiSettings('/accounts:
|
|
|
616
579
|
* @internal
|
|
617
580
|
*/
|
|
618
581
|
exports.FIREBASE_AUTH_BATCH_DELETE_ACCOUNTS = new api_request_1.ApiSettings('/accounts:batchDelete', 'POST')
|
|
619
|
-
.setRequestValidator(
|
|
582
|
+
.setRequestValidator((request) => {
|
|
620
583
|
if (!request.localIds) {
|
|
621
584
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server request is missing user identifiers');
|
|
622
585
|
}
|
|
@@ -624,9 +587,9 @@ exports.FIREBASE_AUTH_BATCH_DELETE_ACCOUNTS = new api_request_1.ApiSettings('/ac
|
|
|
624
587
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server request is missing force=true field');
|
|
625
588
|
}
|
|
626
589
|
})
|
|
627
|
-
.setResponseValidator(
|
|
628
|
-
|
|
629
|
-
errors.forEach(
|
|
590
|
+
.setResponseValidator((response) => {
|
|
591
|
+
const errors = response.errors || [];
|
|
592
|
+
errors.forEach((batchDeleteErrorInfo) => {
|
|
630
593
|
if (typeof batchDeleteErrorInfo.index === 'undefined') {
|
|
631
594
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server BatchDeleteAccountResponse is missing an errors.index field');
|
|
632
595
|
}
|
|
@@ -643,7 +606,7 @@ exports.FIREBASE_AUTH_BATCH_DELETE_ACCOUNTS = new api_request_1.ApiSettings('/ac
|
|
|
643
606
|
*/
|
|
644
607
|
exports.FIREBASE_AUTH_SET_ACCOUNT_INFO = new api_request_1.ApiSettings('/accounts:update', 'POST')
|
|
645
608
|
// Set request validator.
|
|
646
|
-
.setRequestValidator(
|
|
609
|
+
.setRequestValidator((request) => {
|
|
647
610
|
// localId is a required parameter.
|
|
648
611
|
if (typeof request.localId === 'undefined') {
|
|
649
612
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server request is missing user identifier');
|
|
@@ -655,7 +618,7 @@ exports.FIREBASE_AUTH_SET_ACCOUNT_INFO = new api_request_1.ApiSettings('/account
|
|
|
655
618
|
validateCreateEditRequest(request, WriteOperationType.Update);
|
|
656
619
|
})
|
|
657
620
|
// Set response validator.
|
|
658
|
-
.setResponseValidator(
|
|
621
|
+
.setResponseValidator((response) => {
|
|
659
622
|
// If the localId is not returned, then the request failed.
|
|
660
623
|
if (!response.localId) {
|
|
661
624
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.USER_NOT_FOUND);
|
|
@@ -669,7 +632,7 @@ exports.FIREBASE_AUTH_SET_ACCOUNT_INFO = new api_request_1.ApiSettings('/account
|
|
|
669
632
|
*/
|
|
670
633
|
exports.FIREBASE_AUTH_SIGN_UP_NEW_USER = new api_request_1.ApiSettings('/accounts', 'POST')
|
|
671
634
|
// Set request validator.
|
|
672
|
-
.setRequestValidator(
|
|
635
|
+
.setRequestValidator((request) => {
|
|
673
636
|
// signupNewUser does not support customAttributes.
|
|
674
637
|
if (typeof request.customAttributes !== 'undefined') {
|
|
675
638
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"customAttributes" cannot be set when creating a new user.');
|
|
@@ -685,15 +648,15 @@ exports.FIREBASE_AUTH_SIGN_UP_NEW_USER = new api_request_1.ApiSettings('/account
|
|
|
685
648
|
validateCreateEditRequest(request, WriteOperationType.Create);
|
|
686
649
|
})
|
|
687
650
|
// Set response validator.
|
|
688
|
-
.setResponseValidator(
|
|
651
|
+
.setResponseValidator((response) => {
|
|
689
652
|
// If the localId is not returned, then the request failed.
|
|
690
653
|
if (!response.localId) {
|
|
691
654
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to create new user');
|
|
692
655
|
}
|
|
693
656
|
});
|
|
694
|
-
|
|
657
|
+
const FIREBASE_AUTH_GET_OOB_CODE = new api_request_1.ApiSettings('/accounts:sendOobCode', 'POST')
|
|
695
658
|
// Set request validator.
|
|
696
|
-
.setRequestValidator(
|
|
659
|
+
.setRequestValidator((request) => {
|
|
697
660
|
if (!validator.isEmail(request.email)) {
|
|
698
661
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_EMAIL);
|
|
699
662
|
}
|
|
@@ -701,11 +664,11 @@ var FIREBASE_AUTH_GET_OOB_CODE = new api_request_1.ApiSettings('/accounts:sendOo
|
|
|
701
664
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_NEW_EMAIL);
|
|
702
665
|
}
|
|
703
666
|
if (exports.EMAIL_ACTION_REQUEST_TYPES.indexOf(request.requestType) === -1) {
|
|
704
|
-
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, "
|
|
667
|
+
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, `"${request.requestType}" is not a supported email action request type.`);
|
|
705
668
|
}
|
|
706
669
|
})
|
|
707
670
|
// Set response validator.
|
|
708
|
-
.setResponseValidator(
|
|
671
|
+
.setResponseValidator((response) => {
|
|
709
672
|
// If the oobLink is not returned, then the request failed.
|
|
710
673
|
if (!response.oobLink) {
|
|
711
674
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to create the email action link');
|
|
@@ -716,9 +679,9 @@ var FIREBASE_AUTH_GET_OOB_CODE = new api_request_1.ApiSettings('/accounts:sendOo
|
|
|
716
679
|
*
|
|
717
680
|
* @internal
|
|
718
681
|
*/
|
|
719
|
-
|
|
682
|
+
const GET_OAUTH_IDP_CONFIG = new api_request_1.ApiSettings('/oauthIdpConfigs/{providerId}', 'GET')
|
|
720
683
|
// Set response validator.
|
|
721
|
-
.setResponseValidator(
|
|
684
|
+
.setResponseValidator((response) => {
|
|
722
685
|
// Response should always contain the OIDC provider resource name.
|
|
723
686
|
if (!validator.isNonEmptyString(response.name)) {
|
|
724
687
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to get OIDC configuration');
|
|
@@ -729,15 +692,15 @@ var GET_OAUTH_IDP_CONFIG = new api_request_1.ApiSettings('/oauthIdpConfigs/{prov
|
|
|
729
692
|
*
|
|
730
693
|
* @internal
|
|
731
694
|
*/
|
|
732
|
-
|
|
695
|
+
const DELETE_OAUTH_IDP_CONFIG = new api_request_1.ApiSettings('/oauthIdpConfigs/{providerId}', 'DELETE');
|
|
733
696
|
/**
|
|
734
697
|
* Instantiates the create OIDC configuration endpoint settings.
|
|
735
698
|
*
|
|
736
699
|
* @internal
|
|
737
700
|
*/
|
|
738
|
-
|
|
701
|
+
const CREATE_OAUTH_IDP_CONFIG = new api_request_1.ApiSettings('/oauthIdpConfigs?oauthIdpConfigId={providerId}', 'POST')
|
|
739
702
|
// Set response validator.
|
|
740
|
-
.setResponseValidator(
|
|
703
|
+
.setResponseValidator((response) => {
|
|
741
704
|
// Response should always contain the OIDC provider resource name.
|
|
742
705
|
if (!validator.isNonEmptyString(response.name)) {
|
|
743
706
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to create new OIDC configuration');
|
|
@@ -748,9 +711,9 @@ var CREATE_OAUTH_IDP_CONFIG = new api_request_1.ApiSettings('/oauthIdpConfigs?oa
|
|
|
748
711
|
*
|
|
749
712
|
* @internal
|
|
750
713
|
*/
|
|
751
|
-
|
|
714
|
+
const UPDATE_OAUTH_IDP_CONFIG = new api_request_1.ApiSettings('/oauthIdpConfigs/{providerId}?updateMask={updateMask}', 'PATCH')
|
|
752
715
|
// Set response validator.
|
|
753
|
-
.setResponseValidator(
|
|
716
|
+
.setResponseValidator((response) => {
|
|
754
717
|
// Response should always contain the configuration resource name.
|
|
755
718
|
if (!validator.isNonEmptyString(response.name)) {
|
|
756
719
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to update OIDC configuration');
|
|
@@ -761,9 +724,9 @@ var UPDATE_OAUTH_IDP_CONFIG = new api_request_1.ApiSettings('/oauthIdpConfigs/{p
|
|
|
761
724
|
*
|
|
762
725
|
* @internal
|
|
763
726
|
*/
|
|
764
|
-
|
|
727
|
+
const LIST_OAUTH_IDP_CONFIGS = new api_request_1.ApiSettings('/oauthIdpConfigs', 'GET')
|
|
765
728
|
// Set request validator.
|
|
766
|
-
.setRequestValidator(
|
|
729
|
+
.setRequestValidator((request) => {
|
|
767
730
|
// Validate next page token.
|
|
768
731
|
if (typeof request.pageToken !== 'undefined' &&
|
|
769
732
|
!validator.isNonEmptyString(request.pageToken)) {
|
|
@@ -774,7 +737,7 @@ var LIST_OAUTH_IDP_CONFIGS = new api_request_1.ApiSettings('/oauthIdpConfigs', '
|
|
|
774
737
|
request.pageSize <= 0 ||
|
|
775
738
|
request.pageSize > MAX_LIST_PROVIDER_CONFIGURATION_PAGE_SIZE) {
|
|
776
739
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'Required "maxResults" must be a positive integer that does not exceed ' +
|
|
777
|
-
|
|
740
|
+
`${MAX_LIST_PROVIDER_CONFIGURATION_PAGE_SIZE}.`);
|
|
778
741
|
}
|
|
779
742
|
});
|
|
780
743
|
/**
|
|
@@ -782,9 +745,9 @@ var LIST_OAUTH_IDP_CONFIGS = new api_request_1.ApiSettings('/oauthIdpConfigs', '
|
|
|
782
745
|
*
|
|
783
746
|
* @internal
|
|
784
747
|
*/
|
|
785
|
-
|
|
748
|
+
const GET_INBOUND_SAML_CONFIG = new api_request_1.ApiSettings('/inboundSamlConfigs/{providerId}', 'GET')
|
|
786
749
|
// Set response validator.
|
|
787
|
-
.setResponseValidator(
|
|
750
|
+
.setResponseValidator((response) => {
|
|
788
751
|
// Response should always contain the SAML provider resource name.
|
|
789
752
|
if (!validator.isNonEmptyString(response.name)) {
|
|
790
753
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to get SAML configuration');
|
|
@@ -795,15 +758,15 @@ var GET_INBOUND_SAML_CONFIG = new api_request_1.ApiSettings('/inboundSamlConfigs
|
|
|
795
758
|
*
|
|
796
759
|
* @internal
|
|
797
760
|
*/
|
|
798
|
-
|
|
761
|
+
const DELETE_INBOUND_SAML_CONFIG = new api_request_1.ApiSettings('/inboundSamlConfigs/{providerId}', 'DELETE');
|
|
799
762
|
/**
|
|
800
763
|
* Instantiates the create SAML configuration endpoint settings.
|
|
801
764
|
*
|
|
802
765
|
* @internal
|
|
803
766
|
*/
|
|
804
|
-
|
|
767
|
+
const CREATE_INBOUND_SAML_CONFIG = new api_request_1.ApiSettings('/inboundSamlConfigs?inboundSamlConfigId={providerId}', 'POST')
|
|
805
768
|
// Set response validator.
|
|
806
|
-
.setResponseValidator(
|
|
769
|
+
.setResponseValidator((response) => {
|
|
807
770
|
// Response should always contain the SAML provider resource name.
|
|
808
771
|
if (!validator.isNonEmptyString(response.name)) {
|
|
809
772
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to create new SAML configuration');
|
|
@@ -814,9 +777,9 @@ var CREATE_INBOUND_SAML_CONFIG = new api_request_1.ApiSettings('/inboundSamlConf
|
|
|
814
777
|
*
|
|
815
778
|
* @internal
|
|
816
779
|
*/
|
|
817
|
-
|
|
780
|
+
const UPDATE_INBOUND_SAML_CONFIG = new api_request_1.ApiSettings('/inboundSamlConfigs/{providerId}?updateMask={updateMask}', 'PATCH')
|
|
818
781
|
// Set response validator.
|
|
819
|
-
.setResponseValidator(
|
|
782
|
+
.setResponseValidator((response) => {
|
|
820
783
|
// Response should always contain the configuration resource name.
|
|
821
784
|
if (!validator.isNonEmptyString(response.name)) {
|
|
822
785
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to update SAML configuration');
|
|
@@ -827,9 +790,9 @@ var UPDATE_INBOUND_SAML_CONFIG = new api_request_1.ApiSettings('/inboundSamlConf
|
|
|
827
790
|
*
|
|
828
791
|
* @internal
|
|
829
792
|
*/
|
|
830
|
-
|
|
793
|
+
const LIST_INBOUND_SAML_CONFIGS = new api_request_1.ApiSettings('/inboundSamlConfigs', 'GET')
|
|
831
794
|
// Set request validator.
|
|
832
|
-
.setRequestValidator(
|
|
795
|
+
.setRequestValidator((request) => {
|
|
833
796
|
// Validate next page token.
|
|
834
797
|
if (typeof request.pageToken !== 'undefined' &&
|
|
835
798
|
!validator.isNonEmptyString(request.pageToken)) {
|
|
@@ -840,7 +803,7 @@ var LIST_INBOUND_SAML_CONFIGS = new api_request_1.ApiSettings('/inboundSamlConfi
|
|
|
840
803
|
request.pageSize <= 0 ||
|
|
841
804
|
request.pageSize > MAX_LIST_PROVIDER_CONFIGURATION_PAGE_SIZE) {
|
|
842
805
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'Required "maxResults" must be a positive integer that does not exceed ' +
|
|
843
|
-
|
|
806
|
+
`${MAX_LIST_PROVIDER_CONFIGURATION_PAGE_SIZE}.`);
|
|
844
807
|
}
|
|
845
808
|
});
|
|
846
809
|
/**
|
|
@@ -848,12 +811,12 @@ var LIST_INBOUND_SAML_CONFIGS = new api_request_1.ApiSettings('/inboundSamlConfi
|
|
|
848
811
|
*
|
|
849
812
|
* @internal
|
|
850
813
|
*/
|
|
851
|
-
|
|
814
|
+
class AbstractAuthRequestHandler {
|
|
852
815
|
/**
|
|
853
816
|
* @param app - The app used to fetch access tokens to sign API requests.
|
|
854
817
|
* @constructor
|
|
855
818
|
*/
|
|
856
|
-
|
|
819
|
+
constructor(app) {
|
|
857
820
|
this.app = app;
|
|
858
821
|
if (typeof app !== 'object' || app === null || !('options' in app)) {
|
|
859
822
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'First argument passed to admin.auth() must be a valid Firebase app instance.');
|
|
@@ -864,38 +827,38 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
864
827
|
* @param response - The response to check for errors.
|
|
865
828
|
* @returns The error code if present; null otherwise.
|
|
866
829
|
*/
|
|
867
|
-
|
|
830
|
+
static getErrorCode(response) {
|
|
868
831
|
return (validator.isNonNullObject(response) && response.error && response.error.message) || null;
|
|
869
|
-
}
|
|
870
|
-
|
|
832
|
+
}
|
|
833
|
+
static addUidToRequest(id, request) {
|
|
871
834
|
if (!validator.isUid(id.uid)) {
|
|
872
835
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID);
|
|
873
836
|
}
|
|
874
837
|
request.localId ? request.localId.push(id.uid) : request.localId = [id.uid];
|
|
875
838
|
return request;
|
|
876
|
-
}
|
|
877
|
-
|
|
839
|
+
}
|
|
840
|
+
static addEmailToRequest(id, request) {
|
|
878
841
|
if (!validator.isEmail(id.email)) {
|
|
879
842
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_EMAIL);
|
|
880
843
|
}
|
|
881
844
|
request.email ? request.email.push(id.email) : request.email = [id.email];
|
|
882
845
|
return request;
|
|
883
|
-
}
|
|
884
|
-
|
|
846
|
+
}
|
|
847
|
+
static addPhoneToRequest(id, request) {
|
|
885
848
|
if (!validator.isPhoneNumber(id.phoneNumber)) {
|
|
886
849
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PHONE_NUMBER);
|
|
887
850
|
}
|
|
888
851
|
request.phoneNumber ? request.phoneNumber.push(id.phoneNumber) : request.phoneNumber = [id.phoneNumber];
|
|
889
852
|
return request;
|
|
890
|
-
}
|
|
891
|
-
|
|
853
|
+
}
|
|
854
|
+
static addProviderToRequest(id, request) {
|
|
892
855
|
if (!validator.isNonEmptyString(id.providerId)) {
|
|
893
856
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID);
|
|
894
857
|
}
|
|
895
858
|
if (!validator.isNonEmptyString(id.providerUid)) {
|
|
896
859
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_UID);
|
|
897
860
|
}
|
|
898
|
-
|
|
861
|
+
const federatedUserId = {
|
|
899
862
|
providerId: id.providerId,
|
|
900
863
|
rawId: id.providerUid,
|
|
901
864
|
};
|
|
@@ -903,7 +866,7 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
903
866
|
? request.federatedUserId.push(federatedUserId)
|
|
904
867
|
: request.federatedUserId = [federatedUserId];
|
|
905
868
|
return request;
|
|
906
|
-
}
|
|
869
|
+
}
|
|
907
870
|
/**
|
|
908
871
|
* Creates a new Firebase session cookie with the specified duration that can be used for
|
|
909
872
|
* session management (set as a server side session cookie with custom cookie policy).
|
|
@@ -914,72 +877,72 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
914
877
|
*
|
|
915
878
|
* @returns A promise that resolves on success with the created session cookie.
|
|
916
879
|
*/
|
|
917
|
-
|
|
918
|
-
|
|
919
|
-
idToken
|
|
880
|
+
createSessionCookie(idToken, expiresIn) {
|
|
881
|
+
const request = {
|
|
882
|
+
idToken,
|
|
920
883
|
// Convert to seconds.
|
|
921
884
|
validDuration: expiresIn / 1000,
|
|
922
885
|
};
|
|
923
886
|
return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_CREATE_SESSION_COOKIE, request)
|
|
924
|
-
.then(
|
|
925
|
-
}
|
|
887
|
+
.then((response) => response.sessionCookie);
|
|
888
|
+
}
|
|
926
889
|
/**
|
|
927
890
|
* Looks up a user by uid.
|
|
928
891
|
*
|
|
929
892
|
* @param uid - The uid of the user to lookup.
|
|
930
893
|
* @returns A promise that resolves with the user information.
|
|
931
894
|
*/
|
|
932
|
-
|
|
895
|
+
getAccountInfoByUid(uid) {
|
|
933
896
|
if (!validator.isUid(uid)) {
|
|
934
897
|
return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID));
|
|
935
898
|
}
|
|
936
|
-
|
|
899
|
+
const request = {
|
|
937
900
|
localId: [uid],
|
|
938
901
|
};
|
|
939
902
|
return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_GET_ACCOUNT_INFO, request);
|
|
940
|
-
}
|
|
903
|
+
}
|
|
941
904
|
/**
|
|
942
905
|
* Looks up a user by email.
|
|
943
906
|
*
|
|
944
907
|
* @param email - The email of the user to lookup.
|
|
945
908
|
* @returns A promise that resolves with the user information.
|
|
946
909
|
*/
|
|
947
|
-
|
|
910
|
+
getAccountInfoByEmail(email) {
|
|
948
911
|
if (!validator.isEmail(email)) {
|
|
949
912
|
return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_EMAIL));
|
|
950
913
|
}
|
|
951
|
-
|
|
914
|
+
const request = {
|
|
952
915
|
email: [email],
|
|
953
916
|
};
|
|
954
917
|
return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_GET_ACCOUNT_INFO, request);
|
|
955
|
-
}
|
|
918
|
+
}
|
|
956
919
|
/**
|
|
957
920
|
* Looks up a user by phone number.
|
|
958
921
|
*
|
|
959
922
|
* @param phoneNumber - The phone number of the user to lookup.
|
|
960
923
|
* @returns A promise that resolves with the user information.
|
|
961
924
|
*/
|
|
962
|
-
|
|
925
|
+
getAccountInfoByPhoneNumber(phoneNumber) {
|
|
963
926
|
if (!validator.isPhoneNumber(phoneNumber)) {
|
|
964
927
|
return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PHONE_NUMBER));
|
|
965
928
|
}
|
|
966
|
-
|
|
929
|
+
const request = {
|
|
967
930
|
phoneNumber: [phoneNumber],
|
|
968
931
|
};
|
|
969
932
|
return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_GET_ACCOUNT_INFO, request);
|
|
970
|
-
}
|
|
971
|
-
|
|
933
|
+
}
|
|
934
|
+
getAccountInfoByFederatedUid(providerId, rawId) {
|
|
972
935
|
if (!validator.isNonEmptyString(providerId) || !validator.isNonEmptyString(rawId)) {
|
|
973
936
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID);
|
|
974
937
|
}
|
|
975
|
-
|
|
938
|
+
const request = {
|
|
976
939
|
federatedUserId: [{
|
|
977
|
-
providerId
|
|
978
|
-
rawId
|
|
940
|
+
providerId,
|
|
941
|
+
rawId,
|
|
979
942
|
}],
|
|
980
943
|
};
|
|
981
944
|
return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_GET_ACCOUNT_INFO, request);
|
|
982
|
-
}
|
|
945
|
+
}
|
|
983
946
|
/**
|
|
984
947
|
* Looks up multiple users by their identifiers (uid, email, etc).
|
|
985
948
|
*
|
|
@@ -988,26 +951,25 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
988
951
|
* @param A - promise that resolves with the set of successfully
|
|
989
952
|
* looked up users. Possibly empty if no users were looked up.
|
|
990
953
|
*/
|
|
991
|
-
|
|
954
|
+
getAccountInfoByIdentifiers(identifiers) {
|
|
992
955
|
if (identifiers.length === 0) {
|
|
993
956
|
return Promise.resolve({ users: [] });
|
|
994
957
|
}
|
|
995
958
|
else if (identifiers.length > MAX_GET_ACCOUNTS_BATCH_SIZE) {
|
|
996
959
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.MAXIMUM_USER_COUNT_EXCEEDED, '`identifiers` parameter must have <= ' + MAX_GET_ACCOUNTS_BATCH_SIZE + ' entries.');
|
|
997
960
|
}
|
|
998
|
-
|
|
999
|
-
for (
|
|
1000
|
-
|
|
1001
|
-
if (identifier_1.isUidIdentifier(id)) {
|
|
961
|
+
let request = {};
|
|
962
|
+
for (const id of identifiers) {
|
|
963
|
+
if ((0, identifier_1.isUidIdentifier)(id)) {
|
|
1002
964
|
request = AbstractAuthRequestHandler.addUidToRequest(id, request);
|
|
1003
965
|
}
|
|
1004
|
-
else if (identifier_1.isEmailIdentifier(id)) {
|
|
966
|
+
else if ((0, identifier_1.isEmailIdentifier)(id)) {
|
|
1005
967
|
request = AbstractAuthRequestHandler.addEmailToRequest(id, request);
|
|
1006
968
|
}
|
|
1007
|
-
else if (identifier_1.isPhoneIdentifier(id)) {
|
|
969
|
+
else if ((0, identifier_1.isPhoneIdentifier)(id)) {
|
|
1008
970
|
request = AbstractAuthRequestHandler.addPhoneToRequest(id, request);
|
|
1009
971
|
}
|
|
1010
|
-
else if (identifier_1.isProviderIdentifier(id)) {
|
|
972
|
+
else if ((0, identifier_1.isProviderIdentifier)(id)) {
|
|
1011
973
|
request = AbstractAuthRequestHandler.addProviderToRequest(id, request);
|
|
1012
974
|
}
|
|
1013
975
|
else {
|
|
@@ -1015,7 +977,7 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1015
977
|
}
|
|
1016
978
|
}
|
|
1017
979
|
return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_GET_ACCOUNTS_INFO, request);
|
|
1018
|
-
}
|
|
980
|
+
}
|
|
1019
981
|
/**
|
|
1020
982
|
* Exports the users (single batch only) with a size of maxResults and starting from
|
|
1021
983
|
* the offset as specified by pageToken.
|
|
@@ -1029,11 +991,10 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1029
991
|
* users and the next page token if available. For the last page, an empty list of users
|
|
1030
992
|
* and no page token are returned.
|
|
1031
993
|
*/
|
|
1032
|
-
|
|
1033
|
-
if (maxResults === void 0) { maxResults = MAX_DOWNLOAD_ACCOUNT_PAGE_SIZE; }
|
|
994
|
+
downloadAccount(maxResults = MAX_DOWNLOAD_ACCOUNT_PAGE_SIZE, pageToken) {
|
|
1034
995
|
// Construct request.
|
|
1035
|
-
|
|
1036
|
-
maxResults
|
|
996
|
+
const request = {
|
|
997
|
+
maxResults,
|
|
1037
998
|
nextPageToken: pageToken,
|
|
1038
999
|
};
|
|
1039
1000
|
// Remove next page token if not provided.
|
|
@@ -1041,14 +1002,14 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1041
1002
|
delete request.nextPageToken;
|
|
1042
1003
|
}
|
|
1043
1004
|
return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_DOWNLOAD_ACCOUNT, request)
|
|
1044
|
-
.then(
|
|
1005
|
+
.then((response) => {
|
|
1045
1006
|
// No more users available.
|
|
1046
1007
|
if (!response.users) {
|
|
1047
1008
|
response.users = [];
|
|
1048
1009
|
}
|
|
1049
1010
|
return response;
|
|
1050
1011
|
});
|
|
1051
|
-
}
|
|
1012
|
+
}
|
|
1052
1013
|
/**
|
|
1053
1014
|
* Imports the list of users provided to Firebase Auth. This is useful when
|
|
1054
1015
|
* migrating from an external authentication system without having to use the Firebase CLI SDK.
|
|
@@ -1062,19 +1023,19 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1062
1023
|
* with the result of the import. This includes the number of successful imports, the number
|
|
1063
1024
|
* of failed uploads and their corresponding errors.
|
|
1064
1025
|
*/
|
|
1065
|
-
|
|
1026
|
+
uploadAccount(users, options) {
|
|
1066
1027
|
// This will throw if any error is detected in the hash options.
|
|
1067
1028
|
// For errors in the list of users, this will not throw and will report the errors and the
|
|
1068
1029
|
// corresponding user index in the user import generated response below.
|
|
1069
1030
|
// No need to validate raw request or raw response as this is done in UserImportBuilder.
|
|
1070
|
-
|
|
1031
|
+
const userImportBuilder = new user_import_builder_1.UserImportBuilder(users, options, (userRequest) => {
|
|
1071
1032
|
// Pass true to validate the uploadAccount specific fields.
|
|
1072
1033
|
validateCreateEditRequest(userRequest, WriteOperationType.Upload);
|
|
1073
1034
|
});
|
|
1074
|
-
|
|
1035
|
+
const request = userImportBuilder.buildRequest();
|
|
1075
1036
|
// Fail quickly if more users than allowed are to be imported.
|
|
1076
1037
|
if (validator.isArray(users) && users.length > MAX_UPLOAD_ACCOUNT_BATCH_SIZE) {
|
|
1077
|
-
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.MAXIMUM_USER_COUNT_EXCEEDED,
|
|
1038
|
+
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.MAXIMUM_USER_COUNT_EXCEEDED, `A maximum of ${MAX_UPLOAD_ACCOUNT_BATCH_SIZE} users can be imported at once.`);
|
|
1078
1039
|
}
|
|
1079
1040
|
// If no remaining user in request after client side processing, there is no need
|
|
1080
1041
|
// to send the request to the server.
|
|
@@ -1082,47 +1043,47 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1082
1043
|
return Promise.resolve(userImportBuilder.buildResponse([]));
|
|
1083
1044
|
}
|
|
1084
1045
|
return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_UPLOAD_ACCOUNT, request)
|
|
1085
|
-
.then(
|
|
1046
|
+
.then((response) => {
|
|
1086
1047
|
// No error object is returned if no error encountered.
|
|
1087
|
-
|
|
1048
|
+
const failedUploads = (response.error || []);
|
|
1088
1049
|
// Rewrite response as UserImportResult and re-insert client previously detected errors.
|
|
1089
1050
|
return userImportBuilder.buildResponse(failedUploads);
|
|
1090
1051
|
});
|
|
1091
|
-
}
|
|
1052
|
+
}
|
|
1092
1053
|
/**
|
|
1093
1054
|
* Deletes an account identified by a uid.
|
|
1094
1055
|
*
|
|
1095
1056
|
* @param uid - The uid of the user to delete.
|
|
1096
1057
|
* @returns A promise that resolves when the user is deleted.
|
|
1097
1058
|
*/
|
|
1098
|
-
|
|
1059
|
+
deleteAccount(uid) {
|
|
1099
1060
|
if (!validator.isUid(uid)) {
|
|
1100
1061
|
return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID));
|
|
1101
1062
|
}
|
|
1102
|
-
|
|
1063
|
+
const request = {
|
|
1103
1064
|
localId: uid,
|
|
1104
1065
|
};
|
|
1105
1066
|
return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_DELETE_ACCOUNT, request);
|
|
1106
|
-
}
|
|
1107
|
-
|
|
1067
|
+
}
|
|
1068
|
+
deleteAccounts(uids, force) {
|
|
1108
1069
|
if (uids.length === 0) {
|
|
1109
1070
|
return Promise.resolve({});
|
|
1110
1071
|
}
|
|
1111
1072
|
else if (uids.length > MAX_DELETE_ACCOUNTS_BATCH_SIZE) {
|
|
1112
1073
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.MAXIMUM_USER_COUNT_EXCEEDED, '`uids` parameter must have <= ' + MAX_DELETE_ACCOUNTS_BATCH_SIZE + ' entries.');
|
|
1113
1074
|
}
|
|
1114
|
-
|
|
1075
|
+
const request = {
|
|
1115
1076
|
localIds: [],
|
|
1116
|
-
force
|
|
1077
|
+
force,
|
|
1117
1078
|
};
|
|
1118
|
-
uids.forEach(
|
|
1079
|
+
uids.forEach((uid) => {
|
|
1119
1080
|
if (!validator.isUid(uid)) {
|
|
1120
1081
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID);
|
|
1121
1082
|
}
|
|
1122
1083
|
request.localIds.push(uid);
|
|
1123
1084
|
});
|
|
1124
1085
|
return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_BATCH_DELETE_ACCOUNTS, request);
|
|
1125
|
-
}
|
|
1086
|
+
}
|
|
1126
1087
|
/**
|
|
1127
1088
|
* Sets additional developer claims on an existing user identified by provided UID.
|
|
1128
1089
|
*
|
|
@@ -1131,7 +1092,7 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1131
1092
|
* @returns A promise that resolves when the operation completes
|
|
1132
1093
|
* with the user id that was edited.
|
|
1133
1094
|
*/
|
|
1134
|
-
|
|
1095
|
+
setCustomUserClaims(uid, customUserClaims) {
|
|
1135
1096
|
// Validate user UID.
|
|
1136
1097
|
if (!validator.isUid(uid)) {
|
|
1137
1098
|
return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID));
|
|
@@ -1144,15 +1105,15 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1144
1105
|
customUserClaims = {};
|
|
1145
1106
|
}
|
|
1146
1107
|
// Construct custom user attribute editting request.
|
|
1147
|
-
|
|
1108
|
+
const request = {
|
|
1148
1109
|
localId: uid,
|
|
1149
1110
|
customAttributes: JSON.stringify(customUserClaims),
|
|
1150
1111
|
};
|
|
1151
1112
|
return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_SET_ACCOUNT_INFO, request)
|
|
1152
|
-
.then(
|
|
1113
|
+
.then((response) => {
|
|
1153
1114
|
return response.localId;
|
|
1154
1115
|
});
|
|
1155
|
-
}
|
|
1116
|
+
}
|
|
1156
1117
|
/**
|
|
1157
1118
|
* Edits an existing user.
|
|
1158
1119
|
*
|
|
@@ -1161,7 +1122,7 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1161
1122
|
* @returns A promise that resolves when the operation completes
|
|
1162
1123
|
* with the user id that was edited.
|
|
1163
1124
|
*/
|
|
1164
|
-
|
|
1125
|
+
updateExistingAccount(uid, properties) {
|
|
1165
1126
|
if (!validator.isUid(uid)) {
|
|
1166
1127
|
return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID));
|
|
1167
1128
|
}
|
|
@@ -1182,14 +1143,14 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1182
1143
|
if (!validator.isArray(properties.providersToUnlink)) {
|
|
1183
1144
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'providersToUnlink of properties argument must be an array of strings.');
|
|
1184
1145
|
}
|
|
1185
|
-
properties.providersToUnlink.forEach(
|
|
1146
|
+
properties.providersToUnlink.forEach((providerId) => {
|
|
1186
1147
|
if (!validator.isNonEmptyString(providerId)) {
|
|
1187
1148
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'providersToUnlink of properties argument must be an array of strings.');
|
|
1188
1149
|
}
|
|
1189
1150
|
});
|
|
1190
1151
|
}
|
|
1191
1152
|
// Build the setAccountInfo request.
|
|
1192
|
-
|
|
1153
|
+
const request = (0, deep_copy_1.deepCopy)(properties);
|
|
1193
1154
|
request.localId = uid;
|
|
1194
1155
|
// For deleting displayName or photoURL, these values must be passed as null.
|
|
1195
1156
|
// They will be removed from the backend request and an additional parameter
|
|
@@ -1197,13 +1158,13 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1197
1158
|
// with an array of the parameter names to delete will be passed.
|
|
1198
1159
|
// Parameters that are deletable and their deleteAttribute names.
|
|
1199
1160
|
// Use client facing names, photoURL instead of photoUrl.
|
|
1200
|
-
|
|
1161
|
+
const deletableParams = {
|
|
1201
1162
|
displayName: 'DISPLAY_NAME',
|
|
1202
1163
|
photoURL: 'PHOTO_URL',
|
|
1203
1164
|
};
|
|
1204
1165
|
// Properties to delete if available.
|
|
1205
1166
|
request.deleteAttribute = [];
|
|
1206
|
-
for (
|
|
1167
|
+
for (const key in deletableParams) {
|
|
1207
1168
|
if (request[key] === null) {
|
|
1208
1169
|
// Add property identifier to list of attributes to delete.
|
|
1209
1170
|
request.deleteAttribute.push(deletableParams[key]);
|
|
@@ -1223,7 +1184,7 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1223
1184
|
delete request.phoneNumber;
|
|
1224
1185
|
}
|
|
1225
1186
|
if (typeof (request.providerToLink) !== 'undefined') {
|
|
1226
|
-
request.linkProviderUserInfo = deep_copy_1.deepCopy(request.providerToLink);
|
|
1187
|
+
request.linkProviderUserInfo = (0, deep_copy_1.deepCopy)(request.providerToLink);
|
|
1227
1188
|
delete request.providerToLink;
|
|
1228
1189
|
request.linkProviderUserInfo.rawId = request.linkProviderUserInfo.uid;
|
|
1229
1190
|
delete request.linkProviderUserInfo.uid;
|
|
@@ -1256,8 +1217,8 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1256
1217
|
enrollments: [],
|
|
1257
1218
|
};
|
|
1258
1219
|
try {
|
|
1259
|
-
request.multiFactor.enrolledFactors.forEach(
|
|
1260
|
-
request.mfa.enrollments.push(user_import_builder_1.convertMultiFactorInfoToServerFormat(multiFactorInfo));
|
|
1220
|
+
request.multiFactor.enrolledFactors.forEach((multiFactorInfo) => {
|
|
1221
|
+
request.mfa.enrollments.push((0, user_import_builder_1.convertMultiFactorInfoToServerFormat)(multiFactorInfo));
|
|
1261
1222
|
});
|
|
1262
1223
|
}
|
|
1263
1224
|
catch (e) {
|
|
@@ -1270,10 +1231,10 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1270
1231
|
delete request.multiFactor;
|
|
1271
1232
|
}
|
|
1272
1233
|
return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_SET_ACCOUNT_INFO, request)
|
|
1273
|
-
.then(
|
|
1234
|
+
.then((response) => {
|
|
1274
1235
|
return response.localId;
|
|
1275
1236
|
});
|
|
1276
|
-
}
|
|
1237
|
+
}
|
|
1277
1238
|
/**
|
|
1278
1239
|
* Revokes all refresh tokens for the specified user identified by the uid provided.
|
|
1279
1240
|
* In addition to revoking all refresh tokens for a user, all ID tokens issued
|
|
@@ -1287,21 +1248,21 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1287
1248
|
* @returns A promise that resolves when the operation completes
|
|
1288
1249
|
* successfully with the user id of the corresponding user.
|
|
1289
1250
|
*/
|
|
1290
|
-
|
|
1251
|
+
revokeRefreshTokens(uid) {
|
|
1291
1252
|
// Validate user UID.
|
|
1292
1253
|
if (!validator.isUid(uid)) {
|
|
1293
1254
|
return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID));
|
|
1294
1255
|
}
|
|
1295
|
-
|
|
1256
|
+
const request = {
|
|
1296
1257
|
localId: uid,
|
|
1297
1258
|
// validSince is in UTC seconds.
|
|
1298
1259
|
validSince: Math.floor(new Date().getTime() / 1000),
|
|
1299
1260
|
};
|
|
1300
1261
|
return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_SET_ACCOUNT_INFO, request)
|
|
1301
|
-
.then(
|
|
1262
|
+
.then((response) => {
|
|
1302
1263
|
return response.localId;
|
|
1303
1264
|
});
|
|
1304
|
-
}
|
|
1265
|
+
}
|
|
1305
1266
|
/**
|
|
1306
1267
|
* Create a new user with the properties supplied.
|
|
1307
1268
|
*
|
|
@@ -1309,11 +1270,11 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1309
1270
|
* @returns A promise that resolves when the operation completes
|
|
1310
1271
|
* with the user id that was created.
|
|
1311
1272
|
*/
|
|
1312
|
-
|
|
1273
|
+
createNewAccount(properties) {
|
|
1313
1274
|
if (!validator.isNonNullObject(properties)) {
|
|
1314
1275
|
return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'Properties argument must be a non-null object.'));
|
|
1315
1276
|
}
|
|
1316
|
-
|
|
1277
|
+
const request = (0, deep_copy_1.deepCopy)(properties);
|
|
1317
1278
|
// Rewrite photoURL to photoUrl.
|
|
1318
1279
|
if (typeof request.photoURL !== 'undefined') {
|
|
1319
1280
|
request.photoUrl = request.photoURL;
|
|
@@ -1327,9 +1288,9 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1327
1288
|
// Construct mfa related user data.
|
|
1328
1289
|
if (validator.isNonNullObject(request.multiFactor)) {
|
|
1329
1290
|
if (validator.isNonEmptyArray(request.multiFactor.enrolledFactors)) {
|
|
1330
|
-
|
|
1291
|
+
const mfaInfo = [];
|
|
1331
1292
|
try {
|
|
1332
|
-
request.multiFactor.enrolledFactors.forEach(
|
|
1293
|
+
request.multiFactor.enrolledFactors.forEach((multiFactorInfo) => {
|
|
1333
1294
|
// Enrollment time and uid are not allowed for signupNewUser endpoint.
|
|
1334
1295
|
// They will automatically be provisioned server side.
|
|
1335
1296
|
if ('enrollmentTime' in multiFactorInfo) {
|
|
@@ -1338,22 +1299,22 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1338
1299
|
else if ('uid' in multiFactorInfo) {
|
|
1339
1300
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"uid" is not supported when adding second factors via "createUser()"');
|
|
1340
1301
|
}
|
|
1341
|
-
|
|
1302
|
+
mfaInfo.push((0, user_import_builder_1.convertMultiFactorInfoToServerFormat)(multiFactorInfo));
|
|
1342
1303
|
});
|
|
1343
1304
|
}
|
|
1344
1305
|
catch (e) {
|
|
1345
1306
|
return Promise.reject(e);
|
|
1346
1307
|
}
|
|
1347
|
-
request.mfaInfo =
|
|
1308
|
+
request.mfaInfo = mfaInfo;
|
|
1348
1309
|
}
|
|
1349
1310
|
delete request.multiFactor;
|
|
1350
1311
|
}
|
|
1351
1312
|
return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_SIGN_UP_NEW_USER, request)
|
|
1352
|
-
.then(
|
|
1313
|
+
.then((response) => {
|
|
1353
1314
|
// Return the user id.
|
|
1354
1315
|
return response.localId;
|
|
1355
1316
|
});
|
|
1356
|
-
}
|
|
1317
|
+
}
|
|
1357
1318
|
/**
|
|
1358
1319
|
* Generates the out of band email action link for the email specified using the action code settings provided.
|
|
1359
1320
|
* Returns a promise that resolves with the generated link.
|
|
@@ -1368,9 +1329,13 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1368
1329
|
* Required only for VERIFY_AND_CHANGE_EMAIL requests.
|
|
1369
1330
|
* @returns A promise that resolves with the email action link.
|
|
1370
1331
|
*/
|
|
1371
|
-
|
|
1372
|
-
|
|
1373
|
-
|
|
1332
|
+
getEmailActionLink(requestType, email, actionCodeSettings, newEmail) {
|
|
1333
|
+
let request = {
|
|
1334
|
+
requestType,
|
|
1335
|
+
email,
|
|
1336
|
+
returnOobLink: true,
|
|
1337
|
+
...(typeof newEmail !== 'undefined') && { newEmail },
|
|
1338
|
+
};
|
|
1374
1339
|
// ActionCodeSettings required for email link sign-in to determine the url where the sign-in will
|
|
1375
1340
|
// be completed.
|
|
1376
1341
|
if (typeof actionCodeSettings === 'undefined' && requestType === 'EMAIL_SIGNIN') {
|
|
@@ -1378,8 +1343,8 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1378
1343
|
}
|
|
1379
1344
|
if (typeof actionCodeSettings !== 'undefined' || requestType === 'EMAIL_SIGNIN') {
|
|
1380
1345
|
try {
|
|
1381
|
-
|
|
1382
|
-
request = deep_copy_1.deepExtend(request, builder.buildRequest());
|
|
1346
|
+
const builder = new action_code_settings_builder_1.ActionCodeSettingsBuilder(actionCodeSettings);
|
|
1347
|
+
request = (0, deep_copy_1.deepExtend)(request, builder.buildRequest());
|
|
1383
1348
|
}
|
|
1384
1349
|
catch (e) {
|
|
1385
1350
|
return Promise.reject(e);
|
|
@@ -1389,23 +1354,23 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1389
1354
|
return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, "`newEmail` is required when `requestType` === 'VERIFY_AND_CHANGE_EMAIL'"));
|
|
1390
1355
|
}
|
|
1391
1356
|
return this.invokeRequestHandler(this.getAuthUrlBuilder(), FIREBASE_AUTH_GET_OOB_CODE, request)
|
|
1392
|
-
.then(
|
|
1357
|
+
.then((response) => {
|
|
1393
1358
|
// Return the link.
|
|
1394
1359
|
return response.oobLink;
|
|
1395
1360
|
});
|
|
1396
|
-
}
|
|
1361
|
+
}
|
|
1397
1362
|
/**
|
|
1398
1363
|
* Looks up an OIDC provider configuration by provider ID.
|
|
1399
1364
|
*
|
|
1400
1365
|
* @param providerId - The provider identifier of the configuration to lookup.
|
|
1401
1366
|
* @returns A promise that resolves with the provider configuration information.
|
|
1402
1367
|
*/
|
|
1403
|
-
|
|
1368
|
+
getOAuthIdpConfig(providerId) {
|
|
1404
1369
|
if (!auth_config_1.OIDCConfig.isProviderId(providerId)) {
|
|
1405
1370
|
return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID));
|
|
1406
1371
|
}
|
|
1407
|
-
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), GET_OAUTH_IDP_CONFIG, {}, { providerId
|
|
1408
|
-
}
|
|
1372
|
+
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), GET_OAUTH_IDP_CONFIG, {}, { providerId });
|
|
1373
|
+
}
|
|
1409
1374
|
/**
|
|
1410
1375
|
* Lists the OIDC configurations (single batch only) with a size of maxResults and starting from
|
|
1411
1376
|
* the offset as specified by pageToken.
|
|
@@ -1419,9 +1384,8 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1419
1384
|
* OIDC configurations and the next page token if available. For the last page, an empty list of provider
|
|
1420
1385
|
* configuration and no page token are returned.
|
|
1421
1386
|
*/
|
|
1422
|
-
|
|
1423
|
-
|
|
1424
|
-
var request = {
|
|
1387
|
+
listOAuthIdpConfigs(maxResults = MAX_LIST_PROVIDER_CONFIGURATION_PAGE_SIZE, pageToken) {
|
|
1388
|
+
const request = {
|
|
1425
1389
|
pageSize: maxResults,
|
|
1426
1390
|
};
|
|
1427
1391
|
// Add next page token if provided.
|
|
@@ -1429,29 +1393,29 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1429
1393
|
request.pageToken = pageToken;
|
|
1430
1394
|
}
|
|
1431
1395
|
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), LIST_OAUTH_IDP_CONFIGS, request)
|
|
1432
|
-
.then(
|
|
1396
|
+
.then((response) => {
|
|
1433
1397
|
if (!response.oauthIdpConfigs) {
|
|
1434
1398
|
response.oauthIdpConfigs = [];
|
|
1435
1399
|
delete response.nextPageToken;
|
|
1436
1400
|
}
|
|
1437
1401
|
return response;
|
|
1438
1402
|
});
|
|
1439
|
-
}
|
|
1403
|
+
}
|
|
1440
1404
|
/**
|
|
1441
1405
|
* Deletes an OIDC configuration identified by a providerId.
|
|
1442
1406
|
*
|
|
1443
1407
|
* @param providerId - The identifier of the OIDC configuration to delete.
|
|
1444
1408
|
* @returns A promise that resolves when the OIDC provider is deleted.
|
|
1445
1409
|
*/
|
|
1446
|
-
|
|
1410
|
+
deleteOAuthIdpConfig(providerId) {
|
|
1447
1411
|
if (!auth_config_1.OIDCConfig.isProviderId(providerId)) {
|
|
1448
1412
|
return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID));
|
|
1449
1413
|
}
|
|
1450
|
-
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), DELETE_OAUTH_IDP_CONFIG, {}, { providerId
|
|
1451
|
-
.then(
|
|
1414
|
+
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), DELETE_OAUTH_IDP_CONFIG, {}, { providerId })
|
|
1415
|
+
.then(() => {
|
|
1452
1416
|
// Return nothing.
|
|
1453
1417
|
});
|
|
1454
|
-
}
|
|
1418
|
+
}
|
|
1455
1419
|
/**
|
|
1456
1420
|
* Creates a new OIDC provider configuration with the properties provided.
|
|
1457
1421
|
*
|
|
@@ -1459,24 +1423,24 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1459
1423
|
* @returns A promise that resolves with the newly created OIDC
|
|
1460
1424
|
* configuration.
|
|
1461
1425
|
*/
|
|
1462
|
-
|
|
1426
|
+
createOAuthIdpConfig(options) {
|
|
1463
1427
|
// Construct backend request.
|
|
1464
|
-
|
|
1428
|
+
let request;
|
|
1465
1429
|
try {
|
|
1466
1430
|
request = auth_config_1.OIDCConfig.buildServerRequest(options) || {};
|
|
1467
1431
|
}
|
|
1468
1432
|
catch (e) {
|
|
1469
1433
|
return Promise.reject(e);
|
|
1470
1434
|
}
|
|
1471
|
-
|
|
1472
|
-
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), CREATE_OAUTH_IDP_CONFIG, request, { providerId
|
|
1473
|
-
.then(
|
|
1435
|
+
const providerId = options.providerId;
|
|
1436
|
+
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), CREATE_OAUTH_IDP_CONFIG, request, { providerId })
|
|
1437
|
+
.then((response) => {
|
|
1474
1438
|
if (!auth_config_1.OIDCConfig.getProviderIdFromResourceName(response.name)) {
|
|
1475
1439
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to create new OIDC provider configuration');
|
|
1476
1440
|
}
|
|
1477
1441
|
return response;
|
|
1478
1442
|
});
|
|
1479
|
-
}
|
|
1443
|
+
}
|
|
1480
1444
|
/**
|
|
1481
1445
|
* Updates an existing OIDC provider configuration with the properties provided.
|
|
1482
1446
|
*
|
|
@@ -1485,39 +1449,39 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1485
1449
|
* @returns A promise that resolves with the modified provider
|
|
1486
1450
|
* configuration.
|
|
1487
1451
|
*/
|
|
1488
|
-
|
|
1452
|
+
updateOAuthIdpConfig(providerId, options) {
|
|
1489
1453
|
if (!auth_config_1.OIDCConfig.isProviderId(providerId)) {
|
|
1490
1454
|
return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID));
|
|
1491
1455
|
}
|
|
1492
1456
|
// Construct backend request.
|
|
1493
|
-
|
|
1457
|
+
let request;
|
|
1494
1458
|
try {
|
|
1495
1459
|
request = auth_config_1.OIDCConfig.buildServerRequest(options, true) || {};
|
|
1496
1460
|
}
|
|
1497
1461
|
catch (e) {
|
|
1498
1462
|
return Promise.reject(e);
|
|
1499
1463
|
}
|
|
1500
|
-
|
|
1501
|
-
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), UPDATE_OAUTH_IDP_CONFIG, request, { providerId
|
|
1502
|
-
.then(
|
|
1464
|
+
const updateMask = utils.generateUpdateMask(request);
|
|
1465
|
+
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), UPDATE_OAUTH_IDP_CONFIG, request, { providerId, updateMask: updateMask.join(',') })
|
|
1466
|
+
.then((response) => {
|
|
1503
1467
|
if (!auth_config_1.OIDCConfig.getProviderIdFromResourceName(response.name)) {
|
|
1504
1468
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to update OIDC provider configuration');
|
|
1505
1469
|
}
|
|
1506
1470
|
return response;
|
|
1507
1471
|
});
|
|
1508
|
-
}
|
|
1472
|
+
}
|
|
1509
1473
|
/**
|
|
1510
1474
|
* Looks up an SAML provider configuration by provider ID.
|
|
1511
1475
|
*
|
|
1512
1476
|
* @param providerId - The provider identifier of the configuration to lookup.
|
|
1513
1477
|
* @returns A promise that resolves with the provider configuration information.
|
|
1514
1478
|
*/
|
|
1515
|
-
|
|
1479
|
+
getInboundSamlConfig(providerId) {
|
|
1516
1480
|
if (!auth_config_1.SAMLConfig.isProviderId(providerId)) {
|
|
1517
1481
|
return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID));
|
|
1518
1482
|
}
|
|
1519
|
-
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), GET_INBOUND_SAML_CONFIG, {}, { providerId
|
|
1520
|
-
}
|
|
1483
|
+
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), GET_INBOUND_SAML_CONFIG, {}, { providerId });
|
|
1484
|
+
}
|
|
1521
1485
|
/**
|
|
1522
1486
|
* Lists the SAML configurations (single batch only) with a size of maxResults and starting from
|
|
1523
1487
|
* the offset as specified by pageToken.
|
|
@@ -1531,9 +1495,8 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1531
1495
|
* SAML configurations and the next page token if available. For the last page, an empty list of provider
|
|
1532
1496
|
* configuration and no page token are returned.
|
|
1533
1497
|
*/
|
|
1534
|
-
|
|
1535
|
-
|
|
1536
|
-
var request = {
|
|
1498
|
+
listInboundSamlConfigs(maxResults = MAX_LIST_PROVIDER_CONFIGURATION_PAGE_SIZE, pageToken) {
|
|
1499
|
+
const request = {
|
|
1537
1500
|
pageSize: maxResults,
|
|
1538
1501
|
};
|
|
1539
1502
|
// Add next page token if provided.
|
|
@@ -1541,29 +1504,29 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1541
1504
|
request.pageToken = pageToken;
|
|
1542
1505
|
}
|
|
1543
1506
|
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), LIST_INBOUND_SAML_CONFIGS, request)
|
|
1544
|
-
.then(
|
|
1507
|
+
.then((response) => {
|
|
1545
1508
|
if (!response.inboundSamlConfigs) {
|
|
1546
1509
|
response.inboundSamlConfigs = [];
|
|
1547
1510
|
delete response.nextPageToken;
|
|
1548
1511
|
}
|
|
1549
1512
|
return response;
|
|
1550
1513
|
});
|
|
1551
|
-
}
|
|
1514
|
+
}
|
|
1552
1515
|
/**
|
|
1553
1516
|
* Deletes a SAML configuration identified by a providerId.
|
|
1554
1517
|
*
|
|
1555
1518
|
* @param providerId - The identifier of the SAML configuration to delete.
|
|
1556
1519
|
* @returns A promise that resolves when the SAML provider is deleted.
|
|
1557
1520
|
*/
|
|
1558
|
-
|
|
1521
|
+
deleteInboundSamlConfig(providerId) {
|
|
1559
1522
|
if (!auth_config_1.SAMLConfig.isProviderId(providerId)) {
|
|
1560
1523
|
return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID));
|
|
1561
1524
|
}
|
|
1562
|
-
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), DELETE_INBOUND_SAML_CONFIG, {}, { providerId
|
|
1563
|
-
.then(
|
|
1525
|
+
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), DELETE_INBOUND_SAML_CONFIG, {}, { providerId })
|
|
1526
|
+
.then(() => {
|
|
1564
1527
|
// Return nothing.
|
|
1565
1528
|
});
|
|
1566
|
-
}
|
|
1529
|
+
}
|
|
1567
1530
|
/**
|
|
1568
1531
|
* Creates a new SAML provider configuration with the properties provided.
|
|
1569
1532
|
*
|
|
@@ -1571,24 +1534,24 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1571
1534
|
* @returns A promise that resolves with the newly created SAML
|
|
1572
1535
|
* configuration.
|
|
1573
1536
|
*/
|
|
1574
|
-
|
|
1537
|
+
createInboundSamlConfig(options) {
|
|
1575
1538
|
// Construct backend request.
|
|
1576
|
-
|
|
1539
|
+
let request;
|
|
1577
1540
|
try {
|
|
1578
1541
|
request = auth_config_1.SAMLConfig.buildServerRequest(options) || {};
|
|
1579
1542
|
}
|
|
1580
1543
|
catch (e) {
|
|
1581
1544
|
return Promise.reject(e);
|
|
1582
1545
|
}
|
|
1583
|
-
|
|
1584
|
-
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), CREATE_INBOUND_SAML_CONFIG, request, { providerId
|
|
1585
|
-
.then(
|
|
1546
|
+
const providerId = options.providerId;
|
|
1547
|
+
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), CREATE_INBOUND_SAML_CONFIG, request, { providerId })
|
|
1548
|
+
.then((response) => {
|
|
1586
1549
|
if (!auth_config_1.SAMLConfig.getProviderIdFromResourceName(response.name)) {
|
|
1587
1550
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to create new SAML provider configuration');
|
|
1588
1551
|
}
|
|
1589
1552
|
return response;
|
|
1590
1553
|
});
|
|
1591
|
-
}
|
|
1554
|
+
}
|
|
1592
1555
|
/**
|
|
1593
1556
|
* Updates an existing SAML provider configuration with the properties provided.
|
|
1594
1557
|
*
|
|
@@ -1597,27 +1560,27 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1597
1560
|
* @returns A promise that resolves with the modified provider
|
|
1598
1561
|
* configuration.
|
|
1599
1562
|
*/
|
|
1600
|
-
|
|
1563
|
+
updateInboundSamlConfig(providerId, options) {
|
|
1601
1564
|
if (!auth_config_1.SAMLConfig.isProviderId(providerId)) {
|
|
1602
1565
|
return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID));
|
|
1603
1566
|
}
|
|
1604
1567
|
// Construct backend request.
|
|
1605
|
-
|
|
1568
|
+
let request;
|
|
1606
1569
|
try {
|
|
1607
1570
|
request = auth_config_1.SAMLConfig.buildServerRequest(options, true) || {};
|
|
1608
1571
|
}
|
|
1609
1572
|
catch (e) {
|
|
1610
1573
|
return Promise.reject(e);
|
|
1611
1574
|
}
|
|
1612
|
-
|
|
1613
|
-
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), UPDATE_INBOUND_SAML_CONFIG, request, { providerId
|
|
1614
|
-
.then(
|
|
1575
|
+
const updateMask = utils.generateUpdateMask(request);
|
|
1576
|
+
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), UPDATE_INBOUND_SAML_CONFIG, request, { providerId, updateMask: updateMask.join(',') })
|
|
1577
|
+
.then((response) => {
|
|
1615
1578
|
if (!auth_config_1.SAMLConfig.getProviderIdFromResourceName(response.name)) {
|
|
1616
1579
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to update SAML provider configuration');
|
|
1617
1580
|
}
|
|
1618
1581
|
return response;
|
|
1619
1582
|
});
|
|
1620
|
-
}
|
|
1583
|
+
}
|
|
1621
1584
|
/**
|
|
1622
1585
|
* Invokes the request handler based on the API settings object passed.
|
|
1623
1586
|
*
|
|
@@ -1627,36 +1590,35 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1627
1590
|
* @param additionalResourceParams - Additional resource related params if needed.
|
|
1628
1591
|
* @returns A promise that resolves with the response.
|
|
1629
1592
|
*/
|
|
1630
|
-
|
|
1631
|
-
var _this = this;
|
|
1593
|
+
invokeRequestHandler(urlBuilder, apiSettings, requestData, additionalResourceParams) {
|
|
1632
1594
|
return urlBuilder.getUrl(apiSettings.getEndpoint(), additionalResourceParams)
|
|
1633
|
-
.then(
|
|
1595
|
+
.then((url) => {
|
|
1634
1596
|
// Validate request.
|
|
1635
1597
|
if (requestData) {
|
|
1636
|
-
|
|
1598
|
+
const requestValidator = apiSettings.getRequestValidator();
|
|
1637
1599
|
requestValidator(requestData);
|
|
1638
1600
|
}
|
|
1639
1601
|
// Process request.
|
|
1640
|
-
|
|
1602
|
+
const req = {
|
|
1641
1603
|
method: apiSettings.getHttpMethod(),
|
|
1642
|
-
url
|
|
1604
|
+
url,
|
|
1643
1605
|
headers: FIREBASE_AUTH_HEADER,
|
|
1644
1606
|
data: requestData,
|
|
1645
1607
|
timeout: FIREBASE_AUTH_TIMEOUT,
|
|
1646
1608
|
};
|
|
1647
|
-
return
|
|
1609
|
+
return this.httpClient.send(req);
|
|
1648
1610
|
})
|
|
1649
|
-
.then(
|
|
1611
|
+
.then((response) => {
|
|
1650
1612
|
// Validate response.
|
|
1651
|
-
|
|
1613
|
+
const responseValidator = apiSettings.getResponseValidator();
|
|
1652
1614
|
responseValidator(response.data);
|
|
1653
1615
|
// Return entire response.
|
|
1654
1616
|
return response.data;
|
|
1655
1617
|
})
|
|
1656
|
-
.catch(
|
|
1618
|
+
.catch((err) => {
|
|
1657
1619
|
if (err instanceof api_request_1.HttpError) {
|
|
1658
|
-
|
|
1659
|
-
|
|
1620
|
+
const error = err.response.data;
|
|
1621
|
+
const errorCode = AbstractAuthRequestHandler.getErrorCode(error);
|
|
1660
1622
|
if (!errorCode) {
|
|
1661
1623
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'Error returned from server: ' + error + '. Additionally, an ' +
|
|
1662
1624
|
'internal error occurred while attempting to extract the ' +
|
|
@@ -1666,43 +1628,42 @@ var AbstractAuthRequestHandler = /** @class */ (function () {
|
|
|
1666
1628
|
}
|
|
1667
1629
|
throw err;
|
|
1668
1630
|
});
|
|
1669
|
-
}
|
|
1631
|
+
}
|
|
1670
1632
|
/**
|
|
1671
1633
|
* @returns The current Auth user management resource URL builder.
|
|
1672
1634
|
*/
|
|
1673
|
-
|
|
1635
|
+
getAuthUrlBuilder() {
|
|
1674
1636
|
if (!this.authUrlBuilder) {
|
|
1675
1637
|
this.authUrlBuilder = this.newAuthUrlBuilder();
|
|
1676
1638
|
}
|
|
1677
1639
|
return this.authUrlBuilder;
|
|
1678
|
-
}
|
|
1640
|
+
}
|
|
1679
1641
|
/**
|
|
1680
1642
|
* @returns The current project config resource URL builder.
|
|
1681
1643
|
*/
|
|
1682
|
-
|
|
1644
|
+
getProjectConfigUrlBuilder() {
|
|
1683
1645
|
if (!this.projectConfigUrlBuilder) {
|
|
1684
1646
|
this.projectConfigUrlBuilder = this.newProjectConfigUrlBuilder();
|
|
1685
1647
|
}
|
|
1686
1648
|
return this.projectConfigUrlBuilder;
|
|
1687
|
-
}
|
|
1688
|
-
|
|
1689
|
-
}());
|
|
1649
|
+
}
|
|
1650
|
+
}
|
|
1690
1651
|
exports.AbstractAuthRequestHandler = AbstractAuthRequestHandler;
|
|
1691
1652
|
/** Instantiates the getTenant endpoint settings. */
|
|
1692
|
-
|
|
1653
|
+
const GET_TENANT = new api_request_1.ApiSettings('/tenants/{tenantId}', 'GET')
|
|
1693
1654
|
// Set response validator.
|
|
1694
|
-
.setResponseValidator(
|
|
1655
|
+
.setResponseValidator((response) => {
|
|
1695
1656
|
// Response should always contain at least the tenant name.
|
|
1696
1657
|
if (!validator.isNonEmptyString(response.name)) {
|
|
1697
1658
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to get tenant');
|
|
1698
1659
|
}
|
|
1699
1660
|
});
|
|
1700
1661
|
/** Instantiates the deleteTenant endpoint settings. */
|
|
1701
|
-
|
|
1662
|
+
const DELETE_TENANT = new api_request_1.ApiSettings('/tenants/{tenantId}', 'DELETE');
|
|
1702
1663
|
/** Instantiates the updateTenant endpoint settings. */
|
|
1703
|
-
|
|
1664
|
+
const UPDATE_TENANT = new api_request_1.ApiSettings('/tenants/{tenantId}?updateMask={updateMask}', 'PATCH')
|
|
1704
1665
|
// Set response validator.
|
|
1705
|
-
.setResponseValidator(
|
|
1666
|
+
.setResponseValidator((response) => {
|
|
1706
1667
|
// Response should always contain at least the tenant name.
|
|
1707
1668
|
if (!validator.isNonEmptyString(response.name) ||
|
|
1708
1669
|
!tenant_1.Tenant.getTenantIdFromResourceName(response.name)) {
|
|
@@ -1710,9 +1671,9 @@ var UPDATE_TENANT = new api_request_1.ApiSettings('/tenants/{tenantId}?updateMas
|
|
|
1710
1671
|
}
|
|
1711
1672
|
});
|
|
1712
1673
|
/** Instantiates the listTenants endpoint settings. */
|
|
1713
|
-
|
|
1674
|
+
const LIST_TENANTS = new api_request_1.ApiSettings('/tenants', 'GET')
|
|
1714
1675
|
// Set request validator.
|
|
1715
|
-
.setRequestValidator(
|
|
1676
|
+
.setRequestValidator((request) => {
|
|
1716
1677
|
// Validate next page token.
|
|
1717
1678
|
if (typeof request.pageToken !== 'undefined' &&
|
|
1718
1679
|
!validator.isNonEmptyString(request.pageToken)) {
|
|
@@ -1723,13 +1684,13 @@ var LIST_TENANTS = new api_request_1.ApiSettings('/tenants', 'GET')
|
|
|
1723
1684
|
request.pageSize <= 0 ||
|
|
1724
1685
|
request.pageSize > MAX_LIST_TENANT_PAGE_SIZE) {
|
|
1725
1686
|
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'Required "maxResults" must be a positive non-zero number that does not exceed ' +
|
|
1726
|
-
|
|
1687
|
+
`the allowed ${MAX_LIST_TENANT_PAGE_SIZE}.`);
|
|
1727
1688
|
}
|
|
1728
1689
|
});
|
|
1729
1690
|
/** Instantiates the createTenant endpoint settings. */
|
|
1730
|
-
|
|
1691
|
+
const CREATE_TENANT = new api_request_1.ApiSettings('/tenants', 'POST')
|
|
1731
1692
|
// Set response validator.
|
|
1732
|
-
.setResponseValidator(
|
|
1693
|
+
.setResponseValidator((response) => {
|
|
1733
1694
|
// Response should always contain at least the tenant name.
|
|
1734
1695
|
if (!validator.isNonEmptyString(response.name) ||
|
|
1735
1696
|
!tenant_1.Tenant.getTenantIdFromResourceName(response.name)) {
|
|
@@ -1741,46 +1702,44 @@ var CREATE_TENANT = new api_request_1.ApiSettings('/tenants', 'POST')
|
|
|
1741
1702
|
* tenant management related APIs. This extends the BaseFirebaseAuthRequestHandler class and defines
|
|
1742
1703
|
* additional tenant management related APIs.
|
|
1743
1704
|
*/
|
|
1744
|
-
|
|
1745
|
-
__extends(AuthRequestHandler, _super);
|
|
1705
|
+
class AuthRequestHandler extends AbstractAuthRequestHandler {
|
|
1746
1706
|
/**
|
|
1747
1707
|
* The FirebaseAuthRequestHandler constructor used to initialize an instance using a FirebaseApp.
|
|
1748
1708
|
*
|
|
1749
1709
|
* @param app - The app used to fetch access tokens to sign API requests.
|
|
1750
1710
|
* @constructor.
|
|
1751
1711
|
*/
|
|
1752
|
-
|
|
1753
|
-
|
|
1754
|
-
|
|
1755
|
-
return _this;
|
|
1712
|
+
constructor(app) {
|
|
1713
|
+
super(app);
|
|
1714
|
+
this.tenantMgmtResourceBuilder = new AuthResourceUrlBuilder(app, 'v2');
|
|
1756
1715
|
}
|
|
1757
1716
|
/**
|
|
1758
1717
|
* @returns A new Auth user management resource URL builder instance.
|
|
1759
1718
|
*/
|
|
1760
|
-
|
|
1719
|
+
newAuthUrlBuilder() {
|
|
1761
1720
|
return new AuthResourceUrlBuilder(this.app, 'v1');
|
|
1762
|
-
}
|
|
1721
|
+
}
|
|
1763
1722
|
/**
|
|
1764
1723
|
* @returns A new project config resource URL builder instance.
|
|
1765
1724
|
*/
|
|
1766
|
-
|
|
1725
|
+
newProjectConfigUrlBuilder() {
|
|
1767
1726
|
return new AuthResourceUrlBuilder(this.app, 'v2');
|
|
1768
|
-
}
|
|
1727
|
+
}
|
|
1769
1728
|
/**
|
|
1770
1729
|
* Looks up a tenant by tenant ID.
|
|
1771
1730
|
*
|
|
1772
1731
|
* @param tenantId - The tenant identifier of the tenant to lookup.
|
|
1773
1732
|
* @returns A promise that resolves with the tenant information.
|
|
1774
1733
|
*/
|
|
1775
|
-
|
|
1734
|
+
getTenant(tenantId) {
|
|
1776
1735
|
if (!validator.isNonEmptyString(tenantId)) {
|
|
1777
1736
|
return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_TENANT_ID));
|
|
1778
1737
|
}
|
|
1779
|
-
return this.invokeRequestHandler(this.tenantMgmtResourceBuilder, GET_TENANT, {}, { tenantId
|
|
1780
|
-
.then(
|
|
1738
|
+
return this.invokeRequestHandler(this.tenantMgmtResourceBuilder, GET_TENANT, {}, { tenantId })
|
|
1739
|
+
.then((response) => {
|
|
1781
1740
|
return response;
|
|
1782
1741
|
});
|
|
1783
|
-
}
|
|
1742
|
+
}
|
|
1784
1743
|
/**
|
|
1785
1744
|
* Exports the tenants (single batch only) with a size of maxResults and starting from
|
|
1786
1745
|
* the offset as specified by pageToken.
|
|
@@ -1794,59 +1753,58 @@ var AuthRequestHandler = /** @class */ (function (_super) {
|
|
|
1794
1753
|
* tenants and the next page token if available. For the last page, an empty list of tenants
|
|
1795
1754
|
* and no page token are returned.
|
|
1796
1755
|
*/
|
|
1797
|
-
|
|
1798
|
-
|
|
1799
|
-
var request = {
|
|
1756
|
+
listTenants(maxResults = MAX_LIST_TENANT_PAGE_SIZE, pageToken) {
|
|
1757
|
+
const request = {
|
|
1800
1758
|
pageSize: maxResults,
|
|
1801
|
-
pageToken
|
|
1759
|
+
pageToken,
|
|
1802
1760
|
};
|
|
1803
1761
|
// Remove next page token if not provided.
|
|
1804
1762
|
if (typeof request.pageToken === 'undefined') {
|
|
1805
1763
|
delete request.pageToken;
|
|
1806
1764
|
}
|
|
1807
1765
|
return this.invokeRequestHandler(this.tenantMgmtResourceBuilder, LIST_TENANTS, request)
|
|
1808
|
-
.then(
|
|
1766
|
+
.then((response) => {
|
|
1809
1767
|
if (!response.tenants) {
|
|
1810
1768
|
response.tenants = [];
|
|
1811
1769
|
delete response.nextPageToken;
|
|
1812
1770
|
}
|
|
1813
1771
|
return response;
|
|
1814
1772
|
});
|
|
1815
|
-
}
|
|
1773
|
+
}
|
|
1816
1774
|
/**
|
|
1817
1775
|
* Deletes a tenant identified by a tenantId.
|
|
1818
1776
|
*
|
|
1819
1777
|
* @param tenantId - The identifier of the tenant to delete.
|
|
1820
1778
|
* @returns A promise that resolves when the tenant is deleted.
|
|
1821
1779
|
*/
|
|
1822
|
-
|
|
1780
|
+
deleteTenant(tenantId) {
|
|
1823
1781
|
if (!validator.isNonEmptyString(tenantId)) {
|
|
1824
1782
|
return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_TENANT_ID));
|
|
1825
1783
|
}
|
|
1826
|
-
return this.invokeRequestHandler(this.tenantMgmtResourceBuilder, DELETE_TENANT, undefined, { tenantId
|
|
1827
|
-
.then(
|
|
1784
|
+
return this.invokeRequestHandler(this.tenantMgmtResourceBuilder, DELETE_TENANT, undefined, { tenantId })
|
|
1785
|
+
.then(() => {
|
|
1828
1786
|
// Return nothing.
|
|
1829
1787
|
});
|
|
1830
|
-
}
|
|
1788
|
+
}
|
|
1831
1789
|
/**
|
|
1832
1790
|
* Creates a new tenant with the properties provided.
|
|
1833
1791
|
*
|
|
1834
1792
|
* @param tenantOptions - The properties to set on the new tenant to be created.
|
|
1835
1793
|
* @returns A promise that resolves with the newly created tenant object.
|
|
1836
1794
|
*/
|
|
1837
|
-
|
|
1795
|
+
createTenant(tenantOptions) {
|
|
1838
1796
|
try {
|
|
1839
1797
|
// Construct backend request.
|
|
1840
|
-
|
|
1798
|
+
const request = tenant_1.Tenant.buildServerRequest(tenantOptions, true);
|
|
1841
1799
|
return this.invokeRequestHandler(this.tenantMgmtResourceBuilder, CREATE_TENANT, request)
|
|
1842
|
-
.then(
|
|
1800
|
+
.then((response) => {
|
|
1843
1801
|
return response;
|
|
1844
1802
|
});
|
|
1845
1803
|
}
|
|
1846
1804
|
catch (e) {
|
|
1847
1805
|
return Promise.reject(e);
|
|
1848
1806
|
}
|
|
1849
|
-
}
|
|
1807
|
+
}
|
|
1850
1808
|
/**
|
|
1851
1809
|
* Updates an existing tenant with the properties provided.
|
|
1852
1810
|
*
|
|
@@ -1854,35 +1812,33 @@ var AuthRequestHandler = /** @class */ (function (_super) {
|
|
|
1854
1812
|
* @param tenantOptions - The properties to update on the existing tenant.
|
|
1855
1813
|
* @returns A promise that resolves with the modified tenant object.
|
|
1856
1814
|
*/
|
|
1857
|
-
|
|
1815
|
+
updateTenant(tenantId, tenantOptions) {
|
|
1858
1816
|
if (!validator.isNonEmptyString(tenantId)) {
|
|
1859
1817
|
return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_TENANT_ID));
|
|
1860
1818
|
}
|
|
1861
1819
|
try {
|
|
1862
1820
|
// Construct backend request.
|
|
1863
|
-
|
|
1821
|
+
const request = tenant_1.Tenant.buildServerRequest(tenantOptions, false);
|
|
1864
1822
|
// Do not traverse deep into testPhoneNumbers. The entire content should be replaced
|
|
1865
1823
|
// and not just specific phone numbers.
|
|
1866
|
-
|
|
1867
|
-
return this.invokeRequestHandler(this.tenantMgmtResourceBuilder, UPDATE_TENANT, request, { tenantId
|
|
1868
|
-
.then(
|
|
1824
|
+
const updateMask = utils.generateUpdateMask(request, ['testPhoneNumbers']);
|
|
1825
|
+
return this.invokeRequestHandler(this.tenantMgmtResourceBuilder, UPDATE_TENANT, request, { tenantId, updateMask: updateMask.join(',') })
|
|
1826
|
+
.then((response) => {
|
|
1869
1827
|
return response;
|
|
1870
1828
|
});
|
|
1871
1829
|
}
|
|
1872
1830
|
catch (e) {
|
|
1873
1831
|
return Promise.reject(e);
|
|
1874
1832
|
}
|
|
1875
|
-
}
|
|
1876
|
-
|
|
1877
|
-
}(AbstractAuthRequestHandler));
|
|
1833
|
+
}
|
|
1834
|
+
}
|
|
1878
1835
|
exports.AuthRequestHandler = AuthRequestHandler;
|
|
1879
1836
|
/**
|
|
1880
1837
|
* Utility for sending requests to Auth server that are tenant Auth instance related. This includes user
|
|
1881
1838
|
* management related APIs for specified tenants.
|
|
1882
1839
|
* This extends the BaseFirebaseAuthRequestHandler class.
|
|
1883
1840
|
*/
|
|
1884
|
-
|
|
1885
|
-
__extends(TenantAwareAuthRequestHandler, _super);
|
|
1841
|
+
class TenantAwareAuthRequestHandler extends AbstractAuthRequestHandler {
|
|
1886
1842
|
/**
|
|
1887
1843
|
* The FirebaseTenantRequestHandler constructor used to initialize an instance using a
|
|
1888
1844
|
* FirebaseApp and a tenant ID.
|
|
@@ -1891,23 +1847,22 @@ var TenantAwareAuthRequestHandler = /** @class */ (function (_super) {
|
|
|
1891
1847
|
* @param tenantId - The request handler's tenant ID.
|
|
1892
1848
|
* @constructor
|
|
1893
1849
|
*/
|
|
1894
|
-
|
|
1895
|
-
|
|
1896
|
-
|
|
1897
|
-
return _this;
|
|
1850
|
+
constructor(app, tenantId) {
|
|
1851
|
+
super(app);
|
|
1852
|
+
this.tenantId = tenantId;
|
|
1898
1853
|
}
|
|
1899
1854
|
/**
|
|
1900
1855
|
* @returns A new Auth user management resource URL builder instance.
|
|
1901
1856
|
*/
|
|
1902
|
-
|
|
1857
|
+
newAuthUrlBuilder() {
|
|
1903
1858
|
return new TenantAwareAuthResourceUrlBuilder(this.app, 'v1', this.tenantId);
|
|
1904
|
-
}
|
|
1859
|
+
}
|
|
1905
1860
|
/**
|
|
1906
1861
|
* @returns A new project config resource URL builder instance.
|
|
1907
1862
|
*/
|
|
1908
|
-
|
|
1863
|
+
newProjectConfigUrlBuilder() {
|
|
1909
1864
|
return new TenantAwareAuthResourceUrlBuilder(this.app, 'v2', this.tenantId);
|
|
1910
|
-
}
|
|
1865
|
+
}
|
|
1911
1866
|
/**
|
|
1912
1867
|
* Imports the list of users provided to Firebase Auth. This is useful when
|
|
1913
1868
|
* migrating from an external authentication system without having to use the Firebase CLI SDK.
|
|
@@ -1924,19 +1879,17 @@ var TenantAwareAuthRequestHandler = /** @class */ (function (_super) {
|
|
|
1924
1879
|
* with the result of the import. This includes the number of successful imports, the number
|
|
1925
1880
|
* of failed uploads and their corresponding errors.
|
|
1926
1881
|
*/
|
|
1927
|
-
|
|
1928
|
-
var _this = this;
|
|
1882
|
+
uploadAccount(users, options) {
|
|
1929
1883
|
// Add additional check to match tenant ID of imported user records.
|
|
1930
|
-
users.forEach(
|
|
1884
|
+
users.forEach((user, index) => {
|
|
1931
1885
|
if (validator.isNonEmptyString(user.tenantId) &&
|
|
1932
|
-
user.tenantId !==
|
|
1933
|
-
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.MISMATCHING_TENANT_ID,
|
|
1886
|
+
user.tenantId !== this.tenantId) {
|
|
1887
|
+
throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.MISMATCHING_TENANT_ID, `UserRecord of index "${index}" has mismatching tenant ID "${user.tenantId}"`);
|
|
1934
1888
|
}
|
|
1935
1889
|
});
|
|
1936
|
-
return
|
|
1937
|
-
}
|
|
1938
|
-
|
|
1939
|
-
}(AbstractAuthRequestHandler));
|
|
1890
|
+
return super.uploadAccount(users, options);
|
|
1891
|
+
}
|
|
1892
|
+
}
|
|
1940
1893
|
exports.TenantAwareAuthRequestHandler = TenantAwareAuthRequestHandler;
|
|
1941
1894
|
function emulatorHost() {
|
|
1942
1895
|
return process.env.FIREBASE_AUTH_EMULATOR_HOST;
|