firebase-admin 10.3.0 → 11.0.0

package/lib/auth/base-auth.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v10.3.0 */
+/*! firebase-admin v11.0.0 */
 "use strict";
 /*!
  * Copyright 2021 Google Inc.
@@ -17,33 +17,33 @@
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.BaseAuth = exports.createFirebaseTokenGenerator = void 0;
-var error_1 = require("../utils/error");
-var deep_copy_1 = require("../utils/deep-copy");
-var validator = require("../utils/validator");
-var auth_api_request_1 = require("./auth-api-request");
-var token_generator_1 = require("./token-generator");
-var token_verifier_1 = require("./token-verifier");
-var auth_config_1 = require("./auth-config");
-var user_record_1 = require("./user-record");
-var identifier_1 = require("./identifier");
-var crypto_signer_1 = require("../utils/crypto-signer");
+const error_1 = require("../utils/error");
+const deep_copy_1 = require("../utils/deep-copy");
+const validator = require("../utils/validator");
+const auth_api_request_1 = require("./auth-api-request");
+const token_generator_1 = require("./token-generator");
+const token_verifier_1 = require("./token-verifier");
+const auth_config_1 = require("./auth-config");
+const user_record_1 = require("./user-record");
+const identifier_1 = require("./identifier");
+const crypto_signer_1 = require("../utils/crypto-signer");
 /**
  * @internal
  */
 function createFirebaseTokenGenerator(app, tenantId) {
     try {
-        var signer = auth_api_request_1.useEmulator() ? new token_generator_1.EmulatedSigner() : crypto_signer_1.cryptoSignerFromApp(app);
+        const signer = (0, auth_api_request_1.useEmulator)() ? new token_generator_1.EmulatedSigner() : (0, crypto_signer_1.cryptoSignerFromApp)(app);
         return new token_generator_1.FirebaseTokenGenerator(signer, tenantId);
     }
     catch (err) {
-        throw token_generator_1.handleCryptoSignerError(err);
+        throw (0, token_generator_1.handleCryptoSignerError)(err);
     }
 }
 exports.createFirebaseTokenGenerator = createFirebaseTokenGenerator;
 /**
  * Common parent interface for both `Auth` and `TenantAwareAuth` APIs.
  */
-var BaseAuth = /** @class */ (function () {
+class BaseAuth {
     /**
      * The BaseAuth class constructor.
      *
@@ -55,7 +55,7 @@ var BaseAuth = /** @class */ (function () {
      * @constructor
      * @internal
      */
-    function BaseAuth(app, 
+    constructor(app, 
     /** @internal */ authRequestHandler, tokenGenerator) {
         this.authRequestHandler = authRequestHandler;
         if (tokenGenerator) {
@@ -64,9 +64,9 @@ var BaseAuth = /** @class */ (function () {
         else {
             this.tokenGenerator = createFirebaseTokenGenerator(app);
         }
-        this.sessionCookieVerifier = token_verifier_1.createSessionCookieVerifier(app);
-        this.idTokenVerifier = token_verifier_1.createIdTokenVerifier(app);
-        this.authBlockingTokenVerifier = token_verifier_1.createAuthBlockingTokenVerifier(app);
+        this.sessionCookieVerifier = (0, token_verifier_1.createSessionCookieVerifier)(app);
+        this.idTokenVerifier = (0, token_verifier_1.createIdTokenVerifier)(app);
+        this.authBlockingTokenVerifier = (0, token_verifier_1.createAuthBlockingTokenVerifier)(app);
     }
     /**
      * Creates a new Firebase custom token (JWT) that can be sent back to a client
@@ -84,9 +84,9 @@ var BaseAuth = /** @class */ (function () {
      * @returns A promise fulfilled with a custom token for the
      *   provided `uid` and payload.
      */
-    BaseAuth.prototype.createCustomToken = function (uid, developerClaims) {
+    createCustomToken(uid, developerClaims) {
         return this.tokenGenerator.createCustomToken(uid, developerClaims);
-    };
+    }
     /**
      * Verifies a Firebase ID token (JWT). If the token is valid, the promise is
      * fulfilled with the token's decoded claims; otherwise, the promise is
@@ -111,19 +111,17 @@ var BaseAuth = /** @class */ (function () {
      *   token's decoded claims if the ID token is valid; otherwise, a rejected
      *   promise.
      */
-    BaseAuth.prototype.verifyIdToken = function (idToken, checkRevoked) {
-        var _this = this;
-        if (checkRevoked === void 0) { checkRevoked = false; }
-        var isEmulator = auth_api_request_1.useEmulator();
+    verifyIdToken(idToken, checkRevoked = false) {
+        const isEmulator = (0, auth_api_request_1.useEmulator)();
         return this.idTokenVerifier.verifyJWT(idToken, isEmulator)
-            .then(function (decodedIdToken) {
+            .then((decodedIdToken) => {
             // Whether to check if the token was revoked.
             if (checkRevoked || isEmulator) {
-                return _this.verifyDecodedJWTNotRevokedOrDisabled(decodedIdToken, error_1.AuthClientErrorCode.ID_TOKEN_REVOKED);
+                return this.verifyDecodedJWTNotRevokedOrDisabled(decodedIdToken, error_1.AuthClientErrorCode.ID_TOKEN_REVOKED);
             }
             return decodedIdToken;
         });
-    };
+    }
     /**
      * Gets the user data for the user corresponding to a given `uid`.
      *
@@ -135,13 +133,13 @@ var BaseAuth = /** @class */ (function () {
      * @returns A promise fulfilled with the user
      *   data corresponding to the provided `uid`.
      */
-    BaseAuth.prototype.getUser = function (uid) {
+    getUser(uid) {
         return this.authRequestHandler.getAccountInfoByUid(uid)
-            .then(function (response) {
+            .then((response) => {
             // Returns the user record populated with server response.
             return new user_record_1.UserRecord(response.users[0]);
         });
-    };
+    }
     /**
      * Gets the user data for the user corresponding to a given email.
      *
@@ -154,13 +152,13 @@ var BaseAuth = /** @class */ (function () {
      * @returns A promise fulfilled with the user
      *   data corresponding to the provided email.
      */
-    BaseAuth.prototype.getUserByEmail = function (email) {
+    getUserByEmail(email) {
         return this.authRequestHandler.getAccountInfoByEmail(email)
-            .then(function (response) {
+            .then((response) => {
             // Returns the user record populated with server response.
             return new user_record_1.UserRecord(response.users[0]);
         });
-    };
+    }
     /**
      * Gets the user data for the user corresponding to a given phone number. The
      * phone number has to conform to the E.164 specification.
@@ -174,13 +172,13 @@ var BaseAuth = /** @class */ (function () {
      * @returns A promise fulfilled with the user
      *   data corresponding to the provided phone number.
      */
-    BaseAuth.prototype.getUserByPhoneNumber = function (phoneNumber) {
+    getUserByPhoneNumber(phoneNumber) {
         return this.authRequestHandler.getAccountInfoByPhoneNumber(phoneNumber)
-            .then(function (response) {
+            .then((response) => {
             // Returns the user record populated with server response.
             return new user_record_1.UserRecord(response.users[0]);
         });
-    };
+    }
     /**
      * Gets the user data for the user corresponding to a given provider id.
      *
@@ -194,7 +192,7 @@ var BaseAuth = /** @class */ (function () {
      * @returns A promise fulfilled with the user data corresponding to the
      *   given provider id.
      */
-    BaseAuth.prototype.getUserByProviderUid = function (providerId, uid) {
+    getUserByProviderUid(providerId, uid) {
         // Although we don't really advertise it, we want to also handle
         // non-federated idps with this call. So if we detect one of them, we'll
         // reroute this request appropriately.
@@ -205,11 +203,11 @@ var BaseAuth = /** @class */ (function () {
             return this.getUserByEmail(uid);
         }
         return this.authRequestHandler.getAccountInfoByFederatedUid(providerId, uid)
-            .then(function (response) {
+            .then((response) => {
             // Returns the user record populated with server response.
             return new user_record_1.UserRecord(response.users[0]);
         });
-    };
+    }
     /**
      * Gets the user data corresponding to the specified identifiers.
      *
@@ -225,30 +223,30 @@ var BaseAuth = /** @class */ (function () {
      * @throws FirebaseAuthError If any of the identifiers are invalid or if more than 100
      *     identifiers are specified.
      */
-    BaseAuth.prototype.getUsers = function (identifiers) {
+    getUsers(identifiers) {
         if (!validator.isArray(identifiers)) {
             throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '`identifiers` parameter must be an array');
         }
         return this.authRequestHandler
             .getAccountInfoByIdentifiers(identifiers)
-            .then(function (response) {
+            .then((response) => {
             /**
              * Checks if the specified identifier is within the list of
              * UserRecords.
              */
-            var isUserFound = (function (id, userRecords) {
-                return !!userRecords.find(function (userRecord) {
-                    if (identifier_1.isUidIdentifier(id)) {
+            const isUserFound = ((id, userRecords) => {
+                return !!userRecords.find((userRecord) => {
+                    if ((0, identifier_1.isUidIdentifier)(id)) {
                         return id.uid === userRecord.uid;
                     }
-                    else if (identifier_1.isEmailIdentifier(id)) {
+                    else if ((0, identifier_1.isEmailIdentifier)(id)) {
                         return id.email === userRecord.email;
                     }
-                    else if (identifier_1.isPhoneIdentifier(id)) {
+                    else if ((0, identifier_1.isPhoneIdentifier)(id)) {
                         return id.phoneNumber === userRecord.phoneNumber;
                     }
-                    else if (identifier_1.isProviderIdentifier(id)) {
-                        var matchingUserInfo = userRecord.providerData.find(function (userInfo) {
+                    else if ((0, identifier_1.isProviderIdentifier)(id)) {
+                        const matchingUserInfo = userRecord.providerData.find((userInfo) => {
                             return id.providerId === userInfo.providerId;
                         });
                         return !!matchingUserInfo && id.providerUid === matchingUserInfo.uid;
@@ -258,11 +256,11 @@ var BaseAuth = /** @class */ (function () {
                     }
                 });
             });
-            var users = response.users ? response.users.map(function (user) { return new user_record_1.UserRecord(user); }) : [];
-            var notFound = identifiers.filter(function (id) { return !isUserFound(id, users); });
-            return { users: users, notFound: notFound };
+            const users = response.users ? response.users.map((user) => new user_record_1.UserRecord(user)) : [];
+            const notFound = identifiers.filter((id) => !isUserFound(id, users));
+            return { users, notFound };
         });
-    };
+    }
     /**
      * Retrieves a list of users (single batch only) with a size of `maxResults`
      * starting from the offset as specified by `pageToken`. This is used to
@@ -278,18 +276,18 @@ var BaseAuth = /** @class */ (function () {
      * @returns A promise that resolves with
      *   the current batch of downloaded users and the next page token.
      */
-    BaseAuth.prototype.listUsers = function (maxResults, pageToken) {
+    listUsers(maxResults, pageToken) {
         return this.authRequestHandler.downloadAccount(maxResults, pageToken)
-            .then(function (response) {
+            .then((response) => {
             // List of users to return.
-            var users = [];
+            const users = [];
             // Convert each user response to a UserRecord.
-            response.users.forEach(function (userResponse) {
+            response.users.forEach((userResponse) => {
                 users.push(new user_record_1.UserRecord(userResponse));
             });
             // Return list of user records and the next page token if available.
-            var result = {
-                users: users,
+            const result = {
+                users,
                 pageToken: response.nextPageToken,
             };
             // Delete result.pageToken if undefined.
@@ -298,7 +296,7 @@ var BaseAuth = /** @class */ (function () {
             }
             return result;
         });
-    };
+    }
     /**
      * Creates a new user.
      *
@@ -311,21 +309,20 @@ var BaseAuth = /** @class */ (function () {
      * @returns A promise fulfilled with the user
      *   data corresponding to the newly created user.
      */
-    BaseAuth.prototype.createUser = function (properties) {
-        var _this = this;
+    createUser(properties) {
         return this.authRequestHandler.createNewAccount(properties)
-            .then(function (uid) {
+            .then((uid) => {
             // Return the corresponding user record.
-            return _this.getUser(uid);
+            return this.getUser(uid);
         })
-            .catch(function (error) {
+            .catch((error) => {
             if (error.code === 'auth/user-not-found') {
                 // Something must have happened after creating the user and then retrieving it.
                 throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'Unable to create the user record provided.');
             }
             throw error;
         });
-    };
+    }
     /**
      * Deletes an existing user.
      *
@@ -337,12 +334,12 @@ var BaseAuth = /** @class */ (function () {
      * @returns An empty promise fulfilled once the user has been
      *   deleted.
      */
-    BaseAuth.prototype.deleteUser = function (uid) {
+    deleteUser(uid) {
         return this.authRequestHandler.deleteAccount(uid)
-            .then(function () {
+            .then(() => {
             // Return nothing on success.
         });
-    };
+    }
     /**
      * Deletes the users specified by the given uids.
      *
@@ -365,13 +362,13 @@ var BaseAuth = /** @class */ (function () {
      *     deletions, as well as the array of errors that corresponds to the
      *     failed deletions.
      */
-    BaseAuth.prototype.deleteUsers = function (uids) {
+    deleteUsers(uids) {
         if (!validator.isArray(uids)) {
             throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '`uids` parameter must be an array');
         }
         return this.authRequestHandler.deleteAccounts(uids, /*force=*/ true)
-            .then(function (batchDeleteAccountsResponse) {
-            var result = {
+            .then((batchDeleteAccountsResponse) => {
+            const result = {
                 failureCount: 0,
                 successCount: uids.length,
                 errors: [],
@@ -381,14 +378,14 @@ var BaseAuth = /** @class */ (function () {
             }
             result.failureCount = batchDeleteAccountsResponse.errors.length;
             result.successCount = uids.length - batchDeleteAccountsResponse.errors.length;
-            result.errors = batchDeleteAccountsResponse.errors.map(function (batchDeleteErrorInfo) {
+            result.errors = batchDeleteAccountsResponse.errors.map((batchDeleteErrorInfo) => {
                 if (batchDeleteErrorInfo.index === undefined) {
                     throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'Corrupt BatchDeleteAccountsResponse detected');
                 }
-                var errMsgToError = function (msg) {
+                const errMsgToError = (msg) => {
                     // We unconditionally set force=true, so the 'NOT_DISABLED' error
                     // should not be possible.
-                    var code = msg && msg.startsWith('NOT_DISABLED') ?
+                    const code = msg && msg.startsWith('NOT_DISABLED') ?
                         error_1.AuthClientErrorCode.USER_NOT_DISABLED : error_1.AuthClientErrorCode.INTERNAL_ERROR;
                     return new error_1.FirebaseAuthError(code, batchDeleteErrorInfo.message);
                 };
@@ -399,7 +396,7 @@ var BaseAuth = /** @class */ (function () {
             });
             return result;
         });
-    };
+    }
     /**
      * Updates an existing user.
      *
@@ -413,16 +410,15 @@ var BaseAuth = /** @class */ (function () {
      * @returns A promise fulfilled with the
      *   updated user data.
      */
-    BaseAuth.prototype.updateUser = function (uid, properties) {
-        var _this = this;
+    updateUser(uid, properties) {
         // Although we don't really advertise it, we want to also handle linking of
         // non-federated idps with this call. So if we detect one of them, we'll
         // adjust the properties parameter appropriately. This *does* imply that a
         // conflict could arise, e.g. if the user provides a phoneNumber property,
         // but also provides a providerToLink with a 'phone' provider id. In that
         // case, we'll throw an error.
-        properties = deep_copy_1.deepCopy(properties);
-        if (properties === null || properties === void 0 ? void 0 : properties.providerToLink) {
+        properties = (0, deep_copy_1.deepCopy)(properties);
+        if (properties?.providerToLink) {
             if (properties.providerToLink.providerId === 'email') {
                 if (typeof properties.email !== 'undefined') {
                     throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, "Both UpdateRequest.email and UpdateRequest.providerToLink.providerId='email' were set. To "
@@ -440,7 +436,7 @@ var BaseAuth = /** @class */ (function () {
                 delete properties.providerToLink;
             }
         }
-        if (properties === null || properties === void 0 ? void 0 : properties.providersToUnlink) {
+        if (properties?.providersToUnlink) {
             if (properties.providersToUnlink.indexOf('phone') !== -1) {
                 // If we've been told to unlink the phone provider both via setting
                 // phoneNumber to null *and* by setting providersToUnlink to include
@@ -453,11 +449,11 @@ var BaseAuth = /** @class */ (function () {
             }
         }
         return this.authRequestHandler.updateExistingAccount(uid, properties)
-            .then(function (existingUid) {
+            .then((existingUid) => {
             // Return the corresponding user record.
-            return _this.getUser(existingUid);
+            return this.getUser(existingUid);
         });
-    };
+    }
     /**
      * Sets additional developer claims on an existing user identified by the
      * provided `uid`, typically used to define user roles and levels of
@@ -481,12 +477,12 @@ var BaseAuth = /** @class */ (function () {
      * @returns A promise that resolves when the operation completes
      *   successfully.
      */
-    BaseAuth.prototype.setCustomUserClaims = function (uid, customUserClaims) {
+    setCustomUserClaims(uid, customUserClaims) {
         return this.authRequestHandler.setCustomUserClaims(uid, customUserClaims)
-            .then(function () {
+            .then(() => {
             // Return nothing on success.
         });
-    };
+    }
     /**
      * Revokes all refresh tokens for an existing user.
      *
@@ -506,12 +502,12 @@ var BaseAuth = /** @class */ (function () {
      * @returns An empty promise fulfilled once the user's refresh
      *   tokens have been revoked.
      */
-    BaseAuth.prototype.revokeRefreshTokens = function (uid) {
+    revokeRefreshTokens(uid) {
         return this.authRequestHandler.revokeRefreshTokens(uid)
-            .then(function () {
+            .then(() => {
             // Return nothing on success.
         });
-    };
+    }
     /**
      * Imports the provided list of users into Firebase Auth.
      * A maximum of 1000 users are allowed to be imported one at a time.
@@ -529,9 +525,9 @@ var BaseAuth = /** @class */ (function () {
      *   number of successful imports, the number of failed imports and their
      *   corresponding errors.
     */
-    BaseAuth.prototype.importUsers = function (users, options) {
+    importUsers(users, options) {
         return this.authRequestHandler.uploadAccount(users, options);
-    };
+    }
     /**
      * Creates a new Firebase session cookie with the specified options. The created
      * JWT string can be set as a server-side session cookie with a custom cookie
@@ -549,14 +545,14 @@ var BaseAuth = /** @class */ (function () {
      * @returns A promise that resolves on success with the
      *   created session cookie.
      */
-    BaseAuth.prototype.createSessionCookie = function (idToken, sessionCookieOptions) {
+    createSessionCookie(idToken, sessionCookieOptions) {
         // Return rejected promise if expiresIn is not available.
         if (!validator.isNonNullObject(sessionCookieOptions) ||
             !validator.isNumber(sessionCookieOptions.expiresIn)) {
             return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_SESSION_COOKIE_DURATION));
         }
         return this.authRequestHandler.createSessionCookie(idToken, sessionCookieOptions.expiresIn);
-    };
+    }
     /**
      * Verifies a Firebase session cookie. Returns a Promise with the cookie claims.
      * Rejects the promise if the cookie could not be verified.
@@ -582,19 +578,17 @@ var BaseAuth = /** @class */ (function () {
      *   session cookie's decoded claims if the session cookie is valid; otherwise,
      *   a rejected promise.
      */
-    BaseAuth.prototype.verifySessionCookie = function (sessionCookie, checkRevoked) {
-        var _this = this;
-        if (checkRevoked === void 0) { checkRevoked = false; }
-        var isEmulator = auth_api_request_1.useEmulator();
+    verifySessionCookie(sessionCookie, checkRevoked = false) {
+        const isEmulator = (0, auth_api_request_1.useEmulator)();
         return this.sessionCookieVerifier.verifyJWT(sessionCookie, isEmulator)
-            .then(function (decodedIdToken) {
+            .then((decodedIdToken) => {
             // Whether to check if the token was revoked.
             if (checkRevoked || isEmulator) {
-                return _this.verifyDecodedJWTNotRevokedOrDisabled(decodedIdToken, error_1.AuthClientErrorCode.SESSION_COOKIE_REVOKED);
+                return this.verifyDecodedJWTNotRevokedOrDisabled(decodedIdToken, error_1.AuthClientErrorCode.SESSION_COOKIE_REVOKED);
             }
             return decodedIdToken;
         });
-    };
+    }
     /**
      * Generates the out of band email action link to reset a user's password.
      * The link is generated for the user with the specified email address. The
@@ -644,9 +638,9 @@ var BaseAuth = /** @class */ (function () {
      *     are configured in the same Firebase Auth project.
      * @returns A promise that resolves with the generated link.
      */
-    BaseAuth.prototype.generatePasswordResetLink = function (email, actionCodeSettings) {
+    generatePasswordResetLink(email, actionCodeSettings) {
         return this.authRequestHandler.getEmailActionLink('PASSWORD_RESET', email, actionCodeSettings);
-    };
+    }
     /**
      * Generates the out of band email action link to verify the user's ownership
      * of the specified email. The {@link ActionCodeSettings} object provided
@@ -695,9 +689,9 @@ var BaseAuth = /** @class */ (function () {
      *     are configured in the same Firebase Auth project.
      * @returns A promise that resolves with the generated link.
      */
-    BaseAuth.prototype.generateEmailVerificationLink = function (email, actionCodeSettings) {
+    generateEmailVerificationLink(email, actionCodeSettings) {
         return this.authRequestHandler.getEmailActionLink('VERIFY_EMAIL', email, actionCodeSettings);
-    };
+    }
     /**
      * Generates an out-of-band email action link to verify the user's ownership
      * of the specified email. The {@link ActionCodeSettings} object provided
@@ -722,9 +716,9 @@ var BaseAuth = /** @class */ (function () {
      *     are configured in the same Firebase Auth project.
      * @returns A promise that resolves with the generated link.
      */
-    BaseAuth.prototype.generateVerifyAndChangeEmailLink = function (email, newEmail, actionCodeSettings) {
+    generateVerifyAndChangeEmailLink(email, newEmail, actionCodeSettings) {
         return this.authRequestHandler.getEmailActionLink('VERIFY_AND_CHANGE_EMAIL', email, actionCodeSettings, newEmail);
-    };
+    }
     /**
      * Generates the out of band email action link to verify the user's ownership
      * of the specified email. The {@link ActionCodeSettings} object provided
@@ -773,9 +767,9 @@ var BaseAuth = /** @class */ (function () {
      *     are configured in the same Firebase Auth project.
      * @returns A promise that resolves with the generated link.
      */
-    BaseAuth.prototype.generateSignInWithEmailLink = function (email, actionCodeSettings) {
+    generateSignInWithEmailLink(email, actionCodeSettings) {
         return this.authRequestHandler.getEmailActionLink('EMAIL_SIGNIN', email, actionCodeSettings);
-    };
+    }
     /**
      * Returns the list of existing provider configurations matching the filter
      * provided. At most, 100 provider configs can be listed at a time.
@@ -788,11 +782,11 @@ var BaseAuth = /** @class */ (function () {
      * @returns A promise that resolves with the list of provider configs meeting the
      *   filter requirements.
      */
-    BaseAuth.prototype.listProviderConfigs = function (options) {
-        var processResponse = function (response, providerConfigs) {
+    listProviderConfigs(options) {
+        const processResponse = (response, providerConfigs) => {
             // Return list of provider configuration and the next page token if available.
-            var result = {
-                providerConfigs: providerConfigs,
+            const result = {
+                providerConfigs,
             };
             // Delete result.pageToken if undefined.
             if (Object.prototype.hasOwnProperty.call(response, 'nextPageToken')) {
@@ -802,11 +796,11 @@ var BaseAuth = /** @class */ (function () {
         };
         if (options && options.type === 'oidc') {
             return this.authRequestHandler.listOAuthIdpConfigs(options.maxResults, options.pageToken)
-                .then(function (response) {
+                .then((response) => {
                 // List of provider configurations to return.
-                var providerConfigs = [];
+                const providerConfigs = [];
                 // Convert each provider config response to a OIDCConfig.
-                response.oauthIdpConfigs.forEach(function (configResponse) {
+                response.oauthIdpConfigs.forEach((configResponse) => {
                     providerConfigs.push(new auth_config_1.OIDCConfig(configResponse));
                 });
                 // Return list of provider configuration and the next page token if available.
@@ -815,11 +809,11 @@ var BaseAuth = /** @class */ (function () {
         }
         else if (options && options.type === 'saml') {
             return this.authRequestHandler.listInboundSamlConfigs(options.maxResults, options.pageToken)
-                .then(function (response) {
+                .then((response) => {
                 // List of provider configurations to return.
-                var providerConfigs = [];
+                const providerConfigs = [];
                 // Convert each provider config response to a SAMLConfig.
-                response.inboundSamlConfigs.forEach(function (configResponse) {
+                response.inboundSamlConfigs.forEach((configResponse) => {
                     providerConfigs.push(new auth_config_1.SAMLConfig(configResponse));
                 });
                 // Return list of provider configuration and the next page token if available.
@@ -827,7 +821,7 @@ var BaseAuth = /** @class */ (function () {
             });
         }
         return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"AuthProviderConfigFilter.type" must be either "saml" or "oidc"'));
-    };
+    }
     /**
      * Looks up an Auth provider configuration by the provided ID.
      * Returns a promise that resolves with the provider configuration
@@ -843,21 +837,21 @@ var BaseAuth = /** @class */ (function () {
      * @returns A promise that resolves
      *     with the configuration corresponding to the provided ID.
      */
-    BaseAuth.prototype.getProviderConfig = function (providerId) {
+    getProviderConfig(providerId) {
         if (auth_config_1.OIDCConfig.isProviderId(providerId)) {
             return this.authRequestHandler.getOAuthIdpConfig(providerId)
-                .then(function (response) {
+                .then((response) => {
                 return new auth_config_1.OIDCConfig(response);
             });
         }
         else if (auth_config_1.SAMLConfig.isProviderId(providerId)) {
             return this.authRequestHandler.getInboundSamlConfig(providerId)
-                .then(function (response) {
+                .then((response) => {
                 return new auth_config_1.SAMLConfig(response);
             });
         }
         return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID));
-    };
+    }
     /**
      * Deletes the provider configuration corresponding to the provider ID passed.
      * If the specified ID does not exist, an `auth/configuration-not-found` error
@@ -871,7 +865,7 @@ var BaseAuth = /** @class */ (function () {
      *     config to delete.
      * @returns A promise that resolves on completion.
      */
-    BaseAuth.prototype.deleteProviderConfig = function (providerId) {
+    deleteProviderConfig(providerId) {
         if (auth_config_1.OIDCConfig.isProviderId(providerId)) {
             return this.authRequestHandler.deleteOAuthIdpConfig(providerId);
         }
@@ -879,7 +873,7 @@ var BaseAuth = /** @class */ (function () {
             return this.authRequestHandler.deleteInboundSamlConfig(providerId);
         }
         return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID));
-    };
+    }
     /**
      * Returns a promise that resolves with the updated `AuthProviderConfig`
      * corresponding to the provider ID specified.
@@ -895,24 +889,24 @@ var BaseAuth = /** @class */ (function () {
      * @param updatedConfig - The updated configuration.
      * @returns A promise that resolves with the updated provider configuration.
      */
-    BaseAuth.prototype.updateProviderConfig = function (providerId, updatedConfig) {
+    updateProviderConfig(providerId, updatedConfig) {
         if (!validator.isNonNullObject(updatedConfig)) {
             return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CONFIG, 'Request is missing "UpdateAuthProviderRequest" configuration.'));
         }
         if (auth_config_1.OIDCConfig.isProviderId(providerId)) {
             return this.authRequestHandler.updateOAuthIdpConfig(providerId, updatedConfig)
-                .then(function (response) {
+                .then((response) => {
                 return new auth_config_1.OIDCConfig(response);
             });
         }
         else if (auth_config_1.SAMLConfig.isProviderId(providerId)) {
             return this.authRequestHandler.updateInboundSamlConfig(providerId, updatedConfig)
-                .then(function (response) {
+                .then((response) => {
                 return new auth_config_1.SAMLConfig(response);
             });
         }
         return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID));
-    };
+    }
     /**
      * Returns a promise that resolves with the newly created `AuthProviderConfig`
      * when the new provider configuration is created.
@@ -924,33 +918,33 @@ var BaseAuth = /** @class */ (function () {
      * @param config - The provider configuration to create.
      * @returns A promise that resolves with the created provider configuration.
      */
-    BaseAuth.prototype.createProviderConfig = function (config) {
+    createProviderConfig(config) {
         if (!validator.isNonNullObject(config)) {
             return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CONFIG, 'Request is missing "AuthProviderConfig" configuration.'));
         }
         if (auth_config_1.OIDCConfig.isProviderId(config.providerId)) {
             return this.authRequestHandler.createOAuthIdpConfig(config)
-                .then(function (response) {
+                .then((response) => {
                 return new auth_config_1.OIDCConfig(response);
             });
         }
         else if (auth_config_1.SAMLConfig.isProviderId(config.providerId)) {
             return this.authRequestHandler.createInboundSamlConfig(config)
-                .then(function (response) {
+                .then((response) => {
                 return new auth_config_1.SAMLConfig(response);
             });
         }
         return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID));
-    };
+    }
     /** @alpha */
     // eslint-disable-next-line @typescript-eslint/naming-convention
-    BaseAuth.prototype._verifyAuthBlockingToken = function (token, audience) {
-        var isEmulator = auth_api_request_1.useEmulator();
+    _verifyAuthBlockingToken(token, audience) {
+        const isEmulator = (0, auth_api_request_1.useEmulator)();
         return this.authBlockingTokenVerifier._verifyAuthBlockingToken(token, isEmulator, audience)
-            .then(function (decodedAuthBlockingToken) {
+            .then((decodedAuthBlockingToken) => {
             return decodedAuthBlockingToken;
         });
-    };
+    }
     /**
      * Verifies the decoded Firebase issued JWT is not revoked or disabled. Returns a promise that
      * resolves with the decoded claims on success. Rejects the promise with revocation error if revoked
@@ -961,19 +955,19 @@ var BaseAuth = /** @class */ (function () {
      *     detection.
      * @returns A promise that will be fulfilled after a successful verification.
      */
-    BaseAuth.prototype.verifyDecodedJWTNotRevokedOrDisabled = function (decodedIdToken, revocationErrorInfo) {
+    verifyDecodedJWTNotRevokedOrDisabled(decodedIdToken, revocationErrorInfo) {
         // Get tokens valid after time for the corresponding user.
         return this.getUser(decodedIdToken.sub)
-            .then(function (user) {
+            .then((user) => {
             if (user.disabled) {
                 throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.USER_DISABLED, 'The user record is disabled.');
             }
             // If no tokens valid after time available, token is not revoked.
             if (user.tokensValidAfterTime) {
                 // Get the ID token authentication time and convert to milliseconds UTC.
-                var authTimeUtc = decodedIdToken.auth_time * 1000;
+                const authTimeUtc = decodedIdToken.auth_time * 1000;
                 // Get user tokens valid after time in milliseconds UTC.
-                var validSinceUtc = new Date(user.tokensValidAfterTime).getTime();
+                const validSinceUtc = new Date(user.tokensValidAfterTime).getTime();
                 // Check if authentication time is older than valid since time.
                 if (authTimeUtc < validSinceUtc) {
                     throw new error_1.FirebaseAuthError(revocationErrorInfo);
@@ -982,7 +976,6 @@ var BaseAuth = /** @class */ (function () {
             // All checks above passed. Return the decoded token.
             return decodedIdToken;
         });
-    };
-    return BaseAuth;
-}());
+    }
+}
 exports.BaseAuth = BaseAuth;