firebase-admin 11.7.0 → 11.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/app/core.d.ts +1 -1
- package/lib/app/core.js +1 -1
- package/lib/app/credential-factory.d.ts +1 -1
- package/lib/app/credential-factory.js +1 -1
- package/lib/app/credential-internal.d.ts +1 -1
- package/lib/app/credential-internal.js +1 -1
- package/lib/app/credential.d.ts +1 -1
- package/lib/app/credential.js +1 -1
- package/lib/app/firebase-app.d.ts +1 -1
- package/lib/app/firebase-app.js +1 -1
- package/lib/app/firebase-namespace.d.ts +1 -1
- package/lib/app/firebase-namespace.js +1 -1
- package/lib/app/index.d.ts +1 -1
- package/lib/app/index.js +1 -1
- package/lib/app/lifecycle.d.ts +1 -1
- package/lib/app/lifecycle.js +1 -1
- package/lib/app-check/app-check-api-client-internal.d.ts +1 -1
- package/lib/app-check/app-check-api-client-internal.js +37 -1
- package/lib/app-check/app-check-api.d.ts +35 -1
- package/lib/app-check/app-check-api.js +1 -1
- package/lib/app-check/app-check-namespace.d.ts +9 -2
- package/lib/app-check/app-check-namespace.js +1 -1
- package/lib/app-check/app-check.d.ts +5 -3
- package/lib/app-check/app-check.js +23 -2
- package/lib/app-check/index.d.ts +2 -2
- package/lib/app-check/index.js +1 -1
- package/lib/app-check/token-generator.d.ts +1 -1
- package/lib/app-check/token-generator.js +1 -1
- package/lib/app-check/token-verifier.d.ts +1 -1
- package/lib/app-check/token-verifier.js +1 -1
- package/lib/auth/action-code-settings-builder.d.ts +1 -1
- package/lib/auth/action-code-settings-builder.js +1 -1
- package/lib/auth/auth-api-request.d.ts +1 -1
- package/lib/auth/auth-api-request.js +2 -2
- package/lib/auth/auth-config.d.ts +76 -1
- package/lib/auth/auth-config.js +194 -4
- package/lib/auth/auth-namespace.d.ts +1 -1
- package/lib/auth/auth-namespace.js +1 -1
- package/lib/auth/auth.d.ts +1 -1
- package/lib/auth/auth.js +1 -1
- package/lib/auth/base-auth.d.ts +1 -1
- package/lib/auth/base-auth.js +1 -1
- package/lib/auth/identifier.d.ts +1 -1
- package/lib/auth/identifier.js +1 -1
- package/lib/auth/index.d.ts +2 -2
- package/lib/auth/index.js +1 -1
- package/lib/auth/project-config-manager.d.ts +1 -1
- package/lib/auth/project-config-manager.js +1 -1
- package/lib/auth/project-config.d.ts +12 -2
- package/lib/auth/project-config.js +24 -8
- package/lib/auth/tenant-manager.d.ts +1 -1
- package/lib/auth/tenant-manager.js +1 -1
- package/lib/auth/tenant.d.ts +12 -2
- package/lib/auth/tenant.js +18 -2
- package/lib/auth/token-generator.d.ts +1 -1
- package/lib/auth/token-generator.js +1 -1
- package/lib/auth/token-verifier.d.ts +1 -1
- package/lib/auth/token-verifier.js +2 -2
- package/lib/auth/user-import-builder.d.ts +1 -1
- package/lib/auth/user-import-builder.js +1 -1
- package/lib/auth/user-record.d.ts +1 -1
- package/lib/auth/user-record.js +1 -1
- package/lib/credential/index.d.ts +1 -1
- package/lib/credential/index.js +1 -1
- package/lib/database/database-namespace.d.ts +1 -1
- package/lib/database/database-namespace.js +1 -1
- package/lib/database/database.d.ts +1 -1
- package/lib/database/database.js +1 -1
- package/lib/database/index.d.ts +1 -1
- package/lib/database/index.js +1 -1
- package/lib/default-namespace.d.ts +1 -1
- package/lib/default-namespace.js +1 -1
- package/lib/esm/firestore/index.js +1 -0
- package/lib/eventarc/cloudevent.d.ts +1 -1
- package/lib/eventarc/cloudevent.js +1 -1
- package/lib/eventarc/eventarc-client-internal.d.ts +1 -1
- package/lib/eventarc/eventarc-client-internal.js +1 -1
- package/lib/eventarc/eventarc-utils.d.ts +1 -1
- package/lib/eventarc/eventarc-utils.js +1 -1
- package/lib/eventarc/eventarc.d.ts +1 -1
- package/lib/eventarc/eventarc.js +1 -1
- package/lib/eventarc/index.d.ts +1 -1
- package/lib/eventarc/index.js +1 -1
- package/lib/extensions/extensions-api-client-internal.d.ts +1 -1
- package/lib/extensions/extensions-api-client-internal.js +1 -1
- package/lib/extensions/extensions-api.d.ts +1 -1
- package/lib/extensions/extensions-api.js +1 -1
- package/lib/extensions/extensions.d.ts +1 -1
- package/lib/extensions/extensions.js +1 -1
- package/lib/extensions/index.d.ts +1 -1
- package/lib/extensions/index.js +1 -1
- package/lib/firebase-namespace-api.d.ts +1 -1
- package/lib/firebase-namespace-api.js +1 -1
- package/lib/firestore/firestore-internal.d.ts +1 -1
- package/lib/firestore/firestore-internal.js +1 -1
- package/lib/firestore/firestore-namespace.d.ts +2 -1
- package/lib/firestore/firestore-namespace.js +2 -1
- package/lib/firestore/index.d.ts +2 -2
- package/lib/firestore/index.js +3 -2
- package/lib/functions/functions-api-client-internal.d.ts +1 -1
- package/lib/functions/functions-api-client-internal.js +1 -1
- package/lib/functions/functions-api.d.ts +1 -1
- package/lib/functions/functions-api.js +1 -1
- package/lib/functions/functions.d.ts +1 -1
- package/lib/functions/functions.js +1 -1
- package/lib/functions/index.d.ts +1 -1
- package/lib/functions/index.js +1 -1
- package/lib/index.d.ts +1 -1
- package/lib/index.js +1 -1
- package/lib/installations/index.d.ts +1 -1
- package/lib/installations/index.js +1 -1
- package/lib/installations/installations-namespace.d.ts +1 -1
- package/lib/installations/installations-namespace.js +1 -1
- package/lib/installations/installations-request-handler.d.ts +1 -1
- package/lib/installations/installations-request-handler.js +1 -1
- package/lib/installations/installations.d.ts +1 -1
- package/lib/installations/installations.js +1 -1
- package/lib/instance-id/index.d.ts +1 -1
- package/lib/instance-id/index.js +1 -1
- package/lib/instance-id/instance-id-namespace.d.ts +1 -1
- package/lib/instance-id/instance-id-namespace.js +1 -1
- package/lib/instance-id/instance-id.d.ts +1 -1
- package/lib/instance-id/instance-id.js +1 -1
- package/lib/machine-learning/index.d.ts +1 -1
- package/lib/machine-learning/index.js +1 -1
- package/lib/machine-learning/machine-learning-api-client.d.ts +1 -1
- package/lib/machine-learning/machine-learning-api-client.js +1 -1
- package/lib/machine-learning/machine-learning-namespace.d.ts +1 -1
- package/lib/machine-learning/machine-learning-namespace.js +1 -1
- package/lib/machine-learning/machine-learning-utils.d.ts +1 -1
- package/lib/machine-learning/machine-learning-utils.js +1 -1
- package/lib/machine-learning/machine-learning.d.ts +1 -1
- package/lib/machine-learning/machine-learning.js +1 -1
- package/lib/messaging/batch-request-internal.d.ts +1 -1
- package/lib/messaging/batch-request-internal.js +1 -1
- package/lib/messaging/index.d.ts +1 -1
- package/lib/messaging/index.js +1 -1
- package/lib/messaging/messaging-api-request-internal.d.ts +1 -1
- package/lib/messaging/messaging-api-request-internal.js +1 -1
- package/lib/messaging/messaging-api.d.ts +1 -1
- package/lib/messaging/messaging-api.js +1 -1
- package/lib/messaging/messaging-errors-internal.d.ts +1 -1
- package/lib/messaging/messaging-errors-internal.js +1 -1
- package/lib/messaging/messaging-internal.d.ts +1 -1
- package/lib/messaging/messaging-internal.js +1 -1
- package/lib/messaging/messaging-namespace.d.ts +1 -1
- package/lib/messaging/messaging-namespace.js +1 -1
- package/lib/messaging/messaging.d.ts +1 -1
- package/lib/messaging/messaging.js +1 -1
- package/lib/project-management/android-app.d.ts +1 -1
- package/lib/project-management/android-app.js +1 -1
- package/lib/project-management/app-metadata.d.ts +1 -1
- package/lib/project-management/app-metadata.js +1 -1
- package/lib/project-management/index.d.ts +1 -1
- package/lib/project-management/index.js +1 -1
- package/lib/project-management/ios-app.d.ts +1 -1
- package/lib/project-management/ios-app.js +1 -1
- package/lib/project-management/project-management-api-request-internal.d.ts +1 -1
- package/lib/project-management/project-management-api-request-internal.js +1 -1
- package/lib/project-management/project-management-namespace.d.ts +1 -1
- package/lib/project-management/project-management-namespace.js +1 -1
- package/lib/project-management/project-management.d.ts +1 -1
- package/lib/project-management/project-management.js +1 -1
- package/lib/remote-config/index.d.ts +1 -1
- package/lib/remote-config/index.js +1 -1
- package/lib/remote-config/remote-config-api-client-internal.d.ts +1 -1
- package/lib/remote-config/remote-config-api-client-internal.js +3 -3
- package/lib/remote-config/remote-config-api.d.ts +1 -1
- package/lib/remote-config/remote-config-api.js +1 -1
- package/lib/remote-config/remote-config-namespace.d.ts +1 -1
- package/lib/remote-config/remote-config-namespace.js +1 -1
- package/lib/remote-config/remote-config.d.ts +1 -1
- package/lib/remote-config/remote-config.js +1 -1
- package/lib/security-rules/index.d.ts +1 -1
- package/lib/security-rules/index.js +1 -1
- package/lib/security-rules/security-rules-api-client-internal.d.ts +1 -1
- package/lib/security-rules/security-rules-api-client-internal.js +1 -1
- package/lib/security-rules/security-rules-internal.d.ts +1 -1
- package/lib/security-rules/security-rules-internal.js +1 -1
- package/lib/security-rules/security-rules-namespace.d.ts +1 -1
- package/lib/security-rules/security-rules-namespace.js +1 -1
- package/lib/security-rules/security-rules.d.ts +1 -1
- package/lib/security-rules/security-rules.js +1 -1
- package/lib/storage/index.d.ts +1 -1
- package/lib/storage/index.js +1 -1
- package/lib/storage/storage-namespace.d.ts +1 -1
- package/lib/storage/storage-namespace.js +1 -1
- package/lib/storage/storage.d.ts +1 -1
- package/lib/storage/storage.js +1 -1
- package/lib/utils/api-request.d.ts +1 -1
- package/lib/utils/api-request.js +1 -1
- package/lib/utils/crypto-signer.d.ts +1 -1
- package/lib/utils/crypto-signer.js +1 -1
- package/lib/utils/deep-copy.d.ts +1 -1
- package/lib/utils/deep-copy.js +1 -1
- package/lib/utils/error.d.ts +1 -1
- package/lib/utils/error.js +1 -1
- package/lib/utils/index.d.ts +1 -1
- package/lib/utils/index.js +1 -1
- package/lib/utils/jwt.d.ts +1 -1
- package/lib/utils/jwt.js +1 -1
- package/lib/utils/validator.d.ts +1 -1
- package/lib/utils/validator.js +1 -1
- package/package.json +3 -3
package/lib/app/core.d.ts
CHANGED
package/lib/app/core.js
CHANGED
package/lib/app/credential.d.ts
CHANGED
package/lib/app/credential.js
CHANGED
package/lib/app/firebase-app.js
CHANGED
package/lib/app/index.d.ts
CHANGED
package/lib/app/index.js
CHANGED
package/lib/app/lifecycle.d.ts
CHANGED
package/lib/app/lifecycle.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! firebase-admin v11.
|
|
1
|
+
/*! firebase-admin v11.9.0 */
|
|
2
2
|
"use strict";
|
|
3
3
|
/*!
|
|
4
4
|
* @license
|
|
@@ -24,6 +24,7 @@ const utils = require("../utils/index");
|
|
|
24
24
|
const validator = require("../utils/validator");
|
|
25
25
|
// App Check backend constants
|
|
26
26
|
const FIREBASE_APP_CHECK_V1_API_URL_FORMAT = 'https://firebaseappcheck.googleapis.com/v1/projects/{projectId}/apps/{appId}:exchangeCustomToken';
|
|
27
|
+
const ONE_TIME_USE_TOKEN_VERIFICATION_URL_FORMAT = 'https://firebaseappcheck.googleapis.com/v1beta/projects/{projectId}:verifyAppCheckToken';
|
|
27
28
|
const FIREBASE_APP_CHECK_CONFIG_HEADERS = {
|
|
28
29
|
'X-Firebase-Client': `fire-admin-node/${utils.getSdkVersion()}`
|
|
29
30
|
};
|
|
@@ -71,6 +72,31 @@ class AppCheckApiClient {
|
|
|
71
72
|
throw this.toFirebaseError(err);
|
|
72
73
|
});
|
|
73
74
|
}
|
|
75
|
+
verifyReplayProtection(token) {
|
|
76
|
+
if (!validator.isNonEmptyString(token)) {
|
|
77
|
+
throw new FirebaseAppCheckError('invalid-argument', '`token` must be a non-empty string.');
|
|
78
|
+
}
|
|
79
|
+
return this.getVerifyTokenUrl()
|
|
80
|
+
.then((url) => {
|
|
81
|
+
const request = {
|
|
82
|
+
method: 'POST',
|
|
83
|
+
url,
|
|
84
|
+
headers: FIREBASE_APP_CHECK_CONFIG_HEADERS,
|
|
85
|
+
data: { app_check_token: token }
|
|
86
|
+
};
|
|
87
|
+
return this.httpClient.send(request);
|
|
88
|
+
})
|
|
89
|
+
.then((resp) => {
|
|
90
|
+
if (typeof resp.data.alreadyConsumed !== 'undefined'
|
|
91
|
+
&& !validator.isBoolean(resp.data?.alreadyConsumed)) {
|
|
92
|
+
throw new FirebaseAppCheckError('invalid-argument', '`alreadyConsumed` must be a boolean value.');
|
|
93
|
+
}
|
|
94
|
+
return resp.data.alreadyConsumed || false;
|
|
95
|
+
})
|
|
96
|
+
.catch((err) => {
|
|
97
|
+
throw this.toFirebaseError(err);
|
|
98
|
+
});
|
|
99
|
+
}
|
|
74
100
|
getUrl(appId) {
|
|
75
101
|
return this.getProjectId()
|
|
76
102
|
.then((projectId) => {
|
|
@@ -82,6 +108,16 @@ class AppCheckApiClient {
|
|
|
82
108
|
return utils.formatString(baseUrl);
|
|
83
109
|
});
|
|
84
110
|
}
|
|
111
|
+
getVerifyTokenUrl() {
|
|
112
|
+
return this.getProjectId()
|
|
113
|
+
.then((projectId) => {
|
|
114
|
+
const urlParams = {
|
|
115
|
+
projectId
|
|
116
|
+
};
|
|
117
|
+
const baseUrl = utils.formatString(ONE_TIME_USE_TOKEN_VERIFICATION_URL_FORMAT, urlParams);
|
|
118
|
+
return utils.formatString(baseUrl);
|
|
119
|
+
});
|
|
120
|
+
}
|
|
85
121
|
getProjectId() {
|
|
86
122
|
if (this.projectId) {
|
|
87
123
|
return Promise.resolve(this.projectId);
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! firebase-admin v11.
|
|
1
|
+
/*! firebase-admin v11.9.0 */
|
|
2
2
|
/*!
|
|
3
3
|
* @license
|
|
4
4
|
* Copyright 2021 Google Inc.
|
|
@@ -38,6 +38,28 @@ export interface AppCheckTokenOptions {
|
|
|
38
38
|
*/
|
|
39
39
|
ttlMillis?: number;
|
|
40
40
|
}
|
|
41
|
+
/**
|
|
42
|
+
* Interface representing options for the {@link AppCheck.verifyToken} method.
|
|
43
|
+
*/
|
|
44
|
+
export interface VerifyAppCheckTokenOptions {
|
|
45
|
+
/**
|
|
46
|
+
* To use the replay protection feature, set this to `true`. The {@link AppCheck.verifyToken}
|
|
47
|
+
* method will mark the token as consumed after verifying it.
|
|
48
|
+
*
|
|
49
|
+
* Tokens that are found to be already consumed will be marked as such in the response.
|
|
50
|
+
*
|
|
51
|
+
* Tokens are only considered to be consumed if it is sent to App Check backend by calling the
|
|
52
|
+
* {@link AppCheck.verifyToken} method with this field set to `true`; other uses of the token
|
|
53
|
+
* do not consume it.
|
|
54
|
+
*
|
|
55
|
+
* This replay protection feature requires an additional network call to the App Check backend
|
|
56
|
+
* and forces your clients to obtain a fresh attestation from your chosen attestation providers.
|
|
57
|
+
* This can therefore negatively impact performance and can potentially deplete your attestation
|
|
58
|
+
* providers' quotas faster. We recommend that you use this feature only for protecting
|
|
59
|
+
* low volume, security critical, or expensive operations.
|
|
60
|
+
*/
|
|
61
|
+
consume?: boolean;
|
|
62
|
+
}
|
|
41
63
|
/**
|
|
42
64
|
* Interface representing a decoded Firebase App Check token, returned from the
|
|
43
65
|
* {@link AppCheck.verifyToken} method.
|
|
@@ -92,4 +114,16 @@ export interface VerifyAppCheckTokenResponse {
|
|
|
92
114
|
* The decoded Firebase App Check token.
|
|
93
115
|
*/
|
|
94
116
|
token: DecodedAppCheckToken;
|
|
117
|
+
/**
|
|
118
|
+
* Indicates weather this token was already consumed.
|
|
119
|
+
* If this is the first time {@link AppCheck.verifyToken} method has seen this token,
|
|
120
|
+
* this field will contain the value `false`. The given token will then be
|
|
121
|
+
* marked as `already_consumed` for all future invocations of this {@link AppCheck.verifyToken}
|
|
122
|
+
* method for this token.
|
|
123
|
+
*
|
|
124
|
+
* When this field is `true`, the caller is attempting to reuse a previously consumed token.
|
|
125
|
+
* You should take precautions against such a caller; for example, you can take actions such as
|
|
126
|
+
* rejecting the request or ask the caller to pass additional layers of security checks.
|
|
127
|
+
*/
|
|
128
|
+
alreadyConsumed?: boolean;
|
|
95
129
|
}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! firebase-admin v11.
|
|
1
|
+
/*! firebase-admin v11.9.0 */
|
|
2
2
|
/*!
|
|
3
3
|
* Copyright 2021 Google Inc.
|
|
4
4
|
*
|
|
@@ -15,7 +15,7 @@
|
|
|
15
15
|
* limitations under the License.
|
|
16
16
|
*/
|
|
17
17
|
import { App } from '../app';
|
|
18
|
-
import { AppCheckToken as TAppCheckToken, AppCheckTokenOptions as TAppCheckTokenOptions, DecodedAppCheckToken as TDecodedAppCheckToken, VerifyAppCheckTokenResponse as TVerifyAppCheckTokenResponse } from './app-check-api';
|
|
18
|
+
import { AppCheckToken as TAppCheckToken, AppCheckTokenOptions as TAppCheckTokenOptions, DecodedAppCheckToken as TDecodedAppCheckToken, VerifyAppCheckTokenOptions as TVerifyAppCheckTokenOptions, VerifyAppCheckTokenResponse as TVerifyAppCheckTokenResponse } from './app-check-api';
|
|
19
19
|
import { AppCheck as TAppCheck } from './app-check';
|
|
20
20
|
/**
|
|
21
21
|
* Gets the {@link firebase-admin.app-check#AppCheck} service for the default app or a given app.
|
|
@@ -61,5 +61,12 @@ export declare namespace appCheck {
|
|
|
61
61
|
* Type alias to {@link firebase-admin.app-check#VerifyAppCheckTokenResponse}.
|
|
62
62
|
*/
|
|
63
63
|
type VerifyAppCheckTokenResponse = TVerifyAppCheckTokenResponse;
|
|
64
|
+
/**
|
|
65
|
+
* Type alias to {@link firebase-admin.app-check#AppCheckTokenOptions}.
|
|
66
|
+
*/
|
|
64
67
|
type AppCheckTokenOptions = TAppCheckTokenOptions;
|
|
68
|
+
/**
|
|
69
|
+
* Type alias to {@link firebase-admin.app-check#VerifyAppCheckTokenOptions}.
|
|
70
|
+
*/
|
|
71
|
+
type VerifyAppCheckTokenOptions = TVerifyAppCheckTokenOptions;
|
|
65
72
|
}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! firebase-admin v11.
|
|
1
|
+
/*! firebase-admin v11.9.0 */
|
|
2
2
|
/*!
|
|
3
3
|
* @license
|
|
4
4
|
* Copyright 2021 Google Inc.
|
|
@@ -16,7 +16,7 @@
|
|
|
16
16
|
* limitations under the License.
|
|
17
17
|
*/
|
|
18
18
|
import { App } from '../app';
|
|
19
|
-
import { AppCheckToken, AppCheckTokenOptions, VerifyAppCheckTokenResponse } from './app-check-api';
|
|
19
|
+
import { AppCheckToken, AppCheckTokenOptions, VerifyAppCheckTokenOptions, VerifyAppCheckTokenResponse } from './app-check-api';
|
|
20
20
|
/**
|
|
21
21
|
* The Firebase `AppCheck` service interface.
|
|
22
22
|
*/
|
|
@@ -41,9 +41,11 @@ export declare class AppCheck {
|
|
|
41
41
|
* rejected.
|
|
42
42
|
*
|
|
43
43
|
* @param appCheckToken - The App Check token to verify.
|
|
44
|
+
* @param options - Optional {@link VerifyAppCheckTokenOptions} object when verifying an App Check Token.
|
|
44
45
|
*
|
|
45
46
|
* @returns A promise fulfilled with the token's decoded claims
|
|
46
47
|
* if the App Check token is valid; otherwise, a rejected promise.
|
|
47
48
|
*/
|
|
48
|
-
verifyToken(appCheckToken: string): Promise<VerifyAppCheckTokenResponse>;
|
|
49
|
+
verifyToken(appCheckToken: string, options?: VerifyAppCheckTokenOptions): Promise<VerifyAppCheckTokenResponse>;
|
|
50
|
+
private validateVerifyAppCheckTokenOptions;
|
|
49
51
|
}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! firebase-admin v11.
|
|
1
|
+
/*! firebase-admin v11.9.0 */
|
|
2
2
|
"use strict";
|
|
3
3
|
/*!
|
|
4
4
|
* @license
|
|
@@ -18,6 +18,7 @@
|
|
|
18
18
|
*/
|
|
19
19
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
20
20
|
exports.AppCheck = void 0;
|
|
21
|
+
const validator = require("../utils/validator");
|
|
21
22
|
const app_check_api_client_internal_1 = require("./app-check-api-client-internal");
|
|
22
23
|
const token_generator_1 = require("./token-generator");
|
|
23
24
|
const token_verifier_1 = require("./token-verifier");
|
|
@@ -63,18 +64,38 @@ class AppCheck {
|
|
|
63
64
|
* rejected.
|
|
64
65
|
*
|
|
65
66
|
* @param appCheckToken - The App Check token to verify.
|
|
67
|
+
* @param options - Optional {@link VerifyAppCheckTokenOptions} object when verifying an App Check Token.
|
|
66
68
|
*
|
|
67
69
|
* @returns A promise fulfilled with the token's decoded claims
|
|
68
70
|
* if the App Check token is valid; otherwise, a rejected promise.
|
|
69
71
|
*/
|
|
70
|
-
verifyToken(appCheckToken) {
|
|
72
|
+
verifyToken(appCheckToken, options) {
|
|
73
|
+
this.validateVerifyAppCheckTokenOptions(options);
|
|
71
74
|
return this.appCheckTokenVerifier.verifyToken(appCheckToken)
|
|
72
75
|
.then((decodedToken) => {
|
|
76
|
+
if (options?.consume) {
|
|
77
|
+
return this.client.verifyReplayProtection(appCheckToken)
|
|
78
|
+
.then((alreadyConsumed) => {
|
|
79
|
+
return {
|
|
80
|
+
alreadyConsumed,
|
|
81
|
+
appId: decodedToken.app_id,
|
|
82
|
+
token: decodedToken,
|
|
83
|
+
};
|
|
84
|
+
});
|
|
85
|
+
}
|
|
73
86
|
return {
|
|
74
87
|
appId: decodedToken.app_id,
|
|
75
88
|
token: decodedToken,
|
|
76
89
|
};
|
|
77
90
|
});
|
|
78
91
|
}
|
|
92
|
+
validateVerifyAppCheckTokenOptions(options) {
|
|
93
|
+
if (typeof options === 'undefined') {
|
|
94
|
+
return;
|
|
95
|
+
}
|
|
96
|
+
if (!validator.isNonNullObject(options)) {
|
|
97
|
+
throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', 'VerifyAppCheckTokenOptions must be a non-null object.');
|
|
98
|
+
}
|
|
99
|
+
}
|
|
79
100
|
}
|
|
80
101
|
exports.AppCheck = AppCheck;
|
package/lib/app-check/index.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! firebase-admin v11.
|
|
1
|
+
/*! firebase-admin v11.9.0 */
|
|
2
2
|
/*!
|
|
3
3
|
* @license
|
|
4
4
|
* Copyright 2021 Google Inc.
|
|
@@ -22,7 +22,7 @@
|
|
|
22
22
|
*/
|
|
23
23
|
import { App } from '../app';
|
|
24
24
|
import { AppCheck } from './app-check';
|
|
25
|
-
export { AppCheckToken, AppCheckTokenOptions, DecodedAppCheckToken, VerifyAppCheckTokenResponse, } from './app-check-api';
|
|
25
|
+
export { AppCheckToken, AppCheckTokenOptions, DecodedAppCheckToken, VerifyAppCheckTokenOptions, VerifyAppCheckTokenResponse, } from './app-check-api';
|
|
26
26
|
export { AppCheck } from './app-check';
|
|
27
27
|
/**
|
|
28
28
|
* Gets the {@link AppCheck} service for the default app or a given app.
|
package/lib/app-check/index.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! firebase-admin v11.
|
|
1
|
+
/*! firebase-admin v11.9.0 */
|
|
2
2
|
"use strict";
|
|
3
3
|
/*!
|
|
4
4
|
* @license
|
|
@@ -1325,7 +1325,7 @@ class AbstractAuthRequestHandler {
|
|
|
1325
1325
|
* @param email - The email of the user the link is being sent to.
|
|
1326
1326
|
* @param actionCodeSettings - The optional action code setings which defines whether
|
|
1327
1327
|
* the link is to be handled by a mobile app and the additional state information to be passed in the
|
|
1328
|
-
* deep link, etc. Required when requestType
|
|
1328
|
+
* deep link, etc. Required when requestType === 'EMAIL_SIGNIN'
|
|
1329
1329
|
* @param newEmail - The email address the account is being updated to.
|
|
1330
1330
|
* Required only for VERIFY_AND_CHANGE_EMAIL requests.
|
|
1331
1331
|
* @returns A promise that resolves with the email action link.
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! firebase-admin v11.
|
|
1
|
+
/*! firebase-admin v11.9.0 */
|
|
2
2
|
/*!
|
|
3
3
|
* Copyright 2018 Google Inc.
|
|
4
4
|
*
|
|
@@ -726,4 +726,79 @@ export declare class RecaptchaAuthConfig implements RecaptchaConfig {
|
|
|
726
726
|
*/
|
|
727
727
|
toJSON(): object;
|
|
728
728
|
}
|
|
729
|
+
/**
|
|
730
|
+
* A password policy configuration for a project or tenant
|
|
731
|
+
*/
|
|
732
|
+
export interface PasswordPolicyConfig {
|
|
733
|
+
/**
|
|
734
|
+
* Enforcement state of the password policy
|
|
735
|
+
*/
|
|
736
|
+
enforcementState?: PasswordPolicyEnforcementState;
|
|
737
|
+
/**
|
|
738
|
+
* Require users to have a policy-compliant password to sign in
|
|
739
|
+
*/
|
|
740
|
+
forceUpgradeOnSignin?: boolean;
|
|
741
|
+
/**
|
|
742
|
+
* The constraints that make up the password strength policy
|
|
743
|
+
*/
|
|
744
|
+
constraints?: CustomStrengthOptionsConfig;
|
|
745
|
+
}
|
|
746
|
+
/**
|
|
747
|
+
* A password policy's enforcement state.
|
|
748
|
+
*/
|
|
749
|
+
export type PasswordPolicyEnforcementState = 'ENFORCE' | 'OFF';
|
|
750
|
+
/**
|
|
751
|
+
* Constraints to be enforced on the password policy
|
|
752
|
+
*/
|
|
753
|
+
export interface CustomStrengthOptionsConfig {
|
|
754
|
+
/**
|
|
755
|
+
* The password must contain an upper case character
|
|
756
|
+
*/
|
|
757
|
+
requireUppercase?: boolean;
|
|
758
|
+
/**
|
|
759
|
+
* The password must contain a lower case character
|
|
760
|
+
*/
|
|
761
|
+
requireLowercase?: boolean;
|
|
762
|
+
/**
|
|
763
|
+
* The password must contain a non-alphanumeric character
|
|
764
|
+
*/
|
|
765
|
+
requireNonAlphanumeric?: boolean;
|
|
766
|
+
/**
|
|
767
|
+
* The password must contain a number
|
|
768
|
+
*/
|
|
769
|
+
requireNumeric?: boolean;
|
|
770
|
+
/**
|
|
771
|
+
* Minimum password length. Valid values are from 6 to 30
|
|
772
|
+
*/
|
|
773
|
+
minLength?: number;
|
|
774
|
+
/**
|
|
775
|
+
* Maximum password length. No default max length
|
|
776
|
+
*/
|
|
777
|
+
maxLength?: number;
|
|
778
|
+
}
|
|
779
|
+
/**
|
|
780
|
+
* Server side password policy configuration.
|
|
781
|
+
*/
|
|
782
|
+
export interface PasswordPolicyAuthServerConfig {
|
|
783
|
+
passwordPolicyEnforcementState?: PasswordPolicyEnforcementState;
|
|
784
|
+
passwordPolicyVersions?: PasswordPolicyVersionsAuthServerConfig[];
|
|
785
|
+
forceUpgradeOnSignin?: boolean;
|
|
786
|
+
}
|
|
787
|
+
/**
|
|
788
|
+
* Server side password policy versions configuration.
|
|
789
|
+
*/
|
|
790
|
+
export interface PasswordPolicyVersionsAuthServerConfig {
|
|
791
|
+
customStrengthOptions?: CustomStrengthOptionsAuthServerConfig;
|
|
792
|
+
}
|
|
793
|
+
/**
|
|
794
|
+
* Server side password policy constraints configuration.
|
|
795
|
+
*/
|
|
796
|
+
export interface CustomStrengthOptionsAuthServerConfig {
|
|
797
|
+
containsLowercaseCharacter?: boolean;
|
|
798
|
+
containsUppercaseCharacter?: boolean;
|
|
799
|
+
containsNumericCharacter?: boolean;
|
|
800
|
+
containsNonAlphanumericCharacter?: boolean;
|
|
801
|
+
minPasswordLength?: number;
|
|
802
|
+
maxPasswordLength?: number;
|
|
803
|
+
}
|
|
729
804
|
export {};
|