firebase-admin 12.6.0 → 13.0.0

package/lib/app/firebase-namespace.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 "use strict";
 /*!
  * @license

package/lib/app/index.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 /*!
  * @license
  * Copyright 2021 Google Inc.

package/lib/app/index.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 "use strict";
 /*!
  * @license

package/lib/app/lifecycle.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 /*!
  * @license
  * Copyright 2021 Google Inc.

package/lib/app/lifecycle.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 "use strict";
 /*!
  * @license
@@ -17,7 +17,11 @@
  * limitations under the License.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.FIREBASE_CONFIG_VAR = exports.deleteApp = exports.getApps = exports.getApp = exports.initializeApp = exports.defaultAppStore = exports.AppStore = void 0;
+exports.FIREBASE_CONFIG_VAR = exports.defaultAppStore = exports.AppStore = void 0;
+exports.initializeApp = initializeApp;
+exports.getApp = getApp;
+exports.getApps = getApps;
+exports.deleteApp = deleteApp;
 const fs = require("fs");
 const validator = require("../utils/validator");
 const error_1 = require("../utils/error");
@@ -101,15 +105,12 @@ exports.defaultAppStore = new AppStore();
 function initializeApp(options, appName = DEFAULT_APP_NAME) {
     return exports.defaultAppStore.initializeApp(options, appName);
 }
-exports.initializeApp = initializeApp;
 function getApp(appName = DEFAULT_APP_NAME) {
     return exports.defaultAppStore.getApp(appName);
 }
-exports.getApp = getApp;
 function getApps() {
     return exports.defaultAppStore.getApps();
 }
-exports.getApps = getApps;
 /**
  * Renders this given `App` unusable and frees the resources of
  * all associated services (though it does *not* clean up any backend
@@ -130,7 +131,6 @@ exports.getApps = getApps;
 function deleteApp(app) {
     return exports.defaultAppStore.deleteApp(app);
 }
-exports.deleteApp = deleteApp;
 /**
  * Constant holding the environment variable name with the default config.
  * If the environment variable contains a string that starts with '{' it will be parsed as JSON,

package/lib/app-check/app-check-api-client-internal.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 /*!
  * @license
  * Copyright 2021 Google Inc.

package/lib/app-check/app-check-api-client-internal.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 "use strict";
 /*!
  * @license

package/lib/app-check/app-check-api.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 /*!
  * @license
  * Copyright 2021 Google Inc.

package/lib/app-check/app-check-api.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 "use strict";
 /*!
  * @license

package/lib/app-check/app-check-namespace.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 /*!
  * Copyright 2021 Google Inc.
  *

package/lib/app-check/app-check-namespace.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 "use strict";
 /*!
  * Copyright 2021 Google Inc.

package/lib/app-check/app-check.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 /*!
  * @license
  * Copyright 2021 Google Inc.

package/lib/app-check/app-check.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 "use strict";
 /*!
  * @license

package/lib/app-check/index.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 /*!
  * @license
  * Copyright 2021 Google Inc.

package/lib/app-check/index.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 "use strict";
 /*!
  * @license
@@ -17,7 +17,8 @@
  * limitations under the License.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getAppCheck = exports.AppCheck = void 0;
+exports.AppCheck = void 0;
+exports.getAppCheck = getAppCheck;
 /**
  * Firebase App Check.
  *
@@ -60,4 +61,3 @@ function getAppCheck(app) {
     const firebaseApp = app;
     return firebaseApp.getOrInitService('appCheck', (app) => new app_check_1.AppCheck(app));
 }
-exports.getAppCheck = getAppCheck;

package/lib/app-check/token-generator.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 /*!
  * @license
  * Copyright 2021 Google Inc.

package/lib/app-check/token-generator.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 "use strict";
 /*!
  * @license
@@ -17,7 +17,8 @@
  * limitations under the License.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.appCheckErrorFromCryptoSignerError = exports.AppCheckTokenGenerator = void 0;
+exports.AppCheckTokenGenerator = void 0;
+exports.appCheckErrorFromCryptoSignerError = appCheckErrorFromCryptoSignerError;
 const validator = require("../utils/validator");
 const utils_1 = require("../utils");
 const crypto_signer_1 = require("../utils/crypto-signer");
@@ -141,7 +142,6 @@ function appCheckErrorFromCryptoSignerError(err) {
     }
     return new app_check_api_client_internal_1.FirebaseAppCheckError(mapToAppCheckErrorCode(err.code), err.message);
 }
-exports.appCheckErrorFromCryptoSignerError = appCheckErrorFromCryptoSignerError;
 function mapToAppCheckErrorCode(code) {
     switch (code) {
         case crypto_signer_1.CryptoSignerErrorCode.INVALID_CREDENTIAL:

package/lib/app-check/token-verifier.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 /*!
  * Copyright 2021 Google Inc.
  *

package/lib/app-check/token-verifier.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 "use strict";
 /*!
  * Copyright 2021 Google Inc.

package/lib/auth/action-code-settings-builder.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 /*!
  * Copyright 2018 Google Inc.
  *

package/lib/auth/action-code-settings-builder.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 "use strict";
 /*!
  * Copyright 2018 Google Inc.

package/lib/auth/auth-api-request.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 /*!
  * @license
  * Copyright 2017 Google Inc.

package/lib/auth/auth-api-request.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 "use strict";
 /*!
  * @license
@@ -17,7 +17,8 @@
  * limitations under the License.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.useEmulator = exports.TenantAwareAuthRequestHandler = exports.AuthRequestHandler = exports.AbstractAuthRequestHandler = exports.FIREBASE_AUTH_SIGN_UP_NEW_USER = exports.FIREBASE_AUTH_SET_ACCOUNT_INFO = exports.FIREBASE_AUTH_BATCH_DELETE_ACCOUNTS = exports.FIREBASE_AUTH_DELETE_ACCOUNT = exports.FIREBASE_AUTH_GET_ACCOUNTS_INFO = exports.FIREBASE_AUTH_GET_ACCOUNT_INFO = exports.FIREBASE_AUTH_DOWNLOAD_ACCOUNT = exports.FIREBASE_AUTH_UPLOAD_ACCOUNT = exports.FIREBASE_AUTH_CREATE_SESSION_COOKIE = exports.EMAIL_ACTION_REQUEST_TYPES = exports.RESERVED_CLAIMS = void 0;
+exports.TenantAwareAuthRequestHandler = exports.AuthRequestHandler = exports.AbstractAuthRequestHandler = exports.FIREBASE_AUTH_SIGN_UP_NEW_USER = exports.FIREBASE_AUTH_SET_ACCOUNT_INFO = exports.FIREBASE_AUTH_BATCH_DELETE_ACCOUNTS = exports.FIREBASE_AUTH_DELETE_ACCOUNT = exports.FIREBASE_AUTH_GET_ACCOUNTS_INFO = exports.FIREBASE_AUTH_GET_ACCOUNT_INFO = exports.FIREBASE_AUTH_DOWNLOAD_ACCOUNT = exports.FIREBASE_AUTH_UPLOAD_ACCOUNT = exports.FIREBASE_AUTH_CREATE_SESSION_COOKIE = exports.EMAIL_ACTION_REQUEST_TYPES = exports.RESERVED_CLAIMS = void 0;
+exports.useEmulator = useEmulator;
 const validator = require("../utils/validator");
 const deep_copy_1 = require("../utils/deep-copy");
 const error_1 = require("../utils/error");
@@ -30,7 +31,7 @@ const identifier_1 = require("./identifier");
 const auth_config_1 = require("./auth-config");
 const project_config_1 = require("./project-config");
 /** Firebase Auth request header. */
-const FIREBASE_AUTH_HEADER = {
+const FIREBASE_AUTH_HEADERS = {
     'X-Client-Version': `Node/Admin/${utils.getSdkVersion()}`,
 };
 /** Firebase Auth request timeout duration in milliseconds. */
@@ -1603,7 +1604,7 @@ class AbstractAuthRequestHandler {
             const req = {
                 method: apiSettings.getHttpMethod(),
                 url,
-                headers: FIREBASE_AUTH_HEADER,
+                headers: FIREBASE_AUTH_HEADERS,
                 data: requestData,
                 timeout: FIREBASE_AUTH_TIMEOUT,
             };
@@ -1945,4 +1946,3 @@ function emulatorHost() {
 function useEmulator() {
     return !!emulatorHost();
 }
-exports.useEmulator = useEmulator;

package/lib/auth/auth-config.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 /*!
  * Copyright 2018 Google Inc.
  *
@@ -662,6 +662,20 @@ export interface RecaptchaManagedRule {
     */
     action?: RecaptchaAction;
 }
+/**
+ * The managed rules for toll fraud provider, containing the enforcement status.
+ * The toll fraud provider contains all SMS related user flows.
+ */
+export interface RecaptchaTollFraudManagedRule {
+    /**
+    * The action will be enforced if the reCAPTCHA score of a request is larger than startScore.
+    */
+    startScore: number;
+    /**
+     * The action for reCAPTCHA-protected requests.
+     */
+    action?: RecaptchaAction;
+}
 /**
  * The key's platform type.
  */
@@ -690,6 +704,10 @@ export interface RecaptchaConfig {
     * The enforcement state of the email password provider.
     */
     emailPasswordEnforcementState?: RecaptchaProviderEnforcementState;
+    /**
+    * The enforcement state of the phone provider.
+    */
+    phoneEnforcementState?: RecaptchaProviderEnforcementState;
     /**
      *  The reCAPTCHA managed rules.
      */
@@ -703,28 +721,34 @@ export interface RecaptchaConfig {
      * The default value is false.
      */
     useAccountDefender?: boolean;
-}
-export declare class RecaptchaAuthConfig implements RecaptchaConfig {
-    readonly emailPasswordEnforcementState?: RecaptchaProviderEnforcementState;
-    readonly managedRules?: RecaptchaManagedRule[];
-    readonly recaptchaKeys?: RecaptchaKey[];
-    readonly useAccountDefender?: boolean;
-    constructor(recaptchaConfig: RecaptchaConfig);
     /**
-     * Validates the RecaptchaConfig options object. Throws an error on failure.
-     * @param options - The options object to validate.
+     * Whether to use the rCE bot score for reCAPTCHA phone provider.
+     * Can only be true when the phone_enforcement_state is AUDIT or ENFORCE.
      */
-    static validate(options: RecaptchaConfig): void;
+    useSmsBotScore?: boolean;
     /**
-     * Validate each element in ManagedRule array
-     * @param options - The options object to validate.
+     * Whether to use the rCE SMS toll fraud protection risk score for reCAPTCHA phone provider.
+     * Can only be true when the phone_enforcement_state is AUDIT or ENFORCE.
      */
-    private static validateManagedRule;
+    useSmsTollFraudProtection?: boolean;
     /**
-     * Returns a JSON-serializable representation of this object.
-     * @returns The JSON-serializable object representation of the ReCaptcha config instance
+     * The managed rules for toll fraud provider, containing the enforcement status.
+     * The toll fraud provider contains all SMS related user flows.
      */
-    toJSON(): object;
+    smsTollFraudManagedRules?: RecaptchaTollFraudManagedRule[];
+}
+/**
+ * Server side recaptcha configuration.
+ */
+export interface RecaptchaAuthServerConfig {
+    emailPasswordEnforcementState?: RecaptchaProviderEnforcementState;
+    phoneEnforcementState?: RecaptchaProviderEnforcementState;
+    managedRules?: RecaptchaManagedRule[];
+    recaptchaKeys?: RecaptchaKey[];
+    useAccountDefender?: boolean;
+    useSmsBotScore?: boolean;
+    useSmsTollFraudProtection?: boolean;
+    tollFraudManagedRules?: RecaptchaTollFraudManagedRule[];
 }
 /**
  * A password policy configuration for a project or tenant

package/lib/auth/auth-config.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 "use strict";
 /*!
  * Copyright 2018 Google Inc.
@@ -16,7 +16,8 @@
  * limitations under the License.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.EmailPrivacyAuthConfig = exports.PasswordPolicyAuthConfig = exports.RecaptchaAuthConfig = exports.SmsRegionsAuthConfig = exports.OIDCConfig = exports.SAMLConfig = exports.EmailSignInConfig = exports.validateTestPhoneNumbers = exports.MultiFactorAuthConfig = exports.MAXIMUM_TEST_PHONE_NUMBERS = void 0;
+exports.EmailPrivacyAuthConfig = exports.PasswordPolicyAuthConfig = exports.RecaptchaAuthConfig = exports.SmsRegionsAuthConfig = exports.OIDCConfig = exports.SAMLConfig = exports.EmailSignInConfig = exports.MultiFactorAuthConfig = exports.MAXIMUM_TEST_PHONE_NUMBERS = void 0;
+exports.validateTestPhoneNumbers = validateTestPhoneNumbers;
 const validator = require("../utils/validator");
 const deep_copy_1 = require("../utils/deep-copy");
 const error_1 = require("../utils/error");
@@ -219,7 +220,6 @@ function validateTestPhoneNumbers(testPhoneNumbers) {
         }
     }
 }
-exports.validateTestPhoneNumbers = validateTestPhoneNumbers;
 /**
  * Defines the email sign-in config class used to convert client side EmailSignInConfig
  * to a format that is understood by the Auth server.
@@ -752,12 +752,66 @@ class SmsRegionsAuthConfig {
     }
 }
 exports.SmsRegionsAuthConfig = SmsRegionsAuthConfig;
+/**
+ * Defines the recaptcha config class used to convert client side RecaptchaConfig
+ * to a format that is understood by the Auth server.
+ *
+ * @internal
+ */
 class RecaptchaAuthConfig {
-    constructor(recaptchaConfig) {
-        this.emailPasswordEnforcementState = recaptchaConfig.emailPasswordEnforcementState;
-        this.managedRules = recaptchaConfig.managedRules;
-        this.recaptchaKeys = recaptchaConfig.recaptchaKeys;
-        this.useAccountDefender = recaptchaConfig.useAccountDefender;
+    /**
+     * The RecaptchaAuthConfig constructor.
+     *
+     * @param response - The server side response used to initialize the
+     *     RecaptchaAuthConfig object.
+     * @constructor
+     * @internal
+     */
+    constructor(response) {
+        const filteredResponse = Object.fromEntries(Object.entries(response).filter(([, value]) => value !== undefined));
+        // Explicitly map the 'tollFraudManagedRules' to 'smsTollFraudManagedRules'
+        if (filteredResponse.tollFraudManagedRules !== undefined) {
+            this.smsTollFraudManagedRules = filteredResponse.tollFraudManagedRules;
+            delete filteredResponse.tollFraudManagedRules; // Remove it if necessary
+        }
+        // Assign the remaining properties directly
+        Object.assign(this, filteredResponse);
+    }
+    /**
+     * Builds a server request object from the client-side RecaptchaConfig.
+     * Converts client-side fields to their server-side equivalents.
+     *
+     * @param options - The client-side RecaptchaConfig object.
+     * @returns The server-side RecaptchaAuthServerConfig object.
+     */
+    static buildServerRequest(options) {
+        RecaptchaAuthConfig.validate(options); // Validate options before building request
+        const request = {};
+        if (typeof options.emailPasswordEnforcementState !== 'undefined') {
+            request.emailPasswordEnforcementState = options.emailPasswordEnforcementState;
+        }
+        if (typeof options.phoneEnforcementState !== 'undefined') {
+            request.phoneEnforcementState = options.phoneEnforcementState;
+        }
+        if (typeof options.managedRules !== 'undefined') {
+            request.managedRules = options.managedRules;
+        }
+        if (typeof options.recaptchaKeys !== 'undefined') {
+            request.recaptchaKeys = options.recaptchaKeys;
+        }
+        if (typeof options.useAccountDefender !== 'undefined') {
+            request.useAccountDefender = options.useAccountDefender;
+        }
+        if (typeof options.useSmsBotScore !== 'undefined') {
+            request.useSmsBotScore = options.useSmsBotScore;
+        }
+        if (typeof options.useSmsTollFraudProtection !== 'undefined') {
+            request.useSmsTollFraudProtection = options.useSmsTollFraudProtection;
+        }
+        if (typeof options.smsTollFraudManagedRules !== 'undefined') {
+            request.tollFraudManagedRules = options.smsTollFraudManagedRules; // Map client-side field to server-side
+        }
+        return request;
     }
     /**
      * Validates the RecaptchaConfig options object. Throws an error on failure.
@@ -766,9 +820,13 @@ class RecaptchaAuthConfig {
     static validate(options) {
         const validKeys = {
             emailPasswordEnforcementState: true,
+            phoneEnforcementState: true,
             managedRules: true,
             recaptchaKeys: true,
             useAccountDefender: true,
+            useSmsBotScore: true,
+            useSmsTollFraudProtection: true,
+            smsTollFraudManagedRules: true,
         };
         if (!validator.isNonNullObject(options)) {
             throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CONFIG, '"RecaptchaConfig" must be a non-null object.');
@@ -779,7 +837,7 @@ class RecaptchaAuthConfig {
             }
         }
         // Validation
-        if (typeof options.emailPasswordEnforcementState !== undefined) {
+        if (typeof options.emailPasswordEnforcementState !== 'undefined') {
             if (!validator.isNonEmptyString(options.emailPasswordEnforcementState)) {
                 throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"RecaptchaConfig.emailPasswordEnforcementState" must be a valid non-empty string.');
             }
@@ -789,6 +847,16 @@ class RecaptchaAuthConfig {
                 throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CONFIG, '"RecaptchaConfig.emailPasswordEnforcementState" must be either "OFF", "AUDIT" or "ENFORCE".');
             }
         }
+        if (typeof options.phoneEnforcementState !== 'undefined') {
+            if (!validator.isNonEmptyString(options.phoneEnforcementState)) {
+                throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"RecaptchaConfig.phoneEnforcementState" must be a valid non-empty string.');
+            }
+            if (options.phoneEnforcementState !== 'OFF' &&
+                options.phoneEnforcementState !== 'AUDIT' &&
+                options.phoneEnforcementState !== 'ENFORCE') {
+                throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CONFIG, '"RecaptchaConfig.phoneEnforcementState" must be either "OFF", "AUDIT" or "ENFORCE".');
+            }
+        }
         if (typeof options.managedRules !== 'undefined') {
             // Validate array
             if (!validator.isArray(options.managedRules)) {
@@ -804,6 +872,26 @@ class RecaptchaAuthConfig {
                 throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CONFIG, '"RecaptchaConfig.useAccountDefender" must be a boolean value".');
             }
         }
+        if (typeof options.useSmsBotScore !== 'undefined') {
+            if (!validator.isBoolean(options.useSmsBotScore)) {
+                throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CONFIG, '"RecaptchaConfig.useSmsBotScore" must be a boolean value".');
+            }
+        }
+        if (typeof options.useSmsTollFraudProtection !== 'undefined') {
+            if (!validator.isBoolean(options.useSmsTollFraudProtection)) {
+                throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CONFIG, '"RecaptchaConfig.useSmsTollFraudProtection" must be a boolean value".');
+            }
+        }
+        if (typeof options.smsTollFraudManagedRules !== 'undefined') {
+            // Validate array
+            if (!validator.isArray(options.smsTollFraudManagedRules)) {
+                throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CONFIG, '"RecaptchaConfig.smsTollFraudManagedRules" must be an array of valid "RecaptchaTollFraudManagedRule".');
+            }
+            // Validate each rule of the array
+            options.smsTollFraudManagedRules.forEach((tollFraudManagedRule) => {
+                RecaptchaAuthConfig.validateTollFraudManagedRule(tollFraudManagedRule);
+            });
+        }
     }
     /**
      * Validate each element in ManagedRule array
@@ -830,29 +918,28 @@ class RecaptchaAuthConfig {
         }
     }
     /**
-     * Returns a JSON-serializable representation of this object.
-     * @returns The JSON-serializable object representation of the ReCaptcha config instance
+     * Validate each element in TollFraudManagedRule array
+     * @param options - The options object to validate.
      */
-    toJSON() {
-        const json = {
-            emailPasswordEnforcementState: this.emailPasswordEnforcementState,
-            managedRules: (0, deep_copy_1.deepCopy)(this.managedRules),
-            recaptchaKeys: (0, deep_copy_1.deepCopy)(this.recaptchaKeys),
-            useAccountDefender: this.useAccountDefender,
+    static validateTollFraudManagedRule(options) {
+        const validKeys = {
+            startScore: true,
+            action: true,
         };
-        if (typeof json.emailPasswordEnforcementState === 'undefined') {
-            delete json.emailPasswordEnforcementState;
-        }
-        if (typeof json.managedRules === 'undefined') {
-            delete json.managedRules;
+        if (!validator.isNonNullObject(options)) {
+            throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CONFIG, '"RecaptchaTollFraudManagedRule" must be a non-null object.');
         }
-        if (typeof json.recaptchaKeys === 'undefined') {
-            delete json.recaptchaKeys;
+        // Check for unsupported top level attributes.
+        for (const key in options) {
+            if (!(key in validKeys)) {
+                throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CONFIG, `"${key}" is not a valid RecaptchaTollFraudManagedRule parameter.`);
+            }
         }
-        if (typeof json.useAccountDefender === 'undefined') {
-            delete json.useAccountDefender;
+        // Validate content.
+        if (typeof options.action !== 'undefined' &&
+            options.action !== 'BLOCK') {
+            throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CONFIG, '"RecaptchaTollFraudManagedRule.action" must be "BLOCK".');
         }
-        return json;
     }
 }
 exports.RecaptchaAuthConfig = RecaptchaAuthConfig;

package/lib/auth/auth-namespace.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 /*!
  * Copyright 2021 Google Inc.
  *

package/lib/auth/auth-namespace.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 "use strict";
 /*!
  * Copyright 2021 Google Inc.

package/lib/auth/auth.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 /*!
  * @license
  * Copyright 2017 Google Inc.

package/lib/auth/auth.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 "use strict";
 /*!
  * @license

package/lib/auth/base-auth.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 /*!
  * Copyright 2021 Google Inc.
  *

package/lib/auth/base-auth.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 "use strict";
 /*!
  * Copyright 2021 Google Inc.
@@ -16,7 +16,8 @@
  * limitations under the License.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.BaseAuth = exports.createFirebaseTokenGenerator = void 0;
+exports.BaseAuth = void 0;
+exports.createFirebaseTokenGenerator = createFirebaseTokenGenerator;
 const error_1 = require("../utils/error");
 const deep_copy_1 = require("../utils/deep-copy");
 const validator = require("../utils/validator");
@@ -39,7 +40,6 @@ function createFirebaseTokenGenerator(app, tenantId) {
         throw (0, token_generator_1.handleCryptoSignerError)(err);
     }
 }
-exports.createFirebaseTokenGenerator = createFirebaseTokenGenerator;
 /**
  * Common parent interface for both `Auth` and `TenantAwareAuth` APIs.
  */

package/lib/auth/identifier.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v12.6.0 */
+/*! firebase-admin v13.0.0 */
 /*!
  * Copyright 2020 Google Inc.
  *