firebase-admin 13.10.0 → 14.0.0

package/lib/app-check/app-check-api-client-internal.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.10.0 */
+/*! firebase-admin v14.0.0 */
 /*!
  * @license
  * Copyright 2021 Google LLC
@@ -15,18 +15,4 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-import { PrefixedFirebaseError } from '../utils/error';
-export declare const APP_CHECK_ERROR_CODE_MAPPING: {
-    [key: string]: AppCheckErrorCode;
-};
-export type AppCheckErrorCode = 'aborted' | 'invalid-argument' | 'invalid-credential' | 'internal-error' | 'permission-denied' | 'unauthenticated' | 'not-found' | 'app-check-token-expired' | 'unknown-error';
-/**
- * Firebase App Check error code structure. This extends PrefixedFirebaseError.
- *
- * @param code - The error code.
- * @param message - The error message.
- * @constructor
- */
-export declare class FirebaseAppCheckError extends PrefixedFirebaseError {
-    constructor(code: AppCheckErrorCode, message: string);
-}
+export {};

package/lib/app-check/app-check-api-client-internal.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.10.0 */
+/*! firebase-admin v14.0.0 */
 "use strict";
 /*!
  * @license
@@ -17,9 +17,10 @@
  * limitations under the License.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.FirebaseAppCheckError = exports.APP_CHECK_ERROR_CODE_MAPPING = exports.AppCheckApiClient = void 0;
+exports.AppCheckApiClient = void 0;
 const api_request_1 = require("../utils/api-request");
 const error_1 = require("../utils/error");
+const error_2 = require("./error");
 const utils = require("../utils/index");
 const validator = require("../utils/validator");
 // App Check backend constants
@@ -37,7 +38,10 @@ class AppCheckApiClient {
     constructor(app) {
         this.app = app;
         if (!validator.isNonNullObject(app) || !('options' in app)) {
-            throw new FirebaseAppCheckError('invalid-argument', 'First argument passed to admin.appCheck() must be a valid Firebase app instance.');
+            throw new error_2.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: 'First argument passed to admin.appCheck() must be a valid Firebase app instance.'
+            });
         }
         this.httpClient = new api_request_1.AuthorizedHttpClient(app);
     }
@@ -50,20 +54,35 @@ class AppCheckApiClient {
      */
     exchangeToken(customToken, appId, options) {
         if (!validator.isNonEmptyString(appId)) {
-            throw new FirebaseAppCheckError('invalid-argument', '`appId` must be a non-empty string.');
+            throw new error_2.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: '`appId` must be a non-empty string.'
+            });
         }
         if (!validator.isNonEmptyString(customToken)) {
-            throw new FirebaseAppCheckError('invalid-argument', '`customToken` must be a non-empty string.');
+            throw new error_2.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: '`customToken` must be a non-empty string.'
+            });
         }
         if (typeof options?.limitedUse !== 'undefined' && !validator.isBoolean(options.limitedUse)) {
-            throw new FirebaseAppCheckError('invalid-argument', '`limitedUse` must be a boolean value.');
+            throw new error_2.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: '`limitedUse` must be a boolean value.'
+            });
         }
         if (typeof options?.jti !== 'undefined') {
             if (!validator.isString(options.jti)) {
-                throw new FirebaseAppCheckError('invalid-argument', '`jti` must be a string value.');
+                throw new error_2.FirebaseAppCheckError({
+                    code: 'invalid-argument',
+                    message: '`jti` must be a string value.'
+                });
             }
             if (!options.limitedUse) {
-                throw new FirebaseAppCheckError('invalid-argument', '`jti` cannot be specified without setting `limitedUse` to `true`.');
+                throw new error_2.FirebaseAppCheckError({
+                    code: 'invalid-argument',
+                    message: '`jti` cannot be specified without setting `limitedUse` to `true`.'
+                });
             }
         }
         return this.getUrl(appId)
@@ -89,7 +108,10 @@ class AppCheckApiClient {
     }
     verifyReplayProtection(token) {
         if (!validator.isNonEmptyString(token)) {
-            throw new FirebaseAppCheckError('invalid-argument', '`token` must be a non-empty string.');
+            throw new error_2.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: '`token` must be a non-empty string.'
+            });
         }
         return this.getVerifyTokenUrl()
             .then((url) => {
@@ -104,7 +126,11 @@ class AppCheckApiClient {
             .then((resp) => {
             if (typeof resp.data.alreadyConsumed !== 'undefined'
                 && !validator.isBoolean(resp.data?.alreadyConsumed)) {
-                throw new FirebaseAppCheckError('invalid-argument', '`alreadyConsumed` must be a boolean value.');
+                throw new error_2.FirebaseAppCheckError({
+                    code: 'invalid-argument',
+                    message: '`alreadyConsumed` must be a boolean value.',
+                    httpResponse: (0, error_1.toHttpResponse)(resp)
+                });
             }
             return resp.data.alreadyConsumed || false;
         })
@@ -140,29 +166,37 @@ class AppCheckApiClient {
         return utils.findProjectId(this.app)
             .then((projectId) => {
             if (!validator.isNonEmptyString(projectId)) {
-                throw new FirebaseAppCheckError('unknown-error', 'Failed to determine project ID. Initialize the '
-                    + 'SDK with service account credentials or set project ID as an app option. '
-                    + 'Alternatively, set the GOOGLE_CLOUD_PROJECT environment variable.');
+                throw new error_2.FirebaseAppCheckError({
+                    code: 'unknown-error',
+                    message: 'Failed to determine project ID. Initialize the '
+                        + 'SDK with service account credentials or set project ID as an app option. '
+                        + 'Alternatively, set the GOOGLE_CLOUD_PROJECT environment variable.'
+                });
             }
             this.projectId = projectId;
             return projectId;
         });
     }
     toFirebaseError(err) {
-        if (err instanceof error_1.PrefixedFirebaseError) {
+        if (err instanceof error_1.FirebaseError) {
             return err;
         }
         const response = err.response;
         if (!response.isJson()) {
-            return new FirebaseAppCheckError('unknown-error', `Unexpected response with status: ${response.status} and body: ${response.text}`);
+            return new error_2.FirebaseAppCheckError({
+                code: 'unknown-error',
+                message: `Unexpected response with status: ${response.status} and body: ${response.text}`,
+                httpResponse: (0, error_1.toHttpResponse)(response),
+                cause: err
+            });
         }
         const error = response.data.error || {};
         let code = 'unknown-error';
-        if (error.status && error.status in exports.APP_CHECK_ERROR_CODE_MAPPING) {
-            code = exports.APP_CHECK_ERROR_CODE_MAPPING[error.status];
+        if (error.status && error.status in error_2.APP_CHECK_ERROR_CODE_MAPPING) {
+            code = error_2.APP_CHECK_ERROR_CODE_MAPPING[error.status];
         }
-        const message = error.message || `Unknown server error: ${response.text}`;
-        return new FirebaseAppCheckError(code, message);
+        const message = error.message || 'Unknown server error';
+        return new error_2.FirebaseAppCheckError({ code, message, httpResponse: (0, error_1.toHttpResponse)(response), cause: err });
     }
     /**
      * Creates an AppCheckToken from the API response.
@@ -192,38 +226,13 @@ class AppCheckApiClient {
      */
     stringToMilliseconds(duration) {
         if (!validator.isNonEmptyString(duration) || !duration.endsWith('s')) {
-            throw new FirebaseAppCheckError('invalid-argument', '`ttl` must be a valid duration string with the suffix `s`.');
+            throw new error_2.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: '`ttl` must be a valid duration string with the suffix `s`.'
+            });
         }
         const seconds = duration.slice(0, -1);
         return Math.floor(Number(seconds) * 1000);
     }
 }
 exports.AppCheckApiClient = AppCheckApiClient;
-exports.APP_CHECK_ERROR_CODE_MAPPING = {
-    ABORTED: 'aborted',
-    INVALID_ARGUMENT: 'invalid-argument',
-    INVALID_CREDENTIAL: 'invalid-credential',
-    INTERNAL: 'internal-error',
-    PERMISSION_DENIED: 'permission-denied',
-    UNAUTHENTICATED: 'unauthenticated',
-    NOT_FOUND: 'not-found',
-    UNKNOWN: 'unknown-error',
-};
-/**
- * Firebase App Check error code structure. This extends PrefixedFirebaseError.
- *
- * @param code - The error code.
- * @param message - The error message.
- * @constructor
- */
-class FirebaseAppCheckError extends error_1.PrefixedFirebaseError {
-    constructor(code, message) {
-        super('app-check', code, message);
-        /* tslint:disable:max-line-length */
-        // Set the prototype explicitly. See the following link for more details:
-        // https://github.com/Microsoft/TypeScript/wiki/Breaking-Changes#extending-built-ins-like-error-array-and-map-may-no-longer-work
-        /* tslint:enable:max-line-length */
-        this.__proto__ = FirebaseAppCheckError.prototype;
-    }
-}
-exports.FirebaseAppCheckError = FirebaseAppCheckError;

package/lib/app-check/app-check-api.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.10.0 */
+/*! firebase-admin v14.0.0 */
 /*!
  * @license
  * Copyright 2021 Google LLC

package/lib/app-check/app-check-api.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.10.0 */
+/*! firebase-admin v14.0.0 */
 "use strict";
 /*!
  * @license

package/lib/app-check/app-check.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.10.0 */
+/*! firebase-admin v14.0.0 */
 /*!
  * @license
  * Copyright 2021 Google LLC

package/lib/app-check/app-check.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.10.0 */
+/*! firebase-admin v14.0.0 */
 "use strict";
 /*!
  * @license
@@ -20,6 +20,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.AppCheck = void 0;
 const validator = require("../utils/validator");
 const app_check_api_client_internal_1 = require("./app-check-api-client-internal");
+const error_1 = require("./error");
 const token_generator_1 = require("./token-generator");
 const token_verifier_1 = require("./token-verifier");
 const crypto_signer_1 = require("../utils/crypto-signer");
@@ -94,7 +95,10 @@ class AppCheck {
             return;
         }
         if (!validator.isNonNullObject(options)) {
-            throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', 'VerifyAppCheckTokenOptions must be a non-null object.');
+            throw new error_1.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: 'VerifyAppCheckTokenOptions must be a non-null object.'
+            });
         }
     }
 }

package/lib/app-check/error.d.ts

@@ -0,0 +1,47 @@
+/*! firebase-admin v14.0.0 */
+/*!
+ * Copyright 2026 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import { FirebaseError, ErrorInfo } from '../utils/error';
+/** @const {Record<string, AppCheckErrorCode>} App Check server to client error code mapping. */
+export declare const APP_CHECK_ERROR_CODE_MAPPING: Record<string, AppCheckErrorCode>;
+/**
+ * The constant mapping for valid App Check client error codes.
+ */
+export declare const AppCheckErrorCode: {
+    readonly ABORTED: "aborted";
+    readonly INVALID_ARGUMENT: "invalid-argument";
+    readonly INVALID_CREDENTIAL: "invalid-credential";
+    readonly INTERNAL: "internal-error";
+    readonly PERMISSION_DENIED: "permission-denied";
+    readonly UNAUTHENTICATED: "unauthenticated";
+    readonly NOT_FOUND: "not-found";
+    readonly APP_CHECK_TOKEN_EXPIRED: "app-check-token-expired";
+    readonly UNKNOWN: "unknown-error";
+};
+/**
+ * The type definition for valid App Check client error codes.
+ */
+export type AppCheckErrorCode = typeof AppCheckErrorCode[keyof typeof AppCheckErrorCode];
+/**
+ * Firebase App Check error code structure. This extends `FirebaseError`.
+ */
+export declare class FirebaseAppCheckError extends FirebaseError {
+    /**
+     * @param info - The error code info.
+     * @param message - The error message. If provided, this will override the default message.
+     */
+    constructor(info: ErrorInfo, message?: string);
+}

package/lib/app-check/error.js

@@ -0,0 +1,65 @@
+/*! firebase-admin v14.0.0 */
+"use strict";
+/*!
+ * Copyright 2026 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FirebaseAppCheckError = exports.AppCheckErrorCode = exports.APP_CHECK_ERROR_CODE_MAPPING = void 0;
+const error_1 = require("../utils/error");
+/** @const {Record<string, AppCheckErrorCode>} App Check server to client error code mapping. */
+exports.APP_CHECK_ERROR_CODE_MAPPING = {
+    ABORTED: 'aborted',
+    INVALID_ARGUMENT: 'invalid-argument',
+    INVALID_CREDENTIAL: 'invalid-credential',
+    INTERNAL: 'internal-error',
+    PERMISSION_DENIED: 'permission-denied',
+    UNAUTHENTICATED: 'unauthenticated',
+    NOT_FOUND: 'not-found',
+    UNKNOWN: 'unknown-error',
+};
+/**
+ * The constant mapping for valid App Check client error codes.
+ */
+exports.AppCheckErrorCode = {
+    ABORTED: 'aborted',
+    INVALID_ARGUMENT: 'invalid-argument',
+    INVALID_CREDENTIAL: 'invalid-credential',
+    INTERNAL: 'internal-error',
+    PERMISSION_DENIED: 'permission-denied',
+    UNAUTHENTICATED: 'unauthenticated',
+    NOT_FOUND: 'not-found',
+    APP_CHECK_TOKEN_EXPIRED: 'app-check-token-expired',
+    UNKNOWN: 'unknown-error',
+};
+/**
+ * Firebase App Check error code structure. This extends `FirebaseError`.
+ */
+class FirebaseAppCheckError extends error_1.FirebaseError {
+    /**
+     * @param info - The error code info.
+     * @param message - The error message. If provided, this will override the default message.
+     */
+    constructor(info, message) {
+        super({
+            code: `app-check/${info.code}`,
+            message: message || info.message,
+            httpResponse: info.httpResponse,
+            cause: info.cause,
+        });
+        /** @internal */
+        this.codePrefix = 'app-check';
+    }
+}
+exports.FirebaseAppCheckError = FirebaseAppCheckError;

package/lib/app-check/index.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.10.0 */
+/*! firebase-admin v14.0.0 */
 /*!
  * @license
  * Copyright 2021 Google LLC
@@ -51,3 +51,4 @@ export { AppCheck } from './app-check';
  *   app.
  */
 export declare function getAppCheck(app?: App): AppCheck;
+export { FirebaseAppCheckError, AppCheckErrorCode } from './error';

package/lib/app-check/index.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.10.0 */
+/*! firebase-admin v14.0.0 */
 "use strict";
 /*!
  * @license
@@ -17,7 +17,7 @@
  * limitations under the License.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.AppCheck = void 0;
+exports.AppCheckErrorCode = exports.FirebaseAppCheckError = exports.AppCheck = void 0;
 exports.getAppCheck = getAppCheck;
 /**
  * Firebase App Check.
@@ -61,3 +61,6 @@ function getAppCheck(app) {
     const firebaseApp = app;
     return firebaseApp.getOrInitService('appCheck', (app) => new app_check_1.AppCheck(app));
 }
+var error_1 = require("./error");
+Object.defineProperty(exports, "FirebaseAppCheckError", { enumerable: true, get: function () { return error_1.FirebaseAppCheckError; } });
+Object.defineProperty(exports, "AppCheckErrorCode", { enumerable: true, get: function () { return error_1.AppCheckErrorCode; } });

package/lib/app-check/token-generator.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.10.0 */
+/*! firebase-admin v14.0.0 */
 /*!
  * @license
  * Copyright 2021 Google LLC

package/lib/app-check/token-generator.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.10.0 */
+/*! firebase-admin v14.0.0 */
 "use strict";
 /*!
  * @license
@@ -22,7 +22,8 @@ exports.appCheckErrorFromCryptoSignerError = appCheckErrorFromCryptoSignerError;
 const validator = require("../utils/validator");
 const utils_1 = require("../utils");
 const crypto_signer_1 = require("../utils/crypto-signer");
-const app_check_api_client_internal_1 = require("./app-check-api-client-internal");
+const error_1 = require("./error");
+const error_2 = require("../utils/error");
 const ONE_MINUTE_IN_SECONDS = 60;
 const ONE_MINUTE_IN_MILLIS = ONE_MINUTE_IN_SECONDS * 1000;
 const ONE_DAY_IN_MILLIS = 24 * 60 * 60 * 1000;
@@ -42,7 +43,10 @@ class AppCheckTokenGenerator {
      */
     constructor(signer) {
         if (!validator.isNonNullObject(signer)) {
-            throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', 'INTERNAL ASSERT: Must provide a CryptoSigner to use AppCheckTokenGenerator.');
+            throw new error_1.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: 'INTERNAL ASSERT: Must provide a CryptoSigner to use AppCheckTokenGenerator.'
+            });
         }
         this.signer = signer;
     }
@@ -56,7 +60,10 @@ class AppCheckTokenGenerator {
      */
     createCustomToken(appId, options) {
         if (!validator.isNonEmptyString(appId)) {
-            throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', '`appId` must be a non-empty string.');
+            throw new error_1.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: '`appId` must be a non-empty string.'
+            });
         }
         let customOptions = {};
         if (typeof options !== 'undefined') {
@@ -99,15 +106,24 @@ class AppCheckTokenGenerator {
      */
     validateTokenOptions(options) {
         if (!validator.isNonNullObject(options)) {
-            throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', 'AppCheckTokenOptions must be a non-null object.');
+            throw new error_1.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: 'AppCheckTokenOptions must be a non-null object.'
+            });
         }
         if (typeof options.ttlMillis !== 'undefined') {
             if (!validator.isNumber(options.ttlMillis)) {
-                throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', 'ttlMillis must be a duration in milliseconds.');
+                throw new error_1.FirebaseAppCheckError({
+                    code: 'invalid-argument',
+                    message: 'ttlMillis must be a duration in milliseconds.'
+                });
             }
             // ttlMillis must be between 30 minutes and 7 days (inclusive)
             if (options.ttlMillis < (ONE_MINUTE_IN_MILLIS * 30) || options.ttlMillis > (ONE_DAY_IN_MILLIS * 7)) {
-                throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', 'ttlMillis must be a duration in milliseconds between 30 minutes and 7 days (inclusive).');
+                throw new error_1.FirebaseAppCheckError({
+                    code: 'invalid-argument',
+                    message: 'ttlMillis must be a duration in milliseconds between 30 minutes and 7 days (inclusive).'
+                });
             }
             return { ttl: (0, utils_1.transformMillisecondsToSecondsString)(options.ttlMillis) };
         }
@@ -131,16 +147,30 @@ function appCheckErrorFromCryptoSignerError(err) {
         const errorResponse = httpError.response.data;
         if (errorResponse?.error) {
             const status = errorResponse.error.status;
-            const description = errorResponse.error.message || JSON.stringify(httpError.response);
+            const description = errorResponse.error.message || 'Unknown server error';
             let code = 'unknown-error';
-            if (status && status in app_check_api_client_internal_1.APP_CHECK_ERROR_CODE_MAPPING) {
-                code = app_check_api_client_internal_1.APP_CHECK_ERROR_CODE_MAPPING[status];
+            if (status && status in error_1.APP_CHECK_ERROR_CODE_MAPPING) {
+                code = error_1.APP_CHECK_ERROR_CODE_MAPPING[status];
             }
-            return new app_check_api_client_internal_1.FirebaseAppCheckError(code, `Error returned from server while signing a custom token: ${description}`);
+            return new error_1.FirebaseAppCheckError({
+                code,
+                message: `Error returned from server while signing a custom token: ${description}`,
+                httpResponse: (0, error_2.toHttpResponse)(httpError.response),
+                cause: err
+            });
         }
-        return new app_check_api_client_internal_1.FirebaseAppCheckError('internal-error', 'Error returned from server: ' + JSON.stringify(errorResponse) + '.');
+        return new error_1.FirebaseAppCheckError({
+            code: 'internal-error',
+            message: 'Error returned from server.',
+            httpResponse: (0, error_2.toHttpResponse)(httpError.response),
+            cause: err
+        });
     }
-    return new app_check_api_client_internal_1.FirebaseAppCheckError(mapToAppCheckErrorCode(err.code), err.message);
+    return new error_1.FirebaseAppCheckError({
+        code: mapToAppCheckErrorCode(err.code),
+        message: err.message,
+        cause: err
+    });
 }
 function mapToAppCheckErrorCode(code) {
     switch (code) {

package/lib/app-check/token-verifier.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.10.0 */
+/*! firebase-admin v14.0.0 */
 /*!
  * Copyright 2021 Google LLC
  *

package/lib/app-check/token-verifier.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.10.0 */
+/*! firebase-admin v14.0.0 */
 "use strict";
 /*!
  * Copyright 2021 Google LLC
@@ -19,7 +19,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.AppCheckTokenVerifier = void 0;
 const validator = require("../utils/validator");
 const util = require("../utils/index");
-const app_check_api_client_internal_1 = require("./app-check-api-client-internal");
+const error_1 = require("./error");
 const jwt_1 = require("../utils/jwt");
 const APP_CHECK_ISSUER = 'https://firebaseappcheck.googleapis.com/';
 const JWKS_URL = 'https://firebaseappcheck.googleapis.com/v1/jwks';
@@ -41,7 +41,10 @@ class AppCheckTokenVerifier {
      */
     verifyToken(token) {
         if (!validator.isString(token)) {
-            throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', 'App check token must be a non-null string.');
+            throw new error_1.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: 'App check token must be a non-null string.'
+            });
         }
         return this.ensureProjectId()
             .then((projectId) => {
@@ -57,8 +60,11 @@ class AppCheckTokenVerifier {
         return util.findProjectId(this.app)
             .then((projectId) => {
             if (!validator.isNonEmptyString(projectId)) {
-                throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-credential', 'Must initialize app with a cert credential or set your Firebase project ID as the ' +
-                    'GOOGLE_CLOUD_PROJECT environment variable to verify an App Check token.');
+                throw new error_1.FirebaseAppCheckError({
+                    code: 'invalid-credential',
+                    message: 'Must initialize app with a cert credential or set your Firebase project ID as the ' +
+                        'GOOGLE_CLOUD_PROJECT environment variable to verify an App Check token.'
+                });
             }
             return projectId;
         });
@@ -76,7 +82,10 @@ class AppCheckTokenVerifier {
             .catch(() => {
             const errorMessage = 'Decoding App Check token failed. Make sure you passed ' +
                 'the entire string JWT which represents the Firebase App Check token.';
-            throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', errorMessage);
+            throw new error_1.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: errorMessage
+            });
         });
     }
     /**
@@ -110,7 +119,10 @@ class AppCheckTokenVerifier {
             errorMessage = 'The provided App Check token has an empty string "sub" (subject) claim.';
         }
         if (errorMessage) {
-            throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', errorMessage);
+            throw new error_1.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: errorMessage
+            });
         }
     }
     verifySignature(jwtToken) {
@@ -129,19 +141,35 @@ class AppCheckTokenVerifier {
         if (error.code === jwt_1.JwtErrorCode.TOKEN_EXPIRED) {
             const errorMessage = 'The provided App Check token has expired. Get a fresh App Check token' +
                 ' from your client app and try again.';
-            return new app_check_api_client_internal_1.FirebaseAppCheckError('app-check-token-expired', errorMessage);
+            return new error_1.FirebaseAppCheckError({
+                code: 'app-check-token-expired',
+                message: errorMessage,
+                cause: error
+            });
         }
         else if (error.code === jwt_1.JwtErrorCode.INVALID_SIGNATURE) {
             const errorMessage = 'The provided App Check token has invalid signature.';
-            return new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', errorMessage);
+            return new error_1.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: errorMessage,
+                cause: error
+            });
         }
         else if (error.code === jwt_1.JwtErrorCode.NO_MATCHING_KID) {
             const errorMessage = 'The provided App Check token has "kid" claim which does not ' +
                 'correspond to a known public key. Most likely the provided App Check token ' +
                 'is expired, so get a fresh token from your client app and try again.';
-            return new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', errorMessage);
+            return new error_1.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: errorMessage,
+                cause: error
+            });
         }
-        return new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', error.message);
+        return new error_1.FirebaseAppCheckError({
+            code: 'invalid-argument',
+            message: error.message,
+            cause: error
+        });
     }
 }
 exports.AppCheckTokenVerifier = AppCheckTokenVerifier;

package/lib/auth/action-code-settings-builder.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.10.0 */
+/*! firebase-admin v14.0.0 */
 /*!
  * Copyright 2018 Google LLC
  *