firebase-admin 13.9.0 → 14.0.0

package/lib/app-check/app-check-api-client-internal.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.9.0 */
+/*! firebase-admin v14.0.0 */
 /*!
  * @license
  * Copyright 2021 Google LLC
@@ -15,18 +15,4 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-import { PrefixedFirebaseError } from '../utils/error';
-export declare const APP_CHECK_ERROR_CODE_MAPPING: {
-    [key: string]: AppCheckErrorCode;
-};
-export type AppCheckErrorCode = 'aborted' | 'invalid-argument' | 'invalid-credential' | 'internal-error' | 'permission-denied' | 'unauthenticated' | 'not-found' | 'app-check-token-expired' | 'unknown-error';
-/**
- * Firebase App Check error code structure. This extends PrefixedFirebaseError.
- *
- * @param code - The error code.
- * @param message - The error message.
- * @constructor
- */
-export declare class FirebaseAppCheckError extends PrefixedFirebaseError {
-    constructor(code: AppCheckErrorCode, message: string);
-}
+export {};

package/lib/app-check/app-check-api-client-internal.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.9.0 */
+/*! firebase-admin v14.0.0 */
 "use strict";
 /*!
  * @license
@@ -17,9 +17,10 @@
  * limitations under the License.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.FirebaseAppCheckError = exports.APP_CHECK_ERROR_CODE_MAPPING = exports.AppCheckApiClient = void 0;
+exports.AppCheckApiClient = void 0;
 const api_request_1 = require("../utils/api-request");
 const error_1 = require("../utils/error");
+const error_2 = require("./error");
 const utils = require("../utils/index");
 const validator = require("../utils/validator");
 // App Check backend constants
@@ -37,7 +38,10 @@ class AppCheckApiClient {
     constructor(app) {
         this.app = app;
         if (!validator.isNonNullObject(app) || !('options' in app)) {
-            throw new FirebaseAppCheckError('invalid-argument', 'First argument passed to admin.appCheck() must be a valid Firebase app instance.');
+            throw new error_2.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: 'First argument passed to admin.appCheck() must be a valid Firebase app instance.'
+            });
         }
         this.httpClient = new api_request_1.AuthorizedHttpClient(app);
     }
@@ -48,12 +52,38 @@ class AppCheckApiClient {
      * @param appId - The mobile App ID.
      * @returns A promise that fulfills with a `AppCheckToken`.
      */
-    exchangeToken(customToken, appId) {
+    exchangeToken(customToken, appId, options) {
         if (!validator.isNonEmptyString(appId)) {
-            throw new FirebaseAppCheckError('invalid-argument', '`appId` must be a non-empty string.');
+            throw new error_2.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: '`appId` must be a non-empty string.'
+            });
         }
         if (!validator.isNonEmptyString(customToken)) {
-            throw new FirebaseAppCheckError('invalid-argument', '`customToken` must be a non-empty string.');
+            throw new error_2.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: '`customToken` must be a non-empty string.'
+            });
+        }
+        if (typeof options?.limitedUse !== 'undefined' && !validator.isBoolean(options.limitedUse)) {
+            throw new error_2.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: '`limitedUse` must be a boolean value.'
+            });
+        }
+        if (typeof options?.jti !== 'undefined') {
+            if (!validator.isString(options.jti)) {
+                throw new error_2.FirebaseAppCheckError({
+                    code: 'invalid-argument',
+                    message: '`jti` must be a string value.'
+                });
+            }
+            if (!options.limitedUse) {
+                throw new error_2.FirebaseAppCheckError({
+                    code: 'invalid-argument',
+                    message: '`jti` cannot be specified without setting `limitedUse` to `true`.'
+                });
+            }
         }
         return this.getUrl(appId)
             .then((url) => {
@@ -61,7 +91,11 @@ class AppCheckApiClient {
                 method: 'POST',
                 url,
                 headers: FIREBASE_APP_CHECK_CONFIG_HEADERS,
-                data: { customToken }
+                data: {
+                    customToken,
+                    ...(options?.limitedUse !== undefined && { limitedUse: options.limitedUse }),
+                    ...(options?.jti !== undefined && { jti: options.jti }),
+                }
             };
             return this.httpClient.send(request);
         })
@@ -74,7 +108,10 @@ class AppCheckApiClient {
     }
     verifyReplayProtection(token) {
         if (!validator.isNonEmptyString(token)) {
-            throw new FirebaseAppCheckError('invalid-argument', '`token` must be a non-empty string.');
+            throw new error_2.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: '`token` must be a non-empty string.'
+            });
         }
         return this.getVerifyTokenUrl()
             .then((url) => {
@@ -89,7 +126,11 @@ class AppCheckApiClient {
             .then((resp) => {
             if (typeof resp.data.alreadyConsumed !== 'undefined'
                 && !validator.isBoolean(resp.data?.alreadyConsumed)) {
-                throw new FirebaseAppCheckError('invalid-argument', '`alreadyConsumed` must be a boolean value.');
+                throw new error_2.FirebaseAppCheckError({
+                    code: 'invalid-argument',
+                    message: '`alreadyConsumed` must be a boolean value.',
+                    httpResponse: (0, error_1.toHttpResponse)(resp)
+                });
             }
             return resp.data.alreadyConsumed || false;
         })
@@ -125,29 +166,37 @@ class AppCheckApiClient {
         return utils.findProjectId(this.app)
             .then((projectId) => {
             if (!validator.isNonEmptyString(projectId)) {
-                throw new FirebaseAppCheckError('unknown-error', 'Failed to determine project ID. Initialize the '
-                    + 'SDK with service account credentials or set project ID as an app option. '
-                    + 'Alternatively, set the GOOGLE_CLOUD_PROJECT environment variable.');
+                throw new error_2.FirebaseAppCheckError({
+                    code: 'unknown-error',
+                    message: 'Failed to determine project ID. Initialize the '
+                        + 'SDK with service account credentials or set project ID as an app option. '
+                        + 'Alternatively, set the GOOGLE_CLOUD_PROJECT environment variable.'
+                });
             }
             this.projectId = projectId;
             return projectId;
         });
     }
     toFirebaseError(err) {
-        if (err instanceof error_1.PrefixedFirebaseError) {
+        if (err instanceof error_1.FirebaseError) {
             return err;
         }
         const response = err.response;
         if (!response.isJson()) {
-            return new FirebaseAppCheckError('unknown-error', `Unexpected response with status: ${response.status} and body: ${response.text}`);
+            return new error_2.FirebaseAppCheckError({
+                code: 'unknown-error',
+                message: `Unexpected response with status: ${response.status} and body: ${response.text}`,
+                httpResponse: (0, error_1.toHttpResponse)(response),
+                cause: err
+            });
         }
         const error = response.data.error || {};
         let code = 'unknown-error';
-        if (error.status && error.status in exports.APP_CHECK_ERROR_CODE_MAPPING) {
-            code = exports.APP_CHECK_ERROR_CODE_MAPPING[error.status];
+        if (error.status && error.status in error_2.APP_CHECK_ERROR_CODE_MAPPING) {
+            code = error_2.APP_CHECK_ERROR_CODE_MAPPING[error.status];
         }
-        const message = error.message || `Unknown server error: ${response.text}`;
-        return new FirebaseAppCheckError(code, message);
+        const message = error.message || 'Unknown server error';
+        return new error_2.FirebaseAppCheckError({ code, message, httpResponse: (0, error_1.toHttpResponse)(response), cause: err });
     }
     /**
      * Creates an AppCheckToken from the API response.
@@ -177,38 +226,13 @@ class AppCheckApiClient {
      */
     stringToMilliseconds(duration) {
         if (!validator.isNonEmptyString(duration) || !duration.endsWith('s')) {
-            throw new FirebaseAppCheckError('invalid-argument', '`ttl` must be a valid duration string with the suffix `s`.');
+            throw new error_2.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: '`ttl` must be a valid duration string with the suffix `s`.'
+            });
         }
         const seconds = duration.slice(0, -1);
         return Math.floor(Number(seconds) * 1000);
     }
 }
 exports.AppCheckApiClient = AppCheckApiClient;
-exports.APP_CHECK_ERROR_CODE_MAPPING = {
-    ABORTED: 'aborted',
-    INVALID_ARGUMENT: 'invalid-argument',
-    INVALID_CREDENTIAL: 'invalid-credential',
-    INTERNAL: 'internal-error',
-    PERMISSION_DENIED: 'permission-denied',
-    UNAUTHENTICATED: 'unauthenticated',
-    NOT_FOUND: 'not-found',
-    UNKNOWN: 'unknown-error',
-};
-/**
- * Firebase App Check error code structure. This extends PrefixedFirebaseError.
- *
- * @param code - The error code.
- * @param message - The error message.
- * @constructor
- */
-class FirebaseAppCheckError extends error_1.PrefixedFirebaseError {
-    constructor(code, message) {
-        super('app-check', code, message);
-        /* tslint:disable:max-line-length */
-        // Set the prototype explicitly. See the following link for more details:
-        // https://github.com/Microsoft/TypeScript/wiki/Breaking-Changes#extending-built-ins-like-error-array-and-map-may-no-longer-work
-        /* tslint:enable:max-line-length */
-        this.__proto__ = FirebaseAppCheckError.prototype;
-    }
-}
-exports.FirebaseAppCheckError = FirebaseAppCheckError;

package/lib/app-check/app-check-api.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.9.0 */
+/*! firebase-admin v14.0.0 */
 /*!
  * @license
  * Copyright 2021 Google LLC
@@ -37,6 +37,24 @@ export interface AppCheckTokenOptions {
      * be valid. This value must be between 30 minutes and 7 days, inclusive.
      */
     ttlMillis?: number;
+    /**
+     * Specifies whether this token is for a limited use context.
+     * To enable this token to be used with the replay protection feature, set this to `true`.
+     * The default value is `false`.
+     */
+    limitedUse?: boolean;
+    /**
+     * Specifies the desired `jti` claim (Section 4.1.7 of RFC 7519) in the returned App
+     * Check token. Limited-use App Check tokens with the same `jti` will be counted as the
+     * same token for the purposes of replay protection.
+     *
+     * If this field is omitted or is empty, a randomly generated `jti` will be used in the
+     * returned App Check token.
+     *
+     * An error is returned if this field is specified without setting `limitedUse` to
+     * `true`.
+     */
+    jti?: string;
 }
 /**
  * Interface representing options for the {@link AppCheck.verifyToken} method.

package/lib/app-check/app-check-api.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.9.0 */
+/*! firebase-admin v14.0.0 */
 "use strict";
 /*!
  * @license

package/lib/app-check/app-check.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.9.0 */
+/*! firebase-admin v14.0.0 */
 /*!
  * @license
  * Copyright 2021 Google LLC

package/lib/app-check/app-check.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.9.0 */
+/*! firebase-admin v14.0.0 */
 "use strict";
 /*!
  * @license
@@ -20,6 +20,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.AppCheck = void 0;
 const validator = require("../utils/validator");
 const app_check_api_client_internal_1 = require("./app-check-api-client-internal");
+const error_1 = require("./error");
 const token_generator_1 = require("./token-generator");
 const token_verifier_1 = require("./token-verifier");
 const crypto_signer_1 = require("../utils/crypto-signer");
@@ -55,7 +56,7 @@ class AppCheck {
     createToken(appId, options) {
         return this.tokenGenerator.createCustomToken(appId, options)
             .then((customToken) => {
-            return this.client.exchangeToken(customToken, appId);
+            return this.client.exchangeToken(customToken, appId, options);
         });
     }
     /**
@@ -94,7 +95,10 @@ class AppCheck {
             return;
         }
         if (!validator.isNonNullObject(options)) {
-            throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', 'VerifyAppCheckTokenOptions must be a non-null object.');
+            throw new error_1.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: 'VerifyAppCheckTokenOptions must be a non-null object.'
+            });
         }
     }
 }

package/lib/app-check/error.d.ts

@@ -0,0 +1,47 @@
+/*! firebase-admin v14.0.0 */
+/*!
+ * Copyright 2026 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import { FirebaseError, ErrorInfo } from '../utils/error';
+/** @const {Record<string, AppCheckErrorCode>} App Check server to client error code mapping. */
+export declare const APP_CHECK_ERROR_CODE_MAPPING: Record<string, AppCheckErrorCode>;
+/**
+ * The constant mapping for valid App Check client error codes.
+ */
+export declare const AppCheckErrorCode: {
+    readonly ABORTED: "aborted";
+    readonly INVALID_ARGUMENT: "invalid-argument";
+    readonly INVALID_CREDENTIAL: "invalid-credential";
+    readonly INTERNAL: "internal-error";
+    readonly PERMISSION_DENIED: "permission-denied";
+    readonly UNAUTHENTICATED: "unauthenticated";
+    readonly NOT_FOUND: "not-found";
+    readonly APP_CHECK_TOKEN_EXPIRED: "app-check-token-expired";
+    readonly UNKNOWN: "unknown-error";
+};
+/**
+ * The type definition for valid App Check client error codes.
+ */
+export type AppCheckErrorCode = typeof AppCheckErrorCode[keyof typeof AppCheckErrorCode];
+/**
+ * Firebase App Check error code structure. This extends `FirebaseError`.
+ */
+export declare class FirebaseAppCheckError extends FirebaseError {
+    /**
+     * @param info - The error code info.
+     * @param message - The error message. If provided, this will override the default message.
+     */
+    constructor(info: ErrorInfo, message?: string);
+}

package/lib/app-check/error.js

@@ -0,0 +1,65 @@
+/*! firebase-admin v14.0.0 */
+"use strict";
+/*!
+ * Copyright 2026 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FirebaseAppCheckError = exports.AppCheckErrorCode = exports.APP_CHECK_ERROR_CODE_MAPPING = void 0;
+const error_1 = require("../utils/error");
+/** @const {Record<string, AppCheckErrorCode>} App Check server to client error code mapping. */
+exports.APP_CHECK_ERROR_CODE_MAPPING = {
+    ABORTED: 'aborted',
+    INVALID_ARGUMENT: 'invalid-argument',
+    INVALID_CREDENTIAL: 'invalid-credential',
+    INTERNAL: 'internal-error',
+    PERMISSION_DENIED: 'permission-denied',
+    UNAUTHENTICATED: 'unauthenticated',
+    NOT_FOUND: 'not-found',
+    UNKNOWN: 'unknown-error',
+};
+/**
+ * The constant mapping for valid App Check client error codes.
+ */
+exports.AppCheckErrorCode = {
+    ABORTED: 'aborted',
+    INVALID_ARGUMENT: 'invalid-argument',
+    INVALID_CREDENTIAL: 'invalid-credential',
+    INTERNAL: 'internal-error',
+    PERMISSION_DENIED: 'permission-denied',
+    UNAUTHENTICATED: 'unauthenticated',
+    NOT_FOUND: 'not-found',
+    APP_CHECK_TOKEN_EXPIRED: 'app-check-token-expired',
+    UNKNOWN: 'unknown-error',
+};
+/**
+ * Firebase App Check error code structure. This extends `FirebaseError`.
+ */
+class FirebaseAppCheckError extends error_1.FirebaseError {
+    /**
+     * @param info - The error code info.
+     * @param message - The error message. If provided, this will override the default message.
+     */
+    constructor(info, message) {
+        super({
+            code: `app-check/${info.code}`,
+            message: message || info.message,
+            httpResponse: info.httpResponse,
+            cause: info.cause,
+        });
+        /** @internal */
+        this.codePrefix = 'app-check';
+    }
+}
+exports.FirebaseAppCheckError = FirebaseAppCheckError;

package/lib/app-check/index.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.9.0 */
+/*! firebase-admin v14.0.0 */
 /*!
  * @license
  * Copyright 2021 Google LLC
@@ -51,3 +51,4 @@ export { AppCheck } from './app-check';
  *   app.
  */
 export declare function getAppCheck(app?: App): AppCheck;
+export { FirebaseAppCheckError, AppCheckErrorCode } from './error';

package/lib/app-check/index.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.9.0 */
+/*! firebase-admin v14.0.0 */
 "use strict";
 /*!
  * @license
@@ -17,7 +17,7 @@
  * limitations under the License.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.AppCheck = void 0;
+exports.AppCheckErrorCode = exports.FirebaseAppCheckError = exports.AppCheck = void 0;
 exports.getAppCheck = getAppCheck;
 /**
  * Firebase App Check.
@@ -61,3 +61,6 @@ function getAppCheck(app) {
     const firebaseApp = app;
     return firebaseApp.getOrInitService('appCheck', (app) => new app_check_1.AppCheck(app));
 }
+var error_1 = require("./error");
+Object.defineProperty(exports, "FirebaseAppCheckError", { enumerable: true, get: function () { return error_1.FirebaseAppCheckError; } });
+Object.defineProperty(exports, "AppCheckErrorCode", { enumerable: true, get: function () { return error_1.AppCheckErrorCode; } });

package/lib/app-check/token-generator.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.9.0 */
+/*! firebase-admin v14.0.0 */
 /*!
  * @license
  * Copyright 2021 Google LLC

package/lib/app-check/token-generator.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.9.0 */
+/*! firebase-admin v14.0.0 */
 "use strict";
 /*!
  * @license
@@ -22,7 +22,8 @@ exports.appCheckErrorFromCryptoSignerError = appCheckErrorFromCryptoSignerError;
 const validator = require("../utils/validator");
 const utils_1 = require("../utils");
 const crypto_signer_1 = require("../utils/crypto-signer");
-const app_check_api_client_internal_1 = require("./app-check-api-client-internal");
+const error_1 = require("./error");
+const error_2 = require("../utils/error");
 const ONE_MINUTE_IN_SECONDS = 60;
 const ONE_MINUTE_IN_MILLIS = ONE_MINUTE_IN_SECONDS * 1000;
 const ONE_DAY_IN_MILLIS = 24 * 60 * 60 * 1000;
@@ -42,7 +43,10 @@ class AppCheckTokenGenerator {
      */
     constructor(signer) {
         if (!validator.isNonNullObject(signer)) {
-            throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', 'INTERNAL ASSERT: Must provide a CryptoSigner to use AppCheckTokenGenerator.');
+            throw new error_1.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: 'INTERNAL ASSERT: Must provide a CryptoSigner to use AppCheckTokenGenerator.'
+            });
         }
         this.signer = signer;
     }
@@ -56,7 +60,10 @@ class AppCheckTokenGenerator {
      */
     createCustomToken(appId, options) {
         if (!validator.isNonEmptyString(appId)) {
-            throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', '`appId` must be a non-empty string.');
+            throw new error_1.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: '`appId` must be a non-empty string.'
+            });
         }
         let customOptions = {};
         if (typeof options !== 'undefined') {
@@ -99,15 +106,24 @@ class AppCheckTokenGenerator {
      */
     validateTokenOptions(options) {
         if (!validator.isNonNullObject(options)) {
-            throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', 'AppCheckTokenOptions must be a non-null object.');
+            throw new error_1.FirebaseAppCheckError({
+                code: 'invalid-argument',
+                message: 'AppCheckTokenOptions must be a non-null object.'
+            });
         }
         if (typeof options.ttlMillis !== 'undefined') {
             if (!validator.isNumber(options.ttlMillis)) {
-                throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', 'ttlMillis must be a duration in milliseconds.');
+                throw new error_1.FirebaseAppCheckError({
+                    code: 'invalid-argument',
+                    message: 'ttlMillis must be a duration in milliseconds.'
+                });
             }
             // ttlMillis must be between 30 minutes and 7 days (inclusive)
             if (options.ttlMillis < (ONE_MINUTE_IN_MILLIS * 30) || options.ttlMillis > (ONE_DAY_IN_MILLIS * 7)) {
-                throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', 'ttlMillis must be a duration in milliseconds between 30 minutes and 7 days (inclusive).');
+                throw new error_1.FirebaseAppCheckError({
+                    code: 'invalid-argument',
+                    message: 'ttlMillis must be a duration in milliseconds between 30 minutes and 7 days (inclusive).'
+                });
             }
             return { ttl: (0, utils_1.transformMillisecondsToSecondsString)(options.ttlMillis) };
         }
@@ -131,16 +147,30 @@ function appCheckErrorFromCryptoSignerError(err) {
         const errorResponse = httpError.response.data;
         if (errorResponse?.error) {
             const status = errorResponse.error.status;
-            const description = errorResponse.error.message || JSON.stringify(httpError.response);
+            const description = errorResponse.error.message || 'Unknown server error';
             let code = 'unknown-error';
-            if (status && status in app_check_api_client_internal_1.APP_CHECK_ERROR_CODE_MAPPING) {
-                code = app_check_api_client_internal_1.APP_CHECK_ERROR_CODE_MAPPING[status];
+            if (status && status in error_1.APP_CHECK_ERROR_CODE_MAPPING) {
+                code = error_1.APP_CHECK_ERROR_CODE_MAPPING[status];
             }
-            return new app_check_api_client_internal_1.FirebaseAppCheckError(code, `Error returned from server while signing a custom token: ${description}`);
+            return new error_1.FirebaseAppCheckError({
+                code,
+                message: `Error returned from server while signing a custom token: ${description}`,
+                httpResponse: (0, error_2.toHttpResponse)(httpError.response),
+                cause: err
+            });
         }
-        return new app_check_api_client_internal_1.FirebaseAppCheckError('internal-error', 'Error returned from server: ' + JSON.stringify(errorResponse) + '.');
+        return new error_1.FirebaseAppCheckError({
+            code: 'internal-error',
+            message: 'Error returned from server.',
+            httpResponse: (0, error_2.toHttpResponse)(httpError.response),
+            cause: err
+        });
     }
-    return new app_check_api_client_internal_1.FirebaseAppCheckError(mapToAppCheckErrorCode(err.code), err.message);
+    return new error_1.FirebaseAppCheckError({
+        code: mapToAppCheckErrorCode(err.code),
+        message: err.message,
+        cause: err
+    });
 }
 function mapToAppCheckErrorCode(code) {
     switch (code) {

package/lib/app-check/token-verifier.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v13.9.0 */
+/*! firebase-admin v14.0.0 */
 /*!
  * Copyright 2021 Google LLC
  *