firebase-admin 13.9.0 → 14.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -2
- package/lib/app/core.d.ts +2 -38
- package/lib/app/core.js +1 -1
- package/lib/app/credential-factory.d.ts +1 -1
- package/lib/app/credential-factory.js +1 -1
- package/lib/app/credential-internal.d.ts +1 -1
- package/lib/app/credential-internal.js +48 -17
- package/lib/app/credential.d.ts +1 -1
- package/lib/app/credential.js +1 -1
- package/lib/app/error.d.ts +47 -0
- package/lib/app/error.js +57 -0
- package/lib/app/firebase-app.d.ts +1 -1
- package/lib/app/firebase-app.js +28 -12
- package/lib/app/index.d.ts +4 -3
- package/lib/app/index.js +6 -4
- package/lib/app/lifecycle.d.ts +2 -2
- package/lib/app/lifecycle.js +46 -21
- package/lib/app-check/app-check-api-client-internal.d.ts +2 -16
- package/lib/app-check/app-check-api-client-internal.js +71 -47
- package/lib/app-check/app-check-api.d.ts +19 -1
- package/lib/app-check/app-check-api.js +1 -1
- package/lib/app-check/app-check.d.ts +1 -1
- package/lib/app-check/app-check.js +7 -3
- package/lib/app-check/error.d.ts +47 -0
- package/lib/app-check/error.js +65 -0
- package/lib/app-check/index.d.ts +2 -1
- package/lib/app-check/index.js +5 -2
- package/lib/app-check/token-generator.d.ts +1 -1
- package/lib/app-check/token-generator.js +43 -13
- package/lib/app-check/token-verifier.d.ts +1 -1
- package/lib/app-check/token-verifier.js +39 -11
- package/lib/auth/action-code-settings-builder.d.ts +1 -1
- package/lib/auth/action-code-settings-builder.js +16 -16
- package/lib/auth/auth-api-request.d.ts +6 -4
- package/lib/auth/auth-api-request.js +277 -166
- package/lib/auth/auth-config.d.ts +31 -2
- package/lib/auth/auth-config.js +103 -103
- package/lib/auth/auth.d.ts +1 -1
- package/lib/auth/auth.js +1 -1
- package/lib/auth/base-auth.d.ts +2 -1
- package/lib/auth/base-auth.js +29 -27
- package/lib/auth/error.d.ts +137 -0
- package/lib/auth/error.js +690 -0
- package/lib/auth/identifier.d.ts +1 -1
- package/lib/auth/identifier.js +1 -1
- package/lib/auth/index.d.ts +2 -2
- package/lib/auth/index.js +4 -4
- package/lib/auth/project-config-manager.d.ts +1 -1
- package/lib/auth/project-config-manager.js +1 -1
- package/lib/auth/project-config.d.ts +1 -1
- package/lib/auth/project-config.js +4 -4
- package/lib/auth/tenant-manager.d.ts +2 -1
- package/lib/auth/tenant-manager.js +13 -10
- package/lib/auth/tenant.d.ts +1 -1
- package/lib/auth/tenant.js +7 -7
- package/lib/auth/token-generator.d.ts +1 -1
- package/lib/auth/token-generator.js +13 -13
- package/lib/auth/token-verifier.d.ts +1 -1
- package/lib/auth/token-verifier.js +22 -22
- package/lib/auth/user-import-builder.d.ts +1 -1
- package/lib/auth/user-import-builder.js +22 -22
- package/lib/auth/user-record.d.ts +1 -1
- package/lib/auth/user-record.js +6 -6
- package/lib/credential/index.d.ts +1 -1
- package/lib/credential/index.js +1 -1
- package/lib/data-connect/data-connect-api-client-internal.d.ts +1 -16
- package/lib/data-connect/data-connect-api-client-internal.js +122 -65
- package/lib/data-connect/data-connect-api.d.ts +1 -1
- package/lib/data-connect/data-connect-api.js +1 -1
- package/lib/data-connect/data-connect.d.ts +1 -1
- package/lib/data-connect/data-connect.js +1 -1
- package/lib/data-connect/error.d.ts +47 -0
- package/lib/data-connect/error.js +66 -0
- package/lib/data-connect/index.d.ts +2 -1
- package/lib/data-connect/index.js +5 -2
- package/lib/data-connect/validate-admin-args.d.ts +1 -1
- package/lib/data-connect/validate-admin-args.js +6 -3
- package/lib/database/database.d.ts +1 -1
- package/lib/database/database.js +11 -6
- package/lib/database/error.d.ts +39 -0
- package/lib/database/error.js +49 -0
- package/lib/database/index.d.ts +2 -2
- package/lib/database/index.js +4 -3
- package/lib/esm/app/index.js +2 -1
- package/lib/esm/app-check/index.js +2 -0
- package/lib/esm/auth/index.js +1 -1
- package/lib/esm/data-connect/index.js +2 -0
- package/lib/esm/database/index.js +1 -0
- package/lib/esm/eventarc/index.js +2 -0
- package/lib/esm/extensions/index.js +2 -0
- package/lib/esm/firebase-admin/index.js +13 -0
- package/lib/esm/firestore/index.js +1 -0
- package/lib/esm/functions/index.js +2 -0
- package/lib/esm/installations/index.js +1 -1
- package/lib/esm/machine-learning/index.js +2 -0
- package/lib/esm/messaging/index.js +1 -1
- package/lib/esm/phone-number-verification/index.js +2 -0
- package/lib/esm/project-management/index.js +1 -0
- package/lib/esm/remote-config/index.js +2 -0
- package/lib/esm/security-rules/index.js +2 -0
- package/lib/esm/storage/index.js +2 -0
- package/lib/eventarc/cloudevent.d.ts +1 -1
- package/lib/eventarc/cloudevent.js +1 -1
- package/lib/eventarc/error.d.ts +38 -0
- package/lib/eventarc/error.js +47 -0
- package/lib/eventarc/eventarc-client-internal.d.ts +1 -1
- package/lib/eventarc/eventarc-client-internal.js +24 -9
- package/lib/eventarc/eventarc-utils.d.ts +1 -13
- package/lib/eventarc/eventarc-utils.js +36 -26
- package/lib/eventarc/eventarc.d.ts +1 -1
- package/lib/eventarc/eventarc.js +18 -6
- package/lib/eventarc/index.d.ts +2 -1
- package/lib/eventarc/index.js +5 -2
- package/lib/extensions/error.d.ts +41 -0
- package/lib/extensions/error.js +50 -0
- package/lib/extensions/extensions-api-client-internal.d.ts +1 -13
- package/lib/extensions/extensions-api-client-internal.js +40 -28
- package/lib/extensions/extensions-api.d.ts +1 -1
- package/lib/extensions/extensions-api.js +1 -1
- package/lib/extensions/extensions.d.ts +1 -1
- package/lib/extensions/extensions.js +18 -5
- package/lib/extensions/index.d.ts +2 -1
- package/lib/extensions/index.js +5 -2
- package/lib/firestore/error.d.ts +41 -0
- package/lib/firestore/error.js +51 -0
- package/lib/firestore/firestore-internal.d.ts +2 -1
- package/lib/firestore/firestore-internal.js +6 -6
- package/lib/firestore/index.d.ts +2 -2
- package/lib/firestore/index.js +7 -7
- package/lib/functions/error.d.ts +48 -0
- package/lib/functions/error.js +67 -0
- package/lib/functions/functions-api-client-internal.d.ts +1 -16
- package/lib/functions/functions-api-client-internal.js +111 -71
- package/lib/functions/functions-api.d.ts +1 -1
- package/lib/functions/functions-api.js +1 -1
- package/lib/functions/functions.d.ts +1 -1
- package/lib/functions/functions.js +14 -4
- package/lib/functions/index.d.ts +2 -1
- package/lib/functions/index.js +5 -2
- package/lib/index.d.ts +13 -8
- package/lib/index.js +19 -3
- package/lib/installations/error.d.ts +48 -0
- package/lib/installations/error.js +73 -0
- package/lib/installations/index.d.ts +2 -2
- package/lib/installations/index.js +4 -4
- package/lib/installations/installations-request-handler.d.ts +1 -1
- package/lib/installations/installations-request-handler.js +11 -5
- package/lib/installations/installations.d.ts +1 -1
- package/lib/installations/installations.js +3 -3
- package/lib/machine-learning/error.d.ts +53 -0
- package/lib/machine-learning/error.js +84 -0
- package/lib/machine-learning/index.d.ts +2 -1
- package/lib/machine-learning/index.js +5 -2
- package/lib/machine-learning/machine-learning-api-client.d.ts +1 -1
- package/lib/machine-learning/machine-learning-api-client.js +61 -24
- package/lib/machine-learning/machine-learning.d.ts +1 -1
- package/lib/machine-learning/machine-learning.js +21 -9
- package/lib/messaging/error.d.ts +63 -0
- package/lib/messaging/error.js +286 -0
- package/lib/messaging/index.d.ts +3 -3
- package/lib/messaging/index.js +4 -4
- package/lib/messaging/messaging-api-request-internal.d.ts +1 -1
- package/lib/messaging/messaging-api-request-internal.js +1 -1
- package/lib/messaging/messaging-api.d.ts +1 -280
- package/lib/messaging/messaging-api.js +1 -1
- package/lib/messaging/messaging-errors-internal.d.ts +2 -2
- package/lib/messaging/messaging-errors-internal.js +11 -8
- package/lib/messaging/messaging-internal.d.ts +1 -1
- package/lib/messaging/messaging-internal.js +48 -48
- package/lib/messaging/messaging.d.ts +1 -1
- package/lib/messaging/messaging.js +47 -50
- package/lib/phone-number-verification/error.d.ts +43 -0
- package/lib/phone-number-verification/error.js +48 -0
- package/lib/phone-number-verification/index.d.ts +2 -1
- package/lib/phone-number-verification/index.js +5 -2
- package/lib/phone-number-verification/phone-number-verification-api-client-internal.d.ts +1 -18
- package/lib/phone-number-verification/phone-number-verification-api-client-internal.js +2 -26
- package/lib/phone-number-verification/phone-number-verification-api.d.ts +2 -2
- package/lib/phone-number-verification/phone-number-verification-api.js +5 -4
- package/lib/phone-number-verification/phone-number-verification.d.ts +1 -1
- package/lib/phone-number-verification/phone-number-verification.js +1 -1
- package/lib/phone-number-verification/token-verifier.d.ts +1 -1
- package/lib/phone-number-verification/token-verifier.js +68 -20
- package/lib/project-management/android-app.d.ts +1 -1
- package/lib/project-management/android-app.js +15 -6
- package/lib/project-management/app-metadata.d.ts +1 -1
- package/lib/project-management/app-metadata.js +1 -1
- package/lib/project-management/error.d.ts +45 -0
- package/lib/project-management/error.js +55 -0
- package/lib/project-management/index.d.ts +2 -2
- package/lib/project-management/index.js +4 -3
- package/lib/project-management/ios-app.d.ts +1 -1
- package/lib/project-management/ios-app.js +6 -3
- package/lib/project-management/project-management-api-request-internal.d.ts +1 -1
- package/lib/project-management/project-management-api-request-internal.js +18 -6
- package/lib/project-management/project-management.d.ts +1 -1
- package/lib/project-management/project-management.js +13 -7
- package/lib/remote-config/condition-evaluator-internal.d.ts +1 -1
- package/lib/remote-config/condition-evaluator-internal.js +4 -4
- package/lib/remote-config/error.d.ts +49 -0
- package/lib/remote-config/error.js +70 -0
- package/lib/remote-config/index.d.ts +2 -1
- package/lib/remote-config/index.js +5 -2
- package/lib/remote-config/internal/value-impl.d.ts +1 -1
- package/lib/remote-config/internal/value-impl.js +1 -1
- package/lib/remote-config/remote-config-api-client-internal.d.ts +2 -13
- package/lib/remote-config/remote-config-api-client-internal.js +80 -52
- package/lib/remote-config/remote-config-api.d.ts +1 -1
- package/lib/remote-config/remote-config-api.js +1 -1
- package/lib/remote-config/remote-config.d.ts +1 -1
- package/lib/remote-config/remote-config.js +92 -23
- package/lib/security-rules/error.d.ts +45 -0
- package/lib/security-rules/error.js +54 -0
- package/lib/security-rules/index.d.ts +2 -1
- package/lib/security-rules/index.js +5 -2
- package/lib/security-rules/security-rules-api-client-internal.d.ts +1 -1
- package/lib/security-rules/security-rules-api-client-internal.js +50 -18
- package/lib/security-rules/security-rules.d.ts +1 -1
- package/lib/security-rules/security-rules.js +32 -11
- package/lib/storage/error.d.ts +41 -0
- package/lib/storage/error.js +50 -0
- package/lib/storage/index.d.ts +2 -1
- package/lib/storage/index.js +8 -5
- package/lib/storage/storage.d.ts +1 -1
- package/lib/storage/storage.js +12 -12
- package/lib/storage/utils.d.ts +1 -1
- package/lib/storage/utils.js +1 -1
- package/lib/utils/api-request.d.ts +12 -12
- package/lib/utils/api-request.js +97 -55
- package/lib/utils/crypto-signer.d.ts +1 -1
- package/lib/utils/crypto-signer.js +2 -7
- package/lib/utils/deep-copy.d.ts +1 -1
- package/lib/utils/deep-copy.js +1 -1
- package/lib/utils/error.d.ts +75 -570
- package/lib/utils/error.js +53 -1047
- package/lib/utils/index.d.ts +1 -1
- package/lib/utils/index.js +2 -2
- package/lib/utils/jwt.d.ts +1 -1
- package/lib/utils/jwt.js +1 -2
- package/lib/utils/validator.d.ts +1 -1
- package/lib/utils/validator.js +1 -1
- package/package.json +25 -33
- package/lib/app/firebase-namespace.d.ts +0 -163
- package/lib/app/firebase-namespace.js +0 -335
- package/lib/app-check/app-check-namespace.d.ts +0 -72
- package/lib/app-check/app-check-namespace.js +0 -18
- package/lib/auth/auth-namespace.d.ts +0 -257
- package/lib/auth/auth-namespace.js +0 -18
- package/lib/database/database-namespace.d.ts +0 -95
- package/lib/database/database-namespace.js +0 -23
- package/lib/default-namespace.d.ts +0 -24
- package/lib/default-namespace.js +0 -30
- package/lib/esm/instance-id/index.js +0 -6
- package/lib/firebase-namespace-api.d.ts +0 -91
- package/lib/firebase-namespace-api.js +0 -58
- package/lib/firestore/firestore-namespace.d.ts +0 -71
- package/lib/firestore/firestore-namespace.js +0 -52
- package/lib/installations/installations-namespace.d.ts +0 -55
- package/lib/installations/installations-namespace.js +0 -18
- package/lib/instance-id/index.d.ts +0 -62
- package/lib/instance-id/index.js +0 -74
- package/lib/instance-id/instance-id-namespace.d.ts +0 -38
- package/lib/instance-id/instance-id-namespace.js +0 -3
- package/lib/instance-id/instance-id.d.ts +0 -47
- package/lib/instance-id/instance-id.js +0 -77
- package/lib/machine-learning/machine-learning-namespace.d.ts +0 -81
- package/lib/machine-learning/machine-learning-namespace.js +0 -18
- package/lib/machine-learning/machine-learning-utils.d.ts +0 -22
- package/lib/machine-learning/machine-learning-utils.js +0 -47
- package/lib/messaging/messaging-namespace.d.ts +0 -161
- package/lib/messaging/messaging-namespace.js +0 -18
- package/lib/project-management/project-management-namespace.d.ts +0 -82
- package/lib/project-management/project-management-namespace.js +0 -18
- package/lib/remote-config/remote-config-namespace.d.ts +0 -141
- package/lib/remote-config/remote-config-namespace.js +0 -18
- package/lib/security-rules/security-rules-internal.d.ts +0 -21
- package/lib/security-rules/security-rules-internal.js +0 -26
- package/lib/security-rules/security-rules-namespace.d.ts +0 -69
- package/lib/security-rules/security-rules-namespace.js +0 -18
- package/lib/storage/storage-namespace.d.ts +0 -45
- package/lib/storage/storage-namespace.js +0 -18
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! firebase-admin
|
|
1
|
+
/*! firebase-admin v14.0.0 */
|
|
2
2
|
"use strict";
|
|
3
3
|
/*!
|
|
4
4
|
* @license
|
|
@@ -21,7 +21,8 @@ exports.TenantAwareAuthRequestHandler = exports.AuthRequestHandler = exports.Abs
|
|
|
21
21
|
exports.useEmulator = useEmulator;
|
|
22
22
|
const validator = require("../utils/validator");
|
|
23
23
|
const deep_copy_1 = require("../utils/deep-copy");
|
|
24
|
-
const error_1 = require("
|
|
24
|
+
const error_1 = require("./error");
|
|
25
|
+
const error_2 = require("../utils/error");
|
|
25
26
|
const api_request_1 = require("../utils/api-request");
|
|
26
27
|
const utils = require("../utils/index");
|
|
27
28
|
const user_import_builder_1 = require("./user-import-builder");
|
|
@@ -85,16 +86,17 @@ class AuthResourceUrlBuilder {
|
|
|
85
86
|
/**
|
|
86
87
|
* The resource URL builder constructor.
|
|
87
88
|
*
|
|
88
|
-
* @param
|
|
89
|
+
* @param app - The app for this URL builder.
|
|
89
90
|
* @param version - The endpoint API version.
|
|
91
|
+
* @param emulatorHost - Optional emulator host captured at init time.
|
|
90
92
|
* @constructor
|
|
91
93
|
*/
|
|
92
|
-
constructor(app, version = 'v1') {
|
|
94
|
+
constructor(app, version = 'v1', emHost) {
|
|
93
95
|
this.app = app;
|
|
94
96
|
this.version = version;
|
|
95
|
-
if (
|
|
97
|
+
if (emHost) {
|
|
96
98
|
this.urlFormat = utils.formatString(FIREBASE_AUTH_EMULATOR_BASE_URL_FORMAT, {
|
|
97
|
-
host:
|
|
99
|
+
host: emHost
|
|
98
100
|
});
|
|
99
101
|
}
|
|
100
102
|
else {
|
|
@@ -129,7 +131,7 @@ class AuthResourceUrlBuilder {
|
|
|
129
131
|
return utils.findProjectId(this.app)
|
|
130
132
|
.then((projectId) => {
|
|
131
133
|
if (!validator.isNonEmptyString(projectId)) {
|
|
132
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
134
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_CREDENTIAL, 'Failed to determine project ID for Auth. Initialize the '
|
|
133
135
|
+ 'SDK with service account credentials or set project ID as an app option. '
|
|
134
136
|
+ 'Alternatively set the GOOGLE_CLOUD_PROJECT environment variable.');
|
|
135
137
|
}
|
|
@@ -143,19 +145,20 @@ class TenantAwareAuthResourceUrlBuilder extends AuthResourceUrlBuilder {
|
|
|
143
145
|
/**
|
|
144
146
|
* The tenant aware resource URL builder constructor.
|
|
145
147
|
*
|
|
146
|
-
* @param
|
|
148
|
+
* @param app - The app for this URL builder.
|
|
147
149
|
* @param version - The endpoint API version.
|
|
148
150
|
* @param tenantId - The tenant ID.
|
|
151
|
+
* @param emHost - Optional emulator host captured at init time.
|
|
149
152
|
* @constructor
|
|
150
153
|
*/
|
|
151
|
-
constructor(app, version, tenantId) {
|
|
152
|
-
super(app, version);
|
|
154
|
+
constructor(app, version, tenantId, emHost) {
|
|
155
|
+
super(app, version, emHost);
|
|
153
156
|
this.app = app;
|
|
154
157
|
this.version = version;
|
|
155
158
|
this.tenantId = tenantId;
|
|
156
|
-
if (
|
|
159
|
+
if (emHost) {
|
|
157
160
|
this.urlFormat = utils.formatString(FIREBASE_AUTH_EMULATOR_TENANT_URL_FORMAT, {
|
|
158
|
-
host:
|
|
161
|
+
host: emHost
|
|
159
162
|
});
|
|
160
163
|
}
|
|
161
164
|
else {
|
|
@@ -182,8 +185,12 @@ class TenantAwareAuthResourceUrlBuilder extends AuthResourceUrlBuilder {
|
|
|
182
185
|
* when communicating with the Auth Emulator.
|
|
183
186
|
*/
|
|
184
187
|
class AuthHttpClient extends api_request_1.AuthorizedHttpClient {
|
|
188
|
+
constructor(app, isEmulator) {
|
|
189
|
+
super(app);
|
|
190
|
+
this.isEmulator = isEmulator;
|
|
191
|
+
}
|
|
185
192
|
getToken() {
|
|
186
|
-
if (
|
|
193
|
+
if (this.isEmulator) {
|
|
187
194
|
return Promise.resolve('owner');
|
|
188
195
|
}
|
|
189
196
|
return super.getToken();
|
|
@@ -214,30 +221,30 @@ function validateAuthFactorInfo(request) {
|
|
|
214
221
|
// Enrollment uid may or may not be specified for update operations.
|
|
215
222
|
if (typeof request.mfaEnrollmentId !== 'undefined' &&
|
|
216
223
|
!validator.isNonEmptyString(request.mfaEnrollmentId)) {
|
|
217
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
224
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_UID, 'The second factor "uid" must be a valid non-empty string.');
|
|
218
225
|
}
|
|
219
226
|
if (typeof request.displayName !== 'undefined' &&
|
|
220
227
|
!validator.isString(request.displayName)) {
|
|
221
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
228
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_DISPLAY_NAME, `The second factor "displayName" for "${authFactorInfoIdentifier}" must be a valid string.`);
|
|
222
229
|
}
|
|
223
230
|
// enrolledAt must be a valid UTC date string.
|
|
224
231
|
if (typeof request.enrolledAt !== 'undefined' &&
|
|
225
232
|
!validator.isISODateString(request.enrolledAt)) {
|
|
226
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
233
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ENROLLMENT_TIME, `The second factor "enrollmentTime" for "${authFactorInfoIdentifier}" must be a valid ` +
|
|
227
234
|
'UTC date string.');
|
|
228
235
|
}
|
|
229
236
|
// Validate required fields depending on second factor type.
|
|
230
237
|
if (typeof request.phoneInfo !== 'undefined') {
|
|
231
238
|
// phoneNumber should be a string and a valid phone number.
|
|
232
239
|
if (!validator.isPhoneNumber(request.phoneInfo)) {
|
|
233
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
240
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PHONE_NUMBER, `The second factor "phoneNumber" for "${authFactorInfoIdentifier}" must be a non-empty ` +
|
|
234
241
|
'E.164 standard compliant identifier string.');
|
|
235
242
|
}
|
|
236
243
|
}
|
|
237
244
|
else {
|
|
238
245
|
// Invalid second factor. For example, a phone second factor may have been provided without
|
|
239
246
|
// a phone number. A TOTP based second factor may require a secret key, etc.
|
|
240
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
247
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ENROLLED_FACTORS, 'MFAInfo object provided is invalid.');
|
|
241
248
|
}
|
|
242
249
|
}
|
|
243
250
|
/**
|
|
@@ -262,27 +269,27 @@ function validateProviderUserInfo(request) {
|
|
|
262
269
|
}
|
|
263
270
|
}
|
|
264
271
|
if (!validator.isNonEmptyString(request.providerId)) {
|
|
265
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
272
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PROVIDER_ID);
|
|
266
273
|
}
|
|
267
274
|
if (typeof request.displayName !== 'undefined' &&
|
|
268
275
|
typeof request.displayName !== 'string') {
|
|
269
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
276
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_DISPLAY_NAME, `The provider "displayName" for "${request.providerId}" must be a valid string.`);
|
|
270
277
|
}
|
|
271
278
|
if (!validator.isNonEmptyString(request.rawId)) {
|
|
272
279
|
// This is called localId on the backend but the developer specifies this as
|
|
273
280
|
// uid externally. So the error message should use the client facing name.
|
|
274
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
281
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_UID, `The provider "uid" for "${request.providerId}" must be a valid non-empty string.`);
|
|
275
282
|
}
|
|
276
283
|
// email should be a string and a valid email.
|
|
277
284
|
if (typeof request.email !== 'undefined' && !validator.isEmail(request.email)) {
|
|
278
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
285
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_EMAIL, `The provider "email" for "${request.providerId}" must be a valid email string.`);
|
|
279
286
|
}
|
|
280
287
|
// photoUrl should be a URL.
|
|
281
288
|
if (typeof request.photoUrl !== 'undefined' &&
|
|
282
289
|
!validator.isURL(request.photoUrl)) {
|
|
283
290
|
// This is called photoUrl on the backend but the developer specifies this as
|
|
284
291
|
// photoURL externally. So the error message should use the client facing name.
|
|
285
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
292
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PHOTO_URL, `The provider "photoURL" for "${request.providerId}" must be a valid URL string.`);
|
|
286
293
|
}
|
|
287
294
|
}
|
|
288
295
|
/**
|
|
@@ -333,79 +340,79 @@ function validateCreateEditRequest(request, writeOperationType) {
|
|
|
333
340
|
}
|
|
334
341
|
if (typeof request.tenantId !== 'undefined' &&
|
|
335
342
|
!validator.isNonEmptyString(request.tenantId)) {
|
|
336
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
343
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_TENANT_ID);
|
|
337
344
|
}
|
|
338
345
|
// For any invalid parameter, use the external key name in the error description.
|
|
339
346
|
// displayName should be a string.
|
|
340
347
|
if (typeof request.displayName !== 'undefined' &&
|
|
341
348
|
!validator.isString(request.displayName)) {
|
|
342
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
349
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_DISPLAY_NAME);
|
|
343
350
|
}
|
|
344
351
|
if ((typeof request.localId !== 'undefined' || uploadAccountRequest) &&
|
|
345
352
|
!validator.isUid(request.localId)) {
|
|
346
353
|
// This is called localId on the backend but the developer specifies this as
|
|
347
354
|
// uid externally. So the error message should use the client facing name.
|
|
348
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
355
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_UID);
|
|
349
356
|
}
|
|
350
357
|
// email should be a string and a valid email.
|
|
351
358
|
if (typeof request.email !== 'undefined' && !validator.isEmail(request.email)) {
|
|
352
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
359
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_EMAIL);
|
|
353
360
|
}
|
|
354
361
|
// phoneNumber should be a string and a valid phone number.
|
|
355
362
|
if (typeof request.phoneNumber !== 'undefined' &&
|
|
356
363
|
!validator.isPhoneNumber(request.phoneNumber)) {
|
|
357
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
364
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PHONE_NUMBER);
|
|
358
365
|
}
|
|
359
366
|
// password should be a string and a minimum of 6 chars.
|
|
360
367
|
if (typeof request.password !== 'undefined' &&
|
|
361
368
|
!validator.isPassword(request.password)) {
|
|
362
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
369
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PASSWORD);
|
|
363
370
|
}
|
|
364
371
|
// rawPassword should be a string and a minimum of 6 chars.
|
|
365
372
|
if (typeof request.rawPassword !== 'undefined' &&
|
|
366
373
|
!validator.isPassword(request.rawPassword)) {
|
|
367
374
|
// This is called rawPassword on the backend but the developer specifies this as
|
|
368
375
|
// password externally. So the error message should use the client facing name.
|
|
369
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
376
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PASSWORD);
|
|
370
377
|
}
|
|
371
378
|
// emailVerified should be a boolean.
|
|
372
379
|
if (typeof request.emailVerified !== 'undefined' &&
|
|
373
380
|
typeof request.emailVerified !== 'boolean') {
|
|
374
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
381
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_EMAIL_VERIFIED);
|
|
375
382
|
}
|
|
376
383
|
// photoUrl should be a URL.
|
|
377
384
|
if (typeof request.photoUrl !== 'undefined' &&
|
|
378
385
|
!validator.isURL(request.photoUrl)) {
|
|
379
386
|
// This is called photoUrl on the backend but the developer specifies this as
|
|
380
387
|
// photoURL externally. So the error message should use the client facing name.
|
|
381
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
388
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PHOTO_URL);
|
|
382
389
|
}
|
|
383
390
|
// disabled should be a boolean.
|
|
384
391
|
if (typeof request.disabled !== 'undefined' &&
|
|
385
392
|
typeof request.disabled !== 'boolean') {
|
|
386
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
393
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_DISABLED_FIELD);
|
|
387
394
|
}
|
|
388
395
|
// validSince should be a number.
|
|
389
396
|
if (typeof request.validSince !== 'undefined' &&
|
|
390
397
|
!validator.isNumber(request.validSince)) {
|
|
391
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
398
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_TOKENS_VALID_AFTER_TIME);
|
|
392
399
|
}
|
|
393
400
|
// createdAt should be a number.
|
|
394
401
|
if (typeof request.createdAt !== 'undefined' &&
|
|
395
402
|
!validator.isNumber(request.createdAt)) {
|
|
396
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
403
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_CREATION_TIME);
|
|
397
404
|
}
|
|
398
405
|
// lastSignInAt should be a number.
|
|
399
406
|
if (typeof request.lastLoginAt !== 'undefined' &&
|
|
400
407
|
!validator.isNumber(request.lastLoginAt)) {
|
|
401
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
408
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_LAST_SIGN_IN_TIME);
|
|
402
409
|
}
|
|
403
410
|
// disableUser should be a boolean.
|
|
404
411
|
if (typeof request.disableUser !== 'undefined' &&
|
|
405
412
|
typeof request.disableUser !== 'boolean') {
|
|
406
413
|
// This is called disableUser on the backend but the developer specifies this as
|
|
407
414
|
// disabled externally. So the error message should use the client facing name.
|
|
408
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
415
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_DISABLED_FIELD);
|
|
409
416
|
}
|
|
410
417
|
// customAttributes should be stringified JSON with no blacklisted claims.
|
|
411
418
|
// The payload should not exceed 1KB.
|
|
@@ -418,7 +425,7 @@ function validateCreateEditRequest(request, writeOperationType) {
|
|
|
418
425
|
// JSON parsing error. This should never happen as we stringify the claims internally.
|
|
419
426
|
// However, we still need to check since setAccountInfo via edit requests could pass
|
|
420
427
|
// this field.
|
|
421
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
428
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_CLAIMS, error.message);
|
|
422
429
|
}
|
|
423
430
|
const invalidClaims = [];
|
|
424
431
|
// Check for any invalid claims.
|
|
@@ -429,29 +436,29 @@ function validateCreateEditRequest(request, writeOperationType) {
|
|
|
429
436
|
});
|
|
430
437
|
// Throw an error if an invalid claim is detected.
|
|
431
438
|
if (invalidClaims.length > 0) {
|
|
432
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
439
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.FORBIDDEN_CLAIM, invalidClaims.length > 1 ?
|
|
433
440
|
`Developer claims "${invalidClaims.join('", "')}" are reserved and cannot be specified.` :
|
|
434
441
|
`Developer claim "${invalidClaims[0]}" is reserved and cannot be specified.`);
|
|
435
442
|
}
|
|
436
443
|
// Check claims payload does not exceed maxmimum size.
|
|
437
444
|
if (request.customAttributes.length > MAX_CLAIMS_PAYLOAD_SIZE) {
|
|
438
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
445
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.CLAIMS_TOO_LARGE, `Developer claims payload should not exceed ${MAX_CLAIMS_PAYLOAD_SIZE} characters.`);
|
|
439
446
|
}
|
|
440
447
|
}
|
|
441
448
|
// passwordHash has to be a base64 encoded string.
|
|
442
449
|
if (typeof request.passwordHash !== 'undefined' &&
|
|
443
450
|
!validator.isString(request.passwordHash)) {
|
|
444
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
451
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PASSWORD_HASH);
|
|
445
452
|
}
|
|
446
453
|
// salt has to be a base64 encoded string.
|
|
447
454
|
if (typeof request.salt !== 'undefined' &&
|
|
448
455
|
!validator.isString(request.salt)) {
|
|
449
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
456
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PASSWORD_SALT);
|
|
450
457
|
}
|
|
451
458
|
// providerUserInfo has to be an array of valid UserInfo requests.
|
|
452
459
|
if (typeof request.providerUserInfo !== 'undefined' &&
|
|
453
460
|
!validator.isArray(request.providerUserInfo)) {
|
|
454
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
461
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PROVIDER_DATA);
|
|
455
462
|
}
|
|
456
463
|
else if (validator.isArray(request.providerUserInfo)) {
|
|
457
464
|
request.providerUserInfo.forEach((providerUserInfoEntry) => {
|
|
@@ -474,7 +481,7 @@ function validateCreateEditRequest(request, writeOperationType) {
|
|
|
474
481
|
}
|
|
475
482
|
if (enrollments) {
|
|
476
483
|
if (!validator.isArray(enrollments)) {
|
|
477
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
484
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ENROLLED_FACTORS);
|
|
478
485
|
}
|
|
479
486
|
enrollments.forEach((authFactorInfoEntry) => {
|
|
480
487
|
validateAuthFactorInfo(authFactorInfoEntry);
|
|
@@ -491,20 +498,23 @@ exports.FIREBASE_AUTH_CREATE_SESSION_COOKIE = new api_request_1.ApiSettings(':cr
|
|
|
491
498
|
.setRequestValidator((request) => {
|
|
492
499
|
// Validate the ID token is a non-empty string.
|
|
493
500
|
if (!validator.isNonEmptyString(request.idToken)) {
|
|
494
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
501
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ID_TOKEN);
|
|
495
502
|
}
|
|
496
503
|
// Validate the custom session cookie duration.
|
|
497
504
|
if (!validator.isNumber(request.validDuration) ||
|
|
498
505
|
request.validDuration < MIN_SESSION_COOKIE_DURATION_SECS ||
|
|
499
506
|
request.validDuration > MAX_SESSION_COOKIE_DURATION_SECS) {
|
|
500
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
507
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_SESSION_COOKIE_DURATION);
|
|
501
508
|
}
|
|
502
509
|
})
|
|
503
510
|
// Set response validator.
|
|
504
511
|
.setResponseValidator((response) => {
|
|
505
512
|
// Response should always contain the session cookie.
|
|
506
|
-
if (!validator.isNonEmptyString(response.sessionCookie)) {
|
|
507
|
-
throw new error_1.FirebaseAuthError(
|
|
513
|
+
if (!validator.isNonEmptyString(response.data?.sessionCookie)) {
|
|
514
|
+
throw new error_1.FirebaseAuthError({
|
|
515
|
+
...error_1.authClientErrorCode.INTERNAL_ERROR,
|
|
516
|
+
httpResponse: (0, error_2.toHttpResponse)(response),
|
|
517
|
+
});
|
|
508
518
|
}
|
|
509
519
|
});
|
|
510
520
|
/**
|
|
@@ -524,13 +534,13 @@ exports.FIREBASE_AUTH_DOWNLOAD_ACCOUNT = new api_request_1.ApiSettings('/account
|
|
|
524
534
|
// Validate next page token.
|
|
525
535
|
if (typeof request.nextPageToken !== 'undefined' &&
|
|
526
536
|
!validator.isNonEmptyString(request.nextPageToken)) {
|
|
527
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
537
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PAGE_TOKEN);
|
|
528
538
|
}
|
|
529
539
|
// Validate max results.
|
|
530
540
|
if (!validator.isNumber(request.maxResults) ||
|
|
531
541
|
request.maxResults <= 0 ||
|
|
532
542
|
request.maxResults > MAX_DOWNLOAD_ACCOUNT_PAGE_SIZE) {
|
|
533
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
543
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, 'Required "maxResults" must be a positive integer that does not exceed ' +
|
|
534
544
|
`${MAX_DOWNLOAD_ACCOUNT_PAGE_SIZE}.`);
|
|
535
545
|
}
|
|
536
546
|
});
|
|
@@ -543,13 +553,17 @@ exports.FIREBASE_AUTH_GET_ACCOUNT_INFO = new api_request_1.ApiSettings('/account
|
|
|
543
553
|
// Set request validator.
|
|
544
554
|
.setRequestValidator((request) => {
|
|
545
555
|
if (!request.localId && !request.email && !request.phoneNumber && !request.federatedUserId) {
|
|
546
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
556
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server request is missing user identifier');
|
|
547
557
|
}
|
|
548
558
|
})
|
|
549
559
|
// Set response validator.
|
|
550
560
|
.setResponseValidator((response) => {
|
|
551
|
-
|
|
552
|
-
|
|
561
|
+
const data = response.data;
|
|
562
|
+
if (!data.users || !data.users.length) {
|
|
563
|
+
throw new error_1.FirebaseAuthError({
|
|
564
|
+
...error_1.authClientErrorCode.USER_NOT_FOUND,
|
|
565
|
+
httpResponse: (0, error_2.toHttpResponse)(response),
|
|
566
|
+
});
|
|
553
567
|
}
|
|
554
568
|
});
|
|
555
569
|
/**
|
|
@@ -562,7 +576,7 @@ exports.FIREBASE_AUTH_GET_ACCOUNTS_INFO = new api_request_1.ApiSettings('/accoun
|
|
|
562
576
|
// Set request validator.
|
|
563
577
|
.setRequestValidator((request) => {
|
|
564
578
|
if (!request.localId && !request.email && !request.phoneNumber && !request.federatedUserId) {
|
|
565
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
579
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server request is missing user identifier');
|
|
566
580
|
}
|
|
567
581
|
});
|
|
568
582
|
/**
|
|
@@ -574,7 +588,7 @@ exports.FIREBASE_AUTH_DELETE_ACCOUNT = new api_request_1.ApiSettings('/accounts:
|
|
|
574
588
|
// Set request validator.
|
|
575
589
|
.setRequestValidator((request) => {
|
|
576
590
|
if (!request.localId) {
|
|
577
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
591
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server request is missing user identifier');
|
|
578
592
|
}
|
|
579
593
|
});
|
|
580
594
|
/**
|
|
@@ -583,20 +597,29 @@ exports.FIREBASE_AUTH_DELETE_ACCOUNT = new api_request_1.ApiSettings('/accounts:
|
|
|
583
597
|
exports.FIREBASE_AUTH_BATCH_DELETE_ACCOUNTS = new api_request_1.ApiSettings('/accounts:batchDelete', 'POST')
|
|
584
598
|
.setRequestValidator((request) => {
|
|
585
599
|
if (!request.localIds) {
|
|
586
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
600
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server request is missing user identifiers');
|
|
587
601
|
}
|
|
588
602
|
if (typeof request.force === 'undefined' || request.force !== true) {
|
|
589
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
603
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server request is missing force=true field');
|
|
590
604
|
}
|
|
591
605
|
})
|
|
592
606
|
.setResponseValidator((response) => {
|
|
593
|
-
const
|
|
607
|
+
const data = response.data;
|
|
608
|
+
const errors = data.errors || [];
|
|
594
609
|
errors.forEach((batchDeleteErrorInfo) => {
|
|
595
610
|
if (typeof batchDeleteErrorInfo.index === 'undefined') {
|
|
596
|
-
throw new error_1.FirebaseAuthError(
|
|
611
|
+
throw new error_1.FirebaseAuthError({
|
|
612
|
+
...error_1.authClientErrorCode.INTERNAL_ERROR,
|
|
613
|
+
message: 'INTERNAL ASSERT FAILED: Server BatchDeleteAccountResponse is missing an errors.index field',
|
|
614
|
+
httpResponse: (0, error_2.toHttpResponse)(response),
|
|
615
|
+
});
|
|
597
616
|
}
|
|
598
617
|
if (!batchDeleteErrorInfo.localId) {
|
|
599
|
-
throw new error_1.FirebaseAuthError(
|
|
618
|
+
throw new error_1.FirebaseAuthError({
|
|
619
|
+
...error_1.authClientErrorCode.INTERNAL_ERROR,
|
|
620
|
+
message: 'INTERNAL ASSERT FAILED: Server BatchDeleteAccountResponse is missing an errors.localId field',
|
|
621
|
+
httpResponse: (0, error_2.toHttpResponse)(response),
|
|
622
|
+
});
|
|
600
623
|
}
|
|
601
624
|
// Allow the (error) message to be missing/undef.
|
|
602
625
|
});
|
|
@@ -611,19 +634,23 @@ exports.FIREBASE_AUTH_SET_ACCOUNT_INFO = new api_request_1.ApiSettings('/account
|
|
|
611
634
|
.setRequestValidator((request) => {
|
|
612
635
|
// localId is a required parameter.
|
|
613
636
|
if (typeof request.localId === 'undefined') {
|
|
614
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
637
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server request is missing user identifier');
|
|
615
638
|
}
|
|
616
639
|
// Throw error when tenantId is passed in POST body.
|
|
617
640
|
if (typeof request.tenantId !== 'undefined') {
|
|
618
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
641
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, '"tenantId" is an invalid "UpdateRequest" property.');
|
|
619
642
|
}
|
|
620
643
|
validateCreateEditRequest(request, WriteOperationType.Update);
|
|
621
644
|
})
|
|
622
645
|
// Set response validator.
|
|
623
646
|
.setResponseValidator((response) => {
|
|
647
|
+
const data = response.data;
|
|
624
648
|
// If the localId is not returned, then the request failed.
|
|
625
|
-
if (!
|
|
626
|
-
throw new error_1.FirebaseAuthError(
|
|
649
|
+
if (!data?.localId) {
|
|
650
|
+
throw new error_1.FirebaseAuthError({
|
|
651
|
+
...error_1.authClientErrorCode.USER_NOT_FOUND,
|
|
652
|
+
httpResponse: (0, error_2.toHttpResponse)(response),
|
|
653
|
+
});
|
|
627
654
|
}
|
|
628
655
|
});
|
|
629
656
|
/**
|
|
@@ -637,43 +664,53 @@ exports.FIREBASE_AUTH_SIGN_UP_NEW_USER = new api_request_1.ApiSettings('/account
|
|
|
637
664
|
.setRequestValidator((request) => {
|
|
638
665
|
// signupNewUser does not support customAttributes.
|
|
639
666
|
if (typeof request.customAttributes !== 'undefined') {
|
|
640
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
667
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, '"customAttributes" cannot be set when creating a new user.');
|
|
641
668
|
}
|
|
642
669
|
// signupNewUser does not support validSince.
|
|
643
670
|
if (typeof request.validSince !== 'undefined') {
|
|
644
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
671
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, '"validSince" cannot be set when creating a new user.');
|
|
645
672
|
}
|
|
646
673
|
// Throw error when tenantId is passed in POST body.
|
|
647
674
|
if (typeof request.tenantId !== 'undefined') {
|
|
648
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
675
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, '"tenantId" is an invalid "CreateRequest" property.');
|
|
649
676
|
}
|
|
650
677
|
validateCreateEditRequest(request, WriteOperationType.Create);
|
|
651
678
|
})
|
|
652
679
|
// Set response validator.
|
|
653
680
|
.setResponseValidator((response) => {
|
|
681
|
+
const data = response.data;
|
|
654
682
|
// If the localId is not returned, then the request failed.
|
|
655
|
-
if (!
|
|
656
|
-
throw new error_1.FirebaseAuthError(
|
|
683
|
+
if (!data?.localId) {
|
|
684
|
+
throw new error_1.FirebaseAuthError({
|
|
685
|
+
...error_1.authClientErrorCode.INTERNAL_ERROR,
|
|
686
|
+
message: 'INTERNAL ASSERT FAILED: Unable to create new user',
|
|
687
|
+
httpResponse: (0, error_2.toHttpResponse)(response),
|
|
688
|
+
});
|
|
657
689
|
}
|
|
658
690
|
});
|
|
659
691
|
const FIREBASE_AUTH_GET_OOB_CODE = new api_request_1.ApiSettings('/accounts:sendOobCode', 'POST')
|
|
660
692
|
// Set request validator.
|
|
661
693
|
.setRequestValidator((request) => {
|
|
662
694
|
if (!validator.isEmail(request.email)) {
|
|
663
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
695
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_EMAIL);
|
|
664
696
|
}
|
|
665
697
|
if (typeof request.newEmail !== 'undefined' && !validator.isEmail(request.newEmail)) {
|
|
666
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
698
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_NEW_EMAIL);
|
|
667
699
|
}
|
|
668
700
|
if (exports.EMAIL_ACTION_REQUEST_TYPES.indexOf(request.requestType) === -1) {
|
|
669
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
701
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, `"${request.requestType}" is not a supported email action request type.`);
|
|
670
702
|
}
|
|
671
703
|
})
|
|
672
704
|
// Set response validator.
|
|
673
705
|
.setResponseValidator((response) => {
|
|
706
|
+
const data = response.data;
|
|
674
707
|
// If the oobLink is not returned, then the request failed.
|
|
675
|
-
if (!
|
|
676
|
-
throw new error_1.FirebaseAuthError(
|
|
708
|
+
if (!data?.oobLink) {
|
|
709
|
+
throw new error_1.FirebaseAuthError({
|
|
710
|
+
...error_1.authClientErrorCode.INTERNAL_ERROR,
|
|
711
|
+
message: 'INTERNAL ASSERT FAILED: Unable to create the email action link',
|
|
712
|
+
httpResponse: (0, error_2.toHttpResponse)(response),
|
|
713
|
+
});
|
|
677
714
|
}
|
|
678
715
|
});
|
|
679
716
|
/**
|
|
@@ -684,9 +721,14 @@ const FIREBASE_AUTH_GET_OOB_CODE = new api_request_1.ApiSettings('/accounts:send
|
|
|
684
721
|
const GET_OAUTH_IDP_CONFIG = new api_request_1.ApiSettings('/oauthIdpConfigs/{providerId}', 'GET')
|
|
685
722
|
// Set response validator.
|
|
686
723
|
.setResponseValidator((response) => {
|
|
724
|
+
const data = response.data;
|
|
687
725
|
// Response should always contain the OIDC provider resource name.
|
|
688
|
-
if (!validator.isNonEmptyString(
|
|
689
|
-
throw new error_1.FirebaseAuthError(
|
|
726
|
+
if (!validator.isNonEmptyString(data?.name)) {
|
|
727
|
+
throw new error_1.FirebaseAuthError({
|
|
728
|
+
...error_1.authClientErrorCode.INTERNAL_ERROR,
|
|
729
|
+
message: 'INTERNAL ASSERT FAILED: Unable to get OIDC configuration',
|
|
730
|
+
httpResponse: (0, error_2.toHttpResponse)(response),
|
|
731
|
+
});
|
|
690
732
|
}
|
|
691
733
|
});
|
|
692
734
|
/**
|
|
@@ -703,9 +745,14 @@ const DELETE_OAUTH_IDP_CONFIG = new api_request_1.ApiSettings('/oauthIdpConfigs/
|
|
|
703
745
|
const CREATE_OAUTH_IDP_CONFIG = new api_request_1.ApiSettings('/oauthIdpConfigs?oauthIdpConfigId={providerId}', 'POST')
|
|
704
746
|
// Set response validator.
|
|
705
747
|
.setResponseValidator((response) => {
|
|
748
|
+
const data = response.data;
|
|
706
749
|
// Response should always contain the OIDC provider resource name.
|
|
707
|
-
if (!validator.isNonEmptyString(
|
|
708
|
-
throw new error_1.FirebaseAuthError(
|
|
750
|
+
if (!validator.isNonEmptyString(data?.name)) {
|
|
751
|
+
throw new error_1.FirebaseAuthError({
|
|
752
|
+
...error_1.authClientErrorCode.INTERNAL_ERROR,
|
|
753
|
+
message: 'INTERNAL ASSERT FAILED: Unable to create new OIDC configuration',
|
|
754
|
+
httpResponse: (0, error_2.toHttpResponse)(response),
|
|
755
|
+
});
|
|
709
756
|
}
|
|
710
757
|
});
|
|
711
758
|
/**
|
|
@@ -716,9 +763,14 @@ const CREATE_OAUTH_IDP_CONFIG = new api_request_1.ApiSettings('/oauthIdpConfigs?
|
|
|
716
763
|
const UPDATE_OAUTH_IDP_CONFIG = new api_request_1.ApiSettings('/oauthIdpConfigs/{providerId}?updateMask={updateMask}', 'PATCH')
|
|
717
764
|
// Set response validator.
|
|
718
765
|
.setResponseValidator((response) => {
|
|
766
|
+
const data = response.data;
|
|
719
767
|
// Response should always contain the configuration resource name.
|
|
720
|
-
if (!validator.isNonEmptyString(
|
|
721
|
-
throw new error_1.FirebaseAuthError(
|
|
768
|
+
if (!validator.isNonEmptyString(data?.name)) {
|
|
769
|
+
throw new error_1.FirebaseAuthError({
|
|
770
|
+
...error_1.authClientErrorCode.INTERNAL_ERROR,
|
|
771
|
+
message: 'INTERNAL ASSERT FAILED: Unable to update OIDC configuration',
|
|
772
|
+
httpResponse: (0, error_2.toHttpResponse)(response),
|
|
773
|
+
});
|
|
722
774
|
}
|
|
723
775
|
});
|
|
724
776
|
/**
|
|
@@ -732,13 +784,13 @@ const LIST_OAUTH_IDP_CONFIGS = new api_request_1.ApiSettings('/oauthIdpConfigs',
|
|
|
732
784
|
// Validate next page token.
|
|
733
785
|
if (typeof request.pageToken !== 'undefined' &&
|
|
734
786
|
!validator.isNonEmptyString(request.pageToken)) {
|
|
735
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
787
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PAGE_TOKEN);
|
|
736
788
|
}
|
|
737
789
|
// Validate max results.
|
|
738
790
|
if (!validator.isNumber(request.pageSize) ||
|
|
739
791
|
request.pageSize <= 0 ||
|
|
740
792
|
request.pageSize > MAX_LIST_PROVIDER_CONFIGURATION_PAGE_SIZE) {
|
|
741
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
793
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, 'Required "maxResults" must be a positive integer that does not exceed ' +
|
|
742
794
|
`${MAX_LIST_PROVIDER_CONFIGURATION_PAGE_SIZE}.`);
|
|
743
795
|
}
|
|
744
796
|
});
|
|
@@ -750,9 +802,14 @@ const LIST_OAUTH_IDP_CONFIGS = new api_request_1.ApiSettings('/oauthIdpConfigs',
|
|
|
750
802
|
const GET_INBOUND_SAML_CONFIG = new api_request_1.ApiSettings('/inboundSamlConfigs/{providerId}', 'GET')
|
|
751
803
|
// Set response validator.
|
|
752
804
|
.setResponseValidator((response) => {
|
|
805
|
+
const data = response.data;
|
|
753
806
|
// Response should always contain the SAML provider resource name.
|
|
754
|
-
if (!validator.isNonEmptyString(
|
|
755
|
-
throw new error_1.FirebaseAuthError(
|
|
807
|
+
if (!validator.isNonEmptyString(data?.name)) {
|
|
808
|
+
throw new error_1.FirebaseAuthError({
|
|
809
|
+
...error_1.authClientErrorCode.INTERNAL_ERROR,
|
|
810
|
+
message: 'INTERNAL ASSERT FAILED: Unable to get SAML configuration',
|
|
811
|
+
httpResponse: (0, error_2.toHttpResponse)(response),
|
|
812
|
+
});
|
|
756
813
|
}
|
|
757
814
|
});
|
|
758
815
|
/**
|
|
@@ -769,9 +826,14 @@ const DELETE_INBOUND_SAML_CONFIG = new api_request_1.ApiSettings('/inboundSamlCo
|
|
|
769
826
|
const CREATE_INBOUND_SAML_CONFIG = new api_request_1.ApiSettings('/inboundSamlConfigs?inboundSamlConfigId={providerId}', 'POST')
|
|
770
827
|
// Set response validator.
|
|
771
828
|
.setResponseValidator((response) => {
|
|
829
|
+
const data = response.data;
|
|
772
830
|
// Response should always contain the SAML provider resource name.
|
|
773
|
-
if (!validator.isNonEmptyString(
|
|
774
|
-
throw new error_1.FirebaseAuthError(
|
|
831
|
+
if (!validator.isNonEmptyString(data?.name)) {
|
|
832
|
+
throw new error_1.FirebaseAuthError({
|
|
833
|
+
...error_1.authClientErrorCode.INTERNAL_ERROR,
|
|
834
|
+
message: 'INTERNAL ASSERT FAILED: Unable to create new SAML configuration',
|
|
835
|
+
httpResponse: (0, error_2.toHttpResponse)(response),
|
|
836
|
+
});
|
|
775
837
|
}
|
|
776
838
|
});
|
|
777
839
|
/**
|
|
@@ -782,9 +844,14 @@ const CREATE_INBOUND_SAML_CONFIG = new api_request_1.ApiSettings('/inboundSamlCo
|
|
|
782
844
|
const UPDATE_INBOUND_SAML_CONFIG = new api_request_1.ApiSettings('/inboundSamlConfigs/{providerId}?updateMask={updateMask}', 'PATCH')
|
|
783
845
|
// Set response validator.
|
|
784
846
|
.setResponseValidator((response) => {
|
|
847
|
+
const data = response.data;
|
|
785
848
|
// Response should always contain the configuration resource name.
|
|
786
|
-
if (!validator.isNonEmptyString(
|
|
787
|
-
throw new error_1.FirebaseAuthError(
|
|
849
|
+
if (!validator.isNonEmptyString(data?.name)) {
|
|
850
|
+
throw new error_1.FirebaseAuthError({
|
|
851
|
+
...error_1.authClientErrorCode.INTERNAL_ERROR,
|
|
852
|
+
message: 'INTERNAL ASSERT FAILED: Unable to update SAML configuration',
|
|
853
|
+
httpResponse: (0, error_2.toHttpResponse)(response),
|
|
854
|
+
});
|
|
788
855
|
}
|
|
789
856
|
});
|
|
790
857
|
/**
|
|
@@ -798,13 +865,13 @@ const LIST_INBOUND_SAML_CONFIGS = new api_request_1.ApiSettings('/inboundSamlCon
|
|
|
798
865
|
// Validate next page token.
|
|
799
866
|
if (typeof request.pageToken !== 'undefined' &&
|
|
800
867
|
!validator.isNonEmptyString(request.pageToken)) {
|
|
801
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
868
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PAGE_TOKEN);
|
|
802
869
|
}
|
|
803
870
|
// Validate max results.
|
|
804
871
|
if (!validator.isNumber(request.pageSize) ||
|
|
805
872
|
request.pageSize <= 0 ||
|
|
806
873
|
request.pageSize > MAX_LIST_PROVIDER_CONFIGURATION_PAGE_SIZE) {
|
|
807
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
874
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, 'Required "maxResults" must be a positive integer that does not exceed ' +
|
|
808
875
|
`${MAX_LIST_PROVIDER_CONFIGURATION_PAGE_SIZE}.`);
|
|
809
876
|
}
|
|
810
877
|
});
|
|
@@ -823,31 +890,31 @@ class AbstractAuthRequestHandler {
|
|
|
823
890
|
}
|
|
824
891
|
static addUidToRequest(id, request) {
|
|
825
892
|
if (!validator.isUid(id.uid)) {
|
|
826
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
893
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_UID);
|
|
827
894
|
}
|
|
828
895
|
request.localId ? request.localId.push(id.uid) : request.localId = [id.uid];
|
|
829
896
|
return request;
|
|
830
897
|
}
|
|
831
898
|
static addEmailToRequest(id, request) {
|
|
832
899
|
if (!validator.isEmail(id.email)) {
|
|
833
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
900
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_EMAIL);
|
|
834
901
|
}
|
|
835
902
|
request.email ? request.email.push(id.email) : request.email = [id.email];
|
|
836
903
|
return request;
|
|
837
904
|
}
|
|
838
905
|
static addPhoneToRequest(id, request) {
|
|
839
906
|
if (!validator.isPhoneNumber(id.phoneNumber)) {
|
|
840
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
907
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PHONE_NUMBER);
|
|
841
908
|
}
|
|
842
909
|
request.phoneNumber ? request.phoneNumber.push(id.phoneNumber) : request.phoneNumber = [id.phoneNumber];
|
|
843
910
|
return request;
|
|
844
911
|
}
|
|
845
912
|
static addProviderToRequest(id, request) {
|
|
846
913
|
if (!validator.isNonEmptyString(id.providerId)) {
|
|
847
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
914
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PROVIDER_ID);
|
|
848
915
|
}
|
|
849
916
|
if (!validator.isNonEmptyString(id.providerUid)) {
|
|
850
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
917
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PROVIDER_UID);
|
|
851
918
|
}
|
|
852
919
|
const federatedUserId = {
|
|
853
920
|
providerId: id.providerId,
|
|
@@ -860,14 +927,18 @@ class AbstractAuthRequestHandler {
|
|
|
860
927
|
}
|
|
861
928
|
/**
|
|
862
929
|
* @param app - The app used to fetch access tokens to sign API requests.
|
|
930
|
+
* @param emHost - Optional emulator host override. When provided (including
|
|
931
|
+
* null for explicitly no emulator), this value is used instead of reading
|
|
932
|
+
* from the FIREBASE_AUTH_EMULATOR_HOST environment variable.
|
|
863
933
|
* @constructor
|
|
864
934
|
*/
|
|
865
|
-
constructor(app) {
|
|
935
|
+
constructor(app, emHost) {
|
|
866
936
|
this.app = app;
|
|
867
937
|
if (typeof app !== 'object' || app === null || !('options' in app)) {
|
|
868
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
938
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, 'First argument passed to admin.auth() must be a valid Firebase app instance.');
|
|
869
939
|
}
|
|
870
|
-
this.
|
|
940
|
+
this.emulatorHostValue = emHost !== undefined ? (emHost || undefined) : emulatorHost();
|
|
941
|
+
this.httpClient = new AuthHttpClient(app, !!this.emulatorHostValue);
|
|
871
942
|
}
|
|
872
943
|
/**
|
|
873
944
|
* Creates a new Firebase session cookie with the specified duration that can be used for
|
|
@@ -896,7 +967,7 @@ class AbstractAuthRequestHandler {
|
|
|
896
967
|
*/
|
|
897
968
|
getAccountInfoByUid(uid) {
|
|
898
969
|
if (!validator.isUid(uid)) {
|
|
899
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
970
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_UID));
|
|
900
971
|
}
|
|
901
972
|
const request = {
|
|
902
973
|
localId: [uid],
|
|
@@ -911,7 +982,7 @@ class AbstractAuthRequestHandler {
|
|
|
911
982
|
*/
|
|
912
983
|
getAccountInfoByEmail(email) {
|
|
913
984
|
if (!validator.isEmail(email)) {
|
|
914
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
985
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_EMAIL));
|
|
915
986
|
}
|
|
916
987
|
const request = {
|
|
917
988
|
email: [email],
|
|
@@ -926,7 +997,7 @@ class AbstractAuthRequestHandler {
|
|
|
926
997
|
*/
|
|
927
998
|
getAccountInfoByPhoneNumber(phoneNumber) {
|
|
928
999
|
if (!validator.isPhoneNumber(phoneNumber)) {
|
|
929
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1000
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PHONE_NUMBER));
|
|
930
1001
|
}
|
|
931
1002
|
const request = {
|
|
932
1003
|
phoneNumber: [phoneNumber],
|
|
@@ -935,7 +1006,7 @@ class AbstractAuthRequestHandler {
|
|
|
935
1006
|
}
|
|
936
1007
|
getAccountInfoByFederatedUid(providerId, rawId) {
|
|
937
1008
|
if (!validator.isNonEmptyString(providerId) || !validator.isNonEmptyString(rawId)) {
|
|
938
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
1009
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PROVIDER_ID);
|
|
939
1010
|
}
|
|
940
1011
|
const request = {
|
|
941
1012
|
federatedUserId: [{
|
|
@@ -958,7 +1029,7 @@ class AbstractAuthRequestHandler {
|
|
|
958
1029
|
return Promise.resolve({ users: [] });
|
|
959
1030
|
}
|
|
960
1031
|
else if (identifiers.length > MAX_GET_ACCOUNTS_BATCH_SIZE) {
|
|
961
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
1032
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.MAXIMUM_USER_COUNT_EXCEEDED, '`identifiers` parameter must have <= ' + MAX_GET_ACCOUNTS_BATCH_SIZE + ' entries.');
|
|
962
1033
|
}
|
|
963
1034
|
let request = {};
|
|
964
1035
|
for (const id of identifiers) {
|
|
@@ -975,7 +1046,7 @@ class AbstractAuthRequestHandler {
|
|
|
975
1046
|
request = AbstractAuthRequestHandler.addProviderToRequest(id, request);
|
|
976
1047
|
}
|
|
977
1048
|
else {
|
|
978
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
1049
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, 'Unrecognized identifier: ' + id);
|
|
979
1050
|
}
|
|
980
1051
|
}
|
|
981
1052
|
return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_GET_ACCOUNTS_INFO, request);
|
|
@@ -1037,7 +1108,7 @@ class AbstractAuthRequestHandler {
|
|
|
1037
1108
|
const request = userImportBuilder.buildRequest();
|
|
1038
1109
|
// Fail quickly if more users than allowed are to be imported.
|
|
1039
1110
|
if (validator.isArray(users) && users.length > MAX_UPLOAD_ACCOUNT_BATCH_SIZE) {
|
|
1040
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
1111
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.MAXIMUM_USER_COUNT_EXCEEDED, `A maximum of ${MAX_UPLOAD_ACCOUNT_BATCH_SIZE} users can be imported at once.`);
|
|
1041
1112
|
}
|
|
1042
1113
|
// If no remaining user in request after client side processing, there is no need
|
|
1043
1114
|
// to send the request to the server.
|
|
@@ -1060,7 +1131,7 @@ class AbstractAuthRequestHandler {
|
|
|
1060
1131
|
*/
|
|
1061
1132
|
deleteAccount(uid) {
|
|
1062
1133
|
if (!validator.isUid(uid)) {
|
|
1063
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1134
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_UID));
|
|
1064
1135
|
}
|
|
1065
1136
|
const request = {
|
|
1066
1137
|
localId: uid,
|
|
@@ -1072,7 +1143,7 @@ class AbstractAuthRequestHandler {
|
|
|
1072
1143
|
return Promise.resolve({});
|
|
1073
1144
|
}
|
|
1074
1145
|
else if (uids.length > MAX_DELETE_ACCOUNTS_BATCH_SIZE) {
|
|
1075
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
1146
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.MAXIMUM_USER_COUNT_EXCEEDED, '`uids` parameter must have <= ' + MAX_DELETE_ACCOUNTS_BATCH_SIZE + ' entries.');
|
|
1076
1147
|
}
|
|
1077
1148
|
const request = {
|
|
1078
1149
|
localIds: [],
|
|
@@ -1080,7 +1151,7 @@ class AbstractAuthRequestHandler {
|
|
|
1080
1151
|
};
|
|
1081
1152
|
uids.forEach((uid) => {
|
|
1082
1153
|
if (!validator.isUid(uid)) {
|
|
1083
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
1154
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_UID);
|
|
1084
1155
|
}
|
|
1085
1156
|
request.localIds.push(uid);
|
|
1086
1157
|
});
|
|
@@ -1097,10 +1168,10 @@ class AbstractAuthRequestHandler {
|
|
|
1097
1168
|
setCustomUserClaims(uid, customUserClaims) {
|
|
1098
1169
|
// Validate user UID.
|
|
1099
1170
|
if (!validator.isUid(uid)) {
|
|
1100
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1171
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_UID));
|
|
1101
1172
|
}
|
|
1102
1173
|
else if (!validator.isObject(customUserClaims)) {
|
|
1103
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1174
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, 'CustomUserClaims argument must be an object or null.'));
|
|
1104
1175
|
}
|
|
1105
1176
|
// Delete operation. Replace null with an empty object.
|
|
1106
1177
|
if (customUserClaims === null) {
|
|
@@ -1126,28 +1197,28 @@ class AbstractAuthRequestHandler {
|
|
|
1126
1197
|
*/
|
|
1127
1198
|
updateExistingAccount(uid, properties) {
|
|
1128
1199
|
if (!validator.isUid(uid)) {
|
|
1129
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1200
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_UID));
|
|
1130
1201
|
}
|
|
1131
1202
|
else if (!validator.isNonNullObject(properties)) {
|
|
1132
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1203
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, 'Properties argument must be a non-null object.'));
|
|
1133
1204
|
}
|
|
1134
1205
|
else if (validator.isNonNullObject(properties.providerToLink)) {
|
|
1135
1206
|
// TODO(rsgowman): These checks overlap somewhat with
|
|
1136
1207
|
// validateProviderUserInfo. It may be possible to refactor a bit.
|
|
1137
1208
|
if (!validator.isNonEmptyString(properties.providerToLink.providerId)) {
|
|
1138
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
1209
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, 'providerToLink.providerId of properties argument must be a non-empty string.');
|
|
1139
1210
|
}
|
|
1140
1211
|
if (!validator.isNonEmptyString(properties.providerToLink.uid)) {
|
|
1141
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
1212
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, 'providerToLink.uid of properties argument must be a non-empty string.');
|
|
1142
1213
|
}
|
|
1143
1214
|
}
|
|
1144
1215
|
else if (typeof properties.providersToUnlink !== 'undefined') {
|
|
1145
1216
|
if (!validator.isArray(properties.providersToUnlink)) {
|
|
1146
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
1217
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, 'providersToUnlink of properties argument must be an array of strings.');
|
|
1147
1218
|
}
|
|
1148
1219
|
properties.providersToUnlink.forEach((providerId) => {
|
|
1149
1220
|
if (!validator.isNonEmptyString(providerId)) {
|
|
1150
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
1221
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, 'providersToUnlink of properties argument must be an array of strings.');
|
|
1151
1222
|
}
|
|
1152
1223
|
});
|
|
1153
1224
|
}
|
|
@@ -1253,7 +1324,7 @@ class AbstractAuthRequestHandler {
|
|
|
1253
1324
|
revokeRefreshTokens(uid) {
|
|
1254
1325
|
// Validate user UID.
|
|
1255
1326
|
if (!validator.isUid(uid)) {
|
|
1256
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1327
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_UID));
|
|
1257
1328
|
}
|
|
1258
1329
|
const request = {
|
|
1259
1330
|
localId: uid,
|
|
@@ -1274,7 +1345,7 @@ class AbstractAuthRequestHandler {
|
|
|
1274
1345
|
*/
|
|
1275
1346
|
createNewAccount(properties) {
|
|
1276
1347
|
if (!validator.isNonNullObject(properties)) {
|
|
1277
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1348
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, 'Properties argument must be a non-null object.'));
|
|
1278
1349
|
}
|
|
1279
1350
|
const request = (0, deep_copy_1.deepCopy)(properties);
|
|
1280
1351
|
// Rewrite photoURL to photoUrl.
|
|
@@ -1296,10 +1367,10 @@ class AbstractAuthRequestHandler {
|
|
|
1296
1367
|
// Enrollment time and uid are not allowed for signupNewUser endpoint.
|
|
1297
1368
|
// They will automatically be provisioned server side.
|
|
1298
1369
|
if ('enrollmentTime' in multiFactorInfo) {
|
|
1299
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
1370
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, '"enrollmentTime" is not supported when adding second factors via "createUser()"');
|
|
1300
1371
|
}
|
|
1301
1372
|
else if ('uid' in multiFactorInfo) {
|
|
1302
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
1373
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, '"uid" is not supported when adding second factors via "createUser()"');
|
|
1303
1374
|
}
|
|
1304
1375
|
mfaInfo.push((0, user_import_builder_1.convertMultiFactorInfoToServerFormat)(multiFactorInfo));
|
|
1305
1376
|
});
|
|
@@ -1341,7 +1412,7 @@ class AbstractAuthRequestHandler {
|
|
|
1341
1412
|
// ActionCodeSettings required for email link sign-in to determine the url where the sign-in will
|
|
1342
1413
|
// be completed.
|
|
1343
1414
|
if (typeof actionCodeSettings === 'undefined' && requestType === 'EMAIL_SIGNIN') {
|
|
1344
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1415
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, "`actionCodeSettings` is required when `requestType` === 'EMAIL_SIGNIN'"));
|
|
1345
1416
|
}
|
|
1346
1417
|
if (typeof actionCodeSettings !== 'undefined' || requestType === 'EMAIL_SIGNIN') {
|
|
1347
1418
|
try {
|
|
@@ -1353,7 +1424,7 @@ class AbstractAuthRequestHandler {
|
|
|
1353
1424
|
}
|
|
1354
1425
|
}
|
|
1355
1426
|
if (requestType === 'VERIFY_AND_CHANGE_EMAIL' && typeof newEmail === 'undefined') {
|
|
1356
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1427
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, "`newEmail` is required when `requestType` === 'VERIFY_AND_CHANGE_EMAIL'"));
|
|
1357
1428
|
}
|
|
1358
1429
|
return this.invokeRequestHandler(this.getAuthUrlBuilder(), FIREBASE_AUTH_GET_OOB_CODE, request)
|
|
1359
1430
|
.then((response) => {
|
|
@@ -1369,7 +1440,7 @@ class AbstractAuthRequestHandler {
|
|
|
1369
1440
|
*/
|
|
1370
1441
|
getOAuthIdpConfig(providerId) {
|
|
1371
1442
|
if (!auth_config_1.OIDCConfig.isProviderId(providerId)) {
|
|
1372
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1443
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PROVIDER_ID));
|
|
1373
1444
|
}
|
|
1374
1445
|
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), GET_OAUTH_IDP_CONFIG, {}, { providerId });
|
|
1375
1446
|
}
|
|
@@ -1411,7 +1482,7 @@ class AbstractAuthRequestHandler {
|
|
|
1411
1482
|
*/
|
|
1412
1483
|
deleteOAuthIdpConfig(providerId) {
|
|
1413
1484
|
if (!auth_config_1.OIDCConfig.isProviderId(providerId)) {
|
|
1414
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1485
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PROVIDER_ID));
|
|
1415
1486
|
}
|
|
1416
1487
|
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), DELETE_OAUTH_IDP_CONFIG, {}, { providerId })
|
|
1417
1488
|
.then(() => {
|
|
@@ -1438,7 +1509,7 @@ class AbstractAuthRequestHandler {
|
|
|
1438
1509
|
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), CREATE_OAUTH_IDP_CONFIG, request, { providerId })
|
|
1439
1510
|
.then((response) => {
|
|
1440
1511
|
if (!auth_config_1.OIDCConfig.getProviderIdFromResourceName(response.name)) {
|
|
1441
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
1512
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to create new OIDC provider configuration');
|
|
1442
1513
|
}
|
|
1443
1514
|
return response;
|
|
1444
1515
|
});
|
|
@@ -1453,7 +1524,7 @@ class AbstractAuthRequestHandler {
|
|
|
1453
1524
|
*/
|
|
1454
1525
|
updateOAuthIdpConfig(providerId, options) {
|
|
1455
1526
|
if (!auth_config_1.OIDCConfig.isProviderId(providerId)) {
|
|
1456
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1527
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PROVIDER_ID));
|
|
1457
1528
|
}
|
|
1458
1529
|
// Construct backend request.
|
|
1459
1530
|
let request;
|
|
@@ -1467,7 +1538,7 @@ class AbstractAuthRequestHandler {
|
|
|
1467
1538
|
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), UPDATE_OAUTH_IDP_CONFIG, request, { providerId, updateMask: updateMask.join(',') })
|
|
1468
1539
|
.then((response) => {
|
|
1469
1540
|
if (!auth_config_1.OIDCConfig.getProviderIdFromResourceName(response.name)) {
|
|
1470
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
1541
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to update OIDC provider configuration');
|
|
1471
1542
|
}
|
|
1472
1543
|
return response;
|
|
1473
1544
|
});
|
|
@@ -1480,7 +1551,7 @@ class AbstractAuthRequestHandler {
|
|
|
1480
1551
|
*/
|
|
1481
1552
|
getInboundSamlConfig(providerId) {
|
|
1482
1553
|
if (!auth_config_1.SAMLConfig.isProviderId(providerId)) {
|
|
1483
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1554
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PROVIDER_ID));
|
|
1484
1555
|
}
|
|
1485
1556
|
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), GET_INBOUND_SAML_CONFIG, {}, { providerId });
|
|
1486
1557
|
}
|
|
@@ -1522,7 +1593,7 @@ class AbstractAuthRequestHandler {
|
|
|
1522
1593
|
*/
|
|
1523
1594
|
deleteInboundSamlConfig(providerId) {
|
|
1524
1595
|
if (!auth_config_1.SAMLConfig.isProviderId(providerId)) {
|
|
1525
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1596
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PROVIDER_ID));
|
|
1526
1597
|
}
|
|
1527
1598
|
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), DELETE_INBOUND_SAML_CONFIG, {}, { providerId })
|
|
1528
1599
|
.then(() => {
|
|
@@ -1549,7 +1620,7 @@ class AbstractAuthRequestHandler {
|
|
|
1549
1620
|
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), CREATE_INBOUND_SAML_CONFIG, request, { providerId })
|
|
1550
1621
|
.then((response) => {
|
|
1551
1622
|
if (!auth_config_1.SAMLConfig.getProviderIdFromResourceName(response.name)) {
|
|
1552
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
1623
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to create new SAML provider configuration');
|
|
1553
1624
|
}
|
|
1554
1625
|
return response;
|
|
1555
1626
|
});
|
|
@@ -1564,7 +1635,7 @@ class AbstractAuthRequestHandler {
|
|
|
1564
1635
|
*/
|
|
1565
1636
|
updateInboundSamlConfig(providerId, options) {
|
|
1566
1637
|
if (!auth_config_1.SAMLConfig.isProviderId(providerId)) {
|
|
1567
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1638
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PROVIDER_ID));
|
|
1568
1639
|
}
|
|
1569
1640
|
// Construct backend request.
|
|
1570
1641
|
let request;
|
|
@@ -1578,7 +1649,7 @@ class AbstractAuthRequestHandler {
|
|
|
1578
1649
|
return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), UPDATE_INBOUND_SAML_CONFIG, request, { providerId, updateMask: updateMask.join(',') })
|
|
1579
1650
|
.then((response) => {
|
|
1580
1651
|
if (!auth_config_1.SAMLConfig.getProviderIdFromResourceName(response.name)) {
|
|
1581
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
1652
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to update SAML provider configuration');
|
|
1582
1653
|
}
|
|
1583
1654
|
return response;
|
|
1584
1655
|
});
|
|
@@ -1611,22 +1682,26 @@ class AbstractAuthRequestHandler {
|
|
|
1611
1682
|
return this.httpClient.send(req);
|
|
1612
1683
|
})
|
|
1613
1684
|
.then((response) => {
|
|
1614
|
-
// Validate response.
|
|
1615
1685
|
const responseValidator = apiSettings.getResponseValidator();
|
|
1616
|
-
responseValidator
|
|
1617
|
-
|
|
1686
|
+
if (responseValidator) {
|
|
1687
|
+
responseValidator(response);
|
|
1688
|
+
}
|
|
1689
|
+
// Return entire response data.
|
|
1618
1690
|
return response.data;
|
|
1619
1691
|
})
|
|
1620
1692
|
.catch((err) => {
|
|
1621
1693
|
if (err instanceof api_request_1.RequestResponseError) {
|
|
1622
|
-
const
|
|
1623
|
-
const errorCode = AbstractAuthRequestHandler.getErrorCode(error);
|
|
1694
|
+
const errorCode = AbstractAuthRequestHandler.getErrorCode(err.response.data);
|
|
1624
1695
|
if (!errorCode) {
|
|
1625
|
-
|
|
1626
|
-
|
|
1627
|
-
|
|
1696
|
+
// Fallback for unexpected server error responses without a parseable error code.
|
|
1697
|
+
throw new error_1.FirebaseAuthError({
|
|
1698
|
+
...error_1.authClientErrorCode.INTERNAL_ERROR,
|
|
1699
|
+
message: 'An internal error occurred while attempting to extract the errorcode from the error.',
|
|
1700
|
+
cause: err,
|
|
1701
|
+
httpResponse: (0, error_2.toHttpResponse)(err.response),
|
|
1702
|
+
});
|
|
1628
1703
|
}
|
|
1629
|
-
throw error_1.FirebaseAuthError.fromServerError(errorCode, /* message */ undefined,
|
|
1704
|
+
throw error_1.FirebaseAuthError.fromServerError(errorCode, /* message */ undefined, err);
|
|
1630
1705
|
}
|
|
1631
1706
|
throw err;
|
|
1632
1707
|
});
|
|
@@ -1654,26 +1729,51 @@ exports.AbstractAuthRequestHandler = AbstractAuthRequestHandler;
|
|
|
1654
1729
|
/** Instantiates the getConfig endpoint settings. */
|
|
1655
1730
|
const GET_PROJECT_CONFIG = new api_request_1.ApiSettings('/config', 'GET')
|
|
1656
1731
|
.setResponseValidator((response) => {
|
|
1732
|
+
// The Auth emulator does not populate the resource `name` field on the
|
|
1733
|
+
// project config response, so skip the assertion when running against it.
|
|
1734
|
+
if (useEmulator()) {
|
|
1735
|
+
return;
|
|
1736
|
+
}
|
|
1737
|
+
const data = response.data;
|
|
1657
1738
|
// Response should always contain at least the config name.
|
|
1658
|
-
if (!validator.isNonEmptyString(
|
|
1659
|
-
throw new error_1.FirebaseAuthError(
|
|
1739
|
+
if (!validator.isNonEmptyString(data?.name)) {
|
|
1740
|
+
throw new error_1.FirebaseAuthError({
|
|
1741
|
+
...error_1.authClientErrorCode.INTERNAL_ERROR,
|
|
1742
|
+
message: 'INTERNAL ASSERT FAILED: Unable to get project config',
|
|
1743
|
+
httpResponse: (0, error_2.toHttpResponse)(response),
|
|
1744
|
+
});
|
|
1660
1745
|
}
|
|
1661
1746
|
});
|
|
1662
1747
|
/** Instantiates the updateConfig endpoint settings. */
|
|
1663
1748
|
const UPDATE_PROJECT_CONFIG = new api_request_1.ApiSettings('/config?updateMask={updateMask}', 'PATCH')
|
|
1664
1749
|
.setResponseValidator((response) => {
|
|
1750
|
+
// The Auth emulator does not populate the resource `name` field on the
|
|
1751
|
+
// project config response, so skip the assertion when running against it.
|
|
1752
|
+
if (useEmulator()) {
|
|
1753
|
+
return;
|
|
1754
|
+
}
|
|
1755
|
+
const data = response.data;
|
|
1665
1756
|
// Response should always contain at least the config name.
|
|
1666
|
-
if (!validator.isNonEmptyString(
|
|
1667
|
-
throw new error_1.FirebaseAuthError(
|
|
1757
|
+
if (!validator.isNonEmptyString(data?.name)) {
|
|
1758
|
+
throw new error_1.FirebaseAuthError({
|
|
1759
|
+
...error_1.authClientErrorCode.INTERNAL_ERROR,
|
|
1760
|
+
message: 'INTERNAL ASSERT FAILED: Unable to update project config',
|
|
1761
|
+
httpResponse: (0, error_2.toHttpResponse)(response),
|
|
1762
|
+
});
|
|
1668
1763
|
}
|
|
1669
1764
|
});
|
|
1670
1765
|
/** Instantiates the getTenant endpoint settings. */
|
|
1671
1766
|
const GET_TENANT = new api_request_1.ApiSettings('/tenants/{tenantId}', 'GET')
|
|
1672
1767
|
// Set response validator.
|
|
1673
1768
|
.setResponseValidator((response) => {
|
|
1769
|
+
const data = response.data;
|
|
1674
1770
|
// Response should always contain at least the tenant name.
|
|
1675
|
-
if (!validator.isNonEmptyString(
|
|
1676
|
-
throw new error_1.FirebaseAuthError(
|
|
1771
|
+
if (!validator.isNonEmptyString(data?.name)) {
|
|
1772
|
+
throw new error_1.FirebaseAuthError({
|
|
1773
|
+
...error_1.authClientErrorCode.INTERNAL_ERROR,
|
|
1774
|
+
message: 'INTERNAL ASSERT FAILED: Unable to get tenant',
|
|
1775
|
+
httpResponse: (0, error_2.toHttpResponse)(response),
|
|
1776
|
+
});
|
|
1677
1777
|
}
|
|
1678
1778
|
});
|
|
1679
1779
|
/** Instantiates the deleteTenant endpoint settings. */
|
|
@@ -1682,10 +1782,15 @@ const DELETE_TENANT = new api_request_1.ApiSettings('/tenants/{tenantId}', 'DELE
|
|
|
1682
1782
|
const UPDATE_TENANT = new api_request_1.ApiSettings('/tenants/{tenantId}?updateMask={updateMask}', 'PATCH')
|
|
1683
1783
|
// Set response validator.
|
|
1684
1784
|
.setResponseValidator((response) => {
|
|
1785
|
+
const data = response.data;
|
|
1685
1786
|
// Response should always contain at least the tenant name.
|
|
1686
|
-
if (!validator.isNonEmptyString(
|
|
1687
|
-
!tenant_1.Tenant.getTenantIdFromResourceName(
|
|
1688
|
-
throw new error_1.FirebaseAuthError(
|
|
1787
|
+
if (!validator.isNonEmptyString(data?.name) ||
|
|
1788
|
+
!tenant_1.Tenant.getTenantIdFromResourceName(data?.name)) {
|
|
1789
|
+
throw new error_1.FirebaseAuthError({
|
|
1790
|
+
...error_1.authClientErrorCode.INTERNAL_ERROR,
|
|
1791
|
+
message: 'INTERNAL ASSERT FAILED: Unable to update tenant',
|
|
1792
|
+
httpResponse: (0, error_2.toHttpResponse)(response),
|
|
1793
|
+
});
|
|
1689
1794
|
}
|
|
1690
1795
|
});
|
|
1691
1796
|
/** Instantiates the listTenants endpoint settings. */
|
|
@@ -1695,13 +1800,13 @@ const LIST_TENANTS = new api_request_1.ApiSettings('/tenants', 'GET')
|
|
|
1695
1800
|
// Validate next page token.
|
|
1696
1801
|
if (typeof request.pageToken !== 'undefined' &&
|
|
1697
1802
|
!validator.isNonEmptyString(request.pageToken)) {
|
|
1698
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
1803
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_PAGE_TOKEN);
|
|
1699
1804
|
}
|
|
1700
1805
|
// Validate max results.
|
|
1701
1806
|
if (!validator.isNumber(request.pageSize) ||
|
|
1702
1807
|
request.pageSize <= 0 ||
|
|
1703
1808
|
request.pageSize > MAX_LIST_TENANT_PAGE_SIZE) {
|
|
1704
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
1809
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_ARGUMENT, 'Required "maxResults" must be a positive non-zero number that does not exceed ' +
|
|
1705
1810
|
`the allowed ${MAX_LIST_TENANT_PAGE_SIZE}.`);
|
|
1706
1811
|
}
|
|
1707
1812
|
});
|
|
@@ -1709,10 +1814,15 @@ const LIST_TENANTS = new api_request_1.ApiSettings('/tenants', 'GET')
|
|
|
1709
1814
|
const CREATE_TENANT = new api_request_1.ApiSettings('/tenants', 'POST')
|
|
1710
1815
|
// Set response validator.
|
|
1711
1816
|
.setResponseValidator((response) => {
|
|
1817
|
+
const data = response.data;
|
|
1712
1818
|
// Response should always contain at least the tenant name.
|
|
1713
|
-
if (!validator.isNonEmptyString(
|
|
1714
|
-
!tenant_1.Tenant.getTenantIdFromResourceName(
|
|
1715
|
-
throw new error_1.FirebaseAuthError(
|
|
1819
|
+
if (!validator.isNonEmptyString(data?.name) ||
|
|
1820
|
+
!tenant_1.Tenant.getTenantIdFromResourceName(data?.name)) {
|
|
1821
|
+
throw new error_1.FirebaseAuthError({
|
|
1822
|
+
...error_1.authClientErrorCode.INTERNAL_ERROR,
|
|
1823
|
+
message: 'INTERNAL ASSERT FAILED: Unable to create tenant',
|
|
1824
|
+
httpResponse: (0, error_2.toHttpResponse)(response),
|
|
1825
|
+
});
|
|
1716
1826
|
}
|
|
1717
1827
|
});
|
|
1718
1828
|
/**
|
|
@@ -1729,19 +1839,19 @@ class AuthRequestHandler extends AbstractAuthRequestHandler {
|
|
|
1729
1839
|
*/
|
|
1730
1840
|
constructor(app) {
|
|
1731
1841
|
super(app);
|
|
1732
|
-
this.authResourceUrlBuilder = new AuthResourceUrlBuilder(app, 'v2');
|
|
1842
|
+
this.authResourceUrlBuilder = new AuthResourceUrlBuilder(app, 'v2', this.emulatorHostValue);
|
|
1733
1843
|
}
|
|
1734
1844
|
/**
|
|
1735
1845
|
* @returns A new Auth user management resource URL builder instance.
|
|
1736
1846
|
*/
|
|
1737
1847
|
newAuthUrlBuilder() {
|
|
1738
|
-
return new AuthResourceUrlBuilder(this.app, 'v1');
|
|
1848
|
+
return new AuthResourceUrlBuilder(this.app, 'v1', this.emulatorHostValue);
|
|
1739
1849
|
}
|
|
1740
1850
|
/**
|
|
1741
1851
|
* @returns A new project config resource URL builder instance.
|
|
1742
1852
|
*/
|
|
1743
1853
|
newProjectConfigUrlBuilder() {
|
|
1744
|
-
return new AuthResourceUrlBuilder(this.app, 'v2');
|
|
1854
|
+
return new AuthResourceUrlBuilder(this.app, 'v2', this.emulatorHostValue);
|
|
1745
1855
|
}
|
|
1746
1856
|
/**
|
|
1747
1857
|
* Get the current project's config
|
|
@@ -1778,7 +1888,7 @@ class AuthRequestHandler extends AbstractAuthRequestHandler {
|
|
|
1778
1888
|
*/
|
|
1779
1889
|
getTenant(tenantId) {
|
|
1780
1890
|
if (!validator.isNonEmptyString(tenantId)) {
|
|
1781
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1891
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_TENANT_ID));
|
|
1782
1892
|
}
|
|
1783
1893
|
return this.invokeRequestHandler(this.authResourceUrlBuilder, GET_TENANT, {}, { tenantId })
|
|
1784
1894
|
.then((response) => {
|
|
@@ -1824,7 +1934,7 @@ class AuthRequestHandler extends AbstractAuthRequestHandler {
|
|
|
1824
1934
|
*/
|
|
1825
1935
|
deleteTenant(tenantId) {
|
|
1826
1936
|
if (!validator.isNonEmptyString(tenantId)) {
|
|
1827
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1937
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_TENANT_ID));
|
|
1828
1938
|
}
|
|
1829
1939
|
return this.invokeRequestHandler(this.authResourceUrlBuilder, DELETE_TENANT, undefined, { tenantId })
|
|
1830
1940
|
.then(() => {
|
|
@@ -1859,7 +1969,7 @@ class AuthRequestHandler extends AbstractAuthRequestHandler {
|
|
|
1859
1969
|
*/
|
|
1860
1970
|
updateTenant(tenantId, tenantOptions) {
|
|
1861
1971
|
if (!validator.isNonEmptyString(tenantId)) {
|
|
1862
|
-
return Promise.reject(new error_1.FirebaseAuthError(error_1.
|
|
1972
|
+
return Promise.reject(new error_1.FirebaseAuthError(error_1.authClientErrorCode.INVALID_TENANT_ID));
|
|
1863
1973
|
}
|
|
1864
1974
|
try {
|
|
1865
1975
|
// Construct backend request.
|
|
@@ -1890,23 +2000,24 @@ class TenantAwareAuthRequestHandler extends AbstractAuthRequestHandler {
|
|
|
1890
2000
|
*
|
|
1891
2001
|
* @param app - The app used to fetch access tokens to sign API requests.
|
|
1892
2002
|
* @param tenantId - The request handler's tenant ID.
|
|
2003
|
+
* @param emHost - Optional emulator host override captured at init time.
|
|
1893
2004
|
* @constructor
|
|
1894
2005
|
*/
|
|
1895
|
-
constructor(app, tenantId) {
|
|
1896
|
-
super(app);
|
|
2006
|
+
constructor(app, tenantId, emHost) {
|
|
2007
|
+
super(app, emHost);
|
|
1897
2008
|
this.tenantId = tenantId;
|
|
1898
2009
|
}
|
|
1899
2010
|
/**
|
|
1900
2011
|
* @returns A new Auth user management resource URL builder instance.
|
|
1901
2012
|
*/
|
|
1902
2013
|
newAuthUrlBuilder() {
|
|
1903
|
-
return new TenantAwareAuthResourceUrlBuilder(this.app, 'v1', this.tenantId);
|
|
2014
|
+
return new TenantAwareAuthResourceUrlBuilder(this.app, 'v1', this.tenantId, this.emulatorHostValue);
|
|
1904
2015
|
}
|
|
1905
2016
|
/**
|
|
1906
2017
|
* @returns A new project config resource URL builder instance.
|
|
1907
2018
|
*/
|
|
1908
2019
|
newProjectConfigUrlBuilder() {
|
|
1909
|
-
return new TenantAwareAuthResourceUrlBuilder(this.app, 'v2', this.tenantId);
|
|
2020
|
+
return new TenantAwareAuthResourceUrlBuilder(this.app, 'v2', this.tenantId, this.emulatorHostValue);
|
|
1910
2021
|
}
|
|
1911
2022
|
/**
|
|
1912
2023
|
* Imports the list of users provided to Firebase Auth. This is useful when
|
|
@@ -1929,7 +2040,7 @@ class TenantAwareAuthRequestHandler extends AbstractAuthRequestHandler {
|
|
|
1929
2040
|
users.forEach((user, index) => {
|
|
1930
2041
|
if (validator.isNonEmptyString(user.tenantId) &&
|
|
1931
2042
|
user.tenantId !== this.tenantId) {
|
|
1932
|
-
throw new error_1.FirebaseAuthError(error_1.
|
|
2043
|
+
throw new error_1.FirebaseAuthError(error_1.authClientErrorCode.MISMATCHING_TENANT_ID, `UserRecord of index "${index}" has mismatching tenant ID "${user.tenantId}"`);
|
|
1933
2044
|
}
|
|
1934
2045
|
});
|
|
1935
2046
|
return super.uploadAccount(users, options);
|