firebase-admin 9.100.0-alpha.0 → 10.0.2

package/lib/utils/api-request.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v9.100.0-alpha.0 */
+/*! firebase-admin v10.0.2 */
 /*!
  * @license
  * Copyright 2017 Google Inc.
@@ -99,17 +99,17 @@ export declare class HttpClient {
      * header should be explicitly set by the caller. To send a JSON leaf value (e.g. "foo", 5), parse it into JSON,
      * and pass as a string or a Buffer along with the appropriate content-type header.
      *
-     * @param {HttpRequest} config HTTP request to be sent.
-     * @return {Promise<HttpResponse>} A promise that resolves with the response details.
+     * @param config - HTTP request to be sent.
+     * @returns A promise that resolves with the response details.
      */
     send(config: HttpRequestConfig): Promise<HttpResponse>;
     /**
      * Sends an HTTP request. In the event of an error, retries the HTTP request according to the
      * RetryConfig set on the HttpClient.
      *
-     * @param {HttpRequestConfig} config HTTP request to be sent.
-     * @param {number} retryAttempts Number of retries performed up to now.
-     * @return {Promise<HttpResponse>} A promise that resolves with the response details.
+     * @param config - HTTP request to be sent.
+     * @param retryAttempts - Number of retries performed up to now.
+     * @returns A promise that resolves with the response details.
      */
     private sendWithRetry;
     private createHttpResponse;
@@ -118,9 +118,9 @@ export declare class HttpClient {
      * Checks if a failed request is eligible for a retry, and if so returns the duration to wait before initiating
      * the retry.
      *
-     * @param {number} retryAttempts Number of retries completed up to now.
-     * @param {LowLevelError} err The last encountered error.
-     * @returns {[number, boolean]} A 2-tuple where the 1st element is the duration to wait before another retry, and the
+     * @param retryAttempts - Number of retries completed up to now.
+     * @param err - The last encountered error.
+     * @returns A 2-tuple where the 1st element is the duration to wait before another retry, and the
      *     2nd element is a boolean indicating whether the request is eligible for a retry or not.
      */
     private getRetryDelayMillis;
@@ -135,9 +135,9 @@ export declare class HttpClient {
 /**
  * Parses a full HTTP response message containing both a header and a body.
  *
- * @param {string|Buffer} response The HTTP response to be parsed.
- * @param {HttpRequestConfig} config The request configuration that resulted in the HTTP response.
- * @return {HttpResponse} An object containing the parsed HTTP status, headers and the body.
+ * @param response - The HTTP response to be parsed.
+ * @param config - The request configuration that resulted in the HTTP response.
+ * @returns An object containing the parsed HTTP status, headers and the body.
  */
 export declare function parseHttpResponse(response: string | Buffer, config: HttpRequestConfig): HttpResponse;
 export declare class AuthorizedHttpClient extends HttpClient {
@@ -149,8 +149,8 @@ export declare class AuthorizedHttpClient extends HttpClient {
 /**
  * Class that defines all the settings for the backend API endpoint.
  *
- * @param {string} endpoint The Firebase Auth backend endpoint.
- * @param {HttpMethod} httpMethod The http method for that endpoint.
+ * @param endpoint - The Firebase Auth backend endpoint.
+ * @param httpMethod - The http method for that endpoint.
  * @constructor
  */
 export declare class ApiSettings {
@@ -159,23 +159,23 @@ export declare class ApiSettings {
     private requestValidator;
     private responseValidator;
     constructor(endpoint: string, httpMethod?: HttpMethod);
-    /** @return {string} The backend API endpoint. */
+    /** @returns The backend API endpoint. */
     getEndpoint(): string;
-    /** @return {HttpMethod} The request HTTP method. */
+    /** @returns The request HTTP method. */
     getHttpMethod(): HttpMethod;
     /**
-     * @param {ApiCallbackFunction} requestValidator The request validator.
-     * @return {ApiSettings} The current API settings instance.
+     * @param requestValidator - The request validator.
+     * @returns The current API settings instance.
      */
     setRequestValidator(requestValidator: ApiCallbackFunction | null): ApiSettings;
-    /** @return {ApiCallbackFunction} The request validator. */
+    /** @returns The request validator. */
     getRequestValidator(): ApiCallbackFunction;
     /**
-     * @param {ApiCallbackFunction} responseValidator The response validator.
-     * @return {ApiSettings} The current API settings instance.
+     * @param responseValidator - The response validator.
+     * @returns The current API settings instance.
      */
     setResponseValidator(responseValidator: ApiCallbackFunction | null): ApiSettings;
-    /** @return {ApiCallbackFunction} The response validator. */
+    /** @returns The response validator. */
     getResponseValidator(): ApiCallbackFunction;
 }
 /**
@@ -217,10 +217,10 @@ export declare class ExponentialBackoffPoller<T> extends EventEmitter {
     /**
      * Poll the provided callback with exponential backoff.
      *
-     * @param {() => Promise<T>} callback The callback to be called for each poll. If the
+     * @param callback - The callback to be called for each poll. If the
      *     callback resolves to a falsey value, polling will continue. Otherwise, the truthy
      *     resolution will be used to resolve the promise returned by this method.
-     * @return {Promise<T>} A Promise which resolves to the truthy value returned by the provided
+     * @returns A Promise which resolves to the truthy value returned by the provided
      *     callback when polling is complete.
      */
     poll(callback: () => Promise<T>): Promise<T>;

package/lib/utils/api-request.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v9.100.0-alpha.0 */
+/*! firebase-admin v10.0.2 */
 "use strict";
 /*!
  * @license
@@ -134,7 +134,7 @@ exports.defaultRetryConfig = defaultRetryConfig;
 /**
  * Ensures that the given RetryConfig object is valid.
  *
- * @param retry The configuration to be validated.
+ * @param retry - The configuration to be validated.
  */
 function validateRetryConfig(retry) {
     if (!validator.isNumber(retry.maxRetries) || retry.maxRetries < 0) {
@@ -174,8 +174,8 @@ var HttpClient = /** @class */ (function () {
      * header should be explicitly set by the caller. To send a JSON leaf value (e.g. "foo", 5), parse it into JSON,
      * and pass as a string or a Buffer along with the appropriate content-type header.
      *
-     * @param {HttpRequest} config HTTP request to be sent.
-     * @return {Promise<HttpResponse>} A promise that resolves with the response details.
+     * @param config - HTTP request to be sent.
+     * @returns A promise that resolves with the response details.
      */
     HttpClient.prototype.send = function (config) {
         return this.sendWithRetry(config);
@@ -184,9 +184,9 @@ var HttpClient = /** @class */ (function () {
      * Sends an HTTP request. In the event of an error, retries the HTTP request according to the
      * RetryConfig set on the HttpClient.
      *
-     * @param {HttpRequestConfig} config HTTP request to be sent.
-     * @param {number} retryAttempts Number of retries performed up to now.
-     * @return {Promise<HttpResponse>} A promise that resolves with the response details.
+     * @param config - HTTP request to be sent.
+     * @param retryAttempts - Number of retries performed up to now.
+     * @returns A promise that resolves with the response details.
      */
     HttpClient.prototype.sendWithRetry = function (config, retryAttempts) {
         var _this = this;
@@ -229,9 +229,9 @@ var HttpClient = /** @class */ (function () {
      * Checks if a failed request is eligible for a retry, and if so returns the duration to wait before initiating
      * the retry.
      *
-     * @param {number} retryAttempts Number of retries completed up to now.
-     * @param {LowLevelError} err The last encountered error.
-     * @returns {[number, boolean]} A 2-tuple where the 1st element is the duration to wait before another retry, and the
+     * @param retryAttempts - Number of retries completed up to now.
+     * @param err - The last encountered error.
+     * @returns A 2-tuple where the 1st element is the duration to wait before another retry, and the
      *     2nd element is a boolean indicating whether the request is eligible for a retry or not.
      */
     HttpClient.prototype.getRetryDelayMillis = function (retryAttempts, err) {
@@ -296,9 +296,9 @@ exports.HttpClient = HttpClient;
 /**
  * Parses a full HTTP response message containing both a header and a body.
  *
- * @param {string|Buffer} response The HTTP response to be parsed.
- * @param {HttpRequestConfig} config The request configuration that resulted in the HTTP response.
- * @return {HttpResponse} An object containing the parsed HTTP status, headers and the body.
+ * @param response - The HTTP response to be parsed.
+ * @param config - The request configuration that resulted in the HTTP response.
+ * @returns An object containing the parsed HTTP status, headers and the body.
  */
 function parseHttpResponse(response, config) {
     var responseText = validator.isBuffer(response) ?
@@ -687,8 +687,8 @@ exports.AuthorizedHttpClient = AuthorizedHttpClient;
 /**
  * Class that defines all the settings for the backend API endpoint.
  *
- * @param {string} endpoint The Firebase Auth backend endpoint.
- * @param {HttpMethod} httpMethod The http method for that endpoint.
+ * @param endpoint - The Firebase Auth backend endpoint.
+ * @param httpMethod - The http method for that endpoint.
  * @constructor
  */
 var ApiSettings = /** @class */ (function () {
@@ -699,37 +699,37 @@ var ApiSettings = /** @class */ (function () {
         this.setRequestValidator(null)
             .setResponseValidator(null);
     }
-    /** @return {string} The backend API endpoint. */
+    /** @returns The backend API endpoint. */
     ApiSettings.prototype.getEndpoint = function () {
         return this.endpoint;
     };
-    /** @return {HttpMethod} The request HTTP method. */
+    /** @returns The request HTTP method. */
     ApiSettings.prototype.getHttpMethod = function () {
         return this.httpMethod;
     };
     /**
-     * @param {ApiCallbackFunction} requestValidator The request validator.
-     * @return {ApiSettings} The current API settings instance.
+     * @param requestValidator - The request validator.
+     * @returns The current API settings instance.
      */
     ApiSettings.prototype.setRequestValidator = function (requestValidator) {
         var nullFunction = function () { return undefined; };
         this.requestValidator = requestValidator || nullFunction;
         return this;
     };
-    /** @return {ApiCallbackFunction} The request validator. */
+    /** @returns The request validator. */
     ApiSettings.prototype.getRequestValidator = function () {
         return this.requestValidator;
     };
     /**
-     * @param {ApiCallbackFunction} responseValidator The response validator.
-     * @return {ApiSettings} The current API settings instance.
+     * @param responseValidator - The response validator.
+     * @returns The current API settings instance.
      */
     ApiSettings.prototype.setResponseValidator = function (responseValidator) {
         var nullFunction = function () { return undefined; };
         this.responseValidator = responseValidator || nullFunction;
         return this;
     };
-    /** @return {ApiCallbackFunction} The response validator. */
+    /** @returns The response validator. */
     ApiSettings.prototype.getResponseValidator = function () {
         return this.responseValidator;
     };
@@ -777,10 +777,10 @@ var ExponentialBackoffPoller = /** @class */ (function (_super) {
     /**
      * Poll the provided callback with exponential backoff.
      *
-     * @param {() => Promise<T>} callback The callback to be called for each poll. If the
+     * @param callback - The callback to be called for each poll. If the
      *     callback resolves to a falsey value, polling will continue. Otherwise, the truthy
      *     resolution will be used to resolve the promise returned by this method.
-     * @return {Promise<T>} A Promise which resolves to the truthy value returned by the provided
+     * @returns A Promise which resolves to the truthy value returned by the provided
      *     callback when polling is complete.
      */
     ExponentialBackoffPoller.prototype.poll = function (callback) {

package/lib/utils/crypto-signer.d.ts

@@ -0,0 +1,128 @@
+/*! firebase-admin v10.0.2 */
+/*!
+ * @license
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/// <reference types="node" />
+import { App } from '../app';
+import { ServiceAccountCredential } from '../app/credential-internal';
+import { AuthorizedHttpClient } from './api-request';
+import { Algorithm } from 'jsonwebtoken';
+import { ErrorInfo } from '../utils/error';
+/**
+ * CryptoSigner interface represents an object that can be used to sign JWTs.
+ */
+export interface CryptoSigner {
+    /**
+     * The name of the signing algorithm.
+     */
+    readonly algorithm: Algorithm;
+    /**
+     * Cryptographically signs a buffer of data.
+     *
+     * @param buffer - The data to be signed.
+     * @returns A promise that resolves with the raw bytes of a signature.
+     */
+    sign(buffer: Buffer): Promise<Buffer>;
+    /**
+     * Returns the ID of the service account used to sign tokens.
+     *
+     * @returns A promise that resolves with a service account ID.
+     */
+    getAccountId(): Promise<string>;
+}
+/**
+ * A CryptoSigner implementation that uses an explicitly specified service account private key to
+ * sign data. Performs all operations locally, and does not make any RPC calls.
+ */
+export declare class ServiceAccountSigner implements CryptoSigner {
+    private readonly credential;
+    algorithm: Algorithm;
+    /**
+     * Creates a new CryptoSigner instance from the given service account credential.
+     *
+     * @param credential - A service account credential.
+     */
+    constructor(credential: ServiceAccountCredential);
+    /**
+     * @inheritDoc
+     */
+    sign(buffer: Buffer): Promise<Buffer>;
+    /**
+     * @inheritDoc
+     */
+    getAccountId(): Promise<string>;
+}
+/**
+ * A CryptoSigner implementation that uses the remote IAM service to sign data. If initialized without
+ * a service account ID, attempts to discover a service account ID by consulting the local Metadata
+ * service. This will succeed in managed environments like Google Cloud Functions and App Engine.
+ *
+ * @see https://cloud.google.com/iam/reference/rest/v1/projects.serviceAccounts/signBlob
+ * @see https://cloud.google.com/compute/docs/storing-retrieving-metadata
+ */
+export declare class IAMSigner implements CryptoSigner {
+    algorithm: Algorithm;
+    private readonly httpClient;
+    private serviceAccountId?;
+    constructor(httpClient: AuthorizedHttpClient, serviceAccountId?: string);
+    /**
+     * @inheritDoc
+     */
+    sign(buffer: Buffer): Promise<Buffer>;
+    /**
+     * @inheritDoc
+     */
+    getAccountId(): Promise<string>;
+}
+/**
+ * Creates a new CryptoSigner instance for the given app. If the app has been initialized with a
+ * service account credential, creates a ServiceAccountSigner.
+ *
+ * @param app - A FirebaseApp instance.
+ * @returns A CryptoSigner instance.
+ */
+export declare function cryptoSignerFromApp(app: App): CryptoSigner;
+/**
+ * Defines extended error info type. This includes a code, message string, and error data.
+ */
+export interface ExtendedErrorInfo extends ErrorInfo {
+    cause?: Error;
+}
+/**
+ * CryptoSigner error code structure.
+ *
+ * @param errorInfo - The error information (code and message).
+ * @constructor
+ */
+export declare class CryptoSignerError extends Error {
+    private errorInfo;
+    constructor(errorInfo: ExtendedErrorInfo);
+    /** @returns The error code. */
+    get code(): string;
+    /** @returns The error message. */
+    get message(): string;
+    /** @returns The error data. */
+    get cause(): Error | undefined;
+}
+/**
+ * Crypto Signer error codes and their default messages.
+ */
+export declare class CryptoSignerErrorCode {
+    static INVALID_ARGUMENT: string;
+    static INTERNAL_ERROR: string;
+    static INVALID_CREDENTIAL: string;
+    static SERVER_ERROR: string;
+}

package/lib/utils/crypto-signer.js

@@ -0,0 +1,237 @@
+/*! firebase-admin v10.0.2 */
+"use strict";
+/*!
+ * @license
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+var __extends = (this && this.__extends) || (function () {
+    var extendStatics = function (d, b) {
+        extendStatics = Object.setPrototypeOf ||
+            ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
+            function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; };
+        return extendStatics(d, b);
+    };
+    return function (d, b) {
+        extendStatics(d, b);
+        function __() { this.constructor = d; }
+        d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CryptoSignerErrorCode = exports.CryptoSignerError = exports.cryptoSignerFromApp = exports.IAMSigner = exports.ServiceAccountSigner = void 0;
+var credential_internal_1 = require("../app/credential-internal");
+var api_request_1 = require("./api-request");
+var validator = require("../utils/validator");
+var ALGORITHM_RS256 = 'RS256';
+/**
+ * A CryptoSigner implementation that uses an explicitly specified service account private key to
+ * sign data. Performs all operations locally, and does not make any RPC calls.
+ */
+var ServiceAccountSigner = /** @class */ (function () {
+    /**
+     * Creates a new CryptoSigner instance from the given service account credential.
+     *
+     * @param credential - A service account credential.
+     */
+    function ServiceAccountSigner(credential) {
+        this.credential = credential;
+        this.algorithm = ALGORITHM_RS256;
+        if (!credential) {
+            throw new CryptoSignerError({
+                code: CryptoSignerErrorCode.INVALID_CREDENTIAL,
+                message: 'INTERNAL ASSERT: Must provide a service account credential to initialize ServiceAccountSigner.',
+            });
+        }
+    }
+    /**
+     * @inheritDoc
+     */
+    ServiceAccountSigner.prototype.sign = function (buffer) {
+        var crypto = require('crypto'); // eslint-disable-line @typescript-eslint/no-var-requires
+        var sign = crypto.createSign('RSA-SHA256');
+        sign.update(buffer);
+        return Promise.resolve(sign.sign(this.credential.privateKey));
+    };
+    /**
+     * @inheritDoc
+     */
+    ServiceAccountSigner.prototype.getAccountId = function () {
+        return Promise.resolve(this.credential.clientEmail);
+    };
+    return ServiceAccountSigner;
+}());
+exports.ServiceAccountSigner = ServiceAccountSigner;
+/**
+ * A CryptoSigner implementation that uses the remote IAM service to sign data. If initialized without
+ * a service account ID, attempts to discover a service account ID by consulting the local Metadata
+ * service. This will succeed in managed environments like Google Cloud Functions and App Engine.
+ *
+ * @see https://cloud.google.com/iam/reference/rest/v1/projects.serviceAccounts/signBlob
+ * @see https://cloud.google.com/compute/docs/storing-retrieving-metadata
+ */
+var IAMSigner = /** @class */ (function () {
+    function IAMSigner(httpClient, serviceAccountId) {
+        this.algorithm = ALGORITHM_RS256;
+        if (!httpClient) {
+            throw new CryptoSignerError({
+                code: CryptoSignerErrorCode.INVALID_ARGUMENT,
+                message: 'INTERNAL ASSERT: Must provide a HTTP client to initialize IAMSigner.',
+            });
+        }
+        if (typeof serviceAccountId !== 'undefined' && !validator.isNonEmptyString(serviceAccountId)) {
+            throw new CryptoSignerError({
+                code: CryptoSignerErrorCode.INVALID_ARGUMENT,
+                message: 'INTERNAL ASSERT: Service account ID must be undefined or a non-empty string.',
+            });
+        }
+        this.httpClient = httpClient;
+        this.serviceAccountId = serviceAccountId;
+    }
+    /**
+     * @inheritDoc
+     */
+    IAMSigner.prototype.sign = function (buffer) {
+        var _this = this;
+        return this.getAccountId().then(function (serviceAccount) {
+            var request = {
+                method: 'POST',
+                url: "https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/" + serviceAccount + ":signBlob",
+                data: { payload: buffer.toString('base64') },
+            };
+            return _this.httpClient.send(request);
+        }).then(function (response) {
+            // Response from IAM is base64 encoded. Decode it into a buffer and return.
+            return Buffer.from(response.data.signedBlob, 'base64');
+        }).catch(function (err) {
+            if (err instanceof api_request_1.HttpError) {
+                throw new CryptoSignerError({
+                    code: CryptoSignerErrorCode.SERVER_ERROR,
+                    message: err.message,
+                    cause: err
+                });
+            }
+            throw err;
+        });
+    };
+    /**
+     * @inheritDoc
+     */
+    IAMSigner.prototype.getAccountId = function () {
+        var _this = this;
+        if (validator.isNonEmptyString(this.serviceAccountId)) {
+            return Promise.resolve(this.serviceAccountId);
+        }
+        var request = {
+            method: 'GET',
+            url: 'http://metadata/computeMetadata/v1/instance/service-accounts/default/email',
+            headers: {
+                'Metadata-Flavor': 'Google',
+            },
+        };
+        var client = new api_request_1.HttpClient();
+        return client.send(request).then(function (response) {
+            if (!response.text) {
+                throw new CryptoSignerError({
+                    code: CryptoSignerErrorCode.INTERNAL_ERROR,
+                    message: 'HTTP Response missing payload',
+                });
+            }
+            _this.serviceAccountId = response.text;
+            return response.text;
+        }).catch(function (err) {
+            throw new CryptoSignerError({
+                code: CryptoSignerErrorCode.INVALID_CREDENTIAL,
+                message: 'Failed to determine service account. Make sure to initialize ' +
+                    'the SDK with a service account credential. Alternatively specify a service ' +
+                    ("account with iam.serviceAccounts.signBlob permission. Original error: " + err),
+            });
+        });
+    };
+    return IAMSigner;
+}());
+exports.IAMSigner = IAMSigner;
+/**
+ * Creates a new CryptoSigner instance for the given app. If the app has been initialized with a
+ * service account credential, creates a ServiceAccountSigner.
+ *
+ * @param app - A FirebaseApp instance.
+ * @returns A CryptoSigner instance.
+ */
+function cryptoSignerFromApp(app) {
+    var credential = app.options.credential;
+    if (credential instanceof credential_internal_1.ServiceAccountCredential) {
+        return new ServiceAccountSigner(credential);
+    }
+    return new IAMSigner(new api_request_1.AuthorizedHttpClient(app), app.options.serviceAccountId);
+}
+exports.cryptoSignerFromApp = cryptoSignerFromApp;
+/**
+ * CryptoSigner error code structure.
+ *
+ * @param errorInfo - The error information (code and message).
+ * @constructor
+ */
+var CryptoSignerError = /** @class */ (function (_super) {
+    __extends(CryptoSignerError, _super);
+    function CryptoSignerError(errorInfo) {
+        var _this = _super.call(this, errorInfo.message) || this;
+        _this.errorInfo = errorInfo;
+        /* tslint:disable:max-line-length */
+        // Set the prototype explicitly. See the following link for more details:
+        // https://github.com/Microsoft/TypeScript/wiki/Breaking-Changes#extending-built-ins-like-error-array-and-map-may-no-longer-work
+        /* tslint:enable:max-line-length */
+        _this.__proto__ = CryptoSignerError.prototype;
+        return _this;
+    }
+    Object.defineProperty(CryptoSignerError.prototype, "code", {
+        /** @returns The error code. */
+        get: function () {
+            return this.errorInfo.code;
+        },
+        enumerable: false,
+        configurable: true
+    });
+    Object.defineProperty(CryptoSignerError.prototype, "message", {
+        /** @returns The error message. */
+        get: function () {
+            return this.errorInfo.message;
+        },
+        enumerable: false,
+        configurable: true
+    });
+    Object.defineProperty(CryptoSignerError.prototype, "cause", {
+        /** @returns The error data. */
+        get: function () {
+            return this.errorInfo.cause;
+        },
+        enumerable: false,
+        configurable: true
+    });
+    return CryptoSignerError;
+}(Error));
+exports.CryptoSignerError = CryptoSignerError;
+/**
+ * Crypto Signer error codes and their default messages.
+ */
+var CryptoSignerErrorCode = /** @class */ (function () {
+    function CryptoSignerErrorCode() {
+    }
+    CryptoSignerErrorCode.INVALID_ARGUMENT = 'invalid-argument';
+    CryptoSignerErrorCode.INTERNAL_ERROR = 'internal-error';
+    CryptoSignerErrorCode.INVALID_CREDENTIAL = 'invalid-credential';
+    CryptoSignerErrorCode.SERVER_ERROR = 'server-error';
+    return CryptoSignerErrorCode;
+}());
+exports.CryptoSignerErrorCode = CryptoSignerErrorCode;

package/lib/utils/deep-copy.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v9.100.0-alpha.0 */
+/*! firebase-admin v10.0.2 */
 /*!
  * @license
  * Copyright 2017 Google Inc.
@@ -18,8 +18,8 @@
 /**
  * Returns a deep copy of an object or array.
  *
- * @param {object|array} value The object or array to deep copy.
- * @return {object|array} A deep copy of the provided object or array.
+ * @param value - The object or array to deep copy.
+ * @returns A deep copy of the provided object or array.
  */
 export declare function deepCopy<T>(value: T): T;
 /**
@@ -33,8 +33,8 @@ export declare function deepCopy<T>(value: T): T;
  * Note that the target can be a function, in which case the properties in the source object are
  * copied onto it as static properties of the function.
  *
- * @param {any} target The value which is being extended.
- * @param {any} source The value whose properties are extending the target.
- * @return {any} The target value.
+ * @param target - The value which is being extended.
+ * @param source - The value whose properties are extending the target.
+ * @returns The target value.
  */
 export declare function deepExtend(target: any, source: any): any;

package/lib/utils/deep-copy.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v9.100.0-alpha.0 */
+/*! firebase-admin v10.0.2 */
 "use strict";
 /*!
  * @license
@@ -21,8 +21,8 @@ exports.deepExtend = exports.deepCopy = void 0;
 /**
  * Returns a deep copy of an object or array.
  *
- * @param {object|array} value The object or array to deep copy.
- * @return {object|array} A deep copy of the provided object or array.
+ * @param value - The object or array to deep copy.
+ * @returns A deep copy of the provided object or array.
  */
 function deepCopy(value) {
     return deepExtend(undefined, value);
@@ -39,9 +39,9 @@ exports.deepCopy = deepCopy;
  * Note that the target can be a function, in which case the properties in the source object are
  * copied onto it as static properties of the function.
  *
- * @param {any} target The value which is being extended.
- * @param {any} source The value whose properties are extending the target.
- * @return {any} The target value.
+ * @param target - The value which is being extended.
+ * @param source - The value whose properties are extending the target.
+ * @returns The target value.
  */
 function deepExtend(target, source) {
     if (!(source instanceof Object)) {