firebase-admin 9.100.0-alpha.0 → 10.0.2

package/lib/app-check/app-check-api-client-internal.js

@@ -0,0 +1,197 @@
+/*! firebase-admin v10.0.2 */
+"use strict";
+/*!
+ * @license
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+var __extends = (this && this.__extends) || (function () {
+    var extendStatics = function (d, b) {
+        extendStatics = Object.setPrototypeOf ||
+            ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
+            function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; };
+        return extendStatics(d, b);
+    };
+    return function (d, b) {
+        extendStatics(d, b);
+        function __() { this.constructor = d; }
+        d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FirebaseAppCheckError = exports.APP_CHECK_ERROR_CODE_MAPPING = exports.AppCheckApiClient = void 0;
+var api_request_1 = require("../utils/api-request");
+var error_1 = require("../utils/error");
+var utils = require("../utils/index");
+var validator = require("../utils/validator");
+// App Check backend constants
+var FIREBASE_APP_CHECK_V1_API_URL_FORMAT = 'https://firebaseappcheck.googleapis.com/v1beta/projects/{projectId}/apps/{appId}:exchangeCustomToken';
+var FIREBASE_APP_CHECK_CONFIG_HEADERS = {
+    'X-Firebase-Client': "fire-admin-node/" + utils.getSdkVersion()
+};
+/**
+ * Class that facilitates sending requests to the Firebase App Check backend API.
+ *
+ * @internal
+ */
+var AppCheckApiClient = /** @class */ (function () {
+    function AppCheckApiClient(app) {
+        this.app = app;
+        if (!validator.isNonNullObject(app) || !('options' in app)) {
+            throw new FirebaseAppCheckError('invalid-argument', 'First argument passed to admin.appCheck() must be a valid Firebase app instance.');
+        }
+        this.httpClient = new api_request_1.AuthorizedHttpClient(app);
+    }
+    /**
+     * Exchange a signed custom token to App Check token
+     *
+     * @param customToken - The custom token to be exchanged.
+     * @param appId - The mobile App ID.
+     * @returns A promise that fulfills with a `AppCheckToken`.
+     */
+    AppCheckApiClient.prototype.exchangeToken = function (customToken, appId) {
+        var _this = this;
+        if (!validator.isNonEmptyString(appId)) {
+            throw new FirebaseAppCheckError('invalid-argument', '`appId` must be a non-empty string.');
+        }
+        if (!validator.isNonEmptyString(customToken)) {
+            throw new FirebaseAppCheckError('invalid-argument', '`customToken` must be a non-empty string.');
+        }
+        return this.getUrl(appId)
+            .then(function (url) {
+            var request = {
+                method: 'POST',
+                url: url,
+                headers: FIREBASE_APP_CHECK_CONFIG_HEADERS,
+                data: { customToken: customToken }
+            };
+            return _this.httpClient.send(request);
+        })
+            .then(function (resp) {
+            return _this.toAppCheckToken(resp);
+        })
+            .catch(function (err) {
+            throw _this.toFirebaseError(err);
+        });
+    };
+    AppCheckApiClient.prototype.getUrl = function (appId) {
+        return this.getProjectId()
+            .then(function (projectId) {
+            var urlParams = {
+                projectId: projectId,
+                appId: appId,
+            };
+            var baseUrl = utils.formatString(FIREBASE_APP_CHECK_V1_API_URL_FORMAT, urlParams);
+            return utils.formatString(baseUrl);
+        });
+    };
+    AppCheckApiClient.prototype.getProjectId = function () {
+        var _this = this;
+        if (this.projectId) {
+            return Promise.resolve(this.projectId);
+        }
+        return utils.findProjectId(this.app)
+            .then(function (projectId) {
+            if (!validator.isNonEmptyString(projectId)) {
+                throw new FirebaseAppCheckError('unknown-error', 'Failed to determine project ID. Initialize the '
+                    + 'SDK with service account credentials or set project ID as an app option. '
+                    + 'Alternatively, set the GOOGLE_CLOUD_PROJECT environment variable.');
+            }
+            _this.projectId = projectId;
+            return projectId;
+        });
+    };
+    AppCheckApiClient.prototype.toFirebaseError = function (err) {
+        if (err instanceof error_1.PrefixedFirebaseError) {
+            return err;
+        }
+        var response = err.response;
+        if (!response.isJson()) {
+            return new FirebaseAppCheckError('unknown-error', "Unexpected response with status: " + response.status + " and body: " + response.text);
+        }
+        var error = response.data.error || {};
+        var code = 'unknown-error';
+        if (error.status && error.status in exports.APP_CHECK_ERROR_CODE_MAPPING) {
+            code = exports.APP_CHECK_ERROR_CODE_MAPPING[error.status];
+        }
+        var message = error.message || "Unknown server error: " + response.text;
+        return new FirebaseAppCheckError(code, message);
+    };
+    /**
+     * Creates an AppCheckToken from the API response.
+     *
+     * @param resp - API response object.
+     * @returns An AppCheckToken instance.
+     */
+    AppCheckApiClient.prototype.toAppCheckToken = function (resp) {
+        var token = resp.data.attestationToken;
+        // `ttl` is a string with the suffix "s" preceded by the number of seconds,
+        // with nanoseconds expressed as fractional seconds.
+        var ttlMillis = this.stringToMilliseconds(resp.data.ttl);
+        return {
+            token: token,
+            ttlMillis: ttlMillis
+        };
+    };
+    /**
+     * Converts a duration string with the suffix `s` to milliseconds.
+     *
+     * @param duration - The duration as a string with the suffix "s" preceded by the
+     * number of seconds, with fractional seconds. For example, 3 seconds with 0 nanoseconds
+     * is expressed as "3s", while 3 seconds and 1 nanosecond is expressed as "3.000000001s",
+     * and 3 seconds and 1 microsecond is expressed as "3.000001s".
+     *
+     * @returns The duration in milliseconds.
+     */
+    AppCheckApiClient.prototype.stringToMilliseconds = function (duration) {
+        if (!validator.isNonEmptyString(duration) || !duration.endsWith('s')) {
+            throw new FirebaseAppCheckError('invalid-argument', '`ttl` must be a valid duration string with the suffix `s`.');
+        }
+        var seconds = duration.slice(0, -1);
+        return Math.floor(Number(seconds) * 1000);
+    };
+    return AppCheckApiClient;
+}());
+exports.AppCheckApiClient = AppCheckApiClient;
+exports.APP_CHECK_ERROR_CODE_MAPPING = {
+    ABORTED: 'aborted',
+    INVALID_ARGUMENT: 'invalid-argument',
+    INVALID_CREDENTIAL: 'invalid-credential',
+    INTERNAL: 'internal-error',
+    PERMISSION_DENIED: 'permission-denied',
+    UNAUTHENTICATED: 'unauthenticated',
+    NOT_FOUND: 'not-found',
+    UNKNOWN: 'unknown-error',
+};
+/**
+ * Firebase App Check error code structure. This extends PrefixedFirebaseError.
+ *
+ * @param code - The error code.
+ * @param message - The error message.
+ * @constructor
+ */
+var FirebaseAppCheckError = /** @class */ (function (_super) {
+    __extends(FirebaseAppCheckError, _super);
+    function FirebaseAppCheckError(code, message) {
+        var _this = _super.call(this, 'app-check', code, message) || this;
+        /* tslint:disable:max-line-length */
+        // Set the prototype explicitly. See the following link for more details:
+        // https://github.com/Microsoft/TypeScript/wiki/Breaking-Changes#extending-built-ins-like-error-array-and-map-may-no-longer-work
+        /* tslint:enable:max-line-length */
+        _this.__proto__ = FirebaseAppCheckError.prototype;
+        return _this;
+    }
+    return FirebaseAppCheckError;
+}(error_1.PrefixedFirebaseError));
+exports.FirebaseAppCheckError = FirebaseAppCheckError;

package/lib/app-check/app-check-api.d.ts

@@ -0,0 +1,95 @@
+/*! firebase-admin v10.0.2 */
+/*!
+ * @license
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * Interface representing an App Check token.
+ */
+export interface AppCheckToken {
+    /**
+     * The Firebase App Check token.
+     */
+    token: string;
+    /**
+     * The time-to-live duration of the token in milliseconds.
+     */
+    ttlMillis: number;
+}
+/**
+ * Interface representing App Check token options.
+ */
+export interface AppCheckTokenOptions {
+    /**
+     * The length of time, in milliseconds, for which the App Check token will
+     * be valid. This value must be between 30 minutes and 7 days, inclusive.
+     */
+    ttlMillis?: number;
+}
+/**
+ * Interface representing a decoded Firebase App Check token, returned from the
+ * {@link AppCheck.verifyToken} method.
+ */
+export interface DecodedAppCheckToken {
+    /**
+     * The issuer identifier for the issuer of the response.
+     * This value is a URL with the format
+     * `https://firebaseappcheck.googleapis.com/<PROJECT_NUMBER>`, where `<PROJECT_NUMBER>` is the
+     * same project number specified in the {@link DecodedAppCheckToken.aud | aud} property.
+     */
+    iss: string;
+    /**
+     * The Firebase App ID corresponding to the app the token belonged to.
+     * As a convenience, this value is copied over to the {@link DecodedAppCheckToken.app_id | app_id} property.
+     */
+    sub: string;
+    /**
+     * The audience for which this token is intended.
+     * This value is a JSON array of two strings, the first is the project number of your
+     * Firebase project, and the second is the project ID of the same project.
+     */
+    aud: string[];
+    /**
+     * The App Check token's expiration time, in seconds since the Unix epoch. That is, the
+     * time at which this App Check token expires and should no longer be considered valid.
+     */
+    exp: number;
+    /**
+     * The App Check token's issued-at time, in seconds since the Unix epoch. That is, the
+     * time at which this App Check token was issued and should start to be considered
+     * valid.
+     */
+    iat: number;
+    /**
+     * The App ID corresponding to the App the App Check token belonged to.
+     * This value is not actually one of the JWT token claims. It is added as a
+     * convenience, and is set as the value of the {@link DecodedAppCheckToken.sub | sub} property.
+     */
+    app_id: string;
+    [key: string]: any;
+}
+/**
+ * Interface representing a verified App Check token response.
+ */
+export interface VerifyAppCheckTokenResponse {
+    /**
+     * The App ID corresponding to the App the App Check token belonged to.
+     */
+    appId: string;
+    /**
+     * The decoded Firebase App Check token.
+     */
+    token: DecodedAppCheckToken;
+}

package/lib/app-check/app-check-api.js

@@ -0,0 +1,19 @@
+/*! firebase-admin v10.0.2 */
+"use strict";
+/*!
+ * @license
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/app-check/app-check-namespace.d.ts

@@ -0,0 +1,65 @@
+/*! firebase-admin v10.0.2 */
+/*!
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import { App } from '../app';
+import { AppCheckToken as TAppCheckToken, AppCheckTokenOptions as TAppCheckTokenOptions, DecodedAppCheckToken as TDecodedAppCheckToken, VerifyAppCheckTokenResponse as TVerifyAppCheckTokenResponse } from './app-check-api';
+import { AppCheck as TAppCheck } from './app-check';
+/**
+ * Gets the {@link firebase-admin.app-check#AppCheck} service for the default app or a given app.
+ *
+ * `admin.appCheck()` can be called with no arguments to access the default
+ * app's `AppCheck` service or as `admin.appCheck(app)` to access the
+ * `AppCheck` service associated with a specific app.
+ *
+ * @example
+ * ```javascript
+ * // Get the `AppCheck` service for the default app
+ * var defaultAppCheck = admin.appCheck();
+ * ```
+ *
+ * @example
+ * ```javascript
+ * // Get the `AppCheck` service for a given app
+ * var otherAppCheck = admin.appCheck(otherApp);
+ * ```
+ *
+ * @param app - Optional app for which to return the `AppCheck` service.
+ *   If not provided, the default `AppCheck` service is returned.
+ *
+ * @returns The default `AppCheck` service if no
+ *   app is provided, or the `AppCheck` service associated with the provided
+ *   app.
+ */
+export declare function appCheck(app?: App): appCheck.AppCheck;
+export declare namespace appCheck {
+    /**
+     * Type alias to {@link firebase-admin.app-check#AppCheck}.
+     */
+    type AppCheck = TAppCheck;
+    /**
+     * Type alias to {@link firebase-admin.app-check#AppCheckToken}.
+     */
+    type AppCheckToken = TAppCheckToken;
+    /**
+     * Type alias to {@link firebase-admin.app-check#DecodedAppCheckToken}.
+     */
+    type DecodedAppCheckToken = TDecodedAppCheckToken;
+    /**
+     * Type alias to {@link firebase-admin.app-check#VerifyAppCheckTokenResponse}.
+     */
+    type VerifyAppCheckTokenResponse = TVerifyAppCheckTokenResponse;
+    type AppCheckTokenOptions = TAppCheckTokenOptions;
+}

package/lib/app-check/app-check-namespace.js

@@ -0,0 +1,18 @@
+/*! firebase-admin v10.0.2 */
+"use strict";
+/*!
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/app-check/app-check.d.ts

@@ -0,0 +1,49 @@
+/*! firebase-admin v10.0.2 */
+/*!
+ * @license
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import { App } from '../app';
+import { AppCheckToken, AppCheckTokenOptions, VerifyAppCheckTokenResponse } from './app-check-api';
+/**
+ * The Firebase `AppCheck` service interface.
+ */
+export declare class AppCheck {
+    readonly app: App;
+    private readonly client;
+    private readonly tokenGenerator;
+    private readonly appCheckTokenVerifier;
+    /**
+     * Creates a new {@link AppCheckToken} that can be sent
+     * back to a client.
+     *
+     * @param appId - The app ID to use as the JWT app_id.
+     * @param options - Optional options object when creating a new App Check Token.
+     *
+     * @returns A promise that fulfills with a `AppCheckToken`.
+     */
+    createToken(appId: string, options?: AppCheckTokenOptions): Promise<AppCheckToken>;
+    /**
+     * Verifies a Firebase App Check token (JWT). If the token is valid, the promise is
+     * fulfilled with the token's decoded claims; otherwise, the promise is
+     * rejected.
+     *
+     * @param appCheckToken - The App Check token to verify.
+     *
+     * @returns A promise fulfilled with the token's decoded claims
+     *   if the App Check token is valid; otherwise, a rejected promise.
+     */
+    verifyToken(appCheckToken: string): Promise<VerifyAppCheckTokenResponse>;
+}

package/lib/app-check/app-check.js

@@ -0,0 +1,82 @@
+/*! firebase-admin v10.0.2 */
+"use strict";
+/*!
+ * @license
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AppCheck = void 0;
+var app_check_api_client_internal_1 = require("./app-check-api-client-internal");
+var token_generator_1 = require("./token-generator");
+var token_verifier_1 = require("./token-verifier");
+var crypto_signer_1 = require("../utils/crypto-signer");
+/**
+ * The Firebase `AppCheck` service interface.
+ */
+var AppCheck = /** @class */ (function () {
+    /**
+     * @param app - The app for this AppCheck service.
+     * @constructor
+     * @internal
+     */
+    function AppCheck(app) {
+        this.app = app;
+        this.client = new app_check_api_client_internal_1.AppCheckApiClient(app);
+        try {
+            this.tokenGenerator = new token_generator_1.AppCheckTokenGenerator(crypto_signer_1.cryptoSignerFromApp(app));
+        }
+        catch (err) {
+            throw token_generator_1.appCheckErrorFromCryptoSignerError(err);
+        }
+        this.appCheckTokenVerifier = new token_verifier_1.AppCheckTokenVerifier(app);
+    }
+    /**
+     * Creates a new {@link AppCheckToken} that can be sent
+     * back to a client.
+     *
+     * @param appId - The app ID to use as the JWT app_id.
+     * @param options - Optional options object when creating a new App Check Token.
+     *
+     * @returns A promise that fulfills with a `AppCheckToken`.
+     */
+    AppCheck.prototype.createToken = function (appId, options) {
+        var _this = this;
+        return this.tokenGenerator.createCustomToken(appId, options)
+            .then(function (customToken) {
+            return _this.client.exchangeToken(customToken, appId);
+        });
+    };
+    /**
+     * Verifies a Firebase App Check token (JWT). If the token is valid, the promise is
+     * fulfilled with the token's decoded claims; otherwise, the promise is
+     * rejected.
+     *
+     * @param appCheckToken - The App Check token to verify.
+     *
+     * @returns A promise fulfilled with the token's decoded claims
+     *   if the App Check token is valid; otherwise, a rejected promise.
+     */
+    AppCheck.prototype.verifyToken = function (appCheckToken) {
+        return this.appCheckTokenVerifier.verifyToken(appCheckToken)
+            .then(function (decodedToken) {
+            return {
+                appId: decodedToken.app_id,
+                token: decodedToken,
+            };
+        });
+    };
+    return AppCheck;
+}());
+exports.AppCheck = AppCheck;

package/lib/app-check/index.d.ts

@@ -0,0 +1,53 @@
+/*! firebase-admin v10.0.2 */
+/*!
+ * @license
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * Firebase App Check.
+ *
+ * @packageDocumentation
+ */
+import { App } from '../app';
+import { AppCheck } from './app-check';
+export { AppCheckToken, AppCheckTokenOptions, DecodedAppCheckToken, VerifyAppCheckTokenResponse, } from './app-check-api';
+export { AppCheck } from './app-check';
+/**
+ * Gets the {@link AppCheck} service for the default app or a given app.
+ *
+ * `getAppCheck()` can be called with no arguments to access the default
+ * app's `AppCheck` service or as `getAppCheck(app)` to access the
+ * `AppCheck` service associated with a specific app.
+ *
+ * @example
+ * ```javascript
+ * // Get the `AppCheck` service for the default app
+ * const defaultAppCheck = getAppCheck();
+ * ```
+ *
+ * @example
+ * ```javascript
+ * // Get the `AppCheck` service for a given app
+ * const otherAppCheck = getAppCheck(otherApp);
+ * ```
+ *
+ * @param app - Optional app for which to return the `AppCheck` service.
+ *   If not provided, the default `AppCheck` service is returned.
+ *
+ * @returns The default `AppCheck` service if no
+ *   app is provided, or the `AppCheck` service associated with the provided
+ *   app.
+ */
+export declare function getAppCheck(app?: App): AppCheck;

package/lib/app-check/index.js

@@ -0,0 +1,63 @@
+/*! firebase-admin v10.0.2 */
+"use strict";
+/*!
+ * @license
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getAppCheck = void 0;
+/**
+ * Firebase App Check.
+ *
+ * @packageDocumentation
+ */
+var app_1 = require("../app");
+var app_check_1 = require("./app-check");
+var app_check_2 = require("./app-check");
+Object.defineProperty(exports, "AppCheck", { enumerable: true, get: function () { return app_check_2.AppCheck; } });
+/**
+ * Gets the {@link AppCheck} service for the default app or a given app.
+ *
+ * `getAppCheck()` can be called with no arguments to access the default
+ * app's `AppCheck` service or as `getAppCheck(app)` to access the
+ * `AppCheck` service associated with a specific app.
+ *
+ * @example
+ * ```javascript
+ * // Get the `AppCheck` service for the default app
+ * const defaultAppCheck = getAppCheck();
+ * ```
+ *
+ * @example
+ * ```javascript
+ * // Get the `AppCheck` service for a given app
+ * const otherAppCheck = getAppCheck(otherApp);
+ * ```
+ *
+ * @param app - Optional app for which to return the `AppCheck` service.
+ *   If not provided, the default `AppCheck` service is returned.
+ *
+ * @returns The default `AppCheck` service if no
+ *   app is provided, or the `AppCheck` service associated with the provided
+ *   app.
+ */
+function getAppCheck(app) {
+    if (typeof app === 'undefined') {
+        app = app_1.getApp();
+    }
+    var firebaseApp = app;
+    return firebaseApp.getOrInitService('appCheck', function (app) { return new app_check_1.AppCheck(app); });
+}
+exports.getAppCheck = getAppCheck;

package/lib/app-check/token-generator.d.ts

@@ -0,0 +1,25 @@
+/*! firebase-admin v10.0.2 */
+/*!
+ * @license
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * Creates a new `FirebaseAppCheckError` by extracting the error code, message and other relevant
+ * details from a `CryptoSignerError`.
+ *
+ * @param err - The Error to convert into a `FirebaseAppCheckError` error
+ * @returns A Firebase App Check error that can be returned to the user.
+ */
+export declare function appCheckErrorFromCryptoSignerError(err: Error): Error;