firebase-admin 9.100.0-alpha.0 → 10.0.2

package/lib/auth/auth-config.d.ts

@@ -1,4 +1,4 @@
-/*! firebase-admin v9.100.0-alpha.0 */
+/*! firebase-admin v10.0.2 */
 /*!
  * Copyright 2018 Google Inc.
  *
@@ -15,10 +15,10 @@
  * limitations under the License.
  */
 /**
- * Interface representing base properties of a user enrolled second factor for a
+ * Interface representing base properties of a user-enrolled second factor for a
  * `CreateRequest`.
  */
-export interface CreateMultiFactorInfoRequest {
+export interface BaseCreateMultiFactorInfoRequest {
     /**
      * The optional display name for an enrolled second factor.
      */
@@ -29,20 +29,25 @@ export interface CreateMultiFactorInfoRequest {
     factorId: string;
 }
 /**
- * Interface representing a phone specific user enrolled second factor for a
+ * Interface representing a phone specific user-enrolled second factor for a
  * `CreateRequest`.
  */
-export interface CreatePhoneMultiFactorInfoRequest extends CreateMultiFactorInfoRequest {
+export interface CreatePhoneMultiFactorInfoRequest extends BaseCreateMultiFactorInfoRequest {
     /**
      * The phone number associated with a phone second factor.
      */
     phoneNumber: string;
 }
 /**
- * Interface representing common properties of a user enrolled second factor
+ * Type representing the properties of a user-enrolled second factor
+ * for a `CreateRequest`.
+ */
+export declare type CreateMultiFactorInfoRequest = CreatePhoneMultiFactorInfoRequest;
+/**
+ * Interface representing common properties of a user-enrolled second factor
  * for an `UpdateRequest`.
  */
-export interface UpdateMultiFactorInfoRequest {
+export interface BaseUpdateMultiFactorInfoRequest {
     /**
      * The ID of the enrolled second factor. This ID is unique to the user. When not provided,
      * a new one is provisioned by the Auth server.
@@ -62,15 +67,20 @@ export interface UpdateMultiFactorInfoRequest {
     factorId: string;
 }
 /**
- * Interface representing a phone specific user enrolled second factor
+ * Interface representing a phone specific user-enrolled second factor
  * for an `UpdateRequest`.
  */
-export interface UpdatePhoneMultiFactorInfoRequest extends UpdateMultiFactorInfoRequest {
+export interface UpdatePhoneMultiFactorInfoRequest extends BaseUpdateMultiFactorInfoRequest {
     /**
      * The phone number associated with a phone second factor.
      */
     phoneNumber: string;
 }
+/**
+ * Type representing the properties of a user-enrolled second factor
+ * for an `UpdateRequest`.
+ */
+export declare type UpdateMultiFactorInfoRequest = UpdatePhoneMultiFactorInfoRequest;
 /**
  * The multi-factor related user settings for create operations.
  */
@@ -128,6 +138,53 @@ export interface UpdateRequest {
      * The user's updated multi-factor related properties.
      */
     multiFactor?: MultiFactorUpdateSettings;
+    /**
+     * Links this user to the specified provider.
+     *
+     * Linking a provider to an existing user account does not invalidate the
+     * refresh token of that account. In other words, the existing account
+     * would continue to be able to access resources, despite not having used
+     * the newly linked provider to log in. If you wish to force the user to
+     * authenticate with this new provider, you need to (a) revoke their
+     * refresh token (see
+     * https://firebase.google.com/docs/auth/admin/manage-sessions#revoke_refresh_tokens),
+     * and (b) ensure no other authentication methods are present on this
+     * account.
+     */
+    providerToLink?: UserProvider;
+    /**
+     * Unlinks this user from the specified providers.
+     */
+    providersToUnlink?: string[];
+}
+/**
+ * Represents a user identity provider that can be associated with a Firebase user.
+ */
+export interface UserProvider {
+    /**
+     * The user identifier for the linked provider.
+     */
+    uid?: string;
+    /**
+     * The display name for the linked provider.
+     */
+    displayName?: string;
+    /**
+     * The email for the linked provider.
+     */
+    email?: string;
+    /**
+     * The phone number for the linked provider.
+     */
+    phoneNumber?: string;
+    /**
+     * The photo URL for the linked provider.
+     */
+    photoURL?: string;
+    /**
+     * The linked provider ID (for example, "google.com" for the Google provider).
+     */
+    providerId?: string;
 }
 /**
  * Interface representing the properties to set on a new user record to be
@@ -146,7 +203,7 @@ export interface CreateRequest extends UpdateRequest {
 /**
  * The response interface for listing provider configs. This is only available
  * when listing all identity providers' configurations via
- * {@link auth.Auth.listProviderConfigs `listProviderConfigs()`}.
+ * {@link BaseAuth.listProviderConfigs}.
  */
 export interface ListProviderConfigResults {
     /**
@@ -161,7 +218,7 @@ export interface ListProviderConfigResults {
 /**
  * The filter interface used for listing provider configurations. This is used
  * when specifying how to list configured identity providers via
- * {@link auth.Auth.listProviderConfigs `listProviderConfigs()`}.
+ * {@link BaseAuth.listProviderConfigs}.
  */
 export interface AuthProviderConfigFilter {
     /**
@@ -184,7 +241,7 @@ export interface AuthProviderConfigFilter {
 /**
  * The request interface for updating a SAML Auth provider. This is used
  * when updating a SAML provider's configuration via
- * {@link auth.Auth.updateProviderConfig `updateProviderConfig()`}.
+ * {@link BaseAuth.updateProviderConfig}.
  */
 export interface SAMLUpdateAuthProviderRequest {
     /**
@@ -226,7 +283,7 @@ export interface SAMLUpdateAuthProviderRequest {
 /**
  * The request interface for updating an OIDC Auth provider. This is used
  * when updating an OIDC provider's configuration via
- * {@link auth.Auth.updateProviderConfig `updateProviderConfig()`}.
+ * {@link BaseAuth.updateProviderConfig}.
  */
 export interface OIDCUpdateAuthProviderRequest {
     /**
@@ -249,6 +306,15 @@ export interface OIDCUpdateAuthProviderRequest {
      * configuration's value is not modified.
      */
     issuer?: string;
+    /**
+     * The OIDC provider's client secret to enable OIDC code flow.
+     * If not provided, the existing configuration's value is not modified.
+     */
+    clientSecret?: string;
+    /**
+     * The OIDC provider's response object for OAuth authorization flow.
+     */
+    responseType?: OAuthResponseType;
 }
 export declare type UpdateAuthProviderRequest = SAMLUpdateAuthProviderRequest | OIDCUpdateAuthProviderRequest;
 /** A maximum of 10 test phone number / code pairs can be configured. */
@@ -295,6 +361,8 @@ export interface OIDCConfigServerRequest {
     issuer?: string;
     displayName?: string;
     enabled?: boolean;
+    clientSecret?: string;
+    responseType?: OAuthResponseType;
     [key: string]: any;
 }
 /** The server side OIDC configuration response interface. */
@@ -304,6 +372,8 @@ export interface OIDCConfigServerResponse {
     issuer?: string;
     displayName?: string;
     enabled?: boolean;
+    clientSecret?: string;
+    responseType?: OAuthResponseType;
 }
 /** The server side email configuration request interface. */
 export interface EmailSignInConfigServerRequest {
@@ -351,15 +421,15 @@ export declare class MultiFactorAuthConfig implements MultiFactorConfig {
     /**
      * Validates the MultiFactorConfig options object. Throws an error on failure.
      *
-     * @param options The options object to validate.
+     * @param options - The options object to validate.
      */
     private static validate;
-    /** @return The plain object representation of the multi-factor config instance. */
+    /** @returns The plain object representation of the multi-factor config instance. */
     toJSON(): object;
 }
 /**
  * Validates the provided map of test phone number / code pairs.
- * @param testPhoneNumbers The phone number / code pairs to validate.
+ * @param testPhoneNumbers - The phone number / code pairs to validate.
  */
 export declare function validateTestPhoneNumbers(testPhoneNumbers: {
     [phoneNumber: string]: string;
@@ -381,7 +451,7 @@ export interface EmailSignInProviderConfig {
 /**
  * The base Auth provider configuration interface.
  */
-export interface AuthProviderConfig {
+export interface BaseAuthProviderConfig {
     /**
      * The provider ID defined by the developer.
      * For a SAML provider, this is always prefixed by `saml.`.
@@ -403,9 +473,9 @@ export interface AuthProviderConfig {
  * The
  * [SAML](http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0.html)
  * Auth provider configuration interface. A SAML provider can be created via
- * {@link auth.Auth.createProviderConfig `createProviderConfig()`}.
+ * {@link BaseAuth.createProviderConfig}.
  */
-export interface SAMLAuthProviderConfig extends AuthProviderConfig {
+export interface SAMLAuthProviderConfig extends BaseAuthProviderConfig {
     /**
      * The SAML IdP entity identifier.
      */
@@ -439,12 +509,31 @@ export interface SAMLAuthProviderConfig extends AuthProviderConfig {
      */
     callbackURL?: string;
 }
+/**
+ * The interface representing OIDC provider's response object for OAuth
+ * authorization flow.
+ * One of the following settings is required:
+ * <ul>
+ * <li>Set <code>code</code> to <code>true</code> for the code flow.</li>
+ * <li>Set <code>idToken</code> to <code>true</code> for the ID token flow.</li>
+ * </ul>
+ */
+export interface OAuthResponseType {
+    /**
+     * Whether ID token is returned from IdP's authorization endpoint.
+     */
+    idToken?: boolean;
+    /**
+     * Whether authorization code is returned from IdP's authorization endpoint.
+     */
+    code?: boolean;
+}
 /**
  * The [OIDC](https://openid.net/specs/openid-connect-core-1_0-final.html) Auth
  * provider configuration interface. An OIDC provider can be created via
- * {@link auth.Auth.createProviderConfig `createProviderConfig()`}.
+ * {@link BaseAuth.createProviderConfig}.
  */
-export interface OIDCAuthProviderConfig extends AuthProviderConfig {
+export interface OIDCAuthProviderConfig extends BaseAuthProviderConfig {
     /**
      * This is the required client ID used to confirm the audience of an OIDC
      * provider's
@@ -469,5 +558,18 @@ export interface OIDCAuthProviderConfig extends AuthProviderConfig {
      * [spec](https://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation).
      */
     issuer: string;
+    /**
+     * The OIDC provider's client secret to enable OIDC code flow.
+     */
+    clientSecret?: string;
+    /**
+     * The OIDC provider's response object for OAuth authorization flow.
+     */
+    responseType?: OAuthResponseType;
 }
+/**
+ * The Auth provider configuration type.
+ * {@link BaseAuth.createProviderConfig}.
+ */
+export declare type AuthProviderConfig = SAMLAuthProviderConfig | OIDCAuthProviderConfig;
 export {};

package/lib/auth/auth-config.js

@@ -1,4 +1,4 @@
-/*! firebase-admin v9.100.0-alpha.0 */
+/*! firebase-admin v10.0.2 */
 "use strict";
 /*!
  * Copyright 2018 Google Inc.
@@ -40,7 +40,7 @@ var MultiFactorAuthConfig = /** @class */ (function () {
     /**
      * The MultiFactorAuthConfig constructor.
      *
-     * @param response The server side response used to initialize the
+     * @param response - The server side response used to initialize the
      *     MultiFactorAuthConfig object.
      * @constructor
      * @internal
@@ -64,8 +64,8 @@ var MultiFactorAuthConfig = /** @class */ (function () {
      * Static method to convert a client side request to a MultiFactorAuthServerConfig.
      * Throws an error if validation fails.
      *
-     * @param options The options object to convert to a server request.
-     * @return The resulting server request.
+     * @param options - The options object to convert to a server request.
+     * @returns The resulting server request.
      * @internal
      */
     MultiFactorAuthConfig.buildServerRequest = function (options) {
@@ -91,7 +91,7 @@ var MultiFactorAuthConfig = /** @class */ (function () {
     /**
      * Validates the MultiFactorConfig options object. Throws an error on failure.
      *
-     * @param options The options object to validate.
+     * @param options - The options object to validate.
      */
     MultiFactorAuthConfig.validate = function (options) {
         var validKeys = {
@@ -125,7 +125,7 @@ var MultiFactorAuthConfig = /** @class */ (function () {
             });
         }
     };
-    /** @return The plain object representation of the multi-factor config instance. */
+    /** @returns The plain object representation of the multi-factor config instance. */
     MultiFactorAuthConfig.prototype.toJSON = function () {
         return {
             state: this.state,
@@ -137,7 +137,7 @@ var MultiFactorAuthConfig = /** @class */ (function () {
 exports.MultiFactorAuthConfig = MultiFactorAuthConfig;
 /**
  * Validates the provided map of test phone number / code pairs.
- * @param testPhoneNumbers The phone number / code pairs to validate.
+ * @param testPhoneNumbers - The phone number / code pairs to validate.
  */
 function validateTestPhoneNumbers(testPhoneNumbers) {
     if (!validator.isObject(testPhoneNumbers)) {
@@ -169,7 +169,7 @@ var EmailSignInConfig = /** @class */ (function () {
     /**
      * The EmailSignInConfig constructor.
      *
-     * @param {any} response The server side response used to initialize the
+     * @param response - The server side response used to initialize the
      *     EmailSignInConfig object.
      * @constructor
      */
@@ -184,8 +184,8 @@ var EmailSignInConfig = /** @class */ (function () {
      * Static method to convert a client side request to a EmailSignInConfigServerRequest.
      * Throws an error if validation fails.
      *
-     * @param {any} options The options object to convert to a server request.
-     * @return {EmailSignInConfigServerRequest} The resulting server request.
+     * @param options - The options object to convert to a server request.
+     * @returns The resulting server request.
      * @internal
      */
     EmailSignInConfig.buildServerRequest = function (options) {
@@ -202,7 +202,7 @@ var EmailSignInConfig = /** @class */ (function () {
     /**
      * Validates the EmailSignInConfig options object. Throws an error on failure.
      *
-     * @param {any} options The options object to validate.
+     * @param options - The options object to validate.
      */
     EmailSignInConfig.validate = function (options) {
         // TODO: Validate the request.
@@ -229,7 +229,7 @@ var EmailSignInConfig = /** @class */ (function () {
             throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"EmailSignInConfig.passwordRequired" must be a boolean.');
         }
     };
-    /** @return {object} The plain object representation of the email sign-in config. */
+    /** @returns The plain object representation of the email sign-in config. */
     EmailSignInConfig.prototype.toJSON = function () {
         return {
             enabled: this.enabled,
@@ -249,7 +249,7 @@ var SAMLConfig = /** @class */ (function () {
     /**
      * The SAMLConfig constructor.
      *
-     * @param response The server side response used to initialize the SAMLConfig object.
+     * @param response - The server side response used to initialize the SAMLConfig object.
      * @constructor
      */
     function SAMLConfig(response) {
@@ -294,9 +294,9 @@ var SAMLConfig = /** @class */ (function () {
      * Throws an error if validation fails. If the request is not a SAMLConfig request,
      * returns null.
      *
-     * @param {SAMLAuthProviderRequest} options The options object to convert to a server request.
-     * @param {boolean=} ignoreMissingFields Whether to ignore missing fields.
-     * @return {?SAMLConfigServerRequest} The resulting server request or null if not valid.
+     * @param options - The options object to convert to a server request.
+     * @param ignoreMissingFields - Whether to ignore missing fields.
+     * @returns The resulting server request or null if not valid.
      */
     SAMLConfig.buildServerRequest = function (options, ignoreMissingFields) {
         if (ignoreMissingFields === void 0) { ignoreMissingFields = false; }
@@ -337,8 +337,8 @@ var SAMLConfig = /** @class */ (function () {
     /**
      * Returns the provider ID corresponding to the resource name if available.
      *
-     * @param {string} resourceName The server side resource name.
-     * @return {?string} The provider ID corresponding to the resource, null otherwise.
+     * @param resourceName - The server side resource name.
+     * @returns The provider ID corresponding to the resource, null otherwise.
      */
     SAMLConfig.getProviderIdFromResourceName = function (resourceName) {
         // name is of form projects/project1/inboundSamlConfigs/providerId1
@@ -349,8 +349,8 @@ var SAMLConfig = /** @class */ (function () {
         return matchProviderRes[1];
     };
     /**
-     * @param {any} providerId The provider ID to check.
-     * @return {boolean} Whether the provider ID corresponds to a SAML provider.
+     * @param providerId - The provider ID to check.
+     * @returns Whether the provider ID corresponds to a SAML provider.
      */
     SAMLConfig.isProviderId = function (providerId) {
         return validator.isNonEmptyString(providerId) && providerId.indexOf('saml.') === 0;
@@ -358,8 +358,8 @@ var SAMLConfig = /** @class */ (function () {
     /**
      * Validates the SAMLConfig options object. Throws an error on failure.
      *
-     * @param {SAMLAuthProviderRequest} options The options object to validate.
-     * @param {boolean=} ignoreMissingFields Whether to ignore missing fields.
+     * @param options - The options object to validate.
+     * @param ignoreMissingFields - Whether to ignore missing fields.
      */
     SAMLConfig.validate = function (options, ignoreMissingFields) {
         if (ignoreMissingFields === void 0) { ignoreMissingFields = false; }
@@ -432,7 +432,7 @@ var SAMLConfig = /** @class */ (function () {
             throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CONFIG, '"SAMLAuthProviderConfig.displayName" must be a valid string.');
         }
     };
-    /** @return The plain object representation of the SAMLConfig. */
+    /** @returns The plain object representation of the SAMLConfig. */
     SAMLConfig.prototype.toJSON = function () {
         return {
             enabled: this.enabled,
@@ -459,7 +459,7 @@ var OIDCConfig = /** @class */ (function () {
     /**
      * The OIDCConfig constructor.
      *
-     * @param response The server side response used to initialize the OIDCConfig object.
+     * @param response - The server side response used to initialize the OIDCConfig object.
      * @constructor
      */
     function OIDCConfig(response) {
@@ -481,6 +481,12 @@ var OIDCConfig = /** @class */ (function () {
         // When enabled is undefined, it takes its default value of false.
         this.enabled = !!response.enabled;
         this.displayName = response.displayName;
+        if (typeof response.clientSecret !== 'undefined') {
+            this.clientSecret = response.clientSecret;
+        }
+        if (typeof response.responseType !== 'undefined') {
+            this.responseType = response.responseType;
+        }
     }
     /**
      * Converts a client side request to a OIDCConfigServerRequest which is the format
@@ -488,9 +494,9 @@ var OIDCConfig = /** @class */ (function () {
      * Throws an error if validation fails. If the request is not a OIDCConfig request,
      * returns null.
      *
-     * @param options The options object to convert to a server request.
-     * @param ignoreMissingFields Whether to ignore missing fields.
-     * @return The resulting server request or null if not valid.
+     * @param options - The options object to convert to a server request.
+     * @param ignoreMissingFields - Whether to ignore missing fields.
+     * @returns The resulting server request or null if not valid.
      */
     OIDCConfig.buildServerRequest = function (options, ignoreMissingFields) {
         if (ignoreMissingFields === void 0) { ignoreMissingFields = false; }
@@ -506,13 +512,19 @@ var OIDCConfig = /** @class */ (function () {
         request.displayName = options.displayName;
         request.issuer = options.issuer;
         request.clientId = options.clientId;
+        if (typeof options.clientSecret !== 'undefined') {
+            request.clientSecret = options.clientSecret;
+        }
+        if (typeof options.responseType !== 'undefined') {
+            request.responseType = options.responseType;
+        }
         return request;
     };
     /**
      * Returns the provider ID corresponding to the resource name if available.
      *
-     * @param {string} resourceName The server side resource name
-     * @return {?string} The provider ID corresponding to the resource, null otherwise.
+     * @param resourceName - The server side resource name
+     * @returns The provider ID corresponding to the resource, null otherwise.
      */
     OIDCConfig.getProviderIdFromResourceName = function (resourceName) {
         // name is of form projects/project1/oauthIdpConfigs/providerId1
@@ -523,8 +535,8 @@ var OIDCConfig = /** @class */ (function () {
         return matchProviderRes[1];
     };
     /**
-     * @param {any} providerId The provider ID to check.
-     * @return {boolean} Whether the provider ID corresponds to an OIDC provider.
+     * @param providerId - The provider ID to check.
+     * @returns Whether the provider ID corresponds to an OIDC provider.
      */
     OIDCConfig.isProviderId = function (providerId) {
         return validator.isNonEmptyString(providerId) && providerId.indexOf('oidc.') === 0;
@@ -532,8 +544,8 @@ var OIDCConfig = /** @class */ (function () {
     /**
      * Validates the OIDCConfig options object. Throws an error on failure.
      *
-     * @param options The options object to validate.
-     * @param ignoreMissingFields Whether to ignore missing fields.
+     * @param options - The options object to validate.
+     * @param ignoreMissingFields - Whether to ignore missing fields.
      */
     OIDCConfig.validate = function (options, ignoreMissingFields) {
         if (ignoreMissingFields === void 0) { ignoreMissingFields = false; }
@@ -543,6 +555,12 @@ var OIDCConfig = /** @class */ (function () {
             providerId: true,
             clientId: true,
             issuer: true,
+            clientSecret: true,
+            responseType: true,
+        };
+        var validResponseTypes = {
+            idToken: true,
+            code: true,
         };
         if (!validator.isNonNullObject(options)) {
             throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CONFIG, '"OIDCAuthProviderConfig" must be a valid non-null object.');
@@ -578,8 +596,39 @@ var OIDCConfig = /** @class */ (function () {
             !validator.isString(options.displayName)) {
             throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CONFIG, '"OIDCAuthProviderConfig.displayName" must be a valid string.');
         }
+        if (typeof options.clientSecret !== 'undefined' &&
+            !validator.isNonEmptyString(options.clientSecret)) {
+            throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CONFIG, '"OIDCAuthProviderConfig.clientSecret" must be a valid string.');
+        }
+        if (validator.isNonNullObject(options.responseType) && typeof options.responseType !== 'undefined') {
+            Object.keys(options.responseType).forEach(function (key) {
+                if (!(key in validResponseTypes)) {
+                    throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CONFIG, "\"" + key + "\" is not a valid OAuthResponseType parameter.");
+                }
+            });
+            var idToken = options.responseType.idToken;
+            if (typeof idToken !== 'undefined' && !validator.isBoolean(idToken)) {
+                throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"OIDCAuthProviderConfig.responseType.idToken" must be a boolean.');
+            }
+            var code = options.responseType.code;
+            if (typeof code !== 'undefined') {
+                if (!validator.isBoolean(code)) {
+                    throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"OIDCAuthProviderConfig.responseType.code" must be a boolean.');
+                }
+                // If code flow is enabled, client secret must be provided.
+                if (code && typeof options.clientSecret === 'undefined') {
+                    throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.MISSING_OAUTH_CLIENT_SECRET, 'The OAuth configuration client secret is required to enable OIDC code flow.');
+                }
+            }
+            var allKeys = Object.keys(options.responseType).length;
+            var enabledCount = Object.values(options.responseType).filter(Boolean).length;
+            // Only one of OAuth response types can be set to true.
+            if (allKeys > 1 && enabledCount != 1) {
+                throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_OAUTH_RESPONSETYPE, 'Only exactly one OAuth responseType should be set to true.');
+            }
+        }
     };
-    /** @return {OIDCAuthProviderConfig} The plain object representation of the OIDCConfig. */
+    /** @returns The plain object representation of the OIDCConfig. */
     OIDCConfig.prototype.toJSON = function () {
         return {
             enabled: this.enabled,
@@ -587,6 +636,8 @@ var OIDCConfig = /** @class */ (function () {
             providerId: this.providerId,
             issuer: this.issuer,
             clientId: this.clientId,
+            clientSecret: deep_copy_1.deepCopy(this.clientSecret),
+            responseType: deep_copy_1.deepCopy(this.responseType),
         };
     };
     return OIDCConfig;