firebase-admin 9.12.0

package/lib/app-check/index.d.ts

@@ -0,0 +1,160 @@
+/*! firebase-admin v9.12.0 */
+/*!
+ * @license
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import { app } from '../firebase-namespace-api';
+/**
+ * Gets the {@link appCheck.AppCheck `AppCheck`} service for the
+ * default app or a given app.
+ *
+ * You can call `admin.appCheck()` with no arguments to access the default
+ * app's {@link appCheck.AppCheck `AppCheck`} service or as
+ * `admin.appCheck(app)` to access the
+ * {@link appCheck.AppCheck `AppCheck`} service associated with a
+ * specific app.
+ *
+ * @example
+ * ```javascript
+ * // Get the `AppCheck` service for the default app
+ * var defaultAppCheck = admin.appCheck();
+ * ```
+ *
+ * @example
+ * ```javascript
+ * // Get the `AppCheck` service for a given app
+ * var otherAppCheck = admin.appCheck(otherApp);
+ * ```
+ *
+ * @param app Optional app for which to return the `AppCheck` service.
+ *   If not provided, the default `AppCheck` service is returned.
+ *
+ * @return The default `AppCheck` service if no
+ *   app is provided, or the `AppCheck` service associated with the provided
+ *   app.
+ */
+export declare function appCheck(app?: app.App): appCheck.AppCheck;
+export declare namespace appCheck {
+    /**
+     * The Firebase `AppCheck` service interface.
+     */
+    interface AppCheck {
+        app: app.App;
+        /**
+         * Creates a new {@link appCheck.AppCheckToken `AppCheckToken`} that can be sent
+         * back to a client.
+         *
+         * @param appId The App ID of the Firebase App the token belongs to.
+         * @param options Optional options object when creating a new App Check Token.
+         *
+         * @returns A promise that fulfills with a `AppCheckToken`.
+         */
+        createToken(appId: string, options?: AppCheckTokenOptions): Promise<AppCheckToken>;
+        /**
+         * Verifies a Firebase App Check token (JWT). If the token is valid, the promise is
+         * fulfilled with the token's decoded claims; otherwise, the promise is
+         * rejected.
+         *
+         * @param appCheckToken The App Check token to verify.
+         *
+         * @return A promise fulfilled with the
+         *   token's decoded claims if the App Check token is valid; otherwise, a rejected
+         *   promise.
+         */
+        verifyToken(appCheckToken: string): Promise<VerifyAppCheckTokenResponse>;
+    }
+    /**
+     * Interface representing an App Check token.
+     */
+    interface AppCheckToken {
+        /**
+         * The Firebase App Check token.
+         */
+        token: string;
+        /**
+         * The time-to-live duration of the token in milliseconds.
+         */
+        ttlMillis: number;
+    }
+    /**
+     * Interface representing App Check token options.
+     */
+    interface AppCheckTokenOptions {
+        /**
+         * The length of time, in milliseconds, for which the App Check token will
+         * be valid. This value must be between 30 minutes and 7 days, inclusive.
+         */
+        ttlMillis?: number;
+    }
+    /**
+     * Interface representing a decoded Firebase App Check token, returned from the
+     * {@link appCheck.AppCheck.verifyToken `verifyToken()`} method.
+     */
+    interface DecodedAppCheckToken {
+        /**
+         * The issuer identifier for the issuer of the response.
+         *
+         * This value is a URL with the format
+         * `https://firebaseappcheck.googleapis.com/<PROJECT_NUMBER>`, where `<PROJECT_NUMBER>` is the
+         * same project number specified in the [`aud`](#aud) property.
+         */
+        iss: string;
+        /**
+         * The Firebase App ID corresponding to the app the token belonged to.
+         *
+         * As a convenience, this value is copied over to the [`app_id`](#app_id) property.
+         */
+        sub: string;
+        /**
+         * The audience for which this token is intended.
+         *
+         * This value is a JSON array of two strings, the first is the project number of your
+         * Firebase project, and the second is the project ID of the same project.
+         */
+        aud: string[];
+        /**
+         * The App Check token's expiration time, in seconds since the Unix epoch. That is, the
+         * time at which this App Check token expires and should no longer be considered valid.
+         */
+        exp: number;
+        /**
+         * The App Check token's issued-at time, in seconds since the Unix epoch. That is, the
+         * time at which this App Check token was issued and should start to be considered
+         * valid.
+         */
+        iat: number;
+        /**
+         * The App ID corresponding to the App the App Check token belonged to.
+         *
+         * This value is not actually one of the JWT token claims. It is added as a
+         * convenience, and is set as the value of the [`sub`](#sub) property.
+         */
+        app_id: string;
+        [key: string]: any;
+    }
+    /**
+     * Interface representing a verified App Check token response.
+     */
+    interface VerifyAppCheckTokenResponse {
+        /**
+         * The App ID corresponding to the App the App Check token belonged to.
+         */
+        appId: string;
+        /**
+         * The decoded Firebase App Check token.
+         */
+        token: appCheck.DecodedAppCheckToken;
+    }
+}

package/lib/app-check/index.js

@@ -0,0 +1,19 @@
+/*! firebase-admin v9.12.0 */
+"use strict";
+/*!
+ * @license
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/app-check/token-generator.js

@@ -0,0 +1,161 @@
+/*! firebase-admin v9.12.0 */
+"use strict";
+/*!
+ * @license
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+var __assign = (this && this.__assign) || function () {
+    __assign = Object.assign || function(t) {
+        for (var s, i = 1, n = arguments.length; i < n; i++) {
+            s = arguments[i];
+            for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))
+                t[p] = s[p];
+        }
+        return t;
+    };
+    return __assign.apply(this, arguments);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.appCheckErrorFromCryptoSignerError = exports.AppCheckTokenGenerator = void 0;
+var validator = require("../utils/validator");
+var utils_1 = require("../utils");
+var crypto_signer_1 = require("../utils/crypto-signer");
+var app_check_api_client_internal_1 = require("./app-check-api-client-internal");
+var ONE_MINUTE_IN_SECONDS = 60;
+var ONE_MINUTE_IN_MILLIS = ONE_MINUTE_IN_SECONDS * 1000;
+var ONE_DAY_IN_MILLIS = 24 * 60 * 60 * 1000;
+// Audience to use for Firebase App Check Custom tokens
+var FIREBASE_APP_CHECK_AUDIENCE = 'https://firebaseappcheck.googleapis.com/google.firebase.appcheck.v1beta.TokenExchangeService';
+/**
+ * Class for generating Firebase App Check tokens.
+ *
+ * @internal
+ */
+var AppCheckTokenGenerator = /** @class */ (function () {
+    /**
+     * The AppCheckTokenGenerator class constructor.
+     *
+     * @param signer The CryptoSigner instance for this token generator.
+     * @constructor
+     */
+    function AppCheckTokenGenerator(signer) {
+        if (!validator.isNonNullObject(signer)) {
+            throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', 'INTERNAL ASSERT: Must provide a CryptoSigner to use AppCheckTokenGenerator.');
+        }
+        this.signer = signer;
+    }
+    /**
+     * Creates a new custom token that can be exchanged to an App Check token.
+     *
+     * @param appId The Application ID to use for the generated token.
+     *
+     * @return A Promise fulfilled with a custom token signed with a service account key
+     * that can be exchanged to an App Check token.
+     */
+    AppCheckTokenGenerator.prototype.createCustomToken = function (appId, options) {
+        var _this = this;
+        if (!validator.isNonEmptyString(appId)) {
+            throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', '`appId` must be a non-empty string.');
+        }
+        var customOptions = {};
+        if (typeof options !== 'undefined') {
+            customOptions = this.validateTokenOptions(options);
+        }
+        return this.signer.getAccountId().then(function (account) {
+            var header = {
+                alg: _this.signer.algorithm,
+                typ: 'JWT',
+            };
+            var iat = Math.floor(Date.now() / 1000);
+            var body = __assign({ iss: account, sub: account, 
+                // eslint-disable-next-line @typescript-eslint/camelcase
+                app_id: appId, aud: FIREBASE_APP_CHECK_AUDIENCE, exp: iat + (ONE_MINUTE_IN_SECONDS * 5), iat: iat }, customOptions);
+            var token = _this.encodeSegment(header) + "." + _this.encodeSegment(body);
+            return _this.signer.sign(Buffer.from(token))
+                .then(function (signature) {
+                return token + "." + _this.encodeSegment(signature);
+            });
+        }).catch(function (err) {
+            throw appCheckErrorFromCryptoSignerError(err);
+        });
+    };
+    AppCheckTokenGenerator.prototype.encodeSegment = function (segment) {
+        var buffer = (segment instanceof Buffer) ? segment : Buffer.from(JSON.stringify(segment));
+        return utils_1.toWebSafeBase64(buffer).replace(/=+$/, '');
+    };
+    /**
+     * Checks if a given `AppCheckTokenOptions` object is valid. If successful, returns an object with
+     * custom properties.
+     *
+     * @param options An options object to be validated.
+     * @returns A custom object with ttl converted to protobuf Duration string format.
+     */
+    AppCheckTokenGenerator.prototype.validateTokenOptions = function (options) {
+        if (!validator.isNonNullObject(options)) {
+            throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', 'AppCheckTokenOptions must be a non-null object.');
+        }
+        if (typeof options.ttlMillis !== 'undefined') {
+            if (!validator.isNumber(options.ttlMillis)) {
+                throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', 'ttlMillis must be a duration in milliseconds.');
+            }
+            // ttlMillis must be between 30 minutes and 7 days (inclusive)
+            if (options.ttlMillis < (ONE_MINUTE_IN_MILLIS * 30) || options.ttlMillis > (ONE_DAY_IN_MILLIS * 7)) {
+                throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', 'ttlMillis must be a duration in milliseconds between 30 minutes and 7 days (inclusive).');
+            }
+            return { ttl: utils_1.transformMillisecondsToSecondsString(options.ttlMillis) };
+        }
+        return {};
+    };
+    return AppCheckTokenGenerator;
+}());
+exports.AppCheckTokenGenerator = AppCheckTokenGenerator;
+/**
+ * Creates a new FirebaseAppCheckError by extracting the error code, message and other relevant
+ * details from a CryptoSignerError.
+ *
+ * @param err The Error to convert into a FirebaseAppCheckError error
+ * @return A Firebase App Check error that can be returned to the user.
+ */
+function appCheckErrorFromCryptoSignerError(err) {
+    if (!(err instanceof crypto_signer_1.CryptoSignerError)) {
+        return err;
+    }
+    if (err.code === crypto_signer_1.CryptoSignerErrorCode.SERVER_ERROR && validator.isNonNullObject(err.cause)) {
+        var httpError = err.cause;
+        var errorResponse = httpError.response.data;
+        if (errorResponse === null || errorResponse === void 0 ? void 0 : errorResponse.error) {
+            var status = errorResponse.error.status;
+            var description = errorResponse.error.message || JSON.stringify(httpError.response);
+            var code = 'unknown-error';
+            if (status && status in app_check_api_client_internal_1.APP_CHECK_ERROR_CODE_MAPPING) {
+                code = app_check_api_client_internal_1.APP_CHECK_ERROR_CODE_MAPPING[status];
+            }
+            return new app_check_api_client_internal_1.FirebaseAppCheckError(code, "Error returned from server while signing a custom token: " + description);
+        }
+        return new app_check_api_client_internal_1.FirebaseAppCheckError('internal-error', 'Error returned from server: ' + JSON.stringify(errorResponse) + '.');
+    }
+    return new app_check_api_client_internal_1.FirebaseAppCheckError(mapToAppCheckErrorCode(err.code), err.message);
+}
+exports.appCheckErrorFromCryptoSignerError = appCheckErrorFromCryptoSignerError;
+function mapToAppCheckErrorCode(code) {
+    switch (code) {
+        case crypto_signer_1.CryptoSignerErrorCode.INVALID_CREDENTIAL:
+            return 'invalid-credential';
+        case crypto_signer_1.CryptoSignerErrorCode.INVALID_ARGUMENT:
+            return 'invalid-argument';
+        default:
+            return 'internal-error';
+    }
+}

package/lib/app-check/token-verifier.js

@@ -0,0 +1,152 @@
+/*! firebase-admin v9.12.0 */
+"use strict";
+/*!
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AppCheckTokenVerifier = void 0;
+var validator = require("../utils/validator");
+var util = require("../utils/index");
+var app_check_api_client_internal_1 = require("./app-check-api-client-internal");
+var jwt_1 = require("../utils/jwt");
+var APP_CHECK_ISSUER = 'https://firebaseappcheck.googleapis.com/';
+var JWKS_URL = 'https://firebaseappcheck.googleapis.com/v1beta/jwks';
+/**
+ * Class for verifying Firebase App Check tokens.
+ *
+ * @internal
+ */
+var AppCheckTokenVerifier = /** @class */ (function () {
+    function AppCheckTokenVerifier(app) {
+        this.app = app;
+        this.signatureVerifier = jwt_1.PublicKeySignatureVerifier.withJwksUrl(JWKS_URL);
+    }
+    /**
+     * Verifies the format and signature of a Firebase App Check token.
+     *
+     * @param token The Firebase Auth JWT token to verify.
+     * @return A promise fulfilled with the decoded claims of the Firebase App Check token.
+     */
+    AppCheckTokenVerifier.prototype.verifyToken = function (token) {
+        var _this = this;
+        if (!validator.isString(token)) {
+            throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', 'App check token must be a non-null string.');
+        }
+        return this.ensureProjectId()
+            .then(function (projectId) {
+            return _this.decodeAndVerify(token, projectId);
+        })
+            .then(function (decoded) {
+            var decodedAppCheckToken = decoded.payload;
+            // eslint-disable-next-line @typescript-eslint/camelcase
+            decodedAppCheckToken.app_id = decodedAppCheckToken.sub;
+            return decodedAppCheckToken;
+        });
+    };
+    AppCheckTokenVerifier.prototype.ensureProjectId = function () {
+        return util.findProjectId(this.app)
+            .then(function (projectId) {
+            if (!validator.isNonEmptyString(projectId)) {
+                throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-credential', 'Must initialize app with a cert credential or set your Firebase project ID as the ' +
+                    'GOOGLE_CLOUD_PROJECT environment variable to verify an App Check token.');
+            }
+            return projectId;
+        });
+    };
+    AppCheckTokenVerifier.prototype.decodeAndVerify = function (token, projectId) {
+        var _this = this;
+        return this.safeDecode(token)
+            .then(function (decodedToken) {
+            _this.verifyContent(decodedToken, projectId);
+            return _this.verifySignature(token)
+                .then(function () { return decodedToken; });
+        });
+    };
+    AppCheckTokenVerifier.prototype.safeDecode = function (jwtToken) {
+        return jwt_1.decodeJwt(jwtToken)
+            .catch(function () {
+            var errorMessage = 'Decoding App Check token failed. Make sure you passed ' +
+                'the entire string JWT which represents the Firebase App Check token.';
+            throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', errorMessage);
+        });
+    };
+    /**
+     * Verifies the content of a Firebase App Check JWT.
+     *
+     * @param fullDecodedToken The decoded JWT.
+     * @param projectId The Firebase Project Id.
+     */
+    AppCheckTokenVerifier.prototype.verifyContent = function (fullDecodedToken, projectId) {
+        var header = fullDecodedToken.header;
+        var payload = fullDecodedToken.payload;
+        var projectIdMatchMessage = ' Make sure the App Check token comes from the same ' +
+            'Firebase project as the service account used to authenticate this SDK.';
+        var scopedProjectId = "projects/" + projectId;
+        var errorMessage;
+        if (header.alg !== jwt_1.ALGORITHM_RS256) {
+            errorMessage = 'The provided App Check token has incorrect algorithm. Expected "' +
+                jwt_1.ALGORITHM_RS256 + '" but got ' + '"' + header.alg + '".';
+        }
+        else if (!validator.isNonEmptyArray(payload.aud) || !payload.aud.includes(scopedProjectId)) {
+            errorMessage = 'The provided App Check token has incorrect "aud" (audience) claim. Expected "' +
+                scopedProjectId + '" but got "' + payload.aud + '".' + projectIdMatchMessage;
+        }
+        else if (typeof payload.iss !== 'string' || !payload.iss.startsWith(APP_CHECK_ISSUER)) {
+            errorMessage = 'The provided App Check token has incorrect "iss" (issuer) claim.';
+        }
+        else if (typeof payload.sub !== 'string') {
+            errorMessage = 'The provided App Check token has no "sub" (subject) claim.';
+        }
+        else if (payload.sub === '') {
+            errorMessage = 'The provided App Check token has an empty string "sub" (subject) claim.';
+        }
+        if (errorMessage) {
+            throw new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', errorMessage);
+        }
+    };
+    AppCheckTokenVerifier.prototype.verifySignature = function (jwtToken) {
+        var _this = this;
+        return this.signatureVerifier.verify(jwtToken)
+            .catch(function (error) {
+            throw _this.mapJwtErrorToAppCheckError(error);
+        });
+    };
+    /**
+     * Maps JwtError to FirebaseAppCheckError
+     *
+     * @param error JwtError to be mapped.
+     * @returns FirebaseAppCheckError instance.
+     */
+    AppCheckTokenVerifier.prototype.mapJwtErrorToAppCheckError = function (error) {
+        if (error.code === jwt_1.JwtErrorCode.TOKEN_EXPIRED) {
+            var errorMessage = 'The provided App Check token has expired. Get a fresh App Check token' +
+                ' from your client app and try again.';
+            return new app_check_api_client_internal_1.FirebaseAppCheckError('app-check-token-expired', errorMessage);
+        }
+        else if (error.code === jwt_1.JwtErrorCode.INVALID_SIGNATURE) {
+            var errorMessage = 'The provided App Check token has invalid signature.';
+            return new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', errorMessage);
+        }
+        else if (error.code === jwt_1.JwtErrorCode.NO_MATCHING_KID) {
+            var errorMessage = 'The provided App Check token has "kid" claim which does not ' +
+                'correspond to a known public key. Most likely the provided App Check token ' +
+                'is expired, so get a fresh token from your client app and try again.';
+            return new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', errorMessage);
+        }
+        return new app_check_api_client_internal_1.FirebaseAppCheckError('invalid-argument', error.message);
+    };
+    return AppCheckTokenVerifier;
+}());
+exports.AppCheckTokenVerifier = AppCheckTokenVerifier;

package/lib/auth/action-code-settings-builder.js

@@ -0,0 +1,118 @@
+/*! firebase-admin v9.12.0 */
+"use strict";
+/*!
+ * Copyright 2018 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ActionCodeSettingsBuilder = void 0;
+var validator = require("../utils/validator");
+var error_1 = require("../utils/error");
+/**
+ * Defines the ActionCodeSettings builder class used to convert the
+ * ActionCodeSettings object to its corresponding server request.
+ */
+var ActionCodeSettingsBuilder = /** @class */ (function () {
+    /**
+     * ActionCodeSettingsBuilder constructor.
+     *
+     * @param {ActionCodeSettings} actionCodeSettings The ActionCodeSettings
+     *     object used to initiliaze this server request builder.
+     * @constructor
+     */
+    function ActionCodeSettingsBuilder(actionCodeSettings) {
+        if (!validator.isNonNullObject(actionCodeSettings)) {
+            throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"ActionCodeSettings" must be a non-null object.');
+        }
+        if (typeof actionCodeSettings.url === 'undefined') {
+            throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.MISSING_CONTINUE_URI);
+        }
+        else if (!validator.isURL(actionCodeSettings.url)) {
+            throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CONTINUE_URI);
+        }
+        this.continueUrl = actionCodeSettings.url;
+        if (typeof actionCodeSettings.handleCodeInApp !== 'undefined' &&
+            !validator.isBoolean(actionCodeSettings.handleCodeInApp)) {
+            throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"ActionCodeSettings.handleCodeInApp" must be a boolean.');
+        }
+        this.canHandleCodeInApp = actionCodeSettings.handleCodeInApp || false;
+        if (typeof actionCodeSettings.dynamicLinkDomain !== 'undefined' &&
+            !validator.isNonEmptyString(actionCodeSettings.dynamicLinkDomain)) {
+            throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_DYNAMIC_LINK_DOMAIN);
+        }
+        this.dynamicLinkDomain = actionCodeSettings.dynamicLinkDomain;
+        if (typeof actionCodeSettings.iOS !== 'undefined') {
+            if (!validator.isNonNullObject(actionCodeSettings.iOS)) {
+                throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"ActionCodeSettings.iOS" must be a valid non-null object.');
+            }
+            else if (typeof actionCodeSettings.iOS.bundleId === 'undefined') {
+                throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.MISSING_IOS_BUNDLE_ID);
+            }
+            else if (!validator.isNonEmptyString(actionCodeSettings.iOS.bundleId)) {
+                throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"ActionCodeSettings.iOS.bundleId" must be a valid non-empty string.');
+            }
+            this.ibi = actionCodeSettings.iOS.bundleId;
+        }
+        if (typeof actionCodeSettings.android !== 'undefined') {
+            if (!validator.isNonNullObject(actionCodeSettings.android)) {
+                throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"ActionCodeSettings.android" must be a valid non-null object.');
+            }
+            else if (typeof actionCodeSettings.android.packageName === 'undefined') {
+                throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.MISSING_ANDROID_PACKAGE_NAME);
+            }
+            else if (!validator.isNonEmptyString(actionCodeSettings.android.packageName)) {
+                throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"ActionCodeSettings.android.packageName" must be a valid non-empty string.');
+            }
+            else if (typeof actionCodeSettings.android.minimumVersion !== 'undefined' &&
+                !validator.isNonEmptyString(actionCodeSettings.android.minimumVersion)) {
+                throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"ActionCodeSettings.android.minimumVersion" must be a valid non-empty string.');
+            }
+            else if (typeof actionCodeSettings.android.installApp !== 'undefined' &&
+                !validator.isBoolean(actionCodeSettings.android.installApp)) {
+                throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"ActionCodeSettings.android.installApp" must be a valid boolean.');
+            }
+            this.apn = actionCodeSettings.android.packageName;
+            this.amv = actionCodeSettings.android.minimumVersion;
+            this.installApp = actionCodeSettings.android.installApp || false;
+        }
+    }
+    /**
+     * Returns the corresponding constructed server request corresponding to the
+     * current ActionCodeSettings.
+     *
+     * @return {EmailActionCodeRequest} The constructed EmailActionCodeRequest request.
+     */
+    ActionCodeSettingsBuilder.prototype.buildRequest = function () {
+        var request = {
+            continueUrl: this.continueUrl,
+            canHandleCodeInApp: this.canHandleCodeInApp,
+            dynamicLinkDomain: this.dynamicLinkDomain,
+            androidPackageName: this.apn,
+            androidMinimumVersion: this.amv,
+            androidInstallApp: this.installApp,
+            iOSBundleId: this.ibi,
+        };
+        // Remove all null and undefined fields from request.
+        for (var key in request) {
+            if (Object.prototype.hasOwnProperty.call(request, key)) {
+                if (typeof request[key] === 'undefined' || request[key] === null) {
+                    delete request[key];
+                }
+            }
+        }
+        return request;
+    };
+    return ActionCodeSettingsBuilder;
+}());
+exports.ActionCodeSettingsBuilder = ActionCodeSettingsBuilder;