firebase-tools 10.0.1 → 10.1.0

package/lib/emulator/auth/operations.js

@@ -102,25 +102,25 @@ const MFA_INELIGIBLE_PROVIDER = new Set([
 ]);
 function signUp(state, reqBody, ctx) {
     var _a;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
-    errors_1.assert(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
     let provider;
     const updates = {
         lastLoginAt: Date.now().toString(),
     };
     if ((_a = ctx.security) === null || _a === void 0 ? void 0 : _a.Oauth2) {
         if (reqBody.idToken) {
-            errors_1.assert(!reqBody.localId, "UNEXPECTED_PARAMETER : User ID");
+            (0, errors_1.assert)(!reqBody.localId, "UNEXPECTED_PARAMETER : User ID");
         }
         if (reqBody.localId) {
-            errors_1.assert(!state.getUserByLocalId(reqBody.localId), "DUPLICATE_LOCAL_ID");
+            (0, errors_1.assert)(!state.getUserByLocalId(reqBody.localId), "DUPLICATE_LOCAL_ID");
         }
         updates.displayName = reqBody.displayName;
         updates.photoUrl = reqBody.photoUrl;
         updates.emailVerified = reqBody.emailVerified || false;
         if (reqBody.phoneNumber) {
-            errors_1.assert(utils_1.isValidPhoneNumber(reqBody.phoneNumber), "INVALID_PHONE_NUMBER : Invalid format.");
-            errors_1.assert(!state.getUserByPhoneNumber(reqBody.phoneNumber), "PHONE_NUMBER_EXISTS");
+            (0, errors_1.assert)((0, utils_1.isValidPhoneNumber)(reqBody.phoneNumber), "INVALID_PHONE_NUMBER : Invalid format.");
+            (0, errors_1.assert)(!state.getUserByPhoneNumber(reqBody.phoneNumber), "PHONE_NUMBER_EXISTS");
             updates.phoneNumber = reqBody.phoneNumber;
         }
         if (reqBody.disabled) {
@@ -128,32 +128,32 @@ function signUp(state, reqBody, ctx) {
         }
     }
     else {
-        errors_1.assert(!reqBody.localId, "UNEXPECTED_PARAMETER : User ID");
+        (0, errors_1.assert)(!reqBody.localId, "UNEXPECTED_PARAMETER : User ID");
         if (reqBody.idToken || reqBody.password || reqBody.email) {
             updates.displayName = reqBody.displayName;
             updates.emailVerified = false;
-            errors_1.assert(reqBody.email, "MISSING_EMAIL");
-            errors_1.assert(reqBody.password, "MISSING_PASSWORD");
+            (0, errors_1.assert)(reqBody.email, "MISSING_EMAIL");
+            (0, errors_1.assert)(reqBody.password, "MISSING_PASSWORD");
             provider = state_1.PROVIDER_PASSWORD;
-            errors_1.assert(state.allowPasswordSignup, "OPERATION_NOT_ALLOWED");
+            (0, errors_1.assert)(state.allowPasswordSignup, "OPERATION_NOT_ALLOWED");
         }
         else {
             provider = state_1.PROVIDER_ANONYMOUS;
-            errors_1.assert(state.enableAnonymousUser, "ADMIN_ONLY_OPERATION");
+            (0, errors_1.assert)(state.enableAnonymousUser, "ADMIN_ONLY_OPERATION");
         }
     }
     if (reqBody.email) {
-        errors_1.assert(utils_1.isValidEmailAddress(reqBody.email), "INVALID_EMAIL");
-        const email = utils_1.canonicalizeEmailAddress(reqBody.email);
-        errors_1.assert(!state.getUserByEmail(email), "EMAIL_EXISTS");
+        (0, errors_1.assert)((0, utils_1.isValidEmailAddress)(reqBody.email), "INVALID_EMAIL");
+        const email = (0, utils_1.canonicalizeEmailAddress)(reqBody.email);
+        (0, errors_1.assert)(!state.getUserByEmail(email), "EMAIL_EXISTS");
         updates.email = email;
     }
     if (reqBody.password) {
-        errors_1.assert(reqBody.password.length >= PASSWORD_MIN_LENGTH, `WEAK_PASSWORD : Password should be at least ${PASSWORD_MIN_LENGTH} characters`);
-        updates.salt = "fakeSalt" + utils_1.randomId(20);
+        (0, errors_1.assert)(reqBody.password.length >= PASSWORD_MIN_LENGTH, `WEAK_PASSWORD : Password should be at least ${PASSWORD_MIN_LENGTH} characters`);
+        updates.salt = "fakeSalt" + (0, utils_1.randomId)(20);
         updates.passwordHash = hashPassword(reqBody.password, updates.salt);
         updates.passwordUpdatedAt = Date.now();
-        updates.validSince = utils_1.toUnixTimestamp(new Date()).toString();
+        updates.validSince = (0, utils_1.toUnixTimestamp)(new Date()).toString();
     }
     if (reqBody.mfaInfo) {
         updates.mfaInfo = getMfaEnrollmentsFromRequest(state, reqBody.mfaInfo, {
@@ -170,7 +170,7 @@ function signUp(state, reqBody, ctx) {
     if (!user) {
         if (reqBody.localId) {
             user = state.createUserWithLocalId(reqBody.localId, updates);
-            errors_1.assert(user, "DUPLICATE_LOCAL_ID");
+            (0, errors_1.assert)(user, "DUPLICATE_LOCAL_ID");
         }
         else {
             user = state.createUser(updates);
@@ -183,7 +183,7 @@ function signUp(state, reqBody, ctx) {
 }
 function lookup(state, reqBody, ctx) {
     var _a, _b, _c, _d, _e;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
     const seenLocalIds = new Set();
     const users = [];
     function tryAddUser(maybeUser) {
@@ -213,7 +213,7 @@ function lookup(state, reqBody, ctx) {
         }
     }
     else {
-        errors_1.assert(reqBody.idToken, "MISSING_ID_TOKEN");
+        (0, errors_1.assert)(reqBody.idToken, "MISSING_ID_TOKEN");
         const { user } = parseIdToken(state, reqBody.idToken);
         users.push(redactPasswordHash(user));
     }
@@ -224,15 +224,15 @@ function lookup(state, reqBody, ctx) {
 }
 function batchCreate(state, reqBody) {
     var _a, _b;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
-    errors_1.assert(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
-    errors_1.assert((_a = reqBody.users) === null || _a === void 0 ? void 0 : _a.length, "MISSING_USER_ACCOUNT");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
+    (0, errors_1.assert)((_a = reqBody.users) === null || _a === void 0 ? void 0 : _a.length, "MISSING_USER_ACCOUNT");
     if (reqBody.sanityCheck) {
         if (state.oneAccountPerEmail) {
             const existingEmails = new Set();
             for (const userInfo of reqBody.users) {
                 if (userInfo.email) {
-                    errors_1.assert(!existingEmails.has(userInfo.email), `DUPLICATE_EMAIL : ${userInfo.email}`);
+                    (0, errors_1.assert)(!existingEmails.has(userInfo.email), `DUPLICATE_EMAIL : ${userInfo.email}`);
                     existingEmails.add(userInfo.email);
                 }
             }
@@ -241,7 +241,7 @@ function batchCreate(state, reqBody) {
         for (const userInfo of reqBody.users) {
             for (const { providerId, rawId } of (_b = userInfo.providerUserInfo) !== null && _b !== void 0 ? _b : []) {
                 const key = `${providerId}:${rawId}`;
-                errors_1.assert(!existingProviderAccounts.has(key), `DUPLICATE_RAW_ID : Provider id(${providerId}), Raw id(${rawId})`);
+                (0, errors_1.assert)(!existingProviderAccounts.has(key), `DUPLICATE_RAW_ID : Provider id(${providerId}), Raw id(${rawId})`);
                 existingProviderAccounts.add(key);
             }
         }
@@ -250,7 +250,7 @@ function batchCreate(state, reqBody) {
         const existingLocalIds = new Set();
         for (const userInfo of reqBody.users) {
             const localId = userInfo.localId || "";
-            errors_1.assert(!existingLocalIds.has(localId), `DUPLICATE_LOCAL_ID : ${localId}`);
+            (0, errors_1.assert)(!existingLocalIds.has(localId), `DUPLICATE_LOCAL_ID : ${localId}`);
             existingLocalIds.add(localId);
         }
     }
@@ -258,7 +258,7 @@ function batchCreate(state, reqBody) {
     for (let index = 0; index < reqBody.users.length; index++) {
         const userInfo = reqBody.users[index];
         try {
-            errors_1.assert(userInfo.localId, "localId is missing");
+            (0, errors_1.assert)(userInfo.localId, "localId is missing");
             const uploadTime = new Date();
             const fields = {
                 displayName: userInfo.displayName,
@@ -266,7 +266,7 @@ function batchCreate(state, reqBody) {
                 lastLoginAt: userInfo.lastLoginAt,
             };
             if (userInfo.tenantId) {
-                errors_1.assert(state instanceof state_1.TenantProjectState && state.tenantId === userInfo.tenantId, "Tenant id in userInfo does not match the tenant id in request.");
+                (0, errors_1.assert)(state instanceof state_1.TenantProjectState && state.tenantId === userInfo.tenantId, "Tenant id in userInfo does not match the tenant id in request.");
             }
             if (state instanceof state_1.TenantProjectState) {
                 fields.tenantId = state.tenantId;
@@ -277,7 +277,7 @@ function batchCreate(state, reqBody) {
                 fields.passwordUpdatedAt = uploadTime.getTime();
             }
             else if (userInfo.rawPassword) {
-                fields.salt = userInfo.salt || "fakeSalt" + utils_1.randomId(20);
+                fields.salt = userInfo.salt || "fakeSalt" + (0, utils_1.randomId)(20);
                 fields.passwordHash = hashPassword(userInfo.rawPassword, fields.salt);
                 fields.passwordUpdatedAt = uploadTime.getTime();
             }
@@ -294,59 +294,59 @@ function batchCreate(state, reqBody) {
                     }
                     if (!rawId || !providerId) {
                         if (!federatedId) {
-                            errors_1.assert(false, "federatedId or (providerId & rawId) is required");
+                            (0, errors_1.assert)(false, "federatedId or (providerId & rawId) is required");
                         }
                         else {
-                            errors_1.assert(false, "((Parsing federatedId is not implemented in Auth Emulator; please specify providerId AND rawId as a workaround.))");
+                            (0, errors_1.assert)(false, "((Parsing federatedId is not implemented in Auth Emulator; please specify providerId AND rawId as a workaround.))");
                         }
                     }
                     const existingUserWithRawId = state.getUserByProviderRawId(providerId, rawId);
-                    errors_1.assert(!existingUserWithRawId || existingUserWithRawId.localId === userInfo.localId, "raw id exists in other account in database");
+                    (0, errors_1.assert)(!existingUserWithRawId || existingUserWithRawId.localId === userInfo.localId, "raw id exists in other account in database");
                     fields.providerUserInfo.push(Object.assign(Object.assign({}, providerUserInfo), { providerId, rawId }));
                 }
             }
             if (userInfo.phoneNumber) {
-                errors_1.assert(utils_1.isValidPhoneNumber(userInfo.phoneNumber), "phone number format is invalid");
+                (0, errors_1.assert)((0, utils_1.isValidPhoneNumber)(userInfo.phoneNumber), "phone number format is invalid");
                 fields.phoneNumber = userInfo.phoneNumber;
             }
-            fields.validSince = utils_1.toUnixTimestamp(uploadTime).toString();
+            fields.validSince = (0, utils_1.toUnixTimestamp)(uploadTime).toString();
             fields.createdAt = uploadTime.getTime().toString();
             if (fields.createdAt && !isNaN(Number(userInfo.createdAt))) {
                 fields.createdAt = userInfo.createdAt;
             }
             if (userInfo.email) {
                 const email = userInfo.email;
-                errors_1.assert(utils_1.isValidEmailAddress(email), "email is invalid");
+                (0, errors_1.assert)((0, utils_1.isValidEmailAddress)(email), "email is invalid");
                 const existingUserWithEmail = state.getUserByEmail(email);
-                errors_1.assert(!existingUserWithEmail || existingUserWithEmail.localId === userInfo.localId, reqBody.sanityCheck && state.oneAccountPerEmail
+                (0, errors_1.assert)(!existingUserWithEmail || existingUserWithEmail.localId === userInfo.localId, reqBody.sanityCheck && state.oneAccountPerEmail
                     ? "email exists in other account in database"
                     : `((Auth Emulator does not support importing duplicate email: ${email}))`);
-                fields.email = utils_1.canonicalizeEmailAddress(email);
+                fields.email = (0, utils_1.canonicalizeEmailAddress)(email);
             }
             fields.emailVerified = !!userInfo.emailVerified;
             fields.disabled = !!userInfo.disabled;
             if (userInfo.mfaInfo) {
                 fields.mfaInfo = [];
-                errors_1.assert(fields.email, "Second factor account requires email to be presented.");
-                errors_1.assert(fields.emailVerified, "Second factor account requires email to be verified.");
+                (0, errors_1.assert)(fields.email, "Second factor account requires email to be presented.");
+                (0, errors_1.assert)(fields.emailVerified, "Second factor account requires email to be verified.");
                 const existingIds = new Set();
                 for (const enrollment of userInfo.mfaInfo) {
                     if (enrollment.mfaEnrollmentId) {
-                        errors_1.assert(!existingIds.has(enrollment.mfaEnrollmentId), "Enrollment id already exists.");
+                        (0, errors_1.assert)(!existingIds.has(enrollment.mfaEnrollmentId), "Enrollment id already exists.");
                         existingIds.add(enrollment.mfaEnrollmentId);
                     }
                 }
                 for (const enrollment of userInfo.mfaInfo) {
                     enrollment.mfaEnrollmentId = enrollment.mfaEnrollmentId || newRandomId(28, existingIds);
                     enrollment.enrolledAt = enrollment.enrolledAt || new Date().toISOString();
-                    errors_1.assert(enrollment.phoneInfo, "Second factor not supported.");
-                    errors_1.assert(utils_1.isValidPhoneNumber(enrollment.phoneInfo), "Phone number format is invalid");
+                    (0, errors_1.assert)(enrollment.phoneInfo, "Second factor not supported.");
+                    (0, errors_1.assert)((0, utils_1.isValidPhoneNumber)(enrollment.phoneInfo), "Phone number format is invalid");
                     enrollment.unobfuscatedPhoneInfo = enrollment.phoneInfo;
                     fields.mfaInfo.push(enrollment);
                 }
             }
             if (state.getUserByLocalId(userInfo.localId)) {
-                errors_1.assert(reqBody.allowOverwrite, "localId belongs to an existing account - can not overwrite.");
+                (0, errors_1.assert)(reqBody.allowOverwrite, "localId belongs to an existing account - can not overwrite.");
             }
             state.overwriteUserWithLocalId(userInfo.localId, fields);
         }
@@ -381,7 +381,7 @@ function batchDelete(state, reqBody) {
     var _a;
     const errors = [];
     const localIds = (_a = reqBody.localIds) !== null && _a !== void 0 ? _a : [];
-    errors_1.assert(localIds.length > 0 && localIds.length <= 1000, "LOCAL_ID_LIST_EXCEEDS_LIMIT");
+    (0, errors_1.assert)(localIds.length > 0 && localIds.length <= 1000, "LOCAL_ID_LIST_EXCEEDS_LIMIT");
     for (let index = 0; index < localIds.length; index++) {
         const localId = localIds[index];
         const user = state.getUserByLocalId(localId);
@@ -402,7 +402,7 @@ function batchDelete(state, reqBody) {
     return { errors: errors.length ? errors : undefined };
 }
 function batchGet(state, reqBody, ctx) {
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
     const maxResults = Math.min(Math.floor(ctx.params.query.maxResults) || 20, 1000);
     const users = state.queryUsers({}, { sortByField: "localId", order: "ASC", startToken: ctx.params.query.nextPageToken });
     let newPageToken = undefined;
@@ -420,17 +420,17 @@ function batchGet(state, reqBody, ctx) {
 }
 function createAuthUri(state, reqBody) {
     var _a;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
-    errors_1.assert(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
-    const sessionId = reqBody.sessionId || utils_1.randomId(27);
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
+    const sessionId = reqBody.sessionId || (0, utils_1.randomId)(27);
     if (reqBody.providerId) {
         throw new errors_1.NotImplementedError("Sign-in with IDP is not yet supported.");
     }
-    errors_1.assert(reqBody.identifier, "MISSING_IDENTIFIER");
-    errors_1.assert(reqBody.continueUri, "MISSING_CONTINUE_URI");
-    errors_1.assert(utils_1.isValidEmailAddress(reqBody.identifier), "INVALID_IDENTIFIER");
-    const email = utils_1.canonicalizeEmailAddress(reqBody.identifier);
-    errors_1.assert(utils_1.parseAbsoluteUri(reqBody.continueUri), "INVALID_CONTINUE_URI");
+    (0, errors_1.assert)(reqBody.identifier, "MISSING_IDENTIFIER");
+    (0, errors_1.assert)(reqBody.continueUri, "MISSING_CONTINUE_URI");
+    (0, errors_1.assert)((0, utils_1.isValidEmailAddress)(reqBody.identifier), "INVALID_IDENTIFIER");
+    const email = (0, utils_1.canonicalizeEmailAddress)(reqBody.identifier);
+    (0, errors_1.assert)((0, utils_1.parseAbsoluteUri)(reqBody.continueUri), "INVALID_CONTINUE_URI");
     const allProviders = [];
     const signinMethods = [];
     let registered = false;
@@ -481,31 +481,31 @@ function createAuthUri(state, reqBody) {
 const SESSION_COOKIE_MIN_VALID_DURATION = 5 * 60;
 exports.SESSION_COOKIE_MAX_VALID_DURATION = 14 * 24 * 60 * 60;
 function createSessionCookie(state, reqBody, ctx) {
-    errors_1.assert(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
-    errors_1.assert(reqBody.idToken, "MISSING_ID_TOKEN");
+    (0, errors_1.assert)(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
+    (0, errors_1.assert)(reqBody.idToken, "MISSING_ID_TOKEN");
     const validDuration = Number(reqBody.validDuration) || exports.SESSION_COOKIE_MAX_VALID_DURATION;
-    errors_1.assert(validDuration >= SESSION_COOKIE_MIN_VALID_DURATION &&
+    (0, errors_1.assert)(validDuration >= SESSION_COOKIE_MIN_VALID_DURATION &&
         validDuration <= exports.SESSION_COOKIE_MAX_VALID_DURATION, "INVALID_DURATION");
     const { payload } = parseIdToken(state, reqBody.idToken);
-    const issuedAt = utils_1.toUnixTimestamp(new Date());
+    const issuedAt = (0, utils_1.toUnixTimestamp)(new Date());
     const expiresAt = issuedAt + validDuration;
-    const sessionCookie = jsonwebtoken_1.sign(Object.assign(Object.assign({}, payload), { iat: issuedAt, exp: expiresAt, iss: `https://session.firebase.google.com/${payload.aud}` }), "", {
+    const sessionCookie = (0, jsonwebtoken_1.sign)(Object.assign(Object.assign({}, payload), { iat: issuedAt, exp: expiresAt, iss: `https://session.firebase.google.com/${payload.aud}` }), "", {
         algorithm: "none",
     });
     return { sessionCookie };
 }
 function deleteAccount(state, reqBody, ctx) {
     var _a;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
     let user;
     if ((_a = ctx.security) === null || _a === void 0 ? void 0 : _a.Oauth2) {
-        errors_1.assert(reqBody.localId, "MISSING_LOCAL_ID");
+        (0, errors_1.assert)(reqBody.localId, "MISSING_LOCAL_ID");
         const maybeUser = state.getUserByLocalId(reqBody.localId);
-        errors_1.assert(maybeUser, "USER_NOT_FOUND");
+        (0, errors_1.assert)(maybeUser, "USER_NOT_FOUND");
         user = maybeUser;
     }
     else {
-        errors_1.assert(reqBody.idToken, "MISSING_ID_TOKEN");
+        (0, errors_1.assert)(reqBody.idToken, "MISSING_ID_TOKEN");
         user = parseIdToken(state, reqBody.idToken).user;
     }
     state.deleteUser(user);
@@ -514,8 +514,8 @@ function deleteAccount(state, reqBody, ctx) {
     };
 }
 function getProjects(state) {
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
-    errors_1.assert(state instanceof state_1.AgentProjectState, "UNSUPPORTED_TENANT_OPERATION");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(state instanceof state_1.AgentProjectState, "UNSUPPORTED_TENANT_OPERATION");
     return {
         projectId: state.projectNumber,
         authorizedDomains: [
@@ -524,7 +524,7 @@ function getProjects(state) {
     };
 }
 function getRecaptchaParams(state) {
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
     return {
         kind: "identitytoolkit#GetRecaptchaParamResponse",
         recaptchaStoken: "This-is-a-fake-token__Dont-send-this-to-the-Recaptcha-service__The-Auth-Emulator-does-not-support-Recaptcha",
@@ -533,7 +533,7 @@ function getRecaptchaParams(state) {
 }
 function queryAccounts(state, reqBody) {
     var _a;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
     if ((_a = reqBody.expression) === null || _a === void 0 ? void 0 : _a.length) {
         throw new errors_1.NotImplementedError("expression is not implemented.");
     }
@@ -570,26 +570,26 @@ function queryAccounts(state, reqBody) {
 }
 function resetPassword(state, reqBody) {
     var _a;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
-    errors_1.assert(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
-    errors_1.assert(state.allowPasswordSignup, "PASSWORD_LOGIN_DISABLED");
-    errors_1.assert(reqBody.oobCode, "MISSING_OOB_CODE");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
+    (0, errors_1.assert)(state.allowPasswordSignup, "PASSWORD_LOGIN_DISABLED");
+    (0, errors_1.assert)(reqBody.oobCode, "MISSING_OOB_CODE");
     const oob = state.validateOobCode(reqBody.oobCode);
-    errors_1.assert(oob, "INVALID_OOB_CODE");
+    (0, errors_1.assert)(oob, "INVALID_OOB_CODE");
     if (reqBody.newPassword) {
-        errors_1.assert(oob.requestType === "PASSWORD_RESET", "INVALID_OOB_CODE");
-        errors_1.assert(reqBody.newPassword.length >= PASSWORD_MIN_LENGTH, `WEAK_PASSWORD : Password should be at least ${PASSWORD_MIN_LENGTH} characters`);
+        (0, errors_1.assert)(oob.requestType === "PASSWORD_RESET", "INVALID_OOB_CODE");
+        (0, errors_1.assert)(reqBody.newPassword.length >= PASSWORD_MIN_LENGTH, `WEAK_PASSWORD : Password should be at least ${PASSWORD_MIN_LENGTH} characters`);
         state.deleteOobCode(reqBody.oobCode);
         let user = state.getUserByEmail(oob.email);
-        errors_1.assert(user, "INVALID_OOB_CODE");
-        const salt = "fakeSalt" + utils_1.randomId(20);
+        (0, errors_1.assert)(user, "INVALID_OOB_CODE");
+        const salt = "fakeSalt" + (0, utils_1.randomId)(20);
         const passwordHash = hashPassword(reqBody.newPassword, salt);
         user = state.updateUserByLocalId(user.localId, {
             emailVerified: true,
             passwordHash,
             salt,
             passwordUpdatedAt: Date.now(),
-            validSince: utils_1.toUnixTimestamp(new Date()).toString(),
+            validSince: (0, utils_1.toUnixTimestamp)(new Date()).toString(),
         }, { deleteProviders: (_a = user.providerUserInfo) === null || _a === void 0 ? void 0 : _a.map((info) => info.providerId) });
     }
     return {
@@ -601,41 +601,41 @@ function resetPassword(state, reqBody) {
 exports.resetPassword = resetPassword;
 function sendOobCode(state, reqBody, ctx) {
     var _a;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
-    errors_1.assert(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
-    errors_1.assert(reqBody.requestType && reqBody.requestType !== "OOB_REQ_TYPE_UNSPECIFIED", "MISSING_REQ_TYPE");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
+    (0, errors_1.assert)(reqBody.requestType && reqBody.requestType !== "OOB_REQ_TYPE_UNSPECIFIED", "MISSING_REQ_TYPE");
     if (reqBody.returnOobLink) {
-        errors_1.assert((_a = ctx.security) === null || _a === void 0 ? void 0 : _a.Oauth2, "INSUFFICIENT_PERMISSION");
+        (0, errors_1.assert)((_a = ctx.security) === null || _a === void 0 ? void 0 : _a.Oauth2, "INSUFFICIENT_PERMISSION");
     }
     if (reqBody.continueUrl) {
-        errors_1.assert(utils_1.parseAbsoluteUri(reqBody.continueUrl), "INVALID_CONTINUE_URI: ((expected an absolute URI with valid scheme and host))");
+        (0, errors_1.assert)((0, utils_1.parseAbsoluteUri)(reqBody.continueUrl), "INVALID_CONTINUE_URI: ((expected an absolute URI with valid scheme and host))");
     }
     let email;
     let mode;
     switch (reqBody.requestType) {
         case "EMAIL_SIGNIN":
-            errors_1.assert(state.enableEmailLinkSignin, "OPERATION_NOT_ALLOWED");
+            (0, errors_1.assert)(state.enableEmailLinkSignin, "OPERATION_NOT_ALLOWED");
             mode = "signIn";
-            errors_1.assert(reqBody.email, "MISSING_EMAIL");
-            email = utils_1.canonicalizeEmailAddress(reqBody.email);
+            (0, errors_1.assert)(reqBody.email, "MISSING_EMAIL");
+            email = (0, utils_1.canonicalizeEmailAddress)(reqBody.email);
             break;
         case "PASSWORD_RESET":
             mode = "resetPassword";
-            errors_1.assert(reqBody.email, "MISSING_EMAIL");
-            email = utils_1.canonicalizeEmailAddress(reqBody.email);
-            errors_1.assert(state.getUserByEmail(email), "EMAIL_NOT_FOUND");
+            (0, errors_1.assert)(reqBody.email, "MISSING_EMAIL");
+            email = (0, utils_1.canonicalizeEmailAddress)(reqBody.email);
+            (0, errors_1.assert)(state.getUserByEmail(email), "EMAIL_NOT_FOUND");
             break;
         case "VERIFY_EMAIL":
             mode = "verifyEmail";
             if (reqBody.returnOobLink && !reqBody.idToken) {
-                errors_1.assert(reqBody.email, "MISSING_EMAIL");
-                email = utils_1.canonicalizeEmailAddress(reqBody.email);
+                (0, errors_1.assert)(reqBody.email, "MISSING_EMAIL");
+                email = (0, utils_1.canonicalizeEmailAddress)(reqBody.email);
                 const maybeUser = state.getUserByEmail(email);
-                errors_1.assert(maybeUser, "USER_NOT_FOUND");
+                (0, errors_1.assert)(maybeUser, "USER_NOT_FOUND");
             }
             else {
                 const user = parseIdToken(state, reqBody.idToken || "").user;
-                errors_1.assert(user.email, "MISSING_EMAIL");
+                (0, errors_1.assert)(user.email, "MISSING_EMAIL");
                 email = user.email;
             }
             break;
@@ -645,7 +645,7 @@ function sendOobCode(state, reqBody, ctx) {
     if (reqBody.canHandleCodeInApp) {
         emulatorLogger_1.EmulatorLogger.forEmulator(types_1.Emulators.AUTH).log("WARN", "canHandleCodeInApp is unsupported in Auth Emulator. All OOB operations will complete via web.");
     }
-    const url = utils_1.authEmulatorUrl(ctx.req);
+    const url = (0, utils_1.authEmulatorUrl)(ctx.req);
     const oobRecord = createOobRecord(state, email, url, {
         requestType: reqBody.requestType,
         mode,
@@ -669,12 +669,12 @@ function sendOobCode(state, reqBody, ctx) {
 }
 function sendVerificationCode(state, reqBody) {
     var _a;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
-    errors_1.assert(state instanceof state_1.AgentProjectState, "UNSUPPORTED_TENANT_OPERATION");
-    errors_1.assert(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
-    errors_1.assert(reqBody.phoneNumber && utils_1.isValidPhoneNumber(reqBody.phoneNumber), "INVALID_PHONE_NUMBER : Invalid format.");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(state instanceof state_1.AgentProjectState, "UNSUPPORTED_TENANT_OPERATION");
+    (0, errors_1.assert)(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
+    (0, errors_1.assert)(reqBody.phoneNumber && (0, utils_1.isValidPhoneNumber)(reqBody.phoneNumber), "INVALID_PHONE_NUMBER : Invalid format.");
     const user = state.getUserByPhoneNumber(reqBody.phoneNumber);
-    errors_1.assert(!((_a = user === null || user === void 0 ? void 0 : user.mfaInfo) === null || _a === void 0 ? void 0 : _a.length), "UNSUPPORTED_FIRST_FACTOR : A phone number cannot be set as a first factor on an SMS based MFA user.");
+    (0, errors_1.assert)(!((_a = user === null || user === void 0 ? void 0 : user.mfaInfo) === null || _a === void 0 ? void 0 : _a.length), "UNSUPPORTED_FIRST_FACTOR : A phone number cannot be set as a first factor on an SMS based MFA user.");
     const { sessionInfo, phoneNumber, code } = state.createVerificationCode(reqBody.phoneNumber);
     emulatorLogger_1.EmulatorLogger.forEmulator(types_1.Emulators.AUTH).log("BULLET", `To verify the phone number ${phoneNumber}, use the code ${code}.`);
     return {
@@ -683,9 +683,9 @@ function sendVerificationCode(state, reqBody) {
 }
 function setAccountInfo(state, reqBody, ctx) {
     var _a;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
-    errors_1.assert(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
-    const url = utils_1.authEmulatorUrl(ctx.req);
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
+    const url = (0, utils_1.authEmulatorUrl)(ctx.req);
     return setAccountInfoImpl(state, reqBody, {
         privileged: !!((_a = ctx.security) === null || _a === void 0 ? void 0 : _a.Oauth2),
         emulatorUrl: url,
@@ -704,11 +704,11 @@ function setAccountInfoImpl(state, reqBody, { privileged = false, emulatorUrl =
         }
     }
     if (!privileged) {
-        errors_1.assert(reqBody.idToken || reqBody.oobCode, "INVALID_REQ_TYPE : Unsupported request parameters.");
-        errors_1.assert(reqBody.customAttributes == null, "INSUFFICIENT_PERMISSION");
+        (0, errors_1.assert)(reqBody.idToken || reqBody.oobCode, "INVALID_REQ_TYPE : Unsupported request parameters.");
+        (0, errors_1.assert)(reqBody.customAttributes == null, "INSUFFICIENT_PERMISSION");
     }
     else {
-        errors_1.assert(reqBody.localId, "MISSING_LOCAL_ID");
+        (0, errors_1.assert)(reqBody.localId, "MISSING_LOCAL_ID");
     }
     if (reqBody.customAttributes) {
         validateSerializedCustomClaims(reqBody.customAttributes);
@@ -725,13 +725,13 @@ function setAccountInfoImpl(state, reqBody, { privileged = false, emulatorUrl =
     let isEmailUpdate = false;
     if (reqBody.oobCode) {
         const oob = state.validateOobCode(reqBody.oobCode);
-        errors_1.assert(oob, "INVALID_OOB_CODE");
+        (0, errors_1.assert)(oob, "INVALID_OOB_CODE");
         switch (oob.requestType) {
             case "VERIFY_EMAIL": {
                 state.deleteOobCode(reqBody.oobCode);
                 signInProvider = state_1.PROVIDER_PASSWORD;
                 const maybeUser = state.getUserByEmail(oob.email);
-                errors_1.assert(maybeUser, "INVALID_OOB_CODE");
+                (0, errors_1.assert)(maybeUser, "INVALID_OOB_CODE");
                 user = maybeUser;
                 updates.emailVerified = true;
                 if (oob.email !== user.email) {
@@ -742,8 +742,8 @@ function setAccountInfoImpl(state, reqBody, { privileged = false, emulatorUrl =
             case "RECOVER_EMAIL": {
                 state.deleteOobCode(reqBody.oobCode);
                 const maybeUser = state.getUserByInitialEmail(oob.email);
-                errors_1.assert(maybeUser, "INVALID_OOB_CODE");
-                errors_1.assert(!state.getUserByEmail(oob.email), "EMAIL_EXISTS");
+                (0, errors_1.assert)(maybeUser, "INVALID_OOB_CODE");
+                (0, errors_1.assert)(!state.getUserByEmail(oob.email), "EMAIL_EXISTS");
                 user = maybeUser;
                 if (oob.email !== user.email) {
                     updates.email = oob.email;
@@ -758,19 +758,19 @@ function setAccountInfoImpl(state, reqBody, { privileged = false, emulatorUrl =
     else {
         if (reqBody.idToken) {
             ({ user, signInProvider } = parseIdToken(state, reqBody.idToken));
-            errors_1.assert(reqBody.disableUser == null, "OPERATION_NOT_ALLOWED");
+            (0, errors_1.assert)(reqBody.disableUser == null, "OPERATION_NOT_ALLOWED");
         }
         else {
-            errors_1.assert(reqBody.localId, "MISSING_LOCAL_ID");
+            (0, errors_1.assert)(reqBody.localId, "MISSING_LOCAL_ID");
             const maybeUser = state.getUserByLocalId(reqBody.localId);
-            errors_1.assert(maybeUser, "USER_NOT_FOUND");
+            (0, errors_1.assert)(maybeUser, "USER_NOT_FOUND");
             user = maybeUser;
         }
         if (reqBody.email) {
-            errors_1.assert(utils_1.isValidEmailAddress(reqBody.email), "INVALID_EMAIL");
-            const newEmail = utils_1.canonicalizeEmailAddress(reqBody.email);
+            (0, errors_1.assert)((0, utils_1.isValidEmailAddress)(reqBody.email), "INVALID_EMAIL");
+            const newEmail = (0, utils_1.canonicalizeEmailAddress)(reqBody.email);
             if (newEmail !== user.email) {
-                errors_1.assert(!state.getUserByEmail(newEmail), "EMAIL_EXISTS");
+                (0, errors_1.assert)(!state.getUserByEmail(newEmail), "EMAIL_EXISTS");
                 updates.email = newEmail;
                 updates.emailVerified = false;
                 isEmailUpdate = true;
@@ -780,14 +780,14 @@ function setAccountInfoImpl(state, reqBody, { privileged = false, emulatorUrl =
             }
         }
         if (reqBody.password) {
-            errors_1.assert(reqBody.password.length >= PASSWORD_MIN_LENGTH, `WEAK_PASSWORD : Password should be at least ${PASSWORD_MIN_LENGTH} characters`);
-            updates.salt = "fakeSalt" + utils_1.randomId(20);
+            (0, errors_1.assert)(reqBody.password.length >= PASSWORD_MIN_LENGTH, `WEAK_PASSWORD : Password should be at least ${PASSWORD_MIN_LENGTH} characters`);
+            updates.salt = "fakeSalt" + (0, utils_1.randomId)(20);
             updates.passwordHash = hashPassword(reqBody.password, updates.salt);
             updates.passwordUpdatedAt = Date.now();
             signInProvider = state_1.PROVIDER_PASSWORD;
         }
         if (reqBody.password || reqBody.validSince || updates.email) {
-            updates.validSince = utils_1.toUnixTimestamp(new Date()).toString();
+            updates.validSince = (0, utils_1.toUnixTimestamp)(new Date()).toString();
         }
         if (reqBody.mfa) {
             if (reqBody.mfa.enrollments && reqBody.mfa.enrollments.length > 0) {
@@ -806,15 +806,15 @@ function setAccountInfoImpl(state, reqBody, { privileged = false, emulatorUrl =
                 updates.disabled = reqBody.disableUser;
             }
             if (reqBody.phoneNumber && reqBody.phoneNumber !== user.phoneNumber) {
-                errors_1.assert(utils_1.isValidPhoneNumber(reqBody.phoneNumber), "INVALID_PHONE_NUMBER : Invalid format.");
-                errors_1.assert(!state.getUserByPhoneNumber(reqBody.phoneNumber), "PHONE_NUMBER_EXISTS");
+                (0, errors_1.assert)((0, utils_1.isValidPhoneNumber)(reqBody.phoneNumber), "INVALID_PHONE_NUMBER : Invalid format.");
+                (0, errors_1.assert)(!state.getUserByPhoneNumber(reqBody.phoneNumber), "PHONE_NUMBER_EXISTS");
                 updates.phoneNumber = reqBody.phoneNumber;
             }
             fieldsToCopy.push("emailVerified", "customAttributes", "createdAt", "lastLoginAt", "validSince");
         }
         for (const field of fieldsToCopy) {
             if (reqBody[field] != null) {
-                utils_1.mirrorFieldTo(updates, field, reqBody);
+                (0, utils_1.mirrorFieldTo)(updates, field, reqBody);
             }
         }
         for (const attr of reqBody.deleteAttribute) {
@@ -909,8 +909,8 @@ function logOobMessage(oobRecord) {
 }
 function signInWithCustomToken(state, reqBody) {
     var _a;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
-    errors_1.assert(reqBody.token, "MISSING_CUSTOM_TOKEN");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(reqBody.token, "MISSING_CUSTOM_TOKEN");
     let payload;
     if (reqBody.token.startsWith("{")) {
         try {
@@ -921,20 +921,20 @@ function signInWithCustomToken(state, reqBody) {
         }
     }
     else {
-        const decoded = jsonwebtoken_1.decode(reqBody.token, { complete: true });
+        const decoded = (0, jsonwebtoken_1.decode)(reqBody.token, { complete: true });
         if (state instanceof state_1.TenantProjectState) {
-            errors_1.assert((decoded === null || decoded === void 0 ? void 0 : decoded.payload.tenant_id) === state.tenantId, "TENANT_ID_MISMATCH");
+            (0, errors_1.assert)((decoded === null || decoded === void 0 ? void 0 : decoded.payload.tenant_id) === state.tenantId, "TENANT_ID_MISMATCH");
         }
-        errors_1.assert(decoded, "INVALID_CUSTOM_TOKEN : Invalid assertion format");
+        (0, errors_1.assert)(decoded, "INVALID_CUSTOM_TOKEN : Invalid assertion format");
         if (decoded.header.alg !== "none") {
             emulatorLogger_1.EmulatorLogger.forEmulator(types_1.Emulators.AUTH).log("WARN", "Received a signed custom token. Auth Emulator does not validate JWTs and IS NOT SECURE");
         }
-        errors_1.assert(decoded.payload.aud === exports.CUSTOM_TOKEN_AUDIENCE, `INVALID_CUSTOM_TOKEN : ((Invalid aud (audience): ${decoded.payload.aud} ` +
+        (0, errors_1.assert)(decoded.payload.aud === exports.CUSTOM_TOKEN_AUDIENCE, `INVALID_CUSTOM_TOKEN : ((Invalid aud (audience): ${decoded.payload.aud} ` +
             "Note: Firebase ID Tokens / third-party tokens cannot be used with signInWithCustomToken.))");
         payload = decoded.payload;
     }
     const localId = (_a = coercePrimitiveToString(payload.uid)) !== null && _a !== void 0 ? _a : coercePrimitiveToString(payload.user_id);
-    errors_1.assert(localId, "MISSING_IDENTIFIER");
+    (0, errors_1.assert)(localId, "MISSING_IDENTIFIER");
     let extraClaims = {};
     if ("claims" in payload) {
         validateCustomClaims(payload.claims);
@@ -948,7 +948,7 @@ function signInWithCustomToken(state, reqBody) {
         tenantId: state instanceof state_1.TenantProjectState ? state.tenantId : undefined,
     };
     if (user) {
-        errors_1.assert(!user.disabled, "USER_DISABLED");
+        (0, errors_1.assert)(!user.disabled, "USER_DISABLED");
         user = state.updateUserByLocalId(localId, updates);
     }
     else {
@@ -961,16 +961,16 @@ function signInWithCustomToken(state, reqBody) {
 }
 function signInWithEmailLink(state, reqBody) {
     var _a;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
-    errors_1.assert(state.enableEmailLinkSignin, "OPERATION_NOT_ALLOWED");
-    errors_1.assert(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(state.enableEmailLinkSignin, "OPERATION_NOT_ALLOWED");
+    (0, errors_1.assert)(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
     const userFromIdToken = reqBody.idToken ? parseIdToken(state, reqBody.idToken).user : undefined;
-    errors_1.assert(reqBody.email, "MISSING_EMAIL");
-    const email = utils_1.canonicalizeEmailAddress(reqBody.email);
-    errors_1.assert(reqBody.oobCode, "MISSING_OOB_CODE");
+    (0, errors_1.assert)(reqBody.email, "MISSING_EMAIL");
+    const email = (0, utils_1.canonicalizeEmailAddress)(reqBody.email);
+    (0, errors_1.assert)(reqBody.oobCode, "MISSING_OOB_CODE");
     const oob = state.validateOobCode(reqBody.oobCode);
-    errors_1.assert(oob && oob.requestType === "EMAIL_SIGNIN", "INVALID_OOB_CODE");
-    errors_1.assert(email === oob.email, "INVALID_EMAIL : The email provided does not match the sign-in email address.");
+    (0, errors_1.assert)(oob && oob.requestType === "EMAIL_SIGNIN", "INVALID_OOB_CODE");
+    (0, errors_1.assert)(email === oob.email, "INVALID_EMAIL : The email provided does not match the sign-in email address.");
     state.deleteOobCode(reqBody.oobCode);
     const updates = {
         email,
@@ -991,8 +991,8 @@ function signInWithEmailLink(state, reqBody) {
         }
     }
     else {
-        errors_1.assert(!user.disabled, "USER_DISABLED");
-        errors_1.assert(!userFromIdToken || userFromIdToken.localId === user.localId, "EMAIL_EXISTS");
+        (0, errors_1.assert)(!user.disabled, "USER_DISABLED");
+        (0, errors_1.assert)(!userFromIdToken || userFromIdToken.localId === user.localId, "EMAIL_EXISTS");
         user = state.updateUserByLocalId(user.localId, updates);
     }
     const response = {
@@ -1001,7 +1001,8 @@ function signInWithEmailLink(state, reqBody) {
         localId: user.localId,
         isNewUser,
     };
-    if ((state.mfaConfig.state === "ENABLED" || state.mfaConfig.state === "MANDATORY") && ((_a = user.mfaInfo) === null || _a === void 0 ? void 0 : _a.length)) {
+    if ((state.mfaConfig.state === "ENABLED" || state.mfaConfig.state === "MANDATORY") &&
+        ((_a = user.mfaInfo) === null || _a === void 0 ? void 0 : _a.length)) {
         return Object.assign(Object.assign({}, response), mfaPending(state, user, state_1.PROVIDER_PASSWORD));
     }
     else {
@@ -1011,8 +1012,8 @@ function signInWithEmailLink(state, reqBody) {
 }
 function signInWithIdp(state, reqBody) {
     var _a, _b, _c;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
-    errors_1.assert(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
     if (reqBody.returnRefreshToken) {
         throw new errors_1.NotImplementedError("returnRefreshToken is not implemented yet.");
     }
@@ -1021,7 +1022,7 @@ function signInWithIdp(state, reqBody) {
     }
     const normalizedUri = getNormalizedUri(reqBody);
     const providerId = (_a = normalizedUri.searchParams.get("providerId")) === null || _a === void 0 ? void 0 : _a.toLowerCase();
-    errors_1.assert(providerId, `INVALID_CREDENTIAL_OR_PROVIDER_ID : Invalid IdP response/credential: ${normalizedUri.toString()}`);
+    (0, errors_1.assert)(providerId, `INVALID_CREDENTIAL_OR_PROVIDER_ID : Invalid IdP response/credential: ${normalizedUri.toString()}`);
     const oauthIdToken = normalizedUri.searchParams.get("id_token") || undefined;
     const oauthAccessToken = normalizedUri.searchParams.get("access_token") || undefined;
     const claims = parseClaims(oauthIdToken) || parseClaims(oauthAccessToken);
@@ -1046,9 +1047,9 @@ function signInWithIdp(state, reqBody) {
     if (normalizedUri.searchParams.get("SAMLResponse")) {
         samlResponse = JSON.parse(normalizedUri.searchParams.get("SAMLResponse"));
         signInAttributes = (_b = samlResponse.assertion) === null || _b === void 0 ? void 0 : _b.attributeStatements;
-        errors_1.assert(samlResponse.assertion, "INVALID_IDP_RESPONSE ((Missing assertion in SAMLResponse.))");
-        errors_1.assert(samlResponse.assertion.subject, "INVALID_IDP_RESPONSE ((Missing assertion.subject in SAMLResponse.))");
-        errors_1.assert(samlResponse.assertion.subject.nameId, "INVALID_IDP_RESPONSE ((Missing assertion.subject.nameId in SAMLResponse.))");
+        (0, errors_1.assert)(samlResponse.assertion, "INVALID_IDP_RESPONSE ((Missing assertion in SAMLResponse.))");
+        (0, errors_1.assert)(samlResponse.assertion.subject, "INVALID_IDP_RESPONSE ((Missing assertion.subject in SAMLResponse.))");
+        (0, errors_1.assert)(samlResponse.assertion.subject.nameId, "INVALID_IDP_RESPONSE ((Missing assertion.subject.nameId in SAMLResponse.))");
     }
     let { response, rawId } = fakeFetchUserInfoFromIdp(providerId, claims, samlResponse);
     response.oauthAccessToken =
@@ -1059,7 +1060,7 @@ function signInWithIdp(state, reqBody) {
     let accountUpdates;
     try {
         if (userFromIdToken) {
-            errors_1.assert(!userMatchingProvider, "FEDERATED_USER_ID_ALREADY_LINKED");
+            (0, errors_1.assert)(!userMatchingProvider, "FEDERATED_USER_ID_ALREADY_LINKED");
             ({ accountUpdates, response } = handleLinkIdp(state, response, userFromIdToken));
         }
         else if (state.oneAccountPerEmail) {
@@ -1110,7 +1111,8 @@ function signInWithIdp(state, reqBody) {
     if (state instanceof state_1.TenantProjectState) {
         response.tenantId = state.tenantId;
     }
-    if ((state.mfaConfig.state === "ENABLED" || state.mfaConfig.state === "MANDATORY") && ((_c = user.mfaInfo) === null || _c === void 0 ? void 0 : _c.length)) {
+    if ((state.mfaConfig.state === "ENABLED" || state.mfaConfig.state === "MANDATORY") &&
+        ((_c = user.mfaInfo) === null || _c === void 0 ? void 0 : _c.length)) {
         return Object.assign(Object.assign({}, response), mfaPending(state, user, providerId));
     }
     else {
@@ -1120,30 +1122,31 @@ function signInWithIdp(state, reqBody) {
 }
 function signInWithPassword(state, reqBody) {
     var _a;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
-    errors_1.assert(state.allowPasswordSignup, "PASSWORD_LOGIN_DISABLED");
-    errors_1.assert(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
-    errors_1.assert(reqBody.email, "MISSING_EMAIL");
-    errors_1.assert(reqBody.password, "MISSING_PASSWORD");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(state.allowPasswordSignup, "PASSWORD_LOGIN_DISABLED");
+    (0, errors_1.assert)(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
+    (0, errors_1.assert)(reqBody.email, "MISSING_EMAIL");
+    (0, errors_1.assert)(reqBody.password, "MISSING_PASSWORD");
     if (reqBody.captchaResponse || reqBody.captchaChallenge) {
         throw new errors_1.NotImplementedError("captcha unimplemented");
     }
     if (reqBody.idToken || reqBody.pendingIdToken) {
         throw new errors_1.NotImplementedError("idToken / pendingIdToken is no longer in use and unsupported by the Auth Emulator.");
     }
-    const email = utils_1.canonicalizeEmailAddress(reqBody.email);
+    const email = (0, utils_1.canonicalizeEmailAddress)(reqBody.email);
     let user = state.getUserByEmail(email);
-    errors_1.assert(user, "EMAIL_NOT_FOUND");
-    errors_1.assert(!user.disabled, "USER_DISABLED");
-    errors_1.assert(user.passwordHash && user.salt, "INVALID_PASSWORD");
-    errors_1.assert(user.passwordHash === hashPassword(reqBody.password, user.salt), "INVALID_PASSWORD");
+    (0, errors_1.assert)(user, "EMAIL_NOT_FOUND");
+    (0, errors_1.assert)(!user.disabled, "USER_DISABLED");
+    (0, errors_1.assert)(user.passwordHash && user.salt, "INVALID_PASSWORD");
+    (0, errors_1.assert)(user.passwordHash === hashPassword(reqBody.password, user.salt), "INVALID_PASSWORD");
     const response = {
         kind: "identitytoolkit#VerifyPasswordResponse",
         registered: true,
         localId: user.localId,
         email,
     };
-    if ((state.mfaConfig.state === "ENABLED" || state.mfaConfig.state === "MANDATORY") && ((_a = user.mfaInfo) === null || _a === void 0 ? void 0 : _a.length)) {
+    if ((state.mfaConfig.state === "ENABLED" || state.mfaConfig.state === "MANDATORY") &&
+        ((_a = user.mfaInfo) === null || _a === void 0 ? void 0 : _a.length)) {
         return Object.assign(Object.assign({}, response), mfaPending(state, user, state_1.PROVIDER_PASSWORD));
     }
     else {
@@ -1153,19 +1156,19 @@ function signInWithPassword(state, reqBody) {
 }
 function signInWithPhoneNumber(state, reqBody) {
     var _a;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
-    errors_1.assert(state instanceof state_1.AgentProjectState, "UNSUPPORTED_TENANT_OPERATION");
-    errors_1.assert(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(state instanceof state_1.AgentProjectState, "UNSUPPORTED_TENANT_OPERATION");
+    (0, errors_1.assert)(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
     let phoneNumber;
     if (reqBody.temporaryProof) {
-        errors_1.assert(reqBody.phoneNumber, "MISSING_PHONE_NUMBER");
+        (0, errors_1.assert)(reqBody.phoneNumber, "MISSING_PHONE_NUMBER");
         const proof = state.validateTemporaryProof(reqBody.temporaryProof, reqBody.phoneNumber);
-        errors_1.assert(proof, "INVALID_TEMPORARY_PROOF");
+        (0, errors_1.assert)(proof, "INVALID_TEMPORARY_PROOF");
         ({ phoneNumber } = proof);
     }
     else {
-        errors_1.assert(reqBody.sessionInfo, "MISSING_SESSION_INFO");
-        errors_1.assert(reqBody.code, "MISSING_CODE");
+        (0, errors_1.assert)(reqBody.sessionInfo, "MISSING_SESSION_INFO");
+        (0, errors_1.assert)(reqBody.code, "MISSING_CODE");
         phoneNumber = verifyPhoneNumber(state, reqBody.sessionInfo, reqBody.code);
     }
     let user = state.getUserByPhoneNumber(phoneNumber);
@@ -1177,7 +1180,7 @@ function signInWithPhoneNumber(state, reqBody) {
     const userFromIdToken = reqBody.idToken ? parseIdToken(state, reqBody.idToken).user : undefined;
     if (!user) {
         if (userFromIdToken) {
-            errors_1.assert(!((_a = userFromIdToken.mfaInfo) === null || _a === void 0 ? void 0 : _a.length), "UNSUPPORTED_FIRST_FACTOR : A phone number cannot be set as a first factor on an SMS based MFA user.");
+            (0, errors_1.assert)(!((_a = userFromIdToken.mfaInfo) === null || _a === void 0 ? void 0 : _a.length), "UNSUPPORTED_FIRST_FACTOR : A phone number cannot be set as a first factor on an SMS based MFA user.");
             user = state.updateUserByLocalId(userFromIdToken.localId, updates);
         }
         else {
@@ -1186,7 +1189,7 @@ function signInWithPhoneNumber(state, reqBody) {
         }
     }
     else {
-        errors_1.assert(!user.disabled, "USER_DISABLED");
+        (0, errors_1.assert)(!user.disabled, "USER_DISABLED");
         if (userFromIdToken && userFromIdToken.localId !== user.localId) {
             if (!reqBody.temporaryProof) {
                 return Object.assign({}, state.createTemporaryProof(phoneNumber));
@@ -1200,13 +1203,13 @@ function signInWithPhoneNumber(state, reqBody) {
         phoneNumber, localId: user.localId }, tokens);
 }
 function grantToken(state, reqBody) {
-    errors_1.assert(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
-    errors_1.assert(reqBody.grantType, "MISSING_GRANT_TYPE");
-    errors_1.assert(reqBody.grantType === "refresh_token", "INVALID_GRANT_TYPE");
-    errors_1.assert(reqBody.refreshToken, "MISSING_REFRESH_TOKEN");
+    (0, errors_1.assert)(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
+    (0, errors_1.assert)(reqBody.grantType, "MISSING_GRANT_TYPE");
+    (0, errors_1.assert)(reqBody.grantType === "refresh_token", "INVALID_GRANT_TYPE");
+    (0, errors_1.assert)(reqBody.refreshToken, "MISSING_REFRESH_TOKEN");
     const refreshTokenRecord = state.validateRefreshToken(reqBody.refreshToken);
-    errors_1.assert(refreshTokenRecord, "INVALID_REFRESH_TOKEN");
-    errors_1.assert(!refreshTokenRecord.user.disabled, "USER_DISABLED");
+    (0, errors_1.assert)(refreshTokenRecord, "INVALID_REFRESH_TOKEN");
+    (0, errors_1.assert)(!refreshTokenRecord.user.disabled, "USER_DISABLED");
     const tokens = issueTokens(state, refreshTokenRecord.user, refreshTokenRecord.provider, {
         extraClaims: refreshTokenRecord.extraClaims,
         secondFactor: refreshTokenRecord.secondFactor,
@@ -1237,15 +1240,15 @@ function updateEmulatorProjectConfig(state, reqBody) {
     var _a;
     const allowDuplicateEmails = (_a = reqBody.signIn) === null || _a === void 0 ? void 0 : _a.allowDuplicateEmails;
     if (allowDuplicateEmails != null) {
-        errors_1.assert(state instanceof state_1.AgentProjectState, "((Only top level projects can set oneAccountPerEmail.))");
+        (0, errors_1.assert)(state instanceof state_1.AgentProjectState, "((Only top level projects can set oneAccountPerEmail.))");
         state.oneAccountPerEmail = !allowDuplicateEmails;
     }
     const usageMode = reqBody.usageMode;
     if (usageMode != null) {
-        errors_1.assert(state instanceof state_1.AgentProjectState, "((Only top level projects can set usageMode.))");
+        (0, errors_1.assert)(state instanceof state_1.AgentProjectState, "((Only top level projects can set usageMode.))");
         switch (usageMode) {
             case "PASSTHROUGH":
-                errors_1.assert(state.getUserCount() === 0, "Users are present, unable to set passthrough mode");
+                (0, errors_1.assert)(state.getUserCount() === 0, "Users are present, unable to set passthrough mode");
                 state.usageMode = state_1.UsageMode.PASSTHROUGH;
                 break;
             case "DEFAULT":
@@ -1269,16 +1272,17 @@ function listVerificationCodesInProject(state) {
 }
 function mfaEnrollmentStart(state, reqBody) {
     var _a, _b;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
-    errors_1.assert((state.mfaConfig.state === "ENABLED" || state.mfaConfig.state === "MANDATORY") && ((_a = state.mfaConfig.enabledProviders) === null || _a === void 0 ? void 0 : _a.includes("PHONE_SMS")), "OPERATION_NOT_ALLOWED : SMS based MFA not enabled.");
-    errors_1.assert(reqBody.idToken, "MISSING_ID_TOKEN");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)((state.mfaConfig.state === "ENABLED" || state.mfaConfig.state === "MANDATORY") &&
+        ((_a = state.mfaConfig.enabledProviders) === null || _a === void 0 ? void 0 : _a.includes("PHONE_SMS")), "OPERATION_NOT_ALLOWED : SMS based MFA not enabled.");
+    (0, errors_1.assert)(reqBody.idToken, "MISSING_ID_TOKEN");
     const { user, signInProvider } = parseIdToken(state, reqBody.idToken);
-    errors_1.assert(!MFA_INELIGIBLE_PROVIDER.has(signInProvider), "UNSUPPORTED_FIRST_FACTOR : MFA is not available for the given first factor.");
-    errors_1.assert(user.emailVerified, "UNVERIFIED_EMAIL : Need to verify email first before enrolling second factors.");
-    errors_1.assert(reqBody.phoneEnrollmentInfo, "INVALID_ARGUMENT : ((Missing phoneEnrollmentInfo.))");
+    (0, errors_1.assert)(!MFA_INELIGIBLE_PROVIDER.has(signInProvider), "UNSUPPORTED_FIRST_FACTOR : MFA is not available for the given first factor.");
+    (0, errors_1.assert)(user.emailVerified, "UNVERIFIED_EMAIL : Need to verify email first before enrolling second factors.");
+    (0, errors_1.assert)(reqBody.phoneEnrollmentInfo, "INVALID_ARGUMENT : ((Missing phoneEnrollmentInfo.))");
     const phoneNumber = reqBody.phoneEnrollmentInfo.phoneNumber;
-    errors_1.assert(phoneNumber && utils_1.isValidPhoneNumber(phoneNumber), "INVALID_PHONE_NUMBER : Invalid format.");
-    errors_1.assert(!((_b = user.mfaInfo) === null || _b === void 0 ? void 0 : _b.some((enrollment) => enrollment.unobfuscatedPhoneInfo === phoneNumber)), "SECOND_FACTOR_EXISTS : Phone number already enrolled as second factor for this account.");
+    (0, errors_1.assert)(phoneNumber && (0, utils_1.isValidPhoneNumber)(phoneNumber), "INVALID_PHONE_NUMBER : Invalid format.");
+    (0, errors_1.assert)(!((_b = user.mfaInfo) === null || _b === void 0 ? void 0 : _b.some((enrollment) => enrollment.unobfuscatedPhoneInfo === phoneNumber)), "SECOND_FACTOR_EXISTS : Phone number already enrolled as second factor for this account.");
     const { sessionInfo, code } = state.createVerificationCode(phoneNumber);
     emulatorLogger_1.EmulatorLogger.forEmulator(types_1.Emulators.AUTH).log("BULLET", `To enroll MFA with ${phoneNumber}, use the code ${code}.`);
     return {
@@ -1289,20 +1293,21 @@ function mfaEnrollmentStart(state, reqBody) {
 }
 function mfaEnrollmentFinalize(state, reqBody) {
     var _a, _b;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
-    errors_1.assert((state.mfaConfig.state === "ENABLED" || state.mfaConfig.state === "MANDATORY") && ((_a = state.mfaConfig.enabledProviders) === null || _a === void 0 ? void 0 : _a.includes("PHONE_SMS")), "OPERATION_NOT_ALLOWED : SMS based MFA not enabled.");
-    errors_1.assert(reqBody.idToken, "MISSING_ID_TOKEN");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)((state.mfaConfig.state === "ENABLED" || state.mfaConfig.state === "MANDATORY") &&
+        ((_a = state.mfaConfig.enabledProviders) === null || _a === void 0 ? void 0 : _a.includes("PHONE_SMS")), "OPERATION_NOT_ALLOWED : SMS based MFA not enabled.");
+    (0, errors_1.assert)(reqBody.idToken, "MISSING_ID_TOKEN");
     let { user, signInProvider } = parseIdToken(state, reqBody.idToken);
-    errors_1.assert(!MFA_INELIGIBLE_PROVIDER.has(signInProvider), "UNSUPPORTED_FIRST_FACTOR : MFA is not available for the given first factor.");
-    errors_1.assert(reqBody.phoneVerificationInfo, "INVALID_ARGUMENT : ((Missing phoneVerificationInfo.))");
+    (0, errors_1.assert)(!MFA_INELIGIBLE_PROVIDER.has(signInProvider), "UNSUPPORTED_FIRST_FACTOR : MFA is not available for the given first factor.");
+    (0, errors_1.assert)(reqBody.phoneVerificationInfo, "INVALID_ARGUMENT : ((Missing phoneVerificationInfo.))");
     if (reqBody.phoneVerificationInfo.androidVerificationProof) {
         throw new errors_1.NotImplementedError("androidVerificationProof is unsupported!");
     }
     const { code, sessionInfo } = reqBody.phoneVerificationInfo;
-    errors_1.assert(code, "MISSING_CODE");
-    errors_1.assert(sessionInfo, "MISSING_SESSION_INFO");
+    (0, errors_1.assert)(code, "MISSING_CODE");
+    (0, errors_1.assert)(sessionInfo, "MISSING_SESSION_INFO");
     const phoneNumber = verifyPhoneNumber(state, sessionInfo, code);
-    errors_1.assert(!((_b = user.mfaInfo) === null || _b === void 0 ? void 0 : _b.some((enrollment) => enrollment.unobfuscatedPhoneInfo === phoneNumber)), "SECOND_FACTOR_EXISTS : Phone number already enrolled as second factor for this account.");
+    (0, errors_1.assert)(!((_b = user.mfaInfo) === null || _b === void 0 ? void 0 : _b.some((enrollment) => enrollment.unobfuscatedPhoneInfo === phoneNumber)), "SECOND_FACTOR_EXISTS : Phone number already enrolled as second factor for this account.");
     const existingFactors = user.mfaInfo || [];
     const existingIds = new Set();
     for (const { mfaEnrollmentId } of existingFactors) {
@@ -1329,26 +1334,27 @@ function mfaEnrollmentFinalize(state, reqBody) {
     };
 }
 function mfaEnrollmentWithdraw(state, reqBody) {
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
-    errors_1.assert(reqBody.idToken, "MISSING_ID_TOKEN");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)(reqBody.idToken, "MISSING_ID_TOKEN");
     let { user, signInProvider } = parseIdToken(state, reqBody.idToken);
-    errors_1.assert(user.mfaInfo, "MFA_ENROLLMENT_NOT_FOUND");
+    (0, errors_1.assert)(user.mfaInfo, "MFA_ENROLLMENT_NOT_FOUND");
     const updatedList = user.mfaInfo.filter((enrollment) => enrollment.mfaEnrollmentId !== reqBody.mfaEnrollmentId);
-    errors_1.assert(updatedList.length < user.mfaInfo.length, "MFA_ENROLLMENT_NOT_FOUND");
+    (0, errors_1.assert)(updatedList.length < user.mfaInfo.length, "MFA_ENROLLMENT_NOT_FOUND");
     user = state.updateUserByLocalId(user.localId, { mfaInfo: updatedList });
     return Object.assign({}, issueTokens(state, user, signInProvider));
 }
 function mfaSignInStart(state, reqBody) {
     var _a, _b;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
-    errors_1.assert((state.mfaConfig.state === "ENABLED" || state.mfaConfig.state === "MANDATORY") && ((_a = state.mfaConfig.enabledProviders) === null || _a === void 0 ? void 0 : _a.includes("PHONE_SMS")), "OPERATION_NOT_ALLOWED : SMS based MFA not enabled.");
-    errors_1.assert(reqBody.mfaPendingCredential, "MISSING_MFA_PENDING_CREDENTIAL : Request does not have MFA pending credential.");
-    errors_1.assert(reqBody.mfaEnrollmentId, "MISSING_MFA_ENROLLMENT_ID : No second factor identifier is provided.");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)((state.mfaConfig.state === "ENABLED" || state.mfaConfig.state === "MANDATORY") &&
+        ((_a = state.mfaConfig.enabledProviders) === null || _a === void 0 ? void 0 : _a.includes("PHONE_SMS")), "OPERATION_NOT_ALLOWED : SMS based MFA not enabled.");
+    (0, errors_1.assert)(reqBody.mfaPendingCredential, "MISSING_MFA_PENDING_CREDENTIAL : Request does not have MFA pending credential.");
+    (0, errors_1.assert)(reqBody.mfaEnrollmentId, "MISSING_MFA_ENROLLMENT_ID : No second factor identifier is provided.");
     const { user } = parsePendingCredential(state, reqBody.mfaPendingCredential);
     const enrollment = (_b = user.mfaInfo) === null || _b === void 0 ? void 0 : _b.find((factor) => factor.mfaEnrollmentId === reqBody.mfaEnrollmentId);
-    errors_1.assert(enrollment, "MFA_ENROLLMENT_NOT_FOUND");
+    (0, errors_1.assert)(enrollment, "MFA_ENROLLMENT_NOT_FOUND");
     const phoneNumber = enrollment.unobfuscatedPhoneInfo;
-    errors_1.assert(phoneNumber, "INVALID_ARGUMENT : MFA provider not supported!");
+    (0, errors_1.assert)(phoneNumber, "INVALID_ARGUMENT : MFA provider not supported!");
     const { sessionInfo, code } = state.createVerificationCode(phoneNumber);
     emulatorLogger_1.EmulatorLogger.forEmulator(types_1.Emulators.AUTH).log("BULLET", `To sign in with MFA using ${phoneNumber}, use the code ${code}.`);
     return {
@@ -1359,22 +1365,23 @@ function mfaSignInStart(state, reqBody) {
 }
 function mfaSignInFinalize(state, reqBody) {
     var _a, _b;
-    errors_1.assert(!state.disableAuth, "PROJECT_DISABLED");
-    errors_1.assert((state.mfaConfig.state === "ENABLED" || state.mfaConfig.state === "MANDATORY") && ((_a = state.mfaConfig.enabledProviders) === null || _a === void 0 ? void 0 : _a.includes("PHONE_SMS")), "OPERATION_NOT_ALLOWED : SMS based MFA not enabled.");
-    errors_1.assert(reqBody.mfaPendingCredential, "MISSING_CREDENTIAL : Please set MFA Pending Credential.");
-    errors_1.assert(reqBody.phoneVerificationInfo, "INVALID_ARGUMENT : MFA provider not supported!");
+    (0, errors_1.assert)(!state.disableAuth, "PROJECT_DISABLED");
+    (0, errors_1.assert)((state.mfaConfig.state === "ENABLED" || state.mfaConfig.state === "MANDATORY") &&
+        ((_a = state.mfaConfig.enabledProviders) === null || _a === void 0 ? void 0 : _a.includes("PHONE_SMS")), "OPERATION_NOT_ALLOWED : SMS based MFA not enabled.");
+    (0, errors_1.assert)(reqBody.mfaPendingCredential, "MISSING_CREDENTIAL : Please set MFA Pending Credential.");
+    (0, errors_1.assert)(reqBody.phoneVerificationInfo, "INVALID_ARGUMENT : MFA provider not supported!");
     if (reqBody.phoneVerificationInfo.androidVerificationProof) {
         throw new errors_1.NotImplementedError("androidVerificationProof is unsupported!");
     }
     const { code, sessionInfo } = reqBody.phoneVerificationInfo;
-    errors_1.assert(code, "MISSING_CODE");
-    errors_1.assert(sessionInfo, "MISSING_SESSION_INFO");
+    (0, errors_1.assert)(code, "MISSING_CODE");
+    (0, errors_1.assert)(sessionInfo, "MISSING_SESSION_INFO");
     const phoneNumber = verifyPhoneNumber(state, sessionInfo, code);
     let { user, signInProvider } = parsePendingCredential(state, reqBody.mfaPendingCredential);
     const enrollment = (_b = user.mfaInfo) === null || _b === void 0 ? void 0 : _b.find((enrollment) => enrollment.unobfuscatedPhoneInfo == phoneNumber);
-    errors_1.assert(enrollment && enrollment.mfaEnrollmentId, "MFA_ENROLLMENT_NOT_FOUND");
+    (0, errors_1.assert)(enrollment && enrollment.mfaEnrollmentId, "MFA_ENROLLMENT_NOT_FOUND");
     user = state.updateUserByLocalId(user.localId, { lastLoginAt: Date.now().toString() });
-    errors_1.assert(!user.disabled, "USER_DISABLED");
+    (0, errors_1.assert)(!user.disabled, "USER_DISABLED");
     const { idToken, refreshToken } = issueTokens(state, user, signInProvider, {
         secondFactor: { identifier: enrollment.mfaEnrollmentId, provider: state_1.PROVIDER_PHONE },
     });
@@ -1428,20 +1435,20 @@ function issueTokens(state, user, signInProvider, { extraClaims, secondFactor, s
     };
 }
 function parseIdToken(state, idToken) {
-    errors_1.assert(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
-    const decoded = jsonwebtoken_1.decode(idToken, { complete: true });
-    errors_1.assert(decoded, "INVALID_ID_TOKEN");
+    (0, errors_1.assert)(state.usageMode !== state_1.UsageMode.PASSTHROUGH, "UNSUPPORTED_PASSTHROUGH_OPERATION");
+    const decoded = (0, jsonwebtoken_1.decode)(idToken, { complete: true });
+    (0, errors_1.assert)(decoded, "INVALID_ID_TOKEN");
     if (decoded.header.alg !== "none") {
         emulatorLogger_1.EmulatorLogger.forEmulator(types_1.Emulators.AUTH).log("WARN", "Received a signed JWT. Auth Emulator does not validate JWTs and IS NOT SECURE");
     }
     if (decoded.payload.firebase.tenant) {
-        errors_1.assert(state instanceof state_1.TenantProjectState, "((Parsed token that belongs to tenant in a non-tenant project.))");
-        errors_1.assert(decoded.payload.firebase.tenant === state.tenantId, "TENANT_ID_MISMATCH");
+        (0, errors_1.assert)(state instanceof state_1.TenantProjectState, "((Parsed token that belongs to tenant in a non-tenant project.))");
+        (0, errors_1.assert)(decoded.payload.firebase.tenant === state.tenantId, "TENANT_ID_MISMATCH");
     }
     const user = state.getUserByLocalId(decoded.payload.user_id);
-    errors_1.assert(user, "USER_NOT_FOUND");
-    errors_1.assert(!user.validSince || decoded.payload.iat >= Number(user.validSince), "TOKEN_EXPIRED");
-    errors_1.assert(!user.disabled, "USER_DISABLED");
+    (0, errors_1.assert)(user, "USER_NOT_FOUND");
+    (0, errors_1.assert)(!user.validSince || decoded.payload.iat >= Number(user.validSince), "TOKEN_EXPIRED");
+    (0, errors_1.assert)(!user.disabled, "USER_DISABLED");
     const signInProvider = decoded.payload.firebase.sign_in_provider;
     return { user, signInProvider, payload: decoded.payload };
 }
@@ -1462,7 +1469,7 @@ function generateJwt(user, { projectId, signInProvider, expiresInSeconds, extraC
         }
     }
     const customAttributes = JSON.parse(user.customAttributes || "{}");
-    const customPayloadFields = Object.assign(Object.assign(Object.assign({ name: user.displayName, picture: user.photoUrl }, customAttributes), extraClaims), { email: user.email, email_verified: user.emailVerified, phone_number: user.phoneNumber, provider_id: signInProvider === "anonymous" ? signInProvider : undefined, auth_time: utils_1.toUnixTimestamp(getAuthTime(user)), user_id: user.localId, firebase: {
+    const customPayloadFields = Object.assign(Object.assign(Object.assign({ name: user.displayName, picture: user.photoUrl }, customAttributes), extraClaims), { email: user.email, email_verified: user.emailVerified, phone_number: user.phoneNumber, provider_id: signInProvider === "anonymous" ? signInProvider : undefined, auth_time: (0, utils_1.toUnixTimestamp)(getAuthTime(user)), user_id: user.localId, firebase: {
             identities,
             sign_in_provider: signInProvider,
             second_factor_identifier: secondFactor === null || secondFactor === void 0 ? void 0 : secondFactor.identifier,
@@ -1471,7 +1478,7 @@ function generateJwt(user, { projectId, signInProvider, expiresInSeconds, extraC
             tenant: tenantId,
             sign_in_attributes: signInAttributes,
         } });
-    const jwtStr = jsonwebtoken_1.sign(customPayloadFields, "", {
+    const jwtStr = (0, jsonwebtoken_1.sign)(customPayloadFields, "", {
         algorithm: "none",
         expiresIn: expiresInSeconds,
         subject: user.localId,
@@ -1502,14 +1509,14 @@ function getAuthTime(user) {
 }
 function verifyPhoneNumber(state, sessionInfo, code) {
     const verification = state.getVerificationCodeBySessionInfo(sessionInfo);
-    errors_1.assert(verification, "INVALID_SESSION_INFO");
-    errors_1.assert(verification.code === code, "INVALID_CODE");
+    (0, errors_1.assert)(verification, "INVALID_SESSION_INFO");
+    (0, errors_1.assert)(verification.code === code, "INVALID_CODE");
     state.deleteVerificationCodeBySessionInfo(sessionInfo);
     return verification.phoneNumber;
 }
 const CUSTOM_ATTRIBUTES_MAX_LENGTH = 1000;
 function validateSerializedCustomClaims(claims) {
-    errors_1.assert(claims.length <= CUSTOM_ATTRIBUTES_MAX_LENGTH, "CLAIMS_TOO_LARGE");
+    (0, errors_1.assert)(claims.length <= CUSTOM_ATTRIBUTES_MAX_LENGTH, "CLAIMS_TOO_LARGE");
     let parsed;
     try {
         parsed = JSON.parse(claims);
@@ -1538,14 +1545,14 @@ const FORBIDDEN_CUSTOM_CLAIMS = [
     "c_hash",
 ];
 function validateCustomClaims(claims) {
-    errors_1.assert(typeof claims === "object" && claims != null && !Array.isArray(claims), "INVALID_CLAIMS");
+    (0, errors_1.assert)(typeof claims === "object" && claims != null && !Array.isArray(claims), "INVALID_CLAIMS");
     for (const reservedField of FORBIDDEN_CUSTOM_CLAIMS) {
-        errors_1.assert(!(reservedField in claims), `FORBIDDEN_CLAIM : ${reservedField}`);
+        (0, errors_1.assert)(!(reservedField in claims), `FORBIDDEN_CLAIM : ${reservedField}`);
     }
 }
 function newRandomId(length, existingIds) {
     for (let i = 0; i < 10; i++) {
-        const id = utils_1.randomId(length);
+        const id = (0, utils_1.randomId)(length);
         if (!(existingIds === null || existingIds === void 0 ? void 0 : existingIds.has(id))) {
             return id;
         }
@@ -1557,12 +1564,13 @@ function getMfaEnrollmentsFromRequest(state, request, options) {
     const phoneNumbers = new Set();
     const enrollmentIds = new Set();
     for (const enrollment of request) {
-        errors_1.assert(enrollment.phoneInfo && utils_1.isValidPhoneNumber(enrollment.phoneInfo), "INVALID_MFA_PHONE_NUMBER : Invalid format.");
+        (0, errors_1.assert)(enrollment.phoneInfo && (0, utils_1.isValidPhoneNumber)(enrollment.phoneInfo), "INVALID_MFA_PHONE_NUMBER : Invalid format.");
         if (!phoneNumbers.has(enrollment.phoneInfo)) {
-            const mfaEnrollmentId = (options === null || options === void 0 ? void 0 : options.generateEnrollmentIds) ? newRandomId(28, enrollmentIds)
+            const mfaEnrollmentId = (options === null || options === void 0 ? void 0 : options.generateEnrollmentIds)
+                ? newRandomId(28, enrollmentIds)
                 : enrollment.mfaEnrollmentId;
-            errors_1.assert(mfaEnrollmentId, "INVALID_MFA_ENROLLMENT_ID : mfaEnrollmentId must be defined.");
-            errors_1.assert(!enrollmentIds.has(mfaEnrollmentId), "DUPLICATE_MFA_ENROLLMENT_ID");
+            (0, errors_1.assert)(mfaEnrollmentId, "INVALID_MFA_ENROLLMENT_ID : mfaEnrollmentId must be defined.");
+            (0, errors_1.assert)(!enrollmentIds.has(mfaEnrollmentId), "DUPLICATE_MFA_ENROLLMENT_ID");
             enrollments.push(Object.assign(Object.assign({}, enrollment), { mfaEnrollmentId, unobfuscatedPhoneInfo: enrollment.phoneInfo }));
             phoneNumbers.add(enrollment.phoneInfo);
             enrollmentIds.add(mfaEnrollmentId);
@@ -1571,9 +1579,9 @@ function getMfaEnrollmentsFromRequest(state, request, options) {
     return state.validateMfaEnrollments(enrollments);
 }
 function getNormalizedUri(reqBody) {
-    errors_1.assert(reqBody.requestUri, "MISSING_REQUEST_URI");
-    const normalizedUri = utils_1.parseAbsoluteUri(reqBody.requestUri);
-    errors_1.assert(normalizedUri, "INVALID_REQUEST_URI");
+    (0, errors_1.assert)(reqBody.requestUri, "MISSING_REQUEST_URI");
+    const normalizedUri = (0, utils_1.parseAbsoluteUri)(reqBody.requestUri);
+    (0, errors_1.assert)(normalizedUri, "INVALID_REQUEST_URI");
     if (reqBody.postBody) {
         const postBodyParams = new url_1.URLSearchParams(reqBody.postBody);
         for (const key of postBodyParams.keys()) {
@@ -1604,20 +1612,20 @@ function parseClaims(idTokenOrJsonClaims) {
         }
     }
     else {
-        const decoded = jsonwebtoken_1.decode(idTokenOrJsonClaims, { json: true });
+        const decoded = (0, jsonwebtoken_1.decode)(idTokenOrJsonClaims, { json: true });
         if (!decoded) {
             return undefined;
         }
         claims = decoded;
     }
-    errors_1.assert(claims.sub, 'INVALID_IDP_RESPONSE : Invalid Idp Response: id_token missing required fields. ((Missing "sub" field. This field is required and must be a unique identifier.))');
-    errors_1.assert(typeof claims.sub === "string", 'INVALID_IDP_RESPONSE : ((The "sub" field must be a string.))');
+    (0, errors_1.assert)(claims.sub, 'INVALID_IDP_RESPONSE : Invalid Idp Response: id_token missing required fields. ((Missing "sub" field. This field is required and must be a unique identifier.))');
+    (0, errors_1.assert)(typeof claims.sub === "string", 'INVALID_IDP_RESPONSE : ((The "sub" field must be a string.))');
     return claims;
 }
 function fakeFetchUserInfoFromIdp(providerId, claims, samlResponse) {
     var _a, _b, _c, _d, _e;
     const rawId = claims.sub;
-    const email = claims.email ? utils_1.canonicalizeEmailAddress(claims.email) : undefined;
+    const email = claims.email ? (0, utils_1.canonicalizeEmailAddress)(claims.email) : undefined;
     const emailVerified = !!claims.email_verified;
     const displayName = claims.name;
     const photoUrl = claims.picture;
@@ -1657,7 +1665,7 @@ function fakeFetchUserInfoFromIdp(providerId, claims, samlResponse) {
         }
         case (_a = providerId.match(/^saml\./)) === null || _a === void 0 ? void 0 : _a.input:
             const nameId = (_c = (_b = samlResponse === null || samlResponse === void 0 ? void 0 : samlResponse.assertion) === null || _b === void 0 ? void 0 : _b.subject) === null || _c === void 0 ? void 0 : _c.nameId;
-            response.email = nameId && utils_1.isValidEmailAddress(nameId) ? nameId : response.email;
+            response.email = nameId && (0, utils_1.isValidEmailAddress)(nameId) ? nameId : response.email;
             response.emailVerified = true;
             response.rawUserInfo = JSON.stringify((_d = samlResponse === null || samlResponse === void 0 ? void 0 : samlResponse.assertion) === null || _d === void 0 ? void 0 : _d.attributeStatements);
             break;
@@ -1672,7 +1680,7 @@ function fakeFetchUserInfoFromIdp(providerId, claims, samlResponse) {
 function handleLinkIdp(state, response, userFromIdToken) {
     if (state.oneAccountPerEmail && response.email) {
         const userMatchingEmail = state.getUserByEmail(response.email);
-        errors_1.assert(!userMatchingEmail || userMatchingEmail.localId === userFromIdToken.localId, "EMAIL_EXISTS");
+        (0, errors_1.assert)(!userMatchingEmail || userMatchingEmail.localId === userFromIdToken.localId, "EMAIL_EXISTS");
     }
     response.localId = userFromIdToken.localId;
     const fields = {};
@@ -1718,7 +1726,7 @@ function handleIdpSigninEmailRequired(response, rawId, userMatchingProvider, use
             if (!userMatchingEmail.emailVerified) {
                 accountUpdates.fields.passwordHash = undefined;
                 accountUpdates.fields.phoneNumber = undefined;
-                accountUpdates.fields.validSince = utils_1.toUnixTimestamp(new Date()).toString();
+                accountUpdates.fields.validSince = (0, utils_1.toUnixTimestamp)(new Date()).toString();
                 accountUpdates.deleteProviders = (_b = userMatchingEmail.providerUserInfo) === null || _b === void 0 ? void 0 : _b.map((info) => info.providerId);
             }
             accountUpdates.fields.dateOfBirth = response.dateOfBirth;
@@ -1805,16 +1813,16 @@ function parsePendingCredential(state, pendingCredential) {
         pendingCredentialPayload = JSON.parse(json);
     }
     catch (_a) {
-        errors_1.assert(false, "((Invalid phoneVerificationInfo.mfaPendingCredential.))");
+        (0, errors_1.assert)(false, "((Invalid phoneVerificationInfo.mfaPendingCredential.))");
     }
-    errors_1.assert(pendingCredentialPayload._AuthEmulatorMfaPendingCredential, "((Invalid phoneVerificationInfo.mfaPendingCredential.))");
-    errors_1.assert(pendingCredentialPayload.projectId === state.projectId, "INVALID_PROJECT_ID : Project ID does not match MFA pending credential.");
+    (0, errors_1.assert)(pendingCredentialPayload._AuthEmulatorMfaPendingCredential, "((Invalid phoneVerificationInfo.mfaPendingCredential.))");
+    (0, errors_1.assert)(pendingCredentialPayload.projectId === state.projectId, "INVALID_PROJECT_ID : Project ID does not match MFA pending credential.");
     if (state instanceof state_1.TenantProjectState) {
-        errors_1.assert(pendingCredentialPayload.tenantId === state.tenantId, "INVALID_PROJECT_ID : Project ID does not match MFA pending credential.");
+        (0, errors_1.assert)(pendingCredentialPayload.tenantId === state.tenantId, "INVALID_PROJECT_ID : Project ID does not match MFA pending credential.");
     }
     const { localId, signInProvider } = pendingCredentialPayload;
     const user = state.getUserByLocalId(localId);
-    errors_1.assert(user, "((User in pendingCredentialPayload does not exist.))");
+    (0, errors_1.assert)(user, "((User in pendingCredentialPayload does not exist.))");
     return { user, signInProvider };
 }
 function createTenant(state, reqBody) {
@@ -1841,7 +1849,7 @@ function createTenant(state, reqBody) {
     return state.createTenant(tenant);
 }
 function listTenants(state, reqBody, ctx) {
-    errors_1.assert(state instanceof state_1.AgentProjectState, "((Can only list tenants in agent project.))");
+    (0, errors_1.assert)(state instanceof state_1.AgentProjectState, "((Can only list tenants in agent project.))");
     const pageSize = Math.min(Math.floor(ctx.params.query.pageSize) || 20, 1000);
     const tenants = state.listTenants(ctx.params.query.pageToken);
     let nextPageToken = undefined;
@@ -1855,15 +1863,15 @@ function listTenants(state, reqBody, ctx) {
     };
 }
 function deleteTenant(state, reqBody, ctx) {
-    errors_1.assert(state instanceof state_1.TenantProjectState, "((Can only delete tenant on tenant projects.))");
+    (0, errors_1.assert)(state instanceof state_1.TenantProjectState, "((Can only delete tenant on tenant projects.))");
     state.delete();
     return {};
 }
 function getTenant(state, reqBody, ctx) {
-    errors_1.assert(state instanceof state_1.TenantProjectState, "((Can only get tenant on tenant projects.))");
+    (0, errors_1.assert)(state instanceof state_1.TenantProjectState, "((Can only get tenant on tenant projects.))");
     return state.tenantConfig;
 }
 function updateTenant(state, reqBody, ctx) {
-    errors_1.assert(state instanceof state_1.TenantProjectState, "((Can only update tenant on tenant projects.))");
+    (0, errors_1.assert)(state instanceof state_1.TenantProjectState, "((Can only update tenant on tenant projects.))");
     return state.updateTenant(reqBody, ctx.params.query.updateMask);
 }