firebase-tools 10.9.2 → 11.1.0

package/README.md

@@ -136,15 +136,21 @@ Detailed doc is [here](https://firebase.google.com/docs/cli/auth).
 
 ### Cloud Functions Commands
 
-| Command                    | Description                                                                                                  |
-| -------------------------- | ------------------------------------------------------------------------------------------------------------ |
-| **functions:log**          | Read logs from deployed Cloud Functions.                                                                     |
-| **functions:config:set**   | Store runtime configuration values for the current project's Cloud Functions.                                |
-| **functions:config:get**   | Retrieve existing configuration values for the current project's Cloud Functions.                            |
-| **functions:config:unset** | Remove values from the current project's runtime configuration.                                              |
-| **functions:config:clone** | Copy runtime configuration from one project environment to another.                                          |
-| **functions:delete**       | Delete one or more Cloud Functions by name or group name.                                                    |
-| **functions:shell**        | Locally emulate functions and start Node.js shell where these local functions can be invoked with test data. |
+| Command                       | Description                                                                                                  |
+| ----------------------------- | ------------------------------------------------------------------------------------------------------------ |
+| **functions:log**             | Read logs from deployed Cloud Functions.                                                                     |
+| **functions:list**            | List all deployed functions in your Firebase project.                                                        |
+| **functions:config:set**      | Store runtime configuration values for the current project's Cloud Functions.                                |
+| **functions:config:get**      | Retrieve existing configuration values for the current project's Cloud Functions.                            |
+| **functions:config:unset**    | Remove values from the current project's runtime configuration.                                              |
+| **functions:config:clone**    | Copy runtime configuration from one project environment to another.                                          |
+| **functions:secrets:set**     | Create or update a secret for use in Cloud Functions for Firebase.                                           |
+| **functions:secrets:get**     | Get metadata for secret and its versions.                                                                    |
+| **functions:secrets:access**  | Access secret value given secret and its version. Defaults to accessing the latest version.                  |
+| **functions:secrets:prune**   | Destroys unused secrets.                                                                                     |
+| **functions:secrets:destroy** | Destroy a secret. Defaults to destroying the latest version.                                                 |
+| **functions:delete**          | Delete one or more Cloud Functions by name or group name.                                                    |
+| **functions:shell**           | Locally emulate functions and start Node.js shell where these local functions can be invoked with test data. |
 
 ### Hosting Commands
 

package/lib/accountImporter.js

@@ -1,15 +1,17 @@
 "use strict";
-var clc = require("cli-color");
-var _ = require("lodash");
-const { Client } = require("./apiv2");
-const { googleOrigin } = require("./api");
-const { logger } = require("./logger");
-var { FirebaseError } = require("./error");
-var utils = require("./utils");
-const apiClient = new Client({
-    urlPrefix: googleOrigin,
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.serialImportUsers = exports.validateUserJson = exports.validateOptions = exports.transArrayToUser = void 0;
+const clc = require("cli-color");
+const _ = require("lodash");
+const apiv2_1 = require("./apiv2");
+const api_1 = require("./api");
+const logger_1 = require("./logger");
+const error_1 = require("./error");
+const utils = require("./utils");
+const apiClient = new apiv2_1.Client({
+    urlPrefix: api_1.googleOrigin,
 });
-var ALLOWED_JSON_KEYS = [
+const ALLOWED_JSON_KEYS = [
     "localId",
     "email",
     "emailVerified",
@@ -24,22 +26,22 @@ var ALLOWED_JSON_KEYS = [
     "disabled",
     "customAttributes",
 ];
-var ALLOWED_JSON_KEYS_RENAMING = {
+const ALLOWED_JSON_KEYS_RENAMING = {
     lastSignedInAt: "lastLoginAt",
 };
-var ALLOWED_PROVIDER_USER_INFO_KEYS = ["providerId", "rawId", "email", "displayName", "photoUrl"];
-var ALLOWED_PROVIDER_IDS = ["google.com", "facebook.com", "twitter.com", "github.com"];
-var _isValidBase64 = function (str) {
-    var expected = Buffer.from(str, "base64").toString("base64");
-    if (str.length < expected.length && str.slice(-1) !== "=") {
+const ALLOWED_PROVIDER_USER_INFO_KEYS = ["providerId", "rawId", "email", "displayName", "photoUrl"];
+const ALLOWED_PROVIDER_IDS = ["google.com", "facebook.com", "twitter.com", "github.com"];
+function isValidBase64(str) {
+    const expected = Buffer.from(str, "base64").toString("base64");
+    if (str.length < expected.length && !str.endsWith("=")) {
         str += "=".repeat(expected.length - str.length);
     }
     return expected === str;
-};
-var _toWebSafeBase64 = function (data) {
-    return data.toString("base64").replace(/\//g, "_").replace(/\+/g, "-");
-};
-var _addProviderUserInfo = function (user, providerId, arr) {
+}
+function toWebSafeBase64(data) {
+    return data.replace(/\//g, "_").replace(/\+/g, "-");
+}
+function addProviderUserInfo(user, providerId, arr) {
     if (arr[0]) {
         user.providerUserInfo.push({
             providerId: providerId,
@@ -49,17 +51,17 @@ var _addProviderUserInfo = function (user, providerId, arr) {
             photoUrl: arr[3],
         });
     }
-};
-var _genUploadAccountPostBody = function (projectId, accounts, hashOptions) {
-    var postBody = {
-        users: accounts.map(function (account) {
+}
+function genUploadAccountPostBody(projectId, accounts, hashOptions) {
+    const postBody = {
+        users: accounts.map((account) => {
             if (account.passwordHash) {
-                account.passwordHash = _toWebSafeBase64(account.passwordHash);
+                account.passwordHash = toWebSafeBase64(account.passwordHash);
             }
             if (account.salt) {
-                account.salt = _toWebSafeBase64(account.salt);
+                account.salt = toWebSafeBase64(account.salt);
             }
-            _.each(ALLOWED_JSON_KEYS_RENAMING, function (value, key) {
+            _.each(ALLOWED_JSON_KEYS_RENAMING, (value, key) => {
                 if (account[key]) {
                     account[value] = account[key];
                     delete account[key];
@@ -72,10 +74,10 @@ var _genUploadAccountPostBody = function (projectId, accounts, hashOptions) {
         postBody.hashAlgorithm = hashOptions.hashAlgo;
     }
     if (hashOptions.hashKey) {
-        postBody.signerKey = _toWebSafeBase64(hashOptions.hashKey);
+        postBody.signerKey = toWebSafeBase64(hashOptions.hashKey);
     }
     if (hashOptions.saltSeparator) {
-        postBody.saltSeparator = _toWebSafeBase64(hashOptions.saltSeparator);
+        postBody.saltSeparator = toWebSafeBase64(hashOptions.saltSeparator);
     }
     if (hashOptions.rounds) {
         postBody.rounds = hashOptions.rounds;
@@ -100,9 +102,9 @@ var _genUploadAccountPostBody = function (projectId, accounts, hashOptions) {
     }
     postBody.targetProjectId = projectId;
     return postBody;
-};
-var transArrayToUser = function (arr) {
-    var user = {
+}
+function transArrayToUser(arr) {
+    const user = {
         localId: arr[0],
         email: arr[1],
         emailVerified: arr[2] === "true",
@@ -117,45 +119,47 @@ var transArrayToUser = function (arr) {
         disabled: arr[26],
         customAttributes: arr[27],
     };
-    _addProviderUserInfo(user, "google.com", arr.slice(7, 11));
-    _addProviderUserInfo(user, "facebook.com", arr.slice(11, 15));
-    _addProviderUserInfo(user, "twitter.com", arr.slice(15, 19));
-    _addProviderUserInfo(user, "github.com", arr.slice(19, 23));
-    if (user.passwordHash && !_isValidBase64(user.passwordHash)) {
+    addProviderUserInfo(user, "google.com", arr.slice(7, 11));
+    addProviderUserInfo(user, "facebook.com", arr.slice(11, 15));
+    addProviderUserInfo(user, "twitter.com", arr.slice(15, 19));
+    addProviderUserInfo(user, "github.com", arr.slice(19, 23));
+    if (user.passwordHash && !isValidBase64(user.passwordHash)) {
         return {
             error: "Password hash should be base64 encoded.",
         };
     }
-    if (user.salt && !_isValidBase64(user.salt)) {
+    if (user.salt && !isValidBase64(user.salt)) {
         return {
             error: "Password salt should be base64 encoded.",
         };
     }
     return user;
-};
-var validateOptions = function (options) {
-    var hashOptions = _validateRequiredParameters(options);
+}
+exports.transArrayToUser = transArrayToUser;
+function validateOptions(options) {
+    const hashOptions = validateRequiredParameters(options);
     if (!hashOptions.valid) {
         return hashOptions;
     }
-    var hashInputOrder = options.hashInputOrder ? options.hashInputOrder.toUpperCase() : undefined;
+    const hashInputOrder = options.hashInputOrder ? options.hashInputOrder.toUpperCase() : undefined;
     if (hashInputOrder) {
-        if (hashInputOrder != "SALT_FIRST" && hashInputOrder != "PASSWORD_FIRST") {
-            throw new FirebaseError("Unknown password hash order flag", { exit: 1 });
+        if (hashInputOrder !== "SALT_FIRST" && hashInputOrder !== "PASSWORD_FIRST") {
+            throw new error_1.FirebaseError("Unknown password hash order flag");
         }
         else {
             hashOptions["passwordHashOrder"] =
-                hashInputOrder == "SALT_FIRST" ? "SALT_AND_PASSWORD" : "PASSWORD_AND_SALT";
+                hashInputOrder === "SALT_FIRST" ? "SALT_AND_PASSWORD" : "PASSWORD_AND_SALT";
         }
     }
     return hashOptions;
-};
-var _validateRequiredParameters = function (options) {
+}
+exports.validateOptions = validateOptions;
+function validateRequiredParameters(options) {
     if (!options.hashAlgo) {
         utils.logWarning("No hash algorithm specified. Password users cannot be imported.");
         return { valid: true };
     }
-    var hashAlgo = options.hashAlgo.toUpperCase();
+    const hashAlgo = options.hashAlgo.toUpperCase();
     let roundsNum;
     switch (hashAlgo) {
         case "HMAC_SHA512":
@@ -163,7 +167,7 @@ var _validateRequiredParameters = function (options) {
         case "HMAC_SHA1":
         case "HMAC_MD5":
             if (!options.hashKey || options.hashKey === "") {
-                throw new FirebaseError("Must provide hash key(base64 encoded) for hash algorithm " + options.hashAlgo, { exit: 1 });
+                throw new error_1.FirebaseError("Must provide hash key(base64 encoded) for hash algorithm " + options.hashAlgo);
             }
             return { hashAlgo: hashAlgo, hashKey: options.hashKey, valid: true };
         case "MD5":
@@ -171,31 +175,31 @@ var _validateRequiredParameters = function (options) {
         case "SHA256":
         case "SHA512":
             roundsNum = parseInt(options.rounds, 10);
-            var minRounds = hashAlgo === "MD5" ? 0 : 1;
+            const minRounds = hashAlgo === "MD5" ? 0 : 1;
             if (isNaN(roundsNum) || roundsNum < minRounds || roundsNum > 8192) {
-                throw new FirebaseError(`Must provide valid rounds(${minRounds}..8192) for hash algorithm ${options.hashAlgo}`, { exit: 1 });
+                throw new error_1.FirebaseError(`Must provide valid rounds(${minRounds}..8192) for hash algorithm ${options.hashAlgo}`);
             }
             return { hashAlgo: hashAlgo, rounds: options.rounds, valid: true };
         case "PBKDF_SHA1":
         case "PBKDF2_SHA256":
             roundsNum = parseInt(options.rounds, 10);
             if (isNaN(roundsNum) || roundsNum < 0 || roundsNum > 120000) {
-                throw new FirebaseError("Must provide valid rounds(0..120000) for hash algorithm " + options.hashAlgo, { exit: 1 });
+                throw new error_1.FirebaseError("Must provide valid rounds(0..120000) for hash algorithm " + options.hashAlgo);
             }
             return { hashAlgo: hashAlgo, rounds: options.rounds, valid: true };
         case "SCRYPT":
             if (!options.hashKey || options.hashKey === "") {
-                throw new FirebaseError("Must provide hash key(base64 encoded) for hash algorithm " + options.hashAlgo, { exit: 1 });
+                throw new error_1.FirebaseError("Must provide hash key(base64 encoded) for hash algorithm " + options.hashAlgo);
             }
             roundsNum = parseInt(options.rounds, 10);
             if (isNaN(roundsNum) || roundsNum <= 0 || roundsNum > 8) {
-                throw new FirebaseError("Must provide valid rounds(1..8) for hash algorithm " + options.hashAlgo, { exit: 1 });
+                throw new error_1.FirebaseError("Must provide valid rounds(1..8) for hash algorithm " + options.hashAlgo);
             }
-            var memCost = parseInt(options.memCost, 10);
+            const memCost = parseInt(options.memCost, 10);
             if (isNaN(memCost) || memCost <= 0 || memCost > 14) {
-                throw new FirebaseError("Must provide valid memory cost(1..14) for hash algorithm " + options.hashAlgo, { exit: 1 });
+                throw new error_1.FirebaseError("Must provide valid memory cost(1..14) for hash algorithm " + options.hashAlgo);
             }
-            var saltSeparator = "";
+            let saltSeparator = "";
             if (options.saltSeparator) {
                 saltSeparator = options.saltSeparator;
             }
@@ -210,10 +214,10 @@ var _validateRequiredParameters = function (options) {
         case "BCRYPT":
             return { hashAlgo: hashAlgo, valid: true };
         case "STANDARD_SCRYPT":
-            var cpuMemCost = parseInt(options.memCost, 10);
-            var parallelization = parseInt(options.parallelization, 10);
-            var blockSize = parseInt(options.blockSize, 10);
-            var dkLen = parseInt(options.dkLen, 10);
+            const cpuMemCost = parseInt(options.memCost, 10);
+            const parallelization = parseInt(options.parallelization, 10);
+            const blockSize = parseInt(options.blockSize, 10);
+            const dkLen = parseInt(options.dkLen, 10);
             return {
                 hashAlgo: hashAlgo,
                 valid: true,
@@ -223,62 +227,63 @@ var _validateRequiredParameters = function (options) {
                 dkLen: dkLen,
             };
         default:
-            throw new FirebaseError("Unsupported hash algorithm " + clc.bold(options.hashAlgo));
+            throw new error_1.FirebaseError("Unsupported hash algorithm " + clc.bold(options.hashAlgo));
     }
-};
-var _validateProviderUserInfo = function (providerUserInfo) {
+}
+function validateProviderUserInfo(providerUserInfo) {
     if (!_.includes(ALLOWED_PROVIDER_IDS, providerUserInfo.providerId)) {
         return {
             error: JSON.stringify(providerUserInfo, null, 2) + " has unsupported providerId",
         };
     }
-    var keydiff = _.difference(_.keys(providerUserInfo), ALLOWED_PROVIDER_USER_INFO_KEYS);
+    const keydiff = _.difference(_.keys(providerUserInfo), ALLOWED_PROVIDER_USER_INFO_KEYS);
     if (keydiff.length) {
         return {
             error: JSON.stringify(providerUserInfo, null, 2) + " has unsupported keys: " + keydiff.join(","),
         };
     }
     return {};
-};
-var validateUserJson = function (userJson) {
-    var keydiff = _.difference(_.keys(userJson), ALLOWED_JSON_KEYS);
+}
+function validateUserJson(userJson) {
+    const keydiff = _.difference(_.keys(userJson), ALLOWED_JSON_KEYS);
     if (keydiff.length) {
         return {
             error: JSON.stringify(userJson, null, 2) + " has unsupported keys: " + keydiff.join(","),
         };
     }
     if (userJson.providerUserInfo) {
-        for (var i = 0; i < userJson.providerUserInfo.length; i++) {
-            var res = _validateProviderUserInfo(userJson.providerUserInfo[i]);
+        for (let i = 0; i < userJson.providerUserInfo.length; i++) {
+            const res = validateProviderUserInfo(userJson.providerUserInfo[i]);
             if (res.error) {
                 return res;
             }
         }
     }
-    var badFormat = JSON.stringify(userJson, null, 2) + " has invalid data format: ";
-    if (userJson.passwordHash && !_isValidBase64(userJson.passwordHash)) {
+    const badFormat = JSON.stringify(userJson, null, 2) + " has invalid data format: ";
+    if (userJson.passwordHash && !isValidBase64(userJson.passwordHash)) {
         return {
             error: badFormat + "Password hash should be base64 encoded.",
         };
     }
-    if (userJson.salt && !_isValidBase64(userJson.salt)) {
+    if (userJson.salt && !isValidBase64(userJson.salt)) {
         return {
             error: badFormat + "Password salt should be base64 encoded.",
         };
     }
     return {};
-};
-var _sendRequest = function (projectId, userList, hashOptions) {
-    logger.info("Starting importing " + userList.length + " account(s).");
-    const postData = _genUploadAccountPostBody(projectId, userList, hashOptions);
+}
+exports.validateUserJson = validateUserJson;
+async function sendRequest(projectId, userList, hashOptions) {
+    logger_1.logger.info("Starting importing " + userList.length + " account(s).");
+    const postData = genUploadAccountPostBody(projectId, userList, hashOptions);
     return apiClient
         .post("/identitytoolkit/v3/relyingparty/uploadAccount", postData, {
         skipLog: { body: true },
     })
-        .then(function (ret) {
+        .then((ret) => {
         if (ret.body.error) {
-            logger.info("Encountered problems while importing accounts. Details:");
-            logger.info(ret.body.error.map(function (rawInfo) {
+            logger_1.logger.info("Encountered problems while importing accounts. Details:");
+            logger_1.logger.info(ret.body.error.map((rawInfo) => {
                 return {
                     account: JSON.stringify(userList[parseInt(rawInfo.index, 10)], null, 2),
                     reason: rawInfo.message,
@@ -288,20 +293,14 @@ var _sendRequest = function (projectId, userList, hashOptions) {
         else {
             utils.logSuccess("Imported successfully.");
         }
-        logger.info();
+        logger_1.logger.info();
     });
-};
-var serialImportUsers = function (projectId, hashOptions, userListArr, index) {
-    return _sendRequest(projectId, userListArr[index], hashOptions).then(function () {
+}
+function serialImportUsers(projectId, hashOptions, userListArr, index) {
+    return sendRequest(projectId, userListArr[index], hashOptions).then(() => {
         if (index < userListArr.length - 1) {
             return serialImportUsers(projectId, hashOptions, userListArr, index + 1);
         }
     });
-};
-var accountImporter = {
-    validateOptions: validateOptions,
-    validateUserJson: validateUserJson,
-    transArrayToUser: transArrayToUser,
-    serialImportUsers: serialImportUsers,
-};
-module.exports = accountImporter;
+}
+exports.serialImportUsers = serialImportUsers;