1 | /**
|
2 | * Firebase Authentication
|
3 | *
|
4 | * @packageDocumentation
|
5 | */
|
6 |
|
7 | import { CompleteFn } from '@firebase/util';
|
8 | import { ErrorFactory } from '@firebase/util';
|
9 | import { ErrorFn } from '@firebase/util';
|
10 | import { FirebaseApp } from '@firebase/app';
|
11 | import { FirebaseError } from '@firebase/util';
|
12 | import { NextFn } from '@firebase/util';
|
13 | import { Observer } from '@firebase/util';
|
14 | import { Unsubscribe } from '@firebase/util';
|
15 |
|
16 | /**
|
17 | * A response from {@link checkActionCode}.
|
18 | *
|
19 | * @public
|
20 | */
|
21 | export declare interface ActionCodeInfo {
|
22 | /**
|
23 | * The data associated with the action code.
|
24 | *
|
25 | * @remarks
|
26 | * For the {@link ActionCodeOperation}.PASSWORD_RESET, {@link ActionCodeOperation}.VERIFY_EMAIL, and
|
27 | * {@link ActionCodeOperation}.RECOVER_EMAIL actions, this object contains an email field with the address
|
28 | * the email was sent to.
|
29 | *
|
30 | * For the {@link ActionCodeOperation}.RECOVER_EMAIL action, which allows a user to undo an email address
|
31 | * change, this object also contains a `previousEmail` field with the user account's current
|
32 | * email address. After the action completes, the user's email address will revert to the value
|
33 | * in the `email` field from the value in `previousEmail` field.
|
34 | *
|
35 | * For the {@link ActionCodeOperation}.VERIFY_AND_CHANGE_EMAIL action, which allows a user to verify the
|
36 | * email before updating it, this object contains a `previousEmail` field with the user account's
|
37 | * email address before updating. After the action completes, the user's email address will be
|
38 | * updated to the value in the `email` field from the value in `previousEmail` field.
|
39 | *
|
40 | * For the {@link ActionCodeOperation}.REVERT_SECOND_FACTOR_ADDITION action, which allows a user to
|
41 | * unenroll a newly added second factor, this object contains a `multiFactorInfo` field with
|
42 | * the information about the second factor. For phone second factor, the `multiFactorInfo`
|
43 | * is a {@link MultiFactorInfo} object, which contains the phone number.
|
44 | */
|
45 | data: {
|
46 | email?: string | null;
|
47 | multiFactorInfo?: MultiFactorInfo | null;
|
48 | previousEmail?: string | null;
|
49 | };
|
50 | /**
|
51 | * The type of operation that generated the action code.
|
52 | */
|
53 | operation: typeof ActionCodeOperation[keyof typeof ActionCodeOperation];
|
54 | }
|
55 |
|
56 | /**
|
57 | * An enumeration of the possible email action types.
|
58 | *
|
59 | * @public
|
60 | */
|
61 | export declare const ActionCodeOperation: {
|
62 | /** The email link sign-in action. */
|
63 | readonly EMAIL_SIGNIN: "EMAIL_SIGNIN";
|
64 | /** The password reset action. */
|
65 | readonly PASSWORD_RESET: "PASSWORD_RESET";
|
66 | /** The email revocation action. */
|
67 | readonly RECOVER_EMAIL: "RECOVER_EMAIL";
|
68 | /** The revert second factor addition email action. */
|
69 | readonly REVERT_SECOND_FACTOR_ADDITION: "REVERT_SECOND_FACTOR_ADDITION";
|
70 | /** The revert second factor addition email action. */
|
71 | readonly VERIFY_AND_CHANGE_EMAIL: "VERIFY_AND_CHANGE_EMAIL";
|
72 | /** The email verification action. */
|
73 | readonly VERIFY_EMAIL: "VERIFY_EMAIL";
|
74 | };
|
75 |
|
76 | /**
|
77 | * An interface that defines the required continue/state URL with optional Android and iOS
|
78 | * bundle identifiers.
|
79 | *
|
80 | * @public
|
81 | */
|
82 | export declare interface ActionCodeSettings {
|
83 | /**
|
84 | * Sets the Android package name.
|
85 | *
|
86 | * @remarks
|
87 | * This will try to open the link in an android app if it is
|
88 | * installed. If `installApp` is passed, it specifies whether to install the Android app if the
|
89 | * device supports it and the app is not already installed. If this field is provided without
|
90 | * a `packageName`, an error is thrown explaining that the `packageName` must be provided in
|
91 | * conjunction with this field. If `minimumVersion` is specified, and an older version of the
|
92 | * app is installed, the user is taken to the Play Store to upgrade the app.
|
93 | */
|
94 | android?: {
|
95 | installApp?: boolean;
|
96 | minimumVersion?: string;
|
97 | packageName: string;
|
98 | };
|
99 | /**
|
100 | * When set to true, the action code link will be be sent as a Universal Link or Android App
|
101 | * Link and will be opened by the app if installed.
|
102 | *
|
103 | * @remarks
|
104 | * In the false case, the code will be sent to the web widget first and then on continue will
|
105 | * redirect to the app if installed.
|
106 | *
|
107 | * @defaultValue false
|
108 | */
|
109 | handleCodeInApp?: boolean;
|
110 | /**
|
111 | * Sets the iOS bundle ID.
|
112 | *
|
113 | * @remarks
|
114 | * This will try to open the link in an iOS app if it is installed.
|
115 | *
|
116 | * App installation is not supported for iOS.
|
117 | */
|
118 | iOS?: {
|
119 | bundleId: string;
|
120 | };
|
121 | /**
|
122 | * Sets the link continue/state URL.
|
123 | *
|
124 | * @remarks
|
125 | * This has different meanings in different contexts:
|
126 | * - When the link is handled in the web action widgets, this is the deep link in the
|
127 | * `continueUrl` query parameter.
|
128 | * - When the link is handled in the app directly, this is the `continueUrl` query parameter in
|
129 | * the deep link of the Dynamic Link.
|
130 | */
|
131 | url: string;
|
132 | /**
|
133 | * When multiple custom dynamic link domains are defined for a project, specify which one to use
|
134 | * when the link is to be opened via a specified mobile app (for example, `example.page.link`).
|
135 | *
|
136 | *
|
137 | * @defaultValue The first domain is automatically selected.
|
138 | */
|
139 | dynamicLinkDomain?: string;
|
140 | }
|
141 |
|
142 | /**
|
143 | * @license
|
144 | * Copyright 2020 Google LLC
|
145 | *
|
146 | * Licensed under the Apache License, Version 2.0 (the "License");
|
147 | * you may not use this file except in compliance with the License.
|
148 | * You may obtain a copy of the License at
|
149 | *
|
150 | * http://www.apache.org/licenses/LICENSE-2.0
|
151 | *
|
152 | * Unless required by applicable law or agreed to in writing, software
|
153 | * distributed under the License is distributed on an "AS IS" BASIS,
|
154 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
155 | * See the License for the specific language governing permissions and
|
156 | * limitations under the License.
|
157 | */
|
158 | /**
|
159 | * A utility class to parse email action URLs such as password reset, email verification,
|
160 | * email link sign in, etc.
|
161 | *
|
162 | * @public
|
163 | */
|
164 | export declare class ActionCodeURL {
|
165 | /**
|
166 | * The API key of the email action link.
|
167 | */
|
168 | readonly apiKey: string;
|
169 | /**
|
170 | * The action code of the email action link.
|
171 | */
|
172 | readonly code: string;
|
173 | /**
|
174 | * The continue URL of the email action link. Null if not provided.
|
175 | */
|
176 | readonly continueUrl: string | null;
|
177 | /**
|
178 | * The language code of the email action link. Null if not provided.
|
179 | */
|
180 | readonly languageCode: string | null;
|
181 | /**
|
182 | * The action performed by the email action link. It returns from one of the types from
|
183 | * {@link ActionCodeInfo}
|
184 | */
|
185 | readonly operation: string;
|
186 | /**
|
187 | * The tenant ID of the email action link. Null if the email action is from the parent project.
|
188 | */
|
189 | readonly tenantId: string | null;
|
190 | /**
|
191 | * @param actionLink - The link from which to extract the URL.
|
192 | * @returns The {@link ActionCodeURL} object, or null if the link is invalid.
|
193 | *
|
194 | * @internal
|
195 | */
|
196 | constructor(actionLink: string);
|
197 | /**
|
198 | * Parses the email action link string and returns an {if the link is valid,
ActionCodeURL} |
199 | * otherwise returns null.
|
200 | *
|
201 | * string.
link - The email action link |
202 | * null if the link is invalid.
The { ActionCodeURL} object, or |
203 | *
|
204 | *
|
205 | */
|
206 | static parseLink(link: string): ActionCodeURL | null;
|
207 | }
|
208 |
|
209 | /**
|
210 | * A structure containing additional user information from a federated identity provider.
|
211 | *
|
212 | * @public
|
213 | */
|
214 | export declare interface AdditionalUserInfo {
|
215 | /**
|
216 | * Whether the user is new (created via sign-up) or existing (authenticated using sign-in).
|
217 | */
|
218 | readonly isNewUser: boolean;
|
219 | /**
|
220 | * Map containing IDP-specific user data.
|
221 | */
|
222 | readonly profile: Record<string, unknown> | null;
|
223 | /**
|
224 | * Identifier for the provider used to authenticate this user.
|
225 | */
|
226 | readonly providerId: string | null;
|
227 | /**
|
228 | * The username if the provider is GitHub or Twitter.
|
229 | */
|
230 | readonly username?: string | null;
|
231 | }
|
232 |
|
233 | declare interface APIUserInfo {
|
234 | localId?: string;
|
235 | displayName?: string;
|
236 | photoUrl?: string;
|
237 | email?: string;
|
238 | emailVerified?: boolean;
|
239 | phoneNumber?: string;
|
240 | lastLoginAt?: number;
|
241 | createdAt?: number;
|
242 | tenantId?: string;
|
243 | passwordHash?: string;
|
244 | providerUserInfo?: ProviderUserInfo[];
|
245 | mfaInfo?: MfaEnrollment[];
|
246 | }
|
247 |
|
248 | /**
|
249 | * A verifier for domain verification and abuse prevention.
|
250 | *
|
251 | * @remarks
|
252 | * Currently, the only implementation is {@link RecaptchaVerifier}.
|
253 | *
|
254 | * @public
|
255 | */
|
256 | export declare interface ApplicationVerifier {
|
257 | /**
|
258 | * Identifies the type of application verifier (e.g. "recaptcha").
|
259 | */
|
260 | readonly type: string;
|
261 | /**
|
262 | * Executes the verification process.
|
263 | *
|
264 | * @returns A Promise for a token that can be used to assert the validity of a request.
|
265 | */
|
266 | verify(): Promise<string>;
|
267 | }
|
268 |
|
269 | declare interface ApplicationVerifierInternal extends ApplicationVerifier {
|
270 | /**
|
271 | * @internal
|
272 | */
|
273 | _reset(): void;
|
274 | }
|
275 |
|
276 | /**
|
277 | * Applies a verification code sent to the user by email or other out-of-band mechanism.
|
278 | *
|
279 | * @param auth - The {@link Auth} instance.
|
280 | * @param oobCode - A verification code sent to the user.
|
281 | *
|
282 | * @public
|
283 | */
|
284 | export declare function applyActionCode(auth: Auth, oobCode: string): Promise<void>;
|
285 |
|
286 | declare type AppName = string;
|
287 |
|
288 | /**
|
289 | * Interface representing Firebase Auth service.
|
290 | *
|
291 | * @remarks
|
292 | * See {@link https://firebase.google.com/docs/auth/ | Firebase Authentication} for a full guide
|
293 | * on how to use the Firebase Auth service.
|
294 | *
|
295 | * @public
|
296 | */
|
297 | export declare interface Auth {
|
298 | /** The {@link @firebase/app#FirebaseApp} associated with the `Auth` service instance. */
|
299 | readonly app: FirebaseApp;
|
300 | /** The name of the app associated with the `Auth` service instance. */
|
301 | readonly name: string;
|
302 | /** The {@link Config} used to initialize this instance. */
|
303 | readonly config: Config;
|
304 | /**
|
305 | * Changes the type of persistence on the `Auth` instance.
|
306 | *
|
307 | * @remarks
|
308 | * This will affect the currently saved Auth session and applies this type of persistence for
|
309 | * future sign-in requests, including sign-in with redirect requests.
|
310 | *
|
311 | * This makes it easy for a user signing in to specify whether their session should be
|
312 | * remembered or not. It also makes it easier to never persist the Auth state for applications
|
313 | * that are shared by other users or have sensitive data.
|
314 | *
|
315 | * @example
|
316 | * ```javascript
|
317 | * auth.setPersistence(browserSessionPersistence);
|
318 | * ```
|
319 | *
|
320 | * @param persistence - The {@link Persistence} to use.
|
321 | */
|
322 | setPersistence(persistence: Persistence): Promise<void>;
|
323 | /**
|
324 | * The {@link Auth} instance's language code.
|
325 | *
|
326 | * @remarks
|
327 | * This is a readable/writable property. When set to null, the default Firebase Console language
|
328 | * setting is applied. The language code will propagate to email action templates (password
|
329 | * reset, email verification and email change revocation), SMS templates for phone authentication,
|
330 | * reCAPTCHA verifier and OAuth popup/redirect operations provided the specified providers support
|
331 | * localization with the language code specified.
|
332 | */
|
333 | languageCode: string | null;
|
334 | /**
|
335 | * The {@link Auth} instance's tenant ID.
|
336 | *
|
337 | * @remarks
|
338 | * This is a readable/writable property. When you set the tenant ID of an {@link Auth} instance, all
|
339 | * future sign-in/sign-up operations will pass this tenant ID and sign in or sign up users to
|
340 | * the specified tenant project. When set to null, users are signed in to the parent project.
|
341 | *
|
342 | * @example
|
343 | * ```javascript
|
344 | * // Set the tenant ID on Auth instance.
|
345 | * auth.tenantId = 'TENANT_PROJECT_ID';
|
346 | *
|
347 | * // All future sign-in request now include tenant ID.
|
348 | * const result = await signInWithEmailAndPassword(auth, email, password);
|
349 | * // result.user.tenantId should be 'TENANT_PROJECT_ID'.
|
350 | * ```
|
351 | *
|
352 | * @defaultValue null
|
353 | */
|
354 | tenantId: string | null;
|
355 | /**
|
356 | * The {@link Auth} instance's settings.
|
357 | *
|
358 | * @remarks
|
359 | * This is used to edit/read configuration related options such as app verification mode for
|
360 | * phone authentication.
|
361 | */
|
362 | readonly settings: AuthSettings;
|
363 | /**
|
364 | * Adds an observer for changes to the user's sign-in state.
|
365 | *
|
366 | * @remarks
|
367 | * To keep the old behavior, see {@link Auth.onIdTokenChanged}.
|
368 | *
|
369 | * @param nextOrObserver - callback triggered on change.
|
370 | * @param error - callback triggered on error.
|
371 | * @param completed - callback triggered when observer is removed.
|
372 | */
|
373 | onAuthStateChanged(nextOrObserver: NextOrObserver<User | null>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe;
|
374 | /**
|
375 | * Adds a blocking callback that runs before an auth state change
|
376 | * sets a new user.
|
377 | *
|
378 | * @param callback - callback triggered before new user value is set.
|
379 | * If this throws, it blocks the user from being set.
|
380 | * @param onAbort - callback triggered if a later `beforeAuthStateChanged()`
|
381 | * callback throws, allowing you to undo any side effects.
|
382 | */
|
383 | beforeAuthStateChanged(callback: (user: User | null) => void | Promise<void>, onAbort?: () => void): Unsubscribe;
|
384 | /**
|
385 | * Adds an observer for changes to the signed-in user's ID token.
|
386 | *
|
387 | * @remarks
|
388 | * This includes sign-in, sign-out, and token refresh events.
|
389 | *
|
390 | * @param nextOrObserver - callback triggered on change.
|
391 | * @param error - callback triggered on error.
|
392 | * @param completed - callback triggered when observer is removed.
|
393 | */
|
394 | onIdTokenChanged(nextOrObserver: NextOrObserver<User | null>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe;
|
395 | /** The currently signed-in user (or null). */
|
396 | readonly currentUser: User | null;
|
397 | /** The current emulator configuration (or null). */
|
398 | readonly emulatorConfig: EmulatorConfig | null;
|
399 | /**
|
400 | * Asynchronously sets the provided user as {@link Auth.currentUser} on the {@link Auth} instance.
|
401 | *
|
402 | * @remarks
|
403 | * A new instance copy of the user provided will be made and set as currentUser.
|
404 | *
|
405 | * This will trigger {@link Auth.onAuthStateChanged} and {@link Auth.onIdTokenChanged} listeners
|
406 | * like other sign in methods.
|
407 | *
|
408 | * The operation fails with an error if the user to be updated belongs to a different Firebase
|
409 | * project.
|
410 | *
|
411 | * @param user - The new {@link User}.
|
412 | */
|
413 | updateCurrentUser(user: User | null): Promise<void>;
|
414 | /**
|
415 | * Sets the current language to the default device/browser preference.
|
416 | */
|
417 | useDeviceLanguage(): void;
|
418 | /**
|
419 | * Signs out the current user.
|
420 | */
|
421 | signOut(): Promise<void>;
|
422 | }
|
423 |
|
424 | /**
|
425 | * Interface that represents the credentials returned by an {@link AuthProvider}.
|
426 | *
|
427 | * @remarks
|
428 | * Implementations specify the details about each auth provider's credential requirements.
|
429 | *
|
430 | * @public
|
431 | */
|
432 | export declare class AuthCredential {
|
433 | /**
|
434 | * The authentication provider ID for the credential.
|
435 | *
|
436 | * @remarks
|
437 | * For example, 'facebook.com', or 'google.com'.
|
438 | */
|
439 | readonly providerId: string;
|
440 | /**
|
441 | * The authentication sign in method for the credential.
|
442 | *
|
443 | * @remarks
|
444 | * For example, {@link SignInMethod}.EMAIL_PASSWORD, or
|
445 | * {@link SignInMethod}.EMAIL_LINK. This corresponds to the sign-in method
|
446 | * identifier as returned in {@link fetchSignInMethodsForEmail}.
|
447 | */
|
448 | readonly signInMethod: string;
|
449 | /** @internal */
|
450 | protected constructor(
|
451 | /**
|
452 | * The authentication provider ID for the credential.
|
453 | *
|
454 | * @remarks
|
455 | * For example, 'facebook.com', or 'google.com'.
|
456 | */
|
457 | providerId: string,
|
458 | /**
|
459 | * The authentication sign in method for the credential.
|
460 | *
|
461 | * @remarks
|
462 | * For example, {@link SignInMethod}.EMAIL_PASSWORD, or
|
463 | * {@link SignInMethod}.EMAIL_LINK. This corresponds to the sign-in method
|
464 | * identifier as returned in {@link fetchSignInMethodsForEmail}.
|
465 | */
|
466 | signInMethod: string);
|
467 | /**
|
468 | * Returns a JSON-serializable representation of this object.
|
469 | *
|
470 | * @returns a JSON-serializable representation of this object.
|
471 | */
|
472 | toJSON(): object;
|
473 | /** @internal */
|
474 | _getIdTokenResponse(_auth: AuthInternal): Promise<PhoneOrOauthTokenResponse>;
|
475 | /** @internal */
|
476 | _linkToIdToken(_auth: AuthInternal, _idToken: string): Promise<IdTokenResponse>;
|
477 | /** @internal */
|
478 | _getReauthenticationResolver(_auth: AuthInternal): Promise<IdTokenResponse>;
|
479 | }
|
480 |
|
481 | /**
|
482 | * Interface for an `Auth` error.
|
483 | *
|
484 | * @public
|
485 | */
|
486 | export declare interface AuthError extends FirebaseError {
|
487 | /** Details about the Firebase Auth error. */
|
488 | readonly customData: {
|
489 | /** The name of the Firebase App which triggered this error. */
|
490 | readonly appName: string;
|
491 | /** The email address of the user's account, used for sign-in and linking. */
|
492 | readonly email?: string;
|
493 | /** The phone number of the user's account, used for sign-in and linking. */
|
494 | readonly phoneNumber?: string;
|
495 | /**
|
496 | * The tenant ID being used for sign-in and linking.
|
497 | *
|
498 | * @remarks
|
499 | * If you use {@link signInWithRedirect} to sign in,
|
500 | * you have to set the tenant ID on the {@link Auth} instance again as the tenant ID is not persisted
|
501 | * after redirection.
|
502 | */
|
503 | readonly tenantId?: string;
|
504 | };
|
505 | }
|
506 |
|
507 | /**
|
508 | * Enumeration of Firebase Auth error codes.
|
509 | *
|
510 | * @internal
|
511 | */
|
512 | declare const enum AuthErrorCode {
|
513 | ADMIN_ONLY_OPERATION = "admin-restricted-operation",
|
514 | ARGUMENT_ERROR = "argument-error",
|
515 | APP_NOT_AUTHORIZED = "app-not-authorized",
|
516 | APP_NOT_INSTALLED = "app-not-installed",
|
517 | CAPTCHA_CHECK_FAILED = "captcha-check-failed",
|
518 | CODE_EXPIRED = "code-expired",
|
519 | CORDOVA_NOT_READY = "cordova-not-ready",
|
520 | CORS_UNSUPPORTED = "cors-unsupported",
|
521 | CREDENTIAL_ALREADY_IN_USE = "credential-already-in-use",
|
522 | CREDENTIAL_MISMATCH = "custom-token-mismatch",
|
523 | CREDENTIAL_TOO_OLD_LOGIN_AGAIN = "requires-recent-login",
|
524 | DEPENDENT_SDK_INIT_BEFORE_AUTH = "dependent-sdk-initialized-before-auth",
|
525 | DYNAMIC_LINK_NOT_ACTIVATED = "dynamic-link-not-activated",
|
526 | EMAIL_CHANGE_NEEDS_VERIFICATION = "email-change-needs-verification",
|
527 | EMAIL_EXISTS = "email-already-in-use",
|
528 | EMULATOR_CONFIG_FAILED = "emulator-config-failed",
|
529 | EXPIRED_OOB_CODE = "expired-action-code",
|
530 | EXPIRED_POPUP_REQUEST = "cancelled-popup-request",
|
531 | INTERNAL_ERROR = "internal-error",
|
532 | INVALID_API_KEY = "invalid-api-key",
|
533 | INVALID_APP_CREDENTIAL = "invalid-app-credential",
|
534 | INVALID_APP_ID = "invalid-app-id",
|
535 | INVALID_AUTH = "invalid-user-token",
|
536 | INVALID_AUTH_EVENT = "invalid-auth-event",
|
537 | INVALID_CERT_HASH = "invalid-cert-hash",
|
538 | INVALID_CODE = "invalid-verification-code",
|
539 | INVALID_CONTINUE_URI = "invalid-continue-uri",
|
540 | INVALID_CORDOVA_CONFIGURATION = "invalid-cordova-configuration",
|
541 | INVALID_CUSTOM_TOKEN = "invalid-custom-token",
|
542 | INVALID_DYNAMIC_LINK_DOMAIN = "invalid-dynamic-link-domain",
|
543 | INVALID_EMAIL = "invalid-email",
|
544 | INVALID_EMULATOR_SCHEME = "invalid-emulator-scheme",
|
545 | INVALID_IDP_RESPONSE = "invalid-credential",
|
546 | INVALID_MESSAGE_PAYLOAD = "invalid-message-payload",
|
547 | INVALID_MFA_SESSION = "invalid-multi-factor-session",
|
548 | INVALID_OAUTH_CLIENT_ID = "invalid-oauth-client-id",
|
549 | INVALID_OAUTH_PROVIDER = "invalid-oauth-provider",
|
550 | INVALID_OOB_CODE = "invalid-action-code",
|
551 | INVALID_ORIGIN = "unauthorized-domain",
|
552 | INVALID_PASSWORD = "wrong-password",
|
553 | INVALID_PERSISTENCE = "invalid-persistence-type",
|
554 | INVALID_PHONE_NUMBER = "invalid-phone-number",
|
555 | INVALID_PROVIDER_ID = "invalid-provider-id",
|
556 | INVALID_RECIPIENT_EMAIL = "invalid-recipient-email",
|
557 | INVALID_SENDER = "invalid-sender",
|
558 | INVALID_SESSION_INFO = "invalid-verification-id",
|
559 | INVALID_TENANT_ID = "invalid-tenant-id",
|
560 | LOGIN_BLOCKED = "login-blocked",
|
561 | MFA_INFO_NOT_FOUND = "multi-factor-info-not-found",
|
562 | MFA_REQUIRED = "multi-factor-auth-required",
|
563 | MISSING_ANDROID_PACKAGE_NAME = "missing-android-pkg-name",
|
564 | MISSING_APP_CREDENTIAL = "missing-app-credential",
|
565 | MISSING_AUTH_DOMAIN = "auth-domain-config-required",
|
566 | MISSING_CODE = "missing-verification-code",
|
567 | MISSING_CONTINUE_URI = "missing-continue-uri",
|
568 | MISSING_IFRAME_START = "missing-iframe-start",
|
569 | MISSING_IOS_BUNDLE_ID = "missing-ios-bundle-id",
|
570 | MISSING_OR_INVALID_NONCE = "missing-or-invalid-nonce",
|
571 | MISSING_MFA_INFO = "missing-multi-factor-info",
|
572 | MISSING_MFA_SESSION = "missing-multi-factor-session",
|
573 | MISSING_PHONE_NUMBER = "missing-phone-number",
|
574 | MISSING_SESSION_INFO = "missing-verification-id",
|
575 | MODULE_DESTROYED = "app-deleted",
|
576 | NEED_CONFIRMATION = "account-exists-with-different-credential",
|
577 | NETWORK_REQUEST_FAILED = "network-request-failed",
|
578 | NULL_USER = "null-user",
|
579 | NO_AUTH_EVENT = "no-auth-event",
|
580 | NO_SUCH_PROVIDER = "no-such-provider",
|
581 | OPERATION_NOT_ALLOWED = "operation-not-allowed",
|
582 | OPERATION_NOT_SUPPORTED = "operation-not-supported-in-this-environment",
|
583 | POPUP_BLOCKED = "popup-blocked",
|
584 | POPUP_CLOSED_BY_USER = "popup-closed-by-user",
|
585 | PROVIDER_ALREADY_LINKED = "provider-already-linked",
|
586 | QUOTA_EXCEEDED = "quota-exceeded",
|
587 | REDIRECT_CANCELLED_BY_USER = "redirect-cancelled-by-user",
|
588 | REDIRECT_OPERATION_PENDING = "redirect-operation-pending",
|
589 | REJECTED_CREDENTIAL = "rejected-credential",
|
590 | SECOND_FACTOR_ALREADY_ENROLLED = "second-factor-already-in-use",
|
591 | SECOND_FACTOR_LIMIT_EXCEEDED = "maximum-second-factor-count-exceeded",
|
592 | TENANT_ID_MISMATCH = "tenant-id-mismatch",
|
593 | TIMEOUT = "timeout",
|
594 | TOKEN_EXPIRED = "user-token-expired",
|
595 | TOO_MANY_ATTEMPTS_TRY_LATER = "too-many-requests",
|
596 | UNAUTHORIZED_DOMAIN = "unauthorized-continue-uri",
|
597 | UNSUPPORTED_FIRST_FACTOR = "unsupported-first-factor",
|
598 | UNSUPPORTED_PERSISTENCE = "unsupported-persistence-type",
|
599 | UNSUPPORTED_TENANT_OPERATION = "unsupported-tenant-operation",
|
600 | UNVERIFIED_EMAIL = "unverified-email",
|
601 | USER_CANCELLED = "user-cancelled",
|
602 | USER_DELETED = "user-not-found",
|
603 | USER_DISABLED = "user-disabled",
|
604 | USER_MISMATCH = "user-mismatch",
|
605 | USER_SIGNED_OUT = "user-signed-out",
|
606 | WEAK_PASSWORD = "weak-password",
|
607 | WEB_STORAGE_UNSUPPORTED = "web-storage-unsupported",
|
608 | ALREADY_INITIALIZED = "already-initialized"
|
609 | }
|
610 |
|
611 | /**
|
612 | * A map of potential `Auth` error codes, for easier comparison with errors
|
613 | * thrown by the SDK.
|
614 | *
|
615 | * @remarks
|
616 | * Note that you can't tree-shake individual keys
|
617 | * in the map, so by using the map you might substantially increase your
|
618 | * bundle size.
|
619 | *
|
620 | * @public
|
621 | */
|
622 | export declare const AuthErrorCodes: {
|
623 | readonly ADMIN_ONLY_OPERATION: "auth/admin-restricted-operation";
|
624 | readonly ARGUMENT_ERROR: "auth/argument-error";
|
625 | readonly APP_NOT_AUTHORIZED: "auth/app-not-authorized";
|
626 | readonly APP_NOT_INSTALLED: "auth/app-not-installed";
|
627 | readonly CAPTCHA_CHECK_FAILED: "auth/captcha-check-failed";
|
628 | readonly CODE_EXPIRED: "auth/code-expired";
|
629 | readonly CORDOVA_NOT_READY: "auth/cordova-not-ready";
|
630 | readonly CORS_UNSUPPORTED: "auth/cors-unsupported";
|
631 | readonly CREDENTIAL_ALREADY_IN_USE: "auth/credential-already-in-use";
|
632 | readonly CREDENTIAL_MISMATCH: "auth/custom-token-mismatch";
|
633 | readonly CREDENTIAL_TOO_OLD_LOGIN_AGAIN: "auth/requires-recent-login";
|
634 | readonly DEPENDENT_SDK_INIT_BEFORE_AUTH: "auth/dependent-sdk-initialized-before-auth";
|
635 | readonly DYNAMIC_LINK_NOT_ACTIVATED: "auth/dynamic-link-not-activated";
|
636 | readonly EMAIL_CHANGE_NEEDS_VERIFICATION: "auth/email-change-needs-verification";
|
637 | readonly EMAIL_EXISTS: "auth/email-already-in-use";
|
638 | readonly EMULATOR_CONFIG_FAILED: "auth/emulator-config-failed";
|
639 | readonly EXPIRED_OOB_CODE: "auth/expired-action-code";
|
640 | readonly EXPIRED_POPUP_REQUEST: "auth/cancelled-popup-request";
|
641 | readonly INTERNAL_ERROR: "auth/internal-error";
|
642 | readonly INVALID_API_KEY: "auth/invalid-api-key";
|
643 | readonly INVALID_APP_CREDENTIAL: "auth/invalid-app-credential";
|
644 | readonly INVALID_APP_ID: "auth/invalid-app-id";
|
645 | readonly INVALID_AUTH: "auth/invalid-user-token";
|
646 | readonly INVALID_AUTH_EVENT: "auth/invalid-auth-event";
|
647 | readonly INVALID_CERT_HASH: "auth/invalid-cert-hash";
|
648 | readonly INVALID_CODE: "auth/invalid-verification-code";
|
649 | readonly INVALID_CONTINUE_URI: "auth/invalid-continue-uri";
|
650 | readonly INVALID_CORDOVA_CONFIGURATION: "auth/invalid-cordova-configuration";
|
651 | readonly INVALID_CUSTOM_TOKEN: "auth/invalid-custom-token";
|
652 | readonly INVALID_DYNAMIC_LINK_DOMAIN: "auth/invalid-dynamic-link-domain";
|
653 | readonly INVALID_EMAIL: "auth/invalid-email";
|
654 | readonly INVALID_EMULATOR_SCHEME: "auth/invalid-emulator-scheme";
|
655 | readonly INVALID_IDP_RESPONSE: "auth/invalid-credential";
|
656 | readonly INVALID_MESSAGE_PAYLOAD: "auth/invalid-message-payload";
|
657 | readonly INVALID_MFA_SESSION: "auth/invalid-multi-factor-session";
|
658 | readonly INVALID_OAUTH_CLIENT_ID: "auth/invalid-oauth-client-id";
|
659 | readonly INVALID_OAUTH_PROVIDER: "auth/invalid-oauth-provider";
|
660 | readonly INVALID_OOB_CODE: "auth/invalid-action-code";
|
661 | readonly INVALID_ORIGIN: "auth/unauthorized-domain";
|
662 | readonly INVALID_PASSWORD: "auth/wrong-password";
|
663 | readonly INVALID_PERSISTENCE: "auth/invalid-persistence-type";
|
664 | readonly INVALID_PHONE_NUMBER: "auth/invalid-phone-number";
|
665 | readonly INVALID_PROVIDER_ID: "auth/invalid-provider-id";
|
666 | readonly INVALID_RECIPIENT_EMAIL: "auth/invalid-recipient-email";
|
667 | readonly INVALID_SENDER: "auth/invalid-sender";
|
668 | readonly INVALID_SESSION_INFO: "auth/invalid-verification-id";
|
669 | readonly INVALID_TENANT_ID: "auth/invalid-tenant-id";
|
670 | readonly MFA_INFO_NOT_FOUND: "auth/multi-factor-info-not-found";
|
671 | readonly MFA_REQUIRED: "auth/multi-factor-auth-required";
|
672 | readonly MISSING_ANDROID_PACKAGE_NAME: "auth/missing-android-pkg-name";
|
673 | readonly MISSING_APP_CREDENTIAL: "auth/missing-app-credential";
|
674 | readonly MISSING_AUTH_DOMAIN: "auth/auth-domain-config-required";
|
675 | readonly MISSING_CODE: "auth/missing-verification-code";
|
676 | readonly MISSING_CONTINUE_URI: "auth/missing-continue-uri";
|
677 | readonly MISSING_IFRAME_START: "auth/missing-iframe-start";
|
678 | readonly MISSING_IOS_BUNDLE_ID: "auth/missing-ios-bundle-id";
|
679 | readonly MISSING_OR_INVALID_NONCE: "auth/missing-or-invalid-nonce";
|
680 | readonly MISSING_MFA_INFO: "auth/missing-multi-factor-info";
|
681 | readonly MISSING_MFA_SESSION: "auth/missing-multi-factor-session";
|
682 | readonly MISSING_PHONE_NUMBER: "auth/missing-phone-number";
|
683 | readonly MISSING_SESSION_INFO: "auth/missing-verification-id";
|
684 | readonly MODULE_DESTROYED: "auth/app-deleted";
|
685 | readonly NEED_CONFIRMATION: "auth/account-exists-with-different-credential";
|
686 | readonly NETWORK_REQUEST_FAILED: "auth/network-request-failed";
|
687 | readonly NULL_USER: "auth/null-user";
|
688 | readonly NO_AUTH_EVENT: "auth/no-auth-event";
|
689 | readonly NO_SUCH_PROVIDER: "auth/no-such-provider";
|
690 | readonly OPERATION_NOT_ALLOWED: "auth/operation-not-allowed";
|
691 | readonly OPERATION_NOT_SUPPORTED: "auth/operation-not-supported-in-this-environment";
|
692 | readonly POPUP_BLOCKED: "auth/popup-blocked";
|
693 | readonly POPUP_CLOSED_BY_USER: "auth/popup-closed-by-user";
|
694 | readonly PROVIDER_ALREADY_LINKED: "auth/provider-already-linked";
|
695 | readonly QUOTA_EXCEEDED: "auth/quota-exceeded";
|
696 | readonly REDIRECT_CANCELLED_BY_USER: "auth/redirect-cancelled-by-user";
|
697 | readonly REDIRECT_OPERATION_PENDING: "auth/redirect-operation-pending";
|
698 | readonly REJECTED_CREDENTIAL: "auth/rejected-credential";
|
699 | readonly SECOND_FACTOR_ALREADY_ENROLLED: "auth/second-factor-already-in-use";
|
700 | readonly SECOND_FACTOR_LIMIT_EXCEEDED: "auth/maximum-second-factor-count-exceeded";
|
701 | readonly TENANT_ID_MISMATCH: "auth/tenant-id-mismatch";
|
702 | readonly TIMEOUT: "auth/timeout";
|
703 | readonly TOKEN_EXPIRED: "auth/user-token-expired";
|
704 | readonly TOO_MANY_ATTEMPTS_TRY_LATER: "auth/too-many-requests";
|
705 | readonly UNAUTHORIZED_DOMAIN: "auth/unauthorized-continue-uri";
|
706 | readonly UNSUPPORTED_FIRST_FACTOR: "auth/unsupported-first-factor";
|
707 | readonly UNSUPPORTED_PERSISTENCE: "auth/unsupported-persistence-type";
|
708 | readonly UNSUPPORTED_TENANT_OPERATION: "auth/unsupported-tenant-operation";
|
709 | readonly UNVERIFIED_EMAIL: "auth/unverified-email";
|
710 | readonly USER_CANCELLED: "auth/user-cancelled";
|
711 | readonly USER_DELETED: "auth/user-not-found";
|
712 | readonly USER_DISABLED: "auth/user-disabled";
|
713 | readonly USER_MISMATCH: "auth/user-mismatch";
|
714 | readonly USER_SIGNED_OUT: "auth/user-signed-out";
|
715 | readonly WEAK_PASSWORD: "auth/weak-password";
|
716 | readonly WEB_STORAGE_UNSUPPORTED: "auth/web-storage-unsupported";
|
717 | readonly ALREADY_INITIALIZED: "auth/already-initialized";
|
718 | };
|
719 |
|
720 | /**
|
721 | * A mapping of error codes to error messages.
|
722 | *
|
723 | * @remarks
|
724 | *
|
725 | * While error messages are useful for debugging (providing verbose textual
|
726 | * context around what went wrong), these strings take up a lot of space in the
|
727 | * compiled code. When deploying code in production, using {@link prodErrorMap}
|
728 | * will save you roughly 10k compressed/gzipped over {@link debugErrorMap}. You
|
729 | * can select the error map during initialization:
|
730 | *
|
731 | * ```javascript
|
732 | * initializeAuth(app, {errorMap: debugErrorMap})
|
733 | * ```
|
734 | *
|
735 | * When initializing Auth, {@link prodErrorMap} is default.
|
736 | *
|
737 | * @public
|
738 | */
|
739 | export declare interface AuthErrorMap {
|
740 | }
|
741 |
|
742 | /**
|
743 | * @internal
|
744 | */
|
745 | declare interface AuthErrorParams extends GenericAuthErrorParams {
|
746 | [AuthErrorCode.ARGUMENT_ERROR]: {
|
747 | appName?: AppName;
|
748 | };
|
749 | [AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH]: {
|
750 | appName?: AppName;
|
751 | };
|
752 | [AuthErrorCode.INTERNAL_ERROR]: {
|
753 | appName?: AppName;
|
754 | };
|
755 | [AuthErrorCode.LOGIN_BLOCKED]: {
|
756 | appName?: AppName;
|
757 | originalMessage?: string;
|
758 | };
|
759 | [AuthErrorCode.OPERATION_NOT_SUPPORTED]: {
|
760 | appName?: AppName;
|
761 | };
|
762 | [AuthErrorCode.NO_AUTH_EVENT]: {
|
763 | appName?: AppName;
|
764 | };
|
765 | [AuthErrorCode.MFA_REQUIRED]: {
|
766 | appName: AppName;
|
767 | _serverResponse: IdTokenMfaResponse;
|
768 | };
|
769 | [AuthErrorCode.INVALID_CORDOVA_CONFIGURATION]: {
|
770 | appName: AppName;
|
771 | missingPlugin?: string;
|
772 | };
|
773 | }
|
774 |
|
775 | /**
|
776 | * @internal
|
777 | */
|
778 | declare interface AuthEvent {
|
779 | type: AuthEventType;
|
780 | eventId: string | null;
|
781 | urlResponse: string | null;
|
782 | sessionId: string | null;
|
783 | postBody: string | null;
|
784 | tenantId: string | null;
|
785 | error?: AuthEventError;
|
786 | }
|
787 |
|
788 | /**
|
789 | * @internal
|
790 | */
|
791 | declare interface AuthEventConsumer {
|
792 | readonly filter: AuthEventType[];
|
793 | eventId: string | null;
|
794 | onAuthEvent(event: AuthEvent): unknown;
|
795 | onError(error: FirebaseError): unknown;
|
796 | }
|
797 |
|
798 | declare interface AuthEventError extends Error {
|
799 | code: string;
|
800 | message: string;
|
801 | }
|
802 |
|
803 | /**
|
804 | * @internal
|
805 | */
|
806 | declare const enum AuthEventType {
|
807 | LINK_VIA_POPUP = "linkViaPopup",
|
808 | LINK_VIA_REDIRECT = "linkViaRedirect",
|
809 | REAUTH_VIA_POPUP = "reauthViaPopup",
|
810 | REAUTH_VIA_REDIRECT = "reauthViaRedirect",
|
811 | SIGN_IN_VIA_POPUP = "signInViaPopup",
|
812 | SIGN_IN_VIA_REDIRECT = "signInViaRedirect",
|
813 | UNKNOWN = "unknown",
|
814 | VERIFY_APP = "verifyApp"
|
815 | }
|
816 |
|
817 | /**
|
818 | * UserInternal and AuthInternal reference each other, so both of them are included in the public typings.
|
819 | * In order to exclude them, we mark them as internal explicitly.
|
820 | *
|
821 | * @internal
|
822 | */
|
823 | declare interface AuthInternal extends Auth {
|
824 | currentUser: User | null;
|
825 | emulatorConfig: EmulatorConfig | null;
|
826 | _canInitEmulator: boolean;
|
827 | _isInitialized: boolean;
|
828 | _initializationPromise: Promise<void> | null;
|
829 | _updateCurrentUser(user: UserInternal | null): Promise<void>;
|
830 | _onStorageEvent(): void;
|
831 | _notifyListenersIfCurrent(user: UserInternal): void;
|
832 | _persistUserIfCurrent(user: UserInternal): Promise<void>;
|
833 | _setRedirectUser(user: UserInternal | null, popupRedirectResolver?: PopupRedirectResolver): Promise<void>;
|
834 | _redirectUserForId(id: string): Promise<UserInternal | null>;
|
835 | _popupRedirectResolver: PopupRedirectResolverInternal | null;
|
836 | _key(): string;
|
837 | _startProactiveRefresh(): void;
|
838 | _stopProactiveRefresh(): void;
|
839 | _getPersistence(): string;
|
840 | _logFramework(framework: string): void;
|
841 | _getFrameworks(): readonly string[];
|
842 | _getAdditionalHeaders(): Promise<Record<string, string>>;
|
843 | readonly name: AppName;
|
844 | readonly config: ConfigInternal;
|
845 | languageCode: string | null;
|
846 | tenantId: string | null;
|
847 | readonly settings: AuthSettings;
|
848 | _errorFactory: ErrorFactory<AuthErrorCode, AuthErrorParams>;
|
849 | useDeviceLanguage(): void;
|
850 | signOut(): Promise<void>;
|
851 | }
|
852 |
|
853 | declare class AuthPopup {
|
854 | readonly window: Window | null;
|
855 | associatedEvent: string | null;
|
856 | constructor(window: Window | null);
|
857 | close(): void;
|
858 | }
|
859 |
|
860 | /**
|
861 | * Interface that represents an auth provider, used to facilitate creating { AuthCredential}.
|
862 | *
|
863 | *
|
864 | */
|
865 | export declare interface AuthProvider {
|
866 | /**
|
867 | * Provider for which credentials can be constructed.
|
868 | */
|
869 | readonly providerId: string;
|
870 | }
|
871 |
|
872 | /**
|
873 | * Interface representing an {@link Auth} instance's settings.
|
874 | *
|
875 | * @remarks Currently used for enabling/disabling app verification for phone Auth testing.
|
876 | *
|
877 | * @public
|
878 | */
|
879 | export declare interface AuthSettings {
|
880 | /**
|
881 | * When set, this property disables app verification for the purpose of testing phone
|
882 | * authentication. For this property to take effect, it needs to be set before rendering a
|
883 | * reCAPTCHA app verifier. When this is disabled, a mock reCAPTCHA is rendered instead. This is
|
884 | * useful for manual testing during development or for automated integration tests.
|
885 | *
|
886 | * In order to use this feature, you will need to
|
887 | * {@link https://firebase.google.com/docs/auth/web/phone-auth#test-with-whitelisted-phone-numbers | whitelist your phone number}
|
888 | * via the Firebase Console.
|
889 | *
|
890 | * The default value is false (app verification is enabled).
|
891 | */
|
892 | appVerificationDisabledForTesting: boolean;
|
893 | }
|
894 |
|
895 | /**
|
896 | * MFA Info as returned by the API
|
897 | */
|
898 | declare interface BaseMfaEnrollment {
|
899 | mfaEnrollmentId: string;
|
900 | enrolledAt: number;
|
901 | displayName?: string;
|
902 | }
|
903 |
|
904 | /**
|
905 | * Common code to all OAuth providers. This is separate from the
|
906 | * {@link OAuthProvider} so that child providers (like
|
907 | * {@link GoogleAuthProvider}) don't inherit the `credential` instance method.
|
908 | * Instead, they rely on a static `credential` method.
|
909 | */
|
910 | declare abstract class BaseOAuthProvider extends FederatedAuthProvider implements AuthProvider {
|
911 | /** @internal */
|
912 | private scopes;
|
913 | /**
|
914 | * Add an OAuth scope to the credential.
|
915 | *
|
916 | * @param scope - Provider OAuth scope to add.
|
917 | */
|
918 | addScope(scope: string): AuthProvider;
|
919 | /**
|
920 | * Retrieve the current list of OAuth scopes.
|
921 | */
|
922 | getScopes(): string[];
|
923 | }
|
924 |
|
925 | /**
|
926 | * Adds a blocking callback that runs before an auth state change
|
927 | * sets a new user.
|
928 | *
|
929 | * @param auth - The {@link Auth} instance.
|
930 | * @param callback - callback triggered before new user value is set.
|
931 | * If this throws, it blocks the user from being set.
|
932 | * @param onAbort - callback triggered if a later `beforeAuthStateChanged()`
|
933 | * callback throws, allowing you to undo any side effects.
|
934 | */
|
935 | export declare function beforeAuthStateChanged(auth: Auth, callback: (user: User | null) => void | Promise<void>, onAbort?: () => void): Unsubscribe;
|
936 |
|
937 | /**
|
938 | * An implementation of {@link Persistence} of type `LOCAL` using `localStorage`
|
939 | * for the underlying storage.
|
940 | *
|
941 | * @public
|
942 | */
|
943 | export declare const browserLocalPersistence: Persistence;
|
944 |
|
945 | /**
|
946 | * An implementation of {@link PopupRedirectResolver} suitable for browser
|
947 | * based applications.
|
948 | *
|
949 | * @public
|
950 | */
|
951 | export declare const browserPopupRedirectResolver: PopupRedirectResolver;
|
952 |
|
953 | /**
|
954 | * An implementation of {@link Persistence} of `SESSION` using `sessionStorage`
|
955 | * for the underlying storage.
|
956 | *
|
957 | * @public
|
958 | */
|
959 | export declare const browserSessionPersistence: Persistence;
|
960 |
|
961 | /**
|
962 | * Checks a verification code sent to the user by email or other out-of-band mechanism.
|
963 | *
|
964 | * @returns metadata about the code.
|
965 | *
|
966 | * @param auth - The {@link Auth} instance.
|
967 | * @param oobCode - A verification code sent to the user.
|
968 | *
|
969 | * @public
|
970 | */
|
971 | export declare function checkActionCode(auth: Auth, oobCode: string): Promise<ActionCodeInfo>;
|
972 |
|
973 | /**
|
974 | * @internal
|
975 | */
|
976 | declare const enum ClientPlatform {
|
977 | BROWSER = "Browser",
|
978 | NODE = "Node",
|
979 | REACT_NATIVE = "ReactNative",
|
980 | CORDOVA = "Cordova",
|
981 | WORKER = "Worker"
|
982 | }
|
983 | export { CompleteFn }
|
984 |
|
985 | /**
|
986 | * Interface representing the `Auth` config.
|
987 | *
|
988 | * @public
|
989 | */
|
990 | export declare interface Config {
|
991 | /**
|
992 | * The API Key used to communicate with the Firebase Auth backend.
|
993 | */
|
994 | apiKey: string;
|
995 | /**
|
996 | * The host at which the Firebase Auth backend is running.
|
997 | */
|
998 | apiHost: string;
|
999 | /**
|
1000 | * The scheme used to communicate with the Firebase Auth backend.
|
1001 | */
|
1002 | apiScheme: string;
|
1003 | /**
|
1004 | * The host at which the Secure Token API is running.
|
1005 | */
|
1006 | tokenApiHost: string;
|
1007 | /**
|
1008 | * The SDK Client Version.
|
1009 | */
|
1010 | sdkClientVersion: string;
|
1011 | /**
|
1012 | * The domain at which the web widgets are hosted (provided via Firebase Config).
|
1013 | */
|
1014 | authDomain?: string;
|
1015 | }
|
1016 |
|
1017 | /**
|
1018 | * @internal
|
1019 | */
|
1020 | declare interface ConfigInternal extends Config {
|
1021 | /**
|
1022 | * @readonly
|
1023 | */
|
1024 | emulator?: {
|
1025 | url: string;
|
1026 | };
|
1027 | /**
|
1028 | * @readonly
|
1029 | */
|
1030 | clientPlatform: ClientPlatform;
|
1031 | }
|
1032 |
|
1033 | /**
|
1034 | * A result from a phone number sign-in, link, or reauthenticate call.
|
1035 | *
|
1036 | * @public
|
1037 | */
|
1038 | export declare interface ConfirmationResult {
|
1039 | /**
|
1040 | * The phone number authentication operation's verification ID.
|
1041 | *
|
1042 | * @remarks
|
1043 | * This can be used along with the verification code to initialize a
|
1044 | * {@link PhoneAuthCredential}.
|
1045 | */
|
1046 | readonly verificationId: string;
|
1047 | /**
|
1048 | * Finishes a phone number sign-in, link, or reauthentication.
|
1049 | *
|
1050 | * @example
|
1051 | * ```javascript
|
1052 | * const confirmationResult = await signInWithPhoneNumber(auth, phoneNumber, applicationVerifier);
|
1053 | * // Obtain verificationCode from the user.
|
1054 | * const userCredential = await confirmationResult.confirm(verificationCode);
|
1055 | * ```
|
1056 | *
|
1057 | * @param verificationCode - The code that was sent to the user's mobile device.
|
1058 | */
|
1059 | confirm(verificationCode: string): Promise<UserCredential>;
|
1060 | }
|
1061 |
|
1062 | /**
|
1063 | * Completes the password reset process, given a confirmation code and new password.
|
1064 | *
|
1065 | * @param auth - The {@link Auth} instance.
|
1066 | * @param oobCode - A confirmation code sent to the user.
|
1067 | * @param newPassword - The new password.
|
1068 | *
|
1069 | * @public
|
1070 | */
|
1071 | export declare function confirmPasswordReset(auth: Auth, oobCode: string, newPassword: string): Promise<void>;
|
1072 |
|
1073 | /**
|
1074 | * Changes the {@link Auth} instance to communicate with the Firebase Auth Emulator, instead of production
|
1075 | * Firebase Auth services.
|
1076 | *
|
1077 | * @remarks
|
1078 | * This must be called synchronously immediately following the first call to
|
1079 | * {@link initializeAuth}. Do not use with production credentials as emulator
|
1080 | * traffic is not encrypted.
|
1081 | *
|
1082 | *
|
1083 | * @example
|
1084 | * ```javascript
|
1085 | * connectAuthEmulator(auth, 'http://127.0.0.1:9099', { disableWarnings: true });
|
1086 | * ```
|
1087 | *
|
1088 | * @param auth - The {@link Auth} instance.
|
1089 | * @param url - The URL at which the emulator is running (eg, 'http://localhost:9099').
|
1090 | * @param options - Optional. `options.disableWarnings` defaults to `false`. Set it to
|
1091 | * `true` to disable the warning banner attached to the DOM.
|
1092 | *
|
1093 | * @public
|
1094 | */
|
1095 | export declare function connectAuthEmulator(auth: Auth, url: string, options?: {
|
1096 | disableWarnings: boolean;
|
1097 | }): void;
|
1098 |
|
1099 | /**
|
1100 | * Creates a new user account associated with the specified email address and password.
|
1101 | *
|
1102 | * @remarks
|
1103 | * On successful creation of the user account, this user will also be signed in to your application.
|
1104 | *
|
1105 | * User account creation can fail if the account already exists or the password is invalid.
|
1106 | *
|
1107 | * Note: The email address acts as a unique identifier for the user and enables an email-based
|
1108 | * password reset. This function will create a new user account and set the initial user password.
|
1109 | *
|
1110 | * @param auth - The {@link Auth} instance.
|
1111 | * @param email - The user's email address.
|
1112 | * @param password - The user's chosen password.
|
1113 | *
|
1114 | * @public
|
1115 | */
|
1116 | export declare function createUserWithEmailAndPassword(auth: Auth, email: string, password: string): Promise<UserCredential>;
|
1117 |
|
1118 | /**
|
1119 | * Map of OAuth Custom Parameters.
|
1120 | *
|
1121 | * @public
|
1122 | */
|
1123 | export declare type CustomParameters = Record<string, string>;
|
1124 |
|
1125 | /**
|
1126 | * A verbose error map with detailed descriptions for most error codes.
|
1127 | *
|
1128 | * See discussion at {@link AuthErrorMap}
|
1129 | *
|
1130 | * @public
|
1131 | */
|
1132 | export declare const debugErrorMap: AuthErrorMap;
|
1133 |
|
1134 | /**
|
1135 | * Deletes and signs out the user.
|
1136 | *
|
1137 | * @remarks
|
1138 | * Important: this is a security-sensitive operation that requires the user to have recently
|
1139 | * signed in. If this requirement isn't met, ask the user to authenticate again and then call
|
1140 | * {@link reauthenticateWithCredential}.
|
1141 | *
|
1142 | * @param user - The user.
|
1143 | *
|
1144 | * @public
|
1145 | */
|
1146 | export declare function deleteUser(user: User): Promise<void>;
|
1147 |
|
1148 | /**
|
1149 | * The dependencies that can be used to initialize an {@link Auth} instance.
|
1150 | *
|
1151 | * @remarks
|
1152 | *
|
1153 | * The modular SDK enables tree shaking by allowing explicit declarations of
|
1154 | * dependencies. For example, a web app does not need to include code that
|
1155 | * enables Cordova redirect sign in. That functionality is therefore split into
|
1156 | * {@link browserPopupRedirectResolver} and
|
1157 | * {@link cordovaPopupRedirectResolver}. The dependencies object is how Auth is
|
1158 | * configured to reduce bundle sizes.
|
1159 | *
|
1160 | * There are two ways to initialize an {@link Auth} instance: {@link getAuth} and
|
1161 | * {@link initializeAuth}. `getAuth` initializes everything using
|
1162 | * platform-specific configurations, while `initializeAuth` takes a
|
1163 | * `Dependencies` object directly, giving you more control over what is used.
|
1164 | *
|
1165 | * @public
|
1166 | */
|
1167 | export declare interface Dependencies {
|
1168 | /**
|
1169 | * Which {@link Persistence} to use. If this is an array, the first
|
1170 | * `Persistence` that the device supports is used. The SDK searches for an
|
1171 | * existing account in order and, if one is found in a secondary
|
1172 | * `Persistence`, the account is moved to the primary `Persistence`.
|
1173 | *
|
1174 | * If no persistence is provided, the SDK falls back on
|
1175 | * {@link inMemoryPersistence}.
|
1176 | */
|
1177 | persistence?: Persistence | Persistence[];
|
1178 | /**
|
1179 | * The {@link PopupRedirectResolver} to use. This value depends on the
|
1180 | * platform. Options are {@link browserPopupRedirectResolver} and
|
1181 | * {@link cordovaPopupRedirectResolver}. This field is optional if neither
|
1182 | * {@link signInWithPopup} or {@link signInWithRedirect} are being used.
|
1183 | */
|
1184 | popupRedirectResolver?: PopupRedirectResolver;
|
1185 | /**
|
1186 | * Which {@link AuthErrorMap} to use.
|
1187 | */
|
1188 | errorMap?: AuthErrorMap;
|
1189 | }
|
1190 |
|
1191 | /**
|
1192 | * Interface that represents the credentials returned by {@link EmailAuthProvider} for
|
1193 | * {@link ProviderId}.PASSWORD
|
1194 | *
|
1195 | * @remarks
|
1196 | * Covers both {@link SignInMethod}.EMAIL_PASSWORD and
|
1197 | * {@link SignInMethod}.EMAIL_LINK.
|
1198 | *
|
1199 | * @public
|
1200 | */
|
1201 | export declare class EmailAuthCredential extends AuthCredential {
|
1202 | /** @internal */
|
1203 | readonly _email: string;
|
1204 | /** @internal */
|
1205 | readonly _password: string;
|
1206 | /** @internal */
|
1207 | readonly _tenantId: string | null;
|
1208 | /** @internal */
|
1209 | private constructor();
|
1210 | /** @internal */
|
1211 | static _fromEmailAndPassword(email: string, password: string): EmailAuthCredential;
|
1212 | /** @internal */
|
1213 | static _fromEmailAndCode(email: string, oobCode: string, tenantId?: string | null): EmailAuthCredential;
|
1214 | /** {@inheritdoc AuthCredential.toJSON} */
|
1215 | toJSON(): object;
|
1216 | /**
|
1217 | * Static method to deserialize a JSON representation of an object into an {@link AuthCredential}.
|
1218 | *
|
1219 | * @param json - Either `object` or the stringified representation of the object. When string is
|
1220 | * provided, `JSON.parse` would be called first.
|
1221 | *
|
1222 | * @returns If the JSON input does not represent an {@link AuthCredential}, null is returned.
|
1223 | */
|
1224 | static fromJSON(json: object | string): EmailAuthCredential | null;
|
1225 | /** @internal */
|
1226 | _getIdTokenResponse(auth: AuthInternal): Promise<IdTokenResponse>;
|
1227 | /** @internal */
|
1228 | _linkToIdToken(auth: AuthInternal, idToken: string): Promise<IdTokenResponse>;
|
1229 | /** @internal */
|
1230 | _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse>;
|
1231 | }
|
1232 |
|
1233 | /**
|
1234 | * Provider for generating {@link EmailAuthCredential}.
|
1235 | *
|
1236 | * @public
|
1237 | */
|
1238 | export declare class EmailAuthProvider implements AuthProvider {
|
1239 | /**
|
1240 | * Always set to {@link ProviderId}.PASSWORD, even for email link.
|
1241 | */
|
1242 | static readonly PROVIDER_ID: 'password';
|
1243 | /**
|
1244 | * Always set to {@link SignInMethod}.EMAIL_PASSWORD.
|
1245 | */
|
1246 | static readonly EMAIL_PASSWORD_SIGN_IN_METHOD: 'password';
|
1247 | /**
|
1248 | * Always set to {@link SignInMethod}.EMAIL_LINK.
|
1249 | */
|
1250 | static readonly EMAIL_LINK_SIGN_IN_METHOD: 'emailLink';
|
1251 | /**
|
1252 | * Always set to {@link ProviderId}.PASSWORD, even for email link.
|
1253 | */
|
1254 | readonly providerId: "password";
|
1255 | /**
|
1256 | * Initialize an {@link AuthCredential} using an email and password.
|
1257 | *
|
1258 | * @example
|
1259 | * ```javascript
|
1260 | * const authCredential = EmailAuthProvider.credential(email, password);
|
1261 | * const userCredential = await signInWithCredential(auth, authCredential);
|
1262 | * ```
|
1263 | *
|
1264 | * @example
|
1265 | * ```javascript
|
1266 | * const userCredential = await signInWithEmailAndPassword(auth, email, password);
|
1267 | * ```
|
1268 | *
|
1269 | * @param email - Email address.
|
1270 | * @param password - User account password.
|
1271 | * @returns The auth provider credential.
|
1272 | */
|
1273 | static credential(email: string, password: string): EmailAuthCredential;
|
1274 | /**
|
1275 | * Initialize an {@link AuthCredential} using an email and an email link after a sign in with
|
1276 | * email link operation.
|
1277 | *
|
1278 | * @example
|
1279 | * ```javascript
|
1280 | * const authCredential = EmailAuthProvider.credentialWithLink(auth, email, emailLink);
|
1281 | * const userCredential = await signInWithCredential(auth, authCredential);
|
1282 | * ```
|
1283 | *
|
1284 | * @example
|
1285 | * ```javascript
|
1286 | * await sendSignInLinkToEmail(auth, email);
|
1287 | * // Obtain emailLink from user.
|
1288 | * const userCredential = await signInWithEmailLink(auth, email, emailLink);
|
1289 | * ```
|
1290 | *
|
1291 | * @param auth - The {@link Auth} instance used to verify the link.
|
1292 | * @param email - Email address.
|
1293 | * @param emailLink - Sign-in email link.
|
1294 | * @returns - The auth provider credential.
|
1295 | */
|
1296 | static credentialWithLink(email: string, emailLink: string): EmailAuthCredential;
|
1297 | }
|
1298 |
|
1299 | /**
|
1300 | * Configuration of Firebase Authentication Emulator.
|
1301 | * @public
|
1302 | */
|
1303 | export declare interface EmulatorConfig {
|
1304 | /**
|
1305 | * The protocol used to communicate with the emulator ("http"/"https").
|
1306 | */
|
1307 | readonly protocol: string;
|
1308 | /**
|
1309 | * The hostname of the emulator, which may be a domain ("localhost"), IPv4 address ("127.0.0.1")
|
1310 | * or quoted IPv6 address ("[::1]").
|
1311 | */
|
1312 | readonly host: string;
|
1313 | /**
|
1314 | * The port of the emulator, or null if port isn't specified (i.e. protocol default).
|
1315 | */
|
1316 | readonly port: number | null;
|
1317 | /**
|
1318 | * The emulator-specific options.
|
1319 | */
|
1320 | readonly options: {
|
1321 | /**
|
1322 | * Whether the warning banner attached to the DOM was disabled.
|
1323 | */
|
1324 | readonly disableWarnings: boolean;
|
1325 | };
|
1326 | }
|
1327 | export { ErrorFn }
|
1328 |
|
1329 | /**
|
1330 | * @internal
|
1331 | */
|
1332 | declare interface EventManager {
|
1333 | registerConsumer(authEventConsumer: AuthEventConsumer): void;
|
1334 | unregisterConsumer(authEventConsumer: AuthEventConsumer): void;
|
1335 | }
|
1336 |
|
1337 | /**
|
1338 | * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.FACEBOOK.
|
1339 | *
|
1340 | * @example
|
1341 | * ```javascript
|
1342 | * // Sign in using a redirect.
|
1343 | * const provider = new FacebookAuthProvider();
|
1344 | * // Start a sign in process for an unauthenticated user.
|
1345 | * provider.addScope('user_birthday');
|
1346 | * await signInWithRedirect(auth, provider);
|
1347 | * // This will trigger a full page redirect away from your app
|
1348 | *
|
1349 | * // After returning from the redirect when your app initializes you can obtain the result
|
1350 | * const result = await getRedirectResult(auth);
|
1351 | * if (result) {
|
1352 | * // This is the signed-in user
|
1353 | * const user = result.user;
|
1354 | * // This gives you a Facebook Access Token.
|
1355 | * const credential = FacebookAuthProvider.credentialFromResult(result);
|
1356 | * const token = credential.accessToken;
|
1357 | * }
|
1358 | * ```
|
1359 | *
|
1360 | * @example
|
1361 | * ```javascript
|
1362 | * // Sign in using a popup.
|
1363 | * const provider = new FacebookAuthProvider();
|
1364 | * provider.addScope('user_birthday');
|
1365 | * const result = await signInWithPopup(auth, provider);
|
1366 | *
|
1367 | * // The signed-in user info.
|
1368 | * const user = result.user;
|
1369 | * // This gives you a Facebook Access Token.
|
1370 | * const credential = FacebookAuthProvider.credentialFromResult(result);
|
1371 | * const token = credential.accessToken;
|
1372 | * ```
|
1373 | *
|
1374 | * @public
|
1375 | */
|
1376 | export declare class FacebookAuthProvider extends BaseOAuthProvider {
|
1377 | /** Always set to {@link SignInMethod}.FACEBOOK. */
|
1378 | static readonly FACEBOOK_SIGN_IN_METHOD: 'facebook.com';
|
1379 | /** Always set to {@link ProviderId}.FACEBOOK. */
|
1380 | static readonly PROVIDER_ID: 'facebook.com';
|
1381 | constructor();
|
1382 | /**
|
1383 | * Creates a credential for Facebook.
|
1384 | *
|
1385 | * @example
|
1386 | * ```javascript
|
1387 | * // `event` from the Facebook auth.authResponseChange callback.
|
1388 | * const credential = FacebookAuthProvider.credential(event.authResponse.accessToken);
|
1389 | * const result = await signInWithCredential(credential);
|
1390 | * ```
|
1391 | *
|
1392 | * @param accessToken - Facebook access token.
|
1393 | */
|
1394 | static credential(accessToken: string): OAuthCredential;
|
1395 | /**
|
1396 | * Used to extract the underlying {from a { UserCredential}.
OAuthCredential} |
1397 | *
|
1398 | * userCredential - The user credential.
|
1399 | */
|
1400 | static credentialFromResult(userCredential: UserCredential): OAuthCredential | null;
|
1401 | /**
|
1402 | * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was
|
1403 | * thrown during a sign-in, link, or reauthenticate operation.
|
1404 | *
|
1405 | * @param userCredential - The user credential.
|
1406 | */
|
1407 | static credentialFromError(error: FirebaseError): OAuthCredential | null;
|
1408 | private static credentialFromTaggedObject;
|
1409 | }
|
1410 |
|
1411 | /**
|
1412 | * An enum of factors that may be used for multifactor authentication.
|
1413 | *
|
1414 | * @public
|
1415 | */
|
1416 | export declare const FactorId: {
|
1417 | /** Phone as second factor */
|
1418 | readonly PHONE: "phone";
|
1419 | };
|
1420 |
|
1421 | /**
|
1422 | * The base class for all Federated providers (OAuth (including OIDC), SAML).
|
1423 | *
|
1424 | * This class is not meant to be instantiated directly.
|
1425 | *
|
1426 | * @public
|
1427 | */
|
1428 | declare abstract class FederatedAuthProvider implements AuthProvider {
|
1429 | readonly providerId: string;
|
1430 | /** @internal */
|
1431 | defaultLanguageCode: string | null;
|
1432 | /** @internal */
|
1433 | private customParameters;
|
1434 | /**
|
1435 | * Constructor for generic OAuth providers.
|
1436 | *
|
1437 | * @param providerId - Provider for which credentials should be generated.
|
1438 | */
|
1439 | constructor(providerId: string);
|
1440 | /**
|
1441 | * Set the language gode.
|
1442 | *
|
1443 | * @param languageCode - language code
|
1444 | */
|
1445 | setDefaultLanguage(languageCode: string | null): void;
|
1446 | /**
|
1447 | * Sets the OAuth custom parameters to pass in an OAuth request for popup and redirect sign-in
|
1448 | * operations.
|
1449 | *
|
1450 | * @remarks
|
1451 | * For a detailed list, check the reserved required OAuth 2.0 parameters such as `client_id`,
|
1452 | * `redirect_uri`, `scope`, `response_type`, and `state` are not allowed and will be ignored.
|
1453 | *
|
1454 | * @param customOAuthParameters - The custom OAuth parameters to pass in the OAuth request.
|
1455 | */
|
1456 | setCustomParameters(customOAuthParameters: CustomParameters): AuthProvider;
|
1457 | /**
|
1458 | * Retrieve the current list of { CustomParameters}.
|
1459 | */
|
1460 | getCustomParameters(): CustomParameters;
|
1461 | }
|
1462 |
|
1463 | /**
|
1464 | * Gets the list of possible sign in methods for the given email address.
|
1465 | *
|
1466 | * @remarks
|
1467 | * This is useful to differentiate methods of sign-in for the same provider, eg.
|
1468 | * {@link EmailAuthProvider} which has 2 methods of sign-in,
|
1469 | * {@link SignInMethod}.EMAIL_PASSWORD and
|
1470 | * {@link SignInMethod}.EMAIL_LINK.
|
1471 | *
|
1472 | * @param auth - The {@link Auth} instance.
|
1473 | * @param email - The user's email address.
|
1474 | *
|
1475 | * @public
|
1476 | */
|
1477 | export declare function fetchSignInMethodsForEmail(auth: Auth, email: string): Promise<string[]>;
|
1478 |
|
1479 | declare interface FinalizeMfaResponse {
|
1480 | idToken: string;
|
1481 | refreshToken: string;
|
1482 | }
|
1483 |
|
1484 | /**
|
1485 | * @internal
|
1486 | */
|
1487 | declare type GenericAuthErrorParams = {
|
1488 | [key in Exclude<AuthErrorCode, AuthErrorCode.ARGUMENT_ERROR | AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH | AuthErrorCode.INTERNAL_ERROR | AuthErrorCode.MFA_REQUIRED | AuthErrorCode.NO_AUTH_EVENT | AuthErrorCode.OPERATION_NOT_SUPPORTED>]: {
|
1489 | appName?: AppName;
|
1490 | email?: string;
|
1491 | phoneNumber?: string;
|
1492 | message?: string;
|
1493 | };
|
1494 | };
|
1495 |
|
1496 | /**
|
1497 | * Extracts provider specific {@link AdditionalUserInfo} for the given credential.
|
1498 | *
|
1499 | * @param userCredential - The user credential.
|
1500 | *
|
1501 | * @public
|
1502 | */
|
1503 | export declare function getAdditionalUserInfo(userCredential: UserCredential): AdditionalUserInfo | null;
|
1504 |
|
1505 | /**
|
1506 | * Returns the Auth instance associated with the provided {@link @firebase/app#FirebaseApp}.
|
1507 | * If no instance exists, initializes an Auth instance with platform-specific default dependencies.
|
1508 | *
|
1509 | * @param app - The Firebase App.
|
1510 | *
|
1511 | * @public
|
1512 | */
|
1513 | export declare function getAuth(app?: FirebaseApp): Auth;
|
1514 |
|
1515 | /**
|
1516 | * Returns a JSON Web Token (JWT) used to identify the user to a Firebase service.
|
1517 | *
|
1518 | * @remarks
|
1519 | * Returns the current token if it has not expired or if it will not expire in the next five
|
1520 | * minutes. Otherwise, this will refresh the token and return a new one.
|
1521 | *
|
1522 | * @param user - The user.
|
1523 | * @param forceRefresh - Force refresh regardless of token expiration.
|
1524 | *
|
1525 | * @public
|
1526 | */
|
1527 | export declare function getIdToken(user: User, forceRefresh?: boolean): Promise<string>;
|
1528 |
|
1529 | /**
|
1530 | * Returns a deserialized JSON Web Token (JWT) used to identitfy the user to a Firebase service.
|
1531 | *
|
1532 | * @remarks
|
1533 | * Returns the current token if it has not expired or if it will not expire in the next five
|
1534 | * minutes. Otherwise, this will refresh the token and return a new one.
|
1535 | *
|
1536 | * @param user - The user.
|
1537 | * @param forceRefresh - Force refresh regardless of token expiration.
|
1538 | *
|
1539 | * @public
|
1540 | */
|
1541 | export declare function getIdTokenResult(user: User, forceRefresh?: boolean): Promise<IdTokenResult>;
|
1542 |
|
1543 | /**
|
1544 | * Provides a {@link MultiFactorResolver} suitable for completion of a
|
1545 | * multi-factor flow.
|
1546 | *
|
1547 | * @param auth - The {@link Auth} instance.
|
1548 | * @param error - The {@link MultiFactorError} raised during a sign-in, or
|
1549 | * reauthentication operation.
|
1550 | *
|
1551 | * @public
|
1552 | */
|
1553 | export declare function getMultiFactorResolver(auth: Auth, error: MultiFactorError): MultiFactorResolver;
|
1554 |
|
1555 | /**
|
1556 | * Returns a {@link UserCredential} from the redirect-based sign-in flow.
|
1557 | *
|
1558 | * @remarks
|
1559 | * If sign-in succeeded, returns the signed in user. If sign-in was unsuccessful, fails with an
|
1560 | * error. If no redirect operation was called, returns a {@link UserCredential}
|
1561 | * with a null `user`.
|
1562 | *
|
1563 | * @example
|
1564 | * ```javascript
|
1565 | * // Sign in using a redirect.
|
1566 | * const provider = new FacebookAuthProvider();
|
1567 | * // You can add additional scopes to the provider:
|
1568 | * provider.addScope('user_birthday');
|
1569 | * // Start a sign in process for an unauthenticated user.
|
1570 | * await signInWithRedirect(auth, provider);
|
1571 | * // This will trigger a full page redirect away from your app
|
1572 | *
|
1573 | * // After returning from the redirect when your app initializes you can obtain the result
|
1574 | * const result = await getRedirectResult(auth);
|
1575 | * if (result) {
|
1576 | * // This is the signed-in user
|
1577 | * const user = result.user;
|
1578 | * // This gives you a Facebook Access Token.
|
1579 | * const credential = provider.credentialFromResult(auth, result);
|
1580 | * const token = credential.accessToken;
|
1581 | * }
|
1582 | * // As this API can be used for sign-in, linking and reauthentication,
|
1583 | * // check the operationType to determine what triggered this redirect
|
1584 | * // operation.
|
1585 | * const operationType = result.operationType;
|
1586 | * ```
|
1587 | *
|
1588 | * @param auth - The {@link Auth} instance.
|
1589 | * @param resolver - An instance of {@link PopupRedirectResolver}, optional
|
1590 | * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.
|
1591 | *
|
1592 | * @public
|
1593 | */
|
1594 | export declare function getRedirectResult(auth: Auth, resolver?: PopupRedirectResolver): Promise<UserCredential | null>;
|
1595 |
|
1596 | /**
|
1597 | * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.GITHUB.
|
1598 | *
|
1599 | * @remarks
|
1600 | * GitHub requires an OAuth 2.0 redirect, so you can either handle the redirect directly, or use
|
1601 | * the {@link signInWithPopup} handler:
|
1602 | *
|
1603 | * @example
|
1604 | * ```javascript
|
1605 | * // Sign in using a redirect.
|
1606 | * const provider = new GithubAuthProvider();
|
1607 | * // Start a sign in process for an unauthenticated user.
|
1608 | * provider.addScope('repo');
|
1609 | * await signInWithRedirect(auth, provider);
|
1610 | * // This will trigger a full page redirect away from your app
|
1611 | *
|
1612 | * // After returning from the redirect when your app initializes you can obtain the result
|
1613 | * const result = await getRedirectResult(auth);
|
1614 | * if (result) {
|
1615 | * // This is the signed-in user
|
1616 | * const user = result.user;
|
1617 | * // This gives you a Github Access Token.
|
1618 | * const credential = GithubAuthProvider.credentialFromResult(result);
|
1619 | * const token = credential.accessToken;
|
1620 | * }
|
1621 | * ```
|
1622 | *
|
1623 | * @example
|
1624 | * ```javascript
|
1625 | * // Sign in using a popup.
|
1626 | * const provider = new GithubAuthProvider();
|
1627 | * provider.addScope('repo');
|
1628 | * const result = await signInWithPopup(auth, provider);
|
1629 | *
|
1630 | * // The signed-in user info.
|
1631 | * const user = result.user;
|
1632 | * // This gives you a Github Access Token.
|
1633 | * const credential = GithubAuthProvider.credentialFromResult(result);
|
1634 | * const token = credential.accessToken;
|
1635 | * ```
|
1636 | * @public
|
1637 | */
|
1638 | export declare class GithubAuthProvider extends BaseOAuthProvider {
|
1639 | /** Always set to {@link SignInMethod}.GITHUB. */
|
1640 | static readonly GITHUB_SIGN_IN_METHOD: 'github.com';
|
1641 | /** Always set to {@link ProviderId}.GITHUB. */
|
1642 | static readonly PROVIDER_ID: 'github.com';
|
1643 | constructor();
|
1644 | /**
|
1645 | * Creates a credential for Github.
|
1646 | *
|
1647 | * @param accessToken - Github access token.
|
1648 | */
|
1649 | static credential(accessToken: string): OAuthCredential;
|
1650 | /**
|
1651 | * Used to extract the underlying {from a { UserCredential}.
OAuthCredential} |
1652 | *
|
1653 | * userCredential - The user credential.
|
1654 | */
|
1655 | static credentialFromResult(userCredential: UserCredential): OAuthCredential | null;
|
1656 | /**
|
1657 | * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was
|
1658 | * thrown during a sign-in, link, or reauthenticate operation.
|
1659 | *
|
1660 | * @param userCredential - The user credential.
|
1661 | */
|
1662 | static credentialFromError(error: FirebaseError): OAuthCredential | null;
|
1663 | private static credentialFromTaggedObject;
|
1664 | }
|
1665 |
|
1666 | /**
|
1667 | * Provider for generating an an {@link OAuthCredential} for {@link ProviderId}.GOOGLE.
|
1668 | *
|
1669 | * @example
|
1670 | * ```javascript
|
1671 | * // Sign in using a redirect.
|
1672 | * const provider = new GoogleAuthProvider();
|
1673 | * // Start a sign in process for an unauthenticated user.
|
1674 | * provider.addScope('profile');
|
1675 | * provider.addScope('email');
|
1676 | * await signInWithRedirect(auth, provider);
|
1677 | * // This will trigger a full page redirect away from your app
|
1678 | *
|
1679 | * // After returning from the redirect when your app initializes you can obtain the result
|
1680 | * const result = await getRedirectResult(auth);
|
1681 | * if (result) {
|
1682 | * // This is the signed-in user
|
1683 | * const user = result.user;
|
1684 | * // This gives you a Google Access Token.
|
1685 | * const credential = GoogleAuthProvider.credentialFromResult(result);
|
1686 | * const token = credential.accessToken;
|
1687 | * }
|
1688 | * ```
|
1689 | *
|
1690 | * @example
|
1691 | * ```javascript
|
1692 | * // Sign in using a popup.
|
1693 | * const provider = new GoogleAuthProvider();
|
1694 | * provider.addScope('profile');
|
1695 | * provider.addScope('email');
|
1696 | * const result = await signInWithPopup(auth, provider);
|
1697 | *
|
1698 | * // The signed-in user info.
|
1699 | * const user = result.user;
|
1700 | * // This gives you a Google Access Token.
|
1701 | * const credential = GoogleAuthProvider.credentialFromResult(result);
|
1702 | * const token = credential.accessToken;
|
1703 | * ```
|
1704 | *
|
1705 | * @public
|
1706 | */
|
1707 | export declare class GoogleAuthProvider extends BaseOAuthProvider {
|
1708 | /** Always set to {@link SignInMethod}.GOOGLE. */
|
1709 | static readonly GOOGLE_SIGN_IN_METHOD: 'google.com';
|
1710 | /** Always set to {@link ProviderId}.GOOGLE. */
|
1711 | static readonly PROVIDER_ID: 'google.com';
|
1712 | constructor();
|
1713 | /**
|
1714 | * Creates a credential for Google. At least one of ID token and access token is required.
|
1715 | *
|
1716 | * @example
|
1717 | * ```javascript
|
1718 | * // \`googleUser\` from the onsuccess Google Sign In callback.
|
1719 | * const credential = GoogleAuthProvider.credential(googleUser.getAuthResponse().id_token);
|
1720 | * const result = await signInWithCredential(credential);
|
1721 | * ```
|
1722 | *
|
1723 | * @param idToken - Google ID token.
|
1724 | * @param accessToken - Google access token.
|
1725 | */
|
1726 | static credential(idToken?: string | null, accessToken?: string | null): OAuthCredential;
|
1727 | /**
|
1728 | * Used to extract the underlying {from a { UserCredential}.
OAuthCredential} |
1729 | *
|
1730 | * userCredential - The user credential.
|
1731 | */
|
1732 | static credentialFromResult(userCredential: UserCredential): OAuthCredential | null;
|
1733 | /**
|
1734 | * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was
|
1735 | * thrown during a sign-in, link, or reauthenticate operation.
|
1736 | *
|
1737 | * @param userCredential - The user credential.
|
1738 | */
|
1739 | static credentialFromError(error: FirebaseError): OAuthCredential | null;
|
1740 | private static credentialFromTaggedObject;
|
1741 | }
|
1742 |
|
1743 | /**
|
1744 | * Raw encoded JWT
|
1745 | *
|
1746 | */
|
1747 | declare type IdToken = string;
|
1748 |
|
1749 | /**
|
1750 | * @internal
|
1751 | */
|
1752 | declare interface IdTokenMfaResponse extends IdTokenResponse {
|
1753 | mfaPendingCredential?: string;
|
1754 | mfaInfo?: MfaEnrollment[];
|
1755 | }
|
1756 |
|
1757 | /**
|
1758 | * IdToken as returned by the API
|
1759 | *
|
1760 | * @internal
|
1761 | */
|
1762 | declare interface IdTokenResponse {
|
1763 | localId: string;
|
1764 | idToken?: IdToken;
|
1765 | refreshToken?: string;
|
1766 | expiresIn?: string;
|
1767 | providerId?: string;
|
1768 | displayName?: string | null;
|
1769 | isNewUser?: boolean;
|
1770 | kind?: IdTokenResponseKind;
|
1771 | photoUrl?: string | null;
|
1772 | rawUserInfo?: string;
|
1773 | screenName?: string | null;
|
1774 | }
|
1775 |
|
1776 | /**
|
1777 | * The possible types of the `IdTokenResponse`
|
1778 | *
|
1779 | * @internal
|
1780 | */
|
1781 | declare const enum IdTokenResponseKind {
|
1782 | CreateAuthUri = "identitytoolkit#CreateAuthUriResponse",
|
1783 | DeleteAccount = "identitytoolkit#DeleteAccountResponse",
|
1784 | DownloadAccount = "identitytoolkit#DownloadAccountResponse",
|
1785 | EmailLinkSignin = "identitytoolkit#EmailLinkSigninResponse",
|
1786 | GetAccountInfo = "identitytoolkit#GetAccountInfoResponse",
|
1787 | GetOobConfirmationCode = "identitytoolkit#GetOobConfirmationCodeResponse",
|
1788 | GetRecaptchaParam = "identitytoolkit#GetRecaptchaParamResponse",
|
1789 | ResetPassword = "identitytoolkit#ResetPasswordResponse",
|
1790 | SetAccountInfo = "identitytoolkit#SetAccountInfoResponse",
|
1791 | SignupNewUser = "identitytoolkit#SignupNewUserResponse",
|
1792 | UploadAccount = "identitytoolkit#UploadAccountResponse",
|
1793 | VerifyAssertion = "identitytoolkit#VerifyAssertionResponse",
|
1794 | VerifyCustomToken = "identitytoolkit#VerifyCustomTokenResponse",
|
1795 | VerifyPassword = "identitytoolkit#VerifyPasswordResponse"
|
1796 | }
|
1797 |
|
1798 | /**
|
1799 | * Interface representing ID token result obtained from {@link User.getIdTokenResult}.
|
1800 | *
|
1801 | * @remarks
|
1802 | * `IdTokenResult` contains the ID token JWT string and other helper properties for getting different data
|
1803 | * associated with the token as well as all the decoded payload claims.
|
1804 | *
|
1805 | * Note that these claims are not to be trusted as they are parsed client side. Only server side
|
1806 | * verification can guarantee the integrity of the token claims.
|
1807 | *
|
1808 | * @public
|
1809 | */
|
1810 | export declare interface IdTokenResult {
|
1811 | /**
|
1812 | * The authentication time formatted as a UTC string.
|
1813 | *
|
1814 | * @remarks
|
1815 | * This is the time the user authenticated (signed in) and not the time the token was refreshed.
|
1816 | */
|
1817 | authTime: string;
|
1818 | /** The ID token expiration time formatted as a UTC string. */
|
1819 | expirationTime: string;
|
1820 | /** The ID token issuance time formatted as a UTC string. */
|
1821 | issuedAtTime: string;
|
1822 | /**
|
1823 | * The sign-in provider through which the ID token was obtained (anonymous, custom, phone,
|
1824 | * password, etc).
|
1825 | *
|
1826 | * @remarks
|
1827 | * Note, this does not map to provider IDs.
|
1828 | */
|
1829 | signInProvider: string | null;
|
1830 | /**
|
1831 | * The type of second factor associated with this session, provided the user was multi-factor
|
1832 | * authenticated (eg. phone, etc).
|
1833 | */
|
1834 | signInSecondFactor: string | null;
|
1835 | /** The Firebase Auth ID token JWT string. */
|
1836 | token: string;
|
1837 | /**
|
1838 | * The entire payload claims of the ID token including the standard reserved claims as well as
|
1839 | * the custom claims.
|
1840 | */
|
1841 | claims: ParsedToken;
|
1842 | }
|
1843 |
|
1844 | /**
|
1845 | * An implementation of {@link Persistence} of type `LOCAL` using `indexedDB`
|
1846 | * for the underlying storage.
|
1847 | *
|
1848 | * @public
|
1849 | */
|
1850 | export declare const indexedDBLocalPersistence: Persistence;
|
1851 |
|
1852 | /**
|
1853 | * Initializes an {@link Auth} instance with fine-grained control over
|
1854 | * {@link Dependencies}.
|
1855 | *
|
1856 | * @remarks
|
1857 | *
|
1858 | * This function allows more control over the {@link Auth} instance than
|
1859 | * {@link getAuth}. `getAuth` uses platform-specific defaults to supply
|
1860 | * the {@link Dependencies}. In general, `getAuth` is the easiest way to
|
1861 | * initialize Auth and works for most use cases. Use `initializeAuth` if you
|
1862 | * need control over which persistence layer is used, or to minimize bundle
|
1863 | * size if you're not using either `signInWithPopup` or `signInWithRedirect`.
|
1864 | *
|
1865 | * For example, if your app only uses anonymous accounts and you only want
|
1866 | * accounts saved for the current session, initialize `Auth` with:
|
1867 | *
|
1868 | * ```js
|
1869 | * const auth = initializeAuth(app, {
|
1870 | * persistence: browserSessionPersistence,
|
1871 | * popupRedirectResolver: undefined,
|
1872 | * });
|
1873 | * ```
|
1874 | *
|
1875 | * @public
|
1876 | */
|
1877 | export declare function initializeAuth(app: FirebaseApp, deps?: Dependencies): Auth;
|
1878 |
|
1879 | /**
|
1880 | * An implementation of {@link Persistence} of type 'NONE'.
|
1881 | *
|
1882 | * @public
|
1883 | */
|
1884 | export declare const inMemoryPersistence: Persistence;
|
1885 |
|
1886 | /**
|
1887 | * Checks if an incoming link is a sign-in with email link suitable for {@link signInWithEmailLink}.
|
1888 | *
|
1889 | * @param auth - The {@link Auth} instance.
|
1890 | * @param emailLink - The link sent to the user's email address.
|
1891 | *
|
1892 | * @public
|
1893 | */
|
1894 | export declare function isSignInWithEmailLink(auth: Auth, emailLink: string): boolean;
|
1895 |
|
1896 | /**
|
1897 | * Links the user account with the given credentials.
|
1898 | *
|
1899 | * @remarks
|
1900 | * An {@link AuthProvider} can be used to generate the credential.
|
1901 | *
|
1902 | * @param user - The user.
|
1903 | * @param credential - The auth credential.
|
1904 | *
|
1905 | * @public
|
1906 | */
|
1907 | export declare function linkWithCredential(user: User, credential: AuthCredential): Promise<UserCredential>;
|
1908 |
|
1909 | /**
|
1910 | * Links the user account with the given phone number.
|
1911 | *
|
1912 | * @param user - The user.
|
1913 | * @param phoneNumber - The user's phone number in E.164 format (e.g. +16505550101).
|
1914 | * @param appVerifier - The {@link ApplicationVerifier}.
|
1915 | *
|
1916 | * @public
|
1917 | */
|
1918 | export declare function linkWithPhoneNumber(user: User, phoneNumber: string, appVerifier: ApplicationVerifier): Promise<ConfirmationResult>;
|
1919 |
|
1920 | /**
|
1921 | * Links the authenticated provider to the user account using a pop-up based OAuth flow.
|
1922 | *
|
1923 | * @remarks
|
1924 | * If the linking is successful, the returned result will contain the user and the provider's credential.
|
1925 | *
|
1926 | *
|
1927 | * @example
|
1928 | * ```javascript
|
1929 | * // Sign in using some other provider.
|
1930 | * const result = await signInWithEmailAndPassword(auth, email, password);
|
1931 | * // Link using a popup.
|
1932 | * const provider = new FacebookAuthProvider();
|
1933 | * await linkWithPopup(result.user, provider);
|
1934 | * ```
|
1935 | *
|
1936 | * @param user - The user.
|
1937 | * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.
|
1938 | * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.
|
1939 | * @param resolver - An instance of {@link PopupRedirectResolver}, optional
|
1940 | * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.
|
1941 | *
|
1942 | * @public
|
1943 | */
|
1944 | export declare function linkWithPopup(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<UserCredential>;
|
1945 |
|
1946 | /**
|
1947 | * Links the {@link OAuthProvider} to the user account using a full-page redirect flow.
|
1948 | *
|
1949 | * @example
|
1950 | * ```javascript
|
1951 | * // Sign in using some other provider.
|
1952 | * const result = await signInWithEmailAndPassword(auth, email, password);
|
1953 | * // Link using a redirect.
|
1954 | * const provider = new FacebookAuthProvider();
|
1955 | * await linkWithRedirect(result.user, provider);
|
1956 | * // This will trigger a full page redirect away from your app
|
1957 | *
|
1958 | * // After returning from the redirect when your app initializes you can obtain the result
|
1959 | * const result = await getRedirectResult(auth);
|
1960 | * ```
|
1961 | *
|
1962 | * @param user - The user.
|
1963 | * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.
|
1964 | * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.
|
1965 | * @param resolver - An instance of {@link PopupRedirectResolver}, optional
|
1966 | * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.
|
1967 | *
|
1968 | *
|
1969 | * @public
|
1970 | */
|
1971 | export declare function linkWithRedirect(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<never>;
|
1972 |
|
1973 | /**
|
1974 | * MfaEnrollment can be any subtype of BaseMfaEnrollment, currently only PhoneMfaEnrollment is supported
|
1975 | */
|
1976 | declare type MfaEnrollment = PhoneMfaEnrollment;
|
1977 |
|
1978 | /**
|
1979 | * The {@link MultiFactorUser} corresponding to the user.
|
1980 | *
|
1981 | * @remarks
|
1982 | * This is used to access all multi-factor properties and operations related to the user.
|
1983 | *
|
1984 | * @param user - The user.
|
1985 | *
|
1986 | * @public
|
1987 | */
|
1988 | export declare function multiFactor(user: User): MultiFactorUser;
|
1989 |
|
1990 | /**
|
1991 | * The base class for asserting ownership of a second factor.
|
1992 | *
|
1993 | * @remarks
|
1994 | * This is used to facilitate enrollment of a second factor on an existing user or sign-in of a
|
1995 | * user who already verified the first factor.
|
1996 | *
|
1997 | * @public
|
1998 | */
|
1999 | export declare interface MultiFactorAssertion {
|
2000 | /** The identifier of the second factor. */
|
2001 | readonly factorId: typeof FactorId[keyof typeof FactorId];
|
2002 | }
|
2003 |
|
2004 | /**
|
2005 | * The error thrown when the user needs to provide a second factor to sign in successfully.
|
2006 | *
|
2007 | * @remarks
|
2008 | * The error code for this error is `auth/multi-factor-auth-required`.
|
2009 | *
|
2010 | * @example
|
2011 | * ```javascript
|
2012 | * let resolver;
|
2013 | * let multiFactorHints;
|
2014 | *
|
2015 | * signInWithEmailAndPassword(auth, email, password)
|
2016 | * .then((result) => {
|
2017 | * // User signed in. No 2nd factor challenge is needed.
|
2018 | * })
|
2019 | * .catch((error) => {
|
2020 | * if (error.code == 'auth/multi-factor-auth-required') {
|
2021 | * resolver = getMultiFactorResolver(auth, error);
|
2022 | * multiFactorHints = resolver.hints;
|
2023 | * } else {
|
2024 | * // Handle other errors.
|
2025 | * }
|
2026 | * });
|
2027 | *
|
2028 | * // Obtain a multiFactorAssertion by verifying the second factor.
|
2029 | *
|
2030 | * const userCredential = await resolver.resolveSignIn(multiFactorAssertion);
|
2031 | * ```
|
2032 | *
|
2033 | * @public
|
2034 | */
|
2035 | export declare interface MultiFactorError extends AuthError {
|
2036 | /** Details about the MultiFactorError. */
|
2037 | readonly customData: AuthError['customData'] & {
|
2038 | /**
|
2039 | * The type of operation (sign-in, linking, or re-authentication) that raised the error.
|
2040 | */
|
2041 | readonly operationType: typeof OperationType[keyof typeof OperationType];
|
2042 | };
|
2043 | }
|
2044 |
|
2045 | /**
|
2046 | * A structure containing the information of a second factor entity.
|
2047 | *
|
2048 | * @public
|
2049 | */
|
2050 | export declare interface MultiFactorInfo {
|
2051 | /** The multi-factor enrollment ID. */
|
2052 | readonly uid: string;
|
2053 | /** The user friendly name of the current second factor. */
|
2054 | readonly displayName?: string | null;
|
2055 | /** The enrollment date of the second factor formatted as a UTC string. */
|
2056 | readonly enrollmentTime: string;
|
2057 | /** The identifier of the second factor. */
|
2058 | readonly factorId: typeof FactorId[keyof typeof FactorId];
|
2059 | }
|
2060 |
|
2061 | /**
|
2062 | * The class used to facilitate recovery from {@link MultiFactorError} when a user needs to
|
2063 | * provide a second factor to sign in.
|
2064 | *
|
2065 | * @example
|
2066 | * ```javascript
|
2067 | * let resolver;
|
2068 | * let multiFactorHints;
|
2069 | *
|
2070 | * signInWithEmailAndPassword(auth, email, password)
|
2071 | * .then((result) => {
|
2072 | * // User signed in. No 2nd factor challenge is needed.
|
2073 | * })
|
2074 | * .catch((error) => {
|
2075 | * if (error.code == 'auth/multi-factor-auth-required') {
|
2076 | * resolver = getMultiFactorResolver(auth, error);
|
2077 | * // Show UI to let user select second factor.
|
2078 | * multiFactorHints = resolver.hints;
|
2079 | * } else {
|
2080 | * // Handle other errors.
|
2081 | * }
|
2082 | * });
|
2083 | *
|
2084 | * // The enrolled second factors that can be used to complete
|
2085 | * // sign-in are returned in the `MultiFactorResolver.hints` list.
|
2086 | * // UI needs to be presented to allow the user to select a second factor
|
2087 | * // from that list.
|
2088 | *
|
2089 | * const selectedHint = // ; selected from multiFactorHints
|
2090 | * const phoneAuthProvider = new PhoneAuthProvider(auth);
|
2091 | * const phoneInfoOptions = {
|
2092 | * multiFactorHint: selectedHint,
|
2093 | * session: resolver.session
|
2094 | * };
|
2095 | * const verificationId = phoneAuthProvider.verifyPhoneNumber(phoneInfoOptions, appVerifier);
|
2096 | * // Store `verificationId` and show UI to let user enter verification code.
|
2097 | *
|
2098 | * // UI to enter verification code and continue.
|
2099 | * // Continue button click handler
|
2100 | * const phoneAuthCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
|
2101 | * const multiFactorAssertion = PhoneMultiFactorGenerator.assertion(phoneAuthCredential);
|
2102 | * const userCredential = await resolver.resolveSignIn(multiFactorAssertion);
|
2103 | * ```
|
2104 | *
|
2105 | * @public
|
2106 | */
|
2107 | export declare interface MultiFactorResolver {
|
2108 | /**
|
2109 | * The list of hints for the second factors needed to complete the sign-in for the current
|
2110 | * session.
|
2111 | */
|
2112 | readonly hints: MultiFactorInfo[];
|
2113 | /**
|
2114 | * The session identifier for the current sign-in flow, which can be used to complete the second
|
2115 | * factor sign-in.
|
2116 | */
|
2117 | readonly session: MultiFactorSession;
|
2118 | /**
|
2119 | * A helper function to help users complete sign in with a second factor using an
|
2120 | * {@link MultiFactorAssertion} confirming the user successfully completed the second factor
|
2121 | * challenge.
|
2122 | *
|
2123 | * @example
|
2124 | * ```javascript
|
2125 | * const phoneAuthCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
|
2126 | * const multiFactorAssertion = PhoneMultiFactorGenerator.assertion(phoneAuthCredential);
|
2127 | * const userCredential = await resolver.resolveSignIn(multiFactorAssertion);
|
2128 | * ```
|
2129 | *
|
2130 | * @param assertion - The multi-factor assertion to resolve sign-in with.
|
2131 | * @returns The promise that resolves with the user credential object.
|
2132 | */
|
2133 | resolveSignIn(assertion: MultiFactorAssertion): Promise<UserCredential>;
|
2134 | }
|
2135 |
|
2136 | /**
|
2137 | * An interface defining the multi-factor session object used for enrolling a second factor on a
|
2138 | * user or helping sign in an enrolled user with a second factor.
|
2139 | *
|
2140 | * @public
|
2141 | */
|
2142 | export declare interface MultiFactorSession {
|
2143 | }
|
2144 |
|
2145 | /**
|
2146 | * An interface that defines the multi-factor related properties and operations pertaining
|
2147 | * to a {@link User}.
|
2148 | *
|
2149 | * @public
|
2150 | */
|
2151 | export declare interface MultiFactorUser {
|
2152 | /** Returns a list of the user's enrolled second factors. */
|
2153 | readonly enrolledFactors: MultiFactorInfo[];
|
2154 | /**
|
2155 | * Returns the session identifier for a second factor enrollment operation. This is used to
|
2156 | * identify the user trying to enroll a second factor.
|
2157 | *
|
2158 | * @example
|
2159 | * ```javascript
|
2160 | * const multiFactorUser = multiFactor(auth.currentUser);
|
2161 | * const multiFactorSession = await multiFactorUser.getSession();
|
2162 | *
|
2163 | * // Send verification code.
|
2164 | * const phoneAuthProvider = new PhoneAuthProvider(auth);
|
2165 | * const phoneInfoOptions = {
|
2166 | * phoneNumber: phoneNumber,
|
2167 | * session: multiFactorSession
|
2168 | * };
|
2169 | * const verificationId = await phoneAuthProvider.verifyPhoneNumber(phoneInfoOptions, appVerifier);
|
2170 | *
|
2171 | * // Obtain verification code from user.
|
2172 | * const phoneAuthCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
|
2173 | * const multiFactorAssertion = PhoneMultiFactorGenerator.assertion(phoneAuthCredential);
|
2174 | * await multiFactorUser.enroll(multiFactorAssertion);
|
2175 | * ```
|
2176 | *
|
2177 | * @returns The promise that resolves with the {@link MultiFactorSession}.
|
2178 | */
|
2179 | getSession(): Promise<MultiFactorSession>;
|
2180 | /**
|
2181 | *
|
2182 | * Enrolls a second factor as identified by the {@link MultiFactorAssertion} for the
|
2183 | * user.
|
2184 | *
|
2185 | * @remarks
|
2186 | * On resolution, the user tokens are updated to reflect the change in the JWT payload.
|
2187 | * Accepts an additional display name parameter used to identify the second factor to the end
|
2188 | * user. Recent re-authentication is required for this operation to succeed. On successful
|
2189 | * enrollment, existing Firebase sessions (refresh tokens) are revoked. When a new factor is
|
2190 | * enrolled, an email notification is |