UNPKG

@firebase/auth/dist/auth.d.ts

Version:
140 kBTypeScriptView Raw
1/**
* Firebase Authentication
*
* @packageDocumentation
*/
6
7import { CompleteFn } from '@firebase/util';
8import { ErrorFactory } from '@firebase/util';
9import { ErrorFn } from '@firebase/util';
10import { FirebaseApp } from '@firebase/app';
11import { FirebaseError } from '@firebase/util';
12import { NextFn } from '@firebase/util';
13import { Observer } from '@firebase/util';
14import { Unsubscribe } from '@firebase/util';
15
16/**
* A response from {@link checkActionCode}.
*
* @public
*/
21export declare interface ActionCodeInfo {
  /**
   * The data associated with the action code.
   *
   * @remarks
   * For the {@link ActionCodeOperation}.PASSWORD_RESET, {@link ActionCodeOperation}.VERIFY_EMAIL, and
   * {@link ActionCodeOperation}.RECOVER_EMAIL actions, this object contains an email field with the address
   * the email was sent to.
   *
   * For the {@link ActionCodeOperation}.RECOVER_EMAIL action, which allows a user to undo an email address
   * change, this object also contains a `previousEmail` field with the user account's current
   * email address. After the action completes, the user's email address will revert to the value
   * in the `email` field from the value in `previousEmail` field.
   *
   * For the {@link ActionCodeOperation}.VERIFY_AND_CHANGE_EMAIL action, which allows a user to verify the
   * email before updating it, this object contains a `previousEmail` field with the user account's
   * email address before updating. After the action completes, the user's email address will be
   * updated to the value in the `email` field from the value in `previousEmail` field.
   *
   * For the {@link ActionCodeOperation}.REVERT_SECOND_FACTOR_ADDITION action, which allows a user to
   * unenroll a newly added second factor, this object contains a `multiFactorInfo` field with
   * the information about the second factor. For phone second factor, the `multiFactorInfo`
   * is a {@link MultiFactorInfo} object, which contains the phone number.
   */
  data: {
      email?: string | null;
      multiFactorInfo?: MultiFactorInfo | null;
      previousEmail?: string | null;
  };
  /**
   * The type of operation that generated the action code.
   */
  operation: typeof ActionCodeOperation[keyof typeof ActionCodeOperation];
54}
55
56/**
* An enumeration of the possible email action types.
*
* @public
*/
61export declare const ActionCodeOperation: {
  /** The email link sign-in action. */
  readonly EMAIL_SIGNIN: "EMAIL_SIGNIN";
  /** The password reset action. */
  readonly PASSWORD_RESET: "PASSWORD_RESET";
  /** The email revocation action. */
  readonly RECOVER_EMAIL: "RECOVER_EMAIL";
  /** The revert second factor addition email action. */
  readonly REVERT_SECOND_FACTOR_ADDITION: "REVERT_SECOND_FACTOR_ADDITION";
  /** The revert second factor addition email action. */
  readonly VERIFY_AND_CHANGE_EMAIL: "VERIFY_AND_CHANGE_EMAIL";
  /** The email verification action. */
  readonly VERIFY_EMAIL: "VERIFY_EMAIL";
74};
75
76/**
* An interface that defines the required continue/state URL with optional Android and iOS
* bundle identifiers.
*
* @public
*/
82export declare interface ActionCodeSettings {
  /**
   * Sets the Android package name.
   *
   * @remarks
   * This will try to open the link in an android app if it is
   * installed. If `installApp` is passed, it specifies whether to install the Android app if the
   * device supports it and the app is not already installed. If this field is provided without
   * a `packageName`, an error is thrown explaining that the `packageName` must be provided in
   * conjunction with this field. If `minimumVersion` is specified, and an older version of the
   * app is installed, the user is taken to the Play Store to upgrade the app.
   */
  android?: {
      installApp?: boolean;
      minimumVersion?: string;
      packageName: string;
  };
  /**
   * When set to true, the action code link will be be sent as a Universal Link or Android App
   * Link and will be opened by the app if installed.
   *
   * @remarks
   * In the false case, the code will be sent to the web widget first and then on continue will
   * redirect to the app if installed.
   *
   * @defaultValue false
   */
  handleCodeInApp?: boolean;
  /**
   * Sets the iOS bundle ID.
   *
   * @remarks
   * This will try to open the link in an iOS app if it is installed.
   *
   * App installation is not supported for iOS.
   */
  iOS?: {
      bundleId: string;
  };
  /**
   * Sets the link continue/state URL.
   *
   * @remarks
   * This has different meanings in different contexts:
   * - When the link is handled in the web action widgets, this is the deep link in the
   * `continueUrl` query parameter.
   * - When the link is handled in the app directly, this is the `continueUrl` query parameter in
   * the deep link of the Dynamic Link.
   */
  url: string;
  /**
   * When multiple custom dynamic link domains are defined for a project, specify which one to use
   * when the link is to be opened via a specified mobile app (for example, `example.page.link`).
   *
   *
   * @defaultValue The first domain is automatically selected.
   */
  dynamicLinkDomain?: string;
140}
141
142/**
* @license
* Copyright 2020 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*   http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
158/**
* A utility class to parse email action URLs such as password reset, email verification,
* email link sign in, etc.
*
* @public
*/
164export declare class ActionCodeURL {
  /**
   * The API key of the email action link.
   */
  readonly apiKey: string;
  /**
   * The action code of the email action link.
   */
  readonly code: string;
  /**
   * The continue URL of the email action link. Null if not provided.
   */
  readonly continueUrl: string | null;
  /**
   * The language code of the email action link. Null if not provided.
   */
  readonly languageCode: string | null;
  /**
   * The action performed by the email action link. It returns from one of the types from
   * {@link ActionCodeInfo}
   */
  readonly operation: string;
  /**
   * The tenant ID of the email action link. Null if the email action is from the parent project.
   */
  readonly tenantId: string | null;
  /**
   * @param actionLink - The link from which to extract the URL.
   * @returns The {@link ActionCodeURL} object, or null if the link is invalid.
   *
   * @internal
   */
  constructor(actionLink: string);
  /**
   * Parses the email action link string and returns an {@link ActionCodeURL} if the link is valid,
   * otherwise returns null.
   *
   * @param link  - The email action link string.
   * @returns The {@link ActionCodeURL} object, or null if the link is invalid.
   *
   * @public
   */
  static parseLink(link: string): ActionCodeURL | null;
207}
208
209/**
* A structure containing additional user information from a federated identity provider.
*
* @public
*/
214export declare interface AdditionalUserInfo {
  /**
   * Whether the user is new (created via sign-up) or existing (authenticated using sign-in).
   */
  readonly isNewUser: boolean;
  /**
   * Map containing IDP-specific user data.
   */
  readonly profile: Record<string, unknown> | null;
  /**
   * Identifier for the provider used to authenticate this user.
   */
  readonly providerId: string | null;
  /**
   * The username if the provider is GitHub or Twitter.
   */
  readonly username?: string | null;
231}
232
233declare interface APIUserInfo {
  localId?: string;
  displayName?: string;
  photoUrl?: string;
  email?: string;
  emailVerified?: boolean;
  phoneNumber?: string;
  lastLoginAt?: number;
  createdAt?: number;
  tenantId?: string;
  passwordHash?: string;
  providerUserInfo?: ProviderUserInfo[];
  mfaInfo?: MfaEnrollment[];
246}
247
248/**
* A verifier for domain verification and abuse prevention.
*
* @remarks
* Currently, the only implementation is {@link RecaptchaVerifier}.
*
* @public
*/
256export declare interface ApplicationVerifier {
  /**
   * Identifies the type of application verifier (e.g. "recaptcha").
   */
  readonly type: string;
  /**
   * Executes the verification process.
   *
   * @returns A Promise for a token that can be used to assert the validity of a request.
   */
  verify(): Promise<string>;
267}
268
269declare interface ApplicationVerifierInternal extends ApplicationVerifier {
  /**
   * @internal
   */
  _reset(): void;
274}
275
276/**
* Applies a verification code sent to the user by email or other out-of-band mechanism.
*
* @param auth - The {@link Auth} instance.
* @param oobCode - A verification code sent to the user.
*
* @public
*/
284export declare function applyActionCode(auth: Auth, oobCode: string): Promise<void>;
285
286declare type AppName = string;
287
288/**
* Interface representing Firebase Auth service.
*
* @remarks
* See {@link https://firebase.google.com/docs/auth/ | Firebase Authentication} for a full guide
* on how to use the Firebase Auth service.
*
* @public
*/
297export declare interface Auth {
  /** The {@link @firebase/app#FirebaseApp} associated with the `Auth` service instance. */
  readonly app: FirebaseApp;
  /** The name of the app associated with the `Auth` service instance. */
  readonly name: string;
  /** The {@link Config} used to initialize this instance. */
  readonly config: Config;
  /**
   * Changes the type of persistence on the `Auth` instance.
   *
   * @remarks
   * This will affect the currently saved Auth session and applies this type of persistence for
   * future sign-in requests, including sign-in with redirect requests.
   *
   * This makes it easy for a user signing in to specify whether their session should be
   * remembered or not. It also makes it easier to never persist the Auth state for applications
   * that are shared by other users or have sensitive data.
   *
   * @example
   * ```javascript
   * auth.setPersistence(browserSessionPersistence);
   * ```
   *
   * @param persistence - The {@link Persistence} to use.
   */
  setPersistence(persistence: Persistence): Promise<void>;
  /**
   * The {@link Auth} instance's language code.
   *
   * @remarks
   * This is a readable/writable property. When set to null, the default Firebase Console language
   * setting is applied. The language code will propagate to email action templates (password
   * reset, email verification and email change revocation), SMS templates for phone authentication,
   * reCAPTCHA verifier and OAuth popup/redirect operations provided the specified providers support
   * localization with the language code specified.
   */
  languageCode: string | null;
  /**
   * The {@link Auth} instance's tenant ID.
   *
   * @remarks
   * This is a readable/writable property. When you set the tenant ID of an {@link Auth} instance, all
   * future sign-in/sign-up operations will pass this tenant ID and sign in or sign up users to
   * the specified tenant project. When set to null, users are signed in to the parent project.
   *
   * @example
   * ```javascript
   * // Set the tenant ID on Auth instance.
   * auth.tenantId = 'TENANT_PROJECT_ID';
   *
   * // All future sign-in request now include tenant ID.
   * const result = await signInWithEmailAndPassword(auth, email, password);
   * // result.user.tenantId should be 'TENANT_PROJECT_ID'.
   * ```
   *
   * @defaultValue null
   */
  tenantId: string | null;
  /**
   * The {@link Auth} instance's settings.
   *
   * @remarks
   * This is used to edit/read configuration related options such as app verification mode for
   * phone authentication.
   */
  readonly settings: AuthSettings;
  /**
   * Adds an observer for changes to the user's sign-in state.
   *
   * @remarks
   * To keep the old behavior, see {@link Auth.onIdTokenChanged}.
   *
   * @param nextOrObserver - callback triggered on change.
   * @param error - Deprecated. This callback is never triggered. Errors
   * on signing in/out can be caught in promises returned from
   * sign-in/sign-out functions.
   * @param completed - Deprecated. This callback is never triggered.
   */
  onAuthStateChanged(nextOrObserver: NextOrObserver<User | null>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe;
  /**
   * Adds a blocking callback that runs before an auth state change
   * sets a new user.
   *
   * @param callback - callback triggered before new user value is set.
   *   If this throws, it blocks the user from being set.
   * @param onAbort - callback triggered if a later `beforeAuthStateChanged()`
   *   callback throws, allowing you to undo any side effects.
   */
  beforeAuthStateChanged(callback: (user: User | null) => void | Promise<void>, onAbort?: () => void): Unsubscribe;
  /**
   * Adds an observer for changes to the signed-in user's ID token.
   *
   * @remarks
   * This includes sign-in, sign-out, and token refresh events.
   *
   * @param nextOrObserver - callback triggered on change.
   * @param error - Deprecated. This callback is never triggered. Errors
   * on signing in/out can be caught in promises returned from
   * sign-in/sign-out functions.
   * @param completed - Deprecated. This callback is never triggered.
   */
  onIdTokenChanged(nextOrObserver: NextOrObserver<User | null>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe;
  /** The currently signed-in user (or null). */
  readonly currentUser: User | null;
  /** The current emulator configuration (or null). */
  readonly emulatorConfig: EmulatorConfig | null;
  /**
   * Asynchronously sets the provided user as {@link Auth.currentUser} on the {@link Auth} instance.
   *
   * @remarks
   * A new instance copy of the user provided will be made and set as currentUser.
   *
   * This will trigger {@link Auth.onAuthStateChanged} and {@link Auth.onIdTokenChanged} listeners
   * like other sign in methods.
   *
   * The operation fails with an error if the user to be updated belongs to a different Firebase
   * project.
   *
   * @param user - The new {@link User}.
   */
  updateCurrentUser(user: User | null): Promise<void>;
  /**
   * Sets the current language to the default device/browser preference.
   */
  useDeviceLanguage(): void;
  /**
   * Signs out the current user.
   */
  signOut(): Promise<void>;
426}
427
428/**
* Interface that represents the credentials returned by an {@link AuthProvider}.
*
* @remarks
* Implementations specify the details about each auth provider's credential requirements.
*
* @public
*/
436export declare class AuthCredential {
  /**
   * The authentication provider ID for the credential.
   *
   * @remarks
   * For example, 'facebook.com', or 'google.com'.
   */
  readonly providerId: string;
  /**
   * The authentication sign in method for the credential.
   *
   * @remarks
   * For example, {@link SignInMethod}.EMAIL_PASSWORD, or
   * {@link SignInMethod}.EMAIL_LINK. This corresponds to the sign-in method
   * identifier as returned in {@link fetchSignInMethodsForEmail}.
   */
  readonly signInMethod: string;
  /** @internal */
  protected constructor(
  /**
   * The authentication provider ID for the credential.
   *
   * @remarks
   * For example, 'facebook.com', or 'google.com'.
   */
  providerId: string, 
  /**
   * The authentication sign in method for the credential.
   *
   * @remarks
   * For example, {@link SignInMethod}.EMAIL_PASSWORD, or
   * {@link SignInMethod}.EMAIL_LINK. This corresponds to the sign-in method
   * identifier as returned in {@link fetchSignInMethodsForEmail}.
   */
  signInMethod: string);
  /**
   * Returns a JSON-serializable representation of this object.
   *
   * @returns a JSON-serializable representation of this object.
   */
  toJSON(): object;
  /** @internal */
  _getIdTokenResponse(_auth: AuthInternal): Promise<PhoneOrOauthTokenResponse>;
  /** @internal */
  _linkToIdToken(_auth: AuthInternal, _idToken: string): Promise<IdTokenResponse>;
  /** @internal */
  _getReauthenticationResolver(_auth: AuthInternal): Promise<IdTokenResponse>;
483}
484
485/**
* Interface for an `Auth` error.
*
* @public
*/
490export declare interface AuthError extends FirebaseError {
  /** Details about the Firebase Auth error.  */
  readonly customData: {
      /** The name of the Firebase App which triggered this error.  */
      readonly appName: string;
      /** The email address of the user's account, used for sign-in and linking. */
      readonly email?: string;
      /** The phone number of the user's account, used for sign-in and linking. */
      readonly phoneNumber?: string;
      /**
       * The tenant ID being used for sign-in and linking.
       *
       * @remarks
       * If you use {@link signInWithRedirect} to sign in,
       * you have to set the tenant ID on the {@link Auth} instance again as the tenant ID is not persisted
       * after redirection.
       */
      readonly tenantId?: string;
  };
509}
510
511/**
* Enumeration of Firebase Auth error codes.
*
* @internal
*/
516declare const enum AuthErrorCode {
  ADMIN_ONLY_OPERATION = "admin-restricted-operation",
  ARGUMENT_ERROR = "argument-error",
  APP_NOT_AUTHORIZED = "app-not-authorized",
  APP_NOT_INSTALLED = "app-not-installed",
  CAPTCHA_CHECK_FAILED = "captcha-check-failed",
  CODE_EXPIRED = "code-expired",
  CORDOVA_NOT_READY = "cordova-not-ready",
  CORS_UNSUPPORTED = "cors-unsupported",
  CREDENTIAL_ALREADY_IN_USE = "credential-already-in-use",
  CREDENTIAL_MISMATCH = "custom-token-mismatch",
  CREDENTIAL_TOO_OLD_LOGIN_AGAIN = "requires-recent-login",
  DEPENDENT_SDK_INIT_BEFORE_AUTH = "dependent-sdk-initialized-before-auth",
  DYNAMIC_LINK_NOT_ACTIVATED = "dynamic-link-not-activated",
  EMAIL_CHANGE_NEEDS_VERIFICATION = "email-change-needs-verification",
  EMAIL_EXISTS = "email-already-in-use",
  EMULATOR_CONFIG_FAILED = "emulator-config-failed",
  EXPIRED_OOB_CODE = "expired-action-code",
  EXPIRED_POPUP_REQUEST = "cancelled-popup-request",
  INTERNAL_ERROR = "internal-error",
  INVALID_API_KEY = "invalid-api-key",
  INVALID_APP_CREDENTIAL = "invalid-app-credential",
  INVALID_APP_ID = "invalid-app-id",
  INVALID_AUTH = "invalid-user-token",
  INVALID_AUTH_EVENT = "invalid-auth-event",
  INVALID_CERT_HASH = "invalid-cert-hash",
  INVALID_CODE = "invalid-verification-code",
  INVALID_CONTINUE_URI = "invalid-continue-uri",
  INVALID_CORDOVA_CONFIGURATION = "invalid-cordova-configuration",
  INVALID_CUSTOM_TOKEN = "invalid-custom-token",
  INVALID_DYNAMIC_LINK_DOMAIN = "invalid-dynamic-link-domain",
  INVALID_EMAIL = "invalid-email",
  INVALID_EMULATOR_SCHEME = "invalid-emulator-scheme",
  INVALID_IDP_RESPONSE = "invalid-credential",
  INVALID_MESSAGE_PAYLOAD = "invalid-message-payload",
  INVALID_MFA_SESSION = "invalid-multi-factor-session",
  INVALID_OAUTH_CLIENT_ID = "invalid-oauth-client-id",
  INVALID_OAUTH_PROVIDER = "invalid-oauth-provider",
  INVALID_OOB_CODE = "invalid-action-code",
  INVALID_ORIGIN = "unauthorized-domain",
  INVALID_PASSWORD = "wrong-password",
  INVALID_PERSISTENCE = "invalid-persistence-type",
  INVALID_PHONE_NUMBER = "invalid-phone-number",
  INVALID_PROVIDER_ID = "invalid-provider-id",
  INVALID_RECIPIENT_EMAIL = "invalid-recipient-email",
  INVALID_SENDER = "invalid-sender",
  INVALID_SESSION_INFO = "invalid-verification-id",
  INVALID_TENANT_ID = "invalid-tenant-id",
  LOGIN_BLOCKED = "login-blocked",
  MFA_INFO_NOT_FOUND = "multi-factor-info-not-found",
  MFA_REQUIRED = "multi-factor-auth-required",
  MISSING_ANDROID_PACKAGE_NAME = "missing-android-pkg-name",
  MISSING_APP_CREDENTIAL = "missing-app-credential",
  MISSING_AUTH_DOMAIN = "auth-domain-config-required",
  MISSING_CODE = "missing-verification-code",
  MISSING_CONTINUE_URI = "missing-continue-uri",
  MISSING_IFRAME_START = "missing-iframe-start",
  MISSING_IOS_BUNDLE_ID = "missing-ios-bundle-id",
  MISSING_OR_INVALID_NONCE = "missing-or-invalid-nonce",
  MISSING_MFA_INFO = "missing-multi-factor-info",
  MISSING_MFA_SESSION = "missing-multi-factor-session",
  MISSING_PHONE_NUMBER = "missing-phone-number",
  MISSING_SESSION_INFO = "missing-verification-id",
  MODULE_DESTROYED = "app-deleted",
  NEED_CONFIRMATION = "account-exists-with-different-credential",
  NETWORK_REQUEST_FAILED = "network-request-failed",
  NULL_USER = "null-user",
  NO_AUTH_EVENT = "no-auth-event",
  NO_SUCH_PROVIDER = "no-such-provider",
  OPERATION_NOT_ALLOWED = "operation-not-allowed",
  OPERATION_NOT_SUPPORTED = "operation-not-supported-in-this-environment",
  POPUP_BLOCKED = "popup-blocked",
  POPUP_CLOSED_BY_USER = "popup-closed-by-user",
  PROVIDER_ALREADY_LINKED = "provider-already-linked",
  QUOTA_EXCEEDED = "quota-exceeded",
  REDIRECT_CANCELLED_BY_USER = "redirect-cancelled-by-user",
  REDIRECT_OPERATION_PENDING = "redirect-operation-pending",
  REJECTED_CREDENTIAL = "rejected-credential",
  SECOND_FACTOR_ALREADY_ENROLLED = "second-factor-already-in-use",
  SECOND_FACTOR_LIMIT_EXCEEDED = "maximum-second-factor-count-exceeded",
  TENANT_ID_MISMATCH = "tenant-id-mismatch",
  TIMEOUT = "timeout",
  TOKEN_EXPIRED = "user-token-expired",
  TOO_MANY_ATTEMPTS_TRY_LATER = "too-many-requests",
  UNAUTHORIZED_DOMAIN = "unauthorized-continue-uri",
  UNSUPPORTED_FIRST_FACTOR = "unsupported-first-factor",
  UNSUPPORTED_PERSISTENCE = "unsupported-persistence-type",
  UNSUPPORTED_TENANT_OPERATION = "unsupported-tenant-operation",
  UNVERIFIED_EMAIL = "unverified-email",
  USER_CANCELLED = "user-cancelled",
  USER_DELETED = "user-not-found",
  USER_DISABLED = "user-disabled",
  USER_MISMATCH = "user-mismatch",
  USER_SIGNED_OUT = "user-signed-out",
  WEAK_PASSWORD = "weak-password",
  WEB_STORAGE_UNSUPPORTED = "web-storage-unsupported",
  ALREADY_INITIALIZED = "already-initialized"
613}
614
615/**
* A map of potential `Auth` error codes, for easier comparison with errors
* thrown by the SDK.
*
* @remarks
* Note that you can't tree-shake individual keys
* in the map, so by using the map you might substantially increase your
* bundle size.
*
* @public
*/
626export declare const AuthErrorCodes: {
  readonly ADMIN_ONLY_OPERATION: "auth/admin-restricted-operation";
  readonly ARGUMENT_ERROR: "auth/argument-error";
  readonly APP_NOT_AUTHORIZED: "auth/app-not-authorized";
  readonly APP_NOT_INSTALLED: "auth/app-not-installed";
  readonly CAPTCHA_CHECK_FAILED: "auth/captcha-check-failed";
  readonly CODE_EXPIRED: "auth/code-expired";
  readonly CORDOVA_NOT_READY: "auth/cordova-not-ready";
  readonly CORS_UNSUPPORTED: "auth/cors-unsupported";
  readonly CREDENTIAL_ALREADY_IN_USE: "auth/credential-already-in-use";
  readonly CREDENTIAL_MISMATCH: "auth/custom-token-mismatch";
  readonly CREDENTIAL_TOO_OLD_LOGIN_AGAIN: "auth/requires-recent-login";
  readonly DEPENDENT_SDK_INIT_BEFORE_AUTH: "auth/dependent-sdk-initialized-before-auth";
  readonly DYNAMIC_LINK_NOT_ACTIVATED: "auth/dynamic-link-not-activated";
  readonly EMAIL_CHANGE_NEEDS_VERIFICATION: "auth/email-change-needs-verification";
  readonly EMAIL_EXISTS: "auth/email-already-in-use";
  readonly EMULATOR_CONFIG_FAILED: "auth/emulator-config-failed";
  readonly EXPIRED_OOB_CODE: "auth/expired-action-code";
  readonly EXPIRED_POPUP_REQUEST: "auth/cancelled-popup-request";
  readonly INTERNAL_ERROR: "auth/internal-error";
  readonly INVALID_API_KEY: "auth/invalid-api-key";
  readonly INVALID_APP_CREDENTIAL: "auth/invalid-app-credential";
  readonly INVALID_APP_ID: "auth/invalid-app-id";
  readonly INVALID_AUTH: "auth/invalid-user-token";
  readonly INVALID_AUTH_EVENT: "auth/invalid-auth-event";
  readonly INVALID_CERT_HASH: "auth/invalid-cert-hash";
  readonly INVALID_CODE: "auth/invalid-verification-code";
  readonly INVALID_CONTINUE_URI: "auth/invalid-continue-uri";
  readonly INVALID_CORDOVA_CONFIGURATION: "auth/invalid-cordova-configuration";
  readonly INVALID_CUSTOM_TOKEN: "auth/invalid-custom-token";
  readonly INVALID_DYNAMIC_LINK_DOMAIN: "auth/invalid-dynamic-link-domain";
  readonly INVALID_EMAIL: "auth/invalid-email";
  readonly INVALID_EMULATOR_SCHEME: "auth/invalid-emulator-scheme";
  readonly INVALID_IDP_RESPONSE: "auth/invalid-credential";
  readonly INVALID_MESSAGE_PAYLOAD: "auth/invalid-message-payload";
  readonly INVALID_MFA_SESSION: "auth/invalid-multi-factor-session";
  readonly INVALID_OAUTH_CLIENT_ID: "auth/invalid-oauth-client-id";
  readonly INVALID_OAUTH_PROVIDER: "auth/invalid-oauth-provider";
  readonly INVALID_OOB_CODE: "auth/invalid-action-code";
  readonly INVALID_ORIGIN: "auth/unauthorized-domain";
  readonly INVALID_PASSWORD: "auth/wrong-password";
  readonly INVALID_PERSISTENCE: "auth/invalid-persistence-type";
  readonly INVALID_PHONE_NUMBER: "auth/invalid-phone-number";
  readonly INVALID_PROVIDER_ID: "auth/invalid-provider-id";
  readonly INVALID_RECIPIENT_EMAIL: "auth/invalid-recipient-email";
  readonly INVALID_SENDER: "auth/invalid-sender";
  readonly INVALID_SESSION_INFO: "auth/invalid-verification-id";
  readonly INVALID_TENANT_ID: "auth/invalid-tenant-id";
  readonly MFA_INFO_NOT_FOUND: "auth/multi-factor-info-not-found";
  readonly MFA_REQUIRED: "auth/multi-factor-auth-required";
  readonly MISSING_ANDROID_PACKAGE_NAME: "auth/missing-android-pkg-name";
  readonly MISSING_APP_CREDENTIAL: "auth/missing-app-credential";
  readonly MISSING_AUTH_DOMAIN: "auth/auth-domain-config-required";
  readonly MISSING_CODE: "auth/missing-verification-code";
  readonly MISSING_CONTINUE_URI: "auth/missing-continue-uri";
  readonly MISSING_IFRAME_START: "auth/missing-iframe-start";
  readonly MISSING_IOS_BUNDLE_ID: "auth/missing-ios-bundle-id";
  readonly MISSING_OR_INVALID_NONCE: "auth/missing-or-invalid-nonce";
  readonly MISSING_MFA_INFO: "auth/missing-multi-factor-info";
  readonly MISSING_MFA_SESSION: "auth/missing-multi-factor-session";
  readonly MISSING_PHONE_NUMBER: "auth/missing-phone-number";
  readonly MISSING_SESSION_INFO: "auth/missing-verification-id";
  readonly MODULE_DESTROYED: "auth/app-deleted";
  readonly NEED_CONFIRMATION: "auth/account-exists-with-different-credential";
  readonly NETWORK_REQUEST_FAILED: "auth/network-request-failed";
  readonly NULL_USER: "auth/null-user";
  readonly NO_AUTH_EVENT: "auth/no-auth-event";
  readonly NO_SUCH_PROVIDER: "auth/no-such-provider";
  readonly OPERATION_NOT_ALLOWED: "auth/operation-not-allowed";
  readonly OPERATION_NOT_SUPPORTED: "auth/operation-not-supported-in-this-environment";
  readonly POPUP_BLOCKED: "auth/popup-blocked";
  readonly POPUP_CLOSED_BY_USER: "auth/popup-closed-by-user";
  readonly PROVIDER_ALREADY_LINKED: "auth/provider-already-linked";
  readonly QUOTA_EXCEEDED: "auth/quota-exceeded";
  readonly REDIRECT_CANCELLED_BY_USER: "auth/redirect-cancelled-by-user";
  readonly REDIRECT_OPERATION_PENDING: "auth/redirect-operation-pending";
  readonly REJECTED_CREDENTIAL: "auth/rejected-credential";
  readonly SECOND_FACTOR_ALREADY_ENROLLED: "auth/second-factor-already-in-use";
  readonly SECOND_FACTOR_LIMIT_EXCEEDED: "auth/maximum-second-factor-count-exceeded";
  readonly TENANT_ID_MISMATCH: "auth/tenant-id-mismatch";
  readonly TIMEOUT: "auth/timeout";
  readonly TOKEN_EXPIRED: "auth/user-token-expired";
  readonly TOO_MANY_ATTEMPTS_TRY_LATER: "auth/too-many-requests";
  readonly UNAUTHORIZED_DOMAIN: "auth/unauthorized-continue-uri";
  readonly UNSUPPORTED_FIRST_FACTOR: "auth/unsupported-first-factor";
  readonly UNSUPPORTED_PERSISTENCE: "auth/unsupported-persistence-type";
  readonly UNSUPPORTED_TENANT_OPERATION: "auth/unsupported-tenant-operation";
  readonly UNVERIFIED_EMAIL: "auth/unverified-email";
  readonly USER_CANCELLED: "auth/user-cancelled";
  readonly USER_DELETED: "auth/user-not-found";
  readonly USER_DISABLED: "auth/user-disabled";
  readonly USER_MISMATCH: "auth/user-mismatch";
  readonly USER_SIGNED_OUT: "auth/user-signed-out";
  readonly WEAK_PASSWORD: "auth/weak-password";
  readonly WEB_STORAGE_UNSUPPORTED: "auth/web-storage-unsupported";
  readonly ALREADY_INITIALIZED: "auth/already-initialized";
722};
723
724/**
* A mapping of error codes to error messages.
*
* @remarks
*
* While error messages are useful for debugging (providing verbose textual
* context around what went wrong), these strings take up a lot of space in the
* compiled code. When deploying code in production, using {@link prodErrorMap}
* will save you roughly 10k compressed/gzipped over {@link debugErrorMap}. You
* can select the error map during initialization:
*
* ```javascript
* initializeAuth(app, {errorMap: debugErrorMap})
* ```
*
* When initializing Auth, {@link prodErrorMap} is default.
*
* @public
*/
743export declare interface AuthErrorMap {
744}
745
746/**
* @internal
*/
749declare interface AuthErrorParams extends GenericAuthErrorParams {
  [AuthErrorCode.ARGUMENT_ERROR]: {
      appName?: AppName;
  };
  [AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH]: {
      appName?: AppName;
  };
  [AuthErrorCode.INTERNAL_ERROR]: {
      appName?: AppName;
  };
  [AuthErrorCode.LOGIN_BLOCKED]: {
      appName?: AppName;
      originalMessage?: string;
  };
  [AuthErrorCode.OPERATION_NOT_SUPPORTED]: {
      appName?: AppName;
  };
  [AuthErrorCode.NO_AUTH_EVENT]: {
      appName?: AppName;
  };
  [AuthErrorCode.MFA_REQUIRED]: {
      appName: AppName;
      _serverResponse: IdTokenMfaResponse;
  };
  [AuthErrorCode.INVALID_CORDOVA_CONFIGURATION]: {
      appName: AppName;
      missingPlugin?: string;
  };
777}
778
779/**
* @internal
*/
782declare interface AuthEvent {
  type: AuthEventType;
  eventId: string | null;
  urlResponse: string | null;
  sessionId: string | null;
  postBody: string | null;
  tenantId: string | null;
  error?: AuthEventError;
790}
791
792/**
* @internal
*/
795declare interface AuthEventConsumer {
  readonly filter: AuthEventType[];
  eventId: string | null;
  onAuthEvent(event: AuthEvent): unknown;
  onError(error: FirebaseError): unknown;
800}
801
802declare interface AuthEventError extends Error {
  code: string;
  message: string;
805}
806
807/**
* @internal
*/
810declare const enum AuthEventType {
  LINK_VIA_POPUP = "linkViaPopup",
  LINK_VIA_REDIRECT = "linkViaRedirect",
  REAUTH_VIA_POPUP = "reauthViaPopup",
  REAUTH_VIA_REDIRECT = "reauthViaRedirect",
  SIGN_IN_VIA_POPUP = "signInViaPopup",
  SIGN_IN_VIA_REDIRECT = "signInViaRedirect",
  UNKNOWN = "unknown",
  VERIFY_APP = "verifyApp"
819}
820
821/**
* UserInternal and AuthInternal reference each other, so both of them are included in the public typings.
* In order to exclude them, we mark them as internal explicitly.
*
* @internal
*/
827declare interface AuthInternal extends Auth {
  currentUser: User | null;
  emulatorConfig: EmulatorConfig | null;
  _canInitEmulator: boolean;
  _isInitialized: boolean;
  _initializationPromise: Promise<void> | null;
  _updateCurrentUser(user: UserInternal | null): Promise<void>;
  _onStorageEvent(): void;
  _notifyListenersIfCurrent(user: UserInternal): void;
  _persistUserIfCurrent(user: UserInternal): Promise<void>;
  _setRedirectUser(user: UserInternal | null, popupRedirectResolver?: PopupRedirectResolver): Promise<void>;
  _redirectUserForId(id: string): Promise<UserInternal | null>;
  _popupRedirectResolver: PopupRedirectResolverInternal | null;
  _key(): string;
  _startProactiveRefresh(): void;
  _stopProactiveRefresh(): void;
  _getPersistence(): string;
  _logFramework(framework: string): void;
  _getFrameworks(): readonly string[];
  _getAdditionalHeaders(): Promise<Record<string, string>>;
  readonly name: AppName;
  readonly config: ConfigInternal;
  languageCode: string | null;
  tenantId: string | null;
  readonly settings: AuthSettings;
  _errorFactory: ErrorFactory<AuthErrorCode, AuthErrorParams>;
  useDeviceLanguage(): void;
  signOut(): Promise<void>;
855}
856
857declare class AuthPopup {
  readonly window: Window | null;
  associatedEvent: string | null;
  constructor(window: Window | null);
  close(): void;
862}
863
864/**
* Interface that represents an auth provider, used to facilitate creating {@link AuthCredential}.
*
* @public
*/
869export declare interface AuthProvider {
  /**
   * Provider for which credentials can be constructed.
   */
  readonly providerId: string;
874}
875
876/**
* Interface representing an {@link Auth} instance's settings.
*
* @remarks Currently used for enabling/disabling app verification for phone Auth testing.
*
* @public
*/
883export declare interface AuthSettings {
  /**
   * When set, this property disables app verification for the purpose of testing phone
   * authentication. For this property to take effect, it needs to be set before rendering a
   * reCAPTCHA app verifier. When this is disabled, a mock reCAPTCHA is rendered instead. This is
   * useful for manual testing during development or for automated integration tests.
   *
   * In order to use this feature, you will need to
   * {@link https://firebase.google.com/docs/auth/web/phone-auth#test-with-whitelisted-phone-numbers | whitelist your phone number}
   * via the Firebase Console.
   *
   * The default value is false (app verification is enabled).
   */
  appVerificationDisabledForTesting: boolean;
897}
898
899/**
* MFA Info as returned by the API
*/
902declare interface BaseMfaEnrollment {
  mfaEnrollmentId: string;
  enrolledAt: number;
  displayName?: string;
906}
907
908/**
* Common code to all OAuth providers. This is separate from the
* {@link OAuthProvider} so that child providers (like
* {@link GoogleAuthProvider}) don't inherit the `credential` instance method.
* Instead, they rely on a static `credential` method.
*/
914declare abstract class BaseOAuthProvider extends FederatedAuthProvider implements AuthProvider {
  /** @internal */
  private scopes;
  /**
   * Add an OAuth scope to the credential.
   *
   * @param scope - Provider OAuth scope to add.
   */
  addScope(scope: string): AuthProvider;
  /**
   * Retrieve the current list of OAuth scopes.
   */
  getScopes(): string[];
927}
928
929/**
* Adds a blocking callback that runs before an auth state change
* sets a new user.
*
* @param auth - The {@link Auth} instance.
* @param callback - callback triggered before new user value is set.
*   If this throws, it blocks the user from being set.
* @param onAbort - callback triggered if a later `beforeAuthStateChanged()`
*   callback throws, allowing you to undo any side effects.
*/
939export declare function beforeAuthStateChanged(auth: Auth, callback: (user: User | null) => void | Promise<void>, onAbort?: () => void): Unsubscribe;
940
941/**
* An implementation of {@link Persistence} of type `LOCAL` using `localStorage`
* for the underlying storage.
*
* @public
*/
947export declare const browserLocalPersistence: Persistence;
948
949/**
* An implementation of {@link PopupRedirectResolver} suitable for browser
* based applications.
*
* @public
*/
955export declare const browserPopupRedirectResolver: PopupRedirectResolver;
956
957/**
* An implementation of {@link Persistence} of `SESSION` using `sessionStorage`
* for the underlying storage.
*
* @public
*/
963export declare const browserSessionPersistence: Persistence;
964
965/**
* Checks a verification code sent to the user by email or other out-of-band mechanism.
*
* @returns metadata about the code.
*
* @param auth - The {@link Auth} instance.
* @param oobCode - A verification code sent to the user.
*
* @public
*/
975export declare function checkActionCode(auth: Auth, oobCode: string): Promise<ActionCodeInfo>;
976
977/**
* @internal
*/
980declare const enum ClientPlatform {
  BROWSER = "Browser",
  NODE = "Node",
  REACT_NATIVE = "ReactNative",
  CORDOVA = "Cordova",
  WORKER = "Worker"
986}
987export { CompleteFn }
988
989/**
* Interface representing the `Auth` config.
*
* @public
*/
994export declare interface Config {
  /**
   * The API Key used to communicate with the Firebase Auth backend.
   */
  apiKey: string;
  /**
   * The host at which the Firebase Auth backend is running.
   */
  apiHost: string;
  /**
   * The scheme used to communicate with the Firebase Auth backend.
   */
  apiScheme: string;
  /**
   * The host at which the Secure Token API is running.
   */
  tokenApiHost: string;
  /**
   * The SDK Client Version.
   */
  sdkClientVersion: string;
  /**
   * The domain at which the web widgets are hosted (provided via Firebase Config).
   */
  authDomain?: string;
1019}
1020
1021/**
* @internal
*/
1024declare interface ConfigInternal extends Config {
  /**
   * @readonly
   */
  emulator?: {
      url: string;
  };
  /**
   * @readonly
   */
  clientPlatform: ClientPlatform;
1035}
1036
1037/**
* A result from a phone number sign-in, link, or reauthenticate call.
*
* @public
*/
1042export declare interface ConfirmationResult {
  /**
   * The phone number authentication operation's verification ID.
   *
   * @remarks
   * This can be used along with the verification code to initialize a
   * {@link PhoneAuthCredential}.
   */
  readonly verificationId: string;
  /**
   * Finishes a phone number sign-in, link, or reauthentication.
   *
   * @example
   * ```javascript
   * const confirmationResult = await signInWithPhoneNumber(auth, phoneNumber, applicationVerifier);
   * // Obtain verificationCode from the user.
   * const userCredential = await confirmationResult.confirm(verificationCode);
   * ```
   *
   * @param verificationCode - The code that was sent to the user's mobile device.
   */
  confirm(verificationCode: string): Promise<UserCredential>;
1064}
1065
1066/**
* Completes the password reset process, given a confirmation code and new password.
*
* @param auth - The {@link Auth} instance.
* @param oobCode - A confirmation code sent to the user.
* @param newPassword - The new password.
*
* @public
*/
1075export declare function confirmPasswordReset(auth: Auth, oobCode: string, newPassword: string): Promise<void>;
1076
1077/**
* Changes the {@link Auth} instance to communicate with the Firebase Auth Emulator, instead of production
* Firebase Auth services.
*
* @remarks
* This must be called synchronously immediately following the first call to
* {@link initializeAuth}.  Do not use with production credentials as emulator
* traffic is not encrypted.
*
*
* @example
* ```javascript
* connectAuthEmulator(auth, 'http://127.0.0.1:9099', { disableWarnings: true });
* ```
*
* @param auth - The {@link Auth} instance.
* @param url - The URL at which the emulator is running (eg, 'http://localhost:9099').
* @param options - Optional. `options.disableWarnings` defaults to `false`. Set it to
* `true` to disable the warning banner attached to the DOM.
*
* @public
*/
1099export declare function connectAuthEmulator(auth: Auth, url: string, options?: {
  disableWarnings: boolean;
1101}): void;
1102
1103/**
* Creates a new user account associated with the specified email address and password.
*
* @remarks
* On successful creation of the user account, this user will also be signed in to your application.
*
* User account creation can fail if the account already exists or the password is invalid.
*
* Note: The email address acts as a unique identifier for the user and enables an email-based
* password reset. This function will create a new user account and set the initial user password.
*
* @param auth - The {@link Auth} instance.
* @param email - The user's email address.
* @param password - The user's chosen password.
*
* @public
*/
1120export declare function createUserWithEmailAndPassword(auth: Auth, email: string, password: string): Promise<UserCredential>;
1121
1122/**
* Map of OAuth Custom Parameters.
*
* @public
*/
1127export declare type CustomParameters = Record<string, string>;
1128
1129/**
* A verbose error map with detailed descriptions for most error codes.
*
* See discussion at {@link AuthErrorMap}
*
* @public
*/
1136export declare const debugErrorMap: AuthErrorMap;
1137
1138/**
* Deletes and signs out the user.
*
* @remarks
* Important: this is a security-sensitive operation that requires the user to have recently
* signed in. If this requirement isn't met, ask the user to authenticate again and then call
* {@link reauthenticateWithCredential}.
*
* @param user - The user.
*
* @public
*/
1150export declare function deleteUser(user: User): Promise<void>;
1151
1152/**
* The dependencies that can be used to initialize an {@link Auth} instance.
*
* @remarks
*
* The modular SDK enables tree shaking by allowing explicit declarations of
* dependencies. For example, a web app does not need to include code that
* enables Cordova redirect sign in. That functionality is therefore split into
* {@link browserPopupRedirectResolver} and
* {@link cordovaPopupRedirectResolver}. The dependencies object is how Auth is
* configured to reduce bundle sizes.
*
* There are two ways to initialize an {@link Auth} instance: {@link getAuth} and
* {@link initializeAuth}. `getAuth` initializes everything using
* platform-specific configurations, while `initializeAuth` takes a
* `Dependencies` object directly, giving you more control over what is used.
*
* @public
*/
1171export declare interface Dependencies {
  /**
   * Which {@link Persistence} to use. If this is an array, the first
   * `Persistence` that the device supports is used. The SDK searches for an
   * existing account in order and, if one is found in a secondary
   * `Persistence`, the account is moved to the primary `Persistence`.
   *
   * If no persistence is provided, the SDK falls back on
   * {@link inMemoryPersistence}.
   */
  persistence?: Persistence | Persistence[];
  /**
   * The {@link PopupRedirectResolver} to use. This value depends on the
   * platform. Options are {@link browserPopupRedirectResolver} and
   * {@link cordovaPopupRedirectResolver}. This field is optional if neither
   * {@link signInWithPopup} or {@link signInWithRedirect} are being used.
   */
  popupRedirectResolver?: PopupRedirectResolver;
  /**
   * Which {@link AuthErrorMap} to use.
   */
  errorMap?: AuthErrorMap;
1193}
1194
1195/**
* Interface that represents the credentials returned by {@link EmailAuthProvider} for
* {@link ProviderId}.PASSWORD
*
* @remarks
* Covers both {@link SignInMethod}.EMAIL_PASSWORD and
* {@link SignInMethod}.EMAIL_LINK.
*
* @public
*/
1205export declare class EmailAuthCredential extends AuthCredential {
  /** @internal */
  readonly _email: string;
  /** @internal */
  readonly _password: string;
  /** @internal */
  readonly _tenantId: string | null;
  /** @internal */
  private constructor();
  /** @internal */
  static _fromEmailAndPassword(email: string, password: string): EmailAuthCredential;
  /** @internal */
  static _fromEmailAndCode(email: string, oobCode: string, tenantId?: string | null): EmailAuthCredential;
  /** {@inheritdoc AuthCredential.toJSON} */
  toJSON(): object;
  /**
   * Static method to deserialize a JSON representation of an object into an {@link  AuthCredential}.
   *
   * @param json - Either `object` or the stringified representation of the object. When string is
   * provided, `JSON.parse` would be called first.
   *
   * @returns If the JSON input does not represent an {@link AuthCredential}, null is returned.
   */
  static fromJSON(json: object | string): EmailAuthCredential | null;
  /** @internal */
  _getIdTokenResponse(auth: AuthInternal): Promise<IdTokenResponse>;
  /** @internal */
  _linkToIdToken(auth: AuthInternal, idToken: string): Promise<IdTokenResponse>;
  /** @internal */
  _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse>;
1235}
1236
1237/**
* Provider for generating {@link EmailAuthCredential}.
*
* @public
*/
1242export declare class EmailAuthProvider implements AuthProvider {
  /**
   * Always set to {@link ProviderId}.PASSWORD, even for email link.
   */
  static readonly PROVIDER_ID: 'password';
  /**
   * Always set to {@link SignInMethod}.EMAIL_PASSWORD.
   */
  static readonly EMAIL_PASSWORD_SIGN_IN_METHOD: 'password';
  /**
   * Always set to {@link SignInMethod}.EMAIL_LINK.
   */
  static readonly EMAIL_LINK_SIGN_IN_METHOD: 'emailLink';
  /**
   * Always set to {@link ProviderId}.PASSWORD, even for email link.
   */
  readonly providerId: "password";
  /**
   * Initialize an {@link AuthCredential} using an email and password.
   *
   * @example
   * ```javascript
   * const authCredential = EmailAuthProvider.credential(email, password);
   * const userCredential = await signInWithCredential(auth, authCredential);
   * ```
   *
   * @example
   * ```javascript
   * const userCredential = await signInWithEmailAndPassword(auth, email, password);
   * ```
   *
   * @param email - Email address.
   * @param password - User account password.
   * @returns The auth provider credential.
   */
  static credential(email: string, password: string): EmailAuthCredential;
  /**
   * Initialize an {@link AuthCredential} using an email and an email link after a sign in with
   * email link operation.
   *
   * @example
   * ```javascript
   * const authCredential = EmailAuthProvider.credentialWithLink(auth, email, emailLink);
   * const userCredential = await signInWithCredential(auth, authCredential);
   * ```
   *
   * @example
   * ```javascript
   * await sendSignInLinkToEmail(auth, email);
   * // Obtain emailLink from user.
   * const userCredential = await signInWithEmailLink(auth, email, emailLink);
   * ```
   *
   * @param auth - The {@link Auth} instance used to verify the link.
   * @param email - Email address.
   * @param emailLink - Sign-in email link.
   * @returns - The auth provider credential.
   */
  static credentialWithLink(email: string, emailLink: string): EmailAuthCredential;
1301}
1302
1303/**
* Configuration of Firebase Authentication Emulator.
* @public
*/
1307export declare interface EmulatorConfig {
  /**
   * The protocol used to communicate with the emulator ("http"/"https").
   */
  readonly protocol: string;
  /**
   * The hostname of the emulator, which may be a domain ("localhost"), IPv4 address ("127.0.0.1")
   * or quoted IPv6 address ("[::1]").
   */
  readonly host: string;
  /**
   * The port of the emulator, or null if port isn't specified (i.e. protocol default).
   */
  readonly port: number | null;
  /**
   * The emulator-specific options.
   */
  readonly options: {
      /**
       * Whether the warning banner attached to the DOM was disabled.
       */
      readonly disableWarnings: boolean;
  };
1330}
1331export { ErrorFn }
1332
1333/**
* @internal
*/
1336declare interface EventManager {
  registerConsumer(authEventConsumer: AuthEventConsumer): void;
  unregisterConsumer(authEventConsumer: AuthEventConsumer): void;
1339}
1340
1341/**
* Provider for generating an {@link OAuthCredential} for {@link ProviderId}.FACEBOOK.
*
* @example
* ```javascript
* // Sign in using a redirect.
* const provider = new FacebookAuthProvider();
* // Start a sign in process for an unauthenticated user.
* provider.addScope('user_birthday');
* await signInWithRedirect(auth, provider);
* // This will trigger a full page redirect away from your app
*
* // After returning from the redirect when your app initializes you can obtain the result
* const result = await getRedirectResult(auth);
* if (result) {
*   // This is the signed-in user
*   const user = result.user;
*   // This gives you a Facebook Access Token.
*   const credential = FacebookAuthProvider.credentialFromResult(result);
*   const token = credential.accessToken;
* }
* ```
*
* @example
* ```javascript
* // Sign in using a popup.
* const provider = new FacebookAuthProvider();
* provider.addScope('user_birthday');
* const result = await signInWithPopup(auth, provider);
*
* // The signed-in user info.
* const user = result.user;
* // This gives you a Facebook Access Token.
* const credential = FacebookAuthProvider.credentialFromResult(result);
* const token = credential.accessToken;
* ```
*
* @public
*/
1380export declare class FacebookAuthProvider extends BaseOAuthProvider {
  /** Always set to {@link SignInMethod}.FACEBOOK. */
  static readonly FACEBOOK_SIGN_IN_METHOD: 'facebook.com';
  /** Always set to {@link ProviderId}.FACEBOOK. */
  static readonly PROVIDER_ID: 'facebook.com';
  constructor();
  /**
   * Creates a credential for Facebook.
   *
   * @example
   * ```javascript
   * // `event` from the Facebook auth.authResponseChange callback.
   * const credential = FacebookAuthProvider.credential(event.authResponse.accessToken);
   * const result = await signInWithCredential(credential);
   * ```
   *
   * @param accessToken - Facebook access token.
   */
  static credential(accessToken: string): OAuthCredential;
  /**
   * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}.
   *
   * @param userCredential - The user credential.
   */
  static credentialFromResult(userCredential: UserCredential): OAuthCredential | null;
  /**
   * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was
   * thrown during a sign-in, link, or reauthenticate operation.
   *
   * @param userCredential - The user credential.
   */
  static credentialFromError(error: FirebaseError): OAuthCredential | null;
  private static credentialFromTaggedObject;
1413}
1414
1415/**
* An enum of factors that may be used for multifactor authentication.
*
* @public
*/
1420export declare const FactorId: {
  /** Phone as second factor */
  readonly PHONE: "phone";
1423};
1424
1425/**
* The base class for all Federated providers (OAuth (including OIDC), SAML).
*
* This class is not meant to be instantiated directly.
*
* @public
*/
1432declare abstract class FederatedAuthProvider implements AuthProvider {
  readonly providerId: string;
  /** @internal */
  defaultLanguageCode: string | null;
  /** @internal */
  private customParameters;
  /**
   * Constructor for generic OAuth providers.
   *
   * @param providerId - Provider for which credentials should be generated.
   */
  constructor(providerId: string);
  /**
   * Set the language gode.
   *
   * @param languageCode - language code
   */
  setDefaultLanguage(languageCode: string | null): void;
  /**
   * Sets the OAuth custom parameters to pass in an OAuth request for popup and redirect sign-in
   * operations.
   *
   * @remarks
   * For a detailed list, check the reserved required OAuth 2.0 parameters such as `client_id`,
   * `redirect_uri`, `scope`, `response_type`, and `state` are not allowed and will be ignored.
   *
   * @param customOAuthParameters - The custom OAuth parameters to pass in the OAuth request.
   */
  setCustomParameters(customOAuthParameters: CustomParameters): AuthProvider;
  /**
   * Retrieve the current list of {@link CustomParameters}.
   */
  getCustomParameters(): CustomParameters;
1465}
1466
1467/**
* Gets the list of possible sign in methods for the given email address.
*
* @remarks
* This is useful to differentiate methods of sign-in for the same provider, eg.
* {@link EmailAuthProvider} which has 2 methods of sign-in,
* {@link SignInMethod}.EMAIL_PASSWORD and
* {@link SignInMethod}.EMAIL_LINK.
*
* @param auth - The {@link Auth} instance.
* @param email - The user's email address.
*
* @public
*/
1481export declare function fetchSignInMethodsForEmail(auth: Auth, email: string): Promise<string[]>;
1482
1483declare interface FinalizeMfaResponse {
  idToken: string;
  refreshToken: string;
1486}
1487
1488/**
* @internal
*/
1491declare type GenericAuthErrorParams = {
  [key in Exclude<AuthErrorCode, AuthErrorCode.ARGUMENT_ERROR | AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH | AuthErrorCode.INTERNAL_ERROR | AuthErrorCode.MFA_REQUIRED | AuthErrorCode.NO_AUTH_EVENT | AuthErrorCode.OPERATION_NOT_SUPPORTED>]: {
      appName?: AppName;
      email?: string;
      phoneNumber?: string;
      message?: string;
  };
1498};
1499
1500/**
* Extracts provider specific {@link AdditionalUserInfo} for the given credential.
*
* @param userCredential - The user credential.
*
* @public
*/
1507export declare function getAdditionalUserInfo(userCredential: UserCredential): AdditionalUserInfo | null;
1508
1509/**
* Returns the Auth instance associated with the provided {@link @firebase/app#FirebaseApp}.
* If no instance exists, initializes an Auth instance with platform-specific default dependencies.
*
* @param app - The Firebase App.
*
* @public
*/
1517export declare function getAuth(app?: FirebaseApp): Auth;
1518
1519/**
* Returns a JSON Web Token (JWT) used to identify the user to a Firebase service.
*
* @remarks
* Returns the current token if it has not expired or if it will not expire in the next five
* minutes. Otherwise, this will refresh the token and return a new one.
*
* @param user - The user.
* @param forceRefresh - Force refresh regardless of token expiration.
*
* @public
*/
1531export declare function getIdToken(user: User, forceRefresh?: boolean): Promise<string>;
1532
1533/**
* Returns a deserialized JSON Web Token (JWT) used to identitfy the user to a Firebase service.
*
* @remarks
* Returns the current token if it has not expired or if it will not expire in the next five
* minutes. Otherwise, this will refresh the token and return a new one.
*
* @param user - The user.
* @param forceRefresh - Force refresh regardless of token expiration.
*
* @public
*/
1545export declare function getIdTokenResult(user: User, forceRefresh?: boolean): Promise<IdTokenResult>;
1546
1547/**
* Provides a {@link MultiFactorResolver} suitable for completion of a
* multi-factor flow.
*
* @param auth - The {@link Auth} instance.
* @param error - The {@link MultiFactorError} raised during a sign-in, or
* reauthentication operation.
*
* @public
*/
1557export declare function getMultiFactorResolver(auth: Auth, error: MultiFactorError): MultiFactorResolver;
1558
1559/**
* Returns a {@link UserCredential} from the redirect-based sign-in flow.
*
* @remarks
* If sign-in succeeded, returns the signed in user. If sign-in was unsuccessful, fails with an
* error. If no redirect operation was called, returns a {@link UserCredential}
* with a null `user`.
*
* @example
* ```javascript
* // Sign in using a redirect.
* const provider = new FacebookAuthProvider();
* // You can add additional scopes to the provider:
* provider.addScope('user_birthday');
* // Start a sign in process for an unauthenticated user.
* await signInWithRedirect(auth, provider);
* // This will trigger a full page redirect away from your app
*
* // After returning from the redirect when your app initializes you can obtain the result
* const result = await getRedirectResult(auth);
* if (result) {
*   // This is the signed-in user
*   const user = result.user;
*   // This gives you a Facebook Access Token.
*   const credential = provider.credentialFromResult(auth, result);
*   const token = credential.accessToken;
* }
* // As this API can be used for sign-in, linking and reauthentication,
* // check the operationType to determine what triggered this redirect
* // operation.
* const operationType = result.operationType;
* ```
*
* @param auth - The {@link Auth} instance.
* @param resolver - An instance of {@link PopupRedirectResolver}, optional
* if already supplied to {@link initializeAuth} or provided by {@link getAuth}.
*
* @public
*/
1598export declare function getRedirectResult(auth: Auth, resolver?: PopupRedirectResolver): Promise<UserCredential | null>;
1599
1600/**
* Provider for generating an {@link OAuthCredential} for {@link ProviderId}.GITHUB.
*
* @remarks
* GitHub requires an OAuth 2.0 redirect, so you can either handle the redirect directly, or use
* the {@link signInWithPopup} handler:
*
* @example
* ```javascript
* // Sign in using a redirect.
* const provider = new GithubAuthProvider();
* // Start a sign in process for an unauthenticated user.
* provider.addScope('repo');
* await signInWithRedirect(auth, provider);
* // This will trigger a full page redirect away from your app
*
* // After returning from the redirect when your app initializes you can obtain the result
* const result = await getRedirectResult(auth);
* if (result) {
*   // This is the signed-in user
*   const user = result.user;
*   // This gives you a Github Access Token.
*   const credential = GithubAuthProvider.credentialFromResult(result);
*   const token = credential.accessToken;
* }
* ```
*
* @example
* ```javascript
* // Sign in using a popup.
* const provider = new GithubAuthProvider();
* provider.addScope('repo');
* const result = await signInWithPopup(auth, provider);
*
* // The signed-in user info.
* const user = result.user;
* // This gives you a Github Access Token.
* const credential = GithubAuthProvider.credentialFromResult(result);
* const token = credential.accessToken;
* ```
* @public
*/
1642export declare class GithubAuthProvider extends BaseOAuthProvider {
  /** Always set to {@link SignInMethod}.GITHUB. */
  static readonly GITHUB_SIGN_IN_METHOD: 'github.com';
  /** Always set to {@link ProviderId}.GITHUB. */
  static readonly PROVIDER_ID: 'github.com';
  constructor();
  /**
   * Creates a credential for Github.
   *
   * @param accessToken - Github access token.
   */
  static credential(accessToken: string): OAuthCredential;
  /**
   * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}.
   *
   * @param userCredential - The user credential.
   */
  static credentialFromResult(userCredential: UserCredential): OAuthCredential | null;
  /**
   * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was
   * thrown during a sign-in, link, or reauthenticate operation.
   *
   * @param userCredential - The user credential.
   */
  static credentialFromError(error: FirebaseError): OAuthCredential | null;
  private static credentialFromTaggedObject;
1668}
1669
1670/**
* Provider for generating an an {@link OAuthCredential} for {@link ProviderId}.GOOGLE.
*
* @example
* ```javascript
* // Sign in using a redirect.
* const provider = new GoogleAuthProvider();
* // Start a sign in process for an unauthenticated user.
* provider.addScope('profile');
* provider.addScope('email');
* await signInWithRedirect(auth, provider);
* // This will trigger a full page redirect away from your app
*
* // After returning from the redirect when your app initializes you can obtain the result
* const result = await getRedirectResult(auth);
* if (result) {
*   // This is the signed-in user
*   const user = result.user;
*   // This gives you a Google Access Token.
*   const credential = GoogleAuthProvider.credentialFromResult(result);
*   const token = credential.accessToken;
* }
* ```
*
* @example
* ```javascript
* // Sign in using a popup.
* const provider = new GoogleAuthProvider();
* provider.addScope('profile');
* provider.addScope('email');
* const result = await signInWithPopup(auth, provider);
*
* // The signed-in user info.
* const user = result.user;
* // This gives you a Google Access Token.
* const credential = GoogleAuthProvider.credentialFromResult(result);
* const token = credential.accessToken;
* ```
*
* @public
*/
1711export declare class GoogleAuthProvider extends BaseOAuthProvider {
  /** Always set to {@link SignInMethod}.GOOGLE. */
  static readonly GOOGLE_SIGN_IN_METHOD: 'google.com';
  /** Always set to {@link ProviderId}.GOOGLE. */
  static readonly PROVIDER_ID: 'google.com';
  constructor();
  /**
   * Creates a credential for Google. At least one of ID token and access token is required.
   *
   * @example
   * ```javascript
   * // \`googleUser\` from the onsuccess Google Sign In callback.
   * const credential = GoogleAuthProvider.credential(googleUser.getAuthResponse().id_token);
   * const result = await signInWithCredential(credential);
   * ```
   *
   * @param idToken - Google ID token.
   * @param accessToken - Google access token.
   */
  static credential(idToken?: string | null, accessToken?: string | null): OAuthCredential;
  /**
   * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}.
   *
   * @param userCredential - The user credential.
   */
  static credentialFromResult(userCredential: UserCredential): OAuthCredential | null;
  /**
   * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was
   * thrown during a sign-in, link, or reauthenticate operation.
   *
   * @param userCredential - The user credential.
   */
  static credentialFromError(error: FirebaseError): OAuthCredential | null;
  private static credentialFromTaggedObject;
1745}
1746
1747/**
* Raw encoded JWT
*
*/
1751declare type IdToken = string;
1752
1753/**
* @internal
*/
1756declare interface IdTokenMfaResponse extends IdTokenResponse {
  mfaPendingCredential?: string;
  mfaInfo?: MfaEnrollment[];
1759}
1760
1761/**
* IdToken as returned by the API
*
* @internal
*/
1766declare interface IdTokenResponse {
  localId: string;
  idToken?: IdToken;
  refreshToken?: string;
  expiresIn?: string;
  providerId?: string;
  displayName?: string | null;
  isNewUser?: boolean;
  kind?: IdTokenResponseKind;
  photoUrl?: string | null;
  rawUserInfo?: string;
  screenName?: string | null;
1778}
1779
1780/**
* The possible types of the `IdTokenResponse`
*
* @internal
*/
1785declare const enum IdTokenResponseKind {
  CreateAuthUri = "identitytoolkit#CreateAuthUriResponse",
  DeleteAccount = "identitytoolkit#DeleteAccountResponse",
  DownloadAccount = "identitytoolkit#DownloadAccountResponse",
  EmailLinkSignin = "identitytoolkit#EmailLinkSigninResponse",
  GetAccountInfo = "identitytoolkit#GetAccountInfoResponse",
  GetOobConfirmationCode = "identitytoolkit#GetOobConfirmationCodeResponse",
  GetRecaptchaParam = "identitytoolkit#GetRecaptchaParamResponse",
  ResetPassword = "identitytoolkit#ResetPasswordResponse",
  SetAccountInfo = "identitytoolkit#SetAccountInfoResponse",
  SignupNewUser = "identitytoolkit#SignupNewUserResponse",
  UploadAccount = "identitytoolkit#UploadAccountResponse",
  VerifyAssertion = "identitytoolkit#VerifyAssertionResponse",
  VerifyCustomToken = "identitytoolkit#VerifyCustomTokenResponse",
  VerifyPassword = "identitytoolkit#VerifyPasswordResponse"
1800}
1801
1802/**
* Interface representing ID token result obtained from {@link User.getIdTokenResult}.
*
* @remarks
* `IdTokenResult` contains the ID token JWT string and other helper properties for getting different data
* associated with the token as well as all the decoded payload claims.
*
* Note that these claims are not to be trusted as they are parsed client side. Only server side
* verification can guarantee the integrity of the token claims.
*
* @public
*/
1814export declare interface IdTokenResult {
  /**
   * The authentication time formatted as a UTC string.
   *
   * @remarks
   * This is the time the user authenticated (signed in) and not the time the token was refreshed.
   */
  authTime: string;
  /** The ID token expiration time formatted as a UTC string. */
  expirationTime: string;
  /** The ID token issuance time formatted as a UTC string. */
  issuedAtTime: string;
  /**
   * The sign-in provider through which the ID token was obtained (anonymous, custom, phone,
   * password, etc).
   *
   * @remarks
   * Note, this does not map to provider IDs.
   */
  signInProvider: string | null;
  /**
   * The type of second factor associated with this session, provided the user was multi-factor
   * authenticated (eg. phone, etc).
   */
  signInSecondFactor: string | null;
  /** The Firebase Auth ID token JWT string. */
  token: string;
  /**
   * The entire payload claims of the ID token including the standard reserved claims as well as
   * the custom claims.
   */
  claims: ParsedToken;
1846}
1847
1848/**
* An implementation of {@link Persistence} of type `LOCAL` using `indexedDB`
* for the underlying storage.
*
* @public
*/
1854export declare const indexedDBLocalPersistence: Persistence;
1855
1856/**
* Initializes an {@link Auth} instance with fine-grained control over
* {@link Dependencies}.
*
* @remarks
*
* This function allows more control over the {@link Auth} instance than
* {@link getAuth}. `getAuth` uses platform-specific defaults to supply
* the {@link Dependencies}. In general, `getAuth` is the easiest way to
* initialize Auth and works for most use cases. Use `initializeAuth` if you
* need control over which persistence layer is used, or to minimize bundle
* size if you're not using either `signInWithPopup` or `signInWithRedirect`.
*
* For example, if your app only uses anonymous accounts and you only want
* accounts saved for the current session, initialize `Auth` with:
*
* ```js
* const auth = initializeAuth(app, {
*   persistence: browserSessionPersistence,
*   popupRedirectResolver: undefined,
* });
* ```
*
* @public
*/
1881export declare function initializeAuth(app: FirebaseApp, deps?: Dependencies): Auth;
1882
1883/**
* An implementation of {@link Persistence} of type 'NONE'.
*
* @public
*/
1888export declare const inMemoryPersistence: Persistence;
1889
1890/**
* Checks if an incoming link is a sign-in with email link suitable for {@link signInWithEmailLink}.
*
* @param auth - The {@link Auth} instance.
* @param emailLink - The link sent to the user's email address.
*
* @public
*/
1898export declare function isSignInWithEmailLink(auth: Auth, emailLink: string): boolean;
1899
1900/**
* Links the user account with the given credentials.
*
* @remarks
* An {@link AuthProvider} can be used to generate the credential.
*
* @param user - The user.
* @param credential - The auth credential.
*
* @public
*/
1911export declare function linkWithCredential(user: User, credential: AuthCredential): Promise<UserCredential>;
1912
1913/**
* Links the user account with the given phone number.
*
* @param user - The user.
* @param phoneNumber - The user's phone number in E.164 format (e.g. +16505550101).
* @param appVerifier - The {@link ApplicationVerifier}.
*
* @public
*/
1922export declare function linkWithPhoneNumber(user: User, phoneNumber: string, appVerifier: ApplicationVerifier): Promise<ConfirmationResult>;
1923
1924/**
* Links the authenticated provider to the user account using a pop-up based OAuth flow.
*
* @remarks
* If the linking is successful, the returned result will contain the user and the provider's credential.
*
*
* @example
* ```javascript
* // Sign in using some other provider.
* const result = await signInWithEmailAndPassword(auth, email, password);
* // Link using a popup.
* const provider = new FacebookAuthProvider();
* await linkWithPopup(result.user, provider);
* ```
*
* @param user - The user.
* @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.
* Non-OAuth providers like {@link EmailAuthProvider} will throw an error.
* @param resolver - An instance of {@link PopupRedirectResolver}, optional
* if already supplied to {@link initializeAuth} or provided by {@link getAuth}.
*
* @public
*/
1948export declare function linkWithPopup(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<UserCredential>;
1949
1950/**
* Links the {@link OAuthProvider} to the user account using a full-page redirect flow.
*
* @example
* ```javascript
* // Sign in using some other provider.
* const result = await signInWithEmailAndPassword(auth, email, password);
* // Link using a redirect.
* const provider = new FacebookAuthProvider();
* await linkWithRedirect(result.user, provider);
* // This will trigger a full page redirect away from your app
*
* // After returning from the redirect when your app initializes you can obtain the result
* const result = await getRedirectResult(auth);
* ```
*
* @param user - The user.
* @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.
* Non-OAuth providers like {@link EmailAuthProvider} will throw an error.
* @param resolver - An instance of {@link PopupRedirectResolver}, optional
* if already supplied to {@link initializeAuth} or provided by {@link getAuth}.
*
*
* @public
*/
1975export declare function linkWithRedirect(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<never>;
1976
1977/**
* MfaEnrollment can be any subtype of BaseMfaEnrollment, currently only PhoneMfaEnrollment is supported
*/
1980declare type MfaEnrollment = PhoneMfaEnrollment;
1981
1982/**
* The {@link MultiFactorUser} corresponding to the user.
*
* @remarks
* This is used to access all multi-factor properties and operations related to the user.
*
* @param user - The user.
*
* @public
*/
1992export declare function multiFactor(user: User): MultiFactorUser;
1993
1994/**
* The base class for asserting ownership of a second factor.
*
* @remarks
* This is used to facilitate enrollment of a second factor on an existing user or sign-in of a
* user who already verified the first factor.
*
* @public
*/
2003export declare interface MultiFactorAssertion {
  /** The identifier of the second factor. */
  readonly factorId: typeof FactorId[keyof typeof FactorId];
2006}
2007
2008/**
* The error thrown when the user needs to provide a second factor to sign in successfully.
*
* @remarks
* The error code for this error is `auth/multi-factor-auth-required`.
*
* @example
* ```javascript
* let resolver;
* let multiFactorHints;
*
* signInWithEmailAndPassword(auth, email, password)
*     .then((result) => {
*       // User signed in. No 2nd factor challenge is needed.
*     })
*     .catch((error) => {
*       if (error.code == 'auth/multi-factor-auth-required') {
*         resolver = getMultiFactorResolver(auth, error);
*         multiFactorHints = resolver.hints;
*       } else {
*         // Handle other errors.
*       }
*     });
*
* // Obtain a multiFactorAssertion by verifying the second factor.
*
* const userCredential = await resolver.resolveSignIn(multiFactorAssertion);
* ```
*
* @public
*/
2039export declare interface MultiFactorError extends AuthError {
  /** Details about the MultiFactorError. */
  readonly customData: AuthError['customData'] & {
      /**
       * The type of operation (sign-in, linking, or re-authentication) that raised the error.
       */
      readonly operationType: typeof OperationType[keyof typeof OperationType];
  };
2047}
2048
2049/**
* A structure containing the information of a second factor entity.
*
* @public
*/
2054export declare interface MultiFactorInfo {
  /** The multi-factor enrollment ID. */
  readonly uid: string;
  /** The user friendly name of the current second factor. */
  readonly displayName?: string | null;
  /** The enrollment date of the second factor formatted as a UTC string. */
  readonly enrollmentTime: string;
  /** The identifier of the second factor. */
  readonly factorId: typeof FactorId[keyof typeof FactorId];
2063}
2064
2065/**
* The class used to facilitate recovery from {@link MultiFactorError} when a user needs to
* provide a second factor to sign in.
*
* @example
* ```javascript
* let resolver;
* let multiFactorHints;
*
* signInWithEmailAndPassword(auth, email, password)
*     .then((result) => {
*       // User signed in. No 2nd factor challenge is needed.
*     })
*     .catch((error) => {
*       if (error.code == 'auth/multi-factor-auth-required') {
*         resolver = getMultiFactorResolver(auth, error);
*         // Show UI to let user select second factor.
*         multiFactorHints = resolver.hints;
*       } else {
*         // Handle other errors.
*       }
*     });
*
* // The enrolled second factors that can be used to complete
* // sign-in are returned in the `MultiFactorResolver.hints` list.
* // UI needs to be presented to allow the user to select a second factor
* // from that list.
*
* const selectedHint = // ; selected from multiFactorHints
* const phoneAuthProvider = new PhoneAuthProvider(auth);
* const phoneInfoOptions = {
*   multiFactorHint: selectedHint,
*   session: resolver.session
* };
* const verificationId = phoneAuthProvider.verifyPhoneNumber(phoneInfoOptions, appVerifier);
* // Store `verificationId` and show UI to let user enter verification code.
*
* // UI to enter verification code and continue.
* // Continue button click handler
* const phoneAuthCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
* const multiFactorAssertion = PhoneMultiFactorGenerator.assertion(phoneAuthCredential);
* const userCredential = await resolver.resolveSignIn(multiFactorAssertion);
* ```
*
* @public
*/
2111export declare interface MultiFactorResolver {
  /**
   * The list of hints for the second factors needed to complete the sign-in for the current
   * session.
   */
  readonly hints: MultiFactorInfo[];
  /**
   * The session identifier for the current sign-in flow, which can be used to complete the second
   * factor sign-in.
   */
  readonly session: MultiFactorSession;
  /**
   * A helper function to help users complete sign in with a second factor using an
   * {@link MultiFactorAssertion} confirming the user successfully completed the second factor
   * challenge.
   *
   * @example
   * ```javascript
   * const phoneAuthCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
   * const multiFactorAssertion = PhoneMultiFactorGenerator.assertion(phoneAuthCredential);
   * const userCredential = await resolver.resolveSignIn(multiFactorAssertion);
   * ```
   *
   * @param assertion - The multi-factor assertion to resolve sign-in with.
   * @returns The promise that resolves with the user credential object.
   */
  resolveSignIn(assertion: MultiFactorAssertion): Promise<UserCredential>;
2138}
2139
2140/**
* An interface defining the multi-factor session object used for enrolling a second factor on a
* user or helping sign in an enrolled user with a second factor.
*
* @public
*/
2146export declare interface MultiFactorSession {
2147}
2148
2149/**
* An interface that defines the multi-factor related properties and operations pertaining
* to a {@link User}.
*
* @public
*/
2155export declare interface MultiFactorUser {
  /** Returns a list of the user's enrolled second factors. */
  readonly enrolledFactors: MultiFactorInfo[];
  /**
   * Returns the session identifier for a second factor enrollment operation. This is used to
   * identify the user trying to enroll a second factor.
   *
   * @example
   * ```javascript
   * const multiFactorUser = multiFactor(auth.currentUser);
   * const multiFactorSession = await multiFactorUser.getSession();
   *
   * // Send verification code.
   * const phoneAuthProvider = new PhoneAuthProvider(auth);
   * const phoneInfoOptions = {
   *   phoneNumber: phoneNumber,
   *   session: multiFactorSession
   * };
   * const verificationId = await phoneAuthProvider.verifyPhoneNumber(phoneInfoOptions, appVerifier);
   *
   * // Obtain verification code from user.
   * const phoneAuthCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
   * const multiFactorAssertion = PhoneMultiFactorGenerator.assertion(phoneAuthCredential);
   * await multiFactorUser.enroll(multiFactorAssertion);
   * ```
   *
   * @returns The promise that resolves with the {@link MultiFactorSession}.
   */
  getSession(): Promise<MultiFactorSession>;
  /**
   *
   * Enrolls a second factor as identified by the {@link MultiFactorAssertion} for the
   * user.
   *
   * @remarks
   * On resolution, the user tokens are updated to reflect the change in the JWT payload.
   * Accepts an additional display name parameter used to identify the second factor to the end
   * user. Recent re-authentication is required for this operation to succeed. On successful
   * enrollment, existing Firebase sessions (refresh tokens) are revoked. When a new factor is
   * enrolled, an email notification is sent to the user’s email.
   *
   * @example
   * ```javascript
   * const multiFactorUser = multiFactor(auth.currentUser);
   * const multiFactorSession = await multiFactorUser.getSession();
   *
   * // Send verification code.
   * const phoneAuthProvider = new PhoneAuthProvider(auth);
   * const phoneInfoOptions = {
   *   phoneNumber: phoneNumber,
   *   session: multiFactorSession
   * };
   * const verificationId = await phoneAuthProvider.verifyPhoneNumber(phoneInfoOptions, appVerifier);
   *
   * // Obtain verification code from user.
   * const phoneAuthCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
   * const multiFactorAssertion = PhoneMultiFactorGenerator.assertion(phoneAuthCredential);
   * await multiFactorUser.enroll(multiFactorAssertion);
   * // Second factor enrolled.
   * ```
   *
   * @param assertion - The multi-factor assertion to enroll with.
   * @param displayName - The display name of the second factor.
   */
  enroll(assertion: MultiFactorAssertion, displayName?: string | null): Promise<void>;
  /**
   * Unenrolls the specified second factor.
   *
   * @remarks
   * To specify the factor to remove, pass a {@link MultiFactorInfo} object (retrieved from
   * {@link MultiFactorUser.enrolledFactors}) or the
   * factor's UID string. Sessions are not revoked when the account is unenrolled. An email
   * notification is likely to be sent to the user notifying them of the change. Recent
   * re-authentication is required for this operation to succeed. When an existing factor is
   * unenrolled, an email notification is sent to the user’s email.
   *
   * @example
   * ```javascript
   * const multiFactorUser = multiFactor(auth.currentUser);
   * // Present user the option to choose which factor to unenroll.
   * await multiFactorUser.unenroll(multiFactorUser.enrolledFactors[i])
   * ```
   *
   * @param option - The multi-factor option to unenroll.
   * @returns - A `Promise` which resolves when the unenroll operation is complete.
   */
  unenroll(option: MultiFactorInfo | string): Promise<void>;
2242}
2243
2244declare type MutableUserInfo = {
  -readonly [K in keyof UserInfo]: UserInfo[K];
2246};
2247export { NextFn }
2248
2249/**
* Type definition for an event callback.
*
* @privateRemarks TODO(avolkovi): should we consolidate with Subscribe<T> since we're changing the API anyway?
*
* @public
*/
2256export declare type NextOrObserver<T> = NextFn<T | null> | Observer<T | null>;
2257
2258/**
* Represents the OAuth credentials returned by an {@link OAuthProvider}.
*
* @remarks
* Implementations specify the details about each auth provider's credential requirements.
*
* @public
*/
2266export declare class OAuthCredential extends AuthCredential {
  /**
   * The OAuth ID token associated with the credential if it belongs to an OIDC provider,
   * such as `google.com`.
   * @readonly
   */
  idToken?: string;
  /**
   * The OAuth access token associated with the credential if it belongs to an
   * {@link OAuthProvider}, such as `facebook.com`, `twitter.com`, etc.
   * @readonly
   */
  accessToken?: string;
  /**
   * The OAuth access token secret associated with the credential if it belongs to an OAuth 1.0
   * provider, such as `twitter.com`.
   * @readonly
   */
  secret?: string;
  private nonce?;
  private pendingToken;
  /** @internal */
  static _fromParams(params: OAuthCredentialParams): OAuthCredential;
  /** {@inheritdoc AuthCredential.toJSON}  */
  toJSON(): object;
  /**
   * Static method to deserialize a JSON representation of an object into an
   * {@link  AuthCredential}.
   *
   * @param json - Input can be either Object or the stringified representation of the object.
   * When string is provided, JSON.parse would be called first.
   *
   * @returns If the JSON input does not represent an {@link  AuthCredential}, null is returned.
   */
  static fromJSON(json: string | object): OAuthCredential | null;
  /** @internal */
  _getIdTokenResponse(auth: AuthInternal): Promise<IdTokenResponse>;
  /** @internal */
  _linkToIdToken(auth: AuthInternal, idToken: string): Promise<IdTokenResponse>;
  /** @internal */
  _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse>;
  private buildRequest;
2308}
2309
2310/**
* Defines the options for initializing an {@link OAuthCredential}.
*
* @remarks
* For ID tokens with nonce claim, the raw nonce has to also be provided.
*
* @public
*/
2318export declare interface OAuthCredentialOptions {
  /**
   * The OAuth ID token used to initialize the {@link OAuthCredential}.
   */
  idToken?: string;
  /**
   * The OAuth access token used to initialize the {@link OAuthCredential}.
   */
  accessToken?: string;
  /**
   * The raw nonce associated with the ID token.
   *
   * @remarks
   * It is required when an ID token with a nonce field is provided. The SHA-256 hash of the
   * raw nonce must match the nonce field in the ID token.
   */
  rawNonce?: string;
2335}
2336
2337declare interface OAuthCredentialParams {
  idToken?: string | null;
  accessToken?: string | null;
  oauthToken?: string;
  secret?: string;
  oauthTokenSecret?: string;
  nonce?: string;
  pendingToken?: string;
  providerId: string;
  signInMethod: string;
2347}
2348
2349/**
* Provider for generating generic {@link OAuthCredential}.
*
* @example
* ```javascript
* // Sign in using a redirect.
* const provider = new OAuthProvider('google.com');
* // Start a sign in process for an unauthenticated user.
* provider.addScope('profile');
* provider.addScope('email');
* await signInWithRedirect(auth, provider);
* // This will trigger a full page redirect away from your app
*
* // After returning from the redirect when your app initializes you can obtain the result
* const result = await getRedirectResult(auth);
* if (result) {
*   // This is the signed-in user
*   const user = result.user;
*   // This gives you a OAuth Access Token for the provider.
*   const credential = provider.credentialFromResult(auth, result);
*   const token = credential.accessToken;
* }
* ```
*
* @example
* ```javascript
* // Sign in using a popup.
* const provider = new OAuthProvider('google.com');
* provider.addScope('profile');
* provider.addScope('email');
* const result = await signInWithPopup(auth, provider);
*
* // The signed-in user info.
* const user = result.user;
* // This gives you a OAuth Access Token for the provider.
* const credential = provider.credentialFromResult(auth, result);
* const token = credential.accessToken;
* ```
* @public
*/
2389export declare class OAuthProvider extends BaseOAuthProvider {
  /**
   * Creates an {@link OAuthCredential} from a JSON string or a plain object.
   * @param json - A plain object or a JSON string
   */
  static credentialFromJSON(json: object | string): OAuthCredential;
  /**
   * Creates a {@link OAuthCredential} from a generic OAuth provider's access token or ID token.
   *
   * @remarks
   * The raw nonce is required when an ID token with a nonce field is provided. The SHA-256 hash of
   * the raw nonce must match the nonce field in the ID token.
   *
   * @example
   * ```javascript
   * // `googleUser` from the onsuccess Google Sign In callback.
   * // Initialize a generate OAuth provider with a `google.com` providerId.
   * const provider = new OAuthProvider('google.com');
   * const credential = provider.credential({
   *   idToken: googleUser.getAuthResponse().id_token,
   * });
   * const result = await signInWithCredential(credential);
   * ```
   *
   * @param params - Either the options object containing the ID token, access token and raw nonce
   * or the ID token string.
   */
  credential(params: OAuthCredentialOptions): OAuthCredential;
  /** An internal credential method that accepts more permissive options */
  private _credential;
  /**
   * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}.
   *
   * @param userCredential - The user credential.
   */
  static credentialFromResult(userCredential: UserCredential): OAuthCredential | null;
  /**
   * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was
   * thrown during a sign-in, link, or reauthenticate operation.
   *
   * @param userCredential - The user credential.
   */
  static credentialFromError(error: FirebaseError): OAuthCredential | null;
  private static oauthCredentialFromTaggedObject;
2433}
2434
2435/**
* Adds an observer for changes to the user's sign-in state.
*
* @remarks
* To keep the old behavior, see {@link onIdTokenChanged}.
*
* @param auth - The {@link Auth} instance.
* @param nextOrObserver - callback triggered on change.
* @param error - Deprecated. This callback is never triggered. Errors
* on signing in/out can be caught in promises returned from
* sign-in/sign-out functions.
* @param completed - Deprecated. This callback is never triggered.
*
* @public
*/
2450export declare function onAuthStateChanged(auth: Auth, nextOrObserver: NextOrObserver<User>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe;
2451
2452/**
* Adds an observer for changes to the signed-in user's ID token.
*
* @remarks
* This includes sign-in, sign-out, and token refresh events.
*
* @param auth - The {@link Auth} instance.
* @param nextOrObserver - callback triggered on change.
* @param error - Deprecated. This callback is never triggered. Errors
* on signing in/out can be caught in promises returned from
* sign-in/sign-out functions.
* @param completed - Deprecated. This callback is never triggered.
*
* @public
*/
2467export declare function onIdTokenChanged(auth: Auth, nextOrObserver: NextOrObserver<User>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe;
2468
2469/**
* Enumeration of supported operation types.
*
* @public
*/
2474export declare const OperationType: {
  /** Operation involving linking an additional provider to an already signed-in user. */
  readonly LINK: "link";
  /** Operation involving using a provider to reauthenticate an already signed-in user. */
  readonly REAUTHENTICATE: "reauthenticate";
  /** Operation involving signing in a user. */
  readonly SIGN_IN: "signIn";
2481};
2482
2483/**
* Parses the email action link string and returns an {@link ActionCodeURL} if
* the link is valid, otherwise returns null.
*
* @public
*/
2489export declare function parseActionCodeURL(link: string): ActionCodeURL | null;
2490
2491/**
* Interface representing a parsed ID token.
*
* @privateRemarks TODO(avolkovi): consolidate with parsed_token in implementation.
*
* @public
*/
2498export declare interface ParsedToken {
  /** Expiration time of the token. */
  'exp'?: string;
  /** UID of the user. */
  'sub'?: string;
  /** Time at which authentication was performed. */
  'auth_time'?: string;
  /** Issuance time of the token. */
  'iat'?: string;
  /** Firebase specific claims, containing the provider(s) used to authenticate the user. */
  'firebase'?: {
      'sign_in_provider'?: string;
      'sign_in_second_factor'?: string;
      'identities'?: Record<string, string>;
  };
  /** Map of any additional custom claims. */
  [key: string]: string | object | undefined;
2515}
2516
2517declare type PersistedBlob = Record<string, unknown>;
2518
2519/**
* An interface covering the possible persistence mechanism types.
*
* @public
*/
2524export declare interface Persistence {
  /**
   * Type of Persistence.
   * - 'SESSION' is used for temporary persistence such as `sessionStorage`.
   * - 'LOCAL' is used for long term persistence such as `localStorage` or `IndexedDB`.
   * - 'NONE' is used for in-memory, or no persistence.
   */
  readonly type: 'SESSION' | 'LOCAL' | 'NONE';
2532}
2533
2534/**
* Represents the credentials returned by {@link PhoneAuthProvider}.
*
* @public
*/
2539export declare class PhoneAuthCredential extends AuthCredential {
  private readonly params;
  private constructor();
  /** @internal */
  static _fromVerification(verificationId: string, verificationCode: string): PhoneAuthCredential;
  /** @internal */
  static _fromTokenResponse(phoneNumber: string, temporaryProof: string): PhoneAuthCredential;
  /** @internal */
  _getIdTokenResponse(auth: AuthInternal): Promise<PhoneOrOauthTokenResponse>;
  /** @internal */
  _linkToIdToken(auth: AuthInternal, idToken: string): Promise<IdTokenResponse>;
  /** @internal */
  _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse>;
  /** @internal */
  _makeVerificationRequest(): SignInWithPhoneNumberRequest;
  /** {@inheritdoc AuthCredential.toJSON} */
  toJSON(): object;
  /** Generates a phone credential based on a plain object or a JSON string. */
  static fromJSON(json: object | string): PhoneAuthCredential | null;
2558}
2559
2560/**
* Provider for generating an {@link PhoneAuthCredential}.
*
* @example
* ```javascript
* // 'recaptcha-container' is the ID of an element in the DOM.
* const applicationVerifier = new RecaptchaVerifier('recaptcha-container');
* const provider = new PhoneAuthProvider(auth);
* const verificationId = await provider.verifyPhoneNumber('+16505550101', applicationVerifier);
* // Obtain the verificationCode from the user.
* const phoneCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
* const userCredential = await signInWithCredential(auth, phoneCredential);
* ```
*
* @public
*/
2576export declare class PhoneAuthProvider {
  /** Always set to {@link ProviderId}.PHONE. */
  static readonly PROVIDER_ID: 'phone';
  /** Always set to {@link SignInMethod}.PHONE. */
  static readonly PHONE_SIGN_IN_METHOD: 'phone';
  /** Always set to {@link ProviderId}.PHONE. */
  readonly providerId: "phone";
  private readonly auth;
  /**
   * @param auth - The Firebase {@link Auth} instance in which sign-ins should occur.
   *
   */
  constructor(auth: Auth);
  /**
   *
   * Starts a phone number authentication flow by sending a verification code to the given phone
   * number.
   *
   * @example
   * ```javascript
   * const provider = new PhoneAuthProvider(auth);
   * const verificationId = await provider.verifyPhoneNumber(phoneNumber, applicationVerifier);
   * // Obtain verificationCode from the user.
   * const authCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
   * const userCredential = await signInWithCredential(auth, authCredential);
   * ```
   *
   * @example
   * An alternative flow is provided using the `signInWithPhoneNumber` method.
   * ```javascript
   * const confirmationResult = signInWithPhoneNumber(auth, phoneNumber, applicationVerifier);
   * // Obtain verificationCode from the user.
   * const userCredential = confirmationResult.confirm(verificationCode);
   * ```
   *
   * @param phoneInfoOptions - The user's {@link PhoneInfoOptions}. The phone number should be in
   * E.164 format (e.g. +16505550101).
   * @param applicationVerifier - For abuse prevention, this method also requires a
   * {@link ApplicationVerifier}. This SDK includes a reCAPTCHA-based implementation,
   * {@link RecaptchaVerifier}.
   *
   * @returns A Promise for a verification ID that can be passed to
   * {@link PhoneAuthProvider.credential} to identify this flow..
   */
  verifyPhoneNumber(phoneOptions: PhoneInfoOptions | string, applicationVerifier: ApplicationVerifier): Promise<string>;
  /**
   * Creates a phone auth credential, given the verification ID from
   * {@link PhoneAuthProvider.verifyPhoneNumber} and the code that was sent to the user's
   * mobile device.
   *
   * @example
   * ```javascript
   * const provider = new PhoneAuthProvider(auth);
   * const verificationId = provider.verifyPhoneNumber(phoneNumber, applicationVerifier);
   * // Obtain verificationCode from the user.
   * const authCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
   * const userCredential = signInWithCredential(auth, authCredential);
   * ```
   *
   * @example
   * An alternative flow is provided using the `signInWithPhoneNumber` method.
   * ```javascript
   * const confirmationResult = await signInWithPhoneNumber(auth, phoneNumber, applicationVerifier);
   * // Obtain verificationCode from the user.
   * const userCredential = await confirmationResult.confirm(verificationCode);
   * ```
   *
   * @param verificationId - The verification ID returned from {@link PhoneAuthProvider.verifyPhoneNumber}.
   * @param verificationCode - The verification code sent to the user's mobile device.
   *
   * @returns The auth provider credential.
   */
  static credential(verificationId: string, verificationCode: string): PhoneAuthCredential;
  /**
   * Generates an {@link AuthCredential} from a {@link UserCredential}.
   * @param userCredential - The user credential.
   */
  static credentialFromResult(userCredential: UserCredential): AuthCredential | null;
  /**
   * Returns an {@link AuthCredential} when passed an error.
   *
   * @remarks
   *
   * This method works for errors like
   * `auth/account-exists-with-different-credentials`. This is useful for
   * recovering when attempting to set a user's phone number but the number
   * in question is already tied to another account. For example, the following
   * code tries to update the current user's phone number, and if that
   * fails, links the user with the account associated with that number:
   *
   * ```js
   * const provider = new PhoneAuthProvider(auth);
   * const verificationId = await provider.verifyPhoneNumber(number, verifier);
   * try {
   *   const code = ''; // Prompt the user for the verification code
   *   await updatePhoneNumber(
   *       auth.currentUser,
   *       PhoneAuthProvider.credential(verificationId, code));
   * } catch (e) {
   *   if ((e as FirebaseError)?.code === 'auth/account-exists-with-different-credential') {
   *     const cred = PhoneAuthProvider.credentialFromError(e);
   *     await linkWithCredential(auth.currentUser, cred);
   *   }
   * }
   *
   * // At this point, auth.currentUser.phoneNumber === number.
   * ```
   *
   * @param error - The error to generate a credential from.
   */
  static credentialFromError(error: FirebaseError): AuthCredential | null;
  private static credentialFromTaggedObject;
2688}
2689
2690/**
* The information required to verify the ownership of a phone number.
*
* @remarks
* The information that's required depends on whether you are doing single-factor sign-in,
* multi-factor enrollment or multi-factor sign-in.
*
* @public
*/
2699export declare type PhoneInfoOptions = PhoneSingleFactorInfoOptions | PhoneMultiFactorEnrollInfoOptions | PhoneMultiFactorSignInInfoOptions;
2700
2701/**
* An MFA provided by SMS verification
*/
2704declare interface PhoneMfaEnrollment extends BaseMfaEnrollment {
  phoneInfo: string;
2706}
2707
2708/**
* The class for asserting ownership of a phone second factor. Provided by
* {@link PhoneMultiFactorGenerator.assertion}.
*
* @public
*/
2714export declare interface PhoneMultiFactorAssertion extends MultiFactorAssertion {
2715}
2716
2717/**
* Options used for enrolling a second factor.
*
* @public
*/
2722export declare interface PhoneMultiFactorEnrollInfoOptions {
  /** Phone number to send a verification code to. */
  phoneNumber: string;
  /** The {@link MultiFactorSession} obtained via {@link MultiFactorUser.getSession}. */
  session: MultiFactorSession;
2727}
2728
2729/**
* Provider for generating a {@link PhoneMultiFactorAssertion}.
*
* @public
*/
2734export declare class PhoneMultiFactorGenerator {
  private constructor();
  /**
   * Provides a {@link PhoneMultiFactorAssertion} to confirm ownership of the phone second factor.
   *
   * @param phoneAuthCredential - A credential provided by {@link PhoneAuthProvider.credential}.
   * @returns A {@link PhoneMultiFactorAssertion} which can be used with
   * {@link MultiFactorResolver.resolveSignIn}
   */
  static assertion(credential: PhoneAuthCredential): PhoneMultiFactorAssertion;
  /**
   * The identifier of the phone second factor: `phone`.
   */
  static FACTOR_ID: string;
2748}
2749
2750/**
* The subclass of the {@link MultiFactorInfo} interface for phone number
* second factors. The `factorId` of this second factor is {@link FactorId}.PHONE.
* @public
*/
2755export declare interface PhoneMultiFactorInfo extends MultiFactorInfo {
  /** The phone number associated with the current second factor. */
  readonly phoneNumber: string;
2758}
2759
2760/**
* Options used for signing in with a second factor.
*
* @public
*/
2765export declare interface PhoneMultiFactorSignInInfoOptions {
  /**
   * The {@link MultiFactorInfo} obtained via {@link MultiFactorResolver.hints}.
   *
   * One of `multiFactorHint` or `multiFactorUid` is required.
   */
  multiFactorHint?: MultiFactorInfo;
  /**
   * The uid of the second factor.
   *
   * One of `multiFactorHint` or `multiFactorUid` is required.
   */
  multiFactorUid?: string;
  /** The {@link MultiFactorSession} obtained via {@link MultiFactorResolver.session}. */
  session: MultiFactorSession;
2780}
2781
2782/**
* @internal
*/
2785declare type PhoneOrOauthTokenResponse = SignInWithPhoneNumberResponse | SignInWithIdpResponse | IdTokenResponse;
2786
2787/**
* Options used for single-factor sign-in.
*
* @public
*/
2792export declare interface PhoneSingleFactorInfoOptions {
  /** Phone number to send a verification code to. */
  phoneNumber: string;
2795}
2796
2797/**
* A resolver used for handling DOM specific operations like {@link signInWithPopup}
* or {@link signInWithRedirect}.
*
* @public
*/
2803export declare interface PopupRedirectResolver {
2804}
2805
2806/**
* We need to mark this interface as internal explicitly to exclude it in the public typings, because
* it references AuthInternal which has a circular dependency with UserInternal.
*
* @internal
*/
2812declare interface PopupRedirectResolverInternal extends PopupRedirectResolver {
  _shouldInitProactively: boolean;
  _initialize(auth: AuthInternal): Promise<EventManager>;
  _openPopup(auth: AuthInternal, provider: AuthProvider, authType: AuthEventType, eventId?: string): Promise<AuthPopup>;
  _openRedirect(auth: AuthInternal, provider: AuthProvider, authType: AuthEventType, eventId?: string): Promise<void | never>;
  _isIframeWebStorageSupported(auth: AuthInternal, cb: (support: boolean) => unknown): void;
  _redirectPersistence: Persistence;
  _originValidation(auth: Auth): Promise<void>;
  _completeRedirectFn: (auth: Auth, resolver: PopupRedirectResolver, bypassAuthState: boolean) => Promise<UserCredential | null>;
  _overrideRedirectResult: (auth: AuthInternal, resultGetter: () => Promise<UserCredentialInternal | null>) => void;
2822}
2823
2824/**
* A minimal error map with all verbose error messages stripped.
*
* See discussion at {@link AuthErrorMap}
*
* @public
*/
2831export declare const prodErrorMap: AuthErrorMap;
2832
2833/**
* Enumeration of supported providers.
*
* @public
*/
2838export declare const ProviderId: {
  /** Facebook provider ID */
  readonly FACEBOOK: "facebook.com";
  /** GitHub provider ID */
  readonly GITHUB: "github.com";
  /** Google provider ID */
  readonly GOOGLE: "google.com";
  /** Password provider */
  readonly PASSWORD: "password";
  /** Phone provider */
  readonly PHONE: "phone";
  /** Twitter provider ID */
  readonly TWITTER: "twitter.com";
2851};
2852
2853/**
* @license
* Copyright 2021 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*   http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
2869/**
* Enumeration of supported providers.
* @internal
*/
2873declare const enum ProviderId_2 {
  /** @internal */
  ANONYMOUS = "anonymous",
  /** @internal */
  CUSTOM = "custom",
  /** Facebook provider ID */
  FACEBOOK = "facebook.com",
  /** @internal */
  FIREBASE = "firebase",
  /** GitHub provider ID */
  GITHUB = "github.com",
  /** Google provider ID */
  GOOGLE = "google.com",
  /** Password provider */
  PASSWORD = "password",
  /** Phone provider */
  PHONE = "phone",
  /** Twitter provider ID */
  TWITTER = "twitter.com"
2892}
2893
2894declare interface ProviderUserInfo {
  providerId: string;
  rawId?: string;
  email?: string;
  displayName?: string;
  photoUrl?: string;
  phoneNumber?: string;
2901}
2902
2903/**
* Interface for a supplied `AsyncStorage`.
*
* @public
*/
2908export declare interface ReactNativeAsyncStorage {
  /**
   * Persist an item in storage.
   *
   * @param key - storage key.
   * @param value - storage value.
   */
  setItem(key: string, value: string): Promise<void>;
  /**
   * Retrieve an item from storage.
   *
   * @param key - storage key.
   */
  getItem(key: string): Promise<string | null>;
  /**
   * Remove an item from storage.
   *
   * @param key - storage key.
   */
  removeItem(key: string): Promise<void>;
2928}
2929
2930/**
* Re-authenticates a user using a fresh credential.
*
* @remarks
* Use before operations such as {@link updatePassword} that require tokens from recent sign-in
* attempts. This method can be used to recover from a `CREDENTIAL_TOO_OLD_LOGIN_AGAIN` error.
*
* @param user - The user.
* @param credential - The auth credential.
*
* @public
*/
2942export declare function reauthenticateWithCredential(user: User, credential: AuthCredential): Promise<UserCredential>;
2943
2944/**
* Re-authenticates a user using a fresh phone credential.
*
* @remarks Use before operations such as {@link updatePassword} that require tokens from recent sign-in attempts.
*
* @param user - The user.
* @param phoneNumber - The user's phone number in E.164 format (e.g. +16505550101).
* @param appVerifier - The {@link ApplicationVerifier}.
*
* @public
*/
2955export declare function reauthenticateWithPhoneNumber(user: User, phoneNumber: string, appVerifier: ApplicationVerifier): Promise<ConfirmationResult>;
2956
2957/**
* Reauthenticates the current user with the specified {@link OAuthProvider} using a pop-up based
* OAuth flow.
*
* @remarks
* If the reauthentication is successful, the returned result will contain the user and the
* provider's credential.
*
* @example
* ```javascript
* // Sign in using a popup.
* const provider = new FacebookAuthProvider();
* const result = await signInWithPopup(auth, provider);
* // Reauthenticate using a popup.
* await reauthenticateWithPopup(result.user, provider);
* ```
*
* @param user - The user.
* @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.
* Non-OAuth providers like {@link EmailAuthProvider} will throw an error.
* @param resolver - An instance of {@link PopupRedirectResolver}, optional
* if already supplied to {@link initializeAuth} or provided by {@link getAuth}.
*
* @public
*/
2982export declare function reauthenticateWithPopup(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<UserCredential>;
2983
2984/**
* Reauthenticates the current user with the specified {@link OAuthProvider} using a full-page redirect flow.
*
* @example
* ```javascript
* // Sign in using a redirect.
* const provider = new FacebookAuthProvider();
* const result = await signInWithRedirect(auth, provider);
* // This will trigger a full page redirect away from your app
*
* // After returning from the redirect when your app initializes you can obtain the result
* const result = await getRedirectResult(auth);
* // Link using a redirect.
* await linkWithRedirect(result.user, provider);
* // This will again trigger a full page redirect away from your app
*
* // After returning from the redirect when your app initializes you can obtain the result
* const result = await getRedirectResult(auth);
* ```
*
* @param user - The user.
* @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.
* Non-OAuth providers like {@link EmailAuthProvider} will throw an error.
* @param resolver - An instance of {@link PopupRedirectResolver}, optional
* if already supplied to {@link initializeAuth} or provided by {@link getAuth}.
*
* @public
*/
3012export declare function reauthenticateWithRedirect(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<never>;
3013
3014declare interface Recaptcha {
  render: (container: HTMLElement, parameters: RecaptchaParameters) => number;
  getResponse: (id: number) => string;
  execute: (id: number) => unknown;
  reset: (id: number) => unknown;
3019}
3020
3021/**
* We need to mark this interface as internal explicitly to exclude it in the public typings, because
* it references AuthInternal which has a circular dependency with UserInternal.
*
* @internal
*/
3027declare interface ReCaptchaLoader {
  load(auth: AuthInternal, hl?: string): Promise<Recaptcha>;
  clearedOneInstance(): void;
3030}
3031
3032/**
* Interface representing reCAPTCHA parameters.
*
* See the [reCAPTCHA docs](https://developers.google.com/recaptcha/docs/display#render_param)
* for the list of accepted parameters. All parameters are accepted except for `sitekey`: Firebase Auth
* provisions a reCAPTCHA for each project and will configure the site key upon rendering.
*
* For an invisible reCAPTCHA, set the `size` key to `invisible`.
*
* @public
*/
3043export declare interface RecaptchaParameters {
  [key: string]: any;
3045}
3046
3047/**
* An {@link https://www.google.com/recaptcha/ | reCAPTCHA}-based application verifier.
*
* @public
*/
3052export declare class RecaptchaVerifier implements ApplicationVerifierInternal {
  private readonly parameters;
  /**
   * The application verifier type.
   *
   * @remarks
   * For a reCAPTCHA verifier, this is 'recaptcha'.
   */
  readonly type = "recaptcha";
  private destroyed;
  private widgetId;
  private readonly container;
  private readonly isInvisible;
  private readonly tokenChangeListeners;
  private renderPromise;
  private readonly auth;
  /** @internal */
  readonly _recaptchaLoader: ReCaptchaLoader;
  private recaptcha;
  /**
   *
   * @param containerOrId - The reCAPTCHA container parameter.
   *
   * @remarks
   * This has different meaning depending on whether the reCAPTCHA is hidden or visible. For a
   * visible reCAPTCHA the container must be empty. If a string is used, it has to correspond to
   * an element ID. The corresponding element must also must be in the DOM at the time of
   * initialization.
   *
   * @param parameters - The optional reCAPTCHA parameters.
   *
   * @remarks
   * Check the reCAPTCHA docs for a comprehensive list. All parameters are accepted except for
   * the sitekey. Firebase Auth backend provisions a reCAPTCHA for each project and will
   * configure this upon rendering. For an invisible reCAPTCHA, a size key must have the value
   * 'invisible'.
   *
   * @param authExtern - The corresponding Firebase {@link Auth} instance.
   *
   * @remarks
   * If none is provided, the default Firebase {@link Auth} instance is used. A Firebase {@link Auth} instance
   * must be initialized with an API key, otherwise an error will be thrown.
   */
  constructor(containerOrId: HTMLElement | string, parameters: RecaptchaParameters, authExtern: Auth);
  /**
   * Waits for the user to solve the reCAPTCHA and resolves with the reCAPTCHA token.
   *
   * @returns A Promise for the reCAPTCHA token.
   */
  verify(): Promise<string>;
  /**
   * Renders the reCAPTCHA widget on the page.
   *
   * @returns A Promise that resolves with the reCAPTCHA widget ID.
   */
  render(): Promise<number>;
  /** @internal */
  _reset(): void;
  /**
   * Clears the reCAPTCHA widget from the page and destroys the instance.
   */
  clear(): void;
  private validateStartingState;
  private makeTokenCallback;
  private assertNotDestroyed;
  private makeRenderPromise;
  private init;
  private getAssertedRecaptcha;
3120}
3121
3122/**
* Reloads user account data, if signed in.
*
* @param user - The user.
*
* @public
*/
3129export declare function reload(user: User): Promise<void>;
3130
3131/**
* An {@link AuthProvider} for SAML.
*
* @public
*/
3136export declare class SAMLAuthProvider extends FederatedAuthProvider {
  /**
   * Constructor. The providerId must start with "saml."
   * @param providerId - SAML provider ID.
   */
  constructor(providerId: string);
  /**
   * Generates an {@link AuthCredential} from a {@link UserCredential} after a
   * successful SAML flow completes.
   *
   * @remarks
   *
   * For example, to get an {@link AuthCredential}, you could write the
   * following code:
   *
   * ```js
   * const userCredential = await signInWithPopup(auth, samlProvider);
   * const credential = SAMLAuthProvider.credentialFromResult(userCredential);
   * ```
   *
   * @param userCredential - The user credential.
   */
  static credentialFromResult(userCredential: UserCredential): AuthCredential | null;
  /**
   * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was
   * thrown during a sign-in, link, or reauthenticate operation.
   *
   * @param userCredential - The user credential.
   */
  static credentialFromError(error: FirebaseError): AuthCredential | null;
  /**
   * Creates an {@link AuthCredential} from a JSON string or a plain object.
   * @param json - A plain object or a JSON string
   */
  static credentialFromJSON(json: string | object): AuthCredential;
  private static samlCredentialFromTaggedObject;
3172}
3173
3174/**
* Sends a verification email to a user.
*
* @remarks
* The verification process is completed by calling {@link applyActionCode}.
*
* @example
* ```javascript
* const actionCodeSettings = {
*   url: 'https://www.example.com/?email=user@example.com',
*   iOS: {
*      bundleId: 'com.example.ios'
*   },
*   android: {
*     packageName: 'com.example.android',
*     installApp: true,
*     minimumVersion: '12'
*   },
*   handleCodeInApp: true
* };
* await sendEmailVerification(user, actionCodeSettings);
* // Obtain code from the user.
* await applyActionCode(auth, code);
* ```
*
* @param user - The user.
* @param actionCodeSettings - The {@link ActionCodeSettings}.
*
* @public
*/
3204export declare function sendEmailVerification(user: User, actionCodeSettings?: ActionCodeSettings | null): Promise<void>;
3205
3206/**
* Sends a password reset email to the given email address.
*
* @remarks
* To complete the password reset, call {@link confirmPasswordReset} with the code supplied in
* the email sent to the user, along with the new password specified by the user.
*
* @example
* ```javascript
* const actionCodeSettings = {
*   url: 'https://www.example.com/?email=user@example.com',
*   iOS: {
*      bundleId: 'com.example.ios'
*   },
*   android: {
*     packageName: 'com.example.android',
*     installApp: true,
*     minimumVersion: '12'
*   },
*   handleCodeInApp: true
* };
* await sendPasswordResetEmail(auth, 'user@example.com', actionCodeSettings);
* // Obtain code from user.
* await confirmPasswordReset('user@example.com', code);
* ```
*
* @param auth - The {@link Auth} instance.
* @param email - The user's email address.
* @param actionCodeSettings - The {@link ActionCodeSettings}.
*
* @public
*/
3238export declare function sendPasswordResetEmail(auth: Auth, email: string, actionCodeSettings?: ActionCodeSettings): Promise<void>;
3239
3240/**
* Sends a sign-in email link to the user with the specified email.
*
* @remarks
* The sign-in operation has to always be completed in the app unlike other out of band email
* actions (password reset and email verifications). This is because, at the end of the flow,
* the user is expected to be signed in and their Auth state persisted within the app.
*
* To complete sign in with the email link, call {@link signInWithEmailLink} with the email
* address and the email link supplied in the email sent to the user.
*
* @example
* ```javascript
* const actionCodeSettings = {
*   url: 'https://www.example.com/?email=user@example.com',
*   iOS: {
*      bundleId: 'com.example.ios'
*   },
*   android: {
*     packageName: 'com.example.android',
*     installApp: true,
*     minimumVersion: '12'
*   },
*   handleCodeInApp: true
* };
* await sendSignInLinkToEmail(auth, 'user@example.com', actionCodeSettings);
* // Obtain emailLink from the user.
* if(isSignInWithEmailLink(auth, emailLink)) {
*   await signInWithEmailLink(auth, 'user@example.com', emailLink);
* }
* ```
*
* @param authInternal - The {@link Auth} instance.
* @param email - The user's email address.
* @param actionCodeSettings - The {@link ActionCodeSettings}.
*
* @public
*/
3278export declare function sendSignInLinkToEmail(auth: Auth, email: string, actionCodeSettings: ActionCodeSettings): Promise<void>;
3279
3280/**
* Changes the type of persistence on the {@link Auth} instance for the currently saved
* `Auth` session and applies this type of persistence for future sign-in requests, including
* sign-in with redirect requests.
*
* @remarks
* This makes it easy for a user signing in to specify whether their session should be
* remembered or not. It also makes it easier to never persist the `Auth` state for applications
* that are shared by other users or have sensitive data.
*
* @example
* ```javascript
* setPersistence(auth, browserSessionPersistence);
* ```
*
* @param auth - The {@link Auth} instance.
* @param persistence - The {@link Persistence} to use.
* @returns A `Promise` that resolves once the persistence change has completed
*
* @public
*/
3301export declare function setPersistence(auth: Auth, persistence: Persistence): Promise<void>;
3302
3303/**
* Asynchronously signs in as an anonymous user.
*
* @remarks
* If there is already an anonymous user signed in, that user will be returned; otherwise, a
* new anonymous user identity will be created and returned.
*
* @param auth - The {@link Auth} instance.
*
* @public
*/
3314export declare function signInAnonymously(auth: Auth): Promise<UserCredential>;
3315
3316/**
* Enumeration of supported sign-in methods.
*
* @public
*/
3321export declare const SignInMethod: {
  /** Email link sign in method */
  readonly EMAIL_LINK: "emailLink";
  /** Email/password sign in method */
  readonly EMAIL_PASSWORD: "password";
  /** Facebook sign in method */
  readonly FACEBOOK: "facebook.com";
  /** GitHub sign in method */
  readonly GITHUB: "github.com";
  /** Google sign in method */
  readonly GOOGLE: "google.com";
  /** Phone sign in method */
  readonly PHONE: "phone";
  /** Twitter sign in method */
  readonly TWITTER: "twitter.com";
3336};
3337
3338/**
* Asynchronously signs in with the given credentials.
*
* @remarks
* An {@link AuthProvider} can be used to generate the credential.
*
* @param auth - The {@link Auth} instance.
* @param credential - The auth credential.
*
* @public
*/
3349export declare function signInWithCredential(auth: Auth, credential: AuthCredential): Promise<UserCredential>;
3350
3351/**
* Asynchronously signs in using a custom token.
*
* @remarks
* Custom tokens are used to integrate Firebase Auth with existing auth systems, and must
* be generated by an auth backend using the
* {@link https://firebase.google.com/docs/reference/admin/node/admin.auth.Auth#createcustomtoken | createCustomToken}
* method in the {@link https://firebase.google.com/docs/auth/admin | Admin SDK} .
*
* Fails with an error if the token is invalid, expired, or not accepted by the Firebase Auth service.
*
* @param auth - The {@link Auth} instance.
* @param customToken - The custom token to sign in with.
*
* @public
*/
3367export declare function signInWithCustomToken(auth: Auth, customToken: string): Promise<UserCredential>;
3368
3369/**
* Asynchronously signs in using an email and password.
*
* @remarks
* Fails with an error if the email address and password do not match.
*
* Note: The user's password is NOT the password used to access the user's email account. The
* email address serves as a unique identifier for the user, and the password is used to access
* the user's account in your Firebase project. See also: {@link createUserWithEmailAndPassword}.
*
* @param auth - The {@link Auth} instance.
* @param email - The users email address.
* @param password - The users password.
*
* @public
*/
3385export declare function signInWithEmailAndPassword(auth: Auth, email: string, password: string): Promise<UserCredential>;
3386
3387/**
* Asynchronously signs in using an email and sign-in email link.
*
* @remarks
* If no link is passed, the link is inferred from the current URL.
*
* Fails with an error if the email address is invalid or OTP in email link expires.
*
* Note: Confirm the link is a sign-in email link before calling this method firebase.auth.Auth.isSignInWithEmailLink.
*
* @example
* ```javascript
* const actionCodeSettings = {
*   url: 'https://www.example.com/?email=user@example.com',
*   iOS: {
*      bundleId: 'com.example.ios'
*   },
*   android: {
*     packageName: 'com.example.android',
*     installApp: true,
*     minimumVersion: '12'
*   },
*   handleCodeInApp: true
* };
* await sendSignInLinkToEmail(auth, 'user@example.com', actionCodeSettings);
* // Obtain emailLink from the user.
* if(isSignInWithEmailLink(auth, emailLink)) {
*   await signInWithEmailLink(auth, 'user@example.com', emailLink);
* }
* ```
*
* @param auth - The {@link Auth} instance.
* @param email - The user's email address.
* @param emailLink - The link sent to the user's email address.
*
* @public
*/
3424export declare function signInWithEmailLink(auth: Auth, email: string, emailLink?: string): Promise<UserCredential>;
3425
3426/**
* @internal
*/
3429declare interface SignInWithIdpResponse extends IdTokenResponse {
  oauthAccessToken?: string;
  oauthTokenSecret?: string;
  nonce?: string;
  oauthIdToken?: string;
  pendingToken?: string;
3435}
3436
3437/**
* Asynchronously signs in using a phone number.
*
* @remarks
* This method sends a code via SMS to the given
* phone number, and returns a {@link ConfirmationResult}. After the user
* provides the code sent to their phone, call {@link ConfirmationResult.confirm}
* with the code to sign the user in.
*
* For abuse prevention, this method also requires a {@link ApplicationVerifier}.
* This SDK includes a reCAPTCHA-based implementation, {@link RecaptchaVerifier}.
* This function can work on other platforms that do not support the
* {@link RecaptchaVerifier} (like React Native), but you need to use a
* third-party {@link ApplicationVerifier} implementation.
*
* @example
* ```javascript
* // 'recaptcha-container' is the ID of an element in the DOM.
* const applicationVerifier = new firebase.auth.RecaptchaVerifier('recaptcha-container');
* const confirmationResult = await signInWithPhoneNumber(auth, phoneNumber, applicationVerifier);
* // Obtain a verificationCode from the user.
* const credential = await confirmationResult.confirm(verificationCode);
* ```
*
* @param auth - The {@link Auth} instance.
* @param phoneNumber - The user's phone number in E.164 format (e.g. +16505550101).
* @param appVerifier - The {@link ApplicationVerifier}.
*
* @public
*/
3467export declare function signInWithPhoneNumber(auth: Auth, phoneNumber: string, appVerifier: ApplicationVerifier): Promise<ConfirmationResult>;
3468
3469/**
* @internal
*/
3472declare interface SignInWithPhoneNumberRequest {
  temporaryProof?: string;
  phoneNumber?: string;
  sessionInfo?: string;
  code?: string;
  tenantId?: string;
3478}
3479
3480/**
* @internal
*/
3483declare interface SignInWithPhoneNumberResponse extends IdTokenResponse {
  temporaryProof?: string;
  phoneNumber?: string;
3486}
3487
3488/**
* Authenticates a Firebase client using a popup-based OAuth authentication flow.
*
* @remarks
* If succeeds, returns the signed in user along with the provider's credential. If sign in was
* unsuccessful, returns an error object containing additional information about the error.
*
* @example
* ```javascript
* // Sign in using a popup.
* const provider = new FacebookAuthProvider();
* const result = await signInWithPopup(auth, provider);
*
* // The signed-in user info.
* const user = result.user;
* // This gives you a Facebook Access Token.
* const credential = provider.credentialFromResult(auth, result);
* const token = credential.accessToken;
* ```
*
* @param auth - The {@link Auth} instance.
* @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.
* Non-OAuth providers like {@link EmailAuthProvider} will throw an error.
* @param resolver - An instance of {@link PopupRedirectResolver}, optional
* if already supplied to {@link initializeAuth} or provided by {@link getAuth}.
*
*
* @public
*/
3517export declare function signInWithPopup(auth: Auth, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<UserCredential>;
3518
3519/**
* Authenticates a Firebase client using a full-page redirect flow.
*
* @remarks
* To handle the results and errors for this operation, refer to {@link getRedirectResult}.
*
* @example
* ```javascript
* // Sign in using a redirect.
* const provider = new FacebookAuthProvider();
* // You can add additional scopes to the provider:
* provider.addScope('user_birthday');
* // Start a sign in process for an unauthenticated user.
* await signInWithRedirect(auth, provider);
* // This will trigger a full page redirect away from your app
*
* // After returning from the redirect when your app initializes you can obtain the result
* const result = await getRedirectResult(auth);
* if (result) {
*   // This is the signed-in user
*   const user = result.user;
*   // This gives you a Facebook Access Token.
*   const credential = provider.credentialFromResult(auth, result);
*   const token = credential.accessToken;
* }
* // As this API can be used for sign-in, linking and reauthentication,
* // check the operationType to determine what triggered this redirect
* // operation.
* const operationType = result.operationType;
* ```
*
* @param auth - The {@link Auth} instance.
* @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.
* Non-OAuth providers like {@link EmailAuthProvider} will throw an error.
* @param resolver - An instance of {@link PopupRedirectResolver}, optional
* if already supplied to {@link initializeAuth} or provided by {@link getAuth}.
*
* @public
*/
3558export declare function signInWithRedirect(auth: Auth, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<never>;
3559
3560/**
* Signs out the current user.
*
* @param auth - The {@link Auth} instance.
*
* @public
*/
3567export declare function signOut(auth: Auth): Promise<void>;
3568
3569/**
* We need to mark this class as internal explicitly to exclude it in the public typings, because
* it references AuthInternal which has a circular dependency with UserInternal.
*
* @internal
*/
3575declare class StsTokenManager {
  refreshToken: string | null;
  accessToken: string | null;
  expirationTime: number | null;
  get isExpired(): boolean;
  updateFromServerResponse(response: IdTokenResponse | FinalizeMfaResponse): void;
  getToken(auth: AuthInternal, forceRefresh?: boolean): Promise<string | null>;
  clearRefreshToken(): void;
  private refresh;
  private updateTokensAndExpiration;
  static fromJSON(appName: string, object: PersistedBlob): StsTokenManager;
  toJSON(): object;
  _assign(stsTokenManager: StsTokenManager): void;
  _clone(): StsTokenManager;
  _performRefresh(): never;
3590}
3591
3592/**
* @internal
*/
3595declare interface TaggedWithTokenResponse {
  _tokenResponse?: PhoneOrOauthTokenResponse;
3597}
3598
3599/**
* Provider for generating an {@link OAuthCredential} for {@link ProviderId}.TWITTER.
*
* @example
* ```javascript
* // Sign in using a redirect.
* const provider = new TwitterAuthProvider();
* // Start a sign in process for an unauthenticated user.
* await signInWithRedirect(auth, provider);
* // This will trigger a full page redirect away from your app
*
* // After returning from the redirect when your app initializes you can obtain the result
* const result = await getRedirectResult(auth);
* if (result) {
*   // This is the signed-in user
*   const user = result.user;
*   // This gives you a Twitter Access Token and Secret.
*   const credential = TwitterAuthProvider.credentialFromResult(result);
*   const token = credential.accessToken;
*   const secret = credential.secret;
* }
* ```
*
* @example
* ```javascript
* // Sign in using a popup.
* const provider = new TwitterAuthProvider();
* const result = await signInWithPopup(auth, provider);
*
* // The signed-in user info.
* const user = result.user;
* // This gives you a Twitter Access Token and Secret.
* const credential = TwitterAuthProvider.credentialFromResult(result);
* const token = credential.accessToken;
* const secret = credential.secret;
* ```
*
* @public
*/
3638export declare class TwitterAuthProvider extends BaseOAuthProvider {
  /** Always set to {@link SignInMethod}.TWITTER. */
  static readonly TWITTER_SIGN_IN_METHOD: 'twitter.com';
  /** Always set to {@link ProviderId}.TWITTER. */
  static readonly PROVIDER_ID: 'twitter.com';
  constructor();
  /**
   * Creates a credential for Twitter.
   *
   * @param token - Twitter access token.
   * @param secret - Twitter secret.
   */
  static credential(token: string, secret: string): OAuthCredential;
  /**
   * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}.
   *
   * @param userCredential - The user credential.
   */
  static credentialFromResult(userCredential: UserCredential): OAuthCredential | null;
  /**
   * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was
   * thrown during a sign-in, link, or reauthenticate operation.
   *
   * @param userCredential - The user credential.
   */
  static credentialFromError(error: FirebaseError): OAuthCredential | null;
  private static credentialFromTaggedObject;
3665}
3666
3667/**
* Unlinks a provider from a user account.
*
* @param user - The user.
* @param providerId - The provider to unlink.
*
* @public
*/
3675export declare function unlink(user: User, providerId: string): Promise<User>;
3676export { Unsubscribe }
3677
3678/**
* Asynchronously sets the provided user as {@link Auth.currentUser} on the
* {@link Auth} instance.
*
* @remarks
* A new instance copy of the user provided will be made and set as currentUser.
*
* This will trigger {@link onAuthStateChanged} and {@link onIdTokenChanged} listeners
* like other sign in methods.
*
* The operation fails with an error if the user to be updated belongs to a different Firebase
* project.
*
* @param auth - The {@link Auth} instance.
* @param user - The new {@link User}.
*
* @public
*/
3696export declare function updateCurrentUser(auth: Auth, user: User | null): Promise<void>;
3697
3698/**
* Updates the user's email address.
*
* @remarks
* An email will be sent to the original email address (if it was set) that allows to revoke the
* email address change, in order to protect them from account hijacking.
*
* Important: this is a security sensitive operation that requires the user to have recently signed
* in. If this requirement isn't met, ask the user to authenticate again and then call
* {@link reauthenticateWithCredential}.
*
* @param user - The user.
* @param newEmail - The new email address.
*
* @public
*/
3714export declare function updateEmail(user: User, newEmail: string): Promise<void>;
3715
3716/**
* Updates the user's password.
*
* @remarks
* Important: this is a security sensitive operation that requires the user to have recently signed
* in. If this requirement isn't met, ask the user to authenticate again and then call
* {@link reauthenticateWithCredential}.
*
* @param user - The user.
* @param newPassword - The new password.
*
* @public
*/
3729export declare function updatePassword(user: User, newPassword: string): Promise<void>;
3730
3731/**
* Updates the user's phone number.
*
* @example
* ```
* // 'recaptcha-container' is the ID of an element in the DOM.
* const applicationVerifier = new RecaptchaVerifier('recaptcha-container');
* const provider = new PhoneAuthProvider(auth);
* const verificationId = await provider.verifyPhoneNumber('+16505550101', applicationVerifier);
* // Obtain the verificationCode from the user.
* const phoneCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
* await updatePhoneNumber(user, phoneCredential);
* ```
*
* @param user - The user.
* @param credential - A credential authenticating the new phone number.
*
* @public
*/
3750export declare function updatePhoneNumber(user: User, credential: PhoneAuthCredential): Promise<void>;
3751
3752/**
* Updates a user's profile data.
*
* @param user - The user.
* @param profile - The profile's `displayName` and `photoURL` to update.
*
* @public
*/
3760export declare function updateProfile(user: User, { displayName, photoURL: photoUrl }: {
  displayName?: string | null;
  photoURL?: string | null;
3763}): Promise<void>;
3764
3765/**
* Sets the current language to the default device/browser preference.
*
* @param auth - The {@link Auth} instance.
*
* @public
*/
3772export declare function useDeviceLanguage(auth: Auth): void;
3773
3774/**
* A user account.
*
* @public
*/
3779export declare interface User extends UserInfo {
  /**
   * Whether the email has been verified with {@link sendEmailVerification} and
   * {@link applyActionCode}.
   */
  readonly emailVerified: boolean;
  /**
   * Whether the user is authenticated using the {@link ProviderId}.ANONYMOUS provider.
   */
  readonly isAnonymous: boolean;
  /**
   * Additional metadata around user creation and sign-in times.
   */
  readonly metadata: UserMetadata;
  /**
   * Additional per provider such as displayName and profile information.
   */
  readonly providerData: UserInfo[];
  /**
   * Refresh token used to reauthenticate the user. Avoid using this directly and prefer
   * {@link User.getIdToken} to refresh the ID token instead.
   */
  readonly refreshToken: string;
  /**
   * The user's tenant ID.
   *
   * @remarks
   * This is a read-only property, which indicates the tenant ID
   * used to sign in the user. This is null if the user is signed in from the parent
   * project.
   *
   * @example
   * ```javascript
   * // Set the tenant ID on Auth instance.
   * auth.tenantId = 'TENANT_PROJECT_ID';
   *
   * // All future sign-in request now include tenant ID.
   * const result = await signInWithEmailAndPassword(auth, email, password);
   * // result.user.tenantId should be 'TENANT_PROJECT_ID'.
   * ```
   */
  readonly tenantId: string | null;
  /**
   * Deletes and signs out the user.
   *
   * @remarks
   * Important: this is a security-sensitive operation that requires the user to have recently
   * signed in. If this requirement isn't met, ask the user to authenticate again and then call
   * one of the reauthentication methods like {@link reauthenticateWithCredential}.
   */
  delete(): Promise<void>;
  /**
   * Returns a JSON Web Token (JWT) used to identify the user to a Firebase service.
   *
   * @remarks
   * Returns the current token if it has not expired or if it will not expire in the next five
   * minutes. Otherwise, this will refresh the token and return a new one.
   *
   * @param forceRefresh - Force refresh regardless of token expiration.
   */
  getIdToken(forceRefresh?: boolean): Promise<string>;
  /**
   * Returns a deserialized JSON Web Token (JWT) used to identitfy the user to a Firebase service.
   *
   * @remarks
   * Returns the current token if it has not expired or if it will not expire in the next five
   * minutes. Otherwise, this will refresh the token and return a new one.
   *
   * @param forceRefresh - Force refresh regardless of token expiration.
   */
  getIdTokenResult(forceRefresh?: boolean): Promise<IdTokenResult>;
  /**
   * Refreshes the user, if signed in.
   */
  reload(): Promise<void>;
  /**
   * Returns a JSON-serializable representation of this object.
   *
   * @returns A JSON-serializable representation of this object.
   */
  toJSON(): object;
3860}
3861
3862/**
* A structure containing a {@link User}, the {@link OperationType}, and the provider ID.
*
* @remarks
* `operationType` could be {@link OperationType}.SIGN_IN for a sign-in operation,
* {@link OperationType}.LINK for a linking operation and {@link OperationType}.REAUTHENTICATE for
* a reauthentication operation.
*
* @public
*/
3872export declare interface UserCredential {
  /**
   * The user authenticated by this credential.
   */
  user: User;
  /**
   * The provider which was used to authenticate the user.
   */
  providerId: string | null;
  /**
   * The type of operation which was used to authenticate the user (such as sign-in or link).
   */
  operationType: typeof OperationType[keyof typeof OperationType];
3885}
3886
3887/**
* @internal
*/
3890declare interface UserCredentialInternal extends UserCredential, TaggedWithTokenResponse {
  user: UserInternal;
3892}
3893
3894/**
* User profile information, visible only to the Firebase project's apps.
*
* @public
*/
3899export declare interface UserInfo {
  /**
   * The display name of the user.
   */
  readonly displayName: string | null;
  /**
   * The email of the user.
   */
  readonly email: string | null;
  /**
   * The phone number normalized based on the E.164 standard (e.g. +16505550101) for the
   * user.
   *
   * @remarks
   * This is null if the user has no phone credential linked to the account.
   */
  readonly phoneNumber: string | null;
  /**
   * The profile photo URL of the user.
   */
  readonly photoURL: string | null;
  /**
   * The provider used to authenticate the user.
   */
  readonly providerId: string;
  /**
   * The user's unique ID, scoped to the project.
   */
  readonly uid: string;
3928}
3929
3930/**
* UserInternal and AuthInternal reference each other, so both of them are included in the public typings.
* In order to exclude them, we mark them as internal explicitly.
*
* @internal
*/
3936declare interface UserInternal extends User {
  displayName: string | null;
  email: string | null;
  phoneNumber: string | null;
  photoURL: string | null;
  auth: AuthInternal;
  providerId: ProviderId_2.FIREBASE;
  refreshToken: string;
  emailVerified: boolean;
  tenantId: string | null;
  providerData: MutableUserInfo[];
  metadata: UserMetadata_2;
  stsTokenManager: StsTokenManager;
  _redirectEventId?: string;
  _updateTokensIfNecessary(response: IdTokenResponse | FinalizeMfaResponse, reload?: boolean): Promise<void>;
  _assign(user: UserInternal): void;
  _clone(auth: AuthInternal): UserInternal;
  _onReload: (cb: NextFn<APIUserInfo>) => void;
  _notifyReloadListener: NextFn<APIUserInfo>;
  _startProactiveRefresh: () => void;
  _stopProactiveRefresh: () => void;
  getIdToken(forceRefresh?: boolean): Promise<string>;
  getIdTokenResult(forceRefresh?: boolean): Promise<IdTokenResult>;
  reload(): Promise<void>;
  delete(): Promise<void>;
  toJSON(): PersistedBlob;
3962}
3963
3964/**
* Interface representing a user's metadata.
*
* @public
*/
3969export declare interface UserMetadata {
  /** Time the user was created. */
  readonly creationTime?: string;
  /** Time the user last signed in. */
  readonly lastSignInTime?: string;
3974}
3975
3976declare class UserMetadata_2 implements UserMetadata {
  private createdAt?;
  private lastLoginAt?;
  creationTime?: string;
  lastSignInTime?: string;
  constructor(createdAt?: string | number | undefined, lastLoginAt?: string | number | undefined);
  private _initializeTime;
  _copy(metadata: UserMetadata_2): void;
  toJSON(): object;
3985}
3986
3987/**
* User profile used in {@link AdditionalUserInfo}.
*
* @public
*/
3992export declare type UserProfile = Record<string, unknown>;
3993
3994/**
* Sends a verification email to a new email address.
*
* @remarks
* The user's email will be updated to the new one after being verified.
*
* If you have a custom email action handler, you can complete the verification process by calling
* {@link applyActionCode}.
*
* @example
* ```javascript
* const actionCodeSettings = {
*   url: 'https://www.example.com/?email=user@example.com',
*   iOS: {
*      bundleId: 'com.example.ios'
*   },
*   android: {
*     packageName: 'com.example.android',
*     installApp: true,
*     minimumVersion: '12'
*   },
*   handleCodeInApp: true
* };
* await verifyBeforeUpdateEmail(user, 'newemail@example.com', actionCodeSettings);
* // Obtain code from the user.
* await applyActionCode(auth, code);
* ```
*
* @param user - The user.
* @param newEmail - The new email address to be verified before update.
* @param actionCodeSettings - The {@link ActionCodeSettings}.
*
* @public
*/
4028export declare function verifyBeforeUpdateEmail(user: User, newEmail: string, actionCodeSettings?: ActionCodeSettings | null): Promise<void>;
4029
4030/**
* Checks a password reset code sent to the user by email or other out-of-band mechanism.
*
* @returns the user's email address if valid.
*
* @param auth - The {@link Auth} instance.
* @param code - A verification code sent to the user.
*
* @public
*/
4040export declare function verifyPasswordResetCode(auth: Auth, code: string): Promise<string>;
4041
4042export { }