1 | /**
|
2 | * Firebase Authentication
|
3 | *
|
4 | * @packageDocumentation
|
5 | */
|
6 |
|
7 | import { CompleteFn } from '@firebase/util';
|
8 | import { ErrorFactory } from '@firebase/util';
|
9 | import { ErrorFn } from '@firebase/util';
|
10 | import { FirebaseApp } from '@firebase/app';
|
11 | import { FirebaseError } from '@firebase/util';
|
12 | import { NextFn } from '@firebase/util';
|
13 | import { Observer } from '@firebase/util';
|
14 | import { Unsubscribe } from '@firebase/util';
|
15 |
|
16 | /**
|
17 | * A response from {@link checkActionCode}.
|
18 | *
|
19 | * @public
|
20 | */
|
21 | export declare interface ActionCodeInfo {
|
22 | /**
|
23 | * The data associated with the action code.
|
24 | *
|
25 | * @remarks
|
26 | * For the {@link ActionCodeOperation}.PASSWORD_RESET, {@link ActionCodeOperation}.VERIFY_EMAIL, and
|
27 | * {@link ActionCodeOperation}.RECOVER_EMAIL actions, this object contains an email field with the address
|
28 | * the email was sent to.
|
29 | *
|
30 | * For the {@link ActionCodeOperation}.RECOVER_EMAIL action, which allows a user to undo an email address
|
31 | * change, this object also contains a `previousEmail` field with the user account's current
|
32 | * email address. After the action completes, the user's email address will revert to the value
|
33 | * in the `email` field from the value in `previousEmail` field.
|
34 | *
|
35 | * For the {@link ActionCodeOperation}.VERIFY_AND_CHANGE_EMAIL action, which allows a user to verify the
|
36 | * email before updating it, this object contains a `previousEmail` field with the user account's
|
37 | * email address before updating. After the action completes, the user's email address will be
|
38 | * updated to the value in the `email` field from the value in `previousEmail` field.
|
39 | *
|
40 | * For the {@link ActionCodeOperation}.REVERT_SECOND_FACTOR_ADDITION action, which allows a user to
|
41 | * unenroll a newly added second factor, this object contains a `multiFactorInfo` field with
|
42 | * the information about the second factor. For phone second factor, the `multiFactorInfo`
|
43 | * is a {@link MultiFactorInfo} object, which contains the phone number.
|
44 | */
|
45 | data: {
|
46 | email?: string | null;
|
47 | multiFactorInfo?: MultiFactorInfo | null;
|
48 | previousEmail?: string | null;
|
49 | };
|
50 | /**
|
51 | * The type of operation that generated the action code.
|
52 | */
|
53 | operation: (typeof ActionCodeOperation)[keyof typeof ActionCodeOperation];
|
54 | }
|
55 |
|
56 | /**
|
57 | * An enumeration of the possible email action types.
|
58 | *
|
59 | * @public
|
60 | */
|
61 | export declare const ActionCodeOperation: {
|
62 | /** The email link sign-in action. */
|
63 | readonly EMAIL_SIGNIN: "EMAIL_SIGNIN";
|
64 | /** The password reset action. */
|
65 | readonly PASSWORD_RESET: "PASSWORD_RESET";
|
66 | /** The email revocation action. */
|
67 | readonly RECOVER_EMAIL: "RECOVER_EMAIL";
|
68 | /** The revert second factor addition email action. */
|
69 | readonly REVERT_SECOND_FACTOR_ADDITION: "REVERT_SECOND_FACTOR_ADDITION";
|
70 | /** The revert second factor addition email action. */
|
71 | readonly VERIFY_AND_CHANGE_EMAIL: "VERIFY_AND_CHANGE_EMAIL";
|
72 | /** The email verification action. */
|
73 | readonly VERIFY_EMAIL: "VERIFY_EMAIL";
|
74 | };
|
75 |
|
76 | /**
|
77 | * An interface that defines the required continue/state URL with optional Android and iOS
|
78 | * bundle identifiers.
|
79 | *
|
80 | * @public
|
81 | */
|
82 | export declare interface ActionCodeSettings {
|
83 | /**
|
84 | * Sets the Android package name.
|
85 | *
|
86 | * @remarks
|
87 | * This will try to open the link in an android app if it is
|
88 | * installed. If `installApp` is passed, it specifies whether to install the Android app if the
|
89 | * device supports it and the app is not already installed. If this field is provided without
|
90 | * a `packageName`, an error is thrown explaining that the `packageName` must be provided in
|
91 | * conjunction with this field. If `minimumVersion` is specified, and an older version of the
|
92 | * app is installed, the user is taken to the Play Store to upgrade the app.
|
93 | */
|
94 | android?: {
|
95 | installApp?: boolean;
|
96 | minimumVersion?: string;
|
97 | packageName: string;
|
98 | };
|
99 | /**
|
100 | * When set to true, the action code link will be be sent as a Universal Link or Android App
|
101 | * Link and will be opened by the app if installed.
|
102 | *
|
103 | * @remarks
|
104 | * In the false case, the code will be sent to the web widget first and then on continue will
|
105 | * redirect to the app if installed.
|
106 | *
|
107 | * @defaultValue false
|
108 | */
|
109 | handleCodeInApp?: boolean;
|
110 | /**
|
111 | * Sets the iOS bundle ID.
|
112 | *
|
113 | * @remarks
|
114 | * This will try to open the link in an iOS app if it is installed.
|
115 | *
|
116 | * App installation is not supported for iOS.
|
117 | */
|
118 | iOS?: {
|
119 | bundleId: string;
|
120 | };
|
121 | /**
|
122 | * Sets the link continue/state URL.
|
123 | *
|
124 | * @remarks
|
125 | * This has different meanings in different contexts:
|
126 | * - When the link is handled in the web action widgets, this is the deep link in the
|
127 | * `continueUrl` query parameter.
|
128 | * - When the link is handled in the app directly, this is the `continueUrl` query parameter in
|
129 | * the deep link of the Dynamic Link.
|
130 | */
|
131 | url: string;
|
132 | /**
|
133 | * When multiple custom dynamic link domains are defined for a project, specify which one to use
|
134 | * when the link is to be opened via a specified mobile app (for example, `example.page.link`).
|
135 | *
|
136 | *
|
137 | * @defaultValue The first domain is automatically selected.
|
138 | */
|
139 | dynamicLinkDomain?: string;
|
140 | }
|
141 |
|
142 | /**
|
143 | * @license
|
144 | * Copyright 2020 Google LLC
|
145 | *
|
146 | * Licensed under the Apache License, Version 2.0 (the "License");
|
147 | * you may not use this file except in compliance with the License.
|
148 | * You may obtain a copy of the License at
|
149 | *
|
150 | * http://www.apache.org/licenses/LICENSE-2.0
|
151 | *
|
152 | * Unless required by applicable law or agreed to in writing, software
|
153 | * distributed under the License is distributed on an "AS IS" BASIS,
|
154 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
155 | * See the License for the specific language governing permissions and
|
156 | * limitations under the License.
|
157 | */
|
158 | /**
|
159 | * A utility class to parse email action URLs such as password reset, email verification,
|
160 | * email link sign in, etc.
|
161 | *
|
162 | * @public
|
163 | */
|
164 | export declare class ActionCodeURL {
|
165 | /**
|
166 | * The API key of the email action link.
|
167 | */
|
168 | readonly apiKey: string;
|
169 | /**
|
170 | * The action code of the email action link.
|
171 | */
|
172 | readonly code: string;
|
173 | /**
|
174 | * The continue URL of the email action link. Null if not provided.
|
175 | */
|
176 | readonly continueUrl: string | null;
|
177 | /**
|
178 | * The language code of the email action link. Null if not provided.
|
179 | */
|
180 | readonly languageCode: string | null;
|
181 | /**
|
182 | * The action performed by the email action link. It returns from one of the types from
|
183 | * {@link ActionCodeInfo}
|
184 | */
|
185 | readonly operation: string;
|
186 | /**
|
187 | * The tenant ID of the email action link. Null if the email action is from the parent project.
|
188 | */
|
189 | readonly tenantId: string | null;
|
190 | /* Excluded from this release type: __constructor */
|
191 | /**
|
192 | * Parses the email action link string and returns an {@link ActionCodeURL} if the link is valid,
|
193 | * otherwise returns null.
|
194 | *
|
195 | * @param link - The email action link string.
|
196 | * @returns The {@link ActionCodeURL} object, or null if the link is invalid.
|
197 | *
|
198 | * @public
|
199 | */
|
200 | static parseLink(link: string): ActionCodeURL | null;
|
201 | }
|
202 |
|
203 | /**
|
204 | * A structure containing additional user information from a federated identity provider.
|
205 | *
|
206 | * @public
|
207 | */
|
208 | export declare interface AdditionalUserInfo {
|
209 | /**
|
210 | * Whether the user is new (created via sign-up) or existing (authenticated using sign-in).
|
211 | */
|
212 | readonly isNewUser: boolean;
|
213 | /**
|
214 | * Map containing IDP-specific user data.
|
215 | */
|
216 | readonly profile: Record<string, unknown> | null;
|
217 | /**
|
218 | * Identifier for the provider used to authenticate this user.
|
219 | */
|
220 | readonly providerId: string | null;
|
221 | /**
|
222 | * The username if the provider is GitHub or Twitter.
|
223 | */
|
224 | readonly username?: string | null;
|
225 | }
|
226 |
|
227 | declare interface APIUserInfo {
|
228 | localId?: string;
|
229 | displayName?: string;
|
230 | photoUrl?: string;
|
231 | email?: string;
|
232 | emailVerified?: boolean;
|
233 | phoneNumber?: string;
|
234 | lastLoginAt?: number;
|
235 | createdAt?: number;
|
236 | tenantId?: string;
|
237 | passwordHash?: string;
|
238 | providerUserInfo?: ProviderUserInfo[];
|
239 | mfaInfo?: MfaEnrollment[];
|
240 | }
|
241 |
|
242 | /**
|
243 | * A verifier for domain verification and abuse prevention.
|
244 | *
|
245 | * @remarks
|
246 | * Currently, the only implementation is {@link RecaptchaVerifier}.
|
247 | *
|
248 | * @public
|
249 | */
|
250 | export declare interface ApplicationVerifier {
|
251 | /**
|
252 | * Identifies the type of application verifier (e.g. "recaptcha").
|
253 | */
|
254 | readonly type: string;
|
255 | /**
|
256 | * Executes the verification process.
|
257 | *
|
258 | * @returns A Promise for a token that can be used to assert the validity of a request.
|
259 | */
|
260 | verify(): Promise<string>;
|
261 | }
|
262 |
|
263 | declare interface ApplicationVerifierInternal extends ApplicationVerifier {
|
264 | /* Excluded from this release type: _reset */
|
265 | }
|
266 |
|
267 | /**
|
268 | * Applies a verification code sent to the user by email or other out-of-band mechanism.
|
269 | *
|
270 | * @param auth - The {@link Auth} instance.
|
271 | * @param oobCode - A verification code sent to the user.
|
272 | *
|
273 | * @public
|
274 | */
|
275 | export declare function applyActionCode(auth: Auth, oobCode: string): Promise<void>;
|
276 |
|
277 | declare type AppName = string;
|
278 |
|
279 | /**
|
280 | * Interface representing Firebase Auth service.
|
281 | *
|
282 | * @remarks
|
283 | * See {@link https://firebase.google.com/docs/auth/ | Firebase Authentication} for a full guide
|
284 | * on how to use the Firebase Auth service.
|
285 | *
|
286 | * @public
|
287 | */
|
288 | export declare interface Auth {
|
289 | /** The {@link @firebase/app#FirebaseApp} associated with the `Auth` service instance. */
|
290 | readonly app: FirebaseApp;
|
291 | /** The name of the app associated with the `Auth` service instance. */
|
292 | readonly name: string;
|
293 | /** The {@link Config} used to initialize this instance. */
|
294 | readonly config: Config;
|
295 | /**
|
296 | * Changes the type of persistence on the `Auth` instance.
|
297 | *
|
298 | * @remarks
|
299 | * This will affect the currently saved Auth session and applies this type of persistence for
|
300 | * future sign-in requests, including sign-in with redirect requests.
|
301 | *
|
302 | * This makes it easy for a user signing in to specify whether their session should be
|
303 | * remembered or not. It also makes it easier to never persist the Auth state for applications
|
304 | * that are shared by other users or have sensitive data.
|
305 | *
|
306 | * This method does not work in a Node.js environment.
|
307 | *
|
308 | * @example
|
309 | * ```javascript
|
310 | * auth.setPersistence(browserSessionPersistence);
|
311 | * ```
|
312 | *
|
313 | * @param persistence - The {@link Persistence} to use.
|
314 | */
|
315 | setPersistence(persistence: Persistence): Promise<void>;
|
316 | /**
|
317 | * The {@link Auth} instance's language code.
|
318 | *
|
319 | * @remarks
|
320 | * This is a readable/writable property. When set to null, the default Firebase Console language
|
321 | * setting is applied. The language code will propagate to email action templates (password
|
322 | * reset, email verification and email change revocation), SMS templates for phone authentication,
|
323 | * reCAPTCHA verifier and OAuth popup/redirect operations provided the specified providers support
|
324 | * localization with the language code specified.
|
325 | */
|
326 | languageCode: string | null;
|
327 | /**
|
328 | * The {@link Auth} instance's tenant ID.
|
329 | *
|
330 | * @remarks
|
331 | * This is a readable/writable property. When you set the tenant ID of an {@link Auth} instance, all
|
332 | * future sign-in/sign-up operations will pass this tenant ID and sign in or sign up users to
|
333 | * the specified tenant project. When set to null, users are signed in to the parent project.
|
334 | *
|
335 | * @example
|
336 | * ```javascript
|
337 | * // Set the tenant ID on Auth instance.
|
338 | * auth.tenantId = 'TENANT_PROJECT_ID';
|
339 | *
|
340 | * // All future sign-in request now include tenant ID.
|
341 | * const result = await signInWithEmailAndPassword(auth, email, password);
|
342 | * // result.user.tenantId should be 'TENANT_PROJECT_ID'.
|
343 | * ```
|
344 | *
|
345 | * @defaultValue null
|
346 | */
|
347 | tenantId: string | null;
|
348 | /**
|
349 | * The {@link Auth} instance's settings.
|
350 | *
|
351 | * @remarks
|
352 | * This is used to edit/read configuration related options such as app verification mode for
|
353 | * phone authentication.
|
354 | */
|
355 | readonly settings: AuthSettings;
|
356 | /**
|
357 | * Adds an observer for changes to the user's sign-in state.
|
358 | *
|
359 | * @remarks
|
360 | * To keep the old behavior, see {@link Auth.onIdTokenChanged}.
|
361 | *
|
362 | * @param nextOrObserver - callback triggered on change.
|
363 | * @param error - Deprecated. This callback is never triggered. Errors
|
364 | * on signing in/out can be caught in promises returned from
|
365 | * sign-in/sign-out functions.
|
366 | * @param completed - Deprecated. This callback is never triggered.
|
367 | */
|
368 | onAuthStateChanged(nextOrObserver: NextOrObserver<User | null>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe;
|
369 | /**
|
370 | * Adds a blocking callback that runs before an auth state change
|
371 | * sets a new user.
|
372 | *
|
373 | * @param callback - callback triggered before new user value is set.
|
374 | * If this throws, it blocks the user from being set.
|
375 | * @param onAbort - callback triggered if a later `beforeAuthStateChanged()`
|
376 | * callback throws, allowing you to undo any side effects.
|
377 | */
|
378 | beforeAuthStateChanged(callback: (user: User | null) => void | Promise<void>, onAbort?: () => void): Unsubscribe;
|
379 | /**
|
380 | * Adds an observer for changes to the signed-in user's ID token.
|
381 | *
|
382 | * @remarks
|
383 | * This includes sign-in, sign-out, and token refresh events.
|
384 | *
|
385 | * @param nextOrObserver - callback triggered on change.
|
386 | * @param error - Deprecated. This callback is never triggered. Errors
|
387 | * on signing in/out can be caught in promises returned from
|
388 | * sign-in/sign-out functions.
|
389 | * @param completed - Deprecated. This callback is never triggered.
|
390 | */
|
391 | onIdTokenChanged(nextOrObserver: NextOrObserver<User | null>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe;
|
392 | /**
|
393 | * returns a promise that resolves immediately when the initial
|
394 | * auth state is settled. When the promise resolves, the current user might be a valid user
|
395 | * or `null` if the user signed out.
|
396 | */
|
397 | authStateReady(): Promise<void>;
|
398 | /** The currently signed-in user (or null). */
|
399 | readonly currentUser: User | null;
|
400 | /** The current emulator configuration (or null). */
|
401 | readonly emulatorConfig: EmulatorConfig | null;
|
402 | /**
|
403 | * Asynchronously sets the provided user as {@link Auth.currentUser} on the {@link Auth} instance.
|
404 | *
|
405 | * @remarks
|
406 | * A new instance copy of the user provided will be made and set as currentUser.
|
407 | *
|
408 | * This will trigger {@link Auth.onAuthStateChanged} and {@link Auth.onIdTokenChanged} listeners
|
409 | * like other sign in methods.
|
410 | *
|
411 | * The operation fails with an error if the user to be updated belongs to a different Firebase
|
412 | * project.
|
413 | *
|
414 | * @param user - The new {@link User}.
|
415 | */
|
416 | updateCurrentUser(user: User | null): Promise<void>;
|
417 | /**
|
418 | * Sets the current language to the default device/browser preference.
|
419 | */
|
420 | useDeviceLanguage(): void;
|
421 | /**
|
422 | * Signs out the current user. This does not automatically revoke the user's ID token.
|
423 | *
|
424 | * @remarks
|
425 | * This method is not supported by {@link Auth} instances created with a
|
426 | * {@link @firebase/app#FirebaseServerApp}.
|
427 | */
|
428 | signOut(): Promise<void>;
|
429 | }
|
430 |
|
431 | /**
|
432 | * Interface that represents the credentials returned by an {@link AuthProvider}.
|
433 | *
|
434 | * @remarks
|
435 | * Implementations specify the details about each auth provider's credential requirements.
|
436 | *
|
437 | * @public
|
438 | */
|
439 | export declare class AuthCredential {
|
440 | /**
|
441 | * The authentication provider ID for the credential.
|
442 | *
|
443 | * @remarks
|
444 | * For example, 'facebook.com', or 'google.com'.
|
445 | */
|
446 | readonly providerId: string;
|
447 | /**
|
448 | * The authentication sign in method for the credential.
|
449 | *
|
450 | * @remarks
|
451 | * For example, {@link SignInMethod}.EMAIL_PASSWORD, or
|
452 | * {@link SignInMethod}.EMAIL_LINK. This corresponds to the sign-in method
|
453 | * identifier as returned in {@link fetchSignInMethodsForEmail}.
|
454 | */
|
455 | readonly signInMethod: string;
|
456 | /* Excluded from this release type: __constructor */
|
457 | /**
|
458 | * Returns a JSON-serializable representation of this object.
|
459 | *
|
460 | * @returns a JSON-serializable representation of this object.
|
461 | */
|
462 | toJSON(): object;
|
463 | /* Excluded from this release type: _getIdTokenResponse */
|
464 | /* Excluded from this release type: _linkToIdToken */
|
465 | /* Excluded from this release type: _getReauthenticationResolver */
|
466 | }
|
467 |
|
468 | /**
|
469 | * Interface for an `Auth` error.
|
470 | *
|
471 | * @public
|
472 | */
|
473 | export declare interface AuthError extends FirebaseError {
|
474 | /** Details about the Firebase Auth error. */
|
475 | readonly customData: {
|
476 | /** The name of the Firebase App which triggered this error. */
|
477 | readonly appName: string;
|
478 | /** The email address of the user's account, used for sign-in and linking. */
|
479 | readonly email?: string;
|
480 | /** The phone number of the user's account, used for sign-in and linking. */
|
481 | readonly phoneNumber?: string;
|
482 | /**
|
483 | * The tenant ID being used for sign-in and linking.
|
484 | *
|
485 | * @remarks
|
486 | * If you use {@link signInWithRedirect} to sign in,
|
487 | * you have to set the tenant ID on the {@link Auth} instance again as the tenant ID is not persisted
|
488 | * after redirection.
|
489 | */
|
490 | readonly tenantId?: string;
|
491 | };
|
492 | }
|
493 |
|
494 | /* Excluded from this release type: AuthErrorCode */
|
495 |
|
496 | /**
|
497 | * A map of potential `Auth` error codes, for easier comparison with errors
|
498 | * thrown by the SDK.
|
499 | *
|
500 | * @remarks
|
501 | * Note that you can't tree-shake individual keys
|
502 | * in the map, so by using the map you might substantially increase your
|
503 | * bundle size.
|
504 | *
|
505 | * @public
|
506 | */
|
507 | export declare const AuthErrorCodes: {
|
508 | readonly ADMIN_ONLY_OPERATION: "auth/admin-restricted-operation";
|
509 | readonly ARGUMENT_ERROR: "auth/argument-error";
|
510 | readonly APP_NOT_AUTHORIZED: "auth/app-not-authorized";
|
511 | readonly APP_NOT_INSTALLED: "auth/app-not-installed";
|
512 | readonly CAPTCHA_CHECK_FAILED: "auth/captcha-check-failed";
|
513 | readonly CODE_EXPIRED: "auth/code-expired";
|
514 | readonly CORDOVA_NOT_READY: "auth/cordova-not-ready";
|
515 | readonly CORS_UNSUPPORTED: "auth/cors-unsupported";
|
516 | readonly CREDENTIAL_ALREADY_IN_USE: "auth/credential-already-in-use";
|
517 | readonly CREDENTIAL_MISMATCH: "auth/custom-token-mismatch";
|
518 | readonly CREDENTIAL_TOO_OLD_LOGIN_AGAIN: "auth/requires-recent-login";
|
519 | readonly DEPENDENT_SDK_INIT_BEFORE_AUTH: "auth/dependent-sdk-initialized-before-auth";
|
520 | readonly DYNAMIC_LINK_NOT_ACTIVATED: "auth/dynamic-link-not-activated";
|
521 | readonly EMAIL_CHANGE_NEEDS_VERIFICATION: "auth/email-change-needs-verification";
|
522 | readonly EMAIL_EXISTS: "auth/email-already-in-use";
|
523 | readonly EMULATOR_CONFIG_FAILED: "auth/emulator-config-failed";
|
524 | readonly EXPIRED_OOB_CODE: "auth/expired-action-code";
|
525 | readonly EXPIRED_POPUP_REQUEST: "auth/cancelled-popup-request";
|
526 | readonly INTERNAL_ERROR: "auth/internal-error";
|
527 | readonly INVALID_API_KEY: "auth/invalid-api-key";
|
528 | readonly INVALID_APP_CREDENTIAL: "auth/invalid-app-credential";
|
529 | readonly INVALID_APP_ID: "auth/invalid-app-id";
|
530 | readonly INVALID_AUTH: "auth/invalid-user-token";
|
531 | readonly INVALID_AUTH_EVENT: "auth/invalid-auth-event";
|
532 | readonly INVALID_CERT_HASH: "auth/invalid-cert-hash";
|
533 | readonly INVALID_CODE: "auth/invalid-verification-code";
|
534 | readonly INVALID_CONTINUE_URI: "auth/invalid-continue-uri";
|
535 | readonly INVALID_CORDOVA_CONFIGURATION: "auth/invalid-cordova-configuration";
|
536 | readonly INVALID_CUSTOM_TOKEN: "auth/invalid-custom-token";
|
537 | readonly INVALID_DYNAMIC_LINK_DOMAIN: "auth/invalid-dynamic-link-domain";
|
538 | readonly INVALID_EMAIL: "auth/invalid-email";
|
539 | readonly INVALID_EMULATOR_SCHEME: "auth/invalid-emulator-scheme";
|
540 | readonly INVALID_IDP_RESPONSE: "auth/invalid-credential";
|
541 | readonly INVALID_LOGIN_CREDENTIALS: "auth/invalid-credential";
|
542 | readonly INVALID_MESSAGE_PAYLOAD: "auth/invalid-message-payload";
|
543 | readonly INVALID_MFA_SESSION: "auth/invalid-multi-factor-session";
|
544 | readonly INVALID_OAUTH_CLIENT_ID: "auth/invalid-oauth-client-id";
|
545 | readonly INVALID_OAUTH_PROVIDER: "auth/invalid-oauth-provider";
|
546 | readonly INVALID_OOB_CODE: "auth/invalid-action-code";
|
547 | readonly INVALID_ORIGIN: "auth/unauthorized-domain";
|
548 | readonly INVALID_PASSWORD: "auth/wrong-password";
|
549 | readonly INVALID_PERSISTENCE: "auth/invalid-persistence-type";
|
550 | readonly INVALID_PHONE_NUMBER: "auth/invalid-phone-number";
|
551 | readonly INVALID_PROVIDER_ID: "auth/invalid-provider-id";
|
552 | readonly INVALID_RECIPIENT_EMAIL: "auth/invalid-recipient-email";
|
553 | readonly INVALID_SENDER: "auth/invalid-sender";
|
554 | readonly INVALID_SESSION_INFO: "auth/invalid-verification-id";
|
555 | readonly INVALID_TENANT_ID: "auth/invalid-tenant-id";
|
556 | readonly MFA_INFO_NOT_FOUND: "auth/multi-factor-info-not-found";
|
557 | readonly MFA_REQUIRED: "auth/multi-factor-auth-required";
|
558 | readonly MISSING_ANDROID_PACKAGE_NAME: "auth/missing-android-pkg-name";
|
559 | readonly MISSING_APP_CREDENTIAL: "auth/missing-app-credential";
|
560 | readonly MISSING_AUTH_DOMAIN: "auth/auth-domain-config-required";
|
561 | readonly MISSING_CODE: "auth/missing-verification-code";
|
562 | readonly MISSING_CONTINUE_URI: "auth/missing-continue-uri";
|
563 | readonly MISSING_IFRAME_START: "auth/missing-iframe-start";
|
564 | readonly MISSING_IOS_BUNDLE_ID: "auth/missing-ios-bundle-id";
|
565 | readonly MISSING_OR_INVALID_NONCE: "auth/missing-or-invalid-nonce";
|
566 | readonly MISSING_MFA_INFO: "auth/missing-multi-factor-info";
|
567 | readonly MISSING_MFA_SESSION: "auth/missing-multi-factor-session";
|
568 | readonly MISSING_PHONE_NUMBER: "auth/missing-phone-number";
|
569 | readonly MISSING_SESSION_INFO: "auth/missing-verification-id";
|
570 | readonly MODULE_DESTROYED: "auth/app-deleted";
|
571 | readonly NEED_CONFIRMATION: "auth/account-exists-with-different-credential";
|
572 | readonly NETWORK_REQUEST_FAILED: "auth/network-request-failed";
|
573 | readonly NULL_USER: "auth/null-user";
|
574 | readonly NO_AUTH_EVENT: "auth/no-auth-event";
|
575 | readonly NO_SUCH_PROVIDER: "auth/no-such-provider";
|
576 | readonly OPERATION_NOT_ALLOWED: "auth/operation-not-allowed";
|
577 | readonly OPERATION_NOT_SUPPORTED: "auth/operation-not-supported-in-this-environment";
|
578 | readonly POPUP_BLOCKED: "auth/popup-blocked";
|
579 | readonly POPUP_CLOSED_BY_USER: "auth/popup-closed-by-user";
|
580 | readonly PROVIDER_ALREADY_LINKED: "auth/provider-already-linked";
|
581 | readonly QUOTA_EXCEEDED: "auth/quota-exceeded";
|
582 | readonly REDIRECT_CANCELLED_BY_USER: "auth/redirect-cancelled-by-user";
|
583 | readonly REDIRECT_OPERATION_PENDING: "auth/redirect-operation-pending";
|
584 | readonly REJECTED_CREDENTIAL: "auth/rejected-credential";
|
585 | readonly SECOND_FACTOR_ALREADY_ENROLLED: "auth/second-factor-already-in-use";
|
586 | readonly SECOND_FACTOR_LIMIT_EXCEEDED: "auth/maximum-second-factor-count-exceeded";
|
587 | readonly TENANT_ID_MISMATCH: "auth/tenant-id-mismatch";
|
588 | readonly TIMEOUT: "auth/timeout";
|
589 | readonly TOKEN_EXPIRED: "auth/user-token-expired";
|
590 | readonly TOO_MANY_ATTEMPTS_TRY_LATER: "auth/too-many-requests";
|
591 | readonly UNAUTHORIZED_DOMAIN: "auth/unauthorized-continue-uri";
|
592 | readonly UNSUPPORTED_FIRST_FACTOR: "auth/unsupported-first-factor";
|
593 | readonly UNSUPPORTED_PERSISTENCE: "auth/unsupported-persistence-type";
|
594 | readonly UNSUPPORTED_TENANT_OPERATION: "auth/unsupported-tenant-operation";
|
595 | readonly UNVERIFIED_EMAIL: "auth/unverified-email";
|
596 | readonly USER_CANCELLED: "auth/user-cancelled";
|
597 | readonly USER_DELETED: "auth/user-not-found";
|
598 | readonly USER_DISABLED: "auth/user-disabled";
|
599 | readonly USER_MISMATCH: "auth/user-mismatch";
|
600 | readonly USER_SIGNED_OUT: "auth/user-signed-out";
|
601 | readonly WEAK_PASSWORD: "auth/weak-password";
|
602 | readonly WEB_STORAGE_UNSUPPORTED: "auth/web-storage-unsupported";
|
603 | readonly ALREADY_INITIALIZED: "auth/already-initialized";
|
604 | readonly RECAPTCHA_NOT_ENABLED: "auth/recaptcha-not-enabled";
|
605 | readonly MISSING_RECAPTCHA_TOKEN: "auth/missing-recaptcha-token";
|
606 | readonly INVALID_RECAPTCHA_TOKEN: "auth/invalid-recaptcha-token";
|
607 | readonly INVALID_RECAPTCHA_ACTION: "auth/invalid-recaptcha-action";
|
608 | readonly MISSING_CLIENT_TYPE: "auth/missing-client-type";
|
609 | readonly MISSING_RECAPTCHA_VERSION: "auth/missing-recaptcha-version";
|
610 | readonly INVALID_RECAPTCHA_VERSION: "auth/invalid-recaptcha-version";
|
611 | readonly INVALID_REQ_TYPE: "auth/invalid-req-type";
|
612 | };
|
613 |
|
614 | /**
|
615 | * A mapping of error codes to error messages.
|
616 | *
|
617 | * @remarks
|
618 | *
|
619 | * While error messages are useful for debugging (providing verbose textual
|
620 | * context around what went wrong), these strings take up a lot of space in the
|
621 | * compiled code. When deploying code in production, using {@link prodErrorMap}
|
622 | * will save you roughly 10k compressed/gzipped over {@link debugErrorMap}. You
|
623 | * can select the error map during initialization:
|
624 | *
|
625 | * ```javascript
|
626 | * initializeAuth(app, {errorMap: debugErrorMap})
|
627 | * ```
|
628 | *
|
629 | * When initializing Auth, {@link prodErrorMap} is default.
|
630 | *
|
631 | * @public
|
632 | */
|
633 | export declare interface AuthErrorMap {
|
634 | }
|
635 |
|
636 | /* Excluded from this release type: AuthErrorParams */
|
637 |
|
638 | /* Excluded from this release type: AuthEvent */
|
639 |
|
640 | /* Excluded from this release type: AuthEventConsumer */
|
641 |
|
642 | declare interface AuthEventError extends Error {
|
643 | code: string;
|
644 | message: string;
|
645 | }
|
646 |
|
647 | /* Excluded from this release type: AuthEventType */
|
648 |
|
649 | /* Excluded from this release type: AuthInternal */
|
650 |
|
651 | declare class AuthPopup {
|
652 | readonly window: Window | null;
|
653 | associatedEvent: string | null;
|
654 | constructor(window: Window | null);
|
655 | close(): void;
|
656 | }
|
657 |
|
658 | /**
|
659 | * Interface that represents an auth provider, used to facilitate creating { AuthCredential}.
|
660 | *
|
661 | *
|
662 | */
|
663 | export declare interface AuthProvider {
|
664 | /**
|
665 | * Provider for which credentials can be constructed.
|
666 | */
|
667 | readonly providerId: string;
|
668 | }
|
669 |
|
670 | /**
|
671 | * Interface representing an {@link Auth} instance's settings.
|
672 | *
|
673 | * @remarks Currently used for enabling/disabling app verification for phone Auth testing.
|
674 | *
|
675 | * @public
|
676 | */
|
677 | export declare interface AuthSettings {
|
678 | /**
|
679 | * When set, this property disables app verification for the purpose of testing phone
|
680 | * authentication. For this property to take effect, it needs to be set before rendering a
|
681 | * reCAPTCHA app verifier. When this is disabled, a mock reCAPTCHA is rendered instead. This is
|
682 | * useful for manual testing during development or for automated integration tests.
|
683 | *
|
684 | * In order to use this feature, you will need to
|
685 | * {@link https://firebase.google.com/docs/auth/web/phone-auth#test-with-whitelisted-phone-numbers | whitelist your phone number}
|
686 | * via the Firebase Console.
|
687 | *
|
688 | * The default value is false (app verification is enabled).
|
689 | */
|
690 | appVerificationDisabledForTesting: boolean;
|
691 | }
|
692 |
|
693 | /**
|
694 | * MFA Info as returned by the API.
|
695 | */
|
696 | declare interface BaseMfaEnrollment {
|
697 | mfaEnrollmentId: string;
|
698 | enrolledAt: number;
|
699 | displayName?: string;
|
700 | }
|
701 |
|
702 | /**
|
703 | * Common code to all OAuth providers. This is separate from the
|
704 | * {@link OAuthProvider} so that child providers (like
|
705 | * {@link GoogleAuthProvider}) don't inherit the `credential` instance method.
|
706 | * Instead, they rely on a static `credential` method.
|
707 | */
|
708 | declare abstract class BaseOAuthProvider extends FederatedAuthProvider implements AuthProvider {
|
709 | /* Excluded from this release type: scopes */
|
710 | /**
|
711 | * Add an OAuth scope to the credential.
|
712 | *
|
713 | * @param scope - Provider OAuth scope to add.
|
714 | */
|
715 | addScope(scope: string): AuthProvider;
|
716 | /**
|
717 | * Retrieve the current list of OAuth scopes.
|
718 | */
|
719 | getScopes(): string[];
|
720 | }
|
721 |
|
722 | /**
|
723 | * Adds a blocking callback that runs before an auth state change
|
724 | * sets a new user.
|
725 | *
|
726 | * @param auth - The {@link Auth} instance.
|
727 | * @param callback - callback triggered before new user value is set.
|
728 | * If this throws, it blocks the user from being set.
|
729 | * @param onAbort - callback triggered if a later `beforeAuthStateChanged()`
|
730 | * callback throws, allowing you to undo any side effects.
|
731 | */
|
732 | export declare function beforeAuthStateChanged(auth: Auth, callback: (user: User | null) => void | Promise<void>, onAbort?: () => void): Unsubscribe;
|
733 |
|
734 | /**
|
735 | * An implementation of {@link Persistence} of type `LOCAL` using `localStorage`
|
736 | * for the underlying storage.
|
737 | *
|
738 | * @public
|
739 | */
|
740 | export declare const browserLocalPersistence: Persistence;
|
741 |
|
742 | /**
|
743 | * An implementation of {@link PopupRedirectResolver} suitable for browser
|
744 | * based applications.
|
745 | *
|
746 | * @remarks
|
747 | * This method does not work in a Node.js environment.
|
748 | *
|
749 | * @public
|
750 | */
|
751 | export declare const browserPopupRedirectResolver: PopupRedirectResolver;
|
752 |
|
753 | /**
|
754 | * An implementation of {@link Persistence} of `SESSION` using `sessionStorage`
|
755 | * for the underlying storage.
|
756 | *
|
757 | * @public
|
758 | */
|
759 | export declare const browserSessionPersistence: Persistence;
|
760 |
|
761 | /**
|
762 | * Checks a verification code sent to the user by email or other out-of-band mechanism.
|
763 | *
|
764 | * @returns metadata about the code.
|
765 | *
|
766 | * @param auth - The {@link Auth} instance.
|
767 | * @param oobCode - A verification code sent to the user.
|
768 | *
|
769 | * @public
|
770 | */
|
771 | export declare function checkActionCode(auth: Auth, oobCode: string): Promise<ActionCodeInfo>;
|
772 |
|
773 | /* Excluded from this release type: ClientPlatform */
|
774 | export { CompleteFn }
|
775 |
|
776 | /**
|
777 | * Interface representing the `Auth` config.
|
778 | *
|
779 | * @public
|
780 | */
|
781 | export declare interface Config {
|
782 | /**
|
783 | * The API Key used to communicate with the Firebase Auth backend.
|
784 | */
|
785 | apiKey: string;
|
786 | /**
|
787 | * The host at which the Firebase Auth backend is running.
|
788 | */
|
789 | apiHost: string;
|
790 | /**
|
791 | * The scheme used to communicate with the Firebase Auth backend.
|
792 | */
|
793 | apiScheme: string;
|
794 | /**
|
795 | * The host at which the Secure Token API is running.
|
796 | */
|
797 | tokenApiHost: string;
|
798 | /**
|
799 | * The SDK Client Version.
|
800 | */
|
801 | sdkClientVersion: string;
|
802 | /**
|
803 | * The domain at which the web widgets are hosted (provided via Firebase Config).
|
804 | */
|
805 | authDomain?: string;
|
806 | }
|
807 |
|
808 | /* Excluded from this release type: ConfigInternal */
|
809 |
|
810 | /**
|
811 | * A result from a phone number sign-in, link, or reauthenticate call.
|
812 | *
|
813 | * @public
|
814 | */
|
815 | export declare interface ConfirmationResult {
|
816 | /**
|
817 | * The phone number authentication operation's verification ID.
|
818 | *
|
819 | * @remarks
|
820 | * This can be used along with the verification code to initialize a
|
821 | * {@link PhoneAuthCredential}.
|
822 | */
|
823 | readonly verificationId: string;
|
824 | /**
|
825 | * Finishes a phone number sign-in, link, or reauthentication.
|
826 | *
|
827 | * @example
|
828 | * ```javascript
|
829 | * const confirmationResult = await signInWithPhoneNumber(auth, phoneNumber, applicationVerifier);
|
830 | * // Obtain verificationCode from the user.
|
831 | * const userCredential = await confirmationResult.confirm(verificationCode);
|
832 | * ```
|
833 | *
|
834 | * @param verificationCode - The code that was sent to the user's mobile device.
|
835 | */
|
836 | confirm(verificationCode: string): Promise<UserCredential>;
|
837 | }
|
838 |
|
839 | /**
|
840 | * Completes the password reset process, given a confirmation code and new password.
|
841 | *
|
842 | * @param auth - The {@link Auth} instance.
|
843 | * @param oobCode - A confirmation code sent to the user.
|
844 | * @param newPassword - The new password.
|
845 | *
|
846 | * @public
|
847 | */
|
848 | export declare function confirmPasswordReset(auth: Auth, oobCode: string, newPassword: string): Promise<void>;
|
849 |
|
850 | /**
|
851 | * Changes the {@link Auth} instance to communicate with the Firebase Auth Emulator, instead of production
|
852 | * Firebase Auth services.
|
853 | *
|
854 | * @remarks
|
855 | * This must be called synchronously immediately following the first call to
|
856 | * {@link initializeAuth}. Do not use with production credentials as emulator
|
857 | * traffic is not encrypted.
|
858 | *
|
859 | *
|
860 | * @example
|
861 | * ```javascript
|
862 | * connectAuthEmulator(auth, 'http://127.0.0.1:9099', { disableWarnings: true });
|
863 | * ```
|
864 | *
|
865 | * @param auth - The {@link Auth} instance.
|
866 | * @param url - The URL at which the emulator is running (eg, 'http://localhost:9099').
|
867 | * @param options - Optional. `options.disableWarnings` defaults to `false`. Set it to
|
868 | * `true` to disable the warning banner attached to the DOM.
|
869 | *
|
870 | * @public
|
871 | */
|
872 | export declare function connectAuthEmulator(auth: Auth, url: string, options?: {
|
873 | disableWarnings: boolean;
|
874 | }): void;
|
875 |
|
876 | /**
|
877 | * Creates a new user account associated with the specified email address and password.
|
878 | *
|
879 | * @remarks
|
880 | * On successful creation of the user account, this user will also be signed in to your application.
|
881 | *
|
882 | * User account creation can fail if the account already exists or the password is invalid.
|
883 | *
|
884 | * This method is not supported on {@link Auth} instances created with a
|
885 | * {@link @firebase/app#FirebaseServerApp}.
|
886 | *
|
887 | * Note: The email address acts as a unique identifier for the user and enables an email-based
|
888 | * password reset. This function will create a new user account and set the initial user password.
|
889 | *
|
890 | * @param auth - The {@link Auth} instance.
|
891 | * @param email - The user's email address.
|
892 | * @param password - The user's chosen password.
|
893 | *
|
894 | * @public
|
895 | */
|
896 | export declare function createUserWithEmailAndPassword(auth: Auth, email: string, password: string): Promise<UserCredential>;
|
897 |
|
898 | /**
|
899 | * Map of OAuth Custom Parameters.
|
900 | *
|
901 | * @public
|
902 | */
|
903 | export declare type CustomParameters = Record<string, string>;
|
904 |
|
905 | /**
|
906 | * A verbose error map with detailed descriptions for most error codes.
|
907 | *
|
908 | * See discussion at {@link AuthErrorMap}
|
909 | *
|
910 | * @public
|
911 | */
|
912 | export declare const debugErrorMap: AuthErrorMap;
|
913 |
|
914 | /**
|
915 | * Deletes and signs out the user.
|
916 | *
|
917 | * @remarks
|
918 | * Important: this is a security-sensitive operation that requires the user to have recently
|
919 | * signed in. If this requirement isn't met, ask the user to authenticate again and then call
|
920 | * {@link reauthenticateWithCredential}.
|
921 | *
|
922 | * @param user - The user.
|
923 | *
|
924 | * @public
|
925 | */
|
926 | export declare function deleteUser(user: User): Promise<void>;
|
927 |
|
928 | /**
|
929 | * The dependencies that can be used to initialize an {@link Auth} instance.
|
930 | *
|
931 | * @remarks
|
932 | *
|
933 | * The modular SDK enables tree shaking by allowing explicit declarations of
|
934 | * dependencies. For example, a web app does not need to include code that
|
935 | * enables Cordova redirect sign in. That functionality is therefore split into
|
936 | * {@link browserPopupRedirectResolver} and
|
937 | * {@link cordovaPopupRedirectResolver}. The dependencies object is how Auth is
|
938 | * configured to reduce bundle sizes.
|
939 | *
|
940 | * There are two ways to initialize an {@link Auth} instance: {@link getAuth} and
|
941 | * {@link initializeAuth}. `getAuth` initializes everything using
|
942 | * platform-specific configurations, while `initializeAuth` takes a
|
943 | * `Dependencies` object directly, giving you more control over what is used.
|
944 | *
|
945 | * @public
|
946 | */
|
947 | export declare interface Dependencies {
|
948 | /**
|
949 | * Which {@link Persistence} to use. If this is an array, the first
|
950 | * `Persistence` that the device supports is used. The SDK searches for an
|
951 | * existing account in order and, if one is found in a secondary
|
952 | * `Persistence`, the account is moved to the primary `Persistence`.
|
953 | *
|
954 | * If no persistence is provided, the SDK falls back on
|
955 | * {@link inMemoryPersistence}.
|
956 | */
|
957 | persistence?: Persistence | Persistence[];
|
958 | /**
|
959 | * The {@link PopupRedirectResolver} to use. This value depends on the
|
960 | * platform. Options are {@link browserPopupRedirectResolver} and
|
961 | * {@link cordovaPopupRedirectResolver}. This field is optional if neither
|
962 | * {@link signInWithPopup} or {@link signInWithRedirect} are being used.
|
963 | */
|
964 | popupRedirectResolver?: PopupRedirectResolver;
|
965 | /**
|
966 | * Which {@link AuthErrorMap} to use.
|
967 | */
|
968 | errorMap?: AuthErrorMap;
|
969 | }
|
970 |
|
971 | /**
|
972 | * Interface that represents the credentials returned by {@link EmailAuthProvider} for
|
973 | * {@link ProviderId}.PASSWORD
|
974 | *
|
975 | * @remarks
|
976 | * Covers both {@link SignInMethod}.EMAIL_PASSWORD and
|
977 | * {@link SignInMethod}.EMAIL_LINK.
|
978 | *
|
979 | * @public
|
980 | */
|
981 | export declare class EmailAuthCredential extends AuthCredential {
|
982 | /* Excluded from this release type: _email */
|
983 | /* Excluded from this release type: _password */
|
984 | /* Excluded from this release type: _tenantId */
|
985 | /* Excluded from this release type: __constructor */
|
986 | /* Excluded from this release type: _fromEmailAndPassword */
|
987 | /* Excluded from this release type: _fromEmailAndCode */
|
988 | /** {@inheritdoc AuthCredential.toJSON} */
|
989 | toJSON(): object;
|
990 | /**
|
991 | * Static method to deserialize a JSON representation of an object into an {@link AuthCredential}.
|
992 | *
|
993 | * @param json - Either `object` or the stringified representation of the object. When string is
|
994 | * provided, `JSON.parse` would be called first.
|
995 | *
|
996 | * @returns If the JSON input does not represent an {@link AuthCredential}, null is returned.
|
997 | */
|
998 | static fromJSON(json: object | string): EmailAuthCredential | null;
|
999 | /* Excluded from this release type: _getIdTokenResponse */
|
1000 | /* Excluded from this release type: _linkToIdToken */
|
1001 | /* Excluded from this release type: _getReauthenticationResolver */
|
1002 | }
|
1003 |
|
1004 | /**
|
1005 | * Provider for generating {@link EmailAuthCredential}.
|
1006 | *
|
1007 | * @public
|
1008 | */
|
1009 | export declare class EmailAuthProvider implements AuthProvider {
|
1010 | /**
|
1011 | * Always set to {@link ProviderId}.PASSWORD, even for email link.
|
1012 | */
|
1013 | static readonly PROVIDER_ID: 'password';
|
1014 | /**
|
1015 | * Always set to {@link SignInMethod}.EMAIL_PASSWORD.
|
1016 | */
|
1017 | static readonly EMAIL_PASSWORD_SIGN_IN_METHOD: 'password';
|
1018 | /**
|
1019 | * Always set to {@link SignInMethod}.EMAIL_LINK.
|
1020 | */
|
1021 | static readonly EMAIL_LINK_SIGN_IN_METHOD: 'emailLink';
|
1022 | /**
|
1023 | * Always set to {@link ProviderId}.PASSWORD, even for email link.
|
1024 | */
|
1025 | readonly providerId: "password";
|
1026 | /**
|
1027 | * Initialize an {@link AuthCredential} using an email and password.
|
1028 | *
|
1029 | * @example
|
1030 | * ```javascript
|
1031 | * const authCredential = EmailAuthProvider.credential(email, password);
|
1032 | * const userCredential = await signInWithCredential(auth, authCredential);
|
1033 | * ```
|
1034 | *
|
1035 | * @example
|
1036 | * ```javascript
|
1037 | * const userCredential = await signInWithEmailAndPassword(auth, email, password);
|
1038 | * ```
|
1039 | *
|
1040 | * @param email - Email address.
|
1041 | * @param password - User account password.
|
1042 | * @returns The auth provider credential.
|
1043 | */
|
1044 | static credential(email: string, password: string): EmailAuthCredential;
|
1045 | /**
|
1046 | * Initialize an {@link AuthCredential} using an email and an email link after a sign in with
|
1047 | * email link operation.
|
1048 | *
|
1049 | * @example
|
1050 | * ```javascript
|
1051 | * const authCredential = EmailAuthProvider.credentialWithLink(auth, email, emailLink);
|
1052 | * const userCredential = await signInWithCredential(auth, authCredential);
|
1053 | * ```
|
1054 | *
|
1055 | * @example
|
1056 | * ```javascript
|
1057 | * await sendSignInLinkToEmail(auth, email);
|
1058 | * // Obtain emailLink from user.
|
1059 | * const userCredential = await signInWithEmailLink(auth, email, emailLink);
|
1060 | * ```
|
1061 | *
|
1062 | * @param auth - The {@link Auth} instance used to verify the link.
|
1063 | * @param email - Email address.
|
1064 | * @param emailLink - Sign-in email link.
|
1065 | * @returns - The auth provider credential.
|
1066 | */
|
1067 | static credentialWithLink(email: string, emailLink: string): EmailAuthCredential;
|
1068 | }
|
1069 |
|
1070 | /**
|
1071 | * Configuration of Firebase Authentication Emulator.
|
1072 | * @public
|
1073 | */
|
1074 | export declare interface EmulatorConfig {
|
1075 | /**
|
1076 | * The protocol used to communicate with the emulator ("http"/"https").
|
1077 | */
|
1078 | readonly protocol: string;
|
1079 | /**
|
1080 | * The hostname of the emulator, which may be a domain ("localhost"), IPv4 address ("127.0.0.1")
|
1081 | * or quoted IPv6 address ("[::1]").
|
1082 | */
|
1083 | readonly host: string;
|
1084 | /**
|
1085 | * The port of the emulator, or null if port isn't specified (i.e. protocol default).
|
1086 | */
|
1087 | readonly port: number | null;
|
1088 | /**
|
1089 | * The emulator-specific options.
|
1090 | */
|
1091 | readonly options: {
|
1092 | /**
|
1093 | * Whether the warning banner attached to the DOM was disabled.
|
1094 | */
|
1095 | readonly disableWarnings: boolean;
|
1096 | };
|
1097 | }
|
1098 |
|
1099 | declare const enum EnforcementState {
|
1100 | ENFORCE = "ENFORCE",
|
1101 | AUDIT = "AUDIT",
|
1102 | OFF = "OFF",
|
1103 | ENFORCEMENT_STATE_UNSPECIFIED = "ENFORCEMENT_STATE_UNSPECIFIED"
|
1104 | }
|
1105 | export { ErrorFn }
|
1106 |
|
1107 | /* Excluded from this release type: EventManager */
|
1108 |
|
1109 | /**
|
1110 | * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.FACEBOOK.
|
1111 | *
|
1112 | * @example
|
1113 | * ```javascript
|
1114 | * // Sign in using a redirect.
|
1115 | * const provider = new FacebookAuthProvider();
|
1116 | * // Start a sign in process for an unauthenticated user.
|
1117 | * provider.addScope('user_birthday');
|
1118 | * await signInWithRedirect(auth, provider);
|
1119 | * // This will trigger a full page redirect away from your app
|
1120 | *
|
1121 | * // After returning from the redirect when your app initializes you can obtain the result
|
1122 | * const result = await getRedirectResult(auth);
|
1123 | * if (result) {
|
1124 | * // This is the signed-in user
|
1125 | * const user = result.user;
|
1126 | * // This gives you a Facebook Access Token.
|
1127 | * const credential = FacebookAuthProvider.credentialFromResult(result);
|
1128 | * const token = credential.accessToken;
|
1129 | * }
|
1130 | * ```
|
1131 | *
|
1132 | * @example
|
1133 | * ```javascript
|
1134 | * // Sign in using a popup.
|
1135 | * const provider = new FacebookAuthProvider();
|
1136 | * provider.addScope('user_birthday');
|
1137 | * const result = await signInWithPopup(auth, provider);
|
1138 | *
|
1139 | * // The signed-in user info.
|
1140 | * const user = result.user;
|
1141 | * // This gives you a Facebook Access Token.
|
1142 | * const credential = FacebookAuthProvider.credentialFromResult(result);
|
1143 | * const token = credential.accessToken;
|
1144 | * ```
|
1145 | *
|
1146 | * @public
|
1147 | */
|
1148 | export declare class FacebookAuthProvider extends BaseOAuthProvider {
|
1149 | /** Always set to {@link SignInMethod}.FACEBOOK. */
|
1150 | static readonly FACEBOOK_SIGN_IN_METHOD: 'facebook.com';
|
1151 | /** Always set to {@link ProviderId}.FACEBOOK. */
|
1152 | static readonly PROVIDER_ID: 'facebook.com';
|
1153 | constructor();
|
1154 | /**
|
1155 | * Creates a credential for Facebook.
|
1156 | *
|
1157 | * @example
|
1158 | * ```javascript
|
1159 | * // `event` from the Facebook auth.authResponseChange callback.
|
1160 | * const credential = FacebookAuthProvider.credential(event.authResponse.accessToken);
|
1161 | * const result = await signInWithCredential(credential);
|
1162 | * ```
|
1163 | *
|
1164 | * @param accessToken - Facebook access token.
|
1165 | */
|
1166 | static credential(accessToken: string): OAuthCredential;
|
1167 | /**
|
1168 | * Used to extract the underlying {from a { UserCredential}.
OAuthCredential} |
1169 | *
|
1170 | * userCredential - The user credential.
|
1171 | */
|
1172 | static credentialFromResult(userCredential: UserCredential): OAuthCredential | null;
|
1173 | /**
|
1174 | * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was
|
1175 | * thrown during a sign-in, link, or reauthenticate operation.
|
1176 | *
|
1177 | * @param userCredential - The user credential.
|
1178 | */
|
1179 | static credentialFromError(error: FirebaseError): OAuthCredential | null;
|
1180 | private static credentialFromTaggedObject;
|
1181 | }
|
1182 |
|
1183 | /**
|
1184 | * An enum of factors that may be used for multifactor authentication.
|
1185 | *
|
1186 | * @public
|
1187 | */
|
1188 | export declare const FactorId: {
|
1189 | /** Phone as second factor */
|
1190 | readonly PHONE: "phone";
|
1191 | readonly TOTP: "totp";
|
1192 | };
|
1193 |
|
1194 | /**
|
1195 | * The base class for all Federated providers (OAuth (including OIDC), SAML).
|
1196 | *
|
1197 | * This class is not meant to be instantiated directly.
|
1198 | *
|
1199 | * @public
|
1200 | */
|
1201 | declare abstract class FederatedAuthProvider implements AuthProvider {
|
1202 | readonly providerId: string;
|
1203 | /* Excluded from this release type: defaultLanguageCode */
|
1204 | /* Excluded from this release type: customParameters */
|
1205 | /**
|
1206 | * Constructor for generic OAuth providers.
|
1207 | *
|
1208 | * @param providerId - Provider for which credentials should be generated.
|
1209 | */
|
1210 | constructor(providerId: string);
|
1211 | /**
|
1212 | * Set the language gode.
|
1213 | *
|
1214 | * @param languageCode - language code
|
1215 | */
|
1216 | setDefaultLanguage(languageCode: string | null): void;
|
1217 | /**
|
1218 | * Sets the OAuth custom parameters to pass in an OAuth request for popup and redirect sign-in
|
1219 | * operations.
|
1220 | *
|
1221 | * @remarks
|
1222 | * For a detailed list, check the reserved required OAuth 2.0 parameters such as `client_id`,
|
1223 | * `redirect_uri`, `scope`, `response_type`, and `state` are not allowed and will be ignored.
|
1224 | *
|
1225 | * @param customOAuthParameters - The custom OAuth parameters to pass in the OAuth request.
|
1226 | */
|
1227 | setCustomParameters(customOAuthParameters: CustomParameters): AuthProvider;
|
1228 | /**
|
1229 | * Retrieve the current list of { CustomParameters}.
|
1230 | */
|
1231 | getCustomParameters(): CustomParameters;
|
1232 | }
|
1233 |
|
1234 | /**
|
1235 | * Gets the list of possible sign in methods for the given email address. This method returns an
|
1236 | * empty list when
|
1237 | * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}
|
1238 | * is enabled, irrespective of the number of authentication methods available for the given email.
|
1239 | *
|
1240 | * @remarks
|
1241 | * This is useful to differentiate methods of sign-in for the same provider, eg.
|
1242 | * {@link EmailAuthProvider} which has 2 methods of sign-in,
|
1243 | * {@link SignInMethod}.EMAIL_PASSWORD and
|
1244 | * {@link SignInMethod}.EMAIL_LINK.
|
1245 | *
|
1246 | * @param auth - The {@link Auth} instance.
|
1247 | * @param email - The user's email address.
|
1248 | *
|
1249 | * Deprecated. Migrating off of this method is recommended as a security best-practice.
|
1250 | * Learn more in the Identity Platform documentation for
|
1251 | * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}.
|
1252 | * @public
|
1253 | */
|
1254 | export declare function fetchSignInMethodsForEmail(auth: Auth, email: string): Promise<string[]>;
|
1255 |
|
1256 | declare interface FinalizeMfaResponse {
|
1257 | idToken: string;
|
1258 | refreshToken: string;
|
1259 | }
|
1260 |
|
1261 | /* Excluded from this release type: GenericAuthErrorParams */
|
1262 |
|
1263 | /**
|
1264 | * Extracts provider specific {@link AdditionalUserInfo} for the given credential.
|
1265 | *
|
1266 | * @param userCredential - The user credential.
|
1267 | *
|
1268 | * @public
|
1269 | */
|
1270 | export declare function getAdditionalUserInfo(userCredential: UserCredential): AdditionalUserInfo | null;
|
1271 |
|
1272 | /**
|
1273 | * Returns the Auth instance associated with the provided {@link @firebase/app#FirebaseApp}.
|
1274 | * If no instance exists, initializes an Auth instance with platform-specific default dependencies.
|
1275 | *
|
1276 | * @param app - The Firebase App.
|
1277 | *
|
1278 | * @public
|
1279 | */
|
1280 | export declare function getAuth(app?: FirebaseApp): Auth;
|
1281 |
|
1282 | /**
|
1283 | * Returns a JSON Web Token (JWT) used to identify the user to a Firebase service.
|
1284 | *
|
1285 | * @remarks
|
1286 | * Returns the current token if it has not expired or if it will not expire in the next five
|
1287 | * minutes. Otherwise, this will refresh the token and return a new one.
|
1288 | *
|
1289 | * @param user - The user.
|
1290 | * @param forceRefresh - Force refresh regardless of token expiration.
|
1291 | *
|
1292 | * @public
|
1293 | */
|
1294 | export declare function getIdToken(user: User, forceRefresh?: boolean): Promise<string>;
|
1295 |
|
1296 | /**
|
1297 | * Returns a deserialized JSON Web Token (JWT) used to identify the user to a Firebase service.
|
1298 | *
|
1299 | * @remarks
|
1300 | * Returns the current token if it has not expired or if it will not expire in the next five
|
1301 | * minutes. Otherwise, this will refresh the token and return a new one.
|
1302 | *
|
1303 | * @param user - The user.
|
1304 | * @param forceRefresh - Force refresh regardless of token expiration.
|
1305 | *
|
1306 | * @public
|
1307 | */
|
1308 | export declare function getIdTokenResult(user: User, forceRefresh?: boolean): Promise<IdTokenResult>;
|
1309 |
|
1310 | /**
|
1311 | * Provides a {@link MultiFactorResolver} suitable for completion of a
|
1312 | * multi-factor flow.
|
1313 | *
|
1314 | * @param auth - The {@link Auth} instance.
|
1315 | * @param error - The {@link MultiFactorError} raised during a sign-in, or
|
1316 | * reauthentication operation.
|
1317 | *
|
1318 | * @public
|
1319 | */
|
1320 | export declare function getMultiFactorResolver(auth: Auth, error: MultiFactorError): MultiFactorResolver;
|
1321 |
|
1322 | declare interface GetRecaptchaConfigResponse {
|
1323 | recaptchaKey: string;
|
1324 | recaptchaEnforcementState: RecaptchaEnforcementProviderState[];
|
1325 | }
|
1326 |
|
1327 | /**
|
1328 | * Returns a {@link UserCredential} from the redirect-based sign-in flow.
|
1329 | *
|
1330 | * @remarks
|
1331 | * If sign-in succeeded, returns the signed in user. If sign-in was unsuccessful, fails with an
|
1332 | * error. If no redirect operation was called, returns `null`.
|
1333 | *
|
1334 | * This method does not work in a Node.js environment or with {@link Auth} instances created with a
|
1335 | * {@link @firebase/app#FirebaseServerApp}.
|
1336 | *
|
1337 | * @example
|
1338 | * ```javascript
|
1339 | * // Sign in using a redirect.
|
1340 | * const provider = new FacebookAuthProvider();
|
1341 | * // You can add additional scopes to the provider:
|
1342 | * provider.addScope('user_birthday');
|
1343 | * // Start a sign in process for an unauthenticated user.
|
1344 | * await signInWithRedirect(auth, provider);
|
1345 | * // This will trigger a full page redirect away from your app
|
1346 | *
|
1347 | * // After returning from the redirect when your app initializes you can obtain the result
|
1348 | * const result = await getRedirectResult(auth);
|
1349 | * if (result) {
|
1350 | * // This is the signed-in user
|
1351 | * const user = result.user;
|
1352 | * // This gives you a Facebook Access Token.
|
1353 | * const credential = provider.credentialFromResult(auth, result);
|
1354 | * const token = credential.accessToken;
|
1355 | * }
|
1356 | * // As this API can be used for sign-in, linking and reauthentication,
|
1357 | * // check the operationType to determine what triggered this redirect
|
1358 | * // operation.
|
1359 | * const operationType = result.operationType;
|
1360 | * ```
|
1361 | *
|
1362 | * @param auth - The {@link Auth} instance.
|
1363 | * @param resolver - An instance of {@link PopupRedirectResolver}, optional
|
1364 | * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.
|
1365 | *
|
1366 | * @public
|
1367 | */
|
1368 | export declare function getRedirectResult(auth: Auth, resolver?: PopupRedirectResolver): Promise<UserCredential | null>;
|
1369 |
|
1370 | /**
|
1371 | * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.GITHUB.
|
1372 | *
|
1373 | * @remarks
|
1374 | * GitHub requires an OAuth 2.0 redirect, so you can either handle the redirect directly, or use
|
1375 | * the {@link signInWithPopup} handler:
|
1376 | *
|
1377 | * @example
|
1378 | * ```javascript
|
1379 | * // Sign in using a redirect.
|
1380 | * const provider = new GithubAuthProvider();
|
1381 | * // Start a sign in process for an unauthenticated user.
|
1382 | * provider.addScope('repo');
|
1383 | * await signInWithRedirect(auth, provider);
|
1384 | * // This will trigger a full page redirect away from your app
|
1385 | *
|
1386 | * // After returning from the redirect when your app initializes you can obtain the result
|
1387 | * const result = await getRedirectResult(auth);
|
1388 | * if (result) {
|
1389 | * // This is the signed-in user
|
1390 | * const user = result.user;
|
1391 | * // This gives you a GitHub Access Token.
|
1392 | * const credential = GithubAuthProvider.credentialFromResult(result);
|
1393 | * const token = credential.accessToken;
|
1394 | * }
|
1395 | * ```
|
1396 | *
|
1397 | * @example
|
1398 | * ```javascript
|
1399 | * // Sign in using a popup.
|
1400 | * const provider = new GithubAuthProvider();
|
1401 | * provider.addScope('repo');
|
1402 | * const result = await signInWithPopup(auth, provider);
|
1403 | *
|
1404 | * // The signed-in user info.
|
1405 | * const user = result.user;
|
1406 | * // This gives you a GitHub Access Token.
|
1407 | * const credential = GithubAuthProvider.credentialFromResult(result);
|
1408 | * const token = credential.accessToken;
|
1409 | * ```
|
1410 | * @public
|
1411 | */
|
1412 | export declare class GithubAuthProvider extends BaseOAuthProvider {
|
1413 | /** Always set to {@link SignInMethod}.GITHUB. */
|
1414 | static readonly GITHUB_SIGN_IN_METHOD: 'github.com';
|
1415 | /** Always set to {@link ProviderId}.GITHUB. */
|
1416 | static readonly PROVIDER_ID: 'github.com';
|
1417 | constructor();
|
1418 | /**
|
1419 | * Creates a credential for GitHub.
|
1420 | *
|
1421 | * @param accessToken - GitHub access token.
|
1422 | */
|
1423 | static credential(accessToken: string): OAuthCredential;
|
1424 | /**
|
1425 | * Used to extract the underlying {from a { UserCredential}.
OAuthCredential} |
1426 | *
|
1427 | * userCredential - The user credential.
|
1428 | */
|
1429 | static credentialFromResult(userCredential: UserCredential): OAuthCredential | null;
|
1430 | /**
|
1431 | * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was
|
1432 | * thrown during a sign-in, link, or reauthenticate operation.
|
1433 | *
|
1434 | * @param userCredential - The user credential.
|
1435 | */
|
1436 | static credentialFromError(error: FirebaseError): OAuthCredential | null;
|
1437 | private static credentialFromTaggedObject;
|
1438 | }
|
1439 |
|
1440 | /**
|
1441 | * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.GOOGLE.
|
1442 | *
|
1443 | * @example
|
1444 | * ```javascript
|
1445 | * // Sign in using a redirect.
|
1446 | * const provider = new GoogleAuthProvider();
|
1447 | * // Start a sign in process for an unauthenticated user.
|
1448 | * provider.addScope('profile');
|
1449 | * provider.addScope('email');
|
1450 | * await signInWithRedirect(auth, provider);
|
1451 | * // This will trigger a full page redirect away from your app
|
1452 | *
|
1453 | * // After returning from the redirect when your app initializes you can obtain the result
|
1454 | * const result = await getRedirectResult(auth);
|
1455 | * if (result) {
|
1456 | * // This is the signed-in user
|
1457 | * const user = result.user;
|
1458 | * // This gives you a Google Access Token.
|
1459 | * const credential = GoogleAuthProvider.credentialFromResult(result);
|
1460 | * const token = credential.accessToken;
|
1461 | * }
|
1462 | * ```
|
1463 | *
|
1464 | * @example
|
1465 | * ```javascript
|
1466 | * // Sign in using a popup.
|
1467 | * const provider = new GoogleAuthProvider();
|
1468 | * provider.addScope('profile');
|
1469 | * provider.addScope('email');
|
1470 | * const result = await signInWithPopup(auth, provider);
|
1471 | *
|
1472 | * // The signed-in user info.
|
1473 | * const user = result.user;
|
1474 | * // This gives you a Google Access Token.
|
1475 | * const credential = GoogleAuthProvider.credentialFromResult(result);
|
1476 | * const token = credential.accessToken;
|
1477 | * ```
|
1478 | *
|
1479 | * @public
|
1480 | */
|
1481 | export declare class GoogleAuthProvider extends BaseOAuthProvider {
|
1482 | /** Always set to {@link SignInMethod}.GOOGLE. */
|
1483 | static readonly GOOGLE_SIGN_IN_METHOD: 'google.com';
|
1484 | /** Always set to {@link ProviderId}.GOOGLE. */
|
1485 | static readonly PROVIDER_ID: 'google.com';
|
1486 | constructor();
|
1487 | /**
|
1488 | * Creates a credential for Google. At least one of ID token and access token is required.
|
1489 | *
|
1490 | * @example
|
1491 | * ```javascript
|
1492 | * // \`googleUser\` from the onsuccess Google Sign In callback.
|
1493 | * const credential = GoogleAuthProvider.credential(googleUser.getAuthResponse().id_token);
|
1494 | * const result = await signInWithCredential(credential);
|
1495 | * ```
|
1496 | *
|
1497 | * @param idToken - Google ID token.
|
1498 | * @param accessToken - Google access token.
|
1499 | */
|
1500 | static credential(idToken?: string | null, accessToken?: string | null): OAuthCredential;
|
1501 | /**
|
1502 | * Used to extract the underlying {from a { UserCredential}.
OAuthCredential} |
1503 | *
|
1504 | * userCredential - The user credential.
|
1505 | */
|
1506 | static credentialFromResult(userCredential: UserCredential): OAuthCredential | null;
|
1507 | /**
|
1508 | * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was
|
1509 | * thrown during a sign-in, link, or reauthenticate operation.
|
1510 | *
|
1511 | * @param userCredential - The user credential.
|
1512 | */
|
1513 | static credentialFromError(error: FirebaseError): OAuthCredential | null;
|
1514 | private static credentialFromTaggedObject;
|
1515 | }
|
1516 |
|
1517 | /**
|
1518 | * Raw encoded JWT
|
1519 | *
|
1520 | */
|
1521 | declare type IdToken = string;
|
1522 |
|
1523 | /* Excluded from this release type: IdTokenMfaResponse */
|
1524 |
|
1525 | /* Excluded from this release type: IdTokenResponse */
|
1526 |
|
1527 | /* Excluded from this release type: IdTokenResponseKind */
|
1528 |
|
1529 | /**
|
1530 | * Interface representing ID token result obtained from {@link User.getIdTokenResult}.
|
1531 | *
|
1532 | * @remarks
|
1533 | * `IdTokenResult` contains the ID token JWT string and other helper properties for getting different data
|
1534 | * associated with the token as well as all the decoded payload claims.
|
1535 | *
|
1536 | * Note that these claims are not to be trusted as they are parsed client side. Only server side
|
1537 | * verification can guarantee the integrity of the token claims.
|
1538 | *
|
1539 | * @public
|
1540 | */
|
1541 | export declare interface IdTokenResult {
|
1542 | /**
|
1543 | * The authentication time formatted as a UTC string.
|
1544 | *
|
1545 | * @remarks
|
1546 | * This is the time the user authenticated (signed in) and not the time the token was refreshed.
|
1547 | */
|
1548 | authTime: string;
|
1549 | /** The ID token expiration time formatted as a UTC string. */
|
1550 | expirationTime: string;
|
1551 | /** The ID token issuance time formatted as a UTC string. */
|
1552 | issuedAtTime: string;
|
1553 | /**
|
1554 | * The sign-in provider through which the ID token was obtained (anonymous, custom, phone,
|
1555 | * password, etc).
|
1556 | *
|
1557 | * @remarks
|
1558 | * Note, this does not map to provider IDs.
|
1559 | */
|
1560 | signInProvider: string | null;
|
1561 | /**
|
1562 | * The type of second factor associated with this session, provided the user was multi-factor
|
1563 | * authenticated (eg. phone, etc).
|
1564 | */
|
1565 | signInSecondFactor: string | null;
|
1566 | /** The Firebase Auth ID token JWT string. */
|
1567 | token: string;
|
1568 | /**
|
1569 | * The entire payload claims of the ID token including the standard reserved claims as well as
|
1570 | * the custom claims.
|
1571 | */
|
1572 | claims: ParsedToken;
|
1573 | }
|
1574 |
|
1575 | /**
|
1576 | * An implementation of {@link Persistence} of type `LOCAL` using `indexedDB`
|
1577 | * for the underlying storage.
|
1578 | *
|
1579 | * @public
|
1580 | */
|
1581 | export declare const indexedDBLocalPersistence: Persistence;
|
1582 |
|
1583 | /**
|
1584 | * Initializes an {@link Auth} instance with fine-grained control over
|
1585 | * {@link Dependencies}.
|
1586 | *
|
1587 | * @remarks
|
1588 | *
|
1589 | * This function allows more control over the {@link Auth} instance than
|
1590 | * {@link getAuth}. `getAuth` uses platform-specific defaults to supply
|
1591 | * the {@link Dependencies}. In general, `getAuth` is the easiest way to
|
1592 | * initialize Auth and works for most use cases. Use `initializeAuth` if you
|
1593 | * need control over which persistence layer is used, or to minimize bundle
|
1594 | * size if you're not using either `signInWithPopup` or `signInWithRedirect`.
|
1595 | *
|
1596 | * For example, if your app only uses anonymous accounts and you only want
|
1597 | * accounts saved for the current session, initialize `Auth` with:
|
1598 | *
|
1599 | * ```js
|
1600 | * const auth = initializeAuth(app, {
|
1601 | * persistence: browserSessionPersistence,
|
1602 | * popupRedirectResolver: undefined,
|
1603 | * });
|
1604 | * ```
|
1605 | *
|
1606 | * @public
|
1607 | */
|
1608 | export declare function initializeAuth(app: FirebaseApp, deps?: Dependencies): Auth;
|
1609 |
|
1610 | /**
|
1611 | * Loads the reCAPTCHA configuration into the `Auth` instance.
|
1612 | *
|
1613 | * @remarks
|
1614 | * This will load the reCAPTCHA config, which indicates whether the reCAPTCHA
|
1615 | * verification flow should be triggered for each auth provider, into the
|
1616 | * current Auth session.
|
1617 | *
|
1618 | * If initializeRecaptchaConfig() is not invoked, the auth flow will always start
|
1619 | * without reCAPTCHA verification. If the provider is configured to require reCAPTCHA
|
1620 | * verification, the SDK will transparently load the reCAPTCHA config and restart the
|
1621 | * auth flows.
|
1622 | *
|
1623 | * Thus, by calling this optional method, you will reduce the latency of future auth flows.
|
1624 | * Loading the reCAPTCHA config early will also enhance the signal collected by reCAPTCHA.
|
1625 | *
|
1626 | * This method does not work in a Node.js environment.
|
1627 | *
|
1628 | * @example
|
1629 | * ```javascript
|
1630 | * initializeRecaptchaConfig(auth);
|
1631 | * ```
|
1632 | *
|
1633 | * @param auth - The {@link Auth} instance.
|
1634 | *
|
1635 | * @public
|
1636 | */
|
1637 | export declare function initializeRecaptchaConfig(auth: Auth): Promise<void>;
|
1638 |
|
1639 | /**
|
1640 | * An implementation of {@link Persistence} of type 'NONE'.
|
1641 | *
|
1642 | * @public
|
1643 | */
|
1644 | export declare const inMemoryPersistence: Persistence;
|
1645 |
|
1646 | /**
|
1647 | * Checks if an incoming link is a sign-in with email link suitable for {@link signInWithEmailLink}.
|
1648 | *
|
1649 | * @param auth - The {@link Auth} instance.
|
1650 | * @param emailLink - The link sent to the user's email address.
|
1651 | *
|
1652 | * @public
|
1653 | */
|
1654 | export declare function isSignInWithEmailLink(auth: Auth, emailLink: string): boolean;
|
1655 |
|
1656 | /**
|
1657 | * Links the user account with the given credentials.
|
1658 | *
|
1659 | * @remarks
|
1660 | * An {@link AuthProvider} can be used to generate the credential.
|
1661 | *
|
1662 | * @param user - The user.
|
1663 | * @param credential - The auth credential.
|
1664 | *
|
1665 | * @public
|
1666 | */
|
1667 | export declare function linkWithCredential(user: User, credential: AuthCredential): Promise<UserCredential>;
|
1668 |
|
1669 | /**
|
1670 | * Links the user account with the given phone number.
|
1671 | *
|
1672 | * @remarks
|
1673 | * This method does not work in a Node.js environment.
|
1674 | *
|
1675 | * @param user - The user.
|
1676 | * @param phoneNumber - The user's phone number in E.164 format (e.g. +16505550101).
|
1677 | * @param appVerifier - The {@link ApplicationVerifier}.
|
1678 | *
|
1679 | * @public
|
1680 | */
|
1681 | export declare function linkWithPhoneNumber(user: User, phoneNumber: string, appVerifier: ApplicationVerifier): Promise<ConfirmationResult>;
|
1682 |
|
1683 | /**
|
1684 | * Links the authenticated provider to the user account using a pop-up based OAuth flow.
|
1685 | *
|
1686 | * @remarks
|
1687 | * If the linking is successful, the returned result will contain the user and the provider's credential.
|
1688 | *
|
1689 | * This method does not work in a Node.js environment.
|
1690 | *
|
1691 | * @example
|
1692 | * ```javascript
|
1693 | * // Sign in using some other provider.
|
1694 | * const result = await signInWithEmailAndPassword(auth, email, password);
|
1695 | * // Link using a popup.
|
1696 | * const provider = new FacebookAuthProvider();
|
1697 | * await linkWithPopup(result.user, provider);
|
1698 | * ```
|
1699 | *
|
1700 | * @param user - The user.
|
1701 | * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.
|
1702 | * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.
|
1703 | * @param resolver - An instance of {@link PopupRedirectResolver}, optional
|
1704 | * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.
|
1705 | *
|
1706 | * @public
|
1707 | */
|
1708 | export declare function linkWithPopup(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<UserCredential>;
|
1709 |
|
1710 | /**
|
1711 | * Links the {@link OAuthProvider} to the user account using a full-page redirect flow.
|
1712 | * @remarks
|
1713 | * To handle the results and errors for this operation, refer to {@link getRedirectResult}.
|
1714 | * Follow the {@link https://firebase.google.com/docs/auth/web/redirect-best-practices
|
1715 | * | best practices} when using {@link linkWithRedirect}.
|
1716 | *
|
1717 | * This method does not work in a Node.js environment or with {@link Auth} instances
|
1718 | * created with a {@link @firebase/app#FirebaseServerApp}.
|
1719 | *
|
1720 | * @example
|
1721 | * ```javascript
|
1722 | * // Sign in using some other provider.
|
1723 | * const result = await signInWithEmailAndPassword(auth, email, password);
|
1724 | * // Link using a redirect.
|
1725 | * const provider = new FacebookAuthProvider();
|
1726 | * await linkWithRedirect(result.user, provider);
|
1727 | * // This will trigger a full page redirect away from your app
|
1728 | *
|
1729 | * // After returning from the redirect when your app initializes you can obtain the result
|
1730 | * const result = await getRedirectResult(auth);
|
1731 | * ```
|
1732 | *
|
1733 | * @param user - The user.
|
1734 | * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.
|
1735 | * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.
|
1736 | * @param resolver - An instance of {@link PopupRedirectResolver}, optional
|
1737 | * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.
|
1738 | *
|
1739 | * @public
|
1740 | */
|
1741 | export declare function linkWithRedirect(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<never>;
|
1742 |
|
1743 | /**
|
1744 | * MfaEnrollment can be any subtype of BaseMfaEnrollment, currently only PhoneMfaEnrollment and TotpMfaEnrollment are supported.
|
1745 | */
|
1746 | declare type MfaEnrollment = PhoneMfaEnrollment | TotpMfaEnrollment;
|
1747 |
|
1748 | /**
|
1749 | * The {@link MultiFactorUser} corresponding to the user.
|
1750 | *
|
1751 | * @remarks
|
1752 | * This is used to access all multi-factor properties and operations related to the user.
|
1753 | *
|
1754 | * @param user - The user.
|
1755 | *
|
1756 | * @public
|
1757 | */
|
1758 | export declare function multiFactor(user: User): MultiFactorUser;
|
1759 |
|
1760 | /**
|
1761 | * The base class for asserting ownership of a second factor.
|
1762 | *
|
1763 | * @remarks
|
1764 | * This is used to facilitate enrollment of a second factor on an existing user or sign-in of a
|
1765 | * user who already verified the first factor.
|
1766 | *
|
1767 | * @public
|
1768 | */
|
1769 | export declare interface MultiFactorAssertion {
|
1770 | /** The identifier of the second factor. */
|
1771 | readonly factorId: (typeof FactorId)[keyof typeof FactorId];
|
1772 | }
|
1773 |
|
1774 | /**
|
1775 | * The error thrown when the user needs to provide a second factor to sign in successfully.
|
1776 | *
|
1777 | * @remarks
|
1778 | * The error code for this error is `auth/multi-factor-auth-required`.
|
1779 | *
|
1780 | * @example
|
1781 | * ```javascript
|
1782 | * let resolver;
|
1783 | * let multiFactorHints;
|
1784 | *
|
1785 | * signInWithEmailAndPassword(auth, email, password)
|
1786 | * .then((result) => {
|
1787 | * // User signed in. No 2nd factor challenge is needed.
|
1788 | * })
|
1789 | * .catch((error) => {
|
1790 | * if (error.code == 'auth/multi-factor-auth-required') {
|
1791 | * resolver = getMultiFactorResolver(auth, error);
|
1792 | * multiFactorHints = resolver.hints;
|
1793 | * } else {
|
1794 | * // Handle other errors.
|
1795 | * }
|
1796 | * });
|
1797 | *
|
1798 | * // Obtain a multiFactorAssertion by verifying the second factor.
|
1799 | *
|
1800 | * const userCredential = await resolver.resolveSignIn(multiFactorAssertion);
|
1801 | * ```
|
1802 | *
|
1803 | * @public
|
1804 | */
|
1805 | export declare interface MultiFactorError extends AuthError {
|
1806 | /** Details about the MultiFactorError. */
|
1807 | readonly customData: AuthError['customData'] & {
|
1808 | /**
|
1809 | * The type of operation (sign-in, linking, or re-authentication) that raised the error.
|
1810 | */
|
1811 | readonly operationType: (typeof OperationType)[keyof typeof OperationType];
|
1812 | };
|
1813 | }
|
1814 |
|
1815 | /**
|
1816 | * A structure containing the information of a second factor entity.
|
1817 | *
|
1818 | * @public
|
1819 | */
|
1820 | export declare interface MultiFactorInfo {
|
1821 | /** The multi-factor enrollment ID. */
|
1822 | readonly uid: string;
|
1823 | /** The user friendly name of the current second factor. */
|
1824 | readonly displayName?: string | null;
|
1825 | /** The enrollment date of the second factor formatted as a UTC string. */
|
1826 | readonly enrollmentTime: string;
|
1827 | /** The identifier of the second factor. */
|
1828 | readonly factorId: (typeof FactorId)[keyof typeof FactorId];
|
1829 | }
|
1830 |
|
1831 | /**
|
1832 | * The class used to facilitate recovery from {@link MultiFactorError} when a user needs to
|
1833 | * provide a second factor to sign in.
|
1834 | *
|
1835 | * @example
|
1836 | * ```javascript
|
1837 | * let resolver;
|
1838 | * let multiFactorHints;
|
1839 | *
|
1840 | * signInWithEmailAndPassword(auth, email, password)
|
1841 | * .then((result) => {
|
1842 | * // User signed in. No 2nd factor challenge is needed.
|
1843 | * })
|
1844 | * .catch((error) => {
|
1845 | * if (error.code == 'auth/multi-factor-auth-required') {
|
1846 | * resolver = getMultiFactorResolver(auth, error);
|
1847 | * // Show UI to let user select second factor.
|
1848 | * multiFactorHints = resolver.hints;
|
1849 | * } else {
|
1850 | * // Handle other errors.
|
1851 | * }
|
1852 | * });
|
1853 | *
|
1854 | * // The enrolled second factors that can be used to complete
|
1855 | * // sign-in are returned in the `MultiFactorResolver.hints` list.
|
1856 | * // UI needs to be presented to allow the user to select a second factor
|
1857 | * // from that list.
|
1858 | *
|
1859 | * const selectedHint = // ; selected from multiFactorHints
|
1860 | * const phoneAuthProvider = new PhoneAuthProvider(auth);
|
1861 | * const phoneInfoOptions = {
|
1862 | * multiFactorHint: selectedHint,
|
1863 | * session: resolver.session
|
1864 | * };
|
1865 | * const verificationId = phoneAuthProvider.verifyPhoneNumber(phoneInfoOptions, appVerifier);
|
1866 | * // Store `verificationId` and show UI to let user enter verification code.
|
1867 | *
|
1868 | * // UI to enter verification code and continue.
|
1869 | * // Continue button click handler
|
1870 | * const phoneAuthCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
|
1871 | * const multiFactorAssertion = PhoneMultiFactorGenerator.assertion(phoneAuthCredential);
|
1872 | * const userCredential = await resolver.resolveSignIn(multiFactorAssertion);
|
1873 | * ```
|
1874 | *
|
1875 | * @public
|
1876 | */
|
1877 | export declare interface MultiFactorResolver {
|
1878 | /**
|
1879 | * The list of hints for the second factors needed to complete the sign-in for the current
|
1880 | * session.
|
1881 | */
|
1882 | readonly hints: MultiFactorInfo[];
|
1883 | /**
|
1884 | * The session identifier for the current sign-in flow, which can be used to complete the second
|
1885 | * factor sign-in.
|
1886 | */
|
1887 | readonly session: MultiFactorSession;
|
1888 | /**
|
1889 | * A helper function to help users complete sign in with a second factor using an
|
1890 | * {@link MultiFactorAssertion} confirming the user successfully completed the second factor
|
1891 | * challenge.
|
1892 | *
|
1893 | * @example
|
1894 | * ```javascript
|
1895 | * const phoneAuthCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
|
1896 | * const multiFactorAssertion = PhoneMultiFactorGenerator.assertion(phoneAuthCredential);
|
1897 | * const userCredential = await resolver.resolveSignIn(multiFactorAssertion);
|
1898 | * ```
|
1899 | *
|
1900 | * @param assertion - The multi-factor assertion to resolve sign-in with.
|
1901 | * @returns The promise that resolves with the user credential object.
|
1902 | */
|
1903 | resolveSignIn(assertion: MultiFactorAssertion): Promise<UserCredential>;
|
1904 | }
|
1905 |
|
1906 | /**
|
1907 | * An interface defining the multi-factor session object used for enrolling a second factor on a
|
1908 | * user or helping sign in an enrolled user with a second factor.
|
1909 | *
|
1910 | * @public
|
1911 | */
|
1912 | export declare interface MultiFactorSession {
|
1913 | }
|
1914 |
|
1915 | /**
|
1916 | * An interface that defines the multi-factor related properties and operations pertaining
|
1917 | * to a {@link User}.
|
1918 | *
|
1919 | * @public
|
1920 | */
|
1921 | export declare interface MultiFactorUser {
|
1922 | /** Returns a list of the user's enrolled second factors. */
|
1923 | readonly enrolledFactors: MultiFactorInfo[];
|
1924 | /**
|
1925 | * Returns the session identifier for a second factor enrollment operation. This is used to
|
1926 | * identify the user trying to enroll a second factor.
|
1927 | *
|
1928 | * @example
|
1929 | * ```javascript
|
1930 | * const multiFactorUser = multiFactor(auth.currentUser);
|
1931 | * const multiFactorSession = await multiFactorUser.getSession();
|
1932 | *
|
1933 | * // Send verification code.
|
1934 | * const phoneAuthProvider = new PhoneAuthProvider(auth);
|
1935 | * const phoneInfoOptions = {
|
1936 | * phoneNumber: phoneNumber,
|
1937 | * session: multiFactorSession
|
1938 | * };
|
1939 | * const verificationId = await phoneAuthProvider.verifyPhoneNumber(phoneInfoOptions, appVerifier);
|
1940 | *
|
1941 | * // Obtain verification code from user.
|
1942 | * const phoneAuthCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
|
1943 | * const multiFactorAssertion = PhoneMultiFactorGenerator.assertion(phoneAuthCredential);
|
1944 | * await multiFactorUser.enroll(multiFactorAssertion);
|
1945 | * ```
|
1946 | *
|
1947 | * @returns The promise that resolves with the {@link MultiFactorSession}.
|
1948 | */
|
1949 | getSession(): Promise<MultiFactorSession>;
|
1950 | /**
|
1951 | *
|
1952 | * Enrolls a second factor as identified by the {@link MultiFactorAssertion} for the
|
1953 | * user.
|
1954 | *
|
1955 | * @remarks
|
1956 | * On resolution, the user tokens are updated to reflect the change in the JWT payload.
|
1957 | * Accepts an additional display name parameter used to identify the second factor to the end
|
1958 | * user. Recent re-authentication is required for this operation to succeed. On successful
|
1959 | * enrollment, existing Firebase sessions (refresh tokens) are revoked. When a new factor is
|
1960 | * enrolled, an email notification is sent to the user’s email.
|
1961 | *
|
1962 | * @example
|
1963 | * ```javascript
|
1964 | * const multiFactorUser = multiFactor(auth.currentUser);
|
1965 | * const multiFactorSession = await multiFactorUser.getSession();
|
1966 | *
|
1967 | * // Send verification code.
|
1968 | * const phoneAuthProvider = new PhoneAuthProvider(auth);
|
1969 | * const phoneInfoOptions = {
|
1970 | * phoneNumber: phoneNumber,
|
1971 | * session: multiFactorSession
|
1972 | * };
|
1973 | * const verificationId = await phoneAuthProvider.verifyPhoneNumber(phoneInfoOptions, appVerifier);
|
1974 | *
|
1975 | * // Obtain verification code from user.
|
1976 | * const phoneAuthCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
|
1977 | * const multiFactorAssertion = PhoneMultiFactorGenerator.assertion(phoneAuthCredential);
|
1978 | * await multiFactorUser.enroll(multiFactorAssertion);
|
1979 | * // Second factor enrolled.
|
1980 | * ```
|
1981 | *
|
1982 | * @param assertion - The multi-factor assertion to enroll with.
|
1983 | * @param displayName - The display name of the second factor.
|
1984 | */
|
1985 | enroll(assertion: MultiFactorAssertion, displayName?: string | null): Promise<void>;
|
1986 | /**
|
1987 | * Unenrolls the specified second factor.
|
1988 | *
|
1989 | * @remarks
|
1990 | * To specify the factor to remove, pass a {@link MultiFactorInfo} object (retrieved from
|
1991 | * {@link MultiFactorUser.enrolledFactors}) or the
|
1992 | * factor's UID string. Sessions are not revoked when the account is unenrolled. An email
|
1993 | * notification is likely to be sent to the user notifying them of the change. Recent
|
1994 | * re-authentication is required for this operation to succeed. When an existing factor is
|
1995 | * unenrolled, an email notification is sent to the user’s email.
|
1996 | *
|
1997 | * @example
|
1998 | * ```javascript
|
1999 | * const multiFactorUser = multiFactor(auth.currentUser);
|
2000 | * // Present user the option to choose which factor to unenroll.
|
2001 | * await multiFactorUser.unenroll(multiFactorUser.enrolledFactors[i])
|
2002 | * ```
|
2003 | *
|
2004 | * @param option - The multi-factor option to unenroll.
|
2005 | * @returns - A `Promise` which resolves when the unenroll operation is complete.
|
2006 | */
|
2007 | unenroll(option: MultiFactorInfo | string): Promise<void>;
|
2008 | }
|
2009 |
|
2010 | declare type MutableUserInfo = {
|
2011 | -readonly [K in keyof UserInfo]: UserInfo[K];
|
2012 | };
|
2013 | export { NextFn }
|
2014 |
|
2015 | /**
|
2016 | * Type definition for an event callback.
|
2017 | *
|
2018 | * @privateRemarks TODO(avolkovi): should we consolidate with Subscribe<T> since we're changing the API anyway?
|
2019 | *
|
2020 | * @public
|
2021 | */
|
2022 | export declare type NextOrObserver<T> = NextFn<T | null> | Observer<T | null>;
|
2023 |
|
2024 | /**
|
2025 | * Represents the OAuth credentials returned by an {@link OAuthProvider}.
|
2026 | *
|
2027 | * @remarks
|
2028 | * Implementations specify the details about each auth provider's credential requirements.
|
2029 | *
|
2030 | * @public
|
2031 | */
|
2032 | export declare class OAuthCredential extends AuthCredential {
|
2033 | /**
|
2034 | * The OAuth ID token associated with the credential if it belongs to an OIDC provider,
|
2035 | * such as `google.com`.
|
2036 | * @readonly
|
2037 | */
|
2038 | idToken?: string;
|
2039 | /**
|
2040 | * The OAuth access token associated with the credential if it belongs to an
|
2041 | * {@link OAuthProvider}, such as `facebook.com`, `twitter.com`, etc.
|
2042 | * @readonly
|
2043 | */
|
2044 | accessToken?: string;
|
2045 | /**
|
2046 | * The OAuth access token secret associated with the credential if it belongs to an OAuth 1.0
|
2047 | * provider, such as `twitter.com`.
|
2048 | * @readonly
|
2049 | */
|
2050 | secret?: string;
|
2051 | private nonce?;
|
2052 | private pendingToken;
|
2053 | /* Excluded from this release type: _fromParams */
|
2054 | /** {@inheritdoc AuthCredential.toJSON} */
|
2055 | toJSON(): object;
|
2056 | /**
|
2057 | * Static method to deserialize a JSON representation of an object into an
|
2058 | * {@link AuthCredential}.
|
2059 | *
|
2060 | * @param json - Input can be either Object or the stringified representation of the object.
|
2061 | * When string is provided, JSON.parse would be called first.
|
2062 | *
|
2063 | * @returns If the JSON input does not represent an {@link AuthCredential}, null is returned.
|
2064 | */
|
2065 | static fromJSON(json: string | object): OAuthCredential | null;
|
2066 | /* Excluded from this release type: _getIdTokenResponse */
|
2067 | /* Excluded from this release type: _linkToIdToken */
|
2068 | /* Excluded from this release type: _getReauthenticationResolver */
|
2069 | private buildRequest;
|
2070 | }
|
2071 |
|
2072 | /**
|
2073 | * Defines the options for initializing an {@link OAuthCredential}.
|
2074 | *
|
2075 | * @remarks
|
2076 | * For ID tokens with nonce claim, the raw nonce has to also be provided.
|
2077 | *
|
2078 | * @public
|
2079 | */
|
2080 | export declare interface OAuthCredentialOptions {
|
2081 | /**
|
2082 | * The OAuth ID token used to initialize the {@link OAuthCredential}.
|
2083 | */
|
2084 | idToken?: string;
|
2085 | /**
|
2086 | * The OAuth access token used to initialize the {@link OAuthCredential}.
|
2087 | */
|
2088 | accessToken?: string;
|
2089 | /**
|
2090 | * The raw nonce associated with the ID token.
|
2091 | *
|
2092 | * @remarks
|
2093 | * It is required when an ID token with a nonce field is provided. The SHA-256 hash of the
|
2094 | * raw nonce must match the nonce field in the ID token.
|
2095 | */
|
2096 | rawNonce?: string;
|
2097 | }
|
2098 |
|
2099 | declare interface OAuthCredentialParams {
|
2100 | idToken?: string | null;
|
2101 | accessToken?: string | null;
|
2102 | oauthToken?: string;
|
2103 | secret?: string;
|
2104 | oauthTokenSecret?: string;
|
2105 | nonce?: string;
|
2106 | pendingToken?: string;
|
2107 | providerId: string;
|
2108 | signInMethod: string;
|
2109 | }
|
2110 |
|
2111 | /**
|
2112 | * Provider for generating generic {@link OAuthCredential}.
|
2113 | *
|
2114 | * @example
|
2115 | * ```javascript
|
2116 | * // Sign in using a redirect.
|
2117 | * const provider = new OAuthProvider('google.com');
|
2118 | * // Start a sign in process for an unauthenticated user.
|
2119 | * provider.addScope('profile');
|
2120 | * provider.addScope('email');
|
2121 | * await signInWithRedirect(auth, provider);
|
2122 | * // This will trigger a full page redirect away from your app
|
2123 | *
|
2124 | * // After returning from the redirect when your app initializes you can obtain the result
|
2125 | * const result = await getRedirectResult(auth);
|
2126 | * if (result) {
|
2127 | * // This is the signed-in user
|
2128 | * const user = result.user;
|
2129 | * // This gives you a OAuth Access Token for the provider.
|
2130 | * const credential = provider.credentialFromResult(auth, result);
|
2131 | * const token = credential.accessToken;
|
2132 | * }
|
2133 | * ```
|
2134 | *
|
2135 | * @example
|
2136 | * ```javascript
|
2137 | * // Sign in using a popup.
|
2138 | * const provider = new OAuthProvider('google.com');
|
2139 | * provider.addScope('profile');
|
2140 | * provider.addScope('email');
|
2141 | * const result = await signInWithPopup(auth, provider);
|
2142 | *
|
2143 | * // The signed-in user info.
|
2144 | * const user = result.user;
|
2145 | * // This gives you a OAuth Access Token for the provider.
|
2146 | * const credential = provider.credentialFromResult(auth, result);
|
2147 | * const token = credential.accessToken;
|
2148 | * ```
|
2149 | * @public
|
2150 | */
|
2151 | export declare class OAuthProvider extends BaseOAuthProvider {
|
2152 | /**
|
2153 | * Creates an {@link OAuthCredential} from a JSON string or a plain object.
|
2154 | * @param json - A plain object or a JSON string
|
2155 | */
|
2156 | static credentialFromJSON(json: object | string): OAuthCredential;
|
2157 | /**
|
2158 | * Creates a {@link OAuthCredential} from a generic OAuth provider's access token or ID token.
|
2159 | *
|
2160 | * @remarks
|
2161 | * The raw nonce is required when an ID token with a nonce field is provided. The SHA-256 hash of
|
2162 | * the raw nonce must match the nonce field in the ID token.
|
2163 | *
|
2164 | * @example
|
2165 | * ```javascript
|
2166 | * // `googleUser` from the onsuccess Google Sign In callback.
|
2167 | * // Initialize a generate OAuth provider with a `google.com` providerId.
|
2168 | * const provider = new OAuthProvider('google.com');
|
2169 | * const credential = provider.credential({
|
2170 | * idToken: googleUser.getAuthResponse().id_token,
|
2171 | * });
|
2172 | * const result = await signInWithCredential(credential);
|
2173 | * ```
|
2174 | *
|
2175 | * @param params - Either the options object containing the ID token, access token and raw nonce
|
2176 | * or the ID token string.
|
2177 | */
|
2178 | credential(params: OAuthCredentialOptions): OAuthCredential;
|
2179 | /** An internal credential method that accepts more permissive options */
|
2180 | private _credential;
|
2181 | /**
|
2182 | * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}.
|
2183 | *
|
2184 | * @param userCredential - The user credential.
|
2185 | */
|
2186 | static credentialFromResult(userCredential: UserCredential): OAuthCredential | null;
|
2187 | /**
|
2188 | * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was
|
2189 | * thrown during a sign-in, link, or reauthenticate operation.
|
2190 | *
|
2191 | * @param userCredential - The user credential.
|
2192 | */
|
2193 | static credentialFromError(error: FirebaseError): OAuthCredential | null;
|
2194 | private static oauthCredentialFromTaggedObject;
|
2195 | }
|
2196 |
|
2197 | /**
|
2198 | * Adds an observer for changes to the user's sign-in state.
|
2199 | *
|
2200 | * @remarks
|
2201 | * To keep the old behavior, see {@link onIdTokenChanged}.
|
2202 | *
|
2203 | * @param auth - The {@link Auth} instance.
|
2204 | * @param nextOrObserver - callback triggered on change.
|
2205 | * @param error - Deprecated. This callback is never triggered. Errors
|
2206 | * on signing in/out can be caught in promises returned from
|
2207 | * sign-in/sign-out functions.
|
2208 | * @param completed - Deprecated. This callback is never triggered.
|
2209 | *
|
2210 | * @public
|
2211 | */
|
2212 | export declare function onAuthStateChanged(auth: Auth, nextOrObserver: NextOrObserver<User>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe;
|
2213 |
|
2214 | /**
|
2215 | * Adds an observer for changes to the signed-in user's ID token.
|
2216 | *
|
2217 | * @remarks
|
2218 | * This includes sign-in, sign-out, and token refresh events.
|
2219 | * This will not be triggered automatically upon ID token expiration. Use {@link User.getIdToken} to refresh the ID token.
|
2220 | *
|
2221 | * @param auth - The {@link Auth} instance.
|
2222 | * @param nextOrObserver - callback triggered on change.
|
2223 | * @param error - Deprecated. This callback is never triggered. Errors
|
2224 | * on signing in/out can be caught in promises returned from
|
2225 | * sign-in/sign-out functions.
|
2226 | * @param completed - Deprecated. This callback is never triggered.
|
2227 | *
|
2228 | * @public
|
2229 | */
|
2230 | export declare function onIdTokenChanged(auth: Auth, nextOrObserver: NextOrObserver<User>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe;
|
2231 |
|
2232 | /**
|
2233 | * Enumeration of supported operation types.
|
2234 | *
|
2235 | * @public
|
2236 | */
|
2237 | export declare const OperationType: {
|
2238 | /** Operation involving linking an additional provider to an already signed-in user. */
|
2239 | readonly LINK: "link";
|
2240 | /** Operation involving using a provider to reauthenticate an already signed-in user. */
|
2241 | readonly REAUTHENTICATE: "reauthenticate";
|
2242 | /** Operation involving signing in a user. */
|
2243 | readonly SIGN_IN: "signIn";
|
2244 | };
|
2245 |
|
2246 | /**
|
2247 | * Parses the email action link string and returns an {@link ActionCodeURL} if
|
2248 | * the link is valid, otherwise returns null.
|
2249 | *
|
2250 | * @public
|
2251 | */
|
2252 | export declare function parseActionCodeURL(link: string): ActionCodeURL | null;
|
2253 |
|
2254 | /**
|
2255 | * Interface representing a parsed ID token.
|
2256 | *
|
2257 | * @privateRemarks TODO(avolkovi): consolidate with parsed_token in implementation.
|
2258 | *
|
2259 | * @public
|
2260 | */
|
2261 | export declare interface ParsedToken {
|
2262 | /** Expiration time of the token. */
|
2263 | 'exp'?: string;
|
2264 | /** UID of the user. */
|
2265 | 'sub'?: string;
|
2266 | /** Time at which authentication was performed. */
|
2267 | 'auth_time'?: string;
|
2268 | /** Issuance time of the token. */
|
2269 | 'iat'?: string;
|
2270 | /** Firebase specific claims, containing the provider(s) used to authenticate the user. */
|
2271 | 'firebase'?: {
|
2272 | 'sign_in_provider'?: string;
|
2273 | 'sign_in_second_factor'?: string;
|
2274 | 'identities'?: Record<string, string>;
|
2275 | };
|
2276 | /** Map of any additional custom claims. */
|
2277 | [key: string]: unknown;
|
2278 | }
|
2279 |
|
2280 | /**
|
2281 | * A structure specifying password policy requirements.
|
2282 | *
|
2283 | * @public
|
2284 | */
|
2285 | export declare interface PasswordPolicy {
|
2286 | /**
|
2287 | * Requirements enforced by this password policy.
|
2288 | */
|
2289 | readonly customStrengthOptions: {
|
2290 | /**
|
2291 | * Minimum password length, or undefined if not configured.
|
2292 | */
|
2293 | readonly minPasswordLength?: number;
|
2294 | /**
|
2295 | * Maximum password length, or undefined if not configured.
|
2296 | */
|
2297 | readonly maxPasswordLength?: number;
|
2298 | /**
|
2299 | * Whether the password should contain a lowercase letter, or undefined if not configured.
|
2300 | */
|
2301 | readonly containsLowercaseLetter?: boolean;
|
2302 | /**
|
2303 | * Whether the password should contain an uppercase letter, or undefined if not configured.
|
2304 | */
|
2305 | readonly containsUppercaseLetter?: boolean;
|
2306 | /**
|
2307 | * Whether the password should contain a numeric character, or undefined if not configured.
|
2308 | */
|
2309 | readonly containsNumericCharacter?: boolean;
|
2310 | /**
|
2311 | * Whether the password should contain a non-alphanumeric character, or undefined if not configured.
|
2312 | */
|
2313 | readonly containsNonAlphanumericCharacter?: boolean;
|
2314 | };
|
2315 | /**
|
2316 | * List of characters that are considered non-alphanumeric during validation.
|
2317 | */
|
2318 | readonly allowedNonAlphanumericCharacters: string;
|
2319 | /**
|
2320 | * The enforcement state of the policy. Can be 'OFF' or 'ENFORCE'.
|
2321 | */
|
2322 | readonly enforcementState: string;
|
2323 | /**
|
2324 | * Whether existing passwords must meet the policy.
|
2325 | */
|
2326 | readonly forceUpgradeOnSignin: boolean;
|
2327 | }
|
2328 |
|
2329 | /* Excluded from this release type: PasswordPolicyCustomStrengthOptions */
|
2330 |
|
2331 | /* Excluded from this release type: PasswordPolicyInternal */
|
2332 |
|
2333 | /**
|
2334 | * A structure indicating which password policy requirements were met or violated and what the
|
2335 | * requirements are.
|
2336 | *
|
2337 | * @public
|
2338 | */
|
2339 | export declare interface PasswordValidationStatus {
|
2340 | /**
|
2341 | * Whether the password meets all requirements.
|
2342 | */
|
2343 | readonly isValid: boolean;
|
2344 | /**
|
2345 | * Whether the password meets the minimum password length, or undefined if not required.
|
2346 | */
|
2347 | readonly meetsMinPasswordLength?: boolean;
|
2348 | /**
|
2349 | * Whether the password meets the maximum password length, or undefined if not required.
|
2350 | */
|
2351 | readonly meetsMaxPasswordLength?: boolean;
|
2352 | /**
|
2353 | * Whether the password contains a lowercase letter, or undefined if not required.
|
2354 | */
|
2355 | readonly containsLowercaseLetter?: boolean;
|
2356 | /**
|
2357 | * Whether the password contains an uppercase letter, or undefined if not required.
|
2358 | */
|
2359 | readonly containsUppercaseLetter?: boolean;
|
2360 | /**
|
2361 | * Whether the password contains a numeric character, or undefined if not required.
|
2362 | */
|
2363 | readonly containsNumericCharacter?: boolean;
|
2364 | /**
|
2365 | * Whether the password contains a non-alphanumeric character, or undefined if not required.
|
2366 | */
|
2367 | readonly containsNonAlphanumericCharacter?: boolean;
|
2368 | /**
|
2369 | * The policy used to validate the password.
|
2370 | */
|
2371 | readonly passwordPolicy: PasswordPolicy;
|
2372 | }
|
2373 |
|
2374 | declare type PersistedBlob = Record<string, unknown>;
|
2375 |
|
2376 | /**
|
2377 | * An interface covering the possible persistence mechanism types.
|
2378 | *
|
2379 | * @public
|
2380 | */
|
2381 | export declare interface Persistence {
|
2382 | /**
|
2383 | * Type of Persistence.
|
2384 | * - 'SESSION' is used for temporary persistence such as `sessionStorage`.
|
2385 | * - 'LOCAL' is used for long term persistence such as `localStorage` or `IndexedDB`.
|
2386 | * - 'NONE' is used for in-memory, or no persistence.
|
2387 | */
|
2388 | readonly type: 'SESSION' | 'LOCAL' | 'NONE';
|
2389 | }
|
2390 |
|
2391 | /**
|
2392 | * Represents the credentials returned by {@link PhoneAuthProvider}.
|
2393 | *
|
2394 | * @public
|
2395 | */
|
2396 | export declare class PhoneAuthCredential extends AuthCredential {
|
2397 | private readonly params;
|
2398 | private constructor();
|
2399 | /* Excluded from this release type: _fromVerification */
|
2400 | /* Excluded from this release type: _fromTokenResponse */
|
2401 | /* Excluded from this release type: _getIdTokenResponse */
|
2402 | /* Excluded from this release type: _linkToIdToken */
|
2403 | /* Excluded from this release type: _getReauthenticationResolver */
|
2404 | /* Excluded from this release type: _makeVerificationRequest */
|
2405 | /** {@inheritdoc AuthCredential.toJSON} */
|
2406 | toJSON(): object;
|
2407 | /** Generates a phone credential based on a plain object or a JSON string. */
|
2408 | static fromJSON(json: object | string): PhoneAuthCredential | null;
|
2409 | }
|
2410 |
|
2411 | /**
|
2412 | * Provider for generating an {@link PhoneAuthCredential}.
|
2413 | *
|
2414 | * @remarks
|
2415 | * `PhoneAuthProvider` does not work in a Node.js environment.
|
2416 | *
|
2417 | * @example
|
2418 | * ```javascript
|
2419 | * // 'recaptcha-container' is the ID of an element in the DOM.
|
2420 | * const applicationVerifier = new RecaptchaVerifier('recaptcha-container');
|
2421 | * const provider = new PhoneAuthProvider(auth);
|
2422 | * const verificationId = await provider.verifyPhoneNumber('+16505550101', applicationVerifier);
|
2423 | * // Obtain the verificationCode from the user.
|
2424 | * const phoneCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
|
2425 | * const userCredential = await signInWithCredential(auth, phoneCredential);
|
2426 | * ```
|
2427 | *
|
2428 | * @public
|
2429 | */
|
2430 | export declare class PhoneAuthProvider {
|
2431 | /** Always set to {@link ProviderId}.PHONE. */
|
2432 | static readonly PROVIDER_ID: 'phone';
|
2433 | /** Always set to {@link SignInMethod}.PHONE. */
|
2434 | static readonly PHONE_SIGN_IN_METHOD: 'phone';
|
2435 | /** Always set to {@link ProviderId}.PHONE. */
|
2436 | readonly providerId: "phone";
|
2437 | private readonly auth;
|
2438 | /**
|
2439 | * @param auth - The Firebase {@link Auth} instance in which sign-ins should occur.
|
2440 | *
|
2441 | */
|
2442 | constructor(auth: Auth);
|
2443 | /**
|
2444 | *
|
2445 | * Starts a phone number authentication flow by sending a verification code to the given phone
|
2446 | * number.
|
2447 | *
|
2448 | * @example
|
2449 | * ```javascript
|
2450 | * const provider = new PhoneAuthProvider(auth);
|
2451 | * const verificationId = await provider.verifyPhoneNumber(phoneNumber, applicationVerifier);
|
2452 | * // Obtain verificationCode from the user.
|
2453 | * const authCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
|
2454 | * const userCredential = await signInWithCredential(auth, authCredential);
|
2455 | * ```
|
2456 | *
|
2457 | * @example
|
2458 | * An alternative flow is provided using the `signInWithPhoneNumber` method.
|
2459 | * ```javascript
|
2460 | * const confirmationResult = signInWithPhoneNumber(auth, phoneNumber, applicationVerifier);
|
2461 | * // Obtain verificationCode from the user.
|
2462 | * const userCredential = confirmationResult.confirm(verificationCode);
|
2463 | * ```
|
2464 | *
|
2465 | * @param phoneInfoOptions - The user's {number should be in
PhoneInfoOptions}. The phone |
2466 | * E.164 format (e.g. +16505550101).
|
2467 | * this method also requires a
applicationVerifier - For abuse prevention, |
2468 | * { ApplicationVerifier}. This SDK includes a reCAPTCHA-based implementation,
|
2469 | * { RecaptchaVerifier}.
|
2470 | *
|
2471 | * Promise for a verification ID that can be passed to
A |
2472 | * {this flow..
PhoneAuthProvider.credential} to identify |
2473 | */
|
2474 | verifyPhoneNumber(phoneOptions: PhoneInfoOptions | string, applicationVerifier: ApplicationVerifier): Promise<string>;
|
2475 | /**
|
2476 | * Creates a phone auth credential, given the verification ID from
|
2477 | * {@link PhoneAuthProvider.verifyPhoneNumber} and the code that was sent to the user's
|
2478 | * mobile device.
|
2479 | *
|
2480 | * @example
|
2481 | * ```javascript
|
2482 | * const provider = new PhoneAuthProvider(auth);
|
2483 | * const verificationId = provider.verifyPhoneNumber(phoneNumber, applicationVerifier);
|
2484 | * // Obtain verificationCode from the user.
|
2485 | * const authCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
|
2486 | * const userCredential = signInWithCredential(auth, authCredential);
|
2487 | * ```
|
2488 | *
|
2489 | * @example
|
2490 | * An alternative flow is provided using the `signInWithPhoneNumber` method.
|
2491 | * ```javascript
|
2492 | * const confirmationResult = await signInWithPhoneNumber(auth, phoneNumber, applicationVerifier);
|
2493 | * // Obtain verificationCode from the user.
|
2494 | * const userCredential = await confirmationResult.confirm(verificationCode);
|
2495 | * ```
|
2496 | *
|
2497 | * @param verificationId - The verification ID returned from {@link PhoneAuthProvider.verifyPhoneNumber}.
|
2498 | * @param verificationCode - The verification code sent to the user's mobile device.
|
2499 | *
|
2500 | * @returns The auth provider credential.
|
2501 | */
|
2502 | static credential(verificationId: string, verificationCode: string): PhoneAuthCredential;
|
2503 | /**
|
2504 | * Generates an {@link AuthCredential} from a {@link UserCredential}.
|
2505 | * @param userCredential - The user credential.
|
2506 | */
|
2507 | static credentialFromResult(userCredential: UserCredential): AuthCredential | null;
|
2508 | /**
|
2509 | * Returns an {@link AuthCredential} when passed an error.
|
2510 | *
|
2511 | * @remarks
|
2512 | *
|
2513 | * This method works for errors like
|
2514 | * `auth/account-exists-with-different-credentials`. This is useful for
|
2515 | * recovering when attempting to set a user's phone number but the number
|
2516 | * in question is already tied to another account. For example, the following
|
2517 | * code tries to update the current user's phone number, and if that
|
2518 | * fails, links the user with the account associated with that number:
|
2519 | *
|
2520 | * ```js
|
2521 | * const provider = new PhoneAuthProvider(auth);
|
2522 | * const verificationId = await provider.verifyPhoneNumber(number, verifier);
|
2523 | * try {
|
2524 | * const code = ''; // Prompt the user for the verification code
|
2525 | * await updatePhoneNumber(
|
2526 | * auth.currentUser,
|
2527 | * PhoneAuthProvider.credential(verificationId, code));
|
2528 | * } catch (e) {
|
2529 | * if ((e as FirebaseError)?.code === 'auth/account-exists-with-different-credential') {
|
2530 | * const cred = PhoneAuthProvider.credentialFromError(e);
|
2531 | * await linkWithCredential(auth.currentUser, cred);
|
2532 | * }
|
2533 | * }
|
2534 | *
|
2535 | * // At this point, auth.currentUser.phoneNumber === number.
|
2536 | * ```
|
2537 | *
|
2538 | * @param error - The error to generate a credential from.
|
2539 | */
|
2540 | static credentialFromError(error: FirebaseError): AuthCredential | null;
|
2541 | private static credentialFromTaggedObject;
|
2542 | }
|
2543 |
|
2544 | /**
|
2545 | * The information required to verify the ownership of a phone number.
|
2546 | *
|
2547 | * @remarks
|
2548 | * The information that's required depends on whether you are doing single-factor sign-in,
|
2549 | * multi-factor enrollment or multi-factor sign-in.
|
2550 | *
|
2551 | * @public
|
2552 | */
|
2553 | export declare type PhoneInfoOptions = PhoneSingleFactorInfoOptions | PhoneMultiFactorEnrollInfoOptions | PhoneMultiFactorSignInInfoOptions;
|
2554 |
|
2555 | /**
|
2556 | * An MFA provided by SMS verification.
|
2557 | */
|
2558 | declare interface PhoneMfaEnrollment extends BaseMfaEnrollment {
|
2559 | phoneInfo: string;
|
2560 | }
|
2561 |
|
2562 | /**
|
2563 | * The class for asserting ownership of a phone second factor. Provided by
|
2564 | * {@link PhoneMultiFactorGenerator.assertion}.
|
2565 | *
|
2566 | * @public
|
2567 | */
|
2568 | export declare interface PhoneMultiFactorAssertion extends MultiFactorAssertion {
|
2569 | }
|
2570 |
|
2571 | /**
|
2572 | * Options used for enrolling a second factor.
|
2573 | *
|
2574 | * @public
|
2575 | */
|
2576 | export declare interface PhoneMultiFactorEnrollInfoOptions {
|
2577 | /** Phone number to send a verification code to. */
|
2578 | phoneNumber: string;
|
2579 | /** The {@link MultiFactorSession} obtained via {@link MultiFactorUser.getSession}. */
|
2580 | session: MultiFactorSession;
|
2581 | }
|
2582 |
|
2583 | /**
|
2584 | * Provider for generating a {@link PhoneMultiFactorAssertion}.
|
2585 | *
|
2586 | * @public
|
2587 | */
|
2588 | export declare class PhoneMultiFactorGenerator {
|
2589 | private constructor();
|
2590 | /**
|
2591 | * Provides a { PhoneMultiFactorAssertion} to confirm ownership of the phone second factor.
|
2592 | *
|
2593 | *
|
2594 | * This method does not work in a Node.js environment.
|
2595 | *
|
2596 | * phoneAuthCredential - A credential provided by { PhoneAuthProvider.credential}.
|
2597 | * with
A { PhoneMultiFactorAssertion} which can be used |
2598 | * { MultiFactorResolver.resolveSignIn}
|
2599 | */
|
2600 | static assertion(credential: PhoneAuthCredential): PhoneMultiFactorAssertion;
|
2601 | /**
|
2602 | * The identifier of the phone second factor: `phone`.
|
2603 | */
|
2604 | static FACTOR_ID: string;
|
2605 | }
|
2606 |
|
2607 | /**
|
2608 | * The subclass of the {@link MultiFactorInfo} interface for phone number
|
2609 | * second factors. The `factorId` of this second factor is {@link FactorId}.PHONE.
|
2610 | * @public
|
2611 | */
|
2612 | export declare interface PhoneMultiFactorInfo extends MultiFactorInfo {
|
2613 | /** The phone number associated with the current second factor. */
|
2614 | readonly phoneNumber: string;
|
2615 | }
|
2616 |
|
2617 | /**
|
2618 | * Options used for signing in with a second factor.
|
2619 | *
|
2620 | * @public
|
2621 | */
|
2622 | export declare interface PhoneMultiFactorSignInInfoOptions {
|
2623 | /**
|
2624 | * The {@link MultiFactorInfo} obtained via {@link MultiFactorResolver.hints}.
|
2625 | *
|
2626 | * One of `multiFactorHint` or `multiFactorUid` is required.
|
2627 | */
|
2628 | multiFactorHint?: MultiFactorInfo;
|
2629 | /**
|
2630 | * The uid of the second factor.
|
2631 | *
|
2632 | * One of `multiFactorHint` or `multiFactorUid` is required.
|
2633 | */
|
2634 | multiFactorUid?: string;
|
2635 | /** The {@link MultiFactorSession} obtained via {@link MultiFactorResolver.session}. */
|
2636 | session: MultiFactorSession;
|
2637 | }
|
2638 |
|
2639 | /* Excluded from this release type: PhoneOrOauthTokenResponse */
|
2640 |
|
2641 | /**
|
2642 | * Options used for single-factor sign-in.
|
2643 | *
|
2644 | * @public
|
2645 | */
|
2646 | export declare interface PhoneSingleFactorInfoOptions {
|
2647 | /** Phone number to send a verification code to. */
|
2648 | phoneNumber: string;
|
2649 | }
|
2650 |
|
2651 | /**
|
2652 | * A resolver used for handling DOM specific operations like {@link signInWithPopup}
|
2653 | * or {@link signInWithRedirect}.
|
2654 | *
|
2655 | * @public
|
2656 | */
|
2657 | export declare interface PopupRedirectResolver {
|
2658 | }
|
2659 |
|
2660 | /* Excluded from this release type: PopupRedirectResolverInternal */
|
2661 |
|
2662 | /**
|
2663 | * A minimal error map with all verbose error messages stripped.
|
2664 | *
|
2665 | * See discussion at {@link AuthErrorMap}
|
2666 | *
|
2667 | * @public
|
2668 | */
|
2669 | export declare const prodErrorMap: AuthErrorMap;
|
2670 |
|
2671 | /**
|
2672 | * Enumeration of supported providers.
|
2673 | *
|
2674 | * @public
|
2675 | */
|
2676 | export declare const ProviderId: {
|
2677 | /** Facebook provider ID */
|
2678 | readonly FACEBOOK: "facebook.com";
|
2679 | /** GitHub provider ID */
|
2680 | readonly GITHUB: "github.com";
|
2681 | /** Google provider ID */
|
2682 | readonly GOOGLE: "google.com";
|
2683 | /** Password provider */
|
2684 | readonly PASSWORD: "password";
|
2685 | /** Phone provider */
|
2686 | readonly PHONE: "phone";
|
2687 | /** Twitter provider ID */
|
2688 | readonly TWITTER: "twitter.com";
|
2689 | };
|
2690 |
|
2691 | /* Excluded from this release type: ProviderId_2 */
|
2692 |
|
2693 | declare interface ProviderUserInfo {
|
2694 | providerId: string;
|
2695 | rawId?: string;
|
2696 | email?: string;
|
2697 | displayName?: string;
|
2698 | photoUrl?: string;
|
2699 | phoneNumber?: string;
|
2700 | }
|
2701 |
|
2702 | /**
|
2703 | * Interface for a supplied `AsyncStorage`.
|
2704 | *
|
2705 | * @public
|
2706 | */
|
2707 | export declare interface ReactNativeAsyncStorage {
|
2708 | /**
|
2709 | * Persist an item in storage.
|
2710 | *
|
2711 | * @param key - storage key.
|
2712 | * @param value - storage value.
|
2713 | */
|
2714 | setItem(key: string, value: string): Promise<void>;
|
2715 | /**
|
2716 | * Retrieve an item from storage.
|
2717 | *
|
2718 | * @param key - storage key.
|
2719 | */
|
2720 | getItem(key: string): Promise<string | null>;
|
2721 | /**
|
2722 | * Remove an item from storage.
|
2723 | *
|
2724 | * @param key - storage key.
|
2725 | */
|
2726 | removeItem(key: string): Promise<void>;
|
2727 | }
|
2728 |
|
2729 | /**
|
2730 | * Re-authenticates a user using a fresh credential.
|
2731 | *
|
2732 | * @remarks
|
2733 | * Use before operations such as {@link updatePassword} that require tokens from recent sign-in
|
2734 | * attempts. This method can be used to recover from a `CREDENTIAL_TOO_OLD_LOGIN_AGAIN` error
|
2735 | * or a `TOKEN_EXPIRED` error.
|
2736 | *
|
2737 | * This method is not supported on any {@link User} signed in by {@link Auth} instances
|
2738 | * created with a {@link @firebase/app#FirebaseServerApp}.
|
2739 | *
|
2740 | * @param user - The user.
|
2741 | * @param credential - The auth credential.
|
2742 | *
|
2743 | * @public
|
2744 | */
|
2745 | export declare function reauthenticateWithCredential(user: User, credential: AuthCredential): Promise<UserCredential>;
|
2746 |
|
2747 | /**
|
2748 | * Re-authenticates a user using a fresh phone credential.
|
2749 | *
|
2750 | * @remarks
|
2751 | * Use before operations such as {@link updatePassword} that require tokens from recent sign-in attempts.
|
2752 | *
|
2753 | * This method does not work in a Node.js environment or on any {@link User} signed in by
|
2754 | * {@link Auth} instances created with a {@link @firebase/app#FirebaseServerApp}.
|
2755 | *
|
2756 | * @param user - The user.
|
2757 | * @param phoneNumber - The user's phone number in E.164 format (e.g. +16505550101).
|
2758 | * @param appVerifier - The {@link ApplicationVerifier}.
|
2759 | *
|
2760 | * @public
|
2761 | */
|
2762 | export declare function reauthenticateWithPhoneNumber(user: User, phoneNumber: string, appVerifier: ApplicationVerifier): Promise<ConfirmationResult>;
|
2763 |
|
2764 | /**
|
2765 | * Reauthenticates the current user with the specified {@link OAuthProvider} using a pop-up based
|
2766 | * OAuth flow.
|
2767 | *
|
2768 | * @remarks
|
2769 | * If the reauthentication is successful, the returned result will contain the user and the
|
2770 | * provider's credential.
|
2771 | *
|
2772 | * This method does not work in a Node.js environment or on any {@link User} signed in by
|
2773 | * {@link Auth} instances created with a {@link @firebase/app#FirebaseServerApp}.
|
2774 | *
|
2775 | * @example
|
2776 | * ```javascript
|
2777 | * // Sign in using a popup.
|
2778 | * const provider = new FacebookAuthProvider();
|
2779 | * const result = await signInWithPopup(auth, provider);
|
2780 | * // Reauthenticate using a popup.
|
2781 | * await reauthenticateWithPopup(result.user, provider);
|
2782 | * ```
|
2783 | *
|
2784 | * @param user - The user.
|
2785 | * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.
|
2786 | * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.
|
2787 | * @param resolver - An instance of {@link PopupRedirectResolver}, optional
|
2788 | * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.
|
2789 | *
|
2790 | * @public
|
2791 | */
|
2792 | export declare function reauthenticateWithPopup(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<UserCredential>;
|
2793 |
|
2794 | /**
|
2795 | * Reauthenticates the current user with the specified {@link OAuthProvider} using a full-page redirect flow.
|
2796 | * @remarks
|
2797 | * To handle the results and errors for this operation, refer to {@link getRedirectResult}.
|
2798 | * Follow the {@link https://firebase.google.com/docs/auth/web/redirect-best-practices
|
2799 | * | best practices} when using {@link reauthenticateWithRedirect}.
|
2800 | *
|
2801 | * This method does not work in a Node.js environment or with {@link Auth} instances
|
2802 | * created with a {@link @firebase/app#FirebaseServerApp}.
|
2803 | *
|
2804 | * @example
|
2805 | * ```javascript
|
2806 | * // Sign in using a redirect.
|
2807 | * const provider = new FacebookAuthProvider();
|
2808 | * const result = await signInWithRedirect(auth, provider);
|
2809 | * // This will trigger a full page redirect away from your app
|
2810 | *
|
2811 | * // After returning from the redirect when your app initializes you can obtain the result
|
2812 | * const result = await getRedirectResult(auth);
|
2813 | * // Reauthenticate using a redirect.
|
2814 | * await reauthenticateWithRedirect(result.user, provider);
|
2815 | * // This will again trigger a full page redirect away from your app
|
2816 | *
|
2817 | * // After returning from the redirect when your app initializes you can obtain the result
|
2818 | * const result = await getRedirectResult(auth);
|
2819 | * ```
|
2820 | *
|
2821 | * @param user - The user.
|
2822 | * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.
|
2823 | * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.
|
2824 | * @param resolver - An instance of {@link PopupRedirectResolver}, optional
|
2825 | * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.
|
2826 | *
|
2827 | * @public
|
2828 | */
|
2829 | export declare function reauthenticateWithRedirect(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<never>;
|
2830 |
|
2831 | declare interface Recaptcha {
|
2832 | render: (container: HTMLElement, parameters: RecaptchaParameters) => number;
|
2833 | getResponse: (id: number) => string;
|
2834 | execute: (id: number) => unknown;
|
2835 | reset: (id: number) => unknown;
|
2836 | }
|
2837 |
|
2838 | declare class RecaptchaConfig {
|
2839 | /**
|
2840 | * The reCAPTCHA site key.
|
2841 | */
|
2842 | siteKey: string;
|
2843 | /**
|
2844 | * The list of providers and their enablement status for reCAPTCHA Enterprise.
|
2845 | */
|
2846 | recaptchaEnforcementState: RecaptchaEnforcementProviderState[];
|
2847 | constructor(response: GetRecaptchaConfigResponse);
|
2848 | /**
|
2849 | * Returns the reCAPTCHA Enterprise enforcement state for the given provider.
|
2850 | *
|
2851 | * @param providerStr - The provider whose enforcement state is to be returned.
|
2852 | * @returns The reCAPTCHA Enterprise enforcement state for the given provider.
|
2853 | */
|
2854 | getProviderEnforcementState(providerStr: string): EnforcementState | null;
|
2855 | /**
|
2856 | * Returns true if the reCAPTCHA Enterprise enforcement state for the provider is set to ENFORCE or AUDIT.
|
2857 | *
|
2858 | * @param providerStr - The provider whose enablement state is to be returned.
|
2859 | * @returns Whether or not reCAPTCHA Enterprise protection is enabled for the given provider.
|
2860 | */
|
2861 | isProviderEnabled(providerStr: string): boolean;
|
2862 | }
|
2863 |
|
2864 | declare interface RecaptchaEnforcementProviderState {
|
2865 | provider: string;
|
2866 | enforcementState: string;
|
2867 | }
|
2868 |
|
2869 | /* Excluded from this release type: ReCaptchaLoader */
|
2870 |
|
2871 | /**
|
2872 | * Interface representing reCAPTCHA parameters.
|
2873 | *
|
2874 | * See the {@link https://developers.google.com/recaptcha/docs/display#render_param | reCAPTCHA docs}
|
2875 | * for the list of accepted parameters. All parameters are accepted except for `sitekey`: Firebase Auth
|
2876 | * provisions a reCAPTCHA for each project and will configure the site key upon rendering.
|
2877 | *
|
2878 | * For an invisible reCAPTCHA, set the `size` key to `invisible`.
|
2879 | *
|
2880 | * @public
|
2881 | */
|
2882 | export declare interface RecaptchaParameters {
|
2883 | [key: string]: any;
|
2884 | }
|
2885 |
|
2886 | /**
|
2887 | * An {@link https://www.google.com/recaptcha/ | reCAPTCHA}-based application verifier.
|
2888 | *
|
2889 | * @remarks
|
2890 | * `RecaptchaVerifier` does not work in a Node.js environment.
|
2891 | *
|
2892 | * @public
|
2893 | */
|
2894 | export declare class RecaptchaVerifier implements ApplicationVerifierInternal {
|
2895 | private readonly parameters;
|
2896 | /**
|
2897 | * The application verifier type.
|
2898 | *
|
2899 | * @remarks
|
2900 | * For a reCAPTCHA verifier, this is 'recaptcha'.
|
2901 | */
|
2902 | readonly type = "recaptcha";
|
2903 | private destroyed;
|
2904 | private widgetId;
|
2905 | private readonly container;
|
2906 | private readonly isInvisible;
|
2907 | private readonly tokenChangeListeners;
|
2908 | private renderPromise;
|
2909 | private readonly auth;
|
2910 | /* Excluded from this release type: _recaptchaLoader */
|
2911 | private recaptcha;
|
2912 | /**
|
2913 | * @param authExtern - The corresponding Firebase {@link Auth} instance.
|
2914 | *
|
2915 | * @param containerOrId - The reCAPTCHA container parameter.
|
2916 | *
|
2917 | * @remarks
|
2918 | * This has different meaning depending on whether the reCAPTCHA is hidden or visible. For a
|
2919 | * visible reCAPTCHA the container must be empty. If a string is used, it has to correspond to
|
2920 | * an element ID. The corresponding element must also must be in the DOM at the time of
|
2921 | * initialization.
|
2922 | *
|
2923 | * @param parameters - The optional reCAPTCHA parameters.
|
2924 | *
|
2925 | * @remarks
|
2926 | * Check the reCAPTCHA docs for a comprehensive list. All parameters are accepted except for
|
2927 | * the sitekey. Firebase Auth backend provisions a reCAPTCHA for each project and will
|
2928 | * configure this upon rendering. For an invisible reCAPTCHA, a size key must have the value
|
2929 | * 'invisible'.
|
2930 | */
|
2931 | constructor(authExtern: Auth, containerOrId: HTMLElement | string, parameters?: RecaptchaParameters);
|
2932 | /**
|
2933 | * Waits for the user to solve the reCAPTCHA and resolves with the reCAPTCHA token.
|
2934 | *
|
2935 | * @returns A Promise for the reCAPTCHA token.
|
2936 | */
|
2937 | verify(): Promise<string>;
|
2938 | /**
|
2939 | * Renders the reCAPTCHA widget on the page.
|
2940 | *
|
2941 | * @returns A Promise that resolves with the reCAPTCHA widget ID.
|
2942 | */
|
2943 | render(): Promise<number>;
|
2944 | /* Excluded from this release type: _reset */
|
2945 | /**
|
2946 | * Clears the reCAPTCHA widget from the page and destroys the instance.
|
2947 | */
|
2948 | clear(): void;
|
2949 | private validateStartingState;
|
2950 | private makeTokenCallback;
|
2951 | private assertNotDestroyed;
|
2952 | private makeRenderPromise;
|
2953 | private init;
|
2954 | private getAssertedRecaptcha;
|
2955 | }
|
2956 |
|
2957 | /**
|
2958 | * Reloads user account data, if signed in.
|
2959 | *
|
2960 | * @param user - The user.
|
2961 | *
|
2962 | * @public
|
2963 | */
|
2964 | export declare function reload(user: User): Promise<void>;
|
2965 |
|
2966 | /**
|
2967 | * Revokes the given access token. Currently only supports Apple OAuth access tokens.
|
2968 | *
|
2969 | * @param auth - The { Auth} instance.
|
2970 | * token - The Apple OAuth access token.
|
2971 | *
|
2972 | *
|
2973 | */
|
2974 | export declare function revokeAccessToken(auth: Auth, token: string): Promise<void>;
|
2975 |
|
2976 | /**
|
2977 | * An {@link AuthProvider} for SAML.
|
2978 | *
|
2979 | * @public
|
2980 | */
|
2981 | export declare class SAMLAuthProvider extends FederatedAuthProvider {
|
2982 | /**
|
2983 | * Constructor. The providerId must start with "saml."
|
2984 | * @param providerId - SAML provider ID.
|
2985 | */
|
2986 | constructor(providerId: string);
|
2987 | /**
|
2988 | * Generates an {from a { UserCredential} after a
AuthCredential} |
2989 | * successful SAML flow completes.
|
2990 | *
|
2991 | *
|
2992 | *
|
2993 | * For example, to get an { AuthCredential}, you could write the
|
2994 | * following code:
|
2995 | *
|
2996 | * ```js
|
2997 | * const userCredential = await signInWithPopup(auth, samlProvider);
|
2998 | * const credential = SAMLAuthProvider.credentialFromResult(userCredential);
|
2999 | * ```
|
3000 | *
|
3001 | * userCredential - The user credential.
|
3002 | */
|
3003 | static credentialFromResult(userCredential: UserCredential): AuthCredential | null;
|
3004 | /**
|
3005 | * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was
|
3006 | * thrown during a sign-in, link, or reauthenticate operation.
|
3007 | *
|
3008 | * @param userCredential - The user credential.
|
3009 | */
|
3010 | static credentialFromError(error: FirebaseError): AuthCredential | null;
|
3011 | /**
|
3012 | * Creates an {@link AuthCredential} from a JSON string or a plain object.
|
3013 | * @param json - A plain object or a JSON string
|
3014 | */
|
3015 | static credentialFromJSON(json: string | object): AuthCredential;
|
3016 | private static samlCredentialFromTaggedObject;
|
3017 | }
|
3018 |
|
3019 | /**
|
3020 | * Sends a verification email to a user.
|
3021 | *
|
3022 | * @remarks
|
3023 | * The verification process is completed by calling {@link applyActionCode}.
|
3024 | *
|
3025 | * @example
|
3026 | * ```javascript
|
3027 | * const actionCodeSettings = {
|
3028 | * url: 'https://www.example.com/?email=user@example.com',
|
3029 | * iOS: {
|
3030 | * bundleId: 'com.example.ios'
|
3031 | * },
|
3032 | * android: {
|
3033 | * packageName: 'com.example.android',
|
3034 | * installApp: true,
|
3035 | * minimumVersion: '12'
|
3036 | * },
|
3037 | * handleCodeInApp: true
|
3038 | * };
|
3039 | * await sendEmailVerification(user, actionCodeSettings);
|
3040 | * // Obtain code from the user.
|
3041 | * await applyActionCode(auth, code);
|
3042 | * ```
|
3043 | *
|
3044 | * @param user - The user.
|
3045 | * @param actionCodeSettings - The {@link ActionCodeSettings}.
|
3046 | *
|
3047 | * @public
|
3048 | */
|
3049 | export declare function sendEmailVerification(user: User, actionCodeSettings?: ActionCodeSettings | null): Promise<void>;
|
3050 |
|
3051 | /**
|
3052 | * Sends a password reset email to the given email address. This method does not throw an error when
|
3053 | * there's no user account with the given email address and
|
3054 | * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}
|
3055 | * is enabled.
|
3056 | *
|
3057 | * @remarks
|
3058 | * To complete the password reset, call {@link confirmPasswordReset} with the code supplied in
|
3059 | * the email sent to the user, along with the new password specified by the user.
|
3060 | *
|
3061 | * @example
|
3062 | * ```javascript
|
3063 | * const actionCodeSettings = {
|
3064 | * url: 'https://www.example.com/?email=user@example.com',
|
3065 | * iOS: {
|
3066 | * bundleId: 'com.example.ios'
|
3067 | * },
|
3068 | * android: {
|
3069 | * packageName: 'com.example.android',
|
3070 | * installApp: true,
|
3071 | * minimumVersion: '12'
|
3072 | * },
|
3073 | * handleCodeInApp: true
|
3074 | * };
|
3075 | * await sendPasswordResetEmail(auth, 'user@example.com', actionCodeSettings);
|
3076 | * // Obtain code from user.
|
3077 | * await confirmPasswordReset('user@example.com', code);
|
3078 | * ```
|
3079 | *
|
3080 | * @param auth - The {@link Auth} instance.
|
3081 | * @param email - The user's email address.
|
3082 | * @param actionCodeSettings - The {@link ActionCodeSettings}.
|
3083 | *
|
3084 | * @public
|
3085 | */
|
3086 | export declare function sendPasswordResetEmail(auth: Auth, email: string, actionCodeSettings?: ActionCodeSettings): Promise<void>;
|
3087 |
|
3088 | /**
|
3089 | * Sends a sign-in email link to the user with the specified email.
|
3090 | *
|
3091 | * @remarks
|
3092 | * The sign-in operation has to always be completed in the app unlike other out of band email
|
3093 | * actions (password reset and email verifications). This is because, at the end of the flow,
|
3094 | * the user is expected to be signed in and their Auth state persisted within the app.
|
3095 | *
|
3096 | * To complete sign in with the email link, call {@link signInWithEmailLink} with the email
|
3097 | * address and the email link supplied in the email sent to the user.
|
3098 | *
|
3099 | * @example
|
3100 | * ```javascript
|
3101 | * const actionCodeSettings = {
|
3102 | * url: 'https://www.example.com/?email=user@example.com',
|
3103 | * iOS: {
|
3104 | * bundleId: 'com.example.ios'
|
3105 | * },
|
3106 | * android: {
|
3107 | * packageName: 'com.example.android',
|
3108 | * installApp: true,
|
3109 | * minimumVersion: '12'
|
3110 | * },
|
3111 | * handleCodeInApp: true
|
3112 | * };
|
3113 | * await sendSignInLinkToEmail(auth, 'user@example.com', actionCodeSettings);
|
3114 | * // Obtain emailLink from the user.
|
3115 | * if(isSignInWithEmailLink(auth, emailLink)) {
|
3116 | * await signInWithEmailLink(auth, 'user@example.com', emailLink);
|
3117 | * }
|
3118 | * ```
|
3119 | *
|
3120 | * @param authInternal - The {@link Auth} instance.
|
3121 | * @param email - The user's email address.
|
3122 | * @param actionCodeSettings - The {@link ActionCodeSettings}.
|
3123 | *
|
3124 | * @public
|
3125 | */
|
3126 | export declare function sendSignInLinkToEmail(auth: Auth, email: string, actionCodeSettings: ActionCodeSettings): Promise<void>;
|
3127 |
|
3128 | /**
|
3129 | * Changes the type of persistence on the {@link Auth} instance for the currently saved
|
3130 | * `Auth` session and applies this type of persistence for future sign-in requests, including
|
3131 | * sign-in with redirect requests.
|
3132 | *
|
3133 | * @remarks
|
3134 | * This makes it easy for a user signing in to specify whether their session should be
|
3135 | * remembered or not. It also makes it easier to never persist the `Auth` state for applications
|
3136 | * that are shared by other users or have sensitive data.
|
3137 | *
|
3138 | * This method does not work in a Node.js environment or with {@link Auth} instances created with a
|
3139 | * {@link @firebase/app#FirebaseServerApp}.
|
3140 | *
|
3141 | * @example
|
3142 | * ```javascript
|
3143 | * setPersistence(auth, browserSessionPersistence);
|
3144 | * ```
|
3145 | *
|
3146 | * @param auth - The {@link Auth} instance.
|
3147 | * @param persistence - The {@link Persistence} to use.
|
3148 | * @returns A `Promise` that resolves once the persistence change has completed
|
3149 | *
|
3150 | * @public
|
3151 | */
|
3152 | export declare function setPersistence(auth: Auth, persistence: Persistence): Promise<void>;
|
3153 |
|
3154 | /**
|
3155 | * Asynchronously signs in as an anonymous user.
|
3156 | *
|
3157 | * @remarks
|
3158 | * If there is already an anonymous user signed in, that user will be returned; otherwise, a
|
3159 | * new anonymous user identity will be created and returned.
|
3160 | *
|
3161 | * This method is not supported by {@link Auth} instances created with a
|
3162 | * {@link @firebase/app#FirebaseServerApp}.
|
3163 | *
|
3164 | * @param auth - The {@link Auth} instance.
|
3165 | *
|
3166 | * @public
|
3167 | */
|
3168 | export declare function signInAnonymously(auth: Auth): Promise<UserCredential>;
|
3169 |
|
3170 | /**
|
3171 | * Enumeration of supported sign-in methods.
|
3172 | *
|
3173 | * @public
|
3174 | */
|
3175 | export declare const SignInMethod: {
|
3176 | /** Email link sign in method */
|
3177 | readonly EMAIL_LINK: "emailLink";
|
3178 | /** Email/password sign in method */
|
3179 | readonly EMAIL_PASSWORD: "password";
|
3180 | /** Facebook sign in method */
|
3181 | readonly FACEBOOK: "facebook.com";
|
3182 | /** GitHub sign in method */
|
3183 | readonly GITHUB: "github.com";
|
3184 | /** Google sign in method */
|
3185 | readonly GOOGLE: "google.com";
|
3186 | /** Phone sign in method */
|
3187 | readonly PHONE: "phone";
|
3188 | /** Twitter sign in method */
|
3189 | readonly TWITTER: "twitter.com";
|
3190 | };
|
3191 |
|
3192 | /**
|
3193 | * Asynchronously signs in with the given credentials.
|
3194 | *
|
3195 | * @remarks
|
3196 | * An {@link AuthProvider} can be used to generate the credential.
|
3197 | *
|
3198 | * This method is not supported by {@link Auth} instances created with a
|
3199 | * {@link @firebase/app#FirebaseServerApp}.
|
3200 | *
|
3201 | * @param auth - The {@link Auth} instance.
|
3202 | * @param credential - The auth credential.
|
3203 | *
|
3204 | * @public
|
3205 | */
|
3206 | export declare function signInWithCredential(auth: Auth, credential: AuthCredential): Promise<UserCredential>;
|
3207 |
|
3208 | /**
|
3209 | * Asynchronously signs in using a custom token.
|
3210 | *
|
3211 | * @remarks
|
3212 | * Custom tokens are used to integrate Firebase Auth with existing auth systems, and must
|
3213 | * be generated by an auth backend using the
|
3214 | * {@link https://firebase.google.com/docs/reference/admin/node/admin.auth.Auth#createcustomtoken | createCustomToken}
|
3215 | * method in the {@link https://firebase.google.com/docs/auth/admin | Admin SDK} .
|
3216 | *
|
3217 | * Fails with an error if the token is invalid, expired, or not accepted by the Firebase Auth service.
|
3218 | *
|
3219 | * This method is not supported by {@link Auth} instances created with a
|
3220 | * {@link @firebase/app#FirebaseServerApp}.
|
3221 | *
|
3222 | * @param auth - The {@link Auth} instance.
|
3223 | * @param customToken - The custom token to sign in with.
|
3224 | *
|
3225 | * @public
|
3226 | */
|
3227 | export declare function signInWithCustomToken(auth: Auth, customToken: string): Promise<UserCredential>;
|
3228 |
|
3229 | /**
|
3230 | * Asynchronously signs in using an email and password.
|
3231 | *
|
3232 | * @remarks
|
3233 | * Fails with an error if the email address and password do not match. When
|
3234 | * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}
|
3235 | * is enabled, this method fails with "auth/invalid-credential" in case of an invalid
|
3236 | * email/password.
|
3237 | *
|
3238 | * This method is not supported on {@link Auth} instances created with a
|
3239 | * {@link @firebase/app#FirebaseServerApp}.
|
3240 | *
|
3241 | * Note: The user's password is NOT the password used to access the user's email account. The
|
3242 | * email address serves as a unique identifier for the user, and the password is used to access
|
3243 | * the user's account in your Firebase project. See also: {@link createUserWithEmailAndPassword}.
|
3244 | *
|
3245 | *
|
3246 | * @param auth - The {@link Auth} instance.
|
3247 | * @param email - The users email address.
|
3248 | * @param password - The users password.
|
3249 | *
|
3250 | * @public
|
3251 | */
|
3252 | export declare function signInWithEmailAndPassword(auth: Auth, email: string, password: string): Promise<UserCredential>;
|
3253 |
|
3254 | /**
|
3255 | * Asynchronously signs in using an email and sign-in email link.
|
3256 | *
|
3257 | * @remarks
|
3258 | * If no link is passed, the link is inferred from the current URL.
|
3259 | *
|
3260 | * Fails with an error if the email address is invalid or OTP in email link expires.
|
3261 | *
|
3262 | * This method is not supported by {@link Auth} instances created with a
|
3263 | * {@link @firebase/app#FirebaseServerApp}.
|
3264 | *
|
3265 | * Note: Confirm the link is a sign-in email link before calling this method firebase.auth.Auth.isSignInWithEmailLink.
|
3266 | *
|
3267 | * @example
|
3268 | * ```javascript
|
3269 | * const actionCodeSettings = {
|
3270 | * url: 'https://www.example.com/?email=user@example.com',
|
3271 | * iOS: {
|
3272 | * bundleId: 'com.example.ios'
|
3273 | * },
|
3274 | * android: {
|
3275 | * packageName: 'com.example.android',
|
3276 | * installApp: true,
|
3277 | * minimumVersion: '12'
|
3278 | * },
|
3279 | * handleCodeInApp: true
|
3280 | * };
|
3281 | * await sendSignInLinkToEmail(auth, 'user@example.com', actionCodeSettings);
|
3282 | * // Obtain emailLink from the user.
|
3283 | * if(isSignInWithEmailLink(auth, emailLink)) {
|
3284 | * await signInWithEmailLink(auth, 'user@example.com', emailLink);
|
3285 | * }
|
3286 | * ```
|
3287 | *
|
3288 | *
|
3289 | * @param auth - The {@link Auth} instance.
|
3290 | * @param email - The user's email address.
|
3291 | * @param emailLink - The link sent to the user's email address.
|
3292 | *
|
3293 | * @public
|
3294 | */
|
3295 | export declare function signInWithEmailLink(auth: Auth, email: string, emailLink?: string): Promise<UserCredential>;
|
3296 |
|
3297 | /* Excluded from this release type: SignInWithIdpResponse */
|
3298 |
|
3299 | /**
|
3300 | * Asynchronously signs in using a phone number.
|
3301 | *
|
3302 | * @remarks
|
3303 | * This method sends a code via SMS to the given
|
3304 | * phone number, and returns a {@link ConfirmationResult}. After the user
|
3305 | * provides the code sent to their phone, call {@link ConfirmationResult.confirm}
|
3306 | * with the code to sign the user in.
|
3307 | *
|
3308 | * For abuse prevention, this method also requires a {@link ApplicationVerifier}.
|
3309 | * This SDK includes a reCAPTCHA-based implementation, {@link RecaptchaVerifier}.
|
3310 | * This function can work on other platforms that do not support the
|
3311 | * {@link RecaptchaVerifier} (like React Native), but you need to use a
|
3312 | * third-party {@link ApplicationVerifier} implementation.
|
3313 | *
|
3314 | * This method does not work in a Node.js environment or with {@link Auth} instances created with a
|
3315 | * {@link @firebase/app#FirebaseServerApp}.
|
3316 | *
|
3317 | * @example
|
3318 | * ```javascript
|
3319 | * // 'recaptcha-container' is the ID of an element in the DOM.
|
3320 | * const applicationVerifier = new firebase.auth.RecaptchaVerifier('recaptcha-container');
|
3321 | * const confirmationResult = await signInWithPhoneNumber(auth, phoneNumber, applicationVerifier);
|
3322 | * // Obtain a verificationCode from the user.
|
3323 | * const credential = await confirmationResult.confirm(verificationCode);
|
3324 | * ```
|
3325 | *
|
3326 | * @param auth - The {@link Auth} instance.
|
3327 | * @param phoneNumber - The user's phone number in E.164 format (e.g. +16505550101).
|
3328 | * @param appVerifier - The {@link ApplicationVerifier}.
|
3329 | *
|
3330 | * @public
|
3331 | */
|
3332 | export declare function signInWithPhoneNumber(auth: Auth, phoneNumber: string, appVerifier: ApplicationVerifier): Promise<ConfirmationResult>;
|
3333 |
|
3334 | /* Excluded from this release type: SignInWithPhoneNumberRequest */
|
3335 |
|
3336 | /* Excluded from this release type: SignInWithPhoneNumberResponse */
|
3337 |
|
3338 | /**
|
3339 | * Authenticates a Firebase client using a popup-based OAuth authentication flow.
|
3340 | *
|
3341 | * @remarks
|
3342 | * If succeeds, returns the signed in user along with the provider's credential. If sign in was
|
3343 | * unsuccessful, returns an error object containing additional information about the error.
|
3344 | *
|
3345 | * This method does not work in a Node.js environment or with {@link Auth} instances created with a
|
3346 | * {@link @firebase/app#FirebaseServerApp}.
|
3347 | *
|
3348 | * @example
|
3349 | * ```javascript
|
3350 | * // Sign in using a popup.
|
3351 | * const provider = new FacebookAuthProvider();
|
3352 | * const result = await signInWithPopup(auth, provider);
|
3353 | *
|
3354 | * // The signed-in user info.
|
3355 | * const user = result.user;
|
3356 | * // This gives you a Facebook Access Token.
|
3357 | * const credential = provider.credentialFromResult(auth, result);
|
3358 | * const token = credential.accessToken;
|
3359 | * ```
|
3360 | *
|
3361 | * @param auth - The {@link Auth} instance.
|
3362 | * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.
|
3363 | * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.
|
3364 | * @param resolver - An instance of {@link PopupRedirectResolver}, optional
|
3365 | * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.
|
3366 | *
|
3367 | * @public
|
3368 | */
|
3369 | export declare function signInWithPopup(auth: Auth, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<UserCredential>;
|
3370 |
|
3371 | /**
|
3372 | * Authenticates a Firebase client using a full-page redirect flow.
|
3373 | *
|
3374 | * @remarks
|
3375 | * To handle the results and errors for this operation, refer to {@link getRedirectResult}.
|
3376 | * Follow the {@link https://firebase.google.com/docs/auth/web/redirect-best-practices
|
3377 | * | best practices} when using {@link signInWithRedirect}.
|
3378 | *
|
3379 | * This method does not work in a Node.js environment or with {@link Auth} instances created with a
|
3380 | * {@link @firebase/app#FirebaseServerApp}.
|
3381 | *
|
3382 | * @example
|
3383 | * ```javascript
|
3384 | * // Sign in using a redirect.
|
3385 | * const provider = new FacebookAuthProvider();
|
3386 | * // You can add additional scopes to the provider:
|
3387 | * provider.addScope('user_birthday');
|
3388 | * // Start a sign in process for an unauthenticated user.
|
3389 | * await signInWithRedirect(auth, provider);
|
3390 | * // This will trigger a full page redirect away from your app
|
3391 | *
|
3392 | * // After returning from the redirect when your app initializes you can obtain the result
|
3393 | * const result = await getRedirectResult(auth);
|
3394 | * if (result) {
|
3395 | * // This is the signed-in user
|
3396 | * const user = result.user;
|
3397 | * // This gives you a Facebook Access Token.
|
3398 | * const credential = provider.credentialFromResult(auth, result);
|
3399 | * const token = credential.accessToken;
|
3400 | * }
|
3401 | * // As this API can be used for sign-in, linking and reauthentication,
|
3402 | * // check the operationType to determine what triggered this redirect
|
3403 | * // operation.
|
3404 | * const operationType = result.operationType;
|
3405 | * ```
|
3406 | *
|
3407 | * @param auth - The {@link Auth} instance.
|
3408 | * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.
|
3409 | * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.
|
3410 | * @param resolver - An instance of {@link PopupRedirectResolver}, optional
|
3411 | * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.
|
3412 | *
|
3413 | * @public
|
3414 | */
|
3415 | export declare function signInWithRedirect(auth: Auth, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<never>;
|
3416 |
|
3417 | /**
|
3418 | * Signs out the current user.
|
3419 | *
|
3420 | * @remarks
|
3421 | * This method is not supported by {@link Auth} instances created with a
|
3422 | * {@link @firebase/app#FirebaseServerApp}.
|
3423 | *
|
3424 | * @param auth - The {@link Auth} instance.
|
3425 | *
|
3426 | * @public
|
3427 | */
|
3428 | export declare function signOut(auth: Auth): Promise<void>;
|
3429 |
|
3430 | declare interface StartTotpMfaEnrollmentResponse {
|
3431 | totpSessionInfo: {
|
3432 | sharedSecretKey: string;
|
3433 | verificationCodeLength: number;
|
3434 | hashingAlgorithm: string;
|
3435 | periodSec: number;
|
3436 | sessionInfo: string;
|
3437 | finalizeEnrollmentTime: number;
|
3438 | };
|
3439 | }
|
3440 |
|
3441 | /* Excluded from this release type: StsTokenManager */
|
3442 |
|
3443 | /* Excluded from this release type: TaggedWithTokenResponse */
|
3444 |
|
3445 | /**
|
3446 | * An MFA provided by TOTP (Time-based One Time Password).
|
3447 | */
|
3448 | declare interface TotpMfaEnrollment extends BaseMfaEnrollment {
|
3449 | }
|
3450 |
|
3451 | /**
|
3452 | * The class for asserting ownership of a TOTP second factor. Provided by
|
3453 | * {@link TotpMultiFactorGenerator.assertionForEnrollment} and
|
3454 | * {@link TotpMultiFactorGenerator.assertionForSignIn}.
|
3455 | *
|
3456 | * @public
|
3457 | */
|
3458 | export declare interface TotpMultiFactorAssertion extends MultiFactorAssertion {
|
3459 | }
|
3460 |
|
3461 | /**
|
3462 | * Provider for generating a {@link TotpMultiFactorAssertion}.
|
3463 | *
|
3464 | * @public
|
3465 | */
|
3466 | export declare class TotpMultiFactorGenerator {
|
3467 | /**
|
3468 | * Provides a {@link TotpMultiFactorAssertion} to confirm ownership of
|
3469 | * the TOTP (time-based one-time password) second factor.
|
3470 | * This assertion is used to complete enrollment in TOTP second factor.
|
3471 | *
|
3472 | * @param secret A {@link TotpSecret} containing the shared secret key and other TOTP parameters.
|
3473 | * @param oneTimePassword One-time password from TOTP App.
|
3474 | * @returns A {@link TotpMultiFactorAssertion} which can be used with
|
3475 | * {@link MultiFactorUser.enroll}.
|
3476 | */
|
3477 | static assertionForEnrollment(secret: TotpSecret, oneTimePassword: string): TotpMultiFactorAssertion;
|
3478 | /**
|
3479 | * Provides a {@link TotpMultiFactorAssertion} to confirm ownership of the TOTP second factor.
|
3480 | * This assertion is used to complete signIn with TOTP as the second factor.
|
3481 | *
|
3482 | * @param enrollmentId identifies the enrolled TOTP second factor.
|
3483 | * @param oneTimePassword One-time password from TOTP App.
|
3484 | * @returns A {@link TotpMultiFactorAssertion} which can be used with
|
3485 | * {@link MultiFactorResolver.resolveSignIn}.
|
3486 | */
|
3487 | static assertionForSignIn(enrollmentId: string, oneTimePassword: string): TotpMultiFactorAssertion;
|
3488 | /**
|
3489 | * Returns a promise to {@link TotpSecret} which contains the TOTP shared secret key and other parameters.
|
3490 | * Creates a TOTP secret as part of enrolling a TOTP second factor.
|
3491 | * Used for generating a QR code URL or inputting into a TOTP app.
|
3492 | * This method uses the auth instance corresponding to the user in the multiFactorSession.
|
3493 | *
|
3494 | * @param session The {@link MultiFactorSession} that the user is part of.
|
3495 | * @returns A promise to {@link TotpSecret}.
|
3496 | */
|
3497 | static generateSecret(session: MultiFactorSession): Promise<TotpSecret>;
|
3498 | /**
|
3499 | * The identifier of the TOTP second factor: `totp`.
|
3500 | */
|
3501 | static FACTOR_ID: 'totp';
|
3502 | }
|
3503 |
|
3504 | /**
|
3505 | * The subclass of the {@link MultiFactorInfo} interface for TOTP
|
3506 | * second factors. The `factorId` of this second factor is {@link FactorId}.TOTP.
|
3507 | * @public
|
3508 | */
|
3509 | export declare interface TotpMultiFactorInfo extends MultiFactorInfo {
|
3510 | }
|
3511 |
|
3512 | /**
|
3513 | * Provider for generating a {@link TotpMultiFactorAssertion}.
|
3514 | *
|
3515 | * Stores the shared secret key and other parameters to generate time-based OTPs.
|
3516 | * Implements methods to retrieve the shared secret key and generate a QR code URL.
|
3517 | * @public
|
3518 | */
|
3519 | export declare class TotpSecret {
|
3520 | private readonly sessionInfo;
|
3521 | private readonly auth;
|
3522 | /**
|
3523 | * Shared secret key/seed used for enrolling in TOTP MFA and generating OTPs.
|
3524 | */
|
3525 | readonly secretKey: string;
|
3526 | /**
|
3527 | * Hashing algorithm used.
|
3528 | */
|
3529 | readonly hashingAlgorithm: string;
|
3530 | /**
|
3531 | * Length of the one-time passwords to be generated.
|
3532 | */
|
3533 | readonly codeLength: number;
|
3534 | /**
|
3535 | * The interval (in seconds) when the OTP codes should change.
|
3536 | */
|
3537 | readonly codeIntervalSeconds: number;
|
3538 | /**
|
3539 | * The timestamp (UTC string) by which TOTP enrollment should be completed.
|
3540 | */
|
3541 | readonly enrollmentCompletionDeadline: string;
|
3542 | private constructor();
|
3543 | /* Excluded from this release type: _fromStartTotpMfaEnrollmentResponse */
|
3544 | /* Excluded from this release type: _makeTotpVerificationInfo */
|
3545 | /**
|
3546 | * Returns a QR code URL as described in
|
3547 | * https://github.com/google/google-authenticator/wiki/Key-Uri-Format
|
3548 | * This can be displayed to the user as a QR code to be scanned into a TOTP app like Google Authenticator.
|
3549 | * If the optional parameters are unspecified, an accountName of <userEmail> and issuer of <firebaseAppName> are used.
|
3550 | *
|
3551 | * @param accountName the name of the account/app along with a user identifier.
|
3552 | * @param issuer issuer of the TOTP (likely the app name).
|
3553 | * @returns A QR code URL string.
|
3554 | */
|
3555 | generateQrCodeUrl(accountName?: string, issuer?: string): string;
|
3556 | }
|
3557 |
|
3558 | declare interface TotpVerificationInfo {
|
3559 | sessionInfo: string;
|
3560 | verificationCode: string;
|
3561 | }
|
3562 |
|
3563 | /**
|
3564 | * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.TWITTER.
|
3565 | *
|
3566 | * @example
|
3567 | * ```javascript
|
3568 | * // Sign in using a redirect.
|
3569 | * const provider = new TwitterAuthProvider();
|
3570 | * // Start a sign in process for an unauthenticated user.
|
3571 | * await signInWithRedirect(auth, provider);
|
3572 | * // This will trigger a full page redirect away from your app
|
3573 | *
|
3574 | * // After returning from the redirect when your app initializes you can obtain the result
|
3575 | * const result = await getRedirectResult(auth);
|
3576 | * if (result) {
|
3577 | * // This is the signed-in user
|
3578 | * const user = result.user;
|
3579 | * // This gives you a Twitter Access Token and Secret.
|
3580 | * const credential = TwitterAuthProvider.credentialFromResult(result);
|
3581 | * const token = credential.accessToken;
|
3582 | * const secret = credential.secret;
|
3583 | * }
|
3584 | * ```
|
3585 | *
|
3586 | * @example
|
3587 | * ```javascript
|
3588 | * // Sign in using a popup.
|
3589 | * const provider = new TwitterAuthProvider();
|
3590 | * const result = await signInWithPopup(auth, provider);
|
3591 | *
|
3592 | * // The signed-in user info.
|
3593 | * const user = result.user;
|
3594 | * // This gives you a Twitter Access Token and Secret.
|
3595 | * const credential = TwitterAuthProvider.credentialFromResult(result);
|
3596 | * const token = credential.accessToken;
|
3597 | * const secret = credential.secret;
|
3598 | * ```
|
3599 | *
|
3600 | * @public
|
3601 | */
|
3602 | export declare class TwitterAuthProvider extends BaseOAuthProvider {
|
3603 | /** Always set to {@link SignInMethod}.TWITTER. */
|
3604 | static readonly TWITTER_SIGN_IN_METHOD: 'twitter.com';
|
3605 | /** Always set to {@link ProviderId}.TWITTER. */
|
3606 | static readonly PROVIDER_ID: 'twitter.com';
|
3607 | constructor();
|
3608 | /**
|
3609 | * Creates a credential for Twitter.
|
3610 | *
|
3611 | * @param token - Twitter access token.
|
3612 | * @param secret - Twitter secret.
|
3613 | */
|
3614 | static credential(token: string, secret: string): OAuthCredential;
|
3615 | /**
|
3616 | * Used to extract the underlying {from a { UserCredential}.
OAuthCredential} |
3617 | *
|
3618 | * userCredential - The user credential.
|
3619 | */
|
3620 | static credentialFromResult(userCredential: UserCredential): OAuthCredential | null;
|
3621 | /**
|
3622 | * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was
|
3623 | * thrown during a sign-in, link, or reauthenticate operation.
|
3624 | *
|
3625 | * @param userCredential - The user credential.
|
3626 | */
|
3627 | static credentialFromError(error: FirebaseError): OAuthCredential | null;
|
3628 | private static credentialFromTaggedObject;
|
3629 | }
|
3630 |
|
3631 | /**
|
3632 | * Unlinks a provider from a user account.
|
3633 | *
|
3634 | * @param user - The user.
|
3635 | * @param providerId - The provider to unlink.
|
3636 | *
|
3637 | * @public
|
3638 | */
|
3639 | export declare function unlink(user: User, providerId: string): Promise<User>;
|
3640 | export { Unsubscribe }
|
3641 |
|
3642 | /**
|
3643 | * Asynchronously sets the provided user as {@link Auth.currentUser} on the
|
3644 | * {@link Auth} instance.
|
3645 | *
|
3646 | * @remarks
|
3647 | * A new instance copy of the user provided will be made and set as currentUser.
|
3648 | *
|
3649 | * This will trigger {@link onAuthStateChanged} and {@link onIdTokenChanged} listeners
|
3650 | * like other sign in methods.
|
3651 | *
|
3652 | * The operation fails with an error if the user to be updated belongs to a different Firebase
|
3653 | * project.
|
3654 | *
|
3655 | * This method is not supported by {@link Auth} instances created with a
|
3656 | * {@link @firebase/app#FirebaseServerApp}.
|
3657 | *
|
3658 | * @param auth - The {@link Auth} instance.
|
3659 | * @param user - The new {@link User}.
|
3660 | *
|
3661 | * @public
|
3662 | */
|
3663 | export declare function updateCurrentUser(auth: Auth, user: User | null): Promise<void>;
|
3664 |
|
3665 | /**
|
3666 | * Updates the user's email address.
|
3667 | *
|
3668 | * @remarks
|
3669 | * An email will be sent to the original email address (if it was set) that allows to revoke the
|
3670 | * email address change, in order to protect them from account hijacking.
|
3671 | *
|
3672 | * This method is not supported on any {@link User} signed in by {@link Auth} instances
|
3673 | * created with a {@link @firebase/app#FirebaseServerApp}.
|
3674 | *
|
3675 | * Important: this is a security sensitive operation that requires the user to have recently signed
|
3676 | * in. If this requirement isn't met, ask the user to authenticate again and then call
|
3677 | * {@link reauthenticateWithCredential}.
|
3678 | *
|
3679 | * @param user - The user.
|
3680 | * @param newEmail - The new email address.
|
3681 | *
|
3682 | * Throws "auth/operation-not-allowed" error when
|
3683 | * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}
|
3684 | * is enabled.
|
3685 | * Deprecated - Use {@link verifyBeforeUpdateEmail} instead.
|
3686 | *
|
3687 | * @public
|
3688 | */
|
3689 | export declare function updateEmail(user: User, newEmail: string): Promise<void>;
|
3690 |
|
3691 | /**
|
3692 | * Updates the user's password.
|
3693 | *
|
3694 | * @remarks
|
3695 | * Important: this is a security sensitive operation that requires the user to have recently signed
|
3696 | * in. If this requirement isn't met, ask the user to authenticate again and then call
|
3697 | * {@link reauthenticateWithCredential}.
|
3698 | *
|
3699 | * @param user - The user.
|
3700 | * @param newPassword - The new password.
|
3701 | *
|
3702 | * @public
|
3703 | */
|
3704 | export declare function updatePassword(user: User, newPassword: string): Promise<void>;
|
3705 |
|
3706 | /**
|
3707 | * Updates the user's phone number.
|
3708 | *
|
3709 | * @remarks
|
3710 | * This method does not work in a Node.js environment or on any {@link User} signed in by
|
3711 | * {@link Auth} instances created with a {@link @firebase/app#FirebaseServerApp}.
|
3712 | *
|
3713 | * @example
|
3714 | * ```
|
3715 | * // 'recaptcha-container' is the ID of an element in the DOM.
|
3716 | * const applicationVerifier = new RecaptchaVerifier('recaptcha-container');
|
3717 | * const provider = new PhoneAuthProvider(auth);
|
3718 | * const verificationId = await provider.verifyPhoneNumber('+16505550101', applicationVerifier);
|
3719 | * // Obtain the verificationCode from the user.
|
3720 | * const phoneCredential = PhoneAuthProvider.credential(verificationId, verificationCode);
|
3721 | * await updatePhoneNumber(user, phoneCredential);
|
3722 | * ```
|
3723 | *
|
3724 | * @param user - The user.
|
3725 | * @param credential - A credential authenticating the new phone number.
|
3726 | *
|
3727 | * @public
|
3728 | */
|
3729 | export declare function updatePhoneNumber(user: User, credential: PhoneAuthCredential): Promise<void>;
|
3730 |
|
3731 | /**
|
3732 | * Updates a user's profile data.
|
3733 | *
|
3734 | * @param user - The user.
|
3735 | * @param profile - The profile's `displayName` and `photoURL` to update.
|
3736 | *
|
3737 | * @public
|
3738 | */
|
3739 | export declare function updateProfile(user: User, { displayName, photoURL: photoUrl }: {
|
3740 | displayName?: string | null;
|
3741 | photoURL?: string | null;
|
3742 | }): Promise<void>;
|
3743 |
|
3744 | /**
|
3745 | * Sets the current language to the default device/browser preference.
|
3746 | *
|
3747 | * @param auth - The {@link Auth} instance.
|
3748 | *
|
3749 | * @public
|
3750 | */
|
3751 | export declare function useDeviceLanguage(auth: Auth): void;
|
3752 |
|
3753 | /**
|
3754 | * A user account.
|
3755 | *
|
3756 | * @public
|
3757 | */
|
3758 | export declare interface User extends UserInfo {
|
3759 | /**
|
3760 | * Whether the email has been verified with {@link sendEmailVerification} and
|
3761 | * {@link applyActionCode}.
|
3762 | */
|
3763 | readonly emailVerified: boolean;
|
3764 | /**
|
3765 | * Whether the user is authenticated using the {@link ProviderId}.ANONYMOUS provider.
|
3766 | */
|
3767 | readonly isAnonymous: boolean;
|
3768 | /**
|
3769 | * Additional metadata around user creation and sign-in times.
|
3770 | */
|
3771 | readonly metadata: UserMetadata;
|
3772 | /**
|
3773 | * Additional per provider such as displayName and profile information.
|
3774 | */
|
3775 | readonly providerData: UserInfo[];
|
3776 | /**
|
3777 | * Refresh token used to reauthenticate the user. Avoid using this directly and prefer
|
3778 | * {@link User.getIdToken} to refresh the ID token instead.
|
3779 | */
|
3780 | readonly refreshToken: string;
|
3781 | /**
|
3782 | * The user's tenant ID.
|
3783 | *
|
3784 | * @remarks
|
3785 | * This is a read-only property, which indicates the tenant ID
|
3786 | * used to sign in the user. This is null if the user is signed in from the parent
|
3787 | * project.
|
3788 | *
|
3789 | * @example
|
3790 | * ```javascript
|
3791 | * // Set the tenant ID on Auth instance.
|
3792 | * auth.tenantId = 'TENANT_PROJECT_ID';
|
3793 | *
|
3794 | * // All future sign-in request now include tenant ID.
|
3795 | * const result = await signInWithEmailAndPassword(auth, email, password);
|
3796 | * // result.user.tenantId should be 'TENANT_PROJECT_ID'.
|
3797 | * ```
|
3798 | */
|
3799 | readonly tenantId: string | null;
|
3800 | /**
|
3801 | * Deletes and signs out the user.
|
3802 | *
|
3803 | * @remarks
|
3804 | * Important: this is a security-sensitive operation that requires the user to have recently
|
3805 | * signed in. If this requirement isn't met, ask the user to authenticate again and then call
|
3806 | * one of the reauthentication methods like {@link reauthenticateWithCredential}.
|
3807 | *
|
3808 | * This method is not supported on any {@link User} signed in by {@link Auth} instances
|
3809 | * created with a {@link @firebase/app#FirebaseServerApp}.
|
3810 | */
|
3811 | delete(): Promise<void>;
|
3812 | /**
|
3813 | * Returns a JSON Web Token (JWT) used to identify the user to a Firebase service.
|
3814 | *
|
3815 | * @remarks
|
3816 | * Returns the current token if it has not expired or if it will not expire in the next five
|
3817 | * minutes. Otherwise, this will refresh the token and return a new one.
|
3818 | *
|
3819 | * @param forceRefresh - Force refresh regardless of token expiration.
|
3820 | */
|
3821 | getIdToken(forceRefresh?: boolean): Promise<string>;
|
3822 | /**
|
3823 | * Returns a deserialized JSON Web Token (JWT) used to identify the user to a Firebase service.
|
3824 | *
|
3825 | * @remarks
|
3826 | * Returns the current token if it has not expired or if it will not expire in the next five
|
3827 | * minutes. Otherwise, this will refresh the token and return a new one.
|
3828 | *
|
3829 | * @param forceRefresh - Force refresh regardless of token expiration.
|
3830 | */
|
3831 | getIdTokenResult(forceRefresh?: boolean): Promise<IdTokenResult>;
|
3832 | /**
|
3833 | * Refreshes the user, if signed in.
|
3834 | */
|
3835 | reload(): Promise<void>;
|
3836 | /**
|
3837 | * Returns a JSON-serializable representation of this object.
|
3838 | *
|
3839 | * @returns A JSON-serializable representation of this object.
|
3840 | */
|
3841 | toJSON(): object;
|
3842 | }
|
3843 |
|
3844 | /**
|
3845 | * A structure containing a {@link User}, the {@link OperationType}, and the provider ID.
|
3846 | *
|
3847 | * @remarks
|
3848 | * `operationType` could be {@link OperationType}.SIGN_IN for a sign-in operation,
|
3849 | * {@link OperationType}.LINK for a linking operation and {@link OperationType}.REAUTHENTICATE for
|
3850 | * a reauthentication operation.
|
3851 | *
|
3852 | * @public
|
3853 | */
|
3854 | export declare interface UserCredential {
|
3855 | /**
|
3856 | * The user authenticated by this credential.
|
3857 | */
|
3858 | user: User;
|
3859 | /**
|
3860 | * The provider which was used to authenticate the user.
|
3861 | */
|
3862 | providerId: string | null;
|
3863 | /**
|
3864 | * The type of operation which was used to authenticate the user (such as sign-in or link).
|
3865 | */
|
3866 | operationType: (typeof OperationType)[keyof typeof OperationType];
|
3867 | }
|
3868 |
|
3869 | /* Excluded from this release type: UserCredentialInternal */
|
3870 |
|
3871 | /**
|
3872 | * User profile information, visible only to the Firebase project's apps.
|
3873 | *
|
3874 | * @public
|
3875 | */
|
3876 | export declare interface UserInfo {
|
3877 | /**
|
3878 | * The display name of the user.
|
3879 | */
|
3880 | readonly displayName: string | null;
|
3881 | /**
|
3882 | * The email of the user.
|
3883 | */
|
3884 | readonly email: string | null;
|
3885 | /**
|
3886 | * The phone number normalized based on the E.164 standard (e.g. +16505550101) for the
|
3887 | * user.
|
3888 | *
|
3889 | * @remarks
|
3890 | * This is null if the user has no phone credential linked to the account.
|
3891 | */
|
3892 | readonly phoneNumber: string | null;
|
3893 | /**
|
3894 | * The profile photo URL of the user.
|
3895 | */
|
3896 | readonly photoURL: string | null;
|
3897 | /**
|
3898 | * The provider used to authenticate the user.
|
3899 | */
|
3900 | readonly providerId: string;
|
3901 | /**
|
3902 | * The user's unique ID, scoped to the project.
|
3903 | */
|
3904 | readonly uid: string;
|
3905 | }
|
3906 |
|
3907 | /* Excluded from this release type: UserInternal */
|
3908 |
|
3909 | /**
|
3910 | * Interface representing a user's metadata.
|
3911 | *
|
3912 | * @public
|
3913 | */
|
3914 | export declare interface UserMetadata {
|
3915 | /** Time the user was created. */
|
3916 | readonly creationTime?: string;
|
3917 | /** Time the user last signed in. */
|
3918 | readonly lastSignInTime?: string;
|
3919 | }
|
3920 |
|
3921 | declare class UserMetadata_2 implements UserMetadata {
|
3922 | private createdAt?;
|
3923 | private lastLoginAt?;
|
3924 | creationTime?: string;
|
3925 | lastSignInTime?: string;
|
3926 | constructor(createdAt?: string | number | undefined, lastLoginAt?: string | number | undefined);
|
3927 | private _initializeTime;
|
3928 | _copy(metadata: UserMetadata_2): void;
|
3929 | toJSON(): object;
|
3930 | }
|
3931 |
|
3932 | /**
|
3933 | * User profile used in { AdditionalUserInfo}.
|
3934 | *
|
3935 | *
|
3936 | */
|
3937 | export declare type UserProfile = Record<string, unknown>;
|
3938 |
|
3939 | /**
|
3940 | * Validates the password against the password policy configured for the project or tenant.
|
3941 | *
|
3942 | * @remarks
|
3943 | * If no tenant ID is set on the `Auth` instance, then this method will use the password
|
3944 | * policy configured for the project. Otherwise, this method will use the policy configured
|
3945 | * for the tenant. If a password policy has not been configured, then the default policy
|
3946 | * configured for all projects will be used.
|
3947 | *
|
3948 | * If an auth flow fails because a submitted password does not meet the password policy
|
3949 | * requirements and this method has previously been called, then this method will use the
|
3950 | * most recent policy available when called again.
|
3951 | *
|
3952 | * @example
|
3953 | * ```javascript
|
3954 | * validatePassword(auth, 'some-password');
|
3955 | * ```
|
3956 | *
|
3957 | * @param auth The {@link Auth} instance.
|
3958 | * @param password The password to validate.
|
3959 | *
|
3960 | * @public
|
3961 | */
|
3962 | export declare function validatePassword(auth: Auth, password: string): Promise<PasswordValidationStatus>;
|
3963 |
|
3964 | /**
|
3965 | * Sends a verification email to a new email address.
|
3966 | *
|
3967 | * @remarks
|
3968 | * The user's email will be updated to the new one after being verified.
|
3969 | *
|
3970 | * If you have a custom email action handler, you can complete the verification process by calling
|
3971 | * {@link applyActionCode}.
|
3972 | *
|
3973 | * @example
|
3974 | * ```javascript
|
3975 | * const actionCodeSettings = {
|
3976 | * url: 'https://www.example.com/?email=user@example.com',
|
3977 | * iOS: {
|
3978 | * bundleId: 'com.example.ios'
|
3979 | * },
|
3980 | * android: {
|
3981 | * packageName: 'com.example.android',
|
3982 | * installApp: true,
|
3983 | * minimumVersion: '12'
|
3984 | * },
|
3985 | * handleCodeInApp: true
|
3986 | * };
|
3987 | * await verifyBeforeUpdateEmail(user, 'newemail@example.com', actionCodeSettings);
|
3988 | * // Obtain code from the user.
|
3989 | * await applyActionCode(auth, code);
|
3990 | * ```
|
3991 | *
|
3992 | * @param user - The user.
|
3993 | * @param newEmail - The new email address to be verified before update.
|
3994 | * @param actionCodeSettings - The {@link ActionCodeSettings}.
|
3995 | *
|
3996 | * @public
|
3997 | */
|
3998 | export declare function verifyBeforeUpdateEmail(user: User, newEmail: string, actionCodeSettings?: ActionCodeSettings | null): Promise<void>;
|
3999 |
|
4000 | /**
|
4001 | * Checks a password reset code sent to the user by email or other out-of-band mechanism.
|
4002 | *
|
4003 | * @returns the user's email address if valid.
|
4004 | *
|
4005 | * @param auth - The {@link Auth} instance.
|
4006 | * @param code - A verification code sent to the user.
|
4007 | *
|
4008 | * @public
|
4009 | */
|
4010 | export declare function verifyPasswordResetCode(auth: Auth, code: string): Promise<string>;
|
4011 |
|
4012 | export { }
|