1 |
|
2 | "use strict";
|
3 |
|
4 |
|
5 |
|
6 |
|
7 |
|
8 |
|
9 |
|
10 |
|
11 |
|
12 |
|
13 |
|
14 |
|
15 |
|
16 |
|
17 |
|
18 |
|
19 | var __extends = (this && this.__extends) || (function () {
|
20 | var extendStatics = function (d, b) {
|
21 | extendStatics = Object.setPrototypeOf ||
|
22 | ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
|
23 | function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; };
|
24 | return extendStatics(d, b);
|
25 | };
|
26 | return function (d, b) {
|
27 | extendStatics(d, b);
|
28 | function __() { this.constructor = d; }
|
29 | d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
|
30 | };
|
31 | })();
|
32 | Object.defineProperty(exports, "__esModule", { value: true });
|
33 | exports.useEmulator = exports.TenantAwareAuthRequestHandler = exports.AuthRequestHandler = exports.AbstractAuthRequestHandler = exports.FIREBASE_AUTH_SIGN_UP_NEW_USER = exports.FIREBASE_AUTH_SET_ACCOUNT_INFO = exports.FIREBASE_AUTH_BATCH_DELETE_ACCOUNTS = exports.FIREBASE_AUTH_DELETE_ACCOUNT = exports.FIREBASE_AUTH_GET_ACCOUNTS_INFO = exports.FIREBASE_AUTH_GET_ACCOUNT_INFO = exports.FIREBASE_AUTH_DOWNLOAD_ACCOUNT = exports.FIREBASE_AUTH_UPLOAD_ACCOUNT = exports.FIREBASE_AUTH_CREATE_SESSION_COOKIE = exports.EMAIL_ACTION_REQUEST_TYPES = exports.RESERVED_CLAIMS = void 0;
|
34 | var validator = require("../utils/validator");
|
35 | var deep_copy_1 = require("../utils/deep-copy");
|
36 | var error_1 = require("../utils/error");
|
37 | var api_request_1 = require("../utils/api-request");
|
38 | var utils = require("../utils/index");
|
39 | var user_import_builder_1 = require("./user-import-builder");
|
40 | var action_code_settings_builder_1 = require("./action-code-settings-builder");
|
41 | var tenant_1 = require("./tenant");
|
42 | var identifier_1 = require("./identifier");
|
43 | var auth_config_1 = require("./auth-config");
|
44 |
|
45 | var FIREBASE_AUTH_HEADER = {
|
46 | 'X-Client-Version': "Node/Admin/" + utils.getSdkVersion(),
|
47 | };
|
48 |
|
49 | var FIREBASE_AUTH_TIMEOUT = 25000;
|
50 |
|
51 | exports.RESERVED_CLAIMS = [
|
52 | 'acr', 'amr', 'at_hash', 'aud', 'auth_time', 'azp', 'cnf', 'c_hash', 'exp', 'iat',
|
53 | 'iss', 'jti', 'nbf', 'nonce', 'sub', 'firebase',
|
54 | ];
|
55 |
|
56 | exports.EMAIL_ACTION_REQUEST_TYPES = [
|
57 | 'PASSWORD_RESET', 'VERIFY_EMAIL', 'EMAIL_SIGNIN',
|
58 | ];
|
59 |
|
60 | var MAX_CLAIMS_PAYLOAD_SIZE = 1000;
|
61 |
|
62 | var MAX_DOWNLOAD_ACCOUNT_PAGE_SIZE = 1000;
|
63 |
|
64 | var MAX_UPLOAD_ACCOUNT_BATCH_SIZE = 1000;
|
65 |
|
66 | var MAX_GET_ACCOUNTS_BATCH_SIZE = 100;
|
67 |
|
68 | var MAX_DELETE_ACCOUNTS_BATCH_SIZE = 1000;
|
69 |
|
70 | var MIN_SESSION_COOKIE_DURATION_SECS = 5 * 60;
|
71 |
|
72 | var MAX_SESSION_COOKIE_DURATION_SECS = 14 * 24 * 60 * 60;
|
73 |
|
74 | var MAX_LIST_PROVIDER_CONFIGURATION_PAGE_SIZE = 100;
|
75 |
|
76 | var FIREBASE_AUTH_BASE_URL_FORMAT = 'https://identitytoolkit.googleapis.com/{version}/projects/{projectId}{api}';
|
77 |
|
78 | var FIREBASE_AUTH_EMULATOR_BASE_URL_FORMAT = 'http://{host}/identitytoolkit.googleapis.com/{version}/projects/{projectId}{api}';
|
79 |
|
80 | var FIREBASE_AUTH_TENANT_URL_FORMAT = FIREBASE_AUTH_BASE_URL_FORMAT.replace('projects/{projectId}', 'projects/{projectId}/tenants/{tenantId}');
|
81 |
|
82 | var FIREBASE_AUTH_EMULATOR_TENANT_URL_FORMAT = FIREBASE_AUTH_EMULATOR_BASE_URL_FORMAT.replace('projects/{projectId}', 'projects/{projectId}/tenants/{tenantId}');
|
83 |
|
84 | var MAX_LIST_TENANT_PAGE_SIZE = 1000;
|
85 |
|
86 |
|
87 |
|
88 | var WriteOperationType;
|
89 | (function (WriteOperationType) {
|
90 | WriteOperationType["Create"] = "create";
|
91 | WriteOperationType["Update"] = "update";
|
92 | WriteOperationType["Upload"] = "upload";
|
93 | })(WriteOperationType || (WriteOperationType = {}));
|
94 |
|
95 | var AuthResourceUrlBuilder = (function () {
|
96 | |
97 |
|
98 |
|
99 |
|
100 |
|
101 |
|
102 |
|
103 | function AuthResourceUrlBuilder(app, version) {
|
104 | if (version === void 0) { version = 'v1'; }
|
105 | this.app = app;
|
106 | this.version = version;
|
107 | if (useEmulator()) {
|
108 | this.urlFormat = utils.formatString(FIREBASE_AUTH_EMULATOR_BASE_URL_FORMAT, {
|
109 | host: emulatorHost()
|
110 | });
|
111 | }
|
112 | else {
|
113 | this.urlFormat = FIREBASE_AUTH_BASE_URL_FORMAT;
|
114 | }
|
115 | }
|
116 | |
117 |
|
118 |
|
119 |
|
120 |
|
121 |
|
122 |
|
123 |
|
124 | AuthResourceUrlBuilder.prototype.getUrl = function (api, params) {
|
125 | var _this = this;
|
126 | return this.getProjectId()
|
127 | .then(function (projectId) {
|
128 | var baseParams = {
|
129 | version: _this.version,
|
130 | projectId: projectId,
|
131 | api: api || '',
|
132 | };
|
133 | var baseUrl = utils.formatString(_this.urlFormat, baseParams);
|
134 |
|
135 | return utils.formatString(baseUrl, params || {});
|
136 | });
|
137 | };
|
138 | AuthResourceUrlBuilder.prototype.getProjectId = function () {
|
139 | var _this = this;
|
140 | if (this.projectId) {
|
141 | return Promise.resolve(this.projectId);
|
142 | }
|
143 | return utils.findProjectId(this.app)
|
144 | .then(function (projectId) {
|
145 | if (!validator.isNonEmptyString(projectId)) {
|
146 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CREDENTIAL, 'Failed to determine project ID for Auth. Initialize the '
|
147 | + 'SDK with service account credentials or set project ID as an app option. '
|
148 | + 'Alternatively set the GOOGLE_CLOUD_PROJECT environment variable.');
|
149 | }
|
150 | _this.projectId = projectId;
|
151 | return projectId;
|
152 | });
|
153 | };
|
154 | return AuthResourceUrlBuilder;
|
155 | }());
|
156 |
|
157 | var TenantAwareAuthResourceUrlBuilder = (function (_super) {
|
158 | __extends(TenantAwareAuthResourceUrlBuilder, _super);
|
159 | |
160 |
|
161 |
|
162 |
|
163 |
|
164 |
|
165 |
|
166 |
|
167 | function TenantAwareAuthResourceUrlBuilder(app, version, tenantId) {
|
168 | var _this = _super.call(this, app, version) || this;
|
169 | _this.app = app;
|
170 | _this.version = version;
|
171 | _this.tenantId = tenantId;
|
172 | if (useEmulator()) {
|
173 | _this.urlFormat = utils.formatString(FIREBASE_AUTH_EMULATOR_TENANT_URL_FORMAT, {
|
174 | host: emulatorHost()
|
175 | });
|
176 | }
|
177 | else {
|
178 | _this.urlFormat = FIREBASE_AUTH_TENANT_URL_FORMAT;
|
179 | }
|
180 | return _this;
|
181 | }
|
182 | |
183 |
|
184 |
|
185 |
|
186 |
|
187 |
|
188 |
|
189 |
|
190 | TenantAwareAuthResourceUrlBuilder.prototype.getUrl = function (api, params) {
|
191 | var _this = this;
|
192 | return _super.prototype.getUrl.call(this, api, params)
|
193 | .then(function (url) {
|
194 | return utils.formatString(url, { tenantId: _this.tenantId });
|
195 | });
|
196 | };
|
197 | return TenantAwareAuthResourceUrlBuilder;
|
198 | }(AuthResourceUrlBuilder));
|
199 |
|
200 |
|
201 |
|
202 |
|
203 | var AuthHttpClient = (function (_super) {
|
204 | __extends(AuthHttpClient, _super);
|
205 | function AuthHttpClient() {
|
206 | return _super !== null && _super.apply(this, arguments) || this;
|
207 | }
|
208 | AuthHttpClient.prototype.getToken = function () {
|
209 | if (useEmulator()) {
|
210 | return Promise.resolve('owner');
|
211 | }
|
212 | return _super.prototype.getToken.call(this);
|
213 | };
|
214 | return AuthHttpClient;
|
215 | }(api_request_1.AuthorizedHttpClient));
|
216 |
|
217 |
|
218 |
|
219 |
|
220 |
|
221 |
|
222 |
|
223 | function validateAuthFactorInfo(request) {
|
224 | var validKeys = {
|
225 | mfaEnrollmentId: true,
|
226 | displayName: true,
|
227 | phoneInfo: true,
|
228 | enrolledAt: true,
|
229 | };
|
230 |
|
231 | for (var key in request) {
|
232 | if (!(key in validKeys)) {
|
233 | delete request[key];
|
234 | }
|
235 | }
|
236 |
|
237 | var authFactorInfoIdentifier = request.mfaEnrollmentId || request.phoneInfo || JSON.stringify(request);
|
238 |
|
239 | if (typeof request.mfaEnrollmentId !== 'undefined' &&
|
240 | !validator.isNonEmptyString(request.mfaEnrollmentId)) {
|
241 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID, 'The second factor "uid" must be a valid non-empty string.');
|
242 | }
|
243 | if (typeof request.displayName !== 'undefined' &&
|
244 | !validator.isString(request.displayName)) {
|
245 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_DISPLAY_NAME, "The second factor \"displayName\" for \"" + authFactorInfoIdentifier + "\" must be a valid string.");
|
246 | }
|
247 |
|
248 | if (typeof request.enrolledAt !== 'undefined' &&
|
249 | !validator.isISODateString(request.enrolledAt)) {
|
250 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ENROLLMENT_TIME, "The second factor \"enrollmentTime\" for \"" + authFactorInfoIdentifier + "\" must be a valid " +
|
251 | 'UTC date string.');
|
252 | }
|
253 |
|
254 | if (typeof request.phoneInfo !== 'undefined') {
|
255 |
|
256 | if (!validator.isPhoneNumber(request.phoneInfo)) {
|
257 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PHONE_NUMBER, "The second factor \"phoneNumber\" for \"" + authFactorInfoIdentifier + "\" must be a non-empty " +
|
258 | 'E.164 standard compliant identifier string.');
|
259 | }
|
260 | }
|
261 | else {
|
262 |
|
263 |
|
264 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ENROLLED_FACTORS, 'MFAInfo object provided is invalid.');
|
265 | }
|
266 | }
|
267 |
|
268 |
|
269 |
|
270 |
|
271 |
|
272 |
|
273 |
|
274 | function validateProviderUserInfo(request) {
|
275 | var validKeys = {
|
276 | rawId: true,
|
277 | providerId: true,
|
278 | email: true,
|
279 | displayName: true,
|
280 | photoUrl: true,
|
281 | };
|
282 |
|
283 | for (var key in request) {
|
284 | if (!(key in validKeys)) {
|
285 | delete request[key];
|
286 | }
|
287 | }
|
288 | if (!validator.isNonEmptyString(request.providerId)) {
|
289 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID);
|
290 | }
|
291 | if (typeof request.displayName !== 'undefined' &&
|
292 | typeof request.displayName !== 'string') {
|
293 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_DISPLAY_NAME, "The provider \"displayName\" for \"" + request.providerId + "\" must be a valid string.");
|
294 | }
|
295 | if (!validator.isNonEmptyString(request.rawId)) {
|
296 |
|
297 |
|
298 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID, "The provider \"uid\" for \"" + request.providerId + "\" must be a valid non-empty string.");
|
299 | }
|
300 |
|
301 | if (typeof request.email !== 'undefined' && !validator.isEmail(request.email)) {
|
302 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_EMAIL, "The provider \"email\" for \"" + request.providerId + "\" must be a valid email string.");
|
303 | }
|
304 |
|
305 | if (typeof request.photoUrl !== 'undefined' &&
|
306 | !validator.isURL(request.photoUrl)) {
|
307 |
|
308 |
|
309 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PHOTO_URL, "The provider \"photoURL\" for \"" + request.providerId + "\" must be a valid URL string.");
|
310 | }
|
311 | }
|
312 |
|
313 |
|
314 |
|
315 |
|
316 |
|
317 |
|
318 |
|
319 |
|
320 | function validateCreateEditRequest(request, writeOperationType) {
|
321 | var uploadAccountRequest = writeOperationType === WriteOperationType.Upload;
|
322 |
|
323 | var validKeys = {
|
324 | displayName: true,
|
325 | localId: true,
|
326 | email: true,
|
327 | password: true,
|
328 | rawPassword: true,
|
329 | emailVerified: true,
|
330 | photoUrl: true,
|
331 | disabled: true,
|
332 | disableUser: true,
|
333 | deleteAttribute: true,
|
334 | deleteProvider: true,
|
335 | sanityCheck: true,
|
336 | phoneNumber: true,
|
337 | customAttributes: true,
|
338 | validSince: true,
|
339 |
|
340 | linkProviderUserInfo: !uploadAccountRequest,
|
341 |
|
342 | tenantId: uploadAccountRequest,
|
343 | passwordHash: uploadAccountRequest,
|
344 | salt: uploadAccountRequest,
|
345 | createdAt: uploadAccountRequest,
|
346 | lastLoginAt: uploadAccountRequest,
|
347 | providerUserInfo: uploadAccountRequest,
|
348 | mfaInfo: uploadAccountRequest,
|
349 |
|
350 | mfa: !uploadAccountRequest,
|
351 | };
|
352 |
|
353 | for (var key in request) {
|
354 | if (!(key in validKeys)) {
|
355 | delete request[key];
|
356 | }
|
357 | }
|
358 | if (typeof request.tenantId !== 'undefined' &&
|
359 | !validator.isNonEmptyString(request.tenantId)) {
|
360 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_TENANT_ID);
|
361 | }
|
362 |
|
363 |
|
364 | if (typeof request.displayName !== 'undefined' &&
|
365 | !validator.isString(request.displayName)) {
|
366 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_DISPLAY_NAME);
|
367 | }
|
368 | if ((typeof request.localId !== 'undefined' || uploadAccountRequest) &&
|
369 | !validator.isUid(request.localId)) {
|
370 |
|
371 |
|
372 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID);
|
373 | }
|
374 |
|
375 | if (typeof request.email !== 'undefined' && !validator.isEmail(request.email)) {
|
376 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_EMAIL);
|
377 | }
|
378 |
|
379 | if (typeof request.phoneNumber !== 'undefined' &&
|
380 | !validator.isPhoneNumber(request.phoneNumber)) {
|
381 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PHONE_NUMBER);
|
382 | }
|
383 |
|
384 | if (typeof request.password !== 'undefined' &&
|
385 | !validator.isPassword(request.password)) {
|
386 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PASSWORD);
|
387 | }
|
388 |
|
389 | if (typeof request.rawPassword !== 'undefined' &&
|
390 | !validator.isPassword(request.rawPassword)) {
|
391 |
|
392 |
|
393 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PASSWORD);
|
394 | }
|
395 |
|
396 | if (typeof request.emailVerified !== 'undefined' &&
|
397 | typeof request.emailVerified !== 'boolean') {
|
398 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_EMAIL_VERIFIED);
|
399 | }
|
400 |
|
401 | if (typeof request.photoUrl !== 'undefined' &&
|
402 | !validator.isURL(request.photoUrl)) {
|
403 |
|
404 |
|
405 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PHOTO_URL);
|
406 | }
|
407 |
|
408 | if (typeof request.disabled !== 'undefined' &&
|
409 | typeof request.disabled !== 'boolean') {
|
410 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_DISABLED_FIELD);
|
411 | }
|
412 |
|
413 | if (typeof request.validSince !== 'undefined' &&
|
414 | !validator.isNumber(request.validSince)) {
|
415 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_TOKENS_VALID_AFTER_TIME);
|
416 | }
|
417 |
|
418 | if (typeof request.createdAt !== 'undefined' &&
|
419 | !validator.isNumber(request.createdAt)) {
|
420 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CREATION_TIME);
|
421 | }
|
422 |
|
423 | if (typeof request.lastLoginAt !== 'undefined' &&
|
424 | !validator.isNumber(request.lastLoginAt)) {
|
425 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_LAST_SIGN_IN_TIME);
|
426 | }
|
427 |
|
428 | if (typeof request.disableUser !== 'undefined' &&
|
429 | typeof request.disableUser !== 'boolean') {
|
430 |
|
431 |
|
432 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_DISABLED_FIELD);
|
433 | }
|
434 |
|
435 |
|
436 | if (typeof request.customAttributes !== 'undefined') {
|
437 | var developerClaims_1;
|
438 | try {
|
439 | developerClaims_1 = JSON.parse(request.customAttributes);
|
440 | }
|
441 | catch (error) {
|
442 |
|
443 |
|
444 |
|
445 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_CLAIMS, error.message);
|
446 | }
|
447 | var invalidClaims_1 = [];
|
448 |
|
449 | exports.RESERVED_CLAIMS.forEach(function (blacklistedClaim) {
|
450 | if (Object.prototype.hasOwnProperty.call(developerClaims_1, blacklistedClaim)) {
|
451 | invalidClaims_1.push(blacklistedClaim);
|
452 | }
|
453 | });
|
454 |
|
455 | if (invalidClaims_1.length > 0) {
|
456 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.FORBIDDEN_CLAIM, invalidClaims_1.length > 1 ?
|
457 | "Developer claims \"" + invalidClaims_1.join('", "') + "\" are reserved and cannot be specified." :
|
458 | "Developer claim \"" + invalidClaims_1[0] + "\" is reserved and cannot be specified.");
|
459 | }
|
460 |
|
461 | if (request.customAttributes.length > MAX_CLAIMS_PAYLOAD_SIZE) {
|
462 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.CLAIMS_TOO_LARGE, "Developer claims payload should not exceed " + MAX_CLAIMS_PAYLOAD_SIZE + " characters.");
|
463 | }
|
464 | }
|
465 |
|
466 | if (typeof request.passwordHash !== 'undefined' &&
|
467 | !validator.isString(request.passwordHash)) {
|
468 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PASSWORD_HASH);
|
469 | }
|
470 |
|
471 | if (typeof request.salt !== 'undefined' &&
|
472 | !validator.isString(request.salt)) {
|
473 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PASSWORD_SALT);
|
474 | }
|
475 |
|
476 | if (typeof request.providerUserInfo !== 'undefined' &&
|
477 | !validator.isArray(request.providerUserInfo)) {
|
478 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_DATA);
|
479 | }
|
480 | else if (validator.isArray(request.providerUserInfo)) {
|
481 | request.providerUserInfo.forEach(function (providerUserInfoEntry) {
|
482 | validateProviderUserInfo(providerUserInfoEntry);
|
483 | });
|
484 | }
|
485 |
|
486 | if (typeof request.linkProviderUserInfo !== 'undefined') {
|
487 | validateProviderUserInfo(request.linkProviderUserInfo);
|
488 | }
|
489 |
|
490 |
|
491 |
|
492 | var enrollments = null;
|
493 | if (request.mfaInfo) {
|
494 | enrollments = request.mfaInfo;
|
495 | }
|
496 | else if (request.mfa && request.mfa.enrollments) {
|
497 | enrollments = request.mfa.enrollments;
|
498 | }
|
499 | if (enrollments) {
|
500 | if (!validator.isArray(enrollments)) {
|
501 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ENROLLED_FACTORS);
|
502 | }
|
503 | enrollments.forEach(function (authFactorInfoEntry) {
|
504 | validateAuthFactorInfo(authFactorInfoEntry);
|
505 | });
|
506 | }
|
507 | }
|
508 |
|
509 |
|
510 |
|
511 |
|
512 |
|
513 | exports.FIREBASE_AUTH_CREATE_SESSION_COOKIE = new api_request_1.ApiSettings(':createSessionCookie', 'POST')
|
514 |
|
515 | .setRequestValidator(function (request) {
|
516 |
|
517 | if (!validator.isNonEmptyString(request.idToken)) {
|
518 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ID_TOKEN);
|
519 | }
|
520 |
|
521 | if (!validator.isNumber(request.validDuration) ||
|
522 | request.validDuration < MIN_SESSION_COOKIE_DURATION_SECS ||
|
523 | request.validDuration > MAX_SESSION_COOKIE_DURATION_SECS) {
|
524 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_SESSION_COOKIE_DURATION);
|
525 | }
|
526 | })
|
527 |
|
528 | .setResponseValidator(function (response) {
|
529 |
|
530 | if (!validator.isNonEmptyString(response.sessionCookie)) {
|
531 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR);
|
532 | }
|
533 | });
|
534 |
|
535 |
|
536 |
|
537 |
|
538 |
|
539 | exports.FIREBASE_AUTH_UPLOAD_ACCOUNT = new api_request_1.ApiSettings('/accounts:batchCreate', 'POST');
|
540 |
|
541 |
|
542 |
|
543 |
|
544 |
|
545 | exports.FIREBASE_AUTH_DOWNLOAD_ACCOUNT = new api_request_1.ApiSettings('/accounts:batchGet', 'GET')
|
546 |
|
547 | .setRequestValidator(function (request) {
|
548 |
|
549 | if (typeof request.nextPageToken !== 'undefined' &&
|
550 | !validator.isNonEmptyString(request.nextPageToken)) {
|
551 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PAGE_TOKEN);
|
552 | }
|
553 |
|
554 | if (!validator.isNumber(request.maxResults) ||
|
555 | request.maxResults <= 0 ||
|
556 | request.maxResults > MAX_DOWNLOAD_ACCOUNT_PAGE_SIZE) {
|
557 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'Required "maxResults" must be a positive integer that does not exceed ' +
|
558 | (MAX_DOWNLOAD_ACCOUNT_PAGE_SIZE + "."));
|
559 | }
|
560 | });
|
561 |
|
562 |
|
563 |
|
564 |
|
565 |
|
566 | exports.FIREBASE_AUTH_GET_ACCOUNT_INFO = new api_request_1.ApiSettings('/accounts:lookup', 'POST')
|
567 |
|
568 | .setRequestValidator(function (request) {
|
569 | if (!request.localId && !request.email && !request.phoneNumber && !request.federatedUserId) {
|
570 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server request is missing user identifier');
|
571 | }
|
572 | })
|
573 |
|
574 | .setResponseValidator(function (response) {
|
575 | if (!response.users || !response.users.length) {
|
576 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.USER_NOT_FOUND);
|
577 | }
|
578 | });
|
579 |
|
580 |
|
581 |
|
582 |
|
583 |
|
584 |
|
585 | exports.FIREBASE_AUTH_GET_ACCOUNTS_INFO = new api_request_1.ApiSettings('/accounts:lookup', 'POST')
|
586 |
|
587 | .setRequestValidator(function (request) {
|
588 | if (!request.localId && !request.email && !request.phoneNumber && !request.federatedUserId) {
|
589 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server request is missing user identifier');
|
590 | }
|
591 | });
|
592 |
|
593 |
|
594 |
|
595 |
|
596 |
|
597 | exports.FIREBASE_AUTH_DELETE_ACCOUNT = new api_request_1.ApiSettings('/accounts:delete', 'POST')
|
598 |
|
599 | .setRequestValidator(function (request) {
|
600 | if (!request.localId) {
|
601 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server request is missing user identifier');
|
602 | }
|
603 | });
|
604 |
|
605 |
|
606 |
|
607 | exports.FIREBASE_AUTH_BATCH_DELETE_ACCOUNTS = new api_request_1.ApiSettings('/accounts:batchDelete', 'POST')
|
608 | .setRequestValidator(function (request) {
|
609 | if (!request.localIds) {
|
610 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server request is missing user identifiers');
|
611 | }
|
612 | if (typeof request.force === 'undefined' || request.force !== true) {
|
613 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server request is missing force=true field');
|
614 | }
|
615 | })
|
616 | .setResponseValidator(function (response) {
|
617 | var errors = response.errors || [];
|
618 | errors.forEach(function (batchDeleteErrorInfo) {
|
619 | if (typeof batchDeleteErrorInfo.index === 'undefined') {
|
620 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server BatchDeleteAccountResponse is missing an errors.index field');
|
621 | }
|
622 | if (!batchDeleteErrorInfo.localId) {
|
623 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server BatchDeleteAccountResponse is missing an errors.localId field');
|
624 | }
|
625 |
|
626 | });
|
627 | });
|
628 |
|
629 |
|
630 |
|
631 |
|
632 |
|
633 | exports.FIREBASE_AUTH_SET_ACCOUNT_INFO = new api_request_1.ApiSettings('/accounts:update', 'POST')
|
634 |
|
635 | .setRequestValidator(function (request) {
|
636 |
|
637 | if (typeof request.localId === 'undefined') {
|
638 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Server request is missing user identifier');
|
639 | }
|
640 |
|
641 | if (typeof request.tenantId !== 'undefined') {
|
642 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"tenantId" is an invalid "UpdateRequest" property.');
|
643 | }
|
644 | validateCreateEditRequest(request, WriteOperationType.Update);
|
645 | })
|
646 |
|
647 | .setResponseValidator(function (response) {
|
648 |
|
649 | if (!response.localId) {
|
650 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.USER_NOT_FOUND);
|
651 | }
|
652 | });
|
653 |
|
654 |
|
655 |
|
656 |
|
657 |
|
658 |
|
659 | exports.FIREBASE_AUTH_SIGN_UP_NEW_USER = new api_request_1.ApiSettings('/accounts', 'POST')
|
660 |
|
661 | .setRequestValidator(function (request) {
|
662 |
|
663 | if (typeof request.customAttributes !== 'undefined') {
|
664 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"customAttributes" cannot be set when creating a new user.');
|
665 | }
|
666 |
|
667 | if (typeof request.validSince !== 'undefined') {
|
668 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"validSince" cannot be set when creating a new user.');
|
669 | }
|
670 |
|
671 | if (typeof request.tenantId !== 'undefined') {
|
672 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"tenantId" is an invalid "CreateRequest" property.');
|
673 | }
|
674 | validateCreateEditRequest(request, WriteOperationType.Create);
|
675 | })
|
676 |
|
677 | .setResponseValidator(function (response) {
|
678 |
|
679 | if (!response.localId) {
|
680 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to create new user');
|
681 | }
|
682 | });
|
683 | var FIREBASE_AUTH_GET_OOB_CODE = new api_request_1.ApiSettings('/accounts:sendOobCode', 'POST')
|
684 |
|
685 | .setRequestValidator(function (request) {
|
686 | if (!validator.isEmail(request.email)) {
|
687 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_EMAIL);
|
688 | }
|
689 | if (exports.EMAIL_ACTION_REQUEST_TYPES.indexOf(request.requestType) === -1) {
|
690 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, "\"" + request.requestType + "\" is not a supported email action request type.");
|
691 | }
|
692 | })
|
693 |
|
694 | .setResponseValidator(function (response) {
|
695 |
|
696 | if (!response.oobLink) {
|
697 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to create the email action link');
|
698 | }
|
699 | });
|
700 |
|
701 |
|
702 |
|
703 |
|
704 |
|
705 | var GET_OAUTH_IDP_CONFIG = new api_request_1.ApiSettings('/oauthIdpConfigs/{providerId}', 'GET')
|
706 |
|
707 | .setResponseValidator(function (response) {
|
708 |
|
709 | if (!validator.isNonEmptyString(response.name)) {
|
710 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to get OIDC configuration');
|
711 | }
|
712 | });
|
713 |
|
714 |
|
715 |
|
716 |
|
717 |
|
718 | var DELETE_OAUTH_IDP_CONFIG = new api_request_1.ApiSettings('/oauthIdpConfigs/{providerId}', 'DELETE');
|
719 |
|
720 |
|
721 |
|
722 |
|
723 |
|
724 | var CREATE_OAUTH_IDP_CONFIG = new api_request_1.ApiSettings('/oauthIdpConfigs?oauthIdpConfigId={providerId}', 'POST')
|
725 |
|
726 | .setResponseValidator(function (response) {
|
727 |
|
728 | if (!validator.isNonEmptyString(response.name)) {
|
729 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to create new OIDC configuration');
|
730 | }
|
731 | });
|
732 |
|
733 |
|
734 |
|
735 |
|
736 |
|
737 | var UPDATE_OAUTH_IDP_CONFIG = new api_request_1.ApiSettings('/oauthIdpConfigs/{providerId}?updateMask={updateMask}', 'PATCH')
|
738 |
|
739 | .setResponseValidator(function (response) {
|
740 |
|
741 | if (!validator.isNonEmptyString(response.name)) {
|
742 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to update OIDC configuration');
|
743 | }
|
744 | });
|
745 |
|
746 |
|
747 |
|
748 |
|
749 |
|
750 | var LIST_OAUTH_IDP_CONFIGS = new api_request_1.ApiSettings('/oauthIdpConfigs', 'GET')
|
751 |
|
752 | .setRequestValidator(function (request) {
|
753 |
|
754 | if (typeof request.pageToken !== 'undefined' &&
|
755 | !validator.isNonEmptyString(request.pageToken)) {
|
756 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PAGE_TOKEN);
|
757 | }
|
758 |
|
759 | if (!validator.isNumber(request.pageSize) ||
|
760 | request.pageSize <= 0 ||
|
761 | request.pageSize > MAX_LIST_PROVIDER_CONFIGURATION_PAGE_SIZE) {
|
762 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'Required "maxResults" must be a positive integer that does not exceed ' +
|
763 | (MAX_LIST_PROVIDER_CONFIGURATION_PAGE_SIZE + "."));
|
764 | }
|
765 | });
|
766 |
|
767 |
|
768 |
|
769 |
|
770 |
|
771 | var GET_INBOUND_SAML_CONFIG = new api_request_1.ApiSettings('/inboundSamlConfigs/{providerId}', 'GET')
|
772 |
|
773 | .setResponseValidator(function (response) {
|
774 |
|
775 | if (!validator.isNonEmptyString(response.name)) {
|
776 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to get SAML configuration');
|
777 | }
|
778 | });
|
779 |
|
780 |
|
781 |
|
782 |
|
783 |
|
784 | var DELETE_INBOUND_SAML_CONFIG = new api_request_1.ApiSettings('/inboundSamlConfigs/{providerId}', 'DELETE');
|
785 |
|
786 |
|
787 |
|
788 |
|
789 |
|
790 | var CREATE_INBOUND_SAML_CONFIG = new api_request_1.ApiSettings('/inboundSamlConfigs?inboundSamlConfigId={providerId}', 'POST')
|
791 |
|
792 | .setResponseValidator(function (response) {
|
793 |
|
794 | if (!validator.isNonEmptyString(response.name)) {
|
795 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to create new SAML configuration');
|
796 | }
|
797 | });
|
798 |
|
799 |
|
800 |
|
801 |
|
802 |
|
803 | var UPDATE_INBOUND_SAML_CONFIG = new api_request_1.ApiSettings('/inboundSamlConfigs/{providerId}?updateMask={updateMask}', 'PATCH')
|
804 |
|
805 | .setResponseValidator(function (response) {
|
806 |
|
807 | if (!validator.isNonEmptyString(response.name)) {
|
808 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to update SAML configuration');
|
809 | }
|
810 | });
|
811 |
|
812 |
|
813 |
|
814 |
|
815 |
|
816 | var LIST_INBOUND_SAML_CONFIGS = new api_request_1.ApiSettings('/inboundSamlConfigs', 'GET')
|
817 |
|
818 | .setRequestValidator(function (request) {
|
819 |
|
820 | if (typeof request.pageToken !== 'undefined' &&
|
821 | !validator.isNonEmptyString(request.pageToken)) {
|
822 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PAGE_TOKEN);
|
823 | }
|
824 |
|
825 | if (!validator.isNumber(request.pageSize) ||
|
826 | request.pageSize <= 0 ||
|
827 | request.pageSize > MAX_LIST_PROVIDER_CONFIGURATION_PAGE_SIZE) {
|
828 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'Required "maxResults" must be a positive integer that does not exceed ' +
|
829 | (MAX_LIST_PROVIDER_CONFIGURATION_PAGE_SIZE + "."));
|
830 | }
|
831 | });
|
832 |
|
833 |
|
834 |
|
835 |
|
836 |
|
837 | var AbstractAuthRequestHandler = (function () {
|
838 | |
839 |
|
840 |
|
841 |
|
842 | function AbstractAuthRequestHandler(app) {
|
843 | this.app = app;
|
844 | if (typeof app !== 'object' || app === null || !('options' in app)) {
|
845 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'First argument passed to admin.auth() must be a valid Firebase app instance.');
|
846 | }
|
847 | this.httpClient = new AuthHttpClient(app);
|
848 | }
|
849 | |
850 |
|
851 |
|
852 |
|
853 | AbstractAuthRequestHandler.getErrorCode = function (response) {
|
854 | return (validator.isNonNullObject(response) && response.error && response.error.message) || null;
|
855 | };
|
856 | AbstractAuthRequestHandler.addUidToRequest = function (id, request) {
|
857 | if (!validator.isUid(id.uid)) {
|
858 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID);
|
859 | }
|
860 | request.localId ? request.localId.push(id.uid) : request.localId = [id.uid];
|
861 | return request;
|
862 | };
|
863 | AbstractAuthRequestHandler.addEmailToRequest = function (id, request) {
|
864 | if (!validator.isEmail(id.email)) {
|
865 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_EMAIL);
|
866 | }
|
867 | request.email ? request.email.push(id.email) : request.email = [id.email];
|
868 | return request;
|
869 | };
|
870 | AbstractAuthRequestHandler.addPhoneToRequest = function (id, request) {
|
871 | if (!validator.isPhoneNumber(id.phoneNumber)) {
|
872 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PHONE_NUMBER);
|
873 | }
|
874 | request.phoneNumber ? request.phoneNumber.push(id.phoneNumber) : request.phoneNumber = [id.phoneNumber];
|
875 | return request;
|
876 | };
|
877 | AbstractAuthRequestHandler.addProviderToRequest = function (id, request) {
|
878 | if (!validator.isNonEmptyString(id.providerId)) {
|
879 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID);
|
880 | }
|
881 | if (!validator.isNonEmptyString(id.providerUid)) {
|
882 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_UID);
|
883 | }
|
884 | var federatedUserId = {
|
885 | providerId: id.providerId,
|
886 | rawId: id.providerUid,
|
887 | };
|
888 | request.federatedUserId
|
889 | ? request.federatedUserId.push(federatedUserId)
|
890 | : request.federatedUserId = [federatedUserId];
|
891 | return request;
|
892 | };
|
893 | |
894 |
|
895 |
|
896 |
|
897 |
|
898 |
|
899 |
|
900 |
|
901 |
|
902 |
|
903 | AbstractAuthRequestHandler.prototype.createSessionCookie = function (idToken, expiresIn) {
|
904 | var request = {
|
905 | idToken: idToken,
|
906 |
|
907 | validDuration: expiresIn / 1000,
|
908 | };
|
909 | return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_CREATE_SESSION_COOKIE, request)
|
910 | .then(function (response) { return response.sessionCookie; });
|
911 | };
|
912 | |
913 |
|
914 |
|
915 |
|
916 |
|
917 |
|
918 | AbstractAuthRequestHandler.prototype.getAccountInfoByUid = function (uid) {
|
919 | if (!validator.isUid(uid)) {
|
920 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID));
|
921 | }
|
922 | var request = {
|
923 | localId: [uid],
|
924 | };
|
925 | return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_GET_ACCOUNT_INFO, request);
|
926 | };
|
927 | |
928 |
|
929 |
|
930 |
|
931 |
|
932 |
|
933 | AbstractAuthRequestHandler.prototype.getAccountInfoByEmail = function (email) {
|
934 | if (!validator.isEmail(email)) {
|
935 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_EMAIL));
|
936 | }
|
937 | var request = {
|
938 | email: [email],
|
939 | };
|
940 | return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_GET_ACCOUNT_INFO, request);
|
941 | };
|
942 | |
943 |
|
944 |
|
945 |
|
946 |
|
947 |
|
948 | AbstractAuthRequestHandler.prototype.getAccountInfoByPhoneNumber = function (phoneNumber) {
|
949 | if (!validator.isPhoneNumber(phoneNumber)) {
|
950 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PHONE_NUMBER));
|
951 | }
|
952 | var request = {
|
953 | phoneNumber: [phoneNumber],
|
954 | };
|
955 | return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_GET_ACCOUNT_INFO, request);
|
956 | };
|
957 | AbstractAuthRequestHandler.prototype.getAccountInfoByFederatedUid = function (providerId, rawId) {
|
958 | if (!validator.isNonEmptyString(providerId) || !validator.isNonEmptyString(rawId)) {
|
959 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID);
|
960 | }
|
961 | var request = {
|
962 | federatedUserId: [{
|
963 | providerId: providerId,
|
964 | rawId: rawId,
|
965 | }],
|
966 | };
|
967 | return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_GET_ACCOUNT_INFO, request);
|
968 | };
|
969 | |
970 |
|
971 |
|
972 |
|
973 |
|
974 |
|
975 |
|
976 |
|
977 | AbstractAuthRequestHandler.prototype.getAccountInfoByIdentifiers = function (identifiers) {
|
978 | if (identifiers.length === 0) {
|
979 | return Promise.resolve({ users: [] });
|
980 | }
|
981 | else if (identifiers.length > MAX_GET_ACCOUNTS_BATCH_SIZE) {
|
982 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.MAXIMUM_USER_COUNT_EXCEEDED, '`identifiers` parameter must have <= ' + MAX_GET_ACCOUNTS_BATCH_SIZE + ' entries.');
|
983 | }
|
984 | var request = {};
|
985 | for (var _i = 0, identifiers_1 = identifiers; _i < identifiers_1.length; _i++) {
|
986 | var id = identifiers_1[_i];
|
987 | if (identifier_1.isUidIdentifier(id)) {
|
988 | request = AbstractAuthRequestHandler.addUidToRequest(id, request);
|
989 | }
|
990 | else if (identifier_1.isEmailIdentifier(id)) {
|
991 | request = AbstractAuthRequestHandler.addEmailToRequest(id, request);
|
992 | }
|
993 | else if (identifier_1.isPhoneIdentifier(id)) {
|
994 | request = AbstractAuthRequestHandler.addPhoneToRequest(id, request);
|
995 | }
|
996 | else if (identifier_1.isProviderIdentifier(id)) {
|
997 | request = AbstractAuthRequestHandler.addProviderToRequest(id, request);
|
998 | }
|
999 | else {
|
1000 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'Unrecognized identifier: ' + id);
|
1001 | }
|
1002 | }
|
1003 | return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_GET_ACCOUNTS_INFO, request);
|
1004 | };
|
1005 | |
1006 |
|
1007 |
|
1008 |
|
1009 |
|
1010 |
|
1011 |
|
1012 |
|
1013 |
|
1014 |
|
1015 |
|
1016 |
|
1017 |
|
1018 | AbstractAuthRequestHandler.prototype.downloadAccount = function (maxResults, pageToken) {
|
1019 | if (maxResults === void 0) { maxResults = MAX_DOWNLOAD_ACCOUNT_PAGE_SIZE; }
|
1020 |
|
1021 | var request = {
|
1022 | maxResults: maxResults,
|
1023 | nextPageToken: pageToken,
|
1024 | };
|
1025 |
|
1026 | if (typeof request.nextPageToken === 'undefined') {
|
1027 | delete request.nextPageToken;
|
1028 | }
|
1029 | return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_DOWNLOAD_ACCOUNT, request)
|
1030 | .then(function (response) {
|
1031 |
|
1032 | if (!response.users) {
|
1033 | response.users = [];
|
1034 | }
|
1035 | return response;
|
1036 | });
|
1037 | };
|
1038 | |
1039 |
|
1040 |
|
1041 |
|
1042 |
|
1043 |
|
1044 |
|
1045 |
|
1046 |
|
1047 |
|
1048 |
|
1049 |
|
1050 |
|
1051 | AbstractAuthRequestHandler.prototype.uploadAccount = function (users, options) {
|
1052 |
|
1053 |
|
1054 |
|
1055 |
|
1056 | var userImportBuilder = new user_import_builder_1.UserImportBuilder(users, options, function (userRequest) {
|
1057 |
|
1058 | validateCreateEditRequest(userRequest, WriteOperationType.Upload);
|
1059 | });
|
1060 | var request = userImportBuilder.buildRequest();
|
1061 |
|
1062 | if (validator.isArray(users) && users.length > MAX_UPLOAD_ACCOUNT_BATCH_SIZE) {
|
1063 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.MAXIMUM_USER_COUNT_EXCEEDED, "A maximum of " + MAX_UPLOAD_ACCOUNT_BATCH_SIZE + " users can be imported at once.");
|
1064 | }
|
1065 |
|
1066 |
|
1067 | if (!request.users || request.users.length === 0) {
|
1068 | return Promise.resolve(userImportBuilder.buildResponse([]));
|
1069 | }
|
1070 | return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_UPLOAD_ACCOUNT, request)
|
1071 | .then(function (response) {
|
1072 |
|
1073 | var failedUploads = (response.error || []);
|
1074 |
|
1075 | return userImportBuilder.buildResponse(failedUploads);
|
1076 | });
|
1077 | };
|
1078 | |
1079 |
|
1080 |
|
1081 |
|
1082 |
|
1083 |
|
1084 | AbstractAuthRequestHandler.prototype.deleteAccount = function (uid) {
|
1085 | if (!validator.isUid(uid)) {
|
1086 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID));
|
1087 | }
|
1088 | var request = {
|
1089 | localId: uid,
|
1090 | };
|
1091 | return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_DELETE_ACCOUNT, request);
|
1092 | };
|
1093 | AbstractAuthRequestHandler.prototype.deleteAccounts = function (uids, force) {
|
1094 | if (uids.length === 0) {
|
1095 | return Promise.resolve({});
|
1096 | }
|
1097 | else if (uids.length > MAX_DELETE_ACCOUNTS_BATCH_SIZE) {
|
1098 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.MAXIMUM_USER_COUNT_EXCEEDED, '`uids` parameter must have <= ' + MAX_DELETE_ACCOUNTS_BATCH_SIZE + ' entries.');
|
1099 | }
|
1100 | var request = {
|
1101 | localIds: [],
|
1102 | force: force,
|
1103 | };
|
1104 | uids.forEach(function (uid) {
|
1105 | if (!validator.isUid(uid)) {
|
1106 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID);
|
1107 | }
|
1108 | request.localIds.push(uid);
|
1109 | });
|
1110 | return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_BATCH_DELETE_ACCOUNTS, request);
|
1111 | };
|
1112 | |
1113 |
|
1114 |
|
1115 |
|
1116 |
|
1117 |
|
1118 |
|
1119 |
|
1120 | AbstractAuthRequestHandler.prototype.setCustomUserClaims = function (uid, customUserClaims) {
|
1121 |
|
1122 | if (!validator.isUid(uid)) {
|
1123 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID));
|
1124 | }
|
1125 | else if (!validator.isObject(customUserClaims)) {
|
1126 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'CustomUserClaims argument must be an object or null.'));
|
1127 | }
|
1128 |
|
1129 | if (customUserClaims === null) {
|
1130 | customUserClaims = {};
|
1131 | }
|
1132 |
|
1133 | var request = {
|
1134 | localId: uid,
|
1135 | customAttributes: JSON.stringify(customUserClaims),
|
1136 | };
|
1137 | return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_SET_ACCOUNT_INFO, request)
|
1138 | .then(function (response) {
|
1139 | return response.localId;
|
1140 | });
|
1141 | };
|
1142 | |
1143 |
|
1144 |
|
1145 |
|
1146 |
|
1147 |
|
1148 |
|
1149 |
|
1150 | AbstractAuthRequestHandler.prototype.updateExistingAccount = function (uid, properties) {
|
1151 | if (!validator.isUid(uid)) {
|
1152 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID));
|
1153 | }
|
1154 | else if (!validator.isNonNullObject(properties)) {
|
1155 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'Properties argument must be a non-null object.'));
|
1156 | }
|
1157 | else if (validator.isNonNullObject(properties.providerToLink)) {
|
1158 |
|
1159 |
|
1160 | if (!validator.isNonEmptyString(properties.providerToLink.providerId)) {
|
1161 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'providerToLink.providerId of properties argument must be a non-empty string.');
|
1162 | }
|
1163 | if (!validator.isNonEmptyString(properties.providerToLink.uid)) {
|
1164 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'providerToLink.uid of properties argument must be a non-empty string.');
|
1165 | }
|
1166 | }
|
1167 | else if (typeof properties.providersToUnlink !== 'undefined') {
|
1168 | if (!validator.isArray(properties.providersToUnlink)) {
|
1169 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'providersToUnlink of properties argument must be an array of strings.');
|
1170 | }
|
1171 | properties.providersToUnlink.forEach(function (providerId) {
|
1172 | if (!validator.isNonEmptyString(providerId)) {
|
1173 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'providersToUnlink of properties argument must be an array of strings.');
|
1174 | }
|
1175 | });
|
1176 | }
|
1177 |
|
1178 | var request = deep_copy_1.deepCopy(properties);
|
1179 | request.localId = uid;
|
1180 |
|
1181 |
|
1182 |
|
1183 |
|
1184 |
|
1185 |
|
1186 | var deletableParams = {
|
1187 | displayName: 'DISPLAY_NAME',
|
1188 | photoURL: 'PHOTO_URL',
|
1189 | };
|
1190 |
|
1191 | request.deleteAttribute = [];
|
1192 | for (var key in deletableParams) {
|
1193 | if (request[key] === null) {
|
1194 |
|
1195 | request.deleteAttribute.push(deletableParams[key]);
|
1196 |
|
1197 | delete request[key];
|
1198 | }
|
1199 | }
|
1200 | if (request.deleteAttribute.length === 0) {
|
1201 | delete request.deleteAttribute;
|
1202 | }
|
1203 |
|
1204 |
|
1205 |
|
1206 |
|
1207 | if (request.phoneNumber === null) {
|
1208 | request.deleteProvider ? request.deleteProvider.push('phone') : request.deleteProvider = ['phone'];
|
1209 | delete request.phoneNumber;
|
1210 | }
|
1211 | if (typeof (request.providerToLink) !== 'undefined') {
|
1212 | request.linkProviderUserInfo = deep_copy_1.deepCopy(request.providerToLink);
|
1213 | delete request.providerToLink;
|
1214 | request.linkProviderUserInfo.rawId = request.linkProviderUserInfo.uid;
|
1215 | delete request.linkProviderUserInfo.uid;
|
1216 | }
|
1217 | if (typeof (request.providersToUnlink) !== 'undefined') {
|
1218 | if (!validator.isArray(request.deleteProvider)) {
|
1219 | request.deleteProvider = [];
|
1220 | }
|
1221 | request.deleteProvider = request.deleteProvider.concat(request.providersToUnlink);
|
1222 | delete request.providersToUnlink;
|
1223 | }
|
1224 |
|
1225 | if (typeof request.photoURL !== 'undefined') {
|
1226 | request.photoUrl = request.photoURL;
|
1227 | delete request.photoURL;
|
1228 | }
|
1229 |
|
1230 | if (typeof request.disabled !== 'undefined') {
|
1231 | request.disableUser = request.disabled;
|
1232 | delete request.disabled;
|
1233 | }
|
1234 |
|
1235 | if (validator.isNonNullObject(request.multiFactor)) {
|
1236 | if (request.multiFactor.enrolledFactors === null) {
|
1237 |
|
1238 | request.mfa = {};
|
1239 | }
|
1240 | else if (validator.isArray(request.multiFactor.enrolledFactors)) {
|
1241 | request.mfa = {
|
1242 | enrollments: [],
|
1243 | };
|
1244 | try {
|
1245 | request.multiFactor.enrolledFactors.forEach(function (multiFactorInfo) {
|
1246 | request.mfa.enrollments.push(user_import_builder_1.convertMultiFactorInfoToServerFormat(multiFactorInfo));
|
1247 | });
|
1248 | }
|
1249 | catch (e) {
|
1250 | return Promise.reject(e);
|
1251 | }
|
1252 | if (request.mfa.enrollments.length === 0) {
|
1253 | delete request.mfa.enrollments;
|
1254 | }
|
1255 | }
|
1256 | delete request.multiFactor;
|
1257 | }
|
1258 | return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_SET_ACCOUNT_INFO, request)
|
1259 | .then(function (response) {
|
1260 | return response.localId;
|
1261 | });
|
1262 | };
|
1263 | |
1264 |
|
1265 |
|
1266 |
|
1267 |
|
1268 |
|
1269 |
|
1270 |
|
1271 |
|
1272 |
|
1273 |
|
1274 |
|
1275 |
|
1276 | AbstractAuthRequestHandler.prototype.revokeRefreshTokens = function (uid) {
|
1277 |
|
1278 | if (!validator.isUid(uid)) {
|
1279 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_UID));
|
1280 | }
|
1281 | var request = {
|
1282 | localId: uid,
|
1283 |
|
1284 | validSince: Math.floor(new Date().getTime() / 1000),
|
1285 | };
|
1286 | return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_SET_ACCOUNT_INFO, request)
|
1287 | .then(function (response) {
|
1288 | return response.localId;
|
1289 | });
|
1290 | };
|
1291 | |
1292 |
|
1293 |
|
1294 |
|
1295 |
|
1296 |
|
1297 |
|
1298 | AbstractAuthRequestHandler.prototype.createNewAccount = function (properties) {
|
1299 | if (!validator.isNonNullObject(properties)) {
|
1300 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'Properties argument must be a non-null object.'));
|
1301 | }
|
1302 | var request = deep_copy_1.deepCopy(properties);
|
1303 |
|
1304 | if (typeof request.photoURL !== 'undefined') {
|
1305 | request.photoUrl = request.photoURL;
|
1306 | delete request.photoURL;
|
1307 | }
|
1308 |
|
1309 | if (typeof request.uid !== 'undefined') {
|
1310 | request.localId = request.uid;
|
1311 | delete request.uid;
|
1312 | }
|
1313 |
|
1314 | if (validator.isNonNullObject(request.multiFactor)) {
|
1315 | if (validator.isNonEmptyArray(request.multiFactor.enrolledFactors)) {
|
1316 | var mfaInfo_1 = [];
|
1317 | try {
|
1318 | request.multiFactor.enrolledFactors.forEach(function (multiFactorInfo) {
|
1319 |
|
1320 |
|
1321 | if ('enrollmentTime' in multiFactorInfo) {
|
1322 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"enrollmentTime" is not supported when adding second factors via "createUser()"');
|
1323 | }
|
1324 | else if ('uid' in multiFactorInfo) {
|
1325 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, '"uid" is not supported when adding second factors via "createUser()"');
|
1326 | }
|
1327 | mfaInfo_1.push(user_import_builder_1.convertMultiFactorInfoToServerFormat(multiFactorInfo));
|
1328 | });
|
1329 | }
|
1330 | catch (e) {
|
1331 | return Promise.reject(e);
|
1332 | }
|
1333 | request.mfaInfo = mfaInfo_1;
|
1334 | }
|
1335 | delete request.multiFactor;
|
1336 | }
|
1337 | return this.invokeRequestHandler(this.getAuthUrlBuilder(), exports.FIREBASE_AUTH_SIGN_UP_NEW_USER, request)
|
1338 | .then(function (response) {
|
1339 |
|
1340 | return response.localId;
|
1341 | });
|
1342 | };
|
1343 | |
1344 |
|
1345 |
|
1346 |
|
1347 |
|
1348 |
|
1349 |
|
1350 |
|
1351 |
|
1352 |
|
1353 |
|
1354 |
|
1355 | AbstractAuthRequestHandler.prototype.getEmailActionLink = function (requestType, email, actionCodeSettings) {
|
1356 | var request = { requestType: requestType, email: email, returnOobLink: true };
|
1357 |
|
1358 |
|
1359 | if (typeof actionCodeSettings === 'undefined' && requestType === 'EMAIL_SIGNIN') {
|
1360 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, "`actionCodeSettings` is required when `requestType` === 'EMAIL_SIGNIN'"));
|
1361 | }
|
1362 | if (typeof actionCodeSettings !== 'undefined' || requestType === 'EMAIL_SIGNIN') {
|
1363 | try {
|
1364 | var builder = new action_code_settings_builder_1.ActionCodeSettingsBuilder(actionCodeSettings);
|
1365 | request = deep_copy_1.deepExtend(request, builder.buildRequest());
|
1366 | }
|
1367 | catch (e) {
|
1368 | return Promise.reject(e);
|
1369 | }
|
1370 | }
|
1371 | return this.invokeRequestHandler(this.getAuthUrlBuilder(), FIREBASE_AUTH_GET_OOB_CODE, request)
|
1372 | .then(function (response) {
|
1373 |
|
1374 | return response.oobLink;
|
1375 | });
|
1376 | };
|
1377 | |
1378 |
|
1379 |
|
1380 |
|
1381 |
|
1382 |
|
1383 | AbstractAuthRequestHandler.prototype.getOAuthIdpConfig = function (providerId) {
|
1384 | if (!auth_config_1.OIDCConfig.isProviderId(providerId)) {
|
1385 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID));
|
1386 | }
|
1387 | return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), GET_OAUTH_IDP_CONFIG, {}, { providerId: providerId });
|
1388 | };
|
1389 | |
1390 |
|
1391 |
|
1392 |
|
1393 |
|
1394 |
|
1395 |
|
1396 |
|
1397 |
|
1398 |
|
1399 |
|
1400 |
|
1401 |
|
1402 | AbstractAuthRequestHandler.prototype.listOAuthIdpConfigs = function (maxResults, pageToken) {
|
1403 | if (maxResults === void 0) { maxResults = MAX_LIST_PROVIDER_CONFIGURATION_PAGE_SIZE; }
|
1404 | var request = {
|
1405 | pageSize: maxResults,
|
1406 | };
|
1407 |
|
1408 | if (typeof pageToken !== 'undefined') {
|
1409 | request.pageToken = pageToken;
|
1410 | }
|
1411 | return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), LIST_OAUTH_IDP_CONFIGS, request)
|
1412 | .then(function (response) {
|
1413 | if (!response.oauthIdpConfigs) {
|
1414 | response.oauthIdpConfigs = [];
|
1415 | delete response.nextPageToken;
|
1416 | }
|
1417 | return response;
|
1418 | });
|
1419 | };
|
1420 | |
1421 |
|
1422 |
|
1423 |
|
1424 |
|
1425 |
|
1426 | AbstractAuthRequestHandler.prototype.deleteOAuthIdpConfig = function (providerId) {
|
1427 | if (!auth_config_1.OIDCConfig.isProviderId(providerId)) {
|
1428 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID));
|
1429 | }
|
1430 | return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), DELETE_OAUTH_IDP_CONFIG, {}, { providerId: providerId })
|
1431 | .then(function () {
|
1432 |
|
1433 | });
|
1434 | };
|
1435 | |
1436 |
|
1437 |
|
1438 |
|
1439 |
|
1440 |
|
1441 |
|
1442 | AbstractAuthRequestHandler.prototype.createOAuthIdpConfig = function (options) {
|
1443 |
|
1444 | var request;
|
1445 | try {
|
1446 | request = auth_config_1.OIDCConfig.buildServerRequest(options) || {};
|
1447 | }
|
1448 | catch (e) {
|
1449 | return Promise.reject(e);
|
1450 | }
|
1451 | var providerId = options.providerId;
|
1452 | return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), CREATE_OAUTH_IDP_CONFIG, request, { providerId: providerId })
|
1453 | .then(function (response) {
|
1454 | if (!auth_config_1.OIDCConfig.getProviderIdFromResourceName(response.name)) {
|
1455 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to create new OIDC provider configuration');
|
1456 | }
|
1457 | return response;
|
1458 | });
|
1459 | };
|
1460 | |
1461 |
|
1462 |
|
1463 |
|
1464 |
|
1465 |
|
1466 |
|
1467 |
|
1468 | AbstractAuthRequestHandler.prototype.updateOAuthIdpConfig = function (providerId, options) {
|
1469 | if (!auth_config_1.OIDCConfig.isProviderId(providerId)) {
|
1470 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID));
|
1471 | }
|
1472 |
|
1473 | var request;
|
1474 | try {
|
1475 | request = auth_config_1.OIDCConfig.buildServerRequest(options, true) || {};
|
1476 | }
|
1477 | catch (e) {
|
1478 | return Promise.reject(e);
|
1479 | }
|
1480 | var updateMask = utils.generateUpdateMask(request);
|
1481 | return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), UPDATE_OAUTH_IDP_CONFIG, request, { providerId: providerId, updateMask: updateMask.join(',') })
|
1482 | .then(function (response) {
|
1483 | if (!auth_config_1.OIDCConfig.getProviderIdFromResourceName(response.name)) {
|
1484 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to update OIDC provider configuration');
|
1485 | }
|
1486 | return response;
|
1487 | });
|
1488 | };
|
1489 | |
1490 |
|
1491 |
|
1492 |
|
1493 |
|
1494 |
|
1495 | AbstractAuthRequestHandler.prototype.getInboundSamlConfig = function (providerId) {
|
1496 | if (!auth_config_1.SAMLConfig.isProviderId(providerId)) {
|
1497 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID));
|
1498 | }
|
1499 | return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), GET_INBOUND_SAML_CONFIG, {}, { providerId: providerId });
|
1500 | };
|
1501 | |
1502 |
|
1503 |
|
1504 |
|
1505 |
|
1506 |
|
1507 |
|
1508 |
|
1509 |
|
1510 |
|
1511 |
|
1512 |
|
1513 |
|
1514 | AbstractAuthRequestHandler.prototype.listInboundSamlConfigs = function (maxResults, pageToken) {
|
1515 | if (maxResults === void 0) { maxResults = MAX_LIST_PROVIDER_CONFIGURATION_PAGE_SIZE; }
|
1516 | var request = {
|
1517 | pageSize: maxResults,
|
1518 | };
|
1519 |
|
1520 | if (typeof pageToken !== 'undefined') {
|
1521 | request.pageToken = pageToken;
|
1522 | }
|
1523 | return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), LIST_INBOUND_SAML_CONFIGS, request)
|
1524 | .then(function (response) {
|
1525 | if (!response.inboundSamlConfigs) {
|
1526 | response.inboundSamlConfigs = [];
|
1527 | delete response.nextPageToken;
|
1528 | }
|
1529 | return response;
|
1530 | });
|
1531 | };
|
1532 | |
1533 |
|
1534 |
|
1535 |
|
1536 |
|
1537 |
|
1538 | AbstractAuthRequestHandler.prototype.deleteInboundSamlConfig = function (providerId) {
|
1539 | if (!auth_config_1.SAMLConfig.isProviderId(providerId)) {
|
1540 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID));
|
1541 | }
|
1542 | return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), DELETE_INBOUND_SAML_CONFIG, {}, { providerId: providerId })
|
1543 | .then(function () {
|
1544 |
|
1545 | });
|
1546 | };
|
1547 | |
1548 |
|
1549 |
|
1550 |
|
1551 |
|
1552 |
|
1553 |
|
1554 | AbstractAuthRequestHandler.prototype.createInboundSamlConfig = function (options) {
|
1555 |
|
1556 | var request;
|
1557 | try {
|
1558 | request = auth_config_1.SAMLConfig.buildServerRequest(options) || {};
|
1559 | }
|
1560 | catch (e) {
|
1561 | return Promise.reject(e);
|
1562 | }
|
1563 | var providerId = options.providerId;
|
1564 | return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), CREATE_INBOUND_SAML_CONFIG, request, { providerId: providerId })
|
1565 | .then(function (response) {
|
1566 | if (!auth_config_1.SAMLConfig.getProviderIdFromResourceName(response.name)) {
|
1567 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to create new SAML provider configuration');
|
1568 | }
|
1569 | return response;
|
1570 | });
|
1571 | };
|
1572 | |
1573 |
|
1574 |
|
1575 |
|
1576 |
|
1577 |
|
1578 |
|
1579 |
|
1580 | AbstractAuthRequestHandler.prototype.updateInboundSamlConfig = function (providerId, options) {
|
1581 | if (!auth_config_1.SAMLConfig.isProviderId(providerId)) {
|
1582 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PROVIDER_ID));
|
1583 | }
|
1584 |
|
1585 | var request;
|
1586 | try {
|
1587 | request = auth_config_1.SAMLConfig.buildServerRequest(options, true) || {};
|
1588 | }
|
1589 | catch (e) {
|
1590 | return Promise.reject(e);
|
1591 | }
|
1592 | var updateMask = utils.generateUpdateMask(request);
|
1593 | return this.invokeRequestHandler(this.getProjectConfigUrlBuilder(), UPDATE_INBOUND_SAML_CONFIG, request, { providerId: providerId, updateMask: updateMask.join(',') })
|
1594 | .then(function (response) {
|
1595 | if (!auth_config_1.SAMLConfig.getProviderIdFromResourceName(response.name)) {
|
1596 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to update SAML provider configuration');
|
1597 | }
|
1598 | return response;
|
1599 | });
|
1600 | };
|
1601 | |
1602 |
|
1603 |
|
1604 |
|
1605 |
|
1606 |
|
1607 |
|
1608 |
|
1609 |
|
1610 | AbstractAuthRequestHandler.prototype.invokeRequestHandler = function (urlBuilder, apiSettings, requestData, additionalResourceParams) {
|
1611 | var _this = this;
|
1612 | return urlBuilder.getUrl(apiSettings.getEndpoint(), additionalResourceParams)
|
1613 | .then(function (url) {
|
1614 |
|
1615 | var requestValidator = apiSettings.getRequestValidator();
|
1616 | requestValidator(requestData);
|
1617 |
|
1618 | var req = {
|
1619 | method: apiSettings.getHttpMethod(),
|
1620 | url: url,
|
1621 | headers: FIREBASE_AUTH_HEADER,
|
1622 | data: requestData,
|
1623 | timeout: FIREBASE_AUTH_TIMEOUT,
|
1624 | };
|
1625 | return _this.httpClient.send(req);
|
1626 | })
|
1627 | .then(function (response) {
|
1628 |
|
1629 | var responseValidator = apiSettings.getResponseValidator();
|
1630 | responseValidator(response.data);
|
1631 |
|
1632 | return response.data;
|
1633 | })
|
1634 | .catch(function (err) {
|
1635 | if (err instanceof api_request_1.HttpError) {
|
1636 | var error = err.response.data;
|
1637 | var errorCode = AbstractAuthRequestHandler.getErrorCode(error);
|
1638 | if (!errorCode) {
|
1639 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'Error returned from server: ' + error + '. Additionally, an ' +
|
1640 | 'internal error occurred while attempting to extract the ' +
|
1641 | 'errorcode from the error.');
|
1642 | }
|
1643 | throw error_1.FirebaseAuthError.fromServerError(errorCode, undefined, error);
|
1644 | }
|
1645 | throw err;
|
1646 | });
|
1647 | };
|
1648 | |
1649 |
|
1650 |
|
1651 | AbstractAuthRequestHandler.prototype.getAuthUrlBuilder = function () {
|
1652 | if (!this.authUrlBuilder) {
|
1653 | this.authUrlBuilder = this.newAuthUrlBuilder();
|
1654 | }
|
1655 | return this.authUrlBuilder;
|
1656 | };
|
1657 | |
1658 |
|
1659 |
|
1660 | AbstractAuthRequestHandler.prototype.getProjectConfigUrlBuilder = function () {
|
1661 | if (!this.projectConfigUrlBuilder) {
|
1662 | this.projectConfigUrlBuilder = this.newProjectConfigUrlBuilder();
|
1663 | }
|
1664 | return this.projectConfigUrlBuilder;
|
1665 | };
|
1666 | return AbstractAuthRequestHandler;
|
1667 | }());
|
1668 | exports.AbstractAuthRequestHandler = AbstractAuthRequestHandler;
|
1669 |
|
1670 | var GET_TENANT = new api_request_1.ApiSettings('/tenants/{tenantId}', 'GET')
|
1671 |
|
1672 | .setResponseValidator(function (response) {
|
1673 |
|
1674 | if (!validator.isNonEmptyString(response.name)) {
|
1675 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to get tenant');
|
1676 | }
|
1677 | });
|
1678 |
|
1679 | var DELETE_TENANT = new api_request_1.ApiSettings('/tenants/{tenantId}', 'DELETE');
|
1680 |
|
1681 | var UPDATE_TENANT = new api_request_1.ApiSettings('/tenants/{tenantId}?updateMask={updateMask}', 'PATCH')
|
1682 |
|
1683 | .setResponseValidator(function (response) {
|
1684 |
|
1685 | if (!validator.isNonEmptyString(response.name) ||
|
1686 | !tenant_1.Tenant.getTenantIdFromResourceName(response.name)) {
|
1687 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to update tenant');
|
1688 | }
|
1689 | });
|
1690 |
|
1691 | var LIST_TENANTS = new api_request_1.ApiSettings('/tenants', 'GET')
|
1692 |
|
1693 | .setRequestValidator(function (request) {
|
1694 |
|
1695 | if (typeof request.pageToken !== 'undefined' &&
|
1696 | !validator.isNonEmptyString(request.pageToken)) {
|
1697 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_PAGE_TOKEN);
|
1698 | }
|
1699 |
|
1700 | if (!validator.isNumber(request.pageSize) ||
|
1701 | request.pageSize <= 0 ||
|
1702 | request.pageSize > MAX_LIST_TENANT_PAGE_SIZE) {
|
1703 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_ARGUMENT, 'Required "maxResults" must be a positive non-zero number that does not exceed ' +
|
1704 | ("the allowed " + MAX_LIST_TENANT_PAGE_SIZE + "."));
|
1705 | }
|
1706 | });
|
1707 |
|
1708 | var CREATE_TENANT = new api_request_1.ApiSettings('/tenants', 'POST')
|
1709 |
|
1710 | .setResponseValidator(function (response) {
|
1711 |
|
1712 | if (!validator.isNonEmptyString(response.name) ||
|
1713 | !tenant_1.Tenant.getTenantIdFromResourceName(response.name)) {
|
1714 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INTERNAL_ERROR, 'INTERNAL ASSERT FAILED: Unable to create new tenant');
|
1715 | }
|
1716 | });
|
1717 |
|
1718 |
|
1719 |
|
1720 |
|
1721 |
|
1722 | var AuthRequestHandler = (function (_super) {
|
1723 | __extends(AuthRequestHandler, _super);
|
1724 | |
1725 |
|
1726 |
|
1727 |
|
1728 |
|
1729 |
|
1730 | function AuthRequestHandler(app) {
|
1731 | var _this = _super.call(this, app) || this;
|
1732 | _this.tenantMgmtResourceBuilder = new AuthResourceUrlBuilder(app, 'v2');
|
1733 | return _this;
|
1734 | }
|
1735 | |
1736 |
|
1737 |
|
1738 | AuthRequestHandler.prototype.newAuthUrlBuilder = function () {
|
1739 | return new AuthResourceUrlBuilder(this.app, 'v1');
|
1740 | };
|
1741 | |
1742 |
|
1743 |
|
1744 | AuthRequestHandler.prototype.newProjectConfigUrlBuilder = function () {
|
1745 | return new AuthResourceUrlBuilder(this.app, 'v2');
|
1746 | };
|
1747 | |
1748 |
|
1749 |
|
1750 |
|
1751 |
|
1752 |
|
1753 | AuthRequestHandler.prototype.getTenant = function (tenantId) {
|
1754 | if (!validator.isNonEmptyString(tenantId)) {
|
1755 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_TENANT_ID));
|
1756 | }
|
1757 | return this.invokeRequestHandler(this.tenantMgmtResourceBuilder, GET_TENANT, {}, { tenantId: tenantId })
|
1758 | .then(function (response) {
|
1759 | return response;
|
1760 | });
|
1761 | };
|
1762 | |
1763 |
|
1764 |
|
1765 |
|
1766 |
|
1767 |
|
1768 |
|
1769 |
|
1770 |
|
1771 |
|
1772 |
|
1773 |
|
1774 |
|
1775 | AuthRequestHandler.prototype.listTenants = function (maxResults, pageToken) {
|
1776 | if (maxResults === void 0) { maxResults = MAX_LIST_TENANT_PAGE_SIZE; }
|
1777 | var request = {
|
1778 | pageSize: maxResults,
|
1779 | pageToken: pageToken,
|
1780 | };
|
1781 |
|
1782 | if (typeof request.pageToken === 'undefined') {
|
1783 | delete request.pageToken;
|
1784 | }
|
1785 | return this.invokeRequestHandler(this.tenantMgmtResourceBuilder, LIST_TENANTS, request)
|
1786 | .then(function (response) {
|
1787 | if (!response.tenants) {
|
1788 | response.tenants = [];
|
1789 | delete response.nextPageToken;
|
1790 | }
|
1791 | return response;
|
1792 | });
|
1793 | };
|
1794 | |
1795 |
|
1796 |
|
1797 |
|
1798 |
|
1799 |
|
1800 | AuthRequestHandler.prototype.deleteTenant = function (tenantId) {
|
1801 | if (!validator.isNonEmptyString(tenantId)) {
|
1802 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_TENANT_ID));
|
1803 | }
|
1804 | return this.invokeRequestHandler(this.tenantMgmtResourceBuilder, DELETE_TENANT, {}, { tenantId: tenantId })
|
1805 | .then(function () {
|
1806 |
|
1807 | });
|
1808 | };
|
1809 | |
1810 |
|
1811 |
|
1812 |
|
1813 |
|
1814 |
|
1815 | AuthRequestHandler.prototype.createTenant = function (tenantOptions) {
|
1816 | try {
|
1817 |
|
1818 | var request = tenant_1.Tenant.buildServerRequest(tenantOptions, true);
|
1819 | return this.invokeRequestHandler(this.tenantMgmtResourceBuilder, CREATE_TENANT, request)
|
1820 | .then(function (response) {
|
1821 | return response;
|
1822 | });
|
1823 | }
|
1824 | catch (e) {
|
1825 | return Promise.reject(e);
|
1826 | }
|
1827 | };
|
1828 | |
1829 |
|
1830 |
|
1831 |
|
1832 |
|
1833 |
|
1834 |
|
1835 | AuthRequestHandler.prototype.updateTenant = function (tenantId, tenantOptions) {
|
1836 | if (!validator.isNonEmptyString(tenantId)) {
|
1837 | return Promise.reject(new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.INVALID_TENANT_ID));
|
1838 | }
|
1839 | try {
|
1840 |
|
1841 | var request = tenant_1.Tenant.buildServerRequest(tenantOptions, false);
|
1842 |
|
1843 |
|
1844 | var updateMask = utils.generateUpdateMask(request, ['testPhoneNumbers']);
|
1845 | return this.invokeRequestHandler(this.tenantMgmtResourceBuilder, UPDATE_TENANT, request, { tenantId: tenantId, updateMask: updateMask.join(',') })
|
1846 | .then(function (response) {
|
1847 | return response;
|
1848 | });
|
1849 | }
|
1850 | catch (e) {
|
1851 | return Promise.reject(e);
|
1852 | }
|
1853 | };
|
1854 | return AuthRequestHandler;
|
1855 | }(AbstractAuthRequestHandler));
|
1856 | exports.AuthRequestHandler = AuthRequestHandler;
|
1857 |
|
1858 |
|
1859 |
|
1860 |
|
1861 |
|
1862 | var TenantAwareAuthRequestHandler = (function (_super) {
|
1863 | __extends(TenantAwareAuthRequestHandler, _super);
|
1864 | |
1865 |
|
1866 |
|
1867 |
|
1868 |
|
1869 |
|
1870 |
|
1871 |
|
1872 | function TenantAwareAuthRequestHandler(app, tenantId) {
|
1873 | var _this = _super.call(this, app) || this;
|
1874 | _this.tenantId = tenantId;
|
1875 | return _this;
|
1876 | }
|
1877 | |
1878 |
|
1879 |
|
1880 | TenantAwareAuthRequestHandler.prototype.newAuthUrlBuilder = function () {
|
1881 | return new TenantAwareAuthResourceUrlBuilder(this.app, 'v1', this.tenantId);
|
1882 | };
|
1883 | |
1884 |
|
1885 |
|
1886 | TenantAwareAuthRequestHandler.prototype.newProjectConfigUrlBuilder = function () {
|
1887 | return new TenantAwareAuthResourceUrlBuilder(this.app, 'v2', this.tenantId);
|
1888 | };
|
1889 | |
1890 |
|
1891 |
|
1892 |
|
1893 |
|
1894 |
|
1895 |
|
1896 |
|
1897 |
|
1898 |
|
1899 |
|
1900 |
|
1901 |
|
1902 |
|
1903 |
|
1904 |
|
1905 | TenantAwareAuthRequestHandler.prototype.uploadAccount = function (users, options) {
|
1906 | var _this = this;
|
1907 |
|
1908 | users.forEach(function (user, index) {
|
1909 | if (validator.isNonEmptyString(user.tenantId) &&
|
1910 | user.tenantId !== _this.tenantId) {
|
1911 | throw new error_1.FirebaseAuthError(error_1.AuthClientErrorCode.MISMATCHING_TENANT_ID, "UserRecord of index \"" + index + "\" has mismatching tenant ID \"" + user.tenantId + "\"");
|
1912 | }
|
1913 | });
|
1914 | return _super.prototype.uploadAccount.call(this, users, options);
|
1915 | };
|
1916 | return TenantAwareAuthRequestHandler;
|
1917 | }(AbstractAuthRequestHandler));
|
1918 | exports.TenantAwareAuthRequestHandler = TenantAwareAuthRequestHandler;
|
1919 | function emulatorHost() {
|
1920 | return process.env.FIREBASE_AUTH_EMULATOR_HOST;
|
1921 | }
|
1922 |
|
1923 |
|
1924 |
|
1925 |
|
1926 | function useEmulator() {
|
1927 | return !!emulatorHost();
|
1928 | }
|
1929 | exports.useEmulator = useEmulator;
|