UNPKG

firebase-admin/lib/auth/user-import-builder.d.ts

Version:

11 kBTypeScriptView Raw

1/*! firebase-admin v10.0.0 */
2/*!
* Copyright 2018 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*   http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
17/// <reference types="node" />
18import { FirebaseArrayIndexError } from '../app/index';
19import { UpdateMultiFactorInfoRequest, MultiFactorUpdateSettings } from './auth-config';
20export declare type HashAlgorithmType = 'SCRYPT' | 'STANDARD_SCRYPT' | 'HMAC_SHA512' | 'HMAC_SHA256' | 'HMAC_SHA1' | 'HMAC_MD5' | 'MD5' | 'PBKDF_SHA1' | 'BCRYPT' | 'PBKDF2_SHA256' | 'SHA512' | 'SHA256' | 'SHA1';
21/**
 * Interface representing the user import options needed for
 * {@link BaseAuth.importUsers} method. This is used to
 * provide the password hashing algorithm information.
 */
26export interface UserImportOptions {
  /**
   * The password hashing information.
   */
  hash: {
      /**
       * The password hashing algorithm identifier. The following algorithm
       * identifiers are supported:
       * `SCRYPT`, `STANDARD_SCRYPT`, `HMAC_SHA512`, `HMAC_SHA256`, `HMAC_SHA1`,
       * `HMAC_MD5`, `MD5`, `PBKDF_SHA1`, `BCRYPT`, `PBKDF2_SHA256`, `SHA512`,
       * `SHA256` and `SHA1`.
       */
      algorithm: HashAlgorithmType;
      /**
       * The signing key used in the hash algorithm in buffer bytes.
       * Required by hashing algorithms `SCRYPT`, `HMAC_SHA512`, `HMAC_SHA256`,
       * `HAMC_SHA1` and `HMAC_MD5`.
       */
      key?: Buffer;
      /**
       * The salt separator in buffer bytes which is appended to salt when
       * verifying a password. This is only used by the `SCRYPT` algorithm.
       */
      saltSeparator?: Buffer;
      /**
       * The number of rounds for hashing calculation.
       * Required for `SCRYPT`, `MD5`, `SHA512`, `SHA256`, `SHA1`, `PBKDF_SHA1` and
       * `PBKDF2_SHA256`.
       */
      rounds?: number;
      /**
       * The memory cost required for `SCRYPT` algorithm, or the CPU/memory cost.
       * Required for `STANDARD_SCRYPT` algorithm.
       */
      memoryCost?: number;
      /**
       * The parallelization of the hashing algorithm. Required for the
       * `STANDARD_SCRYPT` algorithm.
       */
      parallelization?: number;
      /**
       * The block size (normally 8) of the hashing algorithm. Required for the
       * `STANDARD_SCRYPT` algorithm.
       */
      blockSize?: number;
      /**
       * The derived key length of the hashing algorithm. Required for the
       * `STANDARD_SCRYPT` algorithm.
       */
      derivedKeyLength?: number;
  };
77}
78/**
* Interface representing a user to import to Firebase Auth via the
* {@link BaseAuth.importUsers} method.
*/
82export interface UserImportRecord {
  /**
   * The user's `uid`.
   */
  uid: string;
  /**
   * The user's primary email, if set.
   */
  email?: string;
  /**
   * Whether or not the user's primary email is verified.
   */
  emailVerified?: boolean;
  /**
   * The user's display name.
   */
  displayName?: string;
  /**
   * The user's primary phone number, if set.
   */
  phoneNumber?: string;
  /**
   * The user's photo URL.
   */
  photoURL?: string;
  /**
   * Whether or not the user is disabled: `true` for disabled; `false` for
   * enabled.
   */
  disabled?: boolean;
  /**
   * Additional metadata about the user.
   */
  metadata?: UserMetadataRequest;
  /**
   * An array of providers (for example, Google, Facebook) linked to the user.
   */
  providerData?: UserProviderRequest[];
  /**
   * The user's custom claims object if available, typically used to define
   * user roles and propagated to an authenticated user's ID token.
   */
  customClaims?: {
      [key: string]: any;
  };
  /**
   * The buffer of bytes representing the user's hashed password.
   * When a user is to be imported with a password hash,
   * {@link UserImportOptions} are required to be
   * specified to identify the hashing algorithm used to generate this hash.
   */
  passwordHash?: Buffer;
  /**
   * The buffer of bytes representing the user's password salt.
   */
  passwordSalt?: Buffer;
  /**
   * The identifier of the tenant where user is to be imported to.
   * When not provided in an `admin.auth.Auth` context, the user is uploaded to
   * the default parent project.
   * When not provided in an `admin.auth.TenantAwareAuth` context, the user is uploaded
   * to the tenant corresponding to that `TenantAwareAuth` instance's tenant ID.
   */
  tenantId?: string;
  /**
   * The user's multi-factor related properties.
   */
  multiFactor?: MultiFactorUpdateSettings;
150}
151/**
* User metadata to include when importing a user.
*/
154export interface UserMetadataRequest {
  /**
   * The date the user last signed in, formatted as a UTC string.
   */
  lastSignInTime?: string;
  /**
   * The date the user was created, formatted as a UTC string.
   */
  creationTime?: string;
163}
164/**
* User provider data to include when importing a user.
*/
167export interface UserProviderRequest {
  /**
   * The user identifier for the linked provider.
   */
  uid: string;
  /**
   * The display name for the linked provider.
   */
  displayName?: string;
  /**
   * The email for the linked provider.
   */
  email?: string;
  /**
   * The phone number for the linked provider.
   */
  phoneNumber?: string;
  /**
   * The photo URL for the linked provider.
   */
  photoURL?: string;
  /**
   * The linked provider ID (for example, "google.com" for the Google provider).
   */
  providerId: string;
192}
193/**
 * Interface representing the response from the
 * {@link BaseAuth.importUsers} method for batch
 * importing users to Firebase Auth.
 */
198export interface UserImportResult {
  /**
   * The number of user records that failed to import to Firebase Auth.
   */
  failureCount: number;
  /**
   * The number of user records that successfully imported to Firebase Auth.
   */
  successCount: number;
  /**
   * An array of errors corresponding to the provided users to import. The
   * length of this array is equal to [`failureCount`](#failureCount).
   */
  errors: FirebaseArrayIndexError[];
212}
213/** Interface representing an Auth second factor in Auth server format. */
214export interface AuthFactorInfo {
  mfaEnrollmentId?: string;
  displayName?: string;
  phoneInfo?: string;
  enrolledAt?: string;
  [key: string]: any;
220}
221/** UploadAccount endpoint request user interface. */
222interface UploadAccountUser {
  localId: string;
  email?: string;
  emailVerified?: boolean;
  displayName?: string;
  disabled?: boolean;
  photoUrl?: string;
  phoneNumber?: string;
  providerUserInfo?: Array<{
      rawId: string;
      providerId: string;
      email?: string;
      displayName?: string;
      photoUrl?: string;
  }>;
  mfaInfo?: AuthFactorInfo[];
  passwordHash?: string;
  salt?: string;
  lastLoginAt?: number;
  createdAt?: number;
  customAttributes?: string;
  tenantId?: string;
244}
245/** UploadAccount endpoint request hash options. */
246export interface UploadAccountOptions {
  hashAlgorithm?: string;
  signerKey?: string;
  rounds?: number;
  memoryCost?: number;
  saltSeparator?: string;
  cpuMemCost?: number;
  parallelization?: number;
  blockSize?: number;
  dkLen?: number;
256}
257/** UploadAccount endpoint complete request interface. */
258export interface UploadAccountRequest extends UploadAccountOptions {
  users?: UploadAccountUser[];
260}
261/** Callback function to validate an UploadAccountUser object. */
262export declare type ValidatorFunction = (data: UploadAccountUser) => void;
263/**
* Converts a client format second factor object to server format.
* @param multiFactorInfo - The client format second factor.
* @returns The corresponding AuthFactorInfo server request format.
*/
268export declare function convertMultiFactorInfoToServerFormat(multiFactorInfo: UpdateMultiFactorInfoRequest): AuthFactorInfo;
269/**
* Class that provides a helper for building/validating uploadAccount requests and
* UserImportResult responses.
*/
273export declare class UserImportBuilder {
  private requiresHashOptions;
  private validatedUsers;
  private validatedOptions;
  private indexMap;
  private userImportResultErrors;
  /**
   * @param {UserImportRecord[]} users The list of user records to import.
   * @param {UserImportOptions=} options The import options which includes hashing
   *     algorithm details.
   * @param {ValidatorFunction=} userRequestValidator The user request validator function.
   * @constructor
   */
  constructor(users: UserImportRecord[], options?: UserImportOptions, userRequestValidator?: ValidatorFunction);
  /**
   * Returns the corresponding constructed uploadAccount request.
   * @returns {UploadAccountRequest} The constructed uploadAccount request.
   */
  buildRequest(): UploadAccountRequest;
  /**
   * Populates the UserImportResult using the client side detected errors and the server
   * side returned errors.
   * @returns {UserImportResult} The user import result based on the returned failed
   *     uploadAccount response.
   */
  buildResponse(failedUploads: Array<{
      index: number;
      message: string;
  }>): UserImportResult;
  /**
   * Validates and returns the hashing options of the uploadAccount request.
   * Throws an error whenever an invalid or missing options is detected.
   * @param {UserImportOptions} options The UserImportOptions.
   * @param {boolean} requiresHashOptions Whether to require hash options.
   * @returns {UploadAccountOptions} The populated UploadAccount options.
   */
  private populateOptions;
  /**
   * Validates and returns the users list of the uploadAccount request.
   * Whenever a user with an error is detected, the error is cached and will later be
   * merged into the user import result. This allows the processing of valid users without
   * failing early on the first error detected.
   * @param {UserImportRecord[]} users The UserImportRecords to convert to UnploadAccountUser
   *     objects.
   * @param {ValidatorFunction=} userValidator The user validator function.
   * @returns {UploadAccountUser[]} The populated uploadAccount users.
   */
  private populateUsers;
321}
322export {};

1	`/! firebase-admin v10.0.0 /`
2	`/*!`
3	`* Copyright 2018 Google Inc.`
4	`*`
5	`* Licensed under the Apache License, Version 2.0 (the "License");`
6	`* you may not use this file except in compliance with the License.`
7	`* You may obtain a copy of the License at`
8	`*`
9	`* http://www.apache.org/licenses/LICENSE-2.0`
10	`*`
11	`* Unless required by applicable law or agreed to in writing, software`
12	`* distributed under the License is distributed on an "AS IS" BASIS,`
13	`* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
14	`* See the License for the specific language governing permissions and`
15	`* limitations under the License.`
16	`*/`
17	`/// <reference types="node" />`
18	`import { FirebaseArrayIndexError } from '../app/index';`
19	`import { UpdateMultiFactorInfoRequest, MultiFactorUpdateSettings } from './auth-config';`
20	`export declare type HashAlgorithmType = 'SCRYPT' \| 'STANDARD_SCRYPT' \| 'HMAC_SHA512' \| 'HMAC_SHA256' \| 'HMAC_SHA1' \| 'HMAC_MD5' \| 'MD5' \| 'PBKDF_SHA1' \| 'BCRYPT' \| 'PBKDF2_SHA256' \| 'SHA512' \| 'SHA256' \| 'SHA1';`
21	`/**`
22	`* Interface representing the user import options needed for`
23	`* {@link BaseAuth.importUsers} method. This is used to`
24	`* provide the password hashing algorithm information.`
25	`*/`
26	`export interface UserImportOptions {`
27	`/**`
28	`* The password hashing information.`
29	`*/`
30	`hash: {`
31	`/**`
32	`* The password hashing algorithm identifier. The following algorithm`
33	`* identifiers are supported:`
34	* `SCRYPT`, `STANDARD_SCRYPT`, `HMAC_SHA512`, `HMAC_SHA256`, `HMAC_SHA1`,
35	* `HMAC_MD5`, `MD5`, `PBKDF_SHA1`, `BCRYPT`, `PBKDF2_SHA256`, `SHA512`,
36	* `SHA256` and `SHA1`.
37	`*/`
38	`algorithm: HashAlgorithmType;`
39	`/**`
40	`* The signing key used in the hash algorithm in buffer bytes.`
41	* Required by hashing algorithms `SCRYPT`, `HMAC_SHA512`, `HMAC_SHA256`,
42	* `HAMC_SHA1` and `HMAC_MD5`.
43	`*/`
44	`key?: Buffer;`
45	`/**`
46	`* The salt separator in buffer bytes which is appended to salt when`
47	* verifying a password. This is only used by the `SCRYPT` algorithm.
48	`*/`
49	`saltSeparator?: Buffer;`
50	`/**`
51	`* The number of rounds for hashing calculation.`
52	* Required for `SCRYPT`, `MD5`, `SHA512`, `SHA256`, `SHA1`, `PBKDF_SHA1` and
53	* `PBKDF2_SHA256`.
54	`*/`
55	`rounds?: number;`
56	`/**`
57	* The memory cost required for `SCRYPT` algorithm, or the CPU/memory cost.
58	* Required for `STANDARD_SCRYPT` algorithm.
59	`*/`
60	`memoryCost?: number;`
61	`/**`
62	`* The parallelization of the hashing algorithm. Required for the`
63	* `STANDARD_SCRYPT` algorithm.
64	`*/`
65	`parallelization?: number;`
66	`/**`
67	`* The block size (normally 8) of the hashing algorithm. Required for the`
68	* `STANDARD_SCRYPT` algorithm.
69	`*/`
70	`blockSize?: number;`
71	`/**`
72	`* The derived key length of the hashing algorithm. Required for the`
73	* `STANDARD_SCRYPT` algorithm.
74	`*/`
75	`derivedKeyLength?: number;`
76	`};`
77	`}`
78	`/**`
79	`* Interface representing a user to import to Firebase Auth via the`
80	`* {@link BaseAuth.importUsers} method.`
81	`*/`
82	`export interface UserImportRecord {`
83	`/**`
84	* The user's `uid`.
85	`*/`
86	`uid: string;`
87	`/**`
88	`* The user's primary email, if set.`
89	`*/`
90	`email?: string;`
91	`/**`
92	`* Whether or not the user's primary email is verified.`
93	`*/`
94	`emailVerified?: boolean;`
95	`/**`
96	`* The user's display name.`
97	`*/`
98	`displayName?: string;`
99	`/**`
100	`* The user's primary phone number, if set.`
101	`*/`
102	`phoneNumber?: string;`
103	`/**`
104	`* The user's photo URL.`
105	`*/`
106	`photoURL?: string;`
107	`/**`
108	* Whether or not the user is disabled: `true` for disabled; `false` for
109	`* enabled.`
110	`*/`
111	`disabled?: boolean;`
112	`/**`
113	`* Additional metadata about the user.`
114	`*/`
115	`metadata?: UserMetadataRequest;`
116	`/**`
117	`* An array of providers (for example, Google, Facebook) linked to the user.`
118	`*/`
119	`providerData?: UserProviderRequest[];`
120	`/**`
121	`* The user's custom claims object if available, typically used to define`
122	`* user roles and propagated to an authenticated user's ID token.`
123	`*/`
124	`customClaims?: {`
125	`[key: string]: any;`
126	`};`
127	`/**`
128	`* The buffer of bytes representing the user's hashed password.`
129	`* When a user is to be imported with a password hash,`
130	`* {@link UserImportOptions} are required to be`
131	`* specified to identify the hashing algorithm used to generate this hash.`
132	`*/`
133	`passwordHash?: Buffer;`
134	`/**`
135	`* The buffer of bytes representing the user's password salt.`
136	`*/`
137	`passwordSalt?: Buffer;`
138	`/**`
139	`* The identifier of the tenant where user is to be imported to.`
140	* When not provided in an `admin.auth.Auth` context, the user is uploaded to
141	`* the default parent project.`
142	* When not provided in an `admin.auth.TenantAwareAuth` context, the user is uploaded
143	* to the tenant corresponding to that `TenantAwareAuth` instance's tenant ID.
144	`*/`
145	`tenantId?: string;`
146	`/**`
147	`* The user's multi-factor related properties.`
148	`*/`
149	`multiFactor?: MultiFactorUpdateSettings;`
150	`}`
151	`/**`
152	`* User metadata to include when importing a user.`
153	`*/`
154	`export interface UserMetadataRequest {`
155	`/**`
156	`* The date the user last signed in, formatted as a UTC string.`
157	`*/`
158	`lastSignInTime?: string;`
159	`/**`
160	`* The date the user was created, formatted as a UTC string.`
161	`*/`
162	`creationTime?: string;`
163	`}`
164	`/**`
165	`* User provider data to include when importing a user.`
166	`*/`
167	`export interface UserProviderRequest {`
168	`/**`
169	`* The user identifier for the linked provider.`
170	`*/`
171	`uid: string;`
172	`/**`
173	`* The display name for the linked provider.`
174	`*/`
175	`displayName?: string;`
176	`/**`
177	`* The email for the linked provider.`
178	`*/`
179	`email?: string;`
180	`/**`
181	`* The phone number for the linked provider.`
182	`*/`
183	`phoneNumber?: string;`
184	`/**`
185	`* The photo URL for the linked provider.`
186	`*/`
187	`photoURL?: string;`
188	`/**`
189	`* The linked provider ID (for example, "google.com" for the Google provider).`
190	`*/`
191	`providerId: string;`
192	`}`
193	`/**`
194	`* Interface representing the response from the`
195	`* {@link BaseAuth.importUsers} method for batch`
196	`* importing users to Firebase Auth.`
197	`*/`
198	`export interface UserImportResult {`
199	`/**`
200	`* The number of user records that failed to import to Firebase Auth.`
201	`*/`
202	`failureCount: number;`
203	`/**`
204	`* The number of user records that successfully imported to Firebase Auth.`
205	`*/`
206	`successCount: number;`
207	`/**`
208	`* An array of errors corresponding to the provided users to import. The`
209	* length of this array is equal to [`failureCount`](#failureCount).
210	`*/`
211	`errors: FirebaseArrayIndexError[];`
212	`}`
213	`/** Interface representing an Auth second factor in Auth server format. */`
214	`export interface AuthFactorInfo {`
215	`mfaEnrollmentId?: string;`
216	`displayName?: string;`
217	`phoneInfo?: string;`
218	`enrolledAt?: string;`
219	`[key: string]: any;`
220	`}`
221	`/** UploadAccount endpoint request user interface. */`
222	`interface UploadAccountUser {`
223	`localId: string;`
224	`email?: string;`
225	`emailVerified?: boolean;`
226	`displayName?: string;`
227	`disabled?: boolean;`
228	`photoUrl?: string;`
229	`phoneNumber?: string;`
230	`providerUserInfo?: Array<{`
231	`rawId: string;`
232	`providerId: string;`
233	`email?: string;`
234	`displayName?: string;`
235	`photoUrl?: string;`
236	`}>;`
237	`mfaInfo?: AuthFactorInfo[];`
238	`passwordHash?: string;`
239	`salt?: string;`
240	`lastLoginAt?: number;`
241	`createdAt?: number;`
242	`customAttributes?: string;`
243	`tenantId?: string;`
244	`}`
245	`/** UploadAccount endpoint request hash options. */`
246	`export interface UploadAccountOptions {`
247	`hashAlgorithm?: string;`
248	`signerKey?: string;`
249	`rounds?: number;`
250	`memoryCost?: number;`
251	`saltSeparator?: string;`
252	`cpuMemCost?: number;`
253	`parallelization?: number;`
254	`blockSize?: number;`
255	`dkLen?: number;`
256	`}`
257	`/** UploadAccount endpoint complete request interface. */`
258	`export interface UploadAccountRequest extends UploadAccountOptions {`
259	`users?: UploadAccountUser[];`
260	`}`
261	`/** Callback function to validate an UploadAccountUser object. */`
262	`export declare type ValidatorFunction = (data: UploadAccountUser) => void;`
263	`/**`
264	`* Converts a client format second factor object to server format.`
265	`* @param multiFactorInfo - The client format second factor.`
266	`* @returns The corresponding AuthFactorInfo server request format.`
267	`*/`
268	`export declare function convertMultiFactorInfoToServerFormat(multiFactorInfo: UpdateMultiFactorInfoRequest): AuthFactorInfo;`
269	`/**`
270	`* Class that provides a helper for building/validating uploadAccount requests and`
271	`* UserImportResult responses.`
272	`*/`
273	`export declare class UserImportBuilder {`
274	`private requiresHashOptions;`
275	`private validatedUsers;`
276	`private validatedOptions;`
277	`private indexMap;`
278	`private userImportResultErrors;`
279	`/**`
280	`* @param {UserImportRecord[]} users The list of user records to import.`
281	`* @param {UserImportOptions=} options The import options which includes hashing`
282	`* algorithm details.`
283	`* @param {ValidatorFunction=} userRequestValidator The user request validator function.`
284	`* @constructor`
285	`*/`
286	`constructor(users: UserImportRecord[], options?: UserImportOptions, userRequestValidator?: ValidatorFunction);`
287	`/**`
288	`* Returns the corresponding constructed uploadAccount request.`
289	`* @returns {UploadAccountRequest} The constructed uploadAccount request.`
290	`*/`
291	`buildRequest(): UploadAccountRequest;`
292	`/**`
293	`* Populates the UserImportResult using the client side detected errors and the server`
294	`* side returned errors.`
295	`* @returns {UserImportResult} The user import result based on the returned failed`
296	`* uploadAccount response.`
297	`*/`
298	`buildResponse(failedUploads: Array<{`
299	`index: number;`
300	`message: string;`
301	`}>): UserImportResult;`
302	`/**`
303	`* Validates and returns the hashing options of the uploadAccount request.`
304	`* Throws an error whenever an invalid or missing options is detected.`
305	`* @param {UserImportOptions} options The UserImportOptions.`
306	`* @param {boolean} requiresHashOptions Whether to require hash options.`
307	`* @returns {UploadAccountOptions} The populated UploadAccount options.`
308	`*/`
309	`private populateOptions;`
310	`/**`
311	`* Validates and returns the users list of the uploadAccount request.`
312	`* Whenever a user with an error is detected, the error is cached and will later be`
313	`* merged into the user import result. This allows the processing of valid users without`
314	`* failing early on the first error detected.`
315	`* @param {UserImportRecord[]} users The UserImportRecords to convert to UnploadAccountUser`
316	`* objects.`
317	`* @param {ValidatorFunction=} userValidator The user validator function.`
318	`* @returns {UploadAccountUser[]} The populated uploadAccount users.`
319	`*/`
320	`private populateUsers;`
321	`}`
322	`export {};`