1 | /*! firebase-admin v12.0.0 */
|
2 | /*!
|
3 | * Copyright 2019 Google Inc.
|
4 | *
|
5 | * Licensed under the Apache License, Version 2.0 (the "License");
|
6 | * you may not use this file except in compliance with the License.
|
7 | * You may obtain a copy of the License at
|
8 | *
|
9 | * http://www.apache.org/licenses/LICENSE-2.0
|
10 | *
|
11 | * Unless required by applicable law or agreed to in writing, software
|
12 | * distributed under the License is distributed on an "AS IS" BASIS,
|
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14 | * See the License for the specific language governing permissions and
|
15 | * limitations under the License.
|
16 | */
|
17 | import { EmailSignInConfigServerRequest, MultiFactorAuthServerConfig, MultiFactorConfig, EmailSignInProviderConfig, SmsRegionConfig, RecaptchaConfig, PasswordPolicyConfig, PasswordPolicyAuthServerConfig, EmailPrivacyConfig } from './auth-config';
|
18 | /**
|
19 | * Interface representing the properties to update on the provided tenant.
|
20 | */
|
21 | export interface UpdateTenantRequest {
|
22 | /**
|
23 | * The tenant display name.
|
24 | */
|
25 | displayName?: string;
|
26 | /**
|
27 | * The email sign in configuration.
|
28 | */
|
29 | emailSignInConfig?: EmailSignInProviderConfig;
|
30 | /**
|
31 | * Whether the anonymous provider is enabled.
|
32 | */
|
33 | anonymousSignInEnabled?: boolean;
|
34 | /**
|
35 | * The multi-factor auth configuration to update on the tenant.
|
36 | */
|
37 | multiFactorConfig?: MultiFactorConfig;
|
38 | /**
|
39 | * The updated map containing the test phone number / code pairs for the tenant.
|
40 | * Passing null clears the previously save phone number / code pairs.
|
41 | */
|
42 | testPhoneNumbers?: {
|
43 | [phoneNumber: string]: string;
|
44 | } | null;
|
45 | /**
|
46 | * The SMS configuration to update on the project.
|
47 | */
|
48 | smsRegionConfig?: SmsRegionConfig;
|
49 | /**
|
50 | * The reCAPTCHA configuration to update on the tenant.
|
51 | * By enabling reCAPTCHA Enterprise integration, you are
|
52 | * agreeing to the reCAPTCHA Enterprise
|
53 | * {@link https://cloud.google.com/terms/service-terms | Term of Service}.
|
54 | */
|
55 | recaptchaConfig?: RecaptchaConfig;
|
56 | /**
|
57 | * The password policy configuration for the tenant
|
58 | */
|
59 | passwordPolicyConfig?: PasswordPolicyConfig;
|
60 | /**
|
61 | * The email privacy configuration for the tenant
|
62 | */
|
63 | emailPrivacyConfig?: EmailPrivacyConfig;
|
64 | }
|
65 | /**
|
66 | * Interface representing the properties to set on a new tenant.
|
67 | */
|
68 | export type CreateTenantRequest = UpdateTenantRequest;
|
69 | /** The corresponding server side representation of a TenantOptions object. */
|
70 | export interface TenantOptionsServerRequest extends EmailSignInConfigServerRequest {
|
71 | displayName?: string;
|
72 | enableAnonymousUser?: boolean;
|
73 | mfaConfig?: MultiFactorAuthServerConfig;
|
74 | testPhoneNumbers?: {
|
75 | [key: string]: string;
|
76 | };
|
77 | smsRegionConfig?: SmsRegionConfig;
|
78 | recaptchaConfig?: RecaptchaConfig;
|
79 | passwordPolicyConfig?: PasswordPolicyAuthServerConfig;
|
80 | emailPrivacyConfig?: EmailPrivacyConfig;
|
81 | }
|
82 | /** The tenant server response interface. */
|
83 | export interface TenantServerResponse {
|
84 | name: string;
|
85 | displayName?: string;
|
86 | allowPasswordSignup?: boolean;
|
87 | enableEmailLinkSignin?: boolean;
|
88 | enableAnonymousUser?: boolean;
|
89 | mfaConfig?: MultiFactorAuthServerConfig;
|
90 | testPhoneNumbers?: {
|
91 | [key: string]: string;
|
92 | };
|
93 | smsRegionConfig?: SmsRegionConfig;
|
94 | recaptchaConfig?: RecaptchaConfig;
|
95 | passwordPolicyConfig?: PasswordPolicyAuthServerConfig;
|
96 | emailPrivacyConfig?: EmailPrivacyConfig;
|
97 | }
|
98 | /**
|
99 | * Represents a tenant configuration.
|
100 | *
|
101 | * Multi-tenancy support requires Google Cloud's Identity Platform
|
102 | * (GCIP). To learn more about GCIP, including pricing and features,
|
103 | * see the {@link https://cloud.google.com/identity-platform | GCIP documentation}.
|
104 | *
|
105 | * Before multi-tenancy can be used on a Google Cloud Identity Platform project,
|
106 | * tenants must be allowed on that project via the Cloud Console UI.
|
107 | *
|
108 | * A tenant configuration provides information such as the display name, tenant
|
109 | * identifier and email authentication configuration.
|
110 | * For OIDC/SAML provider configuration management, `TenantAwareAuth` instances should
|
111 | * be used instead of a `Tenant` to retrieve the list of configured IdPs on a tenant.
|
112 | * When configuring these providers, note that tenants will inherit
|
113 | * whitelisted domains and authenticated redirect URIs of their parent project.
|
114 | *
|
115 | * All other settings of a tenant will also be inherited. These will need to be managed
|
116 | * from the Cloud Console UI.
|
117 | */
|
118 | export declare class Tenant {
|
119 | /**
|
120 | * The tenant identifier.
|
121 | */
|
122 | readonly tenantId: string;
|
123 | /**
|
124 | * The tenant display name.
|
125 | */
|
126 | readonly displayName?: string;
|
127 | readonly anonymousSignInEnabled: boolean;
|
128 | /**
|
129 | * The map containing the test phone number / code pairs for the tenant.
|
130 | */
|
131 | readonly testPhoneNumbers?: {
|
132 | [phoneNumber: string]: string;
|
133 | };
|
134 | private readonly emailSignInConfig_?;
|
135 | private readonly multiFactorConfig_?;
|
136 | /**
|
137 | * The map conatining the reCAPTCHA config.
|
138 | * By enabling reCAPTCHA Enterprise Integration you are
|
139 | * agreeing to reCAPTCHA Enterprise
|
140 | * {@link https://cloud.google.com/terms/service-terms | Term of Service}.
|
141 | */
|
142 | private readonly recaptchaConfig_?;
|
143 | /**
|
144 | * The SMS Regions Config to update a tenant.
|
145 | * Configures the regions where users are allowed to send verification SMS.
|
146 | * This is based on the calling code of the destination phone number.
|
147 | */
|
148 | readonly smsRegionConfig?: SmsRegionConfig;
|
149 | /**
|
150 | * The password policy configuration for the tenant
|
151 | */
|
152 | readonly passwordPolicyConfig?: PasswordPolicyConfig;
|
153 | /**
|
154 | * The email privacy configuration for the tenant
|
155 | */
|
156 | readonly emailPrivacyConfig?: EmailPrivacyConfig;
|
157 | /**
|
158 | * Validates a tenant options object. Throws an error on failure.
|
159 | *
|
160 | * @param request - The tenant options object to validate.
|
161 | * @param createRequest - Whether this is a create request.
|
162 | */
|
163 | private static validate;
|
164 | /**
|
165 | * The email sign in provider configuration.
|
166 | */
|
167 | get emailSignInConfig(): EmailSignInProviderConfig | undefined;
|
168 | /**
|
169 | * The multi-factor auth configuration on the current tenant.
|
170 | */
|
171 | get multiFactorConfig(): MultiFactorConfig | undefined;
|
172 | /**
|
173 | * The recaptcha config auth configuration of the current tenant.
|
174 | */
|
175 | get recaptchaConfig(): RecaptchaConfig | undefined;
|
176 | /**
|
177 | * Returns a JSON-serializable representation of this object.
|
178 | *
|
179 | * @returns A JSON-serializable representation of this object.
|
180 | */
|
181 | toJSON(): object;
|
182 | }
|