| 1 | /*! firebase-admin v12.0.0 */
|
| 2 | /*!
|
| 3 | * Copyright 2019 Google Inc.
|
| 4 | *
|
| 5 | * Licensed under the Apache License, Version 2.0 (the "License");
|
| 6 | * you may not use this file except in compliance with the License.
|
| 7 | * You may obtain a copy of the License at
|
| 8 | *
|
| 9 | * http://www.apache.org/licenses/LICENSE-2.0
|
| 10 | *
|
| 11 | * Unless required by applicable law or agreed to in writing, software
|
| 12 | * distributed under the License is distributed on an "AS IS" BASIS,
|
| 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
| 14 | * See the License for the specific language governing permissions and
|
| 15 | * limitations under the License.
|
| 16 | */
|
| 17 | import { EmailSignInConfigServerRequest, MultiFactorAuthServerConfig, MultiFactorConfig, EmailSignInProviderConfig, SmsRegionConfig, RecaptchaConfig, PasswordPolicyConfig, PasswordPolicyAuthServerConfig, EmailPrivacyConfig } from './auth-config';
|
| 18 | /**
|
| 19 | * Interface representing the properties to update on the provided tenant.
|
| 20 | */
|
| 21 | export interface UpdateTenantRequest {
|
| 22 | /**
|
| 23 | * The tenant display name.
|
| 24 | */
|
| 25 | displayName?: string;
|
| 26 | /**
|
| 27 | * The email sign in configuration.
|
| 28 | */
|
| 29 | emailSignInConfig?: EmailSignInProviderConfig;
|
| 30 | /**
|
| 31 | * Whether the anonymous provider is enabled.
|
| 32 | */
|
| 33 | anonymousSignInEnabled?: boolean;
|
| 34 | /**
|
| 35 | * The multi-factor auth configuration to update on the tenant.
|
| 36 | */
|
| 37 | multiFactorConfig?: MultiFactorConfig;
|
| 38 | /**
|
| 39 | * The updated map containing the test phone number / code pairs for the tenant.
|
| 40 | * Passing null clears the previously save phone number / code pairs.
|
| 41 | */
|
| 42 | testPhoneNumbers?: {
|
| 43 | [phoneNumber: string]: string;
|
| 44 | } | null;
|
| 45 | /**
|
| 46 | * The SMS configuration to update on the project.
|
| 47 | */
|
| 48 | smsRegionConfig?: SmsRegionConfig;
|
| 49 | /**
|
| 50 | * The reCAPTCHA configuration to update on the tenant.
|
| 51 | * By enabling reCAPTCHA Enterprise integration, you are
|
| 52 | * agreeing to the reCAPTCHA Enterprise
|
| 53 | * {@link https://cloud.google.com/terms/service-terms | Term of Service}.
|
| 54 | */
|
| 55 | recaptchaConfig?: RecaptchaConfig;
|
| 56 | /**
|
| 57 | * The password policy configuration for the tenant
|
| 58 | */
|
| 59 | passwordPolicyConfig?: PasswordPolicyConfig;
|
| 60 | /**
|
| 61 | * The email privacy configuration for the tenant
|
| 62 | */
|
| 63 | emailPrivacyConfig?: EmailPrivacyConfig;
|
| 64 | }
|
| 65 | /**
|
| 66 | * Interface representing the properties to set on a new tenant.
|
| 67 | */
|
| 68 | export type CreateTenantRequest = UpdateTenantRequest;
|
| 69 | /** The corresponding server side representation of a TenantOptions object. */
|
| 70 | export interface TenantOptionsServerRequest extends EmailSignInConfigServerRequest {
|
| 71 | displayName?: string;
|
| 72 | enableAnonymousUser?: boolean;
|
| 73 | mfaConfig?: MultiFactorAuthServerConfig;
|
| 74 | testPhoneNumbers?: {
|
| 75 | [key: string]: string;
|
| 76 | };
|
| 77 | smsRegionConfig?: SmsRegionConfig;
|
| 78 | recaptchaConfig?: RecaptchaConfig;
|
| 79 | passwordPolicyConfig?: PasswordPolicyAuthServerConfig;
|
| 80 | emailPrivacyConfig?: EmailPrivacyConfig;
|
| 81 | }
|
| 82 | /** The tenant server response interface. */
|
| 83 | export interface TenantServerResponse {
|
| 84 | name: string;
|
| 85 | displayName?: string;
|
| 86 | allowPasswordSignup?: boolean;
|
| 87 | enableEmailLinkSignin?: boolean;
|
| 88 | enableAnonymousUser?: boolean;
|
| 89 | mfaConfig?: MultiFactorAuthServerConfig;
|
| 90 | testPhoneNumbers?: {
|
| 91 | [key: string]: string;
|
| 92 | };
|
| 93 | smsRegionConfig?: SmsRegionConfig;
|
| 94 | recaptchaConfig?: RecaptchaConfig;
|
| 95 | passwordPolicyConfig?: PasswordPolicyAuthServerConfig;
|
| 96 | emailPrivacyConfig?: EmailPrivacyConfig;
|
| 97 | }
|
| 98 | /**
|
| 99 | * Represents a tenant configuration.
|
| 100 | *
|
| 101 | * Multi-tenancy support requires Google Cloud's Identity Platform
|
| 102 | * (GCIP). To learn more about GCIP, including pricing and features,
|
| 103 | * see the {@link https://cloud.google.com/identity-platform | GCIP documentation}.
|
| 104 | *
|
| 105 | * Before multi-tenancy can be used on a Google Cloud Identity Platform project,
|
| 106 | * tenants must be allowed on that project via the Cloud Console UI.
|
| 107 | *
|
| 108 | * A tenant configuration provides information such as the display name, tenant
|
| 109 | * identifier and email authentication configuration.
|
| 110 | * For OIDC/SAML provider configuration management, `TenantAwareAuth` instances should
|
| 111 | * be used instead of a `Tenant` to retrieve the list of configured IdPs on a tenant.
|
| 112 | * When configuring these providers, note that tenants will inherit
|
| 113 | * whitelisted domains and authenticated redirect URIs of their parent project.
|
| 114 | *
|
| 115 | * All other settings of a tenant will also be inherited. These will need to be managed
|
| 116 | * from the Cloud Console UI.
|
| 117 | */
|
| 118 | export declare class Tenant {
|
| 119 | /**
|
| 120 | * The tenant identifier.
|
| 121 | */
|
| 122 | readonly tenantId: string;
|
| 123 | /**
|
| 124 | * The tenant display name.
|
| 125 | */
|
| 126 | readonly displayName?: string;
|
| 127 | readonly anonymousSignInEnabled: boolean;
|
| 128 | /**
|
| 129 | * The map containing the test phone number / code pairs for the tenant.
|
| 130 | */
|
| 131 | readonly testPhoneNumbers?: {
|
| 132 | [phoneNumber: string]: string;
|
| 133 | };
|
| 134 | private readonly emailSignInConfig_?;
|
| 135 | private readonly multiFactorConfig_?;
|
| 136 | /**
|
| 137 | * The map conatining the reCAPTCHA config.
|
| 138 | * By enabling reCAPTCHA Enterprise Integration you are
|
| 139 | * agreeing to reCAPTCHA Enterprise
|
| 140 | * {@link https://cloud.google.com/terms/service-terms | Term of Service}.
|
| 141 | */
|
| 142 | private readonly recaptchaConfig_?;
|
| 143 | /**
|
| 144 | * The SMS Regions Config to update a tenant.
|
| 145 | * Configures the regions where users are allowed to send verification SMS.
|
| 146 | * This is based on the calling code of the destination phone number.
|
| 147 | */
|
| 148 | readonly smsRegionConfig?: SmsRegionConfig;
|
| 149 | /**
|
| 150 | * The password policy configuration for the tenant
|
| 151 | */
|
| 152 | readonly passwordPolicyConfig?: PasswordPolicyConfig;
|
| 153 | /**
|
| 154 | * The email privacy configuration for the tenant
|
| 155 | */
|
| 156 | readonly emailPrivacyConfig?: EmailPrivacyConfig;
|
| 157 | /**
|
| 158 | * Validates a tenant options object. Throws an error on failure.
|
| 159 | *
|
| 160 | * @param request - The tenant options object to validate.
|
| 161 | * @param createRequest - Whether this is a create request.
|
| 162 | */
|
| 163 | private static validate;
|
| 164 | /**
|
| 165 | * The email sign in provider configuration.
|
| 166 | */
|
| 167 | get emailSignInConfig(): EmailSignInProviderConfig | undefined;
|
| 168 | /**
|
| 169 | * The multi-factor auth configuration on the current tenant.
|
| 170 | */
|
| 171 | get multiFactorConfig(): MultiFactorConfig | undefined;
|
| 172 | /**
|
| 173 | * The recaptcha config auth configuration of the current tenant.
|
| 174 | */
|
| 175 | get recaptchaConfig(): RecaptchaConfig | undefined;
|
| 176 | /**
|
| 177 | * Returns a JSON-serializable representation of this object.
|
| 178 | *
|
| 179 | * @returns A JSON-serializable representation of this object.
|
| 180 | */
|
| 181 | toJSON(): object;
|
| 182 | }
|