diff options
Diffstat (limited to 'frontend-old/node_modules/@firebase/auth/dist/node')
177 files changed, 19241 insertions, 0 deletions
diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/index.cordova.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/index.cordova.d.ts new file mode 100644 index 0000000..b2d5130 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/index.cordova.d.ts @@ -0,0 +1,32 @@ +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * This is the file that people using Cordova will actually import. You + * should only include this file if you have something specific about your + * implementation that mandates having a separate entrypoint. Otherwise you can + * just use index.ts + */ +import { FirebaseApp } from '@firebase/app'; +import { Auth } from './src/model/public_types'; +export * from './index.shared'; +export { indexedDBLocalPersistence } from './src/platform_browser/persistence/indexed_db'; +export { browserLocalPersistence } from './src/platform_browser/persistence/local_storage'; +export { browserSessionPersistence } from './src/platform_browser/persistence/session_storage'; +export { getRedirectResult } from './src/platform_browser/strategies/redirect'; +export { cordovaPopupRedirectResolver } from './src/platform_cordova/popup_redirect/popup_redirect'; +export { signInWithRedirect, reauthenticateWithRedirect, linkWithRedirect } from './src/platform_cordova/strategies/redirect'; +export declare function getAuth(app?: FirebaseApp): Auth; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/index.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/index.d.ts new file mode 100644 index 0000000..2a03211 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/index.d.ts @@ -0,0 +1,38 @@ +/** + * Firebase Authentication + * + * @packageDocumentation + */ +/** + * @license + * Copyright 2017 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export * from './src/model/public_types'; +export { FactorId, ProviderId, SignInMethod, OperationType, ActionCodeOperation } from './src/model/enum_maps'; +export * from './src'; +import { browserLocalPersistence } from './src/platform_browser/persistence/local_storage'; +import { browserCookiePersistence } from './src/platform_browser/persistence/cookie_storage'; +import { browserSessionPersistence } from './src/platform_browser/persistence/session_storage'; +import { indexedDBLocalPersistence } from './src/platform_browser/persistence/indexed_db'; +import { PhoneAuthProvider } from './src/platform_browser/providers/phone'; +import { signInWithPhoneNumber, linkWithPhoneNumber, reauthenticateWithPhoneNumber, updatePhoneNumber } from './src/platform_browser/strategies/phone'; +import { signInWithPopup, linkWithPopup, reauthenticateWithPopup } from './src/platform_browser/strategies/popup'; +import { signInWithRedirect, linkWithRedirect, reauthenticateWithRedirect, getRedirectResult } from './src/platform_browser/strategies/redirect'; +import { RecaptchaVerifier } from './src/platform_browser/recaptcha/recaptcha_verifier'; +import { browserPopupRedirectResolver } from './src/platform_browser/popup_redirect'; +import { PhoneMultiFactorGenerator } from './src/platform_browser/mfa/assertions/phone'; +import { TotpMultiFactorGenerator, TotpSecret } from './src/mfa/assertions/totp'; +import { getAuth } from './src/platform_browser'; +export { browserLocalPersistence, browserCookiePersistence, browserSessionPersistence, indexedDBLocalPersistence, PhoneAuthProvider, signInWithPhoneNumber, linkWithPhoneNumber, reauthenticateWithPhoneNumber, updatePhoneNumber, signInWithPopup, linkWithPopup, reauthenticateWithPopup, signInWithRedirect, linkWithRedirect, reauthenticateWithRedirect, getRedirectResult, RecaptchaVerifier, browserPopupRedirectResolver, PhoneMultiFactorGenerator, TotpMultiFactorGenerator, TotpSecret, getAuth }; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/index.doc.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/index.doc.d.ts new file mode 100644 index 0000000..893ac2c --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/index.doc.d.ts @@ -0,0 +1,24 @@ +/** + * Firebase Authentication + * + * @packageDocumentation + */ +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export * from './index'; +export { cordovaPopupRedirectResolver } from './index.cordova'; +export { getReactNativePersistence } from './index.rn'; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/index.js b/frontend-old/node_modules/@firebase/auth/dist/node/index.js new file mode 100644 index 0000000..26136a1 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/index.js @@ -0,0 +1,98 @@ +'use strict'; + +Object.defineProperty(exports, '__esModule', { value: true }); + +var totp = require('./totp-50d5d5dd.js'); +require('@firebase/app'); +require('@firebase/util'); +require('@firebase/component'); +require('@firebase/logger'); + + + +exports.ActionCodeOperation = totp.ActionCodeOperation; +exports.ActionCodeURL = totp.ActionCodeURL; +exports.AuthCredential = totp.AuthCredential; +exports.AuthErrorCodes = totp.AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY; +exports.EmailAuthCredential = totp.EmailAuthCredential; +exports.EmailAuthProvider = totp.EmailAuthProvider; +exports.FacebookAuthProvider = totp.FacebookAuthProvider; +exports.FactorId = totp.FactorId; +exports.GithubAuthProvider = totp.GithubAuthProvider; +exports.GoogleAuthProvider = totp.GoogleAuthProvider; +exports.OAuthCredential = totp.OAuthCredential; +exports.OAuthProvider = totp.OAuthProvider; +exports.OperationType = totp.OperationType; +exports.PhoneAuthCredential = totp.PhoneAuthCredential; +exports.PhoneAuthProvider = totp.PhoneAuthProvider; +exports.PhoneMultiFactorGenerator = totp.PhoneMultiFactorGenerator; +exports.ProviderId = totp.ProviderId; +exports.RecaptchaVerifier = totp.RecaptchaVerifier; +exports.SAMLAuthProvider = totp.SAMLAuthProvider; +exports.SignInMethod = totp.SignInMethod; +exports.TotpMultiFactorGenerator = totp.TotpMultiFactorGenerator; +exports.TotpSecret = totp.TotpSecret; +exports.TwitterAuthProvider = totp.TwitterAuthProvider; +exports.applyActionCode = totp.applyActionCode; +exports.beforeAuthStateChanged = totp.beforeAuthStateChanged; +exports.browserCookiePersistence = totp.browserCookiePersistence; +exports.browserLocalPersistence = totp.browserLocalPersistence; +exports.browserPopupRedirectResolver = totp.browserPopupRedirectResolver; +exports.browserSessionPersistence = totp.browserSessionPersistence; +exports.checkActionCode = totp.checkActionCode; +exports.confirmPasswordReset = totp.confirmPasswordReset; +exports.connectAuthEmulator = totp.connectAuthEmulator; +exports.createUserWithEmailAndPassword = totp.createUserWithEmailAndPassword; +exports.debugErrorMap = totp.debugErrorMap; +exports.deleteUser = totp.deleteUser; +exports.fetchSignInMethodsForEmail = totp.fetchSignInMethodsForEmail; +exports.getAdditionalUserInfo = totp.getAdditionalUserInfo; +exports.getAuth = totp.getAuth; +exports.getIdToken = totp.getIdToken; +exports.getIdTokenResult = totp.getIdTokenResult; +exports.getMultiFactorResolver = totp.getMultiFactorResolver; +exports.getRedirectResult = totp.getRedirectResult; +exports.inMemoryPersistence = totp.inMemoryPersistence; +exports.indexedDBLocalPersistence = totp.indexedDBLocalPersistence; +exports.initializeAuth = totp.initializeAuth; +exports.initializeRecaptchaConfig = totp.initializeRecaptchaConfig; +exports.isSignInWithEmailLink = totp.isSignInWithEmailLink; +exports.linkWithCredential = totp.linkWithCredential; +exports.linkWithPhoneNumber = totp.linkWithPhoneNumber; +exports.linkWithPopup = totp.linkWithPopup; +exports.linkWithRedirect = totp.linkWithRedirect; +exports.multiFactor = totp.multiFactor; +exports.onAuthStateChanged = totp.onAuthStateChanged; +exports.onIdTokenChanged = totp.onIdTokenChanged; +exports.parseActionCodeURL = totp.parseActionCodeURL; +exports.prodErrorMap = totp.prodErrorMap; +exports.reauthenticateWithCredential = totp.reauthenticateWithCredential; +exports.reauthenticateWithPhoneNumber = totp.reauthenticateWithPhoneNumber; +exports.reauthenticateWithPopup = totp.reauthenticateWithPopup; +exports.reauthenticateWithRedirect = totp.reauthenticateWithRedirect; +exports.reload = totp.reload; +exports.revokeAccessToken = totp.revokeAccessToken; +exports.sendEmailVerification = totp.sendEmailVerification; +exports.sendPasswordResetEmail = totp.sendPasswordResetEmail; +exports.sendSignInLinkToEmail = totp.sendSignInLinkToEmail; +exports.setPersistence = totp.setPersistence; +exports.signInAnonymously = totp.signInAnonymously; +exports.signInWithCredential = totp.signInWithCredential; +exports.signInWithCustomToken = totp.signInWithCustomToken; +exports.signInWithEmailAndPassword = totp.signInWithEmailAndPassword; +exports.signInWithEmailLink = totp.signInWithEmailLink; +exports.signInWithPhoneNumber = totp.signInWithPhoneNumber; +exports.signInWithPopup = totp.signInWithPopup; +exports.signInWithRedirect = totp.signInWithRedirect; +exports.signOut = totp.signOut; +exports.unlink = totp.unlink; +exports.updateCurrentUser = totp.updateCurrentUser; +exports.updateEmail = totp.updateEmail; +exports.updatePassword = totp.updatePassword; +exports.updatePhoneNumber = totp.updatePhoneNumber; +exports.updateProfile = totp.updateProfile; +exports.useDeviceLanguage = totp.useDeviceLanguage; +exports.validatePassword = totp.validatePassword; +exports.verifyBeforeUpdateEmail = totp.verifyBeforeUpdateEmail; +exports.verifyPasswordResetCode = totp.verifyPasswordResetCode; +//# sourceMappingURL=index.js.map diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/index.js.map b/frontend-old/node_modules/@firebase/auth/dist/node/index.js.map new file mode 100644 index 0000000..15a6951 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"}
\ No newline at end of file diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/index.node.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/index.node.d.ts new file mode 100644 index 0000000..71e82e0 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/index.node.d.ts @@ -0,0 +1,17 @@ +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export * from './index'; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/index.rn.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/index.rn.d.ts new file mode 100644 index 0000000..a970ebf --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/index.rn.d.ts @@ -0,0 +1,40 @@ +/** + * @license + * Copyright 2017 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * This is the file that people using React Native will actually import. You + * should only include this file if you have something specific about your + * implementation that mandates having a separate entrypoint. Otherwise you can + * just use index.ts + */ +import { FirebaseApp } from '@firebase/app'; +import { Auth, Dependencies } from './src/model/public_types'; +export * from './index.shared'; +export { PhoneAuthProvider } from './src/platform_browser/providers/phone'; +export { signInWithPhoneNumber, linkWithPhoneNumber, reauthenticateWithPhoneNumber, updatePhoneNumber } from './src/platform_browser/strategies/phone'; +export { PhoneMultiFactorGenerator } from './src/platform_browser/mfa/assertions/phone'; +export { TotpMultiFactorGenerator, TotpSecret } from './src/mfa/assertions/totp'; +export { getReactNativePersistence } from './src/platform_react_native/persistence/react_native'; +export declare function getAuth(app?: FirebaseApp): Auth; +/** + * Wrapper around base `initializeAuth()` for RN users only, which + * shows the warning message if no persistence is provided. + * Double-checked potential collision with `export * from './index.shared'` + * as `./index.shared` also exports `initializeAuth()`, and the final + * bundle does correctly export only this `initializeAuth()` function + * and not the one from index.shared. + */ +export declare function initializeAuth(app: FirebaseApp, deps?: Dependencies): Auth; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/index.shared.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/index.shared.d.ts new file mode 100644 index 0000000..6a0f743 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/index.shared.d.ts @@ -0,0 +1,19 @@ +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export * from './src/model/public_types'; +export { FactorId, ProviderId, SignInMethod, OperationType, ActionCodeOperation } from './src/model/enum_maps'; +export * from './src'; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/index.web-extension.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/index.web-extension.d.ts new file mode 100644 index 0000000..baf92ed --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/index.web-extension.d.ts @@ -0,0 +1,31 @@ +/** + * @license + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export * from './src'; +import { indexedDBLocalPersistence } from './src/platform_browser/persistence/indexed_db'; +import { TotpMultiFactorGenerator, TotpSecret } from './src/mfa/assertions/totp'; +import { FirebaseApp } from '@firebase/app'; +import { Auth } from './index.shared'; +/** + * Returns the Auth instance associated with the provided {@link @firebase/app#FirebaseApp}. + * If no instance exists, initializes an Auth instance with platform-specific default dependencies. + * + * @param app - The Firebase App. + * + * @public + */ +declare function getAuth(app?: FirebaseApp): Auth; +export { indexedDBLocalPersistence, TotpMultiFactorGenerator, TotpSecret, getAuth }; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/index.webworker.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/index.webworker.d.ts new file mode 100644 index 0000000..278d8e5 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/index.webworker.d.ts @@ -0,0 +1,21 @@ +/** + * @license + * Copyright 2017 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { FirebaseApp } from '@firebase/app'; +import { Auth } from './src/model/public_types'; +export * from './index.shared'; +export { indexedDBLocalPersistence } from './src/platform_browser/persistence/indexed_db'; +export declare function getAuth(app?: FirebaseApp): Auth; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/internal.js b/frontend-old/node_modules/@firebase/auth/dist/node/internal.js new file mode 100644 index 0000000..ecf273f --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/internal.js @@ -0,0 +1,1543 @@ +'use strict'; + +Object.defineProperty(exports, '__esModule', { value: true }); + +var totp = require('./totp-50d5d5dd.js'); +var util = require('@firebase/util'); +var app = require('@firebase/app'); +require('@firebase/component'); +require('@firebase/logger'); + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +function _generateEventId(prefix = '', digits = 10) { + let random = ''; + for (let i = 0; i < digits; i++) { + random += Math.floor(Math.random() * 10); + } + return prefix + random; +} + +/** + * @license + * Copyright 2020 Google LLC. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +class AuthPopup { + constructor(window) { + this.window = window; + this.associatedEvent = null; + } + close() { + if (this.window) { + try { + this.window.close(); + } + catch (e) { } + } + } +} + +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Chooses a popup/redirect resolver to use. This prefers the override (which + * is directly passed in), and falls back to the property set on the auth + * object. If neither are available, this function errors w/ an argument error. + */ +function _withDefaultResolver(auth, resolverOverride) { + if (resolverOverride) { + return totp._getInstance(resolverOverride); + } + totp._assert(auth._popupRedirectResolver, auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */); + return auth._popupRedirectResolver; +} + +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +class IdpCredential extends totp.AuthCredential { + constructor(params) { + super("custom" /* ProviderId.CUSTOM */, "custom" /* ProviderId.CUSTOM */); + this.params = params; + } + _getIdTokenResponse(auth) { + return totp.signInWithIdp(auth, this._buildIdpRequest()); + } + _linkToIdToken(auth, idToken) { + return totp.signInWithIdp(auth, this._buildIdpRequest(idToken)); + } + _getReauthenticationResolver(auth) { + return totp.signInWithIdp(auth, this._buildIdpRequest()); + } + _buildIdpRequest(idToken) { + const request = { + requestUri: this.params.requestUri, + sessionId: this.params.sessionId, + postBody: this.params.postBody, + tenantId: this.params.tenantId, + pendingToken: this.params.pendingToken, + returnSecureToken: true, + returnIdpCredential: true + }; + if (idToken) { + request.idToken = idToken; + } + return request; + } +} +function _signIn(params) { + return totp._signInWithCredential(params.auth, new IdpCredential(params), params.bypassAuthState); +} +function _reauth(params) { + const { auth, user } = params; + totp._assert(user, auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + return totp._reauthenticate(user, new IdpCredential(params), params.bypassAuthState); +} +async function _link(params) { + const { auth, user } = params; + totp._assert(user, auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + return totp._link(user, new IdpCredential(params), params.bypassAuthState); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Popup event manager. Handles the popup's entire lifecycle; listens to auth + * events + */ +class AbstractPopupRedirectOperation { + constructor(auth, filter, resolver, user, bypassAuthState = false) { + this.auth = auth; + this.resolver = resolver; + this.user = user; + this.bypassAuthState = bypassAuthState; + this.pendingPromise = null; + this.eventManager = null; + this.filter = Array.isArray(filter) ? filter : [filter]; + } + execute() { + return new Promise(async (resolve, reject) => { + this.pendingPromise = { resolve, reject }; + try { + this.eventManager = await this.resolver._initialize(this.auth); + await this.onExecution(); + this.eventManager.registerConsumer(this); + } + catch (e) { + this.reject(e); + } + }); + } + async onAuthEvent(event) { + const { urlResponse, sessionId, postBody, tenantId, error, type } = event; + if (error) { + this.reject(error); + return; + } + const params = { + auth: this.auth, + requestUri: urlResponse, + sessionId: sessionId, + tenantId: tenantId || undefined, + postBody: postBody || undefined, + user: this.user, + bypassAuthState: this.bypassAuthState + }; + try { + this.resolve(await this.getIdpTask(type)(params)); + } + catch (e) { + this.reject(e); + } + } + onError(error) { + this.reject(error); + } + getIdpTask(type) { + switch (type) { + case "signInViaPopup" /* AuthEventType.SIGN_IN_VIA_POPUP */: + case "signInViaRedirect" /* AuthEventType.SIGN_IN_VIA_REDIRECT */: + return _signIn; + case "linkViaPopup" /* AuthEventType.LINK_VIA_POPUP */: + case "linkViaRedirect" /* AuthEventType.LINK_VIA_REDIRECT */: + return _link; + case "reauthViaPopup" /* AuthEventType.REAUTH_VIA_POPUP */: + case "reauthViaRedirect" /* AuthEventType.REAUTH_VIA_REDIRECT */: + return _reauth; + default: + totp._fail(this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + } + } + resolve(cred) { + totp.debugAssert(this.pendingPromise, 'Pending promise was never set'); + this.pendingPromise.resolve(cred); + this.unregisterAndCleanUp(); + } + reject(error) { + totp.debugAssert(this.pendingPromise, 'Pending promise was never set'); + this.pendingPromise.reject(error); + this.unregisterAndCleanUp(); + } + unregisterAndCleanUp() { + if (this.eventManager) { + this.eventManager.unregisterConsumer(this); + } + this.pendingPromise = null; + this.cleanUp(); + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +const PENDING_REDIRECT_KEY = 'pendingRedirect'; +// We only get one redirect outcome for any one auth, so just store it +// in here. +const redirectOutcomeMap = new Map(); +class RedirectAction extends AbstractPopupRedirectOperation { + constructor(auth, resolver, bypassAuthState = false) { + super(auth, [ + "signInViaRedirect" /* AuthEventType.SIGN_IN_VIA_REDIRECT */, + "linkViaRedirect" /* AuthEventType.LINK_VIA_REDIRECT */, + "reauthViaRedirect" /* AuthEventType.REAUTH_VIA_REDIRECT */, + "unknown" /* AuthEventType.UNKNOWN */ + ], resolver, undefined, bypassAuthState); + this.eventId = null; + } + /** + * Override the execute function; if we already have a redirect result, then + * just return it. + */ + async execute() { + let readyOutcome = redirectOutcomeMap.get(this.auth._key()); + if (!readyOutcome) { + try { + const hasPendingRedirect = await _getAndClearPendingRedirectStatus(this.resolver, this.auth); + const result = hasPendingRedirect ? await super.execute() : null; + readyOutcome = () => Promise.resolve(result); + } + catch (e) { + readyOutcome = () => Promise.reject(e); + } + redirectOutcomeMap.set(this.auth._key(), readyOutcome); + } + // If we're not bypassing auth state, the ready outcome should be set to + // null. + if (!this.bypassAuthState) { + redirectOutcomeMap.set(this.auth._key(), () => Promise.resolve(null)); + } + return readyOutcome(); + } + async onAuthEvent(event) { + if (event.type === "signInViaRedirect" /* AuthEventType.SIGN_IN_VIA_REDIRECT */) { + return super.onAuthEvent(event); + } + else if (event.type === "unknown" /* AuthEventType.UNKNOWN */) { + // This is a sentinel value indicating there's no pending redirect + this.resolve(null); + return; + } + if (event.eventId) { + const user = await this.auth._redirectUserForId(event.eventId); + if (user) { + this.user = user; + return super.onAuthEvent(event); + } + else { + this.resolve(null); + } + } + } + async onExecution() { } + cleanUp() { } +} +async function _getAndClearPendingRedirectStatus(resolver, auth) { + const key = pendingRedirectKey(auth); + const persistence = resolverPersistence(resolver); + if (!(await persistence._isAvailable())) { + return false; + } + const hasPendingRedirect = (await persistence._get(key)) === 'true'; + await persistence._remove(key); + return hasPendingRedirect; +} +function _clearRedirectOutcomes() { + redirectOutcomeMap.clear(); +} +function _overrideRedirectResult(auth, result) { + redirectOutcomeMap.set(auth._key(), result); +} +function resolverPersistence(resolver) { + return totp._getInstance(resolver._redirectPersistence); +} +function pendingRedirectKey(auth) { + return totp._persistenceKeyName(PENDING_REDIRECT_KEY, auth.config.apiKey, auth.name); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +async function _getRedirectResult(auth, resolverExtern, bypassAuthState = false) { + if (app._isFirebaseServerApp(auth.app)) { + return Promise.reject(totp._serverAppCurrentUserOperationNotSupportedError(auth)); + } + const authInternal = totp._castAuth(auth); + const resolver = _withDefaultResolver(authInternal, resolverExtern); + const action = new RedirectAction(authInternal, resolver, bypassAuthState); + const result = await action.execute(); + if (result && !bypassAuthState) { + delete result.user._redirectEventId; + await authInternal._persistUserIfCurrent(result.user); + await authInternal._setRedirectUser(null, resolverExtern); + } + return result; +} + +const STORAGE_AVAILABLE_KEY = '__sak'; + +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// There are two different browser persistence types: local and session. +// Both have the same implementation but use a different underlying storage +// object. +class BrowserPersistenceClass { + constructor(storageRetriever, type) { + this.storageRetriever = storageRetriever; + this.type = type; + } + _isAvailable() { + try { + if (!this.storage) { + return Promise.resolve(false); + } + this.storage.setItem(STORAGE_AVAILABLE_KEY, '1'); + this.storage.removeItem(STORAGE_AVAILABLE_KEY); + return Promise.resolve(true); + } + catch { + return Promise.resolve(false); + } + } + _set(key, value) { + this.storage.setItem(key, JSON.stringify(value)); + return Promise.resolve(); + } + _get(key) { + const json = this.storage.getItem(key); + return Promise.resolve(json ? JSON.parse(json) : null); + } + _remove(key) { + this.storage.removeItem(key); + return Promise.resolve(); + } + get storage() { + return this.storageRetriever(); + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +class BrowserSessionPersistence extends BrowserPersistenceClass { + constructor() { + super(() => window.sessionStorage, "SESSION" /* PersistenceType.SESSION */); + } + _addListener(_key, _listener) { + // Listeners are not supported for session storage since it cannot be shared across windows + return; + } + _removeListener(_key, _listener) { + // Listeners are not supported for session storage since it cannot be shared across windows + return; + } +} +BrowserSessionPersistence.type = 'SESSION'; +/** + * An implementation of {@link Persistence} of `SESSION` using `sessionStorage` + * for the underlying storage. + * + * @public + */ +const browserSessionPersistence = BrowserSessionPersistence; + +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * URL for Authentication widget which will initiate the OAuth handshake + * + * @internal + */ +const WIDGET_PATH = '__/auth/handler'; +/** + * URL for emulated environment + * + * @internal + */ +const EMULATOR_WIDGET_PATH = 'emulator/auth/handler'; +/** + * Fragment name for the App Check token that gets passed to the widget + * + * @internal + */ +const FIREBASE_APP_CHECK_FRAGMENT_ID = encodeURIComponent('fac'); +async function _getRedirectUrl(auth, provider, authType, redirectUrl, eventId, additionalParams) { + totp._assert(auth.config.authDomain, auth, "auth-domain-config-required" /* AuthErrorCode.MISSING_AUTH_DOMAIN */); + totp._assert(auth.config.apiKey, auth, "invalid-api-key" /* AuthErrorCode.INVALID_API_KEY */); + const params = { + apiKey: auth.config.apiKey, + appName: auth.name, + authType, + redirectUrl, + v: app.SDK_VERSION, + eventId + }; + if (provider instanceof totp.FederatedAuthProvider) { + provider.setDefaultLanguage(auth.languageCode); + params.providerId = provider.providerId || ''; + if (!util.isEmpty(provider.getCustomParameters())) { + params.customParameters = JSON.stringify(provider.getCustomParameters()); + } + // TODO set additionalParams from the provider as well? + for (const [key, value] of Object.entries(additionalParams || {})) { + params[key] = value; + } + } + if (provider instanceof totp.BaseOAuthProvider) { + const scopes = provider.getScopes().filter(scope => scope !== ''); + if (scopes.length > 0) { + params.scopes = scopes.join(','); + } + } + if (auth.tenantId) { + params.tid = auth.tenantId; + } + // TODO: maybe set eid as endpointId + // TODO: maybe set fw as Frameworks.join(",") + const paramsDict = params; + for (const key of Object.keys(paramsDict)) { + if (paramsDict[key] === undefined) { + delete paramsDict[key]; + } + } + // Sets the App Check token to pass to the widget + const appCheckToken = await auth._getAppCheckToken(); + const appCheckTokenFragment = appCheckToken + ? `#${FIREBASE_APP_CHECK_FRAGMENT_ID}=${encodeURIComponent(appCheckToken)}` + : ''; + // Start at index 1 to skip the leading '&' in the query string + return `${getHandlerBase(auth)}?${util.querystring(paramsDict).slice(1)}${appCheckTokenFragment}`; +} +function getHandlerBase({ config }) { + if (!config.emulator) { + return `https://${config.authDomain}/${WIDGET_PATH}`; + } + return totp._emulatorUrl(config, EMULATOR_WIDGET_PATH); +} + +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +function _cordovaWindow() { + return window; +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +async function _getProjectConfig(auth, request = {}) { + return totp._performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v1/projects" /* Endpoint.GET_PROJECT_CONFIG */, request); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * How long to wait after the app comes back into focus before concluding that + * the user closed the sign in tab. + */ +const REDIRECT_TIMEOUT_MS = 2000; +/** + * Generates the URL for the OAuth handler. + */ +async function _generateHandlerUrl(auth, event, provider) { + // Get the cordova plugins + const { BuildInfo } = _cordovaWindow(); + totp.debugAssert(event.sessionId, 'AuthEvent did not contain a session ID'); + const sessionDigest = await computeSha256(event.sessionId); + const additionalParams = {}; + if (totp._isIOS()) { + // iOS app identifier + additionalParams['ibi'] = BuildInfo.packageName; + } + else if (totp._isAndroid()) { + // Android app identifier + additionalParams['apn'] = BuildInfo.packageName; + } + else { + totp._fail(auth, "operation-not-supported-in-this-environment" /* AuthErrorCode.OPERATION_NOT_SUPPORTED */); + } + // Add the display name if available + if (BuildInfo.displayName) { + additionalParams['appDisplayName'] = BuildInfo.displayName; + } + // Attached the hashed session ID + additionalParams['sessionId'] = sessionDigest; + return _getRedirectUrl(auth, provider, event.type, undefined, event.eventId ?? undefined, additionalParams); +} +/** + * Validates that this app is valid for this project configuration + */ +async function _validateOrigin(auth) { + const { BuildInfo } = _cordovaWindow(); + const request = {}; + if (totp._isIOS()) { + request.iosBundleId = BuildInfo.packageName; + } + else if (totp._isAndroid()) { + request.androidPackageName = BuildInfo.packageName; + } + else { + totp._fail(auth, "operation-not-supported-in-this-environment" /* AuthErrorCode.OPERATION_NOT_SUPPORTED */); + } + // Will fail automatically if package name is not authorized + await _getProjectConfig(auth, request); +} +function _performRedirect(handlerUrl) { + // Get the cordova plugins + const { cordova } = _cordovaWindow(); + return new Promise(resolve => { + cordova.plugins.browsertab.isAvailable(browserTabIsAvailable => { + let iabRef = null; + if (browserTabIsAvailable) { + cordova.plugins.browsertab.openUrl(handlerUrl); + } + else { + // TODO: Return the inappbrowser ref that's returned from the open call + iabRef = cordova.InAppBrowser.open(handlerUrl, totp._isIOS7Or8() ? '_blank' : '_system', 'location=yes'); + } + resolve(iabRef); + }); + }); +} +/** + * This function waits for app activity to be seen before resolving. It does + * this by attaching listeners to various dom events. Once the app is determined + * to be visible, this promise resolves. AFTER that resolution, the listeners + * are detached and any browser tabs left open will be closed. + */ +async function _waitForAppResume(auth, eventListener, iabRef) { + // Get the cordova plugins + const { cordova } = _cordovaWindow(); + let cleanup = () => { }; + try { + await new Promise((resolve, reject) => { + let onCloseTimer = null; + // DEFINE ALL THE CALLBACKS ===== + function authEventSeen() { + // Auth event was detected. Resolve this promise and close the extra + // window if it's still open. + resolve(); + const closeBrowserTab = cordova.plugins.browsertab?.close; + if (typeof closeBrowserTab === 'function') { + closeBrowserTab(); + } + // Close inappbrowser embedded webview in iOS7 and 8 case if still + // open. + if (typeof iabRef?.close === 'function') { + iabRef.close(); + } + } + function resumed() { + if (onCloseTimer) { + // This code already ran; do not rerun. + return; + } + onCloseTimer = window.setTimeout(() => { + // Wait two seconds after resume then reject. + reject(totp._createError(auth, "redirect-cancelled-by-user" /* AuthErrorCode.REDIRECT_CANCELLED_BY_USER */)); + }, REDIRECT_TIMEOUT_MS); + } + function visibilityChanged() { + if (document?.visibilityState === 'visible') { + resumed(); + } + } + // ATTACH ALL THE LISTENERS ===== + // Listen for the auth event + eventListener.addPassiveListener(authEventSeen); + // Listen for resume and visibility events + document.addEventListener('resume', resumed, false); + if (totp._isAndroid()) { + document.addEventListener('visibilitychange', visibilityChanged, false); + } + // SETUP THE CLEANUP FUNCTION ===== + cleanup = () => { + eventListener.removePassiveListener(authEventSeen); + document.removeEventListener('resume', resumed, false); + document.removeEventListener('visibilitychange', visibilityChanged, false); + if (onCloseTimer) { + window.clearTimeout(onCloseTimer); + } + }; + }); + } + finally { + cleanup(); + } +} +/** + * Checks the configuration of the Cordova environment. This has no side effect + * if the configuration is correct; otherwise it throws an error with the + * missing plugin. + */ +function _checkCordovaConfiguration(auth) { + const win = _cordovaWindow(); + // Check all dependencies installed. + // https://github.com/nordnet/cordova-universal-links-plugin + // Note that cordova-universal-links-plugin has been abandoned. + // A fork with latest fixes is available at: + // https://www.npmjs.com/package/cordova-universal-links-plugin-fix + totp._assert(typeof win?.universalLinks?.subscribe === 'function', auth, "invalid-cordova-configuration" /* AuthErrorCode.INVALID_CORDOVA_CONFIGURATION */, { + missingPlugin: 'cordova-universal-links-plugin-fix' + }); + // https://www.npmjs.com/package/cordova-plugin-buildinfo + totp._assert(typeof win?.BuildInfo?.packageName !== 'undefined', auth, "invalid-cordova-configuration" /* AuthErrorCode.INVALID_CORDOVA_CONFIGURATION */, { + missingPlugin: 'cordova-plugin-buildInfo' + }); + // https://github.com/google/cordova-plugin-browsertab + totp._assert(typeof win?.cordova?.plugins?.browsertab?.openUrl === 'function', auth, "invalid-cordova-configuration" /* AuthErrorCode.INVALID_CORDOVA_CONFIGURATION */, { + missingPlugin: 'cordova-plugin-browsertab' + }); + totp._assert(typeof win?.cordova?.plugins?.browsertab?.isAvailable === 'function', auth, "invalid-cordova-configuration" /* AuthErrorCode.INVALID_CORDOVA_CONFIGURATION */, { + missingPlugin: 'cordova-plugin-browsertab' + }); + // https://cordova.apache.org/docs/en/latest/reference/cordova-plugin-inappbrowser/ + totp._assert(typeof win?.cordova?.InAppBrowser?.open === 'function', auth, "invalid-cordova-configuration" /* AuthErrorCode.INVALID_CORDOVA_CONFIGURATION */, { + missingPlugin: 'cordova-plugin-inappbrowser' + }); +} +/** + * Computes the SHA-256 of a session ID. The SubtleCrypto interface is only + * available in "secure" contexts, which covers Cordova (which is served on a file + * protocol). + */ +async function computeSha256(sessionId) { + const bytes = stringToArrayBuffer(sessionId); + // TODO: For IE11 crypto has a different name and this operation comes back + // as an object, not a promise. This is the old proposed standard that + // is used by IE11: + // https://www.w3.org/TR/2013/WD-WebCryptoAPI-20130108/#cryptooperation-interface + const buf = await crypto.subtle.digest('SHA-256', bytes); + const arr = Array.from(new Uint8Array(buf)); + return arr.map(num => num.toString(16).padStart(2, '0')).join(''); +} +function stringToArrayBuffer(str) { + // This function is only meant to deal with an ASCII charset and makes + // certain simplifying assumptions. + totp.debugAssert(/[0-9a-zA-Z]+/.test(str), 'Can only convert alpha-numeric strings'); + if (typeof TextEncoder !== 'undefined') { + return new TextEncoder().encode(str); + } + const buff = new ArrayBuffer(str.length); + const view = new Uint8Array(buff); + for (let i = 0; i < str.length; i++) { + view[i] = str.charCodeAt(i); + } + return view; +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// The amount of time to store the UIDs of seen events; this is +// set to 10 min by default +const EVENT_DUPLICATION_CACHE_DURATION_MS = 10 * 60 * 1000; +class AuthEventManager { + constructor(auth) { + this.auth = auth; + this.cachedEventUids = new Set(); + this.consumers = new Set(); + this.queuedRedirectEvent = null; + this.hasHandledPotentialRedirect = false; + this.lastProcessedEventTime = Date.now(); + } + registerConsumer(authEventConsumer) { + this.consumers.add(authEventConsumer); + if (this.queuedRedirectEvent && + this.isEventForConsumer(this.queuedRedirectEvent, authEventConsumer)) { + this.sendToConsumer(this.queuedRedirectEvent, authEventConsumer); + this.saveEventToCache(this.queuedRedirectEvent); + this.queuedRedirectEvent = null; + } + } + unregisterConsumer(authEventConsumer) { + this.consumers.delete(authEventConsumer); + } + onEvent(event) { + // Check if the event has already been handled + if (this.hasEventBeenHandled(event)) { + return false; + } + let handled = false; + this.consumers.forEach(consumer => { + if (this.isEventForConsumer(event, consumer)) { + handled = true; + this.sendToConsumer(event, consumer); + this.saveEventToCache(event); + } + }); + if (this.hasHandledPotentialRedirect || !isRedirectEvent(event)) { + // If we've already seen a redirect before, or this is a popup event, + // bail now + return handled; + } + this.hasHandledPotentialRedirect = true; + // If the redirect wasn't handled, hang on to it + if (!handled) { + this.queuedRedirectEvent = event; + handled = true; + } + return handled; + } + sendToConsumer(event, consumer) { + if (event.error && !isNullRedirectEvent(event)) { + const code = event.error.code?.split('auth/')[1] || + "internal-error" /* AuthErrorCode.INTERNAL_ERROR */; + consumer.onError(totp._createError(this.auth, code)); + } + else { + consumer.onAuthEvent(event); + } + } + isEventForConsumer(event, consumer) { + const eventIdMatches = consumer.eventId === null || + (!!event.eventId && event.eventId === consumer.eventId); + return consumer.filter.includes(event.type) && eventIdMatches; + } + hasEventBeenHandled(event) { + if (Date.now() - this.lastProcessedEventTime >= + EVENT_DUPLICATION_CACHE_DURATION_MS) { + this.cachedEventUids.clear(); + } + return this.cachedEventUids.has(eventUid(event)); + } + saveEventToCache(event) { + this.cachedEventUids.add(eventUid(event)); + this.lastProcessedEventTime = Date.now(); + } +} +function eventUid(e) { + return [e.type, e.eventId, e.sessionId, e.tenantId].filter(v => v).join('-'); +} +function isNullRedirectEvent({ type, error }) { + return (type === "unknown" /* AuthEventType.UNKNOWN */ && + error?.code === `auth/${"no-auth-event" /* AuthErrorCode.NO_AUTH_EVENT */}`); +} +function isRedirectEvent(event) { + switch (event.type) { + case "signInViaRedirect" /* AuthEventType.SIGN_IN_VIA_REDIRECT */: + case "linkViaRedirect" /* AuthEventType.LINK_VIA_REDIRECT */: + case "reauthViaRedirect" /* AuthEventType.REAUTH_VIA_REDIRECT */: + return true; + case "unknown" /* AuthEventType.UNKNOWN */: + return isNullRedirectEvent(event); + default: + return false; + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// The polling period in case events are not supported +const _POLLING_INTERVAL_MS = 1000; +// The IE 10 localStorage cross tab synchronization delay in milliseconds +const IE10_LOCAL_STORAGE_SYNC_DELAY = 10; +class BrowserLocalPersistence extends BrowserPersistenceClass { + constructor() { + super(() => window.localStorage, "LOCAL" /* PersistenceType.LOCAL */); + this.boundEventHandler = (event, poll) => this.onStorageEvent(event, poll); + this.listeners = {}; + this.localCache = {}; + // setTimeout return value is platform specific + // eslint-disable-next-line @typescript-eslint/no-explicit-any + this.pollTimer = null; + // Whether to use polling instead of depending on window events + this.fallbackToPolling = totp._isMobileBrowser(); + this._shouldAllowMigration = true; + } + forAllChangedKeys(cb) { + // Check all keys with listeners on them. + for (const key of Object.keys(this.listeners)) { + // Get value from localStorage. + const newValue = this.storage.getItem(key); + const oldValue = this.localCache[key]; + // If local map value does not match, trigger listener with storage event. + // Differentiate this simulated event from the real storage event. + if (newValue !== oldValue) { + cb(key, oldValue, newValue); + } + } + } + onStorageEvent(event, poll = false) { + // Key would be null in some situations, like when localStorage is cleared + if (!event.key) { + this.forAllChangedKeys((key, _oldValue, newValue) => { + this.notifyListeners(key, newValue); + }); + return; + } + const key = event.key; + // Check the mechanism how this event was detected. + // The first event will dictate the mechanism to be used. + if (poll) { + // Environment detects storage changes via polling. + // Remove storage event listener to prevent possible event duplication. + this.detachListener(); + } + else { + // Environment detects storage changes via storage event listener. + // Remove polling listener to prevent possible event duplication. + this.stopPolling(); + } + const triggerListeners = () => { + // Keep local map up to date in case storage event is triggered before + // poll. + const storedValue = this.storage.getItem(key); + if (!poll && this.localCache[key] === storedValue) { + // Real storage event which has already been detected, do nothing. + // This seems to trigger in some IE browsers for some reason. + return; + } + this.notifyListeners(key, storedValue); + }; + const storedValue = this.storage.getItem(key); + if (totp._isIE10() && + storedValue !== event.newValue && + event.newValue !== event.oldValue) { + // IE 10 has this weird bug where a storage event would trigger with the + // correct key, oldValue and newValue but localStorage.getItem(key) does + // not yield the updated value until a few milliseconds. This ensures + // this recovers from that situation. + setTimeout(triggerListeners, IE10_LOCAL_STORAGE_SYNC_DELAY); + } + else { + triggerListeners(); + } + } + notifyListeners(key, value) { + this.localCache[key] = value; + const listeners = this.listeners[key]; + if (listeners) { + for (const listener of Array.from(listeners)) { + listener(value ? JSON.parse(value) : value); + } + } + } + startPolling() { + this.stopPolling(); + this.pollTimer = setInterval(() => { + this.forAllChangedKeys((key, oldValue, newValue) => { + this.onStorageEvent(new StorageEvent('storage', { + key, + oldValue, + newValue + }), + /* poll */ true); + }); + }, _POLLING_INTERVAL_MS); + } + stopPolling() { + if (this.pollTimer) { + clearInterval(this.pollTimer); + this.pollTimer = null; + } + } + attachListener() { + window.addEventListener('storage', this.boundEventHandler); + } + detachListener() { + window.removeEventListener('storage', this.boundEventHandler); + } + _addListener(key, listener) { + if (Object.keys(this.listeners).length === 0) { + // Whether browser can detect storage event when it had already been pushed to the background. + // This may happen in some mobile browsers. A localStorage change in the foreground window + // will not be detected in the background window via the storage event. + // This was detected in iOS 7.x mobile browsers + if (this.fallbackToPolling) { + this.startPolling(); + } + else { + this.attachListener(); + } + } + if (!this.listeners[key]) { + this.listeners[key] = new Set(); + // Populate the cache to avoid spuriously triggering on first poll. + this.localCache[key] = this.storage.getItem(key); + } + this.listeners[key].add(listener); + } + _removeListener(key, listener) { + if (this.listeners[key]) { + this.listeners[key].delete(listener); + if (this.listeners[key].size === 0) { + delete this.listeners[key]; + } + } + if (Object.keys(this.listeners).length === 0) { + this.detachListener(); + this.stopPolling(); + } + } + // Update local cache on base operations: + async _set(key, value) { + await super._set(key, value); + this.localCache[key] = JSON.stringify(value); + } + async _get(key) { + const value = await super._get(key); + this.localCache[key] = JSON.stringify(value); + return value; + } + async _remove(key) { + await super._remove(key); + delete this.localCache[key]; + } +} +BrowserLocalPersistence.type = 'LOCAL'; +/** + * An implementation of {@link Persistence} of type `LOCAL` using `localStorage` + * for the underlying storage. + * + * @public + */ +const browserLocalPersistence = BrowserLocalPersistence; + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +const SESSION_ID_LENGTH = 20; +/** Custom AuthEventManager that adds passive listeners to events */ +class CordovaAuthEventManager extends AuthEventManager { + constructor() { + super(...arguments); + this.passiveListeners = new Set(); + this.initPromise = new Promise(resolve => { + this.resolveInitialized = resolve; + }); + } + addPassiveListener(cb) { + this.passiveListeners.add(cb); + } + removePassiveListener(cb) { + this.passiveListeners.delete(cb); + } + // In a Cordova environment, this manager can live through multiple redirect + // operations + resetRedirect() { + this.queuedRedirectEvent = null; + this.hasHandledPotentialRedirect = false; + } + /** Override the onEvent method */ + onEvent(event) { + this.resolveInitialized(); + this.passiveListeners.forEach(cb => cb(event)); + return super.onEvent(event); + } + async initialized() { + await this.initPromise; + } +} +/** + * Generates a (partial) {@link AuthEvent}. + */ +function _generateNewEvent(auth, type, eventId = null) { + return { + type, + eventId, + urlResponse: null, + sessionId: generateSessionId(), + postBody: null, + tenantId: auth.tenantId, + error: totp._createError(auth, "no-auth-event" /* AuthErrorCode.NO_AUTH_EVENT */) + }; +} +function _savePartialEvent(auth, event) { + return storage()._set(persistenceKey(auth), event); +} +async function _getAndRemoveEvent(auth) { + const event = (await storage()._get(persistenceKey(auth))); + if (event) { + await storage()._remove(persistenceKey(auth)); + } + return event; +} +function _eventFromPartialAndUrl(partialEvent, url) { + // Parse the deep link within the dynamic link URL. + const callbackUrl = _getDeepLinkFromCallback(url); + // Confirm it is actually a callback URL. + // Currently the universal link will be of this format: + // https://<AUTH_DOMAIN>/__/auth/callback<OAUTH_RESPONSE> + // This is a fake URL but is not intended to take the user anywhere + // and just redirect to the app. + if (callbackUrl.includes('/__/auth/callback')) { + // Check if there is an error in the URL. + // This mechanism is also used to pass errors back to the app: + // https://<AUTH_DOMAIN>/__/auth/callback?firebaseError=<STRINGIFIED_ERROR> + const params = searchParamsOrEmpty(callbackUrl); + // Get the error object corresponding to the stringified error if found. + const errorObject = params['firebaseError'] + ? parseJsonOrNull(decodeURIComponent(params['firebaseError'])) + : null; + const code = errorObject?.['code']?.split('auth/')?.[1]; + const error = code ? totp._createError(code) : null; + if (error) { + return { + type: partialEvent.type, + eventId: partialEvent.eventId, + tenantId: partialEvent.tenantId, + error, + urlResponse: null, + sessionId: null, + postBody: null + }; + } + else { + return { + type: partialEvent.type, + eventId: partialEvent.eventId, + tenantId: partialEvent.tenantId, + sessionId: partialEvent.sessionId, + urlResponse: callbackUrl, + postBody: null + }; + } + } + return null; +} +function generateSessionId() { + const chars = []; + const allowedChars = '1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; + for (let i = 0; i < SESSION_ID_LENGTH; i++) { + const idx = Math.floor(Math.random() * allowedChars.length); + chars.push(allowedChars.charAt(idx)); + } + return chars.join(''); +} +function storage() { + return totp._getInstance(browserLocalPersistence); +} +function persistenceKey(auth) { + return totp._persistenceKeyName("authEvent" /* KeyName.AUTH_EVENT */, auth.config.apiKey, auth.name); +} +function parseJsonOrNull(json) { + try { + return JSON.parse(json); + } + catch (e) { + return null; + } +} +// Exported for testing +function _getDeepLinkFromCallback(url) { + const params = searchParamsOrEmpty(url); + const link = params['link'] ? decodeURIComponent(params['link']) : undefined; + // Double link case (automatic redirect) + const doubleDeepLink = searchParamsOrEmpty(link)['link']; + // iOS custom scheme links. + const iOSDeepLink = params['deep_link_id'] + ? decodeURIComponent(params['deep_link_id']) + : undefined; + const iOSDoubleDeepLink = searchParamsOrEmpty(iOSDeepLink)['link']; + return iOSDoubleDeepLink || iOSDeepLink || doubleDeepLink || link || url; +} +/** + * Optimistically tries to get search params from a string, or else returns an + * empty search params object. + */ +function searchParamsOrEmpty(url) { + if (!url?.includes('?')) { + return {}; + } + const [_, ...rest] = url.split('?'); + return util.querystringDecode(rest.join('?')); +} + +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * How long to wait for the initial auth event before concluding no + * redirect pending + */ +const INITIAL_EVENT_TIMEOUT_MS = 500; +class CordovaPopupRedirectResolver { + constructor() { + this._redirectPersistence = browserSessionPersistence; + this._shouldInitProactively = true; // This is lightweight for Cordova + this.eventManagers = new Map(); + this.originValidationPromises = {}; + this._completeRedirectFn = _getRedirectResult; + this._overrideRedirectResult = _overrideRedirectResult; + } + async _initialize(auth) { + const key = auth._key(); + let manager = this.eventManagers.get(key); + if (!manager) { + manager = new CordovaAuthEventManager(auth); + this.eventManagers.set(key, manager); + this.attachCallbackListeners(auth, manager); + } + return manager; + } + _openPopup(auth) { + totp._fail(auth, "operation-not-supported-in-this-environment" /* AuthErrorCode.OPERATION_NOT_SUPPORTED */); + } + async _openRedirect(auth, provider, authType, eventId) { + _checkCordovaConfiguration(auth); + const manager = await this._initialize(auth); + await manager.initialized(); + // Reset the persisted redirect states. This does not matter on Web where + // the redirect always blows away application state entirely. On Cordova, + // the app maintains control flow through the redirect. + manager.resetRedirect(); + _clearRedirectOutcomes(); + await this._originValidation(auth); + const event = _generateNewEvent(auth, authType, eventId); + await _savePartialEvent(auth, event); + const url = await _generateHandlerUrl(auth, event, provider); + const iabRef = await _performRedirect(url); + return _waitForAppResume(auth, manager, iabRef); + } + _isIframeWebStorageSupported(_auth, _cb) { + throw new Error('Method not implemented.'); + } + _originValidation(auth) { + const key = auth._key(); + if (!this.originValidationPromises[key]) { + this.originValidationPromises[key] = _validateOrigin(auth); + } + return this.originValidationPromises[key]; + } + attachCallbackListeners(auth, manager) { + // Get the global plugins + const { universalLinks, handleOpenURL, BuildInfo } = _cordovaWindow(); + const noEventTimeout = setTimeout(async () => { + // We didn't see that initial event. Clear any pending object and + // dispatch no event + await _getAndRemoveEvent(auth); + manager.onEvent(generateNoEvent()); + }, INITIAL_EVENT_TIMEOUT_MS); + const universalLinksCb = async (eventData) => { + // We have an event so we can clear the no event timeout + clearTimeout(noEventTimeout); + const partialEvent = await _getAndRemoveEvent(auth); + let finalEvent = null; + if (partialEvent && eventData?.['url']) { + finalEvent = _eventFromPartialAndUrl(partialEvent, eventData['url']); + } + // If finalEvent is never filled, trigger with no event + manager.onEvent(finalEvent || generateNoEvent()); + }; + // Universal links subscriber doesn't exist for iOS, so we need to check + if (typeof universalLinks !== 'undefined' && + typeof universalLinks.subscribe === 'function') { + universalLinks.subscribe(null, universalLinksCb); + } + // iOS 7 or 8 custom URL schemes. + // This is also the current default behavior for iOS 9+. + // For this to work, cordova-plugin-customurlscheme needs to be installed. + // https://github.com/EddyVerbruggen/Custom-URL-scheme + // Do not overwrite the existing developer's URL handler. + const existingHandleOpenURL = handleOpenURL; + const packagePrefix = `${BuildInfo.packageName.toLowerCase()}://`; + _cordovaWindow().handleOpenURL = async (url) => { + if (url.toLowerCase().startsWith(packagePrefix)) { + // We want this intentionally to float + // eslint-disable-next-line @typescript-eslint/no-floating-promises + universalLinksCb({ url }); + } + // Call the developer's handler if it is present. + if (typeof existingHandleOpenURL === 'function') { + try { + existingHandleOpenURL(url); + } + catch (e) { + // This is a developer error. Don't stop the flow of the SDK. + console.error(e); + } + } + }; + } +} +/** + * An implementation of {@link PopupRedirectResolver} suitable for Cordova + * based applications. + * + * @public + */ +const cordovaPopupRedirectResolver = CordovaPopupRedirectResolver; +function generateNoEvent() { + return { + type: "unknown" /* AuthEventType.UNKNOWN */, + eventId: null, + sessionId: null, + urlResponse: null, + postBody: null, + tenantId: null, + error: totp._createError("no-auth-event" /* AuthErrorCode.NO_AUTH_EVENT */) + }; +} + +/** + * @license + * Copyright 2017 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// This function should only be called by frameworks (e.g. FirebaseUI-web) to log their usage. +// It is not intended for direct use by developer apps. NO jsdoc here to intentionally leave it out +// of autogenerated documentation pages to reduce accidental misuse. +function addFrameworkForLogging(auth, framework) { + totp._castAuth(auth)._logFramework(framework); +} + +exports.ActionCodeOperation = totp.ActionCodeOperation; +exports.ActionCodeURL = totp.ActionCodeURL; +exports.AuthCredential = totp.AuthCredential; +exports.AuthErrorCodes = totp.AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY; +exports.AuthImpl = totp.AuthImpl; +exports.EmailAuthCredential = totp.EmailAuthCredential; +exports.EmailAuthProvider = totp.EmailAuthProvider; +exports.FacebookAuthProvider = totp.FacebookAuthProvider; +exports.FactorId = totp.FactorId; +exports.FetchProvider = totp.FetchProvider; +exports.GithubAuthProvider = totp.GithubAuthProvider; +exports.GoogleAuthProvider = totp.GoogleAuthProvider; +exports.OAuthCredential = totp.OAuthCredential; +exports.OAuthProvider = totp.OAuthProvider; +exports.OperationType = totp.OperationType; +exports.PhoneAuthCredential = totp.PhoneAuthCredential; +exports.PhoneAuthProvider = totp.PhoneAuthProvider; +exports.PhoneMultiFactorGenerator = totp.PhoneMultiFactorGenerator; +exports.ProviderId = totp.ProviderId; +exports.RecaptchaVerifier = totp.RecaptchaVerifier; +exports.SAMLAuthCredential = totp.SAMLAuthCredential; +exports.SAMLAuthProvider = totp.SAMLAuthProvider; +exports.SignInMethod = totp.SignInMethod; +exports.TotpMultiFactorGenerator = totp.TotpMultiFactorGenerator; +exports.TotpSecret = totp.TotpSecret; +exports.TwitterAuthProvider = totp.TwitterAuthProvider; +exports.UserImpl = totp.UserImpl; +exports._assert = totp._assert; +exports._castAuth = totp._castAuth; +exports._fail = totp._fail; +exports._getClientVersion = totp._getClientVersion; +exports._getInstance = totp._getInstance; +exports._persistenceKeyName = totp._persistenceKeyName; +exports.applyActionCode = totp.applyActionCode; +exports.beforeAuthStateChanged = totp.beforeAuthStateChanged; +exports.browserCookiePersistence = totp.browserCookiePersistence; +exports.browserLocalPersistence = totp.browserLocalPersistence; +exports.browserPopupRedirectResolver = totp.browserPopupRedirectResolver; +exports.browserSessionPersistence = totp.browserSessionPersistence; +exports.checkActionCode = totp.checkActionCode; +exports.confirmPasswordReset = totp.confirmPasswordReset; +exports.connectAuthEmulator = totp.connectAuthEmulator; +exports.createUserWithEmailAndPassword = totp.createUserWithEmailAndPassword; +exports.debugErrorMap = totp.debugErrorMap; +exports.deleteUser = totp.deleteUser; +exports.fetchSignInMethodsForEmail = totp.fetchSignInMethodsForEmail; +exports.getAdditionalUserInfo = totp.getAdditionalUserInfo; +exports.getAuth = totp.getAuth; +exports.getIdToken = totp.getIdToken; +exports.getIdTokenResult = totp.getIdTokenResult; +exports.getMultiFactorResolver = totp.getMultiFactorResolver; +exports.getRedirectResult = totp.getRedirectResult; +exports.inMemoryPersistence = totp.inMemoryPersistence; +exports.indexedDBLocalPersistence = totp.indexedDBLocalPersistence; +exports.initializeAuth = totp.initializeAuth; +exports.initializeRecaptchaConfig = totp.initializeRecaptchaConfig; +exports.isSignInWithEmailLink = totp.isSignInWithEmailLink; +exports.linkWithCredential = totp.linkWithCredential; +exports.linkWithPhoneNumber = totp.linkWithPhoneNumber; +exports.linkWithPopup = totp.linkWithPopup; +exports.linkWithRedirect = totp.linkWithRedirect; +exports.multiFactor = totp.multiFactor; +exports.onAuthStateChanged = totp.onAuthStateChanged; +exports.onIdTokenChanged = totp.onIdTokenChanged; +exports.parseActionCodeURL = totp.parseActionCodeURL; +exports.prodErrorMap = totp.prodErrorMap; +exports.reauthenticateWithCredential = totp.reauthenticateWithCredential; +exports.reauthenticateWithPhoneNumber = totp.reauthenticateWithPhoneNumber; +exports.reauthenticateWithPopup = totp.reauthenticateWithPopup; +exports.reauthenticateWithRedirect = totp.reauthenticateWithRedirect; +exports.reload = totp.reload; +exports.revokeAccessToken = totp.revokeAccessToken; +exports.sendEmailVerification = totp.sendEmailVerification; +exports.sendPasswordResetEmail = totp.sendPasswordResetEmail; +exports.sendSignInLinkToEmail = totp.sendSignInLinkToEmail; +exports.setPersistence = totp.setPersistence; +exports.signInAnonymously = totp.signInAnonymously; +exports.signInWithCredential = totp.signInWithCredential; +exports.signInWithCustomToken = totp.signInWithCustomToken; +exports.signInWithEmailAndPassword = totp.signInWithEmailAndPassword; +exports.signInWithEmailLink = totp.signInWithEmailLink; +exports.signInWithPhoneNumber = totp.signInWithPhoneNumber; +exports.signInWithPopup = totp.signInWithPopup; +exports.signInWithRedirect = totp.signInWithRedirect; +exports.signOut = totp.signOut; +exports.unlink = totp.unlink; +exports.updateCurrentUser = totp.updateCurrentUser; +exports.updateEmail = totp.updateEmail; +exports.updatePassword = totp.updatePassword; +exports.updatePhoneNumber = totp.updatePhoneNumber; +exports.updateProfile = totp.updateProfile; +exports.useDeviceLanguage = totp.useDeviceLanguage; +exports.validatePassword = totp.validatePassword; +exports.verifyBeforeUpdateEmail = totp.verifyBeforeUpdateEmail; +exports.verifyPasswordResetCode = totp.verifyPasswordResetCode; +exports.AuthPopup = AuthPopup; +exports._generateEventId = _generateEventId; +exports._getRedirectResult = _getRedirectResult; +exports._overrideRedirectResult = _overrideRedirectResult; +exports.addFrameworkForLogging = addFrameworkForLogging; +exports.cordovaPopupRedirectResolver = cordovaPopupRedirectResolver; +//# sourceMappingURL=internal.js.map diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/internal.js.map b/frontend-old/node_modules/@firebase/auth/dist/node/internal.js.map new file mode 100644 index 0000000..1f2a64a --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/internal.js.map @@ -0,0 +1 @@ +{"version":3,"file":"internal.js","sources":["../../src/core/util/event_id.ts","../../src/platform_browser/util/popup.ts","../../src/core/util/resolver.ts","../../src/core/strategies/idp.ts","../../src/core/strategies/abstract_popup_redirect_operation.ts","../../src/core/strategies/redirect.ts","../../src/platform_browser/strategies/redirect.ts","../../src/core/persistence/index.ts","../../src/platform_browser/persistence/browser.ts","../../src/platform_browser/persistence/session_storage.ts","../../src/core/util/handler.ts","../../src/platform_cordova/plugins.ts","../../src/api/project_config/get_project_config.ts","../../src/platform_cordova/popup_redirect/utils.ts","../../src/core/auth/auth_event_manager.ts","../../src/platform_browser/persistence/local_storage.ts","../../src/platform_cordova/popup_redirect/events.ts","../../src/platform_cordova/popup_redirect/popup_redirect.ts","../../internal/index.ts"],"sourcesContent":["/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nexport function _generateEventId(prefix = '', digits = 10): string {\n let random = '';\n for (let i = 0; i < digits; i++) {\n random += Math.floor(Math.random() * 10);\n }\n return prefix + random;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { getUA } from '@firebase/util';\n\nimport { AuthErrorCode } from '../../core/errors';\nimport { _assert } from '../../core/util/assert';\nimport {\n _isChromeIOS,\n _isFirefox,\n _isIOSStandalone\n} from '../../core/util/browser';\nimport { AuthInternal } from '../../model/auth';\n\nconst BASE_POPUP_OPTIONS = {\n location: 'yes',\n resizable: 'yes',\n statusbar: 'yes',\n toolbar: 'no'\n};\n\nconst DEFAULT_WIDTH = 500;\nconst DEFAULT_HEIGHT = 600;\nconst TARGET_BLANK = '_blank';\n\nconst FIREFOX_EMPTY_URL = 'http://localhost';\n\nexport class AuthPopup {\n associatedEvent: string | null = null;\n\n constructor(readonly window: Window | null) {}\n\n close(): void {\n if (this.window) {\n try {\n this.window.close();\n } catch (e) {}\n }\n }\n}\n\nexport function _open(\n auth: AuthInternal,\n url?: string,\n name?: string,\n width = DEFAULT_WIDTH,\n height = DEFAULT_HEIGHT\n): AuthPopup {\n const top = Math.max((window.screen.availHeight - height) / 2, 0).toString();\n const left = Math.max((window.screen.availWidth - width) / 2, 0).toString();\n let target = '';\n\n const options: { [key: string]: string } = {\n ...BASE_POPUP_OPTIONS,\n width: width.toString(),\n height: height.toString(),\n top,\n left\n };\n\n // Chrome iOS 7 and 8 is returning an undefined popup win when target is\n // specified, even though the popup is not necessarily blocked.\n const ua = getUA().toLowerCase();\n\n if (name) {\n target = _isChromeIOS(ua) ? TARGET_BLANK : name;\n }\n\n if (_isFirefox(ua)) {\n // Firefox complains when invalid URLs are popped out. Hacky way to bypass.\n url = url || FIREFOX_EMPTY_URL;\n // Firefox disables by default scrolling on popup windows, which can create\n // issues when the user has many Google accounts, for instance.\n options.scrollbars = 'yes';\n }\n\n const optionsString = Object.entries(options).reduce(\n (accum, [key, value]) => `${accum}${key}=${value},`,\n ''\n );\n\n if (_isIOSStandalone(ua) && target !== '_self') {\n openAsNewWindowIOS(url || '', target);\n return new AuthPopup(null);\n }\n\n // about:blank getting sanitized causing browsers like IE/Edge to display\n // brief error message before redirecting to handler.\n const newWin = window.open(url || '', target, optionsString);\n _assert(newWin, auth, AuthErrorCode.POPUP_BLOCKED);\n\n // Flaky on IE edge, encapsulate with a try and catch.\n try {\n newWin.focus();\n } catch (e) {}\n\n return new AuthPopup(newWin);\n}\n\nfunction openAsNewWindowIOS(url: string, target: string): void {\n const el = document.createElement('a');\n el.href = url;\n el.target = target;\n const click = document.createEvent('MouseEvent');\n click.initMouseEvent(\n 'click',\n true,\n true,\n window,\n 1,\n 0,\n 0,\n 0,\n 0,\n false,\n false,\n false,\n false,\n 1,\n null\n );\n el.dispatchEvent(click);\n}\n","/**\n * @license\n * Copyright 2021 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { PopupRedirectResolver } from '../../model/public_types';\nimport { AuthInternal } from '../../model/auth';\nimport { PopupRedirectResolverInternal } from '../../model/popup_redirect';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from './assert';\nimport { _getInstance } from './instantiator';\n\n/**\n * Chooses a popup/redirect resolver to use. This prefers the override (which\n * is directly passed in), and falls back to the property set on the auth\n * object. If neither are available, this function errors w/ an argument error.\n */\nexport function _withDefaultResolver(\n auth: AuthInternal,\n resolverOverride: PopupRedirectResolver | undefined\n): PopupRedirectResolverInternal {\n if (resolverOverride) {\n return _getInstance(resolverOverride);\n }\n\n _assert(auth._popupRedirectResolver, auth, AuthErrorCode.ARGUMENT_ERROR);\n\n return auth._popupRedirectResolver;\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n signInWithIdp,\n SignInWithIdpRequest\n} from '../../api/authentication/idp';\nimport { PhoneOrOauthTokenResponse } from '../../api/authentication/mfa';\nimport { AuthInternal } from '../../model/auth';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { UserInternal, UserCredentialInternal } from '../../model/user';\nimport { AuthCredential } from '../credentials';\nimport { _link as _linkUser } from '../user/link_unlink';\nimport { _reauthenticate } from '../user/reauthenticate';\nimport { _assert } from '../util/assert';\nimport { _signInWithCredential } from './credential';\nimport { AuthErrorCode } from '../errors';\nimport { ProviderId } from '../../model/enums';\n\nexport interface IdpTaskParams {\n auth: AuthInternal;\n requestUri: string;\n sessionId?: string;\n tenantId?: string;\n postBody?: string;\n pendingToken?: string;\n user?: UserInternal;\n bypassAuthState?: boolean;\n}\n\nexport type IdpTask = (\n params: IdpTaskParams\n) => Promise<UserCredentialInternal>;\n\nclass IdpCredential extends AuthCredential {\n constructor(readonly params: IdpTaskParams) {\n super(ProviderId.CUSTOM, ProviderId.CUSTOM);\n }\n\n _getIdTokenResponse(auth: AuthInternal): Promise<PhoneOrOauthTokenResponse> {\n return signInWithIdp(auth, this._buildIdpRequest());\n }\n\n _linkToIdToken(\n auth: AuthInternal,\n idToken: string\n ): Promise<IdTokenResponse> {\n return signInWithIdp(auth, this._buildIdpRequest(idToken));\n }\n\n _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse> {\n return signInWithIdp(auth, this._buildIdpRequest());\n }\n\n private _buildIdpRequest(idToken?: string): SignInWithIdpRequest {\n const request: SignInWithIdpRequest = {\n requestUri: this.params.requestUri,\n sessionId: this.params.sessionId,\n postBody: this.params.postBody,\n tenantId: this.params.tenantId,\n pendingToken: this.params.pendingToken,\n returnSecureToken: true,\n returnIdpCredential: true\n };\n\n if (idToken) {\n request.idToken = idToken;\n }\n\n return request;\n }\n}\n\nexport function _signIn(\n params: IdpTaskParams\n): Promise<UserCredentialInternal> {\n return _signInWithCredential(\n params.auth,\n new IdpCredential(params),\n params.bypassAuthState\n ) as Promise<UserCredentialInternal>;\n}\n\nexport function _reauth(\n params: IdpTaskParams\n): Promise<UserCredentialInternal> {\n const { auth, user } = params;\n _assert(user, auth, AuthErrorCode.INTERNAL_ERROR);\n return _reauthenticate(\n user,\n new IdpCredential(params),\n params.bypassAuthState\n );\n}\n\nexport async function _link(\n params: IdpTaskParams\n): Promise<UserCredentialInternal> {\n const { auth, user } = params;\n _assert(user, auth, AuthErrorCode.INTERNAL_ERROR);\n return _linkUser(user, new IdpCredential(params), params.bypassAuthState);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { FirebaseError } from '@firebase/util';\n\nimport {\n AuthEvent,\n AuthEventConsumer,\n AuthEventType,\n EventManager,\n PopupRedirectResolverInternal\n} from '../../model/popup_redirect';\nimport { UserInternal, UserCredentialInternal } from '../../model/user';\nimport { AuthErrorCode } from '../errors';\nimport { debugAssert, _fail } from '../util/assert';\nimport {\n _link,\n _reauth,\n _signIn,\n IdpTask,\n IdpTaskParams\n} from '../strategies/idp';\nimport { AuthInternal } from '../../model/auth';\n\ninterface PendingPromise {\n resolve: (cred: UserCredentialInternal | null) => void;\n reject: (error: Error) => void;\n}\n\n/**\n * Popup event manager. Handles the popup's entire lifecycle; listens to auth\n * events\n */\nexport abstract class AbstractPopupRedirectOperation\n implements AuthEventConsumer\n{\n private pendingPromise: PendingPromise | null = null;\n private eventManager: EventManager | null = null;\n readonly filter: AuthEventType[];\n\n abstract eventId: string | null;\n\n constructor(\n protected readonly auth: AuthInternal,\n filter: AuthEventType | AuthEventType[],\n protected readonly resolver: PopupRedirectResolverInternal,\n protected user?: UserInternal,\n protected readonly bypassAuthState = false\n ) {\n this.filter = Array.isArray(filter) ? filter : [filter];\n }\n\n abstract onExecution(): Promise<void>;\n\n execute(): Promise<UserCredentialInternal | null> {\n return new Promise<UserCredentialInternal | null>(\n async (resolve, reject) => {\n this.pendingPromise = { resolve, reject };\n\n try {\n this.eventManager = await this.resolver._initialize(this.auth);\n await this.onExecution();\n this.eventManager.registerConsumer(this);\n } catch (e) {\n this.reject(e as Error);\n }\n }\n );\n }\n\n async onAuthEvent(event: AuthEvent): Promise<void> {\n const { urlResponse, sessionId, postBody, tenantId, error, type } = event;\n if (error) {\n this.reject(error);\n return;\n }\n\n const params: IdpTaskParams = {\n auth: this.auth,\n requestUri: urlResponse!,\n sessionId: sessionId!,\n tenantId: tenantId || undefined,\n postBody: postBody || undefined,\n user: this.user,\n bypassAuthState: this.bypassAuthState\n };\n\n try {\n this.resolve(await this.getIdpTask(type)(params));\n } catch (e) {\n this.reject(e as Error);\n }\n }\n\n onError(error: FirebaseError): void {\n this.reject(error);\n }\n\n private getIdpTask(type: AuthEventType): IdpTask {\n switch (type) {\n case AuthEventType.SIGN_IN_VIA_POPUP:\n case AuthEventType.SIGN_IN_VIA_REDIRECT:\n return _signIn;\n case AuthEventType.LINK_VIA_POPUP:\n case AuthEventType.LINK_VIA_REDIRECT:\n return _link;\n case AuthEventType.REAUTH_VIA_POPUP:\n case AuthEventType.REAUTH_VIA_REDIRECT:\n return _reauth;\n default:\n _fail(this.auth, AuthErrorCode.INTERNAL_ERROR);\n }\n }\n\n protected resolve(cred: UserCredentialInternal | null): void {\n debugAssert(this.pendingPromise, 'Pending promise was never set');\n this.pendingPromise.resolve(cred);\n this.unregisterAndCleanUp();\n }\n\n protected reject(error: Error): void {\n debugAssert(this.pendingPromise, 'Pending promise was never set');\n this.pendingPromise.reject(error);\n this.unregisterAndCleanUp();\n }\n\n private unregisterAndCleanUp(): void {\n if (this.eventManager) {\n this.eventManager.unregisterConsumer(this);\n }\n\n this.pendingPromise = null;\n this.cleanUp();\n }\n\n abstract cleanUp(): void;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthInternal } from '../../model/auth';\nimport {\n AuthEvent,\n AuthEventType,\n PopupRedirectResolverInternal\n} from '../../model/popup_redirect';\nimport { UserCredentialInternal } from '../../model/user';\nimport { PersistenceInternal } from '../persistence';\nimport { _persistenceKeyName } from '../persistence/persistence_user_manager';\nimport { _getInstance } from '../util/instantiator';\nimport { AbstractPopupRedirectOperation } from './abstract_popup_redirect_operation';\n\nconst PENDING_REDIRECT_KEY = 'pendingRedirect';\n\n// We only get one redirect outcome for any one auth, so just store it\n// in here.\nconst redirectOutcomeMap: Map<\n string,\n () => Promise<UserCredentialInternal | null>\n> = new Map();\n\nexport class RedirectAction extends AbstractPopupRedirectOperation {\n eventId = null;\n\n constructor(\n auth: AuthInternal,\n resolver: PopupRedirectResolverInternal,\n bypassAuthState = false\n ) {\n super(\n auth,\n [\n AuthEventType.SIGN_IN_VIA_REDIRECT,\n AuthEventType.LINK_VIA_REDIRECT,\n AuthEventType.REAUTH_VIA_REDIRECT,\n AuthEventType.UNKNOWN\n ],\n resolver,\n undefined,\n bypassAuthState\n );\n }\n\n /**\n * Override the execute function; if we already have a redirect result, then\n * just return it.\n */\n async execute(): Promise<UserCredentialInternal | null> {\n let readyOutcome = redirectOutcomeMap.get(this.auth._key());\n if (!readyOutcome) {\n try {\n const hasPendingRedirect = await _getAndClearPendingRedirectStatus(\n this.resolver,\n this.auth\n );\n const result = hasPendingRedirect ? await super.execute() : null;\n readyOutcome = () => Promise.resolve(result);\n } catch (e) {\n readyOutcome = () => Promise.reject(e);\n }\n\n redirectOutcomeMap.set(this.auth._key(), readyOutcome);\n }\n\n // If we're not bypassing auth state, the ready outcome should be set to\n // null.\n if (!this.bypassAuthState) {\n redirectOutcomeMap.set(this.auth._key(), () => Promise.resolve(null));\n }\n\n return readyOutcome();\n }\n\n async onAuthEvent(event: AuthEvent): Promise<void> {\n if (event.type === AuthEventType.SIGN_IN_VIA_REDIRECT) {\n return super.onAuthEvent(event);\n } else if (event.type === AuthEventType.UNKNOWN) {\n // This is a sentinel value indicating there's no pending redirect\n this.resolve(null);\n return;\n }\n\n if (event.eventId) {\n const user = await this.auth._redirectUserForId(event.eventId);\n if (user) {\n this.user = user;\n return super.onAuthEvent(event);\n } else {\n this.resolve(null);\n }\n }\n }\n\n async onExecution(): Promise<void> {}\n\n cleanUp(): void {}\n}\n\nexport async function _getAndClearPendingRedirectStatus(\n resolver: PopupRedirectResolverInternal,\n auth: AuthInternal\n): Promise<boolean> {\n const key = pendingRedirectKey(auth);\n const persistence = resolverPersistence(resolver);\n if (!(await persistence._isAvailable())) {\n return false;\n }\n const hasPendingRedirect = (await persistence._get(key)) === 'true';\n await persistence._remove(key);\n return hasPendingRedirect;\n}\n\nexport async function _setPendingRedirectStatus(\n resolver: PopupRedirectResolverInternal,\n auth: AuthInternal\n): Promise<void> {\n return resolverPersistence(resolver)._set(pendingRedirectKey(auth), 'true');\n}\n\nexport function _clearRedirectOutcomes(): void {\n redirectOutcomeMap.clear();\n}\n\nexport function _overrideRedirectResult(\n auth: AuthInternal,\n result: () => Promise<UserCredentialInternal | null>\n): void {\n redirectOutcomeMap.set(auth._key(), result);\n}\n\nfunction resolverPersistence(\n resolver: PopupRedirectResolverInternal\n): PersistenceInternal {\n return _getInstance(resolver._redirectPersistence);\n}\n\nfunction pendingRedirectKey(auth: AuthInternal): string {\n return _persistenceKeyName(\n PENDING_REDIRECT_KEY,\n auth.config.apiKey,\n auth.name\n );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n Auth,\n AuthProvider,\n PopupRedirectResolver,\n User,\n UserCredential\n} from '../../model/public_types';\n\nimport { _castAuth } from '../../core/auth/auth_impl';\nimport { _assertLinkedStatus } from '../../core/user/link_unlink';\nimport {\n _assertInstanceOf,\n _serverAppCurrentUserOperationNotSupportedError\n} from '../../core/util/assert';\nimport { _generateEventId } from '../../core/util/event_id';\nimport { AuthEventType } from '../../model/popup_redirect';\nimport { UserInternal } from '../../model/user';\nimport { _withDefaultResolver } from '../../core/util/resolver';\nimport {\n RedirectAction,\n _setPendingRedirectStatus\n} from '../../core/strategies/redirect';\nimport { FederatedAuthProvider } from '../../core/providers/federated';\nimport { getModularInstance } from '@firebase/util';\nimport { _isFirebaseServerApp } from '@firebase/app';\n\n/**\n * Authenticates a Firebase client using a full-page redirect flow.\n *\n * @remarks\n * To handle the results and errors for this operation, refer to {@link getRedirectResult}.\n * Follow the {@link https://firebase.google.com/docs/auth/web/redirect-best-practices\n * | best practices} when using {@link signInWithRedirect}.\n *\n * This method does not work in a Node.js environment or with {@link Auth} instances created with a\n * {@link @firebase/app#FirebaseServerApp}.\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new FacebookAuthProvider();\n * // You can add additional scopes to the provider:\n * provider.addScope('user_birthday');\n * // Start a sign in process for an unauthenticated user.\n * await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * if (result) {\n * // This is the signed-in user\n * const user = result.user;\n * // This gives you a Facebook Access Token.\n * const credential = provider.credentialFromResult(auth, result);\n * const token = credential.accessToken;\n * }\n * // As this API can be used for sign-in, linking and reauthentication,\n * // check the operationType to determine what triggered this redirect\n * // operation.\n * const operationType = result.operationType;\n * ```\n *\n * @param auth - The {@link Auth} instance.\n * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.\n * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.\n * @param resolver - An instance of {@link PopupRedirectResolver}, optional\n * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.\n *\n * @public\n */\nexport function signInWithRedirect(\n auth: Auth,\n provider: AuthProvider,\n resolver?: PopupRedirectResolver\n): Promise<never> {\n return _signInWithRedirect(auth, provider, resolver) as Promise<never>;\n}\n\nexport async function _signInWithRedirect(\n auth: Auth,\n provider: AuthProvider,\n resolver?: PopupRedirectResolver\n): Promise<void | never> {\n if (_isFirebaseServerApp(auth.app)) {\n return Promise.reject(\n _serverAppCurrentUserOperationNotSupportedError(auth)\n );\n }\n const authInternal = _castAuth(auth);\n _assertInstanceOf(auth, provider, FederatedAuthProvider);\n // Wait for auth initialization to complete, this will process pending redirects and clear the\n // PENDING_REDIRECT_KEY in persistence. This should be completed before starting a new\n // redirect and creating a PENDING_REDIRECT_KEY entry.\n await authInternal._initializationPromise;\n const resolverInternal = _withDefaultResolver(authInternal, resolver);\n await _setPendingRedirectStatus(resolverInternal, authInternal);\n\n return resolverInternal._openRedirect(\n authInternal,\n provider,\n AuthEventType.SIGN_IN_VIA_REDIRECT\n );\n}\n\n/**\n * Reauthenticates the current user with the specified {@link OAuthProvider} using a full-page redirect flow.\n * @remarks\n * To handle the results and errors for this operation, refer to {@link getRedirectResult}.\n * Follow the {@link https://firebase.google.com/docs/auth/web/redirect-best-practices\n * | best practices} when using {@link reauthenticateWithRedirect}.\n *\n * This method does not work in a Node.js environment or with {@link Auth} instances\n * created with a {@link @firebase/app#FirebaseServerApp}.\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new FacebookAuthProvider();\n * const result = await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * // Reauthenticate using a redirect.\n * await reauthenticateWithRedirect(result.user, provider);\n * // This will again trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * ```\n *\n * @param user - The user.\n * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.\n * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.\n * @param resolver - An instance of {@link PopupRedirectResolver}, optional\n * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.\n *\n * @public\n */\nexport function reauthenticateWithRedirect(\n user: User,\n provider: AuthProvider,\n resolver?: PopupRedirectResolver\n): Promise<never> {\n return _reauthenticateWithRedirect(\n user,\n provider,\n resolver\n ) as Promise<never>;\n}\nexport async function _reauthenticateWithRedirect(\n user: User,\n provider: AuthProvider,\n resolver?: PopupRedirectResolver\n): Promise<void | never> {\n const userInternal = getModularInstance(user) as UserInternal;\n _assertInstanceOf(userInternal.auth, provider, FederatedAuthProvider);\n if (_isFirebaseServerApp(userInternal.auth.app)) {\n return Promise.reject(\n _serverAppCurrentUserOperationNotSupportedError(userInternal.auth)\n );\n }\n // Wait for auth initialization to complete, this will process pending redirects and clear the\n // PENDING_REDIRECT_KEY in persistence. This should be completed before starting a new\n // redirect and creating a PENDING_REDIRECT_KEY entry.\n await userInternal.auth._initializationPromise;\n // Allow the resolver to error before persisting the redirect user\n const resolverInternal = _withDefaultResolver(userInternal.auth, resolver);\n await _setPendingRedirectStatus(resolverInternal, userInternal.auth);\n\n const eventId = await prepareUserForRedirect(userInternal);\n return resolverInternal._openRedirect(\n userInternal.auth,\n provider,\n AuthEventType.REAUTH_VIA_REDIRECT,\n eventId\n );\n}\n\n/**\n * Links the {@link OAuthProvider} to the user account using a full-page redirect flow.\n * @remarks\n * To handle the results and errors for this operation, refer to {@link getRedirectResult}.\n * Follow the {@link https://firebase.google.com/docs/auth/web/redirect-best-practices\n * | best practices} when using {@link linkWithRedirect}.\n *\n * This method does not work in a Node.js environment or with {@link Auth} instances\n * created with a {@link @firebase/app#FirebaseServerApp}.\n *\n * @example\n * ```javascript\n * // Sign in using some other provider.\n * const result = await signInWithEmailAndPassword(auth, email, password);\n * // Link using a redirect.\n * const provider = new FacebookAuthProvider();\n * await linkWithRedirect(result.user, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * ```\n *\n * @param user - The user.\n * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.\n * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.\n * @param resolver - An instance of {@link PopupRedirectResolver}, optional\n * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.\n *\n * @public\n */\nexport function linkWithRedirect(\n user: User,\n provider: AuthProvider,\n resolver?: PopupRedirectResolver\n): Promise<never> {\n return _linkWithRedirect(user, provider, resolver) as Promise<never>;\n}\nexport async function _linkWithRedirect(\n user: User,\n provider: AuthProvider,\n resolver?: PopupRedirectResolver\n): Promise<void | never> {\n const userInternal = getModularInstance(user) as UserInternal;\n _assertInstanceOf(userInternal.auth, provider, FederatedAuthProvider);\n // Wait for auth initialization to complete, this will process pending redirects and clear the\n // PENDING_REDIRECT_KEY in persistence. This should be completed before starting a new\n // redirect and creating a PENDING_REDIRECT_KEY entry.\n await userInternal.auth._initializationPromise;\n // Allow the resolver to error before persisting the redirect user\n const resolverInternal = _withDefaultResolver(userInternal.auth, resolver);\n await _assertLinkedStatus(false, userInternal, provider.providerId);\n await _setPendingRedirectStatus(resolverInternal, userInternal.auth);\n\n const eventId = await prepareUserForRedirect(userInternal);\n return resolverInternal._openRedirect(\n userInternal.auth,\n provider,\n AuthEventType.LINK_VIA_REDIRECT,\n eventId\n );\n}\n\n/**\n * Returns a {@link UserCredential} from the redirect-based sign-in flow.\n *\n * @remarks\n * If sign-in succeeded, returns the signed in user. If sign-in was unsuccessful, fails with an\n * error. If no redirect operation was called, returns `null`.\n *\n * This method does not work in a Node.js environment or with {@link Auth} instances created with a\n * {@link @firebase/app#FirebaseServerApp}.\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new FacebookAuthProvider();\n * // You can add additional scopes to the provider:\n * provider.addScope('user_birthday');\n * // Start a sign in process for an unauthenticated user.\n * await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * if (result) {\n * // This is the signed-in user\n * const user = result.user;\n * // This gives you a Facebook Access Token.\n * const credential = provider.credentialFromResult(auth, result);\n * const token = credential.accessToken;\n * }\n * // As this API can be used for sign-in, linking and reauthentication,\n * // check the operationType to determine what triggered this redirect\n * // operation.\n * const operationType = result.operationType;\n * ```\n *\n * @param auth - The {@link Auth} instance.\n * @param resolver - An instance of {@link PopupRedirectResolver}, optional\n * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.\n *\n * @public\n */\nexport async function getRedirectResult(\n auth: Auth,\n resolver?: PopupRedirectResolver\n): Promise<UserCredential | null> {\n await _castAuth(auth)._initializationPromise;\n return _getRedirectResult(auth, resolver, false);\n}\n\nexport async function _getRedirectResult(\n auth: Auth,\n resolverExtern?: PopupRedirectResolver,\n bypassAuthState = false\n): Promise<UserCredential | null> {\n if (_isFirebaseServerApp(auth.app)) {\n return Promise.reject(\n _serverAppCurrentUserOperationNotSupportedError(auth)\n );\n }\n const authInternal = _castAuth(auth);\n const resolver = _withDefaultResolver(authInternal, resolverExtern);\n const action = new RedirectAction(authInternal, resolver, bypassAuthState);\n const result = await action.execute();\n\n if (result && !bypassAuthState) {\n delete result.user._redirectEventId;\n await authInternal._persistUserIfCurrent(result.user as UserInternal);\n await authInternal._setRedirectUser(null, resolverExtern);\n }\n\n return result;\n}\n\nasync function prepareUserForRedirect(user: UserInternal): Promise<string> {\n const eventId = _generateEventId(`${user.uid}:::`);\n user._redirectEventId = eventId;\n await user.auth._setRedirectUser(user);\n await user.auth._persistUserIfCurrent(user);\n return eventId;\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { Persistence } from '../../model/public_types';\n\nexport const enum PersistenceType {\n SESSION = 'SESSION',\n LOCAL = 'LOCAL',\n NONE = 'NONE',\n COOKIE = 'COOKIE'\n}\n\nexport type PersistedBlob = Record<string, unknown>;\n\nexport interface Instantiator<T> {\n (blob: PersistedBlob): T;\n}\n\nexport type PersistenceValue = PersistedBlob | string;\n\nexport const STORAGE_AVAILABLE_KEY = '__sak';\n\nexport interface StorageEventListener {\n (value: PersistenceValue | null): void;\n}\n\nexport interface PersistenceInternal extends Persistence {\n type: PersistenceType;\n _isAvailable(): Promise<boolean>;\n _set(key: string, value: PersistenceValue): Promise<void>;\n _get<T extends PersistenceValue>(key: string): Promise<T | null>;\n _remove(key: string): Promise<void>;\n _addListener(key: string, listener: StorageEventListener): void;\n _removeListener(key: string, listener: StorageEventListener): void;\n // Should this persistence allow migration up the chosen hierarchy?\n _shouldAllowMigration?: boolean;\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n PersistenceValue,\n STORAGE_AVAILABLE_KEY,\n PersistenceType\n} from '../../core/persistence';\n\n// There are two different browser persistence types: local and session.\n// Both have the same implementation but use a different underlying storage\n// object.\n\nexport abstract class BrowserPersistenceClass {\n protected constructor(\n protected readonly storageRetriever: () => Storage,\n readonly type: PersistenceType\n ) {}\n\n _isAvailable(): Promise<boolean> {\n try {\n if (!this.storage) {\n return Promise.resolve(false);\n }\n this.storage.setItem(STORAGE_AVAILABLE_KEY, '1');\n this.storage.removeItem(STORAGE_AVAILABLE_KEY);\n return Promise.resolve(true);\n } catch {\n return Promise.resolve(false);\n }\n }\n\n _set(key: string, value: PersistenceValue): Promise<void> {\n this.storage.setItem(key, JSON.stringify(value));\n return Promise.resolve();\n }\n\n _get<T extends PersistenceValue>(key: string): Promise<T | null> {\n const json = this.storage.getItem(key);\n return Promise.resolve(json ? JSON.parse(json) : null);\n }\n\n _remove(key: string): Promise<void> {\n this.storage.removeItem(key);\n return Promise.resolve();\n }\n\n protected get storage(): Storage {\n return this.storageRetriever();\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Persistence } from '../../model/public_types';\n\nimport {\n PersistenceInternal as InternalPersistence,\n PersistenceType,\n StorageEventListener\n} from '../../core/persistence';\nimport { BrowserPersistenceClass } from './browser';\n\nclass BrowserSessionPersistence\n extends BrowserPersistenceClass\n implements InternalPersistence\n{\n static type: 'SESSION' = 'SESSION';\n\n constructor() {\n super(() => window.sessionStorage, PersistenceType.SESSION);\n }\n\n _addListener(_key: string, _listener: StorageEventListener): void {\n // Listeners are not supported for session storage since it cannot be shared across windows\n return;\n }\n\n _removeListener(_key: string, _listener: StorageEventListener): void {\n // Listeners are not supported for session storage since it cannot be shared across windows\n return;\n }\n}\n\n/**\n * An implementation of {@link Persistence} of `SESSION` using `sessionStorage`\n * for the underlying storage.\n *\n * @public\n */\nexport const browserSessionPersistence: Persistence = BrowserSessionPersistence;\n","/**\n * @license\n * Copyright 2021 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { SDK_VERSION } from '@firebase/app';\nimport { AuthProvider } from '../../model/public_types';\nimport { ApiKey, AppName, AuthInternal } from '../../model/auth';\nimport { AuthEventType } from '../../model/popup_redirect';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from './assert';\nimport { isEmpty, querystring } from '@firebase/util';\nimport { _emulatorUrl } from './emulator';\nimport { FederatedAuthProvider } from '../providers/federated';\nimport { BaseOAuthProvider } from '../providers/oauth';\n\n/**\n * URL for Authentication widget which will initiate the OAuth handshake\n *\n * @internal\n */\nconst WIDGET_PATH = '__/auth/handler';\n\n/**\n * URL for emulated environment\n *\n * @internal\n */\nconst EMULATOR_WIDGET_PATH = 'emulator/auth/handler';\n\n/**\n * Fragment name for the App Check token that gets passed to the widget\n *\n * @internal\n */\nconst FIREBASE_APP_CHECK_FRAGMENT_ID = encodeURIComponent('fac');\n\n// eslint-disable-next-line @typescript-eslint/consistent-type-definitions\ntype WidgetParams = {\n apiKey: ApiKey;\n appName: AppName;\n authType: AuthEventType;\n redirectUrl?: string;\n v: string;\n providerId?: string;\n scopes?: string;\n customParameters?: string;\n eventId?: string;\n tid?: string;\n} & { [key: string]: string | undefined };\n\nexport async function _getRedirectUrl(\n auth: AuthInternal,\n provider: AuthProvider,\n authType: AuthEventType,\n redirectUrl?: string,\n eventId?: string,\n additionalParams?: Record<string, string>\n): Promise<string> {\n _assert(auth.config.authDomain, auth, AuthErrorCode.MISSING_AUTH_DOMAIN);\n _assert(auth.config.apiKey, auth, AuthErrorCode.INVALID_API_KEY);\n\n const params: WidgetParams = {\n apiKey: auth.config.apiKey,\n appName: auth.name,\n authType,\n redirectUrl,\n v: SDK_VERSION,\n eventId\n };\n\n if (provider instanceof FederatedAuthProvider) {\n provider.setDefaultLanguage(auth.languageCode);\n params.providerId = provider.providerId || '';\n if (!isEmpty(provider.getCustomParameters())) {\n params.customParameters = JSON.stringify(provider.getCustomParameters());\n }\n\n // TODO set additionalParams from the provider as well?\n for (const [key, value] of Object.entries(additionalParams || {})) {\n params[key] = value;\n }\n }\n\n if (provider instanceof BaseOAuthProvider) {\n const scopes = provider.getScopes().filter(scope => scope !== '');\n if (scopes.length > 0) {\n params.scopes = scopes.join(',');\n }\n }\n\n if (auth.tenantId) {\n params.tid = auth.tenantId;\n }\n\n // TODO: maybe set eid as endpointId\n // TODO: maybe set fw as Frameworks.join(\",\")\n\n const paramsDict = params as Record<string, string | number>;\n for (const key of Object.keys(paramsDict)) {\n if (paramsDict[key] === undefined) {\n delete paramsDict[key];\n }\n }\n\n // Sets the App Check token to pass to the widget\n const appCheckToken = await auth._getAppCheckToken();\n const appCheckTokenFragment = appCheckToken\n ? `#${FIREBASE_APP_CHECK_FRAGMENT_ID}=${encodeURIComponent(appCheckToken)}`\n : '';\n\n // Start at index 1 to skip the leading '&' in the query string\n return `${getHandlerBase(auth)}?${querystring(paramsDict).slice(\n 1\n )}${appCheckTokenFragment}`;\n}\n\nfunction getHandlerBase({ config }: AuthInternal): string {\n if (!config.emulator) {\n return `https://${config.authDomain}/${WIDGET_PATH}`;\n }\n\n return _emulatorUrl(config, EMULATOR_WIDGET_PATH);\n}\n","/**\n * @license\n * Copyright 2021 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nexport interface CordovaWindow extends Window {\n cordova: {\n plugins: {\n browsertab: {\n isAvailable(cb: (available: boolean) => void): void;\n openUrl(url: string): void;\n close(): void;\n };\n };\n\n InAppBrowser: {\n open(url: string, target: string, options: string): InAppBrowserRef;\n };\n };\n\n universalLinks: {\n subscribe(\n n: null,\n cb: (event: Record<string, string> | null) => void\n ): void;\n };\n\n BuildInfo: {\n readonly packageName: string;\n readonly displayName: string;\n };\n\n handleOpenURL(url: string): void;\n}\n\nexport interface InAppBrowserRef {\n close?: () => void;\n}\n\nexport function _cordovaWindow(): CordovaWindow {\n return window as unknown as CordovaWindow;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { _performApiRequest, Endpoint, HttpMethod } from '../index';\nimport { Auth } from '../../model/public_types';\n\nexport interface GetProjectConfigRequest {\n androidPackageName?: string;\n iosBundleId?: string;\n}\n\nexport interface GetProjectConfigResponse {\n authorizedDomains: string[];\n}\n\nexport async function _getProjectConfig(\n auth: Auth,\n request: GetProjectConfigRequest = {}\n): Promise<GetProjectConfigResponse> {\n return _performApiRequest<GetProjectConfigRequest, GetProjectConfigResponse>(\n auth,\n HttpMethod.GET,\n Endpoint.GET_PROJECT_CONFIG,\n request\n );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthProvider } from '../../model/public_types';\nimport { AuthErrorCode } from '../../core/errors';\nimport {\n debugAssert,\n _assert,\n _createError,\n _fail\n} from '../../core/util/assert';\nimport { _isAndroid, _isIOS, _isIOS7Or8 } from '../../core/util/browser';\nimport { _getRedirectUrl } from '../../core/util/handler';\nimport { AuthInternal } from '../../model/auth';\nimport { AuthEvent } from '../../model/popup_redirect';\nimport { InAppBrowserRef, _cordovaWindow } from '../plugins';\nimport {\n GetProjectConfigRequest,\n _getProjectConfig\n} from '../../api/project_config/get_project_config';\n\n/**\n * How long to wait after the app comes back into focus before concluding that\n * the user closed the sign in tab.\n */\nconst REDIRECT_TIMEOUT_MS = 2000;\n\n/**\n * Generates the URL for the OAuth handler.\n */\nexport async function _generateHandlerUrl(\n auth: AuthInternal,\n event: AuthEvent,\n provider: AuthProvider\n): Promise<string> {\n // Get the cordova plugins\n const { BuildInfo } = _cordovaWindow();\n debugAssert(event.sessionId, 'AuthEvent did not contain a session ID');\n const sessionDigest = await computeSha256(event.sessionId);\n\n const additionalParams: Record<string, string> = {};\n if (_isIOS()) {\n // iOS app identifier\n additionalParams['ibi'] = BuildInfo.packageName;\n } else if (_isAndroid()) {\n // Android app identifier\n additionalParams['apn'] = BuildInfo.packageName;\n } else {\n _fail(auth, AuthErrorCode.OPERATION_NOT_SUPPORTED);\n }\n\n // Add the display name if available\n if (BuildInfo.displayName) {\n additionalParams['appDisplayName'] = BuildInfo.displayName;\n }\n\n // Attached the hashed session ID\n additionalParams['sessionId'] = sessionDigest;\n return _getRedirectUrl(\n auth,\n provider,\n event.type,\n undefined,\n event.eventId ?? undefined,\n additionalParams\n );\n}\n\n/**\n * Validates that this app is valid for this project configuration\n */\nexport async function _validateOrigin(auth: AuthInternal): Promise<void> {\n const { BuildInfo } = _cordovaWindow();\n const request: GetProjectConfigRequest = {};\n if (_isIOS()) {\n request.iosBundleId = BuildInfo.packageName;\n } else if (_isAndroid()) {\n request.androidPackageName = BuildInfo.packageName;\n } else {\n _fail(auth, AuthErrorCode.OPERATION_NOT_SUPPORTED);\n }\n\n // Will fail automatically if package name is not authorized\n await _getProjectConfig(auth, request);\n}\n\nexport function _performRedirect(\n handlerUrl: string\n): Promise<InAppBrowserRef | null> {\n // Get the cordova plugins\n const { cordova } = _cordovaWindow();\n\n return new Promise(resolve => {\n cordova.plugins.browsertab.isAvailable(browserTabIsAvailable => {\n let iabRef: InAppBrowserRef | null = null;\n if (browserTabIsAvailable) {\n cordova.plugins.browsertab.openUrl(handlerUrl);\n } else {\n // TODO: Return the inappbrowser ref that's returned from the open call\n iabRef = cordova.InAppBrowser.open(\n handlerUrl,\n _isIOS7Or8() ? '_blank' : '_system',\n 'location=yes'\n );\n }\n resolve(iabRef);\n });\n });\n}\n\n// Thin interface wrapper to avoid circular dependency with ./events module\ninterface PassiveAuthEventListener {\n addPassiveListener(cb: () => void): void;\n removePassiveListener(cb: () => void): void;\n}\n\n/**\n * This function waits for app activity to be seen before resolving. It does\n * this by attaching listeners to various dom events. Once the app is determined\n * to be visible, this promise resolves. AFTER that resolution, the listeners\n * are detached and any browser tabs left open will be closed.\n */\nexport async function _waitForAppResume(\n auth: AuthInternal,\n eventListener: PassiveAuthEventListener,\n iabRef: InAppBrowserRef | null\n): Promise<void> {\n // Get the cordova plugins\n const { cordova } = _cordovaWindow();\n\n let cleanup = (): void => {};\n try {\n await new Promise<void>((resolve, reject) => {\n let onCloseTimer: number | null = null;\n\n // DEFINE ALL THE CALLBACKS =====\n function authEventSeen(): void {\n // Auth event was detected. Resolve this promise and close the extra\n // window if it's still open.\n resolve();\n const closeBrowserTab = cordova.plugins.browsertab?.close;\n if (typeof closeBrowserTab === 'function') {\n closeBrowserTab();\n }\n // Close inappbrowser embedded webview in iOS7 and 8 case if still\n // open.\n if (typeof iabRef?.close === 'function') {\n iabRef.close();\n }\n }\n\n function resumed(): void {\n if (onCloseTimer) {\n // This code already ran; do not rerun.\n return;\n }\n\n onCloseTimer = window.setTimeout(() => {\n // Wait two seconds after resume then reject.\n reject(_createError(auth, AuthErrorCode.REDIRECT_CANCELLED_BY_USER));\n }, REDIRECT_TIMEOUT_MS);\n }\n\n function visibilityChanged(): void {\n if (document?.visibilityState === 'visible') {\n resumed();\n }\n }\n\n // ATTACH ALL THE LISTENERS =====\n // Listen for the auth event\n eventListener.addPassiveListener(authEventSeen);\n\n // Listen for resume and visibility events\n document.addEventListener('resume', resumed, false);\n if (_isAndroid()) {\n document.addEventListener('visibilitychange', visibilityChanged, false);\n }\n\n // SETUP THE CLEANUP FUNCTION =====\n cleanup = () => {\n eventListener.removePassiveListener(authEventSeen);\n document.removeEventListener('resume', resumed, false);\n document.removeEventListener(\n 'visibilitychange',\n visibilityChanged,\n false\n );\n if (onCloseTimer) {\n window.clearTimeout(onCloseTimer);\n }\n };\n });\n } finally {\n cleanup();\n }\n}\n\n/**\n * Checks the configuration of the Cordova environment. This has no side effect\n * if the configuration is correct; otherwise it throws an error with the\n * missing plugin.\n */\nexport function _checkCordovaConfiguration(auth: AuthInternal): void {\n const win = _cordovaWindow();\n // Check all dependencies installed.\n // https://github.com/nordnet/cordova-universal-links-plugin\n // Note that cordova-universal-links-plugin has been abandoned.\n // A fork with latest fixes is available at:\n // https://www.npmjs.com/package/cordova-universal-links-plugin-fix\n _assert(\n typeof win?.universalLinks?.subscribe === 'function',\n auth,\n AuthErrorCode.INVALID_CORDOVA_CONFIGURATION,\n {\n missingPlugin: 'cordova-universal-links-plugin-fix'\n }\n );\n\n // https://www.npmjs.com/package/cordova-plugin-buildinfo\n _assert(\n typeof win?.BuildInfo?.packageName !== 'undefined',\n auth,\n AuthErrorCode.INVALID_CORDOVA_CONFIGURATION,\n {\n missingPlugin: 'cordova-plugin-buildInfo'\n }\n );\n\n // https://github.com/google/cordova-plugin-browsertab\n _assert(\n typeof win?.cordova?.plugins?.browsertab?.openUrl === 'function',\n auth,\n AuthErrorCode.INVALID_CORDOVA_CONFIGURATION,\n {\n missingPlugin: 'cordova-plugin-browsertab'\n }\n );\n _assert(\n typeof win?.cordova?.plugins?.browsertab?.isAvailable === 'function',\n auth,\n AuthErrorCode.INVALID_CORDOVA_CONFIGURATION,\n {\n missingPlugin: 'cordova-plugin-browsertab'\n }\n );\n\n // https://cordova.apache.org/docs/en/latest/reference/cordova-plugin-inappbrowser/\n _assert(\n typeof win?.cordova?.InAppBrowser?.open === 'function',\n auth,\n AuthErrorCode.INVALID_CORDOVA_CONFIGURATION,\n {\n missingPlugin: 'cordova-plugin-inappbrowser'\n }\n );\n}\n\n/**\n * Computes the SHA-256 of a session ID. The SubtleCrypto interface is only\n * available in \"secure\" contexts, which covers Cordova (which is served on a file\n * protocol).\n */\nasync function computeSha256(sessionId: string): Promise<string> {\n const bytes = stringToArrayBuffer(sessionId);\n\n // TODO: For IE11 crypto has a different name and this operation comes back\n // as an object, not a promise. This is the old proposed standard that\n // is used by IE11:\n // https://www.w3.org/TR/2013/WD-WebCryptoAPI-20130108/#cryptooperation-interface\n const buf = await crypto.subtle.digest('SHA-256', bytes);\n const arr = Array.from(new Uint8Array(buf));\n return arr.map(num => num.toString(16).padStart(2, '0')).join('');\n}\n\nfunction stringToArrayBuffer(str: string): Uint8Array {\n // This function is only meant to deal with an ASCII charset and makes\n // certain simplifying assumptions.\n debugAssert(\n /[0-9a-zA-Z]+/.test(str),\n 'Can only convert alpha-numeric strings'\n );\n if (typeof TextEncoder !== 'undefined') {\n return new TextEncoder().encode(str);\n }\n\n const buff = new ArrayBuffer(str.length);\n const view = new Uint8Array(buff);\n for (let i = 0; i < str.length; i++) {\n view[i] = str.charCodeAt(i);\n }\n return view;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n AuthEvent,\n AuthEventConsumer,\n AuthEventType,\n EventManager\n} from '../../model/popup_redirect';\nimport { AuthErrorCode } from '../errors';\nimport { AuthInternal } from '../../model/auth';\nimport { _createError } from '../util/assert';\n\n// The amount of time to store the UIDs of seen events; this is\n// set to 10 min by default\nconst EVENT_DUPLICATION_CACHE_DURATION_MS = 10 * 60 * 1000;\n\nexport class AuthEventManager implements EventManager {\n private readonly cachedEventUids: Set<string> = new Set();\n private readonly consumers: Set<AuthEventConsumer> = new Set();\n protected queuedRedirectEvent: AuthEvent | null = null;\n protected hasHandledPotentialRedirect = false;\n private lastProcessedEventTime = Date.now();\n\n constructor(private readonly auth: AuthInternal) {}\n\n registerConsumer(authEventConsumer: AuthEventConsumer): void {\n this.consumers.add(authEventConsumer);\n\n if (\n this.queuedRedirectEvent &&\n this.isEventForConsumer(this.queuedRedirectEvent, authEventConsumer)\n ) {\n this.sendToConsumer(this.queuedRedirectEvent, authEventConsumer);\n this.saveEventToCache(this.queuedRedirectEvent);\n this.queuedRedirectEvent = null;\n }\n }\n\n unregisterConsumer(authEventConsumer: AuthEventConsumer): void {\n this.consumers.delete(authEventConsumer);\n }\n\n onEvent(event: AuthEvent): boolean {\n // Check if the event has already been handled\n if (this.hasEventBeenHandled(event)) {\n return false;\n }\n\n let handled = false;\n this.consumers.forEach(consumer => {\n if (this.isEventForConsumer(event, consumer)) {\n handled = true;\n this.sendToConsumer(event, consumer);\n this.saveEventToCache(event);\n }\n });\n\n if (this.hasHandledPotentialRedirect || !isRedirectEvent(event)) {\n // If we've already seen a redirect before, or this is a popup event,\n // bail now\n return handled;\n }\n\n this.hasHandledPotentialRedirect = true;\n\n // If the redirect wasn't handled, hang on to it\n if (!handled) {\n this.queuedRedirectEvent = event;\n handled = true;\n }\n\n return handled;\n }\n\n private sendToConsumer(event: AuthEvent, consumer: AuthEventConsumer): void {\n if (event.error && !isNullRedirectEvent(event)) {\n const code =\n (event.error.code?.split('auth/')[1] as AuthErrorCode) ||\n AuthErrorCode.INTERNAL_ERROR;\n consumer.onError(_createError(this.auth, code));\n } else {\n consumer.onAuthEvent(event);\n }\n }\n\n private isEventForConsumer(\n event: AuthEvent,\n consumer: AuthEventConsumer\n ): boolean {\n const eventIdMatches =\n consumer.eventId === null ||\n (!!event.eventId && event.eventId === consumer.eventId);\n return consumer.filter.includes(event.type) && eventIdMatches;\n }\n\n private hasEventBeenHandled(event: AuthEvent): boolean {\n if (\n Date.now() - this.lastProcessedEventTime >=\n EVENT_DUPLICATION_CACHE_DURATION_MS\n ) {\n this.cachedEventUids.clear();\n }\n\n return this.cachedEventUids.has(eventUid(event));\n }\n\n private saveEventToCache(event: AuthEvent): void {\n this.cachedEventUids.add(eventUid(event));\n this.lastProcessedEventTime = Date.now();\n }\n}\n\nfunction eventUid(e: AuthEvent): string {\n return [e.type, e.eventId, e.sessionId, e.tenantId].filter(v => v).join('-');\n}\n\nfunction isNullRedirectEvent({ type, error }: AuthEvent): boolean {\n return (\n type === AuthEventType.UNKNOWN &&\n error?.code === `auth/${AuthErrorCode.NO_AUTH_EVENT}`\n );\n}\n\nfunction isRedirectEvent(event: AuthEvent): boolean {\n switch (event.type) {\n case AuthEventType.SIGN_IN_VIA_REDIRECT:\n case AuthEventType.LINK_VIA_REDIRECT:\n case AuthEventType.REAUTH_VIA_REDIRECT:\n return true;\n case AuthEventType.UNKNOWN:\n return isNullRedirectEvent(event);\n default:\n return false;\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Persistence } from '../../model/public_types';\n\nimport { _isMobileBrowser, _isIE10 } from '../../core/util/browser';\nimport {\n PersistenceInternal as InternalPersistence,\n PersistenceType,\n PersistenceValue,\n StorageEventListener\n} from '../../core/persistence';\nimport { BrowserPersistenceClass } from './browser';\n\n// The polling period in case events are not supported\nexport const _POLLING_INTERVAL_MS = 1000;\n\n// The IE 10 localStorage cross tab synchronization delay in milliseconds\nconst IE10_LOCAL_STORAGE_SYNC_DELAY = 10;\n\nclass BrowserLocalPersistence\n extends BrowserPersistenceClass\n implements InternalPersistence\n{\n static type: 'LOCAL' = 'LOCAL';\n\n constructor() {\n super(() => window.localStorage, PersistenceType.LOCAL);\n }\n\n private readonly boundEventHandler = (\n event: StorageEvent,\n poll?: boolean\n ): void => this.onStorageEvent(event, poll);\n private readonly listeners: Record<string, Set<StorageEventListener>> = {};\n private readonly localCache: Record<string, string | null> = {};\n // setTimeout return value is platform specific\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n private pollTimer: any | null = null;\n\n // Whether to use polling instead of depending on window events\n private readonly fallbackToPolling = _isMobileBrowser();\n readonly _shouldAllowMigration = true;\n\n private forAllChangedKeys(\n cb: (key: string, oldValue: string | null, newValue: string | null) => void\n ): void {\n // Check all keys with listeners on them.\n for (const key of Object.keys(this.listeners)) {\n // Get value from localStorage.\n const newValue = this.storage.getItem(key);\n const oldValue = this.localCache[key];\n // If local map value does not match, trigger listener with storage event.\n // Differentiate this simulated event from the real storage event.\n if (newValue !== oldValue) {\n cb(key, oldValue, newValue);\n }\n }\n }\n\n private onStorageEvent(event: StorageEvent, poll = false): void {\n // Key would be null in some situations, like when localStorage is cleared\n if (!event.key) {\n this.forAllChangedKeys(\n (key: string, _oldValue: string | null, newValue: string | null) => {\n this.notifyListeners(key, newValue);\n }\n );\n return;\n }\n\n const key = event.key;\n\n // Check the mechanism how this event was detected.\n // The first event will dictate the mechanism to be used.\n if (poll) {\n // Environment detects storage changes via polling.\n // Remove storage event listener to prevent possible event duplication.\n this.detachListener();\n } else {\n // Environment detects storage changes via storage event listener.\n // Remove polling listener to prevent possible event duplication.\n this.stopPolling();\n }\n\n const triggerListeners = (): void => {\n // Keep local map up to date in case storage event is triggered before\n // poll.\n const storedValue = this.storage.getItem(key);\n if (!poll && this.localCache[key] === storedValue) {\n // Real storage event which has already been detected, do nothing.\n // This seems to trigger in some IE browsers for some reason.\n return;\n }\n this.notifyListeners(key, storedValue);\n };\n\n const storedValue = this.storage.getItem(key);\n if (\n _isIE10() &&\n storedValue !== event.newValue &&\n event.newValue !== event.oldValue\n ) {\n // IE 10 has this weird bug where a storage event would trigger with the\n // correct key, oldValue and newValue but localStorage.getItem(key) does\n // not yield the updated value until a few milliseconds. This ensures\n // this recovers from that situation.\n setTimeout(triggerListeners, IE10_LOCAL_STORAGE_SYNC_DELAY);\n } else {\n triggerListeners();\n }\n }\n\n private notifyListeners(key: string, value: string | null): void {\n this.localCache[key] = value;\n const listeners = this.listeners[key];\n if (listeners) {\n for (const listener of Array.from(listeners)) {\n listener(value ? JSON.parse(value) : value);\n }\n }\n }\n\n private startPolling(): void {\n this.stopPolling();\n\n this.pollTimer = setInterval(() => {\n this.forAllChangedKeys(\n (key: string, oldValue: string | null, newValue: string | null) => {\n this.onStorageEvent(\n new StorageEvent('storage', {\n key,\n oldValue,\n newValue\n }),\n /* poll */ true\n );\n }\n );\n }, _POLLING_INTERVAL_MS);\n }\n\n private stopPolling(): void {\n if (this.pollTimer) {\n clearInterval(this.pollTimer);\n this.pollTimer = null;\n }\n }\n\n private attachListener(): void {\n window.addEventListener('storage', this.boundEventHandler);\n }\n\n private detachListener(): void {\n window.removeEventListener('storage', this.boundEventHandler);\n }\n\n _addListener(key: string, listener: StorageEventListener): void {\n if (Object.keys(this.listeners).length === 0) {\n // Whether browser can detect storage event when it had already been pushed to the background.\n // This may happen in some mobile browsers. A localStorage change in the foreground window\n // will not be detected in the background window via the storage event.\n // This was detected in iOS 7.x mobile browsers\n if (this.fallbackToPolling) {\n this.startPolling();\n } else {\n this.attachListener();\n }\n }\n if (!this.listeners[key]) {\n this.listeners[key] = new Set();\n // Populate the cache to avoid spuriously triggering on first poll.\n this.localCache[key] = this.storage.getItem(key);\n }\n this.listeners[key].add(listener);\n }\n\n _removeListener(key: string, listener: StorageEventListener): void {\n if (this.listeners[key]) {\n this.listeners[key].delete(listener);\n\n if (this.listeners[key].size === 0) {\n delete this.listeners[key];\n }\n }\n\n if (Object.keys(this.listeners).length === 0) {\n this.detachListener();\n this.stopPolling();\n }\n }\n\n // Update local cache on base operations:\n\n async _set(key: string, value: PersistenceValue): Promise<void> {\n await super._set(key, value);\n this.localCache[key] = JSON.stringify(value);\n }\n\n async _get<T extends PersistenceValue>(key: string): Promise<T | null> {\n const value = await super._get<T>(key);\n this.localCache[key] = JSON.stringify(value);\n return value;\n }\n\n async _remove(key: string): Promise<void> {\n await super._remove(key);\n delete this.localCache[key];\n }\n}\n\n/**\n * An implementation of {@link Persistence} of type `LOCAL` using `localStorage`\n * for the underlying storage.\n *\n * @public\n */\nexport const browserLocalPersistence: Persistence = BrowserLocalPersistence;\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { querystringDecode } from '@firebase/util';\nimport { AuthEventManager } from '../../core/auth/auth_event_manager';\nimport { AuthErrorCode } from '../../core/errors';\nimport { PersistedBlob, PersistenceInternal } from '../../core/persistence';\nimport {\n KeyName,\n _persistenceKeyName\n} from '../../core/persistence/persistence_user_manager';\nimport { _createError } from '../../core/util/assert';\nimport { _getInstance } from '../../core/util/instantiator';\nimport { AuthInternal } from '../../model/auth';\nimport { AuthEvent, AuthEventType } from '../../model/popup_redirect';\nimport { browserLocalPersistence } from '../../platform_browser/persistence/local_storage';\n\nconst SESSION_ID_LENGTH = 20;\n\n/** Custom AuthEventManager that adds passive listeners to events */\nexport class CordovaAuthEventManager extends AuthEventManager {\n private readonly passiveListeners = new Set<(e: AuthEvent) => void>();\n private resolveInitialized!: () => void;\n private initPromise = new Promise<void>(resolve => {\n this.resolveInitialized = resolve;\n });\n\n addPassiveListener(cb: (e: AuthEvent) => void): void {\n this.passiveListeners.add(cb);\n }\n\n removePassiveListener(cb: (e: AuthEvent) => void): void {\n this.passiveListeners.delete(cb);\n }\n\n // In a Cordova environment, this manager can live through multiple redirect\n // operations\n resetRedirect(): void {\n this.queuedRedirectEvent = null;\n this.hasHandledPotentialRedirect = false;\n }\n\n /** Override the onEvent method */\n onEvent(event: AuthEvent): boolean {\n this.resolveInitialized();\n this.passiveListeners.forEach(cb => cb(event));\n return super.onEvent(event);\n }\n\n async initialized(): Promise<void> {\n await this.initPromise;\n }\n}\n\n/**\n * Generates a (partial) {@link AuthEvent}.\n */\nexport function _generateNewEvent(\n auth: AuthInternal,\n type: AuthEventType,\n eventId: string | null = null\n): AuthEvent {\n return {\n type,\n eventId,\n urlResponse: null,\n sessionId: generateSessionId(),\n postBody: null,\n tenantId: auth.tenantId,\n error: _createError(auth, AuthErrorCode.NO_AUTH_EVENT)\n };\n}\n\nexport function _savePartialEvent(\n auth: AuthInternal,\n event: AuthEvent\n): Promise<void> {\n return storage()._set(persistenceKey(auth), event as object as PersistedBlob);\n}\n\nexport async function _getAndRemoveEvent(\n auth: AuthInternal\n): Promise<AuthEvent | null> {\n const event = (await storage()._get(\n persistenceKey(auth)\n )) as AuthEvent | null;\n if (event) {\n await storage()._remove(persistenceKey(auth));\n }\n return event;\n}\n\nexport function _eventFromPartialAndUrl(\n partialEvent: AuthEvent,\n url: string\n): AuthEvent | null {\n // Parse the deep link within the dynamic link URL.\n const callbackUrl = _getDeepLinkFromCallback(url);\n // Confirm it is actually a callback URL.\n // Currently the universal link will be of this format:\n // https://<AUTH_DOMAIN>/__/auth/callback<OAUTH_RESPONSE>\n // This is a fake URL but is not intended to take the user anywhere\n // and just redirect to the app.\n if (callbackUrl.includes('/__/auth/callback')) {\n // Check if there is an error in the URL.\n // This mechanism is also used to pass errors back to the app:\n // https://<AUTH_DOMAIN>/__/auth/callback?firebaseError=<STRINGIFIED_ERROR>\n const params = searchParamsOrEmpty(callbackUrl);\n // Get the error object corresponding to the stringified error if found.\n const errorObject = params['firebaseError']\n ? parseJsonOrNull(decodeURIComponent(params['firebaseError']))\n : null;\n const code = errorObject?.['code']?.split('auth/')?.[1];\n const error = code ? _createError(code) : null;\n if (error) {\n return {\n type: partialEvent.type,\n eventId: partialEvent.eventId,\n tenantId: partialEvent.tenantId,\n error,\n urlResponse: null,\n sessionId: null,\n postBody: null\n };\n } else {\n return {\n type: partialEvent.type,\n eventId: partialEvent.eventId,\n tenantId: partialEvent.tenantId,\n sessionId: partialEvent.sessionId,\n urlResponse: callbackUrl,\n postBody: null\n };\n }\n }\n\n return null;\n}\n\nfunction generateSessionId(): string {\n const chars = [];\n const allowedChars =\n '1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';\n for (let i = 0; i < SESSION_ID_LENGTH; i++) {\n const idx = Math.floor(Math.random() * allowedChars.length);\n chars.push(allowedChars.charAt(idx));\n }\n return chars.join('');\n}\n\nfunction storage(): PersistenceInternal {\n return _getInstance(browserLocalPersistence);\n}\n\nfunction persistenceKey(auth: AuthInternal): string {\n return _persistenceKeyName(KeyName.AUTH_EVENT, auth.config.apiKey, auth.name);\n}\n\nfunction parseJsonOrNull(json: string): ReturnType<typeof JSON.parse> | null {\n try {\n return JSON.parse(json);\n } catch (e) {\n return null;\n }\n}\n\n// Exported for testing\nexport function _getDeepLinkFromCallback(url: string): string {\n const params = searchParamsOrEmpty(url);\n const link = params['link'] ? decodeURIComponent(params['link']) : undefined;\n // Double link case (automatic redirect)\n const doubleDeepLink = searchParamsOrEmpty(link)['link'];\n // iOS custom scheme links.\n const iOSDeepLink = params['deep_link_id']\n ? decodeURIComponent(params['deep_link_id'])\n : undefined;\n const iOSDoubleDeepLink = searchParamsOrEmpty(iOSDeepLink)['link'];\n return iOSDoubleDeepLink || iOSDeepLink || doubleDeepLink || link || url;\n}\n\n/**\n * Optimistically tries to get search params from a string, or else returns an\n * empty search params object.\n */\nfunction searchParamsOrEmpty(url: string | undefined): Record<string, string> {\n if (!url?.includes('?')) {\n return {};\n }\n\n const [_, ...rest] = url.split('?');\n return querystringDecode(rest.join('?')) as Record<string, string>;\n}\n","/**\n * @license\n * Copyright 2021 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthProvider, PopupRedirectResolver } from '../../model/public_types';\nimport { browserSessionPersistence } from '../../platform_browser/persistence/session_storage';\nimport { AuthInternal } from '../../model/auth';\nimport {\n AuthEvent,\n AuthEventType,\n PopupRedirectResolverInternal\n} from '../../model/popup_redirect';\nimport { AuthPopup } from '../../platform_browser/util/popup';\nimport { _createError, _fail } from '../../core/util/assert';\nimport { AuthErrorCode } from '../../core/errors';\nimport {\n _checkCordovaConfiguration,\n _generateHandlerUrl,\n _performRedirect,\n _validateOrigin,\n _waitForAppResume\n} from './utils';\nimport {\n CordovaAuthEventManager,\n _eventFromPartialAndUrl,\n _generateNewEvent,\n _getAndRemoveEvent,\n _savePartialEvent\n} from './events';\nimport { AuthEventManager } from '../../core/auth/auth_event_manager';\nimport { _getRedirectResult } from '../../platform_browser/strategies/redirect';\nimport {\n _clearRedirectOutcomes,\n _overrideRedirectResult\n} from '../../core/strategies/redirect';\nimport { _cordovaWindow } from '../plugins';\n\n/**\n * How long to wait for the initial auth event before concluding no\n * redirect pending\n */\nconst INITIAL_EVENT_TIMEOUT_MS = 500;\n\nclass CordovaPopupRedirectResolver implements PopupRedirectResolverInternal {\n readonly _redirectPersistence = browserSessionPersistence;\n readonly _shouldInitProactively = true; // This is lightweight for Cordova\n private readonly eventManagers = new Map<string, CordovaAuthEventManager>();\n private readonly originValidationPromises: Record<string, Promise<void>> = {};\n\n _completeRedirectFn = _getRedirectResult;\n _overrideRedirectResult = _overrideRedirectResult;\n\n async _initialize(auth: AuthInternal): Promise<CordovaAuthEventManager> {\n const key = auth._key();\n let manager = this.eventManagers.get(key);\n if (!manager) {\n manager = new CordovaAuthEventManager(auth);\n this.eventManagers.set(key, manager);\n this.attachCallbackListeners(auth, manager);\n }\n return manager;\n }\n\n _openPopup(auth: AuthInternal): Promise<AuthPopup> {\n _fail(auth, AuthErrorCode.OPERATION_NOT_SUPPORTED);\n }\n\n async _openRedirect(\n auth: AuthInternal,\n provider: AuthProvider,\n authType: AuthEventType,\n eventId?: string\n ): Promise<void> {\n _checkCordovaConfiguration(auth);\n const manager = await this._initialize(auth);\n await manager.initialized();\n\n // Reset the persisted redirect states. This does not matter on Web where\n // the redirect always blows away application state entirely. On Cordova,\n // the app maintains control flow through the redirect.\n manager.resetRedirect();\n _clearRedirectOutcomes();\n\n await this._originValidation(auth);\n\n const event = _generateNewEvent(auth, authType, eventId);\n await _savePartialEvent(auth, event);\n const url = await _generateHandlerUrl(auth, event, provider);\n const iabRef = await _performRedirect(url);\n return _waitForAppResume(auth, manager, iabRef);\n }\n\n _isIframeWebStorageSupported(\n _auth: AuthInternal,\n _cb: (support: boolean) => unknown\n ): void {\n throw new Error('Method not implemented.');\n }\n\n _originValidation(auth: AuthInternal): Promise<void> {\n const key = auth._key();\n if (!this.originValidationPromises[key]) {\n this.originValidationPromises[key] = _validateOrigin(auth);\n }\n\n return this.originValidationPromises[key];\n }\n\n private attachCallbackListeners(\n auth: AuthInternal,\n manager: AuthEventManager\n ): void {\n // Get the global plugins\n const { universalLinks, handleOpenURL, BuildInfo } = _cordovaWindow();\n\n const noEventTimeout = setTimeout(async () => {\n // We didn't see that initial event. Clear any pending object and\n // dispatch no event\n await _getAndRemoveEvent(auth);\n manager.onEvent(generateNoEvent());\n }, INITIAL_EVENT_TIMEOUT_MS);\n\n const universalLinksCb = async (\n eventData: Record<string, string> | null\n ): Promise<void> => {\n // We have an event so we can clear the no event timeout\n clearTimeout(noEventTimeout);\n\n const partialEvent = await _getAndRemoveEvent(auth);\n let finalEvent: AuthEvent | null = null;\n if (partialEvent && eventData?.['url']) {\n finalEvent = _eventFromPartialAndUrl(partialEvent, eventData['url']);\n }\n\n // If finalEvent is never filled, trigger with no event\n manager.onEvent(finalEvent || generateNoEvent());\n };\n\n // Universal links subscriber doesn't exist for iOS, so we need to check\n if (\n typeof universalLinks !== 'undefined' &&\n typeof universalLinks.subscribe === 'function'\n ) {\n universalLinks.subscribe(null, universalLinksCb);\n }\n\n // iOS 7 or 8 custom URL schemes.\n // This is also the current default behavior for iOS 9+.\n // For this to work, cordova-plugin-customurlscheme needs to be installed.\n // https://github.com/EddyVerbruggen/Custom-URL-scheme\n // Do not overwrite the existing developer's URL handler.\n const existingHandleOpenURL = handleOpenURL;\n const packagePrefix = `${BuildInfo.packageName.toLowerCase()}://`;\n _cordovaWindow().handleOpenURL = async url => {\n if (url.toLowerCase().startsWith(packagePrefix)) {\n // We want this intentionally to float\n // eslint-disable-next-line @typescript-eslint/no-floating-promises\n universalLinksCb({ url });\n }\n // Call the developer's handler if it is present.\n if (typeof existingHandleOpenURL === 'function') {\n try {\n existingHandleOpenURL(url);\n } catch (e) {\n // This is a developer error. Don't stop the flow of the SDK.\n console.error(e);\n }\n }\n };\n }\n}\n\n/**\n * An implementation of {@link PopupRedirectResolver} suitable for Cordova\n * based applications.\n *\n * @public\n */\nexport const cordovaPopupRedirectResolver: PopupRedirectResolver =\n CordovaPopupRedirectResolver;\n\nfunction generateNoEvent(): AuthEvent {\n return {\n type: AuthEventType.UNKNOWN,\n eventId: null,\n sessionId: null,\n urlResponse: null,\n postBody: null,\n tenantId: null,\n error: _createError(AuthErrorCode.NO_AUTH_EVENT)\n };\n}\n","/**\n * @license\n * Copyright 2017 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { _castAuth } from '../src/core/auth/auth_impl';\nimport { Auth } from '../src/model/public_types';\n\n/**\n * This interface is intended only for use by @firebase/auth-compat, do not use directly\n */\nexport * from '../index';\n\nexport { SignInWithIdpResponse } from '../src/api/authentication/idp';\nexport { AuthErrorCode } from '../src/core/errors';\nexport { PersistenceInternal } from '../src/core/persistence';\nexport { _persistenceKeyName } from '../src/core/persistence/persistence_user_manager';\nexport { UserImpl } from '../src/core/user/user_impl';\nexport { _getInstance } from '../src/core/util/instantiator';\nexport {\n PopupRedirectResolverInternal,\n EventManager,\n AuthEventType\n} from '../src/model/popup_redirect';\nexport { UserCredentialInternal, UserParameters } from '../src/model/user';\nexport { AuthInternal, ConfigInternal } from '../src/model/auth';\nexport { DefaultConfig, AuthImpl, _castAuth } from '../src/core/auth/auth_impl';\n\nexport { ClientPlatform, _getClientVersion } from '../src/core/util/version';\n\nexport { _generateEventId } from '../src/core/util/event_id';\nexport { TaggedWithTokenResponse } from '../src/model/id_token';\nexport { _fail, _assert } from '../src/core/util/assert';\nexport { AuthPopup } from '../src/platform_browser/util/popup';\nexport { _getRedirectResult } from '../src/platform_browser/strategies/redirect';\nexport { _overrideRedirectResult } from '../src/core/strategies/redirect';\nexport { cordovaPopupRedirectResolver } from '../src/platform_cordova/popup_redirect/popup_redirect';\nexport { FetchProvider } from '../src/core/util/fetch_provider';\nexport { SAMLAuthCredential } from '../src/core/credentials/saml';\n\n// This function should only be called by frameworks (e.g. FirebaseUI-web) to log their usage.\n// It is not intended for direct use by developer apps. NO jsdoc here to intentionally leave it out\n// of autogenerated documentation pages to reduce accidental misuse.\nexport function addFrameworkForLogging(auth: Auth, framework: string): void {\n _castAuth(auth)._logFramework(framework);\n}\n"],"names":["_getInstance","_assert","AuthCredential","signInWithIdp","_signInWithCredential","_reauthenticate","_linkUser","_fail","debugAssert","_persistenceKeyName","_isFirebaseServerApp","_serverAppCurrentUserOperationNotSupportedError","_castAuth","SDK_VERSION","FederatedAuthProvider","isEmpty","BaseOAuthProvider","querystring","_emulatorUrl","_performApiRequest","_isIOS","_isAndroid","_isIOS7Or8","_createError","_isMobileBrowser","_isIE10","querystringDecode"],"mappings":";;;;;;;;;;AAAA;;;;;;;;;;;;;;;AAeG;AAEG,SAAU,gBAAgB,CAAC,MAAM,GAAG,EAAE,EAAE,MAAM,GAAG,EAAE,EAAA;IACvD,IAAI,MAAM,GAAG,EAAE,CAAC;AAChB,IAAA,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE;AAC/B,QAAA,MAAM,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;KAC1C;IACD,OAAO,MAAM,GAAG,MAAM,CAAC;AACzB;;ACvBA;;;;;;;;;;;;;;;AAeG;MA0BU,SAAS,CAAA;AAGpB,IAAA,WAAA,CAAqB,MAAqB,EAAA;QAArB,IAAM,CAAA,MAAA,GAAN,MAAM,CAAe;QAF1C,IAAe,CAAA,eAAA,GAAkB,IAAI,CAAC;KAEQ;IAE9C,KAAK,GAAA;AACH,QAAA,IAAI,IAAI,CAAC,MAAM,EAAE;AACf,YAAA,IAAI;AACF,gBAAA,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;aACrB;AAAC,YAAA,OAAO,CAAC,EAAE,GAAE;SACf;KACF;AACF;;ACrDD;;;;;;;;;;;;;;;AAeG;AASH;;;;AAIG;AACa,SAAA,oBAAoB,CAClC,IAAkB,EAClB,gBAAmD,EAAA;IAEnD,IAAI,gBAAgB,EAAE;AACpB,QAAA,OAAOA,iBAAY,CAAC,gBAAgB,CAAC,CAAC;KACvC;AAED,IAAAC,YAAO,CAAC,IAAI,CAAC,sBAAsB,EAAE,IAAI,sDAA+B,CAAC;IAEzE,OAAO,IAAI,CAAC,sBAAsB,CAAC;AACrC;;ACxCA;;;;;;;;;;;;;;;AAeG;AAiCH,MAAM,aAAc,SAAQC,mBAAc,CAAA;AACxC,IAAA,WAAA,CAAqB,MAAqB,EAAA;AACxC,QAAA,KAAK,oEAAsC,CAAC;QADzB,IAAM,CAAA,MAAA,GAAN,MAAM,CAAe;KAEzC;AAED,IAAA,mBAAmB,CAAC,IAAkB,EAAA;QACpC,OAAOC,kBAAa,CAAC,IAAI,EAAE,IAAI,CAAC,gBAAgB,EAAE,CAAC,CAAC;KACrD;IAED,cAAc,CACZ,IAAkB,EAClB,OAAe,EAAA;QAEf,OAAOA,kBAAa,CAAC,IAAI,EAAE,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC;KAC5D;AAED,IAAA,4BAA4B,CAAC,IAAkB,EAAA;QAC7C,OAAOA,kBAAa,CAAC,IAAI,EAAE,IAAI,CAAC,gBAAgB,EAAE,CAAC,CAAC;KACrD;AAEO,IAAA,gBAAgB,CAAC,OAAgB,EAAA;AACvC,QAAA,MAAM,OAAO,GAAyB;AACpC,YAAA,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU;AAClC,YAAA,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;AAChC,YAAA,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;AAC9B,YAAA,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;AAC9B,YAAA,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY;AACtC,YAAA,iBAAiB,EAAE,IAAI;AACvB,YAAA,mBAAmB,EAAE,IAAI;SAC1B,CAAC;QAEF,IAAI,OAAO,EAAE;AACX,YAAA,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC;SAC3B;AAED,QAAA,OAAO,OAAO,CAAC;KAChB;AACF,CAAA;AAEK,SAAU,OAAO,CACrB,MAAqB,EAAA;AAErB,IAAA,OAAOC,0BAAqB,CAC1B,MAAM,CAAC,IAAI,EACX,IAAI,aAAa,CAAC,MAAM,CAAC,EACzB,MAAM,CAAC,eAAe,CACY,CAAC;AACvC,CAAC;AAEK,SAAU,OAAO,CACrB,MAAqB,EAAA;AAErB,IAAA,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC;AAC9B,IAAAH,YAAO,CAAC,IAAI,EAAE,IAAI,sDAA+B,CAAC;AAClD,IAAA,OAAOI,oBAAe,CACpB,IAAI,EACJ,IAAI,aAAa,CAAC,MAAM,CAAC,EACzB,MAAM,CAAC,eAAe,CACvB,CAAC;AACJ,CAAC;AAEM,eAAe,KAAK,CACzB,MAAqB,EAAA;AAErB,IAAA,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC;AAC9B,IAAAJ,YAAO,CAAC,IAAI,EAAE,IAAI,sDAA+B,CAAC;AAClD,IAAA,OAAOK,UAAS,CAAC,IAAI,EAAE,IAAI,aAAa,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,eAAe,CAAC,CAAC;AAC5E;;ACnHA;;;;;;;;;;;;;;;AAeG;AA4BH;;;AAGG;MACmB,8BAA8B,CAAA;IASlD,WACqB,CAAA,IAAkB,EACrC,MAAuC,EACpB,QAAuC,EAChD,IAAmB,EACV,eAAA,GAAkB,KAAK,EAAA;QAJvB,IAAI,CAAA,IAAA,GAAJ,IAAI,CAAc;QAElB,IAAQ,CAAA,QAAA,GAAR,QAAQ,CAA+B;QAChD,IAAI,CAAA,IAAA,GAAJ,IAAI,CAAe;QACV,IAAe,CAAA,eAAA,GAAf,eAAe,CAAQ;QAXpC,IAAc,CAAA,cAAA,GAA0B,IAAI,CAAC;QAC7C,IAAY,CAAA,YAAA,GAAwB,IAAI,CAAC;AAY/C,QAAA,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,CAAC;KACzD;IAID,OAAO,GAAA;QACL,OAAO,IAAI,OAAO,CAChB,OAAO,OAAO,EAAE,MAAM,KAAI;YACxB,IAAI,CAAC,cAAc,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;AAE1C,YAAA,IAAI;AACF,gBAAA,IAAI,CAAC,YAAY,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC/D,gBAAA,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;AACzB,gBAAA,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;aAC1C;YAAC,OAAO,CAAC,EAAE;AACV,gBAAA,IAAI,CAAC,MAAM,CAAC,CAAU,CAAC,CAAC;aACzB;AACH,SAAC,CACF,CAAC;KACH;IAED,MAAM,WAAW,CAAC,KAAgB,EAAA;AAChC,QAAA,MAAM,EAAE,WAAW,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC;QAC1E,IAAI,KAAK,EAAE;AACT,YAAA,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACnB,OAAO;SACR;AAED,QAAA,MAAM,MAAM,GAAkB;YAC5B,IAAI,EAAE,IAAI,CAAC,IAAI;AACf,YAAA,UAAU,EAAE,WAAY;AACxB,YAAA,SAAS,EAAE,SAAU;YACrB,QAAQ,EAAE,QAAQ,IAAI,SAAS;YAC/B,QAAQ,EAAE,QAAQ,IAAI,SAAS;YAC/B,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,eAAe,EAAE,IAAI,CAAC,eAAe;SACtC,CAAC;AAEF,QAAA,IAAI;AACF,YAAA,IAAI,CAAC,OAAO,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;SACnD;QAAC,OAAO,CAAC,EAAE;AACV,YAAA,IAAI,CAAC,MAAM,CAAC,CAAU,CAAC,CAAC;SACzB;KACF;AAED,IAAA,OAAO,CAAC,KAAoB,EAAA;AAC1B,QAAA,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;KACpB;AAEO,IAAA,UAAU,CAAC,IAAmB,EAAA;QACpC,QAAQ,IAAI;YACV,KAAqC,gBAAA,uCAAA;AACrC,YAAA,KAAA,mBAAA;AACE,gBAAA,OAAO,OAAO,CAAC;YACjB,KAAkC,cAAA,oCAAA;AAClC,YAAA,KAAA,iBAAA;AACE,gBAAA,OAAO,KAAK,CAAC;YACf,KAAoC,gBAAA,sCAAA;AACpC,YAAA,KAAA,mBAAA;AACE,gBAAA,OAAO,OAAO,CAAC;AACjB,YAAA;AACE,gBAAAC,UAAK,CAAC,IAAI,CAAC,IAAI,sDAA+B,CAAC;SAClD;KACF;AAES,IAAA,OAAO,CAAC,IAAmC,EAAA;AACnD,QAAAC,gBAAW,CAAC,IAAI,CAAC,cAAc,EAAE,+BAA+B,CAAC,CAAC;AAClE,QAAA,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAClC,IAAI,CAAC,oBAAoB,EAAE,CAAC;KAC7B;AAES,IAAA,MAAM,CAAC,KAAY,EAAA;AAC3B,QAAAA,gBAAW,CAAC,IAAI,CAAC,cAAc,EAAE,+BAA+B,CAAC,CAAC;AAClE,QAAA,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAClC,IAAI,CAAC,oBAAoB,EAAE,CAAC;KAC7B;IAEO,oBAAoB,GAAA;AAC1B,QAAA,IAAI,IAAI,CAAC,YAAY,EAAE;AACrB,YAAA,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC;SAC5C;AAED,QAAA,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAC3B,IAAI,CAAC,OAAO,EAAE,CAAC;KAChB;AAGF;;ACtJD;;;;;;;;;;;;;;;AAeG;AAcH,MAAM,oBAAoB,GAAG,iBAAiB,CAAC;AAE/C;AACA;AACA,MAAM,kBAAkB,GAGpB,IAAI,GAAG,EAAE,CAAC;AAER,MAAO,cAAe,SAAQ,8BAA8B,CAAA;AAGhE,IAAA,WAAA,CACE,IAAkB,EAClB,QAAuC,EACvC,eAAe,GAAG,KAAK,EAAA;QAEvB,KAAK,CACH,IAAI,EACJ;;;;;AAKC,SAAA,EACD,QAAQ,EACR,SAAS,EACT,eAAe,CAChB,CAAC;QAlBJ,IAAO,CAAA,OAAA,GAAG,IAAI,CAAC;KAmBd;AAED;;;AAGG;AACH,IAAA,MAAM,OAAO,GAAA;AACX,QAAA,IAAI,YAAY,GAAG,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;QAC5D,IAAI,CAAC,YAAY,EAAE;AACjB,YAAA,IAAI;AACF,gBAAA,MAAM,kBAAkB,GAAG,MAAM,iCAAiC,CAChE,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,IAAI,CACV,CAAC;AACF,gBAAA,MAAM,MAAM,GAAG,kBAAkB,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC;gBACjE,YAAY,GAAG,MAAM,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;aAC9C;YAAC,OAAO,CAAC,EAAE;gBACV,YAAY,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;aACxC;AAED,YAAA,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,YAAY,CAAC,CAAC;SACxD;;;AAID,QAAA,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YACzB,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;SACvE;QAED,OAAO,YAAY,EAAE,CAAC;KACvB;IAED,MAAM,WAAW,CAAC,KAAgB,EAAA;AAChC,QAAA,IAAI,KAAK,CAAC,IAAI,KAAA,mBAAA,2CAAyC;AACrD,YAAA,OAAO,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;SACjC;AAAM,aAAA,IAAI,KAAK,CAAC,IAAI,KAAA,SAAA,8BAA4B;;AAE/C,YAAA,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACnB,OAAO;SACR;AAED,QAAA,IAAI,KAAK,CAAC,OAAO,EAAE;AACjB,YAAA,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAC/D,IAAI,IAAI,EAAE;AACR,gBAAA,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;AACjB,gBAAA,OAAO,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;aACjC;iBAAM;AACL,gBAAA,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;aACpB;SACF;KACF;IAED,MAAM,WAAW,GAAA,GAAoB;AAErC,IAAA,OAAO,MAAW;AACnB,CAAA;AAEM,eAAe,iCAAiC,CACrD,QAAuC,EACvC,IAAkB,EAAA;AAElB,IAAA,MAAM,GAAG,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC;AACrC,IAAA,MAAM,WAAW,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IAClD,IAAI,EAAE,MAAM,WAAW,CAAC,YAAY,EAAE,CAAC,EAAE;AACvC,QAAA,OAAO,KAAK,CAAC;KACd;AACD,IAAA,MAAM,kBAAkB,GAAG,CAAC,MAAM,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,MAAM,CAAC;AACpE,IAAA,MAAM,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;AAC/B,IAAA,OAAO,kBAAkB,CAAC;AAC5B,CAAC;SASe,sBAAsB,GAAA;IACpC,kBAAkB,CAAC,KAAK,EAAE,CAAC;AAC7B,CAAC;AAEe,SAAA,uBAAuB,CACrC,IAAkB,EAClB,MAAoD,EAAA;IAEpD,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,MAAM,CAAC,CAAC;AAC9C,CAAC;AAED,SAAS,mBAAmB,CAC1B,QAAuC,EAAA;AAEvC,IAAA,OAAOR,iBAAY,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,kBAAkB,CAAC,IAAkB,EAAA;AAC5C,IAAA,OAAOS,wBAAmB,CACxB,oBAAoB,EACpB,IAAI,CAAC,MAAM,CAAC,MAAM,EAClB,IAAI,CAAC,IAAI,CACV,CAAC;AACJ;;AC/JA;;;;;;;;;;;;;;;AAeG;AAqSI,eAAe,kBAAkB,CACtC,IAAU,EACV,cAAsC,EACtC,eAAe,GAAG,KAAK,EAAA;AAEvB,IAAA,IAAIC,wBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;QAClC,OAAO,OAAO,CAAC,MAAM,CACnBC,oDAA+C,CAAC,IAAI,CAAC,CACtD,CAAC;KACH;AACD,IAAA,MAAM,YAAY,GAAGC,cAAS,CAAC,IAAI,CAAC,CAAC;IACrC,MAAM,QAAQ,GAAG,oBAAoB,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IACpE,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC,YAAY,EAAE,QAAQ,EAAE,eAAe,CAAC,CAAC;AAC3E,IAAA,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,EAAE,CAAC;AAEtC,IAAA,IAAI,MAAM,IAAI,CAAC,eAAe,EAAE;AAC9B,QAAA,OAAO,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC;QACpC,MAAM,YAAY,CAAC,qBAAqB,CAAC,MAAM,CAAC,IAAoB,CAAC,CAAC;QACtE,MAAM,YAAY,CAAC,gBAAgB,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;KAC3D;AAED,IAAA,OAAO,MAAM,CAAC;AAChB;;ACzSO,MAAM,qBAAqB,GAAG,OAAO;;ACjC5C;;;;;;;;;;;;;;;AAeG;AAQH;AACA;AACA;MAEsB,uBAAuB,CAAA;IAC3C,WACqB,CAAA,gBAA+B,EACzC,IAAqB,EAAA;QADX,IAAgB,CAAA,gBAAA,GAAhB,gBAAgB,CAAe;QACzC,IAAI,CAAA,IAAA,GAAJ,IAAI,CAAiB;KAC5B;IAEJ,YAAY,GAAA;AACV,QAAA,IAAI;AACF,YAAA,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;AACjB,gBAAA,OAAO,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;aAC/B;YACD,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,qBAAqB,EAAE,GAAG,CAAC,CAAC;AACjD,YAAA,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,qBAAqB,CAAC,CAAC;AAC/C,YAAA,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;SAC9B;AAAC,QAAA,MAAM;AACN,YAAA,OAAO,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;SAC/B;KACF;IAED,IAAI,CAAC,GAAW,EAAE,KAAuB,EAAA;AACvC,QAAA,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;AACjD,QAAA,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;KAC1B;AAED,IAAA,IAAI,CAA6B,GAAW,EAAA;QAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;AACvC,QAAA,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC;KACxD;AAED,IAAA,OAAO,CAAC,GAAW,EAAA;AACjB,QAAA,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,QAAA,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;KAC1B;AAED,IAAA,IAAc,OAAO,GAAA;AACnB,QAAA,OAAO,IAAI,CAAC,gBAAgB,EAAE,CAAC;KAChC;AACF;;AChED;;;;;;;;;;;;;;;AAeG;AAWH,MAAM,yBACJ,SAAQ,uBAAuB,CAAA;AAK/B,IAAA,WAAA,GAAA;QACE,KAAK,CAAC,MAAM,MAAM,CAAC,cAAc,0CAA0B,CAAC;KAC7D;IAED,YAAY,CAAC,IAAY,EAAE,SAA+B,EAAA;;QAExD,OAAO;KACR;IAED,eAAe,CAAC,IAAY,EAAE,SAA+B,EAAA;;QAE3D,OAAO;KACR;;AAdM,yBAAI,CAAA,IAAA,GAAc,SAAS,CAAC;AAiBrC;;;;;AAKG;AACI,MAAM,yBAAyB,GAAgB,yBAAyB;;ACrD/E;;;;;;;;;;;;;;;AAeG;AAaH;;;;AAIG;AACH,MAAM,WAAW,GAAG,iBAAiB,CAAC;AAEtC;;;;AAIG;AACH,MAAM,oBAAoB,GAAG,uBAAuB,CAAC;AAErD;;;;AAIG;AACH,MAAM,8BAA8B,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC;AAgB1D,eAAe,eAAe,CACnC,IAAkB,EAClB,QAAsB,EACtB,QAAuB,EACvB,WAAoB,EACpB,OAAgB,EAChB,gBAAyC,EAAA;IAEzCX,YAAO,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,IAAI,EAAA,6BAAA,yCAAoC,CAAC;IACzEA,YAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,EAAA,iBAAA,qCAAgC,CAAC;AAEjE,IAAA,MAAM,MAAM,GAAiB;AAC3B,QAAA,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;QAC1B,OAAO,EAAE,IAAI,CAAC,IAAI;QAClB,QAAQ;QACR,WAAW;AACX,QAAA,CAAC,EAAEY,eAAW;QACd,OAAO;KACR,CAAC;AAEF,IAAA,IAAI,QAAQ,YAAYC,0BAAqB,EAAE;AAC7C,QAAA,QAAQ,CAAC,kBAAkB,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAC/C,MAAM,CAAC,UAAU,GAAG,QAAQ,CAAC,UAAU,IAAI,EAAE,CAAC;QAC9C,IAAI,CAACC,YAAO,CAAC,QAAQ,CAAC,mBAAmB,EAAE,CAAC,EAAE;AAC5C,YAAA,MAAM,CAAC,gBAAgB,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,mBAAmB,EAAE,CAAC,CAAC;SAC1E;;AAGD,QAAA,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,gBAAgB,IAAI,EAAE,CAAC,EAAE;AACjE,YAAA,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;SACrB;KACF;AAED,IAAA,IAAI,QAAQ,YAAYC,sBAAiB,EAAE;AACzC,QAAA,MAAM,MAAM,GAAG,QAAQ,CAAC,SAAS,EAAE,CAAC,MAAM,CAAC,KAAK,IAAI,KAAK,KAAK,EAAE,CAAC,CAAC;AAClE,QAAA,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE;YACrB,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;SAClC;KACF;AAED,IAAA,IAAI,IAAI,CAAC,QAAQ,EAAE;AACjB,QAAA,MAAM,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;KAC5B;;;IAKD,MAAM,UAAU,GAAG,MAAyC,CAAC;IAC7D,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE;AACzC,QAAA,IAAI,UAAU,CAAC,GAAG,CAAC,KAAK,SAAS,EAAE;AACjC,YAAA,OAAO,UAAU,CAAC,GAAG,CAAC,CAAC;SACxB;KACF;;AAGD,IAAA,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;IACrD,MAAM,qBAAqB,GAAG,aAAa;UACvC,IAAI,8BAA8B,CAAA,CAAA,EAAI,kBAAkB,CAAC,aAAa,CAAC,CAAE,CAAA;UACzE,EAAE,CAAC;;AAGP,IAAA,OAAO,GAAG,cAAc,CAAC,IAAI,CAAC,CAAA,CAAA,EAAIC,gBAAW,CAAC,UAAU,CAAC,CAAC,KAAK,CAC7D,CAAC,CACF,CAAG,EAAA,qBAAqB,EAAE,CAAC;AAC9B,CAAC;AAED,SAAS,cAAc,CAAC,EAAE,MAAM,EAAgB,EAAA;AAC9C,IAAA,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE;AACpB,QAAA,OAAO,WAAW,MAAM,CAAC,UAAU,CAAI,CAAA,EAAA,WAAW,EAAE,CAAC;KACtD;AAED,IAAA,OAAOC,iBAAY,CAAC,MAAM,EAAE,oBAAoB,CAAC,CAAC;AACpD;;ACvIA;;;;;;;;;;;;;;;AAeG;SAoCa,cAAc,GAAA;AAC5B,IAAA,OAAO,MAAkC,CAAC;AAC5C;;ACrDA;;;;;;;;;;;;;;;AAeG;AAcI,eAAe,iBAAiB,CACrC,IAAU,EACV,UAAmC,EAAE,EAAA;AAErC,IAAA,OAAOC,uBAAkB,CACvB,IAAI,EAGJ,KAAA,uBAAA,cAAA,oCAAA,OAAO,CACR,CAAC;AACJ;;ACvCA;;;;;;;;;;;;;;;AAeG;AAoBH;;;AAGG;AACH,MAAM,mBAAmB,GAAG,IAAI,CAAC;AAEjC;;AAEG;AACI,eAAe,mBAAmB,CACvC,IAAkB,EAClB,KAAgB,EAChB,QAAsB,EAAA;;AAGtB,IAAA,MAAM,EAAE,SAAS,EAAE,GAAG,cAAc,EAAE,CAAC;AACvC,IAAAX,gBAAW,CAAC,KAAK,CAAC,SAAS,EAAE,wCAAwC,CAAC,CAAC;IACvE,MAAM,aAAa,GAAG,MAAM,aAAa,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IAE3D,MAAM,gBAAgB,GAA2B,EAAE,CAAC;IACpD,IAAIY,WAAM,EAAE,EAAE;;AAEZ,QAAA,gBAAgB,CAAC,KAAK,CAAC,GAAG,SAAS,CAAC,WAAW,CAAC;KACjD;SAAM,IAAIC,eAAU,EAAE,EAAE;;AAEvB,QAAA,gBAAgB,CAAC,KAAK,CAAC,GAAG,SAAS,CAAC,WAAW,CAAC;KACjD;SAAM;QACLd,UAAK,CAAC,IAAI,EAAA,6CAAA,6CAAwC,CAAC;KACpD;;AAGD,IAAA,IAAI,SAAS,CAAC,WAAW,EAAE;AACzB,QAAA,gBAAgB,CAAC,gBAAgB,CAAC,GAAG,SAAS,CAAC,WAAW,CAAC;KAC5D;;AAGD,IAAA,gBAAgB,CAAC,WAAW,CAAC,GAAG,aAAa,CAAC;IAC9C,OAAO,eAAe,CACpB,IAAI,EACJ,QAAQ,EACR,KAAK,CAAC,IAAI,EACV,SAAS,EACT,KAAK,CAAC,OAAO,IAAI,SAAS,EAC1B,gBAAgB,CACjB,CAAC;AACJ,CAAC;AAED;;AAEG;AACI,eAAe,eAAe,CAAC,IAAkB,EAAA;AACtD,IAAA,MAAM,EAAE,SAAS,EAAE,GAAG,cAAc,EAAE,CAAC;IACvC,MAAM,OAAO,GAA4B,EAAE,CAAC;IAC5C,IAAIa,WAAM,EAAE,EAAE;AACZ,QAAA,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC,WAAW,CAAC;KAC7C;SAAM,IAAIC,eAAU,EAAE,EAAE;AACvB,QAAA,OAAO,CAAC,kBAAkB,GAAG,SAAS,CAAC,WAAW,CAAC;KACpD;SAAM;QACLd,UAAK,CAAC,IAAI,EAAA,6CAAA,6CAAwC,CAAC;KACpD;;AAGD,IAAA,MAAM,iBAAiB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AACzC,CAAC;AAEK,SAAU,gBAAgB,CAC9B,UAAkB,EAAA;;AAGlB,IAAA,MAAM,EAAE,OAAO,EAAE,GAAG,cAAc,EAAE,CAAC;AAErC,IAAA,OAAO,IAAI,OAAO,CAAC,OAAO,IAAG;QAC3B,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,qBAAqB,IAAG;YAC7D,IAAI,MAAM,GAA2B,IAAI,CAAC;YAC1C,IAAI,qBAAqB,EAAE;gBACzB,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;aAChD;iBAAM;;gBAEL,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,IAAI,CAChC,UAAU,EACVe,eAAU,EAAE,GAAG,QAAQ,GAAG,SAAS,EACnC,cAAc,CACf,CAAC;aACH;YACD,OAAO,CAAC,MAAM,CAAC,CAAC;AAClB,SAAC,CAAC,CAAC;AACL,KAAC,CAAC,CAAC;AACL,CAAC;AAQD;;;;;AAKG;AACI,eAAe,iBAAiB,CACrC,IAAkB,EAClB,aAAuC,EACvC,MAA8B,EAAA;;AAG9B,IAAA,MAAM,EAAE,OAAO,EAAE,GAAG,cAAc,EAAE,CAAC;AAErC,IAAA,IAAI,OAAO,GAAG,MAAW,GAAG,CAAC;AAC7B,IAAA,IAAI;QACF,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,KAAI;YAC1C,IAAI,YAAY,GAAkB,IAAI,CAAC;;AAGvC,YAAA,SAAS,aAAa,GAAA;;;AAGpB,gBAAA,OAAO,EAAE,CAAC;gBACV,MAAM,eAAe,GAAG,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,KAAK,CAAC;AAC1D,gBAAA,IAAI,OAAO,eAAe,KAAK,UAAU,EAAE;AACzC,oBAAA,eAAe,EAAE,CAAC;iBACnB;;;AAGD,gBAAA,IAAI,OAAO,MAAM,EAAE,KAAK,KAAK,UAAU,EAAE;oBACvC,MAAM,CAAC,KAAK,EAAE,CAAC;iBAChB;aACF;AAED,YAAA,SAAS,OAAO,GAAA;gBACd,IAAI,YAAY,EAAE;;oBAEhB,OAAO;iBACR;AAED,gBAAA,YAAY,GAAG,MAAM,CAAC,UAAU,CAAC,MAAK;;AAEpC,oBAAA,MAAM,CAACC,iBAAY,CAAC,IAAI,EAAA,4BAAA,gDAA2C,CAAC,CAAC;iBACtE,EAAE,mBAAmB,CAAC,CAAC;aACzB;AAED,YAAA,SAAS,iBAAiB,GAAA;AACxB,gBAAA,IAAI,QAAQ,EAAE,eAAe,KAAK,SAAS,EAAE;AAC3C,oBAAA,OAAO,EAAE,CAAC;iBACX;aACF;;;AAID,YAAA,aAAa,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC;;YAGhD,QAAQ,CAAC,gBAAgB,CAAC,QAAQ,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;YACpD,IAAIF,eAAU,EAAE,EAAE;gBAChB,QAAQ,CAAC,gBAAgB,CAAC,kBAAkB,EAAE,iBAAiB,EAAE,KAAK,CAAC,CAAC;aACzE;;YAGD,OAAO,GAAG,MAAK;AACb,gBAAA,aAAa,CAAC,qBAAqB,CAAC,aAAa,CAAC,CAAC;gBACnD,QAAQ,CAAC,mBAAmB,CAAC,QAAQ,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;gBACvD,QAAQ,CAAC,mBAAmB,CAC1B,kBAAkB,EAClB,iBAAiB,EACjB,KAAK,CACN,CAAC;gBACF,IAAI,YAAY,EAAE;AAChB,oBAAA,MAAM,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;iBACnC;AACH,aAAC,CAAC;AACJ,SAAC,CAAC,CAAC;KACJ;YAAS;AACR,QAAA,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AAED;;;;AAIG;AACG,SAAU,0BAA0B,CAAC,IAAkB,EAAA;AAC3D,IAAA,MAAM,GAAG,GAAG,cAAc,EAAE,CAAC;;;;;;IAM7BpB,YAAO,CACL,OAAO,GAAG,EAAE,cAAc,EAAE,SAAS,KAAK,UAAU,EACpD,IAAI,EAEJ,+BAAA,oDAAA;AACE,QAAA,aAAa,EAAE,oCAAoC;AACpD,KAAA,CACF,CAAC;;IAGFA,YAAO,CACL,OAAO,GAAG,EAAE,SAAS,EAAE,WAAW,KAAK,WAAW,EAClD,IAAI,EAEJ,+BAAA,oDAAA;AACE,QAAA,aAAa,EAAE,0BAA0B;AAC1C,KAAA,CACF,CAAC;;AAGF,IAAAA,YAAO,CACL,OAAO,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,KAAK,UAAU,EAChE,IAAI,EAEJ,+BAAA,oDAAA;AACE,QAAA,aAAa,EAAE,2BAA2B;AAC3C,KAAA,CACF,CAAC;AACF,IAAAA,YAAO,CACL,OAAO,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,WAAW,KAAK,UAAU,EACpE,IAAI,EAEJ,+BAAA,oDAAA;AACE,QAAA,aAAa,EAAE,2BAA2B;AAC3C,KAAA,CACF,CAAC;;AAGF,IAAAA,YAAO,CACL,OAAO,GAAG,EAAE,OAAO,EAAE,YAAY,EAAE,IAAI,KAAK,UAAU,EACtD,IAAI,EAEJ,+BAAA,oDAAA;AACE,QAAA,aAAa,EAAE,6BAA6B;AAC7C,KAAA,CACF,CAAC;AACJ,CAAC;AAED;;;;AAIG;AACH,eAAe,aAAa,CAAC,SAAiB,EAAA;AAC5C,IAAA,MAAM,KAAK,GAAG,mBAAmB,CAAC,SAAS,CAAC,CAAC;;;;;AAM7C,IAAA,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;AACzD,IAAA,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;IAC5C,OAAO,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACpE,CAAC;AAED,SAAS,mBAAmB,CAAC,GAAW,EAAA;;;IAGtCO,gBAAW,CACT,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,EACxB,wCAAwC,CACzC,CAAC;AACF,IAAA,IAAI,OAAO,WAAW,KAAK,WAAW,EAAE;QACtC,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;KACtC;IAED,MAAM,IAAI,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;AACzC,IAAA,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC;AAClC,IAAA,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACnC,IAAI,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;KAC7B;AACD,IAAA,OAAO,IAAI,CAAC;AACd;;AClTA;;;;;;;;;;;;;;;AAeG;AAYH;AACA;AACA,MAAM,mCAAmC,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;MAE9C,gBAAgB,CAAA;AAO3B,IAAA,WAAA,CAA6B,IAAkB,EAAA;QAAlB,IAAI,CAAA,IAAA,GAAJ,IAAI,CAAc;AAN9B,QAAA,IAAA,CAAA,eAAe,GAAgB,IAAI,GAAG,EAAE,CAAC;AACzC,QAAA,IAAA,CAAA,SAAS,GAA2B,IAAI,GAAG,EAAE,CAAC;QACrD,IAAmB,CAAA,mBAAA,GAAqB,IAAI,CAAC;QAC7C,IAA2B,CAAA,2BAAA,GAAG,KAAK,CAAC;AACtC,QAAA,IAAA,CAAA,sBAAsB,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;KAEO;AAEnD,IAAA,gBAAgB,CAAC,iBAAoC,EAAA;AACnD,QAAA,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAEtC,IACE,IAAI,CAAC,mBAAmB;YACxB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,mBAAmB,EAAE,iBAAiB,CAAC,EACpE;YACA,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,mBAAmB,EAAE,iBAAiB,CAAC,CAAC;AACjE,YAAA,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;AAChD,YAAA,IAAI,CAAC,mBAAmB,GAAG,IAAI,CAAC;SACjC;KACF;AAED,IAAA,kBAAkB,CAAC,iBAAoC,EAAA;AACrD,QAAA,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;KAC1C;AAED,IAAA,OAAO,CAAC,KAAgB,EAAA;;AAEtB,QAAA,IAAI,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,EAAE;AACnC,YAAA,OAAO,KAAK,CAAC;SACd;QAED,IAAI,OAAO,GAAG,KAAK,CAAC;AACpB,QAAA,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,QAAQ,IAAG;YAChC,IAAI,IAAI,CAAC,kBAAkB,CAAC,KAAK,EAAE,QAAQ,CAAC,EAAE;gBAC5C,OAAO,GAAG,IAAI,CAAC;AACf,gBAAA,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;AACrC,gBAAA,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;aAC9B;AACH,SAAC,CAAC,CAAC;QAEH,IAAI,IAAI,CAAC,2BAA2B,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,EAAE;;;AAG/D,YAAA,OAAO,OAAO,CAAC;SAChB;AAED,QAAA,IAAI,CAAC,2BAA2B,GAAG,IAAI,CAAC;;QAGxC,IAAI,CAAC,OAAO,EAAE;AACZ,YAAA,IAAI,CAAC,mBAAmB,GAAG,KAAK,CAAC;YACjC,OAAO,GAAG,IAAI,CAAC;SAChB;AAED,QAAA,OAAO,OAAO,CAAC;KAChB;IAEO,cAAc,CAAC,KAAgB,EAAE,QAA2B,EAAA;QAClE,IAAI,KAAK,CAAC,KAAK,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,EAAE;AAC9C,YAAA,MAAM,IAAI,GACP,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAmB;oEACzB;AAC/B,YAAA,QAAQ,CAAC,OAAO,CAACe,iBAAY,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC;SACjD;aAAM;AACL,YAAA,QAAQ,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;SAC7B;KACF;IAEO,kBAAkB,CACxB,KAAgB,EAChB,QAA2B,EAAA;AAE3B,QAAA,MAAM,cAAc,GAClB,QAAQ,CAAC,OAAO,KAAK,IAAI;AACzB,aAAC,CAAC,CAAC,KAAK,CAAC,OAAO,IAAI,KAAK,CAAC,OAAO,KAAK,QAAQ,CAAC,OAAO,CAAC,CAAC;AAC1D,QAAA,OAAO,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,cAAc,CAAC;KAC/D;AAEO,IAAA,mBAAmB,CAAC,KAAgB,EAAA;AAC1C,QAAA,IACE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,sBAAsB;AACxC,YAAA,mCAAmC,EACnC;AACA,YAAA,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC;SAC9B;QAED,OAAO,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;KAClD;AAEO,IAAA,gBAAgB,CAAC,KAAgB,EAAA;QACvC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;AAC1C,QAAA,IAAI,CAAC,sBAAsB,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;KAC1C;AACF,CAAA;AAED,SAAS,QAAQ,CAAC,CAAY,EAAA;AAC5B,IAAA,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/E,CAAC;AAED,SAAS,mBAAmB,CAAC,EAAE,IAAI,EAAE,KAAK,EAAa,EAAA;IACrD,QACE,IAAI,KAA0B,SAAA;AAC9B,QAAA,KAAK,EAAE,IAAI,KAAK,QAAQ,eAA2B,mCAAA,CAAE,EACrD;AACJ,CAAC;AAED,SAAS,eAAe,CAAC,KAAgB,EAAA;AACvC,IAAA,QAAQ,KAAK,CAAC,IAAI;QAChB,KAAwC,mBAAA,0CAAA;QACxC,KAAqC,iBAAA,uCAAA;AACrC,QAAA,KAAA,mBAAA;AACE,YAAA,OAAO,IAAI,CAAC;AACd,QAAA,KAAA,SAAA;AACE,YAAA,OAAO,mBAAmB,CAAC,KAAK,CAAC,CAAC;AACpC,QAAA;AACE,YAAA,OAAO,KAAK,CAAC;KAChB;AACH;;ACrJA;;;;;;;;;;;;;;;AAeG;AAaH;AACO,MAAM,oBAAoB,GAAG,IAAI,CAAC;AAEzC;AACA,MAAM,6BAA6B,GAAG,EAAE,CAAC;AAEzC,MAAM,uBACJ,SAAQ,uBAAuB,CAAA;AAK/B,IAAA,WAAA,GAAA;QACE,KAAK,CAAC,MAAM,MAAM,CAAC,YAAY,sCAAwB,CAAC;AAGzC,QAAA,IAAA,CAAA,iBAAiB,GAAG,CACnC,KAAmB,EACnB,IAAc,KACL,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAC3B,IAAS,CAAA,SAAA,GAA8C,EAAE,CAAC;QAC1D,IAAU,CAAA,UAAA,GAAkC,EAAE,CAAC;;;QAGxD,IAAS,CAAA,SAAA,GAAe,IAAI,CAAC;;QAGpB,IAAiB,CAAA,iBAAA,GAAGC,qBAAgB,EAAE,CAAC;QAC/C,IAAqB,CAAA,qBAAA,GAAG,IAAI,CAAC;KAdrC;AAgBO,IAAA,iBAAiB,CACvB,EAA2E,EAAA;;AAG3E,QAAA,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;;YAE7C,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAC3C,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;;;AAGtC,YAAA,IAAI,QAAQ,KAAK,QAAQ,EAAE;AACzB,gBAAA,EAAE,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;aAC7B;SACF;KACF;AAEO,IAAA,cAAc,CAAC,KAAmB,EAAE,IAAI,GAAG,KAAK,EAAA;;AAEtD,QAAA,IAAI,CAAC,KAAK,CAAC,GAAG,EAAE;YACd,IAAI,CAAC,iBAAiB,CACpB,CAAC,GAAW,EAAE,SAAwB,EAAE,QAAuB,KAAI;AACjE,gBAAA,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;AACtC,aAAC,CACF,CAAC;YACF,OAAO;SACR;AAED,QAAA,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,CAAC;;;QAItB,IAAI,IAAI,EAAE;;;YAGR,IAAI,CAAC,cAAc,EAAE,CAAC;SACvB;aAAM;;;YAGL,IAAI,CAAC,WAAW,EAAE,CAAC;SACpB;QAED,MAAM,gBAAgB,GAAG,MAAW;;;YAGlC,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;AAC9C,YAAA,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,WAAW,EAAE;;;gBAGjD,OAAO;aACR;AACD,YAAA,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;AACzC,SAAC,CAAC;QAEF,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;AAC9C,QAAA,IACEC,YAAO,EAAE;YACT,WAAW,KAAK,KAAK,CAAC,QAAQ;AAC9B,YAAA,KAAK,CAAC,QAAQ,KAAK,KAAK,CAAC,QAAQ,EACjC;;;;;AAKA,YAAA,UAAU,CAAC,gBAAgB,EAAE,6BAA6B,CAAC,CAAC;SAC7D;aAAM;AACL,YAAA,gBAAgB,EAAE,CAAC;SACpB;KACF;IAEO,eAAe,CAAC,GAAW,EAAE,KAAoB,EAAA;AACvD,QAAA,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QAC7B,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACtC,IAAI,SAAS,EAAE;YACb,KAAK,MAAM,QAAQ,IAAI,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE;AAC5C,gBAAA,QAAQ,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC,CAAC;aAC7C;SACF;KACF;IAEO,YAAY,GAAA;QAClB,IAAI,CAAC,WAAW,EAAE,CAAC;AAEnB,QAAA,IAAI,CAAC,SAAS,GAAG,WAAW,CAAC,MAAK;YAChC,IAAI,CAAC,iBAAiB,CACpB,CAAC,GAAW,EAAE,QAAuB,EAAE,QAAuB,KAAI;AAChE,gBAAA,IAAI,CAAC,cAAc,CACjB,IAAI,YAAY,CAAC,SAAS,EAAE;oBAC1B,GAAG;oBACH,QAAQ;oBACR,QAAQ;iBACT,CAAC;2BACS,IAAI,CAChB,CAAC;AACJ,aAAC,CACF,CAAC;SACH,EAAE,oBAAoB,CAAC,CAAC;KAC1B;IAEO,WAAW,GAAA;AACjB,QAAA,IAAI,IAAI,CAAC,SAAS,EAAE;AAClB,YAAA,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;AAC9B,YAAA,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;SACvB;KACF;IAEO,cAAc,GAAA;QACpB,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;KAC5D;IAEO,cAAc,GAAA;QACpB,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;KAC/D;IAED,YAAY,CAAC,GAAW,EAAE,QAA8B,EAAA;AACtD,QAAA,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;;;;;AAK5C,YAAA,IAAI,IAAI,CAAC,iBAAiB,EAAE;gBAC1B,IAAI,CAAC,YAAY,EAAE,CAAC;aACrB;iBAAM;gBACL,IAAI,CAAC,cAAc,EAAE,CAAC;aACvB;SACF;QACD,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE;YACxB,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE,CAAC;;AAEhC,YAAA,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;SAClD;QACD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;KACnC;IAED,eAAe,CAAC,GAAW,EAAE,QAA8B,EAAA;AACzD,QAAA,IAAI,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE;YACvB,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAErC,IAAI,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,IAAI,KAAK,CAAC,EAAE;AAClC,gBAAA,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;aAC5B;SACF;AAED,QAAA,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;YAC5C,IAAI,CAAC,cAAc,EAAE,CAAC;YACtB,IAAI,CAAC,WAAW,EAAE,CAAC;SACpB;KACF;;AAID,IAAA,MAAM,IAAI,CAAC,GAAW,EAAE,KAAuB,EAAA;QAC7C,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;AAC7B,QAAA,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;KAC9C;IAED,MAAM,IAAI,CAA6B,GAAW,EAAA;QAChD,MAAM,KAAK,GAAG,MAAM,KAAK,CAAC,IAAI,CAAI,GAAG,CAAC,CAAC;AACvC,QAAA,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;AAC7C,QAAA,OAAO,KAAK,CAAC;KACd;IAED,MAAM,OAAO,CAAC,GAAW,EAAA;AACvB,QAAA,MAAM,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;AACzB,QAAA,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;KAC7B;;AAxLM,uBAAI,CAAA,IAAA,GAAY,OAAZ,CAAoB;AA2LjC;;;;;AAKG;AACI,MAAM,uBAAuB,GAAgB,uBAAuB;;ACvO3E;;;;;;;;;;;;;;;AAeG;AAgBH,MAAM,iBAAiB,GAAG,EAAE,CAAC;AAE7B;AACM,MAAO,uBAAwB,SAAQ,gBAAgB,CAAA;AAA7D,IAAA,WAAA,GAAA;;AACmB,QAAA,IAAA,CAAA,gBAAgB,GAAG,IAAI,GAAG,EAA0B,CAAC;AAE9D,QAAA,IAAA,CAAA,WAAW,GAAG,IAAI,OAAO,CAAO,OAAO,IAAG;AAChD,YAAA,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC;AACpC,SAAC,CAAC,CAAC;KA2BJ;AAzBC,IAAA,kBAAkB,CAAC,EAA0B,EAAA;AAC3C,QAAA,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;KAC/B;AAED,IAAA,qBAAqB,CAAC,EAA0B,EAAA;AAC9C,QAAA,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;KAClC;;;IAID,aAAa,GAAA;AACX,QAAA,IAAI,CAAC,mBAAmB,GAAG,IAAI,CAAC;AAChC,QAAA,IAAI,CAAC,2BAA2B,GAAG,KAAK,CAAC;KAC1C;;AAGD,IAAA,OAAO,CAAC,KAAgB,EAAA;QACtB,IAAI,CAAC,kBAAkB,EAAE,CAAC;AAC1B,QAAA,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;AAC/C,QAAA,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;KAC7B;AAED,IAAA,MAAM,WAAW,GAAA;QACf,MAAM,IAAI,CAAC,WAAW,CAAC;KACxB;AACF,CAAA;AAED;;AAEG;AACG,SAAU,iBAAiB,CAC/B,IAAkB,EAClB,IAAmB,EACnB,UAAyB,IAAI,EAAA;IAE7B,OAAO;QACL,IAAI;QACJ,OAAO;AACP,QAAA,WAAW,EAAE,IAAI;QACjB,SAAS,EAAE,iBAAiB,EAAE;AAC9B,QAAA,QAAQ,EAAE,IAAI;QACd,QAAQ,EAAE,IAAI,CAAC,QAAQ;AACvB,QAAA,KAAK,EAAEF,iBAAY,CAAC,IAAI,EAA8B,eAAA,mCAAA;KACvD,CAAC;AACJ,CAAC;AAEe,SAAA,iBAAiB,CAC/B,IAAkB,EAClB,KAAgB,EAAA;AAEhB,IAAA,OAAO,OAAO,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,KAAgC,CAAC,CAAC;AAChF,CAAC;AAEM,eAAe,kBAAkB,CACtC,IAAkB,EAAA;AAElB,IAAA,MAAM,KAAK,IAAI,MAAM,OAAO,EAAE,CAAC,IAAI,CACjC,cAAc,CAAC,IAAI,CAAC,CACrB,CAAqB,CAAC;IACvB,IAAI,KAAK,EAAE;QACT,MAAM,OAAO,EAAE,CAAC,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC;KAC/C;AACD,IAAA,OAAO,KAAK,CAAC;AACf,CAAC;AAEe,SAAA,uBAAuB,CACrC,YAAuB,EACvB,GAAW,EAAA;;AAGX,IAAA,MAAM,WAAW,GAAG,wBAAwB,CAAC,GAAG,CAAC,CAAC;;;;;;AAMlD,IAAA,IAAI,WAAW,CAAC,QAAQ,CAAC,mBAAmB,CAAC,EAAE;;;;AAI7C,QAAA,MAAM,MAAM,GAAG,mBAAmB,CAAC,WAAW,CAAC,CAAC;;AAEhD,QAAA,MAAM,WAAW,GAAG,MAAM,CAAC,eAAe,CAAC;cACvC,eAAe,CAAC,kBAAkB,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC;cAC5D,IAAI,CAAC;AACT,QAAA,MAAM,IAAI,GAAG,WAAW,GAAG,MAAM,CAAC,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;AACxD,QAAA,MAAM,KAAK,GAAG,IAAI,GAAGA,iBAAY,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;QAC/C,IAAI,KAAK,EAAE;YACT,OAAO;gBACL,IAAI,EAAE,YAAY,CAAC,IAAI;gBACvB,OAAO,EAAE,YAAY,CAAC,OAAO;gBAC7B,QAAQ,EAAE,YAAY,CAAC,QAAQ;gBAC/B,KAAK;AACL,gBAAA,WAAW,EAAE,IAAI;AACjB,gBAAA,SAAS,EAAE,IAAI;AACf,gBAAA,QAAQ,EAAE,IAAI;aACf,CAAC;SACH;aAAM;YACL,OAAO;gBACL,IAAI,EAAE,YAAY,CAAC,IAAI;gBACvB,OAAO,EAAE,YAAY,CAAC,OAAO;gBAC7B,QAAQ,EAAE,YAAY,CAAC,QAAQ;gBAC/B,SAAS,EAAE,YAAY,CAAC,SAAS;AACjC,gBAAA,WAAW,EAAE,WAAW;AACxB,gBAAA,QAAQ,EAAE,IAAI;aACf,CAAC;SACH;KACF;AAED,IAAA,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,iBAAiB,GAAA;IACxB,MAAM,KAAK,GAAG,EAAE,CAAC;IACjB,MAAM,YAAY,GAChB,gEAAgE,CAAC;AACnE,IAAA,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,iBAAiB,EAAE,CAAC,EAAE,EAAE;AAC1C,QAAA,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QAC5D,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;KACtC;AACD,IAAA,OAAO,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACxB,CAAC;AAED,SAAS,OAAO,GAAA;AACd,IAAA,OAAOvB,iBAAY,CAAC,uBAAuB,CAAC,CAAC;AAC/C,CAAC;AAED,SAAS,cAAc,CAAC,IAAkB,EAAA;AACxC,IAAA,OAAOS,wBAAmB,CAAA,WAAA,2BAAqB,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;AAChF,CAAC;AAED,SAAS,eAAe,CAAC,IAAY,EAAA;AACnC,IAAA,IAAI;AACF,QAAA,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;KACzB;IAAC,OAAO,CAAC,EAAE;AACV,QAAA,OAAO,IAAI,CAAC;KACb;AACH,CAAC;AAED;AACM,SAAU,wBAAwB,CAAC,GAAW,EAAA;AAClD,IAAA,MAAM,MAAM,GAAG,mBAAmB,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,GAAG,kBAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,SAAS,CAAC;;IAE7E,MAAM,cAAc,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC;;AAEzD,IAAA,MAAM,WAAW,GAAG,MAAM,CAAC,cAAc,CAAC;AACxC,UAAE,kBAAkB,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;UAC1C,SAAS,CAAC;IACd,MAAM,iBAAiB,GAAG,mBAAmB,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC,CAAC;IACnE,OAAO,iBAAiB,IAAI,WAAW,IAAI,cAAc,IAAI,IAAI,IAAI,GAAG,CAAC;AAC3E,CAAC;AAED;;;AAGG;AACH,SAAS,mBAAmB,CAAC,GAAuB,EAAA;IAClD,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,GAAG,CAAC,EAAE;AACvB,QAAA,OAAO,EAAE,CAAC;KACX;AAED,IAAA,MAAM,CAAC,CAAC,EAAE,GAAG,IAAI,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACpC,OAAOiB,sBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAA2B,CAAC;AACrE;;AC7MA;;;;;;;;;;;;;;;AAeG;AAmCH;;;AAGG;AACH,MAAM,wBAAwB,GAAG,GAAG,CAAC;AAErC,MAAM,4BAA4B,CAAA;AAAlC,IAAA,WAAA,GAAA;QACW,IAAoB,CAAA,oBAAA,GAAG,yBAAyB,CAAC;AACjD,QAAA,IAAA,CAAA,sBAAsB,GAAG,IAAI,CAAC;AACtB,QAAA,IAAA,CAAA,aAAa,GAAG,IAAI,GAAG,EAAmC,CAAC;QAC3D,IAAwB,CAAA,wBAAA,GAAkC,EAAE,CAAC;QAE9E,IAAmB,CAAA,mBAAA,GAAG,kBAAkB,CAAC;QACzC,IAAuB,CAAA,uBAAA,GAAG,uBAAuB,CAAC;KAwHnD;IAtHC,MAAM,WAAW,CAAC,IAAkB,EAAA;AAClC,QAAA,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QACxB,IAAI,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC1C,IAAI,CAAC,OAAO,EAAE;AACZ,YAAA,OAAO,GAAG,IAAI,uBAAuB,CAAC,IAAI,CAAC,CAAC;YAC5C,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;AACrC,YAAA,IAAI,CAAC,uBAAuB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;SAC7C;AACD,QAAA,OAAO,OAAO,CAAC;KAChB;AAED,IAAA,UAAU,CAAC,IAAkB,EAAA;QAC3BnB,UAAK,CAAC,IAAI,EAAA,6CAAA,6CAAwC,CAAC;KACpD;IAED,MAAM,aAAa,CACjB,IAAkB,EAClB,QAAsB,EACtB,QAAuB,EACvB,OAAgB,EAAA;QAEhB,0BAA0B,CAAC,IAAI,CAAC,CAAC;QACjC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;AAC7C,QAAA,MAAM,OAAO,CAAC,WAAW,EAAE,CAAC;;;;QAK5B,OAAO,CAAC,aAAa,EAAE,CAAC;AACxB,QAAA,sBAAsB,EAAE,CAAC;AAEzB,QAAA,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;QAEnC,MAAM,KAAK,GAAG,iBAAiB,CAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;AACzD,QAAA,MAAM,iBAAiB,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QACrC,MAAM,GAAG,GAAG,MAAM,mBAAmB,CAAC,IAAI,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC;AAC7D,QAAA,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,GAAG,CAAC,CAAC;QAC3C,OAAO,iBAAiB,CAAC,IAAI,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;KACjD;IAED,4BAA4B,CAC1B,KAAmB,EACnB,GAAkC,EAAA;AAElC,QAAA,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;KAC5C;AAED,IAAA,iBAAiB,CAAC,IAAkB,EAAA;AAClC,QAAA,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QACxB,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,GAAG,CAAC,EAAE;YACvC,IAAI,CAAC,wBAAwB,CAAC,GAAG,CAAC,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;SAC5D;AAED,QAAA,OAAO,IAAI,CAAC,wBAAwB,CAAC,GAAG,CAAC,CAAC;KAC3C;IAEO,uBAAuB,CAC7B,IAAkB,EAClB,OAAyB,EAAA;;QAGzB,MAAM,EAAE,cAAc,EAAE,aAAa,EAAE,SAAS,EAAE,GAAG,cAAc,EAAE,CAAC;AAEtE,QAAA,MAAM,cAAc,GAAG,UAAU,CAAC,YAAW;;;AAG3C,YAAA,MAAM,kBAAkB,CAAC,IAAI,CAAC,CAAC;AAC/B,YAAA,OAAO,CAAC,OAAO,CAAC,eAAe,EAAE,CAAC,CAAC;SACpC,EAAE,wBAAwB,CAAC,CAAC;AAE7B,QAAA,MAAM,gBAAgB,GAAG,OACvB,SAAwC,KACvB;;YAEjB,YAAY,CAAC,cAAc,CAAC,CAAC;AAE7B,YAAA,MAAM,YAAY,GAAG,MAAM,kBAAkB,CAAC,IAAI,CAAC,CAAC;YACpD,IAAI,UAAU,GAAqB,IAAI,CAAC;YACxC,IAAI,YAAY,IAAI,SAAS,GAAG,KAAK,CAAC,EAAE;gBACtC,UAAU,GAAG,uBAAuB,CAAC,YAAY,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;aACtE;;YAGD,OAAO,CAAC,OAAO,CAAC,UAAU,IAAI,eAAe,EAAE,CAAC,CAAC;AACnD,SAAC,CAAC;;QAGF,IACE,OAAO,cAAc,KAAK,WAAW;AACrC,YAAA,OAAO,cAAc,CAAC,SAAS,KAAK,UAAU,EAC9C;AACA,YAAA,cAAc,CAAC,SAAS,CAAC,IAAI,EAAE,gBAAgB,CAAC,CAAC;SAClD;;;;;;QAOD,MAAM,qBAAqB,GAAG,aAAa,CAAC;QAC5C,MAAM,aAAa,GAAG,CAAA,EAAG,SAAS,CAAC,WAAW,CAAC,WAAW,EAAE,CAAA,GAAA,CAAK,CAAC;QAClE,cAAc,EAAE,CAAC,aAAa,GAAG,OAAM,GAAG,KAAG;YAC3C,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE;;;AAG/C,gBAAA,gBAAgB,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;aAC3B;;AAED,YAAA,IAAI,OAAO,qBAAqB,KAAK,UAAU,EAAE;AAC/C,gBAAA,IAAI;oBACF,qBAAqB,CAAC,GAAG,CAAC,CAAC;iBAC5B;gBAAC,OAAO,CAAC,EAAE;;AAEV,oBAAA,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;iBAClB;aACF;AACH,SAAC,CAAC;KACH;AACF,CAAA;AAED;;;;;AAKG;AACI,MAAM,4BAA4B,GACvC,6BAA6B;AAE/B,SAAS,eAAe,GAAA;IACtB,OAAO;AACL,QAAA,IAAI,EAAuB,SAAA;AAC3B,QAAA,OAAO,EAAE,IAAI;AACb,QAAA,SAAS,EAAE,IAAI;AACf,QAAA,WAAW,EAAE,IAAI;AACjB,QAAA,QAAQ,EAAE,IAAI;AACd,QAAA,QAAQ,EAAE,IAAI;QACd,KAAK,EAAEgB,iBAAY,CAA6B,eAAA,mCAAA;KACjD,CAAC;AACJ;;AC5MA;;;;;;;;;;;;;;;AAeG;AAqCH;AACA;AACA;AACgB,SAAA,sBAAsB,CAAC,IAAU,EAAE,SAAiB,EAAA;IAClEX,cAAS,CAAC,IAAI,CAAC,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;AAC3C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"}
\ No newline at end of file diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/internal/index.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/internal/index.d.ts new file mode 100644 index 0000000..b683c49 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/internal/index.d.ts @@ -0,0 +1,42 @@ +/** + * @license + * Copyright 2017 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth } from '../src/model/public_types'; +/** + * This interface is intended only for use by @firebase/auth-compat, do not use directly + */ +export * from '../index'; +export { SignInWithIdpResponse } from '../src/api/authentication/idp'; +export { AuthErrorCode } from '../src/core/errors'; +export { PersistenceInternal } from '../src/core/persistence'; +export { _persistenceKeyName } from '../src/core/persistence/persistence_user_manager'; +export { UserImpl } from '../src/core/user/user_impl'; +export { _getInstance } from '../src/core/util/instantiator'; +export { PopupRedirectResolverInternal, EventManager, AuthEventType } from '../src/model/popup_redirect'; +export { UserCredentialInternal, UserParameters } from '../src/model/user'; +export { AuthInternal, ConfigInternal } from '../src/model/auth'; +export { DefaultConfig, AuthImpl, _castAuth } from '../src/core/auth/auth_impl'; +export { ClientPlatform, _getClientVersion } from '../src/core/util/version'; +export { _generateEventId } from '../src/core/util/event_id'; +export { TaggedWithTokenResponse } from '../src/model/id_token'; +export { _fail, _assert } from '../src/core/util/assert'; +export { AuthPopup } from '../src/platform_browser/util/popup'; +export { _getRedirectResult } from '../src/platform_browser/strategies/redirect'; +export { _overrideRedirectResult } from '../src/core/strategies/redirect'; +export { cordovaPopupRedirectResolver } from '../src/platform_cordova/popup_redirect/popup_redirect'; +export { FetchProvider } from '../src/core/util/fetch_provider'; +export { SAMLAuthCredential } from '../src/core/credentials/saml'; +export declare function addFrameworkForLogging(auth: Auth, framework: string): void; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/scripts/run_node_tests.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/scripts/run_node_tests.d.ts new file mode 100644 index 0000000..731d2d9 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/scripts/run_node_tests.d.ts @@ -0,0 +1,17 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export {}; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/api/account_management/account.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/account_management/account.d.ts new file mode 100644 index 0000000..f106e93 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/account_management/account.d.ts @@ -0,0 +1,59 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { MfaEnrollment } from './mfa'; +import { Auth } from '../../model/public_types'; +export interface DeleteAccountRequest { + idToken: string; +} +export declare function deleteAccount(auth: Auth, request: DeleteAccountRequest): Promise<void>; +export interface ProviderUserInfo { + providerId: string; + rawId?: string; + email?: string; + displayName?: string; + photoUrl?: string; + phoneNumber?: string; +} +export interface DeleteLinkedAccountsRequest { + idToken: string; + deleteProvider: string[]; +} +export interface DeleteLinkedAccountsResponse { + providerUserInfo: ProviderUserInfo[]; +} +export declare function deleteLinkedAccounts(auth: Auth, request: DeleteLinkedAccountsRequest): Promise<DeleteLinkedAccountsResponse>; +export interface APIUserInfo { + localId?: string; + displayName?: string; + photoUrl?: string; + email?: string; + emailVerified?: boolean; + phoneNumber?: string; + lastLoginAt?: number; + createdAt?: number; + tenantId?: string; + passwordHash?: string; + providerUserInfo?: ProviderUserInfo[]; + mfaInfo?: MfaEnrollment[]; +} +export interface GetAccountInfoRequest { + idToken: string; +} +export interface GetAccountInfoResponse { + users: APIUserInfo[]; +} +export declare function getAccountInfo(auth: Auth, request: GetAccountInfoRequest): Promise<GetAccountInfoResponse>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/api/account_management/email_and_password.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/account_management/email_and_password.d.ts new file mode 100644 index 0000000..5a3bb06 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/account_management/email_and_password.d.ts @@ -0,0 +1,49 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { ActionCodeOperation, Auth } from '../../model/public_types'; +import { IdTokenResponse } from '../../model/id_token'; +import { MfaEnrollment } from './mfa'; +import { SignUpRequest, SignUpResponse } from '../authentication/sign_up'; +export interface ResetPasswordRequest { + oobCode: string; + newPassword?: string; + tenantId?: string; +} +export interface ResetPasswordResponse { + email: string; + newEmail?: string; + requestType?: ActionCodeOperation; + mfaInfo?: MfaEnrollment; +} +export declare function resetPassword(auth: Auth, request: ResetPasswordRequest): Promise<ResetPasswordResponse>; +export interface UpdateEmailPasswordRequest { + idToken: string; + returnSecureToken?: boolean; + email?: string; + password?: string; +} +export interface UpdateEmailPasswordResponse extends IdTokenResponse { +} +export declare function updateEmailPassword(auth: Auth, request: UpdateEmailPasswordRequest): Promise<UpdateEmailPasswordResponse>; +export declare function linkEmailPassword(auth: Auth, request: SignUpRequest): Promise<SignUpResponse>; +export interface ApplyActionCodeRequest { + oobCode: string; + tenantId?: string; +} +export interface ApplyActionCodeResponse { +} +export declare function applyActionCode(auth: Auth, request: ApplyActionCodeRequest): Promise<ApplyActionCodeResponse>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/api/account_management/mfa.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/account_management/mfa.d.ts new file mode 100644 index 0000000..8db0c0d --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/account_management/mfa.d.ts @@ -0,0 +1,107 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { RecaptchaClientType, RecaptchaVersion } from '../index'; +import { SignInWithPhoneNumberRequest } from '../authentication/sms'; +import { FinalizeMfaResponse } from '../authentication/mfa'; +import { AuthInternal } from '../../model/auth'; +/** + * MFA Info as returned by the API. + */ +interface BaseMfaEnrollment { + mfaEnrollmentId: string; + enrolledAt: number; + displayName?: string; +} +/** + * An MFA provided by SMS verification. + */ +export interface PhoneMfaEnrollment extends BaseMfaEnrollment { + phoneInfo: string; +} +/** + * An MFA provided by TOTP (Time-based One Time Password). + */ +export interface TotpMfaEnrollment extends BaseMfaEnrollment { +} +/** + * MfaEnrollment can be any subtype of BaseMfaEnrollment, currently only PhoneMfaEnrollment and TotpMfaEnrollment are supported. + */ +export type MfaEnrollment = PhoneMfaEnrollment | TotpMfaEnrollment; +export interface StartPhoneMfaEnrollmentRequest { + idToken: string; + phoneEnrollmentInfo: { + phoneNumber: string; + recaptchaToken?: string; + captchaResponse?: string; + clientType?: RecaptchaClientType; + recaptchaVersion?: RecaptchaVersion; + }; + tenantId?: string; +} +export interface StartPhoneMfaEnrollmentResponse { + phoneSessionInfo: { + sessionInfo: string; + }; +} +export declare function startEnrollPhoneMfa(auth: AuthInternal, request: StartPhoneMfaEnrollmentRequest): Promise<StartPhoneMfaEnrollmentResponse>; +export interface FinalizePhoneMfaEnrollmentRequest { + idToken: string; + phoneVerificationInfo: SignInWithPhoneNumberRequest; + displayName?: string | null; + tenantId?: string; +} +export interface FinalizePhoneMfaEnrollmentResponse extends FinalizeMfaResponse { +} +export declare function finalizeEnrollPhoneMfa(auth: AuthInternal, request: FinalizePhoneMfaEnrollmentRequest): Promise<FinalizePhoneMfaEnrollmentResponse>; +export interface StartTotpMfaEnrollmentRequest { + idToken: string; + totpEnrollmentInfo: {}; + tenantId?: string; +} +export interface StartTotpMfaEnrollmentResponse { + totpSessionInfo: { + sharedSecretKey: string; + verificationCodeLength: number; + hashingAlgorithm: string; + periodSec: number; + sessionInfo: string; + finalizeEnrollmentTime: number; + }; +} +export declare function startEnrollTotpMfa(auth: AuthInternal, request: StartTotpMfaEnrollmentRequest): Promise<StartTotpMfaEnrollmentResponse>; +export interface TotpVerificationInfo { + sessionInfo: string; + verificationCode: string; +} +export interface FinalizeTotpMfaEnrollmentRequest { + idToken: string; + totpVerificationInfo: TotpVerificationInfo; + displayName?: string | null; + tenantId?: string; +} +export interface FinalizeTotpMfaEnrollmentResponse extends FinalizeMfaResponse { +} +export declare function finalizeEnrollTotpMfa(auth: AuthInternal, request: FinalizeTotpMfaEnrollmentRequest): Promise<FinalizeTotpMfaEnrollmentResponse>; +export interface WithdrawMfaRequest { + idToken: string; + mfaEnrollmentId: string; + tenantId?: string; +} +export interface WithdrawMfaResponse extends FinalizeMfaResponse { +} +export declare function withdrawMfa(auth: AuthInternal, request: WithdrawMfaRequest): Promise<WithdrawMfaResponse>; +export {}; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/api/account_management/profile.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/account_management/profile.d.ts new file mode 100644 index 0000000..9b1d591 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/account_management/profile.d.ts @@ -0,0 +1,29 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { IdTokenResponse } from '../../model/id_token'; +import { Auth } from '../../model/public_types'; +export interface UpdateProfileRequest { + idToken: string; + displayName?: string | null; + photoUrl?: string | null; + returnSecureToken: boolean; +} +export interface UpdateProfileResponse extends IdTokenResponse { + displayName?: string | null; + photoUrl?: string | null; +} +export declare function updateProfile(auth: Auth, request: UpdateProfileRequest): Promise<UpdateProfileResponse>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/create_auth_uri.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/create_auth_uri.d.ts new file mode 100644 index 0000000..8c2db00 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/create_auth_uri.d.ts @@ -0,0 +1,26 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth } from '../../model/public_types'; +export interface CreateAuthUriRequest { + identifier: string; + continueUri: string; + tenantId?: string; +} +export interface CreateAuthUriResponse { + signinMethods: string[]; +} +export declare function createAuthUri(auth: Auth, request: CreateAuthUriRequest): Promise<CreateAuthUriResponse>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/custom_token.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/custom_token.d.ts new file mode 100644 index 0000000..ad776c7 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/custom_token.d.ts @@ -0,0 +1,26 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { IdTokenResponse } from '../../model/id_token'; +import { Auth } from '../../model/public_types'; +export interface SignInWithCustomTokenRequest { + token: string; + returnSecureToken: boolean; + tenantId?: string; +} +export interface SignInWithCustomTokenResponse extends IdTokenResponse { +} +export declare function signInWithCustomToken(auth: Auth, request: SignInWithCustomTokenRequest): Promise<SignInWithCustomTokenResponse>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/email_and_password.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/email_and_password.d.ts new file mode 100644 index 0000000..90028bd --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/email_and_password.d.ts @@ -0,0 +1,86 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { ActionCodeOperation, Auth } from '../../model/public_types'; +import { RecaptchaClientType, RecaptchaVersion } from '../index'; +import { IdToken, IdTokenResponse } from '../../model/id_token'; +export interface SignInWithPasswordRequest { + returnSecureToken?: boolean; + email: string; + password: string; + tenantId?: string; + captchaResponse?: string; + clientType?: RecaptchaClientType; + recaptchaVersion?: RecaptchaVersion; +} +export interface SignInWithPasswordResponse extends IdTokenResponse { + email: string; + displayName: string; +} +export declare function signInWithPassword(auth: Auth, request: SignInWithPasswordRequest): Promise<SignInWithPasswordResponse>; +export interface GetOobCodeRequest { + email?: string; + continueUrl?: string; + iOSBundleId?: string; + iosAppStoreId?: string; + androidPackageName?: string; + androidInstallApp?: boolean; + androidMinimumVersionCode?: string; + canHandleCodeInApp?: boolean; + dynamicLinkDomain?: string; + tenantId?: string; + targetProjectid?: string; + linkDomain?: string; +} +export interface VerifyEmailRequest extends GetOobCodeRequest { + requestType: ActionCodeOperation.VERIFY_EMAIL; + idToken: IdToken; +} +export interface PasswordResetRequest extends GetOobCodeRequest { + requestType: ActionCodeOperation.PASSWORD_RESET; + email: string; + captchaResp?: string; + clientType?: RecaptchaClientType; + recaptchaVersion?: RecaptchaVersion; +} +export interface EmailSignInRequest extends GetOobCodeRequest { + requestType: ActionCodeOperation.EMAIL_SIGNIN; + email: string; + captchaResp?: string; + clientType?: RecaptchaClientType; + recaptchaVersion?: RecaptchaVersion; +} +export interface VerifyAndChangeEmailRequest extends GetOobCodeRequest { + requestType: ActionCodeOperation.VERIFY_AND_CHANGE_EMAIL; + idToken: IdToken; + newEmail: string; +} +interface GetOobCodeResponse { + email: string; +} +export interface VerifyEmailResponse extends GetOobCodeResponse { +} +export interface PasswordResetResponse extends GetOobCodeResponse { +} +export interface EmailSignInResponse extends GetOobCodeResponse { +} +export interface VerifyAndChangeEmailResponse extends GetOobCodeRequest { +} +export declare function sendEmailVerification(auth: Auth, request: VerifyEmailRequest): Promise<VerifyEmailResponse>; +export declare function sendPasswordResetEmail(auth: Auth, request: PasswordResetRequest): Promise<PasswordResetResponse>; +export declare function sendSignInLinkToEmail(auth: Auth, request: EmailSignInRequest): Promise<EmailSignInResponse>; +export declare function verifyAndChangeEmail(auth: Auth, request: VerifyAndChangeEmailRequest): Promise<VerifyAndChangeEmailResponse>; +export {}; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/email_link.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/email_link.d.ts new file mode 100644 index 0000000..eef24a5 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/email_link.d.ts @@ -0,0 +1,32 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { IdTokenResponse } from '../../model/id_token'; +import { Auth } from '../../model/public_types'; +export interface SignInWithEmailLinkRequest { + email: string; + oobCode: string; + tenantId?: string; +} +export interface SignInWithEmailLinkResponse extends IdTokenResponse { + email: string; + isNewUser: boolean; +} +export declare function signInWithEmailLink(auth: Auth, request: SignInWithEmailLinkRequest): Promise<SignInWithEmailLinkResponse>; +export interface SignInWithEmailLinkForLinkingRequest extends SignInWithEmailLinkRequest { + idToken: string; +} +export declare function signInWithEmailLinkForLinking(auth: Auth, request: SignInWithEmailLinkForLinkingRequest): Promise<SignInWithEmailLinkResponse>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/idp.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/idp.d.ts new file mode 100644 index 0000000..dd75832 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/idp.d.ts @@ -0,0 +1,40 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { IdToken, IdTokenResponse } from '../../model/id_token'; +import { Auth } from '../../model/public_types'; +export interface SignInWithIdpRequest { + requestUri: string; + postBody?: string; + sessionId?: string; + tenantId?: string; + returnSecureToken: boolean; + returnIdpCredential?: boolean; + idToken?: IdToken; + autoCreate?: boolean; + pendingToken?: string; +} +/** + * @internal + */ +export interface SignInWithIdpResponse extends IdTokenResponse { + oauthAccessToken?: string; + oauthTokenSecret?: string; + nonce?: string; + oauthIdToken?: string; + pendingToken?: string; +} +export declare function signInWithIdp(auth: Auth, request: SignInWithIdpRequest): Promise<SignInWithIdpResponse>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/mfa.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/mfa.d.ts new file mode 100644 index 0000000..0d2abed --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/mfa.d.ts @@ -0,0 +1,73 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { RecaptchaClientType, RecaptchaVersion } from '../index'; +import { Auth } from '../../model/public_types'; +import { IdTokenResponse } from '../../model/id_token'; +import { MfaEnrollment } from '../account_management/mfa'; +import { SignInWithIdpResponse } from './idp'; +import { SignInWithPhoneNumberRequest, SignInWithPhoneNumberResponse } from './sms'; +export interface FinalizeMfaResponse { + idToken: string; + refreshToken: string; +} +/** + * @internal + */ +export interface IdTokenMfaResponse extends IdTokenResponse { + mfaPendingCredential?: string; + mfaInfo?: MfaEnrollment[]; +} +export interface StartPhoneMfaSignInRequest { + mfaPendingCredential: string; + mfaEnrollmentId: string; + phoneSignInInfo: { + recaptchaToken?: string; + captchaResponse?: string; + clientType?: RecaptchaClientType; + recaptchaVersion?: RecaptchaVersion; + }; + tenantId?: string; +} +export interface StartPhoneMfaSignInResponse { + phoneResponseInfo: { + sessionInfo: string; + }; +} +export declare function startSignInPhoneMfa(auth: Auth, request: StartPhoneMfaSignInRequest): Promise<StartPhoneMfaSignInResponse>; +export interface FinalizePhoneMfaSignInRequest { + mfaPendingCredential: string; + phoneVerificationInfo: SignInWithPhoneNumberRequest; + tenantId?: string; +} +export interface FinalizeTotpMfaSignInRequest { + mfaPendingCredential: string; + totpVerificationInfo: { + verificationCode: string; + }; + tenantId?: string; + mfaEnrollmentId: string; +} +export interface FinalizePhoneMfaSignInResponse extends FinalizeMfaResponse { +} +export interface FinalizeTotpMfaSignInResponse extends FinalizeMfaResponse { +} +export declare function finalizeSignInPhoneMfa(auth: Auth, request: FinalizePhoneMfaSignInRequest): Promise<FinalizePhoneMfaSignInResponse>; +export declare function finalizeSignInTotpMfa(auth: Auth, request: FinalizeTotpMfaSignInRequest): Promise<FinalizeTotpMfaSignInResponse>; +/** + * @internal + */ +export type PhoneOrOauthTokenResponse = SignInWithPhoneNumberResponse | SignInWithIdpResponse | IdTokenResponse; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/recaptcha.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/recaptcha.d.ts new file mode 100644 index 0000000..e324d6d --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/recaptcha.d.ts @@ -0,0 +1,34 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { RecaptchaClientType, RecaptchaVersion } from '../index'; +import { Auth } from '../../model/public_types'; +export declare function getRecaptchaParams(auth: Auth): Promise<string>; +interface GetRecaptchaConfigRequest { + tenantId?: string; + clientType?: RecaptchaClientType; + version?: RecaptchaVersion; +} +export interface RecaptchaEnforcementProviderState { + provider: string; + enforcementState: string; +} +export interface GetRecaptchaConfigResponse { + recaptchaKey: string; + recaptchaEnforcementState: RecaptchaEnforcementProviderState[]; +} +export declare function getRecaptchaConfig(auth: Auth, request: GetRecaptchaConfigRequest): Promise<GetRecaptchaConfigResponse>; +export {}; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/sign_up.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/sign_up.d.ts new file mode 100644 index 0000000..78f0838 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/sign_up.d.ts @@ -0,0 +1,34 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { RecaptchaClientType, RecaptchaVersion } from '../index'; +import { IdTokenResponse } from '../../model/id_token'; +import { Auth } from '../../model/public_types'; +export interface SignUpRequest { + idToken?: string; + returnSecureToken?: boolean; + email?: string; + password?: string; + tenantId?: string; + captchaResponse?: string; + clientType?: RecaptchaClientType; + recaptchaVersion?: RecaptchaVersion; +} +export interface SignUpResponse extends IdTokenResponse { + displayName?: string; + email?: string; +} +export declare function signUp(auth: Auth, request: SignUpRequest): Promise<SignUpResponse>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/sms.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/sms.d.ts new file mode 100644 index 0000000..617aa64 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/sms.d.ts @@ -0,0 +1,54 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { RecaptchaClientType, RecaptchaVersion } from '../index'; +import { IdTokenResponse } from '../../model/id_token'; +import { Auth } from '../../model/public_types'; +export interface SendPhoneVerificationCodeRequest { + phoneNumber: string; + recaptchaToken?: string; + tenantId?: string; + captchaResponse?: string; + clientType?: RecaptchaClientType; + recaptchaVersion?: RecaptchaVersion; +} +export interface SendPhoneVerificationCodeResponse { + sessionInfo: string; +} +export declare function sendPhoneVerificationCode(auth: Auth, request: SendPhoneVerificationCodeRequest): Promise<SendPhoneVerificationCodeResponse>; +/** + * @internal + */ +export interface SignInWithPhoneNumberRequest { + temporaryProof?: string; + phoneNumber?: string; + sessionInfo?: string; + code?: string; + tenantId?: string; +} +export interface LinkWithPhoneNumberRequest extends SignInWithPhoneNumberRequest { + idToken: string; +} +/** + * @internal + */ +export interface SignInWithPhoneNumberResponse extends IdTokenResponse { + temporaryProof?: string; + phoneNumber?: string; +} +export declare function signInWithPhoneNumber(auth: Auth, request: SignInWithPhoneNumberRequest): Promise<SignInWithPhoneNumberResponse>; +export declare function linkWithPhoneNumber(auth: Auth, request: LinkWithPhoneNumberRequest): Promise<SignInWithPhoneNumberResponse>; +export declare function verifyPhoneNumberForExisting(auth: Auth, request: SignInWithPhoneNumberRequest): Promise<SignInWithPhoneNumberResponse>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/token.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/token.d.ts new file mode 100644 index 0000000..1433eae --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/authentication/token.d.ts @@ -0,0 +1,37 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth } from '../../model/public_types'; +export declare const enum TokenType { + REFRESH_TOKEN = "REFRESH_TOKEN", + ACCESS_TOKEN = "ACCESS_TOKEN" +} +export interface RequestStsTokenResponse { + accessToken: string; + expiresIn: string; + refreshToken: string; +} +export interface RevokeTokenRequest { + providerId: string; + tokenType: TokenType; + token: string; + idToken: string; + tenantId?: string; +} +export interface RevokeTokenResponse { +} +export declare function requestStsToken(auth: Auth, refreshToken: string): Promise<RequestStsTokenResponse>; +export declare function revokeToken(auth: Auth, request: RevokeTokenRequest): Promise<RevokeTokenResponse>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/api/errors.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/errors.d.ts new file mode 100644 index 0000000..208e19d --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/errors.d.ts @@ -0,0 +1,129 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthErrorCode } from '../core/errors'; +/** + * Errors that can be returned by the backend + */ +export declare const enum ServerError { + ADMIN_ONLY_OPERATION = "ADMIN_ONLY_OPERATION", + BLOCKING_FUNCTION_ERROR_RESPONSE = "BLOCKING_FUNCTION_ERROR_RESPONSE", + CAPTCHA_CHECK_FAILED = "CAPTCHA_CHECK_FAILED", + CORS_UNSUPPORTED = "CORS_UNSUPPORTED", + CREDENTIAL_MISMATCH = "CREDENTIAL_MISMATCH", + CREDENTIAL_TOO_OLD_LOGIN_AGAIN = "CREDENTIAL_TOO_OLD_LOGIN_AGAIN", + DYNAMIC_LINK_NOT_ACTIVATED = "DYNAMIC_LINK_NOT_ACTIVATED", + EMAIL_CHANGE_NEEDS_VERIFICATION = "EMAIL_CHANGE_NEEDS_VERIFICATION", + EMAIL_EXISTS = "EMAIL_EXISTS", + EMAIL_NOT_FOUND = "EMAIL_NOT_FOUND", + EXPIRED_OOB_CODE = "EXPIRED_OOB_CODE", + FEDERATED_USER_ID_ALREADY_LINKED = "FEDERATED_USER_ID_ALREADY_LINKED", + INVALID_APP_CREDENTIAL = "INVALID_APP_CREDENTIAL", + INVALID_APP_ID = "INVALID_APP_ID", + INVALID_CERT_HASH = "INVALID_CERT_HASH", + INVALID_CODE = "INVALID_CODE", + INVALID_CONTINUE_URI = "INVALID_CONTINUE_URI", + INVALID_CUSTOM_TOKEN = "INVALID_CUSTOM_TOKEN", + INVALID_DYNAMIC_LINK_DOMAIN = "INVALID_DYNAMIC_LINK_DOMAIN", + INVALID_EMAIL = "INVALID_EMAIL", + INVALID_ID_TOKEN = "INVALID_ID_TOKEN", + INVALID_IDP_RESPONSE = "INVALID_IDP_RESPONSE", + INVALID_IDENTIFIER = "INVALID_IDENTIFIER", + INVALID_LOGIN_CREDENTIALS = "INVALID_LOGIN_CREDENTIALS", + INVALID_MESSAGE_PAYLOAD = "INVALID_MESSAGE_PAYLOAD", + INVALID_MFA_PENDING_CREDENTIAL = "INVALID_MFA_PENDING_CREDENTIAL", + INVALID_OAUTH_CLIENT_ID = "INVALID_OAUTH_CLIENT_ID", + INVALID_OOB_CODE = "INVALID_OOB_CODE", + INVALID_PASSWORD = "INVALID_PASSWORD", + INVALID_PENDING_TOKEN = "INVALID_PENDING_TOKEN", + INVALID_PHONE_NUMBER = "INVALID_PHONE_NUMBER", + INVALID_PROVIDER_ID = "INVALID_PROVIDER_ID", + INVALID_RECIPIENT_EMAIL = "INVALID_RECIPIENT_EMAIL", + INVALID_SENDER = "INVALID_SENDER", + INVALID_SESSION_INFO = "INVALID_SESSION_INFO", + INVALID_TEMPORARY_PROOF = "INVALID_TEMPORARY_PROOF", + INVALID_TENANT_ID = "INVALID_TENANT_ID", + MFA_ENROLLMENT_NOT_FOUND = "MFA_ENROLLMENT_NOT_FOUND", + MISSING_ANDROID_PACKAGE_NAME = "MISSING_ANDROID_PACKAGE_NAME", + MISSING_APP_CREDENTIAL = "MISSING_APP_CREDENTIAL", + MISSING_CODE = "MISSING_CODE", + MISSING_CONTINUE_URI = "MISSING_CONTINUE_URI", + MISSING_CUSTOM_TOKEN = "MISSING_CUSTOM_TOKEN", + MISSING_IOS_BUNDLE_ID = "MISSING_IOS_BUNDLE_ID", + MISSING_MFA_ENROLLMENT_ID = "MISSING_MFA_ENROLLMENT_ID", + MISSING_MFA_PENDING_CREDENTIAL = "MISSING_MFA_PENDING_CREDENTIAL", + MISSING_OOB_CODE = "MISSING_OOB_CODE", + MISSING_OR_INVALID_NONCE = "MISSING_OR_INVALID_NONCE", + MISSING_PASSWORD = "MISSING_PASSWORD", + MISSING_REQ_TYPE = "MISSING_REQ_TYPE", + MISSING_PHONE_NUMBER = "MISSING_PHONE_NUMBER", + MISSING_SESSION_INFO = "MISSING_SESSION_INFO", + OPERATION_NOT_ALLOWED = "OPERATION_NOT_ALLOWED", + PASSWORD_LOGIN_DISABLED = "PASSWORD_LOGIN_DISABLED", + QUOTA_EXCEEDED = "QUOTA_EXCEEDED", + RESET_PASSWORD_EXCEED_LIMIT = "RESET_PASSWORD_EXCEED_LIMIT", + REJECTED_CREDENTIAL = "REJECTED_CREDENTIAL", + SECOND_FACTOR_EXISTS = "SECOND_FACTOR_EXISTS", + SECOND_FACTOR_LIMIT_EXCEEDED = "SECOND_FACTOR_LIMIT_EXCEEDED", + SESSION_EXPIRED = "SESSION_EXPIRED", + TENANT_ID_MISMATCH = "TENANT_ID_MISMATCH", + TOKEN_EXPIRED = "TOKEN_EXPIRED", + TOO_MANY_ATTEMPTS_TRY_LATER = "TOO_MANY_ATTEMPTS_TRY_LATER", + UNSUPPORTED_FIRST_FACTOR = "UNSUPPORTED_FIRST_FACTOR", + UNSUPPORTED_TENANT_OPERATION = "UNSUPPORTED_TENANT_OPERATION", + UNAUTHORIZED_DOMAIN = "UNAUTHORIZED_DOMAIN", + UNVERIFIED_EMAIL = "UNVERIFIED_EMAIL", + USER_CANCELLED = "USER_CANCELLED", + USER_DISABLED = "USER_DISABLED", + USER_NOT_FOUND = "USER_NOT_FOUND", + WEAK_PASSWORD = "WEAK_PASSWORD", + RECAPTCHA_NOT_ENABLED = "RECAPTCHA_NOT_ENABLED", + MISSING_RECAPTCHA_TOKEN = "MISSING_RECAPTCHA_TOKEN", + INVALID_RECAPTCHA_TOKEN = "INVALID_RECAPTCHA_TOKEN", + INVALID_RECAPTCHA_ACTION = "INVALID_RECAPTCHA_ACTION", + MISSING_CLIENT_TYPE = "MISSING_CLIENT_TYPE", + MISSING_RECAPTCHA_VERSION = "MISSING_RECAPTCHA_VERSION", + INVALID_RECAPTCHA_VERSION = "INVALID_RECAPTCHA_VERSION", + INVALID_REQ_TYPE = "INVALID_REQ_TYPE", + PASSWORD_DOES_NOT_MEET_REQUIREMENTS = "PASSWORD_DOES_NOT_MEET_REQUIREMENTS", + INVALID_HOSTING_LINK_DOMAIN = "INVALID_HOSTING_LINK_DOMAIN" +} +/** + * API Response in the event of an error + */ +export interface JsonError { + error: { + code: number; + message: string; + errors?: [ + { + message: ServerError; + domain: string; + reason: string; + } + ]; + }; +} +/** + * Type definition for a map from server errors to developer visible errors + */ +export declare type ServerErrorMap<ApiError extends string> = { + readonly [K in ApiError]: AuthErrorCode; +}; +/** + * Map from errors returned by the server to errors to developer visible errors + */ +export declare const SERVER_ERROR_MAP: Partial<ServerErrorMap<ServerError>>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/api/index.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/index.d.ts new file mode 100644 index 0000000..1df9f79 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/index.d.ts @@ -0,0 +1,101 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { FirebaseError } from '@firebase/util'; +import { AuthErrorCode } from '../core/errors'; +import { Delay } from '../core/util/delay'; +import { Auth } from '../model/public_types'; +import { IdTokenResponse } from '../model/id_token'; +import { ServerError, ServerErrorMap } from './errors'; +export declare const enum HttpMethod { + POST = "POST", + GET = "GET" +} +export declare const enum HttpHeader { + CONTENT_TYPE = "Content-Type", + X_FIREBASE_LOCALE = "X-Firebase-Locale", + X_CLIENT_VERSION = "X-Client-Version", + X_FIREBASE_GMPID = "X-Firebase-gmpid", + X_FIREBASE_CLIENT = "X-Firebase-Client", + X_FIREBASE_APP_CHECK = "X-Firebase-AppCheck" +} +export declare const enum Endpoint { + CREATE_AUTH_URI = "/v1/accounts:createAuthUri", + DELETE_ACCOUNT = "/v1/accounts:delete", + RESET_PASSWORD = "/v1/accounts:resetPassword", + SIGN_UP = "/v1/accounts:signUp", + SIGN_IN_WITH_CUSTOM_TOKEN = "/v1/accounts:signInWithCustomToken", + SIGN_IN_WITH_EMAIL_LINK = "/v1/accounts:signInWithEmailLink", + SIGN_IN_WITH_IDP = "/v1/accounts:signInWithIdp", + SIGN_IN_WITH_PASSWORD = "/v1/accounts:signInWithPassword", + SIGN_IN_WITH_PHONE_NUMBER = "/v1/accounts:signInWithPhoneNumber", + SEND_VERIFICATION_CODE = "/v1/accounts:sendVerificationCode", + SEND_OOB_CODE = "/v1/accounts:sendOobCode", + SET_ACCOUNT_INFO = "/v1/accounts:update", + GET_ACCOUNT_INFO = "/v1/accounts:lookup", + GET_RECAPTCHA_PARAM = "/v1/recaptchaParams", + START_MFA_ENROLLMENT = "/v2/accounts/mfaEnrollment:start", + FINALIZE_MFA_ENROLLMENT = "/v2/accounts/mfaEnrollment:finalize", + START_MFA_SIGN_IN = "/v2/accounts/mfaSignIn:start", + FINALIZE_MFA_SIGN_IN = "/v2/accounts/mfaSignIn:finalize", + WITHDRAW_MFA = "/v2/accounts/mfaEnrollment:withdraw", + GET_PROJECT_CONFIG = "/v1/projects", + GET_RECAPTCHA_CONFIG = "/v2/recaptchaConfig", + GET_PASSWORD_POLICY = "/v2/passwordPolicy", + TOKEN = "/v1/token", + REVOKE_TOKEN = "/v2/accounts:revokeToken" +} +export declare const enum RecaptchaClientType { + WEB = "CLIENT_TYPE_WEB", + ANDROID = "CLIENT_TYPE_ANDROID", + IOS = "CLIENT_TYPE_IOS" +} +export declare const enum RecaptchaVersion { + ENTERPRISE = "RECAPTCHA_ENTERPRISE" +} +export declare const enum RecaptchaActionName { + SIGN_IN_WITH_PASSWORD = "signInWithPassword", + GET_OOB_CODE = "getOobCode", + SIGN_UP_PASSWORD = "signUpPassword", + SEND_VERIFICATION_CODE = "sendVerificationCode", + MFA_SMS_ENROLLMENT = "mfaSmsEnrollment", + MFA_SMS_SIGNIN = "mfaSmsSignIn" +} +export declare const enum EnforcementState { + ENFORCE = "ENFORCE", + AUDIT = "AUDIT", + OFF = "OFF", + ENFORCEMENT_STATE_UNSPECIFIED = "ENFORCEMENT_STATE_UNSPECIFIED" +} +export declare const enum RecaptchaAuthProvider { + EMAIL_PASSWORD_PROVIDER = "EMAIL_PASSWORD_PROVIDER", + PHONE_PROVIDER = "PHONE_PROVIDER" +} +export declare const DEFAULT_API_TIMEOUT_MS: Delay; +export declare function _addTidIfNecessary<T extends { + tenantId?: string; +}>(auth: Auth, request: T): T; +export declare function _performApiRequest<T, V>(auth: Auth, method: HttpMethod, path: Endpoint, request?: T, customErrorMap?: Partial<ServerErrorMap<ServerError>>): Promise<V>; +export declare function _performFetchWithErrorHandling<V>(auth: Auth, customErrorMap: Partial<ServerErrorMap<ServerError>>, fetchFn: () => Promise<Response>): Promise<V>; +export declare function _performSignInRequest<T, V extends IdTokenResponse>(auth: Auth, method: HttpMethod, path: Endpoint, request?: T, customErrorMap?: Partial<ServerErrorMap<ServerError>>): Promise<V>; +export declare function _getFinalTarget(auth: Auth, host: string, path: string, query: string): Promise<string>; +export declare function _parseEnforcementState(enforcementStateStr: string): EnforcementState; +interface PotentialResponse extends IdTokenResponse { + email?: string; + phoneNumber?: string; +} +export declare function _makeTaggedError(auth: Auth, code: AuthErrorCode, response: PotentialResponse): FirebaseError; +export {}; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/api/password_policy/get_password_policy.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/password_policy/get_password_policy.d.ts new file mode 100644 index 0000000..f8a90e9 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/password_policy/get_password_policy.d.ts @@ -0,0 +1,48 @@ +/** + * @license + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth } from '../../model/public_types'; +/** + * Request object for fetching the password policy. + */ +export interface GetPasswordPolicyRequest { + tenantId?: string; +} +/** + * Response object for fetching the password policy. + */ +export interface GetPasswordPolicyResponse { + customStrengthOptions: { + minPasswordLength?: number; + maxPasswordLength?: number; + containsLowercaseCharacter?: boolean; + containsUppercaseCharacter?: boolean; + containsNumericCharacter?: boolean; + containsNonAlphanumericCharacter?: boolean; + }; + allowedNonAlphanumericCharacters?: string[]; + enforcementState: string; + forceUpgradeOnSignin?: boolean; + schemaVersion: number; +} +/** + * Fetches the password policy for the currently set tenant or the project if no tenant is set. + * + * @param auth Auth object. + * @param request Password policy request. + * @returns Password policy response. + */ +export declare function _getPasswordPolicy(auth: Auth, request?: GetPasswordPolicyRequest): Promise<GetPasswordPolicyResponse>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/api/project_config/get_project_config.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/project_config/get_project_config.d.ts new file mode 100644 index 0000000..c7a881a --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/api/project_config/get_project_config.d.ts @@ -0,0 +1,25 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth } from '../../model/public_types'; +export interface GetProjectConfigRequest { + androidPackageName?: string; + iosBundleId?: string; +} +export interface GetProjectConfigResponse { + authorizedDomains: string[]; +} +export declare function _getProjectConfig(auth: Auth, request?: GetProjectConfigRequest): Promise<GetProjectConfigResponse>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/action_code_url.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/action_code_url.d.ts new file mode 100644 index 0000000..39f14b6 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/action_code_url.d.ts @@ -0,0 +1,73 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * A utility class to parse email action URLs such as password reset, email verification, + * email link sign in, etc. + * + * @public + */ +export declare class ActionCodeURL { + /** + * The API key of the email action link. + */ + readonly apiKey: string; + /** + * The action code of the email action link. + */ + readonly code: string; + /** + * The continue URL of the email action link. Null if not provided. + */ + readonly continueUrl: string | null; + /** + * The language code of the email action link. Null if not provided. + */ + readonly languageCode: string | null; + /** + * The action performed by the email action link. It returns from one of the types from + * {@link ActionCodeInfo} + */ + readonly operation: string; + /** + * The tenant ID of the email action link. Null if the email action is from the parent project. + */ + readonly tenantId: string | null; + /** + * @param actionLink - The link from which to extract the URL. + * @returns The {@link ActionCodeURL} object, or null if the link is invalid. + * + * @internal + */ + constructor(actionLink: string); + /** + * Parses the email action link string and returns an {@link ActionCodeURL} if the link is valid, + * otherwise returns null. + * + * @param link - The email action link string. + * @returns The {@link ActionCodeURL} object, or null if the link is invalid. + * + * @public + */ + static parseLink(link: string): ActionCodeURL | null; +} +/** + * Parses the email action link string and returns an {@link ActionCodeURL} if + * the link is valid, otherwise returns null. + * + * @public + */ +export declare function parseActionCodeURL(link: string): ActionCodeURL | null; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/auth_event_manager.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/auth_event_manager.d.ts new file mode 100644 index 0000000..42edbc6 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/auth_event_manager.d.ts @@ -0,0 +1,34 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthEvent, AuthEventConsumer, EventManager } from '../../model/popup_redirect'; +import { AuthInternal } from '../../model/auth'; +export declare class AuthEventManager implements EventManager { + private readonly auth; + private readonly cachedEventUids; + private readonly consumers; + protected queuedRedirectEvent: AuthEvent | null; + protected hasHandledPotentialRedirect: boolean; + private lastProcessedEventTime; + constructor(auth: AuthInternal); + registerConsumer(authEventConsumer: AuthEventConsumer): void; + unregisterConsumer(authEventConsumer: AuthEventConsumer): void; + onEvent(event: AuthEvent): boolean; + private sendToConsumer; + private isEventForConsumer; + private hasEventBeenHandled; + private saveEventToCache; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/auth_impl.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/auth_impl.d.ts new file mode 100644 index 0000000..87aab60 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/auth_impl.d.ts @@ -0,0 +1,133 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { _FirebaseService, FirebaseApp } from '@firebase/app'; +import { Provider } from '@firebase/component'; +import { AppCheckInternalComponentName } from '@firebase/app-check-interop-types'; +import { Auth, AuthErrorMap, AuthSettings, EmulatorConfig, NextOrObserver, Persistence, PopupRedirectResolver, User, CompleteFn, ErrorFn, Unsubscribe, PasswordValidationStatus } from '../../model/public_types'; +import { ErrorFactory } from '@firebase/util'; +import { AuthInternal, ConfigInternal } from '../../model/auth'; +import { PopupRedirectResolverInternal } from '../../model/popup_redirect'; +import { UserInternal } from '../../model/user'; +import { AuthErrorCode, AuthErrorParams } from '../errors'; +import { PersistenceInternal } from '../persistence'; +import { RecaptchaConfig } from '../../platform_browser/recaptcha/recaptcha'; +import { PasswordPolicyInternal } from '../../model/password_policy'; +export declare const enum DefaultConfig { + TOKEN_API_HOST = "securetoken.googleapis.com", + API_HOST = "identitytoolkit.googleapis.com", + API_SCHEME = "https" +} +export declare class AuthImpl implements AuthInternal, _FirebaseService { + readonly app: FirebaseApp; + private readonly heartbeatServiceProvider; + private readonly appCheckServiceProvider; + readonly config: ConfigInternal; + currentUser: User | null; + emulatorConfig: EmulatorConfig | null; + private operations; + private persistenceManager?; + private redirectPersistenceManager?; + private authStateSubscription; + private idTokenSubscription; + private readonly beforeStateQueue; + private redirectUser; + private isProactiveRefreshEnabled; + private readonly EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION; + _canInitEmulator: boolean; + _isInitialized: boolean; + _deleted: boolean; + _initializationPromise: Promise<void> | null; + _popupRedirectResolver: PopupRedirectResolverInternal | null; + _errorFactory: ErrorFactory<AuthErrorCode, AuthErrorParams>; + _agentRecaptchaConfig: RecaptchaConfig | null; + _tenantRecaptchaConfigs: Record<string, RecaptchaConfig>; + _projectPasswordPolicy: PasswordPolicyInternal | null; + _tenantPasswordPolicies: Record<string, PasswordPolicyInternal>; + _resolvePersistenceManagerAvailable: ((value: void | PromiseLike<void>) => void) | undefined; + _persistenceManagerAvailable: Promise<void>; + readonly name: string; + private lastNotifiedUid; + languageCode: string | null; + tenantId: string | null; + settings: AuthSettings; + constructor(app: FirebaseApp, heartbeatServiceProvider: Provider<'heartbeat'>, appCheckServiceProvider: Provider<AppCheckInternalComponentName>, config: ConfigInternal); + _initializeWithPersistence(persistenceHierarchy: PersistenceInternal[], popupRedirectResolver?: PopupRedirectResolver): Promise<void>; + /** + * If the persistence is changed in another window, the user manager will let us know + */ + _onStorageEvent(): Promise<void>; + private initializeCurrentUserFromIdToken; + private initializeCurrentUser; + private tryRedirectSignIn; + private reloadAndSetCurrentUserOrClear; + useDeviceLanguage(): void; + _delete(): Promise<void>; + updateCurrentUser(userExtern: User | null): Promise<void>; + _updateCurrentUser(user: User | null, skipBeforeStateCallbacks?: boolean): Promise<void>; + signOut(): Promise<void>; + setPersistence(persistence: Persistence): Promise<void>; + _getRecaptchaConfig(): RecaptchaConfig | null; + validatePassword(password: string): Promise<PasswordValidationStatus>; + _getPasswordPolicyInternal(): PasswordPolicyInternal | null; + _updatePasswordPolicy(): Promise<void>; + _getPersistenceType(): string; + _getPersistence(): PersistenceInternal; + _updateErrorMap(errorMap: AuthErrorMap): void; + onAuthStateChanged(nextOrObserver: NextOrObserver<User>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe; + beforeAuthStateChanged(callback: (user: User | null) => void | Promise<void>, onAbort?: () => void): Unsubscribe; + onIdTokenChanged(nextOrObserver: NextOrObserver<User>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe; + authStateReady(): Promise<void>; + /** + * Revokes the given access token. Currently only supports Apple OAuth access tokens. + */ + revokeAccessToken(token: string): Promise<void>; + toJSON(): object; + _setRedirectUser(user: UserInternal | null, popupRedirectResolver?: PopupRedirectResolver): Promise<void>; + private getOrInitRedirectPersistenceManager; + _redirectUserForId(id: string): Promise<UserInternal | null>; + _persistUserIfCurrent(user: UserInternal): Promise<void>; + /** Notifies listeners only if the user is current */ + _notifyListenersIfCurrent(user: UserInternal): void; + _key(): string; + _startProactiveRefresh(): void; + _stopProactiveRefresh(): void; + /** Returns the current user cast as the internal type */ + get _currentUser(): UserInternal; + private notifyAuthListeners; + private registerStateListener; + /** + * Unprotected (from race conditions) method to set the current user. This + * should only be called from within a queued callback. This is necessary + * because the queue shouldn't rely on another queued callback. + */ + private directlySetCurrentUser; + private queue; + private get assertedPersistence(); + private frameworks; + private clientVersion; + _logFramework(framework: string): void; + _getFrameworks(): readonly string[]; + _getAdditionalHeaders(): Promise<Record<string, string>>; + _getAppCheckToken(): Promise<string | undefined>; +} +/** + * Method to be used to cast down to our private implementation of Auth. + * It will also handle unwrapping from the compat type if necessary + * + * @param auth Auth object passed in from developer + */ +export declare function _castAuth(auth: Auth): AuthInternal; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/emulator.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/emulator.d.ts new file mode 100644 index 0000000..56dd81c --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/emulator.d.ts @@ -0,0 +1,42 @@ +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth } from '../../model/public_types'; +/** + * Changes the {@link Auth} instance to communicate with the Firebase Auth Emulator, instead of production + * Firebase Auth services. + * + * @remarks + * This must be called synchronously immediately following the first call to + * {@link initializeAuth}. Do not use with production credentials as emulator + * traffic is not encrypted. + * + * + * @example + * ```javascript + * connectAuthEmulator(auth, 'http://127.0.0.1:9099', { disableWarnings: true }); + * ``` + * + * @param auth - The {@link Auth} instance. + * @param url - The URL at which the emulator is running (eg, 'http://localhost:9099'). + * @param options - Optional. `options.disableWarnings` defaults to `false`. Set it to + * `true` to disable the warning banner attached to the DOM. + * + * @public + */ +export declare function connectAuthEmulator(auth: Auth, url: string, options?: { + disableWarnings: boolean; +}): void; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/firebase_internal.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/firebase_internal.d.ts new file mode 100644 index 0000000..9a68c98 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/firebase_internal.d.ts @@ -0,0 +1,35 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { FirebaseAuthInternal } from '@firebase/auth-interop-types'; +import { AuthInternal } from '../../model/auth'; +interface TokenListener { + (tok: string | null): unknown; +} +export declare class AuthInterop implements FirebaseAuthInternal { + private readonly auth; + private readonly internalListeners; + constructor(auth: AuthInternal); + getUid(): string | null; + getToken(forceRefresh?: boolean): Promise<{ + accessToken: string; + } | null>; + addAuthTokenListener(listener: TokenListener): void; + removeAuthTokenListener(listener: TokenListener): void; + private assertAuthConfigured; + private updateProactiveRefresh; +} +export {}; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/initialize.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/initialize.d.ts new file mode 100644 index 0000000..3dd0e1e --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/initialize.d.ts @@ -0,0 +1,46 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { FirebaseApp } from '@firebase/app'; +import { Auth, Dependencies } from '../../model/public_types'; +import { AuthImpl } from './auth_impl'; +/** + * Initializes an {@link Auth} instance with fine-grained control over + * {@link Dependencies}. + * + * @remarks + * + * This function allows more control over the {@link Auth} instance than + * {@link getAuth}. `getAuth` uses platform-specific defaults to supply + * the {@link Dependencies}. In general, `getAuth` is the easiest way to + * initialize Auth and works for most use cases. Use `initializeAuth` if you + * need control over which persistence layer is used, or to minimize bundle + * size if you're not using either `signInWithPopup` or `signInWithRedirect`. + * + * For example, if your app only uses anonymous accounts and you only want + * accounts saved for the current session, initialize `Auth` with: + * + * ```js + * const auth = initializeAuth(app, { + * persistence: browserSessionPersistence, + * popupRedirectResolver: undefined, + * }); + * ``` + * + * @public + */ +export declare function initializeAuth(app: FirebaseApp, deps?: Dependencies): Auth; +export declare function _initializeAuthInstance(auth: AuthImpl, deps?: Dependencies): void; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/middleware.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/middleware.d.ts new file mode 100644 index 0000000..74c4183 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/middleware.d.ts @@ -0,0 +1,25 @@ +/** + * @license + * Copyright 2022 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthInternal } from '../../model/auth'; +import { Unsubscribe, User } from '../../model/public_types'; +export declare class AuthMiddlewareQueue { + private readonly auth; + private readonly queue; + constructor(auth: AuthInternal); + pushCallback(callback: (user: User | null) => void | Promise<void>, onAbort?: () => void): Unsubscribe; + runMiddleware(nextUser: User | null): Promise<void>; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/password_policy_impl.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/password_policy_impl.d.ts new file mode 100644 index 0000000..45a8127 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/password_policy_impl.d.ts @@ -0,0 +1,59 @@ +/** + * @license + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { GetPasswordPolicyResponse } from '../../api/password_policy/get_password_policy'; +import { PasswordPolicyCustomStrengthOptions, PasswordPolicyInternal } from '../../model/password_policy'; +import { PasswordValidationStatus } from '../../model/public_types'; +/** + * Stores password policy requirements and provides password validation against the policy. + * + * @internal + */ +export declare class PasswordPolicyImpl implements PasswordPolicyInternal { + readonly customStrengthOptions: PasswordPolicyCustomStrengthOptions; + readonly allowedNonAlphanumericCharacters: string; + readonly enforcementState: string; + readonly forceUpgradeOnSignin: boolean; + readonly schemaVersion: number; + constructor(response: GetPasswordPolicyResponse); + validatePassword(password: string): PasswordValidationStatus; + /** + * Validates that the password meets the length options for the policy. + * + * @param password Password to validate. + * @param status Validation status. + */ + private validatePasswordLengthOptions; + /** + * Validates that the password meets the character options for the policy. + * + * @param password Password to validate. + * @param status Validation status. + */ + private validatePasswordCharacterOptions; + /** + * Updates the running validation status with the statuses for the character options. + * Expected to be called each time a character is processed to update each option status + * based on the current character. + * + * @param status Validation status. + * @param containsLowercaseCharacter Whether the character is a lowercase letter. + * @param containsUppercaseCharacter Whether the character is an uppercase letter. + * @param containsNumericCharacter Whether the character is a numeric character. + * @param containsNonAlphanumericCharacter Whether the character is a non-alphanumeric character. + */ + private updatePasswordCharacterOptionsStatuses; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/register.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/register.d.ts new file mode 100644 index 0000000..260c739 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/auth/register.d.ts @@ -0,0 +1,23 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { ClientPlatform } from '../util/version'; +export declare const enum _ComponentName { + AUTH = "auth", + AUTH_INTERNAL = "auth-internal" +} +/** @internal */ +export declare function registerAuth(clientPlatform: ClientPlatform): void; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/credentials/auth_credential.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/credentials/auth_credential.d.ts new file mode 100644 index 0000000..1287582 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/credentials/auth_credential.d.ts @@ -0,0 +1,75 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { PhoneOrOauthTokenResponse } from '../../api/authentication/mfa'; +import { AuthInternal } from '../../model/auth'; +import { IdTokenResponse } from '../../model/id_token'; +/** + * Interface that represents the credentials returned by an {@link AuthProvider}. + * + * @remarks + * Implementations specify the details about each auth provider's credential requirements. + * + * @public + */ +export declare class AuthCredential { + /** + * The authentication provider ID for the credential. + * + * @remarks + * For example, 'facebook.com', or 'google.com'. + */ + readonly providerId: string; + /** + * The authentication sign in method for the credential. + * + * @remarks + * For example, {@link SignInMethod}.EMAIL_PASSWORD, or + * {@link SignInMethod}.EMAIL_LINK. This corresponds to the sign-in method + * identifier as returned in {@link fetchSignInMethodsForEmail}. + */ + readonly signInMethod: string; + /** @internal */ + protected constructor( + /** + * The authentication provider ID for the credential. + * + * @remarks + * For example, 'facebook.com', or 'google.com'. + */ + providerId: string, + /** + * The authentication sign in method for the credential. + * + * @remarks + * For example, {@link SignInMethod}.EMAIL_PASSWORD, or + * {@link SignInMethod}.EMAIL_LINK. This corresponds to the sign-in method + * identifier as returned in {@link fetchSignInMethodsForEmail}. + */ + signInMethod: string); + /** + * Returns a JSON-serializable representation of this object. + * + * @returns a JSON-serializable representation of this object. + */ + toJSON(): object; + /** @internal */ + _getIdTokenResponse(_auth: AuthInternal): Promise<PhoneOrOauthTokenResponse>; + /** @internal */ + _linkToIdToken(_auth: AuthInternal, _idToken: string): Promise<IdTokenResponse>; + /** @internal */ + _getReauthenticationResolver(_auth: AuthInternal): Promise<IdTokenResponse>; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/credentials/email.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/credentials/email.d.ts new file mode 100644 index 0000000..0f44811 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/credentials/email.d.ts @@ -0,0 +1,60 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthInternal } from '../../model/auth'; +import { IdTokenResponse } from '../../model/id_token'; +import { AuthCredential } from './auth_credential'; +/** + * Interface that represents the credentials returned by {@link EmailAuthProvider} for + * {@link ProviderId}.PASSWORD + * + * @remarks + * Covers both {@link SignInMethod}.EMAIL_PASSWORD and + * {@link SignInMethod}.EMAIL_LINK. + * + * @public + */ +export declare class EmailAuthCredential extends AuthCredential { + /** @internal */ + readonly _email: string; + /** @internal */ + readonly _password: string; + /** @internal */ + readonly _tenantId: string | null; + /** @internal */ + private constructor(); + /** @internal */ + static _fromEmailAndPassword(email: string, password: string): EmailAuthCredential; + /** @internal */ + static _fromEmailAndCode(email: string, oobCode: string, tenantId?: string | null): EmailAuthCredential; + /** {@inheritdoc AuthCredential.toJSON} */ + toJSON(): object; + /** + * Static method to deserialize a JSON representation of an object into an {@link AuthCredential}. + * + * @param json - Either `object` or the stringified representation of the object. When string is + * provided, `JSON.parse` would be called first. + * + * @returns If the JSON input does not represent an {@link AuthCredential}, null is returned. + */ + static fromJSON(json: object | string): EmailAuthCredential | null; + /** @internal */ + _getIdTokenResponse(auth: AuthInternal): Promise<IdTokenResponse>; + /** @internal */ + _linkToIdToken(auth: AuthInternal, idToken: string): Promise<IdTokenResponse>; + /** @internal */ + _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse>; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/credentials/index.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/credentials/index.d.ts new file mode 100644 index 0000000..475dee6 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/credentials/index.d.ts @@ -0,0 +1,23 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * This file is required due to the circular dependency from the parent class to its children + */ +export { AuthCredential } from './auth_credential'; +export { EmailAuthCredential } from './email'; +export { OAuthCredential } from './oauth'; +export { PhoneAuthCredential as PhoneAuthCredential } from './phone'; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/credentials/oauth.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/credentials/oauth.d.ts new file mode 100644 index 0000000..96a1928 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/credentials/oauth.d.ts @@ -0,0 +1,81 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthInternal } from '../../model/auth'; +import { IdTokenResponse } from '../../model/id_token'; +import { AuthCredential } from './auth_credential'; +export interface OAuthCredentialParams { + idToken?: string | null; + accessToken?: string | null; + oauthToken?: string; + secret?: string; + oauthTokenSecret?: string; + nonce?: string; + pendingToken?: string; + providerId: string; + signInMethod: string; +} +/** + * Represents the OAuth credentials returned by an {@link OAuthProvider}. + * + * @remarks + * Implementations specify the details about each auth provider's credential requirements. + * + * @public + */ +export declare class OAuthCredential extends AuthCredential { + /** + * The OAuth ID token associated with the credential if it belongs to an OIDC provider, + * such as `google.com`. + * @readonly + */ + idToken?: string; + /** + * The OAuth access token associated with the credential if it belongs to an + * {@link OAuthProvider}, such as `facebook.com`, `twitter.com`, etc. + * @readonly + */ + accessToken?: string; + /** + * The OAuth access token secret associated with the credential if it belongs to an OAuth 1.0 + * provider, such as `twitter.com`. + * @readonly + */ + secret?: string; + private nonce?; + private pendingToken; + /** @internal */ + static _fromParams(params: OAuthCredentialParams): OAuthCredential; + /** {@inheritdoc AuthCredential.toJSON} */ + toJSON(): object; + /** + * Static method to deserialize a JSON representation of an object into an + * {@link AuthCredential}. + * + * @param json - Input can be either Object or the stringified representation of the object. + * When string is provided, JSON.parse would be called first. + * + * @returns If the JSON input does not represent an {@link AuthCredential}, null is returned. + */ + static fromJSON(json: string | object): OAuthCredential | null; + /** @internal */ + _getIdTokenResponse(auth: AuthInternal): Promise<IdTokenResponse>; + /** @internal */ + _linkToIdToken(auth: AuthInternal, idToken: string): Promise<IdTokenResponse>; + /** @internal */ + _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse>; + private buildRequest; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/credentials/phone.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/credentials/phone.d.ts new file mode 100644 index 0000000..1924744 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/credentials/phone.d.ts @@ -0,0 +1,52 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { PhoneOrOauthTokenResponse } from '../../api/authentication/mfa'; +import { SignInWithPhoneNumberRequest } from '../../api/authentication/sms'; +import { AuthInternal } from '../../model/auth'; +import { IdTokenResponse } from '../../model/id_token'; +import { AuthCredential } from './auth_credential'; +export interface PhoneAuthCredentialParameters { + verificationId?: string; + verificationCode?: string; + phoneNumber?: string; + temporaryProof?: string; +} +/** + * Represents the credentials returned by {@link PhoneAuthProvider}. + * + * @public + */ +export declare class PhoneAuthCredential extends AuthCredential { + private readonly params; + private constructor(); + /** @internal */ + static _fromVerification(verificationId: string, verificationCode: string): PhoneAuthCredential; + /** @internal */ + static _fromTokenResponse(phoneNumber: string, temporaryProof: string): PhoneAuthCredential; + /** @internal */ + _getIdTokenResponse(auth: AuthInternal): Promise<PhoneOrOauthTokenResponse>; + /** @internal */ + _linkToIdToken(auth: AuthInternal, idToken: string): Promise<IdTokenResponse>; + /** @internal */ + _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse>; + /** @internal */ + _makeVerificationRequest(): SignInWithPhoneNumberRequest; + /** {@inheritdoc AuthCredential.toJSON} */ + toJSON(): object; + /** Generates a phone credential based on a plain object or a JSON string. */ + static fromJSON(json: object | string): PhoneAuthCredential | null; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/credentials/saml.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/credentials/saml.d.ts new file mode 100644 index 0000000..54fea84 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/credentials/saml.d.ts @@ -0,0 +1,52 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthInternal } from '../../model/auth'; +import { IdTokenResponse } from '../../model/id_token'; +import { AuthCredential } from './auth_credential'; +/** + * @public + */ +export declare class SAMLAuthCredential extends AuthCredential { + private readonly pendingToken; + /** @internal */ + private constructor(); + /** @internal */ + _getIdTokenResponse(auth: AuthInternal): Promise<IdTokenResponse>; + /** @internal */ + _linkToIdToken(auth: AuthInternal, idToken: string): Promise<IdTokenResponse>; + /** @internal */ + _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse>; + /** {@inheritdoc AuthCredential.toJSON} */ + toJSON(): object; + /** + * Static method to deserialize a JSON representation of an object into an + * {@link AuthCredential}. + * + * @param json - Input can be either Object or the stringified representation of the object. + * When string is provided, JSON.parse would be called first. + * + * @returns If the JSON input does not represent an {@link AuthCredential}, null is returned. + */ + static fromJSON(json: string | object): SAMLAuthCredential | null; + /** + * Helper static method to avoid exposing the constructor to end users. + * + * @internal + */ + static _create(providerId: string, pendingToken: string): SAMLAuthCredential; + private buildRequest; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/errors.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/errors.d.ts new file mode 100644 index 0000000..3d81b3a --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/errors.d.ts @@ -0,0 +1,328 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthErrorMap, User } from '../model/public_types'; +import { ErrorFactory, ErrorMap } from '@firebase/util'; +import { IdTokenMfaResponse } from '../api/authentication/mfa'; +import { AppName } from '../model/auth'; +import { AuthCredential } from './credentials'; +/** + * Enumeration of Firebase Auth error codes. + * + * @internal + */ +export declare const enum AuthErrorCode { + ADMIN_ONLY_OPERATION = "admin-restricted-operation", + ARGUMENT_ERROR = "argument-error", + APP_NOT_AUTHORIZED = "app-not-authorized", + APP_NOT_INSTALLED = "app-not-installed", + CAPTCHA_CHECK_FAILED = "captcha-check-failed", + CODE_EXPIRED = "code-expired", + CORDOVA_NOT_READY = "cordova-not-ready", + CORS_UNSUPPORTED = "cors-unsupported", + CREDENTIAL_ALREADY_IN_USE = "credential-already-in-use", + CREDENTIAL_MISMATCH = "custom-token-mismatch", + CREDENTIAL_TOO_OLD_LOGIN_AGAIN = "requires-recent-login", + DEPENDENT_SDK_INIT_BEFORE_AUTH = "dependent-sdk-initialized-before-auth", + DYNAMIC_LINK_NOT_ACTIVATED = "dynamic-link-not-activated", + EMAIL_CHANGE_NEEDS_VERIFICATION = "email-change-needs-verification", + EMAIL_EXISTS = "email-already-in-use", + EMULATOR_CONFIG_FAILED = "emulator-config-failed", + EXPIRED_OOB_CODE = "expired-action-code", + EXPIRED_POPUP_REQUEST = "cancelled-popup-request", + INTERNAL_ERROR = "internal-error", + INVALID_API_KEY = "invalid-api-key", + INVALID_APP_CREDENTIAL = "invalid-app-credential", + INVALID_APP_ID = "invalid-app-id", + INVALID_AUTH = "invalid-user-token", + INVALID_AUTH_EVENT = "invalid-auth-event", + INVALID_CERT_HASH = "invalid-cert-hash", + INVALID_CODE = "invalid-verification-code", + INVALID_CONTINUE_URI = "invalid-continue-uri", + INVALID_CORDOVA_CONFIGURATION = "invalid-cordova-configuration", + INVALID_CUSTOM_TOKEN = "invalid-custom-token", + INVALID_DYNAMIC_LINK_DOMAIN = "invalid-dynamic-link-domain", + INVALID_EMAIL = "invalid-email", + INVALID_EMULATOR_SCHEME = "invalid-emulator-scheme", + INVALID_CREDENTIAL = "invalid-credential", + INVALID_MESSAGE_PAYLOAD = "invalid-message-payload", + INVALID_MFA_SESSION = "invalid-multi-factor-session", + INVALID_OAUTH_CLIENT_ID = "invalid-oauth-client-id", + INVALID_OAUTH_PROVIDER = "invalid-oauth-provider", + INVALID_OOB_CODE = "invalid-action-code", + INVALID_ORIGIN = "unauthorized-domain", + INVALID_PASSWORD = "wrong-password", + INVALID_PERSISTENCE = "invalid-persistence-type", + INVALID_PHONE_NUMBER = "invalid-phone-number", + INVALID_PROVIDER_ID = "invalid-provider-id", + INVALID_RECIPIENT_EMAIL = "invalid-recipient-email", + INVALID_SENDER = "invalid-sender", + INVALID_SESSION_INFO = "invalid-verification-id", + INVALID_TENANT_ID = "invalid-tenant-id", + LOGIN_BLOCKED = "login-blocked", + MFA_INFO_NOT_FOUND = "multi-factor-info-not-found", + MFA_REQUIRED = "multi-factor-auth-required", + MISSING_ANDROID_PACKAGE_NAME = "missing-android-pkg-name", + MISSING_APP_CREDENTIAL = "missing-app-credential", + MISSING_AUTH_DOMAIN = "auth-domain-config-required", + MISSING_CODE = "missing-verification-code", + MISSING_CONTINUE_URI = "missing-continue-uri", + MISSING_IFRAME_START = "missing-iframe-start", + MISSING_IOS_BUNDLE_ID = "missing-ios-bundle-id", + MISSING_OR_INVALID_NONCE = "missing-or-invalid-nonce", + MISSING_MFA_INFO = "missing-multi-factor-info", + MISSING_MFA_SESSION = "missing-multi-factor-session", + MISSING_PHONE_NUMBER = "missing-phone-number", + MISSING_PASSWORD = "missing-password", + MISSING_SESSION_INFO = "missing-verification-id", + MODULE_DESTROYED = "app-deleted", + NEED_CONFIRMATION = "account-exists-with-different-credential", + NETWORK_REQUEST_FAILED = "network-request-failed", + NULL_USER = "null-user", + NO_AUTH_EVENT = "no-auth-event", + NO_SUCH_PROVIDER = "no-such-provider", + OPERATION_NOT_ALLOWED = "operation-not-allowed", + OPERATION_NOT_SUPPORTED = "operation-not-supported-in-this-environment", + POPUP_BLOCKED = "popup-blocked", + POPUP_CLOSED_BY_USER = "popup-closed-by-user", + PROVIDER_ALREADY_LINKED = "provider-already-linked", + QUOTA_EXCEEDED = "quota-exceeded", + REDIRECT_CANCELLED_BY_USER = "redirect-cancelled-by-user", + REDIRECT_OPERATION_PENDING = "redirect-operation-pending", + REJECTED_CREDENTIAL = "rejected-credential", + SECOND_FACTOR_ALREADY_ENROLLED = "second-factor-already-in-use", + SECOND_FACTOR_LIMIT_EXCEEDED = "maximum-second-factor-count-exceeded", + TENANT_ID_MISMATCH = "tenant-id-mismatch", + TIMEOUT = "timeout", + TOKEN_EXPIRED = "user-token-expired", + TOO_MANY_ATTEMPTS_TRY_LATER = "too-many-requests", + UNAUTHORIZED_DOMAIN = "unauthorized-continue-uri", + UNSUPPORTED_FIRST_FACTOR = "unsupported-first-factor", + UNSUPPORTED_PERSISTENCE = "unsupported-persistence-type", + UNSUPPORTED_TENANT_OPERATION = "unsupported-tenant-operation", + UNVERIFIED_EMAIL = "unverified-email", + USER_CANCELLED = "user-cancelled", + USER_DELETED = "user-not-found", + USER_DISABLED = "user-disabled", + USER_MISMATCH = "user-mismatch", + USER_SIGNED_OUT = "user-signed-out", + WEAK_PASSWORD = "weak-password", + WEB_STORAGE_UNSUPPORTED = "web-storage-unsupported", + ALREADY_INITIALIZED = "already-initialized", + RECAPTCHA_NOT_ENABLED = "recaptcha-not-enabled", + MISSING_RECAPTCHA_TOKEN = "missing-recaptcha-token", + INVALID_RECAPTCHA_TOKEN = "invalid-recaptcha-token", + INVALID_RECAPTCHA_ACTION = "invalid-recaptcha-action", + MISSING_CLIENT_TYPE = "missing-client-type", + MISSING_RECAPTCHA_VERSION = "missing-recaptcha-version", + INVALID_RECAPTCHA_VERSION = "invalid-recaptcha-version", + INVALID_REQ_TYPE = "invalid-req-type", + UNSUPPORTED_PASSWORD_POLICY_SCHEMA_VERSION = "unsupported-password-policy-schema-version", + PASSWORD_DOES_NOT_MEET_REQUIREMENTS = "password-does-not-meet-requirements", + INVALID_HOSTING_LINK_DOMAIN = "invalid-hosting-link-domain" +} +export interface ErrorMapRetriever extends AuthErrorMap { + (): ErrorMap<AuthErrorCode>; +} +/** + * A verbose error map with detailed descriptions for most error codes. + * + * See discussion at {@link AuthErrorMap} + * + * @public + */ +export declare const debugErrorMap: AuthErrorMap; +/** + * A minimal error map with all verbose error messages stripped. + * + * See discussion at {@link AuthErrorMap} + * + * @public + */ +export declare const prodErrorMap: AuthErrorMap; +export interface NamedErrorParams { + appName: AppName; + credential?: AuthCredential; + email?: string; + phoneNumber?: string; + tenantId?: string; + user?: User; + _serverResponse?: object; +} +/** + * @internal + */ +type GenericAuthErrorParams = { + [key in Exclude<AuthErrorCode, AuthErrorCode.ARGUMENT_ERROR | AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH | AuthErrorCode.INTERNAL_ERROR | AuthErrorCode.MFA_REQUIRED | AuthErrorCode.NO_AUTH_EVENT | AuthErrorCode.OPERATION_NOT_SUPPORTED>]: { + appName?: AppName; + email?: string; + phoneNumber?: string; + message?: string; + }; +}; +/** + * @internal + */ +export interface AuthErrorParams extends GenericAuthErrorParams { + [AuthErrorCode.ARGUMENT_ERROR]: { + appName?: AppName; + }; + [AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH]: { + appName?: AppName; + }; + [AuthErrorCode.INTERNAL_ERROR]: { + appName?: AppName; + }; + [AuthErrorCode.LOGIN_BLOCKED]: { + appName?: AppName; + originalMessage?: string; + }; + [AuthErrorCode.OPERATION_NOT_SUPPORTED]: { + appName?: AppName; + }; + [AuthErrorCode.NO_AUTH_EVENT]: { + appName?: AppName; + }; + [AuthErrorCode.MFA_REQUIRED]: { + appName: AppName; + _serverResponse: IdTokenMfaResponse; + }; + [AuthErrorCode.INVALID_CORDOVA_CONFIGURATION]: { + appName: AppName; + missingPlugin?: string; + }; +} +export declare const _DEFAULT_AUTH_ERROR_FACTORY: ErrorFactory<AuthErrorCode, AuthErrorParams>; +/** + * A map of potential `Auth` error codes, for easier comparison with errors + * thrown by the SDK. + * + * @remarks + * Note that you can't tree-shake individual keys + * in the map, so by using the map you might substantially increase your + * bundle size. + * + * @public + */ +export declare const AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY: { + readonly ADMIN_ONLY_OPERATION: "auth/admin-restricted-operation"; + readonly ARGUMENT_ERROR: "auth/argument-error"; + readonly APP_NOT_AUTHORIZED: "auth/app-not-authorized"; + readonly APP_NOT_INSTALLED: "auth/app-not-installed"; + readonly CAPTCHA_CHECK_FAILED: "auth/captcha-check-failed"; + readonly CODE_EXPIRED: "auth/code-expired"; + readonly CORDOVA_NOT_READY: "auth/cordova-not-ready"; + readonly CORS_UNSUPPORTED: "auth/cors-unsupported"; + readonly CREDENTIAL_ALREADY_IN_USE: "auth/credential-already-in-use"; + readonly CREDENTIAL_MISMATCH: "auth/custom-token-mismatch"; + readonly CREDENTIAL_TOO_OLD_LOGIN_AGAIN: "auth/requires-recent-login"; + readonly DEPENDENT_SDK_INIT_BEFORE_AUTH: "auth/dependent-sdk-initialized-before-auth"; + readonly DYNAMIC_LINK_NOT_ACTIVATED: "auth/dynamic-link-not-activated"; + readonly EMAIL_CHANGE_NEEDS_VERIFICATION: "auth/email-change-needs-verification"; + readonly EMAIL_EXISTS: "auth/email-already-in-use"; + readonly EMULATOR_CONFIG_FAILED: "auth/emulator-config-failed"; + readonly EXPIRED_OOB_CODE: "auth/expired-action-code"; + readonly EXPIRED_POPUP_REQUEST: "auth/cancelled-popup-request"; + readonly INTERNAL_ERROR: "auth/internal-error"; + readonly INVALID_API_KEY: "auth/invalid-api-key"; + readonly INVALID_APP_CREDENTIAL: "auth/invalid-app-credential"; + readonly INVALID_APP_ID: "auth/invalid-app-id"; + readonly INVALID_AUTH: "auth/invalid-user-token"; + readonly INVALID_AUTH_EVENT: "auth/invalid-auth-event"; + readonly INVALID_CERT_HASH: "auth/invalid-cert-hash"; + readonly INVALID_CODE: "auth/invalid-verification-code"; + readonly INVALID_CONTINUE_URI: "auth/invalid-continue-uri"; + readonly INVALID_CORDOVA_CONFIGURATION: "auth/invalid-cordova-configuration"; + readonly INVALID_CUSTOM_TOKEN: "auth/invalid-custom-token"; + readonly INVALID_DYNAMIC_LINK_DOMAIN: "auth/invalid-dynamic-link-domain"; + readonly INVALID_EMAIL: "auth/invalid-email"; + readonly INVALID_EMULATOR_SCHEME: "auth/invalid-emulator-scheme"; + readonly INVALID_IDP_RESPONSE: "auth/invalid-credential"; + readonly INVALID_LOGIN_CREDENTIALS: "auth/invalid-credential"; + readonly INVALID_MESSAGE_PAYLOAD: "auth/invalid-message-payload"; + readonly INVALID_MFA_SESSION: "auth/invalid-multi-factor-session"; + readonly INVALID_OAUTH_CLIENT_ID: "auth/invalid-oauth-client-id"; + readonly INVALID_OAUTH_PROVIDER: "auth/invalid-oauth-provider"; + readonly INVALID_OOB_CODE: "auth/invalid-action-code"; + readonly INVALID_ORIGIN: "auth/unauthorized-domain"; + readonly INVALID_PASSWORD: "auth/wrong-password"; + readonly INVALID_PERSISTENCE: "auth/invalid-persistence-type"; + readonly INVALID_PHONE_NUMBER: "auth/invalid-phone-number"; + readonly INVALID_PROVIDER_ID: "auth/invalid-provider-id"; + readonly INVALID_RECIPIENT_EMAIL: "auth/invalid-recipient-email"; + readonly INVALID_SENDER: "auth/invalid-sender"; + readonly INVALID_SESSION_INFO: "auth/invalid-verification-id"; + readonly INVALID_TENANT_ID: "auth/invalid-tenant-id"; + readonly MFA_INFO_NOT_FOUND: "auth/multi-factor-info-not-found"; + readonly MFA_REQUIRED: "auth/multi-factor-auth-required"; + readonly MISSING_ANDROID_PACKAGE_NAME: "auth/missing-android-pkg-name"; + readonly MISSING_APP_CREDENTIAL: "auth/missing-app-credential"; + readonly MISSING_AUTH_DOMAIN: "auth/auth-domain-config-required"; + readonly MISSING_CODE: "auth/missing-verification-code"; + readonly MISSING_CONTINUE_URI: "auth/missing-continue-uri"; + readonly MISSING_IFRAME_START: "auth/missing-iframe-start"; + readonly MISSING_IOS_BUNDLE_ID: "auth/missing-ios-bundle-id"; + readonly MISSING_OR_INVALID_NONCE: "auth/missing-or-invalid-nonce"; + readonly MISSING_MFA_INFO: "auth/missing-multi-factor-info"; + readonly MISSING_MFA_SESSION: "auth/missing-multi-factor-session"; + readonly MISSING_PHONE_NUMBER: "auth/missing-phone-number"; + readonly MISSING_PASSWORD: "auth/missing-password"; + readonly MISSING_SESSION_INFO: "auth/missing-verification-id"; + readonly MODULE_DESTROYED: "auth/app-deleted"; + readonly NEED_CONFIRMATION: "auth/account-exists-with-different-credential"; + readonly NETWORK_REQUEST_FAILED: "auth/network-request-failed"; + readonly NULL_USER: "auth/null-user"; + readonly NO_AUTH_EVENT: "auth/no-auth-event"; + readonly NO_SUCH_PROVIDER: "auth/no-such-provider"; + readonly OPERATION_NOT_ALLOWED: "auth/operation-not-allowed"; + readonly OPERATION_NOT_SUPPORTED: "auth/operation-not-supported-in-this-environment"; + readonly POPUP_BLOCKED: "auth/popup-blocked"; + readonly POPUP_CLOSED_BY_USER: "auth/popup-closed-by-user"; + readonly PROVIDER_ALREADY_LINKED: "auth/provider-already-linked"; + readonly QUOTA_EXCEEDED: "auth/quota-exceeded"; + readonly REDIRECT_CANCELLED_BY_USER: "auth/redirect-cancelled-by-user"; + readonly REDIRECT_OPERATION_PENDING: "auth/redirect-operation-pending"; + readonly REJECTED_CREDENTIAL: "auth/rejected-credential"; + readonly SECOND_FACTOR_ALREADY_ENROLLED: "auth/second-factor-already-in-use"; + readonly SECOND_FACTOR_LIMIT_EXCEEDED: "auth/maximum-second-factor-count-exceeded"; + readonly TENANT_ID_MISMATCH: "auth/tenant-id-mismatch"; + readonly TIMEOUT: "auth/timeout"; + readonly TOKEN_EXPIRED: "auth/user-token-expired"; + readonly TOO_MANY_ATTEMPTS_TRY_LATER: "auth/too-many-requests"; + readonly UNAUTHORIZED_DOMAIN: "auth/unauthorized-continue-uri"; + readonly UNSUPPORTED_FIRST_FACTOR: "auth/unsupported-first-factor"; + readonly UNSUPPORTED_PERSISTENCE: "auth/unsupported-persistence-type"; + readonly UNSUPPORTED_TENANT_OPERATION: "auth/unsupported-tenant-operation"; + readonly UNVERIFIED_EMAIL: "auth/unverified-email"; + readonly USER_CANCELLED: "auth/user-cancelled"; + readonly USER_DELETED: "auth/user-not-found"; + readonly USER_DISABLED: "auth/user-disabled"; + readonly USER_MISMATCH: "auth/user-mismatch"; + readonly USER_SIGNED_OUT: "auth/user-signed-out"; + readonly WEAK_PASSWORD: "auth/weak-password"; + readonly WEB_STORAGE_UNSUPPORTED: "auth/web-storage-unsupported"; + readonly ALREADY_INITIALIZED: "auth/already-initialized"; + readonly RECAPTCHA_NOT_ENABLED: "auth/recaptcha-not-enabled"; + readonly MISSING_RECAPTCHA_TOKEN: "auth/missing-recaptcha-token"; + readonly INVALID_RECAPTCHA_TOKEN: "auth/invalid-recaptcha-token"; + readonly INVALID_RECAPTCHA_ACTION: "auth/invalid-recaptcha-action"; + readonly MISSING_CLIENT_TYPE: "auth/missing-client-type"; + readonly MISSING_RECAPTCHA_VERSION: "auth/missing-recaptcha-version"; + readonly INVALID_RECAPTCHA_VERSION: "auth/invalid-recaptcha-version"; + readonly INVALID_REQ_TYPE: "auth/invalid-req-type"; + readonly INVALID_HOSTING_LINK_DOMAIN: "auth/invalid-hosting-link-domain"; +}; +export {}; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/index.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/index.d.ts new file mode 100644 index 0000000..8829292 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/index.d.ts @@ -0,0 +1,230 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth, NextOrObserver, Persistence, User, CompleteFn, ErrorFn, Unsubscribe, PasswordValidationStatus } from '../model/public_types'; +export { debugErrorMap, prodErrorMap, AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as AuthErrorCodes } from './errors'; +/** + * Changes the type of persistence on the {@link Auth} instance for the currently saved + * `Auth` session and applies this type of persistence for future sign-in requests, including + * sign-in with redirect requests. + * + * @remarks + * This makes it easy for a user signing in to specify whether their session should be + * remembered or not. It also makes it easier to never persist the `Auth` state for applications + * that are shared by other users or have sensitive data. + * + * This method does not work in a Node.js environment or with {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * @example + * ```javascript + * setPersistence(auth, browserSessionPersistence); + * ``` + * + * @param auth - The {@link Auth} instance. + * @param persistence - The {@link Persistence} to use. + * @returns A `Promise` that resolves once the persistence change has completed + * + * @public + */ +export declare function setPersistence(auth: Auth, persistence: Persistence): Promise<void>; +/** + * Loads the reCAPTCHA configuration into the `Auth` instance. + * + * @remarks + * This will load the reCAPTCHA config, which indicates whether the reCAPTCHA + * verification flow should be triggered for each auth provider, into the + * current Auth session. + * + * If initializeRecaptchaConfig() is not invoked, the auth flow will always start + * without reCAPTCHA verification. If the provider is configured to require reCAPTCHA + * verification, the SDK will transparently load the reCAPTCHA config and restart the + * auth flows. + * + * Thus, by calling this optional method, you will reduce the latency of future auth flows. + * Loading the reCAPTCHA config early will also enhance the signal collected by reCAPTCHA. + * + * This method does not work in a Node.js environment. + * + * @example + * ```javascript + * initializeRecaptchaConfig(auth); + * ``` + * + * @param auth - The {@link Auth} instance. + * + * @public + */ +export declare function initializeRecaptchaConfig(auth: Auth): Promise<void>; +/** + * Validates the password against the password policy configured for the project or tenant. + * + * @remarks + * If no tenant ID is set on the `Auth` instance, then this method will use the password + * policy configured for the project. Otherwise, this method will use the policy configured + * for the tenant. If a password policy has not been configured, then the default policy + * configured for all projects will be used. + * + * If an auth flow fails because a submitted password does not meet the password policy + * requirements and this method has previously been called, then this method will use the + * most recent policy available when called again. + * + * @example + * ```javascript + * validatePassword(auth, 'some-password'); + * ``` + * + * @param auth The {@link Auth} instance. + * @param password The password to validate. + * + * @public + */ +export declare function validatePassword(auth: Auth, password: string): Promise<PasswordValidationStatus>; +/** + * Adds an observer for changes to the signed-in user's ID token. + * + * @remarks + * This includes sign-in, sign-out, and token refresh events. + * This will not be triggered automatically upon ID token expiration. Use {@link User.getIdToken} to refresh the ID token. + * + * @param auth - The {@link Auth} instance. + * @param nextOrObserver - callback triggered on change. + * @param error - Deprecated. This callback is never triggered. Errors + * on signing in/out can be caught in promises returned from + * sign-in/sign-out functions. + * @param completed - Deprecated. This callback is never triggered. + * + * @public + */ +export declare function onIdTokenChanged(auth: Auth, nextOrObserver: NextOrObserver<User>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe; +/** + * Adds a blocking callback that runs before an auth state change + * sets a new user. + * + * @param auth - The {@link Auth} instance. + * @param callback - callback triggered before new user value is set. + * If this throws, it blocks the user from being set. + * @param onAbort - callback triggered if a later `beforeAuthStateChanged()` + * callback throws, allowing you to undo any side effects. + */ +export declare function beforeAuthStateChanged(auth: Auth, callback: (user: User | null) => void | Promise<void>, onAbort?: () => void): Unsubscribe; +/** + * Adds an observer for changes to the user's sign-in state. + * + * @remarks + * To keep the old behavior, see {@link onIdTokenChanged}. + * + * @param auth - The {@link Auth} instance. + * @param nextOrObserver - callback triggered on change. + * @param error - Deprecated. This callback is never triggered. Errors + * on signing in/out can be caught in promises returned from + * sign-in/sign-out functions. + * @param completed - Deprecated. This callback is never triggered. + * + * @public + */ +export declare function onAuthStateChanged(auth: Auth, nextOrObserver: NextOrObserver<User>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe; +/** + * Sets the current language to the default device/browser preference. + * + * @param auth - The {@link Auth} instance. + * + * @public + */ +export declare function useDeviceLanguage(auth: Auth): void; +/** + * Asynchronously sets the provided user as {@link Auth.currentUser} on the + * {@link Auth} instance. + * + * @remarks + * A new instance copy of the user provided will be made and set as currentUser. + * + * This will trigger {@link onAuthStateChanged} and {@link onIdTokenChanged} listeners + * like other sign in methods. + * + * The operation fails with an error if the user to be updated belongs to a different Firebase + * project. + * + * This method is not supported by {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * @param auth - The {@link Auth} instance. + * @param user - The new {@link User}. + * + * @public + */ +export declare function updateCurrentUser(auth: Auth, user: User | null): Promise<void>; +/** + * Signs out the current user. + * + * @remarks + * This method is not supported by {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * @param auth - The {@link Auth} instance. + * + * @public + */ +export declare function signOut(auth: Auth): Promise<void>; +/** + * Revokes the given access token. Currently only supports Apple OAuth access tokens. + * + * @param auth - The {@link Auth} instance. + * @param token - The Apple OAuth access token. + * + * @public + */ +export declare function revokeAccessToken(auth: Auth, token: string): Promise<void>; +export { initializeAuth } from './auth/initialize'; +export { connectAuthEmulator } from './auth/emulator'; +export { AuthCredential } from './credentials'; +export { EmailAuthCredential } from './credentials/email'; +export { OAuthCredential } from './credentials/oauth'; +export { PhoneAuthCredential } from './credentials/phone'; +export { inMemoryPersistence } from './persistence/in_memory'; +export { EmailAuthProvider } from './providers/email'; +export { FacebookAuthProvider } from './providers/facebook'; +export { CustomParameters } from './providers/federated'; +export { GoogleAuthProvider } from './providers/google'; +export { GithubAuthProvider } from './providers/github'; +export { OAuthProvider, OAuthCredentialOptions } from './providers/oauth'; +export { SAMLAuthProvider } from './providers/saml'; +export { TwitterAuthProvider } from './providers/twitter'; +export { signInAnonymously } from './strategies/anonymous'; +export { signInWithCredential, linkWithCredential, reauthenticateWithCredential } from './strategies/credential'; +export { signInWithCustomToken } from './strategies/custom_token'; +export { sendPasswordResetEmail, confirmPasswordReset, applyActionCode, checkActionCode, verifyPasswordResetCode, createUserWithEmailAndPassword, signInWithEmailAndPassword } from './strategies/email_and_password'; +export { sendSignInLinkToEmail, isSignInWithEmailLink, signInWithEmailLink } from './strategies/email_link'; +export { fetchSignInMethodsForEmail, sendEmailVerification, verifyBeforeUpdateEmail } from './strategies/email'; +export { ActionCodeURL, parseActionCodeURL } from './action_code_url'; +export { updateProfile, updateEmail, updatePassword } from './user/account_info'; +export { getIdToken, getIdTokenResult } from './user/id_token_result'; +export { unlink } from './user/link_unlink'; +export { getAdditionalUserInfo } from './user/additional_user_info'; +export { reload } from './user/reload'; +/** + * Deletes and signs out the user. + * + * @remarks + * Important: this is a security-sensitive operation that requires the user to have recently + * signed in. If this requirement isn't met, ask the user to authenticate again and then call + * {@link reauthenticateWithCredential}. + * + * @param user - The user. + * + * @public + */ +export declare function deleteUser(user: User): Promise<void>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/persistence/in_memory.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/persistence/in_memory.d.ts new file mode 100644 index 0000000..60278cd --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/persistence/in_memory.d.ts @@ -0,0 +1,35 @@ +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Persistence } from '../../model/public_types'; +import { PersistenceInternal, PersistenceType, PersistenceValue, StorageEventListener } from '../persistence'; +export declare class InMemoryPersistence implements PersistenceInternal { + static type: 'NONE'; + readonly type = PersistenceType.NONE; + storage: Record<string, PersistenceValue>; + _isAvailable(): Promise<boolean>; + _set(key: string, value: PersistenceValue): Promise<void>; + _get<T extends PersistenceValue>(key: string): Promise<T | null>; + _remove(key: string): Promise<void>; + _addListener(_key: string, _listener: StorageEventListener): void; + _removeListener(_key: string, _listener: StorageEventListener): void; +} +/** + * An implementation of {@link Persistence} of type 'NONE'. + * + * @public + */ +export declare const inMemoryPersistence: Persistence; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/persistence/index.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/persistence/index.d.ts new file mode 100644 index 0000000..4460f02 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/persistence/index.d.ts @@ -0,0 +1,42 @@ +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Persistence } from '../../model/public_types'; +export declare const enum PersistenceType { + SESSION = "SESSION", + LOCAL = "LOCAL", + NONE = "NONE", + COOKIE = "COOKIE" +} +export type PersistedBlob = Record<string, unknown>; +export interface Instantiator<T> { + (blob: PersistedBlob): T; +} +export type PersistenceValue = PersistedBlob | string; +export declare const STORAGE_AVAILABLE_KEY = "__sak"; +export interface StorageEventListener { + (value: PersistenceValue | null): void; +} +export interface PersistenceInternal extends Persistence { + type: PersistenceType; + _isAvailable(): Promise<boolean>; + _set(key: string, value: PersistenceValue): Promise<void>; + _get<T extends PersistenceValue>(key: string): Promise<T | null>; + _remove(key: string): Promise<void>; + _addListener(key: string, listener: StorageEventListener): void; + _removeListener(key: string, listener: StorageEventListener): void; + _shouldAllowMigration?: boolean; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/persistence/persistence_user_manager.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/persistence/persistence_user_manager.d.ts new file mode 100644 index 0000000..7aca0d8 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/persistence/persistence_user_manager.d.ts @@ -0,0 +1,45 @@ +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { ApiKey, AppName, AuthInternal } from '../../model/auth'; +import { UserInternal } from '../../model/user'; +import { PersistenceInternal } from '../persistence'; +export declare const enum KeyName { + AUTH_USER = "authUser", + AUTH_EVENT = "authEvent", + REDIRECT_USER = "redirectUser", + PERSISTENCE_USER = "persistence" +} +export declare const enum Namespace { + PERSISTENCE = "firebase" +} +export declare function _persistenceKeyName(key: string, apiKey: ApiKey, appName: AppName): string; +export declare class PersistenceUserManager { + persistence: PersistenceInternal; + private readonly auth; + private readonly userKey; + private readonly fullUserKey; + private readonly fullPersistenceKey; + private readonly boundEventHandler; + private constructor(); + setCurrentUser(user: UserInternal): Promise<void>; + getCurrentUser(): Promise<UserInternal | null>; + removeCurrentUser(): Promise<void>; + savePersistenceForRedirect(): Promise<void>; + setPersistence(newPersistence: PersistenceInternal): Promise<void>; + delete(): void; + static create(auth: AuthInternal, persistenceHierarchy: PersistenceInternal[], userKey?: KeyName): Promise<PersistenceUserManager>; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/email.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/email.d.ts new file mode 100644 index 0000000..be276ad --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/email.d.ts @@ -0,0 +1,83 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthProvider } from '../../model/public_types'; +import { EmailAuthCredential } from '../credentials/email'; +/** + * Provider for generating {@link EmailAuthCredential}. + * + * @public + */ +export declare class EmailAuthProvider implements AuthProvider { + /** + * Always set to {@link ProviderId}.PASSWORD, even for email link. + */ + static readonly PROVIDER_ID: 'password'; + /** + * Always set to {@link SignInMethod}.EMAIL_PASSWORD. + */ + static readonly EMAIL_PASSWORD_SIGN_IN_METHOD: 'password'; + /** + * Always set to {@link SignInMethod}.EMAIL_LINK. + */ + static readonly EMAIL_LINK_SIGN_IN_METHOD: 'emailLink'; + /** + * Always set to {@link ProviderId}.PASSWORD, even for email link. + */ + readonly providerId: "password"; + /** + * Initialize an {@link AuthCredential} using an email and password. + * + * @example + * ```javascript + * const authCredential = EmailAuthProvider.credential(email, password); + * const userCredential = await signInWithCredential(auth, authCredential); + * ``` + * + * @example + * ```javascript + * const userCredential = await signInWithEmailAndPassword(auth, email, password); + * ``` + * + * @param email - Email address. + * @param password - User account password. + * @returns The auth provider credential. + */ + static credential(email: string, password: string): EmailAuthCredential; + /** + * Initialize an {@link AuthCredential} using an email and an email link after a sign in with + * email link operation. + * + * @example + * ```javascript + * const authCredential = EmailAuthProvider.credentialWithLink(auth, email, emailLink); + * const userCredential = await signInWithCredential(auth, authCredential); + * ``` + * + * @example + * ```javascript + * await sendSignInLinkToEmail(auth, email); + * // Obtain emailLink from user. + * const userCredential = await signInWithEmailLink(auth, email, emailLink); + * ``` + * + * @param auth - The {@link Auth} instance used to verify the link. + * @param email - Email address. + * @param emailLink - Sign-in email link. + * @returns - The auth provider credential. + */ + static credentialWithLink(email: string, emailLink: string): EmailAuthCredential; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/facebook.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/facebook.d.ts new file mode 100644 index 0000000..cd8feca --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/facebook.d.ts @@ -0,0 +1,93 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { UserCredential } from '../../model/public_types'; +import { FirebaseError } from '@firebase/util'; +import { OAuthCredential } from '../credentials/oauth'; +import { BaseOAuthProvider } from './oauth'; +/** + * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.FACEBOOK. + * + * @example + * ```javascript + * // Sign in using a redirect. + * const provider = new FacebookAuthProvider(); + * // Start a sign in process for an unauthenticated user. + * provider.addScope('user_birthday'); + * await signInWithRedirect(auth, provider); + * // This will trigger a full page redirect away from your app + * + * // After returning from the redirect when your app initializes you can obtain the result + * const result = await getRedirectResult(auth); + * if (result) { + * // This is the signed-in user + * const user = result.user; + * // This gives you a Facebook Access Token. + * const credential = FacebookAuthProvider.credentialFromResult(result); + * const token = credential.accessToken; + * } + * ``` + * + * @example + * ```javascript + * // Sign in using a popup. + * const provider = new FacebookAuthProvider(); + * provider.addScope('user_birthday'); + * const result = await signInWithPopup(auth, provider); + * + * // The signed-in user info. + * const user = result.user; + * // This gives you a Facebook Access Token. + * const credential = FacebookAuthProvider.credentialFromResult(result); + * const token = credential.accessToken; + * ``` + * + * @public + */ +export declare class FacebookAuthProvider extends BaseOAuthProvider { + /** Always set to {@link SignInMethod}.FACEBOOK. */ + static readonly FACEBOOK_SIGN_IN_METHOD: 'facebook.com'; + /** Always set to {@link ProviderId}.FACEBOOK. */ + static readonly PROVIDER_ID: 'facebook.com'; + constructor(); + /** + * Creates a credential for Facebook. + * + * @example + * ```javascript + * // `event` from the Facebook auth.authResponseChange callback. + * const credential = FacebookAuthProvider.credential(event.authResponse.accessToken); + * const result = await signInWithCredential(credential); + * ``` + * + * @param accessToken - Facebook access token. + */ + static credential(accessToken: string): OAuthCredential; + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}. + * + * @param userCredential - The user credential. + */ + static credentialFromResult(userCredential: UserCredential): OAuthCredential | null; + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was + * thrown during a sign-in, link, or reauthenticate operation. + * + * @param userCredential - The user credential. + */ + static credentialFromError(error: FirebaseError): OAuthCredential | null; + private static credentialFromTaggedObject; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/federated.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/federated.d.ts new file mode 100644 index 0000000..91d38b1 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/federated.d.ts @@ -0,0 +1,64 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthProvider } from '../../model/public_types'; +/** + * Map of OAuth Custom Parameters. + * + * @public + */ +export type CustomParameters = Record<string, string>; +/** + * The base class for all Federated providers (OAuth (including OIDC), SAML). + * + * This class is not meant to be instantiated directly. + * + * @public + */ +export declare abstract class FederatedAuthProvider implements AuthProvider { + readonly providerId: string; + /** @internal */ + defaultLanguageCode: string | null; + /** @internal */ + private customParameters; + /** + * Constructor for generic OAuth providers. + * + * @param providerId - Provider for which credentials should be generated. + */ + constructor(providerId: string); + /** + * Set the language gode. + * + * @param languageCode - language code + */ + setDefaultLanguage(languageCode: string | null): void; + /** + * Sets the OAuth custom parameters to pass in an OAuth request for popup and redirect sign-in + * operations. + * + * @remarks + * For a detailed list, check the reserved required OAuth 2.0 parameters such as `client_id`, + * `redirect_uri`, `scope`, `response_type`, and `state` are not allowed and will be ignored. + * + * @param customOAuthParameters - The custom OAuth parameters to pass in the OAuth request. + */ + setCustomParameters(customOAuthParameters: CustomParameters): AuthProvider; + /** + * Retrieve the current list of {@link CustomParameters}. + */ + getCustomParameters(): CustomParameters; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/github.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/github.d.ts new file mode 100644 index 0000000..b8b3ee9 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/github.d.ts @@ -0,0 +1,89 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { UserCredential } from '../../model/public_types'; +import { FirebaseError } from '@firebase/util'; +import { OAuthCredential } from '../credentials/oauth'; +import { BaseOAuthProvider } from './oauth'; +/** + * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.GITHUB. + * + * @remarks + * GitHub requires an OAuth 2.0 redirect, so you can either handle the redirect directly, or use + * the {@link signInWithPopup} handler: + * + * @example + * ```javascript + * // Sign in using a redirect. + * const provider = new GithubAuthProvider(); + * // Start a sign in process for an unauthenticated user. + * provider.addScope('repo'); + * await signInWithRedirect(auth, provider); + * // This will trigger a full page redirect away from your app + * + * // After returning from the redirect when your app initializes you can obtain the result + * const result = await getRedirectResult(auth); + * if (result) { + * // This is the signed-in user + * const user = result.user; + * // This gives you a GitHub Access Token. + * const credential = GithubAuthProvider.credentialFromResult(result); + * const token = credential.accessToken; + * } + * ``` + * + * @example + * ```javascript + * // Sign in using a popup. + * const provider = new GithubAuthProvider(); + * provider.addScope('repo'); + * const result = await signInWithPopup(auth, provider); + * + * // The signed-in user info. + * const user = result.user; + * // This gives you a GitHub Access Token. + * const credential = GithubAuthProvider.credentialFromResult(result); + * const token = credential.accessToken; + * ``` + * @public + */ +export declare class GithubAuthProvider extends BaseOAuthProvider { + /** Always set to {@link SignInMethod}.GITHUB. */ + static readonly GITHUB_SIGN_IN_METHOD: 'github.com'; + /** Always set to {@link ProviderId}.GITHUB. */ + static readonly PROVIDER_ID: 'github.com'; + constructor(); + /** + * Creates a credential for GitHub. + * + * @param accessToken - GitHub access token. + */ + static credential(accessToken: string): OAuthCredential; + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}. + * + * @param userCredential - The user credential. + */ + static credentialFromResult(userCredential: UserCredential): OAuthCredential | null; + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was + * thrown during a sign-in, link, or reauthenticate operation. + * + * @param userCredential - The user credential. + */ + static credentialFromError(error: FirebaseError): OAuthCredential | null; + private static credentialFromTaggedObject; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/google.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/google.d.ts new file mode 100644 index 0000000..25d74c8 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/google.d.ts @@ -0,0 +1,96 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { UserCredential } from '../../model/public_types'; +import { FirebaseError } from '@firebase/util'; +import { OAuthCredential } from '../credentials/oauth'; +import { BaseOAuthProvider } from './oauth'; +/** + * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.GOOGLE. + * + * @example + * ```javascript + * // Sign in using a redirect. + * const provider = new GoogleAuthProvider(); + * // Start a sign in process for an unauthenticated user. + * provider.addScope('profile'); + * provider.addScope('email'); + * await signInWithRedirect(auth, provider); + * // This will trigger a full page redirect away from your app + * + * // After returning from the redirect when your app initializes you can obtain the result + * const result = await getRedirectResult(auth); + * if (result) { + * // This is the signed-in user + * const user = result.user; + * // This gives you a Google Access Token. + * const credential = GoogleAuthProvider.credentialFromResult(result); + * const token = credential.accessToken; + * } + * ``` + * + * @example + * ```javascript + * // Sign in using a popup. + * const provider = new GoogleAuthProvider(); + * provider.addScope('profile'); + * provider.addScope('email'); + * const result = await signInWithPopup(auth, provider); + * + * // The signed-in user info. + * const user = result.user; + * // This gives you a Google Access Token. + * const credential = GoogleAuthProvider.credentialFromResult(result); + * const token = credential.accessToken; + * ``` + * + * @public + */ +export declare class GoogleAuthProvider extends BaseOAuthProvider { + /** Always set to {@link SignInMethod}.GOOGLE. */ + static readonly GOOGLE_SIGN_IN_METHOD: 'google.com'; + /** Always set to {@link ProviderId}.GOOGLE. */ + static readonly PROVIDER_ID: 'google.com'; + constructor(); + /** + * Creates a credential for Google. At least one of ID token and access token is required. + * + * @example + * ```javascript + * // \`googleUser\` from the onsuccess Google Sign In callback. + * const credential = GoogleAuthProvider.credential(googleUser.getAuthResponse().id_token); + * const result = await signInWithCredential(credential); + * ``` + * + * @param idToken - Google ID token. + * @param accessToken - Google access token. + */ + static credential(idToken?: string | null, accessToken?: string | null): OAuthCredential; + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}. + * + * @param userCredential - The user credential. + */ + static credentialFromResult(userCredential: UserCredential): OAuthCredential | null; + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was + * thrown during a sign-in, link, or reauthenticate operation. + * + * @param userCredential - The user credential. + */ + static credentialFromError(error: FirebaseError): OAuthCredential | null; + private static credentialFromTaggedObject; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/oauth.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/oauth.d.ts new file mode 100644 index 0000000..3e8e664 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/oauth.d.ts @@ -0,0 +1,151 @@ +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthProvider, UserCredential } from '../../model/public_types'; +import { OAuthCredential } from '../credentials/oauth'; +import { FirebaseError } from '@firebase/util'; +import { FederatedAuthProvider } from './federated'; +/** + * Defines the options for initializing an {@link OAuthCredential}. + * + * @remarks + * For ID tokens with nonce claim, the raw nonce has to also be provided. + * + * @public + */ +export interface OAuthCredentialOptions { + /** + * The OAuth ID token used to initialize the {@link OAuthCredential}. + */ + idToken?: string; + /** + * The OAuth access token used to initialize the {@link OAuthCredential}. + */ + accessToken?: string; + /** + * The raw nonce associated with the ID token. + * + * @remarks + * It is required when an ID token with a nonce field is provided. The SHA-256 hash of the + * raw nonce must match the nonce field in the ID token. + */ + rawNonce?: string; +} +/** + * Common code to all OAuth providers. This is separate from the + * {@link OAuthProvider} so that child providers (like + * {@link GoogleAuthProvider}) don't inherit the `credential` instance method. + * Instead, they rely on a static `credential` method. + */ +export declare abstract class BaseOAuthProvider extends FederatedAuthProvider implements AuthProvider { + /** @internal */ + private scopes; + /** + * Add an OAuth scope to the credential. + * + * @param scope - Provider OAuth scope to add. + */ + addScope(scope: string): AuthProvider; + /** + * Retrieve the current list of OAuth scopes. + */ + getScopes(): string[]; +} +/** + * Provider for generating generic {@link OAuthCredential}. + * + * @example + * ```javascript + * // Sign in using a redirect. + * const provider = new OAuthProvider('google.com'); + * // Start a sign in process for an unauthenticated user. + * provider.addScope('profile'); + * provider.addScope('email'); + * await signInWithRedirect(auth, provider); + * // This will trigger a full page redirect away from your app + * + * // After returning from the redirect when your app initializes you can obtain the result + * const result = await getRedirectResult(auth); + * if (result) { + * // This is the signed-in user + * const user = result.user; + * // This gives you a OAuth Access Token for the provider. + * const credential = provider.credentialFromResult(auth, result); + * const token = credential.accessToken; + * } + * ``` + * + * @example + * ```javascript + * // Sign in using a popup. + * const provider = new OAuthProvider('google.com'); + * provider.addScope('profile'); + * provider.addScope('email'); + * const result = await signInWithPopup(auth, provider); + * + * // The signed-in user info. + * const user = result.user; + * // This gives you a OAuth Access Token for the provider. + * const credential = provider.credentialFromResult(auth, result); + * const token = credential.accessToken; + * ``` + * @public + */ +export declare class OAuthProvider extends BaseOAuthProvider { + /** + * Creates an {@link OAuthCredential} from a JSON string or a plain object. + * @param json - A plain object or a JSON string + */ + static credentialFromJSON(json: object | string): OAuthCredential; + /** + * Creates a {@link OAuthCredential} from a generic OAuth provider's access token or ID token. + * + * @remarks + * The raw nonce is required when an ID token with a nonce field is provided. The SHA-256 hash of + * the raw nonce must match the nonce field in the ID token. + * + * @example + * ```javascript + * // `googleUser` from the onsuccess Google Sign In callback. + * // Initialize a generate OAuth provider with a `google.com` providerId. + * const provider = new OAuthProvider('google.com'); + * const credential = provider.credential({ + * idToken: googleUser.getAuthResponse().id_token, + * }); + * const result = await signInWithCredential(credential); + * ``` + * + * @param params - Either the options object containing the ID token, access token and raw nonce + * or the ID token string. + */ + credential(params: OAuthCredentialOptions): OAuthCredential; + /** An internal credential method that accepts more permissive options */ + private _credential; + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}. + * + * @param userCredential - The user credential. + */ + static credentialFromResult(userCredential: UserCredential): OAuthCredential | null; + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was + * thrown during a sign-in, link, or reauthenticate operation. + * + * @param userCredential - The user credential. + */ + static credentialFromError(error: FirebaseError): OAuthCredential | null; + private static oauthCredentialFromTaggedObject; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/saml.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/saml.d.ts new file mode 100644 index 0000000..6017bfe --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/saml.d.ts @@ -0,0 +1,62 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { FirebaseError } from '@firebase/util'; +import { UserCredential } from '../../model/public_types'; +import { AuthCredential } from '../credentials'; +import { FederatedAuthProvider } from './federated'; +/** + * An {@link AuthProvider} for SAML. + * + * @public + */ +export declare class SAMLAuthProvider extends FederatedAuthProvider { + /** + * Constructor. The providerId must start with "saml." + * @param providerId - SAML provider ID. + */ + constructor(providerId: string); + /** + * Generates an {@link AuthCredential} from a {@link UserCredential} after a + * successful SAML flow completes. + * + * @remarks + * + * For example, to get an {@link AuthCredential}, you could write the + * following code: + * + * ```js + * const userCredential = await signInWithPopup(auth, samlProvider); + * const credential = SAMLAuthProvider.credentialFromResult(userCredential); + * ``` + * + * @param userCredential - The user credential. + */ + static credentialFromResult(userCredential: UserCredential): AuthCredential | null; + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was + * thrown during a sign-in, link, or reauthenticate operation. + * + * @param userCredential - The user credential. + */ + static credentialFromError(error: FirebaseError): AuthCredential | null; + /** + * Creates an {@link AuthCredential} from a JSON string or a plain object. + * @param json - A plain object or a JSON string + */ + static credentialFromJSON(json: string | object): AuthCredential; + private static samlCredentialFromTaggedObject; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/twitter.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/twitter.d.ts new file mode 100644 index 0000000..612913d --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/providers/twitter.d.ts @@ -0,0 +1,103 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * @license + * Copyright 2020 Twitter LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { UserCredential } from '../../model/public_types'; +import { FirebaseError } from '@firebase/util'; +import { OAuthCredential } from '../credentials/oauth'; +import { BaseOAuthProvider } from './oauth'; +/** + * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.TWITTER. + * + * @example + * ```javascript + * // Sign in using a redirect. + * const provider = new TwitterAuthProvider(); + * // Start a sign in process for an unauthenticated user. + * await signInWithRedirect(auth, provider); + * // This will trigger a full page redirect away from your app + * + * // After returning from the redirect when your app initializes you can obtain the result + * const result = await getRedirectResult(auth); + * if (result) { + * // This is the signed-in user + * const user = result.user; + * // This gives you a Twitter Access Token and Secret. + * const credential = TwitterAuthProvider.credentialFromResult(result); + * const token = credential.accessToken; + * const secret = credential.secret; + * } + * ``` + * + * @example + * ```javascript + * // Sign in using a popup. + * const provider = new TwitterAuthProvider(); + * const result = await signInWithPopup(auth, provider); + * + * // The signed-in user info. + * const user = result.user; + * // This gives you a Twitter Access Token and Secret. + * const credential = TwitterAuthProvider.credentialFromResult(result); + * const token = credential.accessToken; + * const secret = credential.secret; + * ``` + * + * @public + */ +export declare class TwitterAuthProvider extends BaseOAuthProvider { + /** Always set to {@link SignInMethod}.TWITTER. */ + static readonly TWITTER_SIGN_IN_METHOD: 'twitter.com'; + /** Always set to {@link ProviderId}.TWITTER. */ + static readonly PROVIDER_ID: 'twitter.com'; + constructor(); + /** + * Creates a credential for Twitter. + * + * @param token - Twitter access token. + * @param secret - Twitter secret. + */ + static credential(token: string, secret: string): OAuthCredential; + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}. + * + * @param userCredential - The user credential. + */ + static credentialFromResult(userCredential: UserCredential): OAuthCredential | null; + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was + * thrown during a sign-in, link, or reauthenticate operation. + * + * @param userCredential - The user credential. + */ + static credentialFromError(error: FirebaseError): OAuthCredential | null; + private static credentialFromTaggedObject; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/abstract_popup_redirect_operation.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/abstract_popup_redirect_operation.d.ts new file mode 100644 index 0000000..6f5e076 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/abstract_popup_redirect_operation.d.ts @@ -0,0 +1,44 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { FirebaseError } from '@firebase/util'; +import { AuthEvent, AuthEventConsumer, AuthEventType, PopupRedirectResolverInternal } from '../../model/popup_redirect'; +import { UserInternal, UserCredentialInternal } from '../../model/user'; +import { AuthInternal } from '../../model/auth'; +/** + * Popup event manager. Handles the popup's entire lifecycle; listens to auth + * events + */ +export declare abstract class AbstractPopupRedirectOperation implements AuthEventConsumer { + protected readonly auth: AuthInternal; + protected readonly resolver: PopupRedirectResolverInternal; + protected user?: UserInternal | undefined; + protected readonly bypassAuthState: boolean; + private pendingPromise; + private eventManager; + readonly filter: AuthEventType[]; + abstract eventId: string | null; + constructor(auth: AuthInternal, filter: AuthEventType | AuthEventType[], resolver: PopupRedirectResolverInternal, user?: UserInternal | undefined, bypassAuthState?: boolean); + abstract onExecution(): Promise<void>; + execute(): Promise<UserCredentialInternal | null>; + onAuthEvent(event: AuthEvent): Promise<void>; + onError(error: FirebaseError): void; + private getIdpTask; + protected resolve(cred: UserCredentialInternal | null): void; + protected reject(error: Error): void; + private unregisterAndCleanUp; + abstract cleanUp(): void; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/action_code_settings.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/action_code_settings.d.ts new file mode 100644 index 0000000..23fa039 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/action_code_settings.d.ts @@ -0,0 +1,19 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { ActionCodeSettings, Auth } from '../../model/public_types'; +import { GetOobCodeRequest } from '../../api/authentication/email_and_password'; +export declare function _setActionCodeSettingsOnRequest(auth: Auth, request: GetOobCodeRequest, actionCodeSettings: ActionCodeSettings): void; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/anonymous.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/anonymous.d.ts new file mode 100644 index 0000000..687a797 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/anonymous.d.ts @@ -0,0 +1,32 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth, UserCredential } from '../../model/public_types'; +/** + * Asynchronously signs in as an anonymous user. + * + * @remarks + * If there is already an anonymous user signed in, that user will be returned; otherwise, a + * new anonymous user identity will be created and returned. + * + * This method is not supported by {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * @param auth - The {@link Auth} instance. + * + * @public + */ +export declare function signInAnonymously(auth: Auth): Promise<UserCredential>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/credential.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/credential.d.ts new file mode 100644 index 0000000..392d663 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/credential.d.ts @@ -0,0 +1,64 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { UserCredential, Auth, User } from '../../model/public_types'; +import { AuthInternal } from '../../model/auth'; +import { AuthCredential } from '../credentials'; +export declare function _signInWithCredential(auth: AuthInternal, credential: AuthCredential, bypassAuthState?: boolean): Promise<UserCredential>; +/** + * Asynchronously signs in with the given credentials. + * + * @remarks + * An {@link AuthProvider} can be used to generate the credential. + * + * This method is not supported by {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * @param auth - The {@link Auth} instance. + * @param credential - The auth credential. + * + * @public + */ +export declare function signInWithCredential(auth: Auth, credential: AuthCredential): Promise<UserCredential>; +/** + * Links the user account with the given credentials. + * + * @remarks + * An {@link AuthProvider} can be used to generate the credential. + * + * @param user - The user. + * @param credential - The auth credential. + * + * @public + */ +export declare function linkWithCredential(user: User, credential: AuthCredential): Promise<UserCredential>; +/** + * Re-authenticates a user using a fresh credential. + * + * @remarks + * Use before operations such as {@link updatePassword} that require tokens from recent sign-in + * attempts. This method can be used to recover from a `CREDENTIAL_TOO_OLD_LOGIN_AGAIN` error + * or a `TOKEN_EXPIRED` error. + * + * This method is not supported on any {@link User} signed in by {@link Auth} instances + * created with a {@link @firebase/app#FirebaseServerApp}. + * + * @param user - The user. + * @param credential - The auth credential. + * + * @public + */ +export declare function reauthenticateWithCredential(user: User, credential: AuthCredential): Promise<UserCredential>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/custom_token.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/custom_token.d.ts new file mode 100644 index 0000000..e95cc38 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/custom_token.d.ts @@ -0,0 +1,37 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth, UserCredential } from '../../model/public_types'; +/** + * Asynchronously signs in using a custom token. + * + * @remarks + * Custom tokens are used to integrate Firebase Auth with existing auth systems, and must + * be generated by an auth backend using the + * {@link https://firebase.google.com/docs/reference/admin/node/admin.auth.Auth#createcustomtoken | createCustomToken} + * method in the {@link https://firebase.google.com/docs/auth/admin | Admin SDK} . + * + * Fails with an error if the token is invalid, expired, or not accepted by the Firebase Auth service. + * + * This method is not supported by {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * @param auth - The {@link Auth} instance. + * @param customToken - The custom token to sign in with. + * + * @public + */ +export declare function signInWithCustomToken(auth: Auth, customToken: string): Promise<UserCredential>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/email.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/email.d.ts new file mode 100644 index 0000000..3505c34 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/email.d.ts @@ -0,0 +1,104 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { ActionCodeSettings, Auth, User } from '../../model/public_types'; +/** + * Gets the list of possible sign in methods for the given email address. This method returns an + * empty list when + * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection} + * is enabled, irrespective of the number of authentication methods available for the given email. + * + * @remarks + * This is useful to differentiate methods of sign-in for the same provider, eg. + * {@link EmailAuthProvider} which has 2 methods of sign-in, + * {@link SignInMethod}.EMAIL_PASSWORD and + * {@link SignInMethod}.EMAIL_LINK. + * + * @param auth - The {@link Auth} instance. + * @param email - The user's email address. + * + * Deprecated. Migrating off of this method is recommended as a security best-practice. + * Learn more in the Identity Platform documentation for + * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}. + * @public + */ +export declare function fetchSignInMethodsForEmail(auth: Auth, email: string): Promise<string[]>; +/** + * Sends a verification email to a user. + * + * @remarks + * The verification process is completed by calling {@link applyActionCode}. + * + * @example + * ```javascript + * const actionCodeSettings = { + * url: 'https://www.example.com/?email=user@example.com', + * iOS: { + * bundleId: 'com.example.ios' + * }, + * android: { + * packageName: 'com.example.android', + * installApp: true, + * minimumVersion: '12' + * }, + * handleCodeInApp: true + * }; + * await sendEmailVerification(user, actionCodeSettings); + * // Obtain code from the user. + * await applyActionCode(auth, code); + * ``` + * + * @param user - The user. + * @param actionCodeSettings - The {@link ActionCodeSettings}. + * + * @public + */ +export declare function sendEmailVerification(user: User, actionCodeSettings?: ActionCodeSettings | null): Promise<void>; +/** + * Sends a verification email to a new email address. + * + * @remarks + * The user's email will be updated to the new one after being verified. + * + * If you have a custom email action handler, you can complete the verification process by calling + * {@link applyActionCode}. + * + * @example + * ```javascript + * const actionCodeSettings = { + * url: 'https://www.example.com/?email=user@example.com', + * iOS: { + * bundleId: 'com.example.ios' + * }, + * android: { + * packageName: 'com.example.android', + * installApp: true, + * minimumVersion: '12' + * }, + * handleCodeInApp: true + * }; + * await verifyBeforeUpdateEmail(user, 'newemail@example.com', actionCodeSettings); + * // Obtain code from the user. + * await applyActionCode(auth, code); + * ``` + * + * @param user - The user. + * @param newEmail - The new email address to be verified before update. + * @param actionCodeSettings - The {@link ActionCodeSettings}. + * + * @public + */ +export declare function verifyBeforeUpdateEmail(user: User, newEmail: string, actionCodeSettings?: ActionCodeSettings | null): Promise<void>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/email_and_password.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/email_and_password.d.ts new file mode 100644 index 0000000..205f33a --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/email_and_password.d.ts @@ -0,0 +1,139 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { ActionCodeInfo, ActionCodeSettings, Auth, UserCredential } from '../../model/public_types'; +/** + * Sends a password reset email to the given email address. This method does not throw an error when + * there's no user account with the given email address and + * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection} + * is enabled. + * + * @remarks + * To complete the password reset, call {@link confirmPasswordReset} with the code supplied in + * the email sent to the user, along with the new password specified by the user. + * + * @example + * ```javascript + * const actionCodeSettings = { + * url: 'https://www.example.com/?email=user@example.com', + * iOS: { + * bundleId: 'com.example.ios' + * }, + * android: { + * packageName: 'com.example.android', + * installApp: true, + * minimumVersion: '12' + * }, + * handleCodeInApp: true + * }; + * await sendPasswordResetEmail(auth, 'user@example.com', actionCodeSettings); + * // Obtain code from user. + * await confirmPasswordReset('user@example.com', code); + * ``` + * + * @param auth - The {@link Auth} instance. + * @param email - The user's email address. + * @param actionCodeSettings - The {@link ActionCodeSettings}. + * + * @public + */ +export declare function sendPasswordResetEmail(auth: Auth, email: string, actionCodeSettings?: ActionCodeSettings): Promise<void>; +/** + * Completes the password reset process, given a confirmation code and new password. + * + * @param auth - The {@link Auth} instance. + * @param oobCode - A confirmation code sent to the user. + * @param newPassword - The new password. + * + * @public + */ +export declare function confirmPasswordReset(auth: Auth, oobCode: string, newPassword: string): Promise<void>; +/** + * Applies a verification code sent to the user by email or other out-of-band mechanism. + * + * @param auth - The {@link Auth} instance. + * @param oobCode - A verification code sent to the user. + * + * @public + */ +export declare function applyActionCode(auth: Auth, oobCode: string): Promise<void>; +/** + * Checks a verification code sent to the user by email or other out-of-band mechanism. + * + * @returns metadata about the code. + * + * @param auth - The {@link Auth} instance. + * @param oobCode - A verification code sent to the user. + * + * @public + */ +export declare function checkActionCode(auth: Auth, oobCode: string): Promise<ActionCodeInfo>; +/** + * Checks a password reset code sent to the user by email or other out-of-band mechanism. + * + * @returns the user's email address if valid. + * + * @param auth - The {@link Auth} instance. + * @param code - A verification code sent to the user. + * + * @public + */ +export declare function verifyPasswordResetCode(auth: Auth, code: string): Promise<string>; +/** + * Creates a new user account associated with the specified email address and password. + * + * @remarks + * On successful creation of the user account, this user will also be signed in to your application. + * + * User account creation can fail if the account already exists or the password is invalid. + * + * This method is not supported on {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * Note: The email address acts as a unique identifier for the user and enables an email-based + * password reset. This function will create a new user account and set the initial user password. + * + * @param auth - The {@link Auth} instance. + * @param email - The user's email address. + * @param password - The user's chosen password. + * + * @public + */ +export declare function createUserWithEmailAndPassword(auth: Auth, email: string, password: string): Promise<UserCredential>; +/** + * Asynchronously signs in using an email and password. + * + * @remarks + * Fails with an error if the email address and password do not match. When + * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection} + * is enabled, this method fails with "auth/invalid-credential" in case of an invalid + * email/password. + * + * This method is not supported on {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * Note: The user's password is NOT the password used to access the user's email account. The + * email address serves as a unique identifier for the user, and the password is used to access + * the user's account in your Firebase project. See also: {@link createUserWithEmailAndPassword}. + * + * + * @param auth - The {@link Auth} instance. + * @param email - The users email address. + * @param password - The users password. + * + * @public + */ +export declare function signInWithEmailAndPassword(auth: Auth, email: string, password: string): Promise<UserCredential>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/email_link.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/email_link.d.ts new file mode 100644 index 0000000..8d01e8a --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/email_link.d.ts @@ -0,0 +1,107 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { ActionCodeSettings, Auth, UserCredential } from '../../model/public_types'; +/** + * Sends a sign-in email link to the user with the specified email. + * + * @remarks + * The sign-in operation has to always be completed in the app unlike other out of band email + * actions (password reset and email verifications). This is because, at the end of the flow, + * the user is expected to be signed in and their Auth state persisted within the app. + * + * To complete sign in with the email link, call {@link signInWithEmailLink} with the email + * address and the email link supplied in the email sent to the user. + * + * @example + * ```javascript + * const actionCodeSettings = { + * url: 'https://www.example.com/?email=user@example.com', + * iOS: { + * bundleId: 'com.example.ios' + * }, + * android: { + * packageName: 'com.example.android', + * installApp: true, + * minimumVersion: '12' + * }, + * handleCodeInApp: true + * }; + * await sendSignInLinkToEmail(auth, 'user@example.com', actionCodeSettings); + * // Obtain emailLink from the user. + * if(isSignInWithEmailLink(auth, emailLink)) { + * await signInWithEmailLink(auth, 'user@example.com', emailLink); + * } + * ``` + * + * @param authInternal - The {@link Auth} instance. + * @param email - The user's email address. + * @param actionCodeSettings - The {@link ActionCodeSettings}. + * + * @public + */ +export declare function sendSignInLinkToEmail(auth: Auth, email: string, actionCodeSettings: ActionCodeSettings): Promise<void>; +/** + * Checks if an incoming link is a sign-in with email link suitable for {@link signInWithEmailLink}. + * + * @param auth - The {@link Auth} instance. + * @param emailLink - The link sent to the user's email address. + * + * @public + */ +export declare function isSignInWithEmailLink(auth: Auth, emailLink: string): boolean; +/** + * Asynchronously signs in using an email and sign-in email link. + * + * @remarks + * If no link is passed, the link is inferred from the current URL. + * + * Fails with an error if the email address is invalid or OTP in email link expires. + * + * This method is not supported by {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * Note: Confirm the link is a sign-in email link before calling this method firebase.auth.Auth.isSignInWithEmailLink. + * + * @example + * ```javascript + * const actionCodeSettings = { + * url: 'https://www.example.com/?email=user@example.com', + * iOS: { + * bundleId: 'com.example.ios' + * }, + * android: { + * packageName: 'com.example.android', + * installApp: true, + * minimumVersion: '12' + * }, + * handleCodeInApp: true + * }; + * await sendSignInLinkToEmail(auth, 'user@example.com', actionCodeSettings); + * // Obtain emailLink from the user. + * if(isSignInWithEmailLink(auth, emailLink)) { + * await signInWithEmailLink(auth, 'user@example.com', emailLink); + * } + * ``` + * + * + * @param auth - The {@link Auth} instance. + * @param email - The user's email address. + * @param emailLink - The link sent to the user's email address. + * + * @public + */ +export declare function signInWithEmailLink(auth: Auth, email: string, emailLink?: string): Promise<UserCredential>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/idp.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/idp.d.ts new file mode 100644 index 0000000..179d4f7 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/idp.d.ts @@ -0,0 +1,32 @@ +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthInternal } from '../../model/auth'; +import { UserInternal, UserCredentialInternal } from '../../model/user'; +export interface IdpTaskParams { + auth: AuthInternal; + requestUri: string; + sessionId?: string; + tenantId?: string; + postBody?: string; + pendingToken?: string; + user?: UserInternal; + bypassAuthState?: boolean; +} +export type IdpTask = (params: IdpTaskParams) => Promise<UserCredentialInternal>; +export declare function _signIn(params: IdpTaskParams): Promise<UserCredentialInternal>; +export declare function _reauth(params: IdpTaskParams): Promise<UserCredentialInternal>; +export declare function _link(params: IdpTaskParams): Promise<UserCredentialInternal>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/redirect.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/redirect.d.ts new file mode 100644 index 0000000..10178ef --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/strategies/redirect.d.ts @@ -0,0 +1,36 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthInternal } from '../../model/auth'; +import { AuthEvent, PopupRedirectResolverInternal } from '../../model/popup_redirect'; +import { UserCredentialInternal } from '../../model/user'; +import { AbstractPopupRedirectOperation } from './abstract_popup_redirect_operation'; +export declare class RedirectAction extends AbstractPopupRedirectOperation { + eventId: null; + constructor(auth: AuthInternal, resolver: PopupRedirectResolverInternal, bypassAuthState?: boolean); + /** + * Override the execute function; if we already have a redirect result, then + * just return it. + */ + execute(): Promise<UserCredentialInternal | null>; + onAuthEvent(event: AuthEvent): Promise<void>; + onExecution(): Promise<void>; + cleanUp(): void; +} +export declare function _getAndClearPendingRedirectStatus(resolver: PopupRedirectResolverInternal, auth: AuthInternal): Promise<boolean>; +export declare function _setPendingRedirectStatus(resolver: PopupRedirectResolverInternal, auth: AuthInternal): Promise<void>; +export declare function _clearRedirectOutcomes(): void; +export declare function _overrideRedirectResult(auth: AuthInternal, result: () => Promise<UserCredentialInternal | null>): void; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/account_info.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/account_info.d.ts new file mode 100644 index 0000000..312e23c --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/account_info.d.ts @@ -0,0 +1,68 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { User } from '../../model/public_types'; +/** + * Updates a user's profile data. + * + * @param user - The user. + * @param profile - The profile's `displayName` and `photoURL` to update. + * + * @public + */ +export declare function updateProfile(user: User, { displayName, photoURL: photoUrl }: { + displayName?: string | null; + photoURL?: string | null; +}): Promise<void>; +/** + * Updates the user's email address. + * + * @remarks + * An email will be sent to the original email address (if it was set) that allows to revoke the + * email address change, in order to protect them from account hijacking. + * + * This method is not supported on any {@link User} signed in by {@link Auth} instances + * created with a {@link @firebase/app#FirebaseServerApp}. + * + * Important: this is a security sensitive operation that requires the user to have recently signed + * in. If this requirement isn't met, ask the user to authenticate again and then call + * {@link reauthenticateWithCredential}. + * + * @param user - The user. + * @param newEmail - The new email address. + * + * Throws "auth/operation-not-allowed" error when + * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection} + * is enabled. + * Deprecated - Use {@link verifyBeforeUpdateEmail} instead. + * + * @public + */ +export declare function updateEmail(user: User, newEmail: string): Promise<void>; +/** + * Updates the user's password. + * + * @remarks + * Important: this is a security sensitive operation that requires the user to have recently signed + * in. If this requirement isn't met, ask the user to authenticate again and then call + * {@link reauthenticateWithCredential}. + * + * @param user - The user. + * @param newPassword - The new password. + * + * @public + */ +export declare function updatePassword(user: User, newPassword: string): Promise<void>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/additional_user_info.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/additional_user_info.d.ts new file mode 100644 index 0000000..d5fd65b --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/additional_user_info.d.ts @@ -0,0 +1,31 @@ +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AdditionalUserInfo, UserCredential } from '../../model/public_types'; +import { IdTokenResponse } from '../../model/id_token'; +/** + * Parse the `AdditionalUserInfo` from the ID token response. + * + */ +export declare function _fromIdTokenResponse(idTokenResponse?: IdTokenResponse): AdditionalUserInfo | null; +/** + * Extracts provider specific {@link AdditionalUserInfo} for the given credential. + * + * @param userCredential - The user credential. + * + * @public + */ +export declare function getAdditionalUserInfo(userCredential: UserCredential): AdditionalUserInfo | null; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/id_token_result.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/id_token_result.d.ts new file mode 100644 index 0000000..c1b2032 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/id_token_result.d.ts @@ -0,0 +1,48 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { IdTokenResult, ParsedToken, User } from '../../model/public_types'; +/** + * Returns a JSON Web Token (JWT) used to identify the user to a Firebase service. + * + * @remarks + * Returns the current token if it has not expired or if it will not expire in the next five + * minutes. Otherwise, this will refresh the token and return a new one. + * + * @param user - The user. + * @param forceRefresh - Force refresh regardless of token expiration. + * + * @public + */ +export declare function getIdToken(user: User, forceRefresh?: boolean): Promise<string>; +/** + * Returns a deserialized JSON Web Token (JWT) used to identify the user to a Firebase service. + * + * @remarks + * Returns the current token if it has not expired or if it will not expire in the next five + * minutes. Otherwise, this will refresh the token and return a new one. + * + * @param user - The user. + * @param forceRefresh - Force refresh regardless of token expiration. + * + * @public + */ +export declare function getIdTokenResult(user: User, forceRefresh?: boolean): Promise<IdTokenResult>; +export declare function _parseToken(token: string): ParsedToken | null; +/** + * Extract expiresIn TTL from a token by subtracting the expiration from the issuance. + */ +export declare function _tokenExpiresIn(token: string): number; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/invalidation.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/invalidation.d.ts new file mode 100644 index 0000000..81446ea --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/invalidation.d.ts @@ -0,0 +1,18 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { UserInternal } from '../../model/user'; +export declare function _logoutIfInvalidated<T>(user: UserInternal, promise: Promise<T>, bypassAuthState?: boolean): Promise<T>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/link_unlink.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/link_unlink.d.ts new file mode 100644 index 0000000..9408524 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/link_unlink.d.ts @@ -0,0 +1,30 @@ +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { User } from '../../model/public_types'; +import { UserInternal, UserCredentialInternal } from '../../model/user'; +import { AuthCredential } from '../credentials'; +/** + * Unlinks a provider from a user account. + * + * @param user - The user. + * @param providerId - The provider to unlink. + * + * @public + */ +export declare function unlink(user: User, providerId: string): Promise<User>; +export declare function _link(user: UserInternal, credential: AuthCredential, bypassAuthState?: boolean): Promise<UserCredentialInternal>; +export declare function _assertLinkedStatus(expected: boolean, user: UserInternal, provider: string): Promise<void>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/proactive_refresh.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/proactive_refresh.d.ts new file mode 100644 index 0000000..ff52286 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/proactive_refresh.d.ts @@ -0,0 +1,34 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { UserInternal } from '../../model/user'; +export declare const enum Duration { + OFFSET = 300000, + RETRY_BACKOFF_MIN = 30000, + RETRY_BACKOFF_MAX = 960000 +} +export declare class ProactiveRefresh { + private readonly user; + private isRunning; + private timerId; + private errorBackoff; + constructor(user: UserInternal); + _start(): void; + _stop(): void; + private getInterval; + private schedule; + private iteration; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/reauthenticate.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/reauthenticate.d.ts new file mode 100644 index 0000000..1855132 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/reauthenticate.d.ts @@ -0,0 +1,20 @@ +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { UserInternal } from '../../model/user'; +import { AuthCredential } from '../credentials'; +import { UserCredentialImpl } from './user_credential_impl'; +export declare function _reauthenticate(user: UserInternal, credential: AuthCredential, bypassAuthState?: boolean): Promise<UserCredentialImpl>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/reload.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/reload.d.ts new file mode 100644 index 0000000..f2690fa --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/reload.d.ts @@ -0,0 +1,29 @@ +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { User, UserInfo } from '../../model/public_types'; +import { ProviderUserInfo } from '../../api/account_management/account'; +import { UserInternal } from '../../model/user'; +export declare function _reloadWithoutSaving(user: UserInternal): Promise<void>; +/** + * Reloads user account data, if signed in. + * + * @param user - The user. + * + * @public + */ +export declare function reload(user: User): Promise<void>; +export declare function extractProviderData(providers: ProviderUserInfo[]): UserInfo[]; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/token_manager.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/token_manager.d.ts new file mode 100644 index 0000000..790e283 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/token_manager.d.ts @@ -0,0 +1,50 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { FinalizeMfaResponse } from '../../api/authentication/mfa'; +import { AuthInternal } from '../../model/auth'; +import { IdTokenResponse } from '../../model/id_token'; +import { PersistedBlob } from '../persistence'; +/** + * The number of milliseconds before the official expiration time of a token + * to refresh that token, to provide a buffer for RPCs to complete. + */ +export declare const enum Buffer { + TOKEN_REFRESH = 30000 +} +/** + * We need to mark this class as internal explicitly to exclude it in the public typings, because + * it references AuthInternal which has a circular dependency with UserInternal. + * + * @internal + */ +export declare class StsTokenManager { + refreshToken: string | null; + accessToken: string | null; + expirationTime: number | null; + get isExpired(): boolean; + updateFromServerResponse(response: IdTokenResponse | FinalizeMfaResponse): void; + updateFromIdToken(idToken: string): void; + getToken(auth: AuthInternal, forceRefresh?: boolean): Promise<string | null>; + clearRefreshToken(): void; + private refresh; + private updateTokensAndExpiration; + static fromJSON(appName: string, object: PersistedBlob): StsTokenManager; + toJSON(): object; + _assign(stsTokenManager: StsTokenManager): void; + _clone(): StsTokenManager; + _performRefresh(): never; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/user_credential_impl.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/user_credential_impl.d.ts new file mode 100644 index 0000000..44ece34 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/user_credential_impl.d.ts @@ -0,0 +1,37 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { PhoneOrOauthTokenResponse } from '../../api/authentication/mfa'; +import { IdTokenResponse } from '../../model/id_token'; +import { UserInternal, UserCredentialInternal } from '../../model/user'; +import { AuthInternal } from '../../model/auth'; +import { OperationType, ProviderId } from '../../model/enums'; +interface UserCredentialParams { + readonly user: UserInternal; + readonly providerId: ProviderId | string | null; + readonly _tokenResponse?: PhoneOrOauthTokenResponse; + readonly operationType: OperationType; +} +export declare class UserCredentialImpl implements UserCredentialInternal, UserCredentialParams { + readonly user: UserInternal; + readonly providerId: ProviderId | string | null; + readonly _tokenResponse: PhoneOrOauthTokenResponse | undefined; + readonly operationType: OperationType; + constructor(params: UserCredentialParams); + static _fromIdTokenResponse(auth: AuthInternal, operationType: OperationType, idTokenResponse: IdTokenResponse, isAnonymous?: boolean): Promise<UserCredentialInternal>; + static _forOperation(user: UserInternal, operationType: OperationType, response: PhoneOrOauthTokenResponse): Promise<UserCredentialImpl>; +} +export {}; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/user_impl.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/user_impl.d.ts new file mode 100644 index 0000000..f795111 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/user_impl.d.ts @@ -0,0 +1,74 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { IdTokenResult } from '../../model/public_types'; +import { NextFn } from '@firebase/util'; +import { APIUserInfo, GetAccountInfoResponse } from '../../api/account_management/account'; +import { FinalizeMfaResponse } from '../../api/authentication/mfa'; +import { AuthInternal } from '../../model/auth'; +import { IdTokenResponse } from '../../model/id_token'; +import { MutableUserInfo, UserInternal, UserParameters } from '../../model/user'; +import { PersistedBlob } from '../persistence'; +import { StsTokenManager } from './token_manager'; +import { UserMetadata } from './user_metadata'; +import { ProviderId } from '../../model/enums'; +export declare class UserImpl implements UserInternal { + readonly providerId = ProviderId.FIREBASE; + stsTokenManager: StsTokenManager; + private accessToken; + uid: string; + auth: AuthInternal; + emailVerified: boolean; + isAnonymous: boolean; + tenantId: string | null; + readonly metadata: UserMetadata; + providerData: MutableUserInfo[]; + displayName: string | null; + email: string | null; + phoneNumber: string | null; + photoURL: string | null; + _redirectEventId?: string; + private readonly proactiveRefresh; + constructor({ uid, auth, stsTokenManager, ...opt }: UserParameters); + getIdToken(forceRefresh?: boolean): Promise<string>; + getIdTokenResult(forceRefresh?: boolean): Promise<IdTokenResult>; + reload(): Promise<void>; + private reloadUserInfo; + private reloadListener; + _assign(user: UserInternal): void; + _clone(auth: AuthInternal): UserInternal; + _onReload(callback: NextFn<APIUserInfo>): void; + _notifyReloadListener(userInfo: APIUserInfo): void; + _startProactiveRefresh(): void; + _stopProactiveRefresh(): void; + _updateTokensIfNecessary(response: IdTokenResponse | FinalizeMfaResponse, reload?: boolean): Promise<void>; + delete(): Promise<void>; + toJSON(): PersistedBlob; + get refreshToken(): string; + static _fromJSON(auth: AuthInternal, object: PersistedBlob): UserInternal; + /** + * Initialize a User from an idToken server response + * @param auth + * @param idTokenResponse + */ + static _fromIdTokenResponse(auth: AuthInternal, idTokenResponse: IdTokenResponse, isAnonymous?: boolean): Promise<UserInternal>; + /** + * Initialize a User from an idToken server response + * @param auth + * @param idTokenResponse + */ + static _fromGetAccountInfoResponse(auth: AuthInternal, response: GetAccountInfoResponse, idToken: string): Promise<UserInternal>; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/user_metadata.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/user_metadata.d.ts new file mode 100644 index 0000000..c732ce3 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/user/user_metadata.d.ts @@ -0,0 +1,27 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { UserMetadata as UserMetadataType } from '../../model/public_types'; +export declare class UserMetadata implements UserMetadataType { + private createdAt?; + private lastLoginAt?; + creationTime?: string; + lastSignInTime?: string; + constructor(createdAt?: (string | number) | undefined, lastLoginAt?: (string | number) | undefined); + private _initializeTime; + _copy(metadata: UserMetadata): void; + toJSON(): object; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/assert.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/assert.d.ts new file mode 100644 index 0000000..b877b42 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/assert.d.ts @@ -0,0 +1,94 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth } from '../../model/public_types'; +import { FirebaseError } from '@firebase/util'; +import { AuthErrorCode, AuthErrorParams } from '../errors'; +type LessAppName<K extends AuthErrorCode> = Omit<AuthErrorParams[K], 'appName'>; +/** + * Unconditionally fails, throwing a developer facing INTERNAL_ERROR + * + * @example + * ```javascript + * fail(auth, AuthErrorCode.MFA_REQUIRED); // Error: the MFA_REQUIRED error needs more params than appName + * fail(auth, AuthErrorCode.MFA_REQUIRED, {serverResponse}); // Compiles + * fail(AuthErrorCode.INTERNAL_ERROR); // Compiles; internal error does not need appName + * fail(AuthErrorCode.USER_DELETED); // Error: USER_DELETED requires app name + * fail(auth, AuthErrorCode.USER_DELETED); // Compiles; USER_DELETED _only_ needs app name + * ``` + * + * @param appName App name for tagging the error + * @throws FirebaseError + */ +export declare function _fail<K extends AuthErrorCode>(code: K, ...data: {} extends AuthErrorParams[K] ? [AuthErrorParams[K]?] : [AuthErrorParams[K]]): never; +export declare function _fail<K extends AuthErrorCode>(auth: Auth, code: K, ...data: {} extends LessAppName<K> ? [LessAppName<K>?] : [LessAppName<K>]): never; +export declare function _createError<K extends AuthErrorCode>(code: K, ...data: {} extends AuthErrorParams[K] ? [AuthErrorParams[K]?] : [AuthErrorParams[K]]): FirebaseError; +export declare function _createError<K extends AuthErrorCode>(auth: Auth, code: K, ...data: {} extends LessAppName<K> ? [LessAppName<K>?] : [LessAppName<K>]): FirebaseError; +export declare function _errorWithCustomMessage(auth: Auth, code: AuthErrorCode, message: string): FirebaseError; +export declare function _serverAppCurrentUserOperationNotSupportedError(auth: Auth): FirebaseError; +export declare function _assertInstanceOf(auth: Auth, object: object, instance: unknown): void; +export declare function _assert<K extends AuthErrorCode>(assertion: unknown, code: K, ...data: {} extends AuthErrorParams[K] ? [AuthErrorParams[K]?] : [AuthErrorParams[K]]): asserts assertion; +export declare function _assert<K extends AuthErrorCode>(assertion: unknown, auth: Auth, code: K, ...data: {} extends LessAppName<K> ? [LessAppName<K>?] : [LessAppName<K>]): asserts assertion; +type TypeExpectation = Function | string | MapType; +interface MapType extends Record<string, TypeExpectation | Optional> { +} +declare class Optional { + readonly type: TypeExpectation; + constructor(type: TypeExpectation); +} +export declare function opt(type: TypeExpectation): Optional; +/** + * Asserts the runtime types of arguments. The 'expected' field can be one of + * a class, a string (representing a "typeof" call), or a record map of name + * to type. Furthermore, the opt() function can be used to mark a field as + * optional. For example: + * + * function foo(auth: Auth, profile: {displayName?: string}, update = false) { + * assertTypes(arguments, [AuthImpl, {displayName: opt('string')}, opt('boolean')]); + * } + * + * opt() can be used for any type: + * function foo(auth?: Auth) { + * assertTypes(arguments, [opt(AuthImpl)]); + * } + * + * The string types can be or'd together, and you can use "null" as well (note + * that typeof null === 'object'; this is an edge case). For example: + * + * function foo(profile: {displayName?: string | null}) { + * assertTypes(arguments, [{displayName: opt('string|null')}]); + * } + * + * @param args + * @param expected + */ +export declare function assertTypes(args: Omit<IArguments, 'callee'>, ...expected: Array<TypeExpectation | Optional>): void; +/** + * Unconditionally fails, throwing an internal error with the given message. + * + * @param failure type of failure encountered + * @throws Error + */ +export declare function debugFail(failure: string): never; +/** + * Fails if the given assertion condition is false, throwing an Error with the + * given message if it did. + * + * @param assertion + * @param message + */ +export declare function debugAssert(assertion: unknown, message: string): asserts assertion; +export {}; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/browser.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/browser.d.ts new file mode 100644 index 0000000..f2abeb6 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/browser.d.ts @@ -0,0 +1,50 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Enums for Browser name. + */ +export declare const enum BrowserName { + ANDROID = "Android", + BLACKBERRY = "Blackberry", + EDGE = "Edge", + FIREFOX = "Firefox", + IE = "IE", + IEMOBILE = "IEMobile", + OPERA = "Opera", + OTHER = "Other", + CHROME = "Chrome", + SAFARI = "Safari", + SILK = "Silk", + WEBOS = "Webos" +} +/** + * Determine the browser for the purposes of reporting usage to the API + */ +export declare function _getBrowserName(userAgent: string): BrowserName | string; +export declare function _isFirefox(ua?: string): boolean; +export declare function _isSafari(userAgent?: string): boolean; +export declare function _isChromeIOS(ua?: string): boolean; +export declare function _isIEMobile(ua?: string): boolean; +export declare function _isAndroid(ua?: string): boolean; +export declare function _isBlackBerry(ua?: string): boolean; +export declare function _isWebOS(ua?: string): boolean; +export declare function _isIOS(ua?: string): boolean; +export declare function _isIOS7Or8(ua?: string): boolean; +export declare function _isIOSStandalone(ua?: string): boolean; +export declare function _isIE10(): boolean; +export declare function _isMobileBrowser(ua?: string): boolean; +export declare function _isIframe(): boolean; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/delay.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/delay.d.ts new file mode 100644 index 0000000..6358c7e --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/delay.d.ts @@ -0,0 +1,31 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export declare const enum DelayMin { + OFFLINE = 5000 +} +/** + * A structure to help pick between a range of long and short delay durations + * depending on the current environment. In general, the long delay is used for + * mobile environments whereas short delays are used for desktop environments. + */ +export declare class Delay { + private readonly shortDelay; + private readonly longDelay; + private readonly isMobile; + constructor(shortDelay: number, longDelay: number); + get(): number; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/emulator.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/emulator.d.ts new file mode 100644 index 0000000..068c50a --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/emulator.d.ts @@ -0,0 +1,18 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { ConfigInternal } from '../../model/auth'; +export declare function _emulatorUrl(config: ConfigInternal, path?: string): string; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/event_id.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/event_id.d.ts new file mode 100644 index 0000000..a235857 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/event_id.d.ts @@ -0,0 +1,17 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export declare function _generateEventId(prefix?: string, digits?: number): string; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/fetch_provider.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/fetch_provider.d.ts new file mode 100644 index 0000000..b30fc05 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/fetch_provider.d.ts @@ -0,0 +1,25 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export declare class FetchProvider { + private static fetchImpl; + private static headersImpl; + private static responseImpl; + static initialize(fetchImpl: typeof fetch, headersImpl?: typeof Headers, responseImpl?: typeof Response): void; + static fetch(): typeof fetch; + static headers(): typeof Headers; + static response(): typeof Response; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/handler.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/handler.d.ts new file mode 100644 index 0000000..d5ff063 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/handler.d.ts @@ -0,0 +1,20 @@ +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthProvider } from '../../model/public_types'; +import { AuthInternal } from '../../model/auth'; +import { AuthEventType } from '../../model/popup_redirect'; +export declare function _getRedirectUrl(auth: AuthInternal, provider: AuthProvider, authType: AuthEventType, redirectUrl?: string, eventId?: string, additionalParams?: Record<string, string>): Promise<string>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/instantiator.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/instantiator.d.ts new file mode 100644 index 0000000..33e7c95 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/instantiator.d.ts @@ -0,0 +1,28 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Our API has a lot of one-off constants that are used to do things. + * Unfortunately we can't export these as classes instantiated directly since + * the constructor may side effect and therefore can't be proven to be safely + * culled. Instead, we export these classes themselves as a lowerCamelCase + * constant, and instantiate them under the hood. + */ +export interface SingletonInstantiator<T> { + new (): T; +} +export declare function _getInstance<T>(cls: unknown): T; +export declare function _clearInstanceMap(): void; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/location.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/location.d.ts new file mode 100644 index 0000000..c79ac38 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/location.d.ts @@ -0,0 +1,19 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export declare function _getCurrentUrl(): string; +export declare function _isHttpOrHttps(): boolean; +export declare function _getCurrentScheme(): string | null; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/log.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/log.d.ts new file mode 100644 index 0000000..b65ea5c --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/log.d.ts @@ -0,0 +1,23 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { LogLevel } from '@firebase/logger'; +export { LogLevel }; +export declare function _getLogLevel(): LogLevel; +export declare function _setLogLevel(newLevel: LogLevel): void; +export declare function _logDebug(msg: string, ...args: string[]): void; +export declare function _logWarn(msg: string, ...args: string[]): void; +export declare function _logError(msg: string, ...args: string[]): void; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/navigator.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/navigator.d.ts new file mode 100644 index 0000000..ac91633 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/navigator.d.ts @@ -0,0 +1,21 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Determine whether the browser is working online + */ +export declare function _isOnline(): boolean; +export declare function _getUserLanguage(): string | null; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/providers.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/providers.d.ts new file mode 100644 index 0000000..c2ffdb3 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/providers.d.ts @@ -0,0 +1,23 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export interface ProviderAssociatedObject { + providerId?: string; +} +/** + * Takes a set of UserInfo provider data and converts it to a set of names + */ +export declare function providerDataAsNames<T extends ProviderAssociatedObject>(providerData: T[]): Set<string>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/resolver.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/resolver.d.ts new file mode 100644 index 0000000..e7c2c7c --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/resolver.d.ts @@ -0,0 +1,25 @@ +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { PopupRedirectResolver } from '../../model/public_types'; +import { AuthInternal } from '../../model/auth'; +import { PopupRedirectResolverInternal } from '../../model/popup_redirect'; +/** + * Chooses a popup/redirect resolver to use. This prefers the override (which + * is directly passed in), and falls back to the property set on the auth + * object. If neither are available, this function errors w/ an argument error. + */ +export declare function _withDefaultResolver(auth: AuthInternal, resolverOverride: PopupRedirectResolver | undefined): PopupRedirectResolverInternal; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/time.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/time.d.ts new file mode 100644 index 0000000..d82976e --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/time.d.ts @@ -0,0 +1,17 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export declare function utcTimestampToDateString(utcTimestamp?: string | number): string | undefined; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/validate_origin.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/validate_origin.d.ts new file mode 100644 index 0000000..dde89b0 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/validate_origin.d.ts @@ -0,0 +1,18 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthInternal } from '../../model/auth'; +export declare function _validateOrigin(auth: AuthInternal): Promise<void>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/version.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/version.d.ts new file mode 100644 index 0000000..342ceb5 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/core/util/version.d.ts @@ -0,0 +1,31 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export declare const enum ClientImplementation { + CORE = "JsCore" +} +/** + * @internal + */ +export declare const enum ClientPlatform { + BROWSER = "Browser", + NODE = "Node", + REACT_NATIVE = "ReactNative", + CORDOVA = "Cordova", + WORKER = "Worker", + WEB_EXTENSION = "WebExtension" +} +export declare function _getClientVersion(clientPlatform: ClientPlatform, frameworks?: readonly string[]): string; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/index.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/index.d.ts new file mode 100644 index 0000000..4b71927 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/index.d.ts @@ -0,0 +1,18 @@ +/** + * @license + * Copyright 2017 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export * from './core'; +export * from './mfa'; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/assertions/totp.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/assertions/totp.d.ts new file mode 100644 index 0000000..6b6df19 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/assertions/totp.d.ts @@ -0,0 +1,124 @@ +/** + * @license + * Copyright 2022 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { TotpMultiFactorAssertion, MultiFactorSession } from '../../model/public_types'; +import { AuthInternal } from '../../model/auth'; +import { StartTotpMfaEnrollmentResponse, TotpVerificationInfo } from '../../api/account_management/mfa'; +import { FinalizeMfaResponse } from '../../api/authentication/mfa'; +import { MultiFactorAssertionImpl } from '../../mfa/mfa_assertion'; +/** + * Provider for generating a {@link TotpMultiFactorAssertion}. + * + * @public + */ +export declare class TotpMultiFactorGenerator { + /** + * Provides a {@link TotpMultiFactorAssertion} to confirm ownership of + * the TOTP (time-based one-time password) second factor. + * This assertion is used to complete enrollment in TOTP second factor. + * + * @param secret A {@link TotpSecret} containing the shared secret key and other TOTP parameters. + * @param oneTimePassword One-time password from TOTP App. + * @returns A {@link TotpMultiFactorAssertion} which can be used with + * {@link MultiFactorUser.enroll}. + */ + static assertionForEnrollment(secret: TotpSecret, oneTimePassword: string): TotpMultiFactorAssertion; + /** + * Provides a {@link TotpMultiFactorAssertion} to confirm ownership of the TOTP second factor. + * This assertion is used to complete signIn with TOTP as the second factor. + * + * @param enrollmentId identifies the enrolled TOTP second factor. + * @param oneTimePassword One-time password from TOTP App. + * @returns A {@link TotpMultiFactorAssertion} which can be used with + * {@link MultiFactorResolver.resolveSignIn}. + */ + static assertionForSignIn(enrollmentId: string, oneTimePassword: string): TotpMultiFactorAssertion; + /** + * Returns a promise to {@link TotpSecret} which contains the TOTP shared secret key and other parameters. + * Creates a TOTP secret as part of enrolling a TOTP second factor. + * Used for generating a QR code URL or inputting into a TOTP app. + * This method uses the auth instance corresponding to the user in the multiFactorSession. + * + * @param session The {@link MultiFactorSession} that the user is part of. + * @returns A promise to {@link TotpSecret}. + */ + static generateSecret(session: MultiFactorSession): Promise<TotpSecret>; + /** + * The identifier of the TOTP second factor: `totp`. + */ + static FACTOR_ID: 'totp'; +} +export declare class TotpMultiFactorAssertionImpl extends MultiFactorAssertionImpl implements TotpMultiFactorAssertion { + readonly otp: string; + readonly enrollmentId?: string | undefined; + readonly secret?: TotpSecret | undefined; + constructor(otp: string, enrollmentId?: string | undefined, secret?: TotpSecret | undefined); + /** @internal */ + static _fromSecret(secret: TotpSecret, otp: string): TotpMultiFactorAssertionImpl; + /** @internal */ + static _fromEnrollmentId(enrollmentId: string, otp: string): TotpMultiFactorAssertionImpl; + /** @internal */ + _finalizeEnroll(auth: AuthInternal, idToken: string, displayName?: string | null): Promise<FinalizeMfaResponse>; + /** @internal */ + _finalizeSignIn(auth: AuthInternal, mfaPendingCredential: string): Promise<FinalizeMfaResponse>; +} +/** + * Provider for generating a {@link TotpMultiFactorAssertion}. + * + * Stores the shared secret key and other parameters to generate time-based OTPs. + * Implements methods to retrieve the shared secret key and generate a QR code URL. + * @public + */ +export declare class TotpSecret { + private readonly sessionInfo; + private readonly auth; + /** + * Shared secret key/seed used for enrolling in TOTP MFA and generating OTPs. + */ + readonly secretKey: string; + /** + * Hashing algorithm used. + */ + readonly hashingAlgorithm: string; + /** + * Length of the one-time passwords to be generated. + */ + readonly codeLength: number; + /** + * The interval (in seconds) when the OTP codes should change. + */ + readonly codeIntervalSeconds: number; + /** + * The timestamp (UTC string) by which TOTP enrollment should be completed. + */ + readonly enrollmentCompletionDeadline: string; + private constructor(); + /** @internal */ + static _fromStartTotpMfaEnrollmentResponse(response: StartTotpMfaEnrollmentResponse, auth: AuthInternal): TotpSecret; + /** @internal */ + _makeTotpVerificationInfo(otp: string): TotpVerificationInfo; + /** + * Returns a QR code URL as described in + * https://github.com/google/google-authenticator/wiki/Key-Uri-Format + * This can be displayed to the user as a QR code to be scanned into a TOTP app like Google Authenticator. + * If the optional parameters are unspecified, an accountName of <userEmail> and issuer of <firebaseAppName> are used. + * + * @param accountName the name of the account/app along with a user identifier. + * @param issuer issuer of the TOTP (likely the app name). + * @returns A QR code URL string. + */ + generateQrCodeUrl(accountName?: string, issuer?: string): string; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/index.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/index.d.ts new file mode 100644 index 0000000..c976896 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/index.d.ts @@ -0,0 +1,18 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export { getMultiFactorResolver } from './mfa_resolver'; +export { multiFactor } from './mfa_user'; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/mfa_assertion.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/mfa_assertion.d.ts new file mode 100644 index 0000000..ab9d4fb --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/mfa_assertion.d.ts @@ -0,0 +1,27 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { FactorId, MultiFactorAssertion } from '../model/public_types'; +import { MultiFactorSessionImpl } from './mfa_session'; +import { FinalizeMfaResponse } from '../api/authentication/mfa'; +import { AuthInternal } from '../model/auth'; +export declare abstract class MultiFactorAssertionImpl implements MultiFactorAssertion { + readonly factorId: FactorId; + protected constructor(factorId: FactorId); + _process(auth: AuthInternal, session: MultiFactorSessionImpl, displayName?: string | null): Promise<FinalizeMfaResponse>; + abstract _finalizeEnroll(auth: AuthInternal, idToken: string, displayName?: string | null): Promise<FinalizeMfaResponse>; + abstract _finalizeSignIn(auth: AuthInternal, mfaPendingCredential: string): Promise<FinalizeMfaResponse>; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/mfa_error.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/mfa_error.d.ts new file mode 100644 index 0000000..d6b719c --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/mfa_error.d.ts @@ -0,0 +1,35 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { MultiFactorError as MultiFactorErrorPublic } from '../model/public_types'; +import { FirebaseError } from '@firebase/util'; +import { AuthInternal } from '../model/auth'; +import { IdTokenResponse } from '../model/id_token'; +import { UserInternal } from '../model/user'; +import { AuthCredential } from '../core/credentials'; +import { IdTokenMfaResponse } from '../api/authentication/mfa'; +import { OperationType } from '../model/enums'; +export type MultiFactorErrorData = MultiFactorErrorPublic['customData'] & { + _serverResponse: IdTokenMfaResponse; +}; +export declare class MultiFactorError extends FirebaseError implements MultiFactorErrorPublic { + readonly operationType: OperationType; + readonly user?: UserInternal | undefined; + readonly customData: MultiFactorErrorData; + private constructor(); + static _fromErrorAndOperation(auth: AuthInternal, error: FirebaseError, operationType: OperationType, user?: UserInternal): MultiFactorError; +} +export declare function _processCredentialSavingMfaContextIfNecessary(auth: AuthInternal, operationType: OperationType, credential: AuthCredential, user?: UserInternal): Promise<IdTokenResponse>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/mfa_info.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/mfa_info.d.ts new file mode 100644 index 0000000..49888fd --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/mfa_info.d.ts @@ -0,0 +1,36 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { FactorId, MultiFactorInfo, PhoneMultiFactorInfo, TotpMultiFactorInfo } from '../model/public_types'; +import { MfaEnrollment } from '../api/account_management/mfa'; +import { AuthInternal } from '../model/auth'; +export declare abstract class MultiFactorInfoImpl implements MultiFactorInfo { + readonly factorId: FactorId; + readonly uid: string; + readonly displayName?: string | null; + readonly enrollmentTime: string; + protected constructor(factorId: FactorId, response: MfaEnrollment); + static _fromServerResponse(auth: AuthInternal, enrollment: MfaEnrollment): MultiFactorInfoImpl; +} +export declare class PhoneMultiFactorInfoImpl extends MultiFactorInfoImpl implements PhoneMultiFactorInfo { + readonly phoneNumber: string; + private constructor(); + static _fromServerResponse(_auth: AuthInternal, enrollment: MfaEnrollment): PhoneMultiFactorInfoImpl; +} +export declare class TotpMultiFactorInfoImpl extends MultiFactorInfoImpl implements TotpMultiFactorInfo { + private constructor(); + static _fromServerResponse(_auth: AuthInternal, enrollment: MfaEnrollment): TotpMultiFactorInfoImpl; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/mfa_resolver.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/mfa_resolver.d.ts new file mode 100644 index 0000000..edf54ed --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/mfa_resolver.d.ts @@ -0,0 +1,41 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth, MultiFactorResolver, UserCredential, MultiFactorError } from '../model/public_types'; +import { MultiFactorAssertionImpl } from './mfa_assertion'; +import { MultiFactorError as MultiFactorErrorInternal } from './mfa_error'; +import { MultiFactorInfoImpl } from './mfa_info'; +import { MultiFactorSessionImpl } from './mfa_session'; +export declare class MultiFactorResolverImpl implements MultiFactorResolver { + readonly session: MultiFactorSessionImpl; + readonly hints: MultiFactorInfoImpl[]; + private readonly signInResolver; + private constructor(); + /** @internal */ + static _fromError(authExtern: Auth, error: MultiFactorErrorInternal): MultiFactorResolverImpl; + resolveSignIn(assertionExtern: MultiFactorAssertionImpl): Promise<UserCredential>; +} +/** + * Provides a {@link MultiFactorResolver} suitable for completion of a + * multi-factor flow. + * + * @param auth - The {@link Auth} instance. + * @param error - The {@link MultiFactorError} raised during a sign-in, or + * reauthentication operation. + * + * @public + */ +export declare function getMultiFactorResolver(auth: Auth, error: MultiFactorError): MultiFactorResolver; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/mfa_session.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/mfa_session.d.ts new file mode 100644 index 0000000..a144670 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/mfa_session.d.ts @@ -0,0 +1,39 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { UserInternal } from '../model/user'; +import { MultiFactorSession } from '../model/public_types'; +export declare const enum MultiFactorSessionType { + ENROLL = "enroll", + SIGN_IN = "signin" +} +interface SerializedMultiFactorSession { + multiFactorSession: { + idToken?: string; + pendingCredential?: string; + }; +} +export declare class MultiFactorSessionImpl implements MultiFactorSession { + readonly type: MultiFactorSessionType; + readonly credential: string; + readonly user?: UserInternal | undefined; + private constructor(); + static _fromIdtoken(idToken: string, user?: UserInternal): MultiFactorSessionImpl; + static _fromMfaPendingCredential(mfaPendingCredential: string): MultiFactorSessionImpl; + toJSON(): SerializedMultiFactorSession; + static fromJSON(obj: Partial<SerializedMultiFactorSession>): MultiFactorSessionImpl | null; +} +export {}; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/mfa_user.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/mfa_user.d.ts new file mode 100644 index 0000000..4850e26 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/mfa/mfa_user.d.ts @@ -0,0 +1,38 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { MultiFactorAssertion, MultiFactorInfo, MultiFactorSession, MultiFactorUser, User } from '../model/public_types'; +import { UserInternal } from '../model/user'; +export declare class MultiFactorUserImpl implements MultiFactorUser { + readonly user: UserInternal; + enrolledFactors: MultiFactorInfo[]; + private constructor(); + static _fromUser(user: UserInternal): MultiFactorUserImpl; + getSession(): Promise<MultiFactorSession>; + enroll(assertionExtern: MultiFactorAssertion, displayName?: string | null): Promise<void>; + unenroll(infoOrUid: MultiFactorInfo | string): Promise<void>; +} +/** + * The {@link MultiFactorUser} corresponding to the user. + * + * @remarks + * This is used to access all multi-factor properties and operations related to the user. + * + * @param user - The user. + * + * @public + */ +export declare function multiFactor(user: User): MultiFactorUser; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/model/application_verifier.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/model/application_verifier.d.ts new file mode 100644 index 0000000..fc6dca5 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/model/application_verifier.d.ts @@ -0,0 +1,23 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { ApplicationVerifier } from './public_types'; +export interface ApplicationVerifierInternal extends ApplicationVerifier { + /** + * @internal + */ + _reset(): void; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/model/auth.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/model/auth.d.ts new file mode 100644 index 0000000..986054b --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/model/auth.d.ts @@ -0,0 +1,90 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth, AuthSettings, Config, EmulatorConfig, PasswordPolicy, PasswordValidationStatus, PopupRedirectResolver, User } from './public_types'; +import { ErrorFactory } from '@firebase/util'; +import { AuthErrorCode, AuthErrorParams } from '../core/errors'; +import { PopupRedirectResolverInternal } from './popup_redirect'; +import { UserInternal } from './user'; +import { ClientPlatform } from '../core/util/version'; +import { RecaptchaConfig } from '../platform_browser/recaptcha/recaptcha'; +import { PasswordPolicyInternal } from './password_policy'; +import { PersistenceInternal } from '../core/persistence'; +export type AppName = string; +export type ApiKey = string; +export type AuthDomain = string; +/** + * @internal + */ +export interface ConfigInternal extends Config { + /** + * @readonly + */ + emulator?: { + url: string; + }; + /** + * @readonly + */ + clientPlatform: ClientPlatform; +} +/** + * UserInternal and AuthInternal reference each other, so both of them are included in the public typings. + * In order to exclude them, we mark them as internal explicitly. + * + * @internal + */ +export interface AuthInternal extends Auth { + currentUser: User | null; + emulatorConfig: EmulatorConfig | null; + _agentRecaptchaConfig: RecaptchaConfig | null; + _tenantRecaptchaConfigs: Record<string, RecaptchaConfig>; + _projectPasswordPolicy: PasswordPolicy | null; + _tenantPasswordPolicies: Record<string, PasswordPolicy>; + _canInitEmulator: boolean; + _isInitialized: boolean; + _initializationPromise: Promise<void> | null; + _persistenceManagerAvailable: Promise<void>; + _updateCurrentUser(user: UserInternal | null): Promise<void>; + _onStorageEvent(): void; + _notifyListenersIfCurrent(user: UserInternal): void; + _persistUserIfCurrent(user: UserInternal): Promise<void>; + _setRedirectUser(user: UserInternal | null, popupRedirectResolver?: PopupRedirectResolver): Promise<void>; + _redirectUserForId(id: string): Promise<UserInternal | null>; + _popupRedirectResolver: PopupRedirectResolverInternal | null; + _key(): string; + _startProactiveRefresh(): void; + _stopProactiveRefresh(): void; + _getPersistenceType(): string; + _getPersistence(): PersistenceInternal; + _getRecaptchaConfig(): RecaptchaConfig | null; + _getPasswordPolicyInternal(): PasswordPolicyInternal | null; + _updatePasswordPolicy(): Promise<void>; + _logFramework(framework: string): void; + _getFrameworks(): readonly string[]; + _getAdditionalHeaders(): Promise<Record<string, string>>; + _getAppCheckToken(): Promise<string | undefined>; + readonly name: AppName; + readonly config: ConfigInternal; + languageCode: string | null; + tenantId: string | null; + readonly settings: AuthSettings; + _errorFactory: ErrorFactory<AuthErrorCode, AuthErrorParams>; + useDeviceLanguage(): void; + signOut(): Promise<void>; + validatePassword(password: string): Promise<PasswordValidationStatus>; + revokeAccessToken(token: string): Promise<void>; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/model/enum_maps.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/model/enum_maps.d.ts new file mode 100644 index 0000000..60095b5 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/model/enum_maps.d.ts @@ -0,0 +1,98 @@ +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * An enum of factors that may be used for multifactor authentication. + * + * @public + */ +export declare const FactorId: { + /** Phone as second factor */ + readonly PHONE: "phone"; + readonly TOTP: "totp"; +}; +/** + * Enumeration of supported providers. + * + * @public + */ +export declare const ProviderId: { + /** Facebook provider ID */ + readonly FACEBOOK: "facebook.com"; + /** GitHub provider ID */ + readonly GITHUB: "github.com"; + /** Google provider ID */ + readonly GOOGLE: "google.com"; + /** Password provider */ + readonly PASSWORD: "password"; + /** Phone provider */ + readonly PHONE: "phone"; + /** Twitter provider ID */ + readonly TWITTER: "twitter.com"; +}; +/** + * Enumeration of supported sign-in methods. + * + * @public + */ +export declare const SignInMethod: { + /** Email link sign in method */ + readonly EMAIL_LINK: "emailLink"; + /** Email/password sign in method */ + readonly EMAIL_PASSWORD: "password"; + /** Facebook sign in method */ + readonly FACEBOOK: "facebook.com"; + /** GitHub sign in method */ + readonly GITHUB: "github.com"; + /** Google sign in method */ + readonly GOOGLE: "google.com"; + /** Phone sign in method */ + readonly PHONE: "phone"; + /** Twitter sign in method */ + readonly TWITTER: "twitter.com"; +}; +/** + * Enumeration of supported operation types. + * + * @public + */ +export declare const OperationType: { + /** Operation involving linking an additional provider to an already signed-in user. */ + readonly LINK: "link"; + /** Operation involving using a provider to reauthenticate an already signed-in user. */ + readonly REAUTHENTICATE: "reauthenticate"; + /** Operation involving signing in a user. */ + readonly SIGN_IN: "signIn"; +}; +/** + * An enumeration of the possible email action types. + * + * @public + */ +export declare const ActionCodeOperation: { + /** The email link sign-in action. */ + readonly EMAIL_SIGNIN: "EMAIL_SIGNIN"; + /** The password reset action. */ + readonly PASSWORD_RESET: "PASSWORD_RESET"; + /** The email revocation action. */ + readonly RECOVER_EMAIL: "RECOVER_EMAIL"; + /** The revert second factor addition email action. */ + readonly REVERT_SECOND_FACTOR_ADDITION: "REVERT_SECOND_FACTOR_ADDITION"; + /** The revert second factor addition email action. */ + readonly VERIFY_AND_CHANGE_EMAIL: "VERIFY_AND_CHANGE_EMAIL"; + /** The email verification action. */ + readonly VERIFY_EMAIL: "VERIFY_EMAIL"; +}; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/model/enums.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/model/enums.d.ts new file mode 100644 index 0000000..a917e14 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/model/enums.d.ts @@ -0,0 +1,74 @@ +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Enumeration of supported providers. + * @internal + */ +export declare const enum ProviderId { + /** @internal */ + ANONYMOUS = "anonymous", + /** @internal */ + CUSTOM = "custom", + /** Facebook provider ID */ + FACEBOOK = "facebook.com", + /** @internal */ + FIREBASE = "firebase", + /** GitHub provider ID */ + GITHUB = "github.com", + /** Google provider ID */ + GOOGLE = "google.com", + /** Password provider */ + PASSWORD = "password", + /** Phone provider */ + PHONE = "phone", + /** Twitter provider ID */ + TWITTER = "twitter.com" +} +/** + * Enumeration of supported sign-in methods. + * @internal + */ +export declare const enum SignInMethod { + /** @internal */ + ANONYMOUS = "anonymous", + /** Email link sign in method */ + EMAIL_LINK = "emailLink", + /** Email/password sign in method */ + EMAIL_PASSWORD = "password", + /** Facebook sign in method */ + FACEBOOK = "facebook.com", + /** GitHub sign in method */ + GITHUB = "github.com", + /** Google sign in method */ + GOOGLE = "google.com", + /** Phone sign in method */ + PHONE = "phone", + /** Twitter sign in method */ + TWITTER = "twitter.com" +} +/** + * Enumeration of supported operation types. + * @internal + */ +export declare const enum OperationType { + /** Operation involving linking an additional provider to an already signed-in user. */ + LINK = "link", + /** Operation involving using a provider to reauthenticate an already signed-in user. */ + REAUTHENTICATE = "reauthenticate", + /** Operation involving signing in a user. */ + SIGN_IN = "signIn" +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/model/id_token.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/model/id_token.d.ts new file mode 100644 index 0000000..b288dcf --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/model/id_token.d.ts @@ -0,0 +1,87 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { PhoneOrOauthTokenResponse } from '../api/authentication/mfa'; +/** + * Raw encoded JWT + * + */ +export type IdToken = string; +/** + * Raw parsed JWT + * + */ +export interface ParsedIdToken { + iss: string; + aud: string; + exp: number; + sub: string; + iat: number; + email?: string; + verified: boolean; + providerId?: string; + tenantId?: string; + anonymous: boolean; + federatedId?: string; + displayName?: string; + photoURL?: string; + toString(): string; +} +/** + * IdToken as returned by the API + * + * @internal + */ +export interface IdTokenResponse { + localId: string; + idToken?: IdToken; + refreshToken?: string; + expiresIn?: string; + providerId?: string; + displayName?: string | null; + isNewUser?: boolean; + kind?: IdTokenResponseKind; + photoUrl?: string | null; + rawUserInfo?: string; + screenName?: string | null; +} +/** + * The possible types of the `IdTokenResponse` + * + * @internal + */ +export declare const enum IdTokenResponseKind { + CreateAuthUri = "identitytoolkit#CreateAuthUriResponse", + DeleteAccount = "identitytoolkit#DeleteAccountResponse", + DownloadAccount = "identitytoolkit#DownloadAccountResponse", + EmailLinkSignin = "identitytoolkit#EmailLinkSigninResponse", + GetAccountInfo = "identitytoolkit#GetAccountInfoResponse", + GetOobConfirmationCode = "identitytoolkit#GetOobConfirmationCodeResponse", + GetRecaptchaParam = "identitytoolkit#GetRecaptchaParamResponse", + ResetPassword = "identitytoolkit#ResetPasswordResponse", + SetAccountInfo = "identitytoolkit#SetAccountInfoResponse", + SignupNewUser = "identitytoolkit#SignupNewUserResponse", + UploadAccount = "identitytoolkit#UploadAccountResponse", + VerifyAssertion = "identitytoolkit#VerifyAssertionResponse", + VerifyCustomToken = "identitytoolkit#VerifyCustomTokenResponse", + VerifyPassword = "identitytoolkit#VerifyPasswordResponse" +} +/** + * @internal + */ +export interface TaggedWithTokenResponse { + _tokenResponse?: PhoneOrOauthTokenResponse; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/model/password_policy.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/model/password_policy.d.ts new file mode 100644 index 0000000..0a438d2 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/model/password_policy.d.ts @@ -0,0 +1,111 @@ +/** + * @license + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { PasswordPolicy, PasswordValidationStatus } from './public_types'; +/** + * Internal typing of password policy that includes the schema version and methods for + * validating that a password meets the policy. The developer does not need access to + * these properties and methods, so they are excluded from the public typing. + * + * @internal + */ +export interface PasswordPolicyInternal extends PasswordPolicy { + /** + * Requirements enforced by the password policy. + */ + readonly customStrengthOptions: PasswordPolicyCustomStrengthOptions; + /** + * Schema version of the password policy. + */ + readonly schemaVersion: number; + /** + * Validates the password against the policy. + * @param password Password to validate. + */ + validatePassword(password: string): PasswordValidationStatus; +} +/** + * Internal typing of the password policy custom strength options that is modifiable. This + * allows us to construct the strength options before storing them in the policy. + * + * @internal + */ +export interface PasswordPolicyCustomStrengthOptions { + /** + * Minimum password length. + */ + minPasswordLength?: number; + /** + * Maximum password length. + */ + maxPasswordLength?: number; + /** + * Whether the password should contain a lowercase letter. + */ + containsLowercaseLetter?: boolean; + /** + * Whether the password should contain an uppercase letter. + */ + containsUppercaseLetter?: boolean; + /** + * Whether the password should contain a numeric character. + */ + containsNumericCharacter?: boolean; + /** + * Whether the password should contain a non-alphanumeric character. + */ + containsNonAlphanumericCharacter?: boolean; +} +/** + * Internal typing of password validation status that is modifiable. This allows us to + * construct the validation status before returning it. + * + * @internal + */ +export interface PasswordValidationStatusInternal extends PasswordValidationStatus { + /** + * Whether the password meets all requirements. + */ + isValid: boolean; + /** + * Whether the password meets the minimum password length. + */ + meetsMinPasswordLength?: boolean; + /** + * Whether the password meets the maximum password length. + */ + meetsMaxPasswordLength?: boolean; + /** + * Whether the password contains a lowercase letter, if required. + */ + containsLowercaseLetter?: boolean; + /** + * Whether the password contains an uppercase letter, if required. + */ + containsUppercaseLetter?: boolean; + /** + * Whether the password contains a numeric character, if required. + */ + containsNumericCharacter?: boolean; + /** + * Whether the password contains a non-alphanumeric character, if required. + */ + containsNonAlphanumericCharacter?: boolean; + /** + * The policy used to validate the password. + */ + passwordPolicy: PasswordPolicy; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/model/popup_redirect.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/model/popup_redirect.d.ts new file mode 100644 index 0000000..1ed2872 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/model/popup_redirect.d.ts @@ -0,0 +1,94 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth, AuthProvider, Persistence, PopupRedirectResolver, UserCredential } from './public_types'; +import { FirebaseError } from '@firebase/util'; +import { AuthPopup } from '../platform_browser/util/popup'; +import { AuthInternal } from './auth'; +import { UserCredentialInternal } from './user'; +export declare const enum EventFilter { + POPUP = 0, + REDIRECT = 1 +} +export declare const enum GapiOutcome { + ACK = "ACK", + ERROR = "ERROR" +} +export interface GapiAuthEvent extends gapi.iframes.Message { + authEvent: AuthEvent; +} +/** + * @internal + */ +export declare const enum AuthEventType { + LINK_VIA_POPUP = "linkViaPopup", + LINK_VIA_REDIRECT = "linkViaRedirect", + REAUTH_VIA_POPUP = "reauthViaPopup", + REAUTH_VIA_REDIRECT = "reauthViaRedirect", + SIGN_IN_VIA_POPUP = "signInViaPopup", + SIGN_IN_VIA_REDIRECT = "signInViaRedirect", + UNKNOWN = "unknown", + VERIFY_APP = "verifyApp" +} +export interface AuthEventError extends Error { + code: string; + message: string; +} +/** + * @internal + */ +export interface AuthEvent { + type: AuthEventType; + eventId: string | null; + urlResponse: string | null; + sessionId: string | null; + postBody: string | null; + tenantId: string | null; + error?: AuthEventError; +} +/** + * @internal + */ +export interface AuthEventConsumer { + readonly filter: AuthEventType[]; + eventId: string | null; + onAuthEvent(event: AuthEvent): unknown; + onError(error: FirebaseError): unknown; +} +/** + * @internal + */ +export interface EventManager { + registerConsumer(authEventConsumer: AuthEventConsumer): void; + unregisterConsumer(authEventConsumer: AuthEventConsumer): void; +} +/** + * We need to mark this interface as internal explicitly to exclude it in the public typings, because + * it references AuthInternal which has a circular dependency with UserInternal. + * + * @internal + */ +export interface PopupRedirectResolverInternal extends PopupRedirectResolver { + _shouldInitProactively: boolean; + _initialize(auth: AuthInternal): Promise<EventManager>; + _openPopup(auth: AuthInternal, provider: AuthProvider, authType: AuthEventType, eventId?: string): Promise<AuthPopup>; + _openRedirect(auth: AuthInternal, provider: AuthProvider, authType: AuthEventType, eventId?: string): Promise<void | never>; + _isIframeWebStorageSupported(auth: AuthInternal, cb: (support: boolean) => unknown): void; + _redirectPersistence: Persistence; + _originValidation(auth: Auth): Promise<void>; + _completeRedirectFn: (auth: Auth, resolver: PopupRedirectResolver, bypassAuthState: boolean) => Promise<UserCredential | null>; + _overrideRedirectResult: (auth: AuthInternal, resultGetter: () => Promise<UserCredentialInternal | null>) => void; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/model/public_types.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/model/public_types.d.ts new file mode 100644 index 0000000..d1600ce --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/model/public_types.d.ts @@ -0,0 +1,1291 @@ +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { FirebaseApp } from '@firebase/app'; +import { CompleteFn, ErrorFn, FirebaseError, NextFn, Observer, Unsubscribe } from '@firebase/util'; +import { FactorId as FactorIdMap, OperationType as OperationTypeMap, ActionCodeOperation as ActionCodeOperationMap } from './enum_maps'; +export { CompleteFn, ErrorFn, NextFn, Unsubscribe }; +/** + * Interface representing the `Auth` config. + * + * @public + */ +export interface Config { + /** + * The API Key used to communicate with the Firebase Auth backend. + */ + apiKey: string; + /** + * The host at which the Firebase Auth backend is running. + */ + apiHost: string; + /** + * The scheme used to communicate with the Firebase Auth backend. + */ + apiScheme: string; + /** + * The host at which the Secure Token API is running. + */ + tokenApiHost: string; + /** + * The SDK Client Version. + */ + sdkClientVersion: string; + /** + * The domain at which the web widgets are hosted (provided via Firebase Config). + */ + authDomain?: string; +} +/** + * Interface representing reCAPTCHA parameters. + * + * See the {@link https://developers.google.com/recaptcha/docs/display#render_param | reCAPTCHA docs} + * for the list of accepted parameters. All parameters are accepted except for `sitekey`: Firebase Auth + * provisions a reCAPTCHA for each project and will configure the site key upon rendering. + * + * For an invisible reCAPTCHA, set the `size` key to `invisible`. + * + * @public + */ +export interface RecaptchaParameters { + [key: string]: any; +} +/** + * Interface representing a parsed ID token. + * + * @privateRemarks TODO(avolkovi): consolidate with parsed_token in implementation. + * + * @public + */ +export interface ParsedToken { + /** Expiration time of the token. */ + 'exp'?: string; + /** UID of the user. */ + 'sub'?: string; + /** Time at which authentication was performed. */ + 'auth_time'?: string; + /** Issuance time of the token. */ + 'iat'?: string; + /** Firebase specific claims, containing the provider(s) used to authenticate the user. */ + 'firebase'?: { + 'sign_in_provider'?: string; + 'sign_in_second_factor'?: string; + 'identities'?: Record<string, string>; + }; + /** Map of any additional custom claims. */ + [key: string]: unknown; +} +/** + * Type definition for an event callback. + * + * @privateRemarks TODO(avolkovi): should we consolidate with Subscribe<T> since we're changing the API anyway? + * + * @public + */ +export type NextOrObserver<T> = NextFn<T | null> | Observer<T | null>; +/** + * Interface for an `Auth` error. + * + * @public + */ +export interface AuthError extends FirebaseError { + /** Details about the Firebase Auth error. */ + readonly customData: { + /** The name of the Firebase App which triggered this error. */ + readonly appName: string; + /** The email address of the user's account, used for sign-in and linking. */ + readonly email?: string; + /** The phone number of the user's account, used for sign-in and linking. */ + readonly phoneNumber?: string; + /** + * The tenant ID being used for sign-in and linking. + * + * @remarks + * If you use {@link signInWithRedirect} to sign in, + * you have to set the tenant ID on the {@link Auth} instance again as the tenant ID is not persisted + * after redirection. + */ + readonly tenantId?: string; + }; +} +/** + * Interface representing an {@link Auth} instance's settings. + * + * @remarks Currently used for enabling/disabling app verification for phone Auth testing. + * + * @public + */ +export interface AuthSettings { + /** + * When set, this property disables app verification for the purpose of testing phone + * authentication. For this property to take effect, it needs to be set before rendering a + * reCAPTCHA app verifier. When this is disabled, a mock reCAPTCHA is rendered instead. This is + * useful for manual testing during development or for automated integration tests. + * + * In order to use this feature, you will need to + * {@link https://firebase.google.com/docs/auth/web/phone-auth#test-with-whitelisted-phone-numbers | whitelist your phone number} + * via the Firebase Console. + * + * The default value is false (app verification is enabled). + */ + appVerificationDisabledForTesting: boolean; +} +/** + * Interface representing Firebase Auth service. + * + * @remarks + * See {@link https://firebase.google.com/docs/auth/ | Firebase Authentication} for a full guide + * on how to use the Firebase Auth service. + * + * @public + */ +export interface Auth { + /** The {@link @firebase/app#FirebaseApp} associated with the `Auth` service instance. */ + readonly app: FirebaseApp; + /** The name of the app associated with the `Auth` service instance. */ + readonly name: string; + /** The {@link Config} used to initialize this instance. */ + readonly config: Config; + /** + * Changes the type of persistence on the `Auth` instance. + * + * @remarks + * This will affect the currently saved Auth session and applies this type of persistence for + * future sign-in requests, including sign-in with redirect requests. + * + * This makes it easy for a user signing in to specify whether their session should be + * remembered or not. It also makes it easier to never persist the Auth state for applications + * that are shared by other users or have sensitive data. + * + * This method does not work in a Node.js environment. + * + * @example + * ```javascript + * auth.setPersistence(browserSessionPersistence); + * ``` + * + * @param persistence - The {@link Persistence} to use. + */ + setPersistence(persistence: Persistence): Promise<void>; + /** + * The {@link Auth} instance's language code. + * + * @remarks + * This is a readable/writable property. When set to null, the default Firebase Console language + * setting is applied. The language code will propagate to email action templates (password + * reset, email verification and email change revocation), SMS templates for phone authentication, + * reCAPTCHA verifier and OAuth popup/redirect operations provided the specified providers support + * localization with the language code specified. + */ + languageCode: string | null; + /** + * The {@link Auth} instance's tenant ID. + * + * @remarks + * This is a readable/writable property. When you set the tenant ID of an {@link Auth} instance, all + * future sign-in/sign-up operations will pass this tenant ID and sign in or sign up users to + * the specified tenant project. When set to null, users are signed in to the parent project. + * + * @example + * ```javascript + * // Set the tenant ID on Auth instance. + * auth.tenantId = 'TENANT_PROJECT_ID'; + * + * // All future sign-in request now include tenant ID. + * const result = await signInWithEmailAndPassword(auth, email, password); + * // result.user.tenantId should be 'TENANT_PROJECT_ID'. + * ``` + * + * @defaultValue null + */ + tenantId: string | null; + /** + * The {@link Auth} instance's settings. + * + * @remarks + * This is used to edit/read configuration related options such as app verification mode for + * phone authentication. + */ + readonly settings: AuthSettings; + /** + * Adds an observer for changes to the user's sign-in state. + * + * @remarks + * To keep the old behavior, see {@link Auth.onIdTokenChanged}. + * + * @param nextOrObserver - callback triggered on change. + * @param error - Deprecated. This callback is never triggered. Errors + * on signing in/out can be caught in promises returned from + * sign-in/sign-out functions. + * @param completed - Deprecated. This callback is never triggered. + */ + onAuthStateChanged(nextOrObserver: NextOrObserver<User | null>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe; + /** + * Adds a blocking callback that runs before an auth state change + * sets a new user. + * + * @param callback - callback triggered before new user value is set. + * If this throws, it blocks the user from being set. + * @param onAbort - callback triggered if a later `beforeAuthStateChanged()` + * callback throws, allowing you to undo any side effects. + */ + beforeAuthStateChanged(callback: (user: User | null) => void | Promise<void>, onAbort?: () => void): Unsubscribe; + /** + * Adds an observer for changes to the signed-in user's ID token. + * + * @remarks + * This includes sign-in, sign-out, and token refresh events. + * + * @param nextOrObserver - callback triggered on change. + * @param error - Deprecated. This callback is never triggered. Errors + * on signing in/out can be caught in promises returned from + * sign-in/sign-out functions. + * @param completed - Deprecated. This callback is never triggered. + */ + onIdTokenChanged(nextOrObserver: NextOrObserver<User | null>, error?: ErrorFn, completed?: CompleteFn): Unsubscribe; + /** + * returns a promise that resolves immediately when the initial + * auth state is settled. When the promise resolves, the current user might be a valid user + * or `null` if the user signed out. + */ + authStateReady(): Promise<void>; + /** The currently signed-in user (or null). */ + readonly currentUser: User | null; + /** The current emulator configuration (or null). */ + readonly emulatorConfig: EmulatorConfig | null; + /** + * Asynchronously sets the provided user as {@link Auth.currentUser} on the {@link Auth} instance. + * + * @remarks + * A new instance copy of the user provided will be made and set as currentUser. + * + * This will trigger {@link Auth.onAuthStateChanged} and {@link Auth.onIdTokenChanged} listeners + * like other sign in methods. + * + * The operation fails with an error if the user to be updated belongs to a different Firebase + * project. + * + * @param user - The new {@link User}. + */ + updateCurrentUser(user: User | null): Promise<void>; + /** + * Sets the current language to the default device/browser preference. + */ + useDeviceLanguage(): void; + /** + * Signs out the current user. This does not automatically revoke the user's ID token. + * + * @remarks + * This method is not supported by {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + */ + signOut(): Promise<void>; +} +/** + * An interface covering the possible persistence mechanism types. + * + * @public + */ +export interface Persistence { + /** + * Type of Persistence. + * - 'SESSION' is used for temporary persistence such as `sessionStorage`. + * - 'LOCAL' is used for long term persistence such as `localStorage` or `IndexedDB`. + * - 'NONE' is used for in-memory, or no persistence. + * - 'COOKIE' is used for cookie persistence, useful for server-side rendering. + */ + readonly type: 'SESSION' | 'LOCAL' | 'NONE' | 'COOKIE'; +} +/** + * Interface representing ID token result obtained from {@link User.getIdTokenResult}. + * + * @remarks + * `IdTokenResult` contains the ID token JWT string and other helper properties for getting different data + * associated with the token as well as all the decoded payload claims. + * + * Note that these claims are not to be trusted as they are parsed client side. Only server side + * verification can guarantee the integrity of the token claims. + * + * @public + */ +export interface IdTokenResult { + /** + * The authentication time formatted as a UTC string. + * + * @remarks + * This is the time the user authenticated (signed in) and not the time the token was refreshed. + */ + authTime: string; + /** The ID token expiration time formatted as a UTC string. */ + expirationTime: string; + /** The ID token issuance time formatted as a UTC string. */ + issuedAtTime: string; + /** + * The sign-in provider through which the ID token was obtained (anonymous, custom, phone, + * password, etc). + * + * @remarks + * Note, this does not map to provider IDs. + */ + signInProvider: string | null; + /** + * The type of second factor associated with this session, provided the user was multi-factor + * authenticated (eg. phone, etc). + */ + signInSecondFactor: string | null; + /** The Firebase Auth ID token JWT string. */ + token: string; + /** + * The entire payload claims of the ID token including the standard reserved claims as well as + * the custom claims. + */ + claims: ParsedToken; +} +/** + * A response from {@link checkActionCode}. + * + * @public + */ +export interface ActionCodeInfo { + /** + * The data associated with the action code. + * + * @remarks + * For the {@link ActionCodeOperation}.PASSWORD_RESET, {@link ActionCodeOperation}.VERIFY_EMAIL, and + * {@link ActionCodeOperation}.RECOVER_EMAIL actions, this object contains an email field with the address + * the email was sent to. + * + * For the {@link ActionCodeOperation}.RECOVER_EMAIL action, which allows a user to undo an email address + * change, this object also contains a `previousEmail` field with the user account's current + * email address. After the action completes, the user's email address will revert to the value + * in the `email` field from the value in `previousEmail` field. + * + * For the {@link ActionCodeOperation}.VERIFY_AND_CHANGE_EMAIL action, which allows a user to verify the + * email before updating it, this object contains a `previousEmail` field with the user account's + * email address before updating. After the action completes, the user's email address will be + * updated to the value in the `email` field from the value in `previousEmail` field. + * + * For the {@link ActionCodeOperation}.REVERT_SECOND_FACTOR_ADDITION action, which allows a user to + * unenroll a newly added second factor, this object contains a `multiFactorInfo` field with + * the information about the second factor. For phone second factor, the `multiFactorInfo` + * is a {@link MultiFactorInfo} object, which contains the phone number. + */ + data: { + email?: string | null; + multiFactorInfo?: MultiFactorInfo | null; + previousEmail?: string | null; + }; + /** + * The type of operation that generated the action code. + */ + operation: (typeof ActionCodeOperationMap)[keyof typeof ActionCodeOperationMap]; +} +/** + * An enumeration of the possible email action types. + * + * @internal + */ +export declare const enum ActionCodeOperation { + /** The email link sign-in action. */ + EMAIL_SIGNIN = "EMAIL_SIGNIN", + /** The password reset action. */ + PASSWORD_RESET = "PASSWORD_RESET", + /** The email revocation action. */ + RECOVER_EMAIL = "RECOVER_EMAIL", + /** The revert second factor addition email action. */ + REVERT_SECOND_FACTOR_ADDITION = "REVERT_SECOND_FACTOR_ADDITION", + /** The revert second factor addition email action. */ + VERIFY_AND_CHANGE_EMAIL = "VERIFY_AND_CHANGE_EMAIL", + /** The email verification action. */ + VERIFY_EMAIL = "VERIFY_EMAIL" +} +/** + * An interface that defines the required continue/state URL with optional Android and iOS + * bundle identifiers. + * + * @public + */ +export interface ActionCodeSettings { + /** + * Sets the Android package name. + * + * @remarks + * This will try to open the link in an Android app if it is installed. + */ + android?: { + installApp?: boolean; + minimumVersion?: string; + packageName: string; + }; + /** + * When set to true, the action code link will be be sent as a Universal Link or Android App + * Link and will be opened by the app if installed. + * + * @remarks + * In the false case, the code will be sent to the web widget first and then on continue will + * redirect to the app if installed. + * + * @defaultValue false + */ + handleCodeInApp?: boolean; + /** + * Sets the iOS bundle ID. + * + * @remarks + * This will try to open the link in an iOS app if it is installed. + */ + iOS?: { + bundleId: string; + }; + /** + * Sets the link continue/state URL. + * + * @remarks + * This has different meanings in different contexts: + * - When the link is handled in the web action widgets, this is the deep link in the + * `continueUrl` query parameter. + * - When the link is handled in the app directly, this is the `continueUrl` query parameter in + * the deep link of the Dynamic Link or Hosting link. + */ + url: string; + /** + * When multiple custom dynamic link domains are defined for a project, specify which one to use + * when the link is to be opened via a specified mobile app (for example, `example.page.link`). + * + * + * @defaultValue The first domain is automatically selected. + * + * @deprecated Firebase Dynamic Links is deprecated and will be shut down as early as August + * 2025. Instead, use {@link ActionCodeSettings.linkDomain} to set a custom domain for mobile + * links. Learn more in the {@link https://firebase.google.com/support/dynamic-links-faq | Dynamic Links deprecation FAQ}. + */ + dynamicLinkDomain?: string; + /** + * The optional custom Firebase Hosting domain to use when the link is to be opened via + * a specified mobile app. The domain must be configured in Firebase Hosting and owned + * by the project. This cannot be a default Hosting domain (`web.app` or `firebaseapp.com`). + * + * @defaultValue The default Hosting domain will be used (for example, `example.firebaseapp.com`). + */ + linkDomain?: string; +} +/** + * A verifier for domain verification and abuse prevention. + * + * @remarks + * Currently, the only implementation is {@link RecaptchaVerifier}. + * + * @public + */ +export interface ApplicationVerifier { + /** + * Identifies the type of application verifier (e.g. "recaptcha"). + */ + readonly type: string; + /** + * Executes the verification process. + * + * @returns A Promise for a token that can be used to assert the validity of a request. + */ + verify(): Promise<string>; +} +/** + * Interface that represents an auth provider, used to facilitate creating {@link AuthCredential}. + * + * @public + */ +export interface AuthProvider { + /** + * Provider for which credentials can be constructed. + */ + readonly providerId: string; +} +/** + * An enum of factors that may be used for multifactor authentication. + * + * Internally we use an enum type for FactorId, ActionCodeOperation, but there is a copy in https://github.com/firebase/firebase-js-sdk/blob/48a2096aec53a7eaa9ffcc2625016ecb9f90d113/packages/auth/src/model/enum_maps.ts#L23 that uses maps. + * const enums are better for tree-shaking, however can cause runtime errors if exposed in public APIs, example - https://github.com/microsoft/rushstack/issues/3058 + * So, we expose enum maps publicly, but use const enums internally to get some tree-shaking benefit. + * @internal + */ +export declare const enum FactorId { + /** Phone as second factor */ + PHONE = "phone", + TOTP = "totp" +} +/** + * A result from a phone number sign-in, link, or reauthenticate call. + * + * @public + */ +export interface ConfirmationResult { + /** + * The phone number authentication operation's verification ID. + * + * @remarks + * This can be used along with the verification code to initialize a + * {@link PhoneAuthCredential}. + */ + readonly verificationId: string; + /** + * Finishes a phone number sign-in, link, or reauthentication. + * + * @example + * ```javascript + * const confirmationResult = await signInWithPhoneNumber(auth, phoneNumber, applicationVerifier); + * // Obtain verificationCode from the user. + * const userCredential = await confirmationResult.confirm(verificationCode); + * ``` + * + * @param verificationCode - The code that was sent to the user's mobile device. + */ + confirm(verificationCode: string): Promise<UserCredential>; +} +/** + * The base class for asserting ownership of a second factor. + * + * @remarks + * This is used to facilitate enrollment of a second factor on an existing user or sign-in of a + * user who already verified the first factor. + * + * @public + */ +export interface MultiFactorAssertion { + /** The identifier of the second factor. */ + readonly factorId: (typeof FactorIdMap)[keyof typeof FactorIdMap]; +} +/** + * The error thrown when the user needs to provide a second factor to sign in successfully. + * + * @remarks + * The error code for this error is `auth/multi-factor-auth-required`. + * + * @example + * ```javascript + * let resolver; + * let multiFactorHints; + * + * signInWithEmailAndPassword(auth, email, password) + * .then((result) => { + * // User signed in. No 2nd factor challenge is needed. + * }) + * .catch((error) => { + * if (error.code == 'auth/multi-factor-auth-required') { + * resolver = getMultiFactorResolver(auth, error); + * multiFactorHints = resolver.hints; + * } else { + * // Handle other errors. + * } + * }); + * + * // Obtain a multiFactorAssertion by verifying the second factor. + * + * const userCredential = await resolver.resolveSignIn(multiFactorAssertion); + * ``` + * + * @public + */ +export interface MultiFactorError extends AuthError { + /** Details about the MultiFactorError. */ + readonly customData: AuthError['customData'] & { + /** + * The type of operation (sign-in, linking, or re-authentication) that raised the error. + */ + readonly operationType: (typeof OperationTypeMap)[keyof typeof OperationTypeMap]; + }; +} +/** + * A structure containing the information of a second factor entity. + * + * @public + */ +export interface MultiFactorInfo { + /** The multi-factor enrollment ID. */ + readonly uid: string; + /** The user friendly name of the current second factor. */ + readonly displayName?: string | null; + /** The enrollment date of the second factor formatted as a UTC string. */ + readonly enrollmentTime: string; + /** The identifier of the second factor. */ + readonly factorId: (typeof FactorIdMap)[keyof typeof FactorIdMap]; +} +/** + * The subclass of the {@link MultiFactorInfo} interface for phone number + * second factors. The `factorId` of this second factor is {@link FactorId}.PHONE. + * @public + */ +export interface PhoneMultiFactorInfo extends MultiFactorInfo { + /** The phone number associated with the current second factor. */ + readonly phoneNumber: string; +} +/** + * The subclass of the {@link MultiFactorInfo} interface for TOTP + * second factors. The `factorId` of this second factor is {@link FactorId}.TOTP. + * @public + */ +export interface TotpMultiFactorInfo extends MultiFactorInfo { +} +/** + * The class used to facilitate recovery from {@link MultiFactorError} when a user needs to + * provide a second factor to sign in. + * + * @example + * ```javascript + * let resolver; + * let multiFactorHints; + * + * signInWithEmailAndPassword(auth, email, password) + * .then((result) => { + * // User signed in. No 2nd factor challenge is needed. + * }) + * .catch((error) => { + * if (error.code == 'auth/multi-factor-auth-required') { + * resolver = getMultiFactorResolver(auth, error); + * // Show UI to let user select second factor. + * multiFactorHints = resolver.hints; + * } else { + * // Handle other errors. + * } + * }); + * + * // The enrolled second factors that can be used to complete + * // sign-in are returned in the `MultiFactorResolver.hints` list. + * // UI needs to be presented to allow the user to select a second factor + * // from that list. + * + * const selectedHint = // ; selected from multiFactorHints + * const phoneAuthProvider = new PhoneAuthProvider(auth); + * const phoneInfoOptions = { + * multiFactorHint: selectedHint, + * session: resolver.session + * }; + * const verificationId = phoneAuthProvider.verifyPhoneNumber(phoneInfoOptions, appVerifier); + * // Store `verificationId` and show UI to let user enter verification code. + * + * // UI to enter verification code and continue. + * // Continue button click handler + * const phoneAuthCredential = PhoneAuthProvider.credential(verificationId, verificationCode); + * const multiFactorAssertion = PhoneMultiFactorGenerator.assertion(phoneAuthCredential); + * const userCredential = await resolver.resolveSignIn(multiFactorAssertion); + * ``` + * + * @public + */ +export interface MultiFactorResolver { + /** + * The list of hints for the second factors needed to complete the sign-in for the current + * session. + */ + readonly hints: MultiFactorInfo[]; + /** + * The session identifier for the current sign-in flow, which can be used to complete the second + * factor sign-in. + */ + readonly session: MultiFactorSession; + /** + * A helper function to help users complete sign in with a second factor using an + * {@link MultiFactorAssertion} confirming the user successfully completed the second factor + * challenge. + * + * @example + * ```javascript + * const phoneAuthCredential = PhoneAuthProvider.credential(verificationId, verificationCode); + * const multiFactorAssertion = PhoneMultiFactorGenerator.assertion(phoneAuthCredential); + * const userCredential = await resolver.resolveSignIn(multiFactorAssertion); + * ``` + * + * @param assertion - The multi-factor assertion to resolve sign-in with. + * @returns The promise that resolves with the user credential object. + */ + resolveSignIn(assertion: MultiFactorAssertion): Promise<UserCredential>; +} +/** + * An interface defining the multi-factor session object used for enrolling a second factor on a + * user or helping sign in an enrolled user with a second factor. + * + * @public + */ +export interface MultiFactorSession { +} +/** + * An interface that defines the multi-factor related properties and operations pertaining + * to a {@link User}. + * + * @public + */ +export interface MultiFactorUser { + /** Returns a list of the user's enrolled second factors. */ + readonly enrolledFactors: MultiFactorInfo[]; + /** + * Returns the session identifier for a second factor enrollment operation. This is used to + * identify the user trying to enroll a second factor. + * + * @example + * ```javascript + * const multiFactorUser = multiFactor(auth.currentUser); + * const multiFactorSession = await multiFactorUser.getSession(); + * + * // Send verification code. + * const phoneAuthProvider = new PhoneAuthProvider(auth); + * const phoneInfoOptions = { + * phoneNumber: phoneNumber, + * session: multiFactorSession + * }; + * const verificationId = await phoneAuthProvider.verifyPhoneNumber(phoneInfoOptions, appVerifier); + * + * // Obtain verification code from user. + * const phoneAuthCredential = PhoneAuthProvider.credential(verificationId, verificationCode); + * const multiFactorAssertion = PhoneMultiFactorGenerator.assertion(phoneAuthCredential); + * await multiFactorUser.enroll(multiFactorAssertion); + * ``` + * + * @returns The promise that resolves with the {@link MultiFactorSession}. + */ + getSession(): Promise<MultiFactorSession>; + /** + * + * Enrolls a second factor as identified by the {@link MultiFactorAssertion} for the + * user. + * + * @remarks + * On resolution, the user tokens are updated to reflect the change in the JWT payload. + * Accepts an additional display name parameter used to identify the second factor to the end + * user. Recent re-authentication is required for this operation to succeed. On successful + * enrollment, existing Firebase sessions (refresh tokens) are revoked. When a new factor is + * enrolled, an email notification is sent to the user’s email. + * + * @example + * ```javascript + * const multiFactorUser = multiFactor(auth.currentUser); + * const multiFactorSession = await multiFactorUser.getSession(); + * + * // Send verification code. + * const phoneAuthProvider = new PhoneAuthProvider(auth); + * const phoneInfoOptions = { + * phoneNumber: phoneNumber, + * session: multiFactorSession + * }; + * const verificationId = await phoneAuthProvider.verifyPhoneNumber(phoneInfoOptions, appVerifier); + * + * // Obtain verification code from user. + * const phoneAuthCredential = PhoneAuthProvider.credential(verificationId, verificationCode); + * const multiFactorAssertion = PhoneMultiFactorGenerator.assertion(phoneAuthCredential); + * await multiFactorUser.enroll(multiFactorAssertion); + * // Second factor enrolled. + * ``` + * + * @param assertion - The multi-factor assertion to enroll with. + * @param displayName - The display name of the second factor. + */ + enroll(assertion: MultiFactorAssertion, displayName?: string | null): Promise<void>; + /** + * Unenrolls the specified second factor. + * + * @remarks + * To specify the factor to remove, pass a {@link MultiFactorInfo} object (retrieved from + * {@link MultiFactorUser.enrolledFactors}) or the + * factor's UID string. Sessions are not revoked when the account is unenrolled. An email + * notification is likely to be sent to the user notifying them of the change. Recent + * re-authentication is required for this operation to succeed. When an existing factor is + * unenrolled, an email notification is sent to the user’s email. + * + * @example + * ```javascript + * const multiFactorUser = multiFactor(auth.currentUser); + * // Present user the option to choose which factor to unenroll. + * await multiFactorUser.unenroll(multiFactorUser.enrolledFactors[i]) + * ``` + * + * @param option - The multi-factor option to unenroll. + * @returns - A `Promise` which resolves when the unenroll operation is complete. + */ + unenroll(option: MultiFactorInfo | string): Promise<void>; +} +/** + * The class for asserting ownership of a phone second factor. Provided by + * {@link PhoneMultiFactorGenerator.assertion}. + * + * @public + */ +export interface PhoneMultiFactorAssertion extends MultiFactorAssertion { +} +/** + * The information required to verify the ownership of a phone number. + * + * @remarks + * The information that's required depends on whether you are doing single-factor sign-in, + * multi-factor enrollment or multi-factor sign-in. + * + * @public + */ +export type PhoneInfoOptions = PhoneSingleFactorInfoOptions | PhoneMultiFactorEnrollInfoOptions | PhoneMultiFactorSignInInfoOptions; +/** + * Options used for single-factor sign-in. + * + * @public + */ +export interface PhoneSingleFactorInfoOptions { + /** Phone number to send a verification code to. */ + phoneNumber: string; +} +/** + * Options used for enrolling a second factor. + * + * @public + */ +export interface PhoneMultiFactorEnrollInfoOptions { + /** Phone number to send a verification code to. */ + phoneNumber: string; + /** The {@link MultiFactorSession} obtained via {@link MultiFactorUser.getSession}. */ + session: MultiFactorSession; +} +/** + * Options used for signing in with a second factor. + * + * @public + */ +export interface PhoneMultiFactorSignInInfoOptions { + /** + * The {@link MultiFactorInfo} obtained via {@link MultiFactorResolver.hints}. + * + * One of `multiFactorHint` or `multiFactorUid` is required. + */ + multiFactorHint?: MultiFactorInfo; + /** + * The uid of the second factor. + * + * One of `multiFactorHint` or `multiFactorUid` is required. + */ + multiFactorUid?: string; + /** The {@link MultiFactorSession} obtained via {@link MultiFactorResolver.session}. */ + session: MultiFactorSession; +} +/** + * Interface for a supplied `AsyncStorage`. + * + * @public + */ +export interface ReactNativeAsyncStorage { + /** + * Persist an item in storage. + * + * @param key - storage key. + * @param value - storage value. + */ + setItem(key: string, value: string): Promise<void>; + /** + * Retrieve an item from storage. + * + * @param key - storage key. + */ + getItem(key: string): Promise<string | null>; + /** + * Remove an item from storage. + * + * @param key - storage key. + */ + removeItem(key: string): Promise<void>; +} +/** + * A user account. + * + * @public + */ +export interface User extends UserInfo { + /** + * Whether the email has been verified with {@link sendEmailVerification} and + * {@link applyActionCode}. + */ + readonly emailVerified: boolean; + /** + * Whether the user is authenticated using the {@link ProviderId}.ANONYMOUS provider. + */ + readonly isAnonymous: boolean; + /** + * Additional metadata around user creation and sign-in times. + */ + readonly metadata: UserMetadata; + /** + * Additional per provider such as displayName and profile information. + */ + readonly providerData: UserInfo[]; + /** + * Refresh token used to reauthenticate the user. Avoid using this directly and prefer + * {@link User.getIdToken} to refresh the ID token instead. + */ + readonly refreshToken: string; + /** + * The user's tenant ID. + * + * @remarks + * This is a read-only property, which indicates the tenant ID + * used to sign in the user. This is null if the user is signed in from the parent + * project. + * + * @example + * ```javascript + * // Set the tenant ID on Auth instance. + * auth.tenantId = 'TENANT_PROJECT_ID'; + * + * // All future sign-in request now include tenant ID. + * const result = await signInWithEmailAndPassword(auth, email, password); + * // result.user.tenantId should be 'TENANT_PROJECT_ID'. + * ``` + */ + readonly tenantId: string | null; + /** + * Deletes and signs out the user. + * + * @remarks + * Important: this is a security-sensitive operation that requires the user to have recently + * signed in. If this requirement isn't met, ask the user to authenticate again and then call + * one of the reauthentication methods like {@link reauthenticateWithCredential}. + * + * This method is not supported on any {@link User} signed in by {@link Auth} instances + * created with a {@link @firebase/app#FirebaseServerApp}. + */ + delete(): Promise<void>; + /** + * Returns a JSON Web Token (JWT) used to identify the user to a Firebase service. + * + * @remarks + * Returns the current token if it has not expired or if it will not expire in the next five + * minutes. Otherwise, this will refresh the token and return a new one. + * + * @param forceRefresh - Force refresh regardless of token expiration. + */ + getIdToken(forceRefresh?: boolean): Promise<string>; + /** + * Returns a deserialized JSON Web Token (JWT) used to identify the user to a Firebase service. + * + * @remarks + * Returns the current token if it has not expired or if it will not expire in the next five + * minutes. Otherwise, this will refresh the token and return a new one. + * + * @param forceRefresh - Force refresh regardless of token expiration. + */ + getIdTokenResult(forceRefresh?: boolean): Promise<IdTokenResult>; + /** + * Refreshes the user, if signed in. + */ + reload(): Promise<void>; + /** + * Returns a JSON-serializable representation of this object. + * + * @returns A JSON-serializable representation of this object. + */ + toJSON(): object; +} +/** + * A structure containing a {@link User}, the {@link OperationType}, and the provider ID. + * + * @remarks + * `operationType` could be {@link OperationType}.SIGN_IN for a sign-in operation, + * {@link OperationType}.LINK for a linking operation and {@link OperationType}.REAUTHENTICATE for + * a reauthentication operation. + * + * @public + */ +export interface UserCredential { + /** + * The user authenticated by this credential. + */ + user: User; + /** + * The provider which was used to authenticate the user. + */ + providerId: string | null; + /** + * The type of operation which was used to authenticate the user (such as sign-in or link). + */ + operationType: (typeof OperationTypeMap)[keyof typeof OperationTypeMap]; +} +/** + * User profile information, visible only to the Firebase project's apps. + * + * @public + */ +export interface UserInfo { + /** + * The display name of the user. + */ + readonly displayName: string | null; + /** + * The email of the user. + */ + readonly email: string | null; + /** + * The phone number normalized based on the E.164 standard (e.g. +16505550101) for the + * user. + * + * @remarks + * This is null if the user has no phone credential linked to the account. + */ + readonly phoneNumber: string | null; + /** + * The profile photo URL of the user. + */ + readonly photoURL: string | null; + /** + * The provider used to authenticate the user. + */ + readonly providerId: string; + /** + * The user's unique ID, scoped to the project. + */ + readonly uid: string; +} +/** + * Interface representing a user's metadata. + * + * @public + */ +export interface UserMetadata { + /** Time the user was created. */ + readonly creationTime?: string; + /** Time the user last signed in. */ + readonly lastSignInTime?: string; +} +/** + * A structure containing additional user information from a federated identity provider. + * + * @public + */ +export interface AdditionalUserInfo { + /** + * Whether the user is new (created via sign-up) or existing (authenticated using sign-in). + */ + readonly isNewUser: boolean; + /** + * Map containing IDP-specific user data. + */ + readonly profile: Record<string, unknown> | null; + /** + * Identifier for the provider used to authenticate this user. + */ + readonly providerId: string | null; + /** + * The username if the provider is GitHub or Twitter. + */ + readonly username?: string | null; +} +/** + * User profile used in {@link AdditionalUserInfo}. + * + * @public + */ +export type UserProfile = Record<string, unknown>; +/** + * A resolver used for handling DOM specific operations like {@link signInWithPopup} + * or {@link signInWithRedirect}. + * + * @public + */ +export interface PopupRedirectResolver { +} +declare module '@firebase/component' { + interface NameServiceMapping { + 'auth': Auth; + } +} +/** + * Configuration of Firebase Authentication Emulator. + * @public + */ +export interface EmulatorConfig { + /** + * The protocol used to communicate with the emulator ("http"/"https"). + */ + readonly protocol: string; + /** + * The hostname of the emulator, which may be a domain ("localhost"), IPv4 address ("127.0.0.1") + * or quoted IPv6 address ("[::1]"). + */ + readonly host: string; + /** + * The port of the emulator, or null if port isn't specified (i.e. protocol default). + */ + readonly port: number | null; + /** + * The emulator-specific options. + */ + readonly options: { + /** + * Whether the warning banner attached to the DOM was disabled. + */ + readonly disableWarnings: boolean; + }; +} +/** + * A mapping of error codes to error messages. + * + * @remarks + * + * While error messages are useful for debugging (providing verbose textual + * context around what went wrong), these strings take up a lot of space in the + * compiled code. When deploying code in production, using {@link prodErrorMap} + * will save you roughly 10k compressed/gzipped over {@link debugErrorMap}. You + * can select the error map during initialization: + * + * ```javascript + * initializeAuth(app, {errorMap: debugErrorMap}) + * ``` + * + * When initializing Auth, {@link prodErrorMap} is default. + * + * @public + */ +export interface AuthErrorMap { +} +/** + * The dependencies that can be used to initialize an {@link Auth} instance. + * + * @remarks + * + * The modular SDK enables tree shaking by allowing explicit declarations of + * dependencies. For example, a web app does not need to include code that + * enables Cordova redirect sign in. That functionality is therefore split into + * {@link browserPopupRedirectResolver} and + * {@link cordovaPopupRedirectResolver}. The dependencies object is how Auth is + * configured to reduce bundle sizes. + * + * There are two ways to initialize an {@link Auth} instance: {@link getAuth} and + * {@link initializeAuth}. `getAuth` initializes everything using + * platform-specific configurations, while `initializeAuth` takes a + * `Dependencies` object directly, giving you more control over what is used. + * + * @public + */ +export interface Dependencies { + /** + * Which {@link Persistence} to use. If this is an array, the first + * `Persistence` that the device supports is used. The SDK searches for an + * existing account in order and, if one is found in a secondary + * `Persistence`, the account is moved to the primary `Persistence`. + * + * If no persistence is provided, the SDK falls back on + * {@link inMemoryPersistence}. + */ + persistence?: Persistence | Persistence[]; + /** + * The {@link PopupRedirectResolver} to use. This value depends on the + * platform. Options are {@link browserPopupRedirectResolver} and + * {@link cordovaPopupRedirectResolver}. This field is optional if neither + * {@link signInWithPopup} or {@link signInWithRedirect} are being used. + */ + popupRedirectResolver?: PopupRedirectResolver; + /** + * Which {@link AuthErrorMap} to use. + */ + errorMap?: AuthErrorMap; +} +/** + * The class for asserting ownership of a TOTP second factor. Provided by + * {@link TotpMultiFactorGenerator.assertionForEnrollment} and + * {@link TotpMultiFactorGenerator.assertionForSignIn}. + * + * @public + */ +export interface TotpMultiFactorAssertion extends MultiFactorAssertion { +} +/** + * A structure specifying password policy requirements. + * + * @public + */ +export interface PasswordPolicy { + /** + * Requirements enforced by this password policy. + */ + readonly customStrengthOptions: { + /** + * Minimum password length, or undefined if not configured. + */ + readonly minPasswordLength?: number; + /** + * Maximum password length, or undefined if not configured. + */ + readonly maxPasswordLength?: number; + /** + * Whether the password should contain a lowercase letter, or undefined if not configured. + */ + readonly containsLowercaseLetter?: boolean; + /** + * Whether the password should contain an uppercase letter, or undefined if not configured. + */ + readonly containsUppercaseLetter?: boolean; + /** + * Whether the password should contain a numeric character, or undefined if not configured. + */ + readonly containsNumericCharacter?: boolean; + /** + * Whether the password should contain a non-alphanumeric character, or undefined if not configured. + */ + readonly containsNonAlphanumericCharacter?: boolean; + }; + /** + * List of characters that are considered non-alphanumeric during validation. + */ + readonly allowedNonAlphanumericCharacters: string; + /** + * The enforcement state of the policy. Can be 'OFF' or 'ENFORCE'. + */ + readonly enforcementState: string; + /** + * Whether existing passwords must meet the policy. + */ + readonly forceUpgradeOnSignin: boolean; +} +/** + * A structure indicating which password policy requirements were met or violated and what the + * requirements are. + * + * @public + */ +export interface PasswordValidationStatus { + /** + * Whether the password meets all requirements. + */ + readonly isValid: boolean; + /** + * Whether the password meets the minimum password length, or undefined if not required. + */ + readonly meetsMinPasswordLength?: boolean; + /** + * Whether the password meets the maximum password length, or undefined if not required. + */ + readonly meetsMaxPasswordLength?: boolean; + /** + * Whether the password contains a lowercase letter, or undefined if not required. + */ + readonly containsLowercaseLetter?: boolean; + /** + * Whether the password contains an uppercase letter, or undefined if not required. + */ + readonly containsUppercaseLetter?: boolean; + /** + * Whether the password contains a numeric character, or undefined if not required. + */ + readonly containsNumericCharacter?: boolean; + /** + * Whether the password contains a non-alphanumeric character, or undefined if not required. + */ + readonly containsNonAlphanumericCharacter?: boolean; + /** + * The policy used to validate the password. + */ + readonly passwordPolicy: PasswordPolicy; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/model/user.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/model/user.d.ts new file mode 100644 index 0000000..7e40566 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/model/user.d.ts @@ -0,0 +1,83 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { IdTokenResult, User, UserCredential, UserInfo } from './public_types'; +import { NextFn } from '@firebase/util'; +import { APIUserInfo } from '../api/account_management/account'; +import { FinalizeMfaResponse } from '../api/authentication/mfa'; +import { PersistedBlob } from '../core/persistence'; +import { StsTokenManager } from '../core/user/token_manager'; +import { UserMetadata } from '../core/user/user_metadata'; +import { AuthInternal } from './auth'; +import { IdTokenResponse, TaggedWithTokenResponse } from './id_token'; +import { ProviderId } from './enums'; +export type MutableUserInfo = { + -readonly [K in keyof UserInfo]: UserInfo[K]; +}; +export interface UserParameters { + uid: string; + auth: AuthInternal; + stsTokenManager: StsTokenManager; + displayName?: string | null; + email?: string | null; + phoneNumber?: string | null; + photoURL?: string | null; + isAnonymous?: boolean | null; + emailVerified?: boolean | null; + tenantId?: string | null; + providerData?: MutableUserInfo[] | null; + createdAt?: string | null; + lastLoginAt?: string | null; +} +/** + * UserInternal and AuthInternal reference each other, so both of them are included in the public typings. + * In order to exclude them, we mark them as internal explicitly. + * + * @internal + */ +export interface UserInternal extends User { + displayName: string | null; + email: string | null; + phoneNumber: string | null; + photoURL: string | null; + auth: AuthInternal; + providerId: ProviderId.FIREBASE; + refreshToken: string; + emailVerified: boolean; + tenantId: string | null; + providerData: MutableUserInfo[]; + metadata: UserMetadata; + stsTokenManager: StsTokenManager; + _redirectEventId?: string; + _updateTokensIfNecessary(response: IdTokenResponse | FinalizeMfaResponse, reload?: boolean): Promise<void>; + _assign(user: UserInternal): void; + _clone(auth: AuthInternal): UserInternal; + _onReload: (cb: NextFn<APIUserInfo>) => void; + _notifyReloadListener: NextFn<APIUserInfo>; + _startProactiveRefresh: () => void; + _stopProactiveRefresh: () => void; + getIdToken(forceRefresh?: boolean): Promise<string>; + getIdTokenResult(forceRefresh?: boolean): Promise<IdTokenResult>; + reload(): Promise<void>; + delete(): Promise<void>; + toJSON(): PersistedBlob; +} +/** + * @internal + */ +export interface UserCredentialInternal extends UserCredential, TaggedWithTokenResponse { + user: UserInternal; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/auth_window.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/auth_window.d.ts new file mode 100644 index 0000000..b3087c7 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/auth_window.d.ts @@ -0,0 +1,37 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Recaptcha, GreCAPTCHATopLevel } from './recaptcha/recaptcha'; +/** + * A specialized window type that melds the normal window type plus the + * various bits we need. The three different blocks that are &'d together + * cant be defined in the same block together. + */ +export type AuthWindow = { + [T in keyof Window]: Window[T]; +} & { + grecaptcha?: Recaptcha | GreCAPTCHATopLevel; + ___jsl?: Record<string, any>; + gapi?: typeof gapi; +} & { + [callback: string]: (...args: unknown[]) => void; +}; +/** + * Lazy accessor for window, since the compat layer won't tree shake this out, + * we need to make sure not to mess with window unless we have to + */ +export declare function _window(): AuthWindow; +export declare function _setWindowLocation(url: string): void; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/iframe/gapi.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/iframe/gapi.d.ts new file mode 100644 index 0000000..c2a65cd --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/iframe/gapi.d.ts @@ -0,0 +1,19 @@ +/** + * @license + * Copyright 2020 Google LLC. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthInternal } from '../../model/auth'; +export declare function _loadGapi(auth: AuthInternal): Promise<gapi.iframes.Context>; +export declare function _resetLoader(): void; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/iframe/gapi.iframes.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/iframe/gapi.iframes.d.ts new file mode 100644 index 0000000..9b5f24b --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/iframe/gapi.iframes.d.ts @@ -0,0 +1,47 @@ +/** + * @license + * Copyright 2020 Google LLC. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +declare namespace gapi { + type LoadCallback = () => void; + interface LoadConfig { + } + interface LoadOptions { + callback?: LoadCallback; + timeout?: number; + ontimeout?: LoadCallback; + } + function load(features: 'gapi.iframes', options?: LoadOptions | LoadCallback): void; +} +declare namespace gapi.iframes { + interface Message { + type: string; + } + type IframesFilter = (iframe: Iframe) => boolean; + type MessageHandler<T extends Message> = (message: T) => unknown | Promise<void>; + type SendCallback = () => void; + type Callback = (iframe: Iframe) => void; + class Context { + open(options: Record<string, unknown>, callback?: Callback): Promise<Iframe>; + } + class Iframe { + register<T extends Message>(message: string, handler: MessageHandler<T>, filter?: IframesFilter): void; + send<T extends Message, U extends Message>(type: string, data: T, callback?: MessageHandler<U>, filter?: IframesFilter): void; + ping(callback: SendCallback, data?: unknown): Promise<unknown[]>; + restyle(style: Record<string, string | boolean>, callback?: SendCallback): Promise<unknown[]>; + } + const CROSS_ORIGIN_IFRAMES_FILTER: IframesFilter; + function getContext(): Context; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/iframe/iframe.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/iframe/iframe.d.ts new file mode 100644 index 0000000..781c92f --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/iframe/iframe.d.ts @@ -0,0 +1,18 @@ +/** + * @license + * Copyright 2020 Google LLC. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthInternal } from '../../model/auth'; +export declare function _openIframe(auth: AuthInternal): Promise<gapi.iframes.Iframe>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/index.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/index.d.ts new file mode 100644 index 0000000..ebd5cb8 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/index.d.ts @@ -0,0 +1,27 @@ +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { FirebaseApp } from '@firebase/app'; +import { Auth } from '../model/public_types'; +/** + * Returns the Auth instance associated with the provided {@link @firebase/app#FirebaseApp}. + * If no instance exists, initializes an Auth instance with platform-specific default dependencies. + * + * @param app - The Firebase App. + * + * @public + */ +export declare function getAuth(app?: FirebaseApp): Auth; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/load_js.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/load_js.d.ts new file mode 100644 index 0000000..861517a --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/load_js.d.ts @@ -0,0 +1,29 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +interface ExternalJSProvider { + loadJS(url: string): Promise<Event>; + recaptchaV2Script: string; + recaptchaEnterpriseScript: string; + gapiScript: string; +} +export declare function _setExternalJSProvider(p: ExternalJSProvider): void; +export declare function _loadJS(url: string): Promise<Event>; +export declare function _recaptchaV2ScriptUrl(): string; +export declare function _recaptchaEnterpriseScriptUrl(): string; +export declare function _gapiScriptUrl(): string; +export declare function _generateCallbackName(prefix: string): string; +export {}; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/messagechannel/index.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/messagechannel/index.d.ts new file mode 100644 index 0000000..78beb52 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/messagechannel/index.d.ts @@ -0,0 +1,87 @@ +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { PromiseSettledResult } from './promise'; +export declare const enum _TimeoutDuration { + ACK = 50, + COMPLETION = 3000, + LONG_ACK = 800 +} +/** + * Enumeration of possible response types from the Receiver. + */ +export declare const enum _Status { + ACK = "ack", + DONE = "done" +} +export declare const enum _MessageError { + CONNECTION_CLOSED = "connection_closed", + CONNECTION_UNAVAILABLE = "connection_unavailable", + INVALID_RESPONSE = "invalid_response", + TIMEOUT = "timeout", + UNKNOWN = "unknown_error", + UNSUPPORTED_EVENT = "unsupported_event" +} +/** + * Enumeration of possible events sent by the Sender. + */ +export declare const enum _EventType { + KEY_CHANGED = "keyChanged", + PING = "ping" +} +/** + * Response to a {@link EventType.KEY_CHANGED} event. + */ +export interface KeyChangedResponse { + keyProcessed: boolean; +} +/** + * Response to a {@link EventType.PING} event. + */ +export type _PingResponse = _EventType[]; +export type _ReceiverResponse = KeyChangedResponse | _PingResponse; +interface MessageEvent { + eventType: _EventType; + eventId: string; +} +/** + * Request for a {@link EventType.KEY_CHANGED} event. + */ +export interface KeyChangedRequest { + key: string; +} +/** + * Request for a {@link EventType.PING} event. + */ +export interface PingRequest { +} +/** Data sent by Sender */ +export type _SenderRequest = KeyChangedRequest | PingRequest; +/** Receiver handler to process events sent by the Sender */ +export interface ReceiverHandler<T extends _ReceiverResponse, S extends _SenderRequest> { + (origin: string, data: S): T | Promise<T>; +} +/** Full message sent by Sender */ +export interface SenderMessageEvent<T extends _SenderRequest> extends MessageEvent { + data: T; +} +export type _ReceiverMessageResponse<T extends _ReceiverResponse> = Array<PromiseSettledResult<T>> | null; +/** Full message sent by Receiver */ +export interface ReceiverMessageEvent<T extends _ReceiverResponse> extends MessageEvent { + status: _Status; + response: _ReceiverMessageResponse<T>; +} +export {}; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/messagechannel/promise.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/messagechannel/promise.d.ts new file mode 100644 index 0000000..d57013b --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/messagechannel/promise.d.ts @@ -0,0 +1,33 @@ +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** TODO: remove this once tslib has a polyfill for Promise.allSettled */ +interface PromiseFulfilledResult<T> { + fulfilled: true; + value: T; +} +interface PromiseRejectedResult { + fulfilled: false; + reason: any; +} +export type PromiseSettledResult<T> = PromiseFulfilledResult<T> | PromiseRejectedResult; +/** + * Shim for Promise.allSettled, note the slightly different format of `fulfilled` vs `status`. + * + * @param promises - Array of promises to wait on. + */ +export declare function _allSettled<T>(promises: Array<Promise<T>>): Promise<Array<PromiseSettledResult<T>>>; +export {}; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/messagechannel/receiver.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/messagechannel/receiver.d.ts new file mode 100644 index 0000000..394de7b --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/messagechannel/receiver.d.ts @@ -0,0 +1,63 @@ +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { ReceiverHandler, _EventType, _ReceiverResponse, _SenderRequest } from './index'; +/** + * Interface class for receiving messages. + * + */ +export declare class Receiver { + private readonly eventTarget; + private static readonly receivers; + private readonly boundEventHandler; + private readonly handlersMap; + constructor(eventTarget: EventTarget); + /** + * Obtain an instance of a Receiver for a given event target, if none exists it will be created. + * + * @param eventTarget - An event target (such as window or self) through which the underlying + * messages will be received. + */ + static _getInstance(eventTarget: EventTarget): Receiver; + private isListeningto; + /** + * Fans out a MessageEvent to the appropriate listeners. + * + * @remarks + * Sends an {@link Status.ACK} upon receipt and a {@link Status.DONE} once all handlers have + * finished processing. + * + * @param event - The MessageEvent. + * + */ + private handleEvent; + /** + * Subscribe an event handler for a particular event. + * + * @param eventType - Event name to subscribe to. + * @param eventHandler - The event handler which should receive the events. + * + */ + _subscribe<T extends _ReceiverResponse, S extends _SenderRequest>(eventType: _EventType, eventHandler: ReceiverHandler<T, S>): void; + /** + * Unsubscribe an event handler from a particular event. + * + * @param eventType - Event name to unsubscribe from. + * @param eventHandler - Optional event handler, if none provided, unsubscribe all handlers on this event. + * + */ + _unsubscribe<T extends _ReceiverResponse, S extends _SenderRequest>(eventType: _EventType, eventHandler?: ReceiverHandler<T, S>): void; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/messagechannel/sender.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/messagechannel/sender.d.ts new file mode 100644 index 0000000..a1121b6 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/messagechannel/sender.d.ts @@ -0,0 +1,46 @@ +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { _SenderRequest, _EventType, _ReceiverMessageResponse, _ReceiverResponse, _TimeoutDuration } from './index'; +/** + * Interface for sending messages and waiting for a completion response. + * + */ +export declare class Sender { + private readonly target; + private readonly handlers; + constructor(target: ServiceWorker); + /** + * Unsubscribe the handler and remove it from our tracking Set. + * + * @param handler - The handler to unsubscribe. + */ + private removeMessageHandler; + /** + * Send a message to the Receiver located at {@link target}. + * + * @remarks + * We'll first wait a bit for an ACK , if we get one we will wait significantly longer until the + * receiver has had a chance to fully process the event. + * + * @param eventType - Type of event to send. + * @param data - The payload of the event. + * @param timeout - Timeout for waiting on an ACK from the receiver. + * + * @returns An array of settled promises from all the handlers that were listening on the receiver. + */ + _send<T extends _ReceiverResponse, S extends _SenderRequest>(eventType: _EventType, data: S, timeout?: _TimeoutDuration): Promise<_ReceiverMessageResponse<T>>; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/mfa/assertions/phone.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/mfa/assertions/phone.d.ts new file mode 100644 index 0000000..dc0292d --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/mfa/assertions/phone.d.ts @@ -0,0 +1,59 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { PhoneMultiFactorAssertion } from '../../../model/public_types'; +import { MultiFactorAssertionImpl } from '../../../mfa/mfa_assertion'; +import { AuthInternal } from '../../../model/auth'; +import { PhoneAuthCredential } from '../../../core/credentials/phone'; +import { FinalizeMfaResponse } from '../../../api/authentication/mfa'; +/** + * {@inheritdoc PhoneMultiFactorAssertion} + * + * @public + */ +export declare class PhoneMultiFactorAssertionImpl extends MultiFactorAssertionImpl implements PhoneMultiFactorAssertion { + private readonly credential; + private constructor(); + /** @internal */ + static _fromCredential(credential: PhoneAuthCredential): PhoneMultiFactorAssertionImpl; + /** @internal */ + _finalizeEnroll(auth: AuthInternal, idToken: string, displayName?: string | null): Promise<FinalizeMfaResponse>; + /** @internal */ + _finalizeSignIn(auth: AuthInternal, mfaPendingCredential: string): Promise<FinalizeMfaResponse>; +} +/** + * Provider for generating a {@link PhoneMultiFactorAssertion}. + * + * @public + */ +export declare class PhoneMultiFactorGenerator { + private constructor(); + /** + * Provides a {@link PhoneMultiFactorAssertion} to confirm ownership of the phone second factor. + * + * @remarks + * This method does not work in a Node.js environment. + * + * @param phoneAuthCredential - A credential provided by {@link PhoneAuthProvider.credential}. + * @returns A {@link PhoneMultiFactorAssertion} which can be used with + * {@link MultiFactorResolver.resolveSignIn} + */ + static assertion(credential: PhoneAuthCredential): PhoneMultiFactorAssertion; + /** + * The identifier of the phone second factor: `phone`. + */ + static FACTOR_ID: string; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/persistence/browser.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/persistence/browser.d.ts new file mode 100644 index 0000000..5635d97 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/persistence/browser.d.ts @@ -0,0 +1,27 @@ +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { PersistenceValue, PersistenceType } from '../../core/persistence'; +export declare abstract class BrowserPersistenceClass { + protected readonly storageRetriever: () => Storage; + readonly type: PersistenceType; + protected constructor(storageRetriever: () => Storage, type: PersistenceType); + _isAvailable(): Promise<boolean>; + _set(key: string, value: PersistenceValue): Promise<void>; + _get<T extends PersistenceValue>(key: string): Promise<T | null>; + _remove(key: string): Promise<void>; + protected get storage(): Storage; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/persistence/cookie_storage.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/persistence/cookie_storage.d.ts new file mode 100644 index 0000000..f30bcef --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/persistence/cookie_storage.d.ts @@ -0,0 +1,40 @@ +/** + * @license + * Copyright 2025 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Persistence } from '../../model/public_types'; +import { PersistenceInternal, PersistenceType, PersistenceValue, StorageEventListener } from '../../core/persistence'; +export declare class CookiePersistence implements PersistenceInternal { + static type: 'COOKIE'; + readonly type = PersistenceType.COOKIE; + listenerUnsubscribes: Map<StorageEventListener, () => void>; + _getFinalTarget(originalUrl: string): URL | string; + _isAvailable(): Promise<boolean>; + _set(_key: string, _value: PersistenceValue): Promise<void>; + _get<T extends PersistenceValue>(key: string): Promise<T | null>; + _remove(key: string): Promise<void>; + _addListener(key: string, listener: StorageEventListener): void; + _removeListener(_key: string, listener: StorageEventListener): void; +} +/** + * An implementation of {@link Persistence} of type `COOKIE`, for use on the client side in + * applications leveraging hybrid rendering and middleware. + * + * @remarks This persistence method requires companion middleware to function, such as that provided + * by {@link https://firebaseopensource.com/projects/firebaseextended/reactfire/ | ReactFire} for + * NextJS. + * @beta + */ +export declare const browserCookiePersistence: Persistence; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/persistence/indexed_db.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/persistence/indexed_db.d.ts new file mode 100644 index 0000000..23c1604 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/persistence/indexed_db.d.ts @@ -0,0 +1,33 @@ +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Persistence } from '../../model/public_types'; +import { PersistenceValue } from '../../core/persistence/'; +export declare const DB_NAME = "firebaseLocalStorageDb"; +export declare function _clearDatabase(db: IDBDatabase): Promise<void>; +export declare function _deleteDatabase(): Promise<void>; +export declare function _openDatabase(): Promise<IDBDatabase>; +export declare function _putObject(db: IDBDatabase, key: string, value: PersistenceValue | string): Promise<void>; +export declare function _deleteObject(db: IDBDatabase, key: string): Promise<void>; +export declare const _POLLING_INTERVAL_MS = 800; +export declare const _TRANSACTION_RETRY_COUNT = 3; +/** + * An implementation of {@link Persistence} of type `LOCAL` using `indexedDB` + * for the underlying storage. + * + * @public + */ +export declare const indexedDBLocalPersistence: Persistence; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/persistence/local_storage.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/persistence/local_storage.d.ts new file mode 100644 index 0000000..34d8d64 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/persistence/local_storage.d.ts @@ -0,0 +1,25 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Persistence } from '../../model/public_types'; +export declare const _POLLING_INTERVAL_MS = 1000; +/** + * An implementation of {@link Persistence} of type `LOCAL` using `localStorage` + * for the underlying storage. + * + * @public + */ +export declare const browserLocalPersistence: Persistence; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/persistence/session_storage.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/persistence/session_storage.d.ts new file mode 100644 index 0000000..117c558 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/persistence/session_storage.d.ts @@ -0,0 +1,24 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Persistence } from '../../model/public_types'; +/** + * An implementation of {@link Persistence} of `SESSION` using `sessionStorage` + * for the underlying storage. + * + * @public + */ +export declare const browserSessionPersistence: Persistence; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/popup_redirect.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/popup_redirect.d.ts new file mode 100644 index 0000000..61b8ca7 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/popup_redirect.d.ts @@ -0,0 +1,27 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { PopupRedirectResolver } from '../model/public_types'; +/** + * An implementation of {@link PopupRedirectResolver} suitable for browser + * based applications. + * + * @remarks + * This method does not work in a Node.js environment. + * + * @public + */ +export declare const browserPopupRedirectResolver: PopupRedirectResolver; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/providers/phone.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/providers/phone.d.ts new file mode 100644 index 0000000..6c1d728 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/providers/phone.d.ts @@ -0,0 +1,154 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth, PhoneInfoOptions, ApplicationVerifier, UserCredential } from '../../model/public_types'; +import { PhoneAuthCredential } from '../../core/credentials/phone'; +import { AuthCredential } from '../../core'; +import { FirebaseError } from '@firebase/util'; +/** + * Provider for generating an {@link PhoneAuthCredential}. + * + * @remarks + * `PhoneAuthProvider` does not work in a Node.js environment. + * + * @example + * ```javascript + * // 'recaptcha-container' is the ID of an element in the DOM. + * const applicationVerifier = new RecaptchaVerifier('recaptcha-container'); + * const provider = new PhoneAuthProvider(auth); + * const verificationId = await provider.verifyPhoneNumber('+16505550101', applicationVerifier); + * // Obtain the verificationCode from the user. + * const phoneCredential = PhoneAuthProvider.credential(verificationId, verificationCode); + * const userCredential = await signInWithCredential(auth, phoneCredential); + * ``` + * + * @public + */ +export declare class PhoneAuthProvider { + /** Always set to {@link ProviderId}.PHONE. */ + static readonly PROVIDER_ID: 'phone'; + /** Always set to {@link SignInMethod}.PHONE. */ + static readonly PHONE_SIGN_IN_METHOD: 'phone'; + /** Always set to {@link ProviderId}.PHONE. */ + readonly providerId: "phone"; + private readonly auth; + /** + * @param auth - The Firebase {@link Auth} instance in which sign-ins should occur. + * + */ + constructor(auth: Auth); + /** + * + * Starts a phone number authentication flow by sending a verification code to the given phone + * number. + * + * @example + * ```javascript + * const provider = new PhoneAuthProvider(auth); + * const verificationId = await provider.verifyPhoneNumber(phoneNumber, applicationVerifier); + * // Obtain verificationCode from the user. + * const authCredential = PhoneAuthProvider.credential(verificationId, verificationCode); + * const userCredential = await signInWithCredential(auth, authCredential); + * ``` + * + * @example + * An alternative flow is provided using the `signInWithPhoneNumber` method. + * ```javascript + * const confirmationResult = signInWithPhoneNumber(auth, phoneNumber, applicationVerifier); + * // Obtain verificationCode from the user. + * const userCredential = confirmationResult.confirm(verificationCode); + * ``` + * + * @param phoneInfoOptions - The user's {@link PhoneInfoOptions}. The phone number should be in + * E.164 format (e.g. +16505550101). + * @param applicationVerifier - An {@link ApplicationVerifier}, which prevents + * requests from unauthorized clients. This SDK includes an implementation + * based on reCAPTCHA v2, {@link RecaptchaVerifier}. If you've enabled + * reCAPTCHA Enterprise bot protection in Enforce mode, this parameter is + * optional; in all other configurations, the parameter is required. + * + * @returns A Promise for a verification ID that can be passed to + * {@link PhoneAuthProvider.credential} to identify this flow. + */ + verifyPhoneNumber(phoneOptions: PhoneInfoOptions | string, applicationVerifier?: ApplicationVerifier): Promise<string>; + /** + * Creates a phone auth credential, given the verification ID from + * {@link PhoneAuthProvider.verifyPhoneNumber} and the code that was sent to the user's + * mobile device. + * + * @example + * ```javascript + * const provider = new PhoneAuthProvider(auth); + * const verificationId = provider.verifyPhoneNumber(phoneNumber, applicationVerifier); + * // Obtain verificationCode from the user. + * const authCredential = PhoneAuthProvider.credential(verificationId, verificationCode); + * const userCredential = signInWithCredential(auth, authCredential); + * ``` + * + * @example + * An alternative flow is provided using the `signInWithPhoneNumber` method. + * ```javascript + * const confirmationResult = await signInWithPhoneNumber(auth, phoneNumber, applicationVerifier); + * // Obtain verificationCode from the user. + * const userCredential = await confirmationResult.confirm(verificationCode); + * ``` + * + * @param verificationId - The verification ID returned from {@link PhoneAuthProvider.verifyPhoneNumber}. + * @param verificationCode - The verification code sent to the user's mobile device. + * + * @returns The auth provider credential. + */ + static credential(verificationId: string, verificationCode: string): PhoneAuthCredential; + /** + * Generates an {@link AuthCredential} from a {@link UserCredential}. + * @param userCredential - The user credential. + */ + static credentialFromResult(userCredential: UserCredential): AuthCredential | null; + /** + * Returns an {@link AuthCredential} when passed an error. + * + * @remarks + * + * This method works for errors like + * `auth/account-exists-with-different-credentials`. This is useful for + * recovering when attempting to set a user's phone number but the number + * in question is already tied to another account. For example, the following + * code tries to update the current user's phone number, and if that + * fails, links the user with the account associated with that number: + * + * ```js + * const provider = new PhoneAuthProvider(auth); + * const verificationId = await provider.verifyPhoneNumber(number, verifier); + * try { + * const code = ''; // Prompt the user for the verification code + * await updatePhoneNumber( + * auth.currentUser, + * PhoneAuthProvider.credential(verificationId, code)); + * } catch (e) { + * if ((e as FirebaseError)?.code === 'auth/account-exists-with-different-credential') { + * const cred = PhoneAuthProvider.credentialFromError(e); + * await linkWithCredential(auth.currentUser, cred); + * } + * } + * + * // At this point, auth.currentUser.phoneNumber === number. + * ``` + * + * @param error - The error to generate a credential from. + */ + static credentialFromError(error: FirebaseError): AuthCredential | null; + private static credentialFromTaggedObject; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/recaptcha/recaptcha.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/recaptcha/recaptcha.d.ts new file mode 100644 index 0000000..e47806b --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/recaptcha/recaptcha.d.ts @@ -0,0 +1,78 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { RecaptchaParameters } from '../../model/public_types'; +import { GetRecaptchaConfigResponse, RecaptchaEnforcementProviderState } from '../../api/authentication/recaptcha'; +import { EnforcementState } from '../../api/index'; +export interface Recaptcha { + render: (container: HTMLElement, parameters: RecaptchaParameters) => number; + getResponse: (id: number) => string; + execute: (id: number) => unknown; + reset: (id: number) => unknown; +} +export declare function isV2(grecaptcha: Recaptcha | GreCAPTCHA | undefined): grecaptcha is Recaptcha; +export interface GreCAPTCHATopLevel extends GreCAPTCHA { + enterprise: GreCAPTCHA; +} +export interface GreCAPTCHA { + ready: (callback: () => void) => void; + execute: (siteKey: string, options: { + action: string; + }) => Promise<string>; + render: (container: string | HTMLElement, parameters: GreCAPTCHARenderOption) => string; +} +export interface GreCAPTCHARenderOption { + sitekey: string; + size: 'invisible'; +} +export declare function isEnterprise(grecaptcha: Recaptcha | GreCAPTCHA | undefined): grecaptcha is GreCAPTCHATopLevel; +declare global { + interface Window { + grecaptcha?: Recaptcha | GreCAPTCHATopLevel; + } +} +export declare class RecaptchaConfig { + /** + * The reCAPTCHA site key. + */ + siteKey: string; + /** + * The list of providers and their enablement status for reCAPTCHA Enterprise. + */ + recaptchaEnforcementState: RecaptchaEnforcementProviderState[]; + constructor(response: GetRecaptchaConfigResponse); + /** + * Returns the reCAPTCHA Enterprise enforcement state for the given provider. + * + * @param providerStr - The provider whose enforcement state is to be returned. + * @returns The reCAPTCHA Enterprise enforcement state for the given provider. + */ + getProviderEnforcementState(providerStr: string): EnforcementState | null; + /** + * Returns true if the reCAPTCHA Enterprise enforcement state for the provider is set to ENFORCE or AUDIT. + * + * @param providerStr - The provider whose enablement state is to be returned. + * @returns Whether or not reCAPTCHA Enterprise protection is enabled for the given provider. + */ + isProviderEnabled(providerStr: string): boolean; + /** + * Returns true if reCAPTCHA Enterprise protection is enabled in at least one provider, otherwise + * returns false. + * + * @returns Whether or not reCAPTCHA Enterprise protection is enabled for at least one provider. + */ + isAnyProviderEnabled(): boolean; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts new file mode 100644 index 0000000..adead53 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/recaptcha/recaptcha_enterprise_verifier.d.ts @@ -0,0 +1,45 @@ +/** + * @license + * Copyright 2022 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { RecaptchaActionName, RecaptchaAuthProvider } from '../../api'; +import { Auth } from '../../model/public_types'; +import { AuthInternal } from '../../model/auth'; +export declare const RECAPTCHA_ENTERPRISE_VERIFIER_TYPE = "recaptcha-enterprise"; +export declare const FAKE_TOKEN = "NO_RECAPTCHA"; +export declare class RecaptchaEnterpriseVerifier { + /** + * Identifies the type of application verifier (e.g. "recaptcha-enterprise"). + */ + readonly type = "recaptcha-enterprise"; + private readonly auth; + /** + * + * @param authExtern - The corresponding Firebase {@link Auth} instance. + * + */ + constructor(authExtern: Auth); + /** + * Executes the verification process. + * + * @returns A Promise for a token that can be used to assert the validity of a request. + */ + verify(action?: string, forceRefresh?: boolean): Promise<string>; +} +export declare function injectRecaptchaFields<T extends object>(auth: AuthInternal, request: T, action: RecaptchaActionName, isCaptchaResp?: boolean, isFakeToken?: boolean): Promise<T>; +type ActionMethod<TRequest, TResponse> = (auth: AuthInternal, request: TRequest) => Promise<TResponse>; +export declare function handleRecaptchaFlow<TRequest extends object, TResponse>(authInstance: AuthInternal, request: TRequest, actionName: RecaptchaActionName, actionMethod: ActionMethod<TRequest, TResponse>, recaptchaAuthProvider: RecaptchaAuthProvider): Promise<TResponse>; +export declare function _initializeRecaptchaConfig(auth: Auth): Promise<void>; +export {}; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/recaptcha/recaptcha_loader.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/recaptcha/recaptcha_loader.d.ts new file mode 100644 index 0000000..b0fc1d9 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/recaptcha/recaptcha_loader.d.ts @@ -0,0 +1,49 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthInternal } from '../../model/auth'; +import { Recaptcha } from './recaptcha'; +export declare const _JSLOAD_CALLBACK: string; +/** + * We need to mark this interface as internal explicitly to exclude it in the public typings, because + * it references AuthInternal which has a circular dependency with UserInternal. + * + * @internal + */ +export interface ReCaptchaLoader { + load(auth: AuthInternal, hl?: string): Promise<Recaptcha>; + clearedOneInstance(): void; +} +/** + * Loader for the GReCaptcha library. There should only ever be one of this. + */ +export declare class ReCaptchaLoaderImpl implements ReCaptchaLoader { + private hostLanguage; + private counter; + /** + * Check for `render()` method. `window.grecaptcha` will exist if the Enterprise + * version of the ReCAPTCHA script was loaded by someone else (e.g. App Check) but + * `window.grecaptcha.render()` will not. Another load will add it. + */ + private readonly librarySeparatelyLoaded; + load(auth: AuthInternal, hl?: string): Promise<Recaptcha>; + clearedOneInstance(): void; + private shouldResolveImmediately; +} +export declare class MockReCaptchaLoaderImpl implements ReCaptchaLoader { + load(auth: AuthInternal): Promise<Recaptcha>; + clearedOneInstance(): void; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/recaptcha/recaptcha_mock.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/recaptcha/recaptcha_mock.d.ts new file mode 100644 index 0000000..9cab21a --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/recaptcha/recaptcha_mock.d.ts @@ -0,0 +1,66 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthInternal } from '../../model/auth'; +import { RecaptchaParameters } from '../../model/public_types'; +import { Recaptcha, GreCAPTCHATopLevel, GreCAPTCHARenderOption, GreCAPTCHA } from './recaptcha'; +export declare const _SOLVE_TIME_MS = 500; +export declare const _EXPIRATION_TIME_MS = 60000; +export declare const _WIDGET_ID_START = 1000000000000; +export interface Widget { + getResponse: () => string | null; + delete: () => void; + execute: () => void; +} +export declare class MockReCaptcha implements Recaptcha { + private readonly auth; + private counter; + _widgets: Map<number, Widget>; + constructor(auth: AuthInternal); + render(container: string | HTMLElement, parameters?: RecaptchaParameters): number; + reset(optWidgetId?: number): void; + getResponse(optWidgetId?: number): string; + execute(optWidgetId?: number | string): Promise<string>; +} +export declare class MockGreCAPTCHATopLevel implements GreCAPTCHATopLevel { + enterprise: GreCAPTCHA; + ready(callback: () => void): void; + execute(_siteKey: string, _options: { + action: string; + }): Promise<string>; + render(_container: string | HTMLElement, _parameters: GreCAPTCHARenderOption): string; +} +export declare class MockGreCAPTCHA implements GreCAPTCHA { + ready(callback: () => void): void; + execute(_siteKey: string, _options: { + action: string; + }): Promise<string>; + render(_container: string | HTMLElement, _parameters: GreCAPTCHARenderOption): string; +} +export declare class MockWidget { + private readonly params; + private readonly container; + private readonly isVisible; + private timerId; + private deleted; + private responseToken; + private readonly clickHandler; + constructor(containerOrId: string | HTMLElement, appName: string, params: RecaptchaParameters); + getResponse(): string | null; + delete(): void; + execute(): void; + private checkIfDeleted; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/recaptcha/recaptcha_verifier.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/recaptcha/recaptcha_verifier.d.ts new file mode 100644 index 0000000..cfca5c6 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/recaptcha/recaptcha_verifier.d.ts @@ -0,0 +1,92 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth, RecaptchaParameters } from '../../model/public_types'; +import { ApplicationVerifierInternal } from '../../model/application_verifier'; +import { ReCaptchaLoader } from './recaptcha_loader'; +export declare const RECAPTCHA_VERIFIER_TYPE = "recaptcha"; +/** + * An {@link https://www.google.com/recaptcha/ | reCAPTCHA}-based application verifier. + * + * @remarks + * `RecaptchaVerifier` does not work in a Node.js environment. + * + * @public + */ +export declare class RecaptchaVerifier implements ApplicationVerifierInternal { + private readonly parameters; + /** + * The application verifier type. + * + * @remarks + * For a reCAPTCHA verifier, this is 'recaptcha'. + */ + readonly type = "recaptcha"; + private destroyed; + private widgetId; + private readonly container; + private readonly isInvisible; + private readonly tokenChangeListeners; + private renderPromise; + private readonly auth; + /** @internal */ + readonly _recaptchaLoader: ReCaptchaLoader; + private recaptcha; + /** + * @param authExtern - The corresponding Firebase {@link Auth} instance. + * + * @param containerOrId - The reCAPTCHA container parameter. + * + * @remarks + * This has different meaning depending on whether the reCAPTCHA is hidden or visible. For a + * visible reCAPTCHA the container must be empty. If a string is used, it has to correspond to + * an element ID. The corresponding element must also must be in the DOM at the time of + * initialization. + * + * @param parameters - The optional reCAPTCHA parameters. + * + * @remarks + * Check the reCAPTCHA docs for a comprehensive list. All parameters are accepted except for + * the sitekey. Firebase Auth backend provisions a reCAPTCHA for each project and will + * configure this upon rendering. For an invisible reCAPTCHA, a size key must have the value + * 'invisible'. + */ + constructor(authExtern: Auth, containerOrId: HTMLElement | string, parameters?: RecaptchaParameters); + /** + * Waits for the user to solve the reCAPTCHA and resolves with the reCAPTCHA token. + * + * @returns A Promise for the reCAPTCHA token. + */ + verify(): Promise<string>; + /** + * Renders the reCAPTCHA widget on the page. + * + * @returns A Promise that resolves with the reCAPTCHA widget ID. + */ + render(): Promise<number>; + /** @internal */ + _reset(): void; + /** + * Clears the reCAPTCHA widget from the page and destroys the instance. + */ + clear(): void; + private validateStartingState; + private makeTokenCallback; + private assertNotDestroyed; + private makeRenderPromise; + private init; + private getAssertedRecaptcha; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/strategies/phone.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/strategies/phone.d.ts new file mode 100644 index 0000000..26dab0b --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/strategies/phone.d.ts @@ -0,0 +1,116 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { ApplicationVerifier, Auth, ConfirmationResult, PhoneInfoOptions, User } from '../../model/public_types'; +import { ApplicationVerifierInternal } from '../../model/application_verifier'; +import { PhoneAuthCredential } from '../../core/credentials/phone'; +import { AuthInternal } from '../../model/auth'; +/** + * Asynchronously signs in using a phone number. + * + * @remarks + * This method sends a code via SMS to the given + * phone number, and returns a {@link ConfirmationResult}. After the user + * provides the code sent to their phone, call {@link ConfirmationResult.confirm} + * with the code to sign the user in. + * + * For abuse prevention, this method requires a {@link ApplicationVerifier}. + * This SDK includes an implementation based on reCAPTCHA v2, {@link RecaptchaVerifier}. + * This function can work on other platforms that do not support the + * {@link RecaptchaVerifier} (like React Native), but you need to use a + * third-party {@link ApplicationVerifier} implementation. + * + * If you've enabled project-level reCAPTCHA Enterprise bot protection in + * Enforce mode, you can omit the {@link ApplicationVerifier}. + * + * This method does not work in a Node.js environment or with {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * @example + * ```javascript + * // 'recaptcha-container' is the ID of an element in the DOM. + * const applicationVerifier = new firebase.auth.RecaptchaVerifier('recaptcha-container'); + * const confirmationResult = await signInWithPhoneNumber(auth, phoneNumber, applicationVerifier); + * // Obtain a verificationCode from the user. + * const credential = await confirmationResult.confirm(verificationCode); + * ``` + * + * @param auth - The {@link Auth} instance. + * @param phoneNumber - The user's phone number in E.164 format (e.g. +16505550101). + * @param appVerifier - The {@link ApplicationVerifier}. + * + * @public + */ +export declare function signInWithPhoneNumber(auth: Auth, phoneNumber: string, appVerifier?: ApplicationVerifier): Promise<ConfirmationResult>; +/** + * Links the user account with the given phone number. + * + * @remarks + * This method does not work in a Node.js environment. + * + * @param user - The user. + * @param phoneNumber - The user's phone number in E.164 format (e.g. +16505550101). + * @param appVerifier - The {@link ApplicationVerifier}. + * + * @public + */ +export declare function linkWithPhoneNumber(user: User, phoneNumber: string, appVerifier?: ApplicationVerifier): Promise<ConfirmationResult>; +/** + * Re-authenticates a user using a fresh phone credential. + * + * @remarks + * Use before operations such as {@link updatePassword} that require tokens from recent sign-in attempts. + * + * This method does not work in a Node.js environment or on any {@link User} signed in by + * {@link Auth} instances created with a {@link @firebase/app#FirebaseServerApp}. + * + * @param user - The user. + * @param phoneNumber - The user's phone number in E.164 format (e.g. +16505550101). + * @param appVerifier - The {@link ApplicationVerifier}. + * + * @public + */ +export declare function reauthenticateWithPhoneNumber(user: User, phoneNumber: string, appVerifier?: ApplicationVerifier): Promise<ConfirmationResult>; +/** + * Returns a verification ID to be used in conjunction with the SMS code that is sent. + * + */ +export declare function _verifyPhoneNumber(auth: AuthInternal, options: PhoneInfoOptions | string, verifier?: ApplicationVerifierInternal): Promise<string>; +/** + * Updates the user's phone number. + * + * @remarks + * This method does not work in a Node.js environment or on any {@link User} signed in by + * {@link Auth} instances created with a {@link @firebase/app#FirebaseServerApp}. + * + * @example + * ``` + * // 'recaptcha-container' is the ID of an element in the DOM. + * const applicationVerifier = new RecaptchaVerifier('recaptcha-container'); + * const provider = new PhoneAuthProvider(auth); + * const verificationId = await provider.verifyPhoneNumber('+16505550101', applicationVerifier); + * // Obtain the verificationCode from the user. + * const phoneCredential = PhoneAuthProvider.credential(verificationId, verificationCode); + * await updatePhoneNumber(user, phoneCredential); + * ``` + * + * @param user - The user. + * @param credential - A credential authenticating the new phone number. + * + * @public + */ +export declare function updatePhoneNumber(user: User, credential: PhoneAuthCredential): Promise<void>; +export declare function injectRecaptchaV2Token<T extends object>(auth: AuthInternal, request: T, recaptchaV2Verifier: ApplicationVerifierInternal): Promise<T>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/strategies/popup.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/strategies/popup.d.ts new file mode 100644 index 0000000..72ba03a --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/strategies/popup.d.ts @@ -0,0 +1,109 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth, AuthProvider, PopupRedirectResolver, User, UserCredential } from '../../model/public_types'; +import { Delay } from '../../core/util/delay'; +export declare const enum _Timeout { + AUTH_EVENT = 8000 +} +export declare const _POLL_WINDOW_CLOSE_TIMEOUT: Delay; +/** + * Authenticates a Firebase client using a popup-based OAuth authentication flow. + * + * @remarks + * If succeeds, returns the signed in user along with the provider's credential. If sign in was + * unsuccessful, returns an error object containing additional information about the error. + * + * This method does not work in a Node.js environment or with {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * @example + * ```javascript + * // Sign in using a popup. + * const provider = new FacebookAuthProvider(); + * const result = await signInWithPopup(auth, provider); + * + * // The signed-in user info. + * const user = result.user; + * // This gives you a Facebook Access Token. + * const credential = provider.credentialFromResult(auth, result); + * const token = credential.accessToken; + * ``` + * + * @param auth - The {@link Auth} instance. + * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}. + * Non-OAuth providers like {@link EmailAuthProvider} will throw an error. + * @param resolver - An instance of {@link PopupRedirectResolver}, optional + * if already supplied to {@link initializeAuth} or provided by {@link getAuth}. + * + * @public + */ +export declare function signInWithPopup(auth: Auth, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<UserCredential>; +/** + * Reauthenticates the current user with the specified {@link OAuthProvider} using a pop-up based + * OAuth flow. + * + * @remarks + * If the reauthentication is successful, the returned result will contain the user and the + * provider's credential. + * + * This method does not work in a Node.js environment or on any {@link User} signed in by + * {@link Auth} instances created with a {@link @firebase/app#FirebaseServerApp}. + * + * @example + * ```javascript + * // Sign in using a popup. + * const provider = new FacebookAuthProvider(); + * const result = await signInWithPopup(auth, provider); + * // Reauthenticate using a popup. + * await reauthenticateWithPopup(result.user, provider); + * ``` + * + * @param user - The user. + * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}. + * Non-OAuth providers like {@link EmailAuthProvider} will throw an error. + * @param resolver - An instance of {@link PopupRedirectResolver}, optional + * if already supplied to {@link initializeAuth} or provided by {@link getAuth}. + * + * @public + */ +export declare function reauthenticateWithPopup(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<UserCredential>; +/** + * Links the authenticated provider to the user account using a pop-up based OAuth flow. + * + * @remarks + * If the linking is successful, the returned result will contain the user and the provider's credential. + * + * This method does not work in a Node.js environment. + * + * @example + * ```javascript + * // Sign in using some other provider. + * const result = await signInWithEmailAndPassword(auth, email, password); + * // Link using a popup. + * const provider = new FacebookAuthProvider(); + * await linkWithPopup(result.user, provider); + * ``` + * + * @param user - The user. + * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}. + * Non-OAuth providers like {@link EmailAuthProvider} will throw an error. + * @param resolver - An instance of {@link PopupRedirectResolver}, optional + * if already supplied to {@link initializeAuth} or provided by {@link getAuth}. + * + * @public + */ +export declare function linkWithPopup(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<UserCredential>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/strategies/redirect.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/strategies/redirect.d.ts new file mode 100644 index 0000000..d0a9ae5 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/strategies/redirect.d.ts @@ -0,0 +1,176 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth, AuthProvider, PopupRedirectResolver, User, UserCredential } from '../../model/public_types'; +/** + * Authenticates a Firebase client using a full-page redirect flow. + * + * @remarks + * To handle the results and errors for this operation, refer to {@link getRedirectResult}. + * Follow the {@link https://firebase.google.com/docs/auth/web/redirect-best-practices + * | best practices} when using {@link signInWithRedirect}. + * + * This method does not work in a Node.js environment or with {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * @example + * ```javascript + * // Sign in using a redirect. + * const provider = new FacebookAuthProvider(); + * // You can add additional scopes to the provider: + * provider.addScope('user_birthday'); + * // Start a sign in process for an unauthenticated user. + * await signInWithRedirect(auth, provider); + * // This will trigger a full page redirect away from your app + * + * // After returning from the redirect when your app initializes you can obtain the result + * const result = await getRedirectResult(auth); + * if (result) { + * // This is the signed-in user + * const user = result.user; + * // This gives you a Facebook Access Token. + * const credential = provider.credentialFromResult(auth, result); + * const token = credential.accessToken; + * } + * // As this API can be used for sign-in, linking and reauthentication, + * // check the operationType to determine what triggered this redirect + * // operation. + * const operationType = result.operationType; + * ``` + * + * @param auth - The {@link Auth} instance. + * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}. + * Non-OAuth providers like {@link EmailAuthProvider} will throw an error. + * @param resolver - An instance of {@link PopupRedirectResolver}, optional + * if already supplied to {@link initializeAuth} or provided by {@link getAuth}. + * + * @public + */ +export declare function signInWithRedirect(auth: Auth, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<never>; +export declare function _signInWithRedirect(auth: Auth, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<void | never>; +/** + * Reauthenticates the current user with the specified {@link OAuthProvider} using a full-page redirect flow. + * @remarks + * To handle the results and errors for this operation, refer to {@link getRedirectResult}. + * Follow the {@link https://firebase.google.com/docs/auth/web/redirect-best-practices + * | best practices} when using {@link reauthenticateWithRedirect}. + * + * This method does not work in a Node.js environment or with {@link Auth} instances + * created with a {@link @firebase/app#FirebaseServerApp}. + * + * @example + * ```javascript + * // Sign in using a redirect. + * const provider = new FacebookAuthProvider(); + * const result = await signInWithRedirect(auth, provider); + * // This will trigger a full page redirect away from your app + * + * // After returning from the redirect when your app initializes you can obtain the result + * const result = await getRedirectResult(auth); + * // Reauthenticate using a redirect. + * await reauthenticateWithRedirect(result.user, provider); + * // This will again trigger a full page redirect away from your app + * + * // After returning from the redirect when your app initializes you can obtain the result + * const result = await getRedirectResult(auth); + * ``` + * + * @param user - The user. + * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}. + * Non-OAuth providers like {@link EmailAuthProvider} will throw an error. + * @param resolver - An instance of {@link PopupRedirectResolver}, optional + * if already supplied to {@link initializeAuth} or provided by {@link getAuth}. + * + * @public + */ +export declare function reauthenticateWithRedirect(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<never>; +export declare function _reauthenticateWithRedirect(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<void | never>; +/** + * Links the {@link OAuthProvider} to the user account using a full-page redirect flow. + * @remarks + * To handle the results and errors for this operation, refer to {@link getRedirectResult}. + * Follow the {@link https://firebase.google.com/docs/auth/web/redirect-best-practices + * | best practices} when using {@link linkWithRedirect}. + * + * This method does not work in a Node.js environment or with {@link Auth} instances + * created with a {@link @firebase/app#FirebaseServerApp}. + * + * @example + * ```javascript + * // Sign in using some other provider. + * const result = await signInWithEmailAndPassword(auth, email, password); + * // Link using a redirect. + * const provider = new FacebookAuthProvider(); + * await linkWithRedirect(result.user, provider); + * // This will trigger a full page redirect away from your app + * + * // After returning from the redirect when your app initializes you can obtain the result + * const result = await getRedirectResult(auth); + * ``` + * + * @param user - The user. + * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}. + * Non-OAuth providers like {@link EmailAuthProvider} will throw an error. + * @param resolver - An instance of {@link PopupRedirectResolver}, optional + * if already supplied to {@link initializeAuth} or provided by {@link getAuth}. + * + * @public + */ +export declare function linkWithRedirect(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<never>; +export declare function _linkWithRedirect(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<void | never>; +/** + * Returns a {@link UserCredential} from the redirect-based sign-in flow. + * + * @remarks + * If sign-in succeeded, returns the signed in user. If sign-in was unsuccessful, fails with an + * error. If no redirect operation was called, returns `null`. + * + * This method does not work in a Node.js environment or with {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * @example + * ```javascript + * // Sign in using a redirect. + * const provider = new FacebookAuthProvider(); + * // You can add additional scopes to the provider: + * provider.addScope('user_birthday'); + * // Start a sign in process for an unauthenticated user. + * await signInWithRedirect(auth, provider); + * // This will trigger a full page redirect away from your app + * + * // After returning from the redirect when your app initializes you can obtain the result + * const result = await getRedirectResult(auth); + * if (result) { + * // This is the signed-in user + * const user = result.user; + * // This gives you a Facebook Access Token. + * const credential = provider.credentialFromResult(auth, result); + * const token = credential.accessToken; + * } + * // As this API can be used for sign-in, linking and reauthentication, + * // check the operationType to determine what triggered this redirect + * // operation. + * const operationType = result.operationType; + * ``` + * + * @param auth - The {@link Auth} instance. + * @param resolver - An instance of {@link PopupRedirectResolver}, optional + * if already supplied to {@link initializeAuth} or provided by {@link getAuth}. + * + * @public + */ +export declare function getRedirectResult(auth: Auth, resolver?: PopupRedirectResolver): Promise<UserCredential | null>; +export declare function _getRedirectResult(auth: Auth, resolverExtern?: PopupRedirectResolver, bypassAuthState?: boolean): Promise<UserCredential | null>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/util/popup.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/util/popup.d.ts new file mode 100644 index 0000000..111ca83 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/util/popup.d.ts @@ -0,0 +1,24 @@ +/** + * @license + * Copyright 2020 Google LLC. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthInternal } from '../../model/auth'; +export declare class AuthPopup { + readonly window: Window | null; + associatedEvent: string | null; + constructor(window: Window | null); + close(): void; +} +export declare function _open(auth: AuthInternal, url?: string, name?: string, width?: number, height?: number): AuthPopup; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/util/worker.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/util/worker.d.ts new file mode 100644 index 0000000..c871903 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_browser/util/worker.d.ts @@ -0,0 +1,20 @@ +/** + * @license + * Copyright 2020 Google LLC. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export declare function _isWorker(): boolean; +export declare function _getActiveServiceWorker(): Promise<ServiceWorker | null>; +export declare function _getServiceWorkerController(): ServiceWorker | null; +export declare function _getWorkerGlobalScope(): ServiceWorker | null; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_cordova/plugins.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_cordova/plugins.d.ts new file mode 100644 index 0000000..d3e157d --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_cordova/plugins.d.ts @@ -0,0 +1,42 @@ +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export interface CordovaWindow extends Window { + cordova: { + plugins: { + browsertab: { + isAvailable(cb: (available: boolean) => void): void; + openUrl(url: string): void; + close(): void; + }; + }; + InAppBrowser: { + open(url: string, target: string, options: string): InAppBrowserRef; + }; + }; + universalLinks: { + subscribe(n: null, cb: (event: Record<string, string> | null) => void): void; + }; + BuildInfo: { + readonly packageName: string; + readonly displayName: string; + }; + handleOpenURL(url: string): void; +} +export interface InAppBrowserRef { + close?: () => void; +} +export declare function _cordovaWindow(): CordovaWindow; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_cordova/popup_redirect/events.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_cordova/popup_redirect/events.d.ts new file mode 100644 index 0000000..0e5a406 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_cordova/popup_redirect/events.d.ts @@ -0,0 +1,39 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthEventManager } from '../../core/auth/auth_event_manager'; +import { AuthInternal } from '../../model/auth'; +import { AuthEvent, AuthEventType } from '../../model/popup_redirect'; +/** Custom AuthEventManager that adds passive listeners to events */ +export declare class CordovaAuthEventManager extends AuthEventManager { + private readonly passiveListeners; + private resolveInitialized; + private initPromise; + addPassiveListener(cb: (e: AuthEvent) => void): void; + removePassiveListener(cb: (e: AuthEvent) => void): void; + resetRedirect(): void; + /** Override the onEvent method */ + onEvent(event: AuthEvent): boolean; + initialized(): Promise<void>; +} +/** + * Generates a (partial) {@link AuthEvent}. + */ +export declare function _generateNewEvent(auth: AuthInternal, type: AuthEventType, eventId?: string | null): AuthEvent; +export declare function _savePartialEvent(auth: AuthInternal, event: AuthEvent): Promise<void>; +export declare function _getAndRemoveEvent(auth: AuthInternal): Promise<AuthEvent | null>; +export declare function _eventFromPartialAndUrl(partialEvent: AuthEvent, url: string): AuthEvent | null; +export declare function _getDeepLinkFromCallback(url: string): string; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_cordova/popup_redirect/popup_redirect.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_cordova/popup_redirect/popup_redirect.d.ts new file mode 100644 index 0000000..2bbf02c --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_cordova/popup_redirect/popup_redirect.d.ts @@ -0,0 +1,24 @@ +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { PopupRedirectResolver } from '../../model/public_types'; +/** + * An implementation of {@link PopupRedirectResolver} suitable for Cordova + * based applications. + * + * @public + */ +export declare const cordovaPopupRedirectResolver: PopupRedirectResolver; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_cordova/popup_redirect/utils.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_cordova/popup_redirect/utils.d.ts new file mode 100644 index 0000000..b9feb06 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_cordova/popup_redirect/utils.d.ts @@ -0,0 +1,47 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthProvider } from '../../model/public_types'; +import { AuthInternal } from '../../model/auth'; +import { AuthEvent } from '../../model/popup_redirect'; +import { InAppBrowserRef } from '../plugins'; +/** + * Generates the URL for the OAuth handler. + */ +export declare function _generateHandlerUrl(auth: AuthInternal, event: AuthEvent, provider: AuthProvider): Promise<string>; +/** + * Validates that this app is valid for this project configuration + */ +export declare function _validateOrigin(auth: AuthInternal): Promise<void>; +export declare function _performRedirect(handlerUrl: string): Promise<InAppBrowserRef | null>; +interface PassiveAuthEventListener { + addPassiveListener(cb: () => void): void; + removePassiveListener(cb: () => void): void; +} +/** + * This function waits for app activity to be seen before resolving. It does + * this by attaching listeners to various dom events. Once the app is determined + * to be visible, this promise resolves. AFTER that resolution, the listeners + * are detached and any browser tabs left open will be closed. + */ +export declare function _waitForAppResume(auth: AuthInternal, eventListener: PassiveAuthEventListener, iabRef: InAppBrowserRef | null): Promise<void>; +/** + * Checks the configuration of the Cordova environment. This has no side effect + * if the configuration is correct; otherwise it throws an error with the + * missing plugin. + */ +export declare function _checkCordovaConfiguration(auth: AuthInternal): void; +export {}; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_cordova/strategies/redirect.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_cordova/strategies/redirect.d.ts new file mode 100644 index 0000000..9dbd547 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_cordova/strategies/redirect.d.ts @@ -0,0 +1,20 @@ +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth, AuthProvider, PopupRedirectResolver, User } from '../../model/public_types'; +export declare function signInWithRedirect(auth: Auth, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<void>; +export declare function reauthenticateWithRedirect(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<void>; +export declare function linkWithRedirect(user: User, provider: AuthProvider, resolver?: PopupRedirectResolver): Promise<void>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_node/index.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_node/index.d.ts new file mode 100644 index 0000000..e84ba55 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_node/index.d.ts @@ -0,0 +1,51 @@ +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { FirebaseApp } from '@firebase/app'; +import { Auth } from '../model/public_types'; +export declare function getAuth(app?: FirebaseApp): Auth; +/** Reject with auth/operation-not-supported-in-this-environment */ +declare function fail(): Promise<void>; +/** + * A class which will throw with + * auth/operation-not-supported-in-this-environment if instantiated + */ +declare class FailClass { + constructor(); +} +export declare const browserLocalPersistence: import("../model/public_types").Persistence; +export declare const browserSessionPersistence: import("../model/public_types").Persistence; +export declare const browserCookiePersistence: import("../model/public_types").Persistence; +export declare const indexedDBLocalPersistence: import("../model/public_types").Persistence; +export declare const browserPopupRedirectResolver: import("@firebase/app").FirebaseError; +export declare const PhoneAuthProvider: typeof FailClass; +export declare const signInWithPhoneNumber: typeof fail; +export declare const linkWithPhoneNumber: typeof fail; +export declare const reauthenticateWithPhoneNumber: typeof fail; +export declare const updatePhoneNumber: typeof fail; +export declare const signInWithPopup: typeof fail; +export declare const linkWithPopup: typeof fail; +export declare const reauthenticateWithPopup: typeof fail; +export declare const signInWithRedirect: typeof fail; +export declare const linkWithRedirect: typeof fail; +export declare const reauthenticateWithRedirect: typeof fail; +export declare const getRedirectResult: typeof fail; +export declare const RecaptchaVerifier: typeof FailClass; +export declare const initializeRecaptchaConfig: typeof fail; +export declare class PhoneMultiFactorGenerator { + static assertion(): unknown; +} +export {}; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_react_native/persistence/react_native.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_react_native/persistence/react_native.d.ts new file mode 100644 index 0000000..fed8b9f --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/src/platform_react_native/persistence/react_native.d.ts @@ -0,0 +1,25 @@ +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Persistence, ReactNativeAsyncStorage } from '../../model/public_types'; +/** + * Returns a persistence object that wraps `AsyncStorage` imported from + * `react-native` or `@react-native-community/async-storage`, and can + * be used in the persistence dependency field in {@link initializeAuth}. + * + * @public + */ +export declare function getReactNativePersistence(storage: ReactNativeAsyncStorage): Persistence; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/api/helper.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/api/helper.d.ts new file mode 100644 index 0000000..080e611 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/api/helper.d.ts @@ -0,0 +1,22 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Endpoint } from '../../../src/api'; +import { Route } from '../mock_fetch'; +export declare function endpointUrl(endpoint: Endpoint): string; +export declare function endpointUrlWithParams(endpoint: Endpoint, params: Record<string, any>): string; +export declare function mockEndpoint(endpoint: Endpoint, response: object, status?: number): Route; +export declare function mockEndpointWithParams(endpoint: Endpoint, params: Record<string, any>, response: object, status?: number): Route; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/delay.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/delay.d.ts new file mode 100644 index 0000000..bcd0c51 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/delay.d.ts @@ -0,0 +1,20 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Throws tasks to the back of the async task queue. + */ +export declare function delay(cb: () => void): void; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/erroring_unavailable_persistence.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/erroring_unavailable_persistence.d.ts new file mode 100644 index 0000000..26ea98a --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/erroring_unavailable_persistence.d.ts @@ -0,0 +1,36 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { PersistenceInternal, PersistenceType, PersistenceValue } from '../../src/core/persistence'; +/** + * Helper class for mocking completely broken persistence that errors when + * accessed. + * + * When disabling cookies in Chrome entirely, for example, simply reading the + * "localStorage" field in "window" will throw an error, but this can't be + * checked for by calling `'localStorage' in window`. This class simulates a + * situation where _isAvailable works correctly but all other methods fail. + */ +export declare class ErroringUnavailablePersistence implements PersistenceInternal { + type: PersistenceType; + _isAvailable(): Promise<boolean>; + _set(): Promise<void>; + _get<T extends PersistenceValue>(): Promise<T | null>; + _remove(): Promise<void>; + _addListener(): void; + _removeListener(): void; + _shouldAllowMigration: boolean; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/fake_service_worker.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/fake_service_worker.d.ts new file mode 100644 index 0000000..89ecf32 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/fake_service_worker.d.ts @@ -0,0 +1,22 @@ +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export declare class FakeServiceWorker { + private readonly listeners; + postMessage(message: any, transfer: MessagePort[]): void; + addEventListener(type: string, listener: EventListenerOrEventListenerObject, _options?: boolean | AddEventListenerOptions): void; + removeEventListener(type: string, listener: EventListenerOrEventListenerObject, _options?: boolean | EventListenerOptions): void; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/id_token_response.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/id_token_response.d.ts new file mode 100644 index 0000000..d7352ed --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/id_token_response.d.ts @@ -0,0 +1,18 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { IdTokenResponse } from '../../src/model/id_token'; +export declare const TEST_ID_TOKEN_RESPONSE: IdTokenResponse; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/iframe_event.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/iframe_event.d.ts new file mode 100644 index 0000000..1293d01 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/iframe_event.d.ts @@ -0,0 +1,19 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthEvent } from '../../src/model/popup_redirect'; +export declare const BASE_AUTH_EVENT: AuthEvent; +export declare function authEvent(event?: Partial<AuthEvent>): AuthEvent; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/integration/emulator_rest_helpers.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/integration/emulator_rest_helpers.d.ts new file mode 100644 index 0000000..832dc4f --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/integration/emulator_rest_helpers.d.ts @@ -0,0 +1,35 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export interface VerificationSession { + code: string; + phoneNumber: string; + sessionInfo: string; +} +export interface OobCodeSession { + email: string; + requestType: string; + oobCode: string; + oobLink: string; +} +export declare function getPhoneVerificationCodes(): Promise<Record<string, VerificationSession>>; +export declare function getOobCodes(): Promise<OobCodeSession[]>; +export declare function resetEmulator(): Promise<void>; +export declare function createAnonAccount(): Promise<{ + localId: string; + idToken: string; + refreshToken: string; +}>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/integration/helpers.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/integration/helpers.d.ts new file mode 100644 index 0000000..86dfd0c --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/integration/helpers.d.ts @@ -0,0 +1,32 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { FirebaseServerApp } from '@firebase/app'; +import { Auth } from '@firebase/auth'; +export declare function randomEmail(): string; +export declare function getTestInstance(requireEmulator?: boolean): Auth; +export declare function getTestInstanceForServerApp(serverApp: FirebaseServerApp): Auth; +export declare function cleanUpTestInstance(auth: Auth): Promise<void>; +export declare function getTotpCode(sharedSecretKey: string, periodSec: number, verificationCodeLength: number, timestamp: Date): string; +export declare const email = "totpuser-donotdelete@test.com"; +export declare const password = "password"; +export declare const incorrectTotpCode = "1000000"; +/** + * Generates a valid password for the project or tenant password policy in the Auth instance. + * @param auth The {@link Auth} instance. + * @returns A valid password according to the password policy. + */ +export declare function generateValidPassword(auth: Auth): Promise<string>; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/integration/settings.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/integration/settings.d.ts new file mode 100644 index 0000000..47aeeda --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/integration/settings.d.ts @@ -0,0 +1,23 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { FirebaseOptions } from '@firebase/app'; +export declare const USE_EMULATOR: boolean; +export declare const PROJECT_ID: any; +export declare const AUTH_DOMAIN: any; +export declare const API_KEY: any; +export declare function getAppConfig(): FirebaseOptions; +export declare function getEmulatorUrl(): string | null; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/jwt.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/jwt.d.ts new file mode 100644 index 0000000..70e55aa --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/jwt.d.ts @@ -0,0 +1,17 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export declare function makeJWT(claims: object): string; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/mock_auth.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/mock_auth.d.ts new file mode 100644 index 0000000..018faf8 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/mock_auth.d.ts @@ -0,0 +1,47 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Provider } from '@firebase/component'; +import { AppCheckTokenResult } from '@firebase/app-check-interop-types'; +import { PopupRedirectResolver } from '../../src/model/public_types'; +import { AuthImpl } from '../../src/core/auth/auth_impl'; +import { PersistedBlob } from '../../src/core/persistence'; +import { InMemoryPersistence } from '../../src/core/persistence/in_memory'; +import { AuthInternal } from '../../src/model/auth'; +import { UserInternal } from '../../src/model/user'; +export declare const TEST_HOST = "localhost"; +export declare const TEST_TOKEN_HOST = "localhost/token"; +export declare const TEST_AUTH_DOMAIN = "localhost"; +export declare const TEST_SCHEME = "mock"; +export declare const TEST_KEY = "test-api-key"; +export interface TestAuth extends AuthImpl { + persistenceLayer: MockPersistenceLayer; +} +export declare const FAKE_HEARTBEAT_CONTROLLER: { + getHeartbeatsHeader: () => Promise<string>; +}; +export declare const FAKE_HEARTBEAT_CONTROLLER_PROVIDER: Provider<'heartbeat'>; +export declare const FAKE_APP_CHECK_CONTROLLER: { + getToken: () => Promise<AppCheckTokenResult>; +}; +export declare const FAKE_APP_CHECK_CONTROLLER_PROVIDER: Provider<'app-check-internal'>; +export declare class MockPersistenceLayer extends InMemoryPersistence { + lastObjectSet: PersistedBlob | null; + _set(key: string, object: PersistedBlob): Promise<void>; + _remove(key: string): Promise<void>; +} +export declare function testAuth(popupRedirectResolver?: PopupRedirectResolver, persistence?: MockPersistenceLayer, skipAwaitOnInit?: boolean): Promise<TestAuth>; +export declare function testUser(auth: AuthInternal, uid: string, email?: string, fakeTokens?: boolean): UserInternal; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/mock_auth_credential.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/mock_auth_credential.d.ts new file mode 100644 index 0000000..acb21e8 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/mock_auth_credential.d.ts @@ -0,0 +1,31 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { ProviderId, SignInMethod } from '../../src/model/enums'; +import { PhoneOrOauthTokenResponse } from '../../src/api/authentication/mfa'; +import { AuthCredential } from '../../src/core/credentials'; +import { AuthInternal } from '../../src/model/auth'; +import { IdTokenResponse } from '../../src/model/id_token'; +export declare class MockAuthCredential implements AuthCredential { + readonly providerId: ProviderId; + readonly signInMethod: SignInMethod; + constructor(providerId: ProviderId, signInMethod: SignInMethod); + toJSON(): object; + fromJSON(_json: string | object): AuthCredential | null; + _getIdTokenResponse(_auth: AuthInternal): Promise<PhoneOrOauthTokenResponse>; + _linkToIdToken(_auth: AuthInternal, _idToken: string): Promise<IdTokenResponse>; + _getReauthenticationResolver(_auth: AuthInternal): Promise<IdTokenResponse>; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/mock_fetch.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/mock_fetch.d.ts new file mode 100644 index 0000000..fbe493c --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/mock_fetch.d.ts @@ -0,0 +1,31 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export interface Call { + request?: object | string; + method?: string; + headers: Headers; + fullRequest?: RequestInit; +} +export interface Route { + response: object; + status: number; + calls: Call[]; +} +export declare function setUpWithOverride(fetchOverride: typeof fetch): void; +export declare function setUp(): void; +export declare function mock(url: string, response: object, status?: number): Route; +export declare function tearDown(): void; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/mock_popup_redirect_resolver.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/mock_popup_redirect_resolver.d.ts new file mode 100644 index 0000000..6d7de21 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/mock_popup_redirect_resolver.d.ts @@ -0,0 +1,24 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { PopupRedirectResolver } from '../../src/model/public_types'; +import { AuthPopup } from '../../src/platform_browser/util/popup'; +import { EventManager } from '../../src/model/popup_redirect'; +/** + * Generates a PopupRedirectResolver that can be used by the oauth methods. + * These methods expect a class that can be instantiated. + */ +export declare function makeMockPopupRedirectResolver(eventManager?: EventManager, authPopup?: AuthPopup, webStorageSupported?: boolean): PopupRedirectResolver; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/redirect_persistence.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/redirect_persistence.d.ts new file mode 100644 index 0000000..1c5104c --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/redirect_persistence.d.ts @@ -0,0 +1,24 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { PersistenceValue } from '../../src/core/persistence'; +import { InMemoryPersistence } from '../../src/core/persistence/in_memory'; +/** Helper class for handling redirect persistence */ +export declare class RedirectPersistence extends InMemoryPersistence { + hasPendingRedirect: boolean; + redirectUser: object | null; + _get<T extends PersistenceValue>(key: string): Promise<T | null>; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/timeout_stub.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/timeout_stub.d.ts new file mode 100644 index 0000000..39c1705 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/helpers/timeout_stub.d.ts @@ -0,0 +1,34 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +export interface TimerTripFn { + (): void; +} +export interface TimerMap { + [key: number]: TimerTripFn; +} +/** + * Stubs window.setTimeout and returns a map of the functions that were passed + * in (the map is mutable and will be modified as setTimeout gets called). + * You can use this to manually cause timers to trip. The map is keyed by the + * duration of the timeout + */ +export declare function stubTimeouts(ids?: number[]): TimerMap; +/** + * Similar to stubTimeouts, but for use when there's only one timeout you + * care about + */ +export declare function stubSingleTimeout(id?: number): TimerTripFn; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/flows/middleware_test_generator.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/flows/middleware_test_generator.d.ts new file mode 100644 index 0000000..4ab1adb --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/flows/middleware_test_generator.d.ts @@ -0,0 +1,18 @@ +/** + * @license + * Copyright 2022 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth } from '@firebase/auth'; +export declare function generateMiddlewareTests(authGetter: () => Auth, signIn: () => Promise<unknown>): void; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/auth_driver.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/auth_driver.d.ts new file mode 100644 index 0000000..1d9392f --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/auth_driver.d.ts @@ -0,0 +1,46 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Auth, User, Persistence } from '@firebase/auth'; +import { WebDriver } from 'selenium-webdriver'; +export declare const START_FUNCTION = "startAuth"; +/** Helper wrapper around the WebDriver object */ +export declare class AuthDriver { + webDriver: WebDriver; + start(browser: string): Promise<void>; + stop(): Promise<void>; + call<T>(fn: string, ...args: unknown[]): Promise<T>; + callNoWait(fn: string, ...args: unknown[]): Promise<void>; + getAuthSnapshot(): Promise<Auth>; + getUserSnapshot(): Promise<User>; + reset(): Promise<void>; + goToTestPage(): Promise<void>; + waitForAuthInit(): Promise<void>; + waitForLegacyAuthInit(): Promise<void>; + reinitOnRedirect(): Promise<void>; + pause(ms: number): Promise<void>; + refresh(): Promise<void>; + private injectConfig; + injectConfigAndInitAuth(): Promise<void>; + injectConfigAndInitLegacySDK(persistence?: Persistence['type']): Promise<void>; + selectPopupWindow(): Promise<void>; + selectMainWindow(options?: { + noWait?: boolean; + }): Promise<void>; + closePopup(): Promise<void>; + closeExtraWindows(): Promise<void>; + isCompatLayer(): boolean; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/functions.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/functions.d.ts new file mode 100644 index 0000000..66d648b --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/functions.d.ts @@ -0,0 +1,81 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** Available in the browser. See static/anonymous.js */ +export declare enum AnonFunction { + SIGN_IN_ANONYMOUSLY = "anonymous.anonymousSignIn" +} +/** Available redirect functions. See static/redirect.js */ +export declare enum RedirectFunction { + IDP_REDIRECT = "redirect.idpRedirect", + IDP_REAUTH_REDIRECT = "redirect.idpReauthRedirect", + IDP_LINK_REDIRECT = "redirect.idpLinkRedirect", + REDIRECT_RESULT = "redirect.redirectResult", + GENERATE_CREDENTIAL_FROM_RESULT = "redirect.generateCredentialFromRedirectResultAndStore", + SIGN_IN_WITH_REDIRECT_CREDENTIAL = "redirect.signInWithRedirectCredential", + LINK_WITH_ERROR_CREDENTIAL = "redirect.linkWithErrorCredential", + CREATE_FAKE_GOOGLE_USER = "redirect.createFakeGoogleUser", + TRY_TO_SIGN_IN_UNVERIFIED = "redirect.tryToSignInUnverified" +} +/** Available popup functions. See static/popup.js */ +export declare enum PopupFunction { + IDP_POPUP = "popup.idpPopup", + IDP_REAUTH_POPUP = "popup.idpReauthPopup", + IDP_LINK_POPUP = "popup.idpLinkPopup", + POPUP_RESULT = "popup.popupResult", + GENERATE_CREDENTIAL_FROM_RESULT = "popup.generateCredentialFromResult", + SIGN_IN_WITH_POPUP_CREDENTIAL = "popup.signInWithPopupCredential", + LINK_WITH_ERROR_CREDENTIAL = "popup.linkWithErrorCredential", + CREATE_FAKE_GOOGLE_USER = "popup.createFakeGoogleUser", + TRY_TO_SIGN_IN_UNVERIFIED = "popup.tryToSignInUnverified" +} +/** Available email functions. See static/email.js */ +export declare enum EmailFunction { + CREATE_USER = "email.createUser" +} +/** Available core functions within the browser. See static/core.js */ +export declare enum CoreFunction { + RESET = "core.reset", + AWAIT_AUTH_INIT = "core.authInit", + USER_SNAPSHOT = "core.userSnap", + AUTH_SNAPSHOT = "core.authSnap", + SIGN_OUT = "core.signOut", + AWAIT_LEGACY_AUTH_INIT = "core.legacyAuthInit", + LEGACY_USER_SNAPSHOT = "core.legacyUserSnap" +} +/** Available persistence functions within the browser. See static/persistence.js */ +export declare enum PersistenceFunction { + CLEAR_PERSISTENCE = "persistence.clearPersistence", + LOCAL_STORAGE_SNAP = "persistence.localStorageSnap", + LOCAL_STORAGE_SET = "persistence.localStorageSet", + SESSION_STORAGE_SNAP = "persistence.sessionStorageSnap", + SESSION_STORAGE_SET = "persistence.sessionStorageSet", + INDEXED_DB_SNAP = "persistence.indexedDBSnap", + MAKE_INDEXED_DB_READONLY = "persistence.makeIndexedDBReadonly", + SET_PERSISTENCE_MEMORY = "persistence.setPersistenceMemory", + SET_PERSISTENCE_SESSION = "persistence.setPersistenceSession", + SET_PERSISTENCE_INDEXED_DB = "persistence.setPersistenceIndexedDB", + SET_PERSISTENCE_LOCAL_STORAGE = "persistence.setPersistenceLocalStorage" +} +export declare enum MiddlewareFunction { + ATTACH_BLOCKING_MIDDLEWARE = "middleware.attachBlockingMiddleware", + ATTACH_BLOCKING_MIDDLEWARE_ON_START = "middleware.attachBlockingMiddlewareOnStart" +} +/** Available firebase UI functions (only for compat tests) */ +export declare enum UiFunction { + LOAD = "ui.loadUiCode", + START = "ui.startUi" +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/idp_page.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/idp_page.d.ts new file mode 100644 index 0000000..2d30eb7 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/idp_page.d.ts @@ -0,0 +1,31 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { WebDriver } from 'selenium-webdriver'; +export declare class IdPPage { + private readonly driver; + static PAGE_TITLE: string; + constructor(driver: WebDriver); + pageLoad(): Promise<void>; + clickAddAccount(): Promise<void>; + clickSignIn(): Promise<void>; + selectExistingAccountByEmail(email: string): Promise<void>; + fillEmail(email: string): Promise<void>; + fillDisplayName(displayName: string): Promise<void>; + fillScreenName(screenName: string): Promise<void>; + fillProfilePhoto(profilePhoto: string): Promise<void>; + private fillInput; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/js_load_condition.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/js_load_condition.d.ts new file mode 100644 index 0000000..a1a0157 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/js_load_condition.d.ts @@ -0,0 +1,25 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { Condition } from 'selenium-webdriver'; +/** + * A condition that looks for the presence of a specified function. This is + * used with WebDriver .wait() as a proxy for determining when the JS has + * finished loading in a page. + */ +export declare class JsLoadCondition extends Condition<boolean> { + constructor(globalValue: string); +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/test_runner.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/test_runner.d.ts new file mode 100644 index 0000000..8986a26 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/test_runner.d.ts @@ -0,0 +1,19 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { AuthDriver } from './auth_driver'; +/** Main entry point for all WebDriver tests */ +export declare function browserDescribe(title: string, generator: (driver: AuthDriver, browser: string) => void): void; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/test_server.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/test_server.d.ts new file mode 100644 index 0000000..626807c --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/test_server.d.ts @@ -0,0 +1,27 @@ +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** Simple express server for serving up the static files for testing */ +declare class AuthTestServer { + private app; + private server; + constructor(); + get address(): string; + start(): Promise<void>; + stop(): void; +} +export declare const authTestServer: AuthTestServer; +export {}; diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/ui_page.d.ts b/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/ui_page.d.ts new file mode 100644 index 0000000..295c21c --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/test/integration/webdriver/util/ui_page.d.ts @@ -0,0 +1,33 @@ +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +import { WebDriver } from 'selenium-webdriver'; +export declare class UiPage { + private readonly driver; + constructor(driver: WebDriver); + clickGuestSignIn(): Promise<void>; + clickGoogleSignIn(): Promise<void>; + clickPhoneSignIn(): Promise<void>; + clickEmailSignIn(): Promise<void>; + clickSubmit(): Promise<void>; + enterPhoneNumber(phoneNumber: string): Promise<void>; + waitForCodeInputToBePresent(): Promise<void>; + enterPhoneCode(code: string): Promise<void>; + enterEmail(email: string): Promise<void>; + enterEmailDisplayName(name: string): Promise<void>; + enterPassword(name: string): Promise<void>; + private fillInput; +} diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/totp-50d5d5dd.js b/frontend-old/node_modules/@firebase/auth/dist/node/totp-50d5d5dd.js new file mode 100644 index 0000000..45d6a35 --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/totp-50d5d5dd.js @@ -0,0 +1,7693 @@ +'use strict'; + +var app = require('@firebase/app'); +var util = require('@firebase/util'); +var component = require('@firebase/component'); +var logger = require('@firebase/logger'); + +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * An enum of factors that may be used for multifactor authentication. + * + * @public + */ +const FactorId = { + /** Phone as second factor */ + PHONE: 'phone', + TOTP: 'totp' +}; +/** + * Enumeration of supported providers. + * + * @public + */ +const ProviderId = { + /** Facebook provider ID */ + FACEBOOK: 'facebook.com', + /** GitHub provider ID */ + GITHUB: 'github.com', + /** Google provider ID */ + GOOGLE: 'google.com', + /** Password provider */ + PASSWORD: 'password', + /** Phone provider */ + PHONE: 'phone', + /** Twitter provider ID */ + TWITTER: 'twitter.com' +}; +/** + * Enumeration of supported sign-in methods. + * + * @public + */ +const SignInMethod = { + /** Email link sign in method */ + EMAIL_LINK: 'emailLink', + /** Email/password sign in method */ + EMAIL_PASSWORD: 'password', + /** Facebook sign in method */ + FACEBOOK: 'facebook.com', + /** GitHub sign in method */ + GITHUB: 'github.com', + /** Google sign in method */ + GOOGLE: 'google.com', + /** Phone sign in method */ + PHONE: 'phone', + /** Twitter sign in method */ + TWITTER: 'twitter.com' +}; +/** + * Enumeration of supported operation types. + * + * @public + */ +const OperationType = { + /** Operation involving linking an additional provider to an already signed-in user. */ + LINK: 'link', + /** Operation involving using a provider to reauthenticate an already signed-in user. */ + REAUTHENTICATE: 'reauthenticate', + /** Operation involving signing in a user. */ + SIGN_IN: 'signIn' +}; +/** + * An enumeration of the possible email action types. + * + * @public + */ +const ActionCodeOperation = { + /** The email link sign-in action. */ + EMAIL_SIGNIN: 'EMAIL_SIGNIN', + /** The password reset action. */ + PASSWORD_RESET: 'PASSWORD_RESET', + /** The email revocation action. */ + RECOVER_EMAIL: 'RECOVER_EMAIL', + /** The revert second factor addition email action. */ + REVERT_SECOND_FACTOR_ADDITION: 'REVERT_SECOND_FACTOR_ADDITION', + /** The revert second factor addition email action. */ + VERIFY_AND_CHANGE_EMAIL: 'VERIFY_AND_CHANGE_EMAIL', + /** The email verification action. */ + VERIFY_EMAIL: 'VERIFY_EMAIL' +}; + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +function _debugErrorMap() { + return { + ["admin-restricted-operation" /* AuthErrorCode.ADMIN_ONLY_OPERATION */]: 'This operation is restricted to administrators only.', + ["argument-error" /* AuthErrorCode.ARGUMENT_ERROR */]: '', + ["app-not-authorized" /* AuthErrorCode.APP_NOT_AUTHORIZED */]: "This app, identified by the domain where it's hosted, is not " + + 'authorized to use Firebase Authentication with the provided API key. ' + + 'Review your key configuration in the Google API console.', + ["app-not-installed" /* AuthErrorCode.APP_NOT_INSTALLED */]: 'The requested mobile application corresponding to the identifier (' + + 'Android package name or iOS bundle ID) provided is not installed on ' + + 'this device.', + ["captcha-check-failed" /* AuthErrorCode.CAPTCHA_CHECK_FAILED */]: 'The reCAPTCHA response token provided is either invalid, expired, ' + + 'already used or the domain associated with it does not match the list ' + + 'of whitelisted domains.', + ["code-expired" /* AuthErrorCode.CODE_EXPIRED */]: 'The SMS code has expired. Please re-send the verification code to try ' + + 'again.', + ["cordova-not-ready" /* AuthErrorCode.CORDOVA_NOT_READY */]: 'Cordova framework is not ready.', + ["cors-unsupported" /* AuthErrorCode.CORS_UNSUPPORTED */]: 'This browser is not supported.', + ["credential-already-in-use" /* AuthErrorCode.CREDENTIAL_ALREADY_IN_USE */]: 'This credential is already associated with a different user account.', + ["custom-token-mismatch" /* AuthErrorCode.CREDENTIAL_MISMATCH */]: 'The custom token corresponds to a different audience.', + ["requires-recent-login" /* AuthErrorCode.CREDENTIAL_TOO_OLD_LOGIN_AGAIN */]: 'This operation is sensitive and requires recent authentication. Log in ' + + 'again before retrying this request.', + ["dependent-sdk-initialized-before-auth" /* AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH */]: 'Another Firebase SDK was initialized and is trying to use Auth before Auth is ' + + 'initialized. Please be sure to call `initializeAuth` or `getAuth` before ' + + 'starting any other Firebase SDK.', + ["dynamic-link-not-activated" /* AuthErrorCode.DYNAMIC_LINK_NOT_ACTIVATED */]: 'Please activate Dynamic Links in the Firebase Console and agree to the terms and ' + + 'conditions.', + ["email-change-needs-verification" /* AuthErrorCode.EMAIL_CHANGE_NEEDS_VERIFICATION */]: 'Multi-factor users must always have a verified email.', + ["email-already-in-use" /* AuthErrorCode.EMAIL_EXISTS */]: 'The email address is already in use by another account.', + ["emulator-config-failed" /* AuthErrorCode.EMULATOR_CONFIG_FAILED */]: 'Auth instance has already been used to make a network call. Auth can ' + + 'no longer be configured to use the emulator. Try calling ' + + '"connectAuthEmulator()" sooner.', + ["expired-action-code" /* AuthErrorCode.EXPIRED_OOB_CODE */]: 'The action code has expired.', + ["cancelled-popup-request" /* AuthErrorCode.EXPIRED_POPUP_REQUEST */]: 'This operation has been cancelled due to another conflicting popup being opened.', + ["internal-error" /* AuthErrorCode.INTERNAL_ERROR */]: 'An internal AuthError has occurred.', + ["invalid-app-credential" /* AuthErrorCode.INVALID_APP_CREDENTIAL */]: 'The phone verification request contains an invalid application verifier.' + + ' The reCAPTCHA token response is either invalid or expired.', + ["invalid-app-id" /* AuthErrorCode.INVALID_APP_ID */]: 'The mobile app identifier is not registered for the current project.', + ["invalid-user-token" /* AuthErrorCode.INVALID_AUTH */]: "This user's credential isn't valid for this project. This can happen " + + "if the user's token has been tampered with, or if the user isn't for " + + 'the project associated with this API key.', + ["invalid-auth-event" /* AuthErrorCode.INVALID_AUTH_EVENT */]: 'An internal AuthError has occurred.', + ["invalid-verification-code" /* AuthErrorCode.INVALID_CODE */]: 'The SMS verification code used to create the phone auth credential is ' + + 'invalid. Please resend the verification code sms and be sure to use the ' + + 'verification code provided by the user.', + ["invalid-continue-uri" /* AuthErrorCode.INVALID_CONTINUE_URI */]: 'The continue URL provided in the request is invalid.', + ["invalid-cordova-configuration" /* AuthErrorCode.INVALID_CORDOVA_CONFIGURATION */]: 'The following Cordova plugins must be installed to enable OAuth sign-in: ' + + 'cordova-plugin-buildinfo, cordova-universal-links-plugin, ' + + 'cordova-plugin-browsertab, cordova-plugin-inappbrowser and ' + + 'cordova-plugin-customurlscheme.', + ["invalid-custom-token" /* AuthErrorCode.INVALID_CUSTOM_TOKEN */]: 'The custom token format is incorrect. Please check the documentation.', + ["invalid-dynamic-link-domain" /* AuthErrorCode.INVALID_DYNAMIC_LINK_DOMAIN */]: 'The provided dynamic link domain is not configured or authorized for the current project.', + ["invalid-email" /* AuthErrorCode.INVALID_EMAIL */]: 'The email address is badly formatted.', + ["invalid-emulator-scheme" /* AuthErrorCode.INVALID_EMULATOR_SCHEME */]: 'Emulator URL must start with a valid scheme (http:// or https://).', + ["invalid-api-key" /* AuthErrorCode.INVALID_API_KEY */]: 'Your API key is invalid, please check you have copied it correctly.', + ["invalid-cert-hash" /* AuthErrorCode.INVALID_CERT_HASH */]: 'The SHA-1 certificate hash provided is invalid.', + ["invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */]: 'The supplied auth credential is incorrect, malformed or has expired.', + ["invalid-message-payload" /* AuthErrorCode.INVALID_MESSAGE_PAYLOAD */]: 'The email template corresponding to this action contains invalid characters in its message. ' + + 'Please fix by going to the Auth email templates section in the Firebase Console.', + ["invalid-multi-factor-session" /* AuthErrorCode.INVALID_MFA_SESSION */]: 'The request does not contain a valid proof of first factor successful sign-in.', + ["invalid-oauth-provider" /* AuthErrorCode.INVALID_OAUTH_PROVIDER */]: 'EmailAuthProvider is not supported for this operation. This operation ' + + 'only supports OAuth providers.', + ["invalid-oauth-client-id" /* AuthErrorCode.INVALID_OAUTH_CLIENT_ID */]: 'The OAuth client ID provided is either invalid or does not match the ' + + 'specified API key.', + ["unauthorized-domain" /* AuthErrorCode.INVALID_ORIGIN */]: 'This domain is not authorized for OAuth operations for your Firebase ' + + 'project. Edit the list of authorized domains from the Firebase console.', + ["invalid-action-code" /* AuthErrorCode.INVALID_OOB_CODE */]: 'The action code is invalid. This can happen if the code is malformed, ' + + 'expired, or has already been used.', + ["wrong-password" /* AuthErrorCode.INVALID_PASSWORD */]: 'The password is invalid or the user does not have a password.', + ["invalid-persistence-type" /* AuthErrorCode.INVALID_PERSISTENCE */]: 'The specified persistence type is invalid. It can only be local, session or none.', + ["invalid-phone-number" /* AuthErrorCode.INVALID_PHONE_NUMBER */]: 'The format of the phone number provided is incorrect. Please enter the ' + + 'phone number in a format that can be parsed into E.164 format. E.164 ' + + 'phone numbers are written in the format [+][country code][subscriber ' + + 'number including area code].', + ["invalid-provider-id" /* AuthErrorCode.INVALID_PROVIDER_ID */]: 'The specified provider ID is invalid.', + ["invalid-recipient-email" /* AuthErrorCode.INVALID_RECIPIENT_EMAIL */]: 'The email corresponding to this action failed to send as the provided ' + + 'recipient email address is invalid.', + ["invalid-sender" /* AuthErrorCode.INVALID_SENDER */]: 'The email template corresponding to this action contains an invalid sender email or name. ' + + 'Please fix by going to the Auth email templates section in the Firebase Console.', + ["invalid-verification-id" /* AuthErrorCode.INVALID_SESSION_INFO */]: 'The verification ID used to create the phone auth credential is invalid.', + ["invalid-tenant-id" /* AuthErrorCode.INVALID_TENANT_ID */]: "The Auth instance's tenant ID is invalid.", + ["login-blocked" /* AuthErrorCode.LOGIN_BLOCKED */]: 'Login blocked by user-provided method: {$originalMessage}', + ["missing-android-pkg-name" /* AuthErrorCode.MISSING_ANDROID_PACKAGE_NAME */]: 'An Android Package Name must be provided if the Android App is required to be installed.', + ["auth-domain-config-required" /* AuthErrorCode.MISSING_AUTH_DOMAIN */]: 'Be sure to include authDomain when calling firebase.initializeApp(), ' + + 'by following the instructions in the Firebase console.', + ["missing-app-credential" /* AuthErrorCode.MISSING_APP_CREDENTIAL */]: 'The phone verification request is missing an application verifier ' + + 'assertion. A reCAPTCHA response token needs to be provided.', + ["missing-verification-code" /* AuthErrorCode.MISSING_CODE */]: 'The phone auth credential was created with an empty SMS verification code.', + ["missing-continue-uri" /* AuthErrorCode.MISSING_CONTINUE_URI */]: 'A continue URL must be provided in the request.', + ["missing-iframe-start" /* AuthErrorCode.MISSING_IFRAME_START */]: 'An internal AuthError has occurred.', + ["missing-ios-bundle-id" /* AuthErrorCode.MISSING_IOS_BUNDLE_ID */]: 'An iOS Bundle ID must be provided if an App Store ID is provided.', + ["missing-or-invalid-nonce" /* AuthErrorCode.MISSING_OR_INVALID_NONCE */]: 'The request does not contain a valid nonce. This can occur if the ' + + 'SHA-256 hash of the provided raw nonce does not match the hashed nonce ' + + 'in the ID token payload.', + ["missing-password" /* AuthErrorCode.MISSING_PASSWORD */]: 'A non-empty password must be provided', + ["missing-multi-factor-info" /* AuthErrorCode.MISSING_MFA_INFO */]: 'No second factor identifier is provided.', + ["missing-multi-factor-session" /* AuthErrorCode.MISSING_MFA_SESSION */]: 'The request is missing proof of first factor successful sign-in.', + ["missing-phone-number" /* AuthErrorCode.MISSING_PHONE_NUMBER */]: 'To send verification codes, provide a phone number for the recipient.', + ["missing-verification-id" /* AuthErrorCode.MISSING_SESSION_INFO */]: 'The phone auth credential was created with an empty verification ID.', + ["app-deleted" /* AuthErrorCode.MODULE_DESTROYED */]: 'This instance of FirebaseApp has been deleted.', + ["multi-factor-info-not-found" /* AuthErrorCode.MFA_INFO_NOT_FOUND */]: 'The user does not have a second factor matching the identifier provided.', + ["multi-factor-auth-required" /* AuthErrorCode.MFA_REQUIRED */]: 'Proof of ownership of a second factor is required to complete sign-in.', + ["account-exists-with-different-credential" /* AuthErrorCode.NEED_CONFIRMATION */]: 'An account already exists with the same email address but different ' + + 'sign-in credentials. Sign in using a provider associated with this ' + + 'email address.', + ["network-request-failed" /* AuthErrorCode.NETWORK_REQUEST_FAILED */]: 'A network AuthError (such as timeout, interrupted connection or unreachable host) has occurred.', + ["no-auth-event" /* AuthErrorCode.NO_AUTH_EVENT */]: 'An internal AuthError has occurred.', + ["no-such-provider" /* AuthErrorCode.NO_SUCH_PROVIDER */]: 'User was not linked to an account with the given provider.', + ["null-user" /* AuthErrorCode.NULL_USER */]: 'A null user object was provided as the argument for an operation which ' + + 'requires a non-null user object.', + ["operation-not-allowed" /* AuthErrorCode.OPERATION_NOT_ALLOWED */]: 'The given sign-in provider is disabled for this Firebase project. ' + + 'Enable it in the Firebase console, under the sign-in method tab of the ' + + 'Auth section.', + ["operation-not-supported-in-this-environment" /* AuthErrorCode.OPERATION_NOT_SUPPORTED */]: 'This operation is not supported in the environment this application is ' + + 'running on. "location.protocol" must be http, https or chrome-extension' + + ' and web storage must be enabled.', + ["popup-blocked" /* AuthErrorCode.POPUP_BLOCKED */]: 'Unable to establish a connection with the popup. It may have been blocked by the browser.', + ["popup-closed-by-user" /* AuthErrorCode.POPUP_CLOSED_BY_USER */]: 'The popup has been closed by the user before finalizing the operation.', + ["provider-already-linked" /* AuthErrorCode.PROVIDER_ALREADY_LINKED */]: 'User can only be linked to one identity for the given provider.', + ["quota-exceeded" /* AuthErrorCode.QUOTA_EXCEEDED */]: "The project's quota for this operation has been exceeded.", + ["redirect-cancelled-by-user" /* AuthErrorCode.REDIRECT_CANCELLED_BY_USER */]: 'The redirect operation has been cancelled by the user before finalizing.', + ["redirect-operation-pending" /* AuthErrorCode.REDIRECT_OPERATION_PENDING */]: 'A redirect sign-in operation is already pending.', + ["rejected-credential" /* AuthErrorCode.REJECTED_CREDENTIAL */]: 'The request contains malformed or mismatching credentials.', + ["second-factor-already-in-use" /* AuthErrorCode.SECOND_FACTOR_ALREADY_ENROLLED */]: 'The second factor is already enrolled on this account.', + ["maximum-second-factor-count-exceeded" /* AuthErrorCode.SECOND_FACTOR_LIMIT_EXCEEDED */]: 'The maximum allowed number of second factors on a user has been exceeded.', + ["tenant-id-mismatch" /* AuthErrorCode.TENANT_ID_MISMATCH */]: "The provided tenant ID does not match the Auth instance's tenant ID", + ["timeout" /* AuthErrorCode.TIMEOUT */]: 'The operation has timed out.', + ["user-token-expired" /* AuthErrorCode.TOKEN_EXPIRED */]: "The user's credential is no longer valid. The user must sign in again.", + ["too-many-requests" /* AuthErrorCode.TOO_MANY_ATTEMPTS_TRY_LATER */]: 'We have blocked all requests from this device due to unusual activity. ' + + 'Try again later.', + ["unauthorized-continue-uri" /* AuthErrorCode.UNAUTHORIZED_DOMAIN */]: 'The domain of the continue URL is not whitelisted. Please whitelist ' + + 'the domain in the Firebase console.', + ["unsupported-first-factor" /* AuthErrorCode.UNSUPPORTED_FIRST_FACTOR */]: 'Enrolling a second factor or signing in with a multi-factor account requires sign-in with a supported first factor.', + ["unsupported-persistence-type" /* AuthErrorCode.UNSUPPORTED_PERSISTENCE */]: 'The current environment does not support the specified persistence type.', + ["unsupported-tenant-operation" /* AuthErrorCode.UNSUPPORTED_TENANT_OPERATION */]: 'This operation is not supported in a multi-tenant context.', + ["unverified-email" /* AuthErrorCode.UNVERIFIED_EMAIL */]: 'The operation requires a verified email.', + ["user-cancelled" /* AuthErrorCode.USER_CANCELLED */]: 'The user did not grant your application the permissions it requested.', + ["user-not-found" /* AuthErrorCode.USER_DELETED */]: 'There is no user record corresponding to this identifier. The user may ' + + 'have been deleted.', + ["user-disabled" /* AuthErrorCode.USER_DISABLED */]: 'The user account has been disabled by an administrator.', + ["user-mismatch" /* AuthErrorCode.USER_MISMATCH */]: 'The supplied credentials do not correspond to the previously signed in user.', + ["user-signed-out" /* AuthErrorCode.USER_SIGNED_OUT */]: '', + ["weak-password" /* AuthErrorCode.WEAK_PASSWORD */]: 'The password must be 6 characters long or more.', + ["web-storage-unsupported" /* AuthErrorCode.WEB_STORAGE_UNSUPPORTED */]: 'This browser is not supported or 3rd party cookies and data may be disabled.', + ["already-initialized" /* AuthErrorCode.ALREADY_INITIALIZED */]: 'initializeAuth() has already been called with ' + + 'different options. To avoid this error, call initializeAuth() with the ' + + 'same options as when it was originally called, or call getAuth() to return the' + + ' already initialized instance.', + ["missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */]: 'The reCAPTCHA token is missing when sending request to the backend.', + ["invalid-recaptcha-token" /* AuthErrorCode.INVALID_RECAPTCHA_TOKEN */]: 'The reCAPTCHA token is invalid when sending request to the backend.', + ["invalid-recaptcha-action" /* AuthErrorCode.INVALID_RECAPTCHA_ACTION */]: 'The reCAPTCHA action is invalid when sending request to the backend.', + ["recaptcha-not-enabled" /* AuthErrorCode.RECAPTCHA_NOT_ENABLED */]: 'reCAPTCHA Enterprise integration is not enabled for this project.', + ["missing-client-type" /* AuthErrorCode.MISSING_CLIENT_TYPE */]: 'The reCAPTCHA client type is missing when sending request to the backend.', + ["missing-recaptcha-version" /* AuthErrorCode.MISSING_RECAPTCHA_VERSION */]: 'The reCAPTCHA version is missing when sending request to the backend.', + ["invalid-req-type" /* AuthErrorCode.INVALID_REQ_TYPE */]: 'Invalid request parameters.', + ["invalid-recaptcha-version" /* AuthErrorCode.INVALID_RECAPTCHA_VERSION */]: 'The reCAPTCHA version is invalid when sending request to the backend.', + ["unsupported-password-policy-schema-version" /* AuthErrorCode.UNSUPPORTED_PASSWORD_POLICY_SCHEMA_VERSION */]: 'The password policy received from the backend uses a schema version that is not supported by this version of the Firebase SDK.', + ["password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */]: 'The password does not meet the requirements.', + ["invalid-hosting-link-domain" /* AuthErrorCode.INVALID_HOSTING_LINK_DOMAIN */]: 'The provided Hosting link domain is not configured in Firebase Hosting or is not owned by ' + + 'the current project. This cannot be a default Hosting domain (`web.app` or `firebaseapp.com`).' + }; +} +function _prodErrorMap() { + // We will include this one message in the prod error map since by the very + // nature of this error, developers will never be able to see the message + // using the debugErrorMap (which is installed during auth initialization). + return { + ["dependent-sdk-initialized-before-auth" /* AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH */]: 'Another Firebase SDK was initialized and is trying to use Auth before Auth is ' + + 'initialized. Please be sure to call `initializeAuth` or `getAuth` before ' + + 'starting any other Firebase SDK.' + }; +} +/** + * A verbose error map with detailed descriptions for most error codes. + * + * See discussion at {@link AuthErrorMap} + * + * @public + */ +const debugErrorMap = _debugErrorMap; +/** + * A minimal error map with all verbose error messages stripped. + * + * See discussion at {@link AuthErrorMap} + * + * @public + */ +const prodErrorMap = _prodErrorMap; +const _DEFAULT_AUTH_ERROR_FACTORY = new util.ErrorFactory('auth', 'Firebase', _prodErrorMap()); +/** + * A map of potential `Auth` error codes, for easier comparison with errors + * thrown by the SDK. + * + * @remarks + * Note that you can't tree-shake individual keys + * in the map, so by using the map you might substantially increase your + * bundle size. + * + * @public + */ +const AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = { + ADMIN_ONLY_OPERATION: 'auth/admin-restricted-operation', + ARGUMENT_ERROR: 'auth/argument-error', + APP_NOT_AUTHORIZED: 'auth/app-not-authorized', + APP_NOT_INSTALLED: 'auth/app-not-installed', + CAPTCHA_CHECK_FAILED: 'auth/captcha-check-failed', + CODE_EXPIRED: 'auth/code-expired', + CORDOVA_NOT_READY: 'auth/cordova-not-ready', + CORS_UNSUPPORTED: 'auth/cors-unsupported', + CREDENTIAL_ALREADY_IN_USE: 'auth/credential-already-in-use', + CREDENTIAL_MISMATCH: 'auth/custom-token-mismatch', + CREDENTIAL_TOO_OLD_LOGIN_AGAIN: 'auth/requires-recent-login', + DEPENDENT_SDK_INIT_BEFORE_AUTH: 'auth/dependent-sdk-initialized-before-auth', + DYNAMIC_LINK_NOT_ACTIVATED: 'auth/dynamic-link-not-activated', + EMAIL_CHANGE_NEEDS_VERIFICATION: 'auth/email-change-needs-verification', + EMAIL_EXISTS: 'auth/email-already-in-use', + EMULATOR_CONFIG_FAILED: 'auth/emulator-config-failed', + EXPIRED_OOB_CODE: 'auth/expired-action-code', + EXPIRED_POPUP_REQUEST: 'auth/cancelled-popup-request', + INTERNAL_ERROR: 'auth/internal-error', + INVALID_API_KEY: 'auth/invalid-api-key', + INVALID_APP_CREDENTIAL: 'auth/invalid-app-credential', + INVALID_APP_ID: 'auth/invalid-app-id', + INVALID_AUTH: 'auth/invalid-user-token', + INVALID_AUTH_EVENT: 'auth/invalid-auth-event', + INVALID_CERT_HASH: 'auth/invalid-cert-hash', + INVALID_CODE: 'auth/invalid-verification-code', + INVALID_CONTINUE_URI: 'auth/invalid-continue-uri', + INVALID_CORDOVA_CONFIGURATION: 'auth/invalid-cordova-configuration', + INVALID_CUSTOM_TOKEN: 'auth/invalid-custom-token', + INVALID_DYNAMIC_LINK_DOMAIN: 'auth/invalid-dynamic-link-domain', + INVALID_EMAIL: 'auth/invalid-email', + INVALID_EMULATOR_SCHEME: 'auth/invalid-emulator-scheme', + INVALID_IDP_RESPONSE: 'auth/invalid-credential', + INVALID_LOGIN_CREDENTIALS: 'auth/invalid-credential', + INVALID_MESSAGE_PAYLOAD: 'auth/invalid-message-payload', + INVALID_MFA_SESSION: 'auth/invalid-multi-factor-session', + INVALID_OAUTH_CLIENT_ID: 'auth/invalid-oauth-client-id', + INVALID_OAUTH_PROVIDER: 'auth/invalid-oauth-provider', + INVALID_OOB_CODE: 'auth/invalid-action-code', + INVALID_ORIGIN: 'auth/unauthorized-domain', + INVALID_PASSWORD: 'auth/wrong-password', + INVALID_PERSISTENCE: 'auth/invalid-persistence-type', + INVALID_PHONE_NUMBER: 'auth/invalid-phone-number', + INVALID_PROVIDER_ID: 'auth/invalid-provider-id', + INVALID_RECIPIENT_EMAIL: 'auth/invalid-recipient-email', + INVALID_SENDER: 'auth/invalid-sender', + INVALID_SESSION_INFO: 'auth/invalid-verification-id', + INVALID_TENANT_ID: 'auth/invalid-tenant-id', + MFA_INFO_NOT_FOUND: 'auth/multi-factor-info-not-found', + MFA_REQUIRED: 'auth/multi-factor-auth-required', + MISSING_ANDROID_PACKAGE_NAME: 'auth/missing-android-pkg-name', + MISSING_APP_CREDENTIAL: 'auth/missing-app-credential', + MISSING_AUTH_DOMAIN: 'auth/auth-domain-config-required', + MISSING_CODE: 'auth/missing-verification-code', + MISSING_CONTINUE_URI: 'auth/missing-continue-uri', + MISSING_IFRAME_START: 'auth/missing-iframe-start', + MISSING_IOS_BUNDLE_ID: 'auth/missing-ios-bundle-id', + MISSING_OR_INVALID_NONCE: 'auth/missing-or-invalid-nonce', + MISSING_MFA_INFO: 'auth/missing-multi-factor-info', + MISSING_MFA_SESSION: 'auth/missing-multi-factor-session', + MISSING_PHONE_NUMBER: 'auth/missing-phone-number', + MISSING_PASSWORD: 'auth/missing-password', + MISSING_SESSION_INFO: 'auth/missing-verification-id', + MODULE_DESTROYED: 'auth/app-deleted', + NEED_CONFIRMATION: 'auth/account-exists-with-different-credential', + NETWORK_REQUEST_FAILED: 'auth/network-request-failed', + NULL_USER: 'auth/null-user', + NO_AUTH_EVENT: 'auth/no-auth-event', + NO_SUCH_PROVIDER: 'auth/no-such-provider', + OPERATION_NOT_ALLOWED: 'auth/operation-not-allowed', + OPERATION_NOT_SUPPORTED: 'auth/operation-not-supported-in-this-environment', + POPUP_BLOCKED: 'auth/popup-blocked', + POPUP_CLOSED_BY_USER: 'auth/popup-closed-by-user', + PROVIDER_ALREADY_LINKED: 'auth/provider-already-linked', + QUOTA_EXCEEDED: 'auth/quota-exceeded', + REDIRECT_CANCELLED_BY_USER: 'auth/redirect-cancelled-by-user', + REDIRECT_OPERATION_PENDING: 'auth/redirect-operation-pending', + REJECTED_CREDENTIAL: 'auth/rejected-credential', + SECOND_FACTOR_ALREADY_ENROLLED: 'auth/second-factor-already-in-use', + SECOND_FACTOR_LIMIT_EXCEEDED: 'auth/maximum-second-factor-count-exceeded', + TENANT_ID_MISMATCH: 'auth/tenant-id-mismatch', + TIMEOUT: 'auth/timeout', + TOKEN_EXPIRED: 'auth/user-token-expired', + TOO_MANY_ATTEMPTS_TRY_LATER: 'auth/too-many-requests', + UNAUTHORIZED_DOMAIN: 'auth/unauthorized-continue-uri', + UNSUPPORTED_FIRST_FACTOR: 'auth/unsupported-first-factor', + UNSUPPORTED_PERSISTENCE: 'auth/unsupported-persistence-type', + UNSUPPORTED_TENANT_OPERATION: 'auth/unsupported-tenant-operation', + UNVERIFIED_EMAIL: 'auth/unverified-email', + USER_CANCELLED: 'auth/user-cancelled', + USER_DELETED: 'auth/user-not-found', + USER_DISABLED: 'auth/user-disabled', + USER_MISMATCH: 'auth/user-mismatch', + USER_SIGNED_OUT: 'auth/user-signed-out', + WEAK_PASSWORD: 'auth/weak-password', + WEB_STORAGE_UNSUPPORTED: 'auth/web-storage-unsupported', + ALREADY_INITIALIZED: 'auth/already-initialized', + RECAPTCHA_NOT_ENABLED: 'auth/recaptcha-not-enabled', + MISSING_RECAPTCHA_TOKEN: 'auth/missing-recaptcha-token', + INVALID_RECAPTCHA_TOKEN: 'auth/invalid-recaptcha-token', + INVALID_RECAPTCHA_ACTION: 'auth/invalid-recaptcha-action', + MISSING_CLIENT_TYPE: 'auth/missing-client-type', + MISSING_RECAPTCHA_VERSION: 'auth/missing-recaptcha-version', + INVALID_RECAPTCHA_VERSION: 'auth/invalid-recaptcha-version', + INVALID_REQ_TYPE: 'auth/invalid-req-type', + INVALID_HOSTING_LINK_DOMAIN: 'auth/invalid-hosting-link-domain' +}; + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +const logClient = new logger.Logger('@firebase/auth'); +function _logWarn(msg, ...args) { + if (logClient.logLevel <= logger.LogLevel.WARN) { + logClient.warn(`Auth (${app.SDK_VERSION}): ${msg}`, ...args); + } +} +function _logError(msg, ...args) { + if (logClient.logLevel <= logger.LogLevel.ERROR) { + logClient.error(`Auth (${app.SDK_VERSION}): ${msg}`, ...args); + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +function _fail(authOrCode, ...rest) { + throw createErrorInternal(authOrCode, ...rest); +} +function _createError(authOrCode, ...rest) { + return createErrorInternal(authOrCode, ...rest); +} +function _errorWithCustomMessage(auth, code, message) { + const errorMap = { + ...prodErrorMap(), + [code]: message + }; + const factory = new util.ErrorFactory('auth', 'Firebase', errorMap); + return factory.create(code, { + appName: auth.name + }); +} +function _serverAppCurrentUserOperationNotSupportedError(auth) { + return _errorWithCustomMessage(auth, "operation-not-supported-in-this-environment" /* AuthErrorCode.OPERATION_NOT_SUPPORTED */, 'Operations that alter the current user are not supported in conjunction with FirebaseServerApp'); +} +function createErrorInternal(authOrCode, ...rest) { + if (typeof authOrCode !== 'string') { + const code = rest[0]; + const fullParams = [...rest.slice(1)]; + if (fullParams[0]) { + fullParams[0].appName = authOrCode.name; + } + return authOrCode._errorFactory.create(code, ...fullParams); + } + return _DEFAULT_AUTH_ERROR_FACTORY.create(authOrCode, ...rest); +} +function _assert(assertion, authOrCode, ...rest) { + if (!assertion) { + throw createErrorInternal(authOrCode, ...rest); + } +} +/** + * Unconditionally fails, throwing an internal error with the given message. + * + * @param failure type of failure encountered + * @throws Error + */ +function debugFail(failure) { + // Log the failure in addition to throw an exception, just in case the + // exception is swallowed. + const message = `INTERNAL ASSERTION FAILED: ` + failure; + _logError(message); + // NOTE: We don't use FirebaseError here because these are internal failures + // that cannot be handled by the user. (Also it would create a circular + // dependency between the error and assert modules which doesn't work.) + throw new Error(message); +} +/** + * Fails if the given assertion condition is false, throwing an Error with the + * given message if it did. + * + * @param assertion + * @param message + */ +function debugAssert(assertion, message) { + if (!assertion) { + debugFail(message); + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +function _getCurrentUrl() { + return (typeof self !== 'undefined' && self.location?.href) || ''; +} +function _isHttpOrHttps() { + return _getCurrentScheme() === 'http:' || _getCurrentScheme() === 'https:'; +} +function _getCurrentScheme() { + return (typeof self !== 'undefined' && self.location?.protocol) || null; +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Determine whether the browser is working online + */ +function _isOnline() { + if (typeof navigator !== 'undefined' && + navigator && + 'onLine' in navigator && + typeof navigator.onLine === 'boolean' && + // Apply only for traditional web apps and Chrome extensions. + // This is especially true for Cordova apps which have unreliable + // navigator.onLine behavior unless cordova-plugin-network-information is + // installed which overwrites the native navigator.onLine value and + // defines navigator.connection. + (_isHttpOrHttps() || util.isBrowserExtension() || 'connection' in navigator)) { + return navigator.onLine; + } + // If we can't determine the state, assume it is online. + return true; +} +function _getUserLanguage() { + if (typeof navigator === 'undefined') { + return null; + } + const navigatorLanguage = navigator; + return ( + // Most reliable, but only supported in Chrome/Firefox. + (navigatorLanguage.languages && navigatorLanguage.languages[0]) || + // Supported in most browsers, but returns the language of the browser + // UI, not the language set in browser settings. + navigatorLanguage.language || + // Couldn't determine language. + null); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * A structure to help pick between a range of long and short delay durations + * depending on the current environment. In general, the long delay is used for + * mobile environments whereas short delays are used for desktop environments. + */ +class Delay { + constructor(shortDelay, longDelay) { + this.shortDelay = shortDelay; + this.longDelay = longDelay; + // Internal error when improperly initialized. + debugAssert(longDelay > shortDelay, 'Short delay should be less than long delay!'); + this.isMobile = util.isMobileCordova() || util.isReactNative(); + } + get() { + if (!_isOnline()) { + // Pick the shorter timeout. + return Math.min(5000 /* DelayMin.OFFLINE */, this.shortDelay); + } + // If running in a mobile environment, return the long delay, otherwise + // return the short delay. + // This could be improved in the future to dynamically change based on other + // variables instead of just reading the current environment. + return this.isMobile ? this.longDelay : this.shortDelay; + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +function _emulatorUrl(config, path) { + debugAssert(config.emulator, 'Emulator should always be set here'); + const { url } = config.emulator; + if (!path) { + return url; + } + return `${url}${path.startsWith('/') ? path.slice(1) : path}`; +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +class FetchProvider { + static initialize(fetchImpl, headersImpl, responseImpl) { + this.fetchImpl = fetchImpl; + if (headersImpl) { + this.headersImpl = headersImpl; + } + if (responseImpl) { + this.responseImpl = responseImpl; + } + } + static fetch() { + if (this.fetchImpl) { + return this.fetchImpl; + } + if (typeof self !== 'undefined' && 'fetch' in self) { + return self.fetch; + } + if (typeof globalThis !== 'undefined' && globalThis.fetch) { + return globalThis.fetch; + } + if (typeof fetch !== 'undefined') { + return fetch; + } + debugFail('Could not find fetch implementation, make sure you call FetchProvider.initialize() with an appropriate polyfill'); + } + static headers() { + if (this.headersImpl) { + return this.headersImpl; + } + if (typeof self !== 'undefined' && 'Headers' in self) { + return self.Headers; + } + if (typeof globalThis !== 'undefined' && globalThis.Headers) { + return globalThis.Headers; + } + if (typeof Headers !== 'undefined') { + return Headers; + } + debugFail('Could not find Headers implementation, make sure you call FetchProvider.initialize() with an appropriate polyfill'); + } + static response() { + if (this.responseImpl) { + return this.responseImpl; + } + if (typeof self !== 'undefined' && 'Response' in self) { + return self.Response; + } + if (typeof globalThis !== 'undefined' && globalThis.Response) { + return globalThis.Response; + } + if (typeof Response !== 'undefined') { + return Response; + } + debugFail('Could not find Response implementation, make sure you call FetchProvider.initialize() with an appropriate polyfill'); + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Map from errors returned by the server to errors to developer visible errors + */ +const SERVER_ERROR_MAP = { + // Custom token errors. + ["CREDENTIAL_MISMATCH" /* ServerError.CREDENTIAL_MISMATCH */]: "custom-token-mismatch" /* AuthErrorCode.CREDENTIAL_MISMATCH */, + // This can only happen if the SDK sends a bad request. + ["MISSING_CUSTOM_TOKEN" /* ServerError.MISSING_CUSTOM_TOKEN */]: "internal-error" /* AuthErrorCode.INTERNAL_ERROR */, + // Create Auth URI errors. + ["INVALID_IDENTIFIER" /* ServerError.INVALID_IDENTIFIER */]: "invalid-email" /* AuthErrorCode.INVALID_EMAIL */, + // This can only happen if the SDK sends a bad request. + ["MISSING_CONTINUE_URI" /* ServerError.MISSING_CONTINUE_URI */]: "internal-error" /* AuthErrorCode.INTERNAL_ERROR */, + // Sign in with email and password errors (some apply to sign up too). + ["INVALID_PASSWORD" /* ServerError.INVALID_PASSWORD */]: "wrong-password" /* AuthErrorCode.INVALID_PASSWORD */, + // This can only happen if the SDK sends a bad request. + ["MISSING_PASSWORD" /* ServerError.MISSING_PASSWORD */]: "missing-password" /* AuthErrorCode.MISSING_PASSWORD */, + // Thrown if Email Enumeration Protection is enabled in the project and the email or password is + // invalid. + ["INVALID_LOGIN_CREDENTIALS" /* ServerError.INVALID_LOGIN_CREDENTIALS */]: "invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */, + // Sign up with email and password errors. + ["EMAIL_EXISTS" /* ServerError.EMAIL_EXISTS */]: "email-already-in-use" /* AuthErrorCode.EMAIL_EXISTS */, + ["PASSWORD_LOGIN_DISABLED" /* ServerError.PASSWORD_LOGIN_DISABLED */]: "operation-not-allowed" /* AuthErrorCode.OPERATION_NOT_ALLOWED */, + // Verify assertion for sign in with credential errors: + ["INVALID_IDP_RESPONSE" /* ServerError.INVALID_IDP_RESPONSE */]: "invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */, + ["INVALID_PENDING_TOKEN" /* ServerError.INVALID_PENDING_TOKEN */]: "invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */, + ["FEDERATED_USER_ID_ALREADY_LINKED" /* ServerError.FEDERATED_USER_ID_ALREADY_LINKED */]: "credential-already-in-use" /* AuthErrorCode.CREDENTIAL_ALREADY_IN_USE */, + // This can only happen if the SDK sends a bad request. + ["MISSING_REQ_TYPE" /* ServerError.MISSING_REQ_TYPE */]: "internal-error" /* AuthErrorCode.INTERNAL_ERROR */, + // Send Password reset email errors: + ["EMAIL_NOT_FOUND" /* ServerError.EMAIL_NOT_FOUND */]: "user-not-found" /* AuthErrorCode.USER_DELETED */, + ["RESET_PASSWORD_EXCEED_LIMIT" /* ServerError.RESET_PASSWORD_EXCEED_LIMIT */]: "too-many-requests" /* AuthErrorCode.TOO_MANY_ATTEMPTS_TRY_LATER */, + ["EXPIRED_OOB_CODE" /* ServerError.EXPIRED_OOB_CODE */]: "expired-action-code" /* AuthErrorCode.EXPIRED_OOB_CODE */, + ["INVALID_OOB_CODE" /* ServerError.INVALID_OOB_CODE */]: "invalid-action-code" /* AuthErrorCode.INVALID_OOB_CODE */, + // This can only happen if the SDK sends a bad request. + ["MISSING_OOB_CODE" /* ServerError.MISSING_OOB_CODE */]: "internal-error" /* AuthErrorCode.INTERNAL_ERROR */, + // Operations that require ID token in request: + ["CREDENTIAL_TOO_OLD_LOGIN_AGAIN" /* ServerError.CREDENTIAL_TOO_OLD_LOGIN_AGAIN */]: "requires-recent-login" /* AuthErrorCode.CREDENTIAL_TOO_OLD_LOGIN_AGAIN */, + ["INVALID_ID_TOKEN" /* ServerError.INVALID_ID_TOKEN */]: "invalid-user-token" /* AuthErrorCode.INVALID_AUTH */, + ["TOKEN_EXPIRED" /* ServerError.TOKEN_EXPIRED */]: "user-token-expired" /* AuthErrorCode.TOKEN_EXPIRED */, + ["USER_NOT_FOUND" /* ServerError.USER_NOT_FOUND */]: "user-token-expired" /* AuthErrorCode.TOKEN_EXPIRED */, + // Other errors. + ["TOO_MANY_ATTEMPTS_TRY_LATER" /* ServerError.TOO_MANY_ATTEMPTS_TRY_LATER */]: "too-many-requests" /* AuthErrorCode.TOO_MANY_ATTEMPTS_TRY_LATER */, + ["PASSWORD_DOES_NOT_MEET_REQUIREMENTS" /* ServerError.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */]: "password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */, + // Phone Auth related errors. + ["INVALID_CODE" /* ServerError.INVALID_CODE */]: "invalid-verification-code" /* AuthErrorCode.INVALID_CODE */, + ["INVALID_SESSION_INFO" /* ServerError.INVALID_SESSION_INFO */]: "invalid-verification-id" /* AuthErrorCode.INVALID_SESSION_INFO */, + ["INVALID_TEMPORARY_PROOF" /* ServerError.INVALID_TEMPORARY_PROOF */]: "invalid-credential" /* AuthErrorCode.INVALID_CREDENTIAL */, + ["MISSING_SESSION_INFO" /* ServerError.MISSING_SESSION_INFO */]: "missing-verification-id" /* AuthErrorCode.MISSING_SESSION_INFO */, + ["SESSION_EXPIRED" /* ServerError.SESSION_EXPIRED */]: "code-expired" /* AuthErrorCode.CODE_EXPIRED */, + // Other action code errors when additional settings passed. + // MISSING_CONTINUE_URI is getting mapped to INTERNAL_ERROR above. + // This is OK as this error will be caught by client side validation. + ["MISSING_ANDROID_PACKAGE_NAME" /* ServerError.MISSING_ANDROID_PACKAGE_NAME */]: "missing-android-pkg-name" /* AuthErrorCode.MISSING_ANDROID_PACKAGE_NAME */, + ["UNAUTHORIZED_DOMAIN" /* ServerError.UNAUTHORIZED_DOMAIN */]: "unauthorized-continue-uri" /* AuthErrorCode.UNAUTHORIZED_DOMAIN */, + // getProjectConfig errors when clientId is passed. + ["INVALID_OAUTH_CLIENT_ID" /* ServerError.INVALID_OAUTH_CLIENT_ID */]: "invalid-oauth-client-id" /* AuthErrorCode.INVALID_OAUTH_CLIENT_ID */, + // User actions (sign-up or deletion) disabled errors. + ["ADMIN_ONLY_OPERATION" /* ServerError.ADMIN_ONLY_OPERATION */]: "admin-restricted-operation" /* AuthErrorCode.ADMIN_ONLY_OPERATION */, + // Multi factor related errors. + ["INVALID_MFA_PENDING_CREDENTIAL" /* ServerError.INVALID_MFA_PENDING_CREDENTIAL */]: "invalid-multi-factor-session" /* AuthErrorCode.INVALID_MFA_SESSION */, + ["MFA_ENROLLMENT_NOT_FOUND" /* ServerError.MFA_ENROLLMENT_NOT_FOUND */]: "multi-factor-info-not-found" /* AuthErrorCode.MFA_INFO_NOT_FOUND */, + ["MISSING_MFA_ENROLLMENT_ID" /* ServerError.MISSING_MFA_ENROLLMENT_ID */]: "missing-multi-factor-info" /* AuthErrorCode.MISSING_MFA_INFO */, + ["MISSING_MFA_PENDING_CREDENTIAL" /* ServerError.MISSING_MFA_PENDING_CREDENTIAL */]: "missing-multi-factor-session" /* AuthErrorCode.MISSING_MFA_SESSION */, + ["SECOND_FACTOR_EXISTS" /* ServerError.SECOND_FACTOR_EXISTS */]: "second-factor-already-in-use" /* AuthErrorCode.SECOND_FACTOR_ALREADY_ENROLLED */, + ["SECOND_FACTOR_LIMIT_EXCEEDED" /* ServerError.SECOND_FACTOR_LIMIT_EXCEEDED */]: "maximum-second-factor-count-exceeded" /* AuthErrorCode.SECOND_FACTOR_LIMIT_EXCEEDED */, + // Blocking functions related errors. + ["BLOCKING_FUNCTION_ERROR_RESPONSE" /* ServerError.BLOCKING_FUNCTION_ERROR_RESPONSE */]: "internal-error" /* AuthErrorCode.INTERNAL_ERROR */, + // Recaptcha related errors. + ["RECAPTCHA_NOT_ENABLED" /* ServerError.RECAPTCHA_NOT_ENABLED */]: "recaptcha-not-enabled" /* AuthErrorCode.RECAPTCHA_NOT_ENABLED */, + ["MISSING_RECAPTCHA_TOKEN" /* ServerError.MISSING_RECAPTCHA_TOKEN */]: "missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */, + ["INVALID_RECAPTCHA_TOKEN" /* ServerError.INVALID_RECAPTCHA_TOKEN */]: "invalid-recaptcha-token" /* AuthErrorCode.INVALID_RECAPTCHA_TOKEN */, + ["INVALID_RECAPTCHA_ACTION" /* ServerError.INVALID_RECAPTCHA_ACTION */]: "invalid-recaptcha-action" /* AuthErrorCode.INVALID_RECAPTCHA_ACTION */, + ["MISSING_CLIENT_TYPE" /* ServerError.MISSING_CLIENT_TYPE */]: "missing-client-type" /* AuthErrorCode.MISSING_CLIENT_TYPE */, + ["MISSING_RECAPTCHA_VERSION" /* ServerError.MISSING_RECAPTCHA_VERSION */]: "missing-recaptcha-version" /* AuthErrorCode.MISSING_RECAPTCHA_VERSION */, + ["INVALID_RECAPTCHA_VERSION" /* ServerError.INVALID_RECAPTCHA_VERSION */]: "invalid-recaptcha-version" /* AuthErrorCode.INVALID_RECAPTCHA_VERSION */, + ["INVALID_REQ_TYPE" /* ServerError.INVALID_REQ_TYPE */]: "invalid-req-type" /* AuthErrorCode.INVALID_REQ_TYPE */ +}; + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +const CookieAuthProxiedEndpoints = [ + "/v1/accounts:signInWithCustomToken" /* Endpoint.SIGN_IN_WITH_CUSTOM_TOKEN */, + "/v1/accounts:signInWithEmailLink" /* Endpoint.SIGN_IN_WITH_EMAIL_LINK */, + "/v1/accounts:signInWithIdp" /* Endpoint.SIGN_IN_WITH_IDP */, + "/v1/accounts:signInWithPassword" /* Endpoint.SIGN_IN_WITH_PASSWORD */, + "/v1/accounts:signInWithPhoneNumber" /* Endpoint.SIGN_IN_WITH_PHONE_NUMBER */, + "/v1/token" /* Endpoint.TOKEN */ +]; +const DEFAULT_API_TIMEOUT_MS = new Delay(30000, 60000); +function _addTidIfNecessary(auth, request) { + if (auth.tenantId && !request.tenantId) { + return { + ...request, + tenantId: auth.tenantId + }; + } + return request; +} +async function _performApiRequest(auth, method, path, request, customErrorMap = {}) { + return _performFetchWithErrorHandling(auth, customErrorMap, async () => { + let body = {}; + let params = {}; + if (request) { + if (method === "GET" /* HttpMethod.GET */) { + params = request; + } + else { + body = { + body: JSON.stringify(request) + }; + } + } + const query = util.querystring({ + key: auth.config.apiKey, + ...params + }).slice(1); + const headers = await auth._getAdditionalHeaders(); + headers["Content-Type" /* HttpHeader.CONTENT_TYPE */] = 'application/json'; + if (auth.languageCode) { + headers["X-Firebase-Locale" /* HttpHeader.X_FIREBASE_LOCALE */] = auth.languageCode; + } + const fetchArgs = { + method, + headers, + ...body + }; + /* Security-conscious server-side frameworks tend to have built in mitigations for referrer + problems". See the Cloudflare GitHub issue #487: Error: The 'referrerPolicy' field on + 'RequestInitializerDict' is not implemented." + https://github.com/cloudflare/next-on-pages/issues/487 */ + if (!util.isCloudflareWorker()) { + fetchArgs.referrerPolicy = 'no-referrer'; + } + if (auth.emulatorConfig && util.isCloudWorkstation(auth.emulatorConfig.host)) { + fetchArgs.credentials = 'include'; + } + return FetchProvider.fetch()(await _getFinalTarget(auth, auth.config.apiHost, path, query), fetchArgs); + }); +} +async function _performFetchWithErrorHandling(auth, customErrorMap, fetchFn) { + auth._canInitEmulator = false; + const errorMap = { ...SERVER_ERROR_MAP, ...customErrorMap }; + try { + const networkTimeout = new NetworkTimeout(auth); + const response = await Promise.race([ + fetchFn(), + networkTimeout.promise + ]); + // If we've reached this point, the fetch succeeded and the networkTimeout + // didn't throw; clear the network timeout delay so that Node won't hang + networkTimeout.clearNetworkTimeout(); + const json = await response.json(); + if ('needConfirmation' in json) { + throw _makeTaggedError(auth, "account-exists-with-different-credential" /* AuthErrorCode.NEED_CONFIRMATION */, json); + } + if (response.ok && !('errorMessage' in json)) { + return json; + } + else { + const errorMessage = response.ok ? json.errorMessage : json.error.message; + const [serverErrorCode, serverErrorMessage] = errorMessage.split(' : '); + if (serverErrorCode === "FEDERATED_USER_ID_ALREADY_LINKED" /* ServerError.FEDERATED_USER_ID_ALREADY_LINKED */) { + throw _makeTaggedError(auth, "credential-already-in-use" /* AuthErrorCode.CREDENTIAL_ALREADY_IN_USE */, json); + } + else if (serverErrorCode === "EMAIL_EXISTS" /* ServerError.EMAIL_EXISTS */) { + throw _makeTaggedError(auth, "email-already-in-use" /* AuthErrorCode.EMAIL_EXISTS */, json); + } + else if (serverErrorCode === "USER_DISABLED" /* ServerError.USER_DISABLED */) { + throw _makeTaggedError(auth, "user-disabled" /* AuthErrorCode.USER_DISABLED */, json); + } + const authError = errorMap[serverErrorCode] || + serverErrorCode + .toLowerCase() + .replace(/[_\s]+/g, '-'); + if (serverErrorMessage) { + throw _errorWithCustomMessage(auth, authError, serverErrorMessage); + } + else { + _fail(auth, authError); + } + } + } + catch (e) { + if (e instanceof util.FirebaseError) { + throw e; + } + // Changing this to a different error code will log user out when there is a network error + // because we treat any error other than NETWORK_REQUEST_FAILED as token is invalid. + // https://github.com/firebase/firebase-js-sdk/blob/4fbc73610d70be4e0852e7de63a39cb7897e8546/packages/auth/src/core/auth/auth_impl.ts#L309-L316 + _fail(auth, "network-request-failed" /* AuthErrorCode.NETWORK_REQUEST_FAILED */, { 'message': String(e) }); + } +} +async function _performSignInRequest(auth, method, path, request, customErrorMap = {}) { + const serverResponse = await _performApiRequest(auth, method, path, request, customErrorMap); + if ('mfaPendingCredential' in serverResponse) { + _fail(auth, "multi-factor-auth-required" /* AuthErrorCode.MFA_REQUIRED */, { + _serverResponse: serverResponse + }); + } + return serverResponse; +} +async function _getFinalTarget(auth, host, path, query) { + const base = `${host}${path}?${query}`; + const authInternal = auth; + const finalTarget = authInternal.config.emulator + ? _emulatorUrl(auth.config, base) + : `${auth.config.apiScheme}://${base}`; + // Cookie auth works by MiTMing the signIn and token endpoints from the developer's backend, + // saving the idToken and refreshToken into cookies, and then redacting the refreshToken + // from the response + if (CookieAuthProxiedEndpoints.includes(path)) { + // Persistence manager is async, we need to await it. We can't just wait for auth initialized + // here since auth initialization calls this function. + await authInternal._persistenceManagerAvailable; + if (authInternal._getPersistenceType() === "COOKIE" /* PersistenceType.COOKIE */) { + const cookiePersistence = authInternal._getPersistence(); + return cookiePersistence._getFinalTarget(finalTarget).toString(); + } + } + return finalTarget; +} +function _parseEnforcementState(enforcementStateStr) { + switch (enforcementStateStr) { + case 'ENFORCE': + return "ENFORCE" /* EnforcementState.ENFORCE */; + case 'AUDIT': + return "AUDIT" /* EnforcementState.AUDIT */; + case 'OFF': + return "OFF" /* EnforcementState.OFF */; + default: + return "ENFORCEMENT_STATE_UNSPECIFIED" /* EnforcementState.ENFORCEMENT_STATE_UNSPECIFIED */; + } +} +class NetworkTimeout { + clearNetworkTimeout() { + clearTimeout(this.timer); + } + constructor(auth) { + this.auth = auth; + // Node timers and browser timers are fundamentally incompatible, but we + // don't care about the value here + // eslint-disable-next-line @typescript-eslint/no-explicit-any + this.timer = null; + this.promise = new Promise((_, reject) => { + this.timer = setTimeout(() => { + return reject(_createError(this.auth, "network-request-failed" /* AuthErrorCode.NETWORK_REQUEST_FAILED */)); + }, DEFAULT_API_TIMEOUT_MS.get()); + }); + } +} +function _makeTaggedError(auth, code, response) { + const errorParams = { + appName: auth.name + }; + if (response.email) { + errorParams.email = response.email; + } + if (response.phoneNumber) { + errorParams.phoneNumber = response.phoneNumber; + } + const error = _createError(auth, code, errorParams); + // We know customData is defined on error because errorParams is defined + error.customData._tokenResponse = response; + return error; +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +function isEnterprise(grecaptcha) { + return (grecaptcha !== undefined && + grecaptcha.enterprise !== undefined); +} +class RecaptchaConfig { + constructor(response) { + /** + * The reCAPTCHA site key. + */ + this.siteKey = ''; + /** + * The list of providers and their enablement status for reCAPTCHA Enterprise. + */ + this.recaptchaEnforcementState = []; + if (response.recaptchaKey === undefined) { + throw new Error('recaptchaKey undefined'); + } + // Example response.recaptchaKey: "projects/proj123/keys/sitekey123" + this.siteKey = response.recaptchaKey.split('/')[3]; + this.recaptchaEnforcementState = response.recaptchaEnforcementState; + } + /** + * Returns the reCAPTCHA Enterprise enforcement state for the given provider. + * + * @param providerStr - The provider whose enforcement state is to be returned. + * @returns The reCAPTCHA Enterprise enforcement state for the given provider. + */ + getProviderEnforcementState(providerStr) { + if (!this.recaptchaEnforcementState || + this.recaptchaEnforcementState.length === 0) { + return null; + } + for (const recaptchaEnforcementState of this.recaptchaEnforcementState) { + if (recaptchaEnforcementState.provider && + recaptchaEnforcementState.provider === providerStr) { + return _parseEnforcementState(recaptchaEnforcementState.enforcementState); + } + } + return null; + } + /** + * Returns true if the reCAPTCHA Enterprise enforcement state for the provider is set to ENFORCE or AUDIT. + * + * @param providerStr - The provider whose enablement state is to be returned. + * @returns Whether or not reCAPTCHA Enterprise protection is enabled for the given provider. + */ + isProviderEnabled(providerStr) { + return (this.getProviderEnforcementState(providerStr) === + "ENFORCE" /* EnforcementState.ENFORCE */ || + this.getProviderEnforcementState(providerStr) === "AUDIT" /* EnforcementState.AUDIT */); + } + /** + * Returns true if reCAPTCHA Enterprise protection is enabled in at least one provider, otherwise + * returns false. + * + * @returns Whether or not reCAPTCHA Enterprise protection is enabled for at least one provider. + */ + isAnyProviderEnabled() { + return (this.isProviderEnabled("EMAIL_PASSWORD_PROVIDER" /* RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER */) || + this.isProviderEnabled("PHONE_PROVIDER" /* RecaptchaAuthProvider.PHONE_PROVIDER */)); + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +async function getRecaptchaConfig(auth, request) { + return _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/recaptchaConfig" /* Endpoint.GET_RECAPTCHA_CONFIG */, _addTidIfNecessary(auth, request)); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +async function deleteAccount(auth, request) { + return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:delete" /* Endpoint.DELETE_ACCOUNT */, request); +} +async function deleteLinkedAccounts(auth, request) { + return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:update" /* Endpoint.SET_ACCOUNT_INFO */, request); +} +async function getAccountInfo(auth, request) { + return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:lookup" /* Endpoint.GET_ACCOUNT_INFO */, request); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +function utcTimestampToDateString(utcTimestamp) { + if (!utcTimestamp) { + return undefined; + } + try { + // Convert to date object. + const date = new Date(Number(utcTimestamp)); + // Test date is valid. + if (!isNaN(date.getTime())) { + // Convert to UTC date string. + return date.toUTCString(); + } + } + catch (e) { + // Do nothing. undefined will be returned. + } + return undefined; +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Returns a JSON Web Token (JWT) used to identify the user to a Firebase service. + * + * @remarks + * Returns the current token if it has not expired or if it will not expire in the next five + * minutes. Otherwise, this will refresh the token and return a new one. + * + * @param user - The user. + * @param forceRefresh - Force refresh regardless of token expiration. + * + * @public + */ +function getIdToken(user, forceRefresh = false) { + return util.getModularInstance(user).getIdToken(forceRefresh); +} +/** + * Returns a deserialized JSON Web Token (JWT) used to identify the user to a Firebase service. + * + * @remarks + * Returns the current token if it has not expired or if it will not expire in the next five + * minutes. Otherwise, this will refresh the token and return a new one. + * + * @param user - The user. + * @param forceRefresh - Force refresh regardless of token expiration. + * + * @public + */ +async function getIdTokenResult(user, forceRefresh = false) { + const userInternal = util.getModularInstance(user); + const token = await userInternal.getIdToken(forceRefresh); + const claims = _parseToken(token); + _assert(claims && claims.exp && claims.auth_time && claims.iat, userInternal.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + const firebase = typeof claims.firebase === 'object' ? claims.firebase : undefined; + const signInProvider = firebase?.['sign_in_provider']; + return { + claims, + token, + authTime: utcTimestampToDateString(secondsStringToMilliseconds(claims.auth_time)), + issuedAtTime: utcTimestampToDateString(secondsStringToMilliseconds(claims.iat)), + expirationTime: utcTimestampToDateString(secondsStringToMilliseconds(claims.exp)), + signInProvider: signInProvider || null, + signInSecondFactor: firebase?.['sign_in_second_factor'] || null + }; +} +function secondsStringToMilliseconds(seconds) { + return Number(seconds) * 1000; +} +function _parseToken(token) { + const [algorithm, payload, signature] = token.split('.'); + if (algorithm === undefined || + payload === undefined || + signature === undefined) { + _logError('JWT malformed, contained fewer than 3 sections'); + return null; + } + try { + const decoded = util.base64Decode(payload); + if (!decoded) { + _logError('Failed to decode base64 JWT payload'); + return null; + } + return JSON.parse(decoded); + } + catch (e) { + _logError('Caught error parsing JWT payload as JSON', e?.toString()); + return null; + } +} +/** + * Extract expiresIn TTL from a token by subtracting the expiration from the issuance. + */ +function _tokenExpiresIn(token) { + const parsedToken = _parseToken(token); + _assert(parsedToken, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + _assert(typeof parsedToken.exp !== 'undefined', "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + _assert(typeof parsedToken.iat !== 'undefined', "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + return Number(parsedToken.exp) - Number(parsedToken.iat); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +async function _logoutIfInvalidated(user, promise, bypassAuthState = false) { + if (bypassAuthState) { + return promise; + } + try { + return await promise; + } + catch (e) { + if (e instanceof util.FirebaseError && isUserInvalidated(e)) { + if (user.auth.currentUser === user) { + await user.auth.signOut(); + } + } + throw e; + } +} +function isUserInvalidated({ code }) { + return (code === `auth/${"user-disabled" /* AuthErrorCode.USER_DISABLED */}` || + code === `auth/${"user-token-expired" /* AuthErrorCode.TOKEN_EXPIRED */}`); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +class ProactiveRefresh { + constructor(user) { + this.user = user; + this.isRunning = false; + // Node timers and browser timers return fundamentally different types. + // We don't actually care what the value is but TS won't accept unknown and + // we can't cast properly in both environments. + // eslint-disable-next-line @typescript-eslint/no-explicit-any + this.timerId = null; + this.errorBackoff = 30000 /* Duration.RETRY_BACKOFF_MIN */; + } + _start() { + if (this.isRunning) { + return; + } + this.isRunning = true; + this.schedule(); + } + _stop() { + if (!this.isRunning) { + return; + } + this.isRunning = false; + if (this.timerId !== null) { + clearTimeout(this.timerId); + } + } + getInterval(wasError) { + if (wasError) { + const interval = this.errorBackoff; + this.errorBackoff = Math.min(this.errorBackoff * 2, 960000 /* Duration.RETRY_BACKOFF_MAX */); + return interval; + } + else { + // Reset the error backoff + this.errorBackoff = 30000 /* Duration.RETRY_BACKOFF_MIN */; + const expTime = this.user.stsTokenManager.expirationTime ?? 0; + const interval = expTime - Date.now() - 300000 /* Duration.OFFSET */; + return Math.max(0, interval); + } + } + schedule(wasError = false) { + if (!this.isRunning) { + // Just in case... + return; + } + const interval = this.getInterval(wasError); + this.timerId = setTimeout(async () => { + await this.iteration(); + }, interval); + } + async iteration() { + try { + await this.user.getIdToken(true); + } + catch (e) { + // Only retry on network errors + if (e?.code === + `auth/${"network-request-failed" /* AuthErrorCode.NETWORK_REQUEST_FAILED */}`) { + this.schedule(/* wasError */ true); + } + return; + } + this.schedule(); + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +class UserMetadata { + constructor(createdAt, lastLoginAt) { + this.createdAt = createdAt; + this.lastLoginAt = lastLoginAt; + this._initializeTime(); + } + _initializeTime() { + this.lastSignInTime = utcTimestampToDateString(this.lastLoginAt); + this.creationTime = utcTimestampToDateString(this.createdAt); + } + _copy(metadata) { + this.createdAt = metadata.createdAt; + this.lastLoginAt = metadata.lastLoginAt; + this._initializeTime(); + } + toJSON() { + return { + createdAt: this.createdAt, + lastLoginAt: this.lastLoginAt + }; + } +} + +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +async function _reloadWithoutSaving(user) { + const auth = user.auth; + const idToken = await user.getIdToken(); + const response = await _logoutIfInvalidated(user, getAccountInfo(auth, { idToken })); + _assert(response?.users.length, auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + const coreAccount = response.users[0]; + user._notifyReloadListener(coreAccount); + const newProviderData = coreAccount.providerUserInfo?.length + ? extractProviderData(coreAccount.providerUserInfo) + : []; + const providerData = mergeProviderData(user.providerData, newProviderData); + // Preserves the non-nonymous status of the stored user, even if no more + // credentials (federated or email/password) are linked to the user. If + // the user was previously anonymous, then use provider data to update. + // On the other hand, if it was not anonymous before, it should never be + // considered anonymous now. + const oldIsAnonymous = user.isAnonymous; + const newIsAnonymous = !(user.email && coreAccount.passwordHash) && !providerData?.length; + const isAnonymous = !oldIsAnonymous ? false : newIsAnonymous; + const updates = { + uid: coreAccount.localId, + displayName: coreAccount.displayName || null, + photoURL: coreAccount.photoUrl || null, + email: coreAccount.email || null, + emailVerified: coreAccount.emailVerified || false, + phoneNumber: coreAccount.phoneNumber || null, + tenantId: coreAccount.tenantId || null, + providerData, + metadata: new UserMetadata(coreAccount.createdAt, coreAccount.lastLoginAt), + isAnonymous + }; + Object.assign(user, updates); +} +/** + * Reloads user account data, if signed in. + * + * @param user - The user. + * + * @public + */ +async function reload(user) { + const userInternal = util.getModularInstance(user); + await _reloadWithoutSaving(userInternal); + // Even though the current user hasn't changed, update + // current user will trigger a persistence update w/ the + // new info. + await userInternal.auth._persistUserIfCurrent(userInternal); + userInternal.auth._notifyListenersIfCurrent(userInternal); +} +function mergeProviderData(original, newData) { + const deduped = original.filter(o => !newData.some(n => n.providerId === o.providerId)); + return [...deduped, ...newData]; +} +function extractProviderData(providers) { + return providers.map(({ providerId, ...provider }) => { + return { + providerId, + uid: provider.rawId || '', + displayName: provider.displayName || null, + email: provider.email || null, + phoneNumber: provider.phoneNumber || null, + photoURL: provider.photoUrl || null + }; + }); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +async function requestStsToken(auth, refreshToken) { + const response = await _performFetchWithErrorHandling(auth, {}, async () => { + const body = util.querystring({ + 'grant_type': 'refresh_token', + 'refresh_token': refreshToken + }).slice(1); + const { tokenApiHost, apiKey } = auth.config; + const url = await _getFinalTarget(auth, tokenApiHost, "/v1/token" /* Endpoint.TOKEN */, `key=${apiKey}`); + const headers = await auth._getAdditionalHeaders(); + headers["Content-Type" /* HttpHeader.CONTENT_TYPE */] = 'application/x-www-form-urlencoded'; + const options = { + method: "POST" /* HttpMethod.POST */, + headers, + body + }; + if (auth.emulatorConfig && + util.isCloudWorkstation(auth.emulatorConfig.host)) { + options.credentials = 'include'; + } + return FetchProvider.fetch()(url, options); + }); + // The response comes back in snake_case. Convert to camel: + return { + accessToken: response.access_token, + expiresIn: response.expires_in, + refreshToken: response.refresh_token + }; +} +async function revokeToken(auth, request) { + return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v2/accounts:revokeToken" /* Endpoint.REVOKE_TOKEN */, _addTidIfNecessary(auth, request)); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * We need to mark this class as internal explicitly to exclude it in the public typings, because + * it references AuthInternal which has a circular dependency with UserInternal. + * + * @internal + */ +class StsTokenManager { + constructor() { + this.refreshToken = null; + this.accessToken = null; + this.expirationTime = null; + } + get isExpired() { + return (!this.expirationTime || + Date.now() > this.expirationTime - 30000 /* Buffer.TOKEN_REFRESH */); + } + updateFromServerResponse(response) { + _assert(response.idToken, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + _assert(typeof response.idToken !== 'undefined', "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + _assert(typeof response.refreshToken !== 'undefined', "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + const expiresIn = 'expiresIn' in response && typeof response.expiresIn !== 'undefined' + ? Number(response.expiresIn) + : _tokenExpiresIn(response.idToken); + this.updateTokensAndExpiration(response.idToken, response.refreshToken, expiresIn); + } + updateFromIdToken(idToken) { + _assert(idToken.length !== 0, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + const expiresIn = _tokenExpiresIn(idToken); + this.updateTokensAndExpiration(idToken, null, expiresIn); + } + async getToken(auth, forceRefresh = false) { + if (!forceRefresh && this.accessToken && !this.isExpired) { + return this.accessToken; + } + _assert(this.refreshToken, auth, "user-token-expired" /* AuthErrorCode.TOKEN_EXPIRED */); + if (this.refreshToken) { + await this.refresh(auth, this.refreshToken); + return this.accessToken; + } + return null; + } + clearRefreshToken() { + this.refreshToken = null; + } + async refresh(auth, oldToken) { + const { accessToken, refreshToken, expiresIn } = await requestStsToken(auth, oldToken); + this.updateTokensAndExpiration(accessToken, refreshToken, Number(expiresIn)); + } + updateTokensAndExpiration(accessToken, refreshToken, expiresInSec) { + this.refreshToken = refreshToken || null; + this.accessToken = accessToken || null; + this.expirationTime = Date.now() + expiresInSec * 1000; + } + static fromJSON(appName, object) { + const { refreshToken, accessToken, expirationTime } = object; + const manager = new StsTokenManager(); + if (refreshToken) { + _assert(typeof refreshToken === 'string', "internal-error" /* AuthErrorCode.INTERNAL_ERROR */, { + appName + }); + manager.refreshToken = refreshToken; + } + if (accessToken) { + _assert(typeof accessToken === 'string', "internal-error" /* AuthErrorCode.INTERNAL_ERROR */, { + appName + }); + manager.accessToken = accessToken; + } + if (expirationTime) { + _assert(typeof expirationTime === 'number', "internal-error" /* AuthErrorCode.INTERNAL_ERROR */, { + appName + }); + manager.expirationTime = expirationTime; + } + return manager; + } + toJSON() { + return { + refreshToken: this.refreshToken, + accessToken: this.accessToken, + expirationTime: this.expirationTime + }; + } + _assign(stsTokenManager) { + this.accessToken = stsTokenManager.accessToken; + this.refreshToken = stsTokenManager.refreshToken; + this.expirationTime = stsTokenManager.expirationTime; + } + _clone() { + return Object.assign(new StsTokenManager(), this.toJSON()); + } + _performRefresh() { + return debugFail('not implemented'); + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +function assertStringOrUndefined(assertion, appName) { + _assert(typeof assertion === 'string' || typeof assertion === 'undefined', "internal-error" /* AuthErrorCode.INTERNAL_ERROR */, { appName }); +} +class UserImpl { + constructor({ uid, auth, stsTokenManager, ...opt }) { + // For the user object, provider is always Firebase. + this.providerId = "firebase" /* ProviderId.FIREBASE */; + this.proactiveRefresh = new ProactiveRefresh(this); + this.reloadUserInfo = null; + this.reloadListener = null; + this.uid = uid; + this.auth = auth; + this.stsTokenManager = stsTokenManager; + this.accessToken = stsTokenManager.accessToken; + this.displayName = opt.displayName || null; + this.email = opt.email || null; + this.emailVerified = opt.emailVerified || false; + this.phoneNumber = opt.phoneNumber || null; + this.photoURL = opt.photoURL || null; + this.isAnonymous = opt.isAnonymous || false; + this.tenantId = opt.tenantId || null; + this.providerData = opt.providerData ? [...opt.providerData] : []; + this.metadata = new UserMetadata(opt.createdAt || undefined, opt.lastLoginAt || undefined); + } + async getIdToken(forceRefresh) { + const accessToken = await _logoutIfInvalidated(this, this.stsTokenManager.getToken(this.auth, forceRefresh)); + _assert(accessToken, this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + if (this.accessToken !== accessToken) { + this.accessToken = accessToken; + await this.auth._persistUserIfCurrent(this); + this.auth._notifyListenersIfCurrent(this); + } + return accessToken; + } + getIdTokenResult(forceRefresh) { + return getIdTokenResult(this, forceRefresh); + } + reload() { + return reload(this); + } + _assign(user) { + if (this === user) { + return; + } + _assert(this.uid === user.uid, this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + this.displayName = user.displayName; + this.photoURL = user.photoURL; + this.email = user.email; + this.emailVerified = user.emailVerified; + this.phoneNumber = user.phoneNumber; + this.isAnonymous = user.isAnonymous; + this.tenantId = user.tenantId; + this.providerData = user.providerData.map(userInfo => ({ ...userInfo })); + this.metadata._copy(user.metadata); + this.stsTokenManager._assign(user.stsTokenManager); + } + _clone(auth) { + const newUser = new UserImpl({ + ...this, + auth, + stsTokenManager: this.stsTokenManager._clone() + }); + newUser.metadata._copy(this.metadata); + return newUser; + } + _onReload(callback) { + // There should only ever be one listener, and that is a single instance of MultiFactorUser + _assert(!this.reloadListener, this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + this.reloadListener = callback; + if (this.reloadUserInfo) { + this._notifyReloadListener(this.reloadUserInfo); + this.reloadUserInfo = null; + } + } + _notifyReloadListener(userInfo) { + if (this.reloadListener) { + this.reloadListener(userInfo); + } + else { + // If no listener is subscribed yet, save the result so it's available when they do subscribe + this.reloadUserInfo = userInfo; + } + } + _startProactiveRefresh() { + this.proactiveRefresh._start(); + } + _stopProactiveRefresh() { + this.proactiveRefresh._stop(); + } + async _updateTokensIfNecessary(response, reload = false) { + let tokensRefreshed = false; + if (response.idToken && + response.idToken !== this.stsTokenManager.accessToken) { + this.stsTokenManager.updateFromServerResponse(response); + tokensRefreshed = true; + } + if (reload) { + await _reloadWithoutSaving(this); + } + await this.auth._persistUserIfCurrent(this); + if (tokensRefreshed) { + this.auth._notifyListenersIfCurrent(this); + } + } + async delete() { + if (app._isFirebaseServerApp(this.auth.app)) { + return Promise.reject(_serverAppCurrentUserOperationNotSupportedError(this.auth)); + } + const idToken = await this.getIdToken(); + await _logoutIfInvalidated(this, deleteAccount(this.auth, { idToken })); + this.stsTokenManager.clearRefreshToken(); + // TODO: Determine if cancellable-promises are necessary to use in this class so that delete() + // cancels pending actions... + return this.auth.signOut(); + } + toJSON() { + return { + uid: this.uid, + email: this.email || undefined, + emailVerified: this.emailVerified, + displayName: this.displayName || undefined, + isAnonymous: this.isAnonymous, + photoURL: this.photoURL || undefined, + phoneNumber: this.phoneNumber || undefined, + tenantId: this.tenantId || undefined, + providerData: this.providerData.map(userInfo => ({ ...userInfo })), + stsTokenManager: this.stsTokenManager.toJSON(), + // Redirect event ID must be maintained in case there is a pending + // redirect event. + _redirectEventId: this._redirectEventId, + ...this.metadata.toJSON(), + // Required for compatibility with the legacy SDK (go/firebase-auth-sdk-persistence-parsing): + apiKey: this.auth.config.apiKey, + appName: this.auth.name + // Missing authDomain will be tolerated by the legacy SDK. + // stsTokenManager.apiKey isn't actually required (despite the legacy SDK persisting it). + }; + } + get refreshToken() { + return this.stsTokenManager.refreshToken || ''; + } + static _fromJSON(auth, object) { + const displayName = object.displayName ?? undefined; + const email = object.email ?? undefined; + const phoneNumber = object.phoneNumber ?? undefined; + const photoURL = object.photoURL ?? undefined; + const tenantId = object.tenantId ?? undefined; + const _redirectEventId = object._redirectEventId ?? undefined; + const createdAt = object.createdAt ?? undefined; + const lastLoginAt = object.lastLoginAt ?? undefined; + const { uid, emailVerified, isAnonymous, providerData, stsTokenManager: plainObjectTokenManager } = object; + _assert(uid && plainObjectTokenManager, auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + const stsTokenManager = StsTokenManager.fromJSON(this.name, plainObjectTokenManager); + _assert(typeof uid === 'string', auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + assertStringOrUndefined(displayName, auth.name); + assertStringOrUndefined(email, auth.name); + _assert(typeof emailVerified === 'boolean', auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + _assert(typeof isAnonymous === 'boolean', auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + assertStringOrUndefined(phoneNumber, auth.name); + assertStringOrUndefined(photoURL, auth.name); + assertStringOrUndefined(tenantId, auth.name); + assertStringOrUndefined(_redirectEventId, auth.name); + assertStringOrUndefined(createdAt, auth.name); + assertStringOrUndefined(lastLoginAt, auth.name); + const user = new UserImpl({ + uid, + auth, + email, + emailVerified, + displayName, + isAnonymous, + photoURL, + phoneNumber, + tenantId, + stsTokenManager, + createdAt, + lastLoginAt + }); + if (providerData && Array.isArray(providerData)) { + user.providerData = providerData.map(userInfo => ({ ...userInfo })); + } + if (_redirectEventId) { + user._redirectEventId = _redirectEventId; + } + return user; + } + /** + * Initialize a User from an idToken server response + * @param auth + * @param idTokenResponse + */ + static async _fromIdTokenResponse(auth, idTokenResponse, isAnonymous = false) { + const stsTokenManager = new StsTokenManager(); + stsTokenManager.updateFromServerResponse(idTokenResponse); + // Initialize the Firebase Auth user. + const user = new UserImpl({ + uid: idTokenResponse.localId, + auth, + stsTokenManager, + isAnonymous + }); + // Updates the user info and data and resolves with a user instance. + await _reloadWithoutSaving(user); + return user; + } + /** + * Initialize a User from an idToken server response + * @param auth + * @param idTokenResponse + */ + static async _fromGetAccountInfoResponse(auth, response, idToken) { + const coreAccount = response.users[0]; + _assert(coreAccount.localId !== undefined, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + const providerData = coreAccount.providerUserInfo !== undefined + ? extractProviderData(coreAccount.providerUserInfo) + : []; + const isAnonymous = !(coreAccount.email && coreAccount.passwordHash) && !providerData?.length; + const stsTokenManager = new StsTokenManager(); + stsTokenManager.updateFromIdToken(idToken); + // Initialize the Firebase Auth user. + const user = new UserImpl({ + uid: coreAccount.localId, + auth, + stsTokenManager, + isAnonymous + }); + // update the user with data from the GetAccountInfo response. + const updates = { + uid: coreAccount.localId, + displayName: coreAccount.displayName || null, + photoURL: coreAccount.photoUrl || null, + email: coreAccount.email || null, + emailVerified: coreAccount.emailVerified || false, + phoneNumber: coreAccount.phoneNumber || null, + tenantId: coreAccount.tenantId || null, + providerData, + metadata: new UserMetadata(coreAccount.createdAt, coreAccount.lastLoginAt), + isAnonymous: !(coreAccount.email && coreAccount.passwordHash) && + !providerData?.length + }; + Object.assign(user, updates); + return user; + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +const instanceCache = new Map(); +function _getInstance(cls) { + debugAssert(cls instanceof Function, 'Expected a class definition'); + let instance = instanceCache.get(cls); + if (instance) { + debugAssert(instance instanceof cls, 'Instance stored in cache mismatched with class'); + return instance; + } + instance = new cls(); + instanceCache.set(cls, instance); + return instance; +} + +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +class InMemoryPersistence { + constructor() { + this.type = "NONE" /* PersistenceType.NONE */; + this.storage = {}; + } + async _isAvailable() { + return true; + } + async _set(key, value) { + this.storage[key] = value; + } + async _get(key) { + const value = this.storage[key]; + return value === undefined ? null : value; + } + async _remove(key) { + delete this.storage[key]; + } + _addListener(_key, _listener) { + // Listeners are not supported for in-memory storage since it cannot be shared across windows/workers + return; + } + _removeListener(_key, _listener) { + // Listeners are not supported for in-memory storage since it cannot be shared across windows/workers + return; + } +} +InMemoryPersistence.type = 'NONE'; +/** + * An implementation of {@link Persistence} of type 'NONE'. + * + * @public + */ +const inMemoryPersistence = InMemoryPersistence; + +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +function _persistenceKeyName(key, apiKey, appName) { + return `${"firebase" /* Namespace.PERSISTENCE */}:${key}:${apiKey}:${appName}`; +} +class PersistenceUserManager { + constructor(persistence, auth, userKey) { + this.persistence = persistence; + this.auth = auth; + this.userKey = userKey; + const { config, name } = this.auth; + this.fullUserKey = _persistenceKeyName(this.userKey, config.apiKey, name); + this.fullPersistenceKey = _persistenceKeyName("persistence" /* KeyName.PERSISTENCE_USER */, config.apiKey, name); + this.boundEventHandler = auth._onStorageEvent.bind(auth); + this.persistence._addListener(this.fullUserKey, this.boundEventHandler); + } + setCurrentUser(user) { + return this.persistence._set(this.fullUserKey, user.toJSON()); + } + async getCurrentUser() { + const blob = await this.persistence._get(this.fullUserKey); + if (!blob) { + return null; + } + if (typeof blob === 'string') { + const response = await getAccountInfo(this.auth, { idToken: blob }).catch(() => undefined); + if (!response) { + return null; + } + return UserImpl._fromGetAccountInfoResponse(this.auth, response, blob); + } + return UserImpl._fromJSON(this.auth, blob); + } + removeCurrentUser() { + return this.persistence._remove(this.fullUserKey); + } + savePersistenceForRedirect() { + return this.persistence._set(this.fullPersistenceKey, this.persistence.type); + } + async setPersistence(newPersistence) { + if (this.persistence === newPersistence) { + return; + } + const currentUser = await this.getCurrentUser(); + await this.removeCurrentUser(); + this.persistence = newPersistence; + if (currentUser) { + return this.setCurrentUser(currentUser); + } + } + delete() { + this.persistence._removeListener(this.fullUserKey, this.boundEventHandler); + } + static async create(auth, persistenceHierarchy, userKey = "authUser" /* KeyName.AUTH_USER */) { + if (!persistenceHierarchy.length) { + return new PersistenceUserManager(_getInstance(inMemoryPersistence), auth, userKey); + } + // Eliminate any persistences that are not available + const availablePersistences = (await Promise.all(persistenceHierarchy.map(async (persistence) => { + if (await persistence._isAvailable()) { + return persistence; + } + return undefined; + }))).filter(persistence => persistence); + // Fall back to the first persistence listed, or in memory if none available + let selectedPersistence = availablePersistences[0] || + _getInstance(inMemoryPersistence); + const key = _persistenceKeyName(userKey, auth.config.apiKey, auth.name); + // Pull out the existing user, setting the chosen persistence to that + // persistence if the user exists. + let userToMigrate = null; + // Note, here we check for a user in _all_ persistences, not just the + // ones deemed available. If we can migrate a user out of a broken + // persistence, we will (but only if that persistence supports migration). + for (const persistence of persistenceHierarchy) { + try { + const blob = await persistence._get(key); + if (blob) { + let user; + if (typeof blob === 'string') { + const response = await getAccountInfo(auth, { + idToken: blob + }).catch(() => undefined); + if (!response) { + break; + } + user = await UserImpl._fromGetAccountInfoResponse(auth, response, blob); + } + else { + user = UserImpl._fromJSON(auth, blob); // throws for unparsable blob (wrong format) + } + if (persistence !== selectedPersistence) { + userToMigrate = user; + } + selectedPersistence = persistence; + break; + } + } + catch { } + } + // If we find the user in a persistence that does support migration, use + // that migration path (of only persistences that support migration) + const migrationHierarchy = availablePersistences.filter(p => p._shouldAllowMigration); + // If the persistence does _not_ allow migration, just finish off here + if (!selectedPersistence._shouldAllowMigration || + !migrationHierarchy.length) { + return new PersistenceUserManager(selectedPersistence, auth, userKey); + } + selectedPersistence = migrationHierarchy[0]; + if (userToMigrate) { + // This normally shouldn't throw since chosenPersistence.isAvailable() is true, but if it does + // we'll just let it bubble to surface the error. + await selectedPersistence._set(key, userToMigrate.toJSON()); + } + // Attempt to clear the key in other persistences but ignore errors. This helps prevent issues + // such as users getting stuck with a previous account after signing out and refreshing the tab. + await Promise.all(persistenceHierarchy.map(async (persistence) => { + if (persistence !== selectedPersistence) { + try { + await persistence._remove(key); + } + catch { } + } + })); + return new PersistenceUserManager(selectedPersistence, auth, userKey); + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Determine the browser for the purposes of reporting usage to the API + */ +function _getBrowserName(userAgent) { + const ua = userAgent.toLowerCase(); + if (ua.includes('opera/') || ua.includes('opr/') || ua.includes('opios/')) { + return "Opera" /* BrowserName.OPERA */; + } + else if (_isIEMobile(ua)) { + // Windows phone IEMobile browser. + return "IEMobile" /* BrowserName.IEMOBILE */; + } + else if (ua.includes('msie') || ua.includes('trident/')) { + return "IE" /* BrowserName.IE */; + } + else if (ua.includes('edge/')) { + return "Edge" /* BrowserName.EDGE */; + } + else if (_isFirefox(ua)) { + return "Firefox" /* BrowserName.FIREFOX */; + } + else if (ua.includes('silk/')) { + return "Silk" /* BrowserName.SILK */; + } + else if (_isBlackBerry(ua)) { + // Blackberry browser. + return "Blackberry" /* BrowserName.BLACKBERRY */; + } + else if (_isWebOS(ua)) { + // WebOS default browser. + return "Webos" /* BrowserName.WEBOS */; + } + else if (_isSafari(ua)) { + return "Safari" /* BrowserName.SAFARI */; + } + else if ((ua.includes('chrome/') || _isChromeIOS(ua)) && + !ua.includes('edge/')) { + return "Chrome" /* BrowserName.CHROME */; + } + else if (_isAndroid(ua)) { + // Android stock browser. + return "Android" /* BrowserName.ANDROID */; + } + else { + // Most modern browsers have name/version at end of user agent string. + const re = /([a-zA-Z\d\.]+)\/[a-zA-Z\d\.]*$/; + const matches = userAgent.match(re); + if (matches?.length === 2) { + return matches[1]; + } + } + return "Other" /* BrowserName.OTHER */; +} +function _isFirefox(ua = util.getUA()) { + return /firefox\//i.test(ua); +} +function _isSafari(userAgent = util.getUA()) { + const ua = userAgent.toLowerCase(); + return (ua.includes('safari/') && + !ua.includes('chrome/') && + !ua.includes('crios/') && + !ua.includes('android')); +} +function _isChromeIOS(ua = util.getUA()) { + return /crios\//i.test(ua); +} +function _isIEMobile(ua = util.getUA()) { + return /iemobile/i.test(ua); +} +function _isAndroid(ua = util.getUA()) { + return /android/i.test(ua); +} +function _isBlackBerry(ua = util.getUA()) { + return /blackberry/i.test(ua); +} +function _isWebOS(ua = util.getUA()) { + return /webos/i.test(ua); +} +function _isIOS(ua = util.getUA()) { + return (/iphone|ipad|ipod/i.test(ua) || + (/macintosh/i.test(ua) && /mobile/i.test(ua))); +} +function _isIOS7Or8(ua = util.getUA()) { + return (/(iPad|iPhone|iPod).*OS 7_\d/i.test(ua) || + /(iPad|iPhone|iPod).*OS 8_\d/i.test(ua)); +} +function _isIE10() { + return util.isIE() && document.documentMode === 10; +} +function _isMobileBrowser(ua = util.getUA()) { + // TODO: implement getBrowserName equivalent for OS. + return (_isIOS(ua) || + _isAndroid(ua) || + _isWebOS(ua) || + _isBlackBerry(ua) || + /windows phone/i.test(ua) || + _isIEMobile(ua)); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * Determine the SDK version string + */ +function _getClientVersion(clientPlatform, frameworks = []) { + let reportedPlatform; + switch (clientPlatform) { + case "Browser" /* ClientPlatform.BROWSER */: + // In a browser environment, report the browser name. + reportedPlatform = _getBrowserName(util.getUA()); + break; + case "Worker" /* ClientPlatform.WORKER */: + // Technically a worker runs from a browser but we need to differentiate a + // worker from a browser. + // For example: Chrome-Worker/JsCore/4.9.1/FirebaseCore-web. + reportedPlatform = `${_getBrowserName(util.getUA())}-${clientPlatform}`; + break; + default: + reportedPlatform = clientPlatform; + } + const reportedFrameworks = frameworks.length + ? frameworks.join(',') + : 'FirebaseCore-web'; /* default value if no other framework is used */ + return `${reportedPlatform}/${"JsCore" /* ClientImplementation.CORE */}/${app.SDK_VERSION}/${reportedFrameworks}`; +} + +/** + * @license + * Copyright 2022 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +class AuthMiddlewareQueue { + constructor(auth) { + this.auth = auth; + this.queue = []; + } + pushCallback(callback, onAbort) { + // The callback could be sync or async. Wrap it into a + // function that is always async. + const wrappedCallback = (user) => new Promise((resolve, reject) => { + try { + const result = callback(user); + // Either resolve with existing promise or wrap a non-promise + // return value into a promise. + resolve(result); + } + catch (e) { + // Sync callback throws. + reject(e); + } + }); + // Attach the onAbort if present + wrappedCallback.onAbort = onAbort; + this.queue.push(wrappedCallback); + const index = this.queue.length - 1; + return () => { + // Unsubscribe. Replace with no-op. Do not remove from array, or it will disturb + // indexing of other elements. + this.queue[index] = () => Promise.resolve(); + }; + } + async runMiddleware(nextUser) { + if (this.auth.currentUser === nextUser) { + return; + } + // While running the middleware, build a temporary stack of onAbort + // callbacks to call if one middleware callback rejects. + const onAbortStack = []; + try { + for (const beforeStateCallback of this.queue) { + await beforeStateCallback(nextUser); + // Only push the onAbort if the callback succeeds + if (beforeStateCallback.onAbort) { + onAbortStack.push(beforeStateCallback.onAbort); + } + } + } + catch (e) { + // Run all onAbort, with separate try/catch to ignore any errors and + // continue + onAbortStack.reverse(); + for (const onAbort of onAbortStack) { + try { + onAbort(); + } + catch (_) { + /* swallow error */ + } + } + throw this.auth._errorFactory.create("login-blocked" /* AuthErrorCode.LOGIN_BLOCKED */, { + originalMessage: e?.message + }); + } + } +} + +/** + * @license + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Fetches the password policy for the currently set tenant or the project if no tenant is set. + * + * @param auth Auth object. + * @param request Password policy request. + * @returns Password policy response. + */ +async function _getPasswordPolicy(auth, request = {}) { + return _performApiRequest(auth, "GET" /* HttpMethod.GET */, "/v2/passwordPolicy" /* Endpoint.GET_PASSWORD_POLICY */, _addTidIfNecessary(auth, request)); +} + +/** + * @license + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Minimum min password length enforced by the backend, even if no minimum length is set. +const MINIMUM_MIN_PASSWORD_LENGTH = 6; +/** + * Stores password policy requirements and provides password validation against the policy. + * + * @internal + */ +class PasswordPolicyImpl { + constructor(response) { + // Only include custom strength options defined in the response. + const responseOptions = response.customStrengthOptions; + this.customStrengthOptions = {}; + // TODO: Remove once the backend is updated to include the minimum min password length instead of undefined when there is no minimum length set. + this.customStrengthOptions.minPasswordLength = + responseOptions.minPasswordLength ?? MINIMUM_MIN_PASSWORD_LENGTH; + if (responseOptions.maxPasswordLength) { + this.customStrengthOptions.maxPasswordLength = + responseOptions.maxPasswordLength; + } + if (responseOptions.containsLowercaseCharacter !== undefined) { + this.customStrengthOptions.containsLowercaseLetter = + responseOptions.containsLowercaseCharacter; + } + if (responseOptions.containsUppercaseCharacter !== undefined) { + this.customStrengthOptions.containsUppercaseLetter = + responseOptions.containsUppercaseCharacter; + } + if (responseOptions.containsNumericCharacter !== undefined) { + this.customStrengthOptions.containsNumericCharacter = + responseOptions.containsNumericCharacter; + } + if (responseOptions.containsNonAlphanumericCharacter !== undefined) { + this.customStrengthOptions.containsNonAlphanumericCharacter = + responseOptions.containsNonAlphanumericCharacter; + } + this.enforcementState = response.enforcementState; + if (this.enforcementState === 'ENFORCEMENT_STATE_UNSPECIFIED') { + this.enforcementState = 'OFF'; + } + // Use an empty string if no non-alphanumeric characters are specified in the response. + this.allowedNonAlphanumericCharacters = + response.allowedNonAlphanumericCharacters?.join('') ?? ''; + this.forceUpgradeOnSignin = response.forceUpgradeOnSignin ?? false; + this.schemaVersion = response.schemaVersion; + } + validatePassword(password) { + const status = { + isValid: true, + passwordPolicy: this + }; + // Check the password length and character options. + this.validatePasswordLengthOptions(password, status); + this.validatePasswordCharacterOptions(password, status); + // Combine the status into single isValid property. + status.isValid && (status.isValid = status.meetsMinPasswordLength ?? true); + status.isValid && (status.isValid = status.meetsMaxPasswordLength ?? true); + status.isValid && (status.isValid = status.containsLowercaseLetter ?? true); + status.isValid && (status.isValid = status.containsUppercaseLetter ?? true); + status.isValid && (status.isValid = status.containsNumericCharacter ?? true); + status.isValid && (status.isValid = status.containsNonAlphanumericCharacter ?? true); + return status; + } + /** + * Validates that the password meets the length options for the policy. + * + * @param password Password to validate. + * @param status Validation status. + */ + validatePasswordLengthOptions(password, status) { + const minPasswordLength = this.customStrengthOptions.minPasswordLength; + const maxPasswordLength = this.customStrengthOptions.maxPasswordLength; + if (minPasswordLength) { + status.meetsMinPasswordLength = password.length >= minPasswordLength; + } + if (maxPasswordLength) { + status.meetsMaxPasswordLength = password.length <= maxPasswordLength; + } + } + /** + * Validates that the password meets the character options for the policy. + * + * @param password Password to validate. + * @param status Validation status. + */ + validatePasswordCharacterOptions(password, status) { + // Assign statuses for requirements even if the password is an empty string. + this.updatePasswordCharacterOptionsStatuses(status, + /* containsLowercaseCharacter= */ false, + /* containsUppercaseCharacter= */ false, + /* containsNumericCharacter= */ false, + /* containsNonAlphanumericCharacter= */ false); + let passwordChar; + for (let i = 0; i < password.length; i++) { + passwordChar = password.charAt(i); + this.updatePasswordCharacterOptionsStatuses(status, + /* containsLowercaseCharacter= */ passwordChar >= 'a' && + passwordChar <= 'z', + /* containsUppercaseCharacter= */ passwordChar >= 'A' && + passwordChar <= 'Z', + /* containsNumericCharacter= */ passwordChar >= '0' && + passwordChar <= '9', + /* containsNonAlphanumericCharacter= */ this.allowedNonAlphanumericCharacters.includes(passwordChar)); + } + } + /** + * Updates the running validation status with the statuses for the character options. + * Expected to be called each time a character is processed to update each option status + * based on the current character. + * + * @param status Validation status. + * @param containsLowercaseCharacter Whether the character is a lowercase letter. + * @param containsUppercaseCharacter Whether the character is an uppercase letter. + * @param containsNumericCharacter Whether the character is a numeric character. + * @param containsNonAlphanumericCharacter Whether the character is a non-alphanumeric character. + */ + updatePasswordCharacterOptionsStatuses(status, containsLowercaseCharacter, containsUppercaseCharacter, containsNumericCharacter, containsNonAlphanumericCharacter) { + if (this.customStrengthOptions.containsLowercaseLetter) { + status.containsLowercaseLetter || (status.containsLowercaseLetter = containsLowercaseCharacter); + } + if (this.customStrengthOptions.containsUppercaseLetter) { + status.containsUppercaseLetter || (status.containsUppercaseLetter = containsUppercaseCharacter); + } + if (this.customStrengthOptions.containsNumericCharacter) { + status.containsNumericCharacter || (status.containsNumericCharacter = containsNumericCharacter); + } + if (this.customStrengthOptions.containsNonAlphanumericCharacter) { + status.containsNonAlphanumericCharacter || (status.containsNonAlphanumericCharacter = containsNonAlphanumericCharacter); + } + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +class AuthImpl { + constructor(app, heartbeatServiceProvider, appCheckServiceProvider, config) { + this.app = app; + this.heartbeatServiceProvider = heartbeatServiceProvider; + this.appCheckServiceProvider = appCheckServiceProvider; + this.config = config; + this.currentUser = null; + this.emulatorConfig = null; + this.operations = Promise.resolve(); + this.authStateSubscription = new Subscription(this); + this.idTokenSubscription = new Subscription(this); + this.beforeStateQueue = new AuthMiddlewareQueue(this); + this.redirectUser = null; + this.isProactiveRefreshEnabled = false; + this.EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION = 1; + // Any network calls will set this to true and prevent subsequent emulator + // initialization + this._canInitEmulator = true; + this._isInitialized = false; + this._deleted = false; + this._initializationPromise = null; + this._popupRedirectResolver = null; + this._errorFactory = _DEFAULT_AUTH_ERROR_FACTORY; + this._agentRecaptchaConfig = null; + this._tenantRecaptchaConfigs = {}; + this._projectPasswordPolicy = null; + this._tenantPasswordPolicies = {}; + this._resolvePersistenceManagerAvailable = undefined; + // Tracks the last notified UID for state change listeners to prevent + // repeated calls to the callbacks. Undefined means it's never been + // called, whereas null means it's been called with a signed out user + this.lastNotifiedUid = undefined; + this.languageCode = null; + this.tenantId = null; + this.settings = { appVerificationDisabledForTesting: false }; + this.frameworks = []; + this.name = app.name; + this.clientVersion = config.sdkClientVersion; + // TODO(jamesdaniels) explore less hacky way to do this, cookie authentication needs + // persistenceMananger to be available. see _getFinalTarget for more context + this._persistenceManagerAvailable = new Promise(resolve => (this._resolvePersistenceManagerAvailable = resolve)); + } + _initializeWithPersistence(persistenceHierarchy, popupRedirectResolver) { + if (popupRedirectResolver) { + this._popupRedirectResolver = _getInstance(popupRedirectResolver); + } + // Have to check for app deletion throughout initialization (after each + // promise resolution) + this._initializationPromise = this.queue(async () => { + if (this._deleted) { + return; + } + this.persistenceManager = await PersistenceUserManager.create(this, persistenceHierarchy); + this._resolvePersistenceManagerAvailable?.(); + if (this._deleted) { + return; + } + // Initialize the resolver early if necessary (only applicable to web: + // this will cause the iframe to load immediately in certain cases) + if (this._popupRedirectResolver?._shouldInitProactively) { + // If this fails, don't halt auth loading + try { + await this._popupRedirectResolver._initialize(this); + } + catch (e) { + /* Ignore the error */ + } + } + await this.initializeCurrentUser(popupRedirectResolver); + this.lastNotifiedUid = this.currentUser?.uid || null; + if (this._deleted) { + return; + } + this._isInitialized = true; + }); + return this._initializationPromise; + } + /** + * If the persistence is changed in another window, the user manager will let us know + */ + async _onStorageEvent() { + if (this._deleted) { + return; + } + const user = await this.assertedPersistence.getCurrentUser(); + if (!this.currentUser && !user) { + // No change, do nothing (was signed out and remained signed out). + return; + } + // If the same user is to be synchronized. + if (this.currentUser && user && this.currentUser.uid === user.uid) { + // Data update, simply copy data changes. + this._currentUser._assign(user); + // If tokens changed from previous user tokens, this will trigger + // notifyAuthListeners_. + await this.currentUser.getIdToken(); + return; + } + // Update current Auth state. Either a new login or logout. + // Skip blocking callbacks, they should not apply to a change in another tab. + await this._updateCurrentUser(user, /* skipBeforeStateCallbacks */ true); + } + async initializeCurrentUserFromIdToken(idToken) { + try { + const response = await getAccountInfo(this, { idToken }); + const user = await UserImpl._fromGetAccountInfoResponse(this, response, idToken); + await this.directlySetCurrentUser(user); + } + catch (err) { + console.warn('FirebaseServerApp could not login user with provided authIdToken: ', err); + await this.directlySetCurrentUser(null); + } + } + async initializeCurrentUser(popupRedirectResolver) { + if (app._isFirebaseServerApp(this.app)) { + const idToken = this.app.settings.authIdToken; + if (idToken) { + // Start the auth operation in the next tick to allow a moment for the customer's app to + // attach an emulator, if desired. + return new Promise(resolve => { + setTimeout(() => this.initializeCurrentUserFromIdToken(idToken).then(resolve, resolve)); + }); + } + else { + return this.directlySetCurrentUser(null); + } + } + // First check to see if we have a pending redirect event. + const previouslyStoredUser = (await this.assertedPersistence.getCurrentUser()); + let futureCurrentUser = previouslyStoredUser; + let needsTocheckMiddleware = false; + if (popupRedirectResolver && this.config.authDomain) { + await this.getOrInitRedirectPersistenceManager(); + const redirectUserEventId = this.redirectUser?._redirectEventId; + const storedUserEventId = futureCurrentUser?._redirectEventId; + const result = await this.tryRedirectSignIn(popupRedirectResolver); + // If the stored user (i.e. the old "currentUser") has a redirectId that + // matches the redirect user, then we want to initially sign in with the + // new user object from result. + // TODO(samgho): More thoroughly test all of this + if ((!redirectUserEventId || redirectUserEventId === storedUserEventId) && + result?.user) { + futureCurrentUser = result.user; + needsTocheckMiddleware = true; + } + } + // If no user in persistence, there is no current user. Set to null. + if (!futureCurrentUser) { + return this.directlySetCurrentUser(null); + } + if (!futureCurrentUser._redirectEventId) { + // This isn't a redirect link operation, we can reload and bail. + // First though, ensure that we check the middleware is happy. + if (needsTocheckMiddleware) { + try { + await this.beforeStateQueue.runMiddleware(futureCurrentUser); + } + catch (e) { + futureCurrentUser = previouslyStoredUser; + // We know this is available since the bit is only set when the + // resolver is available + this._popupRedirectResolver._overrideRedirectResult(this, () => Promise.reject(e)); + } + } + if (futureCurrentUser) { + return this.reloadAndSetCurrentUserOrClear(futureCurrentUser); + } + else { + return this.directlySetCurrentUser(null); + } + } + _assert(this._popupRedirectResolver, this, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */); + await this.getOrInitRedirectPersistenceManager(); + // If the redirect user's event ID matches the current user's event ID, + // DO NOT reload the current user, otherwise they'll be cleared from storage. + // This is important for the reauthenticateWithRedirect() flow. + if (this.redirectUser && + this.redirectUser._redirectEventId === futureCurrentUser._redirectEventId) { + return this.directlySetCurrentUser(futureCurrentUser); + } + return this.reloadAndSetCurrentUserOrClear(futureCurrentUser); + } + async tryRedirectSignIn(redirectResolver) { + // The redirect user needs to be checked (and signed in if available) + // during auth initialization. All of the normal sign in and link/reauth + // flows call back into auth and push things onto the promise queue. We + // need to await the result of the redirect sign in *inside the promise + // queue*. This presents a problem: we run into deadlock. See: + // ┌> [Initialization] ─────┐ + // ┌> [<other queue tasks>] │ + // └─ [getRedirectResult] <─┘ + // where [] are tasks on the queue and arrows denote awaits + // Initialization will never complete because it's waiting on something + // that's waiting for initialization to complete! + // + // Instead, this method calls getRedirectResult() (stored in + // _completeRedirectFn) with an optional parameter that instructs all of + // the underlying auth operations to skip anything that mutates auth state. + let result = null; + try { + // We know this._popupRedirectResolver is set since redirectResolver + // is passed in. The _completeRedirectFn expects the unwrapped extern. + result = await this._popupRedirectResolver._completeRedirectFn(this, redirectResolver, true); + } + catch (e) { + // Swallow any errors here; the code can retrieve them in + // getRedirectResult(). + await this._setRedirectUser(null); + } + return result; + } + async reloadAndSetCurrentUserOrClear(user) { + try { + await _reloadWithoutSaving(user); + } + catch (e) { + if (e?.code !== + `auth/${"network-request-failed" /* AuthErrorCode.NETWORK_REQUEST_FAILED */}`) { + // Something's wrong with the user's token. Log them out and remove + // them from storage + return this.directlySetCurrentUser(null); + } + } + return this.directlySetCurrentUser(user); + } + useDeviceLanguage() { + this.languageCode = _getUserLanguage(); + } + async _delete() { + this._deleted = true; + } + async updateCurrentUser(userExtern) { + if (app._isFirebaseServerApp(this.app)) { + return Promise.reject(_serverAppCurrentUserOperationNotSupportedError(this)); + } + // The public updateCurrentUser method needs to make a copy of the user, + // and also check that the project matches + const user = userExtern + ? util.getModularInstance(userExtern) + : null; + if (user) { + _assert(user.auth.config.apiKey === this.config.apiKey, this, "invalid-user-token" /* AuthErrorCode.INVALID_AUTH */); + } + return this._updateCurrentUser(user && user._clone(this)); + } + async _updateCurrentUser(user, skipBeforeStateCallbacks = false) { + if (this._deleted) { + return; + } + if (user) { + _assert(this.tenantId === user.tenantId, this, "tenant-id-mismatch" /* AuthErrorCode.TENANT_ID_MISMATCH */); + } + if (!skipBeforeStateCallbacks) { + await this.beforeStateQueue.runMiddleware(user); + } + return this.queue(async () => { + await this.directlySetCurrentUser(user); + this.notifyAuthListeners(); + }); + } + async signOut() { + if (app._isFirebaseServerApp(this.app)) { + return Promise.reject(_serverAppCurrentUserOperationNotSupportedError(this)); + } + // Run first, to block _setRedirectUser() if any callbacks fail. + await this.beforeStateQueue.runMiddleware(null); + // Clear the redirect user when signOut is called + if (this.redirectPersistenceManager || this._popupRedirectResolver) { + await this._setRedirectUser(null); + } + // Prevent callbacks from being called again in _updateCurrentUser, as + // they were already called in the first line. + return this._updateCurrentUser(null, /* skipBeforeStateCallbacks */ true); + } + setPersistence(persistence) { + if (app._isFirebaseServerApp(this.app)) { + return Promise.reject(_serverAppCurrentUserOperationNotSupportedError(this)); + } + return this.queue(async () => { + await this.assertedPersistence.setPersistence(_getInstance(persistence)); + }); + } + _getRecaptchaConfig() { + if (this.tenantId == null) { + return this._agentRecaptchaConfig; + } + else { + return this._tenantRecaptchaConfigs[this.tenantId]; + } + } + async validatePassword(password) { + if (!this._getPasswordPolicyInternal()) { + await this._updatePasswordPolicy(); + } + // Password policy will be defined after fetching. + const passwordPolicy = this._getPasswordPolicyInternal(); + // Check that the policy schema version is supported by the SDK. + // TODO: Update this logic to use a max supported policy schema version once we have multiple schema versions. + if (passwordPolicy.schemaVersion !== + this.EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION) { + return Promise.reject(this._errorFactory.create("unsupported-password-policy-schema-version" /* AuthErrorCode.UNSUPPORTED_PASSWORD_POLICY_SCHEMA_VERSION */, {})); + } + return passwordPolicy.validatePassword(password); + } + _getPasswordPolicyInternal() { + if (this.tenantId === null) { + return this._projectPasswordPolicy; + } + else { + return this._tenantPasswordPolicies[this.tenantId]; + } + } + async _updatePasswordPolicy() { + const response = await _getPasswordPolicy(this); + const passwordPolicy = new PasswordPolicyImpl(response); + if (this.tenantId === null) { + this._projectPasswordPolicy = passwordPolicy; + } + else { + this._tenantPasswordPolicies[this.tenantId] = passwordPolicy; + } + } + _getPersistenceType() { + return this.assertedPersistence.persistence.type; + } + _getPersistence() { + return this.assertedPersistence.persistence; + } + _updateErrorMap(errorMap) { + this._errorFactory = new util.ErrorFactory('auth', 'Firebase', errorMap()); + } + onAuthStateChanged(nextOrObserver, error, completed) { + return this.registerStateListener(this.authStateSubscription, nextOrObserver, error, completed); + } + beforeAuthStateChanged(callback, onAbort) { + return this.beforeStateQueue.pushCallback(callback, onAbort); + } + onIdTokenChanged(nextOrObserver, error, completed) { + return this.registerStateListener(this.idTokenSubscription, nextOrObserver, error, completed); + } + authStateReady() { + return new Promise((resolve, reject) => { + if (this.currentUser) { + resolve(); + } + else { + const unsubscribe = this.onAuthStateChanged(() => { + unsubscribe(); + resolve(); + }, reject); + } + }); + } + /** + * Revokes the given access token. Currently only supports Apple OAuth access tokens. + */ + async revokeAccessToken(token) { + if (this.currentUser) { + const idToken = await this.currentUser.getIdToken(); + // Generalize this to accept other providers once supported. + const request = { + providerId: 'apple.com', + tokenType: "ACCESS_TOKEN" /* TokenType.ACCESS_TOKEN */, + token, + idToken + }; + if (this.tenantId != null) { + request.tenantId = this.tenantId; + } + await revokeToken(this, request); + } + } + toJSON() { + return { + apiKey: this.config.apiKey, + authDomain: this.config.authDomain, + appName: this.name, + currentUser: this._currentUser?.toJSON() + }; + } + async _setRedirectUser(user, popupRedirectResolver) { + const redirectManager = await this.getOrInitRedirectPersistenceManager(popupRedirectResolver); + return user === null + ? redirectManager.removeCurrentUser() + : redirectManager.setCurrentUser(user); + } + async getOrInitRedirectPersistenceManager(popupRedirectResolver) { + if (!this.redirectPersistenceManager) { + const resolver = (popupRedirectResolver && _getInstance(popupRedirectResolver)) || + this._popupRedirectResolver; + _assert(resolver, this, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */); + this.redirectPersistenceManager = await PersistenceUserManager.create(this, [_getInstance(resolver._redirectPersistence)], "redirectUser" /* KeyName.REDIRECT_USER */); + this.redirectUser = + await this.redirectPersistenceManager.getCurrentUser(); + } + return this.redirectPersistenceManager; + } + async _redirectUserForId(id) { + // Make sure we've cleared any pending persistence actions if we're not in + // the initializer + if (this._isInitialized) { + await this.queue(async () => { }); + } + if (this._currentUser?._redirectEventId === id) { + return this._currentUser; + } + if (this.redirectUser?._redirectEventId === id) { + return this.redirectUser; + } + return null; + } + async _persistUserIfCurrent(user) { + if (user === this.currentUser) { + return this.queue(async () => this.directlySetCurrentUser(user)); + } + } + /** Notifies listeners only if the user is current */ + _notifyListenersIfCurrent(user) { + if (user === this.currentUser) { + this.notifyAuthListeners(); + } + } + _key() { + return `${this.config.authDomain}:${this.config.apiKey}:${this.name}`; + } + _startProactiveRefresh() { + this.isProactiveRefreshEnabled = true; + if (this.currentUser) { + this._currentUser._startProactiveRefresh(); + } + } + _stopProactiveRefresh() { + this.isProactiveRefreshEnabled = false; + if (this.currentUser) { + this._currentUser._stopProactiveRefresh(); + } + } + /** Returns the current user cast as the internal type */ + get _currentUser() { + return this.currentUser; + } + notifyAuthListeners() { + if (!this._isInitialized) { + return; + } + this.idTokenSubscription.next(this.currentUser); + const currentUid = this.currentUser?.uid ?? null; + if (this.lastNotifiedUid !== currentUid) { + this.lastNotifiedUid = currentUid; + this.authStateSubscription.next(this.currentUser); + } + } + registerStateListener(subscription, nextOrObserver, error, completed) { + if (this._deleted) { + return () => { }; + } + const cb = typeof nextOrObserver === 'function' + ? nextOrObserver + : nextOrObserver.next.bind(nextOrObserver); + let isUnsubscribed = false; + const promise = this._isInitialized + ? Promise.resolve() + : this._initializationPromise; + _assert(promise, this, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + // The callback needs to be called asynchronously per the spec. + // eslint-disable-next-line @typescript-eslint/no-floating-promises + promise.then(() => { + if (isUnsubscribed) { + return; + } + cb(this.currentUser); + }); + if (typeof nextOrObserver === 'function') { + const unsubscribe = subscription.addObserver(nextOrObserver, error, completed); + return () => { + isUnsubscribed = true; + unsubscribe(); + }; + } + else { + const unsubscribe = subscription.addObserver(nextOrObserver); + return () => { + isUnsubscribed = true; + unsubscribe(); + }; + } + } + /** + * Unprotected (from race conditions) method to set the current user. This + * should only be called from within a queued callback. This is necessary + * because the queue shouldn't rely on another queued callback. + */ + async directlySetCurrentUser(user) { + if (this.currentUser && this.currentUser !== user) { + this._currentUser._stopProactiveRefresh(); + } + if (user && this.isProactiveRefreshEnabled) { + user._startProactiveRefresh(); + } + this.currentUser = user; + if (user) { + await this.assertedPersistence.setCurrentUser(user); + } + else { + await this.assertedPersistence.removeCurrentUser(); + } + } + queue(action) { + // In case something errors, the callback still should be called in order + // to keep the promise chain alive + this.operations = this.operations.then(action, action); + return this.operations; + } + get assertedPersistence() { + _assert(this.persistenceManager, this, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + return this.persistenceManager; + } + _logFramework(framework) { + if (!framework || this.frameworks.includes(framework)) { + return; + } + this.frameworks.push(framework); + // Sort alphabetically so that "FirebaseCore-web,FirebaseUI-web" and + // "FirebaseUI-web,FirebaseCore-web" aren't viewed as different. + this.frameworks.sort(); + this.clientVersion = _getClientVersion(this.config.clientPlatform, this._getFrameworks()); + } + _getFrameworks() { + return this.frameworks; + } + async _getAdditionalHeaders() { + // Additional headers on every request + const headers = { + ["X-Client-Version" /* HttpHeader.X_CLIENT_VERSION */]: this.clientVersion + }; + if (this.app.options.appId) { + headers["X-Firebase-gmpid" /* HttpHeader.X_FIREBASE_GMPID */] = this.app.options.appId; + } + // If the heartbeat service exists, add the heartbeat string + const heartbeatsHeader = await this.heartbeatServiceProvider + .getImmediate({ + optional: true + }) + ?.getHeartbeatsHeader(); + if (heartbeatsHeader) { + headers["X-Firebase-Client" /* HttpHeader.X_FIREBASE_CLIENT */] = heartbeatsHeader; + } + // If the App Check service exists, add the App Check token in the headers + const appCheckToken = await this._getAppCheckToken(); + if (appCheckToken) { + headers["X-Firebase-AppCheck" /* HttpHeader.X_FIREBASE_APP_CHECK */] = appCheckToken; + } + return headers; + } + async _getAppCheckToken() { + if (app._isFirebaseServerApp(this.app) && this.app.settings.appCheckToken) { + return this.app.settings.appCheckToken; + } + const appCheckTokenResult = await this.appCheckServiceProvider + .getImmediate({ optional: true }) + ?.getToken(); + if (appCheckTokenResult?.error) { + // Context: appCheck.getToken() will never throw even if an error happened. + // In the error case, a dummy token will be returned along with an error field describing + // the error. In general, we shouldn't care about the error condition and just use + // the token (actual or dummy) to send requests. + _logWarn(`Error while retrieving App Check token: ${appCheckTokenResult.error}`); + } + return appCheckTokenResult?.token; + } +} +/** + * Method to be used to cast down to our private implementation of Auth. + * It will also handle unwrapping from the compat type if necessary + * + * @param auth Auth object passed in from developer + */ +function _castAuth(auth) { + return util.getModularInstance(auth); +} +/** Helper class to wrap subscriber logic */ +class Subscription { + constructor(auth) { + this.auth = auth; + this.observer = null; + this.addObserver = util.createSubscribe(observer => (this.observer = observer)); + } + get next() { + _assert(this.observer, this.auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + return this.observer.next.bind(this.observer); + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +let externalJSProvider = { + async loadJS() { + throw new Error('Unable to load external scripts'); + }, + recaptchaV2Script: '', + recaptchaEnterpriseScript: '', + gapiScript: '' +}; +function _loadJS(url) { + return externalJSProvider.loadJS(url); +} +function _recaptchaEnterpriseScriptUrl() { + return externalJSProvider.recaptchaEnterpriseScript; +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +class MockGreCAPTCHATopLevel { + constructor() { + this.enterprise = new MockGreCAPTCHA(); + } + ready(callback) { + callback(); + } + execute( + // eslint-disable-next-line @typescript-eslint/no-unused-vars + _siteKey, _options) { + return Promise.resolve('token'); + } + render( + // eslint-disable-next-line @typescript-eslint/no-unused-vars + _container, _parameters) { + return ''; + } +} +class MockGreCAPTCHA { + ready(callback) { + callback(); + } + execute( + // eslint-disable-next-line @typescript-eslint/no-unused-vars + _siteKey, _options) { + return Promise.resolve('token'); + } + render( + // eslint-disable-next-line @typescript-eslint/no-unused-vars + _container, _parameters) { + return ''; + } +} + +/* eslint-disable @typescript-eslint/no-require-imports */ +const RECAPTCHA_ENTERPRISE_VERIFIER_TYPE = 'recaptcha-enterprise'; +const FAKE_TOKEN = 'NO_RECAPTCHA'; +class RecaptchaEnterpriseVerifier { + /** + * + * @param authExtern - The corresponding Firebase {@link Auth} instance. + * + */ + constructor(authExtern) { + /** + * Identifies the type of application verifier (e.g. "recaptcha-enterprise"). + */ + this.type = RECAPTCHA_ENTERPRISE_VERIFIER_TYPE; + this.auth = _castAuth(authExtern); + } + /** + * Executes the verification process. + * + * @returns A Promise for a token that can be used to assert the validity of a request. + */ + async verify(action = 'verify', forceRefresh = false) { + async function retrieveSiteKey(auth) { + if (!forceRefresh) { + if (auth.tenantId == null && auth._agentRecaptchaConfig != null) { + return auth._agentRecaptchaConfig.siteKey; + } + if (auth.tenantId != null && + auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined) { + return auth._tenantRecaptchaConfigs[auth.tenantId].siteKey; + } + } + return new Promise(async (resolve, reject) => { + getRecaptchaConfig(auth, { + clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */, + version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */ + }) + .then(response => { + if (response.recaptchaKey === undefined) { + reject(new Error('recaptcha Enterprise site key undefined')); + } + else { + const config = new RecaptchaConfig(response); + if (auth.tenantId == null) { + auth._agentRecaptchaConfig = config; + } + else { + auth._tenantRecaptchaConfigs[auth.tenantId] = config; + } + return resolve(config.siteKey); + } + }) + .catch(error => { + reject(error); + }); + }); + } + function retrieveRecaptchaToken(siteKey, resolve, reject) { + const grecaptcha = window.grecaptcha; + if (isEnterprise(grecaptcha)) { + grecaptcha.enterprise.ready(() => { + grecaptcha.enterprise + .execute(siteKey, { action }) + .then(token => { + resolve(token); + }) + .catch(() => { + resolve(FAKE_TOKEN); + }); + }); + } + else { + reject(Error('No reCAPTCHA enterprise script loaded.')); + } + } + // Returns Promise for a mock token when appVerificationDisabledForTesting is true. + if (this.auth.settings.appVerificationDisabledForTesting) { + const mockRecaptcha = new MockGreCAPTCHATopLevel(); + return mockRecaptcha.execute('siteKey', { action: 'verify' }); + } + return new Promise((resolve, reject) => { + retrieveSiteKey(this.auth) + .then(siteKey => { + if (!forceRefresh && isEnterprise(window.grecaptcha)) { + retrieveRecaptchaToken(siteKey, resolve, reject); + } + else { + if (typeof window === 'undefined') { + reject(new Error('RecaptchaVerifier is only supported in browser')); + return; + } + let url = _recaptchaEnterpriseScriptUrl(); + if (url.length !== 0) { + url += siteKey; + } + _loadJS(url) + .then(() => { + retrieveRecaptchaToken(siteKey, resolve, reject); + }) + .catch(error => { + reject(error); + }); + } + }) + .catch(error => { + reject(error); + }); + }); + } +} +async function injectRecaptchaFields(auth, request, action, isCaptchaResp = false, isFakeToken = false) { + const verifier = new RecaptchaEnterpriseVerifier(auth); + let captchaResponse; + if (isFakeToken) { + captchaResponse = FAKE_TOKEN; + } + else { + try { + captchaResponse = await verifier.verify(action); + } + catch (error) { + captchaResponse = await verifier.verify(action, true); + } + } + const newRequest = { ...request }; + if (action === "mfaSmsEnrollment" /* RecaptchaActionName.MFA_SMS_ENROLLMENT */ || + action === "mfaSmsSignIn" /* RecaptchaActionName.MFA_SMS_SIGNIN */) { + if ('phoneEnrollmentInfo' in newRequest) { + const phoneNumber = newRequest.phoneEnrollmentInfo.phoneNumber; + const recaptchaToken = newRequest.phoneEnrollmentInfo.recaptchaToken; + Object.assign(newRequest, { + 'phoneEnrollmentInfo': { + phoneNumber, + recaptchaToken, + captchaResponse, + 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */, + 'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */ + } + }); + } + else if ('phoneSignInInfo' in newRequest) { + const recaptchaToken = newRequest.phoneSignInInfo.recaptchaToken; + Object.assign(newRequest, { + 'phoneSignInInfo': { + recaptchaToken, + captchaResponse, + 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */, + 'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */ + } + }); + } + return newRequest; + } + if (!isCaptchaResp) { + Object.assign(newRequest, { captchaResponse }); + } + else { + Object.assign(newRequest, { 'captchaResp': captchaResponse }); + } + Object.assign(newRequest, { 'clientType': "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ }); + Object.assign(newRequest, { + 'recaptchaVersion': "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */ + }); + return newRequest; +} +async function handleRecaptchaFlow(authInstance, request, actionName, actionMethod, recaptchaAuthProvider) { + if (recaptchaAuthProvider === "EMAIL_PASSWORD_PROVIDER" /* RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER */) { + if (authInstance + ._getRecaptchaConfig() + ?.isProviderEnabled("EMAIL_PASSWORD_PROVIDER" /* RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER */)) { + const requestWithRecaptcha = await injectRecaptchaFields(authInstance, request, actionName, actionName === "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */); + return actionMethod(authInstance, requestWithRecaptcha); + } + else { + return actionMethod(authInstance, request).catch(async (error) => { + if (error.code === `auth/${"missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */}`) { + console.log(`${actionName} is protected by reCAPTCHA Enterprise for this project. Automatically triggering the reCAPTCHA flow and restarting the flow.`); + const requestWithRecaptcha = await injectRecaptchaFields(authInstance, request, actionName, actionName === "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */); + return actionMethod(authInstance, requestWithRecaptcha); + } + else { + return Promise.reject(error); + } + }); + } + } + else if (recaptchaAuthProvider === "PHONE_PROVIDER" /* RecaptchaAuthProvider.PHONE_PROVIDER */) { + if (authInstance + ._getRecaptchaConfig() + ?.isProviderEnabled("PHONE_PROVIDER" /* RecaptchaAuthProvider.PHONE_PROVIDER */)) { + const requestWithRecaptcha = await injectRecaptchaFields(authInstance, request, actionName); + return actionMethod(authInstance, requestWithRecaptcha).catch(async (error) => { + if (authInstance + ._getRecaptchaConfig() + ?.getProviderEnforcementState("PHONE_PROVIDER" /* RecaptchaAuthProvider.PHONE_PROVIDER */) === "AUDIT" /* EnforcementState.AUDIT */) { + // AUDIT mode + if (error.code === `auth/${"missing-recaptcha-token" /* AuthErrorCode.MISSING_RECAPTCHA_TOKEN */}` || + error.code === `auth/${"invalid-app-credential" /* AuthErrorCode.INVALID_APP_CREDENTIAL */}`) { + console.log(`Failed to verify with reCAPTCHA Enterprise. Automatically triggering the reCAPTCHA v2 flow to complete the ${actionName} flow.`); + // reCAPTCHA Enterprise token is missing or reCAPTCHA Enterprise token + // check fails. + // Fallback to reCAPTCHA v2 flow. + const requestWithRecaptchaFields = await injectRecaptchaFields(authInstance, request, actionName, false, // isCaptchaResp + true // isFakeToken + ); + // This will call the PhoneApiCaller to fetch and inject reCAPTCHA v2 token. + return actionMethod(authInstance, requestWithRecaptchaFields); + } + } + // ENFORCE mode or AUDIT mode with any other error. + return Promise.reject(error); + }); + } + else { + // Do reCAPTCHA v2 flow. + const requestWithRecaptchaFields = await injectRecaptchaFields(authInstance, request, actionName, false, // isCaptchaResp + true // isFakeToken + ); + // This will call the PhoneApiCaller to fetch and inject v2 token. + return actionMethod(authInstance, requestWithRecaptchaFields); + } + } + else { + return Promise.reject(recaptchaAuthProvider + ' provider is not supported.'); + } +} +async function _initializeRecaptchaConfig(auth) { + const authInternal = _castAuth(auth); + const response = await getRecaptchaConfig(authInternal, { + clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */, + version: "RECAPTCHA_ENTERPRISE" /* RecaptchaVersion.ENTERPRISE */ + }); + const config = new RecaptchaConfig(response); + if (authInternal.tenantId == null) { + authInternal._agentRecaptchaConfig = config; + } + else { + authInternal._tenantRecaptchaConfigs[authInternal.tenantId] = config; + } + if (config.isAnyProviderEnabled()) { + const verifier = new RecaptchaEnterpriseVerifier(authInternal); + void verifier.verify(); + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Initializes an {@link Auth} instance with fine-grained control over + * {@link Dependencies}. + * + * @remarks + * + * This function allows more control over the {@link Auth} instance than + * {@link getAuth}. `getAuth` uses platform-specific defaults to supply + * the {@link Dependencies}. In general, `getAuth` is the easiest way to + * initialize Auth and works for most use cases. Use `initializeAuth` if you + * need control over which persistence layer is used, or to minimize bundle + * size if you're not using either `signInWithPopup` or `signInWithRedirect`. + * + * For example, if your app only uses anonymous accounts and you only want + * accounts saved for the current session, initialize `Auth` with: + * + * ```js + * const auth = initializeAuth(app, { + * persistence: browserSessionPersistence, + * popupRedirectResolver: undefined, + * }); + * ``` + * + * @public + */ +function initializeAuth(app$1, deps) { + const provider = app._getProvider(app$1, 'auth'); + if (provider.isInitialized()) { + const auth = provider.getImmediate(); + const initialOptions = provider.getOptions(); + if (util.deepEqual(initialOptions, deps ?? {})) { + return auth; + } + else { + _fail(auth, "already-initialized" /* AuthErrorCode.ALREADY_INITIALIZED */); + } + } + const auth = provider.initialize({ options: deps }); + return auth; +} +function _initializeAuthInstance(auth, deps) { + const persistence = deps?.persistence || []; + const hierarchy = (Array.isArray(persistence) ? persistence : [persistence]).map(_getInstance); + if (deps?.errorMap) { + auth._updateErrorMap(deps.errorMap); + } + // This promise is intended to float; auth initialization happens in the + // background, meanwhile the auth object may be used by the app. + // eslint-disable-next-line @typescript-eslint/no-floating-promises + auth._initializeWithPersistence(hierarchy, deps?.popupRedirectResolver); +} + +/** + * Changes the {@link Auth} instance to communicate with the Firebase Auth Emulator, instead of production + * Firebase Auth services. + * + * @remarks + * This must be called synchronously immediately following the first call to + * {@link initializeAuth}. Do not use with production credentials as emulator + * traffic is not encrypted. + * + * + * @example + * ```javascript + * connectAuthEmulator(auth, 'http://127.0.0.1:9099', { disableWarnings: true }); + * ``` + * + * @param auth - The {@link Auth} instance. + * @param url - The URL at which the emulator is running (eg, 'http://localhost:9099'). + * @param options - Optional. `options.disableWarnings` defaults to `false`. Set it to + * `true` to disable the warning banner attached to the DOM. + * + * @public + */ +function connectAuthEmulator(auth, url, options) { + const authInternal = _castAuth(auth); + _assert(/^https?:\/\//.test(url), authInternal, "invalid-emulator-scheme" /* AuthErrorCode.INVALID_EMULATOR_SCHEME */); + const disableWarnings = !!options?.disableWarnings; + const protocol = extractProtocol(url); + const { host, port } = extractHostAndPort(url); + const portStr = port === null ? '' : `:${port}`; + // Always replace path with "/" (even if input url had no path at all, or had a different one). + const emulator = { url: `${protocol}//${host}${portStr}/` }; + const emulatorConfig = Object.freeze({ + host, + port, + protocol: protocol.replace(':', ''), + options: Object.freeze({ disableWarnings }) + }); + // There are a few scenarios to guard against if the Auth instance has already started: + if (!authInternal._canInitEmulator) { + // Applications may not initialize the emulator for the first time if Auth has already started + // to make network requests. + _assert(authInternal.config.emulator && authInternal.emulatorConfig, authInternal, "emulator-config-failed" /* AuthErrorCode.EMULATOR_CONFIG_FAILED */); + // Applications may not alter the configuration of the emulator (aka pass a different config) + // once Auth has started to make network requests. + _assert(util.deepEqual(emulator, authInternal.config.emulator) && + util.deepEqual(emulatorConfig, authInternal.emulatorConfig), authInternal, "emulator-config-failed" /* AuthErrorCode.EMULATOR_CONFIG_FAILED */); + // It's valid, however, to invoke connectAuthEmulator() after Auth has started making + // connections, so long as the config matches the existing config. This results in a no-op. + return; + } + authInternal.config.emulator = emulator; + authInternal.emulatorConfig = emulatorConfig; + authInternal.settings.appVerificationDisabledForTesting = true; + // Workaround to get cookies in Firebase Studio + if (util.isCloudWorkstation(host)) { + void util.pingServer(`${protocol}//${host}${portStr}`); + util.updateEmulatorBanner('Auth', true); + } + else if (!disableWarnings) { + emitEmulatorWarning(); + } +} +function extractProtocol(url) { + const protocolEnd = url.indexOf(':'); + return protocolEnd < 0 ? '' : url.substr(0, protocolEnd + 1); +} +function extractHostAndPort(url) { + const protocol = extractProtocol(url); + const authority = /(\/\/)?([^?#/]+)/.exec(url.substr(protocol.length)); // Between // and /, ? or #. + if (!authority) { + return { host: '', port: null }; + } + const hostAndPort = authority[2].split('@').pop() || ''; // Strip out "username:password@". + const bracketedIPv6 = /^(\[[^\]]+\])(:|$)/.exec(hostAndPort); + if (bracketedIPv6) { + const host = bracketedIPv6[1]; + return { host, port: parsePort(hostAndPort.substr(host.length + 1)) }; + } + else { + const [host, port] = hostAndPort.split(':'); + return { host, port: parsePort(port) }; + } +} +function parsePort(portStr) { + if (!portStr) { + return null; + } + const port = Number(portStr); + if (isNaN(port)) { + return null; + } + return port; +} +function emitEmulatorWarning() { + function attachBanner() { + const el = document.createElement('p'); + const sty = el.style; + el.innerText = + 'Running in emulator mode. Do not use with production credentials.'; + sty.position = 'fixed'; + sty.width = '100%'; + sty.backgroundColor = '#ffffff'; + sty.border = '.1em solid #000000'; + sty.color = '#b50000'; + sty.bottom = '0px'; + sty.left = '0px'; + sty.margin = '0px'; + sty.zIndex = '10000'; + sty.textAlign = 'center'; + el.classList.add('firebase-emulator-warning'); + document.body.appendChild(el); + } + if (typeof console !== 'undefined' && typeof console.info === 'function') { + console.info('WARNING: You are using the Auth Emulator,' + + ' which is intended for local testing only. Do not use with' + + ' production credentials.'); + } + if (typeof window !== 'undefined' && typeof document !== 'undefined') { + if (document.readyState === 'loading') { + window.addEventListener('DOMContentLoaded', attachBanner); + } + else { + attachBanner(); + } + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Interface that represents the credentials returned by an {@link AuthProvider}. + * + * @remarks + * Implementations specify the details about each auth provider's credential requirements. + * + * @public + */ +class AuthCredential { + /** @internal */ + constructor( + /** + * The authentication provider ID for the credential. + * + * @remarks + * For example, 'facebook.com', or 'google.com'. + */ + providerId, + /** + * The authentication sign in method for the credential. + * + * @remarks + * For example, {@link SignInMethod}.EMAIL_PASSWORD, or + * {@link SignInMethod}.EMAIL_LINK. This corresponds to the sign-in method + * identifier as returned in {@link fetchSignInMethodsForEmail}. + */ + signInMethod) { + this.providerId = providerId; + this.signInMethod = signInMethod; + } + /** + * Returns a JSON-serializable representation of this object. + * + * @returns a JSON-serializable representation of this object. + */ + toJSON() { + return debugFail('not implemented'); + } + /** @internal */ + _getIdTokenResponse(_auth) { + return debugFail('not implemented'); + } + /** @internal */ + _linkToIdToken(_auth, _idToken) { + return debugFail('not implemented'); + } + /** @internal */ + _getReauthenticationResolver(_auth) { + return debugFail('not implemented'); + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +async function resetPassword(auth, request) { + return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:resetPassword" /* Endpoint.RESET_PASSWORD */, _addTidIfNecessary(auth, request)); +} +async function updateEmailPassword(auth, request) { + return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:update" /* Endpoint.SET_ACCOUNT_INFO */, request); +} +// Used for linking an email/password account to an existing idToken. Uses the same request/response +// format as updateEmailPassword. +async function linkEmailPassword(auth, request) { + return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:signUp" /* Endpoint.SIGN_UP */, request); +} +async function applyActionCode$1(auth, request) { + return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:update" /* Endpoint.SET_ACCOUNT_INFO */, _addTidIfNecessary(auth, request)); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +async function signInWithPassword(auth, request) { + return _performSignInRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:signInWithPassword" /* Endpoint.SIGN_IN_WITH_PASSWORD */, _addTidIfNecessary(auth, request)); +} +async function sendOobCode(auth, request) { + return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:sendOobCode" /* Endpoint.SEND_OOB_CODE */, _addTidIfNecessary(auth, request)); +} +async function sendEmailVerification$1(auth, request) { + return sendOobCode(auth, request); +} +async function sendPasswordResetEmail$1(auth, request) { + return sendOobCode(auth, request); +} +async function sendSignInLinkToEmail$1(auth, request) { + return sendOobCode(auth, request); +} +async function verifyAndChangeEmail(auth, request) { + return sendOobCode(auth, request); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +async function signInWithEmailLink$1(auth, request) { + return _performSignInRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:signInWithEmailLink" /* Endpoint.SIGN_IN_WITH_EMAIL_LINK */, _addTidIfNecessary(auth, request)); +} +async function signInWithEmailLinkForLinking(auth, request) { + return _performSignInRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:signInWithEmailLink" /* Endpoint.SIGN_IN_WITH_EMAIL_LINK */, _addTidIfNecessary(auth, request)); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Interface that represents the credentials returned by {@link EmailAuthProvider} for + * {@link ProviderId}.PASSWORD + * + * @remarks + * Covers both {@link SignInMethod}.EMAIL_PASSWORD and + * {@link SignInMethod}.EMAIL_LINK. + * + * @public + */ +class EmailAuthCredential extends AuthCredential { + /** @internal */ + constructor( + /** @internal */ + _email, + /** @internal */ + _password, signInMethod, + /** @internal */ + _tenantId = null) { + super("password" /* ProviderId.PASSWORD */, signInMethod); + this._email = _email; + this._password = _password; + this._tenantId = _tenantId; + } + /** @internal */ + static _fromEmailAndPassword(email, password) { + return new EmailAuthCredential(email, password, "password" /* SignInMethod.EMAIL_PASSWORD */); + } + /** @internal */ + static _fromEmailAndCode(email, oobCode, tenantId = null) { + return new EmailAuthCredential(email, oobCode, "emailLink" /* SignInMethod.EMAIL_LINK */, tenantId); + } + /** {@inheritdoc AuthCredential.toJSON} */ + toJSON() { + return { + email: this._email, + password: this._password, + signInMethod: this.signInMethod, + tenantId: this._tenantId + }; + } + /** + * Static method to deserialize a JSON representation of an object into an {@link AuthCredential}. + * + * @param json - Either `object` or the stringified representation of the object. When string is + * provided, `JSON.parse` would be called first. + * + * @returns If the JSON input does not represent an {@link AuthCredential}, null is returned. + */ + static fromJSON(json) { + const obj = typeof json === 'string' ? JSON.parse(json) : json; + if (obj?.email && obj?.password) { + if (obj.signInMethod === "password" /* SignInMethod.EMAIL_PASSWORD */) { + return this._fromEmailAndPassword(obj.email, obj.password); + } + else if (obj.signInMethod === "emailLink" /* SignInMethod.EMAIL_LINK */) { + return this._fromEmailAndCode(obj.email, obj.password, obj.tenantId); + } + } + return null; + } + /** @internal */ + async _getIdTokenResponse(auth) { + switch (this.signInMethod) { + case "password" /* SignInMethod.EMAIL_PASSWORD */: + const request = { + returnSecureToken: true, + email: this._email, + password: this._password, + clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ + }; + return handleRecaptchaFlow(auth, request, "signInWithPassword" /* RecaptchaActionName.SIGN_IN_WITH_PASSWORD */, signInWithPassword, "EMAIL_PASSWORD_PROVIDER" /* RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER */); + case "emailLink" /* SignInMethod.EMAIL_LINK */: + return signInWithEmailLink$1(auth, { + email: this._email, + oobCode: this._password + }); + default: + _fail(auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + } + } + /** @internal */ + async _linkToIdToken(auth, idToken) { + switch (this.signInMethod) { + case "password" /* SignInMethod.EMAIL_PASSWORD */: + const request = { + idToken, + returnSecureToken: true, + email: this._email, + password: this._password, + clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ + }; + return handleRecaptchaFlow(auth, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */, linkEmailPassword, "EMAIL_PASSWORD_PROVIDER" /* RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER */); + case "emailLink" /* SignInMethod.EMAIL_LINK */: + return signInWithEmailLinkForLinking(auth, { + idToken, + email: this._email, + oobCode: this._password + }); + default: + _fail(auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + } + } + /** @internal */ + _getReauthenticationResolver(auth) { + return this._getIdTokenResponse(auth); + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +async function signInWithIdp(auth, request) { + return _performSignInRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:signInWithIdp" /* Endpoint.SIGN_IN_WITH_IDP */, _addTidIfNecessary(auth, request)); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +const IDP_REQUEST_URI$1 = 'http://localhost'; +/** + * Represents the OAuth credentials returned by an {@link OAuthProvider}. + * + * @remarks + * Implementations specify the details about each auth provider's credential requirements. + * + * @public + */ +class OAuthCredential extends AuthCredential { + constructor() { + super(...arguments); + this.pendingToken = null; + } + /** @internal */ + static _fromParams(params) { + const cred = new OAuthCredential(params.providerId, params.signInMethod); + if (params.idToken || params.accessToken) { + // OAuth 2 and either ID token or access token. + if (params.idToken) { + cred.idToken = params.idToken; + } + if (params.accessToken) { + cred.accessToken = params.accessToken; + } + // Add nonce if available and no pendingToken is present. + if (params.nonce && !params.pendingToken) { + cred.nonce = params.nonce; + } + if (params.pendingToken) { + cred.pendingToken = params.pendingToken; + } + } + else if (params.oauthToken && params.oauthTokenSecret) { + // OAuth 1 and OAuth token with token secret + cred.accessToken = params.oauthToken; + cred.secret = params.oauthTokenSecret; + } + else { + _fail("argument-error" /* AuthErrorCode.ARGUMENT_ERROR */); + } + return cred; + } + /** {@inheritdoc AuthCredential.toJSON} */ + toJSON() { + return { + idToken: this.idToken, + accessToken: this.accessToken, + secret: this.secret, + nonce: this.nonce, + pendingToken: this.pendingToken, + providerId: this.providerId, + signInMethod: this.signInMethod + }; + } + /** + * Static method to deserialize a JSON representation of an object into an + * {@link AuthCredential}. + * + * @param json - Input can be either Object or the stringified representation of the object. + * When string is provided, JSON.parse would be called first. + * + * @returns If the JSON input does not represent an {@link AuthCredential}, null is returned. + */ + static fromJSON(json) { + const obj = typeof json === 'string' ? JSON.parse(json) : json; + const { providerId, signInMethod, ...rest } = obj; + if (!providerId || !signInMethod) { + return null; + } + const cred = new OAuthCredential(providerId, signInMethod); + cred.idToken = rest.idToken || undefined; + cred.accessToken = rest.accessToken || undefined; + cred.secret = rest.secret; + cred.nonce = rest.nonce; + cred.pendingToken = rest.pendingToken || null; + return cred; + } + /** @internal */ + _getIdTokenResponse(auth) { + const request = this.buildRequest(); + return signInWithIdp(auth, request); + } + /** @internal */ + _linkToIdToken(auth, idToken) { + const request = this.buildRequest(); + request.idToken = idToken; + return signInWithIdp(auth, request); + } + /** @internal */ + _getReauthenticationResolver(auth) { + const request = this.buildRequest(); + request.autoCreate = false; + return signInWithIdp(auth, request); + } + buildRequest() { + const request = { + requestUri: IDP_REQUEST_URI$1, + returnSecureToken: true + }; + if (this.pendingToken) { + request.pendingToken = this.pendingToken; + } + else { + const postBody = {}; + if (this.idToken) { + postBody['id_token'] = this.idToken; + } + if (this.accessToken) { + postBody['access_token'] = this.accessToken; + } + if (this.secret) { + postBody['oauth_token_secret'] = this.secret; + } + postBody['providerId'] = this.providerId; + if (this.nonce && !this.pendingToken) { + postBody['nonce'] = this.nonce; + } + request.postBody = util.querystring(postBody); + } + return request; + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +async function signInWithPhoneNumber$1(auth, request) { + return _performSignInRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:signInWithPhoneNumber" /* Endpoint.SIGN_IN_WITH_PHONE_NUMBER */, _addTidIfNecessary(auth, request)); +} +async function linkWithPhoneNumber$1(auth, request) { + const response = await _performSignInRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:signInWithPhoneNumber" /* Endpoint.SIGN_IN_WITH_PHONE_NUMBER */, _addTidIfNecessary(auth, request)); + if (response.temporaryProof) { + throw _makeTaggedError(auth, "account-exists-with-different-credential" /* AuthErrorCode.NEED_CONFIRMATION */, response); + } + return response; +} +const VERIFY_PHONE_NUMBER_FOR_EXISTING_ERROR_MAP_ = { + ["USER_NOT_FOUND" /* ServerError.USER_NOT_FOUND */]: "user-not-found" /* AuthErrorCode.USER_DELETED */ +}; +async function verifyPhoneNumberForExisting(auth, request) { + const apiRequest = { + ...request, + operation: 'REAUTH' + }; + return _performSignInRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:signInWithPhoneNumber" /* Endpoint.SIGN_IN_WITH_PHONE_NUMBER */, _addTidIfNecessary(auth, apiRequest), VERIFY_PHONE_NUMBER_FOR_EXISTING_ERROR_MAP_); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Represents the credentials returned by {@link PhoneAuthProvider}. + * + * @public + */ +class PhoneAuthCredential extends AuthCredential { + constructor(params) { + super("phone" /* ProviderId.PHONE */, "phone" /* SignInMethod.PHONE */); + this.params = params; + } + /** @internal */ + static _fromVerification(verificationId, verificationCode) { + return new PhoneAuthCredential({ verificationId, verificationCode }); + } + /** @internal */ + static _fromTokenResponse(phoneNumber, temporaryProof) { + return new PhoneAuthCredential({ phoneNumber, temporaryProof }); + } + /** @internal */ + _getIdTokenResponse(auth) { + return signInWithPhoneNumber$1(auth, this._makeVerificationRequest()); + } + /** @internal */ + _linkToIdToken(auth, idToken) { + return linkWithPhoneNumber$1(auth, { + idToken, + ...this._makeVerificationRequest() + }); + } + /** @internal */ + _getReauthenticationResolver(auth) { + return verifyPhoneNumberForExisting(auth, this._makeVerificationRequest()); + } + /** @internal */ + _makeVerificationRequest() { + const { temporaryProof, phoneNumber, verificationId, verificationCode } = this.params; + if (temporaryProof && phoneNumber) { + return { temporaryProof, phoneNumber }; + } + return { + sessionInfo: verificationId, + code: verificationCode + }; + } + /** {@inheritdoc AuthCredential.toJSON} */ + toJSON() { + const obj = { + providerId: this.providerId + }; + if (this.params.phoneNumber) { + obj.phoneNumber = this.params.phoneNumber; + } + if (this.params.temporaryProof) { + obj.temporaryProof = this.params.temporaryProof; + } + if (this.params.verificationCode) { + obj.verificationCode = this.params.verificationCode; + } + if (this.params.verificationId) { + obj.verificationId = this.params.verificationId; + } + return obj; + } + /** Generates a phone credential based on a plain object or a JSON string. */ + static fromJSON(json) { + if (typeof json === 'string') { + json = JSON.parse(json); + } + const { verificationId, verificationCode, phoneNumber, temporaryProof } = json; + if (!verificationCode && + !verificationId && + !phoneNumber && + !temporaryProof) { + return null; + } + return new PhoneAuthCredential({ + verificationId, + verificationCode, + phoneNumber, + temporaryProof + }); + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Maps the mode string in action code URL to Action Code Info operation. + * + * @param mode + */ +function parseMode(mode) { + switch (mode) { + case 'recoverEmail': + return "RECOVER_EMAIL" /* ActionCodeOperation.RECOVER_EMAIL */; + case 'resetPassword': + return "PASSWORD_RESET" /* ActionCodeOperation.PASSWORD_RESET */; + case 'signIn': + return "EMAIL_SIGNIN" /* ActionCodeOperation.EMAIL_SIGNIN */; + case 'verifyEmail': + return "VERIFY_EMAIL" /* ActionCodeOperation.VERIFY_EMAIL */; + case 'verifyAndChangeEmail': + return "VERIFY_AND_CHANGE_EMAIL" /* ActionCodeOperation.VERIFY_AND_CHANGE_EMAIL */; + case 'revertSecondFactorAddition': + return "REVERT_SECOND_FACTOR_ADDITION" /* ActionCodeOperation.REVERT_SECOND_FACTOR_ADDITION */; + default: + return null; + } +} +/** + * Helper to parse FDL links + * + * @param url + */ +function parseDeepLink(url) { + const link = util.querystringDecode(util.extractQuerystring(url))['link']; + // Double link case (automatic redirect). + const doubleDeepLink = link + ? util.querystringDecode(util.extractQuerystring(link))['deep_link_id'] + : null; + // iOS custom scheme links. + const iOSDeepLink = util.querystringDecode(util.extractQuerystring(url))['deep_link_id']; + const iOSDoubleDeepLink = iOSDeepLink + ? util.querystringDecode(util.extractQuerystring(iOSDeepLink))['link'] + : null; + return iOSDoubleDeepLink || iOSDeepLink || doubleDeepLink || link || url; +} +/** + * A utility class to parse email action URLs such as password reset, email verification, + * email link sign in, etc. + * + * @public + */ +class ActionCodeURL { + /** + * @param actionLink - The link from which to extract the URL. + * @returns The {@link ActionCodeURL} object, or null if the link is invalid. + * + * @internal + */ + constructor(actionLink) { + const searchParams = util.querystringDecode(util.extractQuerystring(actionLink)); + const apiKey = searchParams["apiKey" /* QueryField.API_KEY */] ?? null; + const code = searchParams["oobCode" /* QueryField.CODE */] ?? null; + const operation = parseMode(searchParams["mode" /* QueryField.MODE */] ?? null); + // Validate API key, code and mode. + _assert(apiKey && code && operation, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */); + this.apiKey = apiKey; + this.operation = operation; + this.code = code; + this.continueUrl = searchParams["continueUrl" /* QueryField.CONTINUE_URL */] ?? null; + this.languageCode = searchParams["lang" /* QueryField.LANGUAGE_CODE */] ?? null; + this.tenantId = searchParams["tenantId" /* QueryField.TENANT_ID */] ?? null; + } + /** + * Parses the email action link string and returns an {@link ActionCodeURL} if the link is valid, + * otherwise returns null. + * + * @param link - The email action link string. + * @returns The {@link ActionCodeURL} object, or null if the link is invalid. + * + * @public + */ + static parseLink(link) { + const actionLink = parseDeepLink(link); + try { + return new ActionCodeURL(actionLink); + } + catch { + return null; + } + } +} +/** + * Parses the email action link string and returns an {@link ActionCodeURL} if + * the link is valid, otherwise returns null. + * + * @public + */ +function parseActionCodeURL(link) { + return ActionCodeURL.parseLink(link); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Provider for generating {@link EmailAuthCredential}. + * + * @public + */ +class EmailAuthProvider { + constructor() { + /** + * Always set to {@link ProviderId}.PASSWORD, even for email link. + */ + this.providerId = EmailAuthProvider.PROVIDER_ID; + } + /** + * Initialize an {@link AuthCredential} using an email and password. + * + * @example + * ```javascript + * const authCredential = EmailAuthProvider.credential(email, password); + * const userCredential = await signInWithCredential(auth, authCredential); + * ``` + * + * @example + * ```javascript + * const userCredential = await signInWithEmailAndPassword(auth, email, password); + * ``` + * + * @param email - Email address. + * @param password - User account password. + * @returns The auth provider credential. + */ + static credential(email, password) { + return EmailAuthCredential._fromEmailAndPassword(email, password); + } + /** + * Initialize an {@link AuthCredential} using an email and an email link after a sign in with + * email link operation. + * + * @example + * ```javascript + * const authCredential = EmailAuthProvider.credentialWithLink(auth, email, emailLink); + * const userCredential = await signInWithCredential(auth, authCredential); + * ``` + * + * @example + * ```javascript + * await sendSignInLinkToEmail(auth, email); + * // Obtain emailLink from user. + * const userCredential = await signInWithEmailLink(auth, email, emailLink); + * ``` + * + * @param auth - The {@link Auth} instance used to verify the link. + * @param email - Email address. + * @param emailLink - Sign-in email link. + * @returns - The auth provider credential. + */ + static credentialWithLink(email, emailLink) { + const actionCodeUrl = ActionCodeURL.parseLink(emailLink); + _assert(actionCodeUrl, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */); + return EmailAuthCredential._fromEmailAndCode(email, actionCodeUrl.code, actionCodeUrl.tenantId); + } +} +/** + * Always set to {@link ProviderId}.PASSWORD, even for email link. + */ +EmailAuthProvider.PROVIDER_ID = "password" /* ProviderId.PASSWORD */; +/** + * Always set to {@link SignInMethod}.EMAIL_PASSWORD. + */ +EmailAuthProvider.EMAIL_PASSWORD_SIGN_IN_METHOD = "password" /* SignInMethod.EMAIL_PASSWORD */; +/** + * Always set to {@link SignInMethod}.EMAIL_LINK. + */ +EmailAuthProvider.EMAIL_LINK_SIGN_IN_METHOD = "emailLink" /* SignInMethod.EMAIL_LINK */; + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * The base class for all Federated providers (OAuth (including OIDC), SAML). + * + * This class is not meant to be instantiated directly. + * + * @public + */ +class FederatedAuthProvider { + /** + * Constructor for generic OAuth providers. + * + * @param providerId - Provider for which credentials should be generated. + */ + constructor(providerId) { + this.providerId = providerId; + /** @internal */ + this.defaultLanguageCode = null; + /** @internal */ + this.customParameters = {}; + } + /** + * Set the language gode. + * + * @param languageCode - language code + */ + setDefaultLanguage(languageCode) { + this.defaultLanguageCode = languageCode; + } + /** + * Sets the OAuth custom parameters to pass in an OAuth request for popup and redirect sign-in + * operations. + * + * @remarks + * For a detailed list, check the reserved required OAuth 2.0 parameters such as `client_id`, + * `redirect_uri`, `scope`, `response_type`, and `state` are not allowed and will be ignored. + * + * @param customOAuthParameters - The custom OAuth parameters to pass in the OAuth request. + */ + setCustomParameters(customOAuthParameters) { + this.customParameters = customOAuthParameters; + return this; + } + /** + * Retrieve the current list of {@link CustomParameters}. + */ + getCustomParameters() { + return this.customParameters; + } +} + +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Common code to all OAuth providers. This is separate from the + * {@link OAuthProvider} so that child providers (like + * {@link GoogleAuthProvider}) don't inherit the `credential` instance method. + * Instead, they rely on a static `credential` method. + */ +class BaseOAuthProvider extends FederatedAuthProvider { + constructor() { + super(...arguments); + /** @internal */ + this.scopes = []; + } + /** + * Add an OAuth scope to the credential. + * + * @param scope - Provider OAuth scope to add. + */ + addScope(scope) { + // If not already added, add scope to list. + if (!this.scopes.includes(scope)) { + this.scopes.push(scope); + } + return this; + } + /** + * Retrieve the current list of OAuth scopes. + */ + getScopes() { + return [...this.scopes]; + } +} +/** + * Provider for generating generic {@link OAuthCredential}. + * + * @example + * ```javascript + * // Sign in using a redirect. + * const provider = new OAuthProvider('google.com'); + * // Start a sign in process for an unauthenticated user. + * provider.addScope('profile'); + * provider.addScope('email'); + * await signInWithRedirect(auth, provider); + * // This will trigger a full page redirect away from your app + * + * // After returning from the redirect when your app initializes you can obtain the result + * const result = await getRedirectResult(auth); + * if (result) { + * // This is the signed-in user + * const user = result.user; + * // This gives you a OAuth Access Token for the provider. + * const credential = provider.credentialFromResult(auth, result); + * const token = credential.accessToken; + * } + * ``` + * + * @example + * ```javascript + * // Sign in using a popup. + * const provider = new OAuthProvider('google.com'); + * provider.addScope('profile'); + * provider.addScope('email'); + * const result = await signInWithPopup(auth, provider); + * + * // The signed-in user info. + * const user = result.user; + * // This gives you a OAuth Access Token for the provider. + * const credential = provider.credentialFromResult(auth, result); + * const token = credential.accessToken; + * ``` + * @public + */ +class OAuthProvider extends BaseOAuthProvider { + /** + * Creates an {@link OAuthCredential} from a JSON string or a plain object. + * @param json - A plain object or a JSON string + */ + static credentialFromJSON(json) { + const obj = typeof json === 'string' ? JSON.parse(json) : json; + _assert('providerId' in obj && 'signInMethod' in obj, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */); + return OAuthCredential._fromParams(obj); + } + /** + * Creates a {@link OAuthCredential} from a generic OAuth provider's access token or ID token. + * + * @remarks + * The raw nonce is required when an ID token with a nonce field is provided. The SHA-256 hash of + * the raw nonce must match the nonce field in the ID token. + * + * @example + * ```javascript + * // `googleUser` from the onsuccess Google Sign In callback. + * // Initialize a generate OAuth provider with a `google.com` providerId. + * const provider = new OAuthProvider('google.com'); + * const credential = provider.credential({ + * idToken: googleUser.getAuthResponse().id_token, + * }); + * const result = await signInWithCredential(credential); + * ``` + * + * @param params - Either the options object containing the ID token, access token and raw nonce + * or the ID token string. + */ + credential(params) { + return this._credential({ ...params, nonce: params.rawNonce }); + } + /** An internal credential method that accepts more permissive options */ + _credential(params) { + _assert(params.idToken || params.accessToken, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */); + // For OAuthCredential, sign in method is same as providerId. + return OAuthCredential._fromParams({ + ...params, + providerId: this.providerId, + signInMethod: this.providerId + }); + } + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}. + * + * @param userCredential - The user credential. + */ + static credentialFromResult(userCredential) { + return OAuthProvider.oauthCredentialFromTaggedObject(userCredential); + } + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was + * thrown during a sign-in, link, or reauthenticate operation. + * + * @param userCredential - The user credential. + */ + static credentialFromError(error) { + return OAuthProvider.oauthCredentialFromTaggedObject((error.customData || {})); + } + static oauthCredentialFromTaggedObject({ _tokenResponse: tokenResponse }) { + if (!tokenResponse) { + return null; + } + const { oauthIdToken, oauthAccessToken, oauthTokenSecret, pendingToken, nonce, providerId } = tokenResponse; + if (!oauthAccessToken && + !oauthTokenSecret && + !oauthIdToken && + !pendingToken) { + return null; + } + if (!providerId) { + return null; + } + try { + return new OAuthProvider(providerId)._credential({ + idToken: oauthIdToken, + accessToken: oauthAccessToken, + nonce, + pendingToken + }); + } + catch (e) { + return null; + } + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.FACEBOOK. + * + * @example + * ```javascript + * // Sign in using a redirect. + * const provider = new FacebookAuthProvider(); + * // Start a sign in process for an unauthenticated user. + * provider.addScope('user_birthday'); + * await signInWithRedirect(auth, provider); + * // This will trigger a full page redirect away from your app + * + * // After returning from the redirect when your app initializes you can obtain the result + * const result = await getRedirectResult(auth); + * if (result) { + * // This is the signed-in user + * const user = result.user; + * // This gives you a Facebook Access Token. + * const credential = FacebookAuthProvider.credentialFromResult(result); + * const token = credential.accessToken; + * } + * ``` + * + * @example + * ```javascript + * // Sign in using a popup. + * const provider = new FacebookAuthProvider(); + * provider.addScope('user_birthday'); + * const result = await signInWithPopup(auth, provider); + * + * // The signed-in user info. + * const user = result.user; + * // This gives you a Facebook Access Token. + * const credential = FacebookAuthProvider.credentialFromResult(result); + * const token = credential.accessToken; + * ``` + * + * @public + */ +class FacebookAuthProvider extends BaseOAuthProvider { + constructor() { + super("facebook.com" /* ProviderId.FACEBOOK */); + } + /** + * Creates a credential for Facebook. + * + * @example + * ```javascript + * // `event` from the Facebook auth.authResponseChange callback. + * const credential = FacebookAuthProvider.credential(event.authResponse.accessToken); + * const result = await signInWithCredential(credential); + * ``` + * + * @param accessToken - Facebook access token. + */ + static credential(accessToken) { + return OAuthCredential._fromParams({ + providerId: FacebookAuthProvider.PROVIDER_ID, + signInMethod: FacebookAuthProvider.FACEBOOK_SIGN_IN_METHOD, + accessToken + }); + } + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}. + * + * @param userCredential - The user credential. + */ + static credentialFromResult(userCredential) { + return FacebookAuthProvider.credentialFromTaggedObject(userCredential); + } + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was + * thrown during a sign-in, link, or reauthenticate operation. + * + * @param userCredential - The user credential. + */ + static credentialFromError(error) { + return FacebookAuthProvider.credentialFromTaggedObject((error.customData || {})); + } + static credentialFromTaggedObject({ _tokenResponse: tokenResponse }) { + if (!tokenResponse || !('oauthAccessToken' in tokenResponse)) { + return null; + } + if (!tokenResponse.oauthAccessToken) { + return null; + } + try { + return FacebookAuthProvider.credential(tokenResponse.oauthAccessToken); + } + catch { + return null; + } + } +} +/** Always set to {@link SignInMethod}.FACEBOOK. */ +FacebookAuthProvider.FACEBOOK_SIGN_IN_METHOD = "facebook.com" /* SignInMethod.FACEBOOK */; +/** Always set to {@link ProviderId}.FACEBOOK. */ +FacebookAuthProvider.PROVIDER_ID = "facebook.com" /* ProviderId.FACEBOOK */; + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.GOOGLE. + * + * @example + * ```javascript + * // Sign in using a redirect. + * const provider = new GoogleAuthProvider(); + * // Start a sign in process for an unauthenticated user. + * provider.addScope('profile'); + * provider.addScope('email'); + * await signInWithRedirect(auth, provider); + * // This will trigger a full page redirect away from your app + * + * // After returning from the redirect when your app initializes you can obtain the result + * const result = await getRedirectResult(auth); + * if (result) { + * // This is the signed-in user + * const user = result.user; + * // This gives you a Google Access Token. + * const credential = GoogleAuthProvider.credentialFromResult(result); + * const token = credential.accessToken; + * } + * ``` + * + * @example + * ```javascript + * // Sign in using a popup. + * const provider = new GoogleAuthProvider(); + * provider.addScope('profile'); + * provider.addScope('email'); + * const result = await signInWithPopup(auth, provider); + * + * // The signed-in user info. + * const user = result.user; + * // This gives you a Google Access Token. + * const credential = GoogleAuthProvider.credentialFromResult(result); + * const token = credential.accessToken; + * ``` + * + * @public + */ +class GoogleAuthProvider extends BaseOAuthProvider { + constructor() { + super("google.com" /* ProviderId.GOOGLE */); + this.addScope('profile'); + } + /** + * Creates a credential for Google. At least one of ID token and access token is required. + * + * @example + * ```javascript + * // \`googleUser\` from the onsuccess Google Sign In callback. + * const credential = GoogleAuthProvider.credential(googleUser.getAuthResponse().id_token); + * const result = await signInWithCredential(credential); + * ``` + * + * @param idToken - Google ID token. + * @param accessToken - Google access token. + */ + static credential(idToken, accessToken) { + return OAuthCredential._fromParams({ + providerId: GoogleAuthProvider.PROVIDER_ID, + signInMethod: GoogleAuthProvider.GOOGLE_SIGN_IN_METHOD, + idToken, + accessToken + }); + } + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}. + * + * @param userCredential - The user credential. + */ + static credentialFromResult(userCredential) { + return GoogleAuthProvider.credentialFromTaggedObject(userCredential); + } + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was + * thrown during a sign-in, link, or reauthenticate operation. + * + * @param userCredential - The user credential. + */ + static credentialFromError(error) { + return GoogleAuthProvider.credentialFromTaggedObject((error.customData || {})); + } + static credentialFromTaggedObject({ _tokenResponse: tokenResponse }) { + if (!tokenResponse) { + return null; + } + const { oauthIdToken, oauthAccessToken } = tokenResponse; + if (!oauthIdToken && !oauthAccessToken) { + // This could be an oauth 1 credential or a phone credential + return null; + } + try { + return GoogleAuthProvider.credential(oauthIdToken, oauthAccessToken); + } + catch { + return null; + } + } +} +/** Always set to {@link SignInMethod}.GOOGLE. */ +GoogleAuthProvider.GOOGLE_SIGN_IN_METHOD = "google.com" /* SignInMethod.GOOGLE */; +/** Always set to {@link ProviderId}.GOOGLE. */ +GoogleAuthProvider.PROVIDER_ID = "google.com" /* ProviderId.GOOGLE */; + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.GITHUB. + * + * @remarks + * GitHub requires an OAuth 2.0 redirect, so you can either handle the redirect directly, or use + * the {@link signInWithPopup} handler: + * + * @example + * ```javascript + * // Sign in using a redirect. + * const provider = new GithubAuthProvider(); + * // Start a sign in process for an unauthenticated user. + * provider.addScope('repo'); + * await signInWithRedirect(auth, provider); + * // This will trigger a full page redirect away from your app + * + * // After returning from the redirect when your app initializes you can obtain the result + * const result = await getRedirectResult(auth); + * if (result) { + * // This is the signed-in user + * const user = result.user; + * // This gives you a GitHub Access Token. + * const credential = GithubAuthProvider.credentialFromResult(result); + * const token = credential.accessToken; + * } + * ``` + * + * @example + * ```javascript + * // Sign in using a popup. + * const provider = new GithubAuthProvider(); + * provider.addScope('repo'); + * const result = await signInWithPopup(auth, provider); + * + * // The signed-in user info. + * const user = result.user; + * // This gives you a GitHub Access Token. + * const credential = GithubAuthProvider.credentialFromResult(result); + * const token = credential.accessToken; + * ``` + * @public + */ +class GithubAuthProvider extends BaseOAuthProvider { + constructor() { + super("github.com" /* ProviderId.GITHUB */); + } + /** + * Creates a credential for GitHub. + * + * @param accessToken - GitHub access token. + */ + static credential(accessToken) { + return OAuthCredential._fromParams({ + providerId: GithubAuthProvider.PROVIDER_ID, + signInMethod: GithubAuthProvider.GITHUB_SIGN_IN_METHOD, + accessToken + }); + } + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}. + * + * @param userCredential - The user credential. + */ + static credentialFromResult(userCredential) { + return GithubAuthProvider.credentialFromTaggedObject(userCredential); + } + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was + * thrown during a sign-in, link, or reauthenticate operation. + * + * @param userCredential - The user credential. + */ + static credentialFromError(error) { + return GithubAuthProvider.credentialFromTaggedObject((error.customData || {})); + } + static credentialFromTaggedObject({ _tokenResponse: tokenResponse }) { + if (!tokenResponse || !('oauthAccessToken' in tokenResponse)) { + return null; + } + if (!tokenResponse.oauthAccessToken) { + return null; + } + try { + return GithubAuthProvider.credential(tokenResponse.oauthAccessToken); + } + catch { + return null; + } + } +} +/** Always set to {@link SignInMethod}.GITHUB. */ +GithubAuthProvider.GITHUB_SIGN_IN_METHOD = "github.com" /* SignInMethod.GITHUB */; +/** Always set to {@link ProviderId}.GITHUB. */ +GithubAuthProvider.PROVIDER_ID = "github.com" /* ProviderId.GITHUB */; + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +const IDP_REQUEST_URI = 'http://localhost'; +/** + * @public + */ +class SAMLAuthCredential extends AuthCredential { + /** @internal */ + constructor(providerId, pendingToken) { + super(providerId, providerId); + this.pendingToken = pendingToken; + } + /** @internal */ + _getIdTokenResponse(auth) { + const request = this.buildRequest(); + return signInWithIdp(auth, request); + } + /** @internal */ + _linkToIdToken(auth, idToken) { + const request = this.buildRequest(); + request.idToken = idToken; + return signInWithIdp(auth, request); + } + /** @internal */ + _getReauthenticationResolver(auth) { + const request = this.buildRequest(); + request.autoCreate = false; + return signInWithIdp(auth, request); + } + /** {@inheritdoc AuthCredential.toJSON} */ + toJSON() { + return { + signInMethod: this.signInMethod, + providerId: this.providerId, + pendingToken: this.pendingToken + }; + } + /** + * Static method to deserialize a JSON representation of an object into an + * {@link AuthCredential}. + * + * @param json - Input can be either Object or the stringified representation of the object. + * When string is provided, JSON.parse would be called first. + * + * @returns If the JSON input does not represent an {@link AuthCredential}, null is returned. + */ + static fromJSON(json) { + const obj = typeof json === 'string' ? JSON.parse(json) : json; + const { providerId, signInMethod, pendingToken } = obj; + if (!providerId || + !signInMethod || + !pendingToken || + providerId !== signInMethod) { + return null; + } + return new SAMLAuthCredential(providerId, pendingToken); + } + /** + * Helper static method to avoid exposing the constructor to end users. + * + * @internal + */ + static _create(providerId, pendingToken) { + return new SAMLAuthCredential(providerId, pendingToken); + } + buildRequest() { + return { + requestUri: IDP_REQUEST_URI, + returnSecureToken: true, + pendingToken: this.pendingToken + }; + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +const SAML_PROVIDER_PREFIX = 'saml.'; +/** + * An {@link AuthProvider} for SAML. + * + * @public + */ +class SAMLAuthProvider extends FederatedAuthProvider { + /** + * Constructor. The providerId must start with "saml." + * @param providerId - SAML provider ID. + */ + constructor(providerId) { + _assert(providerId.startsWith(SAML_PROVIDER_PREFIX), "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */); + super(providerId); + } + /** + * Generates an {@link AuthCredential} from a {@link UserCredential} after a + * successful SAML flow completes. + * + * @remarks + * + * For example, to get an {@link AuthCredential}, you could write the + * following code: + * + * ```js + * const userCredential = await signInWithPopup(auth, samlProvider); + * const credential = SAMLAuthProvider.credentialFromResult(userCredential); + * ``` + * + * @param userCredential - The user credential. + */ + static credentialFromResult(userCredential) { + return SAMLAuthProvider.samlCredentialFromTaggedObject(userCredential); + } + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was + * thrown during a sign-in, link, or reauthenticate operation. + * + * @param userCredential - The user credential. + */ + static credentialFromError(error) { + return SAMLAuthProvider.samlCredentialFromTaggedObject((error.customData || {})); + } + /** + * Creates an {@link AuthCredential} from a JSON string or a plain object. + * @param json - A plain object or a JSON string + */ + static credentialFromJSON(json) { + const credential = SAMLAuthCredential.fromJSON(json); + _assert(credential, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */); + return credential; + } + static samlCredentialFromTaggedObject({ _tokenResponse: tokenResponse }) { + if (!tokenResponse) { + return null; + } + const { pendingToken, providerId } = tokenResponse; + if (!pendingToken || !providerId) { + return null; + } + try { + return SAMLAuthCredential._create(providerId, pendingToken); + } + catch (e) { + return null; + } + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.TWITTER. + * + * @example + * ```javascript + * // Sign in using a redirect. + * const provider = new TwitterAuthProvider(); + * // Start a sign in process for an unauthenticated user. + * await signInWithRedirect(auth, provider); + * // This will trigger a full page redirect away from your app + * + * // After returning from the redirect when your app initializes you can obtain the result + * const result = await getRedirectResult(auth); + * if (result) { + * // This is the signed-in user + * const user = result.user; + * // This gives you a Twitter Access Token and Secret. + * const credential = TwitterAuthProvider.credentialFromResult(result); + * const token = credential.accessToken; + * const secret = credential.secret; + * } + * ``` + * + * @example + * ```javascript + * // Sign in using a popup. + * const provider = new TwitterAuthProvider(); + * const result = await signInWithPopup(auth, provider); + * + * // The signed-in user info. + * const user = result.user; + * // This gives you a Twitter Access Token and Secret. + * const credential = TwitterAuthProvider.credentialFromResult(result); + * const token = credential.accessToken; + * const secret = credential.secret; + * ``` + * + * @public + */ +class TwitterAuthProvider extends BaseOAuthProvider { + constructor() { + super("twitter.com" /* ProviderId.TWITTER */); + } + /** + * Creates a credential for Twitter. + * + * @param token - Twitter access token. + * @param secret - Twitter secret. + */ + static credential(token, secret) { + return OAuthCredential._fromParams({ + providerId: TwitterAuthProvider.PROVIDER_ID, + signInMethod: TwitterAuthProvider.TWITTER_SIGN_IN_METHOD, + oauthToken: token, + oauthTokenSecret: secret + }); + } + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}. + * + * @param userCredential - The user credential. + */ + static credentialFromResult(userCredential) { + return TwitterAuthProvider.credentialFromTaggedObject(userCredential); + } + /** + * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was + * thrown during a sign-in, link, or reauthenticate operation. + * + * @param userCredential - The user credential. + */ + static credentialFromError(error) { + return TwitterAuthProvider.credentialFromTaggedObject((error.customData || {})); + } + static credentialFromTaggedObject({ _tokenResponse: tokenResponse }) { + if (!tokenResponse) { + return null; + } + const { oauthAccessToken, oauthTokenSecret } = tokenResponse; + if (!oauthAccessToken || !oauthTokenSecret) { + return null; + } + try { + return TwitterAuthProvider.credential(oauthAccessToken, oauthTokenSecret); + } + catch { + return null; + } + } +} +/** Always set to {@link SignInMethod}.TWITTER. */ +TwitterAuthProvider.TWITTER_SIGN_IN_METHOD = "twitter.com" /* SignInMethod.TWITTER */; +/** Always set to {@link ProviderId}.TWITTER. */ +TwitterAuthProvider.PROVIDER_ID = "twitter.com" /* ProviderId.TWITTER */; + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +async function signUp(auth, request) { + return _performSignInRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:signUp" /* Endpoint.SIGN_UP */, _addTidIfNecessary(auth, request)); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +class UserCredentialImpl { + constructor(params) { + this.user = params.user; + this.providerId = params.providerId; + this._tokenResponse = params._tokenResponse; + this.operationType = params.operationType; + } + static async _fromIdTokenResponse(auth, operationType, idTokenResponse, isAnonymous = false) { + const user = await UserImpl._fromIdTokenResponse(auth, idTokenResponse, isAnonymous); + const providerId = providerIdForResponse(idTokenResponse); + const userCred = new UserCredentialImpl({ + user, + providerId, + _tokenResponse: idTokenResponse, + operationType + }); + return userCred; + } + static async _forOperation(user, operationType, response) { + await user._updateTokensIfNecessary(response, /* reload */ true); + const providerId = providerIdForResponse(response); + return new UserCredentialImpl({ + user, + providerId, + _tokenResponse: response, + operationType + }); + } +} +function providerIdForResponse(response) { + if (response.providerId) { + return response.providerId; + } + if ('phoneNumber' in response) { + return "phone" /* ProviderId.PHONE */; + } + return null; +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Asynchronously signs in as an anonymous user. + * + * @remarks + * If there is already an anonymous user signed in, that user will be returned; otherwise, a + * new anonymous user identity will be created and returned. + * + * This method is not supported by {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * @param auth - The {@link Auth} instance. + * + * @public + */ +async function signInAnonymously(auth) { + if (app._isFirebaseServerApp(auth.app)) { + return Promise.reject(_serverAppCurrentUserOperationNotSupportedError(auth)); + } + const authInternal = _castAuth(auth); + await authInternal._initializationPromise; + if (authInternal.currentUser?.isAnonymous) { + // If an anonymous user is already signed in, no need to sign them in again. + return new UserCredentialImpl({ + user: authInternal.currentUser, + providerId: null, + operationType: "signIn" /* OperationType.SIGN_IN */ + }); + } + const response = await signUp(authInternal, { + returnSecureToken: true + }); + const userCredential = await UserCredentialImpl._fromIdTokenResponse(authInternal, "signIn" /* OperationType.SIGN_IN */, response, true); + await authInternal._updateCurrentUser(userCredential.user); + return userCredential; +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +class MultiFactorError extends util.FirebaseError { + constructor(auth, error, operationType, user) { + super(error.code, error.message); + this.operationType = operationType; + this.user = user; + // https://github.com/Microsoft/TypeScript-wiki/blob/master/Breaking-Changes.md#extending-built-ins-like-error-array-and-map-may-no-longer-work + Object.setPrototypeOf(this, MultiFactorError.prototype); + this.customData = { + appName: auth.name, + tenantId: auth.tenantId ?? undefined, + _serverResponse: error.customData._serverResponse, + operationType + }; + } + static _fromErrorAndOperation(auth, error, operationType, user) { + return new MultiFactorError(auth, error, operationType, user); + } +} +function _processCredentialSavingMfaContextIfNecessary(auth, operationType, credential, user) { + const idTokenProvider = operationType === "reauthenticate" /* OperationType.REAUTHENTICATE */ + ? credential._getReauthenticationResolver(auth) + : credential._getIdTokenResponse(auth); + return idTokenProvider.catch(error => { + if (error.code === `auth/${"multi-factor-auth-required" /* AuthErrorCode.MFA_REQUIRED */}`) { + throw MultiFactorError._fromErrorAndOperation(auth, error, operationType, user); + } + throw error; + }); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Takes a set of UserInfo provider data and converts it to a set of names + */ +function providerDataAsNames(providerData) { + return new Set(providerData + .map(({ providerId }) => providerId) + .filter(pid => !!pid)); +} + +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Unlinks a provider from a user account. + * + * @param user - The user. + * @param providerId - The provider to unlink. + * + * @public + */ +async function unlink(user, providerId) { + const userInternal = util.getModularInstance(user); + await _assertLinkedStatus(true, userInternal, providerId); + const { providerUserInfo } = await deleteLinkedAccounts(userInternal.auth, { + idToken: await userInternal.getIdToken(), + deleteProvider: [providerId] + }); + const providersLeft = providerDataAsNames(providerUserInfo || []); + userInternal.providerData = userInternal.providerData.filter(pd => providersLeft.has(pd.providerId)); + if (!providersLeft.has("phone" /* ProviderId.PHONE */)) { + userInternal.phoneNumber = null; + } + await userInternal.auth._persistUserIfCurrent(userInternal); + return userInternal; +} +async function _link(user, credential, bypassAuthState = false) { + const response = await _logoutIfInvalidated(user, credential._linkToIdToken(user.auth, await user.getIdToken()), bypassAuthState); + return UserCredentialImpl._forOperation(user, "link" /* OperationType.LINK */, response); +} +async function _assertLinkedStatus(expected, user, provider) { + await _reloadWithoutSaving(user); + const providerIds = providerDataAsNames(user.providerData); + const code = expected === false + ? "provider-already-linked" /* AuthErrorCode.PROVIDER_ALREADY_LINKED */ + : "no-such-provider" /* AuthErrorCode.NO_SUCH_PROVIDER */; + _assert(providerIds.has(provider) === expected, user.auth, code); +} + +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +async function _reauthenticate(user, credential, bypassAuthState = false) { + const { auth } = user; + if (app._isFirebaseServerApp(auth.app)) { + return Promise.reject(_serverAppCurrentUserOperationNotSupportedError(auth)); + } + const operationType = "reauthenticate" /* OperationType.REAUTHENTICATE */; + try { + const response = await _logoutIfInvalidated(user, _processCredentialSavingMfaContextIfNecessary(auth, operationType, credential, user), bypassAuthState); + _assert(response.idToken, auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + const parsed = _parseToken(response.idToken); + _assert(parsed, auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + const { sub: localId } = parsed; + _assert(user.uid === localId, auth, "user-mismatch" /* AuthErrorCode.USER_MISMATCH */); + return UserCredentialImpl._forOperation(user, operationType, response); + } + catch (e) { + // Convert user deleted error into user mismatch + if (e?.code === `auth/${"user-not-found" /* AuthErrorCode.USER_DELETED */}`) { + _fail(auth, "user-mismatch" /* AuthErrorCode.USER_MISMATCH */); + } + throw e; + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +async function _signInWithCredential(auth, credential, bypassAuthState = false) { + if (app._isFirebaseServerApp(auth.app)) { + return Promise.reject(_serverAppCurrentUserOperationNotSupportedError(auth)); + } + const operationType = "signIn" /* OperationType.SIGN_IN */; + const response = await _processCredentialSavingMfaContextIfNecessary(auth, operationType, credential); + const userCredential = await UserCredentialImpl._fromIdTokenResponse(auth, operationType, response); + if (!bypassAuthState) { + await auth._updateCurrentUser(userCredential.user); + } + return userCredential; +} +/** + * Asynchronously signs in with the given credentials. + * + * @remarks + * An {@link AuthProvider} can be used to generate the credential. + * + * This method is not supported by {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * @param auth - The {@link Auth} instance. + * @param credential - The auth credential. + * + * @public + */ +async function signInWithCredential(auth, credential) { + return _signInWithCredential(_castAuth(auth), credential); +} +/** + * Links the user account with the given credentials. + * + * @remarks + * An {@link AuthProvider} can be used to generate the credential. + * + * @param user - The user. + * @param credential - The auth credential. + * + * @public + */ +async function linkWithCredential(user, credential) { + const userInternal = util.getModularInstance(user); + await _assertLinkedStatus(false, userInternal, credential.providerId); + return _link(userInternal, credential); +} +/** + * Re-authenticates a user using a fresh credential. + * + * @remarks + * Use before operations such as {@link updatePassword} that require tokens from recent sign-in + * attempts. This method can be used to recover from a `CREDENTIAL_TOO_OLD_LOGIN_AGAIN` error + * or a `TOKEN_EXPIRED` error. + * + * This method is not supported on any {@link User} signed in by {@link Auth} instances + * created with a {@link @firebase/app#FirebaseServerApp}. + * + * @param user - The user. + * @param credential - The auth credential. + * + * @public + */ +async function reauthenticateWithCredential(user, credential) { + return _reauthenticate(util.getModularInstance(user), credential); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +async function signInWithCustomToken$1(auth, request) { + return _performSignInRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:signInWithCustomToken" /* Endpoint.SIGN_IN_WITH_CUSTOM_TOKEN */, _addTidIfNecessary(auth, request)); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Asynchronously signs in using a custom token. + * + * @remarks + * Custom tokens are used to integrate Firebase Auth with existing auth systems, and must + * be generated by an auth backend using the + * {@link https://firebase.google.com/docs/reference/admin/node/admin.auth.Auth#createcustomtoken | createCustomToken} + * method in the {@link https://firebase.google.com/docs/auth/admin | Admin SDK} . + * + * Fails with an error if the token is invalid, expired, or not accepted by the Firebase Auth service. + * + * This method is not supported by {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * @param auth - The {@link Auth} instance. + * @param customToken - The custom token to sign in with. + * + * @public + */ +async function signInWithCustomToken(auth, customToken) { + if (app._isFirebaseServerApp(auth.app)) { + return Promise.reject(_serverAppCurrentUserOperationNotSupportedError(auth)); + } + const authInternal = _castAuth(auth); + const response = await signInWithCustomToken$1(authInternal, { + token: customToken, + returnSecureToken: true + }); + const cred = await UserCredentialImpl._fromIdTokenResponse(authInternal, "signIn" /* OperationType.SIGN_IN */, response); + await authInternal._updateCurrentUser(cred.user); + return cred; +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +class MultiFactorInfoImpl { + constructor(factorId, response) { + this.factorId = factorId; + this.uid = response.mfaEnrollmentId; + this.enrollmentTime = new Date(response.enrolledAt).toUTCString(); + this.displayName = response.displayName; + } + static _fromServerResponse(auth, enrollment) { + if ('phoneInfo' in enrollment) { + return PhoneMultiFactorInfoImpl._fromServerResponse(auth, enrollment); + } + else if ('totpInfo' in enrollment) { + return TotpMultiFactorInfoImpl._fromServerResponse(auth, enrollment); + } + return _fail(auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + } +} +class PhoneMultiFactorInfoImpl extends MultiFactorInfoImpl { + constructor(response) { + super("phone" /* FactorId.PHONE */, response); + this.phoneNumber = response.phoneInfo; + } + static _fromServerResponse(_auth, enrollment) { + return new PhoneMultiFactorInfoImpl(enrollment); + } +} +class TotpMultiFactorInfoImpl extends MultiFactorInfoImpl { + constructor(response) { + super("totp" /* FactorId.TOTP */, response); + } + static _fromServerResponse(_auth, enrollment) { + return new TotpMultiFactorInfoImpl(enrollment); + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +function _setActionCodeSettingsOnRequest(auth, request, actionCodeSettings) { + _assert(actionCodeSettings.url?.length > 0, auth, "invalid-continue-uri" /* AuthErrorCode.INVALID_CONTINUE_URI */); + _assert(typeof actionCodeSettings.dynamicLinkDomain === 'undefined' || + actionCodeSettings.dynamicLinkDomain.length > 0, auth, "invalid-dynamic-link-domain" /* AuthErrorCode.INVALID_DYNAMIC_LINK_DOMAIN */); + _assert(typeof actionCodeSettings.linkDomain === 'undefined' || + actionCodeSettings.linkDomain.length > 0, auth, "invalid-hosting-link-domain" /* AuthErrorCode.INVALID_HOSTING_LINK_DOMAIN */); + request.continueUrl = actionCodeSettings.url; + request.dynamicLinkDomain = actionCodeSettings.dynamicLinkDomain; + request.linkDomain = actionCodeSettings.linkDomain; + request.canHandleCodeInApp = actionCodeSettings.handleCodeInApp; + if (actionCodeSettings.iOS) { + _assert(actionCodeSettings.iOS.bundleId.length > 0, auth, "missing-ios-bundle-id" /* AuthErrorCode.MISSING_IOS_BUNDLE_ID */); + request.iOSBundleId = actionCodeSettings.iOS.bundleId; + } + if (actionCodeSettings.android) { + _assert(actionCodeSettings.android.packageName.length > 0, auth, "missing-android-pkg-name" /* AuthErrorCode.MISSING_ANDROID_PACKAGE_NAME */); + request.androidInstallApp = actionCodeSettings.android.installApp; + request.androidMinimumVersionCode = + actionCodeSettings.android.minimumVersion; + request.androidPackageName = actionCodeSettings.android.packageName; + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Updates the password policy cached in the {@link Auth} instance if a policy is already + * cached for the project or tenant. + * + * @remarks + * We only fetch the password policy if the password did not meet policy requirements and + * there is an existing policy cached. A developer must call validatePassword at least + * once for the cache to be automatically updated. + * + * @param auth - The {@link Auth} instance. + * + * @private + */ +async function recachePasswordPolicy(auth) { + const authInternal = _castAuth(auth); + if (authInternal._getPasswordPolicyInternal()) { + await authInternal._updatePasswordPolicy(); + } +} +/** + * Sends a password reset email to the given email address. This method does not throw an error when + * there's no user account with the given email address and + * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection} + * is enabled. + * + * @remarks + * To complete the password reset, call {@link confirmPasswordReset} with the code supplied in + * the email sent to the user, along with the new password specified by the user. + * + * @example + * ```javascript + * const actionCodeSettings = { + * url: 'https://www.example.com/?email=user@example.com', + * iOS: { + * bundleId: 'com.example.ios' + * }, + * android: { + * packageName: 'com.example.android', + * installApp: true, + * minimumVersion: '12' + * }, + * handleCodeInApp: true + * }; + * await sendPasswordResetEmail(auth, 'user@example.com', actionCodeSettings); + * // Obtain code from user. + * await confirmPasswordReset('user@example.com', code); + * ``` + * + * @param auth - The {@link Auth} instance. + * @param email - The user's email address. + * @param actionCodeSettings - The {@link ActionCodeSettings}. + * + * @public + */ +async function sendPasswordResetEmail(auth, email, actionCodeSettings) { + const authInternal = _castAuth(auth); + const request = { + requestType: "PASSWORD_RESET" /* ActionCodeOperation.PASSWORD_RESET */, + email, + clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ + }; + if (actionCodeSettings) { + _setActionCodeSettingsOnRequest(authInternal, request, actionCodeSettings); + } + await handleRecaptchaFlow(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, sendPasswordResetEmail$1, "EMAIL_PASSWORD_PROVIDER" /* RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER */); +} +/** + * Completes the password reset process, given a confirmation code and new password. + * + * @param auth - The {@link Auth} instance. + * @param oobCode - A confirmation code sent to the user. + * @param newPassword - The new password. + * + * @public + */ +async function confirmPasswordReset(auth, oobCode, newPassword) { + await resetPassword(util.getModularInstance(auth), { + oobCode, + newPassword + }) + .catch(async (error) => { + if (error.code === + `auth/${"password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */}`) { + void recachePasswordPolicy(auth); + } + throw error; + }); + // Do not return the email. +} +/** + * Applies a verification code sent to the user by email or other out-of-band mechanism. + * + * @param auth - The {@link Auth} instance. + * @param oobCode - A verification code sent to the user. + * + * @public + */ +async function applyActionCode(auth, oobCode) { + await applyActionCode$1(util.getModularInstance(auth), { oobCode }); +} +/** + * Checks a verification code sent to the user by email or other out-of-band mechanism. + * + * @returns metadata about the code. + * + * @param auth - The {@link Auth} instance. + * @param oobCode - A verification code sent to the user. + * + * @public + */ +async function checkActionCode(auth, oobCode) { + const authModular = util.getModularInstance(auth); + const response = await resetPassword(authModular, { oobCode }); + // Email could be empty only if the request type is EMAIL_SIGNIN or + // VERIFY_AND_CHANGE_EMAIL. + // New email should not be empty if the request type is + // VERIFY_AND_CHANGE_EMAIL. + // Multi-factor info could not be empty if the request type is + // REVERT_SECOND_FACTOR_ADDITION. + const operation = response.requestType; + _assert(operation, authModular, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + switch (operation) { + case "EMAIL_SIGNIN" /* ActionCodeOperation.EMAIL_SIGNIN */: + break; + case "VERIFY_AND_CHANGE_EMAIL" /* ActionCodeOperation.VERIFY_AND_CHANGE_EMAIL */: + _assert(response.newEmail, authModular, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + break; + case "REVERT_SECOND_FACTOR_ADDITION" /* ActionCodeOperation.REVERT_SECOND_FACTOR_ADDITION */: + _assert(response.mfaInfo, authModular, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + // fall through + default: + _assert(response.email, authModular, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + } + // The multi-factor info for revert second factor addition + let multiFactorInfo = null; + if (response.mfaInfo) { + multiFactorInfo = MultiFactorInfoImpl._fromServerResponse(_castAuth(authModular), response.mfaInfo); + } + return { + data: { + email: (response.requestType === "VERIFY_AND_CHANGE_EMAIL" /* ActionCodeOperation.VERIFY_AND_CHANGE_EMAIL */ + ? response.newEmail + : response.email) || null, + previousEmail: (response.requestType === "VERIFY_AND_CHANGE_EMAIL" /* ActionCodeOperation.VERIFY_AND_CHANGE_EMAIL */ + ? response.email + : response.newEmail) || null, + multiFactorInfo + }, + operation + }; +} +/** + * Checks a password reset code sent to the user by email or other out-of-band mechanism. + * + * @returns the user's email address if valid. + * + * @param auth - The {@link Auth} instance. + * @param code - A verification code sent to the user. + * + * @public + */ +async function verifyPasswordResetCode(auth, code) { + const { data } = await checkActionCode(util.getModularInstance(auth), code); + // Email should always be present since a code was sent to it + return data.email; +} +/** + * Creates a new user account associated with the specified email address and password. + * + * @remarks + * On successful creation of the user account, this user will also be signed in to your application. + * + * User account creation can fail if the account already exists or the password is invalid. + * + * This method is not supported on {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * Note: The email address acts as a unique identifier for the user and enables an email-based + * password reset. This function will create a new user account and set the initial user password. + * + * @param auth - The {@link Auth} instance. + * @param email - The user's email address. + * @param password - The user's chosen password. + * + * @public + */ +async function createUserWithEmailAndPassword(auth, email, password) { + if (app._isFirebaseServerApp(auth.app)) { + return Promise.reject(_serverAppCurrentUserOperationNotSupportedError(auth)); + } + const authInternal = _castAuth(auth); + const request = { + returnSecureToken: true, + email, + password, + clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ + }; + const signUpResponse = handleRecaptchaFlow(authInternal, request, "signUpPassword" /* RecaptchaActionName.SIGN_UP_PASSWORD */, signUp, "EMAIL_PASSWORD_PROVIDER" /* RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER */); + const response = await signUpResponse.catch(error => { + if (error.code === `auth/${"password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */}`) { + void recachePasswordPolicy(auth); + } + throw error; + }); + const userCredential = await UserCredentialImpl._fromIdTokenResponse(authInternal, "signIn" /* OperationType.SIGN_IN */, response); + await authInternal._updateCurrentUser(userCredential.user); + return userCredential; +} +/** + * Asynchronously signs in using an email and password. + * + * @remarks + * Fails with an error if the email address and password do not match. When + * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection} + * is enabled, this method fails with "auth/invalid-credential" in case of an invalid + * email/password. + * + * This method is not supported on {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * Note: The user's password is NOT the password used to access the user's email account. The + * email address serves as a unique identifier for the user, and the password is used to access + * the user's account in your Firebase project. See also: {@link createUserWithEmailAndPassword}. + * + * + * @param auth - The {@link Auth} instance. + * @param email - The users email address. + * @param password - The users password. + * + * @public + */ +function signInWithEmailAndPassword(auth, email, password) { + if (app._isFirebaseServerApp(auth.app)) { + return Promise.reject(_serverAppCurrentUserOperationNotSupportedError(auth)); + } + return signInWithCredential(util.getModularInstance(auth), EmailAuthProvider.credential(email, password)).catch(async (error) => { + if (error.code === `auth/${"password-does-not-meet-requirements" /* AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS */}`) { + void recachePasswordPolicy(auth); + } + throw error; + }); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Sends a sign-in email link to the user with the specified email. + * + * @remarks + * The sign-in operation has to always be completed in the app unlike other out of band email + * actions (password reset and email verifications). This is because, at the end of the flow, + * the user is expected to be signed in and their Auth state persisted within the app. + * + * To complete sign in with the email link, call {@link signInWithEmailLink} with the email + * address and the email link supplied in the email sent to the user. + * + * @example + * ```javascript + * const actionCodeSettings = { + * url: 'https://www.example.com/?email=user@example.com', + * iOS: { + * bundleId: 'com.example.ios' + * }, + * android: { + * packageName: 'com.example.android', + * installApp: true, + * minimumVersion: '12' + * }, + * handleCodeInApp: true + * }; + * await sendSignInLinkToEmail(auth, 'user@example.com', actionCodeSettings); + * // Obtain emailLink from the user. + * if(isSignInWithEmailLink(auth, emailLink)) { + * await signInWithEmailLink(auth, 'user@example.com', emailLink); + * } + * ``` + * + * @param authInternal - The {@link Auth} instance. + * @param email - The user's email address. + * @param actionCodeSettings - The {@link ActionCodeSettings}. + * + * @public + */ +async function sendSignInLinkToEmail(auth, email, actionCodeSettings) { + const authInternal = _castAuth(auth); + const request = { + requestType: "EMAIL_SIGNIN" /* ActionCodeOperation.EMAIL_SIGNIN */, + email, + clientType: "CLIENT_TYPE_WEB" /* RecaptchaClientType.WEB */ + }; + function setActionCodeSettings(request, actionCodeSettings) { + _assert(actionCodeSettings.handleCodeInApp, authInternal, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */); + if (actionCodeSettings) { + _setActionCodeSettingsOnRequest(authInternal, request, actionCodeSettings); + } + } + setActionCodeSettings(request, actionCodeSettings); + await handleRecaptchaFlow(authInternal, request, "getOobCode" /* RecaptchaActionName.GET_OOB_CODE */, sendSignInLinkToEmail$1, "EMAIL_PASSWORD_PROVIDER" /* RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER */); +} +/** + * Checks if an incoming link is a sign-in with email link suitable for {@link signInWithEmailLink}. + * + * @param auth - The {@link Auth} instance. + * @param emailLink - The link sent to the user's email address. + * + * @public + */ +function isSignInWithEmailLink(auth, emailLink) { + const actionCodeUrl = ActionCodeURL.parseLink(emailLink); + return actionCodeUrl?.operation === "EMAIL_SIGNIN" /* ActionCodeOperation.EMAIL_SIGNIN */; +} +/** + * Asynchronously signs in using an email and sign-in email link. + * + * @remarks + * If no link is passed, the link is inferred from the current URL. + * + * Fails with an error if the email address is invalid or OTP in email link expires. + * + * This method is not supported by {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * Note: Confirm the link is a sign-in email link before calling this method firebase.auth.Auth.isSignInWithEmailLink. + * + * @example + * ```javascript + * const actionCodeSettings = { + * url: 'https://www.example.com/?email=user@example.com', + * iOS: { + * bundleId: 'com.example.ios' + * }, + * android: { + * packageName: 'com.example.android', + * installApp: true, + * minimumVersion: '12' + * }, + * handleCodeInApp: true + * }; + * await sendSignInLinkToEmail(auth, 'user@example.com', actionCodeSettings); + * // Obtain emailLink from the user. + * if(isSignInWithEmailLink(auth, emailLink)) { + * await signInWithEmailLink(auth, 'user@example.com', emailLink); + * } + * ``` + * + * + * @param auth - The {@link Auth} instance. + * @param email - The user's email address. + * @param emailLink - The link sent to the user's email address. + * + * @public + */ +async function signInWithEmailLink(auth, email, emailLink) { + if (app._isFirebaseServerApp(auth.app)) { + return Promise.reject(_serverAppCurrentUserOperationNotSupportedError(auth)); + } + const authModular = util.getModularInstance(auth); + const credential = EmailAuthProvider.credentialWithLink(email, emailLink || _getCurrentUrl()); + // Check if the tenant ID in the email link matches the tenant ID on Auth + // instance. + _assert(credential._tenantId === (authModular.tenantId || null), authModular, "tenant-id-mismatch" /* AuthErrorCode.TENANT_ID_MISMATCH */); + return signInWithCredential(authModular, credential); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +async function createAuthUri(auth, request) { + return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:createAuthUri" /* Endpoint.CREATE_AUTH_URI */, _addTidIfNecessary(auth, request)); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Gets the list of possible sign in methods for the given email address. This method returns an + * empty list when + * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection} + * is enabled, irrespective of the number of authentication methods available for the given email. + * + * @remarks + * This is useful to differentiate methods of sign-in for the same provider, eg. + * {@link EmailAuthProvider} which has 2 methods of sign-in, + * {@link SignInMethod}.EMAIL_PASSWORD and + * {@link SignInMethod}.EMAIL_LINK. + * + * @param auth - The {@link Auth} instance. + * @param email - The user's email address. + * + * Deprecated. Migrating off of this method is recommended as a security best-practice. + * Learn more in the Identity Platform documentation for + * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}. + * @public + */ +async function fetchSignInMethodsForEmail(auth, email) { + // createAuthUri returns an error if continue URI is not http or https. + // For environments like Cordova, Chrome extensions, native frameworks, file + // systems, etc, use http://localhost as continue URL. + const continueUri = _isHttpOrHttps() ? _getCurrentUrl() : 'http://localhost'; + const request = { + identifier: email, + continueUri + }; + const { signinMethods } = await createAuthUri(util.getModularInstance(auth), request); + return signinMethods || []; +} +/** + * Sends a verification email to a user. + * + * @remarks + * The verification process is completed by calling {@link applyActionCode}. + * + * @example + * ```javascript + * const actionCodeSettings = { + * url: 'https://www.example.com/?email=user@example.com', + * iOS: { + * bundleId: 'com.example.ios' + * }, + * android: { + * packageName: 'com.example.android', + * installApp: true, + * minimumVersion: '12' + * }, + * handleCodeInApp: true + * }; + * await sendEmailVerification(user, actionCodeSettings); + * // Obtain code from the user. + * await applyActionCode(auth, code); + * ``` + * + * @param user - The user. + * @param actionCodeSettings - The {@link ActionCodeSettings}. + * + * @public + */ +async function sendEmailVerification(user, actionCodeSettings) { + const userInternal = util.getModularInstance(user); + const idToken = await user.getIdToken(); + const request = { + requestType: "VERIFY_EMAIL" /* ActionCodeOperation.VERIFY_EMAIL */, + idToken + }; + if (actionCodeSettings) { + _setActionCodeSettingsOnRequest(userInternal.auth, request, actionCodeSettings); + } + const { email } = await sendEmailVerification$1(userInternal.auth, request); + if (email !== user.email) { + await user.reload(); + } +} +/** + * Sends a verification email to a new email address. + * + * @remarks + * The user's email will be updated to the new one after being verified. + * + * If you have a custom email action handler, you can complete the verification process by calling + * {@link applyActionCode}. + * + * @example + * ```javascript + * const actionCodeSettings = { + * url: 'https://www.example.com/?email=user@example.com', + * iOS: { + * bundleId: 'com.example.ios' + * }, + * android: { + * packageName: 'com.example.android', + * installApp: true, + * minimumVersion: '12' + * }, + * handleCodeInApp: true + * }; + * await verifyBeforeUpdateEmail(user, 'newemail@example.com', actionCodeSettings); + * // Obtain code from the user. + * await applyActionCode(auth, code); + * ``` + * + * @param user - The user. + * @param newEmail - The new email address to be verified before update. + * @param actionCodeSettings - The {@link ActionCodeSettings}. + * + * @public + */ +async function verifyBeforeUpdateEmail(user, newEmail, actionCodeSettings) { + const userInternal = util.getModularInstance(user); + const idToken = await user.getIdToken(); + const request = { + requestType: "VERIFY_AND_CHANGE_EMAIL" /* ActionCodeOperation.VERIFY_AND_CHANGE_EMAIL */, + idToken, + newEmail + }; + if (actionCodeSettings) { + _setActionCodeSettingsOnRequest(userInternal.auth, request, actionCodeSettings); + } + const { email } = await verifyAndChangeEmail(userInternal.auth, request); + if (email !== user.email) { + // If the local copy of the email on user is outdated, reload the + // user. + await user.reload(); + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +async function updateProfile$1(auth, request) { + return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v1/accounts:update" /* Endpoint.SET_ACCOUNT_INFO */, request); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Updates a user's profile data. + * + * @param user - The user. + * @param profile - The profile's `displayName` and `photoURL` to update. + * + * @public + */ +async function updateProfile(user, { displayName, photoURL: photoUrl }) { + if (displayName === undefined && photoUrl === undefined) { + return; + } + const userInternal = util.getModularInstance(user); + const idToken = await userInternal.getIdToken(); + const profileRequest = { + idToken, + displayName, + photoUrl, + returnSecureToken: true + }; + const response = await _logoutIfInvalidated(userInternal, updateProfile$1(userInternal.auth, profileRequest)); + userInternal.displayName = response.displayName || null; + userInternal.photoURL = response.photoUrl || null; + // Update the password provider as well + const passwordProvider = userInternal.providerData.find(({ providerId }) => providerId === "password" /* ProviderId.PASSWORD */); + if (passwordProvider) { + passwordProvider.displayName = userInternal.displayName; + passwordProvider.photoURL = userInternal.photoURL; + } + await userInternal._updateTokensIfNecessary(response); +} +/** + * Updates the user's email address. + * + * @remarks + * An email will be sent to the original email address (if it was set) that allows to revoke the + * email address change, in order to protect them from account hijacking. + * + * This method is not supported on any {@link User} signed in by {@link Auth} instances + * created with a {@link @firebase/app#FirebaseServerApp}. + * + * Important: this is a security sensitive operation that requires the user to have recently signed + * in. If this requirement isn't met, ask the user to authenticate again and then call + * {@link reauthenticateWithCredential}. + * + * @param user - The user. + * @param newEmail - The new email address. + * + * Throws "auth/operation-not-allowed" error when + * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection} + * is enabled. + * Deprecated - Use {@link verifyBeforeUpdateEmail} instead. + * + * @public + */ +function updateEmail(user, newEmail) { + const userInternal = util.getModularInstance(user); + if (app._isFirebaseServerApp(userInternal.auth.app)) { + return Promise.reject(_serverAppCurrentUserOperationNotSupportedError(userInternal.auth)); + } + return updateEmailOrPassword(userInternal, newEmail, null); +} +/** + * Updates the user's password. + * + * @remarks + * Important: this is a security sensitive operation that requires the user to have recently signed + * in. If this requirement isn't met, ask the user to authenticate again and then call + * {@link reauthenticateWithCredential}. + * + * @param user - The user. + * @param newPassword - The new password. + * + * @public + */ +function updatePassword(user, newPassword) { + return updateEmailOrPassword(util.getModularInstance(user), null, newPassword); +} +async function updateEmailOrPassword(user, email, password) { + const { auth } = user; + const idToken = await user.getIdToken(); + const request = { + idToken, + returnSecureToken: true + }; + if (email) { + request.email = email; + } + if (password) { + request.password = password; + } + const response = await _logoutIfInvalidated(user, updateEmailPassword(auth, request)); + await user._updateTokensIfNecessary(response, /* reload */ true); +} + +/** + * @license + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Parse the `AdditionalUserInfo` from the ID token response. + * + */ +function _fromIdTokenResponse(idTokenResponse) { + if (!idTokenResponse) { + return null; + } + const { providerId } = idTokenResponse; + const profile = idTokenResponse.rawUserInfo + ? JSON.parse(idTokenResponse.rawUserInfo) + : {}; + const isNewUser = idTokenResponse.isNewUser || + idTokenResponse.kind === "identitytoolkit#SignupNewUserResponse" /* IdTokenResponseKind.SignupNewUser */; + if (!providerId && idTokenResponse?.idToken) { + const signInProvider = _parseToken(idTokenResponse.idToken)?.firebase?.['sign_in_provider']; + if (signInProvider) { + const filteredProviderId = signInProvider !== "anonymous" /* ProviderId.ANONYMOUS */ && + signInProvider !== "custom" /* ProviderId.CUSTOM */ + ? signInProvider + : null; + // Uses generic class in accordance with the legacy SDK. + return new GenericAdditionalUserInfo(isNewUser, filteredProviderId); + } + } + if (!providerId) { + return null; + } + switch (providerId) { + case "facebook.com" /* ProviderId.FACEBOOK */: + return new FacebookAdditionalUserInfo(isNewUser, profile); + case "github.com" /* ProviderId.GITHUB */: + return new GithubAdditionalUserInfo(isNewUser, profile); + case "google.com" /* ProviderId.GOOGLE */: + return new GoogleAdditionalUserInfo(isNewUser, profile); + case "twitter.com" /* ProviderId.TWITTER */: + return new TwitterAdditionalUserInfo(isNewUser, profile, idTokenResponse.screenName || null); + case "custom" /* ProviderId.CUSTOM */: + case "anonymous" /* ProviderId.ANONYMOUS */: + return new GenericAdditionalUserInfo(isNewUser, null); + default: + return new GenericAdditionalUserInfo(isNewUser, providerId, profile); + } +} +class GenericAdditionalUserInfo { + constructor(isNewUser, providerId, profile = {}) { + this.isNewUser = isNewUser; + this.providerId = providerId; + this.profile = profile; + } +} +class FederatedAdditionalUserInfoWithUsername extends GenericAdditionalUserInfo { + constructor(isNewUser, providerId, profile, username) { + super(isNewUser, providerId, profile); + this.username = username; + } +} +class FacebookAdditionalUserInfo extends GenericAdditionalUserInfo { + constructor(isNewUser, profile) { + super(isNewUser, "facebook.com" /* ProviderId.FACEBOOK */, profile); + } +} +class GithubAdditionalUserInfo extends FederatedAdditionalUserInfoWithUsername { + constructor(isNewUser, profile) { + super(isNewUser, "github.com" /* ProviderId.GITHUB */, profile, typeof profile?.login === 'string' ? profile?.login : null); + } +} +class GoogleAdditionalUserInfo extends GenericAdditionalUserInfo { + constructor(isNewUser, profile) { + super(isNewUser, "google.com" /* ProviderId.GOOGLE */, profile); + } +} +class TwitterAdditionalUserInfo extends FederatedAdditionalUserInfoWithUsername { + constructor(isNewUser, profile, screenName) { + super(isNewUser, "twitter.com" /* ProviderId.TWITTER */, profile, screenName); + } +} +/** + * Extracts provider specific {@link AdditionalUserInfo} for the given credential. + * + * @param userCredential - The user credential. + * + * @public + */ +function getAdditionalUserInfo(userCredential) { + const { user, _tokenResponse } = userCredential; + if (user.isAnonymous && !_tokenResponse) { + // Handle the special case where signInAnonymously() gets called twice. + // No network call is made so there's nothing to actually fill this in + return { + providerId: null, + isNewUser: false, + profile: null + }; + } + return _fromIdTokenResponse(_tokenResponse); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Non-optional auth methods. +/** + * Changes the type of persistence on the {@link Auth} instance for the currently saved + * `Auth` session and applies this type of persistence for future sign-in requests, including + * sign-in with redirect requests. + * + * @remarks + * This makes it easy for a user signing in to specify whether their session should be + * remembered or not. It also makes it easier to never persist the `Auth` state for applications + * that are shared by other users or have sensitive data. + * + * This method does not work in a Node.js environment or with {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * @example + * ```javascript + * setPersistence(auth, browserSessionPersistence); + * ``` + * + * @param auth - The {@link Auth} instance. + * @param persistence - The {@link Persistence} to use. + * @returns A `Promise` that resolves once the persistence change has completed + * + * @public + */ +function setPersistence(auth, persistence) { + return util.getModularInstance(auth).setPersistence(persistence); +} +/** + * Loads the reCAPTCHA configuration into the `Auth` instance. + * + * @remarks + * This will load the reCAPTCHA config, which indicates whether the reCAPTCHA + * verification flow should be triggered for each auth provider, into the + * current Auth session. + * + * If initializeRecaptchaConfig() is not invoked, the auth flow will always start + * without reCAPTCHA verification. If the provider is configured to require reCAPTCHA + * verification, the SDK will transparently load the reCAPTCHA config and restart the + * auth flows. + * + * Thus, by calling this optional method, you will reduce the latency of future auth flows. + * Loading the reCAPTCHA config early will also enhance the signal collected by reCAPTCHA. + * + * This method does not work in a Node.js environment. + * + * @example + * ```javascript + * initializeRecaptchaConfig(auth); + * ``` + * + * @param auth - The {@link Auth} instance. + * + * @public + */ +function initializeRecaptchaConfig(auth) { + return _initializeRecaptchaConfig(auth); +} +/** + * Validates the password against the password policy configured for the project or tenant. + * + * @remarks + * If no tenant ID is set on the `Auth` instance, then this method will use the password + * policy configured for the project. Otherwise, this method will use the policy configured + * for the tenant. If a password policy has not been configured, then the default policy + * configured for all projects will be used. + * + * If an auth flow fails because a submitted password does not meet the password policy + * requirements and this method has previously been called, then this method will use the + * most recent policy available when called again. + * + * @example + * ```javascript + * validatePassword(auth, 'some-password'); + * ``` + * + * @param auth The {@link Auth} instance. + * @param password The password to validate. + * + * @public + */ +async function validatePassword(auth, password) { + const authInternal = _castAuth(auth); + return authInternal.validatePassword(password); +} +/** + * Adds an observer for changes to the signed-in user's ID token. + * + * @remarks + * This includes sign-in, sign-out, and token refresh events. + * This will not be triggered automatically upon ID token expiration. Use {@link User.getIdToken} to refresh the ID token. + * + * @param auth - The {@link Auth} instance. + * @param nextOrObserver - callback triggered on change. + * @param error - Deprecated. This callback is never triggered. Errors + * on signing in/out can be caught in promises returned from + * sign-in/sign-out functions. + * @param completed - Deprecated. This callback is never triggered. + * + * @public + */ +function onIdTokenChanged(auth, nextOrObserver, error, completed) { + return util.getModularInstance(auth).onIdTokenChanged(nextOrObserver, error, completed); +} +/** + * Adds a blocking callback that runs before an auth state change + * sets a new user. + * + * @param auth - The {@link Auth} instance. + * @param callback - callback triggered before new user value is set. + * If this throws, it blocks the user from being set. + * @param onAbort - callback triggered if a later `beforeAuthStateChanged()` + * callback throws, allowing you to undo any side effects. + */ +function beforeAuthStateChanged(auth, callback, onAbort) { + return util.getModularInstance(auth).beforeAuthStateChanged(callback, onAbort); +} +/** + * Adds an observer for changes to the user's sign-in state. + * + * @remarks + * To keep the old behavior, see {@link onIdTokenChanged}. + * + * @param auth - The {@link Auth} instance. + * @param nextOrObserver - callback triggered on change. + * @param error - Deprecated. This callback is never triggered. Errors + * on signing in/out can be caught in promises returned from + * sign-in/sign-out functions. + * @param completed - Deprecated. This callback is never triggered. + * + * @public + */ +function onAuthStateChanged(auth, nextOrObserver, error, completed) { + return util.getModularInstance(auth).onAuthStateChanged(nextOrObserver, error, completed); +} +/** + * Sets the current language to the default device/browser preference. + * + * @param auth - The {@link Auth} instance. + * + * @public + */ +function useDeviceLanguage(auth) { + util.getModularInstance(auth).useDeviceLanguage(); +} +/** + * Asynchronously sets the provided user as {@link Auth.currentUser} on the + * {@link Auth} instance. + * + * @remarks + * A new instance copy of the user provided will be made and set as currentUser. + * + * This will trigger {@link onAuthStateChanged} and {@link onIdTokenChanged} listeners + * like other sign in methods. + * + * The operation fails with an error if the user to be updated belongs to a different Firebase + * project. + * + * This method is not supported by {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * @param auth - The {@link Auth} instance. + * @param user - The new {@link User}. + * + * @public + */ +function updateCurrentUser(auth, user) { + return util.getModularInstance(auth).updateCurrentUser(user); +} +/** + * Signs out the current user. + * + * @remarks + * This method is not supported by {@link Auth} instances created with a + * {@link @firebase/app#FirebaseServerApp}. + * + * @param auth - The {@link Auth} instance. + * + * @public + */ +function signOut(auth) { + return util.getModularInstance(auth).signOut(); +} +/** + * Revokes the given access token. Currently only supports Apple OAuth access tokens. + * + * @param auth - The {@link Auth} instance. + * @param token - The Apple OAuth access token. + * + * @public + */ +function revokeAccessToken(auth, token) { + const authInternal = _castAuth(auth); + return authInternal.revokeAccessToken(token); +} +/** + * Deletes and signs out the user. + * + * @remarks + * Important: this is a security-sensitive operation that requires the user to have recently + * signed in. If this requirement isn't met, ask the user to authenticate again and then call + * {@link reauthenticateWithCredential}. + * + * @param user - The user. + * + * @public + */ +async function deleteUser(user) { + return util.getModularInstance(user).delete(); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +class MultiFactorSessionImpl { + constructor(type, credential, user) { + this.type = type; + this.credential = credential; + this.user = user; + } + static _fromIdtoken(idToken, user) { + return new MultiFactorSessionImpl("enroll" /* MultiFactorSessionType.ENROLL */, idToken, user); + } + static _fromMfaPendingCredential(mfaPendingCredential) { + return new MultiFactorSessionImpl("signin" /* MultiFactorSessionType.SIGN_IN */, mfaPendingCredential); + } + toJSON() { + const key = this.type === "enroll" /* MultiFactorSessionType.ENROLL */ + ? 'idToken' + : 'pendingCredential'; + return { + multiFactorSession: { + [key]: this.credential + } + }; + } + static fromJSON(obj) { + if (obj?.multiFactorSession) { + if (obj.multiFactorSession?.pendingCredential) { + return MultiFactorSessionImpl._fromMfaPendingCredential(obj.multiFactorSession.pendingCredential); + } + else if (obj.multiFactorSession?.idToken) { + return MultiFactorSessionImpl._fromIdtoken(obj.multiFactorSession.idToken); + } + } + return null; + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +class MultiFactorResolverImpl { + constructor(session, hints, signInResolver) { + this.session = session; + this.hints = hints; + this.signInResolver = signInResolver; + } + /** @internal */ + static _fromError(authExtern, error) { + const auth = _castAuth(authExtern); + const serverResponse = error.customData._serverResponse; + const hints = (serverResponse.mfaInfo || []).map(enrollment => MultiFactorInfoImpl._fromServerResponse(auth, enrollment)); + _assert(serverResponse.mfaPendingCredential, auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + const session = MultiFactorSessionImpl._fromMfaPendingCredential(serverResponse.mfaPendingCredential); + return new MultiFactorResolverImpl(session, hints, async (assertion) => { + const mfaResponse = await assertion._process(auth, session); + // Clear out the unneeded fields from the old login response + delete serverResponse.mfaInfo; + delete serverResponse.mfaPendingCredential; + // Use in the new token & refresh token in the old response + const idTokenResponse = { + ...serverResponse, + idToken: mfaResponse.idToken, + refreshToken: mfaResponse.refreshToken + }; + // TODO: we should collapse this switch statement into UserCredentialImpl._forOperation and have it support the SIGN_IN case + switch (error.operationType) { + case "signIn" /* OperationType.SIGN_IN */: + const userCredential = await UserCredentialImpl._fromIdTokenResponse(auth, error.operationType, idTokenResponse); + await auth._updateCurrentUser(userCredential.user); + return userCredential; + case "reauthenticate" /* OperationType.REAUTHENTICATE */: + _assert(error.user, auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + return UserCredentialImpl._forOperation(error.user, error.operationType, idTokenResponse); + default: + _fail(auth, "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + } + }); + } + async resolveSignIn(assertionExtern) { + const assertion = assertionExtern; + return this.signInResolver(assertion); + } +} +/** + * Provides a {@link MultiFactorResolver} suitable for completion of a + * multi-factor flow. + * + * @param auth - The {@link Auth} instance. + * @param error - The {@link MultiFactorError} raised during a sign-in, or + * reauthentication operation. + * + * @public + */ +function getMultiFactorResolver(auth, error) { + const authModular = util.getModularInstance(auth); + const errorInternal = error; + _assert(error.customData.operationType, authModular, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */); + _assert(errorInternal.customData._serverResponse?.mfaPendingCredential, authModular, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */); + return MultiFactorResolverImpl._fromError(authModular, errorInternal); +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +function startEnrollTotpMfa(auth, request) { + return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v2/accounts/mfaEnrollment:start" /* Endpoint.START_MFA_ENROLLMENT */, _addTidIfNecessary(auth, request)); +} +function finalizeEnrollTotpMfa(auth, request) { + return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v2/accounts/mfaEnrollment:finalize" /* Endpoint.FINALIZE_MFA_ENROLLMENT */, _addTidIfNecessary(auth, request)); +} +function withdrawMfa(auth, request) { + return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v2/accounts/mfaEnrollment:withdraw" /* Endpoint.WITHDRAW_MFA */, _addTidIfNecessary(auth, request)); +} + +class MultiFactorUserImpl { + constructor(user) { + this.user = user; + this.enrolledFactors = []; + user._onReload(userInfo => { + if (userInfo.mfaInfo) { + this.enrolledFactors = userInfo.mfaInfo.map(enrollment => MultiFactorInfoImpl._fromServerResponse(user.auth, enrollment)); + } + }); + } + static _fromUser(user) { + return new MultiFactorUserImpl(user); + } + async getSession() { + return MultiFactorSessionImpl._fromIdtoken(await this.user.getIdToken(), this.user); + } + async enroll(assertionExtern, displayName) { + const assertion = assertionExtern; + const session = (await this.getSession()); + const finalizeMfaResponse = await _logoutIfInvalidated(this.user, assertion._process(this.user.auth, session, displayName)); + // New tokens will be issued after enrollment of the new second factors. + // They need to be updated on the user. + await this.user._updateTokensIfNecessary(finalizeMfaResponse); + // The user needs to be reloaded to get the new multi-factor information + // from server. USER_RELOADED event will be triggered and `enrolledFactors` + // will be updated. + return this.user.reload(); + } + async unenroll(infoOrUid) { + const mfaEnrollmentId = typeof infoOrUid === 'string' ? infoOrUid : infoOrUid.uid; + const idToken = await this.user.getIdToken(); + try { + const idTokenResponse = await _logoutIfInvalidated(this.user, withdrawMfa(this.user.auth, { + idToken, + mfaEnrollmentId + })); + // Remove the second factor from the user's list. + this.enrolledFactors = this.enrolledFactors.filter(({ uid }) => uid !== mfaEnrollmentId); + // Depending on whether the backend decided to revoke the user's session, + // the tokenResponse may be empty. If the tokens were not updated (and they + // are now invalid), reloading the user will discover this and invalidate + // the user's state accordingly. + await this.user._updateTokensIfNecessary(idTokenResponse); + await this.user.reload(); + } + catch (e) { + throw e; + } + } +} +const multiFactorUserCache = new WeakMap(); +/** + * The {@link MultiFactorUser} corresponding to the user. + * + * @remarks + * This is used to access all multi-factor properties and operations related to the user. + * + * @param user - The user. + * + * @public + */ +function multiFactor(user) { + const userModular = util.getModularInstance(user); + if (!multiFactorUserCache.has(userModular)) { + multiFactorUserCache.set(userModular, MultiFactorUserImpl._fromUser(userModular)); + } + return multiFactorUserCache.get(userModular); +} + +var name = "@firebase/auth"; +var version = "1.11.1"; + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +class AuthInterop { + constructor(auth) { + this.auth = auth; + this.internalListeners = new Map(); + } + getUid() { + this.assertAuthConfigured(); + return this.auth.currentUser?.uid || null; + } + async getToken(forceRefresh) { + this.assertAuthConfigured(); + await this.auth._initializationPromise; + if (!this.auth.currentUser) { + return null; + } + const accessToken = await this.auth.currentUser.getIdToken(forceRefresh); + return { accessToken }; + } + addAuthTokenListener(listener) { + this.assertAuthConfigured(); + if (this.internalListeners.has(listener)) { + return; + } + const unsubscribe = this.auth.onIdTokenChanged(user => { + listener(user?.stsTokenManager.accessToken || null); + }); + this.internalListeners.set(listener, unsubscribe); + this.updateProactiveRefresh(); + } + removeAuthTokenListener(listener) { + this.assertAuthConfigured(); + const unsubscribe = this.internalListeners.get(listener); + if (!unsubscribe) { + return; + } + this.internalListeners.delete(listener); + unsubscribe(); + this.updateProactiveRefresh(); + } + assertAuthConfigured() { + _assert(this.auth._initializationPromise, "dependent-sdk-initialized-before-auth" /* AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH */); + } + updateProactiveRefresh() { + if (this.internalListeners.size > 0) { + this.auth._startProactiveRefresh(); + } + else { + this.auth._stopProactiveRefresh(); + } + } +} + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +function getVersionForPlatform(clientPlatform) { + switch (clientPlatform) { + case "Node" /* ClientPlatform.NODE */: + return 'node'; + case "ReactNative" /* ClientPlatform.REACT_NATIVE */: + return 'rn'; + case "Worker" /* ClientPlatform.WORKER */: + return 'webworker'; + case "Cordova" /* ClientPlatform.CORDOVA */: + return 'cordova'; + case "WebExtension" /* ClientPlatform.WEB_EXTENSION */: + return 'web-extension'; + default: + return undefined; + } +} +/** @internal */ +function registerAuth(clientPlatform) { + app._registerComponent(new component.Component("auth" /* _ComponentName.AUTH */, (container, { options: deps }) => { + const app = container.getProvider('app').getImmediate(); + const heartbeatServiceProvider = container.getProvider('heartbeat'); + const appCheckServiceProvider = container.getProvider('app-check-internal'); + const { apiKey, authDomain } = app.options; + _assert(apiKey && !apiKey.includes(':'), "invalid-api-key" /* AuthErrorCode.INVALID_API_KEY */, { appName: app.name }); + const config = { + apiKey, + authDomain, + clientPlatform, + apiHost: "identitytoolkit.googleapis.com" /* DefaultConfig.API_HOST */, + tokenApiHost: "securetoken.googleapis.com" /* DefaultConfig.TOKEN_API_HOST */, + apiScheme: "https" /* DefaultConfig.API_SCHEME */, + sdkClientVersion: _getClientVersion(clientPlatform) + }; + const authInstance = new AuthImpl(app, heartbeatServiceProvider, appCheckServiceProvider, config); + _initializeAuthInstance(authInstance, deps); + return authInstance; + }, "PUBLIC" /* ComponentType.PUBLIC */) + /** + * Auth can only be initialized by explicitly calling getAuth() or initializeAuth() + * For why we do this, See go/firebase-next-auth-init + */ + .setInstantiationMode("EXPLICIT" /* InstantiationMode.EXPLICIT */) + /** + * Because all firebase products that depend on auth depend on auth-internal directly, + * we need to initialize auth-internal after auth is initialized to make it available to other firebase products. + */ + .setInstanceCreatedCallback((container, _instanceIdentifier, _instance) => { + const authInternalProvider = container.getProvider("auth-internal" /* _ComponentName.AUTH_INTERNAL */); + authInternalProvider.initialize(); + })); + app._registerComponent(new component.Component("auth-internal" /* _ComponentName.AUTH_INTERNAL */, container => { + const auth = _castAuth(container.getProvider("auth" /* _ComponentName.AUTH */).getImmediate()); + return (auth => new AuthInterop(auth))(auth); + }, "PRIVATE" /* ComponentType.PRIVATE */).setInstantiationMode("EXPLICIT" /* InstantiationMode.EXPLICIT */)); + app.registerVersion(name, version, getVersionForPlatform(clientPlatform)); + // BUILD_TARGET will be replaced by values like esm, cjs, etc during the compilation + app.registerVersion(name, version, 'cjs2020'); +} + +/** + * @license + * Copyright 2021 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Initialize the fetch polyfill, the types are slightly off so just cast and hope for the best +FetchProvider.initialize(fetch, Headers, Response); +// First, we set up the various platform-specific features for Node (register +// the version and declare the Node getAuth function) +function getAuth(app$1 = app.getApp()) { + const provider = app._getProvider(app$1, 'auth'); + if (provider.isInitialized()) { + return provider.getImmediate(); + } + const auth = initializeAuth(app$1); + const authEmulatorHost = util.getDefaultEmulatorHost('auth'); + if (authEmulatorHost) { + connectAuthEmulator(auth, `http://${authEmulatorHost}`); + } + return auth; +} +registerAuth("Node" /* ClientPlatform.NODE */); +// The rest of this file contains no-ops and errors for browser-specific +// methods. We keep the browser and Node entry points the same, but features +// that only work in browsers are set to either do nothing (setPersistence) or +// to reject with an auth/operation-not-supported-in-this-environment error. +// The below exports are pulled into the main entry point by a rollup alias +// plugin (overwriting the default browser imports). +/** auth/operation-not-supported-in-this-environment */ +const NOT_AVAILABLE_ERROR = _createError("operation-not-supported-in-this-environment" /* AuthErrorCode.OPERATION_NOT_SUPPORTED */); +/** Reject with auth/operation-not-supported-in-this-environment */ +async function fail() { + throw NOT_AVAILABLE_ERROR; +} +/** + * A class which will throw with + * auth/operation-not-supported-in-this-environment if instantiated + */ +class FailClass { + constructor() { + throw NOT_AVAILABLE_ERROR; + } +} +const browserLocalPersistence = inMemoryPersistence; +const browserSessionPersistence = inMemoryPersistence; +const browserCookiePersistence = inMemoryPersistence; +const indexedDBLocalPersistence = inMemoryPersistence; +const browserPopupRedirectResolver = NOT_AVAILABLE_ERROR; +const PhoneAuthProvider = FailClass; +const signInWithPhoneNumber = fail; +const linkWithPhoneNumber = fail; +const reauthenticateWithPhoneNumber = fail; +const updatePhoneNumber = fail; +const signInWithPopup = fail; +const linkWithPopup = fail; +const reauthenticateWithPopup = fail; +const signInWithRedirect = fail; +const linkWithRedirect = fail; +const reauthenticateWithRedirect = fail; +const getRedirectResult = fail; +const RecaptchaVerifier = FailClass; +class PhoneMultiFactorGenerator { + static assertion() { + throw NOT_AVAILABLE_ERROR; + } +} +// Set persistence should no-op instead of fail. Changing the prototype will +// make sure both setPersistence(auth, persistence) and +// auth.setPersistence(persistence) are covered. +AuthImpl.prototype.setPersistence = async () => { }; + +/** + * @license + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +function finalizeSignInTotpMfa(auth, request) { + return _performApiRequest(auth, "POST" /* HttpMethod.POST */, "/v2/accounts/mfaSignIn:finalize" /* Endpoint.FINALIZE_MFA_SIGN_IN */, _addTidIfNecessary(auth, request)); +} + +class MultiFactorAssertionImpl { + constructor(factorId) { + this.factorId = factorId; + } + _process(auth, session, displayName) { + switch (session.type) { + case "enroll" /* MultiFactorSessionType.ENROLL */: + return this._finalizeEnroll(auth, session.credential, displayName); + case "signin" /* MultiFactorSessionType.SIGN_IN */: + return this._finalizeSignIn(auth, session.credential); + default: + return debugFail('unexpected MultiFactorSessionType'); + } + } +} + +/** + * Provider for generating a {@link TotpMultiFactorAssertion}. + * + * @public + */ +class TotpMultiFactorGenerator { + /** + * Provides a {@link TotpMultiFactorAssertion} to confirm ownership of + * the TOTP (time-based one-time password) second factor. + * This assertion is used to complete enrollment in TOTP second factor. + * + * @param secret A {@link TotpSecret} containing the shared secret key and other TOTP parameters. + * @param oneTimePassword One-time password from TOTP App. + * @returns A {@link TotpMultiFactorAssertion} which can be used with + * {@link MultiFactorUser.enroll}. + */ + static assertionForEnrollment(secret, oneTimePassword) { + return TotpMultiFactorAssertionImpl._fromSecret(secret, oneTimePassword); + } + /** + * Provides a {@link TotpMultiFactorAssertion} to confirm ownership of the TOTP second factor. + * This assertion is used to complete signIn with TOTP as the second factor. + * + * @param enrollmentId identifies the enrolled TOTP second factor. + * @param oneTimePassword One-time password from TOTP App. + * @returns A {@link TotpMultiFactorAssertion} which can be used with + * {@link MultiFactorResolver.resolveSignIn}. + */ + static assertionForSignIn(enrollmentId, oneTimePassword) { + return TotpMultiFactorAssertionImpl._fromEnrollmentId(enrollmentId, oneTimePassword); + } + /** + * Returns a promise to {@link TotpSecret} which contains the TOTP shared secret key and other parameters. + * Creates a TOTP secret as part of enrolling a TOTP second factor. + * Used for generating a QR code URL or inputting into a TOTP app. + * This method uses the auth instance corresponding to the user in the multiFactorSession. + * + * @param session The {@link MultiFactorSession} that the user is part of. + * @returns A promise to {@link TotpSecret}. + */ + static async generateSecret(session) { + const mfaSession = session; + _assert(typeof mfaSession.user?.auth !== 'undefined', "internal-error" /* AuthErrorCode.INTERNAL_ERROR */); + const response = await startEnrollTotpMfa(mfaSession.user.auth, { + idToken: mfaSession.credential, + totpEnrollmentInfo: {} + }); + return TotpSecret._fromStartTotpMfaEnrollmentResponse(response, mfaSession.user.auth); + } +} +/** + * The identifier of the TOTP second factor: `totp`. + */ +TotpMultiFactorGenerator.FACTOR_ID = "totp" /* FactorId.TOTP */; +class TotpMultiFactorAssertionImpl extends MultiFactorAssertionImpl { + constructor(otp, enrollmentId, secret) { + super("totp" /* FactorId.TOTP */); + this.otp = otp; + this.enrollmentId = enrollmentId; + this.secret = secret; + } + /** @internal */ + static _fromSecret(secret, otp) { + return new TotpMultiFactorAssertionImpl(otp, undefined, secret); + } + /** @internal */ + static _fromEnrollmentId(enrollmentId, otp) { + return new TotpMultiFactorAssertionImpl(otp, enrollmentId); + } + /** @internal */ + async _finalizeEnroll(auth, idToken, displayName) { + _assert(typeof this.secret !== 'undefined', auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */); + return finalizeEnrollTotpMfa(auth, { + idToken, + displayName, + totpVerificationInfo: this.secret._makeTotpVerificationInfo(this.otp) + }); + } + /** @internal */ + async _finalizeSignIn(auth, mfaPendingCredential) { + _assert(this.enrollmentId !== undefined && this.otp !== undefined, auth, "argument-error" /* AuthErrorCode.ARGUMENT_ERROR */); + const totpVerificationInfo = { verificationCode: this.otp }; + return finalizeSignInTotpMfa(auth, { + mfaPendingCredential, + mfaEnrollmentId: this.enrollmentId, + totpVerificationInfo + }); + } +} +/** + * Provider for generating a {@link TotpMultiFactorAssertion}. + * + * Stores the shared secret key and other parameters to generate time-based OTPs. + * Implements methods to retrieve the shared secret key and generate a QR code URL. + * @public + */ +class TotpSecret { + // The public members are declared outside the constructor so the docs can be generated. + constructor(secretKey, hashingAlgorithm, codeLength, codeIntervalSeconds, enrollmentCompletionDeadline, sessionInfo, auth) { + this.sessionInfo = sessionInfo; + this.auth = auth; + this.secretKey = secretKey; + this.hashingAlgorithm = hashingAlgorithm; + this.codeLength = codeLength; + this.codeIntervalSeconds = codeIntervalSeconds; + this.enrollmentCompletionDeadline = enrollmentCompletionDeadline; + } + /** @internal */ + static _fromStartTotpMfaEnrollmentResponse(response, auth) { + return new TotpSecret(response.totpSessionInfo.sharedSecretKey, response.totpSessionInfo.hashingAlgorithm, response.totpSessionInfo.verificationCodeLength, response.totpSessionInfo.periodSec, new Date(response.totpSessionInfo.finalizeEnrollmentTime).toUTCString(), response.totpSessionInfo.sessionInfo, auth); + } + /** @internal */ + _makeTotpVerificationInfo(otp) { + return { sessionInfo: this.sessionInfo, verificationCode: otp }; + } + /** + * Returns a QR code URL as described in + * https://github.com/google/google-authenticator/wiki/Key-Uri-Format + * This can be displayed to the user as a QR code to be scanned into a TOTP app like Google Authenticator. + * If the optional parameters are unspecified, an accountName of <userEmail> and issuer of <firebaseAppName> are used. + * + * @param accountName the name of the account/app along with a user identifier. + * @param issuer issuer of the TOTP (likely the app name). + * @returns A QR code URL string. + */ + generateQrCodeUrl(accountName, issuer) { + let useDefaults = false; + if (_isEmptyString(accountName) || _isEmptyString(issuer)) { + useDefaults = true; + } + if (useDefaults) { + if (_isEmptyString(accountName)) { + accountName = this.auth.currentUser?.email || 'unknownuser'; + } + if (_isEmptyString(issuer)) { + issuer = this.auth.name; + } + } + return `otpauth://totp/${issuer}:${accountName}?secret=${this.secretKey}&issuer=${issuer}&algorithm=${this.hashingAlgorithm}&digits=${this.codeLength}`; + } +} +/** @internal */ +function _isEmptyString(input) { + return typeof input === 'undefined' || input?.length === 0; +} + +exports.AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY; +exports.ActionCodeOperation = ActionCodeOperation; +exports.ActionCodeURL = ActionCodeURL; +exports.AuthCredential = AuthCredential; +exports.AuthImpl = AuthImpl; +exports.BaseOAuthProvider = BaseOAuthProvider; +exports.EmailAuthCredential = EmailAuthCredential; +exports.EmailAuthProvider = EmailAuthProvider; +exports.FacebookAuthProvider = FacebookAuthProvider; +exports.FactorId = FactorId; +exports.FederatedAuthProvider = FederatedAuthProvider; +exports.FetchProvider = FetchProvider; +exports.GithubAuthProvider = GithubAuthProvider; +exports.GoogleAuthProvider = GoogleAuthProvider; +exports.OAuthCredential = OAuthCredential; +exports.OAuthProvider = OAuthProvider; +exports.OperationType = OperationType; +exports.PhoneAuthCredential = PhoneAuthCredential; +exports.PhoneAuthProvider = PhoneAuthProvider; +exports.PhoneMultiFactorGenerator = PhoneMultiFactorGenerator; +exports.ProviderId = ProviderId; +exports.RecaptchaVerifier = RecaptchaVerifier; +exports.SAMLAuthCredential = SAMLAuthCredential; +exports.SAMLAuthProvider = SAMLAuthProvider; +exports.SignInMethod = SignInMethod; +exports.TotpMultiFactorGenerator = TotpMultiFactorGenerator; +exports.TotpSecret = TotpSecret; +exports.TwitterAuthProvider = TwitterAuthProvider; +exports.UserImpl = UserImpl; +exports._assert = _assert; +exports._castAuth = _castAuth; +exports._createError = _createError; +exports._emulatorUrl = _emulatorUrl; +exports._fail = _fail; +exports._getClientVersion = _getClientVersion; +exports._getInstance = _getInstance; +exports._isAndroid = _isAndroid; +exports._isIE10 = _isIE10; +exports._isIOS = _isIOS; +exports._isIOS7Or8 = _isIOS7Or8; +exports._isMobileBrowser = _isMobileBrowser; +exports._link = _link; +exports._performApiRequest = _performApiRequest; +exports._persistenceKeyName = _persistenceKeyName; +exports._reauthenticate = _reauthenticate; +exports._serverAppCurrentUserOperationNotSupportedError = _serverAppCurrentUserOperationNotSupportedError; +exports._signInWithCredential = _signInWithCredential; +exports.applyActionCode = applyActionCode; +exports.beforeAuthStateChanged = beforeAuthStateChanged; +exports.browserCookiePersistence = browserCookiePersistence; +exports.browserLocalPersistence = browserLocalPersistence; +exports.browserPopupRedirectResolver = browserPopupRedirectResolver; +exports.browserSessionPersistence = browserSessionPersistence; +exports.checkActionCode = checkActionCode; +exports.confirmPasswordReset = confirmPasswordReset; +exports.connectAuthEmulator = connectAuthEmulator; +exports.createUserWithEmailAndPassword = createUserWithEmailAndPassword; +exports.debugAssert = debugAssert; +exports.debugErrorMap = debugErrorMap; +exports.deleteUser = deleteUser; +exports.fetchSignInMethodsForEmail = fetchSignInMethodsForEmail; +exports.getAdditionalUserInfo = getAdditionalUserInfo; +exports.getAuth = getAuth; +exports.getIdToken = getIdToken; +exports.getIdTokenResult = getIdTokenResult; +exports.getMultiFactorResolver = getMultiFactorResolver; +exports.getRedirectResult = getRedirectResult; +exports.inMemoryPersistence = inMemoryPersistence; +exports.indexedDBLocalPersistence = indexedDBLocalPersistence; +exports.initializeAuth = initializeAuth; +exports.initializeRecaptchaConfig = initializeRecaptchaConfig; +exports.isSignInWithEmailLink = isSignInWithEmailLink; +exports.linkWithCredential = linkWithCredential; +exports.linkWithPhoneNumber = linkWithPhoneNumber; +exports.linkWithPopup = linkWithPopup; +exports.linkWithRedirect = linkWithRedirect; +exports.multiFactor = multiFactor; +exports.onAuthStateChanged = onAuthStateChanged; +exports.onIdTokenChanged = onIdTokenChanged; +exports.parseActionCodeURL = parseActionCodeURL; +exports.prodErrorMap = prodErrorMap; +exports.reauthenticateWithCredential = reauthenticateWithCredential; +exports.reauthenticateWithPhoneNumber = reauthenticateWithPhoneNumber; +exports.reauthenticateWithPopup = reauthenticateWithPopup; +exports.reauthenticateWithRedirect = reauthenticateWithRedirect; +exports.reload = reload; +exports.revokeAccessToken = revokeAccessToken; +exports.sendEmailVerification = sendEmailVerification; +exports.sendPasswordResetEmail = sendPasswordResetEmail; +exports.sendSignInLinkToEmail = sendSignInLinkToEmail; +exports.setPersistence = setPersistence; +exports.signInAnonymously = signInAnonymously; +exports.signInWithCredential = signInWithCredential; +exports.signInWithCustomToken = signInWithCustomToken; +exports.signInWithEmailAndPassword = signInWithEmailAndPassword; +exports.signInWithEmailLink = signInWithEmailLink; +exports.signInWithIdp = signInWithIdp; +exports.signInWithPhoneNumber = signInWithPhoneNumber; +exports.signInWithPopup = signInWithPopup; +exports.signInWithRedirect = signInWithRedirect; +exports.signOut = signOut; +exports.unlink = unlink; +exports.updateCurrentUser = updateCurrentUser; +exports.updateEmail = updateEmail; +exports.updatePassword = updatePassword; +exports.updatePhoneNumber = updatePhoneNumber; +exports.updateProfile = updateProfile; +exports.useDeviceLanguage = useDeviceLanguage; +exports.validatePassword = validatePassword; +exports.verifyBeforeUpdateEmail = verifyBeforeUpdateEmail; +exports.verifyPasswordResetCode = verifyPasswordResetCode; +//# sourceMappingURL=totp-50d5d5dd.js.map diff --git a/frontend-old/node_modules/@firebase/auth/dist/node/totp-50d5d5dd.js.map b/frontend-old/node_modules/@firebase/auth/dist/node/totp-50d5d5dd.js.map new file mode 100644 index 0000000..350133c --- /dev/null +++ b/frontend-old/node_modules/@firebase/auth/dist/node/totp-50d5d5dd.js.map @@ -0,0 +1 @@ +{"version":3,"file":"totp-50d5d5dd.js","sources":["../../src/model/enum_maps.ts","../../src/core/errors.ts","../../src/core/util/log.ts","../../src/core/util/assert.ts","../../src/core/util/location.ts","../../src/core/util/navigator.ts","../../src/core/util/delay.ts","../../src/core/util/emulator.ts","../../src/core/util/fetch_provider.ts","../../src/api/errors.ts","../../src/api/index.ts","../../src/platform_browser/recaptcha/recaptcha.ts","../../src/api/authentication/recaptcha.ts","../../src/api/account_management/account.ts","../../src/core/util/time.ts","../../src/core/user/id_token_result.ts","../../src/core/user/invalidation.ts","../../src/core/user/proactive_refresh.ts","../../src/core/user/user_metadata.ts","../../src/core/user/reload.ts","../../src/api/authentication/token.ts","../../src/core/user/token_manager.ts","../../src/core/user/user_impl.ts","../../src/core/util/instantiator.ts","../../src/core/persistence/in_memory.ts","../../src/core/persistence/persistence_user_manager.ts","../../src/core/util/browser.ts","../../src/core/util/version.ts","../../src/core/auth/middleware.ts","../../src/api/password_policy/get_password_policy.ts","../../src/core/auth/password_policy_impl.ts","../../src/core/auth/auth_impl.ts","../../src/platform_browser/load_js.ts","../../src/platform_browser/recaptcha/recaptcha_mock.ts","../../src/platform_browser/recaptcha/recaptcha_enterprise_verifier.ts","../../src/core/auth/initialize.ts","../../src/core/auth/emulator.ts","../../src/core/credentials/auth_credential.ts","../../src/api/account_management/email_and_password.ts","../../src/api/authentication/email_and_password.ts","../../src/api/authentication/email_link.ts","../../src/core/credentials/email.ts","../../src/api/authentication/idp.ts","../../src/core/credentials/oauth.ts","../../src/api/authentication/sms.ts","../../src/core/credentials/phone.ts","../../src/core/action_code_url.ts","../../src/core/providers/email.ts","../../src/core/providers/federated.ts","../../src/core/providers/oauth.ts","../../src/core/providers/facebook.ts","../../src/core/providers/google.ts","../../src/core/providers/github.ts","../../src/core/credentials/saml.ts","../../src/core/providers/saml.ts","../../src/core/providers/twitter.ts","../../src/api/authentication/sign_up.ts","../../src/core/user/user_credential_impl.ts","../../src/core/strategies/anonymous.ts","../../src/mfa/mfa_error.ts","../../src/core/util/providers.ts","../../src/core/user/link_unlink.ts","../../src/core/user/reauthenticate.ts","../../src/core/strategies/credential.ts","../../src/api/authentication/custom_token.ts","../../src/core/strategies/custom_token.ts","../../src/mfa/mfa_info.ts","../../src/core/strategies/action_code_settings.ts","../../src/core/strategies/email_and_password.ts","../../src/core/strategies/email_link.ts","../../src/api/authentication/create_auth_uri.ts","../../src/core/strategies/email.ts","../../src/api/account_management/profile.ts","../../src/core/user/account_info.ts","../../src/core/user/additional_user_info.ts","../../src/core/index.ts","../../src/mfa/mfa_session.ts","../../src/mfa/mfa_resolver.ts","../../src/api/account_management/mfa.ts","../../src/mfa/mfa_user.ts","../../src/core/auth/firebase_internal.ts","../../src/core/auth/register.ts","../../src/platform_node/index.ts","../../src/api/authentication/mfa.ts","../../src/mfa/mfa_assertion.ts","../../src/mfa/assertions/totp.ts"],"sourcesContent":["/**\n * @license\n * Copyright 2021 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\n/**\n * An enum of factors that may be used for multifactor authentication.\n *\n * @public\n */\nexport const FactorId = {\n /** Phone as second factor */\n PHONE: 'phone',\n TOTP: 'totp'\n} as const;\n\n/**\n * Enumeration of supported providers.\n *\n * @public\n */\nexport const ProviderId = {\n /** Facebook provider ID */\n FACEBOOK: 'facebook.com',\n /** GitHub provider ID */\n GITHUB: 'github.com',\n /** Google provider ID */\n GOOGLE: 'google.com',\n /** Password provider */\n PASSWORD: 'password',\n /** Phone provider */\n PHONE: 'phone',\n /** Twitter provider ID */\n TWITTER: 'twitter.com'\n} as const;\n\n/**\n * Enumeration of supported sign-in methods.\n *\n * @public\n */\nexport const SignInMethod = {\n /** Email link sign in method */\n EMAIL_LINK: 'emailLink',\n /** Email/password sign in method */\n EMAIL_PASSWORD: 'password',\n /** Facebook sign in method */\n FACEBOOK: 'facebook.com',\n /** GitHub sign in method */\n GITHUB: 'github.com',\n /** Google sign in method */\n GOOGLE: 'google.com',\n /** Phone sign in method */\n PHONE: 'phone',\n /** Twitter sign in method */\n TWITTER: 'twitter.com'\n} as const;\n\n/**\n * Enumeration of supported operation types.\n *\n * @public\n */\nexport const OperationType = {\n /** Operation involving linking an additional provider to an already signed-in user. */\n LINK: 'link',\n /** Operation involving using a provider to reauthenticate an already signed-in user. */\n REAUTHENTICATE: 'reauthenticate',\n /** Operation involving signing in a user. */\n SIGN_IN: 'signIn'\n} as const;\n\n/**\n * An enumeration of the possible email action types.\n *\n * @public\n */\nexport const ActionCodeOperation = {\n /** The email link sign-in action. */\n EMAIL_SIGNIN: 'EMAIL_SIGNIN',\n /** The password reset action. */\n PASSWORD_RESET: 'PASSWORD_RESET',\n /** The email revocation action. */\n RECOVER_EMAIL: 'RECOVER_EMAIL',\n /** The revert second factor addition email action. */\n REVERT_SECOND_FACTOR_ADDITION: 'REVERT_SECOND_FACTOR_ADDITION',\n /** The revert second factor addition email action. */\n VERIFY_AND_CHANGE_EMAIL: 'VERIFY_AND_CHANGE_EMAIL',\n /** The email verification action. */\n VERIFY_EMAIL: 'VERIFY_EMAIL'\n} as const;\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthErrorMap, User } from '../model/public_types';\nimport { ErrorFactory, ErrorMap } from '@firebase/util';\n\nimport { IdTokenMfaResponse } from '../api/authentication/mfa';\nimport { AppName } from '../model/auth';\nimport { AuthCredential } from './credentials';\n\n/**\n * Enumeration of Firebase Auth error codes.\n *\n * @internal\n */\nexport const enum AuthErrorCode {\n ADMIN_ONLY_OPERATION = 'admin-restricted-operation',\n ARGUMENT_ERROR = 'argument-error',\n APP_NOT_AUTHORIZED = 'app-not-authorized',\n APP_NOT_INSTALLED = 'app-not-installed',\n CAPTCHA_CHECK_FAILED = 'captcha-check-failed',\n CODE_EXPIRED = 'code-expired',\n CORDOVA_NOT_READY = 'cordova-not-ready',\n CORS_UNSUPPORTED = 'cors-unsupported',\n CREDENTIAL_ALREADY_IN_USE = 'credential-already-in-use',\n CREDENTIAL_MISMATCH = 'custom-token-mismatch',\n CREDENTIAL_TOO_OLD_LOGIN_AGAIN = 'requires-recent-login',\n DEPENDENT_SDK_INIT_BEFORE_AUTH = 'dependent-sdk-initialized-before-auth',\n DYNAMIC_LINK_NOT_ACTIVATED = 'dynamic-link-not-activated',\n EMAIL_CHANGE_NEEDS_VERIFICATION = 'email-change-needs-verification',\n EMAIL_EXISTS = 'email-already-in-use',\n EMULATOR_CONFIG_FAILED = 'emulator-config-failed',\n EXPIRED_OOB_CODE = 'expired-action-code',\n EXPIRED_POPUP_REQUEST = 'cancelled-popup-request',\n INTERNAL_ERROR = 'internal-error',\n INVALID_API_KEY = 'invalid-api-key',\n INVALID_APP_CREDENTIAL = 'invalid-app-credential',\n INVALID_APP_ID = 'invalid-app-id',\n INVALID_AUTH = 'invalid-user-token',\n INVALID_AUTH_EVENT = 'invalid-auth-event',\n INVALID_CERT_HASH = 'invalid-cert-hash',\n INVALID_CODE = 'invalid-verification-code',\n INVALID_CONTINUE_URI = 'invalid-continue-uri',\n INVALID_CORDOVA_CONFIGURATION = 'invalid-cordova-configuration',\n INVALID_CUSTOM_TOKEN = 'invalid-custom-token',\n INVALID_DYNAMIC_LINK_DOMAIN = 'invalid-dynamic-link-domain',\n INVALID_EMAIL = 'invalid-email',\n INVALID_EMULATOR_SCHEME = 'invalid-emulator-scheme',\n INVALID_CREDENTIAL = 'invalid-credential',\n INVALID_MESSAGE_PAYLOAD = 'invalid-message-payload',\n INVALID_MFA_SESSION = 'invalid-multi-factor-session',\n INVALID_OAUTH_CLIENT_ID = 'invalid-oauth-client-id',\n INVALID_OAUTH_PROVIDER = 'invalid-oauth-provider',\n INVALID_OOB_CODE = 'invalid-action-code',\n INVALID_ORIGIN = 'unauthorized-domain',\n INVALID_PASSWORD = 'wrong-password',\n INVALID_PERSISTENCE = 'invalid-persistence-type',\n INVALID_PHONE_NUMBER = 'invalid-phone-number',\n INVALID_PROVIDER_ID = 'invalid-provider-id',\n INVALID_RECIPIENT_EMAIL = 'invalid-recipient-email',\n INVALID_SENDER = 'invalid-sender',\n INVALID_SESSION_INFO = 'invalid-verification-id',\n INVALID_TENANT_ID = 'invalid-tenant-id',\n LOGIN_BLOCKED = 'login-blocked',\n MFA_INFO_NOT_FOUND = 'multi-factor-info-not-found',\n MFA_REQUIRED = 'multi-factor-auth-required',\n MISSING_ANDROID_PACKAGE_NAME = 'missing-android-pkg-name',\n MISSING_APP_CREDENTIAL = 'missing-app-credential',\n MISSING_AUTH_DOMAIN = 'auth-domain-config-required',\n MISSING_CODE = 'missing-verification-code',\n MISSING_CONTINUE_URI = 'missing-continue-uri',\n MISSING_IFRAME_START = 'missing-iframe-start',\n MISSING_IOS_BUNDLE_ID = 'missing-ios-bundle-id',\n MISSING_OR_INVALID_NONCE = 'missing-or-invalid-nonce',\n MISSING_MFA_INFO = 'missing-multi-factor-info',\n MISSING_MFA_SESSION = 'missing-multi-factor-session',\n MISSING_PHONE_NUMBER = 'missing-phone-number',\n MISSING_PASSWORD = 'missing-password',\n MISSING_SESSION_INFO = 'missing-verification-id',\n MODULE_DESTROYED = 'app-deleted',\n NEED_CONFIRMATION = 'account-exists-with-different-credential',\n NETWORK_REQUEST_FAILED = 'network-request-failed',\n NULL_USER = 'null-user',\n NO_AUTH_EVENT = 'no-auth-event',\n NO_SUCH_PROVIDER = 'no-such-provider',\n OPERATION_NOT_ALLOWED = 'operation-not-allowed',\n OPERATION_NOT_SUPPORTED = 'operation-not-supported-in-this-environment',\n POPUP_BLOCKED = 'popup-blocked',\n POPUP_CLOSED_BY_USER = 'popup-closed-by-user',\n PROVIDER_ALREADY_LINKED = 'provider-already-linked',\n QUOTA_EXCEEDED = 'quota-exceeded',\n REDIRECT_CANCELLED_BY_USER = 'redirect-cancelled-by-user',\n REDIRECT_OPERATION_PENDING = 'redirect-operation-pending',\n REJECTED_CREDENTIAL = 'rejected-credential',\n SECOND_FACTOR_ALREADY_ENROLLED = 'second-factor-already-in-use',\n SECOND_FACTOR_LIMIT_EXCEEDED = 'maximum-second-factor-count-exceeded',\n TENANT_ID_MISMATCH = 'tenant-id-mismatch',\n TIMEOUT = 'timeout',\n TOKEN_EXPIRED = 'user-token-expired',\n TOO_MANY_ATTEMPTS_TRY_LATER = 'too-many-requests',\n UNAUTHORIZED_DOMAIN = 'unauthorized-continue-uri',\n UNSUPPORTED_FIRST_FACTOR = 'unsupported-first-factor',\n UNSUPPORTED_PERSISTENCE = 'unsupported-persistence-type',\n UNSUPPORTED_TENANT_OPERATION = 'unsupported-tenant-operation',\n UNVERIFIED_EMAIL = 'unverified-email',\n USER_CANCELLED = 'user-cancelled',\n USER_DELETED = 'user-not-found',\n USER_DISABLED = 'user-disabled',\n USER_MISMATCH = 'user-mismatch',\n USER_SIGNED_OUT = 'user-signed-out',\n WEAK_PASSWORD = 'weak-password',\n WEB_STORAGE_UNSUPPORTED = 'web-storage-unsupported',\n ALREADY_INITIALIZED = 'already-initialized',\n RECAPTCHA_NOT_ENABLED = 'recaptcha-not-enabled',\n MISSING_RECAPTCHA_TOKEN = 'missing-recaptcha-token',\n INVALID_RECAPTCHA_TOKEN = 'invalid-recaptcha-token',\n INVALID_RECAPTCHA_ACTION = 'invalid-recaptcha-action',\n MISSING_CLIENT_TYPE = 'missing-client-type',\n MISSING_RECAPTCHA_VERSION = 'missing-recaptcha-version',\n INVALID_RECAPTCHA_VERSION = 'invalid-recaptcha-version',\n INVALID_REQ_TYPE = 'invalid-req-type',\n UNSUPPORTED_PASSWORD_POLICY_SCHEMA_VERSION = 'unsupported-password-policy-schema-version',\n PASSWORD_DOES_NOT_MEET_REQUIREMENTS = 'password-does-not-meet-requirements',\n INVALID_HOSTING_LINK_DOMAIN = 'invalid-hosting-link-domain'\n}\n\nfunction _debugErrorMap(): ErrorMap<AuthErrorCode> {\n return {\n [AuthErrorCode.ADMIN_ONLY_OPERATION]:\n 'This operation is restricted to administrators only.',\n [AuthErrorCode.ARGUMENT_ERROR]: '',\n [AuthErrorCode.APP_NOT_AUTHORIZED]:\n \"This app, identified by the domain where it's hosted, is not \" +\n 'authorized to use Firebase Authentication with the provided API key. ' +\n 'Review your key configuration in the Google API console.',\n [AuthErrorCode.APP_NOT_INSTALLED]:\n 'The requested mobile application corresponding to the identifier (' +\n 'Android package name or iOS bundle ID) provided is not installed on ' +\n 'this device.',\n [AuthErrorCode.CAPTCHA_CHECK_FAILED]:\n 'The reCAPTCHA response token provided is either invalid, expired, ' +\n 'already used or the domain associated with it does not match the list ' +\n 'of whitelisted domains.',\n [AuthErrorCode.CODE_EXPIRED]:\n 'The SMS code has expired. Please re-send the verification code to try ' +\n 'again.',\n [AuthErrorCode.CORDOVA_NOT_READY]: 'Cordova framework is not ready.',\n [AuthErrorCode.CORS_UNSUPPORTED]: 'This browser is not supported.',\n [AuthErrorCode.CREDENTIAL_ALREADY_IN_USE]:\n 'This credential is already associated with a different user account.',\n [AuthErrorCode.CREDENTIAL_MISMATCH]:\n 'The custom token corresponds to a different audience.',\n [AuthErrorCode.CREDENTIAL_TOO_OLD_LOGIN_AGAIN]:\n 'This operation is sensitive and requires recent authentication. Log in ' +\n 'again before retrying this request.',\n [AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH]:\n 'Another Firebase SDK was initialized and is trying to use Auth before Auth is ' +\n 'initialized. Please be sure to call `initializeAuth` or `getAuth` before ' +\n 'starting any other Firebase SDK.',\n [AuthErrorCode.DYNAMIC_LINK_NOT_ACTIVATED]:\n 'Please activate Dynamic Links in the Firebase Console and agree to the terms and ' +\n 'conditions.',\n [AuthErrorCode.EMAIL_CHANGE_NEEDS_VERIFICATION]:\n 'Multi-factor users must always have a verified email.',\n [AuthErrorCode.EMAIL_EXISTS]:\n 'The email address is already in use by another account.',\n [AuthErrorCode.EMULATOR_CONFIG_FAILED]:\n 'Auth instance has already been used to make a network call. Auth can ' +\n 'no longer be configured to use the emulator. Try calling ' +\n '\"connectAuthEmulator()\" sooner.',\n [AuthErrorCode.EXPIRED_OOB_CODE]: 'The action code has expired.',\n [AuthErrorCode.EXPIRED_POPUP_REQUEST]:\n 'This operation has been cancelled due to another conflicting popup being opened.',\n [AuthErrorCode.INTERNAL_ERROR]: 'An internal AuthError has occurred.',\n [AuthErrorCode.INVALID_APP_CREDENTIAL]:\n 'The phone verification request contains an invalid application verifier.' +\n ' The reCAPTCHA token response is either invalid or expired.',\n [AuthErrorCode.INVALID_APP_ID]:\n 'The mobile app identifier is not registered for the current project.',\n [AuthErrorCode.INVALID_AUTH]:\n \"This user's credential isn't valid for this project. This can happen \" +\n \"if the user's token has been tampered with, or if the user isn't for \" +\n 'the project associated with this API key.',\n [AuthErrorCode.INVALID_AUTH_EVENT]: 'An internal AuthError has occurred.',\n [AuthErrorCode.INVALID_CODE]:\n 'The SMS verification code used to create the phone auth credential is ' +\n 'invalid. Please resend the verification code sms and be sure to use the ' +\n 'verification code provided by the user.',\n [AuthErrorCode.INVALID_CONTINUE_URI]:\n 'The continue URL provided in the request is invalid.',\n [AuthErrorCode.INVALID_CORDOVA_CONFIGURATION]:\n 'The following Cordova plugins must be installed to enable OAuth sign-in: ' +\n 'cordova-plugin-buildinfo, cordova-universal-links-plugin, ' +\n 'cordova-plugin-browsertab, cordova-plugin-inappbrowser and ' +\n 'cordova-plugin-customurlscheme.',\n [AuthErrorCode.INVALID_CUSTOM_TOKEN]:\n 'The custom token format is incorrect. Please check the documentation.',\n [AuthErrorCode.INVALID_DYNAMIC_LINK_DOMAIN]:\n 'The provided dynamic link domain is not configured or authorized for the current project.',\n [AuthErrorCode.INVALID_EMAIL]: 'The email address is badly formatted.',\n [AuthErrorCode.INVALID_EMULATOR_SCHEME]:\n 'Emulator URL must start with a valid scheme (http:// or https://).',\n [AuthErrorCode.INVALID_API_KEY]:\n 'Your API key is invalid, please check you have copied it correctly.',\n [AuthErrorCode.INVALID_CERT_HASH]:\n 'The SHA-1 certificate hash provided is invalid.',\n [AuthErrorCode.INVALID_CREDENTIAL]:\n 'The supplied auth credential is incorrect, malformed or has expired.',\n [AuthErrorCode.INVALID_MESSAGE_PAYLOAD]:\n 'The email template corresponding to this action contains invalid characters in its message. ' +\n 'Please fix by going to the Auth email templates section in the Firebase Console.',\n [AuthErrorCode.INVALID_MFA_SESSION]:\n 'The request does not contain a valid proof of first factor successful sign-in.',\n [AuthErrorCode.INVALID_OAUTH_PROVIDER]:\n 'EmailAuthProvider is not supported for this operation. This operation ' +\n 'only supports OAuth providers.',\n [AuthErrorCode.INVALID_OAUTH_CLIENT_ID]:\n 'The OAuth client ID provided is either invalid or does not match the ' +\n 'specified API key.',\n [AuthErrorCode.INVALID_ORIGIN]:\n 'This domain is not authorized for OAuth operations for your Firebase ' +\n 'project. Edit the list of authorized domains from the Firebase console.',\n [AuthErrorCode.INVALID_OOB_CODE]:\n 'The action code is invalid. This can happen if the code is malformed, ' +\n 'expired, or has already been used.',\n [AuthErrorCode.INVALID_PASSWORD]:\n 'The password is invalid or the user does not have a password.',\n [AuthErrorCode.INVALID_PERSISTENCE]:\n 'The specified persistence type is invalid. It can only be local, session or none.',\n [AuthErrorCode.INVALID_PHONE_NUMBER]:\n 'The format of the phone number provided is incorrect. Please enter the ' +\n 'phone number in a format that can be parsed into E.164 format. E.164 ' +\n 'phone numbers are written in the format [+][country code][subscriber ' +\n 'number including area code].',\n [AuthErrorCode.INVALID_PROVIDER_ID]:\n 'The specified provider ID is invalid.',\n [AuthErrorCode.INVALID_RECIPIENT_EMAIL]:\n 'The email corresponding to this action failed to send as the provided ' +\n 'recipient email address is invalid.',\n [AuthErrorCode.INVALID_SENDER]:\n 'The email template corresponding to this action contains an invalid sender email or name. ' +\n 'Please fix by going to the Auth email templates section in the Firebase Console.',\n [AuthErrorCode.INVALID_SESSION_INFO]:\n 'The verification ID used to create the phone auth credential is invalid.',\n [AuthErrorCode.INVALID_TENANT_ID]:\n \"The Auth instance's tenant ID is invalid.\",\n [AuthErrorCode.LOGIN_BLOCKED]:\n 'Login blocked by user-provided method: {$originalMessage}',\n [AuthErrorCode.MISSING_ANDROID_PACKAGE_NAME]:\n 'An Android Package Name must be provided if the Android App is required to be installed.',\n [AuthErrorCode.MISSING_AUTH_DOMAIN]:\n 'Be sure to include authDomain when calling firebase.initializeApp(), ' +\n 'by following the instructions in the Firebase console.',\n [AuthErrorCode.MISSING_APP_CREDENTIAL]:\n 'The phone verification request is missing an application verifier ' +\n 'assertion. A reCAPTCHA response token needs to be provided.',\n [AuthErrorCode.MISSING_CODE]:\n 'The phone auth credential was created with an empty SMS verification code.',\n [AuthErrorCode.MISSING_CONTINUE_URI]:\n 'A continue URL must be provided in the request.',\n [AuthErrorCode.MISSING_IFRAME_START]: 'An internal AuthError has occurred.',\n [AuthErrorCode.MISSING_IOS_BUNDLE_ID]:\n 'An iOS Bundle ID must be provided if an App Store ID is provided.',\n [AuthErrorCode.MISSING_OR_INVALID_NONCE]:\n 'The request does not contain a valid nonce. This can occur if the ' +\n 'SHA-256 hash of the provided raw nonce does not match the hashed nonce ' +\n 'in the ID token payload.',\n [AuthErrorCode.MISSING_PASSWORD]: 'A non-empty password must be provided',\n [AuthErrorCode.MISSING_MFA_INFO]:\n 'No second factor identifier is provided.',\n [AuthErrorCode.MISSING_MFA_SESSION]:\n 'The request is missing proof of first factor successful sign-in.',\n [AuthErrorCode.MISSING_PHONE_NUMBER]:\n 'To send verification codes, provide a phone number for the recipient.',\n [AuthErrorCode.MISSING_SESSION_INFO]:\n 'The phone auth credential was created with an empty verification ID.',\n [AuthErrorCode.MODULE_DESTROYED]:\n 'This instance of FirebaseApp has been deleted.',\n [AuthErrorCode.MFA_INFO_NOT_FOUND]:\n 'The user does not have a second factor matching the identifier provided.',\n [AuthErrorCode.MFA_REQUIRED]:\n 'Proof of ownership of a second factor is required to complete sign-in.',\n [AuthErrorCode.NEED_CONFIRMATION]:\n 'An account already exists with the same email address but different ' +\n 'sign-in credentials. Sign in using a provider associated with this ' +\n 'email address.',\n [AuthErrorCode.NETWORK_REQUEST_FAILED]:\n 'A network AuthError (such as timeout, interrupted connection or unreachable host) has occurred.',\n [AuthErrorCode.NO_AUTH_EVENT]: 'An internal AuthError has occurred.',\n [AuthErrorCode.NO_SUCH_PROVIDER]:\n 'User was not linked to an account with the given provider.',\n [AuthErrorCode.NULL_USER]:\n 'A null user object was provided as the argument for an operation which ' +\n 'requires a non-null user object.',\n [AuthErrorCode.OPERATION_NOT_ALLOWED]:\n 'The given sign-in provider is disabled for this Firebase project. ' +\n 'Enable it in the Firebase console, under the sign-in method tab of the ' +\n 'Auth section.',\n [AuthErrorCode.OPERATION_NOT_SUPPORTED]:\n 'This operation is not supported in the environment this application is ' +\n 'running on. \"location.protocol\" must be http, https or chrome-extension' +\n ' and web storage must be enabled.',\n [AuthErrorCode.POPUP_BLOCKED]:\n 'Unable to establish a connection with the popup. It may have been blocked by the browser.',\n [AuthErrorCode.POPUP_CLOSED_BY_USER]:\n 'The popup has been closed by the user before finalizing the operation.',\n [AuthErrorCode.PROVIDER_ALREADY_LINKED]:\n 'User can only be linked to one identity for the given provider.',\n [AuthErrorCode.QUOTA_EXCEEDED]:\n \"The project's quota for this operation has been exceeded.\",\n [AuthErrorCode.REDIRECT_CANCELLED_BY_USER]:\n 'The redirect operation has been cancelled by the user before finalizing.',\n [AuthErrorCode.REDIRECT_OPERATION_PENDING]:\n 'A redirect sign-in operation is already pending.',\n [AuthErrorCode.REJECTED_CREDENTIAL]:\n 'The request contains malformed or mismatching credentials.',\n [AuthErrorCode.SECOND_FACTOR_ALREADY_ENROLLED]:\n 'The second factor is already enrolled on this account.',\n [AuthErrorCode.SECOND_FACTOR_LIMIT_EXCEEDED]:\n 'The maximum allowed number of second factors on a user has been exceeded.',\n [AuthErrorCode.TENANT_ID_MISMATCH]:\n \"The provided tenant ID does not match the Auth instance's tenant ID\",\n [AuthErrorCode.TIMEOUT]: 'The operation has timed out.',\n [AuthErrorCode.TOKEN_EXPIRED]:\n \"The user's credential is no longer valid. The user must sign in again.\",\n [AuthErrorCode.TOO_MANY_ATTEMPTS_TRY_LATER]:\n 'We have blocked all requests from this device due to unusual activity. ' +\n 'Try again later.',\n [AuthErrorCode.UNAUTHORIZED_DOMAIN]:\n 'The domain of the continue URL is not whitelisted. Please whitelist ' +\n 'the domain in the Firebase console.',\n [AuthErrorCode.UNSUPPORTED_FIRST_FACTOR]:\n 'Enrolling a second factor or signing in with a multi-factor account requires sign-in with a supported first factor.',\n [AuthErrorCode.UNSUPPORTED_PERSISTENCE]:\n 'The current environment does not support the specified persistence type.',\n [AuthErrorCode.UNSUPPORTED_TENANT_OPERATION]:\n 'This operation is not supported in a multi-tenant context.',\n [AuthErrorCode.UNVERIFIED_EMAIL]:\n 'The operation requires a verified email.',\n [AuthErrorCode.USER_CANCELLED]:\n 'The user did not grant your application the permissions it requested.',\n [AuthErrorCode.USER_DELETED]:\n 'There is no user record corresponding to this identifier. The user may ' +\n 'have been deleted.',\n [AuthErrorCode.USER_DISABLED]:\n 'The user account has been disabled by an administrator.',\n [AuthErrorCode.USER_MISMATCH]:\n 'The supplied credentials do not correspond to the previously signed in user.',\n [AuthErrorCode.USER_SIGNED_OUT]: '',\n [AuthErrorCode.WEAK_PASSWORD]:\n 'The password must be 6 characters long or more.',\n [AuthErrorCode.WEB_STORAGE_UNSUPPORTED]:\n 'This browser is not supported or 3rd party cookies and data may be disabled.',\n [AuthErrorCode.ALREADY_INITIALIZED]:\n 'initializeAuth() has already been called with ' +\n 'different options. To avoid this error, call initializeAuth() with the ' +\n 'same options as when it was originally called, or call getAuth() to return the' +\n ' already initialized instance.',\n [AuthErrorCode.MISSING_RECAPTCHA_TOKEN]:\n 'The reCAPTCHA token is missing when sending request to the backend.',\n [AuthErrorCode.INVALID_RECAPTCHA_TOKEN]:\n 'The reCAPTCHA token is invalid when sending request to the backend.',\n [AuthErrorCode.INVALID_RECAPTCHA_ACTION]:\n 'The reCAPTCHA action is invalid when sending request to the backend.',\n [AuthErrorCode.RECAPTCHA_NOT_ENABLED]:\n 'reCAPTCHA Enterprise integration is not enabled for this project.',\n [AuthErrorCode.MISSING_CLIENT_TYPE]:\n 'The reCAPTCHA client type is missing when sending request to the backend.',\n [AuthErrorCode.MISSING_RECAPTCHA_VERSION]:\n 'The reCAPTCHA version is missing when sending request to the backend.',\n [AuthErrorCode.INVALID_REQ_TYPE]: 'Invalid request parameters.',\n [AuthErrorCode.INVALID_RECAPTCHA_VERSION]:\n 'The reCAPTCHA version is invalid when sending request to the backend.',\n [AuthErrorCode.UNSUPPORTED_PASSWORD_POLICY_SCHEMA_VERSION]:\n 'The password policy received from the backend uses a schema version that is not supported by this version of the Firebase SDK.',\n [AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS]:\n 'The password does not meet the requirements.',\n [AuthErrorCode.INVALID_HOSTING_LINK_DOMAIN]:\n 'The provided Hosting link domain is not configured in Firebase Hosting or is not owned by ' +\n 'the current project. This cannot be a default Hosting domain (`web.app` or `firebaseapp.com`).'\n };\n}\n\nexport interface ErrorMapRetriever extends AuthErrorMap {\n (): ErrorMap<AuthErrorCode>;\n}\n\nfunction _prodErrorMap(): ErrorMap<AuthErrorCode> {\n // We will include this one message in the prod error map since by the very\n // nature of this error, developers will never be able to see the message\n // using the debugErrorMap (which is installed during auth initialization).\n return {\n [AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH]:\n 'Another Firebase SDK was initialized and is trying to use Auth before Auth is ' +\n 'initialized. Please be sure to call `initializeAuth` or `getAuth` before ' +\n 'starting any other Firebase SDK.'\n } as ErrorMap<AuthErrorCode>;\n}\n\n/**\n * A verbose error map with detailed descriptions for most error codes.\n *\n * See discussion at {@link AuthErrorMap}\n *\n * @public\n */\nexport const debugErrorMap: AuthErrorMap = _debugErrorMap;\n\n/**\n * A minimal error map with all verbose error messages stripped.\n *\n * See discussion at {@link AuthErrorMap}\n *\n * @public\n */\nexport const prodErrorMap: AuthErrorMap = _prodErrorMap;\n\nexport interface NamedErrorParams {\n appName: AppName;\n credential?: AuthCredential;\n email?: string;\n phoneNumber?: string;\n tenantId?: string;\n user?: User;\n _serverResponse?: object;\n}\n\n/**\n * @internal\n */\ntype GenericAuthErrorParams = {\n [key in Exclude<\n AuthErrorCode,\n | AuthErrorCode.ARGUMENT_ERROR\n | AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH\n | AuthErrorCode.INTERNAL_ERROR\n | AuthErrorCode.MFA_REQUIRED\n | AuthErrorCode.NO_AUTH_EVENT\n | AuthErrorCode.OPERATION_NOT_SUPPORTED\n >]: {\n appName?: AppName;\n email?: string;\n phoneNumber?: string;\n message?: string;\n };\n};\n\n/**\n * @internal\n */\nexport interface AuthErrorParams extends GenericAuthErrorParams {\n [AuthErrorCode.ARGUMENT_ERROR]: { appName?: AppName };\n [AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH]: { appName?: AppName };\n [AuthErrorCode.INTERNAL_ERROR]: { appName?: AppName };\n [AuthErrorCode.LOGIN_BLOCKED]: {\n appName?: AppName;\n originalMessage?: string;\n };\n [AuthErrorCode.OPERATION_NOT_SUPPORTED]: { appName?: AppName };\n [AuthErrorCode.NO_AUTH_EVENT]: { appName?: AppName };\n [AuthErrorCode.MFA_REQUIRED]: {\n appName: AppName;\n _serverResponse: IdTokenMfaResponse;\n };\n [AuthErrorCode.INVALID_CORDOVA_CONFIGURATION]: {\n appName: AppName;\n missingPlugin?: string;\n };\n}\n\nexport const _DEFAULT_AUTH_ERROR_FACTORY = new ErrorFactory<\n AuthErrorCode,\n AuthErrorParams\n>('auth', 'Firebase', _prodErrorMap());\n\n/**\n * A map of potential `Auth` error codes, for easier comparison with errors\n * thrown by the SDK.\n *\n * @remarks\n * Note that you can't tree-shake individual keys\n * in the map, so by using the map you might substantially increase your\n * bundle size.\n *\n * @public\n */\nexport const AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = {\n ADMIN_ONLY_OPERATION: 'auth/admin-restricted-operation',\n ARGUMENT_ERROR: 'auth/argument-error',\n APP_NOT_AUTHORIZED: 'auth/app-not-authorized',\n APP_NOT_INSTALLED: 'auth/app-not-installed',\n CAPTCHA_CHECK_FAILED: 'auth/captcha-check-failed',\n CODE_EXPIRED: 'auth/code-expired',\n CORDOVA_NOT_READY: 'auth/cordova-not-ready',\n CORS_UNSUPPORTED: 'auth/cors-unsupported',\n CREDENTIAL_ALREADY_IN_USE: 'auth/credential-already-in-use',\n CREDENTIAL_MISMATCH: 'auth/custom-token-mismatch',\n CREDENTIAL_TOO_OLD_LOGIN_AGAIN: 'auth/requires-recent-login',\n DEPENDENT_SDK_INIT_BEFORE_AUTH: 'auth/dependent-sdk-initialized-before-auth',\n DYNAMIC_LINK_NOT_ACTIVATED: 'auth/dynamic-link-not-activated',\n EMAIL_CHANGE_NEEDS_VERIFICATION: 'auth/email-change-needs-verification',\n EMAIL_EXISTS: 'auth/email-already-in-use',\n EMULATOR_CONFIG_FAILED: 'auth/emulator-config-failed',\n EXPIRED_OOB_CODE: 'auth/expired-action-code',\n EXPIRED_POPUP_REQUEST: 'auth/cancelled-popup-request',\n INTERNAL_ERROR: 'auth/internal-error',\n INVALID_API_KEY: 'auth/invalid-api-key',\n INVALID_APP_CREDENTIAL: 'auth/invalid-app-credential',\n INVALID_APP_ID: 'auth/invalid-app-id',\n INVALID_AUTH: 'auth/invalid-user-token',\n INVALID_AUTH_EVENT: 'auth/invalid-auth-event',\n INVALID_CERT_HASH: 'auth/invalid-cert-hash',\n INVALID_CODE: 'auth/invalid-verification-code',\n INVALID_CONTINUE_URI: 'auth/invalid-continue-uri',\n INVALID_CORDOVA_CONFIGURATION: 'auth/invalid-cordova-configuration',\n INVALID_CUSTOM_TOKEN: 'auth/invalid-custom-token',\n INVALID_DYNAMIC_LINK_DOMAIN: 'auth/invalid-dynamic-link-domain',\n INVALID_EMAIL: 'auth/invalid-email',\n INVALID_EMULATOR_SCHEME: 'auth/invalid-emulator-scheme',\n INVALID_IDP_RESPONSE: 'auth/invalid-credential',\n INVALID_LOGIN_CREDENTIALS: 'auth/invalid-credential',\n INVALID_MESSAGE_PAYLOAD: 'auth/invalid-message-payload',\n INVALID_MFA_SESSION: 'auth/invalid-multi-factor-session',\n INVALID_OAUTH_CLIENT_ID: 'auth/invalid-oauth-client-id',\n INVALID_OAUTH_PROVIDER: 'auth/invalid-oauth-provider',\n INVALID_OOB_CODE: 'auth/invalid-action-code',\n INVALID_ORIGIN: 'auth/unauthorized-domain',\n INVALID_PASSWORD: 'auth/wrong-password',\n INVALID_PERSISTENCE: 'auth/invalid-persistence-type',\n INVALID_PHONE_NUMBER: 'auth/invalid-phone-number',\n INVALID_PROVIDER_ID: 'auth/invalid-provider-id',\n INVALID_RECIPIENT_EMAIL: 'auth/invalid-recipient-email',\n INVALID_SENDER: 'auth/invalid-sender',\n INVALID_SESSION_INFO: 'auth/invalid-verification-id',\n INVALID_TENANT_ID: 'auth/invalid-tenant-id',\n MFA_INFO_NOT_FOUND: 'auth/multi-factor-info-not-found',\n MFA_REQUIRED: 'auth/multi-factor-auth-required',\n MISSING_ANDROID_PACKAGE_NAME: 'auth/missing-android-pkg-name',\n MISSING_APP_CREDENTIAL: 'auth/missing-app-credential',\n MISSING_AUTH_DOMAIN: 'auth/auth-domain-config-required',\n MISSING_CODE: 'auth/missing-verification-code',\n MISSING_CONTINUE_URI: 'auth/missing-continue-uri',\n MISSING_IFRAME_START: 'auth/missing-iframe-start',\n MISSING_IOS_BUNDLE_ID: 'auth/missing-ios-bundle-id',\n MISSING_OR_INVALID_NONCE: 'auth/missing-or-invalid-nonce',\n MISSING_MFA_INFO: 'auth/missing-multi-factor-info',\n MISSING_MFA_SESSION: 'auth/missing-multi-factor-session',\n MISSING_PHONE_NUMBER: 'auth/missing-phone-number',\n MISSING_PASSWORD: 'auth/missing-password',\n MISSING_SESSION_INFO: 'auth/missing-verification-id',\n MODULE_DESTROYED: 'auth/app-deleted',\n NEED_CONFIRMATION: 'auth/account-exists-with-different-credential',\n NETWORK_REQUEST_FAILED: 'auth/network-request-failed',\n NULL_USER: 'auth/null-user',\n NO_AUTH_EVENT: 'auth/no-auth-event',\n NO_SUCH_PROVIDER: 'auth/no-such-provider',\n OPERATION_NOT_ALLOWED: 'auth/operation-not-allowed',\n OPERATION_NOT_SUPPORTED: 'auth/operation-not-supported-in-this-environment',\n POPUP_BLOCKED: 'auth/popup-blocked',\n POPUP_CLOSED_BY_USER: 'auth/popup-closed-by-user',\n PROVIDER_ALREADY_LINKED: 'auth/provider-already-linked',\n QUOTA_EXCEEDED: 'auth/quota-exceeded',\n REDIRECT_CANCELLED_BY_USER: 'auth/redirect-cancelled-by-user',\n REDIRECT_OPERATION_PENDING: 'auth/redirect-operation-pending',\n REJECTED_CREDENTIAL: 'auth/rejected-credential',\n SECOND_FACTOR_ALREADY_ENROLLED: 'auth/second-factor-already-in-use',\n SECOND_FACTOR_LIMIT_EXCEEDED: 'auth/maximum-second-factor-count-exceeded',\n TENANT_ID_MISMATCH: 'auth/tenant-id-mismatch',\n TIMEOUT: 'auth/timeout',\n TOKEN_EXPIRED: 'auth/user-token-expired',\n TOO_MANY_ATTEMPTS_TRY_LATER: 'auth/too-many-requests',\n UNAUTHORIZED_DOMAIN: 'auth/unauthorized-continue-uri',\n UNSUPPORTED_FIRST_FACTOR: 'auth/unsupported-first-factor',\n UNSUPPORTED_PERSISTENCE: 'auth/unsupported-persistence-type',\n UNSUPPORTED_TENANT_OPERATION: 'auth/unsupported-tenant-operation',\n UNVERIFIED_EMAIL: 'auth/unverified-email',\n USER_CANCELLED: 'auth/user-cancelled',\n USER_DELETED: 'auth/user-not-found',\n USER_DISABLED: 'auth/user-disabled',\n USER_MISMATCH: 'auth/user-mismatch',\n USER_SIGNED_OUT: 'auth/user-signed-out',\n WEAK_PASSWORD: 'auth/weak-password',\n WEB_STORAGE_UNSUPPORTED: 'auth/web-storage-unsupported',\n ALREADY_INITIALIZED: 'auth/already-initialized',\n RECAPTCHA_NOT_ENABLED: 'auth/recaptcha-not-enabled',\n MISSING_RECAPTCHA_TOKEN: 'auth/missing-recaptcha-token',\n INVALID_RECAPTCHA_TOKEN: 'auth/invalid-recaptcha-token',\n INVALID_RECAPTCHA_ACTION: 'auth/invalid-recaptcha-action',\n MISSING_CLIENT_TYPE: 'auth/missing-client-type',\n MISSING_RECAPTCHA_VERSION: 'auth/missing-recaptcha-version',\n INVALID_RECAPTCHA_VERSION: 'auth/invalid-recaptcha-version',\n INVALID_REQ_TYPE: 'auth/invalid-req-type',\n INVALID_HOSTING_LINK_DOMAIN: 'auth/invalid-hosting-link-domain'\n} as const;\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Logger, LogLevel } from '@firebase/logger';\nimport { SDK_VERSION } from '@firebase/app';\n\nexport { LogLevel };\n\nconst logClient = new Logger('@firebase/auth');\n\n// Helper methods are needed because variables can't be exported as read/write\nexport function _getLogLevel(): LogLevel {\n return logClient.logLevel;\n}\n\nexport function _setLogLevel(newLevel: LogLevel): void {\n logClient.logLevel = newLevel;\n}\n\nexport function _logDebug(msg: string, ...args: string[]): void {\n if (logClient.logLevel <= LogLevel.DEBUG) {\n logClient.debug(`Auth (${SDK_VERSION}): ${msg}`, ...args);\n }\n}\n\nexport function _logWarn(msg: string, ...args: string[]): void {\n if (logClient.logLevel <= LogLevel.WARN) {\n logClient.warn(`Auth (${SDK_VERSION}): ${msg}`, ...args);\n }\n}\n\nexport function _logError(msg: string, ...args: string[]): void {\n if (logClient.logLevel <= LogLevel.ERROR) {\n logClient.error(`Auth (${SDK_VERSION}): ${msg}`, ...args);\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Auth } from '../../model/public_types';\nimport { ErrorFactory, FirebaseError } from '@firebase/util';\nimport { AuthInternal } from '../../model/auth';\nimport {\n _DEFAULT_AUTH_ERROR_FACTORY,\n AuthErrorCode,\n AuthErrorParams,\n prodErrorMap,\n ErrorMapRetriever\n} from '../errors';\nimport { _logError } from './log';\n\ntype AuthErrorListParams<K> = K extends keyof AuthErrorParams\n ? [AuthErrorParams[K]]\n : [];\ntype LessAppName<K extends AuthErrorCode> = Omit<AuthErrorParams[K], 'appName'>;\n\n/**\n * Unconditionally fails, throwing a developer facing INTERNAL_ERROR\n *\n * @example\n * ```javascript\n * fail(auth, AuthErrorCode.MFA_REQUIRED); // Error: the MFA_REQUIRED error needs more params than appName\n * fail(auth, AuthErrorCode.MFA_REQUIRED, {serverResponse}); // Compiles\n * fail(AuthErrorCode.INTERNAL_ERROR); // Compiles; internal error does not need appName\n * fail(AuthErrorCode.USER_DELETED); // Error: USER_DELETED requires app name\n * fail(auth, AuthErrorCode.USER_DELETED); // Compiles; USER_DELETED _only_ needs app name\n * ```\n *\n * @param appName App name for tagging the error\n * @throws FirebaseError\n */\nexport function _fail<K extends AuthErrorCode>(\n code: K,\n ...data: {} extends AuthErrorParams[K]\n ? [AuthErrorParams[K]?]\n : [AuthErrorParams[K]]\n): never;\nexport function _fail<K extends AuthErrorCode>(\n auth: Auth,\n code: K,\n ...data: {} extends LessAppName<K> ? [LessAppName<K>?] : [LessAppName<K>]\n): never;\nexport function _fail<K extends AuthErrorCode>(\n authOrCode: Auth | K,\n ...rest: unknown[]\n): never {\n throw createErrorInternal(authOrCode, ...rest);\n}\n\nexport function _createError<K extends AuthErrorCode>(\n code: K,\n ...data: {} extends AuthErrorParams[K]\n ? [AuthErrorParams[K]?]\n : [AuthErrorParams[K]]\n): FirebaseError;\nexport function _createError<K extends AuthErrorCode>(\n auth: Auth,\n code: K,\n ...data: {} extends LessAppName<K> ? [LessAppName<K>?] : [LessAppName<K>]\n): FirebaseError;\nexport function _createError<K extends AuthErrorCode>(\n authOrCode: Auth | K,\n ...rest: unknown[]\n): FirebaseError {\n return createErrorInternal(authOrCode, ...rest);\n}\n\nexport function _errorWithCustomMessage(\n auth: Auth,\n code: AuthErrorCode,\n message: string\n): FirebaseError {\n const errorMap = {\n ...(prodErrorMap as ErrorMapRetriever)(),\n [code]: message\n };\n const factory = new ErrorFactory<AuthErrorCode, AuthErrorParams>(\n 'auth',\n 'Firebase',\n errorMap\n );\n return factory.create(code, {\n appName: auth.name\n });\n}\n\nexport function _serverAppCurrentUserOperationNotSupportedError(\n auth: Auth\n): FirebaseError {\n return _errorWithCustomMessage(\n auth,\n AuthErrorCode.OPERATION_NOT_SUPPORTED,\n 'Operations that alter the current user are not supported in conjunction with FirebaseServerApp'\n );\n}\n\nexport function _assertInstanceOf(\n auth: Auth,\n object: object,\n instance: unknown\n): void {\n const constructorInstance = instance as { new (...args: unknown[]): unknown };\n if (!(object instanceof constructorInstance)) {\n if (constructorInstance.name !== object.constructor.name) {\n _fail(auth, AuthErrorCode.ARGUMENT_ERROR);\n }\n\n throw _errorWithCustomMessage(\n auth,\n AuthErrorCode.ARGUMENT_ERROR,\n `Type of ${object.constructor.name} does not match expected instance.` +\n `Did you pass a reference from a different Auth SDK?`\n );\n }\n}\n\nfunction createErrorInternal<K extends AuthErrorCode>(\n authOrCode: Auth | K,\n ...rest: unknown[]\n): FirebaseError {\n if (typeof authOrCode !== 'string') {\n const code = rest[0] as K;\n const fullParams = [...rest.slice(1)] as AuthErrorListParams<K>;\n if (fullParams[0]) {\n fullParams[0].appName = authOrCode.name;\n }\n\n return (authOrCode as AuthInternal)._errorFactory.create(\n code,\n ...fullParams\n );\n }\n\n return _DEFAULT_AUTH_ERROR_FACTORY.create(\n authOrCode,\n ...(rest as AuthErrorListParams<K>)\n );\n}\n\nexport function _assert<K extends AuthErrorCode>(\n assertion: unknown,\n code: K,\n ...data: {} extends AuthErrorParams[K]\n ? [AuthErrorParams[K]?]\n : [AuthErrorParams[K]]\n): asserts assertion;\nexport function _assert<K extends AuthErrorCode>(\n assertion: unknown,\n auth: Auth,\n code: K,\n ...data: {} extends LessAppName<K> ? [LessAppName<K>?] : [LessAppName<K>]\n): asserts assertion;\nexport function _assert<K extends AuthErrorCode>(\n assertion: unknown,\n authOrCode: Auth | K,\n ...rest: unknown[]\n): asserts assertion {\n if (!assertion) {\n throw createErrorInternal(authOrCode, ...rest);\n }\n}\n\n// We really do want to accept literally any function type here\n// eslint-disable-next-line @typescript-eslint/ban-types\ntype TypeExpectation = Function | string | MapType;\n\ninterface MapType extends Record<string, TypeExpectation | Optional> {}\n\nclass Optional {\n constructor(readonly type: TypeExpectation) {}\n}\n\nexport function opt(type: TypeExpectation): Optional {\n return new Optional(type);\n}\n\n/**\n * Asserts the runtime types of arguments. The 'expected' field can be one of\n * a class, a string (representing a \"typeof\" call), or a record map of name\n * to type. Furthermore, the opt() function can be used to mark a field as\n * optional. For example:\n *\n * function foo(auth: Auth, profile: {displayName?: string}, update = false) {\n * assertTypes(arguments, [AuthImpl, {displayName: opt('string')}, opt('boolean')]);\n * }\n *\n * opt() can be used for any type:\n * function foo(auth?: Auth) {\n * assertTypes(arguments, [opt(AuthImpl)]);\n * }\n *\n * The string types can be or'd together, and you can use \"null\" as well (note\n * that typeof null === 'object'; this is an edge case). For example:\n *\n * function foo(profile: {displayName?: string | null}) {\n * assertTypes(arguments, [{displayName: opt('string|null')}]);\n * }\n *\n * @param args\n * @param expected\n */\nexport function assertTypes(\n args: Omit<IArguments, 'callee'>,\n ...expected: Array<TypeExpectation | Optional>\n): void {\n if (args.length > expected.length) {\n _fail(AuthErrorCode.ARGUMENT_ERROR, {});\n }\n\n for (let i = 0; i < expected.length; i++) {\n let expect = expected[i];\n const arg = args[i];\n\n if (expect instanceof Optional) {\n // If the arg is undefined, then it matches \"optional\" and we can move to\n // the next arg\n if (typeof arg === 'undefined') {\n continue;\n }\n expect = expect.type;\n }\n\n if (typeof expect === 'string') {\n // Handle the edge case for null because typeof null === 'object'\n if (expect.includes('null') && arg === null) {\n continue;\n }\n\n const required = expect.split('|');\n _assert(required.includes(typeof arg), AuthErrorCode.ARGUMENT_ERROR, {});\n } else if (typeof expect === 'object') {\n // Recursively check record arguments\n const record = arg as Record<string, unknown>;\n const map = expect as MapType;\n const keys = Object.keys(expect);\n\n assertTypes(\n keys.map(k => record[k]),\n ...keys.map(k => map[k])\n );\n } else {\n _assert(arg instanceof expect, AuthErrorCode.ARGUMENT_ERROR, {});\n }\n }\n}\n\n/**\n * Unconditionally fails, throwing an internal error with the given message.\n *\n * @param failure type of failure encountered\n * @throws Error\n */\nexport function debugFail(failure: string): never {\n // Log the failure in addition to throw an exception, just in case the\n // exception is swallowed.\n const message = `INTERNAL ASSERTION FAILED: ` + failure;\n _logError(message);\n\n // NOTE: We don't use FirebaseError here because these are internal failures\n // that cannot be handled by the user. (Also it would create a circular\n // dependency between the error and assert modules which doesn't work.)\n throw new Error(message);\n}\n\n/**\n * Fails if the given assertion condition is false, throwing an Error with the\n * given message if it did.\n *\n * @param assertion\n * @param message\n */\nexport function debugAssert(\n assertion: unknown,\n message: string\n): asserts assertion {\n if (!assertion) {\n debugFail(message);\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nexport function _getCurrentUrl(): string {\n return (typeof self !== 'undefined' && self.location?.href) || '';\n}\n\nexport function _isHttpOrHttps(): boolean {\n return _getCurrentScheme() === 'http:' || _getCurrentScheme() === 'https:';\n}\n\nexport function _getCurrentScheme(): string | null {\n return (typeof self !== 'undefined' && self.location?.protocol) || null;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { isBrowserExtension } from '@firebase/util';\nimport { _isHttpOrHttps } from './location';\n\n/**\n * Determine whether the browser is working online\n */\nexport function _isOnline(): boolean {\n if (\n typeof navigator !== 'undefined' &&\n navigator &&\n 'onLine' in navigator &&\n typeof navigator.onLine === 'boolean' &&\n // Apply only for traditional web apps and Chrome extensions.\n // This is especially true for Cordova apps which have unreliable\n // navigator.onLine behavior unless cordova-plugin-network-information is\n // installed which overwrites the native navigator.onLine value and\n // defines navigator.connection.\n (_isHttpOrHttps() || isBrowserExtension() || 'connection' in navigator)\n ) {\n return navigator.onLine;\n }\n // If we can't determine the state, assume it is online.\n return true;\n}\n\nexport function _getUserLanguage(): string | null {\n if (typeof navigator === 'undefined') {\n return null;\n }\n const navigatorLanguage: NavigatorLanguage = navigator;\n return (\n // Most reliable, but only supported in Chrome/Firefox.\n (navigatorLanguage.languages && navigatorLanguage.languages[0]) ||\n // Supported in most browsers, but returns the language of the browser\n // UI, not the language set in browser settings.\n navigatorLanguage.language ||\n // Couldn't determine language.\n null\n );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { isMobileCordova, isReactNative } from '@firebase/util';\nimport { _isOnline } from './navigator';\nimport { debugAssert } from './assert';\n\nexport const enum DelayMin {\n OFFLINE = 5000\n}\n\n/**\n * A structure to help pick between a range of long and short delay durations\n * depending on the current environment. In general, the long delay is used for\n * mobile environments whereas short delays are used for desktop environments.\n */\nexport class Delay {\n // The default value for the offline delay timeout in ms.\n\n private readonly isMobile: boolean;\n constructor(\n private readonly shortDelay: number,\n private readonly longDelay: number\n ) {\n // Internal error when improperly initialized.\n debugAssert(\n longDelay > shortDelay,\n 'Short delay should be less than long delay!'\n );\n this.isMobile = isMobileCordova() || isReactNative();\n }\n\n get(): number {\n if (!_isOnline()) {\n // Pick the shorter timeout.\n return Math.min(DelayMin.OFFLINE, this.shortDelay);\n }\n // If running in a mobile environment, return the long delay, otherwise\n // return the short delay.\n // This could be improved in the future to dynamically change based on other\n // variables instead of just reading the current environment.\n return this.isMobile ? this.longDelay : this.shortDelay;\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { ConfigInternal } from '../../model/auth';\nimport { debugAssert } from './assert';\n\nexport function _emulatorUrl(config: ConfigInternal, path?: string): string {\n debugAssert(config.emulator, 'Emulator should always be set here');\n const { url } = config.emulator;\n\n if (!path) {\n return url;\n }\n\n return `${url}${path.startsWith('/') ? path.slice(1) : path}`;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { debugFail } from './assert';\n\nexport class FetchProvider {\n private static fetchImpl: typeof fetch | null;\n private static headersImpl: typeof Headers | null;\n private static responseImpl: typeof Response | null;\n\n static initialize(\n fetchImpl: typeof fetch,\n headersImpl?: typeof Headers,\n responseImpl?: typeof Response\n ): void {\n this.fetchImpl = fetchImpl;\n if (headersImpl) {\n this.headersImpl = headersImpl;\n }\n if (responseImpl) {\n this.responseImpl = responseImpl;\n }\n }\n\n static fetch(): typeof fetch {\n if (this.fetchImpl) {\n return this.fetchImpl;\n }\n if (typeof self !== 'undefined' && 'fetch' in self) {\n return self.fetch;\n }\n if (typeof globalThis !== 'undefined' && globalThis.fetch) {\n return globalThis.fetch;\n }\n if (typeof fetch !== 'undefined') {\n return fetch;\n }\n debugFail(\n 'Could not find fetch implementation, make sure you call FetchProvider.initialize() with an appropriate polyfill'\n );\n }\n\n static headers(): typeof Headers {\n if (this.headersImpl) {\n return this.headersImpl;\n }\n if (typeof self !== 'undefined' && 'Headers' in self) {\n return self.Headers;\n }\n if (typeof globalThis !== 'undefined' && globalThis.Headers) {\n return globalThis.Headers;\n }\n if (typeof Headers !== 'undefined') {\n return Headers;\n }\n debugFail(\n 'Could not find Headers implementation, make sure you call FetchProvider.initialize() with an appropriate polyfill'\n );\n }\n\n static response(): typeof Response {\n if (this.responseImpl) {\n return this.responseImpl;\n }\n if (typeof self !== 'undefined' && 'Response' in self) {\n return self.Response;\n }\n if (typeof globalThis !== 'undefined' && globalThis.Response) {\n return globalThis.Response;\n }\n if (typeof Response !== 'undefined') {\n return Response;\n }\n debugFail(\n 'Could not find Response implementation, make sure you call FetchProvider.initialize() with an appropriate polyfill'\n );\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthErrorCode } from '../core/errors';\n\n/**\n * Errors that can be returned by the backend\n */\nexport const enum ServerError {\n ADMIN_ONLY_OPERATION = 'ADMIN_ONLY_OPERATION',\n BLOCKING_FUNCTION_ERROR_RESPONSE = 'BLOCKING_FUNCTION_ERROR_RESPONSE',\n CAPTCHA_CHECK_FAILED = 'CAPTCHA_CHECK_FAILED',\n CORS_UNSUPPORTED = 'CORS_UNSUPPORTED',\n CREDENTIAL_MISMATCH = 'CREDENTIAL_MISMATCH',\n CREDENTIAL_TOO_OLD_LOGIN_AGAIN = 'CREDENTIAL_TOO_OLD_LOGIN_AGAIN',\n DYNAMIC_LINK_NOT_ACTIVATED = 'DYNAMIC_LINK_NOT_ACTIVATED',\n EMAIL_CHANGE_NEEDS_VERIFICATION = 'EMAIL_CHANGE_NEEDS_VERIFICATION',\n EMAIL_EXISTS = 'EMAIL_EXISTS',\n EMAIL_NOT_FOUND = 'EMAIL_NOT_FOUND',\n EXPIRED_OOB_CODE = 'EXPIRED_OOB_CODE',\n FEDERATED_USER_ID_ALREADY_LINKED = 'FEDERATED_USER_ID_ALREADY_LINKED',\n INVALID_APP_CREDENTIAL = 'INVALID_APP_CREDENTIAL',\n INVALID_APP_ID = 'INVALID_APP_ID',\n INVALID_CERT_HASH = 'INVALID_CERT_HASH',\n INVALID_CODE = 'INVALID_CODE',\n INVALID_CONTINUE_URI = 'INVALID_CONTINUE_URI',\n INVALID_CUSTOM_TOKEN = 'INVALID_CUSTOM_TOKEN',\n INVALID_DYNAMIC_LINK_DOMAIN = 'INVALID_DYNAMIC_LINK_DOMAIN',\n INVALID_EMAIL = 'INVALID_EMAIL',\n INVALID_ID_TOKEN = 'INVALID_ID_TOKEN',\n INVALID_IDP_RESPONSE = 'INVALID_IDP_RESPONSE',\n INVALID_IDENTIFIER = 'INVALID_IDENTIFIER',\n INVALID_LOGIN_CREDENTIALS = 'INVALID_LOGIN_CREDENTIALS',\n INVALID_MESSAGE_PAYLOAD = 'INVALID_MESSAGE_PAYLOAD',\n INVALID_MFA_PENDING_CREDENTIAL = 'INVALID_MFA_PENDING_CREDENTIAL',\n INVALID_OAUTH_CLIENT_ID = 'INVALID_OAUTH_CLIENT_ID',\n INVALID_OOB_CODE = 'INVALID_OOB_CODE',\n INVALID_PASSWORD = 'INVALID_PASSWORD',\n INVALID_PENDING_TOKEN = 'INVALID_PENDING_TOKEN',\n INVALID_PHONE_NUMBER = 'INVALID_PHONE_NUMBER',\n INVALID_PROVIDER_ID = 'INVALID_PROVIDER_ID',\n INVALID_RECIPIENT_EMAIL = 'INVALID_RECIPIENT_EMAIL',\n INVALID_SENDER = 'INVALID_SENDER',\n INVALID_SESSION_INFO = 'INVALID_SESSION_INFO',\n INVALID_TEMPORARY_PROOF = 'INVALID_TEMPORARY_PROOF',\n INVALID_TENANT_ID = 'INVALID_TENANT_ID',\n MFA_ENROLLMENT_NOT_FOUND = 'MFA_ENROLLMENT_NOT_FOUND',\n MISSING_ANDROID_PACKAGE_NAME = 'MISSING_ANDROID_PACKAGE_NAME',\n MISSING_APP_CREDENTIAL = 'MISSING_APP_CREDENTIAL',\n MISSING_CODE = 'MISSING_CODE',\n MISSING_CONTINUE_URI = 'MISSING_CONTINUE_URI',\n MISSING_CUSTOM_TOKEN = 'MISSING_CUSTOM_TOKEN',\n MISSING_IOS_BUNDLE_ID = 'MISSING_IOS_BUNDLE_ID',\n MISSING_MFA_ENROLLMENT_ID = 'MISSING_MFA_ENROLLMENT_ID',\n MISSING_MFA_PENDING_CREDENTIAL = 'MISSING_MFA_PENDING_CREDENTIAL',\n MISSING_OOB_CODE = 'MISSING_OOB_CODE',\n MISSING_OR_INVALID_NONCE = 'MISSING_OR_INVALID_NONCE',\n MISSING_PASSWORD = 'MISSING_PASSWORD',\n MISSING_REQ_TYPE = 'MISSING_REQ_TYPE',\n MISSING_PHONE_NUMBER = 'MISSING_PHONE_NUMBER',\n MISSING_SESSION_INFO = 'MISSING_SESSION_INFO',\n OPERATION_NOT_ALLOWED = 'OPERATION_NOT_ALLOWED',\n PASSWORD_LOGIN_DISABLED = 'PASSWORD_LOGIN_DISABLED',\n QUOTA_EXCEEDED = 'QUOTA_EXCEEDED',\n RESET_PASSWORD_EXCEED_LIMIT = 'RESET_PASSWORD_EXCEED_LIMIT',\n REJECTED_CREDENTIAL = 'REJECTED_CREDENTIAL',\n SECOND_FACTOR_EXISTS = 'SECOND_FACTOR_EXISTS',\n SECOND_FACTOR_LIMIT_EXCEEDED = 'SECOND_FACTOR_LIMIT_EXCEEDED',\n SESSION_EXPIRED = 'SESSION_EXPIRED',\n TENANT_ID_MISMATCH = 'TENANT_ID_MISMATCH',\n TOKEN_EXPIRED = 'TOKEN_EXPIRED',\n TOO_MANY_ATTEMPTS_TRY_LATER = 'TOO_MANY_ATTEMPTS_TRY_LATER',\n UNSUPPORTED_FIRST_FACTOR = 'UNSUPPORTED_FIRST_FACTOR',\n UNSUPPORTED_TENANT_OPERATION = 'UNSUPPORTED_TENANT_OPERATION',\n UNAUTHORIZED_DOMAIN = 'UNAUTHORIZED_DOMAIN',\n UNVERIFIED_EMAIL = 'UNVERIFIED_EMAIL',\n USER_CANCELLED = 'USER_CANCELLED',\n USER_DISABLED = 'USER_DISABLED',\n USER_NOT_FOUND = 'USER_NOT_FOUND',\n WEAK_PASSWORD = 'WEAK_PASSWORD',\n RECAPTCHA_NOT_ENABLED = 'RECAPTCHA_NOT_ENABLED',\n MISSING_RECAPTCHA_TOKEN = 'MISSING_RECAPTCHA_TOKEN',\n INVALID_RECAPTCHA_TOKEN = 'INVALID_RECAPTCHA_TOKEN',\n INVALID_RECAPTCHA_ACTION = 'INVALID_RECAPTCHA_ACTION',\n MISSING_CLIENT_TYPE = 'MISSING_CLIENT_TYPE',\n MISSING_RECAPTCHA_VERSION = 'MISSING_RECAPTCHA_VERSION',\n INVALID_RECAPTCHA_VERSION = 'INVALID_RECAPTCHA_VERSION',\n INVALID_REQ_TYPE = 'INVALID_REQ_TYPE',\n PASSWORD_DOES_NOT_MEET_REQUIREMENTS = 'PASSWORD_DOES_NOT_MEET_REQUIREMENTS',\n INVALID_HOSTING_LINK_DOMAIN = 'INVALID_HOSTING_LINK_DOMAIN'\n}\n\n/**\n * API Response in the event of an error\n */\nexport interface JsonError {\n error: {\n code: number;\n message: string;\n errors?: [\n {\n message: ServerError;\n domain: string;\n reason: string;\n }\n ];\n };\n}\n\n/**\n * Type definition for a map from server errors to developer visible errors\n */\nexport declare type ServerErrorMap<ApiError extends string> = {\n readonly [K in ApiError]: AuthErrorCode;\n};\n\n/**\n * Map from errors returned by the server to errors to developer visible errors\n */\nexport const SERVER_ERROR_MAP: Partial<ServerErrorMap<ServerError>> = {\n // Custom token errors.\n [ServerError.CREDENTIAL_MISMATCH]: AuthErrorCode.CREDENTIAL_MISMATCH,\n // This can only happen if the SDK sends a bad request.\n [ServerError.MISSING_CUSTOM_TOKEN]: AuthErrorCode.INTERNAL_ERROR,\n\n // Create Auth URI errors.\n [ServerError.INVALID_IDENTIFIER]: AuthErrorCode.INVALID_EMAIL,\n // This can only happen if the SDK sends a bad request.\n [ServerError.MISSING_CONTINUE_URI]: AuthErrorCode.INTERNAL_ERROR,\n\n // Sign in with email and password errors (some apply to sign up too).\n [ServerError.INVALID_PASSWORD]: AuthErrorCode.INVALID_PASSWORD,\n // This can only happen if the SDK sends a bad request.\n [ServerError.MISSING_PASSWORD]: AuthErrorCode.MISSING_PASSWORD,\n // Thrown if Email Enumeration Protection is enabled in the project and the email or password is\n // invalid.\n [ServerError.INVALID_LOGIN_CREDENTIALS]: AuthErrorCode.INVALID_CREDENTIAL,\n\n // Sign up with email and password errors.\n [ServerError.EMAIL_EXISTS]: AuthErrorCode.EMAIL_EXISTS,\n [ServerError.PASSWORD_LOGIN_DISABLED]: AuthErrorCode.OPERATION_NOT_ALLOWED,\n\n // Verify assertion for sign in with credential errors:\n [ServerError.INVALID_IDP_RESPONSE]: AuthErrorCode.INVALID_CREDENTIAL,\n [ServerError.INVALID_PENDING_TOKEN]: AuthErrorCode.INVALID_CREDENTIAL,\n [ServerError.FEDERATED_USER_ID_ALREADY_LINKED]:\n AuthErrorCode.CREDENTIAL_ALREADY_IN_USE,\n\n // This can only happen if the SDK sends a bad request.\n [ServerError.MISSING_REQ_TYPE]: AuthErrorCode.INTERNAL_ERROR,\n\n // Send Password reset email errors:\n [ServerError.EMAIL_NOT_FOUND]: AuthErrorCode.USER_DELETED,\n [ServerError.RESET_PASSWORD_EXCEED_LIMIT]:\n AuthErrorCode.TOO_MANY_ATTEMPTS_TRY_LATER,\n\n [ServerError.EXPIRED_OOB_CODE]: AuthErrorCode.EXPIRED_OOB_CODE,\n [ServerError.INVALID_OOB_CODE]: AuthErrorCode.INVALID_OOB_CODE,\n // This can only happen if the SDK sends a bad request.\n [ServerError.MISSING_OOB_CODE]: AuthErrorCode.INTERNAL_ERROR,\n\n // Operations that require ID token in request:\n [ServerError.CREDENTIAL_TOO_OLD_LOGIN_AGAIN]:\n AuthErrorCode.CREDENTIAL_TOO_OLD_LOGIN_AGAIN,\n [ServerError.INVALID_ID_TOKEN]: AuthErrorCode.INVALID_AUTH,\n [ServerError.TOKEN_EXPIRED]: AuthErrorCode.TOKEN_EXPIRED,\n [ServerError.USER_NOT_FOUND]: AuthErrorCode.TOKEN_EXPIRED,\n\n // Other errors.\n [ServerError.TOO_MANY_ATTEMPTS_TRY_LATER]:\n AuthErrorCode.TOO_MANY_ATTEMPTS_TRY_LATER,\n [ServerError.PASSWORD_DOES_NOT_MEET_REQUIREMENTS]:\n AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS,\n\n // Phone Auth related errors.\n [ServerError.INVALID_CODE]: AuthErrorCode.INVALID_CODE,\n [ServerError.INVALID_SESSION_INFO]: AuthErrorCode.INVALID_SESSION_INFO,\n [ServerError.INVALID_TEMPORARY_PROOF]: AuthErrorCode.INVALID_CREDENTIAL,\n [ServerError.MISSING_SESSION_INFO]: AuthErrorCode.MISSING_SESSION_INFO,\n [ServerError.SESSION_EXPIRED]: AuthErrorCode.CODE_EXPIRED,\n\n // Other action code errors when additional settings passed.\n // MISSING_CONTINUE_URI is getting mapped to INTERNAL_ERROR above.\n // This is OK as this error will be caught by client side validation.\n [ServerError.MISSING_ANDROID_PACKAGE_NAME]:\n AuthErrorCode.MISSING_ANDROID_PACKAGE_NAME,\n [ServerError.UNAUTHORIZED_DOMAIN]: AuthErrorCode.UNAUTHORIZED_DOMAIN,\n\n // getProjectConfig errors when clientId is passed.\n [ServerError.INVALID_OAUTH_CLIENT_ID]: AuthErrorCode.INVALID_OAUTH_CLIENT_ID,\n\n // User actions (sign-up or deletion) disabled errors.\n [ServerError.ADMIN_ONLY_OPERATION]: AuthErrorCode.ADMIN_ONLY_OPERATION,\n\n // Multi factor related errors.\n [ServerError.INVALID_MFA_PENDING_CREDENTIAL]:\n AuthErrorCode.INVALID_MFA_SESSION,\n [ServerError.MFA_ENROLLMENT_NOT_FOUND]: AuthErrorCode.MFA_INFO_NOT_FOUND,\n [ServerError.MISSING_MFA_ENROLLMENT_ID]: AuthErrorCode.MISSING_MFA_INFO,\n [ServerError.MISSING_MFA_PENDING_CREDENTIAL]:\n AuthErrorCode.MISSING_MFA_SESSION,\n [ServerError.SECOND_FACTOR_EXISTS]:\n AuthErrorCode.SECOND_FACTOR_ALREADY_ENROLLED,\n [ServerError.SECOND_FACTOR_LIMIT_EXCEEDED]:\n AuthErrorCode.SECOND_FACTOR_LIMIT_EXCEEDED,\n\n // Blocking functions related errors.\n [ServerError.BLOCKING_FUNCTION_ERROR_RESPONSE]: AuthErrorCode.INTERNAL_ERROR,\n\n // Recaptcha related errors.\n [ServerError.RECAPTCHA_NOT_ENABLED]: AuthErrorCode.RECAPTCHA_NOT_ENABLED,\n [ServerError.MISSING_RECAPTCHA_TOKEN]: AuthErrorCode.MISSING_RECAPTCHA_TOKEN,\n [ServerError.INVALID_RECAPTCHA_TOKEN]: AuthErrorCode.INVALID_RECAPTCHA_TOKEN,\n [ServerError.INVALID_RECAPTCHA_ACTION]:\n AuthErrorCode.INVALID_RECAPTCHA_ACTION,\n [ServerError.MISSING_CLIENT_TYPE]: AuthErrorCode.MISSING_CLIENT_TYPE,\n [ServerError.MISSING_RECAPTCHA_VERSION]:\n AuthErrorCode.MISSING_RECAPTCHA_VERSION,\n [ServerError.INVALID_RECAPTCHA_VERSION]:\n AuthErrorCode.INVALID_RECAPTCHA_VERSION,\n [ServerError.INVALID_REQ_TYPE]: AuthErrorCode.INVALID_REQ_TYPE\n};\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n FirebaseError,\n isCloudflareWorker,\n isCloudWorkstation,\n querystring\n} from '@firebase/util';\n\nimport { AuthErrorCode, NamedErrorParams } from '../core/errors';\nimport {\n _createError,\n _errorWithCustomMessage,\n _fail\n} from '../core/util/assert';\nimport { Delay } from '../core/util/delay';\nimport { _emulatorUrl } from '../core/util/emulator';\nimport { FetchProvider } from '../core/util/fetch_provider';\nimport { Auth } from '../model/public_types';\nimport { AuthInternal, ConfigInternal } from '../model/auth';\nimport { IdTokenResponse, TaggedWithTokenResponse } from '../model/id_token';\nimport { IdTokenMfaResponse } from './authentication/mfa';\nimport { SERVER_ERROR_MAP, ServerError, ServerErrorMap } from './errors';\nimport { PersistenceType } from '../core/persistence';\nimport { CookiePersistence } from '../platform_browser/persistence/cookie_storage';\n\nexport const enum HttpMethod {\n POST = 'POST',\n GET = 'GET'\n}\n\nexport const enum HttpHeader {\n CONTENT_TYPE = 'Content-Type',\n X_FIREBASE_LOCALE = 'X-Firebase-Locale',\n X_CLIENT_VERSION = 'X-Client-Version',\n X_FIREBASE_GMPID = 'X-Firebase-gmpid',\n X_FIREBASE_CLIENT = 'X-Firebase-Client',\n X_FIREBASE_APP_CHECK = 'X-Firebase-AppCheck'\n}\n\nexport const enum Endpoint {\n CREATE_AUTH_URI = '/v1/accounts:createAuthUri',\n DELETE_ACCOUNT = '/v1/accounts:delete',\n RESET_PASSWORD = '/v1/accounts:resetPassword',\n SIGN_UP = '/v1/accounts:signUp',\n SIGN_IN_WITH_CUSTOM_TOKEN = '/v1/accounts:signInWithCustomToken',\n SIGN_IN_WITH_EMAIL_LINK = '/v1/accounts:signInWithEmailLink',\n SIGN_IN_WITH_IDP = '/v1/accounts:signInWithIdp',\n SIGN_IN_WITH_PASSWORD = '/v1/accounts:signInWithPassword',\n SIGN_IN_WITH_PHONE_NUMBER = '/v1/accounts:signInWithPhoneNumber',\n SEND_VERIFICATION_CODE = '/v1/accounts:sendVerificationCode',\n SEND_OOB_CODE = '/v1/accounts:sendOobCode',\n SET_ACCOUNT_INFO = '/v1/accounts:update',\n GET_ACCOUNT_INFO = '/v1/accounts:lookup',\n GET_RECAPTCHA_PARAM = '/v1/recaptchaParams',\n START_MFA_ENROLLMENT = '/v2/accounts/mfaEnrollment:start',\n FINALIZE_MFA_ENROLLMENT = '/v2/accounts/mfaEnrollment:finalize',\n START_MFA_SIGN_IN = '/v2/accounts/mfaSignIn:start',\n FINALIZE_MFA_SIGN_IN = '/v2/accounts/mfaSignIn:finalize',\n WITHDRAW_MFA = '/v2/accounts/mfaEnrollment:withdraw',\n GET_PROJECT_CONFIG = '/v1/projects',\n GET_RECAPTCHA_CONFIG = '/v2/recaptchaConfig',\n GET_PASSWORD_POLICY = '/v2/passwordPolicy',\n TOKEN = '/v1/token',\n REVOKE_TOKEN = '/v2/accounts:revokeToken'\n}\n\nconst CookieAuthProxiedEndpoints: string[] = [\n Endpoint.SIGN_IN_WITH_CUSTOM_TOKEN,\n Endpoint.SIGN_IN_WITH_EMAIL_LINK,\n Endpoint.SIGN_IN_WITH_IDP,\n Endpoint.SIGN_IN_WITH_PASSWORD,\n Endpoint.SIGN_IN_WITH_PHONE_NUMBER,\n Endpoint.TOKEN\n];\n\nexport const enum RecaptchaClientType {\n WEB = 'CLIENT_TYPE_WEB',\n ANDROID = 'CLIENT_TYPE_ANDROID',\n IOS = 'CLIENT_TYPE_IOS'\n}\n\nexport const enum RecaptchaVersion {\n ENTERPRISE = 'RECAPTCHA_ENTERPRISE'\n}\n\nexport const enum RecaptchaActionName {\n SIGN_IN_WITH_PASSWORD = 'signInWithPassword',\n GET_OOB_CODE = 'getOobCode',\n SIGN_UP_PASSWORD = 'signUpPassword',\n SEND_VERIFICATION_CODE = 'sendVerificationCode',\n MFA_SMS_ENROLLMENT = 'mfaSmsEnrollment',\n MFA_SMS_SIGNIN = 'mfaSmsSignIn'\n}\n\nexport const enum EnforcementState {\n ENFORCE = 'ENFORCE',\n AUDIT = 'AUDIT',\n OFF = 'OFF',\n ENFORCEMENT_STATE_UNSPECIFIED = 'ENFORCEMENT_STATE_UNSPECIFIED'\n}\n\n// Providers that have reCAPTCHA Enterprise support.\nexport const enum RecaptchaAuthProvider {\n EMAIL_PASSWORD_PROVIDER = 'EMAIL_PASSWORD_PROVIDER',\n PHONE_PROVIDER = 'PHONE_PROVIDER'\n}\n\nexport const DEFAULT_API_TIMEOUT_MS = new Delay(30_000, 60_000);\n\nexport function _addTidIfNecessary<T extends { tenantId?: string }>(\n auth: Auth,\n request: T\n): T {\n if (auth.tenantId && !request.tenantId) {\n return {\n ...request,\n tenantId: auth.tenantId\n };\n }\n return request;\n}\n\nexport async function _performApiRequest<T, V>(\n auth: Auth,\n method: HttpMethod,\n path: Endpoint,\n request?: T,\n customErrorMap: Partial<ServerErrorMap<ServerError>> = {}\n): Promise<V> {\n return _performFetchWithErrorHandling(auth, customErrorMap, async () => {\n let body = {};\n let params = {};\n if (request) {\n if (method === HttpMethod.GET) {\n params = request;\n } else {\n body = {\n body: JSON.stringify(request)\n };\n }\n }\n\n const query = querystring({\n key: auth.config.apiKey,\n ...params\n }).slice(1);\n\n const headers = await (auth as AuthInternal)._getAdditionalHeaders();\n headers[HttpHeader.CONTENT_TYPE] = 'application/json';\n\n if (auth.languageCode) {\n headers[HttpHeader.X_FIREBASE_LOCALE] = auth.languageCode;\n }\n\n const fetchArgs: RequestInit = {\n method,\n headers,\n ...body\n };\n\n /* Security-conscious server-side frameworks tend to have built in mitigations for referrer\n problems\". See the Cloudflare GitHub issue #487: Error: The 'referrerPolicy' field on\n 'RequestInitializerDict' is not implemented.\"\n https://github.com/cloudflare/next-on-pages/issues/487 */\n if (!isCloudflareWorker()) {\n fetchArgs.referrerPolicy = 'no-referrer';\n }\n\n if (auth.emulatorConfig && isCloudWorkstation(auth.emulatorConfig.host)) {\n fetchArgs.credentials = 'include';\n }\n\n return FetchProvider.fetch()(\n await _getFinalTarget(auth, auth.config.apiHost, path, query),\n fetchArgs\n );\n });\n}\n\nexport async function _performFetchWithErrorHandling<V>(\n auth: Auth,\n customErrorMap: Partial<ServerErrorMap<ServerError>>,\n fetchFn: () => Promise<Response>\n): Promise<V> {\n (auth as AuthInternal)._canInitEmulator = false;\n const errorMap = { ...SERVER_ERROR_MAP, ...customErrorMap };\n try {\n const networkTimeout = new NetworkTimeout<Response>(auth);\n const response: Response = await Promise.race<Promise<Response>>([\n fetchFn(),\n networkTimeout.promise\n ]);\n\n // If we've reached this point, the fetch succeeded and the networkTimeout\n // didn't throw; clear the network timeout delay so that Node won't hang\n networkTimeout.clearNetworkTimeout();\n\n const json = await response.json();\n if ('needConfirmation' in json) {\n throw _makeTaggedError(auth, AuthErrorCode.NEED_CONFIRMATION, json);\n }\n\n if (response.ok && !('errorMessage' in json)) {\n return json;\n } else {\n const errorMessage = response.ok ? json.errorMessage : json.error.message;\n const [serverErrorCode, serverErrorMessage] = errorMessage.split(' : ');\n if (serverErrorCode === ServerError.FEDERATED_USER_ID_ALREADY_LINKED) {\n throw _makeTaggedError(\n auth,\n AuthErrorCode.CREDENTIAL_ALREADY_IN_USE,\n json\n );\n } else if (serverErrorCode === ServerError.EMAIL_EXISTS) {\n throw _makeTaggedError(auth, AuthErrorCode.EMAIL_EXISTS, json);\n } else if (serverErrorCode === ServerError.USER_DISABLED) {\n throw _makeTaggedError(auth, AuthErrorCode.USER_DISABLED, json);\n }\n const authError =\n errorMap[serverErrorCode as ServerError] ||\n (serverErrorCode\n .toLowerCase()\n .replace(/[_\\s]+/g, '-') as unknown as AuthErrorCode);\n if (serverErrorMessage) {\n throw _errorWithCustomMessage(auth, authError, serverErrorMessage);\n } else {\n _fail(auth, authError);\n }\n }\n } catch (e) {\n if (e instanceof FirebaseError) {\n throw e;\n }\n // Changing this to a different error code will log user out when there is a network error\n // because we treat any error other than NETWORK_REQUEST_FAILED as token is invalid.\n // https://github.com/firebase/firebase-js-sdk/blob/4fbc73610d70be4e0852e7de63a39cb7897e8546/packages/auth/src/core/auth/auth_impl.ts#L309-L316\n _fail(auth, AuthErrorCode.NETWORK_REQUEST_FAILED, { 'message': String(e) });\n }\n}\n\nexport async function _performSignInRequest<T, V extends IdTokenResponse>(\n auth: Auth,\n method: HttpMethod,\n path: Endpoint,\n request?: T,\n customErrorMap: Partial<ServerErrorMap<ServerError>> = {}\n): Promise<V> {\n const serverResponse = await _performApiRequest<T, V | IdTokenMfaResponse>(\n auth,\n method,\n path,\n request,\n customErrorMap\n );\n if ('mfaPendingCredential' in serverResponse) {\n _fail(auth, AuthErrorCode.MFA_REQUIRED, {\n _serverResponse: serverResponse\n });\n }\n\n return serverResponse as V;\n}\n\nexport async function _getFinalTarget(\n auth: Auth,\n host: string,\n path: string,\n query: string\n): Promise<string> {\n const base = `${host}${path}?${query}`;\n\n const authInternal = auth as AuthInternal;\n const finalTarget = authInternal.config.emulator\n ? _emulatorUrl(auth.config as ConfigInternal, base)\n : `${auth.config.apiScheme}://${base}`;\n\n // Cookie auth works by MiTMing the signIn and token endpoints from the developer's backend,\n // saving the idToken and refreshToken into cookies, and then redacting the refreshToken\n // from the response\n if (CookieAuthProxiedEndpoints.includes(path)) {\n // Persistence manager is async, we need to await it. We can't just wait for auth initialized\n // here since auth initialization calls this function.\n await authInternal._persistenceManagerAvailable;\n if (authInternal._getPersistenceType() === PersistenceType.COOKIE) {\n const cookiePersistence =\n authInternal._getPersistence() as CookiePersistence;\n return cookiePersistence._getFinalTarget(finalTarget).toString();\n }\n }\n\n return finalTarget;\n}\n\nexport function _parseEnforcementState(\n enforcementStateStr: string\n): EnforcementState {\n switch (enforcementStateStr) {\n case 'ENFORCE':\n return EnforcementState.ENFORCE;\n case 'AUDIT':\n return EnforcementState.AUDIT;\n case 'OFF':\n return EnforcementState.OFF;\n default:\n return EnforcementState.ENFORCEMENT_STATE_UNSPECIFIED;\n }\n}\n\nclass NetworkTimeout<T> {\n // Node timers and browser timers are fundamentally incompatible, but we\n // don't care about the value here\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n private timer: any | null = null;\n readonly promise = new Promise<T>((_, reject) => {\n this.timer = setTimeout(() => {\n return reject(\n _createError(this.auth, AuthErrorCode.NETWORK_REQUEST_FAILED)\n );\n }, DEFAULT_API_TIMEOUT_MS.get());\n });\n\n clearNetworkTimeout(): void {\n clearTimeout(this.timer);\n }\n\n constructor(private readonly auth: Auth) {}\n}\n\ninterface PotentialResponse extends IdTokenResponse {\n email?: string;\n phoneNumber?: string;\n}\n\nexport function _makeTaggedError(\n auth: Auth,\n code: AuthErrorCode,\n response: PotentialResponse\n): FirebaseError {\n const errorParams: NamedErrorParams = {\n appName: auth.name\n };\n\n if (response.email) {\n errorParams.email = response.email;\n }\n if (response.phoneNumber) {\n errorParams.phoneNumber = response.phoneNumber;\n }\n\n const error = _createError(auth, code, errorParams);\n\n // We know customData is defined on error because errorParams is defined\n (error.customData! as TaggedWithTokenResponse)._tokenResponse = response;\n return error;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { RecaptchaParameters } from '../../model/public_types';\nimport {\n GetRecaptchaConfigResponse,\n RecaptchaEnforcementProviderState\n} from '../../api/authentication/recaptcha';\nimport {\n EnforcementState,\n RecaptchaAuthProvider,\n _parseEnforcementState\n} from '../../api/index';\n\n// reCAPTCHA v2 interface\nexport interface Recaptcha {\n render: (container: HTMLElement, parameters: RecaptchaParameters) => number;\n getResponse: (id: number) => string;\n execute: (id: number) => unknown;\n reset: (id: number) => unknown;\n}\n\nexport function isV2(\n grecaptcha: Recaptcha | GreCAPTCHA | undefined\n): grecaptcha is Recaptcha {\n return (\n grecaptcha !== undefined &&\n (grecaptcha as Recaptcha).getResponse !== undefined\n );\n}\n\n// reCAPTCHA Enterprise & v3 shared interface\nexport interface GreCAPTCHATopLevel extends GreCAPTCHA {\n enterprise: GreCAPTCHA;\n}\n\n// reCAPTCHA Enterprise interface\nexport interface GreCAPTCHA {\n ready: (callback: () => void) => void;\n execute: (siteKey: string, options: { action: string }) => Promise<string>;\n render: (\n container: string | HTMLElement,\n parameters: GreCAPTCHARenderOption\n ) => string;\n}\n\nexport interface GreCAPTCHARenderOption {\n sitekey: string;\n size: 'invisible';\n}\n\nexport function isEnterprise(\n grecaptcha: Recaptcha | GreCAPTCHA | undefined\n): grecaptcha is GreCAPTCHATopLevel {\n return (\n grecaptcha !== undefined &&\n (grecaptcha as GreCAPTCHATopLevel).enterprise !== undefined\n );\n}\n\n// TODO(chuanr): Replace this with the AuthWindow after resolving the dependency issue in Node.js env.\ndeclare global {\n interface Window {\n grecaptcha?: Recaptcha | GreCAPTCHATopLevel;\n }\n}\n\nexport class RecaptchaConfig {\n /**\n * The reCAPTCHA site key.\n */\n siteKey: string = '';\n\n /**\n * The list of providers and their enablement status for reCAPTCHA Enterprise.\n */\n recaptchaEnforcementState: RecaptchaEnforcementProviderState[] = [];\n\n constructor(response: GetRecaptchaConfigResponse) {\n if (response.recaptchaKey === undefined) {\n throw new Error('recaptchaKey undefined');\n }\n // Example response.recaptchaKey: \"projects/proj123/keys/sitekey123\"\n this.siteKey = response.recaptchaKey.split('/')[3];\n this.recaptchaEnforcementState = response.recaptchaEnforcementState;\n }\n\n /**\n * Returns the reCAPTCHA Enterprise enforcement state for the given provider.\n *\n * @param providerStr - The provider whose enforcement state is to be returned.\n * @returns The reCAPTCHA Enterprise enforcement state for the given provider.\n */\n getProviderEnforcementState(providerStr: string): EnforcementState | null {\n if (\n !this.recaptchaEnforcementState ||\n this.recaptchaEnforcementState.length === 0\n ) {\n return null;\n }\n\n for (const recaptchaEnforcementState of this.recaptchaEnforcementState) {\n if (\n recaptchaEnforcementState.provider &&\n recaptchaEnforcementState.provider === providerStr\n ) {\n return _parseEnforcementState(\n recaptchaEnforcementState.enforcementState\n );\n }\n }\n return null;\n }\n\n /**\n * Returns true if the reCAPTCHA Enterprise enforcement state for the provider is set to ENFORCE or AUDIT.\n *\n * @param providerStr - The provider whose enablement state is to be returned.\n * @returns Whether or not reCAPTCHA Enterprise protection is enabled for the given provider.\n */\n isProviderEnabled(providerStr: string): boolean {\n return (\n this.getProviderEnforcementState(providerStr) ===\n EnforcementState.ENFORCE ||\n this.getProviderEnforcementState(providerStr) === EnforcementState.AUDIT\n );\n }\n\n /**\n * Returns true if reCAPTCHA Enterprise protection is enabled in at least one provider, otherwise\n * returns false.\n *\n * @returns Whether or not reCAPTCHA Enterprise protection is enabled for at least one provider.\n */\n isAnyProviderEnabled(): boolean {\n return (\n this.isProviderEnabled(RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER) ||\n this.isProviderEnabled(RecaptchaAuthProvider.PHONE_PROVIDER)\n );\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n Endpoint,\n HttpMethod,\n RecaptchaClientType,\n RecaptchaVersion,\n _performApiRequest,\n _addTidIfNecessary\n} from '../index';\nimport { Auth } from '../../model/public_types';\n\ninterface GetRecaptchaParamResponse {\n recaptchaSiteKey?: string;\n}\n\nexport async function getRecaptchaParams(auth: Auth): Promise<string> {\n return (\n (\n await _performApiRequest<void, GetRecaptchaParamResponse>(\n auth,\n HttpMethod.GET,\n Endpoint.GET_RECAPTCHA_PARAM\n )\n ).recaptchaSiteKey || ''\n );\n}\n\n// The following functions are for reCAPTCHA enterprise integration.\ninterface GetRecaptchaConfigRequest {\n tenantId?: string;\n clientType?: RecaptchaClientType;\n version?: RecaptchaVersion;\n}\n\nexport interface RecaptchaEnforcementProviderState {\n provider: string;\n enforcementState: string;\n}\n\nexport interface GetRecaptchaConfigResponse {\n recaptchaKey: string;\n recaptchaEnforcementState: RecaptchaEnforcementProviderState[];\n}\n\nexport async function getRecaptchaConfig(\n auth: Auth,\n request: GetRecaptchaConfigRequest\n): Promise<GetRecaptchaConfigResponse> {\n return _performApiRequest<\n GetRecaptchaConfigRequest,\n GetRecaptchaConfigResponse\n >(\n auth,\n HttpMethod.GET,\n Endpoint.GET_RECAPTCHA_CONFIG,\n _addTidIfNecessary(auth, request)\n );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Endpoint, HttpMethod, _performApiRequest } from '../index';\nimport { MfaEnrollment } from './mfa';\nimport { Auth } from '../../model/public_types';\n\nexport interface DeleteAccountRequest {\n idToken: string;\n}\n\nexport async function deleteAccount(\n auth: Auth,\n request: DeleteAccountRequest\n): Promise<void> {\n return _performApiRequest<DeleteAccountRequest, void>(\n auth,\n HttpMethod.POST,\n Endpoint.DELETE_ACCOUNT,\n request\n );\n}\n\nexport interface ProviderUserInfo {\n providerId: string;\n rawId?: string;\n email?: string;\n displayName?: string;\n photoUrl?: string;\n phoneNumber?: string;\n}\n\nexport interface DeleteLinkedAccountsRequest {\n idToken: string;\n deleteProvider: string[];\n}\n\nexport interface DeleteLinkedAccountsResponse {\n providerUserInfo: ProviderUserInfo[];\n}\n\nexport async function deleteLinkedAccounts(\n auth: Auth,\n request: DeleteLinkedAccountsRequest\n): Promise<DeleteLinkedAccountsResponse> {\n return _performApiRequest<\n DeleteLinkedAccountsRequest,\n DeleteLinkedAccountsResponse\n >(auth, HttpMethod.POST, Endpoint.SET_ACCOUNT_INFO, request);\n}\n\nexport interface APIUserInfo {\n localId?: string;\n displayName?: string;\n photoUrl?: string;\n email?: string;\n emailVerified?: boolean;\n phoneNumber?: string;\n lastLoginAt?: number;\n createdAt?: number;\n tenantId?: string;\n passwordHash?: string;\n providerUserInfo?: ProviderUserInfo[];\n mfaInfo?: MfaEnrollment[];\n}\n\nexport interface GetAccountInfoRequest {\n idToken: string;\n}\n\nexport interface GetAccountInfoResponse {\n users: APIUserInfo[];\n}\n\nexport async function getAccountInfo(\n auth: Auth,\n request: GetAccountInfoRequest\n): Promise<GetAccountInfoResponse> {\n return _performApiRequest<GetAccountInfoRequest, GetAccountInfoResponse>(\n auth,\n HttpMethod.POST,\n Endpoint.GET_ACCOUNT_INFO,\n request\n );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nexport function utcTimestampToDateString(\n utcTimestamp?: string | number\n): string | undefined {\n if (!utcTimestamp) {\n return undefined;\n }\n try {\n // Convert to date object.\n const date = new Date(Number(utcTimestamp));\n // Test date is valid.\n if (!isNaN(date.getTime())) {\n // Convert to UTC date string.\n return date.toUTCString();\n }\n } catch (e) {\n // Do nothing. undefined will be returned.\n }\n return undefined;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { IdTokenResult, ParsedToken, User } from '../../model/public_types';\nimport { base64Decode, getModularInstance } from '@firebase/util';\n\nimport { UserInternal } from '../../model/user';\nimport { _assert } from '../util/assert';\nimport { _logError } from '../util/log';\nimport { utcTimestampToDateString } from '../util/time';\nimport { AuthErrorCode } from '../errors';\n\n/**\n * Returns a JSON Web Token (JWT) used to identify the user to a Firebase service.\n *\n * @remarks\n * Returns the current token if it has not expired or if it will not expire in the next five\n * minutes. Otherwise, this will refresh the token and return a new one.\n *\n * @param user - The user.\n * @param forceRefresh - Force refresh regardless of token expiration.\n *\n * @public\n */\nexport function getIdToken(user: User, forceRefresh = false): Promise<string> {\n return getModularInstance(user).getIdToken(forceRefresh);\n}\n\n/**\n * Returns a deserialized JSON Web Token (JWT) used to identify the user to a Firebase service.\n *\n * @remarks\n * Returns the current token if it has not expired or if it will not expire in the next five\n * minutes. Otherwise, this will refresh the token and return a new one.\n *\n * @param user - The user.\n * @param forceRefresh - Force refresh regardless of token expiration.\n *\n * @public\n */\nexport async function getIdTokenResult(\n user: User,\n forceRefresh = false\n): Promise<IdTokenResult> {\n const userInternal = getModularInstance(user) as UserInternal;\n const token = await userInternal.getIdToken(forceRefresh);\n const claims = _parseToken(token);\n\n _assert(\n claims && claims.exp && claims.auth_time && claims.iat,\n userInternal.auth,\n AuthErrorCode.INTERNAL_ERROR\n );\n const firebase =\n typeof claims.firebase === 'object' ? claims.firebase : undefined;\n\n const signInProvider: string | undefined = firebase?.['sign_in_provider'];\n\n return {\n claims,\n token,\n authTime: utcTimestampToDateString(\n secondsStringToMilliseconds(claims.auth_time)\n )!,\n issuedAtTime: utcTimestampToDateString(\n secondsStringToMilliseconds(claims.iat)\n )!,\n expirationTime: utcTimestampToDateString(\n secondsStringToMilliseconds(claims.exp)\n )!,\n signInProvider: signInProvider || null,\n signInSecondFactor: firebase?.['sign_in_second_factor'] || null\n };\n}\n\nfunction secondsStringToMilliseconds(seconds: string): number {\n return Number(seconds) * 1000;\n}\n\nexport function _parseToken(token: string): ParsedToken | null {\n const [algorithm, payload, signature] = token.split('.');\n if (\n algorithm === undefined ||\n payload === undefined ||\n signature === undefined\n ) {\n _logError('JWT malformed, contained fewer than 3 sections');\n return null;\n }\n\n try {\n const decoded = base64Decode(payload);\n if (!decoded) {\n _logError('Failed to decode base64 JWT payload');\n return null;\n }\n return JSON.parse(decoded);\n } catch (e) {\n _logError(\n 'Caught error parsing JWT payload as JSON',\n (e as Error)?.toString()\n );\n return null;\n }\n}\n\n/**\n * Extract expiresIn TTL from a token by subtracting the expiration from the issuance.\n */\nexport function _tokenExpiresIn(token: string): number {\n const parsedToken = _parseToken(token);\n _assert(parsedToken, AuthErrorCode.INTERNAL_ERROR);\n _assert(typeof parsedToken.exp !== 'undefined', AuthErrorCode.INTERNAL_ERROR);\n _assert(typeof parsedToken.iat !== 'undefined', AuthErrorCode.INTERNAL_ERROR);\n return Number(parsedToken.exp) - Number(parsedToken.iat);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { FirebaseError } from '@firebase/util';\n\nimport { UserInternal } from '../../model/user';\nimport { AuthErrorCode } from '../errors';\n\nexport async function _logoutIfInvalidated<T>(\n user: UserInternal,\n promise: Promise<T>,\n bypassAuthState = false\n): Promise<T> {\n if (bypassAuthState) {\n return promise;\n }\n try {\n return await promise;\n } catch (e) {\n if (e instanceof FirebaseError && isUserInvalidated(e)) {\n if (user.auth.currentUser === user) {\n await user.auth.signOut();\n }\n }\n\n throw e;\n }\n}\n\nfunction isUserInvalidated({ code }: FirebaseError): boolean {\n return (\n code === `auth/${AuthErrorCode.USER_DISABLED}` ||\n code === `auth/${AuthErrorCode.TOKEN_EXPIRED}`\n );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { FirebaseError } from '@firebase/util';\nimport { UserInternal } from '../../model/user';\nimport { AuthErrorCode } from '../errors';\n\n// Refresh the token five minutes before expiration\nexport const enum Duration {\n OFFSET = 5 * 1000 * 60,\n RETRY_BACKOFF_MIN = 30 * 1000,\n RETRY_BACKOFF_MAX = 16 * 60 * 1000\n}\n\nexport class ProactiveRefresh {\n private isRunning = false;\n\n // Node timers and browser timers return fundamentally different types.\n // We don't actually care what the value is but TS won't accept unknown and\n // we can't cast properly in both environments.\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n private timerId: any | null = null;\n private errorBackoff = Duration.RETRY_BACKOFF_MIN;\n\n constructor(private readonly user: UserInternal) {}\n\n _start(): void {\n if (this.isRunning) {\n return;\n }\n\n this.isRunning = true;\n this.schedule();\n }\n\n _stop(): void {\n if (!this.isRunning) {\n return;\n }\n\n this.isRunning = false;\n if (this.timerId !== null) {\n clearTimeout(this.timerId);\n }\n }\n\n private getInterval(wasError: boolean): number {\n if (wasError) {\n const interval = this.errorBackoff;\n this.errorBackoff = Math.min(\n this.errorBackoff * 2,\n Duration.RETRY_BACKOFF_MAX\n );\n return interval;\n } else {\n // Reset the error backoff\n this.errorBackoff = Duration.RETRY_BACKOFF_MIN;\n const expTime = this.user.stsTokenManager.expirationTime ?? 0;\n const interval = expTime - Date.now() - Duration.OFFSET;\n\n return Math.max(0, interval);\n }\n }\n\n private schedule(wasError = false): void {\n if (!this.isRunning) {\n // Just in case...\n return;\n }\n\n const interval = this.getInterval(wasError);\n this.timerId = setTimeout(async () => {\n await this.iteration();\n }, interval);\n }\n\n private async iteration(): Promise<void> {\n try {\n await this.user.getIdToken(true);\n } catch (e) {\n // Only retry on network errors\n if (\n (e as FirebaseError)?.code ===\n `auth/${AuthErrorCode.NETWORK_REQUEST_FAILED}`\n ) {\n this.schedule(/* wasError */ true);\n }\n\n return;\n }\n this.schedule();\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { UserMetadata as UserMetadataType } from '../../model/public_types';\n\nimport { utcTimestampToDateString } from '../util/time';\n\nexport class UserMetadata implements UserMetadataType {\n creationTime?: string;\n lastSignInTime?: string;\n\n constructor(\n private createdAt?: string | number,\n private lastLoginAt?: string | number\n ) {\n this._initializeTime();\n }\n\n private _initializeTime(): void {\n this.lastSignInTime = utcTimestampToDateString(this.lastLoginAt);\n this.creationTime = utcTimestampToDateString(this.createdAt);\n }\n\n _copy(metadata: UserMetadata): void {\n this.createdAt = metadata.createdAt;\n this.lastLoginAt = metadata.lastLoginAt;\n this._initializeTime();\n }\n\n toJSON(): object {\n return {\n createdAt: this.createdAt,\n lastLoginAt: this.lastLoginAt\n };\n }\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { User, UserInfo } from '../../model/public_types';\n\nimport {\n getAccountInfo,\n ProviderUserInfo\n} from '../../api/account_management/account';\nimport { UserInternal } from '../../model/user';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from '../util/assert';\nimport { _logoutIfInvalidated } from './invalidation';\nimport { UserMetadata } from './user_metadata';\nimport { getModularInstance } from '@firebase/util';\n\nexport async function _reloadWithoutSaving(user: UserInternal): Promise<void> {\n const auth = user.auth;\n const idToken = await user.getIdToken();\n const response = await _logoutIfInvalidated(\n user,\n getAccountInfo(auth, { idToken })\n );\n\n _assert(response?.users.length, auth, AuthErrorCode.INTERNAL_ERROR);\n\n const coreAccount = response.users[0];\n\n user._notifyReloadListener(coreAccount);\n\n const newProviderData = coreAccount.providerUserInfo?.length\n ? extractProviderData(coreAccount.providerUserInfo)\n : [];\n\n const providerData = mergeProviderData(user.providerData, newProviderData);\n\n // Preserves the non-nonymous status of the stored user, even if no more\n // credentials (federated or email/password) are linked to the user. If\n // the user was previously anonymous, then use provider data to update.\n // On the other hand, if it was not anonymous before, it should never be\n // considered anonymous now.\n const oldIsAnonymous = user.isAnonymous;\n const newIsAnonymous =\n !(user.email && coreAccount.passwordHash) && !providerData?.length;\n const isAnonymous = !oldIsAnonymous ? false : newIsAnonymous;\n\n const updates: Partial<UserInternal> = {\n uid: coreAccount.localId,\n displayName: coreAccount.displayName || null,\n photoURL: coreAccount.photoUrl || null,\n email: coreAccount.email || null,\n emailVerified: coreAccount.emailVerified || false,\n phoneNumber: coreAccount.phoneNumber || null,\n tenantId: coreAccount.tenantId || null,\n providerData,\n metadata: new UserMetadata(coreAccount.createdAt, coreAccount.lastLoginAt),\n isAnonymous\n };\n\n Object.assign(user, updates);\n}\n\n/**\n * Reloads user account data, if signed in.\n *\n * @param user - The user.\n *\n * @public\n */\nexport async function reload(user: User): Promise<void> {\n const userInternal: UserInternal = getModularInstance(user) as UserInternal;\n await _reloadWithoutSaving(userInternal);\n\n // Even though the current user hasn't changed, update\n // current user will trigger a persistence update w/ the\n // new info.\n await userInternal.auth._persistUserIfCurrent(userInternal);\n userInternal.auth._notifyListenersIfCurrent(userInternal);\n}\n\nfunction mergeProviderData(\n original: UserInfo[],\n newData: UserInfo[]\n): UserInfo[] {\n const deduped = original.filter(\n o => !newData.some(n => n.providerId === o.providerId)\n );\n return [...deduped, ...newData];\n}\n\nexport function extractProviderData(providers: ProviderUserInfo[]): UserInfo[] {\n return providers.map(({ providerId, ...provider }) => {\n return {\n providerId,\n uid: provider.rawId || '',\n displayName: provider.displayName || null,\n email: provider.email || null,\n phoneNumber: provider.phoneNumber || null,\n photoURL: provider.photoUrl || null\n };\n });\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\n/* eslint-disable camelcase */\n\nimport { isCloudWorkstation, querystring } from '@firebase/util';\n\nimport {\n _getFinalTarget,\n _performFetchWithErrorHandling,\n _performApiRequest,\n _addTidIfNecessary,\n HttpMethod,\n HttpHeader,\n Endpoint\n} from '../index';\nimport { FetchProvider } from '../../core/util/fetch_provider';\nimport { Auth } from '../../model/public_types';\nimport { AuthInternal } from '../../model/auth';\n\nexport const enum TokenType {\n REFRESH_TOKEN = 'REFRESH_TOKEN',\n ACCESS_TOKEN = 'ACCESS_TOKEN'\n}\n\n/** The server responses with snake_case; we convert to camelCase */\ninterface RequestStsTokenServerResponse {\n access_token: string;\n expires_in: string;\n refresh_token: string;\n}\n\nexport interface RequestStsTokenResponse {\n accessToken: string;\n expiresIn: string;\n refreshToken: string;\n}\n\nexport interface RevokeTokenRequest {\n providerId: string;\n tokenType: TokenType;\n token: string;\n idToken: string;\n tenantId?: string;\n}\n\nexport interface RevokeTokenResponse {}\n\nexport async function requestStsToken(\n auth: Auth,\n refreshToken: string\n): Promise<RequestStsTokenResponse> {\n const response =\n await _performFetchWithErrorHandling<RequestStsTokenServerResponse>(\n auth,\n {},\n async () => {\n const body = querystring({\n 'grant_type': 'refresh_token',\n 'refresh_token': refreshToken\n }).slice(1);\n const { tokenApiHost, apiKey } = auth.config;\n const url = await _getFinalTarget(\n auth,\n tokenApiHost,\n Endpoint.TOKEN,\n `key=${apiKey}`\n );\n\n const headers = await (auth as AuthInternal)._getAdditionalHeaders();\n headers[HttpHeader.CONTENT_TYPE] = 'application/x-www-form-urlencoded';\n\n const options: RequestInit = {\n method: HttpMethod.POST,\n headers,\n body\n };\n if (\n auth.emulatorConfig &&\n isCloudWorkstation(auth.emulatorConfig.host)\n ) {\n options.credentials = 'include';\n }\n return FetchProvider.fetch()(url, options);\n }\n );\n\n // The response comes back in snake_case. Convert to camel:\n return {\n accessToken: response.access_token,\n expiresIn: response.expires_in,\n refreshToken: response.refresh_token\n };\n}\n\nexport async function revokeToken(\n auth: Auth,\n request: RevokeTokenRequest\n): Promise<RevokeTokenResponse> {\n return _performApiRequest<RevokeTokenRequest, RevokeTokenResponse>(\n auth,\n HttpMethod.POST,\n Endpoint.REVOKE_TOKEN,\n _addTidIfNecessary(auth, request)\n );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { FinalizeMfaResponse } from '../../api/authentication/mfa';\nimport { requestStsToken } from '../../api/authentication/token';\nimport { AuthInternal } from '../../model/auth';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { AuthErrorCode } from '../errors';\nimport { PersistedBlob } from '../persistence';\nimport { _assert, debugFail } from '../util/assert';\nimport { _tokenExpiresIn } from './id_token_result';\n\n/**\n * The number of milliseconds before the official expiration time of a token\n * to refresh that token, to provide a buffer for RPCs to complete.\n */\nexport const enum Buffer {\n TOKEN_REFRESH = 30_000\n}\n\n/**\n * We need to mark this class as internal explicitly to exclude it in the public typings, because\n * it references AuthInternal which has a circular dependency with UserInternal.\n *\n * @internal\n */\nexport class StsTokenManager {\n refreshToken: string | null = null;\n accessToken: string | null = null;\n expirationTime: number | null = null;\n\n get isExpired(): boolean {\n return (\n !this.expirationTime ||\n Date.now() > this.expirationTime - Buffer.TOKEN_REFRESH\n );\n }\n\n updateFromServerResponse(\n response: IdTokenResponse | FinalizeMfaResponse\n ): void {\n _assert(response.idToken, AuthErrorCode.INTERNAL_ERROR);\n _assert(\n typeof response.idToken !== 'undefined',\n AuthErrorCode.INTERNAL_ERROR\n );\n _assert(\n typeof response.refreshToken !== 'undefined',\n AuthErrorCode.INTERNAL_ERROR\n );\n const expiresIn =\n 'expiresIn' in response && typeof response.expiresIn !== 'undefined'\n ? Number(response.expiresIn)\n : _tokenExpiresIn(response.idToken);\n this.updateTokensAndExpiration(\n response.idToken,\n response.refreshToken,\n expiresIn\n );\n }\n\n updateFromIdToken(idToken: string): void {\n _assert(idToken.length !== 0, AuthErrorCode.INTERNAL_ERROR);\n const expiresIn = _tokenExpiresIn(idToken);\n this.updateTokensAndExpiration(idToken, null, expiresIn);\n }\n\n async getToken(\n auth: AuthInternal,\n forceRefresh = false\n ): Promise<string | null> {\n if (!forceRefresh && this.accessToken && !this.isExpired) {\n return this.accessToken;\n }\n\n _assert(this.refreshToken, auth, AuthErrorCode.TOKEN_EXPIRED);\n\n if (this.refreshToken) {\n await this.refresh(auth, this.refreshToken!);\n return this.accessToken;\n }\n\n return null;\n }\n\n clearRefreshToken(): void {\n this.refreshToken = null;\n }\n\n private async refresh(auth: AuthInternal, oldToken: string): Promise<void> {\n const { accessToken, refreshToken, expiresIn } = await requestStsToken(\n auth,\n oldToken\n );\n this.updateTokensAndExpiration(\n accessToken,\n refreshToken,\n Number(expiresIn)\n );\n }\n\n private updateTokensAndExpiration(\n accessToken: string,\n refreshToken: string | null,\n expiresInSec: number\n ): void {\n this.refreshToken = refreshToken || null;\n this.accessToken = accessToken || null;\n this.expirationTime = Date.now() + expiresInSec * 1000;\n }\n\n static fromJSON(appName: string, object: PersistedBlob): StsTokenManager {\n const { refreshToken, accessToken, expirationTime } = object;\n\n const manager = new StsTokenManager();\n if (refreshToken) {\n _assert(typeof refreshToken === 'string', AuthErrorCode.INTERNAL_ERROR, {\n appName\n });\n manager.refreshToken = refreshToken;\n }\n if (accessToken) {\n _assert(typeof accessToken === 'string', AuthErrorCode.INTERNAL_ERROR, {\n appName\n });\n manager.accessToken = accessToken;\n }\n if (expirationTime) {\n _assert(\n typeof expirationTime === 'number',\n AuthErrorCode.INTERNAL_ERROR,\n {\n appName\n }\n );\n manager.expirationTime = expirationTime;\n }\n return manager;\n }\n\n toJSON(): object {\n return {\n refreshToken: this.refreshToken,\n accessToken: this.accessToken,\n expirationTime: this.expirationTime\n };\n }\n\n _assign(stsTokenManager: StsTokenManager): void {\n this.accessToken = stsTokenManager.accessToken;\n this.refreshToken = stsTokenManager.refreshToken;\n this.expirationTime = stsTokenManager.expirationTime;\n }\n\n _clone(): StsTokenManager {\n return Object.assign(new StsTokenManager(), this.toJSON());\n }\n\n _performRefresh(): never {\n return debugFail('not implemented');\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { IdTokenResult, UserInfo } from '../../model/public_types';\nimport { NextFn } from '@firebase/util';\nimport {\n APIUserInfo,\n GetAccountInfoResponse,\n deleteAccount\n} from '../../api/account_management/account';\nimport { FinalizeMfaResponse } from '../../api/authentication/mfa';\nimport { AuthInternal } from '../../model/auth';\nimport { IdTokenResponse } from '../../model/id_token';\nimport {\n MutableUserInfo,\n UserInternal,\n UserParameters\n} from '../../model/user';\nimport { AuthErrorCode } from '../errors';\nimport { PersistedBlob } from '../persistence';\nimport {\n _assert,\n _serverAppCurrentUserOperationNotSupportedError\n} from '../util/assert';\nimport { getIdTokenResult } from './id_token_result';\nimport { _logoutIfInvalidated } from './invalidation';\nimport { ProactiveRefresh } from './proactive_refresh';\nimport { extractProviderData, _reloadWithoutSaving, reload } from './reload';\nimport { StsTokenManager } from './token_manager';\nimport { UserMetadata } from './user_metadata';\nimport { ProviderId } from '../../model/enums';\nimport { _isFirebaseServerApp } from '@firebase/app';\n\nfunction assertStringOrUndefined(\n assertion: unknown,\n appName: string\n): asserts assertion is string | undefined {\n _assert(\n typeof assertion === 'string' || typeof assertion === 'undefined',\n AuthErrorCode.INTERNAL_ERROR,\n { appName }\n );\n}\n\nexport class UserImpl implements UserInternal {\n // For the user object, provider is always Firebase.\n readonly providerId = ProviderId.FIREBASE;\n stsTokenManager: StsTokenManager;\n // Last known accessToken so we know when it changes\n private accessToken: string | null;\n\n uid: string;\n auth: AuthInternal;\n emailVerified: boolean;\n isAnonymous: boolean;\n tenantId: string | null;\n readonly metadata: UserMetadata;\n providerData: MutableUserInfo[];\n\n // Optional fields from UserInfo\n displayName: string | null;\n email: string | null;\n phoneNumber: string | null;\n photoURL: string | null;\n\n _redirectEventId?: string;\n private readonly proactiveRefresh = new ProactiveRefresh(this);\n\n constructor({ uid, auth, stsTokenManager, ...opt }: UserParameters) {\n this.uid = uid;\n this.auth = auth;\n this.stsTokenManager = stsTokenManager;\n this.accessToken = stsTokenManager.accessToken;\n this.displayName = opt.displayName || null;\n this.email = opt.email || null;\n this.emailVerified = opt.emailVerified || false;\n this.phoneNumber = opt.phoneNumber || null;\n this.photoURL = opt.photoURL || null;\n this.isAnonymous = opt.isAnonymous || false;\n this.tenantId = opt.tenantId || null;\n this.providerData = opt.providerData ? [...opt.providerData] : [];\n this.metadata = new UserMetadata(\n opt.createdAt || undefined,\n opt.lastLoginAt || undefined\n );\n }\n\n async getIdToken(forceRefresh?: boolean): Promise<string> {\n const accessToken = await _logoutIfInvalidated(\n this,\n this.stsTokenManager.getToken(this.auth, forceRefresh)\n );\n _assert(accessToken, this.auth, AuthErrorCode.INTERNAL_ERROR);\n\n if (this.accessToken !== accessToken) {\n this.accessToken = accessToken;\n await this.auth._persistUserIfCurrent(this);\n this.auth._notifyListenersIfCurrent(this);\n }\n\n return accessToken;\n }\n\n getIdTokenResult(forceRefresh?: boolean): Promise<IdTokenResult> {\n return getIdTokenResult(this, forceRefresh);\n }\n\n reload(): Promise<void> {\n return reload(this);\n }\n\n private reloadUserInfo: APIUserInfo | null = null;\n private reloadListener: NextFn<APIUserInfo> | null = null;\n\n _assign(user: UserInternal): void {\n if (this === user) {\n return;\n }\n _assert(this.uid === user.uid, this.auth, AuthErrorCode.INTERNAL_ERROR);\n this.displayName = user.displayName;\n this.photoURL = user.photoURL;\n this.email = user.email;\n this.emailVerified = user.emailVerified;\n this.phoneNumber = user.phoneNumber;\n this.isAnonymous = user.isAnonymous;\n this.tenantId = user.tenantId;\n this.providerData = user.providerData.map(userInfo => ({ ...userInfo }));\n this.metadata._copy(user.metadata);\n this.stsTokenManager._assign(user.stsTokenManager);\n }\n\n _clone(auth: AuthInternal): UserInternal {\n const newUser = new UserImpl({\n ...this,\n auth,\n stsTokenManager: this.stsTokenManager._clone()\n });\n newUser.metadata._copy(this.metadata);\n return newUser;\n }\n\n _onReload(callback: NextFn<APIUserInfo>): void {\n // There should only ever be one listener, and that is a single instance of MultiFactorUser\n _assert(!this.reloadListener, this.auth, AuthErrorCode.INTERNAL_ERROR);\n this.reloadListener = callback;\n if (this.reloadUserInfo) {\n this._notifyReloadListener(this.reloadUserInfo);\n this.reloadUserInfo = null;\n }\n }\n\n _notifyReloadListener(userInfo: APIUserInfo): void {\n if (this.reloadListener) {\n this.reloadListener(userInfo);\n } else {\n // If no listener is subscribed yet, save the result so it's available when they do subscribe\n this.reloadUserInfo = userInfo;\n }\n }\n\n _startProactiveRefresh(): void {\n this.proactiveRefresh._start();\n }\n\n _stopProactiveRefresh(): void {\n this.proactiveRefresh._stop();\n }\n\n async _updateTokensIfNecessary(\n response: IdTokenResponse | FinalizeMfaResponse,\n reload = false\n ): Promise<void> {\n let tokensRefreshed = false;\n if (\n response.idToken &&\n response.idToken !== this.stsTokenManager.accessToken\n ) {\n this.stsTokenManager.updateFromServerResponse(response);\n tokensRefreshed = true;\n }\n\n if (reload) {\n await _reloadWithoutSaving(this);\n }\n\n await this.auth._persistUserIfCurrent(this);\n if (tokensRefreshed) {\n this.auth._notifyListenersIfCurrent(this);\n }\n }\n\n async delete(): Promise<void> {\n if (_isFirebaseServerApp(this.auth.app)) {\n return Promise.reject(\n _serverAppCurrentUserOperationNotSupportedError(this.auth)\n );\n }\n const idToken = await this.getIdToken();\n await _logoutIfInvalidated(this, deleteAccount(this.auth, { idToken }));\n this.stsTokenManager.clearRefreshToken();\n\n // TODO: Determine if cancellable-promises are necessary to use in this class so that delete()\n // cancels pending actions...\n\n return this.auth.signOut();\n }\n\n toJSON(): PersistedBlob {\n return {\n uid: this.uid,\n email: this.email || undefined,\n emailVerified: this.emailVerified,\n displayName: this.displayName || undefined,\n isAnonymous: this.isAnonymous,\n photoURL: this.photoURL || undefined,\n phoneNumber: this.phoneNumber || undefined,\n tenantId: this.tenantId || undefined,\n providerData: this.providerData.map(userInfo => ({ ...userInfo })),\n stsTokenManager: this.stsTokenManager.toJSON(),\n // Redirect event ID must be maintained in case there is a pending\n // redirect event.\n _redirectEventId: this._redirectEventId,\n ...this.metadata.toJSON(),\n\n // Required for compatibility with the legacy SDK (go/firebase-auth-sdk-persistence-parsing):\n apiKey: this.auth.config.apiKey,\n appName: this.auth.name\n // Missing authDomain will be tolerated by the legacy SDK.\n // stsTokenManager.apiKey isn't actually required (despite the legacy SDK persisting it).\n };\n }\n\n get refreshToken(): string {\n return this.stsTokenManager.refreshToken || '';\n }\n\n static _fromJSON(auth: AuthInternal, object: PersistedBlob): UserInternal {\n const displayName = object.displayName ?? undefined;\n const email = object.email ?? undefined;\n const phoneNumber = object.phoneNumber ?? undefined;\n const photoURL = object.photoURL ?? undefined;\n const tenantId = object.tenantId ?? undefined;\n const _redirectEventId = object._redirectEventId ?? undefined;\n const createdAt = object.createdAt ?? undefined;\n const lastLoginAt = object.lastLoginAt ?? undefined;\n const {\n uid,\n emailVerified,\n isAnonymous,\n providerData,\n stsTokenManager: plainObjectTokenManager\n } = object;\n\n _assert(uid && plainObjectTokenManager, auth, AuthErrorCode.INTERNAL_ERROR);\n\n const stsTokenManager = StsTokenManager.fromJSON(\n this.name,\n plainObjectTokenManager as PersistedBlob\n );\n\n _assert(typeof uid === 'string', auth, AuthErrorCode.INTERNAL_ERROR);\n assertStringOrUndefined(displayName, auth.name);\n assertStringOrUndefined(email, auth.name);\n _assert(\n typeof emailVerified === 'boolean',\n auth,\n AuthErrorCode.INTERNAL_ERROR\n );\n _assert(\n typeof isAnonymous === 'boolean',\n auth,\n AuthErrorCode.INTERNAL_ERROR\n );\n assertStringOrUndefined(phoneNumber, auth.name);\n assertStringOrUndefined(photoURL, auth.name);\n assertStringOrUndefined(tenantId, auth.name);\n assertStringOrUndefined(_redirectEventId, auth.name);\n assertStringOrUndefined(createdAt, auth.name);\n assertStringOrUndefined(lastLoginAt, auth.name);\n const user = new UserImpl({\n uid,\n auth,\n email,\n emailVerified,\n displayName,\n isAnonymous,\n photoURL,\n phoneNumber,\n tenantId,\n stsTokenManager,\n createdAt,\n lastLoginAt\n });\n\n if (providerData && Array.isArray(providerData)) {\n user.providerData = providerData.map(userInfo => ({ ...userInfo }));\n }\n\n if (_redirectEventId) {\n user._redirectEventId = _redirectEventId;\n }\n\n return user;\n }\n\n /**\n * Initialize a User from an idToken server response\n * @param auth\n * @param idTokenResponse\n */\n static async _fromIdTokenResponse(\n auth: AuthInternal,\n idTokenResponse: IdTokenResponse,\n isAnonymous: boolean = false\n ): Promise<UserInternal> {\n const stsTokenManager = new StsTokenManager();\n stsTokenManager.updateFromServerResponse(idTokenResponse);\n\n // Initialize the Firebase Auth user.\n const user = new UserImpl({\n uid: idTokenResponse.localId,\n auth,\n stsTokenManager,\n isAnonymous\n });\n\n // Updates the user info and data and resolves with a user instance.\n await _reloadWithoutSaving(user);\n return user;\n }\n\n /**\n * Initialize a User from an idToken server response\n * @param auth\n * @param idTokenResponse\n */\n static async _fromGetAccountInfoResponse(\n auth: AuthInternal,\n response: GetAccountInfoResponse,\n idToken: string\n ): Promise<UserInternal> {\n const coreAccount = response.users[0];\n _assert(coreAccount.localId !== undefined, AuthErrorCode.INTERNAL_ERROR);\n\n const providerData: UserInfo[] =\n coreAccount.providerUserInfo !== undefined\n ? extractProviderData(coreAccount.providerUserInfo)\n : [];\n\n const isAnonymous =\n !(coreAccount.email && coreAccount.passwordHash) && !providerData?.length;\n\n const stsTokenManager = new StsTokenManager();\n stsTokenManager.updateFromIdToken(idToken);\n\n // Initialize the Firebase Auth user.\n const user = new UserImpl({\n uid: coreAccount.localId,\n auth,\n stsTokenManager,\n isAnonymous\n });\n\n // update the user with data from the GetAccountInfo response.\n const updates: Partial<UserInternal> = {\n uid: coreAccount.localId,\n displayName: coreAccount.displayName || null,\n photoURL: coreAccount.photoUrl || null,\n email: coreAccount.email || null,\n emailVerified: coreAccount.emailVerified || false,\n phoneNumber: coreAccount.phoneNumber || null,\n tenantId: coreAccount.tenantId || null,\n providerData,\n metadata: new UserMetadata(\n coreAccount.createdAt,\n coreAccount.lastLoginAt\n ),\n isAnonymous:\n !(coreAccount.email && coreAccount.passwordHash) &&\n !providerData?.length\n };\n\n Object.assign(user, updates);\n return user;\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { debugAssert } from './assert';\n\n/**\n * Our API has a lot of one-off constants that are used to do things.\n * Unfortunately we can't export these as classes instantiated directly since\n * the constructor may side effect and therefore can't be proven to be safely\n * culled. Instead, we export these classes themselves as a lowerCamelCase\n * constant, and instantiate them under the hood.\n */\nexport interface SingletonInstantiator<T> {\n new (): T;\n}\n\nconst instanceCache: Map<unknown, unknown> = new Map();\n\nexport function _getInstance<T>(cls: unknown): T {\n debugAssert(cls instanceof Function, 'Expected a class definition');\n let instance = instanceCache.get(cls) as T | undefined;\n\n if (instance) {\n debugAssert(\n instance instanceof cls,\n 'Instance stored in cache mismatched with class'\n );\n return instance;\n }\n\n instance = new (cls as SingletonInstantiator<T>)();\n instanceCache.set(cls, instance);\n return instance;\n}\n\nexport function _clearInstanceMap(): void {\n instanceCache.clear();\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Persistence } from '../../model/public_types';\n\nimport {\n PersistenceInternal,\n PersistenceType,\n PersistenceValue,\n StorageEventListener\n} from '../persistence';\n\nexport class InMemoryPersistence implements PersistenceInternal {\n static type: 'NONE' = 'NONE';\n readonly type = PersistenceType.NONE;\n storage: Record<string, PersistenceValue> = {};\n\n async _isAvailable(): Promise<boolean> {\n return true;\n }\n\n async _set(key: string, value: PersistenceValue): Promise<void> {\n this.storage[key] = value;\n }\n\n async _get<T extends PersistenceValue>(key: string): Promise<T | null> {\n const value = this.storage[key];\n return value === undefined ? null : (value as T);\n }\n\n async _remove(key: string): Promise<void> {\n delete this.storage[key];\n }\n\n _addListener(_key: string, _listener: StorageEventListener): void {\n // Listeners are not supported for in-memory storage since it cannot be shared across windows/workers\n return;\n }\n\n _removeListener(_key: string, _listener: StorageEventListener): void {\n // Listeners are not supported for in-memory storage since it cannot be shared across windows/workers\n return;\n }\n}\n\n/**\n * An implementation of {@link Persistence} of type 'NONE'.\n *\n * @public\n */\nexport const inMemoryPersistence: Persistence = InMemoryPersistence;\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { getAccountInfo } from '../../api/account_management/account';\nimport { ApiKey, AppName, AuthInternal } from '../../model/auth';\nimport { UserInternal } from '../../model/user';\nimport { PersistedBlob, PersistenceInternal } from '../persistence';\nimport { UserImpl } from '../user/user_impl';\nimport { _getInstance } from '../util/instantiator';\nimport { inMemoryPersistence } from './in_memory';\n\nexport const enum KeyName {\n AUTH_USER = 'authUser',\n AUTH_EVENT = 'authEvent',\n REDIRECT_USER = 'redirectUser',\n PERSISTENCE_USER = 'persistence'\n}\nexport const enum Namespace {\n PERSISTENCE = 'firebase'\n}\n\nexport function _persistenceKeyName(\n key: string,\n apiKey: ApiKey,\n appName: AppName\n): string {\n return `${Namespace.PERSISTENCE}:${key}:${apiKey}:${appName}`;\n}\n\nexport class PersistenceUserManager {\n private readonly fullUserKey: string;\n private readonly fullPersistenceKey: string;\n private readonly boundEventHandler: () => void;\n\n private constructor(\n public persistence: PersistenceInternal,\n private readonly auth: AuthInternal,\n private readonly userKey: string\n ) {\n const { config, name } = this.auth;\n this.fullUserKey = _persistenceKeyName(this.userKey, config.apiKey, name);\n this.fullPersistenceKey = _persistenceKeyName(\n KeyName.PERSISTENCE_USER,\n config.apiKey,\n name\n );\n this.boundEventHandler = auth._onStorageEvent.bind(auth);\n this.persistence._addListener(this.fullUserKey, this.boundEventHandler);\n }\n\n setCurrentUser(user: UserInternal): Promise<void> {\n return this.persistence._set(this.fullUserKey, user.toJSON());\n }\n\n async getCurrentUser(): Promise<UserInternal | null> {\n const blob = await this.persistence._get<PersistedBlob | string>(\n this.fullUserKey\n );\n if (!blob) {\n return null;\n }\n if (typeof blob === 'string') {\n const response = await getAccountInfo(this.auth, { idToken: blob }).catch(\n () => undefined\n );\n if (!response) {\n return null;\n }\n return UserImpl._fromGetAccountInfoResponse(this.auth, response, blob);\n }\n return UserImpl._fromJSON(this.auth, blob);\n }\n\n removeCurrentUser(): Promise<void> {\n return this.persistence._remove(this.fullUserKey);\n }\n\n savePersistenceForRedirect(): Promise<void> {\n return this.persistence._set(\n this.fullPersistenceKey,\n this.persistence.type\n );\n }\n\n async setPersistence(newPersistence: PersistenceInternal): Promise<void> {\n if (this.persistence === newPersistence) {\n return;\n }\n\n const currentUser = await this.getCurrentUser();\n await this.removeCurrentUser();\n\n this.persistence = newPersistence;\n\n if (currentUser) {\n return this.setCurrentUser(currentUser);\n }\n }\n\n delete(): void {\n this.persistence._removeListener(this.fullUserKey, this.boundEventHandler);\n }\n\n static async create(\n auth: AuthInternal,\n persistenceHierarchy: PersistenceInternal[],\n userKey = KeyName.AUTH_USER\n ): Promise<PersistenceUserManager> {\n if (!persistenceHierarchy.length) {\n return new PersistenceUserManager(\n _getInstance(inMemoryPersistence),\n auth,\n userKey\n );\n }\n\n // Eliminate any persistences that are not available\n const availablePersistences = (\n await Promise.all(\n persistenceHierarchy.map(async persistence => {\n if (await persistence._isAvailable()) {\n return persistence;\n }\n return undefined;\n })\n )\n ).filter(persistence => persistence) as PersistenceInternal[];\n\n // Fall back to the first persistence listed, or in memory if none available\n let selectedPersistence =\n availablePersistences[0] ||\n _getInstance<PersistenceInternal>(inMemoryPersistence);\n\n const key = _persistenceKeyName(userKey, auth.config.apiKey, auth.name);\n\n // Pull out the existing user, setting the chosen persistence to that\n // persistence if the user exists.\n let userToMigrate: UserInternal | null = null;\n // Note, here we check for a user in _all_ persistences, not just the\n // ones deemed available. If we can migrate a user out of a broken\n // persistence, we will (but only if that persistence supports migration).\n for (const persistence of persistenceHierarchy) {\n try {\n const blob = await persistence._get<PersistedBlob | string>(key);\n if (blob) {\n let user: UserInternal;\n if (typeof blob === 'string') {\n const response = await getAccountInfo(auth, {\n idToken: blob\n }).catch(() => undefined);\n if (!response) {\n break;\n }\n user = await UserImpl._fromGetAccountInfoResponse(\n auth,\n response,\n blob\n );\n } else {\n user = UserImpl._fromJSON(auth, blob); // throws for unparsable blob (wrong format)\n }\n if (persistence !== selectedPersistence) {\n userToMigrate = user;\n }\n selectedPersistence = persistence;\n break;\n }\n } catch {}\n }\n\n // If we find the user in a persistence that does support migration, use\n // that migration path (of only persistences that support migration)\n const migrationHierarchy = availablePersistences.filter(\n p => p._shouldAllowMigration\n );\n\n // If the persistence does _not_ allow migration, just finish off here\n if (\n !selectedPersistence._shouldAllowMigration ||\n !migrationHierarchy.length\n ) {\n return new PersistenceUserManager(selectedPersistence, auth, userKey);\n }\n\n selectedPersistence = migrationHierarchy[0];\n if (userToMigrate) {\n // This normally shouldn't throw since chosenPersistence.isAvailable() is true, but if it does\n // we'll just let it bubble to surface the error.\n await selectedPersistence._set(key, userToMigrate.toJSON());\n }\n\n // Attempt to clear the key in other persistences but ignore errors. This helps prevent issues\n // such as users getting stuck with a previous account after signing out and refreshing the tab.\n await Promise.all(\n persistenceHierarchy.map(async persistence => {\n if (persistence !== selectedPersistence) {\n try {\n await persistence._remove(key);\n } catch {}\n }\n })\n );\n return new PersistenceUserManager(selectedPersistence, auth, userKey);\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { isIE, getUA } from '@firebase/util';\n\ninterface NavigatorStandalone extends Navigator {\n standalone?: unknown;\n}\n\ninterface Document {\n documentMode?: number;\n}\n\n/**\n * Enums for Browser name.\n */\nexport const enum BrowserName {\n ANDROID = 'Android',\n BLACKBERRY = 'Blackberry',\n EDGE = 'Edge',\n FIREFOX = 'Firefox',\n IE = 'IE',\n IEMOBILE = 'IEMobile',\n OPERA = 'Opera',\n OTHER = 'Other',\n CHROME = 'Chrome',\n SAFARI = 'Safari',\n SILK = 'Silk',\n WEBOS = 'Webos'\n}\n\n/**\n * Determine the browser for the purposes of reporting usage to the API\n */\nexport function _getBrowserName(userAgent: string): BrowserName | string {\n const ua = userAgent.toLowerCase();\n if (ua.includes('opera/') || ua.includes('opr/') || ua.includes('opios/')) {\n return BrowserName.OPERA;\n } else if (_isIEMobile(ua)) {\n // Windows phone IEMobile browser.\n return BrowserName.IEMOBILE;\n } else if (ua.includes('msie') || ua.includes('trident/')) {\n return BrowserName.IE;\n } else if (ua.includes('edge/')) {\n return BrowserName.EDGE;\n } else if (_isFirefox(ua)) {\n return BrowserName.FIREFOX;\n } else if (ua.includes('silk/')) {\n return BrowserName.SILK;\n } else if (_isBlackBerry(ua)) {\n // Blackberry browser.\n return BrowserName.BLACKBERRY;\n } else if (_isWebOS(ua)) {\n // WebOS default browser.\n return BrowserName.WEBOS;\n } else if (_isSafari(ua)) {\n return BrowserName.SAFARI;\n } else if (\n (ua.includes('chrome/') || _isChromeIOS(ua)) &&\n !ua.includes('edge/')\n ) {\n return BrowserName.CHROME;\n } else if (_isAndroid(ua)) {\n // Android stock browser.\n return BrowserName.ANDROID;\n } else {\n // Most modern browsers have name/version at end of user agent string.\n const re = /([a-zA-Z\\d\\.]+)\\/[a-zA-Z\\d\\.]*$/;\n const matches = userAgent.match(re);\n if (matches?.length === 2) {\n return matches[1];\n }\n }\n return BrowserName.OTHER;\n}\n\nexport function _isFirefox(ua = getUA()): boolean {\n return /firefox\\//i.test(ua);\n}\n\nexport function _isSafari(userAgent = getUA()): boolean {\n const ua = userAgent.toLowerCase();\n return (\n ua.includes('safari/') &&\n !ua.includes('chrome/') &&\n !ua.includes('crios/') &&\n !ua.includes('android')\n );\n}\n\nexport function _isChromeIOS(ua = getUA()): boolean {\n return /crios\\//i.test(ua);\n}\n\nexport function _isIEMobile(ua = getUA()): boolean {\n return /iemobile/i.test(ua);\n}\n\nexport function _isAndroid(ua = getUA()): boolean {\n return /android/i.test(ua);\n}\n\nexport function _isBlackBerry(ua = getUA()): boolean {\n return /blackberry/i.test(ua);\n}\n\nexport function _isWebOS(ua = getUA()): boolean {\n return /webos/i.test(ua);\n}\n\nexport function _isIOS(ua = getUA()): boolean {\n return (\n /iphone|ipad|ipod/i.test(ua) ||\n (/macintosh/i.test(ua) && /mobile/i.test(ua))\n );\n}\n\nexport function _isIOS7Or8(ua = getUA()): boolean {\n return (\n /(iPad|iPhone|iPod).*OS 7_\\d/i.test(ua) ||\n /(iPad|iPhone|iPod).*OS 8_\\d/i.test(ua)\n );\n}\n\nexport function _isIOSStandalone(ua = getUA()): boolean {\n return _isIOS(ua) && !!(window.navigator as NavigatorStandalone)?.standalone;\n}\n\nexport function _isIE10(): boolean {\n return isIE() && (document as Document).documentMode === 10;\n}\n\nexport function _isMobileBrowser(ua: string = getUA()): boolean {\n // TODO: implement getBrowserName equivalent for OS.\n return (\n _isIOS(ua) ||\n _isAndroid(ua) ||\n _isWebOS(ua) ||\n _isBlackBerry(ua) ||\n /windows phone/i.test(ua) ||\n _isIEMobile(ua)\n );\n}\n\nexport function _isIframe(): boolean {\n try {\n // Check that the current window is not the top window.\n // If so, return true.\n return !!(window && window !== window.top);\n } catch (e) {\n return false;\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { SDK_VERSION } from '@firebase/app';\nimport { _getBrowserName } from './browser';\nimport { getUA } from '@firebase/util';\n\nexport const enum ClientImplementation {\n CORE = 'JsCore'\n}\n\n/**\n * @internal\n */\nexport const enum ClientPlatform {\n BROWSER = 'Browser',\n NODE = 'Node',\n REACT_NATIVE = 'ReactNative',\n CORDOVA = 'Cordova',\n WORKER = 'Worker',\n WEB_EXTENSION = 'WebExtension'\n}\n\n/*\n * Determine the SDK version string\n */\nexport function _getClientVersion(\n clientPlatform: ClientPlatform,\n frameworks: readonly string[] = []\n): string {\n let reportedPlatform: string;\n switch (clientPlatform) {\n case ClientPlatform.BROWSER:\n // In a browser environment, report the browser name.\n reportedPlatform = _getBrowserName(getUA());\n break;\n case ClientPlatform.WORKER:\n // Technically a worker runs from a browser but we need to differentiate a\n // worker from a browser.\n // For example: Chrome-Worker/JsCore/4.9.1/FirebaseCore-web.\n reportedPlatform = `${_getBrowserName(getUA())}-${clientPlatform}`;\n break;\n default:\n reportedPlatform = clientPlatform;\n }\n const reportedFrameworks = frameworks.length\n ? frameworks.join(',')\n : 'FirebaseCore-web'; /* default value if no other framework is used */\n return `${reportedPlatform}/${ClientImplementation.CORE}/${SDK_VERSION}/${reportedFrameworks}`;\n}\n","/**\n * @license\n * Copyright 2022 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthInternal } from '../../model/auth';\nimport { Unsubscribe, User } from '../../model/public_types';\nimport { AuthErrorCode } from '../errors';\n\ninterface MiddlewareEntry {\n (user: User | null): Promise<void>;\n onAbort?: () => void;\n}\n\nexport class AuthMiddlewareQueue {\n private readonly queue: MiddlewareEntry[] = [];\n\n constructor(private readonly auth: AuthInternal) {}\n\n pushCallback(\n callback: (user: User | null) => void | Promise<void>,\n onAbort?: () => void\n ): Unsubscribe {\n // The callback could be sync or async. Wrap it into a\n // function that is always async.\n const wrappedCallback: MiddlewareEntry = (\n user: User | null\n ): Promise<void> =>\n new Promise((resolve, reject) => {\n try {\n const result = callback(user);\n // Either resolve with existing promise or wrap a non-promise\n // return value into a promise.\n resolve(result);\n } catch (e) {\n // Sync callback throws.\n reject(e);\n }\n });\n // Attach the onAbort if present\n wrappedCallback.onAbort = onAbort;\n this.queue.push(wrappedCallback);\n\n const index = this.queue.length - 1;\n return () => {\n // Unsubscribe. Replace with no-op. Do not remove from array, or it will disturb\n // indexing of other elements.\n this.queue[index] = () => Promise.resolve();\n };\n }\n\n async runMiddleware(nextUser: User | null): Promise<void> {\n if (this.auth.currentUser === nextUser) {\n return;\n }\n\n // While running the middleware, build a temporary stack of onAbort\n // callbacks to call if one middleware callback rejects.\n\n const onAbortStack: Array<() => void> = [];\n try {\n for (const beforeStateCallback of this.queue) {\n await beforeStateCallback(nextUser);\n\n // Only push the onAbort if the callback succeeds\n if (beforeStateCallback.onAbort) {\n onAbortStack.push(beforeStateCallback.onAbort);\n }\n }\n } catch (e) {\n // Run all onAbort, with separate try/catch to ignore any errors and\n // continue\n onAbortStack.reverse();\n for (const onAbort of onAbortStack) {\n try {\n onAbort();\n } catch (_) {\n /* swallow error */\n }\n }\n\n throw this.auth._errorFactory.create(AuthErrorCode.LOGIN_BLOCKED, {\n originalMessage: (e as Error)?.message\n });\n }\n }\n}\n","/**\n * @license\n * Copyright 2023 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n _performApiRequest,\n Endpoint,\n HttpMethod,\n _addTidIfNecessary\n} from '../index';\nimport { Auth } from '../../model/public_types';\n\n/**\n * Request object for fetching the password policy.\n */\nexport interface GetPasswordPolicyRequest {\n tenantId?: string;\n}\n\n/**\n * Response object for fetching the password policy.\n */\nexport interface GetPasswordPolicyResponse {\n customStrengthOptions: {\n minPasswordLength?: number;\n maxPasswordLength?: number;\n containsLowercaseCharacter?: boolean;\n containsUppercaseCharacter?: boolean;\n containsNumericCharacter?: boolean;\n containsNonAlphanumericCharacter?: boolean;\n };\n allowedNonAlphanumericCharacters?: string[];\n enforcementState: string;\n forceUpgradeOnSignin?: boolean;\n schemaVersion: number;\n}\n\n/**\n * Fetches the password policy for the currently set tenant or the project if no tenant is set.\n *\n * @param auth Auth object.\n * @param request Password policy request.\n * @returns Password policy response.\n */\nexport async function _getPasswordPolicy(\n auth: Auth,\n request: GetPasswordPolicyRequest = {}\n): Promise<GetPasswordPolicyResponse> {\n return _performApiRequest<\n GetPasswordPolicyRequest,\n GetPasswordPolicyResponse\n >(\n auth,\n HttpMethod.GET,\n Endpoint.GET_PASSWORD_POLICY,\n _addTidIfNecessary(auth, request)\n );\n}\n","/**\n * @license\n * Copyright 2023 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { GetPasswordPolicyResponse } from '../../api/password_policy/get_password_policy';\nimport {\n PasswordPolicyCustomStrengthOptions,\n PasswordPolicyInternal,\n PasswordValidationStatusInternal\n} from '../../model/password_policy';\nimport { PasswordValidationStatus } from '../../model/public_types';\n\n// Minimum min password length enforced by the backend, even if no minimum length is set.\nconst MINIMUM_MIN_PASSWORD_LENGTH = 6;\n\n/**\n * Stores password policy requirements and provides password validation against the policy.\n *\n * @internal\n */\nexport class PasswordPolicyImpl implements PasswordPolicyInternal {\n readonly customStrengthOptions: PasswordPolicyCustomStrengthOptions;\n readonly allowedNonAlphanumericCharacters: string;\n readonly enforcementState: string;\n readonly forceUpgradeOnSignin: boolean;\n readonly schemaVersion: number;\n\n constructor(response: GetPasswordPolicyResponse) {\n // Only include custom strength options defined in the response.\n const responseOptions = response.customStrengthOptions;\n this.customStrengthOptions = {};\n // TODO: Remove once the backend is updated to include the minimum min password length instead of undefined when there is no minimum length set.\n this.customStrengthOptions.minPasswordLength =\n responseOptions.minPasswordLength ?? MINIMUM_MIN_PASSWORD_LENGTH;\n if (responseOptions.maxPasswordLength) {\n this.customStrengthOptions.maxPasswordLength =\n responseOptions.maxPasswordLength;\n }\n if (responseOptions.containsLowercaseCharacter !== undefined) {\n this.customStrengthOptions.containsLowercaseLetter =\n responseOptions.containsLowercaseCharacter;\n }\n if (responseOptions.containsUppercaseCharacter !== undefined) {\n this.customStrengthOptions.containsUppercaseLetter =\n responseOptions.containsUppercaseCharacter;\n }\n if (responseOptions.containsNumericCharacter !== undefined) {\n this.customStrengthOptions.containsNumericCharacter =\n responseOptions.containsNumericCharacter;\n }\n if (responseOptions.containsNonAlphanumericCharacter !== undefined) {\n this.customStrengthOptions.containsNonAlphanumericCharacter =\n responseOptions.containsNonAlphanumericCharacter;\n }\n\n this.enforcementState = response.enforcementState;\n if (this.enforcementState === 'ENFORCEMENT_STATE_UNSPECIFIED') {\n this.enforcementState = 'OFF';\n }\n\n // Use an empty string if no non-alphanumeric characters are specified in the response.\n this.allowedNonAlphanumericCharacters =\n response.allowedNonAlphanumericCharacters?.join('') ?? '';\n\n this.forceUpgradeOnSignin = response.forceUpgradeOnSignin ?? false;\n this.schemaVersion = response.schemaVersion;\n }\n\n validatePassword(password: string): PasswordValidationStatus {\n const status: PasswordValidationStatusInternal = {\n isValid: true,\n passwordPolicy: this\n };\n\n // Check the password length and character options.\n this.validatePasswordLengthOptions(password, status);\n this.validatePasswordCharacterOptions(password, status);\n\n // Combine the status into single isValid property.\n status.isValid &&= status.meetsMinPasswordLength ?? true;\n status.isValid &&= status.meetsMaxPasswordLength ?? true;\n status.isValid &&= status.containsLowercaseLetter ?? true;\n status.isValid &&= status.containsUppercaseLetter ?? true;\n status.isValid &&= status.containsNumericCharacter ?? true;\n status.isValid &&= status.containsNonAlphanumericCharacter ?? true;\n\n return status;\n }\n\n /**\n * Validates that the password meets the length options for the policy.\n *\n * @param password Password to validate.\n * @param status Validation status.\n */\n private validatePasswordLengthOptions(\n password: string,\n status: PasswordValidationStatusInternal\n ): void {\n const minPasswordLength = this.customStrengthOptions.minPasswordLength;\n const maxPasswordLength = this.customStrengthOptions.maxPasswordLength;\n if (minPasswordLength) {\n status.meetsMinPasswordLength = password.length >= minPasswordLength;\n }\n if (maxPasswordLength) {\n status.meetsMaxPasswordLength = password.length <= maxPasswordLength;\n }\n }\n\n /**\n * Validates that the password meets the character options for the policy.\n *\n * @param password Password to validate.\n * @param status Validation status.\n */\n private validatePasswordCharacterOptions(\n password: string,\n status: PasswordValidationStatusInternal\n ): void {\n // Assign statuses for requirements even if the password is an empty string.\n this.updatePasswordCharacterOptionsStatuses(\n status,\n /* containsLowercaseCharacter= */ false,\n /* containsUppercaseCharacter= */ false,\n /* containsNumericCharacter= */ false,\n /* containsNonAlphanumericCharacter= */ false\n );\n\n let passwordChar;\n for (let i = 0; i < password.length; i++) {\n passwordChar = password.charAt(i);\n this.updatePasswordCharacterOptionsStatuses(\n status,\n /* containsLowercaseCharacter= */ passwordChar >= 'a' &&\n passwordChar <= 'z',\n /* containsUppercaseCharacter= */ passwordChar >= 'A' &&\n passwordChar <= 'Z',\n /* containsNumericCharacter= */ passwordChar >= '0' &&\n passwordChar <= '9',\n /* containsNonAlphanumericCharacter= */ this.allowedNonAlphanumericCharacters.includes(\n passwordChar\n )\n );\n }\n }\n\n /**\n * Updates the running validation status with the statuses for the character options.\n * Expected to be called each time a character is processed to update each option status\n * based on the current character.\n *\n * @param status Validation status.\n * @param containsLowercaseCharacter Whether the character is a lowercase letter.\n * @param containsUppercaseCharacter Whether the character is an uppercase letter.\n * @param containsNumericCharacter Whether the character is a numeric character.\n * @param containsNonAlphanumericCharacter Whether the character is a non-alphanumeric character.\n */\n private updatePasswordCharacterOptionsStatuses(\n status: PasswordValidationStatusInternal,\n containsLowercaseCharacter: boolean,\n containsUppercaseCharacter: boolean,\n containsNumericCharacter: boolean,\n containsNonAlphanumericCharacter: boolean\n ): void {\n if (this.customStrengthOptions.containsLowercaseLetter) {\n status.containsLowercaseLetter ||= containsLowercaseCharacter;\n }\n if (this.customStrengthOptions.containsUppercaseLetter) {\n status.containsUppercaseLetter ||= containsUppercaseCharacter;\n }\n if (this.customStrengthOptions.containsNumericCharacter) {\n status.containsNumericCharacter ||= containsNumericCharacter;\n }\n if (this.customStrengthOptions.containsNonAlphanumericCharacter) {\n status.containsNonAlphanumericCharacter ||=\n containsNonAlphanumericCharacter;\n }\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n _isFirebaseServerApp,\n _FirebaseService,\n FirebaseApp\n} from '@firebase/app';\nimport { Provider } from '@firebase/component';\nimport { AppCheckInternalComponentName } from '@firebase/app-check-interop-types';\nimport {\n Auth,\n AuthErrorMap,\n AuthSettings,\n EmulatorConfig,\n NextOrObserver,\n Persistence,\n PopupRedirectResolver,\n User,\n UserCredential,\n CompleteFn,\n ErrorFn,\n NextFn,\n Unsubscribe,\n PasswordValidationStatus\n} from '../../model/public_types';\nimport {\n createSubscribe,\n ErrorFactory,\n FirebaseError,\n getModularInstance,\n Observer,\n Subscribe\n} from '@firebase/util';\n\nimport { AuthInternal, ConfigInternal } from '../../model/auth';\nimport { PopupRedirectResolverInternal } from '../../model/popup_redirect';\nimport { UserInternal } from '../../model/user';\nimport {\n AuthErrorCode,\n AuthErrorParams,\n ErrorMapRetriever,\n _DEFAULT_AUTH_ERROR_FACTORY\n} from '../errors';\nimport { PersistenceInternal } from '../persistence';\nimport {\n KeyName,\n PersistenceUserManager\n} from '../persistence/persistence_user_manager';\nimport { _reloadWithoutSaving } from '../user/reload';\nimport {\n _assert,\n _serverAppCurrentUserOperationNotSupportedError\n} from '../util/assert';\nimport { _getInstance } from '../util/instantiator';\nimport { _getUserLanguage } from '../util/navigator';\nimport { _getClientVersion } from '../util/version';\nimport { HttpHeader } from '../../api';\nimport {\n RevokeTokenRequest,\n TokenType,\n revokeToken\n} from '../../api/authentication/token';\nimport { AuthMiddlewareQueue } from './middleware';\nimport { RecaptchaConfig } from '../../platform_browser/recaptcha/recaptcha';\nimport { _logWarn } from '../util/log';\nimport { _getPasswordPolicy } from '../../api/password_policy/get_password_policy';\nimport { PasswordPolicyInternal } from '../../model/password_policy';\nimport { PasswordPolicyImpl } from './password_policy_impl';\nimport { getAccountInfo } from '../../api/account_management/account';\nimport { UserImpl } from '../user/user_impl';\n\ninterface AsyncAction {\n (): Promise<void>;\n}\n\nexport const enum DefaultConfig {\n TOKEN_API_HOST = 'securetoken.googleapis.com',\n API_HOST = 'identitytoolkit.googleapis.com',\n API_SCHEME = 'https'\n}\n\nexport class AuthImpl implements AuthInternal, _FirebaseService {\n currentUser: User | null = null;\n emulatorConfig: EmulatorConfig | null = null;\n private operations = Promise.resolve();\n private persistenceManager?: PersistenceUserManager;\n private redirectPersistenceManager?: PersistenceUserManager;\n private authStateSubscription = new Subscription<User>(this);\n private idTokenSubscription = new Subscription<User>(this);\n private readonly beforeStateQueue = new AuthMiddlewareQueue(this);\n private redirectUser: UserInternal | null = null;\n private isProactiveRefreshEnabled = false;\n private readonly EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION: number = 1;\n\n // Any network calls will set this to true and prevent subsequent emulator\n // initialization\n _canInitEmulator = true;\n _isInitialized = false;\n _deleted = false;\n _initializationPromise: Promise<void> | null = null;\n _popupRedirectResolver: PopupRedirectResolverInternal | null = null;\n _errorFactory: ErrorFactory<AuthErrorCode, AuthErrorParams> =\n _DEFAULT_AUTH_ERROR_FACTORY;\n _agentRecaptchaConfig: RecaptchaConfig | null = null;\n _tenantRecaptchaConfigs: Record<string, RecaptchaConfig> = {};\n _projectPasswordPolicy: PasswordPolicyInternal | null = null;\n _tenantPasswordPolicies: Record<string, PasswordPolicyInternal> = {};\n _resolvePersistenceManagerAvailable:\n | ((value: void | PromiseLike<void>) => void)\n | undefined = undefined;\n _persistenceManagerAvailable: Promise<void>;\n readonly name: string;\n\n // Tracks the last notified UID for state change listeners to prevent\n // repeated calls to the callbacks. Undefined means it's never been\n // called, whereas null means it's been called with a signed out user\n private lastNotifiedUid: string | null | undefined = undefined;\n\n languageCode: string | null = null;\n tenantId: string | null = null;\n settings: AuthSettings = { appVerificationDisabledForTesting: false };\n\n constructor(\n public readonly app: FirebaseApp,\n private readonly heartbeatServiceProvider: Provider<'heartbeat'>,\n private readonly appCheckServiceProvider: Provider<AppCheckInternalComponentName>,\n public readonly config: ConfigInternal\n ) {\n this.name = app.name;\n this.clientVersion = config.sdkClientVersion;\n // TODO(jamesdaniels) explore less hacky way to do this, cookie authentication needs\n // persistenceMananger to be available. see _getFinalTarget for more context\n this._persistenceManagerAvailable = new Promise<void>(\n resolve => (this._resolvePersistenceManagerAvailable = resolve)\n );\n }\n\n _initializeWithPersistence(\n persistenceHierarchy: PersistenceInternal[],\n popupRedirectResolver?: PopupRedirectResolver\n ): Promise<void> {\n if (popupRedirectResolver) {\n this._popupRedirectResolver = _getInstance(popupRedirectResolver);\n }\n\n // Have to check for app deletion throughout initialization (after each\n // promise resolution)\n this._initializationPromise = this.queue(async () => {\n if (this._deleted) {\n return;\n }\n\n this.persistenceManager = await PersistenceUserManager.create(\n this,\n persistenceHierarchy\n );\n this._resolvePersistenceManagerAvailable?.();\n\n if (this._deleted) {\n return;\n }\n\n // Initialize the resolver early if necessary (only applicable to web:\n // this will cause the iframe to load immediately in certain cases)\n if (this._popupRedirectResolver?._shouldInitProactively) {\n // If this fails, don't halt auth loading\n try {\n await this._popupRedirectResolver._initialize(this);\n } catch (e) {\n /* Ignore the error */\n }\n }\n\n await this.initializeCurrentUser(popupRedirectResolver);\n\n this.lastNotifiedUid = this.currentUser?.uid || null;\n\n if (this._deleted) {\n return;\n }\n\n this._isInitialized = true;\n });\n\n return this._initializationPromise;\n }\n\n /**\n * If the persistence is changed in another window, the user manager will let us know\n */\n async _onStorageEvent(): Promise<void> {\n if (this._deleted) {\n return;\n }\n\n const user = await this.assertedPersistence.getCurrentUser();\n\n if (!this.currentUser && !user) {\n // No change, do nothing (was signed out and remained signed out).\n return;\n }\n\n // If the same user is to be synchronized.\n if (this.currentUser && user && this.currentUser.uid === user.uid) {\n // Data update, simply copy data changes.\n this._currentUser._assign(user);\n // If tokens changed from previous user tokens, this will trigger\n // notifyAuthListeners_.\n await this.currentUser.getIdToken();\n return;\n }\n\n // Update current Auth state. Either a new login or logout.\n // Skip blocking callbacks, they should not apply to a change in another tab.\n await this._updateCurrentUser(user, /* skipBeforeStateCallbacks */ true);\n }\n\n private async initializeCurrentUserFromIdToken(\n idToken: string\n ): Promise<void> {\n try {\n const response = await getAccountInfo(this, { idToken });\n const user = await UserImpl._fromGetAccountInfoResponse(\n this,\n response,\n idToken\n );\n await this.directlySetCurrentUser(user);\n } catch (err) {\n console.warn(\n 'FirebaseServerApp could not login user with provided authIdToken: ',\n err\n );\n await this.directlySetCurrentUser(null);\n }\n }\n\n private async initializeCurrentUser(\n popupRedirectResolver?: PopupRedirectResolver\n ): Promise<void> {\n if (_isFirebaseServerApp(this.app)) {\n const idToken = this.app.settings.authIdToken;\n if (idToken) {\n // Start the auth operation in the next tick to allow a moment for the customer's app to\n // attach an emulator, if desired.\n return new Promise<void>(resolve => {\n setTimeout(() =>\n this.initializeCurrentUserFromIdToken(idToken).then(\n resolve,\n resolve\n )\n );\n });\n } else {\n return this.directlySetCurrentUser(null);\n }\n }\n\n // First check to see if we have a pending redirect event.\n const previouslyStoredUser =\n (await this.assertedPersistence.getCurrentUser()) as UserInternal | null;\n let futureCurrentUser = previouslyStoredUser;\n let needsTocheckMiddleware = false;\n if (popupRedirectResolver && this.config.authDomain) {\n await this.getOrInitRedirectPersistenceManager();\n const redirectUserEventId = this.redirectUser?._redirectEventId;\n const storedUserEventId = futureCurrentUser?._redirectEventId;\n const result = await this.tryRedirectSignIn(popupRedirectResolver);\n\n // If the stored user (i.e. the old \"currentUser\") has a redirectId that\n // matches the redirect user, then we want to initially sign in with the\n // new user object from result.\n // TODO(samgho): More thoroughly test all of this\n if (\n (!redirectUserEventId || redirectUserEventId === storedUserEventId) &&\n result?.user\n ) {\n futureCurrentUser = result.user as UserInternal;\n needsTocheckMiddleware = true;\n }\n }\n\n // If no user in persistence, there is no current user. Set to null.\n if (!futureCurrentUser) {\n return this.directlySetCurrentUser(null);\n }\n\n if (!futureCurrentUser._redirectEventId) {\n // This isn't a redirect link operation, we can reload and bail.\n // First though, ensure that we check the middleware is happy.\n if (needsTocheckMiddleware) {\n try {\n await this.beforeStateQueue.runMiddleware(futureCurrentUser);\n } catch (e) {\n futureCurrentUser = previouslyStoredUser;\n // We know this is available since the bit is only set when the\n // resolver is available\n this._popupRedirectResolver!._overrideRedirectResult(this, () =>\n Promise.reject(e)\n );\n }\n }\n\n if (futureCurrentUser) {\n return this.reloadAndSetCurrentUserOrClear(futureCurrentUser);\n } else {\n return this.directlySetCurrentUser(null);\n }\n }\n\n _assert(this._popupRedirectResolver, this, AuthErrorCode.ARGUMENT_ERROR);\n await this.getOrInitRedirectPersistenceManager();\n\n // If the redirect user's event ID matches the current user's event ID,\n // DO NOT reload the current user, otherwise they'll be cleared from storage.\n // This is important for the reauthenticateWithRedirect() flow.\n if (\n this.redirectUser &&\n this.redirectUser._redirectEventId === futureCurrentUser._redirectEventId\n ) {\n return this.directlySetCurrentUser(futureCurrentUser);\n }\n\n return this.reloadAndSetCurrentUserOrClear(futureCurrentUser);\n }\n\n private async tryRedirectSignIn(\n redirectResolver: PopupRedirectResolver\n ): Promise<UserCredential | null> {\n // The redirect user needs to be checked (and signed in if available)\n // during auth initialization. All of the normal sign in and link/reauth\n // flows call back into auth and push things onto the promise queue. We\n // need to await the result of the redirect sign in *inside the promise\n // queue*. This presents a problem: we run into deadlock. See:\n // ┌> [Initialization] ─────┐\n // ┌> [<other queue tasks>] │\n // └─ [getRedirectResult] <─┘\n // where [] are tasks on the queue and arrows denote awaits\n // Initialization will never complete because it's waiting on something\n // that's waiting for initialization to complete!\n //\n // Instead, this method calls getRedirectResult() (stored in\n // _completeRedirectFn) with an optional parameter that instructs all of\n // the underlying auth operations to skip anything that mutates auth state.\n\n let result: UserCredential | null = null;\n try {\n // We know this._popupRedirectResolver is set since redirectResolver\n // is passed in. The _completeRedirectFn expects the unwrapped extern.\n result = await this._popupRedirectResolver!._completeRedirectFn(\n this,\n redirectResolver,\n true\n );\n } catch (e) {\n // Swallow any errors here; the code can retrieve them in\n // getRedirectResult().\n await this._setRedirectUser(null);\n }\n\n return result;\n }\n\n private async reloadAndSetCurrentUserOrClear(\n user: UserInternal\n ): Promise<void> {\n try {\n await _reloadWithoutSaving(user);\n } catch (e) {\n if (\n (e as FirebaseError)?.code !==\n `auth/${AuthErrorCode.NETWORK_REQUEST_FAILED}`\n ) {\n // Something's wrong with the user's token. Log them out and remove\n // them from storage\n return this.directlySetCurrentUser(null);\n }\n }\n\n return this.directlySetCurrentUser(user);\n }\n\n useDeviceLanguage(): void {\n this.languageCode = _getUserLanguage();\n }\n\n async _delete(): Promise<void> {\n this._deleted = true;\n }\n\n async updateCurrentUser(userExtern: User | null): Promise<void> {\n if (_isFirebaseServerApp(this.app)) {\n return Promise.reject(\n _serverAppCurrentUserOperationNotSupportedError(this)\n );\n }\n // The public updateCurrentUser method needs to make a copy of the user,\n // and also check that the project matches\n const user = userExtern\n ? (getModularInstance(userExtern) as UserInternal)\n : null;\n if (user) {\n _assert(\n user.auth.config.apiKey === this.config.apiKey,\n this,\n AuthErrorCode.INVALID_AUTH\n );\n }\n return this._updateCurrentUser(user && user._clone(this));\n }\n\n async _updateCurrentUser(\n user: User | null,\n skipBeforeStateCallbacks: boolean = false\n ): Promise<void> {\n if (this._deleted) {\n return;\n }\n if (user) {\n _assert(\n this.tenantId === user.tenantId,\n this,\n AuthErrorCode.TENANT_ID_MISMATCH\n );\n }\n\n if (!skipBeforeStateCallbacks) {\n await this.beforeStateQueue.runMiddleware(user);\n }\n\n return this.queue(async () => {\n await this.directlySetCurrentUser(user as UserInternal | null);\n this.notifyAuthListeners();\n });\n }\n\n async signOut(): Promise<void> {\n if (_isFirebaseServerApp(this.app)) {\n return Promise.reject(\n _serverAppCurrentUserOperationNotSupportedError(this)\n );\n }\n // Run first, to block _setRedirectUser() if any callbacks fail.\n await this.beforeStateQueue.runMiddleware(null);\n // Clear the redirect user when signOut is called\n if (this.redirectPersistenceManager || this._popupRedirectResolver) {\n await this._setRedirectUser(null);\n }\n\n // Prevent callbacks from being called again in _updateCurrentUser, as\n // they were already called in the first line.\n return this._updateCurrentUser(null, /* skipBeforeStateCallbacks */ true);\n }\n\n setPersistence(persistence: Persistence): Promise<void> {\n if (_isFirebaseServerApp(this.app)) {\n return Promise.reject(\n _serverAppCurrentUserOperationNotSupportedError(this)\n );\n }\n return this.queue(async () => {\n await this.assertedPersistence.setPersistence(_getInstance(persistence));\n });\n }\n\n _getRecaptchaConfig(): RecaptchaConfig | null {\n if (this.tenantId == null) {\n return this._agentRecaptchaConfig;\n } else {\n return this._tenantRecaptchaConfigs[this.tenantId];\n }\n }\n\n async validatePassword(password: string): Promise<PasswordValidationStatus> {\n if (!this._getPasswordPolicyInternal()) {\n await this._updatePasswordPolicy();\n }\n\n // Password policy will be defined after fetching.\n const passwordPolicy: PasswordPolicyInternal =\n this._getPasswordPolicyInternal()!;\n\n // Check that the policy schema version is supported by the SDK.\n // TODO: Update this logic to use a max supported policy schema version once we have multiple schema versions.\n if (\n passwordPolicy.schemaVersion !==\n this.EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION\n ) {\n return Promise.reject(\n this._errorFactory.create(\n AuthErrorCode.UNSUPPORTED_PASSWORD_POLICY_SCHEMA_VERSION,\n {}\n )\n );\n }\n\n return passwordPolicy.validatePassword(password);\n }\n\n _getPasswordPolicyInternal(): PasswordPolicyInternal | null {\n if (this.tenantId === null) {\n return this._projectPasswordPolicy;\n } else {\n return this._tenantPasswordPolicies[this.tenantId];\n }\n }\n\n async _updatePasswordPolicy(): Promise<void> {\n const response = await _getPasswordPolicy(this);\n\n const passwordPolicy: PasswordPolicyInternal = new PasswordPolicyImpl(\n response\n );\n\n if (this.tenantId === null) {\n this._projectPasswordPolicy = passwordPolicy;\n } else {\n this._tenantPasswordPolicies[this.tenantId] = passwordPolicy;\n }\n }\n\n _getPersistenceType(): string {\n return this.assertedPersistence.persistence.type;\n }\n\n _getPersistence(): PersistenceInternal {\n return this.assertedPersistence.persistence;\n }\n\n _updateErrorMap(errorMap: AuthErrorMap): void {\n this._errorFactory = new ErrorFactory<AuthErrorCode, AuthErrorParams>(\n 'auth',\n 'Firebase',\n (errorMap as ErrorMapRetriever)()\n );\n }\n\n onAuthStateChanged(\n nextOrObserver: NextOrObserver<User>,\n error?: ErrorFn,\n completed?: CompleteFn\n ): Unsubscribe {\n return this.registerStateListener(\n this.authStateSubscription,\n nextOrObserver,\n error,\n completed\n );\n }\n\n beforeAuthStateChanged(\n callback: (user: User | null) => void | Promise<void>,\n onAbort?: () => void\n ): Unsubscribe {\n return this.beforeStateQueue.pushCallback(callback, onAbort);\n }\n\n onIdTokenChanged(\n nextOrObserver: NextOrObserver<User>,\n error?: ErrorFn,\n completed?: CompleteFn\n ): Unsubscribe {\n return this.registerStateListener(\n this.idTokenSubscription,\n nextOrObserver,\n error,\n completed\n );\n }\n\n authStateReady(): Promise<void> {\n return new Promise((resolve, reject) => {\n if (this.currentUser) {\n resolve();\n } else {\n const unsubscribe = this.onAuthStateChanged(() => {\n unsubscribe();\n resolve();\n }, reject);\n }\n });\n }\n\n /**\n * Revokes the given access token. Currently only supports Apple OAuth access tokens.\n */\n async revokeAccessToken(token: string): Promise<void> {\n if (this.currentUser) {\n const idToken = await this.currentUser.getIdToken();\n // Generalize this to accept other providers once supported.\n const request: RevokeTokenRequest = {\n providerId: 'apple.com',\n tokenType: TokenType.ACCESS_TOKEN,\n token,\n idToken\n };\n if (this.tenantId != null) {\n request.tenantId = this.tenantId;\n }\n await revokeToken(this, request);\n }\n }\n\n toJSON(): object {\n return {\n apiKey: this.config.apiKey,\n authDomain: this.config.authDomain,\n appName: this.name,\n currentUser: this._currentUser?.toJSON()\n };\n }\n\n async _setRedirectUser(\n user: UserInternal | null,\n popupRedirectResolver?: PopupRedirectResolver\n ): Promise<void> {\n const redirectManager = await this.getOrInitRedirectPersistenceManager(\n popupRedirectResolver\n );\n return user === null\n ? redirectManager.removeCurrentUser()\n : redirectManager.setCurrentUser(user);\n }\n\n private async getOrInitRedirectPersistenceManager(\n popupRedirectResolver?: PopupRedirectResolver\n ): Promise<PersistenceUserManager> {\n if (!this.redirectPersistenceManager) {\n const resolver: PopupRedirectResolverInternal | null =\n (popupRedirectResolver && _getInstance(popupRedirectResolver)) ||\n this._popupRedirectResolver;\n _assert(resolver, this, AuthErrorCode.ARGUMENT_ERROR);\n this.redirectPersistenceManager = await PersistenceUserManager.create(\n this,\n [_getInstance(resolver._redirectPersistence)],\n KeyName.REDIRECT_USER\n );\n this.redirectUser =\n await this.redirectPersistenceManager.getCurrentUser();\n }\n\n return this.redirectPersistenceManager;\n }\n\n async _redirectUserForId(id: string): Promise<UserInternal | null> {\n // Make sure we've cleared any pending persistence actions if we're not in\n // the initializer\n if (this._isInitialized) {\n await this.queue(async () => {});\n }\n\n if (this._currentUser?._redirectEventId === id) {\n return this._currentUser;\n }\n\n if (this.redirectUser?._redirectEventId === id) {\n return this.redirectUser;\n }\n\n return null;\n }\n\n async _persistUserIfCurrent(user: UserInternal): Promise<void> {\n if (user === this.currentUser) {\n return this.queue(async () => this.directlySetCurrentUser(user));\n }\n }\n\n /** Notifies listeners only if the user is current */\n _notifyListenersIfCurrent(user: UserInternal): void {\n if (user === this.currentUser) {\n this.notifyAuthListeners();\n }\n }\n\n _key(): string {\n return `${this.config.authDomain}:${this.config.apiKey}:${this.name}`;\n }\n\n _startProactiveRefresh(): void {\n this.isProactiveRefreshEnabled = true;\n if (this.currentUser) {\n this._currentUser._startProactiveRefresh();\n }\n }\n\n _stopProactiveRefresh(): void {\n this.isProactiveRefreshEnabled = false;\n if (this.currentUser) {\n this._currentUser._stopProactiveRefresh();\n }\n }\n\n /** Returns the current user cast as the internal type */\n get _currentUser(): UserInternal {\n return this.currentUser as UserInternal;\n }\n\n private notifyAuthListeners(): void {\n if (!this._isInitialized) {\n return;\n }\n\n this.idTokenSubscription.next(this.currentUser);\n\n const currentUid = this.currentUser?.uid ?? null;\n if (this.lastNotifiedUid !== currentUid) {\n this.lastNotifiedUid = currentUid;\n this.authStateSubscription.next(this.currentUser);\n }\n }\n\n private registerStateListener(\n subscription: Subscription<User>,\n nextOrObserver: NextOrObserver<User>,\n error?: ErrorFn,\n completed?: CompleteFn\n ): Unsubscribe {\n if (this._deleted) {\n return () => {};\n }\n\n const cb =\n typeof nextOrObserver === 'function'\n ? nextOrObserver\n : nextOrObserver.next.bind(nextOrObserver);\n\n let isUnsubscribed = false;\n\n const promise = this._isInitialized\n ? Promise.resolve()\n : this._initializationPromise;\n _assert(promise, this, AuthErrorCode.INTERNAL_ERROR);\n // The callback needs to be called asynchronously per the spec.\n // eslint-disable-next-line @typescript-eslint/no-floating-promises\n promise.then(() => {\n if (isUnsubscribed) {\n return;\n }\n cb(this.currentUser);\n });\n\n if (typeof nextOrObserver === 'function') {\n const unsubscribe = subscription.addObserver(\n nextOrObserver,\n error,\n completed\n );\n return () => {\n isUnsubscribed = true;\n unsubscribe();\n };\n } else {\n const unsubscribe = subscription.addObserver(nextOrObserver);\n return () => {\n isUnsubscribed = true;\n unsubscribe();\n };\n }\n }\n\n /**\n * Unprotected (from race conditions) method to set the current user. This\n * should only be called from within a queued callback. This is necessary\n * because the queue shouldn't rely on another queued callback.\n */\n private async directlySetCurrentUser(\n user: UserInternal | null\n ): Promise<void> {\n if (this.currentUser && this.currentUser !== user) {\n this._currentUser._stopProactiveRefresh();\n }\n if (user && this.isProactiveRefreshEnabled) {\n user._startProactiveRefresh();\n }\n\n this.currentUser = user;\n\n if (user) {\n await this.assertedPersistence.setCurrentUser(user);\n } else {\n await this.assertedPersistence.removeCurrentUser();\n }\n }\n\n private queue(action: AsyncAction): Promise<void> {\n // In case something errors, the callback still should be called in order\n // to keep the promise chain alive\n this.operations = this.operations.then(action, action);\n return this.operations;\n }\n\n private get assertedPersistence(): PersistenceUserManager {\n _assert(this.persistenceManager, this, AuthErrorCode.INTERNAL_ERROR);\n return this.persistenceManager;\n }\n\n private frameworks: string[] = [];\n private clientVersion: string;\n _logFramework(framework: string): void {\n if (!framework || this.frameworks.includes(framework)) {\n return;\n }\n this.frameworks.push(framework);\n\n // Sort alphabetically so that \"FirebaseCore-web,FirebaseUI-web\" and\n // \"FirebaseUI-web,FirebaseCore-web\" aren't viewed as different.\n this.frameworks.sort();\n this.clientVersion = _getClientVersion(\n this.config.clientPlatform,\n this._getFrameworks()\n );\n }\n _getFrameworks(): readonly string[] {\n return this.frameworks;\n }\n async _getAdditionalHeaders(): Promise<Record<string, string>> {\n // Additional headers on every request\n const headers: Record<string, string> = {\n [HttpHeader.X_CLIENT_VERSION]: this.clientVersion\n };\n\n if (this.app.options.appId) {\n headers[HttpHeader.X_FIREBASE_GMPID] = this.app.options.appId;\n }\n\n // If the heartbeat service exists, add the heartbeat string\n const heartbeatsHeader = await this.heartbeatServiceProvider\n .getImmediate({\n optional: true\n })\n ?.getHeartbeatsHeader();\n if (heartbeatsHeader) {\n headers[HttpHeader.X_FIREBASE_CLIENT] = heartbeatsHeader;\n }\n\n // If the App Check service exists, add the App Check token in the headers\n const appCheckToken = await this._getAppCheckToken();\n if (appCheckToken) {\n headers[HttpHeader.X_FIREBASE_APP_CHECK] = appCheckToken;\n }\n\n return headers;\n }\n\n async _getAppCheckToken(): Promise<string | undefined> {\n if (_isFirebaseServerApp(this.app) && this.app.settings.appCheckToken) {\n return this.app.settings.appCheckToken;\n }\n const appCheckTokenResult = await this.appCheckServiceProvider\n .getImmediate({ optional: true })\n ?.getToken();\n if (appCheckTokenResult?.error) {\n // Context: appCheck.getToken() will never throw even if an error happened.\n // In the error case, a dummy token will be returned along with an error field describing\n // the error. In general, we shouldn't care about the error condition and just use\n // the token (actual or dummy) to send requests.\n _logWarn(\n `Error while retrieving App Check token: ${appCheckTokenResult.error}`\n );\n }\n return appCheckTokenResult?.token;\n }\n}\n\n/**\n * Method to be used to cast down to our private implementation of Auth.\n * It will also handle unwrapping from the compat type if necessary\n *\n * @param auth Auth object passed in from developer\n */\nexport function _castAuth(auth: Auth): AuthInternal {\n return getModularInstance(auth) as AuthInternal;\n}\n\n/** Helper class to wrap subscriber logic */\nclass Subscription<T> {\n private observer: Observer<T | null> | null = null;\n readonly addObserver: Subscribe<T | null> = createSubscribe(\n observer => (this.observer = observer)\n );\n\n constructor(readonly auth: AuthInternal) {}\n\n get next(): NextFn<T | null> {\n _assert(this.observer, this.auth, AuthErrorCode.INTERNAL_ERROR);\n return this.observer.next.bind(this.observer);\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\ninterface ExternalJSProvider {\n loadJS(url: string): Promise<Event>;\n recaptchaV2Script: string;\n recaptchaEnterpriseScript: string;\n gapiScript: string;\n}\n\nlet externalJSProvider: ExternalJSProvider = {\n async loadJS() {\n throw new Error('Unable to load external scripts');\n },\n\n recaptchaV2Script: '',\n recaptchaEnterpriseScript: '',\n gapiScript: ''\n};\n\nexport function _setExternalJSProvider(p: ExternalJSProvider): void {\n externalJSProvider = p;\n}\n\nexport function _loadJS(url: string): Promise<Event> {\n return externalJSProvider.loadJS(url);\n}\n\nexport function _recaptchaV2ScriptUrl(): string {\n return externalJSProvider.recaptchaV2Script;\n}\n\nexport function _recaptchaEnterpriseScriptUrl(): string {\n return externalJSProvider.recaptchaEnterpriseScript;\n}\n\nexport function _gapiScriptUrl(): string {\n return externalJSProvider.gapiScript;\n}\n\nexport function _generateCallbackName(prefix: string): string {\n return `__${prefix}${Math.floor(Math.random() * 1000000)}`;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthErrorCode } from '../../core/errors';\nimport { _assert } from '../../core/util/assert';\nimport { AuthInternal } from '../../model/auth';\nimport { RecaptchaParameters } from '../../model/public_types';\nimport {\n Recaptcha,\n GreCAPTCHATopLevel,\n GreCAPTCHARenderOption,\n GreCAPTCHA\n} from './recaptcha';\n\nexport const _SOLVE_TIME_MS = 500;\nexport const _EXPIRATION_TIME_MS = 60_000;\nexport const _WIDGET_ID_START = 1_000_000_000_000;\n\nexport interface Widget {\n getResponse: () => string | null;\n delete: () => void;\n execute: () => void;\n}\n\nexport class MockReCaptcha implements Recaptcha {\n private counter = _WIDGET_ID_START;\n _widgets = new Map<number, Widget>();\n\n constructor(private readonly auth: AuthInternal) {}\n\n render(\n container: string | HTMLElement,\n parameters?: RecaptchaParameters\n ): number {\n const id = this.counter;\n this._widgets.set(\n id,\n new MockWidget(container, this.auth.name, parameters || {})\n );\n this.counter++;\n return id;\n }\n\n reset(optWidgetId?: number): void {\n const id = optWidgetId || _WIDGET_ID_START;\n void this._widgets.get(id)?.delete();\n this._widgets.delete(id);\n }\n\n getResponse(optWidgetId?: number): string {\n const id = optWidgetId || _WIDGET_ID_START;\n return this._widgets.get(id)?.getResponse() || '';\n }\n\n async execute(optWidgetId?: number | string): Promise<string> {\n const id: number = (optWidgetId as number) || _WIDGET_ID_START;\n void this._widgets.get(id)?.execute();\n return '';\n }\n}\n\nexport class MockGreCAPTCHATopLevel implements GreCAPTCHATopLevel {\n enterprise: GreCAPTCHA = new MockGreCAPTCHA();\n ready(callback: () => void): void {\n callback();\n }\n\n execute(\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n _siteKey: string,\n _options: { action: string }\n ): Promise<string> {\n return Promise.resolve('token');\n }\n render(\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n _container: string | HTMLElement,\n _parameters: GreCAPTCHARenderOption\n ): string {\n return '';\n }\n}\n\nexport class MockGreCAPTCHA implements GreCAPTCHA {\n ready(callback: () => void): void {\n callback();\n }\n\n execute(\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n _siteKey: string,\n _options: { action: string }\n ): Promise<string> {\n return Promise.resolve('token');\n }\n render(\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n _container: string | HTMLElement,\n _parameters: GreCAPTCHARenderOption\n ): string {\n return '';\n }\n}\n\nexport class MockWidget {\n private readonly container: HTMLElement;\n private readonly isVisible: boolean;\n private timerId: number | null = null;\n private deleted = false;\n private responseToken: string | null = null;\n private readonly clickHandler = (): void => {\n this.execute();\n };\n\n constructor(\n containerOrId: string | HTMLElement,\n appName: string,\n private readonly params: RecaptchaParameters\n ) {\n const container =\n typeof containerOrId === 'string'\n ? document.getElementById(containerOrId)\n : containerOrId;\n _assert(container, AuthErrorCode.ARGUMENT_ERROR, { appName });\n\n this.container = container;\n this.isVisible = this.params.size !== 'invisible';\n if (this.isVisible) {\n this.execute();\n } else {\n this.container.addEventListener('click', this.clickHandler);\n }\n }\n\n getResponse(): string | null {\n this.checkIfDeleted();\n return this.responseToken;\n }\n\n delete(): void {\n this.checkIfDeleted();\n this.deleted = true;\n if (this.timerId) {\n clearTimeout(this.timerId);\n this.timerId = null;\n }\n this.container.removeEventListener('click', this.clickHandler);\n }\n\n execute(): void {\n this.checkIfDeleted();\n if (this.timerId) {\n return;\n }\n\n this.timerId = window.setTimeout(() => {\n this.responseToken = generateRandomAlphaNumericString(50);\n const { callback, 'expired-callback': expiredCallback } = this.params;\n if (callback) {\n try {\n callback(this.responseToken);\n } catch (e) {}\n }\n\n this.timerId = window.setTimeout(() => {\n this.timerId = null;\n this.responseToken = null;\n if (expiredCallback) {\n try {\n expiredCallback();\n } catch (e) {}\n }\n\n if (this.isVisible) {\n this.execute();\n }\n }, _EXPIRATION_TIME_MS);\n }, _SOLVE_TIME_MS);\n }\n\n private checkIfDeleted(): void {\n if (this.deleted) {\n throw new Error('reCAPTCHA mock was already deleted!');\n }\n }\n}\n\nfunction generateRandomAlphaNumericString(len: number): string {\n const chars = [];\n const allowedChars =\n '1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';\n for (let i = 0; i < len; i++) {\n chars.push(\n allowedChars.charAt(Math.floor(Math.random() * allowedChars.length))\n );\n }\n return chars.join('');\n}\n","/* eslint-disable @typescript-eslint/no-require-imports */\n/**\n * @license\n * Copyright 2022 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { isEnterprise, RecaptchaConfig } from './recaptcha';\nimport { getRecaptchaConfig } from '../../api/authentication/recaptcha';\nimport {\n RecaptchaClientType,\n RecaptchaVersion,\n RecaptchaActionName,\n RecaptchaAuthProvider,\n EnforcementState\n} from '../../api';\n\nimport { Auth } from '../../model/public_types';\nimport { AuthInternal } from '../../model/auth';\nimport { _castAuth } from '../../core/auth/auth_impl';\nimport * as jsHelpers from '../load_js';\nimport { AuthErrorCode } from '../../core/errors';\nimport { StartPhoneMfaEnrollmentRequest } from '../../api/account_management/mfa';\nimport { StartPhoneMfaSignInRequest } from '../../api/authentication/mfa';\nimport { MockGreCAPTCHATopLevel } from './recaptcha_mock';\n\nexport const RECAPTCHA_ENTERPRISE_VERIFIER_TYPE = 'recaptcha-enterprise';\nexport const FAKE_TOKEN = 'NO_RECAPTCHA';\n\nexport class RecaptchaEnterpriseVerifier {\n /**\n * Identifies the type of application verifier (e.g. \"recaptcha-enterprise\").\n */\n readonly type = RECAPTCHA_ENTERPRISE_VERIFIER_TYPE;\n\n private readonly auth: AuthInternal;\n\n /**\n *\n * @param authExtern - The corresponding Firebase {@link Auth} instance.\n *\n */\n constructor(authExtern: Auth) {\n this.auth = _castAuth(authExtern);\n }\n\n /**\n * Executes the verification process.\n *\n * @returns A Promise for a token that can be used to assert the validity of a request.\n */\n async verify(\n action: string = 'verify',\n forceRefresh = false\n ): Promise<string> {\n async function retrieveSiteKey(auth: AuthInternal): Promise<string> {\n if (!forceRefresh) {\n if (auth.tenantId == null && auth._agentRecaptchaConfig != null) {\n return auth._agentRecaptchaConfig.siteKey;\n }\n if (\n auth.tenantId != null &&\n auth._tenantRecaptchaConfigs[auth.tenantId] !== undefined\n ) {\n return auth._tenantRecaptchaConfigs[auth.tenantId].siteKey;\n }\n }\n\n return new Promise<string>(async (resolve, reject) => {\n getRecaptchaConfig(auth, {\n clientType: RecaptchaClientType.WEB,\n version: RecaptchaVersion.ENTERPRISE\n })\n .then(response => {\n if (response.recaptchaKey === undefined) {\n reject(new Error('recaptcha Enterprise site key undefined'));\n } else {\n const config = new RecaptchaConfig(response);\n if (auth.tenantId == null) {\n auth._agentRecaptchaConfig = config;\n } else {\n auth._tenantRecaptchaConfigs[auth.tenantId] = config;\n }\n return resolve(config.siteKey);\n }\n })\n .catch(error => {\n reject(error);\n });\n });\n }\n\n function retrieveRecaptchaToken(\n siteKey: string,\n resolve: (value: string | PromiseLike<string>) => void,\n reject: (reason?: unknown) => void\n ): void {\n const grecaptcha = window.grecaptcha;\n if (isEnterprise(grecaptcha)) {\n grecaptcha.enterprise.ready(() => {\n grecaptcha.enterprise\n .execute(siteKey, { action })\n .then(token => {\n resolve(token);\n })\n .catch(() => {\n resolve(FAKE_TOKEN);\n });\n });\n } else {\n reject(Error('No reCAPTCHA enterprise script loaded.'));\n }\n }\n\n // Returns Promise for a mock token when appVerificationDisabledForTesting is true.\n if (this.auth.settings.appVerificationDisabledForTesting) {\n const mockRecaptcha = new MockGreCAPTCHATopLevel();\n return mockRecaptcha.execute('siteKey', { action: 'verify' });\n }\n\n return new Promise<string>((resolve, reject) => {\n retrieveSiteKey(this.auth)\n .then(siteKey => {\n if (!forceRefresh && isEnterprise(window.grecaptcha)) {\n retrieveRecaptchaToken(siteKey, resolve, reject);\n } else {\n if (typeof window === 'undefined') {\n reject(\n new Error('RecaptchaVerifier is only supported in browser')\n );\n return;\n }\n let url = jsHelpers._recaptchaEnterpriseScriptUrl();\n if (url.length !== 0) {\n url += siteKey;\n }\n jsHelpers\n ._loadJS(url)\n .then(() => {\n retrieveRecaptchaToken(siteKey, resolve, reject);\n })\n .catch(error => {\n reject(error);\n });\n }\n })\n .catch(error => {\n reject(error);\n });\n });\n }\n}\n\nexport async function injectRecaptchaFields<T extends object>(\n auth: AuthInternal,\n request: T,\n action: RecaptchaActionName,\n isCaptchaResp = false,\n isFakeToken = false\n): Promise<T> {\n const verifier = new RecaptchaEnterpriseVerifier(auth);\n let captchaResponse;\n\n if (isFakeToken) {\n captchaResponse = FAKE_TOKEN;\n } else {\n try {\n captchaResponse = await verifier.verify(action);\n } catch (error) {\n captchaResponse = await verifier.verify(action, true);\n }\n }\n\n const newRequest = { ...request };\n if (\n action === RecaptchaActionName.MFA_SMS_ENROLLMENT ||\n action === RecaptchaActionName.MFA_SMS_SIGNIN\n ) {\n if ('phoneEnrollmentInfo' in newRequest) {\n const phoneNumber = (\n newRequest as unknown as StartPhoneMfaEnrollmentRequest\n ).phoneEnrollmentInfo.phoneNumber;\n const recaptchaToken = (\n newRequest as unknown as StartPhoneMfaEnrollmentRequest\n ).phoneEnrollmentInfo.recaptchaToken;\n\n Object.assign(newRequest, {\n 'phoneEnrollmentInfo': {\n phoneNumber,\n recaptchaToken,\n captchaResponse,\n 'clientType': RecaptchaClientType.WEB,\n 'recaptchaVersion': RecaptchaVersion.ENTERPRISE\n }\n });\n } else if ('phoneSignInInfo' in newRequest) {\n const recaptchaToken = (\n newRequest as unknown as StartPhoneMfaSignInRequest\n ).phoneSignInInfo.recaptchaToken;\n\n Object.assign(newRequest, {\n 'phoneSignInInfo': {\n recaptchaToken,\n captchaResponse,\n 'clientType': RecaptchaClientType.WEB,\n 'recaptchaVersion': RecaptchaVersion.ENTERPRISE\n }\n });\n }\n return newRequest;\n }\n\n if (!isCaptchaResp) {\n Object.assign(newRequest, { captchaResponse });\n } else {\n Object.assign(newRequest, { 'captchaResp': captchaResponse });\n }\n Object.assign(newRequest, { 'clientType': RecaptchaClientType.WEB });\n Object.assign(newRequest, {\n 'recaptchaVersion': RecaptchaVersion.ENTERPRISE\n });\n return newRequest;\n}\n\ntype ActionMethod<TRequest, TResponse> = (\n auth: AuthInternal,\n request: TRequest\n) => Promise<TResponse>;\n\nexport async function handleRecaptchaFlow<TRequest extends object, TResponse>(\n authInstance: AuthInternal,\n request: TRequest,\n actionName: RecaptchaActionName,\n actionMethod: ActionMethod<TRequest, TResponse>,\n recaptchaAuthProvider: RecaptchaAuthProvider\n): Promise<TResponse> {\n if (recaptchaAuthProvider === RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER) {\n if (\n authInstance\n ._getRecaptchaConfig()\n ?.isProviderEnabled(RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER)\n ) {\n const requestWithRecaptcha = await injectRecaptchaFields(\n authInstance,\n request,\n actionName,\n actionName === RecaptchaActionName.GET_OOB_CODE\n );\n return actionMethod(authInstance, requestWithRecaptcha);\n } else {\n return actionMethod(authInstance, request).catch(async error => {\n if (error.code === `auth/${AuthErrorCode.MISSING_RECAPTCHA_TOKEN}`) {\n console.log(\n `${actionName} is protected by reCAPTCHA Enterprise for this project. Automatically triggering the reCAPTCHA flow and restarting the flow.`\n );\n const requestWithRecaptcha = await injectRecaptchaFields(\n authInstance,\n request,\n actionName,\n actionName === RecaptchaActionName.GET_OOB_CODE\n );\n return actionMethod(authInstance, requestWithRecaptcha);\n } else {\n return Promise.reject(error);\n }\n });\n }\n } else if (recaptchaAuthProvider === RecaptchaAuthProvider.PHONE_PROVIDER) {\n if (\n authInstance\n ._getRecaptchaConfig()\n ?.isProviderEnabled(RecaptchaAuthProvider.PHONE_PROVIDER)\n ) {\n const requestWithRecaptcha = await injectRecaptchaFields(\n authInstance,\n request,\n actionName\n );\n\n return actionMethod(authInstance, requestWithRecaptcha).catch(\n async error => {\n if (\n authInstance\n ._getRecaptchaConfig()\n ?.getProviderEnforcementState(\n RecaptchaAuthProvider.PHONE_PROVIDER\n ) === EnforcementState.AUDIT\n ) {\n // AUDIT mode\n if (\n error.code === `auth/${AuthErrorCode.MISSING_RECAPTCHA_TOKEN}` ||\n error.code === `auth/${AuthErrorCode.INVALID_APP_CREDENTIAL}`\n ) {\n console.log(\n `Failed to verify with reCAPTCHA Enterprise. Automatically triggering the reCAPTCHA v2 flow to complete the ${actionName} flow.`\n );\n // reCAPTCHA Enterprise token is missing or reCAPTCHA Enterprise token\n // check fails.\n // Fallback to reCAPTCHA v2 flow.\n const requestWithRecaptchaFields = await injectRecaptchaFields(\n authInstance,\n request,\n actionName,\n false, // isCaptchaResp\n true // isFakeToken\n );\n // This will call the PhoneApiCaller to fetch and inject reCAPTCHA v2 token.\n return actionMethod(authInstance, requestWithRecaptchaFields);\n }\n }\n // ENFORCE mode or AUDIT mode with any other error.\n return Promise.reject(error);\n }\n );\n } else {\n // Do reCAPTCHA v2 flow.\n const requestWithRecaptchaFields = await injectRecaptchaFields(\n authInstance,\n request,\n actionName,\n false, // isCaptchaResp\n true // isFakeToken\n );\n\n // This will call the PhoneApiCaller to fetch and inject v2 token.\n return actionMethod(authInstance, requestWithRecaptchaFields);\n }\n } else {\n return Promise.reject(\n recaptchaAuthProvider + ' provider is not supported.'\n );\n }\n}\n\nexport async function _initializeRecaptchaConfig(auth: Auth): Promise<void> {\n const authInternal = _castAuth(auth);\n\n const response = await getRecaptchaConfig(authInternal, {\n clientType: RecaptchaClientType.WEB,\n version: RecaptchaVersion.ENTERPRISE\n });\n\n const config = new RecaptchaConfig(response);\n if (authInternal.tenantId == null) {\n authInternal._agentRecaptchaConfig = config;\n } else {\n authInternal._tenantRecaptchaConfigs[authInternal.tenantId] = config;\n }\n\n if (config.isAnyProviderEnabled()) {\n const verifier = new RecaptchaEnterpriseVerifier(authInternal);\n void verifier.verify();\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { _getProvider, FirebaseApp } from '@firebase/app';\nimport { deepEqual } from '@firebase/util';\nimport { Auth, Dependencies } from '../../model/public_types';\n\nimport { AuthErrorCode } from '../errors';\nimport { PersistenceInternal } from '../persistence';\nimport { _fail } from '../util/assert';\nimport { _getInstance } from '../util/instantiator';\nimport { AuthImpl } from './auth_impl';\n\n/**\n * Initializes an {@link Auth} instance with fine-grained control over\n * {@link Dependencies}.\n *\n * @remarks\n *\n * This function allows more control over the {@link Auth} instance than\n * {@link getAuth}. `getAuth` uses platform-specific defaults to supply\n * the {@link Dependencies}. In general, `getAuth` is the easiest way to\n * initialize Auth and works for most use cases. Use `initializeAuth` if you\n * need control over which persistence layer is used, or to minimize bundle\n * size if you're not using either `signInWithPopup` or `signInWithRedirect`.\n *\n * For example, if your app only uses anonymous accounts and you only want\n * accounts saved for the current session, initialize `Auth` with:\n *\n * ```js\n * const auth = initializeAuth(app, {\n * persistence: browserSessionPersistence,\n * popupRedirectResolver: undefined,\n * });\n * ```\n *\n * @public\n */\nexport function initializeAuth(app: FirebaseApp, deps?: Dependencies): Auth {\n const provider = _getProvider(app, 'auth');\n\n if (provider.isInitialized()) {\n const auth = provider.getImmediate() as AuthImpl;\n const initialOptions = provider.getOptions() as Dependencies;\n if (deepEqual(initialOptions, deps ?? {})) {\n return auth;\n } else {\n _fail(auth, AuthErrorCode.ALREADY_INITIALIZED);\n }\n }\n\n const auth = provider.initialize({ options: deps }) as AuthImpl;\n\n return auth;\n}\n\nexport function _initializeAuthInstance(\n auth: AuthImpl,\n deps?: Dependencies\n): void {\n const persistence = deps?.persistence || [];\n const hierarchy = (\n Array.isArray(persistence) ? persistence : [persistence]\n ).map<PersistenceInternal>(_getInstance);\n if (deps?.errorMap) {\n auth._updateErrorMap(deps.errorMap);\n }\n\n // This promise is intended to float; auth initialization happens in the\n // background, meanwhile the auth object may be used by the app.\n // eslint-disable-next-line @typescript-eslint/no-floating-promises\n auth._initializeWithPersistence(hierarchy, deps?.popupRedirectResolver);\n}\n","/**\n * @license\n * Copyright 2021 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { Auth } from '../../model/public_types';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from '../util/assert';\nimport { _castAuth } from './auth_impl';\nimport {\n deepEqual,\n isCloudWorkstation,\n pingServer,\n updateEmulatorBanner\n} from '@firebase/util';\n\n/**\n * Changes the {@link Auth} instance to communicate with the Firebase Auth Emulator, instead of production\n * Firebase Auth services.\n *\n * @remarks\n * This must be called synchronously immediately following the first call to\n * {@link initializeAuth}. Do not use with production credentials as emulator\n * traffic is not encrypted.\n *\n *\n * @example\n * ```javascript\n * connectAuthEmulator(auth, 'http://127.0.0.1:9099', { disableWarnings: true });\n * ```\n *\n * @param auth - The {@link Auth} instance.\n * @param url - The URL at which the emulator is running (eg, 'http://localhost:9099').\n * @param options - Optional. `options.disableWarnings` defaults to `false`. Set it to\n * `true` to disable the warning banner attached to the DOM.\n *\n * @public\n */\nexport function connectAuthEmulator(\n auth: Auth,\n url: string,\n options?: { disableWarnings: boolean }\n): void {\n const authInternal = _castAuth(auth);\n _assert(\n /^https?:\\/\\//.test(url),\n authInternal,\n AuthErrorCode.INVALID_EMULATOR_SCHEME\n );\n\n const disableWarnings = !!options?.disableWarnings;\n\n const protocol = extractProtocol(url);\n const { host, port } = extractHostAndPort(url);\n const portStr = port === null ? '' : `:${port}`;\n\n // Always replace path with \"/\" (even if input url had no path at all, or had a different one).\n const emulator = { url: `${protocol}//${host}${portStr}/` };\n const emulatorConfig = Object.freeze({\n host,\n port,\n protocol: protocol.replace(':', ''),\n options: Object.freeze({ disableWarnings })\n });\n\n // There are a few scenarios to guard against if the Auth instance has already started:\n if (!authInternal._canInitEmulator) {\n // Applications may not initialize the emulator for the first time if Auth has already started\n // to make network requests.\n _assert(\n authInternal.config.emulator && authInternal.emulatorConfig,\n authInternal,\n AuthErrorCode.EMULATOR_CONFIG_FAILED\n );\n\n // Applications may not alter the configuration of the emulator (aka pass a different config)\n // once Auth has started to make network requests.\n _assert(\n deepEqual(emulator, authInternal.config.emulator) &&\n deepEqual(emulatorConfig, authInternal.emulatorConfig),\n authInternal,\n AuthErrorCode.EMULATOR_CONFIG_FAILED\n );\n\n // It's valid, however, to invoke connectAuthEmulator() after Auth has started making\n // connections, so long as the config matches the existing config. This results in a no-op.\n return;\n }\n\n authInternal.config.emulator = emulator;\n authInternal.emulatorConfig = emulatorConfig;\n authInternal.settings.appVerificationDisabledForTesting = true;\n\n // Workaround to get cookies in Firebase Studio\n if (isCloudWorkstation(host)) {\n void pingServer(`${protocol}//${host}${portStr}`);\n updateEmulatorBanner('Auth', true);\n } else if (!disableWarnings) {\n emitEmulatorWarning();\n }\n}\n\nfunction extractProtocol(url: string): string {\n const protocolEnd = url.indexOf(':');\n return protocolEnd < 0 ? '' : url.substr(0, protocolEnd + 1);\n}\n\nfunction extractHostAndPort(url: string): {\n host: string;\n port: number | null;\n} {\n const protocol = extractProtocol(url);\n const authority = /(\\/\\/)?([^?#/]+)/.exec(url.substr(protocol.length)); // Between // and /, ? or #.\n if (!authority) {\n return { host: '', port: null };\n }\n const hostAndPort = authority[2].split('@').pop() || ''; // Strip out \"username:password@\".\n const bracketedIPv6 = /^(\\[[^\\]]+\\])(:|$)/.exec(hostAndPort);\n if (bracketedIPv6) {\n const host = bracketedIPv6[1];\n return { host, port: parsePort(hostAndPort.substr(host.length + 1)) };\n } else {\n const [host, port] = hostAndPort.split(':');\n return { host, port: parsePort(port) };\n }\n}\n\nfunction parsePort(portStr: string): number | null {\n if (!portStr) {\n return null;\n }\n const port = Number(portStr);\n if (isNaN(port)) {\n return null;\n }\n return port;\n}\n\nfunction emitEmulatorWarning(): void {\n function attachBanner(): void {\n const el = document.createElement('p');\n const sty = el.style;\n el.innerText =\n 'Running in emulator mode. Do not use with production credentials.';\n sty.position = 'fixed';\n sty.width = '100%';\n sty.backgroundColor = '#ffffff';\n sty.border = '.1em solid #000000';\n sty.color = '#b50000';\n sty.bottom = '0px';\n sty.left = '0px';\n sty.margin = '0px';\n sty.zIndex = '10000';\n sty.textAlign = 'center';\n el.classList.add('firebase-emulator-warning');\n document.body.appendChild(el);\n }\n\n if (typeof console !== 'undefined' && typeof console.info === 'function') {\n console.info(\n 'WARNING: You are using the Auth Emulator,' +\n ' which is intended for local testing only. Do not use with' +\n ' production credentials.'\n );\n }\n if (typeof window !== 'undefined' && typeof document !== 'undefined') {\n if (document.readyState === 'loading') {\n window.addEventListener('DOMContentLoaded', attachBanner);\n } else {\n attachBanner();\n }\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { PhoneOrOauthTokenResponse } from '../../api/authentication/mfa';\nimport { AuthInternal } from '../../model/auth';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { debugFail } from '../util/assert';\n\n/**\n * Interface that represents the credentials returned by an {@link AuthProvider}.\n *\n * @remarks\n * Implementations specify the details about each auth provider's credential requirements.\n *\n * @public\n */\nexport class AuthCredential {\n /** @internal */\n protected constructor(\n /**\n * The authentication provider ID for the credential.\n *\n * @remarks\n * For example, 'facebook.com', or 'google.com'.\n */\n readonly providerId: string,\n /**\n * The authentication sign in method for the credential.\n *\n * @remarks\n * For example, {@link SignInMethod}.EMAIL_PASSWORD, or\n * {@link SignInMethod}.EMAIL_LINK. This corresponds to the sign-in method\n * identifier as returned in {@link fetchSignInMethodsForEmail}.\n */\n readonly signInMethod: string\n ) {}\n\n /**\n * Returns a JSON-serializable representation of this object.\n *\n * @returns a JSON-serializable representation of this object.\n */\n toJSON(): object {\n return debugFail('not implemented');\n }\n\n /** @internal */\n _getIdTokenResponse(_auth: AuthInternal): Promise<PhoneOrOauthTokenResponse> {\n return debugFail('not implemented');\n }\n /** @internal */\n _linkToIdToken(\n _auth: AuthInternal,\n _idToken: string\n ): Promise<IdTokenResponse> {\n return debugFail('not implemented');\n }\n /** @internal */\n _getReauthenticationResolver(_auth: AuthInternal): Promise<IdTokenResponse> {\n return debugFail('not implemented');\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { ActionCodeOperation, Auth } from '../../model/public_types';\n\nimport {\n Endpoint,\n HttpMethod,\n _addTidIfNecessary,\n _performApiRequest\n} from '../index';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { MfaEnrollment } from './mfa';\nimport { SignUpRequest, SignUpResponse } from '../authentication/sign_up';\n\nexport interface ResetPasswordRequest {\n oobCode: string;\n newPassword?: string;\n tenantId?: string;\n}\n\nexport interface ResetPasswordResponse {\n email: string;\n newEmail?: string;\n requestType?: ActionCodeOperation;\n mfaInfo?: MfaEnrollment;\n}\n\nexport async function resetPassword(\n auth: Auth,\n request: ResetPasswordRequest\n): Promise<ResetPasswordResponse> {\n return _performApiRequest<ResetPasswordRequest, ResetPasswordResponse>(\n auth,\n HttpMethod.POST,\n Endpoint.RESET_PASSWORD,\n _addTidIfNecessary(auth, request)\n );\n}\nexport interface UpdateEmailPasswordRequest {\n idToken: string;\n returnSecureToken?: boolean;\n email?: string;\n password?: string;\n}\n\nexport interface UpdateEmailPasswordResponse extends IdTokenResponse {}\n\nexport async function updateEmailPassword(\n auth: Auth,\n request: UpdateEmailPasswordRequest\n): Promise<UpdateEmailPasswordResponse> {\n return _performApiRequest<\n UpdateEmailPasswordRequest,\n UpdateEmailPasswordResponse\n >(auth, HttpMethod.POST, Endpoint.SET_ACCOUNT_INFO, request);\n}\n\n// Used for linking an email/password account to an existing idToken. Uses the same request/response\n// format as updateEmailPassword.\nexport async function linkEmailPassword(\n auth: Auth,\n request: SignUpRequest\n): Promise<SignUpResponse> {\n return _performApiRequest<SignUpRequest, SignUpResponse>(\n auth,\n HttpMethod.POST,\n Endpoint.SIGN_UP,\n request\n );\n}\n\nexport interface ApplyActionCodeRequest {\n oobCode: string;\n tenantId?: string;\n}\n\nexport interface ApplyActionCodeResponse {}\n\nexport async function applyActionCode(\n auth: Auth,\n request: ApplyActionCodeRequest\n): Promise<ApplyActionCodeResponse> {\n return _performApiRequest<ApplyActionCodeRequest, ApplyActionCodeResponse>(\n auth,\n HttpMethod.POST,\n Endpoint.SET_ACCOUNT_INFO,\n _addTidIfNecessary(auth, request)\n );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { ActionCodeOperation, Auth } from '../../model/public_types';\n\nimport {\n Endpoint,\n HttpMethod,\n RecaptchaClientType,\n RecaptchaVersion,\n _addTidIfNecessary,\n _performApiRequest,\n _performSignInRequest\n} from '../index';\nimport { IdToken, IdTokenResponse } from '../../model/id_token';\n\nexport interface SignInWithPasswordRequest {\n returnSecureToken?: boolean;\n email: string;\n password: string;\n tenantId?: string;\n captchaResponse?: string;\n clientType?: RecaptchaClientType;\n recaptchaVersion?: RecaptchaVersion;\n}\n\nexport interface SignInWithPasswordResponse extends IdTokenResponse {\n email: string;\n displayName: string;\n}\n\nexport async function signInWithPassword(\n auth: Auth,\n request: SignInWithPasswordRequest\n): Promise<SignInWithPasswordResponse> {\n return _performSignInRequest<\n SignInWithPasswordRequest,\n SignInWithPasswordResponse\n >(\n auth,\n HttpMethod.POST,\n Endpoint.SIGN_IN_WITH_PASSWORD,\n _addTidIfNecessary(auth, request)\n );\n}\n\nexport interface GetOobCodeRequest {\n email?: string; // Everything except VERIFY_AND_CHANGE_EMAIL\n continueUrl?: string;\n iOSBundleId?: string;\n iosAppStoreId?: string;\n androidPackageName?: string;\n androidInstallApp?: boolean;\n androidMinimumVersionCode?: string;\n canHandleCodeInApp?: boolean;\n dynamicLinkDomain?: string;\n tenantId?: string;\n targetProjectid?: string;\n linkDomain?: string;\n}\n\nexport interface VerifyEmailRequest extends GetOobCodeRequest {\n requestType: ActionCodeOperation.VERIFY_EMAIL;\n idToken: IdToken;\n}\n\nexport interface PasswordResetRequest extends GetOobCodeRequest {\n requestType: ActionCodeOperation.PASSWORD_RESET;\n email: string;\n captchaResp?: string;\n clientType?: RecaptchaClientType;\n recaptchaVersion?: RecaptchaVersion;\n}\n\nexport interface EmailSignInRequest extends GetOobCodeRequest {\n requestType: ActionCodeOperation.EMAIL_SIGNIN;\n email: string;\n captchaResp?: string;\n clientType?: RecaptchaClientType;\n recaptchaVersion?: RecaptchaVersion;\n}\n\nexport interface VerifyAndChangeEmailRequest extends GetOobCodeRequest {\n requestType: ActionCodeOperation.VERIFY_AND_CHANGE_EMAIL;\n idToken: IdToken;\n newEmail: string;\n}\n\ninterface GetOobCodeResponse {\n email: string;\n}\n\nexport interface VerifyEmailResponse extends GetOobCodeResponse {}\nexport interface PasswordResetResponse extends GetOobCodeResponse {}\nexport interface EmailSignInResponse extends GetOobCodeResponse {}\nexport interface VerifyAndChangeEmailResponse extends GetOobCodeRequest {}\n\nasync function sendOobCode(\n auth: Auth,\n request: GetOobCodeRequest\n): Promise<GetOobCodeResponse> {\n return _performApiRequest<GetOobCodeRequest, GetOobCodeResponse>(\n auth,\n HttpMethod.POST,\n Endpoint.SEND_OOB_CODE,\n _addTidIfNecessary(auth, request)\n );\n}\n\nexport async function sendEmailVerification(\n auth: Auth,\n request: VerifyEmailRequest\n): Promise<VerifyEmailResponse> {\n return sendOobCode(auth, request);\n}\n\nexport async function sendPasswordResetEmail(\n auth: Auth,\n request: PasswordResetRequest\n): Promise<PasswordResetResponse> {\n return sendOobCode(auth, request);\n}\n\nexport async function sendSignInLinkToEmail(\n auth: Auth,\n request: EmailSignInRequest\n): Promise<EmailSignInResponse> {\n return sendOobCode(auth, request);\n}\n\nexport async function verifyAndChangeEmail(\n auth: Auth,\n request: VerifyAndChangeEmailRequest\n): Promise<VerifyAndChangeEmailResponse> {\n return sendOobCode(auth, request);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n _performSignInRequest,\n Endpoint,\n HttpMethod,\n _addTidIfNecessary\n} from '../index';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { Auth } from '../../model/public_types';\n\nexport interface SignInWithEmailLinkRequest {\n email: string;\n oobCode: string;\n tenantId?: string;\n}\n\nexport interface SignInWithEmailLinkResponse extends IdTokenResponse {\n email: string;\n isNewUser: boolean;\n}\n\nexport async function signInWithEmailLink(\n auth: Auth,\n request: SignInWithEmailLinkRequest\n): Promise<SignInWithEmailLinkResponse> {\n return _performSignInRequest<\n SignInWithEmailLinkRequest,\n SignInWithEmailLinkResponse\n >(\n auth,\n HttpMethod.POST,\n Endpoint.SIGN_IN_WITH_EMAIL_LINK,\n _addTidIfNecessary(auth, request)\n );\n}\n\nexport interface SignInWithEmailLinkForLinkingRequest\n extends SignInWithEmailLinkRequest {\n idToken: string;\n}\n\nexport async function signInWithEmailLinkForLinking(\n auth: Auth,\n request: SignInWithEmailLinkForLinkingRequest\n): Promise<SignInWithEmailLinkResponse> {\n return _performSignInRequest<\n SignInWithEmailLinkForLinkingRequest,\n SignInWithEmailLinkResponse\n >(\n auth,\n HttpMethod.POST,\n Endpoint.SIGN_IN_WITH_EMAIL_LINK,\n _addTidIfNecessary(auth, request)\n );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { ProviderId, SignInMethod } from '../../model/enums';\n\nimport { linkEmailPassword } from '../../api/account_management/email_and_password';\nimport {\n signInWithPassword,\n SignInWithPasswordRequest\n} from '../../api/authentication/email_and_password';\nimport {\n signInWithEmailLink,\n signInWithEmailLinkForLinking\n} from '../../api/authentication/email_link';\nimport { AuthInternal } from '../../model/auth';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { AuthErrorCode } from '../errors';\nimport { _fail } from '../util/assert';\nimport { AuthCredential } from './auth_credential';\nimport { handleRecaptchaFlow } from '../../platform_browser/recaptcha/recaptcha_enterprise_verifier';\nimport {\n RecaptchaActionName,\n RecaptchaClientType,\n RecaptchaAuthProvider\n} from '../../api';\nimport { SignUpRequest } from '../../api/authentication/sign_up';\n/**\n * Interface that represents the credentials returned by {@link EmailAuthProvider} for\n * {@link ProviderId}.PASSWORD\n *\n * @remarks\n * Covers both {@link SignInMethod}.EMAIL_PASSWORD and\n * {@link SignInMethod}.EMAIL_LINK.\n *\n * @public\n */\nexport class EmailAuthCredential extends AuthCredential {\n /** @internal */\n private constructor(\n /** @internal */\n readonly _email: string,\n /** @internal */\n readonly _password: string,\n signInMethod: SignInMethod,\n /** @internal */\n readonly _tenantId: string | null = null\n ) {\n super(ProviderId.PASSWORD, signInMethod);\n }\n\n /** @internal */\n static _fromEmailAndPassword(\n email: string,\n password: string\n ): EmailAuthCredential {\n return new EmailAuthCredential(\n email,\n password,\n SignInMethod.EMAIL_PASSWORD\n );\n }\n\n /** @internal */\n static _fromEmailAndCode(\n email: string,\n oobCode: string,\n tenantId: string | null = null\n ): EmailAuthCredential {\n return new EmailAuthCredential(\n email,\n oobCode,\n SignInMethod.EMAIL_LINK,\n tenantId\n );\n }\n\n /** {@inheritdoc AuthCredential.toJSON} */\n toJSON(): object {\n return {\n email: this._email,\n password: this._password,\n signInMethod: this.signInMethod,\n tenantId: this._tenantId\n };\n }\n\n /**\n * Static method to deserialize a JSON representation of an object into an {@link AuthCredential}.\n *\n * @param json - Either `object` or the stringified representation of the object. When string is\n * provided, `JSON.parse` would be called first.\n *\n * @returns If the JSON input does not represent an {@link AuthCredential}, null is returned.\n */\n static fromJSON(json: object | string): EmailAuthCredential | null {\n const obj = typeof json === 'string' ? JSON.parse(json) : json;\n if (obj?.email && obj?.password) {\n if (obj.signInMethod === SignInMethod.EMAIL_PASSWORD) {\n return this._fromEmailAndPassword(obj.email, obj.password);\n } else if (obj.signInMethod === SignInMethod.EMAIL_LINK) {\n return this._fromEmailAndCode(obj.email, obj.password, obj.tenantId);\n }\n }\n return null;\n }\n\n /** @internal */\n async _getIdTokenResponse(auth: AuthInternal): Promise<IdTokenResponse> {\n switch (this.signInMethod) {\n case SignInMethod.EMAIL_PASSWORD:\n const request: SignInWithPasswordRequest = {\n returnSecureToken: true,\n email: this._email,\n password: this._password,\n clientType: RecaptchaClientType.WEB\n };\n return handleRecaptchaFlow(\n auth,\n request,\n RecaptchaActionName.SIGN_IN_WITH_PASSWORD,\n signInWithPassword,\n RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER\n );\n case SignInMethod.EMAIL_LINK:\n return signInWithEmailLink(auth, {\n email: this._email,\n oobCode: this._password\n });\n default:\n _fail(auth, AuthErrorCode.INTERNAL_ERROR);\n }\n }\n\n /** @internal */\n async _linkToIdToken(\n auth: AuthInternal,\n idToken: string\n ): Promise<IdTokenResponse> {\n switch (this.signInMethod) {\n case SignInMethod.EMAIL_PASSWORD:\n const request: SignUpRequest = {\n idToken,\n returnSecureToken: true,\n email: this._email,\n password: this._password,\n clientType: RecaptchaClientType.WEB\n };\n return handleRecaptchaFlow(\n auth,\n request,\n RecaptchaActionName.SIGN_UP_PASSWORD,\n linkEmailPassword,\n RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER\n );\n case SignInMethod.EMAIL_LINK:\n return signInWithEmailLinkForLinking(auth, {\n idToken,\n email: this._email,\n oobCode: this._password\n });\n default:\n _fail(auth, AuthErrorCode.INTERNAL_ERROR);\n }\n }\n\n /** @internal */\n _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse> {\n return this._getIdTokenResponse(auth);\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n Endpoint,\n HttpMethod,\n _addTidIfNecessary,\n _performSignInRequest\n} from '../index';\nimport { IdToken, IdTokenResponse } from '../../model/id_token';\nimport { Auth } from '../../model/public_types';\n\nexport interface SignInWithIdpRequest {\n requestUri: string;\n postBody?: string;\n sessionId?: string;\n tenantId?: string;\n returnSecureToken: boolean;\n returnIdpCredential?: boolean;\n idToken?: IdToken;\n autoCreate?: boolean;\n pendingToken?: string;\n}\n\n/**\n * @internal\n */\nexport interface SignInWithIdpResponse extends IdTokenResponse {\n oauthAccessToken?: string;\n oauthTokenSecret?: string;\n nonce?: string;\n oauthIdToken?: string;\n pendingToken?: string;\n}\n\nexport async function signInWithIdp(\n auth: Auth,\n request: SignInWithIdpRequest\n): Promise<SignInWithIdpResponse> {\n return _performSignInRequest<SignInWithIdpRequest, SignInWithIdpResponse>(\n auth,\n HttpMethod.POST,\n Endpoint.SIGN_IN_WITH_IDP,\n _addTidIfNecessary(auth, request)\n );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { querystring } from '@firebase/util';\n\nimport {\n signInWithIdp,\n SignInWithIdpRequest\n} from '../../api/authentication/idp';\nimport { AuthInternal } from '../../model/auth';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { AuthErrorCode } from '../errors';\nimport { _fail } from '../util/assert';\nimport { AuthCredential } from './auth_credential';\n\nconst IDP_REQUEST_URI = 'http://localhost';\n\nexport interface OAuthCredentialParams {\n // OAuth 2 uses either id token or access token\n idToken?: string | null;\n accessToken?: string | null;\n\n // These fields are used with OAuth 1\n oauthToken?: string;\n secret?: string;\n oauthTokenSecret?: string;\n\n // Nonce is only set if pendingToken is not present\n nonce?: string;\n pendingToken?: string;\n\n // Utilities\n providerId: string;\n signInMethod: string;\n}\n\n/**\n * Represents the OAuth credentials returned by an {@link OAuthProvider}.\n *\n * @remarks\n * Implementations specify the details about each auth provider's credential requirements.\n *\n * @public\n */\nexport class OAuthCredential extends AuthCredential {\n /**\n * The OAuth ID token associated with the credential if it belongs to an OIDC provider,\n * such as `google.com`.\n * @readonly\n */\n idToken?: string;\n /**\n * The OAuth access token associated with the credential if it belongs to an\n * {@link OAuthProvider}, such as `facebook.com`, `twitter.com`, etc.\n * @readonly\n */\n accessToken?: string;\n /**\n * The OAuth access token secret associated with the credential if it belongs to an OAuth 1.0\n * provider, such as `twitter.com`.\n * @readonly\n */\n secret?: string;\n\n private nonce?: string;\n private pendingToken: string | null = null;\n\n /** @internal */\n static _fromParams(params: OAuthCredentialParams): OAuthCredential {\n const cred = new OAuthCredential(params.providerId, params.signInMethod);\n\n if (params.idToken || params.accessToken) {\n // OAuth 2 and either ID token or access token.\n if (params.idToken) {\n cred.idToken = params.idToken;\n }\n\n if (params.accessToken) {\n cred.accessToken = params.accessToken;\n }\n\n // Add nonce if available and no pendingToken is present.\n if (params.nonce && !params.pendingToken) {\n cred.nonce = params.nonce;\n }\n\n if (params.pendingToken) {\n cred.pendingToken = params.pendingToken;\n }\n } else if (params.oauthToken && params.oauthTokenSecret) {\n // OAuth 1 and OAuth token with token secret\n cred.accessToken = params.oauthToken;\n cred.secret = params.oauthTokenSecret;\n } else {\n _fail(AuthErrorCode.ARGUMENT_ERROR);\n }\n\n return cred;\n }\n\n /** {@inheritdoc AuthCredential.toJSON} */\n toJSON(): object {\n return {\n idToken: this.idToken,\n accessToken: this.accessToken,\n secret: this.secret,\n nonce: this.nonce,\n pendingToken: this.pendingToken,\n providerId: this.providerId,\n signInMethod: this.signInMethod\n };\n }\n\n /**\n * Static method to deserialize a JSON representation of an object into an\n * {@link AuthCredential}.\n *\n * @param json - Input can be either Object or the stringified representation of the object.\n * When string is provided, JSON.parse would be called first.\n *\n * @returns If the JSON input does not represent an {@link AuthCredential}, null is returned.\n */\n static fromJSON(json: string | object): OAuthCredential | null {\n const obj = typeof json === 'string' ? JSON.parse(json) : json;\n const { providerId, signInMethod, ...rest }: OAuthCredentialParams = obj;\n if (!providerId || !signInMethod) {\n return null;\n }\n\n const cred = new OAuthCredential(providerId, signInMethod);\n cred.idToken = rest.idToken || undefined;\n cred.accessToken = rest.accessToken || undefined;\n cred.secret = rest.secret;\n cred.nonce = rest.nonce;\n cred.pendingToken = rest.pendingToken || null;\n return cred;\n }\n\n /** @internal */\n _getIdTokenResponse(auth: AuthInternal): Promise<IdTokenResponse> {\n const request = this.buildRequest();\n return signInWithIdp(auth, request);\n }\n\n /** @internal */\n _linkToIdToken(\n auth: AuthInternal,\n idToken: string\n ): Promise<IdTokenResponse> {\n const request = this.buildRequest();\n request.idToken = idToken;\n return signInWithIdp(auth, request);\n }\n\n /** @internal */\n _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse> {\n const request = this.buildRequest();\n request.autoCreate = false;\n return signInWithIdp(auth, request);\n }\n\n private buildRequest(): SignInWithIdpRequest {\n const request: SignInWithIdpRequest = {\n requestUri: IDP_REQUEST_URI,\n returnSecureToken: true\n };\n\n if (this.pendingToken) {\n request.pendingToken = this.pendingToken;\n } else {\n const postBody: Record<string, string> = {};\n if (this.idToken) {\n postBody['id_token'] = this.idToken;\n }\n if (this.accessToken) {\n postBody['access_token'] = this.accessToken;\n }\n if (this.secret) {\n postBody['oauth_token_secret'] = this.secret;\n }\n\n postBody['providerId'] = this.providerId;\n if (this.nonce && !this.pendingToken) {\n postBody['nonce'] = this.nonce;\n }\n\n request.postBody = querystring(postBody);\n }\n\n return request;\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n Endpoint,\n HttpMethod,\n RecaptchaClientType,\n RecaptchaVersion,\n _addTidIfNecessary,\n _makeTaggedError,\n _performApiRequest,\n _performSignInRequest\n} from '../index';\nimport { AuthErrorCode } from '../../core/errors';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { ServerError, ServerErrorMap } from '../errors';\nimport { Auth } from '../../model/public_types';\n\nexport interface SendPhoneVerificationCodeRequest {\n phoneNumber: string;\n // reCAPTCHA v2 token\n recaptchaToken?: string;\n tenantId?: string;\n // reCAPTCHA Enterprise token\n captchaResponse?: string;\n clientType?: RecaptchaClientType;\n recaptchaVersion?: RecaptchaVersion;\n}\n\nexport interface SendPhoneVerificationCodeResponse {\n sessionInfo: string;\n}\n\nexport async function sendPhoneVerificationCode(\n auth: Auth,\n request: SendPhoneVerificationCodeRequest\n): Promise<SendPhoneVerificationCodeResponse> {\n return _performApiRequest<\n SendPhoneVerificationCodeRequest,\n SendPhoneVerificationCodeResponse\n >(\n auth,\n HttpMethod.POST,\n Endpoint.SEND_VERIFICATION_CODE,\n _addTidIfNecessary(auth, request)\n );\n}\n\n/**\n * @internal\n */\nexport interface SignInWithPhoneNumberRequest {\n temporaryProof?: string;\n phoneNumber?: string;\n sessionInfo?: string;\n code?: string;\n tenantId?: string;\n}\n\nexport interface LinkWithPhoneNumberRequest\n extends SignInWithPhoneNumberRequest {\n idToken: string;\n}\n\n/**\n * @internal\n */\nexport interface SignInWithPhoneNumberResponse extends IdTokenResponse {\n temporaryProof?: string;\n phoneNumber?: string;\n}\n\nexport async function signInWithPhoneNumber(\n auth: Auth,\n request: SignInWithPhoneNumberRequest\n): Promise<SignInWithPhoneNumberResponse> {\n return _performSignInRequest<\n SignInWithPhoneNumberRequest,\n SignInWithPhoneNumberResponse\n >(\n auth,\n HttpMethod.POST,\n Endpoint.SIGN_IN_WITH_PHONE_NUMBER,\n _addTidIfNecessary(auth, request)\n );\n}\n\nexport async function linkWithPhoneNumber(\n auth: Auth,\n request: LinkWithPhoneNumberRequest\n): Promise<SignInWithPhoneNumberResponse> {\n const response = await _performSignInRequest<\n LinkWithPhoneNumberRequest,\n SignInWithPhoneNumberResponse\n >(\n auth,\n HttpMethod.POST,\n Endpoint.SIGN_IN_WITH_PHONE_NUMBER,\n _addTidIfNecessary(auth, request)\n );\n if (response.temporaryProof) {\n throw _makeTaggedError(auth, AuthErrorCode.NEED_CONFIRMATION, response);\n }\n return response;\n}\n\ninterface VerifyPhoneNumberForExistingRequest\n extends SignInWithPhoneNumberRequest {\n operation: 'REAUTH';\n}\n\nconst VERIFY_PHONE_NUMBER_FOR_EXISTING_ERROR_MAP_: Partial<\n ServerErrorMap<ServerError>\n> = {\n [ServerError.USER_NOT_FOUND]: AuthErrorCode.USER_DELETED\n};\n\nexport async function verifyPhoneNumberForExisting(\n auth: Auth,\n request: SignInWithPhoneNumberRequest\n): Promise<SignInWithPhoneNumberResponse> {\n const apiRequest: VerifyPhoneNumberForExistingRequest = {\n ...request,\n operation: 'REAUTH'\n };\n return _performSignInRequest<\n VerifyPhoneNumberForExistingRequest,\n SignInWithPhoneNumberResponse\n >(\n auth,\n HttpMethod.POST,\n Endpoint.SIGN_IN_WITH_PHONE_NUMBER,\n _addTidIfNecessary(auth, apiRequest),\n VERIFY_PHONE_NUMBER_FOR_EXISTING_ERROR_MAP_\n );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { ProviderId, SignInMethod } from '../../model/enums';\n\nimport { PhoneOrOauthTokenResponse } from '../../api/authentication/mfa';\nimport {\n linkWithPhoneNumber,\n signInWithPhoneNumber,\n SignInWithPhoneNumberRequest,\n verifyPhoneNumberForExisting\n} from '../../api/authentication/sms';\nimport { AuthInternal } from '../../model/auth';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { AuthCredential } from './auth_credential';\n\nexport interface PhoneAuthCredentialParameters {\n verificationId?: string;\n verificationCode?: string;\n phoneNumber?: string;\n temporaryProof?: string;\n}\n\n/**\n * Represents the credentials returned by {@link PhoneAuthProvider}.\n *\n * @public\n */\nexport class PhoneAuthCredential extends AuthCredential {\n private constructor(private readonly params: PhoneAuthCredentialParameters) {\n super(ProviderId.PHONE, SignInMethod.PHONE);\n }\n\n /** @internal */\n static _fromVerification(\n verificationId: string,\n verificationCode: string\n ): PhoneAuthCredential {\n return new PhoneAuthCredential({ verificationId, verificationCode });\n }\n\n /** @internal */\n static _fromTokenResponse(\n phoneNumber: string,\n temporaryProof: string\n ): PhoneAuthCredential {\n return new PhoneAuthCredential({ phoneNumber, temporaryProof });\n }\n\n /** @internal */\n _getIdTokenResponse(auth: AuthInternal): Promise<PhoneOrOauthTokenResponse> {\n return signInWithPhoneNumber(auth, this._makeVerificationRequest());\n }\n\n /** @internal */\n _linkToIdToken(\n auth: AuthInternal,\n idToken: string\n ): Promise<IdTokenResponse> {\n return linkWithPhoneNumber(auth, {\n idToken,\n ...this._makeVerificationRequest()\n });\n }\n\n /** @internal */\n _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse> {\n return verifyPhoneNumberForExisting(auth, this._makeVerificationRequest());\n }\n\n /** @internal */\n _makeVerificationRequest(): SignInWithPhoneNumberRequest {\n const { temporaryProof, phoneNumber, verificationId, verificationCode } =\n this.params;\n if (temporaryProof && phoneNumber) {\n return { temporaryProof, phoneNumber };\n }\n\n return {\n sessionInfo: verificationId,\n code: verificationCode\n };\n }\n\n /** {@inheritdoc AuthCredential.toJSON} */\n toJSON(): object {\n const obj: Record<string, string> = {\n providerId: this.providerId\n };\n if (this.params.phoneNumber) {\n obj.phoneNumber = this.params.phoneNumber;\n }\n if (this.params.temporaryProof) {\n obj.temporaryProof = this.params.temporaryProof;\n }\n if (this.params.verificationCode) {\n obj.verificationCode = this.params.verificationCode;\n }\n if (this.params.verificationId) {\n obj.verificationId = this.params.verificationId;\n }\n\n return obj;\n }\n\n /** Generates a phone credential based on a plain object or a JSON string. */\n static fromJSON(json: object | string): PhoneAuthCredential | null {\n if (typeof json === 'string') {\n json = JSON.parse(json);\n }\n\n const { verificationId, verificationCode, phoneNumber, temporaryProof } =\n json as { [key: string]: string };\n if (\n !verificationCode &&\n !verificationId &&\n !phoneNumber &&\n !temporaryProof\n ) {\n return null;\n }\n\n return new PhoneAuthCredential({\n verificationId,\n verificationCode,\n phoneNumber,\n temporaryProof\n });\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { extractQuerystring, querystringDecode } from '@firebase/util';\nimport { ActionCodeOperation } from '../model/public_types';\nimport { AuthErrorCode } from './errors';\nimport { _assert } from './util/assert';\n\n/**\n * Enums for fields in URL query string.\n *\n * @enum {string}\n */\nconst enum QueryField {\n API_KEY = 'apiKey',\n CODE = 'oobCode',\n CONTINUE_URL = 'continueUrl',\n LANGUAGE_CODE = 'lang',\n MODE = 'mode',\n TENANT_ID = 'tenantId'\n}\n\n/**\n * Maps the mode string in action code URL to Action Code Info operation.\n *\n * @param mode\n */\nfunction parseMode(mode: string | null): ActionCodeOperation | null {\n switch (mode) {\n case 'recoverEmail':\n return ActionCodeOperation.RECOVER_EMAIL;\n case 'resetPassword':\n return ActionCodeOperation.PASSWORD_RESET;\n case 'signIn':\n return ActionCodeOperation.EMAIL_SIGNIN;\n case 'verifyEmail':\n return ActionCodeOperation.VERIFY_EMAIL;\n case 'verifyAndChangeEmail':\n return ActionCodeOperation.VERIFY_AND_CHANGE_EMAIL;\n case 'revertSecondFactorAddition':\n return ActionCodeOperation.REVERT_SECOND_FACTOR_ADDITION;\n default:\n return null;\n }\n}\n\n/**\n * Helper to parse FDL links\n *\n * @param url\n */\nfunction parseDeepLink(url: string): string {\n const link = querystringDecode(extractQuerystring(url))['link'];\n\n // Double link case (automatic redirect).\n const doubleDeepLink = link\n ? querystringDecode(extractQuerystring(link))['deep_link_id']\n : null;\n // iOS custom scheme links.\n const iOSDeepLink = querystringDecode(extractQuerystring(url))[\n 'deep_link_id'\n ];\n const iOSDoubleDeepLink = iOSDeepLink\n ? querystringDecode(extractQuerystring(iOSDeepLink))['link']\n : null;\n return iOSDoubleDeepLink || iOSDeepLink || doubleDeepLink || link || url;\n}\n\n/**\n * A utility class to parse email action URLs such as password reset, email verification,\n * email link sign in, etc.\n *\n * @public\n */\nexport class ActionCodeURL {\n /**\n * The API key of the email action link.\n */\n readonly apiKey: string;\n /**\n * The action code of the email action link.\n */\n readonly code: string;\n /**\n * The continue URL of the email action link. Null if not provided.\n */\n readonly continueUrl: string | null;\n /**\n * The language code of the email action link. Null if not provided.\n */\n readonly languageCode: string | null;\n /**\n * The action performed by the email action link. It returns from one of the types from\n * {@link ActionCodeInfo}\n */\n readonly operation: string;\n /**\n * The tenant ID of the email action link. Null if the email action is from the parent project.\n */\n readonly tenantId: string | null;\n\n /**\n * @param actionLink - The link from which to extract the URL.\n * @returns The {@link ActionCodeURL} object, or null if the link is invalid.\n *\n * @internal\n */\n constructor(actionLink: string) {\n const searchParams = querystringDecode(extractQuerystring(actionLink));\n const apiKey = searchParams[QueryField.API_KEY] ?? null;\n const code = searchParams[QueryField.CODE] ?? null;\n const operation = parseMode(searchParams[QueryField.MODE] ?? null);\n // Validate API key, code and mode.\n _assert(apiKey && code && operation, AuthErrorCode.ARGUMENT_ERROR);\n this.apiKey = apiKey;\n this.operation = operation;\n this.code = code;\n this.continueUrl = searchParams[QueryField.CONTINUE_URL] ?? null;\n this.languageCode = searchParams[QueryField.LANGUAGE_CODE] ?? null;\n this.tenantId = searchParams[QueryField.TENANT_ID] ?? null;\n }\n\n /**\n * Parses the email action link string and returns an {@link ActionCodeURL} if the link is valid,\n * otherwise returns null.\n *\n * @param link - The email action link string.\n * @returns The {@link ActionCodeURL} object, or null if the link is invalid.\n *\n * @public\n */\n static parseLink(link: string): ActionCodeURL | null {\n const actionLink = parseDeepLink(link);\n try {\n return new ActionCodeURL(actionLink);\n } catch {\n return null;\n }\n }\n}\n\n/**\n * Parses the email action link string and returns an {@link ActionCodeURL} if\n * the link is valid, otherwise returns null.\n *\n * @public\n */\nexport function parseActionCodeURL(link: string): ActionCodeURL | null {\n return ActionCodeURL.parseLink(link);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { ProviderId, SignInMethod } from '../../model/enums';\nimport { AuthProvider } from '../../model/public_types';\n\nimport { ActionCodeURL } from '../action_code_url';\nimport { EmailAuthCredential } from '../credentials/email';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from '../util/assert';\n\n/**\n * Provider for generating {@link EmailAuthCredential}.\n *\n * @public\n */\nexport class EmailAuthProvider implements AuthProvider {\n /**\n * Always set to {@link ProviderId}.PASSWORD, even for email link.\n */\n static readonly PROVIDER_ID: 'password' = ProviderId.PASSWORD;\n /**\n * Always set to {@link SignInMethod}.EMAIL_PASSWORD.\n */\n static readonly EMAIL_PASSWORD_SIGN_IN_METHOD: 'password' =\n SignInMethod.EMAIL_PASSWORD;\n /**\n * Always set to {@link SignInMethod}.EMAIL_LINK.\n */\n static readonly EMAIL_LINK_SIGN_IN_METHOD: 'emailLink' =\n SignInMethod.EMAIL_LINK;\n /**\n * Always set to {@link ProviderId}.PASSWORD, even for email link.\n */\n readonly providerId = EmailAuthProvider.PROVIDER_ID;\n\n /**\n * Initialize an {@link AuthCredential} using an email and password.\n *\n * @example\n * ```javascript\n * const authCredential = EmailAuthProvider.credential(email, password);\n * const userCredential = await signInWithCredential(auth, authCredential);\n * ```\n *\n * @example\n * ```javascript\n * const userCredential = await signInWithEmailAndPassword(auth, email, password);\n * ```\n *\n * @param email - Email address.\n * @param password - User account password.\n * @returns The auth provider credential.\n */\n static credential(email: string, password: string): EmailAuthCredential {\n return EmailAuthCredential._fromEmailAndPassword(email, password);\n }\n\n /**\n * Initialize an {@link AuthCredential} using an email and an email link after a sign in with\n * email link operation.\n *\n * @example\n * ```javascript\n * const authCredential = EmailAuthProvider.credentialWithLink(auth, email, emailLink);\n * const userCredential = await signInWithCredential(auth, authCredential);\n * ```\n *\n * @example\n * ```javascript\n * await sendSignInLinkToEmail(auth, email);\n * // Obtain emailLink from user.\n * const userCredential = await signInWithEmailLink(auth, email, emailLink);\n * ```\n *\n * @param auth - The {@link Auth} instance used to verify the link.\n * @param email - Email address.\n * @param emailLink - Sign-in email link.\n * @returns - The auth provider credential.\n */\n static credentialWithLink(\n email: string,\n emailLink: string\n ): EmailAuthCredential {\n const actionCodeUrl = ActionCodeURL.parseLink(emailLink);\n _assert(actionCodeUrl, AuthErrorCode.ARGUMENT_ERROR);\n\n return EmailAuthCredential._fromEmailAndCode(\n email,\n actionCodeUrl.code,\n actionCodeUrl.tenantId\n );\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthProvider } from '../../model/public_types';\n\n/**\n * Map of OAuth Custom Parameters.\n *\n * @public\n */\nexport type CustomParameters = Record<string, string>;\n\n/**\n * The base class for all Federated providers (OAuth (including OIDC), SAML).\n *\n * This class is not meant to be instantiated directly.\n *\n * @public\n */\nexport abstract class FederatedAuthProvider implements AuthProvider {\n /** @internal */\n defaultLanguageCode: string | null = null;\n /** @internal */\n private customParameters: CustomParameters = {};\n\n /**\n * Constructor for generic OAuth providers.\n *\n * @param providerId - Provider for which credentials should be generated.\n */\n constructor(readonly providerId: string) {}\n\n /**\n * Set the language gode.\n *\n * @param languageCode - language code\n */\n setDefaultLanguage(languageCode: string | null): void {\n this.defaultLanguageCode = languageCode;\n }\n\n /**\n * Sets the OAuth custom parameters to pass in an OAuth request for popup and redirect sign-in\n * operations.\n *\n * @remarks\n * For a detailed list, check the reserved required OAuth 2.0 parameters such as `client_id`,\n * `redirect_uri`, `scope`, `response_type`, and `state` are not allowed and will be ignored.\n *\n * @param customOAuthParameters - The custom OAuth parameters to pass in the OAuth request.\n */\n setCustomParameters(customOAuthParameters: CustomParameters): AuthProvider {\n this.customParameters = customOAuthParameters;\n return this;\n }\n\n /**\n * Retrieve the current list of {@link CustomParameters}.\n */\n getCustomParameters(): CustomParameters {\n return this.customParameters;\n }\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthProvider, UserCredential } from '../../model/public_types';\n\nimport { _assert } from '../util/assert';\nimport { AuthErrorCode } from '../errors';\n\nimport { OAuthCredential, OAuthCredentialParams } from '../credentials/oauth';\nimport { UserCredentialInternal } from '../../model/user';\nimport { FirebaseError } from '@firebase/util';\nimport { TaggedWithTokenResponse } from '../../model/id_token';\nimport { SignInWithIdpResponse } from '../../../internal';\nimport { FederatedAuthProvider } from './federated';\n\n/**\n * Defines the options for initializing an {@link OAuthCredential}.\n *\n * @remarks\n * For ID tokens with nonce claim, the raw nonce has to also be provided.\n *\n * @public\n */\nexport interface OAuthCredentialOptions {\n /**\n * The OAuth ID token used to initialize the {@link OAuthCredential}.\n */\n idToken?: string;\n /**\n * The OAuth access token used to initialize the {@link OAuthCredential}.\n */\n accessToken?: string;\n /**\n * The raw nonce associated with the ID token.\n *\n * @remarks\n * It is required when an ID token with a nonce field is provided. The SHA-256 hash of the\n * raw nonce must match the nonce field in the ID token.\n */\n rawNonce?: string;\n}\n\n/**\n * Common code to all OAuth providers. This is separate from the\n * {@link OAuthProvider} so that child providers (like\n * {@link GoogleAuthProvider}) don't inherit the `credential` instance method.\n * Instead, they rely on a static `credential` method.\n */\nexport abstract class BaseOAuthProvider\n extends FederatedAuthProvider\n implements AuthProvider\n{\n /** @internal */\n private scopes: string[] = [];\n\n /**\n * Add an OAuth scope to the credential.\n *\n * @param scope - Provider OAuth scope to add.\n */\n addScope(scope: string): AuthProvider {\n // If not already added, add scope to list.\n if (!this.scopes.includes(scope)) {\n this.scopes.push(scope);\n }\n return this;\n }\n\n /**\n * Retrieve the current list of OAuth scopes.\n */\n getScopes(): string[] {\n return [...this.scopes];\n }\n}\n\n/**\n * Provider for generating generic {@link OAuthCredential}.\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new OAuthProvider('google.com');\n * // Start a sign in process for an unauthenticated user.\n * provider.addScope('profile');\n * provider.addScope('email');\n * await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * if (result) {\n * // This is the signed-in user\n * const user = result.user;\n * // This gives you a OAuth Access Token for the provider.\n * const credential = provider.credentialFromResult(auth, result);\n * const token = credential.accessToken;\n * }\n * ```\n *\n * @example\n * ```javascript\n * // Sign in using a popup.\n * const provider = new OAuthProvider('google.com');\n * provider.addScope('profile');\n * provider.addScope('email');\n * const result = await signInWithPopup(auth, provider);\n *\n * // The signed-in user info.\n * const user = result.user;\n * // This gives you a OAuth Access Token for the provider.\n * const credential = provider.credentialFromResult(auth, result);\n * const token = credential.accessToken;\n * ```\n * @public\n */\nexport class OAuthProvider extends BaseOAuthProvider {\n /**\n * Creates an {@link OAuthCredential} from a JSON string or a plain object.\n * @param json - A plain object or a JSON string\n */\n static credentialFromJSON(json: object | string): OAuthCredential {\n const obj = typeof json === 'string' ? JSON.parse(json) : json;\n _assert(\n 'providerId' in obj && 'signInMethod' in obj,\n AuthErrorCode.ARGUMENT_ERROR\n );\n return OAuthCredential._fromParams(obj);\n }\n\n /**\n * Creates a {@link OAuthCredential} from a generic OAuth provider's access token or ID token.\n *\n * @remarks\n * The raw nonce is required when an ID token with a nonce field is provided. The SHA-256 hash of\n * the raw nonce must match the nonce field in the ID token.\n *\n * @example\n * ```javascript\n * // `googleUser` from the onsuccess Google Sign In callback.\n * // Initialize a generate OAuth provider with a `google.com` providerId.\n * const provider = new OAuthProvider('google.com');\n * const credential = provider.credential({\n * idToken: googleUser.getAuthResponse().id_token,\n * });\n * const result = await signInWithCredential(credential);\n * ```\n *\n * @param params - Either the options object containing the ID token, access token and raw nonce\n * or the ID token string.\n */\n credential(params: OAuthCredentialOptions): OAuthCredential {\n return this._credential({ ...params, nonce: params.rawNonce });\n }\n\n /** An internal credential method that accepts more permissive options */\n private _credential(\n params: Omit<OAuthCredentialParams, 'signInMethod' | 'providerId'>\n ): OAuthCredential {\n _assert(params.idToken || params.accessToken, AuthErrorCode.ARGUMENT_ERROR);\n // For OAuthCredential, sign in method is same as providerId.\n return OAuthCredential._fromParams({\n ...params,\n providerId: this.providerId,\n signInMethod: this.providerId\n });\n }\n\n /**\n * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}.\n *\n * @param userCredential - The user credential.\n */\n static credentialFromResult(\n userCredential: UserCredential\n ): OAuthCredential | null {\n return OAuthProvider.oauthCredentialFromTaggedObject(\n userCredential as UserCredentialInternal\n );\n }\n /**\n * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was\n * thrown during a sign-in, link, or reauthenticate operation.\n *\n * @param userCredential - The user credential.\n */\n static credentialFromError(error: FirebaseError): OAuthCredential | null {\n return OAuthProvider.oauthCredentialFromTaggedObject(\n (error.customData || {}) as TaggedWithTokenResponse\n );\n }\n\n private static oauthCredentialFromTaggedObject({\n _tokenResponse: tokenResponse\n }: TaggedWithTokenResponse): OAuthCredential | null {\n if (!tokenResponse) {\n return null;\n }\n\n const {\n oauthIdToken,\n oauthAccessToken,\n oauthTokenSecret,\n pendingToken,\n nonce,\n providerId\n } = tokenResponse as SignInWithIdpResponse;\n if (\n !oauthAccessToken &&\n !oauthTokenSecret &&\n !oauthIdToken &&\n !pendingToken\n ) {\n return null;\n }\n\n if (!providerId) {\n return null;\n }\n\n try {\n return new OAuthProvider(providerId)._credential({\n idToken: oauthIdToken,\n accessToken: oauthAccessToken,\n nonce,\n pendingToken\n });\n } catch (e) {\n return null;\n }\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { UserCredential } from '../../model/public_types';\nimport { FirebaseError } from '@firebase/util';\n\nimport { TaggedWithTokenResponse } from '../../model/id_token';\nimport { UserCredentialInternal } from '../../model/user';\nimport { OAuthCredential } from '../credentials/oauth';\nimport { BaseOAuthProvider } from './oauth';\nimport { ProviderId, SignInMethod } from '../../model/enums';\n\n/**\n * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.FACEBOOK.\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new FacebookAuthProvider();\n * // Start a sign in process for an unauthenticated user.\n * provider.addScope('user_birthday');\n * await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * if (result) {\n * // This is the signed-in user\n * const user = result.user;\n * // This gives you a Facebook Access Token.\n * const credential = FacebookAuthProvider.credentialFromResult(result);\n * const token = credential.accessToken;\n * }\n * ```\n *\n * @example\n * ```javascript\n * // Sign in using a popup.\n * const provider = new FacebookAuthProvider();\n * provider.addScope('user_birthday');\n * const result = await signInWithPopup(auth, provider);\n *\n * // The signed-in user info.\n * const user = result.user;\n * // This gives you a Facebook Access Token.\n * const credential = FacebookAuthProvider.credentialFromResult(result);\n * const token = credential.accessToken;\n * ```\n *\n * @public\n */\nexport class FacebookAuthProvider extends BaseOAuthProvider {\n /** Always set to {@link SignInMethod}.FACEBOOK. */\n static readonly FACEBOOK_SIGN_IN_METHOD: 'facebook.com' =\n SignInMethod.FACEBOOK;\n /** Always set to {@link ProviderId}.FACEBOOK. */\n static readonly PROVIDER_ID: 'facebook.com' = ProviderId.FACEBOOK;\n\n constructor() {\n super(ProviderId.FACEBOOK);\n }\n\n /**\n * Creates a credential for Facebook.\n *\n * @example\n * ```javascript\n * // `event` from the Facebook auth.authResponseChange callback.\n * const credential = FacebookAuthProvider.credential(event.authResponse.accessToken);\n * const result = await signInWithCredential(credential);\n * ```\n *\n * @param accessToken - Facebook access token.\n */\n static credential(accessToken: string): OAuthCredential {\n return OAuthCredential._fromParams({\n providerId: FacebookAuthProvider.PROVIDER_ID,\n signInMethod: FacebookAuthProvider.FACEBOOK_SIGN_IN_METHOD,\n accessToken\n });\n }\n\n /**\n * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}.\n *\n * @param userCredential - The user credential.\n */\n static credentialFromResult(\n userCredential: UserCredential\n ): OAuthCredential | null {\n return FacebookAuthProvider.credentialFromTaggedObject(\n userCredential as UserCredentialInternal\n );\n }\n\n /**\n * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was\n * thrown during a sign-in, link, or reauthenticate operation.\n *\n * @param userCredential - The user credential.\n */\n static credentialFromError(error: FirebaseError): OAuthCredential | null {\n return FacebookAuthProvider.credentialFromTaggedObject(\n (error.customData || {}) as TaggedWithTokenResponse\n );\n }\n\n private static credentialFromTaggedObject({\n _tokenResponse: tokenResponse\n }: TaggedWithTokenResponse): OAuthCredential | null {\n if (!tokenResponse || !('oauthAccessToken' in tokenResponse)) {\n return null;\n }\n\n if (!tokenResponse.oauthAccessToken) {\n return null;\n }\n\n try {\n return FacebookAuthProvider.credential(tokenResponse.oauthAccessToken);\n } catch {\n return null;\n }\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { UserCredential } from '../../model/public_types';\nimport { FirebaseError } from '@firebase/util';\n\nimport { SignInWithIdpResponse } from '../../api/authentication/idp';\nimport { TaggedWithTokenResponse } from '../../model/id_token';\nimport { UserCredentialInternal } from '../../model/user';\nimport { OAuthCredential } from '../credentials/oauth';\nimport { BaseOAuthProvider } from './oauth';\nimport { ProviderId, SignInMethod } from '../../model/enums';\n\n/**\n * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.GOOGLE.\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new GoogleAuthProvider();\n * // Start a sign in process for an unauthenticated user.\n * provider.addScope('profile');\n * provider.addScope('email');\n * await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * if (result) {\n * // This is the signed-in user\n * const user = result.user;\n * // This gives you a Google Access Token.\n * const credential = GoogleAuthProvider.credentialFromResult(result);\n * const token = credential.accessToken;\n * }\n * ```\n *\n * @example\n * ```javascript\n * // Sign in using a popup.\n * const provider = new GoogleAuthProvider();\n * provider.addScope('profile');\n * provider.addScope('email');\n * const result = await signInWithPopup(auth, provider);\n *\n * // The signed-in user info.\n * const user = result.user;\n * // This gives you a Google Access Token.\n * const credential = GoogleAuthProvider.credentialFromResult(result);\n * const token = credential.accessToken;\n * ```\n *\n * @public\n */\nexport class GoogleAuthProvider extends BaseOAuthProvider {\n /** Always set to {@link SignInMethod}.GOOGLE. */\n static readonly GOOGLE_SIGN_IN_METHOD: 'google.com' = SignInMethod.GOOGLE;\n /** Always set to {@link ProviderId}.GOOGLE. */\n static readonly PROVIDER_ID: 'google.com' = ProviderId.GOOGLE;\n\n constructor() {\n super(ProviderId.GOOGLE);\n this.addScope('profile');\n }\n\n /**\n * Creates a credential for Google. At least one of ID token and access token is required.\n *\n * @example\n * ```javascript\n * // \\`googleUser\\` from the onsuccess Google Sign In callback.\n * const credential = GoogleAuthProvider.credential(googleUser.getAuthResponse().id_token);\n * const result = await signInWithCredential(credential);\n * ```\n *\n * @param idToken - Google ID token.\n * @param accessToken - Google access token.\n */\n static credential(\n idToken?: string | null,\n accessToken?: string | null\n ): OAuthCredential {\n return OAuthCredential._fromParams({\n providerId: GoogleAuthProvider.PROVIDER_ID,\n signInMethod: GoogleAuthProvider.GOOGLE_SIGN_IN_METHOD,\n idToken,\n accessToken\n });\n }\n\n /**\n * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}.\n *\n * @param userCredential - The user credential.\n */\n static credentialFromResult(\n userCredential: UserCredential\n ): OAuthCredential | null {\n return GoogleAuthProvider.credentialFromTaggedObject(\n userCredential as UserCredentialInternal\n );\n }\n /**\n * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was\n * thrown during a sign-in, link, or reauthenticate operation.\n *\n * @param userCredential - The user credential.\n */\n static credentialFromError(error: FirebaseError): OAuthCredential | null {\n return GoogleAuthProvider.credentialFromTaggedObject(\n (error.customData || {}) as TaggedWithTokenResponse\n );\n }\n\n private static credentialFromTaggedObject({\n _tokenResponse: tokenResponse\n }: TaggedWithTokenResponse): OAuthCredential | null {\n if (!tokenResponse) {\n return null;\n }\n\n const { oauthIdToken, oauthAccessToken } =\n tokenResponse as SignInWithIdpResponse;\n if (!oauthIdToken && !oauthAccessToken) {\n // This could be an oauth 1 credential or a phone credential\n return null;\n }\n\n try {\n return GoogleAuthProvider.credential(oauthIdToken, oauthAccessToken);\n } catch {\n return null;\n }\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { UserCredential } from '../../model/public_types';\nimport { FirebaseError } from '@firebase/util';\n\nimport { TaggedWithTokenResponse } from '../../model/id_token';\nimport { UserCredentialInternal } from '../../model/user';\nimport { OAuthCredential } from '../credentials/oauth';\nimport { BaseOAuthProvider } from './oauth';\nimport { ProviderId, SignInMethod } from '../../model/enums';\n\n/**\n * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.GITHUB.\n *\n * @remarks\n * GitHub requires an OAuth 2.0 redirect, so you can either handle the redirect directly, or use\n * the {@link signInWithPopup} handler:\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new GithubAuthProvider();\n * // Start a sign in process for an unauthenticated user.\n * provider.addScope('repo');\n * await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * if (result) {\n * // This is the signed-in user\n * const user = result.user;\n * // This gives you a GitHub Access Token.\n * const credential = GithubAuthProvider.credentialFromResult(result);\n * const token = credential.accessToken;\n * }\n * ```\n *\n * @example\n * ```javascript\n * // Sign in using a popup.\n * const provider = new GithubAuthProvider();\n * provider.addScope('repo');\n * const result = await signInWithPopup(auth, provider);\n *\n * // The signed-in user info.\n * const user = result.user;\n * // This gives you a GitHub Access Token.\n * const credential = GithubAuthProvider.credentialFromResult(result);\n * const token = credential.accessToken;\n * ```\n * @public\n */\nexport class GithubAuthProvider extends BaseOAuthProvider {\n /** Always set to {@link SignInMethod}.GITHUB. */\n static readonly GITHUB_SIGN_IN_METHOD: 'github.com' = SignInMethod.GITHUB;\n /** Always set to {@link ProviderId}.GITHUB. */\n static readonly PROVIDER_ID: 'github.com' = ProviderId.GITHUB;\n\n constructor() {\n super(ProviderId.GITHUB);\n }\n\n /**\n * Creates a credential for GitHub.\n *\n * @param accessToken - GitHub access token.\n */\n static credential(accessToken: string): OAuthCredential {\n return OAuthCredential._fromParams({\n providerId: GithubAuthProvider.PROVIDER_ID,\n signInMethod: GithubAuthProvider.GITHUB_SIGN_IN_METHOD,\n accessToken\n });\n }\n\n /**\n * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}.\n *\n * @param userCredential - The user credential.\n */\n static credentialFromResult(\n userCredential: UserCredential\n ): OAuthCredential | null {\n return GithubAuthProvider.credentialFromTaggedObject(\n userCredential as UserCredentialInternal\n );\n }\n\n /**\n * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was\n * thrown during a sign-in, link, or reauthenticate operation.\n *\n * @param userCredential - The user credential.\n */\n static credentialFromError(error: FirebaseError): OAuthCredential | null {\n return GithubAuthProvider.credentialFromTaggedObject(\n (error.customData || {}) as TaggedWithTokenResponse\n );\n }\n\n private static credentialFromTaggedObject({\n _tokenResponse: tokenResponse\n }: TaggedWithTokenResponse): OAuthCredential | null {\n if (!tokenResponse || !('oauthAccessToken' in tokenResponse)) {\n return null;\n }\n\n if (!tokenResponse.oauthAccessToken) {\n return null;\n }\n\n try {\n return GithubAuthProvider.credential(tokenResponse.oauthAccessToken);\n } catch {\n return null;\n }\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\n/**\n * Represents the SAML credentials returned by an {@link SAMLAuthProvider}.\n *\n * @public\n */\n\nimport {\n signInWithIdp,\n SignInWithIdpRequest\n} from '../../api/authentication/idp';\nimport { AuthInternal } from '../../model/auth';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { AuthCredential } from './auth_credential';\n\nconst IDP_REQUEST_URI = 'http://localhost';\n\n/**\n * @public\n */\nexport class SAMLAuthCredential extends AuthCredential {\n /** @internal */\n private constructor(\n providerId: string,\n private readonly pendingToken: string\n ) {\n super(providerId, providerId);\n }\n\n /** @internal */\n _getIdTokenResponse(auth: AuthInternal): Promise<IdTokenResponse> {\n const request = this.buildRequest();\n return signInWithIdp(auth, request);\n }\n\n /** @internal */\n _linkToIdToken(\n auth: AuthInternal,\n idToken: string\n ): Promise<IdTokenResponse> {\n const request = this.buildRequest();\n request.idToken = idToken;\n return signInWithIdp(auth, request);\n }\n\n /** @internal */\n _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse> {\n const request = this.buildRequest();\n request.autoCreate = false;\n return signInWithIdp(auth, request);\n }\n\n /** {@inheritdoc AuthCredential.toJSON} */\n toJSON(): object {\n return {\n signInMethod: this.signInMethod,\n providerId: this.providerId,\n pendingToken: this.pendingToken\n };\n }\n\n /**\n * Static method to deserialize a JSON representation of an object into an\n * {@link AuthCredential}.\n *\n * @param json - Input can be either Object or the stringified representation of the object.\n * When string is provided, JSON.parse would be called first.\n *\n * @returns If the JSON input does not represent an {@link AuthCredential}, null is returned.\n */\n static fromJSON(json: string | object): SAMLAuthCredential | null {\n const obj = typeof json === 'string' ? JSON.parse(json) : json;\n const { providerId, signInMethod, pendingToken }: Record<string, string> =\n obj;\n if (\n !providerId ||\n !signInMethod ||\n !pendingToken ||\n providerId !== signInMethod\n ) {\n return null;\n }\n\n return new SAMLAuthCredential(providerId, pendingToken);\n }\n\n /**\n * Helper static method to avoid exposing the constructor to end users.\n *\n * @internal\n */\n static _create(providerId: string, pendingToken: string): SAMLAuthCredential {\n return new SAMLAuthCredential(providerId, pendingToken);\n }\n\n private buildRequest(): SignInWithIdpRequest {\n return {\n requestUri: IDP_REQUEST_URI,\n returnSecureToken: true,\n pendingToken: this.pendingToken\n };\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { FirebaseError } from '@firebase/util';\nimport { SignInWithIdpResponse } from '../../api/authentication/idp';\nimport { TaggedWithTokenResponse } from '../../model/id_token';\nimport { UserCredential } from '../../model/public_types';\nimport { UserCredentialInternal } from '../../model/user';\nimport { AuthCredential } from '../credentials';\nimport { SAMLAuthCredential } from '../credentials/saml';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from '../util/assert';\nimport { FederatedAuthProvider } from './federated';\n\nconst SAML_PROVIDER_PREFIX = 'saml.';\n\n/**\n * An {@link AuthProvider} for SAML.\n *\n * @public\n */\nexport class SAMLAuthProvider extends FederatedAuthProvider {\n /**\n * Constructor. The providerId must start with \"saml.\"\n * @param providerId - SAML provider ID.\n */\n constructor(providerId: string) {\n _assert(\n providerId.startsWith(SAML_PROVIDER_PREFIX),\n AuthErrorCode.ARGUMENT_ERROR\n );\n super(providerId);\n }\n\n /**\n * Generates an {@link AuthCredential} from a {@link UserCredential} after a\n * successful SAML flow completes.\n *\n * @remarks\n *\n * For example, to get an {@link AuthCredential}, you could write the\n * following code:\n *\n * ```js\n * const userCredential = await signInWithPopup(auth, samlProvider);\n * const credential = SAMLAuthProvider.credentialFromResult(userCredential);\n * ```\n *\n * @param userCredential - The user credential.\n */\n static credentialFromResult(\n userCredential: UserCredential\n ): AuthCredential | null {\n return SAMLAuthProvider.samlCredentialFromTaggedObject(\n userCredential as UserCredentialInternal\n );\n }\n\n /**\n * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was\n * thrown during a sign-in, link, or reauthenticate operation.\n *\n * @param userCredential - The user credential.\n */\n static credentialFromError(error: FirebaseError): AuthCredential | null {\n return SAMLAuthProvider.samlCredentialFromTaggedObject(\n (error.customData || {}) as TaggedWithTokenResponse\n );\n }\n\n /**\n * Creates an {@link AuthCredential} from a JSON string or a plain object.\n * @param json - A plain object or a JSON string\n */\n static credentialFromJSON(json: string | object): AuthCredential {\n const credential = SAMLAuthCredential.fromJSON(json);\n _assert(credential, AuthErrorCode.ARGUMENT_ERROR);\n return credential;\n }\n\n private static samlCredentialFromTaggedObject({\n _tokenResponse: tokenResponse\n }: TaggedWithTokenResponse): SAMLAuthCredential | null {\n if (!tokenResponse) {\n return null;\n }\n\n const { pendingToken, providerId } = tokenResponse as SignInWithIdpResponse;\n\n if (!pendingToken || !providerId) {\n return null;\n }\n\n try {\n return SAMLAuthCredential._create(providerId, pendingToken);\n } catch (e) {\n return null;\n }\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\n/**\n * @license\n * Copyright 2020 Twitter LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { UserCredential } from '../../model/public_types';\nimport { FirebaseError } from '@firebase/util';\n\nimport { SignInWithIdpResponse } from '../../api/authentication/idp';\nimport { TaggedWithTokenResponse } from '../../model/id_token';\nimport { UserCredentialInternal } from '../../model/user';\nimport { OAuthCredential } from '../credentials/oauth';\nimport { BaseOAuthProvider } from './oauth';\nimport { ProviderId, SignInMethod } from '../../model/enums';\n\n/**\n * Provider for generating an {@link OAuthCredential} for {@link ProviderId}.TWITTER.\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new TwitterAuthProvider();\n * // Start a sign in process for an unauthenticated user.\n * await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * if (result) {\n * // This is the signed-in user\n * const user = result.user;\n * // This gives you a Twitter Access Token and Secret.\n * const credential = TwitterAuthProvider.credentialFromResult(result);\n * const token = credential.accessToken;\n * const secret = credential.secret;\n * }\n * ```\n *\n * @example\n * ```javascript\n * // Sign in using a popup.\n * const provider = new TwitterAuthProvider();\n * const result = await signInWithPopup(auth, provider);\n *\n * // The signed-in user info.\n * const user = result.user;\n * // This gives you a Twitter Access Token and Secret.\n * const credential = TwitterAuthProvider.credentialFromResult(result);\n * const token = credential.accessToken;\n * const secret = credential.secret;\n * ```\n *\n * @public\n */\nexport class TwitterAuthProvider extends BaseOAuthProvider {\n /** Always set to {@link SignInMethod}.TWITTER. */\n static readonly TWITTER_SIGN_IN_METHOD: 'twitter.com' = SignInMethod.TWITTER;\n /** Always set to {@link ProviderId}.TWITTER. */\n static readonly PROVIDER_ID: 'twitter.com' = ProviderId.TWITTER;\n\n constructor() {\n super(ProviderId.TWITTER);\n }\n\n /**\n * Creates a credential for Twitter.\n *\n * @param token - Twitter access token.\n * @param secret - Twitter secret.\n */\n static credential(token: string, secret: string): OAuthCredential {\n return OAuthCredential._fromParams({\n providerId: TwitterAuthProvider.PROVIDER_ID,\n signInMethod: TwitterAuthProvider.TWITTER_SIGN_IN_METHOD,\n oauthToken: token,\n oauthTokenSecret: secret\n });\n }\n\n /**\n * Used to extract the underlying {@link OAuthCredential} from a {@link UserCredential}.\n *\n * @param userCredential - The user credential.\n */\n static credentialFromResult(\n userCredential: UserCredential\n ): OAuthCredential | null {\n return TwitterAuthProvider.credentialFromTaggedObject(\n userCredential as UserCredentialInternal\n );\n }\n\n /**\n * Used to extract the underlying {@link OAuthCredential} from a {@link AuthError} which was\n * thrown during a sign-in, link, or reauthenticate operation.\n *\n * @param userCredential - The user credential.\n */\n static credentialFromError(error: FirebaseError): OAuthCredential | null {\n return TwitterAuthProvider.credentialFromTaggedObject(\n (error.customData || {}) as TaggedWithTokenResponse\n );\n }\n\n private static credentialFromTaggedObject({\n _tokenResponse: tokenResponse\n }: TaggedWithTokenResponse): OAuthCredential | null {\n if (!tokenResponse) {\n return null;\n }\n const { oauthAccessToken, oauthTokenSecret } =\n tokenResponse as SignInWithIdpResponse;\n if (!oauthAccessToken || !oauthTokenSecret) {\n return null;\n }\n\n try {\n return TwitterAuthProvider.credential(oauthAccessToken, oauthTokenSecret);\n } catch {\n return null;\n }\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n Endpoint,\n HttpMethod,\n RecaptchaClientType,\n RecaptchaVersion,\n _addTidIfNecessary,\n _performSignInRequest\n} from '../index';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { Auth } from '../../model/public_types';\n\nexport interface SignUpRequest {\n idToken?: string;\n returnSecureToken?: boolean;\n email?: string;\n password?: string;\n tenantId?: string;\n captchaResponse?: string;\n clientType?: RecaptchaClientType;\n recaptchaVersion?: RecaptchaVersion;\n}\n\nexport interface SignUpResponse extends IdTokenResponse {\n displayName?: string;\n email?: string;\n}\n\nexport async function signUp(\n auth: Auth,\n request: SignUpRequest\n): Promise<SignUpResponse> {\n return _performSignInRequest<SignUpRequest, SignUpResponse>(\n auth,\n HttpMethod.POST,\n Endpoint.SIGN_UP,\n _addTidIfNecessary(auth, request)\n );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { PhoneOrOauthTokenResponse } from '../../api/authentication/mfa';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { UserInternal, UserCredentialInternal } from '../../model/user';\nimport { UserImpl } from './user_impl';\nimport { AuthInternal } from '../../model/auth';\nimport { OperationType, ProviderId } from '../../model/enums';\n\ninterface UserCredentialParams {\n readonly user: UserInternal;\n readonly providerId: ProviderId | string | null;\n readonly _tokenResponse?: PhoneOrOauthTokenResponse;\n readonly operationType: OperationType;\n}\n\nexport class UserCredentialImpl\n implements UserCredentialInternal, UserCredentialParams\n{\n readonly user: UserInternal;\n readonly providerId: ProviderId | string | null;\n readonly _tokenResponse: PhoneOrOauthTokenResponse | undefined;\n readonly operationType: OperationType;\n\n constructor(params: UserCredentialParams) {\n this.user = params.user;\n this.providerId = params.providerId;\n this._tokenResponse = params._tokenResponse;\n this.operationType = params.operationType;\n }\n\n static async _fromIdTokenResponse(\n auth: AuthInternal,\n operationType: OperationType,\n idTokenResponse: IdTokenResponse,\n isAnonymous: boolean = false\n ): Promise<UserCredentialInternal> {\n const user = await UserImpl._fromIdTokenResponse(\n auth,\n idTokenResponse,\n isAnonymous\n );\n const providerId = providerIdForResponse(idTokenResponse);\n const userCred = new UserCredentialImpl({\n user,\n providerId,\n _tokenResponse: idTokenResponse,\n operationType\n });\n return userCred;\n }\n\n static async _forOperation(\n user: UserInternal,\n operationType: OperationType,\n response: PhoneOrOauthTokenResponse\n ): Promise<UserCredentialImpl> {\n await user._updateTokensIfNecessary(response, /* reload */ true);\n const providerId = providerIdForResponse(response);\n return new UserCredentialImpl({\n user,\n providerId,\n _tokenResponse: response,\n operationType\n });\n }\n}\n\nfunction providerIdForResponse(\n response: IdTokenResponse\n): ProviderId | string | null {\n if (response.providerId) {\n return response.providerId;\n }\n\n if ('phoneNumber' in response) {\n return ProviderId.PHONE;\n }\n\n return null;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Auth, UserCredential } from '../../model/public_types';\nimport { signUp } from '../../api/authentication/sign_up';\nimport { UserInternal } from '../../model/user';\nimport { UserCredentialImpl } from '../user/user_credential_impl';\nimport { _castAuth } from '../auth/auth_impl';\nimport { OperationType } from '../../model/enums';\nimport { _isFirebaseServerApp } from '@firebase/app';\nimport { _serverAppCurrentUserOperationNotSupportedError } from '../../core/util/assert';\n\n/**\n * Asynchronously signs in as an anonymous user.\n *\n * @remarks\n * If there is already an anonymous user signed in, that user will be returned; otherwise, a\n * new anonymous user identity will be created and returned.\n *\n * This method is not supported by {@link Auth} instances created with a\n * {@link @firebase/app#FirebaseServerApp}.\n *\n * @param auth - The {@link Auth} instance.\n *\n * @public\n */\nexport async function signInAnonymously(auth: Auth): Promise<UserCredential> {\n if (_isFirebaseServerApp(auth.app)) {\n return Promise.reject(\n _serverAppCurrentUserOperationNotSupportedError(auth)\n );\n }\n const authInternal = _castAuth(auth);\n await authInternal._initializationPromise;\n if (authInternal.currentUser?.isAnonymous) {\n // If an anonymous user is already signed in, no need to sign them in again.\n return new UserCredentialImpl({\n user: authInternal.currentUser as UserInternal,\n providerId: null,\n operationType: OperationType.SIGN_IN\n });\n }\n const response = await signUp(authInternal, {\n returnSecureToken: true\n });\n const userCredential = await UserCredentialImpl._fromIdTokenResponse(\n authInternal,\n OperationType.SIGN_IN,\n response,\n true\n );\n await authInternal._updateCurrentUser(userCredential.user);\n return userCredential;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { MultiFactorError as MultiFactorErrorPublic } from '../model/public_types';\nimport { FirebaseError } from '@firebase/util';\nimport { AuthInternal } from '../model/auth';\nimport { IdTokenResponse } from '../model/id_token';\nimport { AuthErrorCode } from '../core/errors';\nimport { UserInternal } from '../model/user';\nimport { AuthCredential } from '../core/credentials';\nimport { IdTokenMfaResponse } from '../api/authentication/mfa';\nimport { OperationType } from '../model/enums';\n\nexport type MultiFactorErrorData = MultiFactorErrorPublic['customData'] & {\n _serverResponse: IdTokenMfaResponse;\n};\n\nexport class MultiFactorError\n extends FirebaseError\n implements MultiFactorErrorPublic\n{\n readonly customData: MultiFactorErrorData;\n\n private constructor(\n auth: AuthInternal,\n error: FirebaseError,\n readonly operationType: OperationType,\n readonly user?: UserInternal\n ) {\n super(error.code, error.message);\n // https://github.com/Microsoft/TypeScript-wiki/blob/master/Breaking-Changes.md#extending-built-ins-like-error-array-and-map-may-no-longer-work\n Object.setPrototypeOf(this, MultiFactorError.prototype);\n this.customData = {\n appName: auth.name,\n tenantId: auth.tenantId ?? undefined,\n _serverResponse: error.customData!._serverResponse as IdTokenMfaResponse,\n operationType\n };\n }\n\n static _fromErrorAndOperation(\n auth: AuthInternal,\n error: FirebaseError,\n operationType: OperationType,\n user?: UserInternal\n ): MultiFactorError {\n return new MultiFactorError(auth, error, operationType, user);\n }\n}\n\nexport function _processCredentialSavingMfaContextIfNecessary(\n auth: AuthInternal,\n operationType: OperationType,\n credential: AuthCredential,\n user?: UserInternal\n): Promise<IdTokenResponse> {\n const idTokenProvider =\n operationType === OperationType.REAUTHENTICATE\n ? credential._getReauthenticationResolver(auth)\n : credential._getIdTokenResponse(auth);\n\n return idTokenProvider.catch(error => {\n if (error.code === `auth/${AuthErrorCode.MFA_REQUIRED}`) {\n throw MultiFactorError._fromErrorAndOperation(\n auth,\n error,\n operationType,\n user\n );\n }\n\n throw error;\n });\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nexport interface ProviderAssociatedObject {\n providerId?: string;\n}\n\n/**\n * Takes a set of UserInfo provider data and converts it to a set of names\n */\nexport function providerDataAsNames<T extends ProviderAssociatedObject>(\n providerData: T[]\n): Set<string> {\n return new Set(\n providerData\n .map(({ providerId }) => providerId)\n .filter(pid => !!pid) as string[]\n );\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { User } from '../../model/public_types';\n\nimport { deleteLinkedAccounts } from '../../api/account_management/account';\nimport { UserInternal, UserCredentialInternal } from '../../model/user';\nimport { AuthCredential } from '../credentials';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from '../util/assert';\nimport { providerDataAsNames } from '../util/providers';\nimport { _logoutIfInvalidated } from './invalidation';\nimport { _reloadWithoutSaving } from './reload';\nimport { UserCredentialImpl } from './user_credential_impl';\nimport { getModularInstance } from '@firebase/util';\nimport { OperationType, ProviderId } from '../../model/enums';\n\n/**\n * Unlinks a provider from a user account.\n *\n * @param user - The user.\n * @param providerId - The provider to unlink.\n *\n * @public\n */\nexport async function unlink(user: User, providerId: string): Promise<User> {\n const userInternal = getModularInstance(user) as UserInternal;\n await _assertLinkedStatus(true, userInternal, providerId);\n const { providerUserInfo } = await deleteLinkedAccounts(userInternal.auth, {\n idToken: await userInternal.getIdToken(),\n deleteProvider: [providerId]\n });\n\n const providersLeft = providerDataAsNames(providerUserInfo || []);\n\n userInternal.providerData = userInternal.providerData.filter(pd =>\n providersLeft.has(pd.providerId)\n );\n if (!providersLeft.has(ProviderId.PHONE)) {\n userInternal.phoneNumber = null;\n }\n\n await userInternal.auth._persistUserIfCurrent(userInternal);\n return userInternal;\n}\n\nexport async function _link(\n user: UserInternal,\n credential: AuthCredential,\n bypassAuthState = false\n): Promise<UserCredentialInternal> {\n const response = await _logoutIfInvalidated(\n user,\n credential._linkToIdToken(user.auth, await user.getIdToken()),\n bypassAuthState\n );\n return UserCredentialImpl._forOperation(user, OperationType.LINK, response);\n}\n\nexport async function _assertLinkedStatus(\n expected: boolean,\n user: UserInternal,\n provider: string\n): Promise<void> {\n await _reloadWithoutSaving(user);\n const providerIds = providerDataAsNames(user.providerData);\n\n const code =\n expected === false\n ? AuthErrorCode.PROVIDER_ALREADY_LINKED\n : AuthErrorCode.NO_SUCH_PROVIDER;\n _assert(providerIds.has(provider) === expected, user.auth, code);\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { FirebaseError } from '@firebase/util';\nimport { _processCredentialSavingMfaContextIfNecessary } from '../../mfa/mfa_error';\nimport { OperationType } from '../../model/enums';\nimport { UserInternal } from '../../model/user';\nimport { AuthCredential } from '../credentials';\nimport { AuthErrorCode } from '../errors';\nimport { _assert, _fail } from '../util/assert';\nimport { _parseToken } from './id_token_result';\nimport { _logoutIfInvalidated } from './invalidation';\nimport { UserCredentialImpl } from './user_credential_impl';\nimport { _isFirebaseServerApp } from '@firebase/app';\nimport { _serverAppCurrentUserOperationNotSupportedError } from '../../core/util/assert';\n\nexport async function _reauthenticate(\n user: UserInternal,\n credential: AuthCredential,\n bypassAuthState = false\n): Promise<UserCredentialImpl> {\n const { auth } = user;\n if (_isFirebaseServerApp(auth.app)) {\n return Promise.reject(\n _serverAppCurrentUserOperationNotSupportedError(auth)\n );\n }\n const operationType = OperationType.REAUTHENTICATE;\n\n try {\n const response = await _logoutIfInvalidated(\n user,\n _processCredentialSavingMfaContextIfNecessary(\n auth,\n operationType,\n credential,\n user\n ),\n bypassAuthState\n );\n _assert(response.idToken, auth, AuthErrorCode.INTERNAL_ERROR);\n const parsed = _parseToken(response.idToken);\n _assert(parsed, auth, AuthErrorCode.INTERNAL_ERROR);\n\n const { sub: localId } = parsed;\n _assert(user.uid === localId, auth, AuthErrorCode.USER_MISMATCH);\n\n return UserCredentialImpl._forOperation(user, operationType, response);\n } catch (e) {\n // Convert user deleted error into user mismatch\n if ((e as FirebaseError)?.code === `auth/${AuthErrorCode.USER_DELETED}`) {\n _fail(auth, AuthErrorCode.USER_MISMATCH);\n }\n throw e;\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { UserCredential, Auth, User } from '../../model/public_types';\n\nimport { _processCredentialSavingMfaContextIfNecessary } from '../../mfa/mfa_error';\nimport { AuthInternal } from '../../model/auth';\nimport { UserInternal } from '../../model/user';\nimport { AuthCredential } from '../credentials';\nimport { _assertLinkedStatus, _link } from '../user/link_unlink';\nimport { _reauthenticate } from '../user/reauthenticate';\nimport { UserCredentialImpl } from '../user/user_credential_impl';\nimport { _castAuth } from '../auth/auth_impl';\nimport { getModularInstance } from '@firebase/util';\nimport { OperationType } from '../../model/enums';\nimport { _isFirebaseServerApp } from '@firebase/app';\nimport { _serverAppCurrentUserOperationNotSupportedError } from '../../core/util/assert';\n\nexport async function _signInWithCredential(\n auth: AuthInternal,\n credential: AuthCredential,\n bypassAuthState = false\n): Promise<UserCredential> {\n if (_isFirebaseServerApp(auth.app)) {\n return Promise.reject(\n _serverAppCurrentUserOperationNotSupportedError(auth)\n );\n }\n const operationType = OperationType.SIGN_IN;\n const response = await _processCredentialSavingMfaContextIfNecessary(\n auth,\n operationType,\n credential\n );\n const userCredential = await UserCredentialImpl._fromIdTokenResponse(\n auth,\n operationType,\n response\n );\n\n if (!bypassAuthState) {\n await auth._updateCurrentUser(userCredential.user);\n }\n return userCredential;\n}\n\n/**\n * Asynchronously signs in with the given credentials.\n *\n * @remarks\n * An {@link AuthProvider} can be used to generate the credential.\n *\n * This method is not supported by {@link Auth} instances created with a\n * {@link @firebase/app#FirebaseServerApp}.\n *\n * @param auth - The {@link Auth} instance.\n * @param credential - The auth credential.\n *\n * @public\n */\nexport async function signInWithCredential(\n auth: Auth,\n credential: AuthCredential\n): Promise<UserCredential> {\n return _signInWithCredential(_castAuth(auth), credential);\n}\n\n/**\n * Links the user account with the given credentials.\n *\n * @remarks\n * An {@link AuthProvider} can be used to generate the credential.\n *\n * @param user - The user.\n * @param credential - The auth credential.\n *\n * @public\n */\nexport async function linkWithCredential(\n user: User,\n credential: AuthCredential\n): Promise<UserCredential> {\n const userInternal = getModularInstance(user) as UserInternal;\n\n await _assertLinkedStatus(false, userInternal, credential.providerId);\n\n return _link(userInternal, credential);\n}\n\n/**\n * Re-authenticates a user using a fresh credential.\n *\n * @remarks\n * Use before operations such as {@link updatePassword} that require tokens from recent sign-in\n * attempts. This method can be used to recover from a `CREDENTIAL_TOO_OLD_LOGIN_AGAIN` error\n * or a `TOKEN_EXPIRED` error.\n *\n * This method is not supported on any {@link User} signed in by {@link Auth} instances\n * created with a {@link @firebase/app#FirebaseServerApp}.\n *\n * @param user - The user.\n * @param credential - The auth credential.\n *\n * @public\n */\nexport async function reauthenticateWithCredential(\n user: User,\n credential: AuthCredential\n): Promise<UserCredential> {\n return _reauthenticate(getModularInstance(user) as UserInternal, credential);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n Endpoint,\n HttpMethod,\n _addTidIfNecessary,\n _performSignInRequest\n} from '../index';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { Auth } from '../../model/public_types';\n\nexport interface SignInWithCustomTokenRequest {\n token: string;\n returnSecureToken: boolean;\n tenantId?: string;\n}\n\nexport interface SignInWithCustomTokenResponse extends IdTokenResponse {}\n\nexport async function signInWithCustomToken(\n auth: Auth,\n request: SignInWithCustomTokenRequest\n): Promise<SignInWithCustomTokenResponse> {\n return _performSignInRequest<\n SignInWithCustomTokenRequest,\n SignInWithCustomTokenResponse\n >(\n auth,\n HttpMethod.POST,\n Endpoint.SIGN_IN_WITH_CUSTOM_TOKEN,\n _addTidIfNecessary(auth, request)\n );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Auth, UserCredential } from '../../model/public_types';\n\nimport { signInWithCustomToken as getIdTokenResponse } from '../../api/authentication/custom_token';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { UserCredentialImpl } from '../user/user_credential_impl';\nimport { _castAuth } from '../auth/auth_impl';\nimport { OperationType } from '../../model/enums';\nimport { _isFirebaseServerApp } from '@firebase/app';\nimport { _serverAppCurrentUserOperationNotSupportedError } from '../../core/util/assert';\n/**\n * Asynchronously signs in using a custom token.\n *\n * @remarks\n * Custom tokens are used to integrate Firebase Auth with existing auth systems, and must\n * be generated by an auth backend using the\n * {@link https://firebase.google.com/docs/reference/admin/node/admin.auth.Auth#createcustomtoken | createCustomToken}\n * method in the {@link https://firebase.google.com/docs/auth/admin | Admin SDK} .\n *\n * Fails with an error if the token is invalid, expired, or not accepted by the Firebase Auth service.\n *\n * This method is not supported by {@link Auth} instances created with a\n * {@link @firebase/app#FirebaseServerApp}.\n *\n * @param auth - The {@link Auth} instance.\n * @param customToken - The custom token to sign in with.\n *\n * @public\n */\nexport async function signInWithCustomToken(\n auth: Auth,\n customToken: string\n): Promise<UserCredential> {\n if (_isFirebaseServerApp(auth.app)) {\n return Promise.reject(\n _serverAppCurrentUserOperationNotSupportedError(auth)\n );\n }\n const authInternal = _castAuth(auth);\n const response: IdTokenResponse = await getIdTokenResponse(authInternal, {\n token: customToken,\n returnSecureToken: true\n });\n const cred = await UserCredentialImpl._fromIdTokenResponse(\n authInternal,\n OperationType.SIGN_IN,\n response\n );\n await authInternal._updateCurrentUser(cred.user);\n return cred;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n FactorId,\n MultiFactorInfo,\n PhoneMultiFactorInfo,\n TotpMultiFactorInfo\n} from '../model/public_types';\nimport {\n PhoneMfaEnrollment,\n MfaEnrollment,\n TotpMfaEnrollment\n} from '../api/account_management/mfa';\nimport { AuthErrorCode } from '../core/errors';\nimport { _fail } from '../core/util/assert';\nimport { AuthInternal } from '../model/auth';\n\nexport abstract class MultiFactorInfoImpl implements MultiFactorInfo {\n readonly uid: string;\n readonly displayName?: string | null;\n readonly enrollmentTime: string;\n\n protected constructor(readonly factorId: FactorId, response: MfaEnrollment) {\n this.uid = response.mfaEnrollmentId;\n this.enrollmentTime = new Date(response.enrolledAt).toUTCString();\n this.displayName = response.displayName;\n }\n\n static _fromServerResponse(\n auth: AuthInternal,\n enrollment: MfaEnrollment\n ): MultiFactorInfoImpl {\n if ('phoneInfo' in enrollment) {\n return PhoneMultiFactorInfoImpl._fromServerResponse(auth, enrollment);\n } else if ('totpInfo' in enrollment) {\n return TotpMultiFactorInfoImpl._fromServerResponse(auth, enrollment);\n }\n return _fail(auth, AuthErrorCode.INTERNAL_ERROR);\n }\n}\n\nexport class PhoneMultiFactorInfoImpl\n extends MultiFactorInfoImpl\n implements PhoneMultiFactorInfo\n{\n readonly phoneNumber: string;\n\n private constructor(response: PhoneMfaEnrollment) {\n super(FactorId.PHONE, response);\n this.phoneNumber = response.phoneInfo;\n }\n\n static _fromServerResponse(\n _auth: AuthInternal,\n enrollment: MfaEnrollment\n ): PhoneMultiFactorInfoImpl {\n return new PhoneMultiFactorInfoImpl(enrollment as PhoneMfaEnrollment);\n }\n}\nexport class TotpMultiFactorInfoImpl\n extends MultiFactorInfoImpl\n implements TotpMultiFactorInfo\n{\n private constructor(response: TotpMfaEnrollment) {\n super(FactorId.TOTP, response);\n }\n\n static _fromServerResponse(\n _auth: AuthInternal,\n enrollment: MfaEnrollment\n ): TotpMultiFactorInfoImpl {\n return new TotpMultiFactorInfoImpl(enrollment as TotpMfaEnrollment);\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { ActionCodeSettings, Auth } from '../../model/public_types';\n\nimport { GetOobCodeRequest } from '../../api/authentication/email_and_password';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from '../util/assert';\n\nexport function _setActionCodeSettingsOnRequest(\n auth: Auth,\n request: GetOobCodeRequest,\n actionCodeSettings: ActionCodeSettings\n): void {\n _assert(\n actionCodeSettings.url?.length > 0,\n auth,\n AuthErrorCode.INVALID_CONTINUE_URI\n );\n _assert(\n typeof actionCodeSettings.dynamicLinkDomain === 'undefined' ||\n actionCodeSettings.dynamicLinkDomain.length > 0,\n auth,\n AuthErrorCode.INVALID_DYNAMIC_LINK_DOMAIN\n );\n _assert(\n typeof actionCodeSettings.linkDomain === 'undefined' ||\n actionCodeSettings.linkDomain.length > 0,\n auth,\n AuthErrorCode.INVALID_HOSTING_LINK_DOMAIN\n );\n\n request.continueUrl = actionCodeSettings.url;\n request.dynamicLinkDomain = actionCodeSettings.dynamicLinkDomain;\n request.linkDomain = actionCodeSettings.linkDomain;\n request.canHandleCodeInApp = actionCodeSettings.handleCodeInApp;\n\n if (actionCodeSettings.iOS) {\n _assert(\n actionCodeSettings.iOS.bundleId.length > 0,\n auth,\n AuthErrorCode.MISSING_IOS_BUNDLE_ID\n );\n request.iOSBundleId = actionCodeSettings.iOS.bundleId;\n }\n\n if (actionCodeSettings.android) {\n _assert(\n actionCodeSettings.android.packageName.length > 0,\n auth,\n AuthErrorCode.MISSING_ANDROID_PACKAGE_NAME\n );\n request.androidInstallApp = actionCodeSettings.android.installApp;\n request.androidMinimumVersionCode =\n actionCodeSettings.android.minimumVersion;\n request.androidPackageName = actionCodeSettings.android.packageName;\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n ActionCodeInfo,\n ActionCodeOperation,\n ActionCodeSettings,\n Auth,\n UserCredential\n} from '../../model/public_types';\n\nimport * as account from '../../api/account_management/email_and_password';\nimport * as authentication from '../../api/authentication/email_and_password';\nimport { signUp, SignUpRequest } from '../../api/authentication/sign_up';\nimport { MultiFactorInfoImpl } from '../../mfa/mfa_info';\nimport { EmailAuthProvider } from '../providers/email';\nimport { UserCredentialImpl } from '../user/user_credential_impl';\nimport {\n _assert,\n _serverAppCurrentUserOperationNotSupportedError\n} from '../util/assert';\nimport { _setActionCodeSettingsOnRequest } from './action_code_settings';\nimport { signInWithCredential } from './credential';\nimport { _castAuth } from '../auth/auth_impl';\nimport { AuthErrorCode } from '../errors';\nimport { getModularInstance } from '@firebase/util';\nimport { OperationType } from '../../model/enums';\nimport { handleRecaptchaFlow } from '../../platform_browser/recaptcha/recaptcha_enterprise_verifier';\nimport { IdTokenResponse } from '../../model/id_token';\nimport {\n RecaptchaActionName,\n RecaptchaClientType,\n RecaptchaAuthProvider\n} from '../../api';\nimport { _isFirebaseServerApp } from '@firebase/app';\n\n/**\n * Updates the password policy cached in the {@link Auth} instance if a policy is already\n * cached for the project or tenant.\n *\n * @remarks\n * We only fetch the password policy if the password did not meet policy requirements and\n * there is an existing policy cached. A developer must call validatePassword at least\n * once for the cache to be automatically updated.\n *\n * @param auth - The {@link Auth} instance.\n *\n * @private\n */\nasync function recachePasswordPolicy(auth: Auth): Promise<void> {\n const authInternal = _castAuth(auth);\n if (authInternal._getPasswordPolicyInternal()) {\n await authInternal._updatePasswordPolicy();\n }\n}\n\n/**\n * Sends a password reset email to the given email address. This method does not throw an error when\n * there's no user account with the given email address and\n * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}\n * is enabled.\n *\n * @remarks\n * To complete the password reset, call {@link confirmPasswordReset} with the code supplied in\n * the email sent to the user, along with the new password specified by the user.\n *\n * @example\n * ```javascript\n * const actionCodeSettings = {\n * url: 'https://www.example.com/?email=user@example.com',\n * iOS: {\n * bundleId: 'com.example.ios'\n * },\n * android: {\n * packageName: 'com.example.android',\n * installApp: true,\n * minimumVersion: '12'\n * },\n * handleCodeInApp: true\n * };\n * await sendPasswordResetEmail(auth, 'user@example.com', actionCodeSettings);\n * // Obtain code from user.\n * await confirmPasswordReset('user@example.com', code);\n * ```\n *\n * @param auth - The {@link Auth} instance.\n * @param email - The user's email address.\n * @param actionCodeSettings - The {@link ActionCodeSettings}.\n *\n * @public\n */\nexport async function sendPasswordResetEmail(\n auth: Auth,\n email: string,\n actionCodeSettings?: ActionCodeSettings\n): Promise<void> {\n const authInternal = _castAuth(auth);\n const request: authentication.PasswordResetRequest = {\n requestType: ActionCodeOperation.PASSWORD_RESET,\n email,\n clientType: RecaptchaClientType.WEB\n };\n if (actionCodeSettings) {\n _setActionCodeSettingsOnRequest(authInternal, request, actionCodeSettings);\n }\n await handleRecaptchaFlow(\n authInternal,\n request,\n RecaptchaActionName.GET_OOB_CODE,\n authentication.sendPasswordResetEmail,\n RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER\n );\n}\n\n/**\n * Completes the password reset process, given a confirmation code and new password.\n *\n * @param auth - The {@link Auth} instance.\n * @param oobCode - A confirmation code sent to the user.\n * @param newPassword - The new password.\n *\n * @public\n */\nexport async function confirmPasswordReset(\n auth: Auth,\n oobCode: string,\n newPassword: string\n): Promise<void> {\n await account\n .resetPassword(getModularInstance(auth), {\n oobCode,\n newPassword\n })\n .catch(async error => {\n if (\n error.code ===\n `auth/${AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS}`\n ) {\n void recachePasswordPolicy(auth);\n }\n\n throw error;\n });\n // Do not return the email.\n}\n\n/**\n * Applies a verification code sent to the user by email or other out-of-band mechanism.\n *\n * @param auth - The {@link Auth} instance.\n * @param oobCode - A verification code sent to the user.\n *\n * @public\n */\nexport async function applyActionCode(\n auth: Auth,\n oobCode: string\n): Promise<void> {\n await account.applyActionCode(getModularInstance(auth), { oobCode });\n}\n\n/**\n * Checks a verification code sent to the user by email or other out-of-band mechanism.\n *\n * @returns metadata about the code.\n *\n * @param auth - The {@link Auth} instance.\n * @param oobCode - A verification code sent to the user.\n *\n * @public\n */\nexport async function checkActionCode(\n auth: Auth,\n oobCode: string\n): Promise<ActionCodeInfo> {\n const authModular = getModularInstance(auth);\n const response = await account.resetPassword(authModular, { oobCode });\n\n // Email could be empty only if the request type is EMAIL_SIGNIN or\n // VERIFY_AND_CHANGE_EMAIL.\n // New email should not be empty if the request type is\n // VERIFY_AND_CHANGE_EMAIL.\n // Multi-factor info could not be empty if the request type is\n // REVERT_SECOND_FACTOR_ADDITION.\n const operation = response.requestType;\n _assert(operation, authModular, AuthErrorCode.INTERNAL_ERROR);\n switch (operation) {\n case ActionCodeOperation.EMAIL_SIGNIN:\n break;\n case ActionCodeOperation.VERIFY_AND_CHANGE_EMAIL:\n _assert(response.newEmail, authModular, AuthErrorCode.INTERNAL_ERROR);\n break;\n case ActionCodeOperation.REVERT_SECOND_FACTOR_ADDITION:\n _assert(response.mfaInfo, authModular, AuthErrorCode.INTERNAL_ERROR);\n // fall through\n default:\n _assert(response.email, authModular, AuthErrorCode.INTERNAL_ERROR);\n }\n\n // The multi-factor info for revert second factor addition\n let multiFactorInfo: MultiFactorInfoImpl | null = null;\n if (response.mfaInfo) {\n multiFactorInfo = MultiFactorInfoImpl._fromServerResponse(\n _castAuth(authModular),\n response.mfaInfo\n );\n }\n\n return {\n data: {\n email:\n (response.requestType === ActionCodeOperation.VERIFY_AND_CHANGE_EMAIL\n ? response.newEmail\n : response.email) || null,\n previousEmail:\n (response.requestType === ActionCodeOperation.VERIFY_AND_CHANGE_EMAIL\n ? response.email\n : response.newEmail) || null,\n multiFactorInfo\n },\n operation\n };\n}\n\n/**\n * Checks a password reset code sent to the user by email or other out-of-band mechanism.\n *\n * @returns the user's email address if valid.\n *\n * @param auth - The {@link Auth} instance.\n * @param code - A verification code sent to the user.\n *\n * @public\n */\nexport async function verifyPasswordResetCode(\n auth: Auth,\n code: string\n): Promise<string> {\n const { data } = await checkActionCode(getModularInstance(auth), code);\n // Email should always be present since a code was sent to it\n return data.email!;\n}\n\n/**\n * Creates a new user account associated with the specified email address and password.\n *\n * @remarks\n * On successful creation of the user account, this user will also be signed in to your application.\n *\n * User account creation can fail if the account already exists or the password is invalid.\n *\n * This method is not supported on {@link Auth} instances created with a\n * {@link @firebase/app#FirebaseServerApp}.\n *\n * Note: The email address acts as a unique identifier for the user and enables an email-based\n * password reset. This function will create a new user account and set the initial user password.\n *\n * @param auth - The {@link Auth} instance.\n * @param email - The user's email address.\n * @param password - The user's chosen password.\n *\n * @public\n */\nexport async function createUserWithEmailAndPassword(\n auth: Auth,\n email: string,\n password: string\n): Promise<UserCredential> {\n if (_isFirebaseServerApp(auth.app)) {\n return Promise.reject(\n _serverAppCurrentUserOperationNotSupportedError(auth)\n );\n }\n const authInternal = _castAuth(auth);\n const request: SignUpRequest = {\n returnSecureToken: true,\n email,\n password,\n clientType: RecaptchaClientType.WEB\n };\n const signUpResponse: Promise<IdTokenResponse> = handleRecaptchaFlow(\n authInternal,\n request,\n RecaptchaActionName.SIGN_UP_PASSWORD,\n signUp,\n RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER\n );\n const response = await signUpResponse.catch(error => {\n if (\n error.code === `auth/${AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS}`\n ) {\n void recachePasswordPolicy(auth);\n }\n\n throw error;\n });\n\n const userCredential = await UserCredentialImpl._fromIdTokenResponse(\n authInternal,\n OperationType.SIGN_IN,\n response\n );\n await authInternal._updateCurrentUser(userCredential.user);\n\n return userCredential;\n}\n\n/**\n * Asynchronously signs in using an email and password.\n *\n * @remarks\n * Fails with an error if the email address and password do not match. When\n * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}\n * is enabled, this method fails with \"auth/invalid-credential\" in case of an invalid\n * email/password.\n *\n * This method is not supported on {@link Auth} instances created with a\n * {@link @firebase/app#FirebaseServerApp}.\n *\n * Note: The user's password is NOT the password used to access the user's email account. The\n * email address serves as a unique identifier for the user, and the password is used to access\n * the user's account in your Firebase project. See also: {@link createUserWithEmailAndPassword}.\n *\n *\n * @param auth - The {@link Auth} instance.\n * @param email - The users email address.\n * @param password - The users password.\n *\n * @public\n */\nexport function signInWithEmailAndPassword(\n auth: Auth,\n email: string,\n password: string\n): Promise<UserCredential> {\n if (_isFirebaseServerApp(auth.app)) {\n return Promise.reject(\n _serverAppCurrentUserOperationNotSupportedError(auth)\n );\n }\n return signInWithCredential(\n getModularInstance(auth),\n EmailAuthProvider.credential(email, password)\n ).catch(async error => {\n if (\n error.code === `auth/${AuthErrorCode.PASSWORD_DOES_NOT_MEET_REQUIREMENTS}`\n ) {\n void recachePasswordPolicy(auth);\n }\n\n throw error;\n });\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n ActionCodeOperation,\n ActionCodeSettings,\n Auth,\n UserCredential\n} from '../../model/public_types';\n\nimport * as api from '../../api/authentication/email_and_password';\nimport { ActionCodeURL } from '../action_code_url';\nimport { EmailAuthProvider } from '../providers/email';\nimport { _getCurrentUrl } from '../util/location';\nimport { _setActionCodeSettingsOnRequest } from './action_code_settings';\nimport { signInWithCredential } from './credential';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from '../util/assert';\nimport { getModularInstance } from '@firebase/util';\nimport { _castAuth } from '../auth/auth_impl';\nimport { handleRecaptchaFlow } from '../../platform_browser/recaptcha/recaptcha_enterprise_verifier';\nimport {\n RecaptchaActionName,\n RecaptchaClientType,\n RecaptchaAuthProvider\n} from '../../api';\nimport { _isFirebaseServerApp } from '@firebase/app';\nimport { _serverAppCurrentUserOperationNotSupportedError } from '../../core/util/assert';\n\n/**\n * Sends a sign-in email link to the user with the specified email.\n *\n * @remarks\n * The sign-in operation has to always be completed in the app unlike other out of band email\n * actions (password reset and email verifications). This is because, at the end of the flow,\n * the user is expected to be signed in and their Auth state persisted within the app.\n *\n * To complete sign in with the email link, call {@link signInWithEmailLink} with the email\n * address and the email link supplied in the email sent to the user.\n *\n * @example\n * ```javascript\n * const actionCodeSettings = {\n * url: 'https://www.example.com/?email=user@example.com',\n * iOS: {\n * bundleId: 'com.example.ios'\n * },\n * android: {\n * packageName: 'com.example.android',\n * installApp: true,\n * minimumVersion: '12'\n * },\n * handleCodeInApp: true\n * };\n * await sendSignInLinkToEmail(auth, 'user@example.com', actionCodeSettings);\n * // Obtain emailLink from the user.\n * if(isSignInWithEmailLink(auth, emailLink)) {\n * await signInWithEmailLink(auth, 'user@example.com', emailLink);\n * }\n * ```\n *\n * @param authInternal - The {@link Auth} instance.\n * @param email - The user's email address.\n * @param actionCodeSettings - The {@link ActionCodeSettings}.\n *\n * @public\n */\nexport async function sendSignInLinkToEmail(\n auth: Auth,\n email: string,\n actionCodeSettings: ActionCodeSettings\n): Promise<void> {\n const authInternal = _castAuth(auth);\n const request: api.EmailSignInRequest = {\n requestType: ActionCodeOperation.EMAIL_SIGNIN,\n email,\n clientType: RecaptchaClientType.WEB\n };\n function setActionCodeSettings(\n request: api.EmailSignInRequest,\n actionCodeSettings: ActionCodeSettings\n ): void {\n _assert(\n actionCodeSettings.handleCodeInApp,\n authInternal,\n AuthErrorCode.ARGUMENT_ERROR\n );\n if (actionCodeSettings) {\n _setActionCodeSettingsOnRequest(\n authInternal,\n request,\n actionCodeSettings\n );\n }\n }\n setActionCodeSettings(request, actionCodeSettings);\n await handleRecaptchaFlow(\n authInternal,\n request,\n RecaptchaActionName.GET_OOB_CODE,\n api.sendSignInLinkToEmail,\n RecaptchaAuthProvider.EMAIL_PASSWORD_PROVIDER\n );\n}\n\n/**\n * Checks if an incoming link is a sign-in with email link suitable for {@link signInWithEmailLink}.\n *\n * @param auth - The {@link Auth} instance.\n * @param emailLink - The link sent to the user's email address.\n *\n * @public\n */\nexport function isSignInWithEmailLink(auth: Auth, emailLink: string): boolean {\n const actionCodeUrl = ActionCodeURL.parseLink(emailLink);\n return actionCodeUrl?.operation === ActionCodeOperation.EMAIL_SIGNIN;\n}\n\n/**\n * Asynchronously signs in using an email and sign-in email link.\n *\n * @remarks\n * If no link is passed, the link is inferred from the current URL.\n *\n * Fails with an error if the email address is invalid or OTP in email link expires.\n *\n * This method is not supported by {@link Auth} instances created with a\n * {@link @firebase/app#FirebaseServerApp}.\n *\n * Note: Confirm the link is a sign-in email link before calling this method firebase.auth.Auth.isSignInWithEmailLink.\n *\n * @example\n * ```javascript\n * const actionCodeSettings = {\n * url: 'https://www.example.com/?email=user@example.com',\n * iOS: {\n * bundleId: 'com.example.ios'\n * },\n * android: {\n * packageName: 'com.example.android',\n * installApp: true,\n * minimumVersion: '12'\n * },\n * handleCodeInApp: true\n * };\n * await sendSignInLinkToEmail(auth, 'user@example.com', actionCodeSettings);\n * // Obtain emailLink from the user.\n * if(isSignInWithEmailLink(auth, emailLink)) {\n * await signInWithEmailLink(auth, 'user@example.com', emailLink);\n * }\n * ```\n *\n *\n * @param auth - The {@link Auth} instance.\n * @param email - The user's email address.\n * @param emailLink - The link sent to the user's email address.\n *\n * @public\n */\nexport async function signInWithEmailLink(\n auth: Auth,\n email: string,\n emailLink?: string\n): Promise<UserCredential> {\n if (_isFirebaseServerApp(auth.app)) {\n return Promise.reject(\n _serverAppCurrentUserOperationNotSupportedError(auth)\n );\n }\n const authModular = getModularInstance(auth);\n const credential = EmailAuthProvider.credentialWithLink(\n email,\n emailLink || _getCurrentUrl()\n );\n // Check if the tenant ID in the email link matches the tenant ID on Auth\n // instance.\n _assert(\n credential._tenantId === (authModular.tenantId || null),\n authModular,\n AuthErrorCode.TENANT_ID_MISMATCH\n );\n return signInWithCredential(authModular, credential);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n Endpoint,\n HttpMethod,\n _addTidIfNecessary,\n _performApiRequest\n} from '../index';\nimport { Auth } from '../../model/public_types';\n\nexport interface CreateAuthUriRequest {\n identifier: string;\n continueUri: string;\n tenantId?: string;\n}\n\nexport interface CreateAuthUriResponse {\n signinMethods: string[];\n}\n\nexport async function createAuthUri(\n auth: Auth,\n request: CreateAuthUriRequest\n): Promise<CreateAuthUriResponse> {\n return _performApiRequest<CreateAuthUriRequest, CreateAuthUriResponse>(\n auth,\n HttpMethod.POST,\n Endpoint.CREATE_AUTH_URI,\n _addTidIfNecessary(auth, request)\n );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n ActionCodeOperation,\n ActionCodeSettings,\n Auth,\n User\n} from '../../model/public_types';\n\nimport {\n createAuthUri,\n CreateAuthUriRequest\n} from '../../api/authentication/create_auth_uri';\nimport * as api from '../../api/authentication/email_and_password';\nimport { UserInternal } from '../../model/user';\nimport { _getCurrentUrl, _isHttpOrHttps } from '../util/location';\nimport { _setActionCodeSettingsOnRequest } from './action_code_settings';\nimport { getModularInstance } from '@firebase/util';\n\n/**\n * Gets the list of possible sign in methods for the given email address. This method returns an\n * empty list when\n * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}\n * is enabled, irrespective of the number of authentication methods available for the given email.\n *\n * @remarks\n * This is useful to differentiate methods of sign-in for the same provider, eg.\n * {@link EmailAuthProvider} which has 2 methods of sign-in,\n * {@link SignInMethod}.EMAIL_PASSWORD and\n * {@link SignInMethod}.EMAIL_LINK.\n *\n * @param auth - The {@link Auth} instance.\n * @param email - The user's email address.\n *\n * Deprecated. Migrating off of this method is recommended as a security best-practice.\n * Learn more in the Identity Platform documentation for\n * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}.\n * @public\n */\nexport async function fetchSignInMethodsForEmail(\n auth: Auth,\n email: string\n): Promise<string[]> {\n // createAuthUri returns an error if continue URI is not http or https.\n // For environments like Cordova, Chrome extensions, native frameworks, file\n // systems, etc, use http://localhost as continue URL.\n const continueUri = _isHttpOrHttps() ? _getCurrentUrl() : 'http://localhost';\n const request: CreateAuthUriRequest = {\n identifier: email,\n continueUri\n };\n\n const { signinMethods } = await createAuthUri(\n getModularInstance(auth),\n request\n );\n\n return signinMethods || [];\n}\n\n/**\n * Sends a verification email to a user.\n *\n * @remarks\n * The verification process is completed by calling {@link applyActionCode}.\n *\n * @example\n * ```javascript\n * const actionCodeSettings = {\n * url: 'https://www.example.com/?email=user@example.com',\n * iOS: {\n * bundleId: 'com.example.ios'\n * },\n * android: {\n * packageName: 'com.example.android',\n * installApp: true,\n * minimumVersion: '12'\n * },\n * handleCodeInApp: true\n * };\n * await sendEmailVerification(user, actionCodeSettings);\n * // Obtain code from the user.\n * await applyActionCode(auth, code);\n * ```\n *\n * @param user - The user.\n * @param actionCodeSettings - The {@link ActionCodeSettings}.\n *\n * @public\n */\nexport async function sendEmailVerification(\n user: User,\n actionCodeSettings?: ActionCodeSettings | null\n): Promise<void> {\n const userInternal = getModularInstance(user) as UserInternal;\n const idToken = await user.getIdToken();\n const request: api.VerifyEmailRequest = {\n requestType: ActionCodeOperation.VERIFY_EMAIL,\n idToken\n };\n if (actionCodeSettings) {\n _setActionCodeSettingsOnRequest(\n userInternal.auth,\n request,\n actionCodeSettings\n );\n }\n\n const { email } = await api.sendEmailVerification(userInternal.auth, request);\n\n if (email !== user.email) {\n await user.reload();\n }\n}\n\n/**\n * Sends a verification email to a new email address.\n *\n * @remarks\n * The user's email will be updated to the new one after being verified.\n *\n * If you have a custom email action handler, you can complete the verification process by calling\n * {@link applyActionCode}.\n *\n * @example\n * ```javascript\n * const actionCodeSettings = {\n * url: 'https://www.example.com/?email=user@example.com',\n * iOS: {\n * bundleId: 'com.example.ios'\n * },\n * android: {\n * packageName: 'com.example.android',\n * installApp: true,\n * minimumVersion: '12'\n * },\n * handleCodeInApp: true\n * };\n * await verifyBeforeUpdateEmail(user, 'newemail@example.com', actionCodeSettings);\n * // Obtain code from the user.\n * await applyActionCode(auth, code);\n * ```\n *\n * @param user - The user.\n * @param newEmail - The new email address to be verified before update.\n * @param actionCodeSettings - The {@link ActionCodeSettings}.\n *\n * @public\n */\nexport async function verifyBeforeUpdateEmail(\n user: User,\n newEmail: string,\n actionCodeSettings?: ActionCodeSettings | null\n): Promise<void> {\n const userInternal = getModularInstance(user) as UserInternal;\n const idToken = await user.getIdToken();\n const request: api.VerifyAndChangeEmailRequest = {\n requestType: ActionCodeOperation.VERIFY_AND_CHANGE_EMAIL,\n idToken,\n newEmail\n };\n if (actionCodeSettings) {\n _setActionCodeSettingsOnRequest(\n userInternal.auth,\n request,\n actionCodeSettings\n );\n }\n\n const { email } = await api.verifyAndChangeEmail(userInternal.auth, request);\n\n if (email !== user.email) {\n // If the local copy of the email on user is outdated, reload the\n // user.\n await user.reload();\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Endpoint, HttpMethod, _performApiRequest } from '../index';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { Auth } from '../../model/public_types';\n\nexport interface UpdateProfileRequest {\n idToken: string;\n displayName?: string | null;\n photoUrl?: string | null;\n returnSecureToken: boolean;\n}\n\nexport interface UpdateProfileResponse extends IdTokenResponse {\n displayName?: string | null;\n photoUrl?: string | null;\n}\n\nexport async function updateProfile(\n auth: Auth,\n request: UpdateProfileRequest\n): Promise<UpdateProfileResponse> {\n return _performApiRequest<UpdateProfileRequest, UpdateProfileResponse>(\n auth,\n HttpMethod.POST,\n Endpoint.SET_ACCOUNT_INFO,\n request\n );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { User } from '../../model/public_types';\n\nimport {\n updateEmailPassword as apiUpdateEmailPassword,\n UpdateEmailPasswordRequest\n} from '../../api/account_management/email_and_password';\nimport { updateProfile as apiUpdateProfile } from '../../api/account_management/profile';\nimport { UserInternal } from '../../model/user';\nimport { _logoutIfInvalidated } from './invalidation';\nimport { getModularInstance } from '@firebase/util';\nimport { ProviderId } from '../../model/enums';\nimport { _isFirebaseServerApp } from '@firebase/app';\nimport { _serverAppCurrentUserOperationNotSupportedError } from '../../core/util/assert';\n\n/**\n * Updates a user's profile data.\n *\n * @param user - The user.\n * @param profile - The profile's `displayName` and `photoURL` to update.\n *\n * @public\n */\nexport async function updateProfile(\n user: User,\n {\n displayName,\n photoURL: photoUrl\n }: { displayName?: string | null; photoURL?: string | null }\n): Promise<void> {\n if (displayName === undefined && photoUrl === undefined) {\n return;\n }\n\n const userInternal = getModularInstance(user) as UserInternal;\n const idToken = await userInternal.getIdToken();\n const profileRequest = {\n idToken,\n displayName,\n photoUrl,\n returnSecureToken: true\n };\n const response = await _logoutIfInvalidated(\n userInternal,\n apiUpdateProfile(userInternal.auth, profileRequest)\n );\n\n userInternal.displayName = response.displayName || null;\n userInternal.photoURL = response.photoUrl || null;\n\n // Update the password provider as well\n const passwordProvider = userInternal.providerData.find(\n ({ providerId }) => providerId === ProviderId.PASSWORD\n );\n if (passwordProvider) {\n passwordProvider.displayName = userInternal.displayName;\n passwordProvider.photoURL = userInternal.photoURL;\n }\n\n await userInternal._updateTokensIfNecessary(response);\n}\n\n/**\n * Updates the user's email address.\n *\n * @remarks\n * An email will be sent to the original email address (if it was set) that allows to revoke the\n * email address change, in order to protect them from account hijacking.\n *\n * This method is not supported on any {@link User} signed in by {@link Auth} instances\n * created with a {@link @firebase/app#FirebaseServerApp}.\n *\n * Important: this is a security sensitive operation that requires the user to have recently signed\n * in. If this requirement isn't met, ask the user to authenticate again and then call\n * {@link reauthenticateWithCredential}.\n *\n * @param user - The user.\n * @param newEmail - The new email address.\n *\n * Throws \"auth/operation-not-allowed\" error when\n * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}\n * is enabled.\n * Deprecated - Use {@link verifyBeforeUpdateEmail} instead.\n *\n * @public\n */\nexport function updateEmail(user: User, newEmail: string): Promise<void> {\n const userInternal = getModularInstance(user) as UserInternal;\n if (_isFirebaseServerApp(userInternal.auth.app)) {\n return Promise.reject(\n _serverAppCurrentUserOperationNotSupportedError(userInternal.auth)\n );\n }\n return updateEmailOrPassword(userInternal, newEmail, null);\n}\n\n/**\n * Updates the user's password.\n *\n * @remarks\n * Important: this is a security sensitive operation that requires the user to have recently signed\n * in. If this requirement isn't met, ask the user to authenticate again and then call\n * {@link reauthenticateWithCredential}.\n *\n * @param user - The user.\n * @param newPassword - The new password.\n *\n * @public\n */\nexport function updatePassword(user: User, newPassword: string): Promise<void> {\n return updateEmailOrPassword(\n getModularInstance(user) as UserInternal,\n null,\n newPassword\n );\n}\n\nasync function updateEmailOrPassword(\n user: UserInternal,\n email: string | null,\n password: string | null\n): Promise<void> {\n const { auth } = user;\n const idToken = await user.getIdToken();\n const request: UpdateEmailPasswordRequest = {\n idToken,\n returnSecureToken: true\n };\n\n if (email) {\n request.email = email;\n }\n\n if (password) {\n request.password = password;\n }\n\n const response = await _logoutIfInvalidated(\n user,\n apiUpdateEmailPassword(auth, request)\n );\n await user._updateTokensIfNecessary(response, /* reload */ true);\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AdditionalUserInfo, UserCredential } from '../../model/public_types';\nimport { IdTokenResponse, IdTokenResponseKind } from '../../model/id_token';\nimport { _parseToken } from './id_token_result';\nimport { UserCredentialInternal } from '../../model/user';\nimport { ProviderId } from '../../model/enums';\n\n/**\n * Parse the `AdditionalUserInfo` from the ID token response.\n *\n */\nexport function _fromIdTokenResponse(\n idTokenResponse?: IdTokenResponse\n): AdditionalUserInfo | null {\n if (!idTokenResponse) {\n return null;\n }\n const { providerId } = idTokenResponse;\n const profile = idTokenResponse.rawUserInfo\n ? JSON.parse(idTokenResponse.rawUserInfo)\n : {};\n const isNewUser =\n idTokenResponse.isNewUser ||\n idTokenResponse.kind === IdTokenResponseKind.SignupNewUser;\n if (!providerId && idTokenResponse?.idToken) {\n const signInProvider = _parseToken(idTokenResponse.idToken)?.firebase?.[\n 'sign_in_provider'\n ];\n if (signInProvider) {\n const filteredProviderId =\n signInProvider !== ProviderId.ANONYMOUS &&\n signInProvider !== ProviderId.CUSTOM\n ? (signInProvider as ProviderId)\n : null;\n // Uses generic class in accordance with the legacy SDK.\n return new GenericAdditionalUserInfo(isNewUser, filteredProviderId);\n }\n }\n if (!providerId) {\n return null;\n }\n switch (providerId) {\n case ProviderId.FACEBOOK:\n return new FacebookAdditionalUserInfo(isNewUser, profile);\n case ProviderId.GITHUB:\n return new GithubAdditionalUserInfo(isNewUser, profile);\n case ProviderId.GOOGLE:\n return new GoogleAdditionalUserInfo(isNewUser, profile);\n case ProviderId.TWITTER:\n return new TwitterAdditionalUserInfo(\n isNewUser,\n profile,\n idTokenResponse.screenName || null\n );\n case ProviderId.CUSTOM:\n case ProviderId.ANONYMOUS:\n return new GenericAdditionalUserInfo(isNewUser, null);\n default:\n return new GenericAdditionalUserInfo(isNewUser, providerId, profile);\n }\n}\n\nclass GenericAdditionalUserInfo implements AdditionalUserInfo {\n constructor(\n readonly isNewUser: boolean,\n readonly providerId: ProviderId | string | null,\n readonly profile: Record<string, unknown> = {}\n ) {}\n}\n\nclass FederatedAdditionalUserInfoWithUsername extends GenericAdditionalUserInfo {\n constructor(\n isNewUser: boolean,\n providerId: ProviderId,\n profile: Record<string, unknown>,\n readonly username: string | null\n ) {\n super(isNewUser, providerId, profile);\n }\n}\n\nclass FacebookAdditionalUserInfo extends GenericAdditionalUserInfo {\n constructor(isNewUser: boolean, profile: Record<string, unknown>) {\n super(isNewUser, ProviderId.FACEBOOK, profile);\n }\n}\n\nclass GithubAdditionalUserInfo extends FederatedAdditionalUserInfoWithUsername {\n constructor(isNewUser: boolean, profile: Record<string, unknown>) {\n super(\n isNewUser,\n ProviderId.GITHUB,\n profile,\n typeof profile?.login === 'string' ? profile?.login : null\n );\n }\n}\n\nclass GoogleAdditionalUserInfo extends GenericAdditionalUserInfo {\n constructor(isNewUser: boolean, profile: Record<string, unknown>) {\n super(isNewUser, ProviderId.GOOGLE, profile);\n }\n}\n\nclass TwitterAdditionalUserInfo extends FederatedAdditionalUserInfoWithUsername {\n constructor(\n isNewUser: boolean,\n profile: Record<string, unknown>,\n screenName: string | null\n ) {\n super(isNewUser, ProviderId.TWITTER, profile, screenName);\n }\n}\n\n/**\n * Extracts provider specific {@link AdditionalUserInfo} for the given credential.\n *\n * @param userCredential - The user credential.\n *\n * @public\n */\nexport function getAdditionalUserInfo(\n userCredential: UserCredential\n): AdditionalUserInfo | null {\n const { user, _tokenResponse } = userCredential as UserCredentialInternal;\n if (user.isAnonymous && !_tokenResponse) {\n // Handle the special case where signInAnonymously() gets called twice.\n // No network call is made so there's nothing to actually fill this in\n return {\n providerId: null,\n isNewUser: false,\n profile: null\n };\n }\n\n return _fromIdTokenResponse(_tokenResponse);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { getModularInstance } from '@firebase/util';\nimport {\n Auth,\n NextOrObserver,\n Persistence,\n User,\n CompleteFn,\n ErrorFn,\n Unsubscribe,\n PasswordValidationStatus\n} from '../model/public_types';\nimport { _initializeRecaptchaConfig } from '../platform_browser/recaptcha/recaptcha_enterprise_verifier';\nimport { _castAuth } from '../core/auth/auth_impl';\n\nexport {\n debugErrorMap,\n prodErrorMap,\n AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY as AuthErrorCodes\n} from './errors';\n\n// Non-optional auth methods.\n/**\n * Changes the type of persistence on the {@link Auth} instance for the currently saved\n * `Auth` session and applies this type of persistence for future sign-in requests, including\n * sign-in with redirect requests.\n *\n * @remarks\n * This makes it easy for a user signing in to specify whether their session should be\n * remembered or not. It also makes it easier to never persist the `Auth` state for applications\n * that are shared by other users or have sensitive data.\n *\n * This method does not work in a Node.js environment or with {@link Auth} instances created with a\n * {@link @firebase/app#FirebaseServerApp}.\n *\n * @example\n * ```javascript\n * setPersistence(auth, browserSessionPersistence);\n * ```\n *\n * @param auth - The {@link Auth} instance.\n * @param persistence - The {@link Persistence} to use.\n * @returns A `Promise` that resolves once the persistence change has completed\n *\n * @public\n */\nexport function setPersistence(\n auth: Auth,\n persistence: Persistence\n): Promise<void> {\n return getModularInstance(auth).setPersistence(persistence);\n}\n\n/**\n * Loads the reCAPTCHA configuration into the `Auth` instance.\n *\n * @remarks\n * This will load the reCAPTCHA config, which indicates whether the reCAPTCHA\n * verification flow should be triggered for each auth provider, into the\n * current Auth session.\n *\n * If initializeRecaptchaConfig() is not invoked, the auth flow will always start\n * without reCAPTCHA verification. If the provider is configured to require reCAPTCHA\n * verification, the SDK will transparently load the reCAPTCHA config and restart the\n * auth flows.\n *\n * Thus, by calling this optional method, you will reduce the latency of future auth flows.\n * Loading the reCAPTCHA config early will also enhance the signal collected by reCAPTCHA.\n *\n * This method does not work in a Node.js environment.\n *\n * @example\n * ```javascript\n * initializeRecaptchaConfig(auth);\n * ```\n *\n * @param auth - The {@link Auth} instance.\n *\n * @public\n */\nexport function initializeRecaptchaConfig(auth: Auth): Promise<void> {\n return _initializeRecaptchaConfig(auth);\n}\n\n/**\n * Validates the password against the password policy configured for the project or tenant.\n *\n * @remarks\n * If no tenant ID is set on the `Auth` instance, then this method will use the password\n * policy configured for the project. Otherwise, this method will use the policy configured\n * for the tenant. If a password policy has not been configured, then the default policy\n * configured for all projects will be used.\n *\n * If an auth flow fails because a submitted password does not meet the password policy\n * requirements and this method has previously been called, then this method will use the\n * most recent policy available when called again.\n *\n * @example\n * ```javascript\n * validatePassword(auth, 'some-password');\n * ```\n *\n * @param auth The {@link Auth} instance.\n * @param password The password to validate.\n *\n * @public\n */\nexport async function validatePassword(\n auth: Auth,\n password: string\n): Promise<PasswordValidationStatus> {\n const authInternal = _castAuth(auth);\n return authInternal.validatePassword(password);\n}\n\n/**\n * Adds an observer for changes to the signed-in user's ID token.\n *\n * @remarks\n * This includes sign-in, sign-out, and token refresh events.\n * This will not be triggered automatically upon ID token expiration. Use {@link User.getIdToken} to refresh the ID token.\n *\n * @param auth - The {@link Auth} instance.\n * @param nextOrObserver - callback triggered on change.\n * @param error - Deprecated. This callback is never triggered. Errors\n * on signing in/out can be caught in promises returned from\n * sign-in/sign-out functions.\n * @param completed - Deprecated. This callback is never triggered.\n *\n * @public\n */\nexport function onIdTokenChanged(\n auth: Auth,\n nextOrObserver: NextOrObserver<User>,\n error?: ErrorFn,\n completed?: CompleteFn\n): Unsubscribe {\n return getModularInstance(auth).onIdTokenChanged(\n nextOrObserver,\n error,\n completed\n );\n}\n/**\n * Adds a blocking callback that runs before an auth state change\n * sets a new user.\n *\n * @param auth - The {@link Auth} instance.\n * @param callback - callback triggered before new user value is set.\n * If this throws, it blocks the user from being set.\n * @param onAbort - callback triggered if a later `beforeAuthStateChanged()`\n * callback throws, allowing you to undo any side effects.\n */\nexport function beforeAuthStateChanged(\n auth: Auth,\n callback: (user: User | null) => void | Promise<void>,\n onAbort?: () => void\n): Unsubscribe {\n return getModularInstance(auth).beforeAuthStateChanged(callback, onAbort);\n}\n/**\n * Adds an observer for changes to the user's sign-in state.\n *\n * @remarks\n * To keep the old behavior, see {@link onIdTokenChanged}.\n *\n * @param auth - The {@link Auth} instance.\n * @param nextOrObserver - callback triggered on change.\n * @param error - Deprecated. This callback is never triggered. Errors\n * on signing in/out can be caught in promises returned from\n * sign-in/sign-out functions.\n * @param completed - Deprecated. This callback is never triggered.\n *\n * @public\n */\nexport function onAuthStateChanged(\n auth: Auth,\n nextOrObserver: NextOrObserver<User>,\n error?: ErrorFn,\n completed?: CompleteFn\n): Unsubscribe {\n return getModularInstance(auth).onAuthStateChanged(\n nextOrObserver,\n error,\n completed\n );\n}\n/**\n * Sets the current language to the default device/browser preference.\n *\n * @param auth - The {@link Auth} instance.\n *\n * @public\n */\nexport function useDeviceLanguage(auth: Auth): void {\n getModularInstance(auth).useDeviceLanguage();\n}\n/**\n * Asynchronously sets the provided user as {@link Auth.currentUser} on the\n * {@link Auth} instance.\n *\n * @remarks\n * A new instance copy of the user provided will be made and set as currentUser.\n *\n * This will trigger {@link onAuthStateChanged} and {@link onIdTokenChanged} listeners\n * like other sign in methods.\n *\n * The operation fails with an error if the user to be updated belongs to a different Firebase\n * project.\n *\n * This method is not supported by {@link Auth} instances created with a\n * {@link @firebase/app#FirebaseServerApp}.\n *\n * @param auth - The {@link Auth} instance.\n * @param user - The new {@link User}.\n *\n * @public\n */\nexport function updateCurrentUser(\n auth: Auth,\n user: User | null\n): Promise<void> {\n return getModularInstance(auth).updateCurrentUser(user);\n}\n/**\n * Signs out the current user.\n *\n * @remarks\n * This method is not supported by {@link Auth} instances created with a\n * {@link @firebase/app#FirebaseServerApp}.\n *\n * @param auth - The {@link Auth} instance.\n *\n * @public\n */\nexport function signOut(auth: Auth): Promise<void> {\n return getModularInstance(auth).signOut();\n}\n\n/**\n * Revokes the given access token. Currently only supports Apple OAuth access tokens.\n *\n * @param auth - The {@link Auth} instance.\n * @param token - The Apple OAuth access token.\n *\n * @public\n */\nexport function revokeAccessToken(auth: Auth, token: string): Promise<void> {\n const authInternal = _castAuth(auth);\n return authInternal.revokeAccessToken(token);\n}\n\nexport { initializeAuth } from './auth/initialize';\nexport { connectAuthEmulator } from './auth/emulator';\n\n// credentials\nexport { AuthCredential } from './credentials';\nexport { EmailAuthCredential } from './credentials/email';\nexport { OAuthCredential } from './credentials/oauth';\nexport { PhoneAuthCredential } from './credentials/phone';\n\n// persistence\nexport { inMemoryPersistence } from './persistence/in_memory';\n\n// providers\nexport { EmailAuthProvider } from './providers/email';\nexport { FacebookAuthProvider } from './providers/facebook';\nexport { CustomParameters } from './providers/federated';\nexport { GoogleAuthProvider } from './providers/google';\nexport { GithubAuthProvider } from './providers/github';\nexport { OAuthProvider, OAuthCredentialOptions } from './providers/oauth';\nexport { SAMLAuthProvider } from './providers/saml';\nexport { TwitterAuthProvider } from './providers/twitter';\n\n// strategies\nexport { signInAnonymously } from './strategies/anonymous';\nexport {\n signInWithCredential,\n linkWithCredential,\n reauthenticateWithCredential\n} from './strategies/credential';\nexport { signInWithCustomToken } from './strategies/custom_token';\nexport {\n sendPasswordResetEmail,\n confirmPasswordReset,\n applyActionCode,\n checkActionCode,\n verifyPasswordResetCode,\n createUserWithEmailAndPassword,\n signInWithEmailAndPassword\n} from './strategies/email_and_password';\nexport {\n sendSignInLinkToEmail,\n isSignInWithEmailLink,\n signInWithEmailLink\n} from './strategies/email_link';\nexport {\n fetchSignInMethodsForEmail,\n sendEmailVerification,\n verifyBeforeUpdateEmail\n} from './strategies/email';\n\n// core\nexport { ActionCodeURL, parseActionCodeURL } from './action_code_url';\n\n// user\nexport {\n updateProfile,\n updateEmail,\n updatePassword\n} from './user/account_info';\nexport { getIdToken, getIdTokenResult } from './user/id_token_result';\nexport { unlink } from './user/link_unlink';\nexport { getAdditionalUserInfo } from './user/additional_user_info';\n\n// Non-optional user methods.\nexport { reload } from './user/reload';\n/**\n * Deletes and signs out the user.\n *\n * @remarks\n * Important: this is a security-sensitive operation that requires the user to have recently\n * signed in. If this requirement isn't met, ask the user to authenticate again and then call\n * {@link reauthenticateWithCredential}.\n *\n * @param user - The user.\n *\n * @public\n */\nexport async function deleteUser(user: User): Promise<void> {\n return getModularInstance(user).delete();\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { UserInternal } from '../model/user';\nimport { MultiFactorSession } from '../model/public_types';\n\nexport const enum MultiFactorSessionType {\n ENROLL = 'enroll',\n SIGN_IN = 'signin'\n}\n\ninterface SerializedMultiFactorSession {\n multiFactorSession: {\n idToken?: string;\n pendingCredential?: string;\n };\n}\n\nexport class MultiFactorSessionImpl implements MultiFactorSession {\n private constructor(\n readonly type: MultiFactorSessionType,\n readonly credential: string,\n readonly user?: UserInternal\n ) {}\n\n static _fromIdtoken(\n idToken: string,\n user?: UserInternal\n ): MultiFactorSessionImpl {\n return new MultiFactorSessionImpl(\n MultiFactorSessionType.ENROLL,\n idToken,\n user\n );\n }\n\n static _fromMfaPendingCredential(\n mfaPendingCredential: string\n ): MultiFactorSessionImpl {\n return new MultiFactorSessionImpl(\n MultiFactorSessionType.SIGN_IN,\n mfaPendingCredential\n );\n }\n\n toJSON(): SerializedMultiFactorSession {\n const key =\n this.type === MultiFactorSessionType.ENROLL\n ? 'idToken'\n : 'pendingCredential';\n return {\n multiFactorSession: {\n [key]: this.credential\n }\n };\n }\n\n static fromJSON(\n obj: Partial<SerializedMultiFactorSession>\n ): MultiFactorSessionImpl | null {\n if (obj?.multiFactorSession) {\n if (obj.multiFactorSession?.pendingCredential) {\n return MultiFactorSessionImpl._fromMfaPendingCredential(\n obj.multiFactorSession.pendingCredential\n );\n } else if (obj.multiFactorSession?.idToken) {\n return MultiFactorSessionImpl._fromIdtoken(\n obj.multiFactorSession.idToken\n );\n }\n }\n return null;\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n Auth,\n MultiFactorResolver,\n UserCredential,\n MultiFactorError\n} from '../model/public_types';\n\nimport { _castAuth } from '../core/auth/auth_impl';\nimport { AuthErrorCode } from '../core/errors';\nimport { UserCredentialImpl } from '../core/user/user_credential_impl';\nimport { _assert, _fail } from '../core/util/assert';\nimport { UserCredentialInternal } from '../model/user';\nimport { MultiFactorAssertionImpl } from './mfa_assertion';\nimport { MultiFactorError as MultiFactorErrorInternal } from './mfa_error';\nimport { MultiFactorInfoImpl } from './mfa_info';\nimport { MultiFactorSessionImpl } from './mfa_session';\nimport { getModularInstance } from '@firebase/util';\nimport { OperationType } from '../model/enums';\n\nexport class MultiFactorResolverImpl implements MultiFactorResolver {\n private constructor(\n readonly session: MultiFactorSessionImpl,\n readonly hints: MultiFactorInfoImpl[],\n private readonly signInResolver: (\n assertion: MultiFactorAssertionImpl\n ) => Promise<UserCredentialInternal>\n ) {}\n\n /** @internal */\n static _fromError(\n authExtern: Auth,\n error: MultiFactorErrorInternal\n ): MultiFactorResolverImpl {\n const auth = _castAuth(authExtern);\n const serverResponse = error.customData._serverResponse;\n const hints = (serverResponse.mfaInfo || []).map(enrollment =>\n MultiFactorInfoImpl._fromServerResponse(auth, enrollment)\n );\n\n _assert(\n serverResponse.mfaPendingCredential,\n auth,\n AuthErrorCode.INTERNAL_ERROR\n );\n const session = MultiFactorSessionImpl._fromMfaPendingCredential(\n serverResponse.mfaPendingCredential\n );\n\n return new MultiFactorResolverImpl(\n session,\n hints,\n async (\n assertion: MultiFactorAssertionImpl\n ): Promise<UserCredentialInternal> => {\n const mfaResponse = await assertion._process(auth, session);\n // Clear out the unneeded fields from the old login response\n delete serverResponse.mfaInfo;\n delete serverResponse.mfaPendingCredential;\n\n // Use in the new token & refresh token in the old response\n const idTokenResponse = {\n ...serverResponse,\n idToken: mfaResponse.idToken,\n refreshToken: mfaResponse.refreshToken\n };\n\n // TODO: we should collapse this switch statement into UserCredentialImpl._forOperation and have it support the SIGN_IN case\n switch (error.operationType) {\n case OperationType.SIGN_IN:\n const userCredential =\n await UserCredentialImpl._fromIdTokenResponse(\n auth,\n error.operationType,\n idTokenResponse\n );\n await auth._updateCurrentUser(userCredential.user);\n return userCredential;\n case OperationType.REAUTHENTICATE:\n _assert(error.user, auth, AuthErrorCode.INTERNAL_ERROR);\n return UserCredentialImpl._forOperation(\n error.user,\n error.operationType,\n idTokenResponse\n );\n default:\n _fail(auth, AuthErrorCode.INTERNAL_ERROR);\n }\n }\n );\n }\n\n async resolveSignIn(\n assertionExtern: MultiFactorAssertionImpl\n ): Promise<UserCredential> {\n const assertion = assertionExtern as MultiFactorAssertionImpl;\n return this.signInResolver(assertion);\n }\n}\n\n/**\n * Provides a {@link MultiFactorResolver} suitable for completion of a\n * multi-factor flow.\n *\n * @param auth - The {@link Auth} instance.\n * @param error - The {@link MultiFactorError} raised during a sign-in, or\n * reauthentication operation.\n *\n * @public\n */\nexport function getMultiFactorResolver(\n auth: Auth,\n error: MultiFactorError\n): MultiFactorResolver {\n const authModular = getModularInstance(auth);\n const errorInternal = error as MultiFactorErrorInternal;\n _assert(\n error.customData.operationType,\n authModular,\n AuthErrorCode.ARGUMENT_ERROR\n );\n _assert(\n errorInternal.customData._serverResponse?.mfaPendingCredential,\n authModular,\n AuthErrorCode.ARGUMENT_ERROR\n );\n\n return MultiFactorResolverImpl._fromError(authModular, errorInternal);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n Endpoint,\n HttpMethod,\n RecaptchaClientType,\n RecaptchaVersion,\n _addTidIfNecessary,\n _performApiRequest\n} from '../index';\nimport { SignInWithPhoneNumberRequest } from '../authentication/sms';\nimport { FinalizeMfaResponse } from '../authentication/mfa';\nimport { AuthInternal } from '../../model/auth';\n\n/**\n * MFA Info as returned by the API.\n */\ninterface BaseMfaEnrollment {\n mfaEnrollmentId: string;\n enrolledAt: number;\n displayName?: string;\n}\n\n/**\n * An MFA provided by SMS verification.\n */\nexport interface PhoneMfaEnrollment extends BaseMfaEnrollment {\n phoneInfo: string;\n}\n\n/**\n * An MFA provided by TOTP (Time-based One Time Password).\n */\nexport interface TotpMfaEnrollment extends BaseMfaEnrollment {}\n\n/**\n * MfaEnrollment can be any subtype of BaseMfaEnrollment, currently only PhoneMfaEnrollment and TotpMfaEnrollment are supported.\n */\nexport type MfaEnrollment = PhoneMfaEnrollment | TotpMfaEnrollment;\n\nexport interface StartPhoneMfaEnrollmentRequest {\n idToken: string;\n phoneEnrollmentInfo: {\n phoneNumber: string;\n // reCAPTCHA v2 token\n recaptchaToken?: string;\n // reCAPTCHA Enterprise token\n captchaResponse?: string;\n clientType?: RecaptchaClientType;\n recaptchaVersion?: RecaptchaVersion;\n };\n tenantId?: string;\n}\n\nexport interface StartPhoneMfaEnrollmentResponse {\n phoneSessionInfo: {\n sessionInfo: string;\n };\n}\n\nexport function startEnrollPhoneMfa(\n auth: AuthInternal,\n request: StartPhoneMfaEnrollmentRequest\n): Promise<StartPhoneMfaEnrollmentResponse> {\n return _performApiRequest<\n StartPhoneMfaEnrollmentRequest,\n StartPhoneMfaEnrollmentResponse\n >(\n auth,\n HttpMethod.POST,\n Endpoint.START_MFA_ENROLLMENT,\n _addTidIfNecessary(auth, request)\n );\n}\n\nexport interface FinalizePhoneMfaEnrollmentRequest {\n idToken: string;\n phoneVerificationInfo: SignInWithPhoneNumberRequest;\n displayName?: string | null;\n tenantId?: string;\n}\n\nexport interface FinalizePhoneMfaEnrollmentResponse\n extends FinalizeMfaResponse {}\n\nexport function finalizeEnrollPhoneMfa(\n auth: AuthInternal,\n request: FinalizePhoneMfaEnrollmentRequest\n): Promise<FinalizePhoneMfaEnrollmentResponse> {\n return _performApiRequest<\n FinalizePhoneMfaEnrollmentRequest,\n FinalizePhoneMfaEnrollmentResponse\n >(\n auth,\n HttpMethod.POST,\n Endpoint.FINALIZE_MFA_ENROLLMENT,\n _addTidIfNecessary(auth, request)\n );\n}\nexport interface StartTotpMfaEnrollmentRequest {\n idToken: string;\n totpEnrollmentInfo: {};\n tenantId?: string;\n}\n\nexport interface StartTotpMfaEnrollmentResponse {\n totpSessionInfo: {\n sharedSecretKey: string;\n verificationCodeLength: number;\n hashingAlgorithm: string;\n periodSec: number;\n sessionInfo: string;\n finalizeEnrollmentTime: number;\n };\n}\n\nexport function startEnrollTotpMfa(\n auth: AuthInternal,\n request: StartTotpMfaEnrollmentRequest\n): Promise<StartTotpMfaEnrollmentResponse> {\n return _performApiRequest<\n StartTotpMfaEnrollmentRequest,\n StartTotpMfaEnrollmentResponse\n >(\n auth,\n HttpMethod.POST,\n Endpoint.START_MFA_ENROLLMENT,\n _addTidIfNecessary(auth, request)\n );\n}\n\nexport interface TotpVerificationInfo {\n sessionInfo: string;\n verificationCode: string;\n}\nexport interface FinalizeTotpMfaEnrollmentRequest {\n idToken: string;\n totpVerificationInfo: TotpVerificationInfo;\n displayName?: string | null;\n tenantId?: string;\n}\n\nexport interface FinalizeTotpMfaEnrollmentResponse\n extends FinalizeMfaResponse {}\n\nexport function finalizeEnrollTotpMfa(\n auth: AuthInternal,\n request: FinalizeTotpMfaEnrollmentRequest\n): Promise<FinalizeTotpMfaEnrollmentResponse> {\n return _performApiRequest<\n FinalizeTotpMfaEnrollmentRequest,\n FinalizeTotpMfaEnrollmentResponse\n >(\n auth,\n HttpMethod.POST,\n Endpoint.FINALIZE_MFA_ENROLLMENT,\n _addTidIfNecessary(auth, request)\n );\n}\n\nexport interface WithdrawMfaRequest {\n idToken: string;\n mfaEnrollmentId: string;\n tenantId?: string;\n}\n\nexport interface WithdrawMfaResponse extends FinalizeMfaResponse {}\n\nexport function withdrawMfa(\n auth: AuthInternal,\n request: WithdrawMfaRequest\n): Promise<WithdrawMfaResponse> {\n return _performApiRequest<WithdrawMfaRequest, WithdrawMfaResponse>(\n auth,\n HttpMethod.POST,\n Endpoint.WITHDRAW_MFA,\n _addTidIfNecessary(auth, request)\n );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport {\n MultiFactorAssertion,\n MultiFactorInfo,\n MultiFactorSession,\n MultiFactorUser,\n User\n} from '../model/public_types';\n\nimport { withdrawMfa } from '../api/account_management/mfa';\nimport { _logoutIfInvalidated } from '../core/user/invalidation';\nimport { UserInternal } from '../model/user';\nimport { MultiFactorAssertionImpl } from './mfa_assertion';\nimport { MultiFactorInfoImpl } from './mfa_info';\nimport { MultiFactorSessionImpl } from './mfa_session';\nimport { getModularInstance } from '@firebase/util';\n\nexport class MultiFactorUserImpl implements MultiFactorUser {\n enrolledFactors: MultiFactorInfo[] = [];\n\n private constructor(readonly user: UserInternal) {\n user._onReload(userInfo => {\n if (userInfo.mfaInfo) {\n this.enrolledFactors = userInfo.mfaInfo.map(enrollment =>\n MultiFactorInfoImpl._fromServerResponse(user.auth, enrollment)\n );\n }\n });\n }\n\n static _fromUser(user: UserInternal): MultiFactorUserImpl {\n return new MultiFactorUserImpl(user);\n }\n\n async getSession(): Promise<MultiFactorSession> {\n return MultiFactorSessionImpl._fromIdtoken(\n await this.user.getIdToken(),\n this.user\n );\n }\n\n async enroll(\n assertionExtern: MultiFactorAssertion,\n displayName?: string | null\n ): Promise<void> {\n const assertion = assertionExtern as MultiFactorAssertionImpl;\n const session = (await this.getSession()) as MultiFactorSessionImpl;\n const finalizeMfaResponse = await _logoutIfInvalidated(\n this.user,\n assertion._process(this.user.auth, session, displayName)\n );\n // New tokens will be issued after enrollment of the new second factors.\n // They need to be updated on the user.\n await this.user._updateTokensIfNecessary(finalizeMfaResponse);\n // The user needs to be reloaded to get the new multi-factor information\n // from server. USER_RELOADED event will be triggered and `enrolledFactors`\n // will be updated.\n return this.user.reload();\n }\n\n async unenroll(infoOrUid: MultiFactorInfo | string): Promise<void> {\n const mfaEnrollmentId =\n typeof infoOrUid === 'string' ? infoOrUid : infoOrUid.uid;\n const idToken = await this.user.getIdToken();\n try {\n const idTokenResponse = await _logoutIfInvalidated(\n this.user,\n withdrawMfa(this.user.auth, {\n idToken,\n mfaEnrollmentId\n })\n );\n // Remove the second factor from the user's list.\n this.enrolledFactors = this.enrolledFactors.filter(\n ({ uid }) => uid !== mfaEnrollmentId\n );\n // Depending on whether the backend decided to revoke the user's session,\n // the tokenResponse may be empty. If the tokens were not updated (and they\n // are now invalid), reloading the user will discover this and invalidate\n // the user's state accordingly.\n await this.user._updateTokensIfNecessary(idTokenResponse);\n await this.user.reload();\n } catch (e) {\n throw e;\n }\n }\n}\n\nconst multiFactorUserCache = new WeakMap<User, MultiFactorUser>();\n\n/**\n * The {@link MultiFactorUser} corresponding to the user.\n *\n * @remarks\n * This is used to access all multi-factor properties and operations related to the user.\n *\n * @param user - The user.\n *\n * @public\n */\nexport function multiFactor(user: User): MultiFactorUser {\n const userModular = getModularInstance(user);\n if (!multiFactorUserCache.has(userModular)) {\n multiFactorUserCache.set(\n userModular,\n MultiFactorUserImpl._fromUser(userModular as UserInternal)\n );\n }\n return multiFactorUserCache.get(userModular)!;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Unsubscribe } from '@firebase/util';\nimport { FirebaseAuthInternal } from '@firebase/auth-interop-types';\n\nimport { AuthInternal } from '../../model/auth';\nimport { UserInternal } from '../../model/user';\nimport { _assert } from '../util/assert';\nimport { AuthErrorCode } from '../errors';\n\ninterface TokenListener {\n (tok: string | null): unknown;\n}\n\nexport class AuthInterop implements FirebaseAuthInternal {\n private readonly internalListeners: Map<TokenListener, Unsubscribe> =\n new Map();\n\n constructor(private readonly auth: AuthInternal) {}\n\n getUid(): string | null {\n this.assertAuthConfigured();\n return this.auth.currentUser?.uid || null;\n }\n\n async getToken(\n forceRefresh?: boolean\n ): Promise<{ accessToken: string } | null> {\n this.assertAuthConfigured();\n await this.auth._initializationPromise;\n if (!this.auth.currentUser) {\n return null;\n }\n\n const accessToken = await this.auth.currentUser.getIdToken(forceRefresh);\n return { accessToken };\n }\n\n addAuthTokenListener(listener: TokenListener): void {\n this.assertAuthConfigured();\n if (this.internalListeners.has(listener)) {\n return;\n }\n\n const unsubscribe = this.auth.onIdTokenChanged(user => {\n listener(\n (user as UserInternal | null)?.stsTokenManager.accessToken || null\n );\n });\n this.internalListeners.set(listener, unsubscribe);\n this.updateProactiveRefresh();\n }\n\n removeAuthTokenListener(listener: TokenListener): void {\n this.assertAuthConfigured();\n const unsubscribe = this.internalListeners.get(listener);\n if (!unsubscribe) {\n return;\n }\n\n this.internalListeners.delete(listener);\n unsubscribe();\n this.updateProactiveRefresh();\n }\n\n private assertAuthConfigured(): void {\n _assert(\n this.auth._initializationPromise,\n AuthErrorCode.DEPENDENT_SDK_INIT_BEFORE_AUTH\n );\n }\n\n private updateProactiveRefresh(): void {\n if (this.internalListeners.size > 0) {\n this.auth._startProactiveRefresh();\n } else {\n this.auth._stopProactiveRefresh();\n }\n }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { _registerComponent, registerVersion } from '@firebase/app';\nimport {\n Component,\n ComponentType,\n InstantiationMode\n} from '@firebase/component';\n\nimport { name, version } from '../../../package.json';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from '../util/assert';\nimport { _getClientVersion, ClientPlatform } from '../util/version';\nimport { _castAuth, AuthImpl, DefaultConfig } from './auth_impl';\nimport { AuthInterop } from './firebase_internal';\nimport { ConfigInternal } from '../../model/auth';\nimport { Dependencies } from '../../model/public_types';\nimport { _initializeAuthInstance } from './initialize';\n\nexport const enum _ComponentName {\n AUTH = 'auth',\n AUTH_INTERNAL = 'auth-internal'\n}\n\nfunction getVersionForPlatform(\n clientPlatform: ClientPlatform\n): string | undefined {\n switch (clientPlatform) {\n case ClientPlatform.NODE:\n return 'node';\n case ClientPlatform.REACT_NATIVE:\n return 'rn';\n case ClientPlatform.WORKER:\n return 'webworker';\n case ClientPlatform.CORDOVA:\n return 'cordova';\n case ClientPlatform.WEB_EXTENSION:\n return 'web-extension';\n default:\n return undefined;\n }\n}\n\n/** @internal */\nexport function registerAuth(clientPlatform: ClientPlatform): void {\n _registerComponent(\n new Component(\n _ComponentName.AUTH,\n (container, { options: deps }: { options?: Dependencies }) => {\n const app = container.getProvider('app').getImmediate()!;\n const heartbeatServiceProvider =\n container.getProvider<'heartbeat'>('heartbeat');\n const appCheckServiceProvider =\n container.getProvider<'app-check-internal'>('app-check-internal');\n const { apiKey, authDomain } = app.options;\n\n _assert(\n apiKey && !apiKey.includes(':'),\n AuthErrorCode.INVALID_API_KEY,\n { appName: app.name }\n );\n\n const config: ConfigInternal = {\n apiKey,\n authDomain,\n clientPlatform,\n apiHost: DefaultConfig.API_HOST,\n tokenApiHost: DefaultConfig.TOKEN_API_HOST,\n apiScheme: DefaultConfig.API_SCHEME,\n sdkClientVersion: _getClientVersion(clientPlatform)\n };\n\n const authInstance = new AuthImpl(\n app,\n heartbeatServiceProvider,\n appCheckServiceProvider,\n config\n );\n _initializeAuthInstance(authInstance, deps);\n\n return authInstance;\n },\n ComponentType.PUBLIC\n )\n /**\n * Auth can only be initialized by explicitly calling getAuth() or initializeAuth()\n * For why we do this, See go/firebase-next-auth-init\n */\n .setInstantiationMode(InstantiationMode.EXPLICIT)\n /**\n * Because all firebase products that depend on auth depend on auth-internal directly,\n * we need to initialize auth-internal after auth is initialized to make it available to other firebase products.\n */\n .setInstanceCreatedCallback(\n (container, _instanceIdentifier, _instance) => {\n const authInternalProvider = container.getProvider(\n _ComponentName.AUTH_INTERNAL\n );\n authInternalProvider.initialize();\n }\n )\n );\n\n _registerComponent(\n new Component(\n _ComponentName.AUTH_INTERNAL,\n container => {\n const auth = _castAuth(\n container.getProvider(_ComponentName.AUTH).getImmediate()!\n );\n return (auth => new AuthInterop(auth))(auth);\n },\n ComponentType.PRIVATE\n ).setInstantiationMode(InstantiationMode.EXPLICIT)\n );\n\n registerVersion(name, version, getVersionForPlatform(clientPlatform));\n // BUILD_TARGET will be replaced by values like esm, cjs, etc during the compilation\n registerVersion(name, version, '__BUILD_TARGET__');\n}\n","/**\n * @license\n * Copyright 2021 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthErrorCode } from '../core/errors';\nimport { _createError } from '../core/util/assert';\n\nimport { FirebaseApp, getApp, _getProvider } from '@firebase/app';\nimport { Auth } from '../model/public_types';\n\nimport { initializeAuth, inMemoryPersistence, connectAuthEmulator } from '..';\nimport { registerAuth } from '../core/auth/register';\nimport { ClientPlatform } from '../core/util/version';\nimport { AuthImpl } from '../core/auth/auth_impl';\n\nimport { FetchProvider } from '../core/util/fetch_provider';\nimport { getDefaultEmulatorHost } from '@firebase/util';\n\n// Initialize the fetch polyfill, the types are slightly off so just cast and hope for the best\nFetchProvider.initialize(fetch, Headers, Response);\n\n// First, we set up the various platform-specific features for Node (register\n// the version and declare the Node getAuth function)\n\nexport function getAuth(app: FirebaseApp = getApp()): Auth {\n const provider = _getProvider(app, 'auth');\n\n if (provider.isInitialized()) {\n return provider.getImmediate();\n }\n\n const auth = initializeAuth(app);\n\n const authEmulatorHost = getDefaultEmulatorHost('auth');\n if (authEmulatorHost) {\n connectAuthEmulator(auth, `http://${authEmulatorHost}`);\n }\n\n return auth;\n}\n\nregisterAuth(ClientPlatform.NODE);\n\n// The rest of this file contains no-ops and errors for browser-specific\n// methods. We keep the browser and Node entry points the same, but features\n// that only work in browsers are set to either do nothing (setPersistence) or\n// to reject with an auth/operation-not-supported-in-this-environment error.\n// The below exports are pulled into the main entry point by a rollup alias\n// plugin (overwriting the default browser imports).\n\n/** auth/operation-not-supported-in-this-environment */\nconst NOT_AVAILABLE_ERROR = _createError(AuthErrorCode.OPERATION_NOT_SUPPORTED);\n\n/** Reject with auth/operation-not-supported-in-this-environment */\nasync function fail(): Promise<void> {\n throw NOT_AVAILABLE_ERROR;\n}\n\n/**\n * A class which will throw with\n * auth/operation-not-supported-in-this-environment if instantiated\n */\nclass FailClass {\n constructor() {\n throw NOT_AVAILABLE_ERROR;\n }\n}\n\nexport const browserLocalPersistence = inMemoryPersistence;\nexport const browserSessionPersistence = inMemoryPersistence;\nexport const browserCookiePersistence = inMemoryPersistence;\nexport const indexedDBLocalPersistence = inMemoryPersistence;\nexport const browserPopupRedirectResolver = NOT_AVAILABLE_ERROR;\nexport const PhoneAuthProvider = FailClass;\nexport const signInWithPhoneNumber = fail;\nexport const linkWithPhoneNumber = fail;\nexport const reauthenticateWithPhoneNumber = fail;\nexport const updatePhoneNumber = fail;\nexport const signInWithPopup = fail;\nexport const linkWithPopup = fail;\nexport const reauthenticateWithPopup = fail;\nexport const signInWithRedirect = fail;\nexport const linkWithRedirect = fail;\nexport const reauthenticateWithRedirect = fail;\nexport const getRedirectResult = fail;\nexport const RecaptchaVerifier = FailClass;\nexport const initializeRecaptchaConfig = fail;\nexport class PhoneMultiFactorGenerator {\n static assertion(): unknown {\n throw NOT_AVAILABLE_ERROR;\n }\n}\n\n// Set persistence should no-op instead of fail. Changing the prototype will\n// make sure both setPersistence(auth, persistence) and\n// auth.setPersistence(persistence) are covered.\nAuthImpl.prototype.setPersistence = async (): Promise<void> => {};\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n _performApiRequest,\n Endpoint,\n HttpMethod,\n RecaptchaClientType,\n RecaptchaVersion,\n _addTidIfNecessary\n} from '../index';\nimport { Auth } from '../../model/public_types';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { MfaEnrollment } from '../account_management/mfa';\nimport { SignInWithIdpResponse } from './idp';\nimport {\n SignInWithPhoneNumberRequest,\n SignInWithPhoneNumberResponse\n} from './sms';\n\nexport interface FinalizeMfaResponse {\n idToken: string;\n refreshToken: string;\n}\n\n/**\n * @internal\n */\nexport interface IdTokenMfaResponse extends IdTokenResponse {\n mfaPendingCredential?: string;\n mfaInfo?: MfaEnrollment[];\n}\n\nexport interface StartPhoneMfaSignInRequest {\n mfaPendingCredential: string;\n mfaEnrollmentId: string;\n phoneSignInInfo: {\n // reCAPTCHA v2 token\n recaptchaToken?: string;\n // reCAPTCHA Enterprise token\n captchaResponse?: string;\n clientType?: RecaptchaClientType;\n recaptchaVersion?: RecaptchaVersion;\n };\n tenantId?: string;\n}\n\nexport interface StartPhoneMfaSignInResponse {\n phoneResponseInfo: {\n sessionInfo: string;\n };\n}\n\nexport function startSignInPhoneMfa(\n auth: Auth,\n request: StartPhoneMfaSignInRequest\n): Promise<StartPhoneMfaSignInResponse> {\n return _performApiRequest<\n StartPhoneMfaSignInRequest,\n StartPhoneMfaSignInResponse\n >(\n auth,\n HttpMethod.POST,\n Endpoint.START_MFA_SIGN_IN,\n _addTidIfNecessary(auth, request)\n );\n}\n\nexport interface FinalizePhoneMfaSignInRequest {\n mfaPendingCredential: string;\n phoneVerificationInfo: SignInWithPhoneNumberRequest;\n tenantId?: string;\n}\n\n// TOTP MFA Sign in only has a finalize phase. Phone MFA has a start phase to initiate sending an\n// SMS and a finalize phase to complete sign in. With TOTP, the user already has the OTP in the\n// TOTP/Authenticator app.\nexport interface FinalizeTotpMfaSignInRequest {\n mfaPendingCredential: string;\n totpVerificationInfo: { verificationCode: string };\n tenantId?: string;\n mfaEnrollmentId: string;\n}\n\nexport interface FinalizePhoneMfaSignInResponse extends FinalizeMfaResponse {}\n\nexport interface FinalizeTotpMfaSignInResponse extends FinalizeMfaResponse {}\n\nexport function finalizeSignInPhoneMfa(\n auth: Auth,\n request: FinalizePhoneMfaSignInRequest\n): Promise<FinalizePhoneMfaSignInResponse> {\n return _performApiRequest<\n FinalizePhoneMfaSignInRequest,\n FinalizePhoneMfaSignInResponse\n >(\n auth,\n HttpMethod.POST,\n Endpoint.FINALIZE_MFA_SIGN_IN,\n _addTidIfNecessary(auth, request)\n );\n}\n\nexport function finalizeSignInTotpMfa(\n auth: Auth,\n request: FinalizeTotpMfaSignInRequest\n): Promise<FinalizeTotpMfaSignInResponse> {\n return _performApiRequest<\n FinalizeTotpMfaSignInRequest,\n FinalizeTotpMfaSignInResponse\n >(\n auth,\n HttpMethod.POST,\n Endpoint.FINALIZE_MFA_SIGN_IN,\n _addTidIfNecessary(auth, request)\n );\n}\n\n/**\n * @internal\n */\nexport type PhoneOrOauthTokenResponse =\n | SignInWithPhoneNumberResponse\n | SignInWithIdpResponse\n | IdTokenResponse;\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { FactorId, MultiFactorAssertion } from '../model/public_types';\nimport { debugFail } from '../core/util/assert';\nimport { MultiFactorSessionImpl, MultiFactorSessionType } from './mfa_session';\nimport { FinalizeMfaResponse } from '../api/authentication/mfa';\nimport { AuthInternal } from '../model/auth';\n\nexport abstract class MultiFactorAssertionImpl implements MultiFactorAssertion {\n protected constructor(readonly factorId: FactorId) {}\n\n _process(\n auth: AuthInternal,\n session: MultiFactorSessionImpl,\n displayName?: string | null\n ): Promise<FinalizeMfaResponse> {\n switch (session.type) {\n case MultiFactorSessionType.ENROLL:\n return this._finalizeEnroll(auth, session.credential, displayName);\n case MultiFactorSessionType.SIGN_IN:\n return this._finalizeSignIn(auth, session.credential);\n default:\n return debugFail('unexpected MultiFactorSessionType');\n }\n }\n\n abstract _finalizeEnroll(\n auth: AuthInternal,\n idToken: string,\n displayName?: string | null\n ): Promise<FinalizeMfaResponse>;\n abstract _finalizeSignIn(\n auth: AuthInternal,\n mfaPendingCredential: string\n ): Promise<FinalizeMfaResponse>;\n}\n","/**\n * @license\n * Copyright 2022 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport {\n TotpMultiFactorAssertion,\n MultiFactorSession,\n FactorId\n} from '../../model/public_types';\nimport { AuthInternal } from '../../model/auth';\nimport {\n finalizeEnrollTotpMfa,\n startEnrollTotpMfa,\n StartTotpMfaEnrollmentResponse,\n TotpVerificationInfo\n} from '../../api/account_management/mfa';\nimport {\n FinalizeMfaResponse,\n finalizeSignInTotpMfa\n} from '../../api/authentication/mfa';\nimport { MultiFactorAssertionImpl } from '../../mfa/mfa_assertion';\nimport { MultiFactorSessionImpl } from '../mfa_session';\nimport { AuthErrorCode } from '../../core/errors';\nimport { _assert } from '../../core/util/assert';\n\n/**\n * Provider for generating a {@link TotpMultiFactorAssertion}.\n *\n * @public\n */\nexport class TotpMultiFactorGenerator {\n /**\n * Provides a {@link TotpMultiFactorAssertion} to confirm ownership of\n * the TOTP (time-based one-time password) second factor.\n * This assertion is used to complete enrollment in TOTP second factor.\n *\n * @param secret A {@link TotpSecret} containing the shared secret key and other TOTP parameters.\n * @param oneTimePassword One-time password from TOTP App.\n * @returns A {@link TotpMultiFactorAssertion} which can be used with\n * {@link MultiFactorUser.enroll}.\n */\n static assertionForEnrollment(\n secret: TotpSecret,\n oneTimePassword: string\n ): TotpMultiFactorAssertion {\n return TotpMultiFactorAssertionImpl._fromSecret(secret, oneTimePassword);\n }\n\n /**\n * Provides a {@link TotpMultiFactorAssertion} to confirm ownership of the TOTP second factor.\n * This assertion is used to complete signIn with TOTP as the second factor.\n *\n * @param enrollmentId identifies the enrolled TOTP second factor.\n * @param oneTimePassword One-time password from TOTP App.\n * @returns A {@link TotpMultiFactorAssertion} which can be used with\n * {@link MultiFactorResolver.resolveSignIn}.\n */\n static assertionForSignIn(\n enrollmentId: string,\n oneTimePassword: string\n ): TotpMultiFactorAssertion {\n return TotpMultiFactorAssertionImpl._fromEnrollmentId(\n enrollmentId,\n oneTimePassword\n );\n }\n\n /**\n * Returns a promise to {@link TotpSecret} which contains the TOTP shared secret key and other parameters.\n * Creates a TOTP secret as part of enrolling a TOTP second factor.\n * Used for generating a QR code URL or inputting into a TOTP app.\n * This method uses the auth instance corresponding to the user in the multiFactorSession.\n *\n * @param session The {@link MultiFactorSession} that the user is part of.\n * @returns A promise to {@link TotpSecret}.\n */\n static async generateSecret(\n session: MultiFactorSession\n ): Promise<TotpSecret> {\n const mfaSession = session as MultiFactorSessionImpl;\n _assert(\n typeof mfaSession.user?.auth !== 'undefined',\n AuthErrorCode.INTERNAL_ERROR\n );\n const response = await startEnrollTotpMfa(mfaSession.user.auth, {\n idToken: mfaSession.credential,\n totpEnrollmentInfo: {}\n });\n return TotpSecret._fromStartTotpMfaEnrollmentResponse(\n response,\n mfaSession.user.auth\n );\n }\n\n /**\n * The identifier of the TOTP second factor: `totp`.\n */\n static FACTOR_ID: 'totp' = FactorId.TOTP;\n}\n\nexport class TotpMultiFactorAssertionImpl\n extends MultiFactorAssertionImpl\n implements TotpMultiFactorAssertion\n{\n constructor(\n readonly otp: string,\n readonly enrollmentId?: string,\n readonly secret?: TotpSecret\n ) {\n super(FactorId.TOTP);\n }\n\n /** @internal */\n static _fromSecret(\n secret: TotpSecret,\n otp: string\n ): TotpMultiFactorAssertionImpl {\n return new TotpMultiFactorAssertionImpl(otp, undefined, secret);\n }\n\n /** @internal */\n static _fromEnrollmentId(\n enrollmentId: string,\n otp: string\n ): TotpMultiFactorAssertionImpl {\n return new TotpMultiFactorAssertionImpl(otp, enrollmentId);\n }\n\n /** @internal */\n async _finalizeEnroll(\n auth: AuthInternal,\n idToken: string,\n displayName?: string | null\n ): Promise<FinalizeMfaResponse> {\n _assert(\n typeof this.secret !== 'undefined',\n auth,\n AuthErrorCode.ARGUMENT_ERROR\n );\n return finalizeEnrollTotpMfa(auth, {\n idToken,\n displayName,\n totpVerificationInfo: this.secret._makeTotpVerificationInfo(this.otp)\n });\n }\n\n /** @internal */\n async _finalizeSignIn(\n auth: AuthInternal,\n mfaPendingCredential: string\n ): Promise<FinalizeMfaResponse> {\n _assert(\n this.enrollmentId !== undefined && this.otp !== undefined,\n auth,\n AuthErrorCode.ARGUMENT_ERROR\n );\n const totpVerificationInfo = { verificationCode: this.otp };\n return finalizeSignInTotpMfa(auth, {\n mfaPendingCredential,\n mfaEnrollmentId: this.enrollmentId,\n totpVerificationInfo\n });\n }\n}\n\n/**\n * Provider for generating a {@link TotpMultiFactorAssertion}.\n *\n * Stores the shared secret key and other parameters to generate time-based OTPs.\n * Implements methods to retrieve the shared secret key and generate a QR code URL.\n * @public\n */\nexport class TotpSecret {\n /**\n * Shared secret key/seed used for enrolling in TOTP MFA and generating OTPs.\n */\n readonly secretKey: string;\n /**\n * Hashing algorithm used.\n */\n readonly hashingAlgorithm: string;\n /**\n * Length of the one-time passwords to be generated.\n */\n readonly codeLength: number;\n /**\n * The interval (in seconds) when the OTP codes should change.\n */\n readonly codeIntervalSeconds: number;\n /**\n * The timestamp (UTC string) by which TOTP enrollment should be completed.\n */\n // This can be used by callers to show a countdown of when to enter OTP code by.\n readonly enrollmentCompletionDeadline: string;\n\n // The public members are declared outside the constructor so the docs can be generated.\n private constructor(\n secretKey: string,\n hashingAlgorithm: string,\n codeLength: number,\n codeIntervalSeconds: number,\n enrollmentCompletionDeadline: string,\n private readonly sessionInfo: string,\n private readonly auth: AuthInternal\n ) {\n this.secretKey = secretKey;\n this.hashingAlgorithm = hashingAlgorithm;\n this.codeLength = codeLength;\n this.codeIntervalSeconds = codeIntervalSeconds;\n this.enrollmentCompletionDeadline = enrollmentCompletionDeadline;\n }\n\n /** @internal */\n static _fromStartTotpMfaEnrollmentResponse(\n response: StartTotpMfaEnrollmentResponse,\n auth: AuthInternal\n ): TotpSecret {\n return new TotpSecret(\n response.totpSessionInfo.sharedSecretKey,\n response.totpSessionInfo.hashingAlgorithm,\n response.totpSessionInfo.verificationCodeLength,\n response.totpSessionInfo.periodSec,\n new Date(response.totpSessionInfo.finalizeEnrollmentTime).toUTCString(),\n response.totpSessionInfo.sessionInfo,\n auth\n );\n }\n\n /** @internal */\n _makeTotpVerificationInfo(otp: string): TotpVerificationInfo {\n return { sessionInfo: this.sessionInfo, verificationCode: otp };\n }\n\n /**\n * Returns a QR code URL as described in\n * https://github.com/google/google-authenticator/wiki/Key-Uri-Format\n * This can be displayed to the user as a QR code to be scanned into a TOTP app like Google Authenticator.\n * If the optional parameters are unspecified, an accountName of <userEmail> and issuer of <firebaseAppName> are used.\n *\n * @param accountName the name of the account/app along with a user identifier.\n * @param issuer issuer of the TOTP (likely the app name).\n * @returns A QR code URL string.\n */\n generateQrCodeUrl(accountName?: string, issuer?: string): string {\n let useDefaults = false;\n if (_isEmptyString(accountName) || _isEmptyString(issuer)) {\n useDefaults = true;\n }\n if (useDefaults) {\n if (_isEmptyString(accountName)) {\n accountName = this.auth.currentUser?.email || 'unknownuser';\n }\n if (_isEmptyString(issuer)) {\n issuer = this.auth.name;\n }\n }\n return `otpauth://totp/${issuer}:${accountName}?secret=${this.secretKey}&issuer=${issuer}&algorithm=${this.hashingAlgorithm}&digits=${this.codeLength}`;\n }\n}\n\n/** @internal */\nfunction _isEmptyString(input?: string): boolean {\n return typeof input === 'undefined' || input?.length === 0;\n}\n"],"names":["ErrorFactory","Logger","LogLevel","SDK_VERSION","isBrowserExtension","isMobileCordova","isReactNative","querystring","isCloudflareWorker","isCloudWorkstation","FirebaseError","getModularInstance","base64Decode","_isFirebaseServerApp","getUA","isIE","createSubscribe","jsHelpers._recaptchaEnterpriseScriptUrl","jsHelpers\n ._loadJS","app","_getProvider","deepEqual","pingServer","updateEmulatorBanner","applyActionCode","sendEmailVerification","sendPasswordResetEmail","sendSignInLinkToEmail","signInWithEmailLink","IDP_REQUEST_URI","signInWithPhoneNumber","linkWithPhoneNumber","querystringDecode","extractQuerystring","signInWithCustomToken","getIdTokenResponse","authentication.sendPasswordResetEmail","account\n .resetPassword","account.applyActionCode","account.resetPassword","api.sendSignInLinkToEmail","api.sendEmailVerification","api.verifyAndChangeEmail","updateProfile","apiUpdateProfile","apiUpdateEmailPassword","_registerComponent","Component","registerVersion","getApp","getDefaultEmulatorHost"],"mappings":";;;;;;;AAAA;;;;;;;;;;;;;;;AAeG;AAEH;;;;AAIG;AACU,MAAA,QAAQ,GAAG;;AAEtB,IAAA,KAAK,EAAE,OAAO;AACd,IAAA,IAAI,EAAE,MAAM;EACH;AAEX;;;;AAIG;AACU,MAAA,UAAU,GAAG;;AAExB,IAAA,QAAQ,EAAE,cAAc;;AAExB,IAAA,MAAM,EAAE,YAAY;;AAEpB,IAAA,MAAM,EAAE,YAAY;;AAEpB,IAAA,QAAQ,EAAE,UAAU;;AAEpB,IAAA,KAAK,EAAE,OAAO;;AAEd,IAAA,OAAO,EAAE,aAAa;EACb;AAEX;;;;AAIG;AACU,MAAA,YAAY,GAAG;;AAE1B,IAAA,UAAU,EAAE,WAAW;;AAEvB,IAAA,cAAc,EAAE,UAAU;;AAE1B,IAAA,QAAQ,EAAE,cAAc;;AAExB,IAAA,MAAM,EAAE,YAAY;;AAEpB,IAAA,MAAM,EAAE,YAAY;;AAEpB,IAAA,KAAK,EAAE,OAAO;;AAEd,IAAA,OAAO,EAAE,aAAa;EACb;AAEX;;;;AAIG;AACU,MAAA,aAAa,GAAG;;AAE3B,IAAA,IAAI,EAAE,MAAM;;AAEZ,IAAA,cAAc,EAAE,gBAAgB;;AAEhC,IAAA,OAAO,EAAE,QAAQ;EACR;AAEX;;;;AAIG;AACU,MAAA,mBAAmB,GAAG;;AAEjC,IAAA,YAAY,EAAE,cAAc;;AAE5B,IAAA,cAAc,EAAE,gBAAgB;;AAEhC,IAAA,aAAa,EAAE,eAAe;;AAE9B,IAAA,6BAA6B,EAAE,+BAA+B;;AAE9D,IAAA,uBAAuB,EAAE,yBAAyB;;AAElD,IAAA,YAAY,EAAE,cAAc;;;ACrG9B;;;;;;;;;;;;;;;AAeG;AA6HH,SAAS,cAAc,GAAA;IACrB,OAAO;AACL,QAAA,CAAA,4BAAA,4CACE,sDAAsD;AACxD,QAAA,CAAA,gBAAA,sCAAgC,EAAE;AAClC,QAAA,CAAA,oBAAA,0CACE,+DAA+D;YAC/D,uEAAuE;YACvE,0DAA0D;AAC5D,QAAA,CAAA,mBAAA,yCACE,oEAAoE;YACpE,sEAAsE;YACtE,cAAc;AAChB,QAAA,CAAA,sBAAA,4CACE,oEAAoE;YACpE,wEAAwE;YACxE,yBAAyB;AAC3B,QAAA,CAAA,cAAA,oCACE,wEAAwE;YACxE,QAAQ;AACV,QAAA,CAAA,mBAAA,yCAAmC,iCAAiC;AACpE,QAAA,CAAA,kBAAA,wCAAkC,gCAAgC;AAClE,QAAA,CAAA,2BAAA,iDACE,sEAAsE;AACxE,QAAA,CAAA,uBAAA,2CACE,uDAAuD;AACzD,QAAA,CAAA,uBAAA,sDACE,yEAAyE;YACzE,qCAAqC;AACvC,QAAA,CAAA,uCAAA,sDACE,gFAAgF;YAChF,2EAA2E;YAC3E,kCAAkC;AACpC,QAAA,CAAA,4BAAA,kDACE,mFAAmF;YACnF,aAAa;AACf,QAAA,CAAA,iCAAA,uDACE,uDAAuD;AACzD,QAAA,CAAA,sBAAA,oCACE,yDAAyD;AAC3D,QAAA,CAAA,wBAAA,8CACE,uEAAuE;YACvE,2DAA2D;YAC3D,iCAAiC;AACnC,QAAA,CAAA,qBAAA,wCAAkC,8BAA8B;AAChE,QAAA,CAAA,yBAAA,6CACE,kFAAkF;AACpF,QAAA,CAAA,gBAAA,sCAAgC,qCAAqC;AACrE,QAAA,CAAA,wBAAA,8CACE,0EAA0E;YAC1E,6DAA6D;AAC/D,QAAA,CAAA,gBAAA,sCACE,sEAAsE;AACxE,QAAA,CAAA,oBAAA,oCACE,uEAAuE;YACvE,uEAAuE;YACvE,2CAA2C;AAC7C,QAAA,CAAA,oBAAA,0CAAoC,qCAAqC;AACzE,QAAA,CAAA,2BAAA,oCACE,wEAAwE;YACxE,0EAA0E;YAC1E,yCAAyC;AAC3C,QAAA,CAAA,sBAAA,4CACE,sDAAsD;AACxD,QAAA,CAAA,+BAAA,qDACE,2EAA2E;YAC3E,4DAA4D;YAC5D,6DAA6D;YAC7D,iCAAiC;AACnC,QAAA,CAAA,sBAAA,4CACE,uEAAuE;AACzE,QAAA,CAAA,6BAAA,mDACE,2FAA2F;AAC7F,QAAA,CAAA,eAAA,qCAA+B,uCAAuC;AACtE,QAAA,CAAA,yBAAA,+CACE,oEAAoE;AACtE,QAAA,CAAA,iBAAA,uCACE,qEAAqE;AACvE,QAAA,CAAA,mBAAA,yCACE,iDAAiD;AACnD,QAAA,CAAA,oBAAA,0CACE,sEAAsE;AACxE,QAAA,CAAA,yBAAA,+CACE,8FAA8F;YAC9F,kFAAkF;AACpF,QAAA,CAAA,8BAAA,2CACE,gFAAgF;AAClF,QAAA,CAAA,wBAAA,8CACE,wEAAwE;YACxE,gCAAgC;AAClC,QAAA,CAAA,yBAAA,+CACE,uEAAuE;YACvE,oBAAoB;AACtB,QAAA,CAAA,qBAAA,sCACE,uEAAuE;YACvE,yEAAyE;AAC3E,QAAA,CAAA,qBAAA,wCACE,wEAAwE;YACxE,oCAAoC;AACtC,QAAA,CAAA,gBAAA,wCACE,+DAA+D;AACjE,QAAA,CAAA,0BAAA,2CACE,mFAAmF;AACrF,QAAA,CAAA,sBAAA,4CACE,yEAAyE;YACzE,uEAAuE;YACvE,uEAAuE;YACvE,8BAA8B;AAChC,QAAA,CAAA,qBAAA,2CACE,uCAAuC;AACzC,QAAA,CAAA,yBAAA,+CACE,wEAAwE;YACxE,qCAAqC;AACvC,QAAA,CAAA,gBAAA,sCACE,4FAA4F;YAC5F,kFAAkF;AACpF,QAAA,CAAA,yBAAA,4CACE,0EAA0E;AAC5E,QAAA,CAAA,mBAAA,yCACE,2CAA2C;AAC7C,QAAA,CAAA,eAAA,qCACE,2DAA2D;AAC7D,QAAA,CAAA,0BAAA,oDACE,0FAA0F;AAC5F,QAAA,CAAA,6BAAA,2CACE,uEAAuE;YACvE,wDAAwD;AAC1D,QAAA,CAAA,wBAAA,8CACE,oEAAoE;YACpE,6DAA6D;AAC/D,QAAA,CAAA,2BAAA,oCACE,4EAA4E;AAC9E,QAAA,CAAA,sBAAA,4CACE,iDAAiD;AACnD,QAAA,CAAA,sBAAA,4CAAsC,qCAAqC;AAC3E,QAAA,CAAA,uBAAA,6CACE,mEAAmE;AACrE,QAAA,CAAA,0BAAA,gDACE,oEAAoE;YACpE,yEAAyE;YACzE,0BAA0B;AAC5B,QAAA,CAAA,kBAAA,wCAAkC,uCAAuC;AACzE,QAAA,CAAA,2BAAA,wCACE,0CAA0C;AAC5C,QAAA,CAAA,8BAAA,2CACE,kEAAkE;AACpE,QAAA,CAAA,sBAAA,4CACE,uEAAuE;AACzE,QAAA,CAAA,yBAAA,4CACE,sEAAsE;AACxE,QAAA,CAAA,aAAA,wCACE,gDAAgD;AAClD,QAAA,CAAA,6BAAA,0CACE,0EAA0E;AAC5E,QAAA,CAAA,4BAAA,oCACE,wEAAwE;AAC1E,QAAA,CAAA,0CAAA,yCACE,sEAAsE;YACtE,qEAAqE;YACrE,gBAAgB;AAClB,QAAA,CAAA,wBAAA,8CACE,iGAAiG;AACnG,QAAA,CAAA,eAAA,qCAA+B,qCAAqC;AACpE,QAAA,CAAA,kBAAA,wCACE,4DAA4D;AAC9D,QAAA,CAAA,WAAA,iCACE,yEAAyE;YACzE,kCAAkC;AACpC,QAAA,CAAA,uBAAA,6CACE,oEAAoE;YACpE,yEAAyE;YACzE,eAAe;AACjB,QAAA,CAAA,6CAAA,+CACE,yEAAyE;YACzE,yEAAyE;YACzE,mCAAmC;AACrC,QAAA,CAAA,eAAA,qCACE,2FAA2F;AAC7F,QAAA,CAAA,sBAAA,4CACE,wEAAwE;AAC1E,QAAA,CAAA,yBAAA,+CACE,iEAAiE;AACnE,QAAA,CAAA,gBAAA,sCACE,2DAA2D;AAC7D,QAAA,CAAA,4BAAA,kDACE,0EAA0E;AAC5E,QAAA,CAAA,4BAAA,kDACE,kDAAkD;AACpD,QAAA,CAAA,qBAAA,2CACE,4DAA4D;AAC9D,QAAA,CAAA,8BAAA,sDACE,wDAAwD;AAC1D,QAAA,CAAA,sCAAA,oDACE,2EAA2E;AAC7E,QAAA,CAAA,oBAAA,0CACE,qEAAqE;AACvE,QAAA,CAAA,SAAA,+BAAyB,8BAA8B;AACvD,QAAA,CAAA,oBAAA,qCACE,wEAAwE;AAC1E,QAAA,CAAA,mBAAA,mDACE,yEAAyE;YACzE,kBAAkB;AACpB,QAAA,CAAA,2BAAA,2CACE,uEAAuE;YACvE,qCAAqC;AACvC,QAAA,CAAA,0BAAA,gDACE,qHAAqH;AACvH,QAAA,CAAA,8BAAA,+CACE,0EAA0E;AAC5E,QAAA,CAAA,8BAAA,oDACE,4DAA4D;AAC9D,QAAA,CAAA,kBAAA,wCACE,0CAA0C;AAC5C,QAAA,CAAA,gBAAA,sCACE,uEAAuE;AACzE,QAAA,CAAA,gBAAA,oCACE,yEAAyE;YACzE,oBAAoB;AACtB,QAAA,CAAA,eAAA,qCACE,yDAAyD;AAC3D,QAAA,CAAA,eAAA,qCACE,8EAA8E;AAChF,QAAA,CAAA,iBAAA,uCAAiC,EAAE;AACnC,QAAA,CAAA,eAAA,qCACE,iDAAiD;AACnD,QAAA,CAAA,yBAAA,+CACE,8EAA8E;AAChF,QAAA,CAAA,qBAAA,2CACE,gDAAgD;YAChD,yEAAyE;YACzE,gFAAgF;YAChF,gCAAgC;AAClC,QAAA,CAAA,yBAAA,+CACE,qEAAqE;AACvE,QAAA,CAAA,yBAAA,+CACE,qEAAqE;AACvE,QAAA,CAAA,0BAAA,gDACE,sEAAsE;AACxE,QAAA,CAAA,uBAAA,6CACE,mEAAmE;AACrE,QAAA,CAAA,qBAAA,2CACE,2EAA2E;AAC7E,QAAA,CAAA,2BAAA,iDACE,uEAAuE;AACzE,QAAA,CAAA,kBAAA,wCAAkC,6BAA6B;AAC/D,QAAA,CAAA,2BAAA,iDACE,uEAAuE;AACzE,QAAA,CAAA,4CAAA,kEACE,gIAAgI;AAClI,QAAA,CAAA,qCAAA,2DACE,8CAA8C;AAChD,QAAA,CAAA,6BAAA,mDACE,4FAA4F;YAC5F,gGAAgG;KACnG,CAAC;AACJ,CAAC;AAMD,SAAS,aAAa,GAAA;;;;IAIpB,OAAO;AACL,QAAA,CAAA,uCAAA,sDACE,gFAAgF;YAChF,2EAA2E;YAC3E,kCAAkC;KACV,CAAC;AAC/B,CAAC;AAED;;;;;;AAMG;AACI,MAAM,aAAa,GAAiB,eAAe;AAE1D;;;;;;AAMG;AACI,MAAM,YAAY,GAAiB,cAAc;AAuDjD,MAAM,2BAA2B,GAAG,IAAIA,iBAAY,CAGzD,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,CAAC,CAAC;AAEvC;;;;;;;;;;AAUG;AACU,MAAA,0CAA0C,GAAG;AACxD,IAAA,oBAAoB,EAAE,iCAAiC;AACvD,IAAA,cAAc,EAAE,qBAAqB;AACrC,IAAA,kBAAkB,EAAE,yBAAyB;AAC7C,IAAA,iBAAiB,EAAE,wBAAwB;AAC3C,IAAA,oBAAoB,EAAE,2BAA2B;AACjD,IAAA,YAAY,EAAE,mBAAmB;AACjC,IAAA,iBAAiB,EAAE,wBAAwB;AAC3C,IAAA,gBAAgB,EAAE,uBAAuB;AACzC,IAAA,yBAAyB,EAAE,gCAAgC;AAC3D,IAAA,mBAAmB,EAAE,4BAA4B;AACjD,IAAA,8BAA8B,EAAE,4BAA4B;AAC5D,IAAA,8BAA8B,EAAE,4CAA4C;AAC5E,IAAA,0BAA0B,EAAE,iCAAiC;AAC7D,IAAA,+BAA+B,EAAE,sCAAsC;AACvE,IAAA,YAAY,EAAE,2BAA2B;AACzC,IAAA,sBAAsB,EAAE,6BAA6B;AACrD,IAAA,gBAAgB,EAAE,0BAA0B;AAC5C,IAAA,qBAAqB,EAAE,8BAA8B;AACrD,IAAA,cAAc,EAAE,qBAAqB;AACrC,IAAA,eAAe,EAAE,sBAAsB;AACvC,IAAA,sBAAsB,EAAE,6BAA6B;AACrD,IAAA,cAAc,EAAE,qBAAqB;AACrC,IAAA,YAAY,EAAE,yBAAyB;AACvC,IAAA,kBAAkB,EAAE,yBAAyB;AAC7C,IAAA,iBAAiB,EAAE,wBAAwB;AAC3C,IAAA,YAAY,EAAE,gCAAgC;AAC9C,IAAA,oBAAoB,EAAE,2BAA2B;AACjD,IAAA,6BAA6B,EAAE,oCAAoC;AACnE,IAAA,oBAAoB,EAAE,2BAA2B;AACjD,IAAA,2BAA2B,EAAE,kCAAkC;AAC/D,IAAA,aAAa,EAAE,oBAAoB;AACnC,IAAA,uBAAuB,EAAE,8BAA8B;AACvD,IAAA,oBAAoB,EAAE,yBAAyB;AAC/C,IAAA,yBAAyB,EAAE,yBAAyB;AACpD,IAAA,uBAAuB,EAAE,8BAA8B;AACvD,IAAA,mBAAmB,EAAE,mCAAmC;AACxD,IAAA,uBAAuB,EAAE,8BAA8B;AACvD,IAAA,sBAAsB,EAAE,6BAA6B;AACrD,IAAA,gBAAgB,EAAE,0BAA0B;AAC5C,IAAA,cAAc,EAAE,0BAA0B;AAC1C,IAAA,gBAAgB,EAAE,qBAAqB;AACvC,IAAA,mBAAmB,EAAE,+BAA+B;AACpD,IAAA,oBAAoB,EAAE,2BAA2B;AACjD,IAAA,mBAAmB,EAAE,0BAA0B;AAC/C,IAAA,uBAAuB,EAAE,8BAA8B;AACvD,IAAA,cAAc,EAAE,qBAAqB;AACrC,IAAA,oBAAoB,EAAE,8BAA8B;AACpD,IAAA,iBAAiB,EAAE,wBAAwB;AAC3C,IAAA,kBAAkB,EAAE,kCAAkC;AACtD,IAAA,YAAY,EAAE,iCAAiC;AAC/C,IAAA,4BAA4B,EAAE,+BAA+B;AAC7D,IAAA,sBAAsB,EAAE,6BAA6B;AACrD,IAAA,mBAAmB,EAAE,kCAAkC;AACvD,IAAA,YAAY,EAAE,gCAAgC;AAC9C,IAAA,oBAAoB,EAAE,2BAA2B;AACjD,IAAA,oBAAoB,EAAE,2BAA2B;AACjD,IAAA,qBAAqB,EAAE,4BAA4B;AACnD,IAAA,wBAAwB,EAAE,+BAA+B;AACzD,IAAA,gBAAgB,EAAE,gCAAgC;AAClD,IAAA,mBAAmB,EAAE,mCAAmC;AACxD,IAAA,oBAAoB,EAAE,2BAA2B;AACjD,IAAA,gBAAgB,EAAE,uBAAuB;AACzC,IAAA,oBAAoB,EAAE,8BAA8B;AACpD,IAAA,gBAAgB,EAAE,kBAAkB;AACpC,IAAA,iBAAiB,EAAE,+CAA+C;AAClE,IAAA,sBAAsB,EAAE,6BAA6B;AACrD,IAAA,SAAS,EAAE,gBAAgB;AAC3B,IAAA,aAAa,EAAE,oBAAoB;AACnC,IAAA,gBAAgB,EAAE,uBAAuB;AACzC,IAAA,qBAAqB,EAAE,4BAA4B;AACnD,IAAA,uBAAuB,EAAE,kDAAkD;AAC3E,IAAA,aAAa,EAAE,oBAAoB;AACnC,IAAA,oBAAoB,EAAE,2BAA2B;AACjD,IAAA,uBAAuB,EAAE,8BAA8B;AACvD,IAAA,cAAc,EAAE,qBAAqB;AACrC,IAAA,0BAA0B,EAAE,iCAAiC;AAC7D,IAAA,0BAA0B,EAAE,iCAAiC;AAC7D,IAAA,mBAAmB,EAAE,0BAA0B;AAC/C,IAAA,8BAA8B,EAAE,mCAAmC;AACnE,IAAA,4BAA4B,EAAE,2CAA2C;AACzE,IAAA,kBAAkB,EAAE,yBAAyB;AAC7C,IAAA,OAAO,EAAE,cAAc;AACvB,IAAA,aAAa,EAAE,yBAAyB;AACxC,IAAA,2BAA2B,EAAE,wBAAwB;AACrD,IAAA,mBAAmB,EAAE,gCAAgC;AACrD,IAAA,wBAAwB,EAAE,+BAA+B;AACzD,IAAA,uBAAuB,EAAE,mCAAmC;AAC5D,IAAA,4BAA4B,EAAE,mCAAmC;AACjE,IAAA,gBAAgB,EAAE,uBAAuB;AACzC,IAAA,cAAc,EAAE,qBAAqB;AACrC,IAAA,YAAY,EAAE,qBAAqB;AACnC,IAAA,aAAa,EAAE,oBAAoB;AACnC,IAAA,aAAa,EAAE,oBAAoB;AACnC,IAAA,eAAe,EAAE,sBAAsB;AACvC,IAAA,aAAa,EAAE,oBAAoB;AACnC,IAAA,uBAAuB,EAAE,8BAA8B;AACvD,IAAA,mBAAmB,EAAE,0BAA0B;AAC/C,IAAA,qBAAqB,EAAE,4BAA4B;AACnD,IAAA,uBAAuB,EAAE,8BAA8B;AACvD,IAAA,uBAAuB,EAAE,8BAA8B;AACvD,IAAA,wBAAwB,EAAE,+BAA+B;AACzD,IAAA,mBAAmB,EAAE,0BAA0B;AAC/C,IAAA,yBAAyB,EAAE,gCAAgC;AAC3D,IAAA,yBAAyB,EAAE,gCAAgC;AAC3D,IAAA,gBAAgB,EAAE,uBAAuB;AACzC,IAAA,2BAA2B,EAAE,kCAAkC;;;AC9lBjE;;;;;;;;;;;;;;;AAeG;AAOH,MAAM,SAAS,GAAG,IAAIC,aAAM,CAAC,gBAAgB,CAAC,CAAC;SAiB/B,QAAQ,CAAC,GAAW,EAAE,GAAG,IAAc,EAAA;IACrD,IAAI,SAAS,CAAC,QAAQ,IAAIC,eAAQ,CAAC,IAAI,EAAE;AACvC,QAAA,SAAS,CAAC,IAAI,CAAC,CAAA,MAAA,EAASC,eAAW,CAAA,GAAA,EAAM,GAAG,CAAA,CAAE,EAAE,GAAG,IAAI,CAAC,CAAC;KAC1D;AACH,CAAC;SAEe,SAAS,CAAC,GAAW,EAAE,GAAG,IAAc,EAAA;IACtD,IAAI,SAAS,CAAC,QAAQ,IAAID,eAAQ,CAAC,KAAK,EAAE;AACxC,QAAA,SAAS,CAAC,KAAK,CAAC,CAAA,MAAA,EAASC,eAAW,CAAA,GAAA,EAAM,GAAG,CAAA,CAAE,EAAE,GAAG,IAAI,CAAC,CAAC;KAC3D;AACH;;ACjDA;;;;;;;;;;;;;;;AAeG;SA6Ca,KAAK,CACnB,UAAoB,EACpB,GAAG,IAAe,EAAA;AAElB,IAAA,MAAM,mBAAmB,CAAC,UAAU,EAAE,GAAG,IAAI,CAAC,CAAC;AACjD,CAAC;SAae,YAAY,CAC1B,UAAoB,EACpB,GAAG,IAAe,EAAA;AAElB,IAAA,OAAO,mBAAmB,CAAC,UAAU,EAAE,GAAG,IAAI,CAAC,CAAC;AAClD,CAAC;SAEe,uBAAuB,CACrC,IAAU,EACV,IAAmB,EACnB,OAAe,EAAA;AAEf,IAAA,MAAM,QAAQ,GAAG;AACf,QAAA,GAAI,YAAkC,EAAE;QACxC,CAAC,IAAI,GAAG,OAAO;KAChB,CAAC;IACF,MAAM,OAAO,GAAG,IAAIH,iBAAY,CAC9B,MAAM,EACN,UAAU,EACV,QAAQ,CACT,CAAC;AACF,IAAA,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE;QAC1B,OAAO,EAAE,IAAI,CAAC,IAAI;AACnB,KAAA,CAAC,CAAC;AACL,CAAC;AAEK,SAAU,+CAA+C,CAC7D,IAAU,EAAA;AAEV,IAAA,OAAO,uBAAuB,CAC5B,IAAI,EAEJ,6CAAA,8CAAA,gGAAgG,CACjG,CAAC;AACJ,CAAC;AAsBD,SAAS,mBAAmB,CAC1B,UAAoB,EACpB,GAAG,IAAe,EAAA;AAElB,IAAA,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE;AAClC,QAAA,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,CAAM,CAAC;QAC1B,MAAM,UAAU,GAAG,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAA2B,CAAC;AAChE,QAAA,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE;YACjB,UAAU,CAAC,CAAC,CAAC,CAAC,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC;SACzC;QAED,OAAQ,UAA2B,CAAC,aAAa,CAAC,MAAM,CACtD,IAAI,EACJ,GAAG,UAAU,CACd,CAAC;KACH;IAED,OAAO,2BAA2B,CAAC,MAAM,CACvC,UAAU,EACV,GAAI,IAA+B,CACpC,CAAC;AACJ,CAAC;AAeK,SAAU,OAAO,CACrB,SAAkB,EAClB,UAAoB,EACpB,GAAG,IAAe,EAAA;IAElB,IAAI,CAAC,SAAS,EAAE;AACd,QAAA,MAAM,mBAAmB,CAAC,UAAU,EAAE,GAAG,IAAI,CAAC,CAAC;KAChD;AACH,CAAC;AAsFD;;;;;AAKG;AACG,SAAU,SAAS,CAAC,OAAe,EAAA;;;AAGvC,IAAA,MAAM,OAAO,GAAG,CAA6B,2BAAA,CAAA,GAAG,OAAO,CAAC;IACxD,SAAS,CAAC,OAAO,CAAC,CAAC;;;;AAKnB,IAAA,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC;AAC3B,CAAC;AAED;;;;;;AAMG;AACa,SAAA,WAAW,CACzB,SAAkB,EAClB,OAAe,EAAA;IAEf,IAAI,CAAC,SAAS,EAAE;QACd,SAAS,CAAC,OAAO,CAAC,CAAC;KACpB;AACH;;ACxSA;;;;;;;;;;;;;;;AAeG;SAEa,cAAc,GAAA;AAC5B,IAAA,OAAO,CAAC,OAAO,IAAI,KAAK,WAAW,IAAI,IAAI,CAAC,QAAQ,EAAE,IAAI,KAAK,EAAE,CAAC;AACpE,CAAC;SAEe,cAAc,GAAA;IAC5B,OAAO,iBAAiB,EAAE,KAAK,OAAO,IAAI,iBAAiB,EAAE,KAAK,QAAQ,CAAC;AAC7E,CAAC;SAEe,iBAAiB,GAAA;AAC/B,IAAA,OAAO,CAAC,OAAO,IAAI,KAAK,WAAW,IAAI,IAAI,CAAC,QAAQ,EAAE,QAAQ,KAAK,IAAI,CAAC;AAC1E;;AC3BA;;;;;;;;;;;;;;;AAeG;AAKH;;AAEG;SACa,SAAS,GAAA;IACvB,IACE,OAAO,SAAS,KAAK,WAAW;QAChC,SAAS;AACT,QAAA,QAAQ,IAAI,SAAS;AACrB,QAAA,OAAO,SAAS,CAAC,MAAM,KAAK,SAAS;;;;;;SAMpC,cAAc,EAAE,IAAII,uBAAkB,EAAE,IAAI,YAAY,IAAI,SAAS,CAAC,EACvE;QACA,OAAO,SAAS,CAAC,MAAM,CAAC;KACzB;;AAED,IAAA,OAAO,IAAI,CAAC;AACd,CAAC;SAEe,gBAAgB,GAAA;AAC9B,IAAA,IAAI,OAAO,SAAS,KAAK,WAAW,EAAE;AACpC,QAAA,OAAO,IAAI,CAAC;KACb;IACD,MAAM,iBAAiB,GAAsB,SAAS,CAAC;IACvD;;IAEE,CAAC,iBAAiB,CAAC,SAAS,IAAI,iBAAiB,CAAC,SAAS,CAAC,CAAC,CAAC;;;AAG9D,QAAA,iBAAiB,CAAC,QAAQ;;AAE1B,QAAA,IAAI,EACJ;AACJ;;ACxDA;;;;;;;;;;;;;;;AAeG;AAUH;;;;AAIG;MACU,KAAK,CAAA;IAIhB,WACmB,CAAA,UAAkB,EAClB,SAAiB,EAAA;QADjB,IAAU,CAAA,UAAA,GAAV,UAAU,CAAQ;QAClB,IAAS,CAAA,SAAA,GAAT,SAAS,CAAQ;;AAGlC,QAAA,WAAW,CACT,SAAS,GAAG,UAAU,EACtB,6CAA6C,CAC9C,CAAC;QACF,IAAI,CAAC,QAAQ,GAAGC,oBAAe,EAAE,IAAIC,kBAAa,EAAE,CAAC;KACtD;IAED,GAAG,GAAA;AACD,QAAA,IAAI,CAAC,SAAS,EAAE,EAAE;;YAEhB,OAAO,IAAI,CAAC,GAAG,CAAA,IAAA,yBAAmB,IAAI,CAAC,UAAU,CAAC,CAAC;SACpD;;;;;AAKD,QAAA,OAAO,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC;KACzD;AACF;;ACzDD;;;;;;;;;;;;;;;AAeG;AAKa,SAAA,YAAY,CAAC,MAAsB,EAAE,IAAa,EAAA;AAChE,IAAA,WAAW,CAAC,MAAM,CAAC,QAAQ,EAAE,oCAAoC,CAAC,CAAC;AACnE,IAAA,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC;IAEhC,IAAI,CAAC,IAAI,EAAE;AACT,QAAA,OAAO,GAAG,CAAC;KACZ;IAED,OAAO,CAAA,EAAG,GAAG,CAAG,EAAA,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAA,CAAE,CAAC;AAChE;;AC7BA;;;;;;;;;;;;;;;AAeG;MAIU,aAAa,CAAA;AAKxB,IAAA,OAAO,UAAU,CACf,SAAuB,EACvB,WAA4B,EAC5B,YAA8B,EAAA;AAE9B,QAAA,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,WAAW,EAAE;AACf,YAAA,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;SAChC;QACD,IAAI,YAAY,EAAE;AAChB,YAAA,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;SAClC;KACF;AAED,IAAA,OAAO,KAAK,GAAA;AACV,QAAA,IAAI,IAAI,CAAC,SAAS,EAAE;YAClB,OAAO,IAAI,CAAC,SAAS,CAAC;SACvB;QACD,IAAI,OAAO,IAAI,KAAK,WAAW,IAAI,OAAO,IAAI,IAAI,EAAE;YAClD,OAAO,IAAI,CAAC,KAAK,CAAC;SACnB;QACD,IAAI,OAAO,UAAU,KAAK,WAAW,IAAI,UAAU,CAAC,KAAK,EAAE;YACzD,OAAO,UAAU,CAAC,KAAK,CAAC;SACzB;AACD,QAAA,IAAI,OAAO,KAAK,KAAK,WAAW,EAAE;AAChC,YAAA,OAAO,KAAK,CAAC;SACd;QACD,SAAS,CACP,iHAAiH,CAClH,CAAC;KACH;AAED,IAAA,OAAO,OAAO,GAAA;AACZ,QAAA,IAAI,IAAI,CAAC,WAAW,EAAE;YACpB,OAAO,IAAI,CAAC,WAAW,CAAC;SACzB;QACD,IAAI,OAAO,IAAI,KAAK,WAAW,IAAI,SAAS,IAAI,IAAI,EAAE;YACpD,OAAO,IAAI,CAAC,OAAO,CAAC;SACrB;QACD,IAAI,OAAO,UAAU,KAAK,WAAW,IAAI,UAAU,CAAC,OAAO,EAAE;YAC3D,OAAO,UAAU,CAAC,OAAO,CAAC;SAC3B;AACD,QAAA,IAAI,OAAO,OAAO,KAAK,WAAW,EAAE;AAClC,YAAA,OAAO,OAAO,CAAC;SAChB;QACD,SAAS,CACP,mHAAmH,CACpH,CAAC;KACH;AAED,IAAA,OAAO,QAAQ,GAAA;AACb,QAAA,IAAI,IAAI,CAAC,YAAY,EAAE;YACrB,OAAO,IAAI,CAAC,YAAY,CAAC;SAC1B;QACD,IAAI,OAAO,IAAI,KAAK,WAAW,IAAI,UAAU,IAAI,IAAI,EAAE;YACrD,OAAO,IAAI,CAAC,QAAQ,CAAC;SACtB;QACD,IAAI,OAAO,UAAU,KAAK,WAAW,IAAI,UAAU,CAAC,QAAQ,EAAE;YAC5D,OAAO,UAAU,CAAC,QAAQ,CAAC;SAC5B;AACD,QAAA,IAAI,OAAO,QAAQ,KAAK,WAAW,EAAE;AACnC,YAAA,OAAO,QAAQ,CAAC;SACjB;QACD,SAAS,CACP,oHAAoH,CACrH,CAAC;KACH;AACF;;AC3FD;;;;;;;;;;;;;;;AAeG;AAmHH;;AAEG;AACI,MAAM,gBAAgB,GAAyC;;AAEpE,IAAA,CAAA,qBAAA,yCAAoE,uBAAA;;AAEpE,IAAA,CAAA,sBAAA,0CAAgE,gBAAA;;AAGhE,IAAA,CAAA,oBAAA,wCAA6D,eAAA;;AAE7D,IAAA,CAAA,sBAAA,0CAAgE,gBAAA;;AAGhE,IAAA,CAAA,kBAAA,sCAA8D,gBAAA;;AAE9D,IAAA,CAAA,kBAAA,sCAA8D,kBAAA;;;AAG9D,IAAA,CAAA,2BAAA,+CAAyE,oBAAA;;AAGzE,IAAA,CAAA,cAAA,kCAAsD,sBAAA;AACtD,IAAA,CAAA,yBAAA,6CAA0E,uBAAA;;AAG1E,IAAA,CAAA,sBAAA,0CAAoE,oBAAA;AACpE,IAAA,CAAA,uBAAA,2CAAqE,oBAAA;AACrE,IAAA,CAAA,kCAAA,sDACyC,2BAAA;;AAGzC,IAAA,CAAA,kBAAA,sCAA4D,gBAAA;;AAG5D,IAAA,CAAA,iBAAA,qCAAyD,gBAAA;AACzD,IAAA,CAAA,6BAAA,iDAC2C,mBAAA;AAE3C,IAAA,CAAA,kBAAA,sCAA8D,qBAAA;AAC9D,IAAA,CAAA,kBAAA,sCAA8D,qBAAA;;AAE9D,IAAA,CAAA,kBAAA,sCAA4D,gBAAA;;AAG5D,IAAA,CAAA,gCAAA,oDAC8C,uBAAA;AAC9C,IAAA,CAAA,kBAAA,sCAA0D,oBAAA;AAC1D,IAAA,CAAA,eAAA,mCAAwD,oBAAA;AACxD,IAAA,CAAA,gBAAA,oCAAyD,oBAAA;;AAGzD,IAAA,CAAA,6BAAA,iDAC2C,mBAAA;AAC3C,IAAA,CAAA,qCAAA,yDACmD,qCAAA;;AAGnD,IAAA,CAAA,cAAA,kCAAsD,2BAAA;AACtD,IAAA,CAAA,sBAAA,0CAAsE,yBAAA;AACtE,IAAA,CAAA,yBAAA,6CAAuE,oBAAA;AACvE,IAAA,CAAA,sBAAA,0CAAsE,yBAAA;AACtE,IAAA,CAAA,iBAAA,qCAAyD,cAAA;;;;AAKzD,IAAA,CAAA,8BAAA,kDAC4C,0BAAA;AAC5C,IAAA,CAAA,qBAAA,yCAAoE,2BAAA;;AAGpE,IAAA,CAAA,yBAAA,6CAA4E,yBAAA;;AAG5E,IAAA,CAAA,sBAAA,0CAAsE,4BAAA;;AAGtE,IAAA,CAAA,gCAAA,oDACmC,8BAAA;AACnC,IAAA,CAAA,0BAAA,8CAAwE,6BAAA;AACxE,IAAA,CAAA,2BAAA,+CAAuE,2BAAA;AACvE,IAAA,CAAA,gCAAA,oDACmC,8BAAA;AACnC,IAAA,CAAA,sBAAA,0CAC8C,8BAAA;AAC9C,IAAA,CAAA,8BAAA,kDAC4C,sCAAA;;AAG5C,IAAA,CAAA,kCAAA,sDAA4E,gBAAA;;AAG5E,IAAA,CAAA,uBAAA,2CAAwE,uBAAA;AACxE,IAAA,CAAA,yBAAA,6CAA4E,yBAAA;AAC5E,IAAA,CAAA,yBAAA,6CAA4E,yBAAA;AAC5E,IAAA,CAAA,0BAAA,8CACwC,0BAAA;AACxC,IAAA,CAAA,qBAAA,yCAAoE,qBAAA;AACpE,IAAA,CAAA,2BAAA,+CACyC,2BAAA;AACzC,IAAA,CAAA,2BAAA,+CACyC,2BAAA;AACzC,IAAA,CAAA,kBAAA,sCAA8D,kBAAA;CAC/D;;AC3OD;;;;;;;;;;;;;;;AAeG;AAmEH,MAAM,0BAA0B,GAAa;;;;;;;CAO5C,CAAC;AAkCK,MAAM,sBAAsB,GAAG,IAAI,KAAK,CAAC,KAAM,EAAE,KAAM,CAAC,CAAC;AAEhD,SAAA,kBAAkB,CAChC,IAAU,EACV,OAAU,EAAA;IAEV,IAAI,IAAI,CAAC,QAAQ,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE;QACtC,OAAO;AACL,YAAA,GAAG,OAAO;YACV,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB,CAAC;KACH;AACD,IAAA,OAAO,OAAO,CAAC;AACjB,CAAC;AAEM,eAAe,kBAAkB,CACtC,IAAU,EACV,MAAkB,EAClB,IAAc,EACd,OAAW,EACX,iBAAuD,EAAE,EAAA;IAEzD,OAAO,8BAA8B,CAAC,IAAI,EAAE,cAAc,EAAE,YAAW;QACrE,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,IAAI,MAAM,GAAG,EAAE,CAAC;QAChB,IAAI,OAAO,EAAE;YACX,IAAI,MAAM,KAAmB,KAAA,uBAAE;gBAC7B,MAAM,GAAG,OAAO,CAAC;aAClB;iBAAM;AACL,gBAAA,IAAI,GAAG;AACL,oBAAA,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;iBAC9B,CAAC;aACH;SACF;QAED,MAAM,KAAK,GAAGC,gBAAW,CAAC;AACxB,YAAA,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;AACvB,YAAA,GAAG,MAAM;AACV,SAAA,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AAEZ,QAAA,MAAM,OAAO,GAAG,MAAO,IAAqB,CAAC,qBAAqB,EAAE,CAAC;QACrE,OAAO,CAAA,cAAA,+BAAyB,GAAG,kBAAkB,CAAC;AAEtD,QAAA,IAAI,IAAI,CAAC,YAAY,EAAE;AACrB,YAAA,OAAO,CAA8B,mBAAA,oCAAA,GAAG,IAAI,CAAC,YAAY,CAAC;SAC3D;AAED,QAAA,MAAM,SAAS,GAAgB;YAC7B,MAAM;YACN,OAAO;AACP,YAAA,GAAG,IAAI;SACR,CAAC;AAEF;;;AAG4D;AAC5D,QAAA,IAAI,CAACC,uBAAkB,EAAE,EAAE;AACzB,YAAA,SAAS,CAAC,cAAc,GAAG,aAAa,CAAC;SAC1C;AAED,QAAA,IAAI,IAAI,CAAC,cAAc,IAAIC,uBAAkB,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE;AACvE,YAAA,SAAS,CAAC,WAAW,GAAG,SAAS,CAAC;SACnC;QAED,OAAO,aAAa,CAAC,KAAK,EAAE,CAC1B,MAAM,eAAe,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,EAAE,KAAK,CAAC,EAC7D,SAAS,CACV,CAAC;AACJ,KAAC,CAAC,CAAC;AACL,CAAC;AAEM,eAAe,8BAA8B,CAClD,IAAU,EACV,cAAoD,EACpD,OAAgC,EAAA;AAE/B,IAAA,IAAqB,CAAC,gBAAgB,GAAG,KAAK,CAAC;IAChD,MAAM,QAAQ,GAAG,EAAE,GAAG,gBAAgB,EAAE,GAAG,cAAc,EAAE,CAAC;AAC5D,IAAA,IAAI;AACF,QAAA,MAAM,cAAc,GAAG,IAAI,cAAc,CAAW,IAAI,CAAC,CAAC;AAC1D,QAAA,MAAM,QAAQ,GAAa,MAAM,OAAO,CAAC,IAAI,CAAoB;AAC/D,YAAA,OAAO,EAAE;AACT,YAAA,cAAc,CAAC,OAAO;AACvB,SAAA,CAAC,CAAC;;;QAIH,cAAc,CAAC,mBAAmB,EAAE,CAAC;AAErC,QAAA,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;AACnC,QAAA,IAAI,kBAAkB,IAAI,IAAI,EAAE;AAC9B,YAAA,MAAM,gBAAgB,CAAC,IAAI,EAAmC,0CAAA,wCAAA,IAAI,CAAC,CAAC;SACrE;QAED,IAAI,QAAQ,CAAC,EAAE,IAAI,EAAE,cAAc,IAAI,IAAI,CAAC,EAAE;AAC5C,YAAA,OAAO,IAAI,CAAC;SACb;aAAM;AACL,YAAA,MAAM,YAAY,GAAG,QAAQ,CAAC,EAAE,GAAG,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC;AAC1E,YAAA,MAAM,CAAC,eAAe,EAAE,kBAAkB,CAAC,GAAG,YAAY,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YACxE,IAAI,eAAe,KAAiD,kCAAA,qDAAE;AACpE,gBAAA,MAAM,gBAAgB,CACpB,IAAI,EAEJ,2BAAA,gDAAA,IAAI,CACL,CAAC;aACH;iBAAM,IAAI,eAAe,KAA6B,cAAA,iCAAE;AACvD,gBAAA,MAAM,gBAAgB,CAAC,IAAI,EAA8B,sBAAA,mCAAA,IAAI,CAAC,CAAC;aAChE;iBAAM,IAAI,eAAe,KAA8B,eAAA,kCAAE;AACxD,gBAAA,MAAM,gBAAgB,CAAC,IAAI,EAA+B,eAAA,oCAAA,IAAI,CAAC,CAAC;aACjE;AACD,YAAA,MAAM,SAAS,GACb,QAAQ,CAAC,eAA8B,CAAC;gBACvC,eAAe;AACb,qBAAA,WAAW,EAAE;AACb,qBAAA,OAAO,CAAC,SAAS,EAAE,GAAG,CAA8B,CAAC;YAC1D,IAAI,kBAAkB,EAAE;gBACtB,MAAM,uBAAuB,CAAC,IAAI,EAAE,SAAS,EAAE,kBAAkB,CAAC,CAAC;aACpE;iBAAM;AACL,gBAAA,KAAK,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;aACxB;SACF;KACF;IAAC,OAAO,CAAC,EAAE;AACV,QAAA,IAAI,CAAC,YAAYC,kBAAa,EAAE;AAC9B,YAAA,MAAM,CAAC,CAAC;SACT;;;;AAID,QAAA,KAAK,CAAC,IAAI,EAAwC,wBAAA,6CAAA,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;KAC7E;AACH,CAAC;AAEM,eAAe,qBAAqB,CACzC,IAAU,EACV,MAAkB,EAClB,IAAc,EACd,OAAW,EACX,iBAAuD,EAAE,EAAA;AAEzD,IAAA,MAAM,cAAc,GAAG,MAAM,kBAAkB,CAC7C,IAAI,EACJ,MAAM,EACN,IAAI,EACJ,OAAO,EACP,cAAc,CACf,CAAC;AACF,IAAA,IAAI,sBAAsB,IAAI,cAAc,EAAE;QAC5C,KAAK,CAAC,IAAI,EAA8B,4BAAA,mCAAA;AACtC,YAAA,eAAe,EAAE,cAAc;AAChC,SAAA,CAAC,CAAC;KACJ;AAED,IAAA,OAAO,cAAmB,CAAC;AAC7B,CAAC;AAEM,eAAe,eAAe,CACnC,IAAU,EACV,IAAY,EACZ,IAAY,EACZ,KAAa,EAAA;IAEb,MAAM,IAAI,GAAG,CAAG,EAAA,IAAI,GAAG,IAAI,CAAA,CAAA,EAAI,KAAK,CAAA,CAAE,CAAC;IAEvC,MAAM,YAAY,GAAG,IAAoB,CAAC;AAC1C,IAAA,MAAM,WAAW,GAAG,YAAY,CAAC,MAAM,CAAC,QAAQ;UAC5C,YAAY,CAAC,IAAI,CAAC,MAAwB,EAAE,IAAI,CAAC;UACjD,CAAG,EAAA,IAAI,CAAC,MAAM,CAAC,SAAS,CAAA,GAAA,EAAM,IAAI,CAAA,CAAE,CAAC;;;;AAKzC,IAAA,IAAI,0BAA0B,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE;;;QAG7C,MAAM,YAAY,CAAC,4BAA4B,CAAC;AAChD,QAAA,IAAI,YAAY,CAAC,mBAAmB,EAAE,KAAA,QAAA,+BAA6B;AACjE,YAAA,MAAM,iBAAiB,GACrB,YAAY,CAAC,eAAe,EAAuB,CAAC;YACtD,OAAO,iBAAiB,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC,QAAQ,EAAE,CAAC;SAClE;KACF;AAED,IAAA,OAAO,WAAW,CAAC;AACrB,CAAC;AAEK,SAAU,sBAAsB,CACpC,mBAA2B,EAAA;IAE3B,QAAQ,mBAAmB;AACzB,QAAA,KAAK,SAAS;YACZ,OAAgC,SAAA,gCAAA;AAClC,QAAA,KAAK,OAAO;YACV,OAA8B,OAAA,8BAAA;AAChC,QAAA,KAAK,KAAK;YACR,OAA4B,KAAA,4BAAA;AAC9B,QAAA;YACE,OAAsD,+BAAA,sDAAA;KACzD;AACH,CAAC;AAED,MAAM,cAAc,CAAA;IAalB,mBAAmB,GAAA;AACjB,QAAA,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;KAC1B;AAED,IAAA,WAAA,CAA6B,IAAU,EAAA;QAAV,IAAI,CAAA,IAAA,GAAJ,IAAI,CAAM;;;;QAb/B,IAAK,CAAA,KAAA,GAAe,IAAI,CAAC;QACxB,IAAO,CAAA,OAAA,GAAG,IAAI,OAAO,CAAI,CAAC,CAAC,EAAE,MAAM,KAAI;AAC9C,YAAA,IAAI,CAAC,KAAK,GAAG,UAAU,CAAC,MAAK;gBAC3B,OAAO,MAAM,CACX,YAAY,CAAC,IAAI,CAAC,IAAI,EAAuC,wBAAA,4CAAA,CAC9D,CAAC;AACJ,aAAC,EAAE,sBAAsB,CAAC,GAAG,EAAE,CAAC,CAAC;AACnC,SAAC,CAAC,CAAC;KAMwC;AAC5C,CAAA;SAOe,gBAAgB,CAC9B,IAAU,EACV,IAAmB,EACnB,QAA2B,EAAA;AAE3B,IAAA,MAAM,WAAW,GAAqB;QACpC,OAAO,EAAE,IAAI,CAAC,IAAI;KACnB,CAAC;AAEF,IAAA,IAAI,QAAQ,CAAC,KAAK,EAAE;AAClB,QAAA,WAAW,CAAC,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC;KACpC;AACD,IAAA,IAAI,QAAQ,CAAC,WAAW,EAAE;AACxB,QAAA,WAAW,CAAC,WAAW,GAAG,QAAQ,CAAC,WAAW,CAAC;KAChD;IAED,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;;AAGnD,IAAA,KAAK,CAAC,UAAuC,CAAC,cAAc,GAAG,QAAQ,CAAC;AACzE,IAAA,OAAO,KAAK,CAAC;AACf;;AClXA;;;;;;;;;;;;;;;AAeG;AAkDG,SAAU,YAAY,CAC1B,UAA8C,EAAA;IAE9C,QACE,UAAU,KAAK,SAAS;AACvB,QAAA,UAAiC,CAAC,UAAU,KAAK,SAAS,EAC3D;AACJ,CAAC;MASY,eAAe,CAAA;AAW1B,IAAA,WAAA,CAAY,QAAoC,EAAA;AAVhD;;AAEG;QACH,IAAO,CAAA,OAAA,GAAW,EAAE,CAAC;AAErB;;AAEG;QACH,IAAyB,CAAA,yBAAA,GAAwC,EAAE,CAAC;AAGlE,QAAA,IAAI,QAAQ,CAAC,YAAY,KAAK,SAAS,EAAE;AACvC,YAAA,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;SAC3C;;AAED,QAAA,IAAI,CAAC,OAAO,GAAG,QAAQ,CAAC,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AACnD,QAAA,IAAI,CAAC,yBAAyB,GAAG,QAAQ,CAAC,yBAAyB,CAAC;KACrE;AAED;;;;;AAKG;AACH,IAAA,2BAA2B,CAAC,WAAmB,EAAA;QAC7C,IACE,CAAC,IAAI,CAAC,yBAAyB;AAC/B,YAAA,IAAI,CAAC,yBAAyB,CAAC,MAAM,KAAK,CAAC,EAC3C;AACA,YAAA,OAAO,IAAI,CAAC;SACb;AAED,QAAA,KAAK,MAAM,yBAAyB,IAAI,IAAI,CAAC,yBAAyB,EAAE;YACtE,IACE,yBAAyB,CAAC,QAAQ;AAClC,gBAAA,yBAAyB,CAAC,QAAQ,KAAK,WAAW,EAClD;AACA,gBAAA,OAAO,sBAAsB,CAC3B,yBAAyB,CAAC,gBAAgB,CAC3C,CAAC;aACH;SACF;AACD,QAAA,OAAO,IAAI,CAAC;KACb;AAED;;;;;AAKG;AACH,IAAA,iBAAiB,CAAC,WAAmB,EAAA;AACnC,QAAA,QACE,IAAI,CAAC,2BAA2B,CAAC,WAAW,CAAC;AACnB,YAAA,SAAA;AAC1B,YAAA,IAAI,CAAC,2BAA2B,CAAC,WAAW,CAAC,KAAA,OAAA,+BAC7C;KACH;AAED;;;;;AAKG;IACH,oBAAoB,GAAA;AAClB,QAAA,QACE,IAAI,CAAC,iBAAiB,CAA+C,yBAAA,qDAAA;AACrE,YAAA,IAAI,CAAC,iBAAiB,CAAsC,gBAAA,4CAAA,EAC5D;KACH;AACF;;AC1JD;;;;;;;;;;;;;;;AAeG;AA6CI,eAAe,kBAAkB,CACtC,IAAU,EACV,OAAkC,EAAA;IAElC,OAAO,kBAAkB,CAIvB,IAAI,EAGJ,KAAA,uBAAA,qBAAA,sCAAA,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACJ;;ACzEA;;;;;;;;;;;;;;;AAeG;AAUI,eAAe,aAAa,CACjC,IAAU,EACV,OAA6B,EAAA;AAE7B,IAAA,OAAO,kBAAkB,CACvB,IAAI,EAGJ,MAAA,wBAAA,qBAAA,gCAAA,OAAO,CACR,CAAC;AACJ,CAAC;AAoBM,eAAe,oBAAoB,CACxC,IAAU,EACV,OAAoC,EAAA;AAEpC,IAAA,OAAO,kBAAkB,CAGvB,IAAI,EAA8C,MAAA,wBAAA,qBAAA,kCAAA,OAAO,CAAC,CAAC;AAC/D,CAAC;AAyBM,eAAe,cAAc,CAClC,IAAU,EACV,OAA8B,EAAA;AAE9B,IAAA,OAAO,kBAAkB,CACvB,IAAI,EAGJ,MAAA,wBAAA,qBAAA,kCAAA,OAAO,CACR,CAAC;AACJ;;AClGA;;;;;;;;;;;;;;;AAeG;AAEG,SAAU,wBAAwB,CACtC,YAA8B,EAAA;IAE9B,IAAI,CAAC,YAAY,EAAE;AACjB,QAAA,OAAO,SAAS,CAAC;KAClB;AACD,IAAA,IAAI;;QAEF,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC;;QAE5C,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,EAAE;;AAE1B,YAAA,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC;SAC3B;KACF;IAAC,OAAO,CAAC,EAAE;;KAEX;AACD,IAAA,OAAO,SAAS,CAAC;AACnB;;ACnCA;;;;;;;;;;;;;;;AAeG;AAWH;;;;;;;;;;;AAWG;SACa,UAAU,CAAC,IAAU,EAAE,YAAY,GAAG,KAAK,EAAA;IACzD,OAAOC,uBAAkB,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;AAC3D,CAAC;AAED;;;;;;;;;;;AAWG;AACI,eAAe,gBAAgB,CACpC,IAAU,EACV,YAAY,GAAG,KAAK,EAAA;AAEpB,IAAA,MAAM,YAAY,GAAGA,uBAAkB,CAAC,IAAI,CAAiB,CAAC;IAC9D,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;AAC1D,IAAA,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;AAElC,IAAA,OAAO,CACL,MAAM,IAAI,MAAM,CAAC,GAAG,IAAI,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,GAAG,EACtD,YAAY,CAAC,IAAI,sDAElB,CAAC;AACF,IAAA,MAAM,QAAQ,GACZ,OAAO,MAAM,CAAC,QAAQ,KAAK,QAAQ,GAAG,MAAM,CAAC,QAAQ,GAAG,SAAS,CAAC;AAEpE,IAAA,MAAM,cAAc,GAAuB,QAAQ,GAAG,kBAAkB,CAAC,CAAC;IAE1E,OAAO;QACL,MAAM;QACN,KAAK;QACL,QAAQ,EAAE,wBAAwB,CAChC,2BAA2B,CAAC,MAAM,CAAC,SAAS,CAAC,CAC7C;QACF,YAAY,EAAE,wBAAwB,CACpC,2BAA2B,CAAC,MAAM,CAAC,GAAG,CAAC,CACvC;QACF,cAAc,EAAE,wBAAwB,CACtC,2BAA2B,CAAC,MAAM,CAAC,GAAG,CAAC,CACvC;QACF,cAAc,EAAE,cAAc,IAAI,IAAI;AACtC,QAAA,kBAAkB,EAAE,QAAQ,GAAG,uBAAuB,CAAC,IAAI,IAAI;KAChE,CAAC;AACJ,CAAC;AAED,SAAS,2BAA2B,CAAC,OAAe,EAAA;AAClD,IAAA,OAAO,MAAM,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC;AAChC,CAAC;AAEK,SAAU,WAAW,CAAC,KAAa,EAAA;AACvC,IAAA,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACzD,IACE,SAAS,KAAK,SAAS;AACvB,QAAA,OAAO,KAAK,SAAS;QACrB,SAAS,KAAK,SAAS,EACvB;QACA,SAAS,CAAC,gDAAgD,CAAC,CAAC;AAC5D,QAAA,OAAO,IAAI,CAAC;KACb;AAED,IAAA,IAAI;AACF,QAAA,MAAM,OAAO,GAAGC,iBAAY,CAAC,OAAO,CAAC,CAAC;QACtC,IAAI,CAAC,OAAO,EAAE;YACZ,SAAS,CAAC,qCAAqC,CAAC,CAAC;AACjD,YAAA,OAAO,IAAI,CAAC;SACb;AACD,QAAA,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;KAC5B;IAAC,OAAO,CAAC,EAAE;QACV,SAAS,CACP,0CAA0C,EACzC,CAAW,EAAE,QAAQ,EAAE,CACzB,CAAC;AACF,QAAA,OAAO,IAAI,CAAC;KACb;AACH,CAAC;AAED;;AAEG;AACG,SAAU,eAAe,CAAC,KAAa,EAAA;AAC3C,IAAA,MAAM,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;IACvC,OAAO,CAAC,WAAW,EAAA,gBAAA,oCAA+B,CAAC;IACnD,OAAO,CAAC,OAAO,WAAW,CAAC,GAAG,KAAK,WAAW,sDAA+B,CAAC;IAC9E,OAAO,CAAC,OAAO,WAAW,CAAC,GAAG,KAAK,WAAW,sDAA+B,CAAC;AAC9E,IAAA,OAAO,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;AAC3D;;ACjIA;;;;;;;;;;;;;;;AAeG;AAOI,eAAe,oBAAoB,CACxC,IAAkB,EAClB,OAAmB,EACnB,eAAe,GAAG,KAAK,EAAA;IAEvB,IAAI,eAAe,EAAE;AACnB,QAAA,OAAO,OAAO,CAAC;KAChB;AACD,IAAA,IAAI;QACF,OAAO,MAAM,OAAO,CAAC;KACtB;IAAC,OAAO,CAAC,EAAE;QACV,IAAI,CAAC,YAAYF,kBAAa,IAAI,iBAAiB,CAAC,CAAC,CAAC,EAAE;YACtD,IAAI,IAAI,CAAC,IAAI,CAAC,WAAW,KAAK,IAAI,EAAE;AAClC,gBAAA,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;aAC3B;SACF;AAED,QAAA,MAAM,CAAC,CAAC;KACT;AACH,CAAC;AAED,SAAS,iBAAiB,CAAC,EAAE,IAAI,EAAiB,EAAA;AAChD,IAAA,QACE,IAAI,KAAK,CAAA,KAAA,EAAQ,kDAA6B,CAAA;AAC9C,QAAA,IAAI,KAAK,CAAA,KAAA,EAAQ,oBAA2B,mCAAA,CAAE,EAC9C;AACJ;;AChDA;;;;;;;;;;;;;;;AAeG;MAaU,gBAAgB,CAAA;AAU3B,IAAA,WAAA,CAA6B,IAAkB,EAAA;QAAlB,IAAI,CAAA,IAAA,GAAJ,IAAI,CAAc;QATvC,IAAS,CAAA,SAAA,GAAG,KAAK,CAAC;;;;;QAMlB,IAAO,CAAA,OAAA,GAAe,IAAI,CAAC;AAC3B,QAAA,IAAA,CAAA,YAAY,GAA8B,KAAA,kCAAA;KAEC;IAEnD,MAAM,GAAA;AACJ,QAAA,IAAI,IAAI,CAAC,SAAS,EAAE;YAClB,OAAO;SACR;AAED,QAAA,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACtB,IAAI,CAAC,QAAQ,EAAE,CAAC;KACjB;IAED,KAAK,GAAA;AACH,QAAA,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE;YACnB,OAAO;SACR;AAED,QAAA,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC;AACvB,QAAA,IAAI,IAAI,CAAC,OAAO,KAAK,IAAI,EAAE;AACzB,YAAA,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;SAC5B;KACF;AAEO,IAAA,WAAW,CAAC,QAAiB,EAAA;QACnC,IAAI,QAAQ,EAAE;AACZ,YAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC;AACnC,YAAA,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,GAAG,CAC1B,IAAI,CAAC,YAAY,GAAG,CAAC,0CAEtB,CAAC;AACF,YAAA,OAAO,QAAQ,CAAC;SACjB;aAAM;;YAEL,IAAI,CAAC,YAAY,GAAA,KAAA,kCAA8B;YAC/C,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,cAAc,IAAI,CAAC,CAAC;YAC9D,MAAM,QAAQ,GAAG,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,GAAA,MAAA,uBAAmB;YAExD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;SAC9B;KACF;IAEO,QAAQ,CAAC,QAAQ,GAAG,KAAK,EAAA;AAC/B,QAAA,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE;;YAEnB,OAAO;SACR;QAED,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;AAC5C,QAAA,IAAI,CAAC,OAAO,GAAG,UAAU,CAAC,YAAW;AACnC,YAAA,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;SACxB,EAAE,QAAQ,CAAC,CAAC;KACd;AAEO,IAAA,MAAM,SAAS,GAAA;AACrB,QAAA,IAAI;YACF,MAAM,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;SAClC;QAAC,OAAO,CAAC,EAAE;;YAEV,IACG,CAAmB,EAAE,IAAI;gBAC1B,CAAQ,KAAA,EAAA,wBAAA,4CAAsC,CAAA,EAC9C;AACA,gBAAA,IAAI,CAAC,QAAQ,gBAAgB,IAAI,CAAC,CAAC;aACpC;YAED,OAAO;SACR;QACD,IAAI,CAAC,QAAQ,EAAE,CAAC;KACjB;AACF;;AC1GD;;;;;;;;;;;;;;;AAeG;MAMU,YAAY,CAAA;IAIvB,WACU,CAAA,SAA2B,EAC3B,WAA6B,EAAA;QAD7B,IAAS,CAAA,SAAA,GAAT,SAAS,CAAkB;QAC3B,IAAW,CAAA,WAAA,GAAX,WAAW,CAAkB;QAErC,IAAI,CAAC,eAAe,EAAE,CAAC;KACxB;IAEO,eAAe,GAAA;QACrB,IAAI,CAAC,cAAc,GAAG,wBAAwB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACjE,IAAI,CAAC,YAAY,GAAG,wBAAwB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;KAC9D;AAED,IAAA,KAAK,CAAC,QAAsB,EAAA;AAC1B,QAAA,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC,SAAS,CAAC;AACpC,QAAA,IAAI,CAAC,WAAW,GAAG,QAAQ,CAAC,WAAW,CAAC;QACxC,IAAI,CAAC,eAAe,EAAE,CAAC;KACxB;IAED,MAAM,GAAA;QACJ,OAAO;YACL,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,WAAW,EAAE,IAAI,CAAC,WAAW;SAC9B,CAAC;KACH;AACF;;ACjDD;;;;;;;;;;;;;;;AAeG;AAeI,eAAe,oBAAoB,CAAC,IAAkB,EAAA;AAC3D,IAAA,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;AACvB,IAAA,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;AACxC,IAAA,MAAM,QAAQ,GAAG,MAAM,oBAAoB,CACzC,IAAI,EACJ,cAAc,CAAC,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAClC,CAAC;IAEF,OAAO,CAAC,QAAQ,EAAE,KAAK,CAAC,MAAM,EAAE,IAAI,EAAA,gBAAA,oCAA+B,CAAC;IAEpE,MAAM,WAAW,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AAEtC,IAAA,IAAI,CAAC,qBAAqB,CAAC,WAAW,CAAC,CAAC;AAExC,IAAA,MAAM,eAAe,GAAG,WAAW,CAAC,gBAAgB,EAAE,MAAM;AAC1D,UAAE,mBAAmB,CAAC,WAAW,CAAC,gBAAgB,CAAC;UACjD,EAAE,CAAC;IAEP,MAAM,YAAY,GAAG,iBAAiB,CAAC,IAAI,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;;;;;;AAO3E,IAAA,MAAM,cAAc,GAAG,IAAI,CAAC,WAAW,CAAC;AACxC,IAAA,MAAM,cAAc,GAClB,EAAE,IAAI,CAAC,KAAK,IAAI,WAAW,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC;AACrE,IAAA,MAAM,WAAW,GAAG,CAAC,cAAc,GAAG,KAAK,GAAG,cAAc,CAAC;AAE7D,IAAA,MAAM,OAAO,GAA0B;QACrC,GAAG,EAAE,WAAW,CAAC,OAAO;AACxB,QAAA,WAAW,EAAE,WAAW,CAAC,WAAW,IAAI,IAAI;AAC5C,QAAA,QAAQ,EAAE,WAAW,CAAC,QAAQ,IAAI,IAAI;AACtC,QAAA,KAAK,EAAE,WAAW,CAAC,KAAK,IAAI,IAAI;AAChC,QAAA,aAAa,EAAE,WAAW,CAAC,aAAa,IAAI,KAAK;AACjD,QAAA,WAAW,EAAE,WAAW,CAAC,WAAW,IAAI,IAAI;AAC5C,QAAA,QAAQ,EAAE,WAAW,CAAC,QAAQ,IAAI,IAAI;QACtC,YAAY;QACZ,QAAQ,EAAE,IAAI,YAAY,CAAC,WAAW,CAAC,SAAS,EAAE,WAAW,CAAC,WAAW,CAAC;QAC1E,WAAW;KACZ,CAAC;AAEF,IAAA,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AAC/B,CAAC;AAED;;;;;;AAMG;AACI,eAAe,MAAM,CAAC,IAAU,EAAA;AACrC,IAAA,MAAM,YAAY,GAAiBC,uBAAkB,CAAC,IAAI,CAAiB,CAAC;AAC5E,IAAA,MAAM,oBAAoB,CAAC,YAAY,CAAC,CAAC;;;;IAKzC,MAAM,YAAY,CAAC,IAAI,CAAC,qBAAqB,CAAC,YAAY,CAAC,CAAC;AAC5D,IAAA,YAAY,CAAC,IAAI,CAAC,yBAAyB,CAAC,YAAY,CAAC,CAAC;AAC5D,CAAC;AAED,SAAS,iBAAiB,CACxB,QAAoB,EACpB,OAAmB,EAAA;AAEnB,IAAA,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,CAC7B,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,KAAK,CAAC,CAAC,UAAU,CAAC,CACvD,CAAC;AACF,IAAA,OAAO,CAAC,GAAG,OAAO,EAAE,GAAG,OAAO,CAAC,CAAC;AAClC,CAAC;AAEK,SAAU,mBAAmB,CAAC,SAA6B,EAAA;AAC/D,IAAA,OAAO,SAAS,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,EAAE,GAAG,QAAQ,EAAE,KAAI;QACnD,OAAO;YACL,UAAU;AACV,YAAA,GAAG,EAAE,QAAQ,CAAC,KAAK,IAAI,EAAE;AACzB,YAAA,WAAW,EAAE,QAAQ,CAAC,WAAW,IAAI,IAAI;AACzC,YAAA,KAAK,EAAE,QAAQ,CAAC,KAAK,IAAI,IAAI;AAC7B,YAAA,WAAW,EAAE,QAAQ,CAAC,WAAW,IAAI,IAAI;AACzC,YAAA,QAAQ,EAAE,QAAQ,CAAC,QAAQ,IAAI,IAAI;SACpC,CAAC;AACJ,KAAC,CAAC,CAAC;AACL;;ACnHA;;;;;;;;;;;;;;;AAeG;AA+CI,eAAe,eAAe,CACnC,IAAU,EACV,YAAoB,EAAA;IAEpB,MAAM,QAAQ,GACZ,MAAM,8BAA8B,CAClC,IAAI,EACJ,EAAE,EACF,YAAW;QACT,MAAM,IAAI,GAAGJ,gBAAW,CAAC;AACvB,YAAA,YAAY,EAAE,eAAe;AAC7B,YAAA,eAAe,EAAE,YAAY;AAC9B,SAAA,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACZ,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC;AAC7C,QAAA,MAAM,GAAG,GAAG,MAAM,eAAe,CAC/B,IAAI,EACJ,YAAY,EAEZ,WAAA,uBAAA,CAAA,IAAA,EAAO,MAAM,CAAA,CAAE,CAChB,CAAC;AAEF,QAAA,MAAM,OAAO,GAAG,MAAO,IAAqB,CAAC,qBAAqB,EAAE,CAAC;QACrE,OAAO,CAAA,cAAA,+BAAyB,GAAG,mCAAmC,CAAC;AAEvE,QAAA,MAAM,OAAO,GAAgB;AAC3B,YAAA,MAAM,EAAiB,MAAA;YACvB,OAAO;YACP,IAAI;SACL,CAAC;QACF,IACE,IAAI,CAAC,cAAc;YACnBE,uBAAkB,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,EAC5C;AACA,YAAA,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC;SACjC;QACD,OAAO,aAAa,CAAC,KAAK,EAAE,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;AAC7C,KAAC,CACF,CAAC;;IAGJ,OAAO;QACL,WAAW,EAAE,QAAQ,CAAC,YAAY;QAClC,SAAS,EAAE,QAAQ,CAAC,UAAU;QAC9B,YAAY,EAAE,QAAQ,CAAC,aAAa;KACrC,CAAC;AACJ,CAAC;AAEM,eAAe,WAAW,CAC/B,IAAU,EACV,OAA2B,EAAA;IAE3B,OAAO,kBAAkB,CACvB,IAAI,EAGJ,MAAA,wBAAA,0BAAA,8BAAA,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACJ;;ACvHA;;;;;;;;;;;;;;;AAeG;AAmBH;;;;;AAKG;MACU,eAAe,CAAA;AAA5B,IAAA,WAAA,GAAA;QACE,IAAY,CAAA,YAAA,GAAkB,IAAI,CAAC;QACnC,IAAW,CAAA,WAAA,GAAkB,IAAI,CAAC;QAClC,IAAc,CAAA,cAAA,GAAkB,IAAI,CAAC;KAoItC;AAlIC,IAAA,IAAI,SAAS,GAAA;AACX,QAAA,QACE,CAAC,IAAI,CAAC,cAAc;YACpB,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,cAAc,GAAuB,KAAA,6BACvD;KACH;AAED,IAAA,wBAAwB,CACtB,QAA+C,EAAA;AAE/C,QAAA,OAAO,CAAC,QAAQ,CAAC,OAAO,sDAA+B,CAAC;QACxD,OAAO,CACL,OAAO,QAAQ,CAAC,OAAO,KAAK,WAAW,sDAExC,CAAC;QACF,OAAO,CACL,OAAO,QAAQ,CAAC,YAAY,KAAK,WAAW,sDAE7C,CAAC;QACF,MAAM,SAAS,GACb,WAAW,IAAI,QAAQ,IAAI,OAAO,QAAQ,CAAC,SAAS,KAAK,WAAW;AAClE,cAAE,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC;AAC5B,cAAE,eAAe,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;AACxC,QAAA,IAAI,CAAC,yBAAyB,CAC5B,QAAQ,CAAC,OAAO,EAChB,QAAQ,CAAC,YAAY,EACrB,SAAS,CACV,CAAC;KACH;AAED,IAAA,iBAAiB,CAAC,OAAe,EAAA;AAC/B,QAAA,OAAO,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,sDAA+B,CAAC;AAC5D,QAAA,MAAM,SAAS,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;QAC3C,IAAI,CAAC,yBAAyB,CAAC,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;KAC1D;AAED,IAAA,MAAM,QAAQ,CACZ,IAAkB,EAClB,YAAY,GAAG,KAAK,EAAA;AAEpB,QAAA,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,WAAW,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE;YACxD,OAAO,IAAI,CAAC,WAAW,CAAC;SACzB;AAED,QAAA,OAAO,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,yDAA8B,CAAC;AAE9D,QAAA,IAAI,IAAI,CAAC,YAAY,EAAE;YACrB,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,YAAa,CAAC,CAAC;YAC7C,OAAO,IAAI,CAAC,WAAW,CAAC;SACzB;AAED,QAAA,OAAO,IAAI,CAAC;KACb;IAED,iBAAiB,GAAA;AACf,QAAA,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;KAC1B;AAEO,IAAA,MAAM,OAAO,CAAC,IAAkB,EAAE,QAAgB,EAAA;AACxD,QAAA,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,SAAS,EAAE,GAAG,MAAM,eAAe,CACpE,IAAI,EACJ,QAAQ,CACT,CAAC;AACF,QAAA,IAAI,CAAC,yBAAyB,CAC5B,WAAW,EACX,YAAY,EACZ,MAAM,CAAC,SAAS,CAAC,CAClB,CAAC;KACH;AAEO,IAAA,yBAAyB,CAC/B,WAAmB,EACnB,YAA2B,EAC3B,YAAoB,EAAA;AAEpB,QAAA,IAAI,CAAC,YAAY,GAAG,YAAY,IAAI,IAAI,CAAC;AACzC,QAAA,IAAI,CAAC,WAAW,GAAG,WAAW,IAAI,IAAI,CAAC;QACvC,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,YAAY,GAAG,IAAI,CAAC;KACxD;AAED,IAAA,OAAO,QAAQ,CAAC,OAAe,EAAE,MAAqB,EAAA;QACpD,MAAM,EAAE,YAAY,EAAE,WAAW,EAAE,cAAc,EAAE,GAAG,MAAM,CAAC;AAE7D,QAAA,MAAM,OAAO,GAAG,IAAI,eAAe,EAAE,CAAC;QACtC,IAAI,YAAY,EAAE;AAChB,YAAA,OAAO,CAAC,OAAO,YAAY,KAAK,QAAQ,EAAgC,gBAAA,qCAAA;gBACtE,OAAO;AACR,aAAA,CAAC,CAAC;AACH,YAAA,OAAO,CAAC,YAAY,GAAG,YAAY,CAAC;SACrC;QACD,IAAI,WAAW,EAAE;AACf,YAAA,OAAO,CAAC,OAAO,WAAW,KAAK,QAAQ,EAAgC,gBAAA,qCAAA;gBACrE,OAAO;AACR,aAAA,CAAC,CAAC;AACH,YAAA,OAAO,CAAC,WAAW,GAAG,WAAW,CAAC;SACnC;QACD,IAAI,cAAc,EAAE;AAClB,YAAA,OAAO,CACL,OAAO,cAAc,KAAK,QAAQ,EAElC,gBAAA,qCAAA;gBACE,OAAO;AACR,aAAA,CACF,CAAC;AACF,YAAA,OAAO,CAAC,cAAc,GAAG,cAAc,CAAC;SACzC;AACD,QAAA,OAAO,OAAO,CAAC;KAChB;IAED,MAAM,GAAA;QACJ,OAAO;YACL,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,cAAc,EAAE,IAAI,CAAC,cAAc;SACpC,CAAC;KACH;AAED,IAAA,OAAO,CAAC,eAAgC,EAAA;AACtC,QAAA,IAAI,CAAC,WAAW,GAAG,eAAe,CAAC,WAAW,CAAC;AAC/C,QAAA,IAAI,CAAC,YAAY,GAAG,eAAe,CAAC,YAAY,CAAC;AACjD,QAAA,IAAI,CAAC,cAAc,GAAG,eAAe,CAAC,cAAc,CAAC;KACtD;IAED,MAAM,GAAA;AACJ,QAAA,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,eAAe,EAAE,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;KAC5D;IAED,eAAe,GAAA;AACb,QAAA,OAAO,SAAS,CAAC,iBAAiB,CAAC,CAAC;KACrC;AACF;;AC/KD;;;;;;;;;;;;;;;AAeG;AAgCH,SAAS,uBAAuB,CAC9B,SAAkB,EAClB,OAAe,EAAA;AAEf,IAAA,OAAO,CACL,OAAO,SAAS,KAAK,QAAQ,IAAI,OAAO,SAAS,KAAK,WAAW,EAEjE,gBAAA,qCAAA,EAAE,OAAO,EAAE,CACZ,CAAC;AACJ,CAAC;MAEY,QAAQ,CAAA;IAwBnB,WAAY,CAAA,EAAE,GAAG,EAAE,IAAI,EAAE,eAAe,EAAE,GAAG,GAAG,EAAkB,EAAA;;AAtBzD,QAAA,IAAA,CAAA,UAAU,GAAuB,UAAA,2BAAA;AAoBzB,QAAA,IAAA,CAAA,gBAAgB,GAAG,IAAI,gBAAgB,CAAC,IAAI,CAAC,CAAC;QA6CvD,IAAc,CAAA,cAAA,GAAuB,IAAI,CAAC;QAC1C,IAAc,CAAA,cAAA,GAA+B,IAAI,CAAC;AA3CxD,QAAA,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;AACf,QAAA,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;AACjB,QAAA,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;AACvC,QAAA,IAAI,CAAC,WAAW,GAAG,eAAe,CAAC,WAAW,CAAC;QAC/C,IAAI,CAAC,WAAW,GAAG,GAAG,CAAC,WAAW,IAAI,IAAI,CAAC;QAC3C,IAAI,CAAC,KAAK,GAAG,GAAG,CAAC,KAAK,IAAI,IAAI,CAAC;QAC/B,IAAI,CAAC,aAAa,GAAG,GAAG,CAAC,aAAa,IAAI,KAAK,CAAC;QAChD,IAAI,CAAC,WAAW,GAAG,GAAG,CAAC,WAAW,IAAI,IAAI,CAAC;QAC3C,IAAI,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,IAAI,IAAI,CAAC;QACrC,IAAI,CAAC,WAAW,GAAG,GAAG,CAAC,WAAW,IAAI,KAAK,CAAC;QAC5C,IAAI,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,IAAI,IAAI,CAAC;AACrC,QAAA,IAAI,CAAC,YAAY,GAAG,GAAG,CAAC,YAAY,GAAG,CAAC,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC;AAClE,QAAA,IAAI,CAAC,QAAQ,GAAG,IAAI,YAAY,CAC9B,GAAG,CAAC,SAAS,IAAI,SAAS,EAC1B,GAAG,CAAC,WAAW,IAAI,SAAS,CAC7B,CAAC;KACH;IAED,MAAM,UAAU,CAAC,YAAsB,EAAA;QACrC,MAAM,WAAW,GAAG,MAAM,oBAAoB,CAC5C,IAAI,EACJ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,YAAY,CAAC,CACvD,CAAC;AACF,QAAA,OAAO,CAAC,WAAW,EAAE,IAAI,CAAC,IAAI,sDAA+B,CAAC;AAE9D,QAAA,IAAI,IAAI,CAAC,WAAW,KAAK,WAAW,EAAE;AACpC,YAAA,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;YAC/B,MAAM,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;AAC5C,YAAA,IAAI,CAAC,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,CAAC;SAC3C;AAED,QAAA,OAAO,WAAW,CAAC;KACpB;AAED,IAAA,gBAAgB,CAAC,YAAsB,EAAA;AACrC,QAAA,OAAO,gBAAgB,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;KAC7C;IAED,MAAM,GAAA;AACJ,QAAA,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC;KACrB;AAKD,IAAA,OAAO,CAAC,IAAkB,EAAA;AACxB,QAAA,IAAI,IAAI,KAAK,IAAI,EAAE;YACjB,OAAO;SACR;AACD,QAAA,OAAO,CAAC,IAAI,CAAC,GAAG,KAAK,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,sDAA+B,CAAC;AACxE,QAAA,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;AACpC,QAAA,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;AAC9B,QAAA,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;AACxB,QAAA,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC;AACxC,QAAA,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;AACpC,QAAA,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;AACpC,QAAA,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC9B,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,KAAK,EAAE,GAAG,QAAQ,EAAE,CAAC,CAAC,CAAC;QACzE,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACnC,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;KACpD;AAED,IAAA,MAAM,CAAC,IAAkB,EAAA;AACvB,QAAA,MAAM,OAAO,GAAG,IAAI,QAAQ,CAAC;AAC3B,YAAA,GAAG,IAAI;YACP,IAAI;AACJ,YAAA,eAAe,EAAE,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE;AAC/C,SAAA,CAAC,CAAC;QACH,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACtC,QAAA,OAAO,OAAO,CAAC;KAChB;AAED,IAAA,SAAS,CAAC,QAA6B,EAAA;;QAErC,OAAO,CAAC,CAAC,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,IAAI,EAAA,gBAAA,oCAA+B,CAAC;AACvE,QAAA,IAAI,CAAC,cAAc,GAAG,QAAQ,CAAC;AAC/B,QAAA,IAAI,IAAI,CAAC,cAAc,EAAE;AACvB,YAAA,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;AAChD,YAAA,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;SAC5B;KACF;AAED,IAAA,qBAAqB,CAAC,QAAqB,EAAA;AACzC,QAAA,IAAI,IAAI,CAAC,cAAc,EAAE;AACvB,YAAA,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;SAC/B;aAAM;;AAEL,YAAA,IAAI,CAAC,cAAc,GAAG,QAAQ,CAAC;SAChC;KACF;IAED,sBAAsB,GAAA;AACpB,QAAA,IAAI,CAAC,gBAAgB,CAAC,MAAM,EAAE,CAAC;KAChC;IAED,qBAAqB,GAAA;AACnB,QAAA,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,CAAC;KAC/B;AAED,IAAA,MAAM,wBAAwB,CAC5B,QAA+C,EAC/C,MAAM,GAAG,KAAK,EAAA;QAEd,IAAI,eAAe,GAAG,KAAK,CAAC;QAC5B,IACE,QAAQ,CAAC,OAAO;YAChB,QAAQ,CAAC,OAAO,KAAK,IAAI,CAAC,eAAe,CAAC,WAAW,EACrD;AACA,YAAA,IAAI,CAAC,eAAe,CAAC,wBAAwB,CAAC,QAAQ,CAAC,CAAC;YACxD,eAAe,GAAG,IAAI,CAAC;SACxB;QAED,IAAI,MAAM,EAAE;AACV,YAAA,MAAM,oBAAoB,CAAC,IAAI,CAAC,CAAC;SAClC;QAED,MAAM,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;QAC5C,IAAI,eAAe,EAAE;AACnB,YAAA,IAAI,CAAC,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,CAAC;SAC3C;KACF;AAED,IAAA,MAAM,MAAM,GAAA;QACV,IAAII,wBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;YACvC,OAAO,OAAO,CAAC,MAAM,CACnB,+CAA+C,CAAC,IAAI,CAAC,IAAI,CAAC,CAC3D,CAAC;SACH;AACD,QAAA,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;AACxC,QAAA,MAAM,oBAAoB,CAAC,IAAI,EAAE,aAAa,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC;AACxE,QAAA,IAAI,CAAC,eAAe,CAAC,iBAAiB,EAAE,CAAC;;;AAKzC,QAAA,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;KAC5B;IAED,MAAM,GAAA;QACJ,OAAO;YACL,GAAG,EAAE,IAAI,CAAC,GAAG;AACb,YAAA,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,SAAS;YAC9B,aAAa,EAAE,IAAI,CAAC,aAAa;AACjC,YAAA,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,SAAS;YAC1C,WAAW,EAAE,IAAI,CAAC,WAAW;AAC7B,YAAA,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,SAAS;AACpC,YAAA,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,SAAS;AAC1C,YAAA,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,SAAS;AACpC,YAAA,YAAY,EAAE,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,KAAK,EAAE,GAAG,QAAQ,EAAE,CAAC,CAAC;AAClE,YAAA,eAAe,EAAE,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE;;;YAG9C,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;AACvC,YAAA,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE;;AAGzB,YAAA,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM;AAC/B,YAAA,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI;;;SAGxB,CAAC;KACH;AAED,IAAA,IAAI,YAAY,GAAA;AACd,QAAA,OAAO,IAAI,CAAC,eAAe,CAAC,YAAY,IAAI,EAAE,CAAC;KAChD;AAED,IAAA,OAAO,SAAS,CAAC,IAAkB,EAAE,MAAqB,EAAA;AACxD,QAAA,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,SAAS,CAAC;AACpD,QAAA,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,SAAS,CAAC;AACxC,QAAA,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,SAAS,CAAC;AACpD,QAAA,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,SAAS,CAAC;AAC9C,QAAA,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,SAAS,CAAC;AAC9C,QAAA,MAAM,gBAAgB,GAAG,MAAM,CAAC,gBAAgB,IAAI,SAAS,CAAC;AAC9D,QAAA,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,SAAS,CAAC;AAChD,QAAA,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,SAAS,CAAC;AACpD,QAAA,MAAM,EACJ,GAAG,EACH,aAAa,EACb,WAAW,EACX,YAAY,EACZ,eAAe,EAAE,uBAAuB,EACzC,GAAG,MAAM,CAAC;AAEX,QAAA,OAAO,CAAC,GAAG,IAAI,uBAAuB,EAAE,IAAI,sDAA+B,CAAC;AAE5E,QAAA,MAAM,eAAe,GAAG,eAAe,CAAC,QAAQ,CAC9C,IAAI,CAAC,IAAI,EACT,uBAAwC,CACzC,CAAC;QAEF,OAAO,CAAC,OAAO,GAAG,KAAK,QAAQ,EAAE,IAAI,sDAA+B,CAAC;AACrE,QAAA,uBAAuB,CAAC,WAAW,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;AAChD,QAAA,uBAAuB,CAAC,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1C,OAAO,CACL,OAAO,aAAa,KAAK,SAAS,EAClC,IAAI,sDAEL,CAAC;QACF,OAAO,CACL,OAAO,WAAW,KAAK,SAAS,EAChC,IAAI,sDAEL,CAAC;AACF,QAAA,uBAAuB,CAAC,WAAW,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;AAChD,QAAA,uBAAuB,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;AAC7C,QAAA,uBAAuB,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;AAC7C,QAAA,uBAAuB,CAAC,gBAAgB,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;AACrD,QAAA,uBAAuB,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;AAC9C,QAAA,uBAAuB,CAAC,WAAW,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;AAChD,QAAA,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC;YACxB,GAAG;YACH,IAAI;YACJ,KAAK;YACL,aAAa;YACb,WAAW;YACX,WAAW;YACX,QAAQ;YACR,WAAW;YACX,QAAQ;YACR,eAAe;YACf,SAAS;YACT,WAAW;AACZ,SAAA,CAAC,CAAC;QAEH,IAAI,YAAY,IAAI,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE;AAC/C,YAAA,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC,GAAG,CAAC,QAAQ,KAAK,EAAE,GAAG,QAAQ,EAAE,CAAC,CAAC,CAAC;SACrE;QAED,IAAI,gBAAgB,EAAE;AACpB,YAAA,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;SAC1C;AAED,QAAA,OAAO,IAAI,CAAC;KACb;AAED;;;;AAIG;IACH,aAAa,oBAAoB,CAC/B,IAAkB,EAClB,eAAgC,EAChC,WAAA,GAAuB,KAAK,EAAA;AAE5B,QAAA,MAAM,eAAe,GAAG,IAAI,eAAe,EAAE,CAAC;AAC9C,QAAA,eAAe,CAAC,wBAAwB,CAAC,eAAe,CAAC,CAAC;;AAG1D,QAAA,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC;YACxB,GAAG,EAAE,eAAe,CAAC,OAAO;YAC5B,IAAI;YACJ,eAAe;YACf,WAAW;AACZ,SAAA,CAAC,CAAC;;AAGH,QAAA,MAAM,oBAAoB,CAAC,IAAI,CAAC,CAAC;AACjC,QAAA,OAAO,IAAI,CAAC;KACb;AAED;;;;AAIG;IACH,aAAa,2BAA2B,CACtC,IAAkB,EAClB,QAAgC,EAChC,OAAe,EAAA;QAEf,MAAM,WAAW,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACtC,QAAA,OAAO,CAAC,WAAW,CAAC,OAAO,KAAK,SAAS,sDAA+B,CAAC;AAEzE,QAAA,MAAM,YAAY,GAChB,WAAW,CAAC,gBAAgB,KAAK,SAAS;AACxC,cAAE,mBAAmB,CAAC,WAAW,CAAC,gBAAgB,CAAC;cACjD,EAAE,CAAC;AAET,QAAA,MAAM,WAAW,GACf,EAAE,WAAW,CAAC,KAAK,IAAI,WAAW,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC;AAE5E,QAAA,MAAM,eAAe,GAAG,IAAI,eAAe,EAAE,CAAC;AAC9C,QAAA,eAAe,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;;AAG3C,QAAA,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC;YACxB,GAAG,EAAE,WAAW,CAAC,OAAO;YACxB,IAAI;YACJ,eAAe;YACf,WAAW;AACZ,SAAA,CAAC,CAAC;;AAGH,QAAA,MAAM,OAAO,GAA0B;YACrC,GAAG,EAAE,WAAW,CAAC,OAAO;AACxB,YAAA,WAAW,EAAE,WAAW,CAAC,WAAW,IAAI,IAAI;AAC5C,YAAA,QAAQ,EAAE,WAAW,CAAC,QAAQ,IAAI,IAAI;AACtC,YAAA,KAAK,EAAE,WAAW,CAAC,KAAK,IAAI,IAAI;AAChC,YAAA,aAAa,EAAE,WAAW,CAAC,aAAa,IAAI,KAAK;AACjD,YAAA,WAAW,EAAE,WAAW,CAAC,WAAW,IAAI,IAAI;AAC5C,YAAA,QAAQ,EAAE,WAAW,CAAC,QAAQ,IAAI,IAAI;YACtC,YAAY;YACZ,QAAQ,EAAE,IAAI,YAAY,CACxB,WAAW,CAAC,SAAS,EACrB,WAAW,CAAC,WAAW,CACxB;YACD,WAAW,EACT,EAAE,WAAW,CAAC,KAAK,IAAI,WAAW,CAAC,YAAY,CAAC;gBAChD,CAAC,YAAY,EAAE,MAAM;SACxB,CAAC;AAEF,QAAA,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AAC7B,QAAA,OAAO,IAAI,CAAC;KACb;AACF;;AC/YD;;;;;;;;;;;;;;;AAeG;AAeH,MAAM,aAAa,GAA0B,IAAI,GAAG,EAAE,CAAC;AAEjD,SAAU,YAAY,CAAI,GAAY,EAAA;AAC1C,IAAA,WAAW,CAAC,GAAG,YAAY,QAAQ,EAAE,6BAA6B,CAAC,CAAC;IACpE,IAAI,QAAQ,GAAG,aAAa,CAAC,GAAG,CAAC,GAAG,CAAkB,CAAC;IAEvD,IAAI,QAAQ,EAAE;AACZ,QAAA,WAAW,CACT,QAAQ,YAAY,GAAG,EACvB,gDAAgD,CACjD,CAAC;AACF,QAAA,OAAO,QAAQ,CAAC;KACjB;AAED,IAAA,QAAQ,GAAG,IAAK,GAAgC,EAAE,CAAC;AACnD,IAAA,aAAa,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;AACjC,IAAA,OAAO,QAAQ,CAAC;AAClB;;AC/CA;;;;;;;;;;;;;;;AAeG;MAWU,mBAAmB,CAAA;AAAhC,IAAA,WAAA,GAAA;AAEW,QAAA,IAAA,CAAA,IAAI,GAAwB,MAAA,4BAAA;QACrC,IAAO,CAAA,OAAA,GAAqC,EAAE,CAAC;KA4BhD;AA1BC,IAAA,MAAM,YAAY,GAAA;AAChB,QAAA,OAAO,IAAI,CAAC;KACb;AAED,IAAA,MAAM,IAAI,CAAC,GAAW,EAAE,KAAuB,EAAA;AAC7C,QAAA,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;KAC3B;IAED,MAAM,IAAI,CAA6B,GAAW,EAAA;QAChD,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAChC,OAAO,KAAK,KAAK,SAAS,GAAG,IAAI,GAAI,KAAW,CAAC;KAClD;IAED,MAAM,OAAO,CAAC,GAAW,EAAA;AACvB,QAAA,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;KAC1B;IAED,YAAY,CAAC,IAAY,EAAE,SAA+B,EAAA;;QAExD,OAAO;KACR;IAED,eAAe,CAAC,IAAY,EAAE,SAA+B,EAAA;;QAE3D,OAAO;KACR;;AA7BM,mBAAI,CAAA,IAAA,GAAW,MAAX,CAAkB;AAgC/B;;;;AAIG;AACI,MAAM,mBAAmB,GAAgB;;AChEhD;;;;;;;;;;;;;;;AAeG;SAoBa,mBAAmB,CACjC,GAAW,EACX,MAAc,EACd,OAAgB,EAAA;IAEhB,OAAO,CAAA,EAAG,uCAAyB,CAAA,EAAA,GAAG,IAAI,MAAM,CAAA,CAAA,EAAI,OAAO,CAAA,CAAE,CAAC;AAChE,CAAC;MAEY,sBAAsB,CAAA;AAKjC,IAAA,WAAA,CACS,WAAgC,EACtB,IAAkB,EAClB,OAAe,EAAA;QAFzB,IAAW,CAAA,WAAA,GAAX,WAAW,CAAqB;QACtB,IAAI,CAAA,IAAA,GAAJ,IAAI,CAAc;QAClB,IAAO,CAAA,OAAA,GAAP,OAAO,CAAQ;QAEhC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC;AACnC,QAAA,IAAI,CAAC,WAAW,GAAG,mBAAmB,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAC1E,IAAI,CAAC,kBAAkB,GAAG,mBAAmB,CAAA,aAAA,iCAE3C,MAAM,CAAC,MAAM,EACb,IAAI,CACL,CAAC;QACF,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACzD,QAAA,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;KACzE;AAED,IAAA,cAAc,CAAC,IAAkB,EAAA;AAC/B,QAAA,OAAO,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;KAC/D;AAED,IAAA,MAAM,cAAc,GAAA;AAClB,QAAA,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,CACtC,IAAI,CAAC,WAAW,CACjB,CAAC;QACF,IAAI,CAAC,IAAI,EAAE;AACT,YAAA,OAAO,IAAI,CAAC;SACb;AACD,QAAA,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;YAC5B,MAAM,QAAQ,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,CACvE,MAAM,SAAS,CAChB,CAAC;YACF,IAAI,CAAC,QAAQ,EAAE;AACb,gBAAA,OAAO,IAAI,CAAC;aACb;AACD,YAAA,OAAO,QAAQ,CAAC,2BAA2B,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;SACxE;QACD,OAAO,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;KAC5C;IAED,iBAAiB,GAAA;QACf,OAAO,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;KACnD;IAED,0BAA0B,GAAA;AACxB,QAAA,OAAO,IAAI,CAAC,WAAW,CAAC,IAAI,CAC1B,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,WAAW,CAAC,IAAI,CACtB,CAAC;KACH;IAED,MAAM,cAAc,CAAC,cAAmC,EAAA;AACtD,QAAA,IAAI,IAAI,CAAC,WAAW,KAAK,cAAc,EAAE;YACvC,OAAO;SACR;AAED,QAAA,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;AAChD,QAAA,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;AAE/B,QAAA,IAAI,CAAC,WAAW,GAAG,cAAc,CAAC;QAElC,IAAI,WAAW,EAAE;AACf,YAAA,OAAO,IAAI,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;SACzC;KACF;IAED,MAAM,GAAA;AACJ,QAAA,IAAI,CAAC,WAAW,CAAC,eAAe,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;KAC5E;IAED,aAAa,MAAM,CACjB,IAAkB,EAClB,oBAA2C,EAC3C,OAAO,GAAoB,UAAA,0BAAA;AAE3B,QAAA,IAAI,CAAC,oBAAoB,CAAC,MAAM,EAAE;AAChC,YAAA,OAAO,IAAI,sBAAsB,CAC/B,YAAY,CAAC,mBAAmB,CAAC,EACjC,IAAI,EACJ,OAAO,CACR,CAAC;SACH;;AAGD,QAAA,MAAM,qBAAqB,GAAG,CAC5B,MAAM,OAAO,CAAC,GAAG,CACf,oBAAoB,CAAC,GAAG,CAAC,OAAM,WAAW,KAAG;AAC3C,YAAA,IAAI,MAAM,WAAW,CAAC,YAAY,EAAE,EAAE;AACpC,gBAAA,OAAO,WAAW,CAAC;aACpB;AACD,YAAA,OAAO,SAAS,CAAC;AACnB,SAAC,CAAC,CACH,EACD,MAAM,CAAC,WAAW,IAAI,WAAW,CAA0B,CAAC;;AAG9D,QAAA,IAAI,mBAAmB,GACrB,qBAAqB,CAAC,CAAC,CAAC;YACxB,YAAY,CAAsB,mBAAmB,CAAC,CAAC;AAEzD,QAAA,MAAM,GAAG,GAAG,mBAAmB,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;;;QAIxE,IAAI,aAAa,GAAwB,IAAI,CAAC;;;;AAI9C,QAAA,KAAK,MAAM,WAAW,IAAI,oBAAoB,EAAE;AAC9C,YAAA,IAAI;gBACF,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,IAAI,CAAyB,GAAG,CAAC,CAAC;gBACjE,IAAI,IAAI,EAAE;AACR,oBAAA,IAAI,IAAkB,CAAC;AACvB,oBAAA,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;AAC5B,wBAAA,MAAM,QAAQ,GAAG,MAAM,cAAc,CAAC,IAAI,EAAE;AAC1C,4BAAA,OAAO,EAAE,IAAI;yBACd,CAAC,CAAC,KAAK,CAAC,MAAM,SAAS,CAAC,CAAC;wBAC1B,IAAI,CAAC,QAAQ,EAAE;4BACb,MAAM;yBACP;AACD,wBAAA,IAAI,GAAG,MAAM,QAAQ,CAAC,2BAA2B,CAC/C,IAAI,EACJ,QAAQ,EACR,IAAI,CACL,CAAC;qBACH;yBAAM;wBACL,IAAI,GAAG,QAAQ,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;qBACvC;AACD,oBAAA,IAAI,WAAW,KAAK,mBAAmB,EAAE;wBACvC,aAAa,GAAG,IAAI,CAAC;qBACtB;oBACD,mBAAmB,GAAG,WAAW,CAAC;oBAClC,MAAM;iBACP;aACF;YAAC,MAAM,GAAE;SACX;;;AAID,QAAA,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,MAAM,CACrD,CAAC,IAAI,CAAC,CAAC,qBAAqB,CAC7B,CAAC;;QAGF,IACE,CAAC,mBAAmB,CAAC,qBAAqB;AAC1C,YAAA,CAAC,kBAAkB,CAAC,MAAM,EAC1B;YACA,OAAO,IAAI,sBAAsB,CAAC,mBAAmB,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;SACvE;AAED,QAAA,mBAAmB,GAAG,kBAAkB,CAAC,CAAC,CAAC,CAAC;QAC5C,IAAI,aAAa,EAAE;;;YAGjB,MAAM,mBAAmB,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;SAC7D;;;AAID,QAAA,MAAM,OAAO,CAAC,GAAG,CACf,oBAAoB,CAAC,GAAG,CAAC,OAAM,WAAW,KAAG;AAC3C,YAAA,IAAI,WAAW,KAAK,mBAAmB,EAAE;AACvC,gBAAA,IAAI;AACF,oBAAA,MAAM,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;iBAChC;gBAAC,MAAM,GAAE;aACX;SACF,CAAC,CACH,CAAC;QACF,OAAO,IAAI,sBAAsB,CAAC,mBAAmB,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;KACvE;AACF;;AC1ND;;;;;;;;;;;;;;;AAeG;AA8BH;;AAEG;AACG,SAAU,eAAe,CAAC,SAAiB,EAAA;AAC/C,IAAA,MAAM,EAAE,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC;IACnC,IAAI,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;QACzE,OAAyB,OAAA,yBAAA;KAC1B;AAAM,SAAA,IAAI,WAAW,CAAC,EAAE,CAAC,EAAE;;QAE1B,OAA4B,UAAA,4BAAA;KAC7B;AAAM,SAAA,IAAI,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE;QACzD,OAAsB,IAAA,sBAAA;KACvB;AAAM,SAAA,IAAI,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE;QAC/B,OAAwB,MAAA,wBAAA;KACzB;AAAM,SAAA,IAAI,UAAU,CAAC,EAAE,CAAC,EAAE;QACzB,OAA2B,SAAA,2BAAA;KAC5B;AAAM,SAAA,IAAI,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE;QAC/B,OAAwB,MAAA,wBAAA;KACzB;AAAM,SAAA,IAAI,aAAa,CAAC,EAAE,CAAC,EAAE;;QAE5B,OAA8B,YAAA,8BAAA;KAC/B;AAAM,SAAA,IAAI,QAAQ,CAAC,EAAE,CAAC,EAAE;;QAEvB,OAAyB,OAAA,yBAAA;KAC1B;AAAM,SAAA,IAAI,SAAS,CAAC,EAAE,CAAC,EAAE;QACxB,OAA0B,QAAA,0BAAA;KAC3B;AAAM,SAAA,IACL,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,YAAY,CAAC,EAAE,CAAC;AAC3C,QAAA,CAAC,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,EACrB;QACA,OAA0B,QAAA,0BAAA;KAC3B;AAAM,SAAA,IAAI,UAAU,CAAC,EAAE,CAAC,EAAE;;QAEzB,OAA2B,SAAA,2BAAA;KAC5B;SAAM;;QAEL,MAAM,EAAE,GAAG,iCAAiC,CAAC;QAC7C,MAAM,OAAO,GAAG,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;AACpC,QAAA,IAAI,OAAO,EAAE,MAAM,KAAK,CAAC,EAAE;AACzB,YAAA,OAAO,OAAO,CAAC,CAAC,CAAC,CAAC;SACnB;KACF;IACD,OAAyB,OAAA,yBAAA;AAC3B,CAAC;SAEe,UAAU,CAAC,EAAE,GAAGC,UAAK,EAAE,EAAA;AACrC,IAAA,OAAO,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC/B,CAAC;SAEe,SAAS,CAAC,SAAS,GAAGA,UAAK,EAAE,EAAA;AAC3C,IAAA,MAAM,EAAE,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC;AACnC,IAAA,QACE,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC;AACtB,QAAA,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC;AACvB,QAAA,CAAC,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACtB,QAAA,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,EACvB;AACJ,CAAC;SAEe,YAAY,CAAC,EAAE,GAAGA,UAAK,EAAE,EAAA;AACvC,IAAA,OAAO,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC7B,CAAC;SAEe,WAAW,CAAC,EAAE,GAAGA,UAAK,EAAE,EAAA;AACtC,IAAA,OAAO,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC9B,CAAC;SAEe,UAAU,CAAC,EAAE,GAAGA,UAAK,EAAE,EAAA;AACrC,IAAA,OAAO,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC7B,CAAC;SAEe,aAAa,CAAC,EAAE,GAAGA,UAAK,EAAE,EAAA;AACxC,IAAA,OAAO,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAChC,CAAC;SAEe,QAAQ,CAAC,EAAE,GAAGA,UAAK,EAAE,EAAA;AACnC,IAAA,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC3B,CAAC;SAEe,MAAM,CAAC,EAAE,GAAGA,UAAK,EAAE,EAAA;AACjC,IAAA,QACE,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;AAC5B,SAAC,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,EAC7C;AACJ,CAAC;SAEe,UAAU,CAAC,EAAE,GAAGA,UAAK,EAAE,EAAA;AACrC,IAAA,QACE,8BAA8B,CAAC,IAAI,CAAC,EAAE,CAAC;AACvC,QAAA,8BAA8B,CAAC,IAAI,CAAC,EAAE,CAAC,EACvC;AACJ,CAAC;SAMe,OAAO,GAAA;IACrB,OAAOC,SAAI,EAAE,IAAK,QAAqB,CAAC,YAAY,KAAK,EAAE,CAAC;AAC9D,CAAC;AAEe,SAAA,gBAAgB,CAAC,EAAA,GAAaD,UAAK,EAAE,EAAA;;AAEnD,IAAA,QACE,MAAM,CAAC,EAAE,CAAC;QACV,UAAU,CAAC,EAAE,CAAC;QACd,QAAQ,CAAC,EAAE,CAAC;QACZ,aAAa,CAAC,EAAE,CAAC;AACjB,QAAA,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC;AACzB,QAAA,WAAW,CAAC,EAAE,CAAC,EACf;AACJ;;AC5JA;;;;;;;;;;;;;;;AAeG;AAsBH;;AAEG;SACa,iBAAiB,CAC/B,cAA8B,EAC9B,aAAgC,EAAE,EAAA;AAElC,IAAA,IAAI,gBAAwB,CAAC;IAC7B,QAAQ,cAAc;AACpB,QAAA,KAAA,SAAA;;AAEE,YAAA,gBAAgB,GAAG,eAAe,CAACA,UAAK,EAAE,CAAC,CAAC;YAC5C,MAAM;AACR,QAAA,KAAA,QAAA;;;;YAIE,gBAAgB,GAAG,CAAG,EAAA,eAAe,CAACA,UAAK,EAAE,CAAC,CAAA,CAAA,EAAI,cAAc,CAAA,CAAE,CAAC;YACnE,MAAM;AACR,QAAA;YACE,gBAAgB,GAAG,cAAc,CAAC;KACrC;AACD,IAAA,MAAM,kBAAkB,GAAG,UAAU,CAAC,MAAM;AAC1C,UAAE,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC;AACtB,UAAE,kBAAkB,CAAC;IACvB,OAAO,CAAA,EAAG,gBAAgB,CAAI,CAAA,EAAA,QAAA,oCAA6BX,eAAW,CAAA,CAAA,EAAI,kBAAkB,CAAA,CAAE,CAAC;AACjG;;AC/DA;;;;;;;;;;;;;;;AAeG;MAWU,mBAAmB,CAAA;AAG9B,IAAA,WAAA,CAA6B,IAAkB,EAAA;QAAlB,IAAI,CAAA,IAAA,GAAJ,IAAI,CAAc;QAF9B,IAAK,CAAA,KAAA,GAAsB,EAAE,CAAC;KAEI;IAEnD,YAAY,CACV,QAAqD,EACrD,OAAoB,EAAA;;;AAIpB,QAAA,MAAM,eAAe,GAAoB,CACvC,IAAiB,KAEjB,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,KAAI;AAC9B,YAAA,IAAI;AACF,gBAAA,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;;;gBAG9B,OAAO,CAAC,MAAM,CAAC,CAAC;aACjB;YAAC,OAAO,CAAC,EAAE;;gBAEV,MAAM,CAAC,CAAC,CAAC,CAAC;aACX;AACH,SAAC,CAAC,CAAC;;AAEL,QAAA,eAAe,CAAC,OAAO,GAAG,OAAO,CAAC;AAClC,QAAA,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAEjC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;AACpC,QAAA,OAAO,MAAK;;;AAGV,YAAA,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,MAAM,OAAO,CAAC,OAAO,EAAE,CAAC;AAC9C,SAAC,CAAC;KACH;IAED,MAAM,aAAa,CAAC,QAAqB,EAAA;QACvC,IAAI,IAAI,CAAC,IAAI,CAAC,WAAW,KAAK,QAAQ,EAAE;YACtC,OAAO;SACR;;;QAKD,MAAM,YAAY,GAAsB,EAAE,CAAC;AAC3C,QAAA,IAAI;AACF,YAAA,KAAK,MAAM,mBAAmB,IAAI,IAAI,CAAC,KAAK,EAAE;AAC5C,gBAAA,MAAM,mBAAmB,CAAC,QAAQ,CAAC,CAAC;;AAGpC,gBAAA,IAAI,mBAAmB,CAAC,OAAO,EAAE;AAC/B,oBAAA,YAAY,CAAC,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC;iBAChD;aACF;SACF;QAAC,OAAO,CAAC,EAAE;;;YAGV,YAAY,CAAC,OAAO,EAAE,CAAC;AACvB,YAAA,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE;AAClC,gBAAA,IAAI;AACF,oBAAA,OAAO,EAAE,CAAC;iBACX;gBAAC,OAAO,CAAC,EAAE;;iBAEX;aACF;AAED,YAAA,MAAM,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAA8B,eAAA,oCAAA;gBAChE,eAAe,EAAG,CAAW,EAAE,OAAO;AACvC,aAAA,CAAC,CAAC;SACJ;KACF;AACF;;AClGD;;;;;;;;;;;;;;;AAeG;AAmCH;;;;;;AAMG;AACI,eAAe,kBAAkB,CACtC,IAAU,EACV,UAAoC,EAAE,EAAA;IAEtC,OAAO,kBAAkB,CAIvB,IAAI,EAGJ,KAAA,uBAAA,oBAAA,qCAAA,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACJ;;ACtEA;;;;;;;;;;;;;;;AAeG;AAUH;AACA,MAAM,2BAA2B,GAAG,CAAC,CAAC;AAEtC;;;;AAIG;MACU,kBAAkB,CAAA;AAO7B,IAAA,WAAA,CAAY,QAAmC,EAAA;;AAE7C,QAAA,MAAM,eAAe,GAAG,QAAQ,CAAC,qBAAqB,CAAC;AACvD,QAAA,IAAI,CAAC,qBAAqB,GAAG,EAAE,CAAC;;QAEhC,IAAI,CAAC,qBAAqB,CAAC,iBAAiB;AAC1C,YAAA,eAAe,CAAC,iBAAiB,IAAI,2BAA2B,CAAC;AACnE,QAAA,IAAI,eAAe,CAAC,iBAAiB,EAAE;YACrC,IAAI,CAAC,qBAAqB,CAAC,iBAAiB;gBAC1C,eAAe,CAAC,iBAAiB,CAAC;SACrC;AACD,QAAA,IAAI,eAAe,CAAC,0BAA0B,KAAK,SAAS,EAAE;YAC5D,IAAI,CAAC,qBAAqB,CAAC,uBAAuB;gBAChD,eAAe,CAAC,0BAA0B,CAAC;SAC9C;AACD,QAAA,IAAI,eAAe,CAAC,0BAA0B,KAAK,SAAS,EAAE;YAC5D,IAAI,CAAC,qBAAqB,CAAC,uBAAuB;gBAChD,eAAe,CAAC,0BAA0B,CAAC;SAC9C;AACD,QAAA,IAAI,eAAe,CAAC,wBAAwB,KAAK,SAAS,EAAE;YAC1D,IAAI,CAAC,qBAAqB,CAAC,wBAAwB;gBACjD,eAAe,CAAC,wBAAwB,CAAC;SAC5C;AACD,QAAA,IAAI,eAAe,CAAC,gCAAgC,KAAK,SAAS,EAAE;YAClE,IAAI,CAAC,qBAAqB,CAAC,gCAAgC;gBACzD,eAAe,CAAC,gCAAgC,CAAC;SACpD;AAED,QAAA,IAAI,CAAC,gBAAgB,GAAG,QAAQ,CAAC,gBAAgB,CAAC;AAClD,QAAA,IAAI,IAAI,CAAC,gBAAgB,KAAK,+BAA+B,EAAE;AAC7D,YAAA,IAAI,CAAC,gBAAgB,GAAG,KAAK,CAAC;SAC/B;;AAGD,QAAA,IAAI,CAAC,gCAAgC;YACnC,QAAQ,CAAC,gCAAgC,EAAE,IAAI,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC;QAE5D,IAAI,CAAC,oBAAoB,GAAG,QAAQ,CAAC,oBAAoB,IAAI,KAAK,CAAC;AACnE,QAAA,IAAI,CAAC,aAAa,GAAG,QAAQ,CAAC,aAAa,CAAC;KAC7C;AAED,IAAA,gBAAgB,CAAC,QAAgB,EAAA;AAC/B,QAAA,MAAM,MAAM,GAAqC;AAC/C,YAAA,OAAO,EAAE,IAAI;AACb,YAAA,cAAc,EAAE,IAAI;SACrB,CAAC;;AAGF,QAAA,IAAI,CAAC,6BAA6B,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;AACrD,QAAA,IAAI,CAAC,gCAAgC,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;;AAGxD,QAAA,MAAM,CAAC,OAAO,KAAd,MAAM,CAAC,OAAO,GAAK,MAAM,CAAC,sBAAsB,IAAI,IAAI,CAAC,CAAA;AACzD,QAAA,MAAM,CAAC,OAAO,KAAd,MAAM,CAAC,OAAO,GAAK,MAAM,CAAC,sBAAsB,IAAI,IAAI,CAAC,CAAA;AACzD,QAAA,MAAM,CAAC,OAAO,KAAd,MAAM,CAAC,OAAO,GAAK,MAAM,CAAC,uBAAuB,IAAI,IAAI,CAAC,CAAA;AAC1D,QAAA,MAAM,CAAC,OAAO,KAAd,MAAM,CAAC,OAAO,GAAK,MAAM,CAAC,uBAAuB,IAAI,IAAI,CAAC,CAAA;AAC1D,QAAA,MAAM,CAAC,OAAO,KAAd,MAAM,CAAC,OAAO,GAAK,MAAM,CAAC,wBAAwB,IAAI,IAAI,CAAC,CAAA;AAC3D,QAAA,MAAM,CAAC,OAAO,KAAd,MAAM,CAAC,OAAO,GAAK,MAAM,CAAC,gCAAgC,IAAI,IAAI,CAAC,CAAA;AAEnE,QAAA,OAAO,MAAM,CAAC;KACf;AAED;;;;;AAKG;IACK,6BAA6B,CACnC,QAAgB,EAChB,MAAwC,EAAA;AAExC,QAAA,MAAM,iBAAiB,GAAG,IAAI,CAAC,qBAAqB,CAAC,iBAAiB,CAAC;AACvE,QAAA,MAAM,iBAAiB,GAAG,IAAI,CAAC,qBAAqB,CAAC,iBAAiB,CAAC;QACvE,IAAI,iBAAiB,EAAE;YACrB,MAAM,CAAC,sBAAsB,GAAG,QAAQ,CAAC,MAAM,IAAI,iBAAiB,CAAC;SACtE;QACD,IAAI,iBAAiB,EAAE;YACrB,MAAM,CAAC,sBAAsB,GAAG,QAAQ,CAAC,MAAM,IAAI,iBAAiB,CAAC;SACtE;KACF;AAED;;;;;AAKG;IACK,gCAAgC,CACtC,QAAgB,EAChB,MAAwC,EAAA;;QAGxC,IAAI,CAAC,sCAAsC,CACzC,MAAM;AACN,0CAAkC,KAAK;AACvC,0CAAkC,KAAK;AACvC,wCAAgC,KAAK;gDACG,KAAK,CAC9C,CAAC;AAEF,QAAA,IAAI,YAAY,CAAC;AACjB,QAAA,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;AACxC,YAAA,YAAY,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YAClC,IAAI,CAAC,sCAAsC,CACzC,MAAM;8CAC4B,YAAY,IAAI,GAAG;AACnD,gBAAA,YAAY,IAAI,GAAG;8CACa,YAAY,IAAI,GAAG;AACnD,gBAAA,YAAY,IAAI,GAAG;4CACW,YAAY,IAAI,GAAG;AACjD,gBAAA,YAAY,IAAI,GAAG;oDACmB,IAAI,CAAC,gCAAgC,CAAC,QAAQ,CACpF,YAAY,CACb,CACF,CAAC;SACH;KACF;AAED;;;;;;;;;;AAUG;IACK,sCAAsC,CAC5C,MAAwC,EACxC,0BAAmC,EACnC,0BAAmC,EACnC,wBAAiC,EACjC,gCAAyC,EAAA;AAEzC,QAAA,IAAI,IAAI,CAAC,qBAAqB,CAAC,uBAAuB,EAAE;YACtD,MAAM,CAAC,uBAAuB,KAA9B,MAAM,CAAC,uBAAuB,GAAK,0BAA0B,CAAC,CAAA;SAC/D;AACD,QAAA,IAAI,IAAI,CAAC,qBAAqB,CAAC,uBAAuB,EAAE;YACtD,MAAM,CAAC,uBAAuB,KAA9B,MAAM,CAAC,uBAAuB,GAAK,0BAA0B,CAAC,CAAA;SAC/D;AACD,QAAA,IAAI,IAAI,CAAC,qBAAqB,CAAC,wBAAwB,EAAE;YACvD,MAAM,CAAC,wBAAwB,KAA/B,MAAM,CAAC,wBAAwB,GAAK,wBAAwB,CAAC,CAAA;SAC9D;AACD,QAAA,IAAI,IAAI,CAAC,qBAAqB,CAAC,gCAAgC,EAAE;YAC/D,MAAM,CAAC,gCAAgC,KAAvC,MAAM,CAAC,gCAAgC,GACrC,gCAAgC,CAAC,CAAA;SACpC;KACF;AACF;;AC/LD;;;;;;;;;;;;;;;AAeG;MAiFU,QAAQ,CAAA;AAyCnB,IAAA,WAAA,CACkB,GAAgB,EACf,wBAA+C,EAC/C,uBAAgE,EACjE,MAAsB,EAAA;QAHtB,IAAG,CAAA,GAAA,GAAH,GAAG,CAAa;QACf,IAAwB,CAAA,wBAAA,GAAxB,wBAAwB,CAAuB;QAC/C,IAAuB,CAAA,uBAAA,GAAvB,uBAAuB,CAAyC;QACjE,IAAM,CAAA,MAAA,GAAN,MAAM,CAAgB;QA5CxC,IAAW,CAAA,WAAA,GAAgB,IAAI,CAAC;QAChC,IAAc,CAAA,cAAA,GAA0B,IAAI,CAAC;AACrC,QAAA,IAAA,CAAA,UAAU,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC;AAG/B,QAAA,IAAA,CAAA,qBAAqB,GAAG,IAAI,YAAY,CAAO,IAAI,CAAC,CAAC;AACrD,QAAA,IAAA,CAAA,mBAAmB,GAAG,IAAI,YAAY,CAAO,IAAI,CAAC,CAAC;AAC1C,QAAA,IAAA,CAAA,gBAAgB,GAAG,IAAI,mBAAmB,CAAC,IAAI,CAAC,CAAC;QAC1D,IAAY,CAAA,YAAA,GAAwB,IAAI,CAAC;QACzC,IAAyB,CAAA,yBAAA,GAAG,KAAK,CAAC;QACzB,IAAuC,CAAA,uCAAA,GAAW,CAAC,CAAC;;;QAIrE,IAAgB,CAAA,gBAAA,GAAG,IAAI,CAAC;QACxB,IAAc,CAAA,cAAA,GAAG,KAAK,CAAC;QACvB,IAAQ,CAAA,QAAA,GAAG,KAAK,CAAC;QACjB,IAAsB,CAAA,sBAAA,GAAyB,IAAI,CAAC;QACpD,IAAsB,CAAA,sBAAA,GAAyC,IAAI,CAAC;QACpE,IAAa,CAAA,aAAA,GACX,2BAA2B,CAAC;QAC9B,IAAqB,CAAA,qBAAA,GAA2B,IAAI,CAAC;QACrD,IAAuB,CAAA,uBAAA,GAAoC,EAAE,CAAC;QAC9D,IAAsB,CAAA,sBAAA,GAAkC,IAAI,CAAC;QAC7D,IAAuB,CAAA,uBAAA,GAA2C,EAAE,CAAC;QACrE,IAAmC,CAAA,mCAAA,GAEnB,SAAS,CAAC;;;;QAOlB,IAAe,CAAA,eAAA,GAA8B,SAAS,CAAC;QAE/D,IAAY,CAAA,YAAA,GAAkB,IAAI,CAAC;QACnC,IAAQ,CAAA,QAAA,GAAkB,IAAI,CAAC;AAC/B,QAAA,IAAA,CAAA,QAAQ,GAAiB,EAAE,iCAAiC,EAAE,KAAK,EAAE,CAAC;QAqqB9D,IAAU,CAAA,UAAA,GAAa,EAAE,CAAC;AA7pBhC,QAAA,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC;AACrB,QAAA,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,gBAAgB,CAAC;;;AAG7C,QAAA,IAAI,CAAC,4BAA4B,GAAG,IAAI,OAAO,CAC7C,OAAO,KAAK,IAAI,CAAC,mCAAmC,GAAG,OAAO,CAAC,CAChE,CAAC;KACH;IAED,0BAA0B,CACxB,oBAA2C,EAC3C,qBAA6C,EAAA;QAE7C,IAAI,qBAAqB,EAAE;AACzB,YAAA,IAAI,CAAC,sBAAsB,GAAG,YAAY,CAAC,qBAAqB,CAAC,CAAC;SACnE;;;QAID,IAAI,CAAC,sBAAsB,GAAG,IAAI,CAAC,KAAK,CAAC,YAAW;AAClD,YAAA,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,OAAO;aACR;AAED,YAAA,IAAI,CAAC,kBAAkB,GAAG,MAAM,sBAAsB,CAAC,MAAM,CAC3D,IAAI,EACJ,oBAAoB,CACrB,CAAC;AACF,YAAA,IAAI,CAAC,mCAAmC,IAAI,CAAC;AAE7C,YAAA,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,OAAO;aACR;;;AAID,YAAA,IAAI,IAAI,CAAC,sBAAsB,EAAE,sBAAsB,EAAE;;AAEvD,gBAAA,IAAI;oBACF,MAAM,IAAI,CAAC,sBAAsB,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;iBACrD;gBAAC,OAAO,CAAC,EAAE;;iBAEX;aACF;AAED,YAAA,MAAM,IAAI,CAAC,qBAAqB,CAAC,qBAAqB,CAAC,CAAC;YAExD,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,WAAW,EAAE,GAAG,IAAI,IAAI,CAAC;AAErD,YAAA,IAAI,IAAI,CAAC,QAAQ,EAAE;gBACjB,OAAO;aACR;AAED,YAAA,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;AAC7B,SAAC,CAAC,CAAC;QAEH,OAAO,IAAI,CAAC,sBAAsB,CAAC;KACpC;AAED;;AAEG;AACH,IAAA,MAAM,eAAe,GAAA;AACnB,QAAA,IAAI,IAAI,CAAC,QAAQ,EAAE;YACjB,OAAO;SACR;QAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,cAAc,EAAE,CAAC;QAE7D,IAAI,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,IAAI,EAAE;;YAE9B,OAAO;SACR;;AAGD,QAAA,IAAI,IAAI,CAAC,WAAW,IAAI,IAAI,IAAI,IAAI,CAAC,WAAW,CAAC,GAAG,KAAK,IAAI,CAAC,GAAG,EAAE;;AAEjE,YAAA,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;;;AAGhC,YAAA,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC;YACpC,OAAO;SACR;;;QAID,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,iCAAiC,IAAI,CAAC,CAAC;KAC1E;IAEO,MAAM,gCAAgC,CAC5C,OAAe,EAAA;AAEf,QAAA,IAAI;YACF,MAAM,QAAQ,GAAG,MAAM,cAAc,CAAC,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;AACzD,YAAA,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,2BAA2B,CACrD,IAAI,EACJ,QAAQ,EACR,OAAO,CACR,CAAC;AACF,YAAA,MAAM,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;SACzC;QAAC,OAAO,GAAG,EAAE;AACZ,YAAA,OAAO,CAAC,IAAI,CACV,oEAAoE,EACpE,GAAG,CACJ,CAAC;AACF,YAAA,MAAM,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;SACzC;KACF;IAEO,MAAM,qBAAqB,CACjC,qBAA6C,EAAA;AAE7C,QAAA,IAAIU,wBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;YAClC,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC;YAC9C,IAAI,OAAO,EAAE;;;AAGX,gBAAA,OAAO,IAAI,OAAO,CAAO,OAAO,IAAG;AACjC,oBAAA,UAAU,CAAC,MACT,IAAI,CAAC,gCAAgC,CAAC,OAAO,CAAC,CAAC,IAAI,CACjD,OAAO,EACP,OAAO,CACR,CACF,CAAC;AACJ,iBAAC,CAAC,CAAC;aACJ;iBAAM;AACL,gBAAA,OAAO,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;aAC1C;SACF;;QAGD,MAAM,oBAAoB,IACvB,MAAM,IAAI,CAAC,mBAAmB,CAAC,cAAc,EAAE,CAAwB,CAAC;QAC3E,IAAI,iBAAiB,GAAG,oBAAoB,CAAC;QAC7C,IAAI,sBAAsB,GAAG,KAAK,CAAC;QACnC,IAAI,qBAAqB,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE;AACnD,YAAA,MAAM,IAAI,CAAC,mCAAmC,EAAE,CAAC;AACjD,YAAA,MAAM,mBAAmB,GAAG,IAAI,CAAC,YAAY,EAAE,gBAAgB,CAAC;AAChE,YAAA,MAAM,iBAAiB,GAAG,iBAAiB,EAAE,gBAAgB,CAAC;YAC9D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,qBAAqB,CAAC,CAAC;;;;;AAMnE,YAAA,IACE,CAAC,CAAC,mBAAmB,IAAI,mBAAmB,KAAK,iBAAiB;gBAClE,MAAM,EAAE,IAAI,EACZ;AACA,gBAAA,iBAAiB,GAAG,MAAM,CAAC,IAAoB,CAAC;gBAChD,sBAAsB,GAAG,IAAI,CAAC;aAC/B;SACF;;QAGD,IAAI,CAAC,iBAAiB,EAAE;AACtB,YAAA,OAAO,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;SAC1C;AAED,QAAA,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE;;;YAGvC,IAAI,sBAAsB,EAAE;AAC1B,gBAAA,IAAI;oBACF,MAAM,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,iBAAiB,CAAC,CAAC;iBAC9D;gBAAC,OAAO,CAAC,EAAE;oBACV,iBAAiB,GAAG,oBAAoB,CAAC;;;AAGzC,oBAAA,IAAI,CAAC,sBAAuB,CAAC,uBAAuB,CAAC,IAAI,EAAE,MACzD,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAClB,CAAC;iBACH;aACF;YAED,IAAI,iBAAiB,EAAE;AACrB,gBAAA,OAAO,IAAI,CAAC,8BAA8B,CAAC,iBAAiB,CAAC,CAAC;aAC/D;iBAAM;AACL,gBAAA,OAAO,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;aAC1C;SACF;AAED,QAAA,OAAO,CAAC,IAAI,CAAC,sBAAsB,EAAE,IAAI,sDAA+B,CAAC;AACzE,QAAA,MAAM,IAAI,CAAC,mCAAmC,EAAE,CAAC;;;;QAKjD,IACE,IAAI,CAAC,YAAY;YACjB,IAAI,CAAC,YAAY,CAAC,gBAAgB,KAAK,iBAAiB,CAAC,gBAAgB,EACzE;AACA,YAAA,OAAO,IAAI,CAAC,sBAAsB,CAAC,iBAAiB,CAAC,CAAC;SACvD;AAED,QAAA,OAAO,IAAI,CAAC,8BAA8B,CAAC,iBAAiB,CAAC,CAAC;KAC/D;IAEO,MAAM,iBAAiB,CAC7B,gBAAuC,EAAA;;;;;;;;;;;;;;;;QAkBvC,IAAI,MAAM,GAA0B,IAAI,CAAC;AACzC,QAAA,IAAI;;;AAGF,YAAA,MAAM,GAAG,MAAM,IAAI,CAAC,sBAAuB,CAAC,mBAAmB,CAC7D,IAAI,EACJ,gBAAgB,EAChB,IAAI,CACL,CAAC;SACH;QAAC,OAAO,CAAC,EAAE;;;AAGV,YAAA,MAAM,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;SACnC;AAED,QAAA,OAAO,MAAM,CAAC;KACf;IAEO,MAAM,8BAA8B,CAC1C,IAAkB,EAAA;AAElB,QAAA,IAAI;AACF,YAAA,MAAM,oBAAoB,CAAC,IAAI,CAAC,CAAC;SAClC;QAAC,OAAO,CAAC,EAAE;YACV,IACG,CAAmB,EAAE,IAAI;gBAC1B,CAAQ,KAAA,EAAA,wBAAA,4CAAsC,CAAA,EAC9C;;;AAGA,gBAAA,OAAO,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;aAC1C;SACF;AAED,QAAA,OAAO,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;KAC1C;IAED,iBAAiB,GAAA;AACf,QAAA,IAAI,CAAC,YAAY,GAAG,gBAAgB,EAAE,CAAC;KACxC;AAED,IAAA,MAAM,OAAO,GAAA;AACX,QAAA,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;KACtB;IAED,MAAM,iBAAiB,CAAC,UAAuB,EAAA;AAC7C,QAAA,IAAIA,wBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;YAClC,OAAO,OAAO,CAAC,MAAM,CACnB,+CAA+C,CAAC,IAAI,CAAC,CACtD,CAAC;SACH;;;QAGD,MAAM,IAAI,GAAG,UAAU;AACrB,cAAGF,uBAAkB,CAAC,UAAU,CAAkB;cAChD,IAAI,CAAC;QACT,IAAI,IAAI,EAAE;AACR,YAAA,OAAO,CACL,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,KAAK,IAAI,CAAC,MAAM,CAAC,MAAM,EAC9C,IAAI,wDAEL,CAAC;SACH;AACD,QAAA,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;KAC3D;AAED,IAAA,MAAM,kBAAkB,CACtB,IAAiB,EACjB,2BAAoC,KAAK,EAAA;AAEzC,QAAA,IAAI,IAAI,CAAC,QAAQ,EAAE;YACjB,OAAO;SACR;QACD,IAAI,IAAI,EAAE;YACR,OAAO,CACL,IAAI,CAAC,QAAQ,KAAK,IAAI,CAAC,QAAQ,EAC/B,IAAI,EAAA,oBAAA,wCAEL,CAAC;SACH;QAED,IAAI,CAAC,wBAAwB,EAAE;YAC7B,MAAM,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;SACjD;AAED,QAAA,OAAO,IAAI,CAAC,KAAK,CAAC,YAAW;AAC3B,YAAA,MAAM,IAAI,CAAC,sBAAsB,CAAC,IAA2B,CAAC,CAAC;YAC/D,IAAI,CAAC,mBAAmB,EAAE,CAAC;AAC7B,SAAC,CAAC,CAAC;KACJ;AAED,IAAA,MAAM,OAAO,GAAA;AACX,QAAA,IAAIE,wBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;YAClC,OAAO,OAAO,CAAC,MAAM,CACnB,+CAA+C,CAAC,IAAI,CAAC,CACtD,CAAC;SACH;;QAED,MAAM,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;;QAEhD,IAAI,IAAI,CAAC,0BAA0B,IAAI,IAAI,CAAC,sBAAsB,EAAE;AAClE,YAAA,MAAM,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;SACnC;;;QAID,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,iCAAiC,IAAI,CAAC,CAAC;KAC3E;AAED,IAAA,cAAc,CAAC,WAAwB,EAAA;AACrC,QAAA,IAAIA,wBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;YAClC,OAAO,OAAO,CAAC,MAAM,CACnB,+CAA+C,CAAC,IAAI,CAAC,CACtD,CAAC;SACH;AACD,QAAA,OAAO,IAAI,CAAC,KAAK,CAAC,YAAW;YAC3B,MAAM,IAAI,CAAC,mBAAmB,CAAC,cAAc,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,CAAC;AAC3E,SAAC,CAAC,CAAC;KACJ;IAED,mBAAmB,GAAA;AACjB,QAAA,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,EAAE;YACzB,OAAO,IAAI,CAAC,qBAAqB,CAAC;SACnC;aAAM;YACL,OAAO,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;SACpD;KACF;IAED,MAAM,gBAAgB,CAAC,QAAgB,EAAA;AACrC,QAAA,IAAI,CAAC,IAAI,CAAC,0BAA0B,EAAE,EAAE;AACtC,YAAA,MAAM,IAAI,CAAC,qBAAqB,EAAE,CAAC;SACpC;;AAGD,QAAA,MAAM,cAAc,GAClB,IAAI,CAAC,0BAA0B,EAAG,CAAC;;;QAIrC,IACE,cAAc,CAAC,aAAa;YAC5B,IAAI,CAAC,uCAAuC,EAC5C;AACA,YAAA,OAAO,OAAO,CAAC,MAAM,CACnB,IAAI,CAAC,aAAa,CAAC,MAAM,CAAA,4CAAA,iEAEvB,EAAE,CACH,CACF,CAAC;SACH;AAED,QAAA,OAAO,cAAc,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;KAClD;IAED,0BAA0B,GAAA;AACxB,QAAA,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,EAAE;YAC1B,OAAO,IAAI,CAAC,sBAAsB,CAAC;SACpC;aAAM;YACL,OAAO,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;SACpD;KACF;AAED,IAAA,MAAM,qBAAqB,GAAA;AACzB,QAAA,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,IAAI,CAAC,CAAC;AAEhD,QAAA,MAAM,cAAc,GAA2B,IAAI,kBAAkB,CACnE,QAAQ,CACT,CAAC;AAEF,QAAA,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,EAAE;AAC1B,YAAA,IAAI,CAAC,sBAAsB,GAAG,cAAc,CAAC;SAC9C;aAAM;YACL,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,cAAc,CAAC;SAC9D;KACF;IAED,mBAAmB,GAAA;AACjB,QAAA,OAAO,IAAI,CAAC,mBAAmB,CAAC,WAAW,CAAC,IAAI,CAAC;KAClD;IAED,eAAe,GAAA;AACb,QAAA,OAAO,IAAI,CAAC,mBAAmB,CAAC,WAAW,CAAC;KAC7C;AAED,IAAA,eAAe,CAAC,QAAsB,EAAA;AACpC,QAAA,IAAI,CAAC,aAAa,GAAG,IAAIb,iBAAY,CACnC,MAAM,EACN,UAAU,EACT,QAA8B,EAAE,CAClC,CAAC;KACH;AAED,IAAA,kBAAkB,CAChB,cAAoC,EACpC,KAAe,EACf,SAAsB,EAAA;AAEtB,QAAA,OAAO,IAAI,CAAC,qBAAqB,CAC/B,IAAI,CAAC,qBAAqB,EAC1B,cAAc,EACd,KAAK,EACL,SAAS,CACV,CAAC;KACH;IAED,sBAAsB,CACpB,QAAqD,EACrD,OAAoB,EAAA;QAEpB,OAAO,IAAI,CAAC,gBAAgB,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;KAC9D;AAED,IAAA,gBAAgB,CACd,cAAoC,EACpC,KAAe,EACf,SAAsB,EAAA;AAEtB,QAAA,OAAO,IAAI,CAAC,qBAAqB,CAC/B,IAAI,CAAC,mBAAmB,EACxB,cAAc,EACd,KAAK,EACL,SAAS,CACV,CAAC;KACH;IAED,cAAc,GAAA;QACZ,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,KAAI;AACrC,YAAA,IAAI,IAAI,CAAC,WAAW,EAAE;AACpB,gBAAA,OAAO,EAAE,CAAC;aACX;iBAAM;AACL,gBAAA,MAAM,WAAW,GAAG,IAAI,CAAC,kBAAkB,CAAC,MAAK;AAC/C,oBAAA,WAAW,EAAE,CAAC;AACd,oBAAA,OAAO,EAAE,CAAC;iBACX,EAAE,MAAM,CAAC,CAAC;aACZ;AACH,SAAC,CAAC,CAAC;KACJ;AAED;;AAEG;IACH,MAAM,iBAAiB,CAAC,KAAa,EAAA;AACnC,QAAA,IAAI,IAAI,CAAC,WAAW,EAAE;YACpB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC;;AAEpD,YAAA,MAAM,OAAO,GAAuB;AAClC,gBAAA,UAAU,EAAE,WAAW;AACvB,gBAAA,SAAS,EAAwB,cAAA;gBACjC,KAAK;gBACL,OAAO;aACR,CAAC;AACF,YAAA,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,EAAE;AACzB,gBAAA,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;aAClC;AACD,YAAA,MAAM,WAAW,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;SAClC;KACF;IAED,MAAM,GAAA;QACJ,OAAO;AACL,YAAA,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;AAC1B,YAAA,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU;YAClC,OAAO,EAAE,IAAI,CAAC,IAAI;AAClB,YAAA,WAAW,EAAE,IAAI,CAAC,YAAY,EAAE,MAAM,EAAE;SACzC,CAAC;KACH;AAED,IAAA,MAAM,gBAAgB,CACpB,IAAyB,EACzB,qBAA6C,EAAA;QAE7C,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,mCAAmC,CACpE,qBAAqB,CACtB,CAAC;QACF,OAAO,IAAI,KAAK,IAAI;AAClB,cAAE,eAAe,CAAC,iBAAiB,EAAE;AACrC,cAAE,eAAe,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;KAC1C;IAEO,MAAM,mCAAmC,CAC/C,qBAA6C,EAAA;AAE7C,QAAA,IAAI,CAAC,IAAI,CAAC,0BAA0B,EAAE;YACpC,MAAM,QAAQ,GACZ,CAAC,qBAAqB,IAAI,YAAY,CAAC,qBAAqB,CAAC;gBAC7D,IAAI,CAAC,sBAAsB,CAAC;AAC9B,YAAA,OAAO,CAAC,QAAQ,EAAE,IAAI,sDAA+B,CAAC;AACtD,YAAA,IAAI,CAAC,0BAA0B,GAAG,MAAM,sBAAsB,CAAC,MAAM,CACnE,IAAI,EACJ,CAAC,YAAY,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC,6CAE9C,CAAC;AACF,YAAA,IAAI,CAAC,YAAY;AACf,gBAAA,MAAM,IAAI,CAAC,0BAA0B,CAAC,cAAc,EAAE,CAAC;SAC1D;QAED,OAAO,IAAI,CAAC,0BAA0B,CAAC;KACxC;IAED,MAAM,kBAAkB,CAAC,EAAU,EAAA;;;AAGjC,QAAA,IAAI,IAAI,CAAC,cAAc,EAAE;YACvB,MAAM,IAAI,CAAC,KAAK,CAAC,YAAW,GAAG,CAAC,CAAC;SAClC;QAED,IAAI,IAAI,CAAC,YAAY,EAAE,gBAAgB,KAAK,EAAE,EAAE;YAC9C,OAAO,IAAI,CAAC,YAAY,CAAC;SAC1B;QAED,IAAI,IAAI,CAAC,YAAY,EAAE,gBAAgB,KAAK,EAAE,EAAE;YAC9C,OAAO,IAAI,CAAC,YAAY,CAAC;SAC1B;AAED,QAAA,OAAO,IAAI,CAAC;KACb;IAED,MAAM,qBAAqB,CAAC,IAAkB,EAAA;AAC5C,QAAA,IAAI,IAAI,KAAK,IAAI,CAAC,WAAW,EAAE;AAC7B,YAAA,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC,CAAC;SAClE;KACF;;AAGD,IAAA,yBAAyB,CAAC,IAAkB,EAAA;AAC1C,QAAA,IAAI,IAAI,KAAK,IAAI,CAAC,WAAW,EAAE;YAC7B,IAAI,CAAC,mBAAmB,EAAE,CAAC;SAC5B;KACF;IAED,IAAI,GAAA;AACF,QAAA,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAI,CAAA,EAAA,IAAI,CAAC,MAAM,CAAC,MAAM,CAAA,CAAA,EAAI,IAAI,CAAC,IAAI,EAAE,CAAC;KACvE;IAED,sBAAsB,GAAA;AACpB,QAAA,IAAI,CAAC,yBAAyB,GAAG,IAAI,CAAC;AACtC,QAAA,IAAI,IAAI,CAAC,WAAW,EAAE;AACpB,YAAA,IAAI,CAAC,YAAY,CAAC,sBAAsB,EAAE,CAAC;SAC5C;KACF;IAED,qBAAqB,GAAA;AACnB,QAAA,IAAI,CAAC,yBAAyB,GAAG,KAAK,CAAC;AACvC,QAAA,IAAI,IAAI,CAAC,WAAW,EAAE;AACpB,YAAA,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;SAC3C;KACF;;AAGD,IAAA,IAAI,YAAY,GAAA;QACd,OAAO,IAAI,CAAC,WAA2B,CAAC;KACzC;IAEO,mBAAmB,GAAA;AACzB,QAAA,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE;YACxB,OAAO;SACR;QAED,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAEhD,MAAM,UAAU,GAAG,IAAI,CAAC,WAAW,EAAE,GAAG,IAAI,IAAI,CAAC;AACjD,QAAA,IAAI,IAAI,CAAC,eAAe,KAAK,UAAU,EAAE;AACvC,YAAA,IAAI,CAAC,eAAe,GAAG,UAAU,CAAC;YAClC,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;SACnD;KACF;AAEO,IAAA,qBAAqB,CAC3B,YAAgC,EAChC,cAAoC,EACpC,KAAe,EACf,SAAsB,EAAA;AAEtB,QAAA,IAAI,IAAI,CAAC,QAAQ,EAAE;AACjB,YAAA,OAAO,MAAO,GAAC,CAAC;SACjB;AAED,QAAA,MAAM,EAAE,GACN,OAAO,cAAc,KAAK,UAAU;AAClC,cAAE,cAAc;cACd,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAE/C,IAAI,cAAc,GAAG,KAAK,CAAC;AAE3B,QAAA,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc;AACjC,cAAE,OAAO,CAAC,OAAO,EAAE;AACnB,cAAE,IAAI,CAAC,sBAAsB,CAAC;AAChC,QAAA,OAAO,CAAC,OAAO,EAAE,IAAI,sDAA+B,CAAC;;;AAGrD,QAAA,OAAO,CAAC,IAAI,CAAC,MAAK;YAChB,IAAI,cAAc,EAAE;gBAClB,OAAO;aACR;AACD,YAAA,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;AACvB,SAAC,CAAC,CAAC;AAEH,QAAA,IAAI,OAAO,cAAc,KAAK,UAAU,EAAE;AACxC,YAAA,MAAM,WAAW,GAAG,YAAY,CAAC,WAAW,CAC1C,cAAc,EACd,KAAK,EACL,SAAS,CACV,CAAC;AACF,YAAA,OAAO,MAAK;gBACV,cAAc,GAAG,IAAI,CAAC;AACtB,gBAAA,WAAW,EAAE,CAAC;AAChB,aAAC,CAAC;SACH;aAAM;YACL,MAAM,WAAW,GAAG,YAAY,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;AAC7D,YAAA,OAAO,MAAK;gBACV,cAAc,GAAG,IAAI,CAAC;AACtB,gBAAA,WAAW,EAAE,CAAC;AAChB,aAAC,CAAC;SACH;KACF;AAED;;;;AAIG;IACK,MAAM,sBAAsB,CAClC,IAAyB,EAAA;QAEzB,IAAI,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,WAAW,KAAK,IAAI,EAAE;AACjD,YAAA,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;SAC3C;AACD,QAAA,IAAI,IAAI,IAAI,IAAI,CAAC,yBAAyB,EAAE;YAC1C,IAAI,CAAC,sBAAsB,EAAE,CAAC;SAC/B;AAED,QAAA,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QAExB,IAAI,IAAI,EAAE;YACR,MAAM,IAAI,CAAC,mBAAmB,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;SACrD;aAAM;AACL,YAAA,MAAM,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,EAAE,CAAC;SACpD;KACF;AAEO,IAAA,KAAK,CAAC,MAAmB,EAAA;;;AAG/B,QAAA,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACvD,OAAO,IAAI,CAAC,UAAU,CAAC;KACxB;AAED,IAAA,IAAY,mBAAmB,GAAA;AAC7B,QAAA,OAAO,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,sDAA+B,CAAC;QACrE,OAAO,IAAI,CAAC,kBAAkB,CAAC;KAChC;AAID,IAAA,aAAa,CAAC,SAAiB,EAAA;AAC7B,QAAA,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE;YACrD,OAAO;SACR;AACD,QAAA,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;;;AAIhC,QAAA,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;AACvB,QAAA,IAAI,CAAC,aAAa,GAAG,iBAAiB,CACpC,IAAI,CAAC,MAAM,CAAC,cAAc,EAC1B,IAAI,CAAC,cAAc,EAAE,CACtB,CAAC;KACH;IACD,cAAc,GAAA;QACZ,OAAO,IAAI,CAAC,UAAU,CAAC;KACxB;AACD,IAAA,MAAM,qBAAqB,GAAA;;AAEzB,QAAA,MAAM,OAAO,GAA2B;YACtC,CAA6B,kBAAA,qCAAE,IAAI,CAAC,aAAa;SAClD,CAAC;QAEF,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE;YAC1B,OAAO,CAAA,kBAAA,mCAA6B,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC;SAC/D;;AAGD,QAAA,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,wBAAwB;AACzD,aAAA,YAAY,CAAC;AACZ,YAAA,QAAQ,EAAE,IAAI;SACf,CAAC;cACA,mBAAmB,EAAE,CAAC;QAC1B,IAAI,gBAAgB,EAAE;YACpB,OAAO,CAAA,mBAAA,oCAA8B,GAAG,gBAAgB,CAAC;SAC1D;;AAGD,QAAA,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACrD,IAAI,aAAa,EAAE;YACjB,OAAO,CAAA,qBAAA,uCAAiC,GAAG,aAAa,CAAC;SAC1D;AAED,QAAA,OAAO,OAAO,CAAC;KAChB;AAED,IAAA,MAAM,iBAAiB,GAAA;AACrB,QAAA,IAAIa,wBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,aAAa,EAAE;AACrE,YAAA,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC;SACxC;AACD,QAAA,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,uBAAuB;AAC3D,aAAA,YAAY,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;cAC/B,QAAQ,EAAE,CAAC;AACf,QAAA,IAAI,mBAAmB,EAAE,KAAK,EAAE;;;;;AAK9B,YAAA,QAAQ,CACN,CAA2C,wCAAA,EAAA,mBAAmB,CAAC,KAAK,CAAA,CAAE,CACvE,CAAC;SACH;QACD,OAAO,mBAAmB,EAAE,KAAK,CAAC;KACnC;AACF,CAAA;AAED;;;;;AAKG;AACG,SAAU,SAAS,CAAC,IAAU,EAAA;AAClC,IAAA,OAAOF,uBAAkB,CAAC,IAAI,CAAiB,CAAC;AAClD,CAAC;AAED;AACA,MAAM,YAAY,CAAA;AAMhB,IAAA,WAAA,CAAqB,IAAkB,EAAA;QAAlB,IAAI,CAAA,IAAA,GAAJ,IAAI,CAAc;QAL/B,IAAQ,CAAA,QAAA,GAA8B,IAAI,CAAC;AAC1C,QAAA,IAAA,CAAA,WAAW,GAAwBK,oBAAe,CACzD,QAAQ,KAAK,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC,CACvC,CAAC;KAEyC;AAE3C,IAAA,IAAI,IAAI,GAAA;QACN,OAAO,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAA,gBAAA,oCAA+B,CAAC;AAChE,QAAA,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;KAC/C;AACF;;ACv4BD;;;;;;;;;;;;;;;AAeG;AASH,IAAI,kBAAkB,GAAuB;AAC3C,IAAA,MAAM,MAAM,GAAA;AACV,QAAA,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;KACpD;AAED,IAAA,iBAAiB,EAAE,EAAE;AACrB,IAAA,yBAAyB,EAAE,EAAE;AAC7B,IAAA,UAAU,EAAE,EAAE;CACf,CAAC;AAMI,SAAU,OAAO,CAAC,GAAW,EAAA;AACjC,IAAA,OAAO,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;AACxC,CAAC;SAMe,6BAA6B,GAAA;IAC3C,OAAO,kBAAkB,CAAC,yBAAyB,CAAC;AACtD;;AChDA;;;;;;;;;;;;;;;AAeG;MA4DU,sBAAsB,CAAA;AAAnC,IAAA,WAAA,GAAA;AACE,QAAA,IAAA,CAAA,UAAU,GAAe,IAAI,cAAc,EAAE,CAAC;KAmB/C;AAlBC,IAAA,KAAK,CAAC,QAAoB,EAAA;AACxB,QAAA,QAAQ,EAAE,CAAC;KACZ;IAED,OAAO;;AAEL,IAAA,QAAgB,EAChB,QAA4B,EAAA;AAE5B,QAAA,OAAO,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;KACjC;IACD,MAAM;;AAEJ,IAAA,UAAgC,EAChC,WAAmC,EAAA;AAEnC,QAAA,OAAO,EAAE,CAAC;KACX;AACF,CAAA;MAEY,cAAc,CAAA;AACzB,IAAA,KAAK,CAAC,QAAoB,EAAA;AACxB,QAAA,QAAQ,EAAE,CAAC;KACZ;IAED,OAAO;;AAEL,IAAA,QAAgB,EAChB,QAA4B,EAAA;AAE5B,QAAA,OAAO,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;KACjC;IACD,MAAM;;AAEJ,IAAA,UAAgC,EAChC,WAAmC,EAAA;AAEnC,QAAA,OAAO,EAAE,CAAC;KACX;AACF;;ACpHD;AAqCO,MAAM,kCAAkC,GAAG,sBAAsB,CAAC;AAClE,MAAM,UAAU,GAAG,cAAc,CAAC;MAE5B,2BAA2B,CAAA;AAQtC;;;;AAIG;AACH,IAAA,WAAA,CAAY,UAAgB,EAAA;AAZ5B;;AAEG;QACM,IAAI,CAAA,IAAA,GAAG,kCAAkC,CAAC;AAUjD,QAAA,IAAI,CAAC,IAAI,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;KACnC;AAED;;;;AAIG;IACH,MAAM,MAAM,CACV,MAAA,GAAiB,QAAQ,EACzB,YAAY,GAAG,KAAK,EAAA;QAEpB,eAAe,eAAe,CAAC,IAAkB,EAAA;YAC/C,IAAI,CAAC,YAAY,EAAE;AACjB,gBAAA,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,IAAI,IAAI,CAAC,qBAAqB,IAAI,IAAI,EAAE;AAC/D,oBAAA,OAAO,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC;iBAC3C;AACD,gBAAA,IACE,IAAI,CAAC,QAAQ,IAAI,IAAI;oBACrB,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,SAAS,EACzD;oBACA,OAAO,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC;iBAC5D;aACF;YAED,OAAO,IAAI,OAAO,CAAS,OAAO,OAAO,EAAE,MAAM,KAAI;gBACnD,kBAAkB,CAAC,IAAI,EAAE;AACvB,oBAAA,UAAU,EAAyB,iBAAA;AACnC,oBAAA,OAAO,EAA6B,sBAAA;iBACrC,CAAC;qBACC,IAAI,CAAC,QAAQ,IAAG;AACf,oBAAA,IAAI,QAAQ,CAAC,YAAY,KAAK,SAAS,EAAE;AACvC,wBAAA,MAAM,CAAC,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC,CAAC;qBAC9D;yBAAM;AACL,wBAAA,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,QAAQ,CAAC,CAAC;AAC7C,wBAAA,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,EAAE;AACzB,4BAAA,IAAI,CAAC,qBAAqB,GAAG,MAAM,CAAC;yBACrC;6BAAM;4BACL,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,MAAM,CAAC;yBACtD;AACD,wBAAA,OAAO,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;qBAChC;AACH,iBAAC,CAAC;qBACD,KAAK,CAAC,KAAK,IAAG;oBACb,MAAM,CAAC,KAAK,CAAC,CAAC;AAChB,iBAAC,CAAC,CAAC;AACP,aAAC,CAAC,CAAC;SACJ;AAED,QAAA,SAAS,sBAAsB,CAC7B,OAAe,EACf,OAAsD,EACtD,MAAkC,EAAA;AAElC,YAAA,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;AACrC,YAAA,IAAI,YAAY,CAAC,UAAU,CAAC,EAAE;AAC5B,gBAAA,UAAU,CAAC,UAAU,CAAC,KAAK,CAAC,MAAK;AAC/B,oBAAA,UAAU,CAAC,UAAU;AAClB,yBAAA,OAAO,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,CAAC;yBAC5B,IAAI,CAAC,KAAK,IAAG;wBACZ,OAAO,CAAC,KAAK,CAAC,CAAC;AACjB,qBAAC,CAAC;yBACD,KAAK,CAAC,MAAK;wBACV,OAAO,CAAC,UAAU,CAAC,CAAC;AACtB,qBAAC,CAAC,CAAC;AACP,iBAAC,CAAC,CAAC;aACJ;iBAAM;AACL,gBAAA,MAAM,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC,CAAC;aACzD;SACF;;QAGD,IAAI,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,iCAAiC,EAAE;AACxD,YAAA,MAAM,aAAa,GAAG,IAAI,sBAAsB,EAAE,CAAC;AACnD,YAAA,OAAO,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAC;SAC/D;QAED,OAAO,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,MAAM,KAAI;AAC7C,YAAA,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC;iBACvB,IAAI,CAAC,OAAO,IAAG;gBACd,IAAI,CAAC,YAAY,IAAI,YAAY,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE;AACpD,oBAAA,sBAAsB,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;iBAClD;qBAAM;AACL,oBAAA,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE;AACjC,wBAAA,MAAM,CACJ,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAC5D,CAAC;wBACF,OAAO;qBACR;AACD,oBAAA,IAAI,GAAG,GAAGC,6BAAuC,EAAE,CAAC;AACpD,oBAAA,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE;wBACpB,GAAG,IAAI,OAAO,CAAC;qBAChB;oBACDC,OACU,CAAC,GAAG,CAAC;yBACZ,IAAI,CAAC,MAAK;AACT,wBAAA,sBAAsB,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;AACnD,qBAAC,CAAC;yBACD,KAAK,CAAC,KAAK,IAAG;wBACb,MAAM,CAAC,KAAK,CAAC,CAAC;AAChB,qBAAC,CAAC,CAAC;iBACN;AACH,aAAC,CAAC;iBACD,KAAK,CAAC,KAAK,IAAG;gBACb,MAAM,CAAC,KAAK,CAAC,CAAC;AAChB,aAAC,CAAC,CAAC;AACP,SAAC,CAAC,CAAC;KACJ;AACF,CAAA;AAEM,eAAe,qBAAqB,CACzC,IAAkB,EAClB,OAAU,EACV,MAA2B,EAC3B,aAAa,GAAG,KAAK,EACrB,WAAW,GAAG,KAAK,EAAA;AAEnB,IAAA,MAAM,QAAQ,GAAG,IAAI,2BAA2B,CAAC,IAAI,CAAC,CAAC;AACvD,IAAA,IAAI,eAAe,CAAC;IAEpB,IAAI,WAAW,EAAE;QACf,eAAe,GAAG,UAAU,CAAC;KAC9B;SAAM;AACL,QAAA,IAAI;YACF,eAAe,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;SACjD;QAAC,OAAO,KAAK,EAAE;YACd,eAAe,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;SACvD;KACF;AAED,IAAA,MAAM,UAAU,GAAG,EAAE,GAAG,OAAO,EAAE,CAAC;AAClC,IAAA,IACE,MAAM,KAA2C,kBAAA;QACjD,MAAM,KAAA,cAAA,2CACN;AACA,QAAA,IAAI,qBAAqB,IAAI,UAAU,EAAE;AACvC,YAAA,MAAM,WAAW,GACf,UACD,CAAC,mBAAmB,CAAC,WAAW,CAAC;AAClC,YAAA,MAAM,cAAc,GAClB,UACD,CAAC,mBAAmB,CAAC,cAAc,CAAC;AAErC,YAAA,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE;AACxB,gBAAA,qBAAqB,EAAE;oBACrB,WAAW;oBACX,cAAc;oBACd,eAAe;AACf,oBAAA,YAAY,EAAyB,iBAAA;AACrC,oBAAA,kBAAkB,EAA6B,sBAAA;AAChD,iBAAA;AACF,aAAA,CAAC,CAAC;SACJ;AAAM,aAAA,IAAI,iBAAiB,IAAI,UAAU,EAAE;AAC1C,YAAA,MAAM,cAAc,GAClB,UACD,CAAC,eAAe,CAAC,cAAc,CAAC;AAEjC,YAAA,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE;AACxB,gBAAA,iBAAiB,EAAE;oBACjB,cAAc;oBACd,eAAe;AACf,oBAAA,YAAY,EAAyB,iBAAA;AACrC,oBAAA,kBAAkB,EAA6B,sBAAA;AAChD,iBAAA;AACF,aAAA,CAAC,CAAC;SACJ;AACD,QAAA,OAAO,UAAU,CAAC;KACnB;IAED,IAAI,CAAC,aAAa,EAAE;QAClB,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE,EAAE,eAAe,EAAE,CAAC,CAAC;KAChD;SAAM;QACL,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE,EAAE,aAAa,EAAE,eAAe,EAAE,CAAC,CAAC;KAC/D;IACD,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE,EAAE,YAAY,EAAA,iBAAA,gCAA2B,CAAC,CAAC;AACrE,IAAA,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE;AACxB,QAAA,kBAAkB,EAA6B,sBAAA;AAChD,KAAA,CAAC,CAAC;AACH,IAAA,OAAO,UAAU,CAAC;AACpB,CAAC;AAOM,eAAe,mBAAmB,CACvC,YAA0B,EAC1B,OAAiB,EACjB,UAA+B,EAC/B,YAA+C,EAC/C,qBAA4C,EAAA;IAE5C,IAAI,qBAAqB,KAAkD,yBAAA,sDAAE;AAC3E,QAAA,IACE,YAAY;AACT,aAAA,mBAAmB,EAAE;cACpB,iBAAiB,CAA+C,yBAAA,qDAAA,EACpE;AACA,YAAA,MAAM,oBAAoB,GAAG,MAAM,qBAAqB,CACtD,YAAY,EACZ,OAAO,EACP,UAAU,EACV,UAAU,KAAA,YAAA,wCACX,CAAC;AACF,YAAA,OAAO,YAAY,CAAC,YAAY,EAAE,oBAAoB,CAAC,CAAC;SACzD;aAAM;AACL,YAAA,OAAO,YAAY,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,OAAM,KAAK,KAAG;gBAC7D,IAAI,KAAK,CAAC,IAAI,KAAK,QAAQ,yBAAqC,6CAAA,CAAE,EAAE;AAClE,oBAAA,OAAO,CAAC,GAAG,CACT,GAAG,UAAU,CAAA,4HAAA,CAA8H,CAC5I,CAAC;AACF,oBAAA,MAAM,oBAAoB,GAAG,MAAM,qBAAqB,CACtD,YAAY,EACZ,OAAO,EACP,UAAU,EACV,UAAU,KAAA,YAAA,wCACX,CAAC;AACF,oBAAA,OAAO,YAAY,CAAC,YAAY,EAAE,oBAAoB,CAAC,CAAC;iBACzD;qBAAM;AACL,oBAAA,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;iBAC9B;AACH,aAAC,CAAC,CAAC;SACJ;KACF;SAAM,IAAI,qBAAqB,KAAyC,gBAAA,6CAAE;AACzE,QAAA,IACE,YAAY;AACT,aAAA,mBAAmB,EAAE;cACpB,iBAAiB,CAAsC,gBAAA,4CAAA,EAC3D;YACA,MAAM,oBAAoB,GAAG,MAAM,qBAAqB,CACtD,YAAY,EACZ,OAAO,EACP,UAAU,CACX,CAAC;AAEF,YAAA,OAAO,YAAY,CAAC,YAAY,EAAE,oBAAoB,CAAC,CAAC,KAAK,CAC3D,OAAM,KAAK,KAAG;AACZ,gBAAA,IACE,YAAY;AACT,qBAAA,mBAAmB,EAAE;AACtB,sBAAE,2BAA2B,CAAA,gBAAA,4CAE5B,KAA2B,OAAA,+BAC9B;;AAEA,oBAAA,IACE,KAAK,CAAC,IAAI,KAAK,CAAA,KAAA,EAAQ,sEAAuC,CAAA;AAC9D,wBAAA,KAAK,CAAC,IAAI,KAAK,QAAQ,wBAAoC,4CAAA,CAAE,EAC7D;AACA,wBAAA,OAAO,CAAC,GAAG,CACT,8GAA8G,UAAU,CAAA,MAAA,CAAQ,CACjI,CAAC;;;;AAIF,wBAAA,MAAM,0BAA0B,GAAG,MAAM,qBAAqB,CAC5D,YAAY,EACZ,OAAO,EACP,UAAU,EACV,KAAK;AACL,wBAAA,IAAI;yBACL,CAAC;;AAEF,wBAAA,OAAO,YAAY,CAAC,YAAY,EAAE,0BAA0B,CAAC,CAAC;qBAC/D;iBACF;;AAED,gBAAA,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AAC/B,aAAC,CACF,CAAC;SACH;aAAM;;AAEL,YAAA,MAAM,0BAA0B,GAAG,MAAM,qBAAqB,CAC5D,YAAY,EACZ,OAAO,EACP,UAAU,EACV,KAAK;AACL,YAAA,IAAI;aACL,CAAC;;AAGF,YAAA,OAAO,YAAY,CAAC,YAAY,EAAE,0BAA0B,CAAC,CAAC;SAC/D;KACF;SAAM;QACL,OAAO,OAAO,CAAC,MAAM,CACnB,qBAAqB,GAAG,6BAA6B,CACtD,CAAC;KACH;AACH,CAAC;AAEM,eAAe,0BAA0B,CAAC,IAAU,EAAA;AACzD,IAAA,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;AAErC,IAAA,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,YAAY,EAAE;AACtD,QAAA,UAAU,EAAyB,iBAAA;AACnC,QAAA,OAAO,EAA6B,sBAAA;AACrC,KAAA,CAAC,CAAC;AAEH,IAAA,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,QAAQ,CAAC,CAAC;AAC7C,IAAA,IAAI,YAAY,CAAC,QAAQ,IAAI,IAAI,EAAE;AACjC,QAAA,YAAY,CAAC,qBAAqB,GAAG,MAAM,CAAC;KAC7C;SAAM;QACL,YAAY,CAAC,uBAAuB,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,MAAM,CAAC;KACtE;AAED,IAAA,IAAI,MAAM,CAAC,oBAAoB,EAAE,EAAE;AACjC,QAAA,MAAM,QAAQ,GAAG,IAAI,2BAA2B,CAAC,YAAY,CAAC,CAAC;AAC/D,QAAA,KAAK,QAAQ,CAAC,MAAM,EAAE,CAAC;KACxB;AACH;;AC5WA;;;;;;;;;;;;;;;AAeG;AAYH;;;;;;;;;;;;;;;;;;;;;;;;AAwBG;AACa,SAAA,cAAc,CAACC,KAAgB,EAAE,IAAmB,EAAA;IAClE,MAAM,QAAQ,GAAGC,gBAAY,CAACD,KAAG,EAAE,MAAM,CAAC,CAAC;AAE3C,IAAA,IAAI,QAAQ,CAAC,aAAa,EAAE,EAAE;AAC5B,QAAA,MAAM,IAAI,GAAG,QAAQ,CAAC,YAAY,EAAc,CAAC;AACjD,QAAA,MAAM,cAAc,GAAG,QAAQ,CAAC,UAAU,EAAkB,CAAC;QAC7D,IAAIE,cAAS,CAAC,cAAc,EAAE,IAAI,IAAI,EAAE,CAAC,EAAE;AACzC,YAAA,OAAO,IAAI,CAAC;SACb;aAAM;YACL,KAAK,CAAC,IAAI,EAAA,qBAAA,yCAAoC,CAAC;SAChD;KACF;AAED,IAAA,MAAM,IAAI,GAAG,QAAQ,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAa,CAAC;AAEhE,IAAA,OAAO,IAAI,CAAC;AACd,CAAC;AAEe,SAAA,uBAAuB,CACrC,IAAc,EACd,IAAmB,EAAA;AAEnB,IAAA,MAAM,WAAW,GAAG,IAAI,EAAE,WAAW,IAAI,EAAE,CAAC;IAC5C,MAAM,SAAS,GAAG,CAChB,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,GAAG,WAAW,GAAG,CAAC,WAAW,CAAC,EACxD,GAAG,CAAsB,YAAY,CAAC,CAAC;AACzC,IAAA,IAAI,IAAI,EAAE,QAAQ,EAAE;AAClB,QAAA,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;KACrC;;;;IAKD,IAAI,CAAC,0BAA0B,CAAC,SAAS,EAAE,IAAI,EAAE,qBAAqB,CAAC,CAAC;AAC1E;;AC3DA;;;;;;;;;;;;;;;;;;;;;AAqBG;SACa,mBAAmB,CACjC,IAAU,EACV,GAAW,EACX,OAAsC,EAAA;AAEtC,IAAA,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IACrC,OAAO,CACL,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,EACxB,YAAY,EAAA,yBAAA,6CAEb,CAAC;AAEF,IAAA,MAAM,eAAe,GAAG,CAAC,CAAC,OAAO,EAAE,eAAe,CAAC;AAEnD,IAAA,MAAM,QAAQ,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;IACtC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;AAC/C,IAAA,MAAM,OAAO,GAAG,IAAI,KAAK,IAAI,GAAG,EAAE,GAAG,CAAI,CAAA,EAAA,IAAI,EAAE,CAAC;;AAGhD,IAAA,MAAM,QAAQ,GAAG,EAAE,GAAG,EAAE,CAAA,EAAG,QAAQ,CAAA,EAAA,EAAK,IAAI,CAAA,EAAG,OAAO,CAAA,CAAA,CAAG,EAAE,CAAC;AAC5D,IAAA,MAAM,cAAc,GAAG,MAAM,CAAC,MAAM,CAAC;QACnC,IAAI;QACJ,IAAI;QACJ,QAAQ,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC;QACnC,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,eAAe,EAAE,CAAC;AAC5C,KAAA,CAAC,CAAC;;AAGH,IAAA,IAAI,CAAC,YAAY,CAAC,gBAAgB,EAAE;;;AAGlC,QAAA,OAAO,CACL,YAAY,CAAC,MAAM,CAAC,QAAQ,IAAI,YAAY,CAAC,cAAc,EAC3D,YAAY,sEAEb,CAAC;;;QAIF,OAAO,CACLA,cAAS,CAAC,QAAQ,EAAE,YAAY,CAAC,MAAM,CAAC,QAAQ,CAAC;YAC/CA,cAAS,CAAC,cAAc,EAAE,YAAY,CAAC,cAAc,CAAC,EACxD,YAAY,EAAA,wBAAA,4CAEb,CAAC;;;QAIF,OAAO;KACR;AAED,IAAA,YAAY,CAAC,MAAM,CAAC,QAAQ,GAAG,QAAQ,CAAC;AACxC,IAAA,YAAY,CAAC,cAAc,GAAG,cAAc,CAAC;AAC7C,IAAA,YAAY,CAAC,QAAQ,CAAC,iCAAiC,GAAG,IAAI,CAAC;;AAG/D,IAAA,IAAIZ,uBAAkB,CAAC,IAAI,CAAC,EAAE;QAC5B,KAAKa,eAAU,CAAC,CAAA,EAAG,QAAQ,CAAA,EAAA,EAAK,IAAI,CAAG,EAAA,OAAO,CAAE,CAAA,CAAC,CAAC;AAClD,QAAAC,yBAAoB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;KACpC;SAAM,IAAI,CAAC,eAAe,EAAE;AAC3B,QAAA,mBAAmB,EAAE,CAAC;KACvB;AACH,CAAC;AAED,SAAS,eAAe,CAAC,GAAW,EAAA;IAClC,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACrC,OAAO,WAAW,GAAG,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,WAAW,GAAG,CAAC,CAAC,CAAC;AAC/D,CAAC;AAED,SAAS,kBAAkB,CAAC,GAAW,EAAA;AAIrC,IAAA,MAAM,QAAQ,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;AACtC,IAAA,MAAM,SAAS,GAAG,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;IACvE,IAAI,CAAC,SAAS,EAAE;QACd,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;KACjC;AACD,IAAA,MAAM,WAAW,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC;IACxD,MAAM,aAAa,GAAG,oBAAoB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAC7D,IAAI,aAAa,EAAE;AACjB,QAAA,MAAM,IAAI,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;AAC9B,QAAA,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,CAAC,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;KACvE;SAAM;AACL,QAAA,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC5C,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC;KACxC;AACH,CAAC;AAED,SAAS,SAAS,CAAC,OAAe,EAAA;IAChC,IAAI,CAAC,OAAO,EAAE;AACZ,QAAA,OAAO,IAAI,CAAC;KACb;AACD,IAAA,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;AAC7B,IAAA,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE;AACf,QAAA,OAAO,IAAI,CAAC;KACb;AACD,IAAA,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,mBAAmB,GAAA;AAC1B,IAAA,SAAS,YAAY,GAAA;QACnB,MAAM,EAAE,GAAG,QAAQ,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;AACvC,QAAA,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC;AACrB,QAAA,EAAE,CAAC,SAAS;AACV,YAAA,mEAAmE,CAAC;AACtE,QAAA,GAAG,CAAC,QAAQ,GAAG,OAAO,CAAC;AACvB,QAAA,GAAG,CAAC,KAAK,GAAG,MAAM,CAAC;AACnB,QAAA,GAAG,CAAC,eAAe,GAAG,SAAS,CAAC;AAChC,QAAA,GAAG,CAAC,MAAM,GAAG,oBAAoB,CAAC;AAClC,QAAA,GAAG,CAAC,KAAK,GAAG,SAAS,CAAC;AACtB,QAAA,GAAG,CAAC,MAAM,GAAG,KAAK,CAAC;AACnB,QAAA,GAAG,CAAC,IAAI,GAAG,KAAK,CAAC;AACjB,QAAA,GAAG,CAAC,MAAM,GAAG,KAAK,CAAC;AACnB,QAAA,GAAG,CAAC,MAAM,GAAG,OAAO,CAAC;AACrB,QAAA,GAAG,CAAC,SAAS,GAAG,QAAQ,CAAC;AACzB,QAAA,EAAE,CAAC,SAAS,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;AAC9C,QAAA,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;KAC/B;AAED,IAAA,IAAI,OAAO,OAAO,KAAK,WAAW,IAAI,OAAO,OAAO,CAAC,IAAI,KAAK,UAAU,EAAE;QACxE,OAAO,CAAC,IAAI,CACV,2CAA2C;YACzC,6DAA6D;AAC7D,YAAA,0BAA0B,CAC7B,CAAC;KACH;IACD,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,OAAO,QAAQ,KAAK,WAAW,EAAE;AACpE,QAAA,IAAI,QAAQ,CAAC,UAAU,KAAK,SAAS,EAAE;AACrC,YAAA,MAAM,CAAC,gBAAgB,CAAC,kBAAkB,EAAE,YAAY,CAAC,CAAC;SAC3D;aAAM;AACL,YAAA,YAAY,EAAE,CAAC;SAChB;KACF;AACH;;ACvLA;;;;;;;;;;;;;;;AAeG;AAOH;;;;;;;AAOG;MACU,cAAc,CAAA;;AAEzB,IAAA,WAAA;AACE;;;;;AAKG;IACM,UAAkB;AAC3B;;;;;;;AAOG;IACM,YAAoB,EAAA;QATpB,IAAU,CAAA,UAAA,GAAV,UAAU,CAAQ;QASlB,IAAY,CAAA,YAAA,GAAZ,YAAY,CAAQ;KAC3B;AAEJ;;;;AAIG;IACH,MAAM,GAAA;AACJ,QAAA,OAAO,SAAS,CAAC,iBAAiB,CAAC,CAAC;KACrC;;AAGD,IAAA,mBAAmB,CAAC,KAAmB,EAAA;AACrC,QAAA,OAAO,SAAS,CAAC,iBAAiB,CAAC,CAAC;KACrC;;IAED,cAAc,CACZ,KAAmB,EACnB,QAAgB,EAAA;AAEhB,QAAA,OAAO,SAAS,CAAC,iBAAiB,CAAC,CAAC;KACrC;;AAED,IAAA,4BAA4B,CAAC,KAAmB,EAAA;AAC9C,QAAA,OAAO,SAAS,CAAC,iBAAiB,CAAC,CAAC;KACrC;AACF;;AC3ED;;;;;;;;;;;;;;;AAeG;AA2BI,eAAe,aAAa,CACjC,IAAU,EACV,OAA6B,EAAA;IAE7B,OAAO,kBAAkB,CACvB,IAAI,EAGJ,MAAA,wBAAA,4BAAA,gCAAA,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACJ,CAAC;AAUM,eAAe,mBAAmB,CACvC,IAAU,EACV,OAAmC,EAAA;AAEnC,IAAA,OAAO,kBAAkB,CAGvB,IAAI,EAA8C,MAAA,wBAAA,qBAAA,kCAAA,OAAO,CAAC,CAAC;AAC/D,CAAC;AAED;AACA;AACO,eAAe,iBAAiB,CACrC,IAAU,EACV,OAAsB,EAAA;AAEtB,IAAA,OAAO,kBAAkB,CACvB,IAAI,EAGJ,MAAA,wBAAA,qBAAA,yBAAA,OAAO,CACR,CAAC;AACJ,CAAC;AASM,eAAeC,iBAAe,CACnC,IAAU,EACV,OAA+B,EAAA;IAE/B,OAAO,kBAAkB,CACvB,IAAI,EAGJ,MAAA,wBAAA,qBAAA,kCAAA,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACJ;;ACvGA;;;;;;;;;;;;;;;AAeG;AA8BI,eAAe,kBAAkB,CACtC,IAAU,EACV,OAAkC,EAAA;IAElC,OAAO,qBAAqB,CAI1B,IAAI,EAGJ,MAAA,wBAAA,iCAAA,uCAAA,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACJ,CAAC;AAqDD,eAAe,WAAW,CACxB,IAAU,EACV,OAA0B,EAAA;IAE1B,OAAO,kBAAkB,CACvB,IAAI,EAGJ,MAAA,wBAAA,0BAAA,+BAAA,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACJ,CAAC;AAEM,eAAeC,uBAAqB,CACzC,IAAU,EACV,OAA2B,EAAA;AAE3B,IAAA,OAAO,WAAW,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AACpC,CAAC;AAEM,eAAeC,wBAAsB,CAC1C,IAAU,EACV,OAA6B,EAAA;AAE7B,IAAA,OAAO,WAAW,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AACpC,CAAC;AAEM,eAAeC,uBAAqB,CACzC,IAAU,EACV,OAA2B,EAAA;AAE3B,IAAA,OAAO,WAAW,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AACpC,CAAC;AAEM,eAAe,oBAAoB,CACxC,IAAU,EACV,OAAoC,EAAA;AAEpC,IAAA,OAAO,WAAW,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AACpC;;ACrJA;;;;;;;;;;;;;;;AAeG;AAsBI,eAAeC,qBAAmB,CACvC,IAAU,EACV,OAAmC,EAAA;IAEnC,OAAO,qBAAqB,CAI1B,IAAI,EAGJ,MAAA,wBAAA,kCAAA,yCAAA,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACJ,CAAC;AAOM,eAAe,6BAA6B,CACjD,IAAU,EACV,OAA6C,EAAA;IAE7C,OAAO,qBAAqB,CAI1B,IAAI,EAGJ,MAAA,wBAAA,kCAAA,yCAAA,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACJ;;ACtEA;;;;;;;;;;;;;;;AAeG;AAyBH;;;;;;;;;AASG;AACG,MAAO,mBAAoB,SAAQ,cAAc,CAAA;;AAErD,IAAA,WAAA;;IAEW,MAAc;;AAEd,IAAA,SAAiB,EAC1B,YAA0B;;AAEjB,IAAA,SAAA,GAA2B,IAAI,EAAA;QAExC,KAAK,CAAA,UAAA,4BAAsB,YAAY,CAAC,CAAC;QAPhC,IAAM,CAAA,MAAA,GAAN,MAAM,CAAQ;QAEd,IAAS,CAAA,SAAA,GAAT,SAAS,CAAQ;QAGjB,IAAS,CAAA,SAAA,GAAT,SAAS,CAAsB;KAGzC;;AAGD,IAAA,OAAO,qBAAqB,CAC1B,KAAa,EACb,QAAgB,EAAA;AAEhB,QAAA,OAAO,IAAI,mBAAmB,CAC5B,KAAK,EACL,QAAQ,+CAET,CAAC;KACH;;IAGD,OAAO,iBAAiB,CACtB,KAAa,EACb,OAAe,EACf,WAA0B,IAAI,EAAA;QAE9B,OAAO,IAAI,mBAAmB,CAC5B,KAAK,EACL,OAAO,EAAA,WAAA,gCAEP,QAAQ,CACT,CAAC;KACH;;IAGD,MAAM,GAAA;QACJ,OAAO;YACL,KAAK,EAAE,IAAI,CAAC,MAAM;YAClB,QAAQ,EAAE,IAAI,CAAC,SAAS;YACxB,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,QAAQ,EAAE,IAAI,CAAC,SAAS;SACzB,CAAC;KACH;AAED;;;;;;;AAOG;IACH,OAAO,QAAQ,CAAC,IAAqB,EAAA;AACnC,QAAA,MAAM,GAAG,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;QAC/D,IAAI,GAAG,EAAE,KAAK,IAAI,GAAG,EAAE,QAAQ,EAAE;AAC/B,YAAA,IAAI,GAAG,CAAC,YAAY,KAAA,UAAA,oCAAkC;AACpD,gBAAA,OAAO,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;aAC5D;AAAM,iBAAA,IAAI,GAAG,CAAC,YAAY,KAAA,WAAA,gCAA8B;AACvD,gBAAA,OAAO,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;aACtE;SACF;AACD,QAAA,OAAO,IAAI,CAAC;KACb;;IAGD,MAAM,mBAAmB,CAAC,IAAkB,EAAA;AAC1C,QAAA,QAAQ,IAAI,CAAC,YAAY;AACvB,YAAA,KAAA,UAAA;AACE,gBAAA,MAAM,OAAO,GAA8B;AACzC,oBAAA,iBAAiB,EAAE,IAAI;oBACvB,KAAK,EAAE,IAAI,CAAC,MAAM;oBAClB,QAAQ,EAAE,IAAI,CAAC,SAAS;AACxB,oBAAA,UAAU,EAAyB,iBAAA;iBACpC,CAAC;gBACF,OAAO,mBAAmB,CACxB,IAAI,EACJ,OAAO,EAEP,oBAAA,kDAAA,kBAAkB,gFAEnB,CAAC;AACJ,YAAA,KAAA,WAAA;gBACE,OAAOA,qBAAmB,CAAC,IAAI,EAAE;oBAC/B,KAAK,EAAE,IAAI,CAAC,MAAM;oBAClB,OAAO,EAAE,IAAI,CAAC,SAAS;AACxB,iBAAA,CAAC,CAAC;AACL,YAAA;gBACE,KAAK,CAAC,IAAI,EAAA,gBAAA,oCAA+B,CAAC;SAC7C;KACF;;AAGD,IAAA,MAAM,cAAc,CAClB,IAAkB,EAClB,OAAe,EAAA;AAEf,QAAA,QAAQ,IAAI,CAAC,YAAY;AACvB,YAAA,KAAA,UAAA;AACE,gBAAA,MAAM,OAAO,GAAkB;oBAC7B,OAAO;AACP,oBAAA,iBAAiB,EAAE,IAAI;oBACvB,KAAK,EAAE,IAAI,CAAC,MAAM;oBAClB,QAAQ,EAAE,IAAI,CAAC,SAAS;AACxB,oBAAA,UAAU,EAAyB,iBAAA;iBACpC,CAAC;gBACF,OAAO,mBAAmB,CACxB,IAAI,EACJ,OAAO,EAEP,gBAAA,6CAAA,iBAAiB,gFAElB,CAAC;AACJ,YAAA,KAAA,WAAA;gBACE,OAAO,6BAA6B,CAAC,IAAI,EAAE;oBACzC,OAAO;oBACP,KAAK,EAAE,IAAI,CAAC,MAAM;oBAClB,OAAO,EAAE,IAAI,CAAC,SAAS;AACxB,iBAAA,CAAC,CAAC;AACL,YAAA;gBACE,KAAK,CAAC,IAAI,EAAA,gBAAA,oCAA+B,CAAC;SAC7C;KACF;;AAGD,IAAA,4BAA4B,CAAC,IAAkB,EAAA;AAC7C,QAAA,OAAO,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC;KACvC;AACF;;ACvLD;;;;;;;;;;;;;;;AAeG;AAkCI,eAAe,aAAa,CACjC,IAAU,EACV,OAA6B,EAAA;IAE7B,OAAO,qBAAqB,CAC1B,IAAI,EAGJ,MAAA,wBAAA,4BAAA,kCAAA,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACJ;;AC3DA;;;;;;;;;;;;;;;AAeG;AAcH,MAAMC,iBAAe,GAAG,kBAAkB,CAAC;AAqB3C;;;;;;;AAOG;AACG,MAAO,eAAgB,SAAQ,cAAc,CAAA;AAAnD,IAAA,WAAA,GAAA;;QAqBU,IAAY,CAAA,YAAA,GAAkB,IAAI,CAAC;KA8H5C;;IA3HC,OAAO,WAAW,CAAC,MAA6B,EAAA;AAC9C,QAAA,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;QAEzE,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,WAAW,EAAE;;AAExC,YAAA,IAAI,MAAM,CAAC,OAAO,EAAE;AAClB,gBAAA,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;aAC/B;AAED,YAAA,IAAI,MAAM,CAAC,WAAW,EAAE;AACtB,gBAAA,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;aACvC;;YAGD,IAAI,MAAM,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE;AACxC,gBAAA,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;aAC3B;AAED,YAAA,IAAI,MAAM,CAAC,YAAY,EAAE;AACvB,gBAAA,IAAI,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;aACzC;SACF;aAAM,IAAI,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,gBAAgB,EAAE;;AAEvD,YAAA,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,UAAU,CAAC;AACrC,YAAA,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,gBAAgB,CAAC;SACvC;aAAM;AACL,YAAA,KAAK,qDAA8B,CAAC;SACrC;AAED,QAAA,OAAO,IAAI,CAAC;KACb;;IAGD,MAAM,GAAA;QACJ,OAAO;YACL,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,YAAY,EAAE,IAAI,CAAC,YAAY;SAChC,CAAC;KACH;AAED;;;;;;;;AAQG;IACH,OAAO,QAAQ,CAAC,IAAqB,EAAA;AACnC,QAAA,MAAM,GAAG,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;QAC/D,MAAM,EAAE,UAAU,EAAE,YAAY,EAAE,GAAG,IAAI,EAAE,GAA0B,GAAG,CAAC;AACzE,QAAA,IAAI,CAAC,UAAU,IAAI,CAAC,YAAY,EAAE;AAChC,YAAA,OAAO,IAAI,CAAC;SACb;QAED,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;QAC3D,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,IAAI,SAAS,CAAC;QACzC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,IAAI,SAAS,CAAC;AACjD,QAAA,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;AAC1B,QAAA,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACxB,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC;AAC9C,QAAA,OAAO,IAAI,CAAC;KACb;;AAGD,IAAA,mBAAmB,CAAC,IAAkB,EAAA;AACpC,QAAA,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;AACpC,QAAA,OAAO,aAAa,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;KACrC;;IAGD,cAAc,CACZ,IAAkB,EAClB,OAAe,EAAA;AAEf,QAAA,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;AACpC,QAAA,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC;AAC1B,QAAA,OAAO,aAAa,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;KACrC;;AAGD,IAAA,4BAA4B,CAAC,IAAkB,EAAA;AAC7C,QAAA,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;AACpC,QAAA,OAAO,CAAC,UAAU,GAAG,KAAK,CAAC;AAC3B,QAAA,OAAO,aAAa,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;KACrC;IAEO,YAAY,GAAA;AAClB,QAAA,MAAM,OAAO,GAAyB;AACpC,YAAA,UAAU,EAAEA,iBAAe;AAC3B,YAAA,iBAAiB,EAAE,IAAI;SACxB,CAAC;AAEF,QAAA,IAAI,IAAI,CAAC,YAAY,EAAE;AACrB,YAAA,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC;SAC1C;aAAM;YACL,MAAM,QAAQ,GAA2B,EAAE,CAAC;AAC5C,YAAA,IAAI,IAAI,CAAC,OAAO,EAAE;AAChB,gBAAA,QAAQ,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC;aACrC;AACD,YAAA,IAAI,IAAI,CAAC,WAAW,EAAE;AACpB,gBAAA,QAAQ,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC;aAC7C;AACD,YAAA,IAAI,IAAI,CAAC,MAAM,EAAE;AACf,gBAAA,QAAQ,CAAC,oBAAoB,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC;aAC9C;AAED,YAAA,QAAQ,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,UAAU,CAAC;YACzC,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE;AACpC,gBAAA,QAAQ,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC;aAChC;AAED,YAAA,OAAO,CAAC,QAAQ,GAAGtB,gBAAW,CAAC,QAAQ,CAAC,CAAC;SAC1C;AAED,QAAA,OAAO,OAAO,CAAC;KAChB;AACF;;AC7MD;;;;;;;;;;;;;;;AAeG;AAuEI,eAAeuB,uBAAqB,CACzC,IAAU,EACV,OAAqC,EAAA;IAErC,OAAO,qBAAqB,CAI1B,IAAI,EAGJ,MAAA,wBAAA,oCAAA,2CAAA,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACJ,CAAC;AAEM,eAAeC,qBAAmB,CACvC,IAAU,EACV,OAAmC,EAAA;AAEnC,IAAA,MAAM,QAAQ,GAAG,MAAM,qBAAqB,CAI1C,IAAI,EAAA,MAAA,wBAAA,oCAAA,2CAGJ,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACF,IAAA,IAAI,QAAQ,CAAC,cAAc,EAAE;AAC3B,QAAA,MAAM,gBAAgB,CAAC,IAAI,EAAmC,0CAAA,wCAAA,QAAQ,CAAC,CAAC;KACzE;AACD,IAAA,OAAO,QAAQ,CAAC;AAClB,CAAC;AAOD,MAAM,2CAA2C,GAE7C;AACF,IAAA,CAAA,gBAAA,oCAAwD,gBAAA;CACzD,CAAC;AAEK,eAAe,4BAA4B,CAChD,IAAU,EACV,OAAqC,EAAA;AAErC,IAAA,MAAM,UAAU,GAAwC;AACtD,QAAA,GAAG,OAAO;AACV,QAAA,SAAS,EAAE,QAAQ;KACpB,CAAC;AACF,IAAA,OAAO,qBAAqB,CAI1B,IAAI,EAAA,MAAA,wBAAA,oCAAA,2CAGJ,kBAAkB,CAAC,IAAI,EAAE,UAAU,CAAC,EACpC,2CAA2C,CAC5C,CAAC;AACJ;;ACrJA;;;;;;;;;;;;;;;AAeG;AAsBH;;;;AAIG;AACG,MAAO,mBAAoB,SAAQ,cAAc,CAAA;AACrD,IAAA,WAAA,CAAqC,MAAqC,EAAA;AACxE,QAAA,KAAK,kEAAsC,CAAC;QADT,IAAM,CAAA,MAAA,GAAN,MAAM,CAA+B;KAEzE;;AAGD,IAAA,OAAO,iBAAiB,CACtB,cAAsB,EACtB,gBAAwB,EAAA;QAExB,OAAO,IAAI,mBAAmB,CAAC,EAAE,cAAc,EAAE,gBAAgB,EAAE,CAAC,CAAC;KACtE;;AAGD,IAAA,OAAO,kBAAkB,CACvB,WAAmB,EACnB,cAAsB,EAAA;QAEtB,OAAO,IAAI,mBAAmB,CAAC,EAAE,WAAW,EAAE,cAAc,EAAE,CAAC,CAAC;KACjE;;AAGD,IAAA,mBAAmB,CAAC,IAAkB,EAAA;QACpC,OAAOD,uBAAqB,CAAC,IAAI,EAAE,IAAI,CAAC,wBAAwB,EAAE,CAAC,CAAC;KACrE;;IAGD,cAAc,CACZ,IAAkB,EAClB,OAAe,EAAA;QAEf,OAAOC,qBAAmB,CAAC,IAAI,EAAE;YAC/B,OAAO;YACP,GAAG,IAAI,CAAC,wBAAwB,EAAE;AACnC,SAAA,CAAC,CAAC;KACJ;;AAGD,IAAA,4BAA4B,CAAC,IAAkB,EAAA;QAC7C,OAAO,4BAA4B,CAAC,IAAI,EAAE,IAAI,CAAC,wBAAwB,EAAE,CAAC,CAAC;KAC5E;;IAGD,wBAAwB,GAAA;AACtB,QAAA,MAAM,EAAE,cAAc,EAAE,WAAW,EAAE,cAAc,EAAE,gBAAgB,EAAE,GACrE,IAAI,CAAC,MAAM,CAAC;AACd,QAAA,IAAI,cAAc,IAAI,WAAW,EAAE;AACjC,YAAA,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC;SACxC;QAED,OAAO;AACL,YAAA,WAAW,EAAE,cAAc;AAC3B,YAAA,IAAI,EAAE,gBAAgB;SACvB,CAAC;KACH;;IAGD,MAAM,GAAA;AACJ,QAAA,MAAM,GAAG,GAA2B;YAClC,UAAU,EAAE,IAAI,CAAC,UAAU;SAC5B,CAAC;AACF,QAAA,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE;YAC3B,GAAG,CAAC,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;SAC3C;AACD,QAAA,IAAI,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE;YAC9B,GAAG,CAAC,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC;SACjD;AACD,QAAA,IAAI,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE;YAChC,GAAG,CAAC,gBAAgB,GAAG,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;SACrD;AACD,QAAA,IAAI,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE;YAC9B,GAAG,CAAC,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC;SACjD;AAED,QAAA,OAAO,GAAG,CAAC;KACZ;;IAGD,OAAO,QAAQ,CAAC,IAAqB,EAAA;AACnC,QAAA,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;AAC5B,YAAA,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;SACzB;QAED,MAAM,EAAE,cAAc,EAAE,gBAAgB,EAAE,WAAW,EAAE,cAAc,EAAE,GACrE,IAAiC,CAAC;AACpC,QAAA,IACE,CAAC,gBAAgB;AACjB,YAAA,CAAC,cAAc;AACf,YAAA,CAAC,WAAW;YACZ,CAAC,cAAc,EACf;AACA,YAAA,OAAO,IAAI,CAAC;SACb;QAED,OAAO,IAAI,mBAAmB,CAAC;YAC7B,cAAc;YACd,gBAAgB;YAChB,WAAW;YACX,cAAc;AACf,SAAA,CAAC,CAAC;KACJ;AACF;;AC/ID;;;;;;;;;;;;;;;AAeG;AAqBH;;;;AAIG;AACH,SAAS,SAAS,CAAC,IAAmB,EAAA;IACpC,QAAQ,IAAI;AACV,QAAA,KAAK,cAAc;YACjB,OAAyC,eAAA,yCAAA;AAC3C,QAAA,KAAK,eAAe;YAClB,OAA0C,gBAAA,0CAAA;AAC5C,QAAA,KAAK,QAAQ;YACX,OAAwC,cAAA,wCAAA;AAC1C,QAAA,KAAK,aAAa;YAChB,OAAwC,cAAA,wCAAA;AAC1C,QAAA,KAAK,sBAAsB;YACzB,OAAmD,yBAAA,mDAAA;AACrD,QAAA,KAAK,4BAA4B;YAC/B,OAAyD,+BAAA,yDAAA;AAC3D,QAAA;AACE,YAAA,OAAO,IAAI,CAAC;KACf;AACH,CAAC;AAED;;;;AAIG;AACH,SAAS,aAAa,CAAC,GAAW,EAAA;AAChC,IAAA,MAAM,IAAI,GAAGC,sBAAiB,CAACC,uBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;;IAGhE,MAAM,cAAc,GAAG,IAAI;UACvBD,sBAAiB,CAACC,uBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,cAAc,CAAC;UAC3D,IAAI,CAAC;;AAET,IAAA,MAAM,WAAW,GAAGD,sBAAiB,CAACC,uBAAkB,CAAC,GAAG,CAAC,CAAC,CAC5D,cAAc,CACf,CAAC;IACF,MAAM,iBAAiB,GAAG,WAAW;UACjCD,sBAAiB,CAACC,uBAAkB,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC;UAC1D,IAAI,CAAC;IACT,OAAO,iBAAiB,IAAI,WAAW,IAAI,cAAc,IAAI,IAAI,IAAI,GAAG,CAAC;AAC3E,CAAC;AAED;;;;;AAKG;MACU,aAAa,CAAA;AA2BxB;;;;;AAKG;AACH,IAAA,WAAA,CAAY,UAAkB,EAAA;QAC5B,MAAM,YAAY,GAAGD,sBAAiB,CAACC,uBAAkB,CAAC,UAAU,CAAC,CAAC,CAAC;AACvE,QAAA,MAAM,MAAM,GAAG,YAAY,CAAoB,QAAA,0BAAA,IAAI,IAAI,CAAC;AACxD,QAAA,MAAM,IAAI,GAAG,YAAY,CAAiB,SAAA,uBAAA,IAAI,IAAI,CAAC;QACnD,MAAM,SAAS,GAAG,SAAS,CAAC,YAAY,CAAiB,MAAA,uBAAA,IAAI,IAAI,CAAC,CAAC;;AAEnE,QAAA,OAAO,CAAC,MAAM,IAAI,IAAI,IAAI,SAAS,sDAA+B,CAAC;AACnE,QAAA,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;AACrB,QAAA,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;AAC3B,QAAA,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;AACjB,QAAA,IAAI,CAAC,WAAW,GAAG,YAAY,CAAyB,aAAA,+BAAA,IAAI,IAAI,CAAC;AACjE,QAAA,IAAI,CAAC,YAAY,GAAG,YAAY,CAA0B,MAAA,gCAAA,IAAI,IAAI,CAAC;AACnE,QAAA,IAAI,CAAC,QAAQ,GAAG,YAAY,CAAsB,UAAA,4BAAA,IAAI,IAAI,CAAC;KAC5D;AAED;;;;;;;;AAQG;IACH,OAAO,SAAS,CAAC,IAAY,EAAA;AAC3B,QAAA,MAAM,UAAU,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;AACvC,QAAA,IAAI;AACF,YAAA,OAAO,IAAI,aAAa,CAAC,UAAU,CAAC,CAAC;SACtC;AAAC,QAAA,MAAM;AACN,YAAA,OAAO,IAAI,CAAC;SACb;KACF;AACF,CAAA;AAED;;;;;AAKG;AACG,SAAU,kBAAkB,CAAC,IAAY,EAAA;AAC7C,IAAA,OAAO,aAAa,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;AACvC;;ACnKA;;;;;;;;;;;;;;;AAeG;AAUH;;;;AAIG;MACU,iBAAiB,CAAA;AAA9B,IAAA,WAAA,GAAA;AAeE;;AAEG;AACM,QAAA,IAAA,CAAA,UAAU,GAAG,iBAAiB,CAAC,WAAW,CAAC;KA2DrD;AAzDC;;;;;;;;;;;;;;;;;AAiBG;AACH,IAAA,OAAO,UAAU,CAAC,KAAa,EAAE,QAAgB,EAAA;QAC/C,OAAO,mBAAmB,CAAC,qBAAqB,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;KACnE;AAED;;;;;;;;;;;;;;;;;;;;;AAqBG;AACH,IAAA,OAAO,kBAAkB,CACvB,KAAa,EACb,SAAiB,EAAA;QAEjB,MAAM,aAAa,GAAG,aAAa,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACzD,OAAO,CAAC,aAAa,EAAA,gBAAA,oCAA+B,CAAC;AAErD,QAAA,OAAO,mBAAmB,CAAC,iBAAiB,CAC1C,KAAK,EACL,aAAa,CAAC,IAAI,EAClB,aAAa,CAAC,QAAQ,CACvB,CAAC;KACH;;AA3ED;;AAEG;AACa,iBAAA,CAAA,WAAW,wCAAmC;AAC9D;;AAEG;AACa,iBAAA,CAAA,6BAA6B,gDACf;AAC9B;;AAEG;AACa,iBAAA,CAAA,yBAAyB;;AC3C3C;;;;;;;;;;;;;;;AAeG;AAWH;;;;;;AAMG;MACmB,qBAAqB,CAAA;AAMzC;;;;AAIG;AACH,IAAA,WAAA,CAAqB,UAAkB,EAAA;QAAlB,IAAU,CAAA,UAAA,GAAV,UAAU,CAAQ;;QATvC,IAAmB,CAAA,mBAAA,GAAkB,IAAI,CAAC;;QAElC,IAAgB,CAAA,gBAAA,GAAqB,EAAE,CAAC;KAOL;AAE3C;;;;AAIG;AACH,IAAA,kBAAkB,CAAC,YAA2B,EAAA;AAC5C,QAAA,IAAI,CAAC,mBAAmB,GAAG,YAAY,CAAC;KACzC;AAED;;;;;;;;;AASG;AACH,IAAA,mBAAmB,CAAC,qBAAuC,EAAA;AACzD,QAAA,IAAI,CAAC,gBAAgB,GAAG,qBAAqB,CAAC;AAC9C,QAAA,OAAO,IAAI,CAAC;KACb;AAED;;AAEG;IACH,mBAAmB,GAAA;QACjB,OAAO,IAAI,CAAC,gBAAgB,CAAC;KAC9B;AACF;;AC5ED;;;;;;;;;;;;;;;AAeG;AAyCH;;;;;AAKG;AACG,MAAgB,iBACpB,SAAQ,qBAAqB,CAAA;AAD/B,IAAA,WAAA,GAAA;;;QAKU,IAAM,CAAA,MAAA,GAAa,EAAE,CAAC;KAqB/B;AAnBC;;;;AAIG;AACH,IAAA,QAAQ,CAAC,KAAa,EAAA;;QAEpB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE;AAChC,YAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;SACzB;AACD,QAAA,OAAO,IAAI,CAAC;KACb;AAED;;AAEG;IACH,SAAS,GAAA;AACP,QAAA,OAAO,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;KACzB;AACF,CAAA;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAuCG;AACG,MAAO,aAAc,SAAQ,iBAAiB,CAAA;AAClD;;;AAGG;IACH,OAAO,kBAAkB,CAAC,IAAqB,EAAA;AAC7C,QAAA,MAAM,GAAG,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;QAC/D,OAAO,CACL,YAAY,IAAI,GAAG,IAAI,cAAc,IAAI,GAAG,EAAA,gBAAA,oCAE7C,CAAC;AACF,QAAA,OAAO,eAAe,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;KACzC;AAED;;;;;;;;;;;;;;;;;;;;AAoBG;AACH,IAAA,UAAU,CAAC,MAA8B,EAAA;AACvC,QAAA,OAAO,IAAI,CAAC,WAAW,CAAC,EAAE,GAAG,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;KAChE;;AAGO,IAAA,WAAW,CACjB,MAAkE,EAAA;QAElE,OAAO,CAAC,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,WAAW,EAAA,gBAAA,oCAA+B,CAAC;;QAE5E,OAAO,eAAe,CAAC,WAAW,CAAC;AACjC,YAAA,GAAG,MAAM;YACT,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,YAAY,EAAE,IAAI,CAAC,UAAU;AAC9B,SAAA,CAAC,CAAC;KACJ;AAED;;;;AAIG;IACH,OAAO,oBAAoB,CACzB,cAA8B,EAAA;AAE9B,QAAA,OAAO,aAAa,CAAC,+BAA+B,CAClD,cAAwC,CACzC,CAAC;KACH;AACD;;;;;AAKG;IACH,OAAO,mBAAmB,CAAC,KAAoB,EAAA;AAC7C,QAAA,OAAO,aAAa,CAAC,+BAA+B,EACjD,KAAK,CAAC,UAAU,IAAI,EAAE,EACxB,CAAC;KACH;AAEO,IAAA,OAAO,+BAA+B,CAAC,EAC7C,cAAc,EAAE,aAAa,EACL,EAAA;QACxB,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,OAAO,IAAI,CAAC;SACb;AAED,QAAA,MAAM,EACJ,YAAY,EACZ,gBAAgB,EAChB,gBAAgB,EAChB,YAAY,EACZ,KAAK,EACL,UAAU,EACX,GAAG,aAAsC,CAAC;AAC3C,QAAA,IACE,CAAC,gBAAgB;AACjB,YAAA,CAAC,gBAAgB;AACjB,YAAA,CAAC,YAAY;YACb,CAAC,YAAY,EACb;AACA,YAAA,OAAO,IAAI,CAAC;SACb;QAED,IAAI,CAAC,UAAU,EAAE;AACf,YAAA,OAAO,IAAI,CAAC;SACb;AAED,QAAA,IAAI;AACF,YAAA,OAAO,IAAI,aAAa,CAAC,UAAU,CAAC,CAAC,WAAW,CAAC;AAC/C,gBAAA,OAAO,EAAE,YAAY;AACrB,gBAAA,WAAW,EAAE,gBAAgB;gBAC7B,KAAK;gBACL,YAAY;AACb,aAAA,CAAC,CAAC;SACJ;QAAC,OAAO,CAAC,EAAE;AACV,YAAA,OAAO,IAAI,CAAC;SACb;KACF;AACF;;ACrPD;;;;;;;;;;;;;;;AAeG;AAWH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsCG;AACG,MAAO,oBAAqB,SAAQ,iBAAiB,CAAA;AAOzD,IAAA,WAAA,GAAA;AACE,QAAA,KAAK,0CAAqB,CAAC;KAC5B;AAED;;;;;;;;;;;AAWG;IACH,OAAO,UAAU,CAAC,WAAmB,EAAA;QACnC,OAAO,eAAe,CAAC,WAAW,CAAC;YACjC,UAAU,EAAE,oBAAoB,CAAC,WAAW;YAC5C,YAAY,EAAE,oBAAoB,CAAC,uBAAuB;YAC1D,WAAW;AACZ,SAAA,CAAC,CAAC;KACJ;AAED;;;;AAIG;IACH,OAAO,oBAAoB,CACzB,cAA8B,EAAA;AAE9B,QAAA,OAAO,oBAAoB,CAAC,0BAA0B,CACpD,cAAwC,CACzC,CAAC;KACH;AAED;;;;;AAKG;IACH,OAAO,mBAAmB,CAAC,KAAoB,EAAA;AAC7C,QAAA,OAAO,oBAAoB,CAAC,0BAA0B,EACnD,KAAK,CAAC,UAAU,IAAI,EAAE,EACxB,CAAC;KACH;AAEO,IAAA,OAAO,0BAA0B,CAAC,EACxC,cAAc,EAAE,aAAa,EACL,EAAA;QACxB,IAAI,CAAC,aAAa,IAAI,EAAE,kBAAkB,IAAI,aAAa,CAAC,EAAE;AAC5D,YAAA,OAAO,IAAI,CAAC;SACb;AAED,QAAA,IAAI,CAAC,aAAa,CAAC,gBAAgB,EAAE;AACnC,YAAA,OAAO,IAAI,CAAC;SACb;AAED,QAAA,IAAI;YACF,OAAO,oBAAoB,CAAC,UAAU,CAAC,aAAa,CAAC,gBAAgB,CAAC,CAAC;SACxE;AAAC,QAAA,MAAM;AACN,YAAA,OAAO,IAAI,CAAC;SACb;KACF;;AAvED;AACgB,oBAAA,CAAA,uBAAuB,GACf,cAAA,6BAAA;AACxB;AACgB,oBAAA,CAAA,WAAW,GAAuC,cAAA;;ACtEpE;;;;;;;;;;;;;;;AAeG;AAYH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAwCG;AACG,MAAO,kBAAmB,SAAQ,iBAAiB,CAAA;AAMvD,IAAA,WAAA,GAAA;AACE,QAAA,KAAK,sCAAmB,CAAC;AACzB,QAAA,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;KAC1B;AAED;;;;;;;;;;;;AAYG;AACH,IAAA,OAAO,UAAU,CACf,OAAuB,EACvB,WAA2B,EAAA;QAE3B,OAAO,eAAe,CAAC,WAAW,CAAC;YACjC,UAAU,EAAE,kBAAkB,CAAC,WAAW;YAC1C,YAAY,EAAE,kBAAkB,CAAC,qBAAqB;YACtD,OAAO;YACP,WAAW;AACZ,SAAA,CAAC,CAAC;KACJ;AAED;;;;AAIG;IACH,OAAO,oBAAoB,CACzB,cAA8B,EAAA;AAE9B,QAAA,OAAO,kBAAkB,CAAC,0BAA0B,CAClD,cAAwC,CACzC,CAAC;KACH;AACD;;;;;AAKG;IACH,OAAO,mBAAmB,CAAC,KAAoB,EAAA;AAC7C,QAAA,OAAO,kBAAkB,CAAC,0BAA0B,EACjD,KAAK,CAAC,UAAU,IAAI,EAAE,EACxB,CAAC;KACH;AAEO,IAAA,OAAO,0BAA0B,CAAC,EACxC,cAAc,EAAE,aAAa,EACL,EAAA;QACxB,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,OAAO,IAAI,CAAC;SACb;AAED,QAAA,MAAM,EAAE,YAAY,EAAE,gBAAgB,EAAE,GACtC,aAAsC,CAAC;AACzC,QAAA,IAAI,CAAC,YAAY,IAAI,CAAC,gBAAgB,EAAE;;AAEtC,YAAA,OAAO,IAAI,CAAC;SACb;AAED,QAAA,IAAI;YACF,OAAO,kBAAkB,CAAC,UAAU,CAAC,YAAY,EAAE,gBAAgB,CAAC,CAAC;SACtE;AAAC,QAAA,MAAM;AACN,YAAA,OAAO,IAAI,CAAC;SACb;KACF;;AA9ED;AACgB,kBAAA,CAAA,qBAAqB,GAAqC,YAAA,2BAAA;AAC1E;AACgB,kBAAA,CAAA,WAAW,GAAmC,YAAA;;ACxEhE;;;;;;;;;;;;;;;AAeG;AAWH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAyCG;AACG,MAAO,kBAAmB,SAAQ,iBAAiB,CAAA;AAMvD,IAAA,WAAA,GAAA;AACE,QAAA,KAAK,sCAAmB,CAAC;KAC1B;AAED;;;;AAIG;IACH,OAAO,UAAU,CAAC,WAAmB,EAAA;QACnC,OAAO,eAAe,CAAC,WAAW,CAAC;YACjC,UAAU,EAAE,kBAAkB,CAAC,WAAW;YAC1C,YAAY,EAAE,kBAAkB,CAAC,qBAAqB;YACtD,WAAW;AACZ,SAAA,CAAC,CAAC;KACJ;AAED;;;;AAIG;IACH,OAAO,oBAAoB,CACzB,cAA8B,EAAA;AAE9B,QAAA,OAAO,kBAAkB,CAAC,0BAA0B,CAClD,cAAwC,CACzC,CAAC;KACH;AAED;;;;;AAKG;IACH,OAAO,mBAAmB,CAAC,KAAoB,EAAA;AAC7C,QAAA,OAAO,kBAAkB,CAAC,0BAA0B,EACjD,KAAK,CAAC,UAAU,IAAI,EAAE,EACxB,CAAC;KACH;AAEO,IAAA,OAAO,0BAA0B,CAAC,EACxC,cAAc,EAAE,aAAa,EACL,EAAA;QACxB,IAAI,CAAC,aAAa,IAAI,EAAE,kBAAkB,IAAI,aAAa,CAAC,EAAE;AAC5D,YAAA,OAAO,IAAI,CAAC;SACb;AAED,QAAA,IAAI,CAAC,aAAa,CAAC,gBAAgB,EAAE;AACnC,YAAA,OAAO,IAAI,CAAC;SACb;AAED,QAAA,IAAI;YACF,OAAO,kBAAkB,CAAC,UAAU,CAAC,aAAa,CAAC,gBAAgB,CAAC,CAAC;SACtE;AAAC,QAAA,MAAM;AACN,YAAA,OAAO,IAAI,CAAC;SACb;KACF;;AA/DD;AACgB,kBAAA,CAAA,qBAAqB,GAAqC,YAAA,2BAAA;AAC1E;AACgB,kBAAA,CAAA,WAAW,GAAmC,YAAA;;ACxEhE;;;;;;;;;;;;;;;AAeG;AAgBH,MAAM,eAAe,GAAG,kBAAkB,CAAC;AAE3C;;AAEG;AACG,MAAO,kBAAmB,SAAQ,cAAc,CAAA;;IAEpD,WACE,CAAA,UAAkB,EACD,YAAoB,EAAA;AAErC,QAAA,KAAK,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAFb,IAAY,CAAA,YAAA,GAAZ,YAAY,CAAQ;KAGtC;;AAGD,IAAA,mBAAmB,CAAC,IAAkB,EAAA;AACpC,QAAA,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;AACpC,QAAA,OAAO,aAAa,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;KACrC;;IAGD,cAAc,CACZ,IAAkB,EAClB,OAAe,EAAA;AAEf,QAAA,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;AACpC,QAAA,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC;AAC1B,QAAA,OAAO,aAAa,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;KACrC;;AAGD,IAAA,4BAA4B,CAAC,IAAkB,EAAA;AAC7C,QAAA,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;AACpC,QAAA,OAAO,CAAC,UAAU,GAAG,KAAK,CAAC;AAC3B,QAAA,OAAO,aAAa,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;KACrC;;IAGD,MAAM,GAAA;QACJ,OAAO;YACL,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,YAAY,EAAE,IAAI,CAAC,YAAY;SAChC,CAAC;KACH;AAED;;;;;;;;AAQG;IACH,OAAO,QAAQ,CAAC,IAAqB,EAAA;AACnC,QAAA,MAAM,GAAG,GAAG,OAAO,IAAI,KAAK,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;QAC/D,MAAM,EAAE,UAAU,EAAE,YAAY,EAAE,YAAY,EAAE,GAC9C,GAAG,CAAC;AACN,QAAA,IACE,CAAC,UAAU;AACX,YAAA,CAAC,YAAY;AACb,YAAA,CAAC,YAAY;YACb,UAAU,KAAK,YAAY,EAC3B;AACA,YAAA,OAAO,IAAI,CAAC;SACb;AAED,QAAA,OAAO,IAAI,kBAAkB,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;KACzD;AAED;;;;AAIG;AACH,IAAA,OAAO,OAAO,CAAC,UAAkB,EAAE,YAAoB,EAAA;AACrD,QAAA,OAAO,IAAI,kBAAkB,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;KACzD;IAEO,YAAY,GAAA;QAClB,OAAO;AACL,YAAA,UAAU,EAAE,eAAe;AAC3B,YAAA,iBAAiB,EAAE,IAAI;YACvB,YAAY,EAAE,IAAI,CAAC,YAAY;SAChC,CAAC;KACH;AACF;;ACtHD;;;;;;;;;;;;;;;AAeG;AAaH,MAAM,oBAAoB,GAAG,OAAO,CAAC;AAErC;;;;AAIG;AACG,MAAO,gBAAiB,SAAQ,qBAAqB,CAAA;AACzD;;;AAGG;AACH,IAAA,WAAA,CAAY,UAAkB,EAAA;QAC5B,OAAO,CACL,UAAU,CAAC,UAAU,CAAC,oBAAoB,CAAC,sDAE5C,CAAC;QACF,KAAK,CAAC,UAAU,CAAC,CAAC;KACnB;AAED;;;;;;;;;;;;;;;AAeG;IACH,OAAO,oBAAoB,CACzB,cAA8B,EAAA;AAE9B,QAAA,OAAO,gBAAgB,CAAC,8BAA8B,CACpD,cAAwC,CACzC,CAAC;KACH;AAED;;;;;AAKG;IACH,OAAO,mBAAmB,CAAC,KAAoB,EAAA;AAC7C,QAAA,OAAO,gBAAgB,CAAC,8BAA8B,EACnD,KAAK,CAAC,UAAU,IAAI,EAAE,EACxB,CAAC;KACH;AAED;;;AAGG;IACH,OAAO,kBAAkB,CAAC,IAAqB,EAAA;QAC7C,MAAM,UAAU,GAAG,kBAAkB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACrD,OAAO,CAAC,UAAU,EAAA,gBAAA,oCAA+B,CAAC;AAClD,QAAA,OAAO,UAAU,CAAC;KACnB;AAEO,IAAA,OAAO,8BAA8B,CAAC,EAC5C,cAAc,EAAE,aAAa,EACL,EAAA;QACxB,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,OAAO,IAAI,CAAC;SACb;AAED,QAAA,MAAM,EAAE,YAAY,EAAE,UAAU,EAAE,GAAG,aAAsC,CAAC;AAE5E,QAAA,IAAI,CAAC,YAAY,IAAI,CAAC,UAAU,EAAE;AAChC,YAAA,OAAO,IAAI,CAAC;SACb;AAED,QAAA,IAAI;YACF,OAAO,kBAAkB,CAAC,OAAO,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;SAC7D;QAAC,OAAO,CAAC,EAAE;AACV,YAAA,OAAO,IAAI,CAAC;SACb;KACF;AACF;;ACjHD;;;;;;;;;;;;;;;AAeG;AA6BH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsCG;AACG,MAAO,mBAAoB,SAAQ,iBAAiB,CAAA;AAMxD,IAAA,WAAA,GAAA;AACE,QAAA,KAAK,wCAAoB,CAAC;KAC3B;AAED;;;;;AAKG;AACH,IAAA,OAAO,UAAU,CAAC,KAAa,EAAE,MAAc,EAAA;QAC7C,OAAO,eAAe,CAAC,WAAW,CAAC;YACjC,UAAU,EAAE,mBAAmB,CAAC,WAAW;YAC3C,YAAY,EAAE,mBAAmB,CAAC,sBAAsB;AACxD,YAAA,UAAU,EAAE,KAAK;AACjB,YAAA,gBAAgB,EAAE,MAAM;AACzB,SAAA,CAAC,CAAC;KACJ;AAED;;;;AAIG;IACH,OAAO,oBAAoB,CACzB,cAA8B,EAAA;AAE9B,QAAA,OAAO,mBAAmB,CAAC,0BAA0B,CACnD,cAAwC,CACzC,CAAC;KACH;AAED;;;;;AAKG;IACH,OAAO,mBAAmB,CAAC,KAAoB,EAAA;AAC7C,QAAA,OAAO,mBAAmB,CAAC,0BAA0B,EAClD,KAAK,CAAC,UAAU,IAAI,EAAE,EACxB,CAAC;KACH;AAEO,IAAA,OAAO,0BAA0B,CAAC,EACxC,cAAc,EAAE,aAAa,EACL,EAAA;QACxB,IAAI,CAAC,aAAa,EAAE;AAClB,YAAA,OAAO,IAAI,CAAC;SACb;AACD,QAAA,MAAM,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,GAC1C,aAAsC,CAAC;AACzC,QAAA,IAAI,CAAC,gBAAgB,IAAI,CAAC,gBAAgB,EAAE;AAC1C,YAAA,OAAO,IAAI,CAAC;SACb;AAED,QAAA,IAAI;YACF,OAAO,mBAAmB,CAAC,UAAU,CAAC,gBAAgB,EAAE,gBAAgB,CAAC,CAAC;SAC3E;AAAC,QAAA,MAAM;AACN,YAAA,OAAO,IAAI,CAAC;SACb;KACF;;AAlED;AACgB,mBAAA,CAAA,sBAAsB,GAAuC,aAAA,4BAAA;AAC7E;AACgB,mBAAA,CAAA,WAAW,GAAqC,aAAA;;ACvFlE;;;;;;;;;;;;;;;AAeG;AA6BI,eAAe,MAAM,CAC1B,IAAU,EACV,OAAsB,EAAA;IAEtB,OAAO,qBAAqB,CAC1B,IAAI,EAGJ,MAAA,wBAAA,qBAAA,yBAAA,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACJ;;ACtDA;;;;;;;;;;;;;;;AAeG;MAgBU,kBAAkB,CAAA;AAQ7B,IAAA,WAAA,CAAY,MAA4B,EAAA;AACtC,QAAA,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;AACxB,QAAA,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;AACpC,QAAA,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC;AAC5C,QAAA,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,aAAa,CAAC;KAC3C;AAED,IAAA,aAAa,oBAAoB,CAC/B,IAAkB,EAClB,aAA4B,EAC5B,eAAgC,EAChC,WAAA,GAAuB,KAAK,EAAA;AAE5B,QAAA,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,oBAAoB,CAC9C,IAAI,EACJ,eAAe,EACf,WAAW,CACZ,CAAC;AACF,QAAA,MAAM,UAAU,GAAG,qBAAqB,CAAC,eAAe,CAAC,CAAC;AAC1D,QAAA,MAAM,QAAQ,GAAG,IAAI,kBAAkB,CAAC;YACtC,IAAI;YACJ,UAAU;AACV,YAAA,cAAc,EAAE,eAAe;YAC/B,aAAa;AACd,SAAA,CAAC,CAAC;AACH,QAAA,OAAO,QAAQ,CAAC;KACjB;IAED,aAAa,aAAa,CACxB,IAAkB,EAClB,aAA4B,EAC5B,QAAmC,EAAA;QAEnC,MAAM,IAAI,CAAC,wBAAwB,CAAC,QAAQ,eAAe,IAAI,CAAC,CAAC;AACjE,QAAA,MAAM,UAAU,GAAG,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QACnD,OAAO,IAAI,kBAAkB,CAAC;YAC5B,IAAI;YACJ,UAAU;AACV,YAAA,cAAc,EAAE,QAAQ;YACxB,aAAa;AACd,SAAA,CAAC,CAAC;KACJ;AACF,CAAA;AAED,SAAS,qBAAqB,CAC5B,QAAyB,EAAA;AAEzB,IAAA,IAAI,QAAQ,CAAC,UAAU,EAAE;QACvB,OAAO,QAAQ,CAAC,UAAU,CAAC;KAC5B;AAED,IAAA,IAAI,aAAa,IAAI,QAAQ,EAAE;QAC7B,OAAwB,OAAA,wBAAA;KACzB;AAED,IAAA,OAAO,IAAI,CAAC;AACd;;AC/FA;;;;;;;;;;;;;;;AAeG;AAWH;;;;;;;;;;;;;AAaG;AACI,eAAe,iBAAiB,CAAC,IAAU,EAAA;AAChD,IAAA,IAAIpB,wBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;QAClC,OAAO,OAAO,CAAC,MAAM,CACnB,+CAA+C,CAAC,IAAI,CAAC,CACtD,CAAC;KACH;AACD,IAAA,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IACrC,MAAM,YAAY,CAAC,sBAAsB,CAAC;AAC1C,IAAA,IAAI,YAAY,CAAC,WAAW,EAAE,WAAW,EAAE;;QAEzC,OAAO,IAAI,kBAAkB,CAAC;YAC5B,IAAI,EAAE,YAAY,CAAC,WAA2B;AAC9C,YAAA,UAAU,EAAE,IAAI;AAChB,YAAA,aAAa,EAAuB,QAAA;AACrC,SAAA,CAAC,CAAC;KACJ;AACD,IAAA,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,YAAY,EAAE;AAC1C,QAAA,iBAAiB,EAAE,IAAI;AACxB,KAAA,CAAC,CAAC;AACH,IAAA,MAAM,cAAc,GAAG,MAAM,kBAAkB,CAAC,oBAAoB,CAClE,YAAY,EAEZ,QAAA,8BAAA,QAAQ,EACR,IAAI,CACL,CAAC;IACF,MAAM,YAAY,CAAC,kBAAkB,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;AAC3D,IAAA,OAAO,cAAc,CAAC;AACxB;;ACnEA;;;;;;;;;;;;;;;AAeG;AAgBG,MAAO,gBACX,SAAQH,kBAAa,CAAA;AAKrB,IAAA,WAAA,CACE,IAAkB,EAClB,KAAoB,EACX,aAA4B,EAC5B,IAAmB,EAAA;QAE5B,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;QAHxB,IAAa,CAAA,aAAA,GAAb,aAAa,CAAe;QAC5B,IAAI,CAAA,IAAA,GAAJ,IAAI,CAAe;;QAI5B,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,gBAAgB,CAAC,SAAS,CAAC,CAAC;QACxD,IAAI,CAAC,UAAU,GAAG;YAChB,OAAO,EAAE,IAAI,CAAC,IAAI;AAClB,YAAA,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,SAAS;AACpC,YAAA,eAAe,EAAE,KAAK,CAAC,UAAW,CAAC,eAAqC;YACxE,aAAa;SACd,CAAC;KACH;IAED,OAAO,sBAAsB,CAC3B,IAAkB,EAClB,KAAoB,EACpB,aAA4B,EAC5B,IAAmB,EAAA;QAEnB,OAAO,IAAI,gBAAgB,CAAC,IAAI,EAAE,KAAK,EAAE,aAAa,EAAE,IAAI,CAAC,CAAC;KAC/D;AACF,CAAA;AAEK,SAAU,6CAA6C,CAC3D,IAAkB,EAClB,aAA4B,EAC5B,UAA0B,EAC1B,IAAmB,EAAA;IAEnB,MAAM,eAAe,GACnB,aAAa,KAAiC,gBAAA;AAC5C,UAAE,UAAU,CAAC,4BAA4B,CAAC,IAAI,CAAC;AAC/C,UAAE,UAAU,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC;AAE3C,IAAA,OAAO,eAAe,CAAC,KAAK,CAAC,KAAK,IAAG;QACnC,IAAI,KAAK,CAAC,IAAI,KAAK,QAAQ,4BAA0B,kCAAA,CAAE,EAAE;AACvD,YAAA,MAAM,gBAAgB,CAAC,sBAAsB,CAC3C,IAAI,EACJ,KAAK,EACL,aAAa,EACb,IAAI,CACL,CAAC;SACH;AAED,QAAA,MAAM,KAAK,CAAC;AACd,KAAC,CAAC,CAAC;AACL;;ACvFA;;;;;;;;;;;;;;;AAeG;AAMH;;AAEG;AACG,SAAU,mBAAmB,CACjC,YAAiB,EAAA;IAEjB,OAAO,IAAI,GAAG,CACZ,YAAY;SACT,GAAG,CAAC,CAAC,EAAE,UAAU,EAAE,KAAK,UAAU,CAAC;SACnC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAa,CACpC,CAAC;AACJ;;AChCA;;;;;;;;;;;;;;;AAeG;AAgBH;;;;;;;AAOG;AACI,eAAe,MAAM,CAAC,IAAU,EAAE,UAAkB,EAAA;AACzD,IAAA,MAAM,YAAY,GAAGC,uBAAkB,CAAC,IAAI,CAAiB,CAAC;IAC9D,MAAM,mBAAmB,CAAC,IAAI,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;IAC1D,MAAM,EAAE,gBAAgB,EAAE,GAAG,MAAM,oBAAoB,CAAC,YAAY,CAAC,IAAI,EAAE;AACzE,QAAA,OAAO,EAAE,MAAM,YAAY,CAAC,UAAU,EAAE;QACxC,cAAc,EAAE,CAAC,UAAU,CAAC;AAC7B,KAAA,CAAC,CAAC;IAEH,MAAM,aAAa,GAAG,mBAAmB,CAAC,gBAAgB,IAAI,EAAE,CAAC,CAAC;IAElE,YAAY,CAAC,YAAY,GAAG,YAAY,CAAC,YAAY,CAAC,MAAM,CAAC,EAAE,IAC7D,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC,UAAU,CAAC,CACjC,CAAC;AACF,IAAA,IAAI,CAAC,aAAa,CAAC,GAAG,CAAA,OAAA,wBAAkB,EAAE;AACxC,QAAA,YAAY,CAAC,WAAW,GAAG,IAAI,CAAC;KACjC;IAED,MAAM,YAAY,CAAC,IAAI,CAAC,qBAAqB,CAAC,YAAY,CAAC,CAAC;AAC5D,IAAA,OAAO,YAAY,CAAC;AACtB,CAAC;AAEM,eAAe,KAAK,CACzB,IAAkB,EAClB,UAA0B,EAC1B,eAAe,GAAG,KAAK,EAAA;IAEvB,MAAM,QAAQ,GAAG,MAAM,oBAAoB,CACzC,IAAI,EACJ,UAAU,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC,EAC7D,eAAe,CAChB,CAAC;IACF,OAAO,kBAAkB,CAAC,aAAa,CAAC,IAAI,EAAsB,MAAA,2BAAA,QAAQ,CAAC,CAAC;AAC9E,CAAC;AAEM,eAAe,mBAAmB,CACvC,QAAiB,EACjB,IAAkB,EAClB,QAAgB,EAAA;AAEhB,IAAA,MAAM,oBAAoB,CAAC,IAAI,CAAC,CAAC;IACjC,MAAM,WAAW,GAAG,mBAAmB,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;AAE3D,IAAA,MAAM,IAAI,GACR,QAAQ,KAAK,KAAK;UACf,yBAAA;AACD,kEAAiC;AACrC,IAAA,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAC,KAAK,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;AACnE;;ACtFA;;;;;;;;;;;;;;;AAeG;AAeI,eAAe,eAAe,CACnC,IAAkB,EAClB,UAA0B,EAC1B,eAAe,GAAG,KAAK,EAAA;AAEvB,IAAA,MAAM,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC;AACtB,IAAA,IAAIE,wBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;QAClC,OAAO,OAAO,CAAC,MAAM,CACnB,+CAA+C,CAAC,IAAI,CAAC,CACtD,CAAC;KACH;IACD,MAAM,aAAa,uDAAgC;AAEnD,IAAA,IAAI;QACF,MAAM,QAAQ,GAAG,MAAM,oBAAoB,CACzC,IAAI,EACJ,6CAA6C,CAC3C,IAAI,EACJ,aAAa,EACb,UAAU,EACV,IAAI,CACL,EACD,eAAe,CAChB,CAAC;AACF,QAAA,OAAO,CAAC,QAAQ,CAAC,OAAO,EAAE,IAAI,sDAA+B,CAAC;QAC9D,MAAM,MAAM,GAAG,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;AAC7C,QAAA,OAAO,CAAC,MAAM,EAAE,IAAI,sDAA+B,CAAC;AAEpD,QAAA,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC;QAChC,OAAO,CAAC,IAAI,CAAC,GAAG,KAAK,OAAO,EAAE,IAAI,EAAA,eAAA,mCAA8B,CAAC;QAEjE,OAAO,kBAAkB,CAAC,aAAa,CAAC,IAAI,EAAE,aAAa,EAAE,QAAQ,CAAC,CAAC;KACxE;IAAC,OAAO,CAAC,EAAE;;QAEV,IAAK,CAAmB,EAAE,IAAI,KAAK,QAAQ,gBAA0B,kCAAA,CAAE,EAAE;YACvE,KAAK,CAAC,IAAI,EAAA,eAAA,mCAA8B,CAAC;SAC1C;AACD,QAAA,MAAM,CAAC,CAAC;KACT;AACH;;ACrEA;;;;;;;;;;;;;;;AAeG;AAiBI,eAAe,qBAAqB,CACzC,IAAkB,EAClB,UAA0B,EAC1B,eAAe,GAAG,KAAK,EAAA;AAEvB,IAAA,IAAIA,wBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;QAClC,OAAO,OAAO,CAAC,MAAM,CACnB,+CAA+C,CAAC,IAAI,CAAC,CACtD,CAAC;KACH;IACD,MAAM,aAAa,wCAAyB;IAC5C,MAAM,QAAQ,GAAG,MAAM,6CAA6C,CAClE,IAAI,EACJ,aAAa,EACb,UAAU,CACX,CAAC;AACF,IAAA,MAAM,cAAc,GAAG,MAAM,kBAAkB,CAAC,oBAAoB,CAClE,IAAI,EACJ,aAAa,EACb,QAAQ,CACT,CAAC;IAEF,IAAI,CAAC,eAAe,EAAE;QACpB,MAAM,IAAI,CAAC,kBAAkB,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;KACpD;AACD,IAAA,OAAO,cAAc,CAAC;AACxB,CAAC;AAED;;;;;;;;;;;;;AAaG;AACI,eAAe,oBAAoB,CACxC,IAAU,EACV,UAA0B,EAAA;IAE1B,OAAO,qBAAqB,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,UAAU,CAAC,CAAC;AAC5D,CAAC;AAED;;;;;;;;;;AAUG;AACI,eAAe,kBAAkB,CACtC,IAAU,EACV,UAA0B,EAAA;AAE1B,IAAA,MAAM,YAAY,GAAGF,uBAAkB,CAAC,IAAI,CAAiB,CAAC;IAE9D,MAAM,mBAAmB,CAAC,KAAK,EAAE,YAAY,EAAE,UAAU,CAAC,UAAU,CAAC,CAAC;AAEtE,IAAA,OAAO,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;AACzC,CAAC;AAED;;;;;;;;;;;;;;;AAeG;AACI,eAAe,4BAA4B,CAChD,IAAU,EACV,UAA0B,EAAA;IAE1B,OAAO,eAAe,CAACA,uBAAkB,CAAC,IAAI,CAAiB,EAAE,UAAU,CAAC,CAAC;AAC/E;;AC5HA;;;;;;;;;;;;;;;AAeG;AAmBI,eAAeuB,uBAAqB,CACzC,IAAU,EACV,OAAqC,EAAA;IAErC,OAAO,qBAAqB,CAI1B,IAAI,EAGJ,MAAA,wBAAA,oCAAA,2CAAA,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACJ;;AC/CA;;;;;;;;;;;;;;;AAeG;AAWH;;;;;;;;;;;;;;;;;;AAkBG;AACI,eAAe,qBAAqB,CACzC,IAAU,EACV,WAAmB,EAAA;AAEnB,IAAA,IAAIrB,wBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;QAClC,OAAO,OAAO,CAAC,MAAM,CACnB,+CAA+C,CAAC,IAAI,CAAC,CACtD,CAAC;KACH;AACD,IAAA,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;AACrC,IAAA,MAAM,QAAQ,GAAoB,MAAMsB,uBAAkB,CAAC,YAAY,EAAE;AACvE,QAAA,KAAK,EAAE,WAAW;AAClB,QAAA,iBAAiB,EAAE,IAAI;AACxB,KAAA,CAAC,CAAC;IACH,MAAM,IAAI,GAAG,MAAM,kBAAkB,CAAC,oBAAoB,CACxD,YAAY,EAAA,QAAA,8BAEZ,QAAQ,CACT,CAAC;IACF,MAAM,YAAY,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACjD,IAAA,OAAO,IAAI,CAAC;AACd;;AClEA;;;;;;;;;;;;;;;AAeG;MAiBmB,mBAAmB,CAAA;IAKvC,WAA+B,CAAA,QAAkB,EAAE,QAAuB,EAAA;QAA3C,IAAQ,CAAA,QAAA,GAAR,QAAQ,CAAU;AAC/C,QAAA,IAAI,CAAC,GAAG,GAAG,QAAQ,CAAC,eAAe,CAAC;AACpC,QAAA,IAAI,CAAC,cAAc,GAAG,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;AAClE,QAAA,IAAI,CAAC,WAAW,GAAG,QAAQ,CAAC,WAAW,CAAC;KACzC;AAED,IAAA,OAAO,mBAAmB,CACxB,IAAkB,EAClB,UAAyB,EAAA;AAEzB,QAAA,IAAI,WAAW,IAAI,UAAU,EAAE;YAC7B,OAAO,wBAAwB,CAAC,mBAAmB,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;SACvE;AAAM,aAAA,IAAI,UAAU,IAAI,UAAU,EAAE;YACnC,OAAO,uBAAuB,CAAC,mBAAmB,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;SACtE;AACD,QAAA,OAAO,KAAK,CAAC,IAAI,EAAA,gBAAA,oCAA+B,CAAC;KAClD;AACF,CAAA;AAEK,MAAO,wBACX,SAAQ,mBAAmB,CAAA;AAK3B,IAAA,WAAA,CAAoB,QAA4B,EAAA;QAC9C,KAAK,CAAA,OAAA,uBAAiB,QAAQ,CAAC,CAAC;AAChC,QAAA,IAAI,CAAC,WAAW,GAAG,QAAQ,CAAC,SAAS,CAAC;KACvC;AAED,IAAA,OAAO,mBAAmB,CACxB,KAAmB,EACnB,UAAyB,EAAA;AAEzB,QAAA,OAAO,IAAI,wBAAwB,CAAC,UAAgC,CAAC,CAAC;KACvE;AACF,CAAA;AACK,MAAO,uBACX,SAAQ,mBAAmB,CAAA;AAG3B,IAAA,WAAA,CAAoB,QAA2B,EAAA;QAC7C,KAAK,CAAA,MAAA,sBAAgB,QAAQ,CAAC,CAAC;KAChC;AAED,IAAA,OAAO,mBAAmB,CACxB,KAAmB,EACnB,UAAyB,EAAA;AAEzB,QAAA,OAAO,IAAI,uBAAuB,CAAC,UAA+B,CAAC,CAAC;KACrE;AACF;;ACxFD;;;;;;;;;;;;;;;AAeG;SAQa,+BAA+B,CAC7C,IAAU,EACV,OAA0B,EAC1B,kBAAsC,EAAA;IAEtC,OAAO,CACL,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,CAAC,EAClC,IAAI,EAAA,sBAAA,0CAEL,CAAC;AACF,IAAA,OAAO,CACL,OAAO,kBAAkB,CAAC,iBAAiB,KAAK,WAAW;QACzD,kBAAkB,CAAC,iBAAiB,CAAC,MAAM,GAAG,CAAC,EACjD,IAAI,EAAA,6BAAA,iDAEL,CAAC;AACF,IAAA,OAAO,CACL,OAAO,kBAAkB,CAAC,UAAU,KAAK,WAAW;QAClD,kBAAkB,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,EAC1C,IAAI,EAAA,6BAAA,iDAEL,CAAC;AAEF,IAAA,OAAO,CAAC,WAAW,GAAG,kBAAkB,CAAC,GAAG,CAAC;AAC7C,IAAA,OAAO,CAAC,iBAAiB,GAAG,kBAAkB,CAAC,iBAAiB,CAAC;AACjE,IAAA,OAAO,CAAC,UAAU,GAAG,kBAAkB,CAAC,UAAU,CAAC;AACnD,IAAA,OAAO,CAAC,kBAAkB,GAAG,kBAAkB,CAAC,eAAe,CAAC;AAEhE,IAAA,IAAI,kBAAkB,CAAC,GAAG,EAAE;AAC1B,QAAA,OAAO,CACL,kBAAkB,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAC1C,IAAI,oEAEL,CAAC;QACF,OAAO,CAAC,WAAW,GAAG,kBAAkB,CAAC,GAAG,CAAC,QAAQ,CAAC;KACvD;AAED,IAAA,IAAI,kBAAkB,CAAC,OAAO,EAAE;AAC9B,QAAA,OAAO,CACL,kBAAkB,CAAC,OAAO,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EACjD,IAAI,8EAEL,CAAC;QACF,OAAO,CAAC,iBAAiB,GAAG,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC;AAClE,QAAA,OAAO,CAAC,yBAAyB;AAC/B,YAAA,kBAAkB,CAAC,OAAO,CAAC,cAAc,CAAC;QAC5C,OAAO,CAAC,kBAAkB,GAAG,kBAAkB,CAAC,OAAO,CAAC,WAAW,CAAC;KACrE;AACH;;ACvEA;;;;;;;;;;;;;;;AAeG;AAmCH;;;;;;;;;;;;AAYG;AACH,eAAe,qBAAqB,CAAC,IAAU,EAAA;AAC7C,IAAA,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;AACrC,IAAA,IAAI,YAAY,CAAC,0BAA0B,EAAE,EAAE;AAC7C,QAAA,MAAM,YAAY,CAAC,qBAAqB,EAAE,CAAC;KAC5C;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAkCG;AACI,eAAe,sBAAsB,CAC1C,IAAU,EACV,KAAa,EACb,kBAAuC,EAAA;AAEvC,IAAA,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;AACrC,IAAA,MAAM,OAAO,GAAwC;AACnD,QAAA,WAAW,EAAoC,gBAAA;QAC/C,KAAK;AACL,QAAA,UAAU,EAAyB,iBAAA;KACpC,CAAC;IACF,IAAI,kBAAkB,EAAE;AACtB,QAAA,+BAA+B,CAAC,YAAY,EAAE,OAAO,EAAE,kBAAkB,CAAC,CAAC;KAC5E;IACD,MAAM,mBAAmB,CACvB,YAAY,EACZ,OAAO,uDAEPC,wBAAqC,EAAA,yBAAA,qDAEtC,CAAC;AACJ,CAAC;AAED;;;;;;;;AAQG;AACI,eAAe,oBAAoB,CACxC,IAAU,EACV,OAAe,EACf,WAAmB,EAAA;AAEnB,IAAA,MAAMC,aACU,CAAC1B,uBAAkB,CAAC,IAAI,CAAC,EAAE;QACvC,OAAO;QACP,WAAW;KACZ,CAAC;AACD,SAAA,KAAK,CAAC,OAAM,KAAK,KAAG;QACnB,IACE,KAAK,CAAC,IAAI;YACV,CAAQ,KAAA,EAAA,qCAAA,yDAAmD,CAAA,EAC3D;AACA,YAAA,KAAK,qBAAqB,CAAC,IAAI,CAAC,CAAC;SAClC;AAED,QAAA,MAAM,KAAK,CAAC;AACd,KAAC,CAAC,CAAC;;AAEP,CAAC;AAED;;;;;;;AAOG;AACI,eAAe,eAAe,CACnC,IAAU,EACV,OAAe,EAAA;AAEf,IAAA,MAAM2B,iBAAuB,CAAC3B,uBAAkB,CAAC,IAAI,CAAC,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;AACvE,CAAC;AAED;;;;;;;;;AASG;AACI,eAAe,eAAe,CACnC,IAAU,EACV,OAAe,EAAA;AAEf,IAAA,MAAM,WAAW,GAAGA,uBAAkB,CAAC,IAAI,CAAC,CAAC;AAC7C,IAAA,MAAM,QAAQ,GAAG,MAAM4B,aAAqB,CAAC,WAAW,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;;;;;;;AAQvE,IAAA,MAAM,SAAS,GAAG,QAAQ,CAAC,WAAW,CAAC;AACvC,IAAA,OAAO,CAAC,SAAS,EAAE,WAAW,sDAA+B,CAAC;IAC9D,QAAQ,SAAS;AACf,QAAA,KAAA,cAAA;YACE,MAAM;AACR,QAAA,KAAA,yBAAA;AACE,YAAA,OAAO,CAAC,QAAQ,CAAC,QAAQ,EAAE,WAAW,sDAA+B,CAAC;YACtE,MAAM;AACR,QAAA,KAAA,+BAAA;AACE,YAAA,OAAO,CAAC,QAAQ,CAAC,OAAO,EAAE,WAAW,sDAA+B,CAAC;;AAEvE,QAAA;AACE,YAAA,OAAO,CAAC,QAAQ,CAAC,KAAK,EAAE,WAAW,sDAA+B,CAAC;KACtE;;IAGD,IAAI,eAAe,GAA+B,IAAI,CAAC;AACvD,IAAA,IAAI,QAAQ,CAAC,OAAO,EAAE;AACpB,QAAA,eAAe,GAAG,mBAAmB,CAAC,mBAAmB,CACvD,SAAS,CAAC,WAAW,CAAC,EACtB,QAAQ,CAAC,OAAO,CACjB,CAAC;KACH;IAED,OAAO;AACL,QAAA,IAAI,EAAE;AACJ,YAAA,KAAK,EACH,CAAC,QAAQ,CAAC,WAAW,KAAgD,yBAAA;kBACjE,QAAQ,CAAC,QAAQ;AACnB,kBAAE,QAAQ,CAAC,KAAK,KAAK,IAAI;AAC7B,YAAA,aAAa,EACX,CAAC,QAAQ,CAAC,WAAW,KAAgD,yBAAA;kBACjE,QAAQ,CAAC,KAAK;AAChB,kBAAE,QAAQ,CAAC,QAAQ,KAAK,IAAI;YAChC,eAAe;AAChB,SAAA;QACD,SAAS;KACV,CAAC;AACJ,CAAC;AAED;;;;;;;;;AASG;AACI,eAAe,uBAAuB,CAC3C,IAAU,EACV,IAAY,EAAA;AAEZ,IAAA,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,eAAe,CAAC5B,uBAAkB,CAAC,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;;IAEvE,OAAO,IAAI,CAAC,KAAM,CAAC;AACrB,CAAC;AAED;;;;;;;;;;;;;;;;;;;AAmBG;AACI,eAAe,8BAA8B,CAClD,IAAU,EACV,KAAa,EACb,QAAgB,EAAA;AAEhB,IAAA,IAAIE,wBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;QAClC,OAAO,OAAO,CAAC,MAAM,CACnB,+CAA+C,CAAC,IAAI,CAAC,CACtD,CAAC;KACH;AACD,IAAA,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;AACrC,IAAA,MAAM,OAAO,GAAkB;AAC7B,QAAA,iBAAiB,EAAE,IAAI;QACvB,KAAK;QACL,QAAQ;AACR,QAAA,UAAU,EAAyB,iBAAA;KACpC,CAAC;IACF,MAAM,cAAc,GAA6B,mBAAmB,CAClE,YAAY,EACZ,OAAO,EAAA,gBAAA,6CAEP,MAAM,EAAA,yBAAA,qDAEP,CAAC;IACF,MAAM,QAAQ,GAAG,MAAM,cAAc,CAAC,KAAK,CAAC,KAAK,IAAG;QAClD,IACE,KAAK,CAAC,IAAI,KAAK,QAAQ,qCAAiD,yDAAA,CAAE,EAC1E;AACA,YAAA,KAAK,qBAAqB,CAAC,IAAI,CAAC,CAAC;SAClC;AAED,QAAA,MAAM,KAAK,CAAC;AACd,KAAC,CAAC,CAAC;IAEH,MAAM,cAAc,GAAG,MAAM,kBAAkB,CAAC,oBAAoB,CAClE,YAAY,EAAA,QAAA,8BAEZ,QAAQ,CACT,CAAC;IACF,MAAM,YAAY,CAAC,kBAAkB,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;AAE3D,IAAA,OAAO,cAAc,CAAC;AACxB,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;AAsBG;SACa,0BAA0B,CACxC,IAAU,EACV,KAAa,EACb,QAAgB,EAAA;AAEhB,IAAA,IAAIA,wBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;QAClC,OAAO,OAAO,CAAC,MAAM,CACnB,+CAA+C,CAAC,IAAI,CAAC,CACtD,CAAC;KACH;IACD,OAAO,oBAAoB,CACzBF,uBAAkB,CAAC,IAAI,CAAC,EACxB,iBAAiB,CAAC,UAAU,CAAC,KAAK,EAAE,QAAQ,CAAC,CAC9C,CAAC,KAAK,CAAC,OAAM,KAAK,KAAG;QACpB,IACE,KAAK,CAAC,IAAI,KAAK,QAAQ,qCAAiD,yDAAA,CAAE,EAC1E;AACA,YAAA,KAAK,qBAAqB,CAAC,IAAI,CAAC,CAAC;SAClC;AAED,QAAA,MAAM,KAAK,CAAC;AACd,KAAC,CAAC,CAAC;AACL;;AC9WA;;;;;;;;;;;;;;;AAeG;AA4BH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAqCG;AACI,eAAe,qBAAqB,CACzC,IAAU,EACV,KAAa,EACb,kBAAsC,EAAA;AAEtC,IAAA,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;AACrC,IAAA,MAAM,OAAO,GAA2B;AACtC,QAAA,WAAW,EAAkC,cAAA;QAC7C,KAAK;AACL,QAAA,UAAU,EAAyB,iBAAA;KACpC,CAAC;AACF,IAAA,SAAS,qBAAqB,CAC5B,OAA+B,EAC/B,kBAAsC,EAAA;AAEtC,QAAA,OAAO,CACL,kBAAkB,CAAC,eAAe,EAClC,YAAY,sDAEb,CAAC;QACF,IAAI,kBAAkB,EAAE;AACtB,YAAA,+BAA+B,CAC7B,YAAY,EACZ,OAAO,EACP,kBAAkB,CACnB,CAAC;SACH;KACF;AACD,IAAA,qBAAqB,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;IACnD,MAAM,mBAAmB,CACvB,YAAY,EACZ,OAAO,uDAEP6B,uBAAyB,EAAA,yBAAA,qDAE1B,CAAC;AACJ,CAAC;AAED;;;;;;;AAOG;AACa,SAAA,qBAAqB,CAAC,IAAU,EAAE,SAAiB,EAAA;IACjE,MAAM,aAAa,GAAG,aAAa,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;AACzD,IAAA,OAAO,aAAa,EAAE,SAAS,KAAA,cAAA,wCAAsC;AACvE,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAwCG;AACI,eAAe,mBAAmB,CACvC,IAAU,EACV,KAAa,EACb,SAAkB,EAAA;AAElB,IAAA,IAAI3B,wBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;QAClC,OAAO,OAAO,CAAC,MAAM,CACnB,+CAA+C,CAAC,IAAI,CAAC,CACtD,CAAC;KACH;AACD,IAAA,MAAM,WAAW,GAAGF,uBAAkB,CAAC,IAAI,CAAC,CAAC;AAC7C,IAAA,MAAM,UAAU,GAAG,iBAAiB,CAAC,kBAAkB,CACrD,KAAK,EACL,SAAS,IAAI,cAAc,EAAE,CAC9B,CAAC;;;AAGF,IAAA,OAAO,CACL,UAAU,CAAC,SAAS,MAAM,WAAW,CAAC,QAAQ,IAAI,IAAI,CAAC,EACvD,WAAW,8DAEZ,CAAC;AACF,IAAA,OAAO,oBAAoB,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;AACvD;;ACpMA;;;;;;;;;;;;;;;AAeG;AAoBI,eAAe,aAAa,CACjC,IAAU,EACV,OAA6B,EAAA;IAE7B,OAAO,kBAAkB,CACvB,IAAI,EAGJ,MAAA,wBAAA,4BAAA,iCAAA,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACJ;;AC7CA;;;;;;;;;;;;;;;AAeG;AAmBH;;;;;;;;;;;;;;;;;;;AAmBG;AACI,eAAe,0BAA0B,CAC9C,IAAU,EACV,KAAa,EAAA;;;;AAKb,IAAA,MAAM,WAAW,GAAG,cAAc,EAAE,GAAG,cAAc,EAAE,GAAG,kBAAkB,CAAC;AAC7E,IAAA,MAAM,OAAO,GAAyB;AACpC,QAAA,UAAU,EAAE,KAAK;QACjB,WAAW;KACZ,CAAC;AAEF,IAAA,MAAM,EAAE,aAAa,EAAE,GAAG,MAAM,aAAa,CAC3CA,uBAAkB,CAAC,IAAI,CAAC,EACxB,OAAO,CACR,CAAC;IAEF,OAAO,aAAa,IAAI,EAAE,CAAC;AAC7B,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA6BG;AACI,eAAe,qBAAqB,CACzC,IAAU,EACV,kBAA8C,EAAA;AAE9C,IAAA,MAAM,YAAY,GAAGA,uBAAkB,CAAC,IAAI,CAAiB,CAAC;AAC9D,IAAA,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;AACxC,IAAA,MAAM,OAAO,GAA2B;AACtC,QAAA,WAAW,EAAkC,cAAA;QAC7C,OAAO;KACR,CAAC;IACF,IAAI,kBAAkB,EAAE;QACtB,+BAA+B,CAC7B,YAAY,CAAC,IAAI,EACjB,OAAO,EACP,kBAAkB,CACnB,CAAC;KACH;AAED,IAAA,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM8B,uBAAyB,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AAE9E,IAAA,IAAI,KAAK,KAAK,IAAI,CAAC,KAAK,EAAE;AACxB,QAAA,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;KACrB;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiCG;AACI,eAAe,uBAAuB,CAC3C,IAAU,EACV,QAAgB,EAChB,kBAA8C,EAAA;AAE9C,IAAA,MAAM,YAAY,GAAG9B,uBAAkB,CAAC,IAAI,CAAiB,CAAC;AAC9D,IAAA,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;AACxC,IAAA,MAAM,OAAO,GAAoC;AAC/C,QAAA,WAAW,EAA6C,yBAAA;QACxD,OAAO;QACP,QAAQ;KACT,CAAC;IACF,IAAI,kBAAkB,EAAE;QACtB,+BAA+B,CAC7B,YAAY,CAAC,IAAI,EACjB,OAAO,EACP,kBAAkB,CACnB,CAAC;KACH;AAED,IAAA,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM+B,oBAAwB,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AAE7E,IAAA,IAAI,KAAK,KAAK,IAAI,CAAC,KAAK,EAAE;;;AAGxB,QAAA,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;KACrB;AACH;;AC/LA;;;;;;;;;;;;;;;AAeG;AAkBI,eAAeC,eAAa,CACjC,IAAU,EACV,OAA6B,EAAA;AAE7B,IAAA,OAAO,kBAAkB,CACvB,IAAI,EAGJ,MAAA,wBAAA,qBAAA,kCAAA,OAAO,CACR,CAAC;AACJ;;AC3CA;;;;;;;;;;;;;;;AAeG;AAgBH;;;;;;;AAOG;AACI,eAAe,aAAa,CACjC,IAAU,EACV,EACE,WAAW,EACX,QAAQ,EAAE,QAAQ,EACwC,EAAA;IAE5D,IAAI,WAAW,KAAK,SAAS,IAAI,QAAQ,KAAK,SAAS,EAAE;QACvD,OAAO;KACR;AAED,IAAA,MAAM,YAAY,GAAGhC,uBAAkB,CAAC,IAAI,CAAiB,CAAC;AAC9D,IAAA,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,UAAU,EAAE,CAAC;AAChD,IAAA,MAAM,cAAc,GAAG;QACrB,OAAO;QACP,WAAW;QACX,QAAQ;AACR,QAAA,iBAAiB,EAAE,IAAI;KACxB,CAAC;AACF,IAAA,MAAM,QAAQ,GAAG,MAAM,oBAAoB,CACzC,YAAY,EACZiC,eAAgB,CAAC,YAAY,CAAC,IAAI,EAAE,cAAc,CAAC,CACpD,CAAC;IAEF,YAAY,CAAC,WAAW,GAAG,QAAQ,CAAC,WAAW,IAAI,IAAI,CAAC;IACxD,YAAY,CAAC,QAAQ,GAAG,QAAQ,CAAC,QAAQ,IAAI,IAAI,CAAC;;AAGlD,IAAA,MAAM,gBAAgB,GAAG,YAAY,CAAC,YAAY,CAAC,IAAI,CACrD,CAAC,EAAE,UAAU,EAAE,KAAK,UAAU,KAAA,UAAA,2BAC/B,CAAC;IACF,IAAI,gBAAgB,EAAE;AACpB,QAAA,gBAAgB,CAAC,WAAW,GAAG,YAAY,CAAC,WAAW,CAAC;AACxD,QAAA,gBAAgB,CAAC,QAAQ,GAAG,YAAY,CAAC,QAAQ,CAAC;KACnD;AAED,IAAA,MAAM,YAAY,CAAC,wBAAwB,CAAC,QAAQ,CAAC,CAAC;AACxD,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;AAuBG;AACa,SAAA,WAAW,CAAC,IAAU,EAAE,QAAgB,EAAA;AACtD,IAAA,MAAM,YAAY,GAAGjC,uBAAkB,CAAC,IAAI,CAAiB,CAAC;IAC9D,IAAIE,wBAAoB,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;QAC/C,OAAO,OAAO,CAAC,MAAM,CACnB,+CAA+C,CAAC,YAAY,CAAC,IAAI,CAAC,CACnE,CAAC;KACH;IACD,OAAO,qBAAqB,CAAC,YAAY,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;AAC7D,CAAC;AAED;;;;;;;;;;;;AAYG;AACa,SAAA,cAAc,CAAC,IAAU,EAAE,WAAmB,EAAA;IAC5D,OAAO,qBAAqB,CAC1BF,uBAAkB,CAAC,IAAI,CAAiB,EACxC,IAAI,EACJ,WAAW,CACZ,CAAC;AACJ,CAAC;AAED,eAAe,qBAAqB,CAClC,IAAkB,EAClB,KAAoB,EACpB,QAAuB,EAAA;AAEvB,IAAA,MAAM,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC;AACtB,IAAA,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;AACxC,IAAA,MAAM,OAAO,GAA+B;QAC1C,OAAO;AACP,QAAA,iBAAiB,EAAE,IAAI;KACxB,CAAC;IAEF,IAAI,KAAK,EAAE;AACT,QAAA,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC;KACvB;IAED,IAAI,QAAQ,EAAE;AACZ,QAAA,OAAO,CAAC,QAAQ,GAAG,QAAQ,CAAC;KAC7B;AAED,IAAA,MAAM,QAAQ,GAAG,MAAM,oBAAoB,CACzC,IAAI,EACJkC,mBAAsB,CAAC,IAAI,EAAE,OAAO,CAAC,CACtC,CAAC;IACF,MAAM,IAAI,CAAC,wBAAwB,CAAC,QAAQ,eAAe,IAAI,CAAC,CAAC;AACnE;;AC9JA;;;;;;;;;;;;;;;AAeG;AAQH;;;AAGG;AACG,SAAU,oBAAoB,CAClC,eAAiC,EAAA;IAEjC,IAAI,CAAC,eAAe,EAAE;AACpB,QAAA,OAAO,IAAI,CAAC;KACb;AACD,IAAA,MAAM,EAAE,UAAU,EAAE,GAAG,eAAe,CAAC;AACvC,IAAA,MAAM,OAAO,GAAG,eAAe,CAAC,WAAW;UACvC,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,WAAW,CAAC;UACvC,EAAE,CAAC;AACP,IAAA,MAAM,SAAS,GACb,eAAe,CAAC,SAAS;QACzB,eAAe,CAAC,IAAI,KAAA,uCAAA,yCAAuC;AAC7D,IAAA,IAAI,CAAC,UAAU,IAAI,eAAe,EAAE,OAAO,EAAE;AAC3C,QAAA,MAAM,cAAc,GAAG,WAAW,CAAC,eAAe,CAAC,OAAO,CAAC,EAAE,QAAQ,GACnE,kBAAkB,CACnB,CAAC;QACF,IAAI,cAAc,EAAE;YAClB,MAAM,kBAAkB,GACtB,cAAc,KAAyB,WAAA;AACvC,gBAAA,cAAc,KAAsB,QAAA;AAClC,kBAAG,cAA6B;kBAC9B,IAAI,CAAC;;AAEX,YAAA,OAAO,IAAI,yBAAyB,CAAC,SAAS,EAAE,kBAAkB,CAAC,CAAC;SACrE;KACF;IACD,IAAI,CAAC,UAAU,EAAE;AACf,QAAA,OAAO,IAAI,CAAC;KACb;IACD,QAAQ,UAAU;AAChB,QAAA,KAAA,cAAA;AACE,YAAA,OAAO,IAAI,0BAA0B,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;AAC5D,QAAA,KAAA,YAAA;AACE,YAAA,OAAO,IAAI,wBAAwB,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;AAC1D,QAAA,KAAA,YAAA;AACE,YAAA,OAAO,IAAI,wBAAwB,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;AAC1D,QAAA,KAAA,aAAA;AACE,YAAA,OAAO,IAAI,yBAAyB,CAClC,SAAS,EACT,OAAO,EACP,eAAe,CAAC,UAAU,IAAI,IAAI,CACnC,CAAC;QACJ,KAAuB,QAAA,yBAAA;AACvB,QAAA,KAAA,WAAA;AACE,YAAA,OAAO,IAAI,yBAAyB,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;AACxD,QAAA;YACE,OAAO,IAAI,yBAAyB,CAAC,SAAS,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;KACxE;AACH,CAAC;AAED,MAAM,yBAAyB,CAAA;AAC7B,IAAA,WAAA,CACW,SAAkB,EAClB,UAAsC,EACtC,UAAmC,EAAE,EAAA;QAFrC,IAAS,CAAA,SAAA,GAAT,SAAS,CAAS;QAClB,IAAU,CAAA,UAAA,GAAV,UAAU,CAA4B;QACtC,IAAO,CAAA,OAAA,GAAP,OAAO,CAA8B;KAC5C;AACL,CAAA;AAED,MAAM,uCAAwC,SAAQ,yBAAyB,CAAA;AAC7E,IAAA,WAAA,CACE,SAAkB,EAClB,UAAsB,EACtB,OAAgC,EACvB,QAAuB,EAAA;AAEhC,QAAA,KAAK,CAAC,SAAS,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;QAF7B,IAAQ,CAAA,QAAA,GAAR,QAAQ,CAAe;KAGjC;AACF,CAAA;AAED,MAAM,0BAA2B,SAAQ,yBAAyB,CAAA;IAChE,WAAY,CAAA,SAAkB,EAAE,OAAgC,EAAA;AAC9D,QAAA,KAAK,CAAC,SAAS,EAAuB,cAAA,4BAAA,OAAO,CAAC,CAAC;KAChD;AACF,CAAA;AAED,MAAM,wBAAyB,SAAQ,uCAAuC,CAAA;IAC5E,WAAY,CAAA,SAAkB,EAAE,OAAgC,EAAA;QAC9D,KAAK,CACH,SAAS,EAET,YAAA,0BAAA,OAAO,EACP,OAAO,OAAO,EAAE,KAAK,KAAK,QAAQ,GAAG,OAAO,EAAE,KAAK,GAAG,IAAI,CAC3D,CAAC;KACH;AACF,CAAA;AAED,MAAM,wBAAyB,SAAQ,yBAAyB,CAAA;IAC9D,WAAY,CAAA,SAAkB,EAAE,OAAgC,EAAA;AAC9D,QAAA,KAAK,CAAC,SAAS,EAAqB,YAAA,0BAAA,OAAO,CAAC,CAAC;KAC9C;AACF,CAAA;AAED,MAAM,yBAA0B,SAAQ,uCAAuC,CAAA;AAC7E,IAAA,WAAA,CACE,SAAkB,EAClB,OAAgC,EAChC,UAAyB,EAAA;AAEzB,QAAA,KAAK,CAAC,SAAS,EAAA,aAAA,2BAAsB,OAAO,EAAE,UAAU,CAAC,CAAC;KAC3D;AACF,CAAA;AAED;;;;;;AAMG;AACG,SAAU,qBAAqB,CACnC,cAA8B,EAAA;AAE9B,IAAA,MAAM,EAAE,IAAI,EAAE,cAAc,EAAE,GAAG,cAAwC,CAAC;AAC1E,IAAA,IAAI,IAAI,CAAC,WAAW,IAAI,CAAC,cAAc,EAAE;;;QAGvC,OAAO;AACL,YAAA,UAAU,EAAE,IAAI;AAChB,YAAA,SAAS,EAAE,KAAK;AAChB,YAAA,OAAO,EAAE,IAAI;SACd,CAAC;KACH;AAED,IAAA,OAAO,oBAAoB,CAAC,cAAc,CAAC,CAAC;AAC9C;;ACxJA;;;;;;;;;;;;;;;AAeG;AAsBH;AACA;;;;;;;;;;;;;;;;;;;;;;;AAuBG;AACa,SAAA,cAAc,CAC5B,IAAU,EACV,WAAwB,EAAA;IAExB,OAAOlC,uBAAkB,CAAC,IAAI,CAAC,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;AAC9D,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;AA0BG;AACG,SAAU,yBAAyB,CAAC,IAAU,EAAA;AAClD,IAAA,OAAO,0BAA0B,CAAC,IAAI,CAAC,CAAC;AAC1C,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;AAsBG;AACI,eAAe,gBAAgB,CACpC,IAAU,EACV,QAAgB,EAAA;AAEhB,IAAA,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;AACrC,IAAA,OAAO,YAAY,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;AACjD,CAAC;AAED;;;;;;;;;;;;;;;AAeG;AACG,SAAU,gBAAgB,CAC9B,IAAU,EACV,cAAoC,EACpC,KAAe,EACf,SAAsB,EAAA;AAEtB,IAAA,OAAOA,uBAAkB,CAAC,IAAI,CAAC,CAAC,gBAAgB,CAC9C,cAAc,EACd,KAAK,EACL,SAAS,CACV,CAAC;AACJ,CAAC;AACD;;;;;;;;;AASG;SACa,sBAAsB,CACpC,IAAU,EACV,QAAqD,EACrD,OAAoB,EAAA;IAEpB,OAAOA,uBAAkB,CAAC,IAAI,CAAC,CAAC,sBAAsB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;AAC5E,CAAC;AACD;;;;;;;;;;;;;;AAcG;AACG,SAAU,kBAAkB,CAChC,IAAU,EACV,cAAoC,EACpC,KAAe,EACf,SAAsB,EAAA;AAEtB,IAAA,OAAOA,uBAAkB,CAAC,IAAI,CAAC,CAAC,kBAAkB,CAChD,cAAc,EACd,KAAK,EACL,SAAS,CACV,CAAC;AACJ,CAAC;AACD;;;;;;AAMG;AACG,SAAU,iBAAiB,CAAC,IAAU,EAAA;AAC1C,IAAAA,uBAAkB,CAAC,IAAI,CAAC,CAAC,iBAAiB,EAAE,CAAC;AAC/C,CAAC;AACD;;;;;;;;;;;;;;;;;;;;AAoBG;AACa,SAAA,iBAAiB,CAC/B,IAAU,EACV,IAAiB,EAAA;IAEjB,OAAOA,uBAAkB,CAAC,IAAI,CAAC,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;AAC1D,CAAC;AACD;;;;;;;;;;AAUG;AACG,SAAU,OAAO,CAAC,IAAU,EAAA;AAChC,IAAA,OAAOA,uBAAkB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;AAC5C,CAAC;AAED;;;;;;;AAOG;AACa,SAAA,iBAAiB,CAAC,IAAU,EAAE,KAAa,EAAA;AACzD,IAAA,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;AACrC,IAAA,OAAO,YAAY,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;AAC/C,CAAC;AAmED;;;;;;;;;;;AAWG;AACI,eAAe,UAAU,CAAC,IAAU,EAAA;AACzC,IAAA,OAAOA,uBAAkB,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC;AAC3C;;AC3VA;;;;;;;;;;;;;;;AAeG;MAiBU,sBAAsB,CAAA;AACjC,IAAA,WAAA,CACW,IAA4B,EAC5B,UAAkB,EAClB,IAAmB,EAAA;QAFnB,IAAI,CAAA,IAAA,GAAJ,IAAI,CAAwB;QAC5B,IAAU,CAAA,UAAA,GAAV,UAAU,CAAQ;QAClB,IAAI,CAAA,IAAA,GAAJ,IAAI,CAAe;KAC1B;AAEJ,IAAA,OAAO,YAAY,CACjB,OAAe,EACf,IAAmB,EAAA;AAEnB,QAAA,OAAO,IAAI,sBAAsB,CAAA,QAAA,sCAE/B,OAAO,EACP,IAAI,CACL,CAAC;KACH;IAED,OAAO,yBAAyB,CAC9B,oBAA4B,EAAA;AAE5B,QAAA,OAAO,IAAI,sBAAsB,CAE/B,QAAA,uCAAA,oBAAoB,CACrB,CAAC;KACH;IAED,MAAM,GAAA;AACJ,QAAA,MAAM,GAAG,GACP,IAAI,CAAC,IAAI,KAAkC,QAAA;AACzC,cAAE,SAAS;cACT,mBAAmB,CAAC;QAC1B,OAAO;AACL,YAAA,kBAAkB,EAAE;AAClB,gBAAA,CAAC,GAAG,GAAG,IAAI,CAAC,UAAU;AACvB,aAAA;SACF,CAAC;KACH;IAED,OAAO,QAAQ,CACb,GAA0C,EAAA;AAE1C,QAAA,IAAI,GAAG,EAAE,kBAAkB,EAAE;AAC3B,YAAA,IAAI,GAAG,CAAC,kBAAkB,EAAE,iBAAiB,EAAE;gBAC7C,OAAO,sBAAsB,CAAC,yBAAyB,CACrD,GAAG,CAAC,kBAAkB,CAAC,iBAAiB,CACzC,CAAC;aACH;AAAM,iBAAA,IAAI,GAAG,CAAC,kBAAkB,EAAE,OAAO,EAAE;gBAC1C,OAAO,sBAAsB,CAAC,YAAY,CACxC,GAAG,CAAC,kBAAkB,CAAC,OAAO,CAC/B,CAAC;aACH;SACF;AACD,QAAA,OAAO,IAAI,CAAC;KACb;AACF;;ACvFD;;;;;;;;;;;;;;;AAeG;MAqBU,uBAAuB,CAAA;AAClC,IAAA,WAAA,CACW,OAA+B,EAC/B,KAA4B,EACpB,cAEmB,EAAA;QAJ3B,IAAO,CAAA,OAAA,GAAP,OAAO,CAAwB;QAC/B,IAAK,CAAA,KAAA,GAAL,KAAK,CAAuB;QACpB,IAAc,CAAA,cAAA,GAAd,cAAc,CAEK;KAClC;;AAGJ,IAAA,OAAO,UAAU,CACf,UAAgB,EAChB,KAA+B,EAAA;AAE/B,QAAA,MAAM,IAAI,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;AACnC,QAAA,MAAM,cAAc,GAAG,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC;QACxD,MAAM,KAAK,GAAG,CAAC,cAAc,CAAC,OAAO,IAAI,EAAE,EAAE,GAAG,CAAC,UAAU,IACzD,mBAAmB,CAAC,mBAAmB,CAAC,IAAI,EAAE,UAAU,CAAC,CAC1D,CAAC;AAEF,QAAA,OAAO,CACL,cAAc,CAAC,oBAAoB,EACnC,IAAI,sDAEL,CAAC;QACF,MAAM,OAAO,GAAG,sBAAsB,CAAC,yBAAyB,CAC9D,cAAc,CAAC,oBAAoB,CACpC,CAAC;QAEF,OAAO,IAAI,uBAAuB,CAChC,OAAO,EACP,KAAK,EACL,OACE,SAAmC,KACA;YACnC,MAAM,WAAW,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;;YAE5D,OAAO,cAAc,CAAC,OAAO,CAAC;YAC9B,OAAO,cAAc,CAAC,oBAAoB,CAAC;;AAG3C,YAAA,MAAM,eAAe,GAAG;AACtB,gBAAA,GAAG,cAAc;gBACjB,OAAO,EAAE,WAAW,CAAC,OAAO;gBAC5B,YAAY,EAAE,WAAW,CAAC,YAAY;aACvC,CAAC;;AAGF,YAAA,QAAQ,KAAK,CAAC,aAAa;AACzB,gBAAA,KAAA,QAAA;AACE,oBAAA,MAAM,cAAc,GAClB,MAAM,kBAAkB,CAAC,oBAAoB,CAC3C,IAAI,EACJ,KAAK,CAAC,aAAa,EACnB,eAAe,CAChB,CAAC;oBACJ,MAAM,IAAI,CAAC,kBAAkB,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;AACnD,oBAAA,OAAO,cAAc,CAAC;AACxB,gBAAA,KAAA,gBAAA;AACE,oBAAA,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,sDAA+B,CAAC;AACxD,oBAAA,OAAO,kBAAkB,CAAC,aAAa,CACrC,KAAK,CAAC,IAAI,EACV,KAAK,CAAC,aAAa,EACnB,eAAe,CAChB,CAAC;AACJ,gBAAA;oBACE,KAAK,CAAC,IAAI,EAAA,gBAAA,oCAA+B,CAAC;aAC7C;AACH,SAAC,CACF,CAAC;KACH;IAED,MAAM,aAAa,CACjB,eAAyC,EAAA;QAEzC,MAAM,SAAS,GAAG,eAA2C,CAAC;AAC9D,QAAA,OAAO,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;KACvC;AACF,CAAA;AAED;;;;;;;;;AASG;AACa,SAAA,sBAAsB,CACpC,IAAU,EACV,KAAuB,EAAA;AAEvB,IAAA,MAAM,WAAW,GAAGA,uBAAkB,CAAC,IAAI,CAAC,CAAC;IAC7C,MAAM,aAAa,GAAG,KAAiC,CAAC;IACxD,OAAO,CACL,KAAK,CAAC,UAAU,CAAC,aAAa,EAC9B,WAAW,EAAA,gBAAA,oCAEZ,CAAC;IACF,OAAO,CACL,aAAa,CAAC,UAAU,CAAC,eAAe,EAAE,oBAAoB,EAC9D,WAAW,EAAA,gBAAA,oCAEZ,CAAC;IAEF,OAAO,uBAAuB,CAAC,UAAU,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;AACxE;;AChJA;;;;;;;;;;;;;;;AAeG;AAoHa,SAAA,kBAAkB,CAChC,IAAkB,EAClB,OAAsC,EAAA;IAEtC,OAAO,kBAAkB,CAIvB,IAAI,EAGJ,MAAA,wBAAA,kCAAA,sCAAA,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACJ,CAAC;AAgBe,SAAA,qBAAqB,CACnC,IAAkB,EAClB,OAAyC,EAAA;IAEzC,OAAO,kBAAkB,CAIvB,IAAI,EAGJ,MAAA,wBAAA,qCAAA,yCAAA,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACJ,CAAC;AAUe,SAAA,WAAW,CACzB,IAAkB,EAClB,OAA2B,EAAA;IAE3B,OAAO,kBAAkB,CACvB,IAAI,EAGJ,MAAA,wBAAA,qCAAA,8BAAA,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACJ;;MCjKa,mBAAmB,CAAA;AAG9B,IAAA,WAAA,CAA6B,IAAkB,EAAA;QAAlB,IAAI,CAAA,IAAA,GAAJ,IAAI,CAAc;QAF/C,IAAe,CAAA,eAAA,GAAsB,EAAE,CAAC;AAGtC,QAAA,IAAI,CAAC,SAAS,CAAC,QAAQ,IAAG;AACxB,YAAA,IAAI,QAAQ,CAAC,OAAO,EAAE;gBACpB,IAAI,CAAC,eAAe,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,IACpD,mBAAmB,CAAC,mBAAmB,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,CAAC,CAC/D,CAAC;aACH;AACH,SAAC,CAAC,CAAC;KACJ;IAED,OAAO,SAAS,CAAC,IAAkB,EAAA;AACjC,QAAA,OAAO,IAAI,mBAAmB,CAAC,IAAI,CAAC,CAAC;KACtC;AAED,IAAA,MAAM,UAAU,GAAA;AACd,QAAA,OAAO,sBAAsB,CAAC,YAAY,CACxC,MAAM,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,EAC5B,IAAI,CAAC,IAAI,CACV,CAAC;KACH;AAED,IAAA,MAAM,MAAM,CACV,eAAqC,EACrC,WAA2B,EAAA;QAE3B,MAAM,SAAS,GAAG,eAA2C,CAAC;QAC9D,MAAM,OAAO,IAAI,MAAM,IAAI,CAAC,UAAU,EAAE,CAA2B,CAAC;QACpE,MAAM,mBAAmB,GAAG,MAAM,oBAAoB,CACpD,IAAI,CAAC,IAAI,EACT,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,EAAE,WAAW,CAAC,CACzD,CAAC;;;QAGF,MAAM,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,mBAAmB,CAAC,CAAC;;;;AAI9D,QAAA,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;KAC3B;IAED,MAAM,QAAQ,CAAC,SAAmC,EAAA;AAChD,QAAA,MAAM,eAAe,GACnB,OAAO,SAAS,KAAK,QAAQ,GAAG,SAAS,GAAG,SAAS,CAAC,GAAG,CAAC;QAC5D,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;AAC7C,QAAA,IAAI;AACF,YAAA,MAAM,eAAe,GAAG,MAAM,oBAAoB,CAChD,IAAI,CAAC,IAAI,EACT,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;gBAC1B,OAAO;gBACP,eAAe;AAChB,aAAA,CAAC,CACH,CAAC;;YAEF,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,MAAM,CAChD,CAAC,EAAE,GAAG,EAAE,KAAK,GAAG,KAAK,eAAe,CACrC,CAAC;;;;;YAKF,MAAM,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,eAAe,CAAC,CAAC;AAC1D,YAAA,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;SAC1B;QAAC,OAAO,CAAC,EAAE;AACV,YAAA,MAAM,CAAC,CAAC;SACT;KACF;AACF,CAAA;AAED,MAAM,oBAAoB,GAAG,IAAI,OAAO,EAAyB,CAAC;AAElE;;;;;;;;;AASG;AACG,SAAU,WAAW,CAAC,IAAU,EAAA;AACpC,IAAA,MAAM,WAAW,GAAGA,uBAAkB,CAAC,IAAI,CAAC,CAAC;IAC7C,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE;AAC1C,QAAA,oBAAoB,CAAC,GAAG,CACtB,WAAW,EACX,mBAAmB,CAAC,SAAS,CAAC,WAA2B,CAAC,CAC3D,CAAC;KACH;AACD,IAAA,OAAO,oBAAoB,CAAC,GAAG,CAAC,WAAW,CAAE,CAAC;AAChD;;;;;AC5HA;;;;;;;;;;;;;;;AAeG;MAcU,WAAW,CAAA;AAItB,IAAA,WAAA,CAA6B,IAAkB,EAAA;QAAlB,IAAI,CAAA,IAAA,GAAJ,IAAI,CAAc;AAH9B,QAAA,IAAA,CAAA,iBAAiB,GAChC,IAAI,GAAG,EAAE,CAAC;KAEuC;IAEnD,MAAM,GAAA;QACJ,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC5B,OAAO,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,IAAI,IAAI,CAAC;KAC3C;IAED,MAAM,QAAQ,CACZ,YAAsB,EAAA;QAEtB,IAAI,CAAC,oBAAoB,EAAE,CAAC;AAC5B,QAAA,MAAM,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC;AACvC,QAAA,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE;AAC1B,YAAA,OAAO,IAAI,CAAC;SACb;AAED,QAAA,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;QACzE,OAAO,EAAE,WAAW,EAAE,CAAC;KACxB;AAED,IAAA,oBAAoB,CAAC,QAAuB,EAAA;QAC1C,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC5B,IAAI,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE;YACxC,OAAO;SACR;QAED,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,IAAI,IAAG;YACpD,QAAQ,CACL,IAA4B,EAAE,eAAe,CAAC,WAAW,IAAI,IAAI,CACnE,CAAC;AACJ,SAAC,CAAC,CAAC;QACH,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;QAClD,IAAI,CAAC,sBAAsB,EAAE,CAAC;KAC/B;AAED,IAAA,uBAAuB,CAAC,QAAuB,EAAA;QAC7C,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC5B,MAAM,WAAW,GAAG,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACzD,IAAI,CAAC,WAAW,EAAE;YAChB,OAAO;SACR;AAED,QAAA,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;AACxC,QAAA,WAAW,EAAE,CAAC;QACd,IAAI,CAAC,sBAAsB,EAAE,CAAC;KAC/B;IAEO,oBAAoB,GAAA;AAC1B,QAAA,OAAO,CACL,IAAI,CAAC,IAAI,CAAC,sBAAsB,6FAEjC,CAAC;KACH;IAEO,sBAAsB,GAAA;QAC5B,IAAI,IAAI,CAAC,iBAAiB,CAAC,IAAI,GAAG,CAAC,EAAE;AACnC,YAAA,IAAI,CAAC,IAAI,CAAC,sBAAsB,EAAE,CAAC;SACpC;aAAM;AACL,YAAA,IAAI,CAAC,IAAI,CAAC,qBAAqB,EAAE,CAAC;SACnC;KACF;AACF;;AC9FD;;;;;;;;;;;;;;;AAeG;AAwBH,SAAS,qBAAqB,CAC5B,cAA8B,EAAA;IAE9B,QAAQ,cAAc;AACpB,QAAA,KAAA,MAAA;AACE,YAAA,OAAO,MAAM,CAAC;AAChB,QAAA,KAAA,aAAA;AACE,YAAA,OAAO,IAAI,CAAC;AACd,QAAA,KAAA,QAAA;AACE,YAAA,OAAO,WAAW,CAAC;AACrB,QAAA,KAAA,SAAA;AACE,YAAA,OAAO,SAAS,CAAC;AACnB,QAAA,KAAA,cAAA;AACE,YAAA,OAAO,eAAe,CAAC;AACzB,QAAA;AACE,YAAA,OAAO,SAAS,CAAC;KACpB;AACH,CAAC;AAED;AACM,SAAU,YAAY,CAAC,cAA8B,EAAA;AACzD,IAAAmC,sBAAkB,CAChB,IAAIC,mBAAS,CAAA,MAAA,4BAEX,CAAC,SAAS,EAAE,EAAE,OAAO,EAAE,IAAI,EAA8B,KAAI;QAC3D,MAAM,GAAG,GAAG,SAAS,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,YAAY,EAAG,CAAC;QACzD,MAAM,wBAAwB,GAC5B,SAAS,CAAC,WAAW,CAAc,WAAW,CAAC,CAAC;QAClD,MAAM,uBAAuB,GAC3B,SAAS,CAAC,WAAW,CAAuB,oBAAoB,CAAC,CAAC;QACpE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC;AAE3C,QAAA,OAAO,CACL,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,EAE/B,iBAAA,sCAAA,EAAE,OAAO,EAAE,GAAG,CAAC,IAAI,EAAE,CACtB,CAAC;AAEF,QAAA,MAAM,MAAM,GAAmB;YAC7B,MAAM;YACN,UAAU;YACV,cAAc;AACd,YAAA,OAAO,EAAwB,gCAAA;AAC/B,YAAA,YAAY,EAA8B,4BAAA;AAC1C,YAAA,SAAS,EAA0B,OAAA;AACnC,YAAA,gBAAgB,EAAE,iBAAiB,CAAC,cAAc,CAAC;SACpD,CAAC;AAEF,QAAA,MAAM,YAAY,GAAG,IAAI,QAAQ,CAC/B,GAAG,EACH,wBAAwB,EACxB,uBAAuB,EACvB,MAAM,CACP,CAAC;AACF,QAAA,uBAAuB,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;AAE5C,QAAA,OAAO,YAAY,CAAC;AACtB,KAAC,EAEF,QAAA,4BAAA;AACC;;;AAGG;AACF,SAAA,oBAAoB,CAA4B,UAAA,kCAAA;AACjD;;;AAGG;SACF,0BAA0B,CACzB,CAAC,SAAS,EAAE,mBAAmB,EAAE,SAAS,KAAI;AAC5C,QAAA,MAAM,oBAAoB,GAAG,SAAS,CAAC,WAAW,oDAEjD,CAAC;QACF,oBAAoB,CAAC,UAAU,EAAE,CAAC;KACnC,CACF,CACJ,CAAC;AAEF,IAAAD,sBAAkB,CAChB,IAAIC,mBAAS,CAEX,eAAA,qCAAA,SAAS,IAAG;AACV,QAAA,MAAM,IAAI,GAAG,SAAS,CACpB,SAAS,CAAC,WAAW,CAAA,MAAA,2BAAqB,CAAC,YAAY,EAAG,CAC3D,CAAC;AACF,QAAA,OAAO,CAAC,IAAI,IAAI,IAAI,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;AAC/C,KAAC,EAEF,SAAA,6BAAA,CAAC,oBAAoB,CAAA,UAAA,kCAA4B,CACnD,CAAC;IAEFC,mBAAe,CAAC,IAAI,EAAE,OAAO,EAAE,qBAAqB,CAAC,cAAc,CAAC,CAAC,CAAC;;AAEtE,IAAAA,mBAAe,CAAC,IAAI,EAAE,OAAO,EAAE,SAAkB,CAAC,CAAC;AACrD;;ACtIA;;;;;;;;;;;;;;;AAeG;AAgBH;AACA,aAAa,CAAC,UAAU,CAAC,KAAK,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;AAEnD;AACA;AAEgB,SAAA,OAAO,CAAC7B,KAAA,GAAmB8B,UAAM,EAAE,EAAA;IACjD,MAAM,QAAQ,GAAG7B,gBAAY,CAACD,KAAG,EAAE,MAAM,CAAC,CAAC;AAE3C,IAAA,IAAI,QAAQ,CAAC,aAAa,EAAE,EAAE;AAC5B,QAAA,OAAO,QAAQ,CAAC,YAAY,EAAE,CAAC;KAChC;AAED,IAAA,MAAM,IAAI,GAAG,cAAc,CAACA,KAAG,CAAC,CAAC;AAEjC,IAAA,MAAM,gBAAgB,GAAG+B,2BAAsB,CAAC,MAAM,CAAC,CAAC;IACxD,IAAI,gBAAgB,EAAE;AACpB,QAAA,mBAAmB,CAAC,IAAI,EAAE,UAAU,gBAAgB,CAAA,CAAE,CAAC,CAAC;KACzD;AAED,IAAA,OAAO,IAAI,CAAC;AACd,CAAC;AAED,YAAY,kCAAqB,CAAC;AAElC;AACA;AACA;AACA;AACA;AACA;AAEA;AACA,MAAM,mBAAmB,GAAG,YAAY,CAAA,6CAAA,6CAAuC,CAAC;AAEhF;AACA,eAAe,IAAI,GAAA;AACjB,IAAA,MAAM,mBAAmB,CAAC;AAC5B,CAAC;AAED;;;AAGG;AACH,MAAM,SAAS,CAAA;AACb,IAAA,WAAA,GAAA;AACE,QAAA,MAAM,mBAAmB,CAAC;KAC3B;AACF,CAAA;AAEM,MAAM,uBAAuB,GAAG,oBAAoB;AACpD,MAAM,yBAAyB,GAAG,oBAAoB;AACtD,MAAM,wBAAwB,GAAG,oBAAoB;AACrD,MAAM,yBAAyB,GAAG,oBAAoB;AACtD,MAAM,4BAA4B,GAAG,oBAAoB;AACzD,MAAM,iBAAiB,GAAG,UAAU;AACpC,MAAM,qBAAqB,GAAG,KAAK;AACnC,MAAM,mBAAmB,GAAG,KAAK;AACjC,MAAM,6BAA6B,GAAG,KAAK;AAC3C,MAAM,iBAAiB,GAAG,KAAK;AAC/B,MAAM,eAAe,GAAG,KAAK;AAC7B,MAAM,aAAa,GAAG,KAAK;AAC3B,MAAM,uBAAuB,GAAG,KAAK;AACrC,MAAM,kBAAkB,GAAG,KAAK;AAChC,MAAM,gBAAgB,GAAG,KAAK;AAC9B,MAAM,0BAA0B,GAAG,KAAK;AACxC,MAAM,iBAAiB,GAAG,KAAK;AAC/B,MAAM,iBAAiB,GAAG,UAAU;MAE9B,yBAAyB,CAAA;AACpC,IAAA,OAAO,SAAS,GAAA;AACd,QAAA,MAAM,mBAAmB,CAAC;KAC3B;AACF,CAAA;AAED;AACA;AACA;AACA,QAAQ,CAAC,SAAS,CAAC,cAAc,GAAG,YAA4B,GAAC;;AC7GjE;;;;;;;;;;;;;;;AAeG;AAsGa,SAAA,qBAAqB,CACnC,IAAU,EACV,OAAqC,EAAA;IAErC,OAAO,kBAAkB,CAIvB,IAAI,EAGJ,MAAA,wBAAA,iCAAA,sCAAA,kBAAkB,CAAC,IAAI,EAAE,OAAO,CAAC,CAClC,CAAC;AACJ;;MC5GsB,wBAAwB,CAAA;AAC5C,IAAA,WAAA,CAA+B,QAAkB,EAAA;QAAlB,IAAQ,CAAA,QAAA,GAAR,QAAQ,CAAU;KAAI;AAErD,IAAA,QAAQ,CACN,IAAkB,EAClB,OAA+B,EAC/B,WAA2B,EAAA;AAE3B,QAAA,QAAQ,OAAO,CAAC,IAAI;AAClB,YAAA,KAAA,QAAA;AACE,gBAAA,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,OAAO,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;AACrE,YAAA,KAAA,QAAA;gBACE,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;AACxD,YAAA;AACE,gBAAA,OAAO,SAAS,CAAC,mCAAmC,CAAC,CAAC;SACzD;KACF;AAWF;;ACZD;;;;AAIG;MACU,wBAAwB,CAAA;AACnC;;;;;;;;;AASG;AACH,IAAA,OAAO,sBAAsB,CAC3B,MAAkB,EAClB,eAAuB,EAAA;QAEvB,OAAO,4BAA4B,CAAC,WAAW,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;KAC1E;AAED;;;;;;;;AAQG;AACH,IAAA,OAAO,kBAAkB,CACvB,YAAoB,EACpB,eAAuB,EAAA;QAEvB,OAAO,4BAA4B,CAAC,iBAAiB,CACnD,YAAY,EACZ,eAAe,CAChB,CAAC;KACH;AAED;;;;;;;;AAQG;AACH,IAAA,aAAa,cAAc,CACzB,OAA2B,EAAA;QAE3B,MAAM,UAAU,GAAG,OAAiC,CAAC;QACrD,OAAO,CACL,OAAO,UAAU,CAAC,IAAI,EAAE,IAAI,KAAK,WAAW,EAAA,gBAAA,oCAE7C,CAAC;QACF,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE;YAC9D,OAAO,EAAE,UAAU,CAAC,UAAU;AAC9B,YAAA,kBAAkB,EAAE,EAAE;AACvB,SAAA,CAAC,CAAC;AACH,QAAA,OAAO,UAAU,CAAC,mCAAmC,CACnD,QAAQ,EACR,UAAU,CAAC,IAAI,CAAC,IAAI,CACrB,CAAC;KACH;;AAED;;AAEG;AACI,wBAAA,CAAA,SAAS,GAAyB,MAAA,qBAAA;AAGrC,MAAO,4BACX,SAAQ,wBAAwB,CAAA;AAGhC,IAAA,WAAA,CACW,GAAW,EACX,YAAqB,EACrB,MAAmB,EAAA;AAE5B,QAAA,KAAK,4BAAe,CAAC;QAJZ,IAAG,CAAA,GAAA,GAAH,GAAG,CAAQ;QACX,IAAY,CAAA,YAAA,GAAZ,YAAY,CAAS;QACrB,IAAM,CAAA,MAAA,GAAN,MAAM,CAAa;KAG7B;;AAGD,IAAA,OAAO,WAAW,CAChB,MAAkB,EAClB,GAAW,EAAA;QAEX,OAAO,IAAI,4BAA4B,CAAC,GAAG,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;KACjE;;AAGD,IAAA,OAAO,iBAAiB,CACtB,YAAoB,EACpB,GAAW,EAAA;AAEX,QAAA,OAAO,IAAI,4BAA4B,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;KAC5D;;AAGD,IAAA,MAAM,eAAe,CACnB,IAAkB,EAClB,OAAe,EACf,WAA2B,EAAA;QAE3B,OAAO,CACL,OAAO,IAAI,CAAC,MAAM,KAAK,WAAW,EAClC,IAAI,EAAA,gBAAA,oCAEL,CAAC;QACF,OAAO,qBAAqB,CAAC,IAAI,EAAE;YACjC,OAAO;YACP,WAAW;YACX,oBAAoB,EAAE,IAAI,CAAC,MAAM,CAAC,yBAAyB,CAAC,IAAI,CAAC,GAAG,CAAC;AACtE,SAAA,CAAC,CAAC;KACJ;;AAGD,IAAA,MAAM,eAAe,CACnB,IAAkB,EAClB,oBAA4B,EAAA;AAE5B,QAAA,OAAO,CACL,IAAI,CAAC,YAAY,KAAK,SAAS,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,EACzD,IAAI,sDAEL,CAAC;QACF,MAAM,oBAAoB,GAAG,EAAE,gBAAgB,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC;QAC5D,OAAO,qBAAqB,CAAC,IAAI,EAAE;YACjC,oBAAoB;YACpB,eAAe,EAAE,IAAI,CAAC,YAAY;YAClC,oBAAoB;AACrB,SAAA,CAAC,CAAC;KACJ;AACF,CAAA;AAED;;;;;;AAMG;MACU,UAAU,CAAA;;AAwBrB,IAAA,WAAA,CACE,SAAiB,EACjB,gBAAwB,EACxB,UAAkB,EAClB,mBAA2B,EAC3B,4BAAoC,EACnB,WAAmB,EACnB,IAAkB,EAAA;QADlB,IAAW,CAAA,WAAA,GAAX,WAAW,CAAQ;QACnB,IAAI,CAAA,IAAA,GAAJ,IAAI,CAAc;AAEnC,QAAA,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;AAC3B,QAAA,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;AACzC,QAAA,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;AAC7B,QAAA,IAAI,CAAC,mBAAmB,GAAG,mBAAmB,CAAC;AAC/C,QAAA,IAAI,CAAC,4BAA4B,GAAG,4BAA4B,CAAC;KAClE;;AAGD,IAAA,OAAO,mCAAmC,CACxC,QAAwC,EACxC,IAAkB,EAAA;QAElB,OAAO,IAAI,UAAU,CACnB,QAAQ,CAAC,eAAe,CAAC,eAAe,EACxC,QAAQ,CAAC,eAAe,CAAC,gBAAgB,EACzC,QAAQ,CAAC,eAAe,CAAC,sBAAsB,EAC/C,QAAQ,CAAC,eAAe,CAAC,SAAS,EAClC,IAAI,IAAI,CAAC,QAAQ,CAAC,eAAe,CAAC,sBAAsB,CAAC,CAAC,WAAW,EAAE,EACvE,QAAQ,CAAC,eAAe,CAAC,WAAW,EACpC,IAAI,CACL,CAAC;KACH;;AAGD,IAAA,yBAAyB,CAAC,GAAW,EAAA;QACnC,OAAO,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,gBAAgB,EAAE,GAAG,EAAE,CAAC;KACjE;AAED;;;;;;;;;AASG;IACH,iBAAiB,CAAC,WAAoB,EAAE,MAAe,EAAA;QACrD,IAAI,WAAW,GAAG,KAAK,CAAC;QACxB,IAAI,cAAc,CAAC,WAAW,CAAC,IAAI,cAAc,CAAC,MAAM,CAAC,EAAE;YACzD,WAAW,GAAG,IAAI,CAAC;SACpB;QACD,IAAI,WAAW,EAAE;AACf,YAAA,IAAI,cAAc,CAAC,WAAW,CAAC,EAAE;gBAC/B,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,IAAI,aAAa,CAAC;aAC7D;AACD,YAAA,IAAI,cAAc,CAAC,MAAM,CAAC,EAAE;AAC1B,gBAAA,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC;aACzB;SACF;AACD,QAAA,OAAO,kBAAkB,MAAM,CAAA,CAAA,EAAI,WAAW,CAAW,QAAA,EAAA,IAAI,CAAC,SAAS,CAAA,QAAA,EAAW,MAAM,CAAc,WAAA,EAAA,IAAI,CAAC,gBAAgB,CAAA,QAAA,EAAW,IAAI,CAAC,UAAU,EAAE,CAAC;KACzJ;AACF,CAAA;AAED;AACA,SAAS,cAAc,CAAC,KAAc,EAAA;IACpC,OAAO,OAAO,KAAK,KAAK,WAAW,IAAI,KAAK,EAAE,MAAM,KAAK,CAAC,CAAC;AAC7D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"}
\ No newline at end of file |