No Description
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

internal.js 26KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570
  1. import { ap as debugAssert, aq as _isIOS, ar as _isAndroid, as as _fail, at as _getRedirectUrl, au as _getProjectConfig, av as _isIOS7Or8, aw as _createError, ax as _assert, ay as AuthEventManager, az as _getInstance, b as browserLocalPersistence, aA as _persistenceKeyName, a as browserSessionPersistence, aB as _getRedirectResult, aC as _overrideRedirectResult, aD as _clearRedirectOutcomes, aE as _castAuth } from './index-e5b3cc81.js';
  2. export { A as ActionCodeOperation, ad as ActionCodeURL, H as AuthCredential, D as AuthErrorCodes, aG as AuthImpl, aJ as AuthPopup, I as EmailAuthCredential, M as EmailAuthProvider, N as FacebookAuthProvider, F as FactorId, aK as FetchProvider, T as GithubAuthProvider, Q as GoogleAuthProvider, J as OAuthCredential, U as OAuthProvider, O as OperationType, K as PhoneAuthCredential, P as PhoneAuthProvider, m as PhoneMultiFactorGenerator, o as ProviderId, R as RecaptchaVerifier, aL as SAMLAuthCredential, V as SAMLAuthProvider, S as SignInMethod, W as TwitterAuthProvider, aF as UserImpl, ax as _assert, aE as _castAuth, as as _fail, aI as _generateEventId, aH as _getClientVersion, az as _getInstance, aB as _getRedirectResult, aC as _overrideRedirectResult, aA as _persistenceKeyName, a2 as applyActionCode, t as beforeAuthStateChanged, b as browserLocalPersistence, k as browserPopupRedirectResolver, a as browserSessionPersistence, a3 as checkActionCode, a1 as confirmPasswordReset, G as connectAuthEmulator, a5 as createUserWithEmailAndPassword, B as debugErrorMap, z as deleteUser, aa as fetchSignInMethodsForEmail, al as getAdditionalUserInfo, n as getAuth, ai as getIdToken, aj as getIdTokenResult, an as getMultiFactorResolver, j as getRedirectResult, L as inMemoryPersistence, i as indexedDBLocalPersistence, E as initializeAuth, a8 as isSignInWithEmailLink, Z as linkWithCredential, l as linkWithPhoneNumber, d as linkWithPopup, g as linkWithRedirect, ao as multiFactor, v as onAuthStateChanged, q as onIdTokenChanged, ae as parseActionCodeURL, C as prodErrorMap, _ as reauthenticateWithCredential, r as reauthenticateWithPhoneNumber, e as reauthenticateWithPopup, h as reauthenticateWithRedirect, am as reload, ab as sendEmailVerification, a0 as sendPasswordResetEmail, a7 as sendSignInLinkToEmail, p as setPersistence, X as signInAnonymously, Y as signInWithCredential, $ as signInWithCustomToken, a6 as signInWithEmailAndPassword, a9 as signInWithEmailLink, s as signInWithPhoneNumber, c as signInWithPopup, f as signInWithRedirect, y as signOut, ak as unlink, x as updateCurrentUser, ag as updateEmail, ah as updatePassword, u as updatePhoneNumber, af as updateProfile, w as useDeviceLanguage, ac as verifyBeforeUpdateEmail, a4 as verifyPasswordResetCode } from './index-e5b3cc81.js';
  3. import { querystringDecode } from '@firebase/util';
  4. import '@firebase/app';
  5. import '@firebase/logger';
  6. import 'tslib';
  7. import '@firebase/component';
  8. /**
  9. * @license
  10. * Copyright 2021 Google LLC
  11. *
  12. * Licensed under the Apache License, Version 2.0 (the "License");
  13. * you may not use this file except in compliance with the License.
  14. * You may obtain a copy of the License at
  15. *
  16. * http://www.apache.org/licenses/LICENSE-2.0
  17. *
  18. * Unless required by applicable law or agreed to in writing, software
  19. * distributed under the License is distributed on an "AS IS" BASIS,
  20. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  21. * See the License for the specific language governing permissions and
  22. * limitations under the License.
  23. */
  24. function _cordovaWindow() {
  25. return window;
  26. }
  27. /**
  28. * @license
  29. * Copyright 2020 Google LLC
  30. *
  31. * Licensed under the Apache License, Version 2.0 (the "License");
  32. * you may not use this file except in compliance with the License.
  33. * You may obtain a copy of the License at
  34. *
  35. * http://www.apache.org/licenses/LICENSE-2.0
  36. *
  37. * Unless required by applicable law or agreed to in writing, software
  38. * distributed under the License is distributed on an "AS IS" BASIS,
  39. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  40. * See the License for the specific language governing permissions and
  41. * limitations under the License.
  42. */
  43. /**
  44. * How long to wait after the app comes back into focus before concluding that
  45. * the user closed the sign in tab.
  46. */
  47. const REDIRECT_TIMEOUT_MS = 2000;
  48. /**
  49. * Generates the URL for the OAuth handler.
  50. */
  51. async function _generateHandlerUrl(auth, event, provider) {
  52. var _a;
  53. // Get the cordova plugins
  54. const { BuildInfo } = _cordovaWindow();
  55. debugAssert(event.sessionId, 'AuthEvent did not contain a session ID');
  56. const sessionDigest = await computeSha256(event.sessionId);
  57. const additionalParams = {};
  58. if (_isIOS()) {
  59. // iOS app identifier
  60. additionalParams['ibi'] = BuildInfo.packageName;
  61. }
  62. else if (_isAndroid()) {
  63. // Android app identifier
  64. additionalParams['apn'] = BuildInfo.packageName;
  65. }
  66. else {
  67. _fail(auth, "operation-not-supported-in-this-environment" /* AuthErrorCode.OPERATION_NOT_SUPPORTED */);
  68. }
  69. // Add the display name if available
  70. if (BuildInfo.displayName) {
  71. additionalParams['appDisplayName'] = BuildInfo.displayName;
  72. }
  73. // Attached the hashed session ID
  74. additionalParams['sessionId'] = sessionDigest;
  75. return _getRedirectUrl(auth, provider, event.type, undefined, (_a = event.eventId) !== null && _a !== void 0 ? _a : undefined, additionalParams);
  76. }
  77. /**
  78. * Validates that this app is valid for this project configuration
  79. */
  80. async function _validateOrigin(auth) {
  81. const { BuildInfo } = _cordovaWindow();
  82. const request = {};
  83. if (_isIOS()) {
  84. request.iosBundleId = BuildInfo.packageName;
  85. }
  86. else if (_isAndroid()) {
  87. request.androidPackageName = BuildInfo.packageName;
  88. }
  89. else {
  90. _fail(auth, "operation-not-supported-in-this-environment" /* AuthErrorCode.OPERATION_NOT_SUPPORTED */);
  91. }
  92. // Will fail automatically if package name is not authorized
  93. await _getProjectConfig(auth, request);
  94. }
  95. function _performRedirect(handlerUrl) {
  96. // Get the cordova plugins
  97. const { cordova } = _cordovaWindow();
  98. return new Promise(resolve => {
  99. cordova.plugins.browsertab.isAvailable(browserTabIsAvailable => {
  100. let iabRef = null;
  101. if (browserTabIsAvailable) {
  102. cordova.plugins.browsertab.openUrl(handlerUrl);
  103. }
  104. else {
  105. // TODO: Return the inappbrowser ref that's returned from the open call
  106. iabRef = cordova.InAppBrowser.open(handlerUrl, _isIOS7Or8() ? '_blank' : '_system', 'location=yes');
  107. }
  108. resolve(iabRef);
  109. });
  110. });
  111. }
  112. /**
  113. * This function waits for app activity to be seen before resolving. It does
  114. * this by attaching listeners to various dom events. Once the app is determined
  115. * to be visible, this promise resolves. AFTER that resolution, the listeners
  116. * are detached and any browser tabs left open will be closed.
  117. */
  118. async function _waitForAppResume(auth, eventListener, iabRef) {
  119. // Get the cordova plugins
  120. const { cordova } = _cordovaWindow();
  121. let cleanup = () => { };
  122. try {
  123. await new Promise((resolve, reject) => {
  124. let onCloseTimer = null;
  125. // DEFINE ALL THE CALLBACKS =====
  126. function authEventSeen() {
  127. var _a;
  128. // Auth event was detected. Resolve this promise and close the extra
  129. // window if it's still open.
  130. resolve();
  131. const closeBrowserTab = (_a = cordova.plugins.browsertab) === null || _a === void 0 ? void 0 : _a.close;
  132. if (typeof closeBrowserTab === 'function') {
  133. closeBrowserTab();
  134. }
  135. // Close inappbrowser emebedded webview in iOS7 and 8 case if still
  136. // open.
  137. if (typeof (iabRef === null || iabRef === void 0 ? void 0 : iabRef.close) === 'function') {
  138. iabRef.close();
  139. }
  140. }
  141. function resumed() {
  142. if (onCloseTimer) {
  143. // This code already ran; do not rerun.
  144. return;
  145. }
  146. onCloseTimer = window.setTimeout(() => {
  147. // Wait two seeconds after resume then reject.
  148. reject(_createError(auth, "redirect-cancelled-by-user" /* AuthErrorCode.REDIRECT_CANCELLED_BY_USER */));
  149. }, REDIRECT_TIMEOUT_MS);
  150. }
  151. function visibilityChanged() {
  152. if ((document === null || document === void 0 ? void 0 : document.visibilityState) === 'visible') {
  153. resumed();
  154. }
  155. }
  156. // ATTACH ALL THE LISTENERS =====
  157. // Listen for the auth event
  158. eventListener.addPassiveListener(authEventSeen);
  159. // Listen for resume and visibility events
  160. document.addEventListener('resume', resumed, false);
  161. if (_isAndroid()) {
  162. document.addEventListener('visibilitychange', visibilityChanged, false);
  163. }
  164. // SETUP THE CLEANUP FUNCTION =====
  165. cleanup = () => {
  166. eventListener.removePassiveListener(authEventSeen);
  167. document.removeEventListener('resume', resumed, false);
  168. document.removeEventListener('visibilitychange', visibilityChanged, false);
  169. if (onCloseTimer) {
  170. window.clearTimeout(onCloseTimer);
  171. }
  172. };
  173. });
  174. }
  175. finally {
  176. cleanup();
  177. }
  178. }
  179. /**
  180. * Checks the configuration of the Cordova environment. This has no side effect
  181. * if the configuration is correct; otherwise it throws an error with the
  182. * missing plugin.
  183. */
  184. function _checkCordovaConfiguration(auth) {
  185. var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k;
  186. const win = _cordovaWindow();
  187. // Check all dependencies installed.
  188. // https://github.com/nordnet/cordova-universal-links-plugin
  189. // Note that cordova-universal-links-plugin has been abandoned.
  190. // A fork with latest fixes is available at:
  191. // https://www.npmjs.com/package/cordova-universal-links-plugin-fix
  192. _assert(typeof ((_a = win === null || win === void 0 ? void 0 : win.universalLinks) === null || _a === void 0 ? void 0 : _a.subscribe) === 'function', auth, "invalid-cordova-configuration" /* AuthErrorCode.INVALID_CORDOVA_CONFIGURATION */, {
  193. missingPlugin: 'cordova-universal-links-plugin-fix'
  194. });
  195. // https://www.npmjs.com/package/cordova-plugin-buildinfo
  196. _assert(typeof ((_b = win === null || win === void 0 ? void 0 : win.BuildInfo) === null || _b === void 0 ? void 0 : _b.packageName) !== 'undefined', auth, "invalid-cordova-configuration" /* AuthErrorCode.INVALID_CORDOVA_CONFIGURATION */, {
  197. missingPlugin: 'cordova-plugin-buildInfo'
  198. });
  199. // https://github.com/google/cordova-plugin-browsertab
  200. _assert(typeof ((_e = (_d = (_c = win === null || win === void 0 ? void 0 : win.cordova) === null || _c === void 0 ? void 0 : _c.plugins) === null || _d === void 0 ? void 0 : _d.browsertab) === null || _e === void 0 ? void 0 : _e.openUrl) === 'function', auth, "invalid-cordova-configuration" /* AuthErrorCode.INVALID_CORDOVA_CONFIGURATION */, {
  201. missingPlugin: 'cordova-plugin-browsertab'
  202. });
  203. _assert(typeof ((_h = (_g = (_f = win === null || win === void 0 ? void 0 : win.cordova) === null || _f === void 0 ? void 0 : _f.plugins) === null || _g === void 0 ? void 0 : _g.browsertab) === null || _h === void 0 ? void 0 : _h.isAvailable) === 'function', auth, "invalid-cordova-configuration" /* AuthErrorCode.INVALID_CORDOVA_CONFIGURATION */, {
  204. missingPlugin: 'cordova-plugin-browsertab'
  205. });
  206. // https://cordova.apache.org/docs/en/latest/reference/cordova-plugin-inappbrowser/
  207. _assert(typeof ((_k = (_j = win === null || win === void 0 ? void 0 : win.cordova) === null || _j === void 0 ? void 0 : _j.InAppBrowser) === null || _k === void 0 ? void 0 : _k.open) === 'function', auth, "invalid-cordova-configuration" /* AuthErrorCode.INVALID_CORDOVA_CONFIGURATION */, {
  208. missingPlugin: 'cordova-plugin-inappbrowser'
  209. });
  210. }
  211. /**
  212. * Computes the SHA-256 of a session ID. The SubtleCrypto interface is only
  213. * available in "secure" contexts, which covers Cordova (which is served on a file
  214. * protocol).
  215. */
  216. async function computeSha256(sessionId) {
  217. const bytes = stringToArrayBuffer(sessionId);
  218. // TODO: For IE11 crypto has a different name and this operation comes back
  219. // as an object, not a promise. This is the old proposed standard that
  220. // is used by IE11:
  221. // https://www.w3.org/TR/2013/WD-WebCryptoAPI-20130108/#cryptooperation-interface
  222. const buf = await crypto.subtle.digest('SHA-256', bytes);
  223. const arr = Array.from(new Uint8Array(buf));
  224. return arr.map(num => num.toString(16).padStart(2, '0')).join('');
  225. }
  226. function stringToArrayBuffer(str) {
  227. // This function is only meant to deal with an ASCII charset and makes
  228. // certain simplifying assumptions.
  229. debugAssert(/[0-9a-zA-Z]+/.test(str), 'Can only convert alpha-numeric strings');
  230. if (typeof TextEncoder !== 'undefined') {
  231. return new TextEncoder().encode(str);
  232. }
  233. const buff = new ArrayBuffer(str.length);
  234. const view = new Uint8Array(buff);
  235. for (let i = 0; i < str.length; i++) {
  236. view[i] = str.charCodeAt(i);
  237. }
  238. return view;
  239. }
  240. /**
  241. * @license
  242. * Copyright 2020 Google LLC
  243. *
  244. * Licensed under the Apache License, Version 2.0 (the "License");
  245. * you may not use this file except in compliance with the License.
  246. * You may obtain a copy of the License at
  247. *
  248. * http://www.apache.org/licenses/LICENSE-2.0
  249. *
  250. * Unless required by applicable law or agreed to in writing, software
  251. * distributed under the License is distributed on an "AS IS" BASIS,
  252. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  253. * See the License for the specific language governing permissions and
  254. * limitations under the License.
  255. */
  256. const SESSION_ID_LENGTH = 20;
  257. /** Custom AuthEventManager that adds passive listeners to events */
  258. class CordovaAuthEventManager extends AuthEventManager {
  259. constructor() {
  260. super(...arguments);
  261. this.passiveListeners = new Set();
  262. this.initPromise = new Promise(resolve => {
  263. this.resolveInialized = resolve;
  264. });
  265. }
  266. addPassiveListener(cb) {
  267. this.passiveListeners.add(cb);
  268. }
  269. removePassiveListener(cb) {
  270. this.passiveListeners.delete(cb);
  271. }
  272. // In a Cordova environment, this manager can live through multiple redirect
  273. // operations
  274. resetRedirect() {
  275. this.queuedRedirectEvent = null;
  276. this.hasHandledPotentialRedirect = false;
  277. }
  278. /** Override the onEvent method */
  279. onEvent(event) {
  280. this.resolveInialized();
  281. this.passiveListeners.forEach(cb => cb(event));
  282. return super.onEvent(event);
  283. }
  284. async initialized() {
  285. await this.initPromise;
  286. }
  287. }
  288. /**
  289. * Generates a (partial) {@link AuthEvent}.
  290. */
  291. function _generateNewEvent(auth, type, eventId = null) {
  292. return {
  293. type,
  294. eventId,
  295. urlResponse: null,
  296. sessionId: generateSessionId(),
  297. postBody: null,
  298. tenantId: auth.tenantId,
  299. error: _createError(auth, "no-auth-event" /* AuthErrorCode.NO_AUTH_EVENT */)
  300. };
  301. }
  302. function _savePartialEvent(auth, event) {
  303. return storage()._set(persistenceKey(auth), event);
  304. }
  305. async function _getAndRemoveEvent(auth) {
  306. const event = (await storage()._get(persistenceKey(auth)));
  307. if (event) {
  308. await storage()._remove(persistenceKey(auth));
  309. }
  310. return event;
  311. }
  312. function _eventFromPartialAndUrl(partialEvent, url) {
  313. var _a, _b;
  314. // Parse the deep link within the dynamic link URL.
  315. const callbackUrl = _getDeepLinkFromCallback(url);
  316. // Confirm it is actually a callback URL.
  317. // Currently the universal link will be of this format:
  318. // https://<AUTH_DOMAIN>/__/auth/callback<OAUTH_RESPONSE>
  319. // This is a fake URL but is not intended to take the user anywhere
  320. // and just redirect to the app.
  321. if (callbackUrl.includes('/__/auth/callback')) {
  322. // Check if there is an error in the URL.
  323. // This mechanism is also used to pass errors back to the app:
  324. // https://<AUTH_DOMAIN>/__/auth/callback?firebaseError=<STRINGIFIED_ERROR>
  325. const params = searchParamsOrEmpty(callbackUrl);
  326. // Get the error object corresponding to the stringified error if found.
  327. const errorObject = params['firebaseError']
  328. ? parseJsonOrNull(decodeURIComponent(params['firebaseError']))
  329. : null;
  330. const code = (_b = (_a = errorObject === null || errorObject === void 0 ? void 0 : errorObject['code']) === null || _a === void 0 ? void 0 : _a.split('auth/')) === null || _b === void 0 ? void 0 : _b[1];
  331. const error = code ? _createError(code) : null;
  332. if (error) {
  333. return {
  334. type: partialEvent.type,
  335. eventId: partialEvent.eventId,
  336. tenantId: partialEvent.tenantId,
  337. error,
  338. urlResponse: null,
  339. sessionId: null,
  340. postBody: null
  341. };
  342. }
  343. else {
  344. return {
  345. type: partialEvent.type,
  346. eventId: partialEvent.eventId,
  347. tenantId: partialEvent.tenantId,
  348. sessionId: partialEvent.sessionId,
  349. urlResponse: callbackUrl,
  350. postBody: null
  351. };
  352. }
  353. }
  354. return null;
  355. }
  356. function generateSessionId() {
  357. const chars = [];
  358. const allowedChars = '1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
  359. for (let i = 0; i < SESSION_ID_LENGTH; i++) {
  360. const idx = Math.floor(Math.random() * allowedChars.length);
  361. chars.push(allowedChars.charAt(idx));
  362. }
  363. return chars.join('');
  364. }
  365. function storage() {
  366. return _getInstance(browserLocalPersistence);
  367. }
  368. function persistenceKey(auth) {
  369. return _persistenceKeyName("authEvent" /* KeyName.AUTH_EVENT */, auth.config.apiKey, auth.name);
  370. }
  371. function parseJsonOrNull(json) {
  372. try {
  373. return JSON.parse(json);
  374. }
  375. catch (e) {
  376. return null;
  377. }
  378. }
  379. // Exported for testing
  380. function _getDeepLinkFromCallback(url) {
  381. const params = searchParamsOrEmpty(url);
  382. const link = params['link'] ? decodeURIComponent(params['link']) : undefined;
  383. // Double link case (automatic redirect)
  384. const doubleDeepLink = searchParamsOrEmpty(link)['link'];
  385. // iOS custom scheme links.
  386. const iOSDeepLink = params['deep_link_id']
  387. ? decodeURIComponent(params['deep_link_id'])
  388. : undefined;
  389. const iOSDoubleDeepLink = searchParamsOrEmpty(iOSDeepLink)['link'];
  390. return iOSDoubleDeepLink || iOSDeepLink || doubleDeepLink || link || url;
  391. }
  392. /**
  393. * Optimistically tries to get search params from a string, or else returns an
  394. * empty search params object.
  395. */
  396. function searchParamsOrEmpty(url) {
  397. if (!(url === null || url === void 0 ? void 0 : url.includes('?'))) {
  398. return {};
  399. }
  400. const [_, ...rest] = url.split('?');
  401. return querystringDecode(rest.join('?'));
  402. }
  403. /**
  404. * @license
  405. * Copyright 2021 Google LLC
  406. *
  407. * Licensed under the Apache License, Version 2.0 (the "License");
  408. * you may not use this file except in compliance with the License.
  409. * You may obtain a copy of the License at
  410. *
  411. * http://www.apache.org/licenses/LICENSE-2.0
  412. *
  413. * Unless required by applicable law or agreed to in writing, software
  414. * distributed under the License is distributed on an "AS IS" BASIS,
  415. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  416. * See the License for the specific language governing permissions and
  417. * limitations under the License.
  418. */
  419. /**
  420. * How long to wait for the initial auth event before concluding no
  421. * redirect pending
  422. */
  423. const INITIAL_EVENT_TIMEOUT_MS = 500;
  424. class CordovaPopupRedirectResolver {
  425. constructor() {
  426. this._redirectPersistence = browserSessionPersistence;
  427. this._shouldInitProactively = true; // This is lightweight for Cordova
  428. this.eventManagers = new Map();
  429. this.originValidationPromises = {};
  430. this._completeRedirectFn = _getRedirectResult;
  431. this._overrideRedirectResult = _overrideRedirectResult;
  432. }
  433. async _initialize(auth) {
  434. const key = auth._key();
  435. let manager = this.eventManagers.get(key);
  436. if (!manager) {
  437. manager = new CordovaAuthEventManager(auth);
  438. this.eventManagers.set(key, manager);
  439. this.attachCallbackListeners(auth, manager);
  440. }
  441. return manager;
  442. }
  443. _openPopup(auth) {
  444. _fail(auth, "operation-not-supported-in-this-environment" /* AuthErrorCode.OPERATION_NOT_SUPPORTED */);
  445. }
  446. async _openRedirect(auth, provider, authType, eventId) {
  447. _checkCordovaConfiguration(auth);
  448. const manager = await this._initialize(auth);
  449. await manager.initialized();
  450. // Reset the persisted redirect states. This does not matter on Web where
  451. // the redirect always blows away application state entirely. On Cordova,
  452. // the app maintains control flow through the redirect.
  453. manager.resetRedirect();
  454. _clearRedirectOutcomes();
  455. await this._originValidation(auth);
  456. const event = _generateNewEvent(auth, authType, eventId);
  457. await _savePartialEvent(auth, event);
  458. const url = await _generateHandlerUrl(auth, event, provider);
  459. const iabRef = await _performRedirect(url);
  460. return _waitForAppResume(auth, manager, iabRef);
  461. }
  462. _isIframeWebStorageSupported(_auth, _cb) {
  463. throw new Error('Method not implemented.');
  464. }
  465. _originValidation(auth) {
  466. const key = auth._key();
  467. if (!this.originValidationPromises[key]) {
  468. this.originValidationPromises[key] = _validateOrigin(auth);
  469. }
  470. return this.originValidationPromises[key];
  471. }
  472. attachCallbackListeners(auth, manager) {
  473. // Get the global plugins
  474. const { universalLinks, handleOpenURL, BuildInfo } = _cordovaWindow();
  475. const noEventTimeout = setTimeout(async () => {
  476. // We didn't see that initial event. Clear any pending object and
  477. // dispatch no event
  478. await _getAndRemoveEvent(auth);
  479. manager.onEvent(generateNoEvent());
  480. }, INITIAL_EVENT_TIMEOUT_MS);
  481. const universalLinksCb = async (eventData) => {
  482. // We have an event so we can clear the no event timeout
  483. clearTimeout(noEventTimeout);
  484. const partialEvent = await _getAndRemoveEvent(auth);
  485. let finalEvent = null;
  486. if (partialEvent && (eventData === null || eventData === void 0 ? void 0 : eventData['url'])) {
  487. finalEvent = _eventFromPartialAndUrl(partialEvent, eventData['url']);
  488. }
  489. // If finalEvent is never filled, trigger with no event
  490. manager.onEvent(finalEvent || generateNoEvent());
  491. };
  492. // Universal links subscriber doesn't exist for iOS, so we need to check
  493. if (typeof universalLinks !== 'undefined' &&
  494. typeof universalLinks.subscribe === 'function') {
  495. universalLinks.subscribe(null, universalLinksCb);
  496. }
  497. // iOS 7 or 8 custom URL schemes.
  498. // This is also the current default behavior for iOS 9+.
  499. // For this to work, cordova-plugin-customurlscheme needs to be installed.
  500. // https://github.com/EddyVerbruggen/Custom-URL-scheme
  501. // Do not overwrite the existing developer's URL handler.
  502. const existingHandleOpenURL = handleOpenURL;
  503. const packagePrefix = `${BuildInfo.packageName.toLowerCase()}://`;
  504. _cordovaWindow().handleOpenURL = async (url) => {
  505. if (url.toLowerCase().startsWith(packagePrefix)) {
  506. // We want this intentionally to float
  507. // eslint-disable-next-line @typescript-eslint/no-floating-promises
  508. universalLinksCb({ url });
  509. }
  510. // Call the developer's handler if it is present.
  511. if (typeof existingHandleOpenURL === 'function') {
  512. try {
  513. existingHandleOpenURL(url);
  514. }
  515. catch (e) {
  516. // This is a developer error. Don't stop the flow of the SDK.
  517. console.error(e);
  518. }
  519. }
  520. };
  521. }
  522. }
  523. /**
  524. * An implementation of {@link PopupRedirectResolver} suitable for Cordova
  525. * based applications.
  526. *
  527. * @public
  528. */
  529. const cordovaPopupRedirectResolver = CordovaPopupRedirectResolver;
  530. function generateNoEvent() {
  531. return {
  532. type: "unknown" /* AuthEventType.UNKNOWN */,
  533. eventId: null,
  534. sessionId: null,
  535. urlResponse: null,
  536. postBody: null,
  537. tenantId: null,
  538. error: _createError("no-auth-event" /* AuthErrorCode.NO_AUTH_EVENT */)
  539. };
  540. }
  541. /**
  542. * @license
  543. * Copyright 2017 Google LLC
  544. *
  545. * Licensed under the Apache License, Version 2.0 (the "License");
  546. * you may not use this file except in compliance with the License.
  547. * You may obtain a copy of the License at
  548. *
  549. * http://www.apache.org/licenses/LICENSE-2.0
  550. *
  551. * Unless required by applicable law or agreed to in writing, software
  552. * distributed under the License is distributed on an "AS IS" BASIS,
  553. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  554. * See the License for the specific language governing permissions and
  555. * limitations under the License.
  556. */
  557. // This function should only be called by frameworks (e.g. FirebaseUI-web) to log their usage.
  558. // It is not intended for direct use by developer apps. NO jsdoc here to intentionally leave it out
  559. // of autogenerated documentation pages to reduce accidental misuse.
  560. function addFrameworkForLogging(auth, framework) {
  561. _castAuth(auth)._logFramework(framework);
  562. }
  563. export { addFrameworkForLogging, cordovaPopupRedirectResolver };
  564. //# sourceMappingURL=internal.js.map