girinmanos/test_server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
967c38beddf67b7afb58b004fe498f65fd648cf4
test_server/node_modules/firebase-functions/lib/common/providers/identity.d.ts
girinb 485098cd1a link
2025-05-29 15:41:51 +09:00

259 lines
7.7 KiB
TypeScript
Raw Blame History

import * as auth from "firebase-admin/auth";
import { EventContext } from "../../v1/cloud-functions";
import { HttpsError } from "./https";
export { HttpsError };
/**
* Shorthand auth blocking events from GCIP.
* @hidden
* @alpha
*/
export type AuthBlockingEventType = "beforeCreate" | "beforeSignIn" | "beforeSendEmail" | "beforeSendSms";
/**
* The `UserRecord` passed to Cloud Functions is the same
* {@link https://firebase.google.com/docs/reference/admin/node/firebase-admin.auth.userrecord | UserRecord}
* that is returned by the Firebase Admin SDK.
*/
export type UserRecord = auth.UserRecord;
/**
* `UserInfo` that is part of the `UserRecord`.
*/
export type UserInfo = auth.UserInfo;
/**
* Helper class to create the user metadata in a `UserRecord` object.
*/
export declare class UserRecordMetadata implements auth.UserMetadata {
creationTime: string;
lastSignInTime: string;
constructor(creationTime: string, lastSignInTime: string);
/** Returns a plain JavaScript object with the properties of UserRecordMetadata. */
toJSON(): AuthUserMetadata;
}
/**
* Helper function that creates a `UserRecord` class from data sent over the wire.
* @param wireData data sent over the wire
* @returns an instance of `UserRecord` with correct toJSON functions
*/
export declare function userRecordConstructor(wireData: Record<string, unknown>): UserRecord;
/**
* User info that is part of the `AuthUserRecord`.
*/
export interface AuthUserInfo {
/**
* The user identifier for the linked provider.
*/
uid: string;
/**
* The display name for the linked provider.
*/
displayName: string;
/**
* The email for the linked provider.
*/
email: string;
/**
* The photo URL for the linked provider.
*/
photoURL: string;
/**
* The linked provider ID (for example, "google.com" for the Google provider).
*/
providerId: string;
/**
* The phone number for the linked provider.
*/
phoneNumber: string;
}
/**
* Additional metadata about the user.
*/
export interface AuthUserMetadata {
/**
* The date the user was created, formatted as a UTC string.
*/
creationTime: string;
/**
* The date the user last signed in, formatted as a UTC string.
*/
lastSignInTime: string;
}
/**
* Interface representing the common properties of a user-enrolled second factor.
*/
export interface AuthMultiFactorInfo {
/**
* The ID of the enrolled second factor. This ID is unique to the user.
*/
uid: string;
/**
* The optional display name of the enrolled second factor.
*/
displayName?: string;
/**
* The type identifier of the second factor. For SMS second factors, this is `phone`.
*/
factorId: string;
/**
* The optional date the second factor was enrolled, formatted as a UTC string.
*/
enrollmentTime?: string;
/**
* The phone number associated with a phone second factor.
*/
phoneNumber?: string;
}
/**
* The multi-factor related properties for the current user, if available.
*/
export interface AuthMultiFactorSettings {
/**
* List of second factors enrolled with the current user.
*/
enrolledFactors: AuthMultiFactorInfo[];
}
/**
* The `UserRecord` passed to auth blocking functions from the identity platform.
*/
export interface AuthUserRecord {
/**
* The user's `uid`.
*/
uid: string;
/**
* The user's primary email, if set.
*/
email?: string;
/**
* Whether or not the user's primary email is verified.
*/
emailVerified: boolean;
/**
* The user's display name.
*/
displayName?: string;
/**
* The user's photo URL.
*/
photoURL?: string;
/**
* The user's primary phone number, if set.
*/
phoneNumber?: string;
/**
* Whether or not the user is disabled: `true` for disabled; `false` for
* enabled.
*/
disabled: boolean;
/**
* Additional metadata about the user.
*/
metadata: AuthUserMetadata;
/**
* An array of providers (for example, Google, Facebook) linked to the user.
*/
providerData: AuthUserInfo[];
/**
* The user's hashed password (base64-encoded).
*/
passwordHash?: string;
/**
* The user's password salt (base64-encoded).
*/
passwordSalt?: string;
/**
* The user's custom claims object if available, typically used to define
* user roles and propagated to an authenticated user's ID token.
*/
customClaims?: Record<string, any>;
/**
* The ID of the tenant the user belongs to, if available.
*/
tenantId?: string | null;
/**
* The date the user's tokens are valid after, formatted as a UTC string.
*/
tokensValidAfterTime?: string;
/**
* The multi-factor related properties for the current user, if available.
*/
multiFactor?: AuthMultiFactorSettings;
}
/** The additional user info component of the auth event context */
export interface AdditionalUserInfo {
providerId?: string;
profile?: any;
username?: string;
isNewUser: boolean;
recaptchaScore?: number;
email?: string;
phoneNumber?: string;
}
/** The credential component of the auth event context */
export interface Credential {
claims?: {
[key: string]: any;
};
idToken?: string;
accessToken?: string;
refreshToken?: string;
expirationTime?: string;
secret?: string;
providerId: string;
signInMethod: string;
}
/**
* Possible types of emails as described by the GCIP backend, which can be:
* - A sign-in email
* - A password reset email
*/
export type EmailType = "EMAIL_SIGN_IN" | "PASSWORD_RESET";
/**
* The type of SMS message, which can be:
* - A sign-in or sign up SMS message
* - A multi-factor sign-in SMS message
* - A multi-factor enrollment SMS message
*/
export type SmsType = "SIGN_IN_OR_SIGN_UP" | "MULTI_FACTOR_SIGN_IN" | "MULTI_FACTOR_ENROLLMENT";
/** Defines the auth event context for blocking events */
export interface AuthEventContext extends EventContext {
locale?: string;
ipAddress: string;
userAgent: string;
additionalUserInfo?: AdditionalUserInfo;
credential?: Credential;
emailType?: EmailType;
smsType?: SmsType;
}
/** Defines the auth event for 2nd gen blocking events */
export interface AuthBlockingEvent extends AuthEventContext {
data?: AuthUserRecord;
}
/** The reCAPTCHA action options. */
export type RecaptchaActionOptions = "ALLOW" | "BLOCK";
/** The handler response type for `beforeEmailSent` blocking events */
export interface BeforeEmailResponse {
recaptchaActionOverride?: RecaptchaActionOptions;
}
/** The handler response type for `beforeSmsSent` blocking events */
export interface BeforeSmsResponse {
recaptchaActionOverride?: RecaptchaActionOptions;
}
/** The handler response type for `beforeCreate` blocking events */
export interface BeforeCreateResponse {
displayName?: string;
disabled?: boolean;
emailVerified?: boolean;
photoURL?: string;
customClaims?: object;
recaptchaActionOverride?: RecaptchaActionOptions;
}
/** The handler response type for `beforeSignIn` blocking events */
export interface BeforeSignInResponse extends BeforeCreateResponse {
sessionClaims?: object;
}
export type MaybeAsync<T> = T | Promise<T>;
export type HandlerV1 = (userOrContext: AuthUserRecord | AuthEventContext, context?: AuthEventContext) => MaybeAsync<BeforeCreateResponse | BeforeSignInResponse | BeforeEmailResponse | BeforeSmsResponse | void>;
export type HandlerV2 = (event: AuthBlockingEvent) => MaybeAsync<BeforeCreateResponse | BeforeSignInResponse | BeforeEmailResponse | BeforeSmsResponse | void>;
export type AuthBlockingEventHandler = (HandlerV1 | HandlerV2) & {
platform: "gcfv1" | "gcfv2";
};
Reference in New Issue View Git Blame Copy Permalink