Mike/FrenoCorp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Auto-commit 2026-04-29 16:31

Browse Source
This commit is contained in:
Michael Freno
2026-04-29 16:31:27 -04:00
parent e8687bb6b2
commit 0495ee5bd2
19691 changed files with 3272886 additions and 138 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
node_modules/firebase-admin/lib/phone-number-verification/index.d.ts generated vendored Normal file
View File

@@ -0,0 +1,50 @@
/*! firebase-admin v13.8.0 */
/*!
* @license
* Copyright 2025 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* Firebase Phone Number Verification.
*
* @packageDocumentation
*/
import { App } from '../app';
import { PhoneNumberVerification } from './phone-number-verification';
export { PhoneNumberVerification } from './phone-number-verification';
export { PhoneNumberVerificationToken, } from './phone-number-verification-api';
/**
* Gets the {@link PhoneNumberVerification} service for the default app or a
* given app.
*
* `getPhoneNumberVerification()` can be called with no arguments to access the default app's
* {@link PhoneNumberVerification} service or as `getPhoneNumberVerification(app)` to access the
* {@link PhoneNumberVerification} service associated with a specific app.
*
* @example
* ```javascript
* // Get the PhoneNumberVerification service for the default app
* const defaultPnv = getPhoneNumberVerification();
* ```
*
* @example
* ```javascript
* // Get the PhoneNumberVerification service for a given app
* const otherPnv = getPhoneNumberVerification(otherApp);
* ```
*
* @returns The {@link PhoneNumberVerification} service associated with the provided app.
*
*/
export declare function getPhoneNumberVerification(app?: App): PhoneNumberVerification;

60
node_modules/firebase-admin/lib/phone-number-verification/index.js generated vendored Normal file
View File

@@ -0,0 +1,60 @@
/*! firebase-admin v13.8.0 */
"use strict";
/*!
* @license
* Copyright 2025 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
exports.PhoneNumberVerification = void 0;
exports.getPhoneNumberVerification = getPhoneNumberVerification;
/**
* Firebase Phone Number Verification.
*
* @packageDocumentation
*/
const app_1 = require("../app");
const phone_number_verification_1 = require("./phone-number-verification");
var phone_number_verification_2 = require("./phone-number-verification");
Object.defineProperty(exports, "PhoneNumberVerification", { enumerable: true, get: function () { return phone_number_verification_2.PhoneNumberVerification; } });
/**
* Gets the {@link PhoneNumberVerification} service for the default app or a
* given app.
*
* `getPhoneNumberVerification()` can be called with no arguments to access the default app's
* {@link PhoneNumberVerification} service or as `getPhoneNumberVerification(app)` to access the
* {@link PhoneNumberVerification} service associated with a specific app.
*
* @example
* ```javascript
* // Get the PhoneNumberVerification service for the default app
* const defaultPnv = getPhoneNumberVerification();
* ```
*
* @example
* ```javascript
* // Get the PhoneNumberVerification service for a given app
* const otherPnv = getPhoneNumberVerification(otherApp);
* ```
*
* @returns The {@link PhoneNumberVerification} service associated with the provided app.
*
*/
function getPhoneNumberVerification(app) {
if (typeof app === 'undefined') {
app = (0, app_1.getApp)();
}
const firebaseApp = app;
return firebaseApp.getOrInitService('phone-number-verification', (app) => new phone_number_verification_1.PhoneNumberVerification(app));
}

48
node_modules/firebase-admin/lib/phone-number-verification/phone-number-verification-api-client-internal.d.ts generated vendored Normal file
View File

@@ -0,0 +1,48 @@
/*! firebase-admin v13.8.0 */
/*!
* @license
* Copyright 2025 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import { PrefixedFirebaseError } from '../utils/error';
export interface FirebasePhoneNumberTokenInfo {
/** Documentation URL. */
url: string;
/** verify API name. */
verifyApiName: string;
/** The JWT full name. */
jwtName: string;
/** The JWT short name. */
shortName: string;
/** The JWT typ (Type) */
typ: string;
}
export declare const JWKS_URL = "https://fpnv.googleapis.com/v1beta/jwks";
export declare const FPNV_TOKEN_INFO: FirebasePhoneNumberTokenInfo;
export declare const FPNV_ERROR_CODE_MAPPING: {
INVALID_ARGUMENT: "invalid-argument";
INVALID_TOKEN: "invalid-token";
EXPIRED_TOKEN: "expired-token";
};
export type PhoneNumberVerificationErrorCode = 'invalid-argument' | 'invalid-token' | 'expired-token';
/**
* Firebase Phone Number Verification error code structure. This extends `PrefixedFirebaseError`.
*
* @param code - The error code.
* @param message - The error message.
* @constructor
*/
export declare class FirebasePhoneNumberVerificationError extends PrefixedFirebaseError {
constructor(code: PhoneNumberVerificationErrorCode, message: string);
}

52
node_modules/firebase-admin/lib/phone-number-verification/phone-number-verification-api-client-internal.js generated vendored Normal file
View File

@@ -0,0 +1,52 @@
/*! firebase-admin v13.8.0 */
"use strict";
/*!
* @license
* Copyright 2025 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
exports.FirebasePhoneNumberVerificationError = exports.FPNV_ERROR_CODE_MAPPING = exports.FPNV_TOKEN_INFO = exports.JWKS_URL = void 0;
const error_1 = require("../utils/error");
exports.JWKS_URL = 'https://fpnv.googleapis.com/v1beta/jwks';
exports.FPNV_TOKEN_INFO = {
url: 'https://firebase.google.com/docs/phone-number-verification',
verifyApiName: 'verifyToken()',
jwtName: 'Firebase Phone Verification token',
shortName: 'FPNV token',
typ: 'JWT',
};
exports.FPNV_ERROR_CODE_MAPPING = {
INVALID_ARGUMENT: 'invalid-argument',
INVALID_TOKEN: 'invalid-token',
EXPIRED_TOKEN: 'expired-token',
};
/**
* Firebase Phone Number Verification error code structure. This extends `PrefixedFirebaseError`.
*
* @param code - The error code.
* @param message - The error message.
* @constructor
*/
class FirebasePhoneNumberVerificationError extends error_1.PrefixedFirebaseError {
constructor(code, message) {
super('phone-number-verification', code, message);
/* tslint:disable:max-line-length */
// Set the prototype explicitly. See the following link for more details:
// https://github.com/Microsoft/TypeScript/wiki/Breaking-Changes#extending-built-ins-like-error-array-and-map-may-no-longer-work
/* tslint:enable:max-line-length */
this.__proto__ = FirebasePhoneNumberVerificationError.prototype;
}
}
exports.FirebasePhoneNumberVerificationError = FirebasePhoneNumberVerificationError;

72
node_modules/firebase-admin/lib/phone-number-verification/phone-number-verification-api.d.ts generated vendored Normal file
View File

@@ -0,0 +1,72 @@
/*! firebase-admin v13.8.0 */
/*!
* @license
* Copyright 2025 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* Interface representing a PhoneNumberVerification token.
*/
export interface PhoneNumberVerificationToken {
/**
* The issuer identifier for the issuer of the response.
* This value is a URL with the format
* `https://fpnv.googleapis.com/projects/<PROJECT_NUMBER>`, where `<PROJECT_NUMBER>` is the
* project number of your Firebase project, and the
* same project number specified in the {@link PhoneNumberVerificationToken.aud} property.
*/
iss: string;
/**
* The audience for which this token is intended.
* This value is a JSON array of two strings, the first is the project number of your
* Firebase project, and the second is the project ID of the same project.
*/
aud: string[];
/**
* The PhoneNumber Verification token's expiration time, in seconds since the Unix epoch. That is, the
* time at which this PhoneNumber Verification token expires and should no longer be considered valid.
*/
exp: number;
/**
* The PhoneNumber Verification token's issued-at time, in seconds since the Unix epoch. That is, the
* time at which this PhoneNumber Verification token was issued and should start to be considered
* valid.
*/
iat: number;
/**
* The phone number corresponding to this token.
* As a convenience, this value is copied over to the
* {@link PhoneNumberVerificationToken.phoneNumber | phoneNumber} property.
*/
sub: string;
/**
* A case-sensitive string that uniquely identifies a specific JWT instance
*/
jti: string;
/**
* A unique, single-use "number used once" value.
*/
nonce: string;
/**
* The corresponding user's phone number.
* This value is not actually one of the JWT token claims. It is added as a
* convenience, and is set as the value of the {@link PhoneNumberVerificationToken.sub} property.
*/
phoneNumber: string;
/**
* Other arbitrary claims included in the token.
*/
[key: string]: any;
}
export { PhoneNumberVerificationErrorCode, FirebasePhoneNumberVerificationError, } from './phone-number-verification-api-client-internal';

22
node_modules/firebase-admin/lib/phone-number-verification/phone-number-verification-api.js generated vendored Normal file
View File

@@ -0,0 +1,22 @@
/*! firebase-admin v13.8.0 */
"use strict";
/*!
* @license
* Copyright 2025 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
exports.FirebasePhoneNumberVerificationError = void 0;
var phone_number_verification_api_client_internal_1 = require("./phone-number-verification-api-client-internal");
Object.defineProperty(exports, "FirebasePhoneNumberVerificationError", { enumerable: true, get: function () { return phone_number_verification_api_client_internal_1.FirebasePhoneNumberVerificationError; } });

39
node_modules/firebase-admin/lib/phone-number-verification/phone-number-verification.d.ts generated vendored Normal file
View File

@@ -0,0 +1,39 @@
/*! firebase-admin v13.8.0 */
/*!
* @license
* Copyright 2025 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import { App } from '../app';
import { PhoneNumberVerificationToken } from './phone-number-verification-api';
/**
* PhoneNumberVerification service bound to the provided app.
*/
export declare class PhoneNumberVerification {
private readonly appInternal;
private readonly phoneNumberVerificationVerifier;
/**
* Returns the app associated with this `PhoneNumberVerification` instance.
*
* @returns The app associated with this `PhoneNumberVerification` instance.
*/
get app(): App;
/**
* Verifies a Firebase Phone Number Verification token.
*
* @param jwt - A string containing the Firebase Phone Number Verification JWT.
* @returns A promise that resolves with the decoded token.
*/
verifyToken(jwt: string): Promise<PhoneNumberVerificationToken>;
}

54
node_modules/firebase-admin/lib/phone-number-verification/phone-number-verification.js generated vendored Normal file
View File

@@ -0,0 +1,54 @@
/*! firebase-admin v13.8.0 */
"use strict";
/*!
* @license
* Copyright 2025 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
exports.PhoneNumberVerification = void 0;
const token_verifier_1 = require("./token-verifier");
const phone_number_verification_api_client_internal_1 = require("./phone-number-verification-api-client-internal");
/**
* PhoneNumberVerification service bound to the provided app.
*/
class PhoneNumberVerification {
/**
* @param app - The app for this `PhoneNumberVerification` service.
* @constructor
* @internal
*/
constructor(app) {
this.appInternal = app;
this.phoneNumberVerificationVerifier = new token_verifier_1.PhoneNumberTokenVerifier(phone_number_verification_api_client_internal_1.JWKS_URL, 'https://fpnv.googleapis.com/projects/', phone_number_verification_api_client_internal_1.FPNV_TOKEN_INFO, app);
}
/**
* Returns the app associated with this `PhoneNumberVerification` instance.
*
* @returns The app associated with this `PhoneNumberVerification` instance.
*/
get app() {
return this.appInternal;
}
/**
* Verifies a Firebase Phone Number Verification token.
*
* @param jwt - A string containing the Firebase Phone Number Verification JWT.
* @returns A promise that resolves with the decoded token.
*/
verifyToken(jwt) {
return this.phoneNumberVerificationVerifier.verifyJWT(jwt);
}
}
exports.PhoneNumberVerification = PhoneNumberVerification;

35
node_modules/firebase-admin/lib/phone-number-verification/token-verifier.d.ts generated vendored Normal file
View File

@@ -0,0 +1,35 @@
/*! firebase-admin v13.8.0 */
/*!
* @license
* Copyright 2025 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import { App } from '../app';
import { PhoneNumberVerificationToken } from './phone-number-verification-api';
import { FirebasePhoneNumberTokenInfo } from './phone-number-verification-api-client-internal';
export declare class PhoneNumberTokenVerifier {
private readonly issuer;
private readonly tokenInfo;
private readonly app;
private readonly shortNameArticle;
private readonly signatureVerifier;
constructor(jwksUrl: string, issuer: string, tokenInfo: FirebasePhoneNumberTokenInfo, app: App);
verifyJWT(jwtToken: string): Promise<PhoneNumberVerificationToken>;
private ensureProjectId;
private decodeAndVerify;
private safeDecode;
private verifyContent;
private verifySignature;
private mapJwtErrorToAuthError;
}

170
node_modules/firebase-admin/lib/phone-number-verification/token-verifier.js generated vendored Normal file
View File

@@ -0,0 +1,170 @@
/*! firebase-admin v13.8.0 */
"use strict";
/*!
* @license
* Copyright 2025 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
exports.PhoneNumberTokenVerifier = void 0;
const phone_number_verification_api_1 = require("./phone-number-verification-api");
const util = require("../utils/index");
const validator = require("../utils/validator");
const jwt_1 = require("../utils/jwt");
const phone_number_verification_api_client_internal_1 = require("./phone-number-verification-api-client-internal");
class PhoneNumberTokenVerifier {
constructor(jwksUrl, issuer, tokenInfo, app) {
this.issuer = issuer;
this.tokenInfo = tokenInfo;
this.app = app;
if (!validator.isURL(jwksUrl)) {
throw new phone_number_verification_api_1.FirebasePhoneNumberVerificationError(phone_number_verification_api_client_internal_1.FPNV_ERROR_CODE_MAPPING.INVALID_ARGUMENT, 'The provided public client certificate URL is an invalid URL.');
}
else if (!validator.isURL(issuer)) {
throw new phone_number_verification_api_1.FirebasePhoneNumberVerificationError(phone_number_verification_api_client_internal_1.FPNV_ERROR_CODE_MAPPING.INVALID_ARGUMENT, 'The provided JWT issuer is an invalid URL.');
}
else if (!validator.isNonNullObject(tokenInfo)) {
throw new phone_number_verification_api_1.FirebasePhoneNumberVerificationError(phone_number_verification_api_client_internal_1.FPNV_ERROR_CODE_MAPPING.INVALID_ARGUMENT, 'The provided JWT information is not an object or null.');
}
else if (!validator.isURL(tokenInfo.url)) {
throw new phone_number_verification_api_1.FirebasePhoneNumberVerificationError(phone_number_verification_api_client_internal_1.FPNV_ERROR_CODE_MAPPING.INVALID_ARGUMENT, 'The provided JWT verification documentation URL is invalid.');
}
else if (!validator.isNonEmptyString(tokenInfo.verifyApiName)) {
throw new phone_number_verification_api_1.FirebasePhoneNumberVerificationError(phone_number_verification_api_client_internal_1.FPNV_ERROR_CODE_MAPPING.INVALID_ARGUMENT, 'The JWT verify API name must be a non-empty string.');
}
else if (!validator.isNonEmptyString(tokenInfo.jwtName)) {
throw new phone_number_verification_api_1.FirebasePhoneNumberVerificationError(phone_number_verification_api_client_internal_1.FPNV_ERROR_CODE_MAPPING.INVALID_ARGUMENT, 'The JWT public full name must be a non-empty string.');
}
else if (!validator.isNonEmptyString(tokenInfo.shortName)) {
throw new phone_number_verification_api_1.FirebasePhoneNumberVerificationError(phone_number_verification_api_client_internal_1.FPNV_ERROR_CODE_MAPPING.INVALID_ARGUMENT, 'The JWT public short name must be a non-empty string.');
}
this.shortNameArticle = tokenInfo.shortName.charAt(0).match(/[aeiou]/i) ? 'an' : 'a';
this.signatureVerifier = jwt_1.PublicKeySignatureVerifier.withJwksUrl(jwksUrl, app.options.httpAgent);
// Project ID is validated in the verification call.
}
async verifyJWT(jwtToken) {
if (!validator.isString(jwtToken)) {
throw new phone_number_verification_api_1.FirebasePhoneNumberVerificationError(phone_number_verification_api_client_internal_1.FPNV_ERROR_CODE_MAPPING.INVALID_TOKEN, `First argument to ${this.tokenInfo.verifyApiName} must be a string.`);
}
const projectId = await this.ensureProjectId();
const decoded = await this.decodeAndVerify(jwtToken, projectId);
const decodedIdToken = decoded.payload;
decodedIdToken.phoneNumber = decodedIdToken.sub;
return decodedIdToken;
}
async ensureProjectId() {
const projectId = await util.findProjectId(this.app);
if (!validator.isNonEmptyString(projectId)) {
throw new phone_number_verification_api_1.FirebasePhoneNumberVerificationError(phone_number_verification_api_client_internal_1.FPNV_ERROR_CODE_MAPPING.INVALID_ARGUMENT, 'Must initialize app with a cert credential or set your Firebase project ID as the ' +
`GOOGLE_CLOUD_PROJECT environment variable to call ${this.tokenInfo.verifyApiName}.`);
}
return projectId;
}
async decodeAndVerify(token, projectId) {
const decodedToken = await this.safeDecode(token);
this.verifyContent(decodedToken, projectId);
await this.verifySignature(token);
return decodedToken;
}
async safeDecode(jwtToken) {
try {
return await (0, jwt_1.decodeJwt)(jwtToken);
}
catch (err) {
if (err.code === jwt_1.JwtErrorCode.INVALID_ARGUMENT) {
const verifyJwtTokenDocsMessage = ` See ${this.tokenInfo.url} ` +
`for details on how to retrieve ${this.shortNameArticle} ${this.tokenInfo.shortName}.`;
const errorMessage = `Decoding ${this.tokenInfo.jwtName} failed. Make sure you passed ` +
`the entire string JWT which represents ${this.shortNameArticle} ` +
`${this.tokenInfo.shortName}.` + verifyJwtTokenDocsMessage;
throw new phone_number_verification_api_1.FirebasePhoneNumberVerificationError(phone_number_verification_api_client_internal_1.FPNV_ERROR_CODE_MAPPING.INVALID_ARGUMENT, errorMessage);
}
throw new phone_number_verification_api_1.FirebasePhoneNumberVerificationError(phone_number_verification_api_client_internal_1.FPNV_ERROR_CODE_MAPPING.INVALID_ARGUMENT, err.message);
}
}
verifyContent(fullDecodedToken, projectId) {
const header = fullDecodedToken && fullDecodedToken.header;
const payload = fullDecodedToken && fullDecodedToken.payload;
const projectIdMatchMessage = ` Make sure the ${this.tokenInfo.shortName} comes from the same ` +
'Firebase project as the service account used to authenticate this SDK.';
const verifyJwtTokenDocsMessage = ` See ${this.tokenInfo.url} ` +
`for details on how to retrieve ${this.shortNameArticle} ${this.tokenInfo.shortName}.`;
const scopedProjectId = `${this.issuer}${projectId}`;
let errorMessage;
// JWT Header
if (!header || typeof header.kid === 'undefined') {
errorMessage = `${this.tokenInfo.jwtName} has no "kid" claim.`;
errorMessage += verifyJwtTokenDocsMessage;
}
else if (header.alg !== jwt_1.ALGORITHM_ES256) {
errorMessage = `${this.tokenInfo.jwtName} has incorrect algorithm. Expected ` +
`"${jwt_1.ALGORITHM_ES256}" but got "${header.alg}". ${verifyJwtTokenDocsMessage}`;
}
else if (header.typ !== this.tokenInfo.typ) {
errorMessage = `${this.tokenInfo.jwtName} has incorrect typ. Expected "${this.tokenInfo.typ}" but got ` +
`"${header.typ}". ${verifyJwtTokenDocsMessage}`;
}
// FPNV Token
else if (!payload) {
errorMessage = `${this.tokenInfo.jwtName} has no payload. ${verifyJwtTokenDocsMessage}`;
}
else if (typeof payload.iss !== 'string' || !payload.iss.startsWith(this.issuer)) {
errorMessage = `${this.tokenInfo.jwtName} has incorrect "iss" (issuer) claim. Expected ` +
`an issuer starting with "${this.issuer}" but got "${payload.iss}".`
+ ` ${projectIdMatchMessage} ${verifyJwtTokenDocsMessage}`;
}
else if (!validator.isNonEmptyArray(payload.aud) || !payload.aud.includes(scopedProjectId)) {
errorMessage = `${this.tokenInfo.jwtName} has incorrect "aud" (audience) claim. Expected ` +
`"${scopedProjectId}" to be one of "${payload.aud}". ${projectIdMatchMessage} ${verifyJwtTokenDocsMessage}`;
}
else if (typeof payload.sub !== 'string') {
errorMessage = `${this.tokenInfo.jwtName} has no "sub" (subject) claim. ${verifyJwtTokenDocsMessage}`;
}
else if (payload.sub === '') {
errorMessage = `${this.tokenInfo.jwtName} has an empty "sub" (subject) claim. ${verifyJwtTokenDocsMessage}`;
}
if (errorMessage) {
throw new phone_number_verification_api_1.FirebasePhoneNumberVerificationError(phone_number_verification_api_client_internal_1.FPNV_ERROR_CODE_MAPPING.INVALID_ARGUMENT, errorMessage);
}
}
async verifySignature(jwtToken) {
try {
return await this.signatureVerifier.verify(jwtToken);
}
catch (error) {
throw this.mapJwtErrorToAuthError(error);
}
}
mapJwtErrorToAuthError(error) {
const verifyJwtTokenDocsMessage = ` See ${this.tokenInfo.url} ` +
`for details on how to retrieve ${this.shortNameArticle} ${this.tokenInfo.shortName}.`;
if (error.code === jwt_1.JwtErrorCode.TOKEN_EXPIRED) {
const errorMessage = `${this.tokenInfo.jwtName} has expired. Get a fresh ${this.tokenInfo.shortName}` +
` from your client app and try again. ${verifyJwtTokenDocsMessage}`;
return new phone_number_verification_api_1.FirebasePhoneNumberVerificationError(phone_number_verification_api_client_internal_1.FPNV_ERROR_CODE_MAPPING.EXPIRED_TOKEN, errorMessage);
}
else if (error.code === jwt_1.JwtErrorCode.INVALID_SIGNATURE) {
const errorMessage = `${this.tokenInfo.jwtName} has invalid signature. ${verifyJwtTokenDocsMessage}`;
return new phone_number_verification_api_1.FirebasePhoneNumberVerificationError(phone_number_verification_api_client_internal_1.FPNV_ERROR_CODE_MAPPING.INVALID_ARGUMENT, errorMessage);
}
else if (error.code === jwt_1.JwtErrorCode.NO_MATCHING_KID) {
const errorMessage = `${this.tokenInfo.jwtName} has "kid" claim which does not ` +
`correspond to a known public key. Most likely the ${this.tokenInfo.shortName} ` +
'is expired, so get a fresh token from your client app and try again.';
return new phone_number_verification_api_1.FirebasePhoneNumberVerificationError(phone_number_verification_api_client_internal_1.FPNV_ERROR_CODE_MAPPING.INVALID_ARGUMENT, errorMessage);
}
return new phone_number_verification_api_1.FirebasePhoneNumberVerificationError(phone_number_verification_api_client_internal_1.FPNV_ERROR_CODE_MAPPING.INVALID_ARGUMENT, error.message);
}
}
exports.PhoneNumberTokenVerifier = PhoneNumberTokenVerifier;