-
Notifications
You must be signed in to change notification settings - Fork 356
/
auth.d.ts
2050 lines (1801 loc) · 67.5 KB
/
auth.d.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
import * as _admin from './index.d';
/* eslint-disable @typescript-eslint/ban-types */
export namespace admin.auth {
/**
* Interface representing a user's metadata.
*/
interface UserMetadata {
/**
* The date the user last signed in, formatted as a UTC string.
*/
lastSignInTime: string;
/**
* The date the user was created, formatted as a UTC string.
*/
creationTime: string;
/**
* The time at which the user was last active (ID token refreshed),
* formatted as a UTC Date string (eg 'Sat, 03 Feb 2001 04:05:06 GMT').
* Returns null if the user was never active.
*/
lastRefreshTime?: string|null;
/**
* @return A JSON-serializable representation of this object.
*/
toJSON(): Object;
}
/**
* Interface representing a user's info from a third-party identity provider
* such as Google or Facebook.
*/
interface UserInfo {
/**
* The user identifier for the linked provider.
*/
uid: string;
/**
* The display name for the linked provider.
*/
displayName: string;
/**
* The email for the linked provider.
*/
email: string;
/**
* The phone number for the linked provider.
*/
phoneNumber: string;
/**
* The photo URL for the linked provider.
*/
photoURL: string;
/**
* The linked provider ID (for example, "google.com" for the Google provider).
*/
providerId: string;
/**
* @return A JSON-serializable representation of this object.
*/
toJSON(): Object;
}
/**
* Interface representing the common properties of a user enrolled second factor.
*/
interface MultiFactorInfo {
/**
* The ID of the enrolled second factor. This ID is unique to the user.
*/
uid: string;
/**
* The optional display name of the enrolled second factor.
*/
displayName?: string;
/**
* The optional date the second factor was enrolled, formatted as a UTC string.
*/
enrollmentTime?: string;
/**
* The type identifier of the second factor. For SMS second factors, this is `phone`.
*/
factorId: string;
/**
* @return A JSON-serializable representation of this object.
*/
toJSON(): Object;
}
/**
* Interface representing a phone specific user enrolled second factor.
*/
interface PhoneMultiFactorInfo extends MultiFactorInfo {
/**
* The phone number associated with a phone second factor.
*/
phoneNumber: string;
}
/**
* Interface representing a user.
*/
interface UserRecord {
/**
* The user's `uid`.
*/
uid: string;
/**
* The user's primary email, if set.
*/
email?: string;
/**
* Whether or not the user's primary email is verified.
*/
emailVerified: boolean;
/**
* The user's display name.
*/
displayName?: string;
/**
* The user's primary phone number, if set.
*/
phoneNumber?: string;
/**
* The user's photo URL.
*/
photoURL?: string;
/**
* Whether or not the user is disabled: `true` for disabled; `false` for
* enabled.
*/
disabled: boolean;
/**
* Additional metadata about the user.
*/
metadata: admin.auth.UserMetadata;
/**
* An array of providers (for example, Google, Facebook) linked to the user.
*/
providerData: admin.auth.UserInfo[];
/**
* The user's hashed password (base64-encoded), only if Firebase Auth hashing
* algorithm (SCRYPT) is used. If a different hashing algorithm had been used
* when uploading this user, as is typical when migrating from another Auth
* system, this will be an empty string. If no password is set, this is
* null. This is only available when the user is obtained from
* {@link https://firebase.google.com/docs/reference/admin/node/admin.auth.Auth#listUsers `listUsers()`}.
*
*/
passwordHash?: string;
/**
* The user's password salt (base64-encoded), only if Firebase Auth hashing
* algorithm (SCRYPT) is used. If a different hashing algorithm had been used to
* upload this user, typical when migrating from another Auth system, this will
* be an empty string. If no password is set, this is null. This is only
* available when the user is obtained from
* {@link https://firebase.google.com/docs/reference/admin/node/admin.auth.Auth#listUsers `listUsers()`}.
*
*/
passwordSalt?: string;
/**
* The user's custom claims object if available, typically used to define
* user roles and propagated to an authenticated user's ID token.
* This is set via
* {@link https://firebase.google.com/docs/reference/admin/node/admin.auth.Auth#setCustomUserClaims `setCustomUserClaims()`}
*/
customClaims?: {[key: string]: any};
/**
* The date the user's tokens are valid after, formatted as a UTC string.
* This is updated every time the user's refresh token are revoked either
* from the {@link https://firebase.google.com/docs/reference/admin/node/admin.auth.Auth#revokeRefreshTokens `revokeRefreshTokens()`}
* API or from the Firebase Auth backend on big account changes (password
* resets, password or email updates, etc).
*/
tokensValidAfterTime?: string;
/**
* The ID of the tenant the user belongs to, if available.
*/
tenantId?: string | null;
/**
* The multi-factor related properties for the current user, if available.
*/
multiFactor?: admin.auth.MultiFactorSettings;
/**
* @return A JSON-serializable representation of this object.
*/
toJSON(): Object;
}
/**
* The multi-factor related user settings.
*/
interface MultiFactorSettings {
/**
* List of second factors enrolled with the current user.
* Currently only phone second factors are supported.
*/
enrolledFactors: admin.auth.MultiFactorInfo[];
/**
* @return A JSON-serializable representation of this multi-factor object.
*/
toJSON(): Object;
}
/**
* The multi-factor related user settings for create operations.
*/
interface MultiFactorCreateSettings {
/**
* The created user's list of enrolled second factors.
*/
enrolledFactors: admin.auth.CreateMultiFactorInfoRequest[];
}
/**
* The multi-factor related user settings for update operations.
*/
interface MultiFactorUpdateSettings {
/**
* The updated list of enrolled second factors. The provided list overwrites the user's
* existing list of second factors.
* When null is passed, all of the user's existing second factors are removed.
*/
enrolledFactors: admin.auth.UpdateMultiFactorInfoRequest[] | null;
}
/**
* Interface representing common properties of a user enrolled second factor
* for an `UpdateRequest`.
*/
interface UpdateMultiFactorInfoRequest {
/**
* The ID of the enrolled second factor. This ID is unique to the user. When not provided,
* a new one is provisioned by the Auth server.
*/
uid?: string;
/**
* The optional display name for an enrolled second factor.
*/
displayName?: string;
/**
* The optional date the second factor was enrolled, formatted as a UTC string.
*/
enrollmentTime?: string;
/**
* The type identifier of the second factor. For SMS second factors, this is `phone`.
*/
factorId: string;
}
/**
* Interface representing a phone specific user enrolled second factor
* for an `UpdateRequest`.
*/
interface UpdatePhoneMultiFactorInfoRequest extends UpdateMultiFactorInfoRequest {
/**
* The phone number associated with a phone second factor.
*/
phoneNumber: string;
}
/**
* Interface representing the properties to update on the provided user.
*/
interface UpdateRequest {
/**
* Whether or not the user is disabled: `true` for disabled;
* `false` for enabled.
*/
disabled?: boolean;
/**
* The user's display name.
*/
displayName?: string | null;
/**
* The user's primary email.
*/
email?: string;
/**
* Whether or not the user's primary email is verified.
*/
emailVerified?: boolean;
/**
* The user's unhashed password.
*/
password?: string;
/**
* The user's primary phone number.
*/
phoneNumber?: string | null;
/**
* The user's photo URL.
*/
photoURL?: string | null;
/**
* The user's updated multi-factor related properties.
*/
multiFactor?: admin.auth.MultiFactorUpdateSettings;
}
/**
* Interface representing base properties of a user enrolled second factor for a
* `CreateRequest`.
*/
interface CreateMultiFactorInfoRequest {
/**
* The optional display name for an enrolled second factor.
*/
displayName?: string;
/**
* The type identifier of the second factor. For SMS second factors, this is `phone`.
*/
factorId: string;
}
/**
* Interface representing a phone specific user enrolled second factor for a
* `CreateRequest`.
*/
interface CreatePhoneMultiFactorInfoRequest extends CreateMultiFactorInfoRequest {
/**
* The phone number associated with a phone second factor.
*/
phoneNumber: string;
}
/**
* Interface representing the properties to set on a new user record to be
* created.
*/
interface CreateRequest extends UpdateRequest {
/**
* The user's `uid`.
*/
uid?: string;
/**
* The user's multi-factor related properties.
*/
multiFactor?: admin.auth.MultiFactorCreateSettings;
}
/**
* Interface representing a decoded Firebase ID token, returned from the
* {@link https://firebase.google.com/docs/reference/admin/node/admin.auth.Auth#verifyidtoken `verifyIdToken()`} method.
*
* Firebase ID tokens are OpenID Connect spec-compliant JSON Web Tokens (JWTs).
* See the
* [ID Token section of the OpenID Connect spec](http://openid.net/specs/openid-connect-core-1_0.html#IDToken)
* for more information about the specific properties below.
*/
interface DecodedIdToken {
/**
* The audience for which this token is intended.
*
* This value is a string equal to your Firebase project ID, the unique
* identifier for your Firebase project, which can be found in [your project's
* settings](https://console.firebase.google.com/project/_/settings/general/android:com.random.android).
*/
aud: string;
/**
* Time, in seconds since the Unix epoch, when the end-user authentication
* occurred.
*
* This value is not set when this particular ID token was created, but when the
* user initially logged in to this session. In a single session, the Firebase
* SDKs will refresh a user's ID tokens every hour. Each ID token will have a
* different [`iat`](#iat) value, but the same `auth_time` value.
*/
auth_time: number;
/**
* The email of the user to whom the ID token belongs, if available.
*/
email?: string;
/**
* Whether or not the email of the user to whom the ID token belongs is
* verified, provided the user has an email.
*/
email_verified?: boolean;
/**
* The ID token's expiration time, in seconds since the Unix epoch. That is, the
* time at which this ID token expires and should no longer be considered valid.
*
* The Firebase SDKs transparently refresh ID tokens every hour, issuing a new
* ID token with up to a one hour expiration.
*/
exp: number;
/**
* Information about the sign in event, including which sign in provider was
* used and provider-specific identity details.
*
* This data is provided by the Firebase Authentication service and is a
* reserved claim in the ID token.
*/
firebase: {
/**
* Provider-specific identity details corresponding
* to the provider used to sign in the user.
*/
identities: {
[key: string]: any;
};
/**
* The ID of the provider used to sign in the user.
* One of `"anonymous"`, `"password"`, `"facebook.com"`, `"github.com"`,
* `"google.com"`, `"twitter.com"`, or `"custom"`.
*/
sign_in_provider: string;
/**
* The type identifier or `factorId` of the second factor, provided the
* ID token was obtained from a multi-factor authenticated user.
* For phone, this is `"phone"`.
*/
sign_in_second_factor?: string;
/**
* The `uid` of the second factor used to sign in, provided the
* ID token was obtained from a multi-factor authenticated user.
*/
second_factor_identifier?: string;
/**
* The ID of the tenant the user belongs to, if available.
*/
tenant?: string;
[key: string]: any;
};
/**
* The ID token's issued-at time, in seconds since the Unix epoch. That is, the
* time at which this ID token was issued and should start to be considered
* valid.
*
* The Firebase SDKs transparently refresh ID tokens every hour, issuing a new
* ID token with a new issued-at time. If you want to get the time at which the
* user session corresponding to the ID token initially occurred, see the
* [`auth_time`](#auth_time) property.
*/
iat: number;
/**
* The issuer identifier for the issuer of the response.
*
* This value is a URL with the format
* `https://securetoken.google.com/<PROJECT_ID>`, where `<PROJECT_ID>` is the
* same project ID specified in the [`aud`](#aud) property.
*/
iss: string;
/**
* The phone number of the user to whom the ID token belongs, if available.
*/
phone_number?: string;
/**
* The photo URL for the user to whom the ID token belongs, if available.
*/
picture?: string;
/**
* The `uid` corresponding to the user who the ID token belonged to.
*
* As a convenience, this value is copied over to the [`uid`](#uid) property.
*/
sub: string;
/**
* The `uid` corresponding to the user who the ID token belonged to.
*
* This value is not actually in the JWT token claims itself. It is added as a
* convenience, and is set as the value of the [`sub`](#sub) property.
*/
uid: string;
[key: string]: any;
}
/** Represents the result of the {@link admin.auth.getUsers()} API. */
interface GetUsersResult {
/**
* Set of user records, corresponding to the set of users that were
* requested. Only users that were found are listed here. The result set is
* unordered.
*/
users: UserRecord[];
/** Set of identifiers that were requested, but not found. */
notFound: UserIdentifier[];
}
/**
* Interface representing the object returned from a
* {@link https://firebase.google.com/docs/reference/admin/node/admin.auth.Auth#listUsers `listUsers()`} operation. Contains the list
* of users for the current batch and the next page token if available.
*/
interface ListUsersResult {
/**
* The list of {@link admin.auth.UserRecord `UserRecord`} objects for the
* current downloaded batch.
*/
users: admin.auth.UserRecord[];
/**
* The next page token if available. This is needed for the next batch download.
*/
pageToken?: string;
}
type HashAlgorithmType = 'SCRYPT' | 'STANDARD_SCRYPT' | 'HMAC_SHA512' |
'HMAC_SHA256' | 'HMAC_SHA1' | 'HMAC_MD5' | 'MD5' | 'PBKDF_SHA1' | 'BCRYPT' |
'PBKDF2_SHA256' | 'SHA512' | 'SHA256' | 'SHA1';
/**
* Interface representing the user import options needed for
* {@link https://firebase.google.com/docs/reference/admin/node/admin.auth.Auth#importUsers `importUsers()`} method. This is used to
* provide the password hashing algorithm information.
*/
interface UserImportOptions {
/**
* The password hashing information.
*/
hash: {
/**
* The password hashing algorithm identifier. The following algorithm
* identifiers are supported:
* `SCRYPT`, `STANDARD_SCRYPT`, `HMAC_SHA512`, `HMAC_SHA256`, `HMAC_SHA1`,
* `HMAC_MD5`, `MD5`, `PBKDF_SHA1`, `BCRYPT`, `PBKDF2_SHA256`, `SHA512`,
* `SHA256` and `SHA1`.
*/
algorithm: HashAlgorithmType;
/**
* The signing key used in the hash algorithm in buffer bytes.
* Required by hashing algorithms `SCRYPT`, `HMAC_SHA512`, `HMAC_SHA256`,
* `HAMC_SHA1` and `HMAC_MD5`.
*/
key?: Buffer;
/**
* The salt separator in buffer bytes which is appended to salt when
* verifying a password. This is only used by the `SCRYPT` algorithm.
*/
saltSeparator?: Buffer;
/**
* The number of rounds for hashing calculation.
* Required for `SCRYPT`, `MD5`, `SHA512`, `SHA256`, `SHA1`, `PBKDF_SHA1` and
* `PBKDF2_SHA256`.
*/
rounds?: number;
/**
* The memory cost required for `SCRYPT` algorithm, or the CPU/memory cost.
* Required for `STANDARD_SCRYPT` algorithm.
*/
memoryCost?: number;
/**
* The parallelization of the hashing algorithm. Required for the
* `STANDARD_SCRYPT` algorithm.
*/
parallelization?: number;
/**
* The block size (normally 8) of the hashing algorithm. Required for the
* `STANDARD_SCRYPT` algorithm.
*/
blockSize?: number;
/**
* The derived key length of the hashing algorithm. Required for the
* `STANDARD_SCRYPT` algorithm.
*/
derivedKeyLength?: number;
};
}
/**
* Interface representing the response from the
* {@link https://firebase.google.com/docs/reference/admin/node/admin.auth.Auth#importUsers `importUsers()`} method for batch
* importing users to Firebase Auth.
*/
interface UserImportResult {
/**
* The number of user records that failed to import to Firebase Auth.
*/
failureCount: number;
/**
* The number of user records that successfully imported to Firebase Auth.
*/
successCount: number;
/**
* An array of errors corresponding to the provided users to import. The
* length of this array is equal to [`failureCount`](#failureCount).
*/
errors: _admin.FirebaseArrayIndexError[];
}
/**
* Represents the result of the
* {@link https://firebase.google.com/docs/reference/admin/node/admin.auth.Auth#deleteUsers `deleteUsers()`}
* API.
*/
interface DeleteUsersResult {
/**
* The number of user records that failed to be deleted (possibly zero).
*/
failureCount: number;
/**
* The number of users that were deleted successfully (possibly zero).
* Users that did not exist prior to calling `deleteUsers()` are
* considered to be successfully deleted.
*/
successCount: number;
/**
* A list of `FirebaseArrayIndexError` instances describing the errors that
* were encountered during the deletion. Length of this list is equal to
* the return value of [`failureCount`](#failureCount).
*/
errors: _admin.FirebaseArrayIndexError[];
}
/**
* User metadata to include when importing a user.
*/
interface UserMetadataRequest {
/**
* The date the user last signed in, formatted as a UTC string.
*/
lastSignInTime?: string;
/**
* The date the user was created, formatted as a UTC string.
*/
creationTime?: string;
}
/**
* User provider data to include when importing a user.
*/
interface UserProviderRequest {
/**
* The user identifier for the linked provider.
*/
uid: string;
/**
* The display name for the linked provider.
*/
displayName?: string;
/**
* The email for the linked provider.
*/
email?: string;
/**
* The phone number for the linked provider.
*/
phoneNumber?: string;
/**
* The photo URL for the linked provider.
*/
photoURL?: string;
/**
* The linked provider ID (for example, "google.com" for the Google provider).
*/
providerId: string;
}
/**
* Interface representing a user to import to Firebase Auth via the
* {@link https://firebase.google.com/docs/reference/admin/node/admin.auth.Auth#importUsers `importUsers()`} method.
*/
interface UserImportRecord {
/**
* The user's `uid`.
*/
uid: string;
/**
* The user's primary email, if set.
*/
email?: string;
/**
* Whether or not the user's primary email is verified.
*/
emailVerified?: boolean;
/**
* The user's display name.
*/
displayName?: string;
/**
* The user's primary phone number, if set.
*/
phoneNumber?: string;
/**
* The user's photo URL.
*/
photoURL?: string;
/**
* Whether or not the user is disabled: `true` for disabled; `false` for
* enabled.
*/
disabled?: boolean;
/**
* Additional metadata about the user.
*/
metadata?: admin.auth.UserMetadataRequest;
/**
* An array of providers (for example, Google, Facebook) linked to the user.
*/
providerData?: admin.auth.UserProviderRequest[];
/**
* The user's custom claims object if available, typically used to define
* user roles and propagated to an authenticated user's ID token.
*/
customClaims?: {[key: string]: any};
/**
* The buffer of bytes representing the user's hashed password.
* When a user is to be imported with a password hash,
* {@link admin.auth.UserImportOptions `UserImportOptions`} are required to be
* specified to identify the hashing algorithm used to generate this hash.
*/
passwordHash?: Buffer;
/**
* The buffer of bytes representing the user's password salt.
*/
passwordSalt?: Buffer;
/**
* The identifier of the tenant where user is to be imported to.
* When not provided in an `admin.auth.Auth` context, the user is uploaded to
* the default parent project.
* When not provided in an `admin.auth.TenantAwareAuth` context, the user is uploaded
* to the tenant corresponding to that `TenantAwareAuth` instance's tenant ID.
*/
tenantId?: string;
/**
* The user's multi-factor related properties.
*/
multiFactor?: admin.auth.MultiFactorUpdateSettings;
}
/**
* Interface representing the custom token options needed for the
* {@link https://firebase.google.com/docs/reference/admin/node/admin.auth.Auth#createcustomtoken `createCustomToken()`} method.
*/
interface CustomTokenOptions {
/**
* Optional additional claims to include in the JWT payload.
*/
developerClaims?: { [key: string]: any };
/**
* The JWT expiration in milliseconds. The minimum allowed is X and the maximum allowed is 1 hour.
* Defaults to 1 hour.
*/
expiresIn?: number;
}
/**
* Interface representing the session cookie options needed for the
* {@link https://firebase.google.com/docs/reference/admin/node/admin.auth.Auth#createSessionCookie `createSessionCookie()`} method.
*/
interface SessionCookieOptions {
/**
* The session cookie custom expiration in milliseconds. The minimum allowed is
* 5 minutes and the maxium allowed is 2 weeks.
*/
expiresIn: number;
}
/**
* This is the interface that defines the required continue/state URL with
* optional Android and iOS bundle identifiers.
*/
interface ActionCodeSettings {
/**
* Defines the link continue/state URL, which has different meanings in
* different contexts:
* <ul>
* <li>When the link is handled in the web action widgets, this is the deep
* link in the `continueUrl` query parameter.</li>
* <li>When the link is handled in the app directly, this is the `continueUrl`
* query parameter in the deep link of the Dynamic Link.</li>
* </ul>
*/
url: string;
/**
* Whether to open the link via a mobile app or a browser.
* The default is false. When set to true, the action code link is sent
* as a Universal Link or Android App Link and is opened by the app if
* installed. In the false case, the code is sent to the web widget first
* and then redirects to the app if installed.
*/
handleCodeInApp?: boolean;
/**
* Defines the iOS bundle ID. This will try to open the link in an iOS app if it
* is installed.
*/
iOS?: {
/**
* Defines the required iOS bundle ID of the app where the link should be
* handled if the application is already installed on the device.
*/
bundleId: string;
};
/**
* Defines the Android package name. This will try to open the link in an
* android app if it is installed. If `installApp` is passed, it specifies
* whether to install the Android app if the device supports it and the app is
* not already installed. If this field is provided without a `packageName`, an
* error is thrown explaining that the `packageName` must be provided in
* conjunction with this field. If `minimumVersion` is specified, and an older
* version of the app is installed, the user is taken to the Play Store to
* upgrade the app.
*/
android?: {
/**
* Defines the required Android package name of the app where the link should be
* handled if the Android app is installed.
*/
packageName: string;
/**
* Whether to install the Android app if the device supports it and the app is
* not already installed.
*/
installApp?: boolean;
/**
* The Android minimum version if available. If the installed app is an older
* version, the user is taken to the GOogle Play Store to upgrade the app.
*/
minimumVersion?: string;
};
/**
* Defines the dynamic link domain to use for the current link if it is to be
* opened using Firebase Dynamic Links, as multiple dynamic link domains can be
* configured per project. This field provides the ability to explicitly choose
* configured per project. This fields provides the ability explicitly choose
* one. If none is provided, the oldest domain is used by default.
*/
dynamicLinkDomain?: string;
}
/**
* Interface representing a tenant configuration.
*
* Multi-tenancy support requires Google Cloud's Identity Platform
* (GCIP). To learn more about GCIP, including pricing and features,
* see the [GCIP documentation](https://cloud.google.com/identity-platform)
*
* Before multi-tenancy can be used on a Google Cloud Identity Platform project,
* tenants must be allowed on that project via the Cloud Console UI.
*
* A tenant configuration provides information such as the display name, tenant
* identifier and email authentication configuration.
* For OIDC/SAML provider configuration management, `TenantAwareAuth` instances should
* be used instead of a `Tenant` to retrieve the list of configured IdPs on a tenant.
* When configuring these providers, note that tenants will inherit
* whitelisted domains and authenticated redirect URIs of their parent project.
*
* All other settings of a tenant will also be inherited. These will need to be managed
* from the Cloud Console UI.
*/
interface Tenant {
/**
* The tenant identifier.
*/
tenantId: string;
/**
* The tenant display name.
*/
displayName?: string;
/**
* The email sign in provider configuration.
*/
emailSignInConfig?: {
/**
* Whether email provider is enabled.
*/
enabled: boolean;
/**
* Whether password is required for email sign-in. When not required,
* email sign-in can be performed with password or via email link sign-in.
*/
passwordRequired?: boolean;
};
/**
* The multi-factor auth configuration on the current tenant.
*/
multiFactorConfig?: admin.auth.MultiFactorConfig;
/**
* The map containing the test phone number / code pairs for the tenant.
*/
testPhoneNumbers?: {[phoneNumber: string]: string};