@firebase/auth/dist/node-esm/internal.js.map

The Firebase Authenticaton component of the Firebase JS SDK.

{"version":3,"file":"internal.js","sources":["../../src/core/util/event_id.ts","../../src/platform_browser/util/popup.ts","../../src/core/util/resolver.ts","../../src/core/strategies/idp.ts","../../src/core/strategies/abstract_popup_redirect_operation.ts","../../src/core/strategies/redirect.ts","../../src/platform_browser/strategies/redirect.ts","../../src/core/persistence/index.ts","../../src/platform_browser/persistence/browser.ts","../../src/platform_browser/persistence/session_storage.ts","../../src/core/util/handler.ts","../../src/platform_cordova/plugins.ts","../../src/api/project_config/get_project_config.ts","../../src/platform_cordova/popup_redirect/utils.ts","../../src/core/auth/auth_event_manager.ts","../../src/platform_browser/persistence/local_storage.ts","../../src/platform_cordova/popup_redirect/events.ts","../../src/platform_cordova/popup_redirect/popup_redirect.ts","../../internal/index.ts"],"sourcesContent":["/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nexport function _generateEventId(prefix = '', digits = 10): string {\n  let random = '';\n  for (let i = 0; i < digits; i++) {\n    random += Math.floor(Math.random() * 10);\n  }\n  return prefix + random;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { getUA } from '@firebase/util';\n\nimport { AuthErrorCode } from '../../core/errors';\nimport { _assert } from '../../core/util/assert';\nimport {\n  _isChromeIOS,\n  _isFirefox,\n  _isIOSStandalone\n} from '../../core/util/browser';\nimport { AuthInternal } from '../../model/auth';\n\nconst BASE_POPUP_OPTIONS = {\n  location: 'yes',\n  resizable: 'yes',\n  statusbar: 'yes',\n  toolbar: 'no'\n};\n\nconst DEFAULT_WIDTH = 500;\nconst DEFAULT_HEIGHT = 600;\nconst TARGET_BLANK = '_blank';\n\nconst FIREFOX_EMPTY_URL = 'http://localhost';\n\nexport class AuthPopup {\n  associatedEvent: string | null = null;\n\n  constructor(readonly window: Window | null) {}\n\n  close(): void {\n    if (this.window) {\n      try {\n        this.window.close();\n      } catch (e) {}\n    }\n  }\n}\n\nexport function _open(\n  auth: AuthInternal,\n  url?: string,\n  name?: string,\n  width = DEFAULT_WIDTH,\n  height = DEFAULT_HEIGHT\n): AuthPopup {\n  const top = Math.max((window.screen.availHeight - height) / 2, 0).toString();\n  const left = Math.max((window.screen.availWidth - width) / 2, 0).toString();\n  let target = '';\n\n  const options: { [key: string]: string } = {\n    ...BASE_POPUP_OPTIONS,\n    width: width.toString(),\n    height: height.toString(),\n    top,\n    left\n  };\n\n  // Chrome iOS 7 and 8 is returning an undefined popup win when target is\n  // specified, even though the popup is not necessarily blocked.\n  const ua = getUA().toLowerCase();\n\n  if (name) {\n    target = _isChromeIOS(ua) ? TARGET_BLANK : name;\n  }\n\n  if (_isFirefox(ua)) {\n    // Firefox complains when invalid URLs are popped out. Hacky way to bypass.\n    url = url || FIREFOX_EMPTY_URL;\n    // Firefox disables by default scrolling on popup windows, which can create\n    // issues when the user has many Google accounts, for instance.\n    options.scrollbars = 'yes';\n  }\n\n  const optionsString = Object.entries(options).reduce(\n    (accum, [key, value]) => `${accum}${key}=${value},`,\n    ''\n  );\n\n  if (_isIOSStandalone(ua) && target !== '_self') {\n    openAsNewWindowIOS(url || '', target);\n    return new AuthPopup(null);\n  }\n\n  // about:blank getting sanitized causing browsers like IE/Edge to display\n  // brief error message before redirecting to handler.\n  const newWin = window.open(url || '', target, optionsString);\n  _assert(newWin, auth, AuthErrorCode.POPUP_BLOCKED);\n\n  // Flaky on IE edge, encapsulate with a try and catch.\n  try {\n    newWin.focus();\n  } catch (e) {}\n\n  return new AuthPopup(newWin);\n}\n\nfunction openAsNewWindowIOS(url: string, target: string): void {\n  const el = document.createElement('a');\n  el.href = url;\n  el.target = target;\n  const click = document.createEvent('MouseEvent');\n  click.initMouseEvent(\n    'click',\n    true,\n    true,\n    window,\n    1,\n    0,\n    0,\n    0,\n    0,\n    false,\n    false,\n    false,\n    false,\n    1,\n    null\n  );\n  el.dispatchEvent(click);\n}\n","/**\n * @license\n * Copyright 2021 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { PopupRedirectResolver } from '../../model/public_types';\nimport { AuthInternal } from '../../model/auth';\nimport { PopupRedirectResolverInternal } from '../../model/popup_redirect';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from './assert';\nimport { _getInstance } from './instantiator';\n\n/**\n * Chooses a popup/redirect resolver to use. This prefers the override (which\n * is directly passed in), and falls back to the property set on the auth\n * object. If neither are available, this function errors w/ an argument error.\n */\nexport function _withDefaultResolver(\n  auth: AuthInternal,\n  resolverOverride: PopupRedirectResolver | undefined\n): PopupRedirectResolverInternal {\n  if (resolverOverride) {\n    return _getInstance(resolverOverride);\n  }\n\n  _assert(auth._popupRedirectResolver, auth, AuthErrorCode.ARGUMENT_ERROR);\n\n  return auth._popupRedirectResolver;\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  signInWithIdp,\n  SignInWithIdpRequest\n} from '../../api/authentication/idp';\nimport { PhoneOrOauthTokenResponse } from '../../api/authentication/mfa';\nimport { AuthInternal } from '../../model/auth';\nimport { IdTokenResponse } from '../../model/id_token';\nimport { UserInternal, UserCredentialInternal } from '../../model/user';\nimport { AuthCredential } from '../credentials';\nimport { _link as _linkUser } from '../user/link_unlink';\nimport { _reauthenticate } from '../user/reauthenticate';\nimport { _assert } from '../util/assert';\nimport { _signInWithCredential } from './credential';\nimport { AuthErrorCode } from '../errors';\nimport { ProviderId } from '../../model/enums';\n\nexport interface IdpTaskParams {\n  auth: AuthInternal;\n  requestUri: string;\n  sessionId?: string;\n  tenantId?: string;\n  postBody?: string;\n  pendingToken?: string;\n  user?: UserInternal;\n  bypassAuthState?: boolean;\n}\n\nexport type IdpTask = (\n  params: IdpTaskParams\n) => Promise<UserCredentialInternal>;\n\nclass IdpCredential extends AuthCredential {\n  constructor(readonly params: IdpTaskParams) {\n    super(ProviderId.CUSTOM, ProviderId.CUSTOM);\n  }\n\n  _getIdTokenResponse(auth: AuthInternal): Promise<PhoneOrOauthTokenResponse> {\n    return signInWithIdp(auth, this._buildIdpRequest());\n  }\n\n  _linkToIdToken(\n    auth: AuthInternal,\n    idToken: string\n  ): Promise<IdTokenResponse> {\n    return signInWithIdp(auth, this._buildIdpRequest(idToken));\n  }\n\n  _getReauthenticationResolver(auth: AuthInternal): Promise<IdTokenResponse> {\n    return signInWithIdp(auth, this._buildIdpRequest());\n  }\n\n  private _buildIdpRequest(idToken?: string): SignInWithIdpRequest {\n    const request: SignInWithIdpRequest = {\n      requestUri: this.params.requestUri,\n      sessionId: this.params.sessionId,\n      postBody: this.params.postBody,\n      tenantId: this.params.tenantId,\n      pendingToken: this.params.pendingToken,\n      returnSecureToken: true,\n      returnIdpCredential: true\n    };\n\n    if (idToken) {\n      request.idToken = idToken;\n    }\n\n    return request;\n  }\n}\n\nexport function _signIn(\n  params: IdpTaskParams\n): Promise<UserCredentialInternal> {\n  return _signInWithCredential(\n    params.auth,\n    new IdpCredential(params),\n    params.bypassAuthState\n  ) as Promise<UserCredentialInternal>;\n}\n\nexport function _reauth(\n  params: IdpTaskParams\n): Promise<UserCredentialInternal> {\n  const { auth, user } = params;\n  _assert(user, auth, AuthErrorCode.INTERNAL_ERROR);\n  return _reauthenticate(\n    user,\n    new IdpCredential(params),\n    params.bypassAuthState\n  );\n}\n\nexport async function _link(\n  params: IdpTaskParams\n): Promise<UserCredentialInternal> {\n  const { auth, user } = params;\n  _assert(user, auth, AuthErrorCode.INTERNAL_ERROR);\n  return _linkUser(user, new IdpCredential(params), params.bypassAuthState);\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { FirebaseError } from '@firebase/util';\n\nimport {\n  AuthEvent,\n  AuthEventConsumer,\n  AuthEventType,\n  EventManager,\n  PopupRedirectResolverInternal\n} from '../../model/popup_redirect';\nimport { UserInternal, UserCredentialInternal } from '../../model/user';\nimport { AuthErrorCode } from '../errors';\nimport { debugAssert, _fail } from '../util/assert';\nimport {\n  _link,\n  _reauth,\n  _signIn,\n  IdpTask,\n  IdpTaskParams\n} from '../strategies/idp';\nimport { AuthInternal } from '../../model/auth';\n\ninterface PendingPromise {\n  resolve: (cred: UserCredentialInternal | null) => void;\n  reject: (error: Error) => void;\n}\n\n/**\n * Popup event manager. Handles the popup's entire lifecycle; listens to auth\n * events\n */\nexport abstract class AbstractPopupRedirectOperation\n  implements AuthEventConsumer {\n  private pendingPromise: PendingPromise | null = null;\n  private eventManager: EventManager | null = null;\n  readonly filter: AuthEventType[];\n\n  abstract eventId: string | null;\n\n  constructor(\n    protected readonly auth: AuthInternal,\n    filter: AuthEventType | AuthEventType[],\n    protected readonly resolver: PopupRedirectResolverInternal,\n    protected user?: UserInternal,\n    protected readonly bypassAuthState = false\n  ) {\n    this.filter = Array.isArray(filter) ? filter : [filter];\n  }\n\n  abstract onExecution(): Promise<void>;\n\n  execute(): Promise<UserCredentialInternal | null> {\n    return new Promise<UserCredentialInternal | null>(\n      async (resolve, reject) => {\n        this.pendingPromise = { resolve, reject };\n\n        try {\n          this.eventManager = await this.resolver._initialize(this.auth);\n          await this.onExecution();\n          this.eventManager.registerConsumer(this);\n        } catch (e) {\n          this.reject(e);\n        }\n      }\n    );\n  }\n\n  async onAuthEvent(event: AuthEvent): Promise<void> {\n    const { urlResponse, sessionId, postBody, tenantId, error, type } = event;\n    if (error) {\n      this.reject(error);\n      return;\n    }\n\n    const params: IdpTaskParams = {\n      auth: this.auth,\n      requestUri: urlResponse!,\n      sessionId: sessionId!,\n      tenantId: tenantId || undefined,\n      postBody: postBody || undefined,\n      user: this.user,\n      bypassAuthState: this.bypassAuthState\n    };\n\n    try {\n      this.resolve(await this.getIdpTask(type)(params));\n    } catch (e) {\n      this.reject(e);\n    }\n  }\n\n  onError(error: FirebaseError): void {\n    this.reject(error);\n  }\n\n  private getIdpTask(type: AuthEventType): IdpTask {\n    switch (type) {\n      case AuthEventType.SIGN_IN_VIA_POPUP:\n      case AuthEventType.SIGN_IN_VIA_REDIRECT:\n        return _signIn;\n      case AuthEventType.LINK_VIA_POPUP:\n      case AuthEventType.LINK_VIA_REDIRECT:\n        return _link;\n      case AuthEventType.REAUTH_VIA_POPUP:\n      case AuthEventType.REAUTH_VIA_REDIRECT:\n        return _reauth;\n      default:\n        _fail(this.auth, AuthErrorCode.INTERNAL_ERROR);\n    }\n  }\n\n  protected resolve(cred: UserCredentialInternal | null): void {\n    debugAssert(this.pendingPromise, 'Pending promise was never set');\n    this.pendingPromise.resolve(cred);\n    this.unregisterAndCleanUp();\n  }\n\n  protected reject(error: Error): void {\n    debugAssert(this.pendingPromise, 'Pending promise was never set');\n    this.pendingPromise.reject(error);\n    this.unregisterAndCleanUp();\n  }\n\n  private unregisterAndCleanUp(): void {\n    if (this.eventManager) {\n      this.eventManager.unregisterConsumer(this);\n    }\n\n    this.pendingPromise = null;\n    this.cleanUp();\n  }\n\n  abstract cleanUp(): void;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthInternal } from '../../model/auth';\nimport {\n  AuthEvent,\n  AuthEventType,\n  PopupRedirectResolverInternal\n} from '../../model/popup_redirect';\nimport { UserCredentialInternal } from '../../model/user';\nimport { PersistenceInternal } from '../persistence';\nimport { _persistenceKeyName } from '../persistence/persistence_user_manager';\nimport { _getInstance } from '../util/instantiator';\nimport { AbstractPopupRedirectOperation } from './abstract_popup_redirect_operation';\n\nconst PENDING_REDIRECT_KEY = 'pendingRedirect';\n\n// We only get one redirect outcome for any one auth, so just store it\n// in here.\nconst redirectOutcomeMap: Map<\n  string,\n  () => Promise<UserCredentialInternal | null>\n> = new Map();\n\nexport class RedirectAction extends AbstractPopupRedirectOperation {\n  eventId = null;\n\n  constructor(\n    auth: AuthInternal,\n    resolver: PopupRedirectResolverInternal,\n    bypassAuthState = false\n  ) {\n    super(\n      auth,\n      [\n        AuthEventType.SIGN_IN_VIA_REDIRECT,\n        AuthEventType.LINK_VIA_REDIRECT,\n        AuthEventType.REAUTH_VIA_REDIRECT,\n        AuthEventType.UNKNOWN\n      ],\n      resolver,\n      undefined,\n      bypassAuthState\n    );\n  }\n\n  /**\n   * Override the execute function; if we already have a redirect result, then\n   * just return it.\n   */\n  async execute(): Promise<UserCredentialInternal | null> {\n    let readyOutcome = redirectOutcomeMap.get(this.auth._key());\n    if (!readyOutcome) {\n      try {\n        const hasPendingRedirect = await _getAndClearPendingRedirectStatus(\n          this.resolver,\n          this.auth\n        );\n        const result = hasPendingRedirect ? await super.execute() : null;\n        readyOutcome = () => Promise.resolve(result);\n      } catch (e) {\n        readyOutcome = () => Promise.reject(e);\n      }\n\n      redirectOutcomeMap.set(this.auth._key(), readyOutcome);\n    }\n\n    // If we're not bypassing auth state, the ready outcome should be set to\n    // null.\n    if (!this.bypassAuthState) {\n      redirectOutcomeMap.set(this.auth._key(), () => Promise.resolve(null));\n    }\n\n    return readyOutcome();\n  }\n\n  async onAuthEvent(event: AuthEvent): Promise<void> {\n    if (event.type === AuthEventType.SIGN_IN_VIA_REDIRECT) {\n      return super.onAuthEvent(event);\n    } else if (event.type === AuthEventType.UNKNOWN) {\n      // This is a sentinel value indicating there's no pending redirect\n      this.resolve(null);\n      return;\n    }\n\n    if (event.eventId) {\n      const user = await this.auth._redirectUserForId(event.eventId);\n      if (user) {\n        this.user = user;\n        return super.onAuthEvent(event);\n      } else {\n        this.resolve(null);\n      }\n    }\n  }\n\n  async onExecution(): Promise<void> {}\n\n  cleanUp(): void {}\n}\n\nexport async function _getAndClearPendingRedirectStatus(\n  resolver: PopupRedirectResolverInternal,\n  auth: AuthInternal\n): Promise<boolean> {\n  const key = pendingRedirectKey(auth);\n  const persistence = resolverPersistence(resolver);\n  if (!(await persistence._isAvailable())) {\n    return false;\n  }\n  const hasPendingRedirect =\n    (await persistence._get(key)) === 'true';\n  await persistence._remove(key);\n  return hasPendingRedirect;\n}\n\nexport async function _setPendingRedirectStatus(\n  resolver: PopupRedirectResolverInternal,\n  auth: AuthInternal\n): Promise<void> {\n  return resolverPersistence(resolver)._set(pendingRedirectKey(auth), 'true');\n}\n\nexport function _clearRedirectOutcomes(): void {\n  redirectOutcomeMap.clear();\n}\n\nexport function _overrideRedirectResult(auth: AuthInternal, result: () => Promise<UserCredentialInternal | null>): void {\n  redirectOutcomeMap.set(auth._key(), result);\n}\n\nfunction resolverPersistence(\n  resolver: PopupRedirectResolverInternal\n): PersistenceInternal {\n  return _getInstance(resolver._redirectPersistence);\n}\n\nfunction pendingRedirectKey(auth: AuthInternal): string {\n  return _persistenceKeyName(\n    PENDING_REDIRECT_KEY,\n    auth.config.apiKey,\n    auth.name\n  );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  Auth,\n  AuthProvider,\n  PopupRedirectResolver,\n  User,\n  UserCredential\n} from '../../model/public_types';\n\nimport { _castAuth } from '../../core/auth/auth_impl';\nimport { _assertLinkedStatus } from '../../core/user/link_unlink';\nimport { _assertInstanceOf } from '../../core/util/assert';\nimport { _generateEventId } from '../../core/util/event_id';\nimport { AuthEventType } from '../../model/popup_redirect';\nimport { UserInternal } from '../../model/user';\nimport { _withDefaultResolver } from '../../core/util/resolver';\nimport {\n  RedirectAction,\n  _setPendingRedirectStatus\n} from '../../core/strategies/redirect';\nimport { FederatedAuthProvider } from '../../core/providers/federated';\nimport { getModularInstance } from '@firebase/util';\n\n/**\n * Authenticates a Firebase client using a full-page redirect flow.\n *\n * @remarks\n * To handle the results and errors for this operation, refer to {@link getRedirectResult}.\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new FacebookAuthProvider();\n * // You can add additional scopes to the provider:\n * provider.addScope('user_birthday');\n * // Start a sign in process for an unauthenticated user.\n * await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * if (result) {\n *   // This is the signed-in user\n *   const user = result.user;\n *   // This gives you a Facebook Access Token.\n *   const credential = provider.credentialFromResult(auth, result);\n *   const token = credential.accessToken;\n * }\n * // As this API can be used for sign-in, linking and reauthentication,\n * // check the operationType to determine what triggered this redirect\n * // operation.\n * const operationType = result.operationType;\n * ```\n *\n * @param auth - The {@link Auth} instance.\n * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.\n * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.\n * @param resolver - An instance of {@link PopupRedirectResolver}, optional\n * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.\n *\n * @public\n */\nexport function signInWithRedirect(\n  auth: Auth,\n  provider: AuthProvider,\n  resolver?: PopupRedirectResolver\n): Promise<never> {\n  return _signInWithRedirect(auth, provider, resolver) as Promise<never>;\n}\n\nexport async function _signInWithRedirect(\n  auth: Auth,\n  provider: AuthProvider,\n  resolver?: PopupRedirectResolver\n): Promise<void | never> {\n  const authInternal = _castAuth(auth);\n  _assertInstanceOf(auth, provider, FederatedAuthProvider);\n  const resolverInternal = _withDefaultResolver(authInternal, resolver);\n  await _setPendingRedirectStatus(resolverInternal, authInternal);\n\n  return resolverInternal._openRedirect(\n    authInternal,\n    provider,\n    AuthEventType.SIGN_IN_VIA_REDIRECT\n  );\n}\n\n/**\n * Reauthenticates the current user with the specified {@link OAuthProvider} using a full-page redirect flow.\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new FacebookAuthProvider();\n * const result = await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * // Link using a redirect.\n * await linkWithRedirect(result.user, provider);\n * // This will again trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * ```\n *\n * @param user - The user.\n * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.\n * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.\n * @param resolver - An instance of {@link PopupRedirectResolver}, optional\n * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.\n *\n * @public\n */\nexport function reauthenticateWithRedirect(\n  user: User,\n  provider: AuthProvider,\n  resolver?: PopupRedirectResolver\n): Promise<never> {\n  return _reauthenticateWithRedirect(\n    user,\n    provider,\n    resolver\n  ) as Promise<never>;\n}\nexport async function _reauthenticateWithRedirect(\n  user: User,\n  provider: AuthProvider,\n  resolver?: PopupRedirectResolver\n): Promise<void | never> {\n  const userInternal = getModularInstance(user) as UserInternal;\n  _assertInstanceOf(userInternal.auth, provider, FederatedAuthProvider);\n  // Allow the resolver to error before persisting the redirect user\n  const resolverInternal = _withDefaultResolver(userInternal.auth, resolver);\n  await _setPendingRedirectStatus(resolverInternal, userInternal.auth);\n\n  const eventId = await prepareUserForRedirect(userInternal);\n  return resolverInternal._openRedirect(\n    userInternal.auth,\n    provider,\n    AuthEventType.REAUTH_VIA_REDIRECT,\n    eventId\n  );\n}\n\n/**\n * Links the {@link OAuthProvider} to the user account using a full-page redirect flow.\n *\n * @example\n * ```javascript\n * // Sign in using some other provider.\n * const result = await signInWithEmailAndPassword(auth, email, password);\n * // Link using a redirect.\n * const provider = new FacebookAuthProvider();\n * await linkWithRedirect(result.user, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * ```\n *\n * @param user - The user.\n * @param provider - The provider to authenticate. The provider has to be an {@link OAuthProvider}.\n * Non-OAuth providers like {@link EmailAuthProvider} will throw an error.\n * @param resolver - An instance of {@link PopupRedirectResolver}, optional\n * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.\n *\n *\n * @public\n */\nexport function linkWithRedirect(\n  user: User,\n  provider: AuthProvider,\n  resolver?: PopupRedirectResolver\n): Promise<never> {\n  return _linkWithRedirect(user, provider, resolver) as Promise<never>;\n}\nexport async function _linkWithRedirect(\n  user: User,\n  provider: AuthProvider,\n  resolver?: PopupRedirectResolver\n): Promise<void | never> {\n  const userInternal = getModularInstance(user) as UserInternal;\n  _assertInstanceOf(userInternal.auth, provider, FederatedAuthProvider);\n  // Allow the resolver to error before persisting the redirect user\n  const resolverInternal = _withDefaultResolver(userInternal.auth, resolver);\n  await _assertLinkedStatus(false, userInternal, provider.providerId);\n  await _setPendingRedirectStatus(resolverInternal, userInternal.auth);\n\n  const eventId = await prepareUserForRedirect(userInternal);\n  return resolverInternal._openRedirect(\n    userInternal.auth,\n    provider,\n    AuthEventType.LINK_VIA_REDIRECT,\n    eventId\n  );\n}\n\n/**\n * Returns a {@link UserCredential} from the redirect-based sign-in flow.\n *\n * @remarks\n * If sign-in succeeded, returns the signed in user. If sign-in was unsuccessful, fails with an\n * error. If no redirect operation was called, returns a {@link UserCredential}\n * with a null `user`.\n *\n * @example\n * ```javascript\n * // Sign in using a redirect.\n * const provider = new FacebookAuthProvider();\n * // You can add additional scopes to the provider:\n * provider.addScope('user_birthday');\n * // Start a sign in process for an unauthenticated user.\n * await signInWithRedirect(auth, provider);\n * // This will trigger a full page redirect away from your app\n *\n * // After returning from the redirect when your app initializes you can obtain the result\n * const result = await getRedirectResult(auth);\n * if (result) {\n *   // This is the signed-in user\n *   const user = result.user;\n *   // This gives you a Facebook Access Token.\n *   const credential = provider.credentialFromResult(auth, result);\n *   const token = credential.accessToken;\n * }\n * // As this API can be used for sign-in, linking and reauthentication,\n * // check the operationType to determine what triggered this redirect\n * // operation.\n * const operationType = result.operationType;\n * ```\n *\n * @param auth - The {@link Auth} instance.\n * @param resolver - An instance of {@link PopupRedirectResolver}, optional\n * if already supplied to {@link initializeAuth} or provided by {@link getAuth}.\n *\n * @public\n */\nexport async function getRedirectResult(\n  auth: Auth,\n  resolver?: PopupRedirectResolver\n): Promise<UserCredential | null> {\n  await _castAuth(auth)._initializationPromise;\n  return _getRedirectResult(auth, resolver, false);\n}\n\nexport async function _getRedirectResult(\n  auth: Auth,\n  resolverExtern?: PopupRedirectResolver,\n  bypassAuthState = false\n): Promise<UserCredential | null> {\n  const authInternal = _castAuth(auth);\n  const resolver = _withDefaultResolver(authInternal, resolverExtern);\n  const action = new RedirectAction(authInternal, resolver, bypassAuthState);\n  const result = await action.execute();\n\n  if (result && !bypassAuthState) {\n    delete result.user._redirectEventId;\n    await authInternal._persistUserIfCurrent(result.user as UserInternal);\n    await authInternal._setRedirectUser(null, resolverExtern);\n  }\n\n  return result;\n}\n\nasync function prepareUserForRedirect(user: UserInternal): Promise<string> {\n  const eventId = _generateEventId(`${user.uid}:::`);\n  user._redirectEventId = eventId;\n  await user.auth._setRedirectUser(user);\n  await user.auth._persistUserIfCurrent(user);\n  return eventId;\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\nimport { Persistence } from '../../model/public_types';\n\nexport const enum PersistenceType {\n  SESSION = 'SESSION',\n  LOCAL = 'LOCAL',\n  NONE = 'NONE'\n}\n\nexport type PersistedBlob = Record<string, unknown>;\n\nexport interface Instantiator<T> {\n  (blob: PersistedBlob): T;\n}\n\nexport type PersistenceValue = PersistedBlob | string;\n\nexport const STORAGE_AVAILABLE_KEY = '__sak';\n\nexport interface StorageEventListener {\n  (value: PersistenceValue | null): void;\n}\n\nexport interface PersistenceInternal extends Persistence {\n  type: PersistenceType;\n  _isAvailable(): Promise<boolean>;\n  _set(key: string, value: PersistenceValue): Promise<void>;\n  _get<T extends PersistenceValue>(key: string): Promise<T | null>;\n  _remove(key: string): Promise<void>;\n  _addListener(key: string, listener: StorageEventListener): void;\n  _removeListener(key: string, listener: StorageEventListener): void;\n  // Should this persistence allow migration up the chosen hierarchy?\n  _shouldAllowMigration?: boolean;\n}\n","/**\n * @license\n * Copyright 2019 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport {\n  PersistenceValue,\n  STORAGE_AVAILABLE_KEY,\n  PersistenceType\n} from '../../core/persistence';\n\n// There are two different browser persistence types: local and session.\n// Both have the same implementation but use a different underlying storage\n// object.\n\nexport abstract class BrowserPersistenceClass {\n  protected constructor(\n    protected readonly storageRetriever: () => Storage,\n    readonly type: PersistenceType\n  ) {}\n\n  _isAvailable(): Promise<boolean> {\n    try {\n      if (!this.storage) {\n        return Promise.resolve(false);\n      }\n      this.storage.setItem(STORAGE_AVAILABLE_KEY, '1');\n      this.storage.removeItem(STORAGE_AVAILABLE_KEY);\n      return Promise.resolve(true);\n    } catch {\n      return Promise.resolve(false);\n    }\n  }\n\n  _set(key: string, value: PersistenceValue): Promise<void> {\n    this.storage.setItem(key, JSON.stringify(value));\n    return Promise.resolve();\n  }\n\n  _get<T extends PersistenceValue>(key: string): Promise<T | null> {\n    const json = this.storage.getItem(key);\n    return Promise.resolve(json ? JSON.parse(json) : null);\n  }\n\n  _remove(key: string): Promise<void> {\n    this.storage.removeItem(key);\n    return Promise.resolve();\n  }\n\n  protected get storage(): Storage {\n    return this.storageRetriever();\n  }\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { Persistence } from '../../model/public_types';\n\nimport {\n  PersistenceInternal as InternalPersistence,\n  PersistenceType,\n  StorageEventListener\n} from '../../core/persistence';\nimport { BrowserPersistenceClass } from './browser';\n\nclass BrowserSessionPersistence\n  extends BrowserPersistenceClass\n  implements InternalPersistence\n{\n  static type: 'SESSION' = 'SESSION';\n\n  constructor() {\n    super(() => window.sessionStorage, PersistenceType.SESSION);\n  }\n\n  _addListener(_key: string, _listener: StorageEventListener): void {\n    // Listeners are not supported for session storage since it cannot be shared across windows\n    return;\n  }\n\n  _removeListener(_key: string, _listener: StorageEventListener): void {\n    // Listeners are not supported for session storage since it cannot be shared across windows\n    return;\n  }\n}\n\n/**\n * An implementation of {@link Persistence} of `SESSION` using `sessionStorage`\n * for the underlying storage.\n *\n * @public\n */\nexport const browserSessionPersistence: Persistence = BrowserSessionPersistence;\n","/**\n * @license\n * Copyright 2021 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { SDK_VERSION } from '@firebase/app';\nimport { AuthProvider } from '../../model/public_types';\nimport { ApiKey, AppName, AuthInternal } from '../../model/auth';\nimport { AuthEventType } from '../../model/popup_redirect';\nimport { AuthErrorCode } from '../errors';\nimport { _assert } from './assert';\nimport { isEmpty, querystring } from '@firebase/util';\nimport { _emulatorUrl } from './emulator';\nimport { FederatedAuthProvider } from '../providers/federated';\nimport { BaseOAuthProvider } from '../providers/oauth';\n\n/**\n * URL for Authentication widget which will initiate the OAuth handshake\n *\n * @internal\n */\nconst WIDGET_PATH = '__/auth/handler';\n\n/**\n * URL for emulated environment\n *\n * @internal\n */\nconst EMULATOR_WIDGET_PATH = 'emulator/auth/handler';\n\n// eslint-disable-next-line @typescript-eslint/consistent-type-definitions\ntype WidgetParams = {\n  apiKey: ApiKey;\n  appName: AppName;\n  authType: AuthEventType;\n  redirectUrl?: string;\n  v: string;\n  providerId?: string;\n  scopes?: string;\n  customParameters?: string;\n  eventId?: string;\n  tid?: string;\n} & { [key: string]: string | undefined };\n\nexport function _getRedirectUrl(\n  auth: AuthInternal,\n  provider: AuthProvider,\n  authType: AuthEventType,\n  redirectUrl?: string,\n  eventId?: string,\n  additionalParams?: Record<string, string>\n): string {\n  _assert(auth.config.authDomain, auth, AuthErrorCode.MISSING_AUTH_DOMAIN);\n  _assert(auth.config.apiKey, auth, AuthErrorCode.INVALID_API_KEY);\n\n  const params: WidgetParams = {\n    apiKey: auth.config.apiKey,\n    appName: auth.name,\n    authType,\n    redirectUrl,\n    v: SDK_VERSION,\n    eventId\n  };\n\n  if (provider instanceof FederatedAuthProvider) {\n    provider.setDefaultLanguage(auth.languageCode);\n    params.providerId = provider.providerId || '';\n    if (!isEmpty(provider.getCustomParameters())) {\n      params.customParameters = JSON.stringify(provider.getCustomParameters());\n    }\n\n    // TODO set additionalParams from the provider as well?\n    for (const [key, value] of Object.entries(additionalParams || {})) {\n      params[key] = value;\n    }\n  }\n\n  if (provider instanceof BaseOAuthProvider) {\n    const scopes = provider.getScopes().filter(scope => scope !== '');\n    if (scopes.length > 0) {\n      params.scopes = scopes.join(',');\n    }\n  }\n\n  if (auth.tenantId) {\n    params.tid = auth.tenantId;\n  }\n\n  // TODO: maybe set eid as endipointId\n  // TODO: maybe set fw as Frameworks.join(\",\")\n\n  const paramsDict = params as Record<string, string | number>;\n  for (const key of Object.keys(paramsDict)) {\n    if (paramsDict[key] === undefined) {\n      delete paramsDict[key];\n    }\n  }\n  return `${getHandlerBase(auth)}?${querystring(paramsDict).slice(1)}`;\n}\n\nfunction getHandlerBase({ config }: AuthInternal): string {\n  if (!config.emulator) {\n    return `https://${config.authDomain}/${WIDGET_PATH}`;\n  }\n\n  return _emulatorUrl(config, EMULATOR_WIDGET_PATH);\n}\n","/**\n * @license\n * Copyright 2021 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nexport interface CordovaWindow extends Window {\n  cordova: {\n    plugins: {\n      browsertab: {\n        isAvailable(cb: (available: boolean) => void): void;\n        openUrl(url: string): void;\n        close(): void;\n      };\n    };\n\n    InAppBrowser: {\n      open(url: string, target: string, options: string): InAppBrowserRef;\n    };\n  };\n\n  universalLinks: {\n    subscribe(\n      n: null,\n      cb: (event: Record<string, string> | null) => void\n    ): void;\n  };\n\n  BuildInfo: {\n    readonly packageName: string;\n    readonly displayName: string;\n  };\n\n  handleOpenURL(url: string): void;\n}\n\nexport interface InAppBrowserRef {\n  close?: () => void;\n}\n\nexport function _cordovaWindow(): CordovaWindow {\n  return (window as unknown) as CordovaWindow;\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { _performApiRequest, Endpoint, HttpMethod } from '../index';\nimport { Auth } from '../../model/public_types';\n\nexport interface GetProjectConfigRequest {\n  androidPackageName?: string;\n  iosBundleId?: string;\n}\n\nexport interface GetProjectConfigResponse {\n  authorizedDomains: string[];\n}\n\nexport async function _getProjectConfig(\n  auth: Auth,\n  request: GetProjectConfigRequest = {}\n): Promise<GetProjectConfigResponse> {\n  return _performApiRequest<GetProjectConfigRequest, GetProjectConfigResponse>(\n    auth,\n    HttpMethod.GET,\n    Endpoint.GET_PROJECT_CONFIG,\n    request\n  );\n}\n","/**\n * @license\n * Copyright 2020 Google LLC\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *   http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { AuthProvider } from '../../model/public_types';\nimport { AuthErrorCode } from '../../core/errors';\nimport {\n  debugAssert,\n  _assert,\n  _createError,\n  _fail\n} from '../../core/util/assert';\nimport { _isAndroid, _isIOS, _isIOS7Or8 } from '../../core/util/browser';\nimport { _getRedirectUrl } from '../../core/util/handler';\nimport { AuthInternal } from '../../model/auth';\nimport { AuthEvent } from '../../model/popup_redirect';\nimport { InAppBrowserRef, _cordovaWindow } from '../plugins';\nimport {\n  GetProjectConfigRequest,\n  _getProjectConfig\n} from '../../api/project_config/get_project_config';\n\n/**\n * How long to wait after the app comes back into focus before concluding that\n * the user closed the sign in tab.\n */\nconst REDIRECT_TIMEOUT_MS = 2000;\n\n/**\n * Generates the URL for the OAuth handler.\n */\nexport async function _generateHandlerUrl(\n  auth: AuthInternal,\n  event: AuthEvent,\n  provider: AuthProvider\n): Promise<string> {\n  // Get the cordova plugins\n  const { BuildInfo } = _cordovaWindow();\n  debugAssert(event.sessionId, 'AuthEvent did not contain a session ID');\n  const sessionDigest = await computeSha256(event.sessionId);\n\n  const additionalParams: Record<string, string> = {};\n  if (_isIOS()) {\n    // iOS app identifier\n    additionalParams['ibi'] = BuildInfo.packageName;\n  } else if (_isAndroid()) {\n    // Android app identifier\n    additionalParams['apn'] = BuildInfo.packageName;\n  } else {\n    _fail(auth, AuthErrorCode.OPERATION_NOT_SUPPORTED);\n  }\n\n  // Add the display name if available\n  if (BuildInfo.displayName) {\n    additionalParams['appDisplayName'] = BuildInfo.displayName;\n  }\n\n  // Attached the hashed session ID\n  additionalParams['sessionId'] = sessionDigest;\n  return _getRedirectUrl(\n    auth,\n    provider,\n    event.type,\n    undefined,\n    event.eventId ?? undefined,\n    additionalParams\n  );\n}\n\n/**\n * Validates that this app is valid for this project configuration\n */\nexport async function _validateOrigin(auth: AuthInternal): Promise<void> {\n  const { BuildInfo } = _cordovaWindow();\n  const request: GetProjectConfigRequest = {};\n  if (_isIOS()) {\n    request.iosBundleId = BuildInfo.packageName;\n  } else if (_isAndroid()) {\n    request.androidPackageName = BuildInfo.packageName;\n  } else {\n    _fail(auth, AuthErrorCode.OPERATION_NOT_SUPPORTED);\n  }\n\n  // Will fail automatically if package name is not authorized\n  await _getProjectConfig(auth, request);\n}\n\nexport function _performRedirect(\n  handlerUrl: string\n): Promise<InAppBrowserRef | null> {\n  // Get the cordova plugins\n  const { cordova } = _cordovaWindow();\n\n  return new Promise(resolve => {\n    cordova.plugins.browsertab.isAvailable(browserTabIsAvailable => {\n      let iabRef: InAppBrowserRef | null = null;\n      if (browserTabIsAvailable) {\n        cordova.plugins.browsertab.openUrl(handlerUrl);\n      } else {\n        // TODO: Return the inappbrowser ref that's returned from the open call\n        iabRef = cordova.InAppBrowser.open(\n          handlerUrl,\n          _isIOS7Or8() ? '_blank' : '_system',\n          'location=yes'\n        );\n      }\n      resolve(iabRef);\n    });\n  });\n}\n\n// Thin interface wrapper to avoid circular dependency with ./events module\ninterface PassiveAuthEventListener {\n  addPassiveListener(cb: () => void): void;\n  removePassiveListener(cb: () => void): void;\n}\n\n/**\n * This function waits for app activity to be seen before resolving. It does\n * this by attaching listeners to various dom events. Once the app is determined\n * to be visible, this promise resolves. AFTER that resolution, the listeners\n * are detached and any browser tabs left open will be closed.\n */\nexport async function _waitForAppResume(\n  auth: AuthInternal,\n  eventListener: PassiveAuthEventListener,\n  iabRef: InAppBrowserRef | null\n): Promise<void> {\n  // Get the cordova plugins\n  const { cordova } = _cordovaWindow();\n\n  let cleanup = (): void => {};\n  try {\n    await new Promise<void>((resolve, reject) => {\n      let onCloseTimer: number | null = null;\n\n      // DEFINE ALL THE CALLBACKS =====\n      function authEventSeen(): void {\n        // Auth event was detected. Resolve this promise and close the extra\n        // window if it's still open.\n        resolve();\n        const closeBrowserTab = cordova.plugins.browsertab?.close;\n        if (typeof closeBrowserTab === 'function') {\n          closeBrowserTab();\n        }\n        // Close inappbrowser emebedded webview in iOS7 and 8 case if still\n        // open.\n        if (typeof iabRef?.close === 'function') {\n          iabRef.close();\n        }\n      }\n\n      function resumed(): void {\n        if (onCloseTimer) {\n          // This code already ran; do not rerun.\n          return;\n        }\n\n        onCloseTimer = window.setTimeout(() => {\n          // Wait two seeconds after resume then reject.\n          reject(_createError(auth, AuthErrorCode.REDIRECT_CANCELLED_BY_USER));\n        }, REDIRECT_TIMEOUT_MS);\n      }\n\n      function visibilityChanged(): void {\n        if (document?.visibilityState === 'visible') {\n          resumed();\n        }\n      }\n\n      // ATTACH ALL THE LISTENERS =====\n      // Listen for the auth event\n      eventListener.addPassiveListener(authEventSeen);\n\n      // Listen for resume and visibility events\n      document.addEventListener('resume', resumed, false);\n      if (_isAndroid()) {\n        document.addEventListener('visibilitychange', visibilityChanged, false);\n      }\n\n      // SETUP THE CLEANUP FUNCTION =====\n      cleanup = () => {\n        eventListener.removePassiveListener(authEventSeen);\n        document.removeEventListener('resume', resumed, false);\n        document.removeEventListener(\n          'visibilitychange',\n          visibilityChanged,\n          false\n        );\n        if (onCloseTimer) {\n          window.clearTimeout(onCloseTimer);\n        }\n      };\n    });\n  } finally {\n    cleanup();\n  }\n}\n\n/**\n * Checks the configuration of the Cordova environment. This has no side effect\n * if the configuration is correct; otherwise it throws an error with the\n * missing plugin.\n */\nexport function _checkCordovaConfiguration(auth: AuthInternal): void {\n  const win = _cordovaWindow();\n  // Check all dependencies installed.\n  // https://github.com/nordnet/cordova-universal-links-plugin\n  // Note that cordova-universal-links-plugin has been abandoned.\n  // A fork with latest fixes is available at:\n  // https://www.npmjs.com/package/cordova-universal-links-plugin-fix\n  _assert(\n    typeof win?.universalLinks?.subscribe === 'function',\n    auth,\n    AuthErrorCode.INVALID_CORDOVA_CONFIGURATION,\n    {\n      missingPlugin: 'cordova-universal-links-plugin-fix'\n    }\n  );\n\n  // https://www.npmjs.com/package/cordova-plugin-buildinfo\n  _assert(\n    typeof win?.BuildInfo?.packageName !== 'undefined',\n    auth,\n    AuthErrorCode.INVALID_CORDOVA_CONFIGURATION,\n    {\n      missingPlugin: 'cordova-plugin-buildInfo'\n    }\n  );\n\n  // https://github.com/google/cordova-plugin-browsertab\n  _assert(\n    typeof win?.cordova?.plugins?.browsertab?.openUrl === 'function',\n    auth,\n    AuthErrorCode.INVALID_CORDOVA_CONFIGURATION,\n    {\n      missingPlugin: 'cordova-plugin-browsertab'\n    }\n  );\n  _assert(\n    typeof win?.cordova?.plugins?.browsertab?.isAvailable === 'function',\n    auth,\n    Auth