Align recaptcha error codes with android

Author: chuanr

common/api-review/auth.api.md

@@ -227,8 +227,14 @@ export const AuthErrorCodes: {
     readonly WEAK_PASSWORD: "auth/weak-password";
     readonly WEB_STORAGE_UNSUPPORTED: "auth/web-storage-unsupported";
     readonly ALREADY_INITIALIZED: "auth/already-initialized";
-    readonly RECAPTCHA_CHECK_FAILED: "auth/recaptcha-check-failed";
     readonly RECAPTCHA_NOT_ENABLED: "auth/recaptcha-not-enabled";
+    readonly MISSING_RECAPTCHA_TOKEN: "auth/missing-recaptcha-token";
+    readonly INVALID_RECAPTCHA_TOKEN: "auth/invalid-recaptcha-token";
+    readonly INVALID_RECAPTCHA_ACTION: "auth/invalide-recaptcha-action";
+    readonly MISSING_CLIENT_TYPE: "auth/missing-client-type";
+    readonly MISSING_RECAPTCHA_VERSION: "auth/missing-recaptcha-version";
+    readonly INVALID_RECAPTCHA_VERSION: "auth/invalid-recaptcha-version";
+    readonly INVALID_REQ_TYPE: "auth/invalid-req-type";
 };
 
 // @public

packages/auth/src/api/errors.ts

@@ -216,7 +216,7 @@ export const SERVER_ERROR_MAP: Partial<ServerErrorMap<ServerError>> = {
   [ServerError.BLOCKING_FUNCTION_ERROR_RESPONSE]: AuthErrorCode.INTERNAL_ERROR,
 
   // Recaptcha related errors.
-  [ServerError.INVALID_RECAPTCHA_SCORE]: AuthErrorCode.RECAPTCHA_CHECK_FAILED,
+  [ServerError.INVALID_RECAPTCHA_SCORE]: AuthErrorCode.CAPTCHA_CHECK_FAILED,
   [ServerError.RECAPTCHA_NOT_ENABLED]: AuthErrorCode.RECAPTCHA_NOT_ENABLED,
   [ServerError.MISSING_RECAPTCHA_TOKEN]: AuthErrorCode.INTERNAL_ERROR,
   [ServerError.INVALID_RECAPTCHA_TOKEN]: AuthErrorCode.INTERNAL_ERROR,

packages/auth/src/core/credentials/email.ts

@@ -26,7 +26,6 @@ import {
 import { AuthInternal } from '../../model/auth';
 import { IdTokenResponse } from '../../model/id_token';
 import { AuthErrorCode } from '../errors';
-import { ServerError } from '../../api/errors';
 import { _fail } from '../util/assert';
 import { AuthCredential } from './auth_credential';
 import { injectRecaptchaFields } from '../../platform_browser/recaptcha/recaptcha_enterprise_verifier';
@@ -125,7 +124,7 @@ export class EmailAuthCredential extends AuthCredential {
           return signInWithPassword(auth, requestWithRecaptcha);
         } else {
           return signInWithPassword(auth, request).catch(async (error) => {
-            if (error.code === `auth/${ServerError.MISSING_RECAPTCHA_TOKEN}`) {
+            if (error.code === `auth/${AuthErrorCode.MISSING_RECAPTCHA_TOKEN}`) {
               console.log("Sign-in with email address and password is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-in flow.");
               const requestWithRecaptcha = await injectRecaptchaFields(auth, request, RecaptchaActionName.SIGN_IN_WITH_PASSWORD);
               return signInWithPassword(auth, requestWithRecaptcha);

packages/auth/src/core/errors.ts

@@ -124,8 +124,14 @@ export const enum AuthErrorCode {
   WEAK_PASSWORD = 'weak-password',
   WEB_STORAGE_UNSUPPORTED = 'web-storage-unsupported',
   ALREADY_INITIALIZED = 'already-initialized',
-  RECAPTCHA_CHECK_FAILED = 'recaptcha-check-failed',
   RECAPTCHA_NOT_ENABLED = 'recaptcha-not-enabled',
+  MISSING_RECAPTCHA_TOKEN = 'missing-recaptcha-token',
+  INVALID_RECAPTCHA_TOKEN = 'invalid-recaptcha-token',
+  INVALID_RECAPTCHA_ACTION = 'invalide-recaptcha-action',
+  MISSING_CLIENT_TYPE = 'missing-client-type',
+  MISSING_RECAPTCHA_VERSION = 'missing-recaptcha-version',
+  INVALID_RECAPTCHA_VERSION = 'invalid-recaptcha-version',
+  INVALID_REQ_TYPE = 'invalid-req-type'
 }
 
 function _debugErrorMap(): ErrorMap<AuthErrorCode> {
@@ -359,10 +365,22 @@ function _debugErrorMap(): ErrorMap<AuthErrorCode> {
       'different options. To avoid this error, call initializeAuth() with the ' +
       'same options as when it was originally called, or call getAuth() to return the' +
       ' already initialized instance.',
-    [AuthErrorCode.RECAPTCHA_CHECK_FAILED]:
-      'The ReCAPTCHA assessment failed for this request.',
+    [AuthErrorCode.MISSING_RECAPTCHA_TOKEN]:
+      'The reCAPTCHA token is missing when sending request to the backend.',
+    [AuthErrorCode.INVALID_RECAPTCHA_TOKEN]:
+      'The reCAPTCHA token is invalid when sending request to the backend.',
+    [AuthErrorCode.INVALID_RECAPTCHA_ACTION]:
+      'The reCAPTCHA action is invalid when sending request to the backend.',
     [AuthErrorCode.RECAPTCHA_NOT_ENABLED]:
       'reCAPTCHA integration is not enabled for this project.',
+    [AuthErrorCode.MISSING_CLIENT_TYPE]:
+      'The reCAPTCHA client type is missing when sending request to the backend.',
+    [AuthErrorCode.MISSING_RECAPTCHA_VERSION]:
+      'The reCAPTCHA version is missing when sending request to the backend.',
+    [AuthErrorCode.INVALID_REQ_TYPE]:
+      'The reCAPTCHA client type or version is invalid when retrieving the site key.',
+    [AuthErrorCode.INVALID_RECAPTCHA_VERSION]:
+      'The reCAPTCHA version is invalid when sending request to the backend.'
   };
 }
 
@@ -565,6 +583,12 @@ export const AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = {
   WEAK_PASSWORD: 'auth/weak-password',
   WEB_STORAGE_UNSUPPORTED: 'auth/web-storage-unsupported',
   ALREADY_INITIALIZED: 'auth/already-initialized',
-  RECAPTCHA_CHECK_FAILED: 'auth/recaptcha-check-failed',
   RECAPTCHA_NOT_ENABLED: 'auth/recaptcha-not-enabled',
+  MISSING_RECAPTCHA_TOKEN: 'auth/missing-recaptcha-token',
+  INVALID_RECAPTCHA_TOKEN: 'auth/invalid-recaptcha-token',
+  INVALID_RECAPTCHA_ACTION: 'auth/invalide-recaptcha-action',
+  MISSING_CLIENT_TYPE: 'auth/missing-client-type',
+  MISSING_RECAPTCHA_VERSION: 'auth/missing-recaptcha-version',
+  INVALID_RECAPTCHA_VERSION: 'auth/invalid-recaptcha-version',
+  INVALID_REQ_TYPE: 'auth/invalid-req-type'
 } as const;

packages/auth/src/core/strategies/email_and_password.ts

@@ -34,7 +34,6 @@ import { _setActionCodeSettingsOnRequest } from './action_code_settings';
 import { signInWithCredential } from './credential';
 import { _castAuth } from '../auth/auth_impl';
 import { AuthErrorCode } from '../errors';
-import { ServerError } from '../../api/errors';
 import { getModularInstance } from '@firebase/util';
 import { OperationType } from '../../model/enums';
 import { injectRecaptchaFields } from '../../platform_browser/recaptcha/recaptcha_enterprise_verifier';
@@ -94,7 +93,7 @@ export async function sendPasswordResetEmail(
       _setActionCodeSettingsOnRequest(authInternal, request, actionCodeSettings);
     }
     await authentication.sendPasswordResetEmail(authInternal, request).catch(async (error) => {
-      if (error.code === `auth/${ServerError.MISSING_RECAPTCHA_TOKEN}`) {
+      if (error.code === `auth/${AuthErrorCode.MISSING_RECAPTCHA_TOKEN}`) {
         console.log("Password resets are protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the password reset flow.");
         const requestWithRecaptcha = await injectRecaptchaFields(authInternal, request, RecaptchaActionName.GET_OOB_CODE, true);
         if (actionCodeSettings) {
@@ -260,7 +259,7 @@ export async function createUserWithEmailAndPassword(
     signUpResponse = signUp(authInternal, requestWithRecaptcha);
   } else {
     signUpResponse = signUp(authInternal, request).catch(async (error) => {
-      if (error.code === `auth/${ServerError.MISSING_RECAPTCHA_TOKEN}`) {
+      if (error.code === `auth/${AuthErrorCode.MISSING_RECAPTCHA_TOKEN}`) {
         console.log("Sign-up is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-up flow.");
         const requestWithRecaptcha = await injectRecaptchaFields(authInternal, request, RecaptchaActionName.SIGN_UP_PASSWORD);
         return signUp(authInternal, requestWithRecaptcha);

packages/auth/src/core/strategies/email_link.ts

@@ -29,7 +29,6 @@ import { _getCurrentUrl } from '../util/location';
 import { _setActionCodeSettingsOnRequest } from './action_code_settings';
 import { signInWithCredential } from './credential';
 import { AuthErrorCode } from '../errors';
-import { ServerError } from '../../api/errors';
 import { _assert } from '../util/assert';
 import { getModularInstance } from '@firebase/util';
 import { _castAuth } from '../auth/auth_impl';
@@ -101,7 +100,7 @@ export async function sendSignInLinkToEmail(
   } else {
     setActionCodeSettings(request, actionCodeSettings);
     await api.sendSignInLinkToEmail(authInternal, request).catch(async (error) => {
-      if (error.code === `auth/${ServerError.MISSING_RECAPTCHA_TOKEN}`) {
+      if (error.code === `auth/${AuthErrorCode.MISSING_RECAPTCHA_TOKEN}`) {
         console.log("Email link sign-in is protected by reCAPTCHA for this project. Automatically triggering the reCAPTCHA flow and restarting the sign-in flow.");
         const requestWithRecaptcha = await injectRecaptchaFields(authInternal, request, RecaptchaActionName.GET_OOB_CODE, true);
         setActionCodeSettings(requestWithRecaptcha, actionCodeSettings);