@@ -800,59 +800,52 @@ export class OIDCConfig implements OIDCAuthProviderConfig {
800800 ) ;
801801 }
802802 if ( validator . isNonNullObject ( options . responseType ) && typeof options . responseType !== 'undefined' ) {
803- let idTokenType ;
804- let codeType ;
805- let setIdTokenType = false ;
806- let setCodeType = false ;
807- for ( const responseTypeKey in options . responseType ) {
808- if ( ! ( responseTypeKey in validResponseTypes ) ) {
803+ Object . keys ( options . responseType ) . forEach ( ( key ) => {
804+ if ( ! ( key in validResponseTypes ) ) {
809805 throw new FirebaseAuthError (
810806 AuthClientErrorCode . INVALID_CONFIG ,
811- `"${ responseTypeKey } ,
807+ `"${ key } ,
808+ ) ;
809+ }
810+ } ) ;
811+
812+ const idToken = options . responseType . idToken ;
813+ if ( typeof idToken !== 'undefined' ) {
814+ if ( ! validator . isBoolean ( idToken ) ) {
815+ throw new FirebaseAuthError (
816+ AuthClientErrorCode . INVALID_ARGUMENT ,
817+ '"OIDCAuthProviderConfig.responseType.idToken" must be a boolean.' ,
812818 ) ;
813- } else {
814- if ( responseTypeKey === 'idToken' ) {
815- if ( ! validator . isBoolean ( options . responseType . idToken ) ) {
816- throw new FirebaseAuthError (
817- AuthClientErrorCode . INVALID_ARGUMENT ,
818- '"OIDCAuthProviderConfig.responseType.idToken" must be a boolean.' ,
819- ) ;
820- }
821- if ( typeof options . responseType . idToken !== 'undefined' ) {
822- idTokenType = options . responseType . idToken ;
823- setIdTokenType = true ;
824- }
825- } else if ( responseTypeKey === 'code' ) {
826- if ( ! validator . isBoolean ( options . responseType . code ) ) {
827- throw new FirebaseAuthError (
828- AuthClientErrorCode . INVALID_ARGUMENT ,
829- '"OIDCAuthProviderConfig.responseType.code" must be a boolean.' ,
830- ) ;
831- }
832- if ( typeof options . responseType . code !== 'undefined' ) {
833- codeType = options . responseType . code ;
834- setCodeType = true ;
835- }
836- }
837819 }
838820 }
839-
821+
822+ const code = options . responseType . code ;
823+ if ( typeof code !== 'undefined' ) {
824+ if ( ! validator . isBoolean ( code ) ) {
825+ throw new FirebaseAuthError (
826+ AuthClientErrorCode . INVALID_ARGUMENT ,
827+ '"OIDCAuthProviderConfig.responseType.code" must be a boolean.' ,
828+ ) ;
829+ }
830+
831+ // If code flow is enabled, client secret must be provided.
832+ if ( typeof options . clientSecret === 'undefined' ) {
833+ throw new FirebaseAuthError (
834+ AuthClientErrorCode . MISSING_OAUTH_CLIENT_SECRET ,
835+ 'The OAuth configuration client secret is required to enable OIDC code flow.' ,
836+ ) ;
837+ }
838+ }
839+
840+ const allKeys = Object . keys ( options . responseType ) . length ;
841+ const enabledCount = Object . values ( options . responseType ) . filter ( Boolean ) . length ;
840842 // Only one of OAuth response types can be set to true.
841- if ( ( setIdTokenType && setCodeType ) &&
842- ( ( idTokenType && codeType ) ||
843- ( ! idTokenType && ! codeType ) ) ) {
843+ if ( allKeys > 1 && enabledCount != 1 ) {
844844 throw new FirebaseAuthError (
845845 AuthClientErrorCode . INVALID_OAUTH_RESPONSETYPE ,
846846 'Only exactly one OAuth responseType should be set to true.' ,
847847 ) ;
848848 }
849- // If code flow is enabled, client secret must be provided.
850- if ( codeType && typeof options . clientSecret === 'undefined' ) {
851- throw new FirebaseAuthError (
852- AuthClientErrorCode . MISSING_OAUTH_CLIENT_SECRET ,
853- 'The OAuth configuration client secret is required to enable OIDC code flow.' ,
854- ) ;
855- }
856849 }
857850 }
858851
0 commit comments