fix Unsafe JavaScript Equality Checking (#2183)

src/auth/auth-api-request.ts

@@ -1603,7 +1603,7 @@ export abstract class AbstractAuthRequestHandler {
    * @param email - The email of the user the link is being sent to.
    * @param actionCodeSettings - The optional action code setings which defines whether
    *     the link is to be handled by a mobile app and the additional state information to be passed in the
-   *     deep link, etc. Required when requestType == 'EMAIL_SIGNIN'
+   *     deep link, etc. Required when requestType === 'EMAIL_SIGNIN'
    * @param newEmail - The email address the account is being updated to.
    *     Required only for VERIFY_AND_CHANGE_EMAIL requests.
    * @returns A promise that resolves with the email action link.

src/auth/auth-config.ts

@@ -1517,7 +1517,7 @@ export class OIDCConfig implements OIDCAuthProviderConfig {
       const allKeys = Object.keys(options.responseType).length;
       const enabledCount = Object.values(options.responseType).filter(Boolean).length;
       // Only one of OAuth response types can be set to true.
-      if (allKeys > 1 && enabledCount != 1) {
+      if (allKeys > 1 && enabledCount !== 1) {
         throw new FirebaseAuthError(
           AuthClientErrorCode.INVALID_OAUTH_RESPONSETYPE,
           'Only exactly one OAuth responseType should be set to true.',
@@ -1872,7 +1872,7 @@ export class RecaptchaAuthConfig implements RecaptchaConfig {
       });
     }
 
-    if (typeof options.useAccountDefender != 'undefined') {
+    if (typeof options.useAccountDefender !== 'undefined') {
       if (!validator.isBoolean(options.useAccountDefender)) {
         throw new FirebaseAuthError(
           AuthClientErrorCode.INVALID_CONFIG,

src/auth/tenant.ts

@@ -287,7 +287,7 @@ export class Tenant {
       MultiFactorAuthConfig.buildServerRequest(request.multiFactorConfig);
     }
     // Validate SMS Regions Config if provided.
-    if (typeof request.smsRegionConfig != 'undefined') {
+    if (typeof request.smsRegionConfig !== 'undefined') {
       SmsRegionsAuthConfig.validate(request.smsRegionConfig);
     }
     // Validate reCAPTCHAConfig type if provided.

src/auth/token-verifier.ts

@@ -466,7 +466,7 @@ export class FirebaseTokenVerifier {
   private safeDecode(jwtToken: string): Promise<DecodedToken> {
     return decodeJwt(jwtToken)
       .catch((err: JwtError) => {
-        if (err.code == JwtErrorCode.INVALID_ARGUMENT) {
+        if (err.code === JwtErrorCode.INVALID_ARGUMENT) {
           const verifyJwtTokenDocsMessage = ` See ${this.tokenInfo.url} ` +
             `for details on how to retrieve ${this.shortNameArticle} ${this.tokenInfo.shortName}.`;
           const errorMessage = `Decoding ${this.tokenInfo.jwtName} failed. Make sure you passed ` +

src/remote-config/remote-config-api-client-internal.ts

@@ -110,7 +110,7 @@ export class RemoteConfigApiClient {
   public publishTemplate(template: RemoteConfigTemplate, options?: { force: boolean }): Promise<RemoteConfigTemplate> {
     template = this.validateInputRemoteConfigTemplate(template);
     let ifMatch: string = template.etag;
-    if (options && options.force == true) {
+    if (options && options.force === true) {
       // setting `If-Match: *` forces the Remote Config template to be updated
       // and circumvent the ETag, and the protection from that it provides.
       ifMatch = '*';
@@ -244,7 +244,7 @@ export class RemoteConfigApiClient {
    * @param {string} customEtag A custom etag to replace the etag fom the API response (Optional).
    */
   private toRemoteConfigTemplate(resp: HttpResponse, customEtag?: string): RemoteConfigTemplate {
-    const etag = (typeof customEtag == 'undefined') ? resp.headers['etag'] : customEtag;
+    const etag = (typeof customEtag === 'undefined') ? resp.headers['etag'] : customEtag;
     this.validateEtag(etag);
     return {
       conditions: resp.data.conditions,