@react-native-firebase/auth 18.6.2 → 18.7.1

package/CHANGELOG.md

@@ -3,6 +3,16 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [18.7.1](https://github.com/invertase/react-native-firebase/compare/v18.7.0...v18.7.1) (2023-11-29)
+
+**Note:** Version bump only for package @react-native-firebase/auth
+
+## [18.7.0](https://github.com/invertase/react-native-firebase/compare/v18.6.2...v18.7.0) (2023-11-28)
+
+### Features
+
+- **auth, oauth:** support native oauth providers ([#7443](https://github.com/invertase/react-native-firebase/issues/7443)) ([8461691](https://github.com/invertase/react-native-firebase/commit/8461691914386e3711bc52fa4198f7bb7b62baff))
+
 ## [18.6.2](https://github.com/invertase/react-native-firebase/compare/v18.6.1...v18.6.2) (2023-11-23)
 
 ### Bug Fixes

package/android/src/main/java/io/invertase/firebase/auth/ReactNativeFirebaseAuthModule.java

@@ -26,10 +26,13 @@ import com.facebook.react.bridge.Arguments;
 import com.facebook.react.bridge.Promise;
 import com.facebook.react.bridge.ReactApplicationContext;
 import com.facebook.react.bridge.ReactMethod;
+import com.facebook.react.bridge.ReadableArray;
 import com.facebook.react.bridge.ReadableMap;
+import com.facebook.react.bridge.ReadableMapKeySetIterator;
 import com.facebook.react.bridge.WritableArray;
 import com.facebook.react.bridge.WritableMap;
 import com.google.android.gms.tasks.OnCompleteListener;
+import com.google.android.gms.tasks.Task;
 import com.google.firebase.FirebaseApp;
 import com.google.firebase.FirebaseException;
 import com.google.firebase.FirebaseNetworkException;
@@ -877,6 +880,72 @@ class ReactNativeFirebaseAuthModule extends ReactNativeFirebaseModule {
     }
   }
 
+  @ReactMethod
+  private void signInWithProvider(String appName, ReadableMap provider, final Promise promise) {
+    FirebaseApp firebaseApp = FirebaseApp.getInstance(appName);
+    FirebaseAuth firebaseAuth = FirebaseAuth.getInstance(firebaseApp);
+
+    if (provider.getString("providerId") == null) {
+      rejectPromiseWithCodeAndMessage(
+          promise,
+          "invalid-credential",
+          "The supplied auth credential is malformed, has expired or is not currently supported.");
+      return;
+    }
+
+    OAuthProvider.Builder builder = OAuthProvider.newBuilder(provider.getString("providerId"));
+    // Add scopes if present
+    if (provider.hasKey("scopes")) {
+      ReadableArray scopes = provider.getArray("scopes");
+      if (scopes != null) {
+        List<String> scopeList = new ArrayList<>();
+        for (int i = 0; i < scopes.size(); i++) {
+          String scope = scopes.getString(i);
+          scopeList.add(scope);
+        }
+        builder.setScopes(scopeList);
+      }
+    }
+    // Add custom parameters if present
+    if (provider.hasKey("customParameters")) {
+      ReadableMap customParameters = provider.getMap("customParameters");
+      if (customParameters != null) {
+        ReadableMapKeySetIterator iterator = customParameters.keySetIterator();
+        while (iterator.hasNextKey()) {
+          String key = iterator.nextKey();
+          builder.addCustomParameter(key, customParameters.getString(key));
+        }
+      }
+    }
+    Task<AuthResult> pendingResultTask = firebaseAuth.getPendingAuthResult();
+    if (pendingResultTask != null) {
+      pendingResultTask
+          .addOnSuccessListener(
+              authResult -> {
+                Log.d(TAG, "signInWithProvider:success");
+                promiseWithAuthResult(authResult, promise);
+              })
+          .addOnFailureListener(
+              e -> {
+                Log.d(TAG, "signInWithProvider:failure", e);
+                promiseRejectAuthException(promise, e);
+              });
+    } else {
+      firebaseAuth
+          .startActivityForSignInWithProvider(getCurrentActivity(), builder.build())
+          .addOnSuccessListener(
+              authResult -> {
+                Log.d(TAG, "signInWithProvider:success");
+                promiseWithAuthResult(authResult, promise);
+              })
+          .addOnFailureListener(
+              e -> {
+                Log.d(TAG, "signInWithProvider:failure", e);
+                promiseRejectAuthException(promise, e);
+              });
+    }
+  }
+
   /**
    * signInWithPhoneNumber
    *
@@ -1527,6 +1596,85 @@ class ReactNativeFirebaseAuthModule extends ReactNativeFirebaseModule {
     }
   }
 
+  /**
+   * linkWithProvider
+   *
+   * @param provider
+   * @param promise
+   */
+  @ReactMethod
+  private void linkWithProvider(String appName, ReadableMap provider, final Promise promise) {
+    FirebaseApp firebaseApp = FirebaseApp.getInstance(appName);
+    FirebaseAuth firebaseAuth = FirebaseAuth.getInstance(firebaseApp);
+
+    if (provider.getString("providerId") == null) {
+      rejectPromiseWithCodeAndMessage(
+          promise,
+          "invalid-credential",
+          "The supplied auth credential is malformed, has expired or is not currently supported.");
+      return;
+    }
+
+    FirebaseUser user = firebaseAuth.getCurrentUser();
+    Log.d(TAG, "linkWithProvider");
+
+    if (user == null) {
+      promiseNoUser(promise, true);
+      return;
+    }
+
+    OAuthProvider.Builder builder = OAuthProvider.newBuilder(provider.getString("providerId"));
+    // Add scopes if present
+    if (provider.hasKey("scopes")) {
+      ReadableArray scopes = provider.getArray("scopes");
+      if (scopes != null) {
+        List<String> scopeList = new ArrayList<>();
+        for (int i = 0; i < scopes.size(); i++) {
+          String scope = scopes.getString(i);
+          scopeList.add(scope);
+        }
+        builder.setScopes(scopeList);
+      }
+    }
+    // Add custom parameters if present
+    if (provider.hasKey("customParameters")) {
+      ReadableMap customParameters = provider.getMap("customParameters");
+      if (customParameters != null) {
+        ReadableMapKeySetIterator iterator = customParameters.keySetIterator();
+        while (iterator.hasNextKey()) {
+          String key = iterator.nextKey();
+          builder.addCustomParameter(key, customParameters.getString(key));
+        }
+      }
+    }
+    Task<AuthResult> pendingResultTask = firebaseAuth.getPendingAuthResult();
+    if (pendingResultTask != null) {
+      pendingResultTask
+          .addOnSuccessListener(
+              authResult -> {
+                Log.d(TAG, "linkWithProvider:success");
+                promiseWithAuthResult(authResult, promise);
+              })
+          .addOnFailureListener(
+              e -> {
+                Log.d(TAG, "linkWithProvider:failure", e);
+                promiseRejectAuthException(promise, e);
+              });
+    } else {
+      user.startActivityForLinkWithProvider(getCurrentActivity(), builder.build())
+          .addOnSuccessListener(
+              authResult -> {
+                Log.d(TAG, "linkWithProvider:success");
+                promiseWithAuthResult(authResult, promise);
+              })
+          .addOnFailureListener(
+              e -> {
+                Log.d(TAG, "linkWithProvider:failure", e);
+                promiseRejectAuthException(promise, e);
+              });
+    }
+  }
+
   @ReactMethod
   public void unlink(final String appName, final String providerId, final Promise promise) {
     FirebaseApp firebaseApp = FirebaseApp.getInstance(appName);
@@ -1590,6 +1738,86 @@ class ReactNativeFirebaseAuthModule extends ReactNativeFirebaseModule {
     }
   }
 
+  /**
+   * reauthenticateWithProvider
+   *
+   * @param provider
+   * @param promise
+   */
+  @ReactMethod
+  private void reauthenticateWithProvider(
+      String appName, ReadableMap provider, final Promise promise) {
+    FirebaseApp firebaseApp = FirebaseApp.getInstance(appName);
+    FirebaseAuth firebaseAuth = FirebaseAuth.getInstance(firebaseApp);
+
+    if (provider.getString("providerId") == null) {
+      rejectPromiseWithCodeAndMessage(
+          promise,
+          "invalid-credential",
+          "The supplied auth credential is malformed, has expired or is not currently supported.");
+      return;
+    }
+
+    FirebaseUser user = firebaseAuth.getCurrentUser();
+    Log.d(TAG, "reauthenticateWithProvider");
+
+    if (user == null) {
+      promiseNoUser(promise, true);
+      return;
+    }
+
+    OAuthProvider.Builder builder = OAuthProvider.newBuilder(provider.getString("providerId"));
+    // Add scopes if present
+    if (provider.hasKey("scopes")) {
+      ReadableArray scopes = provider.getArray("scopes");
+      if (scopes != null) {
+        List<String> scopeList = new ArrayList<>();
+        for (int i = 0; i < scopes.size(); i++) {
+          String scope = scopes.getString(i);
+          scopeList.add(scope);
+        }
+        builder.setScopes(scopeList);
+      }
+    }
+    // Add custom parameters if present
+    if (provider.hasKey("customParameters")) {
+      ReadableMap customParameters = provider.getMap("customParameters");
+      if (customParameters != null) {
+        ReadableMapKeySetIterator iterator = customParameters.keySetIterator();
+        while (iterator.hasNextKey()) {
+          String key = iterator.nextKey();
+          builder.addCustomParameter(key, customParameters.getString(key));
+        }
+      }
+    }
+    Task<AuthResult> pendingResultTask = firebaseAuth.getPendingAuthResult();
+    if (pendingResultTask != null) {
+      pendingResultTask
+          .addOnSuccessListener(
+              authResult -> {
+                Log.d(TAG, "reauthenticateWithProvider:success");
+                promiseWithAuthResult(authResult, promise);
+              })
+          .addOnFailureListener(
+              e -> {
+                Log.d(TAG, "reauthenticateWithProvider:failure", e);
+                promiseRejectAuthException(promise, e);
+              });
+    } else {
+      user.startActivityForReauthenticateWithProvider(getCurrentActivity(), builder.build())
+          .addOnSuccessListener(
+              authResult -> {
+                Log.d(TAG, "reauthenticateWithProvider:success");
+                promiseWithAuthResult(authResult, promise);
+              })
+          .addOnFailureListener(
+              e -> {
+                Log.d(TAG, "reauthenticateWithProvider:failure", e);
+                promiseRejectAuthException(promise, e);
+              });
+    }
+  }
+
   /** Returns an instance of AuthCredential for the specified provider */
   private AuthCredential getCredentialForProvider(
       String provider, String authToken, String authSecret) {

package/ios/RNFBAuth/RNFBAuthModule.m

@@ -571,6 +571,63 @@ RCT_EXPORT_METHOD(signInWithCredential
                 }];
 }
 
+RCT_EXPORT_METHOD(signInWithProvider
+                  : (FIRApp *)firebaseApp
+                  : (NSDictionary *)provider
+                  : (RCTPromiseResolveBlock)resolve
+                  : (RCTPromiseRejectBlock)reject) {
+  NSString *providerId = provider[@"providerId"];
+  if (providerId == nil) {
+    [RNFBSharedUtils rejectPromiseWithUserInfo:reject
+                                      userInfo:(NSMutableDictionary *)@{
+                                        @"code" : @"invalid-credential",
+                                        @"message" : @"The supplied auth credential is malformed, "
+                                                     @"has expired or is not currently supported.",
+                                      }];
+  }
+
+  __block FIROAuthProvider *builder = [FIROAuthProvider providerWithProviderID:providerId];
+  // Add scopes if present
+  if (provider[@"scopes"]) {
+    [builder setScopes:provider[@"scopes"]];
+  }
+  // Add custom parameters if present
+  if (provider[@"customParameters"]) {
+    [builder setCustomParameters:provider[@"customParameters"]];
+  }
+
+  [builder getCredentialWithUIDelegate:nil
+                            completion:^(FIRAuthCredential *_Nullable credential,
+                                         NSError *_Nullable error) {
+                              if (error) {
+                                [self promiseRejectAuthException:reject error:error];
+                                return;
+                              }
+                              if (credential) {
+                                [[FIRAuth auth]
+                                    signInWithCredential:credential
+                                              completion:^(FIRAuthDataResult *_Nullable authResult,
+                                                           NSError *_Nullable error) {
+                                                if (error) {
+                                                  [self promiseRejectAuthException:reject
+                                                                             error:error];
+                                                  return;
+                                                }
+
+                                                // NOTE: This variable has NO PURPOSE AT ALL, it is
+                                                // only to keep a strong reference to the builder
+                                                // variable so it is not deallocated prematurely by
+                                                // ARC.
+                                                NSString *providerID = builder.providerID;
+
+                                                [self promiseWithAuthResult:resolve
+                                                                   rejecter:reject
+                                                                 authResult:authResult];
+                                              }];
+                              }
+                            }];
+}
+
 RCT_EXPORT_METHOD(confirmPasswordReset
                   : (FIRApp *)firebaseApp
                   : (NSString *)code
@@ -983,6 +1040,68 @@ RCT_EXPORT_METHOD(linkWithCredential
   }
 }
 
+RCT_EXPORT_METHOD(linkWithProvider
+                  : (FIRApp *)firebaseApp
+                  : (NSDictionary *)provider
+                  : (RCTPromiseResolveBlock)resolve
+                  : (RCTPromiseRejectBlock)reject) {
+  NSString *providerId = provider[@"providerId"];
+  if (providerId == nil) {
+    [RNFBSharedUtils rejectPromiseWithUserInfo:reject
+                                      userInfo:(NSMutableDictionary *)@{
+                                        @"code" : @"invalid-credential",
+                                        @"message" : @"The supplied auth credential is malformed, "
+                                                     @"has expired or is not currently supported.",
+                                      }];
+  }
+
+  __block FIRUser *user = [FIRAuth authWithApp:firebaseApp].currentUser;
+  if (user == nil) {
+    [self promiseNoUser:resolve rejecter:reject isError:YES];
+    return;
+  }
+
+  __block FIROAuthProvider *builder = [FIROAuthProvider providerWithProviderID:providerId];
+  // Add scopes if present
+  if (provider[@"scopes"]) {
+    [builder setScopes:provider[@"scopes"]];
+  }
+  // Add custom parameters if present
+  if (provider[@"parameters"]) {
+    [builder setCustomParameters:provider[@"parameters"]];
+  }
+
+  [builder getCredentialWithUIDelegate:nil
+                            completion:^(FIRAuthCredential *_Nullable credential,
+                                         NSError *_Nullable error) {
+                              if (error) {
+                                [self promiseRejectAuthException:reject error:error];
+                                return;
+                              }
+                              if (credential) {
+                                [user linkWithCredential:credential
+                                              completion:^(FIRAuthDataResult *_Nullable authResult,
+                                                           NSError *_Nullable error) {
+                                                if (error) {
+                                                  [self promiseRejectAuthException:reject
+                                                                             error:error];
+                                                  return;
+                                                }
+
+                                                // NOTE: This variable has NO PURPOSE AT ALL, it is
+                                                // only to keep a strong reference to the builder
+                                                // variable so it is not deallocated prematurely by
+                                                // ARC.
+                                                NSString *providerID = builder.providerID;
+
+                                                [self promiseWithAuthResult:resolve
+                                                                   rejecter:reject
+                                                                 authResult:authResult];
+                                              }];
+                              }
+                            }];
+}
+
 RCT_EXPORT_METHOD(unlink
                   : (FIRApp *)firebaseApp
                   : (NSString *)providerId
@@ -1043,6 +1162,69 @@ RCT_EXPORT_METHOD(reauthenticateWithCredential
   }
 }
 
+RCT_EXPORT_METHOD(reauthenticateWithProvider
+                  : (FIRApp *)firebaseApp
+                  : (NSDictionary *)provider
+                  : (RCTPromiseResolveBlock)resolve
+                  : (RCTPromiseRejectBlock)reject) {
+  NSString *providerId = provider[@"providerId"];
+  if (providerId == nil) {
+    [RNFBSharedUtils rejectPromiseWithUserInfo:reject
+                                      userInfo:(NSMutableDictionary *)@{
+                                        @"code" : @"invalid-credential",
+                                        @"message" : @"The supplied auth credential is malformed, "
+                                                     @"has expired or is not currently supported.",
+                                      }];
+  }
+
+  __block FIRUser *user = [FIRAuth authWithApp:firebaseApp].currentUser;
+  if (user == nil) {
+    [self promiseNoUser:resolve rejecter:reject isError:YES];
+    return;
+  }
+
+  __block FIROAuthProvider *builder = [FIROAuthProvider providerWithProviderID:providerId];
+  // Add scopes if present
+  if (provider[@"scopes"]) {
+    [builder setScopes:provider[@"scopes"]];
+  }
+  // Add custom parameters if present
+  if (provider[@"parameters"]) {
+    [builder setCustomParameters:provider[@"parameters"]];
+  }
+
+  [builder getCredentialWithUIDelegate:nil
+                            completion:^(FIRAuthCredential *_Nullable credential,
+                                         NSError *_Nullable error) {
+                              if (error) {
+                                [self promiseRejectAuthException:reject error:error];
+                                return;
+                              }
+                              if (credential) {
+                                [user reauthenticateWithCredential:credential
+                                                        completion:^(
+                                                            FIRAuthDataResult *_Nullable authResult,
+                                                            NSError *_Nullable error) {
+                                                          if (error) {
+                                                            [self promiseRejectAuthException:reject
+                                                                                       error:error];
+                                                            return;
+                                                          }
+
+                                                          // NOTE: This variable has NO PURPOSE AT
+                                                          // ALL, it is only to keep a strong
+                                                          // reference to the builder variable so it
+                                                          // is not deallocated prematurely by ARC.
+                                                          NSString *providerID = builder.providerID;
+
+                                                          [self promiseWithAuthResult:resolve
+                                                                             rejecter:reject
+                                                                           authResult:authResult];
+                                                        }];
+                              }
+                            }];
+}
+
 RCT_EXPORT_METHOD(fetchSignInMethodsForEmail
                   : (FIRApp *)firebaseApp
                   : (NSString *)email

package/lib/User.js

@@ -96,12 +96,34 @@ export default class User {
       .then(userCredential => this._auth._setUserCredential(userCredential));
   }
 
+  linkWithPopup(provider) {
+    // call through to linkWithRedirect for shared implementation
+    return this.linkWithRedirect(provider);
+  }
+
+  linkWithRedirect(provider) {
+    return this._auth.native
+      .linkWithProvider(provider.toObject())
+      .then(userCredential => this._auth._setUserCredential(userCredential));
+  }
+
   reauthenticateWithCredential(credential) {
     return this._auth.native
       .reauthenticateWithCredential(credential.providerId, credential.token, credential.secret)
       .then(userCredential => this._auth._setUserCredential(userCredential));
   }
 
+  reauthenticateWithPopup(provider) {
+    // call through to reauthenticateWithRedirect for shared implementation
+    return this.reauthenticateWithRedirect(provider);
+  }
+
+  reauthenticateWithRedirect(provider) {
+    return this._auth.native
+      .reauthenticateWithProvider(provider.toObject())
+      .then(userCredential => this._auth._setUserCredential(userCredential));
+  }
+
   reload() {
     return this._auth.native.reload().then(user => {
       this._auth._setUser(user);
@@ -310,36 +332,12 @@ export default class User {
     );
   }
 
-  linkWithPopup() {
-    throw new Error(
-      'firebase.auth.User.linkWithPopup() is unsupported by the native Firebase SDKs.',
-    );
-  }
-
-  linkWithRedirect() {
-    throw new Error(
-      'firebase.auth.User.linkWithRedirect() is unsupported by the native Firebase SDKs.',
-    );
-  }
-
   reauthenticateWithPhoneNumber() {
     throw new Error(
       'firebase.auth.User.reauthenticateWithPhoneNumber() is unsupported by the native Firebase SDKs.',
     );
   }
 
-  reauthenticateWithPopup() {
-    throw new Error(
-      'firebase.auth.User.reauthenticateWithPopup() is unsupported by the native Firebase SDKs.',
-    );
-  }
-
-  reauthenticateWithRedirect() {
-    throw new Error(
-      'firebase.auth.User.reauthenticateWithRedirect() is unsupported by the native Firebase SDKs.',
-    );
-  }
-
   get refreshToken() {
     throw new Error('firebase.auth.User.refreshToken is unsupported by the native Firebase SDKs.');
   }

package/lib/index.d.ts

@@ -109,6 +109,52 @@ export namespace FirebaseAuthTypes {
     credential: (token: string | null, secret?: string) => AuthCredential;
   }
 
+  /**
+   * Interface that represents an OAuth provider. Implemented by other providers.
+   */
+  export interface OAuthProvider {
+    /**
+     * The provider ID of the provider.
+     * @param providerId
+     */
+    // eslint-disable-next-line @typescript-eslint/no-misused-new
+    new (providerId: string): AuthProvider;
+    /**
+     * Creates a new `AuthCredential`.
+     *
+     * @returns {@link auth.AuthCredential}.
+     * @param token A provider token.
+     * @param secret A provider secret.
+     */
+    credential: (token: string | null, secret?: string) => AuthCredential;
+    /**
+     * Sets the OAuth custom parameters to pass in an OAuth request for sign-in
+     * operations.
+     *
+     * @remarks
+     * For a detailed list, check the reserved required OAuth 2.0 parameters such as `client_id`,
+     * `redirect_uri`, `scope`, `response_type`, and `state` are not allowed and will be ignored.
+     *
+     * @param customOAuthParameters - The custom OAuth parameters to pass in the OAuth request.
+     */
+    setCustomParameters: (customOAuthParameters: Record<string, string>) => AuthProvider;
+    /**
+     * Retrieve the current list of custom parameters.
+     * @returns The current map of OAuth custom parameters.
+     */
+    getCustomParameters: () => Record<string, string>;
+    /**
+     * Add an OAuth scope to the credential.
+     *
+     * @param scope - Provider OAuth scope to add.
+     */
+    addScope: (scope: string) => AuthProvider;
+    /**
+     * Retrieve the current list of OAuth scopes.
+     */
+    getScopes: () => string[];
+  }
+
   /**
    * Interface that represents an Open ID Connect auth provider. Implemented by other providers.
    */
@@ -315,7 +361,7 @@ export namespace FirebaseAuthTypes {
      * firebase.auth.OAuthProvider;
      * ```
      */
-    OAuthProvider: AuthProvider;
+    OAuthProvider: OAuthProvider;
     /**
      * Custom Open ID connect auth provider implementation.
      *
@@ -1212,6 +1258,58 @@ export namespace FirebaseAuthTypes {
      */
     linkWithCredential(credential: AuthCredential): Promise<UserCredential>;
 
+    /**
+     * Link the user with a federated 3rd party credential provider (Microsoft, Yahoo).
+     * The APIs here are the web-compatible linkWithPopup and linkWithRedirect but both
+     * share the same underlying native SDK behavior and may be used interchangably.
+     *
+     * #### Example
+     *
+     * ```js
+     * const provider = new firebase.auth.OAuthProvider('microsoft.com');
+     * const userCredential = await firebase.auth().currentUser.linkWithPopup(provider);
+     * ```
+     *
+     * @error auth/provider-already-linked Thrown if the provider has already been linked to the user. This error is thrown even if this is not the same provider's account that is currently linked to the user.
+     * @error auth/invalid-credential Thrown if the provider's credential is not valid. This can happen if it has already expired when calling link, or if it used invalid token(s). See the Firebase documentation for your provider, and make sure you pass in the correct parameters to the credential method.
+     * @error auth/credential-already-in-use Thrown if the account corresponding to the credential already exists among your users, or is already linked to a Firebase User.
+     * @error auth/email-already-in-use Thrown if the email corresponding to the credential already exists among your users.
+     * @error auth/operation-not-allowed Thrown if you have not enabled the provider in the Firebase Console. Go to the Firebase Console for your project, in the Auth section and the Sign in Method tab and configure the provider.
+     * @error auth/invalid-email Thrown if the email used in a auth.EmailAuthProvider.credential is invalid.
+     * @error auth/wrong-password Thrown if the password used in a auth.EmailAuthProvider.credential is not correct or when the user associated with the email does not have a password.
+     * @error auth/invalid-verification-code Thrown if the credential is a auth.PhoneAuthProvider.credential and the verification code of the credential is not valid.
+     * @error auth/invalid-verification-id Thrown if the credential is a auth.PhoneAuthProvider.credential and the verification ID of the credential is not valid.
+     * @throws on iOS {@link auth.NativeFirebaseAuthError}, on Android {@link auth.NativeFirebaseError}
+     * @param provider A created {@link auth.AuthProvider}.
+     */
+    linkWithPopup(provider: AuthProvider): Promise<UserCredential>;
+
+    /**
+     * Link the user with a federated 3rd party credential provider (Microsoft, Yahoo).
+     * The APIs here are the web-compatible linkWithPopup and linkWithRedirect but both
+     * share the same underlying native SDK behavior and may be used interchangably.
+     *
+     * #### Example
+     *
+     * ```js
+     * const provider = new firebase.auth.OAuthProvider('microsoft.com');
+     * const userCredential = await firebase.auth().currentUser.linkWithRedirect(provider);
+     * ```
+     *
+     * @error auth/provider-already-linked Thrown if the provider has already been linked to the user. This error is thrown even if this is not the same provider's account that is currently linked to the user.
+     * @error auth/invalid-credential Thrown if the provider's credential is not valid. This can happen if it has already expired when calling link, or if it used invalid token(s). See the Firebase documentation for your provider, and make sure you pass in the correct parameters to the credential method.
+     * @error auth/credential-already-in-use Thrown if the account corresponding to the credential already exists among your users, or is already linked to a Firebase User.
+     * @error auth/email-already-in-use Thrown if the email corresponding to the credential already exists among your users.
+     * @error auth/operation-not-allowed Thrown if you have not enabled the provider in the Firebase Console. Go to the Firebase Console for your project, in the Auth section and the Sign in Method tab and configure the provider.
+     * @error auth/invalid-email Thrown if the email used in a auth.EmailAuthProvider.credential is invalid.
+     * @error auth/wrong-password Thrown if the password used in a auth.EmailAuthProvider.credential is not correct or when the user associated with the email does not have a password.
+     * @error auth/invalid-verification-code Thrown if the credential is a auth.PhoneAuthProvider.credential and the verification code of the credential is not valid.
+     * @error auth/invalid-verification-id Thrown if the credential is a auth.PhoneAuthProvider.credential and the verification ID of the credential is not valid.
+     * @throws on iOS {@link auth.NativeFirebaseAuthError}, on Android {@link auth.NativeFirebaseError}
+     * @param provider A created {@link auth.AuthProvider}.
+     */
+    linkWithRedirect(provider: AuthProvider): Promise<UserCredential>;
+
     /**
      * Re-authenticate a user with a third-party authentication provider.
      *
@@ -1233,6 +1331,27 @@ export namespace FirebaseAuthTypes {
      */
     reauthenticateWithCredential(credential: AuthCredential): Promise<UserCredential>;
 
+    /**
+     * Re-authenticate a user with a federated authentication provider (Microsoft, Yahoo)
+     *
+     * #### Example
+     *
+     * ```js
+     * const provider = new firebase.auth.OAuthProvider('microsoft.com');
+     * const userCredential = await firebase.auth().currentUser.reauthenticateWithProvider(provider);
+     * ```
+     *
+     * @error auth/user-mismatch Thrown if the credential given does not correspond to the user.
+     * @error auth/user-not-found Thrown if the credential given does not correspond to any existing user.
+     * @error auth/invalid-credential Thrown if the provider's credential is not valid. This can happen if it has already expired when calling link, or if it used invalid token(s). See the Firebase documentation for your provider, and make sure you pass in the correct parameters to the credential method.
+     * @error auth/invalid-email Thrown if the email used in a auth.EmailAuthProvider.credential is invalid.
+     * @error auth/wrong-password Thrown if the password used in a auth.EmailAuthProvider.credential is not correct or when the user associated with the email does not have a password.
+     * @error auth/invalid-verification-code Thrown if the credential is a auth.PhoneAuthProvider.credential and the verification code of the credential is not valid.
+     * @error auth/invalid-verification-id Thrown if the credential is a auth.PhoneAuthProvider.credential and the verification ID of the credential is not valid.
+     * @param provider A created {@link auth.AuthProvider}.
+     */
+    reauthenticateWithProvider(provider: AuthProvider): Promise<UserCredential>;
+
     /**
      * Refreshes the current user.
      *
@@ -1722,6 +1841,56 @@ export namespace FirebaseAuthTypes {
      */
     signInWithCredential(credential: AuthCredential): Promise<UserCredential>;
 
+    /**
+     * Signs the user in with a specified provider. This is a web-compatible API along with signInWithRedirect.
+     * They both share the same call to the underlying native SDK signInWithProvider method.
+     *
+     * #### Example
+     *
+     * ```js
+     * // create a new OAuthProvider
+     * const provider = firebase.auth.OAuthProvider('microsoft.com');
+     * // Sign the user in with the provider
+     * const userCredential = await firebase.auth().signInWithPopup(provider);
+     * ```
+     *
+     * @error auth/account-exists-with-different-credential Thrown if there already exists an account with the email address asserted by the credential.
+     * @error auth/invalid-credential Thrown if the credential is malformed or has expired.
+     * @error auth/operation-not-allowed Thrown if the type of account corresponding to the credential is not enabled. Enable the account type in the Firebase Console, under the Auth tab.
+     * @error auth/user-disabled Thrown if the user corresponding to the given credential has been disabled.
+     * @error auth/user-not-found Thrown if signing in with a credential from firebase.auth.EmailAuthProvider.credential and there is no user corresponding to the given email.
+     * @error auth/wrong-password Thrown if signing in with a credential from firebase.auth.EmailAuthProvider.credential and the password is invalid for the given email, or if the account corresponding to the email does not have a password set.
+     * @error auth/invalid-verification-code Thrown if the credential is a firebase.auth.PhoneAuthProvider.credential and the verification code of the credential is not valid.
+     * @error auth/invalid-verification-id Thrown if the credential is a firebase.auth.PhoneAuthProvider.credential and the verification ID of the credential is not valid.
+     * @param provider An `AuthProvider` configured for your desired provider, e.g. "microsoft.com"
+     */
+    signInWithPopup(provider: AuthProvider): Promise<UserCredential>;
+
+    /**
+     * Signs the user in with a specified provider. This is a web-compatible API along with signInWithPopup.
+     * They both share the same call to the underlying native SDK signInWithProvider method.
+     *
+     * #### Example
+     *
+     * ```js
+     * // create a new OAuthProvider
+     * const provider = firebase.auth.OAuthProvider('microsoft.com');
+     * // Sign the user in with the provider
+     * const userCredential = await firebase.auth().signInWithRedirect(provider);
+     * ```
+     *
+     * @error auth/account-exists-with-different-credential Thrown if there already exists an account with the email address asserted by the credential.
+     * @error auth/invalid-credential Thrown if the credential is malformed or has expired.
+     * @error auth/operation-not-allowed Thrown if the type of account corresponding to the credential is not enabled. Enable the account type in the Firebase Console, under the Auth tab.
+     * @error auth/user-disabled Thrown if the user corresponding to the given credential has been disabled.
+     * @error auth/user-not-found Thrown if signing in with a credential from firebase.auth.EmailAuthProvider.credential and there is no user corresponding to the given email.
+     * @error auth/wrong-password Thrown if signing in with a credential from firebase.auth.EmailAuthProvider.credential and the password is invalid for the given email, or if the account corresponding to the email does not have a password set.
+     * @error auth/invalid-verification-code Thrown if the credential is a firebase.auth.PhoneAuthProvider.credential and the verification code of the credential is not valid.
+     * @error auth/invalid-verification-id Thrown if the credential is a firebase.auth.PhoneAuthProvider.credential and the verification ID of the credential is not valid.
+     * @param provider An `AuthProvider` configured for your desired provider, e.g. "microsoft.com"
+     */
+    signInWithRedirect(provider: AuthProvider): Promise<UserCredential>;
+
     /**
      * Revokes a user's Sign in with Apple token.
      *
@@ -1738,6 +1907,41 @@ export namespace FirebaseAuthTypes {
      */
     revokeToken(authorizationCode: string): Promise<void>;
 
+    /**
+     * Signs the user in with a federated OAuth provider supported by Firebase (Microsoft, Yahoo).
+     *
+     * From Firebase Docs:
+     * Unlike other OAuth providers supported by Firebase such as Google, Facebook, and Twitter, where
+     * sign-in can directly be achieved with OAuth access token based credentials, Firebase Auth does not
+     * support the same capability for providers such as Microsoft due to the inability of the Firebase Auth
+     * server to verify the audience of Microsoft OAuth access tokens.
+     *
+     * #### Example
+     * ```js
+     * // Generate an OAuth instance
+     * const provider = new firebase.auth.OAuthProvider('microsoft.com');
+     * // Optionally add scopes to the OAuth instance
+     * provider.addScope('mail.read');
+     * // Optionally add custom parameters to the OAuth instance
+     * provider.setCustomParameters({
+     *  prompt: 'consent',
+     * });
+     * // Sign in using the OAuth provider
+     * const userCredential = await firebase.auth().signInWithProvider(provider);
+     * ```
+     *
+     * @error auth/account-exists-with-different-credential Thrown if there already exists an account with the email address asserted by the credential.
+     * @error auth/invalid-credential Thrown if the credential is malformed or has expired.
+     * @error auth/operation-not-allowed Thrown if the type of account corresponding to the credential is not enabled. Enable the account type in the Firebase Console, under the Auth tab.
+     * @error auth/user-disabled Thrown if the user corresponding to the given credential has been disabled.
+     * @error auth/user-not-found Thrown if signing in with a credential from firebase.auth.EmailAuthProvider.credential and there is no user corresponding to the given email.
+     * @error auth/wrong-password Thrown if signing in with a credential from firebase.auth.EmailAuthProvider.credential and the password is invalid for the given email, or if the account corresponding to the email does not have a password set.
+     * @error auth/invalid-verification-code Thrown if the credential is a firebase.auth.PhoneAuthProvider.credential and the verification code of the credential is not valid.
+     * @error auth/invalid-verification-id Thrown if the credential is a firebase.auth.PhoneAuthProvider.credential and the verification ID of the credential is not valid.
+     * @param provider A generated `AuthProvider`, for example from social auth.
+     */
+    signInWithProvider(provider: AuthProvider): Promise<UserCredential>;
+
     /**
      * Sends a password reset email to the given email address.
      * Unlike the web SDK, the email will contain a password reset link rather than a code.

package/lib/index.js

@@ -433,16 +433,16 @@ class FirebaseAuthModule extends FirebaseModule {
     throw new Error('firebase.auth().setPersistence() is unsupported by the native Firebase SDKs.');
   }
 
-  signInWithPopup() {
-    throw new Error(
-      'firebase.auth().signInWithPopup() is unsupported by the native Firebase SDKs.',
-    );
+  signInWithPopup(provider) {
+    return this.native
+      .signInWithProvider(provider.toObject())
+      .then(userCredential => this._setUserCredential(userCredential));
   }
 
-  signInWithRedirect() {
-    throw new Error(
-      'firebase.auth().signInWithRedirect() is unsupported by the native Firebase SDKs.',
-    );
+  signInWithRedirect(provider) {
+    return this.native
+      .signInWithProvider(provider.toObject())
+      .then(userCredential => this._setUserCredential(userCredential));
   }
 
   // firebase issue - https://github.com/invertase/react-native-firebase/pull/655#issuecomment-349904680

package/lib/modular/index.js

@@ -264,14 +264,16 @@ export function verifyPhoneNumber(auth, phoneNumber, autoVerifyTimeoutOrForceRes
 Authenticates a Firebase client using a popup-based OAuth authentication flow.
 */
 export async function signInWithPopup(auth, provider, resolver) {
-  throw new Error('signInWithPopup is unsupported by the native Firebase SDKs');
+  const _auth = _getUnderlyingAuth(auth);
+  return _auth.signInWithPopup(provider, resolver);
 }
 
 /*
 Authenticates a Firebase client using a full-page redirect flow.
 */
 export async function signInWithRedirect(auth, provider, resolver) {
-  throw new Error('signInWithRedirect is unsupported by the native Firebase SDKs');
+  const _auth = _getUnderlyingAuth(auth);
+  return _auth.signInWithRedirect(provider, resolver);
 }
 
 /*
@@ -358,14 +360,14 @@ export async function linkWithPhoneNumber(user, phoneNumber, appVerifier) {
  * Links the authenticated provider to the user account using a pop-up based OAuth flow.
  */
 export async function linkWithPopup(user, provider, resolver) {
-  throw new Error('linkWithPopup is unsupported by the native Firebase SDKs');
+  return user.linkWithPopup(provider, resolver);
 }
 
 /*
  * Links the OAuthProvider to the user account using a full-page redirect flow.
  */
 export async function linkWithRedirect(user, provider, resolver) {
-  throw new Error('linkWithRedirect is unsupported by the native Firebase SDKs');
+  return user.linkWithRedirect(provider, resolver);
 }
 
 /*
@@ -393,14 +395,14 @@ export async function reauthenticateWithPhoneNumber(user, phoneNumber, appVerifi
  * Reauthenticates the current user with the specified OAuthProvider using a pop-up based OAuth flow.
  */
 export async function reauthenticateWithPopup(user, provider, resolver) {
-  throw new Error('reauthenticateWithPopup is unsupported by the native Firebase SDKs');
+  return user.reauthenticateWithPopup(provider, resolver);
 }
 
 /*
  * Reauthenticates the current user with the specified OAuthProvider using a full-page redirect flow.
  */
 export async function reauthenticateWithRedirect(user, provider, resolver) {
-  throw new Error('reauthenticateWithRedirect is unsupported by the native Firebase SDKs');
+  return user.reauthenticateWithRedirect(provider, resolver);
 }
 
 /*

package/lib/providers/OAuthProvider.js

@@ -15,22 +15,56 @@
  *
  */
 
-const providerId = 'oauth';
-
 export default class OAuthProvider {
-  constructor() {
-    throw new Error('`new OAuthProvider()` is not supported on the native Firebase SDKs.');
-  }
+  /** @internal */
+  #providerId = null;
+  /** @internal */
+  #customParameters = {};
+  /** @internal */
+  #scopes = [];
 
-  static get PROVIDER_ID() {
-    return providerId;
+  constructor(providerId) {
+    this.#providerId = providerId;
   }
 
   static credential(idToken, accessToken) {
     return {
       token: idToken,
       secret: accessToken,
-      providerId,
+      providerId: 'oauth',
+    };
+  }
+
+  get PROVIDER_ID() {
+    return this.#providerId;
+  }
+
+  setCustomParameters(customOAuthParameters) {
+    this.#customParameters = customOAuthParameters;
+    return this;
+  }
+
+  getCustomParameters() {
+    return this.#customParameters;
+  }
+
+  addScope(scope) {
+    if (!this.#scopes.includes(scope)) {
+      this.#scopes.push(scope);
+    }
+    return this;
+  }
+
+  getScopes() {
+    return [...this.#scopes];
+  }
+
+  /** @internal */
+  toObject() {
+    return {
+      providerId: this.#providerId,
+      scopes: this.#scopes,
+      customParameters: this.#customParameters,
     };
   }
 }

package/lib/version.js

@@ -1,2 +1,2 @@
 // Generated by genversion.
-module.exports = '18.6.2';
+module.exports = '18.7.1';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@react-native-firebase/auth",
-  "version": "18.6.2",
+  "version": "18.7.1",
   "author": "Invertase <oss@invertase.io> (http://invertase.io)",
   "description": "React Native Firebase - The authentication module provides an easy-to-use API to integrate an authentication workflow into new and existing applications. React Native Firebase provides access to all Firebase authentication methods and identity providers.",
   "main": "lib/index.js",
@@ -27,7 +27,7 @@
     "plist": "^3.1.0"
   },
   "peerDependencies": {
-    "@react-native-firebase/app": "18.6.2",
+    "@react-native-firebase/app": "18.7.1",
     "expo": ">=47.0.0"
   },
   "devDependencies": {
@@ -42,5 +42,5 @@
   "publishConfig": {
     "access": "public"
   },
-  "gitHead": "8673f3162667f5fd9f942ccac24cecbd18a79aa3"
+  "gitHead": "f8b7794db23185c8a934a3e3623e996ce282c1f7"
 }