@react-native-firebase/auth 23.5.0 → 23.7.0

package/CHANGELOG.md

@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [23.7.0](https://github.com/invertase/react-native-firebase/compare/v23.6.0...v23.7.0) (2025-12-08)
+
+### Features
+
+- **auth:** cache password policy per-app in validatePassword ([cc29117](https://github.com/invertase/react-native-firebase/commit/cc291171e076d00dfde1fef9d03242379e567af4))
+
+## [23.6.0](https://github.com/invertase/react-native-firebase/compare/v23.5.0...v23.6.0) (2025-12-08)
+
+### Bug Fixes
+
+- **auth, ios:** append openURL changes only once in Expo plugin ([#8763](https://github.com/invertase/react-native-firebase/issues/8763)) ([5f74256](https://github.com/invertase/react-native-firebase/commit/5f74256d2b470456206a3655ff6986198d016790))
+
 ## [23.5.0](https://github.com/invertase/react-native-firebase/compare/v23.4.1...v23.5.0) (2025-10-30)
 
 **Note:** Version bump only for package @react-native-firebase/auth

package/android/build.gradle

@@ -1,3 +1,4 @@
+import com.android.Version
 import io.invertase.gradle.common.PackageJson
 
 buildscript {
@@ -36,11 +37,8 @@ def jsonTargetSdk = appPackageJson['sdkVersions']['android']['targetSdk']
 def jsonCompileSdk = appPackageJson['sdkVersions']['android']['compileSdk']
 def coreVersionDetected = appPackageJson['version']
 def coreVersionRequired = packageJson['peerDependencies'][appPackageJson['name']]
-// Only log after build completed so log warning appears at the end
 if (coreVersionDetected != coreVersionRequired) {
-  gradle.buildFinished {
-    project.logger.warn("ReactNativeFirebase WARNING: NPM package '${packageJson['name']}' depends on '${appPackageJson['name']}' v${coreVersionRequired} but found v${coreVersionDetected}, this might cause build issues or runtime crashes.")
-  }
+  project.logger.warn("ReactNativeFirebase WARNING: NPM package '${packageJson['name']}' depends on '${appPackageJson['name']}' v${coreVersionRequired} but found v${coreVersionDetected}, this might cause build issues or runtime crashes.")
 }
 
 project.ext {
@@ -59,7 +57,7 @@ project.ext {
 }
 
 android {
-  def agpVersion = com.android.Version.ANDROID_GRADLE_PLUGIN_VERSION.tokenize('.')[0].toInteger()
+  def agpVersion = Version.ANDROID_GRADLE_PLUGIN_VERSION.tokenize('.')[0].toInteger()
   if (agpVersion >= 7) {
     namespace = 'io.invertase.firebase.auth'
   }

package/lib/index.js

@@ -51,6 +51,7 @@ import TwitterAuthProvider from './providers/TwitterAuthProvider';
 import { TotpSecret } from './TotpSecret';
 import version from './version';
 import fallBackModule from './web/RNFBAuthModule';
+import { PasswordPolicyMixin } from './password-policy/PasswordPolicyMixin';
 
 const PhoneAuthState = {
   CODE_SENT: 'sent',
@@ -103,6 +104,8 @@ class FirebaseAuthModule extends FirebaseModule {
     this._authResult = false;
     this._languageCode = this.native.APP_LANGUAGE[this.app._name];
     this._tenantId = null;
+    this._projectPasswordPolicy = null;
+    this._tenantPasswordPolicies = {};
 
     if (!this.languageCode) {
       this._languageCode = this.native.APP_LANGUAGE['[DEFAULT]'];
@@ -336,15 +339,45 @@ class FirebaseAuthModule extends FirebaseModule {
   }
 
   createUserWithEmailAndPassword(email, password) {
-    return this.native
-      .createUserWithEmailAndPassword(email, password)
-      .then(userCredential => this._setUserCredential(userCredential));
+    return (
+      this.native
+        .createUserWithEmailAndPassword(email, password)
+        .then(userCredential => this._setUserCredential(userCredential))
+        /* istanbul ignore next - native error handling cannot be unit tested */
+        .catch(error => {
+          if (error.code === 'auth/password-does-not-meet-requirements') {
+            return this._recachePasswordPolicy()
+              .catch(() => {
+                // Silently ignore recache failures - the original error matters more
+              })
+              .then(() => {
+                throw error;
+              });
+          }
+          throw error;
+        })
+    );
   }
 
   signInWithEmailAndPassword(email, password) {
-    return this.native
-      .signInWithEmailAndPassword(email, password)
-      .then(userCredential => this._setUserCredential(userCredential));
+    return (
+      this.native
+        .signInWithEmailAndPassword(email, password)
+        .then(userCredential => this._setUserCredential(userCredential))
+        /* istanbul ignore next - native error handling cannot be unit tested */
+        .catch(error => {
+          if (error.code === 'auth/password-does-not-meet-requirements') {
+            return this._recachePasswordPolicy()
+              .catch(() => {
+                // Silently ignore recache failures - the original error matters more
+              })
+              .then(() => {
+                throw error;
+              });
+          }
+          throw error;
+        })
+    );
   }
 
   signInWithCustomToken(customToken) {
@@ -382,7 +415,23 @@ class FirebaseAuthModule extends FirebaseModule {
   }
 
   confirmPasswordReset(code, newPassword) {
-    return this.native.confirmPasswordReset(code, newPassword);
+    return (
+      this.native
+        .confirmPasswordReset(code, newPassword)
+        /* istanbul ignore next - native error handling cannot be unit tested */
+        .catch(error => {
+          if (error.code === 'auth/password-does-not-meet-requirements') {
+            return this._recachePasswordPolicy()
+              .catch(() => {
+                // Silently ignore recache failures - the original error matters more
+              })
+              .then(() => {
+                throw error;
+              });
+          }
+          throw error;
+        })
+    );
   }
 
   applyActionCode(code) {
@@ -493,6 +542,9 @@ class FirebaseAuthModule extends FirebaseModule {
   }
 }
 
+// Apply password policy mixin to FirebaseAuthModule
+Object.assign(FirebaseAuthModule.prototype, PasswordPolicyMixin);
+
 // import { SDK_VERSION } from '@react-native-firebase/auth';
 export const SDK_VERSION = version;
 

package/lib/modular/index.js

@@ -16,8 +16,6 @@
  */
 
 import { getApp } from '@react-native-firebase/app';
-import { fetchPasswordPolicy } from '../password-policy/passwordPolicyApi';
-import { PasswordPolicyImpl } from '../password-policy/PasswordPolicyImpl';
 import { MultiFactorUser } from '../multiFactor';
 import { MODULAR_DEPRECATION_ARG } from '@react-native-firebase/app/lib/common';
 
@@ -637,15 +635,17 @@ export function getCustomAuthDomain(auth) {
  * @returns {Promise<PasswordValidationStatus>}
  */
 export async function validatePassword(auth, password) {
+  if (!auth || !auth.app) {
+    throw new Error(
+      "firebase.auth().validatePassword(*) 'auth' must be a valid Auth instance with an 'app' property. Received: undefined",
+    );
+  }
+
   if (password === null || password === undefined) {
     throw new Error(
       "firebase.auth().validatePassword(*) expected 'password' to be a non-null or a defined value.",
     );
   }
-  let passwordPolicy = await fetchPasswordPolicy(auth);
-
-  const passwordPolicyImpl = await new PasswordPolicyImpl(passwordPolicy);
-  let status = passwordPolicyImpl.validatePassword(password);
 
-  return status;
+  return auth.validatePassword.call(auth, password, MODULAR_DEPRECATION_ARG);
 }

package/lib/password-policy/PasswordPolicyMixin.js

@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 2016-present Invertase Limited & Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this library except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import { fetchPasswordPolicy } from './passwordPolicyApi';
+import { PasswordPolicyImpl } from './PasswordPolicyImpl';
+
+const EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION = 1;
+
+/**
+ * Password policy mixin - provides password policy caching and validation.
+ * Expects the target object to have: _tenantId, _projectPasswordPolicy,
+ * _tenantPasswordPolicies, and app.options.apiKey
+ */
+export const PasswordPolicyMixin = {
+  _getPasswordPolicyInternal() {
+    if (this._tenantId === null) {
+      return this._projectPasswordPolicy;
+    }
+    return this._tenantPasswordPolicies[this._tenantId];
+  },
+
+  async _updatePasswordPolicy() {
+    const response = await fetchPasswordPolicy(this);
+    const passwordPolicy = new PasswordPolicyImpl(response);
+    if (this._tenantId === null) {
+      this._projectPasswordPolicy = passwordPolicy;
+    } else {
+      this._tenantPasswordPolicies[this._tenantId] = passwordPolicy;
+    }
+  },
+
+  async _recachePasswordPolicy() {
+    if (this._getPasswordPolicyInternal()) {
+      await this._updatePasswordPolicy();
+    }
+  },
+
+  async validatePassword(password) {
+    if (!this._getPasswordPolicyInternal()) {
+      await this._updatePasswordPolicy();
+    }
+    const passwordPolicy = this._getPasswordPolicyInternal();
+
+    if (passwordPolicy.schemaVersion !== EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION) {
+      throw new Error(
+        'auth/unsupported-password-policy-schema-version: The password policy received from the backend uses a schema version that is not supported by this version of the SDK.',
+      );
+    }
+
+    return passwordPolicy.validatePassword(password);
+  },
+};

package/lib/password-policy/passwordPolicyApi.js

@@ -23,8 +23,6 @@
  * @throws {Error} Throws an error if the request fails or encounters an issue.
  */
 export async function fetchPasswordPolicy(auth) {
-  let schemaVersion = 1;
-
   try {
     // Identity toolkit API endpoint for password policy. Ensure this is enabled on Google cloud.
     const baseURL = 'https://identitytoolkit.googleapis.com/v2/passwordPolicy?key=';
@@ -37,19 +35,10 @@ export async function fetchPasswordPolicy(auth) {
         `firebase.auth().validatePassword(*) failed to fetch password policy from Firebase Console: ${response.statusText}. Details: ${errorDetails}`,
       );
     }
-    const passwordPolicy = await response.json();
-
-    if (passwordPolicy.schemaVersion !== schemaVersion) {
-      throw new Error(
-        `Password policy schema version mismatch. Expected: ${schemaVersion}, received: ${passwordPolicy.schemaVersion}`,
-      );
-    }
-    return passwordPolicy;
+    return await response.json();
   } catch (error) {
     throw new Error(
       `firebase.auth().validatePassword(*) Failed to fetch password policy: ${error.message}`,
     );
   }
 }
-
-module.exports = { fetchPasswordPolicy };

package/lib/version.js

@@ -1,2 +1,2 @@
 // Generated by genversion.
-module.exports = '23.5.0';
+module.exports = '23.7.0';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@react-native-firebase/auth",
-  "version": "23.5.0",
+  "version": "23.7.0",
   "author": "Invertase <oss@invertase.io> (http://invertase.io)",
   "description": "React Native Firebase - The authentication module provides an easy-to-use API to integrate an authentication workflow into new and existing applications. React Native Firebase provides access to all Firebase authentication methods and identity providers.",
   "main": "lib/index.js",
@@ -27,12 +27,12 @@
     "plist": "^3.1.0"
   },
   "peerDependencies": {
-    "@react-native-firebase/app": "23.5.0",
+    "@react-native-firebase/app": "23.7.0",
     "expo": ">=47.0.0"
   },
   "devDependencies": {
     "@types/plist": "^3.0.5",
-    "expo": "^53.0.20"
+    "expo": "^54.0.27"
   },
   "peerDependenciesMeta": {
     "expo": {
@@ -43,5 +43,5 @@
     "access": "public",
     "provenance": true
   },
-  "gitHead": "5d27948f349d4d6c977c55036e2afd13df8d622f"
+  "gitHead": "2a30c0b1e41a2b239172afd167f98a03fd422f2c"
 }

package/plugin/build/ios/openUrlFix.js

@@ -150,6 +150,10 @@ function modifySwiftAppDelegate(contents) {
             return null;
         }
     }
+    const isAlreadyModified = contents.includes(skipOpenUrlForFirebaseAuthBlockSwift);
+    if (isAlreadyModified) {
+        return null;
+    }
     return contents.replace(pattern, `${fullMatch[0]}${skipOpenUrlForFirebaseAuthBlockSwift}\n`);
 }
 // Search the ExpoConfig plugins array to see if `pluginName` is present

package/plugin/src/ios/openUrlFix.ts

@@ -183,6 +183,10 @@ export function modifySwiftAppDelegate(contents: string): string | null {
       return null;
     }
   }
+  const isAlreadyModified = contents.includes(skipOpenUrlForFirebaseAuthBlockSwift);
+  if (isAlreadyModified) {
+    return null;
+  }
   return contents.replace(pattern, `${fullMatch[0]}${skipOpenUrlForFirebaseAuthBlockSwift}\n`);
 }
 

package/plugin/tsconfig.tsbuildinfo

@@ -1 +1 @@
-{"root":["./src/index.ts","./src/pluginConfig.ts","./src/ios/index.ts","./src/ios/openUrlFix.ts","./src/ios/urlTypes.ts"],"version":"5.9.2"}
+{"root":["./src/index.ts","./src/pluginConfig.ts","./src/ios/index.ts","./src/ios/openUrlFix.ts","./src/ios/urlTypes.ts"],"version":"5.9.3"}