@react-native-firebase/auth 23.6.0 → 23.8.0

package/CHANGELOG.md

@@ -3,6 +3,16 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [23.8.0](https://github.com/invertase/react-native-firebase/compare/v23.7.0...v23.8.0) (2026-01-13)
+
+**Note:** Version bump only for package @react-native-firebase/auth
+
+## [23.7.0](https://github.com/invertase/react-native-firebase/compare/v23.6.0...v23.7.0) (2025-12-08)
+
+### Features
+
+- **auth:** cache password policy per-app in validatePassword ([cc29117](https://github.com/invertase/react-native-firebase/commit/cc291171e076d00dfde1fef9d03242379e567af4))
+
 ## [23.6.0](https://github.com/invertase/react-native-firebase/compare/v23.5.0...v23.6.0) (2025-12-08)
 
 ### Bug Fixes

package/lib/index.d.ts

@@ -468,6 +468,7 @@ export namespace FirebaseAuthTypes {
      * A PhoneMultiFactorGenerator interface.
      */
     PhoneMultiFactorGenerator: PhoneMultiFactorGenerator;
+    SDK_VERSION: string;
   }
 
   /**
@@ -1647,6 +1648,11 @@ export namespace FirebaseAuthTypes {
    * TODO @salakar missing updateCurrentUser
    */
   export class Module extends FirebaseModule {
+    /**
+     * The current `FirebaseApp` instance for this Firebase service.
+     */
+    app: ReactNativeFirebase.FirebaseApp;
+
     /**
      * Returns the current tenant Id or null if it has never been set
      *
@@ -2295,10 +2301,19 @@ export namespace FirebaseAuthTypes {
 
 export type CallbackOrObserver<T extends (...args: any[]) => any> = T | { next: T };
 
-declare const defaultExport: ReactNativeFirebase.FirebaseModuleWithStaticsAndApp<
+type AuthNamespace = ReactNativeFirebase.FirebaseModuleWithStaticsAndApp<
   FirebaseAuthTypes.Module,
   FirebaseAuthTypes.Statics
->;
+> & {
+  auth: ReactNativeFirebase.FirebaseModuleWithStaticsAndApp<
+    FirebaseAuthTypes.Module,
+    FirebaseAuthTypes.Statics
+  >;
+  firebase: ReactNativeFirebase.Module;
+  app(name?: string): ReactNativeFirebase.FirebaseApp;
+};
+
+declare const defaultExport: AuthNamespace;
 
 export const firebase: ReactNativeFirebase.Module & {
   auth: typeof defaultExport;

package/lib/index.js

@@ -51,6 +51,7 @@ import TwitterAuthProvider from './providers/TwitterAuthProvider';
 import { TotpSecret } from './TotpSecret';
 import version from './version';
 import fallBackModule from './web/RNFBAuthModule';
+import { PasswordPolicyMixin } from './password-policy/PasswordPolicyMixin';
 
 const PhoneAuthState = {
   CODE_SENT: 'sent',
@@ -103,6 +104,8 @@ class FirebaseAuthModule extends FirebaseModule {
     this._authResult = false;
     this._languageCode = this.native.APP_LANGUAGE[this.app._name];
     this._tenantId = null;
+    this._projectPasswordPolicy = null;
+    this._tenantPasswordPolicies = {};
 
     if (!this.languageCode) {
       this._languageCode = this.native.APP_LANGUAGE['[DEFAULT]'];
@@ -336,15 +339,45 @@ class FirebaseAuthModule extends FirebaseModule {
   }
 
   createUserWithEmailAndPassword(email, password) {
-    return this.native
-      .createUserWithEmailAndPassword(email, password)
-      .then(userCredential => this._setUserCredential(userCredential));
+    return (
+      this.native
+        .createUserWithEmailAndPassword(email, password)
+        .then(userCredential => this._setUserCredential(userCredential))
+        /* istanbul ignore next - native error handling cannot be unit tested */
+        .catch(error => {
+          if (error.code === 'auth/password-does-not-meet-requirements') {
+            return this._recachePasswordPolicy()
+              .catch(() => {
+                // Silently ignore recache failures - the original error matters more
+              })
+              .then(() => {
+                throw error;
+              });
+          }
+          throw error;
+        })
+    );
   }
 
   signInWithEmailAndPassword(email, password) {
-    return this.native
-      .signInWithEmailAndPassword(email, password)
-      .then(userCredential => this._setUserCredential(userCredential));
+    return (
+      this.native
+        .signInWithEmailAndPassword(email, password)
+        .then(userCredential => this._setUserCredential(userCredential))
+        /* istanbul ignore next - native error handling cannot be unit tested */
+        .catch(error => {
+          if (error.code === 'auth/password-does-not-meet-requirements') {
+            return this._recachePasswordPolicy()
+              .catch(() => {
+                // Silently ignore recache failures - the original error matters more
+              })
+              .then(() => {
+                throw error;
+              });
+          }
+          throw error;
+        })
+    );
   }
 
   signInWithCustomToken(customToken) {
@@ -382,7 +415,23 @@ class FirebaseAuthModule extends FirebaseModule {
   }
 
   confirmPasswordReset(code, newPassword) {
-    return this.native.confirmPasswordReset(code, newPassword);
+    return (
+      this.native
+        .confirmPasswordReset(code, newPassword)
+        /* istanbul ignore next - native error handling cannot be unit tested */
+        .catch(error => {
+          if (error.code === 'auth/password-does-not-meet-requirements') {
+            return this._recachePasswordPolicy()
+              .catch(() => {
+                // Silently ignore recache failures - the original error matters more
+              })
+              .then(() => {
+                throw error;
+              });
+          }
+          throw error;
+        })
+    );
   }
 
   applyActionCode(code) {
@@ -493,6 +542,9 @@ class FirebaseAuthModule extends FirebaseModule {
   }
 }
 
+// Apply password policy mixin to FirebaseAuthModule
+Object.assign(FirebaseAuthModule.prototype, PasswordPolicyMixin);
+
 // import { SDK_VERSION } from '@react-native-firebase/auth';
 export const SDK_VERSION = version;
 

package/lib/modular/index.js

@@ -16,8 +16,6 @@
  */
 
 import { getApp } from '@react-native-firebase/app';
-import { fetchPasswordPolicy } from '../password-policy/passwordPolicyApi';
-import { PasswordPolicyImpl } from '../password-policy/PasswordPolicyImpl';
 import { MultiFactorUser } from '../multiFactor';
 import { MODULAR_DEPRECATION_ARG } from '@react-native-firebase/app/lib/common';
 
@@ -637,15 +635,17 @@ export function getCustomAuthDomain(auth) {
  * @returns {Promise<PasswordValidationStatus>}
  */
 export async function validatePassword(auth, password) {
+  if (!auth || !auth.app) {
+    throw new Error(
+      "firebase.auth().validatePassword(*) 'auth' must be a valid Auth instance with an 'app' property. Received: undefined",
+    );
+  }
+
   if (password === null || password === undefined) {
     throw new Error(
       "firebase.auth().validatePassword(*) expected 'password' to be a non-null or a defined value.",
     );
   }
-  let passwordPolicy = await fetchPasswordPolicy(auth);
-
-  const passwordPolicyImpl = await new PasswordPolicyImpl(passwordPolicy);
-  let status = passwordPolicyImpl.validatePassword(password);
 
-  return status;
+  return auth.validatePassword.call(auth, password, MODULAR_DEPRECATION_ARG);
 }

package/lib/password-policy/PasswordPolicyMixin.js

@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 2016-present Invertase Limited & Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this library except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import { fetchPasswordPolicy } from './passwordPolicyApi';
+import { PasswordPolicyImpl } from './PasswordPolicyImpl';
+
+const EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION = 1;
+
+/**
+ * Password policy mixin - provides password policy caching and validation.
+ * Expects the target object to have: _tenantId, _projectPasswordPolicy,
+ * _tenantPasswordPolicies, and app.options.apiKey
+ */
+export const PasswordPolicyMixin = {
+  _getPasswordPolicyInternal() {
+    if (this._tenantId === null) {
+      return this._projectPasswordPolicy;
+    }
+    return this._tenantPasswordPolicies[this._tenantId];
+  },
+
+  async _updatePasswordPolicy() {
+    const response = await fetchPasswordPolicy(this);
+    const passwordPolicy = new PasswordPolicyImpl(response);
+    if (this._tenantId === null) {
+      this._projectPasswordPolicy = passwordPolicy;
+    } else {
+      this._tenantPasswordPolicies[this._tenantId] = passwordPolicy;
+    }
+  },
+
+  async _recachePasswordPolicy() {
+    if (this._getPasswordPolicyInternal()) {
+      await this._updatePasswordPolicy();
+    }
+  },
+
+  async validatePassword(password) {
+    if (!this._getPasswordPolicyInternal()) {
+      await this._updatePasswordPolicy();
+    }
+    const passwordPolicy = this._getPasswordPolicyInternal();
+
+    if (passwordPolicy.schemaVersion !== EXPECTED_PASSWORD_POLICY_SCHEMA_VERSION) {
+      throw new Error(
+        'auth/unsupported-password-policy-schema-version: The password policy received from the backend uses a schema version that is not supported by this version of the SDK.',
+      );
+    }
+
+    return passwordPolicy.validatePassword(password);
+  },
+};

package/lib/password-policy/passwordPolicyApi.js

@@ -23,8 +23,6 @@
  * @throws {Error} Throws an error if the request fails or encounters an issue.
  */
 export async function fetchPasswordPolicy(auth) {
-  let schemaVersion = 1;
-
   try {
     // Identity toolkit API endpoint for password policy. Ensure this is enabled on Google cloud.
     const baseURL = 'https://identitytoolkit.googleapis.com/v2/passwordPolicy?key=';
@@ -37,19 +35,10 @@ export async function fetchPasswordPolicy(auth) {
         `firebase.auth().validatePassword(*) failed to fetch password policy from Firebase Console: ${response.statusText}. Details: ${errorDetails}`,
       );
     }
-    const passwordPolicy = await response.json();
-
-    if (passwordPolicy.schemaVersion !== schemaVersion) {
-      throw new Error(
-        `Password policy schema version mismatch. Expected: ${schemaVersion}, received: ${passwordPolicy.schemaVersion}`,
-      );
-    }
-    return passwordPolicy;
+    return await response.json();
   } catch (error) {
     throw new Error(
       `firebase.auth().validatePassword(*) Failed to fetch password policy: ${error.message}`,
     );
   }
 }
-
-module.exports = { fetchPasswordPolicy };

package/lib/version.js

@@ -1,2 +1,2 @@
 // Generated by genversion.
-module.exports = '23.6.0';
+module.exports = '23.8.0';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@react-native-firebase/auth",
-  "version": "23.6.0",
+  "version": "23.8.0",
   "author": "Invertase <oss@invertase.io> (http://invertase.io)",
   "description": "React Native Firebase - The authentication module provides an easy-to-use API to integrate an authentication workflow into new and existing applications. React Native Firebase provides access to all Firebase authentication methods and identity providers.",
   "main": "lib/index.js",
@@ -27,7 +27,7 @@
     "plist": "^3.1.0"
   },
   "peerDependencies": {
-    "@react-native-firebase/app": "23.6.0",
+    "@react-native-firebase/app": "23.8.0",
     "expo": ">=47.0.0"
   },
   "devDependencies": {
@@ -43,5 +43,5 @@
     "access": "public",
     "provenance": true
   },
-  "gitHead": "748e89f9bfcdfbee971c627cd8a698963ba09f33"
+  "gitHead": "724ddcfea6ebe93875e5a54ff38ca57ab5990822"
 }