@react-native-firebase/auth 24.1.1 → 25.0.0

package/lib/ConfirmationResult.ts

@@ -0,0 +1,42 @@
+/*
+ * Copyright (c) 2016-present Invertase Limited & Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this library except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import type { FirebaseAuthTypes } from './types/namespaced';
+import type { AuthInternal } from './types/internal';
+
+export default class ConfirmationResult {
+  private readonly _auth: AuthInternal;
+  private readonly _verificationId: string;
+
+  constructor(auth: AuthInternal, verificationId: string) {
+    this._auth = auth;
+    this._verificationId = verificationId;
+  }
+
+  confirm(verificationCode: string): Promise<FirebaseAuthTypes.UserCredential | null> {
+    return this._auth.native
+      .confirmationResultConfirm(verificationCode)
+      .then(
+        userCredential =>
+          this._auth._setUserCredential(userCredential) as FirebaseAuthTypes.UserCredential,
+      );
+  }
+
+  get verificationId(): string {
+    return this._verificationId;
+  }
+}

package/lib/MultiFactorResolver.ts

@@ -0,0 +1,51 @@
+/**
+ * Base class to facilitate multi-factor authentication.
+ */
+import type { FirebaseAuthTypes } from './types/namespaced';
+import type { AuthInternal } from './types/internal';
+
+type ResolverLike = {
+  hints: FirebaseAuthTypes.MultiFactorInfo[];
+  session: FirebaseAuthTypes.MultiFactorSession;
+};
+
+type PhoneMultiFactorAssertion = {
+  token?: string;
+  secret?: string;
+  uid?: string;
+  verificationCode?: string;
+};
+
+export default class MultiFactorResolver {
+  readonly hints: FirebaseAuthTypes.MultiFactorInfo[];
+  readonly session: FirebaseAuthTypes.MultiFactorSession;
+  private readonly _auth: AuthInternal;
+
+  constructor(auth: AuthInternal, resolver: ResolverLike) {
+    this._auth = auth;
+    this.hints = resolver.hints;
+    this.session = resolver.session;
+  }
+
+  resolveSignIn(assertion: PhoneMultiFactorAssertion): Promise<FirebaseAuthTypes.UserCredential> {
+    const { token, secret, uid, verificationCode } = assertion;
+
+    if (token && secret) {
+      return this._auth.resolveMultiFactorSignIn(
+        this.session,
+        token,
+        secret,
+      ) as Promise<FirebaseAuthTypes.UserCredential>;
+    }
+
+    if (uid && verificationCode) {
+      return this._auth.resolveTotpSignIn(
+        this.session,
+        uid,
+        verificationCode,
+      ) as Promise<FirebaseAuthTypes.UserCredential>;
+    }
+
+    throw new Error('Invalid multi-factor assertion provided for sign-in resolution.');
+  }
+}

package/lib/PhoneAuthListener.ts

@@ -0,0 +1,312 @@
+/*
+ * Copyright (c) 2016-present Invertase Limited & Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this library except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import {
+  isAndroid,
+  isFunction,
+  isIOS,
+  promiseDefer,
+} from '@react-native-firebase/app/dist/module/common';
+import type { ReactNativeFirebase } from '@react-native-firebase/app';
+import NativeFirebaseError from '@react-native-firebase/app/dist/module/internal/NativeFirebaseError';
+import type { FirebaseAuthTypes } from './types/namespaced';
+import type {
+  AuthInternal,
+  NativePhoneAuthCredentialInternal,
+  NativePhoneAuthErrorInternal,
+} from './types/internal';
+
+type PhoneAuthInternalEventType =
+  | 'codeSent'
+  | 'verificationFailed'
+  | 'verificationComplete'
+  | 'codeAutoRetrievalTimeout';
+
+type InternalEvents = Record<PhoneAuthInternalEventType, string>;
+type PublicEvents = Record<'error' | 'event' | 'success', string>;
+type PhoneAuthSnapshot = FirebaseAuthTypes.PhoneAuthSnapshot;
+type PhoneAuthError = FirebaseAuthTypes.PhoneAuthError;
+
+let REQUEST_ID = 0;
+
+export default class PhoneAuthListener {
+  private readonly _auth: AuthInternal;
+  private _reject: ((error: ReactNativeFirebase.NativeFirebaseError) => void) | null;
+  private _resolve: ((snapshot: PhoneAuthSnapshot) => void) | null;
+  private _promise: Promise<PhoneAuthSnapshot> | null;
+  private readonly _jsStack: string;
+  private readonly _timeout: number;
+  private readonly _phoneAuthRequestId: number;
+  private readonly _forceResending: boolean;
+  private readonly _internalEvents: InternalEvents;
+  private readonly _publicEvents: PublicEvents;
+
+  constructor(auth: AuthInternal, phoneNumber: string, timeout?: number, forceResend?: boolean) {
+    this._auth = auth;
+    this._reject = null;
+    this._resolve = null;
+    this._promise = null;
+    this._jsStack = new Error().stack ?? '';
+
+    this._timeout = timeout || 20;
+    this._phoneAuthRequestId = REQUEST_ID++;
+    this._forceResending = forceResend || false;
+
+    // internal events
+    this._internalEvents = {
+      codeSent: `phone:auth:${this._phoneAuthRequestId}:onCodeSent`,
+      verificationFailed: `phone:auth:${this._phoneAuthRequestId}:onVerificationFailed`,
+      verificationComplete: `phone:auth:${this._phoneAuthRequestId}:onVerificationComplete`,
+      codeAutoRetrievalTimeout: `phone:auth:${this._phoneAuthRequestId}:onCodeAutoRetrievalTimeout`,
+    };
+
+    // user observer events
+    this._publicEvents = {
+      error: `phone:auth:${this._phoneAuthRequestId}:error`,
+      event: `phone:auth:${this._phoneAuthRequestId}:event`,
+      success: `phone:auth:${this._phoneAuthRequestId}:success`,
+    };
+
+    this._subscribeToEvents();
+
+    if (isAndroid) {
+      this._auth.native.verifyPhoneNumber(
+        phoneNumber,
+        this._phoneAuthRequestId + '',
+        this._timeout,
+        this._forceResending,
+      );
+    }
+
+    if (isIOS) {
+      this._auth.native.verifyPhoneNumber(phoneNumber, this._phoneAuthRequestId + '');
+    }
+  }
+
+  private _subscribeToEvents(): void {
+    const events: PhoneAuthInternalEventType[] = [
+      'codeSent',
+      'verificationFailed',
+      'verificationComplete',
+      'codeAutoRetrievalTimeout',
+    ];
+
+    for (const type of events) {
+      const subscription = this._auth.emitter.addListener(this._internalEvents[type], event => {
+        switch (type) {
+          case 'codeSent':
+            this._codeSentHandler(event as NativePhoneAuthCredentialInternal);
+            break;
+          case 'verificationFailed':
+            this._verificationFailedHandler(event as NativePhoneAuthErrorInternal);
+            break;
+          case 'verificationComplete':
+            this._verificationCompleteHandler(event as NativePhoneAuthCredentialInternal);
+            break;
+          case 'codeAutoRetrievalTimeout':
+            this._codeAutoRetrievalTimeoutHandler(event as NativePhoneAuthCredentialInternal);
+            break;
+        }
+        subscription.remove();
+      });
+    }
+  }
+
+  private _addUserObserver(observer: (snapshot: PhoneAuthSnapshot) => void): void {
+    this._auth.emitter.addListener(this._publicEvents.event, observer);
+  }
+
+  private _emitToObservers(snapshot: PhoneAuthSnapshot): void {
+    this._auth.emitter.emit(this._publicEvents.event, snapshot);
+  }
+
+  private _emitToErrorCb(snapshot: PhoneAuthSnapshot): void {
+    const { error } = snapshot;
+    if (this._reject && error) {
+      this._reject(error);
+    }
+    this._auth.emitter.emit(this._publicEvents.error, {
+      code: error?.code ?? null,
+      verificationId: snapshot.verificationId,
+      message: error?.message ?? null,
+      stack: error?.stack ?? null,
+    } as PhoneAuthError);
+  }
+
+  private _emitToSuccessCb(snapshot: PhoneAuthSnapshot): void {
+    if (this._resolve) {
+      this._resolve(snapshot);
+    }
+    this._auth.emitter.emit(this._publicEvents.success, snapshot);
+  }
+
+  private _removeAllListeners(): void {
+    setTimeout(() => {
+      // move to next event loop - not sure if needed
+      // internal listeners
+      Object.values(this._internalEvents).forEach(event => {
+        this._auth.emitter.removeAllListeners(event);
+      });
+
+      // user observer listeners
+      Object.values(this._publicEvents).forEach(publicEvent => {
+        this._auth.emitter.removeAllListeners(publicEvent);
+      });
+    }, 0);
+  }
+
+  private _promiseDeferred(): void {
+    if (!this._promise) {
+      const { promise, resolve, reject } = promiseDefer() as {
+        promise: Promise<PhoneAuthSnapshot>;
+        resolve: (snapshot: PhoneAuthSnapshot) => void;
+        reject: (error: ReactNativeFirebase.NativeFirebaseError) => void;
+      };
+      this._promise = promise;
+      this._resolve = resolve;
+      this._reject = reject;
+    }
+  }
+
+  /* --------------------------
+   --- INTERNAL EVENT HANDLERS
+   ---------------------------- */
+
+  private _codeSentHandler(credential: NativePhoneAuthCredentialInternal): void {
+    const snapshot: PhoneAuthSnapshot = {
+      verificationId: credential.verificationId,
+      code: null,
+      error: null,
+      state: 'sent',
+    };
+
+    this._emitToObservers(snapshot);
+
+    if (isIOS) {
+      this._emitToSuccessCb(snapshot);
+    }
+
+    if (isAndroid) {
+      // android can auto retrieve so we don't emit to successCb immediately,
+      // if auto retrieve times out then that will emit to successCb
+    }
+  }
+
+  private _codeAutoRetrievalTimeoutHandler(credential: NativePhoneAuthCredentialInternal): void {
+    const snapshot: PhoneAuthSnapshot = {
+      verificationId: credential.verificationId,
+      code: null,
+      error: null,
+      state: 'timeout',
+    };
+
+    this._emitToObservers(snapshot);
+    this._emitToSuccessCb(snapshot);
+  }
+
+  private _verificationCompleteHandler(credential: NativePhoneAuthCredentialInternal): void {
+    const snapshot: PhoneAuthSnapshot = {
+      verificationId: credential.verificationId,
+      code: credential.code || null,
+      error: null,
+      state: 'verified',
+    };
+
+    this._emitToObservers(snapshot);
+    this._emitToSuccessCb(snapshot);
+    this._removeAllListeners();
+  }
+
+  private _verificationFailedHandler(state: NativePhoneAuthErrorInternal): void {
+    const snapshot: PhoneAuthSnapshot = {
+      verificationId: state.verificationId,
+      code: null,
+      error: null,
+      state: 'error',
+    };
+
+    snapshot.error = new NativeFirebaseError(
+      { userInfo: state.error },
+      this._jsStack,
+      'auth',
+    ) as ReactNativeFirebase.NativeFirebaseError;
+
+    this._emitToObservers(snapshot);
+    this._emitToErrorCb(snapshot);
+    this._removeAllListeners();
+  }
+
+  /* -------------
+   -- PUBLIC API
+   --------------*/
+
+  on(
+    event: string,
+    observer: (snapshot: PhoneAuthSnapshot) => void,
+    errorCb?: (error: PhoneAuthError) => void,
+    successCb?: (snapshot: PhoneAuthSnapshot) => void,
+  ): PhoneAuthListener {
+    if (event !== 'state_changed') {
+      throw new Error(
+        "firebase.auth.PhoneAuthListener.on(*, _, _, _) 'event' must equal 'state_changed'.",
+      );
+    }
+
+    if (!isFunction(observer)) {
+      throw new Error(
+        "firebase.auth.PhoneAuthListener.on(_, *, _, _) 'observer' must be a function.",
+      );
+    }
+
+    this._addUserObserver(observer);
+
+    if (isFunction(errorCb)) {
+      const subscription = this._auth.emitter.addListener(this._publicEvents.error, event => {
+        subscription.remove();
+        errorCb(event as PhoneAuthError);
+      });
+    }
+
+    if (isFunction(successCb)) {
+      const subscription = this._auth.emitter.addListener(this._publicEvents.success, event => {
+        subscription.remove();
+        successCb(event as PhoneAuthSnapshot);
+      });
+    }
+
+    return this;
+  }
+
+  then<TResult1 = PhoneAuthSnapshot, TResult2 = never>(
+    onFulfilled?: ((value: PhoneAuthSnapshot) => TResult1 | PromiseLike<TResult1>) | null,
+    onRejected?:
+      | ((reason: ReactNativeFirebase.NativeFirebaseError) => TResult2 | PromiseLike<TResult2>)
+      | null,
+  ): Promise<TResult1 | TResult2> {
+    this._promiseDeferred();
+    return this._promise!.then(onFulfilled ?? undefined, onRejected ?? undefined);
+  }
+
+  catch<TResult = never>(
+    onRejected?:
+      | ((reason: ReactNativeFirebase.NativeFirebaseError) => TResult | PromiseLike<TResult>)
+      | null,
+  ): Promise<PhoneAuthSnapshot | TResult> {
+    this._promiseDeferred();
+    return this._promise!.catch(onRejected ?? undefined);
+  }
+}

package/lib/PhoneAuthState.ts

@@ -0,0 +1,22 @@
+/*
+ * Copyright (c) 2016-present Invertase Limited & Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this library except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+export const PhoneAuthState = {
+  CODE_SENT: 'sent',
+  AUTO_VERIFY_TIMEOUT: 'timeout',
+  AUTO_VERIFIED: 'verified',
+  ERROR: 'error',
+} as const;

package/lib/{PhoneMultiFactorGenerator.js → PhoneMultiFactorGenerator.ts}

@@ -15,6 +15,8 @@
  *
  */
 
+import type { PhoneAuthCredential, PhoneMultiFactorAssertion } from './types/auth';
+
 export default class PhoneMultiFactorGenerator {
   static FACTOR_ID = 'phone';
 
@@ -24,10 +26,14 @@ export default class PhoneMultiFactorGenerator {
     );
   }
 
-  static assertion(credential) {
+  static assertion(credential: PhoneAuthCredential): PhoneMultiFactorAssertion {
     // There is no logic here, we mainly do this for API compatibility
     // (following the Web API).
     const { token, secret } = credential;
-    return { token, secret };
+    return {
+      token,
+      secret,
+      factorId: 'phone',
+    } as PhoneMultiFactorAssertion;
   }
 }

package/lib/Settings.ts

@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) 2016-present Invertase Limited & Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this library except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import { isAndroid } from '@react-native-firebase/app/dist/module/common';
+import type { AuthInternal } from './types/internal';
+
+export default class Settings {
+  private readonly _auth: AuthInternal;
+  private _forceRecaptchaFlowForTesting: boolean;
+  private _appVerificationDisabledForTesting: boolean;
+
+  constructor(auth: AuthInternal) {
+    this._auth = auth;
+    this._forceRecaptchaFlowForTesting = false;
+    this._appVerificationDisabledForTesting = false;
+  }
+
+  get forceRecaptchaFlowForTesting(): boolean {
+    return this._forceRecaptchaFlowForTesting;
+  }
+
+  set forceRecaptchaFlowForTesting(forceRecaptchaFlow: boolean) {
+    if (isAndroid) {
+      this._forceRecaptchaFlowForTesting = forceRecaptchaFlow;
+      this._auth.native.forceRecaptchaFlowForTesting(forceRecaptchaFlow);
+    }
+  }
+
+  get appVerificationDisabledForTesting(): boolean {
+    return this._appVerificationDisabledForTesting;
+  }
+
+  set appVerificationDisabledForTesting(disabled: boolean) {
+    this._appVerificationDisabledForTesting = disabled;
+    this._auth.native.setAppVerificationDisabledForTesting(disabled);
+  }
+
+  setAutoRetrievedSmsCodeForPhoneNumber(phoneNumber: string, smsCode: string): Promise<null> {
+    if (isAndroid) {
+      return this._auth.native.setAutoRetrievedSmsCodeForPhoneNumber(phoneNumber, smsCode);
+    }
+
+    return Promise.resolve(null);
+  }
+}

package/lib/TotpMultiFactorGenerator.ts

@@ -0,0 +1,78 @@
+/*
+ * Copyright (c) 2016-present Invertase Limited & Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this library except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import { isOther } from '@react-native-firebase/app/dist/module/common';
+import { TotpSecret } from './TotpSecret';
+import { getAuth } from './modular';
+import type { Auth, MultiFactorSession, TotpMultiFactorAssertion } from './types/auth';
+import type { AuthInternal } from './types/internal';
+
+export default class TotpMultiFactorGenerator {
+  static readonly FACTOR_ID = 'totp' as const;
+
+  constructor() {
+    throw new Error(
+      '`new TotpMultiFactorGenerator()` is not supported on the native Firebase SDKs.',
+    );
+  }
+
+  static assertionForSignIn(uid: string, verificationCode: string): TotpMultiFactorAssertion {
+    if (isOther) {
+      // we require the web native assertion when using firebase-js-sdk
+      // as it has functions used by the SDK, a shim won't do
+      return (getAuth() as unknown as AuthInternal).native.assertionForSignIn(
+        uid,
+        verificationCode,
+      ) as unknown as TotpMultiFactorAssertion;
+    }
+    return {
+      uid,
+      verificationCode,
+      factorId: 'totp',
+    } as unknown as TotpMultiFactorAssertion;
+  }
+
+  static assertionForEnrollment(
+    totpSecret: TotpSecret,
+    verificationCode: string,
+  ): TotpMultiFactorAssertion {
+    return {
+      totpSecret: totpSecret.secretKey,
+      verificationCode,
+      factorId: 'totp',
+    } as unknown as TotpMultiFactorAssertion;
+  }
+
+  static generateSecret(session: MultiFactorSession): Promise<TotpSecret>;
+  static generateSecret(session: MultiFactorSession, auth: Auth): Promise<TotpSecret>;
+  static async generateSecret(
+    session: MultiFactorSession,
+    // Defaulting to getAuth() preserves the firebase-js-sdk one-argument API for the default app.
+    auth: Auth = getAuth(),
+  ): Promise<TotpSecret> {
+    if (!session) {
+      throw new Error('Session is required to generate a TOTP secret.');
+    }
+    const {
+      secretKey,
+      // Other properties are not publicly exposed in native APIs
+      // hashingAlgorithm, codeLength, codeIntervalSeconds, enrollmentCompletionDeadline
+    } = await (auth as unknown as AuthInternal).native.generateTotpSecret(session);
+
+    return new TotpSecret(secretKey, auth as unknown as AuthInternal);
+  }
+}

package/lib/TotpSecret.ts

@@ -0,0 +1,71 @@
+/*
+ * Copyright (c) 2016-present Invertase Limited & Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this library except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import { isString } from '@react-native-firebase/app/dist/module/common';
+import type { AuthInternal } from './types/internal';
+
+export class TotpSecret {
+  readonly secretKey: string;
+  private readonly auth: AuthInternal;
+
+  constructor(secretKey: string, auth: AuthInternal) {
+    // The native TotpSecret has many more properties, but they are
+    // internal to the native SDKs, we only maintain the secret in JS layer
+    this.secretKey = secretKey;
+
+    // we do need a handle to the correct auth instance to generate QR codes etc
+    this.auth = auth;
+  }
+
+  /**
+   * Shared secret key/seed used for enrolling in TOTP MFA and generating OTPs.
+   */
+  /**
+   * Returns a QR code URL as described in
+   * https://github.com/google/google-authenticator/wiki/Key-Uri-Format
+   * This can be displayed to the user as a QR code to be scanned into a TOTP app like Google Authenticator.
+   * If the optional parameters are unspecified, an accountName of <userEmail> and issuer of <firebaseAppName> are used.
+   *
+   * @param accountName the name of the account/app along with a user identifier.
+   * @param issuer issuer of the TOTP (likely the app name).
+   * @returns A Promise that resolves to a QR code URL string. Unlike the firebase-js-sdk synchronous
+   * return type, this method is async because QR code generation is performed through the React Native
+   * native auth bridge.
+   */
+  async generateQrCodeUrl(accountName?: string, issuer?: string): Promise<string> {
+    // accountName and issure are nullable in the API specification but are
+    // required by tha native SDK. The JS SDK returns '' if they are missing/empty.
+    if (!isString(accountName) || !isString(issuer) || accountName === '' || issuer === '') {
+      return '';
+    }
+    return this.auth.native.generateQrCodeUrl(this.secretKey, accountName, issuer);
+  }
+
+  /**
+   * Opens the specified QR Code URL in an OTP authenticator app on the device.
+   * The shared secret key and account name will be populated in the OTP authenticator app.
+   * The URL uses the otpauth:// scheme and will be opened on an app that handles this scheme,
+   * if it exists on the device, possibly opening the ecocystem-specific app store with a generic
+   * query for compatible apps if no app exists on the device.
+   *
+   * @param qrCodeUrl the URL to open in the app, from generateQrCodeUrl
+   */
+  openInOtpApp(qrCodeUrl: string): string | void {
+    if (isString(qrCodeUrl) && qrCodeUrl !== '') {
+      return this.auth.native.openInOtpApp(this.secretKey, qrCodeUrl);
+    }
+  }
+}