@react-native-firebase/auth 24.1.1 → 25.0.1

package/lib/providers/OIDCAuthProvider.ts

@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 2016-present Invertase Limited & Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this library except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import { AuthCredential } from '../credentials';
+import type { AuthCredential as AuthCredentialType } from '../types/auth';
+
+const providerId = 'oidc.' as const;
+
+/**
+ * @deprecated Use {@link OAuthProvider} with provider ID `oidc.<your-provider-id>` instead.
+ *
+ * @example
+ * ```js
+ * const provider = new OAuthProvider('oidc.sample-provider');
+ * const credential = provider.credential({ idToken, accessToken });
+ * ```
+ */
+export default class OIDCAuthProvider {
+  constructor() {
+    throw new Error('`new OIDCAuthProvider()` is not supported on the native Firebase SDKs.');
+  }
+
+  static get PROVIDER_ID() {
+    return providerId;
+  }
+
+  static credential(
+    oidcSuffix: string,
+    idToken: string,
+    accessToken?: string,
+  ): AuthCredentialType {
+    const resolvedProviderId = providerId + oidcSuffix;
+    return new AuthCredential(resolvedProviderId, resolvedProviderId, idToken, accessToken ?? '');
+  }
+}

package/lib/providers/PhoneAuthProvider.ts

@@ -0,0 +1,161 @@
+/*
+ * Copyright (c) 2016-present Invertase Limited & Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this library except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import { createPhoneAuthCredential } from '../credentials';
+import type {
+  ApplicationVerifier,
+  Auth,
+  AuthError,
+  MultiFactorInfo,
+  PhoneAuthCredential,
+  PhoneAuthListener,
+  PhoneInfoOptions,
+  PhoneMultiFactorEnrollInfoOptions,
+  PhoneMultiFactorSignInInfoOptions,
+  PhoneSingleFactorInfoOptions,
+  UserCredential,
+} from '../types/auth';
+
+// Keep the SDK helper signature name while mapping to RNFB's native auth error type.
+type FirebaseError = AuthError;
+
+const providerId = 'phone' as const;
+
+type PhoneAuthProviderAuth = {
+  app: {
+    auth(): {
+      verifyPhoneNumber(phoneNumber: string): PhoneAuthListener;
+      verifyPhoneNumberWithMultiFactorInfo(
+        hint: Pick<MultiFactorInfo, 'uid'>,
+        session: PhoneMultiFactorSignInInfoOptions['session'],
+      ): Promise<string>;
+      verifyPhoneNumberForMultiFactor(
+        phoneInfoOptions: PhoneMultiFactorEnrollInfoOptions,
+      ): Promise<string>;
+    };
+  };
+};
+
+function isPhoneMultiFactorSignInOptions(
+  phoneInfoOptions: PhoneInfoOptions,
+): phoneInfoOptions is PhoneMultiFactorSignInInfoOptions {
+  return (
+    'session' in phoneInfoOptions &&
+    (('multiFactorHint' in phoneInfoOptions && phoneInfoOptions.multiFactorHint !== undefined) ||
+      ('multiFactorUid' in phoneInfoOptions && phoneInfoOptions.multiFactorUid !== undefined))
+  );
+}
+
+function isPhoneMultiFactorEnrollOptions(
+  phoneInfoOptions: PhoneInfoOptions,
+): phoneInfoOptions is PhoneMultiFactorEnrollInfoOptions {
+  return 'phoneNumber' in phoneInfoOptions && 'session' in phoneInfoOptions;
+}
+
+function isPhoneSingleFactorOptions(
+  phoneInfoOptions: PhoneInfoOptions,
+): phoneInfoOptions is PhoneSingleFactorInfoOptions {
+  return 'phoneNumber' in phoneInfoOptions;
+}
+
+function verificationIdFromListener(listener: PhoneAuthListener): Promise<string> {
+  return new Promise((resolve, reject) => {
+    listener.on(
+      'state_changed',
+      snapshot => {
+        if (snapshot.error) {
+          reject(snapshot.error);
+          return;
+        }
+
+        if (snapshot.verificationId) {
+          resolve(snapshot.verificationId);
+        }
+      },
+      error => reject(error),
+    );
+  });
+}
+
+export default class PhoneAuthProvider {
+  static readonly PHONE_SIGN_IN_METHOD: 'phone' = providerId;
+  static readonly PROVIDER_ID: 'phone' = providerId;
+
+  readonly providerId = providerId;
+
+  private readonly _auth: PhoneAuthProviderAuth;
+
+  constructor(auth: Auth) {
+    if (auth === undefined) {
+      throw new Error('`new PhoneAuthProvider()` is not supported on the native Firebase SDKs.');
+    }
+    this._auth = auth as unknown as PhoneAuthProviderAuth;
+  }
+
+  static credential(verificationId: string, code: string): PhoneAuthCredential {
+    return createPhoneAuthCredential(verificationId, code);
+  }
+
+  static credentialFromResult(_userCredential: UserCredential): PhoneAuthCredential | null {
+    return null;
+  }
+
+  static credentialFromError(_error: FirebaseError): PhoneAuthCredential | null {
+    return null;
+  }
+
+  verifyPhoneNumber(
+    phoneInfoOptions: PhoneInfoOptions | string,
+    appVerifier: ApplicationVerifier,
+  ): Promise<string>;
+  verifyPhoneNumber(
+    phoneInfoOptions: PhoneMultiFactorEnrollInfoOptions | PhoneMultiFactorSignInInfoOptions,
+  ): Promise<string>;
+  verifyPhoneNumber(
+    phoneInfoOptions: PhoneInfoOptions | string,
+    // Native SDKs own app verification, so the JS SDK verifier is accepted for type parity only.
+    _appVerifier?: ApplicationVerifier,
+  ): Promise<string> {
+    if (typeof phoneInfoOptions === 'string') {
+      return verificationIdFromListener(this._auth.app.auth().verifyPhoneNumber(phoneInfoOptions));
+    }
+
+    if (isPhoneMultiFactorSignInOptions(phoneInfoOptions)) {
+      const multiFactorHint = phoneInfoOptions.multiFactorHint ?? {
+        uid: phoneInfoOptions.multiFactorUid!,
+      };
+
+      return this._auth.app
+        .auth()
+        .verifyPhoneNumberWithMultiFactorInfo(multiFactorHint, phoneInfoOptions.session);
+    }
+
+    if (isPhoneMultiFactorEnrollOptions(phoneInfoOptions)) {
+      return this._auth.app.auth().verifyPhoneNumberForMultiFactor(phoneInfoOptions);
+    }
+
+    if (isPhoneSingleFactorOptions(phoneInfoOptions)) {
+      return verificationIdFromListener(
+        this._auth.app.auth().verifyPhoneNumber(phoneInfoOptions.phoneNumber),
+      );
+    }
+
+    throw new Error(
+      '`PhoneAuthProvider.verifyPhoneNumber()` requires a phone number, phone info options, or multi-factor phone info.',
+    );
+  }
+}

package/lib/providers/TwitterAuthProvider.ts

@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2016-present Invertase Limited & Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this library except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import { OAuthCredential } from '../credentials';
+import type { AuthError, UserCredential } from '../types/auth';
+
+// Keep the SDK helper signature name while mapping to RNFB's native auth error type.
+type FirebaseError = AuthError;
+
+const providerId = 'twitter.com' as const;
+
+export default class TwitterAuthProvider {
+  static readonly TWITTER_SIGN_IN_METHOD: 'twitter.com' = providerId;
+  static readonly PROVIDER_ID: 'twitter.com' = providerId;
+
+  constructor() {
+    throw new Error('`new TwitterAuthProvider()` is not supported on the native Firebase SDKs.');
+  }
+
+  static credential(token: string, secret: string): OAuthCredential {
+    return new OAuthCredential(providerId, {
+      accessToken: token,
+      secret,
+      bridgeToken: token,
+      bridgeSecret: secret,
+    });
+  }
+
+  /** @remarks Always returns `null` on React Native Firebase. */
+  static credentialFromResult(_userCredential: UserCredential): OAuthCredential | null {
+    return null;
+  }
+
+  /** @remarks Always returns `null` on React Native Firebase. */
+  static credentialFromError(_error: FirebaseError): OAuthCredential | null {
+    return null;
+  }
+}

package/lib/types/auth.ts

@@ -0,0 +1,393 @@
+/*
+ * Copyright (c) 2016-present Invertase Limited & Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this library except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+import type { FirebaseApp, ReactNativeFirebase } from '@react-native-firebase/app';
+import type { ActionCodeOperation, FactorId, OperationType } from '../constants';
+import type {
+  AuthCredential,
+  EmailAuthCredential,
+  OAuthCredential,
+  PhoneAuthCredential,
+} from '../credentials';
+
+export type { AuthCredential, EmailAuthCredential, OAuthCredential, PhoneAuthCredential };
+
+export type CompleteFn = () => void;
+export type ErrorFn = (error: Error) => void;
+export type NextFn<T> = (value: T) => void;
+export type Unsubscribe = () => void;
+
+interface Observer<T> {
+  next?: NextFn<T> | null;
+  error?: ErrorFn | null;
+  complete?: CompleteFn | null;
+}
+
+export interface Auth {
+  readonly app: FirebaseApp;
+  readonly name: string;
+  /** @remarks Always returns `{}` at runtime. Native iOS/Android Firebase Auth SDKs do not expose the web config object. */
+  readonly config: Config;
+  /**
+   * @remarks
+   * **Not supported on React Native Firebase.** The modular {@link setPersistence} helper always throws
+   * synchronously because auth state is managed by the native SDKs.
+   */
+  setPersistence(persistence: Persistence): Promise<void>;
+  languageCode: string | null;
+  /** Writable tenant ID. Assigning a value delegates to `setTenantId`. */
+  tenantId: string | null;
+  readonly settings: AuthSettings;
+  onAuthStateChanged(
+    nextOrObserver: NextOrObserver<User | null>,
+    error?: ErrorFn,
+    completed?: CompleteFn,
+  ): Unsubscribe;
+  beforeAuthStateChanged(
+    callback: (user: User | null) => void | Promise<void>,
+    onAbort?: () => void,
+  ): Unsubscribe;
+  onIdTokenChanged(
+    nextOrObserver: NextOrObserver<User | null>,
+    error?: ErrorFn,
+    completed?: CompleteFn,
+  ): Unsubscribe;
+  /** Resolves when the initial auth state has been determined. */
+  authStateReady(): Promise<void>;
+  readonly currentUser: User | null;
+  /** Populated after {@link connectAuthEmulator} is called; otherwise `null`. */
+  readonly emulatorConfig: EmulatorConfig | null;
+  updateCurrentUser(user: User | null): Promise<void>;
+  /**
+   * @remarks
+   * **Not supported on React Native Firebase.** Always throws synchronously. Set `languageCode`
+   * directly or use {@link setLanguageCode}.
+   */
+  useDeviceLanguage(): void;
+  signOut(): Promise<void>;
+}
+
+export interface AuthError extends ReactNativeFirebase.NativeFirebaseError {
+  readonly customData: {
+    readonly appName: string;
+    readonly email?: string;
+    readonly phoneNumber?: string;
+    readonly tenantId?: string;
+  };
+}
+
+export interface NativeFirebaseAuthError extends ReactNativeFirebase.NativeFirebaseError {
+  readonly userInfo: {
+    readonly authCredential: AuthCredential | null;
+    readonly resolver: MultiFactorResolver | null;
+  };
+}
+
+/**
+ * @deprecated Use {@link OAuthProvider} with provider ID `oidc.<suffix>` instead.
+ */
+export interface OIDCProvider {
+  readonly PROVIDER_ID: string;
+  credential(oidcSuffix: string, idToken: string): AuthCredential;
+}
+export interface MultiFactorError extends AuthError {
+  readonly customData: AuthError['customData'] & {
+    readonly operationType: (typeof OperationType)[keyof typeof OperationType];
+  };
+}
+export interface PhoneAuthSnapshot {
+  readonly state: 'sent' | 'timeout' | 'verified' | 'error';
+  readonly verificationId: string;
+  readonly code: string | null;
+  readonly error: ReactNativeFirebase.NativeFirebaseError | null;
+}
+
+export interface PhoneAuthError {
+  readonly code: string | null;
+  readonly verificationId: string;
+  readonly message: string | null;
+  readonly stack: string | null;
+}
+
+export interface PhoneAuthListener {
+  on(
+    event: string,
+    observer: (snapshot: PhoneAuthSnapshot) => void,
+    errorCb?: (error: PhoneAuthError) => void,
+    successCb?: (snapshot: PhoneAuthSnapshot) => void,
+  ): PhoneAuthListener;
+  then(
+    onFulfilled?: ((value: PhoneAuthSnapshot) => any) | null,
+    onRejected?: ((error: ReactNativeFirebase.NativeFirebaseError) => any) | null,
+  ): Promise<any>;
+  catch(onRejected: (error: ReactNativeFirebase.NativeFirebaseError) => any): Promise<any>;
+}
+
+export { ActionCodeURL } from '../ActionCodeURL';
+
+/**
+ * Firebase JS SDK auth configuration. Native iOS/Android Firebase Auth SDKs do not expose
+ * this object, so {@link Auth.config} always returns an empty object on React Native.
+ */
+export interface Config {
+  apiKey: string;
+  apiHost: string;
+  apiScheme: string;
+  tokenApiHost: string;
+  sdkClientVersion: string;
+  authDomain?: string;
+}
+
+export interface AuthErrorMap {}
+
+export interface PopupRedirectResolver {}
+
+export interface Dependencies {
+  persistence?: Persistence | Persistence[];
+  popupRedirectResolver?: PopupRedirectResolver;
+  errorMap?: AuthErrorMap;
+}
+
+export interface ApplicationVerifier {
+  readonly type: string;
+  verify(): Promise<string>;
+}
+
+export type CustomParameters = Record<string, string>;
+
+export interface OAuthCredentialOptions {
+  idToken?: string;
+  accessToken?: string;
+  rawNonce?: string;
+}
+
+export interface AuthProvider {
+  readonly providerId: string;
+}
+
+export interface AuthSettings {
+  appVerificationDisabledForTesting: boolean;
+}
+
+export interface EmulatorConfig {
+  readonly protocol: string;
+  readonly host: string;
+  readonly port: number | null;
+  readonly options: {
+    readonly disableWarnings: boolean;
+  };
+}
+
+export interface PasswordPolicy {
+  readonly customStrengthOptions: {
+    readonly minPasswordLength?: number;
+    readonly maxPasswordLength?: number;
+    readonly containsLowercaseLetter?: boolean;
+    readonly containsUppercaseLetter?: boolean;
+    readonly containsNumericCharacter?: boolean;
+    readonly containsNonAlphanumericCharacter?: boolean;
+  };
+  readonly allowedNonAlphanumericCharacters: string;
+  readonly enforcementState: string;
+  readonly forceUpgradeOnSignin: boolean;
+}
+
+export interface PasswordValidationStatus {
+  readonly isValid: boolean;
+  readonly meetsMinPasswordLength?: boolean;
+  readonly meetsMaxPasswordLength?: boolean;
+  readonly containsLowercaseLetter?: boolean;
+  readonly containsUppercaseLetter?: boolean;
+  readonly containsNumericCharacter?: boolean;
+  readonly containsNonAlphanumericCharacter?: boolean;
+  readonly passwordPolicy: PasswordPolicy;
+}
+
+export interface Persistence {
+  readonly type: 'SESSION' | 'LOCAL' | 'NONE' | 'COOKIE';
+}
+
+export type NextOrObserver<T> = NextFn<T | null> | Observer<T | null>;
+
+// Keep these quoted to match the firebase-js-sdk declaration text used by compare-types.
+// prettier-ignore
+export interface ParsedToken {
+  'exp'?: string;
+  'sub'?: string;
+  'auth_time'?: string;
+  'iat'?: string;
+  'firebase'?: {
+    'sign_in_provider'?: string;
+    'sign_in_second_factor'?: string;
+    'identities'?: Record<string, string>;
+  };
+  [key: string]: unknown;
+}
+
+export type UserProfile = Record<string, unknown>;
+
+export interface AdditionalUserInfo {
+  readonly isNewUser: boolean;
+  readonly profile: Record<string, unknown> | null;
+  readonly providerId: string | null;
+  readonly username?: string | null;
+}
+
+/**
+ * firebase-js-sdk `AdditionalUserInfo` fields plus any extra keys returned by the native bridge.
+ * Extra keys are preserved for backwards compatibility when native adds provider-specific fields.
+ */
+export type AdditionalUserInfoNative = AdditionalUserInfo & Record<string, unknown>;
+
+export interface UserInfo {
+  readonly displayName: string | null;
+  readonly email: string | null;
+  readonly phoneNumber: string | null;
+  readonly photoURL: string | null;
+  readonly providerId: string;
+  readonly uid: string;
+}
+
+export interface UserMetadata {
+  readonly creationTime?: string;
+  readonly lastSignInTime?: string;
+}
+
+export interface IdTokenResult {
+  authTime: string;
+  expirationTime: string;
+  issuedAtTime: string;
+  signInProvider: string | null;
+  signInSecondFactor: string | null;
+  token: string;
+  claims: ParsedToken;
+}
+
+export interface User extends UserInfo {
+  readonly emailVerified: boolean;
+  readonly isAnonymous: boolean;
+  readonly metadata: UserMetadata;
+  readonly providerData: UserInfo[];
+  readonly refreshToken: string;
+  readonly tenantId: string | null;
+  delete(): Promise<void>;
+  getIdToken(forceRefresh?: boolean): Promise<string>;
+  getIdTokenResult(forceRefresh?: boolean): Promise<IdTokenResult>;
+  reload(): Promise<void>;
+  toJSON(): object;
+}
+
+/**
+ * @remarks Modular helpers populate top-level `providerId` and `operationType`. When present,
+ * `additionalUserInfo` is enumerable and includes firebase-js-sdk fields plus any extra native keys.
+ */
+export interface UserCredential {
+  user: User;
+  providerId: string | null;
+  operationType: (typeof OperationType)[keyof typeof OperationType];
+  /**
+   * Present on modular sign-in results when the native bridge returns federated metadata.
+   * Includes firebase-js-sdk core fields; extra native keys are preserved at runtime — see
+   * {@link AdditionalUserInfoNative} and {@link getAdditionalUserInfo}.
+   */
+  additionalUserInfo?: AdditionalUserInfo;
+}
+
+export interface ConfirmationResult {
+  readonly verificationId: string;
+  confirm(verificationCode: string): Promise<UserCredential>;
+}
+
+export interface ActionCodeSettings {
+  android?: {
+    installApp?: boolean;
+    minimumVersion?: string;
+    packageName: string;
+  };
+  handleCodeInApp?: boolean;
+  iOS?: {
+    bundleId: string;
+  };
+  url: string;
+  dynamicLinkDomain?: string;
+  linkDomain?: string;
+}
+
+export interface ActionCodeInfo {
+  data: {
+    email?: string | null;
+    multiFactorInfo?: MultiFactorInfo | null;
+    previousEmail?: string | null;
+  };
+  operation: (typeof ActionCodeOperation)[keyof typeof ActionCodeOperation];
+}
+
+export interface MultiFactorAssertion {
+  readonly factorId: (typeof FactorId)[keyof typeof FactorId];
+}
+
+export interface MultiFactorInfo {
+  readonly uid: string;
+  readonly displayName?: string | null;
+  readonly enrollmentTime: string;
+  readonly factorId: (typeof FactorId)[keyof typeof FactorId];
+}
+
+export interface MultiFactorSession {}
+
+export interface MultiFactorResolver {
+  readonly hints: MultiFactorInfo[];
+  readonly session: MultiFactorSession;
+  resolveSignIn(assertion: MultiFactorAssertion): Promise<UserCredential>;
+}
+
+export interface MultiFactorUser {
+  readonly enrolledFactors: MultiFactorInfo[];
+  getSession(): Promise<MultiFactorSession>;
+  enroll(assertion: MultiFactorAssertion, displayName?: string | null): Promise<void>;
+  unenroll(option: MultiFactorInfo | string): Promise<void>;
+}
+
+export interface PhoneMultiFactorAssertion extends MultiFactorAssertion {}
+
+export interface PhoneMultiFactorEnrollInfoOptions {
+  phoneNumber: string;
+  session: MultiFactorSession;
+}
+
+export interface PhoneMultiFactorInfo extends MultiFactorInfo {
+  readonly phoneNumber: string;
+}
+
+export interface PhoneMultiFactorSignInInfoOptions {
+  multiFactorHint?: MultiFactorInfo;
+  multiFactorUid?: string;
+  session: MultiFactorSession;
+}
+
+export interface PhoneSingleFactorInfoOptions {
+  phoneNumber: string;
+}
+
+export type PhoneInfoOptions =
+  | PhoneSingleFactorInfoOptions
+  | PhoneMultiFactorEnrollInfoOptions
+  | PhoneMultiFactorSignInInfoOptions;
+
+export interface TotpMultiFactorAssertion extends MultiFactorAssertion {}
+
+export interface TotpMultiFactorInfo extends MultiFactorInfo {}