@umituz/web-firebase 3.0.1 → 3.2.1

package/src/domains/auth/services/auth.service.ts

@@ -1,162 +1,117 @@
 /**
  * Auth Service
- * @description Firebase Auth implementation of IAuthService
+ * @description Firebase Auth service with Google & Apple OAuth
+ * Facade pattern using AuthAdapter
  */
 
-import {
-  signInWithEmailAndPassword,
-  signInWithPopup,
-  createUserWithEmailAndPassword,
-  signOut as firebaseSignOut,
-  sendPasswordResetEmail,
-  sendEmailVerification,
-  updateProfile as updateAuthProfile,
-  updateEmail as updateAuthEmail,
-  updatePassword as updateAuthPassword,
-  reauthenticateWithCredential,
-  EmailAuthProvider,
-  UserCredential,
-} from 'firebase/auth'
-import { GoogleAuthProvider } from 'firebase/auth'
-import { getFirebaseAuth } from '../../../infrastructure/firebase/client'
-import type { IAuthService } from '../types'
+import type { UserCredential } from 'firebase/auth'
 import type { AuthUser } from '../entities'
+import type { IAuthService } from '../types'
+import { authAdapter } from '../../../infrastructure/firebase/auth.adapter'
 
+/**
+ * Auth Service
+ * Implements IAuthService interface using AuthAdapter
+ */
 class AuthService implements IAuthService {
-  private get auth() {
-    return getFirebaseAuth()
-  }
-
-  // Authentication Methods
+  // ==================== Authentication Methods ====================
 
   async signIn(email: string, password: string): Promise<UserCredential> {
-    try {
-      return await signInWithEmailAndPassword(this.auth, email, password)
-    } catch (error) {
-      throw this.handleAuthError(error)
-    }
+    return await authAdapter.signIn(email, password)
   }
 
   async signUp(email: string, password: string, displayName: string): Promise<UserCredential> {
-    try {
-      const result = await createUserWithEmailAndPassword(this.auth, email, password)
-
-      // Update profile
-      await updateAuthProfile(result.user, { displayName })
-
-      // Send email verification
-      await sendEmailVerification(result.user)
-
-      return result
-    } catch (error) {
-      throw this.handleAuthError(error)
-    }
+    return await authAdapter.signUp(email, password, displayName)
   }
 
-  async signInWithGoogle(): Promise<UserCredential> {
-    try {
-      const provider = new GoogleAuthProvider()
-      provider.addScope('profile')
-      provider.addScope('email')
+  /**
+   * Sign in with Google
+   */
+  async signInWithGoogle(useRedirect = false): Promise<UserCredential> {
+    return await authAdapter.signInWithGoogle(useRedirect)
+  }
 
-      return await signInWithPopup(this.auth, provider)
-    } catch (error) {
-      throw this.handleAuthError(error)
-    }
+  /**
+   * Sign in with Apple
+   */
+  async signInWithApple(useRedirect = false): Promise<UserCredential> {
+    return await authAdapter.signInWithApple(useRedirect)
   }
 
   async signOut(): Promise<void> {
-    try {
-      await firebaseSignOut(this.auth)
-    } catch (error) {
-      throw new Error('Sign out failed')
-    }
+    await authAdapter.signOut()
   }
 
   async sendPasswordReset(email: string): Promise<void> {
-    try {
-      await sendPasswordResetEmail(this.auth, email)
-    } catch (error) {
-      throw this.handleAuthError(error)
-    }
+    await authAdapter.sendPasswordReset(email)
   }
 
   async resendEmailVerification(): Promise<void> {
-    try {
-      const user = this.auth.currentUser
-      if (!user) {
-        throw new Error('No user logged in')
-      }
-      await sendEmailVerification(user)
-    } catch (error) {
-      throw new Error('Failed to resend verification')
-    }
+    await authAdapter.resendEmailVerification()
   }
 
-  // Profile Management
+  // ==================== Profile Management ====================
 
   async updateProfile(updates: { displayName?: string; photoURL?: string }): Promise<void> {
-    try {
-      const user = this.auth.currentUser
-      if (!user) {
-        throw new Error('No user logged in')
-      }
-
-      await updateAuthProfile(user, updates)
-    } catch (error) {
-      throw new Error('Profile update failed')
-    }
+    await authAdapter.updateProfile(updates)
   }
 
   async updateEmail(newEmail: string, password: string): Promise<void> {
-    try {
-      const user = this.auth.currentUser
-      if (!user || !user.email) {
-        throw new Error('No user logged in')
-      }
-
-      const credential = EmailAuthProvider.credential(user.email, password)
-      await reauthenticateWithCredential(user, credential)
-      await updateAuthEmail(user, newEmail)
-    } catch (error) {
-      throw new Error('Email update failed')
-    }
+    await authAdapter.updateEmail(newEmail, password)
   }
 
   async updatePassword(currentPassword: string, newPassword: string): Promise<void> {
-    try {
-      const user = this.auth.currentUser
-      if (!user || !user.email) {
-        throw new Error('No user logged in')
-      }
-
-      const credential = EmailAuthProvider.credential(user.email, currentPassword)
-      await reauthenticateWithCredential(user, credential)
-      await updateAuthPassword(user, newPassword)
-    } catch (error) {
-      throw new Error('Password update failed')
-    }
+    await authAdapter.updatePassword(currentPassword, newPassword)
   }
 
   async deleteAccount(password: string): Promise<void> {
-    try {
-      const user = this.auth.currentUser
-      if (!user || !user.email) {
-        throw new Error('No user logged in')
-      }
-
-      const credential = EmailAuthProvider.credential(user.email, password)
-      await reauthenticateWithCredential(user, credential)
-      await user.delete()
-    } catch (error) {
-      throw new Error('Account deletion failed')
-    }
+    await authAdapter.deleteAccount(password)
+  }
+
+  // ==================== Provider Linking ====================
+
+  /**
+   * Link Google to current user
+   */
+  async linkGoogle(): Promise<UserCredential> {
+    return await authAdapter.linkGoogle()
+  }
+
+  /**
+   * Link Apple to current user
+   */
+  async linkApple(): Promise<UserCredential> {
+    return await authAdapter.linkApple()
   }
 
-  // State Management
+  /**
+   * Unlink a provider from current user
+   */
+  async unlinkProvider(providerId: string): Promise<void> {
+    await authAdapter.unlinkProvider(providerId)
+  }
+
+  // ==================== Token Management ====================
+
+  /**
+   * Get ID Token
+   */
+  async getIdToken(forceRefresh = false): Promise<string> {
+    return await authAdapter.getIdToken(forceRefresh)
+  }
+
+  /**
+   * Refresh ID Token
+   */
+  async refreshToken(): Promise<void> {
+    await authAdapter.refreshToken()
+  }
+
+  // ==================== State Management ====================
 
   getCurrentUser(): AuthUser | null {
-    const user = this.auth.currentUser
+    const user = authAdapter.getCurrentUser()
+
     if (!user) return null
 
     return {
@@ -180,7 +135,7 @@ class AuthService implements IAuthService {
     callback: (user: AuthUser | null) => void,
     onError?: (error: Error) => void
   ): () => void {
-    return this.auth.onAuthStateChanged(
+    return authAdapter.onAuthStateChanged(
       (user) => {
         callback(
           user
@@ -202,43 +157,9 @@ class AuthService implements IAuthService {
             : null
         )
       },
-      (error) => {
-        onError?.(error as Error)
-      }
+      onError
     )
   }
-
-  /**
-   * Handle Firebase Auth errors
-   */
-  private handleAuthError(error: unknown): Error {
-    if (error instanceof Error && 'code' in error) {
-      const code = (error as { code: string }).code
-
-      switch (code) {
-        case 'auth/user-not-found':
-        case 'auth/wrong-password':
-        case 'auth/invalid-credential':
-          return new Error('Invalid credentials')
-        case 'auth/email-already-in-use':
-          return new Error('Email already in use')
-        case 'auth/weak-password':
-          return new Error('Password is too weak')
-        case 'auth/invalid-email':
-          return new Error('Invalid email')
-        case 'auth/user-disabled':
-          return new Error('Account disabled')
-        case 'auth/too-many-requests':
-          return new Error('Too many requests')
-        case 'auth/popup-closed-by-user':
-          return new Error('Sign in cancelled')
-        default:
-          return new Error(`Auth error: ${code}`)
-      }
-    }
-
-    return new Error('Unknown auth error')
-  }
 }
 
 // Export class and singleton instance

package/src/infrastructure/firebase/auth.adapter.ts

@@ -1,7 +1,6 @@
 /**
  * Auth Adapter
- * @description Firebase Auth implementation of IAuthRepository
- * Migrated from: /Users/umituz/Desktop/github/umituz/apps/web/app-growth-factory/src/domains/firebase/services/auth.ts
+ * @description Firebase Auth implementation with Google & Apple OAuth support
  */
 
 import {
@@ -18,21 +17,40 @@ import {
   EmailAuthProvider,
   User as FirebaseUser,
   UserCredential,
+  GoogleAuthProvider,
+  OAuthProvider,
+  signInWithRedirect,
+  getRedirectResult,
+  linkWithPopup,
+  unlink as firebaseUnlink,
 } from 'firebase/auth'
-import { GoogleAuthProvider } from 'firebase/auth'
 import { getFirebaseAuth } from './client'
 import type { IAuthRepository } from '../../domain/interfaces/auth.repository.interface'
 import type { User } from '../../domain/entities/user.entity'
 import { createAuthError, AuthErrorCode } from '../../domain/errors/auth.errors'
+import { getAuthConfig } from '../../domain/config/auth.config'
 
+/**
+ * Auth Adapter
+ * Implements IAuthRepository with Google & Apple OAuth support
+ */
 export class AuthAdapter implements IAuthRepository {
   private get auth() {
     return getFirebaseAuth()
   }
 
-  // Authentication Methods
+  private config = getAuthConfig()
+
+  // ==================== Authentication Methods ====================
 
   async signIn(email: string, password: string): Promise<UserCredential> {
+    if (!this.config.isEmailPasswordEnabled()) {
+      throw createAuthError(
+        AuthErrorCode.UNKNOWN,
+        'Email/password authentication is disabled'
+      )
+    }
+
     try {
       return await signInWithEmailAndPassword(this.auth, email, password)
     } catch (error) {
@@ -41,14 +59,23 @@ export class AuthAdapter implements IAuthRepository {
   }
 
   async signUp(email: string, password: string, displayName: string): Promise<UserCredential> {
+    if (!this.config.isEmailPasswordEnabled()) {
+      throw createAuthError(
+        AuthErrorCode.UNKNOWN,
+        'Email/password authentication is disabled'
+      )
+    }
+
     try {
       const result = await createUserWithEmailAndPassword(this.auth, email, password)
 
       // Update profile
       await updateAuthProfile(result.user, { displayName })
 
-      // Send email verification
-      await sendEmailVerification(result.user)
+      // Send email verification if required
+      if (this.config.getConfig().requireEmailVerification) {
+        await sendEmailVerification(result.user)
+      }
 
       return result
     } catch (error) {
@@ -56,13 +83,72 @@ export class AuthAdapter implements IAuthRepository {
     }
   }
 
-  async signInWithGoogle(): Promise<UserCredential> {
+  /**
+   * Sign in with Google
+   * @param useRedirect - Whether to use redirect flow instead of popup (default: false)
+   */
+  async signInWithGoogle(useRedirect = false): Promise<UserCredential> {
+    if (!this.config.isGoogleEnabled()) {
+      throw createAuthError(
+        AuthErrorCode.UNKNOWN,
+        'Google authentication is disabled'
+      )
+    }
+
     try {
       const provider = new GoogleAuthProvider()
-      provider.addScope('profile')
-      provider.addScope('email')
+      const config = this.config.getConfig()
+
+      // Add scopes
+      if (config.googleScopes) {
+        config.googleScopes.forEach((scope) => provider.addScope(scope))
+      }
+
+      // Add custom parameters
+      if (config.googleCustomParameters) {
+        provider.setCustomParameters(config.googleCustomParameters)
+      }
+
+      if (useRedirect) {
+        await signInWithRedirect(this.auth, provider)
+        const result = await getRedirectResult(this.auth)
+        if (!result) {
+          throw createAuthError(AuthErrorCode.UNKNOWN, 'No redirect result found')
+        }
+        return result
+      } else {
+        return await signInWithPopup(this.auth, provider)
+      }
+    } catch (error) {
+      throw this.handleAuthError(error)
+    }
+  }
+
+  /**
+   * Sign in with Apple
+   * @param useRedirect - Whether to use redirect flow instead of popup (default: false)
+   */
+  async signInWithApple(useRedirect = false): Promise<UserCredential> {
+    if (!this.config.isAppleEnabled()) {
+      throw createAuthError(
+        AuthErrorCode.UNKNOWN,
+        'Apple authentication is disabled'
+      )
+    }
+
+    try {
+      const provider = new OAuthProvider('apple.com')
 
-      return await signInWithPopup(this.auth, provider)
+      if (useRedirect) {
+        await signInWithRedirect(this.auth, provider)
+        const result = await getRedirectResult(this.auth)
+        if (!result) {
+          throw createAuthError(AuthErrorCode.UNKNOWN, 'No redirect result found')
+        }
+        return result
+      } else {
+        return await signInWithPopup(this.auth, provider)
+      }
     } catch (error) {
       throw this.handleAuthError(error)
     }
@@ -96,7 +182,7 @@ export class AuthAdapter implements IAuthRepository {
     }
   }
 
-  // Profile Management
+  // ==================== Profile Management ====================
 
   async updateProfile(
     updates: Partial<Pick<User['profile'], 'displayName' | 'photoURL'>>
@@ -158,7 +244,77 @@ export class AuthAdapter implements IAuthRepository {
     }
   }
 
-  // State Management
+  // ==================== Provider Linking ====================
+
+  /**
+   * Link Google to current user
+   */
+  async linkGoogle(): Promise<UserCredential> {
+    if (!this.config.isGoogleEnabled()) {
+      throw createAuthError(AuthErrorCode.UNKNOWN, 'Google authentication is disabled')
+    }
+
+    try {
+      const user = this.auth.currentUser
+      if (!user) {
+        throw createAuthError(AuthErrorCode.UNAUTHENTICATED, 'No user logged in')
+      }
+
+      const provider = new GoogleAuthProvider()
+      const config = this.config.getConfig()
+
+      if (config.googleScopes) {
+        config.googleScopes.forEach((scope) => provider.addScope(scope))
+      }
+
+      if (config.googleCustomParameters) {
+        provider.setCustomParameters(config.googleCustomParameters)
+      }
+
+      return await linkWithPopup(user, provider)
+    } catch (error) {
+      throw this.handleAuthError(error)
+    }
+  }
+
+  /**
+   * Link Apple to current user
+   */
+  async linkApple(): Promise<UserCredential> {
+    if (!this.config.isAppleEnabled()) {
+      throw createAuthError(AuthErrorCode.UNKNOWN, 'Apple authentication is disabled')
+    }
+
+    try {
+      const user = this.auth.currentUser
+      if (!user) {
+        throw createAuthError(AuthErrorCode.UNAUTHENTICATED, 'No user logged in')
+      }
+
+      const provider = new OAuthProvider('apple.com')
+      return await linkWithPopup(user, provider)
+    } catch (error) {
+      throw this.handleAuthError(error)
+    }
+  }
+
+  /**
+   * Unlink a provider from current user
+   */
+  async unlinkProvider(providerId: string): Promise<FirebaseUser> {
+    try {
+      const user = this.auth.currentUser
+      if (!user) {
+        throw createAuthError(AuthErrorCode.UNAUTHENTICATED, 'No user logged in')
+      }
+
+      return await firebaseUnlink(user, providerId)
+    } catch (error) {
+      throw createAuthError(AuthErrorCode.UNKNOWN, 'Failed to unlink provider', error)
+    }
+  }
+
+  // ==================== State Management ====================
 
   getCurrentUser(): FirebaseUser | null {
     return this.auth.currentUser
@@ -168,8 +324,37 @@ export class AuthAdapter implements IAuthRepository {
     return this.auth.onAuthStateChanged(callback)
   }
 
-  // Note: User document operations should be handled by UserAdapter
-  // These methods are part of IAuthRepository interface but should be implemented separately
+  // ==================== Token Management ====================
+
+  async getIdToken(forceRefresh = false): Promise<string> {
+    try {
+      const user = this.auth.currentUser
+      if (!user) {
+        throw createAuthError(AuthErrorCode.UNAUTHENTICATED, 'No user logged in')
+      }
+
+      return await user.getIdToken(forceRefresh)
+    } catch (error) {
+      throw createAuthError(AuthErrorCode.UNKNOWN, 'Failed to get ID token', error)
+    }
+  }
+
+  async refreshToken(): Promise<void> {
+    try {
+      const user = this.auth.currentUser
+      if (!user) {
+        throw createAuthError(AuthErrorCode.UNAUTHENTICATED, 'No user logged in')
+      }
+
+      await user.getIdToken(true)
+    } catch (error) {
+      throw createAuthError(AuthErrorCode.UNKNOWN, 'Failed to refresh token', error)
+    }
+  }
+
+  // ==================== Note ====================
+  // User document operations should be handled by UserAdapter
+
   async createUserDocument(
     _userId: string,
     _data: Partial<Omit<User, 'profile'>> & { email: string; displayName: string }
@@ -181,6 +366,8 @@ export class AuthAdapter implements IAuthRepository {
     throw new Error('updateLastLogin should be handled by UserAdapter')
   }
 
+  // ==================== Error Handling ====================
+
   /**
    * Handle Firebase Auth errors
    */
@@ -218,3 +405,6 @@ export class AuthAdapter implements IAuthRepository {
     return createAuthError(AuthErrorCode.UNKNOWN, 'Unknown auth error', error)
   }
 }
+
+// Export singleton instance
+export const authAdapter = new AuthAdapter()

package/src/infrastructure/firebase/client.ts

@@ -12,13 +12,13 @@ import { getAnalytics, Analytics } from 'firebase/analytics'
 import { getFunctions, Functions } from 'firebase/functions'
 
 const firebaseConfig = {
-  apiKey: process.env.VITE_FIREBASE_API_KEY,
-  authDomain: process.env.VITE_FIREBASE_AUTH_DOMAIN,
-  projectId: process.env.VITE_FIREBASE_PROJECT_ID,
-  storageBucket: process.env.VITE_FIREBASE_STORAGE_BUCKET,
-  messagingSenderId: process.env.VITE_FIREBASE_MESSAGING_SENDER_ID,
-  appId: process.env.VITE_FIREBASE_APP_ID,
-  measurementId: process.env.VITE_FIREBASE_MEASUREMENT_ID,
+  apiKey: import.meta.env.VITE_FIREBASE_API_KEY,
+  authDomain: import.meta.env.VITE_FIREBASE_AUTH_DOMAIN,
+  projectId: import.meta.env.VITE_FIREBASE_PROJECT_ID,
+  storageBucket: import.meta.env.VITE_FIREBASE_STORAGE_BUCKET,
+  messagingSenderId: import.meta.env.VITE_FIREBASE_MESSAGING_SENDER_ID,
+  appId: import.meta.env.VITE_FIREBASE_APP_ID,
+  measurementId: import.meta.env.VITE_FIREBASE_MEASUREMENT_ID,
 }
 
 // Singleton instances