Revert "feat: enables OIDC auth code flow (#522)"

This reverts commit 42bb217.

Author: hiranya911

src/main/java/com/google/firebase/auth/OidcProviderConfig.java

@@ -18,11 +18,8 @@
 
 import static com.google.common.base.Preconditions.checkArgument;
 
-import com.google.api.client.json.GenericJson;
 import com.google.api.client.util.Key;
 import com.google.common.base.Strings;
-import java.util.HashMap;
-import java.util.Map;
 
 /**
  * Contains metadata associated with an OIDC Auth provider.
@@ -34,35 +31,17 @@ public final class OidcProviderConfig extends ProviderConfig {
   @Key("clientId")
   private String clientId;
 
-  @Key("clientSecret")
-  private String clientSecret;
-
   @Key("issuer")
   private String issuer;
 
-  @Key("responseType")
-  private GenericJson responseType;
-
   public String getClientId() {
     return clientId;
   }
 
-  public String getClientSecret() {
-    return clientSecret;
-  }
-
   public String getIssuer() {
     return issuer;
   }
 
-  public boolean isCodeResponseType() {
-    return (responseType.containsKey("code") && (boolean) responseType.get("code"));
-  }
-
-  public boolean isIdTokenResponseType() {
-    return (responseType.containsKey("idToken") && (boolean) responseType.get("idToken"));
-  }
-
   /**
    * Returns a new {@link UpdateRequest}, which can be used to update the attributes of this
    * provider config.
@@ -79,13 +58,6 @@ static void checkOidcProviderId(String providerId) {
         "Invalid OIDC provider ID (must be prefixed with 'oidc.'): " + providerId);
   }
 
-  static Map<String, Boolean> ensureResponseType(Map<String,Object> properties) {
-    if (properties.get("responseType") == null) {
-      properties.put("responseType", new HashMap<String, Boolean>());
-    }
-    return (Map<String, Boolean>) properties.get("responseType");
-  }
-
   /**
    * A specification class for creating a new OIDC Auth provider.
    *
@@ -127,19 +99,6 @@ public CreateRequest setClientId(String clientId) {
       return this;
     }
 
-    /**
-     * Sets the client secret for the new provider. This is required for the code flow.
-     *
-     * @param clientSecret A non-null, non-empty client secret string.
-     * @throws IllegalArgumentException If the client secret is null or empty.
-     */
-    public CreateRequest setClientSecret(String clientSecret) {
-      checkArgument(!Strings.isNullOrEmpty(clientSecret),
-          "Client Secret must not be null or empty.");
-      properties.put("clientSecret", clientSecret);
-      return this;
-    }
-
     /**
      * Sets the issuer for the new provider.
      *
@@ -154,36 +113,6 @@ public CreateRequest setIssuer(String issuer) {
       return this;
     }
 
-    /**
-     * Sets whether to enable the code response flow for the new provider. By default, this is not
-     * enabled if no response type is specified.
-     *
-     * <p>A client secret must be set for this response type.
-     *
-     * <p>Having both the code and ID token response flows is currently not supported.
-     *
-     * @param enabled A boolean signifying whether the code response type is supported.
-     */
-    public CreateRequest setCodeResponseType(boolean enabled) {
-      Map<String, Boolean> map = ensureResponseType(properties);
-      map.put("code", enabled);
-      return this;
-    }
-
-    /**
-     * Sets whether to enable the ID token response flow for the new provider. By default, this is
-     * enabled if no response type is specified.
-     *
-     * <p>Having both the code and ID token response flows is currently not supported.
-     *
-     * @param enabled A boolean signifying whether the ID token response type is supported.
-     */
-    public CreateRequest setIdTokenResponseType(boolean enabled) {
-      Map<String, Boolean> map = ensureResponseType(properties);
-      map.put("idToken", enabled);
-      return this;
-    }
-
     CreateRequest getThis() {
       return this;
     }
@@ -227,19 +156,6 @@ public UpdateRequest setClientId(String clientId) {
       return this;
     }
 
-    /**
-     * Sets the client secret for the new provider. This is required for the code flow.
-     *
-     * @param clientSecret A non-null, non-empty client secret string.
-     * @throws IllegalArgumentException If the client secret is null or empty.
-     */
-    public UpdateRequest setClientSecret(String clientSecret) {
-      checkArgument(!Strings.isNullOrEmpty(clientSecret),
-          "Client Secret must not be null or empty.");
-      properties.put("clientSecret", clientSecret);
-      return this;
-    }
-
     /**
      * Sets the issuer for the existing provider.
      *
@@ -254,36 +170,6 @@ public UpdateRequest setIssuer(String issuer) {
       return this;
     }
 
-    /**
-     * Sets whether to enable the code response flow for the new provider. By default, this is not
-     * enabled if no response type is specified.
-     *
-     * <p>A client secret must be set for this response type.
-     *
-     * <p>Having both the code and ID token response flows is currently not supported.
-     *
-     * @param enabled A boolean signifying whether the code response type is supported.
-     */
-    public UpdateRequest setCodeResponseType(boolean enabled) {
-      Map<String, Boolean> map = ensureResponseType(properties);
-      map.put("code", enabled);
-      return this;
-    }
-
-    /**
-     * Sets whether to enable the ID token response flow for the new provider. By default, this is
-     * enabled if no response type is specified.
-     *
-     * <p>Having both the code and ID token response flows is currently not supported.
-     *
-     * @param enabled A boolean signifying whether the ID token response type is supported.
-     */
-    public UpdateRequest setIdTokenResponseType(boolean enabled) {
-      Map<String, Boolean> map = ensureResponseType(properties);
-      map.put("idToken", enabled);
-      return this;
-    }
-
     UpdateRequest getThis() {
       return this;
     }

src/test/java/com/google/firebase/auth/FirebaseAuthIT.java

@@ -792,51 +792,34 @@ public void testOidcProviderConfigLifecycle() throws Exception {
             .setDisplayName("DisplayName")
             .setEnabled(true)
             .setClientId("ClientId")
-            .setClientSecret("ClientSecret")
-            .setIssuer("https://oidc.com/issuer")
-            .setCodeResponseType(true)
-            .setIdTokenResponseType(false));
-
+            .setIssuer("https://oidc.com/issuer"));
     assertEquals(providerId, config.getProviderId());
     assertEquals("DisplayName", config.getDisplayName());
     assertTrue(config.isEnabled());
     assertEquals("ClientId", config.getClientId());
-    assertEquals("ClientSecret", config.getClientSecret());
     assertEquals("https://oidc.com/issuer", config.getIssuer());
-    assertTrue(config.isCodeResponseType());
-    assertFalse(config.isIdTokenResponseType());
 
     // Get provider config
     config = auth.getOidcProviderConfigAsync(providerId).get();
     assertEquals(providerId, config.getProviderId());
     assertEquals("DisplayName", config.getDisplayName());
     assertTrue(config.isEnabled());
     assertEquals("ClientId", config.getClientId());
-    assertEquals("ClientSecret", config.getClientSecret());
     assertEquals("https://oidc.com/issuer", config.getIssuer());
-    assertTrue(config.isCodeResponseType());
-    assertFalse(config.isIdTokenResponseType());
 
     // Update provider config
     OidcProviderConfig.UpdateRequest updateRequest =
         new OidcProviderConfig.UpdateRequest(providerId)
             .setDisplayName("NewDisplayName")
             .setEnabled(false)
             .setClientId("NewClientId")
-            .setClientSecret("NewClientSecret")
-            .setIssuer("https://oidc.com/new-issuer")
-            .setCodeResponseType(false)
-            .setIdTokenResponseType(true);
-
+            .setIssuer("https://oidc.com/new-issuer");
     config = auth.updateOidcProviderConfigAsync(updateRequest).get();
     assertEquals(providerId, config.getProviderId());
     assertEquals("NewDisplayName", config.getDisplayName());
     assertFalse(config.isEnabled());
     assertEquals("NewClientId", config.getClientId());
-    assertEquals("NewClientSecret", config.getClientSecret());
     assertEquals("https://oidc.com/new-issuer", config.getIssuer());
-    assertTrue(config.isIdTokenResponseType());
-    assertFalse(config.isCodeResponseType());
 
     // Delete provider config
     temporaryProviderConfig.deleteOidcProviderConfig(providerId);

src/test/java/com/google/firebase/auth/FirebaseUserManagerTest.java

@@ -1615,10 +1615,7 @@ public void testCreateOidcProvider() throws Exception {
             .setDisplayName("DISPLAY_NAME")
             .setEnabled(true)
             .setClientId("CLIENT_ID")
-            .setClientSecret("CLIENT_SECRET")
-            .setIssuer("https://oidc.com/issuer")
-            .setCodeResponseType(true)
-            .setIdTokenResponseType(true);
+            .setIssuer("https://oidc.com/issuer");
 
     OidcProviderConfig config = FirebaseAuth.getInstance().createOidcProviderConfig(createRequest);
 
@@ -1629,13 +1626,7 @@ public void testCreateOidcProvider() throws Exception {
     assertEquals("DISPLAY_NAME", parsed.get("displayName"));
     assertTrue((boolean) parsed.get("enabled"));
     assertEquals("CLIENT_ID", parsed.get("clientId"));
-    assertEquals("CLIENT_SECRET", parsed.get("clientSecret"));
     assertEquals("https://oidc.com/issuer", parsed.get("issuer"));
-
-    Map<String, Boolean> responseType = (Map<String, Boolean>) parsed.get("responseType");
-    assertTrue(responseType.get("code"));
-    assertTrue(responseType.get("idToken"));
-
     GenericUrl url = interceptor.getResponse().getRequest().getUrl();
     assertEquals("oidc.provider-id", url.getFirst("oauthIdpConfigId"));
   }
@@ -1649,10 +1640,7 @@ public void testCreateOidcProviderAsync() throws Exception {
             .setDisplayName("DISPLAY_NAME")
             .setEnabled(true)
             .setClientId("CLIENT_ID")
-            .setClientSecret("CLIENT_SECRET")
-            .setIssuer("https://oidc.com/issuer")
-            .setCodeResponseType(true)
-            .setIdTokenResponseType(true);
+            .setIssuer("https://oidc.com/issuer");
 
     OidcProviderConfig config =
         FirebaseAuth.getInstance().createOidcProviderConfigAsync(createRequest).get();
@@ -1664,13 +1652,7 @@ public void testCreateOidcProviderAsync() throws Exception {
     assertEquals("DISPLAY_NAME", parsed.get("displayName"));
     assertTrue((boolean) parsed.get("enabled"));
     assertEquals("CLIENT_ID", parsed.get("clientId"));
-    assertEquals("CLIENT_SECRET", parsed.get("clientSecret"));
     assertEquals("https://oidc.com/issuer", parsed.get("issuer"));
-
-    Map<String, Boolean> responseType = (Map<String, Boolean>) parsed.get("responseType");
-    assertTrue(responseType.get("code"));
-    assertTrue(responseType.get("idToken"));
-
     GenericUrl url = interceptor.getResponse().getRequest().getUrl();
     assertEquals("oidc.provider-id", url.getFirst("oauthIdpConfigId"));
   }
@@ -1873,10 +1855,7 @@ public void testTenantAwareUpdateOidcProvider() throws Exception {
             .setDisplayName("DISPLAY_NAME")
             .setEnabled(true)
             .setClientId("CLIENT_ID")
-            .setClientSecret("CLIENT_SECRET")
-            .setIssuer("https://oidc.com/issuer")
-            .setCodeResponseType(true)
-            .setIdTokenResponseType(true);
+            .setIssuer("https://oidc.com/issuer");
 
     OidcProviderConfig config = tenantAwareAuth.updateOidcProviderConfig(request);
 
@@ -1885,18 +1864,12 @@ public void testTenantAwareUpdateOidcProvider() throws Exception {
     String expectedUrl = TENANTS_BASE_URL + "/TENANT_ID/oauthIdpConfigs/oidc.provider-id";
     checkUrl(interceptor, "PATCH", expectedUrl);
     GenericUrl url = interceptor.getResponse().getRequest().getUrl();
-    assertEquals("clientId,clientSecret,displayName,enabled,issuer,responseType.code,"
-        + "responseType.idToken", url.getFirst("updateMask"));
+    assertEquals("clientId,displayName,enabled,issuer", url.getFirst("updateMask"));
     GenericJson parsed = parseRequestContent(interceptor);
     assertEquals("DISPLAY_NAME", parsed.get("displayName"));
     assertTrue((boolean) parsed.get("enabled"));
     assertEquals("CLIENT_ID", parsed.get("clientId"));
-    assertEquals("CLIENT_SECRET", parsed.get("clientSecret"));
     assertEquals("https://oidc.com/issuer", parsed.get("issuer"));
-
-    Map<String, Boolean> responseType = (Map<String, Boolean>) parsed.get("responseType");
-    assertTrue(responseType.get("code"));
-    assertTrue(responseType.get("idToken"));
   }
 
   @Test
@@ -2975,10 +2948,7 @@ private static void checkOidcProviderConfig(OidcProviderConfig config, String pr
     assertEquals("DISPLAY_NAME", config.getDisplayName());
     assertTrue(config.isEnabled());
     assertEquals("CLIENT_ID", config.getClientId());
-    assertEquals("CLIENT_SECRET", config.getClientSecret());
     assertEquals("https://oidc.com/issuer", config.getIssuer());
-    assertTrue(config.isCodeResponseType());
-    assertFalse(config.isIdTokenResponseType());
   }
 
   private static void checkSamlProviderConfig(SamlProviderConfig config, String providerId) {
@@ -3010,4 +2980,5 @@ private static void checkUrl(TestResponseInterceptor interceptor, String method,
   private interface UserManagerOp {
     void call(FirebaseAuth auth) throws Exception;
   }
+
 }