Add the internal auth interface including proactive refresh (#3655)

* Proactive refresh and internal SDK

* Fix tests for node

* Formatting

* Remove unused file

* PR feedback

* Formatting

Author: sam-gc

packages-exp/auth-exp/src/core/auth/auth_impl.ts

@@ -62,7 +62,9 @@ export class AuthImplCompat<T extends User> implements Auth, _FirebaseService {
   private authStateSubscription = new Subscription<T>(this);
   private idTokenSubscription = new Subscription<T>(this);
   private redirectUser: T | null = null;
+  private isProactiveRefreshEnabled = false;
   _isInitialized = false;
+  _initializationPromise: Promise<void> | null = null;
   _popupRedirectResolver: PopupRedirectResolver | null = null;
   readonly name: string;
 
@@ -86,7 +88,7 @@ export class AuthImplCompat<T extends User> implements Auth, _FirebaseService {
     persistenceHierarchy: Persistence[],
     popupRedirectResolver?: externs.PopupRedirectResolver
   ): Promise<void> {
-    return this.queue(async () => {
+    this._initializationPromise = this.queue(async () => {
       if (popupRedirectResolver) {
         this._popupRedirectResolver = _getInstance(popupRedirectResolver);
       }
@@ -101,6 +103,8 @@ export class AuthImplCompat<T extends User> implements Auth, _FirebaseService {
       this._isInitialized = true;
       this.notifyAuthListeners();
     });
+
+    return this._initializationPromise;
   }
 
   _createUser(params: UserParameters): T {
@@ -271,6 +275,20 @@ export class AuthImplCompat<T extends User> implements Auth, _FirebaseService {
     return `${this.config.authDomain}:${this.config.apiKey}:${this.name}`;
   }
 
+  _startProactiveRefresh(): void {
+    this.isProactiveRefreshEnabled = true;
+    if (this.currentUser) {
+      this.currentUser._startProactiveRefresh();
+    }
+  }
+
+  _stopProactiveRefresh(): void {
+    this.isProactiveRefreshEnabled = false;
+    if (this.currentUser) {
+      this.currentUser._stopProactiveRefresh();
+    }
+  }
+
   private notifyAuthListeners(): void {
     if (!this._isInitialized) {
       return;
@@ -313,6 +331,13 @@ export class AuthImplCompat<T extends User> implements Auth, _FirebaseService {
    * because the queue shouldn't rely on another queued callback.
    */
   private async directlySetCurrentUser(user: T | null): Promise<void> {
+    if (this.currentUser && this.currentUser !== user) {
+      this.currentUser._stopProactiveRefresh();
+      if (user && this.isProactiveRefreshEnabled) {
+        user._startProactiveRefresh();
+      }
+    }
+
     this.currentUser = user;
 
     if (user) {

packages-exp/auth-exp/src/core/auth/firebase_internal.test.ts

@@ -0,0 +1,174 @@
+/**
+ * @license
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import { expect } from 'chai';
+import * as sinon from 'sinon';
+
+import { testAuth, testUser } from '../../../test/helpers/mock_auth';
+import { Auth } from '../../model/auth';
+import { User } from '../../model/user';
+import { AuthInternal } from './firebase_internal';
+
+describe('src/core/auth/firebase_internal', () => {
+  let auth: Auth;
+  let authInternal: AuthInternal;
+  beforeEach(async () => {
+    auth = await testAuth();
+    authInternal = new AuthInternal(auth);
+  });
+
+  afterEach(() => {
+    sinon.restore();
+  });
+
+  context('getUid', () => {
+    it('returns null if currentUser is undefined', () => {
+      expect(authInternal.getUid()).to.be.null;
+    });
+
+    it('returns the uid of the user if set', async () => {
+      const user = testUser(auth, 'uid');
+      await auth.updateCurrentUser(user);
+      expect(authInternal.getUid()).to.eq('uid');
+    });
+  });
+
+  context('getToken', () => {
+    it('returns null if currentUser is undefined', async () => {
+      expect(await authInternal.getToken()).to.be.null;
+    });
+
+    it('returns the id token of the current user correctly', async () => {
+      const user = testUser(auth, 'uid');
+      await auth.updateCurrentUser(user);
+      user.stsTokenManager.accessToken = 'access-token';
+      user.stsTokenManager.expirationTime = Date.now() + 1000 * 60 * 60 * 24;
+      expect(await authInternal.getToken()).to.eql({
+        accessToken: 'access-token'
+      });
+    });
+  });
+
+  context('token listeners', () => {
+    let isProactiveRefresh = false;
+    let user: User;
+
+    beforeEach(async () => {
+      user = testUser(auth, 'uid', undefined, true);
+      await auth.updateCurrentUser(user);
+      sinon.stub(user.stsTokenManager, 'getToken').returns(
+        Promise.resolve({
+          accessToken: 'access-token',
+          refreshToken: 'refresh-tken',
+          wasRefreshed: true
+        })
+      );
+      sinon
+        .stub(user, '_startProactiveRefresh')
+        .callsFake(() => (isProactiveRefresh = true));
+      sinon
+        .stub(user, '_stopProactiveRefresh')
+        .callsFake(() => (isProactiveRefresh = false));
+    });
+
+    context('addAuthTokenListener', () => {
+      it('gets called with the token, starts proactive refresh', done => {
+        // The listener always fires first time. Ignore that one
+        let firstCall = true;
+        authInternal.addAuthTokenListener(token => {
+          if (firstCall) {
+            firstCall = false;
+            // eslint-disable-next-line @typescript-eslint/no-floating-promises
+            user.getIdToken(true);
+            return;
+          }
+
+          expect(token).to.eq('access-token');
+          expect(isProactiveRefresh).to.be.true;
+          done();
+        });
+      });
+
+      it('gets called on subsequent updates', async () => {
+        let tokenCount = 0;
+        authInternal.addAuthTokenListener(() => {
+          tokenCount++;
+        });
+
+        await user.getIdToken(true);
+        await user.getIdToken(true);
+        await user.getIdToken(true);
+        await user.getIdToken(true);
+
+        expect(tokenCount).to.eq(5);
+      });
+    });
+
+    context('removeAuthTokenListener', () => {
+      it('listeners no longer receive token updates', async () => {
+        let tokenCount = 0;
+        function listener(): void {
+          tokenCount++;
+        }
+        authInternal.addAuthTokenListener(listener);
+
+        await user.getIdToken(true);
+        expect(tokenCount).to.eq(2);
+        authInternal.removeAuthTokenListener(listener);
+        await user.getIdToken(true);
+        await user.getIdToken(true);
+        await user.getIdToken(true);
+        expect(tokenCount).to.eq(2);
+      });
+
+      it('toggles proactive refresh when listeners fall to 0', () => {
+        function listenerA(): void {}
+
+        authInternal.addAuthTokenListener(listenerA);
+        expect(isProactiveRefresh).to.be.true;
+        authInternal.removeAuthTokenListener(listenerA);
+        expect(isProactiveRefresh).to.be.false;
+      });
+
+      it('toggles proactive refresh when single listener subbed twice', () => {
+        function listenerA(): void {}
+
+        authInternal.addAuthTokenListener(listenerA);
+        authInternal.addAuthTokenListener(listenerA);
+        expect(isProactiveRefresh).to.be.true;
+        authInternal.removeAuthTokenListener(listenerA);
+        expect(isProactiveRefresh).to.be.false;
+      });
+
+      it('toggles proactive refresh properly multiple listeners', () => {
+        function listenerA(): void {}
+        function listenerB(): void {}
+
+        authInternal.addAuthTokenListener(listenerA);
+        authInternal.addAuthTokenListener(listenerB);
+        expect(isProactiveRefresh).to.be.true;
+        authInternal.removeAuthTokenListener(listenerA);
+        expect(isProactiveRefresh).to.be.true;
+        authInternal.removeAuthTokenListener(listenerB);
+        expect(isProactiveRefresh).to.be.false;
+
+        authInternal.addAuthTokenListener(listenerB);
+        expect(isProactiveRefresh).to.be.true;
+      });
+    });
+  });
+});

packages-exp/auth-exp/src/core/auth/firebase_internal.ts

@@ -0,0 +1,86 @@
+/**
+ * @license
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import { Unsubscribe } from '@firebase/util';
+
+import { Auth } from '../../model/auth';
+
+declare module '@firebase/component' {
+  interface NameServiceMapping {
+    'auth-internal-exp': AuthInternal;
+  }
+}
+
+interface TokenListener {
+  (tok: string | null): unknown;
+}
+
+export class AuthInternal {
+  private readonly internalListeners: Map<
+    TokenListener,
+    Unsubscribe
+  > = new Map();
+
+  constructor(private readonly auth: Auth) {}
+
+  getUid(): string | null {
+    return this.auth.currentUser?.uid || null;
+  }
+
+  async getToken(
+    forceRefresh?: boolean
+  ): Promise<{ accessToken: string } | null> {
+    await this.auth._initializationPromise;
+    if (!this.auth.currentUser) {
+      return null;
+    }
+
+    const accessToken = await this.auth.currentUser.getIdToken(forceRefresh);
+    return { accessToken };
+  }
+
+  addAuthTokenListener(listener: TokenListener): void {
+    if (this.internalListeners.has(listener)) {
+      return;
+    }
+
+    const unsubscribe = this.auth._onIdTokenChanged(user => {
+      listener(user?.stsTokenManager.accessToken || null);
+    });
+    this.internalListeners.set(listener, unsubscribe);
+    this.updateProactiveRefresh();
+  }
+
+  removeAuthTokenListener(listener: TokenListener): void {
+    const unsubscribe = this.internalListeners.get(listener);
+    if (!unsubscribe) {
+      return;
+    }
+
+    this.internalListeners.delete(listener);
+    unsubscribe();
+    this.updateProactiveRefresh();
+  }
+
+  private updateProactiveRefresh(): void {
+    if (this.internalListeners.size > 0) {
+      this.auth._startProactiveRefresh();
+    } else {
+      this.auth._stopProactiveRefresh();
+    }
+  }
+}

packages-exp/auth-exp/src/core/auth/register.ts

@@ -24,13 +24,16 @@ import { AuthErrorCode } from '../errors';
 import { assert } from '../util/assert';
 import { _getClientVersion, ClientPlatform } from '../util/version';
 import {
+  _castAuth,
   AuthImpl,
   DEFAULT_API_HOST,
   DEFAULT_API_SCHEME,
   DEFAULT_TOKEN_API_HOST
 } from './auth_impl';
+import { AuthInternal } from './firebase_internal';
 
 export const _AUTH_COMPONENT_NAME = 'auth-exp';
+export const _AUTH_INTERNAL_COMPONENT_NAME = 'auth-internal-exp';
 
 function getVersionForPlatform(
   clientPlatform: ClientPlatform
@@ -70,6 +73,20 @@ export function registerAuth(clientPlatform: ClientPlatform): void {
       ComponentType.PUBLIC
     )
   );
+
+  _registerComponent(
+    new Component(
+      _AUTH_INTERNAL_COMPONENT_NAME,
+      container => {
+        const auth = _castAuth(
+          container.getProvider(_AUTH_COMPONENT_NAME).getImmediate()!
+        );
+        return (auth => new AuthInternal(auth))(auth);
+      },
+      ComponentType.PRIVATE
+    )
+  );
+
   registerVersion(
     _AUTH_COMPONENT_NAME,
     version,