Add more cordova event handling

Author: sam-gc

packages-exp/auth-exp/src/core/persistence/persistence_user_manager.ts

@@ -24,6 +24,7 @@ import { inMemoryPersistence } from './in_memory';
 
 export const enum KeyName {
   AUTH_USER = 'authUser',
+  AUTH_EVENT = 'authEvent',
   REDIRECT_USER = 'redirectUser',
   PERSISTENCE_USER = 'persistence'
 }

packages-exp/auth-exp/src/platform_cordova/popup_redirect/events.test.ts

@@ -15,17 +15,29 @@
  * limitations under the License.
  */
 
-import { FirebaseError } from '@firebase/util';
-import { expect } from 'chai';
+ import * as sinonChai from 'sinon-chai';
+import * as sinon from 'sinon';
+import { FirebaseError, querystring } from '@firebase/util';
+import { expect, use } from 'chai';
 import { testAuth, TestAuth } from '../../../test/helpers/mock_auth';
-import { AuthEventType } from '../../model/popup_redirect';
-import { _generateNewEvent } from './events';
+import { AuthEvent, AuthEventType } from '../../model/popup_redirect';
+import { _eventFromPartialAndUrl, _generateNewEvent, _getAndRemoveEvent, _getDeepLinkFromCallback, _savePartialEvent } from './events';
+import { _createError } from '../../core/util/assert';
+import { AuthErrorCode } from '../../core/errors';
+
+use(sinonChai);
 
 describe('platform_cordova/popup_redirect/events', () => {
   let auth: TestAuth;
+  let storageStub: sinon.SinonStubbedInstance<typeof localStorage>;
 
   beforeEach(async () => {
     auth = await testAuth();
+    storageStub = sinon.stub(localStorage);
+  });
+
+  afterEach(() => {
+    sinon.restore();
   });
 
   describe('_generateNewEvent', () => {
@@ -51,4 +63,98 @@ describe('platform_cordova/popup_redirect/events', () => {
         .with.property('code', 'auth/no-auth-event');
     });
   });
+
+  describe('_savePartialEvent', () => {
+    it('sets the event',async () => {
+      const event = _generateNewEvent(auth, AuthEventType.REAUTH_VIA_REDIRECT);
+      await _savePartialEvent(auth, event);
+      expect(storageStub.setItem).to.have.been.calledWith('firebase:authEvent:test-api-key:test-app', JSON.stringify(event));
+    });
+  });
+
+  describe('_getAndRemoveEvent', () => {
+    it('returns null if no event is present', async () => {
+      storageStub.getItem.returns(null);
+      expect(await _getAndRemoveEvent(auth)).to.be.null;
+    });
+
+    it('returns the event and deletes the key if present', async () => {
+      const event = JSON.stringify(_generateNewEvent(auth, AuthEventType.REAUTH_VIA_REDIRECT));
+      storageStub.getItem.returns(event);
+      expect(await _getAndRemoveEvent(auth)).to.eql(JSON.parse(event));
+      expect(storageStub.removeItem).to.have.been.calledWith('firebase:authEvent:test-api-key:test-app');
+    });
+  });
+
+  describe('_eventFromPartialAndUrl', () => {
+    let partialEvent: AuthEvent;
+    beforeEach(() => {
+      partialEvent = _generateNewEvent(auth, AuthEventType.REAUTH_VIA_REDIRECT, 'id');
+    });
+    
+    function generateCallbackUrl(params: Record<string, string>): string {
+      const deepLink = `http://foo/__/auth/callback?${querystring(params)}`;
+      return `http://outer-app?link=${encodeURIComponent(deepLink)}`;
+    }
+
+    it('returns the proper event if everything is correct w/ no error', () => {
+      const url = generateCallbackUrl({});
+      expect(_eventFromPartialAndUrl(partialEvent, url)).to.eql({
+        type: AuthEventType.REAUTH_VIA_REDIRECT,
+        eventId: 'id',
+        tenantId: null,
+        sessionId: partialEvent.sessionId,
+        urlResponse: 'http://foo/__/auth/callback?',
+        postBody: null,
+      });
+    });
+
+    it('returns null if the callback url has no link', () => {
+      expect(_eventFromPartialAndUrl(partialEvent, 'http://foo')).to.be.null;
+    });
+
+    it('generates an error if the callback has an error', () => {
+      const handlerError = _createError(AuthErrorCode.INTERNAL_ERROR);
+      const url = generateCallbackUrl({
+        'firebaseError': JSON.stringify(handlerError),
+      });
+      const {error, ...rest} = _eventFromPartialAndUrl(partialEvent, url)!;
+
+      expect(error).to.be.instanceOf(FirebaseError).with.property('code', 'auth/internal-error');
+      expect(rest).to.eql({
+        type: AuthEventType.REAUTH_VIA_REDIRECT,
+        eventId: 'id',
+        tenantId: null,
+        urlResponse: null,
+        sessionId: null,
+        postBody: null,
+      });
+    });
+  });
+
+  describe('_getDeepLinkFromCallback', () => {
+    it('returns the iOS double deep link preferentially', () => {
+      expect(_getDeepLinkFromCallback('https://foo?link=http%3A%2F%2Ffoo%3Flink%3DdoubleDeep' +
+      '&deep_link_id=http%3A%2F%2Ffoo%3Flink%3DdoubleDeepIos')).to.eq('doubleDeepIos');
+    });
+
+    it('returns the iOS deep link preferentially', () => {
+      expect(_getDeepLinkFromCallback('https://foo?link=http%3A%2F%2Ffoo%3Flink%3DdoubleDeep' +
+      '&deep_link_id=http%3A%2F%2FfooIOS')).to.eq('http://fooIOS');
+    });
+
+    it('returns double deep link preferentially', () => {
+      expect(_getDeepLinkFromCallback('https://foo?link=http%3A%2F%2Ffoo%3Flink%3DdoubleDeep')).to.eq('doubleDeep');
+    });
+    
+    it('returns the deep link preferentially', () => {
+      expect(_getDeepLinkFromCallback('https://foo?link=http%3A%2F%2Ffoo%3Funrelated%3Dyeah')).to.eq(
+        'http://foo?unrelated=yeah'
+      );
+    });
+
+    it('returns the passed-in url when all else fails', () => {
+      expect(_getDeepLinkFromCallback('https://foo?bar=baz')).to.eq('https://foo?bar=baz');
+    });
+  });
 });

packages-exp/auth-exp/src/platform_cordova/popup_redirect/events.ts

@@ -15,10 +15,15 @@
  * limitations under the License.
  */
 
+import { querystringDecode } from '@firebase/util';
 import { AuthErrorCode } from '../../core/errors';
+import { PersistedBlob, Persistence } from '../../core/persistence';
+import { KeyName, _persistenceKeyName } from '../../core/persistence/persistence_user_manager';
 import { _createError } from '../../core/util/assert';
+import { _getInstance } from '../../core/util/instantiator';
 import { Auth } from '../../model/auth';
 import { AuthEvent, AuthEventType } from '../../model/popup_redirect';
+import { browserLocalPersistence } from '../../platform_browser/persistence/local_storage';
 
 const SESSION_ID_LENGTH = 20;
 
@@ -41,6 +46,61 @@ export function _generateNewEvent(
   };
 }
 
+export function _savePartialEvent(auth: Auth, event: AuthEvent): Promise<void> {
+  return storage()._set(key(auth), event as object as PersistedBlob);
+}
+
+export async function _getAndRemoveEvent(auth: Auth): Promise<AuthEvent|null> {
+  const event = await storage()._get(key(auth)) as AuthEvent | null;
+  if (event) {
+    await storage()._remove(key(auth));
+  }
+  return event;
+}
+
+export function _eventFromPartialAndUrl(partialEvent: AuthEvent, url: string): AuthEvent|null {
+  // Parse the deep link within the dynamic link URL.
+  const callbackUrl = _getDeepLinkFromCallback(url);
+  // Confirm it is actually a callback URL.
+  // Currently the universal link will be of this format:
+  // https://<AUTH_DOMAIN>/__/auth/callback<OAUTH_RESPONSE>
+  // This is a fake URL but is not intended to take the user anywhere
+  // and just redirect to the app.
+  if (callbackUrl.includes('/__/auth/callback')) {
+    // Check if there is an error in the URL.
+    // This mechanism is also used to pass errors back to the app:
+    // https://<AUTH_DOMAIN>/__/auth/callback?firebaseError=<STRINGIFIED_ERROR>
+    const params = searchParamsOrEmpty(callbackUrl);
+    // Get the error object corresponding to the stringified error if found.
+    const errorObject = params['firebaseError'] ?
+        JSON.parse(decodeURIComponent(params['firebaseError'])) : null;
+    const code = errorObject?.['code']?.split('auth/')?.[1];
+    const error = code ? _createError(code) : null;
+    if (error) {
+      return {
+        type: partialEvent.type,
+        eventId: partialEvent.eventId,
+        tenantId: partialEvent.tenantId,
+        error,
+        urlResponse: null,
+        sessionId: null,
+        postBody: null,
+      };
+    } else {
+      return {
+        type: partialEvent.type,
+        eventId: partialEvent.eventId,
+        tenantId: partialEvent.tenantId,
+        sessionId: partialEvent.sessionId,
+        urlResponse: callbackUrl,
+        postBody: null,
+      };
+    }
+  }
+
+  return null;
+}
+
 function generateSessionId(): string {
   const chars = [];
   const allowedChars =
@@ -51,3 +111,37 @@ function generateSessionId(): string {
   }
   return chars.join('');
 }
+
+function storage(): Persistence {
+  return _getInstance(browserLocalPersistence);
+}
+
+function key(auth: Auth): string {
+  return _persistenceKeyName(KeyName.AUTH_EVENT, auth.config.apiKey, auth.name);
+}
+
+// Exported for testing
+export function _getDeepLinkFromCallback(url: string): string {
+  const params = searchParamsOrEmpty(url);
+  const link = params['link'] ? decodeURIComponent(params['link']) : undefined;
+  // Double link case (automatic redirect)
+  const doubleDeepLink = searchParamsOrEmpty(link)['link'];
+  // iOS custom scheme links.
+  const iOSDeepLink = params['deep_link_id'] ? decodeURIComponent(params['deep_link_id']) : undefined;
+  const iOSDoubleDeepLink = searchParamsOrEmpty(iOSDeepLink)['link'];
+  return iOSDoubleDeepLink || iOSDeepLink || doubleDeepLink || link || url;
+}
+
+/**
+ * Optimistically tries to get search params from a string, or else returns an
+ * empty search params object.
+ */
+function searchParamsOrEmpty(url: string | undefined): Record<string, string> {
+  if (!url?.includes('?')) {
+    return {};
+  }
+
+  const [_, ...rest] = url.split('?');
+  return querystringDecode(rest.join('?')) as Record<string, string>;
+}
+