Multi tenant beta

packages/auth-types/index.d.ts

@@ -54,6 +54,7 @@ export interface User extends UserInfo {
   sendEmailVerification(
     actionCodeSettings?: ActionCodeSettings | null
   ): Promise<void>;
+  readonly tenantId: string | null;
   toJSON(): Object;
   unlink(providerId: string): Promise<User>;
   updateEmail(newEmail: string): Promise<void>;
@@ -74,12 +75,30 @@ export interface UserInfo {
   uid: string;
 }
 
-export interface ActionCodeInfo {
+export class ActionCodeInfo {
+  private constructor();
   data: {
     email?: string | null;
     fromEmail?: string | null;
   };
   operation: string;
+  static Operation: {
+    PASSWORD_RESET: Operation;
+    RECOVER_EMAIL: Operation;
+    EMAIL_SIGNIN: Operation;
+    VERIFY_EMAIL: Operation;
+  };
+}
+
+export class ActionCodeURL {
+  private constructor();
+  apiKey: string;
+  code: string;
+  continueUrl: string | null;
+  languageCode: string | null;
+  operation: Operation;
+  static parseLink(link: string): ActionCodeURL | null;
+  tenantId: string | null;
 }
 
 export type ActionCodeSettings = {
@@ -138,6 +157,13 @@ export interface Error {
   message: string;
 }
 
+export interface AuthError extends Error {
+  credential?: AuthCredential;
+  email?: string;
+  phoneNumber?: string;
+  tenantId?: string;
+}
+
 export class FacebookAuthProvider extends FacebookAuthProvider_Instance {
   static PROVIDER_ID: string;
   static FACEBOOK_SIGN_IN_METHOD: string;
@@ -251,6 +277,8 @@ export interface UserMetadata {
 
 export type Persistence = string;
 
+export type Operation = string;
+
 export class OAuthCredential extends AuthCredential {
   private constructor();
   idToken?: string;
@@ -325,6 +353,7 @@ export class FirebaseAuth {
   signInWithPopup(provider: AuthProvider): Promise<UserCredential>;
   signInWithRedirect(provider: AuthProvider): Promise<void>;
   signOut(): Promise<void>;
+  tenantId: string | null;
   updateCurrentUser(user: User | null): Promise<void>;
   useDeviceLanguage(): void;
   verifyPasswordResetCode(code: string): Promise<string>;

packages/auth/src/actioncodeinfo.js

@@ -44,7 +44,7 @@ fireauth.ActionCodeInfo = function(response) {
       response[fireauth.ActionCodeInfo.ServerFieldName.REQUEST_TYPE];
   // Email could be empty only if the request type is EMAIL_SIGNIN.
   if (!operation ||
-      (operation != fireauth.ActionCodeInfo.RequestType.EMAIL_SIGNIN &&
+      (operation != fireauth.ActionCodeInfo.Operation.EMAIL_SIGNIN &&
       !email)) {
     // This is internal only.
     throw new Error('Invalid provider user info!');
@@ -63,10 +63,10 @@ fireauth.ActionCodeInfo = function(response) {
 
 
 /**
- * Firebase Auth Action Code Info requestType possible values.
+ * Firebase Auth Action Code Info operation possible values.
  * @enum {string}
  */
-fireauth.ActionCodeInfo.RequestType = {
+fireauth.ActionCodeInfo.Operation = {
   PASSWORD_RESET: 'PASSWORD_RESET',
   RECOVER_EMAIL: 'RECOVER_EMAIL',
   EMAIL_SIGNIN: 'EMAIL_SIGNIN',

packages/auth/src/actioncodeurl.js

@@ -16,78 +16,106 @@
  */
 
 /**
- * @fileoverview Defines firebase.auth.ActionCodeUrl class which is the utility
+ * @fileoverview Defines firebase.auth.ActionCodeURL class which is the utility
  * to parse action code URLs.
  */
 
-goog.provide('fireauth.ActionCodeUrl');
+goog.provide('fireauth.ActionCodeURL');
 
+goog.require('fireauth.ActionCodeInfo');
+goog.require('fireauth.AuthError');
+goog.require('fireauth.authenum.Error');
+goog.require('fireauth.object');
 goog.require('goog.Uri');
 
 
 /**
  * The utility class to help parse action code URLs used for out of band email
  * flows such as password reset, email verification, email link sign in, etc.
- * @param {string} actionCodeUrl The action code URL.
+ * @param {string} actionLink The action link string.
  * @constructor
  */
-fireauth.ActionCodeUrl = function(actionCodeUrl) {
-   /** @private {!goog.Uri} The action code URL components.*/
-  this.uri_ = goog.Uri.parse(actionCodeUrl);
+fireauth.ActionCodeURL = function(actionLink) {
+  var uri = goog.Uri.parse(actionLink);
+  var apiKey = uri.getParameterValue(
+      fireauth.ActionCodeURL.QueryField.API_KEY) || null;
+  var code = uri.getParameterValue(
+      fireauth.ActionCodeURL.QueryField.CODE) || null;
+  var mode = uri.getParameterValue(
+      fireauth.ActionCodeURL.QueryField.MODE) || null;
+  var operation = fireauth.ActionCodeURL.getOperation(mode);
+  // Validate API key, code and mode.
+  if (!apiKey || !code || !operation) {
+    throw new fireauth.AuthError(
+        fireauth.authenum.Error.ARGUMENT_ERROR,
+        fireauth.ActionCodeURL.QueryField.API_KEY + ', ' +
+        fireauth.ActionCodeURL.QueryField.CODE + 'and ' +
+        fireauth.ActionCodeURL.QueryField.MODE +
+        ' are required in a valid action code URL.');
+  }
+  fireauth.object.setReadonlyProperties(this, {
+    'apiKey': apiKey,
+    'operation': operation,
+    'code': code,
+    'continueUrl': uri.getParameterValue(
+        fireauth.ActionCodeURL.QueryField.CONTINUE_URL) || null,
+    'languageCode': uri.getParameterValue(
+        fireauth.ActionCodeURL.QueryField.LANGUAGE_CODE) || null,
+    'tenantId': uri.getParameterValue(
+        fireauth.ActionCodeURL.QueryField.TENANT_ID) || null
+  });
 };
 
 
 /**
  * Enums for fields in URL query string.
  * @enum {string}
  */
-fireauth.ActionCodeUrl.QueryField = {
+fireauth.ActionCodeURL.QueryField = {
   API_KEY: 'apiKey',
   CODE: 'oobCode',
-  MODE: 'mode'
+  CONTINUE_URL: 'continueUrl',
+  LANGUAGE_CODE: 'languageCode',
+  MODE: 'mode',
+  TENANT_ID: 'tenantId'
 };
 
 
 /**
- * Enums for action code modes.
- * @enum {string}
+ * Map of mode string to Action Code Info operation.
+ * @const @private {!Object<string, !fireauth.ActionCodeInfo.Operation>}
  */
-fireauth.ActionCodeUrl.Mode = {
-  RESET_PASSWORD: 'resetPassword',
-  REVOKE_EMAIL: 'recoverEmail',
-  SIGN_IN: 'signIn',
-  VERIFY_EMAIL: 'verifyEmail'
+fireauth.ActionCodeURL.ModeToOperationMap_ = {
+  'recoverEmail': fireauth.ActionCodeInfo.Operation.RECOVER_EMAIL,
+  'resetPassword': fireauth.ActionCodeInfo.Operation.PASSWORD_RESET,
+  'signIn': fireauth.ActionCodeInfo.Operation.EMAIL_SIGNIN,
+  'verifyEmail': fireauth.ActionCodeInfo.Operation.VERIFY_EMAIL
 };
 
 
 /**
- * Returns the API key parameter of action code URL.
- * @return {?string} The first API key value in action code URL or
- *     undefined if apiKey does not appear in the URL.
+ * Maps the mode string in action code URL to Action Code Info operation.
+ * @param {?string} mode The mode string in the URL.
+ * @return {?fireauth.ActionCodeInfo.Operation}
  */
-fireauth.ActionCodeUrl.prototype.getApiKey = function() {
-  return this.uri_.getParameterValue(
-      fireauth.ActionCodeUrl.QueryField.API_KEY) || null;
-};
-
+fireauth.ActionCodeURL.getOperation = function(mode) {
+  if (!mode) {
+    return null;
+  }
+  return fireauth.ActionCodeURL.ModeToOperationMap_[mode] || null;
 
-/**
- * Returns the action code parameter of action code URL.
- * @return {?string} The first oobCode value in action code URL or
- *     undefined if oobCode does not appear in the URL.
- */
-fireauth.ActionCodeUrl.prototype.getCode = function() {
-  return this.uri_.getParameterValue(
-      fireauth.ActionCodeUrl.QueryField.CODE) || null;
 };
 
 
 /**
- * Returns the mode parameter of action code URL.
- * @return {?string} The first mode value in action code URL or
- *     undefined if mode does not appear in the URL.
+ * Returns an ActionCodeURL instance if the link is valid, otherwise null.
+ * @param {string} actionLink The action code link string.
+ * @return {?fireauth.ActionCodeURL}
  */
-fireauth.ActionCodeUrl.prototype.getMode = function() {
-  return this.uri_.getParameterValue(
-      fireauth.ActionCodeUrl.QueryField.MODE) || null;
+fireauth.ActionCodeURL.parseLink = function(actionLink) {
+  try {
+    return new fireauth.ActionCodeURL(actionLink);
+  } catch(e) {
+    return null;
+  }
 };