| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868 |
- // Copyright 2023 Google LLC
- //
- // Licensed under the Apache License, Version 2.0 (the "License")
- // you may not use this file except in compliance with the License.
- // You may obtain a copy of the License at
- //
- // http://www.apache.org/licenses/LICENSE-2.0
- //
- // Unless required by applicable law or agreed to in writing, software
- // distributed under the License is distributed on an "AS IS" BASIS,
- // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- // See the License for the specific language governing permissions and
- // limitations under the License.
- import Foundation
- import XCTest
- @testable import FirebaseAuth
- import FirebaseCore
- @available(iOS 13, tvOS 13, macOS 10.15, macCatalyst 13, watchOS 7, *)
- class UserTests: RPCBaseTests {
- static let kFakeAPIKey = "FAKE_API_KEY"
- let kFacebookAccessToken = "FACEBOOK_ACCESS_TOKEN"
- let kFacebookID = "FACEBOOK_ID"
- let kFacebookEmail = "user@facebook.com"
- let kFacebookDisplayName = "Facebook Doe"
- let kFacebookIDToken: String? = nil // Facebook id Token is always nil.
- let kNewEmail = "newuser@company.com"
- let kNewPassword = "newpassword"
- let kNewDisplayName = "New User Doe"
- let kVerificationCode = "12345678"
- let kVerificationID = "55432"
- let kPhoneNumber = "555-1234"
- static var auth: Auth?
- override class func setUp() {
- let options = FirebaseOptions(googleAppID: "0:0000000000000:ios:0000000000000000",
- gcmSenderID: "00000000000000000-00000000000-000000000")
- options.apiKey = kFakeAPIKey
- options.projectID = "myUserProjectID"
- FirebaseApp.configure(name: "test-UserTests", options: options)
- #if (os(macOS) && !FIREBASE_AUTH_TESTING_USE_MACOS_KEYCHAIN) || SWIFT_PACKAGE
- let keychainStorageProvider = FakeAuthKeychainStorage()
- #else
- let keychainStorageProvider = AuthKeychainStorageReal()
- #endif // (os(macOS) && !FIREBASE_AUTH_TESTING_USE_MACOS_KEYCHAIN) || SWIFT_PACKAGE
- auth = Auth(
- app: FirebaseApp.app(name: "test-UserTests")!,
- keychainStorageProvider: keychainStorageProvider
- )
- }
- override func tearDown() {
- // Verifies that no tasks are left suspended on the AuthSerialTaskQueue.
- try? UserTests.auth?.signOut()
- }
- /** @fn testUserPropertiesAndNSSecureCoding
- @brief Tests properties of the @c User instance before and after being
- serialized/deserialized.
- */
- func testUserPropertiesAndNSSecureCoding() throws {
- let kProviderUserInfoKey = "providerUserInfo"
- let kPhotoUrlKey = "photoUrl"
- let kProviderIDkey = "providerId"
- let kDisplayNameKey = "displayName"
- let kFederatedIDKey = "federatedId"
- let kEmailKey = "email"
- let kPasswordHashKey = "passwordHash"
- let kTestPasswordHash = "testPasswordHash"
- let kEmailVerifiedKey = "emailVerified"
- let kLocalIDKey = "localId"
- let kGoogleID = "GOOGLE_ID"
- let kGoogleDisplayName = "Google Doe"
- let kGoogleEmail = "user@gmail.com"
- let kGooglePhotoURL = "https://googleusercontents.com/user/profile"
- let kFacebookID = "FACEBOOK_ID"
- let kFacebookEmail = "user@facebook.com"
- let kEnrollmentID = "fakeEnrollment"
- let kPhoneInfo = "+15555555555"
- let kEnrolledAt = "2022-08-01T18:31:15.426458Z"
- let kEnrolledAtMatch = "2022-08-01 18:31:15 +0000"
- let kTwitterID = "TwitterID"
- let kGitHubID = "GitHubID"
- let kGameCenterID = "GameCenterID"
- var providerUserInfos = [[
- kProviderIDkey: EmailAuthProvider.id,
- kFederatedIDKey: kEmail,
- kEmailKey: kEmail,
- ],
- [
- kProviderIDkey: GoogleAuthProvider.id,
- kDisplayNameKey: kGoogleDisplayName,
- kPhotoUrlKey: kGooglePhotoURL,
- kFederatedIDKey: kGoogleID,
- kEmailKey: kGoogleEmail,
- ],
- [
- kProviderIDkey: FacebookAuthProvider.id,
- kFederatedIDKey: kFacebookID,
- kEmailKey: kFacebookEmail,
- ],
- [
- kProviderIDkey: GitHubAuthProvider.id,
- kFederatedIDKey: kGitHubID,
- kEmailKey: kGoogleEmail,
- ],
- [
- kProviderIDkey: TwitterAuthProvider.id,
- kFederatedIDKey: kTwitterID,
- kEmailKey: kFacebookEmail,
- ]]
- #if !os(watchOS)
- providerUserInfos.append([
- kProviderIDkey: GameCenterAuthProvider.id,
- kFederatedIDKey: kGameCenterID,
- kEmailKey: kFacebookEmail,
- ])
- #endif
- #if os(iOS)
- providerUserInfos.append([
- kProviderIDkey: PhoneAuthProvider.id,
- kFederatedIDKey: kPhoneNumber,
- "phoneNumber": kPhoneNumber,
- ])
- #endif
- rpcIssuer?.fakeGetAccountProviderJSON = [[
- kProviderUserInfoKey: providerUserInfos,
- kLocalIDKey: kLocalID,
- kDisplayNameKey: kDisplayName,
- kEmailKey: kEmail,
- kPhotoUrlKey: kTestPhotoURL,
- kEmailVerifiedKey: true,
- kPasswordHashKey: kTestPasswordHash,
- "phoneNumber": kPhoneNumber,
- "createdAt": String(Int(kCreationDateTimeIntervalInSeconds) * 1000), // to nanoseconds
- "lastLoginAt": String(Int(kLastSignInDateTimeIntervalInSeconds) * 1000),
- "mfaInfo": [
- [
- "phoneInfo": kPhoneInfo,
- "mfaEnrollmentId": kEnrollmentID,
- "displayName": kDisplayName,
- "enrolledAt": kEnrolledAt,
- ],
- [
- // In practice, this will be an empty dictionary.
- "totpInfo": [AnyHashable: AnyHashable](),
- "mfaEnrollmentId": kEnrollmentID,
- "displayName": kDisplayName,
- "enrolledAt": kEnrolledAt,
- ] as [AnyHashable: AnyHashable],
- ],
- ]]
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser { user in
- do {
- XCTAssertEqual(user.providerID, "Firebase")
- XCTAssertEqual(user.uid, self.kLocalID)
- XCTAssertEqual(user.displayName, self.kDisplayName)
- XCTAssertEqual(user.photoURL, URL(string: self.kTestPhotoURL))
- XCTAssertEqual(user.email, self.kEmail)
- XCTAssertEqual(user.metadata.creationDate, Date(timeIntervalSince1970:
- self.kCreationDateTimeIntervalInSeconds))
- XCTAssertEqual(user.metadata.lastSignInDate,
- Date(timeIntervalSince1970: self.kLastSignInDateTimeIntervalInSeconds))
- // Verify FIRUser properties besides providerData contents.
- XCTAssertFalse(user.isAnonymous)
- XCTAssertTrue(user.isEmailVerified)
- XCTAssertEqual(user.refreshToken, self.kRefreshToken)
- XCTAssertEqual(user.providerData.count, providerUserInfos.count)
- let providerMap = user.providerData.reduce(into: [String: UserInfo]()) {
- $0[$1.providerID] = $1
- }
- // Verify FIRUserInfo properties from email/password.
- let passwordUserInfo = try XCTUnwrap(providerMap[EmailAuthProvider.id])
- XCTAssertEqual(passwordUserInfo.uid, self.kEmail)
- XCTAssertNil(passwordUserInfo.displayName)
- XCTAssertNil(passwordUserInfo.photoURL)
- XCTAssertEqual(passwordUserInfo.email, self.kEmail)
- // Verify FIRUserInfo properties from the Google auth provider.
- let googleUserInfo = try XCTUnwrap(providerMap[GoogleAuthProvider.id])
- XCTAssertEqual(googleUserInfo.uid, kGoogleID)
- XCTAssertEqual(googleUserInfo.displayName, kGoogleDisplayName)
- XCTAssertEqual(googleUserInfo.photoURL, URL(string: kGooglePhotoURL))
- XCTAssertEqual(googleUserInfo.email, kGoogleEmail)
- // Verify FIRUserInfo properties from the Facebook auth provider.
- let facebookUserInfo = try XCTUnwrap(providerMap[FacebookAuthProvider.id])
- XCTAssertEqual(facebookUserInfo.uid, kFacebookID)
- XCTAssertNil(facebookUserInfo.displayName)
- XCTAssertNil(facebookUserInfo.photoURL)
- XCTAssertEqual(facebookUserInfo.email, kFacebookEmail)
- // Verify FIRUserInfo properties from the GitHub auth provider.
- let gitHubUserInfo = try XCTUnwrap(providerMap[GitHubAuthProvider.id])
- XCTAssertEqual(gitHubUserInfo.uid, kGitHubID)
- XCTAssertNil(gitHubUserInfo.displayName)
- XCTAssertNil(gitHubUserInfo.photoURL)
- XCTAssertEqual(gitHubUserInfo.email, kGoogleEmail)
- // Verify FIRUserInfo properties from the Twitter auth provider.
- let twitterUserInfo = try XCTUnwrap(providerMap[TwitterAuthProvider.id])
- XCTAssertEqual(twitterUserInfo.uid, kTwitterID)
- XCTAssertNil(twitterUserInfo.displayName)
- XCTAssertNil(twitterUserInfo.photoURL)
- XCTAssertEqual(twitterUserInfo.email, kFacebookEmail)
- #if os(iOS)
- // Verify UserInfo properties from the phone auth provider.
- let phoneUserInfo = try XCTUnwrap(providerMap[PhoneAuthProvider.id])
- XCTAssertEqual(phoneUserInfo.phoneNumber, self.kPhoneNumber)
- #endif
- #if !os(watchOS)
- // Verify FIRUserInfo properties from the Game Center auth provider.
- let gameCenterUserInfo = try XCTUnwrap(providerMap[GameCenterAuthProvider.id])
- XCTAssertEqual(gameCenterUserInfo.uid, kGameCenterID)
- XCTAssertNil(gameCenterUserInfo.displayName)
- XCTAssertNil(gameCenterUserInfo.photoURL)
- XCTAssertEqual(gameCenterUserInfo.email, kFacebookEmail)
- #endif
- // Test NSSecureCoding
- XCTAssertTrue(User.supportsSecureCoding)
- let data = try NSKeyedArchiver.archivedData(
- withRootObject: user,
- requiringSecureCoding: true
- )
- var encodedClasses = [User.self, NSDictionary.self, NSURL.self, SecureTokenService.self,
- UserInfoImpl.self, NSDate.self, UserMetadata.self, NSString.self,
- NSArray.self]
- #if os(iOS)
- encodedClasses.append(MultiFactor.self)
- encodedClasses.append(PhoneMultiFactorInfo.self)
- #endif
- let unarchivedUser = try XCTUnwrap(NSKeyedUnarchiver.unarchivedObject(
- ofClasses: encodedClasses, from: data
- )
- as? User)
- // Verify NSSecureCoding for FIRUser
- XCTAssertEqual(unarchivedUser.providerID, user.providerID)
- XCTAssertEqual(unarchivedUser.uid, user.uid)
- XCTAssertEqual(unarchivedUser.email, user.email)
- XCTAssertEqual(unarchivedUser.photoURL, user.photoURL)
- XCTAssertEqual(unarchivedUser.displayName, user.displayName)
- // Verify NSSecureCoding properties besides providerData contents.
- XCTAssertEqual(unarchivedUser.isAnonymous, user.isAnonymous)
- XCTAssertEqual(unarchivedUser.isEmailVerified, user.isEmailVerified)
- XCTAssertEqual(unarchivedUser.refreshToken, user.refreshToken)
- XCTAssertEqual(unarchivedUser.metadata.creationDate, user.metadata.creationDate)
- XCTAssertEqual(unarchivedUser.metadata.lastSignInDate, user.metadata.lastSignInDate)
- XCTAssertEqual(unarchivedUser.providerData.count, user.providerData.count)
- let unarchivedProviderMap = unarchivedUser.providerData.reduce(into: [String: UserInfo]()) {
- $0[$1.providerID] = $1
- }
- // Verify NSSecureCoding properties for AuthDataResult
- let kFakeProfile = ["email": "user@mail.com", "given_name": "User", "family_name": "Doe"]
- let kUserName = "User Doe"
- let kProviderID = "PROVIDER_ID"
- let userInfo = AdditionalUserInfo(providerID: kProviderID,
- profile: kFakeProfile,
- username: kUserName,
- isNewUser: true)
- let authDataResult = AuthDataResult(withUser: user, additionalUserInfo: userInfo)
- XCTAssertTrue(AuthDataResult.supportsSecureCoding)
- let authDataResultData = try NSKeyedArchiver.archivedData(
- withRootObject: authDataResult,
- requiringSecureCoding: true
- )
- encodedClasses.append(AuthDataResult.self)
- encodedClasses.append(AdditionalUserInfo.self)
- let unarchivedDataResult = try XCTUnwrap(NSKeyedUnarchiver.unarchivedObject(
- ofClasses: encodedClasses, from: authDataResultData
- ) as? AuthDataResult)
- XCTAssertEqual(unarchivedDataResult.user.providerID, user.providerID)
- XCTAssertEqual(unarchivedDataResult.user.uid, user.uid)
- XCTAssertEqual(unarchivedDataResult.user.email, user.email)
- XCTAssertEqual(unarchivedDataResult.user.photoURL, user.photoURL)
- XCTAssertEqual(unarchivedDataResult.user.displayName, user.displayName)
- XCTAssertEqual(unarchivedDataResult.additionalUserInfo?.providerID, kProviderID)
- XCTAssertEqual(unarchivedDataResult.additionalUserInfo?.profile as? [String: String],
- kFakeProfile)
- XCTAssertEqual(unarchivedDataResult.additionalUserInfo?.username, kUserName)
- // Verify NSSecureCoding properties from email/password.
- let unarchivedPasswordUserInfo = try XCTUnwrap(unarchivedProviderMap[EmailAuthProvider.id])
- XCTAssertEqual(unarchivedPasswordUserInfo.uid, passwordUserInfo.uid)
- XCTAssertEqual(unarchivedPasswordUserInfo.displayName, passwordUserInfo.displayName)
- XCTAssertEqual(unarchivedPasswordUserInfo.photoURL, passwordUserInfo.photoURL)
- XCTAssertEqual(unarchivedPasswordUserInfo.email, passwordUserInfo.email)
- // Verify NSSecureCoding properties from the Google auth provider.
- let unarchivedGoogleUserInfo = try XCTUnwrap(unarchivedProviderMap[GoogleAuthProvider.id])
- XCTAssertEqual(unarchivedGoogleUserInfo.uid, googleUserInfo.uid)
- XCTAssertEqual(unarchivedGoogleUserInfo.displayName, googleUserInfo.displayName)
- XCTAssertEqual(unarchivedGoogleUserInfo.photoURL, googleUserInfo.photoURL)
- XCTAssertEqual(unarchivedGoogleUserInfo.email, googleUserInfo.email)
- // Verify NSSecureCoding properties from the Facebook auth provider.
- let unarchivedFacebookUserInfo =
- try XCTUnwrap(unarchivedProviderMap[FacebookAuthProvider.id])
- XCTAssertEqual(unarchivedFacebookUserInfo.uid, facebookUserInfo.uid)
- XCTAssertEqual(unarchivedFacebookUserInfo.displayName, facebookUserInfo.displayName)
- XCTAssertEqual(unarchivedFacebookUserInfo.photoURL, facebookUserInfo.photoURL)
- XCTAssertEqual(unarchivedFacebookUserInfo.email, facebookUserInfo.email)
- #if !os(watchOS)
- // Verify NSSecureCoding properties from the GameCenter auth provider.
- let unarchivedGameCenterUserInfo =
- try XCTUnwrap(unarchivedProviderMap[GameCenterAuthProvider.id])
- XCTAssertEqual(unarchivedGameCenterUserInfo.uid, gameCenterUserInfo.uid)
- XCTAssertEqual(unarchivedGameCenterUserInfo.displayName, gameCenterUserInfo.displayName)
- XCTAssertEqual(unarchivedGameCenterUserInfo.photoURL, gameCenterUserInfo.photoURL)
- XCTAssertEqual(unarchivedGameCenterUserInfo.email, gameCenterUserInfo.email)
- #endif
- // Verify NSSecureCoding properties from the GitHub auth provider.
- let unarchivedGitHubUserInfo =
- try XCTUnwrap(unarchivedProviderMap[GitHubAuthProvider.id])
- XCTAssertEqual(unarchivedGitHubUserInfo.uid, gitHubUserInfo.uid)
- XCTAssertEqual(unarchivedGitHubUserInfo.displayName, gitHubUserInfo.displayName)
- XCTAssertEqual(unarchivedGitHubUserInfo.photoURL, gitHubUserInfo.photoURL)
- XCTAssertEqual(unarchivedGitHubUserInfo.email, gitHubUserInfo.email)
- // Verify NSSecureCoding properties from the Twitter auth provider.
- let unarchivedTwitterUserInfo =
- try XCTUnwrap(unarchivedProviderMap[TwitterAuthProvider.id])
- XCTAssertEqual(unarchivedTwitterUserInfo.uid, twitterUserInfo.uid)
- XCTAssertEqual(unarchivedTwitterUserInfo.displayName, twitterUserInfo.displayName)
- XCTAssertEqual(unarchivedTwitterUserInfo.photoURL, twitterUserInfo.photoURL)
- XCTAssertEqual(unarchivedTwitterUserInfo.email, twitterUserInfo.email)
- #if os(iOS)
- // Verify NSSecureCoding properties from the phone auth provider.
- let unarchivedPhoneUserInfo = try XCTUnwrap(unarchivedProviderMap[PhoneAuthProvider.id])
- XCTAssertEqual(unarchivedPhoneUserInfo.phoneNumber, phoneUserInfo.phoneNumber)
- // Verify MultiFactorInfo properties.
- let enrolledFactors = try XCTUnwrap(user.multiFactor.enrolledFactors)
- XCTAssertEqual(enrolledFactors.count, 2)
- XCTAssertEqual(enrolledFactors[0].factorID, PhoneMultiFactorInfo.PhoneMultiFactorID)
- XCTAssertEqual(enrolledFactors[1].factorID, PhoneMultiFactorInfo.TOTPMultiFactorID)
- for enrolledFactor in enrolledFactors {
- XCTAssertEqual(enrolledFactor.uid, kEnrollmentID)
- XCTAssertEqual(enrolledFactor.displayName, self.kDisplayName)
- let date = try XCTUnwrap(enrolledFactor.enrollmentDate)
- XCTAssertEqual("\(date)", kEnrolledAtMatch)
- }
- #endif
- } catch {
- XCTFail("Caught an error in \(#function): \(error)")
- }
- expectation.fulfill()
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testUpdateEmailSuccess
- @brief Tests the flow of a successful @c updateEmail:completion: call.
- */
- func testUpdateEmailSuccess() {
- setFakeGetAccountProvider(withPasswordHash: kFakePassword)
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser { user in
- self.changeUserEmail(user: user, changeEmail: true, expectation: expectation)
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testUpdateEmailWithAuthLinkAccountSuccess
- @brief Tests a successful @c updateEmail:completion: call updates provider info.
- */
- func testUpdateEmailWithAuthLinkAccountSuccess() {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUserLink { user in
- self.changeUserEmail(user: user, expectation: expectation)
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testUpdateEmailFailure
- @brief Tests the flow of a failed @c updateEmail:completion: call.
- */
- func testUpdateEmailFailure() {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser { user in
- do {
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(serverErrorMessage: "INVALID_EMAIL")
- }
- user.updateEmail(to: self.kNewEmail) { rawError in
- XCTAssertTrue(Thread.isMainThread)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.invalidEmail.rawValue)
- // Email should not have changed on the client side.
- XCTAssertEqual(user.email, self.kEmail)
- // User is still signed in.
- XCTAssertEqual(UserTests.auth?.currentUser, user)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testUpdateEmailAutoSignOut
- @brief Tests the flow of a failed @c updateEmail:completion: call that automatically signs out.
- */
- func testUpdateEmailAutoSignOut() {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser { user in
- do {
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(serverErrorMessage: "INVALID_ID_TOKEN")
- }
- user.updateEmail(to: self.kNewEmail) { rawError in
- XCTAssertTrue(Thread.isMainThread)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.invalidUserToken.rawValue)
- // Email should not have changed on the client side.
- XCTAssertEqual(user.email, self.kEmail)
- // User is no longer signed in..
- XCTAssertNil(UserTests.auth?.currentUser)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- #if os(iOS)
- /** @fn testUpdatePhoneSuccess
- @brief Tests the flow of a successful @c updatePhoneNumberCredential:completion: call.
- */
- func testUpdatePhoneSuccess() throws {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- let auth = try XCTUnwrap(UserTests.auth)
- signInWithEmailPasswordReturnFakeUser { user in
- do {
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(withJSON: ["idToken": RPCBaseTests.kFakeAccessToken,
- "refreshToken": self.kRefreshToken])
- }
- self.expectVerifyPhoneNumberRequest()
- self.rpcIssuer?.fakeGetAccountProviderJSON = [[
- "phoneNumber": self.kPhoneNumber,
- ]]
- let credential = PhoneAuthProvider.provider(auth: auth).credential(
- withVerificationID: self.kVerificationID,
- verificationCode: self.kVerificationCode
- )
- user.updatePhoneNumber(credential) { error in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(error)
- XCTAssertEqual(auth.currentUser?.phoneNumber, self.kPhoneNumber)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testUpdatePhoneNumberFailure
- @brief Tests the flow of a failed @c updatePhoneNumberCredential:completion: call.
- */
- func testUpdatePhoneNumberFailure() throws {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- let auth = try XCTUnwrap(UserTests.auth)
- signInWithEmailPasswordReturnFakeUser { user in
- do {
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(serverErrorMessage: "INVALID_PHONE_NUMBER")
- }
- self.expectVerifyPhoneNumberRequest()
- let credential = PhoneAuthProvider.provider(auth: auth).credential(
- withVerificationID: self.kVerificationID,
- verificationCode: self.kVerificationCode
- )
- user.updatePhoneNumber(credential) { rawError in
- XCTAssertTrue(Thread.isMainThread)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.invalidPhoneNumber.rawValue)
- XCTAssertEqual(auth.currentUser, user)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testUpdatePhoneNumberFailureAutoSignOut
- @brief Tests the flow of a failed @c updatePhoneNumberCredential:completion: call that
- automatically signs out.
- */
- func testUpdatePhoneNumberFailureAutoSignOut() throws {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- let auth = try XCTUnwrap(UserTests.auth)
- signInWithEmailPasswordReturnFakeUser { user in
- do {
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(serverErrorMessage: "TOKEN_EXPIRED")
- }
- self.expectVerifyPhoneNumberRequest()
- let credential = PhoneAuthProvider.provider(auth: auth).credential(
- withVerificationID: self.kVerificationID,
- verificationCode: self.kVerificationCode
- )
- user.updatePhoneNumber(credential) { rawError in
- XCTAssertTrue(Thread.isMainThread)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.userTokenExpired.rawValue)
- // User is no longer signed in.
- XCTAssertNil(UserTests.auth?.currentUser)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- #endif
- /** @fn testUpdatePasswordSuccess
- @brief Tests the flow of a successful @c updatePassword:completion: call.
- */
- func testUpdatePasswordSuccess() {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser { user in
- self.changeUserEmail(user: user, expectation: expectation)
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testUpdatePasswordFailure
- @brief Tests the flow of a failed @c updatePassword:completion: call.
- */
- func testUpdatePasswordFailure() {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser { user in
- do {
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(serverErrorMessage: "CREDENTIAL_TOO_OLD_LOGIN_AGAIN")
- }
- user.updatePassword(to: self.kNewPassword) { rawError in
- XCTAssertTrue(Thread.isMainThread)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.requiresRecentLogin.rawValue)
- // Email should not have changed on the client side.
- XCTAssertEqual(user.email, self.kEmail)
- // User is still signed in.
- XCTAssertEqual(UserTests.auth?.currentUser, user)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testUpdateEmptyPasswordFailure
- @brief Tests the flow of a failed @c updatePassword:completion: call due to an empty password.
- */
- func testUpdateEmptyPasswordFailure() {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser { user in
- do {
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(serverErrorMessage: "WEAK_PASSWORD")
- }
- user.updatePassword(to: self.kNewPassword) { rawError in
- XCTAssertTrue(Thread.isMainThread)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.weakPassword.rawValue)
- // Email should not have changed on the client side.
- XCTAssertEqual(user.email, self.kEmail)
- // User is still signed in.
- XCTAssertEqual(UserTests.auth?.currentUser, user)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testUpdatePasswordFailureAutoSignOut
- @brief Tests the flow of a failed @c updatePassword:completion: call that automatically signs
- out.
- */
- func testUpdatePasswordFailureAutoSignOut() {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser { user in
- do {
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(serverErrorMessage: "USER_DISABLED")
- }
- user.updatePassword(to: self.kNewPassword) { rawError in
- XCTAssertTrue(Thread.isMainThread)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.userDisabled.rawValue)
- // Email should not have changed on the client side.
- XCTAssertEqual(user.email, self.kEmail)
- // User is signed out.
- XCTAssertNil(UserTests.auth?.currentUser)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testChangeProfileSuccess
- @brief Tests a successful user profile change flow.
- */
- func testChangeProfileSuccess() {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser { user in
- do {
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(withJSON: ["idToken": RPCBaseTests.kFakeAccessToken,
- "refreshToken": self.kRefreshToken])
- }
- let profileChange = user.createProfileChangeRequest()
- profileChange.photoURL = URL(string: self.kTestPhotoURL)
- profileChange.displayName = self.kNewDisplayName
- profileChange.commitChanges { error in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(error)
- XCTAssertEqual(user.displayName, self.kNewDisplayName)
- XCTAssertEqual(user.photoURL, URL(string: self.kTestPhotoURL))
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testChangeProfileFailure
- @brief Tests a failed user profile change flow.
- */
- func testChangeProfileFailure() {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser { user in
- do {
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(serverErrorMessage: "TOO_MANY_ATTEMPTS_TRY_LATER")
- }
- let profileChange = user.createProfileChangeRequest()
- profileChange.displayName = self.kNewDisplayName
- profileChange.commitChanges { rawError in
- XCTAssertTrue(Thread.isMainThread)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.tooManyRequests.rawValue)
- // Email should not have changed on the client side.
- XCTAssertEqual(user.email, self.kEmail)
- XCTAssertEqual(user.displayName, self.kDisplayName)
- // User is still signed in.
- XCTAssertEqual(UserTests.auth?.currentUser, user)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testChangeProfileFailureAutoSignOut
- @brief Tests a failed user profile change flow that automatically signs out.
- */
- func testChangeProfileFailureAutoSignOut() {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser { user in
- do {
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(serverErrorMessage: "USER_NOT_FOUND")
- }
- let profileChange = user.createProfileChangeRequest()
- profileChange.displayName = self.kNewDisplayName
- profileChange.commitChanges { rawError in
- XCTAssertTrue(Thread.isMainThread)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.userNotFound.rawValue)
- // Email should not have changed on the client side.
- XCTAssertEqual(user.email, self.kEmail)
- // User is signed out.
- XCTAssertNil(UserTests.auth?.currentUser)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testGetIDTokenResultSuccess
- @brief Tests the flow of a successful @c getIDTokenResultWithCompletion: call.
- */
- func testGetIDTokenResultSuccess() {
- internalGetIDTokenResult(token: RPCBaseTests.kFakeAccessToken, forceRefresh: false)
- }
- /** @fn testGetIDTokenResultForcingRefreshSameAccessTokenSuccess
- @brief Tests the flow of a successful @c getIDTokenResultForcingRefresh:completion: call when
- the returned access token is the same as the stored access token.
- */
- func testGetIDTokenResultForcingRefreshSameAccessTokenSuccess() {
- internalGetIDTokenResult(token: RPCBaseTests.kFakeAccessToken)
- }
- /** @fn testGetIDTokenResultForcingRefreshSuccess
- @brief Tests the flow successful @c getIDTokenResultForcingRefresh:completion: calls.
- */
- func testGetIDTokenResultForcingRefreshSuccess() {
- internalGetIDTokenResult(token: RPCBaseTests.kFakeAccessTokenLength415)
- internalGetIDTokenResult(token: RPCBaseTests.kFakeAccessTokenLength416)
- internalGetIDTokenResult(token: RPCBaseTests.kFakeAccessTokenLength523,
- emailMatch: "aunitestuser4@gmail.com")
- }
- /** @fn testGetIDTokenResultSuccessWithBase64EncodedURL
- @brief Tests the flow of a successful @c getIDTokenResultWithCompletion: call using a base64 url
- encoded string.
- */
- func testGetIDTokenResultSuccessWithBase64EncodedURL() {
- internalGetIDTokenResult(token: RPCBaseTests.kFakeAccessTokenWithBase64,
- emailMatch: ">>>>>>>>????????@gmail.com",
- audMatch: "??????????>>>>>>>>>>")
- }
- /** @fn testGetIDTokenResultForcingRefreshFailure
- @brief Tests the flow of a failed @c getIDTokenResultForcingRefresh:completion: call.
- */
- func testGetIDTokenResultForcingRefreshFailure() {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser(fakeAccessToken: RPCBaseTests.kFakeAccessToken) { user in
- let underlying = NSError(domain: "Test Error", code: 1)
- self.rpcIssuer?.secureTokenNetworkError =
- AuthErrorUtils.networkError(underlyingError: underlying) as NSError
- user.getIDTokenResult(forcingRefresh: true) { tokenResult, rawError in
- do {
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(tokenResult)
- let error = try XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.networkError.rawValue)
- } catch {
- XCTFail("Caught an error in \(#function): \(error)")
- }
- expectation.fulfill()
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testReloadSuccess
- @brief Tests the flow of a successful @c reloadWithCompletion: call.
- */
- func testReloadSuccess() {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser { user in
- user.reload { error in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(error)
- XCTAssertEqual(user.displayName, self.kDisplayName)
- XCTAssertEqual(user.email, self.kEmail)
- expectation.fulfill()
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testReloadFailure
- @brief Tests the flow of a failed @c reloadWithCompletion: call.
- */
- func testReloadFailure() {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser { user in
- do {
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(serverErrorMessage: "QUOTA_EXCEEDED")
- }
- // Clear fake so we can inject error
- self.rpcIssuer?.fakeGetAccountProviderJSON = nil
- user.reload { rawError in
- XCTAssertTrue(Thread.isMainThread)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.quotaExceeded.rawValue)
- // User is still signed in.
- XCTAssertEqual(UserTests.auth?.currentUser, user)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testReloadFailureAutoSignOut
- @brief Tests the flow of a failed @c reloadWithCompletion: call that automtatically signs out.
- */
- func testReloadFailureAutoSignOut() {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser { user in
- do {
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(serverErrorMessage: "TOKEN_EXPIRED")
- }
- // Clear fake so we can inject error
- self.rpcIssuer?.fakeGetAccountProviderJSON = nil
- user.reload { rawError in
- XCTAssertTrue(Thread.isMainThread)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.userTokenExpired.rawValue)
- // User is no longer signed in.
- XCTAssertNil(UserTests.auth?.currentUser)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testReauthenticateSuccess
- @brief Tests the flow of a successful @c reauthenticateWithCredential:completion: call.
- */
- func testReauthenticateSuccess() {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser { user in
- do {
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(withJSON: ["idToken": RPCBaseTests.kFakeAccessToken,
- "refreshToken": self.kRefreshToken])
- }
- let emailCredential = EmailAuthProvider.credential(withEmail: self.kEmail,
- password: self.kFakePassword)
- user.reauthenticate(with: emailCredential) { rawResult, error in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(error)
- let result = try! XCTUnwrap(rawResult)
- XCTAssertEqual(result.user.uid, user.uid)
- XCTAssertEqual(result.user.email, user.email)
- XCTAssertEqual(result.additionalUserInfo?.isNewUser, false)
- // User is still signed in.
- XCTAssertEqual(UserTests.auth?.currentUser, user)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testReauthenticateWithCredentialSuccess
- @brief Tests the flow of a successful @c reauthenticateWithCredential call.
- */
- func testReauthenticateWithCredentialSuccess() throws {
- let expectation = self.expectation(description: #function)
- signInWithGoogleCredential { user in
- do {
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(withJSON: ["idToken": RPCBaseTests.kFakeAccessToken,
- "refreshToken": self.kRefreshToken,
- "federatedId": self.kGoogleID,
- "providerId": GoogleAuthProvider.id,
- "localId": self.kLocalID,
- "displayName": self.kGoogleDisplayName,
- "rawUserInfo": self.kGoogleProfile,
- "username": self.kUserName])
- }
- let googleCredential = GoogleAuthProvider.credential(withIDToken: self.kGoogleIDToken,
- accessToken: self.kGoogleAccessToken)
- user.reauthenticate(with: googleCredential) { reauthenticatedAuthResult, error in
- XCTAssertTrue(Thread.isMainThread)
- do {
- try self.assertUserGoogle(reauthenticatedAuthResult?.user)
- } catch {
- XCTFail("\(error)")
- }
- XCTAssertNil(error)
- // Verify that the current user is unchanged.
- XCTAssertEqual(UserTests.auth?.currentUser, user)
- // Verify that the current user and reauthenticated user are not same pointers.
- XCTAssertNotEqual(user, reauthenticatedAuthResult?.user)
- // Verify that anyway the current user and reauthenticated user have same IDs.
- XCTAssertEqual(reauthenticatedAuthResult?.user.uid, user.uid)
- XCTAssertEqual(reauthenticatedAuthResult?.user.email, user.email)
- XCTAssertEqual(reauthenticatedAuthResult?.user.displayName, user.displayName)
- XCTAssertEqual(reauthenticatedAuthResult?.additionalUserInfo?.username, self.kUserName)
- XCTAssertEqual(reauthenticatedAuthResult?.additionalUserInfo?.providerID,
- GoogleAuthProvider.id)
- XCTAssertEqual(
- reauthenticatedAuthResult?.additionalUserInfo?.profile as? [String: String],
- self.kGoogleProfile
- )
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- try assertUserGoogle(UserTests.auth?.currentUser)
- }
- /** @fn testReauthenticateFailure
- @brief Tests the flow of a failed @c reauthenticateWithCredential:completion: call.
- */
- func testReauthenticateFailure() {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser { user in
- do {
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(withJSON: ["idToken": RPCBaseTests.kFakeAccessToken,
- "refreshToken": self.kRefreshToken])
- }
- self.setFakeGetAccountProvider(withLocalID: "A different Local ID")
- let emailCredential = EmailAuthProvider.credential(withEmail: self.kEmail,
- password: self.kFakePassword)
- user.reauthenticate(with: emailCredential) { reauthenticatedAuthResult, rawError in
- XCTAssertTrue(Thread.isMainThread)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.userMismatch.rawValue)
- // Email should not have changed on the client side.
- XCTAssertEqual(user.email, self.kEmail)
- // User is still signed in.
- XCTAssertEqual(UserTests.auth?.currentUser, user)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testReauthenticateUserMismatchFailure
- @brief Tests the flow of a failed @c reauthenticateWithCredential:completion: call due to trying
- to reauthenticate a user that does not exist.
- */
- func testReauthenticateUserMismatchFailure() {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser { user in
- do {
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(serverErrorMessage: "USER_NOT_FOUND")
- }
- let googleCredential = GoogleAuthProvider.credential(withIDToken: self.kGoogleIDToken,
- accessToken: self.kGoogleAccessToken)
- user.reauthenticate(with: googleCredential) { reauthenticatedAuthResult, rawError in
- XCTAssertTrue(Thread.isMainThread)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.userMismatch.rawValue)
- // Email should not have changed on the client side.
- XCTAssertEqual(user.email, self.kEmail)
- // User is still signed in.
- XCTAssertEqual(UserTests.auth?.currentUser, user)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testLinkAndRetrieveDataSuccess (and old testLinkCredentialSuccess)
- @brief Tests the flow of a successful @c linkWithCredential call.
- */
- func testLinkAndRetrieveDataSuccess() throws {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- let auth = try XCTUnwrap(UserTests.auth)
- signInWithFacebookCredential { user in
- XCTAssertNotNil(user)
- do {
- self.setFakeGoogleGetAccountProvider()
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(withJSON: ["idToken": RPCBaseTests.kFakeAccessToken,
- "refreshToken": self.kRefreshToken,
- "federatedId": self.kGoogleID,
- "providerId": GoogleAuthProvider.id,
- "localId": self.kLocalID,
- "displayName": self.kGoogleDisplayName,
- "rawUserInfo": self.kGoogleProfile,
- "username": self.kUserName])
- }
- let googleCredential = GoogleAuthProvider.credential(withIDToken: self.kGoogleIDToken,
- accessToken: self.kGoogleAccessToken)
- user.link(with: googleCredential) { linkAuthResult, error in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(error)
- // Verify that the current user is unchanged.
- XCTAssertEqual(auth.currentUser, user)
- // Verify that the current user and reauthenticated user are the same pointers.
- XCTAssertEqual(user, linkAuthResult?.user)
- // Verify that anyway the current user and reauthenticated user have same IDs.
- XCTAssertEqual(linkAuthResult?.user.uid, user.uid)
- XCTAssertEqual(linkAuthResult?.user.email, user.email)
- XCTAssertEqual(linkAuthResult?.user.displayName, user.displayName)
- XCTAssertEqual(linkAuthResult?.additionalUserInfo?.username, self.kUserName)
- XCTAssertEqual(linkAuthResult?.additionalUserInfo?.providerID,
- GoogleAuthProvider.id)
- XCTAssertEqual(
- linkAuthResult?.additionalUserInfo?.profile as? [String: String],
- self.kGoogleProfile
- )
- XCTAssertEqual(linkAuthResult?.user.providerData.first?.providerID, GoogleAuthProvider.id)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- try assertUserGoogle(auth.currentUser)
- }
- /** @fn testLinkAndRetrieveDataError
- @brief Tests the flow of an unsuccessful @c linkWithCredential:completion:
- call with an error from the backend.
- */
- func testLinkAndRetrieveDataError() throws {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithFacebookCredential { user in
- XCTAssertNotNil(user)
- do {
- self.setFakeGetAccountProvider()
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(serverErrorMessage: "CREDENTIAL_TOO_OLD_LOGIN_AGAIN")
- }
- let googleCredential = GoogleAuthProvider.credential(withIDToken: self.kGoogleIDToken,
- accessToken: self.kGoogleAccessToken)
- user.link(with: googleCredential) { linkAuthResult, rawError in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(linkAuthResult)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.requiresRecentLogin.rawValue)
- // Email should not have changed on the client side.
- XCTAssertEqual(user.email, self.kFacebookEmail)
- // User is still signed in.
- XCTAssertEqual(UserTests.auth?.currentUser, user)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testLinkAndRetrieveDataProviderAlreadyLinked and old testLinkCredentialProviderAlreadyLinkedError
- @brief Tests the flow of an unsuccessful @c linkWithCredential:completion:
- call with FIRAuthErrorCodeProviderAlreadyLinked, which is a client side error.
- */
- func testLinkAndRetrieveDataProviderAlreadyLinked() throws {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithFacebookCredential { user in
- XCTAssertNotNil(user)
- do {
- self.setFakeGetAccountProvider()
- let facebookCredential =
- FacebookAuthProvider.credential(withAccessToken: self.kFacebookAccessToken)
- user.link(with: facebookCredential) { linkAuthResult, rawError in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(linkAuthResult)
- do {
- let error = try XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.providerAlreadyLinked.rawValue)
- } catch {
- XCTFail("Expected to throw providerAlreadyLinked error.")
- }
- // User is still signed in.
- XCTAssertEqual(UserTests.auth?.currentUser, user)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testLinkAndRetrieveDataErrorAutoSignOut (and old testLinkCredentialError)
- @brief Tests the flow of an unsuccessful @c linkWithCredential:completion:
- call that automatically signs out.
- */
- func testLinkAndRetrieveDataErrorAutoSignOut() throws {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithFacebookCredential { user in
- XCTAssertNotNil(user)
- do {
- self.setFakeGetAccountProvider()
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(serverErrorMessage: "USER_DISABLED")
- }
- let googleCredential = GoogleAuthProvider.credential(withIDToken: self.kGoogleIDToken,
- accessToken: self.kGoogleAccessToken)
- user.link(with: googleCredential) { linkAuthResult, rawError in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(linkAuthResult)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.userDisabled.rawValue)
- // User is signed out.
- XCTAssertNil(UserTests.auth?.currentUser)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testLinkEmailAndRetrieveDataSuccess
- @brief Tests the flow of a successful @c linkWithCredential:completion:
- invocation for email credential.
- */
- func testLinkEmailAndRetrieveDataSuccess() throws {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- let auth = try XCTUnwrap(UserTests.auth)
- signInWithFacebookCredential { user in
- XCTAssertNotNil(user)
- do {
- self.rpcIssuer.respondBlock = {
- let request = self.rpcIssuer?.request as? SignUpNewUserRequest
- XCTAssertNotNil(request)
- XCTAssertEqual(request?.email, self.kEmail)
- XCTAssertEqual(request?.password, self.kFakePassword)
- XCTAssertNil(request?.displayName)
- try self.rpcIssuer?.respond(withJSON: ["idToken": RPCBaseTests.kFakeAccessToken,
- "refreshToken": self.kRefreshToken])
- self.setFakeGetAccountProvider(withProviderID: EmailAuthProvider.id)
- }
- let emailCredential = EmailAuthProvider.credential(withEmail: self.kEmail,
- password: self.kFakePassword)
- user.link(with: emailCredential) { linkAuthResult, error in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(error)
- // Verify that the current user is unchanged.
- XCTAssertEqual(auth.currentUser, user)
- // Verify that the current user and reauthenticated user are the same pointers.
- XCTAssertEqual(user, linkAuthResult?.user)
- // Verify that anyway the current user and reauthenticated user have same IDs.
- XCTAssertEqual(linkAuthResult?.user.uid, user.uid)
- XCTAssertEqual(linkAuthResult?.user.email, user.email)
- XCTAssertEqual(linkAuthResult?.user.displayName, user.displayName)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn tesLlinkEmailProviderAlreadyLinkedError
- @brief Tests the flow of an unsuccessful @c linkWithCredential:completion:
- invocation for email credential and FIRAuthErrorCodeProviderAlreadyLinked which is a client
- side error.
- */
- func testLinkEmailProviderAlreadyLinkedError() throws {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithFacebookCredential { user in
- XCTAssertNotNil(user)
- do {
- self.rpcIssuer.respondBlock = {
- let request = self.rpcIssuer?.request as? SignUpNewUserRequest
- XCTAssertNotNil(request)
- XCTAssertEqual(request?.email, self.kEmail)
- XCTAssertEqual(request?.password, self.kFakePassword)
- try self.rpcIssuer?.respond(withJSON: ["idToken": RPCBaseTests.kFakeAccessToken,
- "refreshToken": self.kRefreshToken])
- self.setFakeGetAccountProvider(withProviderID: EmailAuthProvider.id)
- }
- let emailCredential = EmailAuthProvider.credential(withEmail: self.kEmail,
- password: self.kFakePassword)
- user.link(with: emailCredential) { linkAuthResult, error in
- XCTAssertEqual(user, linkAuthResult?.user)
- linkAuthResult?.user.link(with: emailCredential) { linkLinkAuthResult, rawError in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(linkLinkAuthResult)
- do {
- let error = try XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.providerAlreadyLinked.rawValue)
- } catch {
- XCTFail("Expected to throw providerAlreadyLinked error.")
- }
- // User is still signed in.
- XCTAssertEqual(UserTests.auth?.currentUser, user)
- expectation.fulfill()
- }
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testLinkEmailAndRetrieveDataError
- @brief Tests the flow of an unsuccessful @c linkWithCredential:completion:
- invocation for email credential and an error from the backend.
- */
- func testLinkEmailAndRetrieveDataError() throws {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithFacebookCredential { user in
- XCTAssertNotNil(user)
- do {
- self.rpcIssuer.respondBlock = {
- let request = self.rpcIssuer?.request as? SignUpNewUserRequest
- XCTAssertNotNil(request)
- XCTAssertEqual(request?.email, self.kEmail)
- XCTAssertEqual(request?.password, self.kFakePassword)
- try self.rpcIssuer?.respond(serverErrorMessage: "TOO_MANY_ATTEMPTS_TRY_LATER")
- }
- let emailCredential = EmailAuthProvider.credential(withEmail: self.kEmail,
- password: self.kFakePassword)
- user.link(with: emailCredential) { linkAuthResult, rawError in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(linkAuthResult)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.tooManyRequests.rawValue)
- // User is still signed in.
- XCTAssertEqual(UserTests.auth?.currentUser, user)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testLinkEmailAndRetrieveDataErrorAutoSignOut
- @brief Tests the flow of an unsuccessful @c linkWithCredential:completion:
- invocation that automatically signs out.
- */
- func testLinkEmailAndRetrieveDataErrorAutoSignOut() throws {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithFacebookCredential { user in
- XCTAssertNotNil(user)
- do {
- self.rpcIssuer.respondBlock = {
- XCTAssertNotNil(self.rpcIssuer?.request as? SignUpNewUserRequest)
- try self.rpcIssuer?.respond(serverErrorMessage: "TOKEN_EXPIRED")
- }
- let emailCredential = EmailAuthProvider.credential(withEmail: self.kEmail,
- password: self.kFakePassword)
- user.link(with: emailCredential) { linkAuthResult, rawError in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(linkAuthResult)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.userTokenExpired.rawValue)
- // User is signed out.
- XCTAssertNil(UserTests.auth?.currentUser)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- #if os(iOS)
- private class FakeOAuthProvider: OAuthProvider {
- override func getCredentialWith(_ UIDelegate: AuthUIDelegate?,
- completion: ((AuthCredential?, Error?) -> Void)? = nil) {
- if let completion {
- let credential = OAuthCredential(
- withProviderID: GoogleAuthProvider.id,
- sessionID: UserTests.kOAuthSessionID,
- OAuthResponseURLString: UserTests.kOAuthRequestURI
- )
- completion(credential, nil)
- }
- }
- }
- /** @fn testLinkProviderFailure
- @brief Tests the flow of a failed @c linkWithProvider:completion:
- call.
- */
- func testLinkProviderFailure() throws {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- let auth = try XCTUnwrap(UserTests.auth)
- signInWithFacebookCredential { user in
- XCTAssertNotNil(user)
- do {
- self.setFakeGetAccountProvider()
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(serverErrorMessage: "TOKEN_EXPIRED")
- }
- user.link(with: FakeOAuthProvider(providerID: "foo", auth: auth),
- uiDelegate: nil) { linkAuthResult, rawError in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(linkAuthResult)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.userTokenExpired.rawValue)
- // User is signed out.
- XCTAssertNil(UserTests.auth?.currentUser)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testReauthenticateWithProviderFailure
- @brief Tests the flow of a failed @c reauthenticateWithProvider:completion: call.
- */
- func testReauthenticateWithProviderFailure() throws {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- let auth = try XCTUnwrap(UserTests.auth)
- signInWithFacebookCredential { user in
- XCTAssertNotNil(user)
- do {
- self.setFakeGetAccountProvider()
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(serverErrorMessage: "TOKEN_EXPIRED")
- }
- user.reauthenticate(with: FakeOAuthProvider(providerID: "foo", auth: auth),
- uiDelegate: nil) { linkAuthResult, rawError in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(linkAuthResult)
- let error = try! XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.userTokenExpired.rawValue)
- // User is still signed in.
- XCTAssertEqual(UserTests.auth?.currentUser, user)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testLinkPhoneAuthCredentialSuccess
- @brief Tests the flow of a successful @c linkWithCredential call using a phoneAuthCredential.
- */
- func testLinkPhoneAuthCredentialSuccess() throws {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- let auth = try XCTUnwrap(UserTests.auth)
- signInWithEmailPasswordReturnFakeUser { user in
- XCTAssertNotNil(user)
- self.expectVerifyPhoneNumberRequest(isLink: true)
- do {
- self.setFakeGetAccountProvider(withProviderID: PhoneAuthProvider.id)
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(withJSON: ["idToken": RPCBaseTests.kFakeAccessToken,
- "refreshToken": self.kRefreshToken])
- }
- let credential = PhoneAuthProvider.provider(auth: auth).credential(
- withVerificationID: self.kVerificationID,
- verificationCode: self.kVerificationCode
- )
- user.link(with: credential) { linkAuthResult, error in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(error)
- // Verify that the current user is unchanged.
- XCTAssertEqual(auth.currentUser, user)
- // Verify that the current user and reauthenticated user are the same pointers.
- XCTAssertEqual(user, linkAuthResult?.user)
- // Verify that anyway the current user and reauthenticated user have same IDs.
- XCTAssertEqual(linkAuthResult?.user.uid, user.uid)
- XCTAssertEqual(linkAuthResult?.user.email, user.email)
- XCTAssertEqual(linkAuthResult?.user.displayName, user.displayName)
- XCTAssertEqual(auth.currentUser?.providerData.first?.providerID, PhoneAuthProvider.id)
- XCTAssertEqual(
- linkAuthResult?.user.providerData.first?.providerID,
- PhoneAuthProvider.id
- )
- XCTAssertEqual(auth.currentUser?.phoneNumber, self.kTestPhoneNumber)
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testUnlinkPhoneAuthCredentialSuccess
- @brief Tests the flow of a successful @c unlinkFromProvider:completion: call using a
- @c FIRPhoneAuthProvider.
- */
- func testUnlinkPhoneAuthCredentialSuccess() throws {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- let auth = try XCTUnwrap(UserTests.auth)
- signInWithEmailPasswordReturnFakeUser { user in
- XCTAssertNotNil(user)
- self.expectVerifyPhoneNumberRequest(isLink: true)
- do {
- self.setFakeGetAccountProvider(withProviderID: PhoneAuthProvider.id)
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(withJSON: ["idToken": RPCBaseTests.kFakeAccessToken,
- "refreshToken": self.kRefreshToken])
- }
- let credential = PhoneAuthProvider.provider(auth: auth).credential(
- withVerificationID: self.kVerificationID,
- verificationCode: self.kVerificationCode
- )
- user.link(with: credential) { linkAuthResult, error in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(error)
- // Verify that the current user is unchanged.
- XCTAssertEqual(auth.currentUser, user)
- // Verify that the current user and reauthenticated user are the same pointers.
- XCTAssertEqual(user, linkAuthResult?.user)
- // Verify that anyway the current user and reauthenticated user have same IDs.
- XCTAssertEqual(linkAuthResult?.user.uid, user.uid)
- XCTAssertEqual(linkAuthResult?.user.email, user.email)
- XCTAssertEqual(linkAuthResult?.user.displayName, user.displayName)
- XCTAssertEqual(auth.currentUser?.providerData.first?.providerID, PhoneAuthProvider.id)
- XCTAssertEqual(
- linkAuthResult?.user.providerData.first?.providerID,
- PhoneAuthProvider.id
- )
- XCTAssertEqual(auth.currentUser?.phoneNumber, self.kTestPhoneNumber)
- // Immediately unlink the phone auth provider.
- self.rpcIssuer.respondBlock = {
- let request = try XCTUnwrap(self.rpcIssuer?.request as? SetAccountInfoRequest)
- XCTAssertEqual(request.apiKey, UserTests.kFakeAPIKey)
- XCTAssertEqual(request.accessToken, RPCBaseTests.kFakeAccessToken)
- XCTAssertNil(request.email)
- XCTAssertNil(request.password)
- XCTAssertNil(request.localID)
- XCTAssertNil(request.displayName)
- XCTAssertNil(request.photoURL)
- XCTAssertNil(request.providers)
- XCTAssertNil(request.deleteAttributes)
- XCTAssertEqual(try XCTUnwrap(request.deleteProviders?.first), PhoneAuthProvider.id)
- try self.rpcIssuer?.respond(withJSON: ["idToken": RPCBaseTests.kFakeAccessToken,
- "refreshToken": self.kRefreshToken])
- }
- user.unlink(fromProvider: PhoneAuthProvider.id) { user, error in
- XCTAssertNil(error)
- XCTAssertEqual(auth.currentUser, user)
- XCTAssertNil(auth.currentUser?.phoneNumber)
- expectation.fulfill()
- }
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testlinkPhoneAuthCredentialFailure
- @brief Tests the flow of a failed call to @c linkWithCredential:completion: due
- to a phone provider already being linked.
- */
- func testlinkPhoneAuthCredentialFailure() throws {
- setFakeGetAccountProvider(withPasswordHash: kFakePassword)
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser { user in
- XCTAssertNotNil(user)
- self.expectVerifyPhoneNumberRequest(isLink: true)
- self.setFakeGetAccountProvider(withProviderID: PhoneAuthProvider.id)
- let credential = EmailAuthCredential(withEmail: self.kEmail, password: self.kFakePassword)
- user.link(with: credential) { linkAuthResult, rawError in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(linkAuthResult)
- if let error = try? XCTUnwrap(rawError) {
- XCTAssertEqual((error as NSError).code, AuthErrorCode.providerAlreadyLinked.rawValue)
- } else {
- XCTFail("Did not throw expected error")
- }
- expectation.fulfill()
- }
- }
- waitForExpectations(timeout: 5)
- }
- /** @fn testlinkPhoneCredentialAlreadyExistsError
- @brief Tests the flow of @c linkWithCredential:completion:
- call using a phoneAuthCredential and a credential already exists error. In this case we
- should get a AuthCredential in the error object.
- */
- func testlinkPhoneCredentialAlreadyExistsError() throws {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- let auth = try XCTUnwrap(UserTests.auth)
- signInWithEmailPasswordReturnFakeUser { user in
- XCTAssertNotNil(user)
- self.expectVerifyPhoneNumberRequest(isLink: true)
- do {
- self.setFakeGetAccountProvider(withProviderID: PhoneAuthProvider.id)
- self.rpcIssuer.respondBlock = {
- try self.rpcIssuer?.respond(withJSON: ["idToken": RPCBaseTests.kFakeAccessToken,
- "refreshToken": self.kRefreshToken,
- "phoneNumber": self.kTestPhoneNumber,
- "temporaryProof": "Fake Temporary Proof"])
- }
- let credential = PhoneAuthProvider.provider(auth: auth).credential(
- withVerificationID: self.kVerificationID,
- verificationCode: self.kVerificationCode
- )
- user.link(with: credential) { linkAuthResult, rawError in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(linkAuthResult)
- do {
- let error = try XCTUnwrap(rawError)
- XCTAssertEqual((error as NSError).code, AuthErrorCode.credentialAlreadyInUse.rawValue)
- let credential = try XCTUnwrap((error as NSError)
- .userInfo[AuthErrors.userInfoUpdatedCredentialKey] as? PhoneAuthCredential)
- switch credential.credentialKind {
- case let .phoneNumber(phoneNumber, temporaryProof):
- XCTAssertEqual(temporaryProof, "Fake Temporary Proof")
- XCTAssertEqual(phoneNumber, self.kTestPhoneNumber)
- case .verification: XCTFail("Should be phoneNumber case")
- }
- } catch {
- XCTFail("Did not throw expected error \(error)")
- }
- expectation.fulfill()
- }
- }
- }
- waitForExpectations(timeout: 5)
- }
- #endif
- // MARK: Private helper functions
- private func expectVerifyPhoneNumberRequest(isLink: Bool = false) {
- rpcIssuer?.verifyPhoneNumberRequester = { request in
- XCTAssertEqual(request.verificationID, self.kVerificationID)
- XCTAssertEqual(request.verificationCode, self.kVerificationCode)
- XCTAssertEqual(request.accessToken, RPCBaseTests.kFakeAccessToken)
- if isLink {
- XCTAssertEqual(request.operation, AuthOperationType.link)
- } else {
- XCTAssertEqual(request.operation, AuthOperationType.update)
- }
- }
- }
- private func internalGetIDTokenResult(token: String, forceRefresh: Bool = true,
- emailMatch: String = "aunitestuser@gmail.com",
- audMatch: String = "test_aud") {
- setFakeGetAccountProvider()
- let expectation = self.expectation(description: #function)
- signInWithEmailPasswordReturnFakeUser(fakeAccessToken: token) { user in
- user.getIDTokenResult(forcingRefresh: forceRefresh) { rawTokenResult, error in
- XCTAssertTrue(Thread.isMainThread)
- XCTAssertNil(error)
- XCTAssertEqual(user.displayName, self.kDisplayName)
- XCTAssertEqual(user.email, self.kEmail)
- let tokenResult = try! XCTUnwrap(rawTokenResult)
- XCTAssertEqual(tokenResult.token, token)
- XCTAssertNotNil(tokenResult.issuedAtDate)
- XCTAssertNotNil(tokenResult.authDate)
- XCTAssertNotNil(tokenResult.expirationDate)
- XCTAssertNotNil(tokenResult.signInProvider)
- // The lowercased is for the base64 test which seems to be an erroneously uppercased
- // "Password"?
- XCTAssertEqual(tokenResult.signInProvider.lowercased(), EmailAuthProvider.id)
- XCTAssertEqual(tokenResult.claims["email"] as! String, emailMatch)
- XCTAssertEqual(tokenResult.claims["aud"] as! String, audMatch)
- XCTAssertEqual(tokenResult.signInSecondFactor, "")
- expectation.fulfill()
- }
- }
- waitForExpectations(timeout: 5)
- }
- private func changeUserEmail(user: User, changeEmail: Bool = false,
- expectation: XCTestExpectation) {
- do {
- XCTAssertEqual(user.providerID, "Firebase")
- XCTAssertEqual(user.uid, kLocalID)
- XCTAssertEqual(user.displayName, kDisplayName)
- XCTAssertEqual(user.photoURL, URL(string: kTestPhotoURL))
- XCTAssertEqual(user.email, kEmail)
- // Pretend that the display name on the server has been changed since the original signin.
- setFakeGetAccountProvider(withNewDisplayName: kNewDisplayName)
- rpcIssuer.respondBlock = {
- let request = try XCTUnwrap(self.rpcIssuer?.request as? SetAccountInfoRequest)
- XCTAssertEqual(request.apiKey, UserTests.kFakeAPIKey)
- XCTAssertEqual(request.accessToken, RPCBaseTests.kFakeAccessToken)
- if changeEmail {
- XCTAssertEqual(request.email, self.kNewEmail)
- XCTAssertNil(request.password)
- } else {
- XCTAssertEqual(request.password, self.kNewPassword)
- XCTAssertNil(request.email)
- }
- XCTAssertNil(request.localID)
- XCTAssertNil(request.displayName)
- XCTAssertNil(request.photoURL)
- XCTAssertNil(request.providers)
- XCTAssertNil(request.deleteAttributes)
- XCTAssertNil(request.deleteProviders)
- try self.rpcIssuer?.respond(withJSON: ["idToken": RPCBaseTests.kFakeAccessToken,
- "email": self.kNewEmail,
- "refreshToken": self.kRefreshToken])
- }
- if changeEmail {
- user.updateEmail(to: kNewEmail) { error in
- XCTAssertNil(error)
- XCTAssertEqual(user.email, self.kNewEmail)
- XCTAssertEqual(user.displayName, self.kNewDisplayName)
- XCTAssertFalse(user.isAnonymous)
- expectation.fulfill()
- }
- } else {
- user.updatePassword(to: kNewPassword) { error in
- XCTAssertNil(error)
- XCTAssertEqual(user.displayName, self.kNewDisplayName)
- XCTAssertFalse(user.isAnonymous)
- expectation.fulfill()
- }
- }
- }
- }
- private func signInWithEmailPasswordReturnFakeUser(fakeAccessToken: String = RPCBaseTests
- .kFakeAccessToken,
- completion: @escaping (User) -> Void) {
- let kRefreshToken = "fakeRefreshToken"
- setFakeSecureTokenService(fakeAccessToken: fakeAccessToken)
- rpcIssuer?.verifyPasswordRequester = { request in
- // 2. Validate the created Request instance.
- XCTAssertEqual(request.email, self.kEmail)
- XCTAssertEqual(request.password, self.kFakePassword)
- XCTAssertEqual(request.apiKey, UserTests.kFakeAPIKey)
- XCTAssertTrue(request.returnSecureToken)
- do {
- // 3. Send the response from the fake backend.
- try self.rpcIssuer?.respond(withJSON: ["idToken": fakeAccessToken,
- "isNewUser": true,
- "refreshToken": kRefreshToken])
- } catch {
- XCTFail("Failure sending response: \(error)")
- }
- }
- // 1. After setting up fakes, sign out and sign in.
- do {
- try UserTests.auth?.signOut()
- } catch {
- XCTFail("Sign out failed: \(error)")
- return
- }
- UserTests.auth?.signIn(withEmail: kEmail, password: kFakePassword) { authResult, error in
- // 4. After the response triggers the callback, verify the returned result.
- XCTAssertTrue(Thread.isMainThread)
- guard let user = authResult?.user else {
- XCTFail("authResult.user is missing")
- return
- }
- XCTAssertEqual(user.refreshToken, kRefreshToken)
- XCTAssertFalse(user.isAnonymous)
- XCTAssertEqual(user.email, self.kEmail)
- guard let additionalUserInfo = authResult?.additionalUserInfo else {
- XCTFail("authResult.additionalUserInfo is missing")
- return
- }
- XCTAssertFalse(additionalUserInfo.isNewUser)
- XCTAssertEqual(additionalUserInfo.providerID, EmailAuthProvider.id)
- XCTAssertNil(error)
- // Clear the password Requester to avoid being called again by reauthenticate tests.
- self.rpcIssuer?.verifyPasswordRequester = nil
- completion(user)
- }
- }
- private func signInWithGoogleCredential(completion: @escaping (User) -> Void) {
- setFakeSecureTokenService(fakeAccessToken: RPCBaseTests.kFakeAccessToken)
- setFakeGoogleGetAccountProvider()
- rpcIssuer.respondBlock = {
- try self.verifyGoogleAssertionRequest(
- XCTUnwrap(self.rpcIssuer?.request as? VerifyAssertionRequest)
- )
- // 3. Send the response from the fake backend.
- try self.rpcIssuer?.respond(withJSON: ["idToken": RPCBaseTests.kFakeAccessToken,
- "providerId": GoogleAuthProvider.id,
- "refreshToken": self.kRefreshToken,
- "localId": self.kLocalID,
- "displayName": self.kDisplayName,
- "rawUserInfo": self.kGoogleProfile,
- "username": self.kUserName])
- }
- do {
- try UserTests.auth?.signOut()
- let googleCredential = GoogleAuthProvider.credential(withIDToken: kGoogleIDToken,
- accessToken: kGoogleAccessToken)
- UserTests.auth?.signIn(with: googleCredential) { authResult, error in
- // 4. After the response triggers the callback, verify the returned result.
- XCTAssertTrue(Thread.isMainThread)
- guard let user = authResult?.user else {
- XCTFail("authResult.user is missing")
- return
- }
- XCTAssertEqual(user.refreshToken, self.kRefreshToken)
- XCTAssertFalse(user.isAnonymous)
- XCTAssertEqual(user.email, self.kGoogleEmail)
- guard let additionalUserInfo = authResult?.additionalUserInfo,
- let profile = additionalUserInfo.profile as? [String: String] else {
- XCTFail("authResult.additionalUserInfo and/or profile is missing")
- return
- }
- XCTAssertEqual(profile, self.kGoogleProfile)
- XCTAssertFalse(additionalUserInfo.isNewUser)
- XCTAssertEqual(additionalUserInfo.providerID, GoogleAuthProvider.id)
- XCTAssertEqual(additionalUserInfo.username, self.kUserName)
- XCTAssertNil(error)
- completion(user)
- }
- } catch {
- XCTFail("Throw in \(#function): \(error)")
- }
- }
- private func verifyGoogleAssertionRequest(_ request: VerifyAssertionRequest) {
- XCTAssertEqual(request.providerID, GoogleAuthProvider.id)
- XCTAssertEqual(request.providerIDToken, kGoogleIDToken)
- XCTAssertEqual(request.providerAccessToken, kGoogleAccessToken)
- XCTAssertTrue(request.returnSecureToken)
- XCTAssertEqual(request.apiKey, UserTests.kFakeAPIKey)
- XCTAssertTrue(request.returnSecureToken)
- }
- private func signInWithFacebookCredential(completion: @escaping (User) -> Void) {
- setFakeSecureTokenService(fakeAccessToken: RPCBaseTests.kFakeAccessToken)
- setFakeGetAccountProvider(withNewDisplayName: kFacebookDisplayName,
- withProviderID: FacebookAuthProvider.id,
- withFederatedID: kFacebookID,
- withEmail: kFacebookEmail)
- rpcIssuer.respondBlock = {
- let request = try XCTUnwrap(self.rpcIssuer?.request as? VerifyAssertionRequest)
- XCTAssertEqual(request.providerID, FacebookAuthProvider.id)
- XCTAssertEqual(request.providerIDToken, self.kFacebookIDToken)
- XCTAssertEqual(request.providerAccessToken, self.kFacebookAccessToken)
- XCTAssertTrue(request.returnSecureToken)
- XCTAssertEqual(request.apiKey, UserTests.kFakeAPIKey)
- XCTAssertTrue(request.returnSecureToken)
- // 3. Send the response from the fake backend.
- try self.rpcIssuer?.respond(withJSON: ["idToken": RPCBaseTests.kFakeAccessToken,
- "refreshToken": self.kRefreshToken,
- "federatedId": self.kFacebookID,
- "providerId": FacebookAuthProvider.id,
- "localId": self.kLocalID,
- "displayName": self.kDisplayName,
- "rawUserInfo": self.kGoogleProfile,
- "username": self.kUserName])
- }
- do {
- try UserTests.auth?.signOut()
- let facebookCredential = FacebookAuthProvider
- .credential(withAccessToken: kFacebookAccessToken)
- UserTests.auth?.signIn(with: facebookCredential) { authResult, error in
- // 4. After the response triggers the callback, verify the returned result.
- XCTAssertTrue(Thread.isMainThread)
- guard let user = authResult?.user else {
- XCTFail("authResult.user is missing")
- return
- }
- XCTAssertEqual(user.refreshToken, self.kRefreshToken)
- XCTAssertFalse(user.isAnonymous)
- XCTAssertEqual(user.email, self.kFacebookEmail)
- XCTAssertEqual(user.displayName, self.kFacebookDisplayName)
- XCTAssertEqual(user.providerData.count, 1)
- guard let additionalUserInfo = authResult?.additionalUserInfo,
- let facebookUserInfo = user.providerData.first,
- let profile = additionalUserInfo.profile as? [String: String] else {
- XCTFail("authResult.additionalUserInfo and/or profile is missing")
- return
- }
- XCTAssertEqual(facebookUserInfo.providerID, FacebookAuthProvider.id)
- XCTAssertEqual(facebookUserInfo.uid, self.kFacebookID)
- XCTAssertEqual(facebookUserInfo.displayName, self.kFacebookDisplayName)
- XCTAssertEqual(facebookUserInfo.email, self.kFacebookEmail)
- XCTAssertEqual(profile, self.kGoogleProfile)
- XCTAssertFalse(additionalUserInfo.isNewUser)
- XCTAssertEqual(additionalUserInfo.providerID, FacebookAuthProvider.id)
- XCTAssertEqual(additionalUserInfo.username, self.kUserName)
- XCTAssertNil(error)
- completion(user)
- }
- } catch {
- XCTFail("Throw in \(#function): \(error)")
- }
- }
- private func signInWithEmailPasswordReturnFakeUserLink(completion: @escaping (User) -> Void) {
- let kRefreshToken = "fakeRefreshToken"
- setFakeSecureTokenService()
- rpcIssuer.respondBlock = {
- let request = try XCTUnwrap(self.rpcIssuer?.request as? EmailLinkSignInRequest)
- XCTAssertEqual(request.email, self.kEmail)
- XCTAssertEqual(request.apiKey, UserTests.kFakeAPIKey)
- XCTAssertEqual(request.oobCode, "aCode")
- XCTAssertNil(request.idToken)
- // Send the response from the fake backend.
- try self.rpcIssuer?.respond(withJSON: ["idToken": RPCBaseTests.kFakeAccessToken,
- "isNewUser": true,
- "refreshToken": kRefreshToken])
- }
- do {
- try UserTests.auth?.signOut()
- UserTests.auth?.signIn(
- withEmail: kEmail,
- link: "https://www.google.com?oobCode=aCode&mode=signIn"
- ) { authResult, error in
- // 4. After the response triggers the callback, verify the returned result.
- XCTAssertTrue(Thread.isMainThread)
- guard let user = authResult?.user else {
- XCTFail("authResult.user is missing")
- return
- }
- XCTAssertEqual(user.refreshToken, kRefreshToken)
- XCTAssertFalse(user.isAnonymous)
- XCTAssertEqual(user.email, self.kEmail)
- guard let additionalUserInfo = authResult?.additionalUserInfo else {
- XCTFail("authResult.additionalUserInfo is missing")
- return
- }
- XCTAssertTrue(additionalUserInfo.isNewUser)
- XCTAssertEqual(additionalUserInfo.providerID, EmailAuthProvider.id)
- XCTAssertNil(error)
- completion(user)
- }
- } catch {
- XCTFail("Throw in \(#function): \(error)")
- }
- }
- }
|