-
Notifications
You must be signed in to change notification settings - Fork 491
Expand file tree
/
Copy pathAuthServiceError.swift
More file actions
214 lines (184 loc) · 7.1 KB
/
AuthServiceError.swift
File metadata and controls
214 lines (184 loc) · 7.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
// Copyright 2025 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
import FirebaseAuth
import SwiftUI
/// Context information for OAuth provider reauthentication (Google, Apple, Facebook, Twitter, etc.)
public struct OAuthReauthContext: Equatable {
public let providerId: String
public let providerName: String
public init(providerId: String, providerName: String) {
self.providerId = providerId
self.providerName = providerName
}
public var displayMessage: String {
"Please sign in with \(providerName) to continue"
}
}
/// Context information for email/password reauthentication
public struct EmailReauthContext: Equatable {
public let email: String
public init(email: String) {
self.email = email
}
public var displayMessage: String {
"Please enter your password to continue"
}
}
/// Context information for email link reauthentication
public struct EmailLinkReauthContext: Equatable {
public let email: String
public init(email: String) {
self.email = email
}
public var displayMessage: String {
"Please check your email to verify your identity"
}
}
/// Context information for phone number reauthentication
public struct PhoneReauthContext: Equatable {
public let phoneNumber: String
public init(phoneNumber: String) {
self.phoneNumber = phoneNumber
}
public var displayMessage: String {
"Please verify your phone number to continue"
}
}
/// Type-safe wrapper for reauthentication contexts
public enum ReauthenticationType: Equatable {
case oauth(OAuthReauthContext)
case email(EmailReauthContext)
case emailLink(EmailLinkReauthContext)
case phone(PhoneReauthContext)
public var displayMessage: String {
switch self {
case let .oauth(context):
return context.displayMessage
case let .email(context):
return context.displayMessage
case let .emailLink(context):
return context.displayMessage
case let .phone(context):
return context.displayMessage
}
}
}
/// Describes the specific type of account conflict that occurred
public enum AccountConflictType: Equatable {
/// Account exists with a different provider (e.g., user signed up with Google, trying to use
/// email)
/// Solution: Sign in with existing provider, then link the new credential
case accountExistsWithDifferentCredential
/// The credential is already linked to another account
/// Solution: User must sign in with that account or unlink the credential
case credentialAlreadyInUse
/// Email is already registered with another method
/// Solution: Sign in with existing method, then link if desired
case emailAlreadyInUse
/// Trying to link anonymous account to an existing account
/// Solution: Sign out of anonymous, then sign in with the credential
case anonymousUpgradeConflict
}
public struct AccountConflictContext: LocalizedError, Identifiable, Equatable {
public let id = UUID()
public let conflictType: AccountConflictType
public let credential: AuthCredential
public let underlyingError: Error
public let message: String
public let email: String?
/// Human-readable description of the conflict type
public var conflictDescription: String {
switch conflictType {
case .accountExistsWithDifferentCredential:
return "This account is already registered with a different sign-in method."
case .credentialAlreadyInUse:
return "This credential is already linked to another account."
case .emailAlreadyInUse:
return "This email address is already in use."
case .anonymousUpgradeConflict:
return "Cannot link anonymous account to an existing account."
}
}
public var errorDescription: String? {
return message
}
public static func == (lhs: AccountConflictContext, rhs: AccountConflictContext) -> Bool {
// Compare by id since each AccountConflictContext instance is unique
lhs.id == rhs.id
}
}
public enum AuthServiceError: LocalizedError {
case noCurrentUser
case invalidEmailLink(String)
case clientIdNotFound(String)
case notConfiguredActionCodeSettings(String)
/// OAuth reauthentication required (Google, Apple, Facebook, Twitter, etc.)
/// Can be passed directly to `reauthenticate(context:)` method
case oauthReauthenticationRequired(context: OAuthReauthContext)
/// Email reauthentication required - user must handle password prompt externally
case emailReauthenticationRequired(context: EmailReauthContext)
/// Email link reauthentication required - user must handle email link flow externally
case emailLinkReauthenticationRequired(context: EmailLinkReauthContext)
/// Phone reauthentication required - user must handle SMS verification flow externally
case phoneReauthenticationRequired(context: PhoneReauthContext)
case invalidCredentials(String)
case signInFailed(underlying: Error)
case accountConflict(AccountConflictContext)
case legacySignInRecoveryPresented
case providerNotFound(String)
case multiFactorAuth(String)
case rootViewControllerNotFound(String)
case providerAuthenticationFailed(String)
case signInCancelled(String)
public var errorDescription: String? {
switch self {
case .noCurrentUser:
return "No user is currently signed in."
case let .invalidEmailLink(description):
return description
case let .clientIdNotFound(description):
return description
case let .notConfiguredActionCodeSettings(description):
return description
case let .oauthReauthenticationRequired(context):
return "Please sign in again with \(context.providerName) to continue"
case .emailReauthenticationRequired:
return "Please enter your password to continue"
case .emailLinkReauthenticationRequired:
return "Please check your email to verify your identity"
case .phoneReauthenticationRequired:
return "Please verify your phone number to continue"
case let .invalidCredentials(description):
return description
// Use when failed to sign-in with Firebase
case let .signInFailed(underlying: error):
return "Failed to sign in: \(error.localizedDescription)"
// Use when failed to sign-in with provider (e.g. Google, Facebook, etc.)
case let .providerAuthenticationFailed(description):
return description
case let .signInCancelled(description):
return description
case let .accountConflict(context):
return context.errorDescription
case .legacySignInRecoveryPresented:
return nil
case let .providerNotFound(description):
return description
case let .multiFactorAuth(description):
return description
case let .rootViewControllerNotFound(description):
return description
}
}
}