test: test legacy fetchSignInWithEmail flow

Author: russellwheatley

FirebaseSwiftUI/FirebaseAuthSwiftUI/Sources/Strings/Localizable.xcstrings

@@ -47531,6 +47531,66 @@
         }
       }
     },
+    "Use a previous sign-in method" : {
+      "comment" : "Legacy sign-in recovery sheet title.",
+      "extractionState" : "manual",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "translated",
+            "value" : "Use a previous sign-in method"
+          }
+        }
+      }
+    },
+    "You previously signed in with one of these methods for %@." : {
+      "comment" : "Legacy sign-in recovery sheet message.",
+      "extractionState" : "manual",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "translated",
+            "value" : "You previously signed in with one of these methods for %@."
+          }
+        }
+      }
+    },
+    "Some previous sign-in methods are not enabled in this app." : {
+      "comment" : "Legacy sign-in recovery helper copy when some providers are unavailable.",
+      "extractionState" : "manual",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "translated",
+            "value" : "Some previous sign-in methods are not enabled in this app."
+          }
+        }
+      }
+    },
+    "Continue with email and password" : {
+      "comment" : "Legacy sign-in recovery action for email/password.",
+      "extractionState" : "manual",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "translated",
+            "value" : "Continue with email and password"
+          }
+        }
+      }
+    },
+    "Continue with email link" : {
+      "comment" : "Legacy sign-in recovery action for email link.",
+      "extractionState" : "manual",
+      "localizations" : {
+        "en" : {
+          "stringUnit" : {
+            "state" : "translated",
+            "value" : "Continue with email link"
+          }
+        }
+      }
+    },
     "Your password has been successfully updated." : {
       "localizations" : {
         "bg" : {

e2eTest/FirebaseSwiftUIExample/FirebaseSwiftUIExample/TestView.swift

@@ -42,6 +42,12 @@ struct TestView: View {
     }
 
     let isMfaEnabled = ProcessInfo.processInfo.arguments.contains("--mfa-enabled")
+    let legacyFetchSignInEnabled = ProcessInfo.processInfo.arguments.contains(
+      "--legacy-fetch-sign-in-enabled"
+    )
+    let legacyRecoveryPreviewEnabled = ProcessInfo.processInfo.arguments.contains(
+      "--legacy-sign-in-recovery-preview"
+    )
 
     let actionCodeSettings = ActionCodeSettings()
     actionCodeSettings.handleCodeInApp = true
@@ -50,6 +56,7 @@ struct TestView: View {
     actionCodeSettings.linkDomain = "flutterfire-e2e-tests.firebaseapp.com"
     actionCodeSettings.setIOSBundleID(Bundle.main.bundleIdentifier!)
     let configuration = AuthConfiguration(
+      legacyFetchSignInWithEmail: legacyFetchSignInEnabled,
       tosUrl: URL(string: "https://example.com/tos"),
       privacyPolicyUrl: URL(string: "https://example.com/privacy"),
       emailLinkSignInActionCodeSettings: actionCodeSettings,
@@ -76,6 +83,21 @@ struct TestView: View {
         .withEmailSignIn()
         .withEmailLinkSignIn()
     }
+    if legacyRecoveryPreviewEnabled {
+      authService.legacySignInRecovery = LegacySignInRecoveryContext(
+        email: "legacy@example.com",
+        options: [
+          LegacySignInOption(
+            id: EmailAuthProviderID,
+            displayName: authService.string.legacyEmailPasswordOptionLabel
+          ),
+          LegacySignInOption(
+            id: "emailLink",
+            displayName: authService.string.legacyEmailLinkOptionLabel
+          ),
+        ]
+      )
+    }
     authService.isPresented = true
   }
 

e2eTest/FirebaseSwiftUIExample/FirebaseSwiftUIExampleTests/FirebaseSwiftUIExampleTests.swift

@@ -38,6 +38,26 @@ struct FirebaseSwiftUIExampleTests {
     return AuthService(configuration: resolvedConfiguration)
   }
 
+  @MainActor
+  func prepareLegacyRecoveryService(legacyFetchSignInWithEmail: Bool,
+                                    includeEmailLinkProvider: Bool) async throws -> AuthService {
+    configureFirebaseIfNeeded()
+    try await isEmulatorRunning()
+
+    let service = AuthService(
+      configuration: AuthConfiguration(
+        legacyFetchSignInWithEmail: legacyFetchSignInWithEmail
+      )
+    )
+      .withEmailSignIn()
+
+    if includeEmailLinkProvider {
+      _ = service.withEmailLinkSignIn()
+    }
+
+    return service
+  }
+
   @Test
   @MainActor
   func defaultAuthConfigurationInjection() async throws {
@@ -49,6 +69,7 @@ struct FirebaseSwiftUIExampleTests {
     #expect(actual.shouldHideCancelButton == false)
     #expect(actual.interactiveDismissEnabled == true)
     #expect(actual.shouldAutoUpgradeAnonymousUsers == false)
+    #expect(actual.legacyFetchSignInWithEmail == false)
     #expect(actual.customStringsBundle == nil)
     #expect(actual.tosUrl == nil)
     #expect(actual.privacyPolicyUrl == nil)
@@ -73,6 +94,7 @@ struct FirebaseSwiftUIExampleTests {
       shouldHideCancelButton: true,
       interactiveDismissEnabled: false,
       shouldAutoUpgradeAnonymousUsers: true,
+      legacyFetchSignInWithEmail: true,
       customStringsBundle: .main,
       tosUrl: URL(string: "https://example.com/tos"),
       privacyPolicyUrl: URL(string: "https://example.com/privacy"),
@@ -86,6 +108,7 @@ struct FirebaseSwiftUIExampleTests {
     #expect(actual.shouldHideCancelButton == true)
     #expect(actual.interactiveDismissEnabled == false)
     #expect(actual.shouldAutoUpgradeAnonymousUsers == true)
+    #expect(actual.legacyFetchSignInWithEmail == true)
     #expect(actual.customStringsBundle === Bundle.main)
     #expect(actual.tosUrl == URL(string: "https://example.com/tos"))
     #expect(actual.privacyPolicyUrl == URL(string: "https://example.com/privacy"))
@@ -95,6 +118,88 @@ struct FirebaseSwiftUIExampleTests {
     #expect(actual.verifyEmailActionCodeSettings?.url == verifySettings.url)
   }
 
+  @Test
+  @MainActor
+  func legacySignInRecoveryResolvesEmailLinkProvider() async throws {
+    let email = createEmail()
+    try await clearAuthEmulatorState()
+    try await createEmailLinkOnlyUser(email: email)
+
+    let service = try await prepareLegacyRecoveryService(
+      legacyFetchSignInWithEmail: true,
+      includeEmailLinkProvider: true
+    )
+
+    do {
+      try await service.signIn(email: email, password: kPassword)
+      Issue.record("Expected email/password sign-in to fail for an email-link account")
+    } catch {
+      if case .legacySignInRecoveryPresented = error as? AuthServiceError {
+        // Expected path.
+      } else {
+        Issue.record("Expected legacy recovery error, got: \(error)")
+      }
+    }
+
+    let recovery = service.legacySignInRecovery
+    #expect(recovery?.email == email)
+    #expect(recovery?.options.contains(where: { $0.id == "emailLink" }) == true)
+  }
+
+  @Test
+  @MainActor
+  func legacySignInRecoveryFallsBackWhenProviderNotEnabled() async throws {
+    let email = createEmail()
+    try await clearAuthEmulatorState()
+    try await createEmailLinkOnlyUser(email: email)
+
+    let service = try await prepareLegacyRecoveryService(
+      legacyFetchSignInWithEmail: true,
+      includeEmailLinkProvider: false
+    )
+
+    do {
+      try await service.signIn(email: email, password: kPassword)
+      Issue.record("Expected email/password sign-in to fail for an email-link account")
+    } catch {
+      #expect((error as? AuthServiceError) == nil || {
+        if case .legacySignInRecoveryPresented = error as? AuthServiceError {
+          return false
+        }
+        return true
+      }())
+    }
+
+    #expect(service.legacySignInRecovery == nil)
+  }
+
+  @Test
+  @MainActor
+  func legacySignInRecoveryDisabledPreservesExistingFailure() async throws {
+    let email = createEmail()
+    try await clearAuthEmulatorState()
+    try await createEmailLinkOnlyUser(email: email)
+
+    let service = try await prepareLegacyRecoveryService(
+      legacyFetchSignInWithEmail: false,
+      includeEmailLinkProvider: true
+    )
+
+    do {
+      try await service.signIn(email: email, password: kPassword)
+      Issue.record("Expected email/password sign-in to fail for an email-link account")
+    } catch {
+      #expect((error as? AuthServiceError) == nil || {
+        if case .legacySignInRecoveryPresented = error as? AuthServiceError {
+          return false
+        }
+        return true
+      }())
+    }
+
+    #expect(service.legacySignInRecovery == nil)
+  }
+
   @Test
   @MainActor
   func createEmailPasswordUser() async throws {

e2eTest/FirebaseSwiftUIExample/FirebaseSwiftUIExampleTests/TestHarness.swift

@@ -6,6 +6,7 @@
 //
 
 import FirebaseAuth
+import FirebaseAuthSwiftUI
 import FirebaseCore
 
 @MainActor
@@ -80,3 +81,90 @@ func waitForStateChange(timeout: TimeInterval = 10.0,
 enum TestError: Error {
   case timeout(String)
 }
+
+@MainActor
+func makeEmailLinkActionCodeSettings() -> ActionCodeSettings {
+  let actionCodeSettings = ActionCodeSettings()
+  actionCodeSettings.handleCodeInApp = true
+  actionCodeSettings.url = URL(string: "https://flutterfire-e2e-tests.firebaseapp.com")
+  actionCodeSettings.linkDomain = "flutterfire-e2e-tests.firebaseapp.com"
+  actionCodeSettings.setIOSBundleID("io.flutter.plugins.firebase.auth.example")
+  return actionCodeSettings
+}
+
+@MainActor
+func createEmailLinkOnlyUser(email: String) async throws {
+  configureFirebaseIfNeeded()
+  try await isEmulatorRunning()
+
+  let service = AuthService(
+    configuration: AuthConfiguration(
+      emailLinkSignInActionCodeSettings: makeEmailLinkActionCodeSettings()
+    )
+  )
+    .withEmailLinkSignIn()
+
+  service.emailLink = email
+  try await service.sendEmailSignInLink(email: email)
+  let signInLink = try await fetchEmailSignInLinkFromEmulator(email: email)
+  try await service.handleSignInLink(url: signInLink)
+  try await service.signOut()
+}
+
+@MainActor
+func fetchEmailSignInLinkFromEmulator(email: String,
+                                      projectID: String = "flutterfire-e2e-tests",
+                                      emulatorHost: String = "127.0.0.1:9099") async throws -> URL {
+  struct OobEnvelope: Decodable { let oobCodes: [OobItem] }
+  struct OobItem: Decodable {
+    let email: String
+    let oobLink: String?
+    let requestType: String
+    let creationTime: String?
+  }
+
+  let oobURL = URL(string: "http://\(emulatorHost)/emulator/v1/projects/\(projectID)/oobCodes")!
+  let iso = ISO8601DateFormatter()
+
+  var attempts = 0
+  let maxAttempts = 5
+
+  while attempts < maxAttempts {
+    let (oobData, oobResponse) = try await URLSession.shared.data(from: oobURL)
+    guard (oobResponse as? HTTPURLResponse)?.statusCode == 200 else {
+      throw NSError(
+        domain: "EmulatorError",
+        code: 10,
+        userInfo: [NSLocalizedDescriptionKey: "Failed to fetch OOB codes for email sign-in"]
+      )
+    }
+
+    let envelope = try JSONDecoder().decode(OobEnvelope.self, from: oobData)
+    let oobLink = envelope.oobCodes
+      .filter {
+        $0.email.caseInsensitiveCompare(email) == .orderedSame && $0.requestType == "EMAIL_SIGNIN"
+      }
+      .sorted {
+        let lhs = $0.creationTime.flatMap { iso.date(from: $0) } ?? .distantPast
+        let rhs = $1.creationTime.flatMap { iso.date(from: $0) } ?? .distantPast
+        return lhs > rhs
+      }
+      .compactMap(\.oobLink)
+      .first
+
+    if let oobLink,
+       let encodedLink = oobLink.addingPercentEncoding(withAllowedCharacters: .urlQueryAllowed),
+       let wrappedLink = URL(string: "https://example.com/?link=\(encodedLink)") {
+      return wrappedLink
+    }
+
+    attempts += 1
+    try await Task.sleep(nanoseconds: 500_000_000)
+  }
+
+  throw NSError(
+    domain: "EmulatorError",
+    code: 11,
+    userInfo: [NSLocalizedDescriptionKey: "No EMAIL_SIGNIN OOB link found for \(email)"]
+  )
+}