add support for beforeEmail trigger

Author: blidd-google

spec/common/providers/identity.spec.ts

@@ -528,6 +528,7 @@ describe("identity", () => {
         userAgent: "USER_AGENT",
         eventId: "EVENT_ID",
         eventType: EVENT,
+        emailType: undefined,
         authType: "UNAUTHENTICATED",
         resource: {
           service: "identitytoolkit.googleapis.com",
@@ -540,6 +541,7 @@ describe("identity", () => {
           username: undefined,
           isNewUser: false,
           recaptchaScore: TEST_RECAPTCHA_SCORE,
+          email: undefined,
         },
         credential: null,
         params: {},
@@ -577,6 +579,7 @@ describe("identity", () => {
         userAgent: "USER_AGENT",
         eventId: "EVENT_ID",
         eventType: "providers/cloud.auth/eventTypes/user.beforeSignIn:password",
+        emailType: undefined,
         authType: "UNAUTHENTICATED",
         resource: {
           service: "identitytoolkit.googleapis.com",
@@ -589,6 +592,7 @@ describe("identity", () => {
           username: undefined,
           isNewUser: false,
           recaptchaScore: TEST_RECAPTCHA_SCORE,
+          email: undefined,
         },
         credential: {
           claims: undefined,
@@ -663,6 +667,7 @@ describe("identity", () => {
         userAgent: "USER_AGENT",
         eventId: "EVENT_ID",
         eventType: "providers/cloud.auth/eventTypes/user.beforeCreate:oidc.provider",
+        emailType: undefined,
         authType: "USER",
         resource: {
           service: "identitytoolkit.googleapis.com",
@@ -675,6 +680,7 @@ describe("identity", () => {
           profile: rawUserInfo,
           isNewUser: true,
           recaptchaScore: TEST_RECAPTCHA_SCORE,
+          email: undefined,
         },
         credential: {
           claims: undefined,
@@ -691,6 +697,50 @@ describe("identity", () => {
 
       expect(identity.parseAuthEventContext(decodedJwt, "project-id", time)).to.deep.equal(context);
     });
+
+    it("should parse a beforeSendEmail event", () => {
+      const time = now.getTime();
+      const decodedJwt = {
+        iss: "https://securetoken.google.com/project_id",
+        aud: "https://us-east1-project_id.cloudfunctions.net/function-1",
+        iat: 1,
+        exp: 60 * 60 + 1,
+        event_id: "EVENT_ID",
+        event_type: "beforeSendEmail",
+        user_agent: "USER_AGENT",
+        ip_address: "1.2.3.4",
+        locale: "en",
+        recaptcha_score: TEST_RECAPTCHA_SCORE,
+        email_type: "RESET_PASSWORD",
+        email: "[email protected]",
+      };
+      const context = {
+        locale: "en",
+        ipAddress: "1.2.3.4",
+        userAgent: "USER_AGENT",
+        eventId: "EVENT_ID",
+        eventType: "providers/cloud.auth/eventTypes/user.beforeSendEmail",
+        emailType: "RESET_PASSWORD",
+        authType: "UNAUTHENTICATED",
+        resource: {
+          service: "identitytoolkit.googleapis.com",
+          name: "projects/project-id",
+        },
+        timestamp: new Date(1000).toUTCString(),
+        additionalUserInfo: {
+          isNewUser: false,
+          profile: undefined,
+          providerId: undefined,
+          username: undefined,
+          recaptchaScore: TEST_RECAPTCHA_SCORE,
+          email: "[email protected]",
+        },
+        credential: null,
+        params: {},
+      };
+
+      expect(identity.parseAuthEventContext(decodedJwt, "project-id", time)).to.deep.equal(context);
+    });
   });
 
   describe("validateAuthResponse", () => {

spec/v1/providers/auth.spec.ts

@@ -305,6 +305,96 @@ describe("Auth Functions", () => {
       });
     });
 
+    describe("beforeEmail", () => {
+      it("should create function without options", () => {
+        const fn = auth.user().beforeEmail(() => Promise.resolve());
+
+        expect(fn.__trigger).to.deep.equal({
+          labels: {},
+          blockingTrigger: {
+            eventType: "providers/cloud.auth/eventTypes/user.beforeSendEmail",
+            options: {
+              accessToken: false,
+              idToken: false,
+              refreshToken: false,
+            },
+          },
+        });
+        expect(fn.__endpoint).to.deep.equal({
+          ...MINIMAL_V1_ENDPOINT,
+          platform: "gcfv1",
+          labels: {},
+          blockingTrigger: {
+            eventType: "providers/cloud.auth/eventTypes/user.beforeSendEmail",
+            options: {
+              accessToken: false,
+              idToken: false,
+              refreshToken: false,
+            },
+          },
+        });
+        expect(fn.__requiredAPIs).to.deep.equal([
+          {
+            api: "identitytoolkit.googleapis.com",
+            reason: "Needed for auth blocking functions",
+          },
+        ]);
+      });
+
+      it("should create the function with options", () => {
+        const fn = functions
+          .region("us-east1")
+          .runWith({
+            timeoutSeconds: 90,
+            memory: "256MB",
+          })
+          .auth.user({
+            blockingOptions: {
+              accessToken: true,
+              refreshToken: false,
+            },
+          })
+          .beforeEmail(() => Promise.resolve());
+
+        expect(fn.__trigger).to.deep.equal({
+          labels: {},
+          regions: ["us-east1"],
+          availableMemoryMb: 256,
+          timeout: "90s",
+          blockingTrigger: {
+            eventType: "providers/cloud.auth/eventTypes/user.beforeSendEmail",
+            options: {
+              accessToken: true,
+              idToken: false,
+              refreshToken: false,
+            },
+          },
+        });
+        expect(fn.__endpoint).to.deep.equal({
+          ...MINIMAL_V1_ENDPOINT,
+          platform: "gcfv1",
+          labels: {},
+          region: ["us-east1"],
+          availableMemoryMb: 256,
+          timeoutSeconds: 90,
+          blockingTrigger: {
+            eventType: "providers/cloud.auth/eventTypes/user.beforeSendEmail",
+            options: {
+              accessToken: true,
+              idToken: false,
+              refreshToken: false,
+            },
+          },
+        });
+        expect(fn.__requiredAPIs).to.deep.equal([
+          {
+            api: "identitytoolkit.googleapis.com",
+            reason: "Needed for auth blocking functions",
+          },
+        ]);
+      });
+    });
+
     describe("#_dataConstructor", () => {
       let cloudFunctionDelete: CloudFunction<UserRecord>;
 

spec/v2/providers/identity.spec.ts

@@ -41,6 +41,15 @@ const BEFORE_SIGN_IN_TRIGGER = {
   },
 };
 
+const BEFORE_EMAIL_TRIGGER = {
+  eventType: "providers/cloud.auth/eventTypes/user.beforeSendEmail",
+  options: {
+    accessToken: false,
+    idToken: false,
+    refreshToken: false,
+  },
+};
+
 const opts: identity.BlockingOptions = {
   accessToken: true,
   refreshToken: false,
@@ -137,6 +146,50 @@ describe("identity", () => {
     });
   });
 
+  describe("beforeEmailSent", () => {
+    it("should accept a handler", () => {
+      const fn = identity.beforeEmailSent(() => Promise.resolve());
+
+      expect(fn.__endpoint).to.deep.equal({
+        ...MINIMAL_V2_ENDPOINT,
+        platform: "gcfv2",
+        labels: {},
+        blockingTrigger: BEFORE_EMAIL_TRIGGER,
+      });
+      expect(fn.__requiredAPIs).to.deep.equal([
+        {
+          api: "identitytoolkit.googleapis.com",
+          reason: "Needed for auth blocking functions",
+        },
+      ]);
+    });
+  });
+
+  it("should accept options and a handler", () => {
+    const fn = identity.beforeEmailSent(opts, () => Promise.resolve());
+
+    expect(fn.__endpoint).to.deep.equal({
+      ...MINIMAL_V2_ENDPOINT,
+      platform: "gcfv2",
+      labels: {},
+      minInstances: 1,
+      region: ["us-west1"],
+      blockingTrigger: {
+        ...BEFORE_EMAIL_TRIGGER,
+        options: {
+          ...BEFORE_EMAIL_TRIGGER.options,
+          accessToken: true,
+        },
+      },
+    });
+    expect(fn.__requiredAPIs).to.deep.equal([
+      {
+        api: "identitytoolkit.googleapis.com",
+        reason: "Needed for auth blocking functions",
+      },
+    ]);
+  });
+
   describe("beforeOperation", () => {
     it("should handle eventType and handler for before create events", () => {
       const fn = identity.beforeOperation("beforeCreate", () => Promise.resolve(), undefined);
@@ -172,6 +225,23 @@ describe("identity", () => {
       ]);
     });
 
+    it("should handle eventType and handler for before email events", () => {
+      const fn = identity.beforeOperation("beforeSendEmail", () => Promise.resolve(), undefined);
+
+      expect(fn.__endpoint).to.deep.equal({
+        ...MINIMAL_V2_ENDPOINT,
+        platform: "gcfv2",
+        labels: {},
+        blockingTrigger: BEFORE_EMAIL_TRIGGER,
+      });
+      expect(fn.__requiredAPIs).to.deep.equal([
+        {
+          api: "identitytoolkit.googleapis.com",
+          reason: "Needed for auth blocking functions",
+        },
+      ]);
+    });
+
     it("should handle eventType, options, and handler for before create events", () => {
       const fn = identity.beforeOperation("beforeCreate", opts, () => Promise.resolve());
 
@@ -221,6 +291,31 @@ describe("identity", () => {
         },
       ]);
     });
+
+    it("should handle eventType, options, and handler for before send email events", () => {
+      const fn = identity.beforeOperation("beforeSendEmail", opts, () => Promise.resolve());
+
+      expect(fn.__endpoint).to.deep.equal({
+        ...MINIMAL_V2_ENDPOINT,
+        platform: "gcfv2",
+        labels: {},
+        minInstances: 1,
+        region: ["us-west1"],
+        blockingTrigger: {
+          ...BEFORE_EMAIL_TRIGGER,
+          options: {
+            ...BEFORE_EMAIL_TRIGGER.options,
+            accessToken: true,
+          },
+        },
+      });
+      expect(fn.__requiredAPIs).to.deep.equal([
+        {
+          api: "identitytoolkit.googleapis.com",
+          reason: "Needed for auth blocking functions",
+        },
+      ]);
+    });
   });
 
   describe("getOpts", () => {