Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(auth): Allow enabling of anonymous provider via tenant configuration #802

Merged
merged 7 commits into from
Feb 8, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions etc/firebase-admin.api.md
Original file line number Diff line number Diff line change
Expand Up @@ -251,6 +251,7 @@ export namespace auth {
expiresIn: number;
}
export interface Tenant {
anonymousSignInEnabled: boolean;
displayName?: string;
emailSignInConfig?: {
enabled: boolean;
Expand Down Expand Up @@ -301,6 +302,7 @@ export namespace auth {
photoURL?: string | null;
}
export interface UpdateTenantRequest {
anonymousSignInEnabled?: boolean;
displayName?: string;
emailSignInConfig?: EmailSignInProviderConfig;
multiFactorConfig?: MultiFactorConfig;
Expand Down
10 changes: 10 additions & 0 deletions src/auth/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -1014,6 +1014,11 @@ export namespace auth {
passwordRequired?: boolean;
};

/**
* Whether the anonymous provider is enabled.
*/
anonymousSignInEnabled: boolean;

/**
* The multi-factor auth configuration on the current tenant.
*/
Expand Down Expand Up @@ -1089,6 +1094,11 @@ export namespace auth {
*/
emailSignInConfig?: EmailSignInProviderConfig;

/**
* Whether the anonymous provider is enabled.
*/
anonymousSignInEnabled?: boolean;

/**
* The multi-factor auth configuration to update on the tenant.
*/
Expand Down
9 changes: 9 additions & 0 deletions src/auth/tenant.ts
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ import UpdateTenantRequest = auth.UpdateTenantRequest;
/** The corresponding server side representation of a TenantOptions object. */
export interface TenantOptionsServerRequest extends EmailSignInConfigServerRequest {
displayName?: string;
enableAnonymousUser?: boolean;
mfaConfig?: MultiFactorAuthServerConfig;
testPhoneNumbers?: {[key: string]: string};
}
Expand All @@ -39,6 +40,7 @@ export interface TenantServerResponse {
displayName?: string;
allowPasswordSignup?: boolean;
enableEmailLinkSignin?: boolean;
enableAnonymousUser?: boolean;
mfaConfig?: MultiFactorAuthServerConfig;
testPhoneNumbers?: {[key: string]: string};
}
Expand All @@ -50,6 +52,7 @@ export class Tenant implements TenantInterface {
public readonly tenantId: string;
public readonly displayName?: string;
public readonly emailSignInConfig?: EmailSignInConfig;
public readonly anonymousSignInEnabled: boolean;
public readonly multiFactorConfig?: MultiFactorAuthConfig;
public readonly testPhoneNumbers?: {[phoneNumber: string]: string};

Expand All @@ -70,6 +73,9 @@ export class Tenant implements TenantInterface {
if (typeof tenantOptions.displayName !== 'undefined') {
request.displayName = tenantOptions.displayName;
}
if (typeof tenantOptions.anonymousSignInEnabled !== 'undefined') {
request.enableAnonymousUser = tenantOptions.anonymousSignInEnabled;
}
if (typeof tenantOptions.multiFactorConfig !== 'undefined') {
request.mfaConfig = MultiFactorAuthConfig.buildServerRequest(tenantOptions.multiFactorConfig);
}
Expand Down Expand Up @@ -105,6 +111,7 @@ export class Tenant implements TenantInterface {
const validKeys = {
displayName: true,
emailSignInConfig: true,
anonymousSignInEnabled: true,
multiFactorConfig: true,
testPhoneNumbers: true,
};
Expand Down Expand Up @@ -179,6 +186,7 @@ export class Tenant implements TenantInterface {
allowPasswordSignup: false,
});
}
this.anonymousSignInEnabled = !!response.enableAnonymousUser;
if (typeof response.mfaConfig !== 'undefined') {
this.multiFactorConfig = new MultiFactorAuthConfig(response.mfaConfig);
}
Expand All @@ -193,6 +201,7 @@ export class Tenant implements TenantInterface {
tenantId: this.tenantId,
displayName: this.displayName,
emailSignInConfig: this.emailSignInConfig?.toJSON(),
anonymousSignInEnabled: this.anonymousSignInEnabled,
multiFactorConfig: this.multiFactorConfig?.toJSON(),
testPhoneNumbers: this.testPhoneNumbers,
};
Expand Down
36 changes: 36 additions & 0 deletions test/integration/auth.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -886,6 +886,7 @@ describe('admin.auth', () => {
enabled: true,
passwordRequired: true,
},
anonymousSignInEnabled: false,
multiFactorConfig: {
state: 'ENABLED',
factorIds: ['phone'],
Expand All @@ -901,6 +902,7 @@ describe('admin.auth', () => {
enabled: false,
passwordRequired: true,
},
anonymousSignInEnabled: false,
multiFactorConfig: {
state: 'DISABLED',
factorIds: [],
Expand All @@ -915,6 +917,7 @@ describe('admin.auth', () => {
enabled: true,
passwordRequired: false,
},
anonymousSignInEnabled: false,
multiFactorConfig: {
state: 'ENABLED',
factorIds: ['phone'],
Expand Down Expand Up @@ -957,6 +960,20 @@ describe('admin.auth', () => {
});
});

it('createTenant() can enable anonymous users', async () => {
const tenant = await admin.auth().tenantManager().createTenant({
displayName: 'testTenantWithAnon',
emailSignInConfig: {
enabled: false,
passwordRequired: true,
},
anonymousSignInEnabled: true,
});
createdTenants.push(tenant.tenantId);

expect(tenant.anonymousSignInEnabled).to.be.true;
});

// Sanity check user management + email link generation + custom attribute APIs.
// TODO: Confirm behavior in client SDK when it starts supporting it.
describe('supports user management, email link generation, custom attribute and token revocation APIs', () => {
Expand Down Expand Up @@ -1300,6 +1317,25 @@ describe('admin.auth', () => {
});
});

it('updateTenant() should be able to enable/disable anon provider', async () => {
const tenantManager = admin.auth().tenantManager();
let tenant = await tenantManager.createTenant({
displayName: 'testTenantUpdateAnon',
});
createdTenants.push(tenant.tenantId);
expect(tenant.anonymousSignInEnabled).to.be.false;

tenant = await tenantManager.updateTenant(tenant.tenantId, {
anonymousSignInEnabled: true,
});
expect(tenant.anonymousSignInEnabled).to.be.true;

tenant = await tenantManager.updateTenant(tenant.tenantId, {
anonymousSignInEnabled: false,
});
expect(tenant.anonymousSignInEnabled).to.be.false;
});

it('listTenants() should resolve with expected number of tenants', () => {
const allTenantIds: string[] = [];
const tenantOptions2 = deepCopy(tenantOptions);
Expand Down
3 changes: 3 additions & 0 deletions test/unit/auth/tenant-manager.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ describe('TenantManager', () => {
displayName: 'TENANT-DISPLAY-NAME',
allowPasswordSignup: true,
enableEmailLinkSignin: false,
enableAnonymousUser: true,
};

before(() => {
Expand Down Expand Up @@ -388,6 +389,7 @@ describe('TenantManager', () => {
enabled: true,
passwordRequired: true,
},
anonymousSignInEnabled: true,
hiranya911 marked this conversation as resolved.
Show resolved Hide resolved
};
const expectedTenant = new Tenant(GET_TENANT_RESPONSE);
const expectedError = new FirebaseAuthError(
Expand Down Expand Up @@ -480,6 +482,7 @@ describe('TenantManager', () => {
enabled: true,
passwordRequired: true,
},
anonymousSignInEnabled: true,
};
const expectedTenant = new Tenant(GET_TENANT_RESPONSE);
const expectedError = new FirebaseAuthError(
Expand Down
2 changes: 2 additions & 0 deletions test/unit/auth/tenant.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -351,6 +351,7 @@ describe('Tenant', () => {
enabled: true,
passwordRequired: false,
},
anonymousSignInEnabled: false,
multiFactorConfig: deepCopy(clientRequest.multiFactorConfig),
testPhoneNumbers: deepCopy(clientRequest.testPhoneNumbers),
});
Expand All @@ -368,6 +369,7 @@ describe('Tenant', () => {
enabled: true,
passwordRequired: false,
},
anonymousSignInEnabled: false,
});
});
});
Expand Down