feat(auth, android): add forceRecaptchaFlowForTesting API (#7148)

Co-authored-by: Mike Hardy <github@mikehardy.net>

docs/auth/phone-auth.md

@@ -29,6 +29,8 @@ For reliable automated testing, you may want to disable both automatic and fallb
 
 Ensure that all parts of step 1 and 2 from [the official firebase Android phone auth docs](https://firebase.google.com/docs/auth/android/phone-auth#enable-phone-number-sign-in-for-your-firebase-project) have been followed.
 
+To bypass Play Integrity for manual testing, you may [force reCAPTCHA to be used](https://rnfirebase.io/reference/auth/authsettings#appVerificationDisabledForTesting) prior to calling [`verifyPhoneNumber`](https://rnfirebase.io/reference/auth/phoneauthprovider#verifyPhoneNumber).
+
 # Expo Setup
 
 To use phone auth in an expo app, add the `@react-native-firebase/auth` config plug-in to the [`plugins`](https://docs.expo.io/versions/latest/config/app/#plugins) section of your `app.json`. This is in addition to the `@react-native-firebase/app` plugin.

packages/auth/android/src/main/java/io/invertase/firebase/auth/ReactNativeFirebaseAuthModule.java

@@ -246,6 +246,29 @@ public void removeIdTokenListener(String appName) {
     }
   }
 
+  /**
+   * Forces application verification to use the web reCAPTCHA flow for Phone Authentication.
+   *
+   * <p>Once this has been called, every call to PhoneAuthProvider#verifyPhoneNumber() will skip the
+   * Play Integrity API verification flow and use the reCAPTCHA flow instead.
+   *
+   * <p>Calling this method a second time will overwrite the previously passed parameter.
+   *
+   * @param appName
+   * @param forceRecaptchaFlow
+   * @param promise
+   */
+  @ReactMethod
+  public void forceRecaptchaFlowForTesting(
+      String appName, boolean forceRecaptchaFlow, Promise promise) {
+    Log.d(TAG, "forceRecaptchaFlowForTesting");
+    FirebaseApp firebaseApp = FirebaseApp.getInstance(appName);
+    FirebaseAuth firebaseAuth = FirebaseAuth.getInstance(firebaseApp);
+    FirebaseAuthSettings firebaseAuthSettings = firebaseAuth.getFirebaseAuthSettings();
+    firebaseAuthSettings.forceRecaptchaFlowForTesting(forceRecaptchaFlow);
+    promise.resolve(null);
+  }
+
   /**
    * The phone number and SMS code here must have been configured in the Firebase Console
    * (Authentication > Sign In Method > Phone).

packages/auth/lib/Settings.js

@@ -20,9 +20,21 @@ import { isAndroid } from '@react-native-firebase/app/lib/common';
 export default class Settings {
   constructor(auth) {
     this._auth = auth;
+    this._forceRecaptchaFlowForTesting = false;
     this._appVerificationDisabledForTesting = false;
   }
 
+  get forceRecaptchaFlowForTesting() {
+    return this._forceRecaptchaFlowForTesting;
+  }
+
+  set forceRecaptchaFlowForTesting(forceRecaptchaFlow) {
+    if (isAndroid) {
+      this._forceRecaptchaFlowForTesting = forceRecaptchaFlow;
+      this._auth.native.forceRecaptchaFlowForTesting(forceRecaptchaFlow);
+    }
+  }
+
   get appVerificationDisabledForTesting() {
     return this._appVerificationDisabledForTesting;
   }

packages/auth/lib/index.d.ts

@@ -1020,6 +1020,20 @@ export namespace FirebaseAuthTypes {
    * ```
    */
   export interface AuthSettings {
+    /**
+     * Forces application verification to use the web reCAPTCHA flow for Phone Authentication.
+     *
+     * Once this has been called, every call to PhoneAuthProvider#verifyPhoneNumber() will skip the Play Integrity API verification flow and use the reCAPTCHA flow instead.
+     *
+     * <p>Calling this method a second time will overwrite the previously passed parameter.
+     *
+     * @android
+     * @param appName
+     * @param forceRecaptchaFlow
+     * @param promise
+     */
+    forceRecaptchaFlowForTesting: boolean;
+
     /**
      * Flag to disable app verification for the purpose of testing phone authentication. For this property to take effect, it needs to be set before rendering a reCAPTCHA app verifier. When this is disabled, a mock reCAPTCHA is rendered instead. This is useful for manual testing during development or for automated integration tests.
      *