From 2be4d74658851c2c2fe5786f85c1efb0ae37ae62 Mon Sep 17 00:00:00 2001 From: billykwok Date: Wed, 31 May 2023 00:16:59 +0800 Subject: [PATCH 1/2] feat: support forceRecaptchaFlowForTesting on Android --- docs/auth/phone-auth.md | 2 ++ .../auth/ReactNativeFirebaseAuthModule.java | 22 +++++++++++++++++++ packages/auth/lib/Settings.js | 12 ++++++++++ packages/auth/lib/index.d.ts | 14 ++++++++++++ 4 files changed, 50 insertions(+) diff --git a/docs/auth/phone-auth.md b/docs/auth/phone-auth.md index df8354911d..e10f54cbfb 100644 --- a/docs/auth/phone-auth.md +++ b/docs/auth/phone-auth.md @@ -29,6 +29,8 @@ For reliable automated testing, you may want to disable both automatic and fallb Ensure that all parts of step 1 and 2 from [the official firebase Android phone auth docs](https://firebase.google.com/docs/auth/android/phone-auth#enable-phone-number-sign-in-for-your-firebase-project) have been followed. +To bypass Play Integrity for manual testing, you may [force Recaptcha to be used](https://rnfirebase.io/reference/auth/authsettings#appVerificationDisabledForTesting) prior to calling [verifyPhoneNumber](https://rnfirebase.io/reference/auth/phoneauthprovider#verifyPhoneNumber). + # Expo Setup To use phone auth in an expo app, add the `@react-native-firebase/auth` config plug-in to the [`plugins`](https://docs.expo.io/versions/latest/config/app/#plugins) section of your `app.json`. This is in addition to the `@react-native-firebase/app` plugin. diff --git a/packages/auth/android/src/main/java/io/invertase/firebase/auth/ReactNativeFirebaseAuthModule.java b/packages/auth/android/src/main/java/io/invertase/firebase/auth/ReactNativeFirebaseAuthModule.java index 62f928b05f..b5ba7244e1 100644 --- a/packages/auth/android/src/main/java/io/invertase/firebase/auth/ReactNativeFirebaseAuthModule.java +++ b/packages/auth/android/src/main/java/io/invertase/firebase/auth/ReactNativeFirebaseAuthModule.java @@ -246,6 +246,28 @@ public void removeIdTokenListener(String appName) { } } + /** + * Forces application verification to use the web reCAPTCHA flow for Phone Authentication. + * + * Once this has been called, every call to PhoneAuthProvider#verifyPhoneNumber() will skip the Play Integrity API verification flow and use the reCAPTCHA flow instead. + * + *

Calling this method a second time will overwrite the previously passed parameter. + * + * @param appName + * @param forceRecaptchaFlow + * @param promise + */ + @ReactMethod + public void forceRecaptchaFlowForTesting( + String appName, boolean forceRecaptchaFlow, Promise promise) { + Log.d(TAG, "forceRecaptchaFlowForTesting"); + FirebaseApp firebaseApp = FirebaseApp.getInstance(appName); + FirebaseAuth firebaseAuth = FirebaseAuth.getInstance(firebaseApp); + FirebaseAuthSettings firebaseAuthSettings = firebaseAuth.getFirebaseAuthSettings(); + firebaseAuthSettings.forceRecaptchaFlowForTesting(forceRecaptchaFlow); + promise.resolve(null); + } + /** * The phone number and SMS code here must have been configured in the Firebase Console * (Authentication > Sign In Method > Phone). diff --git a/packages/auth/lib/Settings.js b/packages/auth/lib/Settings.js index 67616872e3..4ed5e3c2fc 100644 --- a/packages/auth/lib/Settings.js +++ b/packages/auth/lib/Settings.js @@ -20,9 +20,21 @@ import { isAndroid } from '@react-native-firebase/app/lib/common'; export default class Settings { constructor(auth) { this._auth = auth; + this._forceRecaptchaFlowForTesting = false; this._appVerificationDisabledForTesting = false; } + get forceRecaptchaFlowForTesting() { + return this._forceRecaptchaFlowForTesting; + } + + set forceRecaptchaFlowForTesting(forceRecaptchaFlow) { + if (isAndroid) { + this._forceRecaptchaFlowForTesting = forceRecaptchaFlow; + this._auth.native.forceRecaptchaFlowForTesting(forceRecaptchaFlow); + } + } + get appVerificationDisabledForTesting() { return this._appVerificationDisabledForTesting; } diff --git a/packages/auth/lib/index.d.ts b/packages/auth/lib/index.d.ts index 30d2bebf97..c596a0e426 100644 --- a/packages/auth/lib/index.d.ts +++ b/packages/auth/lib/index.d.ts @@ -1020,6 +1020,20 @@ export namespace FirebaseAuthTypes { * ``` */ export interface AuthSettings { + /** + * Forces application verification to use the web reCAPTCHA flow for Phone Authentication. + * + * Once this has been called, every call to PhoneAuthProvider#verifyPhoneNumber() will skip the Play Integrity API verification flow and use the reCAPTCHA flow instead. + * + *

Calling this method a second time will overwrite the previously passed parameter. + * + * @android + * @param appName + * @param forceRecaptchaFlow + * @param promise + */ + forceRecaptchaFlowForTesting: boolean; + /** * Flag to disable app verification for the purpose of testing phone authentication. For this property to take effect, it needs to be set before rendering a reCAPTCHA app verifier. When this is disabled, a mock reCAPTCHA is rendered instead. This is useful for manual testing during development or for automated integration tests. * From 92f73e405ec3c6fdace8cf5cc857a4abe0b196bd Mon Sep 17 00:00:00 2001 From: Mike Hardy Date: Mon, 5 Jun 2023 11:19:47 -0500 Subject: [PATCH 2/2] lint: `yarn lint:js --fix` and `yarn lint:android` + spelling changes all trivial --- docs/auth/phone-auth.md | 2 +- .../firebase/auth/ReactNativeFirebaseAuthModule.java | 7 ++++--- packages/auth/lib/index.d.ts | 4 ++-- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/docs/auth/phone-auth.md b/docs/auth/phone-auth.md index e10f54cbfb..fbe501ac15 100644 --- a/docs/auth/phone-auth.md +++ b/docs/auth/phone-auth.md @@ -29,7 +29,7 @@ For reliable automated testing, you may want to disable both automatic and fallb Ensure that all parts of step 1 and 2 from [the official firebase Android phone auth docs](https://firebase.google.com/docs/auth/android/phone-auth#enable-phone-number-sign-in-for-your-firebase-project) have been followed. -To bypass Play Integrity for manual testing, you may [force Recaptcha to be used](https://rnfirebase.io/reference/auth/authsettings#appVerificationDisabledForTesting) prior to calling [verifyPhoneNumber](https://rnfirebase.io/reference/auth/phoneauthprovider#verifyPhoneNumber). +To bypass Play Integrity for manual testing, you may [force reCAPTCHA to be used](https://rnfirebase.io/reference/auth/authsettings#appVerificationDisabledForTesting) prior to calling [`verifyPhoneNumber`](https://rnfirebase.io/reference/auth/phoneauthprovider#verifyPhoneNumber). # Expo Setup diff --git a/packages/auth/android/src/main/java/io/invertase/firebase/auth/ReactNativeFirebaseAuthModule.java b/packages/auth/android/src/main/java/io/invertase/firebase/auth/ReactNativeFirebaseAuthModule.java index b5ba7244e1..b6406f19a4 100644 --- a/packages/auth/android/src/main/java/io/invertase/firebase/auth/ReactNativeFirebaseAuthModule.java +++ b/packages/auth/android/src/main/java/io/invertase/firebase/auth/ReactNativeFirebaseAuthModule.java @@ -248,9 +248,10 @@ public void removeIdTokenListener(String appName) { /** * Forces application verification to use the web reCAPTCHA flow for Phone Authentication. - * - * Once this has been called, every call to PhoneAuthProvider#verifyPhoneNumber() will skip the Play Integrity API verification flow and use the reCAPTCHA flow instead. - * + * + *

Once this has been called, every call to PhoneAuthProvider#verifyPhoneNumber() will skip the + * Play Integrity API verification flow and use the reCAPTCHA flow instead. + * *

Calling this method a second time will overwrite the previously passed parameter. * * @param appName diff --git a/packages/auth/lib/index.d.ts b/packages/auth/lib/index.d.ts index c596a0e426..600aed4fb1 100644 --- a/packages/auth/lib/index.d.ts +++ b/packages/auth/lib/index.d.ts @@ -1022,9 +1022,9 @@ export namespace FirebaseAuthTypes { export interface AuthSettings { /** * Forces application verification to use the web reCAPTCHA flow for Phone Authentication. - * + * * Once this has been called, every call to PhoneAuthProvider#verifyPhoneNumber() will skip the Play Integrity API verification flow and use the reCAPTCHA flow instead. - * + * *

Calling this method a second time will overwrite the previously passed parameter. * * @android