change email validation logic to allow international emaill address (#1427)

Author: wti806

packages/auth/src/rpchandler.js

@@ -31,7 +31,6 @@ goog.require('fireauth.object');
 goog.require('fireauth.util');
 goog.require('goog.Promise');
 goog.require('goog.Uri');
-goog.require('goog.format.EmailAddress');
 goog.require('goog.html.TrustedResourceUrl');
 goog.require('goog.json');
 goog.require('goog.net.CorsXmlHttpFactory');
@@ -803,7 +802,7 @@ fireauth.RpcHandler.prototype.requestFirebaseEndpoint = function(
  * @private
  */
 fireauth.RpcHandler.validateRequestHasEmail_ = function(request) {
-  if (!goog.format.EmailAddress.isValidAddrSpec(request['email'])) {
+  if (!fireauth.util.isValidEmailAddress(request['email'])) {
     throw new fireauth.AuthError(fireauth.authenum.Error.INVALID_EMAIL);
   }
 };
@@ -815,7 +814,7 @@ fireauth.RpcHandler.validateRequestHasEmail_ = function(request) {
  * @private
  */
 fireauth.RpcHandler.validateResponseHasEmail_ = function(response) {
-  if (!goog.format.EmailAddress.isValidAddrSpec(response['email'])) {
+  if (!fireauth.util.isValidEmailAddress(response['email'])) {
     throw new fireauth.AuthError(fireauth.authenum.Error.INTERNAL_ERROR);
   }
 };

packages/auth/src/utils.js

@@ -467,6 +467,25 @@ fireauth.util.matchDomain = function(domainPattern, domain, scheme) {
 };
 
 
+/**
+ * RegExp to detect if the email address given is valid.
+ * @const {!RegExp}
+ * @private
+ */
+fireauth.util.EMAIL_ADDRESS_REGEXP_ = /^[^@]+@[^@]+$/;
+
+
+/**
+ * Determines if it is a valid email address.
+ * @param {*} email The email address.
+ * @return {boolean} Whether the email address is valid.
+ */
+fireauth.util.isValidEmailAddress = function(email) {
+  return goog.isString(email) &&
+      fireauth.util.EMAIL_ADDRESS_REGEXP_.test(email);
+};
+
+
 /**
  * @return {!goog.Promise<void>} A promise that resolves when DOM is ready.
  */
@@ -1427,7 +1446,7 @@ fireauth.util.persistsStorageWithIndexedDB = function() {
   // IE11, Edge when indexedDB is available (this is unavailable in InPrivate
   // mode). (SDK, OAuth handler and iframe)
   // Any environment where indexedDB is available (SDK only).
-  
+
   // In a browser environment, when an iframe and a popup web storage are not
   // synchronized, use the indexedDB fireauth.storage.Storage implementation.
   return (fireauth.util.isLocalStorageNotSynchronized() ||
@@ -1493,4 +1512,3 @@ fireauth.util.getActiveServiceWorker = function() {
   }
   return goog.Promise.resolve(/** @type {?ServiceWorker} */ (null));
 };
-

packages/auth/test/rpchandler_test.js

@@ -2636,7 +2636,7 @@ function testEmailLinkSignIn_invalidEmailError() {
   // Test when invalid email is passed in emailLinkSignIn request.
   asyncTestCase.waitForSignals(1);
   // Test when request is invalid.
-  rpcHandler.emailLinkSignIn('user@invalid', 'OTP_CODE')
+  rpcHandler.emailLinkSignIn('user.invalid', 'OTP_CODE')
       .thenCatch(function(error) {
         fireauth.common.testHelper.assertErrorEquals(
             new fireauth.AuthError(fireauth.authenum.Error.INVALID_EMAIL),
@@ -2745,7 +2745,7 @@ function testVerifyPassword_invalidEmailError() {
   // Test when invalid email is passed in verifyPassword request.
   asyncTestCase.waitForSignals(1);
   // Test when request is invalid.
-  rpcHandler.verifyPassword('uid123@invalid', 'mysupersecretpassword')
+  rpcHandler.verifyPassword('uid123.invalid', 'mysupersecretpassword')
       .thenCatch(function(error) {
         fireauth.common.testHelper.assertErrorEquals(
             new fireauth.AuthError(fireauth.authenum.Error.INVALID_EMAIL),
@@ -2847,7 +2847,7 @@ function testCreateAccount_invalidEmailError() {
   // Test when invalid email is passed in setAccountInfo request.
   asyncTestCase.waitForSignals(1);
   // Test when request is invalid.
-  rpcHandler.createAccount('uid123@invalid', 'mysupersecretpassword')
+  rpcHandler.createAccount('uid123.invalid', 'mysupersecretpassword')
       .thenCatch(function(error) {
         fireauth.common.testHelper.assertErrorEquals(
             new fireauth.AuthError(fireauth.authenum.Error.INVALID_EMAIL),
@@ -4715,7 +4715,7 @@ function testSendSignInLinkToEmail_invalidEmailError() {
   };
   asyncTestCase.waitForSignals(1);
   // Test when request is invalid.
-  rpcHandler.sendSignInLinkToEmail('user@invalid', additionalRequestData)
+  rpcHandler.sendSignInLinkToEmail('user.invalid', additionalRequestData)
       .thenCatch(function(error) {
         fireauth.common.testHelper.assertErrorEquals(
             new fireauth.AuthError(fireauth.authenum.Error.INVALID_EMAIL),
@@ -4917,7 +4917,7 @@ function testSendPasswordResetEmail_invalidEmailError() {
   // Test when invalid email is passed in getOobCode request.
   asyncTestCase.waitForSignals(1);
   // Test when request is invalid.
-  rpcHandler.sendPasswordResetEmail('user@exampl', {})
+  rpcHandler.sendPasswordResetEmail('user.invalid', {})
       .thenCatch(function(error) {
         fireauth.common.testHelper.assertErrorEquals(
             new fireauth.AuthError(fireauth.authenum.Error.INVALID_EMAIL),
@@ -5803,7 +5803,7 @@ function testUpdateEmail_invalidEmail() {
   var expectedError = new fireauth.AuthError(
       fireauth.authenum.Error.INVALID_EMAIL);
   asyncTestCase.waitForSignals(1);
-  rpcHandler.updateEmail('ID_TOKEN', 'newuser@exam')
+  rpcHandler.updateEmail('ID_TOKEN', 'newuser.invalid')
       .thenCatch(function(error) {
         fireauth.common.testHelper.assertErrorEquals(expectedError, error);
         asyncTestCase.signal();
@@ -6000,7 +6000,7 @@ function testEmailLinkSignInForLinking_invalidEmailError() {
   asyncTestCase.waitForSignals(1);
   // Test when request is invalid.
   rpcHandler.emailLinkSignInForLinking(
-      'ID_TOKEN', 'user@invalid', 'OTP_CODE')
+      'ID_TOKEN', 'user.invalid', 'OTP_CODE')
       .thenCatch(function(error) {
         fireauth.common.testHelper.assertErrorEquals(
             new fireauth.AuthError(fireauth.authenum.Error.INVALID_EMAIL),

packages/auth/test/utils_test.js

@@ -482,6 +482,22 @@ function testMatchDomain_dotsInPatternEscaped() {
 }
 
 
+function testIsValidEmailAddress() {
+  assertTrue(fireauth.util.isValidEmailAddress('[email protected]'));
+  assertTrue(fireauth.util.isValidEmailAddress('abc@def'));
+  // International email addresses.
+  assertTrue(fireauth.util.isValidEmailAddress('Pelé@example.com'));
+  assertTrue(fireauth.util.isValidEmailAddress('我買@屋企.香港'));
+  // Invalid email addresses.
+  assertFalse(fireauth.util.isValidEmailAddress('abcdef'));
+  assertFalse(fireauth.util.isValidEmailAddress('abc.def'));
+  // Non-string.
+  assertFalse(fireauth.util.isValidEmailAddress(123));
+  assertFalse(fireauth.util.isValidEmailAddress(null));
+  assertFalse(fireauth.util.isValidEmailAddress(undefined));
+}
+
+
 function testOnDomReady() {
   return installAndRunTest('onDomReady', function() {
     // Should resolve immediately.