Merge branch 'master' into mila/BloomFilter

Author: milaGGL

.changeset/eleven-cycles-hang.md

@@ -0,0 +1,5 @@
+---
+"@firebase/storage": patch
+---
+
+Fixed issue where pause throws an error when a request is in flight.

.changeset/heavy-mirrors-drum.md

@@ -0,0 +1,5 @@
+---
+'@firebase/auth-interop-types': patch
+---
+
+Remove unused peerDependencies.

.changeset/pretty-carrots-kneel.md

@@ -0,0 +1,5 @@
+---
+'@firebase/database': patch
+---
+
+Replace `innerHTML` call with `textContent`.

.changeset/tricky-ravens-stare.md

@@ -0,0 +1,5 @@
+---
+'@firebase/auth': patch
+---
+
+Fix to minimize a potential race condition between auth init and signInWithRedirect

.github/workflows/merge-release-branch.yml

@@ -18,7 +18,7 @@ jobs:
         run: |
           export VERSION_SCRIPT="const pkg = require('./packages/firebase/package.json'); console.log(pkg.version);"
           export VERSION=`node -e "${VERSION_SCRIPT}"`
-          echo "::set-output name=RELEASE_VERSION::$VERSION"
+          echo "RELEASE_VERSION=$VERSION" >> $GITHUB_OUTPUT
       - name: Echo version in shell
         run: |
           echo "Merging release ${{ steps.get-version.outputs.RELEASE_VERSION }}"

.github/workflows/release-prod.yml

@@ -95,7 +95,7 @@ jobs:
       run: |
         VERSION_SCRIPT="const pkg = require('./packages/firebase/package.json'); console.log(pkg.version);"
         VERSION=`node -e "${VERSION_SCRIPT}"`
-        echo "::set-output name=BASE_VERSION::$VERSION"
+        echo "BASE_VERSION=$VERSION" >> $GITHUB_OUTPUT
     - name: Echo version in shell
       run: |
         echo "Base version: ${{ steps.get-version.outputs.BASE_VERSION }}"

.github/workflows/release-staging.yml

@@ -114,9 +114,9 @@ jobs:
       run: |
         VERSION_SCRIPT="const pkg = require('./packages/firebase/package.json'); console.log(pkg.version);"
         VERSION=`node -e "${VERSION_SCRIPT}"`
-        echo "::set-output name=STAGING_VERSION::$VERSION"
+        echo "STAGING_VERSION=$VERSION" >> $GITHUB_OUTPUT
         BASE_VERSION=$(echo $VERSION | cut -d "-" -f 1)
-        echo "::set-output name=BASE_VERSION::$BASE_VERSION"
+        echo "BASE_VERSION=$BASE_VERSION" >> $GITHUB_OUTPUT
     - name: Echo versions in shell
       run: |
         echo "Staging release ${{ steps.get-version.outputs.STAGING_VERSION }}"

packages/auth-interop-types/package.json

@@ -11,10 +11,6 @@
   "files": [
     "index.d.ts"
   ],
-  "peerDependencies": {
-    "@firebase/app-types": "0.x",
-    "@firebase/util": "1.x"
-  },
   "repository": {
     "directory": "packages/auth-types",
     "type": "git",

packages/auth/demo/src/index.js

@@ -1812,6 +1812,27 @@ function initApp() {
   },
   onAuthError);
 
+  // Try sign in with redirect once upon page load, not on subsequent loads.
+  // This will demonstrate the behavior when signInWithRedirect is called before
+  // auth is fully initialized. This will fail on firebase/auth versions 0.21.0 and lower
+  // due to https://github.com/firebase/firebase-js-sdk/issues/6827
+  /*
+  if (sessionStorage.getItem('redirect-race-test') !== 'done') {
+    console.log('Starting redirect sign in upon page load.');
+    try {
+      sessionStorage.setItem('redirect-race-test', 'done');
+      signInWithRedirect(
+        auth,
+        new GoogleAuthProvider(),
+        browserPopupRedirectResolver
+      ).catch(onAuthError);
+    } catch (error) {
+      console.log('Error while calling signInWithRedirect');
+      console.error(error);
+    }
+  }
+  */
+
   // Bootstrap tooltips.
   $('[data-toggle="tooltip"]').tooltip();
 

packages/auth/src/platform_browser/strategies/redirect.test.ts

@@ -122,6 +122,37 @@ describe('platform_browser/strategies/redirect', () => {
         'auth/argument-error'
       );
     });
+
+    it('awaits on the auth initialization promise before opening redirect', async () => {
+      // Obtain an auth instance which does not await on the initialization promise.
+      const authWithoutAwait: TestAuth = await testAuth(
+        resolver,
+        undefined,
+        true
+      );
+      // completeRedirectFn calls getRedirectResult under the hood.
+      const getRedirectResultSpy = sinon.spy(
+        _getInstance<PopupRedirectResolverInternal>(resolver),
+        '_completeRedirectFn'
+      );
+      const openRedirectSpy = sinon.spy(
+        _getInstance<PopupRedirectResolverInternal>(resolver),
+        '_openRedirect'
+      );
+      await signInWithRedirect(authWithoutAwait, provider);
+      expect(getRedirectResultSpy).to.have.been.called;
+      expect(getRedirectResultSpy).to.have.been.calledBefore(openRedirectSpy);
+      expect(getRedirectResultSpy).to.have.been.calledWith(
+        authWithoutAwait,
+        resolver,
+        true
+      );
+      expect(openRedirectSpy).to.have.been.calledWith(
+        authWithoutAwait,
+        provider,
+        AuthEventType.SIGN_IN_VIA_REDIRECT
+      );
+    });
   });
 
   context('linkWithRedirect', () => {
@@ -159,6 +190,39 @@ describe('platform_browser/strategies/redirect', () => {
       );
     });
 
+    it('awaits on the auth initialization promise before opening redirect', async () => {
+      // Obtain an auth instance which does not await on the initialization promise.
+      const authWithoutAwait: TestAuth = await testAuth(
+        resolver,
+        undefined,
+        true
+      );
+      user = testUser(authWithoutAwait, 'uid', 'email', true);
+      // completeRedirectFn calls getRedirectResult under the hood.
+      const getRedirectResultSpy = sinon.spy(
+        _getInstance<PopupRedirectResolverInternal>(resolver),
+        '_completeRedirectFn'
+      );
+      const openRedirectSpy = sinon.spy(
+        _getInstance<PopupRedirectResolverInternal>(resolver),
+        '_openRedirect'
+      );
+      await authWithoutAwait._updateCurrentUser(user);
+      await linkWithRedirect(user, provider, resolver);
+      expect(getRedirectResultSpy).to.have.been.called;
+      expect(getRedirectResultSpy).to.have.been.calledBefore(openRedirectSpy);
+      expect(getRedirectResultSpy).to.have.been.calledWith(
+        authWithoutAwait,
+        resolver,
+        true
+      );
+      expect(openRedirectSpy).to.have.been.calledWith(
+        authWithoutAwait,
+        provider,
+        AuthEventType.LINK_VIA_REDIRECT
+      );
+    });
+
     it('errors if no resolver available', async () => {
       auth._popupRedirectResolver = null;
       await expect(linkWithRedirect(user, provider)).to.be.rejectedWith(
@@ -236,6 +300,40 @@ describe('platform_browser/strategies/redirect', () => {
       );
     });
 
+    it('awaits on the auth initialization promise before opening redirect', async () => {
+      // Obtain an auth instance which does not await on the initialization promise.
+      const authWithoutAwait: TestAuth = await testAuth(
+        resolver,
+        undefined,
+        true
+      );
+      user = testUser(authWithoutAwait, 'uid', 'email', true);
+      // completeRedirectFn calls getRedirectResult under the hood.
+      const getRedirectResultSpy = sinon.spy(
+        _getInstance<PopupRedirectResolverInternal>(resolver),
+        '_completeRedirectFn'
+      );
+      const openRedirectSpy = sinon.spy(
+        _getInstance<PopupRedirectResolverInternal>(resolver),
+        '_openRedirect'
+      );
+      await authWithoutAwait._updateCurrentUser(user);
+      await signInWithRedirect(authWithoutAwait, provider);
+      await reauthenticateWithRedirect(user, provider);
+      expect(getRedirectResultSpy).to.have.been.called;
+      expect(getRedirectResultSpy).to.have.been.calledBefore(openRedirectSpy);
+      expect(getRedirectResultSpy).to.have.been.calledWith(
+        authWithoutAwait,
+        resolver,
+        true
+      );
+      expect(openRedirectSpy).to.have.been.calledWith(
+        authWithoutAwait,
+        provider,
+        AuthEventType.REAUTH_VIA_REDIRECT
+      );
+    });
+
     it('errors if no resolver available', async () => {
       auth._popupRedirectResolver = null;
       await expect(

packages/auth/src/platform_browser/strategies/redirect.ts

@@ -42,6 +42,7 @@ import { getModularInstance } from '@firebase/util';
  *
  * @remarks
  * To handle the results and errors for this operation, refer to {@link getRedirectResult}.
+ * Follow the [best practices](https://firebase.google.com/docs/auth/web/redirect-best-practices) when using {@link signInWithRedirect}.
  *
  * @example
  * ```javascript
@@ -91,6 +92,10 @@ export async function _signInWithRedirect(
 ): Promise<void | never> {
   const authInternal = _castAuth(auth);
   _assertInstanceOf(auth, provider, FederatedAuthProvider);
+  // Wait for auth initialization to complete, this will process pending redirects and clear the
+  // PENDING_REDIRECT_KEY in persistence. This should be completed before starting a new
+  // redirect and creating a PENDING_REDIRECT_KEY entry.
+  await authInternal._initializationPromise;
   const resolverInternal = _withDefaultResolver(authInternal, resolver);
   await _setPendingRedirectStatus(resolverInternal, authInternal);
 
@@ -103,6 +108,9 @@ export async function _signInWithRedirect(
 
 /**
  * Reauthenticates the current user with the specified {@link OAuthProvider} using a full-page redirect flow.
+ * @remarks
+ * To handle the results and errors for this operation, refer to {@link getRedirectResult}.
+ * Follow the [best practices](https://firebase.google.com/docs/auth/web/redirect-best-practices) when using {@link reauthenticateWithRedirect}.
  *
  * @example
  * ```javascript
@@ -113,8 +121,8 @@ export async function _signInWithRedirect(
  *
  * // After returning from the redirect when your app initializes you can obtain the result
  * const result = await getRedirectResult(auth);
- * // Link using a redirect.
- * await linkWithRedirect(result.user, provider);
+ * // Reauthenticate using a redirect.
+ * await reauthenticateWithRedirect(result.user, provider);
  * // This will again trigger a full page redirect away from your app
  *
  * // After returning from the redirect when your app initializes you can obtain the result
@@ -147,6 +155,10 @@ export async function _reauthenticateWithRedirect(
 ): Promise<void | never> {
   const userInternal = getModularInstance(user) as UserInternal;
   _assertInstanceOf(userInternal.auth, provider, FederatedAuthProvider);
+  // Wait for auth initialization to complete, this will process pending redirects and clear the
+  // PENDING_REDIRECT_KEY in persistence. This should be completed before starting a new
+  // redirect and creating a PENDING_REDIRECT_KEY entry.
+  await userInternal.auth._initializationPromise;
   // Allow the resolver to error before persisting the redirect user
   const resolverInternal = _withDefaultResolver(userInternal.auth, resolver);
   await _setPendingRedirectStatus(resolverInternal, userInternal.auth);
@@ -162,6 +174,9 @@ export async function _reauthenticateWithRedirect(
 
 /**
  * Links the {@link OAuthProvider} to the user account using a full-page redirect flow.
+ * @remarks
+ * To handle the results and errors for this operation, refer to {@link getRedirectResult}.
+ * Follow the [best practices](https://firebase.google.com/docs/auth/web/redirect-best-practices) when using {@link linkWithRedirect}.
  *
  * @example
  * ```javascript
@@ -199,6 +214,10 @@ export async function _linkWithRedirect(
 ): Promise<void | never> {
   const userInternal = getModularInstance(user) as UserInternal;
   _assertInstanceOf(userInternal.auth, provider, FederatedAuthProvider);
+  // Wait for auth initialization to complete, this will process pending redirects and clear the
+  // PENDING_REDIRECT_KEY in persistence. This should be completed before starting a new
+  // redirect and creating a PENDING_REDIRECT_KEY entry.
+  await userInternal.auth._initializationPromise;
   // Allow the resolver to error before persisting the redirect user
   const resolverInternal = _withDefaultResolver(userInternal.auth, resolver);
   await _assertLinkedStatus(false, userInternal, provider.providerId);

packages/auth/test/helpers/mock_auth.ts

@@ -71,7 +71,8 @@ export class MockPersistenceLayer extends InMemoryPersistence {
 
 export async function testAuth(
   popupRedirectResolver?: PopupRedirectResolver,
-  persistence = new MockPersistenceLayer()
+  persistence = new MockPersistenceLayer(),
+  skipAwaitOnInit?: boolean
 ): Promise<TestAuth> {
   const auth: TestAuth = new AuthImpl(
     FAKE_APP,
@@ -88,7 +89,13 @@ export async function testAuth(
   ) as TestAuth;
   auth._updateErrorMap(debugErrorMap);
 
-  await auth._initializeWithPersistence([persistence], popupRedirectResolver);
+  if (skipAwaitOnInit) {
+    // This is used to verify scenarios where auth flows (like signInWithRedirect) are invoked before auth is fully initialized.
+    // eslint-disable-next-line @typescript-eslint/no-floating-promises
+    auth._initializeWithPersistence([persistence], popupRedirectResolver);
+  } else {
+    await auth._initializeWithPersistence([persistence], popupRedirectResolver);
+  }
   auth.persistenceLayer = persistence;
   auth.settings.appVerificationDisabledForTesting = true;
   return auth;

packages/database/src/realtime/BrowserPollConnection.ts

@@ -547,8 +547,8 @@ export class FirebaseIFrameScriptHolder {
     if (this.myIFrame) {
       //We have to actually remove all of the html inside this iframe before removing it from the
       //window, or IE will continue loading and executing the script tags we've already added, which
-      //can lead to some errors being thrown. Setting innerHTML seems to be the easiest way to do this.
-      this.myIFrame.doc.body.innerHTML = '';
+      //can lead to some errors being thrown. Setting textContent seems to be the safest way to do this.
+      this.myIFrame.doc.body.textContent = '';
       setTimeout(() => {
         if (this.myIFrame !== null) {
           document.body.removeChild(this.myIFrame);

packages/storage/src/implementation/request.ts

@@ -120,9 +120,9 @@ class NetworkRequest<I extends ConnectionType, O> implements Request<O> {
           const hitServer = connection.getErrorCode() === ErrorCode.NO_ERROR;
           const status = connection.getStatus();
           if (
-            (!hitServer ||
-              isRetryStatusCode(status, this.additionalRetryCodes_)) &&
-            this.retry
+            !hitServer ||
+            (isRetryStatusCode(status, this.additionalRetryCodes_) &&
+              this.retry)
           ) {
             const wasCanceled = connection.getErrorCode() === ErrorCode.ABORT;
             backoffCallback(

packages/storage/test/integration/integration.test.ts

@@ -36,6 +36,7 @@ import {
 import { use, expect } from 'chai';
 import chaiAsPromised from 'chai-as-promised';
 import * as types from '../../src/public-types';
+import { Deferred } from '@firebase/util';
 
 use(chaiAsPromised);
 
@@ -187,4 +188,32 @@ describe('FirebaseStorage Exp', () => {
     expect(listResult.items.map(v => v.name)).to.have.members(['a', 'b']);
     expect(listResult.prefixes.map(v => v.name)).to.have.members(['c']);
   });
+
+  it('can pause uploads without an error', async () => {
+    const referenceA = ref(storage, 'public/exp-upload/a');
+    const bytesToUpload = new ArrayBuffer(1024 * 1024);
+    const task = uploadBytesResumable(referenceA, bytesToUpload);
+    const failureDeferred = new Deferred();
+    let hasPaused = false;
+    task.on(
+      'state_changed',
+      snapshot => {
+        if (snapshot.bytesTransferred > 0 && !hasPaused) {
+          task.pause();
+          hasPaused = true;
+        }
+      },
+      () => {
+        failureDeferred.reject('Failed to upload file');
+      }
+    );
+    await Promise.race([
+      failureDeferred.promise,
+      new Promise(resolve => setTimeout(resolve, 4000))
+    ]);
+    task.resume();
+    await task;
+    const bytes = await getBytes(referenceA);
+    expect(bytes).to.deep.eq(bytesToUpload);
+  });
 });

packages/storage/test/unit/connection.ts

@@ -117,7 +117,7 @@ export class TestingConnection implements Connection<string> {
 
   abort(): void {
     this.state = State.START;
-    this.errorCode = ErrorCode.NO_ERROR;
+    this.errorCode = ErrorCode.ABORT;
     this.resolve();
   }