Passwordless

packages/auth-types/index.d.ts

@@ -96,6 +96,7 @@ export interface ApplicationVerifier {
 
 export interface AuthCredential {
   providerId: string;
+  signInMethod: string;
 }
 
 export interface AuthProvider {
@@ -109,7 +110,10 @@ export interface ConfirmationResult {
 
 export class EmailAuthProvider extends EmailAuthProvider_Instance {
   static PROVIDER_ID: string;
+  static EMAIL_PASSWORD_SIGN_IN_METHOD: string;
+  static EMAIL_LINK_SIGN_IN_METHOD: string;
   static credential(email: string, password: string): AuthCredential;
+  static credentialWithLink(email: string, emailLink: string): AuthCredential;
 }
 export class EmailAuthProvider_Instance implements AuthProvider {
   providerId: string;
@@ -122,6 +126,7 @@ export interface Error {
 
 export class FacebookAuthProvider extends FacebookAuthProvider_Instance {
   static PROVIDER_ID: string;
+  static FACEBOOK_SIGN_IN_METHOD: string;
   static credential(token: string): AuthCredential;
 }
 export class FacebookAuthProvider_Instance implements AuthProvider {
@@ -132,6 +137,7 @@ export class FacebookAuthProvider_Instance implements AuthProvider {
 
 export class GithubAuthProvider extends GithubAuthProvider_Instance {
   static PROVIDER_ID: string;
+  static GITHUB_SIGN_IN_METHOD: string;
   static credential(token: string): AuthCredential;
 }
 export class GithubAuthProvider_Instance implements AuthProvider {
@@ -142,6 +148,7 @@ export class GithubAuthProvider_Instance implements AuthProvider {
 
 export class GoogleAuthProvider extends GoogleAuthProvider_Instance {
   static PROVIDER_ID: string;
+  static GOOGLE_SIGN_IN_METHOD: string;
   static credential(
     idToken?: string | null,
     accessToken?: string | null
@@ -162,6 +169,7 @@ export class OAuthProvider implements AuthProvider {
 
 export class PhoneAuthProvider extends PhoneAuthProvider_Instance {
   static PROVIDER_ID: string;
+  static PHONE_SIGN_IN_METHOD: string;
   static credential(
     verificationId: string,
     verificationCode: string
@@ -191,6 +199,7 @@ export class RecaptchaVerifier_Instance implements ApplicationVerifier {
 
 export class TwitterAuthProvider extends TwitterAuthProvider_Instance {
   static PROVIDER_ID: string;
+  static TWITTER_SIGN_IN_METHOD: string;
   static credential(token: string, secret: string): AuthCredential;
 }
 export class TwitterAuthProvider_Instance implements AuthProvider {
@@ -238,6 +247,8 @@ export class FirebaseAuth {
   ): Promise<any>;
   currentUser: User | null;
   fetchProvidersForEmail(email: string): Promise<any>;
+  fetchSignInMethodsForEmail(email: string): Promise<any>;
+  isSignInWithEmailLink(emailLink: string): boolean;
   getRedirectResult(): Promise<any>;
   languageCode: string | null;
   onAuthStateChanged(
@@ -250,6 +261,10 @@ export class FirebaseAuth {
     error?: (a: Error) => any,
     completed?: Unsubscribe
   ): Unsubscribe;
+  sendSignInLinkToEmail(
+    email: string,
+    actionCodeSettings: ActionCodeSettings
+  ): Promise<any>;
   sendPasswordResetEmail(
     email: string,
     actionCodeSettings?: ActionCodeSettings | null
@@ -266,6 +281,7 @@ export class FirebaseAuth {
     email: string,
     password: string
   ): Promise<any>;
+  signInWithEmailLink(email: string, emailLink: string): Promise<any>;
   signInWithPhoneNumber(
     phoneNumber: string,
     applicationVerifier: ApplicationVerifier

packages/auth/src/actioncodeinfo.js

@@ -41,12 +41,15 @@ fireauth.ActionCodeInfo = function(response) {
   var newEmail = response[fireauth.ActionCodeInfo.ServerFieldName.NEW_EMAIL];
   var operation =
       response[fireauth.ActionCodeInfo.ServerFieldName.REQUEST_TYPE];
-  if (!email || !operation) {
+  // Email could be empty only if the request type is EMAIL_SIGNIN.
+  if (!operation ||
+      (operation != fireauth.ActionCodeInfo.RequestType.EMAIL_SIGNIN &&
+      !email)) {
     // This is internal only.
     throw new Error('Invalid provider user info!');
   }
   data[fireauth.ActionCodeInfo.DataField.FROM_EMAIL] = newEmail || null;
-  data[fireauth.ActionCodeInfo.DataField.EMAIL] = email;
+  data[fireauth.ActionCodeInfo.DataField.EMAIL] = email || null;
   fireauth.object.setReadonlyProperty(
       this,
       fireauth.ActionCodeInfo.PropertyName.OPERATION,
@@ -58,6 +61,18 @@ fireauth.ActionCodeInfo = function(response) {
 };
 
 
+/**
+ * Firebase Auth Action Code Info requestType possible values.
+ * @enum {string}
+ */
+fireauth.ActionCodeInfo.RequestType = {
+  PASSWORD_RESET: 'PASSWORD_RESET',
+  RECOVER_EMAIL: 'RECOVER_EMAIL',
+  EMAIL_SIGNIN: 'EMAIL_SIGNIN',
+  VERIFY_EMAIL: 'VERIFY_EMAIL'
+};
+
+
 /**
  * The checkActionCode endpoint server response field names.
  * @enum {string}

packages/auth/src/actioncodesettings.js

@@ -142,13 +142,6 @@ fireauth.ActionCodeSettings.prototype.initialize_ = function(settingsObj) {
   }
   /** @private {boolean} Whether the code can be handled in app. */
   this.canHandleCodeInApp_ = !!canHandleCodeInApp;
-  // canHandleCodeInApp can't be true when no mobile application is provided.
-  if (this.canHandleCodeInApp_ && !this.ibi_ && !this.apn_) {
-    throw new fireauth.AuthError(
-        fireauth.authenum.Error.ARGUMENT_ERROR,
-        fireauth.ActionCodeSettings.RawField.HANDLE_CODE_IN_APP +
-        ' property can\'t be true when no mobile application is provided.');
-  }
 };
 
 
@@ -227,3 +220,12 @@ fireauth.ActionCodeSettings.prototype.buildRequest = function() {
   }
   return request;
 };
+
+
+/**
+ * Returns the canHandleCodeInApp setting of ActionCodeSettings.
+ * @return {boolean} Whether the code can be handled in app.
+ */
+fireauth.ActionCodeSettings.prototype.canHandleCodeInApp = function() {
+  return this.canHandleCodeInApp_;
+};

packages/auth/src/actioncodeurl.js

@@ -0,0 +1,92 @@
+/**
+ * Copyright 2017 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * @fileoverview Defines firebase.auth.ActionCodeUrl class which is the utility
+ * to parse action code URLs.
+ */
+
+goog.provide('fireauth.ActionCodeUrl');
+
+goog.require('goog.Uri');
+
+
+/**
+ * The utility class to help parse action code URLs used for out of band email
+ * flows such as password reset, email verification, email link sign in, etc.
+ * @param {string} actionCodeUrl The action code URL.
+ * @constructor
+ */
+fireauth.ActionCodeUrl = function(actionCodeUrl) {
+   /** @private {!goog.Uri} The action code URL components.*/
+  this.uri_ = goog.Uri.parse(actionCodeUrl);
+};
+
+
+/**
+ * Enums for fields in URL query string.
+ * @enum {string}
+ */
+fireauth.ActionCodeUrl.QueryField = {
+  API_KEY: 'apiKey',
+  CODE: 'oobCode',
+  MODE: 'mode'
+};
+
+
+/**
+ * Enums for action code modes.
+ * @enum {string}
+ */
+fireauth.ActionCodeUrl.Mode = {
+  RESET_PASSWORD: 'resetPassword',
+  REVOKE_EMAIL: 'recoverEmail',
+  SIGN_IN: 'signIn',
+  VERIFY_EMAIL: 'verifyEmail'
+};
+
+
+/**
+ * Returns the API key parameter of action code URL.
+ * @return {?string} The first API key value in action code URL or
+ *     undefined if apiKey does not appear in the URL.
+ */
+fireauth.ActionCodeUrl.prototype.getApiKey = function() {
+  return this.uri_.getParameterValue(
+      fireauth.ActionCodeUrl.QueryField.API_KEY) || null;
+};
+
+
+/**
+ * Returns the action code parameter of action code URL.
+ * @return {?string} The first oobCode value in action code URL or
+ *     undefined if oobCode does not appear in the URL.
+ */
+fireauth.ActionCodeUrl.prototype.getCode = function() {
+  return this.uri_.getParameterValue(
+      fireauth.ActionCodeUrl.QueryField.CODE) || null;
+};
+
+
+/**
+ * Returns the mode parameter of action code URL.
+ * @return {?string} The first mode value in action code URL or
+ *     undefined if mode does not appear in the URL.
+ */
+fireauth.ActionCodeUrl.prototype.getMode = function() {
+  return this.uri_.getParameterValue(
+      fireauth.ActionCodeUrl.QueryField.MODE) || null;
+};

packages/auth/src/auth.js

@@ -31,6 +31,7 @@ goog.require('fireauth.AuthEventManager');
 goog.require('fireauth.AuthProvider');
 goog.require('fireauth.AuthUser');
 goog.require('fireauth.ConfirmationResult');
+goog.require('fireauth.EmailAuthProvider');
 goog.require('fireauth.RpcHandler');
 goog.require('fireauth.UserEventType');
 goog.require('fireauth.authenum.Error');
@@ -1823,6 +1824,60 @@ fireauth.Auth.prototype.fetchProvidersForEmail = function(email) {
 };
 
 
+/**
+ * Gets the list of possible sign in methods for the given email address.
+ * @param {string} email The email address.
+ * @return {!goog.Promise<!Array<string>>}
+ */
+fireauth.Auth.prototype.fetchSignInMethodsForEmail = function(email) {
+  return /** @type {!goog.Promise<!Array<string>>} */ (
+      this.registerPendingPromise_(
+          this.getRpcHandler().fetchSignInMethodsForIdentifier(email)));
+};
+
+
+/**
+ * @param {string} emailLink The email link.
+ * @return {boolean} Whether the link is a sign in with email link.
+ */
+fireauth.Auth.prototype.isSignInWithEmailLink = function(emailLink) {
+  return  !!fireauth.EmailAuthProvider
+      .getActionCodeFromSignInEmailLink(emailLink);
+};
+
+
+/**
+ * Sends the sign-in with email link for the email account provided.
+ * @param {string} email The email account to sign in with.
+ * @param {!Object} actionCodeSettings The action code settings object.
+ * @return {!goog.Promise<void>}
+ */
+fireauth.Auth.prototype.sendSignInLinkToEmail = function(
+    email, actionCodeSettings) {
+  var self = this;
+  return this.registerPendingPromise_(
+      // Wrap in promise as ActionCodeSettings constructor could throw a
+      // synchronous error if invalid arguments are specified.
+      goog.Promise.resolve()
+          .then(function() {
+            var actionCodeSettingsBuilder =
+                new fireauth.ActionCodeSettings(actionCodeSettings);
+            if (!actionCodeSettingsBuilder.canHandleCodeInApp()) {
+              throw new fireauth.AuthError(
+                  fireauth.authenum.Error.ARGUMENT_ERROR,
+                  fireauth.ActionCodeSettings.RawField.HANDLE_CODE_IN_APP +
+                  ' must be true when sending sign in link to email');
+            }
+            return actionCodeSettingsBuilder.buildRequest();
+          }).then(function(additionalRequestData) {
+            return self.getRpcHandler().sendSignInLinkToEmail(
+                email, additionalRequestData);
+          }).then(function(email) {
+            // Do not return the email.
+          }));
+};
+
+
 /**
  * Verifies an email action code for password reset and returns a promise
  * that resolves with the associated email if verified.
@@ -1930,3 +1985,23 @@ fireauth.Auth.prototype.signInWithPhoneNumber =
           // This will wait for redirectStateIsReady to resolve first.
           goog.bind(this.signInAndRetrieveDataWithCredential, this))));
 };
+
+
+/**
+ * Signs in a Firebase User with the provided email and the passwordless
+ * sign-in email link.
+ * @param {string} email The email account to sign in with.
+ * @param {?string=} opt_link The optional link which contains the OTP needed
+ *     to complete the sign in with email link. If not specified, the current
+ *     URL is used instead.
+ * @return {!goog.Promise<!fireauth.AuthEventManager.Result>}
+ */
+fireauth.Auth.prototype.signInWithEmailLink = function(email, opt_link) {
+  var self = this;
+  return this.registerPendingPromise_(
+      goog.Promise.resolve().then(function() {
+        var credential = fireauth.EmailAuthProvider.credentialWithLink(
+            email, opt_link || fireauth.util.getCurrentUrl());
+        return self.signInAndRetrieveDataWithCredential(credential);
+      }));
+};