diff --git a/FirebaseAuth/Sources/Swift/Auth/Auth.swift b/FirebaseAuth/Sources/Swift/Auth/Auth.swift index 226d0ea3416..671ecec199d 100644 --- a/FirebaseAuth/Sources/Swift/Auth/Auth.swift +++ b/FirebaseAuth/Sources/Swift/Auth/Auth.swift @@ -1675,17 +1675,17 @@ extension Auth: AuthInterop { @available(iOS 15.0, macOS 12.0, tvOS 16.0, *) public func finalizePasskeySignIn(withPlatformCredential platformCredential: ASAuthorizationPlatformPublicKeyCredentialAssertion) async throws -> AuthDataResult { - let credentialID = platformCredential.credentialID.base64EncodedString() - let clientDataJSON = platformCredential.rawClientDataJSON.base64EncodedString() + let credentialId = platformCredential.credentialID.base64EncodedString() + let clientDataJson = platformCredential.rawClientDataJSON.base64EncodedString() let authenticatorData = platformCredential.rawAuthenticatorData.base64EncodedString() let signature = platformCredential.signature.base64EncodedString() - let userID = platformCredential.userID.base64EncodedString() + let userId = platformCredential.userID.base64EncodedString() let request = FinalizePasskeySignInRequest( - credentialID: credentialID, - clientDataJSON: clientDataJSON, + credentialID: credentialId, + clientDataJSON: clientDataJson, authenticatorData: authenticatorData, signature: signature, - userId: userID, + userId: userId, requestConfiguration: requestConfiguration ) let response = try await backend.call(with: request) diff --git a/FirebaseAuth/Sources/Swift/User/User.swift b/FirebaseAuth/Sources/Swift/User/User.swift index c2378fcad1c..75aa3939eeb 100644 --- a/FirebaseAuth/Sources/Swift/User/User.swift +++ b/FirebaseAuth/Sources/Swift/User/User.swift @@ -1122,15 +1122,15 @@ extension User: NSSecureCoding {} "Invalid platform credential: missing credentialID, clientDataJSON, or attestationObject."] ) } - let credentialID = platformCredential.credentialID.base64EncodedString() - let clientDataJSON = platformCredential.rawClientDataJSON.base64EncodedString() + let credentialId = platformCredential.credentialID.base64EncodedString() + let clientDataJson = platformCredential.rawClientDataJSON.base64EncodedString() let attestationObject = platformCredential.rawAttestationObject!.base64EncodedString() let request = FinalizePasskeyEnrollmentRequest( idToken: rawAccessToken(), name: passkeyName ?? defaultPasskeyName, - credentialID: credentialID, - clientDataJSON: clientDataJSON, + credentialID: credentialId, + clientDataJSON: clientDataJson, attestationObject: attestationObject, requestConfiguration: auth!.requestConfiguration ) diff --git a/FirebaseAuth/Tests/SampleSwift/AuthenticationExample/Models/AuthMenu.swift b/FirebaseAuth/Tests/SampleSwift/AuthenticationExample/Models/AuthMenu.swift index 5e9f8af3cf0..593b7c582f9 100644 --- a/FirebaseAuth/Tests/SampleSwift/AuthenticationExample/Models/AuthMenu.swift +++ b/FirebaseAuth/Tests/SampleSwift/AuthenticationExample/Models/AuthMenu.swift @@ -53,6 +53,10 @@ enum AuthMenu: String { case phoneEnroll case totpEnroll case multifactorUnenroll + case passkeySignUp + case passkeyEnroll + case passkeySignIn + case passkeyUnenroll // More intuitively named getter for `rawValue`. var id: String { rawValue } @@ -139,6 +143,15 @@ enum AuthMenu: String { return "TOTP Enroll" case .multifactorUnenroll: return "Multifactor unenroll" + // Passkey + case .passkeySignUp: + return "Sign Up with Passkey" + case .passkeyEnroll: + return "Enroll with Passkey" + case .passkeySignIn: + return "Sign In with Passkey" + case .passkeyUnenroll: + return "Unenroll Passkey" } } @@ -220,6 +233,14 @@ enum AuthMenu: String { self = .totpEnroll case "Multifactor unenroll": self = .multifactorUnenroll + case "Sign Up with Passkey": + self = .passkeySignUp + case "Enroll with Passkey": + self = .passkeyEnroll + case "Sign In with Passkey": + self = .passkeySignIn + case "Unenroll Passkey": + self = .passkeyUnenroll default: return nil } @@ -354,9 +375,20 @@ class AuthMenuData: DataSourceProvidable { return Section(headerDescription: header, items: items) } + static var passkeySection: Section { + let header = "Passkey" + let items: [Item] = [ + Item(title: AuthMenu.passkeySignUp.name), + Item(title: AuthMenu.passkeyEnroll.name), + Item(title: AuthMenu.passkeySignIn.name), + Item(title: AuthMenu.passkeyUnenroll.name), + ] + return Section(headerDescription: header, items: items) + } + static let sections: [Section] = [settingsSection, providerSection, emailPasswordSection, otherSection, recaptchaSection, - customAuthDomainSection, appSection, oobSection, multifactorSection] + customAuthDomainSection, appSection, oobSection, multifactorSection, passkeySection] static var authLinkSections: [Section] { let allItems = [providerSection, emailPasswordSection, otherSection].flatMap { $0.items } diff --git a/FirebaseAuth/Tests/SampleSwift/AuthenticationExample/Utility/Extensions.swift b/FirebaseAuth/Tests/SampleSwift/AuthenticationExample/Utility/Extensions.swift index 33aab86f922..4fa1503e0e0 100644 --- a/FirebaseAuth/Tests/SampleSwift/AuthenticationExample/Utility/Extensions.swift +++ b/FirebaseAuth/Tests/SampleSwift/AuthenticationExample/Utility/Extensions.swift @@ -33,6 +33,20 @@ extension User: DataSourceProvidable { return Section(headerDescription: "Info", items: items) } + private var passkeysSection: Section { + let passkeys = enrolledPasskeys ?? [] + guard !passkeys.isEmpty else { + return Section( + headerDescription: "Passkeys", + items: [Item(title: "None", detailTitle: "No passkeys enrolled")] + ) + } + let items: [Item] = passkeys.map { info in + Item(title: info.name, detailTitle: info.credentialID) + } + return Section(headerDescription: "Passkeys", items: items) + } + private var metaDataSection: Section { let metadataRows = [ Item(title: metadata.lastSignInDate?.description, detailTitle: "Last Sign-in Date"), @@ -62,7 +76,7 @@ extension User: DataSourceProvidable { } var sections: [Section] { - [infoSection, metaDataSection, otherSection, actionSection] + [infoSection, passkeysSection, metaDataSection, otherSection, actionSection] } } diff --git a/FirebaseAuth/Tests/SampleSwift/AuthenticationExample/ViewControllers/AuthViewController.swift b/FirebaseAuth/Tests/SampleSwift/AuthenticationExample/ViewControllers/AuthViewController.swift index 240346b6975..bb3fc378c91 100644 --- a/FirebaseAuth/Tests/SampleSwift/AuthenticationExample/ViewControllers/AuthViewController.swift +++ b/FirebaseAuth/Tests/SampleSwift/AuthenticationExample/ViewControllers/AuthViewController.swift @@ -191,6 +191,18 @@ class AuthViewController: UIViewController, DataSourceProviderDelegate { case .multifactorUnenroll: mfaUnenroll() + + case .passkeySignUp: + passkeySignUp() + + case .passkeyEnroll: + Task { await passkeyEnroll() } + + case .passkeySignIn: + Task { await passkeySignIn() } + + case .passkeyUnenroll: + Task { await passkeyUnenroll() } } } @@ -922,6 +934,87 @@ class AuthViewController: UIViewController, DataSourceProviderDelegate { } } + // MARK: - Passkey + + private func passkeySignUp() { + guard #available(iOS 16.0, macOS 12.0, tvOS 16.0, *) else { + print("OS version is not supported for this action.") + return + } + Task { + do { + _ = try await AppManager.shared.auth().signInAnonymously() + print("sign-in anonymously succeeded.") + if let uid = AppManager.shared.auth().currentUser?.uid { + print("User ID: \(uid)") + } + // Continue to enroll a passkey. + await passkeyEnroll() + } catch { + print("sign-in anonymously failed: \(error.localizedDescription)") + self.showAlert(for: "Anonymous Sign-In Failed") + } + } + } + + private func passkeyEnroll() async { + guard let user = AppManager.shared.auth().currentUser else { + showAlert(for: "Please sign in first.") + return + } + let passkeyName = await showTextInputPrompt(with: "Passkey name") + guard #available(iOS 16.0, macOS 12.0, tvOS 16.0, *) else { + showAlert(for: "Not Supported", message: "This OS version does not support passkeys.") + return + } + + do { + let request = try await user.startPasskeyEnrollment(withName: passkeyName) + let controller = ASAuthorizationController(authorizationRequests: [request]) + controller.delegate = self + controller.presentationContextProvider = self + controller.performRequests() + print("Started passkey enrollment (challenge created).") + } catch { + showAlert(for: "Passkey enrollment failed", message: error.localizedDescription) + print("startPasskeyEnrollment failed: \(error.localizedDescription)") + } + } + + private func passkeySignIn() async { + guard #available(iOS 16.0, macOS 12.0, tvOS 16.0, *) else { + print("OS version is not supported for this action.") + return + } + do { + let request = try await AppManager.shared.auth().startPasskeySignIn() + let controller = ASAuthorizationController(authorizationRequests: [request]) + controller.delegate = self + controller.presentationContextProvider = self + controller.performRequests() + print("Started passkey sign in (challenge created).") + } catch { + print("Passkey sign-in failed with error: \(error)") + } + } + + private func passkeyUnenroll() async { + guard let user = AppManager.shared.auth().currentUser else { + showAlert(for: "Please sign in first.") + return + } + guard let credentialId = await showTextInputPrompt(with: "Credential Id") else { + print("Passkey unenrollment cancelled: no credential id entered.") + return + } + do { + let _ = try await user.unenrollPasskey(withCredentialID: credentialId) + } catch { + showAlert(for: "Passkey unenrollment failed", message: error.localizedDescription) + print("unenrollPasskey failed: \(error.localizedDescription)") + } + } + // MARK: - Private Helpers private func showTextInputPrompt(with message: String, completion: ((String) -> Void)? = nil) { @@ -1027,6 +1120,43 @@ extension AuthViewController: ASAuthorizationControllerDelegate, func authorizationController(controller: ASAuthorizationController, didCompleteWithAuthorization authorization: ASAuthorization) { + if #available(iOS 16.0, macOS 12.0, tvOS 16.0, *), + let regCred = authorization.credential + as? ASAuthorizationPlatformPublicKeyCredentialRegistration { + Task { @MainActor [weak self] in + guard let self else { return } + do { + guard let user = AppManager.shared.auth().currentUser else { + self.showAlert(for: "Finalize failed", message: "No signed-in user.") + return + } + _ = try await user.finalizePasskeyEnrollment(withPlatformCredential: regCred) + self.showAlert(for: "Passkey Enrollment", message: "Succeeded") + print("Passkey Enrollment succeeded.") + } catch { + self.showAlert(for: "Passkey Enrollment failed", message: error.localizedDescription) + print("Finalize enrollment failed: \(error.localizedDescription)") + } + } + return + } + if let assertion = authorization + .credential as? ASAuthorizationPlatformPublicKeyCredentialAssertion { + Task { @MainActor [weak self] in + guard let self else { return } + do { + let _ = try await AppManager.shared.auth() + .finalizePasskeySignIn(withPlatformCredential: assertion) + self.showAlert(for: "Passkey Sign-In", message: "Succeeded") + print("Passkey sign-in succeeded.") + self.transitionToUserViewController() + } catch { + self.showAlert(for: "Passkey Sign-In failed", message: error.localizedDescription) + print("Finalize passkey sign-in failed: \(error.localizedDescription)") + } + } + return + } guard let appleIDCredential = authorization.credential as? ASAuthorizationAppleIDCredential else { print("Unable to retrieve AppleIDCredential") @@ -1074,10 +1204,10 @@ extension AuthViewController: ASAuthorizationControllerDelegate, func authorizationController(controller: ASAuthorizationController, didCompleteWithError error: any Error) { - // Ensure that you have: + print("Apple authorization failed: \(error)") + // for Sign In with Apple, ensure that you have: // - enabled `Sign in with Apple` on the Firebase console // - added the `Sign in with Apple` capability for this project - print("Sign in with Apple failed: \(error)") } // MARK: ASAuthorizationControllerPresentationContextProviding diff --git a/FirebaseAuth/Tests/SampleSwift/AuthenticationExampleUITests/AuthenticationExampleUITests.swift b/FirebaseAuth/Tests/SampleSwift/AuthenticationExampleUITests/AuthenticationExampleUITests.swift index d7c893d20c8..c22286cf996 100644 --- a/FirebaseAuth/Tests/SampleSwift/AuthenticationExampleUITests/AuthenticationExampleUITests.swift +++ b/FirebaseAuth/Tests/SampleSwift/AuthenticationExampleUITests/AuthenticationExampleUITests.swift @@ -309,6 +309,40 @@ class AuthenticationExampleUITests: XCTestCase { ) } + #if os(iOS) || os(tvOS) || os(macOS) + @available(iOS 15.0, macOS 12.0, tvOS 16.0, *) + func testPasskeyList() { + signOut() + let testEmail = "sample.ios.auth@gmail.com" + let testPassword = "sample.ios.auth" + let testPasskeyName = "sampleiosauth" + app.staticTexts["Email & Password Login"].tap() + app.textFields["Email"].tap() + app.textFields["Email"].typeText(testEmail) + app.textFields["Password"].tap() + app.textFields["Password"].typeText(testPassword) + app.buttons["Login"].tap() + wait(forElement: app.navigationBars["User"], timeout: 5.0) + XCTAssertTrue(app.navigationBars["User"].exists) + XCTAssertTrue( + app.staticTexts[testEmail].exists, + "The user should be signed in and the email field should display their email." + ) + let userTable = app.tables.firstMatch + XCTAssertTrue(userTable.waitForExistence(timeout: 5.0), "User detail list should exist") + let passkeyLabel = userTable.staticTexts[testPasskeyName] + if !passkeyLabel.exists { + for _ in 0 ..< 5 where !passkeyLabel.exists { + userTable.swipeUp() + } + } + XCTAssertTrue( + passkeyLabel.waitForExistence(timeout: 5.0), + "Passkey named '\(testPasskeyName)' should be visible in the Passkeys section." + ) + } + #endif + // MARK: - Private Helpers private func signOut() { diff --git a/FirebaseAuth/Tests/SampleSwift/SwiftApiTests/PasskeyTests.swift b/FirebaseAuth/Tests/SampleSwift/SwiftApiTests/PasskeyTests.swift new file mode 100644 index 00000000000..6106e48d852 --- /dev/null +++ b/FirebaseAuth/Tests/SampleSwift/SwiftApiTests/PasskeyTests.swift @@ -0,0 +1,235 @@ +/* + * Copyright 2025 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#if os(iOS) || os(tvOS) || os(macOS) + + import AuthenticationServices + @testable import FirebaseAuth + import Foundation + import XCTest + + @available(iOS 15.0, macOS 12.0, tvOS 16.0, *) + class PasskeyTests: TestsBase { + @available(iOS 15.0, macOS 12.0, tvOS 16.0, *) + func testStartPasskeyEnrollmentResponseSuccess() async throws { + try await signInAnonymouslyAsync() + guard let user = Auth.auth().currentUser else { + XCTFail("Expected a signed-in user") + return + } + try? await user.reload() + let request = try await user.startPasskeyEnrollment(withName: "Test1Passkey") + XCTAssertFalse(request.relyingPartyIdentifier.isEmpty, "rpID should be non-empty") + XCTAssertFalse(request.challenge.isEmpty, "challenge should be non-empty") + XCTAssertNotNil(request.userID, "userID should be present") + XCTAssertNotNil(request as ASAuthorizationPlatformPublicKeyCredentialRegistrationRequest) + try? await deleteCurrentUserAsync() + } + + @available(iOS 15.0, macOS 12.0, tvOS 16.0, *) + func testStartPasskeyEnrollmentFailureWithInvalidToken() async throws { + try await signInAnonymouslyAsync() + guard let user = Auth.auth().currentUser else { + XCTFail("Expected a signed-in user") + return + } + let config = user.requestConfiguration + let token = "invalidToken" + let badRequest = StartPasskeyEnrollmentRequest(idToken: token, requestConfiguration: config) + do { + _ = try await user.backend.call(with: badRequest) + XCTFail("Expected .invalidUserToken") + } catch { + let ns = error as NSError + if let code = AuthErrorCode(rawValue: ns.code) { + XCTAssertEqual(code, .invalidUserToken, "Expected .invalidUserToken, got \(code)") + } else { + XCTFail("Unexpected error: \(error)") + } + let message = (ns.userInfo[NSLocalizedDescriptionKey] as? String ?? "").uppercased() + XCTAssertTrue( + message + .contains( + "THIS USER'S CREDENTIAL ISN'T VALID FOR THIS PROJECT. THIS CAN HAPPEN IF THE USER'S TOKEN HAS BEEN TAMPERED WITH, OR IF THE USER DOESN’T BELONG TO THE PROJECT ASSOCIATED WITH THE API KEY USED IN YOUR REQUEST." + ), + "Expected invalidUserToken, got: \(message)" + ) + } + } + + @available(iOS 15.0, macOS 12.0, tvOS 16.0, *) + func testFinalizePasskeyEnrollmentFailureWithInvalidToken() async throws { + try await signInAnonymouslyAsync() + guard let user = Auth.auth().currentUser else { + XCTFail("Expected a signed-in user") + return + } + let badRequest = FinalizePasskeyEnrollmentRequest( + idToken: "invalidToken", + name: "fakeName", + credentialID: "fakeCredentialId".data(using: .utf8)!.base64EncodedString(), + clientDataJSON: "fakeClientData".data(using: .utf8)!.base64EncodedString(), + attestationObject: "fakeAttestion".data(using: .utf8)!.base64EncodedString(), + requestConfiguration: user.requestConfiguration + ) + do { + _ = try await user.backend.call(with: badRequest) + XCTFail("Expected invalid_user_token") + } catch { + let ns = error as NSError + if let code = AuthErrorCode(rawValue: ns.code) { + XCTAssertEqual(code, .invalidUserToken, "Expected .invalidUserToken, got \(code)") + } + let message = (ns.userInfo[NSLocalizedDescriptionKey] as? String ?? "").uppercased() + XCTAssertTrue( + message + .contains( + "THIS USER'S CREDENTIAL ISN'T VALID FOR THIS PROJECT. THIS CAN HAPPEN IF THE USER'S TOKEN HAS BEEN TAMPERED WITH, OR IF THE USER DOESN’T BELONG TO THE PROJECT ASSOCIATED WITH THE API KEY USED IN YOUR REQUEST." + ), + "Expected invalidUserToken, got: \(message)" + ) + } + try? await deleteCurrentUserAsync() + } + + @available(iOS 15.0, macOS 12.0, tvOS 16.0, *) + func testFinalizePasskeyEnrollmentFailureWithoutAttestation() async throws { + try await signInAnonymouslyAsync() + guard let user = Auth.auth().currentUser else { + XCTFail("Expected a signed-in user") + return + } + try? await user.reload() + let token = user.rawAccessToken() + let badRequest = FinalizePasskeyEnrollmentRequest( + idToken: token, + name: "fakeName", + credentialID: "fakeCredentialId".data(using: .utf8)!.base64EncodedString(), + clientDataJSON: "fakeClientData".data(using: .utf8)!.base64EncodedString(), + attestationObject: "fakeAttestion".data(using: .utf8)!.base64EncodedString(), + requestConfiguration: user.requestConfiguration + ) + do { + _ = try await user.backend.call(with: badRequest) + XCTFail("Expected invalid_authenticator_response") + } catch { + let ns = error as NSError + if let code = AuthErrorCode(rawValue: ns.code) { + XCTAssertEqual(code, .invalidAuthenticatorResponse, + "Expected .invalidAuthenticatorResponse, got \(code)") + } + let message = (ns.userInfo[NSLocalizedDescriptionKey] as? String ?? "").uppercased() + XCTAssertTrue( + message + .contains( + "DURING PASSKEY ENROLLMENT AND SIGN IN, THE AUTHENTICATOR RESPONSE IS NOT PARSEABLE, MISSING REQUIRED FIELDS, OR CERTAIN FIELDS ARE INVALID VALUES THAT COMPROMISE THE SECURITY OF THE SIGN-IN OR ENROLLMENT." + ), + "Expected INVALID_AUTHENTICATOR_RESPONSE, got: \(message)" + ) + } + try? await deleteCurrentUserAsync() + } + + @available(iOS 15.0, macOS 12.0, tvOS 16.0, *) + func testStartPasskeySignInSuccess() async throws { + let assertionRequest = try await Auth.auth().startPasskeySignIn() + XCTAssertFalse(assertionRequest.relyingPartyIdentifier.isEmpty, + "rpID should be non-empty") + XCTAssertFalse(assertionRequest.challenge.isEmpty, + "challenge should be non-empty") + XCTAssertNotNil( + assertionRequest as ASAuthorizationPlatformPublicKeyCredentialAssertionRequest + ) + } + + @available(iOS 15.0, macOS 12.0, tvOS 16.0, *) + func testFinalizePasskeySignInFailureInvalidAttestation() async throws { + let auth = Auth.auth() + let config = auth.requestConfiguration + let badRequest = FinalizePasskeySignInRequest( + credentialID: "fakeCredentialId".data(using: .utf8)!.base64EncodedString(), + clientDataJSON: "fakeClientData".data(using: .utf8)!.base64EncodedString(), + authenticatorData: "fakeAuthenticatorData".data(using: .utf8)!.base64EncodedString(), + signature: "fakeSignature".data(using: .utf8)!.base64EncodedString(), + userId: "fakeUID".data(using: .utf8)!.base64EncodedString(), + requestConfiguration: config + ) + do { + _ = try await auth.backend.call(with: badRequest) + } catch { + let ns = error as NSError + if let code = AuthErrorCode(rawValue: ns.code) { + XCTAssertEqual(code, .userNotFound) + } + } + } + + @available(iOS 15.0, macOS 12.0, tvOS 16.0, *) + func testFinalizePasskeySignInFailureIncorrectAttestation() async throws { + let auth = Auth.auth() + let config = auth.requestConfiguration + let badRequest = FinalizePasskeySignInRequest( + credentialID: "", + clientDataJSON: "", + authenticatorData: "", + signature: "", + userId: "", + requestConfiguration: config + ) + do { + _ = try await auth.backend.call(with: badRequest) + } catch { + let ns = error as NSError + if let code = AuthErrorCode(rawValue: ns.code) { + XCTAssertEqual(code, .userNotFound) + } + } + } + + @available(iOS 15.0, macOS 12.0, tvOS 16.0, *) + func testUnenrollPasskeyFailure() async throws { + let testEmail = "sample.ios.auth@gmail.com" + let testPassword = "sample.ios.auth" + let testCredentialId = "FCBopZ3mzjfPNXqWXXjAM/ZnnlQ=" + let auth = Auth.auth() + try await auth.signIn(withEmail: testEmail, password: testPassword) + guard let user = Auth.auth().currentUser else { + XCTFail("Expected a signed-in user") + return + } + try? await user.reload() + do { + let _ = try await user.unenrollPasskey(withCredentialID: testCredentialId) + XCTFail("Expected invalid passkey error") + } catch { + let ns = error as NSError + if let code = AuthErrorCode(rawValue: ns.code) { + XCTAssertEqual(code, .missingPasskeyEnrollment, + "Expected .missingPasskeyEnrollment, got \(code)") + } + let message = (ns.userInfo[NSLocalizedDescriptionKey] as? String ?? "").uppercased() + XCTAssertTrue( + message + .contains( + "CANNOT FIND THE PASSKEY LINKED TO THE CURRENT ACCOUNT" + ), + "Expected Missing Passkey Enrollment error, got: \(message)" + ) + } + } + } + +#endif diff --git a/FirebaseAuth/Tests/Unit/GetAccountInfoTests.swift b/FirebaseAuth/Tests/Unit/GetAccountInfoTests.swift index 46390ab8b89..d7f77c7c1f8 100644 --- a/FirebaseAuth/Tests/Unit/GetAccountInfoTests.swift +++ b/FirebaseAuth/Tests/Unit/GetAccountInfoTests.swift @@ -60,113 +60,116 @@ class GetAccountInfoTests: RPCBaseTests { ) } - /** @fn testSuccessfulGetAccountInfoResponse - @brief This test simulates a successful @c GetAccountInfo flow. - */ - func testSuccessfulGetAccountInfoResponse() async throws { - let kProviderUserInfoKey = "providerUserInfo" - let kPhotoUrlKey = "photoUrl" - let kTestPhotoURL = "testPhotoURL" - let kProviderIDkey = "providerId" - let kDisplayNameKey = "displayName" - let kTestDisplayName = "DisplayName" - let kFederatedIDKey = "federatedId" - let kTestFederatedID = "testFederatedId" - let kEmailKey = "email" - let kTestEmail = "testEmail" - let kPasswordHashKey = "passwordHash" - let kTestPasswordHash = "testPasswordHash" - let kTestProviderID = "testProviderID" - let kEmailVerifiedKey = "emailVerified" - let kLocalIDKey = "localId" - let kTestLocalID = "testLocalId" - let kPasskeysKey = "passkeyInfo" + #if os(iOS) || os(tvOS) || os(macOS) + + /** @fn testSuccessfulGetAccountInfoResponse + @brief This test simulates a successful @c GetAccountInfo flow. + */ + func testSuccessfulGetAccountInfoResponse() async throws { + let kProviderUserInfoKey = "providerUserInfo" + let kPhotoUrlKey = "photoUrl" + let kTestPhotoURL = "testPhotoURL" + let kProviderIDkey = "providerId" + let kDisplayNameKey = "displayName" + let kTestDisplayName = "DisplayName" + let kFederatedIDKey = "federatedId" + let kTestFederatedID = "testFederatedId" + let kEmailKey = "email" + let kTestEmail = "testEmail" + let kPasswordHashKey = "passwordHash" + let kTestPasswordHash = "testPasswordHash" + let kTestProviderID = "testProviderID" + let kEmailVerifiedKey = "emailVerified" + let kLocalIDKey = "localId" + let kTestLocalID = "testLocalId" + let kPasskeysKey = "passkeyInfo" - // Fake PasskeyInfo - let testCredentialId = "credential_id" - let testPasskeyName = "testPasskey" - let passkeys = [[ - "credentialId": testCredentialId, - "name": testPasskeyName, - ]] + // Fake PasskeyInfo + let testCredentialId = "credential_id" + let testPasskeyName = "testPasskey" + let passkeys = [[ + "credentialId": testCredentialId, + "name": testPasskeyName, + ]] - let usersIn = [[ - kProviderUserInfoKey: [[ - kProviderIDkey: kTestProviderID, + let usersIn = [[ + kProviderUserInfoKey: [[ + kProviderIDkey: kTestProviderID, + kDisplayNameKey: kTestDisplayName, + kPhotoUrlKey: kTestPhotoURL, + kFederatedIDKey: kTestFederatedID, + kEmailKey: kTestEmail, + ]], + kLocalIDKey: kTestLocalID, kDisplayNameKey: kTestDisplayName, - kPhotoUrlKey: kTestPhotoURL, - kFederatedIDKey: kTestFederatedID, kEmailKey: kTestEmail, - ]], - kLocalIDKey: kTestLocalID, - kDisplayNameKey: kTestDisplayName, - kEmailKey: kTestEmail, - kPhotoUrlKey: kTestPhotoURL, - kEmailVerifiedKey: true, - kPasswordHashKey: kTestPasswordHash, - kPasskeysKey: passkeys, - ] as [String: Any]] - let rpcIssuer = try XCTUnwrap(self.rpcIssuer) + kPhotoUrlKey: kTestPhotoURL, + kEmailVerifiedKey: true, + kPasswordHashKey: kTestPasswordHash, + kPasskeysKey: passkeys, + ] as [String: Any]] + let rpcIssuer = try XCTUnwrap(self.rpcIssuer) - rpcIssuer.respondBlock = { - try self.rpcIssuer.respond(withJSON: ["users": usersIn]) - } - let rpcResponse = try await authBackend.call(with: makeGetAccountInfoRequest()) + rpcIssuer.respondBlock = { + try self.rpcIssuer.respond(withJSON: ["users": usersIn]) + } + let rpcResponse = try await authBackend.call(with: makeGetAccountInfoRequest()) - let users = try XCTUnwrap(rpcResponse.users) - XCTAssertGreaterThan(users.count, 0) - let firstUser = try XCTUnwrap(users.first) - XCTAssertEqual(firstUser.photoURL?.absoluteString, kTestPhotoURL) - XCTAssertEqual(firstUser.displayName, kTestDisplayName) - XCTAssertEqual(firstUser.email, kTestEmail) - XCTAssertEqual(firstUser.localID, kTestLocalID) - XCTAssertTrue(firstUser.emailVerified) - let providerUserInfo = try XCTUnwrap(firstUser.providerUserInfo) - XCTAssertGreaterThan(providerUserInfo.count, 0) - let firstProviderUser = try XCTUnwrap(providerUserInfo.first) - XCTAssertEqual(firstProviderUser.photoURL?.absoluteString, kTestPhotoURL) - XCTAssertEqual(firstProviderUser.displayName, kTestDisplayName) - XCTAssertEqual(firstProviderUser.email, kTestEmail) - XCTAssertEqual(firstProviderUser.providerID, kTestProviderID) - XCTAssertEqual(firstProviderUser.federatedID, kTestFederatedID) - let enrolledPasskeys = try XCTUnwrap(firstUser.enrolledPasskeys) - XCTAssertEqual(enrolledPasskeys.count, 1) - XCTAssertEqual(enrolledPasskeys[0].credentialID, testCredentialId) - XCTAssertEqual(enrolledPasskeys[0].name, testPasskeyName) - } + let users = try XCTUnwrap(rpcResponse.users) + XCTAssertGreaterThan(users.count, 0) + let firstUser = try XCTUnwrap(users.first) + XCTAssertEqual(firstUser.photoURL?.absoluteString, kTestPhotoURL) + XCTAssertEqual(firstUser.displayName, kTestDisplayName) + XCTAssertEqual(firstUser.email, kTestEmail) + XCTAssertEqual(firstUser.localID, kTestLocalID) + XCTAssertTrue(firstUser.emailVerified) + let providerUserInfo = try XCTUnwrap(firstUser.providerUserInfo) + XCTAssertGreaterThan(providerUserInfo.count, 0) + let firstProviderUser = try XCTUnwrap(providerUserInfo.first) + XCTAssertEqual(firstProviderUser.photoURL?.absoluteString, kTestPhotoURL) + XCTAssertEqual(firstProviderUser.displayName, kTestDisplayName) + XCTAssertEqual(firstProviderUser.email, kTestEmail) + XCTAssertEqual(firstProviderUser.providerID, kTestProviderID) + XCTAssertEqual(firstProviderUser.federatedID, kTestFederatedID) + let enrolledPasskeys = try XCTUnwrap(firstUser.enrolledPasskeys) + XCTAssertEqual(enrolledPasskeys.count, 1) + XCTAssertEqual(enrolledPasskeys[0].credentialID, testCredentialId) + XCTAssertEqual(enrolledPasskeys[0].name, testPasskeyName) + } - func testInitWithMultipleEnrolledPasskeys() throws { - let passkey1: [String: AnyHashable] = ["name": "passkey1", "credentialId": "cred1"] - let passkey2: [String: AnyHashable] = ["name": "passkey2", "credentialId": "cred2"] - let userDict: [String: AnyHashable] = [ - "localId": "user123", - "email": "user@example.com", - "passkeyInfo": [passkey1, passkey2], - ] - let dict: [String: AnyHashable] = ["users": [userDict]] - let response = try GetAccountInfoResponse(dictionary: dict) - let users = try XCTUnwrap(response.users) - let firstUser = try XCTUnwrap(users.first) - let enrolledPasskeys = try XCTUnwrap(firstUser.enrolledPasskeys) - XCTAssertEqual(enrolledPasskeys.count, 2) - XCTAssertEqual(enrolledPasskeys[0].name, "passkey1") - XCTAssertEqual(enrolledPasskeys[0].credentialID, "cred1") - XCTAssertEqual(enrolledPasskeys[1].name, "passkey2") - XCTAssertEqual(enrolledPasskeys[1].credentialID, "cred2") - } + func testInitWithMultipleEnrolledPasskeys() throws { + let passkey1: [String: AnyHashable] = ["name": "passkey1", "credentialId": "cred1"] + let passkey2: [String: AnyHashable] = ["name": "passkey2", "credentialId": "cred2"] + let userDict: [String: AnyHashable] = [ + "localId": "user123", + "email": "user@example.com", + "passkeyInfo": [passkey1, passkey2], + ] + let dict: [String: AnyHashable] = ["users": [userDict]] + let response = try GetAccountInfoResponse(dictionary: dict) + let users = try XCTUnwrap(response.users) + let firstUser = try XCTUnwrap(users.first) + let enrolledPasskeys = try XCTUnwrap(firstUser.enrolledPasskeys) + XCTAssertEqual(enrolledPasskeys.count, 2) + XCTAssertEqual(enrolledPasskeys[0].name, "passkey1") + XCTAssertEqual(enrolledPasskeys[0].credentialID, "cred1") + XCTAssertEqual(enrolledPasskeys[1].name, "passkey2") + XCTAssertEqual(enrolledPasskeys[1].credentialID, "cred2") + } - func testInitWithNoEnrolledPasskeys() throws { - let userDict: [String: AnyHashable] = [ - "localId": "user123", - "email": "user@example.com", - // No "passkeys" present - ] - let dict: [String: AnyHashable] = ["users": [userDict]] - let response = try GetAccountInfoResponse(dictionary: dict) - let users = try XCTUnwrap(response.users) - let firstUser = try XCTUnwrap(users.first) - XCTAssertNil(firstUser.enrolledPasskeys) - } + func testInitWithNoEnrolledPasskeys() throws { + let userDict: [String: AnyHashable] = [ + "localId": "user123", + "email": "user@example.com", + // No "passkeys" present + ] + let dict: [String: AnyHashable] = ["users": [userDict]] + let response = try GetAccountInfoResponse(dictionary: dict) + let users = try XCTUnwrap(response.users) + let firstUser = try XCTUnwrap(users.first) + XCTAssertNil(firstUser.enrolledPasskeys) + } + #endif private func makeGetAccountInfoRequest() -> GetAccountInfoRequest { return GetAccountInfoRequest(accessToken: kTestAccessToken, diff --git a/FirebaseAuth/Tests/Unit/SetAccountInfoTests.swift b/FirebaseAuth/Tests/Unit/SetAccountInfoTests.swift index 7283c2e2c71..65107e0382c 100644 --- a/FirebaseAuth/Tests/Unit/SetAccountInfoTests.swift +++ b/FirebaseAuth/Tests/Unit/SetAccountInfoTests.swift @@ -36,170 +36,173 @@ class SetAccountInfoTests: RPCBaseTests { XCTAssertEqual(decodedRequest.count, 0) } - func testSetAccountInfoRequestOptionalFields() async throws { - let kIDTokenKey = "idToken" - let kDisplayNameKey = "displayName" - let kTestDisplayName = "testDisplayName" - let kLocalIDKey = "localId" - let kTestLocalID = "testLocalId" - let kEmailKey = "email" - let ktestEmail = "testEmail" - let kPasswordKey = "password" - let kTestPassword = "testPassword" - let kPhotoURLKey = "photoUrl" - let kTestPhotoURL = "testPhotoUrl" - let kProvidersKey = "provider" - let kTestProviders = "testProvider" - let kOOBCodeKey = "oobCode" - let kTestOOBCode = "testOobCode" - let kEmailVerifiedKey = "emailVerified" - let kUpgradeToFederatedLoginKey = "upgradeToFederatedLogin" - let kCaptchaChallengeKey = "captchaChallenge" - let kTestCaptchaChallenge = "TestCaptchaChallenge" - let kCaptchaResponseKey = "captchaResponse" - let kTestCaptchaResponse = "TestCaptchaResponse" - let kDeleteAttributesKey = "deleteAttribute" - let kTestDeleteAttributes = "TestDeleteAttributes" - let kDeleteProvidersKey = "deleteProvider" - let kTestDeleteProviders = "TestDeleteProviders" - let kReturnSecureTokenKey = "returnSecureToken" - let kTestAccessToken = "accessToken" - let kDeletePasskeysKey = "deletePasskey" - let kDeletePasskey = "credential_id" - let kExpectedAPIURL = - "https://www.googleapis.com/identitytoolkit/v3/relyingparty/setAccountInfo?key=APIKey" + #if os(iOS) || os(tvOS) || os(macOS) - let request = setAccountInfoRequest() - request.accessToken = kTestAccessToken - request.displayName = kTestDisplayName - request.localID = kTestLocalID - request.email = ktestEmail - request.password = kTestPassword - request.providers = [kTestProviders] - request.oobCode = kTestOOBCode - request.emailVerified = true - request.photoURL = URL(string: kTestPhotoURL) - request.upgradeToFederatedLogin = true - request.captchaChallenge = kTestCaptchaChallenge - request.captchaResponse = kTestCaptchaResponse - request.deleteAttributes = [kTestDeleteAttributes] - request.deleteProviders = [kTestDeleteProviders] - request.deletePasskeys = [kDeletePasskey] + func testSetAccountInfoRequestOptionalFields() async throws { + let kIDTokenKey = "idToken" + let kDisplayNameKey = "displayName" + let kTestDisplayName = "testDisplayName" + let kLocalIDKey = "localId" + let kTestLocalID = "testLocalId" + let kEmailKey = "email" + let ktestEmail = "testEmail" + let kPasswordKey = "password" + let kTestPassword = "testPassword" + let kPhotoURLKey = "photoUrl" + let kTestPhotoURL = "testPhotoUrl" + let kProvidersKey = "provider" + let kTestProviders = "testProvider" + let kOOBCodeKey = "oobCode" + let kTestOOBCode = "testOobCode" + let kEmailVerifiedKey = "emailVerified" + let kUpgradeToFederatedLoginKey = "upgradeToFederatedLogin" + let kCaptchaChallengeKey = "captchaChallenge" + let kTestCaptchaChallenge = "TestCaptchaChallenge" + let kCaptchaResponseKey = "captchaResponse" + let kTestCaptchaResponse = "TestCaptchaResponse" + let kDeleteAttributesKey = "deleteAttribute" + let kTestDeleteAttributes = "TestDeleteAttributes" + let kDeleteProvidersKey = "deleteProvider" + let kTestDeleteProviders = "TestDeleteProviders" + let kReturnSecureTokenKey = "returnSecureToken" + let kTestAccessToken = "accessToken" + let kDeletePasskeysKey = "deletePasskey" + let kDeletePasskey = "credential_id" + let kExpectedAPIURL = + "https://www.googleapis.com/identitytoolkit/v3/relyingparty/setAccountInfo?key=APIKey" - try await checkRequest( - request: request, - expected: kExpectedAPIURL, - key: kIDTokenKey, - value: kTestAccessToken - ) - let decodedRequest = try XCTUnwrap(rpcIssuer.decodedRequest) - XCTAssertEqual(decodedRequest[kIDTokenKey] as? String, kTestAccessToken) - XCTAssertEqual(decodedRequest[kDisplayNameKey] as? String, kTestDisplayName) - XCTAssertEqual(decodedRequest[kLocalIDKey] as? String, kTestLocalID) - XCTAssertEqual(decodedRequest[kEmailKey] as? String, ktestEmail) - XCTAssertEqual(decodedRequest[kPasswordKey] as? String, kTestPassword) - XCTAssertEqual(decodedRequest[kPhotoURLKey] as? String, kTestPhotoURL) - XCTAssertEqual(decodedRequest[kProvidersKey] as? [String], [kTestProviders]) - XCTAssertEqual(decodedRequest[kOOBCodeKey] as? String, kTestOOBCode) - XCTAssertEqual(decodedRequest[kEmailVerifiedKey] as? Bool, true) - XCTAssertEqual(decodedRequest[kUpgradeToFederatedLoginKey] as? Bool, true) - XCTAssertEqual(decodedRequest[kCaptchaChallengeKey] as? String, kTestCaptchaChallenge) - XCTAssertEqual(decodedRequest[kCaptchaResponseKey] as? String, kTestCaptchaResponse) - XCTAssertEqual(decodedRequest[kDeleteAttributesKey] as? [String], [kTestDeleteAttributes]) - XCTAssertEqual(decodedRequest[kDeleteProvidersKey] as? [String], [kTestDeleteProviders]) - XCTAssertEqual(decodedRequest[kReturnSecureTokenKey] as? Bool, true) - XCTAssertEqual(decodedRequest[kDeletePasskeysKey] as? [String], [kDeletePasskey]) - } + let request = setAccountInfoRequest() + request.accessToken = kTestAccessToken + request.displayName = kTestDisplayName + request.localID = kTestLocalID + request.email = ktestEmail + request.password = kTestPassword + request.providers = [kTestProviders] + request.oobCode = kTestOOBCode + request.emailVerified = true + request.photoURL = URL(string: kTestPhotoURL) + request.upgradeToFederatedLogin = true + request.captchaChallenge = kTestCaptchaChallenge + request.captchaResponse = kTestCaptchaResponse + request.deleteAttributes = [kTestDeleteAttributes] + request.deleteProviders = [kTestDeleteProviders] + request.deletePasskeys = [kDeletePasskey] - func testSetAccountInfoErrors() async throws { - let kEmailExistsErrorMessage = "EMAIL_EXISTS" - let kEmailSignUpNotAllowedErrorMessage = "OPERATION_NOT_ALLOWED" - let kPasswordLoginDisabledErrorMessage = "PASSWORD_LOGIN_DISABLED" - let kCredentialTooOldErrorMessage = "CREDENTIAL_TOO_OLD_LOGIN_AGAIN" - let kInvalidUserTokenErrorMessage = "INVALID_ID_TOKEN" - let kUserDisabledErrorMessage = "USER_DISABLED" - let kInvalidEmailErrorMessage = "INVALID_EMAIL" - let kExpiredActionCodeErrorMessage = "EXPIRED_OOB_CODE:" - let kInvalidActionCodeErrorMessage = "INVALID_OOB_CODE" - let kInvalidMessagePayloadErrorMessage = "INVALID_MESSAGE_PAYLOAD" - let kInvalidSenderErrorMessage = "INVALID_SENDER" - let kInvalidRecipientEmailErrorMessage = "INVALID_RECIPIENT_EMAIL" - let kWeakPasswordErrorMessage = "WEAK_PASSWORD : Password should be at least 6 characters" - let kWeakPasswordClientErrorMessage = "Password should be at least 6 characters" - let kInvalidCredentialIdForPasskeyUnenroll = "PASSKEY_ENROLLMENT_NOT_FOUND" + try await checkRequest( + request: request, + expected: kExpectedAPIURL, + key: kIDTokenKey, + value: kTestAccessToken + ) + let decodedRequest = try XCTUnwrap(rpcIssuer.decodedRequest) + XCTAssertEqual(decodedRequest[kIDTokenKey] as? String, kTestAccessToken) + XCTAssertEqual(decodedRequest[kDisplayNameKey] as? String, kTestDisplayName) + XCTAssertEqual(decodedRequest[kLocalIDKey] as? String, kTestLocalID) + XCTAssertEqual(decodedRequest[kEmailKey] as? String, ktestEmail) + XCTAssertEqual(decodedRequest[kPasswordKey] as? String, kTestPassword) + XCTAssertEqual(decodedRequest[kPhotoURLKey] as? String, kTestPhotoURL) + XCTAssertEqual(decodedRequest[kProvidersKey] as? [String], [kTestProviders]) + XCTAssertEqual(decodedRequest[kOOBCodeKey] as? String, kTestOOBCode) + XCTAssertEqual(decodedRequest[kEmailVerifiedKey] as? Bool, true) + XCTAssertEqual(decodedRequest[kUpgradeToFederatedLoginKey] as? Bool, true) + XCTAssertEqual(decodedRequest[kCaptchaChallengeKey] as? String, kTestCaptchaChallenge) + XCTAssertEqual(decodedRequest[kCaptchaResponseKey] as? String, kTestCaptchaResponse) + XCTAssertEqual(decodedRequest[kDeleteAttributesKey] as? [String], [kTestDeleteAttributes]) + XCTAssertEqual(decodedRequest[kDeleteProvidersKey] as? [String], [kTestDeleteProviders]) + XCTAssertEqual(decodedRequest[kReturnSecureTokenKey] as? Bool, true) + XCTAssertEqual(decodedRequest[kDeletePasskeysKey] as? [String], [kDeletePasskey]) + } - try await checkBackendError( - request: setAccountInfoRequest(), - message: kEmailExistsErrorMessage, - errorCode: AuthErrorCode.emailAlreadyInUse - ) - try await checkBackendError( - request: setAccountInfoRequest(), - message: kEmailSignUpNotAllowedErrorMessage, - errorCode: AuthErrorCode.operationNotAllowed - ) - try await checkBackendError( - request: setAccountInfoRequest(), - message: kPasswordLoginDisabledErrorMessage, - errorCode: AuthErrorCode.operationNotAllowed - ) - try await checkBackendError( - request: setAccountInfoRequest(), - message: kUserDisabledErrorMessage, - errorCode: AuthErrorCode.userDisabled - ) - try await checkBackendError( - request: setAccountInfoRequest(), - message: kInvalidUserTokenErrorMessage, - errorCode: AuthErrorCode.invalidUserToken - ) - try await checkBackendError( - request: setAccountInfoRequest(), - message: kCredentialTooOldErrorMessage, - errorCode: AuthErrorCode.requiresRecentLogin - ) - try await checkBackendError( - request: setAccountInfoRequest(), - message: kWeakPasswordErrorMessage, - errorCode: AuthErrorCode.weakPassword, - errorReason: kWeakPasswordClientErrorMessage - ) - try await checkBackendError( - request: setAccountInfoRequest(), - message: kInvalidEmailErrorMessage, - errorCode: AuthErrorCode.invalidEmail - ) - try await checkBackendError( - request: setAccountInfoRequest(), - message: kInvalidActionCodeErrorMessage, - errorCode: AuthErrorCode.invalidActionCode - ) - try await checkBackendError( - request: setAccountInfoRequest(), - message: kExpiredActionCodeErrorMessage, - errorCode: AuthErrorCode.expiredActionCode - ) - try await checkBackendError( - request: setAccountInfoRequest(), - message: kInvalidMessagePayloadErrorMessage, - errorCode: AuthErrorCode.invalidMessagePayload - ) - try await checkBackendError( - request: setAccountInfoRequest(), - message: kInvalidSenderErrorMessage, - errorCode: AuthErrorCode.invalidSender - ) - try await checkBackendError( - request: setAccountInfoRequest(), - message: kInvalidRecipientEmailErrorMessage, - errorCode: AuthErrorCode.invalidRecipientEmail - ) - try await checkBackendError( - request: setAccountInfoRequest(), - message: kInvalidCredentialIdForPasskeyUnenroll, - errorCode: AuthErrorCode.missingPasskeyEnrollment - ) - } + func testSetAccountInfoErrors() async throws { + let kEmailExistsErrorMessage = "EMAIL_EXISTS" + let kEmailSignUpNotAllowedErrorMessage = "OPERATION_NOT_ALLOWED" + let kPasswordLoginDisabledErrorMessage = "PASSWORD_LOGIN_DISABLED" + let kCredentialTooOldErrorMessage = "CREDENTIAL_TOO_OLD_LOGIN_AGAIN" + let kInvalidUserTokenErrorMessage = "INVALID_ID_TOKEN" + let kUserDisabledErrorMessage = "USER_DISABLED" + let kInvalidEmailErrorMessage = "INVALID_EMAIL" + let kExpiredActionCodeErrorMessage = "EXPIRED_OOB_CODE:" + let kInvalidActionCodeErrorMessage = "INVALID_OOB_CODE" + let kInvalidMessagePayloadErrorMessage = "INVALID_MESSAGE_PAYLOAD" + let kInvalidSenderErrorMessage = "INVALID_SENDER" + let kInvalidRecipientEmailErrorMessage = "INVALID_RECIPIENT_EMAIL" + let kWeakPasswordErrorMessage = "WEAK_PASSWORD : Password should be at least 6 characters" + let kWeakPasswordClientErrorMessage = "Password should be at least 6 characters" + let kInvalidCredentialIdForPasskeyUnenroll = "PASSKEY_ENROLLMENT_NOT_FOUND" + + try await checkBackendError( + request: setAccountInfoRequest(), + message: kEmailExistsErrorMessage, + errorCode: AuthErrorCode.emailAlreadyInUse + ) + try await checkBackendError( + request: setAccountInfoRequest(), + message: kEmailSignUpNotAllowedErrorMessage, + errorCode: AuthErrorCode.operationNotAllowed + ) + try await checkBackendError( + request: setAccountInfoRequest(), + message: kPasswordLoginDisabledErrorMessage, + errorCode: AuthErrorCode.operationNotAllowed + ) + try await checkBackendError( + request: setAccountInfoRequest(), + message: kUserDisabledErrorMessage, + errorCode: AuthErrorCode.userDisabled + ) + try await checkBackendError( + request: setAccountInfoRequest(), + message: kInvalidUserTokenErrorMessage, + errorCode: AuthErrorCode.invalidUserToken + ) + try await checkBackendError( + request: setAccountInfoRequest(), + message: kCredentialTooOldErrorMessage, + errorCode: AuthErrorCode.requiresRecentLogin + ) + try await checkBackendError( + request: setAccountInfoRequest(), + message: kWeakPasswordErrorMessage, + errorCode: AuthErrorCode.weakPassword, + errorReason: kWeakPasswordClientErrorMessage + ) + try await checkBackendError( + request: setAccountInfoRequest(), + message: kInvalidEmailErrorMessage, + errorCode: AuthErrorCode.invalidEmail + ) + try await checkBackendError( + request: setAccountInfoRequest(), + message: kInvalidActionCodeErrorMessage, + errorCode: AuthErrorCode.invalidActionCode + ) + try await checkBackendError( + request: setAccountInfoRequest(), + message: kExpiredActionCodeErrorMessage, + errorCode: AuthErrorCode.expiredActionCode + ) + try await checkBackendError( + request: setAccountInfoRequest(), + message: kInvalidMessagePayloadErrorMessage, + errorCode: AuthErrorCode.invalidMessagePayload + ) + try await checkBackendError( + request: setAccountInfoRequest(), + message: kInvalidSenderErrorMessage, + errorCode: AuthErrorCode.invalidSender + ) + try await checkBackendError( + request: setAccountInfoRequest(), + message: kInvalidRecipientEmailErrorMessage, + errorCode: AuthErrorCode.invalidRecipientEmail + ) + try await checkBackendError( + request: setAccountInfoRequest(), + message: kInvalidCredentialIdForPasskeyUnenroll, + errorCode: AuthErrorCode.missingPasskeyEnrollment + ) + } + #endif /** @fn testSuccessfulSetAccountInfoResponse @brief This test simulates a successful @c SetAccountInfo flow.