Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updated to fix issues-4170 #7980

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
+105 −5
Open

Updated to fix issues-4170 #7980

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
55beef0
Updated to fix issues-4170
mohankumarelec Nov 21, 2024
9c421d5
Fixed as per the review
mohankumarelec Nov 22, 2024
730cb51
Merge branch 'master' into bug-4170
mohankumarelec Nov 22, 2024
c97a911
Fixed linting issues
mohankumarelec Nov 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 13 additions & 2 deletions src/emulator/auth/operations.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1030,10 +1030,9 @@
{ privileged = false, emulatorUrl = undefined }: { privileged?: boolean; emulatorUrl?: URL } = {},
): Schemas["GoogleCloudIdentitytoolkitV1SetAccountInfoResponse"] {
// TODO: Implement these.
const unimplementedFields: (keyof typeof reqBody)[] = [

Check failure on line 1033 in src/emulator/auth/operations.ts

View workflow job for this annotation

GitHub Actions / lint (20) 

Replace `⏎····"provider",⏎····"upgradeToFederatedLogin"⏎··` with `"provider",·"upgradeToFederatedLogin"`

Check failure on line 1033 in src/emulator/auth/operations.ts

View workflow job for this annotation

GitHub Actions / unit (18) 

Replace `⏎····"provider",⏎····"upgradeToFederatedLogin"⏎··` with `"provider",·"upgradeToFederatedLogin"`
"provider",
"upgradeToFederatedLogin",
"linkProviderUserInfo",
"upgradeToFederatedLogin"
];
for (const field of unimplementedFields) {
if (field in reqBody) {
Expand Down Expand Up @@ -1232,8 +1231,20 @@
}
}

if (reqBody.linkProviderUserInfo) {
if (!reqBody.linkProviderUserInfo.providerId?.length) {
throw new Error("providerId is required and must be a non-empty string.")

Check failure on line 1236 in src/emulator/auth/operations.ts

View workflow job for this annotation

GitHub Actions / lint (20) 

Insert `;`

Check failure on line 1236 in src/emulator/auth/operations.ts

View workflow job for this annotation

GitHub Actions / unit (18) 

Insert `;`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These should use assert to throw a client error instead of internal error, but I don't know what the correct error codes should be. Maybe we can settle with assert(condition, "TODO_ERROR_CODE : missing providerId") for now

}
if (!reqBody.linkProviderUserInfo.rawId?.length) {
throw new Error("rawId is required and must be a non-empty string.")

Check failure on line 1239 in src/emulator/auth/operations.ts

View workflow job for this annotation

GitHub Actions / lint (20) 

Insert `;`

Check failure on line 1239 in src/emulator/auth/operations.ts

View workflow job for this annotation

GitHub Actions / unit (18) 

Insert `;`
}
}

user = state.updateUserByLocalId(user.localId, updates, {
deleteProviders: reqBody.deleteProvider,
upsertProviders: reqBody.linkProviderUserInfo
? [reqBody.linkProviderUserInfo as ProviderUserInfo]
: undefined,
});

// Only initiate the recover email OOB flow for non-anonymous users
Expand Down
93 changes: 93 additions & 0 deletions src/emulator/auth/setAccountInfo.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1254,4 +1254,97 @@
expect(oobs[0].requestType).to.equal("RECOVER_EMAIL");
expect(oobs[0].oobLink).to.include(tenant.tenantId);
});

it("should link provider account with existing user account", async () => {
const { idToken } = await registerUser(authApi(), {
email: "test@example.com",
password: "password",
});

const providerId = "google.com";
const rawId = "google_user_id";
const providerUserInfo = {
providerId,
rawId,
email: "linked@example.com",
displayName: "Linked User",
photoUrl: "https://example.com/photo.jpg",
};

await authApi()
.post("/identitytoolkit.googleapis.com/v1/accounts:update")
.query({ key: "fake-api-key" })
.send({ idToken, linkProviderUserInfo: providerUserInfo })
.then((res) => {
expectStatusCode(200, res);
const providers = res.body.providerUserInfo;
expect(providers).to.have.length(2); // Original email/password + linked provider

const linkedProvider = providers.find((p: ProviderUserInfo) => p.providerId === providerId);
expect(linkedProvider).to.deep.equal(providerUserInfo);
});

const accountInfo = await getAccountInfoByIdToken(authApi(), idToken);
expect(accountInfo.providerUserInfo).to.have.length(2);
const linkedProviderInfo = accountInfo.providerUserInfo?.find((p: ProviderUserInfo) => p.providerId === providerId);

Check failure on line 1289 in src/emulator/auth/setAccountInfo.spec.ts

View workflow job for this annotation

GitHub Actions / lint (20) 

Replace `(p:·ProviderUserInfo)·=>·p.providerId·===·providerId` with `⏎······(p:·ProviderUserInfo)·=>·p.providerId·===·providerId,⏎····`

Check failure on line 1289 in src/emulator/auth/setAccountInfo.spec.ts

View workflow job for this annotation

GitHub Actions / unit (18) 

Replace `(p:·ProviderUserInfo)·=>·p.providerId·===·providerId` with `⏎······(p:·ProviderUserInfo)·=>·p.providerId·===·providerId,⏎····`
expect(linkedProviderInfo).to.deep.equal(providerUserInfo);
});

it("should error if linkProviderUserInfo is missing required fields", async () => {
const { idToken } = await registerUser(authApi(), {
email: "test@example.com",
password: "password",
});

const incompleteProviderUserInfo1 = {
providerId: "google.com",
email: "linked@example.com",
};

await authApi()
.post("/identitytoolkit.googleapis.com/v1/accounts:update")
.query({ key: "fake-api-key" })
.send({ idToken, linkProviderUserInfo: incompleteProviderUserInfo1 })
.catch((err) => {
expect(err.response.status).to.equal(500); // Expecting internal server error since it's a missing validation
});

const incompleteProviderUserInfo2 = {
rawId: "google_user_id",
email: "linked@example.com",
};

await authApi()
.post("/identitytoolkit.googleapis.com/v1/accounts:update")
.query({ key: "fake-api-key" })
.send({ idToken, linkProviderUserInfo: incompleteProviderUserInfo2 })
.catch((err) => {
expect(err.response.status).to.equal(500); // Expecting internal server error since it's a missing validation

Check failure on line 1322 in src/emulator/auth/setAccountInfo.spec.ts

View workflow job for this annotation

GitHub Actions / lint (20) 

Delete `⏎`

Check failure on line 1322 in src/emulator/auth/setAccountInfo.spec.ts

View workflow job for this annotation

GitHub Actions / unit (18) 

Delete `⏎`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As mentioned above, let's make this a 400


});
});

it("should error if user is disabled when linking a provider", async () => {
const { localId, idToken } = await registerUser(authApi(), {
email: "test@example.com",
password: "password",
});

await updateAccountByLocalId(authApi(), localId, { disableUser: true });

const providerUserInfo = {
providerId: "google.com",
rawId: "google_user_id",
email: "linked@example.com",
};

await authApi()
.post("/identitytoolkit.googleapis.com/v1/accounts:update")
.query({ key: "fake-api-key" })
.send({ idToken, linkProviderUserInfo: providerUserInfo })
.then((res) => {
expectStatusCode(400, res);
expect(res.body.error.message).to.equal("USER_DISABLED");
});
});
});
Loading