feat: Anonymous sign in and auto upgrade

Author: demolaf

auth/src/main/AndroidManifest.xml

@@ -122,27 +122,6 @@
                 <data android:scheme="@string/facebook_login_protocol_scheme" />
             </intent-filter>
         </activity>
-
-        <!-- Email Link Sign-In Handler Activity for Compose -->
-        <!-- This activity handles deep links for passwordless email authentication -->
-        <!-- The host is automatically read from firebase_web_host in config.xml -->
-        <!-- NOTE: firebase_web_host must be lowercase (e.g., project-id.firebaseapp.com) -->
-        <activity
-            android:name=".compose.ui.screens.EmailSignInLinkHandlerActivity"
-            android:label=""
-            android:exported="true"
-            android:theme="@style/FirebaseUI.Transparent">
-            <intent-filter android:autoVerify="true">
-                <action android:name="android.intent.action.VIEW" />
-                <category android:name="android.intent.category.DEFAULT" />
-                <category android:name="android.intent.category.BROWSABLE" />
-                <data
-                    android:scheme="https"
-                    android:host="@string/firebase_web_host"
-                    tools:ignore="AppLinksAutoVerify,AppLinkUrlError" />
-            </intent-filter>
-        </activity>
-
         <provider
             android:name=".data.client.AuthUiInitProvider"
             android:authorities="${applicationId}.authuiinitprovider"

auth/src/main/java/com/firebase/ui/auth/compose/configuration/auth_provider/AnonymousAuthProvider+FirebaseAuthUI.kt

@@ -0,0 +1,98 @@
+package com.firebase.ui.auth.compose.configuration.auth_provider
+
+import com.firebase.ui.auth.compose.AuthException
+import com.firebase.ui.auth.compose.AuthState
+import com.firebase.ui.auth.compose.FirebaseAuthUI
+import kotlinx.coroutines.CancellationException
+import kotlinx.coroutines.tasks.await
+
+
+/**
+ * Signs in a user anonymously with Firebase Authentication.
+ *
+ * This method creates a temporary anonymous user account that can be used for testing
+ * or as a starting point for users who want to try the app before creating a permanent
+ * account. Anonymous users can later be upgraded to permanent accounts by linking
+ * credentials (email/password, social providers, phone, etc.).
+ *
+ * **Flow:**
+ * 1. Updates auth state to loading with "Signing in anonymously..." message
+ * 2. Calls Firebase Auth's `signInAnonymously()` method
+ * 3. Updates auth state to idle on success
+ * 4. Handles cancellation and converts exceptions to [AuthException] types
+ *
+ * **Anonymous Account Benefits:**
+ * - No user data collection required
+ * - Immediate access to app features
+ * - Can be upgraded to permanent account later
+ * - Useful for guest users and app trials
+ *
+ * **Account Upgrade:**
+ * Anonymous accounts can be upgraded to permanent accounts by calling methods like:
+ * - [signInAndLinkWithCredential] with email/password or social credentials
+ * - [createOrLinkUserWithEmailAndPassword] for email/password accounts
+ * - [signInWithPhoneAuthCredential] for phone authentication
+ *
+ * **Example: Basic anonymous sign-in**
+ * ```kotlin
+ * try {
+ *     firebaseAuthUI.signInAnonymously()
+ *     // User is now signed in anonymously
+ *     // Show app content or prompt for account creation
+ * } catch (e: AuthException.AuthCancelledException) {
+ *     // User cancelled the sign-in process
+ * } catch (e: AuthException.NetworkException) {
+ *     // Network error occurred
+ * }
+ * ```
+ *
+ * **Example: Anonymous sign-in with upgrade flow**
+ * ```kotlin
+ * // Step 1: Sign in anonymously
+ * firebaseAuthUI.signInAnonymously()
+ * 
+ * // Step 2: Later, upgrade to permanent account
+ * try {
+ *     firebaseAuthUI.createOrLinkUserWithEmailAndPassword(
+ *         context = context,
+ *         config = authUIConfig,
+ *         provider = emailProvider,
+ *         name = "John Doe",
+ *         email = "[email protected]",
+ *         password = "SecurePass123!"
+ *     )
+ *     // Anonymous account upgraded to permanent email/password account
+ * } catch (e: AuthException.AccountLinkingRequiredException) {
+ *     // Email already exists - show account linking UI
+ * }
+ * ```
+ *
+ * @throws AuthException.AuthCancelledException if the coroutine is cancelled
+ * @throws AuthException.NetworkException if a network error occurs
+ * @throws AuthException.UnknownException for other authentication errors
+ *
+ * @see signInAndLinkWithCredential for upgrading anonymous accounts
+ * @see createOrLinkUserWithEmailAndPassword for email/password upgrade
+ * @see signInWithPhoneAuthCredential for phone authentication upgrade
+ */
+suspend fun FirebaseAuthUI.signInAnonymously() {
+    try {
+        updateAuthState(AuthState.Loading("Signing in anonymously..."))
+        auth.signInAnonymously().await()
+        updateAuthState(AuthState.Idle)
+    } catch (e: CancellationException) {
+        val cancelledException = AuthException.AuthCancelledException(
+            message = "Sign in anonymously was cancelled",
+            cause = e
+        )
+        updateAuthState(AuthState.Error(cancelledException))
+        throw cancelledException
+    } catch (e: AuthException) {
+        updateAuthState(AuthState.Error(e))
+        throw e
+    } catch (e: Exception) {
+        val authException = AuthException.from(e)
+        updateAuthState(AuthState.Error(authException))
+        throw authException
+    }
+}

auth/src/main/java/com/firebase/ui/auth/compose/configuration/auth_provider/FacebookAuthProvider+FirebaseAuthUI.kt

@@ -50,6 +50,7 @@ import kotlinx.coroutines.launch
  *
  * @see signInWithFacebook
  */
+// TODO(demolaf): make this internal after testing with compose app
 @Composable
 fun FirebaseAuthUI.rememberSignInWithFacebookLauncher(
     context: Context,

auth/src/main/java/com/firebase/ui/auth/compose/ui/method_picker/AuthMethodPicker.kt

@@ -122,10 +122,10 @@ fun AuthMethodPicker(
             }
         }
         AnnotatedStringResource(
+            modifier = Modifier.padding(vertical = 16.dp, horizontal = 16.dp),
             context = context,
             inPreview = inPreview,
             previewText = "By continuing, you accept our Terms of Service and Privacy Policy.",
-            modifier = Modifier.padding(vertical = 16.dp),
             id = R.string.fui_tos_and_pp,
             links = arrayOf(
                 "Terms of Service" to (termsOfServiceUrl ?: ""),

composeapp/src/main/AndroidManifest.xml

@@ -22,6 +22,21 @@
 
                 <category android:name="android.intent.category.LAUNCHER" />
             </intent-filter>
+
+            <!-- Email Link Sign-In Handler Activity for Compose -->
+            <!-- This activity handles deep links for passwordless email authentication -->
+            <!-- The host is automatically read from firebase_web_host in config.xml -->
+            <!-- NOTE: firebase_web_host must be lowercase (e.g., project-id.firebaseapp.com) -->
+            <intent-filter android:autoVerify="true">
+                <action android:name="android.intent.action.VIEW" />
+                <category android:name="android.intent.category.DEFAULT" />
+                <category android:name="android.intent.category.BROWSABLE" />
+                <data
+                    android:scheme="https"
+                    android:host="@string/firebase_web_host"
+                    android:pathPattern="/__/auth/links"
+                    tools:ignore="AppLinksAutoVerify,AppLinkUrlError" />
+            </intent-filter>
         </activity>
     </application>
 

composeapp/src/main/java/com/firebase/composeapp/MainActivity.kt

@@ -1,8 +1,10 @@
 package com.firebase.composeapp
 
+import android.content.Context
 import android.os.Bundle
 import androidx.activity.ComponentActivity
 import androidx.activity.compose.setContent
+import androidx.activity.enableEdgeToEdge
 import androidx.compose.foundation.layout.fillMaxSize
 import androidx.compose.material3.MaterialTheme
 import androidx.compose.material3.Surface
@@ -51,6 +53,7 @@ sealed class Route : NavKey {
 class MainActivity : ComponentActivity() {
     override fun onCreate(savedInstanceState: Bundle?) {
         super.onCreate(savedInstanceState)
+        enableEdgeToEdge()
 
         FirebaseApp.initializeApp(applicationContext)
         val authUI = FirebaseAuthUI.getInstance()
@@ -62,6 +65,9 @@ class MainActivity : ComponentActivity() {
         val configuration = authUIConfiguration {
             context = applicationContext
             providers {
+                provider(
+                    AuthProvider.Anonymous
+                )
                 provider(
                     AuthProvider.Email(
                         isDisplayNameRequired = true,
@@ -102,6 +108,7 @@ class MainActivity : ComponentActivity() {
                     )
                 )
             }
+            isAnonymousUpgradeEnabled = true
             tosUrl = "https://policies.google.com/terms?hl=en-NG&fg=1"
             privacyPolicyUrl = "https://policies.google.com/privacy?hl=en-NG&fg=1"
         }
@@ -141,6 +148,7 @@ class MainActivity : ComponentActivity() {
 
                                 is Route.EmailAuth -> NavEntry(entry) {
                                     LaunchEmailAuth(
+                                        context = applicationContext,
                                         authUI = authUI,
                                         configuration = configuration,
                                         backStack = backStack,
@@ -167,55 +175,6 @@ class MainActivity : ComponentActivity() {
         }
     }
 
-    @Composable
-    private fun LaunchEmailAuth(
-        authUI: FirebaseAuthUI,
-        configuration: AuthUIConfiguration,
-        credentialForLinking: AuthCredential? = null,
-        backStack: NavBackStack,
-        emailLink: String? = null
-    ) {
-        val provider = configuration.providers
-            .filterIsInstance<AuthProvider.Email>()
-            .first()
-
-        // Handle email link sign-in if present
-        if (emailLink != null) {
-            LaunchedEffect(emailLink) {
-
-                try {
-                    val emailFromSession =
-                        EmailLinkPersistenceManager
-                            .retrieveSessionRecord(
-                                applicationContext
-                            )?.email
-
-                    if (emailFromSession != null) {
-                        authUI.signInWithEmailLink(
-                            context = applicationContext,
-                            config = configuration,
-                            provider = provider,
-                            email = emailFromSession,
-                            emailLink = emailLink,
-                        )
-                    }
-                } catch (e: Exception) {
-                    // Error handling is done via AuthState.Error in the auth flow
-                }
-            }
-        }
-
-        EmailAuthMain(
-            context = applicationContext,
-            configuration = configuration,
-            authUI = authUI,
-            credentialForLinking = credentialForLinking,
-            onSetupMfa = {
-                backStack.add(Route.MfaEnrollment)
-            }
-        )
-    }
-
     @Composable
     private fun LaunchPhoneAuth(
         authUI: FirebaseAuthUI,
@@ -284,4 +243,51 @@ class MainActivity : ComponentActivity() {
             backStack.removeLastOrNull()
         }
     }
+}
+
+@Composable
+fun LaunchEmailAuth(
+    context: Context,
+    authUI: FirebaseAuthUI,
+    configuration: AuthUIConfiguration,
+    credentialForLinking: AuthCredential? = null,
+    backStack: NavBackStack,
+    emailLink: String? = null
+) {
+    val provider = configuration.providers
+        .filterIsInstance<AuthProvider.Email>()
+        .first()
+
+    // Handle email link sign-in if present
+    if (emailLink != null) {
+        LaunchedEffect(emailLink) {
+
+            try {
+                val emailFromSession =
+                    EmailLinkPersistenceManager.retrieveSessionRecord(context)?.email
+
+                if (emailFromSession != null) {
+                    authUI.signInWithEmailLink(
+                        context = context,
+                        config = configuration,
+                        provider = provider,
+                        email = emailFromSession,
+                        emailLink = emailLink,
+                    )
+                }
+            } catch (e: Exception) {
+                // Error handling is done via AuthState.Error in the auth flow
+            }
+        }
+    }
+
+    EmailAuthMain(
+        context = context,
+        configuration = configuration,
+        authUI = authUI,
+        credentialForLinking = credentialForLinking,
+        onSetupMfa = {
+            backStack.add(Route.MfaEnrollment)
+        }
+    )
 }