fix: auth provider validation and tests

demolaf · demolaf · commit 676a4c599157 · 2025-09-24T10:41:03.000+01:00
- validate serverClientId empty string - validate applicationId empty string - remove @test(expected=) not descriptive - tests covering AuthProviders Google and Facebook config validation
diff --git a/auth/src/main/java/com/firebase/ui/auth/compose/configuration/AuthProvider.kt b/auth/src/main/java/com/firebase/ui/auth/compose/configuration/AuthProvider.kt
@@ -91,7 +91,6 @@ abstract class AuthProvider(open val providerId: String) {
          * When enabled, prevents email links from being opened on different devices,
          * which is required for security when upgrading anonymous users. Defaults to true.
          */
-
         val isEmailLinkForceSameDeviceEnabled: Boolean = true,
 
         /**
@@ -232,20 +231,18 @@ abstract class AuthProvider(open val providerId: String) {
         customParameters = customParameters
     ) {
         fun validate(context: Context) {
-            // TODO(demolaf): do we need this? since we are requesting this in AuthProvider.Google?
-            //  if serverClientId is nullable do we still need to throw an IllegalStateException?
-            // if (serverClientId == null) {
-            //     Preconditions.checkConfigured(
-            //         context,
-            //         "Check your google-services plugin configuration, the" +
-            //                 " default_web_client_id string wasn't populated.",
-            //         R.string.default_web_client_id
-            //     )
-            // } else {
-            //     require(serverClientId.isNotBlank()) {
-            //         "Server client ID cannot be blank."
-            //     }
-            // }
+            if (serverClientId == null) {
+                Preconditions.checkConfigured(
+                    context,
+                    "Check your google-services plugin configuration, the" +
+                            " default_web_client_id string wasn't populated.",
+                    R.string.default_web_client_id
+                )
+            } else {
+                require(serverClientId.isNotBlank()) {
+                    "Server client ID cannot be blank."
+                }
+            }
 
             val hasEmailScope = scopes.contains("email")
             if (!hasEmailScope) {
@@ -294,19 +291,18 @@ abstract class AuthProvider(open val providerId: String) {
                 )
             }
 
-            // Check application ID - either from parameter or string resources
-            // if (applicationId == null) {
-            //     Preconditions.checkConfigured(
-            //         context,
-            //         "Facebook provider unconfigured. Make sure to " +
-            //                 "add a `facebook_application_id` string or provide applicationId parameter.",
-            //         R.string.facebook_application_id
-            //     )
-            // } else {
-            //     require(applicationId.isNotBlank()) {
-            //         "Facebook application ID cannot be blank"
-            //     }
-            // }
+            if (applicationId == null) {
+                Preconditions.checkConfigured(
+                    context,
+                    "Facebook provider unconfigured. Make sure to " +
+                            "add a `facebook_application_id` string or provide applicationId parameter.",
+                    R.string.facebook_application_id
+                )
+            } else {
+                require(applicationId.isNotBlank()) {
+                    "Facebook application ID cannot be blank"
+                }
+            }
         }
     }
 
diff --git a/auth/src/test/java/com/firebase/ui/auth/compose/configuration/AuthProviderTest.kt b/auth/src/test/java/com/firebase/ui/auth/compose/configuration/AuthProviderTest.kt
@@ -16,6 +16,7 @@ package com.firebase.ui.auth.compose.configuration
 
 import android.content.Context
 import androidx.test.core.app.ApplicationProvider
+import com.google.common.truth.Truth.assertThat
 import com.google.firebase.auth.actionCodeSettings
 import org.junit.Before
 import org.junit.Test
@@ -70,18 +71,26 @@ class AuthProviderTest {
         provider.validate()
     }
 
-    @Test(expected = IllegalArgumentException::class)
+    @Test
     fun `email provider with email link enabled but null action code settings should throw`() {
         val provider = AuthProvider.Email(
             isEmailLinkSignInEnabled = true,
             actionCodeSettings = null,
             passwordValidationRules = listOf()
         )
 
-        provider.validate()
+        try {
+            provider.validate()
+        } catch (e: Exception) {
+            assertThat(e).isInstanceOf(IllegalArgumentException::class.java)
+            assertThat(e.message).isEqualTo(
+                "ActionCodeSettings cannot be null when using " +
+                        "email link sign in."
+            )
+        }
     }
 
-    @Test(expected = IllegalStateException::class)
+    @Test
     fun `email provider with email link enabled but canHandleCodeInApp false should throw`() {
         val actionCodeSettings = actionCodeSettings {
             url = "https://example.com/verify"
@@ -94,7 +103,15 @@ class AuthProviderTest {
             passwordValidationRules = listOf()
         )
 
-        provider.validate()
+        try {
+            provider.validate()
+        } catch (e: Exception) {
+            assertThat(e).isInstanceOf(IllegalStateException::class.java)
+            assertThat(e.message).isEqualTo(
+                "You must set canHandleCodeInApp in your " +
+                        "ActionCodeSettings to true for Email-Link Sign-in."
+            )
+        }
     }
 
     // =============================================================================================
@@ -123,15 +140,20 @@ class AuthProviderTest {
         provider.validate()
     }
 
-    @Test(expected = IllegalStateException::class)
+    @Test
     fun `phone provider with invalid default number should throw`() {
         val provider = AuthProvider.Phone(
             defaultNumber = "invalid_number",
             defaultCountryCode = null,
             allowedCountries = null
         )
 
-        provider.validate()
+        try {
+            provider.validate()
+        } catch (e: Exception) {
+            assertThat(e).isInstanceOf(IllegalStateException::class.java)
+            assertThat(e.message).isEqualTo("Invalid phone number: invalid_number")
+        }
     }
 
     @Test
@@ -145,15 +167,20 @@ class AuthProviderTest {
         provider.validate()
     }
 
-    @Test(expected = IllegalStateException::class)
+    @Test
     fun `phone provider with invalid default country code should throw`() {
         val provider = AuthProvider.Phone(
             defaultNumber = null,
             defaultCountryCode = "invalid",
             allowedCountries = null
         )
 
-        provider.validate()
+        try {
+            provider.validate()
+        } catch (e: Exception) {
+            assertThat(e).isInstanceOf(IllegalStateException::class.java)
+            assertThat(e.message).isEqualTo("Invalid country iso: invalid")
+        }
     }
 
     @Test
@@ -167,15 +194,23 @@ class AuthProviderTest {
         provider.validate()
     }
 
-    @Test(expected = IllegalStateException::class)
+    @Test
     fun `phone provider with invalid country in allowed list should throw`() {
         val provider = AuthProvider.Phone(
             defaultNumber = null,
             defaultCountryCode = null,
             allowedCountries = listOf("US", "invalid_country")
         )
 
-        provider.validate()
+        try {
+            provider.validate()
+        } catch (e: Exception) {
+            assertThat(e).isInstanceOf(IllegalStateException::class.java)
+            assertThat(e.message).isEqualTo(
+                "Invalid input: You must provide a valid country iso (alpha-2) " +
+                        "or code (e-164). e.g. 'us' or '+1'. Invalid code: invalid_country"
+            )
+        }
     }
 
     @Test
@@ -203,6 +238,39 @@ class AuthProviderTest {
         provider.validate(applicationContext)
     }
 
+    @Test
+    fun `google provider with empty serverClientId string throws`() {
+        val provider = AuthProvider.Google(
+            scopes = listOf("email"),
+            serverClientId = ""
+        )
+
+        try {
+            provider.validate(applicationContext)
+        } catch (e: Exception) {
+            assertThat(e).isInstanceOf(IllegalArgumentException::class.java)
+            assertThat(e.message).isEqualTo("Server client ID cannot be blank.")
+        }
+    }
+
+    @Test
+    fun `google provider validates default_web_client_id when serverClientId is null`() {
+        val provider = AuthProvider.Google(
+            scopes = listOf("email"),
+            serverClientId = null
+        )
+
+        try {
+            provider.validate(applicationContext)
+        } catch (e: Exception) {
+            assertThat(e).isInstanceOf(IllegalStateException::class.java)
+            assertThat(e.message).isEqualTo(
+                "Check your google-services plugin " +
+                        "configuration, the default_web_client_id string wasn't populated."
+            )
+        }
+    }
+
     // =============================================================================================
     // Facebook Provider Tests
     // =============================================================================================
@@ -214,15 +282,50 @@ class AuthProviderTest {
         provider.validate(applicationContext)
     }
 
+    @Test
+    fun `facebook provider with empty application id throws`() {
+        val provider = AuthProvider.Facebook(applicationId = "")
+
+        try {
+            provider.validate(applicationContext)
+        } catch (e: Exception) {
+            assertThat(e).isInstanceOf(IllegalArgumentException::class.java)
+            assertThat(e.message).isEqualTo("Facebook application ID cannot be blank")
+        }
+    }
+
+    @Test
+    fun `facebook provider validates facebook_application_id when applicationId is null`() {
+        val provider = AuthProvider.Facebook()
+
+        try {
+            provider.validate(applicationContext)
+        } catch (e: Exception) {
+            assertThat(e).isInstanceOf(IllegalStateException::class.java)
+            assertThat(e.message).isEqualTo(
+                "Facebook provider unconfigured. Make sure to " +
+                        "add a `facebook_application_id` string or provide applicationId parameter."
+            )
+        }
+    }
+
     // =============================================================================================
     // Anonymous Provider Tests
     // =============================================================================================
 
-    @Test(expected = IllegalStateException::class)
+    @Test
     fun `anonymous provider as only provider should throw`() {
         val providers = listOf(AuthProvider.Anonymous)
 
-        AuthProvider.Anonymous.validate(providers)
+        try {
+            AuthProvider.Anonymous.validate(providers)
+        } catch (e: Exception) {
+            assertThat(e).isInstanceOf(IllegalStateException::class.java)
+            assertThat(e.message).isEqualTo(
+                "Sign in as guest cannot be the only sign in method. " +
+                        "In this case, sign the user in anonymously your self; no UI is needed."
+            )
+        }
     }
 
     @Test
@@ -256,7 +359,7 @@ class AuthProviderTest {
         provider.validate()
     }
 
-    @Test(expected = IllegalArgumentException::class)
+    @Test
     fun `generic oauth provider with blank provider id should throw`() {
         val provider = AuthProvider.GenericOAuth(
             providerId = "",
@@ -267,10 +370,15 @@ class AuthProviderTest {
             buttonColor = null
         )
 
-        provider.validate()
+        try {
+            provider.validate()
+        } catch (e: Exception) {
+            assertThat(e).isInstanceOf(IllegalArgumentException::class.java)
+            assertThat(e.message).isEqualTo("Provider ID cannot be null or empty")
+        }
     }
 
-    @Test(expected = IllegalArgumentException::class)
+    @Test
     fun `generic oauth provider with blank button label should throw`() {
         val provider = AuthProvider.GenericOAuth(
             providerId = "custom.provider",
@@ -281,6 +389,11 @@ class AuthProviderTest {
             buttonColor = null
         )
 
-        provider.validate()
+        try {
+            provider.validate()
+        } catch (e: Exception) {
+            assertThat(e).isInstanceOf(IllegalArgumentException::class.java)
+            assertThat(e.message).isEqualTo("Button label cannot be null or empty")
+        }
     }
 }
diff --git a/auth/src/test/java/com/firebase/ui/auth/compose/configuration/AuthUIConfigurationTest.kt b/auth/src/test/java/com/firebase/ui/auth/compose/configuration/AuthUIConfigurationTest.kt
