Merge branch 'remove-authentication-token' of https://github.com/firebase/FirebaseUI-iOS into ui-upgrades

Author: demolaf

.github/workflows/swiftui-auth.yml

@@ -26,7 +26,7 @@ jobs:
   unit-tests:
     name: Package Unit Tests
     runs-on: macos-15
-    timeout-minutes: 20
+    timeout-minutes: 15
     steps:
       - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
 
@@ -129,7 +129,7 @@ jobs:
   ui-tests:
     name: UI Tests
     runs-on: macos-15
-    timeout-minutes: 30
+    timeout-minutes: 40
     steps:
       - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
 
@@ -179,16 +179,16 @@ jobs:
             -enableCodeCoverage YES \
             -resultBundlePath FirebaseSwiftUIExampleUITests.xcresult | tee FirebaseSwiftUIExampleUITests.log | xcpretty --test --color --simple
             
-      - name: Upload test logs
+      - name: Upload Firebase Emulator logs
         if: failure()
         uses: actions/upload-artifact@v4
         with:
-          name: ui-tests-logs
-          path: samples/swiftui/FirebaseSwiftUIExample/FirebaseSwiftUIExampleUITests.log
+          name: firebase-emulator-logs
+          path: samples/swiftui/FirebaseSwiftUIExample/FirebaseSwiftUIExample/firebase-debug.log
 
       - name: Upload test results
         if: failure()
         uses: actions/upload-artifact@v4
         with:
-          name: ui-tests-results
+          name: FirebaseSwiftUIExampleUITests.xcresult
           path: samples/swiftui/FirebaseSwiftUIExample/FirebaseSwiftUIExampleUITests.xcresult

FirebaseSwiftUI/FirebaseAppleSwiftUI/Sources/Services/AccountService+Apple.swift

@@ -0,0 +1,44 @@
+//
+//  AccountService+Apple.swift
+//  FirebaseUI
+//
+//  Created by Russell Wheatley on 21/10/2025.
+//
+
+@preconcurrency import FirebaseAuth
+import FirebaseAuthSwiftUI
+import Observation
+
+protocol AppleOperationReauthentication {
+  var appleProvider: AppleProviderSwift { get }
+}
+
+extension AppleOperationReauthentication {
+  @MainActor func reauthenticate() async throws {
+    guard let user = Auth.auth().currentUser else {
+      throw AuthServiceError.reauthenticationRequired("No user currently signed-in")
+    }
+
+    do {
+      let credential = try await appleProvider.createAuthCredential()
+      try await user.reauthenticate(with: credential)
+    } catch {
+      throw AuthServiceError.signInFailed(underlying: error)
+    }
+  }
+}
+
+@MainActor
+class AppleDeleteUserOperation: AuthenticatedOperation,
+  @preconcurrency AppleOperationReauthentication {
+  let appleProvider: AppleProviderSwift
+  init(appleProvider: AppleProviderSwift) {
+    self.appleProvider = appleProvider
+  }
+
+  func callAsFunction(on user: User) async throws {
+    try await callAsFunction(on: user) {
+      try await user.delete()
+    }
+  }
+}

FirebaseSwiftUI/FirebaseAppleSwiftUI/Sources/Services/AppleProviderAuthUI.swift

@@ -0,0 +1,159 @@
+// Copyright 2025 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import AuthenticationServices
+import CryptoKit
+import FirebaseAuth
+import FirebaseAuthSwiftUI
+import FirebaseCore
+import SwiftUI
+
+// MARK: - Data Extensions
+
+extension Data {
+  var utf8String: String? {
+    return String(data: self, encoding: .utf8)
+  }
+}
+
+extension ASAuthorizationAppleIDCredential {
+  var authorizationCodeString: String? {
+    return authorizationCode?.utf8String
+  }
+
+  var idTokenString: String? {
+    return identityToken?.utf8String
+  }
+}
+
+// MARK: - Authenticate With Apple Dialog
+
+private func authenticateWithApple(scopes: [ASAuthorization.Scope]) async throws -> (
+  ASAuthorizationAppleIDCredential,
+  String
+) {
+  return try await AuthenticateWithAppleDialog(scopes: scopes).authenticate()
+}
+
+private class AuthenticateWithAppleDialog: NSObject {
+  private var continuation: CheckedContinuation<(ASAuthorizationAppleIDCredential, String), Error>?
+  private var currentNonce: String?
+  private let scopes: [ASAuthorization.Scope]
+
+  init(scopes: [ASAuthorization.Scope]) {
+    self.scopes = scopes
+    super.init()
+  }
+
+  func authenticate() async throws -> (ASAuthorizationAppleIDCredential, String) {
+    return try await withCheckedThrowingContinuation { continuation in
+      self.continuation = continuation
+
+      let appleIDProvider = ASAuthorizationAppleIDProvider()
+      let request = appleIDProvider.createRequest()
+      request.requestedScopes = scopes
+
+      do {
+        let nonce = try CryptoUtils.randomNonceString()
+        currentNonce = nonce
+        request.nonce = CryptoUtils.sha256(nonce)
+      } catch {
+        continuation.resume(throwing: AuthServiceError.signInFailed(underlying: error))
+        return
+      }
+
+      let authorizationController = ASAuthorizationController(authorizationRequests: [request])
+      authorizationController.delegate = self
+      authorizationController.performRequests()
+    }
+  }
+}
+
+extension AuthenticateWithAppleDialog: ASAuthorizationControllerDelegate {
+  func authorizationController(controller _: ASAuthorizationController,
+                               didCompleteWithAuthorization authorization: ASAuthorization) {
+    if let appleIDCredential = authorization.credential as? ASAuthorizationAppleIDCredential {
+      if let nonce = currentNonce {
+        continuation?.resume(returning: (appleIDCredential, nonce))
+      } else {
+        continuation?.resume(
+          throwing: AuthServiceError.signInFailed(
+            underlying: NSError(
+              domain: "AppleSignIn",
+              code: -1,
+              userInfo: [NSLocalizedDescriptionKey: "Missing nonce"]
+            )
+          )
+        )
+      }
+    } else {
+      continuation?.resume(
+        throwing: AuthServiceError.invalidCredentials("Missing Apple ID credential")
+      )
+    }
+    continuation = nil
+  }
+
+  func authorizationController(controller _: ASAuthorizationController,
+                               didCompleteWithError error: Error) {
+    continuation?.resume(throwing: AuthServiceError.signInFailed(underlying: error))
+    continuation = nil
+  }
+}
+
+// MARK: - Apple Provider Swift
+
+public class AppleProviderSwift: AuthProviderSwift, DeleteUserSwift {
+  public let scopes: [ASAuthorization.Scope]
+  let providerId = "apple.com"
+
+  public init(scopes: [ASAuthorization.Scope] = [.fullName, .email]) {
+    self.scopes = scopes
+  }
+
+  @MainActor public func createAuthCredential() async throws -> AuthCredential {
+    let (appleIDCredential, nonce) = try await authenticateWithApple(scopes: scopes)
+
+    guard let idTokenString = appleIDCredential.idTokenString else {
+      throw AuthServiceError.invalidCredentials("Unable to fetch identity token from Apple")
+    }
+
+    let credential = OAuthProvider.appleCredential(
+      withIDToken: idTokenString,
+      rawNonce: nonce,
+      fullName: appleIDCredential.fullName
+    )
+
+    return credential
+  }
+
+  public func deleteUser(user: User) async throws {
+    let operation = AppleDeleteUserOperation(appleProvider: self)
+    try await operation(on: user)
+  }
+}
+
+public class AppleProviderAuthUI: AuthProviderUI {
+  public var provider: AuthProviderSwift
+
+  public init(provider: AuthProviderSwift) {
+    self.provider = provider
+  }
+
+  public let id: String = "apple.com"
+
+  @MainActor public func authButton() -> AnyView {
+    AnyView(SignInWithAppleButton(provider: provider))
+  }
+}

FirebaseSwiftUI/FirebaseAppleSwiftUI/Sources/Services/AuthService+Apple.swift

@@ -0,0 +1,31 @@
+// Copyright 2025 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//
+//  AuthService+Apple.swift
+//  FirebaseUI
+//
+//  Created by Russell Wheatley on 21/10/2025.
+//
+
+import FirebaseAuthSwiftUI
+
+public extension AuthService {
+  @discardableResult
+  func withAppleSignIn(_ provider: AppleProviderSwift? = nil) -> AuthService {
+    registerProvider(providerWithButton: AppleProviderAuthUI(provider: provider ??
+        AppleProviderSwift()))
+    return self
+  }
+}

FirebaseSwiftUI/FirebaseAppleSwiftUI/Sources/Services/CryptoUtils.swift

@@ -0,0 +1,52 @@
+// Copyright 2025 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import CryptoKit
+import Foundation
+
+/// Set of utility APIs for generating cryptographical artifacts.
+enum CryptoUtils {
+  enum NonceGenerationError: Error {
+    case generationFailure(status: OSStatus)
+  }
+
+  static func randomNonceString(length: Int = 32) throws -> String {
+    precondition(length > 0)
+    var randomBytes = [UInt8](repeating: 0, count: length)
+    let errorCode = SecRandomCopyBytes(kSecRandomDefault, randomBytes.count, &randomBytes)
+    if errorCode != errSecSuccess {
+      throw NonceGenerationError.generationFailure(status: errorCode)
+    }
+
+    let charset: [Character] =
+      Array("0123456789ABCDEFGHIJKLMNOPQRSTUVXYZabcdefghijklmnopqrstuvwxyz-._")
+
+    let nonce = randomBytes.map { byte in
+      // Pick a random character from the set, wrapping around if needed.
+      charset[Int(byte) % charset.count]
+    }
+
+    return String(nonce)
+  }
+
+  static func sha256(_ input: String) -> String {
+    let inputData = Data(input.utf8)
+    let hashedData = SHA256.hash(data: inputData)
+    let hashString = hashedData.compactMap {
+      String(format: "%02x", $0)
+    }.joined()
+
+    return hashString
+  }
+}

FirebaseSwiftUI/FirebaseAppleSwiftUI/Sources/Views/SignInWithAppleButton.swift

@@ -0,0 +1,53 @@
+// Copyright 2025 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import FirebaseAuthSwiftUI
+import SwiftUI
+
+/// A button for signing in with Apple
+@MainActor
+public struct SignInWithAppleButton {
+  @Environment(AuthService.self) private var authService
+  let provider: AuthProviderSwift
+  public init(provider: AuthProviderSwift) {
+    self.provider = provider
+  }
+}
+
+extension SignInWithAppleButton: View {
+  public var body: some View {
+    Button(action: {
+      Task {
+        try? await authService.signIn(provider)
+      }
+    }) {
+      HStack {
+        Image(systemName: "apple.logo")
+          .resizable()
+          .renderingMode(.template)
+          .scaledToFit()
+          .frame(width: 24, height: 24)
+          .foregroundColor(.white)
+        Text("Sign in with Apple")
+          .fontWeight(.semibold)
+          .foregroundColor(.white)
+      }
+      .frame(maxWidth: .infinity, alignment: .leading)
+      .padding()
+      .background(Color.black)
+      .cornerRadius(8)
+    }
+    .accessibilityIdentifier("sign-in-with-apple-button")
+  }
+}