refactor: ensure authenticate() method is for OAuth only

Author: russellwheatley

FirebaseSwiftUI/FirebaseAuthSwiftUI/Sources/AuthServiceError.swift

@@ -15,28 +15,61 @@
 import FirebaseAuth
 import SwiftUI
 
-/// Context information for reauthentication
-public struct ReauthContext: Equatable {
+/// Context information for OAuth provider reauthentication (Google, Apple, Facebook, Twitter, etc.)
+public struct OAuthReauthContext: Equatable {
   public let providerId: String
   public let providerName: String
-  public let phoneNumber: String?
-  public let email: String?
 
-  public init(providerId: String, providerName: String, phoneNumber: String?, email: String?) {
+  public init(providerId: String, providerName: String) {
     self.providerId = providerId
     self.providerName = providerName
-    self.phoneNumber = phoneNumber
+  }
+
+  public var displayMessage: String {
+    "Please sign in with \(providerName) to continue"
+  }
+}
+
+/// Context information for email/password reauthentication
+public struct EmailReauthContext: Equatable {
+  public let email: String
+
+  public init(email: String) {
     self.email = email
   }
 
   public var displayMessage: String {
-    switch providerId {
-    case EmailAuthProviderID:
-      return "Please enter your password to continue"
-    case PhoneAuthProviderID:
-      return "Please verify your phone number to continue"
-    default:
-      return "Please sign in with \(providerName) to continue"
+    "Please enter your password to continue"
+  }
+}
+
+/// Context information for phone number reauthentication
+public struct PhoneReauthContext: Equatable {
+  public let phoneNumber: String
+
+  public init(phoneNumber: String) {
+    self.phoneNumber = phoneNumber
+  }
+
+  public var displayMessage: String {
+    "Please verify your phone number to continue"
+  }
+}
+
+/// Type-safe wrapper for reauthentication contexts
+public enum ReauthenticationType: Equatable {
+  case oauth(OAuthReauthContext)
+  case email(EmailReauthContext)
+  case phone(PhoneReauthContext)
+
+  public var displayMessage: String {
+    switch self {
+    case let .oauth(context):
+      return context.displayMessage
+    case let .email(context):
+      return context.displayMessage
+    case let .phone(context):
+      return context.displayMessage
     }
   }
 }
@@ -99,15 +132,15 @@ public enum AuthServiceError: LocalizedError {
   case clientIdNotFound(String)
   case notConfiguredActionCodeSettings(String)
 
-  /// Simple reauthentication required (Google, Apple, Facebook, Twitter, etc.)
+  /// OAuth reauthentication required (Google, Apple, Facebook, Twitter, etc.)
   /// Can be passed directly to `reauthenticate(context:)` method
-  case simpleReauthenticationRequired(context: ReauthContext)
+  case oauthReauthenticationRequired(context: OAuthReauthContext)
 
   /// Email reauthentication required - user must handle password prompt externally
-  case emailReauthenticationRequired(context: ReauthContext)
+  case emailReauthenticationRequired(context: EmailReauthContext)
 
   /// Phone reauthentication required - user must handle SMS verification flow externally
-  case phoneReauthenticationRequired(context: ReauthContext)
+  case phoneReauthenticationRequired(context: PhoneReauthContext)
 
   case invalidCredentials(String)
   case signInFailed(underlying: Error)
@@ -128,11 +161,11 @@ public enum AuthServiceError: LocalizedError {
       return description
     case let .notConfiguredActionCodeSettings(description):
       return description
-    case let .simpleReauthenticationRequired(context):
+    case let .oauthReauthenticationRequired(context):
       return "Please sign in again with \(context.providerName) to continue"
-    case let .emailReauthenticationRequired(context):
+    case .emailReauthenticationRequired:
       return "Please enter your password to continue"
-    case let .phoneReauthenticationRequired(context):
+    case .phoneReauthenticationRequired:
       return "Please verify your phone number to continue"
     case let .invalidCredentials(description):
       return description
@@ -155,3 +188,4 @@ public enum AuthServiceError: LocalizedError {
     }
   }
 }
+

FirebaseSwiftUI/FirebaseAuthSwiftUI/Sources/Services/AuthService.swift

@@ -719,12 +719,12 @@ public extension AuthService {
     }
   }
 
-  /// Reauthenticates with a simple provider (Google, Apple, Facebook, Twitter, etc.)
-  /// - Parameter context: The reauth context from `simpleReauthenticationRequired` error
+  /// Reauthenticates with an OAuth provider (Google, Apple, Facebook, Twitter, etc.)
+  /// - Parameter context: The reauth context from `oauthReauthenticationRequired` error
   /// - Throws: Error if reauthentication fails or provider is not found
   /// - Note: This only works for providers that can automatically obtain credentials.
   ///         For email/phone, handle the flow externally and use `reauthenticate(with:)`
-  func reauthenticate(context: ReauthContext) async throws {
+  func reauthenticate(context: OAuthReauthContext) async throws {
     guard let user = currentUser else {
       throw AuthServiceError.noCurrentUser
     }
@@ -779,20 +779,22 @@ public extension AuthService {
       providerDisplayName = getProviderDisplayName(providerId)
     }
 
-    let context = ReauthContext(
-      providerId: providerId,
-      providerName: providerDisplayName,
-      phoneNumber: currentUser?.phoneNumber,
-      email: currentUser?.email
-    )
-
     switch providerId {
     case EmailAuthProviderID:
+      guard let email = currentUser?.email else {
+        throw AuthServiceError.noCurrentUser
+      }
+      let context = EmailReauthContext(email: email)
       throw AuthServiceError.emailReauthenticationRequired(context: context)
     case PhoneAuthProviderID:
+      guard let phoneNumber = currentUser?.phoneNumber else {
+        throw AuthServiceError.noCurrentUser
+      }
+      let context = PhoneReauthContext(phoneNumber: phoneNumber)
       throw AuthServiceError.phoneReauthenticationRequired(context: context)
     default:
-      throw AuthServiceError.simpleReauthenticationRequired(context: context)
+      let context = OAuthReauthContext(providerId: providerId, providerName: providerDisplayName)
+      throw AuthServiceError.oauthReauthenticationRequired(context: context)
     }
   }
 

FirebaseSwiftUI/FirebaseAuthSwiftUI/Sources/Services/ReauthenticationCoordinator.swift

@@ -20,7 +20,7 @@ import Observation
 @Observable
 public final class ReauthenticationCoordinator {
   public var isReauthenticating = false
-  public var reauthContext: ReauthContext?
+  public var reauthContext: ReauthenticationType?
   public var showingPhoneReauth = false
   public var showingPhoneReauthAlert = false
   public var showingEmailPasswordPrompt = false
@@ -30,19 +30,19 @@ public final class ReauthenticationCoordinator {
   public init() {}
 
   /// Request reauthentication from the user
-  public func requestReauth(context: ReauthContext) async throws {
+  public func requestReauth(context: ReauthenticationType) async throws {
     return try await withCheckedThrowingContinuation { continuation in
       self.continuation = continuation
       self.reauthContext = context
 
-      // Route to appropriate flow based on provider
-      switch context.providerId {
-      case PhoneAuthProviderID:
+      // Route to appropriate flow based on context type
+      switch context {
+      case .phone:
         self.showingPhoneReauthAlert = true
-      case EmailAuthProviderID:
+      case .email:
         self.showingEmailPasswordPrompt = true
-      default:
-        // For simple providers (Google, Apple, etc.)
+      case .oauth:
+        // For OAuth providers (Google, Apple, etc.)
         self.isReauthenticating = true
       }
     }

FirebaseSwiftUI/FirebaseAuthSwiftUI/Sources/Services/ReauthenticationHelpers.swift

@@ -29,25 +29,21 @@ public func withReauthenticationIfNeeded(authService _: AuthService,
   do {
     try await operation()
   } catch let error as AuthServiceError {
-    // Check if this is a reauthentication error
-    let context: ReauthContext?
+    // Check if this is a reauthentication error and extract the context
+    let reauthContext: ReauthenticationType
 
     switch error {
     case let .emailReauthenticationRequired(ctx):
-      context = ctx
+      reauthContext = .email(ctx)
     case let .phoneReauthenticationRequired(ctx):
-      context = ctx
-    case let .simpleReauthenticationRequired(ctx):
-      context = ctx
+      reauthContext = .phone(ctx)
+    case let .oauthReauthenticationRequired(ctx):
+      reauthContext = .oauth(ctx)
     default:
       // Not a reauth error, rethrow
       throw error
     }
 
-    guard let reauthContext = context else {
-      throw error
-    }
-
     // Request reauthentication through coordinator (shows UI)
     try await coordinator.requestReauth(context: reauthContext)
 

FirebaseSwiftUI/FirebaseAuthSwiftUI/Sources/Views/ReauthenticationModifier.swift

@@ -22,7 +22,7 @@ struct ReauthenticationModifier: ViewModifier {
 
   func body(content: Content) -> some View {
     content
-      // Alert for simple providers only (Google, Apple, etc.)
+      // Alert for OAuth providers only (Google, Apple, etc.)
       .alert(
         "Authentication Required",
         isPresented: $coordinator.isReauthenticating
@@ -50,24 +50,24 @@ struct ReauthenticationModifier: ViewModifier {
           coordinator.reauthCancelled()
         }
       } message: {
-        if let phoneNumber = coordinator.reauthContext?.phoneNumber {
-          Text("For security, we need to verify your phone number: \(phoneNumber)")
+        if case let .phone(context) = coordinator.reauthContext {
+          Text("For security, we need to verify your phone number: \(context.phoneNumber)")
         }
       }
       // Sheet for phone reauthentication
       .sheet(isPresented: $coordinator.showingPhoneReauth) {
-        if let phoneNumber = coordinator.reauthContext?.phoneNumber {
+        if case let .phone(context) = coordinator.reauthContext {
           PhoneReauthView(
-            phoneNumber: phoneNumber,
+            phoneNumber: context.phoneNumber,
             coordinator: coordinator
           )
         }
       }
       // Sheet for email reauthentication
       .sheet(isPresented: $coordinator.showingEmailPasswordPrompt) {
-        if let email = coordinator.reauthContext?.email {
+        if case let .email(context) = coordinator.reauthContext {
           EmailReauthView(
-            email: email,
+            email: context.email,
             coordinator: coordinator
           )
         }
@@ -77,9 +77,9 @@ struct ReauthenticationModifier: ViewModifier {
   private func performReauth() {
     Task {
       do {
-        guard let context = coordinator.reauthContext else { return }
+        guard case let .oauth(context) = coordinator.reauthContext else { return }
 
-        // For simple providers (Google, Apple, etc.), call reauthenticate with context
+        // For OAuth providers (Google, Apple, etc.), call reauthenticate with context
         try await authService.reauthenticate(context: context)
         coordinator.reauthCompleted()
       } catch {