FederatedAuthProvider signature changes to Firebase User and Auth for C++ non-mobile implementations. The implementation uses a handler/completion model where authenticated users may be simulated for testing purposes. Tests for Auth::SignInWithProvider. Tests for User::LinkWithProvider and User::ReauthenticateWithProvider will come in a subsequent CL.

PiperOrigin-RevId: 259936033

Author: Googler

auth/src/data.h

@@ -37,6 +37,9 @@ enum AuthApiFunction {
   kAuthFn_SignInAndRetrieveDataWithCredential,
   kAuthFn_SignInAnonymously,
   kAuthFn_SignInWithEmailAndPassword,
+  kAuthFn_SignInWithProvider,
+  kAuthFn_LinkWithProvider,
+  kAuthFn_ReauthenticateWithProvider,
   kAuthFn_CreateUserWithEmailAndPassword,
   kAuthFn_SendPasswordResetEmail,
 

auth/src/desktop/auth_desktop.cc

@@ -283,6 +283,12 @@ Future<User*> Auth::SignInWithCredential(const Credential& credential) {
                                 credential.impl_);
 }
 
+Future<SignInResult> Auth::SignInWithProvider(
+      FederatedAuthProvider* provider) {
+  FIREBASE_ASSERT_RETURN(Future<SignInResult>(), provider);
+  return provider->SignIn(auth_data_);
+}
+
 Future<User*> Auth::SignInAnonymously() {
   Promise<User*> promise(&auth_data_->future_impl, kAuthFn_SignInAnonymously);
 

auth/src/desktop/auth_desktop.h

@@ -99,6 +99,27 @@ class IdTokenRefreshThread {
   Auth* auth;
 };
 
+// Facilitates completion of Federated Auth operations on non-mobile
+// environments. Custom application logic fulfills the authentication request
+// and uses this completion handle in callbacks. Our callbacks observe
+// contextual information in these handles to access to trigger the
+// corresponding Future<SignInResult>.
+struct AuthCompletionHandle {
+ public:
+  AuthCompletionHandle(const SafeFutureHandle<SignInResult>& handle,
+                       AuthData* auth_data)
+      : future_handle(handle), auth_data(auth_data) {}
+
+  AuthCompletionHandle() = delete;
+
+  virtual ~AuthCompletionHandle() {
+    auth_data = nullptr;
+  }
+
+  SafeFutureHandle<SignInResult> future_handle;
+  AuthData* auth_data;
+};
+
 // The desktop-specific Auth implementation.
 struct AuthImpl {
   AuthImpl() : async_sem(0), active_async_calls(0) {}
@@ -121,6 +142,9 @@ struct AuthImpl {
 
   // Serializes all REST call from this object.
   scheduler::Scheduler scheduler_;
+
+  // Synchronization primative for tracking sate of FederatedAuth futures.
+  Mutex provider_mutex;
 };
 
 // Constant, describing how often we automatically fetch a new auth token.

auth/src/desktop/auth_providers/facebook_auth_provider.cc

@@ -29,5 +29,10 @@ Credential FacebookAuthProvider::GetCredential(const char* const access_token) {
       new CredentialImpl{new FacebookAuthCredential(access_token)}};
 }
 
+// static
+const char* FacebookAuthProvider::GetProviderId()  {
+  return "facebook.com";
+}
+
 }  // namespace auth
 }  // namespace firebase

auth/src/desktop/auth_providers/federated_auth_provider.cc

@@ -0,0 +1,199 @@
+// Copyright 2019 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "app/src/include/firebase/future.h"
+#include "auth/src/desktop/auth_desktop.h"
+#include "auth/src/desktop/sign_in_flow.h"
+
+#include "app/src/mutex.h"
+#include "auth/src/include/firebase/auth.h"
+#include "auth/src/include/firebase/auth/types.h"
+
+namespace firebase {
+namespace auth {
+
+#ifdef INTERNAL_EXPERIMENTAL
+
+FederatedOAuthProvider::FederatedOAuthProvider() { }
+
+FederatedOAuthProvider::~FederatedOAuthProvider() {
+  handler_ = nullptr;
+}
+
+void FederatedOAuthProvider::SetAuthHandler(AuthHandler* handler) {
+  handler_ = handler;
+}
+
+void FederatedOAuthProvider::SetProviderData(
+    const FederatedOAuthProviderData& provider_data) {
+  provider_data_ = provider_data;
+}
+
+// Helper function which returns a Future for the corresponding auth
+// api function. Or, if that operation is already in progress,
+// returns a Future in an error state instead, thereby blocking duplicate
+// operations on the same auth instance.
+Future<SignInResult> CreateAuthFuture(AuthData* auth_data,
+                                      AuthApiFunction api_function) {
+  FIREBASE_ASSERT_RETURN(Future<SignInResult>(), auth_data);
+  auto auth_impl = static_cast<AuthImpl*>(auth_data->auth_impl);
+  MutexLock lock(auth_impl->provider_mutex);
+  auto future_base =
+      auth_data->future_impl.LastResult(api_function);
+  if (future_base.status() == kFutureStatusPending) {
+    // There's an operation in progress. Create and return a new failed
+    // future.
+    SafeFutureHandle<SignInResult> handle =
+        auth_data->future_impl.SafeAlloc<SignInResult>(api_function);
+    auth_data->future_impl.CompleteWithResult(
+        handle, kAuthErrorFederatedProviderAreadyInUse,
+        "Provider operation already in progress.",
+        /*SignInResult=*/{});
+    return MakeFuture(&auth_data->future_impl, handle);
+  } else if (future_base.status() == kFutureStatusInvalid) {
+    // initialize the future.
+    SafeFutureHandle<SignInResult> handle =
+        auth_data->future_impl.SafeAlloc<SignInResult>(api_function);
+    Future<SignInResult> result = MakeFuture(&auth_data->future_impl,
+                    SafeFutureHandle<SignInResult>(handle));
+    auto future_base =
+      auth_data->future_impl.LastResult(api_function);
+    return result;
+  } else {
+    // Construct future.
+    return MakeFuture(&auth_data->future_impl,
+                      SafeFutureHandle<SignInResult>(future_base.GetHandle()));
+  }
+}
+
+Future<SignInResult> FederatedOAuthProvider::SignIn(AuthData* auth_data) {
+  FIREBASE_ASSERT_RETURN(Future<SignInResult>(), handler_);
+  assert(auth_data);
+  Future<SignInResult> future =
+      CreateAuthFuture(auth_data, kAuthFn_SignInWithProvider);
+  if (future.status() == kFutureStatusPending) {
+    AuthCompletionHandle* auth_completion_handle = new AuthCompletionHandle(
+        SafeFutureHandle<SignInResult>(future.GetHandle()), auth_data);
+    handler_->OnSignIn(provider_data_, auth_completion_handle);
+  }
+  return future;
+}
+
+Future<SignInResult> FederatedOAuthProvider::Link(AuthData* auth_data) {
+  assert(auth_data);
+  FIREBASE_ASSERT_RETURN(Future<SignInResult>(), handler_);
+  Future<SignInResult> future =
+      CreateAuthFuture(auth_data, kAuthFn_LinkWithProvider);
+  if (future.status() != kFutureStatusPending) {
+    AuthCompletionHandle* auth_completion_handle = new AuthCompletionHandle(
+        SafeFutureHandle<SignInResult>(future.GetHandle()), auth_data);
+    handler_->OnLink(provider_data_, auth_completion_handle);
+  }
+  return future;
+}
+
+Future<SignInResult> FederatedOAuthProvider::Reauthenticate(
+    AuthData* auth_data) {
+  assert(auth_data);
+  FIREBASE_ASSERT_RETURN(Future<SignInResult>(), handler_);
+  Future<SignInResult> future =
+      CreateAuthFuture(auth_data, kAuthFn_ReauthenticateWithProvider);
+  if (future.status() != kFutureStatusPending) {
+    AuthCompletionHandle* auth_completion_handle = new AuthCompletionHandle(
+        SafeFutureHandle<SignInResult>(future.GetHandle()), auth_data);
+    handler_->OnReauthenticate(provider_data_, auth_completion_handle);
+  }
+  return future;
+}
+
+// Helper function to identify any missing required data from an
+// AuthetnicatedUserData struct.
+const char* CheckForRequiredAuthenicatedUserData(
+    const FederatedAuthProvider::AuthenticatedUserData& user_data) {
+  const char* error_message = nullptr;
+  if (user_data.uid == nullptr) {
+    error_message = "null uid";
+  } else if (user_data.provider_id == nullptr) {
+    error_message = "null provider_id";
+  } else if (user_data.access_token == nullptr) {
+    error_message = "null access_token";
+  } else if (user_data.refresh_token == nullptr) {
+    error_message = "null refresh_token";
+  }
+  return error_message;
+}
+
+// Helper function which uses the AuthCompletionHandle to plumb an
+// asynchronous custom-application result into a Future<SignInResult>.
+// Note: error_message is an optional parameter.
+void CompleteAuthHandle(
+    AuthCompletionHandle* completion_handle,
+    const FederatedAuthProvider::AuthenticatedUserData& user_data,
+    AuthError auth_error, const char* error_message) {
+  assert(completion_handle);
+  assert(completion_handle->auth_data);
+  SignInResult sign_in_result;
+  if (auth_error == kAuthErrorNone) {
+    error_message = CheckForRequiredAuthenicatedUserData(user_data);
+    if (error_message != nullptr) {
+      auth_error = kAuthErrorInvalidAuthenticatedUserData;
+    } else {
+      AuthenticationResult auth_result = CompleteAuthenticedUserSignInFlow(
+          completion_handle->auth_data, user_data);
+      if (auth_result.IsValid()) {
+        sign_in_result =
+            auth_result.SetAsCurrentUser(completion_handle->auth_data);
+      } else {
+        auth_error = kAuthErrorInvalidAuthenticatedUserData;
+        error_message = "Internal parse error";
+      }
+    }
+  }
+  completion_handle->auth_data->future_impl.CompleteWithResult(
+      completion_handle->future_handle, auth_error,
+      (error_message) ? error_message : "", sign_in_result);
+  delete completion_handle;
+}
+
+// Completion handlers for Federated OAuth sign-in.
+template <>
+void FederatedAuthProvider::Handler<FederatedOAuthProviderData>::SignInComplete(
+    AuthCompletionHandle* completion_handle,
+    const AuthenticatedUserData& user_data, AuthError auth_error,
+    const char* error_message) {
+  FIREBASE_ASSERT_RETURN_VOID(completion_handle);
+  CompleteAuthHandle(completion_handle, user_data, auth_error, error_message);
+}
+
+template <>
+void FederatedAuthProvider::Handler<FederatedOAuthProviderData>::LinkComplete(
+    AuthCompletionHandle* completion_handle,
+    const AuthenticatedUserData& user_data, AuthError auth_error,
+    const char* error_message) {
+  FIREBASE_ASSERT_RETURN_VOID(completion_handle);
+  CompleteAuthHandle(completion_handle, user_data, auth_error, error_message);
+}
+
+template <>
+void FederatedAuthProvider::Handler<FederatedOAuthProviderData>::
+    ReauthenticateComplete(AuthCompletionHandle* completion_handle,
+                           const AuthenticatedUserData& user_data,
+                           AuthError auth_error, const char* error_message) {
+  FIREBASE_ASSERT_RETURN_VOID(completion_handle);
+  CompleteAuthHandle(completion_handle, user_data, auth_error, error_message);
+}
+#endif  // INTERNAL_EXPERIMENTAL
+
+}  // namespace auth
+}  // namespace firebase

auth/src/desktop/auth_providers/github_auth_provider.cc

@@ -28,5 +28,10 @@ Credential GitHubAuthProvider::GetCredential(const char* const token) {
   return Credential{new CredentialImpl{new GitHubAuthCredential(token)}};
 }
 
+// static
+const char* GitHubAuthProvider::GetProviderId() {
+  return "github.com";
+}
+
 }  // namespace auth
 }  // namespace firebase

auth/src/desktop/auth_providers/google_auth_provider.cc

@@ -37,5 +37,10 @@ Credential GoogleAuthProvider::GetCredential(const char* const id_token,
   }
 }
 
+// static
+const char* GoogleAuthProvider::GetProviderId() {
+  return "google.com";
+}
+
 }  // namespace auth
 }  // namespace firebase

auth/src/desktop/auth_providers/playgames_auth_provider.cc

@@ -30,5 +30,10 @@ Credential PlayGamesAuthProvider::GetCredential(
       new CredentialImpl{new PlayGamesAuthCredential(server_auth_code)}};
 }
 
+// static
+const char* PlayGamesAuthProvider::GetProviderId() {
+  return "playgames.google.com";
+}
+
 }  // namespace auth
 }  // namespace firebase

auth/src/desktop/auth_providers/twitter_auth_provider.cc

@@ -30,5 +30,10 @@ Credential TwitterAuthProvider::GetCredential(const char* const token,
       new CredentialImpl{new TwitterAuthCredential(token, secret)}};
 }
 
+// static
+const char* TwitterAuthProvider::GetProviderId() {
+  return "twitter.com";
+}
+
 }  // namespace auth
 }  // namespace firebase

auth/src/desktop/authentication_result.h

@@ -15,7 +15,9 @@
 #ifndef FIREBASE_AUTH_CLIENT_CPP_SRC_DESKTOP_AUTHENTICATION_RESULT_H_
 #define FIREBASE_AUTH_CLIENT_CPP_SRC_DESKTOP_AUTHENTICATION_RESULT_H_
 
+#include <cstddef>
 #include <string>
+
 #include "app/rest/util.h"
 #include "app/src/log.h"
 #include "auth/src/common.h"
@@ -24,6 +26,7 @@
 #include "auth/src/desktop/get_additional_user_info.h"
 #include "auth/src/desktop/rpcs/sign_up_new_user_response.h"
 #include "auth/src/desktop/user_desktop.h"
+#include "auth/src/include/firebase/auth.h"
 
 namespace firebase {
 namespace auth {
@@ -46,6 +49,10 @@ class AuthenticationResult {
   template <typename ResponseT>
   static AuthenticationResult FromResponse(const ResponseT& response);
 
+  // Creates a sign-in result corresponding to the provided user data.
+  static AuthenticationResult FromAuthenticatedUserData(
+      const FederatedAuthProvider::AuthenticatedUserData& user_data);
+
   // Signs out the currently signed-in user; no-op if no user has been signed
   // in. Updates to AuthData are done in a thread-safe manner.
   // Listeners will be notified if a user has been previously signed in.
@@ -147,6 +154,24 @@ inline AuthenticationResult AuthenticationResult::FromResponse(
   return result;
 }
 
+inline AuthenticationResult AuthenticationResult::FromAuthenticatedUserData(
+    const FederatedAuthProvider::AuthenticatedUserData& user_data) {
+  AuthenticationResult result;
+
+  result.user_impl_.is_anonymous = false;
+  result.user_impl_.uid = user_data.uid;
+  result.user_impl_.id_token = user_data.access_token;
+  result.user_impl_.refresh_token = user_data.refresh_token;
+  result.user_impl_.provider_id = user_data.provider_id;
+  result.user_impl_.access_token = user_data.access_token;
+  result.user_impl_.access_token_expiration_date =
+      std::time(nullptr) + user_data.token_expires_in_seconds;
+
+  result.info_ = GetAdditionalUserInfo(user_data);
+
+  return result;
+}
+
 }  // namespace auth
 }  // namespace firebase
 #endif  // FIREBASE_AUTH_CLIENT_CPP_SRC_DESKTOP_AUTHENTICATION_RESULT_H_