Cleanup

Author: jamesdaniels

common/api-review/auth.api.md

@@ -258,6 +258,9 @@ export interface AuthSettings {
 // @public
 export function beforeAuthStateChanged(auth: Auth, callback: (user: User | null) => void | Promise<void>, onAbort?: () => void): Unsubscribe;
 
+// @beta
+export const browserCookiePersistence: Persistence;
+
 // @public
 export const browserLocalPersistence: Persistence;
 
@@ -296,9 +299,6 @@ export function connectAuthEmulator(auth: Auth, url: string, options?: {
     disableWarnings: boolean;
 }): void;
 
-// @beta
-export const cookiePersistence: Persistence;
-
 // @public
 export function createUserWithEmailAndPassword(auth: Auth, email: string, password: string): Promise<UserCredential>;
 

docs-devsite/auth.md

@@ -150,10 +150,10 @@ Firebase Authentication
 |  --- | --- |
 |  [ActionCodeOperation](./auth.md#actioncodeoperation) | An enumeration of the possible email action types. |
 |  [AuthErrorCodes](./auth.md#autherrorcodes) | A map of potential <code>Auth</code> error codes, for easier comparison with errors thrown by the SDK. |
+|  [browserCookiePersistence](./auth.md#browsercookiepersistence) | <b><i>(Public Preview)</i></b> An implementation of [Persistence](./auth.persistence.md#persistence_interface) of type 'COOKIE', for use on the client-side in applications leveraging hybrid rendering and middleware. \* |
 |  [browserLocalPersistence](./auth.md#browserlocalpersistence) | An implementation of [Persistence](./auth.persistence.md#persistence_interface) of type <code>LOCAL</code> using <code>localStorage</code> for the underlying storage. |
 |  [browserPopupRedirectResolver](./auth.md#browserpopupredirectresolver) | An implementation of [PopupRedirectResolver](./auth.popupredirectresolver.md#popupredirectresolver_interface) suitable for browser based applications. |
 |  [browserSessionPersistence](./auth.md#browsersessionpersistence) | An implementation of [Persistence](./auth.persistence.md#persistence_interface) of <code>SESSION</code> using <code>sessionStorage</code> for the underlying storage. |
-|  [cookiePersistence](./auth.md#cookiepersistence) | <b><i>(Public Preview)</i></b> An implementation of [Persistence](./auth.persistence.md#persistence_interface) of type 'COOKIE', for use in applications leveraging server-side rendering and middleware. |
 |  [cordovaPopupRedirectResolver](./auth.md#cordovapopupredirectresolver) | An implementation of [PopupRedirectResolver](./auth.popupredirectresolver.md#popupredirectresolver_interface) suitable for Cordova based applications. |
 |  [debugErrorMap](./auth.md#debugerrormap) | A verbose error map with detailed descriptions for most error codes.<!-- -->See discussion at [AuthErrorMap](./auth.autherrormap.md#autherrormap_interface) |
 |  [FactorId](./auth.md#factorid) | An enum of factors that may be used for multifactor authentication. |
@@ -1961,6 +1961,21 @@ AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY: {
 }
 ```
 
+## browserCookiePersistence
+
+> This API is provided as a preview for developers and may change based on feedback that we receive. Do not use this API in a production environment.
+> 
+
+An implementation of [Persistence](./auth.persistence.md#persistence_interface) of type 'COOKIE', for use on the client-side in applications leveraging hybrid rendering and middleware. \*
+
+This persistence method requires companion middleware to function, such as that provided by  for NextJS.
+
+<b>Signature:</b>
+
+```typescript
+browserCookiePersistence: Persistence
+```
+
 ## browserLocalPersistence
 
 An implementation of [Persistence](./auth.persistence.md#persistence_interface) of type `LOCAL` using `localStorage` for the underlying storage.
@@ -1993,19 +2008,6 @@ An implementation of [Persistence](./auth.persistence.md#persistence_interface)
 browserSessionPersistence: Persistence
 ```
 
-## cookiePersistence
-
-> This API is provided as a preview for developers and may change based on feedback that we receive. Do not use this API in a production environment.
-> 
-
-An implementation of [Persistence](./auth.persistence.md#persistence_interface) of type 'COOKIE', for use in applications leveraging server-side rendering and middleware.
-
-<b>Signature:</b>
-
-```typescript
-cookiePersistence: Persistence
-```
-
 ## cordovaPopupRedirectResolver
 
 An implementation of [PopupRedirectResolver](./auth.popupredirectresolver.md#popupredirectresolver_interface) suitable for Cordova based applications.

packages/auth/index.ts

@@ -43,7 +43,7 @@ export * from './src';
 
 // persistence
 import { browserLocalPersistence } from './src/platform_browser/persistence/local_storage';
-import { cookiePersistence } from './src/platform_browser/persistence/cookie_storage';
+import { browserCookiePersistence } from './src/platform_browser/persistence/cookie_storage';
 import { browserSessionPersistence } from './src/platform_browser/persistence/session_storage';
 import { indexedDBLocalPersistence } from './src/platform_browser/persistence/indexed_db';
 
@@ -84,7 +84,7 @@ import { getAuth } from './src/platform_browser';
 
 export {
   browserLocalPersistence,
-  cookiePersistence,
+  browserCookiePersistence,
   browserSessionPersistence,
   indexedDBLocalPersistence,
   PhoneAuthProvider,

packages/auth/src/api/index.ts

@@ -15,7 +15,7 @@
  * limitations under the License.
  */
 
-import { FirebaseError, isCloudflareWorker, querystring } from '@firebase/util';
+import { FirebaseError, getModularInstance, isCloudflareWorker, querystring } from '@firebase/util';
 
 import { AuthErrorCode, NamedErrorParams } from '../core/errors';
 import {
@@ -32,6 +32,7 @@ import { IdTokenResponse, TaggedWithTokenResponse } from '../model/id_token';
 import { IdTokenMfaResponse } from './authentication/mfa';
 import { SERVER_ERROR_MAP, ServerError, ServerErrorMap } from './errors';
 import { PersistenceType } from '../core/persistence';
+import { CookiePersistence } from '../platform_browser/persistence/cookie_storage';
 
 export const enum HttpMethod {
   POST = 'POST',
@@ -280,14 +281,15 @@ export function _getFinalTarget(
     ? _emulatorUrl(auth.config as ConfigInternal, base)
     : `${auth.config.apiScheme}://${base}`;
 
-  // TODO get the exchange URL from the persistence method
-  //      this solves the window test
+  // Cookie auth works by MiTMing the signIn and token endpoints from the developer's backend,
+  // saving the idToken and refreshToken into cookies, and then redacting the refreshToken
+  // from the response
   if (
-    authInternal._getPersistence() === PersistenceType.COOKIE &&
+    authInternal._getPersistenceType() === PersistenceType.COOKIE &&
     CookieAuthProxiedEndpoints.includes(path)
   ) {
-    const params = new URLSearchParams({ finalTarget });
-    return `${window.location.origin}/__cookies__?${params.toString()}`;
+    const cookiePersistence = authInternal._getPersistence() as CookiePersistence;
+    return cookiePersistence._getFinalTarget(finalTarget).toString();
   }
 
   return finalTarget;

packages/auth/src/core/auth/auth_impl.ts

@@ -524,10 +524,14 @@ export class AuthImpl implements AuthInternal, _FirebaseService {
     }
   }
 
-  _getPersistence(): string {
+  _getPersistenceType(): string {
     return this.assertedPersistence.persistence.type;
   }
 
+  _getPersistence(): PersistenceInternal {
+    return this.assertedPersistence.persistence;
+  }
+
   _updateErrorMap(errorMap: AuthErrorMap): void {
     this._errorFactory = new ErrorFactory<AuthErrorCode, AuthErrorParams>(
       'auth',

packages/auth/src/core/auth/initialize.test.ts

@@ -170,7 +170,7 @@ describe('core/auth/initialize', () => {
         sdkClientVersion: expectedSdkClientVersion,
         tokenApiHost: 'securetoken.googleapis.com'
       });
-      expect(auth._getPersistence()).to.eq('NONE');
+      expect(auth._getPersistenceType()).to.eq('NONE');
     });
 
     it('should set persistence', async () => {
@@ -179,7 +179,7 @@ describe('core/auth/initialize', () => {
       }) as AuthInternal;
       await auth._initializationPromise;
 
-      expect(auth._getPersistence()).to.eq('SESSION');
+      expect(auth._getPersistenceType()).to.eq('SESSION');
     });
 
     it('should set persistence with fallback', async () => {
@@ -188,7 +188,7 @@ describe('core/auth/initialize', () => {
       }) as AuthInternal;
       await auth._initializationPromise;
 
-      expect(auth._getPersistence()).to.eq('SESSION');
+      expect(auth._getPersistenceType()).to.eq('SESSION');
     });
 
     it('should set resolver', async () => {

packages/auth/src/model/auth.ts

@@ -33,6 +33,7 @@ import { UserInternal } from './user';
 import { ClientPlatform } from '../core/util/version';
 import { RecaptchaConfig } from '../platform_browser/recaptcha/recaptcha';
 import { PasswordPolicyInternal } from './password_policy';
+import { PersistenceInternal } from '../core/persistence';
 
 export type AppName = string;
 export type ApiKey = string;
@@ -86,7 +87,8 @@ export interface AuthInternal extends Auth {
   _key(): string;
   _startProactiveRefresh(): void;
   _stopProactiveRefresh(): void;
-  _getPersistence(): string;
+  _getPersistenceType(): string;
+  _getPersistence(): PersistenceInternal;
   _getRecaptchaConfig(): RecaptchaConfig | null;
   _getPasswordPolicyInternal(): PasswordPolicyInternal | null;
   _updatePasswordPolicy(): Promise<void>;

packages/auth/src/platform_browser/persistence/cookie_storage.ts

@@ -45,6 +45,14 @@ export class CookiePersistence implements PersistenceInternal {
   readonly type = PersistenceType.COOKIE;
   listenerUnsubscribes: Map<StorageEventListener, () => void> = new Map();
 
+  // TODO define hostname in the constructor
+  _getFinalTarget(originalUrl: string): URL|string {
+    if (typeof window === undefined) {
+      return originalUrl;
+    }
+    return new URL(`${window.location.origin}/__cookies__`);
+  }
+
   async _isAvailable(): Promise<boolean> {
     // TODO isSecureContext
     if (typeof navigator === 'undefined' || typeof document === 'undefined') {
@@ -135,9 +143,12 @@ export class CookiePersistence implements PersistenceInternal {
 }
 
 /**
- * An implementation of {@link Persistence} of type 'COOKIE', for use in applications leveraging
- * server-side rendering and middleware.
- *
+ * An implementation of {@link Persistence} of type 'COOKIE', for use on the client-side in
+ * applications leveraging hybrid rendering and middleware.
+ *  *
+ * @remarks This persistence method requires companion middleware to function, such as that provided
+ * by {@link https://firebaseopensource.com/projects/firebaseextended/reactfire/ ReactFire} for
+ * NextJS.
  * @beta
  */
-export const cookiePersistence: Persistence = CookiePersistence;
+export const browserCookiePersistence: Persistence = CookiePersistence;

packages/auth/src/platform_node/index.ts

@@ -81,7 +81,7 @@ class FailClass {
 
 export const browserLocalPersistence = inMemoryPersistence;
 export const browserSessionPersistence = inMemoryPersistence;
-export const cookiePersistence = inMemoryPersistence;
+export const browserCookiePersistence = inMemoryPersistence;
 export const indexedDBLocalPersistence = inMemoryPersistence;
 export const browserPopupRedirectResolver = NOT_AVAILABLE_ERROR;
 export const PhoneAuthProvider = FailClass;