Release3.5.2 (#544)

- Improved the error message when outdated email link is used for email link sign in and forceSameDevice is enabled.
- Fixed the issue that wrong language code is used for Portuguese (Brazilian).

Author: wti806

LANGUAGES.md

@@ -30,7 +30,7 @@
 | lt | Lithuanian |
 | no | Norwegian (Bokmal) |
 | pl | Polish |
-| pt | Portuguese |
+| pt_br | Portuguese (Brazil) |
 | pt_pt | Portuguese (Portugal) |
 | ro | Romanian |
 | ru | Russian |

README.md

@@ -68,17 +68,17 @@ Localized versions of the widget are available through the CDN. To use a localiz
 localized JS library instead of the default library:
 
 ```html
-<script src="https://www.gstatic.com/firebasejs/ui/3.5.1/firebase-ui-auth__{LANGUAGE_CODE}.js"></script>
-<link type="text/css" rel="stylesheet" href="https://www.gstatic.com/firebasejs/ui/3.5.1/firebase-ui-auth.css" />
+<script src="https://www.gstatic.com/firebasejs/ui/3.5.2/firebase-ui-auth__{LANGUAGE_CODE}.js"></script>
+<link type="text/css" rel="stylesheet" href="https://www.gstatic.com/firebasejs/ui/3.5.2/firebase-ui-auth.css" />
 ```
 
 where `{LANGUAGE_CODE}` is replaced by the code of the language you want. For example, the French
 version of the library is available at
-`https://www.gstatic.com/firebasejs/ui/3.5.1/firebase-ui-auth__fr.js`. The list of available
+`https://www.gstatic.com/firebasejs/ui/3.5.2/firebase-ui-auth__fr.js`. The list of available
 languages and their respective language codes can be found at [LANGUAGES.md](LANGUAGES.md).
 
 Right-to-left languages also require the right-to-left version of the stylesheet, available at
-`https://www.gstatic.com/firebasejs/ui/3.5.1/firebase-ui-auth-rtl.css`, instead of the default
+`https://www.gstatic.com/firebasejs/ui/3.5.2/firebase-ui-auth-rtl.css`, instead of the default
 stylesheet. The supported right-to-left languages are Arabic (ar), Farsi (fa), and Hebrew (iw).
 
 ### Option 2: npm Module

changelog.txt

@@ -0,0 +1,2 @@
+fixed - Improves the error message when outdated email link is used for email link sign in and `forceSameDevice` is enabled.
+fixed - Fixes the wrong language code for Portuguese (Brazilian).

gulpfile.js

@@ -71,9 +71,9 @@ const DEFAULT_LOCALE = 'en';
 // The list of all locales that are supported.
 const ALL_LOCALES = ['ar-XB', 'ar', 'bg', 'ca', 'cs', 'da', 'de', 'el', 'en',
     'en-GB', 'en-XA', 'es-419', 'es', 'fa', 'fi', 'fil', 'fr', 'hi', 'hr', 'hu',
-    'id', 'it', 'iw', 'ja', 'ko', 'lt', 'lv', 'nl', 'no', 'pl', 'pt-PT', 'pt',
-    'ro', 'ru', 'sk', 'sl', 'sr', 'sv', 'th', 'tr', 'uk', 'vi', 'zh-CN',
-    'zh-TW'];
+    'id', 'it', 'iw', 'ja', 'ko', 'lt', 'lv', 'nl', 'no', 'pl', 'pt-PT',
+    'pt-BR', 'ro', 'ru', 'sk', 'sl', 'sr', 'sv', 'th', 'tr', 'uk', 'vi',
+    'zh-CN', 'zh-TW'];
 
 // Default arguments to pass into Closure Compiler.
 const COMPILER_DEFAULT_ARGS = {

javascript/widgets/handler/emaillinksignincallback.js

@@ -75,6 +75,7 @@ firebaseui.auth.widget.handler.handleEmailLinkSignInCallback = function(
   var forceSameDevice = urlBuilder.getForceSameDevice();
   var anonymousUid = urlBuilder.getAnonymousUid();
   var providerId = urlBuilder.getProviderId();
+  var isNewDevice = !firebaseui.auth.storage.hasEmailForSignIn(app.getAppId());
   var email = opt_email || firebaseui.auth.storage.getEmailForSignIn(
       sessionId, app.getAppId());
   var pendingCredential = firebaseui.auth.storage.getEncryptedPendingCredential(
@@ -133,7 +134,7 @@ firebaseui.auth.widget.handler.handleEmailLinkSignInCallback = function(
 
   var checkActionCodeAndGetUser = function() {
     var anonymousUserPromise = goog.Promise.resolve(null);
-    if ((anonymousUid && !email) || (!email && forceSameDevice)) {
+    if ((anonymousUid && isNewDevice) || (isNewDevice && forceSameDevice)) {
       // Anonymous user with different device flow or regular sign in flow with
       // same device requirement on different device.
       anonymousUserPromise = goog.Promise.reject(
@@ -169,15 +170,23 @@ firebaseui.auth.widget.handler.handleEmailLinkSignInCallback = function(
               app, component, email, link, credential,
               /** @type {?firebase.User} */ (user));
         } else {
-          component.dispose();
-          // On email confirmation, call this handler again with
-          // skipCodeCheck set to true.
-          firebaseui.auth.widget.handler.handle(
-              firebaseui.auth.widget.HandlerName.EMAIL_LINK_CONFIRMATION,
+          if (forceSameDevice) {
+            component.dispose();
+            firebaseui.auth.widget.handler.handle(
+              firebaseui.auth.widget.HandlerName.DIFFERENT_DEVICE_ERROR,
               app,
-              container,
-              link,
-              firebaseui.auth.widget.handler.completeEmailConfirmation_);
+              container);
+          } else {
+            component.dispose();
+            // On email confirmation, call this handler again with
+            // skipCodeCheck set to true.
+            firebaseui.auth.widget.handler.handle(
+                firebaseui.auth.widget.HandlerName.EMAIL_LINK_CONFIRMATION,
+                app,
+                container,
+                link,
+                firebaseui.auth.widget.handler.completeEmailConfirmation_);
+            }
         }
       },
       onError));

javascript/widgets/handler/emaillinksignincallback_test.js

@@ -959,6 +959,66 @@ function testHandleEmailLinkSignInCallback_expiredActionCodeError() {
 }
 
 
+function testHandleEmailLinkSignInCallback_oldLinkClicked() {
+  // Test when old email link is clicked, code expired error should be
+  // displayed. In this case, the email is stored with new session ID which is
+  // different from the session ID in the old link.
+  var expectedError = {'code': 'auth/expired-action-code'};
+  var email = passwordAccount.getEmail();
+  var link = generateSignInLink('OLD_SESSIONID', null, null, true);
+  setupEmailLinkSignIn('NEW_SESSIONID', email);
+
+  firebaseui.auth.widget.handler.handleEmailLinkSignInCallback(
+      app, container, link);
+  assertBlankPage();
+
+  // Simulate expired error code.
+  var waitForCheckActionCode = testAuth.assertCheckActionCode(
+      ['ACTION_CODE'],
+      null,
+      expectedError);
+  return waitForCheckActionCode.then(function() {
+    delayForBusyIndicatorAndAssertIndicatorShown();
+    return testAuth.process();
+  }).then(function() {
+    assertBusyIndicatorHidden();
+    // Provider sign-in page should be rendered with error in info bar.
+    assertProviderSignInPage();
+    assertInfoBarMessage(
+        firebaseui.auth.widget.handler.common.getErrorMessage(expectedError));
+  });
+}
+
+
+function testHandleEmailLinkSignInCallback_sessionMismatch() {
+  var email = passwordAccount.getEmail();
+  var link = generateSignInLink('NEW_SESSIONID', null, null, true);
+  setupEmailLinkSignIn('OLD_SESSIONID', email);
+
+  firebaseui.auth.widget.handler.handleEmailLinkSignInCallback(
+      app, container, link);
+  assertBlankPage();
+
+  var waitForCheckActionCode = testAuth.assertCheckActionCode(
+      ['ACTION_CODE'],
+      function() {
+        return {
+          'operation': 'EMAIL_SIGNIN'
+        };
+      });
+  return waitForCheckActionCode.then(function() {
+    delayForBusyIndicatorAndAssertIndicatorShown();
+    return testAuth.process();
+  }).then(function() {
+    assertBusyIndicatorHidden();
+    assertDifferentDeviceErrorPage();
+    // Clicking dismiss button should redirect to the first page.
+    clickSecondaryLink();
+    assertProviderSignInPage();
+  });
+}
+
+
 function testHandleEmailLinkSignInCallback_signInError() {
   var email = passwordAccount.getEmail();
   var link = generateSignInLink('SESSIONID');

package-lock.json

@@ -145,7 +145,7 @@
 <translation id="3561568594856945084">מאיוט</translation>
 <translation id="3591063723610544836">כניסה</translation>
 <translation id="3593480381831738519">איפוס הסיסמה</translation>
-<translation id="3597673897213051724">שלח</translation>
+<translation id="3597673897213051724">שליחה</translation>
 <translation id="3605933028246642593">נפאל</translation>
 <translation id="3608140835232496799">טוקלאו</translation>
 <translation id="3620185428620643248">פרטי הכניסה שנבחרו לספק האימות אינם נתמכים.</translation>