Support for skipping the nascar buttons screen when only using a single federated provider. (#584)

Author: wti806

README.md

@@ -323,9 +323,6 @@ Here is how you would track the Auth state across all your pages:
 
 FirebaseUI supports the following configuration parameters.
 
-<table>
-<thead>
-<tr>
 <table>
 <thead>
 <tr>
@@ -390,7 +387,6 @@ FirebaseUI supports the following configuration parameters.
 </td>
 </tr>
 <tr>
-<tr>
 <td>signInFlow</td>
 <td>No</td>
 <td>
@@ -401,6 +397,17 @@ FirebaseUI supports the following configuration parameters.
 </td>
 </tr>
 <tr>
+<td>immediateFederatedRedirect</td>
+<td>No</td>
+<td>
+  A boolean which determines whether to immediately redirect to the provider's
+  site or instead show the default 'Sign in with Provider' button when there is
+  only a single federated provider in <code>signInOptions</code>. In order for
+  this option to take effect, the <code>signInOptions</code> must only hold a
+  single federated provider (like 'google.com') and signInFlow must be set to
+  'redirect'.
+</td>
+</tr>
 <tr>
 <td>signInOptions</td>
 <td>Yes</td>
@@ -411,7 +418,6 @@ FirebaseUI supports the following configuration parameters.
 </td>
 </tr>
 <tr>
-<tr>
 <td>signInSuccessUrl</td>
 <td>No</td>
 <td>
@@ -1282,6 +1288,12 @@ FirebaseUI is displayed.
           },
           firebaseui.auth.AnonymousAuthProvider.PROVIDER_ID
         ],
+        // Set to true if you only have a single federated provider like
+        // firebase.auth.GoogleAuthProvider.PROVIDER_ID and you would like to
+        // immediately redirect to the provider's site instead of showing a
+        // 'Sign in with Provider' button first. In order for this to take
+        // effect, the signInFlow option must also be set to 'redirect'.
+        immediateFederatedRedirect: false,
         // tosUrl and privacyPolicyUrl accept either url string or a callback
         // function.
         // Terms of service url/callback.

javascript/utils/idp.js

@@ -110,6 +110,19 @@ firebaseui.auth.idp.isSaml_ = function(providerId) {
 };
 
 
+/**
+ * Returns true if the provider is federated, that is either: a built-in OAuth
+ * provider like Google, a SAML provider or an ODIC or generic OAuth provider.
+ * @param {string} providerId
+ * @return {boolean} Whether the provider is non-federated or not.
+ */
+firebaseui.auth.idp.isFederatedSignInMethod = function(providerId) {
+  return !goog.array.contains(
+      firebaseui.auth.idp.NonFederatedSignInMethods,
+      providerId);
+};
+
+
 /**
  * Returns the provider by provider ID. If the provider ID is neither built-in
  * provider or SAML provder, it will be considered as generic OAuth provider.

javascript/utils/idp_test.js

@@ -64,6 +64,20 @@ function tearDown() {
 }
 
 
+function testIsFederatedSignInMethod() {
+  // OAuth, SAML and OIDC providers should all return true.
+  assertTrue(firebaseui.auth.idp.isFederatedSignInMethod('google.com'));
+  assertTrue(firebaseui.auth.idp.isFederatedSignInMethod('microsoft.com'));
+  assertTrue(firebaseui.auth.idp.isFederatedSignInMethod('saml.provider'));
+  assertTrue(firebaseui.auth.idp.isFederatedSignInMethod('oidc.provider'));
+  assertTrue(firebaseui.auth.idp.isFederatedSignInMethod('anotherProvider'));
+  // Non-federated providers should return false.
+  assertFalse(firebaseui.auth.idp.isFederatedSignInMethod('emailLink'));
+  assertFalse(firebaseui.auth.idp.isFederatedSignInMethod('password'));
+  assertFalse(firebaseui.auth.idp.isFederatedSignInMethod('phone'));
+}
+
+
 function testGetAuthProvider() {
   // Built-in provider.
   var builtInProvider = firebaseui.auth.idp.getAuthProvider('google.com');

javascript/widgets/authui.js

@@ -56,6 +56,8 @@ goog.require('firebaseui.auth.widget.handler.handleEmailVerification');
 /** @suppress {extraRequire} */
 goog.require('firebaseui.auth.widget.handler.handleFederatedLinking');
 /** @suppress {extraRequire} */
+goog.require('firebaseui.auth.widget.handler.handleFederatedRedirect');
+/** @suppress {extraRequire} */
 goog.require('firebaseui.auth.widget.handler.handleFederatedSignIn');
 /** @suppress {extraRequire} */
 goog.require('firebaseui.auth.widget.handler.handlePasswordLinking');

javascript/widgets/config.js

@@ -55,6 +55,14 @@ firebaseui.auth.widget.Config = function() {
   this.config_.define(
       'credentialHelper',
       firebaseui.auth.CredentialHelper.ACCOUNT_CHOOSER_COM);
+  /**
+   * Determines whether to immediately redirect to the provider's site or
+   * instead show the default 'Sign in with Provider' button when there
+   * is only a single federated provider in signInOptions. In order for this
+   * option to take effect, the signInOptions must only hold a single federated
+   * provider (like 'google.com') and signInFlow must be set to 'redirect'.
+   */
+  this.config_.define('immediateFederatedRedirect', false);
   this.config_.define('popupMode', false);
   this.config_.define('privacyPolicyUrl');
   /**
@@ -835,6 +843,27 @@ firebaseui.auth.widget.Config.prototype.getPopupMode = function() {
 };
 
 
+/**
+ * Determines whether to show the 'nascar' sign-in buttons screen or
+ * immediately redirect to the provider's site when there is only a single
+ * federated provider in signInOptions. In order for this option to take
+ * effect, the signInOptions must only hold a single federated provider (like
+ * 'google.com') and signInFlow must be set to 'redirect'.
+ * @return {boolean} Whether to skip the 'nascar' screen or not.
+ */
+firebaseui.auth.widget.Config.prototype.
+    federatedProviderShouldImmediatelyRedirect = function() {
+  var immediateFederatedRedirect = !!this.config_.get(
+      'immediateFederatedRedirect');
+  var providers = this.getProviders();
+  var signInFlow = this.getSignInFlow();
+  return immediateFederatedRedirect &&
+      providers.length == 1 &&
+      firebaseui.auth.idp.isFederatedSignInMethod(providers[0]) &&
+      signInFlow == firebaseui.auth.widget.Config.SignInFlow.REDIRECT;
+};
+
+
 /**
  * @return {!firebaseui.auth.widget.Config.SignInFlow} The current sign-in
  *     flow.

javascript/widgets/config_test.js

@@ -50,6 +50,7 @@ function setUp() {
   });
   firebase.auth = {
     GoogleAuthProvider: {PROVIDER_ID: 'google.com'},
+    FacebookAuthProvider: {PROVIDER_ID: 'facebook.com'},
     EmailAuthProvider: {
       EMAIL_LINK_SIGN_IN_METHOD: 'emailLink',
       EMAIL_PASSWORD_SIGN_IN_METHOD: 'password',
@@ -107,6 +108,64 @@ function testGetRequiredWidgetUrl() {
 }
 
 
+function testFederatedProviderShouldImmediatelyRedirect() {
+  // Returns true when immediateFederatedRedirect is set, there is
+  // only one federated provider and the signInFlow is set to redirect.
+  config.setConfig({
+    'immediateFederatedRedirect': true,
+    'signInOptions': [firebase.auth.GoogleAuthProvider.PROVIDER_ID],
+    'signInFlow': firebaseui.auth.widget.Config.SignInFlow.REDIRECT
+  });
+  assertTrue(config.federatedProviderShouldImmediatelyRedirect());
+
+  // Returns false if the immediateFederatedRedirect option is false.
+  config.setConfig({
+    'immediateFederatedRedirect': false,
+    'signInOptions': [firebase.auth.GoogleAuthProvider.PROVIDER_ID],
+    'signInFlow': firebaseui.auth.widget.Config.SignInFlow.REDIRECT
+  });
+  assertFalse(config.federatedProviderShouldImmediatelyRedirect());
+
+  // Returns false if the provider is not a federated provider.
+  config.setConfig({
+    'immediateFederatedRedirect': true,
+    'signInOptions': [firebase.auth.EmailAuthProvider.PROVIDER_ID],
+    'signInFlow': firebaseui.auth.widget.Config.SignInFlow.REDIRECT
+  });
+  assertFalse(config.federatedProviderShouldImmediatelyRedirect());
+
+  // Returns false if there is more than one federated provider.
+  config.setConfig({
+    'immediateFederatedRedirect': true,
+    'signInOptions': [
+      firebase.auth.GoogleAuthProvider.PROVIDER_ID,
+      firebase.auth.FacebookAuthProvider.PROVIDER_ID
+    ],
+    'signInFlow': firebaseui.auth.widget.Config.SignInFlow.REDIRECT
+  });
+  assertFalse(config.federatedProviderShouldImmediatelyRedirect());
+
+  // Returns false if there is more than one provider of any kind.
+  config.setConfig({
+    'immediateFederatedRedirect': true,
+    'signInOptions': [
+      firebase.auth.GoogleAuthProvider.PROVIDER_ID,
+      firebase.auth.EmailAuthProvider.PROVIDER_ID
+    ],
+    'signInFlow': firebaseui.auth.widget.Config.SignInFlow.REDIRECT
+  });
+  assertFalse(config.federatedProviderShouldImmediatelyRedirect());
+
+  // Returns false if signInFlow is using a popup.
+  config.setConfig({
+    'immediateFederatedRedirect': true,
+    'signInOptions': [firebase.auth.GoogleAuthProvider.PROVIDER_ID],
+    'signInFlow': firebaseui.auth.widget.Config.SignInFlow.POPUP
+  });
+  assertFalse(config.federatedProviderShouldImmediatelyRedirect());
+}
+
+
 function testGetSignInFlow() {
   // Confirm default value for sign-in flow
   assertEquals(

javascript/widgets/dispatcher_test.js

@@ -629,6 +629,56 @@ function testDispatchOperation_callback_noPendingRedirect() {
 }
 
 
+function testDispatchOperation_callback_canSkipNascarScreen() {
+  // Checks to make sure that when immediateFederatedRedirect is true
+  // and all the correct options are set, the 'nascar' sign-in screen will
+  // be skipped.
+  var element = goog.dom.createElement('div');
+  setModeAndUrlParams(firebaseui.auth.widget.Config.WidgetMode.CALLBACK);
+  // Simulate app not returning from redirect sign-in operation.
+  firebaseui.auth.storage.removePendingRedirectStatus(app.getAppId());
+  // In order for an immediate redirect to succeed all of the following
+  // options must be set:
+  app.setConfig({
+    'immediateFederatedRedirect': true,
+    'signInOptions': [firebase.auth.GoogleAuthProvider.PROVIDER_ID],
+    'signInFlow': firebaseui.auth.widget.Config.SignInFlow.REDIRECT
+  });
+  firebaseui.auth.widget.dispatcher.dispatchOperation(app, element);
+  // The federated redirect handler should trigger.
+  assertHandlerInvoked(
+      firebaseui.auth.widget.HandlerName.FEDERATED_REDIRECT,
+      app,
+      element);
+}
+
+
+function testDispatchOperation_callback_canShowNascarScreen() {
+  // Checks to make sure that even if immediateFederatedRedirect is true
+  // unless all the correct options are set, the 'nascar' sign-in screen will
+  // not be skipped.
+  var element = goog.dom.createElement('div');
+  setModeAndUrlParams(firebaseui.auth.widget.Config.WidgetMode.CALLBACK);
+  // Simulate app not returning from redirect sign-in operation.
+  firebaseui.auth.storage.removePendingRedirectStatus(app.getAppId());
+  // The immediate redirect should not be triggered (since there is more
+  // than one federated provider and it is using a popup).
+  app.setConfig({
+    'immediateFederatedRedirect': true,
+    'signInOptions': [
+      firebase.auth.GoogleAuthProvider.PROVIDER_ID,
+      firebase.auth.FacebookAuthProvider.PROVIDER_ID],
+    'signInFlow': firebaseui.auth.widget.Config.SignInFlow.POPUP
+  });
+  firebaseui.auth.widget.dispatcher.dispatchOperation(app, element);
+  // The normal provider sign in handler 'nascar' screen should be rendered.
+  assertHandlerInvoked(
+      firebaseui.auth.widget.HandlerName.PROVIDER_SIGN_IN,
+      app,
+      element);
+}
+
+
 function testDispatchOperation_revokeChangeEmail() {
   var element = goog.dom.createElement('div');
   setModeAndUrlParams(

javascript/widgets/handler/callback_test.js

@@ -1117,6 +1117,59 @@ function testHandleCallback_redirectUser_pendingCredential_error() {
 }
 
 
+function testHandleCallback_redirectUser_alwaysShowNascarScreenOnError() {
+  // Tests that the 'nascar' sign-in page won't be skipped when there is
+  // an error message. This is tested by simulating an error in linking
+  // after returning from a regular sign in operation with pending
+  // credentials.
+  asyncTestCase.waitForSignals(1);
+  app.setConfig({
+    'immediateFederatedRedirect': true,
+    'signInOptions': [firebase.auth.GoogleAuthProvider.PROVIDER_ID],
+    'signInFlow': firebaseui.auth.widget.Config.SignInFlow.REDIRECT
+  });
+  var cred = firebaseui.auth.idp.getAuthCredential({
+    'providerId': 'google.com',
+    'accessToken': 'ACCESS_TOKEN'
+  });
+  var pendingEmailCred = new firebaseui.auth.PendingEmailCredential(
+      federatedAccount.getEmail(), cred);
+  // Simulate previous linking required (pending credentials should be saved).
+  firebaseui.auth.storage.setPendingEmailCredential(
+      pendingEmailCred, app.getAppId());
+  // Callback rendered.
+  firebaseui.auth.widget.handler.handleCallback(app, container);
+  assertCallbackPage();
+  // User should be signed in at this point.
+  testAuth.setUser({
+    'email': federatedAccount.getEmail(),
+    'displayName': federatedAccount.getDisplayName()
+  });
+  // Attempting to get redirect result. Resolve with success.
+  testAuth.assertGetRedirectResult(
+      [],
+      {
+        'user': testAuth.currentUser,
+        'credential': null
+      });
+  testAuth.process().then(function() {
+    // Linking should be triggered with pending credential.
+    // Simulate an error here.
+    testAuth.currentUser.assertLinkAndRetrieveDataWithCredential(
+        [cred], null, internalError);
+    return testAuth.process();
+  }).then(function() {
+    // Redirect to the provider's sign-in page. This should not skip the
+    // 'nascar' screen since there is an error message.
+    assertProviderSignInPage();
+    // Show error in info bar.
+    assertInfoBarMessage(
+        firebaseui.auth.widget.handler.common.getErrorMessage(internalError));
+    asyncTestCase.signal();
+  });
+}
+
+
 function testHandleCallback_signedInUser_pendingCred_error_popup() {
   // Test sign in operation with pending credentials requiring linking in popup
   // flow. Simulate error in linking.

javascript/widgets/handler/common.js

@@ -976,7 +976,21 @@ firebaseui.auth.widget.handler.common.federatedSignIn = function(
     firebaseui.auth.log.error('signInWithRedirect: ' + error['code']);
     var errorMessage = firebaseui.auth.widget.handler.common.getErrorMessage(
         error);
-    component.showInfoBar(errorMessage);
+    // If the page was previously blank because the 'nascar' screen is being
+    // skipped, then the provider sign-in 'nascar' screen needs to be shown
+    // along with the error message. Otherwise, the error message can simply
+    // be added to the info bar.
+    if (component.getPageId() == 'blank' &&
+        app.getConfig().federatedProviderShouldImmediatelyRedirect()) {
+      component.dispose();
+      firebaseui.auth.widget.handler.handle(
+          firebaseui.auth.widget.HandlerName.PROVIDER_SIGN_IN,
+          app,
+          container,
+          errorMessage);
+    } else {
+      component.showInfoBar(errorMessage);
+    }
   };
   // Error handler for signInWithPopup and getRedirectResult on Cordova.
   var signInResultErrorCallback = function(error) {
@@ -1399,8 +1413,18 @@ firebaseui.auth.widget.handler.common.handleSignInStart = function(
     // which would trigger an info bar message.
     firebaseui.auth.widget.handler.handle(
         firebaseui.auth.widget.HandlerName.PHONE_SIGN_IN_START, app, container);
+  } else if (app &&
+      app.getConfig().federatedProviderShouldImmediatelyRedirect() &&
+      !opt_infoBarMessage) {
+    // If there is an info bar message available, the 'nascar' screen cannot be
+    // skipped since the message or error must be shown to the user.
+    firebaseui.auth.widget.handler.handle(
+        firebaseui.auth.widget.HandlerName.FEDERATED_REDIRECT,
+        app,
+        container);
   } else {
-    // For all other cases, show the provider sign-in screen.
+    // For all other cases, show the provider sign-in screen along with any
+    // info bar messages that need to be shown to the user.
     firebaseui.auth.widget.handler.handle(
         firebaseui.auth.widget.HandlerName.PROVIDER_SIGN_IN,
         app,