Merge branch 'master' of github.com:step-up-labs/firebase-authentication-dotnet

Author: bezysoftware

.github/stale.yml

@@ -7,6 +7,7 @@ exemptLabels:
   - pinned
   - security
   - enhancement
+  - up-for-grabs
 # Label to use when marking an issue as stale
 staleLabel: stale
 # Comment to post when marking an issue as stale. Set to `false` to disable

src/Firebase.Auth/AuthErrorReason.cs

@@ -7,6 +7,10 @@ public enum AuthErrorReason
         /// </summary>
         Undefined,
         /// <summary>
+        /// The sign in method is not enabled.
+        /// </summary>
+        OperationNotAllowed,
+        /// <summary>
         /// The user was disabled and is not granted access anymore.
         /// </summary>
         UserDisabled,
@@ -63,10 +67,18 @@ public enum AuthErrorReason
         /// </summary>
         WrongPassword,
         /// <summary>
+        /// Email/Password Signin: Too many password login have been attempted. Try again later.
+        /// </summary>
+        TooManyAttemptsTryLater,
+        /// <summary>
         /// Password Recovery: Request does not contain a value for parameter: requestType or supplied value is invalid.
         /// </summary>
         MissingRequestType,
         /// <summary>
+        /// Password Recovery: Reset password limit exceeded.
+        /// </summary>
+        ResetPasswordExceedLimit,
+        /// <summary>
         /// Account Linking: Authenticated User ID Token is invalid!
         /// </summary>
         InvalidIDToken,

src/Firebase.Auth/Firebase.Auth.csproj

@@ -3,7 +3,7 @@
   <PropertyGroup>
     <TargetFramework>netstandard1.1</TargetFramework>
     <PackageId>FirebaseAuthentication.net</PackageId>
-    <PackageVersion>3.3.0</PackageVersion>
+    <PackageVersion>3.4.0</PackageVersion>
     <Authors>Step Up Labs, Inc.</Authors>
     <Description>Firebase authentication library. It can generate Firebase auth token based on given OAuth token (issued by Google, Facebook...). This Firebase token can then be used with REST queries against Firebase endpoints. </Description>
     <PackageRequireLicenseAcceptance>false</PackageRequireLicenseAcceptance>

src/Firebase.Auth/FirebaseAuthProvider.cs

@@ -105,6 +105,21 @@ public async Task<FirebaseAuthLink> SignInWithOAuthAsync(FirebaseAuthType authTy
             return await this.ExecuteWithPostContentAsync(GoogleIdentityUrl, content).ConfigureAwait(false);
         }
 
+        /// <summary>
+        /// Using the provided Id token from google signin, get the firebase auth with token and basic user credentials.
+        /// </summary>
+        /// <param name="authType"> The auth type. </param>
+        /// <param name="oauthAccessToken"> The access token retrieved from twitter. </param>
+        /// <param name="oauthAccessToken"> The access token secret supplied by twitter. </param>
+        /// <returns> The <see cref="FirebaseAuth"/>. </returns>
+        public async Task<FirebaseAuthLink> SignInWithOAuthTwitterTokenAsync(string oauthAccessToken, string oauthTokenSecret)
+        {
+            var providerId = this.GetProviderId(FirebaseAuthType.Twitter);
+            var content = $"{{\"postBody\":\"access_token={oauthAccessToken}&oauth_token_secret={oauthTokenSecret}&providerId={providerId}\",\"requestUri\":\"http://localhost\",\"returnSecureToken\":true}}";
+            
+            return await this.ExecuteWithPostContentAsync(GoogleIdentityUrl, content).ConfigureAwait(false);
+        }
+
         /// <summary>
         /// Using the provided Id token from google signin, get the firebase auth with token and basic user credentials.
         /// </summary>
@@ -263,10 +278,20 @@ public async Task DeleteUserAsync(string firebaseToken)
         public async Task SendPasswordResetEmailAsync(string email)
         {
             var content = $"{{\"requestType\":\"PASSWORD_RESET\",\"email\":\"{email}\"}}";
-
-            var response = await this.client.PostAsync(new Uri(string.Format(GoogleGetConfirmationCodeUrl, this.authConfig.ApiKey)), new StringContent(content, Encoding.UTF8, "application/json")).ConfigureAwait(false);
-
-            response.EnsureSuccessStatusCode();
+            var responseData = "N/A";
+            
+            try
+            {
+                var response = await this.client.PostAsync(new Uri(string.Format(GoogleGetConfirmationCodeUrl, this.authConfig.ApiKey)), new StringContent(content, Encoding.UTF8, "application/json")).ConfigureAwait(false);
+                responseData = await response.Content.ReadAsStringAsync().ConfigureAwait(false);
+                
+                response.EnsureSuccessStatusCode();
+            }
+            catch (Exception ex)
+            {
+                AuthErrorReason errorReason = GetFailureReason(responseData);
+                throw new FirebaseAuthException(GoogleGetConfirmationCodeUrl, content, responseData, ex, errorReason);
+            }
         }
 
         /// <summary>
@@ -494,6 +519,10 @@ private static AuthErrorReason GetFailureReason(string responseData)
                             failureReason = AuthErrorReason.LoginCredentialsTooOld;
                             break;
 
+                        case "OPERATION_NOT_ALLOWED":
+                            failureReason = AuthErrorReason.OperationNotAllowed;
+                            break;
+
                         //possible errors from Third Party Authentication using GoogleIdentityUrl
                         case "INVALID_PROVIDER_ID : Provider Id is not supported.":
                             failureReason = AuthErrorReason.InvalidProviderID;
@@ -514,9 +543,6 @@ private static AuthErrorReason GetFailureReason(string responseData)
                             break;
 
                         //possible errors from Email/Password Account Signup (via signupNewUser or setAccountInfo)
-                        case "WEAK_PASSWORD : Password should be at least 6 characters":
-                            failureReason = AuthErrorReason.WeakPassword;
-                            break;
                         case "EMAIL_EXISTS":
                             failureReason = AuthErrorReason.EmailExists;
                             break;
@@ -541,6 +567,9 @@ private static AuthErrorReason GetFailureReason(string responseData)
                         case "MISSING_EMAIL":
                             failureReason = AuthErrorReason.MissingEmail;
                             break;
+                        case "RESET_PASSWORD_EXCEED_LIMIT":
+                            failureReason = AuthErrorReason.ResetPasswordExceedLimit;
+                            break;
 
                         //possible errors from Password Recovery
                         case "MISSING_REQ_TYPE":
@@ -563,6 +592,14 @@ private static AuthErrorReason GetFailureReason(string responseData)
                             failureReason = AuthErrorReason.AlreadyLinked;
                             break;
                     }
+
+                    if(failureReason == AuthErrorReason.Undefined)
+                    {                            
+                        //possible errors from Email/Password Account Signup (via signupNewUser or setAccountInfo)
+                        if(errorData?.error?.message?.StartsWith("WEAK_PASSWORD :") ?? false) failureReason = AuthErrorReason.WeakPassword;
+                        //possible errors from Email/Password Signin
+                        else if (errorData?.error?.message?.StartsWith("TOO_MANY_ATTEMPTS_TRY_LATER :") ?? false) failureReason = AuthErrorReason.TooManyAttemptsTryLater;
+                    }
                 }
             }
             catch (JsonReaderException)