fix(auth): emit AuthResult on sign-in success and fix MFA tooltip auto-open#2326
Conversation
There was a problem hiding this comment.
Code Review
This pull request refactors the authentication state management to provide more detailed feedback upon successful sign-in. Specifically, it introduces updateAuthStateWithResult in FirebaseAuthUI to transition the state to AuthState.Success (including AuthResult and user details) rather than simply returning to Idle. These changes are propagated across Anonymous, Email, and OAuth providers, with corresponding updates to unit tests. The PR also includes UI adjustments to tooltip visibility. Feedback was provided to revert the USE_AUTH_EMULATOR flag in the demo app to false to ensure it remains functional for users without a local emulator setup.
mikehardy
left a comment
There was a problem hiding this comment.
I don't appear to have the ability to resolve my comment threads but I consider them resolved now. I'm also not sure if I have repo-authority such that my approval counts but it was a real review :-). +1, looks good
…o-open (#2326) * fix(auth): update AuthState to reflect success or idle based on user result * updates * updates * refactor: rename auth user state handler
…o-open (#2326) * fix(auth): update AuthState to reflect success or idle based on user result * updates * updates * refactor: rename auth user state handler
…o-open (#2326) * fix(auth): update AuthState to reflect success or idle based on user result * updates * updates * refactor: rename auth user state handler
…o-open (#2326) * fix(auth): update AuthState to reflect success or idle based on user result * updates * updates * refactor: rename auth user state handler
…o-open (#2326) * fix(auth): update AuthState to reflect success or idle based on user result * updates * updates * refactor: rename auth user state handler
…o-open (firebase#2326) * fix(auth): update AuthState to reflect success or idle based on user result * updates * updates * refactor: rename auth user state handler
…ng (#2354) * fix(auth): improve user identifier retrieval (#2314) * fix(auth): improve user identifier retrieval * updates * fix: ensure that when selecting phone or email, it routes straight to that screen (#2311) * fix: use secondary app if it is passed into FirebaseAuthUI (#2313) * fix(auth): make AuthException messages customisable via AuthUIStringProvider (#2320) * fix(auth): preserve linkDomain in email link ActionCodeSettings (#2321) * fix(auth): log out before Facebook sign-in to clear stale cached token (#2322) Co-authored-by: russellwheatley <russellwheatley85@gmail.com> * Fix typo in README (#2325) * fix(auth): emit AuthResult on sign-in success and fix MFA tooltip auto-open (#2326) * fix(auth): update AuthState to reflect success or idle based on user result * updates * updates * refactor: rename auth user state handler * fix(auth): expose slot parameters through FirebaseAuthScreen (#2328) * fix(auth): add configurable params for custom UI - AuthMethodPicker - EmailAuth - PhoneAuth - MFA Enrollment & Challenge * fix(auth): add demo activities for email and phone authentication with customizable UI * updates * updates * feat(auth): add customMethodPickerTermsContent slot to FirebaseAuthScreen (#2330) * feat(auth): add termsContent slot to AuthMethodPicker for custom ToS UI * feat(auth): add termsAccepted parameter to AuthMethodPicker for consent handling * update example * updates * updates * updates * feat(auth): add isCredentialLinkingEnabled for authenticated users (#2319) * feat(auth): add isCredentialLinkingEnabled for authenticated non-anonymous users * t feat(app): add CredentialLinkingDemoActivity to sample app # Conflicts: # app/src/main/AndroidManifest.xml * updates * feat(auth): surface GIdP password policy violations with actionable error messages (#2333) * feat(auth): handle GIdP password policy violations with specific error messages * updates * updates * cleanup * fix(auth): allow SAML providers in AuthUIConfiguration (#2331) * fix(auth): allow saml. prefixed provider IDs in AuthUIConfiguration validation * updates * feat(auth): add reauthentication flow with automatic operation retry (#2332) * wip # Conflicts: # auth/src/main/java/com/firebase/ui/auth/configuration/auth_provider/EmailAuthProvider+FirebaseAuthUI.kt # auth/src/main/java/com/firebase/ui/auth/ui/screens/FirebaseAuthScreen.kt * feat(auth): add reauthentication flow with automatic operation retry Adds AuthState.ReauthenticationRequired, withReauth(), and createReauthFlow() to support sensitive operations that require recent sign-in. FirebaseAuthUI.delete() and withReauth() automatically catch FirebaseAuthRecentLoginRequiredException, emit the new state carrying the original operation as retryOperation, and FirebaseAuthScreen presents a ModalBottomSheet overlay scoped to the user's linked providers — no navigation away from the authenticated screen. On successful reauthentication the original operation is retried automatically. * test(auth): add e2e tests for reauthentication flow UI * updates * fix reviews * update README * feat(auth): implement `legacyFetchSignInWithEmail` configuration option (#2316) * feat(auth): implement legacyFetchSignInWithEmail configuration option * test: write tests for legacyFetchSignInWithEmail * fix(pr): address reviewer feedback on email recovery routing * refactor(pr): address reviewer feedback on legacy email recovery * fix: cancellation callback + test * chore: ignore kotlin cache * chore: run demo app script from command line --------- Co-authored-by: demolaf <demolafadumo@gmail.com> * fix(auth): replace hardcoded loading state strings with translatable string resources (#2339) * feat(auth): add localized loading messages for various sign-in states * updates * feat(auth): update sign-in methods to use AuthUIConfiguration for localized messages * refactor: use periods to represent ellipsis not the unicode character * refactor: use qualifiers, not base values in tests * fix(auth): remember authStateFlow() to avoid resubscribing on every recomposition * fix(auth): remember authStateFlow() in EmailAuthScreen to avoid resubscribing * docs(auth): note FirebaseAuthUI.create() instability inside composables --------- Co-authored-by: Russell Wheatley <russellwheatley85@gmail.com> Co-authored-by: Nillan Sivarasa <nillan.sivarasa@gmail.com>
…o-open (#2326) * fix(auth): update AuthState to reflect success or idle based on user result * updates * updates * refactor: rename auth user state handler
…ng (#2354) * fix(auth): improve user identifier retrieval (#2314) * fix(auth): improve user identifier retrieval * updates * fix: ensure that when selecting phone or email, it routes straight to that screen (#2311) * fix: use secondary app if it is passed into FirebaseAuthUI (#2313) * fix(auth): make AuthException messages customisable via AuthUIStringProvider (#2320) * fix(auth): preserve linkDomain in email link ActionCodeSettings (#2321) * fix(auth): log out before Facebook sign-in to clear stale cached token (#2322) Co-authored-by: russellwheatley <russellwheatley85@gmail.com> * Fix typo in README (#2325) * fix(auth): emit AuthResult on sign-in success and fix MFA tooltip auto-open (#2326) * fix(auth): update AuthState to reflect success or idle based on user result * updates * updates * refactor: rename auth user state handler * fix(auth): expose slot parameters through FirebaseAuthScreen (#2328) * fix(auth): add configurable params for custom UI - AuthMethodPicker - EmailAuth - PhoneAuth - MFA Enrollment & Challenge * fix(auth): add demo activities for email and phone authentication with customizable UI * updates * updates * feat(auth): add customMethodPickerTermsContent slot to FirebaseAuthScreen (#2330) * feat(auth): add termsContent slot to AuthMethodPicker for custom ToS UI * feat(auth): add termsAccepted parameter to AuthMethodPicker for consent handling * update example * updates * updates * updates * feat(auth): add isCredentialLinkingEnabled for authenticated users (#2319) * feat(auth): add isCredentialLinkingEnabled for authenticated non-anonymous users * t feat(app): add CredentialLinkingDemoActivity to sample app # Conflicts: # app/src/main/AndroidManifest.xml * updates * feat(auth): surface GIdP password policy violations with actionable error messages (#2333) * feat(auth): handle GIdP password policy violations with specific error messages * updates * updates * cleanup * fix(auth): allow SAML providers in AuthUIConfiguration (#2331) * fix(auth): allow saml. prefixed provider IDs in AuthUIConfiguration validation * updates * feat(auth): add reauthentication flow with automatic operation retry (#2332) * wip # Conflicts: # auth/src/main/java/com/firebase/ui/auth/configuration/auth_provider/EmailAuthProvider+FirebaseAuthUI.kt # auth/src/main/java/com/firebase/ui/auth/ui/screens/FirebaseAuthScreen.kt * feat(auth): add reauthentication flow with automatic operation retry Adds AuthState.ReauthenticationRequired, withReauth(), and createReauthFlow() to support sensitive operations that require recent sign-in. FirebaseAuthUI.delete() and withReauth() automatically catch FirebaseAuthRecentLoginRequiredException, emit the new state carrying the original operation as retryOperation, and FirebaseAuthScreen presents a ModalBottomSheet overlay scoped to the user's linked providers — no navigation away from the authenticated screen. On successful reauthentication the original operation is retried automatically. * test(auth): add e2e tests for reauthentication flow UI * updates * fix reviews * update README * feat(auth): implement `legacyFetchSignInWithEmail` configuration option (#2316) * feat(auth): implement legacyFetchSignInWithEmail configuration option * test: write tests for legacyFetchSignInWithEmail * fix(pr): address reviewer feedback on email recovery routing * refactor(pr): address reviewer feedback on legacy email recovery * fix: cancellation callback + test * chore: ignore kotlin cache * chore: run demo app script from command line --------- Co-authored-by: demolaf <demolafadumo@gmail.com> * fix(auth): replace hardcoded loading state strings with translatable string resources (#2339) * feat(auth): add localized loading messages for various sign-in states * updates * feat(auth): update sign-in methods to use AuthUIConfiguration for localized messages * refactor: use periods to represent ellipsis not the unicode character * refactor: use qualifiers, not base values in tests * fix(auth): remember authStateFlow() to avoid resubscribing on every recomposition * fix(auth): remember authStateFlow() in EmailAuthScreen to avoid resubscribing * docs(auth): note FirebaseAuthUI.create() instability inside composables --------- Co-authored-by: Russell Wheatley <russellwheatley85@gmail.com> Co-authored-by: Nillan Sivarasa <nillan.sivarasa@gmail.com>
Closes #2318 .
All providers called
updateAuthState(Idle)after sign-in, so the onlyAuthState.Successcame from Firebase'sAuthStateListenerwhich never carries anAuthResult. Theresult?.letguard inFirebaseAuthScreenthen silently blockedonSignInSuccessevery time.Fix: emit
AuthState.Successwith the realAuthResultvia a sharedupdateAuthStateWithResult()helper. Also fixes MFA tooltip auto-opening when disabled.