chore(auth): Exposed admin.auth namespace (#1053)

* chore(auth): Exposed admin.auth namespace

* fix(auth): Fixing unit tests for SAMLConfig

* fix(auth): Removing more auth. prefixed direct references

* fix(auth): Using CreateTenantRequest explicitly where appropriate

Author: hiranya911

gulpfile.js

@@ -83,6 +83,7 @@ gulp.task('compile', function() {
 
   const configuration = [
     'lib/**/*.js',
+    'lib/auth/index.d.ts',
     'lib/credential/index.d.ts',
     'lib/firebase-namespace-api.d.ts',
     'lib/database/index.d.ts',

src/auth/action-code-settings-builder.ts

@@ -16,21 +16,9 @@
 
 import * as validator from '../utils/validator';
 import { AuthClientErrorCode, FirebaseAuthError } from '../utils/error';
+import { auth } from './index';
 
-/** Defines the ActionCodeSettings interface. */
-export interface ActionCodeSettings {
-  url: string;
-  handleCodeInApp?: boolean;
-  iOS?: {
-    bundleId: string;
-  };
-  android?: {
-    packageName: string;
-    installApp?: boolean;
-    minimumVersion?: string;
-  };
-  dynamicLinkDomain?: string;
-}
+import ActionCodeSettings = auth.ActionCodeSettings;
 
 /** Defines the email action code server request. */
 interface EmailActionCodeRequest {

src/auth/auth-api-request.ts

@@ -18,29 +18,42 @@ import * as validator from '../utils/validator';
 
 import { deepCopy, deepExtend } from '../utils/deep-copy';
 import {
-  UserIdentifier, isUidIdentifier, isEmailIdentifier, isPhoneIdentifier,
-  isProviderIdentifier, UidIdentifier, EmailIdentifier, PhoneIdentifier,
-  ProviderIdentifier,
+  isUidIdentifier, isEmailIdentifier, isPhoneIdentifier, isProviderIdentifier
 } from './identifier';
 import { FirebaseApp } from '../firebase-app';
 import { AuthClientErrorCode, FirebaseAuthError } from '../utils/error';
 import {
   ApiSettings, AuthorizedHttpClient, HttpRequestConfig, HttpError,
 } from '../utils/api-request';
-import { CreateRequest, UpdateRequest } from './user-record';
 import {
-  UserImportBuilder, UserImportOptions, UserImportRecord,
-  UserImportResult, AuthFactorInfo, convertMultiFactorInfoToServerFormat,
+  UserImportBuilder, AuthFactorInfo, convertMultiFactorInfoToServerFormat,
 } from './user-import-builder';
 import * as utils from '../utils/index';
-import { ActionCodeSettings, ActionCodeSettingsBuilder } from './action-code-settings-builder';
+import { ActionCodeSettingsBuilder } from './action-code-settings-builder';
 import {
   SAMLConfig, OIDCConfig, OIDCConfigServerResponse, SAMLConfigServerResponse,
-  OIDCConfigServerRequest, SAMLConfigServerRequest, AuthProviderConfig,
-  OIDCUpdateAuthProviderRequest, SAMLUpdateAuthProviderRequest,
+  OIDCConfigServerRequest, SAMLConfigServerRequest,
 } from './auth-config';
-import { Tenant, TenantOptions, TenantServerResponse } from './tenant';
-
+import { Tenant, TenantServerResponse } from './tenant';
+import { auth } from './index';
+
+import CreateRequest = auth.CreateRequest;
+import UpdateRequest = auth.UpdateRequest;
+import UserIdentifier = auth.UserIdentifier;
+import UidIdentifier = auth.UidIdentifier;
+import EmailIdentifier = auth.EmailIdentifier;
+import PhoneIdentifier = auth.PhoneIdentifier;
+import ProviderIdentifier = auth.ProviderIdentifier;
+import UserImportOptions = auth.UserImportOptions;
+import UserImportRecord = auth.UserImportRecord;
+import UserImportResult = auth.UserImportResult;
+import ActionCodeSettings = auth.ActionCodeSettings;
+import OIDCAuthProviderConfig = auth.OIDCAuthProviderConfig;
+import SAMLAuthProviderConfig = auth.SAMLAuthProviderConfig;
+import OIDCUpdateAuthProviderRequest = auth.OIDCUpdateAuthProviderRequest;
+import SAMLUpdateAuthProviderRequest = auth.SAMLUpdateAuthProviderRequest;
+import CreateTenantRequest = auth.CreateTenantRequest;
+import UpdateTenantRequest = auth.UpdateTenantRequest;
 
 /** Firebase Auth request header. */
 const FIREBASE_AUTH_HEADER = {
@@ -1523,7 +1536,7 @@ export abstract class AbstractAuthRequestHandler {
    * @return {Promise<OIDCConfigServerResponse>} A promise that resolves with the newly created OIDC
    *     configuration.
    */
-  public createOAuthIdpConfig(options: AuthProviderConfig): Promise<OIDCConfigServerResponse> {
+  public createOAuthIdpConfig(options: OIDCAuthProviderConfig): Promise<OIDCConfigServerResponse> {
     // Construct backend request.
     let request;
     try {
@@ -1646,7 +1659,7 @@ export abstract class AbstractAuthRequestHandler {
    * @return {Promise<SAMLConfigServerResponse>} A promise that resolves with the newly created SAML
    *     configuration.
    */
-  public createInboundSamlConfig(options: AuthProviderConfig): Promise<SAMLConfigServerResponse> {
+  public createInboundSamlConfig(options: SAMLAuthProviderConfig): Promise<SAMLConfigServerResponse> {
     // Construct backend request.
     let request;
     try {
@@ -1956,7 +1969,7 @@ export class AuthRequestHandler extends AbstractAuthRequestHandler {
    * @param {TenantOptions} tenantOptions The properties to set on the new tenant to be created.
    * @return {Promise<TenantServerResponse>} A promise that resolves with the newly created tenant object.
    */
-  public createTenant(tenantOptions: TenantOptions): Promise<TenantServerResponse> {
+  public createTenant(tenantOptions: CreateTenantRequest): Promise<TenantServerResponse> {
     try {
       // Construct backend request.
       const request = Tenant.buildServerRequest(tenantOptions, true);
@@ -1976,7 +1989,7 @@ export class AuthRequestHandler extends AbstractAuthRequestHandler {
    * @param {TenantOptions} tenantOptions The properties to update on the existing tenant.
    * @return {Promise<TenantServerResponse>} A promise that resolves with the modified tenant object.
    */
-  public updateTenant(tenantId: string, tenantOptions: TenantOptions): Promise<TenantServerResponse> {
+  public updateTenant(tenantId: string, tenantOptions: UpdateTenantRequest): Promise<TenantServerResponse> {
     if (!validator.isNonEmptyString(tenantId)) {
       return Promise.reject(new FirebaseAuthError(AuthClientErrorCode.INVALID_TENANT_ID));
     }

src/auth/auth-config.ts

@@ -17,40 +17,18 @@
 import * as validator from '../utils/validator';
 import { deepCopy } from '../utils/deep-copy';
 import { AuthClientErrorCode, FirebaseAuthError } from '../utils/error';
+import { auth } from './index';
+
+import MultiFactorConfigInterface = auth.MultiFactorConfig;
+import MultiFactorConfigState = auth.MultiFactorConfigState;
+import AuthFactorType = auth.AuthFactorType;
+import EmailSignInProviderConfig = auth.EmailSignInProviderConfig;
+import OIDCAuthProviderConfig = auth.OIDCAuthProviderConfig;
+import SAMLAuthProviderConfig = auth.SAMLAuthProviderConfig;
 
 /** A maximum of 10 test phone number / code pairs can be configured. */
 export const MAXIMUM_TEST_PHONE_NUMBERS = 10;
 
-/** The filter interface used for listing provider configurations. */
-export interface AuthProviderConfigFilter {
-  type: 'saml' | 'oidc';
-  maxResults?: number;
-  pageToken?: string;
-}
-
-/** The base Auth provider configuration interface. */
-export interface AuthProviderConfig {
-  providerId: string;
-  displayName?: string;
-  enabled: boolean;
-}
-
-/** The OIDC Auth provider configuration interface. */
-export interface OIDCAuthProviderConfig extends AuthProviderConfig {
-  clientId: string;
-  issuer: string;
-}
-
-/** The SAML Auth provider configuration interface. */
-export interface SAMLAuthProviderConfig extends AuthProviderConfig {
-  idpEntityId: string;
-  ssoURL: string;
-  x509Certificates: string[];
-  rpEntityId: string;
-  callbackURL?: string;
-  enableRequestSigning?: boolean;
-}
-
 /** The server side SAML configuration request interface. */
 export interface SAMLConfigServerRequest {
   idpConfig?: {
@@ -111,107 +89,39 @@ export interface OIDCConfigServerResponse {
   enabled?: boolean;
 }
 
-/** The public API response interface for listing provider configs. */
-export interface ListProviderConfigResults {
-  providerConfigs: AuthProviderConfig[];
-  pageToken?: string;
-}
-
-/** The public API request interface for updating a SAML Auth provider. */
-export interface SAMLUpdateAuthProviderRequest {
-  idpEntityId?: string;
-  ssoURL?: string;
-  x509Certificates?: string[];
-  rpEntityId?: string;
-  callbackURL?: string;
-  enableRequestSigning?: boolean;
-  enabled?: boolean;
-  displayName?: string;
-}
-
-/** The generic request interface for updating/creating a SAML Auth provider. */
-export interface SAMLAuthProviderRequest extends SAMLUpdateAuthProviderRequest {
-  providerId?: string;
-}
-
-/** The public API request interface for updating an OIDC Auth provider. */
-export interface OIDCUpdateAuthProviderRequest {
-  clientId?: string;
-  issuer?: string;
-  enabled?: boolean;
-  displayName?: string;
-}
-
-/** The generic request interface for updating/creating an OIDC Auth provider. */
-export interface OIDCAuthProviderRequest extends OIDCUpdateAuthProviderRequest {
-  providerId?: string;
-}
-
-/** The public API request interface for updating a generic Auth provider. */
-export type UpdateAuthProviderRequest = SAMLUpdateAuthProviderRequest | OIDCUpdateAuthProviderRequest;
-
-/** The email provider configuration interface. */
-export interface EmailSignInProviderConfig {
-  enabled?: boolean;
-  passwordRequired?: boolean; // In the backend API, default is true if not provided
-}
-
 /** The server side email configuration request interface. */
 export interface EmailSignInConfigServerRequest {
   allowPasswordSignup?: boolean;
   enableEmailLinkSignin?: boolean;
 }
 
-/** Identifies the public second factor type. */
-export type AuthFactorType = 'phone';
-
 /** Identifies the server side second factor type. */
-export type AuthFactorServerType = 'PHONE_SMS';
+type AuthFactorServerType = 'PHONE_SMS';
 
 /** Client Auth factor type to server auth factor type mapping. */
-export const AUTH_FACTOR_CLIENT_TO_SERVER_TYPE: {[key: string]: AuthFactorServerType} = {
+const AUTH_FACTOR_CLIENT_TO_SERVER_TYPE: {[key: string]: AuthFactorServerType} = {
   phone: 'PHONE_SMS',
 };
 
 /** Server Auth factor type to client auth factor type mapping. */
-export const AUTH_FACTOR_SERVER_TO_CLIENT_TYPE: {[key: string]: AuthFactorType} =
+const AUTH_FACTOR_SERVER_TO_CLIENT_TYPE: {[key: string]: AuthFactorType} =
   Object.keys(AUTH_FACTOR_CLIENT_TO_SERVER_TYPE)
     .reduce((res: {[key: string]: AuthFactorType}, key) => {
       res[AUTH_FACTOR_CLIENT_TO_SERVER_TYPE[key]] = key as AuthFactorType;
       return res;
     }, {});
 
-/** Identifies a multi-factor configuration state. */
-export type MultiFactorConfigState =  'ENABLED' | 'DISABLED';
-
-/**
- * Public API interface representing a multi-factor configuration.
- */
-export interface MultiFactorConfig {
-  /**
-   * The multi-factor config state.
-   */
-  state: MultiFactorConfigState;
-
-  /**
-   * The list of identifiers for enabled second factors.
-   * Currently only ‘phone’ is supported.
-   */
-  factorIds?: AuthFactorType[];
-}
-
 /** Server side multi-factor configuration. */
 export interface MultiFactorAuthServerConfig {
   state?: MultiFactorConfigState;
   enabledProviders?: AuthFactorServerType[];
 }
 
-
 /**
  * Defines the multi-factor config class used to convert client side MultiFactorConfig
  * to a format that is understood by the Auth server.
  */
-export class MultiFactorAuthConfig implements MultiFactorConfig {
+export class MultiFactorAuthConfig implements MultiFactorConfigInterface {
   public readonly state: MultiFactorConfigState;
   public readonly factorIds: AuthFactorType[];
 
@@ -222,7 +132,7 @@ export class MultiFactorAuthConfig implements MultiFactorConfig {
    * @param options The options object to convert to a server request.
    * @return The resulting server request.
    */
-  public static buildServerRequest(options: MultiFactorConfig): MultiFactorAuthServerConfig {
+  public static buildServerRequest(options: MultiFactorConfigInterface): MultiFactorAuthServerConfig {
     const request: MultiFactorAuthServerConfig = {};
     MultiFactorAuthConfig.validate(options);
     if (Object.prototype.hasOwnProperty.call(options, 'state')) {
@@ -248,7 +158,7 @@ export class MultiFactorAuthConfig implements MultiFactorConfig {
    *
    * @param options The options object to validate.
    */
-  private static validate(options: MultiFactorConfig): void {
+  private static validate(options: MultiFactorConfigInterface): void {
     const validKeys = {
       state: true,
       factorIds: true,
@@ -492,7 +402,7 @@ export class SAMLConfig implements SAMLAuthProviderConfig {
    * @return {?SAMLConfigServerRequest} The resulting server request or null if not valid.
    */
   public static buildServerRequest(
-    options: SAMLAuthProviderRequest,
+    options: Partial<SAMLAuthProviderConfig>,
     ignoreMissingFields = false): SAMLConfigServerRequest | null {
     const makeRequest = validator.isNonNullObject(options) &&
         (options.providerId || ignoreMissingFields);
@@ -509,7 +419,7 @@ export class SAMLConfig implements SAMLAuthProviderConfig {
       request.idpConfig = {
         idpEntityId: options.idpEntityId,
         ssoUrl: options.ssoURL,
-        signRequest: options.enableRequestSigning,
+        signRequest: (options as any).enableRequestSigning,
         idpCertificates: typeof options.x509Certificates === 'undefined' ? undefined : [],
       };
       if (options.x509Certificates) {
@@ -557,7 +467,7 @@ export class SAMLConfig implements SAMLAuthProviderConfig {
    * @param {SAMLAuthProviderRequest} options The options object to validate.
    * @param {boolean=} ignoreMissingFields Whether to ignore missing fields.
    */
-  public static validate(options: SAMLAuthProviderRequest, ignoreMissingFields = false): void {
+  public static validate(options: Partial<SAMLAuthProviderConfig>, ignoreMissingFields = false): void {
     const validKeys = {
       enabled: true,
       displayName: true,
@@ -643,8 +553,8 @@ export class SAMLConfig implements SAMLAuthProviderConfig {
         );
       }
     });
-    if (typeof options.enableRequestSigning !== 'undefined' &&
-        !validator.isBoolean(options.enableRequestSigning)) {
+    if (typeof (options as any).enableRequestSigning !== 'undefined' &&
+        !validator.isBoolean((options as any).enableRequestSigning)) {
       throw new FirebaseAuthError(
         AuthClientErrorCode.INVALID_CONFIG,
         '"SAMLAuthProviderConfig.enableRequestSigning" must be a boolean.',
@@ -714,8 +624,8 @@ export class SAMLConfig implements SAMLAuthProviderConfig {
     this.displayName = response.displayName;
   }
 
-  /** @return {SAMLAuthProviderConfig} The plain object representation of the SAMLConfig. */
-  public toJSON(): SAMLAuthProviderConfig {
+  /** @return The plain object representation of the SAMLConfig. */
+  public toJSON(): object {
     return {
       enabled: this.enabled,
       displayName: this.displayName,
@@ -747,12 +657,12 @@ export class OIDCConfig implements OIDCAuthProviderConfig {
    * Throws an error if validation fails. If the request is not a OIDCConfig request,
    * returns null.
    *
-   * @param {OIDCAuthProviderRequest} options The options object to convert to a server request.
-   * @param {boolean=} ignoreMissingFields Whether to ignore missing fields.
-   * @return {?OIDCConfigServerRequest} The resulting server request or null if not valid.
+   * @param options The options object to convert to a server request.
+   * @param ignoreMissingFields Whether to ignore missing fields.
+   * @return The resulting server request or null if not valid.
    */
   public static buildServerRequest(
-    options: OIDCAuthProviderRequest,
+    options: Partial<OIDCAuthProviderConfig>,
     ignoreMissingFields = false): OIDCConfigServerRequest | null {
     const makeRequest = validator.isNonNullObject(options) &&
         (options.providerId || ignoreMissingFields);
@@ -795,10 +705,10 @@ export class OIDCConfig implements OIDCAuthProviderConfig {
   /**
    * Validates the OIDCConfig options object. Throws an error on failure.
    *
-   * @param {OIDCAuthProviderRequest} options The options object to validate.
-   * @param {boolean=} ignoreMissingFields Whether to ignore missing fields.
+   * @param options The options object to validate.
+   * @param ignoreMissingFields Whether to ignore missing fields.
    */
-  public static validate(options: OIDCAuthProviderRequest, ignoreMissingFields = false): void {
+  public static validate(options: Partial<OIDCAuthProviderConfig>, ignoreMissingFields = false): void {
     const validKeys = {
       enabled: true,
       displayName: true,