Skip to content

Commit

Permalink
Add rCE support for phone MFA enrollment and sign-in (rce-main #2) (#…
Browse files Browse the repository at this point in the history
  • Loading branch information
Xiaoshouzi-gh committed Nov 19, 2024
1 parent a4b6608 commit af1e70b
Show file tree
Hide file tree
Showing 6 changed files with 68 additions and 5 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -199,7 +199,7 @@ import Foundation
}

let recaptchaVerifier = AuthRecaptchaVerifier.shared(auth: auth)
try await recaptchaVerifier.retrieveRecaptchaConfig(forceRefresh: false)
try await recaptchaVerifier.retrieveRecaptchaConfig(forceRefresh: true)

switch recaptchaVerifier.enablementStatus(forProvider: .phone) {
case .off:
Expand Down Expand Up @@ -321,7 +321,7 @@ import Foundation
try await recaptchaVerifier.injectRecaptchaFields(
request: request,
provider: .phone,
action: .startMfaEnrollment
action: .mfaSmsEnrollment
)
let response = try await AuthBackend.call(with: request)
return response.phoneSessionInfo?.sessionInfo
Expand All @@ -333,7 +333,7 @@ import Foundation
try await recaptchaVerifier.injectRecaptchaFields(
request: request,
provider: .phone,
action: .startMfaSignin
action: .mfaSmsSignIn
)
let response = try await AuthBackend.call(with: request)
return response.responseInfo?.sessionInfo
Expand Down
1 change: 1 addition & 0 deletions FirebaseAuth/Sources/Swift/Backend/AuthBackend.swift
Original file line number Diff line number Diff line change
Expand Up @@ -177,6 +177,7 @@ final class AuthBackend: AuthBackendProtocol {
withJSONObject: postBody,
options: JSONWritingOptions
)

if bodyData == nil {
// This is an untested case. This happens exclusively when there is an error in the
// framework implementation of dataWithJSONObject:options:error:. This shouldn't normally
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,18 @@ import Foundation

private let kStartMFAEnrollmentEndPoint = "accounts/mfaEnrollment:start"

/// The key for the "clientType" value in the request.
private let kClientType = "clientType"

/// The key for the reCAPTCHAToken parameter in the request.
private let kreCAPTCHATokenKey = "recaptchaToken"

/// The key for the "captchaResponse" value in the request.
private let kCaptchaResponseKey = "captchaResponse"

/// The key for the "recaptchaVersion" value in the request.
private let kRecaptchaVersion = "recaptchaVersion"

/// The key for the tenant id value in the request.
private let kTenantIDKey = "tenantId"

Expand Down Expand Up @@ -79,4 +91,15 @@ class StartMFAEnrollmentRequest: IdentityToolkitRequest, AuthRPCRequest {
}
return body
}

func injectRecaptchaFields(recaptchaResponse: String?, recaptchaVersion: String) {
// reCAPTCHA check is only available for phone based MFA
if let phoneEnrollmentInfo {
phoneEnrollmentInfo.injectRecaptchaFields(
recaptchaResponse: recaptchaResponse,
recaptchaVersion: recaptchaVersion,
clientType: clientType
)
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -57,4 +57,15 @@ class StartMFASignInRequest: IdentityToolkitRequest, AuthRPCRequest {
}
return body
}

func injectRecaptchaFields(recaptchaResponse: String?, recaptchaVersion: String) {
// reCAPTCHA check is only available for phone based MFA
if let signInInfo {
signInInfo.injectRecaptchaFields(
recaptchaResponse: recaptchaResponse,
recaptchaVersion: recaptchaVersion,
clientType: clientType
)
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -26,13 +26,25 @@ private let kSecretKey = "iosSecret"
/// The key for the reCAPTCHAToken parameter in the request.
private let kreCAPTCHATokenKey = "recaptchaToken"

/// The key for the "captchaResponse" value in the request.
private let kCaptchaResponseKey = "captchaResponse"

/// The key for the "recaptchaVersion" value in the request.
private let kRecaptchaVersion = "recaptchaVersion"

/// The key for the "clientType" value in the request.
private let kClientType = "clientType"

class AuthProtoStartMFAPhoneRequestInfo: NSObject, AuthProto {
required init(dictionary: [String: AnyHashable]) {
fatalError()
}

var phoneNumber: String?
var codeIdentity: CodeIdentity
var captchaResponse: String?
var recaptchaVersion: String?
var clientType: String?
init(phoneNumber: String?, codeIdentity: CodeIdentity) {
self.phoneNumber = phoneNumber
self.codeIdentity = codeIdentity
Expand All @@ -43,6 +55,15 @@ class AuthProtoStartMFAPhoneRequestInfo: NSObject, AuthProto {
if let phoneNumber = phoneNumber {
dict[kPhoneNumberKey] = phoneNumber
}
if let captchaResponse = captchaResponse {
dict[kCaptchaResponseKey] = captchaResponse
}
if let recaptchaVersion = recaptchaVersion {
dict[kRecaptchaVersion] = recaptchaVersion
}
if let clientType = clientType {
dict[kClientType] = clientType
}
switch codeIdentity {
case let .credential(appCredential):
dict[kReceiptKey] = appCredential.receipt
Expand All @@ -54,4 +75,11 @@ class AuthProtoStartMFAPhoneRequestInfo: NSObject, AuthProto {
}
return dict
}

func injectRecaptchaFields(recaptchaResponse: String?, recaptchaVersion: String,
clientType: String?) {
captchaResponse = recaptchaResponse
self.recaptchaVersion = recaptchaVersion
self.clientType = clientType
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -59,8 +59,8 @@
case getOobCode
case signUpPassword
case sendVerificationCode
case startMfaSignin
case startMfaEnrollment
case mfaSmsSignIn
case mfaSmsEnrollment

// Convenience property for mapping values
var stringValue: String { rawValue }
Expand Down

0 comments on commit af1e70b

Please sign in to comment.