Merge 70d6f9b into 1aa8468

Author: mansisampat

packages/auth/demo/public/index.html

@@ -170,6 +170,13 @@
                 Action Code Settings
               </a>
             </li>
+            <li role="presentation">
+              <a href="#tab-byo-ciam-content"
+                 aria-controls="tab-byo-ciam-content"
+                 data-toggle="tab" role="tab">
+                BYO-CIAM methods
+              </a>
+            </li>
             <li role="presentation" class="visible-xs">
               <a href="#logs-section"
                  aria-controls="logs-section"
@@ -844,6 +851,16 @@
                         id="action-code-settings-reset">Reset</button>
               </form>
             </div>
+            <div class="tab-pane" id="tab-byo-ciam-content">
+              <h2>Sign in with your CIAM token</h2>
+              <input type="text" id="byo-ciam-token"
+                     class="form-control" placeholder="Enter CIAM token" />
+              <button class="btn btn-block btn-primary"
+                  id="exchange-token">
+                Exchange Token
+              </button>
+              <pre id="byo-ciam-result"></pre>
+            </div>
             <div class="tab-pane" id="logs-section">
               <pre class="well logs"></pre>
               <button class="btn btn-xs btn-default pull-right clear-logs">

packages/auth/demo/src/index.js

@@ -74,7 +74,8 @@ import {
   connectAuthEmulator,
   initializeRecaptchaConfig,
   validatePassword,
-  revokeAccessToken
+  revokeAccessToken,
+  exchangeToken
 } from '@firebase/auth';
 
 import { config } from './config';
@@ -95,6 +96,7 @@ const AUTH_EMULATOR_URL = 'http://localhost:9099';
 
 let app = null;
 let auth = null;
+let regionalAuth = null;
 let currentTab = null;
 let lastUser = null;
 let applicationVerifier = null;
@@ -1506,6 +1508,24 @@ function onFinalizeSignInWithTotpMultiFactor(event) {
   }, onAuthError);
 }
 
+function onExchangeToken(event) {
+  event.preventDefault();
+  const byoCiamInput = document.getElementById("byo-ciam-token");
+  const byoCiamSubmit = document.getElementById("byo-ciam-submit");
+  const byoCiamResult = document.getElementById("byo-ciam-result");
+
+  byoCiamResult.textContent = "Exchanging token...";
+
+  exchangeCIAMToken(byoCiamInput.value)
+  .then((response) => {
+    byoCiamResult.textContent = response.accessToken;
+    console.log("Token:", response);
+  })
+  .catch((error) => {
+    console.error("Error exchanging token:", error);
+  });
+}
+
 /**
  * Adds a new row to insert an OAuth custom parameter key/value pair.
  * @param {!jQuery.Event} _event The jQuery event object.
@@ -1795,6 +1815,14 @@ function revokeAppleTokenAndDeleteUser() {
   });
 }
 
+async function exchangeCIAMToken(token) {
+  const firebaseToken = await exchangeToken(
+    regaionalAuth,
+    idpConfigId = "Bar-e2e-idpconfig-002",
+    token)
+  return firebaseToken;
+}
+
 /**
  * Gets a specific query parameter from the current URL.
  * @param {string} name Name of the parameter.
@@ -2047,6 +2075,20 @@ function initApp() {
   log('Initializing app...');
   app = initializeApp(config);
   auth = getAuth(app);
+  let tenantConfig = {
+    "location": "global",
+    "tenantId": "Foo-e2e-tenant-001"
+  };
+  const regionalApp = initializeApp(
+    config,
+    `${auth.name}-rgcip`
+  );
+
+  regaionalAuth = initializeAuth(regionalApp, {
+    persistence: inMemoryPersistence,
+    popupRedirectResolver: browserPopupRedirectResolver,
+    tenantConfig: tenantConfig
+  });
   if (USE_AUTH_EMULATOR) {
     connectAuthEmulator(auth, AUTH_EMULATOR_URL);
   }
@@ -2379,6 +2421,10 @@ function initApp() {
     onFinalizeSignInWithTotpMultiFactor
   );
 
+  $('#exchange-token').click(
+    onExchangeToken
+  );
+
   // Starts multi-factor enrollment with phone number.
   $('#enroll-mfa-verify-phone-number').click(onStartEnrollWithPhoneMultiFactor);
   // Completes multi-factor enrollment with supplied SMS code.

packages/auth/src/api/authentication/exchange_token.test.ts

@@ -37,7 +37,8 @@ describe('api/authentication/exchange_token', () => {
   let regionalAuth: TestAuth;
   const request = {
     parent: 'test-parent',
-    token: 'custom-token'
+    // eslint-disable-next-line camelcase
+    id_token: 'custom-token'
   };
 
   beforeEach(async () => {
@@ -52,6 +53,7 @@ describe('api/authentication/exchange_token', () => {
     const mock = mockRegionalEndpointWithParent(
       RegionalEndpoint.EXCHANGE_TOKEN,
       'test-parent',
+      'test-api-key',
       { accessToken: 'outbound-token', expiresIn: '1000' }
     );
 
@@ -60,7 +62,8 @@ describe('api/authentication/exchange_token', () => {
     expect(response.expiresIn).equal('1000');
     expect(mock.calls[0].request).to.eql({
       parent: 'test-parent',
-      token: 'custom-token'
+      // eslint-disable-next-line camelcase
+      id_token: 'custom-token'
     });
     expect(mock.calls[0].method).to.eq('POST');
     expect(mock.calls[0].headers!.get(HttpHeader.CONTENT_TYPE)).to.eq(
@@ -79,6 +82,7 @@ describe('api/authentication/exchange_token', () => {
     const mock = mockRegionalEndpointWithParent(
       RegionalEndpoint.EXCHANGE_TOKEN,
       'test-parent',
+      'test-api-key',
       {
         error: {
           code: 400,

packages/auth/src/api/authentication/exchange_token.ts

@@ -23,7 +23,7 @@ import { Auth } from '../../model/public_types';
 
 export interface ExchangeTokenRequest {
   parent: string;
-  token: string;
+  id_token: string;
 }
 
 export interface ExchangeTokenResponse {

packages/auth/src/api/index.test.ts

@@ -652,6 +652,7 @@ describe('api/_performRegionalApiRequest', () => {
       const mock = mockRegionalEndpointWithParent(
         RegionalEndpoint.EXCHANGE_TOKEN,
         'test-parent',
+        'test-api-key',
         serverResponse
       );
       const response = await _performRegionalApiRequest<
@@ -689,6 +690,7 @@ describe('api/_performRegionalApiRequest', () => {
       const mock = mockRegionalEndpointWithParent(
         RegionalEndpoint.EXCHANGE_TOKEN,
         'test-parent',
+        'test-api-key',
         serverResponse
       );
       await _performRegionalApiRequest<typeof request, typeof serverResponse>(

packages/auth/src/api/index.ts

@@ -168,17 +168,12 @@ async function performApiRequest<T, V>(
       }
     }
 
-    let queryParamString: string;
-    if (isRegionalAuthInitialized(auth)) {
-      queryParamString = querystring({
-        ...params
-      }).slice(1);
-    } else {
-      queryParamString = querystring({
+    const queryParamString = querystring({
         key: auth.config.apiKey,
         ...params
       }).slice(1);
-    }
+    console.log("here");
+    console.log(queryParamString);
 
     const headers = await (auth as AuthInternal)._getAdditionalHeaders();
     headers[HttpHeader.CONTENT_TYPE] = 'application/json';

packages/auth/src/core/auth/auth_impl.ts

@@ -95,7 +95,7 @@ export const enum DefaultConfig {
   API_HOST = 'identitytoolkit.googleapis.com',
   API_SCHEME = 'https',
   // TODO(sammansi): Update the endpoint before BYO-CIAM Private Preview Release.
-  REGIONAL_API_HOST = 'identityplatform.googleapis.com/v2alpha/'
+  REGIONAL_API_HOST = 'autopush-identityplatform.sandbox.googleapis.com/v2alpha/'
 }
 
 export class AuthImpl implements AuthInternal, _FirebaseService {

packages/auth/src/core/strategies/exchange_token.test.ts

@@ -52,6 +52,7 @@ describe('core/strategies/exchangeToken', () => {
     const mock = mockRegionalEndpointWithParent(
       RegionalEndpoint.EXCHANGE_TOKEN,
       'projects/test-project-id/locations/us/tenants/tenant-1/idpConfigs/idp-config',
+      'test-api-key',
       { accessToken: 'outbound-token', expiresIn: 10 }
     );
 
@@ -64,7 +65,8 @@ describe('core/strategies/exchangeToken', () => {
     expect(mock.calls[0].request).to.eql({
       parent:
         'projects/test-project-id/locations/us/tenants/tenant-1/idpConfigs/idp-config',
-      token: 'custom-token'
+      // eslint-disable-next-line camelcase
+      id_token: 'custom-token'
     });
     expect(mock.calls[0].method).to.eq('POST');
     expect(mock.calls[0].headers!.get(HttpHeader.CONTENT_TYPE)).to.eq(
@@ -87,6 +89,7 @@ describe('core/strategies/exchangeToken', () => {
     const mock = mockRegionalEndpointWithParent(
       RegionalEndpoint.EXCHANGE_TOKEN,
       'projects/test-project-id/locations/us/tenants/tenant-1/idpConfigs/idp-config',
+      'test-api-key',
       {
         error: {
           code: 400,
@@ -107,7 +110,8 @@ describe('core/strategies/exchangeToken', () => {
     expect(mock.calls[0].request).to.eql({
       parent:
         'projects/test-project-id/locations/us/tenants/tenant-1/idpConfigs/idp-config',
-      token: 'custom-token'
+      // eslint-disable-next-line camelcase
+      id_token: 'custom-token'
     });
     expect(mock.calls[0].method).to.eq('POST');
     expect(mock.calls[0].headers!.get(HttpHeader.CONTENT_TYPE)).to.eq(

packages/auth/src/core/strategies/exhange_token.ts

@@ -52,7 +52,8 @@ export async function exchangeToken(
   const authInternal = _castAuth(auth);
   const token = await getToken(authInternal, {
     parent: buildParent(auth, idpConfigId),
-    token: customToken
+    // eslint-disable-next-line camelcase
+    id_token: customToken
   });
   if (token) {
     await authInternal._updateFirebaseToken({

packages/auth/test/helpers/api/helper.ts

@@ -59,10 +59,12 @@ export function mockEndpointWithParams(
 export function mockRegionalEndpointWithParent(
   endpoint: RegionalEndpoint,
   parent: string,
+  key: string,
   response: object,
   status = 200
 ): Route {
-  const url = `${TEST_SCHEME}://${TEST_HOST}${parent}${endpoint}`;
-  console.log('here ', url);
+  let url = `${TEST_SCHEME}://${TEST_HOST}${parent}${endpoint}`;
+  url += "?key=";
+  url += key;
   return mock(url, response, status);
 }