Add enableAnonymousUser param to CreateTenant and UpdateTenant (#412)

* Add enableAnonymousUser param to CreateTenant and UpdateTenant

Author: sonatard

auth/auth.go

@@ -144,10 +144,10 @@ func NewClient(ctx context.Context, conf *internal.AuthConfig) (*Client, error)
 		baseURL = fmt.Sprintf("http://%s/identitytoolkit.googleapis.com", authEmulatorHost)
 	}
 	idToolkitV1Endpoint := fmt.Sprintf("%s/v1", baseURL)
-	idToolkitV2Beta1Endpoint := fmt.Sprintf("%s/v2beta1", baseURL)
+	idToolkitV2Endpoint := fmt.Sprintf("%s/v2", baseURL)
 	userManagementEndpoint := idToolkitV1Endpoint
-	providerConfigEndpoint := idToolkitV2Beta1Endpoint
-	tenantMgtEndpoint := idToolkitV2Beta1Endpoint
+	providerConfigEndpoint := idToolkitV2Endpoint
+	tenantMgtEndpoint := idToolkitV2Endpoint
 
 	base := &baseClient{
 		userManagementEndpoint: userManagementEndpoint,

auth/auth_test.go

@@ -36,11 +36,11 @@ import (
 )
 
 const (
-	credEnvVar                      = "GOOGLE_APPLICATION_CREDENTIALS"
-	testProjectID                   = "mock-project-id"
-	testVersion                     = "test-version"
-	defaultIDToolkitV1Endpoint      = "https://identitytoolkit.googleapis.com/v1"
-	defaultIDToolkitV2Beta1Endpoint = "https://identitytoolkit.googleapis.com/v2beta1"
+	credEnvVar                 = "GOOGLE_APPLICATION_CREDENTIALS"
+	testProjectID              = "mock-project-id"
+	testVersion                = "test-version"
+	defaultIDToolkitV1Endpoint = "https://identitytoolkit.googleapis.com/v1"
+	defaultIDToolkitV2Endpoint = "https://identitytoolkit.googleapis.com/v2"
 )
 
 var (
@@ -291,7 +291,7 @@ func TestNewClientExplicitNoAuth(t *testing.T) {
 func TestNewClientEmulatorHostEnvVar(t *testing.T) {
 	emulatorHost := "localhost:9099"
 	idToolkitV1Endpoint := "http://localhost:9099/identitytoolkit.googleapis.com/v1"
-	idToolkitV2Beta1Endpoint := "http://localhost:9099/identitytoolkit.googleapis.com/v2beta1"
+	idToolkitV2Endpoint := "http://localhost:9099/identitytoolkit.googleapis.com/v2"
 
 	os.Setenv(emulatorHostEnvVar, emulatorHost)
 	defer os.Unsetenv(emulatorHostEnvVar)
@@ -305,11 +305,11 @@ func TestNewClientEmulatorHostEnvVar(t *testing.T) {
 	if baseClient.userManagementEndpoint != idToolkitV1Endpoint {
 		t.Errorf("baseClient.userManagementEndpoint = %q; want = %q", baseClient.userManagementEndpoint, idToolkitV1Endpoint)
 	}
-	if baseClient.providerConfigEndpoint != idToolkitV2Beta1Endpoint {
-		t.Errorf("baseClient.providerConfigEndpoint = %q; want = %q", baseClient.providerConfigEndpoint, idToolkitV2Beta1Endpoint)
+	if baseClient.providerConfigEndpoint != idToolkitV2Endpoint {
+		t.Errorf("baseClient.providerConfigEndpoint = %q; want = %q", baseClient.providerConfigEndpoint, idToolkitV2Endpoint)
 	}
-	if baseClient.tenantMgtEndpoint != idToolkitV2Beta1Endpoint {
-		t.Errorf("baseClient.tenantMgtEndpoint = %q; want = %q", baseClient.tenantMgtEndpoint, idToolkitV2Beta1Endpoint)
+	if baseClient.tenantMgtEndpoint != idToolkitV2Endpoint {
+		t.Errorf("baseClient.tenantMgtEndpoint = %q; want = %q", baseClient.tenantMgtEndpoint, idToolkitV2Endpoint)
 	}
 	if _, ok := baseClient.signer.(emulatedSigner); !ok {
 		t.Errorf("baseClient.signer = %#v; want = %#v", baseClient.signer, emulatedSigner{})
@@ -1427,11 +1427,11 @@ func checkBaseClient(client *Client, wantProjectID string) error {
 	if baseClient.userManagementEndpoint != defaultIDToolkitV1Endpoint {
 		return fmt.Errorf("userManagementEndpoint = %q; want = %q", baseClient.userManagementEndpoint, defaultIDToolkitV1Endpoint)
 	}
-	if baseClient.providerConfigEndpoint != defaultIDToolkitV2Beta1Endpoint {
-		return fmt.Errorf("providerConfigEndpoint = %q; want = %q", baseClient.providerConfigEndpoint, defaultIDToolkitV2Beta1Endpoint)
+	if baseClient.providerConfigEndpoint != defaultIDToolkitV2Endpoint {
+		return fmt.Errorf("providerConfigEndpoint = %q; want = %q", baseClient.providerConfigEndpoint, defaultIDToolkitV2Endpoint)
 	}
-	if baseClient.tenantMgtEndpoint != defaultIDToolkitV2Beta1Endpoint {
-		return fmt.Errorf("providerConfigEndpoint = %q; want = %q", baseClient.providerConfigEndpoint, defaultIDToolkitV2Beta1Endpoint)
+	if baseClient.tenantMgtEndpoint != defaultIDToolkitV2Endpoint {
+		return fmt.Errorf("providerConfigEndpoint = %q; want = %q", baseClient.providerConfigEndpoint, defaultIDToolkitV2Endpoint)
 	}
 	if baseClient.projectID != wantProjectID {
 		return fmt.Errorf("projectID = %q; want = %q", baseClient.projectID, wantProjectID)

auth/tenant_mgt.go

@@ -47,6 +47,7 @@ type Tenant struct {
 	DisplayName           string `json:"displayName"`
 	AllowPasswordSignUp   bool   `json:"allowPasswordSignup"`
 	EnableEmailLinkSignIn bool   `json:"enableEmailLinkSignin"`
+	EnableAnonymousUsers  bool   `json:"enableAnonymousUser"`
 }
 
 // TenantClient is used for managing users, configuring SAML/OIDC providers, and generating email
@@ -216,6 +217,7 @@ const (
 	tenantDisplayNameKey     = "displayName"
 	allowPasswordSignUpKey   = "allowPasswordSignup"
 	enableEmailLinkSignInKey = "enableEmailLinkSignin"
+	enableAnonymousUser      = "enableAnonymousUser"
 )
 
 // TenantToCreate represents the options used to create a new tenant.
@@ -240,6 +242,11 @@ func (t *TenantToCreate) EnableEmailLinkSignIn(enable bool) *TenantToCreate {
 	return t.set(enableEmailLinkSignInKey, enable)
 }
 
+// EnableAnonymousUsers enables or disables anonymous authentication.
+func (t *TenantToCreate) EnableAnonymousUsers(enable bool) *TenantToCreate {
+	return t.set(enableAnonymousUser, enable)
+}
+
 func (t *TenantToCreate) set(key string, value interface{}) *TenantToCreate {
 	t.ensureParams().Set(key, value)
 	return t
@@ -275,6 +282,11 @@ func (t *TenantToUpdate) EnableEmailLinkSignIn(enable bool) *TenantToUpdate {
 	return t.set(enableEmailLinkSignInKey, enable)
 }
 
+// EnableAnonymousUsers enables or disables anonymous authentication.
+func (t *TenantToUpdate) EnableAnonymousUsers(enable bool) *TenantToUpdate {
+	return t.set(enableAnonymousUser, enable)
+}
+
 func (t *TenantToUpdate) set(key string, value interface{}) *TenantToUpdate {
 	if t.params == nil {
 		t.params = make(nestedMap)

auth/tenant_mgt_test.go

@@ -1084,14 +1084,16 @@ const tenantResponse = `{
     "name":"projects/mock-project-id/tenants/tenantID",
     "displayName": "Test Tenant",
     "allowPasswordSignup": true,
-    "enableEmailLinkSignin": true
+    "enableEmailLinkSignin": true,
+    "enableAnonymousUser": true
 }`
 
 const tenantResponse2 = `{
     "name":"projects/mock-project-id/tenants/tenantID2",
     "displayName": "Test Tenant 2",
     "allowPasswordSignup": true,
-    "enableEmailLinkSignin": true
+    "enableEmailLinkSignin": true,
+    "enableAnonymousUser": true
 }`
 
 const tenantNotFoundResponse = `{
@@ -1105,13 +1107,15 @@ var testTenant = &Tenant{
 	DisplayName:           "Test Tenant",
 	AllowPasswordSignUp:   true,
 	EnableEmailLinkSignIn: true,
+	EnableAnonymousUsers:  true,
 }
 
 var testTenant2 = &Tenant{
 	ID:                    "tenantID2",
 	DisplayName:           "Test Tenant 2",
 	AllowPasswordSignUp:   true,
 	EnableEmailLinkSignIn: true,
+	EnableAnonymousUsers:  true,
 }
 
 func TestTenant(t *testing.T) {
@@ -1177,7 +1181,8 @@ func TestCreateTenant(t *testing.T) {
 	options := (&TenantToCreate{}).
 		DisplayName(testTenant.DisplayName).
 		AllowPasswordSignUp(testTenant.AllowPasswordSignUp).
-		EnableEmailLinkSignIn(testTenant.EnableEmailLinkSignIn)
+		EnableEmailLinkSignIn(testTenant.EnableEmailLinkSignIn).
+		EnableAnonymousUsers(testTenant.EnableAnonymousUsers)
 	tenant, err := client.TenantManager.CreateTenant(context.Background(), options)
 	if err != nil {
 		t.Fatal(err)
@@ -1191,6 +1196,7 @@ func TestCreateTenant(t *testing.T) {
 		"displayName":           testTenant.DisplayName,
 		"allowPasswordSignup":   testTenant.AllowPasswordSignUp,
 		"enableEmailLinkSignin": testTenant.EnableEmailLinkSignIn,
+		"enableAnonymousUser":   testTenant.EnableAnonymousUsers,
 	}
 	if err := checkCreateTenantRequest(s, wantBody); err != nil {
 		t.Fatal(err)
@@ -1225,7 +1231,8 @@ func TestCreateTenantZeroValues(t *testing.T) {
 	options := (&TenantToCreate{}).
 		DisplayName("").
 		AllowPasswordSignUp(false).
-		EnableEmailLinkSignIn(false)
+		EnableEmailLinkSignIn(false).
+		EnableAnonymousUsers(false)
 	tenant, err := client.TenantManager.CreateTenant(context.Background(), options)
 	if err != nil {
 		t.Fatal(err)
@@ -1239,6 +1246,7 @@ func TestCreateTenantZeroValues(t *testing.T) {
 		"displayName":           "",
 		"allowPasswordSignup":   false,
 		"enableEmailLinkSignin": false,
+		"enableAnonymousUser":   false,
 	}
 	if err := checkCreateTenantRequest(s, wantBody); err != nil {
 		t.Fatal(err)
@@ -1274,7 +1282,8 @@ func TestUpdateTenant(t *testing.T) {
 	options := (&TenantToUpdate{}).
 		DisplayName(testTenant.DisplayName).
 		AllowPasswordSignUp(testTenant.AllowPasswordSignUp).
-		EnableEmailLinkSignIn(testTenant.EnableEmailLinkSignIn)
+		EnableEmailLinkSignIn(testTenant.EnableEmailLinkSignIn).
+		EnableAnonymousUsers(testTenant.EnableAnonymousUsers)
 	tenant, err := client.TenantManager.UpdateTenant(context.Background(), "tenantID", options)
 	if err != nil {
 		t.Fatal(err)
@@ -1288,8 +1297,9 @@ func TestUpdateTenant(t *testing.T) {
 		"displayName":           testTenant.DisplayName,
 		"allowPasswordSignup":   testTenant.AllowPasswordSignUp,
 		"enableEmailLinkSignin": testTenant.EnableEmailLinkSignIn,
+		"enableAnonymousUser":   testTenant.EnableAnonymousUsers,
 	}
-	wantMask := []string{"allowPasswordSignup", "displayName", "enableEmailLinkSignin"}
+	wantMask := []string{"allowPasswordSignup", "displayName", "enableAnonymousUser", "enableEmailLinkSignin"}
 	if err := checkUpdateTenantRequest(s, wantBody, wantMask); err != nil {
 		t.Fatal(err)
 	}
@@ -1327,7 +1337,8 @@ func TestUpdateTenantZeroValues(t *testing.T) {
 	options := (&TenantToUpdate{}).
 		DisplayName("").
 		AllowPasswordSignUp(false).
-		EnableEmailLinkSignIn(false)
+		EnableEmailLinkSignIn(false).
+		EnableAnonymousUsers(false)
 	tenant, err := client.TenantManager.UpdateTenant(context.Background(), "tenantID", options)
 	if err != nil {
 		t.Fatal(err)
@@ -1341,8 +1352,9 @@ func TestUpdateTenantZeroValues(t *testing.T) {
 		"displayName":           "",
 		"allowPasswordSignup":   false,
 		"enableEmailLinkSignin": false,
+		"enableAnonymousUser":   false,
 	}
-	wantMask := []string{"allowPasswordSignup", "displayName", "enableEmailLinkSignin"}
+	wantMask := []string{"allowPasswordSignup", "displayName", "enableAnonymousUser", "enableEmailLinkSignin"}
 	if err := checkUpdateTenantRequest(s, wantBody, wantMask); err != nil {
 		t.Fatal(err)
 	}

integration/auth/tenant_mgt_test.go

@@ -31,12 +31,14 @@ func TestTenantManager(t *testing.T) {
 		DisplayName:           "admin-go-tenant",
 		AllowPasswordSignUp:   true,
 		EnableEmailLinkSignIn: true,
+		EnableAnonymousUsers:  true,
 	}
 
 	req := (&auth.TenantToCreate{}).
 		DisplayName("admin-go-tenant").
 		AllowPasswordSignUp(true).
-		EnableEmailLinkSignIn(true)
+		EnableEmailLinkSignIn(true).
+		EnableAnonymousUsers(true)
 	created, err := client.TenantManager.CreateTenant(context.Background(), req)
 	if err != nil {
 		t.Fatalf("CreateTenant() = %v", err)
@@ -129,11 +131,13 @@ func TestTenantManager(t *testing.T) {
 			DisplayName:           "updated-go-tenant",
 			AllowPasswordSignUp:   false,
 			EnableEmailLinkSignIn: false,
+			EnableAnonymousUsers:  false,
 		}
 		req := (&auth.TenantToUpdate{}).
 			DisplayName("updated-go-tenant").
 			AllowPasswordSignUp(false).
-			EnableEmailLinkSignIn(false)
+			EnableEmailLinkSignIn(false).
+			EnableAnonymousUsers(false)
 		tenant, err := client.TenantManager.UpdateTenant(context.Background(), id, req)
 		if err != nil {
 			t.Fatalf("UpdateTenant() = %v", err)