Allow enabling of anonymous provider via tenant configuration

Author: rsgowman

src/auth/tenant.ts

@@ -24,11 +24,13 @@ import {
 export interface TenantOptions {
   displayName?: string;
   emailSignInConfig?: EmailSignInProviderConfig;
+  anonymousSignInEnabled?: boolean;
 }
 
 /** The corresponding server side representation of a TenantOptions object. */
 export interface TenantOptionsServerRequest extends EmailSignInConfigServerRequest {
   displayName?: string;
+  enableAnonymousUser?: boolean;
 }
 
 /** The tenant server response interface. */
@@ -37,6 +39,7 @@ export interface TenantServerResponse {
   displayName?: string;
   allowPasswordSignup?: boolean;
   enableEmailLinkSignin?: boolean;
+  enableAnonymousUser?: boolean;
 }
 
 /** The interface representing the listTenant API response. */
@@ -53,6 +56,7 @@ export class Tenant {
   public readonly tenantId: string;
   public readonly displayName?: string;
   public readonly emailSignInConfig?: EmailSignInConfig;
+  public readonly anonymousSignInEnabled?: boolean;
 
   /**
    * Builds the corresponding server request for a TenantOptions object.
@@ -71,6 +75,9 @@ export class Tenant {
     if (typeof tenantOptions.displayName !== 'undefined') {
       request.displayName = tenantOptions.displayName;
     }
+    if (typeof tenantOptions.anonymousSignInEnabled !== 'undefined') {
+      request.enableAnonymousUser = tenantOptions.anonymousSignInEnabled;
+    }
     return request;
   }
 
@@ -99,6 +106,7 @@ export class Tenant {
     const validKeys = {
       displayName: true,
       emailSignInConfig: true,
+      anonymousSignInEnabled: true,
     };
     const label = createRequest ? 'CreateTenantRequest' : 'UpdateTenantRequest';
     if (!validator.isNonNullObject(request)) {
@@ -155,6 +163,7 @@ export class Tenant {
         allowPasswordSignup: false,
       });
     }
+    this.anonymousSignInEnabled = !!response.enableAnonymousUser;
   }
 
   /** @return {object} The plain object representation of the tenant. */
@@ -163,6 +172,7 @@ export class Tenant {
       tenantId: this.tenantId,
       displayName: this.displayName,
       emailSignInConfig: this.emailSignInConfig && this.emailSignInConfig.toJSON(),
+      anonymousSignInEnabled: this.anonymousSignInEnabled,
     };
   }
 }

src/index.d.ts

@@ -1150,6 +1150,11 @@ declare namespace admin.auth {
       passwordRequired?: boolean;
     };
 
+    /**
+     * Whether anonymous provider is enabled.
+     */
+    anonymousSignInEnabled?: boolean;
+
     /**
      * @return A JSON-serializable representation of this object.
      */
@@ -1182,6 +1187,11 @@ declare namespace admin.auth {
        */
       passwordRequired?: boolean;
     };
+
+    /**
+     * Whether anonymous provider is enabled.
+     */
+    anonymousSignInEnabled?: boolean;
   }
 
   /**

test/integration/auth.spec.ts

@@ -510,20 +510,23 @@ describe('admin.auth', () => {
         enabled: true,
         passwordRequired: true,
       },
+      anonymousSignInEnabled: false,
     };
     const expectedUpdatedTenant: any = {
       displayName: 'testTenantUpdated',
       emailSignInConfig: {
         enabled: false,
         passwordRequired: true,
       },
+      anonymousSignInEnabled: false,
     };
     const expectedUpdatedTenant2: any = {
       displayName: 'testTenantUpdated',
       emailSignInConfig: {
         enabled: true,
         passwordRequired: false,
       },
+      anonymousSignInEnabled: false,
     };
 
     // https://mochajs.org/
@@ -562,6 +565,20 @@ describe('admin.auth', () => {
         });
     });
 
+    it('createTenant() can enable anonymous users', async () => {
+      const tenant = await admin.auth().tenantManager().createTenant({
+        displayName: 'testTenantWithAnon',
+        emailSignInConfig: {
+          enabled: false,
+          passwordRequired: true,
+        },
+        anonymousSignInEnabled: true,
+      });
+      createdTenants.push(tenant.tenantId);
+
+      expect(tenant.anonymousSignInEnabled).to.be.true;
+    });
+
     // Sanity check user management + email link generation + custom attribute APIs.
     // TODO: Confirm behavior in client SDK when it starts supporting it.
     describe('supports user management, email link generation, custom attribute and token revocation APIs', () => {
@@ -900,6 +917,25 @@ describe('admin.auth', () => {
         });
     });
 
+    it('updateTenant() should be able to enable/disable anon provider', async () => {
+      const tenantManager = admin.auth().tenantManager();
+      let tenant = await tenantManager.createTenant({
+        displayName: 'testTenantUpdateAnon',
+      });
+      createdTenants.push(tenant.tenantId);
+      expect(tenant.anonymousSignInEnabled).to.be.false;
+
+      tenant = await tenantManager.updateTenant(tenant.tenantId, {
+        anonymousSignInEnabled: true,
+      });
+      expect(tenant.anonymousSignInEnabled).to.be.true;
+
+      tenant = await tenantManager.updateTenant(tenant.tenantId, {
+        anonymousSignInEnabled: false,
+      });
+      expect(tenant.anonymousSignInEnabled).to.be.false;
+    });
+
     it('listTenants() should resolve with expected number of tenants', () => {
       const allTenantIds: string[] = [];
       const tenantOptions2 = deepCopy(tenantOptions);

test/unit/auth/tenant-manager.spec.ts

@@ -47,6 +47,7 @@ describe('TenantManager', () => {
     displayName: 'TENANT-DISPLAY-NAME',
     allowPasswordSignup: true,
     enableEmailLinkSignin: false,
+    enableAnonymousUser: true,
   };
 
   before(() => {
@@ -383,6 +384,7 @@ describe('TenantManager', () => {
         enabled: true,
         passwordRequired: true,
       },
+      anonymousSignInEnabled: true,
     };
     const expectedTenant = new Tenant(GET_TENANT_RESPONSE);
     const expectedError = new FirebaseAuthError(
@@ -475,6 +477,7 @@ describe('TenantManager', () => {
         enabled: true,
         passwordRequired: true,
       },
+      anonymousSignInEnabled: true,
     };
     const expectedTenant = new Tenant(GET_TENANT_RESPONSE);
     const expectedError = new FirebaseAuthError(

test/unit/auth/tenant.spec.ts

@@ -233,6 +233,7 @@ describe('Tenant', () => {
           enabled: true,
           passwordRequired: false,
         },
+        anonymousSignInEnabled: false,
       });
     });
   });