From 011c796cf999dca1fe983417ef1fa80fe59af050 Mon Sep 17 00:00:00 2001 From: a-maurice Date: Tue, 12 Dec 2023 10:44:13 -0800 Subject: [PATCH 1/7] Fix issue with linking email to anonymous accounts --- auth/CMakeLists.txt | 1 + auth/src/desktop/rpcs/sign_up_request.cc | 62 ++++++++++++++++++++++++ auth/src/desktop/rpcs/sign_up_request.h | 57 ++++++++++++++++++++++ auth/src/desktop/user_desktop.cc | 47 ++++++++++++++++-- release_build_files/readme.md | 3 ++ 5 files changed, 166 insertions(+), 4 deletions(-) create mode 100644 auth/src/desktop/rpcs/sign_up_request.cc create mode 100644 auth/src/desktop/rpcs/sign_up_request.h diff --git a/auth/CMakeLists.txt b/auth/CMakeLists.txt index 2dc7c4e255..5ffbc2ec71 100644 --- a/auth/CMakeLists.txt +++ b/auth/CMakeLists.txt @@ -126,6 +126,7 @@ set(desktop_SRCS src/desktop/rpcs/reset_password_request.cc src/desktop/rpcs/secure_token_request.cc src/desktop/rpcs/set_account_info_request.cc + src/desktop/rpcs/sign_up_request.cc src/desktop/rpcs/sign_up_new_user_request.cc src/desktop/rpcs/verify_assertion_request.cc src/desktop/rpcs/verify_custom_token_request.cc diff --git a/auth/src/desktop/rpcs/sign_up_request.cc b/auth/src/desktop/rpcs/sign_up_request.cc new file mode 100644 index 0000000000..34b4fc63d3 --- /dev/null +++ b/auth/src/desktop/rpcs/sign_up_request.cc @@ -0,0 +1,62 @@ +/* + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "auth/src/desktop/rpcs/sign_up_request.h" + +#include + +#include "app/src/assert.h" +#include "app/src/include/firebase/app.h" + +namespace firebase { +namespace auth { + +SignUpRequest::SignUpRequest(::firebase::App& app, const char* api_key) + : AuthRequest(app, request_resource_data, true) { + FIREBASE_ASSERT_RETURN_VOID(api_key); + + std::string url( + "https://identitytoolkit.googleapis.com/v1/accounts:signUp?key="); + url.append(api_key); + set_url(url.c_str()); + + application_data_->returnSecureToken = true; +} + +std::unique_ptr +SignUpRequest::CreateLinkWithEmailAndPasswordRequest(::firebase::App& app, + const char* api_key, + const char* email, + const char* password) { + auto request = + std::unique_ptr(new SignUpRequest(app, api_key)); + + if (email) { + request->application_data_->email = email; + } else { + LogError("No email given"); + } + if (password) { + request->application_data_->password = password; + } else { + LogError("No password given"); + } + request->UpdatePostFields(); + return request; +} + +} // namespace auth +} // namespace firebase diff --git a/auth/src/desktop/rpcs/sign_up_request.h b/auth/src/desktop/rpcs/sign_up_request.h new file mode 100644 index 0000000000..3d6acdbb89 --- /dev/null +++ b/auth/src/desktop/rpcs/sign_up_request.h @@ -0,0 +1,57 @@ +/* + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef FIREBASE_AUTH_SRC_DESKTOP_RPCS_SIGN_UP_REQUEST_H_ +#define FIREBASE_AUTH_SRC_DESKTOP_RPCS_SIGN_UP_REQUEST_H_ + +#include "app/src/include/firebase/app.h" +#include "auth/request_generated.h" +#include "auth/request_resource.h" +#include "auth/src/desktop/rpcs/auth_request.h" + +namespace firebase { +namespace auth { + +// Represents the request payload for the signUp HTTP API. Use this to +// upgrade anonymous accounts with email and password. The full specification of +// the HTTP API can be found at +// https://cloud.google.com/identity-platform/docs/reference/rest/v1/accounts/signUp +class SignUpRequest : public AuthRequest { + private: + explicit SignUpRequest(::firebase::App& app, const char* api_key); + static std::unique_ptr CreateRequest(::firebase::App& app, + const char* api_key); + + public: + // Initializer for linking an email and password to an account. + static std::unique_ptr CreateLinkWithEmailAndPasswordRequest( + ::firebase::App& app, const char* api_key, const char* email, + const char* password); + + void SetIdToken(const char* id_token) { + if (id_token) { + application_data_->idToken = id_token; + UpdatePostFields(); + } else { + LogError("No id token given."); + } + } +}; + +} // namespace auth +} // namespace firebase + +#endif // FIREBASE_AUTH_SRC_DESKTOP_RPCS_SIGN_UP_REQUEST_H_ diff --git a/auth/src/desktop/user_desktop.cc b/auth/src/desktop/user_desktop.cc index cefd64a799..2910ba5538 100644 --- a/auth/src/desktop/user_desktop.cc +++ b/auth/src/desktop/user_desktop.cc @@ -39,6 +39,7 @@ #include "auth/src/desktop/rpcs/secure_token_response.h" #include "auth/src/desktop/rpcs/set_account_info_request.h" #include "auth/src/desktop/rpcs/set_account_info_response.h" +#include "auth/src/desktop/rpcs/sign_up_request.h" #include "auth/src/desktop/rpcs/verify_assertion_request.h" #include "auth/src/desktop/rpcs/verify_assertion_response.h" #include "auth/src/desktop/rpcs/verify_password_request.h" @@ -256,6 +257,44 @@ void TriggerSaveUserFlow(AuthData* const auth_data) { } } +template +void PerformSignUpFlow(AuthDataHandle* const handle) { + const auto response = GetResponse(*handle->request); + + if (response.IsSuccessful()) { + // Call GetAccountInfo to get more information, since SignUp doesn't include + // everything we need. + typedef GetAccountInfoRequest RequestT; + auto request = std::unique_ptr( + new RequestT(*handle->auth_data->app, GetApiKey(*handle->auth_data), + response.id_token().c_str())); // NOLINT + + const auto callback = + [](AuthDataHandle* const inner_handle) { + const GetAccountInfoResult account_info = + GetAccountInfo(*inner_handle->request); + + if (account_info.IsValid()) { + account_info.MergeToCurrentUser(inner_handle->auth_data); + TriggerSaveUserFlow(inner_handle->auth_data); + CompleteSetAccountInfoPromise( + &inner_handle->promise, &inner_handle->auth_data->current_user); + } else { + SignOutIfUserNoLongerValid(inner_handle->auth_data->auth, + account_info.error()); + FailPromise(&inner_handle->promise, account_info.error()); + } + }; + + CallAsyncWithFreshToken(handle->auth_data, handle->promise, + std::move(request), callback); + + } else { + SignOutIfUserNoLongerValid(handle->auth_data->auth, response.error_code()); + FailPromise(&handle->promise, response.error_code()); + } +} + template void PerformSetAccountInfoFlow( AuthDataHandle* const handle) { @@ -306,14 +345,14 @@ Future DoLinkWithEmailAndPassword( const EmailAuthCredential* email_credential = GetEmailCredential(raw_credential_impl); - typedef SetAccountInfoRequest RequestT; + typedef SignUpRequest RequestT; auto request = RequestT::CreateLinkWithEmailAndPasswordRequest( *auth_data->app, GetApiKey(*auth_data), email_credential->GetEmail().c_str(), email_credential->GetPassword().c_str()); return CallAsyncWithFreshToken(auth_data, promise, std::move(request), - PerformSetAccountInfoFlow); + PerformSignUpFlow); } // Calls setAccountInfo endpoint to link the current user with the given email @@ -329,14 +368,14 @@ Future DoLinkWithEmailAndPassword_DEPRECATED( const EmailAuthCredential* email_credential = GetEmailCredential(raw_credential_impl); - typedef SetAccountInfoRequest RequestT; + typedef SignUpRequest RequestT; auto request = RequestT::CreateLinkWithEmailAndPasswordRequest( *auth_data->app, GetApiKey(*auth_data), email_credential->GetEmail().c_str(), email_credential->GetPassword().c_str()); return CallAsyncWithFreshToken(auth_data, promise, std::move(request), - PerformSetAccountInfoFlow_DEPRECATED); + PerformSignUpFlow); } // Checks that the given provider wasn't already linked to the currently diff --git a/release_build_files/readme.md b/release_build_files/readme.md index 100ed9203d..b65b9a9dd7 100644 --- a/release_build_files/readme.md +++ b/release_build_files/readme.md @@ -634,6 +634,9 @@ code. ### Upcoming Release - Changes - General (iOS): Update to Firebase Cocoapods version 10.17.0. + - Auth: Fix a bug where anonymous account can't be linked with + email password credential. For background, see + [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection#overview) ### 11.6.0 - Changes From ba23d9f818bb8f993a248e3eeee439a2fc623cdb Mon Sep 17 00:00:00 2001 From: a-maurice Date: Tue, 12 Dec 2023 17:11:08 -0800 Subject: [PATCH 2/7] Update the Auth unit test for linking credentials --- auth/tests/user_test.cc | 45 +++++++++++++++++++++++++++++++---------- 1 file changed, 34 insertions(+), 11 deletions(-) diff --git a/auth/tests/user_test.cc b/auth/tests/user_test.cc index 52cd8e6391..3538ccdea3 100644 --- a/auth/tests/user_test.cc +++ b/auth/tests/user_test.cc @@ -402,18 +402,41 @@ TEST_F(UserTest, TestSendEmailVerification) { } TEST_F(UserTest, TestLinkWithCredential) { - const std::string config = - std::string( - "{" - " config:[" - " {fake:'FirebaseUser.linkWithCredential', " - "futuregeneric:{ticker:1}}," - " {fake:'FIRUser.linkWithCredential:completion:'," - " futuregeneric:{ticker:1}},") + - SET_ACCOUNT_INFO_SUCCESSFUL_RESPONSE + + // Under the hood, since this is linking an email/password, + // it is expecting a signUp call, followed by a getAccountInfo. + firebase::testing::cppsdk::ConfigSet( + "{" + " config:[" + " {fake:'FirebaseUser.linkWithCredential', " + "futuregeneric:{ticker:1}}," + " {fake:'FIRUser.linkWithCredential:completion:'," + " futuregeneric:{ticker:1}}," + " {fake:'https://identitytoolkit.googleapis.com/v1/accounts:signUp?key=not_a_real_api_key'," + " httpresponse: {" + " header: ['HTTP/1.1 200 Ok','Server:mock server 101']," + " body: ['{" + " \"kind\": \"identitytoolkit#SignupNewUserResponse\"," + " \"idToken\": \"idtoken123\"," + " \"refreshToken\": \"refreshtoken123\"," + " \"expiresIn\": \"3600\"," + " \"localId\": \"localid123\"" + "}',]" + " }" + " }," + " {fake:'https://www.googleapis.com/identitytoolkit/v3/relyingparty/" + "getAccountInfo?key=not_a_real_api_key'," + " httpresponse: {" + " header: ['HTTP/1.1 200 Ok','Server:mock server 101']," + " body: ['{" + " \"users\": [{" + " \"localId\": \"localid123\"" + " }]}'," + " ]" + " }" + " }" " ]" - "}"; - firebase::testing::cppsdk::ConfigSet(config.c_str()); + "}" + ); Future result = firebase_user_->LinkWithCredential_DEPRECATED( EmailAuthProvider::GetCredential("i@email.com", "pw")); From 9b704582c25056968ff1fedaeb4a26a19fef51d6 Mon Sep 17 00:00:00 2001 From: a-maurice Date: Tue, 12 Dec 2023 17:12:46 -0800 Subject: [PATCH 3/7] Fix lint errors around include memory --- auth/src/desktop/rpcs/sign_up_request.cc | 1 + auth/src/desktop/rpcs/sign_up_request.h | 2 ++ 2 files changed, 3 insertions(+) diff --git a/auth/src/desktop/rpcs/sign_up_request.cc b/auth/src/desktop/rpcs/sign_up_request.cc index 34b4fc63d3..c11537c300 100644 --- a/auth/src/desktop/rpcs/sign_up_request.cc +++ b/auth/src/desktop/rpcs/sign_up_request.cc @@ -16,6 +16,7 @@ #include "auth/src/desktop/rpcs/sign_up_request.h" +#include #include #include "app/src/assert.h" diff --git a/auth/src/desktop/rpcs/sign_up_request.h b/auth/src/desktop/rpcs/sign_up_request.h index 3d6acdbb89..9a0ca404ea 100644 --- a/auth/src/desktop/rpcs/sign_up_request.h +++ b/auth/src/desktop/rpcs/sign_up_request.h @@ -17,6 +17,8 @@ #ifndef FIREBASE_AUTH_SRC_DESKTOP_RPCS_SIGN_UP_REQUEST_H_ #define FIREBASE_AUTH_SRC_DESKTOP_RPCS_SIGN_UP_REQUEST_H_ +#include + #include "app/src/include/firebase/app.h" #include "auth/request_generated.h" #include "auth/request_resource.h" From 8fbf7c1d9920e2cbe1212c42dccad7f53f976317 Mon Sep 17 00:00:00 2001 From: a-maurice Date: Tue, 12 Dec 2023 17:13:57 -0800 Subject: [PATCH 4/7] Format file --- auth/tests/user_test.cc | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/auth/tests/user_test.cc b/auth/tests/user_test.cc index 3538ccdea3..ca76f34f33 100644 --- a/auth/tests/user_test.cc +++ b/auth/tests/user_test.cc @@ -411,7 +411,9 @@ TEST_F(UserTest, TestLinkWithCredential) { "futuregeneric:{ticker:1}}," " {fake:'FIRUser.linkWithCredential:completion:'," " futuregeneric:{ticker:1}}," - " {fake:'https://identitytoolkit.googleapis.com/v1/accounts:signUp?key=not_a_real_api_key'," + " " + "{fake:'https://identitytoolkit.googleapis.com/v1/" + "accounts:signUp?key=not_a_real_api_key'," " httpresponse: {" " header: ['HTTP/1.1 200 Ok','Server:mock server 101']," " body: ['{" @@ -435,8 +437,7 @@ TEST_F(UserTest, TestLinkWithCredential) { " }" " }" " ]" - "}" - ); + "}"); Future result = firebase_user_->LinkWithCredential_DEPRECATED( EmailAuthProvider::GetCredential("i@email.com", "pw")); From a25e598b198b264a3b6a3fba95eb0d447000409a Mon Sep 17 00:00:00 2001 From: a-maurice Date: Tue, 12 Dec 2023 18:56:08 -0800 Subject: [PATCH 5/7] Update more unit tests --- auth/src/desktop/get_account_info_result.cc | 4 +++ auth/src/desktop/user_desktop.cc | 1 + auth/tests/desktop/user_desktop_test.cc | 38 +++++++++++++-------- 3 files changed, 29 insertions(+), 14 deletions(-) diff --git a/auth/src/desktop/get_account_info_result.cc b/auth/src/desktop/get_account_info_result.cc index cda3117b59..e2c3eb1e89 100644 --- a/auth/src/desktop/get_account_info_result.cc +++ b/auth/src/desktop/get_account_info_result.cc @@ -59,6 +59,10 @@ void GetAccountInfoResult::MergeToUser(UserView::Writer& user) const { user_impl_.has_email_password_credential; user->creation_timestamp = user_impl_.creation_timestamp; user->last_sign_in_timestamp = user_impl_.last_sign_in_timestamp; + // If the account info has an email, make sure is_anonymous is false + if (!user_impl_.email.empty() && user_impl_.has_email_password_credential) { + user->is_anonymous = false; + } user.ResetUserInfos(provider_data_); } diff --git a/auth/src/desktop/user_desktop.cc b/auth/src/desktop/user_desktop.cc index 2910ba5538..cd13dfca3f 100644 --- a/auth/src/desktop/user_desktop.cc +++ b/auth/src/desktop/user_desktop.cc @@ -277,6 +277,7 @@ void PerformSignUpFlow(AuthDataHandle* const handle) { if (account_info.IsValid()) { account_info.MergeToCurrentUser(inner_handle->auth_data); TriggerSaveUserFlow(inner_handle->auth_data); + NotifyIdTokenListeners(inner_handle->auth_data); CompleteSetAccountInfoPromise( &inner_handle->promise, &inner_handle->auth_data->current_user); } else { diff --git a/auth/tests/desktop/user_desktop_test.cc b/auth/tests/desktop/user_desktop_test.cc index 13546b4e1e..1ca0403187 100644 --- a/auth/tests/desktop/user_desktop_test.cc +++ b/auth/tests/desktop/user_desktop_test.cc @@ -567,8 +567,30 @@ TEST_F(UserDesktopTest, TestLinkWithCredential_OauthCredential) { } TEST_F(UserDesktopTest, TestLinkWithCredential_EmailCredential) { - InitializeConfigWithAFake(GetUrlForApi(API_KEY, "setAccountInfo"), - FakeSetAccountInfoResponse()); + FakeSetT fakes; + const auto api_url = + std::string("https://identitytoolkit.googleapis.com/v1/accounts:signUp?key=") + API_KEY; + fakes[api_url] = + FakeSuccessfulResponse("SignupNewUserResponse", + " \"idToken\": \"idtoken123\"," + " \"refreshToken\": \"refreshtoken123\"," + " \"expiresIn\": \"3600\"," + " \"localId\": \"localid123\""); + fakes[GetUrlForApi(API_KEY, "getAccountInfo")] = + FakeSuccessfulResponse("GetAccountInfoResponse", + " \"users\": [" + " {" + " \"localId\": \"localid123\"," + " \"lastLoginAt\": \"123\"," + " \"createdAt\": \"456\"," + " \"email\": \"new_fake_email@example.com\"," + " \"idToken\": \"new_fake_token\"," + " \"passwordHash\": \"new_fake_hash\"," + " \"emailVerified\": false," + + GetFakeProviderInfo() + + " }" + " ]"); + InitializeConfigWithFakes(fakes); // Response contains a new ID token, but user should have stayed the same. id_token_listener.ExpectChanges(1); @@ -844,18 +866,6 @@ TEST_F(UserDesktopTestSignOutOnError, Unlink) { sem_.Wait(); } -TEST_F(UserDesktopTestSignOutOnError, LinkWithEmail) { - CheckSignOutIfUserIsInvalid( - GetUrlForApi(API_KEY, "setAccountInfo"), "USER_NOT_FOUND", - kAuthErrorUserNotFound, [&] { - sem_.Post(); - return firebase_user_->LinkWithCredential_DEPRECATED( - EmailAuthProvider::GetCredential("fake_email@example.com", - "fake_password")); - }); - sem_.Wait(); -} - TEST_F(UserDesktopTestSignOutOnError, LinkWithOauthCredential) { CheckSignOutIfUserIsInvalid( GetUrlForApi(API_KEY, "verifyAssertion"), "USER_NOT_FOUND", From e39736dd2ce0472de4f44b9aacb1b1f4694bcc79 Mon Sep 17 00:00:00 2001 From: a-maurice Date: Tue, 12 Dec 2023 18:57:19 -0800 Subject: [PATCH 6/7] Formatting --- auth/tests/desktop/user_desktop_test.cc | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/auth/tests/desktop/user_desktop_test.cc b/auth/tests/desktop/user_desktop_test.cc index 1ca0403187..f22554d122 100644 --- a/auth/tests/desktop/user_desktop_test.cc +++ b/auth/tests/desktop/user_desktop_test.cc @@ -569,7 +569,9 @@ TEST_F(UserDesktopTest, TestLinkWithCredential_OauthCredential) { TEST_F(UserDesktopTest, TestLinkWithCredential_EmailCredential) { FakeSetT fakes; const auto api_url = - std::string("https://identitytoolkit.googleapis.com/v1/accounts:signUp?key=") + API_KEY; + std::string( + "https://identitytoolkit.googleapis.com/v1/accounts:signUp?key=") + + API_KEY; fakes[api_url] = FakeSuccessfulResponse("SignupNewUserResponse", " \"idToken\": \"idtoken123\"," @@ -587,9 +589,9 @@ TEST_F(UserDesktopTest, TestLinkWithCredential_EmailCredential) { " \"idToken\": \"new_fake_token\"," " \"passwordHash\": \"new_fake_hash\"," " \"emailVerified\": false," + - GetFakeProviderInfo() + - " }" - " ]"); + GetFakeProviderInfo() + + " }" + " ]"); InitializeConfigWithFakes(fakes); // Response contains a new ID token, but user should have stayed the same. From 9ed9d55a357a8204275b76314bc3f88341641fb4 Mon Sep 17 00:00:00 2001 From: a-maurice Date: Tue, 19 Dec 2023 14:18:19 -0800 Subject: [PATCH 7/7] Reuse more of the regular SignInFlow logic --- auth/src/desktop/user_desktop.cc | 75 +++++++++++++++++--------------- 1 file changed, 39 insertions(+), 36 deletions(-) diff --git a/auth/src/desktop/user_desktop.cc b/auth/src/desktop/user_desktop.cc index cd13dfca3f..9a6b5a96ad 100644 --- a/auth/src/desktop/user_desktop.cc +++ b/auth/src/desktop/user_desktop.cc @@ -257,42 +257,44 @@ void TriggerSaveUserFlow(AuthData* const auth_data) { } } -template +template void PerformSignUpFlow(AuthDataHandle* const handle) { - const auto response = GetResponse(*handle->request); - - if (response.IsSuccessful()) { - // Call GetAccountInfo to get more information, since SignUp doesn't include - // everything we need. - typedef GetAccountInfoRequest RequestT; - auto request = std::unique_ptr( - new RequestT(*handle->auth_data->app, GetApiKey(*handle->auth_data), - response.id_token().c_str())); // NOLINT - - const auto callback = - [](AuthDataHandle* const inner_handle) { - const GetAccountInfoResult account_info = - GetAccountInfo(*inner_handle->request); - - if (account_info.IsValid()) { - account_info.MergeToCurrentUser(inner_handle->auth_data); - TriggerSaveUserFlow(inner_handle->auth_data); - NotifyIdTokenListeners(inner_handle->auth_data); - CompleteSetAccountInfoPromise( - &inner_handle->promise, &inner_handle->auth_data->current_user); - } else { - SignOutIfUserNoLongerValid(inner_handle->auth_data->auth, - account_info.error()); - FailPromise(&inner_handle->promise, account_info.error()); - } - }; - - CallAsyncWithFreshToken(handle->auth_data, handle->promise, - std::move(request), callback); + FIREBASE_ASSERT_RETURN_VOID(handle && handle->request); + + const auto response = GetResponse(*handle->request); + const AuthenticationResult auth_response = + CompleteSignInFlow(handle->auth_data, response); + + if (auth_response.IsValid()) { + const AuthResult auth_result = + auth_response.SetAsCurrentUser(handle->auth_data); + // The usual SignIn flow doesn't trigger this, but since this is used + // to upgrade anonymous accounts, it is needed for SignUp + NotifyIdTokenListeners(handle->auth_data); + CompletePromise(&handle->promise, auth_result); + } else { + FailPromise(&handle->promise, auth_response.error()); + } +} + +template +void PerformSignUpFlow_DEPRECATED( + AuthDataHandle* const handle) { + FIREBASE_ASSERT_RETURN_VOID(handle && handle->request); + + const auto response = GetResponse(*handle->request); + const AuthenticationResult auth_response = + CompleteSignInFlow(handle->auth_data, response); + if (auth_response.IsValid()) { + const SignInResult sign_in_result = + auth_response.SetAsCurrentUser_DEPRECATED(handle->auth_data); + // The usual SignIn flow doesn't trigger this, but since this is used + // to upgrade anonymous accounts, it is needed for SignUp + NotifyIdTokenListeners(handle->auth_data); + CompletePromise(&handle->promise, sign_in_result); } else { - SignOutIfUserNoLongerValid(handle->auth_data->auth, response.error_code()); - FailPromise(&handle->promise, response.error_code()); + FailPromise(&handle->promise, auth_response.error()); } } @@ -353,7 +355,7 @@ Future DoLinkWithEmailAndPassword( email_credential->GetPassword().c_str()); return CallAsyncWithFreshToken(auth_data, promise, std::move(request), - PerformSignUpFlow); + PerformSignUpFlow); } // Calls setAccountInfo endpoint to link the current user with the given email @@ -375,8 +377,9 @@ Future DoLinkWithEmailAndPassword_DEPRECATED( email_credential->GetEmail().c_str(), email_credential->GetPassword().c_str()); - return CallAsyncWithFreshToken(auth_data, promise, std::move(request), - PerformSignUpFlow); + return CallAsyncWithFreshToken( + auth_data, promise, std::move(request), + PerformSignUpFlow_DEPRECATED); } // Checks that the given provider wasn't already linked to the currently