Calling Firebase `validatePassword` outside of an Injection context

[rgant]

Is the running outside of injection context warning legitimate when using validatePassword?

My code:

import { EnvironmentInjector, inject, runInInjectionContext } from '@angular/core';
import { Auth, validatePassword } from '@angular/fire/auth';
import type { PasswordValidationStatus } from '@angular/fire/auth';
import type { AbstractControl, AsyncValidatorFn, ValidationErrors } from '@angular/forms';

import { getPasswordControlValue } from './util';

/**
 * Validate against the Firebase Project Authentication Password Policy.
 *
 * Note: at this time there is no actual need for this because the policy only enforces length and
 * other Validators already check for that. However it is nice to know how to do this.
 */
export const passwordFirebaseValidator = (): AsyncValidatorFn => {
  const auth: Auth = inject(Auth);
  const environmentInjector = inject(EnvironmentInjector);

  return async (control: AbstractControl<unknown>): Promise<ValidationErrors | null> => {
    const value = getPasswordControlValue(control);

    // Like Validators.email, rely on Validators.required to check for blank passwords.
    if (value == undefined) {
      return null; // eslint-disable-line unicorn/no-null -- ValidatorFn returns null
    }

    const { passwordPolicy: _, ...status } = await runInInjectionContext(
      environmentInjector,
      async (): Promise<PasswordValidationStatus> => validatePassword(auth, value),
    );

    return status.isValid ? null : { firebasevalidator: status }; // eslint-disable-line unicorn/no-null
  };
};

I added EnvironmentInjector and runInInjectionContext and that got rid of the warning, but is all this necessary? It would be nice if validation was simplier.

[google-oss-bot]

This issue does not seem to follow the issue template. Make sure you provide all the required information.

[jamesdaniels]

I'll look into reducing the log verbosity of the validate method, it shouldn't be necessary to be in an injection context for every single API but AngularFire can't guarantee stability without it.

[rgant]

I'm trying to create a demonstration app illustrating Angular, Firebase, and best practices. And I am running into this warning a bunch. So is there a better way to do things like this that I am missing?

For example the signOut modular method. I'm doing something quite similar to what is shown in this repo. And getting this same warning. So if there is a better way, I would love to use it now before I implement everything wrongly.