Add the new method to update Auth Users Email (firebase#1544)

* Add the new method to update Auth Users Email

* Update integration_test.cc

Author: a-maurice

auth/integration_test/src/integration_test.cc

@@ -816,6 +816,12 @@ TEST_F(FirebaseAuthTest, TestOperationsOnInvalidUser) {
   WaitForCompletionOrInvalidStatus(void_future, "SendEmailVerification");
   EXPECT_NE(void_future.error(), firebase::auth::kAuthErrorNone);
 
+  void_future = invalid_user.SendEmailVerificationBeforeUpdatingEmail(
+      GenerateEmailAddress().c_str());
+  WaitForCompletionOrInvalidStatus(void_future,
+                                   "SendEmailVerificationBeforeUpdatingEmail");
+  EXPECT_NE(void_future.error(), firebase::auth::kAuthErrorNone);
+
   firebase::auth::User::UserProfile profile;
   void_future = invalid_user.UpdateUserProfile(profile);
   WaitForCompletionOrInvalidStatus(void_future, "UpdateUserProfile");
@@ -947,6 +953,23 @@ TEST_F(FirebaseAuthTest, TestUpdateEmailAndPassword_DEPRECATED) {
   DeleteUser_DEPRECATED();
 }
 
+TEST_F(FirebaseAuthTest, TestVerifyBeforeUpdatingEmail) {
+  std::string email = GenerateEmailAddress();
+  WaitForCompletion(
+      auth_->CreateUserWithEmailAndPassword(email.c_str(), kTestPassword),
+      "CreateUserWithEmailAndPassword");
+  firebase::auth::User user = auth_->current_user();
+  EXPECT_TRUE(user.is_valid());
+
+  // Update the user's email and password.
+  const std::string new_email = "new_" + email;
+  WaitForCompletion(
+      user.SendEmailVerificationBeforeUpdatingEmail(new_email.c_str()),
+      "SendEmailVerificationBeforeUpdatingEmail");
+  EXPECT_TRUE(user.is_valid());
+  DeleteUser();
+}
+
 TEST_F(FirebaseAuthTest, TestLinkAnonymousUserWithEmailCredential) {
   FLAKY_TEST_SECTION_BEGIN();
 

auth/src/android/user_android.cc

@@ -43,6 +43,8 @@ METHOD_LOOKUP_DEFINITION(tokenresult,
     X(ProviderData, "getProviderData", "()Ljava/util/List;"),                  \
     X(UpdateEmail, "updateEmail", "(Ljava/lang/String;)"                       \
       "Lcom/google/android/gms/tasks/Task;"),                                  \
+    X(VerifyBeforeUpdateEmail, "verifyBeforeUpdateEmail",                      \
+      "(Ljava/lang/String;)Lcom/google/android/gms/tasks/Task;"),              \
     X(UpdatePassword, "updatePassword", "(Ljava/lang/String;)"                 \
       "Lcom/google/android/gms/tasks/Task;"),                                  \
     X(UpdateUserProfile, "updateProfile",                                      \
@@ -782,6 +784,28 @@ Future<void> User::SendEmailVerification() {
   return MakeFuture(&futures, handle);
 }
 
+Future<void> User::SendEmailVerificationBeforeUpdatingEmail(const char* email) {
+  if (!ValidUser(auth_data_)) {
+    return Future<void>();
+  }
+  ReferenceCountedFutureImpl& futures = auth_data_->future_impl;
+  const auto handle =
+      futures.SafeAlloc<void>(kUserFn_SendEmailVerificationBeforeUpdatingEmail);
+  JNIEnv* env = Env(auth_data_);
+
+  jstring j_email = env->NewStringUTF(email);
+  jobject pending_result = env->CallObjectMethod(
+      UserImpl(auth_data_), user::GetMethodId(user::kVerifyBeforeUpdateEmail),
+      j_email);
+  env->DeleteLocalRef(j_email);
+
+  if (!CheckAndCompleteFutureOnError(env, &futures, handle)) {
+    RegisterCallback(pending_result, handle, auth_data_, nullptr);
+    env->DeleteLocalRef(pending_result);
+  }
+  return MakeFuture(&futures, handle);
+}
+
 Future<void> User::Delete() {
   if (!ValidUser(auth_data_)) {
     return Future<void>();

auth/src/data.h

@@ -56,6 +56,7 @@ enum AuthApiFunction {
   kUserFn_ReauthenticateAndRetrieveData,
   kUserFn_ReauthenticateAndRetrieveData_DEPRECATED,
   kUserFn_SendEmailVerification,
+  kUserFn_SendEmailVerificationBeforeUpdatingEmail,
   kUserFn_ConfirmEmailVerification,
   kUserFn_UpdateUserProfile,
   kUserFn_LinkWithCredential,

auth/src/desktop/rpcs/get_oob_confirmation_code_request.cc

@@ -47,6 +47,25 @@ GetOobConfirmationCodeRequest::CreateSendEmailVerificationRequest(
   return request;
 }
 
+std::unique_ptr<GetOobConfirmationCodeRequest> GetOobConfirmationCodeRequest::
+    CreateSendEmailVerificationBeforeUpdatingEmailRequest(
+        ::firebase::App& app, const char* api_key, const char* email,
+        const char* language_code) {
+  auto request = std::unique_ptr<GetOobConfirmationCodeRequest>(  // NOLINT
+      new GetOobConfirmationCodeRequest(app, api_key));
+  request->application_data_->requestType = "VERIFY_AND_CHANGE_EMAIL";
+  if (language_code != nullptr) {
+    request->add_header(kHeaderFirebaseLocale, language_code);
+  }
+  if (email) {
+    request->application_data_->newEmail = email;
+  } else {
+    LogError("No email token given.");
+  }
+  request->UpdatePostFields();
+  return request;
+}
+
 std::unique_ptr<GetOobConfirmationCodeRequest>
 GetOobConfirmationCodeRequest::CreateSendPasswordResetEmailRequest(
     ::firebase::App& app, const char* api_key, const char* email,

auth/src/desktop/rpcs/get_oob_confirmation_code_request.h

@@ -34,6 +34,11 @@ class GetOobConfirmationCodeRequest : public AuthRequest {
   CreateSendEmailVerificationRequest(::firebase::App& app, const char* api_key,
                                      const char* language_code = nullptr);
 
+  static std::unique_ptr<GetOobConfirmationCodeRequest>
+  CreateSendEmailVerificationBeforeUpdatingEmailRequest(
+      ::firebase::App& app, const char* api_key, const char* email,
+      const char* language_code = nullptr);
+
   static std::unique_ptr<GetOobConfirmationCodeRequest>
   CreateSendPasswordResetEmailRequest(::firebase::App& app, const char* api_key,
                                       const char* email,

auth/src/desktop/rpcs/request.fbs

@@ -57,6 +57,8 @@ table Request {
   deleteProvider:[string];
 
   nonce:string;
+
+  newEmail:string;
 }
 
 root_type Request;

auth/src/desktop/user_desktop.cc

@@ -953,6 +953,38 @@ Future<void> User::SendEmailVerification() {
                                  callback);
 }
 
+Future<void> User::SendEmailVerificationBeforeUpdatingEmail(const char* email) {
+  Promise<void> promise(&auth_data_->future_impl,
+                        kUserFn_SendEmailVerificationBeforeUpdatingEmail);
+  if (!ValidateCurrentUser(&promise, auth_data_)) {
+    return promise.LastResult();
+  }
+
+  const char* language_code = nullptr;
+  auto auth_impl = static_cast<AuthImpl*>(auth_data_->auth_impl);
+  if (!auth_impl->language_code.empty()) {
+    language_code = auth_impl->language_code.c_str();
+  }
+
+  typedef GetOobConfirmationCodeRequest RequestT;
+  auto request =
+      RequestT::CreateSendEmailVerificationBeforeUpdatingEmailRequest(
+          *auth_data_->app, GetApiKey(*auth_data_), email, language_code);
+
+  const auto callback = [](AuthDataHandle<void, RequestT>* const handle) {
+    const auto response =
+        GetResponse<GetOobConfirmationCodeResponse>(*handle->request);
+    if (response.IsSuccessful()) {
+      handle->promise.Complete();
+    } else {
+      FailPromise(&handle->promise, response.error_code());
+    }
+  };
+
+  return CallAsyncWithFreshToken(auth_data_, promise, std::move(request),
+                                 callback);
+}
+
 Future<void> User::Reload() {
   Promise<void> promise(&auth_data_->future_impl, kUserFn_Reload);
   if (!ValidateCurrentUser(&promise, auth_data_)) {

auth/src/include/firebase/auth/user.h

@@ -255,14 +255,19 @@ class User : public UserInfoInterface {
   FIREBASE_DEPRECATED const std::vector<UserInfoInterface*>&
   provider_data_DEPRECATED() const;
 
+  /// @deprecated This is a deprecated method. Please use
+  /// SendEmailVerificationBeforeUpdatingEmail(email) instead.
+  ///
   /// Sets the email address for the user.
   ///
   /// May fail if there is already an email/password-based account for the same
   /// email address.
-  Future<void> UpdateEmail(const char* email);
+  FIREBASE_DEPRECATED Future<void> UpdateEmail(const char* email);
 
+  /// @deprecated
+  ///
   /// Get results of the most recent call to UpdateEmail.
-  Future<void> UpdateEmailLastResult() const;
+  FIREBASE_DEPRECATED Future<void> UpdateEmailLastResult() const;
 
   /// Attempts to change the password for the current user.
   ///
@@ -381,6 +386,14 @@ class User : public UserInfoInterface {
   /// Get results of the most recent call to SendEmailVerification.
   Future<void> SendEmailVerificationLastResult() const;
 
+  /// Send an email to verify the ownership of the account, then update
+  /// to the new email.
+  Future<void> SendEmailVerificationBeforeUpdatingEmail(const char* email);
+
+  /// Get results of the most recent call to
+  /// SendEmailVerificationBeforeUpdatingEmail.
+  Future<void> SendEmailVerificationBeforeUpdatingEmailLastResult() const;
+
   /// Updates a subset of user profile information.
   Future<void> UpdateUserProfile(const UserProfile& profile);
 

auth/src/ios/user_ios.mm

@@ -188,6 +188,21 @@ explicit IOSWrappedUserInfo(id<FIRUserInfo> user_info) : user_info_(user_info) {
   return MakeFuture(&futures, handle);
 }
 
+Future<void> User::SendEmailVerificationBeforeUpdatingEmail(const char *email) {
+  if (!ValidUser(auth_data_)) {
+    return Future<void>();
+  }
+  ReferenceCountedFutureImpl &futures = auth_data_->future_impl;
+  const auto handle = futures.SafeAlloc<void>(kUserFn_SendEmailVerificationBeforeUpdatingEmail);
+  [UserImpl(auth_data_)
+      sendEmailVerificationBeforeUpdatingEmail:@(email)
+                                    completion:^(NSError *_Nullable error) {
+                                      futures.Complete(handle, AuthErrorFromNSError(error),
+                                                       [error.localizedDescription UTF8String]);
+                                    }];
+  return MakeFuture(&futures, handle);
+}
+
 Future<AuthResult> User::LinkWithCredential(const Credential &credential) {
   if (!ValidUser(auth_data_)) {
     return Future<AuthResult>();

auth/src/user.cc

@@ -26,6 +26,7 @@ AUTH_RESULT_FN(User, LinkWithCredential, AuthResult)
 AUTH_RESULT_FN(User, Reauthenticate, void)
 AUTH_RESULT_FN(User, ReauthenticateAndRetrieveData, AuthResult)
 AUTH_RESULT_FN(User, SendEmailVerification, void)
+AUTH_RESULT_FN(User, SendEmailVerificationBeforeUpdatingEmail, void)
 AUTH_RESULT_FN(User, Unlink, AuthResult)
 AUTH_RESULT_FN(User, UpdateUserProfile, void)
 AUTH_RESULT_FN(User, Reload, void)

auth/tests/user_test.cc

@@ -401,6 +401,33 @@ TEST_F(UserTest, TestSendEmailVerification) {
   Verify(result);
 }
 
+TEST_F(UserTest, TestSendEmailVerificationBeforeUpdatingEmail) {
+  // Test send email verification before updating.
+  firebase::testing::cppsdk::ConfigSet(
+      "{"
+      "  config:["
+      "    {fake:'FirebaseUser.sendEmailVerification',"
+      "     futuregeneric:{ticker:1}},"
+      "    {fake:'FIRUser.sendEmailVerificationWithCompletion:',"
+      "     futuregeneric:{ticker:1}},"
+      "    {"
+      "      fake: 'https://www.googleapis.com/identitytoolkit/v3/relyingparty/"
+      "getOobConfirmationCode?key=not_a_real_api_key',"
+      "      httpresponse: {"
+      "        header: ['HTTP/1.1 200 Ok','Server:mock server 101'],"
+      "        body: ['{"
+      "          \"kind\": \"identitytoolkit#GetOobConfirmationCodeResponse\","
+      "          \"email\": \"fake_email@fake_domain.com\""
+      "        }']"
+      "      }"
+      "    }"
+      "  ]"
+      "}");
+  Future<void> result =
+      firebase_user_->SendEmailVerificationBeforeUpdatingEmail("[email protected]");
+  Verify(result);
+}
+
 TEST_F(UserTest, TestLinkWithCredential) {
   // Under the hood, since this is linking an email/password,
   // it is expecting a signUp call, followed by a getAccountInfo.

release_build_files/readme.md

@@ -634,6 +634,8 @@ code.
 ### Upcoming Release
 -   Changes
     - General (Android): Update to Firebase Android BoM version 32.7.2.
+    - Auth: Add User::SendEmailVerificationBeforeUpdatingEmail, and deprecate
+      the older method of updating emails, User::UpdateEmail.
 
 ### 11.8.0
 -   Changes