Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Expose INVALID_LOGIN_CREDENTIALS as auth/invalid-credential error. #7772

Merged
merged 6 commits into from
Nov 15, 2023
Merged

Expose INVALID_LOGIN_CREDENTIALS as auth/invalid-credential error. #7772

merged 6 commits into from
Nov 15, 2023

Conversation

prameshj
Copy link
Contributor

This PR has the following changes:

Expose INVALID_LOGIN_CREDENTIALS as auth/invalid-credential error.
Update the doc snippets for various SDK methods to explain the behavior when Email Enumeration Protection is enabled.
Mark fetchSignInMethodsForEmail and updateEmail as deprecated.
Fixes - #7661

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Nov 11, 2023
edited

🦋 Changeset detected

Latest commit: 89f01c0

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 3 packages
Name Type
@firebase/auth Patch
@firebase/auth-compat Patch
firebase Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@google-oss-bot
Copy link
Contributor

google-oss-bot commented Nov 11, 2023
edited

Size Report 1

Affected Products

  • @firebase/auth

    TypeBase (bebecda)Merge (eba2de3)Diff
    browser177 kB177 kB+114 B (+0.1%)
    cordova205 kB205 kB+118 B (+0.1%)
    esm5230 kB230 kB+118 B (+0.1%)
    main174 kB174 kB+118 B (+0.1%)
    module177 kB177 kB+114 B (+0.1%)
    react-native194 kB194 kB+118 B (+0.1%)

  • @firebase/auth/cordova

    TypeBase (bebecda)Merge (eba2de3)Diff
    browser205 kB205 kB+118 B (+0.1%)
    module205 kB205 kB+118 B (+0.1%)

  • @firebase/auth/internal

    TypeBase (bebecda)Merge (eba2de3)Diff
    browser187 kB188 kB+114 B (+0.1%)
    esm5244 kB244 kB+118 B (+0.0%)
    main210 kB211 kB+118 B (+0.1%)
    module187 kB188 kB+114 B (+0.1%)

  • bundle

    TypeBase (bebecda)Merge (eba2de3)Diff
    auth (Anonymous)73.5 kB73.6 kB+51 B (+0.1%)
    auth (EmailAndPassword)81.4 kB81.4 kB+51 B (+0.1%)
    auth (GoogleFBTwitterGitHubPopup)100 kB100 kB+51 B (+0.1%)
    auth (GooglePopup)97.4 kB97.4 kB+51 B (+0.1%)
    auth (GoogleRedirect)97.6 kB97.6 kB+51 B (+0.1%)
    auth (Phone)83.8 kB83.8 kB+51 B (+0.1%)

  • firebase

    TypeBase (bebecda)Merge (eba2de3)Diff
    firebase-auth-compat.js136 kB136 kB+58 B (+0.0%)
    firebase-auth-cordova.js174 kB174 kB+112 B (+0.1%)
    firebase-auth.js147 kB147 kB+110 B (+0.1%)
    firebase-compat.js778 kB778 kB+58 B (+0.0%)

Test Logs

  1. https://storage.googleapis.com/firebase-sdk-metric-reports/kDffauKqaH.html

@google-oss-bot
Copy link
Contributor

google-oss-bot commented Nov 11, 2023
edited

Size Analysis Report 1

Affected Products

  • @firebase/auth

    • ActionCodeOperation

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.6 kB37.6 kB+51 B (+0.1%)
      size-with-ext-deps58.5 kB58.5 kB+51 B (+0.1%)

    • ActionCodeURL

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size38.4 kB38.5 kB+51 B (+0.1%)
      size-with-ext-deps59.6 kB59.6 kB+51 B (+0.1%)

    • AuthCredential

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.6 kB37.6 kB+51 B (+0.1%)
      size-with-ext-deps58.5 kB58.5 kB+51 B (+0.1%)

    • AuthErrorCodes

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size42.4 kB42.5 kB+103 B (+0.2%)
      size-with-ext-deps63.3 kB63.4 kB+103 B (+0.2%)

    • EmailAuthCredential

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size42.9 kB43.0 kB+51 B (+0.1%)
      size-with-ext-deps63.8 kB63.9 kB+51 B (+0.1%)

    • EmailAuthProvider

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size44.4 kB44.4 kB+51 B (+0.1%)
      size-with-ext-deps65.5 kB65.6 kB+51 B (+0.1%)

    • FacebookAuthProvider

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size42.4 kB42.5 kB+51 B (+0.1%)
      size-with-ext-deps63.3 kB63.3 kB+51 B (+0.1%)

    • FactorId

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.4 kB37.4 kB+51 B (+0.1%)
      size-with-ext-deps58.2 kB58.3 kB+51 B (+0.1%)

    • GithubAuthProvider

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size42.4 kB42.5 kB+51 B (+0.1%)
      size-with-ext-deps63.3 kB63.3 kB+51 B (+0.1%)

    • GoogleAuthProvider

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size42.4 kB42.5 kB+51 B (+0.1%)
      size-with-ext-deps63.3 kB63.3 kB+51 B (+0.1%)

    • OAuthCredential

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size39.5 kB39.5 kB+51 B (+0.1%)
      size-with-ext-deps60.4 kB60.4 kB+51 B (+0.1%)

    • OAuthProvider

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size43.3 kB43.4 kB+51 B (+0.1%)
      size-with-ext-deps64.2 kB64.3 kB+51 B (+0.1%)

    • OperationType

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.4 kB37.5 kB+51 B (+0.1%)
      size-with-ext-deps58.3 kB58.3 kB+51 B (+0.1%)

    • PhoneAuthCredential

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size39.5 kB39.5 kB+51 B (+0.1%)
      size-with-ext-deps60.4 kB60.4 kB+51 B (+0.1%)

    • PhoneAuthProvider

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size41.2 kB41.2 kB+51 B (+0.1%)
      size-with-ext-deps62.1 kB62.1 kB+51 B (+0.1%)

    • PhoneMultiFactorGenerator

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size38.2 kB38.3 kB+51 B (+0.1%)
      size-with-ext-deps59.1 kB59.1 kB+51 B (+0.1%)

    • ProviderId

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.5 kB37.5 kB+51 B (+0.1%)
      size-with-ext-deps58.3 kB58.4 kB+51 B (+0.1%)

    • RecaptchaVerifier

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size43.9 kB44.0 kB+51 B (+0.1%)
      size-with-ext-deps64.8 kB64.9 kB+51 B (+0.1%)

    • SAMLAuthProvider

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size43.7 kB43.7 kB+51 B (+0.1%)
      size-with-ext-deps64.6 kB64.6 kB+51 B (+0.1%)

    • SignInMethod

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.5 kB37.5 kB+51 B (+0.1%)
      size-with-ext-deps58.4 kB58.4 kB+51 B (+0.1%)

    • TotpMultiFactorGenerator

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size39.9 kB39.9 kB+51 B (+0.1%)
      size-with-ext-deps60.7 kB60.8 kB+51 B (+0.1%)

    • TotpSecret

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size38.3 kB38.4 kB+51 B (+0.1%)
      size-with-ext-deps59.2 kB59.2 kB+51 B (+0.1%)

    • TwitterAuthProvider

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size42.4 kB42.5 kB+51 B (+0.1%)
      size-with-ext-deps63.3 kB63.3 kB+51 B (+0.1%)

    • applyActionCode

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.5 kB37.5 kB+51 B (+0.1%)
      size-with-ext-deps58.3 kB58.4 kB+51 B (+0.1%)

    • beforeAuthStateChanged

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.4 kB37.5 kB+51 B (+0.1%)
      size-with-ext-deps58.3 kB58.3 kB+51 B (+0.1%)

    • browserLocalPersistence

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size40.8 kB40.8 kB+51 B (+0.1%)
      size-with-ext-deps61.7 kB61.8 kB+51 B (+0.1%)

    • browserPopupRedirectResolver

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size61.8 kB61.8 kB+51 B (+0.1%)
      size-with-ext-deps82.9 kB82.9 kB+51 B (+0.1%)

    • browserSessionPersistence

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size40.8 kB40.8 kB+51 B (+0.1%)
      size-with-ext-deps61.7 kB61.8 kB+51 B (+0.1%)

    • checkActionCode

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size38.6 kB38.6 kB+51 B (+0.1%)
      size-with-ext-deps59.5 kB59.5 kB+51 B (+0.1%)

    • confirmPasswordReset

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.7 kB37.7 kB+51 B (+0.1%)
      size-with-ext-deps58.6 kB58.6 kB+51 B (+0.1%)

    • connectAuthEmulator

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size39.1 kB39.1 kB+51 B (+0.1%)
      size-with-ext-deps60.0 kB60.0 kB+51 B (+0.1%)

    • createUserWithEmailAndPassword

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size42.1 kB42.1 kB+51 B (+0.1%)
      size-with-ext-deps63.0 kB63.0 kB+51 B (+0.1%)

    • debugErrorMap

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size49.6 kB49.6 kB+62 B (+0.1%)
      size-with-ext-deps70.4 kB70.5 kB+62 B (+0.1%)

    • deleteUser

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.4 kB37.4 kB+51 B (+0.1%)
      size-with-ext-deps58.3 kB58.3 kB+51 B (+0.1%)

    • fetchSignInMethodsForEmail

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.7 kB37.7 kB+51 B (+0.1%)
      size-with-ext-deps58.6 kB58.6 kB+51 B (+0.1%)

    • getAdditionalUserInfo

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size38.7 kB38.7 kB+51 B (+0.1%)
      size-with-ext-deps59.6 kB59.6 kB+51 B (+0.1%)

    • getAuth

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size71.9 kB71.9 kB+51 B (+0.1%)
      size-with-ext-deps99.4 kB99.5 kB+51 B (+0.1%)

    • getIdToken

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.4 kB37.4 kB+51 B (+0.1%)
      size-with-ext-deps58.3 kB58.3 kB+51 B (+0.1%)

    • getIdTokenResult

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.3 kB37.4 kB+51 B (+0.1%)
      size-with-ext-deps58.2 kB58.3 kB+51 B (+0.1%)

    • getMultiFactorResolver

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size40.3 kB40.3 kB+51 B (+0.1%)
      size-with-ext-deps61.1 kB61.2 kB+51 B (+0.1%)

    • getRedirectResult

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size44.9 kB44.9 kB+51 B (+0.1%)
      size-with-ext-deps65.8 kB65.8 kB+51 B (+0.1%)

    • inMemoryPersistence

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.3 kB37.4 kB+51 B (+0.1%)
      size-with-ext-deps58.2 kB58.3 kB+51 B (+0.1%)

    • indexedDBLocalPersistence

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size44.8 kB44.8 kB+51 B (+0.1%)
      size-with-ext-deps65.7 kB65.7 kB+51 B (+0.1%)

    • initializeAuth

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.6 kB37.7 kB+51 B (+0.1%)
      size-with-ext-deps59.0 kB59.0 kB+51 B (+0.1%)

    • initializeRecaptchaConfig

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size40.3 kB40.3 kB+51 B (+0.1%)
      size-with-ext-deps61.2 kB61.2 kB+51 B (+0.1%)

    • isSignInWithEmailLink

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size38.5 kB38.6 kB+51 B (+0.1%)
      size-with-ext-deps59.7 kB59.7 kB+51 B (+0.1%)

    • linkWithCredential

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size38.4 kB38.4 kB+51 B (+0.1%)
      size-with-ext-deps59.3 kB59.3 kB+51 B (+0.1%)

    • linkWithPhoneNumber

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size41.9 kB42.0 kB+51 B (+0.1%)
      size-with-ext-deps62.8 kB62.9 kB+51 B (+0.1%)

    • linkWithPopup

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size48.5 kB48.5 kB+51 B (+0.1%)
      size-with-ext-deps69.4 kB69.4 kB+51 B (+0.1%)

    • linkWithRedirect

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size43.7 kB43.7 kB+51 B (+0.1%)
      size-with-ext-deps64.6 kB64.6 kB+51 B (+0.1%)

    • multiFactor

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size39.6 kB39.6 kB+51 B (+0.1%)
      size-with-ext-deps60.4 kB60.5 kB+51 B (+0.1%)

    • onAuthStateChanged

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.4 kB37.5 kB+51 B (+0.1%)
      size-with-ext-deps58.3 kB58.3 kB+51 B (+0.1%)

    • onIdTokenChanged

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.4 kB37.4 kB+51 B (+0.1%)
      size-with-ext-deps58.3 kB58.3 kB+51 B (+0.1%)

    • parseActionCodeURL

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size38.5 kB38.5 kB+51 B (+0.1%)
      size-with-ext-deps59.6 kB59.6 kB+51 B (+0.1%)

    • prodErrorMap

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.3 kB37.4 kB+51 B (+0.1%)
      size-with-ext-deps58.2 kB58.3 kB+51 B (+0.1%)

    • reauthenticateWithCredential

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size38.9 kB39.0 kB+51 B (+0.1%)
      size-with-ext-deps59.8 kB59.9 kB+51 B (+0.1%)

    • reauthenticateWithPhoneNumber

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size42.5 kB42.5 kB+51 B (+0.1%)
      size-with-ext-deps63.4 kB63.4 kB+51 B (+0.1%)

    • reauthenticateWithPopup

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size48.5 kB48.5 kB+51 B (+0.1%)
      size-with-ext-deps69.4 kB69.4 kB+51 B (+0.1%)

    • reauthenticateWithRedirect

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size43.4 kB43.5 kB+51 B (+0.1%)
      size-with-ext-deps64.3 kB64.4 kB+51 B (+0.1%)

    • reload

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.3 kB37.4 kB+51 B (+0.1%)
      size-with-ext-deps58.2 kB58.3 kB+51 B (+0.1%)

    • revokeAccessToken

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.4 kB37.5 kB+51 B (+0.1%)
      size-with-ext-deps58.3 kB58.3 kB+51 B (+0.1%)

    • sendEmailVerification

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size38.3 kB38.3 kB+51 B (+0.1%)
      size-with-ext-deps59.2 kB59.2 kB+51 B (+0.1%)

    • sendPasswordResetEmail

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size41.7 kB41.7 kB+51 B (+0.1%)
      size-with-ext-deps62.6 kB62.6 kB+51 B (+0.1%)

    • sendSignInLinkToEmail

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size41.7 kB41.8 kB+51 B (+0.1%)
      size-with-ext-deps62.6 kB62.7 kB+51 B (+0.1%)

    • setPersistence

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.4 kB37.4 kB+51 B (+0.1%)
      size-with-ext-deps58.3 kB58.3 kB+51 B (+0.1%)

    • signInAnonymously

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size38.5 kB38.6 kB+51 B (+0.1%)
      size-with-ext-deps59.4 kB59.4 kB+51 B (+0.1%)

    • signInWithCredential

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size38.7 kB38.8 kB+51 B (+0.1%)
      size-with-ext-deps59.6 kB59.7 kB+51 B (+0.1%)

    • signInWithCustomToken

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size38.4 kB38.4 kB+51 B (+0.1%)
      size-with-ext-deps59.2 kB59.3 kB+51 B (+0.1%)

    • signInWithEmailAndPassword

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size46.0 kB46.1 kB+51 B (+0.1%)
      size-with-ext-deps67.2 kB67.2 kB+51 B (+0.1%)

    • signInWithEmailLink

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size46.0 kB46.1 kB+51 B (+0.1%)
      size-with-ext-deps67.2 kB67.2 kB+51 B (+0.1%)

    • signInWithPhoneNumber

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size42.3 kB42.3 kB+51 B (+0.1%)
      size-with-ext-deps63.2 kB63.2 kB+51 B (+0.1%)

    • signInWithPopup

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size48.4 kB48.5 kB+51 B (+0.1%)
      size-with-ext-deps69.4 kB69.4 kB+51 B (+0.1%)

    • signInWithRedirect

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size43.1 kB43.2 kB+51 B (+0.1%)
      size-with-ext-deps64.0 kB64.1 kB+51 B (+0.1%)

    • signOut

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.4 kB37.4 kB+51 B (+0.1%)
      size-with-ext-deps58.2 kB58.3 kB+51 B (+0.1%)

    • unlink

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.9 kB38.0 kB+51 B (+0.1%)
      size-with-ext-deps58.8 kB58.9 kB+51 B (+0.1%)

    • updateCurrentUser

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.4 kB37.4 kB+51 B (+0.1%)
      size-with-ext-deps58.3 kB58.3 kB+51 B (+0.1%)

    • updateEmail

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.7 kB37.7 kB+51 B (+0.1%)
      size-with-ext-deps58.5 kB58.6 kB+51 B (+0.1%)

    • updatePassword

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.7 kB37.7 kB+51 B (+0.1%)
      size-with-ext-deps58.5 kB58.6 kB+51 B (+0.1%)

    • updatePhoneNumber

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size38.1 kB38.2 kB+51 B (+0.1%)
      size-with-ext-deps59.0 kB59.0 kB+51 B (+0.1%)

    • updateProfile

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.9 kB37.9 kB+51 B (+0.1%)
      size-with-ext-deps58.7 kB58.8 kB+51 B (+0.1%)

    • useDeviceLanguage

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.4 kB37.4 kB+51 B (+0.1%)
      size-with-ext-deps58.3 kB58.3 kB+51 B (+0.1%)

    • validatePassword

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size37.4 kB37.5 kB+51 B (+0.1%)
      size-with-ext-deps58.3 kB58.3 kB+51 B (+0.1%)

    • verifyBeforeUpdateEmail

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size38.3 kB38.4 kB+51 B (+0.1%)
      size-with-ext-deps59.2 kB59.2 kB+51 B (+0.1%)

    • verifyPasswordResetCode

      Size

      TypeBase (bebecda)Merge (eba2de3)Diff
      size38.7 kB38.7 kB+51 B (+0.1%)
      size-with-ext-deps59.5 kB59.6 kB+51 B (+0.1%)

Test Logs

  1. https://storage.googleapis.com/firebase-sdk-metric-reports/cmVssQEwh8.html

@prameshj prameshj changed the base branch from master to email-enum-docs November 13, 2023 22:26
@prameshj prameshj changed the base branch from email-enum-docs to master November 13, 2023 22:27
@prameshj prameshj force-pushed the email-enum-docs2 branch 2 times, most recently from c045b6a to 3ec9b5e Compare November 13, 2023 22:37
@prameshj
Expose INVALID_LOGIN_CREDENTIALS as auth/invalid-credential error.
9291d5c 
Update the doc snippets for various SDK methods to explain the behavior when Email Enumeration Protection is enabled.
Mark fetchSignInMethodsForEmail and updateEmail as deprecated.
Update the demo app to use the error code.
Fix error message for the error code and update tests.
@prameshj prameshj marked this pull request as ready for review November 13, 2023 22:45
@prameshj @kevinthecheung
Update packages/auth/src/core/strategies/email_and_password.ts
88cc8a6 
Co-authored-by: Kevin Cheung <kevinthecheung@users.noreply.github.com>
riley-worthington
riley-worthington reviewed Nov 14, 2023
View reviewed changes
packages/auth/src/core/errors.ts
@@ -528,6 +528,7 @@ export const AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = {
INVALID_EMAIL: 'auth/invalid-email',
INVALID_EMULATOR_SCHEME: 'auth/invalid-emulator-scheme',
INVALID_IDP_RESPONSE: 'auth/invalid-credential',
INVALID_LOGIN_CREDENTIALS: 'auth/invalid-credential',
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this be "auth/invalid-login-credentials", the missing code reported in #7661?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We are reusing the existing error code 'auth/invalid-credential' since it is very similar to the backend error and is already public on the SDK.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a reason not to create a new error type?

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am using firebase 10.6.0 and it is returning auth/invalid-login-credentials when there is an incorrect username or password. Will this change to start returning auth/invalid-credential in later updates?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am using firebase 10.6.0 and it is returning auth/invalid-login-credentials when there is an incorrect username or password. Will this change to start returning auth/invalid-credential in later updates?

That's correct. It is currently converting the server error "INVALID_LOGIN_CREDENTIALS" to lower-case and sending that error code -

firebase-js-sdk/packages/auth/src/api/index.ts

Line 204 in bebecda

(serverErrorCode

We will now populate the error map so the server error maps to "auth/invalid-credential"

Is there a reason not to create a new error type?

This is to avoid creating another error code that is very similar to the existing invalid-credential code and to be consistent across iOS, Android and Web. On Android, we are reusing the https://firebase.google.com/docs/reference/android/com/google/firebase/auth/FirebaseAuthInvalidCredentialsException rather than create a new one, so following a similar approach on Web. Do you see any issue with this approach?

Changing behavior from auth/invalid-login-credentials (a non-exposed error code) to auth/invalid-credential (a public error code) can be a breaking change, but i am not sure, since the previous error code was not public. WDYT @DellaBitta ?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds like a good reason to me. Thanks for the clarification!

DellaBitta
DellaBitta requested changes Nov 14, 2023
View reviewed changes
docs-devsite/auth.md Outdated Show resolved Hide resolved
docs-devsite/auth.md Outdated
@@ -412,7 +413,7 @@ export declare function fetchSignInMethodsForEmail(auth: Auth, email: string): P
| Parameter | Type | Description |
| --- | --- | --- |
| auth | [Auth](./auth.auth.md#auth_interface) | The [Auth](./auth.auth.md#auth_interface) instance. |
| email | string | The user's email address. |
| email | string | The user's email address.<!-- -->Deprecated Migrating off of this method is recommended as a security best-practice. |
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing a period here. Based on the other Deprecated things in this document, I think it should be 'Deprecated.'

packages/auth/demo/src/index.js Outdated Show resolved Hide resolved
packages/auth/src/core/errors.ts
@@ -528,6 +528,7 @@ export const AUTH_ERROR_CODES_MAP_DO_NOT_USE_INTERNALLY = {
INVALID_EMAIL: 'auth/invalid-email',
INVALID_EMULATOR_SCHEME: 'auth/invalid-emulator-scheme',
INVALID_IDP_RESPONSE: 'auth/invalid-credential',
INVALID_LOGIN_CREDENTIALS: 'auth/invalid-credential',
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a reason not to create a new error type?

packages/auth/src/core/strategies/email.ts Outdated Show resolved Hide resolved
@prameshj prameshj merged commit b2163b3 into master Nov 15, 2023
37 of 39 checks passed
@prameshj prameshj deleted the email-enum-docs2 branch November 15, 2023 18:35
@google-oss-bot google-oss-bot mentioned this pull request Nov 20, 2023
Merged
@PodStuart
Copy link

Is this not a breaking change? Should it have gone out in a minor release?

Also the docs here state that this is an SDK error code.

@prameshj
Copy link
Contributor Author

prameshj commented Dec 1, 2023

Is this not a breaking change? Should it have gone out in a minor release?

Also the docs here state that this is an SDK error code.

The rationale here was that the error code change is applicable when Email Enumeration Protection is enabled and the error code for "auth/invalid-login-credentials" wasn't publicly exposed previously. So it was less of a breaking change, and more of a "publicly exposing the error code for the first time" change.

However, i do see that the string for the error code changed (from "auth/invalid-login-credentials" to "auth/invalid-credential" ), so apologies for this oversight.

The docs you linked are the admin SDK error codes - https://firebase.google.com/docs/auth/admin/errors
But this is a client SDK error code and is exposed in https://firebase.google.com/docs/reference/js/auth.md#autherrorcodes

@PodStuart
Copy link

Thanks for the clarification on the documentation. My mistake.

The error code change caught us out. We're automating updates and releasing daily so it wasn't until the Sentry alert fired that we noticed.

No real harm done but the initial thought based on the error code was that somehow we were accidentally trying to call admin SDK code client side 😅.

@firebase firebase locked and limited conversation to collaborators Dec 16, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@riley-worthington riley-worthington riley-worthington left review comments

@renkelvin renkelvin renkelvin approved these changes

@DellaBitta DellaBitta DellaBitta approved these changes

@hsubox76 hsubox76 hsubox76 approved these changes

@kevinthecheung kevinthecheung kevinthecheung approved these changes

@egilmorez egilmorez Awaiting requested review from egilmorez

@markarndt markarndt Awaiting requested review from markarndt

@lisajian lisajian Awaiting requested review from lisajian lisajian is a code owner

@sam-gc sam-gc Awaiting requested review from sam-gc sam-gc is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
8 participants
@prameshj @google-oss-bot @PodStuart @renkelvin @DellaBitta @hsubox76 @kevinthecheung @riley-worthington