fix(authentication): reject calls when provider is not configured (#954)

* fix(authentication): reject calls when provider is not configured

Add null/nil checks for auth provider handlers so that calling a
sign-in or link method for a provider not listed in the Capacitor
config rejects with a clear error message instead of crashing (Android)
or silently hanging (iOS).

* refactor(authentication): remove @objc from throwing phone methods

These methods are only called from Swift, so @objc is unnecessary.

* docs: add changeset

Author: robingenz

.changeset/good-hats-do.md

@@ -0,0 +1,5 @@
+---
+'@capacitor-firebase/authentication': patch
+---
+
+fix: reject calls when provider is not configured

packages/authentication/android/src/main/java/io/capawesome/capacitorjs/plugins/firebase/authentication/FirebaseAuthentication.java

@@ -60,12 +60,23 @@ public class FirebaseAuthentication {
     private FirebaseAuthenticationConfig config;
     private FirebaseAuth.AuthStateListener firebaseAuthStateListener;
     private FirebaseAuth.IdTokenListener firebaseIdTokenChangeListener;
+
+    @Nullable
     private AppleAuthProviderHandler appleAuthProviderHandler;
+
+    @Nullable
     private FacebookAuthProviderHandler facebookAuthProviderHandler;
+
+    @Nullable
     private GoogleAuthProviderHandler googleAuthProviderHandler;
+
     public ActivityResultLauncher<IntentSenderRequest> googleAuthorizationResultLauncher;
     private OAuthProviderHandler oAuthProviderHandler;
+
+    @Nullable
     private PhoneAuthProviderHandler phoneAuthProviderHandler;
+
+    @Nullable
     private PlayGamesAuthProviderHandler playGamesAuthProviderHandler;
 
     public FirebaseAuthentication(FirebaseAuthenticationPlugin plugin, FirebaseAuthenticationConfig config) {
@@ -136,6 +147,10 @@ public void confirmPasswordReset(@NonNull String oobCode, @NonNull String newPas
     }
 
     public void confirmVerificationCode(@NonNull ConfirmVerificationCodeOptions options, @NonNull NonEmptyResultCallback callback) {
+        if (phoneAuthProviderHandler == null) {
+            callback.error(new Exception(createProviderNotEnabledErrorMessage("Phone")));
+            return;
+        }
         phoneAuthProviderHandler.confirmVerificationCode(options, callback);
     }
 
@@ -221,6 +236,10 @@ public boolean isSignInWithEmailLink(@NonNull String emailLink) {
     }
 
     public void linkWithApple(final PluginCall call) {
+        if (appleAuthProviderHandler == null) {
+            call.reject(createProviderNotEnabledErrorMessage("Apple"));
+            return;
+        }
         appleAuthProviderHandler.link(call);
     }
 
@@ -289,6 +308,10 @@ public void linkWithEmailLink(final PluginCall call) {
     }
 
     public void linkWithFacebook(final PluginCall call) {
+        if (facebookAuthProviderHandler == null) {
+            call.reject(createProviderNotEnabledErrorMessage("Facebook"));
+            return;
+        }
         facebookAuthProviderHandler.link(call);
     }
 
@@ -297,6 +320,10 @@ public void linkWithGithub(final PluginCall call) {
     }
 
     public void linkWithGoogle(final PluginCall call) {
+        if (googleAuthProviderHandler == null) {
+            call.reject(createProviderNotEnabledErrorMessage("Google"));
+            return;
+        }
         googleAuthProviderHandler.link(call);
     }
 
@@ -309,10 +336,17 @@ public void linkWithOpenIdConnect(final PluginCall call, final String providerId
     }
 
     public void linkWithPhoneNumber(@NonNull final LinkWithPhoneNumberOptions options) throws Exception {
+        if (phoneAuthProviderHandler == null) {
+            throw new Exception(createProviderNotEnabledErrorMessage("Phone"));
+        }
         phoneAuthProviderHandler.link(options);
     }
 
     public void linkWithPlayGames(final PluginCall call) {
+        if (playGamesAuthProviderHandler == null) {
+            call.reject(createProviderNotEnabledErrorMessage("Play Games"));
+            return;
+        }
         playGamesAuthProviderHandler.link(call);
     }
 
@@ -416,6 +450,10 @@ public void signInAnonymously(final PluginCall call) {
     }
 
     public void signInWithApple(final PluginCall call) {
+        if (appleAuthProviderHandler == null) {
+            call.reject(createProviderNotEnabledErrorMessage("Apple"));
+            return;
+        }
         appleAuthProviderHandler.signIn(call);
     }
 
@@ -479,6 +517,10 @@ public void signInWithEmailLink(final PluginCall call) {
     }
 
     public void signInWithFacebook(final PluginCall call) {
+        if (facebookAuthProviderHandler == null) {
+            call.reject(createProviderNotEnabledErrorMessage("Facebook"));
+            return;
+        }
         facebookAuthProviderHandler.signIn(call);
     }
 
@@ -487,6 +529,10 @@ public void signInWithGithub(final PluginCall call) {
     }
 
     public void signInWithGoogle(final PluginCall call) {
+        if (googleAuthProviderHandler == null) {
+            call.reject(createProviderNotEnabledErrorMessage("Google"));
+            return;
+        }
         googleAuthProviderHandler.signIn(call);
     }
 
@@ -499,10 +545,17 @@ public void signInWithOpenIdConnect(final PluginCall call, final String provider
     }
 
     public void signInWithPhoneNumber(final SignInWithPhoneNumberOptions options) throws Exception {
+        if (phoneAuthProviderHandler == null) {
+            throw new Exception(createProviderNotEnabledErrorMessage("Phone"));
+        }
         phoneAuthProviderHandler.signIn(options);
     }
 
     public void signInWithPlayGames(final PluginCall call) {
+        if (playGamesAuthProviderHandler == null) {
+            call.reject(createProviderNotEnabledErrorMessage("Play Games"));
+            return;
+        }
         playGamesAuthProviderHandler.signIn(call);
     }
 
@@ -633,18 +686,34 @@ public void startActivityForResult(final PluginCall call, Intent intent, String
     }
 
     public void handleGoogleAuthProviderSignInActivityResult(@NonNull final PluginCall call, @NonNull ActivityResult result) {
+        if (googleAuthProviderHandler == null) {
+            call.reject(createProviderNotEnabledErrorMessage("Google"));
+            return;
+        }
         googleAuthProviderHandler.handleOnActivityResult(call, result, false);
     }
 
     public void handleGoogleAuthProviderLinkActivityResult(@NonNull final PluginCall call, @NonNull ActivityResult result) {
+        if (googleAuthProviderHandler == null) {
+            call.reject(createProviderNotEnabledErrorMessage("Google"));
+            return;
+        }
         googleAuthProviderHandler.handleOnActivityResult(call, result, true);
     }
 
     public void handlePlayGamesAuthProviderSignInActivityResult(@NonNull final PluginCall call, @NonNull ActivityResult result) {
+        if (playGamesAuthProviderHandler == null) {
+            call.reject(createProviderNotEnabledErrorMessage("Play Games"));
+            return;
+        }
         playGamesAuthProviderHandler.handleOnActivityResult(call, result, false);
     }
 
     public void handlePlayGamesAuthProviderLinkActivityResult(@NonNull final PluginCall call, @NonNull ActivityResult result) {
+        if (playGamesAuthProviderHandler == null) {
+            call.reject(createProviderNotEnabledErrorMessage("Play Games"));
+            return;
+        }
         playGamesAuthProviderHandler.handleOnActivityResult(call, result, true);
     }
 
@@ -897,6 +966,14 @@ public FirebaseAuthenticationConfig getConfig() {
         return config;
     }
 
+    @NonNull
+    private static String createProviderNotEnabledErrorMessage(@NonNull String providerName) {
+        return (
+            providerName +
+            " sign-in provider is not enabled. Make sure to add the provider to the 'providers' list in the Capacitor configuration."
+        );
+    }
+
     private void initAuthProviderHandlers(FirebaseAuthenticationConfig config) {
         List<String> providerList = Arrays.asList(config.getProviders());
         if (providerList.contains(ProviderId.APPLE)) {

packages/authentication/ios/Plugin/FirebaseAuthentication.swift

@@ -82,7 +82,11 @@ public typealias AuthStateChangedObserver = () -> Void
     }
 
     @objc func confirmVerificationCode(_ options: ConfirmVerificationCodeOptions, completion: @escaping (Result?, Error?) -> Void) {
-        self.phoneAuthProviderHandler?.confirmVerificationCode(options, completion: completion)
+        guard let phoneAuthProviderHandler = self.phoneAuthProviderHandler else {
+            completion(nil, RuntimeError(createProviderNotEnabledErrorMessage("Phone")))
+            return
+        }
+        phoneAuthProviderHandler.confirmVerificationCode(options, completion: completion)
     }
 
     @objc func deleteUser(user: User, completion: @escaping (Error?) -> Void) {
@@ -151,8 +155,12 @@ public typealias AuthStateChangedObserver = () -> Void
     }
 
     @objc func linkWithApple(_ call: CAPPluginCall) {
+        guard let appleAuthProviderHandler = self.appleAuthProviderHandler else {
+            call.reject(createProviderNotEnabledErrorMessage("Apple"))
+            return
+        }
         self.savedCall = call
-        self.appleAuthProviderHandler?.link(call: call)
+        appleAuthProviderHandler.link(call: call)
     }
 
     @objc func linkWithEmailAndPassword(_ call: CAPPluginCall) {
@@ -215,13 +223,21 @@ public typealias AuthStateChangedObserver = () -> Void
     }
 
     @objc func linkWithFacebook(_ call: CAPPluginCall) {
+        guard let facebookAuthProviderHandler = self.facebookAuthProviderHandler else {
+            call.reject(createProviderNotEnabledErrorMessage("Facebook"))
+            return
+        }
         self.savedCall = call
-        self.facebookAuthProviderHandler?.link(call: call)
+        facebookAuthProviderHandler.link(call: call)
     }
 
     @objc func linkWithGameCenter(_ call: CAPPluginCall) {
+        guard let gameCenterAuthProviderHandler = self.gameCenterAuthProviderHandler else {
+            call.reject(createProviderNotEnabledErrorMessage("Game Center"))
+            return
+        }
         self.savedCall = call
-        self.gameCenterAuthProviderHandler?.link(call: call)
+        gameCenterAuthProviderHandler.link(call: call)
     }
 
     @objc func linkWithGithub(_ call: CAPPluginCall) {
@@ -230,8 +246,12 @@ public typealias AuthStateChangedObserver = () -> Void
     }
 
     @objc func linkWithGoogle(_ call: CAPPluginCall) {
+        guard let googleAuthProviderHandler = self.googleAuthProviderHandler else {
+            call.reject(createProviderNotEnabledErrorMessage("Google"))
+            return
+        }
         self.savedCall = call
-        self.googleAuthProviderHandler?.link(call: call)
+        googleAuthProviderHandler.link(call: call)
     }
 
     @objc func linkWithMicrosoft(_ call: CAPPluginCall) {
@@ -244,8 +264,11 @@ public typealias AuthStateChangedObserver = () -> Void
         self.oAuthProviderHandler?.link(call: call, providerId: providerId)
     }
 
-    @objc func linkWithPhoneNumber(_ options: LinkWithPhoneNumberOptions) {
-        self.phoneAuthProviderHandler?.link(options)
+    func linkWithPhoneNumber(_ options: LinkWithPhoneNumberOptions) throws {
+        guard let phoneAuthProviderHandler = self.phoneAuthProviderHandler else {
+            throw RuntimeError(createProviderNotEnabledErrorMessage("Phone"))
+        }
+        phoneAuthProviderHandler.link(options)
     }
 
     @objc func linkWithTwitter(_ call: CAPPluginCall) {
@@ -358,8 +381,12 @@ public typealias AuthStateChangedObserver = () -> Void
     }
 
     @objc func signInWithApple(_ call: CAPPluginCall) {
+        guard let appleAuthProviderHandler = self.appleAuthProviderHandler else {
+            call.reject(createProviderNotEnabledErrorMessage("Apple"))
+            return
+        }
         self.savedCall = call
-        self.appleAuthProviderHandler?.signIn(call: call)
+        appleAuthProviderHandler.signIn(call: call)
     }
 
     @objc func signInWithCustomToken(_ call: CAPPluginCall) {
@@ -440,13 +467,21 @@ public typealias AuthStateChangedObserver = () -> Void
     }
 
     @objc func signInWithFacebook(_ call: CAPPluginCall) {
+        guard let facebookAuthProviderHandler = self.facebookAuthProviderHandler else {
+            call.reject(createProviderNotEnabledErrorMessage("Facebook"))
+            return
+        }
         self.savedCall = call
-        self.facebookAuthProviderHandler?.signIn(call: call)
+        facebookAuthProviderHandler.signIn(call: call)
     }
 
     @objc func signInWithGameCenter(_ call: CAPPluginCall) {
+        guard let gameCenterAuthProviderHandler = self.gameCenterAuthProviderHandler else {
+            call.reject(createProviderNotEnabledErrorMessage("Game Center"))
+            return
+        }
         self.savedCall = call
-        self.gameCenterAuthProviderHandler?.signIn(call: call)
+        gameCenterAuthProviderHandler.signIn(call: call)
     }
 
     @objc func signInWithGithub(_ call: CAPPluginCall) {
@@ -455,8 +490,12 @@ public typealias AuthStateChangedObserver = () -> Void
     }
 
     @objc func signInWithGoogle(_ call: CAPPluginCall) {
+        guard let googleAuthProviderHandler = self.googleAuthProviderHandler else {
+            call.reject(createProviderNotEnabledErrorMessage("Google"))
+            return
+        }
         self.savedCall = call
-        self.googleAuthProviderHandler?.signIn(call: call)
+        googleAuthProviderHandler.signIn(call: call)
     }
 
     @objc func signInWithMicrosoft(_ call: CAPPluginCall) {
@@ -469,8 +508,11 @@ public typealias AuthStateChangedObserver = () -> Void
         self.oAuthProviderHandler?.signIn(call: call, providerId: providerId)
     }
 
-    @objc func signInWithPhoneNumber(_ options: SignInWithPhoneNumberOptions) {
-        self.phoneAuthProviderHandler?.signIn(options)
+    func signInWithPhoneNumber(_ options: SignInWithPhoneNumberOptions) throws {
+        guard let phoneAuthProviderHandler = self.phoneAuthProviderHandler else {
+            throw RuntimeError(createProviderNotEnabledErrorMessage("Phone"))
+        }
+        phoneAuthProviderHandler.signIn(options)
     }
 
     @objc func signInWithTwitter(_ call: CAPPluginCall) {
@@ -676,6 +718,10 @@ public typealias AuthStateChangedObserver = () -> Void
         completion(CheckAppTrackingTransparencyPermissionResult(ATTrackingManager.trackingAuthorizationStatus))
     }
 
+    private func createProviderNotEnabledErrorMessage(_ providerName: String) -> String {
+        return "\(providerName) sign-in provider is not enabled. Make sure to add the provider to the 'providers' list in the Capacitor configuration."
+    }
+
     private func initAuthProviderHandlers(config: FirebaseAuthenticationConfig) {
         if config.providers.contains(ProviderId.apple) {
             self.appleAuthProviderHandler = AppleAuthProviderHandler(self)

packages/authentication/ios/Plugin/FirebaseAuthenticationPlugin.swift

@@ -327,8 +327,13 @@ public class FirebaseAuthenticationPlugin: CAPPlugin, CAPBridgedPlugin {
         }
         let options = LinkWithPhoneNumberOptions(phoneNumber: phoneNumber)
 
-        implementation?.linkWithPhoneNumber(options)
-        call.resolve()
+        do {
+            try implementation?.linkWithPhoneNumber(options)
+            call.resolve()
+        } catch {
+            CAPLog.print("[", self.tag, "] ", error)
+            call.reject(error.localizedDescription)
+        }
     }
 
     @objc func linkWithPlayGames(_ call: CAPPluginCall) {
@@ -518,8 +523,13 @@ public class FirebaseAuthenticationPlugin: CAPPlugin, CAPBridgedPlugin {
         }
         let options = SignInWithPhoneNumberOptions(skipNativeAuth: skipNativeAuth, phoneNumber: phoneNumber)
 
-        implementation?.signInWithPhoneNumber(options)
-        call.resolve()
+        do {
+            try implementation?.signInWithPhoneNumber(options)
+            call.resolve()
+        } catch {
+            CAPLog.print("[", self.tag, "] ", error)
+            call.reject(error.localizedDescription)
+        }
     }
 
     @objc func signInWithPlayGames(_ call: CAPPluginCall) {