firebase · pragatimodi · May 6, 2024 · Jan 29, 2024 · Jan 29, 2024 · Jan 29, 2024
diff --git a/FirebaseAuth/Tests/SampleSwift/AuthenticationExample/Models/AuthMenu.swift b/FirebaseAuth/Tests/SampleSwift/AuthenticationExample/Models/AuthMenu.swift
@@ -48,6 +48,9 @@ enum AuthMenu: String {
   case checkActionCode
   case applyActionCode
   case verifyPasswordResetCode
+  case phoneEnroll
+  case totpEnroll
+  case multifactorUnenroll
 
   // More intuitively named getter for `rawValue`.
   var id: String { rawValue }
@@ -83,10 +86,13 @@ enum AuthMenu: String {
       return "Anonymous Authentication"
     case .custom:
       return "Custom Auth System"
+    // Recpatcha
     case .initRecaptcha:
       return "Initialize reCAPTCHA Enterprise"
+    // Custom Auth Domain
     case .customAuthDomain:
       return "Set Custom Auth Domain"
+    // App Section
     case .getToken:
       return "Get Token"
     case .getTokenForceRefresh:
@@ -120,6 +126,13 @@ enum AuthMenu: String {
       return "Apply Action Code"
     case .verifyPasswordResetCode:
       return "Verify Password Reset Code"
+    // Multi factor
+    case .phoneEnroll:
+      return "Phone Enroll"
+    case .totpEnroll:
+      return "TOTP Enroll"
+    case .multifactorUnenroll:
+      return "Multifactor unenroll"
     }
   }
 
@@ -191,6 +204,12 @@ enum AuthMenu: String {
       self = .applyActionCode
     case "Verify Password Reset Code":
       self = .verifyPasswordResetCode
+    case "Phone Enroll":
+      self = .phoneEnroll
+    case "TOTP Enroll":
+      self = .totpEnroll
+    case "Multifactor unenroll":
+      self = .multifactorUnenroll
     default:
       return nil
     }
@@ -314,9 +333,19 @@ class AuthMenuData: DataSourceProvidable {
     return Section(headerDescription: header, items: items)
   }
 
+  static var multifactorSection: Section {
+    let header = "Multi Factor"
+    let items: [Item] = [
+      Item(title: AuthMenu.phoneEnroll.name),
+      Item(title: AuthMenu.totpEnroll.name),
+      Item(title: AuthMenu.multifactorUnenroll.name),
+    ]
+    return Section(headerDescription: header, items: items)
+  }
+
   static var sections: [Section] =
     [settingsSection, providerSection, emailPasswordSection, otherSection, recaptchaSection,
-     customAuthDomainSection, appSection, oobSection]
+     customAuthDomainSection, appSection, oobSection, multifactorSection]
 
   static var authLinkSections: [Section] {
     let allItems = AuthMenuData.sections.flatMap { $0.items }

diff --git a/FirebaseAuth/Tests/SampleSwift/AuthenticationExample/SwiftApplication.plist b/FirebaseAuth/Tests/SampleSwift/AuthenticationExample/SwiftApplication.plist
@@ -24,10 +24,7 @@
 			<key>CFBundleURLName</key>
 			<string></string>
 			<key>CFBundleURLSchemes</key>
-			<array>
-				<string>app-1-1085102361755-ios-2b9d4a82e5df229f</string>
-				<string>app-1-1085102361755-ios-74df231d8a2072e45dca3e</string>
-			</array>
+			<array/>
 		</dict>
 	</array>
 	<key>CFBundleVersion</key>

diff --git a/...baseAuth/Tests/SampleSwift/AuthenticationExample/ViewControllers/AuthViewController.swift b/...baseAuth/Tests/SampleSwift/AuthenticationExample/ViewControllers/AuthViewController.swift
@@ -77,7 +77,9 @@ class AuthViewController: UIViewController, DataSourceProviderDelegate {
   func didSelectRowAt(_ indexPath: IndexPath, on tableView: UITableView) {
     let item = dataSourceProvider.item(at: indexPath)
 
-    let providerName = item.isEditable ? item.detailTitle! : item.title!
+    guard let providerName = item.title else {
+      fatalError("Invalid item name")
+    }
 
     guard let provider = AuthMenu(rawValue: providerName) else {
       // The row tapped has no affiliated action.
@@ -171,6 +173,15 @@ class AuthViewController: UIViewController, DataSourceProviderDelegate {
 
     case .verifyPasswordResetCode:
       verifyPasswordResetCode()
+
+    case .phoneEnroll:
+      phoneEnroll()
+
+    case .totpEnroll:
+      totpEnroll()
+
+    case .multifactorUnenroll:
+      mfaUnenroll()
     }
   }
 
@@ -721,6 +732,202 @@ class AuthViewController: UIViewController, DataSourceProviderDelegate {
     }
   }
 
+  private func phoneEnroll() {
+    guard let user = AppManager.shared.auth().currentUser else {
+      showAlert(for: "No user logged in!")
+      print("Error: User must be logged in first.")
+      return
+    }
+
+    showTextInputPrompt(with: "Phone Number:") { phoneNumber in
+      user.multiFactor.getSessionWithCompletion { session, error in
+        guard let session = session else { return }
+        guard error == nil else {
+          self.showAlert(for: "Enrollment failed")
+          print("Multi factor start enroll failed. Error: \(error!)")
+          return
+        }
+
+        PhoneAuthProvider.provider()
+          .verifyPhoneNumber(phoneNumber, multiFactorSession: session) { verificationID, error in
+            guard error == nil else {
+              self.showAlert(for: "Enrollment failed")
+              print("Multi factor start enroll failed. Error: \(error!)")
+              return
+            }
+
+            self.showTextInputPrompt(with: "Verification Code: ") { verificationCode in
+              let credential = PhoneAuthProvider.provider().credential(
+                withVerificationID: verificationID!,
+                verificationCode: verificationCode
+              )
+              let assertion = PhoneMultiFactorGenerator.assertion(with: credential)
+
+              self.showTextInputPrompt(with: "Display Name:") { displayName in
+                user.multiFactor.enroll(with: assertion, displayName: displayName) { error in
+                  if let error = error {
+                    self.showAlert(for: "Enrollment failed")
+                    print("Multi factor finalize enroll failed. Error: \(error)")
+                  } else {
+                    self.showAlert(for: "Successfully enrolled: \(displayName)")
+                    print("Multi factor finalize enroll succeeded.")
+                  }
+                }
+              }
+            }
+          }
+      }
+    }
+  }
+
+  private func totpEnroll() {
+    guard let user = AppManager.shared.auth().currentUser else {
+      print("Error: User must be logged in first.")
+      return
+    }
+
+    user.multiFactor.getSessionWithCompletion { session, error in
+      guard let session = session, error == nil else {
+        if let error = error {
+          self.showAlert(for: "Enrollment failed")
+          print("Multi factor start enroll failed. Error: \(error.localizedDescription)")
+        } else {
+          self.showAlert(for: "Enrollment failed")
+          print("Multi factor start enroll failed with unknown error.")
+        }
+        return
+      }
+
+      TOTPMultiFactorGenerator.generateSecret(with: session) { secret, error in
+        guard let secret = secret, error == nil else {
+          if let error = error {
+            self.showAlert(for: "Enrollment failed")
+            print("Error generating TOTP secret. Error: \(error.localizedDescription)")
+          } else {
+            self.showAlert(for: "Enrollment failed")
+            print("Error generating TOTP secret.")
+          }
+          return
+        }
+
+        guard let accountName = user.email, let issuer = Auth.auth().app?.name else {
+          self.showAlert(for: "Enrollment failed")
+          print("Multi factor finalize enroll failed. Could not get account details.")
+          return
+        }
+
+        DispatchQueue.main.async {
+          let url = secret.generateQRCodeURL(withAccountName: accountName, issuer: issuer)
+
+          guard !url.isEmpty else {
+            self.showAlert(for: "Enrollment failed")
+            print("Multi factor finalize enroll failed. Could not generate URL.")
+            return
+          }
+
+          secret.openInOTPApp(withQRCodeURL: url)
+
+          self
+            .showQRCodePromptWithTextInput(with: "Scan this QR code and enter OTP:",
+                                           url: url) { oneTimePassword in
+              guard !oneTimePassword.isEmpty else {
+                self.showAlert(for: "Display name must not be empty")
+                print("OTP not entered.")
+                return
+              }
+
+              let assertion = TOTPMultiFactorGenerator.assertionForEnrollment(
+                with: secret,
+                oneTimePassword: oneTimePassword
+              )
+
+              self.showTextInputPrompt(with: "Display Name") { displayName in
+                guard !displayName.isEmpty else {
+                  self.showAlert(for: "Display name must not be empty")
+                  print("Display name not entered.")
+                  return
+                }
+
+                user.multiFactor.enroll(with: assertion, displayName: displayName) { error in
+                  if let error = error {
+                    self.showAlert(for: "Enrollment failed")
+                    print(
+                      "Multi factor finalize enroll failed. Error: \(error.localizedDescription)"
+                    )
+                  } else {
+                    self.showAlert(for: "Successfully enrolled: \(displayName)")
+                    print("Multi factor finalize enroll succeeded.")
+                  }
+                }
+              }
+            }
+        }
+      }
+    }
+  }
+
+  func mfaUnenroll() {
+    var displayNames: [String] = []
+
+    guard let currentUser = Auth.auth().currentUser else {
+      print("Error: No current user")
+      return
+    }
+
+    for factorInfo in currentUser.multiFactor.enrolledFactors {
+      if let displayName = factorInfo.displayName {
+        displayNames.append(displayName)
+      }
+    }
+
+    let alertController = UIAlertController(
+      title: "Select Multi Factor to Unenroll",
+      message: nil,
+      preferredStyle: .actionSheet
+    )
+
+    for displayName in displayNames {
+      let action = UIAlertAction(title: displayName, style: .default) { _ in
+        self.unenrollFactor(with: displayName)
+      }
+      alertController.addAction(action)
+    }
+
+    let cancelAction = UIAlertAction(title: "Cancel", style: .cancel, handler: nil)
+    alertController.addAction(cancelAction)
+
+    present(alertController, animated: true, completion: nil)
+  }
+
+  private func unenrollFactor(with displayName: String) {
+    guard let currentUser = Auth.auth().currentUser else {
+      showAlert(for: "User must be logged in")
+      print("Error: No current user")
+      return
+    }
+
+    var factorInfoToUnenroll: MultiFactorInfo?
+
+    for factorInfo in currentUser.multiFactor.enrolledFactors {
+      if factorInfo.displayName == displayName {
+        factorInfoToUnenroll = factorInfo
+        break
+      }
+    }
+
+    if let factorInfo = factorInfoToUnenroll {
+      currentUser.multiFactor.unenroll(withFactorUID: factorInfo.uid) { error in
+        if let error = error {
+          self.showAlert(for: "Failed to unenroll factor: \(displayName)")
+          print("Multi factor unenroll failed. Error: \(error.localizedDescription)")
+        } else {
+          self.showAlert(for: "Successfully unenrolled: \(displayName)")
+          print("Multi factor unenroll succeeded.")
+        }
+      }
+    }
+  }
+
   // MARK: - Private Helpers
 
   private func showTextInputPrompt(with message: String, completion: ((String) -> Void)? = nil) {