Skip to content

feat: add TOTP MFA support and improve Auth test coverage #114

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
demolaf wants to merge 14 commits into
base: next
Choose a base branch
from
Open

feat: add TOTP MFA support and improve Auth test coverage #114

demolaf wants to merge 14 commits into from

Conversation

@demolaf
Copy link
Member

@demolaf demolaf commented Dec 15, 2025

This PR adds TOTP multi-factor authentication support and improves Auth test coverage with better error handling.

What changed

• TOTP Multi-Factor Authentication: Added support for TOTP MFA with configuration and serialization
• Session Cookie Improvements: Refactored createSessionCookie to use SessionCookieOptions for better type safety
• Fixed error code consistency: use invalidUid instead of invalidProviderUid in getAccountInfoByFederatedUid for better semantic accuracy
• Improved JWT decode exception handling in verifySessionCookie
• Fixed session cookie JWT exceptions and integer division issues
• Added comprehensive unit and integration tests for Auth methods including verifyIdToken, verifySessionCookie, updateUser, updateProviderConfig, and getUserByProviderUid
• Improved test patterns with production-safe helpers and emulator safety checks
• Fixed Dart analysis type inference warnings by adding explicit type arguments
• Improved AuthProviderConfig sealed class usage to fix casting errors
• Refactored toGoogleCloudIdentitytoolkitV1MfaFactor methods for better readability

demolaf added 11 commits December 12, 2025 14:53
@github-actions
Copy link

github-actions bot commented Dec 15, 2025
edited
Loading

Coverage Report

✅ Coverage 70.66% meets 40% threshold

Coverage: 70.66%
Lines Covered: 3429/4853

Minimum threshold: 40%

@demolaf
feat(auth): add support for reCAPTCHA managed rules, key types, and t…
66acfe9 
…oll fraud protection in tenant config

- Introduce RecaptchaAction, RecaptchaKeyClientType enums, RecaptchaManagedRule, RecaptchaTollFraudManagedRule, and RecaptchaKey classes
- Extend RecaptchaConfig to support managedRules, recaptchaKeys, useSmsBotScore, useSmsTollFraudProtection, and smsTollFraudManagedRules
- Update serialization, deserialization, and validation logic for new fields
- Enhance tests to cover new reCAPTCHA config features
- Update request handler to map new reCAPTCHA config fields
@codecov
Copy link

codecov bot commented Dec 15, 2025

Codecov Report

❌ Patch coverage is 59.58702% with 137 lines in your changes missing coverage. Please review.
⚠️ Please upload report for BASE (next@8321902). Learn more about missing BASE report.

Files with missing lines Patch % Lines
...irebase_admin/lib/src/auth/auth_config_tenant.dart 48.57% 72 Missing ⚠️
...ebase_admin/lib/src/auth/auth_request_handler.dart 44.04% 47 Missing ⚠️
.../dart_firebase_admin/lib/src/auth/auth_config.dart 86.48% 10 Missing ⚠️
...rt_firebase_admin/lib/src/auth/token_verifier.dart 0.00% 7 Missing ⚠️
...rt_firebase_admin/lib/src/auth/tenant_manager.dart 0.00% 1 Missing ⚠️
Additional details and impacted files 
@@           Coverage Diff           @@
##             next     #114   +/-   ##
=======================================
  Coverage        ?   70.20%           
=======================================
  Files           ?       67           
  Lines           ?     4829           
  Branches        ?        0           
=======================================
  Hits            ?     3390           
  Misses          ?     1439           
  Partials        ?        0
Flag Coverage Δ
unittests 70.20% <59.58%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@demolaf