finalize passkey sign in request & respponse

FirebaseAuth/Sources/Backend/FIRAuthBackend.h

@@ -64,6 +64,8 @@
 @class FIRFinalizePasskeyEnrollmentResponse;
 @class FIRStartPasskeySignInRequest;
 @class FIRStartPasskeySignInResponse;
+@class FIRFinalizePasskeySignInRequest;
+@class FIRFinalizePasskeySignInResponse;
 
 @protocol FIRAuthBackendImplementation;
 @protocol FIRAuthBackendRPCIssuer;
@@ -272,7 +274,7 @@ typedef void (^FIRStartPasskeyEnrollmentResponseCallback)(
 
 /**
  @typedef FIRFinalizePasskeyEnrollmentResponseCallback
- @brief The type of block used to return the result of a call to the startPasskeyEnrollment
+ @brief The type of block used to return the result of a call to the finalizePasskeyEnrollment
  endpoint.
  @param response The received response, if any.
  @param error The error which occurred, if any.
@@ -292,6 +294,17 @@ endpoint.
 typedef void (^FIRStartPasskeySignInResponseCallback)(
     FIRStartPasskeySignInResponse *_Nullable response, NSError *_Nullable error);
 
+/**
+ @typedef FIRFinalizePasskeySignInResponseCallback
+ @brief The type of block used to return the result of a call to the finalizePasskeySignIn
+ endpoint.
+ @param response The received response, if any.
+ @param error The error which occurred, if any.
+ @remarks One of response or error will be non-nil.
+ */
+typedef void (^FIRFinalizePasskeySignInResponseCallback)(
+    FIRFinalizePasskeySignInResponse *_Nullable response, NSError *_Nullable error);
+
 /** @class FIRAuthBackend
     @brief Simple static class with methods representing the backend RPCs.
     @remarks All callback blocks passed as method parameters are invoked asynchronously on the
@@ -514,6 +527,14 @@ typedef void (^FIRStartPasskeySignInResponseCallback)(
  */
 + (void)startPasskeySignIn:(FIRStartPasskeySignInRequest *)request
                   callback:(FIRStartPasskeySignInResponseCallback)callback;
+
+/** @fn finalizePasskeySignIn:callback:
+    @brief Sends the platform created public info to the finalizePasskeySignIn endpoint.
+    @param request The request parameters.
+    @param callback The callback.
+ */
++ (void)finalizePasskeySignIn:(FIRFinalizePasskeySignInRequest *)request
+                     callback:(FIRFinalizePasskeySignInResponseCallback)callback;
 #endif
 
 /** @fn revokeToken:callback:
@@ -700,7 +721,6 @@ typedef void (^FIRStartPasskeySignInResponseCallback)(
 - (void)startPasskeyEnrollment:(FIRStartPasskeyEnrollmentRequest *)request
                       callback:(FIRStartPasskeyEnrollmentResponseCallback)callback;
 
-
 /** @fn finalizePasskeyEnrollment:callback:
     @brief Calls the finalizePasskeyEnrollment endpoint, which is responsible for sending the
    platform credential details to GCIP backend to exchange the access token and refresh token.
@@ -717,6 +737,14 @@ typedef void (^FIRStartPasskeySignInResponseCallback)(
  */
 - (void)startPasskeySignIn:(FIRStartPasskeySignInRequest *)request
                   callback:(FIRStartPasskeySignInResponseCallback)callback;
+
+/** @fn finalizePasskeySignIn:callback:
+    @brief Sends the platform created public info to the finalizePasskeySignIn endpoint.
+    @param request The request parameters.
+    @param callback The callback.
+ */
+- (void)finalizePasskeySignIn:(FIRFinalizePasskeySignInRequest *)request
+                     callback:(FIRFinalizePasskeySignInResponseCallback)callback;
 #endif
 
 /** @fn revokeToken:callback:

FirebaseAuth/Sources/Backend/FIRAuthBackend.m

@@ -38,6 +38,8 @@
 #import "FirebaseAuth/Sources/Backend/RPC/FIREmailLinkSignInResponse.h"
 #import "FirebaseAuth/Sources/Backend/RPC/FIRFinalizePasskeyEnrollmentRequest.h"
 #import "FirebaseAuth/Sources/Backend/RPC/FIRFinalizePasskeyEnrollmentResponse.h"
+#import "FirebaseAuth/Sources/Backend/RPC/FIRFinalizePasskeySignInRequest.h"
+#import "FirebaseAuth/Sources/Backend/RPC/FIRFinalizePasskeySignInResponse.h"
 #import "FirebaseAuth/Sources/Backend/RPC/FIRGetAccountInfoRequest.h"
 #import "FirebaseAuth/Sources/Backend/RPC/FIRGetAccountInfoResponse.h"
 #import "FirebaseAuth/Sources/Backend/RPC/FIRGetOOBConfirmationCodeRequest.h"
@@ -685,6 +687,11 @@ + (void)startPasskeySignIn:(FIRStartPasskeySignInRequest *)request
   [[self implementation] startPasskeySignIn:request callback:callback];
 }
 
++ (void)finalizePasskeySignIn:(FIRFinalizePasskeySignInRequest *)request
+                     callback:(FIRFinalizePasskeySignInResponseCallback)callback {
+  [[self implementation] finalizePasskeySignIn:request callback:callback];
+}
+
 + (void)startPasskeyEnrollment:(FIRStartPasskeyEnrollmentRequest *)request
                       callback:(FIRStartPasskeyEnrollmentResponseCallback)callback {
   [[self implementation] startPasskeyEnrollment:request callback:callback];
@@ -1138,6 +1145,20 @@ - (void)startPasskeySignIn:(FIRStartPasskeySignInRequest *)request
                }];
 }
 
+- (void)finalizePasskeySignIn:(FIRFinalizePasskeySignInRequest *)request
+                     callback:(FIRFinalizePasskeySignInResponseCallback)callback {
+  FIRFinalizePasskeySignInResponse *response = [[FIRFinalizePasskeySignInResponse alloc] init];
+  [self callWithRequest:request
+               response:response
+               callback:^(NSError *error) {
+                 if (error) {
+                   callback(nil, error);
+                   return;
+                 }
+                 callback(response, nil);
+               }];
+}
+
 - (void)startPasskeyEnrollment:(FIRStartPasskeyEnrollmentRequest *)request
                       callback:(FIRStartPasskeyEnrollmentResponseCallback)callback {
   FIRStartPasskeyEnrollmentResponse *response = [[FIRStartPasskeyEnrollmentResponse alloc] init];

FirebaseAuth/Sources/Backend/RPC/FIRFinalizePasskeySignInRequest.h

@@ -0,0 +1,66 @@
+/*
+ * Copyright 2023 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#import "FirebaseAuth/Sources/Backend/FIRAuthRPCRequest.h"
+#import "FirebaseAuth/Sources/Backend/FIRIdentityToolkitRequest.h"
+
+NS_ASSUME_NONNULL_BEGIN
+
+/** @class FIRFinalizePasskeySignInRequest
+    @brief Represents the parameters for the finalizePasskeySignIn endpoint.
+ */
+@interface FIRFinalizePasskeySignInRequest : FIRIdentityToolkitRequest <FIRAuthRPCRequest>
+
+/**
+ @property credentialID
+ @brief The credential ID.
+ */
+@property(nonatomic, copy, readonly) NSString *credentialID;
+
+/**
+ @property clientDataJson
+ @brief The CollectedClientData object from the authenticator.
+ */
+@property(nonatomic, copy, readonly) NSString *clientDataJson;
+
+/**
+ @property authenticatorData
+ @brief The AuthenticatorData from the authenticator.
+ */
+@property(nonatomic, copy, readonly) NSString *authenticatorData;
+
+/**
+ @property signature
+ @brief The signature from the authenticator.
+ */
+@property(nonatomic, copy, readonly) NSString *signature;
+
+/**
+ @property userID
+ @brief The user handle
+ */
+@property(nonatomic, copy, readonly) NSString *userID;
+
+- (nullable instancetype)initWithCredentialID:(NSString *)credentialID
+                               clientDataJson:(NSString *)clientDataJson
+                            authenticatorData:(NSString *)authenticatorData
+                                    signature:(NSString *)signature
+                                       userID:(NSString *)userID
+                         requestConfiguration:(FIRAuthRequestConfiguration *)requestConfiguration;
+
+@end
+
+NS_ASSUME_NONNULL_END

FirebaseAuth/Sources/Backend/RPC/FIRFinalizePasskeySignInRequest.m

@@ -0,0 +1,132 @@
+/*
+ * Copyright 2023 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#import "FirebaseAuth/Sources/Backend/RPC/FIRFinalizePasskeySignInRequest.h"
+NS_ASSUME_NONNULL_BEGIN
+
+/**
+ @var kFinalizePasskeySignInEndPoint
+ @brief GCIP endpoint for finalizePasskeySignIn rpc
+ */
+static NSString *const kFinalizePasskeySignInEndPoint = @"accounts/passkeySignIn:finalize";
+
+/**
+ @var kTenantIDKey
+ @brief The key for the tenant id value in the request.
+ */
+static NSString *const kTenantIDKey = @"tenantId";
+
+/**
+ @var kAuthenticatorAuthRespKey
+ @brief The key for authentication response object from the authenticator.
+ */
+static NSString *const kAuthenticatorAuthRespKey = @"authenticatorAuthenticationResponse";
+
+/**
+ @var kCredentialIDKey
+ @brief The key for registered credential identifier.
+ */
+static NSString *const kCredentialIDKey = @"credentialId";
+
+/**
+ @var kAuthAssertionRespKey
+ @brief The key for authentication assertion from the authenticator.
+ */
+static NSString *const kAuthAssertionRespKey = @"authenticatorAssertionResponse";
+
+/**
+ @var kClientDataJsonKey
+ @brief The key for CollectedClientData object from the authenticator.
+ */
+static NSString *const kClientDataJsonKey = @"clientDataJson";
+
+/**
+ @var kAuthenticatorDataKey
+ @brief The key for authenticatorData from the authenticator.
+ */
+static NSString *const kAuthenticatorDataKey = @"authenticatorData";
+
+/**
+ @var kSignatureKey
+ @brief The key for the signature from the authenticator.
+ */
+static NSString *const kSignatureKey = @"signature";
+
+/**
+ @var kUserHandleKey
+ @brief The key for the user handle. This is the same as user ID.
+ */
+static NSString *const kUserHandleKey = @"userHandle";
+
+@implementation FIRFinalizePasskeySignInRequest
+
+- (nullable instancetype)initWithCredentialID:(NSString *)credentialID
+                               clientDataJson:(NSString *)clientDataJson
+                            authenticatorData:(NSString *)authenticatorData
+                                    signature:(NSString *)signature
+                                       userID:(NSString *)userID
+                         requestConfiguration:(FIRAuthRequestConfiguration *)requestConfiguration {
+  self = [super initWithEndpoint:kFinalizePasskeySignInEndPoint
+            requestConfiguration:requestConfiguration];
+  if (self) {
+    self.useIdentityPlatform = YES;
+    _credentialID = credentialID;
+    _clientDataJson = clientDataJson;
+    _authenticatorData = authenticatorData;
+    _signature = signature;
+    _userID = userID;
+  }
+  return self;
+}
+
+- (nullable id)unencodedHTTPRequestBodyWithError:(NSError *__autoreleasing _Nullable *)error {
+  NSMutableDictionary *postBody = [NSMutableDictionary dictionary];
+  NSMutableDictionary *authenticatorAuthResponse = [NSMutableDictionary dictionary];
+  NSMutableDictionary *authAssertionResponse = [NSMutableDictionary dictionary];
+
+  if (self.tenantID) {
+    postBody[kTenantIDKey] = self.tenantID;
+  }
+
+  if (_credentialID) {
+    authenticatorAuthResponse[kCredentialIDKey] = _credentialID;
+  }
+
+  if (_clientDataJson) {
+    authAssertionResponse[kClientDataJsonKey] = _clientDataJson;
+  }
+
+  if (_authenticatorData) {
+    authAssertionResponse[kAuthenticatorDataKey] = _authenticatorData;
+  }
+
+  if (_signature) {
+    authAssertionResponse[kSignatureKey] = _signature;
+  }
+
+  if (_userID) {
+    authAssertionResponse[kUserHandleKey] = _userID;
+  }
+
+  authenticatorAuthResponse[kAuthAssertionRespKey] = authAssertionResponse;
+  postBody[kAuthenticatorAuthRespKey] = authenticatorAuthResponse;
+
+  return [postBody copy];
+}
+
+@end
+
+NS_ASSUME_NONNULL_END

FirebaseAuth/Sources/Backend/RPC/FIRFinalizePasskeySignInResponse.h

@@ -0,0 +1,41 @@
+/*
+ * Copyright 2023 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#import "FirebaseAuth/Sources/Backend/FIRAuthRPCResponse.h"
+
+NS_ASSUME_NONNULL_BEGIN
+
+/**
+ @class FIRFinalizePasskeySignInResponse
+ @brief Represents the response from the finalizePasskeySignIn endpoint.
+ */
+@interface FIRFinalizePasskeySignInResponse : NSObject <FIRAuthRPCResponse>
+
+/**
+ @property idToken
+ @brief The user raw access token.
+ */
+@property(nonatomic, readonly, copy) NSString *idToken;
+
+/**
+ @property refershToken
+ @brief Refresh token for the authenticated user.
+ */
+@property(nonatomic, copy, readonly) NSData *refreshToken;
+
+@end
+
+NS_ASSUME_NONNULL_END