feat(auth): TOTP macOS support

cbenhagen · cbenhagen · commit 65a1fb867bd5 · 2025-07-19T10:47:06.000+02:00
diff --git a/packages/firebase_auth/firebase_auth/ios/firebase_auth/Sources/firebase_auth/FLTFirebaseAuthPlugin.m b/packages/firebase_auth/firebase_auth/ios/firebase_auth/Sources/firebase_auth/FLTFirebaseAuthPlugin.m
@@ -101,7 +101,6 @@ @interface FLTFirebaseAuthPlugin ()
 @end
 
 @implementation FLTFirebaseAuthPlugin {
-#if TARGET_OS_IPHONE
   // Map an id to a MultiFactorSession object.
   NSMutableDictionary<NSString *, FIRMultiFactorSession *> *_multiFactorSessionMap;
 
@@ -114,8 +113,6 @@ @implementation FLTFirebaseAuthPlugin {
   // Map an id to a MultiFactorResolver object.
   NSMutableDictionary<NSString *, FIRTOTPSecret *> *_multiFactorTotpSecretMap;
 
-#endif
-
   NSObject<FlutterBinaryMessenger> *_binaryMessenger;
   NSMutableDictionary<NSString *, FlutterEventChannel *> *_eventChannels;
   NSMutableDictionary<NSString *, NSObject<FlutterStreamHandler> *> *_streamHandlers;
@@ -133,13 +130,10 @@ - (instancetype)init:(NSObject<FlutterBinaryMessenger> *)messenger {
     _eventChannels = [NSMutableDictionary dictionary];
     _streamHandlers = [NSMutableDictionary dictionary];
 
-#if TARGET_OS_IPHONE
     _multiFactorSessionMap = [NSMutableDictionary dictionary];
     _multiFactorResolverMap = [NSMutableDictionary dictionary];
     _multiFactorAssertionMap = [NSMutableDictionary dictionary];
     _multiFactorTotpSecretMap = [NSMutableDictionary dictionary];
-
-#endif
   }
   return self;
 }
@@ -156,13 +150,10 @@ + (void)registerWithRegistrar:(NSObject<FlutterPluginRegistrar> *)registrar {
   [registrar addApplicationDelegate:instance];
   SetUpFirebaseAuthHostApi(registrar.messenger, instance);
   SetUpFirebaseAuthUserHostApi(registrar.messenger, instance);
-
-#if TARGET_OS_IPHONE
   SetUpMultiFactorUserHostApi(registrar.messenger, instance);
   SetUpMultiFactoResolverHostApi(registrar.messenger, instance);
   SetUpMultiFactorTotpHostApi(registrar.messenger, instance);
   SetUpMultiFactorTotpSecretHostApi(registrar.messenger, instance);
-#endif
 }
 
 + (FlutterError *)convertToFlutterError:(NSError *)error {
@@ -509,11 +500,6 @@ - (void)handleMultiFactorError:(AuthPigeonFirebaseApp *)app
                     completion:(nonnull void (^)(PigeonUserCredential *_Nullable,
                                                  FlutterError *_Nullable))completion
                      withError:(NSError *_Nullable)error {
-#if TARGET_OS_OSX
-  completion(nil, [FlutterError errorWithCode:@"second-factor-required"
-                                      message:error.description
-                                      details:nil]);
-#else
   FIRMultiFactorResolver *resolver =
       (FIRMultiFactorResolver *)error.userInfo[FIRAuthErrorUserInfoMultiFactorResolverKey];
 
@@ -554,7 +540,6 @@ - (void)handleMultiFactorError:(AuthPigeonFirebaseApp *)app
   completion(nil, [FlutterError errorWithCode:@"second-factor-required"
                                       message:error.description
                                       details:output]);
-#endif
 }
 
 static void launchAppleSignInRequest(FLTFirebaseAuthPlugin *object, AuthPigeonFirebaseApp *app,
@@ -835,13 +820,11 @@ - (void)ensureAPNSTokenSetting {
 #endif
 }
 
-#if !TARGET_OS_OSX
 - (FIRMultiFactor *)getAppMultiFactorFromPigeon:(nonnull AuthPigeonFirebaseApp *)app {
   FIRAuth *auth = [self getFIRAuthFromAppNameFromPigeon:app];
   FIRUser *currentUser = auth.currentUser;
   return currentUser.multiFactor;
 }
-#endif
 
 - (nonnull ASPresentationAnchor)presentationAnchorForAuthorizationController:
     (nonnull ASAuthorizationController *)controller API_AVAILABLE(macos(10.15), ios(13.0)) {
@@ -852,12 +835,16 @@ - (nonnull ASPresentationAnchor)presentationAnchorForAuthorizationController:
 #endif
 }
 
-#if TARGET_OS_IPHONE
-
 - (void)enrollPhoneApp:(nonnull AuthPigeonFirebaseApp *)app
              assertion:(nonnull PigeonPhoneMultiFactorAssertion *)assertion
            displayName:(nullable NSString *)displayName
             completion:(nonnull void (^)(FlutterError *_Nullable))completion {
+#if TARGET_OS_OSX
+  completion([FlutterError errorWithCode:@"unsupported-platform"
+                                 message:@"Phone authentication is not supported on macOS"
+                                 details:nil]);
+#else
+
   FIRMultiFactor *multiFactor = [self getAppMultiFactorFromPigeon:app];
 
   FIRPhoneAuthCredential *credential =
@@ -879,6 +866,7 @@ - (void)enrollPhoneApp:(nonnull AuthPigeonFirebaseApp *)app
                                                            details:nil]);
                           }
                         }];
+#endif
 }
 
 - (void)getEnrolledFactorsApp:(nonnull AuthPigeonFirebaseApp *)app
@@ -969,10 +957,12 @@ - (void)resolveSignInResolverId:(nonnull NSString *)resolverId
   FIRMultiFactorAssertion *multiFactorAssertion;
 
   if (assertion != nil) {
+#if TARGET_OS_IPHONE
     FIRPhoneAuthCredential *credential =
         [[FIRPhoneAuthProvider provider] credentialWithVerificationID:[assertion verificationId]
                                                      verificationCode:[assertion verificationCode]];
     multiFactorAssertion = [FIRPhoneMultiFactorGenerator assertionWithCredential:credential];
+#endif
   } else if (totpAssertionId != nil) {
     multiFactorAssertion = _multiFactorAssertionMap[totpAssertionId];
   } else {
@@ -1065,8 +1055,6 @@ - (void)openInOtpAppSecretKey:(nonnull NSString *)secretKey
   completion(nil);
 }
 
-#endif
-
 - (void)applyActionCodeApp:(nonnull AuthPigeonFirebaseApp *)app
                       code:(nonnull NSString *)code
                 completion:(nonnull void (^)(FlutterError *_Nullable))completion {
diff --git a/packages/firebase_auth/firebase_auth/ios/firebase_auth/Sources/firebase_auth/PigeonParser.m b/packages/firebase_auth/firebase_auth/ios/firebase_auth/Sources/firebase_auth/PigeonParser.m
@@ -82,15 +82,13 @@ + (PigeonAdditionalUserInfo *)getPigeonAdditionalUserInfo:(nonnull FIRAdditional
                                              profile:userInfo.profile];
 }
 
-#if TARGET_OS_IPHONE
 + (PigeonTotpSecret *)getPigeonTotpSecret:(FIRTOTPSecret *)secret {
   return [PigeonTotpSecret makeWithCodeIntervalSeconds:nil
                                             codeLength:nil
                           enrollmentCompletionDeadline:nil
                                       hashingAlgorithm:nil
                                              secretKey:secret.sharedSecretKey];
 }
-#endif
 
 + (PigeonAuthCredential *)getPigeonAuthCredential:(FIRAuthCredential *)authCredential
                                             token:(NSNumber *_Nullable)token {
diff --git a/packages/firebase_auth/firebase_auth/ios/firebase_auth/Sources/firebase_auth/include/Private/PigeonParser.h b/packages/firebase_auth/firebase_auth/ios/firebase_auth/Sources/firebase_auth/include/Private/PigeonParser.h
@@ -25,9 +25,7 @@
     (nullable PigeonActionCodeSettings *)settings;
 + (PigeonUserCredential *_Nullable)getPigeonUserCredentialFromFIRUser:(nonnull FIRUser *)user;
 + (PigeonIdTokenResult *_Nonnull)parseIdTokenResult:(nonnull FIRAuthTokenResult *)tokenResult;
-#if TARGET_OS_IPHONE
 + (PigeonTotpSecret *_Nonnull)getPigeonTotpSecret:(nonnull FIRTOTPSecret *)secret;
-#endif
 + (PigeonAuthCredential *_Nullable)getPigeonAuthCredential:
                                        (FIRAuthCredential *_Nullable)authCredentialToken
                                                      token:(NSNumber *_Nullable)token;
diff --git a/packages/firebase_auth/firebase_auth/lib/src/user.dart b/packages/firebase_auth/firebase_auth/lib/src/user.dart
@@ -673,11 +673,9 @@ class User {
   }
 
   MultiFactor get multiFactor {
-    if (!kIsWeb &&
-        (defaultTargetPlatform == TargetPlatform.macOS ||
-            defaultTargetPlatform == TargetPlatform.windows)) {
+    if (!kIsWeb && (defaultTargetPlatform == TargetPlatform.windows)) {
       throw UnimplementedError(
-        'MultiFactor Authentication is only supported on web, Android and iOS.',
+        'MultiFactor Authentication is only supported on web, Android, iOS and macOS.',
       );
     }
     return _multiFactor ??= MultiFactor._(_delegate.multiFactor);
diff --git a/packages/firebase_auth/firebase_auth/macos/firebase_auth/Package.swift b/packages/firebase_auth/firebase_auth/macos/firebase_auth/Package.swift
@@ -93,7 +93,7 @@ let package = Package(
     .library(name: "firebase-auth", targets: ["firebase_auth"]),
   ],
   dependencies: [
-    .package(url: "https://github.com/firebase/firebase-ios-sdk", from: firebase_sdk_version),
+    .package(url: "https://github.com/cbenhagen/firebase-ios-sdk", branch: "11.15.0-totp"),
     .package(url: "https://github.com/firebase/flutterfire", exact: shared_spm_version),
   ],
   targets: [

Original file line number	Diff line number	Diff line change
`@@ -82,15 +82,13 @@ + (PigeonAdditionalUserInfo *)getPigeonAdditionalUserInfo:(nonnull FIRAdditional`
`82`	`82`	`profile:userInfo.profile];`
`83`	`83`	`}`
`84`	`84`
`85`		`-#if TARGET_OS_IPHONE`
`86`	`85`	`+ (PigeonTotpSecret )getPigeonTotpSecret:(FIRTOTPSecret )secret {`
`87`	`86`	`return [PigeonTotpSecret makeWithCodeIntervalSeconds:nil`
`88`	`87`	`codeLength:nil`
`89`	`88`	`enrollmentCompletionDeadline:nil`
`90`	`89`	`hashingAlgorithm:nil`
`91`	`90`	`secretKey:secret.sharedSecretKey];`
`92`	`91`	`}`
`93`		`-#endif`
`94`	`92`
`95`	`93`	`+ (PigeonAuthCredential )getPigeonAuthCredential:(FIRAuthCredential )authCredential`
`96`	`94`	`token:(NSNumber *_Nullable)token {`
Original file line number	Diff line number	Diff line change
`@@ -673,11 +673,9 @@ class User {`
`673`	`673`	`}`
`674`	`674`
`675`	`675`	`MultiFactor get multiFactor {`
`676`		`- if (!kIsWeb &&`
`677`		`- (defaultTargetPlatform == TargetPlatform.macOS \|\|`
`678`		`- defaultTargetPlatform == TargetPlatform.windows)) {`
	`676`	`+ if (!kIsWeb && (defaultTargetPlatform == TargetPlatform.windows)) {`
`679`	`677`	`throw UnimplementedError(`
`680`		`- 'MultiFactor Authentication is only supported on web, Android and iOS.',`
	`678`	`+ 'MultiFactor Authentication is only supported on web, Android, iOS and macOS.',`
`681`	`679`	`);`
`682`	`680`	`}`
`683`	`681`	`return _multiFactor ??= MultiFactor._(_delegate.multiFactor);`