diff options
Diffstat (limited to 'Firebase/Auth')
| -rw-r--r-- | Firebase/Auth/Source/FIRAuth.m | 32 |
1 files changed, 27 insertions, 5 deletions
diff --git a/Firebase/Auth/Source/FIRAuth.m b/Firebase/Auth/Source/FIRAuth.m index d4ced9c..1930957 100644 --- a/Firebase/Auth/Source/FIRAuth.m +++ b/Firebase/Auth/Source/FIRAuth.m @@ -112,6 +112,10 @@ static NSString *const kHandleCodeInAppFalseExceptionReason = @"You must set handleCodeInApp in your ActionCodeSettings to true for Email-link " "Authentication."; +static NSString *const kInvalidEmailSignInLinkExceptionMessage = + @"The link provided is not valid for email/link sign-in. Please check the link by calling " + "isSignInWithEmailLink:link: on Auth before attempting to use it for email/link sign-in."; + /** @var kPasswordResetRequestType @brief The action code type value for resetting password in the check action code response. */ @@ -655,8 +659,16 @@ static NSMutableDictionary *gKeychainServiceNameForAppName; - (void)internalSignInWithEmail:(nonnull NSString *)email link:(nonnull NSString *)link callback:(nullable FIRAuthResultCallback)callback { - NSURLComponents *urlComponents = [NSURLComponents componentsWithString:link]; - NSDictionary<NSString *, NSString *> *queryItems = FIRAuthParseURL(urlComponents.query); + if (![self isSignInWithEmailLink:link]) { + [FIRAuthExceptionUtils raiseInvalidParameterExceptionWithReason: + kInvalidEmailSignInLinkExceptionMessage]; + return; + } + NSDictionary<NSString *, NSString *> *queryItems = FIRAuthParseURL(link); + if (![queryItems count]) { + NSURLComponents *urlComponents = [NSURLComponents componentsWithString:link]; + queryItems = FIRAuthParseURL(urlComponents.query); + } NSString *actionCode = queryItems[@"oobCode"]; FIREmailLinkSignInRequest *request = @@ -1206,11 +1218,18 @@ static NSMutableDictionary *gKeychainServiceNameForAppName; if (link.length == 0) { return NO; } - NSURLComponents *urlComponents = [NSURLComponents componentsWithString:link]; - if (!urlComponents.query) { + NSDictionary<NSString *, NSString *> *queryItems = FIRAuthParseURL(link); + if (![queryItems count]) { + NSURLComponents *urlComponents = [NSURLComponents componentsWithString:link]; + if (!urlComponents.query) { + return NO; + } + queryItems = FIRAuthParseURL(urlComponents.query); + } + + if (![queryItems count]) { return NO; } - NSDictionary<NSString *, NSString *> *queryItems = FIRAuthParseURL(urlComponents.query); NSString *actionCode = queryItems[@"oobCode"]; NSString *mode = queryItems[@"mode"]; @@ -1228,6 +1247,9 @@ static NSMutableDictionary *gKeychainServiceNameForAppName; */ static NSDictionary<NSString *, NSString *> *FIRAuthParseURL(NSString *urlString) { NSString *linkURL = [NSURLComponents componentsWithString:urlString].query; + if (!linkURL) { + return @{}; + } NSArray<NSString *> *URLComponents = [linkURL componentsSeparatedByString:@"&"]; NSMutableDictionary<NSString *, NSString *> *queryItems = [[NSMutableDictionary alloc] initWithCapacity:URLComponents.count]; |