Add app ID header to Firebase Auth

FirebaseAuth/CHANGELOG.md

@@ -1,3 +1,6 @@
+# Unreleased
+- [changed] Added a `X-Firebase-GMPID` header to network requests.
+
 # 8.9.0
 - [changed] Improved error logging. (#8704)
 - [added] Added MFA support for email link sign-in. (#8705)

FirebaseAuth/Sources/Auth/FIRAuth.m

@@ -453,7 +453,7 @@ + (FIRAuth *)authWithApp:(FIRApp *)app {
 
 - (instancetype)initWithApp:(FIRApp *)app {
   [FIRAuth setKeychainServiceNameForApp:app];
-  self = [self initWithAPIKey:app.options.APIKey appName:app.name];
+  self = [self initWithAPIKey:app.options.APIKey appName:app.name appID:app.options.googleAppID];
   if (self) {
     _app = app;
 #if TARGET_OS_IOS
@@ -463,11 +463,13 @@ - (instancetype)initWithApp:(FIRApp *)app {
   return self;
 }
 
-- (nullable instancetype)initWithAPIKey:(NSString *)APIKey appName:(NSString *)appName {
+- (nullable instancetype)initWithAPIKey:(NSString *)APIKey
+                                appName:(NSString *)appName
+                                  appID:(NSString *)appID {
   self = [super init];
   if (self) {
     _listenerHandles = [NSMutableArray array];
-    _requestConfiguration = [[FIRAuthRequestConfiguration alloc] initWithAPIKey:APIKey];
+    _requestConfiguration = [[FIRAuthRequestConfiguration alloc] initWithAPIKey:APIKey appID:appID];
     _firebaseAppName = [appName copy];
 #if TARGET_OS_IOS
     _settings = [[FIRAuthSettings alloc] init];

FirebaseAuth/Sources/Auth/FIRAuth_Internal.h

@@ -66,9 +66,11 @@ NS_ASSUME_NONNULL_BEGIN
     @brief Designated initializer.
     @param APIKey The Google Developers Console API key for making requests from your app.
     @param appName The name property of the previously created @c FIRApp instance.
+    @param appID The app ID of the Firebase application.
  */
 - (nullable instancetype)initWithAPIKey:(NSString *)APIKey
-                                appName:(NSString *)appName NS_DESIGNATED_INITIALIZER;
+                                appName:(NSString *)appName
+                                  appID:(NSString *)appID NS_DESIGNATED_INITIALIZER;
 
 /** @fn getUserID
     @brief Gets the identifier of the current user, if any.

FirebaseAuth/Sources/Backend/FIRAuthBackend.m

@@ -88,6 +88,11 @@
  */
 static NSString *const kFirebaseLocalHeader = @"X-Firebase-Locale";
 
+/** @var kFirebaseAppIDHeader
+    @brief HTTP header name for the Firebase app ID.
+ */
+static NSString *const kFirebaseAppIDHeader = @"X-Firebase-GMPID";
+
 /** @var kFirebaseAuthCoreFrameworkMarker
     @brief The marker in the HTTP header that indicates the request comes from Firebase Auth Core.
  */
@@ -640,6 +645,8 @@ - (void)asyncPostToURLWithRequestConfiguration:(FIRAuthRequestConfiguration *)re
   [request setValue:clientVersion forHTTPHeaderField:kClientVersionHeader];
   NSString *bundleID = [[NSBundle mainBundle] bundleIdentifier];
   [request setValue:bundleID forHTTPHeaderField:kIosBundleIdentifierHeader];
+  NSString *appID = requestConfiguration.appID;
+  [request setValue:appID forHTTPHeaderField:kFirebaseAppIDHeader];
 
   NSArray<NSString *> *preferredLocalizations = [NSBundle mainBundle].preferredLocalizations;
   if (preferredLocalizations.count) {

FirebaseAuth/Sources/Backend/FIRAuthRequestConfiguration.h

@@ -30,6 +30,11 @@ NS_ASSUME_NONNULL_BEGIN
  */
 @property(nonatomic, copy, readonly) NSString *APIKey;
 
+/** @property appID
+    @brief The Firebase appID used in the request.
+ */
+@property(nonatomic, copy, readonly) NSString *appID;
+
 /** @property LanguageCode
     @brief The language code used in the request.
  */
@@ -47,11 +52,13 @@ NS_ASSUME_NONNULL_BEGIN
 
 - (instancetype)init NS_UNAVAILABLE;
 
-/** @fn initWithRequestClass:APIKey:authLanguage:
+/** @fn initWithAPIKey:appID:
     @brief Designated initializer.
     @param APIKey The API key to be used in the request.
+    @param appID The Firebase app ID to be passed in the request header.
  */
-- (nullable instancetype)initWithAPIKey:(NSString *)APIKey NS_DESIGNATED_INITIALIZER;
+- (nullable instancetype)initWithAPIKey:(NSString *)APIKey
+                                  appID:(NSString *)appID NS_DESIGNATED_INITIALIZER;
 @end
 
 NS_ASSUME_NONNULL_END

FirebaseAuth/Sources/Backend/FIRAuthRequestConfiguration.m

@@ -22,10 +22,11 @@
 
 @implementation FIRAuthRequestConfiguration
 
-- (nullable instancetype)initWithAPIKey:(NSString *)APIKey {
+- (nullable instancetype)initWithAPIKey:(NSString *)APIKey appID:(NSString *)appID {
   self = [super init];
   if (self) {
     _APIKey = [APIKey copy];
+    _appID = [appID copy];
   }
   return self;
 }

FirebaseAuth/Sources/User/FIRUser.m

@@ -118,6 +118,11 @@
  */
 static NSString *const kAPIKeyCodingKey = @"APIKey";
 
+/** @var kFirebaseAppIDCodingKey
+    @brief The key used to encode the appID instance variable for NSSecureCoding.
+ */
+static NSString *const kFirebaseAppIDCodingKey = @"firebaseAppID";
+
 /** @var kTokenServiceCodingKey
     @brief The key used to encode the tokenService instance variable for NSSecureCoding.
  */
@@ -345,6 +350,7 @@ - (nullable instancetype)initWithCoder:(NSCoder *)aDecoder {
                                                      forKey:kMetadataCodingKey];
   NSString *tenantID = [aDecoder decodeObjectOfClass:[NSString class] forKey:kTenantIDCodingKey];
   NSString *APIKey = [aDecoder decodeObjectOfClass:[NSString class] forKey:kAPIKeyCodingKey];
+  NSString *appID = [aDecoder decodeObjectOfClass:[NSString class] forKey:kFirebaseAppIDCodingKey];
 #if TARGET_OS_IOS
   FIRMultiFactor *multiFactor = [aDecoder decodeObjectOfClass:[FIRMultiFactor class]
                                                        forKey:kMultiFactorCodingKey];
@@ -368,7 +374,7 @@ - (nullable instancetype)initWithCoder:(NSCoder *)aDecoder {
     _phoneNumber = phoneNumber;
     _metadata = metadata ?: [[FIRUserMetadata alloc] initWithCreationDate:nil lastSignInDate:nil];
     _tenantID = tenantID;
-    _requestConfiguration = [[FIRAuthRequestConfiguration alloc] initWithAPIKey:APIKey];
+    _requestConfiguration = [[FIRAuthRequestConfiguration alloc] initWithAPIKey:APIKey appID:appID];
 #if TARGET_OS_IOS
     _multiFactor = multiFactor ?: [[FIRMultiFactor alloc] init];
 #endif
@@ -389,6 +395,7 @@ - (void)encodeWithCoder:(NSCoder *)aCoder {
   [aCoder encodeObject:_metadata forKey:kMetadataCodingKey];
   [aCoder encodeObject:_tenantID forKey:kTenantIDCodingKey];
   [aCoder encodeObject:_auth.requestConfiguration.APIKey forKey:kAPIKeyCodingKey];
+  [aCoder encodeObject:_auth.requestConfiguration.appID forKey:kFirebaseAppIDCodingKey];
   [aCoder encodeObject:_tokenService forKey:kTokenServiceCodingKey];
 #if TARGET_OS_IOS
   [aCoder encodeObject:_multiFactor forKey:kMultiFactorCodingKey];

FirebaseAuth/Tests/Unit/FIRAuthBackendCreateAuthURITests.m

@@ -37,6 +37,11 @@
  */
 static NSString *const kTestAPIKey = @"apikey_value";
 
+/** @var kTestFirebaseAppID
+    @brief A test value for the Firebase app ID
+ */
+static NSString *const kTestFirebaseAppID = @"appID";
+
 /** @var kTestExpectedRequestURL
     @brief The URL we are expecting should be requested by valid requests.
  */
@@ -69,7 +74,7 @@ - (void)testRequestAndResponseEncoding {
   FIRFakeBackendRPCIssuer *RPCIssuer = [[FIRFakeBackendRPCIssuer alloc] init];
   [FIRAuthBackend setDefaultBackendImplementationWithRPCIssuer:RPCIssuer];
   FIRAuthRequestConfiguration *requestConfiguration =
-      [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey];
+      [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey appID:kTestFirebaseAppID];
   FIRCreateAuthURIRequest *request =
       [[FIRCreateAuthURIRequest alloc] initWithIdentifier:kTestIdentifier
                                               continueURI:kTestContinueURI

FirebaseAuth/Tests/Unit/FIRAuthBackendRPCImplementationTests.m

@@ -35,6 +35,11 @@
  */
 static NSString *const kFakeAPIkey = @"FAKE_API_KEY";
 
+/** @var kFakeFirebaseAppID
+    @brief Used as a fake Firebase app ID for a fake RPC request. We don't test this here.
+ */
+static NSString *const kFakeFirebaseAppID = @"FAKE_APP_ID";
+
 /** @var kFakeErrorDomain
     @brief A value to use for fake @c NSErrors.
  */
@@ -226,7 +231,7 @@ - (BOOL)containsPostBody {
 
 - (FIRAuthRequestConfiguration *)requestConfiguration {
   FIRAuthRequestConfiguration *fakeConfiguration =
-      [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kFakeAPIkey];
+      [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kFakeAPIkey appID:kFakeFirebaseAppID];
   return fakeConfiguration;
 }
 

FirebaseAuth/Tests/Unit/FIRAuthTests.m

@@ -80,6 +80,11 @@
  */
 static NSString *const kAPIKey = @"FAKE_API_KEY";
 
+/** @var kFirebaseAppID
+    @brief The fake Firebase app ID.
+ */
+static NSString *const kFirebaseAppID = @"FAKE_APP_ID";
+
 /** @var kAccessToken
     @brief The fake access token.
  */
@@ -1860,7 +1865,8 @@ - (void)testUpdateCurrentUserFailure {
   [self waitForSignInWithAccessToken:kTestAccessToken APIKey:kTestAPIKey completion:nil];
   NSString *kTestAPIKey2 = @"fakeAPIKey2";
   FIRUser *user2 = [FIRAuth auth].currentUser;
-  user2.requestConfiguration = [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey2];
+  user2.requestConfiguration = [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey2
+                                                                             appID:kFirebaseAppID];
   OCMExpect([_mockBackend getAccountInfo:[OCMArg any] callback:[OCMArg any]])
       .andDispatchError2([FIRAuthErrorUtils invalidAPIKeyError]);
   XCTestExpectation *expectation = [self expectationWithDescription:@"callback"];
@@ -1883,7 +1889,8 @@ - (void)testUpdateCurrentUserFailureNetworkError {
   [self waitForSignInWithAccessToken:kTestAccessToken APIKey:kTestAPIKey completion:nil];
   NSString *kTestAPIKey2 = @"fakeAPIKey2";
   FIRUser *user2 = [FIRAuth auth].currentUser;
-  user2.requestConfiguration = [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey2];
+  user2.requestConfiguration = [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey2
+                                                                             appID:kFirebaseAppID];
   NSError *underlyingError = [NSError errorWithDomain:@"Test Error" code:1 userInfo:nil];
   OCMExpect([_mockBackend getAccountInfo:[OCMArg any] callback:[OCMArg any]])
       .andDispatchError2([FIRAuthErrorUtils networkErrorWithUnderlyingError:underlyingError]);
@@ -1973,7 +1980,8 @@ - (void)testUpdateCurrentUserSuccess {
 
   FIRUser *user1 = [FIRAuth auth].currentUser;
   NSString *kTestAPIKey = @"fakeAPIKey";
-  user1.requestConfiguration = [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey];
+  user1.requestConfiguration = [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey
+                                                                             appID:kFirebaseAppID];
   [[FIRAuth auth] signOut:nil];
 
   NSString *kTestAccessToken2 = @"fakeAccessToken2";
@@ -2641,7 +2649,8 @@ - (void)waitForSignInWithAccessToken:(NSString *)accessToken
                          password:kFakePassword
                        completion:^(FIRAuthDataResult *_Nullable result, NSError *_Nullable error) {
                          result.user.requestConfiguration =
-                             [[FIRAuthRequestConfiguration alloc] initWithAPIKey:APIKey];
+                             [[FIRAuthRequestConfiguration alloc] initWithAPIKey:APIKey
+                                                                           appID:kFirebaseAppID];
                          [expectation fulfill];
                          if (completion) {
                            completion(result.user, error);

FirebaseAuth/Tests/Unit/FIRCreateAuthURIRequestTests.m

@@ -28,6 +28,11 @@
  */
 static NSString *const kTestAPIKey = @"APIKey";
 
+/** @var kTestFirebaseAppID
+    @brief Fake Firebase app ID used for testing.
+ */
+static NSString *const kTestFirebaseAppID = @"appID";
+
 /** @var kTestAuthUri
     @brief The test value of the "authURI" property in the json response.
  */
@@ -85,7 +90,7 @@ - (void)tearDown {
  */
 - (void)testEmailVerificationRequest {
   FIRAuthRequestConfiguration *requestConfiguration =
-      [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey];
+      [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey appID:kTestFirebaseAppID];
   FIRCreateAuthURIRequest *request =
       [[FIRCreateAuthURIRequest alloc] initWithIdentifier:kTestIdentifier
                                               continueURI:kTestContinueURI

FirebaseAuth/Tests/Unit/FIRCreateAuthURIResponseTests.m

@@ -28,6 +28,11 @@
  */
 static NSString *const kTestAPIKey = @"APIKey";
 
+/** @var kTestFirebaseAppID
+    @brief Fake Firebase app ID used for testing.
+ */
+static NSString *const kTestFirebaseAppID = @"appID";
+
 /** @var kAuthUriKey
     @brief The name of the "authURI" property in the json response.
  */
@@ -86,7 +91,8 @@ - (void)setUp {
   FIRFakeBackendRPCIssuer *RPCIssuer = [[FIRFakeBackendRPCIssuer alloc] init];
   [FIRAuthBackend setDefaultBackendImplementationWithRPCIssuer:RPCIssuer];
   _RPCIssuer = RPCIssuer;
-  _requestConfiguration = [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey];
+  _requestConfiguration = [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey
+                                                                        appID:kTestFirebaseAppID];
 }
 
 - (void)tearDown {

FirebaseAuth/Tests/Unit/FIRDeleteAccountRequestTests.m

@@ -28,6 +28,11 @@
  */
 static NSString *const kTestAPIKey = @"APIKey";
 
+/** @var kTestFirebaseAppID
+    @brief Fake Firebase app ID used for testing.
+ */
+static NSString *const kTestFirebaseAppID = @"appID";
+
 /** @var kLocalID
     @brief Fake LocalID used for testing.
  */
@@ -80,7 +85,7 @@ - (void)tearDown {
  */
 - (void)testDeleteAccountRequest {
   FIRAuthRequestConfiguration *requestConfiguration =
-      [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey];
+      [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey appID:kTestFirebaseAppID];
   FIRDeleteAccountRequest *request =
       [[FIRDeleteAccountRequest alloc] initWitLocalID:kLocalID
                                           accessToken:kAccessToken

FirebaseAuth/Tests/Unit/FIRDeleteAccountResponseTests.m

@@ -28,6 +28,11 @@
  */
 static NSString *const kTestAPIKey = @"APIKey";
 
+/** @var kTestFirebaseAppID
+    @brief Fake Firebase app ID used for testing.
+ */
+static NSString *const kTestFirebaseAppID = @"appID";
+
 /** @var kLocalID
     @brief Fake LocalID used for testing.
  */
@@ -78,7 +83,8 @@ - (void)setUp {
   FIRFakeBackendRPCIssuer *RPCIssuer = [[FIRFakeBackendRPCIssuer alloc] init];
   [FIRAuthBackend setDefaultBackendImplementationWithRPCIssuer:RPCIssuer];
   _RPCIssuer = RPCIssuer;
-  _requestConfiguration = [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey];
+  _requestConfiguration = [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey
+                                                                        appID:kTestFirebaseAppID];
 }
 
 - (void)tearDown {

FirebaseAuth/Tests/Unit/FIREmailLinkRequestTests.m

@@ -31,6 +31,11 @@
  */
 static NSString *const kTestAPIKey = @"APIKey";
 
+/** @var kTestFirebaseAppID
+    @brief Fake Firebase app ID used for testing.
+ */
+static NSString *const kTestFirebaseAppID = @"appID";
+
 /** @var kTestEmail
     @brief The key for the "email" value in the request.
  */
@@ -91,7 +96,8 @@ - (void)setUp {
   FIRFakeBackendRPCIssuer *RPCIssuer = [[FIRFakeBackendRPCIssuer alloc] init];
   [FIRAuthBackend setDefaultBackendImplementationWithRPCIssuer:RPCIssuer];
   _RPCIssuer = RPCIssuer;
-  _requestConfiguration = [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey];
+  _requestConfiguration = [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey
+                                                                        appID:kTestFirebaseAppID];
 }
 
 - (void)tearDown {

FirebaseAuth/Tests/Unit/FIREmailLinkSignInResponseTests.m

@@ -32,6 +32,11 @@
  */
 static NSString *const kTestAPIKey = @"APIKey";
 
+/** @var kTestFirebaseAppID
+    @brief Fake Firebase app ID used for testing.
+ */
+static NSString *const kTestFirebaseAppID = @"appID";
+
 /** @var kTestEmail
     @brief The key for the "email" value in the request.
  */
@@ -122,7 +127,8 @@ - (void)setUp {
   FIRFakeBackendRPCIssuer *RPCIssuer = [[FIRFakeBackendRPCIssuer alloc] init];
   [FIRAuthBackend setDefaultBackendImplementationWithRPCIssuer:RPCIssuer];
   _RPCIssuer = RPCIssuer;
-  _requestConfiguration = [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey];
+  _requestConfiguration = [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey
+                                                                        appID:kTestFirebaseAppID];
 }
 
 /** @fn testFailedEmailLinkSignInResponse

FirebaseAuth/Tests/Unit/FIRGetAccountInfoRequestTests.m

@@ -27,6 +27,11 @@
  */
 static NSString *const kTestAPIKey = @"APIKey";
 
+/** @var kTestFirebaseAppID
+    @brief Fake Firebase app ID used for testing.
+ */
+static NSString *const kTestFirebaseAppID = @"appID";
+
 /** @var kIDTokenKey
     @brief The key for the "idToken" value in the request. This is actually the STS Access Token,
         despite it's confusing (backwards compatiable) parameter name.
@@ -72,7 +77,7 @@ - (void)tearDown {
  */
 - (void)testGetAccountInfoRequest {
   FIRAuthRequestConfiguration *requestConfiguration =
-      [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey];
+      [[FIRAuthRequestConfiguration alloc] initWithAPIKey:kTestAPIKey appID:kTestFirebaseAppID];
   FIRGetAccountInfoRequest *request =
       [[FIRGetAccountInfoRequest alloc] initWithAccessToken:kTestAccessToken
                                        requestConfiguration:requestConfiguration];