feat: EmailAuthScreen (Stateful + Slot) (#2236)

* feat: AuthMethodPicker, logo and provider theme style

* chore: organize folder structure

* feat: TOS and PP footer, ui tests for AuthMethodPicker

* chore: tests folder structure

* chore: use version catalog for compose deps

* feat: AuthTextField with validation

* test: AuthTextField and field validations

* chore: update doc comments

* wip: Email Provider integration

* chore: upgrade mockito, fix: spying mocked objects in new library

* wip: Email provider integration

* wip: Email provider integration

* wip: Email provider integration

* feat: Email provider integration

* wip: SignIn, SignUp, ResetPassword flows

* refactor: remove libs.versions.toml catalog file

* add sample app compose module

* wip: SignInUI and EmailAuthScreen sample

* feat: Email provider integration

- added: sign in, sign up, reset password, email link and
anonymous auto upgrade
- upgrade mockito
- fixed spying mocked objects in new library test error

* wip: SignUp UI

* feat: add PasswordResetLinkSent state

* fix: use isSecureTextField for password fields

* wip: SignUp

* fix: passwordResetActionCodeSettings for send password reset link

* fix: combine Firebase and internal auth state flows to prioritize non-idle internal updates

* wip: SignUp

* chore: remove unused methods

* chore: remove unused comments and code

* chore: remove unused imports, reformat

* chore: remove comments

* chore: remove comments

* handle authState exceptions

* fix: mockito 5 upgrade stubbing issues

* wip: Email link, deep link

* chore: add copyright message

* refactor: rename to emailLinkActionCodeSettings in AuthProvider.Email and passwordResetActionCodeSettings in AuthUIConfiguration

* feat: add dark theme

* feat: Email sign in link

* fix: test doesn't capture initial Idle state

* fix: CI run issues

* fix: CI run issues

* fix: opt out of edge to edge in app module

* fix: remove opt out of edge to edge in app module

Author: demolaf

auth/src/main/AndroidManifest.xml

@@ -83,8 +83,8 @@
 
         <activity
             android:name=".ui.email.EmailLinkCatcherActivity"
-            android:exported="false"
             android:label=""
+            android:exported="false"
             android:theme="@style/FirebaseUI.Transparent"
             android:windowSoftInputMode="adjustResize" />
 
@@ -119,6 +119,16 @@
             </intent-filter>
         </activity>
 
+        <!-- Email Link Sign-In Handler Activity for Compose -->
+        <!-- IMPORTANT: This activity is NOT exported by default -->
+        <!-- Users must declare this activity with an intent filter in their app's AndroidManifest.xml -->
+        <!-- See documentation for setup instructions -->
+        <activity
+            android:name=".compose.ui.screens.EmailSignInLinkHandlerActivity"
+            android:label=""
+            android:exported="false"
+            android:theme="@style/FirebaseUI.Transparent" />
+
         <provider
             android:name=".data.client.AuthUiInitProvider"
             android:authorities="${applicationId}.authuiinitprovider"

auth/src/main/java/com/firebase/ui/auth/compose/AuthState.kt

@@ -243,6 +243,15 @@ abstract class AuthState private constructor() {
         override fun toString(): String = "AuthState.PasswordResetLinkSent"
     }
 
+    /**
+     * Email sign in link has been sent to the user's email.
+     */
+    class EmailSignInLinkSent : AuthState() {
+        override fun equals(other: Any?): Boolean = other is EmailSignInLinkSent
+        override fun hashCode(): Int = javaClass.hashCode()
+        override fun toString(): String = "AuthState.EmailSignInLinkSent"
+    }
+
     companion object {
         /**
          * Creates an Idle state instance.

auth/src/main/java/com/firebase/ui/auth/compose/FirebaseAuthUI.kt

@@ -27,6 +27,11 @@ import kotlinx.coroutines.channels.awaitClose
 import kotlinx.coroutines.flow.Flow
 import kotlinx.coroutines.flow.MutableStateFlow
 import kotlinx.coroutines.flow.callbackFlow
+import kotlinx.coroutines.flow.combine
+import kotlinx.coroutines.flow.distinctUntilChanged
+import kotlinx.coroutines.flow.drop
+import kotlinx.coroutines.flow.merge
+import kotlinx.coroutines.flow.onStart
 import kotlinx.coroutines.tasks.await
 import java.util.concurrent.ConcurrentHashMap
 
@@ -153,53 +158,58 @@ class FirebaseAuthUI private constructor(
      *
      * @return A [Flow] of [AuthState] that emits authentication state changes
      */
-    fun authStateFlow(): Flow<AuthState> = callbackFlow {
-        // Set initial state based on current auth state
-        val initialState = auth.currentUser?.let { user ->
-            AuthState.Success(result = null, user = user, isNewUser = false)
-        } ?: AuthState.Idle
+    fun authStateFlow(): Flow<AuthState> {
+        // Create a flow from FirebaseAuth state listener
+        val firebaseAuthFlow = callbackFlow {
+            // Set initial state based on current auth state
+            val initialState = auth.currentUser?.let { user ->
+                AuthState.Success(result = null, user = user, isNewUser = false)
+            } ?: AuthState.Idle
 
-        trySend(initialState)
+            trySend(initialState)
 
-        // Create auth state listener
-        val authStateListener = AuthStateListener { firebaseAuth ->
-            val currentUser = firebaseAuth.currentUser
-            val state = if (currentUser != null) {
-                // Check if email verification is required
-                if (!currentUser.isEmailVerified &&
-                    currentUser.email != null &&
-                    currentUser.providerData.any { it.providerId == "password" }
-                ) {
-                    AuthState.RequiresEmailVerification(
-                        user = currentUser,
-                        email = currentUser.email!!
-                    )
+            // Create auth state listener
+            val authStateListener = AuthStateListener { firebaseAuth ->
+                val currentUser = firebaseAuth.currentUser
+                val state = if (currentUser != null) {
+                    // Check if email verification is required
+                    if (!currentUser.isEmailVerified &&
+                        currentUser.email != null &&
+                        currentUser.providerData.any { it.providerId == "password" }
+                    ) {
+                        AuthState.RequiresEmailVerification(
+                            user = currentUser,
+                            email = currentUser.email!!
+                        )
+                    } else {
+                        AuthState.Success(
+                            result = null,
+                            user = currentUser,
+                            isNewUser = false
+                        )
+                    }
                 } else {
-                    AuthState.Success(
-                        result = null,
-                        user = currentUser,
-                        isNewUser = false
-                    )
+                    AuthState.Idle
                 }
-            } else {
-                AuthState.Idle
+                trySend(state)
             }
-            trySend(state)
-        }
 
-        // Add listener
-        auth.addAuthStateListener(authStateListener)
+            // Add listener
+            auth.addAuthStateListener(authStateListener)
 
-        // Also observe internal state changes
-        _authStateFlow.value.let { currentState ->
-            if (currentState !is AuthState.Idle && currentState !is AuthState.Success) {
-                trySend(currentState)
+            // Remove listener when flow collection is cancelled
+            awaitClose {
+                auth.removeAuthStateListener(authStateListener)
             }
         }
 
-        // Remove listener when flow collection is cancelled
-        awaitClose {
-            auth.removeAuthStateListener(authStateListener)
+        // Also observe internal state changes
+        return combine(
+            firebaseAuthFlow,
+            _authStateFlow
+        ) { firebaseState, internalState ->
+            // Prefer non-idle internal states (like PasswordResetLinkSent, Error, etc.)
+            if (internalState !is AuthState.Idle) internalState else firebaseState
         }
     }
 

auth/src/main/java/com/firebase/ui/auth/compose/configuration/AuthUIConfiguration.kt

@@ -44,7 +44,7 @@ class AuthUIConfigurationBuilder {
     var tosUrl: String? = null
     var privacyPolicyUrl: String? = null
     var logo: ImageVector? = null
-    var actionCodeSettings: ActionCodeSettings? = null
+    var passwordResetActionCodeSettings: ActionCodeSettings? = null
     var isNewEmailAccountsAllowed: Boolean = true
     var isDisplayNameRequired: Boolean = true
     var isProviderChoiceAlwaysShown: Boolean = false
@@ -85,17 +85,7 @@ class AuthUIConfigurationBuilder {
         // Provider specific validations
         providers.forEach { provider ->
             when (provider) {
-                is AuthProvider.Email -> {
-                    provider.validate()
-
-                    if (isAnonymousUpgradeEnabled && provider.isEmailLinkSignInEnabled) {
-                        check(provider.isEmailLinkForceSameDeviceEnabled) {
-                            "You must force the same device flow when using email link sign in " +
-                                    "with anonymous user upgrade"
-                        }
-                    }
-                }
-
+                is AuthProvider.Email -> provider.validate(isAnonymousUpgradeEnabled)
                 is AuthProvider.Phone -> provider.validate()
                 is AuthProvider.Google -> provider.validate(context)
                 is AuthProvider.Facebook -> provider.validate(context)
@@ -116,7 +106,7 @@ class AuthUIConfigurationBuilder {
             tosUrl = tosUrl,
             privacyPolicyUrl = privacyPolicyUrl,
             logo = logo,
-            actionCodeSettings = actionCodeSettings,
+            passwordResetActionCodeSettings = passwordResetActionCodeSettings,
             isNewEmailAccountsAllowed = isNewEmailAccountsAllowed,
             isDisplayNameRequired = isDisplayNameRequired,
             isProviderChoiceAlwaysShown = isProviderChoiceAlwaysShown
@@ -184,9 +174,9 @@ class AuthUIConfiguration(
     val logo: ImageVector? = null,
 
     /**
-     * Configuration for email link sign-in.
+     * Configuration for sending email reset link.
      */
-    val actionCodeSettings: ActionCodeSettings? = null,
+    val passwordResetActionCodeSettings: ActionCodeSettings? = null,
 
     /**
      * Allows new email accounts to be created. Defaults to true.

auth/src/main/java/com/firebase/ui/auth/compose/configuration/auth_provider/AuthProvider.kt

@@ -174,7 +174,7 @@ abstract class AuthProvider(open val providerId: String) {
         /**
          * Settings for email link actions.
          */
-        val actionCodeSettings: ActionCodeSettings?,
+        val emailLinkActionCodeSettings: ActionCodeSettings?,
 
         /**
          * Allows new accounts to be created. Defaults to true.
@@ -202,9 +202,11 @@ abstract class AuthProvider(open val providerId: String) {
             val KEY_IDP_SECRET = stringPreferencesKey("com.firebase.ui.auth.data.client.idpSecret")
         }
 
-        internal fun validate() {
+        internal fun validate(
+            isAnonymousUpgradeEnabled: Boolean = false
+        ) {
             if (isEmailLinkSignInEnabled) {
-                val actionCodeSettings = requireNotNull(actionCodeSettings) {
+                val actionCodeSettings = requireNotNull(emailLinkActionCodeSettings) {
                     "ActionCodeSettings cannot be null when using " +
                             "email link sign in."
                 }
@@ -213,6 +215,13 @@ abstract class AuthProvider(open val providerId: String) {
                     "You must set canHandleCodeInApp in your " +
                             "ActionCodeSettings to true for Email-Link Sign-in."
                 }
+
+                if (isAnonymousUpgradeEnabled) {
+                    check(isEmailLinkForceSameDeviceEnabled) {
+                        "You must force the same device flow when using email link sign in " +
+                                "with anonymous user upgrade"
+                    }
+                }
             }
         }
 
@@ -221,11 +230,11 @@ abstract class AuthProvider(open val providerId: String) {
             sessionId: String,
             anonymousUserId: String,
         ): ActionCodeSettings {
-            requireNotNull(actionCodeSettings) {
+            requireNotNull(emailLinkActionCodeSettings) {
                 "ActionCodeSettings is required for email link sign in"
             }
 
-            val continueUrl = continueUrl(actionCodeSettings.url) {
+            val continueUrl = continueUrl(emailLinkActionCodeSettings.url) {
                 appendSessionId(sessionId)
                 appendAnonymousUserId(anonymousUserId)
                 appendForceSameDeviceBit(isEmailLinkForceSameDeviceEnabled)
@@ -234,12 +243,12 @@ abstract class AuthProvider(open val providerId: String) {
 
             return actionCodeSettings {
                 url = continueUrl
-                handleCodeInApp = actionCodeSettings.canHandleCodeInApp()
-                iosBundleId = actionCodeSettings.iosBundle
+                handleCodeInApp = emailLinkActionCodeSettings.canHandleCodeInApp()
+                iosBundleId = emailLinkActionCodeSettings.iosBundle
                 setAndroidPackageName(
-                    actionCodeSettings.androidPackageName ?: "",
-                    actionCodeSettings.androidInstallApp,
-                    actionCodeSettings.androidMinimumVersion
+                    emailLinkActionCodeSettings.androidPackageName ?: "",
+                    emailLinkActionCodeSettings.androidInstallApp,
+                    emailLinkActionCodeSettings.androidMinimumVersion
                 )
             }
         }