Addressing review comments and adding some Unit test

Author: mansisampat

packages/auth/src/api/authentication/exchange_token.test.ts

@@ -1,6 +1,6 @@
 /**
  * @license
- * Copyright 2020 Google LLC
+ * Copyright 2025 Google LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

packages/auth/src/api/authentication/exchange_token.ts

@@ -1,6 +1,6 @@
 /**
  * @license
- * Copyright 2020 Google LLC
+ * Copyright 2025 Google LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

packages/auth/src/api/index.test.ts

@@ -24,7 +24,10 @@ import sinonChai from 'sinon-chai';
 import { FirebaseError, getUA } from '@firebase/util';
 import * as utils from '@firebase/util';
 
-import { mockEndpoint } from '../../test/helpers/api/helper';
+import {
+  mockEndpoint,
+  mockRegionalEndpointWithParent
+} from '../../test/helpers/api/helper';
 import {
   regionalTestAuth,
   testAuth,
@@ -605,26 +608,113 @@ describe('api/_performApiRequest', () => {
   });
 
   context('throws Operation not allowed exception', () => {
-    it('when tenantConfig is not initialized and Regional Endpoint is used', async () => {
+    it('when tenantConfig is initialized and default Endpoint is used', async () => {
       await expect(
-        _performRegionalApiRequest<typeof request, typeof serverResponse>(
-          auth,
+        _performApiRequest<typeof request, typeof serverResponse>(
+          regionalAuth,
           HttpMethod.POST,
-          RegionalEndpoint.EXCHANGE_TOKEN,
+          Endpoint.SIGN_UP,
           request
         )
       ).to.be.rejectedWith(
         FirebaseError,
         'Firebase: Operations not allowed for the auth object initialized. (auth/operation-not-allowed).'
       );
     });
+  });
+});
 
-    it('when tenantConfig is initialized and default Endpoint is used', async () => {
+describe('api/_performRegionalApiRequest', () => {
+  const request = {
+    requestKey: 'request-value'
+  };
+
+  const serverResponse = {
+    responseKey: 'response-value'
+  };
+
+  let auth: TestAuth;
+  let regionalAuth: TestAuth;
+
+  beforeEach(async () => {
+    auth = await testAuth();
+    regionalAuth = await regionalTestAuth();
+  });
+
+  afterEach(() => {
+    sinon.restore();
+  });
+
+  context('with regular requests', () => {
+    beforeEach(mockFetch.setUp);
+    afterEach(mockFetch.tearDown);
+    it('should set the correct request, method and HTTP Headers', async () => {
+      const mock = mockRegionalEndpointWithParent(
+        RegionalEndpoint.EXCHANGE_TOKEN,
+        'test-parent',
+        serverResponse
+      );
+      const response = await _performRegionalApiRequest<
+        typeof request,
+        typeof serverResponse
+      >(
+        regionalAuth,
+        HttpMethod.POST,
+        RegionalEndpoint.EXCHANGE_TOKEN,
+        request,
+        {},
+        'test-parent'
+      );
+      expect(response).to.eql(serverResponse);
+      expect(mock.calls.length).to.eq(1);
+      expect(mock.calls[0].method).to.eq(HttpMethod.POST);
+      expect(mock.calls[0].request).to.eql(request);
+      expect(mock.calls[0].headers!.get(HttpHeader.CONTENT_TYPE)).to.eq(
+        'application/json'
+      );
+      expect(mock.calls[0].headers!.get(HttpHeader.X_CLIENT_VERSION)).to.eq(
+        'testSDK/0.0.0'
+      );
+      expect(mock.calls[0].fullRequest?.credentials).to.be.undefined;
+    });
+
+    it('should include whatever headers the auth impl attaches', async () => {
+      sinon.stub(regionalAuth, '_getAdditionalHeaders').returns(
+        Promise.resolve({
+          'look-at-me-im-a-header': 'header-value',
+          'anotherheader': 'header-value-2'
+        })
+      );
+
+      const mock = mockRegionalEndpointWithParent(
+        RegionalEndpoint.EXCHANGE_TOKEN,
+        'test-parent',
+        serverResponse
+      );
+      await _performRegionalApiRequest<typeof request, typeof serverResponse>(
+        regionalAuth,
+        HttpMethod.POST,
+        RegionalEndpoint.EXCHANGE_TOKEN,
+        request,
+        {},
+        'test-parent'
+      );
+      expect(mock.calls[0].headers.get('look-at-me-im-a-header')).to.eq(
+        'header-value'
+      );
+      expect(mock.calls[0].headers.get('anotherheader')).to.eq(
+        'header-value-2'
+      );
+    });
+  });
+
+  context('throws Operation not allowed exception', () => {
+    it('when tenantConfig is not initialized and Regional Endpoint is used', async () => {
       await expect(
-        _performApiRequest<typeof request, typeof serverResponse>(
-          regionalAuth,
+        _performRegionalApiRequest<typeof request, typeof serverResponse>(
+          auth,
           HttpMethod.POST,
-          Endpoint.SIGN_UP,
+          RegionalEndpoint.EXCHANGE_TOKEN,
           request
         )
       ).to.be.rejectedWith(

packages/auth/src/core/strategies/exchange_token.test.ts

@@ -1,6 +1,6 @@
 /**
  * @license
- * Copyright 2020 Google LLC
+ * Copyright 2025 Google LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

packages/auth/src/core/strategies/exhange_token.ts

@@ -1,6 +1,6 @@
 /**
  * @license
- * Copyright 2020 Google LLC
+ * Copyright 2025 Google LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -27,8 +27,8 @@ import { _castAuth } from '../auth/auth_impl';
  * for an OidcToken i.e. Outbound Access Token.
  *
  * @remarks
- * This method is implemented only for {@link DefaultConfig.REGIONAL_API_HOST}
- * and requires {@link TenantConfig} to be configured in the {@link Auth} instance used.
+ * This method is implemented only for `DefaultConfig.REGIONAL_API_HOST` and
+ * requires {@link TenantConfig} to be configured in the {@link Auth} instance used.
  *
  * Fails with an error if the token is invalid, expired, or not accepted by the Firebase Auth service.
  *

packages/auth/src/model/public_types.ts

@@ -185,7 +185,7 @@ export interface Auth {
   readonly config: Config;
   /**
    * The {@link TenantConfig} used to initialize a Regional Auth. This is only present
-   * if regional auth is initialized and {@link DefaultConfig.REGIONAL_API_HOST}
+   * if regional auth is initialized and `DefaultConfig.REGIONAL_API_HOST`
    * backend endpoint is used.
    */
   readonly tenantConfig?: TenantConfig;
@@ -1269,7 +1269,7 @@ export interface Dependencies {
   /**
    * The {@link TenantConfig} to use. This dependency is only required
    * if you want to use regional auth which works with
-   * {@link DefaultConfig.REGIONAL_API_HOST} endpoint. It should not be set otherwise.
+   * `DefaultConfig.REGIONAL_API_HOST`` endpoint. It should not be set otherwise.
    */
   tenantConfig?: TenantConfig;
 }

packages/auth/test/helpers/api/helper.ts

@@ -63,5 +63,6 @@ export function mockRegionalEndpointWithParent(
   status = 200
 ): Route {
   const url = `${TEST_SCHEME}://${TEST_HOST}${parent}${endpoint}`;
+  console.log('here ', url);
   return mock(url, response, status);
 }