firebase · bojeil-google · Aug 13, 2019 · Aug 9, 2019 · Aug 9, 2019 · Aug 9, 2019
diff --git a/src/auth/auth.ts b/src/auth/auth.ts
@@ -34,7 +34,7 @@ import {
   AuthProviderConfig, AuthProviderConfigFilter, ListProviderConfigResults, UpdateAuthProviderRequest,
   SAMLConfig, OIDCConfig, OIDCConfigServerResponse, SAMLConfigServerResponse,
 } from './auth-config';
-import {Tenant, TenantOptions, ListTenantsResult, TenantServerResponse} from './tenant';
+import {TenantManager} from './tenant-manager';
 
 
 /**
@@ -722,7 +722,7 @@ export class TenantAwareAuth extends BaseAuth<TenantAwareAuthRequestHandler> {
  */
 export class Auth extends BaseAuth<AuthRequestHandler> implements FirebaseServiceInterface {
   public INTERNAL: AuthInternals = new AuthInternals();
-  private readonly tenantsMap: {[key: string]: TenantAwareAuth};
+  private readonly tenantManager_: TenantManager;
   private readonly app_: FirebaseApp;
 
   /**
@@ -751,7 +751,7 @@ export class Auth extends BaseAuth<AuthRequestHandler> implements FirebaseServic
         new AuthRequestHandler(app),
         cryptoSignerFromApp(app));
     this.app_ = app;
-    this.tenantsMap = {};
+    this.tenantManager_ = new TenantManager(app);
   }
 
   /**
@@ -763,107 +763,8 @@ export class Auth extends BaseAuth<AuthRequestHandler> implements FirebaseServic
     return this.app_;
   }
 
-  /**
-   * Returns a TenantAwareAuth instance for the corresponding tenant ID.
-   *
-   * @param {string} tenantId The tenant ID whose TenantAwareAuth is to be returned.
-   * @return {TenantAwareAuth} The corresponding TenantAwareAuth instance.
-   */
-  public forTenant(tenantId: string): TenantAwareAuth {
-    if (!validator.isNonEmptyString(tenantId)) {
-      throw new FirebaseAuthError(AuthClientErrorCode.INVALID_TENANT_ID);
-    }
-    if (typeof this.tenantsMap[tenantId] === 'undefined') {
-      this.tenantsMap[tenantId] = new TenantAwareAuth(this.app, tenantId);
-    }
-    return this.tenantsMap[tenantId];
-  }
-
-  /**
-   * Looks up the tenant identified by the provided tenant ID and returns a promise that is
-   * fulfilled with the corresponding tenant if it is found.
-   *
-   * @param {string} tenantId The tenant ID of the tenant to look up.
-   * @return {Promise<Tenant>} A promise that resolves with the corresponding tenant.
-   */
-  public getTenant(tenantId: string): Promise<Tenant> {
-    return this.authRequestHandler.getTenant(tenantId)
-      .then((response: TenantServerResponse) => {
-        return new Tenant(response);
-      });
-  }
-
-  /**
-   * Exports a batch of tenant accounts. Batch size is determined by the maxResults argument.
-   * Starting point of the batch is determined by the pageToken argument.
-   *
-   * @param {number=} maxResults The page size, 1000 if undefined. This is also the maximum
-   *     allowed limit.
-   * @param {string=} pageToken The next page token. If not specified, returns users starting
-   *     without any offset.
-   * @return {Promise<{users: Tenant[], pageToken?: string}>} A promise that resolves with
-   *     the current batch of downloaded tenants and the next page token. For the last page, an
-   *     empty list of tenants and no page token are returned.
-   */
-  public listTenants(
-      maxResults?: number,
-      pageToken?: string): Promise<ListTenantsResult> {
-    return this.authRequestHandler.listTenants(maxResults, pageToken)
-      .then((response: {tenants: TenantServerResponse[], nextPageToken?: string}) => {
-        // List of tenants to return.
-        const tenants: Tenant[] = [];
-        // Convert each user response to a Tenant.
-        response.tenants.forEach((tenantResponse: TenantServerResponse) => {
-          tenants.push(new Tenant(tenantResponse));
-        });
-        // Return list of tenants and the next page token if available.
-        const result = {
-          tenants,
-          pageToken: response.nextPageToken,
-        };
-        // Delete result.pageToken if undefined.
-        if (typeof result.pageToken === 'undefined') {
-          delete result.pageToken;
-        }
-        return result;
-      });
-  }
-
-  /**
-   * Deletes the tenant identified by the provided tenant ID and returns a promise that is
-   * fulfilled when the tenant is found and successfully deleted.
-   *
-   * @param {string} tenantId The tenant ID of the tenant to delete.
-   * @return {Promise<void>} A promise that resolves when the tenant is successfully deleted.
-   */
-  public deleteTenant(tenantId: string): Promise<void> {
-    return this.authRequestHandler.deleteTenant(tenantId);
-  }
-
-  /**
-   * Creates a new tenant with the properties provided.
-   *
-   * @param {TenantOptions} tenantOptions The properties to set on the new tenant to be created.
-   * @return {Promise<Tenant>} A promise that resolves with the newly created tenant.
-   */
-  public createTenant(tenantOptions: TenantOptions): Promise<Tenant> {
-    return this.authRequestHandler.createTenant(tenantOptions)
-      .then((response: TenantServerResponse) => {
-        return new Tenant(response);
-      });
-  }
-
-  /**
-   * Updates an existing tenant identified by the tenant ID with the properties provided.
-   *
-   * @param {string} tenantId The tenant identifier of the tenant to update.
-   * @param {TenantOptions} tenantOptions The properties to update on the existing tenant.
-   * @return {Promise<Tenant>} A promise that resolves with the modified tenant.
-   */
-  public updateTenant(tenantId: string, tenantOptions: TenantOptions): Promise<Tenant> {
-    return this.authRequestHandler.updateTenant(tenantId, tenantOptions)
-      .then((response: TenantServerResponse) => {
-        return new Tenant(response);
-      });
+  /** @return The current Auth instance's tenant manager. */
+  public tenantManager(): TenantManager {
+    return this.tenantManager_;
   }
 }
diff --git a/src/index.d.ts b/src/index.d.ts
@@ -1928,7 +1928,7 @@ declare namespace admin.auth {
    * tenant.
    *
    * `TenantAwareAuth` instances for a specific `tenantId` can be instantiated by calling
-   * `auth.forTenant(tenantId)`.
+   * `auth.tenantManager().authForTenant(tenantId)`.
    */
   interface TenantAwareAuth extends BaseAuth {
 
@@ -1943,12 +1943,30 @@ declare namespace admin.auth {
   interface Auth extends admin.auth.BaseAuth {
     app: admin.app.App;
 
+    /**
+     * @return The tenant manager instance associated with the current project.
+     */
+    tenantManager(): admin.auth.TenantManager;
+  }
+
+  /**
+   * Defines the tenant manager used to help manage tenant related operations.
+   * This includes:
+   * <ul>
+   * <li>The ability to create, update, list, get and delete tenants for the underlying
+   *     project.</li>
+   * <li>Getting a `TenantAwareAuth` instance for running Auth related operations
+   *     (user management, provider configuration management, token verification,
+   *     email link generation, etc) in the context of a specified tenant.</li>
+   * </ul>
+   */
+  interface TenantManager {
     /** 
      * @param tenantId The tenant ID whose `TenantAwareAuth` instance is to be returned.
      *
      * @return The `TenantAwareAuth` instance corresponding to this tenant identifier.
      */
-    forTenant(tenantId: string): admin.auth.TenantAwareAuth;
+    authForTenant(tenantId: string): admin.auth.TenantAwareAuth;
 
     /**
      * Gets the tenant configuration for the tenant corresponding to a given `tenantId`.

diff --git a/test/integration/auth.spec.ts b/test/integration/auth.spec.ts
@@ -486,13 +486,14 @@ describe('admin.auth', () => {
       const promises: Array<Promise<any>> = [];
       createdTenants.forEach((tenantId) => {
         promises.push(
-            admin.auth().deleteTenant(tenantId).catch((error) => {/** Ignore. */}));
+            admin.auth().tenantManager().deleteTenant(tenantId)
+                .catch((error) => {/** Ignore. */}));
       });
       return Promise.all(promises);
     });
 
     it('createTenant() should resolve with a new tenant', () => {
-      return admin.auth().createTenant(tenantOptions)
+      return admin.auth().tenantManager().createTenant(tenantOptions)
         .then((actualTenant) => {
           createdTenantId = actualTenant.tenantId;
           createdTenants.push(createdTenantId);
@@ -520,7 +521,7 @@ describe('admin.auth', () => {
       const rawSalt = 'NaCl';
 
       before(() => {
-        tenantAwareAuth = admin.auth().forTenant(createdTenantId);
+        tenantAwareAuth = admin.auth().tenantManager().authForTenant(createdTenantId);
       });
 
       // Delete test user at the end of test suite.
@@ -678,7 +679,7 @@ describe('admin.auth', () => {
       };
 
       before(() => {
-        tenantAwareAuth = admin.auth().forTenant(createdTenantId);
+        tenantAwareAuth = admin.auth().tenantManager().authForTenant(createdTenantId);
       });
 
       // Delete SAML configuration at the end of test suite.
@@ -730,7 +731,7 @@ describe('admin.auth', () => {
       };
 
       before(() => {
-        tenantAwareAuth = admin.auth().forTenant(createdTenantId);
+        tenantAwareAuth = admin.auth().tenantManager().authForTenant(createdTenantId);
       });
 
       // Delete OIDC configuration at the end of test suite.
@@ -766,7 +767,7 @@ describe('admin.auth', () => {
     });
 
     it('getTenant() should resolve with expected tenant', () => {
-      return admin.auth().getTenant(createdTenantId)
+      return admin.auth().tenantManager().getTenant(createdTenantId)
         .then((actualTenant) => {
           expect(actualTenant.toJSON()).to.deep.equal(expectedCreatedTenant);
         });
@@ -787,10 +788,10 @@ describe('admin.auth', () => {
           passwordRequired: false,
         },
       };
-      return admin.auth().updateTenant(createdTenantId, updatedOptions)
+      return admin.auth().tenantManager().updateTenant(createdTenantId, updatedOptions)
         .then((actualTenant) => {
           expect(actualTenant.toJSON()).to.deep.equal(expectedUpdatedTenant);
-          return admin.auth().updateTenant(createdTenantId, updatedOptions2);
+          return admin.auth().tenantManager().updateTenant(createdTenantId, updatedOptions2);
         })
         .then((actualTenant) => {
           expect(actualTenant.toJSON()).to.deep.equal(expectedUpdatedTenant2);
@@ -802,7 +803,7 @@ describe('admin.auth', () => {
       const tenantOptions2 = deepCopy(tenantOptions);
       tenantOptions2.displayName = 'testTenant2';
       const listAllTenantIds = (tenantIds: string[], nextPageToken?: string): Promise<void> => {
-        return admin.auth().listTenants(100, nextPageToken)
+        return admin.auth().tenantManager().listTenants(100, nextPageToken)
           .then((result) => {
             result.tenants.forEach((tenant) => {
               tenantIds.push(tenant.tenantId);
@@ -812,7 +813,7 @@ describe('admin.auth', () => {
             }
           });
       };
-      return admin.auth().createTenant(tenantOptions2)
+      return admin.auth().tenantManager().createTenant(tenantOptions2)
         .then((actualTenant) => {
           createdTenants.push(actualTenant.tenantId);
           // Test listTenants returns the expected tenants.
@@ -827,9 +828,9 @@ describe('admin.auth', () => {
     });
 
     it('deleteTenant() should successfully delete the provided tenant', () => {
-      return admin.auth().deleteTenant(createdTenantId)
+      return admin.auth().tenantManager().deleteTenant(createdTenantId)
         .then(() => {
-          return admin.auth().getTenant(createdTenantId);
+          return admin.auth().tenantManager().getTenant(createdTenantId);
         })
         .then((result) => {
           throw new Error('unexpected success');