Fix tests and lint

etc/firebase-admin.auth.api.md

@@ -439,6 +439,7 @@ export interface UpdateProjectConfigRequest {
 
 // @public
 export interface UpdateRequest {
+    customUserClaims?: object | null;
     disabled?: boolean;
     displayName?: string | null;
     email?: string;

src/auth/auth-api-request.ts

@@ -1405,7 +1405,8 @@ export abstract class AbstractAuthRequestHandler {
             'providersToUnlink of properties argument must be an array of strings.');
         }
       });
-    } else if ((typeof properties.customUserClaims !== 'undefined') && !validator.isObject(properties.customUserClaims)) {
+    } else if ((typeof properties.customUserClaims !== 'undefined') 
+      && !validator.isObject(properties.customUserClaims)) {
       return Promise.reject(
         new FirebaseAuthError(
           AuthClientErrorCode.INVALID_ARGUMENT,

src/auth/auth-config.ts

@@ -191,7 +191,8 @@ export interface UpdateRequest {
 
   /**
    * If provided, sets additional developer claims on the user's token, overwriting
-   * any existing claims. If not provided or `undefined`, then existing claims will remain unchanged.
+   * any existing claims. Providing `null` will clear any existing custom claims.
+   * If not provided or `undefined`, then existing claims will remain unchanged.
    */
   customUserClaims?: object | null;
 }

test/unit/auth/auth-api-request.spec.ts

@@ -2045,7 +2045,8 @@ AUTH_REQUEST_HANDLER_TESTS.forEach((handler) => {
         password: 'password',
         phoneNumber: '+11234567890',
         customUserClaims: {
-          claim1: true,
+          admin: true,
+          groupId: '123',
         },
         multiFactor: {
           enrolledFactors: [
@@ -2079,7 +2080,7 @@ AUTH_REQUEST_HANDLER_TESTS.forEach((handler) => {
         photoUrl: 'http://localhost/1234/photo.png',
         password: 'password',
         phoneNumber: '+11234567890',
-        customAttributes: '{"claim1":true}',
+        customAttributes: JSON.stringify({ admin: true, groupId: '123' }),
         mfa: {
           enrollments: [
             {
@@ -2110,6 +2111,7 @@ AUTH_REQUEST_HANDLER_TESTS.forEach((handler) => {
         disableUser: false,
         password: 'password',
         phoneNumber: '+11234567890',
+        customAttributes: JSON.stringify({ admin: true, groupId: '123' }),
         deleteAttribute: ['DISPLAY_NAME', 'PHOTO_URL'],
       };
       // Valid request to delete phoneNumber.
@@ -2124,12 +2126,13 @@ AUTH_REQUEST_HANDLER_TESTS.forEach((handler) => {
         disableUser: false,
         photoUrl: 'http://localhost/1234/photo.png',
         password: 'password',
+        customAttributes: JSON.stringify({ admin: true, groupId: '123' }),
         deleteProvider: ['phone'],
       };
       // Valid request to delete custom claims.
       const validDeleteCustomClaimsData = deepCopy(validData);
       validDeleteCustomClaimsData.customUserClaims = null;
-      delete validDeletePhoneNumberData.multiFactor;
+      delete validDeleteCustomClaimsData.multiFactor;
       const expectedValidDeleteCustomClaimsData = {
         localId: uid,
         displayName: 'John Doe',
@@ -2138,7 +2141,8 @@ AUTH_REQUEST_HANDLER_TESTS.forEach((handler) => {
         disableUser: false,
         photoUrl: 'http://localhost/1234/photo.png',
         password: 'password',
-        customAttributes: '{}',
+        phoneNumber: '+11234567890',
+        customAttributes: JSON.stringify({}),
       };
       // Valid request to leave custom claims unchanged.
       const validUnchangedCustomClaimsData = deepCopy(validData);
@@ -2152,6 +2156,7 @@ AUTH_REQUEST_HANDLER_TESTS.forEach((handler) => {
         disableUser: false,
         photoUrl: 'http://localhost/1234/photo.png',
         password: 'password',
+        phoneNumber: '+11234567890',
       };
       // Valid request to delete all second factors.
       const expectedValidDeleteMfaData = {
@@ -2265,13 +2270,12 @@ AUTH_REQUEST_HANDLER_TESTS.forEach((handler) => {
         stubs.push(stub);
 
         const requestHandler = handler.init(mockApp);
-        // Send update request to delete phone number.
+        // Send update request to delete custom claims.
         return requestHandler.updateExistingAccount(uid, validDeleteCustomClaimsData)
           .then((returnedUid: string) => {
             // uid should be returned.
             expect(returnedUid).to.be.equal(uid);
-            // Confirm expected rpc request parameters sent. In this case, phoneNumber
-            // removed from request and deleteProvider added.
+            // Confirm expected rpc request parameters sent. In this case, customAttributes added.
             expect(stub).to.have.been.calledOnce.and.calledWith(
               callParams(path, method, expectedValidDeleteCustomClaimsData));
           });
@@ -2288,13 +2292,12 @@ AUTH_REQUEST_HANDLER_TESTS.forEach((handler) => {
         stubs.push(stub);
 
         const requestHandler = handler.init(mockApp);
-        // Send update request to delete phone number.
+        // Send update request to update account excluding custom claims.
         return requestHandler.updateExistingAccount(uid, validUnchangedCustomClaimsData)
           .then((returnedUid: string) => {
             // uid should be returned.
             expect(returnedUid).to.be.equal(uid);
-            // Confirm expected rpc request parameters sent. In this case, phoneNumber
-            // removed from request and deleteProvider added.
+            // Confirm expected rpc request parameters sent. In this case, customAttributes removed.
             expect(stub).to.have.been.calledOnce.and.calledWith(
               callParams(path, method, expectedValidUnchangedCustomClaimsData));
           });