fix(auth, ios): reject multi-factor API call if session not found

mikehardy · mikehardy · commit 87922807d9ac · 2024-05-14T16:19:16.000-05:00
behavior should mirror what android native MFA does with this change
diff --git a/packages/auth/ios/RNFBAuth/RNFBAuthModule.m b/packages/auth/ios/RNFBAuth/RNFBAuthModule.m
@@ -892,8 +892,15 @@ - (void)invalidate {
   DLog(@"verifyPhoneNumberForMultifactor phoneNumber: %@", phoneNumber);
   DLog(@"verifyPhoneNumberForMultifactor sessionId: %@", sessionId);
   FIRMultiFactorSession *session = cachedSessions[sessionId];
-  DLog(@"using instance VerifyPhoneNumberForMultifactor: %@",
-       firebaseApp.name)[[FIRPhoneAuthProvider providerWithAuth:[FIRAuth authWithApp:firebaseApp]]
+  if (session == nil) {
+    [RNFBSharedUtils rejectPromiseWithUserInfo:reject
+                                      userInfo:(NSMutableDictionary *)@{
+                                        @"code" : @"invalid-multi-factor-session",
+                                        @"message" : @"can't find session for provided key"
+                                      }];
+    return;
+  }
+  [[FIRPhoneAuthProvider providerWithAuth:[FIRAuth authWithApp:firebaseApp]]
        verifyPhoneNumber:phoneNumber
               UIDelegate:nil
       multiFactorSession:session
