feat(auth): support native TOTP app open

mikehardy · mikehardy · commit e5099249870b · 2025-08-28T13:43:41.000-05:00
diff --git a/packages/auth/android/src/main/java/io/invertase/firebase/auth/ReactNativeFirebaseAuthModule.java b/packages/auth/android/src/main/java/io/invertase/firebase/auth/ReactNativeFirebaseAuthModule.java
@@ -1322,6 +1322,14 @@ public void generateQrCodeUrl(
     promise.resolve(secret.generateQrCodeUrl(account, issuer));
   }
 
+  @ReactMethod
+  public void openInOtpApp(final String appName, final String secretKey, final String qrCodeUri) {
+    TotpSecret secret = mTotpSecrets.get(secretKey);
+    if (secret != null) {
+      secret.openInOtpApp(qrCodeUri);
+    }
+  }
+
   @ReactMethod
   public void finalizeTotpEnrollment(
       final String appName,
diff --git a/packages/auth/ios/RNFBAuth/RNFBAuthModule.m b/packages/auth/ios/RNFBAuth/RNFBAuthModule.m
@@ -1041,6 +1041,16 @@ - (void)invalidate {
   resolve(url);
 }
 
+RCT_EXPORT_METHOD(openInOtpApp
+                  : (FIRApp *)firebaseApp
+                  : (NSString *)secretKey
+                  : (NSString *)qrCodeUri) {
+  DLog(@"generateQrCodeUrl using secretKey: %@", secretKey);
+  FIRTOTPSecret *totpSecret = cachedTotpSecrets[secretKey];
+  DLog(@"openInOtpApp using qrCodeUri: %@", qrCodeUri);
+  [totpSecret openInOTPAppWithQRCodeURL:qrCodeUri];
+}
+
 RCT_EXPORT_METHOD(getSession
                   : (FIRApp *)firebaseApp
                   : (RCTPromiseResolveBlock)resolve
diff --git a/packages/auth/lib/TotpSecret.js b/packages/auth/lib/TotpSecret.js
@@ -49,4 +49,19 @@ export class TotpSecret {
     }
     return this.auth.native.generateQrCodeUrl(this.secretKey, accountName, issuer);
   }
+
+  /**
+   * Opens the specified QR Code URL in an OTP authenticator app on the device.
+   * The shared secret key and account name will be populated in the OTP authenticator app.
+   * The URL uses the otpauth:// scheme and will be opened on an app that handles this scheme,
+   * if it exists on the device, possibly opening the ecocystem-specific app store with a generic
+   * query for compatible apps if no app exists on the device.
+   *
+   * @param qrCodeUrl the URL to open in the app, from generateQrCodeUrl
+   */
+  openInOtpApp(qrCodeUrl) {
+    if (isString(qrCodeUrl) && !qrCodeUrl !== '') {
+      return this.auth.native.openInOtpApp(this.secretKey, qrCodeUrl);
+    }
+  }
 }
