Merge pull request #10042 from wordpress-mobile/issue/8754-2fa-oauth-…

…client-error Handle 2FA error for OAuth client during login
wordpress-mobile · Jun 14, 2019 · ea70f1b · ea70f1b
2 parents dbbc0ad + 8e266c9
commit ea70f1b
Show file tree

Hide file tree

Showing 7 changed files with 24 additions and 7 deletions.
diff --git a/README.md b/README.md
@@ -49,7 +49,6 @@ Using another account like [email protected] will cause the `Client cannot use "pass
 
 For security reasons, some account-related actions aren't supported for development 
 builds when using a WordPress.com account with 2-factor authentication enabled.
-There is also currently an [issue](https://github.com/wordpress-mobile/WordPress-Android/issues/8754) where a restart of the app is required to complete login in this case. 
 
 Read more about [OAuth2][6] and the [WordPress.com REST endpoint][7].
 

diff --git a/WordPress/src/main/java/org/wordpress/android/ui/prefs/AccountSettingsFragment.java b/WordPress/src/main/java/org/wordpress/android/ui/prefs/AccountSettingsFragment.java
@@ -301,10 +301,14 @@ public void onAccountChanged(OnAccountChanged event) {
         } else {
             if (event.isError()) {
                 switch (event.error.type) {
-                    case SETTINGS_FETCH_ERROR:
+                    case SETTINGS_FETCH_GENERIC_ERROR:
                         ToastUtils.showToast(getActivity(), R.string.error_fetch_account_settings,
                                 ToastUtils.Duration.LONG);
                         break;
+                    case SETTINGS_FETCH_REAUTHORIZATION_REQUIRED_ERROR:
+                        ToastUtils.showToast(getActivity(), R.string.error_disabled_apis,
+                                ToastUtils.Duration.LONG);
+                        break;
                     case SETTINGS_POST_ERROR:
                         // We usually rely on event.error.type and provide our own localized message.
                         // This case is exceptional because:

diff --git a/WordPress/src/main/java/org/wordpress/android/ui/prefs/AppSettingsFragment.java b/WordPress/src/main/java/org/wordpress/android/ui/prefs/AppSettingsFragment.java
@@ -213,10 +213,14 @@ public void onAccountChanged(OnAccountChanged event) {
 
         if (event.isError()) {
             switch (event.error.type) {
-                case SETTINGS_FETCH_ERROR:
+                case SETTINGS_FETCH_GENERIC_ERROR:
                     ToastUtils
                             .showToast(getActivity(), R.string.error_fetch_account_settings, ToastUtils.Duration.LONG);
                     break;
+                case SETTINGS_FETCH_REAUTHORIZATION_REQUIRED_ERROR:
+                    ToastUtils.showToast(getActivity(), R.string.error_disabled_apis,
+                            ToastUtils.Duration.LONG);
+                    break;
                 case SETTINGS_POST_ERROR:
                     ToastUtils.showToast(getActivity(), R.string.error_post_account_settings, ToastUtils.Duration.LONG);
                     break;

diff --git a/WordPress/src/main/res/values/strings.xml b/WordPress/src/main/res/values/strings.xml
@@ -1480,6 +1480,7 @@
     <string name="error_refresh_unauthorized_posts">You don\'t have permission to view or edit posts</string>
     <string name="error_fetch_my_profile">Couldn\'t retrieve your profile</string>
     <string name="error_fetch_account_settings">Couldn\'t retrieve your account settings</string>
+    <string name="error_disabled_apis">Could not fetch settings: Some APIs are unavailable for this OAuth app ID + account combination.</string>
     <string name="error_post_my_profile_no_connection">No connection, couldn\'t save your profile</string>
     <string name="error_post_account_settings">Couldn\'t save your account settings</string>
     <string name="error_generic">An error occurred</string>

diff --git a/build.gradle b/build.gradle
@@ -105,5 +105,5 @@ buildScan {
 
 ext {
     daggerVersion = '2.22.1'
-    fluxCVersion = '3a44520084671ff0018086933626075b5e323d98'
+    fluxCVersion = '9f07b031646dd3e6021d4b8e0a35647c9109ff27'
 }
diff --git a/...n/WordPressLoginFlow/src/main/java/org/wordpress/android/login/LoginBaseFormFragment.java b/...n/WordPressLoginFlow/src/main/java/org/wordpress/android/login/LoginBaseFormFragment.java
@@ -34,13 +34,15 @@
 import org.wordpress.android.fluxc.generated.AccountActionBuilder;
 import org.wordpress.android.fluxc.generated.SiteActionBuilder;
 import org.wordpress.android.fluxc.store.AccountStore;
+import org.wordpress.android.fluxc.store.AccountStore.AccountErrorType;
 import org.wordpress.android.fluxc.store.AccountStore.OnAccountChanged;
 import org.wordpress.android.fluxc.store.SiteStore;
 import org.wordpress.android.fluxc.store.SiteStore.OnSiteChanged;
 import org.wordpress.android.fluxc.store.SiteStore.SiteErrorType;
 import org.wordpress.android.util.AppLog;
 import org.wordpress.android.util.EditTextUtils;
 import org.wordpress.android.util.ToastUtils;
+import org.wordpress.android.util.ToastUtils.Duration;
 
 import javax.inject.Inject;
 
@@ -291,9 +293,15 @@ public void onAccountChanged(OnAccountChanged event) {
 
         if (event.isError()) {
             AppLog.e(AppLog.T.API, "onAccountChanged has error: " + event.error.type + " - " + event.error.message);
-            ToastUtils.showToast(getContext(), R.string.error_fetch_my_profile);
-            onLoginFinished(false);
-            return;
+            if (event.error.type == AccountErrorType.SETTINGS_FETCH_REAUTHORIZATION_REQUIRED_ERROR) {
+                // This probably means we're logging in to 2FA-enabled account with a non-production WP.com client id.
+                // A few WordPress.com APIs like /me/settings/ won't work for this account.
+                ToastUtils.showToast(getContext(), R.string.error_disabled_apis, Duration.LONG);
+            } else {
+                ToastUtils.showToast(getContext(), R.string.error_fetch_my_profile, Duration.LONG);
+                onLoginFinished(false);
+                return;
+            }
         }
 
         if (event.causeOfChange == AccountAction.FETCH_ACCOUNT) {

diff --git a/libs/login/WordPressLoginFlow/src/main/res/values/strings.xml b/libs/login/WordPressLoginFlow/src/main/res/values/strings.xml
@@ -82,6 +82,7 @@
     <string name="cannot_add_duplicate_site">This site already exists in the app, you can\'t add it.</string>
     <string name="duplicate_site_detected">A duplicate site has been detected.</string>
     <string name="error_fetch_my_profile">Couldn\'t retrieve your profile</string>
+    <string name="error_disabled_apis">Could not fetch settings: Some APIs are unavailable for this OAuth app ID + account combination.</string>
     <string name="login_to_to_connect_jetpack">Log in to the WordPress.com account you used to connect Jetpack.</string>
     <string name="auth_required">Log in again to continue.</string>
     <string name="checking_email">Checking email</string>