Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Handle 2FA error for OAuth client during login #10042

Merged
merged 6 commits into from
Jun 14, 2019
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,6 @@ Using another account like [email protected] will cause the `Client cannot use "pass

For security reasons, some account-related actions aren't supported for development
builds when using a WordPress.com account with 2-factor authentication enabled.
There is also currently an [issue](https://github.com/wordpress-mobile/WordPress-Android/issues/8754) where a restart of the app is required to complete login in this case.

Read more about [OAuth2][6] and the [WordPress.com REST endpoint][7].

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -301,10 +301,14 @@ public void onAccountChanged(OnAccountChanged event) {
} else {
if (event.isError()) {
switch (event.error.type) {
case SETTINGS_FETCH_ERROR:
case SETTINGS_FETCH_GENERIC_ERROR:
ToastUtils.showToast(getActivity(), R.string.error_fetch_account_settings,
ToastUtils.Duration.LONG);
break;
case SETTINGS_FETCH_REAUTHORIZATION_REQUIRED_ERROR:
ToastUtils.showToast(getActivity(), R.string.error_disabled_apis,
ToastUtils.Duration.LONG);
break;
case SETTINGS_POST_ERROR:
// We usually rely on event.error.type and provide our own localized message.
// This case is exceptional because:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -213,10 +213,14 @@ public void onAccountChanged(OnAccountChanged event) {

if (event.isError()) {
switch (event.error.type) {
case SETTINGS_FETCH_ERROR:
case SETTINGS_FETCH_GENERIC_ERROR:
ToastUtils
.showToast(getActivity(), R.string.error_fetch_account_settings, ToastUtils.Duration.LONG);
break;
case SETTINGS_FETCH_REAUTHORIZATION_REQUIRED_ERROR:
ToastUtils.showToast(getActivity(), R.string.error_disabled_apis,
ToastUtils.Duration.LONG);
break;
case SETTINGS_POST_ERROR:
ToastUtils.showToast(getActivity(), R.string.error_post_account_settings, ToastUtils.Duration.LONG);
break;
Expand Down
1 change: 1 addition & 0 deletions WordPress/src/main/res/values/strings.xml
Original file line number Diff line number Diff line change
Expand Up @@ -1480,6 +1480,7 @@
<string name="error_refresh_unauthorized_posts">You don\'t have permission to view or edit posts</string>
<string name="error_fetch_my_profile">Couldn\'t retrieve your profile</string>
<string name="error_fetch_account_settings">Couldn\'t retrieve your account settings</string>
<string name="error_disabled_apis">Could not fetch settings: Some APIs are unavailable for this OAuth app ID + account combination.</string>
<string name="error_post_my_profile_no_connection">No connection, couldn\'t save your profile</string>
<string name="error_post_account_settings">Couldn\'t save your account settings</string>
<string name="error_generic">An error occurred</string>
Expand Down
2 changes: 1 addition & 1 deletion build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -105,5 +105,5 @@ buildScan {

ext {
daggerVersion = '2.22.1'
fluxCVersion = '3a44520084671ff0018086933626075b5e323d98'
fluxCVersion = '9f07b031646dd3e6021d4b8e0a35647c9109ff27'
}
Original file line number Diff line number Diff line change
Expand Up @@ -34,13 +34,15 @@
import org.wordpress.android.fluxc.generated.AccountActionBuilder;
import org.wordpress.android.fluxc.generated.SiteActionBuilder;
import org.wordpress.android.fluxc.store.AccountStore;
import org.wordpress.android.fluxc.store.AccountStore.AccountErrorType;
import org.wordpress.android.fluxc.store.AccountStore.OnAccountChanged;
import org.wordpress.android.fluxc.store.SiteStore;
import org.wordpress.android.fluxc.store.SiteStore.OnSiteChanged;
import org.wordpress.android.fluxc.store.SiteStore.SiteErrorType;
import org.wordpress.android.util.AppLog;
import org.wordpress.android.util.EditTextUtils;
import org.wordpress.android.util.ToastUtils;
import org.wordpress.android.util.ToastUtils.Duration;

import javax.inject.Inject;

Expand Down Expand Up @@ -291,9 +293,15 @@ public void onAccountChanged(OnAccountChanged event) {

if (event.isError()) {
AppLog.e(AppLog.T.API, "onAccountChanged has error: " + event.error.type + " - " + event.error.message);
ToastUtils.showToast(getContext(), R.string.error_fetch_my_profile);
onLoginFinished(false);
return;
if (event.error.type == AccountErrorType.SETTINGS_FETCH_REAUTHORIZATION_REQUIRED_ERROR) {
// This probably means we're logging in to 2FA-enabled account with a non-production WP.com client id.
// A few WordPress.com APIs like /me/settings/ won't work for this account.
ToastUtils.showToast(getContext(), R.string.error_disabled_apis, Duration.LONG);
} else {
ToastUtils.showToast(getContext(), R.string.error_fetch_my_profile, Duration.LONG);
onLoginFinished(false);
return;
}
}

if (event.causeOfChange == AccountAction.FETCH_ACCOUNT) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,7 @@
<string name="cannot_add_duplicate_site">This site already exists in the app, you can\'t add it.</string>
<string name="duplicate_site_detected">A duplicate site has been detected.</string>
<string name="error_fetch_my_profile">Couldn\'t retrieve your profile</string>
<string name="error_disabled_apis">Could not fetch settings: Some APIs are unavailable for this OAuth app ID + account combination.</string>
<string name="login_to_to_connect_jetpack">Log in to the WordPress.com account you used to connect Jetpack.</string>
<string name="auth_required">Log in again to continue.</string>
<string name="checking_email">Checking email</string>
Expand Down