Merge pull request #8543 from woocommerce/feat/8453-show-alert-for-inaccessible-login-url

REST API: Show alert for inaccessible login or admin URL

Author: itsmeichigo

Networking/Networking/ApplicationPassword/ApplicationPasswordUseCase.swift

@@ -8,6 +8,7 @@ public enum ApplicationPasswordUseCaseError: Error {
     case duplicateName
     case applicationPasswordsDisabled
     case failedToConstructLoginOrAdminURLUsingSiteAddress
+    case unauthorizedRequest
 }
 
 public struct ApplicationPassword {
@@ -163,6 +164,8 @@ private extension DefaultApplicationPasswordUseCase {
                         continuation.resume(throwing: ApplicationPasswordUseCaseError.applicationPasswordsDisabled)
                     case .responseValidationFailed(reason: .unacceptableStatusCode(code: ErrorCode.duplicateNameErrorCode)):
                         continuation.resume(throwing: ApplicationPasswordUseCaseError.duplicateName)
+                    case .responseValidationFailed(reason: .unacceptableStatusCode(code: ErrorCode.unauthorized)):
+                        continuation.resume(throwing: ApplicationPasswordUseCaseError.unauthorizedRequest)
                     default:
                         continuation.resume(throwing: error)
                     }
@@ -209,6 +212,7 @@ private extension DefaultApplicationPasswordUseCase {
         static let notFound = 404
         static let applicationPasswordsDisabledErrorCode = 501
         static let duplicateNameErrorCode = 409
+        static let unauthorized = 401
     }
 
     enum Constants {

Networking/NetworkingTests/ApplicationPassword/DefaultApplicationPasswordUseCaseTests.swift

@@ -1,6 +1,6 @@
 import XCTest
 @testable import Networking
-
+import Alamofire
 
 /// DefaultApplicationPasswordUseCase Unit Tests
 ///
@@ -43,4 +43,50 @@ final class DefaultApplicationPasswordUseCaseTests: XCTestCase {
         XCTAssertEqual(password.password.secretValue, "passwordvalue")
         XCTAssertEqual(password.wpOrgUsername, username)
     }
+
+    func test_applicationPasswordsDisabled_error_is_thrown_if_generating_password_fails_with_501_error() async throws {
+        // Given
+        let error = AFError.responseValidationFailed(reason: .unacceptableStatusCode(code: 501))
+        network.simulateError(requestUrlSuffix: URLSuffix.generateApplicationPassword, error: error)
+        let username = "demo"
+        let siteAddress = "https://test.com"
+        let sut = try DefaultApplicationPasswordUseCase(username: username,
+                                                        password: "qeWOhQ5RUV8W",
+                                                        siteAddress: siteAddress,
+                                                        network: network)
+
+        // When
+        var failure: ApplicationPasswordUseCaseError?
+        do {
+            let _ = try await sut.generateNewPassword()
+        } catch {
+            failure = error as? ApplicationPasswordUseCaseError
+        }
+
+        // Then
+        XCTAssertTrue(failure == .applicationPasswordsDisabled)
+    }
+
+    func test_unauthorizedRequest_error_is_thrown_if_generating_password_fails_with_401_error() async throws {
+        // Given
+        let error = AFError.responseValidationFailed(reason: .unacceptableStatusCode(code: 401))
+        network.simulateError(requestUrlSuffix: URLSuffix.generateApplicationPassword, error: error)
+        let username = "demo"
+        let siteAddress = "https://test.com"
+        let sut = try DefaultApplicationPasswordUseCase(username: username,
+                                                        password: "qeWOhQ5RUV8W",
+                                                        siteAddress: siteAddress,
+                                                        network: network)
+
+        // When
+        var failure: ApplicationPasswordUseCaseError?
+        do {
+            let _ = try await sut.generateNewPassword()
+        } catch {
+            failure = error as? ApplicationPasswordUseCaseError
+        }
+
+        // Then
+        XCTAssertTrue(failure == .unauthorizedRequest)
+    }
 }

WooCommerce/Classes/Authentication/PostSiteCredentialLoginChecker.swift

@@ -52,6 +52,10 @@ private extension PostSiteCredentialLoginChecker {
                     let errorUI = applicationPasswordDisabledUI(for: siteURL)
                     navigationController.show(errorUI, sender: nil)
                 }
+            } catch ApplicationPasswordUseCaseError.unauthorizedRequest {
+                await MainActor.run {
+                    self.showAlert(message: Localization.invalidLoginOrAdminURL, in: navigationController)
+                }
             } catch {
                 // show generic error
                 await MainActor.run {
@@ -150,6 +154,12 @@ private extension PostSiteCredentialLoginChecker {
                 onRetry()
             }
             alert.addAction(retryAction)
+        } else {
+            let supportAction = UIAlertAction(title: Localization.contactSupport, style: .default) { _ in
+                navigationController.popViewController(animated: true)
+                ServiceLocator.authenticationManager.presentSupport(from: navigationController, sourceTag: .loginSiteAddress)
+            }
+            alert.addAction(supportAction)
         }
         let restartAction = UIAlertAction(title: Localization.restartLoginButton, style: .cancel) { [weak self] _ in
             self?.stores.deauthenticate()
@@ -186,6 +196,11 @@ private extension PostSiteCredentialLoginChecker {
             "Error checking for the WooCommerce plugin.",
             comment: "Error message displayed when the WooCommerce plugin detail cannot be fetched after authentication"
         )
+        static let invalidLoginOrAdminURL = NSLocalizedString(
+            "Application password cannot be generated due to a custom login or admin URL on your site.",
+            comment: "Message to display when the constructed admin or login URL for the logged-in site is not accessible"
+        )
+        static let contactSupport = NSLocalizedString("Contact Support", comment: "Button to contact support for login")
         static let retryButton = NSLocalizedString("Try Again", comment: "Button to refetch application password for the current site")
         static let restartLoginButton = NSLocalizedString("Log In With Another Account", comment: "Button to restart the login flow.")
     }

WooCommerce/WooCommerceTests/Authentication/PostSiteCredentialLoginCheckerTests.swift

@@ -183,7 +183,6 @@ final class PostSiteCredentialLoginCheckerTests: XCTestCase {
         stores.whenReceivingAction(ofType: WordPressSiteAction.self) { action in
             switch action {
             case .fetchSiteInfo(_, let completion):
-                let site = Site.fake().copy(isWooCommerceActive: false)
                 completion(.failure(NetworkError.timeout))
             }
         }